./security/sudo [execute a command as another user]
[+] Add this package to your ports tracker

[ CVSweb ] [ Homepage ] [ RSS feed ]

Version: 1.9.3p1, Package name: sudo-1.9.3p1
Maintained by: Todd C. Miller
Master sites:
Flavors (export FLAVOR=xyz, setenv FLAVOR xyz):
  • gettext
  • ldap
  • no_python
Description-main
Sudo (su "do") allows a system administrator to delegate authority
to give certain users (or groups of users) the ability to run some
(or all) commands as root or another user while providing an audit
trail of the commands and their arguments.

Description-python
The sudo Python plugin can be used to write sudo 1.9 plugins in
Python instead of C. The API closely follows the C sudo plugin API
described by sudo_plugin(5).


Filesize: 3865.304 KB
Version History (View Complete History)
  • (2020-09-24) Updated to version: sudo-1.9.3p1
  • (2020-06-21) Updated to version: sudo-1.9.1
  • (2020-01-31) Updated to version: sudo-1.8.31
  • (2020-01-13) Updated to version: sudo-1.8.30
  • (2018-05-01) Updated to version: sudo-1.8.23
  • (2018-01-16) Updated to version: sudo-1.8.22
  • (2017-09-08) Updated to version: sudo-1.8.21.2
  • (2017-09-02) Updated to version: sudo-1.8.21.1
  • (2017-08-24) Updated to version: sudo-1.8.21
  • (2017-06-01) Updated to version: sudo-1.8.20.2
[show/hide] View available PLISTS (Can be a lot of data)

CVS Commit History:

   2020-09-23 20:44:14 by Daniel Jakots | Files touched by this commit (1)
Log message:
Improve PKGNAME handling
ok millert@ (maintainer)
   2020-09-23 20:16:12 by Todd C. Miller | Files touched by this commit (1)
Log message:
Update to sudo 1.9.3p1.
   2020-09-23 19:38:42 by Todd C. Miller | Files touched by this commit (1)
Log message:
Update to sudo 1.9.3p1.
   2020-07-03 15:13:23 by Stuart Henderson | Files touched by this commit (1032)
Log message:
bump REVISION; python 3 default changed to 3.8
   2020-06-26 14:23:54 by Stuart Henderson | Files touched by this commit (2)
Log message:
append the flavour to the @pkgpath marker, otherwise all flavoured packages
have @pkgpath security/sudo and act as candidates for each other, i.e. to
stop all pkg_add -u runs from asking which flavour to use.  ok millert@
   2020-06-24 09:58:21 by Todd C. Miller | Files touched by this commit (2)
Log message:
@sample lines need to come immediately after the file they are sampling.
From deserter666 AT danwin1210
   2020-06-21 06:38:52 by Stuart Henderson | Files touched by this commit (2)
Log message:
sudo needs @pkgpath so that updates work (package path for the main
package changed security/sudo -> security/sudo,-main so without this
it's not considered a valid update candidate)
   2020-06-21 06:03:34 by Todd C. Miller | Files touched by this commit (12)
Log message:
Update to sudo 1.9.1.
This adds a new sub-package for the optional Python plugin support,
which can be disabled via the no_python pseudo-flavor.
Thanks to sthen@ and ajacoutot@ for their help.
   2020-01-30 16:03:27 by Stuart Henderson | Files touched by this commit (1)
Log message:
Update to sudo-1.8.31 in -stable, ok millert
Changes include:
* Fixed CVE-2019-18634, a buffer overflow when the "pwfeedback"
sudoers option is enabled on systems with uni-directional pipes.
* The "sudoedit_checkdir" option now treats a user-owned directory
as writable, even if it does not have the write bit set at the
time of check.  Symbolic links will no longer be followed by
sudoedit in any user-owned directory.  Bug #912
   2020-01-30 11:47:11 by Todd C. Miller | Files touched by this commit (2)
Log message:
Update sudo to 1.8.31:
* Fixed CVE-2019-18634, a buffer overflow when the "pwfeedback"
sudoers option is enabled on systems with uni-directional pipes.
* The "sudoedit_checkdir" option now treats a user-owned directory
as writable, even if it does not have the write bit set at the
time of check.  Symbolic links will no longer be followed by
sudoedit in any user-owned directory.  Bug #912
* Fixed sudoedit on macOS 10.15 and above where the root file system
is mounted read-only.  Bug #913.
* Fixed a crash introduced in sudo 1.8.30 when suspending sudo
at the password prompt.  Bug #914.
* Fixed compilation on systems where the mmap MAP_ANON flag
is not available.  Bug #915.
   2019-12-31 14:54:25 by Todd C. Miller | Files touched by this commit (3)
Log message:
Update sudo to 1.8.30:
* Fixed a warning on macOS introduced in sudo 1.8.29 when sudo
attempts to set the open file limit to unlimited.  Bug #904.
* Sudo now closes file descriptors before changing uids.  This
prevents a non-root process from interfering with sudo's ability
to close file descriptors on systems that support the prlimit(2)
system call.
* Sudo now treats an attempt to run "sudo sudoedit" as simply
"sudoedit".  If the sudoers file contains a fully-qualified path
to sudoedit, sudo will now treat it simply as "sudoedit" (with
no path).  Visudo will will now treat a fully-qualified path
to sudoedit as an error.  Bug #871.
* Fixed a bug introduced in sudo 1.8.28 where sudo would warn about
a missing /etc/environment file on AIX and Linux when PAM is not
enabled.  Bug #907
* Fixed a bug on Linux introduced in sudo 1.8.29 that prevented
the askpass program from running due to an unlimited stack size
resource limit.  Bug #908.
* If a group provider plugin has optional arguments, the argument list
passed to the plugin is now NULL terminated as per the documentation.
* The user's time stamp file is now only updated if both authentication
and approval phases succeed.  This is consistent with the behavior
of sudo prior to version 1.8.23.  Bug #910
* The new allow_unknown_runas_id sudoers setting can be used to
enable or disable the use of unknown user or group IDs.  Previously,
sudo would always allow unknown user or group IDs if the sudoers
entry permitted it, including via the "ALL" alias.  As of sudo
1.8.30, the admin must explicitly enable support for unknown IDs.
* The new runas_check_shell sudoers setting can be used to require
that the runas user have a shell listed in the /etc/shells file.
On many systems, users such as "bin", do not have a valid shell
and this flag can be used to prevent commands from being run as
those users.
* Fixed a problem restoring the SELinux tty context during reboot
if mctransd is killed before sudo finishes.  GitHub Issue #17.
* Fixed an intermittent warning on NetBSD when sudo restores the
initial stack size limit.
   2019-10-28 09:02:49 by Todd C. Miller | Files touched by this commit (2)
Log message:
Update sudo to 1.8.29:
* The cvtsudoers command will now reject non-LDIF input when converting
from LDIF format to sudoers or JSON formats.
* The new log_allowed and log_denied sudoers settings make it possible
to disable logging and auditing of allowed and/or denied commands.
* The umask is now handled differently on systems with PAM or login.conf.
If the umask is explicitly set in sudoers, that value is used regardless
of what PAM or login.conf may specify.  However, if the umask is not
explicitly set in sudoers, PAM or login.conf may now override the default
sudoers umask.  Bug #900.
* For "make install", the sudoers file is no longer checked for syntax
errors when DESTDIR is set.  The default sudoers file includes the
contents of /etc/sudoers.d which may not be readable as non-root.
Bug #902.
* Sudo now sets most resource limits to their maximum value to avoid
problems caused by insufficient resources, such as an inability to
allocate memory or open files and pipes.
* Fixed a regression introduced in sudo 1.8.28 where sudo would refuse
to run if the parent process was not associated with a session.
This was due to sudo passing a session ID of -1 to the plugin.
   2019-10-22 03:36:21 by Stuart Henderson | Files touched by this commit (1)
Log message:
bump REVISION for -current sudo to take it to the same version as 6.6-stable
   2019-10-22 03:35:53 by Stuart Henderson | Files touched by this commit (1)
Log message:
bump REVISION for 6.6-stable sudo to take it above the package version
used for 6.5-stable; necessary because gettext dependencies changed between
6.5 and 6.6
   2019-10-21 05:21:18 by Stuart Henderson | Files touched by this commit (1)
Log message:
MFC sudo-1.8.28p1 to 6.6-stable
1.8.28 fixes CVE-2019-14287: https://www.sudo.ws/alerts/minus_1_uid.html
1.8.28p1 fixes a minor regression introduced in 1.8.28.
   2019-10-16 09:53:04 by Stuart Henderson | Files touched by this commit (1)
Log message:
MFC sudo-1.8.28p1 to 6.5-stable, ok millert
1.8.28 fixes CVE-2019-14287: https://www.sudo.ws/alerts/minus_1_uid.html
1.8.28p1 fixes a minor regression introduced in 1.8.28.
   2019-10-16 09:09:25 by Todd C. Miller | Files touched by this commit (2)
Log message:
Sudo 1.8.28p1 fixes a minor regression introduced in 1.8.28.
   2019-10-14 09:17:27 by Todd C. Miller | Files touched by this commit (2)
Log message:
Update sudo to 1.8.28, fixes CVE-2019-14287
See https://www.sudo.ws/alerts/minus_1_uid.html for details
   2019-07-12 14:50:18 by Stuart Henderson | Files touched by this commit (845)
Log message:
replace simple PERMIT_PACKAGE_CDROM=Yes with PERMIT_PACKAGE=Yes
   2019-06-25 14:25:24 by Stuart Henderson | Files touched by this commit (77)
Log message:
bump REVISION in a bunch of ports known or likely to use struct kinfo_proc,
there may be some missing as my unpacked ports source is a little out of date
but this should catch the main things people might run into
the struct was reordered a second time in sysctl.h r1.192 to improve
compatibility but amd64 snapshot packages made it out before that happened
so the bumps are still needed
   2019-05-20 16:15:31 by Christian Weisgerber | Files touched by this commit (488)
Log message:
Update gettext to 0.20.1.
Follow the upstream recommendations for packagers and switch to
multi-packages:
devel/gettext       -> devel/gettext,-runtime
devel/gettext-tools -> devel/gettext,-tools
(new)                  devel/gettext,-textstyle
   2019-01-12 19:58:15 by Todd C. Miller | Files touched by this commit (2)
Log message:
Update to sudo 1.8.27
   2018-11-16 06:19:23 by Todd C. Miller | Files touched by this commit (3)
Log message:
Update to sudo 1.8.26
The PLIST file was missing cvtsudoers(1) which was added in 1.8.23
   2018-09-03 21:01:00 by Todd C. Miller | Files touched by this commit (2)
Log message:
Update to sudo 1.8.25
   2018-08-18 15:40:09 by Todd C. Miller | Files touched by this commit (2)
Log message:
Update to sudo 1.8.24
   2018-05-26 03:54:51 by Marc Espie | Files touched by this commit (1)
Log message:
use PREFIX, TRUEPREFIX is the same
   2018-04-30 14:55:38 by Todd C. Miller | Files touched by this commit (2)
Log message:
Update to sudo 1.8.23
   2018-01-16 06:24:06 by Todd C. Miller | Files touched by this commit (3)
Log message:
Update to sudo 1.8.22
   2017-09-07 06:03:07 by Todd C. Miller | Files touched by this commit (2)
Log message:
Update to sudo 1.8.21p2
   2017-09-01 15:36:55 by Todd C. Miller | Files touched by this commit (2)
Log message:
Update to sudo 1.8.21p1
   2017-08-24 05:48:41 by Todd C. Miller | Files touched by this commit (2)
Log message:
Update to sudo 1.8.21
   2017-05-31 14:33:44 by Todd C. Miller | Files touched by this commit (2)
Log message:
update to sudo 1.8.20p2; no real change on OpenBSD
   2017-05-30 13:55:15 by Todd C. Miller | Files touched by this commit (2)
Log message:
update to sudo 1.8.20p1
   2017-05-10 10:07:54 by Todd C. Miller | Files touched by this commit (2)
Log message:
update to sudo 1.8.20
   2017-01-14 09:39:24 by Todd C. Miller | Files touched by this commit (2)
Log message:
update to sudo 1.8.19p2
   2016-12-20 10:35:18 by Todd C. Miller | Files touched by this commit (2)
Log message:
Update to sudo 1.8.19p1
   2016-12-20 06:21:59 by Todd C. Miller | Files touched by this commit (2)
Log message:
Update to sudo 1.8.19
   2016-10-26 15:23:10 by Todd C. Miller | Files touched by this commit (2)
Log message:
Update to sudo 1.8.18p1
   2016-09-21 06:31:34 by Todd C. Miller | Files touched by this commit (2)
Log message:
Update to sudo 1.8.18
   2016-06-22 14:40:13 by Todd C. Miller | Files touched by this commit (2)
Log message:
Update to sudo 1.8.17p1
   2016-06-20 10:34:26 by Todd C. Miller | Files touched by this commit (2)
Log message:
Update to sudo 1.8.17
   2016-03-18 10:06:48 by Christian Weisgerber | Files touched by this commit (3)
Log message:
garbage-collect PFRAG.shared; ok millert@
   2016-03-17 16:53:06 by Todd C. Miller | Files touched by this commit (2)
Log message:
Update to sudo 1.8.16
   2016-03-11 13:28:34 by Christian Weisgerber | Files touched by this commit (247)
Log message:
garbage collect CONFIGURE_SHARED
   2015-11-03 18:52:24 by Todd C. Miller | Files touched by this commit (2)
Log message:
Update sudo package to 1.8.15
   2015-07-23 14:51:10 by Todd C. Miller | Files touched by this commit (2)
Log message:
Update to sudo-1.8.14p3
   2015-07-17 09:51:32 by Todd C. Miller | Files touched by this commit (13)
Log message:
Update to sudo 1.8.14
   2015-07-10 09:16:03 by Marc Espie | Files touched by this commit (3)
Log message:
minimal flavor by default. okay millert@
   2015-07-04 07:54:49 by Todd C. Miller | Files touched by this commit (2)
Log message:
Install sudoers sampe mode 0440.  From Tim van der Molen.