From: Todd C. Miller Date: Thu, 10 Feb 2005 05:16:03 +0000 (+0000) Subject: Replaced CHANGES file with ChangeLog generated from cvs logs X-Git-Tag: SUDO_1_7_0~709 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=8d74dc1def8b47a1e3b71db55c21f491a8cfe8b3;p=sudo Replaced CHANGES file with ChangeLog generated from cvs logs --- diff --git a/CHANGES b/CHANGES deleted file mode 100644 index 2246230a9..000000000 --- a/CHANGES +++ /dev/null @@ -1,1827 +0,0 @@ -CHANGES since sudo 1.2 - -01) sudo now works under hpux, aix, sunos, bsd43, ultrix, linux, osf and irix. - -02) Files w/o the executable bit will be ignored if they are in your PATH. - -03) If execv() fails, perror is called (which prints out an error based on - errno) and sudo exits with -1. - -04) Included in this shar should also be a version of getpass() derived from - the bsd net-2 source which works on bsd, ultrix, hpux, aix, and irix - at least. The latter three unixes have what i consider to be a broken - getpass() in that if /dev/tty can't be opened it doesn't just use stdin - like bsd getpass(). This means you cannot do: rsh host "sudo command" - and have it work if your ticket has expired. - -05) The Makefile has changed significantly. It now has defines for all - supported architectures. - -06) Changed MAXCOMMANDLENGTH from 48 bytes to MAXPATHLEN and included - sys/param.h where appropriate. - -07) Rewrote the code that expands links & paths. It now works correctly. - (rewrote find_path.c) - -08) Added a define NEED_STRDUP so we don't conflict with the system's strdup(3) - -09) Now does *not* pass LD_* environmental vars on to programs that get - exec'd. Also removes SHLIB_PATH for hpux and _RLD_* for dec osf. - -10) Now searches current dir last if '.' or '' are in PATH. Misses braindeath - like './' but if that's in your path you deserve all the trojans you get. - -11) Added in linux patches from drew + flex support. - -12) Added insults back in from original sudo(8) (define USE_INSULTS). - -13) visudo now uses EDITOR envar (from John_Rouillard@dl5000.bc.edu) - -14) you can now specify a dir containing commands that a sudoer can do. - (from John_Rouillard@dl5000.bc.edu) - -15) Ported to Solaris 2.x (based on a port of sudo 1.1 done by UnixOps). - -16) Took out setuid(0); setruid(uid); pairs that bracketed calls to - update_timestamp() since they are unnecessary and setruid() is - broken on systems without a setreuid(2) or setresuid(2) system call. - (Ie: AIX and Solaris 2.x). - -17) The bulk of sudo now runs with the caller's real uid. Grep for - be_root() to find the exceptions. - -CHANGES from sudo 1.3 - -18) Added SECURE_PATH as suggested by russells@ccu1.auckland.ac.nz. - -19) Reworked clean_envp() to modify environ (not envp) so we can use - execvp() safely. - -20) Now use execvp() instead of execve() so sudo /bin/kill works under - broken solaris. This also fixed sudo /etc/fastboot under stock - 4.3 BSD. Basically, this means that any executable shell script that - lacks a '#!/bin/sh' magic number will now work with sudo. Personally - I think that the broken scripts should be fixed rather than changing - sudo, but vendors will be broken. Sigh. - -21) Added USE_EXECV define so you can make sudo use execv() if you - want. Using execvp() shouldn't be a problem since it is always - handed a non-relative path that begins with '/' but some people - may not trust execvp(). - -22) Log file lines will no longer get truncated. Syslog entries that - would overrun the syslog(3) line limit are continued on another entry. - -23) When logging to a log file, long entries are indented to improve - readability. - -24) Whenever the umask is changed, it is changed back to what it was - before. - -25) Log file is written as mode 600 instead of 644 - -26) Umask that sudo runs with may now be specified. - -27) There is now a "configure" script. - -28) Sudo will use ultra fast crypt (ufc) if it finds it for systems w/o - a real crypt(3) (non-US ConvexOS/Secure for instance). - -29) _BSD_COMPAT is now defined for Irix. - -30) The global variable uid is now initialized to -2 because I'm paranoid. - -31) Native Solaris 2 port from Matthew.Stier@aisg.com - -32) Now use sysconf(2) instead of getdtablesize(2) if it is available - (see change #31). Because of the the getdtablesize() emulation for - hpux is no longer necessary. - -33) Now only do a getcwd(3) or getwd(3) once and do it as the real user. - Sudo should no longer complain that it can't get the cwd unless - there is a real problem. - -34) Changed some malloc'd globals of fixed length to be allocated from - the stack instead as there was no win in allocating them from the - heap. - -35) Fixed AIX STATIC_FLAGS as per the AIX faq. - -36) Added -V flag to sudo and visudo (for version) - -37) Now treat EACCESS like EPERM when doing stat(2) in find_path.c - -38) Added prototypes for sudo functions (via __P macro) - -39) configure now uses uname(1) if it exists - -40) gethostbyname(3) is now only called if you define FQDN. There's really - no reason to not trust gethostname(2) and this way if name service is - hosed sudo isn't... - -41) added -v (validate) flag to sudo to update a timestamp w/o running - a command - -42) now use tgetpass() (getpass with a timeout) - -43) find_path() now uses realpath(3) - -44) wrote versions of realpath(3) and getcwd(3) for those without - -45) wrote tgetpass()--a getpass() that times out via select(2) - -46) sudo now uses posix signals if available - -47) Finally added ConvexOS C2 security support from - "Peter A. Nikitser, Systems Software Support, QUT" - -48) You can now #undef MAILER if you don't run sendmail or the equivalent. - -49) AFS support from adamh@austin.ibm.com - -50) If you define BOTH_LOGS in sudo.h you can log both via syslog(3) *ans* - to a log file. - -51) Added ultrix /etc/auth (enhanced security) support. - -52) Sudo now will work with a 4.2BSD syslog (SunOS < 4 && ultrix). - Personally, I'd say you are better off logging to a file if - your syslog is this ancient. - -53) Changed realpath(3) to sudo_realpath() since we need to do the - chdir(2) with the invoking uid. sudo_realpath() should be - faster than vendor-supplied realpath(3)'s anyway... - -54) No longer create a static binary on AIX since it reportedly - causes problem on newer versions on AIX 3.x. - -55) If sudo_realpath cannot chdir() back to cwd sudo will print - and error and exit. Previously it would either fail silently - or print an incorrect error message. - -56) Moved code to send error mail to be after the log message. - From rouilj@cs.umb.edu. - -57) Added SUDO_USER and SUDO_UID envars. Suggested by John P. Rouillard - (. - -62) All .{c,lex,yacc} files now include both sys/types.h and unistd.h so - we are sure to get the typedef of uid_t. - -CHANGES from sudo 1.3.1 - -63) Added preliminary support for DEC OSF/1 protected passwords - (shadow passwords). - -CHANGES from sudo 1.3.1pl1 - -64) More support for DEC OSF/1 protected passwords (shadow passwords). - -CHANGES from sudo 1.3.1pl2 - -65) Fixed mail logging to include the username as it should have. - -66) Added hostname to log message in error mail. - -67) Added -l flag to sudo to list the allowed/forbidden commands. - Suggested by matthew@gateway.bsis.com (Matthew Stier) - -68) Fixed bison warnings for parse.yacc and visudo.yacc. - Pointed out by alfie@dcs.warwick.ac.uk (Nick Holloway). - -CHANGES from sudo 1.3.1pl3 - -69) Sudo will now exit with an error if the command to be run is > MAXPATHLEN. - -70) Test in configure for termios support was insufficient. It thought - Nextstep 3.2 had termios just because it as termios.h (need to link - with -posix for termios on NeXT's) - -CHANGES from sudo 1.3.1pl4 - -71) First stab at Skey support. - -72) Sudo now sets IFS to be SPACE, TAB, NEWLINE. - -73) Sudo now sets the real and effective gid to root's group - (based on passwd file). - -74) Sudo now checks that the sudoers file is owned by a certain user - and not readable or writable by anyone else. - (based on a suggestion by Joerg Schumacher ) - -75) Visudo now sets the owner on the new sudoers file based on #74 - -76) Sudo and visudo will now compile with byacc (Berkeley yacc). - -77) If the rename(2) of stmp -> sudoers fails /bin/mv is executed before - bailing. Based on code from Case Larsen . - -78) User-level configuration is now done in options.h. - -79) Moved all compatibility #defines to compat.h - -80) Incorporated new parsing code from Chris Jepeway . - This is much better than the previous parser. - -81) Rewrote visudo.c and tickled parse.yacc to work with it. Visudo - now gives you options if a parse error occurs rather than blindly - dumping you back in the editor. - -82) Took out all references to realpath since we are now checking based - in inode and device (with Chris' new parser). The upshot of this - is that path matches are done safely and the symlink problem has - gone away. - -83) Fixed bison warnings from new parse.yacc. - -84) Added a default case to parse.lex to error on unmatched tokens as Chris - suggested. - -85) Converted configure.in and acsite.m4 to autoconf 2.1. - -86) Added lsearch.c and search.h for os's w/o lsearch()/lfind(). - -87) Sudo now checks to see that the file it is executing is a regular file - (was just checking the execute bit so dirs slipped through). - Pointed out by Barb Dijker . - -88) Fixed a problem on HP-UX trusted systems with getpwuid() returning "*" - unless the real uid is 0. Reported by Brian Cunnie (cunnie@nyc.hp.com). - -89) configure now checks for size_t and ssize_t in unistd.h as well - as sys/types.h. - -90) configure now checks for egrep before actually using it. - -91) configure now checks for a working void implementation (ie: void * as - a generic pointer) and sets VOID to void or char accordingly. - -92) Added support for SunOS 4.x C2 security (shadow passwords) from - Kendall Libby (fubar@shore.net) - -93) Changed all occurrences of bzero() to memset() and bcopy() to - memmove(). - -94) Fixed a bug in sudo.c. If a user has no passwd entry sudo would - dump core (writing to a garbage pointer). Pointed out by - Stephen Schaefer . - -95) Worked around a bug in AIX's lex in parse.c. AIX lex doesn't seem - to handle {x,y} range notation correctly. Bleah. - -96) Sudo would not report a failed attempt if the user entered return - at the 2nd password: prompt so someone trying to guess a password - could just invoked sudo multiple times and try one passwd at a time. - Reported by Jonathan Adams . - -97) Added User_Alias facility. - -98) Rewrote most of the ip address / network support. Now works on all - systems sudo has currently been tested on. - -99) Sudo now sets SUDO_COMMAND and SUDO_GID envariables in addition to - SUDO_USER and SUDO_UID. - -100) Added changes to configure.in for UnixWare. - (from John Warburton ) - -101) Merged in changes for Interactive Unix and RISCos. - (from Andy Smith ) - -102) Added testsudoers (from Chris Jepeway ). - -103) Added fix for parse.yacc to avoid the kludge I was doing. - (from Chris Jepeway ) - -104) Now remove the IFS envar if set instead of setting it to a "safe" - value to avoid problems with make and others. - -105) Added FAST_MATCH option to check basenames of sudo command and - paths listed in sudoers file. If the basename doesn't match - then it is not a match. If the basename matches, then do - a stat to make sure it is a valid match. - -106) Now only stat(2) cmnd once in path_matches() (in parse.c). Sudo - was stating cmnd for *every* attempted match. Now the stat struct - is cached (ie: the var is a static). - -107) Signal handlers in visudo are now only installed after the stmp - file is opened. Previously, it was possible to erase an open - stmp file by sending visudo a signal within a small window. - -108) Added Goon Show insults from Russell Street . - -109) Broke out the insults into separate include files (insults.h - is the master and includes the appropriate one). - -110) Now use getwd() instead of getcwd() and provide emulation for - OS's w/o it. This was done since some OS's with getwd() - implement getcwd() via a pipe to pwd(1). By emulating getwd() - by calling getcwd() on OS's w/o getwd() we lose nothing since - the compiler should optimize away the extra function call. - -111) Added crypt() for DEC OSF/1 3.x enhanced security. - From "Richard L Jackson Jr" . - -112) Added an option to run the command in the background (-b) as - suggested by Jonathan Adams - -113) First stab at kerberos support. I'm not really sure it is - possible to do this in a sane manor. Sigh. - -114) Better kerberos support. Had to use setreuid(2) but falls - back on a kludge if that does not exist or is broken. - -115) Added -p (password prompt) support. - Suggested by "David W. Cooley" - -116) Added partial implementation of -l (list) flag. - This is probably as good as it will get until sudo:tng. - -117) Added anti-spoofing code to tighten up a race condition - where a user could run sudo some_link and then change - where the link pointed after the old link had been - validated but before the exec(). - -118) Now update timestamp file via utime() (and emulate via utimes() - if necessary) to eliminate a small race. Works with - both POSIX utime() as well as old utime() in BSD <= 4.3. - -119) Kerberos ticket file now lives in same dirs as sudo timestamp - files (to avoid trouncing on normal ticket file) and is removed - after validation. - -120) Now log tty user is on as well as pwd in sudo logs. - -CHANGES from sudo 1.3.2 BETA - -121) Fixed a bug in the anti-spoofing check. - -122) Fixed up ISC support so that it works and looks like non-streams - stuff in interfaces.c. - -123) Now deal correctly with ip implementations that has an sa_len - field in struct sockaddr. - -124) Check ownership and permissions on timestamp dir and ignore if - not owned by root and mode 0700. Problem pointed out by Larry Auton - and Navjot Singh . - -125) Ignore timestamp files with preposterous dates to keep people from - faking out sudo on OS's that allow you to give away files to root. - Problem pointed out by Larry Auton and - Navjot Singh . - -126) A timeout of 0 will now cause a password to be entered every - time. Based on a suggestion by Larry Auton - and Navjot Singh . - -CHANGES from sudo 1.3.3 BETA - -127) Cleaned up interfaces.c so that it is more readable. - -128) Added support for syslog()'s that don't guarantee delivery - of a message. HP-UX is the only known offender. - -129) No longer use memmove() since memcpy() does what we need and - configure doesn't always catch memmove() even when it is - there (may be a library problem). - -130) Updated man page to reflect two more security issues. - -131) Cleaned up shadow password support in check.c. It should now - be readable. - -132) Added SCO support. - -133) Added check to configure to find the max length of a uid_t - in characters. - -134) Removed uid2str() since we now know how big a uid_t/gid_t - can be. This elminates a few malloc()'s. - -135) Added support for multiple insult types. Based on code and - a suggestion from Dieter Dworkin Muller . - -136) Replaced clean_env() and rmenv() with a rewritten clean_env() - that should be a little faster. This also makes it easier to - add to the list of "dangerous" envariables. - -137) Added netgroup support. Netgroups must start with a leading - "+" to that sudo knows it is a netgroup. - -138) Split out sudoers file format into its own man page. - As suggested by Andy Smith . - -139) Updated testsudoers.c to grok netgroups. - -CHANGES from sudo 1.3.4 BETA - -140) Added SecurID support from Giles Todd . - -141) Added -s flag to start a root shell and -- to signify end of args. - -142) Sped up logging routines by replacing strncpy()'s with strcat()'s. - This is safe because we dyanically allocate logline to be big enough. - -143) Now support command line arguments in the sudoers file. - -144) Sped up the loading on command line arguments. This fixes the - "commands with large argc's take forever to run" bug. - -145) Expanded MAXCOMMANDLEN to 8K since we now have to deal with - command line arguments. Added bounds checking in fill() and - append() so we don't drop core. - XXX - 8k makes sudo *SLOW* - -146) Added support in the lexer for "termination characters" to be - escaped. Ie: you can now use [\,:=] in command line args - as long as you escape with a \. - -147) Testsudoers can now deal with commands that have arguments. - -148) If a file is not executable or not a regular file sudo will - now give the appropriate error message instead of just - "command not found" which is misleading. - -149) Fixed a bug where if FQDN is set, load_interfaces() was never - called. - -150) tty is now a global so it can be used in the ticket file - at a later date. - -151) Strings in the parser are now allocated dynamically. This results - in a large speedup as compared to a 1K array on the stack. I - have freed the strings in the parser where appropriate but that - may not catch all instances. Even so, the average sudo now - takes up less memory than the 1K array version. - -152) Fixed a bug in tgetpass() and configure that broke termio/termios - support for some OS's. - -153) Added cheapo implementation of tty-based timestamps. The correct - way is to have username be a directory with the tty tickets - inside. However, the current code does not take to that very - well, and it does not allow the two systems to coexist. Therefore, - instead of timestampdir/user/tty it is timestampdir/user.tty. - -154) Added support for building in other than the source directory. - Based on changes from "Simon J. Gerraty" - -155) options.h and pathnames.h are now included via angle brackets - (<>) so as to use the -I include path. This way, those using - a shadow build tree may have local copies of these headers - w/o clobbering the distribution ones. - -156) EXEMPTGROUP is now a string (group name) and user_is_exempt() - is now less of a hack. It uses getgrnam(EXEMPTGROUP) to - get a list of users in the exempted group. - -157) --prefix and --exe_prefix are now honored in the Makefile. - -158) Sudo will now behave reasonably in the case where the sudoers - file location is mounted via NFS and the client does not - have "root" NFS privs. - -159) _PATH_SUDO_SUDOERS, _PATH_SUDO_STMP, and SUDOERS_OWNER are - now set via the Makefile since that appears to be what - most people expect... - -160) Now include a pre-generated version of parse.lex since so many - versions of lex are brain damaged. If parse.lex is changed - a new lex.yy.c will be generated. The distribution copy is - sudo-lex.yy.c. - -161) Upgraded to GNU autoconf version 1.5. There are now even - *more* options. - -CHANGES from sudo 1.3.5 BETA - -162) Fixed S/Key support. - -163) Cleaned up shadow password support further by moving much of - it to getspwuid.c. - -164) First cut at DCE support. [needs work to be functional] - -165) New Digital UNIX C2 support based on code from - "Randy M. Hayman" - -166) S/key support now works with the generic bellcore s/key - as well as the s/key from Wietse Venema's logdaemon. - (Previously only worked with the logdaemon s/key). - As an added bonus the s/key challenge is now embedded - in the password prompt for a cleaner look. - -167) lsearch.c will now compile on a strict ANSI C compiler. - ANSI doesn't allow pointer arithmetic on a "void *" - but gcc does. - -168) Bought back latest HP-UX DCE support from Jeff Earickson - . - -169) configure now comletely groks $SUDO_LIBS and $VISUDO_LIBS. - Plain old $LIBS is no longer used. LDFLAGS has also been - split up into $SUDO_LDFLAGS and $VISUDO_LDFLAGS. - The reason for this is that sudo often needs extra libs - for alternate authentication schemes but visudo rarely does. - -170) The code to copy command arguments flaied for large values of - argc due to realloc() lossage. We now cheat and treat argv[] - as a flat string (since that's what it is) and use pointer - arithmetic to compute the length. Kind of sneaky but it - works (and is relatively fast). - -CHANGES from sudo 1.3.6 BETA - -171) Added support for UN*X groups in sudoers based on code from - Dougal Scott . - -172) interfaces.c should work on ISC UN*X again. - -173) All source files are <= 14 characters for old SYSV file systems. - -CHANGES from sudo 1.3.7 GAMMA - -174) Minor configure[.in] fixes. - -175) tgetpass.c now compiles on OS's that put the definition of - fd_set in - -CHANGES from sudo 1.4 - -176) Command args in sudoers are now stored in an argument vector - instead of a flat string to make wildcard matching simpler. - -177) Added NewArgv and NewArgc that describe the command to be - executed. The copy of args in cmnd_args is no longer necessary - and has been removed. - -178) Using strcmp(3) for argument matching in command_matches() - (was path_matches()) is no longer sufficient since we don't - have a flat string. compare_args() is used instead which - calls either strcmp(3) or wildmat(3l) depending on whether - there are shell-style meta chars (wildcards) present. - -179) Shell-style wildcard matches are now available in the sudoers - file. Matches are done via Rich $alz's wildmat(3). - This required the tweaks described in #176-178 as well as - other, more minor, changes. - -180) Commented out rule to build lex.yy.c from parse.lex since - we ship with a pre-flex'd parser and can't rely on file - dates being set correctly. - -181) Fixed visudo and testsudoers to deal with new argument - vector handling. - -182) A null string ("") as shell in passwd file (or $SHELL) is - now treated as the bourne shell. - -183) Converted *.man to pod format for easy conversion to man, - html, latex, and just plain text. Tried to make the - sudoers manual easier to read in the process. - -184) Updated sample.sudoers and sudoers.pod to include info - on wildcards. - -CHANGES from sudo 1.4.1 - -185) compat.h now defines _PASSWD_LEN based on PASS_MAX if it - is defined (from limits.h on SYSV). - -186) Both short and long hostnames may now be used in the sudoers - file if FQDN is defined. From patches submitted by - Michael Meskes . - -187) Now use skeylookup() instead of skeychallenge(). Hopefully - this will work around a problem some people have reported - on Solaris 2.5 with sudo and logdaemon 5.0's skey. - -188) Now uses /var/run to hold timestamp files if it exists. This - is more secure. - -189) configure now puts the timestamp dir in /var/run if it exists. - Sugestion by Michael Meskes . - -190) Both short and long hostnames now exist even if FQDN is not set. - This allows machines with fully qualified hostnames set via - hostname(1) to use them in the sudoers file. - -191) sudo was not honoring "." in $PATH due to a bug in find_path(). - -192) Added IGNORE_DOT_PATH option to ignore "." in $PATH. - -193) tgetpass() now uses raw read(2) and write(2) instead of stdio. - This should make it work on more OS's. Previously, it used - stdio (buffered) fgets(3) and fputs(3) with select(2) which - may not be legal. Also got rid of the nasty goto's and - generally simplified the code. - -194) Parser now supports hostnames like UPPERCASE.foo.com. Previously, - `UPPERCASE' was interpreted as an Alias. This means that - the `fqdn' stuff has been moved to the lexer (FQHOST is used - to avoid collision with FQDN option). - -195) Reworked --with-FOO in configure.in to support --without-FOO. - Made shadow passwords the default for appropriate OS's. They - can be turned off with --without-C2. - -196) Added NO_PASSWD option for those who don't want to be bothered - by a password prompt from sudo. This is really just a hack. - -197) Added support for double quotes to mean "treat these words as one - argument". This is similar to what most shells do. - -198) Added mkinstalldirs to make install destination dirs if - they do not already exist. - -CHANGES from sudo 1.4.2 - -199) Added support for --with-CC (which C compiler to use). - -200) Added support for NOPASSWD token and running commands a - specified users (sudo -u) from Keith Garry Boyce - - -201) Only link with -lshadow for Linux if libc lacks getspnam(). Problem - pointed out by Michael Meskes . - -202) Replaced SUDOERS_OWNER with SUDOERS_UID and SUDOERS_GID. Added - SUDOERS_MODE and changed the default to 0440 (from 0400). - It is now possible to NFS-mount sudoers without doing anything fancy. - -202) If a runas list is specified, a user may only run commands as - "root" if "root" is a member of the runas list. The old behavior - was to always allow commands to be run as root, even if a runas - list was specified. Now you can give someone "sudo -u operator" - and not have the equivalent of "sudo -u root" as well. - -203) Added "USER=%s" to logging functions. - -204) configure will now add -lPW to (VI)?SUDO_LIBS if using bison - or DCE and alloca(3) is not in libc (or provided by gcc) but - is in libPW.a. - -205) sudo would give an incorrect error message if the sudoers file - didn't exist due to close() stomping errno if the open() failed. - -206) Fixed "shell" mode (sudo -s). When building NewArgv sudo was - not allocating space for the NULL. - -207) Added support for wildcards in the pathname. Ie: /bin/*. - -208) 'command ""' in sudoers now means no args allowed. - -209) Added command line args to SUDO_COMMAND envariable. - -210) HP-UX 10.x with C2 now uses bigcrypt(). - Changes from david_dill@Merck.Com (David Dill). - -211) lsearch.c will now compile w/o compiler warnings. - (Updated from NetBSD lsearch.c) - -212) Now uses POSIX fnmatch(3) (which uses ! instead of ^ in ranges) - -CHANGES from sudo 1.4.3 - -213) Now allows network/netmask in sudoers to override per-interface - netmask. - -214) Fixed -u support with multiple user lists on a line. - -215) Fixed a core dump problem when built with -DSHELL_IF_NO_ARGS. - -216) Fixed 2 typos in parse.yacc and removed some unnecessary if's. - -217) Now always use install-sh since SunOS install can't do uid/gid's. - Other BSD installs are probably similarly afflicted. - -218) Fixed NFS-mounted sudoers file under solaris both uid *and* gid - were being set to -2. Now set uid to 1 to avoid group being - remapped. - -219) Now includes alloca.c (from gcc) for those w/o it. Linking - against -lPW breaks visudo on HP-UX and probably others. - -220) Added --with-libpath, --with-libraries, --with-incpath options - to configure. - -221) configure now uses shicc instead of gcc on BSD/OS >= 2.0 to - generate binaries linked with shared libs. - -222) The parser was setting no_passwd even if there wasn't a - runas match. I reordered some things in parse.yacc - to fix this. - -223) `sudo -v' (validate) wasn't paying attention to NOPASSWD. - Now it does. - -224) testsudoers now groks "-u user". - -225) Updated AFS support based on what tcsh 6.06 does. - -226) Fixed a typo/thinko that broke BSD > 4.3reno wrt interfaces.c. - -227) HPUX 10.X shadow password stuff now uses SecureWare routines. - -228) SecureWare passwd checking now uses bigcrypt() if available. - Now uses AUTH_MAX_PASSWD_LENGTH if defined. - -229) configure now makes sure you don't have a config.cache file - from another OS. - -230) Added better shadow password detection. - BSD >= 4.3reno -> /etc/master.passwd - hpux9: getspwnam() -> /.secure/etc/passwd - hpux10: getspnam() or getprpwnam() -> /tcb/files/auth/*/* (link with -lsec) - SVR4: getspnam() -> /etc/shadow - solaris: getspnam() -> /etc/shadow - irix[56].x: getspnam() -> /etc/shadow - sunos 4.x: getpwanam() -> /etc/security/passwd.adjunct - DUNIX: getprpwnam() -> /tcb/files/auth/*/* (link with -lsecurity) - SecureWare: getprpwnam() -> /tcb/files/auth/*/* - ultrix 4.x: getauthuid() -> /etc/auth.{pag,dir} - -231) '(' in command args no longer are a syntax error. - -232) '!command' now works in the presence of a runas or NOPASSWD token. - Simplified parse rules wrt runas and NOPASSWD (more consistent). - -233) Command args and now compared as a flat string again. This makes - wildcard matches more consistent. - -234) DUNIX C2 support now groks AUTH_CRYPT_OLDCRYPT and AUTH_CRYPT_C1CRYPT. - -235) configure now uses config.{sub,guess} to guess OS type. - Sudo should work out of the box on more OS's now. - -236) Got rid of HAVE_C2_SECURITY, now just use SHADOW_TYPE. - -237) Fixed race in tgetpass() where echo can be turned off and - left off if sudo is used in a pipeline and a password is - required. - -CHANGES from sudo 1.4.4 - -238) `sudo -l' output now includes runas and NOPASSWD info and - asks for a password unless NOPASSWD for ALL is set. - -239) Sudo can now deal with all-caps user and host names. - -240) Sudo will now remove the "ENV" and "BASH_ENV" envariables. - From Michael Meskes . - -241) `sudo -l' will now expand Cmnd_Alias's (could be prettier). - -242) `sudo -s' will now set $HOME to root's homedir (or that of - the user specified -u) so dot files get sourced. - -CHANGES from sudo 1.4.5 - -243) $HOME was always being set, not just with `-s'. - -244) In visudo, the owner and group of the sudoers file were - being set too early; an editor could change them and change - the owner/group of the resulting sudoers file. - -CHANGES from sudo 1.5 - -245) Added SHELL_SETS_HOME option. - -246) Added NO_MESSAGE option. - -247) Added %u and %h escapes in PASSPROMPT to expand to user's name - and host. - -248) Added "SUDO_PROMPT" envariable. - -249) Usernames may now begin with a digit. Gross, but people do it. - -Sudo 1.5.1 released. - -250) Added `opie' support. - -251) Added check to make sure fnmatch() really works. - -252) Now use the prompt S/Key gives us instead of rolling our own. - -253) Added -H flag from Danny Barron . - -254) Add SUDO_PS1 envariable support. - -255) Attempt at sequent support. - -Sudo 1.5.2 released. - -256) visudo acts sanely when there is no sudoers file. - -257) Added Runas_Alias support. - -258) Sudo will now work with SUDOERS_MODE == 400 and SUDO_UID = 0. - -259) Alias's in a runas list are now expanded. - -260) Fixed bug with > 32 saved aliases. Reported by BHH@capgroup.com. - -261) Code that uses sprintf() is now more paranoid about buffer - overflows. - -262) Whitespace is now allowed after a line continuation character before - a newline in sudoers. - -263) %h in MAILSUBJECT expands to local hostname. - -Sudo 1.5.3 released. - -264) Don't pass getdtablesize() as first arg to select(2). No need - to do this since we only select on one fd--use (fd+1) as nfds - and the old way caused problems on some systems (arguably - a bug in those OS's). From Marc Slemko marcs@znep.com. - -265) Fixed coredump when passwd file is missing or unavailable. - Reported by Jason Downs and - Klee Dienes (via a Debian Linux bug report). - -266) Fixed bug wrt exclusion lists and relative pathnames. - Reported by osiris@COURIER.CB.LUCENT.COM. - -267) exit(1) if user doesn't enter a passwd. - Noted by Alex Parchkov . - -Sudo 1.5.4 released. - -268) Newer versions of Irix use _RLDN32_* envariables for 32-bit binaries - so ignore _RLD* instead of _RLD_*. From tarrall@bamboo.Colorado.EDU. - -269) Only open sudoers file once as opposed to once for sanity checks and - once for the parser. Also try to open ten times if we get EAGAIN. - -Sudo 1.5.5 released. - -270) Initialize group vector if we are becoming a user other than root. - For root, it is often more useful to hang on to our existing group - vector. - -271) Fix usage of select(2) to deal correctly with a high-numbered fd. - -272) Fixed a bug where sudo sometime didn't give the user a chance to - enter a password at the prompt. - -273) Use a dynamically sized buffer when reading ether interfaces. - -274) Fixed configure problems with identification of HP-UX > 10.x and - with cc being identified as a cross compiler on some platforms. - -275) Fixed a problem with HP-UX 10.x and alloca. Bison does not - include alloca.h on HP-UX 10.x even though it uses alloca() - (and thus needs the #define of alloca(x) to __builtin_alloca(x)). - To fix this we include alloca.h ourselves if using bison and not gcc. - -276) Included support for the AIX 4.x authenticate() function from - Matt Richards . - -277) Fixed an off by one error in the parser. Found by - Piete Brooks - -278) Change NewArgv size computation to work on UNICOS. - From Mike Kienenberger - -279) Added --with-logfile and --with-timedir configure options. - -280) Use getcwd(3), not getwd(3) to avoid possible buffer overflow. - Use BSD getcwd(3) if system lacks one or is SunOS 4.x. - -281) Fix 'fprintf' argument mismatches in 'visudo.c'. - From ariel@oz.engr.sgi.com (Ariel Faigon) - -282) Use waitpid or wait3 to reap children in logging.c. - Pointed out by Theo de Raadt - -283) Sudo should prompt for a password before telling the user that - a command could not be found. Noted by rhodie@NAC.NET. - -284) Fix OTP_ONLY for opie; "Deven T. Corzine" . - -285) Include pre-yacc'd parse.yacc as sudo.tab.[ch] since more and - more vendors are charging for yacc (bad vendor, no cookie). - -286) Use MAX*, not MAX*+1 - -287) Add support for Hitachi SR2201, from b-edgington@hpcc.hitachi-eu.co.uk - -288) Added RUNAS_DEFAULT option to allow one to compile sudo with a - default runas user other than root. - -289) Add options to log the hostname in the file-based log and to not - do word wrap in file-based log. From Theo Van Dinter - -290) RedHat Linux pam support, from Gary Calvin . - pam.sudo goes in /etc/pam.d/sudo on RedHat 5.0 and above. - -291) With sudo -s, set command the full path of the shell, not the basename. - Noted by Peter W. Osel - -Sudo 1.5.6 released. - -292) Pam auth now runs as root; necessary for shadow passwords. - -293) Shadow password support is now compiled in by default. You can disable - it via --disable-shadow. - -294) We now remove a timestamp file with a bogus date when it is detected. - From Steve Fobes . - -295) In tgetpass(), restart select if it is interrupted. This really fixes a - problem where a user sometimes is not given a change to enter a password. - -296) All options have moved from options.h -> configure. - -297) visudo is now installed in /usr/local/sbin where it belongs. - -298) Lots of configure changes. Instead of checking for the existence - of -lsocket, -lnsl, or -linet, we instead check them for the - functions we need only if they are not already in libc. - -299) Added DUNIX SIA (Security Integration Architecture) support from - Spider Boardman . - -300) Added test for broken Digital UNIX 4.0 prot.h. - -301) Better support for C2 security on Digital UNIX. - -302) Hacked autoconf so that you have have single quotes in - --with-passprompt. - -303) For SecureWare-style shadow passwords use getprpwnam() instead - of getprpwuid() since getprpwuid is broken in HP-UX 10.20 at - least (it sleeps for 2 minutes if the shadow files don't exist). - -304) We can't really trust UID_MAX or MAXUID since they may only exist for - backwards compatibility; spider-both@Orb.Nashua.NH.US - -305) Make %groups work as RunAs specifiers; Ray Bellis . - -306) Set USER environment variable to target user. - Suggested by Ray Bellis . - -307) Go back to printing "command not found" unless --disable-path-info - specified. Also, tell user when we ignore '.' in their path and it - would have been used but for --with-ignore-dot. - -308) When using tty tickets make it user:tty not user.tty as a username - could have a '.' in it. - -309) Define BSD_COMP for svr4 to get BSD ioctl defs. Also, if we have - sys/sockio.h but SIOCGIFCONF is not defined by including sys/ioctl.h - include sys/sockio.h directly. - -310) Fixed a bug that could cause "sudo -l" to segfault or complain - about non-existent syntax errors. - -Sudo 1.5.7 released. - -311) Fixed square bracket quoting in configure and moved check for -lnsl - to be before -lsocket. - -312) In load_interfaces(), close sock after bwe are done with it. Leak - noticed by Mike Kienenberger . - -313) Missing pieces from change #308; from Mike Kienenberger. - -314) Real Kerberos 5 support from Frank Cusack . - -315) FWTK 'authsrv' support from Kevin Kadow . - -316) Fixed handling and documentation of -with-umask. - -317) If the check for socket() or inet_addr() fails, retry, this time - linking with both -lsocket and -lnsl for those systems that - have interlibrary dependencies. - -Sudo 1.5.8 released. - -318) Add dirfd() macro for systems without it. - -319) Better check for socket() in -lsocket -lnsl in configure. - -320) Minor configure fixes. - -Sudo 1.5.8p1 released. - -321) Fixed a bug wrt quoting characters in command args. - -322) Make --without-sendmail work. - -Sudo 1.5.8p2 released. - -323) Fixed a segv if HOST_IN_LOG defined and gethostbyname() fails. - Reported by Gero Treuner . - -324) Fixed a parse bug wrt the ! operator and runas specs. Noted by - David A Beck . - -325) Use new emalloc/erealloc/estrdup functions (catch errors and exit). - -326) New PAM code that should work on both Solaris and Linux. - -327) Make sudo's usage info better when mutually exclusive args are given - and don't rely on argument order to detect this. From Nick Andrew. - -328) In visudo, shift return value of system() by 8 to get the real exit value. - -Sudo 1.5.9 released. - -329) The runas user and NOPASSWD tags are now persistent across entries - in a command list (ie: cmnd1,cmnd2,cmnd3). A PASSWD tag has been - added to reverse NOPASSWD. The runas user and *PASSWD tags can be - overridden on a per-command basis at which point they become the - new default for the rest of the list. - -330) It is now possible to use the '!' operator in a runas list as - well as in a Cmnd_Alias, Host_Alias and User_Alias. - -331) In estrdup(), do the malloc ourselves so we don't need to rely on the - system strdup(3) which may or may not exist. There is now no need to - provide strdup() for those w/o it. - -332) You can now specify a host list instead of just a host or alias - in a privilege list. Ie: user=host1,host2,ALIAS,!host3 /bin/ls - -333) Stash the "safe" path to the command instead of stashing the struct - stat. Should be safer. - -334) Now set $LOGNAME in addition to $USER. - -335) No longer use stdio in tgetpass() - -336) Don't use _PASSWD_LEN or PASS_MAX as we can't rely on them corresponding - to anything real. Instead, we just use a max password size of 256 - everywhere. - -337) Block keyboard-generated signals during startup and restore signal - mask before exec'ing the program. We don't want the user to be - able to simply kill us and avoid logging. - -338) Rewrote timestamp handling. For the default case, a directory is used - instead of a file. For the tty-based case, the timestamp is just a - file in that directory (eg. /var/run/sudo/username/tty). You now only - get the lecture once, even in the tty case. The goal here is to allow - the tty and non-tty schemes to coexist, though it is worth noting that - when you update a tty file, the mtime of the dir gets updated too. - -339) The meaning of -k has changed to mean "invalidate the timestamp". - There is a new -K option to really remove the timestamp file/dir. - -340) New modular authentication API. This fixes the rat's nest of - #ifdefs that was the old auth code. - -341) New logging functions. log_error() now takes a variable number of - args ala printf() and log_auth() reacts to the return value of validate(). - -342) If a user is not in the sudoers file they are still asked for a password. - This keeps someone who finds a user logged in to a terminal from being - able to tell whether or not the user is allowed to use sudo. - -343) New PAM code again, this time it should be correct. - -344) tgetpass() now has a flag to specify whether or not to turn - off echo while reading the password. Used by the new PAM and - fwtk code. - -345) Fixed shadow password dectection on SCO. - -346) Sudo is now available under a BSD/Apache style license. This is - possible because it no longer contains any of the original 1.1 code. - -347) Added configuration info when sudo is run with the -V flag by root. - -348) Change visudo tmp file from /etc/stmp -> /etc/sudoers.tmp since - Solaris uses stmp for shadow temp file. Also rename _PATH_SUDO_SUDOERS - to _PATH_SUDOERS and _PATH_SUDO_STMP to _PATH_SUDOERS_TMP. - -349) Added configure option to set syslog priorities. - -350) Sudo now locks its log file to prevent mangled entries. - -351) Visudo now locks the sudoers temp file instead of bailing when - the temp file already exists. This fixes the problem of stale - temp files but it does *require* that you not try to put the - temp file in a world-writable directory. This shoud not be - an issue as the temp file should live in the same dir as sudoers. - -352) Fixed crypt() check in libufc. - -353) It is now possible to put a list of users as the first thing in a - user specification. I don't suggest this but it makes the grammar - more uniform. - -354) Visudo will now warn about what it thinks are undefined aliases. - Since it can't be 100% sure these are just warnings, not errors. - -355) Add a --without-passwd option to configure that turns off - passwd/shadow file authentication. Only usable with an alternate - authentication scheme. - -356) Add a --disable-authentication option to configure that causes sudo - to not require authentication by default. The PASSWD tag can be - used to require authentication for an entry. - -357) Add a --with-devel option to add -Wall and uncomment yacc/lex - generation in Makefile. - -358) Zero out plaintext password after use (should do encrypted as well). - -359) Added real dependencies in Makefile. - -360) Deprecated --with-otp-only in favor of --without-passwd. - -361) Add --with-mail-if-no-host to send mail if a user tries to run sudo on - a host for which he/she is not authorized. - -362) Most of sudo now runs as root instead of the invoking user to - minimize the possibility of user control via signals or tracing. - -363) Now Support CIDR-style netmasks (ie: 128.138.0.0/16). - -364) In "sudo -l" mode, the type of the stored (expanded) alias was not - stored with the contents. This could lead to incorrect output - if the sudoers file had different alias types with the same name. - Normal parsing (ie: not in '-l' mode) is unaffected. - -365) Now include strcasecmp() for those without it. - -366) Most compile-time options are now changable at runtime via - the 'Defaults' specification in the sudoers file. - -367) Added a -L flag to printout all the possible 'Defaults' parameters. - -368) It is now possible to escape "special" characters in usernames, hostnames, - etc with a backslash. - -369) Sudo will now accept a hostname/username/netgroupname that contains - almost any character in it. It seems many people want to use '.' - and other non-alphanumerics in usernames. - -370) Fixed the root_sudo option. Sudo was always complaining that root - was not allowed to run sudo if the root_sudo flag was turned off. - -371) tgetpass() now uses a function to read up until the end of line. - Fixes problems in a pipeline when a program sets the tty mode - to be character at a time. - -372) sudo now turns off core dumps via setrlimit (probably paranoia). - -Sudo 1.6 released. - -373) Better diagnostics on PAM failure. - -374) Killed shell_noargs option, it cannot work since the command needs to - be set before sudoers is parsed. - -375) Fixed the following Defaults options: set_home, fqdn, syslog, tty_tickets, - ticket_dir, insults. - -376) When using select() in tgetpass(), do a separate select before - each read to be sure we can timeout correctly. - -377) SecurID support compiles and works again. - -378) Fixed a bug parsing runas modifiers. If a user spec contained multiple - runas specs, the latter ones may not be applied. - -379) #uid now works in a RunasAlias - -380) Don't ask the user for a password if the user is not allowed to run - the command and the authenticate flag (in sudoers) is false. - -381) Added configure check for initgroups(3). - -382) Use our own fnmatch() if there is no fnmatch.h, even if there is an - fnmatch() in libc. - -Sudo 1.6.1 released. - -383) Better behavior for -l and -v flags in conjunction with NOPASSWD and - added "verifypw" and "listpw" options. - -384) For HP-UX with cc, add the -Aa flag along with -D_HPUX_SOURCE. - -385) Fix compilation with K&R compilers. - -386) For netgroup host matching, match against the short version of the - hostname as well as the long one if they are different. - -387) Terminate passwd reading on '\r' in addition to '\n' - -388) Visudo used to loop endlessly if a user entered ^D at the whatnow - prompt. EOF is now treaded as 'x' (exit w/o saving changes). - -389) The 'shell_noargs' runtime option is back based on a patch from - bguillory@email.com. - -390) Systems that return RLIM_INFINITY for RLIMIT_NOFILE (like AIX) - would loop for a very loing time during sudo startup. A value of - RLIM_INFINITY is now ignored (getdtablesize/sysconf is used instead). - -391) Locking in visudo was broken. We now lock the sudoers file, not the - sudoers temp file, which should be safe. - -392) PAM fixups: custom prompts now work correctly and errors are - dealt with more sanely. Patches from Cloyce D. Spradling. - -Sudo 1.6.2 released. - -393) Users in the 'exempt' group shouldn't get their $PATH overridden - by 'secure-path'. Patch from jmknoble@pobox.com. - -394) Pam now works on HP-UX 11.0, thanks to Jeff A. Earickson. - -395) Fixed a bug that caused an infinite loop when the password - timeout was disabled. - -396) It is now possible to set the path to the editor for visudo as well - as the flag that determines whether or not visudo will look at - $EDITOR in the sudoers file. - -397) configure now pulls in the values of LIBS, LDFLAGS, CPPFLAGS, etc - as the documentation says it ought to. - -398) Added rootpw, runaspw, and targetpw to prompt for the root, runas_default - and target user's passwords respectively (instead of the invoking user's - password). - -399) Added -S flag to force password read from stdin. - -400) Restore coredumpsize resource limit before exec'ing the child - process (sudo sets it to 0 internally). - -401) Truncate unencrypted password to 8 chars if encrypted password is exactly - 13 characters (indicateing standard a DES password). Many versions - of crypt() do this for you, but not all (like HP-UX's). - -402) Fixed a typo/thinko that broke secureware support for long passwords. - -403) Added a new command line switch '-c' to support BSD login classes. - The '-c' option can be used to sudo a command with specific resource - limits in the login.conf database. This feature is optionally enabled - via the --with-logincap configure switch. Based on a patch from - Michael D. Marchionna. - -404) Fixed a bug where sudo would hang around and consume CPU if we spawn - a long-running process. - -405) Deal with HP-UX password aging info tacked on to the end of the - encrypted password. - -406) Added set_logname run-time option. When unset, sudo will not set - the USER and LOGNAME environment variables. - -407) Wildcards are now allowed in the hostnames specified in sudoers. - The 'fqdn' option is often required for this to be useful. - -408) Fixed a bug where host and user qualifiers in a Defaults entry were - not being used correctly and the entry was being applied globally. - -Sudo 1.6.3 released. - -409) Fixed targetpw, rootpw, and runaspw options when used with non-passwd - authentication (pam, etc). - -Sudo 1.6.3p1 released. - -410) When the targetpw flag is set, use the target username as part - of the timestamp path. - -Sudo 1.6.3p2 released. - -411) Fixed a bug that prevented the -H option from being useful. - -Sudo 1.6.3p3 released. - -412) Fixed a case where a string was used after it had been freed. - -Sudo 1.6.3p4 released. - -413) Fixed listpw and verifypw sudoers options. - -414) Do not write NUL when writing passwd prompt; hag@linnaean.org. - -Sudo 1.6.3p5 released. - -415) Fix word splitting bug that caused a segv for very long command line args. - -Sudo 1.6.3p6 released. - -416) Fix negation of path-type Defaults entries in a boolean context. - -Sudo 1.6.3p7 released. - -417) Visudo now checks for the existence of an editor and gives a sensible - error if it does not exist. - -418) The path to the editor for visudo is now a colon-separated list of - allowable editors. If the user has $EDITOR set and it matches - one of the allowed editors that editor will be used. If not, - the first editor that actually exists is used. - -419) Visudo now does its own fork/exec instead of calling system(3). - -420) Allow special characters (including '#') to be embedded in pathnames - if quoted by a '\\'. The quoted chars will be dealt with by fnmatch(). - Unfortunately, 'sudo -l' still prints the '\\'. - -421) Added the always_set_home option. - -422) Strip NLSPATH and PATH_LOCALE out from the environment to prevent - reading of protected files by a less privileged user. - -423) Added support for BSD authentication and associated -a flag. - -424) Added check for _innetgr(3) since NCR systems have this instead - of innetgr(3). - -425) Added stay_setuid option for systems that have libraries that perform - extra paranoia checks in system libraries for setuid programs. - -426) Environment munging is now done by hand. The environment is zeroed - upon sudo startup and a new environment is built before the command - is executed. This means we don't rely on getenv(3), putenv(3), - or setenv(3). - -427) Added a class of environment variables that are only cleared if they - contain '/' or '%' characters. - -428) Use stashed user_gid when checking against exempt gid since sudo - sets its gid to SUDOERS_GID, making getgid() return that, not the - real gid. Fixes problem with setting exempt group == SUDOERS_GID. - Fix from Paul Kranenburg. - -429) Fixed file locking in visudo on NeXT which has a broken lockf(). - Patch from twetzel@gwdg.de. - -430) Regenerated configure script with autoconf-2.52 (required some - tweaking of configure.in and friends). - -431) Added mail_badpass option to send mail when the user does not - authenticate successfully. - -432) Added env_reset Defaults option to reset the environment to - a clean slate. Also implemented env_keep Defaults option - to specify variables to be preserved when resetting the - environment. - -433) Added env_check and env_delete Defaults options to allow the admin - to modify the built-in list of environment variables to remove. - -434) If timestamp_timeout < 0 then the timestamp never expires. This - allows users to manage their own timestamps and create or delete - them via 'sudo -v' and 'sudo -k' respectively. - -435) Authentication routines that use sudo's tgetpass() now accept - ^C or ^Z at the password prompt and sudo will act appropriately. - -436) Added a check-only mode to visudo to check an existing sudoers - file for sanity. - -437) Visudo can now edit an alternate sudoers file. - -438) If sudo is configured with S/Key support and the system has - skeyaccess(3) use that to determine whether or not to allow - a normal Unix password or just S/Key. - -439) Fixed CIDR handling in sudoers. - -440) Fixed a segv if the local hostname is not resolvable and - the 'fqdn' option is set. - -441) "listpw=never" was not having an effect for users who did not - appear in sudoers--now it does. - -442) The --without-sendmail option now works on systems with - a /usr/include/paths.h file that defines _PATH_SENDMAIL. - -443) Removed the "secure_path" Defaults option as it does not work and - cannot work until the parser is overhauled. - -444) Added new -P flag and "preserve_groups" sudoers option to cause - sudo to preserve the group vector instead of setting it to that - of the target user. Previously, if the target user was root - the group vector was not changed. Now it is always changed unless - the -P flag or "preserve_groups" option was given. - -445) If find_path() fails as root, try again as the invoking user (useful - for NFS). Idea from Chip Capelik. - -446) Use setpwent()/endpwent() and its shadow equivalents to be sure - the passwd/shadow file gets closed. - -447) Use getifaddrs(3) to get the list of network interfaces if it is - available. - -448) Dump list of local IP addresses and environment variables to clear - when 'sudo -V' is run as root. - -449) Reorganized the lexer a bit and added more states. Sudo now does a - better job of parsing command arguments in the sudoers file. - -450) Wrap each call to syslog() with openlog()/closelog() since some - things (such as PAM) may call closelog(3) behind sudo's back. - -451) The LOGNAME and USER environment variables are now set if the user - specified a target uid and that uid exists in the password database. - -452) configure will no longer add the -g flag to CFLAGS by default. - -453) Now call pam_setcreds() to setup creds for the target user when - PAM is in use. On Linux this often sets resource limits. - -454) If "make install" is run by non-root and the destination dir - is writable, install things normally but don't set owner and mode. - -455) The Makefile now supports installing in a shadow hierarchy - specified via the DESTDIR variable. - -456) config.h.in is now generated by autoheader. - -Sudo 1.6.4 released. - -457) Move the call to rebuild_env() until after MODE_RESET_HOME is set. - Otherwise, the set_home option has no effect. - -458) Fix use of freed memory when the "fqdn" flag is set. This was - introduced by the fix for the "segv when gethostbynam() fails" bug. - -459) Add 'continue' statements to optimize the switch statement. - From Solar Designer. - -Sudo 1.6.4p1 released. - -460) Some special characters were not being escaped properly (e.g. '\,') - in command line arguments and would cause a syntax error instead. - -461) "sudo -l" would not work if the always_set_home option was set. - -462) Added a configure option to disable use of POSIX saved IDs for - operating systems where these are broken. - -463) The SHELL environment variable was preserved from the user's environment - instead of being reset based on the passwd database even when the - "env_reset" option was set. - -Sudo 1.6.4p2 released. - -464) Added a configure option to cause mail sent by sudo to be run as - the invoking user instead of root. Some people consider this to - be safer. - -465) If the mailer is being run as root, use a hard-coded environment - that is not influenced in any way by the invoking user's environment. - -466) Fixed the call to skeyaccess(). Patch from Phillip E. Lobbes. - -Sudo 1.6.5 released. - -467) Visudo could access memory that was already freed. - -468) If the skey.access file denied use of plaintext passwords sudo - would exit instead of allowing the user to enter an S/Key. - -Sudo 1.6.5p1 released. - -469) Older versions of BSDi have getifaddrs() but no freeifaddrs(). - -470) BSDi has a fake setreuid() as do certain versions of FreeBSD and NetBSD. - -471) Ignore the return value of pam_setcred(). In Linux-PAM 0.75, - pam_setcred() will return PAM_PERM_DENIED even if the setcred function - of the module succeeds when pam_authenticate() has not been called. - -472) Avoid giving PAM a NULL password response, use the empty string instead. - This avoids a log warning when the user hits ^C at the password prompt - when Linux-PAM is in use. This also prevents older versions of - Linux-PAM from dereferencing the NULL pointer. - -473) The user's password was not zeroed after use when AIX authentication, - BSD authentication, FWTK or PAM was in use. - -Sudo 1.6.5p2 released. - -474) Fixed compilation problem on HP-UX 9.x. - -475) Moved call to endpwent() and added a call to endgrent(). - -476) Fixed a warning conflicting declaration of VOID with AFS. - -477) Fixed a security hole in prompt rewriting found by Global InterSec. - -Sudo 1.6.6 released. - -478) Wildcards now work correctly in the env_keep Defaults directive. - -479) Added support for non-root timestamp dirs. This allows the timestamp - dir to be shared via NFS (though this is not recommended). - -480) Removed double printing of bad environment variable table in -V mode. - -481) configure script has been regenerated with autoconf 2.5.7. - This required some changes to configure.in. - -482) Fixed a compilation problem on SunOS; thanks to Alek O. Komarnitsky. - -483) SecurID 5.0 API support from Michael Stroucken. - -484) Restore state of signal handlers to what we had upon startup. - Fixes a problem when using sudo with nohup; thanks to Paul Markham. - -485) Revamp set_perms() to use setresuid() or setreuid() when available - in preference to POSIX stuff since they allow us to properly - implement "stay_setuid" whereas POSIX does not really. - -486) In strict mode sudo did not throw an error for undefined User_Aliases. - -487) Fixed a Makefile bug on IRIX. - -488) Write the prompt *after* turning off echo to avoid some password - characters being echoed on heavily-loaded machines with fast typists. - -489) Added %U and %H escapes in the prompt and fixed treatment of %%. - -490) Visudo will now add a final newline to sudoers if the user's editor - not add one before EOF. - -491) The lexer state is now reset to its initial value on EOF. - Previously, the state was not reset between parser invocations - which could cause problems for visudo in rare cases. - -492) Added support for Defaults that apply based on the RunasUser. - -493) Sudo now includes copies of strlc{at,py} and uses them throughout. - -494) Sudo is now careful to avoid interger overflow when allocating - memory. This is one of those "should not happen" situations. - -495) Added a configure option (--with-stow) to make sudo compatible - with GNU stow. - -496) auth/kerb5.c now compiles under Heimdal. - -497) The volatile prefix is used in the hopes of preventing compilers - from optimizing away memory zeroing. Unfortunately, this results - in some warnings from gcc. - -498) Better Kerberos IV/V support in the configure script. - -499) Fixed a logic thinko in the SIGCHLD handler that caused problems - with rlogin on HP-UX. - -500) configure now adds -R to LDFLAGS when it adds -L for Solaris and - SVR4. There is a configure option, --with-rpath, to control this. - -501) On AIX, configure will pass extra directory paths to the linker - via the -blibpath ld option. This is only active when additional - library paths are used. It may be disabled via the - --without-blibpath configure option. - -502) The --with-skey and --with-opie configure options now take - an optional directory argument that should have an include and - lib dir for the skey/opie include file and library respectively. - -Sudo 1.6.7 released. - -503) Fixed false positives in the overflow detection of expand_prompt(). - -Sudo 1.6.7p1 released. - -504) An unterminated comment broke Kerberos V authentication. - -505) The krb5-config script is used to determine Kerberos V CPPFLAGS - and LDFLAGS/LIBS if it exists. - -506) Backed out changes to mkinstalldirs from autoconf 2.57 that - caused problems on Tru64 Unix. - -Sudo 1.6.7p2 released. - -507) Kerberos V support should work on latest MIT Kerberos V and Heimdal. - -Sudo 1.6.7p3 released. - -508) Fixed remaining Kerberos V issues with MIT Kerberos V and old Heimdal. - -Sudo 1.6.7p4 released. - -509) Fixed a typo that caused a compilation error on Heimdal. - -510) Darwin (MacOS X) doesn't have a real setreuid() system call. - -511) Fixed a problem with large numbers of environment variables. - -Sudo 1.6.7p5 released. - -512) Fixed a problem on FreeBSD when the user is only listed in NIS (not - master.passwd) and netgroups are used in the master.passwd file. - -513) BSD-style warn/err functions are now used throughout. - -514) Fixed the --with-stow configure option - -515) Added a "sudo_lecture" option that points to a file containing a custom - lecture. - -516) The username in a log entry is no longer truncated at 8 characters. - -517) A new tag, NOEXEC, will prevent a dynamically-linked program being run - by sudo from executing another program (think shell escapes). - Because this uses LD_PRELOAD it has no effect on static binaries. - Idea from Reznic Valery. - -518) TIS fwtk authentication now supports fwtk 2.0 and higher. - -519) Sudo will now try to stat the command to be run as the user - specified by the -u flag if the stat fails as root. Fixes - an NFS issue. - -520) Added Stan Lee / Uncle Ben quote to the lecture (from RedHat). - -521) Added a -i option to simulate an initial login similar to "su -". - Originally based on a patch from David J. MacKenzie. - -522) Added a -e option to edit files the with uid of the invoking user. - This prevents the user from editing other files or running commands - as the target user. If sudo is run as "sudoedit" the -e flag is implied. - -523) If sudo is used to run as root shell, further sudo commands will - be logged as run by the user specified by the SUDO_USER environment - variable. In -e mode (sudoedit), SUDO_USER is used to determine - what user to run the editor when the real uid is 0. - -524) Merged in LDAP support from Aaron Spangler. - -525) Added the --with-pc-insults configure to replace politically - incorrect insults with ones from Alek O. Komarnitsky. - -526) Added start_tls support from Gudleik Rasch . - -527) A uid specified in sudoers now matches the user specified by the - -u flag even if the -u flag specified a name, not a uid. - -528) /tmp/.odus is no longer used for timestamps by default. One of - /var/run/sudo, /var/adm/sudo or /usr/adm/sudo is used depending - on what directories exist. - -529) Quoting globbing characters with a backslash now works as documented. - -530) A negated user/uid in a runas list was not treated the same as a - negated command (it did not override a previously allowed entry). - Now it does. - -531) Added support for Tandem NSK and other systems w/o seteuid(). - -532) The timeout on password reading is now done via alarm(), not select(). - -533) Fixed several issues when closing all open descriptors. Sudo now uses - closefrom() if it exists, using /proc/$$/fd if possible. - -534) Use PATH_MAX, not MAXPATHLEN since the former is standardized. - -535) Added a check in visudo for runas_default being used before it - was set. - -536) If the target user == invoking user a password is no longer required. - -537) PAM support now uses Use pam_acct_mgmt() to check for disabled accounts - (from Brian Farrell). - -538) The sudoers file is now parsed as the runas user in all cases instead - of root. This fixes some issues with running NFS-mounted commands. - -539) Sudo now produces a sensible error message when the targetpw - Defaults option is set and a non-existent uid is specified via -u. - -Sudo 1.6.8 released. - -540) Now find the command base and fill in struct stat earlier. - -541) sudoedit now re-opens the temp file as the invoking user. - -542) struct timespec is used throughout the code base. - -543) Added --with-ldap-conf-file option to override /etc/ldap.conf - -544) Added SSL tls_* certificate checking options when using LDAP. - -545) Sudoedit will now only attempt to edit regular files or links. - -546) Sudo now uses futime() or futimes() where possible. - -547) Updated sample.pam to a current version. - -548) Better detection of unchanged files in sudoedit. - -Sudo 1.6.8p1 released. - -549) Bash exported functions are now stripped from the environment passed - to the program to be executed. - -Sudo 1.6.8p2 released. - -550) The CDPATH variable is now stripped from the environment passed - to the program to be executed. - -551) Fix temp file generation on systems where the _PATH_VARTMP macro - lacks a trailing slash. - -Sudo 1.6.8p3 released. - -552) The KRB5CCNAME environment variable is preserved during sudo - execution for password lookups that use GSSAPI. - -Sudo 1.6.8p4 released. - -553) Added a configure check for systems with a 2-argument version of - timespecsub (like BSD/OS). - -554) Added stub struct defintions to sudo.h to quiet compiler warnings - on some systems. - -555) In sudoers Defaults lines, tuples like "lecture" may now be used - without a value, restoring their old boolean-like nature. - -556) Invalid values for a tuple are now handled correctly. - -Sudo 1.6.8p5 released. - -557) Added a set of missing braces needed for MacOS X / Darwin. - -558) Define LDAP_OPT_SUCCESS for those without it. - -Sudo 1.6.8p6 released. - -559) New monitor functionality for systems with systrace(4). When tracing - is enabled sudo will fork a daemon that traces the command and - intercepts and execve() calls and allows/denies the call based on - a sudoers lookup. Also updates the command's environment with - the SUDO_* variables if supported by the version of systrace(4). - -560) Added support for multiple sudoers file via #include. - -561) An empty sudoers file is no longer a parse error. - -562) Fixed error handling if the lexer runs out of memory. - -563) Optimized lexer slightly by removing use of unput() and removing - some ambiguity with the Default keyword. - -564) Wildcard matches on commands now use glob() and stat() so - that relative paths work correctly in conjunction with wildcards. - -565) Rewritten parser that converts sudoers into a set of data structures. - This eliminates ordering issues and makes it possible to apply - sudoers Defaults entries before searching for the command. - -566) Visudo will now warn about aliases that are defined but not used. - -567) The new -U option can now be used with "sudo -l" to let root - (or a user with "sudo ALL) see another user's privs. - -568) The "secure_path" run-time Defaults option has been restored. - -569) Password and group data is now cached for fast lookup. - -570) Sudo will use the supplemental group vector if it is present - in addition to doing string comparisons of the group members. This - is useful for systems with nsswitch.conf where group data can be in - either /etc/group or some other database (NIS, NIS+, LDAP, etc) - and getgrnam() only returns data from one source. - -571) Visudo can now handle VISUAL or EDITOR environment variables - that contain command line arguments. - -572) Added support for per-command defaults enties. - -573) "sudo -l" now takes an optional 'command' argument to check whether - a specific command is allowed. - -574) The file descriptor at which sudo starts closing all open files - is now configurable via sudoers and, optionally, the command line. - -575) "sudo -l" now includes Defaults info and wraps lines based on the - screen width. - -576) testsudoers can now be passed fake passwd and group files. - -577) Fixed Makefile depencies when generating the parser. diff --git a/ChangeLog b/ChangeLog new file mode 100644 index 000000000..47a4704f7 --- /dev/null +++ b/ChangeLog @@ -0,0 +1,13930 @@ +2005-02-09 22:03 millert + + * set_perms.c: Use warning/error instead of perror/fatal. + +2005-02-09 21:13 millert + + * config.guess: Update OpenBSD section + +2005-02-09 21:10 millert + + * UPGRADE: Add upgrading noted for 1.7 + +2005-02-09 21:00 millert + + * env.c, sudo.c: Instead of zeroing out the environment, just prune + out entries based on the env_delete and env_check lists. Base + building up the new environment on the current environment and the + variables we removed initially. + +2005-02-09 20:23 millert + + * configure, configure.in, sudo.c, config.h.in: Set locale to "C" + if locales are supported, just to be safe. + +2005-02-07 20:56 millert + + * env.c: correct value for DID_USER + +2005-02-07 20:55 millert + + * error.c, fnmatch.c, getcwd.c, glob.c, snprintf.c: #include + not "compat.h" + +2005-02-07 20:51 millert + + * defaults.c: Reset the environment by default. + +2005-02-07 20:50 millert + + * sudo.c: Alloc an extra slot in NewArgv. Removes the need to + malloc an new vector if execve() fails. + +2005-02-06 21:16 millert + + * INSTALL, config.h.in, configure, configure.in, sudo.c: Use + execve(2) and wrap the command in sh if we get ENOEXEC. + +2005-02-05 20:56 millert + + * configure, compat.h, config.h.in, configure.in: use bcopy on + systems w/o memmove + +2005-02-05 20:31 millert + + * compat.h: __attribute__((__unused__)) doesn't work in gcc 2.7.2.1 + so limit its use to gcc >= 2.8. + +2005-02-05 19:21 millert + + * Makefile.in: Add explicit rule to build sudo_noexec.lo + +2005-02-05 15:56 millert + + * INSTALL.configure, Makefile.in: No longer depend on VPATH; + pointed out a bunch of missed dependencies. + +2005-02-05 11:18 millert + + * TROUBLESHOOTING: Help for PAM when account section is missing + +2005-02-05 07:57 millert + + * configure, config.h.in, configure.in: Move _FOO_SOURCE to + CPPFLAGS so it takes effect as early as possible. Silences a + warning about isblank() on linux. + +2005-01-31 21:03 millert + + * pwutil.c: Don't try to destroy a tree we didn't create. + +2005-01-27 08:42 millert + + * alias.c, alloc.c, check.c, closefrom.c, compat.h, defaults.c, + env.c, error.c, fileops.c, find_path.c, fnmatch.c, getcwd.c, + getprogname.c, getspwuid.c, gettime.c, goodpath.c, gram.c, gram.y, + interfaces.c, ldap.c, logging.c, match.c, mon_systrace.c, parse.c, + pwutil.c, set_perms.c, sigaction.c, snprintf.c, strcasecmp.c, + strerror.c, strlcat.c, strlcpy.c, sudo.c: Add __unused to rcsids + +2005-01-21 08:34 millert + + * configure, configure.in: Fix error message when mixing invalid + auth types + +2005-01-21 08:32 millert + + * INSTALL: PAM, AIX auth, BSD auth and login_cap are now on by + default if the OS supports them. + +2005-01-21 08:29 millert + + * config.h.in: s/HAVE_AUTHENTICATE/HAVE_AIXAUTH/g + +2005-01-21 08:29 millert + + * configure.in: Better checking for conflicting authentication + methods Display the authentication methods used at the end of + configure Rename --with-authenticate -> --with-aixauth Use + --with-aixauth, --with-bsdauth, --with-pam, --with-logincap by + default on systems that support them unless disabled. Add OSMAJOR + variable that replaces old OSREV; now OSREV has full version number + +2005-01-17 17:40 millert + + * def_data.c, def_data.in, sudo.c: s/-O/-C/ + +2005-01-14 11:35 millert + + * configure.in: Replace: test -n "$FOO" || FOO="bar" + + With: : ${FOO='bar'} + +2005-01-09 16:58 millert + + * pwutil.c: Use function pointers to only call private passwd/group + routines when using a nonstandard passwd/group file. + +2005-01-06 08:34 millert + + * CHANGES: sync + +2005-01-05 15:29 millert + + * Makefile.in: Fix dummied out toke.c and gram.c dependencies. + +2005-01-05 15:18 millert + + * Makefile.in: Rename PARSESRCS -> GENERATED since it is only used + in the clean target Add devdir variable and use it to specify the + path to parser sources + +2005-01-05 15:17 millert + + * configure: regen + +2005-01-05 15:17 millert + + * configure.in: Add a devdir variables that defaults to $(srcdir) + and is set to . if --devel was specified. Allows for proper + dependecies building the parser. + +2005-01-05 12:47 millert + + * Makefile.in: Build private copy of pwutil.o for testsudoers with + MYPW defined so it uses our own passwd/group routines. + +2005-01-05 12:43 millert + + * logging.c, sudo.c: g/c pwcache_init/pwcache_destroy + +2005-01-05 12:42 millert + + * sudo.h: Undo last commit and add sudo_setspent and sudo_endspent + instead. + +2005-01-05 12:41 millert + + * getspwuid.c, pwutil.c: Move all but the shadow stuff from + getspwuid.c to pwutil.c and pwcache_get and pwcache_put as they are + no longer needed. Also add preprocessor magic to use private + versions of the passwd and group routines if MYPW is defined (for + use by testsudoers). + +2005-01-04 18:10 millert + + * logging.c, sudo.c, sudo.h: Adapt to pwutil.c + +2005-01-04 18:09 millert + + * Makefile.in: Add tsgetgrpw.c and pwutil.c Rename the *OBJ + variables for better readability. + +2005-01-04 18:07 millert + + * getspwuid.c, pwutil.c: Split off pw/gr cache and dup code into + its own file. This allows visudo and testsudoers to use the pw/gr + cache too. + +2005-01-01 17:31 millert + + * parse.c: Print Defaults info in "sudo -l" output and wrap lines + based on the terminal width. + +2005-01-01 10:41 millert + + * match.c: Only check group vector in usergr_matches() if we are + matching the invoking or list user. Always check the group + members, even if there was a group vector. + +2004-12-17 15:24 millert + + * LICENSE, Makefile.in, fnmatch.3: No longer bundle fnmatch.3 + +2004-12-17 11:12 millert + + * CHANGES, TODO: checkpoint + +2004-12-16 12:20 millert + + * sudo.c: sort usage + +2004-12-16 12:20 millert + + * sudo.pod: Sort command line options + +2004-12-16 11:33 millert + + * def_data.c, def_data.h, def_data.in, defaults.c, logging.c, + sudo.c, sudo.pod: Add closefrom sudoers option to start closing at + a point other than 3. Add closefrom_override sudoers option and -C + sudo flag to allow the user to specify a different closefrom + starting point. + +2004-12-16 11:25 millert + + * pathnames.h.in: Add _PATH_DEVNULL for those without it. + +2004-12-15 20:55 millert + + * LICENSE: no more UCB strcasecmp + +2004-12-15 20:54 millert + + * strcasecmp.c: replace BSD licensed one with version derived from + pdksh + +2004-12-09 19:07 millert + + * sudo.c: Fix last commit. + +2004-12-09 17:26 millert + + * sudo.c: Make sure stdin, stdout and stderr are open and dup them + to /dev/null if not. + +2004-12-03 11:57 millert + + * ldap.c, mon_systrace.c, sudo.c, sudo.h: add sudo_ldap_close + +2004-12-03 11:52 millert + + * fileops.c, gettime.c, sudo.c: Use TIME_WITH_SYS_TIME + +2004-12-03 11:48 millert + + * configure, configure.in, config.h.in: Add TIME_WITH_SYS_TIME_H + +2004-12-02 09:18 millert + + * env.c: Add missing braces to avoid DYLD_FORCE_FLAT_NAMESPACE + being set unconditionally on darwin. From Toby Peterson. + +2004-12-02 08:40 millert + + * getspwuid.c: Check rbinsert() return value. In the case of faked + up entries there is usually a negative response cached that we need + to overwrite. + + In pwfree() don't try to zero out a NULL pw_passwd pointer. + +2004-12-02 07:53 millert + + * mon_systrace.c: Use the double fork trick to avoid the monitor + process being waited for by the main program run through sudo. + +2004-11-29 10:52 millert + + * sudo.c: Call initgroups() in -U mode so group matches work + normally. + +2004-11-29 10:34 millert + + * def_data.h, mkdefaults: Don't print a trailing comma for the last + entry in enum def_tupple + +2004-11-28 14:05 millert + + * def_data.c, def_data.in: verifypw when used in a boolean TRUE + context should be "all", not "any". + +2004-11-26 12:21 millert + + * def_data.in, defaults.c: Allow tuples that can be used as + booleans to be used as boolean TRUE. In this case the 2nd possible + value of the tuple is used for TRUE. + +2004-11-25 10:23 millert + + * configure, configure.in: Correct the test for 2-parameter + timespecsub + +2004-11-25 10:20 millert + + * sudo.h: Add strub struct definitions for passwd, timeval and + timespec + +2004-11-25 10:09 millert + + * configure, configure.in, config.h.in: Add check for 2-argument + form of timespecsub (FreeBSD and BSD/OS) and fix a typo in the + gettimeofday check. + +2004-11-24 14:44 millert + + * match.c: Deal with user_stat being NULL as it is for visudo and + testsudoers. + +2004-11-24 14:31 millert + + * parse.c, sudo.c, sudo.cat, sudo.h, sudo.man.in, sudo.pod: Add -U + option to use in conjunction with -l instead of -u. Add support + for "sudo -l command" to test a specific command. + +2004-11-24 14:28 millert + + * gram.c, gram.y, sudo.c: Set safe_cmnd after sudoers_lookup() if + it has not been set. Previously it was set by sudo "ALL" in the + parser but at that point the fully-qualified pathname has not yet + been found. + +2004-11-23 16:18 millert + + * parse.c: Correctly handle multiple privileges per userspec and + runas inheritence. + +2004-11-21 12:09 millert + + * defaults.c: Zero out sd_un for each entry in sudo_defs_table in + init_defaults. + +2004-11-19 16:00 millert + + * ldap.c, parse.c, sudo.c, sudo.h: Remove the FLAG_NOPASS, + FLAG_NOEXEC and FLAG_MONITOR flags. Instead, we just set the + approriate defaults variable. + +2004-11-19 15:09 millert + + * sample.sudoers: Document per-command Defaults. + +2004-11-19 14:35 millert + + * defaults.c, defaults.h, gram.c, gram.h, gram.y, mon_systrace.c, + sudo.c: Add support for command-specific Defaults entries. E.g. + Defaults!/usr/bin/vi noexec + +2004-11-19 13:03 millert + + * defaults.c, match.c, parse.c, parse.h: Change an occurence of + user_matches() -> runas_matches() missed previously + runas_matches(), host_matches() and cmnd_matches() only really need + to pass in a list of members. user_matches() still needs to pass + in a passwd struct because of "sudo -l" + +2004-11-19 12:46 millert + + * parse.c: Check def_authenticate, def_noexec and def_monitor when + setting return flags. XXX May be better to just set the defaults + directly and get rid of those flags. + +2004-11-19 11:39 millert + + * alias.c, alloc.c, check.c, closefrom.c, defaults.c, env.c, + error.c, fileops.c, find_path.c, fnmatch.c, getcwd.c, + getprogname.c, getspwuid.c, gettime.c, glob.c, goodpath.c, gram.c, + gram.y, interfaces.c, ldap.c, logging.c, match.c, mon_systrace.c, + parse.c, redblack.c, set_perms.c, snprintf.c, strcasecmp.c, + strerror.c, strlcat.c, strlcpy.c, sudo.c: Use: #include + Not: #include "config.h" That way we get the correct config.h when + build dir != src dir + +2004-11-19 11:30 millert + + * Makefile.in: Back out part of rev 1.263; fix -I order + +2004-11-19 10:35 millert + + * Makefile.in, alias.c, gram.c, gram.y, parse.h: Split alias + routines out into their own file. + +2004-11-19 10:32 millert + + * error.h: __attribute__ is already defined in compat.h + +2004-11-19 09:54 millert + + * parse.h: Clarify comments about the data structures + +2004-11-17 12:25 millert + + * parse.h: alias_matches() is no more + +2004-11-17 12:09 millert + + * CHANGES, TODO: sync + +2004-11-17 11:19 millert + + * Makefile.in: When regenerating the parser, don't replace gram.h + unless it has changed. + +2004-11-17 09:56 millert + + * Makefile.in: remove Makefile.binary for distclean + +2004-11-17 09:18 millert + + * env.c: Preserve KRB5CCNAME in zero_env() and add a paranoia check + to make sure we can't overflow new_env. + +2004-11-16 17:00 millert + + * sudo.c: Set user_ngroups to 0 if getgroups() returns an error. + +2004-11-16 16:59 millert + + * configure, configure.in, config.h.in, sudo.c: Add configure check + for getgroups() + +2004-11-16 16:55 millert + + * ldap.c: Use supplementary group vector in struct sudo_user. + +2004-11-16 16:40 millert + + * match.c: Only do string comparisons on the group members if there + is no supplemental group list. + +2004-11-16 14:10 millert + + * CHANGES, TODO: sync + +2004-11-16 10:02 millert + + * match.c: remove bogus XXX comment + +2004-11-16 09:10 millert + + * match.c: Get rid of alias_matches and correctly fall through to + the non-alias cases when there is no alias with the specified name. + +2004-11-16 08:47 millert + + * getspwuid.c: Cache non-existent passwd/group entries too. + +2004-11-16 08:45 millert + + * gram.c: regen + +2004-11-15 21:32 millert + + * getspwuid.c: fix typo + +2004-11-15 21:24 millert + + * check.c, getspwuid.c, glob.c, ldap.c, logging.c, match.c, + mon_systrace.h, sudo.c, sudo.h: Implement group caching and use the + passwd and group caches throughout. + +2004-11-15 12:43 millert + + * match.c: Properly negate the return value of alias_matches() when + appropriate. + +2004-11-15 12:38 millert + + * match.c: Make hostname_matches() return TRUE for a match, else + FALSE like the caller expects. + +2004-11-15 11:24 millert + + * Makefile.in: Add missing dependencies on gram.h + +2004-11-15 11:06 millert + + * match.c: Use runas_matches in alias_matches() now that we have + it. + +2004-11-15 11:00 millert + + * parse.c, parse.h: Expand aliases in "sudo -l" mode + +2004-11-15 10:33 millert + + * gram.y, match.c: Use ALIAS for the member type when storing an + alias instead of HOSTALIAS/RUNASALIAS/CMNDALIAS/USERALIAS since + match.c relies on the more generic type. Expand runas_matches + instead of calling user_matches() inside of it since user_matches() + looks up USERALIASes, not RUNASALIASes. + +2004-11-15 10:05 millert + + * CHANGES, getspwuid.c: Paranoia; zero out pw_passwd before freeing + passwd entry. + +2004-11-15 08:53 millert + + * LICENSE, Makefile.in, alloc.c, check.c, config.h.in, configure, + configure.in, err.c, error.c, error.h, defaults.c, env.c, + find_path.c, interfaces.c, logging.c, mon_systrace.c, sudo.c, + sudo.h: Add local error/warning functions like err/warn but that + call an additional cleanup routine in the error case. This means + we no longer need to compile a special version of alloc.o for + visudo. + +2004-11-15 07:59 millert + + * match.c: Use userpw_matches() to compare usernames, not strcmp(), + since the latter checks for "#uid". + +2004-11-15 07:53 millert + + * getspwuid.c, mon_systrace.c, mon_systrace.h, sudo.c: Cache passwd + db entries in 2 reb-black trees; one indexed by uid, the other by + user name. The data returned from the cache should be considered + read-only and is destroyed by sudo_endpwent(). + +2004-11-15 07:50 millert + + * match.c: add cast to uid_t + +2004-11-15 07:49 millert + + * gram.y: missing free in alias_destroy + +2004-11-15 07:49 millert + + * redblack.c: Can't use rbapply() for rbdestroy since the + destructor is passed a data pointer, not a node pointer. + +2004-11-14 21:06 millert + + * getspwuid.c, logging.c, sudo.c, sudo.h: Create and use private + versions of setpwent() and endpwent() that set/end the shadow + password file too. + +2004-11-14 20:55 millert + + * gram.c, gram.h, gram.y, match.c, parse.h: Store aliases in a + red-black tree. + +2004-11-14 20:52 millert + + * Makefile.in, redblack.c, redblack.h: red-black tree + implementation + +2004-11-12 09:19 millert + + * CHANGES, def_data.c, def_data.h, def_data.in, defaults.c, env.c, + find_path.c: Bring back the "secure_path" Defaults option now that + Defaults take effect before the path is searched. + +2004-11-11 10:22 millert + + * logging.c, parse.c: A user can always list their own entries, + even with -u. Better error message when failing to list another + user's entries. + +2004-11-11 10:12 millert + + * parse.c, sudo.c, sudo.h: The syntax to list another user's + entries is now "-u otheruser -l". Only root or users with sudo + "ALL" may list other user's entries. + +2004-11-11 09:30 millert + + * sudo.cat, sudo.man.in, sudo.pod: Update env variable info in + SECURITY NOTES + +2004-11-11 09:25 millert + + * env.c: strip CDPATH too + +2004-11-11 09:20 millert + + * env.c: strip exported bash functions from the environment. + +2004-10-27 10:16 millert + + * sudo.c: Only reset sudo_user.pw based on SUDO_USER environment + variables for real commands and sudoedit. This avoids a confusing + message when a user tries "sudo -l" or "sudo -v" and is denied. + +2004-10-27 10:06 millert + + * gram.c, gram.y, parse.h: Extend LIST_APPEND to deal with + appending lists too + +2004-10-26 16:39 millert + + * logging.c: Convert some bitwise AND to ISSET + +2004-10-26 16:29 millert + + * lex.yy.c: toke.c replaces lex.yy.c + +2004-10-26 16:29 millert + + * CHANGES, TODO: sync + +2004-10-26 16:28 millert + + * BUGS: new parser fixes most of the outstanding bugs + +2004-10-26 16:27 millert + + * configure: regen + +2004-10-26 16:23 millert + + * sudo.h: Add new prototypes. Remove NOMATCH/UNSPEC (now in + parse.h) + +2004-10-26 16:22 millert + + * sudo.c: Update for new parse. We now call find_path() *after* we + have updated the global defaults based on sudoers. Also adds + support for listing other user's privs if you are root. + +2004-10-26 16:21 millert + + * mon_systrace.c: Working LDAP support; also remove a now-unneeded + rewind(). + +2004-10-26 16:20 millert + + * logging.c, logging.h: Add NO_STDERR flag. + +2004-10-26 16:19 millert + + * ldap.c: Split sudo_ldap_check() into three pieces: + sudo_ldap_open(), udo_ldap_update_defaults() and sudo_ldap_check(). + This allows us to connecto to LDAP, apply the default options, + find the command in the user's path, and then check whether the + user is allowed to run it. The important thing here is that the + default runas user may be specified as a default option and that + needs to be set before we search for the command. + +2004-10-26 16:17 millert + + * ldap.c: Add casts to unsigned char for isspace() to quiet a gcc + warning. + +2004-10-26 16:16 millert + + * defaults.h: Add prototype for update_defaults() + +2004-10-26 16:16 millert + + * defaults.c: Don't warn about line numbers now that we operate on + a set of data structures (or LDAP) and not a file. + +2004-10-26 16:15 millert + + * config.h.in: No long use lsearch() + +2004-10-26 16:14 millert + + * Makefile.in: Update for new and changed file names. + +2004-10-26 16:14 millert + + * LICENSE: no more BSD lsearch.c + +2004-10-26 16:14 millert + + * match.c: foo_matches() routines now live in match.c Added + user_matches(), runas_matches(), host_matches(), cmnd_matches() and + alias_matches() that operate on the parsed sudoers file. + +2004-10-26 16:12 millert + + * parse.lex: Move parse.lex -> toke.l Rename buffer_frob() -> + switch_buffer() WORD no longer needs to exclude '@' kill yywrap() + +2004-10-26 16:10 millert + + * gram.c, gram.h, gram.y, parse.c, parse.h, parse.yacc: Rewritten + parser that converts sudoers into a set of data structures. This + eliminates ordering issues and makes it possible to apply sudoers + Defaults entries before searching for the command. + +2004-10-26 16:09 millert + + * configure.in, lsearch.c: We won't be using lsearch() any longer. + +2004-10-26 16:07 millert + + * ldap.c: sudo should not send mail if someone who runs 'sudo -l' + has no entry. + +2004-10-26 14:09 millert + + * sudo.cat, sudo.man.in: regen + +2004-10-26 14:08 millert + + * sudo.pod: Document that -l now takes an optional username + argument + +2004-10-25 11:44 millert + + * RUNSON: AIX 5.2.0.0 works + +2004-10-25 11:38 millert + + * ldap.c: If LDAP_OPT_SUCCESS is not defined, use LDAP_SUCCESS + instead. Fixes a compilation problem with Solaris 9's native LDAP. + + Set FLAG_MONITOR when needed. + +2004-10-23 11:32 millert + + * mon_systrace.c: Call sudo_goodpath() *after* changing the cwd to + match the traced process. Fixes relative paths. + +2004-10-13 10:46 millert + + * INSTALL, PORTING, TROUBLESHOOTING, config.h.in, configure, + configure.in, set_perms.c, sudo.c, sudo.h: Kill use of POSIX saved + uids; they aren't worth bothering with. + +2004-10-07 14:23 millert + + * glob.c: remove call to issetugid() + +2004-10-07 12:52 millert + + * parse.c: Use glob(3) instead of fnmatch(3) for matching pathnames + and stat each result that matches the basename of the user's + command. This makes "cd /usr/bin ; sudo ./blah" work when sudoers + allows /usr/bin/blah. Fixes bug #143. + +2004-10-07 12:27 millert + + * configure, configure.in, config.h.in: Define HAVE_EXTENDED_GLOB + for extended glob (GLOB_TILDE and GLOB_BRACE) + +2004-10-07 10:59 millert + + * config.h.in, configure, configure.in: Check for a glob() that + supports GLOB_BRACE and GLOB_TILDE + +2004-10-07 10:51 millert + + * LICENSE: reference glob + +2004-10-07 10:50 millert + + * glob.c: 4.4BSD glob(3) with fixes from OpenBSD and some unneeded + extensions removed. + +2004-10-05 15:26 millert + + * mon_systrace.c: Just return if STRIOCINJECT or STRIOCREPLACE + fail. It probably means we are out of space in the stack gap... + +2004-10-05 15:20 millert + + * CHANGES: sync + +2004-10-05 14:53 millert + + * mon_systrace.c: Take a stab at ldap sudoers support here. + +2004-10-05 13:13 millert + + * mon_systrace.c, mon_systrace.h: Detach from tracee on SIGHUP, + SIGINT and SIGTERM. Now "sudo reboot" doesn't cause reboot to + inadvertanly kill itself. + +2004-10-05 12:21 millert + + * mon_systrace.c: put "monitor" in the proctitle, not "systrace" + +2004-10-05 12:15 millert + + * mon_systrace.c: When modifying the environment, don't replace + envp when we can get away with just rewriting pointers in the + traced process. + +2004-10-05 11:46 millert + + * mon_systrace.c, mon_systrace.h: Add environment updating via + STRIOCINJECT (if available). + +2004-10-04 14:15 millert + + * lex.yy.c: regen + +2004-10-04 14:15 millert + + * parse.lex: Fix bug introduced in unput() removal; want yyless(0) + not yyless(1) + +2004-10-04 10:09 millert + + * mon_systrace.c: Include file is now mon_systrace.h + +2004-10-04 10:07 millert + + * Makefile.in, configure, configure.in, def_data.c, def_data.h, + def_data.in, lex.yy.c, parse.c, parse.h, parse.lex, parse.yacc, + sudo.c, sudo.h: No longer call it tracing, it is now "monitoring" + which should be more a obvious name to non-hackers. + +2004-10-01 13:06 millert + + * mon_systrace.c, mon_systrace.h: Fix some XXX + +2004-10-01 12:30 millert + + * mon_systrace.c, mon_systrace.h: No need to include syscall.h, use + 1024 as the max # of entries (the max that systrace(4) allows). + + Only need to use SYSTR_POLICY_ASSIGN once + + Change check_syscall() -> find_handler() and have it return the + handler instead of just running it. We need this since handler now + have two parts: one part that generates and answer and another that + gets called after the answer is accepted (to do logging). + + Add some missing check_exec for emul execv + +2004-10-01 08:58 millert + + * sample.pam, sample.sudoers, sample.syslog.conf: Add $Sudo$ tags. + +2004-10-01 08:47 millert + + * config.h.in: Add missing HAVE_LINUX_SYSTRACE_H + +2004-09-30 18:46 millert + + * Makefile.in: add trace_systrace.o dependency + +2004-09-30 17:00 millert + + * configure, configure.in: Also look for systrace.h in + /usr/include/linux + +2004-09-30 16:27 millert + + * mon_systrace.c, mon_systrace.h: Move all struct defs and + prototypes into trace_systrace.h and mark all but systace_attach() + static. + +2004-09-30 16:14 millert + + * mon_systrace.c, mon_systrace.h: Add support for tracing + emulations. At the moment, all emulations are compiled in. It + might make sense to #ifdef them in the future, though this impeeds + readability. + +2004-09-30 15:07 millert + + * Makefile.in, configure.in, configure: rename systrace.c -> + trace_systrace.c + +2004-09-30 13:58 millert + + * parse.yacc: Allow this to build with a K&R compiler again + +2004-09-30 11:58 millert + + * TODO: sync + +2004-09-30 11:55 millert + + * sudo.c, compat.h: Use __attribute__((__noreturn__)) + +2004-09-30 11:25 millert + + * sudo.cat, sudo.man.in: regen + +2004-09-30 11:22 millert + + * Makefile.in: Define Err() and Errx() that are like err() and + errx() but call Exit() instead of exit(). Build private copy of + alloc.o for visudo that calls Err() and Errx(). + +2004-09-29 13:22 millert + + * lex.yy.c: regen + +2004-09-29 13:22 millert + + * CHANGES: sync + +2004-09-29 12:36 millert + + * parse.lex, sudo.c, sudo.h: Add keepopen arg to open_sudoers that + open_sudoers can use to indicate to the caller that the fd should + not be closed when it is done with it. To be used by visudo to + keep locked fds from being closed prematurely (and thus losing the + lock). + +2004-09-29 12:33 millert + + * parse.yacc, sudo.c: Add errorfile global that contains the name + of the file that caused the error. + +2004-09-29 12:30 millert + + * parse.lex: return COMMENT to yacc grammar for a #include line + +2004-09-29 12:29 millert + + * parse.lex: Remove us of unput() in favor of yyless() which is + cheaper. + +2004-09-29 12:28 millert + + * parse.yacc: Allow an empty sudoers file. + +2004-09-28 14:50 millert + + * mon_systrace.c: Rewind sudoers_fp now that sudoers_lookup() + doesn't do it for us. + +2004-09-28 12:37 millert + + * lex.yy.c: regen + +2004-09-28 12:31 millert + + * parse.c, parse.h, parse.lex, parse.yacc: More scaffolding for + dealing with multiple sudoers files: o init_parser() now takes a + path used to populate the sudoers global o the sudoers global is + used to print the correct file in yyerror() o when switching to a + new sudoers file, perserve old file name and line number + +2004-09-28 12:29 millert + + * Makefile.in, pathnames.h.in: Kill _PATH_SUDOERS_TMP; it is not + meaningful now that we can have multiple sudoers files. + +2004-09-28 11:52 millert + + * parse.c, sudo.c: Rewind sudoers_fp in open_sudoers() instead of + sudoers_lookup() so we start at the right file position when + reading include files. + +2004-09-27 18:47 millert + + * lex.yy.c: regen + +2004-09-27 18:47 millert + + * parse.lex: Add max depth of 128 for the include stack to avoid + loops. + + Since yyerror() doesn't stop parsing, pass return values back to + yylex and call yyterminate() on error. + +2004-09-27 12:05 millert + + * sudo.pod: Mention PREVENTING SHELL ESCAPES section of sudoers man + page + +2004-09-27 10:08 millert + + * lex.yy.c: regen + +2004-09-27 10:03 millert + + * parse.lex: Add support for #include in sudoers (visudo support + TBD) + +2004-09-27 10:02 millert + + * parse.yacc: make yyerror()'s argument const + +2004-09-27 10:01 millert + + * sudo.c, sudo.h: Rename check_sudoers() open_sudoers() and make it + return a FILE * + +2004-09-26 10:35 millert + + * BUGS, INSTALL, INSTALL.binary, Makefile.in, README, configure.in: + Crank version + +2004-09-26 10:33 millert + + * Makefile.in, sudo.psf: Better HP-UX depot construction + +2004-09-25 15:08 millert + + * mon_systrace.c: o Made children global so check_exec() can lookup + a child. o Replaced uid in struct childinfo with struct passwd * + (for runas) o new_child() now takes a parent pid so the runas info + can be inherited o Added find_child() to lookup a child by its pid + o update_child() now fills in a struct passwd o Converted the big + if/else mess in set_policy to a switch o Syscalls that change uid + are now "ask" so we get SYSTR_MSG_UGID events + +2004-09-25 15:01 millert + + * getspwuid.c: Add flag to sudo_pwdup that indicates whether or not + to lookup the shadow password. Will be used to a struct passwd + that has the shadow password already filled in. + +2004-09-25 14:58 millert + + * mon_systrace.c: add missing increment of addr in read_string() + +2004-09-25 14:15 millert + + * mon_systrace.c: Remove bogus call to update_child() and some + cosmetic fixes + +2004-09-25 14:11 millert + + * mon_systrace.c: Don't leak /dev/systrace fd to tracee Make + initialized global for simplicity If STRIOCATTACH returns EBUSY we + are already being traced Check for user_args == NULL in + setproctitle() call Add missing calls to STRIOCANSWER + +2004-09-25 11:15 millert + + * sudo.c: g/c sudo_pwdup proto + +2004-09-24 18:21 millert + + * Makefile.in, sudo.psf: Add target for building a depot file + +2004-09-24 18:07 millert + + * mon_systrace.c: trim includes + +2004-09-24 12:11 millert + + * lex.yy.c: regen + +2004-09-24 12:10 millert + + * INSTALL: document --with-systrace + +2004-09-24 12:10 millert + + * config.h.in, configure, configure.in: Add check for setproctitle + +2004-09-24 12:09 millert + + * mon_systrace.c: pass struct str_msg_ask in to syscall checker so + it can set the error code + +2004-09-24 11:30 millert + + * mon_systrace.c: systrace(4) support for sudo. On systems with + the systrace(4) kernel facility (OpenBSD, NetBSD, Linux w/ patches) + sudo can intercept exec calls and check the exec args against the + sudoers file. In other words, sudo can now control subcommands and + shell escapes. + +2004-09-24 11:17 millert + + * sudo.c, sudo.h: Call systrace_attach() if FLAG_TRACE is set. + +2004-09-24 11:15 millert + + * parse.c, parse.h, parse.lex, parse.yacc, sudo.h: Add trace + Defaults option and TRACE/NOTRACE tags and set FLAG_TRACE + +2004-09-24 11:13 millert + + * parse.c, sudo.c: Don't close sudoers_fp, keep it open and set + close on exec flag instead. + +2004-09-24 11:11 millert + + * def_data.c, def_data.h, def_data.in: Add trace option + +2004-09-23 18:24 millert + + * Makefile.in: Add systrace + +2004-09-23 18:23 millert + + * INSTALL: SunOS /bin/sh blows up with configure + +2004-09-23 18:23 millert + + * configure, configure.in: Include sys/param.h before systrace.h + +2004-09-23 18:15 millert + + * configure: regen + +2004-09-23 18:15 millert + + * pathnames.h.in: _PATH_DEV_SYSTRACE + +2004-09-23 18:14 millert + + * configure.in: line up options in --help + +2004-09-23 18:11 millert + + * config.h.in, configure.in: Add --with-systrace + +2004-09-23 11:35 millert + + * configure: regen + +2004-09-23 11:35 millert + + * aclocal.m4, configure.in: make this work with autoconf-2.59 + +2004-09-15 16:47 millert + + * HISTORY: Add support url + +2004-09-15 14:11 millert + + * Makefile.in: versino 1.6.8p1 + +2004-09-15 13:20 millert + + * CHANGES: more changes for 1.6.8p1 + +2004-09-15 10:16 millert + + * CHANGES: Add sanity check so we don't try to edit something other + than a regular file. + +2004-09-14 18:55 aaron + + * CHANGES: sync + +2004-09-14 18:21 aaron + + * INSTALL: document --with-ldap-conf-file + +2004-09-14 15:43 millert + + * CHANGES, ins_csops.h: political correctness strikes again + +2004-09-14 13:09 millert + + * RUNSON: sync + +2004-09-12 17:50 millert + + * Makefile.binary.in, Makefile.in: Install sudoedit man link + +2004-09-12 12:25 millert + + * INSTALL: Update PAM note and mention where HP-UX users can + download gcc binaries. + +2004-09-12 10:08 millert + + * Makefile.in: libtool wants to install stuff from .libs so fake + one up for binary installations. + +2004-09-12 09:53 millert + + * Makefile.binary.in: rm -f old sudoedit link instead of using ln + -f set LIBTOOL correctly + +2004-09-12 09:53 millert + + * Makefile.in: Deal with "uname -m" having slashes in it rm -f old + sudoedit link instead of using ln -f + +2004-09-12 08:22 millert + + * Makefile.binary, Makefile.binary.in: Makefile.binary -> + Makefile.binary.in for config.status substitution Add support for + installing noexec bits + +2004-09-12 08:21 millert + + * Makefile.in: Copy noexec bits into binary dists too No longer use + my old arch script for making binary dists + +2004-09-12 07:36 millert + + * Makefile.binary: Install sudoedit link. + +2004-09-10 10:31 millert + + * compat.h: Fix Solatis futimes macro + +2004-09-08 12:36 millert + + * CHANGES: sync + +2004-09-08 12:35 millert + + * sudo.cat, sudo.man.in: regen + +2004-09-08 12:34 millert + + * sudo.pod: back out revision 1.70; it is no long applicable + +2004-09-08 09:57 millert + + * env.c: Let the loader initialize nep + +2004-09-08 09:49 millert + + * configure, configure.in, config.h.in: Removed unneed check for + fchown Add check for gettimeofday Move autoheader template stuff + into separate AH_TEMPLATE lines + +2004-09-08 09:48 millert + + * check.c, compat.h, fileops.c, sudo.h: Use timespec throughout. + +2004-09-08 09:47 millert + + * Makefile.in: gettime.[co] + +2004-09-08 09:47 millert + + * gettime.c: function to return the current time in a struct + timespec + +2004-09-07 14:36 millert + + * compat.h, config.h.in, configure, configure.in: Add a check for + struct timespec and provide it for those without. + +2004-09-07 13:56 millert + + * config.h.in, configure, configure.in: Add checks for st_mtim and + st_mtimespec and add macros for pulling the mtime sec and nsec out + of struct stat. These are used in sudo_edit() to better tell + whether or not the file has changed. + +2004-09-07 13:55 millert + + * check.c, fileops.c, sudo.h: Add an extra param to touch() for + nsec + +2004-09-07 12:04 millert + + * fileops.c: If path is NULL and fd == -1 return -1. + +2004-09-07 11:14 millert + + * Makefile.in, aclocal.m4, check.c, compat.h, config.h.in, + configure, configure.in, fileops.c, sudo.h: Use utimes() and + futimes() instead of utime() in touch(), emulating as needed. Not + all systems are able to support setting the times of an fd so + touch() takes both an fd and a file name as arguments. + +2004-09-06 19:12 aaron + + * env.c: Rare SEGV + +2004-09-06 14:46 millert + + * sudo.cat, sudo.man.in: regen + +2004-09-06 14:45 millert + + * sudo.pod: Add SUPPORT section and re-order some of the sections + to match the order we use in OpenBSD. + +2004-09-06 13:05 aaron + + * env.c: Openldap ~/.ldaprc fix + +2004-09-06 10:18 millert + + * sudo.pod: Talk about how the editor must write its changes to the + original file and not just use rename(2). + +2004-09-06 10:12 millert + + * CHANGES: sync + +2004-09-06 10:10 millert + + * sample.pam: Update for current redhat/fedora core. + +2004-09-02 19:56 aaron + + * README.LDAP: tls_ examples + +2004-09-01 22:03 aaron + + * ldap.c: config tls_* options + +2004-08-29 09:39 millert + + * configure, configure.in: No need for -lcrypt when using pam. + +2004-08-26 21:57 millert + + * configure: regen + +2004-08-26 21:44 aaron + + * configure.in, ldap.c, pathnames.h.in: Allow --with-ldap-conf-file + option to override LDAP_CONF + +2004-08-26 20:08 aaron + + * ldap.c: cleanup debug message + +2004-08-26 17:29 aaron + + * README.LDAP: more config info + +2004-08-24 12:01 millert + + * TODO, find_path.c, goodpath.c, parse.c, sudo.c, sudo.h: Add + cmnd_base to struct sudo_user and set it in init_vars(). Add + cmnd_stat to struct sudo_user and set it in sudo_goodpath(). No + longer use gross statics in command_matches(). Also rename some + variables for improved clarity. + +2004-08-21 12:33 millert + + * INSTALL: document HP's crippled compiler deficiency. + +2004-08-21 12:25 millert + + * INSTALL: Fix some thinkos in --with-editor and --with-env-editor + descriptions. Noticed by Norihiko Murase. + +2004-08-21 12:20 millert + + * configure, configure.in: --with-noexec takes an optional PATH + argument. + +2004-08-21 12:20 millert + + * INSTALL: document --with-noexec + +2004-08-17 14:21 millert + + * RUNSON, TODO: sync + +2004-08-17 12:53 millert + + * sudo.cat, sudo.man.in: regen + +2004-08-17 12:53 millert + + * sudo.pod: Don't italicize the string "sudoedit" + +2004-08-16 16:45 millert + + * HISTORY: Mention GratiSoft. + +2004-08-11 12:29 millert + + * parse.yacc: Reset used_runas to FALSE when re-intializing the + parser. + +2004-08-09 17:04 millert + + * config.guess: Correct OpenBSD mips support + +2004-08-09 15:28 millert + + * config.guess: Add OpenBSD/mips + +2004-08-06 21:43 aaron + + * README.LDAP: More behavior notes + +2004-08-06 21:36 aaron + + * README.LDAP: Updates on current behavior + +2004-08-06 17:56 millert + + * sudo.pod: =back does not take an indentlevel (makes no difference + to formatted files). + +2004-08-06 17:48 millert + + * CHANGES: new + +2004-08-06 17:42 millert + + * sudo.c: Consistency. Use same error for bad -u #uid when + targetpw is set as we do when a bad -u username is specified. + +2004-08-06 17:33 millert + + * TODO: Add checksum idea from Steve Mancini + +2004-08-06 17:32 millert + + * sudo.cat, sudo.man.in: regen + +2004-08-06 17:31 millert + + * sudo.pod: Document the restriction on uids specified via -u when + targetpw is set. + +2004-08-06 17:24 millert + + * sudo.c: Error out when targetpw is enabled and sudo is run with + -u #uid but #uid does not exist in the passwd database. We can't + do target authentication when the target is not in passwd! + +2004-08-05 19:16 millert + + * sudo.cat, sudo.man.in: regen + +2004-08-05 19:14 millert + + * TODO: Some more todo for the next release. + +2004-08-05 19:13 millert + + * INSTALL: Make it clear that PAM should be used for DCE support + when possible. + +2004-08-05 12:29 millert + + * sudo.pod: Mention --with-secure-path, not SECURE_PATH. + +2004-08-02 20:34 aaron + + * ldap.c: reflect changes to parse.c + +2004-08-02 12:44 millert + + * parse.c, parse.h, parse.yacc: Don't pass user_cmnd and user_args + to command_matches(), just use the globals there. Since we keep + state with statics anyway it is misleading to pretend that passing + in different cmnd and cmnd_args will work. + +2004-08-02 12:40 millert + + * parse.c: Fix a bug introduced in rev. 1.149. When checking for + pseudo-commands check for a '/' anywhere in cmnd, not just the + first character. + +2004-07-30 21:07 aaron + + * sudo.man.in, sudo.pod: Clarification thanks to Olivier Blin + + +2004-07-30 20:06 aaron + + * README.LDAP: Sun One schema definition by + Andreas.Bussjaeger@t-systems.com and janth@moldung.no + +2004-07-29 09:57 millert + + * CHANGES: typo + +2004-07-23 14:44 millert + + * CHANGES: sync + +2004-07-23 14:43 millert + + * parse.c: Parse sudoers file as PERM_RUNAS not PERM_ROOT and + remove a useless PERM_SUDOERS. Restore to PERM_ROOT upon exit of + the parse. + +2004-07-08 08:20 millert + + * CHANGES: PAM change + +2004-07-07 19:04 aaron + + * ldap.c: Better debugging of ALL command + +2004-07-07 18:15 millert + + * parse.c: When matching for "sudoedit" in sudoers check both the + command the user typed *and* the command that is listed in the + sudoers entry. + +2004-07-04 17:59 aaron + + * ldap.c: Added !command feature + +2004-06-10 21:11 millert + + * LICENSE: License is ISC-style, not BSD-style + +2004-06-10 18:58 millert + + * CHANGES: sync + +2004-06-10 14:54 millert + + * sudo.man.in, sudo.cat: regen + +2004-06-10 14:53 millert + + * sudo.pod: o Update some out of date bits to reality o Change the + shell promt in examples to bourne-shell style o Clarify some + details o Add a CAVEAT about "sudo cd /foo" + +2004-06-10 14:19 millert + + * check.c: Don't ask for a password if invoking user == target + user. + +2004-06-10 10:32 millert + + * sudo.c: typo in comment + +2004-06-08 14:20 millert + + * TODO: sync + +2004-06-08 13:55 millert + + * CHANGES, parse.yacc: Add a check in visudo for runas_default + being set after it has already been used. + +2004-06-08 11:53 millert + + * parse.yacc: Add a MATCHED macro for testing whether foo_matches + has been set to TRUE or FALSE. This is more readable than checking + for >=0 or < 0. Doesn't change the actual code generated. + +2004-06-06 18:02 millert + + * find_path.c, ldap.c, logging.h: update (c) year + +2004-06-06 17:58 millert + + * check.c, compat.h, defaults.c, env.c, find_path.c, getcwd.c, + ldap.c, logging.h, parse.c, parse.yacc, sudo.c: Remove trailing + spaces, no actual code changes. + +2004-06-06 14:22 millert + + * parse.yacc: Fix a >=0 that should be <0 that was improperly + converted when UNSPEC was added. + +2004-06-06 13:54 millert + + * parse.yacc: Add do {} while(0) around pop macro Set cmnd_matches + to UNSPEC, not NOMATCH when resetting it. + +2004-06-06 13:39 millert + + * parse.yacc: Fix pastos introduced in SETNMATCH addition. + +2004-06-05 11:55 millert + + * README.LDAP: Update for configure changes + +2004-06-05 11:42 millert + + * parse.yacc, sudo.h: Add NOMATCH and UNSPEC defines (-1 and -2 + respectively) and use these in parse.yacc. Also in parse.yacc + initialize the *_matches vars to UNSPEC and add two macros, + SETMATCH and SETNMATCH for use when setting *_matches to a value + that may be NOMATCH/UNSPEC/TRUE/FALSE. + +2004-06-05 09:17 millert + + * parse.yacc: Initialize runas to -2, not -1 since we need to be + able to distinguish between the initialized value and the value of + a non-match when passing along the runas value to multiple + commands. + + The result of this is that an unmatched runas is now set to -1, not + 0. This is required now that parse.c treats a FALSE value for + runas as being explicitly denied. + +2004-06-03 14:21 millert + + * getprogname.c, sudo.c: Error out if argc < 1. + +2004-06-03 10:37 millert + + * configure, configure.in: Add tests for what libs we need to link + with for ldap and for whether or not lber.h needs to be explicitly + included. + +2004-06-02 18:30 aaron + + * ldap.c: Solaris native LDAP build fix + +2004-06-01 14:56 millert + + * ldap.c: Set edn to NULL is ldap_get_dn() fails to avoid potential + use of an unset variable. + +2004-06-01 14:56 millert + + * sudo.h: Add prototype for sudo_ldap_list_matches + +2004-06-01 14:53 millert + + * compat.h, config.h.in, configure, configure.in: Better check for + dirfd macro--we now set HAVE_DIRFD for the macro version too. + Added check for dd_fd in `DIR' if no dirfd is found; this is now + used to confitionally define the dirfd macro in compat.h. + +2004-06-01 14:51 millert + + * closefrom.c: Only check /proc/$$/fd if we have the dirfd + function/macro. + +2004-06-01 13:13 millert + + * compat.h, config.h.in, configure, configure.in: Add a check for a + dirfd() function (like Linux) and add a dirfd macro in compat.h if + there is no dirfd() function or macro. + +2004-06-01 12:59 millert + + * closefrom.c, getcwd.c: dirfd() is now defined in compat.h as + needed. + +2004-06-01 12:30 millert + + * CHANGES: Clarify closefrom() note. + +2004-06-01 10:51 millert + + * parse.c: When checking for a command in the directory, only copy + the base dir once. + +2004-06-01 10:44 millert + + * closefrom.c: If there is a /proc/$$/fd directory, behave like the + Solaris closefrom() and only close the descriptors listed therein. + +2004-06-01 10:23 millert + + * alloc.c: compat.h guarantees INT_MAX is defined. + +2004-06-01 10:23 millert + + * compat.h: Add definitions of OPEN_MAX and INT_MAX for those + without it and remove definition of RLIM_INFINITY (now unused). + +2004-05-31 19:22 millert + + * CHANGES, alloc.c, check.c, compat.h, find_path.c, getcwd.c, + parse.c, sudo.c, sudo.h: Use PATH_MAX, not MAXPATHLEN since the + former is standardized. + +2004-05-31 17:18 millert + + * CHANGES: sync + +2004-05-31 17:10 millert + + * RUNSON: Add some entries that were mailed in a while ago + +2004-05-31 12:16 millert + + * closefrom.c: o sysconf returns a long, not an int. o check for + negative return value from sysconf/getdtablesize and use OPEN_MAX + in this case. o define OPEN_MAX to 256 for those without it (a + fair guess...) + +2004-05-30 10:25 millert + + * UPGRADE: Mention change in parse order for RunAs entries. + +2004-05-30 10:15 millert + + * configure: regen + +2004-05-29 16:29 millert + + * config.h.in, configure.in, INSTALL, README.LDAP: o --with-ldap + now takes an optional dir as a parameter + o added check for ldap_initialize() and start_tls_s() + +2004-05-29 12:54 millert + + * README.LDAP: Fix some typos, word choice and formatting issues. + +2004-05-28 14:27 millert + + * configure, configure.in: Remove hack overriding cross-compiler + check. It should no longer be needed. + +2004-05-28 14:26 millert + + * compat.h: Remove select() compat bits since we no longer use + select(). + +2004-05-28 14:24 millert + + * CHANGES: Use alarm() instead of select() for the timeout for + systems that don't fully/properly implement select(). + +2004-05-27 17:14 millert + + * CHANGES: synbc + +2004-05-27 17:12 millert + + * RUNSON: update + +2004-05-27 17:12 millert + + * set_perms.c: Deal with systems that have no way of setting the + effective uid such as nsr-tandem-nsk. + +2004-05-27 17:01 millert + + * configure, configure.in: Define NO_SAVED_IDS if we don't find + seteuid() + +2004-05-27 16:21 millert + + * config.h.in, configure, configure.in: Add back check for + setreuid() since NSK doesn't have it. + +2004-05-27 13:56 millert + + * BUGS, CHANGES: sync + +2004-05-27 13:55 millert + + * parse.c: In sudoers_lookup() return VALIDATE_NOT_OK if the runas + user was explicitly denied and the command matched. This fixes a + long-standing bug and makes: foo machine = (ALL) /usr/bin/blah + foo machine = (!bar) /usr/bin/blah + + equivalent to: foo machine = (ALL, !bar) /usr/bin/blah + +2004-05-19 19:25 aaron + + * Makefile.in: Missing DESTDIR in make install for sudo_noexec.la + +2004-05-17 16:32 millert + + * sudo.man.in, sudo.cat: regen + +2004-05-17 16:31 millert + + * TODO: sync + +2004-05-17 16:31 millert + + * sample.sudoers: Remove fastboot/fasthalt (who still remembers + these?) and add a minimal sudoedit example. + +2004-05-17 16:21 millert + + * CHANGES, INSTALL, TROUBLESHOOTING, UPGRADE, sudo.c: filesystem -> + file system + +2004-05-17 16:19 millert + + * sudo.pod: Fix some minor typos and formatting goofs + +2004-05-17 16:10 millert + + * lex.yy.c: regen + +2004-05-17 15:55 millert + + * sudo.pod: Use @mansectform@ and @mansectsu@ everywhere Make man + page references links with L<> + +2004-05-17 14:51 millert + + * parse.lex: Accept quoted globbing characters and pass them + verbatim for fnmatch() + +2004-05-17 14:50 millert + + * UPGRADE: Document that /tmp/.odus is gone. + +2004-05-17 14:28 millert + + * CHANGES, aclocal.m4, configure, pathnames.h.in: No longer use + /tmp/.odus as a possible timestamp dir unless specifically + configured to do so. Instead, if no /var/run exists, use + /var/adm/sudo or /usr/adm/sudo. + +2004-05-17 14:08 millert + + * check.c, compat.h, logging.c, set_perms.c, sudo.c: Preliminary + changes to support nsr-tandem-nsk. Based on patches from Tom + Bates. + +2004-05-16 16:47 millert + + * CHANGES: There was no 1.6.7p6. + +2004-05-16 14:38 millert + + * BUGS, CHANGES: sync + +2004-05-16 14:36 millert + + * Makefile.in: add missing files to DISTFILES + +2004-05-16 14:24 millert + + * sudo.cat: regen + +2004-05-16 14:20 millert + + * Makefile.in: Fix some line wrap and update (c) year + +2004-04-28 13:05 aaron + + * README.LDAP: Build Note + +2004-04-06 20:03 aaron + + * Makefile.in: Fix install-dirs + +2004-03-24 16:06 millert + + * parse.c, parse.h, parse.yacc, sudo.c: If the user specified a uid + with the -u flag and the uid exists in the passwd file, set + runas_user to the name, not the uid. + + When comparing usernames in sudoers, if a name is really a uid + (starts with '#') compare it numerically to pw_uid. + +2004-02-28 16:54 aaron + + * CHANGES, config.h.in, ldap.c: Added start_tls support + +2004-02-14 16:04 millert + + * Makefile.in: Clean up libtool stuff for 'make distclean' and add + def_data.c, def_data.h to PARSESRCS. + +2004-02-14 08:13 aaron + + * strlcat.c, strlcpy.c: Un-Fix last license munge + +2004-02-13 14:37 millert + + * CHANGES, RUNSON, TODO: checkpoint + +2004-02-13 14:37 millert + + * lex.yy.c, configure: regen + +2004-02-13 14:36 millert + + * LICENSE, Makefile.binary, Makefile.in, alloc.c, check.c, + closefrom.c, compat.h, defaults.c, defaults.h, env.c, fileops.c, + find_path.c, getprogname.c, getspwuid.c, goodpath.c, ins_2001.h, + ins_classic.h, ins_csops.h, ins_goons.h, insults.h, interfaces.c, + interfaces.h, ldap.c, logging.c, logging.h, parse.c, parse.h, + parse.lex, parse.yacc, pathnames.h.in, set_perms.c, sigaction.c, + strerror.c, strlcat.c, strlcpy.c, sudo.c, sudo.h, sudo.man.in, + sudo.pod: More to a less restrictive, ISC-style license. + +2004-02-12 19:08 aaron + + * CHANGES, Makefile.in, README.LDAP, config.h.in, configure.in, + def_data.c, def_data.h, def_data.in, ldap.c, sudo.c, sudo.h: Merged + in LDAP Support + +2004-02-12 18:54 aaron + + * sudo.h: Merge with HEAD + +2004-02-08 13:53 millert + + * sudo.h: Only do "extern int errno" if errno is not a macro. + +2004-02-07 15:48 aaron + + * ldap.c: noexec hooks + +2004-02-07 15:05 aaron + + * def_data.c, def_data.in: description fix + +2004-02-07 15:04 aaron + + * ldap.c: Conformity + +2004-02-07 14:44 aaron + + * sudo.c: Conformity + +2004-02-07 14:31 aaron + + * def_data.c: Syntax Fix + +2004-02-07 14:21 aaron + + * configure: regen (via autoconf from configure.in) + +2004-02-07 14:12 aaron + + * BUGS, CHANGES, INSTALL, LICENSE, Makefile.in, TODO, acsite.m4, + check.c, closefrom.c, config.h.in, configure.in, def_data.c, + def_data.h, def_data.in, defaults.c, defaults.h, env.c, fnmatch.c, + getspwuid.c, ins_classic.h, interfaces.c, interfaces.h, lex.yy.c, + logging.c, ltmain.sh, mkdefaults, parse.c, parse.h, parse.lex, + parse.yacc, pathnames.h.in, set_perms.c, sigaction.c, sudo.c, + sudo.h, sudo.man.in, sudo.pod: Big Merge with HEAD + +2004-02-06 16:08 millert + + * set_perms.c: setreuid(0, 0) fails on QNX if the euid is not + already 0 so set the euid first, then just call setuid(0) to set + the real uid too. + +2004-02-06 12:52 millert + + * set_perms.c: Use setresuid() and setreuid() for PERM_RUNAS when + appropriate instead of seteuid() which may not exist. + +2004-02-04 12:58 millert + + * LICENSE: 2004 + +2004-02-03 21:38 millert + + * INSTALL, config.h.in, configure, configure.in, ins_classic.h: Add + --with-pc-insults configure option + +2004-02-01 13:45 millert + + * sudo.man.in: regen + +2004-02-01 13:20 millert + + * configure, configure.in: Substitute for root_sudo in sudoers.pod + +2004-02-01 13:03 millert + + * sudo.pod: Add sudoedit to the NAME section + +2004-01-29 17:42 millert + + * BUGS, CHANGES, TODO: sync + +2004-01-29 17:42 millert + + * sudo.man.in: regen + +2004-01-29 17:41 millert + + * sudo.pod: Clarify that when sudo is run by root with the + SUDO_USER variable set, the sudoers lookup happens for root and not + the SUDO_USER user. + +2004-01-29 15:33 millert + + * defaults.c, env.c, fnmatch.c, interfaces.c, logging.c, parse.c, + set_perms.c, sigaction.c, sudo.c: Use the SET, CLR and ISSET + macros. + +2004-01-29 14:22 millert + + * interfaces.h: MAIN was replaced with _SUDO_MAIN some time ago. + +2004-01-29 14:15 millert + + * sudo.c: Don't look at prev_user until after we've parsed sudoers + and done the password check. That way, if sudo/sudoedit is run + from a root process that was invoked by sudo, we check sudoers for + root, not the previous user. This makes sudoedit much more useful + and means that for the sudo case, we get correct logging on who + actually ran the command. + +2004-01-22 14:06 millert + + * def_data.c, def_data.in: Update the noexec variable descriptions + +2004-01-21 19:57 millert + + * sudo.c: Fix suspending the editor in -e mode. Because we do a + fork() first we need to be notified when the child has been stopped + and then send that same signal to ourself so the shell can do its + job control thing. + +2004-01-21 18:03 millert + + * lex.yy.c: regen + +2004-01-21 18:00 millert + + * sudo.man.in, sudo.pod: Document sudo -e / sudoedit + +2004-01-21 17:08 millert + + * configure, configure.in: fix typo + +2004-01-21 17:02 millert + + * config.h.in, configure.in: Add SET/CLR/ISSET + +2004-01-21 16:55 millert + + * sudo.c: Allow non-exclusive flags when invoked as sudoedit. + Pretty print the long usage() line to not wrap (assumes 80 char + display) + +2004-01-21 16:01 millert + + * Makefile.in, sudo.c: If sudo is invoked as "sudoedit" the -e flag + is implied and no other flags are permitted. + +2004-01-21 16:00 millert + + * sudo.h: Add a new flag, -e, that makes it possible to give users + the ability to edit files with the editor of their choice as the + invoking user, not the runas user. Temporary files are used for + the actual edit and the temp file is copied over the original after + the editor is done. + +2004-01-21 15:25 millert + + * Makefile.in, parse.c, parse.lex, sudo.c: Add a new flag, -e, that + makes it possible to give users the ability to edit files with the + editor of their choice as the invoking user, not the runas user. + Temporary files are used for the actual edit and the temp file is + copied over the original after the editor is done. + +2004-01-21 15:06 millert + + * sudo.c, env.c: If real uid == 0 and the SUDO_USER environment + variables is set, use that to determine the invoking user's true + identity. That way the proper info gets logged by someone who has + done "sudo su" but still uses sudo to as root. We can't do this + for non-root users since that would open up a security hole, though + perhaps it would be acceptable to use getlogin(2) on OSes where + this a system call (and doesn't just look in the utmp file). + +2004-01-21 14:58 millert + + * pathnames.h.in: Add _PATH_TMP, _PATH_VARTMP and _PATH_USRTMP + +2004-01-21 14:57 millert + + * configure, config.h.in, configure.in: Add check for fchown(2) + +2004-01-20 12:22 millert + + * sudo.c: Back out portions of the -i commit that set NewArgv[0] in + set_runaspw. It is far to late to set NewArgv[0] there and will + have no effect anyway as cmnd and safe_cmnd have already been set. + +2004-01-18 18:17 millert + + * env.c, sudo.c: In -i mode always set new environment based on the + runas user's passwd entry. + +2004-01-18 15:56 millert + + * sudo.man.in, sudo.pod: Document the new -i flag and sync SYNOPSIS + section with usage() in sudo.c. Also sort the flags in the OPTIONS + section. + +2004-01-18 15:55 millert + + * sudo.c, sudo.h: o Add -i that acts similar to "su -", based on + patches from David J. MacKenzie o Sort the flags in the usage + message + +2004-01-17 14:34 millert + + * sudo.c: Change euid to runas user before calling find_path(). + Unfortunately, though runas_user can be modified in sudoers we + haven't parsed sudoers yet. + +2004-01-17 11:49 millert + + * sudo.c: Fix a bug when set_runaspw() is used as a callback. We + don't want to reset the contents of runas_pw if the user specified + a user via the -u flag. + + Avoid unnecessary passwd lookups in set_authpw(). In most cases we + already have the info in runas_pw. + +2004-01-16 16:16 millert + + * check.c: Add Stan Lee / Uncle Ben quote to the lecture from + RedHat + +2004-01-16 16:12 millert + + * sudo.h: Update sudo_getepw() proto and add one for set_runaspw() + +2004-01-16 16:10 millert + + * parse.c: If we can't stat the command as root, try as the runas + user instead. + +2004-01-16 16:09 millert + + * sudo.c: Add set_runaspw() function to fill in runas_pw. This + will be used as a callback to update runas_pw when the runas user + changes. + +2004-01-16 16:07 millert + + * env.c, sudo.c: PERM_RUNAS -> PERM_FULL_RUNAS + +2004-01-16 16:05 millert + + * set_perms.c, sudo.h: Rename PERM_RUNAS -> PERM_FULL_RUNAS and add + a PERM_RUNAS that just changes the euid. + +2004-01-16 16:04 millert + + * getspwuid.c: Make sudo_pwdup() act like OpenBSD pw_dup() and + allocate memory in one chunk for easy free()ing. Also change it + from static to extern. + +2004-01-16 16:03 millert + + * defaults.c, defaults.h: Add callback support + +2004-01-16 16:02 millert + + * def_data.c, def_data.in, mkdefaults: Add a callback field and use + it for runas_default + +2004-01-12 12:03 millert + + * Makefile.in, config.h.in, configure, configure.in, sudo.c, + sudo.h: Use closefrom() instead of doing the equivalent inline. + +2004-01-12 11:55 millert + + * closefrom.c: closefrom(3) for systems w/o it + +2004-01-09 14:26 millert + + * configure, configure.in: Substitute noexec_file for the sudoers + man page + +2004-01-09 14:24 millert + + * sudo.man.in, sudo.pod: Mention noexec + +2004-01-09 12:38 millert + + * config.h.in, configure.in: Move PAM_CONST macro definition from + config.h to pam.c where it belongs. We can't have this in config.h + since that gets included too early. + +2004-01-09 12:35 millert + + * config.h.in, configure, configure.in: Some PAM implementations + put their headers in /usr/include/pam instead of + /usr/include/security. + +2004-01-09 12:32 millert + + * configure.in: I missed changing the EXEC macro -> EXECV here when + I changed this in config.h.in and sudo.c a while ago. + +2004-01-09 11:15 millert + + * acsite.m4: OpenBSD vax/m88k/hppa don't do shared libs + +2004-01-09 01:29 millert + + * configure, configure.in: o merge the hpux case entries into a + single entry w/ its own sub-case statement. o HP-UX >= 11 support + getspnam(), use it in preference to getprpwuid() + +2004-01-09 00:58 millert + + * configure, configure.in: eval $shrext so that it expands nicely + on MacOS X + +2004-01-09 00:50 millert + + * Makefile.in: Don't lie about making a module, it does the wrong + thing on mach + +2004-01-09 00:49 millert + + * ltmain.sh: Remove requirement that libs must begin with "lib". + They don't when we point directly at the lib using LD_PRELOAD or + its equivalent. + +2004-01-09 00:01 millert + + * acsite.m4: Disable support for c++, f77 and java. We don't need + it, it takes a lot of time, and it hosed our check for shared lib + support. + +2004-01-09 00:00 millert + + * configure: regen + +2004-01-09 00:00 millert + + * configure.in: Call AC_ENABLE_SHARED and check the status of + enable_shared to know when shared libs are available. + +2004-01-08 23:37 millert + + * acsite.m4: Duh, OpenBSD suports shared libs too + +2004-01-08 23:18 millert + + * configure.in, config.h.in: Only OpenPAM and Linux PAM use const + qualifiers. + +2004-01-08 23:15 millert + + * configure, configure.in: o No need to check for sed, libtool + config does that for us o move check for --with-noexec until after + libtool magic is run so we can use $can_build_shared and $shrext + +2004-01-08 23:14 millert + + * ltmain.sh: Don't print a bunch of crap about library installs + since we are not really installing a library. + +2004-01-08 22:38 millert + + * env.c: Make format_env() varargs Add noexec support for Darwin, + MacOS X, Irix, and Tru64 + +2004-01-08 22:32 millert + + * acsite.m4, ltconfig, ltmain.sh: Update to libtool 1.5 with local + changes: o no ldconfig in the finish step o assume no libprefix + or version is needed + +2004-01-06 07:31 millert + + * CHANGES: checkpoint + +2004-01-05 14:10 millert + + * def_data.c, def_data.h, def_data.in: Move the environment + defaults to the end and shorten a few of the descriptions. + +2004-01-05 13:05 millert + + * configure.in, configure: no shared libs on ultris or convexos + +2004-01-05 13:03 millert + + * Makefile.in, configure, configure.in: Build sudo_noexec shared + object using libtool; could use some cleanup. + +2004-01-05 12:59 millert + + * acsite.m4, ltconfig, ltmain.sh: libtool scaffolding + +2004-01-05 12:56 millert + + * parse.yacc: Merge the NOPASSWD/PASSWD and NOEXEC/EXEC rules so + that order is not important. + +2004-01-05 10:15 millert + + * defaults.c, env.c, parse.c, parse.h, parse.lex, parse.yacc, + pathnames.h.in, sudo.c, sudo.h, lex.yy.c: update copyright year + +2004-01-04 20:58 millert + + * configure, configure.in, defaults.c, env.c, pathnames.h.in: Add + _PATH_SUDO_NOEXEC and corresponding --with-noexec configure option. + The default value of noexec_file is set to this. + +2004-01-04 19:48 millert + + * def_data.c, def_data.h, def_data.in, env.c, lex.yy.c, parse.c, + parse.h, parse.lex, parse.yacc, sudo.c, sudo.h: Add support for + preloading a shared object containing a dummy execve() function + that just sets error and returns -1. This adds a "noexec_file" + option to load the filename as well as a "noexec" flag to enable it + unconditionally. There is also a NOEXEC tag that can be attached + to specific commands and an EXEC tag to disable it. + +2004-01-04 19:40 millert + + * mkdefaults: add missing newline to usage statement + +2004-01-04 18:39 millert + + * config.h.in, sudo.c: Rename EXEC macro -> EXECV + +2004-01-04 18:16 millert + + * logging.c: Don't truncate usernames to 8 characters in the log + message. + +2004-01-04 18:13 millert + + * check.c: Update copyright year + +2004-01-04 18:12 millert + + * check.c, def_data.c, def_data.h, def_data.in: Add a new option, + lecture_file, that can be used to point to a custom sudo lecture. + +2004-01-01 16:22 aaron + + * configure: removed duplicate darwin entry + +2004-01-01 14:47 aaron + + * Makefile.in, TODO, check.c, configure, configure.in, def_data.c, + def_data.h, def_data.in, defaults.c, defaults.h, env.c, err.c, + find_path.c, ldap.c, logging.c, mkdefaults, parse.c, parse.yacc, + set_perms.c, sudo.c, sudo.h: Sync with HEAD + +2003-12-31 15:46 millert + + * Makefile.in, sudo.h: Add a zero_bytes() function to do the + equivalent of bzero in such a way that will heopfully not be + optimized away by sneaky compilers. + +2003-12-31 14:53 aaron + + * ldap.c, sudo.c: Incorporated Patch from Nationwide (Todd Anello) + +2003-12-31 11:35 millert + + * err.c: Use #ifdef __STDC__, not #if __STDC__. + +2003-12-30 15:41 millert + + * mkdefaults: Always put at least one space between the def_* macro + name and its definition. + +2003-12-30 15:34 millert + + * configure, configure.in: Adjust code for --without-lecture to + match new values. + +2003-12-30 15:31 millert + + * check.c, def_data.c, def_data.h, def_data.in, defaults.c, + defaults.h, logging.c, mkdefaults, parse.c, sudo.c, sudo.h: Add + support for tuples in def_data.in; these are implemented as an enum + type. Currently there is only a single tuple enum but in the + future we may have one tuple enum per T_TUPLE entry in def_data.in. + Currently listpw, verifypw and lecture are tuples. This avoids + the need to have two entries (one ival, one str) for pwflags and + syslog values. + + lecture is now a tuple with the following values: never, once, + always + + We no longer use both an int and string entry for syslog facilities + and priorities. Instead, there are logfac2str() and logpri2str() + functions that get used when we need to print the string values. + +2003-12-30 15:20 millert + + * check.c, def_data.h, defaults.c, defaults.h, env.c, find_path.c, + logging.c, mkdefaults, parse.c, parse.yacc, set_perms.c, sudo.c: + Create def_* macros for each defaults value so we no longer need + the def_{flag,ival,str,list,mode} macros (which have been removed). + This is a step toward more flexible data types in def_data.in. + +2003-12-30 13:55 millert + + * TODO: checkpoint + +2003-12-23 08:58 aaron + + * sudo.c: Sync with HEAD + +2003-12-22 19:18 millert + + * sudo.c: If we are in -k/-K mode, just spew to stderr. It is not + unusual for users to place "sudo -k" in a .logout file which can + cause sudo to be run during reboot after the YP/NIS/NIS+/LDAP/etc + daemon has died. Previously, this would result in useless mail and + logging. + +2003-12-19 19:30 aaron + + * README.LDAP: typo + +2003-12-19 19:28 aaron + + * README.LDAP: typos + +2003-12-18 17:40 aaron + + * configure: Merge with HEAD + +2003-12-17 21:13 aaron + + * ldap.c: Bugfix reported by Andreas.Bussjaeger@t-systems.com + +2003-12-17 20:47 aaron + + * README.LDAP, ldap.c: LDAPv3 + +2003-12-14 12:39 aaron + + * README.LDAP, config.h.in, ldap.c: other LDAP Libraries from + Andreas Bussjaeger + +2003-12-12 10:22 millert + + * Makefile.in, configure, configure.in, ldap.c: Don't compile + ldap.c (even as a stub) unless --with-ldap is specified. + +2003-12-12 10:12 millert + + * ldap.c: file ldap.c was initially added on branch LDAP. + +2003-12-12 10:12 millert + + * CHANGES, Makefile.in, README.LDAP, config.h.in, configure, + configure.in, def_data.c, def_data.h, def_data.in, ldap.c, sudo.c, + sudo.h: Merge in LDAP support from Aaron Spangler + +2003-12-12 10:12 millert + + * README.LDAP: file README.LDAP was initially added on branch LDAP. + +2003-12-09 20:09 millert + + * configure: regen + +2003-12-09 20:08 millert + + * CHANGES: checkpoint + +2003-12-09 20:02 millert + + * TROUBLESHOOTING: Some OSes (like Solaris) allow export w/ nosuid + too + +2003-08-12 14:45 millert + + * compat.h: We don't use FD_ZERO anymore so just define FD_SET (if + not already there). + +2003-06-21 10:50 millert + + * set_perms.c: Add explicit declaration of printerr variable in + function header (was defaulting to int which is OK but oh so K&R + :-). From Theo. + +2003-06-09 17:00 millert + + * config.h.in, configure.in: s/HAVE_STOW/USE_STOW/ + +2003-06-09 14:07 millert + + * logging.c: Also exit waitpid() loop when pid == 0. Fixes a + problem where the sudo process would spin eating up CPU until + sendmail finished when it has to send mail. + +2003-05-30 14:22 millert + + * fnmatch.3, fnmatch.c: Remove advertising clause, UCB has + disavowed it + +2003-05-21 19:53 millert + + * parse.c: Don't assume that getgrnam() calls don't modify contents + of struct passwd returned by getpwnam(). On FreeBSD w/ NIS this + can happen. Based on a patch from Kirk Webb. + +2003-05-06 09:25 millert + + * configure.in: missing ;; + +2003-05-05 22:53 millert + + * configure.in: darwin has a broken setreuid() in at least some + versions + +2003-05-05 22:31 millert + + * env.c: Fix an off by one error when reallocating the environment; + Kevin Pye + +2003-04-28 17:30 millert + + * HISTORY: More info on the early days from Coggs. + +2003-04-15 18:42 millert + + * Makefile.in, alloc.c, check.c, compat.h, defaults.c, defaults.h, + env.c, fileops.c, find_path.c, getprogname.c, getspwuid.c, + goodpath.c, interfaces.c, interfaces.h, logging.c, parse.c, + parse.lex, parse.yacc, pathnames.h.in, set_perms.c, sigaction.c, + strerror.c, sudo.c, sudo.h, sudo.man.in, sudo.pod: add DARPA credit + on affected files + +2003-04-15 18:25 millert + + * LICENSE: slightly different wording for the darpa credit + +2003-04-15 12:37 millert + + * LICENSE: Add DARPA credit + +2003-04-13 13:48 millert + + * TROUBLESHOOTING, config.h.in, configure, configure.in, + sample.sudoers: builtin -> built-in; Jason McIntyre + +2003-04-09 14:14 millert + + * CHANGES: checkpoint for 1.6.7p3 + +2003-04-09 14:14 millert + + * HISTORY: Update info on the early years @ SUNY-Buffalo from Cliff + Spencer. Amazingly, sudo source from 1985 is available via + groups.google.com + +2003-04-09 14:13 millert + + * sudo.c: Don't change rl.rlim_max for RLIMIT_CORE. We need only + set rl.rlim_cur to 0 to turn off core dumps. This may be needed + for the RLIMIT_CORE restoration on some OSes. + +2003-04-04 10:45 millert + + * config.h.in, configure, configure.in: Check for heimdal even if + we found krb5-config and define HAVE_HEIMDAL. + +2003-04-03 08:16 millert + + * mkinstalldirs: Remove newer stuff that passes multiple (possibly + duplicate) directories to "mkdir -p" since that seems to break on + Tru64 Unix at least. This basically brings back what shipped with + sudo 1.6.6. + +2003-04-02 11:45 millert + + * configure: regen + +2003-04-02 11:45 millert + + * BUGS, CHANGES, INSTALL, INSTALL.binary, Makefile.in, README, + configure.in: ++version + +2003-04-02 11:44 millert + + * configure.in: use krb5-config to determine Kerberos V details if + it exists + +2003-04-02 11:25 millert + + * alloc.c, check.c, compat.h, defaults.c, env.c, find_path.c, + interfaces.c, logging.c, parse.c, sudo.c, sudo.h: Use warn/err and + getprogname() throughout. The main exception is openlog(). Since + the admin may be filtering logs based on the program name in the + log files, hard code this to "sudo". + +2003-04-02 11:16 millert + + * Makefile.in: Add getprogname.c and err.c + +2003-04-02 11:15 millert + + * configure: regen + +2003-04-02 11:15 millert + + * configure.in, config.h.in: Add checks for getprognam(), + __progname and err.h + +2003-04-02 11:14 millert + + * err.c: For systems withour err/warn functions. + +2003-04-02 11:14 millert + + * getprogname.c: For systems neither getprogname() nor __progname; + uses Argv[0]. + +2003-04-01 08:09 millert + + * CHANGES: checkpoint for 1.6.7p1 + +2003-04-01 08:02 millert + + * sudo.c: fix strlcpy() rval check (innocuous) + +2003-04-01 07:58 millert + + * check.c: oflow detection in expand_prompt() was faulty (false + positives). The count was based on strlcat() return value which + includes the length of the entire string. + +2003-03-30 17:02 millert + + * CHANGES, RUNSON, TODO: checkpoint for the sudo 1.6.7 release + +2003-03-24 14:09 millert + + * logging.c: g/c unused variable + +2003-03-24 09:06 millert + + * configure: regen + +2003-03-24 09:05 millert + + * configure.in: use man sections 8 and 5 for csops + +2003-03-21 16:11 millert + + * configure: regen + +2003-03-21 13:10 millert + + * configure.in: Add -lskey or -lopie directly to SUDO_LIBS instead + of having AC_CHECK_LIB() add them to LIBS. Fixes visudo linkage. + +2003-03-21 12:02 millert + + * configure: regen + +2003-03-21 12:01 millert + + * INSTALL, aclocal.m4, configure.in: Add --with-blibpath for AIX. + An alternate libpath may be specified or -blibpath support can be + disabled. Also change conifgure such that -blibpath is not + specified if no -L libpaths were added to SUDO_LDFLAGS. + +2003-03-20 20:05 millert + + * configure.in: add AIX blibpath support + +2003-03-20 18:28 millert + + * INSTALL, configure.in: --with-skey and --with-opie now take an + option directory argument This obsoletes a --with-csops hack + (/tools/cs/skey) + + Also remove the remaining direct uses of "echo" + +2003-03-20 15:44 millert + + * configure.in: Detect KTH Kerberos IV and deal with it. Also make + -lroken optional for KTH Kerberos IV and V. + +2003-03-20 12:42 millert + + * aclocal.m4: Add SUDO_APPEND_LIBPATH function that add + -L/path/to/dir (and -R/path/to/dir if $with_rpath) to the specified + variable. + +2003-03-20 12:40 millert + + * INSTALL, configure.in: Add -R/path/to/libs for Solaris and SVR4. + There is a new configure option, --with-rpath to control this + behavior. + +2003-03-19 21:50 millert + + * configure.in: for kerb4 put libdes after libkrb on the link line + +2003-03-19 21:33 millert + + * configure.in: fix kerberos lib check when a path is specified + +2003-03-19 19:04 millert + + * logging.c: Fix boolean thinko in SIGCHLD reaper and call + reapchild after sending mail instead of doing a conditional + sudo_waitpid. + +2003-03-19 14:20 millert + + * configure: regen + +2003-03-19 14:19 millert + + * configure.in: replace =DIR with [=DIR] where sensible + +2003-03-19 14:16 millert + + * configure.in: o Use AC_MSG_* instead of "echo" o New Kerberos + include/lib detection based on openssh's configure.in + +2003-03-19 13:58 millert + + * INSTALL: --with-kerb4 and --with-kerb5 now take an optional + argument. + +2003-03-15 13:31 millert + + * LICENSE, alloc.c, check.c, configure.in, env.c, sudo.c, + Makefile.in, aclocal.m4, compat.h, find_path.c, interfaces.c, + logging.c, parse.c, parse.lex, parse.yacc, set_perms.c, sudo.h, + sudo.pod, sudo.man.in: update copyright year + +2003-03-15 13:19 millert + + * check.c, env.c, sudo.c: Cast [ug]ids to unsigned long and printf + with %lu + +2003-03-15 13:17 millert + + * configure: regen + +2003-03-15 13:16 millert + + * configure.in: correct error messages for + --with-sudoers-{mode,uid,gid} + +2003-03-15 13:10 millert + + * alloc.c: make the malloc(0) error specific to each function to + aid tracking down bugs. + +2003-03-15 12:49 millert + + * alloc.c: deal with platforms where size_t is signed and there is + no SIZE_MAX or SIZE_T_MAX + +2003-03-15 11:02 millert + + * sudo.c: Use stat_sudoers macro so --with-stow can work + +2003-03-15 11:01 millert + + * INSTALL, config.h.in, configure, configure.in: Add support for + --with-stow based on patches from Robert Uhl + +2003-03-15 10:51 millert + + * env.c: fix indentation + +2003-03-14 22:21 millert + + * configure.in: back out rev 1.352 + +2003-03-14 18:11 millert + + * lex.yy.c: regen + +2003-03-14 18:11 millert + + * parse.lex: use strlcpy, not strncpy + +2003-03-14 17:48 millert + + * set_perms.c: Fix typo; check pw_uid, not pw_gid after + setusercontext() failure. + +2003-03-14 17:43 millert + + * logging.c: use pid_t + +2003-03-14 08:43 millert + + * strlcat.c, strlcpy.c: Make gcc shutup about unused rcsid + +2003-03-14 08:35 millert + + * interfaces.c: Move the n == 0 check for the non-getifaddrs cas + +2003-03-13 19:38 millert + + * configure: regen + +2003-03-13 19:38 millert + + * configure.in: put -ldl after -lpam, not before; fixes static + linking on Linux + +2003-03-13 19:17 millert + + * interfaces.c: Avoid malloc(0) and fix the loop invariant for the + getifaddrs() case. + +2003-03-13 18:24 millert + + * sudo.man.in, sudo.cat: regen + +2003-03-13 18:23 millert + + * Makefile.in: Preserve copyright notice from .pod file in .man.in + file + +2003-03-13 13:27 millert + + * lex.yy.c: regen + +2003-03-13 13:27 millert + + * parse.lex: Don't assume libc can realloc() a NULL string. If + malloc/realloc fails, make sure we just return; yyerror() is not + terminal. + +2003-03-13 13:17 millert + + * lex.yy.c: regen + +2003-03-13 13:17 millert + + * parse.lex: simplify fill_args a little and use strlcpy for + paranoia + +2003-03-13 13:00 millert + + * check.c, env.c, find_path.c, parse.c, parse.yacc, sudo.c: Use + strlc{at,py} for paranoia's sake and exit on overflow. In all + cases the strings were either pre-allocated to the correct size of + length checks were done before the copy but a little paranoia can + go a long way. + +2003-03-13 10:54 millert + + * sudo.h: Add strlc{at,py} protos + +2003-03-13 10:03 millert + + * env.c, interfaces.c: Use erealloc3() + +2003-03-13 10:00 millert + + * configure: regen + +2003-03-13 10:00 millert + + * alloc.c: Oflow test of nmemb > SIZE_MAX / size is fine (don't + need >=). Use memcpy() instead of strcpy() in estrdup() so this is + strcpy()-free. + +2003-03-13 09:58 millert + + * sudo.c: snprintf() a uid as %lu, not %ld to match the + MAX_UID_T_LEN test in configure. + +2003-03-13 09:56 millert + + * aclocal.m4: In MAX_UID_T_LEN test cast uid_t to unsigned long, + just unsigned. + +2003-03-12 16:46 millert + + * sudo.c: Use snprintf() for paranoia + +2003-03-12 15:16 millert + + * parse.yacc: Use emalloc2 and erealloc3 + +2003-03-12 15:08 millert + + * Makefile.in: strlc{at,py} for those w/o it + +2003-03-12 15:07 millert + + * strlcat.c, strlcpy.c: stlc{at,py} for those w/o it. + +2003-03-12 15:07 millert + + * config.h.in, configure, configure.in: Add stlc{at,py} for those + w/o it. + +2003-03-12 14:51 millert + + * alloc.c, sudo.h: Add erealloc3(), a realloc() version of + emalloc2(). + +2003-03-12 14:45 millert + + * interfaces.c, sudo.c: Use emalloc2() to allocate N things of a + certain size. + +2003-03-12 14:41 millert + + * alloc.c, sudo.h: Add emalloc2() -- like calloc() but w/o the + bzero and with error/oflow checking. + +2003-03-12 14:23 millert + + * alloc.c: Error out on malloc(0); suggested by theo + +2003-03-09 17:34 millert + + * configure, configure.in: fix a typo; David Krause + +2003-03-07 08:46 millert + + * sudo.pod: fix typo + +2003-03-03 19:47 millert + + * env.c: Remove DYLD_ from the environment for MacOS X; from bbraun + +2003-03-01 11:20 millert + + * configure.in, config.h.in: not not; Anil Madhavapeddy + +2003-01-23 01:03 millert + + * sudo.pod: typos; jmc@openbsd.org + +2003-01-20 14:13 millert + + * parse.yacc: Add some missing ';' rule terminators that bison + warns about. + +2003-01-20 14:07 millert + + * config.sub: fix typo I introduced in last merge + +2003-01-20 13:59 millert + + * configure: regenerate with autoconf 2.57 + +2003-01-20 13:58 millert + + * config.h.in: Add missing "$HOME" + +2003-01-20 13:57 millert + + * configure.in: Add some more square backets to make autoconf 2.57 + happy + +2003-01-20 12:39 millert + + * config.guess, config.sub, mkinstalldirs: Updates from + autoconf-2.57 + +2003-01-17 16:10 millert + + * lex.yy.c: regen + +2003-01-17 16:09 millert + + * parse.lex, parse.yacc: Add support for Defaults>RunasUser + +2003-01-06 17:02 millert + + * parse.lex: Better fix for sudoers files w/o a newline before EOF. + It looks like the issue is that yyrestart() does not reset the + start condition to INITIAL which is an issue since we parse sudoers + multiple times. + +2003-01-06 16:47 millert + + * parse.lex: Work around what appears to be a flex bug when dealing + with files that lack a final newline before EOF. This adds a rule + to match EOF in the non-initial states which resets the state to + INITIAL and throws an error. + +2002-12-15 09:24 millert + + * set_perms.c: Fix pasto/thinko in setresgid()/setregid() usage. + Want to set effective gid, not real gid, when reading sudoers. + +2002-12-15 09:08 millert + + * set_perms.c: don't compile set_perms_posix if we have setreuid or + setresuid + +2002-12-14 12:21 millert + + * sudo.pod: document new prompt escapes + +2002-12-14 12:15 millert + + * check.c: Add %U and %H escapes and redo prompt rewriting. "%%" + now gets collapsed to "%" as was originally intended. This also + gets rid of lastchar (does lookahead instead of lookback) which + should simplify the logic slightly. + +2002-12-13 11:09 millert + + * config.sub: Add support for mipseb; wiz@danbala.tuwien.ac.at + +2002-12-13 10:48 millert + + * configure.in: Fix IRIX fallout from name changes in man dir/sect + Makefile variables. Patch from erici AT motown DOT cc DOT utexas + DOT edu + +2002-11-28 16:43 millert + + * parse.yacc: Add missing yyerror() calls; YYERROR does not seem to + call this for us. + +2002-11-26 10:09 millert + + * sudo.c: fix typo in comment; Pedro Bastos + +2002-11-22 12:41 millert + + * INSTALL: document --disable-setresuid + +2002-11-22 12:11 millert + + * logging.c, parse.yacc: minor sign fixes pointed out by gcc + -Wsign-compare + +2002-11-22 12:09 millert + + * set_perms.c, sudo.c, sudo.h: Revamp set_perms. We now use a + version based on setresuid() or setreuid() when possible since that + allows us to support the stay_setuid option and we always know + exactly what the semantics will be (various Linux kernels have + broken POSIX saved uid support). + +2002-11-22 12:08 millert + + * config.h.in, configure: regen from configure.in + +2002-11-22 12:07 millert + + * configure.in: Add checks for setresuid() and a way to disable + using it + +2002-11-22 12:05 millert + + * compat.h: No long need to emulate set*[ug]id() via setres[ug]id() + or setre[ug]id(). The new set_perms stuff only uses things it + knows are there. + +2002-11-22 11:33 millert + + * sudo.c: Before exec, restore state of signal handlers to be the + same as when we were initialy invoked instead of just reseting to + SIG_DFL. Fixes a problem when using sudo with nohup. Based on a + patch from Paul Markham. + +2002-11-22 11:23 millert + + * sudo.c: o timestamp_uid should be uid_t, not int o clarify error + message when sudo is run by root and no_root_sudo is set + +2002-09-19 15:27 millert + + * README: update ftp link for bison + +2002-07-20 06:30 millert + + * set_perms.c: Error out if setusercontext() fails and the runas + user is not root. + +2002-05-20 14:50 millert + + * configure.in: Fix SecurID API test + +2002-05-17 11:20 millert + + * env.c: typo in comment + +2002-05-17 11:20 millert + + * configure.in: securid5 stuff needs pthreads. Just adding + -lpthread is suboptimal but I don't see a better way at the moment. + +2002-05-17 11:04 millert + + * Makefile.in: SecurID API version 5 support from Michael Stroucken + +2002-05-17 11:02 millert + + * configure.in: Add check for SecurID 5.0 API + +2002-05-08 14:46 millert + + * strerror.c: We actually do still need config.h to get the 'const' + definition for K&R C. + +2002-05-05 14:43 millert + + * configure: regen with autoconf 2.5.3 + +2002-05-05 14:25 millert + + * configure.in: Don't set sysconfdir to '/etc' if the user has + specified a --prefix. + +2002-05-05 14:14 millert + + * configure.in: Some fixes for autoconf 2.53 from Robert Uhl o + don't AC_SUBST LIBOBJS o force a 4th arg for AC_CHECK_HEADER() to + workaround a bug + +2002-05-05 13:58 millert + + * env.c, sudo.c, sudo.h: No need for dump_badenv() now that + dump_defaults() knows how to dump lists. + +2002-05-04 19:31 millert + + * BUGS, INSTALL, Makefile.in, configure.in, INSTALL.binary, README: + ++version + +2002-05-04 18:45 millert + + * check.c: Don't call set_perms() when doing timestamp stuff unless + timestamp_uid != 0. + +2002-05-04 18:43 millert + + * check.c, logging.c, parse.c, set_perms.c, sudo.c, sudo.h: g/c + second arg to set_perms--it is no longer used + +2002-05-03 16:48 millert + + * check.c, set_perms.c, sudo.c, sudo.h: Add support for non-root + timestamp dirs. This allows the timestamp dir to be shared via NFS + (though this is not recommended). + +2002-05-03 16:47 millert + + * def_data.c, def_data.h, def_data.in: Add timestampowner, "Owner + of the authentication timestamp dir" + +2002-05-02 13:40 millert + + * env.c: Don't try to pre-compute the size of the new envp, just + allocate space up front and realloc as needed. Changes to the new + env pointer must all be made through insert_env() which now keeps + track of spaced used and allocates as needed. + +2002-04-26 13:12 millert + + * configure: regen + +2002-04-26 13:12 millert + + * configure.in: Fix two typo/pastos; from jrj@purdue.edu + +2002-04-25 09:36 millert + + * INSTALL.binary, README: ++version + +2002-04-25 09:35 millert + + * sudo.cat, sudo.man.in, configure: regen + +2002-04-25 09:31 millert + + * CHANGES, RUNSON, TODO: Sync with 1.6.6 + +2002-04-25 09:30 millert + + * check.c: The the loop used to expand %h and %u, the lastchar + variable was not being initialized. This means that if the last + char in the prompt is '%' and the first char is 'h' or 'u' a extra + copy of the host or user name would be copied, for which space had + not been allocated. + +2002-04-18 09:41 millert + + * BUGS, INSTALL, Makefile.in, configure.in: crank version to 1.6.6 + +2002-04-18 09:38 millert + + * env.c: Use easprintf instead of emalloc + sprintf for some + things. + +2002-03-15 17:45 millert + + * lex.yy.c: regen + +2002-03-15 17:44 millert + + * parse.c, parse.lex, parse.yacc: Remove Chris Jepeway's email + address so people don't bug him ;-) + +2002-03-11 20:19 millert + + * sudo.c: Move endpwent() to be after set_perms(PERM_RUNAS, ...) + and also call endgrent() at the same time. + +2002-02-21 20:23 millert + + * INSTALL: Make it clear which configure options take arguments. + +2002-01-25 11:38 millert + + * compat.h: HP-UX 9.x has RLIMIT_* but no RLIM_INFINITY. If there + is no RLIM_INFINITY, just pretend it is -1. This works because we + only check for RLIM_INFINITY and do not set anything to that value. + +2002-01-21 20:26 millert + + * INSTALL: Mention that some linux kernels have broken POSIX saved + ID support + +2002-01-21 19:03 millert + + * CHANGES: checkpoint for 1.6.5p2 + +2002-01-21 19:01 millert + + * configure: regen + +2002-01-21 19:01 millert + + * configure.in: Add --disable-setreuid flag + +2002-01-21 19:00 millert + + * INSTALL: Document new --disable-setreuid option and change + description for --disable-saved-ids to match new error message. + +2002-01-21 19:00 millert + + * set_perms.c: fatal() now takes an argument that determines + whether or not to call perror(). + +2002-01-21 18:58 millert + + * PORTING, TROUBLESHOOTING: Update for new error messages from + set_perms() + +2002-01-19 17:43 millert + + * Makefile.binary, Makefile.in: Don't need a '/' between $(DESTDIR) + and a directory. + +2002-01-18 12:18 millert + + * configure: regen + +2002-01-18 12:18 millert + + * configure.in: o BSDi also has a bogus setreuid() o Old FreeBSD + has a bogus setreuid() o new NetBSD has a real setreuid() o add + check for freeifaddrs() if getifaddrs() exists. + +2002-01-18 12:17 millert + + * config.h.in, interfaces.c: Older BSDi releases lack freeifaddrs() + so add a test for that and if it is not present just use free(). + +2002-01-17 09:30 millert + + * CHANGES, RUNSON: Checkpoint for 1.6.5p1 + +2002-01-16 18:00 millert + + * BUGS: ++version + +2002-01-16 17:53 millert + + * CHANGES, RUNSON, TODO: checkpoint for sudo 1.6.5 + +2002-01-16 16:37 millert + + * configure: regen + +2002-01-16 16:37 millert + + * INSTALL, INSTALL.binary, Makefile.in, README, configure.in: + version 1.6.5 + +2002-01-16 16:37 millert + + * sudo.cat, sudo.man.in: sudo version 1.6.5 + +2002-01-16 14:28 millert + + * logging.c: o when invoking the mailer as root use a hard-coded + environment that doesn't include any info from the user's + environment. Basically paranoia. + + o Add support for the NO_ROOT_MAILER compile-time option and run + the mailer as the user and not root if NO_ROOT_MAILER is defined. + +2002-01-16 14:27 millert + + * set_perms.c, sudo.h: Bring back PERM_FULL_USER + +2002-01-16 14:26 millert + + * configure: regen + +2002-01-16 14:26 millert + + * INSTALL, config.h.in, configure.in: Add --disable-root-mailer + option to run the mailer as the user and not root. + +2002-01-16 10:44 millert + + * CHANGES: checkpoint for 1.6.4p2 + +2002-01-15 17:22 millert + + * PORTING: Mention the "seteuid(0): Operation not permitted" + problem here too just for good measure. + +2002-01-15 16:43 millert + + * env.c, getspwuid.c, sudo.c: The SHELL environment variable was + preserved from the user's environment instead of being reset based + on the passwd database when the "env_reset" option was used. Now + it is reset as it should be. + +2002-01-15 15:47 millert + + * configure: regen + +2002-01-15 15:47 millert + + * INSTALL, TROUBLESHOOTING, config.h.in, configure.in, set_perms.c, + sudo.c: Add a configure option to turn off use of POSIX saved IDs + +2002-01-15 13:48 millert + + * configure: regen + +2002-01-15 13:48 millert + + * configure.in: add --with-efence option + +2002-01-15 13:39 millert + + * sudo.c: Only OR in MODE_RESET_HOME if MODE_RUN is set. Fixes a + problem where "sudo -l" would not work if always_set_home was set. + +2002-01-15 11:16 millert + + * lex.yy.c: regen + +2002-01-15 11:16 millert + + * parse.lex: Quoted commas were not being treated correctly in + command line arguments. + +2002-01-14 18:53 millert + + * sudo.c: o Move the call to rebuild_env() until after + MODE_RESET_HOME is set. Otherwise, the set_home option has no + effect. + + o Fix use of freed memory when the "fqdn" flag is set. This was + introduced by the fix for the "segv when gethostbynam() fails" bug. + Also, we no longer call set_fqdn() if the "fqdn" flag is not set + so there is no need to check the "fqdn" flag in set_fqdn() + itself. + +2002-01-14 18:45 millert + + * env.c: Add 'continue' statements to optimize the switch + statement. From Solar. + +2002-01-13 11:29 millert + + * sudo.c: If set_perms == set_perms_posix and the stay_setuid flag + is not set, set all uids to 0 and use set_perms_fallback(). + +2002-01-13 11:28 millert + + * set_perms.c, sudo.h: Remove PERM_FULL_USER (which is no longer + used) and add PERM_FULL_ROOT (used when exec'ing the mailer). + +2002-01-13 11:27 millert + + * logging.c: Use set_perms(PERM_FULL_ROOT, 0) before exec'ing the + mailer since we never want to run the mailer setuid. + +2002-01-12 15:55 millert + + * sudo.cat, sudo.man.in, sudo.pod: Use sudo.ws instead of + courtesan.com in URLs + +2002-01-12 12:00 millert + + * Makefile.in, Makefile.binary: Fix mansect substitution + +2002-01-12 11:15 millert + + * Makefile.in: Substitute man sections in Makefile.binary + +2002-01-12 11:15 millert + + * Makefile.binary: Sync install targets with Makefile.in and + substitute in man sections. + +2002-01-12 11:09 millert + + * INSTALL, INSTALL.binary: version is 1.6.4 + +2002-01-12 10:59 millert + + * Makefile.in: Repair bindist target + +2002-01-12 09:43 millert + + * CHANGES: sync for 1.6.4 + +2002-01-10 11:00 millert + + * install-sh: Fix case where neither whoami nor id are found + +2002-01-09 10:35 millert + + * install-sh: If neither whoami nor id exists, just assume we are + root. + +2002-01-09 09:56 millert + + * alloc.c: Add explicit cast to (VOID *) on malloc/realloc. Seems + to be needed on AIX which for some reason isn't pulling in the + malloc prototype. + +2002-01-08 08:00 millert + + * Makefile.in, aclocal.m4, compat.h, parse.c, sudo.c: (c) 2002 + +2002-01-08 07:21 millert + + * CHANGES: checkpoint + +2002-01-08 07:20 millert + + * sudo.c: Defer assigning new environment until right before the + exec. + +2002-01-08 07:08 millert + + * parse.c: kill extra blank line + +2002-01-07 11:59 millert + + * configure: regen + +2002-01-07 11:59 millert + + * configure.in: Use -O not -O2 for m88k-motorola-sysv* since + motorola gcc-derived compiler doesn't recognise -O2. + +2002-01-06 21:02 millert + + * HISTORY: Clarify origins of Root Group sudo a bit based on info + from billp@rootgroup.com + +2002-01-02 20:41 millert + + * LICENSE: 2002 + +2002-01-02 20:26 millert + + * CHANGES: checkpoint for 1.6.4rc1 + +2002-01-02 15:40 millert + + * config.h.in: now generated via autoheader + +2002-01-02 15:40 millert + + * configure: regen + +2002-01-02 15:37 millert + + * compat.h: Move in some stuff that was previously in config.h. + +2002-01-02 15:36 millert + + * configure.in, aclocal.m4: Add info for autoheader. + +2002-01-01 14:53 millert + + * Makefile.in: o Add DESTDIR support + o Use -M, -O, and -G instead of -m, -o, and -g to facilitate + non-root installs + +2002-01-01 14:48 millert + + * install-sh: Add -M option (like -m but only for root) If we can't + find "whoami", use "id" w/ some sed. + +2002-01-01 12:01 millert + + * configure: regen + +2002-01-01 12:00 millert + + * configure.in: allow user to always override mansectsu and + mansectform + +2001-12-31 15:05 millert + + * mkinstalldirs: update from autoconf 2.52 + +2001-12-31 15:03 millert + + * config.guess, config.sub: Update from autoconf 2.52 + +2001-12-31 14:57 millert + + * configure: regen with autoconf 2.52 + +2001-12-31 14:57 millert + + * configure.in: o Call AC_PROG_CC_STDC to find out how to run the + compiler in ANSI mode + o Remove compiler-specific checks for HP-UX now that we use + AC_PROG_CC_STDC + +2001-12-31 10:19 millert + + * RUNSON: Checkpoint + +2001-12-31 10:18 millert + + * set_perms.c, sudo.h: o Add pam_prep_user function to call + pam_setcred() for the target user; on Linux this often sets + resource limits. + +2001-12-30 22:53 millert + + * env.c: Fix off by one error in number of bytes allocated via + malloc (does not affected any released version of sudo). + +2001-12-30 15:12 millert + + * lex.yy.c: regen + +2001-12-30 15:12 millert + + * parse.lex: Allow '@', '(', ')', ':' in arguments to a defaults + variable w/o requiring that they be quoted. + +2001-12-30 11:58 millert + + * Makefile.in: Don't rely on mkdefaults being executable, call perl + explicitly. + +2001-12-30 11:41 millert + + * parse.yacc: Remove some XXX that are no longer relevant. + +2001-12-30 11:40 millert + + * defaults.c: o Roll our own loop instead of using strpbrk() for + better grokability o When adding to a list we must malloc() and use + memcpy(), not strdup() since we must only copy len bytes from + str. + +2001-12-21 14:49 millert + + * parse.yacc: typo in comment + +2001-12-19 09:50 millert + + * CHANGES: checkpoint + +2001-12-19 08:56 millert + + * configure: regen + +2001-12-19 08:56 millert + + * configure.in: avoid the -g flag unless --with-devel was specified + +2001-12-19 08:04 millert + + * Makefile.in: mkdefaults, def_data.in and sigaction.c were missing + from the tarball + +2001-12-19 07:46 millert + + * Makefile.in: def_data.c was missing + +2001-12-18 10:42 millert + + * env.c: Fix setting of $USER and $LOGNAME in the non-reset_env + case. Also allow HOME, SHELL, LOGNAME, and USER to be specified in + keep_env + +2001-12-17 18:48 millert + + * TODO: Another TODO item + +2001-12-15 08:57 millert + + * configure: regen + +2001-12-15 08:57 millert + + * configure.in, config.h.in: use AC_SYS_POSIX_TERMIOS instead of + rolling our own + +2001-12-15 08:33 millert + + * README: Reference sudo.ws not courtesan.com + +2001-12-15 08:29 millert + + * PORTING: Add notes on shadow passwords + +2001-12-14 22:48 millert + + * BUGS: In list mode (sudo -l), characters escaped with a backslash + are shown verbatim with the backslash. + +2001-12-14 19:53 millert + + * CHANGES: minor prettyification + +2001-12-14 19:43 millert + + * CHANGES: Updated change log + +2001-12-14 19:19 millert + + * TODO: Checkpoint for upcoming beta release + +2001-12-14 19:17 millert + + * TROUBLESHOOTING: Many people believe that adding a runas spec + should obviate the need for the -u flag. It does not. + +2001-12-14 19:11 millert + + * RUNSON: checkpoint update for upcoming 1.6.4 beta + +2001-12-14 18:44 millert + + * config.h.in: o Add HAVE_STDLIB_H and HAVE_MEMORY_H o Define + HAVE_STRINGS_H even if HAVE_STRING_H is defined -- this is safe now + +2001-12-14 18:07 millert + + * PORTING: Add signals section + +2001-12-14 18:00 millert + + * configure: regen + +2001-12-14 18:00 millert + + * configure.in: Fix check for sigaction_t + +2001-12-14 17:45 millert + + * sudo.c: XXX - should call find_path() as runas user, not root. + Can't do that until the parser changes though. + +2001-12-14 17:38 millert + + * sudo.c: If find_path() fails as root, try again as the invoking + user (useful for NFS). Idea from Chip Capelik. + +2001-12-14 17:28 millert + + * sudo.cat, sudo.man.in: Regenerate after pod file changes + +2001-12-14 17:24 millert + + * def_data.c, def_data.h, def_data.in, set_perms.c, sudo.c, sudo.h, + sudo.pod: Add new sudoers option "preserve_groups". Previously + sudo would not call initgroups() if the target user was root. Now + it always calls initgroups() unless the -P command line option or + the "preserve_groups" sudoers option is set. Idea from TJ + Saunders. + +2001-12-14 16:38 millert + + * compat.h, config.h.in: Use new HAVE_SIGACTION_T define + +2001-12-14 16:33 millert + + * logging.c: Fix compilation on K&C + +2001-12-14 16:14 millert + + * configure: regen + +2001-12-14 16:14 millert + + * configure.in: Add check for sigaction_t -- IRIX already defines + this so don't redefine it. + +2001-12-14 15:15 millert + + * snprintf.c: fix typo + +2001-12-14 15:12 millert + + * interfaces.c: need stdlib.h here too + +2001-12-14 13:31 millert + + * configure: regen + +2001-12-14 13:31 millert + + * configure.in: Remove redundant checks for string.h, strings.h and + unistd.h + +2001-12-14 13:29 millert + + * sudo.cat, sudo.man.in: Regen from pod files + +2001-12-14 13:03 millert + + * BUGS: Update for 1.6.4 + +2001-12-14 12:59 millert + + * configure, lex.yy.c: regen + +2001-12-14 12:56 millert + + * strerror.c: Return EINVAL if errnum > sys_nerr + +2001-12-14 12:54 millert + + * LICENSE, Makefile.binary, Makefile.in, aclocal.m4, compat.h, + config.h.in, defaults.h, interfaces.h, pathnames.h.in, sudo.h, + sudo.pod: o Update copyright year + +2001-12-14 12:54 millert + + * configure.in: o Don't define STDC_HEADERS unconditionally for + IRIX o Update copyright year + +2001-12-14 12:53 millert + + * README: update version + +2001-12-14 12:52 millert + + * alloc.c, check.c, defaults.c, env.c, fileops.c, find_path.c, + fnmatch.c, getcwd.c, getspwuid.c, goodpath.c, interfaces.c, + logging.c, lsearch.c, parse.c, parse.lex, parse.yacc, set_perms.c, + snprintf.c, sudo.c: o Reorder some headers and use STDC_HEADERS + define properly o Update copyright year + +2001-12-13 23:53 millert + + * configure: regen + +2001-12-13 23:52 millert + + * config.h.in, configure.in: Add checks for volatile and + sig_atomic_t + +2001-12-13 23:42 millert + + * lex.yy.c, configure: regen + +2001-12-13 23:40 millert + + * def_data.c, def_data.h, def_data.in, defaults.c, env.c, + find_path.c, sudo.c: Remove "secure_path" Defaults option since it + cannot work with the existing parser. + +2001-12-13 23:26 millert + + * find_path.c, sudo.c: Unset "secure_path" if user_is_exempt() + +2001-12-13 23:24 millert + + * env.c, pathnames.h.in: o Remove assumption that PATH and TERM are + not listed in env_keep o If no PATH is in the environment use a + default value o If TERM is not set in the non-reset case also give + it a default value. + +2001-12-13 23:17 millert + + * aclocal.m4, configure.in, defaults.c, pathnames.h.in: + _PATH_SENDMAIL -> _PATH_SUDO_SENDMAIL so --without-sendmail works + on systems that define in paths.h + +2001-12-12 19:42 millert + + * sudo.c: Only need to do 'lc = login_getclass(NULL)' if lc == NULL + +2001-12-12 19:24 millert + + * parse.lex: '\\' is a perfectly legal character to have in a + command line argument. + +2001-12-12 18:24 millert + + * sudo.c: o Defer call to set_fqdn() until it is safe to use + log_error() o Don't print errno string value if gethostbyname + fails, it is not relevant + +2001-12-12 18:07 millert + + * parse.c: Fix CIDR -> in_addr_t conversion. + +2001-12-12 14:00 millert + + * parse.c: Make 'listpw=never' work for users who are not + explicitly mentioned in sudoers. + +2001-12-12 13:11 millert + + * lex.yy.c: regen parser + +2001-12-12 12:56 millert + + * parse.lex: Don't let '#' appear in a {WORD} and restrict #foo in + a Runas spec to #[0-9-]+. + +2001-12-12 12:55 millert + + * configure: regen + +2001-12-12 12:55 millert + + * aclocal.m4: Simpler SUDO_FUNC_ISBLANK that uses AC_TRY_LINK + +2001-12-12 12:43 millert + + * config.h.in, configure.in: Add check for skeyaccess(3) + +2001-12-11 17:31 millert + + * configure: regen + +2001-12-11 17:31 millert + + * aclocal.m4, config.h.in, configure.in: Add check for isblank and + a replacement macro if it doesn't exist. + +2001-12-11 16:06 millert + + * parse.yacc: o Add a new token, DEFVAR, to indicate a Defaults + variable name + o Add support for "+=" and "-=" list operators + o replace some 1 and 0 with TRUE and FALSE for greater legibility. + +2001-12-11 16:05 millert + + * parse.lex: o Use exclusive start conditions to remove some + ambiguity in the + lexer. Also reorder some things for clarity. + o Add support for "+=" and "-=" list operators. + o Use the new DEFVAR token to denote a Defaults variable name. + +2001-12-11 16:03 millert + + * sudo.h: Prototype init_envtables() + +2001-12-11 16:02 millert + + * env.c: o Convert environment handling to use lists instead of + strings. + This greatly simplifies routines that need to do "foreach" type + operations. + o Add new init_envtables() function to set env_check and + env_delete + defaults based on initial_badenv_table and + initial_checkenv_table + (formerly sudo_badenv_table). + +2001-12-11 16:00 millert + + * defaults.c, defaults.h: o Add a new LIST type and functions to + manipulate it. + o This is for use with environment handling variables. + o Call new init_envtables() routine inside init_defaults() to + initialize the environment lists. + +2001-12-11 15:57 millert + + * def_data.c, def_data.h, def_data.in: Convert environment options + to use the new LIST type and add a new one, env_check that only + deletes if the sanity check fails. + +2001-12-11 15:53 millert + + * parse.yacc: honor quiet mode + +2001-12-10 18:27 millert + + * mkdefaults: Fix generation of entries with NULL descriptions. + +2001-12-08 22:20 millert + + * sudo.c: Must reset signal handlers before we exec + +2001-12-08 22:09 millert + + * sudo.c: Don't block keyboard interrupt signals, just set them to + SIG_IGN. + +2001-12-08 12:48 millert + + * config.h.in: add back HAVE_SIGACTION + +2001-12-08 12:44 millert + + * configure: regen + +2001-12-08 12:44 millert + + * config.h.in, configure.in, logging.c, sudo.c: Kill POSIX_SIGNALS + define and old signal support now that we emulate POSIX ones Also + be sure to correctly initialize struct sigaction. + +2001-12-08 12:42 millert + + * strerror.c: Don't need config.h or "#ifndef HAVE_STRERROR" + wrapper. + +2001-12-08 12:39 millert + + * compat.h: Add scaffolding for POSIX signal emulation + +2001-12-08 12:36 millert + + * sigaction.c: o Add missing ';' so this compiles o Can't use NULL + since we don't include stdio.h + +2001-12-08 12:23 millert + + * sigaction.c: Emulate sigaction() using sigvec() + +2001-11-12 17:31 millert + + * sudo.pod: Add security note about command not being logged after + 'sudo su' and friends. + +2001-11-12 17:19 millert + + * sudo.pod: Mention that -V prints default values when run as root, + including the list of environment variables to clear. + +2001-11-12 17:14 millert + + * Makefile.in: Run pod2man with --quotes=none to avoid stupid + quoting of C<> entries. + +2001-11-12 11:12 millert + + * def_data.c, def_data.h, def_data.in: Add mail_badpass option Also + modify mail_always behavior to also send mail when the password is + wrong + +2001-11-12 11:08 millert + + * env.c, sudo.c, sudo.h: Dump default bad env table when 'sudo -V' + is run by root. + +2001-11-11 21:51 millert + + * env.c: Add support for '*' in env_keep when not resetting the + environment (ie: the normal case). + +2001-11-11 21:47 millert + + * env.c: Add env_delete variable that lets the user replace/add to + the bad_env_table. Allow '*' wildcard in env_keep entries. + +2001-11-06 11:59 millert + + * mkinstalldirs: Force umask to 022 to guarantee sane directory + permissions. + +2001-11-02 16:09 millert + + * Makefile.in: add sudo.tab.h and sudo.tab.c to sudo.tab.o + dependency + +2001-11-02 15:25 millert + + * mkdefaults: fix breakage in last commit + +2001-11-02 15:18 millert + + * Makefile.in: acsite.m4 -> aclocal.m4 + +2001-11-02 13:59 millert + + * check.c: fix I_TS_TIMEOUT vs. I_TIMESTAMP_TIMEOUT pasto in + previous commit + +2001-11-02 13:57 millert + + * def_data.c: regenerated from def_data.in + +2001-11-02 13:56 millert + + * check.c, defaults.c, defaults.h: Add new T_UINT type that most + things use instead of T_INT If timestamp_timeout is < 0 then treat + the ticket as never expiring (to be expired manually by the user). + +2001-11-02 13:51 millert + + * def_data.in: change most T_INT -> T_UINT + +2001-11-02 13:51 millert + + * mkdefaults: fix warning when no args + +2001-10-15 23:35 millert + + * logging.c: when setting up pipes in child process check for case + where stdin == pipe fd 0 + +2001-10-05 14:39 millert + + * configure: regen + +2001-10-05 14:39 millert + + * configure.in: sco now is identified by config.guess as *-sco-* + +2001-10-05 14:24 millert + + * configure.in: Check for getspnam() in -lgen if not in -lc for + UnixWare. + +2001-08-23 15:43 millert + + * sudo.c: If we fail to lookup a login class, apply the default + one. + +2001-08-23 15:42 millert + + * logging.c: In log_error() free message, not logline + unconditionally, then free logline if it is not the same as + message. No function change but this mirrors how they are + allocated. + +2001-07-16 21:33 millert + + * configure: regenerate + +2001-07-16 21:33 millert + + * configure.in: remove some backslash quotes that are unneeded + +2001-07-16 21:30 millert + + * configure.in: o Tweaks to make this work with autoconf-2.50 o Use + AC_LIBOBJ instead of changing LIBOBJS directly o Use + AC_REPLACE_FUNCS where we can o Use AC_CHECK_FUNCS instead of + AC_CHECK_FUNC so we don't have to AC_DEFINE things manually. + +2001-07-16 21:28 millert + + * config.guess, config.sub: Updated from autoconf-2.50 + +2001-05-22 17:11 millert + + * README: Update mailing list section. We use mailman now, not + majordomo. + +2001-05-10 12:55 millert + + * getspwuid.c, logging.c, sudo.c: Use setpwent()/endpwent() + all + the shadow variants to make sure we don't inadvertantly leak an fd + to the child. Apparently Linux's shadow routines leave the fd open + even if you don't call setspent(). Reported by mike@gistnet.com; + different patch used. + +2001-04-12 19:41 millert + + * logging.c: Fix a non-exploitable buffer overflow in the word + splitting code. This should really be rewritten. + +2001-04-12 19:41 millert + + * Makefile.in: FAQ link goes away + +2001-04-12 19:40 millert + + * INSTALL: Tell people to look in sample.syslog.conf for examples, + not FAQ + +2001-04-12 19:40 millert + + * TROUBLESHOOTING: Update list of env vars that are cleared + +2001-04-12 19:36 millert + + * sudo.c: remove struct env_table decl since that stuff has all + moved to env.c + +2001-04-04 11:17 millert + + * fileops.c: Fix a pasto in flock-style unlocking and include + for flock on older systems; twetzel@gwdg.de + +2001-04-04 11:14 millert + + * configure: regen to get NeXT lockf/flock fix + +2001-04-04 11:14 millert + + * configure.in: force NeXT to use flock since lockf is broken + +2001-03-30 06:54 millert + + * check.c: Use stashed user_gid when checking against exempt gid + since sudo sets its gid to a a value that makes sudoers readable. + Previously if you used gid 0 as the exempt group everyone would be + exempt. From Paul Kranenburg + +2001-03-29 11:14 millert + + * configure: regen + +2001-03-29 11:08 millert + + * aclocal.m4: #include stdio.h in SUDO_CHECK_TYPE since IRIX 6 + aparently defines some types (such as ssize_t) therein. + +2001-03-02 07:09 millert + + * defaults.c: Fix negation of paths in a boolean context. Problem + found by apt@UH.EDU + +2001-02-04 09:16 millert + + * defaults.c: coerce difference of pointers to int when used in a + string length printf format; deraadt@openbsd.org + +2001-01-07 11:57 millert + + * env.c: glibc uses the LANGUAGE env var so clear that too; Solar + Designer + +2001-01-07 11:55 millert + + * lex.yy.c: Regenerate with a fix to flex.skl that preserves errno + from clobbering by isatty(). + +2000-12-30 18:38 millert + + * Makefile.in, check.c, def_data.c, def_data.h, def_data.in, + defaults.c, defaults.h, env.c, logging.c, mkdefaults, parse.yacc, + set_perms.c, sudo.c: Move defaults info into its own files from + which we generate .h and .c files. This makes adding or + rearranging variables much simpler. + +2000-12-30 14:58 millert + + * configure, configure.in: fix typo in last commit + +2000-12-30 14:55 millert + + * compat.h, config.h.in, configure, configure.in: Add check + + emulation for setegid (like seteuid). + +2000-12-30 14:22 millert + + * env.c: Make env_keep override badenv_table as documented Fix + traversal of badenv_table (broken in last commit) + +2000-12-29 20:59 millert + + * set_perms.c, sudo.c, sudo.h: Don't try and build saved uid + version of set_perms on systems w/o them. Rename + set_perms_saved_uid() -> set_perms_posix() Make set_perms_setreuid + simply be set_perms_fallback() and simply include the appropriate + function at compile time (setreuid() vs. setuid()). + +2000-12-29 20:29 millert + + * CHANGES, env.c, Makefile.in, check.c, compat.h, config.h.in, + configure, configure.in, defaults.c, defaults.h, find_path.c, + getspwuid.c, set_perms.c, sudo.c, sudo.cat, sudo.h, sudo.man.in, + sudo.pod: New Defaults options: o stay_setuid - sudo will remain + setuid if system has saved uids or setreuid(2) o env_reset - reset + the environment to a sane default o env_keep - preserve + environment variables that would otherwise be cleared + + No longer use getenv/putenv/setenv functions--do environment + munging by hand. Potentially dangerous environment variables can + be cleared only if they contain '/' pr '%' characters to protect + buggy programs. Moved environment routines into env.c (new file) + +2000-12-29 20:17 millert + + * INSTALL: Clear up --without-passwd description + +2000-12-29 17:39 millert + + * putenv.c: We now build up a new environment from scratch and + assign it to "environ". + +2000-12-18 20:35 millert + + * sudo.pod: Grammatical fixes from Paul Janzen + +2000-12-13 10:23 millert + + * set_perms.c: Add missing #ifdef HAVE_LOGIN_CAP_H; + ayamura@ayamura.org + +2000-12-09 09:46 millert + + * config.guess, config.sub: Darwin / Mac OS X support from Wilfredo + Sanchez + +2000-11-03 07:36 millert + + * sudo.c: Use exit(127), not exit(-1) + +2000-11-02 22:37 millert + + * defaults.h, set_perms.c, sudo.c, Makefile.in, defaults.c: Move + set_perms() to its own file and use POSIX saved uid or setreuid() + if available. + + Added stay_setuid option for systems that have libraries that + perform extra paranoia checks in system libraries for setuid + programs (ie: anything with issetugid(2)). + +2000-11-02 18:28 millert + + * sudo.c: strip more bits from the environment and add a facility + for stripping things only if they contain '/' or '%' to address + printf format string vulnerabilities in other programs. + +2000-11-02 10:55 millert + + * configure: regen + +2000-11-02 10:55 millert + + * configure.in: For NCR, add -lc89 to LIBS, not SUDO_LIBS and cache + the existence of strcasecmp(). + +2000-11-02 10:46 millert + + * configure: regen + +2000-11-02 10:46 millert + + * configure.in: Check for strcasecmp(3) in -lc89 for NCR Unix + +2000-11-01 08:22 millert + + * config.h.in: Define HAVE_INNETGR #ifdef HAVE__INNETGR + +2000-11-01 08:17 millert + + * configure: regen + +2000-11-01 08:17 millert + + * compat.h, config.h.in, configure.in: Add check for _innetgr(3) + since NCR systems have that instead of innetgr(3). + +2000-10-29 21:00 millert + + * INSTALL: document --with-bsdauth + +2000-10-29 20:57 millert + + * configure: regen + +2000-10-29 20:56 millert + + * configure.in: --with-bsdauth assumes --with-logincap + +2000-10-29 15:31 millert + + * sudo.c: Remove debugging code that should not have been + committed, oops. + +2000-10-27 16:41 millert + + * sudo.c: Fix a coredump in the logging functions if gethostname(2) + fails by deferring the call to log_error() until things are better + setup. + + Fix return value of set_loginclass() in non-BSD-auth case. + + Hard-code 'sudo' in the usage message so we can fit more options on + a line + +2000-10-27 16:35 millert + + * logging.c: Fix errant ';' (typo) that broken MSG_ONLY + +2000-10-26 11:03 millert + + * sudo.cat, sudo.man.in: regen + +2000-10-26 11:01 millert + + * sudo.pod: Document -a flag + +2000-10-26 10:42 millert + + * Makefile.in, config.h.in, configure, configure.in, getspwuid.c, + sudo.c: Add support for BSD authentication. + +2000-10-11 23:30 millert + + * defaults.c: Allow user to specify umask of 0777 (same as !umask) + +2000-10-08 19:46 millert + + * sudo.pod: Fix a typo and give a URL for the sudo history. + +2000-10-08 10:25 millert + + * defaults.c, sudo.pod: fix typos; pepper@reppep.com + +2000-09-14 14:48 millert + + * sudo.c, sudo.h: sudo_setenv() now exits on memory alloc failure + instead of returning -1. + +2000-09-07 15:41 millert + + * sudo.c: Strip out NLSPATH and PATH_LOCALE from the environment + for FreeBSD and possibly others. + +2000-09-07 08:43 millert + + * logging.c: Don't use vsyslog(3) since HP-UX (and others?) lack + it. This means that "%m" won't be expanded but we don't use that + anyway since the logging routines may splat to stderr as well. + +2000-09-06 19:35 millert + + * defaults.c, defaults.h, sudo.c: Add always_set_home variable + +2000-09-06 19:24 millert + + * configure, configure.in: Have to hard code default values in help + since the defaults are set _after_ the help stuff. + +2000-08-31 11:08 millert + + * lex.yy.c, parse.lex: Allow special characters (including '#') to + be embedded in pathnames if quoted by a '\\'. The quoted chars + will be dealt with by fnmatch(). Unfortunately, 'sudo -l' still + prints the '\\'. + +2000-08-13 15:10 millert + + * install-sh: Better path searching for programs we need. + +2000-08-13 15:10 millert + + * TROUBLESHOOTING: Add section on "C compiler cannot create + executables" errors. + +2000-08-13 15:10 millert + + * Makefile.binary, Makefile.in: Crank version + +2000-08-13 15:09 millert + + * aclocal.m4, configure, configure.in, sudo.cat, sudo.man.in, + sudo.pod: Substitute values from configure into man pages. + +2000-08-12 14:48 millert + + * parse.c, sudo.c: The listpw and verifypw sudoers options would + not take effect because the value of the default was checked + *before* sudoers was parsed. Instead of passing in the value of + PWCHECK_* to sudoers_lookup(), pass in the arg for def_ival() so + the check can be deferred until after sudoers is parsed. + +2000-06-09 10:25 millert + + * install-sh: When looking for chown, check in /sbin too + +2000-06-04 17:57 millert + + * config.h.in, interfaces.c, interfaces.h, sudo.c: Add support for + using getifaddrs() to get the list of ip addr / netmask pairs. + Currently IPv4-only. + +2000-05-12 14:55 millert + + * sudo.c: Call clean_env very early in main() for paranoia's sake. + Idea from Marc Esipovich. + +2000-05-09 23:11 millert + + * sudo.h: Update proto for evasprintf and easprintf + +2000-05-09 23:10 millert + + * alloc.c: Make easprintf() and evasprintf() return an int. + +2000-05-09 22:56 millert + + * check.c: If the targetpw flag is set, use target username as part + of the timestamp path. If tty tickets are in effect cat the tty + and the target username with a ':' as the separator. + +2000-05-09 09:42 millert + + * check.c, getspwuid.c, sudo.c, sudo.h: Fix root, runas, and target + authentication for non-passwd file auth methods. + +2000-04-22 12:15 millert + + * sudo.pod, sudo.man.in, sudo.cat: Use B<-Z> not C<-Z> for command + line flags in all places. This is more consistent and works around + a bug in Pod::Man. + +2000-04-19 13:30 millert + + * configure, configure.in: Fix --with-badpri help line + +2000-04-17 12:01 millert + + * defaults.c, logging.c, sudo.c: Bracket calls to syslog with an + openlog() and closelog() since some authentication methods (like + PAM) may do their own logging via syslog. Since we don't use + syslog much (usually just once per session) this doesn't really + incur a performance penalty. It also Fixes a SEGV with pam_kafs. + +2000-04-15 14:32 millert + + * sudo.c: Fix -H flag. runas_homedir is only valid after + set_perms(PERM_RUNAS, mode) + +2000-04-12 16:56 millert + + * INSTALL: Clarify the fact that insults are not enabled just by + including them in the binary. + +2000-04-07 08:39 millert + + * sudo.man.in, sudo.cat: Regenerated with perl 5.6.0 pod2man + +2000-04-07 08:38 millert + + * Makefile.in: Give date string to pod2man since its default is + ugly and it ain't got no alibi. + +2000-04-07 08:27 millert + + * Makefile.in: Do section substitution on the output of pod2man and + remove hack needed for old pod2man. + +2000-04-07 08:26 millert + + * sudo.pod: Put back real man sections, we will do the substitution + later. + +2000-04-02 09:44 millert + + * configure, configure.in: Don't bother checking for the path to vi + if user specified --with-editor + +2000-04-01 15:25 millert + + * CHANGES: Visudo now does its own fork/exec instead of calling + system(3). + +2000-04-01 14:23 millert + + * CHANGES, INSTALL, Makefile.in: Visudo now checks for the + existence of an editor and gives a sensible error if it does not + exist. + + The path to the editor for visudo is now a colon-separated list of + allowable editors. If the user has $EDITOR set and it matches one + of the allowed editors that editor will be used. If not, the first + editor in the list that actually exists is used. + +2000-04-01 14:22 millert + + * sudo.pod, sudo.cat, sudo.man.in: Clear up confusion wrt sudo's + return value. + +2000-03-27 10:08 millert + + * Makefile.in: Strip sudo and visudo for bindist target + +2000-03-26 20:26 millert + + * sudo.cat, sudo.man.in, sudo.pod: Use @mansectsu@ and + @mansectform@ in the man page bodies as well. + +2000-03-26 19:57 millert + + * Makefile.in: 'make dist' should not cause any files to be + modified so remove its dependencies. + +2000-03-26 19:43 millert + + * CHANGES: Whoops, forgot to add release marker + +2000-03-26 09:57 millert + + * CHANGES: Final change for 1.6.3 (or so I hope) + +2000-03-26 09:57 millert + + * sudo.cat: Use SYSV man sections since BSD systems will have + nroff... + +2000-03-24 16:58 millert + + * parse.yacc: When checking to see if the host/user matches in a + defaults spec, check against TRUE, not just non-zero since it might + be -1. + +2000-03-24 13:14 millert + + * configure.in, configure: OSF/1 puts file formats in section 4, + not 5. + +2000-03-24 13:13 millert + + * CHANGES, INSTALL, sudo.c: Make login class support work on BSD/OS + +2000-03-23 18:24 millert + + * RUNSON: Update for 1.6.3 + +2000-03-23 18:23 millert + + * configure, configure.in: If there is no inet_addr but there *is* + an __inet_addr that's ok since inet_addr is probably just a macro + then. The better thing to do would be to look for the macro, but + this is fine for now. + +2000-03-23 17:50 millert + + * configure, configure.in: Don't use shlicc for BSD/OS 4.x + +2000-03-23 17:40 millert + + * Makefile.in, configure, configure.in: *.man lives in cwd, *.cat + lives in $(srcdir), add a @mansrcdir@ configure variable so we can + deal with this. Also, only remove *.man for 'distclean' not + 'clean'. + +2000-03-23 17:16 millert + + * sudo.c: set_loginclass() should be static like the proto says + +2000-03-23 12:14 millert + + * fnmatch.c: Add #ifdef __STDC__ around the rangematch function + header to avoid promotion of test to int, thus violating the + prototype. Gcc handles this gracefully but more std ANSI compilers + will complain. + +2000-03-23 08:11 millert + + * aclocal.m4, configure, fnmatch.3, fnmatch.c: Pull in newer + fnmatch(3) that supports FNM_CASEFOLD Check for FNM_CASEFOLD in + configure + +2000-03-22 21:41 millert + + * CHANGES, TODO: update for 1.6.3 + +2000-03-22 21:38 millert + + * lex.yy.c, parse.c, parse.h, parse.lex, parse.yacc: Fully + qualified hosts w/ wildcards were not matching the FQHOST token + type. There's really no need for a separate token for + fully-qualified vs. unqualified anymore so FQHOST is now history + and hostname_matches now decides which hostname (short or long) to + check based on whether or not the pattern contains a '.'. + +2000-03-22 21:09 millert + + * parse.c, parse.h, parse.yacc: Add support for wildcards in the + hostname. + +2000-03-22 20:50 millert + + * Makefile.in: Add targets for *.man.in, using config.status to + generate *.man from *.man.in + +2000-03-22 17:35 millert + + * INSTALL, Makefile.in, aclocal.m4, configure, configure.in, + sudo.cat, sudo.pod, sudo.man.in: Add FreeBSD login.conf support + (untested on BSD/OS) based on a patch from Michael D. Marchionna. + configure now does substitution on the man pages, allowing us to + fix up the paths and set the section correctly. Based on an idea + from Michael D. Marchionna. + +2000-03-22 17:20 millert + + * sudo.c: Add support for set_logname run-time default + +2000-03-22 17:17 millert + + * sudo.man.in: configure does substitution on these to produce + *.man + +2000-03-22 17:16 millert + + * sudo.man: These files now get generated from *.man.in at + configure time. + +2000-03-22 16:40 millert + + * defaults.c, defaults.h: Add set_logname option so users can turn + off setting of LOGNAME/USER environment variables. + +2000-03-22 08:53 millert + + * lsearch.c, parse.c: kill register + +2000-03-13 09:05 millert + + * logging.c: Get rid of grandchild hack, it was causing problems + and there is really no need for it. This fixes a bug where we spin + eating up CPU when the user runs a long-running process like a + shell. + +2000-03-07 12:26 millert + + * sudo.c: User can always specify a login class if he/she is + already root. + +2000-03-06 21:29 millert + + * config.h.in, configure, configure.in, defaults.c, defaults.h, + sudo.c, sudo.h: FreeBSD login class (login.conf) support. + +2000-03-01 19:01 millert + + * INSTALL, RUNSON: Mention that gcc on dynix may have problems + +2000-02-29 15:46 millert + + * Makefile.in: Link visudo with NET_LIBS since we now call syslog + via defaults.c + +2000-02-29 15:41 millert + + * defaults.c: Use Argv[0] as the first arg to openlog() since + visudo uses this too. + +2000-02-28 16:58 millert + + * sudo.c: Stash coredumpsize resource limit and retsore it before + the exec() Otherwise the child ends up with a coredumpsize of 0. + +2000-02-26 20:56 millert + + * sudo.cat, sudo.man, sudo.pod: document -S flag + +2000-02-26 20:54 millert + + * sudo.c: fix usage string + +2000-02-26 20:48 millert + + * CHANGES, RUNSON, TODO, sudo.c, sudo.h: Added -S flag (read passwd + from stdin) and tgetpass_flags global that holds flags to be passed + in to tgetpass(). Change echo_off param to tgetpass() into a flags + field. There are currently 2 possible flags for tgetpass(): + TGP_ECHO and TGP_STDIN. In tgetpass(), abstract the echo set/clear + via macros and if (flags & TGP_ECHO) but echo is not set on the + terminal, but sure to set it. + +2000-02-18 10:56 millert + + * CHANGES, defaults.c, defaults.h, getspwuid.c, sudo.c, sudo.h: Add + rootpw, runaspw, and targetpw options. + +2000-02-18 10:11 millert + + * CHANGES, defaults.c: enveditor -> env_editor + +2000-02-15 17:07 millert + + * BUGS, INSTALL, Makefile.in, README, configure, configure.in, + sudo.cat, sudo.man: crank versino to 1.6.3 + +2000-02-15 17:03 millert + + * INSTALL, TODO, defaults.c, defaults.h: Add 'editor' and + 'enveditor' sudoers defaults and make visudo honor them. This + means that visudo will now parse the sudoers file *before* it is + edited so a bogus sudoers file will cause a warning to go to + stderr. Also, visudo checks the variables once--it does not check + them after each editor run since that could be confusing. + +2000-02-15 16:49 millert + + * RUNSON: 1.6.2 -> 1.6.2p1 + +2000-02-15 16:36 millert + + * check.c, sudo.c, sudo.h: Move user_is_exempt prototype into + sudo.h + +2000-02-13 11:38 millert + + * configure, configure.in: Fix thinko, some && should have been || + in the last commit + +2000-02-13 11:28 millert + + * configure, configure.in: Don't initialized Makefile variables to + be NULL since the user may want to import variables from their + environment. + +2000-02-03 19:09 millert + + * configure, configure.in: typo + +2000-01-27 13:01 millert + + * INSTALL, RUNSON, configure, configure.in: Make pam work on HP-UX + 11.0;jaearick@colby.edu + +2000-01-27 13:01 millert + + * CHANGES: recent changes; prepare for 1.6.2p1 + +2000-01-26 21:31 millert + + * find_path.c: Don't apply SECURE_PATH if user is example; + jmknoble@pobox.com + +2000-01-26 14:21 millert + + * INSTALL: Fix some while lies + +2000-01-24 08:48 millert + + * Makefile.in: When making a bindist, link FAQ to TROUBLESHOOTING + instead of copying. + +2000-01-23 20:42 millert + + * RUNSON: Last minute updates + +2000-01-23 20:26 millert + + * TROUBLESHOOTING: PAM entry + +2000-01-23 20:03 millert + + * CHANGES, RUNSON: update for 1.6.2 + +2000-01-20 09:15 millert + + * snprintf.c: Cast ULONG_MAX to unsigned long long when comparing + to an unsigned long long value. + +2000-01-19 12:07 millert + + * CHANGES, config.h.in, configure, configure.in: Fix sudoers + locking in visudo. We now lock the sudoers file itself, not the + temp file (since locking the temp file can foul up editors). The + previous locking scheme didn't work because the fd was closed too + early. + +2000-01-19 11:37 millert + + * configure, config.h.in, configure.in: Don't need test for + ftruncate() any more. + +2000-01-18 19:23 millert + + * configure, configure.in: Add a test for the -Aa flag w/ HP-UX's + cc. Fixes compilation with the unbundled HP-UX cc. + +2000-01-17 16:46 millert + + * LICENSE, Makefile.in, defaults.c, defaults.h, parse.c, parse.h, + parse.yacc, sudo.c, sudo.h: update copyright year on changed files + +2000-01-17 16:45 millert + + * RUNSON: updates + +2000-01-17 16:45 millert + + * CHANGES: aix fix + +2000-01-17 16:42 millert + + * INSTALL: Crank version to 1.6.2 + +2000-01-17 16:11 millert + + * configure: Crank version to 1.6.2 + +2000-01-17 15:46 millert + + * sudo.c: When using rlimit check for RLIM_INFINITY When computing + the value of maxfd, use min(getdtablesize(), RLIMIT_NOFILE) + +2000-01-17 10:32 millert + + * CHANGES: recent changes + +2000-01-17 10:28 millert + + * BUGS, Makefile.in, README, configure.in, sudo.cat, sudo.man: + Crank version to 1.6.2 + +2000-01-17 10:25 millert + + * INSTALL, defaults.c, defaults.h, sudo.c, sudo.h: Add + 'shell_noargs' runtime option back in. We have to defer checking + until after the sudoers file has been parsed but since there are + now other options that operate that way this one can too. Based on + a patch from bguillory@email.com. + +2000-01-16 21:05 millert + + * defaults.c, defaults.h, parse.c, sudo.c, sudo.h: Add "listpw" and + "verifypw" options. + +2000-01-14 10:39 millert + + * configure, configure.in: For HP-UX cc, add -Aa to CPPFLAGS. For + HP-UX always add -D_HPUX_SOURCE to CPPFLAGS. + +2000-01-14 10:29 millert + + * defaults.c, defaults.h: In struct sudo_defs_types, move the union + to the end and don't initialize the union member since that only + works with an ANSI compiler. We set the value of the union by hand + in init_defaults() anyway. This allows sudo to compile on a K&R + compiler again. + +2000-01-11 11:20 millert + + * parse.c, parse.h, parse.yacc: netgr_matches needs to check shost + as well as host since they may be different. + +2000-01-02 21:53 millert + + * sudo.c: Update statbuf.st_mode based on SUDOERS_MODE when we are + chaning from 0400 to whatever SUDOERS_MODE is (converting from the + old sudoers mode). Assumes that SUDOERS_MODE is less restrictive + than 0400 which should always be the case. + +2000-01-02 21:43 millert + + * parse.c, parse.yacc, sudo.c, sudo.h: Make treatment of -l and -v + sane wrt NOPASSWD flags. Now allow -l w/o a passwd if there is + *any* entry for the user on the host with a NOPASSWD flag. For -v, + only allow w/o a passwd if *all* entries for the user on the host + w/ the specified runas user have the NOPASSWD flag set. + +2000-01-02 21:26 millert + + * Makefile.in: add check target + +1999-12-09 22:09 millert + + * CHANGES: recent changes + +1999-12-08 21:04 millert + + * config.h.in, configure, configure.in, sudo.c: Add check for + initgroups() since old SYSV lacks this. + +1999-12-08 20:54 millert + + * CHANGES, RUNSON, aclocal.m4, config.h.in, configure, + configure.in, parse.c: o Kill HAVE_FNMATCH_H o Only define + HAVE_FNMATCH if exists. + +1999-12-05 23:47 millert + + * CHANGES, RUNSON, insults.h: Don't allow insults to be enabled if + the insults[] array is empty. Otherwise there would be division by + zero. + +1999-12-05 23:25 millert + + * insults.h: Don't care about USE_INSULTS #define since the insult + stuff may be overridden at runtime. + +1999-12-05 17:14 millert + + * CHANGES, parse.c: Don't ask the user for a password if the user + is not allowed to run the command and the authenticate flag (in + sudoers) is false. + +1999-12-05 17:05 millert + + * CHANGES, RUNSON, lex.yy.c, parse.lex: o Whenever we get a bare + newline we change to the INITIAL state. o Enter GOTRUNAS when we + see Runas_Alias + + This allows #uid to work in a RunasAlias. + +1999-12-05 12:06 millert + + * CHANGES, parse.yacc: fix parsing of runas lists: o oprunasuser + and runaslist now return a value o in a runasspec, if a runaslist + does not return TRUE, set runas_matches to FALSE. Normally, a + runaslist only returns FALSE for explicitly denied users. o + since runaslist does not modify the stack there is no need for a + push/pop in runasalias. + +1999-12-04 19:54 millert + + * check.c, sudo.c: Don't kill the user's tickets until after + sudoers has been parsed since tty_tickets and ticket_dir could be + set in sudoers. + +1999-12-04 19:18 millert + + * BUGS, CHANGES, Makefile.binary, Makefile.in, README, RUNSON, + configure, configure.in, sudo.cat, sudo.man: crank version to 1.6 + +1999-12-02 13:31 millert + + * INSTALL, defaults.c, defaults.h, sudo.c, sudo.h: o Kill + shell_noargs option, it cannot work since the command needs to be + set before sudoers is parsed. o Fix the "set_home" sudoers option + (only worked at compile time). o Fix "fqdn" sudoers option. We + now set host/shost via set_fqdn which gets called when the "fqdn" + option is set in sudoers. o Move the openlog() to + store_syslogfac() so this gets overriden correctly from the + sudoers file. + +1999-11-28 18:56 millert + + * sudo.pod, sudo.cat, sudo.man: fix some syntactic goofs + +1999-11-28 16:51 millert + + * sudo.html, Makefile.in: No longer need the .html files as they + are generated automatically on the web site. + +1999-11-28 16:49 millert + + * CHANGES, LICENSE: kill characters that made wml unhappy + +1999-11-28 16:34 millert + + * HISTORY: typo + +1999-11-25 10:05 millert + + * README: majordomo@cs.colorado.edu -> majordomo@courtesan.com + +1999-11-24 17:43 millert + + * Makefile.in, configure: Wrap script execution w/ /bin/sh for the + benefit of ctm + +1999-11-23 20:52 millert + + * sudo.c: Make the -s flag be exclusive too. Also reorder the + flags in the exclusive usage message so they are alphabetical. + +1999-11-23 11:07 millert + + * INSTALL: make it clear that /etc/pam.d/sudo is required on linux + +1999-11-22 22:43 millert + + * sudo.cat, sudo.html, sudo.man, sudo.pod: Be very clear that the + password required is the user's not root's + +1999-11-19 19:04 millert + + * Makefile.in: add sample.syslog.conf to DISTFILES and BINFILES + +1999-11-18 17:13 millert + + * RUNSON: updates from Brian Jackson + some formatting + +1999-11-17 19:39 millert + + * INSTALL.binary, Makefile.binary, README, RUNSON: o One RUNSon + update o Changes for automating real binary releases + +1999-11-17 19:38 millert + + * Makefile.in: Add bindist target + +1999-11-16 14:26 millert + + * TROUBLESHOOTING: talk about run-time options in addition to + compile-time options + +1999-11-15 23:16 millert + + * CHANGES: fix typos + +1999-11-15 23:09 millert + + * sudo.c: need sys/time.h if HAVE_SETRLIMIT + +1999-11-15 22:42 millert + + * PORTING, README, RUNSON, sudo.c, sudo.cat, sudo.html, sudo.man, + sudo.pod: get rid of references to sudo-bugs. Now mention the web + site or the sudo@ alias + +1999-11-15 22:28 millert + + * RUNSON, TODO: Update for 1.6 release + +1999-11-09 13:06 millert + + * parse.lex, lex.yy.c: Don't need YY_FLUSH_BUFFER after all Move + yyrestart() into visudo.c since it might not get called in yywrap + if we get a parse error (and we only reread the file on error + anyway). + +1999-11-09 12:32 millert + + * parse.lex, lex.yy.c: Call YY_FLUSH_BUFFER macro in yywrap() to + clean up any buffers that might still exist. Call yyrestart() + instead of using the deprecated YY_NEW_FILE macro. + +1999-11-09 10:13 millert + + * lex.yy.c, parse.lex: flex doesn't need %N table size declarations + +1999-11-08 16:59 millert + + * configure: regen + +1999-11-08 16:59 millert + + * INSTALL: clarify Mac OS X entry + +1999-11-08 16:59 millert + + * RUNSON: update + +1999-11-08 15:45 millert + + * configure.in: o Use AC_MSG_ERROR throughout o Check syslog + configure options for danity + +1999-11-05 15:11 millert + + * defaults.c: Fix printing of type T_MODE in dump_defaults() + +1999-11-05 10:00 millert + + * strcasecmp.c: missing sys/types.h + +1999-11-04 22:42 millert + + * INSTALL: Break out options that may be overridden at run time + into their own section. Add a not about Max OS X and correct some + lies. + +1999-11-04 12:01 millert + + * CHANGES, config.h.in, configure, configure.in, sudo.c: o Now use + getrlimit to find the highest fd when closing all non-std fd's o + Turn off core dumps via setrlimit for the sake of paranoia + +1999-11-04 11:57 millert + + * RUNSON: updates + +1999-11-01 08:59 millert + + * CHANGES: updates + +1999-11-01 08:43 millert + + * sudo.c: For the sudo_root option, check against user_uid, not + getuid() since at this point, ruid == euid == 0. + +1999-10-31 21:14 millert + + * RUNSON: some updates + +1999-10-31 21:14 millert + + * logging.h: Fix compilation problem when --with-logging=file was + specified. This means that syslog is now required to build sudo + but that should not be a problem. If it is it can be fixed + trivially with a configure check for syslog() or syslog.h. + +1999-10-20 09:23 millert + + * RUNSON: update + +1999-10-16 11:56 millert + + * defaults.c: Error out if syslog parameters are given without a + value. For Ultrix or 4.2BSD "syslog" is allowed without a value + since there are no facilities in the 4.2BSD syslog. + +1999-10-15 14:37 millert + + * defaults.c: Ignore the syslog facility for systems w/ old syslog + like Ultrix. + +1999-10-15 10:51 millert + + * TROUBLESHOOTING: people with "." early in their path can have + problems running sudo from the build dir ;-) + +1999-10-12 22:18 millert + + * sudo.man, sudo.pod, sudo.cat, sudo.html: Remove -r realm option + +1999-10-12 20:34 millert + + * configure, configure.in, sudo.c: New krb5 code from Frank Cusack + . + +1999-10-12 20:33 millert + + * CHANGES: update to reality + +1999-10-11 18:05 millert + + * sudo.cat, sudo.html, sudo.man, sudo.pod: document -L flag + +1999-10-11 17:42 millert + + * sudo.c: in set_perms(), always call setuid(0) before changing the + ruid/euid so we always know it will succeed. + +1999-10-11 10:24 millert + + * defaults.h: #undef T_FOO to avoid conflicts with system defines + (like on ULTRIX). + +1999-10-11 09:55 millert + + * TODO, sample.sudoers: Docuement "Defaults" lines in /etc/sudoers. + Still needs some fleshing out but this is a start. + +1999-10-10 15:21 millert + + * defaults.c, defaults.c: use strtol, not strtoul since not + everyone has not strtoul + +1999-10-10 13:01 millert + + * lex.yy.c, parse.lex: last {WORD} rule should only apply in the + INITIAL state + +1999-10-10 12:38 millert + + * lex.yy.c, parse.lex: o Add support for escaped characters in the + WORD macro o Modify fill() to squash escape chars + +1999-10-10 11:56 millert + + * defaults.c, defaults.h: o Add T_PATH flag to allow simple sanity + checks for default values that are supposed to be pathnames. o + Fix a duplicate free when visudo finds an error. + +1999-10-08 23:01 millert + + * defaults.c, defaults.h, logging.c: mail_if_foo -> mail_foo + +1999-10-07 19:12 millert + + * compat.h, defaults.c, defaults.h, sudo.c: o Add requiretty option + o Move O_NOCTTY to compat.h + +1999-10-07 19:12 millert + + * logging.c: The exit() in log_error() was mistakenly removed in a + previous version. Put it back... + +1999-10-07 15:20 millert + + * INSTALL, TODO, check.c, config.h.in, configure, configure.in, + defaults.c, defaults.h, find_path.c, getspwuid.c, lex.yy.c, + logging.c, parse.yacc, sudo.c: o Change defaults stuff to put the + value right in the struct. o Implement mailer_flags o Store syslog + stuff both in int and string form. Setting the string form + magically updates the int version. o Add boolean attribute to + strings where it makes sense to say !foo + +1999-10-05 22:48 millert + + * INSTALL: the the + +1999-09-15 03:15 millert + + * TODO, config.h.in, configure, configure.in, logging.c: Use + strftime() instead of ctime() if it is available. + +1999-09-14 10:58 millert + + * defaults.c: fix copyright date + +1999-09-14 10:57 millert + + * RUNSON: update ReliantUNIX entry + +1999-09-14 10:56 millert + + * defaults.c, defaults.h, logging.c: add log_year option + +1999-09-14 02:01 millert + + * configure, configure.in: add --without-sendmail to help output + +1999-09-14 01:42 millert + + * configure, configure.in: enforce an otctal arg for + --with-suoders-mode + +1999-09-08 02:06 millert + + * BUGS, INSTALL, Makefile.in, TODO, aclocal.m4, check.c, + config.h.in, configure, configure.in, defaults.c, defaults.h, + find_path.c, lex.yy.c, logging.c, parse.h, parse.lex, parse.yacc, + sudo.c, sudo.h: Add support for "Defaults" line in sudoers to make + configuration variables changable at runtime (and on a global, + per-host and per-user basis). Both the names and the internal + representation are still subject to change. It was necessary to + make sudo_user.runas but a char ** instead of a char * since this + value can be changed by a Defaults line. There is a similar (but + more complicated) issue with sudo_user.prompt but it is handled + differently at the moment. + + Add a "-L" flag to list the name of options with their + descriptions. This may only be temporary. + + Move some prototypes to parse.h + + Be much less restrictive on what is allowed for a username. + +1999-09-08 02:01 millert + + * sample.syslog.conf: Add more info + +1999-09-04 01:09 millert + + * fnmatch.3, fnmatch.c, getcwd.c, lsearch.c, snprintf.c, + strcasecmp.c, LICENSE: UCB has dropped the advertising clause from + their license. + +1999-08-28 04:00 millert + + * fnmatch.c, parse.c: Move inclusion of emul/fnmatch.h to be after + sudo.h for __P + +1999-08-28 03:59 millert + + * sudo.h: add strcasecmp proto + +1999-08-28 03:36 millert + + * configure, configure.in: Define _XOPEN_EXTENDED_SOURCE on AIX and + __USE_FIXED_PROTOTYPES__ on SunOS4 w/ gcc + +1999-08-28 03:24 millert + + * getspwuid.c, lex.yy.c, parse.lex, parse.yacc: include strings.h + everywhere we include string.h + +1999-08-28 02:49 millert + + * config.h.in, configure.in, configure: Add _GNU_SOURCE for Linux + +1999-08-28 02:22 millert + + * parse.lex, lex.yy.c: fix definition of OCTECT + +1999-08-28 02:10 millert + + * configure, configure.in: aix_auth.o not authenticate.o + +1999-08-27 15:02 millert + + * sudo.c: Only block SIGINT, SIGQUIT, SIGTSTP (which can be + generated from the keyboard). Since we run with ruid/euid == 0 the + user can't really signal us in nasty ways. + +1999-08-27 14:09 millert + + * INSTALL, Makefile.in: include auth/API in tarball + +1999-08-27 09:53 millert + + * sudo.c: fix --enable-noargs-shell + +1999-08-27 09:06 millert + + * snprintf.c: "#ifdef __STDC__" not "#if __STDC__" (I missed one) + +1999-08-27 08:39 millert + + * parse.c: typo in comment + +1999-08-26 15:24 millert + + * CHANGES, config.h.in, configure, configure.in: Kill + _XOPEN_EXTENDED_SOURCE -- causes problems on some OSes + +1999-08-26 07:21 millert + + * Makefile.in: add parse.h to HDRS + +1999-08-26 07:16 millert + + * Makefile.in, configure, configure.in: Kill VISUDO_LIBS and + VISUDO_LDFLAGS. Add LIBS, NET_LIBS, and LDFLAGS. Common libs go + in LIBS, commong ld flags go in LDFLAGS and network libs like + -lsocket, -lnsl go in NET_LIBS. This allows testsudoers to build + on Solaris and is a bit cleaner in general. + +1999-08-26 04:56 millert + + * UPGRADE: mention ptmp -> sudoers.tmp + +1999-08-26 04:12 millert + + * configure.in, configure, config.h.in: Define + _XOPEN_SOURCE_EXTENDED not _XOPEN_SOURCE + +1999-08-26 03:37 millert + + * RUNSON: add 2 reports + +1999-08-26 03:19 millert + + * TODO: more things todo! + +1999-08-26 03:18 millert + + * sample.sudoers: update based on what is in the man page + +1999-08-26 03:10 millert + + * parse.yacc: minor change to first line printed in -l mode + +1999-08-26 03:10 millert + + * sudo.cat, sudo.html, sudo.man, sudo.pod: rename "ENVIRONMENT + VARIABLES" section to "ENVIRONMENT" to be more standard and add + "EXAMPLES" section + +1999-08-26 03:06 millert + + * logging.c, parse.c, sudo.h: add FLAG_NO_CHECK + +1999-08-26 03:05 millert + + * parse.lex, lex.yy.c: make an OCTET really be limited to 0-255 + +1999-08-26 03:04 millert + + * UPGRADE: mention timestamp changes + +1999-08-26 03:04 millert + + * PORTING: cosmetic cleanup + +1999-08-24 11:37 millert + + * CHANGES, LICENSE, Makefile.in, configure, strcasecmp.c, + configure.in, parse.yacc: include strcasecmp() for those without it + +1999-08-24 10:43 millert + + * sample.sudoers: Use the : operator some more and fix a typo + +1999-08-24 10:43 millert + + * HISTORY: update the history of sudo + +1999-08-24 10:42 millert + + * parse.c, parse.lex: CIDR-style netmask support + +1999-08-24 10:41 millert + + * CHANGES: recent changes + +1999-08-24 10:40 millert + + * lex.yy.c: regen + +1999-08-24 09:58 millert + + * parse.h, parse.yacc: In "sudo -l" mode, the type of the stored + (expanded) alias was not stored with the contents. This could lead + to incorrect output if the sudoers file had different alias types + with the same name. Normal parsing (ie: not in '-l' mode) is + unaffected. + +1999-08-23 10:47 millert + + * configure, configure.in: define _XOPEN_SOURCE to get at crypt() + proto on some systems + +1999-08-22 11:10 millert + + * snprintf.c: fix comment + +1999-08-22 05:36 millert + + * snprintf.c: kill bogus reference to vfprintf + +1999-08-22 05:26 millert + + * sample.sudoers: better examples + +1999-08-22 05:23 millert + + * snprintf.c: Add some const in the K&R defs. This is safe since + we define const away if the compiler doesn't grok it. + +1999-08-22 05:22 millert + + * aclocal.m4, configure: Better test for working long long support. + Ultrix compiler supports basic long long but not all operations on + them. + +1999-08-22 03:59 millert + + * aclocal.m4, config.h.in, configure, getspwuid.c, snprintf.c, + sudo.c: Add check for LONG_IS_QUAD #undef MAXINT before including + hpsecurity.h to silence an HP-UX warning Check for U?LONG_LONG_MAX + in snprintf.c and use LONG_IS_QUAD + +1999-08-21 13:00 millert + + * LICENSE, aclocal.m4, config.h.in, configure, configure.in, + snprintf.c: UCB-derived snprintf + asprintf support. Supports + quads if the compiler does. No floating point yet, perhaps + later... + +1999-08-20 14:37 millert + + * check.c, find_path.c, goodpath.c, logging.c, parse.c, sudo.c: Run + most of the code as root, not the invoking user. It doesn't really + gain us anything to run as the user since an attacker can just have + an setuid(0) in their egg. Running as root solves potential + problems wrt signalling. + +1999-08-19 11:45 millert + + * logging.c, sudo.c: Don't wait for child to finish in log_error(), + let the signal handler get it if we are still running, else let + init reap it for us. The extra time it takes to wait lets the user + know that mail is being sent. + + Install SIGCHLD handler in main() and for POSIX signals, block + everything *except* SIGCHLD. + +1999-08-19 10:30 millert + + * logging.c, parse.c, parse.yacc, sudo.c, configure, sudo.h, + INSTALL, config.h.in, configure.in: sudoers_lookup() now returns a + bitmap instead of an int. This makes it possible to express things + like "failed to validate because user not listed for this host". + Some thigns that were previously VALIDATE_FOO are now FLAG_FOO. + This may change later on. + + Reorganized code in log_auth() and sudo.c to deal with above + changes. + + Safer versions of push/pushcp with in the do { ... } while (0) + style + + parse.yacc now saves info on the stack to allow parse.c to + determine if a user was listed, but not for the host he/she tried + to run on. + + Added --with-mail-if-no-host option + +1999-08-17 09:29 millert + + * parse.yacc, sudo.h: o NewArgv and NewArgc don't need to be + externally visible. o If pedantic > 1, it is a parse error. o Add + -s (strict) option to visudo which sets pedantic to 2. + +1999-08-17 09:26 millert + + * HISTORY, INSTALL: Just have sudo-bugs contact info in one place + +1999-08-17 09:20 millert + + * sudo.cat, sudo.html, sudo.man, sudo.pod: Add BUGS section + +1999-08-17 08:29 millert + + * configure, configure.in, Makefile.in: Add testsudoers to default + build target if --with-devel Don't clean generated parser files + unless "distclean". + +1999-08-17 06:47 millert + + * parse.yacc: In pedantic mode we need to save *all* the aliases, + not just those that match, or we get spurious warnings. + +1999-08-17 03:32 millert + + * TROUBLESHOOTING: reference samples.sylog.conf + +1999-08-14 09:50 millert + + * sample.syslog.conf: Sample entries for syslog.conf + +1999-08-14 09:40 millert + + * CHANGES: recent changes + +1999-08-14 09:34 millert + + * Makefile.in, INSTALL, README, config.h.in, configure, + configure.in, getspwuid.c, lex.yy.c, parse.lex, parse.yacc: o + --with-otp deprecated, use --without-passwd instead o real + dependencies in the Makefile o --with-devel option to enable yacc, + lex, and -Wall o style -- "foo -> bar" becomes "foo->bar" o ALL + goes back to being a token, not a string but don't leak memory o + rename hsotspec -> host in parse.yacc + +1999-08-12 10:26 millert + + * BUGS, CHANGES: recent changes + +1999-08-12 10:24 millert + + * configure, configure.in, interfaces.c, snprintf.c, sudo.c, + sudo.h: o Digital UNIX needs to check for *snprintf() before -ldb + is added to LIBS since -ldb includes a bogus snprintf(). o Add + forward refs for struct mbuf and struct rtentry for Digital UNIX. + o Reorder some functions in snprintf.c to fix -Wall o Add missing + includes to fix more -Wall + +1999-08-12 08:37 millert + + * INSTALL, check.c, config.h.in, configure, configure.in, + parse.yacc: o Add a "pedentic" flag to the parser. This makes sudo + warn in cases where an alias may be used before it is defined. + Only turned on for visudo and testsudoers. o Add + --disable-authentication option that makes sudo not require + authentication by default. The PASSWD tag can be used to require + authentication for an entry. We no longer overload + --without-passwd. + +1999-08-12 08:29 millert + + * lex.yy.c, parse.lex: Break 'WORD' regexp def into HOSTNAME and + USERNAME. These days a username can contain just about anything so + be very permissive. Also drop the unused \. punctuation. + +1999-08-09 16:25 millert + + * parse.yacc: o add a 'val' element to aliasinfo struct and move -> + parse.h o find_alias() now returns an aliasinfo * instead of + boolean o add_alias() now takes a value parameter to store in the + aliasinfo.val o The cmnd, hostspec, runasuser, and user rules now + return: 1) positive match 0) negative match (due to '!') -1) no + match This means setting $$ explicitly in all cases, which I should + have done in the first place. It also means that we always store a + value that is != -1 and when we see a '!' we can set *_matches to + !rv if rv != -1. The upshot of all of this is that '!' now works + the way it should in lists and some of the rules are more uniform + and sensible. + +1999-08-09 16:17 millert + + * Makefile.in: add parse.h dependency + +1999-08-09 16:17 millert + + * parse.h: kill unused *_matched macros + +1999-08-09 08:35 millert + + * parse.yacc: Allow a list of users as the first thing in a user + spec, not just a single entry. This makes things more uniform, + though it does allow you to write user specs that are hard to read. + +1999-08-09 08:08 millert + + * configure: regen + +1999-08-09 08:08 millert + + * configure.in: fix check for crypt() in libufc + +1999-08-07 12:03 millert + + * README: sudo-users list now exists + +1999-08-07 05:46 millert + + * INSTALL, PORTING, README, TODO, TROUBLESHOOTING: Update to + reality. + +1999-08-07 03:59 millert + + * CHANGES, Makefile.in, TODO, TROUBLESHOOTING, check.c, compat.h, + config.h.in, configure.in, logging.c, sudo.h, configure, fileops.c: + o Move lock_file() and touch() into fileops.c so visudo can use + them o Visudo now locks the sudoers temp file instead of bailing + when the temp file already exists. This fixes the problem of stale + temp files but it does *require* that you not try to put the temp + file in a world-writable directory. This shoud not be an issue as + the temp file should live in the same dir as sudoers. o Visudo now + only installs the temp file as sudoers if it changed. + +1999-08-06 07:49 millert + + * logging.c: add fcntl locking + +1999-08-06 07:33 millert + + * configure, config.h.in, configure.in, logging.c: Lock the log + file. + +1999-08-06 03:36 millert + + * Makefile.in, TROUBLESHOOTING, parse.c, pathnames.h.in, sudo.c: o + /etc/stmp -> /etc/sudoers.tmp since solaris uses stmp as shadow + temp file o _PATH_SUDO_SUDOERS -> _PATH_SUDOERS and _PATH_SUDO_STMP + -> _PATH_SUDOERS_TMP + +1999-08-05 15:38 millert + + * INSTALL, check.c, config.h.in, configure, configure.in: o Kill + *_MESSAGE and replace with NO_LECTURE o Add more things to root + sudo -V config reporting + +1999-08-05 08:56 millert + + * configure, configure.in: aix_auth.o not authenticate.o + +1999-08-05 08:48 millert + + * config.h.in: Add --with-goodpri and --with-badpri configure + options to specify the syslog priority to use. + +1999-08-05 08:30 millert + + * INSTALL, configure.in, logging.h, configure: Add --with-goodpri + and --with-badpri configure options to specify the syslog priority + to use. + +1999-08-05 08:25 millert + + * compat.h: kill crufty AIX stuff + +1999-08-05 04:55 millert + + * Makefile.in: Sigh, some versions of make (like Solaris's) don't + deal with $< like I would expect. Both GNU and BSD makes get this + right but... So, we just expand $< inline at the cost of some + ugliness. + +1999-08-05 04:51 millert + + * logging.c, logging.h, sudo.c, sudo.h: o new defines for syslog + facility and priority o use new print_version() functino for -V + mode + +1999-08-05 04:49 millert + + * check.c: Don't need version.c + +1999-08-05 04:21 millert + + * configure, configure.in, aclocal.m4, config.h.in: Add check for + syslog facilities and priorities tables in syslog.h + +1999-08-05 03:23 millert + + * Makefile.in: o authenticate -> aix_auth o add version.c + +1999-08-04 11:32 millert + + * TODO: sudo should lock its logfile + +1999-08-04 11:28 millert + + * parse.yacc: o Add '!' correctly when expanding Aliases. o Add + shortcut macros for append() to make things more readable. o The + separator in append() is now a string instead of a char. o In + append(), only prepend the separator if the last char is not a '!'. + This is a hack but it greatly simplifies '!' handling. o In -l + mode, Runas lists and NOPASSWD/PASSWD tags are now inherited + across entries in a list (matches current behavior). o Fix + formatting in -l mode such that items in a list are separated by + a space. Greatlt improves readability. o Space for name field in + struct aliasinfo is now allocated dyanically instead of using a + (big) buffer. o In add_alias(), only search the list once (lsearch + instead of lfind + lsearch) + +1999-08-04 09:31 millert + + * lex.yy.c: regen + +1999-08-04 08:54 millert + + * configure, configure.in: Solais pam doesn't require anye xtra + setup + +1999-08-04 03:35 millert + + * parse.yacc: o Simpler '!' support now that the lexer deals with + multiple !'s for us. o In the case of opFOO, have FOO give a + boolean return value and set foo_matches in opFOO, not FOO. o + Treat 'ALL' as a string since it gets fill()'d in parse.lex--fixes + a small memory leak. In the long run it may be better to just + fix parse.lex and make ALL back into a token. However, having it + be a string is useful since it can be easily passed back to the + parent rule if we so desire. + +1999-08-04 01:54 millert + + * parse.lex: o Remove some unnecessary backslashes o collapse + multiple !'s by using !+ and checking if yyleng is even or odd. + this allows us to simplify ! handling in parse.yacc + +1999-08-04 01:53 millert + + * sudo.c: -u flag was being ignored + +1999-08-01 11:04 millert + + * Makefile.in: correct fix + +1999-08-01 10:37 millert + + * Makefile.in: work around pod2man stupididy + +1999-08-01 10:35 millert + + * Makefile.in: correct dependencies for .cat + +1999-08-01 10:26 millert + + * sudo.cat, sudo.man: regen + +1999-08-01 10:25 millert + + * sudo.pod: Add copyright Update to reality + +1999-08-01 09:42 millert + + * parse.c, sudo.c, sudo.h: rename validate() to the more + descriptive sudoers_lookup() + +1999-07-31 10:32 millert + + * CHANGES: updates + +1999-07-31 10:31 millert + + * HISTORY, INSTALL, Makefile.in, README, RUNSON, TROUBLESHOOTING, + configure, configure.in, sudo.c: Sudo, not CU Sudo + +1999-07-31 10:19 millert + + * Makefile.in, alloc.c, check.c, compat.h, config.h.in, + find_path.c, getspwuid.c, goodpath.c, ins_2001.h, ins_classic.h, + ins_csops.h, ins_goons.h, insults.h, interfaces.c, interfaces.h, + lex.yy.c, logging.c, logging.h, parse.c, parse.h, parse.lex, + parse.yacc, pathnames.h.in, putenv.c, strerror.c, sudo.c, sudo.h, + LICENSE: add 4th term to license similar to term 5 in the apache + license + +1999-07-31 10:02 millert + + * LICENSE, aclocal.m4, check.c, configure.in, insults.h, logging.c, + sudo.c, sudo.h: there was a 1995 release too + +1999-07-28 03:24 millert + + * CHANGES: updates + +1999-07-28 03:21 millert + + * check.c: Use dirs instead of files for timestamp. This allows + tty and non-tty schemes to coexist reasonably. Note, however, that + when you update a tty ticket, the mtime on the user dir gets + updated as well. + +1999-07-28 03:17 millert + + * configure.in, configure: Fix getprpwnam() checking on SCO. Need + to link with "-lprot -lx" when linking test program, not just + -lprot. Also add check for getspnam(). The SCO docs indicate that + /etc/shadow can be used but this may be a lie. + +1999-07-22 10:23 millert + + * logging.c: use easprintf() and evasprintf() + +1999-07-22 10:22 millert + + * alloc.c, sudo.h: add easprintf() and evasprintf(), error checking + versions of asprintf() and vasprintf() + +1999-07-22 07:14 millert + + * TODO: remove 2 items. One done, one won't do. + +1999-07-22 07:10 millert + + * sudo.man, sudo.cat, sudo.html, configure, lex.yy.c: regen + +1999-07-22 07:06 millert + + * CHANGES: new changes + +1999-07-22 07:01 millert + + * sudo.pod: o Document -K flag and update meaning of -k flag. o + BSD-style copyright o Document clearing of BIND resolver + environment variables o Clarify bit about shared libs o suggest rc + files create /tmp/.odus if your OS gives away files + +1999-07-22 06:56 millert + + * sudo.h: o BSD copyright o logging and parser bits moved to their + own .h files o new "struct sudo_user" to encapsulate many of the + old globals. + +1999-07-22 06:55 millert + + * sudo.c: o no longer contains sudo 1.1/1.2 code o BSD copyright o + use new logging routines o simplified flow of control o BIND + resolver additions to badenv_table + +1999-07-22 06:53 millert + + * strerror.c: BSD-style copyright + +1999-07-22 06:53 millert + + * snprintf.c: Now compiles on more K&R compilers + +1999-07-22 06:52 millert + + * putenv.c: BSD-style copyright, cosmetic changes + +1999-07-22 06:51 millert + + * parse.c, parse.yacc, parse.h, parse.lex: BSD-style copyright. + Move parser-specific defines and structs into parse.h + other + cosmetic changes + +1999-07-22 06:51 millert + + * logging.h: defines for logging routines + +1999-07-22 06:49 millert + + * ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h, + interfaces.h, pathnames.h.in: BSD-style copyright + +1999-07-22 06:48 millert + + * find_path.c, getspwuid.c, goodpath.c, interfaces.c: BSD-style + copyright, cosmetic changes + +1999-07-22 06:46 millert + + * configure.in: o tgetpass.c is no longer optional o kill DCE_OBJS, + add AUTH_OBJS o kill --disable-tgetpass o add --without-passwd o + changes to fill in AUTH_OBJS for new auth api o check for + strerror(), v?snprintf() and v?asprintf() o replace --with-AuthSRV + with --with-fwtk + +1999-07-22 06:43 millert + + * config.h.in: BSD-style copyright. Remove USE_GETPASS and + HAVE_UTIME_NULL. Add HAVE_FWTK, HAVE_STRERROR, HAVE_SNPRINTF, + HAVE_VSNPRINTF, HAVE_ASPRINTF, HAVE_VASPRINTF, WITHOUT_PASSWD and + NO_PASSWD + +1999-07-22 06:42 millert + + * compat.h: BSD-style copyright; Add S_IFLNK and MIN/MAX id they + are missing. + +1999-07-22 06:39 millert + + * alloc.c: BSD-style copyright + +1999-07-22 06:38 millert + + * TROUBLESHOOTING: no more --with-getpass + +1999-07-22 06:34 millert + + * TODO: Take out things I've done... + +1999-07-22 06:34 millert + + * README: Refer to LICENSE + +1999-07-22 06:34 millert + + * PORTING: --with-getpass no longer exists + +1999-07-22 06:33 millert + + * Makefile.in: BSD-style copyright. Update to reflect reality wrt + new files and new auth modules. + +1999-07-22 06:32 millert + + * INSTALL: Remove --with-AuthSRV and --disable-tgetpass. Add + --with-fwtk and --without-passwd. + +1999-07-22 06:31 millert + + * HISTORY: Update history a bit + +1999-07-22 06:29 millert + + * COPYING, LICENSE: Now distributed under a BSD-style license + +1999-07-22 06:19 millert + + * check.c: Rewrote all the old sudo 1.1/1.2 code. Timestamp + handling is now done more reasonably--better sanity checks and + tty-based stamps are now done as files in a directory with the same + name as the invoking user, eg. /var/run/sudo/millert/ttyp1. It is + not currently possible to mix tty and non-tty based ticket schemes + but this may change in the future (it requires sudo to use a + directory instead of a file in the non-tty case). Also, ``sudo + -k'' now sets the ticket back to the epoch and ``sudo -K'' really + deletes the file. That way you don't get the lecture again just + because you killed your ticket in .logout. BSD-style copyright + now. + +1999-07-22 06:13 millert + + * logging.c: o rewritten logging routines. log_error() now takes + printf-style varargs and log_auth() for the return value of + validate(). o BSD-style copyright + +1999-07-22 05:04 millert + + * auth.c, check_sia.c, dce_pwent.c, secureware.c: superceded by new + auth API + +1999-07-15 09:21 millert + + * snprintf.c: include malloc.h if no stdlib.h + +1999-07-15 08:21 millert + + * snprintf.c: KTH snprintf()/asprintf() for systems w/o them + +1999-07-15 08:20 millert + + * strerror.c: strerror() for systems w/o it + +1999-07-12 04:25 millert + + * parse.c, parse.lex, parse.yacc: Add contribution info in the main + comment + +1999-07-08 04:46 millert + + * parse.yacc: only save an entry if user_matches && host_matches, + even if the stack is empty (fix for previous commit) + +1999-07-08 04:35 millert + + * parse.yacc: 1) Always save an entry on the stack if it is empty. + This fixes the -l and -v flags that were broken by earlier parser + changes. + + 2) In a Runas list, don't negate FALSE -> TRUE since that would + make !foo match any time the user specified a runas user (via -u) + other than foo. + +1999-07-07 12:09 millert + + * auth.c: use a static global to keep stae about empty passwords + +1999-07-07 12:08 millert + + * check_sia.c: make PASSWORD_NOT_CORRECT logging consistent with + other modules + +1999-07-05 14:53 millert + + * auth.c: PAM prompt code was wrong, looks like we have to kludge + it after all. + +1999-07-05 14:35 millert + + * auth.c: In the PAM code, when a user hits return at the first + password prompt, exit without a warning just like the normal auth + code + +1999-07-05 14:15 millert + + * configure, configure.in: kludge around cross-compiler false + positives + +1999-07-05 14:14 millert + + * auth.c, check.c, check_sia.c, logging.c, sudo.h: New (correct) + PAM code Tgetpass now takes an echo flag for use with + PAM_PROMPT_ECHO_ON Block SIGINT and SIGTSTP during auth remove a + useless umask setting Change error from BAD_ALLOCATION -> + BAD_AUTH_INIT (for use with sia/PAM) Some cosmetic changes to + auth.c for consistency + +1999-07-05 14:11 millert + + * sudo.c: Some -Wall and kill some trailing spaces + +1999-07-05 14:10 millert + + * configure.in: define -D__EXTENSIONS__ for solaris so we get + crypt() proto + +1999-06-22 07:42 millert + + * RUNSON: add Dynix 4.4.4 + +1999-06-22 07:30 millert + + * INSTALL, config.h.in, configure.in, configure: for kerberos V < + version, fall back on old kerb4 auth code + +1999-06-22 04:41 millert + + * INSTALL: clarify some things + +1999-06-22 04:38 millert + + * UPGRADE: typos + +1999-06-14 17:47 millert + + * sudo.c: mention why DONT_LEAK_PATH_INFO is not the default + +1999-06-03 10:06 millert + + * configure: regen + +1999-06-03 10:06 millert + + * configure.in: better wording for solaris pam notice + +1999-06-03 09:52 millert + + * CHANGES: document recent changes + +1999-06-03 09:52 millert + + * TROUBLESHOOTING: Update shadow password section + +1999-06-03 09:51 millert + + * auth.c: move authentication code from check.c to auth.c + +1999-06-03 09:51 millert + + * Makefile.in, check.c, sudo.h: move authentication code to auth.c + +1999-05-16 19:36 millert + + * Makefile.in, check.c, check_sia.c, compat.h, find_path.c, + getspwuid.c, goodpath.c, interfaces.c, interfaces.h, lex.yy.c, + logging.c, parse.c, parse.lex, parse.yacc, secureware.c, sudo.c, + sudo.h: Move interface-related defines to interfaces.h so we don't + have to include everywhere. + +1999-05-14 10:30 millert + + * CHANGES, INSTALL, TODO, check.c, compat.h, getspwuid.c, + logging.c, parse.yacc, sudo.c: o Replace _PASSWD_LEN braindeath + with our own SUDO_MAX_PASS. + It turns out the old DES crypt does the right thing with + passwords + longert than 8 characters. + o Fix common typo (necesary -> necessary) + o Update TODO list + +1999-05-03 10:00 millert + + * sudo.c: set $LOGNAME when we set $USER + +1999-04-26 22:00 millert + + * INSTALL: add comment about digital unix and interfaces.c warning + with gcc + +1999-04-14 23:12 millert + + * sample.sudoers: use modern paths and give examples for some of + the new parser features + +1999-04-10 11:03 millert + + * parse.c: fix comment + +1999-04-09 22:49 millert + + * alloc.c, check.c, check_sia.c, dce_pwent.c, find_path.c, + getspwuid.c, goodpath.c, interfaces.c, lex.yy.c, logging.c, + parse.c, parse.lex, parse.yacc, putenv.c, secureware.c, sudo.c: + Function names should be flush with the start of the line so they + can be found trivially in an editor and with grep + +1999-04-09 22:40 millert + + * find_path.c, interfaces.c, lex.yy.c, parse.c, parse.lex, + parse.yacc, sudo.c: free(3) is already void, no need to cast it + +1999-04-09 22:37 millert + + * logging.c, sudo.c, sudo.h: catch case where cmnd_safe is not set + (this should not be possible) + +1999-04-09 22:10 millert + + * CHANGES, logging.c, parse.c, parse.yacc, sudo.c, sudo.h: Stash + the "safe" path (ie: the one listed in sudoers) to the command + instead of stashing the struct stat. Should be safer. + +1999-04-08 17:56 millert + + * INSTALL, Makefile.in, UPGRADE: notes on updating from an earlier + release + +1999-04-07 18:20 millert + + * CHANGES: updated + +1999-04-07 17:18 millert + + * parse.yacc: You can now specifiy a host list instead of just a + host or alias. Ie: user = host1,host2,ALIAS,!host3 my_command now + works. + +1999-04-07 00:50 millert + + * parse.yacc: Move the push from the beginning of cmndspec to the + end. This means we no longer have to do a push at the end of + privilege, just reset some values. + +1999-04-06 12:06 millert + + * sample.sudoers: New runas semantics + +1999-04-06 11:54 millert + + * CHANGES, Makefile.in, alloc.c, config.h.in, configure, + configure.in, strdup.c, sudo.h: In estrdup(), do the malloc + ourselves so we don't need to rely on the system strdup(3) which + may or may not exist. There is now no need to provide strdup() for + those w/o it. Also, the prototype for estrdup() was wrong, it + returns char * and its param is const. + +1999-04-06 11:40 millert + + * getcwd.c: $Sudo tag + +1999-04-06 11:20 millert + + * check.c: buf should be prompt; Michael Robokoff + + +1999-04-05 23:40 millert + + * CHANGES, TODO, parse.yacc: It is now possible to use the '!' + operator in a runas list as well as in a Cmnd_Alias, Host_Alias and + User_Alias. + +1999-04-05 23:38 millert + + * logging.c, sudo.h: Kill GLOBAL_NO_SPW_ENT (not used) and crank + GLOBAL_PROBLEM + +1999-04-05 23:08 millert + + * sudo.h: Definitions of *_matched were wrong--user top, not top-2 + as subscript. + +1999-04-05 23:00 millert + + * logging.c, parse.c, parse.yacc, sudo.c, sudo.h: Add + VALIDATE_NOT_OK_NOPASS for when user is not allowed to run a + command but the NOPASSWD flag was set. Make runasspec, runaslist, + runasuser, and nopasswd typeless in parse.yacc Add support for '!' + in the runas list Fix double printing of '%' and '+' for groups and + netgroups respectively Add *_matched macros (no need for local + stack variable). Should only be used directly after a pop (since + top must be >= 2). + +1999-04-05 21:25 millert + + * aclocal.m4, configure.in: Add copyright, somewhat silly + +1999-04-05 14:57 millert + + * BUGS, INSTALL, Makefile.in, README, alloc.c, check.c, + check_sia.c, compat.h, config.h.in, configure, configure.in, + dce_pwent.c, find_path.c, getspwuid.c, goodpath.c, ins_2001.h, + ins_classic.h, ins_csops.h, ins_goons.h, insults.h, interfaces.c, + lex.yy.c, logging.c, parse.c, parse.lex, parse.yacc, + pathnames.h.in, putenv.c, secureware.c, strdup.c, sudo.c, sudo.cat, + sudo.h, sudo.man: Crank version to 1.6 and combine copyright + statements + +1999-04-05 14:30 millert + + * sample.sudoers: Use ! not ^ to do negation + +1999-04-05 14:29 millert + + * lex.yy.c: regen + +1999-04-05 14:28 millert + + * parse.yacc, parse.lex: Make runas and NOPASSWD tags persistent + across entris in a command list. Add a PASSWD tag to reverse + NOPASSWD. When you override a runas or *PASSWD tag the value given + becomes the new default for the rest of the command list. + +1999-04-02 14:03 millert + + * CHANGES, RUNSON: update for 1.5.9 + +1999-03-30 14:45 millert + + * Makefile.in: testsudoers needs LIBOBJS too + +1999-03-30 10:17 millert + + * parse.c, parse.yacc: Fix another parser bug. For a sudoers entry + like this: millert ALL=/bin/ls,(daemon) !/bin/ls sudo + would not allow millert to run ls as root. + +1999-03-29 23:08 millert + + * CHANGES: new change + +1999-03-29 23:03 millert + + * parse.yacc: Save entries that match a ! command on the matching + stack too + +1999-03-29 23:01 millert + + * sudo.c: Make sudo's usage info better when mutually exclusive + args are given and don't rely on argument order to detect this; + nick@zeta.org.au + +1999-03-29 13:03 millert + + * CHANGES, Makefile.in, RUNSON: updates from CU + +1999-03-28 21:38 millert + + * Makefile.in: use gzip + +1999-03-28 21:31 millert + + * parse.yacc: Fix off by one error introduced in *alloc changes + +1999-03-28 21:05 millert + + * BUGS, CHANGES, INSTALL, Makefile.in, README, alloc.c, check.c, + check_sia.c, compat.h, config.h.in, configure, configure.in, + dce_pwent.c, find_path.c, getspwuid.c, goodpath.c, ins_2001.h, + ins_classic.h, ins_csops.h, ins_goons.h, insults.h, interfaces.c, + lex.yy.c, logging.c, parse.c, parse.lex, parse.yacc, + pathnames.h.in, putenv.c, secureware.c, strdup.c, sudo.c, sudo.cat, + sudo.h, sudo.man: ++version + +1999-03-28 19:59 millert + + * Makefile.in, check.c, find_path.c, getspwuid.c, goodpath.c, + interfaces.c, lex.yy.c, logging.c, parse.c, parse.lex, parse.yacc, + putenv.c, secureware.c, strdup.c, sudo.c, sudo.h: Use + emalloc/erealloc/estrdup + +1999-03-28 18:29 millert + + * alloc.c: error checking memory allocation routines + +1999-03-28 17:23 millert + + * parse.yacc: Still not right, this fixes it for real + +1999-03-28 17:08 millert + + * parse.yacc: Fix for previous commit + +1999-03-28 17:05 millert + + * CHANGES, INSTALL, parse.yacc: Fix a parser bug that was exposed + when mixing different runas specs and ! commands. For example: + millert ALL=(daemon) /usr/bin/whoami,!/bin/ls would allow + millert to run whoami as root as well as daemon when it should just + allow daemon. The problem was that comma-separated commands in a + list shared the same entry on the matching stack. Now they get + their own entry iff there is a full match. It may be better to + just make the runas spec persistent across all commands in a list + like the user and host entries of the matching stack. However, + since that is a fairly major change it should gets its own minor + rev increase. + +1999-03-28 11:50 millert + + * check.c, config.h.in: Simplify PAM code and fix a PAM-related + warning on Linux + +1999-03-26 11:17 millert + + * CHANGES: updates + +1999-03-26 11:12 millert + + * sample.sudoers: better su entry + +1999-03-26 11:10 millert + + * configure: regen + +1999-03-26 11:09 millert + + * check.c, configure.in: new pam code that works on solaris, should + work on linux too; aelberg@home.com + +1999-03-19 12:44 millert + + * RUNSON: more entries + +1999-03-19 12:43 millert + + * config.h.in: only include strings.h if there is no string.h + +1999-03-17 13:25 millert + + * config.guess: Sinix is now being called ReliantUNIX; + bjjackso@us.oracle.com + +1999-03-13 11:37 millert + + * sudo.c: shost must be set before log functions are called #ifdef + HOST_IN_LOG + +1999-03-07 16:34 millert + + * CHANGES, lex.yy.c, parse.lex: Fix a bug wrt quoting characters in + command args. Stop processing an arg when you hit a backslash so + the quoted-character detection can catch it. + +1999-02-25 23:19 millert + + * interfaces.c: include sys/time.h; aparently AIX needs it. + ppz@cdu.elektra.ru + +1999-02-23 17:43 millert + + * configure, configure.in: add missing case statement so + --without-sendmail works + +1999-02-22 19:51 millert + + * CHANGES: more + +1999-02-22 13:10 millert + + * configure, configure.in: only search for -lsun in irix <= 4.x + +1999-02-22 13:01 millert + + * configure, configure.in: back out last configure.in change now + that I've hacked autoconf to fix the real problem and add a missing + newline + +1999-02-22 12:32 millert + + * CHANGES: updated + +1999-02-22 12:05 millert + + * getcwd.c: add def of dirfd() for those without it + +1999-02-22 08:58 millert + + * configure.in, configure: When falling back to checking for + socket() when linking with "-lsocket -lnsl" check for main() + instead since autoconf has already cached the results of checking + for socket() in -lsocket. This is really an autoconf bug as it + should use the extra libs as part of the cache variable name. + +1999-02-22 08:47 millert + + * configure.in: typo + +1999-02-21 13:18 millert + + * configure.in: fix occurrence of $with_timeout that should be + $with_password_timeout; + Michael.Neef@neuroinformatik.ruhr-uni-bochum.de + +1999-02-17 09:40 millert + + * sudo.cat, sudo.html, sudo.man, sudo.pod: fix grammar; + espie@openbsd.org + +1999-02-10 23:41 millert + + * parse.yacc, sudo.c: add cast for strdup in places it does not + have it + +1999-02-09 11:11 millert + + * configure, configure.in: define for_BSD_TYPES irix + +1999-02-06 17:47 millert + + * Makefile.in, sudo.cat, sudo.html, sudo.man, sudo.pod: Make it + clear that it is the user's password, not root's, that we want. + +1999-02-06 17:43 millert + + * check.c, sudo.h: If the user enters an empty password and really + has no password, accept the empty password they entered. + Perviously, they could enter anything *but* an empty password. + Also, add GETPASS macro that calls either tgetpass() or getpass() + depending on how sudo was configured. Problem noted by + jdg@maths.qmw.ac.uk + +1999-02-02 21:32 millert + + * Makefile.in, check.c, check_sia.c, compat.h, config.h.in, + dce_pwent.c, find_path.c, getspwuid.c, goodpath.c, ins_2001.h, + ins_classic.h, ins_csops.h, ins_goons.h, insults.h, interfaces.c, + logging.c, parse.c, parse.lex, parse.yacc, pathnames.h.in, + putenv.c, secureware.c, strdup.c, sudo.c, sudo.h: add explicate + copyright + +1999-02-02 21:16 millert + + * CHANGES: mention -lsocket, -lnsl configure changes + +1999-02-02 15:54 millert + + * sudo.c: Don't clobber errno after calling check_sudoers(). + +1999-01-31 17:46 millert + + * configure.in, configure: When linking with both -lsocket and + -lnsl be sure to do so in that order. Also, when we can't find + socket() or inet_addr() and have to try linking with both libs, + issue a warning. + +1999-01-31 17:45 millert + + * sudo.cat, sudo.man, sudo.pod: clarify bad timestamp and fmt + +1999-01-23 10:18 millert + + * INSTALL, RUNSON: be clear that pam is linux-only and add a RUNSON + entry + +1999-01-22 11:13 millert + + * configure, CHANGES, INSTALL, configure.in: fix and correctly + document --with-umask; problem noted by adap@adap.org + +1999-01-19 18:38 millert + + * configure.in, configure: only use /usr/{man,catman}/local to + store man pages if suer didn't override prefix or mandir + +1999-01-19 18:24 millert + + * configure, INSTALL, configure.in: fix typo, make --with-SecurID + take an arg + +1999-01-18 19:53 millert + + * RUNSON: updates from users + +1999-01-18 19:04 millert + + * CHANGES, INSTALL, check.c, configure, configure.in: FWTK + 'authsrv' support from Kevin Kadow + +1999-01-18 18:00 millert + + * configure, configure.in: better fix for the problem of unresolved + symbols in -lnsl or -lsocket + +1999-01-18 17:39 millert + + * configure, configure.in: when checking for functions in -lnsl and + -lsocket link with both of them to avoid unresolved symbols on some + weirdo systems + +1999-01-17 18:49 millert + + * BUGS, CHANGES, RUNSON, TODO: old changes that didn't make it into + RCS before the RCS->CVS switch + +1999-01-17 16:16 millert + + * Makefile.in, check.c, check_sia.c, compat.h, config.h.in, + configure.in, dce_pwent.c, find_path.c, getspwuid.c, goodpath.c, + ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h, + interfaces.c, lex.yy.c, logging.c, lsearch.c, parse.c, parse.lex, + parse.yacc, pathnames.h.in, putenv.c, secureware.c, strdup.c, + sudo.c, sudo.pod: add sudo tags + +1999-01-17 15:56 millert + + * sudo.h: testing Sudo tag + +1999-01-17 15:40 millert + + * BUGS, INSTALL, Makefile.in, README, check.c, check_sia.c, + compat.h, config.h.in, configure, configure.in, dce_pwent.c, + find_path.c, getspwuid.c, goodpath.c, ins_2001.h, ins_classic.h, + ins_csops.h, ins_goons.h, insults.h, interfaces.c, lex.yy.c, + logging.c, parse.c, parse.lex, parse.yacc, pathnames.h.in, + putenv.c, secureware.c, strdup.c, sudo.c, sudo.cat, sudo.h, + sudo.man: crank version and regen files + +1999-01-17 15:27 millert + + * Makefile.in: kill rcs goop in update_version and fix now that + version is a const + +1999-01-17 15:08 millert + + * INSTALL, check.c, config.h.in, configure, configure.in, + logging.c, sudo.c, sudo.h, sudo.pod: kerb5 support from + fcusack@iconnet.net + +1999-01-17 14:45 millert + + * realpath.c: we no longer use realpath + +1999-01-17 14:44 millert + + * qualify.c: replaced by find_path.c + +1999-01-17 14:43 millert + + * options.h: all options are now configure flags + +1999-01-17 14:42 millert + + * lex.yy.c: regen + +1999-01-17 14:41 millert + + * getwd.c: superceded by getcwd.c + +1999-01-17 14:36 millert + + * getpass.c: superceded by tgetpass.c + +1999-01-17 14:36 millert + + * SUPPORTED: superceded by RUNSON + +1999-01-17 14:33 millert + + * OPTIONS: No longer used now that we have configure options for + everything. + +1999-01-17 14:32 millert + + * configure: regen based on configure.in + +1999-01-17 14:31 millert + + * sudo.man, sudo.cat, sudo.html: regen based on sudo.pod, + sudoers.pod, and visudo.pod + +1998-12-11 10:16 millert + + * check.c: fix tty tickets in remove_timestamp (didn't use ':') + +1998-12-07 14:16 millert + + * interfaces.c: close sock when we are done with it + +1998-11-27 17:37 millert + + * parse.yacc: never say "error on line -1" + +1998-11-23 21:38 millert + + * configure.in: check for -lnsl before -lsocket + +1998-11-23 21:29 millert + + * configure.in: quote '[', ']' used in ranges correctly + +1998-11-21 15:54 millert + + * config.h.in: add missing NO_ROOT_SUDO noted by drno@tsd.edu + +1998-11-20 16:33 millert + + * INSTALL: more info for 1.5.7 + +1998-11-20 16:30 millert + + * README: update for 1.5.7 + +1998-11-20 12:26 millert + + * parse.yacc: make increases of cm_list_size and ga_list_size be + similar to increases of stacksize (ie: >= not > in initial + compare). + +1998-11-20 12:22 millert + + * parse.yacc: when we get a syntax error, report it for the + previous line since that's generally where the error occurred. + +1998-11-18 13:31 millert + + * config.h.in, configure.in, interfaces.c: add back check for + sys/sockio.h but only use it if SIOCGIFCONF is not defined + +1998-11-18 13:25 millert + + * config.h.in: define BSD_COMP for svr4 + +1998-11-17 21:16 millert + + * check.c, check_sia.c, find_path.c, getcwd.c, getspwuid.c, + goodpath.c, interfaces.c, logging.c, lsearch.c, parse.c, parse.lex, + parse.yacc, putenv.c, secureware.c, strdup.c, sudo.c: more -Wall + +1998-11-17 21:10 millert + + * configure.in: kill check for sockio,h + +1998-11-17 21:10 millert + + * config.h.in: no more HAVE_SYS_SOCKIO_H + +1998-11-17 20:51 millert + + * check.c, check_sia.c, find_path.c, getcwd.c, getspwuid.c, + goodpath.c, interfaces.c, logging.c, lsearch.c, parse.c, parse.lex, + parse.yacc, putenv.c, secureware.c, strdup.c, sudo.c: -Wall + +1998-11-16 15:38 millert + + * sudo.c: add missing inform_user() + +1998-11-13 17:21 millert + + * find_path.c: return NOT_FOUND if given fully qualified path and + it does not exist previously it would perror(ENOENT) which bypasses + the option to not leak path info + +1998-11-13 17:20 millert + + * configure.in: for kerb5, check for -lkerb4, fall back on -lkrb + for kerb, check for -ldes + +1998-11-13 12:19 millert + + * INSTALL: tty tickets are user:tty now + +1998-11-13 12:10 millert + + * check.c: when using tty tickets make it user:tty not user.tty as + a username could have a '.' in it + +1998-11-09 17:15 millert + + * sudo.c: add "ignoring foo found in ." for auth successful case + +1998-11-09 15:57 millert + + * sudo.c: add missing printf param + +1998-11-08 13:56 millert + + * INSTALL, config.h.in, configure.in, find_path.c, sudo.c, sudo.h: + go back to printing "command not found" unless --disable-path-info + specified. Also, tell user when we ignore '.' in their path and it + would have been used but for --with-ignore-dot. + +1998-11-08 11:51 millert + + * check.c, sudo.c: Only one space after a colon, not two, in + printf's + +1998-11-05 10:59 millert + + * sudo.pod: document setting $USER + +1998-11-04 20:24 millert + + * check.c: fix bugs with prompt expansion + +1998-11-04 19:21 millert + + * sudo.c: set $USER for root too + +1998-11-04 15:13 millert + + * getspwuid.c: typo + +1998-11-04 15:07 millert + + * configure.in: HP-UX's iscomsec is in -lsec, not libc + +1998-11-03 20:24 millert + + * configure.in: remove some entries in the OS case statement that + did nothing + +1998-11-03 20:19 millert + + * TROUBLESHOOTING: add "cd" section and flush out syslog section + +1998-11-03 18:51 millert + + * Makefile.in: no more sudo-lex.yy.c + +1998-11-03 18:50 millert + + * check_sia.c: add custom prompt support + +1998-11-03 18:40 millert + + * sudo.c: kill perror("malloc") since we already have a good error + messages pw_ent -> pw for brevity set $USER if -u specified + +1998-11-03 18:39 millert + + * parse.c: kill perror("malloc") since we already have a good error + messages pw_ent -> pw for brevity when checking if %group matches, + look up user in password file so that %groups works in a RunAs + spec. + +1998-11-03 18:39 millert + + * logging.c, parse.yacc: kill perror("malloc") since we already + have a good error messages + +1998-11-03 18:38 millert + + * check.c, getspwuid.c, interfaces.c: kill perror("malloc") since + we already have a good error messages pw_ent -> pw for brevity + +1998-11-03 13:03 millert + + * sudo.h: tgetpass now has the same args as getpass again + +1998-11-03 13:02 millert + + * getspwuid.c: add iscomsec, issecure support + +1998-11-03 13:02 millert + + * check.c: we now expand any %h or %u in the prompt before passing + to tgetpass + +1998-11-03 12:58 millert + + * configure.in: add check for syslog(3) in -lsocket, -lnsl, -linet + +1998-11-03 12:56 millert + + * config.h.in: add HAVE_ISCOMSEC and HAVE_ISSECURE + +1998-11-03 12:55 millert + + * configure.in: add check for iscomsec in HP-UX + +1998-11-03 12:51 millert + + * configure.in: check for issecure if we have getpwanam on SunOS + some options are incompatible with DUNIX SIA check for dispcrypt on + DUNIX + +1998-10-25 13:21 millert + + * config.h.in: add HAVE_DISPCRYPT + +1998-10-25 13:21 millert + + * secureware.c: add back support for non-dispcrypt based checking + for older DUNIX + +1998-10-24 22:51 millert + + * INSTALL: sia changes + +1998-10-24 22:48 millert + + * configure.in: SIA becomes the default on Digital UNIX now havbe + --disable-sia to turn it off... + +1998-10-24 21:52 millert + + * check.c: move local includes after system ones + +1998-10-24 17:28 millert + + * check.c, check_sia.c, sudo.h: add pass_warn() which prints out + INCORRECT_PASSWORD or an insult to stderr + +1998-10-24 17:07 millert + + * check_sia.c: fix while loop in sia_attempt_auth() that checks the + password. Only the first iteration was working. + +1998-10-21 19:00 millert + + * aclocal.m4: don't trust UID_MAX or MAXUID + +1998-10-21 18:35 millert + + * configure.in: fix two pastos + +1998-10-21 18:30 millert + + * configure.in: fix typo + +1998-10-21 18:19 millert + + * getspwuid.c, secureware.c: init crypt_type to INT_MAX since it is + legal to be negative in DUNX 5.0 + +1998-10-21 18:15 millert + + * configure.in: for secureware on dunix, use -lsecurity -ldb -laud + -lm but check for -ldb since DUNX < 4.0 lacks it + +1998-10-21 17:50 millert + + * check.c, compat.h, config.h.in, configure.in, getspwuid.c, + secureware.c, sudo.c: getprpwuid is broken in HP-UX 10.20 at least + (it sleeps for 2 minutes if the shadow files don't exist). + +1998-10-20 15:22 millert + + * INSTALL: updated --with-editor blurb + +1998-10-20 15:21 millert + + * TROUBLESHOOTING: tell how to put sudoers in a different dir + +1998-10-20 14:22 millert + + * configure.in: add missing quotes around $with_editor + +1998-10-20 12:00 millert + + * configure.in: typo in --with-editor bits + +1998-10-19 23:24 millert + + * INSTALL: I don't expect it to work on Solaris + +1998-10-19 23:24 millert + + * check.c: add back security/pam_misc.h + +1998-10-19 15:13 millert + + * INSTALL: remove dunix note since configure checks for this now + +1998-10-19 14:30 millert + + * configure.in: add check for broken dunix prot.h (4.0 < 4.0D is + bad) + +1998-10-19 12:32 millert + + * getspwuid.c, secureware.c: new dunix shadow code, use + dispcrypt(3) + +1998-10-19 12:32 millert + + * config.h.in: add HAVE_INITPRIVS + +1998-10-19 12:31 millert + + * sudo.c: call initprivs() if we have it for getprpwuid later on + +1998-10-19 12:30 millert + + * Makefile.in: clean pathnames.h too + +1998-10-19 12:28 millert + + * configure.in: quote "Sorry, try again." with [] since it has a + comma in it set LIBS when we add stuff to SUDO_LIBS set SECUREWARE + when we find getprpwuid() so we can check for bigcrypt, + set_auth_parameters, and initprivs later. + +1998-10-19 11:48 millert + + * INSTALL: update Digital UNIX note about acl.h + +1998-10-18 18:26 millert + + * INSTALL: add --with-sia --without-root-sudo -> + --disable-root-sudo some reordering + +1998-10-18 18:22 millert + + * secureware.c: add whitespace + +1998-10-18 18:22 millert + + * Makefile.in, check.c, config.h.in, configure.in, logging.c, + sudo.h: add SIA support + +1998-10-18 18:21 millert + + * check_sia.c: Initial revision + +1998-10-18 17:42 millert + + * configure.in: when checking for -lsocket, -lnsl, and -linet, + check for the specific functions we need from them. + +1998-10-18 17:10 millert + + * config.h.in, sudo.h: move Syslog_* defs into sudo.h + +1998-10-18 16:15 millert + + * sudo.h, Makefile.in: added check_secureware + +1998-10-18 16:12 millert + + * configure.in: finished adding AC_MSG_CHECKING and AC_MSG_RESULT + bits + +1998-10-18 16:00 millert + + * insults.h: don't define CLASSIC_INSULTS and CSOPS_INSULTS if no + other sets defined. configure now does that for us + +1998-10-18 15:45 millert + + * configure.in: move some --with options around change a bunch of + echo's to AC_MSG_CHECKING, AC_MSG_RESULT pairs + +1998-10-17 23:09 millert + + * configure.in: change $with_foo-bar -> $with_foo_bar kill extra " + that caused a syntax error add some echo verbage + +1998-10-17 16:08 millert + + * check.c: moved SecureWare stuff into secureware.c + +1998-10-17 16:07 millert + + * secureware.c: Initial revision + +1998-10-17 15:02 millert + + * INSTALL: update url to solaris gcc bins + +1998-10-17 14:39 millert + + * INSTALL: change option formatter and flesh out someentries + +1998-10-17 14:18 millert + + * sudo.pod, TROUBLESHOOTING: environmental variable -> environment + variable + +1998-10-17 14:01 millert + + * BUGS: everything is now done via configure + +1998-10-17 14:00 millert + + * README: prev rev was 1.5.6 + +1998-10-16 22:33 millert + + * Makefile.in: passing SUDOERS_MODE, SUDOERS_UID, SUDOERS_GID + correctly + +1998-10-16 22:32 millert + + * config.h.in: SUDOERS_MODE, SUDOERS_UID, SUDOERS_GID now come from + the Makefile + +1998-10-16 22:31 millert + + * Makefile.in: merge OSDEFS and OPTIONS into DEFS get sudoers_uid, + sudoers_gid, sudoers_mode from configure + +1998-10-16 22:30 millert + + * configure.in: SUDOERS_MODE, SUDOERS_UID, and SUDOERS_GID now get + substituted into the Makefile, not config.h + +1998-10-16 22:30 millert + + * INSTALL: document all --with/--enable options + +1998-10-15 00:25 millert + + * insults.h: options.h is no more + +1998-10-15 00:25 millert + + * config.h.in: assimilated options.h + +1998-10-15 00:24 millert + + * configure.in: moved options from options.h to configure + +1998-10-14 23:41 millert + + * check.c, find_path.c, getspwuid.c, goodpath.c, interfaces.c, + logging.c, parse.c, parse.lex, parse.yacc, sudo.c, sudo.pod: no + more options.h + +1998-10-14 23:39 millert + + * INSTALL, Makefile.in, PORTING, TROUBLESHOOTING: remove references + to options.h + +1998-10-14 23:32 millert + + * interfaces.c, dce_pwent.c, sudo.c: kill sys/time.h + +1998-10-14 22:03 millert + + * options.h: convert LOGGING, LOGFAC, MAXLOGFILELEN, + IGNORE_DOT_PATH into configure options + +1998-10-14 21:57 millert + + * parse.c: FAST_MATCH is no longer an optino + +1998-10-14 21:52 millert + + * check.c: remove_timestamp() if timestamp is preposterous + +1998-10-14 21:36 millert + + * options.h: convert more options to --with/--enable + +1998-10-14 21:36 millert + + * INSTALL, aclocal.m4: logfile -> logpath + +1998-10-14 21:31 millert + + * configure.in: convert more options into --with and --enable + +1998-10-14 21:15 millert + + * logging.c: sys/errno -> errno + +1998-09-24 09:40 millert + + * sudo.c: UMASK -> SUDO_UMASK. + +1998-09-24 09:36 millert + + * check.c, logging.c: time.h, not sys/time.h + +1998-09-21 17:52 millert + + * logging.c: MAILER -> _PATH_SENDMAIL + +1998-09-20 22:06 millert + + * INSTALL, configure.in: no more --with-C2, now it is + --disable-shadow + +1998-09-20 22:00 millert + + * aclocal.m4, check.c, compat.h, config.h.in, configure.in, + getspwuid.c, sudo.c: new shadow password scheme. Always include + shadow support if the platform supports it and the user did not + disable it via configure + +1998-09-20 17:48 millert + + * configure.in: --with-getpass -> --{enable,disable}-tgetpass + +1998-09-20 17:16 millert + + * Makefile.in: pathnames.h -> pathnames.h.in + +1998-09-20 17:14 millert + + * check.c: fix version string + +1998-09-20 17:12 millert + + * check.c: move pam_conv to be static to auth function remove + pam_misc.h (solaris doesn't have one) + +1998-09-20 17:10 millert + + * aclocal.m4: _CONFIG_PATH_* -> _PATH_* or _PATH_SUDO_* kill + SUDO_PROG_PWD + +1998-09-20 17:10 millert + + * configure.in: munge pathnames.h.in -> pathnames.h kill + SUDO_PROG_PWD + +1998-09-20 17:10 millert + + * pathnames.h.in: convert to pathnames.h.in + +1998-09-18 18:20 millert + + * configure.in: fix typo in sysv4 matching case /. + +1998-09-17 23:29 millert + + * check.c: pam stuff needs to run as root, not user, for shadow + passwords + +1998-09-17 10:26 millert + + * Makefile.in, check.c, compat.h, config.h.in, dce_pwent.c, + find_path.c, getspwuid.c, goodpath.c, ins_2001.h, ins_classic.h, + ins_csops.h, ins_goons.h, insults.h, interfaces.c, logging.c, + options.h, parse.c, parse.lex, parse.yacc, pathnames.h.in, + putenv.c, strdup.c, sudo.c, sudo.h, BUGS, INSTALL, README, + configure.in: updated version + +1998-09-17 10:13 millert + + * check.c: user version.h for long message + +1998-09-17 09:53 millert + + * check.c: this is version 1.5.6 + +1998-09-16 11:42 millert + + * Makefile.in: remove errant backslash + +1998-09-14 20:25 millert + + * options.h, parse.yacc, pathnames.h.in: fix version string + +1998-09-14 20:02 millert + + * BUGS, CHANGES, TODO: updtaed for 1.5.6 + +1998-09-14 20:02 millert + + * RUNSON: updated for 1.5.6 + +1998-09-14 09:48 millert + + * interfaces.c: kill unused localhost_mask var copy if name to + ifr_tmp after we zero it + +1998-09-13 13:50 millert + + * INSTALL: Better description of new vs. old sudoers modes fix some + typos better description of /usr/ucb/cc gotchas on slowaris + +1998-09-13 13:49 millert + + * Makefile.in: add sample.pam + +1998-09-13 13:32 millert + + * sudo.c: set NewArgv[0] to user_shell, not basename(user_shell) + +1998-09-12 09:10 millert + + * README: mention TROUBLESHOOTING more fix some typos + +1998-09-11 18:30 millert + + * configure.in: move --enable/--disable to be after --with + +1998-09-11 18:30 millert + + * INSTALL: document --enable/--disable + +1998-09-11 18:26 millert + + * INSTALL: document --with-pam + +1998-09-11 17:47 millert + + * configure.in: Add message for pam users + +1998-09-11 17:27 millert + + * sample.pam: Initial revision + +1998-09-11 17:23 millert + + * config.h.in: fix HAVE_PAM + +1998-09-11 17:19 millert + + * check.c, config.h.in, configure.in: pam support, from Gary Calvin + + +1998-09-10 16:51 millert + + * config.h.in: add HOST_IN_LOG and WRAP_LOG + +1998-09-10 16:51 millert + + * logging.c: add WRAP_LOG and HOST_IN_LOG + +1998-09-10 16:37 millert + + * configure.in: add --enable-log-host and --enable-log-wrap + +1998-09-10 16:32 millert + + * aclocal.m4: use AC_DEFINE_UNQUOTED for --with-logfile and + --with-timedir + +1998-09-08 18:45 millert + + * compat.h: add howmany macro + +1998-09-07 18:42 millert + + * OPTIONS, options.h, parse.yacc, sudo.c: add RUNAS_DEFAULT + +1998-09-07 10:51 millert + + * fnmatch.c: bring in stdio.h for NULL + +1998-09-07 10:50 millert + + * aclocal.m4: allow /bin/{ksh,bach} and /usr/bin/{ksh,bash} as sh + +1998-09-07 10:43 millert + + * sudo.c: use HAVE_SET_AUTH_PARAMETERS + +1998-09-07 10:42 millert + + * config.h.in: add HAVE_SET_AUTH_PARAMETERS + +1998-09-07 10:41 millert + + * configure.in: add *-*-hiuxmpp* add test for set_auth_parameters() + if secureware + +1998-09-07 10:39 millert + + * config.sub: add support for HI-UX/MPP SR220001 02-03 0 SR2201 + +1998-09-07 10:06 millert + + * interfaces.c: initialize previfname + +1998-09-07 09:51 millert + + * interfaces.c: Don't use SIOCGIFADDR, we don't need it Use + SIOCGIFFLAGS if we have it check ifr_flags against IFF_UP and + IFF_LOOPBACK instead of kludging it + +1998-09-07 09:49 millert + + * configure.in: typo + +1998-09-06 22:01 millert + + * Makefile.in: don't need special build line for sudo.tab.o + +1998-09-06 21:58 millert + + * Makefile.in: don't clean sudo.tab.[ch] + +1998-09-06 21:48 millert + + * sudo.c: Sudo should prompt for a password before telling the user + that a command could not be found. + +1998-09-06 21:47 millert + + * BUGS: for 1.5.6 + +1998-09-06 21:25 millert + + * INSTALL, README: no longer require yacc + +1998-09-06 21:19 millert + + * Makefile.in: typo + +1998-09-06 21:18 millert + + * Makefile.in: y.tab -> sudo.tab include pre-yacc'd parse.yacc + +1998-09-06 21:09 millert + + * parse.lex: include sudo.tab.h, not y.tab.h don't break out of + command args if you get a '=' + +1998-09-06 20:59 millert + + * insults.h: fix version , + +1998-09-06 20:57 millert + + * compat.h, ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h: + fix version + +1998-09-06 20:55 millert + + * getcwd.c: getcwd(3) from OpenBSD for those without it. + +1998-09-06 20:51 millert + + * sudo.h: HAVE_GETWD -> HAVE_GETCWD + +1998-09-06 20:49 millert + + * configure.in: pretend sunos doesn't have getcwd(3) since it opens + a pipe to getpwd! + +1998-09-06 20:41 millert + + * parse.c: use NAMLEN() macro + +1998-09-06 20:34 millert + + * fnmatch.c: remove duplicate include of string.h + +1998-09-06 20:28 millert + + * configure.in: call SUDO_TYPE_DEV_T and SUDO_TYPE_INO_T + +1998-09-06 20:28 millert + + * aclocal.m4: add SUDO_TYPE_DEV_T and SUDO_TYPE_INO_T + +1998-09-06 20:28 millert + + * config.h.in: add dev_t and ino_t + +1998-07-28 10:44 millert + + * check.c: fix OTP_ONLY for opie + +1998-05-18 22:10 millert + + * Makefile.in: make update_version saner + +1998-05-18 21:32 millert + + * config.h.in: add HAVE_WAITPID, HAVE_WAIT3, and sudo_waitpid() + +1998-05-18 21:32 millert + + * configure.in: check for waitpid and wait3 or no waitpid + +1998-05-18 21:31 millert + + * logging.c: used waitpid or wait3 if we have 'em + +1998-04-27 18:09 millert + + * configure.in: don't need to explicately mention -lsocket -lnsl + for sequent + +1998-04-24 23:56 millert + + * configure.in: dynix should not link with -linet + +1998-04-10 13:32 millert + + * INSTALL: mention that HP-UX doesn't ship with yacc + +1998-04-06 20:35 millert + + * check.c: ignore kerberos if we can't get the local realm + +1998-04-05 21:37 millert + + * configure.in, BUGS, INSTALL, README: ++version + +1998-04-05 21:35 millert + + * Makefile.in, check.c, config.h.in, dce_pwent.c, find_path.c, + getspwuid.c, getcwd.c, goodpath.c, interfaces.c, logging.c, + parse.c, parse.lex, putenv.c, strdup.c, sudo.c, sudo.h: updated + version + +1998-04-05 21:34 millert + + * check.c, sudo.h: fix version + +1998-04-05 21:33 millert + + * getcwd.c: don't use popen/pclose. Do it inline. + +1998-04-05 21:25 millert + + * lsearch.c: add rcsid + +1998-04-05 21:21 millert + + * sudo.c: typo + +1998-04-05 21:17 millert + + * sudo.h, pathnames.h.in, compat.h, options.h, ins_2001.h, + insults.h, ins_classic.h, ins_goons.h, ins_csops.h, parse.yacc, + check.c: updated version + +1998-04-05 21:15 millert + + * check.c, find_path.c, parse.c, sudo.c: MAX* + 1 -> MAX* + +1998-04-05 21:14 millert + + * Makefile.in: getwd.c -> getcwd.c + +1998-04-05 20:49 millert + + * config.h.in: kill HAVE_GETWD + +1998-04-05 20:49 millert + + * configure.in: getcwd, not getwd + +1998-04-05 20:48 millert + + * getcwd.c: use MAX* not MAX* + 1 always run pwd as using getwd() + defeats the purpose + +1998-03-30 22:15 millert + + * OPTIONS, options.h: add STUB_LOAD_INTERFACES + +1998-03-30 22:05 millert + + * Makefile.in, check.c, compat.h, config.h.in, dce_pwent.c, + find_path.c, getspwuid.c, getwd.c, goodpath.c, ins_2001.h, + ins_classic.h, ins_csops.h, ins_goons.h, insults.h, interfaces.c, + logging.c, options.h, parse.c, parse.lex, parse.yacc, + pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h: updated version + +1998-03-30 21:54 millert + + * configure.in: support *-ccur-sysv4 and fix two typos + +1998-03-27 17:52 millert + + * configure.in: don't echo about with_logfile and with_timedir + +1998-03-27 17:49 millert + + * INSTALL: document --with-logfile and --with-timedir + +1998-03-27 17:46 millert + + * aclocal.m4: support --with-logfile and --with-timedir + +1998-03-27 17:46 millert + + * configure.in: Add --with-logfile and --with-timedir + +1998-03-27 17:27 millert + + * sudo.c: change size computation of NewArgv for UNICOS + +1998-02-18 18:10 millert + + * configure.in: treate -*-sysv4* like *-*-svr4 + +1998-02-18 16:19 millert + + * configure.in: fix spacing for --with-authenticate help + +1998-02-18 14:39 millert + + * Makefile.in, check.c, compat.h, config.h.in, dce_pwent.c, + find_path.c, getspwuid.c, getwd.c, goodpath.c, ins_2001.h, + ins_classic.h, ins_csops.h, ins_goons.h, insults.h, interfaces.c, + logging.c, options.h, parse.c, parse.lex, parse.yacc, + pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h: updated version + +1998-02-18 14:23 millert + + * parse.yacc: fix off by one error in push macro + +1998-02-16 23:15 millert + + * configure.in: removed bogus alloca hack + +1998-02-16 23:15 millert + + * check.c: added AIX 4.x authenticate() support + +1998-02-16 23:11 millert + + * parse.yacc: include alloca.h if using bison and not gcc and it + exists. fixes an alloca problem on hpux 10.x + +1998-02-16 22:39 millert + + * INSTALL: mention --with-authenticate + +1998-02-16 22:37 millert + + * configure.in: added AIX authenticate() support + +1998-02-16 22:22 millert + + * config.h.in: add HAVE_AUTHENTICATE + +1998-02-16 21:58 millert + + * interfaces.c: dynamically size ifconf buffer + +1998-02-16 21:56 millert + + * configure.in: quote '[' and ']' + +1998-02-16 19:42 millert + + * Makefile.in, check.c, compat.h, config.h.in, dce_pwent.c, + find_path.c, getspwuid.c, getwd.c, goodpath.c, ins_2001.h, + ins_classic.h, ins_csops.h, ins_goons.h, insults.h, logging.c, + options.h, parse.c, parse.lex, parse.yacc, pathnames.h.in, + putenv.c, strdup.c, sudo.c, sudo.h: updated version + +1998-02-16 16:57 millert + + * TROUBLESHOOTING: add busy stmp file explanation + +1998-02-15 16:49 millert + + * configure.in: the name of the cached var that signals whether or + not you are cross compiling changed. It is now ac_cv_prog_cc_cross + +1998-02-11 14:26 millert + + * INSTALL: mention glibc 2.07 is fixed wrt lsearch()\. + +1998-02-06 19:55 millert + + * sample.sudoers: better example of su but not root su + +1998-02-06 13:49 millert + + * Makefile.in, check.c, compat.h, config.h.in, dce_pwent.c, + find_path.c, getspwuid.c, getwd.c, goodpath.c, ins_2001.h, + ins_classic.h, ins_csops.h, ins_goons.h, insults.h, interfaces.c, + logging.c, options.h, parse.c, parse.lex, parse.yacc, + pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h: updated version + +1998-02-06 13:48 millert + + * Makefile.in: correct regexp for updating version + +1998-02-06 12:05 millert + + * check.c: fix bogus flush of stderr + +1998-02-05 17:19 millert + + * sudo.c: close fd's <=2 not <=3 and move that chunk of code up + +1998-02-05 17:18 millert + + * configure.in: support hpux1[0-9] not just hpux10 + +1998-01-30 12:59 millert + + * parse.c: set sudoers_fp to nil after closing + +1998-01-23 23:05 millert + + * config.guess, config.sub: updated from autoconf 2.12 + +1998-01-23 22:50 millert + + * configure.in: add *-*-svr4 rule + +1998-01-22 20:49 millert + + * check.c: kill extra whitespace + +1998-01-22 17:28 millert + + * sudo.c: do an initgroups() before running a command, unless the + target user is root. + +1998-01-22 10:22 millert + + * TROUBLESHOOTING: tell people to use tabs, not spaces, in + syslog.conf + +1998-01-20 23:56 millert + + * parse.lex, Makefile.in, config.h.in, getwd.c, strdup.c, putenv.c, + dce_pwent.c: updated version + +1998-01-20 23:32 millert + + * goodpath.c, interfaces.c: updated version + +1998-01-20 23:29 millert + + * sudo.h, pathnames.h.in, options.h, compat.h, insults.h, + ins_2001.h, ins_classic.h, ins_goons.h, ins_csops.h, parse.yacc, + check.c, getspwuid.c, find_path.c, logging.c, parse.c, sudo.c: + updated version + +1998-01-20 23:20 millert + + * Makefile.in: more tweaks to update_version + +1998-01-20 23:19 millert + + * Makefile.in: fixed up update_version rule + +1998-01-20 22:55 millert + + * configure.in: ++version + +1998-01-20 22:53 millert + + * Makefile.in: removed supe of check.c + +1998-01-20 22:51 millert + + * INSTALL: ++version I missed + +1998-01-20 22:51 millert + + * RUNSON: updated + +1998-01-20 22:48 millert + + * Makefile.in, check.c, compat.h, config.h.in, dce_pwent.c, + find_path.c, getspwuid.c, getwd.c, goodpath.c, ins_2001.h, + ins_classic.h, ins_csops.h, ins_goons.h, insults.h, interfaces.c, + logging.c, options.h, parse.c, parse.lex, parse.yacc, + pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h, BUGS, INSTALL, + README: updated version + +1998-01-20 22:47 millert + + * CHANGES: updated for 1.5.5 + +1998-01-20 22:35 millert + + * Makefile.in: add rules to update version stuff in files so I + don't need to do it by hand + +1998-01-20 22:04 millert + + * sudo.h: sudoers_fp is now extern + +1998-01-20 22:03 millert + + * sudo.c: in check_sudoers, cache the sudoers file handle in + sudoers_fp so we don't have to open it again in the parse. This + may help with weird solaris problems where EAGAIN sometime occurrs. + +1998-01-20 22:02 millert + + * parse.c: sudoers file open is now done only in check_sudoers() so + we just do a rewind() instead of an open. May help people on + solaris who were getting EAGAIN. + +1998-01-16 09:43 millert + + * INSTALL: mention that newer glibc is fixed + +1998-01-13 10:58 millert + + * sudo.c: newer irix uses _RLDN32_* envariables for 32-bit binaries + so ignore _RLD* instead of _RLD_* + +1998-01-13 08:32 millert + + * parse.c: typo + +1998-01-13 08:19 millert + + * parse.c: fix that bug for real + +1998-01-13 00:39 millert + + * INSTALL: document Linux's libc6 brokenness. + +1998-01-13 00:00 millert + + * parse.yacc: -Wall + +1998-01-12 23:22 millert + + * RUNSON: updated + +1998-01-12 22:50 millert + + * TROUBLESHOOTING: remind people to HUP syslogd + +1998-01-12 22:05 millert + + * Makefile.in: add -O flag to tar + +1998-01-12 22:00 millert + + * TODO, RUNSON: updated + +1998-01-12 21:59 millert + + * sudo.pod: remove author's email addr. people should mail + sudo-bugs + +1998-01-12 21:49 millert + + * INSTALL: fix version + +1998-01-12 21:48 millert + + * README, check.c, compat.h, config.h.in, configure.in, + dce_pwent.c, find_path.c, getspwuid.c, getwd.c, goodpath.c, + ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h, + interfaces.c, logging.c, options.h, parse.c, parse.lex, parse.yacc, + pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h: ++version + +1998-01-12 21:44 millert + + * RUNSON: updated + +1998-01-12 21:42 millert + + * INSTALL, Makefile.in: ++version + +1998-01-12 21:41 millert + + * CHANGES: updated fort 1.5.4 + +1998-01-12 21:41 millert + + * check.c: exit(1) if user enters no passwd + +1998-01-12 21:37 millert + + * BUGS: ++version + +1998-01-12 21:10 millert + + * parse.c: commands can start with ./* not just /* -- fixes a + serious security hole. + +1997-12-21 16:17 millert + + * sudo.c: Don't set the tty variable to NULL when we lack a tty, + leave it as "unknown". + +1997-11-23 11:29 millert + + * sample.sudoers: fix usage of (username) in conjunction with , and + ! + +1997-11-22 23:53 millert + + * sudo.c: define tty global to an initial value to avoid dumping + core in logging functions when passwd file is unavailable. + +1997-11-22 23:51 millert + + * sudo.c: do the set_perms(PERM_USER, sudo_mode) after we have + gotten the passwd entry + +1997-11-22 22:21 millert + + * sudo.pod: talk about problem of ALL + +1997-10-09 22:54 millert + + * README: new web location + +1997-10-09 22:54 millert + + * INSTALL: fdesc bug is fixed in Open/Net BSD + +1997-10-09 22:52 millert + + * HISTORY: updates from Nieusma + +1997-10-09 16:37 millert + + * dce_pwent.c: move compat.h after the system includes + +1997-08-06 12:58 millert + + * logging.c: save errno from being clobbered by wait(). From Theo + +1997-05-21 09:57 millert + + * compat.h: fix an occurence of setresuid -> setreuid (typo) + +1997-03-19 15:45 millert + + * install-sh: check for path to strip + +1997-01-15 17:05 millert + + * logging.c: deal with maxfilelen < 0 case + +1997-01-15 17:05 millert + + * OPTIONS: fixed descriptin + +1996-12-11 21:10 millert + + * sudo.c: correct error message if mode/owner wrong and not + statable by owner but is statable by root. + +1996-11-23 00:18 millert + + * config.guess, config.sub: autoconf 2.11 + +1996-11-16 12:42 millert + + * CHANGES, RUNSON, TODO: sudo 1.5.3. + +1996-11-14 13:08 millert + + * sudo.h, parse.yacc: command_alias -> generic_alias + +1996-11-13 20:50 millert + + * sample.sudoers: added Runas_Alias example and fixed syntax errors + +1996-11-13 20:50 millert + + * OPTIONS, options.h: updated MAILSUBJECT + +1996-11-13 20:49 millert + + * logging.c: added %h expansion + +1996-11-13 19:37 millert + + * Makefile.in, check.c, compat.h, config.h.in, dce_pwent.c, + find_path.c, getspwuid.c, getwd.c, goodpath.c, ins_2001.h, + ins_classic.h, ins_csops.h, ins_goons.h, insults.h, interfaces.c, + logging.c, options.h, parse.c, parse.lex, parse.yacc, + pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h, INSTALL, + README, configure.in: ++version + +1996-11-13 18:02 millert + + * BUGS: ++version + +1996-11-13 17:05 millert + + * parse.yacc: add size params to sprintf + +1996-11-13 17:04 millert + + * parse.lex: allow trailing space after '\\' but before '\n' + +1996-11-13 17:04 millert + + * find_path.c: off by one error in path size check + +1996-11-13 17:03 millert + + * check.c: sprintf paranoia + +1996-11-12 09:59 millert + + * parse.yacc: fixed more_aliases + +1996-11-11 08:49 millert + + * parse.yacc: fix Runas_Alias stuff Alias's in runas list now get + expanded (but it is gross) + +1996-11-10 18:32 millert + + * sudo.c: Can now deal with SUDOERS_UID == 0 and SUDOERS_MODE == + 0400 + +1996-11-10 18:08 millert + + * parse.yacc: add Runas_Alias support change FOO to FOO_ALIAS (ie: + USER_ALIAS) + +1996-11-10 18:02 millert + + * parse.lex: Add Runas_Alias and simplify a rule. + +1996-11-10 17:15 millert + + * parse.yacc: always store User_Alias's since they can be used + inside of a runas list. Sigh. Really need a Runas_Alias instead. + +1996-10-11 21:01 millert + + * TROUBLESHOOTING: added one + +1996-10-10 20:11 millert + + * HISTORY: developement -> development + +1996-10-10 20:08 millert + + * INSTALL: added a note + +1996-10-10 18:36 millert + + * RUNSON: for 1.5.2 + +1996-10-10 18:36 millert + + * CHANGES: updated + +1996-10-09 22:56 millert + + * PORTING: removed seteuid() notes + +1996-10-09 11:37 millert + + * compat.h: better seteuid() emulatino + +1996-10-09 11:36 millert + + * configure.in: added check for seteuid + +1996-10-09 11:36 millert + + * config.h.in: added HAVE_SETEUID + +1996-10-08 17:22 millert + + * configure.in: first stab at sequent support + +1996-10-08 17:21 millert + + * config.h.in: added HAVE_SYS_SELECT_H + +1996-10-08 17:21 millert + + * compat.h: sequent -> _SEQUENT_ + +1996-10-08 17:11 millert + + * compat.h: added seteuid() macro for DYNIX + +1996-10-06 23:05 millert + + * check.c, compat.h, dce_pwent.c, find_path.c, getspwuid.c, + getwd.c, goodpath.c, ins_2001.h, ins_classic.h, ins_csops.h, + ins_goons.h, insults.h, interfaces.c, options.h, pathnames.h.in, + BUGS, INSTALL, Makefile.in, OPTIONS, README, config.h.in, + logging.c, parse.c, parse.lex, parse.yacc, putenv.c, strdup.c: + ++version + +1996-10-06 22:59 millert + + * sudo.pod: added -H and SUDO_PS1 + +1996-10-06 22:55 millert + + * configure.in: use SUDO_FUNC_FNMATCH + +1996-10-06 22:54 millert + + * aclocal.m4: added SUDO_FUNC_FNMATCH + +1996-10-06 22:53 millert + + * sudo.c: added -H flag + +1996-10-06 22:53 millert + + * sudo.h: added MODE_RESET_HOME / + +1996-10-04 22:00 millert + + * INSTALL: mention OPIE + +1996-10-04 21:59 millert + + * configure.in: added opie support + +1996-10-04 21:59 millert + + * check.c: added HAVE_OPIE and changed to *_OTP_* + +1996-10-04 21:58 millert + + * compat.h, config.h.in: added HAVE_OPIE + +1996-10-04 21:58 millert + + * OPTIONS, options.h: SKEY -> OTP + +1996-10-03 21:27 millert + + * check.c: moved fclose() in skey stuff. + +1996-10-03 17:53 millert + + * putenv.c: index -> strchr remove unnecesary stuff + +1996-10-03 17:43 millert + + * check.c: now call skeychallenge() to get challenge instead of + making one up ourselves. this way, we get extra goodies in the + prompt. + +1996-09-09 22:32 millert + + * CHANGES: added one + +1996-09-09 22:18 millert + + * parse.lex: allow logins to start with a number (YUCK!) + +1996-09-08 13:18 millert + + * TROUBLESHOOTING: added soalris 2.5 vs 2.4 note + +1996-09-08 13:15 millert + + * configure.in: DUNIX doesn't need -lnsl + +1996-09-07 18:22 millert + + * CHANGES: [no log message] + +1996-09-07 18:21 millert + + * check.c, compat.h, config.h.in, dce_pwent.c, find_path.c, + getspwuid.c, getwd.c, goodpath.c, ins_2001.h, ins_classic.h, + ins_csops.h, ins_goons.h, insults.h, interfaces.c, logging.c, + options.h, parse.c, parse.lex, parse.yacc, pathnames.h.in, + putenv.c, strdup.c, sudo.c, sudo.h: courtesan + +1996-09-07 18:13 millert + + * TROUBLESHOOTING, INSTALL, Makefile.in, PORTING, RUNSON, README: + courtesan + +1996-09-07 18:00 millert + + * sudo.pod: courtesan + +1996-09-07 17:45 millert + + * HISTORY: added courtesan ./ + +1996-09-05 22:12 millert + + * sudo.c: added $SUDO_PROMPT support + +1996-09-04 15:19 millert + + * check.c: print long skey challemged to stderr, not stdout + +1996-08-31 21:10 millert + + * CHANGES: updated for 1.5.1 + +1996-08-31 10:34 millert + + * RUNSON: updated for 1.5.1 + +1996-08-30 08:49 millert + + * check.c: use shost, not host for tgetpass + +1996-08-29 22:21 millert + + * OPTIONS, sudo.pod: documented %u and %h + +1996-08-29 18:40 millert + + * configure.in: fixed typo + +1996-08-29 18:37 millert + + * INSTALL, Makefile.in, README, check.c, compat.h, config.h.in, + dce_pwent.c, find_path.c, getspwuid.c, getwd.c, goodpath.c, + ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h, + interfaces.c, logging.c, options.h, parse.c, parse.lex, parse.yacc, + pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h: ++version + +1996-08-29 18:30 millert + + * BUGS: ++version + +1996-08-29 16:32 millert + + * configure.in, Makefile.in: ++version + +1996-08-29 15:58 millert + + * sudo.h: new tgetpass() params + +1996-08-29 15:58 millert + + * check.c: pass use and host to tgetpass + +1996-08-29 14:56 millert + + * OPTIONS, options.h, check.c: added NO_MESSAGE + +1996-08-29 14:23 millert + + * configure.in: added cray (unicos) support + +1996-08-27 09:36 millert + + * OPTIONS, options.h, sudo.c: added SHELL_SETS_HOME + +1996-08-25 15:56 millert + + * INSTALL: added note about "make install" + +1996-08-25 15:50 millert + + * parse.yacc: changed length/size params from int to size_t + +1996-08-25 11:35 millert + + * OPTIONS: now get CSOPS insults as well by default + +1996-08-25 11:33 millert + + * insults.h: use csops insults too by default + +1996-08-25 11:31 millert + + * INSTALL, Makefile.in, README, config.h.in, configure.in: version + = 1.5 + +1996-08-25 11:27 millert + + * sudo.c: added runas_homedir + +1996-08-25 11:27 millert + + * TODO: updated for 1.5 + +1996-08-25 11:23 millert + + * RUNSON: updated for 1.5 + +1996-08-25 11:19 millert + + * CHANGES: 1.5 release + +1996-08-25 11:17 millert + + * INSTALL: added "upgrading" notes + +1996-08-18 10:52 millert + + * Makefile.in: ++version added INSTALL.configure + +1996-08-18 10:52 millert + + * configure.in: ++version + +1996-08-18 10:51 millert + + * TROUBLESHOOTING: [no log message] + +1996-08-18 10:50 millert + + * parse.yacc: added missing cast + +1996-08-17 18:37 millert + + * sudo.c: sets $HOME to pw_dir of runas user + +1996-08-17 18:02 millert + + * sudo.pod: document $HOME change + +1996-08-17 17:43 millert + + * sudo.pod: fixed up some wording + +1996-08-17 17:25 millert + + * check.c, dce_pwent.c, find_path.c, getspwuid.c, getwd.c, + goodpath.c, interfaces.c, logging.c, parse.c, parse.lex, + parse.yacc, putenv.c, strdup.c, sudo.c: ++version + +1996-08-17 17:21 millert + + * compat.h, ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, + insults.h, options.h, pathnames.h.in, sudo.h: ++version + +1996-08-17 17:18 millert + + * sudo.h: name nad type changes + +1996-08-17 17:07 millert + + * parse.yacc: fixed some XXX + +1996-08-17 16:52 millert + + * parse.yacc: some variable name changes + comment headers for + functions. + +1996-08-17 16:34 millert + + * sudo.c: [no log message] + +1996-08-17 16:30 millert + + * parse.c: now uses init_parser() if not in sudoers and tries + "list" or "validate" scold but don't be nasty. + +1996-08-17 16:29 millert + + * TROUBLESHOOTING: now can use upper case login names + +1996-08-17 16:28 millert + + * PORTING: added info about PASSWORD_TIMEOUT + +1996-08-17 16:28 millert + + * INSTALL, README: updated + +1996-08-17 16:28 millert + + * INSTALL.configure: Initial revision + +1996-08-17 16:27 millert + + * BUGS: fixed a bug , + +1996-08-17 16:27 millert + + * parse.yacc: now dynamically allocates memory for the stacks -- no + more overflows! + +1996-08-17 16:26 millert + + * sudo.pod: -l now explands command aliases + +1996-08-17 11:22 millert + + * parse.yacc: hacks to expand command aliases for `sudo -l' + +1996-08-17 11:22 millert + + * sudo.c: remove $ENV and $BASH_ENV (dangerous in ksh, posix sh, + and bash) + +1996-08-17 11:22 millert + + * sudo.h: added struct command_alias + +1996-08-17 11:20 millert + + * sudo.pod: fixed a bug + +1996-08-17 11:15 millert + + * lsearch.c: in compar() key should be first arg + +1996-08-15 13:48 millert + + * BUGS: fixed some bugs + +1996-08-15 13:47 millert + + * parse.yacc: can now deal with upcase HOST and USER names + +1996-08-15 13:47 millert + + * sudo.c: don't yell too loudly at non-sudoers if they do "sudo -l" + +1996-08-15 13:46 millert + + * sudo.pod: fixed thinko + +1996-08-15 13:46 millert + + * parse.c: fix comment + +1996-08-09 16:07 millert + + * parse.c, parse.yacc: added support for new `sudo -l' stuff + +1996-08-09 16:06 millert + + * sudo.c: now uses list_matches() + +1996-08-09 16:06 millert + + * sudo.h: added struct sudo_match + +1996-08-09 15:37 millert + + * configure.in: now more -lgnumalloc + +1996-08-01 11:12 millert + + * install-sh: added more paths for chown and whoami + +1996-07-31 08:41 millert + + * check.c: typo + +1996-07-30 11:45 millert + + * aclocal.m4: fixed DUNIX check for shadow pw + +1996-07-30 10:53 millert + + * INSTALL: updated + +1996-07-29 20:29 millert + + * configure.in: changed "test -z $foo && do_this" to if; then + construct + +1996-07-28 20:47 millert + + * configure.in: added missing defines of SHADOW_TYPE + +1996-07-26 12:10 millert + + * check.c: protect AUTH_CRYPT_OLDCRYPT and AUTH_CRYPT_C1CRYPT since + they are only in dunix 4.x + +1996-07-26 12:09 millert + + * getspwuid.c: added AUTH_CRYPT_C1CRYPT support + +1996-07-26 11:23 millert + + * parse.c: no longer return VALIDATE_NOT_OK if there was a runas + that didn't match. Now we can have runas stuff on more than one + line. + +1996-07-25 21:45 millert + + * configure.in: got rid of HAVE_C2_SECURITY SHADOW_TYPE is always + defined to something + +1996-07-25 21:45 millert + + * config.h.in: removed HAVE_C2_SECURITY added SPW_BSD + +1996-07-25 21:44 millert + + * compat.h, getspwuid.c, sudo.c: use SHADOW_TYPE instead of + HAVE_C2_SECURITY + +1996-07-25 21:44 millert + + * check.c: SHADOW_TYPE is always defined so just against its value + +1996-07-25 21:44 millert + + * aclocal.m4: added SUDO_CHECK_SHADOW_DUNIX + +1996-07-24 11:02 millert + + * configure.in: added back check for config.cache from other host + type + +1996-07-24 10:49 millert + + * parse.lex: removed an instance of \" + +1996-07-24 10:49 millert + + * sample.sudoers: added an example + +1996-07-24 08:28 millert + + * configure.in: new check for shadow passwords if we don't know + anything + +1996-07-24 08:28 millert + + * aclocal.m4: new SUDO_CHECK_SHADOW_GENERIC + +1996-07-24 00:19 millert + + * configure.in: added back check for -lsocket (oops) + +1996-07-24 00:16 millert + + * configure.in: better (working) check for shadow passwd type if we + know to use C2. + +1996-07-23 23:59 millert + + * configure.in: now uses AC_CANONICAL_HOST to figure out os type + +1996-07-23 23:59 millert + + * Makefile.in: added config.{guess,sub} + +1996-07-23 23:58 millert + + * aclocal.m4: removed unused stuff to figure out os type + +1996-07-23 20:58 millert + + * config.sub: added openbsd + +1996-07-23 20:54 millert + + * config.sub: Initial revision + +1996-07-23 20:40 millert + + * config.guess: Initial revision + +1996-07-23 19:18 millert + + * parse.c: don't call fnmatch() with FNM_PATHNAME flag unless it + can only be a pathname need to check against sudoers_args even if + user_args is nil + +1996-07-23 16:52 millert + + * check.c: added support for AUTH_CRYPT_OLDCRYPT w/ DUNIX C2 + +1996-07-22 23:10 millert + + * parse.lex: fill_args was adding an extra leading space + +1996-07-22 13:50 millert + + * parse.yacc: fixed prototype + +1996-07-22 13:31 millert + + * sudo.h: added cmnd_args + +1996-07-22 13:31 millert + + * parse.yacc: now uses flat args string + +1996-07-22 13:30 millert + + * parse.c, parse.lex: now uses flat arg string + +1996-07-22 12:30 millert + + * sudo.c: now sets cmnd_args global + +1996-07-22 12:30 millert + + * logging.c: cmnd_args is now exported from sudo.[ch] + +1996-07-21 16:41 millert + + * parse.yacc: can't rely on cmnd_matches as much as I thought -- + added some $$ stuff back in to prevent namespace pollution + problems. + +1996-07-21 16:01 millert + + * parse.yacc: Simplified parse rules wrt runas and NOPASSWD (more + consistent). + +1996-07-19 22:45 millert + + * parse.lex: NOPASSWD may now have blanks before the ':' '(' only + starts a 'runas' if in the initial state to avoid collision with + command args + +1996-07-19 22:23 millert + + * configure.in: added checks for specific shadow passwd schemes + +1996-07-19 22:18 millert + + * aclocal.m4: added routines to check for specific shadow passwd + types + +1996-07-18 16:27 millert + + * configure.in: added support for ncr boxen + +1996-07-18 16:26 millert + + * aclocal.m4: added support for detecting ncr boxen + +1996-07-16 12:57 millert + + * configure.in: added sinix support + +1996-07-13 20:29 millert + + * TROUBLESHOOTING: added info about "config.cache from other other" + error. + +1996-07-13 20:22 millert + + * aclocal.m4: now makes sure you don't have a config.cache file + from another OS + +1996-07-13 19:36 millert + + * configure.in: now sets $LIBS when needed to configure links with + libs when doing tests hpux10 now uses SPW_SECUREWARE for C2 added + check for bigcrypt(3) if SPW_SECUREWARE + +1996-07-13 19:30 millert + + * getspwuid.c: fixed typo + +1996-07-13 19:05 millert + + * getspwuid.c: no more SPW_HPUX10 + +1996-07-13 19:04 millert + + * config.h.in: no more SPW_HPUX10 added HAVE_BIGCRYPT + +1996-07-13 19:04 millert + + * compat.h: now uses AUTH_MAX_PASSWD_LENGTH if SPW_SECUREWARE + +1996-07-13 19:04 millert + + * check.c: SPW_SECUREWARE now uses bigcrypt + +1996-07-13 16:24 millert + + * sample.sudoers: fixed 2 syntax errors + +1996-07-11 18:59 millert + + * interfaces.c: fixed a typo/thinko that broke BSD's with sa_len + +1996-07-08 14:08 millert + + * check.c, configure.in: updated AFS support + +1996-07-08 14:07 millert + + * TROUBLESHOOTING: added entry about /usr/ucb/cc + +1996-07-08 14:06 millert + + * INSTALL: prep no longer holds gcc binaries + +1996-07-08 13:48 millert + + * INSTALL: updated AFS note + +1996-07-08 13:43 millert + + * Makefile.in: added @AFS_LIBS@ + +1996-07-08 13:33 millert + + * compat.h: AFS allows long passwords + +1996-07-08 12:16 millert + + * parse.c: sudo -v now groks VALIDATE_OK_NOPASS + +1996-07-08 11:30 millert + + * parse.yacc: fixed no_passwd vs. runas_matched + +1996-07-08 08:30 millert + + * TROUBLESHOOTING: took out stuff about NFS-mounting since it is no + longer an issue + +1996-07-08 08:30 millert + + * INSTALL: added --with-libraries > --with-libpath --with-incpath + +1996-07-08 08:21 millert + + * parse.yacc: was setting runas_matches to -1 in wrong place + +1996-07-08 07:58 millert + + * check.c: removed usersec.h which is not present in new AFS + versions + +1996-07-08 07:51 millert + + * OPTIONS: updated + +1996-07-07 22:04 millert + + * configure.in: BSD/OS >= 2.0 now uses shlicc instead of just gcc + +1996-07-07 20:30 millert + + * sudo.c: fixed backwards compatibility with sudo 1.4 sudoers mode + for root readable/writable filesystems + +1996-07-07 18:49 millert + + * Makefile.in: now gives INSTALL -c flag + +1996-07-07 18:34 millert + + * parse.yacc: slightly simpler initialization of no_passwd and + runas_matches + +1996-07-07 18:32 millert + + * configure.in: improved --with-libraries support + +1996-07-07 14:27 millert + + * configure.in: added --with-incpath, --with-libpath, + --with-libraries + +1996-07-07 14:01 millert + + * parse.yacc: now initializes some fields that weren't getting set + to -1 pretty gross -- need a rewrite. + +1996-06-25 21:19 millert + + * alloca.c: removed emacs'isms + +1996-06-25 20:29 millert + + * configure.in: no longer add -lPW to *_LIBS since we include + alloca.c + +1996-06-25 20:29 millert + + * config.h.in: added HAVE_ALLOCA_H + +1996-06-25 20:28 millert + + * Makefile.in: added alloca.c + +1996-06-25 20:18 millert + + * alloca.c: Initial revision + +1996-06-25 19:58 millert + + * configure.in: ++version + +1996-06-25 17:32 millert + + * sudo.c: now set uid to 1 instead of nobody for PERM_SUDOERS since + nobody is not always set to a valid uid. + +1996-06-25 17:31 millert + + * OPTIONS: fixed entry for SUDO_MODE + +1996-06-25 16:02 millert + + * sudo.c: Fixed NFS-mounted sudoers file under solaris both uid + *and* gid were being set to -2. Now beat NFS to the punch and set + uid to "nobody" ourselves, preserving group 0 to read sudoers. + +1996-06-25 16:02 millert + + * parse.c: moved set_perms(PERM_ROOT) to be before yyparse() + +1996-06-25 16:00 millert + + * logging.c: fixed a typo + +1996-06-25 16:00 millert + + * configure.in: no longer need AC_PROG_INSTALL + +1996-06-25 15:59 millert + + * Makefile.in: always use install-sh to avoid install(1)'s that use + get{pw,gr}nam + +1996-06-25 14:07 millert + + * INSTALL: make clean -> make distclean + +1996-06-19 23:17 millert + + * parse.yacc: removed some unnecsary if's + +1996-06-19 23:16 millert + + * Makefile.in: ++version + +1996-06-19 23:16 millert + + * parse.c: now includes netgroup.h + +1996-06-19 22:45 millert + + * interfaces.c: removed cats of ioctl to int since they didn't shut + up -Wall + +1996-06-19 22:43 millert + + * interfaces.c: explicately cast ioctl() to int since it it not + always declared + +1996-06-19 22:41 millert + + * sudo.h: added declarations for yyparse() and yylex() + +1996-06-19 22:27 millert + + * parse.yacc: fixed an occurence of '==' -> '=' + +1996-06-19 22:22 millert + + * config.h.in, configure.in: added check for netgroup.h + +1996-06-19 22:20 millert + + * sudo.c: fixed 2 compiler warnings + +1996-06-19 22:08 millert + + * sudo.c: SHELL_IF_NO_ARGS caused core dump since NewArg[cv] + weren't being initialized + +1996-06-19 11:53 millert + + * sudo.pod: fixed a typo + +1996-06-17 10:19 millert + + * parse.yacc: fixed a formatting thingie + +1996-06-17 10:16 millert + + * parse.c, parse.yacc: fixed -u support with multiple user lists on + a line + +1996-06-17 08:23 millert + + * configure.in: unixware needs -lgen + +1996-06-17 08:23 millert + + * README: updated ftp location + +1996-06-16 22:07 millert + + * sample.sudoers: added net_addr/mask example + +1996-06-16 22:02 millert + + * parse.lex, parse.c: added support for net_addr/netmask + +1996-06-15 16:12 millert + + * RUNSON: updated for 1.4.3 + +1996-06-15 16:12 millert + + * CHANGES: udpated for 1.4.3 + +1996-06-15 16:11 millert + + * TROUBLESHOOTING, TODO, BUGS: updated + +1996-06-15 16:11 millert + + * sample.sudoers: updated with examples of new stuff + +1996-06-15 16:10 millert + + * INSTALL, README: ++version + +1996-06-15 15:58 millert + + * sudo.pod: updated wrt -u and CAVEATS + +1996-06-08 21:15 millert + + * sudo.c: fixed usage() + +1996-06-08 20:57 millert + + * parse.lex: now use :foo: character classes (makes no diff for + generated lexer) + +1996-06-07 12:33 millert + + * check.c: fixed LONG_SKEY_PROMPT stuff + +1996-06-06 13:03 millert + + * lsearch.c: make more like NetBSD one -- now compiles w/o warnings + +1996-06-05 20:20 millert + + * config.h.in, configure.in, getspwuid.c: added SPW_HPUX10 + +1996-06-05 20:20 millert + + * check.c: hpux 10 uses bigcrypt() if C2 + +1996-06-04 17:57 millert + + * parse.c: now always uses fnmatch to match args + +1996-05-28 20:14 millert + + * sudo.c: now give usage warning if use -l,-v,-k with args + +1996-05-28 16:22 millert + + * sudo.c: NewArgc is now set to 1 for -l, -v, -k + +1996-05-28 10:50 millert + + * sudo.c: now sets sudoers to correct group if mode is 0400 + +1996-05-28 10:02 millert + + * install-sh: updated to version used by inn and bind + +1996-05-27 22:08 millert + + * configure.in: now uses -lgnumalloc if it exists + +1996-05-27 22:02 millert + + * Makefile.in: "make install" now sets uid/gid and mode on sudoers + if it exists + +1996-05-27 22:01 millert + + * sudo.c: rmeoved debugging statements + +1996-05-27 22:00 millert + + * parse.yacc: added a missing free() + +1996-05-27 21:58 millert + + * sudo.c: now uses user_gid instead of getegid (which was wrong + anyway) to set SUDO_GID Now sets command line args in SUDO_COMMAND + envariabled (logging.c depends on args being in the environment) + +1996-05-27 21:57 millert + + * logging.c: now uses SUDO_COMMAND envariable to get command args + rather than building it up again. + +1996-05-27 20:42 millert + + * parse.c: now uses user_gid + +1996-05-27 18:02 millert + + * sudo.c: fixed off by one error in allocation NewArgv + +1996-05-27 18:01 millert + + * parse.c: in sudoers, 'command ""' now means command with no args + +1996-05-27 18:01 millert + + * configure.in: added check for fnmatch(3) and fnmatch.h + +1996-05-27 18:01 millert + + * config.h.in: added HAVE_FNMATCH + +1996-05-27 18:00 millert + + * Makefile.in: replaced wildcat.* with fnmatch.* + +1996-05-27 17:38 millert + + * parse.c: now uses fnmatch() instead of wildmat a trailing star + (*) by itself now matches multiple args added support for wildcards + in the pathname in sudoers + +1996-05-25 17:23 millert + + * fnmatch.c: now includes compat.h and config.h + +1996-05-25 16:09 millert + + * config.h.in: added HAVE_FNMATCH_H + +1996-05-25 16:07 millert + + * configure.in: now checks for alloca() (if needed by bison or dce) + and links with -lPW if it contains alloca() and libv and compiler + do not. + +1996-05-25 16:03 millert + + * fnmatch.3, fnmatch.c: Initial revision + +1996-04-28 20:38 millert + + * sudo.c: now fixes mode on sudoers if set to 0400 to aid in + upgrade + +1996-04-28 15:44 millert + + * Makefile.in: fixed pod2man usage + +1996-04-28 15:40 millert + + * configure.in, Makefile.in: ++version + +1996-04-28 15:20 millert + + * sudo.h: removed PERM_FULL_ROOT + +1996-04-28 15:18 millert + + * sudo.c: runas_user defaults to "root" so no more need to + PERM_RUNAS + +1996-04-28 15:16 millert + + * parse.c: will now only running commands as root if there was no + runas list (or if root is in the runas list) + +1996-04-28 15:15 millert + + * logging.c: now logs "USER=%s" + +1996-04-28 15:12 millert + + * parse.yacc: runas_matches is now set to false if we get a + negative match + +1996-04-28 13:01 millert + + * parse.lex: make #uid work + some minor cleanup + +1996-04-27 19:04 millert + + * sample.sudoers: added support for NOPASSWD and "runas" from + garp@opustel.com / + +1996-04-27 19:02 millert + + * sudo.h: added support for NO_PASSWD and runas from + garp@opustel.com replaced SUDOERS_OWNER with SUDOERS_UID and + SUDOERS_GID and added support fro SUDOERS_MODE + +1996-04-27 19:00 millert + + * sudo.c: added support for NO_PASSWD and runas from + garp@opustel.com replaced SUDOERS_OWNER with SUDOERS_UID and + SUDOERS_GID and added support fro SUDOERS_MODE + +1996-04-27 19:00 millert + + * parse.yacc: added support for NO_PASSWD and runas from + garp@opustel.com + +1996-04-27 18:58 millert + + * parse.c, parse.lex: added support for NO_PASSWD and runas from + garp@opustel.com + +1996-04-27 18:56 millert + + * logging.c: added support for SUDOERS_WRONG_MODE and "runas" + +1996-04-27 18:40 millert + + * configure.in: added --with-CC only link with -lshadow on linux + (with shadow pw) if libc lacks getspnam() + +1996-04-27 18:39 millert + + * OPTIONS, options.h: removed NO_PASSWD since it is not possible to + do this in the sudoers file itself. Replaced SUDOERS_OWNER with + SUDOERS_UID and SUDOERS_GID. Added SUDOERS_MODE. + +1996-04-27 18:26 millert + + * Makefile.in: now uses SUDOERS_UID and SUDOERS_GID + +1996-04-27 09:20 millert + + * INSTALL: added --with-CC + +1996-04-06 14:31 millert + + * parse.lex: added double quote support + +1996-04-05 14:53 millert + + * mkinstalldirs: Initial revision + +1996-04-05 14:53 millert + + * check.c: fixed some indentation + +1996-04-05 14:48 millert + + * Makefile.in: fixed a typo + +1996-04-04 17:39 millert + + * Makefile.in: added install-dirs . + +1996-04-04 12:16 millert + + * dce_pwent.c: new version from "Jeff A. Earickson" + + +1996-04-03 11:40 millert + + * configure.in: $CSOPS -> $with_csops (whoops, missed one) + +1996-04-03 11:40 millert + + * BUGS: updated + +1996-04-03 11:36 millert + + * parse.lex: FQHOST now has same constraints as non-FQHOST + +1996-04-02 17:00 millert + + * INSTALL: added note about OS's w/ shadow passwords turned on by + default + +1996-04-02 16:58 millert + + * configure.in: fixed a typo + +1996-04-02 16:48 millert + + * configure.in: added support for --without-THING sanitized shadow + pw situtation by adding support for --without-C2 + +1996-04-02 12:57 millert + + * check.c: was closing an fd that may not have been opened + +1996-03-21 17:55 millert + + * sudo.c, OPTIONS, options.h: added NO_PASSWD + +1996-03-19 17:40 millert + + * configure.in: now always use shadow pw on some arches + +1996-03-19 15:07 millert + + * configure.in: added pyramid support + +1996-03-19 15:04 millert + + * configure.in: no longer check for C2 if alternate passwd method + is used no longer check for some libs twice + +1996-03-19 15:00 millert + + * parse.yacc: moved fqdn stuff into parse.lex (FQHOST) + +1996-03-19 15:00 millert + + * parse.lex: added FQHOST rules + +1996-03-18 17:37 millert + + * OPTIONS, find_path.c, options.h: -DNO_DOT_PATH -> + -DIGNORE_DOT_PATH + +1996-03-17 14:18 millert + + * INSTALL: added note about no shadow auto-detect if using + alternate auth schemes + +1996-03-17 13:33 millert + + * configure.in: don't check for C2 if AFS or DCE (unless they said + --with-C2) + +1996-03-17 13:01 millert + + * options.h, OPTIONS, find_path.c: added NO_DOT_PATH + +1996-03-16 12:43 millert + + * find_path.c: checkdot now works correctly + +1996-03-12 16:01 millert + + * configure.in: can't have DCE and C2 passwords both... + +1996-03-11 12:05 millert + + * parse.yacc, sudo.c, sudo.h: now uses shost even if not FQDN + +1996-03-11 12:04 millert + + * configure.in: now looks for skey in /usr/lib and doesn't require + libskey to be in /usr/local/lib just because skey.h is (for my + netbsd box :-) + +1996-03-11 00:00 millert + + * aclocal.m4, config.h.in, pathnames.h.in: _SUDO_PATH_ -> + _CONFIG_PATH_ + +1996-03-10 19:01 millert + + * aclocal.m4, sudo.pod: /var/run/.odus -> /var/run/sudo + +1996-03-10 18:59 millert + + * pathnames.h.in: now uses _SUDO_PATH_TIMEDIR + +1996-03-10 18:59 millert + + * OPTIONS: udpated FQDN + +1996-03-10 18:58 millert + + * config.h.in: added _SUDO_PATH_TIMEDIR + +1996-03-10 18:58 millert + + * aclocal.m4, configure.in: added SUDO_TIMEDIR + +1996-03-10 18:58 millert + + * sudo.pod: updated wrt /var/run/sudo + +1996-03-10 18:16 millert + + * sudo.c, sudo.h: added support for shost if FQDN + +1996-03-10 18:14 millert + + * parse.yacc: now uses shost if FQDN + +1996-03-10 18:12 millert + + * check.c: Now use skeylookup() instead off skeychallenge() + +1996-02-27 18:41 millert + + * logging.c: mail_argv should not contain ALERTMAIL as it includes + "-t" + +1996-02-22 15:06 millert + + * INSTALL, Makefile.in, README, configure.in: ++version + +1996-02-22 14:27 millert + + * compat.h: added more _PASSWD_LEN stuff -- now uses PASS_MAX too + +1996-02-05 17:20 millert + + * README, INSTALL: ++version + +1996-02-05 17:20 millert + + * Makefile.in: ++versoin + +1996-02-05 17:16 millert + + * Makefile.in: fixed a typo + +1996-02-05 17:16 millert + + * configure.in: ++version + +1996-02-05 16:53 millert + + * RUNSON: updated + +1996-02-05 16:47 millert + + * CHANGES: done for 1.4.1 (I hope) + +1996-02-05 16:39 millert + + * sample.sudoers: added wildcard example + +1996-02-05 15:03 millert + + * Makefile.in: now uses *.pod to build *.man and *.cat & *.html + +1996-02-05 15:03 millert + + * configure.in: addedSUDO_PROG_BSHELL !ll + +1996-02-05 14:10 millert + + * sudo.pod: fixed some formatting + +1996-02-04 20:50 millert + + * getspwuid.c: now treats "" as bourne shell + +1996-02-04 20:49 millert + + * Makefile.in: TESTOBJS nwo includes wildmat.o + +1996-02-04 19:59 millert + + * sudo.c: removed an XXX (fixed it in getspwuid.c) + +1996-02-04 19:58 millert + + * aclocal.m4: added check for bourne shell + +1996-02-04 19:58 millert + + * pathnames.h.in: added _PATH_BSHELL + +1996-02-04 19:58 millert + + * config.h.in: added _SUDO_PATH_BSHELL + +1996-02-04 14:24 millert + + * INSTALL: added Linux note + +1996-02-04 14:13 millert + + * logging.c: fixed up some XXX's. file log format now looks a + little more like real syslog(3) format. + +1996-02-04 14:13 millert + + * README, TROUBLESHOOTING: updated wrt lex/flex + +1996-02-04 14:11 millert + + * Makefile.in: commented out rule to build lex.yy.c from parse.lex + since we ship with a pre-flex'd parser + +1996-02-04 14:09 millert + + * parse.c, parse.yacc: path_matches -> command_matches + +1996-02-04 00:28 millert + + * logging.c: eliminated some strcat()'s + +1996-02-04 00:10 millert + + * configure.in: no longer checks for lex/flex (now assumes flex) + +1996-02-04 00:08 millert + + * configure.in: now checks for $kerb_dir_candidate/krb.h instead of + just kerb_dir_candidate + +1996-02-02 18:48 millert + + * parse.yacc: now use a 'hook' expression instead of an iffy one + :-) + +1996-02-01 23:14 millert + + * parse.yacc: fixed dereferencing deadbeef + +1996-02-01 21:53 millert + + * sudo.c: changed an occurrence of Argv to NewArgv + +1996-02-01 21:53 millert + + * parse.lex: took out support for quoted commands since there is no + need... + +1996-02-01 21:52 millert + + * parse.c: fixed a typo in a for() loop + +1996-02-01 21:52 millert + + * logging.c: protected against dereferencing rogue pointers + +1996-02-01 20:34 millert + + * sudo.c: now uses NewArgv amd NewArgc so cmnd_aegs is no longer + needed this also allows us to eliminate some kludges in + parse_args() and eliminate superfluous code. + +1996-02-01 20:34 millert + + * logging.c: no longer uses cmnd_args, now uses NewArgv instead. + +1996-02-01 20:32 millert + + * sudo.h: added struct sudo_command, NewArgc, and NewArgv removed + cmnd_args (no longer used) + +1996-02-01 20:31 millert + + * Makefile.in: added wildmat.c to SRCS & SUDOBJS + +1996-02-01 20:30 millert + + * parse.yacc: COMMAND is now a struct containing the path and args + +1996-02-01 20:30 millert + + * parse.lex: replaced append() with fill_cmnd() and fill_args. + command args from a sudoers entry are now stored in an arrary for + easy matching. + +1996-02-01 20:28 millert + + * parse.c: command line args from sudoers file are now in an array + like ones passed in from the command line + +1996-01-31 18:59 millert + + * parse.c: wildwat stuff now works + +1996-01-28 22:44 millert + + * Makefile.in: ++version added wildmat.* + +1996-01-28 15:55 millert + + * parse.lex: added support for quoted commands (w/ or w/o args) + +1996-01-21 23:55 millert + + * sudo.pod: cleaned up formatting + +1996-01-21 18:53 millert + + * sudo.pod: Initial revision + +1996-01-16 12:38 millert + + * RUNSON: updated + +1996-01-16 12:37 millert + + * OPTIONS: updated NO_ROOT_SUDO entry + +1996-01-15 09:37 millert + + * RUNSON: [no log message] + +1996-01-15 09:34 millert + + * sudo.c: fixed SECURE_PATH + +1996-01-14 18:55 millert + + * RUNSON: udpa`ted for 1.4 + +1996-01-14 18:52 millert + + * configure.in: AIX aixcrypt.exp now uses $(srcdir) + +1996-01-14 18:32 millert + + * TROUBLESHOOTING: added entry for anal ansi compilers + +1996-01-14 14:13 millert + + * INSTALL: added info on libcrypt_i for SCO + +1996-01-14 14:05 millert + + * TODO: [no log message] + +1996-01-14 13:39 millert + + * sample.sudoers: added comments + +1996-01-14 13:25 millert + + * TODO: 1.4 release + +1996-01-14 13:22 millert + + * README, config.h.in, configure.in, CHANGES: ++version + +1996-01-14 13:21 millert + + * BUGS: ++version and fixed ISC + +1996-01-14 13:19 millert + + * check.c, compat.h, dce_pwent.c, find_path.c, getspwuid.c, + getwd.c, goodpath.c, ins_2001.h, ins_classic.h, ins_csops.h, + ins_goons.h, insults.h, options.h, pathnames.h.in, sudo.h, + logging.c, putenv.c, strdup.c, sudo.c, INSTALL, OPTIONS: ++version + +1996-01-14 13:16 millert + + * interfaces.c: added STUB_LOAD_INTERFACES ++version + +1996-01-14 13:14 millert + + * Makefile.in, parse.c, parse.lex, parse.yacc: ++version + +1996-01-14 13:13 millert + + * PORTING: added info about fd_set in tgetpass added info on + interfaces.c + +1996-01-11 11:22 millert + + * dce_pwent.c: added sudo header + +1996-01-11 11:01 millert + + * Makefile.in: tgetpass.o is now only linked in with sudo (not + visudo) + +1996-01-09 10:56 millert + + * BUGS, INSTALL, OPTIONS, README, Makefile.in, config.h.in, + configure.in: ++version + +1996-01-09 10:52 millert + + * check.c, compat.h, find_path.c, getspwuid.c, getwd.c, goodpath.c, + ins_2001.h, ins_classic.h, ins_csops.h, ins_goons.h, insults.h, + interfaces.c, logging.c, options.h, parse.c, parse.lex, parse.yacc, + pathnames.h.in, putenv.c, strdup.c, sudo.c, sudo.h: ++version + +1996-01-09 10:42 millert + + * configure.in: ISC now gets -lcrypt now check for sys/bsdtypes.h + +1996-01-09 10:41 millert + + * config.h.in: added check for sys/bsdtypes.h + +1996-01-07 14:00 millert + + * parse.yacc: removed debugging stuff (setting freed ptr to NULL) + +1996-01-07 13:55 millert + + * TROUBLESHOOTING: added 2 entries + +1996-01-07 13:55 millert + + * Makefile.in: added FAQ + +1996-01-07 12:26 millert + + * TROUBLESHOOTING: added section on syslog + +1996-01-07 12:25 millert + + * configure.in: added AC_ISC_POSIX for better ISC support + +1996-01-07 12:25 millert + + * config.h.in: fixed typo + +1996-01-07 12:25 millert + + * config.h.in: added define for _POSIX_SOURCE + +1996-01-03 22:41 millert + + * configure.in: fixed check for lsearch() + +1995-12-21 19:53 millert + + * interfaces.c: fixed for AIX now deal if num_interfaces == 0 + (should not happen) + +1995-12-20 15:02 millert + + * configure.in: now only define HAVE_LSEARCH if there is a + corresponding search.h + +1995-12-20 13:52 millert + + * interfaces.c: works on ISC again + +1995-12-18 15:36 millert + + * configure.in: now define HAVE_LSEARCH if we find lsearch() in + libcompat + +1995-12-18 15:32 millert + + * lsearch.c: char * -> const char * + +1995-12-18 15:29 millert + + * configure.in: now looks in -lcompat for lsearch() + +1995-12-18 15:23 millert + + * Makefile.in: remove sudo.core visudo.core for clan target + +1995-12-17 20:53 millert + + * aclocal.m4: added UID_MAX support in check for MAX_UID_T_LEN + +1995-12-17 20:36 millert + + * Makefile.in: fixed another occurence of sudo_getpwuid.* + +1995-12-17 20:30 millert + + * getspwuid.c, Makefile.in: sudo_getpwuid.c -> getspwuid.c + +1995-12-17 20:22 millert + + * configure.in: moved the "echo" + +1995-12-17 20:09 millert + + * CHANGES, BUGS, INSTALL, Makefile.in, OPTIONS, README, check.c, + compat.h, config.h.in, configure.in, find_path.c, getspwuid.c, + getwd.c, goodpath.c, ins_2001.h, ins_classic.h, ins_csops.h, + ins_goons.h, insults.h, interfaces.c, logging.c, options.h, + parse.c, parse.lex, parse.yacc, pathnames.h.in, putenv.c, strdup.c, + sudo.c, sudo.h: ++version + +1995-12-17 20:00 millert + + * sample.sudoers: added group entry + +1995-12-17 19:50 millert + + * parse.c, parse.lex, parse.yacc: added group support + +1995-12-15 15:45 millert + + * check.c: tkfile was too short and overflowed the kerberos realm + +1995-12-11 15:09 millert + + * sudo.c: now copy command args directly from Argv + +1995-12-11 13:55 millert + + * sudo.c: replaced code to copy cmnd_args so that is does not use + realloc since most realloc()'s really stink + +1995-12-08 12:11 millert + + * configure.in: syslog() fixed in hpux 10.01 + +1995-12-06 15:45 millert + + * configure.in: AC_CHECK_LIB() now sets SUDO_LIBS (and VISUDO_LIBS + if appropriate) + +1995-12-06 15:30 millert + + * configure.in: better error if cannot find skey incs or libs + +1995-12-06 15:26 millert + + * aclocal.m4: now use a temp file for determining max len of uid_t + in string form. the old hacky way broke on netbsd + +1995-12-05 17:02 millert + + * sudo.c: added set of parens and a space + +1995-12-05 16:58 millert + + * dce_pwent.c: fixes from Jeff Earickson , + +1995-12-05 16:58 millert + + * check.c: modified a comment + +1995-12-05 16:57 millert + + * Makefile.in: fixed up testsudoers target + +1995-12-05 16:56 millert + + * configure.in: DCE changes from Jeff Earickson + LIBS -> SUDO_LIBS and VISUDO_LIBS LDFLAGS -> + SUDO_FDFLAGS and VISUDO_LDFLAGS + +1995-12-05 16:17 millert + + * Makefile.in: LIBS -> SUDO_LIBS , VISUDO_LIBS LDFLAGS -> + SUDO_LDFLAGS, VISUDO_LDFLAGS + +1995-11-27 21:32 millert + + * configure.in: fix for C2 on hpux 10 now uses -linet if it exists + +1995-11-27 21:17 millert + + * check.c: LONG_SKEY_PROMPT is less of a klusge / + +1995-11-27 21:17 millert + + * configure.in: fixed typos w/ dce stuff + +1995-11-27 21:14 millert + + * Makefile.in: added dce_pwent.c + +1995-11-26 11:48 millert + + * INSTALL: amended section on combining authentication mechanisms + +1995-11-26 11:48 millert + + * PORTING: minor updates for 1.3.6 + +1995-11-26 11:47 millert + + * TROUBLESHOOTING: added 2 more entries + +1995-11-26 11:39 millert + + * BUGS: updated for 1.3.6 + +1995-11-26 11:39 millert + + * README: overhauled + +1995-11-25 19:23 millert + + * INSTALL: rewrote for sudo 1.3.6 + +1995-11-25 19:23 millert + + * TROUBLESHOOTING: added 3 entries + +1995-11-25 11:53 millert + + * find_path.c, getspwuid.c, sudo.c: added explict casts for strdup + since many includes don't prototype it. gag me. + +1995-11-25 11:23 millert + + * sudo.h: removed prototype for sudo_getpwuid() since convex C + compiler choked on it. + +1995-11-25 11:23 millert + + * sudo.c: added prototype for sudo_getpwuid() + +1995-11-25 11:23 millert + + * lsearch.c: now compiles on strict ANSI compilers + +1995-11-24 21:56 millert + + * check.c: added LONG_SKEY_PROMPT support + +1995-11-24 21:55 millert + + * Makefile.in: added extra $'s for make to eat up, yum. + +1995-11-24 21:38 millert + + * OPTIONS, options.h: added LONG_SKEY_PROMPT + +1995-11-24 16:48 millert + + * check.c: s/key support now works with normal s/key as well as + logdaemon + +1995-11-24 16:46 millert + + * options.h, OPTIONS: added SKEY_ONLY + +1995-11-24 16:46 millert + + * compat.h: set _PASSWD_LEN to 256 for any of KERB4, DCE, SKEY + +1995-11-23 22:42 millert + + * INSTALL: added DCE note added more AIX notes + +1995-11-23 22:39 millert + + * sudo.c: now include pthread.h for DCE support + +1995-11-23 20:22 millert + + * check.c: dce_pwent() is ok after all ., + +1995-11-23 20:21 millert + + * logging.c: now uses SYSLOG() macro that equates to either + syslog() or syslog_wrapper + +1995-11-23 19:44 millert + + * dce_pwent.c: minor formatting changes. renamed check() to + somthing less generic + +1995-11-23 19:27 millert + + * check.c, logging.c, parse.yacc, sudo.c, sudo.h: now uses + user_pw_ent and simple macros to get at the contents + +1995-11-22 18:35 millert + + * check.c: simpler dec unix C2 support + +1995-11-22 18:35 millert + + * getspwuid.c: now sets crypt_type for DEC unix C2 + +1995-11-21 16:00 millert + + * configure.in: added csops paths for skey + +1995-11-21 14:27 millert + + * getspwuid.c: now includes string.h for strdup() prototype + +1995-11-20 23:47 millert + + * getspwuid.c: fixed a few typos + +1995-11-20 20:59 millert + + * check.c: now includes skey.h + +1995-11-20 20:10 millert + + * getspwuid.c: fixed up comments + +1995-11-20 20:04 millert + + * check.c: moved a lot of the shadow passwd crap to sudo_getpwuid() + +1995-11-20 20:01 millert + + * sudo.c: now uses sudo_pw_ent + +1995-11-20 19:28 millert + + * getspwuid.c: Initial revision + +1995-11-20 19:27 millert + + * sudo.h, logging.c: now uses sudo_pw_ent + +1995-11-20 19:27 millert + + * Makefile.in: added sudo_getpwuid.c + +1995-11-20 19:25 millert + + * compat.h: added dce support + +1995-11-20 19:13 millert + + * parse.yacc: now uses sudo_pw_ent + +1995-11-20 12:40 millert + + * check.c: fixed exempt_group stuff for OS's that don't put base + gid in group vector + +1995-11-19 23:39 millert + + * check.c: S/Key support now works with sunos4 shadow passwords + +1995-11-19 20:31 millert + + * Makefile.in: fixed clean rule + +1995-11-19 20:31 millert + + * config.h.in, configure.in: added DCE support + +1995-11-19 20:30 millert + + * check.c: first stab at dce support + +1995-11-19 20:24 millert + + * dce_pwent.c: now smells like sudo + +1995-11-19 20:11 millert + + * dce_pwent.c: Initial revision + +1995-11-19 19:36 millert + + * check.c: skey'd sudo now works w/ normal password as well + +1995-11-19 16:37 millert + + * Makefile.in, OPTIONS, check.c, compat.h, config.h.in, + find_path.c, getwd.c, goodpath.c, ins_2001.h, ins_classic.h, + ins_csops.h, ins_goons.h, insults.h, interfaces.c, logging.c, + options.h, parse.c, parse.lex, parse.yacc, pathnames.h.in, + putenv.c, strdup.c, sudo.c, sudo.h: updated version number + +1995-11-19 16:32 millert + + * README: updated to reflect version change + +1995-11-19 16:27 millert + + * configure.in: --with options now line up ++version + +1995-11-19 16:26 millert + + * sudo.h: removed unecesary S/Key stuff + +1995-11-19 16:25 millert + + * configure.in: fixed S/Key support + +1995-11-19 16:24 millert + + * Makefile.in: -I stuff now goes in CPPFLAGS + +1995-11-19 16:23 millert + + * check.c: fixed SKey support + +1995-11-19 13:23 millert + + * README: updated version + +1995-11-19 11:59 millert + + * OPTIONS: fixed description of EXEMPTGROUP + +1995-11-19 08:47 millert + + * sudo.c: more people use _RLD_ than just alphas... + +1995-11-18 19:35 millert + + * Makefile.in: replaced $man_prefix with $mandir + +1995-11-18 19:30 millert + + * configure.in: fixed a typo + +1995-11-18 19:28 millert + + * Makefile.in: now use more GNU'ish dir names + +1995-11-18 19:27 millert + + * configure.in: now set *dir correctly (can override from command + line) + +1995-11-18 17:17 millert + + * sudo.c: now deal with situations where we getwd() fails + +1995-11-16 22:37 millert + + * Makefile.in: added etc_dir, bin_dir, sbin_dir + +1995-11-16 22:37 millert + + * configure.in: added sbin_dir + +1995-11-16 19:28 millert + + * Makefile.in: now ship a flex-generated lex.yy.c + +1995-11-16 19:09 millert + + * Makefile.in: now sets _PATH_SUDO_SUDOERS, _PATH_SUDO_STMP, + SUDOERS_OWNER + +1995-11-16 19:06 millert + + * pathnames.h.in: _PATH_SUDO_SUDOERS & _PATH_SUDO_STMP are now + overridden via Makefile + +1995-11-16 19:05 millert + + * options.h: no more error for redefining SUDOERS_OWNER + +1995-11-16 19:05 millert + + * OPTIONS: expanded SUDOERS_OWNER section + +1995-11-16 00:55 millert + + * logging.c: better default warning for NO_SUDOERS_FILE + +1995-11-16 00:54 millert + + * sudo.c: added missing set_perms() no more cryptic message if the + sudoers file is zero length, now just give a parse error + +1995-11-16 00:42 millert + + * logging.c: better diagnostics if NO_SUDOERS_FILE + +1995-11-16 00:41 millert + + * sudo.c: check_sudoers() now catches sudoers files that are not + readable (but are stat'able). + +1995-11-12 23:12 millert + + * configure.in: now add -D__STDC__ for convex cc (not gcc) + +1995-11-12 22:52 millert + + * configure.in: MAN_PREFIX -> man_prefix now sets prefix and + exec_prefix + +1995-11-12 22:52 millert + + * Makefile.in: now uses exec_prefix & prefix from configure + +1995-11-12 22:16 millert + + * find_path.c, getwd.c, goodpath.c, interfaces.c, logging.c, + parse.c, parse.lex, parse.yacc, sudo.c, sudo.h: options.h is now <> + instead of "" so shadow build trees can have a custom copy of + options.h + +1995-11-12 22:15 millert + + * check.c: user_is_exempt() is no longer a hack, it now uses + getgrnam() + +1995-11-12 21:56 millert + + * options.h: EXEMPTGROUP is now "sudo" + +1995-11-12 20:25 millert + + * configure.in: MAN_POSTINSTALL now contains a leading space + +1995-11-12 20:25 millert + + * Makefile.in: removed leading tab if @MAN_POSTINSTALL@ not defined + now removes testsudoers in clean: + +1995-10-30 13:51 millert + + * sudo.c: unset the KRB_CONF envariable if using kerberos so we + don't get spoofed into using a bogus server + +1995-09-29 15:50 millert + + * parse.yacc: now explicately initialize match[] tp be FALSE + +1995-09-23 14:48 millert + + * sudo.c: removed unused variable now passes -Wall + +1995-09-23 14:48 millert + + * parse.yacc: yyerror and dumpaliases are now void's now passes + -Wall + +1995-09-23 14:48 millert + + * parse.lex: added prototype for yyerror + +1995-09-23 14:47 millert + + * interfaces.c: rmeoved unused cruft now passes -Wall + +1995-09-23 14:47 millert + + * check.c, logging.c, parse.c: now passes -Wall + +1995-09-23 14:46 millert + + * Makefile.in: fixed headers that moved to emul dir + +1995-09-23 10:05 millert + + * logging.c: fixed deref of nil pointer if no args + +1995-09-15 17:18 millert + + * OPTIONS: added a caveat to FQDN section + +1995-09-13 17:48 millert + + * Makefile.in: more $srcdir support for install targets + +1995-09-13 15:17 millert + + * find_path.c, interfaces.c, parse.c, parse.lex, parse.yacc, + putenv.c, strdup.c, sudo.c: don't include malloc.h if we include + stdlib.h + +1995-09-12 19:44 millert + + * parse.yacc: local search.h now lives in emul + +1995-09-12 19:41 millert + + * lsearch.c: local search.h now lives in emul + +1995-09-12 19:41 millert + + * check.c: local utime.h now lives in emul dir + +1995-09-12 19:38 millert + + * Makefile.in: added support for building in other than the + sourcedir + +1995-09-10 12:01 millert + + * OPTIONS: annotated CSOPS_INSULTS option + +1995-09-10 11:56 millert + + * TROUBLESHOOTING: updated shadow passwords blurb + +1995-09-09 19:00 millert + + * sudo.c: if SHELL_IF_NO_ARGS is set, "sudo -- foo" now runs a + shell and passes along foo as the arguments + +1995-09-09 16:52 millert + + * parse.lex: collapsed pathname and dir sections into one -- its + now less expensive + +1995-09-09 16:34 millert + + * parse.lex: fixed spacing quoting [,:\\=] now works correctly + append() and fill() now take args to make the above work + +1995-09-08 18:51 millert + + * sudo.c: fixed a typo that caused commands with no tty on fd 0 but + a tty on fd 1 to erroneously have "none" as their tty + +1995-09-04 13:35 millert + + * check.c: timestampfile is now a global static removed decl of + timestampfile in remove_timestamp since we can just use the global + one + +1995-09-04 13:28 millert + + * check.c: created touch() to update timestamps added + USE_TTY_TICKETS support (bit of a kludge) + +1995-09-04 13:28 millert + + * compat.h: added _S_IFDIR and S_ISDIR + +1995-09-04 13:22 millert + + * OPTIONS, options.h: added USE_TTY_TICKETS + +1995-09-03 22:38 millert + + * parse.yacc: removed const from casts for lsearch() & lfind() to + placate irix 4.x C compiler + +1995-09-03 12:12 millert + + * sudo.c: now only strip '/dev/' off of a tty if it starts with + '/dev/' + +1995-09-03 12:12 millert + + * pathnames.h.in: added _PATH_DEV + +1995-09-03 12:11 millert + + * configure.in: AC_HAVE_HEADERS -> AC_CHECK_HEADERS now check for + tcgetattr only if have termios.h + +1995-09-03 11:19 millert + + * parse.lex, parse.yacc: fixed a spelling error + +1995-09-03 11:17 millert + + * Makefile.in: fixed typo + +1995-09-02 10:55 millert + + * Makefile.in: fixed a comment + +1995-09-02 10:54 millert + + * parse.yacc: added dotcat() to cat 2 strings w/ a dot effeciently + now that we dynamically allocate strings they need to be free()'d + +1995-09-02 10:46 millert + + * parse.lex: dynamically allocates space for strings + +1995-09-02 10:34 millert + + * sudo.h: no more MAXCOMMANDLENGTH + +1995-09-01 20:25 millert + + * sudo.h: added decl of tty + +1995-09-01 20:25 millert + + * logging.c, sudo.c: moved tty stuff into sudo.c + +1995-09-01 12:18 millert + + * parse.c: fixed a logic bug. Was denying a command if user gave + command line args but there were none in the sudoers file which is + wrong. + +1995-08-31 23:18 millert + + * sudo.h: MAXCOMMMANDLEN dropped down to 1K + +1995-08-31 23:13 millert + + * parse.lex: return foo; -> return(foo); + +1995-08-31 23:03 millert + + * parse.yacc: fixed netgr_matches() prototype + +1995-08-31 23:02 millert + + * parse.lex: added support for escaping "termination" characters + +1995-08-31 22:55 millert + + * parse.c: buf is now of size MAXPATHLEN+1 since it never holds + command args + +1995-08-31 22:50 millert + + * sudo.c: fixed comments + +1995-08-31 22:49 millert + + * goodpath.c: fixed negation problem (doh!) + +1995-08-31 22:25 millert + + * parse.yacc: fixed 2nd parameter to lfind() + +1995-08-31 22:24 millert + + * parse.lex: now do bounds checking in fill() and append() + +1995-08-31 22:23 millert + + * sudo.c: include netdb.h as we should added a missing void cast + added SHELL_IF_NO_ARGS support now use realloc() properly. would + fail if realloc actually moved the string instead of shrinking it + +1995-08-31 22:17 millert + + * sample.sudoers: updated with examples of new features + +1995-08-31 22:05 millert + + * goodpath.c: now set errno to EACCES if not a regular file or not + executable + +1995-08-31 22:04 millert + + * find_path.c: if given a fully-qualified or relative path we now + check it with sudo_goodpath() and error out with the appropriate + error message if the file does not exist or is not executable + +1995-08-31 22:03 millert + + * lsearch.c: now use correct args for lfind + +1995-08-31 22:03 millert + + * logging.c: added a comment + +1995-08-31 21:52 millert + + * insults.h: added in CSOps insults + +1995-08-31 21:51 millert + + * ins_csops.h: Initial revision + +1995-08-31 20:56 millert + + * sudo.h: increased MAXCOMMANDLENGTH to 8k HAVE_GETCWD -> + HAVE_GETWD + +1995-08-31 20:55 millert + + * OPTIONS: added CLASSIC_INSULTS, CSOPS_INSULTS, SHELL_IF_NO_ARGS + +1995-08-31 20:54 millert + + * sudo.c: fixed -k load_interfaces() now gets called if FQDN is set + -p now works with -s + +1995-08-31 20:54 millert + + * parse.c: don't try to stat() "pseudo commands" like "validate" + +1995-08-31 20:53 millert + + * options.h: added CLASSIC_INSULTS added CSOPS_INSULTS added + SHELL_IF_NO_ARGS + +1995-08-31 20:53 millert + + * configure.in: added SecurID support added other insults to + --with-csops + +1995-08-31 20:52 millert + + * config.h.in: added HAVE_SECURID + +1995-08-31 20:52 millert + + * Makefile.in: added clobber target added ins_csops.h now gets + CFLAGS from configure + +1995-08-31 20:46 millert + + * aclocal.m4: relaxed SUDO_FULL_VOID + +1995-08-31 20:42 millert + + * sudo.man: added -s and -- flags added SHELL to ENVIRONMENT + VARIABLES section + +1995-08-19 17:32 millert + + * parse.yacc: PATH renamed to COMMAND + +1995-08-19 17:31 millert + + * parse.lex: it is now a parse error for directories to have args + attached to them + +1995-08-19 17:30 millert + + * logging.c: now say command args if telling user to buzz off + +1995-08-19 17:30 millert + + * sudo.c: -s no longer indicates end of args sped up loading on + cmnd_args in load_cmnd() + +1995-08-19 17:29 millert + + * parse.c: removed an unreachable statement + +1995-08-19 15:53 millert + + * parse.lex: made more efficient by pulling out the terminators + when in GOTCMND state and making them their own rule + +1995-08-13 22:07 millert + + * sudo.h: removed MAXLOGLEN since it is no longer used + +1995-08-13 22:07 millert + + * parse.lex: now allows command args + +1995-08-13 22:06 millert + + * parse.c: now groks command arguments + +1995-08-13 21:39 millert + + * logging.c: now sets tty correctly when piped input + +1995-08-13 21:35 millert + + * sudo.c: fixed loading of cmnd_args (was including command name + too) + +1995-08-13 21:34 millert + + * logging.c: fixed a core dump due to incorrect if construct + +1995-08-12 22:33 millert + + * configure.in: only add -lsun is irix < 5 don't look for -lnsl or + -lsocket if irix + +1995-08-12 22:33 millert + + * aclocal.m4: fixed check for ISC + +1995-08-12 22:32 millert + + * sudo.c: now sets cmnd_args used by log_error() and that will be + used by the parse to check against command args + +1995-08-12 22:32 millert + + * sudo.h: added cmnd_args + +1995-08-12 22:31 millert + + * logging.c: now dynamically allocate logline since we can guess at + its size + +1995-08-05 11:52 millert + + * logging.c: cleaned up a bunch of unnecesary #ifdef's eliminated a + buffer remove "register" since the compiler knows more than I do + now do a "basename" of the tty + +1995-07-31 16:20 millert + + * configure.in: ++version + +1995-07-30 20:37 millert + + * sudo.h: added shell extern changed MODE_* to be bit masks to + allow for several options together + +1995-07-30 20:36 millert + + * sudo.c: added -s (shell) option made MODE_* masks so we can do + bitwise & and | to see if multiple flags are set. + +1995-07-30 20:01 millert + + * check.c: added securid support + +1995-07-30 12:38 millert + + * logging.c: removed a bunch of unnecesary strncpy()'s and replaced + with strcat() + +1995-07-29 15:17 millert + + * Makefile.in: ++version + +1995-07-27 04:52 millert + + * parse.yacc: fixed free() of an uninitialized pointer (yuck) + +1995-07-26 19:29 millert + + * parse.c: cleaned up netgr_matches + +1995-07-25 22:26 millert + + * RUNSON: updated for 1.3.4 + +1995-07-24 19:51 millert + + * Makefile.in: now installs sudoers.man -- really should clean this + up though. + +1995-07-24 19:18 millert + + * Makefile.in: added sudoers.cat and sudoers.man + +1995-07-24 19:15 millert + + * sudo.man: pulled out stuff on the sudoers file format into a + separate man page + +1995-07-24 19:04 millert + + * HISTORY: fixed up my email address + +1995-07-24 18:03 millert + + * configure.in: added checks for innetgr and getdomainname + +1995-07-24 18:01 millert + + * parse.c: added netgr_matches + +1995-07-24 18:01 millert + + * parse.lex, parse.yacc: added NETGROUP support + +1995-07-24 18:01 millert + + * config.h.in: added HAVE_INNETGR & HAVE_GETDOMAINNAME + +1995-07-24 16:07 millert + + * sudo.c: rewrote clean_env() that has rm_env() builtin + +1995-07-23 17:58 millert + + * check.c: now cast uid to long in sprintf + +1995-07-23 17:58 millert + + * OPTIONS: added _INSULTS suffix to HAL & GOONS end + +1995-07-23 17:57 millert + + * options.h: added _INSULTS suffix to HAL & GOONS + +1995-07-23 17:35 millert + + * ins_2001.h, ins_classic.h, ins_goons.h, insults.h: converted to + new scheme of insult "unions" end + +1995-07-23 15:48 millert + + * sudo.c: now uses MAX_UID_T_LEN + +1995-07-23 15:48 millert + + * configure.in: added SUDO_UID_T_LEN !l + +1995-07-23 15:48 millert + + * config.h.in: added MAX_UID_T_LEN + +1995-07-23 15:47 millert + + * check.c: now use MAX_UID_T_LEN + +1995-07-23 15:47 millert + + * aclocal.m4: added check for max len of uid_t fixed sco vs. isc + check + +1995-07-19 17:05 millert + + * configure.in: corrected version + +1995-07-19 15:29 millert + + * configure.in: added sco support + +1995-07-19 15:29 millert + + * aclocal.m4: hack to check for sco + +1995-07-18 19:27 millert + + * interfaces.c: removed #include since it was hosing + some OS's + +1995-07-18 11:35 millert + + * find_path.c: fixed prreadlink() prototype + +1995-07-17 21:54 millert + + * check.c: added parens in #if's + +1995-07-17 21:53 millert + + * configure.in: added SPW_ prefix + +1995-07-17 21:20 millert + + * sudo.h: moved SPW_* to config.h.in + +1995-07-17 21:19 millert + + * sudo.c: added a set of parens + +1995-07-17 21:19 millert + + * config.h.in: added SPW_* + +1995-07-17 20:50 millert + + * sudo.h: added SPW_* reordered error codes + +1995-07-17 20:49 millert + + * check.c: moved SPW_* to sudo.h + +1995-07-17 12:29 millert + + * logging.c: GLOBAL_NO_AUTH_ENT -> GLOBAL_NO_SPW_ENT + +1995-07-17 12:29 millert + + * configure.in: AUTH -> SECUREWARE + +1995-07-17 12:29 millert + + * check.c, sudo.c: SPW_AUTH -> SPW_SECUREWARE + +1995-07-16 22:22 millert + + * check.c: now uses SHADOW_TYPE to make shadow pw support more + readable and modular. It's a start... + +1995-07-16 22:21 millert + + * configure.in: added autodetection of shadow passwords + +1995-07-16 22:20 millert + + * sudo.c: now uses SHADOW_TYPE define + +1995-07-16 22:19 millert + + * config.h.in: added SHADOW_TYPE which replaces SUNOS4 & __svr4__ + defines + +1995-07-16 22:19 millert + + * aclocal.m4: added SUDO_CHECK_SHADOW + +1995-07-12 15:09 millert + + * configure.in: define SVR4 for ISC define BROKEN_SYSLOG for hpux + took out test for memmove() since we dno longer use it... + +1995-07-12 15:08 millert + + * CHANGES: updated + +1995-07-12 15:05 millert + + * logging.c: added BROKEN_SYSLOG support + +1995-07-12 15:05 millert + + * config.h.in: added BROKEN_SYSLOG + +1995-07-12 15:04 millert + + * check.c: now only bitch it timestamp > time_now + 2 * timeout to + allow for a machine udpating its time from a server + +1995-07-12 15:04 millert + + * sudo.man: added 2 security notes updated Nieusma's email addr + +1995-07-12 12:18 millert + + * lsearch.c: changed a memmove() to memcpy() since we don't have to + worry about overlapping segments. + +1995-07-11 13:41 millert + + * interfaces.c: cleanup up the loop when interfaces are groped in + so that it is readable + +1995-07-11 12:52 millert + + * Makefile.in: ++version + +1995-07-09 16:17 millert + + * CHANGES: annotated 124-126 + +1995-07-07 14:06 millert + + * check.c: fixed permissions check on /tmp/.odus + +1995-07-06 17:35 millert + + * check.c: fixed some comments + +1995-07-06 12:49 millert + + * check.c: now checks owner & mode of timedir also checks for bogus + dates on timestamp file + +1995-07-06 12:49 millert + + * OPTIONS: updated TIMEOUT info + +1995-07-06 12:48 millert + + * logging.c, sudo.h: added BAD_STAMPDIR and BAD_STAMPFILE + +1995-07-06 12:47 millert + + * compat.h: added definition of S_IRWXU + +1995-07-06 12:47 millert + + * CHANGES: updated + +1995-07-03 12:16 millert + + * interfaces.c: added #ifdef to make it compile on strange arches + +1995-07-02 16:13 millert + + * aclocal.m4: fixed check for fulkl void impl. + +1995-07-02 07:56 millert + + * check.c: added mssing "static" + +1995-07-01 18:41 millert + + * insults.h: replaced #elif with #else #if constructs for ancient C + compilers + +1995-07-01 18:18 millert + + * INSTALL: updated irix c2 & kerb5 info + +1995-07-01 18:15 millert + + * configure.in: added shadow pw support for irix + +1995-07-01 14:07 millert + + * CHANGES: last changes for sudo 1.3.3 + +1995-07-01 14:07 millert + + * TODO, BUGS: updated + +1995-07-01 14:04 millert + + * configure.in: now calls SUDO_SOCK_SA_LEN + +1995-07-01 14:04 millert + + * config.h.in: added HAVE_SA_LEN + +1995-07-01 14:04 millert + + * aclocal.m4: added SUDO_SOCK_SA_LEN + +1995-07-01 13:49 millert + + * interfaces.c: now works with ip implementations that use sa_len + in sockaddr + +1995-07-01 12:26 millert + + * INSTALL: added note about buggy AIX compiler + +1995-07-01 12:24 millert + + * interfaces.c: now include sys/time.h for AIX + +1995-06-27 20:35 millert + + * Makefile.in: getcwd -> getwd + +1995-06-27 19:28 millert + + * interfaces.c: now works for ISC and others. yay. + +1995-06-26 12:24 millert + + * Makefile.in: version++ + +1995-06-22 18:26 millert + + * aclocal.m4: fixed test for full void impl + +1995-06-22 18:25 millert + + * sudo.c: now check to see that st_dev is non-zero before assuming + that we are being spoofed + +1995-06-20 14:56 millert + + * aclocal.m4, configure.in: SUDO_FUNC_UTIME_NULL -> + AC_FUNC_UTIME_NULL + +1995-06-19 14:32 millert + + * aclocal.m4: fixed include file order for SUDO_FUNC_UTIME_POSIX + +1995-06-19 14:10 millert + + * logging.c: added cast for ttyname() + +1995-06-19 13:23 millert + + * configure.in: fixed typo + +1995-06-19 13:19 millert + + * check.c: now deal correctly with all known variation of utime() + -- yippe + +1995-06-19 13:19 millert + + * configure.in: added SUDO_FUNC_UTIME_POSIX + +1995-06-19 13:19 millert + + * aclocal.m4: added SUDO_FUNC_UTIME_NULL and SUDO_FUNC_UTIME_POSIX + +1995-06-19 13:14 millert + + * config.h.in: added HAVE_UTIME_POSIX + +1995-06-19 11:38 millert + + * check.c: fixed a typo + +1995-06-19 11:29 millert + + * check.c: no longer assume !HAVE_UTIME_NULL means old BSD utime() + +1995-06-19 11:20 millert + + * check.c: fixed fascist C compiler warning + +1995-06-18 21:14 millert + + * interfaces.c: now set strioctl.ic_timout in STRSET() now + initialize num_interfaces to 0 (just to be anal) + +1995-06-18 16:06 millert + + * sudo.h: increaed MAXLOGLEN by MAXPATHLEN to account for ttyname + +1995-06-18 16:05 millert + + * logging.c: added tty logging + +1995-06-18 14:04 millert + + * interfaces.c: reworked the ISC code + +1995-06-18 13:27 millert + + * Makefile.in: updated version + +1995-06-18 13:24 millert + + * check.c: now expect old-style utime(3) if utime() can't take NULL + as an arg + +1995-06-18 13:08 millert + + * configure.in: added check for utime.h + +1995-06-18 13:08 millert + + * config.h.in: added HAVE_UTIME_H + +1995-06-18 12:48 millert + + * Makefile.in: added CPPFLAGS STATIC_FLAGS -> LDFLAGS + +1995-06-18 11:58 millert + + * configure.in: now search for kerb libs and includes + +1995-06-18 11:03 millert + + * check.c: added support for utime(2)'s that can't take a NULL + parameter + +1995-06-17 18:46 millert + + * configure.in: added utime(s) stuff + +1995-06-17 18:46 millert + + * check.c: now use utime() + +1995-06-17 18:46 millert + + * config.h.in: added HAVE_UTIME and HAVE_UTIME_NULL + +1995-06-17 16:24 millert + + * check.c: need to setuid(0) to make kerb4 stuff work. + +1995-06-17 16:13 millert + + * config.h.in: took out setreuid and setresuid stuff added kerb5 + stuff (use kerb4 emulation) + +1995-06-17 16:13 millert + + * compat.h: no longer need setreuid() emulation now set _PASSWD_LEN + to 128 if kerberos + +1995-06-17 16:12 millert + + * check.c: now use private ticket file for kerberos support to + avoid trouncing on system one + +1995-06-14 22:48 millert + + * sudo.h: added SPOOF_ATTEMPT & cmnd_st + +1995-06-14 22:47 millert + + * sudo.c: added anti-spoofing support + +1995-06-14 22:47 millert + + * parse.c: now use global cmnd_st + +1995-06-14 22:47 millert + + * logging.c: added SPOOF_ATTEMPT suypport + +1995-06-14 21:40 millert + + * parse.yacc: fixed up spacing and added void casts where + appropriate + +1995-06-14 21:27 millert + + * sudo.c: fixed problem with "-p prompt" but no args + +1995-06-14 02:43 millert + + * sudo.man: added BUGS and annotated -l description + +1995-06-14 02:43 millert + + * sudo.h: validate() now takes a flag + +1995-06-14 02:43 millert + + * sudo.c: validate() now takes a flag added -l + +1995-06-14 02:42 millert + + * parse.yacc: added support for -l + +1995-06-14 02:41 millert + + * parse.c: validate() now takes a flag that says whether or not to + check the command + +1995-06-07 19:36 millert + + * logging.c: now deals with Argv == 1 + +1995-06-07 19:34 millert + + * sudo.man: added -p option + +1995-06-07 19:27 millert + + * sudo.c: added prompt support reworked parse_args() + +1995-06-07 18:49 millert + + * sudo.h: added prompt + +1995-06-07 18:49 millert + + * options.h: added PASSPROMPT + +1995-06-07 18:48 millert + + * check.c: now use BUFSIZ as length of kerb password added kpass so + pass is always a char * now use prompt global when asking for a + password + +1995-06-07 18:43 millert + + * OPTIONS: added PASSPROMPT + +1995-06-06 23:44 millert + + * configure.in: only look for -lufc or -lcrypt if crypt() not in + libc + +1995-06-06 23:43 millert + + * check.c: don't exit on kerb error, just warn if k_errno == + KDC_PR_UNKNOWN (unknown user) silently fail + +1995-06-06 20:44 millert + + * INSTALL: added kerb4 note + +1995-06-06 20:41 millert + + * check.c: removed debugging printf + +1995-06-06 20:33 millert + + * configure.in: KERBEROS -> KERB4 added checks for setreuid & + setresuid + +1995-06-06 20:32 millert + + * config.h.in: HAVE_KERBEROS -> HAVE_KERB4 added HAVE_SETREUID and + HAVE_SETRESUID + +1995-06-06 20:32 millert + + * compat.h: added deif of UID_NO_CHANGE & GID_NO_CHANGE added + setreuid emulation with setresuid if applic + +1995-06-06 20:31 millert + + * check.c: HAVE_KERBEROS -> HAVE_KERB4 now only do the stupid + chown() hack if no setreuid() or a broken one + +1995-06-05 21:44 millert + + * config.h.in: added HAVE_KERBEROS + +1995-06-05 21:42 millert + + * check.c, configure.in: added kerberos support + +1995-06-03 17:36 millert + + * sudo.h: added MODE_BACKGROUND + +1995-06-03 17:36 millert + + * sudo.man: escaped dashes added -b option + +1995-06-03 17:34 millert + + * sudo.c: added -b option + +1995-06-03 16:52 millert + + * check.c: added crypt() for osf/1 3.x enhanced secuiry + +1995-06-03 16:18 millert + + * configure.in: now check for -lcrypt + +1995-06-03 16:00 millert + + * interfaces.c: added ENXIO like EADDRNOTAVAIL + +1995-05-07 21:14 millert + + * configure.in: now emulate getwd(), not getcwd() + +1995-05-07 21:13 millert + + * sudo.c: getcwd() -> getwd() + +1995-05-07 21:12 millert + + * getwd.c: getcwd -> getwd + +1995-05-01 23:34 millert + + * insults.h: broke out insults into separate include files + +1995-05-01 23:34 millert + + * ins_2001.h, ins_classic.h, ins_goons.h: Initial revision + +1995-05-01 23:32 millert + + * options.h, OPTIONS: added GOONS + +1995-05-01 23:32 millert + + * Makefile.in: added ins_2001.h ins_classic.h ins_goons.h + +1995-05-01 21:34 millert + + * Makefile.in: ++version + +1995-05-01 21:33 millert + + * sudo.h: added load_interfaces() + +1995-05-01 21:33 millert + + * sudo.c: moved load_interfaces to interfaces.c + +1995-05-01 21:33 millert + + * parse.yacc: added clearaliases + +1995-05-01 21:33 millert + + * OPTIONS, options.h: added FAST_MATCH + +1995-05-01 21:32 millert + + * parse.lex: now uses clearaliases variable + +1995-05-01 21:31 millert + + * interfaces.c: Initial revision + +1995-05-01 21:31 millert + + * Makefile.in: added interfaces.[co] + +1995-05-01 20:47 millert + + * sudo.c: now remove IFS instead of setting to "sane" value + +1995-05-01 14:30 millert + + * parse.c: added FAST_MATCH + +1995-04-29 18:19 millert + + * Makefile.in: sudo_goodpath.c-> goodpath.c + +1995-04-29 18:15 millert + + * sudo.c: added Andy's new ISC changes + +1995-04-14 12:06 millert + + * OPTIONS: added a sentence to SECURE_PATH info + +1995-04-14 11:57 millert + + * BUGS: added one + +1995-04-14 11:54 millert + + * RUNSON, CHANGES: updated + +1995-04-13 15:04 millert + + * RUNSON: updated for beta3 + +1995-04-13 12:32 millert + + * Makefile.in: ++version + +1995-04-13 11:56 millert + + * aclocal.m4: sendmail is now looked for in /usr/ucblib + +1995-04-13 11:54 millert + + * sudo.c: fixed indentation + +1995-04-13 11:35 millert + + * aclocal.m4: fixed a typo + +1995-04-13 11:19 millert + + * sudo.c: updated ISC mods + +1995-04-13 11:19 millert + + * configure.in: added unixware case + +1995-04-13 11:19 millert + + * check.c: user_is_exempt is no longer hidden + +1995-04-13 11:19 millert + + * RUNSON: updated + +1995-04-13 11:19 millert + + * aclocal.m4: isc and riscos changes + +1995-04-13 11:18 millert + + * OPTIONS: added NOTE about new interaction of EXEMPTGROUP and + SECURE_PATH + +1995-04-13 11:18 millert + + * Makefile.in: fixed a typo and added testsudoers stuff + +1995-04-12 17:31 millert + + * parse.yacc: applied fixed patch from Chris + +1995-04-11 12:30 millert + + * Makefile.in: fixed a typo + +1995-04-11 12:14 millert + + * parse.yacc: added a set of braces for bison + +1995-04-11 12:01 millert + + * parse.yacc: merged in Chris' changes to dekludge the parser. + +1995-04-10 22:38 millert + + * logging.c: send_mail() was calling find_path() which is wrong + since find_path() stores cmnd in a static var. Anyhow, it doesn't + make much sense since MAILER should always be fully qualified + +1995-04-10 17:51 millert + + * sample.sudoers: added User_Alias stuff + +1995-04-10 17:50 millert + + * aclocal.m4: SUDO_NEXT now looks for + /usr/lib/NextStep/software_version + +1995-04-10 17:50 millert + + * RUNSON: added DEC UNIX 3.0 w/ gcc + +1995-04-10 16:04 millert + + * parse.yacc: fixed probs caused by making nslots and naliases a + size_t + +1995-04-10 13:09 millert + + * RUNSON: added KSR, upped rev to 1.3.1b2 + +1995-04-10 13:07 millert + + * logging.c, parse.yacc: 1024 -> BUFSIZ + +1995-04-10 13:05 millert + + * parse.yacc: void * -> VOID * naliases and nslots are now size_t + to appease lsearch on 64-bit machines + +1995-04-09 17:30 millert + + * TODO: did a bunch of things and added a bunch :-) + +1995-04-09 17:30 millert + + * PORTING: updated + +1995-04-09 17:15 millert + + * sudo.man: closer to standard BSD man format + +1995-04-09 16:58 millert + + * compat.h, config.h.in, insults.h, options.h, pathnames.h.in, + sudo.h: added RCS id + +1995-04-09 15:35 millert + + * sudo.h: removed crufty #defines that are no longer used + +1995-04-09 15:13 millert + + * BUGS: fixed a bug + +1995-04-09 15:12 millert + + * sudo.man: updated based on sudo changes + +1995-04-09 15:11 millert + + * parse.yacc: now allow ALL keyword in User_Aliases now allow ALL + keyword as well as a NAME or ALIAS + +1995-04-09 15:11 millert + + * CHANGES: updated + +1995-04-09 15:04 millert + + * sudo.c: now sets SUDO_COMMAND and SUDO_GID envariables. + +1995-04-09 13:24 millert + + * aclocal.m4: fixed bug with full void impl check + +1995-04-08 21:11 millert + + * parse.yacc: fixed User_Alias supoprt + +1995-04-08 20:27 millert + + * parse.yacc: added stubs for User_Alias support + +1995-04-08 20:27 millert + + * sudo.c: now sets removes # bogus interfaces from num_interfaces + +1995-04-08 20:26 millert + + * parse.lex: added User_Alias support + +1995-04-07 19:10 millert + + * Makefile.in: removed extraneous TODO + +1995-04-07 13:38 millert + + * parse.yacc: ntwk_matches -> addr_matches + +1995-04-07 13:37 millert + + * parse.c: ntwk_matches -> addr_matches now use inet_addr() not + inet_network() (which expects octet boundaries) fixes for OSF + (sizeof(int) != sizeof(long)) + +1995-04-07 13:08 millert + + * sudo.c: took out debugging info + +1995-04-06 21:45 millert + + * aclocal.m4: OS was being set to unknown before non-uname based + host checks. This caused no checks to happen since $OS was not + zero-length. + +1995-04-06 21:30 millert + + * sudo.c: fixed loading of interfaces struct still has debugging + info in though + +1995-04-06 20:23 millert + + * parse.c: fixed typo + +1995-04-06 14:17 millert + + * Makefile.in: ++version + +1995-04-06 14:13 millert + + * parse.yacc: removed parser_cleanup (no need for it now) + +1995-04-06 14:13 millert + + * parse.lex: now calls reset_aliases() directly + +1995-04-04 16:21 millert + + * OPTIONS: added a sentence to SECURE_PATH description + +1995-04-04 16:17 millert + + * parse.c: fixed my stupid bug where I used NAMLEN on something I + wanted to just get the name from. argh. + +1995-04-03 14:58 millert + + * lsearch.c: fixed argument order of memmove() that i hosed when + converting from bcopy(). arghh. + +1995-04-03 13:33 millert + + * Makefile.in: finally fixed DISTFILES line + +1995-04-03 13:21 millert + + * Makefile.in: tabs -> spaces + +1995-04-03 13:15 millert + + * Makefile.in: added missing files to DISTFILES + +1995-04-03 12:50 millert + + * Makefile.in: SUPPORTED -> RUNSON + +1995-04-01 01:12 millert + + * TODO: updated + +1995-03-31 23:54 millert + + * RUNSON: updated for pl5b1 release + +1995-03-31 23:53 millert + + * BUGS, TODO: updated + +1995-03-31 23:52 millert + + * check.c: fixed bug where if you hit return at first sudo prompt + it would still log as a failure + +1995-03-31 23:29 millert + + * CHANGES: updated + +1995-03-31 23:25 millert + + * aclocal.m4: better test for bogus void * implementation + +1995-03-31 18:33 millert + + * logging.c: added PASSWORDS_NOT_CORRECT + +1995-03-31 18:32 millert + + * check.c: added PASSWORDS_NOT_CORRECT stuff] + +1995-03-31 18:30 millert + + * sudo.h: added PASSWORDS_NOT_CORRECT + +1995-03-31 17:16 millert + + * sudo.c: removed some unused vars and fixed up uid2str + +1995-03-31 17:15 millert + + * putenv.c: moved compat.h + +1995-03-31 17:14 millert + + * getcwd.c, getwd.c: added pathnames.h + +1995-03-31 16:18 millert + + * parse.yacc: fixed a typo I introduced in the last checkin :-( + +1995-03-31 16:11 millert + + * parse.lex: can't have #ifdef's where N is defined so just do this + the broken way for AIX + +1995-03-31 16:08 millert + + * parse.yacc: better hack from Chris (but still a hack) + +1995-03-31 16:05 millert + + * parse.lex: stupid hack for broken aix lex + +1995-03-31 15:27 millert + + * compat.h: added FD_SET and FD_ZERO for 4.2BSD + +1995-03-31 14:12 millert + + * parse.yacc: dirty hack to fix parser bug. i don't really like + this but it works for now... + +1995-03-31 14:12 millert + + * sudo.c: uid2str is now static like the prototype says + +1995-03-29 21:48 millert + + * RUNSON: Initial revision + +1995-03-29 21:47 millert + + * TODO, CHANGES, SUPPORTED, TROUBLESHOOTING: updated + +1995-03-29 21:46 millert + + * sudo.c: check_sudoers now returns an error code and sudo calls + inform_user and log_error based on the return value. + +1995-03-29 21:45 millert + + * logging.c, sudo.h: added entries for new errors + +1995-03-29 21:03 millert + + * parse.c: now set uid to that of SUDOERS_OWNER while parsing + sudoers file + +1995-03-29 20:52 millert + + * Makefile.in: took out testsudoers  + +1995-03-29 20:36 millert + + * sudo.c: now explicately checks that it is setuid root + +1995-03-29 20:28 millert + + * sudo.c: If a user has no passwd entry sudo would segv (writing to + a garbage pointer). Now allocate space before writing :-) + +1995-03-29 20:06 millert + + * configure.in: reordered AC_CHECK_FUNCS + +1995-03-29 20:06 millert + + * config.h.in: fixed memset macro + +1995-03-29 19:47 millert + + * logging.c: bzero -> memset when a parse error is logged the line + number of the error is now logged too + +1995-03-29 19:46 millert + + * INSTALL: added Sunos to blurb about c2 security + +1995-03-29 19:45 millert + + * configure.in: added a SUN4 define for C2 security + +1995-03-29 19:44 millert + + * config.h.in: bcopy -> memmove bzero -> memset + +1995-03-29 19:43 millert + + * lsearch.c: bcopy -> memmove char * -> VOID * + +1995-03-29 19:30 millert + + * check.c: added support for sunos with C2 security + +1995-03-29 19:12 millert + + * OPTIONS, options.h: reordered + +1995-03-29 19:12 millert + + * pathnames.h.in: _PATH_SUDO_LOGFILE now set based on configure + +1995-03-29 19:12 millert + + * configure.in: added SUDO_LOGFILE and SUDO_TYPE_SIZE_T + +1995-03-29 19:12 millert + + * config.h.in: added _SUDO_PATH_LOGFILE + +1995-03-29 19:11 millert + + * aclocal.m4: added SUDO_LOGFILE to find where to put sudo.log + added SUDO_CHECK_TYPE (just AC_CHECK_TYPE but checks unistd.h too) + added SUDO_TYPE_SIZE_T (calls SUDO_CHECK_TYPE) + +1995-03-29 16:17 millert + + * TROUBLESHOOTING: Initial revision + +1995-03-29 15:59 millert + + * sudo.c: now do set_perms(PERM_ROOT) before the getpwuid() in + load_global() to work around a problem is trusted hpux shadow + passwords. yuck. + +1995-03-29 15:41 millert + + * parse.yacc: backed out a change in malloc/realloc + +1995-03-29 15:38 millert + + * parse.yacc: now include stdlib.h + +1995-03-29 15:20 millert + + * parse.yacc: replaced yywrap() with parser_cleanup() since + yywrap() needs to be in parse.lex to be able to use YY_NEW_FILE. + sigh. + +1995-03-29 15:18 millert + + * parse.lex: now have a rule that matches anything that doesn't + match an explicite rule. well, you know what i mean (. matches + anything not yet matched). However, this means that there is input + still queued up so we need to do a YY_NEW_FILE; in yywrap. So, + yywrap has moved into parse.lex and it calls parser_cleanup() which + is most of the old yywrap() sigh. + +1995-03-29 15:17 millert + + * SUPPORTED: no longer used + +1995-03-29 14:13 millert + + * getcwd.c, getwd.c: moved compat.h to be the last include file + +1995-03-29 14:11 millert + + * parse.yacc: fixed type of aliascmp() args + +1995-03-29 13:58 millert + + * find_path.c: NULL -> '\0' + +1995-03-29 13:42 millert + + * parse.yacc: added casts to lfind and lsearch args for irix + +1995-03-29 06:20 millert + + * Makefile.in: bsdinstall -> install-sh + +1995-03-29 06:20 millert + + * INSTALL: added info about make realclean + +1995-03-29 06:17 millert + + * Makefile.in: updated VERSION added dependencies for visudo.cat + +1995-03-29 06:16 millert + + * sudo.c: took out -l + +1995-03-28 22:03 millert + + * Makefile.in: now there is a real visudo.man and visudo.cat + +1995-03-28 21:54 millert + + * sudo.man: took out visudo stuff + +1995-03-28 21:12 millert + + * parse.c, parse.lex, parse.yacc: updated copyright + +1995-03-28 21:05 millert + + * README: updated for pl5 + +1995-03-28 18:02 millert + + * sudo.man: updated Nieusma & Hieb email addresses + +1995-03-28 17:57 millert + + * INSTALL: updated to include options.h and OPTIONS + +1995-03-28 17:35 millert + + * CHANGES, TODO: updated + +1995-03-28 17:35 millert + + * BUGS: eliminated bug #1 (yay) + +1995-03-28 17:31 millert + + * configure.in: sunos no longer gets linked statically + +1995-03-28 16:58 millert + + * parse.lex: prototype now uses __P() + +1995-03-28 16:49 millert + + * parse.lex: make fill() non-ansi + +1995-03-28 13:26 millert + + * parse.c: made -v (validate) work + +1995-03-28 13:26 millert + + * logging.c: now gives host + +1995-03-28 08:34 millert + + * find_path.c: don't check for execute/statable if fq or relative + path given + +1995-03-27 23:07 millert + + * parse.c: added a cast + +1995-03-27 22:48 millert + + * goodpath.c: moved _S_IFMT & _S_ISREG to compat.h + +1995-03-27 22:48 millert + + * sudo.c: moved a set of parens + +1995-03-27 22:48 millert + + * strdup.c: now include compat.h + +1995-03-27 22:47 millert + + * parse.yacc: now cast malloc & realloc return vals added search + for HAVE_LSEARCH now use strcmp if no strcasecmp available + +1995-03-27 22:46 millert + + * lsearch.c: void * -> VOID * + +1995-03-27 22:45 millert + + * config.h.in: removed HAVE_FLEX added VOID added HAVE_DIRENT_H, + HAVE_SYS_NDIR_H, HAVE_SYS_DIR_H, HAVE_NDIR_H added HAVE_LSEARCH + +1995-03-27 22:44 millert + + * compat.h: added _S_IFMT, _S_IFREG, and S_ISREG + +1995-03-27 22:44 millert + + * aclocal.m4: took out SUDO_PROG_INSTALL 1.x to 2.x changes added + echo and results to most SUDO_* macros + +1995-03-27 22:43 millert + + * Makefile.in: no more -I. + +1995-03-27 22:22 millert + + * configure.in: various 1.x ro 2.x autoconf changes now check for + strcasecmp now use AC_INSTALL_PROG instead of custom one added + check for fully woorking void implementation + +1995-03-27 22:02 millert + + * Makefile.in: added lsearch & search.h visudo links into + $(LIBOBJS) + +1995-03-27 21:43 millert + + * aclocal.m4: partial 1.x to 2.x changes added SUDO_FULL_VOID + +1995-03-27 19:15 millert + + * configure.in: autoconf 2.x changes took out HAVE_FLEX (no longer + used) added check for dirent/dir/ndir.h + +1995-03-27 19:09 millert + + * parse.c: now use groovy gnu autoconf macro AC_HEADER_DIRENT + +1995-03-27 18:38 millert + + * getcwd.c, getwd.c: MAXPATHLEN -> MAXPATHLEN+1 + +1995-03-27 18:23 millert + + * lsearch.c: Initial revision + +1995-03-27 16:26 millert + + * parse.yacc: eliminated bison warnings + +1995-03-27 15:10 millert + + * parse.lex: added missing case + +1995-03-27 13:16 millert + + * parse.yacc: only clear data structures on a parse error + +1995-03-27 12:53 millert + + * parse.yacc: kill_aliases -> reset_aliases yywrap() now cleans up + by calling reset_aliases() and clearing top took reset stuff out of + yyerror() since it doesn't beling there (and doesn't work anyway). + errorlineno is now initially set to -1 so we can set it to the + first error that occurrs (it was getting set to the last) + +1995-03-27 12:53 millert + + * parse.lex: added a void cast + +1995-03-25 23:33 millert + + * sudo.c, sudo.h: removed ocmnd + +1995-03-25 23:19 millert + + * sudo.h: no more sudo_realpath() and find_path() changed params + +1995-03-25 23:19 millert + + * sudo.c: find_path() changed since no more realpath() + +1995-03-25 23:18 millert + + * parse.yacc: on error, errorlineno is set to the line where the + error occurred added kill_aliases() to free the aliases struct now + clean up in yyerror() so we can reparse cleanly + +1995-03-25 23:17 millert + + * logging.c: changed to use new find_path() + +1995-03-25 23:17 millert + + * options.h, parse.c: no more USE_REALPATH + +1995-03-25 23:16 millert + + * find_path.c: removed all the realpath() stuff + +1995-03-25 23:16 millert + + * Makefile.in: sudo_realpath.c -> sudo_goodpath.c + +1995-03-25 22:04 millert + + * goodpath.c: Initial revision + +1995-03-25 19:56 millert + + * sudo.c: elinated compiler warning + +1995-03-25 18:40 millert + + * sudo.h: added prototype for sudo_goodpath + +1995-03-25 18:39 millert + + * parse.c: added support for /sys/dir.h + +1995-03-25 18:39 millert + + * options.h: USE_REALPATH turned off + +1995-03-25 18:39 millert + + * find_path.c: added calls to sudo_goodpath() + +1995-03-25 18:39 millert + + * configure.in: added check for dirent.h + +1995-03-25 18:38 millert + + * config.h.in: added HAVE_DIRENT_H + +1995-03-25 17:27 millert + + * configure.in: added in linux shadow pass stuff  + +1995-03-24 12:17 millert + + * sudo.c: added void casts for printf's + +1995-03-24 12:17 millert + + * options.h: added a define of USE_REALPATH + +1995-03-24 12:17 millert + + * configure.in: there is no more visudoers/Makefile + +1995-03-24 12:16 millert + + * Makefile.in: added in utk changes (visudo is now built from the + toplevel) + +1995-03-24 12:15 millert + + * find_path.c: added (void) casts to printf's + +1995-03-23 20:32 millert + + * parse.c, parse.lex, parse.yacc, sudo.h: merged in utk changes + +1995-03-22 21:13 millert + + * find_path.c: now check to see that what we are trying to run is a + file (or a link to a file, we do a stat(2) so there is no diff) + +1995-03-13 13:56 millert + + * CHANGES: updated + +1995-03-13 13:56 millert + + * Makefile.in: aclocal.m4 -> acsite.m4 make realclean updated for + new autoconf  + +1995-03-13 13:11 millert + + * sudo.man: added myself as maintainer + +1995-02-16 21:31 millert + + * sudo.c: changed setegid -> setgid + +1995-02-06 15:43 millert + + * configure.in: fixed the test for irix 5.x to skip bad libs + +1995-02-06 15:43 millert + + * aclocal.m4: now initialize OS and OSREV + +1995-01-26 18:52 millert + + * configure.in: irix5 changes + +1995-01-26 18:28 millert + + * configure.in: AC_WITH -> AC_ARG_WITH changes other misc changes + for autoconf 2.1 compatibility + +1995-01-16 16:44 millert + + * Makefile.in: added visudoers/compat.h to DISTFILES + +1995-01-16 15:01 millert + + * configure.in: fixed an echo + +1995-01-16 14:36 millert + + * sudo.c: added ocmnd declaration adjusted for find_path()'s new + parameters + +1995-01-16 14:35 millert + + * sudo.h: added ocmnd extern adjusted find_path() prototype + +1995-01-16 14:34 millert + + * parse.c: cmndcmp() now takes 3 arguments and checks against the + qualified as well as the unqualified pathname. more code that + should use cmndcmp() but did not, now does + +1995-01-16 14:34 millert + + * options.h: added to a comment + +1995-01-16 14:33 millert + + * logging.c: changed to use new find_path() parameter passing + +1995-01-16 14:32 millert + + * find_path.c: find_path() now takes 2 copyout parameters (one for + the qualified pathname and one for the unqualified pathname). The + third parameter may be NULL. + +1995-01-16 14:31 millert + + * configure.in: no longer munge pathnames.h + +1995-01-16 14:30 millert + + * pathnames.h.in: changed _PATH_* to use _SUDO_PATH_* (which are + defined in config.h) as a result, pathnames.h does not need to be + run through configure and the user can override the configured + values easily. + +1995-01-16 14:30 millert + + * config.h.in: added _SUDO_PATH_* entries + +1995-01-16 14:30 millert + + * aclocal.m4: _PATH* -> _SUDO_PATH_* + +1995-01-16 14:28 millert + + * Makefile.in: updated DISTFILES and HDRS .o's now depend on + config.h + +1995-01-13 10:52 millert + + * compat.h: removed extraneous #endif + +1995-01-13 10:48 millert + + * aclocal.m4: added SUDO_PROG_MV + +1995-01-13 10:47 millert + + * configure.in: added SUDO_PROG_MV added riscos and isc os types + took out -DSHORT_MESSAGE from --with-csops since it is now the + default + +1995-01-13 10:46 millert + + * sudo.c: move the include of id.h to compat.h now includes + options.h + +1995-01-13 10:45 millert + + * sudo.h: moved compatibility #defines to compat.h + +1995-01-13 10:45 millert + + * pathnames.h.in: added _PATH_MV + +1995-01-13 10:43 millert + + * config.h.in: move __P to compat.h + +1995-01-13 10:39 millert + + * getcwd.c, getwd.c, putenv.c: now includes compat.h + +1995-01-13 10:39 millert + + * compat.h: Initial revision + +1995-01-11 17:11 millert + + * sudo.h: pull user-configurable stuff out and put in options.h + +1995-01-11 16:43 millert + + * check.c, find_path.c, logging.c, parse.c, parse.lex, parse.yacc: + now includes options.h + +1995-01-11 16:41 millert + + * Makefile.in: added visudoers/options.h + +1995-01-11 16:40 millert + + * options.h, OPTIONS: Initial revision + +1995-01-11 16:39 millert + + * Makefile.in: added OPTIONS and options.h + +1995-01-11 16:36 millert + + * logging.c: changed #ifdef's to use LOGGING and + SLOG_SYSLOG/SLOG_FILE + +1995-01-11 09:02 millert + + * check.c, sudo.h: changed PASSWORD_TIMEOUT to minutes + +1994-12-15 18:32 millert + + * BUGS: added a visudo bug + +1994-12-15 17:46 millert + + * check.c: expanded comment + +1994-11-12 16:33 millert + + * check.c: fixed user_is_exempt to return 0 if EXEMPTGROUP is not + set + +1994-11-09 17:49 millert + + * sudo.c: added mips & isc support + +1994-11-09 17:49 millert + + * parse.c: added support for non-root owned sudoers file + +1994-11-09 17:48 millert + + * check.c: added exempt group support + +1994-11-09 17:47 millert + + * sudo.h: added set_perms() support added SUDOERS_OWNER so can have + non-root own sudoers file added exempt group support added isc + support + +1994-11-07 18:40 millert + + * configure.in: added skey support + +1994-11-07 18:39 millert + + * sudo.h: fixed typo added set_perms support added skey support + added seteuid()/setegid() emulation for AIX + +1994-11-07 18:38 millert + + * sudo.c: be_* -> setperms() now check to make sure sudoers file is + owned by root nread/write by only root + +1994-11-07 18:38 millert + + * logging.c, parse.c: be_* -> setperms() + +1994-11-07 18:38 millert + + * check.c: be_* -> set_perms() added skey support + +1994-11-06 16:59 millert + + * Makefile.in: ++version + +1994-10-21 11:16 millert + + * sudo.c: now sets IFS + +1994-10-21 10:02 millert + + * insults.h: fixed typo + +1994-10-15 13:48 millert + + * config.h.in: added HAVE_SKEY + +1994-10-04 11:00 millert + + * CHANGES: updated + +1994-10-04 10:57 millert + + * Makefile.in: ++version + +1994-10-04 10:56 millert + + * sudo.c: now bail if ARgv[1] > MAXPATHLEN + +1994-10-04 10:56 millert + + * configure.in: added function check for tcgetattr(3) + +1994-10-04 10:55 millert + + * config.h.in: only define HAVE_TERMIOS_H if you have tcgetattr(3) + +1994-10-04 10:53 millert + + * config.h.in: added check for tcgetattr + +1994-09-26 15:38 millert + + * CHANGES: updated + +1994-09-22 11:30 millert + + * parse.lex: now only include unistd.h for linux + +1994-09-21 12:29 millert + + * Makefile.in: added visudo.8 generation + +1994-09-21 12:07 millert + + * configure.in: added -Wl,-bI:./aixcrypt.exp to aix flags + +1994-09-20 17:39 millert + + * BUGS: added one + +1994-09-20 17:39 millert + + * CHANGES: updated + +1994-09-20 17:38 millert + + * README: added mailing list info + +1994-09-20 17:37 millert + + * parse.yacc: now use sudolineno instead of yylineno fixed bison + warnings + +1994-09-20 17:37 millert + + * configure.in: now use -no_library_replacement for osf don't make + a static binary for hpux >= 9.0 + +1994-09-20 17:21 millert + + * config.h.in: added ssize_t def + +1994-09-20 17:18 millert + + * parse.lex: added inclusion of string.h/strings.h + +1994-09-20 16:48 millert + + * aclocal.m4: fixed uname | sed (needed to quote the '[') + +1994-09-20 16:42 millert + + * parse.lex: replaced yylineno with sudolineno fixed bison syntax + errors + +1994-09-20 16:10 millert + + * TODO: updated + +1994-09-20 15:52 millert + + * parse.c: added code to support command listings + +1994-09-20 15:36 millert + + * sudo.c: added code for -l flag + +1994-09-20 15:35 millert + + * sudo.man: fixed typo added info for -l flag + +1994-09-20 12:45 millert + + * configure.in: AC_SSIZE_T -> SUDO_SSIZE_T + +1994-09-20 12:45 millert + + * aclocal.m4: added SUDO_SSIZE_T + +1994-09-20 12:44 millert + + * sudo.h: added MODE_LIST + +1994-09-20 12:43 millert + + * configure.in: added AC_SSIZE_T + +1994-09-19 18:53 millert + + * find_path.c: readlink() is now declared as returning ssize~_t + +1994-09-19 18:44 millert + + * configure.in: added -laud for OSF c2 + +1994-09-02 13:55 millert + + * config.h.in, parse.lex, parse.yacc, pathnames.h.in, Makefile.in: + changed sudo-bugs.cs.colorado.edu -> sudo-bugs@cs.colorado.edu + +1994-09-02 13:54 millert + + * check.c, find_path.c, getcwd.c, getwd.c, insults.h, logging.c, + parse.c, putenv.c, strdup.c, sudo.c, sudo.h: changed + sudo-bugs.cs.colorado.edu -> sudo-bugs@cs.colorado.ed + +1994-09-01 13:56 millert + + * Makefile.in: ++version + +1994-09-01 13:55 millert + + * logging.c: added host to alertmail messages + +1994-09-01 13:55 millert + + * CHANGES, TODO: udpated + +1994-09-01 13:26 millert + + * logging.c: fixed logging problem where mail would not say which + user it was + +1994-09-01 11:45 millert + + * configure.in: added -laud for gcc if osf & c2 + +1994-09-01 11:39 millert + + * check.c: moved set_auth_parameters to sudo.c + +1994-09-01 11:38 millert + + * sudo.c: added set_auth_parameters for osf + +1994-09-01 11:22 millert + + * configure.in: cleaned up -static stuff + +1994-09-01 11:15 millert + + * Makefile.in: ++version + +1994-09-01 11:15 millert + + * sudo.c: changed setenv() to sudo_setenv() + +1994-09-01 11:12 millert + + * check.c: fixed osf problem + +1994-08-31 20:17 millert + + * configure.in: added OSF C2 stuff + +1994-08-31 20:00 millert + + * CHANGES: updated + +1994-08-31 19:56 millert + + * check.c: added osf auth support & removed some extra spaces + +1994-08-31 19:52 millert + + * INSTALL, SUPPORTED: added osf C2 stuff + +1994-08-31 17:52 millert + + * TODO: added 2 suggestions + +1994-08-31 17:33 millert + + * Makefile.in: removed README.v1.3.1 and added VERSION stuff + +1994-08-30 16:30 millert + + * Makefile.in: added HISTORY + +1994-08-30 16:30 millert + + * sudo.man: mention HISTPRY file + +1994-08-30 16:30 millert + + * sudo.c: use sizeof instead of a constant in 1 place + +1994-08-30 16:30 millert + + * parse.yacc: added unistd.h + +1994-08-30 16:29 millert + + * parse.lex: added unistd.h + +1994-08-30 16:27 millert + + * README: udpated + +1994-08-30 16:15 millert + + * HISTORY: Initial revision + +1994-08-17 10:39 millert + + * CHANGES: updated + +1994-08-16 13:46 millert + + * sudo.c: added sys/time.h for AIX + +1994-08-14 19:22 millert + + * configure.in: added check for -lsocket and sys/sockio.h + +1994-08-14 19:21 millert + + * config.h.in: took out libshadow check and added in sys/sockio.h + check + +1994-08-14 19:21 millert + + * sudo.c: now include sockio.h instead of ioctl.h if it exists + "sudo -" now gets a better error message + +1994-08-14 18:47 millert + + * sample.sudoers: now has a dir and subnet entry + +1994-08-13 16:15 millert + + * sudo.c: removed if_ether.h + +1994-08-13 15:16 millert + + * TODO: added an item + +1994-08-13 15:15 millert + + * sudo.man: added network and ip addresses to man page + +1994-08-13 15:09 millert + + * sudo.c: no error if can't get interfaces or netmask since + networking may not be in the kernel. + +1994-08-13 15:08 millert + + * parse.c: nwo check for interfaces == NULL + +1994-08-12 19:22 millert + + * parse.c: fixed a bug that caused directory specs in a Cmnd_Alias + to fail if the last entry in the spec failed (ie: it was only + looking at the last entry). CLeaned things up by adding the + cmndcmp() function--all neat & tidy + +1994-08-12 19:21 millert + + * CHANGES: added one + +1994-08-11 21:42 millert + + * sudo.c: now do two passes to skip bogus interfaces (lo0, etc) + +1994-08-11 19:58 millert + + * logging.c: added ninclude of netinet/in.h + +1994-08-11 19:58 millert + + * check.c, find_path.c, getcwd.c, getwd.c, parse.lex, parse.yacc: + added include of netinet/in.h + +1994-08-11 19:57 millert + + * sudo.h: added interfaces global + +1994-08-11 19:56 millert + + * parse.c: now uses new interfaces global + +1994-08-11 19:56 millert + + * sudo.c: now ip addresses are gleaned fw/o dns + +1994-08-10 17:21 millert + + * sudo.c: added load_ip_addrs() to load the ip_addrs global var + +1994-08-10 17:21 millert + + * parse.c: added hostcmp() to compare hostnames, ip addrs, and + network addrs + +1994-08-10 17:20 millert + + * sudo.h: added ip_addrs def added load_ip_addrs prototype + +1994-08-08 14:03 millert + + * CHANGES: updated + +1994-08-08 13:57 millert + + * Makefile.in: removed multiple entries in DISTFILES + +1994-08-08 11:05 millert + + * find_path.c, getcwd.c, getwd.c, putenv.c, strdup.c: don't do + malloc decl if gnuc + +1994-08-08 11:04 millert + + * sudo.c: can't use getopt(3) since it munges args to the command + to be run as root don't do malloc decl if gnuc + +1994-08-07 22:41 millert + + * find_path.c, getcwd.c, getwd.c, putenv.c, strdup.c, sudo.c: + ansi-fied !STDC_HEADER function prottypes + +1994-08-07 22:27 millert + + * getcwd.c, getwd.c: added missing paren + +1994-08-07 22:23 millert + + * Makefile.in: added putenv.c to DISTFILES + +1994-08-07 22:07 millert + + * sudo.h: took out environ extern added local declaratio of + putenv() if local version is needed + +1994-08-07 22:05 millert + + * find_path.c, getcwd.c, getwd.c, strdup.c, sudo.c: added params to + func decls when STDC_HEADERS is not defined + +1994-08-07 22:04 millert + + * config.h.in: added memcpy check check to see that ansi vs bsd + macros are ntot already defiend before defining (ie: avoid + redefinition) + +1994-08-07 22:03 millert + + * configure.in: removed fluff setenv check plus check w/ replace + for putenv if also no setenv + +1994-08-07 22:01 millert + + * putenv.c: Initial revision + +1994-08-06 17:19 millert + + * sudo.h: rm'd s realp[ath added sudo_realpath and sudo_setenv + +1994-08-06 17:19 millert + + * sudo.c: now use sudo_setenvc + +1994-08-06 17:18 millert + + * configure.in: added puteenv and setenv, removed realpath + +1994-08-06 17:18 millert + + * config.h.in: added putenv & setenv + +1994-08-06 17:18 millert + + * Makefile.in: added sudo_setenv + +1994-08-05 17:43 millert + + * configure.in: added MAN_POSTINSTALL and /usr/share/catman for + irix + +1994-08-05 17:43 millert + + * Makefile.in: added MAN_POSTINSTALL + +1994-08-05 17:43 millert + + * CHANGES: added + +1994-08-05 17:10 millert + + * sudo.man: added SUDO_* plus new options + +1994-08-05 17:10 millert + + * CHANGES: added one + +1994-08-05 17:07 millert + + * configure.in: took out shadow lib + +1994-08-05 16:35 millert + + * TODO: adde done + +1994-08-05 15:49 millert + + * Makefile.in: support for installing a cat page instead of a man + page if no nroff + +1994-08-05 15:48 millert + + * configure.in: now defines HAVE_FLEX fixed up man stuff so that it + looks for nroff to determine whether or not to install a cat or man + page + +1994-08-05 15:48 millert + + * config.h.in: added HAVE_FLEX + +1994-08-05 14:14 millert + + * sudo.c: not set ret to MODE_RUN initially + +1994-08-05 14:12 millert + + * find_path.c: made command (and therefor cmnd dynamically + allocated) + +1994-08-04 18:25 millert + + * TODO: did #8 + +1994-08-04 18:24 millert + + * sudo.h: added MODE_ removed validate_only and added + remove_timestamp() + +1994-08-04 18:22 millert + + * sudo.c: usage() now takes an int (exit value) added parse_args() + to parse command line arguments moved call to find_path() from + load_globals to new function load_cmnd() removed validate_only + global -- now use the concept of "modes" added -h and -k options + +1994-08-04 18:21 millert + + * parse.c: no longer use global validate_only now checks for + command called "validate" removed check for non-fully qualified + commands since that is done by find_path + +1994-08-04 18:20 millert + + * find_path.c: changed MAXPATHLEN r to MAXPATHLEN+1 + +1994-08-04 18:17 millert + + * find_path.c: fixed off by one error with MAXPATHLEN and fixed a + comment + +1994-08-04 18:17 millert + + * check.c: check_timestamp no longer runs reminder(), it is implied + in the return val added remove_timestamp() + +1994-08-04 18:16 millert + + * CHANGES: updated + +1994-08-04 14:38 millert + + * BUGS: fixed on + +1994-08-04 14:37 millert + + * CHANGES: updated + +1994-08-03 10:08 millert + + * logging.c: moved send_mail to after syslog + +1994-08-02 20:41 millert + + * sudo.c: now set SUDO_ envariables + +1994-08-01 11:39 millert + + * find_path.c: removed an XXX + +1994-07-25 18:40 millert + + * CHANGES: updated + +1994-07-25 18:36 millert + + * configure.in: no more static binaries for aix + +1994-07-25 16:37 millert + + * INSTALL: fixed typo + +1994-07-25 16:31 millert + + * logging.c, sudo.c: be_root/be_user is now down in sudo_realpath() + +1994-07-25 16:26 millert + + * logging.c, sudo.h: now works with 4.2BSD syslog (blech) + +1994-07-25 16:25 millert + + * find_path.c: now use sudo_realpath() + +1994-07-25 16:25 millert + + * config.h.in: took out realpth() stuff since we now use + sudo_realpath() + +1994-07-25 16:25 millert + + * configure.in: ultrix enhanced sec + +1994-07-25 16:25 millert + + * SUPPORTED: added ultrix enhanced sec. + +1994-07-25 16:24 millert + + * INSTALL: updated + +1994-07-25 16:21 millert + + * check.c: ultrix enhanced security suport + +1994-07-25 16:20 millert + + * Makefile.in: added sudo_realpath.c + +1994-07-25 16:18 millert + + * CHANGES: updated + +1994-07-25 11:17 millert + + * BUGS: updated BUGS + +1994-07-15 09:49 millert + + * check.c: now use user global var + +1994-07-15 09:48 millert + + * configure.in: took out -ls + +1994-07-14 17:11 millert + + * configure.in: added AFS libs + +1994-07-14 15:45 millert + + * sudo.h: user is now a char * added epasswd + +1994-07-14 15:43 millert + + * sudo.c: added tzset() to load_globals added epasswd (encrypted + password) global made user dynamically allocated + +1994-07-14 15:43 millert + + * configure.in: added tzset test + +1994-07-14 15:43 millert + + * config.h.in: added HAVE_TZSET + +1994-07-14 15:42 millert + + * check.c: cleaned up encrypted passwd grab somewhat + +1994-07-14 10:34 millert + + * configure.in: fixed AFS typo + +1994-07-14 10:34 millert + + * INSTALL: added AFS not + +1994-07-14 10:34 millert + + * CHANGES: udpated + +1994-07-14 10:33 millert + + * logging.c: can now log to both syslog & a file + +1994-07-14 10:12 millert + + * sudo.h: added BOTH_LOGS + +1994-07-14 09:34 millert + + * CHANGES: updated + +1994-07-14 09:32 millert + + * configure.in: --with-AFS + +1994-07-14 09:32 millert + + * config.h.in: added HAVE_AFS + +1994-07-14 09:31 millert + + * check.c: added afs changes + +1994-07-14 09:21 millert + + * sudo.h: removed AFS stuff :-) + +1994-07-14 09:17 millert + + * sudo.h: added AFS + +1994-07-07 12:45 millert + + * SUPPORTED, CHANGES: updated + +1994-07-07 12:44 millert + + * logging.c: can now have MAILER undefined + +1994-07-07 12:37 millert + + * INSTALL: new sub-note about MAILER + +1994-07-06 21:11 millert + + * sudo.man: added blurb about password timeout + +1994-07-06 18:52 millert + + * configure.in: convex c2 changes + +1994-07-06 18:52 millert + + * aclocal.m4: took out duplicate define of _CONVEX_SOURCE + +1994-07-06 18:51 millert + + * Makefile.in: added OSDEFS + +1994-07-06 18:46 millert + + * config.h.in: added spaces + +1994-07-06 18:08 millert + + * sudo.h: use __hpux not hpux convex c2 stuff + +1994-07-06 18:08 millert + + * sudo.c: use __hpux not hpux + +1994-07-06 18:08 millert + + * logging.c: convex c2 stuff + +1994-07-06 18:07 millert + + * config.h.in: define ansi-ish cpp os defines if non-ansi are + defined for hpux & convex + +1994-07-06 18:07 millert + + * INSTALL: updated to say we support sonvex C2 + +1994-07-06 18:05 millert + + * check.c: added convex c2 support + +1994-06-29 15:04 millert + + * configure.in: things were testing -n "$GCC" instead of -z "$GCC" + +1994-06-26 14:38 millert + + * PORTING: updated tgetpass() blurb + +1994-06-26 14:35 millert + + * configure.in: added --with-getpass + +1994-06-26 14:35 millert + + * Makefile.in: added tgetpass stuff + +1994-06-24 17:48 millert + + * PORTING: updated ,. + +1994-06-24 17:46 millert + + * config.h.in: added USE_GETPASS && HAVE_C2_SECURITY + +1994-06-24 17:45 millert + + * configure.in: fixed a test aded --with-C2 and --with-tgetpass + +1994-06-24 17:45 millert + + * check.c: added hpux C2 shit + +1994-06-24 17:45 millert + + * Makefile.in: took out tgetpass.* + +1994-06-24 17:45 millert + + * INSTALL: added C2 blurb + +1994-06-13 13:54 millert + + * configure.in: no termio(s) for ultrix since it is broken + +1994-06-13 13:41 millert + + * check.c: added a space (yeah, anal) + +1994-06-13 13:17 millert + + * realpath.c: fixed it (duh, rtfm) + +1994-06-08 12:34 millert + + * config.h.in: took out bsd signal stuff for irix + +1994-06-08 12:09 millert + + * configure.in: don't define BSD signals for irix + +1994-06-08 10:57 millert + + * TODO: did some... + +1994-06-08 10:57 millert + + * CHANGES: updated + +1994-06-08 10:56 millert + + * realpath.c: took out unneeded code by changing where a strings + was terminated + +1994-06-07 17:21 millert + + * realpath.c: fix bug where /dirname would return NULL + +1994-06-07 15:40 millert + + * sudo.h: move __P to config.h + +1994-06-07 15:40 millert + + * getcwd.c, getwd.c, realpath.c: added errno definition + +1994-06-07 15:40 millert + + * config.h.in: added __P + +1994-06-07 15:21 millert + + * config.h.in: added HAVE_FCHDIR + +1994-06-07 15:18 millert + + * strdup.c: now include stdio + +1994-06-07 12:55 millert + + * realpath.c: now works if no fchdir + +1994-06-07 12:54 millert + + * configure.in: added check & replace + +1994-06-06 18:05 millert + + * configure.in: took out -static for nextstep -- it doesn't work + +1994-06-06 17:59 millert + + * logging.c: moved #endif to where it belongs + +1994-06-06 17:54 millert + + * SUPPORTED: correction + +1994-06-06 17:42 millert + + * configure.in: now checks for strdup realpath getcwd bzero + +1994-06-06 17:31 millert + + * config.h.in: emulate bzero + +1994-06-06 14:57 millert + + * logging.c: added posix signals + +1994-06-06 14:56 millert + + * configure.in: removed BROKEN_GETPASS added new srcs toreplace + missing functions + +1994-06-06 14:56 millert + + * config.h.in: added posix signal stuff + +1994-06-06 14:56 millert + + * Makefile.in: added new srcs + +1994-06-05 18:17 millert + + * PORTING: updated sto reflect major changes + +1994-06-05 18:05 millert + + * TODO, CHANGES: updated + +1994-06-05 18:04 millert + + * sudo.h: added PASSWORD_TIMEOUT + prototypes for new functions + +1994-06-05 18:04 millert + + * realpath.c: for those w/o this in libc + +1994-06-05 18:03 millert + + * getcwd.c, getwd.c: Initial revision + +1994-06-05 18:03 millert + + * find_path.c: rewrote to use realpath(3) - nis now all my code + +1994-06-05 18:02 millert + + * config.h.in: added HAVE_REALPATH + +1994-06-05 18:02 millert + + * check.c: now use tgetpass + +1994-06-05 18:02 millert + + * Makefile.in: added LIBOBJS use tgetpass.c + +1994-06-05 15:17 millert + + * pathnames.h.in: added /dev/tty + +1994-06-04 13:29 millert + + * sudo.c: always use getcwd + +1994-06-04 12:49 millert + + * config.h.in: added check for getwd + +1994-06-04 12:48 millert + + * configure.in: replace strdup & realpath & getcwd if missing + +1994-06-04 12:47 millert + + * pathnames.h.in: added _PATH_PWD + +1994-06-04 12:46 millert + + * aclocal.m4: added SUDO_PROG_PWD + +1994-06-04 12:37 millert + + * realpath.c, strdup.c: Initial revision + +1994-06-03 09:31 millert + + * configure.in: quoted quare brackets + +1994-06-02 15:49 millert + + * sudo.c: no need to strdup() a constant + +1994-06-02 13:45 millert + + * CHANGES: updated + +1994-06-02 13:44 millert + + * sudo.man: added validate + +1994-06-02 13:42 millert + + * sudo.c: added -v to usage + +1994-06-02 13:41 millert + + * parse.c, sudo.c, sudo.h: added validate_only stuff + +1994-05-29 19:29 millert + + * configure.in: now finds sed + +1994-05-29 19:28 millert + + * aclocal.m4: $OSREV is now an int + +1994-05-29 17:13 millert + + * configure.in: added mtxinu to caser + +1994-05-29 16:37 millert + + * sudo.h: added EXEC macro + +1994-05-29 16:36 millert + + * sudo.c: now use the EXEC nmacro now only do a gethostbyname() if + FQDN is set + +1994-05-29 16:36 millert + + * logging.c: changed mail_argv[] def now use EXEC() macro + +1994-05-29 16:35 millert + + * check.c: took out crypt() definition + +1994-05-29 13:52 millert + + * configure.in: always look for -lnsl + +1994-05-29 13:29 millert + + * aclocal.m4: added an echo + +1994-05-29 13:25 millert + + * sudo.h: SHORT_MESSAGE is now the default + +1994-05-29 13:18 millert + + * config.h.in: fixed typo + +1994-05-28 23:29 millert + + * configure.in: added missing AC_DEFINE(SVR4) for solaris + +1994-05-28 18:42 millert + + * sudo.man: documented the -v flag + +1994-05-28 18:34 millert + + * SUPPORTED: updated + +1994-05-28 18:31 millert + + * check.c: proto-ized crypt() + +1994-05-28 18:28 millert + + * config.h.in: added LIBSHADOW undef + +1994-05-28 18:18 millert + + * configure.in: nwo set OS to be lowercase + +1994-05-28 17:36 millert + + * configure.in: now use SUDO_OSTYPE to set $OS + +1994-05-28 17:36 millert + + * aclocal.m4: now use uname to determine os + +1994-05-28 13:13 millert + + * sudo.h: added prototyppes + +1994-05-28 13:13 millert + + * parse.c: added comment + +1994-05-28 13:12 millert + + * config.h.in: nwo use _BSD_SIGNALS not _BSD_COMPAT + +1994-05-28 13:11 millert + + * check.c, logging.c, sudo.c: added prototypes + +1994-05-28 13:11 millert + + * aixcrypt.exp: Initial revision + +1994-05-28 13:11 millert + + * Makefile.in: added aixcrypt.exp + +1994-05-28 11:21 millert + + * parse.lex, parse.yacc: moved config.h to top of includes + +1994-05-25 13:48 millert + + * find_path.c: now don't bitch if get EACCESS (treat like EPERM) + +1994-05-24 21:08 millert + + * sudo.c: cast Argv to a const for exec added -v flag + +1994-05-24 21:07 millert + + * logging.c: mail_argv is now a const + +1994-05-24 21:07 millert + + * configure.in: only set RETSIGTYPE if it is not set already + +1994-05-24 21:07 millert + + * aclocal.m4: now defines & STDC_HEADERS for Irix + +1994-05-24 21:07 millert + + * Makefile.in: added version.h + +1994-05-24 19:25 millert + + * insults.h, sudo.h: prevent multiple inclusion + +1994-05-24 19:09 millert + + * parse.lex, parse.yacc: now includes config.h + +1994-05-24 18:54 millert + + * aclocal.m4: now talks about sunos 4.x + +1994-05-24 16:00 millert + + * CHANGES: updated + +1994-05-24 15:44 millert + + * sudo.c: ok, the getcwd() is now *really* done as the user + +1994-05-24 15:44 millert + + * configure.in: changed AIX STATIC_FLAGS + +1994-05-24 14:27 millert + + * aclocal.m4: solaris now defines SVR4 + +1994-05-24 14:18 millert + + * sudo.h: added cwd and fixed stupid core dump that makes no sense. + sigh. + +1994-05-24 14:18 millert + + * sudo.c: moved getcwd stuff into load_globals + +1994-05-24 14:18 millert + + * parse.c: took out externs that are in suod.h + +1994-05-24 14:18 millert + + * logging.c: moved cwd into load_globals + +1994-05-24 14:17 millert + + * find_path.c: moved cwd stuff + +1994-05-24 13:55 millert + + * Makefile.in: fixed make distclean & realclean + +1994-05-24 10:51 millert + + * TODO: updated ., + +1994-05-24 10:51 millert + + * CHANGES: added solaris changes + +1994-05-24 10:51 millert + + * aclocal.m4: added solaris changes, need to rework + +1994-05-24 10:50 millert + + * configure.in: cleaned up for solaris + +1994-05-24 10:13 millert + + * logging.c: reinstall reapchild signal handler for non-bsd signals + +1994-05-24 10:03 millert + + * sudo.h: took out getdtablesize() emulation for HP-UX (no longer + needed) + +1994-05-24 10:03 millert + + * sudo.c: support for HAVE_SYSCONF + +1994-05-23 18:26 millert + + * config.h.in: added HAVE_SYSCONF + +1994-05-16 16:57 millert + + * configure.in: now tells you what os you are running /. + +1994-05-16 16:56 millert + + * aclocal.m4: took out extra ',' + +1994-05-14 15:56 millert + + * config.h.in: added _BSD_COMPAT + +1994-05-14 15:56 millert + + * aclocal.m4: fixed for irix5 + +1994-05-14 15:55 millert + + * CHANGES: updated + +1994-05-14 15:27 millert + + * sudo.c: uid seinitialized to -2 + +1994-04-28 10:36 millert + + * sudo.c: now removes LIBPATH for AIX + +1994-03-12 18:41 millert + + * configure.in: now uses ufc if it finds it + +1994-03-12 15:42 millert + + * sudo.h: no longer define yyval & yylval since yacc does it + +1994-03-12 15:42 millert + + * parse.lex: now defines yylval as extenr + +1994-03-12 15:41 millert + + * configure.in: BROKEN_GETPASS is now an OPTION + +1994-03-12 15:41 millert + + * config.h.in: took out BROKEN_GETPASS + +1994-03-12 15:20 millert + + * Makefile.in: took out big comment + +1994-03-12 14:24 millert + + * README: updated + +1994-03-12 14:20 millert + + * Makefile.in: took out README.beta + +1994-03-12 14:19 millert + + * SUPPORTED: Initial revision + +1994-03-12 14:19 millert + + * INSTALL: now reference SUPPORTED ., + +1994-03-12 14:17 millert + + * config.h.in: now check for convex OR __convex__ + +1994-03-12 14:16 millert + + * aclocal.m4: now check for convex or __convex__ + +1994-03-12 14:15 millert + + * Makefile.in: added dist target + +1994-03-12 13:19 millert + + * aclocal.m4: use __convex__ + +1994-03-12 12:33 millert + + * find_path.c: now use _S_* stat stuff to be ansi-like + +1994-03-12 12:11 millert + + * INSTALL: updated for configure directions + +1994-03-12 12:05 millert + + * Makefile.in: distclean now removes config.h and pathnames.h + +1994-03-12 12:03 millert + + * CHANGES: updated + +1994-03-12 12:00 millert + + * TODO: fixed typoe + +1994-03-12 11:57 millert + + * Makefile.in: updated version + +1994-03-12 11:57 millert + + * config.h.in, pathnames.h.in: added copyright header + +1994-03-12 11:55 millert + + * check.c, find_path.c, insults.h, logging.c, parse.c, parse.lex, + parse.yacc, sudo.c, sudo.h: udpated version + +1994-03-12 11:37 millert + + * Makefile.in, config.h.in, configure.in, aclocal.m4: updated + +1994-03-12 11:37 millert + + * sudo.h: now works with configure + +1994-03-12 11:36 millert + + * check.c, find_path.c, getpass.c, logging.c, parse.c, sudo.c: + updated to work with configure + pathnames.h + +1994-03-12 08:40 millert + + * Makefile.in: added LEXLIB + +1994-03-10 01:18 millert + + * COPYING: updated gnu general licence to versio 2 + +1994-03-10 00:44 millert + + * pathnames.h.in, config.h.in: Initial revision + +1994-03-09 23:43 millert + + * sudo.h: changed to work with configure + +1994-03-09 16:51 millert + + * Makefile.in, aclocal.m4, configure.in: Initial revision + +1994-03-01 14:31 millert + + * find_path.c: sudo won't bitch about EPERM now, for real + +1994-02-27 22:36 millert + + * logging.c: renamed exec_argv to eliminate a libc name clash with + ksros + +1994-02-27 22:28 millert + + * CHANGES: corrected + +1994-02-27 22:27 millert + + * logging.c, sudo.c, sudo.h: execve -> execv + +1994-02-27 21:27 millert + + * TODO: upated + +1994-02-27 21:19 millert + + * PORTING: added 2 mroe items + +1994-02-27 21:12 millert + + * CHANGES: updated + +1994-02-27 21:11 millert + + * sudo.h: added UMASK and mode_t declaration + +1994-02-27 21:11 millert + + * sudo.c: added UMASK + +1994-02-27 18:55 millert + + * logging.c: now opens log file with mode 077 + +1994-02-27 18:55 millert + + * check.c: saved current umask ans restores it + +1994-02-27 18:36 millert + + * sudo.h: added MAXLOGFILELEN + +1994-02-27 18:35 millert + + * logging.c: split long log lines. FOr syslog, split into multiple + entries, for a log file, indent the extra for readability + +1994-02-27 15:22 millert + + * CHANGES: added changes + +1994-02-27 15:18 millert + + * sudo.h: MAXLOGLEN & MAXSYSLOGLEN are now different (as they + should be) + +1994-02-25 14:04 millert + + * TODO: added input from Brett M Hogden + +1994-02-16 11:35 millert + + * sudo.c: added rmenv() to remove stuff from environ. can now uses + execvp() OR execve() becuase of this. + +1994-02-16 11:35 millert + + * logging.c: now uses execvp() OR execve() + +1994-02-16 11:31 millert + + * sudo.h: added USE_EXECVE + +1994-02-16 11:27 millert + + * sudo.h: added environ + +1994-02-16 10:53 millert + + * find_path.c: now ignore EPERM + +1994-02-15 21:52 millert + + * sudo.h: moved some func decls out of sudo.h and into sudo.c as + statics /. + +1994-02-15 21:52 millert + + * CHANGES: updated + +1994-02-15 21:40 millert + + * sudo.h: took out Envp + +1994-02-14 10:28 millert + + * BUGS: Initial revision + +1994-02-10 12:29 millert + + * sudo.c, sudo.h, CHANGES: added SECURE_PATH + +1994-02-10 12:05 millert + + * sudo.h: added SECURE_PATH + +1994-02-10 11:50 millert + + * INSTALL: added sample.sudoers note + +1994-02-09 12:54 millert + + * find_path.c: fixed typo + +1994-02-08 21:06 millert + + * PORTING: took out SAVED_UID garbage + +1994-02-08 20:55 millert + + * INSTALL: mentioned HAL + +1994-02-08 20:50 millert + + * sudo.h: added HAL line + +1994-02-08 20:48 millert + + * insults.h: added HAL insults + +1994-02-08 20:48 millert + + * TODO: updated + +1994-02-08 20:02 millert + + * logging.c: more verbose error if mailer not found + +1994-02-08 20:02 millert + + * check.c: now do getpwent as root for soem shadow password systems + (bsdi) + +1994-02-08 11:22 millert + + * sudo.h: took out SAVED_UID garbade + +1994-02-08 11:21 millert + + * sudo.c: took out SAVED_UID garbage since it don't work + +1994-02-06 15:43 millert + + * README: updated + +1994-02-06 15:40 millert + + * insults.h: added a missing space :-) + +1994-02-05 17:48 millert + + * sudo.c, sudo.h: took out multimax cruft + +1994-02-05 17:30 millert + + * INSTALL: minor update + +1994-02-05 17:30 millert + + * PORTING: finished + +1994-02-05 17:19 millert + + * sudo.c: fixed a typo + indentation + +1994-02-05 16:43 millert + + * sudo.h: took outumoved some defines to the config file ,. ,. + +1994-02-05 13:17 millert + + * PORTING: Initial revision + +1994-02-05 13:17 millert + + * TODO: did #6 + +1994-02-05 13:16 millert + + * sudo.h: added HAS_SAVED_UID + +1994-02-05 13:16 millert + + * sudo.c: put back AIX cruft + +1994-02-02 22:44 millert + + * sudo.c: aix changes + +1994-02-01 23:31 millert + + * CHANGES: updated + +1994-02-01 23:30 millert + + * check.c, logging.c, parse.c, sudo.c, sudo.h: now is only root + when abs necesary + +1994-02-01 20:21 millert + + * check.c: added missing %s\n + +1994-01-31 00:06 millert + + * install-sh: Initial revision + +1994-01-30 23:58 millert + + * CHANGES, TODO: updated + +1994-01-30 23:56 millert + + * sudo.c: now removed _RLD_* for alphas + +1994-01-30 23:50 millert + + * INSTALL: updated for new config scheme + +1994-01-30 17:42 millert + + * find_path.c: more verbose eror messages + +1994-01-27 12:08 millert + + * TODO: now have solaris + +1994-01-27 12:07 millert + + * sudo.h: define __svr4__ for SOLARIS + +1994-01-27 12:07 millert + + * check.c: added svr4 junk for shadow pws for solaris 2.x + +1994-01-27 11:19 millert + + * check.c, sudo.c: took out setuid(0) and setreuid(udi) garbage. + Its not needed since we start out setuid with the correct perms. + +1994-01-26 17:51 millert + + * check.c, sudo.c, sudo.h: now use setreuid() + +1994-01-26 16:58 millert + + * sudo.man: revised AUTHORS secrtion & added ENV_EDITOR stuff to + VARIABLES sectoin + +1994-01-26 16:52 millert + + * sudo.h: now uses ENV_EDITOR if you want to use the EDITOR envar + >> . + +1993-12-06 23:33 millert + + * README: minor update + spell fix + +1993-12-06 23:33 millert + + * INSTALL: rewrote most of this + +1993-12-06 23:13 millert + + * sudo.h: added all options that are in the Makefile + +1993-12-06 22:23 millert + + * getpass.c: now use USE_TERMIO #define for sgi & hpux + +1993-12-06 21:19 millert + + * TODO: todo: posix sigs + +1993-12-05 23:12 millert + + * check.c, find_path.c: always include strings.h + +1993-12-05 18:30 millert + + * sudo.h: sgi has vi in /usr/bin too + +1993-12-05 18:23 millert + + * sudo.man: added VISUAL + +1993-12-02 20:20 millert + + * sudo.h: sue /usr/bin/vi on some systems + +1993-12-02 20:19 millert + + * sudo.c: fixed warning (include strings.h) + +1993-12-02 20:06 millert + + * sudo.man: added John_Rouillard@dl5000.bc.edu's changes (new + features) + +1993-12-02 19:38 millert + + * CHANGES: changes from John_Rouillard@dl5000.bc.edu + +1993-12-02 19:34 millert + + * check.c, find_path.c, parse.c, sudo.c: added patches from + John_Rouillard directory spec uses EDITOR + +1993-12-01 17:32 millert + + * getpass.c: added flush for hpux + +1993-11-30 11:37 millert + + * sudo.c: no longer assume malloc returns a char * + +1993-11-29 18:35 millert + + * sudo.c: alpha change to remove LD_-like thing fixed SHLIB_PATH + stuff -- now gets removed correctly + +1993-11-29 17:31 millert + + * sudo.h: added STD_HEADERS macro + +1993-11-29 17:14 millert + + * sudo.c: now uses STD_HEADERS macor for ansi + +1993-11-29 17:14 millert + + * find_path.c: now uses STD_HEADERS macro + +1993-11-29 17:13 millert + + * check.c: niceties for C compiler bitches -- no real change + +1993-11-28 14:35 millert + + * sudo.man: added visudo line + +1993-11-28 14:31 millert + + * sudo.man: added error stuff added me in there... + +1993-11-28 01:12 millert + + * CHANGES: noted insults + +1993-11-28 01:01 millert + + * INSTALL: added blurb about reading stuff + +1993-11-28 01:00 millert + + * sudo.h: added insults + +1993-11-28 01:00 millert + + * insults.h: corrected somments and removed newlines + +1993-11-28 01:00 millert + + * check.c: now uses insults + +1993-11-28 00:45 millert + + * insults.h: Initial revision + +1993-11-27 17:46 millert + + * INSTALL: added dec syslog note + +1993-11-27 17:25 millert + + * sample.sudoers: added real stuff in there + +1993-11-27 17:24 millert + + * TODO: added a todo + +1993-11-27 17:10 millert + + * TODO: added one + +1993-11-27 16:59 millert + + * sample.sudoers: Initial revision + +1993-11-27 16:59 millert + + * sudo.man: updated with changes + +1993-11-27 16:52 millert + + * sudo.man: Initial revision + +1993-11-27 16:48 millert + + * CHANGES, COPYING, INSTALL, README, TODO, indent.pro: Initial + revision + +1993-11-27 16:42 millert + + * sudo.h, check.c, find_path.c, logging.c, parse.c, parse.lex, + parse.yacc, sudo.c: updated version number and took out jeff's + email (since it is invalid) + +1993-10-28 07:36 millert + + * check.c: added fflush() + +1993-10-22 18:46 millert + + * find_path.c: now return NULL instead pfof exiting for + nopnn-fatal errors + +1993-10-21 14:57 millert + + * check.c: new banner + +1993-10-21 14:42 millert + + * parse.lex: now sudo.h gets included first + +1993-10-17 18:31 millert + + * parse.lex: now can use flex + +1993-10-17 18:31 millert + + * sudo.h: linux patch + +1993-10-17 18:30 millert + + * sudo.c: hpux 9 fix, removes SHLIB_PATH linux patch + +1993-10-17 18:30 millert + + * check.c: linux diff + +1993-10-15 14:03 millert + + * find_path.c: stat now ignores EINVAL + +1993-10-05 19:48 millert + + * find_path.c, sudo.c: now declare strdup as extern + +1993-10-04 13:10 millert + + * check.c, find_path.c, getpass.c, logging.c, parse.c, sudo.c, + sudo.h: used indent to "fix" coding style + +1993-10-03 18:12 millert + + * find_path.c: now checks '.' or '.' or '' in PATH -- but does it + LAST should maybe move the code that does this into the loop body. + makes it messier tho. hmmm. + +1993-09-08 09:53 millert + + * find_path.c: redid the fix for non-executable files in an easier + to read way plus some minor aethetic changes + +1993-09-08 09:39 millert + + * find_path.c: fixed bug with non-executable tings of same name in + path introduced by checkig errno after stat(2). + +1993-09-05 08:02 millert + + * sudo.c: fixed off by one error + +1993-09-05 07:55 millert + + * find_path.c: now handles decending below '/' correctly + +1993-09-05 06:35 millert + + * sudo.c: now actually builds Envp instead of munging envp + +1993-09-04 13:42 millert + + * parse.yacc: now includes sys/param.h + +1993-09-04 13:30 millert + + * sudo.h: fixed ifndef -> ifdef + +1993-09-04 13:19 millert + + * qualify.c: make more like find_path.c + +1993-09-04 13:18 millert + + * find_path.c: rewritten by millert + +1993-09-04 13:17 millert + + * sudo.h: fixed MAXCOMMANDLENGTH now uses USE_CWD and NEED_STRDUP + added info about new defines in the comment + +1993-09-04 13:15 millert + + * logging.c: now uses USE_CWD + +1993-09-04 12:10 millert + + * sudo.h: added delc for clean_envp() and Envp + +1993-09-04 12:09 millert + + * sudo.c: now rips LD_* env vars out of envp and passed sanitized + Envp to exec + +1993-09-04 12:09 millert + + * logging.c: now uses execve() + +1993-09-04 12:08 millert + + * find_path.c: ENOTDIR is ok now too (in case part of the path is + bogus) + +1993-09-04 06:17 millert + + * qualify.c: now works correctly (ttaltotal rewrite) + +1993-09-04 05:59 millert + + * parse.lex: now includes sys/param.h didn't match trailing / -- + fix from rouilj@cs.umb.edu + +1993-06-11 16:04 millert + + * sudo.c: moved around the #ifndef _AIX + +1993-06-11 16:03 millert + + * check.c, logging.c, parse.c: Initial revision + +1993-03-20 05:57 millert + + * qualify.c: Initial revision + +1993-03-13 13:09 millert + + * find_path.c: now works if you do sudo bin/test + +1993-03-13 12:20 millert + + * find_path.c: works + +1993-03-02 16:28 millert + + * sudo.h: Initial revision + +1993-03-02 09:32 millert + + * parse.lex, parse.yacc: Initial revision + +1993-02-16 11:24 millert + + * sudo.c: took out errno.h + +1993-02-16 11:22 millert + + * sudo.c: now spews error if exec fails and exits with -1 + +1993-02-16 10:07 millert + + * sudo.c: Initial revision + +1993-02-15 20:27 millert + + * find_path.c: now only execs files with (an) executable bit set. + +1993-02-15 20:01 millert + + * find_path.c: Initial revision + +1993-02-15 12:32 millert + + * getpass.c: added nice comment + +1993-02-15 12:19 millert + + * getpass.c: now works on sgi's + +1993-02-15 11:57 millert + + * getpass.c: Initial revision +