head 1.10; access; symbols pkgsrc-2013Q2:1.10.0.54 pkgsrc-2013Q2-base:1.10 pkgsrc-2012Q4:1.10.0.52 pkgsrc-2012Q4-base:1.10 pkgsrc-2011Q4:1.10.0.50 pkgsrc-2011Q4-base:1.10 pkgsrc-2011Q2:1.10.0.48 pkgsrc-2011Q2-base:1.10 pkgsrc-2009Q4:1.10.0.46 pkgsrc-2009Q4-base:1.10 pkgsrc-2008Q4:1.10.0.44 pkgsrc-2008Q4-base:1.10 pkgsrc-2008Q3:1.10.0.42 pkgsrc-2008Q3-base:1.10 cube-native-xorg:1.10.0.40 cube-native-xorg-base:1.10 pkgsrc-2008Q2:1.10.0.38 pkgsrc-2008Q2-base:1.10 pkgsrc-2008Q1:1.10.0.36 pkgsrc-2008Q1-base:1.10 pkgsrc-2007Q4:1.10.0.34 pkgsrc-2007Q4-base:1.10 pkgsrc-2007Q3:1.10.0.32 pkgsrc-2007Q3-base:1.10 pkgsrc-2007Q2:1.10.0.30 pkgsrc-2007Q2-base:1.10 pkgsrc-2007Q1:1.10.0.28 pkgsrc-2007Q1-base:1.10 pkgsrc-2006Q4:1.10.0.26 pkgsrc-2006Q4-base:1.10 pkgsrc-2006Q3:1.10.0.24 pkgsrc-2006Q3-base:1.10 pkgsrc-2006Q2:1.10.0.22 pkgsrc-2006Q2-base:1.10 pkgsrc-2006Q1:1.10.0.20 pkgsrc-2006Q1-base:1.10 pkgsrc-2005Q4:1.10.0.18 pkgsrc-2005Q4-base:1.10 pkgsrc-2005Q3:1.10.0.16 pkgsrc-2005Q3-base:1.10 pkgsrc-2005Q2:1.10.0.14 pkgsrc-2005Q2-base:1.10 pkgsrc-2005Q1:1.10.0.12 pkgsrc-2005Q1-base:1.10 pkgsrc-2004Q4:1.10.0.10 pkgsrc-2004Q4-base:1.10 pkgsrc-2004Q3:1.10.0.8 pkgsrc-2004Q3-base:1.10 pkgsrc-2004Q2:1.10.0.6 pkgsrc-2004Q2-base:1.10 pkgsrc-2004Q1:1.10.0.4 pkgsrc-2004Q1-base:1.10 pkgsrc-2003Q4:1.10.0.2 pkgsrc-2003Q4-base:1.10 netbsd-1-6-1:1.9.0.2 netbsd-1-6-1-base:1.9 netbsd-1-6:1.8.0.8 netbsd-1-6-RELEASE-base:1.8 pkgviews:1.8.0.4 pkgviews-base:1.8 buildlink2-base:1.8 buildlink2:1.8.0.2 comdex-fall-1999:1.5 netbsd-1-4-PATCH001:1.4 netbsd-1-4-RELEASE:1.4 netbsd-1-3-PATCH003:1.4 netbsd-1-3-PATCH002:1.2 FreeBSD-current-1997-11-18:1.1.1.1 FREEBSD:1.1.1; locks; strict; comment @# @; 1.10 date 2003.04.01.16.07.22; author wiz; state dead; branches; next 1.9; 1.9 date 2002.08.25.21.50.48; author jlam; state Exp; branches; next 1.8; 1.8 date 2002.06.16.20.20.19; author wiz; state Exp; branches 1.8.2.1; next 1.7; 1.7 date 2002.06.16.20.16.52; author wiz; state Exp; branches; next 1.6; 1.6 date 99.12.30.22.51.29; author jlam; state dead; branches; next 1.5; 1.5 date 99.08.31.19.26.41; author jlam; state Exp; branches; next 1.4; 1.4 date 98.08.07.11.13.52; author agc; state Exp; branches; next 1.3; 1.3 date 98.07.01.19.09.42; author frueauf; state Exp; branches; next 1.2; 1.2 date 97.12.14.23.38.24; author hubertf; state Exp; branches; next 1.1; 1.1 date 97.12.14.23.27.01; author hubertf; state Exp; branches 1.1.1.1; next ; 1.8.2.1 date 2002.06.16.20.20.19; author jlam; state dead; branches; next 1.8.2.2; 1.8.2.2 date 2002.06.23.18.59.32; author jlam; state Exp; branches; next ; 1.1.1.1 date 97.12.14.23.27.01; author hubertf; state Exp; branches; next ; desc @@ 1.10 log @Update to 1.6.7p1 (1.6.7.1): 478) Wildcards now work correctly in the env_keep Defaults directive. 479) Added support for non-root timestamp dirs. This allows the timestamp dir to be shared via NFS (though this is not recommended). 480) Removed double printing of bad environment variable table in -V mode. 481) configure script has been regenerated with autoconf 2.5.7. This required some changes to configure.in. 482) Fixed a compilation problem on SunOS; thanks to Alek O. Komarnitsky. 483) SecurID 5.0 API support from Michael Stroucken. 484) Restore state of signal handlers to what we had upon startup. Fixes a problem when using sudo with nohup; thanks to Paul Markham. 485) Revamp set_perms() to use setresuid() or setreuid() when available in preference to POSIX stuff since they allow us to properly implement "stay_setuid" whereas POSIX does not really. 486) In strict mode sudo did not throw an error for undefined User_Aliases. 487) Fixed a Makefile bug on IRIX. 488) Write the prompt *after* turning off echo to avoid some password characters being echoed on heavily-loaded machines with fast typists. 489) Added %U and %H escapes in the prompt and fixed treatment of %%. 490) Visudo will now add a final newline to sudoers if the user's editor not add one before EOF. 491) The lexer state is now reset to its initial value on EOF. Previously, the state was not reset between parser invocations which could cause problems for visudo in rare cases. 492) Added support for Defaults that apply based on the RunasUser. 493) Sudo now includes copies of strlc{at,py} and uses them throughout. 494) Sudo is now careful to avoid interger overflow when allocating memory. This is one of those "should not happen" situations. 495) Added a configure option (--with-stow) to make sudo compatible with GNU stow. 496) auth/kerb5.c now compiles under Heimdal. 497) The volatile prefix is used in the hopes of preventing compilers from optimizing away memory zeroing. Unfortunately, this results in some warnings from gcc. 498) Better Kerberos IV/V support in the configure script. 499) Fixed a logic thinko in the SIGCHLD handler that caused problems with rlogin on HP-UX. 500) configure now adds -R to LDFLAGS when it adds -L for Solaris and SVR4. There is a configure option, --with-rpath, to control this. 501) On AIX, configure will pass extra directory paths to the linker via the -blibpath ld option. This is only active when additional library paths are used. It may be disabled via the --without-blibpath configure option. 502) The --with-skey and --with-opie configure options now take an optional directory argument that should have an include and lib dir for the skey/opie include file and library respectively. 503) Fixed false positives in the overflow detection of expand_prompt(). @ text @$NetBSD: patch-ac,v 1.9 2002/08/25 21:50:48 jlam Exp $ --- config.sub.old Mon Dec 31 14:02:47 2001 +++ config.sub Sun Jun 16 12:48:45 2002 @@@@ -235,7 +235,7 @@@@ | we32k | ns16k | clipper | i370 | sh | sh[34] \ | powerpc | powerpcle \ | 1750a | dsp16xx | pdp10 | pdp11 \ - | mips16 | mips64 | mipsel | mips64el \ + | mips16 | mips64 | mipseb | mipsel | mips64el \ | mips64orion | mips64orionel | mipstx39 | mipstx39el \ | mips64vr4300 | mips64vr4300el | mips64vr4100 | mips64vr4100el \ | mips64vr5000 | mips64vr5000el | mcore | s390 | s390x \ @@@@ -281,7 +281,7 @@@@ | clipper-* | orion-* \ | sparclite-* | pdp10-* | pdp11-* | sh-* | sh[34]-* | sh[34]eb-* \ | powerpc-* | powerpcle-* | sparc64-* | sparcv9-* | sparcv9b-* | sparc86x-* \ - | mips16-* | mips64-* | mipsel-* \ + | mips16-* | mips64-* | mipsel-* | mipseb-* \ | mips64el-* | mips64orion-* | mips64orionel-* \ | mips64vr4100-* | mips64vr4100el-* | mips64vr4300-* | mips64vr4300el-* \ | mipstx39-* | mipstx39el-* | mcore-* \ @ 1.9 log @Merge packages from the buildlink2 branch back into the main trunk that have been converted to USE_BUILDLINK2. @ text @d1 1 a1 1 $NetBSD: patch-ac,v 1.8.2.1 2002/06/23 18:59:32 jlam Exp $ @ 1.8 log @Add RCS Id. @ text @d1 1 a1 1 $NetBSD$ @ 1.8.2.1 log @file patch-ac was added on branch buildlink2 on 2002-06-23 18:59:32 +0000 @ text @d1 22 @ 1.8.2.2 log @Merge from pkgsrc-current to buildlink2 branch. @ text @a0 22 $NetBSD: patch-ac,v 1.8.2.1 2002/06/23 18:59:32 jlam Exp $ --- config.sub.old Mon Dec 31 14:02:47 2001 +++ config.sub Sun Jun 16 12:48:45 2002 @@@@ -235,7 +235,7 @@@@ | we32k | ns16k | clipper | i370 | sh | sh[34] \ | powerpc | powerpcle \ | 1750a | dsp16xx | pdp10 | pdp11 \ - | mips16 | mips64 | mipsel | mips64el \ + | mips16 | mips64 | mipseb | mipsel | mips64el \ | mips64orion | mips64orionel | mipstx39 | mipstx39el \ | mips64vr4300 | mips64vr4300el | mips64vr4100 | mips64vr4100el \ | mips64vr5000 | mips64vr5000el | mcore | s390 | s390x \ @@@@ -281,7 +281,7 @@@@ | clipper-* | orion-* \ | sparclite-* | pdp10-* | pdp11-* | sh-* | sh[34]-* | sh[34]eb-* \ | powerpc-* | powerpcle-* | sparc64-* | sparcv9-* | sparcv9b-* | sparc86x-* \ - | mips16-* | mips64-* | mipsel-* \ + | mips16-* | mips64-* | mipsel-* | mipseb-* \ | mips64el-* | mips64orion-* | mips64orionel-* \ | mips64vr4100-* | mips64vr4100el-* | mips64vr4300-* | mips64vr4300el-* \ | mipstx39-* | mipstx39el-* | mcore-* \ @ 1.7 log @Add recognition of mipseb systems to config.sub. (thanks, jason!) Closes pkg/17212. While here, fix compilation with kerberos5. @ text @d1 2 @ 1.6 log @CHANGES @ text @d1 20 a20 14 $NetBSD: patch-ac,v 1.5 1999/08/31 19:26:41 jlam Exp $ --- sudo.man.orig Sun Mar 28 23:37:03 1999 +++ sudo.man Sun Aug 29 05:44:36 1999 @@@@ -198,7 +198,8 @@@@ .SH "DESCRIPTION" \fBsudo\fR allows a permitted user to execute a \fIcommand\fR as the superuser (real and effective uid and gid are set -to \f(CW0\fR and root's group as set in the passwd file respectively). +to \f(CW0\fR and root's group as set in the passwd file respectively) +by using the user's own password. .PP \fBsudo\fR determines who is an authorized user by consulting the file \fI/etc/sudoers\fR. By giving \fBsudo\fR the \f(CW-v\fR flag a user @ 1.5 log @Update sudo to 1.5.9p4. It's the latest stable security release. @ text @d1 1 a1 1 $NetBSD$ @ 1.4 log @Add NetBSD RCS Ids. @ text @d3 3 a5 3 --- sudo.man.orig Tue Jan 13 06:00:17 1998 +++ sudo.man Wed Jul 1 20:11:51 1998 @@@@ -195,10 +195,11 @@@@ d14 1 a14 14 -file \fI/etc/sudoers\fR. By giving \fBsudo\fR the \f(CW-v\fR flag a user +file \fI/usr/pkg/etc/sudoers\fR. By giving \fBsudo\fR the \f(CW-v\fR flag a user can update the time stamp without running a \fIcommand.\fR The password prompt itself will also time out if the password is not entered with N minutes (again, this is defined at installation @@@@ -321,7 +322,7 @@@@ .SH "FILES" .PP .Vb 1 -\& /etc/sudoers file of authorized users. +\& /usr/pkg/etc/sudoers file of authorized users. .Ve .SH "ENVIRONMENT VARIABLES" .PP @ 1.3 log @Update to sudo-1.5.4p1. @ text @d1 2 @ 1.2 log @Update for NetBSD, mostly by Soren S. Jorvang @ text @d1 5 a5 5 --- ./sudo.man.org Wed Nov 13 17:58:50 1996 +++ ./sudo.man Mon Dec 9 20:44:48 1996 @@@@ -180,10 +180,11 @@@@ .IX Header "DESCRIPTION" \fBsudo\fR allows a permitted user to execute a \fIcommand\fR d18 1 a18 1 .IX Header "FILES" a24 82 .IX Header "ENVIRONMENT VARIABLES" --- ./sudoers.man.org Wed Nov 13 17:58:50 1996 +++ ./sudoers.man Mon Dec 9 20:38:43 1996 @@@@ -296,7 +296,7 @@@@ \fB\s-1DO\s0 \s-1NOT\s0\fR define an alias of \fI\s-1ALL\s0\fR, it will \fB\s-1NOT\s0\fR be used. Note that \fI\s-1ALL\s0\fR implies the entire universe of hosts/users/commands. You can subtract elements from the universe by using the syntax: - user host=\s-1ALL\s0,!\s-1ALIAS1\s0,!/etc/halt... + user host=\s-1ALL\s0,!\s-1ALIAS1\s0,!/sbin/halt... Note that the \*(L"!\*(R" notation only works in a user's command list. You may not use it to subtract elements in a User_Alias, Host_Alias, Cmnd_Alias or user list. @@@@ -334,7 +334,7 @@@@ \& Cmnd_Alias SHELLS=/bin/sh,/bin/csh,/bin/tcsh,/bin/ksh \& Cmnd_Alias SU=/bin/su \& Cmnd_Alias MISC=/bin/rm,/bin/cat:\e -\& SHUTDOWN=/etc/halt,/etc/shutdown +\& SHUTDOWN=/sbin/halt,/sbin/shutdown .Ve .Vb 14 \& # User specification @@@@ -344,11 +344,11 @@@@ \& +interns +openlabs=ALL,!SHELLS,!SU \& britt REMOTE=SHUTDOWN:ALL=LPCS \& jimbo CUNETS=/bin/su ?*,!/bin/su root -\& nieusma SERVERS=SHUTDOWN,/etc/reboot:\e +\& nieusma SERVERS=SHUTDOWN,/sbin/reboot:\e \& HUB=ALL,!SHELLS -\& jill houdini=/etc/shutdown -[hr] now,MISC -\& markm HUB=ALL,!MISC,!/etc/shutdown,!/etc/halt -\& davehieb merlin=(OP) ALL:SERVERS=/etc/halt:\e +\& jill houdini=/sbin/shutdown -[hr] now,MISC +\& markm HUB=ALL,!MISC,!/sbin/shutdown,!/sbin/halt +\& davehieb merlin=(OP) ALL:SERVERS=/sbin/halt:\e \& kodiakthorn=NOPASSWD: ALL \& steve CSNETS=(operator) /usr/op_commands/ .Ve @@@@ -405,24 +405,24 @@@@ .Ip "nieusma" 16 .IX Item "nieusma" The user \f(CWnieusma\fR may run commands in the \f(CWSHUTDOWN\fR alias -as well as \fI/etc/reboot\fR on the \f(CWSERVER\fR machines and +as well as \fI/sbin/reboot\fR on the \f(CWSERVER\fR machines and any command except those in the \f(CWSHELLS\fR alias on the \f(CWHUB\fR machines. .Ip "jill" 16 .IX Item "jill" -The user \f(CWjill\fR may run \f(CW/etc/shutdown -h now\fR or -\f(CW/etc/shutdown -r now\fR as well as the commands in the +The user \f(CWjill\fR may run \f(CW/sbin/shutdown -h now\fR or +\f(CW/sbin/shutdown -r now\fR as well as the commands in the \f(CWMISC\fR alias on houdini. .Ip "markm" 16 .IX Item "markm" The user \f(CWmarkm\fR may run any command on the \f(CWHUB\fR machines -except \fI/etc/shutdown\fR, \fI/etc/halt\fR, and commands listed +except \fI/sbin/shutdown\fR, \fI/sbin/halt\fR, and commands listed in the \f(CWMISC\fR alias. .Ip "davehieb" 16 .IX Item "davehieb" The user \f(CWdavehieb\fR may run any command on \f(CWmerlin\fR as any user in the Runas_Alias \s-1OP\s0 (ie: root or operator). He may -also run \fI/etc/halt\fR on the \f(CWSERVERS\fR and any command +also run \fI/sbin/halt\fR on the \f(CWSERVERS\fR and any command on \f(CWkodiakthorn\fR (no password required on \f(CWkodiakthorn\fR). .Ip "steve" 16 .IX Item "steve" @@@@ -438,8 +438,8 @@@@ .IX Header "FILES" .PP .Vb 2 -\& /etc/sudoers file of authorized users. -\& /etc/netgroup list of network groups. +\& /usr/pkg/etc/sudoers file of authorized users. +\& /etc/netgroup list of network groups. .Ve .SH "SEE ALSO" .IX Header "SEE ALSO" --- ./visudo.man.org Wed Nov 13 17:58:51 1996 +++ ./visudo.man Mon Dec 9 20:39:01 1996 @@@@ -211,8 +211,8 @@@@ .IX Header "FILES" a25 8 .Vb 2 -\& /etc/sudoers file of authorized users. -\& /etc/stmp lock file for visudo. +\& /usr/pkg/etc/sudoers file of authorized users. +\& /usr/pkg/etc/stmp lock file for visudo. .Ve .SH "ENVIRONMENT VARIABLES" .IX Header "ENVIRONMENT VARIABLES" @ 1.1 log @Initial revision @ text @d13 1 a13 1 +file \fI/usr/local/etc/sudoers\fR. By giving \fBsudo\fR the \f(CW-v\fR flag a user d22 1 a22 1 +\& /usr/local/etc/sudoers file of authorized users. d98 1 a98 1 +\& /usr/local/etc/sudoers file of authorized users. d111 2 a112 2 +\& /usr/local/etc/sudoers file of authorized users. +\& /usr/local/etc/stmp lock file for visudo. @ 1.1.1.1 log @Import vanialla FreeBSD sudo. @ text @@