From 025c439e829e0db9ac511cd9c1b8d5fd53475ead Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Mon, 15 Apr 2024 15:14:46 +0200
Subject: Adding upstream version 1.9.15p5.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 plugins/sudoers/regress/testsudoers/test26.out.ok | 57 +++++++++++++++++++++++
 1 file changed, 57 insertions(+)
 create mode 100644 plugins/sudoers/regress/testsudoers/test26.out.ok

(limited to 'plugins/sudoers/regress/testsudoers/test26.out.ok')

diff --git a/plugins/sudoers/regress/testsudoers/test26.out.ok b/plugins/sudoers/regress/testsudoers/test26.out.ok
new file mode 100644
index 0000000..281817c
--- /dev/null
+++ b/plugins/sudoers/regress/testsudoers/test26.out.ok
@@ -0,0 +1,57 @@
+A simple sudoers rule should not allow the user to chroot:
+Parses OK
+
+Entries for user root:
+
+ALL = /bin/ls
+	host  allowed
+	runas allowed
+	cmnd  allowed
+
+User root is not allowed to change root directory to /
+
+Password required
+
+Command denied
+
+User cannot override the sudoers chroot:
+Parses OK
+
+Entries for user root:
+
+ALL = CHROOT=/some/where/else /bin/ls
+	host  allowed
+	runas allowed
+	cmnd  unmatched
+
+Password required
+
+Command unmatched
+
+User can chroot if sudoers rule sets chroot to '*':
+Parses OK
+
+Entries for user root:
+
+ALL = CHROOT=* /bin/ls
+	host  allowed
+	runas allowed
+	cmnd  allowed
+
+Password required
+
+Command allowed
+
+User can chroot if runchroot Defaults is '*':
+Parses OK
+
+Entries for user root:
+
+ALL = /bin/ls
+	host  allowed
+	runas allowed
+	cmnd  allowed
+
+Password required
+
+Command allowed
-- 
cgit v1.2.3