From ec1ec4a80972d687f3b63984d68dc16a881fd01c Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@courtesan.com>
Date: Thu, 12 Jan 2012 13:20:10 -0500
Subject: [PATCH] Fix mode on sudoers as needed when the -f option is not
 specified.

--HG--
branch : 1.7
---
 visudo.c | 21 ++++++++++++++++-----
 1 file changed, 16 insertions(+), 5 deletions(-)

diff --git a/visudo.c b/visudo.c
index dd32387db..e3f9b8cfd 100644
--- a/visudo.c
+++ b/visudo.c
@@ -235,12 +235,9 @@ main(argc, argv)
     /* Check edited files for a parse error and re-edit any that fail. */
     reparse_sudoers(editor, args, strict, quiet);
 
-    /* Install the sudoers temp files. */
+    /* Install the sudoers temp files as needed. */
     tq_foreach_fwd(&sudoerslist, sp) {
-	if (!sp->modified)
-	    (void) unlink(sp->tpath);
-	else
-	    (void) install_sudoers(sp, oldperms);
+	(void) install_sudoers(sp, oldperms);
     }
 
     exit(0);
@@ -533,6 +530,20 @@ install_sudoers(sp, oldperms)
 {
     struct stat sb;
 
+    if (!sp->modified) {
+	/*
+	 * No changes but fix owner/mode if needed.
+	 */
+	(void) unlink(sp->tpath);
+	if (!oldperms && fstat(sp->fd, &sb) != -1) {
+	    if (sb.st_uid != SUDOERS_UID || sb.st_gid != SUDOERS_GID)
+		(void) chown(sp->path, SUDOERS_UID, SUDOERS_GID);
+	    if ((sb.st_mode & 0777) != SUDOERS_MODE)
+		(void) chmod(sp->path, SUDOERS_MODE);
+	}
+	return TRUE;
+    }
+
     /*
      * Change mode and ownership of temp file so when
      * we move it to sp->path things are kosher.
-- 
2.40.0