webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-09 18:45:54 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
e367031b383dc4d737403386f55585af4333bfa4
bpfire/lfs/sudo
Adolf Belka e367031b38 sudo: Update to version 1.9.10 
- Update from 1.9.9 to 1.9.10
- Update of rootfile not required
- Changelog
    What's new in Sudo 1.9.10
	 * Added new "log_passwords" and "passprompt_regex" sudoers options.
	   If "log_passwords" is disabled, sudo will attempt to prevent passwords
	   from being logged.  If sudo detects any of the regular expressions in
	   the "passprompt_regex" list in the terminal output, sudo will log '*'
	   characters instead of the terminal input until a newline or carriage
	   return is found in the input or an output character is received.
	 * Added new "log_passwords" and "passprompt_regex" settings to
	   sudo_logsrvd that operate like the sudoers options when logging
	   terminal input.
	 * Fixed several few bugs in the cvtsudoers utility when merging
	   multiple sudoers sources.
	 * Fixed a bug in sudo_logsrvd when parsing the sudo_logsrvd.conf
	   file, where the "retry_interval" in the [relay] section was not
	   being recognized.
	 * Restored the pre-1.9.9 behavior of not performing authentication
	   when sudo's -n option is specified.  A new "noninteractive_auth"
	   sudoers option has been added to enable PAM authentication in
	   non-interactive mode.  GitHub issue #131.
	 * On systems with /proc, if the /proc/self/stat (Linux) or
	   /proc/pid/psinfo (other systems) file is missing or invalid,
	   sudo will now check file descriptors 0-2 to determine the user's
	   terminal.  Bug #1020.
	 * Fixed a compilation problem on Debian kFreeBSD.  Bug #1021.
	 * Fixed a crash in sudo_logsrvd when running in relay mode if
	   an alert message is received.
	 * Fixed an issue that resulting in "problem with defaults entries"
	   email to be sent if a user ran sudo when the sudoers entry in
	   the nsswitch.conf file includes "sss" but no sudo provider is
	   configured in /etc/sssd/sssd.conf.  Bug #1022.
	 * Updated the warning displayed when the invoking user is not
	   allowed to run sudo.  If sudo has been configured to send mail
	   on failed attempts (see the mail_* flags in sudoers), it will
	   now print "This incident has been reported to the administrator."
	   If the "mailto" or "mailerpath" sudoers settings are disabled,
	   the message will not be printed and no mail will be sent.
	   GitHub issue #48.
	 * Fixed a bug where the user-specified command timeout was not
	   being honored if the sudoers rule did not also specify a timeout.
	 * Added support for using POSIX extended regular expressions in
	   sudoers rules.  A command and/or arguments in sudoers are treated
	   as a regular expression if they start with a '^' character and
	   end with a '$'.  The command and arguments are matched separately,
	   either one (or both) may be a regular expression.
	   Bug #578, GitHub issue #15.
	 * A user may now only run "sudo -U otheruser -l" if they have a
	   "sudo ALL" privilege where the RunAs user contains either "root"
	   or "otheruser".  Previously, having "sudo ALL" was sufficient,
	   regardless of the RunAs user.  GitHub issue #134.
	 * The sudo lecture is now displayed immediately before the password
	   prompt.  As a result, sudo will no longer display the lecture
	   unless the user needs to enter a password.  Authentication methods
	   that don't interact with the user via a terminal do not trigger
	   the lecture.
	 * Sudo now uses its own closefrom() emulation on Linux systems.
	   The glibc version may not work in a chroot jail where /proc is
	   not available.  If close_range(2) is present, it will be used
	   in preference to /proc/self/fd.

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
2022-04-06 17:14:55 +00:00

88 lines
3.4 KiB
Plaintext
Raw Blame History

###############################################################################
# #
# IPFire.org - A linux based firewall #
# Copyright (C) 2007-2018 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
# the Free Software Foundation, either version 3 of the License, or #
# (at your option) any later version. #
# #
# This program is distributed in the hope that it will be useful, #
# but WITHOUT ANY WARRANTY; without even the implied warranty of #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
# GNU General Public License for more details. #
# #
# You should have received a copy of the GNU General Public License #
# along with this program. If not, see <http://www.gnu.org/licenses/>. #
# #
###############################################################################
###############################################################################
# Definitions
###############################################################################
include Config
VER = 1.9.10
THISAPP = sudo-$(VER)
DL_FILE = $(THISAPP).tar.gz
DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
###############################################################################
# Top-level Rules
###############################################################################
objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
$(DL_FILE)_BLAKE2 = 94d97379e31b41917616a829cbece3d3fce7dd6ab9d04791b928981c14249c306508298655c19dc59a054ccf7deed4e69e65367cbfe9f6d8b5aba8895cfa6064
install : $(TARGET)
check : $(patsubst %,$(DIR_CHK)/%,$(objects))
download :$(patsubst %,$(DIR_DL)/%,$(objects))
b2 : $(subst %,%_BLAKE2,$(objects))
###############################################################################
# Downloading, checking, b2sum
###############################################################################
$(patsubst %,$(DIR_CHK)/%,$(objects)) :
@$(CHECK)
$(patsubst %,$(DIR_DL)/%,$(objects)) :
@$(LOAD)
$(subst %,%_BLAKE2,$(objects)) :
@$(B2SUM)
###############################################################################
# Installation Details
###############################################################################
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && \
./configure \
--prefix=/usr \
--libexecdir=/usr/lib \
--with-logging=syslog \
--with-logfac=authpriv \
--with-env-editor \
--with-ignore-dot \
--with-tty-tickets \
--with-passprompt="[sudo] password for %p: " \
--without-pam
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
@rm -rf $(DIR_APP)
@$(POSTBUILD)
Reference in New Issue View Git Blame Copy Permalink