--- - branch: pkgsrc-2008Q4 date: Thu Feb 5 17:00:25 UTC 2009 files: - new: 1.113.10.1 old: '1.113' path: pkgsrc/security/sudo/Makefile pathrev: pkgsrc/security/sudo/Makefile@1.113.10.1 type: modified - new: 1.2.12.1 old: '1.2' path: pkgsrc/security/sudo/PLIST pathrev: pkgsrc/security/sudo/PLIST@1.2.12.1 type: modified - new: 1.56.10.1 old: '1.56' path: pkgsrc/security/sudo/distinfo pathrev: pkgsrc/security/sudo/distinfo@1.56.10.1 type: modified - new: 1.15.12.1 old: '1.15' path: pkgsrc/security/sudo/options.mk pathrev: pkgsrc/security/sudo/options.mk@1.15.12.1 type: modified - new: 1.19.12.1 old: '1.19' path: pkgsrc/security/sudo/patches/patch-aa pathrev: pkgsrc/security/sudo/patches/patch-aa@1.19.12.1 type: modified - new: 1.20.12.1 old: '1.20' path: pkgsrc/security/sudo/patches/patch-af pathrev: pkgsrc/security/sudo/patches/patch-af@1.20.12.1 type: modified - new: 1.12.12.1 old: '1.12' path: pkgsrc/security/sudo/patches/patch-ag pathrev: pkgsrc/security/sudo/patches/patch-ag@1.12.12.1 type: modified - new: '0' old: '1.4' path: pkgsrc/security/sudo/patches/patch-ai pathrev: pkgsrc/security/sudo/patches/patch-ai@0 type: deleted id: 20090205T170025Z.6e439cd9ab097014f88c976c165d164a5c794b48 log: "Pullup ticket #2688 - requested by taca\nsudo: security update\n\nRevisions pulled up:\n- security/sudo/Makefile\t\t\t1.114\n- security/sudo/PLIST\t\t\t\t1.3\n- security/sudo/distinfo\t\t\t1.57\n- security/sudo/options.mk\t\t\t1.16\n- security/sudo/patches/patch-aa\t\t1.20\n- security/sudo/patches/patch-af\t\t1.21\n- security/sudo/patches/patch-ag\t\t1.13\n- security/sudo/patches/patch-ai\t\tdelete\n---\nModule Name:\tpkgsrc\nCommitted By:\ttaca\nDate:\t\tThu Feb 5 13:48:12 UTC 2009\n\nModified Files:\n\tpkgsrc/security/sudo: Makefile PLIST distinfo options.mk\n\tpkgsrc/security/sudo/patches: patch-aa patch-af patch-ag\nRemoved Files:\n\tpkgsrc/security/sudo/patches: patch-ai\n\nLog Message:\nUpdate security/sudo package to 1.7.0.\n\n* pkgsrc change: relax restriction to kerberos package.\n\nWhat's new in Sudo 1.7.0?\n\n * Rewritten parser that converts sudoers into a set of data structures.\n This eliminates a number of ordering issues and makes it possible to\n apply sudoers Defaults entries before searching for the command.\n It also adds support for per-command Defaults specifications.\n\n * Sudoers now supports a #include facility to allow the inclusion of other\n sudoers-format files.\n\n * Sudo's -l (list) flag has been enhanced:\n o applicable Defaults options are now listed\n o a command argument can be specified for testing whether a user\n may run a specific command.\n o a new -U flag can be used in conjunction with \"sudo -l\" to allow\n root (or a user with \"sudo ALL\") list another user's privileges.\n\n * A new -g flag has been added to allow the user to specify a\n primary group to run the command as. The sudoers syntax has been\n extended to include a group section in the Runas specification.\n\n * A uid may now be used anywhere a username is valid.\n\n * The \"secure_path\" run-time Defaults option has been restored.\n\n * Password and group data is now cached for fast lookups.\n\n * The file descriptor at which sudo starts closing all open files is now\n configurable via sudoers and, optionally, the command line.\n\n * Visudo will now warn about aliases that are defined but not used.\n\n * The -i and -s command line flags now take an optional command\n to be run via the shell. Previously, the argument was passed\n to the shell as a script to run.\n\n * Improved LDAP support. SASL authentication may now be used in\n \ conjunction when connecting to an LDAP server. The krb5_ccname\n parameter in ldap.conf may be used to enable Kerberos.\n\n * Support for /etc/nsswitch.conf. \ LDAP users may now use nsswitch.conf\n to specify the sudoers order. E.g.:\n\tsudoers: ldap files\n to check LDAP, then /etc/sudoers. The default is \"files\", even\n \ when LDAP support is compiled in. This differs from sudo 1.6\n where LDAP was always consulted first.\n\n * Support for /etc/environment on AIX and Linux. \ If sudo is run\n with the -i flag, the contents of /etc/environment are used to\n populate the new environment that is passed to the command being\n run.\n\n * If no terminal is available or if the new -A flag is specified,\n sudo will use a helper program to read the password if one is\n configured. Typically, this is a graphical password prompter\n such as ssh-askpass.\n\n * A new Defaults option, \"mailfrom\" that sets the value of the\n \"From:\" field in the warning/error mail. If unspecified, the\n login name of the invoking user is used.\n\n * A new Defaults option, \"env_file\" that refers to a file containing\n environment variables to be set in the command being run.\n\n * A new flag, -n, may be used to indicate that sudo should not\n prompt the user for a password and, instead, exit with an error\n if authentication is required.\n\n * If sudo needs to prompt for a password and it is unable to disable\n echo (and no askpass program is defined), it will refuse to run\n unless the \"visiblepw\" Defaults option has been specified.\n\n * Prior to version 1.7.0, hitting enter/return at the Password: prompt\n would exit sudo. In sudo 1.7.0 and beyond, this is treated as\n an empty password. To exit sudo, the user must press ^C or ^D\n at the prompt.\n\n * visudo will now check the sudoers file owner and mode in -c (check)\n mode when the -s (strict) flag is specified.\n" module: pkgsrc subject: 'CVS commit: [pkgsrc-2008Q4] pkgsrc/security/sudo' unixtime: '1233853225' user: tron