Softpedia >Linux >System >System Administration >Sudo >  Changelog

Sudo Changelog

What's new in Sudo 1.8.29

Oct 29, 2019
  • The cvtsudoers command will now reject non-LDIF input when converting from LDIF format to sudoers or JSON formats.
  • The new log_allowed and log_denied sudoers settings make it possible to disable logging and auditing of allowed and/or denied commands.
  • The umask is now handled differently on systems with PAM or login.conf. If the umask is explicitly set in sudoers, that value is used regardless of what PAM or login.conf may specify. However, if the umask is not explicitly set in sudoers, PAM or login.conf may now override the default sudoers umask. Bug #900.
  • For make install, the sudoers file is no longer checked for syntax errors when DESTDIR is set. The default sudoers file includes the contents of /etc/sudoers.d which may not be readable as non-root. Bug #902.
  • Sudo now sets most resource limits to their maximum value to avoid problems caused by insufficient resources, such as an inability to allocate memory or open files and pipes.
  • Fixed a regression introduced in sudo 1.8.28 where sudo would refuse to run if the parent process was not associated with a session. This was due to sudo passing a session ID of -1 to the plugin.

New in Sudo 1.8.28 (Oct 15, 2019)

  • Sudo will now only set PAM_TTY to the empty string when no terminal is present on Solaris and Linux. This workaround is only needed on those systems which may have PAM modules that misbehave when PAM_TTY is not set.
  • The mailerflags sudoers option now has a default value even if sendmail support was disabled at configure time. Fixes a crash when the mailerpath sudoers option is set but mailerflags is not. Bug #878.
  • Sudo will now filter out last login messages on HP-UX unless it a shell is being run via sudo -s or sudo -i. Otherwise, when trusted mode is enabled, these messages will be displayed for each command.
  • On AIX, when the user's password has expired and PAM is not in use, sudo will now allow the user to change their password. Bug #883.
  • Sudo has a new -B command line option that will ring the terminal bell when prompting for a password.
  • Sudo no longer refuses to prompt for a password when it cannot determine the user's terminal as long as it can open /dev/tty. This allows sudo to function on systems where /proc is unavailable, such as when running in a chroot environment.
  • The env_editor sudoers flag is now on by default. This makes source builds more consistent with the packages generated by sudo's mkpkg script.
  • Sudo no longer ships with pre-formatted copies of the manual pages. These were included for systems like IRIX that don't ship with an nroff utility. There are now multiple Open Source nroff replacements so this should no longer be an issue.
  • Fixed a bad interaction with configure's --prefix and --disable-shared options. Bug #886.
  • More verbose error message when a password is required and no terminal is present. Bug #828.
  • Command tags, such as NOPASSWD, are honored when a user tries to run a command that is allowed by sudoers but which does not actually exist on the file system. Bug #888.
  • Asturian translation for sudoers from translationproject.org.
  • I/O log timing files now store signal suspend and resume information in the form of a signal name instead of a number.
  • Fixed a bug introduced in 1.8.24 that prevented sudo from honoring the value of ipa_hostname from sssd.conf, if specified, when matching the host name.
  • Fixed a bug introduced in 1.8.21 that prevented the core dump resource limit set in the pam_limits module from taking effect. Bug #894.
  • Fixed parsing of double-quoted Defaults group and netgroup bindings.
  • The user ID is now used when matching sudoUser attributes in LDAP. Previously, the user name, group name and group IDs were used when matching but not the user ID.
  • Sudo now writes PAM messages to the user's terminal, if available, instead of the standard output or standard error. This prevents PAM output from being intermixed with that of the command when output is sent to a file or pipe. Bug #895.
  • Sudoedit now honors the umask and umask_override settings in sudoers. Previously, the user's umask was used as-is.
  • Fixed a bug where the terminal's file context was not restored when using SELinux RBAC. Bug #898.
  • Fixed a security issue where a sudo user may be able to run a command as root when the Runas specification explicitly disallows root access as long as the ALL keyword is listed first. This vulnerability has been assigned CVE-2019-14287

New in Sudo 1.8.27 (Jan 13, 2019)

  • On HP-UX, sudo will now update the utmps file when running a command in a pseudo-tty. Previously, only the utmp and utmpx files were updated.
  • Nanosecond precision file time stamps are now supported on HP-UX.
  • Fixes and clarifications to the sudo plugin documentation.
  • The sudo manuals no longer require extensive post-processing to hide system-specific features. Conditionals in the roff source are now used instead. This fixes corruption of the sudo manual on systems without BSD login classes. Bug #861.
  • If an I/O logging plugin is configured but the plugin does not actually log any I/O, sudo will no longer force the command to be run in a pseudo-tty.
  • The fix for bug #843 in sudo 1.8.24 was incomplete. If the user's password was expired or needed to be updated, but no sudo password was required, the PAM handle was freed too early, resulting in a failure when processing PAM session modules.
  • In visudo, it is now possible to specify the path to sudoers without using the -f option. Bug #864.
  • Fixed a bug introduced in sudo 1.8.22 where the utmp (or utmpx) file would not be updated when a command was run in a pseudo-tty. Bug #865.
  • Sudo now sets the silent flag when opening the PAM session except when running a shell via sudo -s or sudo -i. This prevents the pam_lastlog module from printing the last login information for each sudo command. Bug #867.
  • Fixed the default AIX hard resource limit for the maximum number of files a user may have open. If no hard limit for nofiles is explicitly set in /etc/security/limits, the default should be unlimited. Previously, the default hard limit was 8196.
  • Sudo now sets the silent flag when opening the PAM session except when running a shell via sudo -s or sudo -i. This prevents the pam_lastlog module from printing the last login information for each sudo command. Bug #867.
  • Fixed the default AIX hard resource limit for the maximum number of files a user may have open. If no hard limit for nofiles is explicitly set in /etc/security/limits, the default should be unlimited. Previously, the default hard limit was 8196.

New in Sudo 1.8.25p1 (Sep 13, 2018)

  • Fixed a bug introduced in sudo 1.8.25 that caused a crash on systems that have the poll() function but not the ppoll() function. Bug #851.

New in Sudo 1.8.23 (May 3, 2018)

  • PAM account management modules and BSD auth approval modules are now run even when no password is required.
  • For kernel-based time stamps, if no terminal is present, fall back to parent-pid style time stamps.
  • The new cvtsudoers utility replaces both the sudoers2ldif script and the visudo -x functionality. It can read a file in either sudoers or LDIF format and produce JSON, LDIF or sudoers output. It is also possible to filter the generated output file by user, group or host name.
  • The file, ldap and sss sudoers backends now share a common set of formatting functions for "sudo -l" output, which is also used by the cvtsudoers utility.
  • The /run directory is now used in preference to /var/run if it exists. Bug #822.
  • More accurate descriptions of the --with-rundir and --with-vardir configure options. Bug #823.
  • The setpassent() and setgroupent() functions are now used on systems that support them to keep the passwd and group database open. Sudo performs a lot of passwd and group lookups so it can be beneficial to avoid opening and closing the files each time.
  • The new case_insensitive_user and case_insensitive_group sudoers options can be used to control whether sudo does case-sensitive matching of users and groups in sudoers. Case insensitive matching is now the default.
  • Fixed a bug on some systems where sudo could hang on command exit when I/O logging was enabled. Bug #826.
  • Fixed a problem with the process start time test in make check when run in a Linux container. The test now uses the "btime" field in /proc/stat to get the system start time instead of using /proc/uptime, which is the container uptime. Bug #829.
  • When determining which temporary directory to use, sudoedit now checks the directory for writability before using it. Previously, sudoedit only performed an existence check. Bug #827.
  • Sudo now includes an optional set of Monty Python-inspired insults.
  • Fixed the execution of scripts with an associated digest (checksum) in sudoers on FreeBSD systems. FreeBSD does not have a full /dev/fd directory mounted by default and its fexecve(2) is not fully POSIX compliant when executing scripts. Bug #831.
  • Chinese (Taiwan) translation for sudo from translationproject.org.

New in Sudo 1.8.22 (Feb 11, 2018)

  • Commands run in the background from a script run via sudo will no longer receive SIGHUP when the parent exits and I/O logging is enabled. Bug #502.
  • A particularly offensive insult is now disabled by default. Bug #804.
  • The description of sudo -i now correctly documents that the env_keep and env_check sudoers options are applied to the environment. Bug #806.
  • Fixed a crash when the system's host name is not set. Bug #807.
  • The sudoers2ldif script now handles #include and #includedir directives.
  • Fixed a bug where sudo would silently exit when the command was not allowed by sudoers and the passwd_tries sudoers option was set to a value less than one.
  • Fixed a bug with the listpw and verifypw sudoers options and multiple sudoers sources. If the option is set to all a password should be required unless none of a user's sudoers entries from any source require authentication.
  • Fixed a bug with the listpw and verifypw sudoers options in the LDAP and SSSD back-ends. If the option is set to any and the entry contained multiple rules, only the first matching rule was checked. If an entry contained more than one matching rule and the first rule required authentication but a subsequent rule did not, sudo would prompt for a password when it should not have.
  • When running a command as the invoking user (not root), sudo would execute the command with the same group vector it was started with. Sudo now executes the command with a new group vector based on the group database which is consistent with how su(1) operates.
  • Fixed a double free in the SSSD back-end that could occur when ipa_hostname is present in sssd.conf and is set to an unqualified host name.
  • When I/O logging is enabled, sudo will now write to the terminal even when it is a background process. Previously, sudo would only write to the tty when it was the foreground process when I/O logging was enabled. If the TOSTOP terminal flag is set, sudo will suspend the command (and then itself) with the SIGTTOU signal.
  • A new authfail_message sudoers option that overrides the default N incorrect password attempt(s).
  • An empty sudoRunAsUser attribute in the LDAP and SSSD backends will now match the invoking user. This is more consistent with how an empty runas user in the sudoers file is treated.
  • Documented that in check mode, visudo does not check the owner/mode on files specified with the -f flag. Bug #809.
  • It is now an error to specify the runas user as an empty string on the command line. Previously, an empty runas user was treated the same as an unspecified runas user. Bug #817.
  • When timestamp_type option is set to tty and a terminal is present, the time stamp record will now include the start time of the session leader. When the timestamp_type option is set to ppid or when no terminal is available, the start time of the parent process is used instead. This significantly reduces the likelihood of a time stamp record being re-used when a user logs out and back in again. Bug #818.
  • The sudoers time stamp file format is now documented in the new sudoers_timestamp manual.
  • The timestamp_type option now takes a kernel value on OpenBSD systems. This causes the tty-based time stamp to be stored in the kernel instead of on the file system. If no tty is present, the time stamp is considered to be invalid.
  • Visudo will now use the SUDO_EDITOR environment variable (if present) in addition to VISUAL and EDITOR.

New in Sudo 1.8.21p1 (Sep 4, 2017)

  • On systems that support both PAM and SIGINFO, the main sudo process will no longer forward SIGINFO to the command if the signal was generated from the keyboard. The command will have already received SIGINFO since it is part of the same process group so there's no need for sudo to forward it. This is consistent with the handling of SIGINT, SIGQUIT and SIGTSTP. Bug #796.
  • If SUDOERS_SEARCH_FILTER in ldap.conf does not specify a value, the LDAP search expression used when looking up netgroups and non-Unix groups had a syntax error if a group plugin was not specified.
  • sudo -U otheruser -l will now have an exit value of 0 even if otheruser has no sudo privileges. The exit value when a user attempts to lists their own privileges or when a command is specified is unchanged.
  • Fixed a regression introduced in sudo 1.8.21 where sudoreplay playback would hang for I/O logs that contain terminal input.
  • Sudo 1.8.18 contained an incomplete fix for the matching of entries in the LDAP and SSSD backends when a sudoRunAsGroup is specified but no sudoRunAsUser is present in the sudoRole.

New in Sudo 1.8.16 (Apr 6, 2016)

  • Fixed a compilation error on Solaris 10 with Stun Studio 12. Bug #727.
  • When preserving variables from the invoking user's environment, if there are duplicates sudo now only keeps the first instance.
  • Fixed a bug that could cause warning mail to be sent in list mode (sudo -l) for users without sudo privileges when the LDAP and SSSD backends are used.
  • Fixed a bug that prevented the "mail_no_user" option from working properly with the LDAP backend.
  • In the LDAP and SSSD backends, white space is now ignored between an operator (!, +, +=, -=) when parsing a sudoOption.
  • It is now possible to disable Path settings in sudo.conf by omitting the path name.
  • The sudoedit_checkdir Defaults option is now enabled by default and has been extended. When editing files with sudoedit, each directory in the path to be edited is now checked. If a directory is writable by the invoking user, symbolic links will not be followed. If the parent directory of the file to be edited is writable, sudoedit will refuse to edit it. Bug #707.
  • The netgroup_tuple Defaults option has been added to enable matching of the entire netgroup tuple, not just the host or user portion. Bug #717.
  • When matching commands based on the SHA2 digest, sudo will now use fexecve(2) to execute the command if it is available. This fixes a time of check versus time of use race condition when the directory holding the command is writable by the invoking user.
  • On AIX systems, sudo now caches the auth registry string along with password and group information. This fixes a potential problem when a user or group of the same name exists in multiple auth registries. For example, local and LDAP.
  • Fixed a crash in the SSSD backend when the invoking user is not found. Bug #732.
  • Added the --enable-asan configure flag to enable address sanitizer support. A few minor memory leaks have been plugged to quiet the ASAN leak detector.
  • The value of _PATH_SUDO_CONF may once again be overridden via Bug #735.
  • The sudoers2ldif script now handles multiple roles with same name.
  • Fixed a compilation error on systems that have the posix_spawn() and posix_spawnp() functions but an unusable spawn.h header. Bug #730.
  • Fixed support for negating character classes in sudo's version of the fnmatch() function.
  • Fixed a bug in the LDAP and SSSD backends that could allow an unauthorized user to list another user's privileges. Bug #738.
  • The PAM conversation function now works around an ambiguity in the PAM spec with respect to multiple messages. Bug #726.
  • Updated translations from translationproject.org.

New in Sudo 1.8.15 (Nov 8, 2015)

  • Fixed a bug that prevented sudo from building outside the source tree on some platforms. Bug #708.
  • Fixed the location of the sssd library in the RHEL/Centos packages. Bug #710.
  • Fixed a build problem on systems that don't implicitly include sys/types.h from other header files. Bug #711.
  • Fixed a problem on Linux using containers where sudo would ignore signals sent by a process in a different container.
  • Sudo now refuses to run a command if the PAM session module returns an error.
  • When editing files with sudoedit, symbolic links will no longer be followed by default. The old behavior can be restored by enabling the sudoedit_follow option in sudoers or on a per-command basis with the FOLLOW and NOFOLLOW tags. Bug #707.
  • Fixed a bug introduced in version 1.8.14 that caused the last valid editor in the sudoers "editor" list to be used by visudo and sudoedit instead of the first. Bug #714.
  • Fixed a bug in visudo that prevented the addition of a final newline to edited files without one.
  • Fixed a bug decoding certain base64 digests in sudoers when the intermediate format included a '=' character.
  • Individual records are now locked in the time stamp file instead of the entire file. This allows sudo to avoid prompting for a password multiple times on the same terminal when used in a pipeline. In other words, sudo cat foo | sudo grep bar now only prompts for the password once. Previously, both sudo processes would prompt for a password, often making it impossible to enter. Bug #705.
  • Fixed a bug where sudo would fail to run commands as a non-root user on systems that lack both setresuid() and setreuid(). Bug #713.
  • Fixed a bug introduced in sudo 1.8.14 that prevented visudo from re-editing the correct file when a syntax error was detected.
  • Fixed a bug where sudo would not relay a SIGHUP signal to the command when the terminal is closed and the command is not run in its own pseudo-tty. Bug #719.
  • If some, but not all, of the LOGNAME, USER or USERNAME environment variables have been preserved from the invoking user's environment, sudo will now use the preserved value to set the remaining variables instead of using the runas user. This ensures that if, for example, only LOGNAME is present in the env_keep list, that sudo will not set USER and USERNAME to the runas user.
  • When the command sudo is running dies due to a signal, sudo will now send itself that same signal with the default signal handler installed instead of exiting. The bash shell appears to ignore some signals, e.g. SIGINT, unless the command being run is killed by that signal. This makes the behavior of commands run under sudo the same as without sudo when bash is the shell. Bug #722.
  • Slovak translation for sudo from translationproject.org.
  • Hungarian and Slovak translations for sudoers from translationproject.org.
  • Previously, when env_reset was enabled (the default) and the -s option was not used, the SHELL environment variable was set to the shell of the invoking user. Now, when env_reset is enabled and the -s option is not used, SHELL is set based on the target user.
  • Fixed challenge/response style BSD authentication.
  • Added the sudoedit_checkdir Defaults option to prevent sudoedit from editing files located in a directory that is writable by the invoking user.
  • Added the always_query_group_plugin Defaults option to control whether groups not found in the system group database are passed to the group plugin. Previously, unknown system groups were always passed to the group plugin.
  • When creating a new file, sudoedit will now check that the file's parent directory exists before running the editor.
  • Fixed the compiler stack protector test in configure for compilers that support -fstack-protector but don't actually have the ssp library available.

New in Sudo 1.8.14p3 (Jul 22, 2015)

  • Fixed a bug introduced in sudo 1.8.14p2 that prevented sudo from working when no tty was present.
  • Fixed tty detection on newer AIX systems where dev_t is 64-bit.

New in Sudo 1.8.14p2 (Jul 21, 2015)

  • Fixed a bug introduced in sudo 1.8.14 that prevented the lecture file from being created.

New in Sudo 1.8.14p1 (Jul 19, 2015)

  • Fixed a bug introduced in sudo 1.8.14 that prevented the sssd backend from working.

New in Sudo 1.8.14 (Jul 17, 2015)

  • Log messages on Mac OS X now respect sudoers_locale when sudo is build with NLS support.
  • The sudo manual pages now pass mandoc -Tlint with no warnings.
  • Fixed a compilation problem on systems with the sig2str() function that do not define SIG2STR_MAX in signal.h.
  • Worked around a compiler bug that resulted in unexpected behavior when returning an int from a function declared to return bool without an explicit cast.
  • Worked around a bug in Mac OS X 10.10 BSD auditing where the au_preselect() fails for AUE_sudo events but succeeds for AUE_DARWIN_sudo.
  • Fixed a hang on Linux systems with glibc when sudo is linked with jemalloc.
  • When the user runs a command as a user ID that is not present in the password database via the -u flag, the command is now run with the group ID of the invoking user instead of group ID 0.
  • Fixed a compilation problem on systems that don't pull in definitions of uid_t and gid_t without sys/types.h or unistd.h.
  • Fixed a compilation problem on newer AIX systems which use a struct st_timespec for time stamps in struct stat that differs from struct timespec. Bug #702.
  • The example directory is now configurable via --with-exampledir and defaults to DATAROOTDIR/examples/sudo on BSD systems.
  • The /usr/lib/tmpfiles.d/sudo.conf file is now installed as part of "make install" when systemd is in use.
  • Fixed a linker problem on some systems with libintl. Bug #690.
  • Fixed compilation with compilers that don't support __func__ or __FUNCTION__.
  • Sudo no longer needs to uses weak symbols to support localization in the warning functions. A registration function is used instead.
  • Fixed a setresuid() failure in sudoers on Linux kernels where uid changes take the nproc resource limit into account.
  • Fixed LDAP netgroup queries on AIX.
  • Sudo will now display the custom prompt on Linux systems with PAM even if the "Password: " prompt is not localized by the PAM module. Bug #701.
  • Double-quoted values in an LDAP sudoOption are now supported for consistency with file-based sudoers.
  • Fixed a bug that prevented the btime entry in /proc/stat from being parsed on Linux.

New in Sudo 1.8.13 (Apr 29, 2015)

  • The examples directory is now a subdirectory of the doc dir to conform to Debian guidelines. Bug #682.
  • Fixed a compilation error for siglist.c and signame.c on some systems. Bug #686.
  • Weak symbols are now used for sudo_warn_gettext() and sudo_warn_strerror() in libsudo_util to avoid link errors when -Wl,--no-undefined is used in LDFLAGS. The --disable-weak-symbols configure option can be used to disable the user of weak symbols.
  • Fixed a bug in sudo's mkstemps() replacement function that prevented the file extension from being preserved in sudoedit.
  • A new mail_all_cmnds sudoers flag will send mail when a user runs a command (or tries to). The behavior of the mail_always flag has been restored to always send mail when sudo is run.
  • New MAIL and NOMAIL command tags have been added to toggle mail sending behavior on a per-command (or Cmnd_Alias) basis.
  • Fixed matching of empty passwords when sudo is configured to use passwd (or shadow) file authentication on systems where the crypt() function returns NULL for invalid salts.
  • On AIX, sudo now uses the value of the auth_type setting in /etc/security/login.cfg to determine whether to use LAM or PAM for user authentication.
  • The all setting for listpw and verifypw now works correctly with LDAP and sssd sudoers.
  • The sudo timestamp directory is now created at boot time on platforms that use systemd.
  • Sudo will now restore the value of the SIGPIPE handler before executing the command.
  • Sudo now uses struct timespec instead of struct timeval for time keeping when possible. If supported, sudoedit and visudo now use nanosecond granularity time stamps.
  • Fixed a symbol name collision with systems that have their own SHA2 implementation. This fixes a problem where PAM could use the wrong SHA2 implementation on Solaris 10 systems configured to use SHA512 for passwords.
  • The editor invoked by sudoedit once again uses an unmodified copy of the user's environment as per the documentation. This was inadvertantly changed in sudo 1.8.0. Bug #688.

New in Sudo 1.8.11p2 (Oct 30, 2014)

  • Fixed a bug where dynamic shared objects loaded from a plugin could use the hooked version of getenv() but not the hooked versions of putenv(), setenv() or unsetenv(). This can cause problems for PAM modules that use those functions.

New in Sudo 1.8.9p5 (Feb 7, 2014)

  • Fixed a compilation error on AIX when LDAP support is enabled.
  • Fixed parsing of the "umask" defaults setting in sudoers. Bug #632.
  • Fixed a failed assertion when the "closefrom_override" defaults setting is enabled in sudoers and sudo's -C flag is used. Bug #633.

New in Sudo 1.8.9p4 (Jan 16, 2014)

  • Fixed a bug where sudo could consume large amounts of CPU while the command was running when I/O logging is not enabled. Bug #631
  • Fixed a bug where sudo would exit with an error when the debug level is set to util@debug or all@debug and I/O logging is not enabled. The command would continue runnning after sudo exited.

New in Sudo 1.8.3 (Oct 24, 2011)

  • Added tag SUDO_1_8_3 for changeset 82bec4d3a203
  • Update Japanese sudoers translation from translationproject.org

New in Sudo 1.7.4p5 (Jan 13, 2011)

  • A bug has been fixed that would allow a command to be run without the user entering a password when sudo's -g flag is used without the -u flag.
  • If user has no supplementary groups, sudo will now fall back on checking the group file explicitly, which restores historic sudo behavior.
  • A crash has been fixed when sudo's -g flag is used without the -u flag and the sudoers file contains an entry with no runas user or group listed.
  • A bug has been fixed in the I/O logging support that could cause visual artifacts in full-screen programs such as text editors,.
  • A crash has been fixed when the Solaris project support is enabled and sudo's -g flag is used without the -u flag.
  • Sudo no longer exits with an error when support for auditing is compiled in but auditing is not enabled.
  • Fixed a bug introduced in sudo 1.7.3 where the ticket file was not being honored when the "targetpw" sudoers Defaults option was enabled.
  • The LOG_INPUT and LOG_OUTPUT tags in sudoers are now parsed correctly.
  • A crash has been fixed in "sudo -l" when sudo is built with auditing support and the user is not allowed to run any commands on the host.

New in Sudo 1.7.4p2 (Aug 9, 2010)

  • A bug where sudo could spin in a busy loop waiting for the child process was fixed.
  • A bug introduced in sudo 1.7.3 that prevented the -k and -K options from functioning when the tty_tickets sudoers option is enabled was fixed.
  • Sudo no longer prints a warning when the -k or -K options are specified and the ticket file does not exist.

New in Sudo 1.7.4 (Aug 3, 2010)

  • Sudoedit will now preserve the file extension in the name of the temporary file being edited. The extension is used by some editors (such as emacs) to choose the editing mode.
  • Time stamp files have moved from /var/run/sudo to either /var/db/sudo, /var/lib/sudo or /var/adm/sudo. The directories are checked for existence in that order. This prevents users from receiving the sudo lecture every time the system reboots. Time stamp files older than the boot time are ignored on systems where it is possible to determine this.
  • Ancillary documentation (README files, LICENSE, etc) is now installed in a sudo documentation directory.
  • Sudo now recognizes "tls_cacert" as an alias for "tls_cacertfile" in ldap.conf.
  • Defaults settings that are tied to a user, host or command may now include the negation operator. For example:
  • Defaults:!millert lecture
  • will match any user but millert.
  • The default PATH environment variable, used when no PATH variable exists, now includes /usr/sbin and /sbin.
  • Sudo now uses polypkg (http://rc.quest.com/topics/polypkg/) for cross-platform packing.
  • On Linux, sudo will now restore the nproc resource limit before executing a command, unless the limit appears to have been modified by pam_limits. This avoids a problem with bash scripts that open more than 32 descriptors on SuSE Linux, where sysconf(_SC_CHILD_MAX) will return -1 when RLIMIT_NPROC is set to RLIMIT_UNLIMITED (-1).
  • Visudo will now treat an unrecognized Defaults entry as a parse error (sudo will warn but still run).
  • The HOME and MAIL environment variables are now reset based on the target user's password database entry when the env_reset sudoers option is enabled (which is the case in the default configuration). Users wishing to preserve the original values should use a sudoers entry like:
  • Defaults env_keep += HOME
  • to preserve the old value of HOME and
  • Defaults env_keep += MAIL
  • to preserve the old value of MAIL.
  • The tty_tickets option is now on by default.
  • Fixed a problem in the restoration of the AIX authdb registry setting.
  • If PAM is in use, wait until the process has finished before closing the PAM session.
  • Fixed "sudo -i -u user" where user has no shell listed in the password database.
  • When logging I/O, sudo now handles pty read/write returning ENXIO, as seen on FreeBSD when the login session has been killed.
  • Sudo now performs I/O logging in the C locale. This avoids locale-related issues when parsing floating point numbers in the timing file.
  • Added support for Ubuntu-style admin flag dot files.