checkpoint for the sudo 1.6.7 release

2025-08-31 06:15:37 +00:00 · 2003-03-31 00:02:10 +00:00
parent ea6c2c1cce
commit d529fea7bb
2 changed files with 68 additions and 47 deletions
--- a/49
+++ b/49
@@ -1,15 +1,18 @@
-Systems that Sudo is known to run on.
-Just because a specific version of your OS is not listed with
-the current version of sudo does not mean it won't work...
+Systems that Sudo has been reported to run on.
+
+Just because a specific version of your OS is not listed with the
+current version of Sudo does not mean it won't work.  If an older
+version of Sudo ran on your OS, chances are that the latest version
+does as well.

 Op. System	CPU	Compilers	Sudo	Reported	 Special
 Name	Rev	Arch	Used		Version	By		 Options
 =======	=======	=======	===============	======= ===============  ===============
 Auspex	1.6.1	sun4	bundled cc	1.3.4	Alek Komarnitsky none
-SunOS	4.1.3	sun4	bundled cc	1.6.6	Todd Miller	 none
-SunOS	4.1.3	sun4	gcc2.9.5.2	1.6.6	Todd Miller	 none
+SunOS	4.1.3	sun4	bundled cc	1.6.7	Todd Miller	 none
+SunOS	4.1.3	sun4	gcc2.9.5.2	1.6.7	Todd Miller	 none
 SunOS	4.1.3	sun4	gcc2.7.2.1	1.5.3	Todd Miller	 --with-kerb4
-SunOS	4.1.3	sun4	gcc2.9.5.2	1.6.6	Todd Miller	 --with-skey
+SunOS	4.1.3	sun4	gcc2.9.5.2	1.6.7	Todd Miller	 --with-skey
 Solaris	2.5.1	sparc	SC4.0		1.5.6p1	Brian Jackson	 none 
 Solaris	2.5.1	sun4u	gcc2.7.2.3	1.5.4	Leon von Stauber none
 Solaris	2.5.1	i386	gcc2.7.2	1.5.4	Leon von Stauber none
@@ -24,11 +27,12 @@ Solaris	7	i386	Workshop 5.0	1.6	Brian Jackson	 none
 Solaris	7	sun4u	egcs 1.1.2	1.5.9p4	Scott Kinnane	 none
 Solaris	7	sparc	SC4.2		1.6.6	Todd Miller	 none
 Solaris	7	sun4u	Workshop 6.2	1.6.3p7	Donna Dickerson	 none
-Solaris	7	sparc	2.95.2		1.6.6	Todd Miller	 --with-skey
+Solaris	7	sparc	gcc2.95.2	1.6.6	Todd Miller	 --with-skey
 Solaris	2.6	sun4u	egcs 1.1.2	1.5.9p4	Scott Kinnane	 none
-Solaris	8	sparc	2.95.2		1.6.6	Todd Miller	 --with-skey
-Solaris	8	sparc	SC4.2		1.6.6	Todd Miller	 none
+Solaris	8	sparc	gcc2.95.2	1.6.7	Todd Miller	 --with-skey
+Solaris	8	sparc	SC4.2		1.6.7	Todd Miller	 none
 Solaris	8	sun4u	Workshop 6.2	1.6.3p7	Donna Dickerson	 none
+Solaris	8	sun4u	gcc2.95.3	1.6.6	Banu Yobas	 none
 ISC	4.0	i386	bundled cc	1.4	Andy Smith	 none
 ISC	4.0	i386	gcc2.7.0	1.4	Andy Smith	 none
 ISC	4.1	i386	bundled cc	1.4	Andy Smith	 none
@@ -40,13 +44,15 @@ HP-UX	9.05	hp700	gcc2.7.2.1	1.5.3	Todd Miller	 none
 HP-UX	9.05	hp700	gcc2.7.2.1	1.5.3	Todd Miller	 --with-kerb4
 HP-UX	9.07	hp700	unbundled cc	1.5	Alek Komarnitsky --with-C2
 HP-UX	9.05	hp700	unbundled cc	1.4	Todd Miller	 none
-HP-UX	10.10	hp700	unbundled cc	1.6.6	Todd Miller	 --with-skey
-HP-UX	10.20	hp700	gcc2.9.5.2	1.6.6	Todd Miller	 --with-skey
-HP-UX	10.20	hp700	bundled cc	1.6.6	Todd Miller	 none
+HP-UX	10.10	hp700	unbundled cc	1.6.7	Todd Miller	 --with-skey
+HP-UX	10.20	hp700	gcc2.9.5.2	1.6.7	Todd Miller	 --with-skey
+HP-UX	10.20	hp700	bundled cc	1.6.7	Todd Miller	 none
 HP-UX	10.20	hp700	gcc 2.95.2	1.6.2	Jeff Earickson 	 --with-DCE
 HP-UX	11.00	hp700	ansi-c		1.5.5b1	Alek Komarnitsky --with-C2
-HP-UX	11.00	hp700	bundled cc	1.5.5p5	Lynn Osburn	 none
-HP-UX	11.00	hp700	HP C compiler	1.6.2	Jeff Earickson 	 --with-pam
+HP-UX	11.00	hp700	bundled cc	1.6.7	Todd Miller 	 none
+HP-UX	11.00	hp700	bundled cc	1.6.7	Todd Miller 	 --with-pam
+HP-UX	11.00	hp700	gcc 3.2		1.6.7	Todd Miller 	 none
+HP-UX	11.00	hp700	gcc 3.2		1.6.7	Todd Miller 	 --with-pam
 HP-UX	11.11	hp800	HP C compiler	1.6.5p2	Bill Marmagas 	 --with-pam
 Ultrix	4.3	mips	bundled cc	1.6.3b2	Todd Miller	 none
 Ultrix	4.3	mips	gcc2.7.2.1	1.5.9	Todd Miller	 --with-skey
@@ -77,11 +83,11 @@ NEXTSTEP 3.2	i386	bundled cc	1.3.2	Jonathan Adams	 none
 NEXTSTEP 3.3	i386	bundled cc	1.4	Jonathan Adams	 none
 NEXTSTEP 3.3	sparc	bundled cc	1.5.3	Mike Kienenberger none
 DEC UNIX 3.2c	alpha	bundled cc	1.5.3	Todd Miller	 none
-DEC UNIX 4.0D	alpha	bundled cc	1.6.6	Todd Miller	 --with-skey
+DEC UNIX 4.0D	alpha	bundled cc	1.6.7	Todd Miller	 --with-skey
 DEC UNIX 4.0	alpha	gcc-2.7.2.1	1.5.3	Todd Miller	 --with-kerb4
 DEC UNIX 4.0D	alpha	bundled cc	1.5.3	Randall R. Cable --with-C2
 DEC UNIX 4.0E	alpha	bundled cc	1.5.9p2	Vangelis Haniotakis none
-Tru64	5.1	alpha	bundled cc	1.6.6	Todd Miller	 none
+Tru64	5.1	alpha	bundled cc	1.6.7	Todd Miller	 none
 AIX	3.2.X	rs6000	bundled cc	1.4	Todd Miller	 none
 AIX	4.1.3	PowerPC	gcc-2.7.0	1.4	Bob Shair	 none
 AIX	4.1.4	rs6000	gcc-2.8.1	1.6.2p2	Todd Miller	 none
@@ -93,11 +99,13 @@ AIX	4.2.1	rs6000	bundled cc	1.5.7p4	Sam Mabjish	 none
 AIX	4.2.1	rs6000	egcs 1.1.2	1.5.9p4	Scott Kinnane	 none
 AIX	4.3	rs6000	bundled cc	1.5.4	Leon von Stauber none
 AIX	4.3.2	rs6000	egcs 1.1.2	1.5.9p4	Scott Kinnane	 none
+AIX	5.0.1.0	rs6000	bundled cc	1.6.6	David Littlewood none
+AIX	5.1	PowerPC	gcc-3.2.1	1.6.6	Neil MacGregor	 none
 ConvexOS 9.1	convex	bundled cc	1.3.6	Todd Miller	 none
 ConvexOS 9.1	convex	gcc2.4.5	1.3.6	Todd Miller	 none
 BSD/OS	4.1	i386	cc		1.6.3	Todd Miller	 --with-skey
-OpenBSD	2.X	all	gcc-2.95.2	1.6.6	Todd Miller	 none
-OpenBSD	3.0	all	gcc-2.95.3	1.6.6	Todd Miller	 none
+OpenBSD	3.X	all	gcc-2.95.3	1.6.7	Todd Miller	 none
+OpenBSD	3.X	all	gcc-2.95.3	1.6.7	Todd Miller	 --with-bsdauth
 FreeBSD	1.1	i386	gcc		1.3.2	Dworkin Muller	 none
 FreeBSD	2.0.5	i386	gcc		1.3.4	Dworkin Muller	 none
 FreeBSD	3.2	i386	gcc 2.7.2.1	1.6	Brian Jackson	 none
@@ -108,12 +116,13 @@ Linux	2.0.34	i586	egcs-2.91.57	1.5.6p2	Darrin Chandler	 none
 Linux	2.0.36	i586	gcc-2.7.2.3	1.5.7p4	Nathan Haney	 none
 Linux	2.0.33pl1 m68k	gcc 2.7.2.3	1.5.6	James Troup	 none
 Linux	2.2.12	i586	gcc-2.95.2	1.6.3	Todd Miller	 --with-pam
-Linux	2.4.9	i686	gcc-2.96	1.6.6	Todd Miller	 --with-pam
+Linux	2.4.18	i686	gcc-3.2		1.6.7	Todd Miller	 --with-pam
 Linux	2.2.13	alpha	egcs-2.91.66	1.6.3	Todd Miller	 --with-pam
 Linux	2.2.6-15 ppc	egcs-1.1.2	1.5.9p4	Barbara Schelkle none
 Linux	2.0.34	mips	gcc-2.7.2	1.6	Tristan Roddis	 none
 UnixWare 1.1.4	i386	gcc-2.7.2	1.4	Michael Hancock	 none
 UnixWare 7.1.1	i686	cc		1.6.5p1	Mike Petkau	 none
+UnixWare 7.1.3	i686	cc		1.6.6	Larry Rosenman	 none
 Pyramid DC/OSx 1.1	bundled cc	1.4	Les Schuettpelz	 none
 ATT	SVR4.x	i486	Metaware CC	1.4	Chris Ellington	 none
 SINIX	5.42	R4000	bundled cc	1.4	Paul Tuininga	 none
@@ -144,7 +153,7 @@ Dynix/ptx 4.4.6	Sequent	bundled cc	1.6	Larry Mascarenhase none
 Dynix/ptx 4.4.7	Sequent	bundled cc	1.6.2p1	Dana Kaempen	 --with-CC=cc
 DC-OSx	1.1-9x	mips	PyrC 4.0A20	1.5.6p2	Brian Jackson	 none
 HI-UX/MPP 02-03	sr2201	bundled cc	1.5.4	Ben Edgington	 none
-SVR4	4.4	m88k	bundled gcc	1.6rc1	Gerry Belanger	 CFLAGS=
+SVR4	4.4	m88k	bundled gcc	1.6.7	Gerry Belanger	 none
 NonStop-UX B32	CO-1475	cc		1.5.9p3	Andrei Panfilenko none
 MacOS	X	ppc	bundled cc	1.6.3p7	Gary Danko	 none

--- a/66
+++ b/66
@@ -41,74 +41,86 @@ TODO list (most will be addressed in sudo 2.0)

 15) Add test for how to read ether interfaces in configure script

-16) Add configure check for $(CC) -R and use it in addition to -L
-
-17) An option to make "sudo -s" use the target user's shell might be nice
+16) An option to make "sudo -s" use the target user's shell might be nice
    (and more like su).  Overlaps with the upcoming -i option.

-18) Add configure option to enable old behavior of visudo (O_EXCL)?
+17) Add configure option to enable old behavior of visudo (O_EXCL)?
    --without-sudoers-lock?

-19) Profile sudo again (is the yacc grammar optimal?)
+18) Profile sudo again (is the yacc grammar optimal?)

-20) Zero out encrypted passwords after use.  Use an Exit function or
+19) Zero out encrypted passwords after use.  Use an Exit function or
    some such (have to hook in to emalloc() and friends).
    Hard (impossible?) to be thorough w/ atexit/on_exit.

-21) Make 'sudo -l user' if run as root do a "sudo -l" output for the specified
+20) Make 'sudo -l user' if run as root do a "sudo -l" output for the specified
    user.

-22) Use strtol() and strtoul(), not atoi()
+21) Use strtol() and strtoul(), not atoi()

-23) In parse.yacc get rid of unneeded '{ ; }'
+23) Look into %e, %p, %k in parse.lex

-24) Look into %e, %p, %k in parse.lex
+23) Make syslog stuff work on vanilla ultrix

-25) Make syslog stuff work on vanilla ultrix
+24) Implement date_format and log_format options.

-26) Implement date_format and log_format options.
+25) Add support for: Default:user@host

-27) Add support for: Default:user@host
+26) Do login-style -sh hack for sudo -s? (new option or do it always?)

-28) Do login-style -sh hack for sudo -s? (new option or do it always?)
+27) Make visudo rcs-aware

-29) Make visudo rcs-aware
-
-30) Add support for parsing multiple sudoers files.  Basically make
+28) Add support for parsing multiple sudoers files.  Basically make
    _PATH_SUDOERS be a colon-separated list of pathname like EDITOR.
    Requires _PATH_SUDOERS_TMP chages (perhaps "%s.tmp").

-31) Add -i (simulate initial login) option as per 946 +sudo
+29) Add -i (simulate initial login) option as per 946 +sudo
    (requires two-pass parser).  Also add "default_path" Defaults option
    to go with it.  (See MINUS_I.patch)

-32) Some people want to be able to specify a special password in sudoers
+30) Some people want to be able to specify a special password in sudoers
    in addition or instead of the normal one.  The best argument for
    this so far is to be able to use separate passwords for the
    target users that are not the passwd file ones.

-33) Add support for trusted users.  E.g. allow user to run a certain
+31) Add support for trusted users.  E.g. allow user to run a certain
    command regardless of what dir it is in if it is owned by the
    trusted user.

-34) Add mechanism to choose logfile based on RunasUser
+32) Add mechanism to choose logfile based on RunasUser

-35) Split the parser into two stages.  The first parse checks for
+33) Split the parser into two stages.  The first parse checks for
    syntax and sets the Defaults options and sets up the
    data structures to check a user.  The second stage does
    the actual user check.

-36) Add a flag similar to '-l' but that spits out sudo commands in
+34) Add a flag similar to '-l' but that spits out sudo commands in
    a format suitable for cut & paste (requires parser overhaul first).

-37) Someone wants a recursive version of the dir specifier.  Ie:
+35) Someone wants a recursive version of the dir specifier.  Ie:
    SOME_MODIFIER:/usr/local/ to allow anything under /usr/local to be run.

-38) An option to set the shell to the target user would make sense.
+36) An option to set the shell to the target user would make sense.
    See other target user-related issues above.

-39) Add an option (-D) to dump the defaults after the sudoers file
+37) Add an option (-D) to dump the defaults after the sudoers file
    has been parsed.  Should only be available to root and should
    allow a -u user modifier.

-40) For sudo 1.7 wipe out the environment by default.
+38) For sudo 1.7 wipe out the environment by default.
+
+39) Allow /etc/sudoers to be a symlink but require the parent dir to
+    be root-owned and not writable by anything else.  Should really
+    traverse the tree to the root doing this.
+
+40) Improve interfaces.c STREAMS code (see ntpd's ntp_io.c for hints)
+
+41) Wildcard support for user and group names? (netgroup too?)
+
+42) If root_sudo is off, still allow sudo -u to non-root users?
+
+43) Add configure option to id user based on euid not ruid?
+
+44) Split $EDITOR/$VISUAL in visudo into an argument vector based on whitespace
+
+45) Use proper links in .pod files