Page MenuHomeSolus

Update sudo to 1.8.29
ClosedPublic

Authored by kyrios123 on Tue, Oct 29, 4:13 PM.

Details

Summary
  • The cvtsudoers command will now reject non-LDIF input when converting from LDIF format to sudoers or JSON formats.
  • The new log_allowed and log_denied sudoers settings make it possible to disable logging and auditing of allowed and/or denied commands.
  • The umask is now handled differently on systems with PAM or login.conf. If the umask is explicitly set in sudoers, that value is used regardless of what PAM or login.conf may specify. However, if the umask is not explicitly set in sudoers, PAM or login.conf may now override the default sudoers umask.
  • For make install, the sudoers file is no longer checked for syntax errors when DESTDIR is set. The default sudoers file includes the contents of /etc/sudoers.d which may not be readable as non-root.
  • Sudo now sets most resource limits to their maximum value to avoid problems caused by insufficient resources, such as an inability to allocate memory or open files and pipes.
  • Fixed a regression introduced in sudo 1.8.28 where sudo would refuse to run if the parent process was not associated with a session. This was due to sudo passing a session ID of -1 to the plugin.

Signed-off-by: Pierre-Yves <pyu@riseup.net>

Test Plan

sudo su

Diff Detail

Repository
R2974 sudo
Lint
Automatic diff as part of commit; lint not applicable.
Unit
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

kyrios123 created this revision.Tue, Oct 29, 4:13 PM
kyrios123 requested review of this revision.Tue, Oct 29, 4:13 PM
JoshStrobl accepted this revision.Tue, Oct 29, 7:04 PM
JoshStrobl added a subscriber: JoshStrobl.

LGTM, thanks!

This revision is now accepted and ready to land.Tue, Oct 29, 7:04 PM
This revision was automatically updated to reflect the committed changes.