Prev: This construction doesn't work
Next: Confirming a bug in clang++ (freeBSD
From: Wesley Shields on 28 Jun 2010 20:48
See below for the changes to sudo 1.7.3 which is set to be released
soon. If you want to test out the 1.7.3rc1 update please fetch the patch
from http://people.freebsd.org/~wxs/sudo.diff, apply it and rebuild.
Please reply back to me privately with reports of success or failures.

I'll probably get the update in the tree sometime early or mid-July.

-- WXS

----- Forwarded message from "Todd C. Miller" <Todd.Miller(a)courtesan.com> -----

Date: Mon, 28 Jun 2010 09:56:10 -0400
From: "Todd C. Miller" <Todd.Miller(a)courtesan.com>
To: sudo-workers(a)sudo.ws
Cc: sudo-users(a)sudo.ws
Subject: [sudo-workers] sudo 1.7.3rc1 available

The first release candidate of sudo 1.7.3 is now available.
Sudo 1.7.3 is scheduled for release on June 30th.

Download links:
http://www.sudo.ws/sudo/dist/beta/sudo-1.7.3rc1.tar.gz
ftp://ftp.sudo.ws/pub/sudo/beta/sudo-1.7.3rc1.tar.gz

Major changes between sudo 1.7.2p7 and 1.7.3rc1:

* Support for logging I/O for the command being run.
For more information, see the documentation for the "log_input"
and "log_output" Defaults options in the sudoers manual. Also
see the sudoreplay manual for how to replay I/O log sessions.

* The use_pty sudoers option can be used to force a command to be
run in a pseudo-pty, even when I/O logging is not enabled.

* On some systems, sudo can now detect when a user has logged out
and back in again when tty-based time stamps are in use. Supported
systems include Solaris systems with the devices file system,
Mac OS X, and Linux systems with the devpts filesystem (pseudo-ttys
only).

* On AIX systems, the registry setting in /etc/security/user is
now taken into account when looking up users and groups. Sudo
now applies the correct the user and group ids when running a
command as a user whose account details come from a different
source (e.g. LDAP or DCE vs. local files).

* Support for multiple 'sudoers_base' and 'uri' entries in ldap.conf.
When multiple entries are listed, sudo will try each one in the
order in which they are specified.

* Sudo's SELinux support should now function correctly when running
commands as a non-root user and when one of stdin, stdout or stderr
is not a terminal.

* Sudo will now use the Linux audit system with configure with
the --with-linux-audit flag.

* Sudo now uses mbr_check_membership() on systems that support it
to determine group membership. Currently, only Darwin (Mac OS X)
supports this.

* When the tty_tickets sudoers option is enabled but there is no
terminal device, sudo will no longer use or create a tty-based
ticket file. Previously, sudo would use a tty name of "unknown".
As a consequence, if a user has no terminal device, sudo will
now always prompt for a password.

* The passwd_timeout and timestamp_timeout options may now be
specified as floating point numbers for more granular timeout
values.

* Negating the fqdn option in sudoers now works correctly when sudo
is configured with the --with-fqdn option. In previous versions
of sudo the fqdn was set before sudoers was parsed.
____________________________________________________________
sudo-workers mailing list <sudo-workers(a)sudo.ws>
For list information, options, or to unsubscribe, visit:
http://www.sudo.ws/mailman/listinfo/sudo-workers

----- End forwarded message -----
_______________________________________________
freebsd-ports(a)freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "freebsd-ports-unsubscribe(a)freebsd.org"

 | 
Pages: 1
Prev: This construction doesn't work
Next: Confirming a bug in clang++ (freeBSD