Version: 1.9.10, Package name: sudo-1.9.10 |
Maintained by: Todd C. Miller |
Master sites: |
Flavors (export FLAVOR=xyz, setenv FLAVOR xyz):
|
Description-main Sudo (su "do") allows a system administrator to delegate authority to give certain users (or groups of users) the ability to run some (or all) commands as root or another user while providing an audit trail of the commands and their arguments. Description-python The sudo Python plugin can be used to write sudo 1.9 plugins in Python instead of C. The API closely follows the C sudo plugin API described by sudo_plugin(5). |
Filesize: 4410.711 KB |
Version History (View Complete History) |
|
2021-11-01 18:02:24 by Stuart Henderson | Files touched by this commit (121) |
Log message: bump REVISION for switch from Python 3.8 -> 3.9 |
2021-07-28 12:46:51 by Todd C. Miller | Files touched by this commit (2) |
Log message: Update to sudo 1.9.7p2 |
2021-06-11 15:49:41 by Todd C. Miller | Files touched by this commit (2) |
Log message: Update to sudo 1.9.7p1 |
2021-05-12 07:02:09 by Todd C. Miller | Files touched by this commit (2) |
Log message: Update to sudo 1.9.7 |
2021-03-15 12:49:47 by Todd C. Miller | Files touched by this commit (2) |
Log message: Update to sudo 1.9.6p1 |
2021-02-23 15:04:35 by Stuart Henderson | Files touched by this commit (13) |
Log message: automatically handle ports which use the python module and have flavours other than the usual "python3/<blank>" python version selection and remove setting MODPY_VERSION=${MODPY_DEFAULT_VERSION_3} again from the affected ports. |
2021-02-23 14:45:50 by Stuart Henderson | Files touched by this commit (12) |
Log message: ports which use the python module and have flavours other than the usual "python3/<blank>" python version selection still require setting MODPY_VERSION for now. |
2021-02-23 12:39:53 by Stuart Henderson | Files touched by this commit (743) |
Log message: Reverse the polarity of MODPY_VERSION; default is now 3.x, if a port needs 2.x then set MODPY_VERSION=${MODPY_DEFAULT_VERSION_2}. This commit doesn't change any versions currently used; it may be that some ports have MODPY_DEFAULT_VERSION_2 but don't require it, those should be cleaned up in the course of updating ports where possible. Python module ports providing py3-* packages should still use FLAVOR=python3 so that we don't have a mixture of dependencies some using ${MODPY_FLAVOR} and others not. |
2021-01-26 14:18:49 by Stuart Henderson | Files touched by this commit (1) |
Log message: add FLAVOR_STRING to SUBST_VARS, fixing an issue with updates from pre- multipackage versions reported by danj@ and reproduced by tb@ |
2021-01-26 14:18:35 by Stuart Henderson | Files touched by this commit (1) |
Log message: add FLAVOR_STRING to SUBST_VARS, fixing an issue with updates from pre- multipackage versions reported by danj@ and reproduced by tb@ |
2021-01-26 12:11:31 by Stuart Henderson | Files touched by this commit (1) |
Log message: Update to sudo 1.9.5p2; fixes CVE-2021-3156 |
2021-01-26 11:19:19 by Todd C. Miller | Files touched by this commit (2) |
Log message: Update to sudo 1.9.5p2; fixes CVE-2021-3156 |
2021-01-11 19:19:47 by Todd C. Miller | Files touched by this commit (2) |
Log message: Update to sudo 1.9.5p1 |
2021-01-11 07:55:29 by Todd C. Miller | Files touched by this commit (2) |
Log message: Update to sudo 1.9.5 |
2020-12-20 10:37:48 by Todd C. Miller | Files touched by this commit (2) |
Log message: Update to sudo 1.9.4p2 |
2020-12-18 10:31:32 by Todd C. Miller | Files touched by this commit (2) |
Log message: Update to sudo 1.9.4p1 |
2020-11-30 10:04:34 by Todd C. Miller | Files touched by this commit (2) |
Log message: Update to sudo 1.9.4 |
2020-09-23 20:44:14 by Daniel Jakots | Files touched by this commit (1) |
Log message: Improve PKGNAME handling ok millert@ (maintainer) |
2020-09-23 20:16:12 by Todd C. Miller | Files touched by this commit (1) |
Log message: Update to sudo 1.9.3p1. |
2020-09-23 19:38:42 by Todd C. Miller | Files touched by this commit (1) |
Log message: Update to sudo 1.9.3p1. |
2020-07-03 15:13:23 by Stuart Henderson | Files touched by this commit (1032) |
Log message: bump REVISION; python 3 default changed to 3.8 |
2020-06-26 14:23:54 by Stuart Henderson | Files touched by this commit (2) |
Log message: append the flavour to the @pkgpath marker, otherwise all flavoured packages have @pkgpath security/sudo and act as candidates for each other, i.e. to stop all pkg_add -u runs from asking which flavour to use. ok millert@ |
2020-06-24 09:58:21 by Todd C. Miller | Files touched by this commit (2) |
Log message: @sample lines need to come immediately after the file they are sampling. From deserter666 AT danwin1210 |
2020-06-21 06:38:52 by Stuart Henderson | Files touched by this commit (2) |
Log message: sudo needs @pkgpath so that updates work (package path for the main package changed security/sudo -> security/sudo,-main so without this it's not considered a valid update candidate) |
2020-06-21 06:03:34 by Todd C. Miller | Files touched by this commit (12) |
Log message: Update to sudo 1.9.1. This adds a new sub-package for the optional Python plugin support, which can be disabled via the no_python pseudo-flavor. Thanks to sthen@ and ajacoutot@ for their help. |
2020-01-30 16:03:27 by Stuart Henderson | Files touched by this commit (1) |
Log message: Update to sudo-1.8.31 in -stable, ok millert Changes include: * Fixed CVE-2019-18634, a buffer overflow when the "pwfeedback" sudoers option is enabled on systems with uni-directional pipes. * The "sudoedit_checkdir" option now treats a user-owned directory as writable, even if it does not have the write bit set at the time of check. Symbolic links will no longer be followed by sudoedit in any user-owned directory. Bug #912 |
2020-01-30 11:47:11 by Todd C. Miller | Files touched by this commit (2) |
Log message: Update sudo to 1.8.31: * Fixed CVE-2019-18634, a buffer overflow when the "pwfeedback" sudoers option is enabled on systems with uni-directional pipes. * The "sudoedit_checkdir" option now treats a user-owned directory as writable, even if it does not have the write bit set at the time of check. Symbolic links will no longer be followed by sudoedit in any user-owned directory. Bug #912 * Fixed sudoedit on macOS 10.15 and above where the root file system is mounted read-only. Bug #913. * Fixed a crash introduced in sudo 1.8.30 when suspending sudo at the password prompt. Bug #914. * Fixed compilation on systems where the mmap MAP_ANON flag is not available. Bug #915. |
2019-12-31 14:54:25 by Todd C. Miller | Files touched by this commit (3) |
Log message: Update sudo to 1.8.30: * Fixed a warning on macOS introduced in sudo 1.8.29 when sudo attempts to set the open file limit to unlimited. Bug #904. * Sudo now closes file descriptors before changing uids. This prevents a non-root process from interfering with sudo's ability to close file descriptors on systems that support the prlimit(2) system call. * Sudo now treats an attempt to run "sudo sudoedit" as simply "sudoedit". If the sudoers file contains a fully-qualified path to sudoedit, sudo will now treat it simply as "sudoedit" (with no path). Visudo will will now treat a fully-qualified path to sudoedit as an error. Bug #871. * Fixed a bug introduced in sudo 1.8.28 where sudo would warn about a missing /etc/environment file on AIX and Linux when PAM is not enabled. Bug #907 * Fixed a bug on Linux introduced in sudo 1.8.29 that prevented the askpass program from running due to an unlimited stack size resource limit. Bug #908. * If a group provider plugin has optional arguments, the argument list passed to the plugin is now NULL terminated as per the documentation. * The user's time stamp file is now only updated if both authentication and approval phases succeed. This is consistent with the behavior of sudo prior to version 1.8.23. Bug #910 * The new allow_unknown_runas_id sudoers setting can be used to enable or disable the use of unknown user or group IDs. Previously, sudo would always allow unknown user or group IDs if the sudoers entry permitted it, including via the "ALL" alias. As of sudo 1.8.30, the admin must explicitly enable support for unknown IDs. * The new runas_check_shell sudoers setting can be used to require that the runas user have a shell listed in the /etc/shells file. On many systems, users such as "bin", do not have a valid shell and this flag can be used to prevent commands from being run as those users. * Fixed a problem restoring the SELinux tty context during reboot if mctransd is killed before sudo finishes. GitHub Issue #17. * Fixed an intermittent warning on NetBSD when sudo restores the initial stack size limit. |
2019-10-28 09:02:49 by Todd C. Miller | Files touched by this commit (2) |
Log message: Update sudo to 1.8.29: * The cvtsudoers command will now reject non-LDIF input when converting from LDIF format to sudoers or JSON formats. * The new log_allowed and log_denied sudoers settings make it possible to disable logging and auditing of allowed and/or denied commands. * The umask is now handled differently on systems with PAM or login.conf. If the umask is explicitly set in sudoers, that value is used regardless of what PAM or login.conf may specify. However, if the umask is not explicitly set in sudoers, PAM or login.conf may now override the default sudoers umask. Bug #900. * For "make install", the sudoers file is no longer checked for syntax errors when DESTDIR is set. The default sudoers file includes the contents of /etc/sudoers.d which may not be readable as non-root. Bug #902. * Sudo now sets most resource limits to their maximum value to avoid problems caused by insufficient resources, such as an inability to allocate memory or open files and pipes. * Fixed a regression introduced in sudo 1.8.28 where sudo would refuse to run if the parent process was not associated with a session. This was due to sudo passing a session ID of -1 to the plugin. |
2019-10-22 03:36:21 by Stuart Henderson | Files touched by this commit (1) |
Log message: bump REVISION for -current sudo to take it to the same version as 6.6-stable |
2019-10-22 03:35:53 by Stuart Henderson | Files touched by this commit (1) |
Log message: bump REVISION for 6.6-stable sudo to take it above the package version used for 6.5-stable; necessary because gettext dependencies changed between 6.5 and 6.6 |
2019-10-21 05:21:18 by Stuart Henderson | Files touched by this commit (1) |
Log message: MFC sudo-1.8.28p1 to 6.6-stable 1.8.28 fixes CVE-2019-14287: https://www.sudo.ws/alerts/minus_1_uid.html 1.8.28p1 fixes a minor regression introduced in 1.8.28. |
2019-10-16 09:53:04 by Stuart Henderson | Files touched by this commit (1) |
Log message: MFC sudo-1.8.28p1 to 6.5-stable, ok millert 1.8.28 fixes CVE-2019-14287: https://www.sudo.ws/alerts/minus_1_uid.html 1.8.28p1 fixes a minor regression introduced in 1.8.28. |
2019-10-16 09:09:25 by Todd C. Miller | Files touched by this commit (2) |
Log message: Sudo 1.8.28p1 fixes a minor regression introduced in 1.8.28. |
2019-10-14 09:17:27 by Todd C. Miller | Files touched by this commit (2) |
Log message: Update sudo to 1.8.28, fixes CVE-2019-14287 See https://www.sudo.ws/alerts/minus_1_uid.html for details |
2019-07-12 14:50:18 by Stuart Henderson | Files touched by this commit (845) |
Log message: replace simple PERMIT_PACKAGE_CDROM=Yes with PERMIT_PACKAGE=Yes |
2019-06-25 14:25:24 by Stuart Henderson | Files touched by this commit (77) |
Log message: bump REVISION in a bunch of ports known or likely to use struct kinfo_proc, there may be some missing as my unpacked ports source is a little out of date but this should catch the main things people might run into the struct was reordered a second time in sysctl.h r1.192 to improve compatibility but amd64 snapshot packages made it out before that happened so the bumps are still needed |
2019-05-20 16:15:31 by Christian Weisgerber | Files touched by this commit (488) |
Log message: Update gettext to 0.20.1. Follow the upstream recommendations for packagers and switch to multi-packages: devel/gettext -> devel/gettext,-runtime devel/gettext-tools -> devel/gettext,-tools (new) devel/gettext,-textstyle |
2019-01-12 19:58:15 by Todd C. Miller | Files touched by this commit (2) |
Log message: Update to sudo 1.8.27 |
2018-11-16 06:19:23 by Todd C. Miller | Files touched by this commit (3) |
Log message: Update to sudo 1.8.26 The PLIST file was missing cvtsudoers(1) which was added in 1.8.23 |
2018-09-03 21:01:00 by Todd C. Miller | Files touched by this commit (2) |
Log message: Update to sudo 1.8.25 |
2018-08-18 15:40:09 by Todd C. Miller | Files touched by this commit (2) |
Log message: Update to sudo 1.8.24 |
2018-05-26 03:54:51 by Marc Espie | Files touched by this commit (1) |
Log message: use PREFIX, TRUEPREFIX is the same |
2018-04-30 14:55:38 by Todd C. Miller | Files touched by this commit (2) |
Log message: Update to sudo 1.8.23 |
2018-01-16 06:24:06 by Todd C. Miller | Files touched by this commit (3) |
Log message: Update to sudo 1.8.22 |
2017-09-07 06:03:07 by Todd C. Miller | Files touched by this commit (2) |
Log message: Update to sudo 1.8.21p2 |
2017-09-01 15:36:55 by Todd C. Miller | Files touched by this commit (2) |
Log message: Update to sudo 1.8.21p1 |
2017-08-24 05:48:41 by Todd C. Miller | Files touched by this commit (2) |
Log message: Update to sudo 1.8.21 |
2017-05-31 14:33:44 by Todd C. Miller | Files touched by this commit (2) |
Log message: update to sudo 1.8.20p2; no real change on OpenBSD |
2017-05-30 13:55:15 by Todd C. Miller | Files touched by this commit (2) |
Log message: update to sudo 1.8.20p1 |
2017-05-10 10:07:54 by Todd C. Miller | Files touched by this commit (2) |
Log message: update to sudo 1.8.20 |
2017-01-14 09:39:24 by Todd C. Miller | Files touched by this commit (2) |
Log message: update to sudo 1.8.19p2 |
2016-12-20 10:35:18 by Todd C. Miller | Files touched by this commit (2) |
Log message: Update to sudo 1.8.19p1 |
2016-12-20 06:21:59 by Todd C. Miller | Files touched by this commit (2) |
Log message: Update to sudo 1.8.19 |
2016-10-26 15:23:10 by Todd C. Miller | Files touched by this commit (2) |
Log message: Update to sudo 1.8.18p1 |
2016-09-21 06:31:34 by Todd C. Miller | Files touched by this commit (2) |
Log message: Update to sudo 1.8.18 |
2016-06-22 14:40:13 by Todd C. Miller | Files touched by this commit (2) |
Log message: Update to sudo 1.8.17p1 |
2016-06-20 10:34:26 by Todd C. Miller | Files touched by this commit (2) |
Log message: Update to sudo 1.8.17 |
2016-03-18 10:06:48 by Christian Weisgerber | Files touched by this commit (3) |
Log message: garbage-collect PFRAG.shared; ok millert@ |
2016-03-17 16:53:06 by Todd C. Miller | Files touched by this commit (2) |
Log message: Update to sudo 1.8.16 |
2016-03-11 13:28:34 by Christian Weisgerber | Files touched by this commit (247) |
Log message: garbage collect CONFIGURE_SHARED |
2015-11-03 18:52:24 by Todd C. Miller | Files touched by this commit (2) |
Log message: Update sudo package to 1.8.15 |
2015-07-23 14:51:10 by Todd C. Miller | Files touched by this commit (2) |
Log message: Update to sudo-1.8.14p3 |
2015-07-17 09:51:32 by Todd C. Miller | Files touched by this commit (13) |
Log message: Update to sudo 1.8.14 |
2015-07-10 09:16:03 by Marc Espie | Files touched by this commit (3) |
Log message: minimal flavor by default. okay millert@ |
2015-07-04 07:54:49 by Todd C. Miller | Files touched by this commit (2) |
Log message: Install sudoers sampe mode 0440. From Tim van der Molen. |