Commit Graph

331 Commits

Author SHA1 Message Date
Todd C. Miller
e53e80187d Sync with translationproject.org 2013-07-16 07:32:57 -06:00
Todd C. Miller
adce34358c Remove old bits about sudo setuid problems that should have been
cleaned up in changeset 7917:fa4894896d8a.  Also update the mode
of sudo to 04755 to match current packaging.
2013-07-11 17:57:40 -04:00
Todd C. Miller
bf9d823c27 Fix formatting typo; from Eric S. Raymond 2013-06-18 06:39:02 -04:00
Todd C. Miller
e8046e4be8 Fix typo; bug 605 2013-06-12 09:15:11 -04:00
Todd C. Miller
67d8af4be5 Restrict default creation of PIE binaries (-fPIE and -pie) to Linux.
OpenBSD also supports PIE but enables it by default so we don't
need to do anything.  This fixes problems on systems with a version
of GNU ld that accepts -pie but where the run-time linker doesn't
actually support PIE.  Also verify that a trivial PIE binary works
unless PIE is explicitly enabled.
2013-05-28 14:40:45 -04:00
Todd C. Miller
2dd71e838a Add message about disabling PIE if sudo gets SIGSEGV. 2013-05-03 16:24:22 -04:00
Todd C. Miller
874d84f263 Mention what SHA-2 formats are supported. 2013-04-30 11:44:01 -04:00
Todd C. Miller
61c0a24c85 List code and translations separately. 2013-04-30 11:07:06 -04:00
Todd C. Miller
7c9aaa2f2f Document that sudoers will re-use existing I/O log paths unless
they are mktemp-style with trailing X's.
2013-04-25 15:11:06 -04:00
Todd C. Miller
fa6c857112 Allow ldap_conf and ldap_secret to be specified as plugin arguments
in sudo.conf
2013-04-25 14:49:02 -04:00
Todd C. Miller
67dad9a83c sudoers_debug is now deprecated in favor of the sudo debugging
framework.
2013-04-25 10:22:11 -04:00
Todd C. Miller
e05d2732aa Add copyright notice to scripts 2013-04-24 15:47:39 -04:00
Todd C. Miller
7ab68a35d8 Correct last change date 2013-04-24 11:14:06 -04:00
Todd C. Miller
ad019da9ef Mention .sl vs. .so extension handling on HP-UX
Mention group membership changes
Fix typos
2013-04-24 11:08:38 -04:00
Todd C. Miller
d6282d154a Update copyright years. 2013-04-24 09:35:02 -04:00
Todd C. Miller
ed6d6963de Document digest support. 2013-04-17 15:42:28 -04:00
Todd C. Miller
1aa4903520 SHA-224, SHA-256, SHA-384 and SHA-512. Derived from the public
domain SHA-1 and SHA-2 implementations by Steve Reid and Wei Dai
respectively.
2013-04-13 07:05:06 -04:00
Todd C. Miller
1614c3cad1 Document sesh Path setting. 2013-03-14 20:13:54 -04:00
Todd C. Miller
2e84f169cc Document direct execution of the command if the policy plugin has
no close function.
2013-03-13 11:32:31 -04:00
Todd C. Miller
7d3ce01a05 Document group_file and system_group plugins. 2013-03-05 16:38:35 -05:00
Todd C. Miller
8397297de5 Try to clarify that sudoedit in sudoers should not include a
leading pathname.
2013-03-05 15:06:00 -05:00
Todd C. Miller
3e68433839 Clean up generated test files and other minor housekeeping. 2013-02-28 09:49:09 -05:00
Todd C. Miller
af2d4dbfb2 Don't remove the -S option description when trimming out selinux.
Bug #592
2013-02-28 06:03:36 -05:00
Todd C. Miller
30f63386d8 Document when sudo may exec the command directly instead of forking. 2013-02-24 13:25:44 -05:00
Todd C. Miller
d946fdaa7a Document that close and version be NULL for plugin API >= 1.3 and
that sudo may execute the command directly if there is no close,
or pty or timeout needed.
2013-02-24 13:20:56 -05:00
Todd C. Miller
59692ad282 Add pam_session sudoers option. 2013-02-24 06:15:37 -05:00
Todd C. Miller
af4d3489f9 Pass the default plugin directory to the plugin via the settings list.
Could be used by a stacking plugin.
2013-02-21 15:05:51 -05:00
Todd C. Miller
f336580bb1 Add Nikolai Kondrashov 2013-02-21 07:04:34 -05:00
Todd C. Miller
05e53aea0f Use the correct the sudoers policy symbol names and undo an editor
goof committed when adding max_groups to sudo.conf.
2013-02-20 13:54:31 -05:00
Todd C. Miller
e07280eeeb Rename sample_group plugin to group_file.
Install group_file and system_group plugins by default.
2013-02-18 15:32:36 -05:00
Todd C. Miller
b9159ecb26 Add maxseq sudoers option to limit the max number of I/O log files. 2013-02-18 15:06:23 -05:00
Todd C. Miller
35548ae4e3 Pass max_groups to plugin in settings list. 2013-02-14 15:18:10 -05:00
Todd C. Miller
67fed118b6 Add max_groups setting to sudo.conf (currently unused) and remove
unused return value from setters.
2013-02-14 13:34:33 -05:00
Todd C. Miller
987d62ec55 Sort elements of the settings, user_info and command_info lists. 2013-02-08 14:44:22 -05:00
Todd C. Miller
6ba6a454e2 Remove trailing white space 2013-02-08 14:40:43 -05:00
Todd C. Miller
74881843e1 Mention line continuation 2013-02-07 14:08:54 -05:00
Todd C. Miller
6b09c76a20 Sudo now stores its libexec files in a "sudo" subdirectory instead
of in libexec itself.  For backwards compatibility, if the plugin
is not found in the default plugin directory, sudo will check the
parent directory default directory ends in "/sudo".
2013-02-06 14:06:51 -05:00
Todd C. Miller
fbb8ea5042 Mention that sudoers has its own plugins too. 2013-02-06 09:30:49 -05:00
Todd C. Miller
b51d1a9f67 Correct last change date. 2013-02-05 16:14:05 -05:00
Todd C. Miller
14bf23c4a2 Remove duplicated sudo.conf info in the sudo, sudoers and sudo_plugin
manuals and cross-reference the new sudo.conf manual.
2013-02-05 16:12:39 -05:00
Todd C. Miller
5debfeeaf7 Fix typos 2013-02-05 16:10:16 -05:00
Todd C. Miller
f6e61640d2 Fix some typos. 2013-02-05 16:09:26 -05:00
Todd C. Miller
c5816ca6ae Add standalone sudo.conf manual page. 2013-02-05 11:43:02 -05:00
Todd C. Miller
f0fdf41d2a add group_source example 2013-02-05 11:42:46 -05:00
Todd C. Miller
0bd79612b1 Use PLUGINDIR in the manuals and fix a typo in the sample sudo.conf. 2013-02-05 10:56:58 -05:00
Todd C. Miller
9ed1f0287e Mention that exec_background is for 1.8.7 and higher only. 2013-01-27 13:43:02 -05:00
Todd C. Miller
872e168836 Document signal handler behavior in plugin API 1.3 2013-01-17 15:13:32 -05:00
Todd C. Miller
9479bb623b Add exec_background option in plugin command info and a sudoers
option to match.  When set, commands are started in the background
and automatically foregrounded as needed.  There are issues with
some ill-mannered programs (like Linux su) so this is not the
default.
2013-01-11 14:34:09 -05:00
Todd C. Miller
4bc616b677 Update copyright year. 2013-01-11 14:14:10 -05:00
Todd C. Miller
90d58685ff In rbrepair(), make sure we never try to change the color of the
sentinel node, which is the first entry, not the root.
From Michael King
2013-01-01 13:31:40 -05:00