isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
10,501 Commits 1 Branch 0 Tags
b3173fdedc605837113b9689c42d075398dd05c0
Commit Graph

74 Commits

Author SHA1 Message Date
Todd C. Miller
e0c2635fb3 Apply Google inclusive language guidelines. 
Also replace backwards with backward.
 2020-10-30 10:15:30 -06:00
Todd C. Miller
973da9a591 Refernce IBM LDAP libs, not Tivoli since that is how it is packaged. 
We still use Tivoli when talking about the server itself but refer
to it as the "IBM Tivoli Directory Server".
 2020-10-29 09:16:06 -06:00
Todd C. Miller
f4c5f34ab7 Add a newline before "This option is ..." 2020-10-29 06:32:03 -06:00
Todd C. Miller
c3ce3a84fb Refer to user-ID and group-ID instead of "user ID" and "group ID" 2019-10-19 14:26:41 -06:00
Todd C. Miller
1e1ef61902 Add SPDX-License-Identifier to files. 2019-04-29 07:21:51 -06:00
Todd C. Miller
f4853cb754 For sssd, the nsswitch.conf setting should be "sss" not "sssd". 
From Johnathan Smith.
 2019-02-26 13:15:40 -07:00
Todd C. Miller
b8ba372227 Fix section in the .TH line of *.man.in file. 
The substitution for @mansectsu@ and @mansectform@ was broken.
No longer need to strip out OpenBSD from the header line.
 2018-11-27 13:15:08 -07:00
Todd C. Miller
5f5d4a285c Mention schema.olcSudo here too. 2018-11-09 11:02:34 -07:00
Todd C. Miller
1fe582a0e3 Add support for negated sudoRunAsUser and sudoRunAsGroup entries. 2018-10-28 15:46:27 -06:00
Todd C. Miller
019279a4b8 Fix some mangled text in the license block. 2018-10-26 08:19:41 -06:00
Todd C. Miller
7b395aad89 regen 2018-10-09 14:13:28 -06:00
Todd C. Miller
675802b71c Use mdoc macros for BSD systems. 
All manuals now pass "make lint"
 2018-10-07 07:34:22 -06:00
Todd C. Miller
c0e8bde104 Add support for OpenLDAP's TLS_REQCERT setting in ldap.conf. 2018-09-27 09:58:10 -06:00
Todd C. Miller
4859b78797 sync with schema.OpenLDAP 2018-06-25 13:20:34 -06:00
Todd C. Miller
b67915c6e4 Fix some issues pointed out by mandoc -Tlint 2018-06-13 11:19:35 -06:00
Todd C. Miller
3dd7d96933 Fix some more typos. 2018-04-18 14:25:11 -06:00
Todd C. Miller
43ea752ded Update copyright year and regen man pages. 2018-04-15 16:43:06 -06:00
Todd C. Miller
e7ba359abf Add a section on convertion from file-based sudoers. 2018-03-29 07:13:31 -06:00
Todd C. Miller
b6c53ac846 Decrease bullet width to 1n. 2018-03-21 06:52:50 -06:00
Todd C. Miller
6ca8447e00 An empty RunAsUser means run as the invoking user, similar to how 
the sudoers files works.
 2017-12-12 14:20:56 -07:00
Todd C. Miller
48fba3c2cc update my email to Todd.Miller@sudo.ws 2017-12-03 17:53:40 -07:00
Todd C. Miller
df03020c4c Add support for SASL_MECH in ldap.conf; Bug #764 2017-01-17 11:09:23 -07:00
Todd C. Miller
db7ce3c219 Document that negated sudoHosts are only supported by 1.8.18 and higher. 2016-09-15 08:36:08 -06:00
Todd C. Miller
7fd6edb6df Document negated sudoHost entries. 2016-09-14 10:29:18 -06:00
Todd C. Miller
c0db5c1234 No line continuation support in ldap.conf. 2016-09-01 12:45:42 -06:00
Todd C. Miller
852fe25bc1 A comment character ('#') is only special at the beginning of the 
line.
 2016-09-01 09:28:40 -06:00
Todd C. Miller
3a85a8892f forgot to update date in last commit 2016-06-15 10:08:06 -06:00
Todd C. Miller
6c7eb07e0e Fix typo; cn=default should be cn=defaults 2016-06-15 05:14:33 -06:00
Todd C. Miller
638acc28cf The sudoers.ldap manual is installed in section 4 or 5, not 1m or 8. 
Also fix the section for ldap.conf cross-references.
 2016-05-31 13:17:38 -06:00
Todd C. Miller
77331392e0 Fix copy pasta, "sudoNotAfter" not "sudoNotBefore". 
Add missing word "order" in a sentence describing sudoOrder.
 2016-05-31 13:14:30 -06:00
Todd C. Miller
79be007bd6 Use https in urls. 2015-11-20 10:36:53 -07:00
Todd C. Miller
824021b51b Add explicit mention of sudo's netgroup semantics since they differ 
from most other netgroup consumers.
 2015-09-21 16:04:59 -06:00
Todd C. Miller
cd669526e5 Fix "mandoc -Tlint" warnings. 
Sync AUTHORS section in man pages.
Regenerate all man pages.
 2015-03-22 13:09:26 -06:00
Todd C. Miller
7ec9cfb493 When querying LDAP netgroups, use the NIS domain if it is sent but 
also match nisNetgroupTriple entries that have no domain.
 2015-01-30 14:45:22 -07:00
Todd C. Miller
4dd2a3c6b8 Add support for querying netgroups directly via LDAP since there 
is no other way to look up all the netgroups for a user (unlike
regular groups).  This introduces netgroup_base and netgroup_search_filter
options to ldap.conf.  Based on a diff from Steven Soulen.
 2015-01-29 14:08:30 -07:00
Todd C. Miller
4ae3ab43c0 Sort ldap.conf options. 2015-01-27 09:29:02 -07:00
Todd C. Miller
b1dc5c54d8 Remove the extra /sudo in sudo.ws urls 2014-12-04 17:00:38 -07:00
Todd C. Miller
9d3fe082fc Reference bugzilla.sudo.ws 2014-11-27 09:51:06 -07:00
Todd C. Miller
552dbe5253 Mention sssd support in the sudoers.ldap manual and cross-reference 
sssd-sudo(5).
 2014-11-17 15:26:12 -07:00
Todd C. Miller
c35d7f2b04 Add support for base64 secrets in ldap.conf and ldap.secret. 
Based on an idea from anthony AT rlost DOT com
 2014-07-10 15:31:11 -06:00
Todd C. Miller
0ec92dae81 regen 2014-02-15 15:18:34 -07:00
Todd C. Miller
a54e52d588 Minor word choice change. 2014-02-07 15:03:00 -07:00
Todd C. Miller
f7a419b5f9 Use a default LDAP search filter of (objectClass=sudoRole). When 
constructing the netgroup query, add (sudoUser=*) to the query so
we don't fall below the 3 character OpenLDAP substring threshold.
Otherwise the index for sudoUser will never be used for that query.
Pointed out by Michael Stroeder.
 2014-02-06 15:50:08 -07:00
Todd C. Miller
55ea043a9b Document comment character in ldap.conf 
Clarify what is and is not supported in TLS_KEYPW
Mention that gsk8capicmd can be used to create a stash file
 2013-08-30 14:27:26 -06:00
Todd C. Miller
dbdd328f44 Fix typo in tls_key example for Tivoli 2013-08-19 13:19:35 -06:00
Todd C. Miller
fa6c857112 Allow ldap_conf and ldap_secret to be specified as plugin arguments 
in sudo.conf
 2013-04-25 14:49:02 -04:00
Todd C. Miller
67dad9a83c sudoers_debug is now deprecated in favor of the sudo debugging 
framework.
 2013-04-25 10:22:11 -04:00
Todd C. Miller
ed6d6963de Document digest support. 2013-04-17 15:42:28 -04:00
Todd C. Miller
74881843e1 Mention line continuation 2013-02-07 14:08:54 -05:00
Todd C. Miller
f6e61640d2 Fix some typos. 2013-02-05 16:09:26 -05:00