Diff for /embedaddon/sudo/NEWS between versions 1.1.1.2 and 1.1.1.5

version 1.1.1.2, 2012/05/29 12:26:48 version 1.1.1.5, 2013/10/14 07:56:33
Line 1 Line 1
   What's new in Sudo 1.8.8?
   
    * Removed a warning on PAM systems with stacked auth modules
      where the first module on the stack does not succeed.
   
    * Sudo, sudoreplay and visudo now support GNU-style long options.
   
    * The -h (--host) option may now be used to specify a host name.
      This is currently only used by the sudoers plugin in conjunction
      with the -l (--list) option.
   
    * Program usage messages and manual SYNOPSIS sections have been
      simplified.
   
    * Sudo's LDAP SASL support now works properly with Kerberos.
      Previously, the SASL library was unable to locate the user's
      credential cache.
   
    * It is now possible to set the nproc resource limit to unlimited
      via pam_limits on Linux (bug #565).
   
    * New "pam_service" and "pam_login_service" sudoers options
      that can be used to specify the PAM service name to use.
   
    * New "pam_session" and "pam_setcred" sudoers options that
      can be used to disable PAM session and credential support.
   
    * The sudoers plugin now properly supports UIDs and GIDs
      that are larger than 0x7fffffff on 32-bit platforms.
   
    * Fixed a visudo bug introduced in sudo 1.8.7 where per-group
      Defaults entries would cause an internal error.
   
    * If the "tty_tickets" sudoers option is enabled (the default),
      but there is no tty present, sudo will now use a ticket file
      based on the parent process ID.  This makes it possible to support
      the normal timeout behavior for the session.
   
    * Fixed a problem running commands that change their process
      group and then attempt to change the terminal settings when not
      running the command in a pseudo-terminal.  Previously, the process
      would receive SIGTTOU since it was effectively a background
      process.  Sudo will now grant the child the controlling tty and
      continue it when this happens.
   
    * The "closefrom_override" sudoers option may now be used in
      a command-specified Defaults entry (bug #610).
   
    * Sudo's BSM audit support now works on Solaris 11.
   
    * Brazilian Portuguese translation for sudo and sudoers from
      translationproject.org.
   
    * Czech translation for sudo from translationproject.org.
   
    * French translation for sudo from translationproject.org.
   
    * Sudo's noexec support on Mac OS X 10.4 and above now uses dynamic
      symbol interposition instead of setting DYLD_FORCE_FLAT_NAMESPACE=1
      which causes issues with some programs.
   
    * Fixed visudo's -q (--quiet) flag, broken in sudo 1.8.6.
   
    * Root may no longer change its SELinux role without entering
      a password.
   
    * Fixed a bug introduced in Sudo 1.8.7 where the indexes written
      to the I/O log timing file are two greater than they should be.
      Sudoreplay now contains a work-around to parse those files.
   
    * In sudoreplay's list mode, the "this" qualifier in "fromdate"
      or "todate" expressions now behaves more sensibly.  Previously,
      it would often match a date that was "one more" than expected.
      For example, "this week" now matches the current week instead
      of the following week.
   
   What's new in Sudo 1.8.7?
   
    * The non-Unix group plugin is now supported when sudoers data
      is stored in LDAP.
   
    * Sudo now uses a workaround for a locale bug on Solaris 11.0
      that prevents setuid programs like sudo from fully using locales.
   
    * User messages are now always displayed in the user's locale,
      even when the same message is being logged or mailed in a
      different locale.
   
    * Log files created by sudo now explicitly have the group set
      to group ID 0 rather than relying on BSD group semantics (which
      may not be the default).
   
    * A new "exec_background" sudoers option can be used to initially
      run the command without read access to the terminal when running
      a command in a pseudo-tty.  If the command tries to read from
      the terminal it will be stopped by the kernel (via SIGTTIN or
      SIGTTOU) and sudo will immediately restart it as the foreground
      process (if possible).  This allows sudo to only pass terminal
      input to the program if the program actually is expecting it.
      Unfortunately, a few poorly-behaved programs (like "su" on most
      Linux systems) do not handle SIGTTIN and SIGTTOU properly.
   
    * Sudo now uses an efficient group query to get all the groups
      for a user instead of iterating over every record in the group
      database on HP-UX and Solaris.
   
    * Sudo now produces better error messages when there is an error
      in the sudo.conf file.
   
    * Two new settings have been added to sudo.conf to give the admin
      better control of how group database queries are performed.  The
      "group_source" specifies how the group list for a user will be
      determined.  Legal values are "static" (use the kernel groups
      list), "dynamic" (perform a group database query) and "adaptive"
      (only perform a group database query if the kernel list is full).
      The "max_groups" setting specifies the maximum number of groups
      a user may belong to when performing a group database query.
   
    * The sudo.conf file now supports line continuation by using a
      backslash as the last character on the line.
   
    * There is now a standalone sudo.conf manual page.
   
    * Sudo now stores its libexec files in a "sudo" sub-directory instead
      of in libexec itself. For backwards compatibility, if the plugin
      is not found in the default plugin directory, sudo will check
      the parent directory if the default directory ends in "/sudo".
   
    * The sudoers I/O logging plugin now logs the terminal size.
   
    * A new sudoers option "maxseq" can be used to limit the number of
      I/O log entries that are stored.
   
    * The "system_group" and "group_file" sudoers group provider plugins
      are now installed by default.
   
    * The list output (sudo -l) output from the sudoers plugin is now
      less ambiguous when an entry includes different runas users.
      The long list output (sudo -ll) for file-based sudoers is now
      more consistent with the format of LDAP-based sudoers.
   
    * A uid may now be used in the sudoRunAsUser attributes for LDAP
      sudoers.
   
    * Minor plugin API change: the close and version functions are now
      optional.  If the policy plugin does not provide a close function
      and the command is not being run in a new pseudo-tty, sudo may
      now execute the command directly instead of in a child process.
   
    * A new sudoers option "pam_session" can be used to disable sudo's
      PAM session support.
   
    * On HP-UX systems, sudo will now use the pstat() function to
      determine the tty instead of ttyname().
   
    * Turkish translation for sudo and sudoers from translationproject.org.
   
    * Dutch translation for sudo and sudoers from translationproject.org.
   
    * Tivoli Directory Server client libraries may now be used with
      HP-UX where libibmldap has a hidden dependency on libCsup.
   
    * The sudoers plugin will now ignore invalid domain names when
      checking netgroup membership.  Most Linux systems use the string
      "(none)" for the NIS-style domain name instead of an empty string.
   
    * New support for specifying a SHA-2 digest along with the command
      in sudoers.  Supported hash types are sha224, sha256, sha384 and
      sha512.  See the description of Digest_Spec in the sudoers manual
      or the description of sudoCommand in the sudoers.ldap manual for
      details.
   
    * The paths to ldap.conf and ldap.secret may now be specified as
      arguments to the sudoers plugin in the sudo.conf file.
   
    * Fixed potential false positives in visudo's alias cycle detection.
   
    * Fixed a problem where the time stamp file was being treated
      as out of date on Linux systems where the change time on the
      pseudo-tty device node can change after it is allocated.
   
    * Sudo now only builds Position Independent Executables (PIE)
      by default on Linux systems and verifies that a trivial test
      program builds and runs.
   
    * On Solaris 11.1 and higher, sudo binaries will now have the
      ASLR tag enabled if supported by the linker.
   
   What's new in Sudo 1.8.6p8?
   
    * Terminal detection now works properly on 64-bit AIX kernels.
      This was broken by the removal of the ttyname() fallback in Sudo
      1.8.6p6.  Sudo is now able to map an AIX 64-bit device number
      to the corresponding device file in /dev.
   
    * Sudo now checks for crypt() returning NULL when performing
      passwd-based authentication.
   
   What's new in Sudo 1.8.6p7?
   
    * A time stamp file with the date set to the epoch by "sudo -k"
      is now completely ignored regardless of what the local clock is
      set to.  Previously, if the local clock was set to a value between
      the epoch and the time stamp timeout value, a time stamp reset
      by "sudo -k" would be considered current.
   
    * The tty-specific time stamp file now includes the session ID
      of the sudo process that created it.  If a process with the same
      tty but a different session ID runs sudo, the user will now be
      prompted for a password (assuming authentication is required for
      the command).
   
   What's new in Sudo 1.8.6p6?
   
    * On systems where the controlling tty can be determined via /proc
      or sysctl(), sudo will no longer fall back to using ttyname()
      if the process has no controlling tty.  This prevents sudo from
      using a non-controlling tty for logging and time stamp purposes.
   
   What's new in Sudo 1.8.6p5?
   
    * Fixed a potential crash in visudo's alias cycle detection.
   
    * Improved performance on Solaris when retrieving the group list
      for the target user.  On systems with a large number of groups
      where the group database is not local (NIS, LDAP, AD), fetching
      the group list could take a minute or more.
   
   What's new in Sudo 1.8.6p4?
   
    * The -fstack-protector is now used when linking visudo, sudoreplay
      and testsudoers.
   
    * Avoid building PIE binaries on FreeBSD/ia64 as they don't run
      properly.
   
    * Fixed a crash in visudo strict mode when an unknown Defaults
      setting is encountered.
   
    * Do not inform the user that the command was not permitted by the
      policy if they do not successfully authenticate. This is a
      regression introduced in sudo 1.8.6.
   
    * Allow sudo to be build with sss support without also including
      ldap support.
   
    * Fix running commands that need the terminal in the background
      when I/O logging is enabled. E.g. "sudo vi &". When the command
      is foregrounded, it will now resume properly.
   
   What's new in Sudo 1.8.6p3?
   
    * Fixed post-processing of the man pages on systems with legacy
      versions of sed.
   
    * Fixed "sudoreplay -l" on Linux systems with file systems that
      set DT_UNKNOWN in the d_type field of struct dirent.
   
   What's new in Sudo 1.8.6p2?
   
    * Fixed suspending a command after it has already been resumed
      once when I/O logging (or use_pty) is not enabled.
      This was a regression introduced in version 1.8.6.
   
   What's new in Sudo 1.8.6p1?
   
    * Fixed the setting of LOGNAME, USER and USERNAME variables in the
      command's environment when env_reset is enabled (the default).
      This was a regression introduced in version 1.8.6.
   
    * Sudo now honors SUCCESS=return in /etc/nsswitch.conf.
   
   What's new in Sudo 1.8.6?
   
    * Sudo is now built with the -fstack-protector flag if the the
      compiler supports it.  Also, the -zrelro linker flag is used if
      supported.  The --disable-hardening configure option can be used
      to build sudo without stack smashing protection.
   
    * Sudo is now built as a Position Independent Executable (PIE)
      if supported by the compiler and linker.
   
    * If the user is a member of the "exempt" group in sudoers, they
      will no longer be prompted for a password even if the -k flag
      is specified with the command.  This makes "sudo -k command"
      consistent with the behavior one would get if the user ran "sudo
      -k" immediately before running the command.
   
    * The sudoers file may now be a symbolic link.  Previously, sudo
      would refuse to read sudoers unless it was a regular file.
   
    * The sudoreplay command can now properly replay sessions where
      no tty was present.
   
    * The sudoers plugin now takes advantage of symbol visibility
      controls when supported by the compiler or linker.  As a result,
      only a small number of symbols are exported which significantly
      reduces the chances of a conflict with other shared objects.
   
    * Improved support for the Tivoli Directory Server LDAP client
      libraries.  This includes support for using LDAP over SSL (ldaps)
      as well as support for the BIND_TIMELIMIT, TLS_KEY and TLS_CIPHERS
      ldap.conf options.  A new ldap.conf option, TLS_KEYPW can be
      used to specify a password to decrypt the key database.
   
    * When constructing a time filter for use with LDAP sudoNotBefore
      and sudoNotAfter attributes, the current time now includes tenths
      of a second.  This fixes a problem with timed entries on Active
      Directory.
   
    * If a user fails to authenticate and the command would be rejected
      by sudoers, it is now logged with "command not allowed" instead
      of "N incorrect password attempts".  Likewise, the "mail_no_perms"
      sudoers option now takes precedence over "mail_badpass".
   
    * The sudo manuals are now formatted using the mdoc macros.  Versions
      using the legacy man macros are provided for systems that lack mdoc.
   
    * New support for Solaris privilege sets.  This makes it possible
      to specify fine-grained privileges in the sudoers file on Solaris
      10 and above.  A Runas_Spec that contains no Runas_Lists can be
      used to give a user the ability to run a command as themselves
      but with an expanded privilege set.
   
    * Fixed a problem with the reboot and shutdown commands on some
      systems (such as HP-UX and BSD).  On these systems, reboot sends
      all processes (except itself) SIGTERM.  When sudo received
      SIGTERM, it would relay it to the reboot process, thus killing
      reboot before it had a chance to actually reboot the system.
   
    * Support for using the System Security Services Daemon (SSSD) as
      a source of sudoers data.
   
    * Slovenian translation for sudo and sudoers from translationproject.org.
   
    * Visudo will now warn about unknown Defaults entries that are
      per-host, per-user, per-runas or per-command.
   
    * Fixed a race condition that could cause sudo to receive SIGTTOU
      (and stop) when resuming a shell that was run via sudo when I/O
      logging (and use_pty) is not enabled.
   
    * Sending SIGTSTP directly to the sudo process will now suspend the
      running command when I/O logging (and use_pty) is not enabled.
   
   What's new in Sudo 1.8.5p3?
   
    * Fixed the loading of I/O plugins that conform to a plugin API
      version older than 1.2.
   
   What's new in Sudo 1.8.5p2?
   
    * Fixed use of the SUDO_ASKPASS environment variable which was
      broken in Sudo 1.8.5.
   
    * Fixed a problem reading the sudoers file when the file mode is
      more restrictive than the expected mode.  For example, when the
      expected sudoers file mode is 0440 but the actual mode is 0400.
   
 What's new in Sudo 1.8.5p1?  What's new in Sudo 1.8.5p1?
   
  * Fixed a bug that prevented files in an include directory from   * Fixed a bug that prevented files in an include directory from
Line 210  What's new in Sudo 1.8.3p1? Line 569  What's new in Sudo 1.8.3p1?
   
  * Fixed a crash in the monitor process on Solaris when NOPASSWD   * Fixed a crash in the monitor process on Solaris when NOPASSWD
    was specified or when authentication was disabled.     was specified or when authentication was disabled.
 
  * Fixed matching of a Runas_Alias in the group section of a   * Fixed matching of a Runas_Alias in the group section of a
    Runas_Spec.     Runas_Spec.
   

Removed from v.1.1.1.2  
changed lines
  Added in v.1.1.1.5


FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>