2012年2月21日

[installer 3114] sudo-1.7.9, 1.8.4

sudo-1.7.9, 1.8.4 出ています。

☆ sudo-1.7.9
http://www.sudo.ws/
http://www.sudo.ws/sudo/dist/sudo-1.7.9.tar.gz
ftp://ftp.sudo.ws/pub/sudo/sudo-1.7.9.tar.gz

What's new in Sudo 1.7.9?


* Fixed a false positive in visudo strict mode when aliases are
in use.

* The line on which a syntax error is reported in the sudoers file
is now more accurate. Previously it was often off by a line.

* The #include and #includedir directives in sudoers now support
relative paths. If the path is not fully qualified it is expected
to be located in the same directory of the sudoers file that is
including it.

* visudo will now fix the mode on the sudoers file even if no changes
are made unless the -f option is specified.

* The "use_loginclass" sudoers option works properly again.

* For LDAP-based sudoers, values in the search expression are now
escaped as per RFC 4515.

* Fixed a race condition when I/O logging is not enabled that could
result in tty-generated signals (e.g. control-C) being received
by the command twice.

* If none of the standard input, output or error are connected to
a tty device, sudo will now check its parent's standard input,
output or error for the tty name on systems with /proc and BSD
systems that support the KERN_PROC_PID sysctl. This allows
tty-based tickets to work properly even when, e.g. standard
input, output and error are redirected to /dev/null.

* Fixed a bug where a pattern like "/usr/*" included /usr/bin/ in
the results, which would be incorrectly be interpreted as if the
sudoers file had specified a directory.

* "visudo -c" will now list any include files that were checked
in addition to the main sudoers file when everything parses OK.

* Users that only have read-only access to the sudoers file may
now run "visudo -c". Previously, write permissions were required
even though no writing is down in check-only mode.


☆ sudo-1.8.4
http://www.sudo.ws/
http://www.sudo.ws/sudo/dist/sudo-1.8.4.tar.gz
ftp://ftp.sudo.ws/pub/sudo/sudo-1.8.4.tar.gz

What's new in Sudo 1.8.4?

* The -D flag in sudo has been replaced with a more general debugging
framework that is configured in sudo.conf.

* Fixed a false positive in visudo strict mode when aliases are
in use.

* Fixed a crash with "sudo -i" when a runas group was specified
without a runas user.

* The line on which a syntax error is reported in the sudoers file
is now more accurate. Previously it was often off by a line.

* Fixed a bug where stack garbage could be printed at the end of
the lecture when the "lecture_file" option was enabled.

* "make install" now honors the LINGUAS environment variable.

* The #include and #includedir directives in sudoers now support
relative paths. If the path is not fully qualified it is expected
to be located in the same directory of the sudoers file that is
including it.

* Serbian and Spanish translations for sudo from translationproject.org.

* LDAP-based sudoers may now access by group ID in addition to
group name.

* visudo will now fix the mode on the sudoers file even if no changes
are made unless the -f option is specified.

* The "use_loginclass" sudoers option works properly again.

* On systems that use login.conf, "sudo -i" now sets environment
variables based on login.conf.

* For LDAP-based sudoers, values in the search expression are now
escaped as per RFC 4515.

* The plugin close function is now properly called when a login
session is killed (as opposed to the actual command being killed).
This can happen when an ssh session is disconnected or the
terminal window is closed.

* The deprecated "noexec_file" sudoers option is no longer supported.

* Fixed a race condition when I/O logging is not enabled that could
result in tty-generated signals (e.g. control-C) being received
by the command twice.

* If none of the standard input, output or error are connected to
a tty device, sudo will now check its parent's standard input,
output or error for the tty name on systems with /proc and BSD
systems that support the KERN_PROC_PID sysctl. This allows
tty-based tickets to work properly even when, e.g. standard
input, output and error are redirected to /dev/null.

* Added the --enable-kerb5-instance configure option to allow
people using Kerberos V authentication to specify a custom
instance so the principal name can be, e.g. "username/sudo"
similar to how ksu uses "username/root".

* Fixed a bug where a pattern like "/usr/*" included /usr/bin/ in
the results, which would be incorrectly be interpreted as if the
sudoers file had specified a directory.

* "visudo -c" will now list any include files that were checked
in addition to the main sudoers file when everything parses OK.

* Users that only have read-only access to the sudoers file may
now run "visudo -c". Previously, write permissions were required
even though no writing is down in check-only mode.

* It is now possible to prevent the disabling of core dumps from
within sudo itself by adding a line to the sudo.conf file like
"Set disable_coredump false".

----
こがよういちろう


投稿者 xml-rpc : 2012年2月21日 08:38
役に立ちました?:
過去のフィードバック 平均:(0) 総合:(0) 投票回数:(0)
本記事へのTrackback: http://hoop.euqset.org/blog/mt-tb2006.cgi/108850
トラックバック
コメント
コメントする




画像の中に見える文字を入力してください。