isa/sudo - sudo - Subgraph Gitea

isa/sudo

Author	SHA1	Message	Date
Todd C. Miller	3a85a8892f	forgot to update date in last commit	2016-06-15 10:08:06 -06:00
Todd C. Miller	6c7eb07e0e	Fix typo; cn=default should be cn=defaults	2016-06-15 05:14:33 -06:00
Todd C. Miller	638acc28cf	The sudoers.ldap manual is installed in section 4 or 5, not 1m or 8. Also fix the section for ldap.conf cross-references.	2016-05-31 13:17:38 -06:00
Todd C. Miller	77331392e0	Fix copy pasta, "sudoNotAfter" not "sudoNotBefore". Add missing word "order" in a sentence describing sudoOrder.	2016-05-31 13:14:30 -06:00
Todd C. Miller	7461dcf9a8	Regen for 1.8.17	2016-05-13 12:02:53 -06:00
Todd C. Miller	79be007bd6	Use https in urls.	2015-11-20 10:36:53 -07:00
Todd C. Miller	824021b51b	Add explicit mention of sudo's netgroup semantics since they differ from most other netgroup consumers.	2015-09-21 16:04:59 -06:00
Todd C. Miller	5b2ea42d47	regen	2015-08-06 13:20:36 -06:00
Todd C. Miller	c525c5ca7a	regen	2015-05-11 16:52:58 -06:00
Todd C. Miller	cd669526e5	Fix "mandoc -Tlint" warnings. Sync AUTHORS section in man pages. Regenerate all man pages.	2015-03-22 13:09:26 -06:00
Todd C. Miller	7ec9cfb493	When querying LDAP netgroups, use the NIS domain if it is sent but also match nisNetgroupTriple entries that have no domain.	2015-01-30 14:45:22 -07:00
Todd C. Miller	4dd2a3c6b8	Add support for querying netgroups directly via LDAP since there is no other way to look up all the netgroups for a user (unlike regular groups). This introduces netgroup_base and netgroup_search_filter options to ldap.conf. Based on a diff from Steven Soulen.	2015-01-29 14:08:30 -07:00
Todd C. Miller	4ae3ab43c0	Sort ldap.conf options.	2015-01-27 09:29:02 -07:00
Todd C. Miller	b1dc5c54d8	Remove the extra /sudo in sudo.ws urls	2014-12-04 17:00:38 -07:00
Todd C. Miller	9d3fe082fc	Reference bugzilla.sudo.ws	2014-11-27 09:51:06 -07:00
Todd C. Miller	552dbe5253	Mention sssd support in the sudoers.ldap manual and cross-reference sssd-sudo(5).	2014-11-17 15:26:12 -07:00
Todd C. Miller	e71c646c9a	regen	2014-11-11 13:56:01 -07:00
Todd C. Miller	c35d7f2b04	Add support for base64 secrets in ldap.conf and ldap.secret. Based on an idea from anthony AT rlost DOT com	2014-07-10 15:31:11 -06:00
Todd C. Miller	a54e52d588	Minor word choice change.	2014-02-07 15:03:00 -07:00
Todd C. Miller	f7a419b5f9	Use a default LDAP search filter of (objectClass=sudoRole). When constructing the netgroup query, add (sudoUser=*) to the query so we don't fall below the 3 character OpenLDAP substring threshold. Otherwise the index for sudoUser will never be used for that query. Pointed out by Michael Stroeder.	2014-02-06 15:50:08 -07:00
Todd C. Miller	11babdaabc	regen	2013-12-28 14:28:52 -07:00
Todd C. Miller	55ea043a9b	Document comment character in ldap.conf Clarify what is and is not supported in TLS_KEYPW Mention that gsk8capicmd can be used to create a stash file	2013-08-30 14:27:26 -06:00
Todd C. Miller	dbdd328f44	Fix typo in tls_key example for Tivoli	2013-08-19 13:19:35 -06:00
Todd C. Miller	f76bd772ed	Bump version.	2013-08-16 09:30:50 -06:00
Todd C. Miller	fa6c857112	Allow ldap_conf and ldap_secret to be specified as plugin arguments in sudo.conf	2013-04-25 14:49:02 -04:00
Todd C. Miller	67dad9a83c	sudoers_debug is now deprecated in favor of the sudo debugging framework.	2013-04-25 10:22:11 -04:00
Todd C. Miller	ed6d6963de	Document digest support.	2013-04-17 15:42:28 -04:00
Todd C. Miller	74881843e1	Mention line continuation	2013-02-07 14:08:54 -05:00
Todd C. Miller	f6e61640d2	Fix some typos.	2013-02-05 16:09:26 -05:00
Todd C. Miller	3c34c0a4b8	Document non-Unix group support in LDAP sudoers.	2012-09-15 14:00:30 -04:00
Todd C. Miller	2d3a0d14d3	Make the capitalization consistent for .Ss and .Sx	2012-08-21 15:11:43 -04:00
Todd C. Miller	90f2cfa589	Build .man.in and .cat files from .mdoc.in files. Add new --with-man and --with-mdoc configure options.	2012-07-19 13:41:14 -04:00
Todd C. Miller	c5b374fac6	More minor costmetic fixes.	2012-07-18 09:16:09 -04:00
Todd C. Miller	2e36b1ef2b	Regen for sudo 1.8.6	2012-06-29 16:11:27 -04:00
Todd C. Miller	b61c0ab473	regen	2012-03-14 14:20:16 -04:00
Todd C. Miller	74c4252c1b	1.8.0rc1	2011-02-21 13:36:24 -05:00
Todd C. Miller	6983d782c1	regen	2011-02-16 12:22:38 -05:00
Todd C. Miller	7f277d1558	Bump version to 1.8.0b4	2011-02-03 14:26:58 -05:00
Todd C. Miller	6fd9d853a8	Be clear about what versions of sudo support new LDAP attributes. Fix up some formatting of attribute names. Minor other tweaks.	2011-02-01 14:31:04 -05:00
Todd C. Miller	49409b7c5d	Add support for TIMEOUT in ldap.conf, mapping to the OpenLDAP LDAP_OPT_TIMEOUT. There is no corresponding option for mozilla-derived LDAP SDKs but we can pass the timeout parameter to ldap_search_ext_s() or ldap_search_st() when possible.	2011-01-10 10:33:22 -05:00
Todd C. Miller	a628fee981	regen	2011-01-10 09:28:53 -05:00
Todd C. Miller	e3cd512bfa	regen	2010-12-27 14:45:13 -05:00
Todd C. Miller	901ca2a12c	regen	2010-11-19 16:57:21 -05:00
Todd C. Miller	8528827500	Bump version to 1.8.0b2	2010-11-08 11:27:20 -05:00
Todd C. Miller	432d27573d	TLS_CACERT is now an alias for TLS_CACERTFILE. OpenLDAP uses TLS_CACERT, not TLS_CACERTFILE in its ldap.conf. Other LDAP client code, such as nss_ldap, uses TLS_CACERTFILE. Also document why you should avoid disabling TLS_CHECKPEER is possible.	2010-07-08 09:02:03 -04:00
Todd C. Miller	d92c82ea3f	Add support for multiple sudoers_base entries in ldap.conf. From Joachim Henke	2010-06-15 10:33:30 -04:00
Todd C. Miller	ec77318e32	Leave rules to build .man.in and .cat files uncommented but only make them part of the "all" rule in devel mode. Generate .cat files directly from .man.in instead of .man using default values in configure.in	2010-06-11 18:34:24 -04:00
Todd C. Miller	807d1313a5	Use numeric registers to handle conditionals instead of trying to do it all with text processing.	2010-05-25 16:13:04 -04:00
Todd C. Miller	e90fa482f9	Rework source layout in preparation for modular sudo.	2010-02-20 09:14:01 -05:00

49 Commits