diff options
Diffstat (limited to 'debian')
68 files changed, 4033 insertions, 0 deletions
diff --git a/debian/NEWS b/debian/NEWS new file mode 100644 index 0000000..f062920 --- /dev/null +++ b/debian/NEWS @@ -0,0 +1,49 @@ +sudo (1.9.5p2-3) unstable; urgency=medium + + We have added "Defaults use_pty" to the default configuration. This fixes + CVE-2005-4890 which has been lingering around for more then a decade. + If you would like the old behavior back, please remove the respective line + from /etc/sudoers. + + -- Marc Haber <mh+debian-packages@zugschlus.de> Wed, 24 Feb 2021 17:59:22 +0100 + +sudo (1.8.2-1) unstable; urgency=low + + The sudo package is no longer configured using --with-secure-path. + Instead, the provided sudoers file now contains a line declaring + 'Defaults secure_path=' with the same path content that was previously + hard-coded in the binary. A consequence of this change is that if you + do not have such a definition in sudoers, the PATH searched for commands + by sudo may be empty. + + Using explicit paths for each command you want to run with sudo will work + well enough to allow the sudoers file to be updated with a suitable entry + if one is not already present and you choose to not accept the updated + version provided by the package. + + -- Bdale Garbee <bdale@gag.com> Wed, 24 Aug 2011 13:33:11 -0600 + +sudo (1.7.4p4-2) unstable; urgency=low + + The HOME and MAIL environment variables are now reset based on the + target user's password database entry when the env_reset sudoers option + is enabled (which is the case in the default configuration). Users + wishing to preserve the original values should use a sudoers entry like: + Defaults env_keep += HOME + to preserve the old value of HOME and + Defaults env_keep += MAIL + to preserve the old value of MAIL. + + The change in handling of HOME is known to affect programs like pbuilder. + + -- Bdale Garbee <bdale@gag.com> Wed, 08 Sep 2010 14:29:16 -0600 + +sudo (1.6.8p12-5) unstable; urgency=low + + The sudo package is no longer configured --with-exempt=sudo. If you + depend on members of group sudo being able to run sudo without needing + a password, you will need to put "%sudo ALL=NOPASSWD: ALL" in + /etc/sudoers to preserve equivalent functionality. + + -- Bdale Garbee <bdale@gag.com> Tue, 3 Apr 2007 21:13:39 -0600 + diff --git a/debian/OPTIONS b/debian/OPTIONS new file mode 100644 index 0000000..89df725 --- /dev/null +++ b/debian/OPTIONS @@ -0,0 +1,151 @@ +The following options were used to configure sudo for Debian GNU/Linux. + + --with-all-insults + + Include all the insults in the binary, won't be enabled unless turned + on in the sudoers file. + + --with-pam + + enable PAM support + + --with-pam-login + + enable specific PAM session for sudo -i + + --with-fqdn + + expect fully qualified hosts in sudoers + + --with-logging=syslog + --with-logfac=authpriv + + Where logging information goes. + + --with-env-editor + --with-editor=/usr/bin/editor + + Honor the EDITOR and VISUAL environment variables. If they are not + present, default to the preferred systemwide default editor. + + --with-exampledir=/usr/share/doc/sudo(-ldap)/examples + + Where sudo examples are installed + + --with-timeout=15 + --with-password-timeout=0 + --with-passprompt="[sudo] password for %p: " + + Allow 15 minutes before a user has to re-type their passord, versus + the sudo usual default of 5. Never time out while waiting for a + password to be typed, this is important to Debian package developers + using 'dpkg-buildpackage -rsudo'. Make it clear which password is + requested. + + --with-tty-tickets + + use a different ticket file for each tty + + --without-lecture + + don't print lecture for first-time sudoer + + --disable-root-mailer + + Don't run the mailer as root, run as the user + + --with-sendmail=/usr/sbin/sendmail + + Use Debian policy to know the location of sendmail instead of trying + to detect it at build time. + + --with-rundir=/run/sudo + + directory for sudo-specific files that do not + survive a system reboot, e.g. `/run/sudo' + + --with-sssd --with-sssd-lib=/usr/lib/$(DEB_HOST_MULTIARCH) + + enable SSSD support and configure where the sssd library lives + + --enable-zlib=system + + use Debian's zlib + + --enable-admin-flag + + Create a Ubuntu-style admin flag file + + --with-selinux + + enable SELinux support + + --with-linux-audit + + enable Linux audit support + + --enable-tmpfiles.d=/usr/lib/tmpfiles.d + + Set the path to the systemd tmpfiles.d directory. + + --with-ldap + --with-ldap-conf-file=/etc/sudo-ldap.conf + --docdir=/usr/share/doc/sudo-ldap + + Support for LDAP authentication, in the sudo-ldap package version only. + +the following configure flags are added implicitly by the Debian build system and +might change without maintainers noticing explicitly + + --build=x86_64-linux-gnu + + Set build environment triplet + + --prefix=/usr + + Build for installation in /usr + + --includedir=\${prefix}/include + + Where our C header files are + + --mandir=\${prefix}/share/man + + man documentation + + --infodir=\${prefix}/share/info + + info documentation + + --sysconfdir=/etc + + read-only single-machine data + + --localstatedir=/var + + modifiable single-machine data + + --disable-option-checking + + ignore unrecognized --enable/--with options + + --disable-silent-rules + + undocumented in configure --help + + --libdir=\${prefix}/lib/x86_64-linux-gnu + + object code libraries + + --runstatedir=/run + + modifiable per-process data + + --disable-maintainer-mode + + undocumented in configure --help + + --disable-dependency-tracking + + undocumented in configure --help + diff --git a/debian/README.Debian b/debian/README.Debian new file mode 100644 index 0000000..413d529 --- /dev/null +++ b/debian/README.Debian @@ -0,0 +1,56 @@ +The version of sudo that ships with Debian by default resets the +environment, as described by the "env_reset" flag in the sudoers file. + +This implies that all environment variables are removed, except for +LOGNAME, PATH, SHELL, TERM, DISPLAY, XAUTHORITY, XAUTHORIZATION, XAPPLRESDIR, +XFILESEARCHPATH, XUSERFILESEARCHPATH, LANG, LANGUAGE, LC_*, and USER. + +In case you want sudo to preserve more environment variables, you must +specify the env_keep variable in the sudoers file. You should edit the +sudoers file using the visudo tool. + +Examples: +Preserve the default variables plus the EDITOR variable: + + Defaults env_keep+="EDITOR" + +Preserve the default variables plus all variables starting with LC_: + + Defaults env_keep+="LC_*" + + - - - - - + +If you're using the sudo-ldap package, note that it is now configured to +look for /etc/sudo-ldap.conf. Depending on your system configuration, it +probably makes sense for this to be a symlink to /etc/ldap.conf, or perhaps +to /etc/libnss-ldap.conf or /etc/pam_ldap.conf. By default, no symlink or +file is provided, you'll need to decide what to do and create a suitable +file before sudo-ldap will work. + + - - - - - + +As of version 1.7, sudo-ldap now requires the LDAP source to be specified +in /etc/nsswitch.conf with a line like: + + sudoers: ldap + + - - - - - + +Note that the support for the sss provider (libsss_sudo.so) that allows sudo +to use SSSD as a cache for policies stored in LDAP is included in the sudo +package, not in the sudo-ldap package. I have some hope that this turns out +to be a better overall solution for using sudo with LDAP, as the sudo-ldap +package is difficult to maintain and I'd love to be able to eliminate it! + + - - - - - + +See the file OPTIONS in this directory for more information on the sudo +build options used in building the Debian package. + + - - - - - + +If you're having trouble grasping the fundamental idea of what sudo is all +about, here's a succinct and humorous take on it... + + http://www.xkcd.com/c149.html + diff --git a/debian/changelog b/debian/changelog new file mode 100644 index 0000000..1b8506d --- /dev/null +++ b/debian/changelog @@ -0,0 +1,1679 @@ +sudo (1.9.13p3-1+deb12u1) bookworm; urgency=medium + + * add upstream patch to fix event log format. + Thanks to Kimmo Suominen (Closes: #1039557) + + -- Marc Haber <mh+debian-packages@zugschlus.de> Tue, 27 Jun 2023 13:45:00 +0200 + +sudo (1.9.13p3-1) unstable; urgency=medium + + * new upstream version: + * Fix potential double free for CHROOT= rules + CVE-2023-27320. (Closes: #1032163) + * Fix --enable-static-sudoers regression + * check for overflow as result of fuzzing efforts + * Fix parser regression disallowing rules for user "list" + * Fix eventloop hang if there is /dev/tty data + * Fix sudo -l command args regression + * Fix sudo -l -U someuser regression + * Fix list privs regression + + -- Marc Haber <mh+debian-packages@zugschlus.de> Wed, 08 Mar 2023 21:17:05 +0100 + +sudo (1.9.13p1-1) unstable; urgency=medium + + * new upstream version 1.9.13p1 + * remove unnecessary changelog creation patch + * remove lsb-base from dependencies + + -- Marc Haber <mh+debian-packages@zugschlus.de> Sat, 18 Feb 2023 13:03:19 +0100 + +sudo (1.9.12p2-1) unstable; urgency=high + + * new upstream version 1.9.12p2 + * this fixes CVE-2023-22809: + Sudoedit can edit arbitrary files + + -- Marc Haber <mh+debian-packages@zugschlus.de> Wed, 18 Jan 2023 16:19:23 +0100 + +sudo (1.9.12p1-1) unstable; urgency=low + + * new upstream version 1.9.12p1 + * update patches + * update debian/copyright + * Add upstream patch to silence libgcrypt error message. + Thanks to Francesco P. Lovergine (Closes: #1019428) + * Standards-Version: 4.6.2 (no changes necessary) + * clean out obsolete lintian overrides + * Add patch to disable regeneration of upstream ChangeLog from git. + Thanks to Gioele Barabucci (Closes: #1025740) + * remove extra whitespace from debconf-get-selections output. + * add autopkgtest for sudo with sssd (Closes: #1004910) + + [ Niels Thykier ] + * Support building sudo without (fake)root. + + [ Gioele Barabucci ] + * Use dh_installnss to add ldap to sudoers NSS database + * Add libnss-sudo package. (Closes: #1023524) + + -- Marc Haber <mh+debian-packages@zugschlus.de> Sun, 15 Jan 2023 13:58:48 +0100 + +sudo (1.9.11p3-1) unstable; urgency=low + + * new upstream version 1.9.11p3 + + -- Marc Haber <mh+debian-packages@zugschlus.de> Wed, 23 Mar 2022 10:50:16 +0100 + +sudo (1.9.10-3) unstable; urgency=medium + + * some changes to 03-getroot-ldap autopkgtest to find out + about ppc64el failure + + -- Marc Haber <mh+debian-packages@zugschlus.de> Wed, 23 Mar 2022 10:38:39 +0100 + +sudo (1.9.10-2) unstable; urgency=medium + + * upload to unstable (fixed autopkgtest is needed to allow + adduser to migrate) + + -- Marc Haber <mh+debian-packages@zugschlus.de> Mon, 21 Mar 2022 11:49:06 +0100 + +sudo (1.9.10-1) experimental; urgency=medium + + * new upstream version + * unverified upstream changelog + * implement workaround if /proc/self/stat is invalid. + (Closes: #940533) + * Fix compilation problem on kFreeBSD. (Closes: #1004909) + (different fix than the Debian patch, disable Debian patch) + * get rid of e-mails "problem with defaults entries" in sss + configurations. (Closes: #793660) + * regular expression support for sudoers. (Closes: #945366) + * handle /proc/self/fd in qemu. + * Apply Upstream Patch to allow test suite with non-english LANG + https://bugzilla.sudo.ws/show_bug.cgi?id=1025 + * Apply Upstream Patch to allow test suite with faketime + * re-introduce MVPROG patch that got lost in dh migration. + Thanks to Vagrant Cascadian (Closes: #976307) + * revert back to directly shipping the mask symlink in the package. + Thanks to Michael Biebl (Closes: #1004730) + * adopt configure changes from Ubuntu + --without-lecture --with-tty-tickets --enable-admin-flag (Closes: #1006273) + * fix wrong handling of --with-systemd-tmpfiles.d + * bring OPTIONS up to date. + * have upstream install docs directly to correct directory + * let debhelper handle the upstream changelog + * remove LICENSE.md in both packages + * autopkgtest: send deluser stderr to null in cleanup + * Add cron to autopkgtest 03-getroot-ldap dependencies + * improve lintian overrides + + -- Marc Haber <mh+debian-packages@zugschlus.de> Fri, 18 Mar 2022 14:31:30 +0100 + +sudo (1.9.9-1) unstable; urgency=medium + + * new upstream version + * audit plugin now handles unresolvable hostname better + Thanks to Sven Mueller (Closes: #1003969) + * better document environment handling. + Thanks to Arnout Engelen (Closes: #659101) + * README files now come as markdown + * schemas are now in docs subdirectory + * LICENSE is now LICENSE.md + + [ Marc Haber ] + * refresh patches + * mark paths-in-samples.diff expicitly as not forwarded + * have systemd-tmpfiles clean up /run/sudo on boot + * lintian overrides: + * improve 'em in various places + * give better explanations + * override long line warnings + * override typo warning for a literal film quote + * use correct lintian tag for override init script without unit + * init script / systemd units + * guarantee init script no-op on systemd systems + * mask sysv init script on systemd systems in postinst + instead of debian/rules + * actually remove masking of service in postrm + * maintainer scripts + * document when .dist file removal was added to that + it can be eventually removed + * document when alternative removal was added to that + it can be eventually removed + * add a test to check for presence of #1003969 + * Standards-Version: 4.6.0 (no changes) + * use uscan version 4 + * honor nocheck DEB_BUILD_OPTION + + [ Hilko Bengen ] + * More improvement for Lintian overrides + * Convert debian/copyright to machine-readable format, using + information from upstream-provided LICENSE.md file + + -- Marc Haber <mh+debian-packages@zugschlus.de> Mon, 31 Jan 2022 20:19:55 +0100 + +sudo (1.9.8p2-1) unstable; urgency=medium + + * add more autopkgtests (especially for LDAP) + * improve existing autopkgtests + * debian/patches: + * Remove typo-in-classic-insults.diff, reflectinc upstream's decision + to not fix the typo as a way of remembering Evi Nemeth. + * remove unneeded sudo-success_return. patch + * mark debian/patches/sudo-ldap-docs as Forwarded: not-needed + * add DEP3 headers + * mention #1001858 in sudo.prerm + * comment some lintian-overrides with unclear results + + -- Marc Haber <mh+debian-packages@zugschlus.de> Sat, 18 Dec 2021 14:55:08 +0100 + +sudo (1.9.8p2-1~exp1) experimental; urgency=medium + + [ Marc Haber ] + * new upstream version 1.9.8p2-1 + * this correctly handles double defined alases (Closes: #985412) + * improve sudoers.ldap.manpage. Thanks to Dennis Filder and + Eric Brun (Closes: #981190) + * refresh patches + * remove prompting for wrong sudo group id (Closes: #605576) + * give better docs for LDAP success behavior. + Thanks to Dennis Filder (Closes: 981190) + * remove unneeded mandoc from Build-Depends. + Thanks to Ingo Schwarze + * Restore inclusion of pam_limits.so PAM module. + Thanks to Salvatore Bonaccorso (Closes: 518464) + * Use @includedir in sudoers.d/README (Closes: #993815) + * Other improvements for sudoers.d/README. + Thanks to Josh Triplett (Closes: #994962) + * add some (simple) autopkgtests + * better short description for sudo-ldap + * use https in debian/watch + * some changes to patch headers for Lintian + * manually remove executable bit from shared libs + * explicitly write set -e in maintainer scripts + * debian/control: set Rules-Requires-Root: binary-targets + * add first/trivial autopkgtests + + [ Hilko Bengen ] + * Update lintian-overrides files + * Remove group sudo / gid=27 check from postinst scripts + + [ Otto Kekäläinen ] + * Add basic Salsa-CI for project quality assurance + + -- Marc Haber <mh+debian-packages@zugschlus.de> Sun, 12 Dec 2021 22:45:15 +0100 + +sudo (1.9.6-1~exp2) experimental; urgency=low + + [ Marc Haber ] + * add use_pty to default configuration, fixing CVE-2005-4890. + Thanks to Daniel Kahn Gillmor (Closes: #657784) + * Add group specific defaults for environment variables (commented out) + Thanks to Josh Triplett + * remove --disable-setresuid from sudo-ldap as well. + Thanks to Dennis Filder (Closes: #985307) + + [ Hilko Bengen ] + * Add PAM config for interactive login use (Closes: #690044) + * Actually configure sudo to use pam / sudo-i + + -- Marc Haber <mh+debian-packages@zugschlus.de> Fri, 02 Apr 2021 18:15:21 +0200 + +sudo (1.9.6-1~exp1) experimental; urgency=medium + + * new upstream version + * add upstream signature + * refresh patches + * remove NO_ROOT_MAILER patch (incorporated upstream) + + -- Marc Haber <mh+debian-packages@zugschlus.de> Fri, 12 Mar 2021 22:06:59 +0100 + +sudo (1.9.5p2-3+exp1) experimental; urgency=medium + + [ Marc Haber ] + * convert package to dh + * rename init scripts to be picked up by new debhelper + * rename and update lintian overrides + * let /run directory be created by systemd + * remove documentation files that are installed by upstream scripts + * clear dependency path in .la files + * add Pre-Depends: ${misc:Pre-Depends} + * override package-has-unnecessary-activation-of-ldconfig-trigger + + [ Bastian Blank ] + * Move stuff to /usr/libexec. + * Use dpkg provided make snippets + * Provide build-flags via environment + * Use easier to read multi-line variables + * Remove not require prefix override + * Move stuff to /usr/libexec + + [ Hilko Bengen ] + * Remove unneeded Built-Using + * Simplify dh_auto_* overrides + * Further simplification + * debian/rules: Remove another unneeded variable + * Don't ship *.la files + * Add Apport script + + -- Marc Haber <mh+debian-packages@zugschlus.de> Fri, 12 Mar 2021 20:48:13 +0100 + +sudo (1.9.5p2-3) unstable; urgency=medium + + * new maintainer team and uploaders (Closes: #976244) + * sudo is now team maintained + * add Uploaders field + * move salsa repo to team-sudo group + * refresh patches + * Adapt README.LDAP to the actual state of sudo-ldap (Closes: #442871) + * add Apport hook. + Thanks to Balint Reczey (Closes: 881671) + + -- Marc Haber <mh+debian-packages@zugschlus.de> Sat, 27 Feb 2021 09:28:03 +0100 + +sudo (1.9.5p2-2) unstable; urgency=medium + + * patch from upstream repo to fix NO_ROOT_MAILER + + -- Bdale Garbee <bdale@gag.com> Fri, 29 Jan 2021 18:12:32 -0700 + +sudo (1.9.5p2-1) unstable; urgency=high + + * new upstream version, addresses CVE-2021-3156 + + -- Bdale Garbee <bdale@gag.com> Tue, 26 Jan 2021 21:20:05 -0700 + +sudo (1.9.5p1-1.1) unstable; urgency=high + + * Non-maintainer upload. + * Heap-based buffer overflow (CVE-2021-3156) + - Reset valid_flags to MODE_NONINTERACTIVE for sudoedit + - Add sudoedit flag checks in plugin that are consistent with front-end + - Fix potential buffer overflow when unescaping backslashes in user_args + - Fix the memset offset when converting a v1 timestamp to TS_LOCKEXCL + - Don't assume that argv is allocated as a single flat buffer + + -- Salvatore Bonaccorso <carnil@debian.org> Wed, 20 Jan 2021 10:11:47 +0100 + +sudo (1.9.5p1-1) unstable; urgency=medium + + * new upstream version, closes: #980028 + + -- Bdale Garbee <bdale@gag.com> Wed, 13 Jan 2021 01:09:19 -0700 + +sudo (1.9.5-1) unstable; urgency=medium + + * new upstream version + + -- Bdale Garbee <bdale@gag.com> Mon, 11 Jan 2021 15:15:48 -0700 + +sudo (1.9.4p2-2) unstable; urgency=medium + + * always use /bin/mv to ensure reproducible builds whether built on a + usrmerge or non-usrmerge system, closes: #976307 + + -- Bdale Garbee <bdale@gag.com> Sun, 03 Jan 2021 09:11:13 -0700 + +sudo (1.9.4p2-1) unstable; urgency=medium + + * new upstream version + + -- Bdale Garbee <bdale@gag.com> Sun, 20 Dec 2020 17:43:54 -0700 + +sudo (1.9.4p1-1) unstable; urgency=medium + + * new upstream version + + -- Bdale Garbee <bdale@gag.com> Thu, 17 Dec 2020 17:35:55 -0700 + +sudo (1.9.4-1) unstable; urgency=medium + + * new upstream version + + -- Bdale Garbee <bdale@gag.com> Tue, 01 Dec 2020 22:10:03 -0500 + +sudo (1.9.3p1-1) unstable; urgency=medium + + * new upstream version + + -- Bdale Garbee <bdale@gag.com> Thu, 24 Sep 2020 11:10:02 -0600 + +sudo (1.9.3-1) unstable; urgency=medium + + * new upstream version + * make the comment match the text in default sudoers, closes: #964922 + * enable zlib, closes: #846077 + + -- Bdale Garbee <bdale@gag.com> Mon, 21 Sep 2020 17:11:30 -0600 + +sudo (1.9.1-2) unstable; urgency=medium + + * change # to @ on includedir in default sudoers to reduce confusion with + a comment, such as in 964922 + + -- Bdale Garbee <bdale@gag.com> Sun, 12 Jul 2020 09:52:08 -0600 + +sudo (1.9.1-1) unstable; urgency=medium + + * new upstream version + + -- Bdale Garbee <bdale@gag.com> Fri, 19 Jun 2020 15:44:09 -0600 + +sudo (1.9.0-1) unstable; urgency=medium + + * new upstream version, closes: #669687, #571621, #734752 + + -- Bdale Garbee <bdale@gag.com> Wed, 13 May 2020 18:34:59 -0600 + +sudo (1.8.31p1-1) unstable; urgency=medium + + * new upstream version + + -- Bdale Garbee <bdale@gag.com> Thu, 19 Mar 2020 15:47:17 -0600 + +sudo (1.8.31-1) unstable; urgency=medium + + * new upstream version + + -- Bdale Garbee <bdale@gag.com> Sat, 01 Feb 2020 23:07:09 -0800 + +sudo (1.8.29-1) unstable; urgency=medium + + * new upstream version + * make --libexecdir use /usr/lib instead of /usr/lib/sudo, closes: #943313 + + -- Bdale Garbee <bdale@gag.com> Mon, 28 Oct 2019 19:27:42 -0600 + +sudo (1.8.28p1-1) unstable; urgency=medium + + * new upstream version + + -- Bdale Garbee <bdale@gag.com> Tue, 22 Oct 2019 16:13:34 -0600 + +sudo (1.8.27-1.1) unstable; urgency=high + + * Non-maintainer upload. + * Treat an ID of -1 as invalid since that means "no change" (CVE-2019-14287) + (Closes: #942322) + * Fix test failure in plugins/sudoers/regress/testsudoers/test5.sh + + -- Salvatore Bonaccorso <carnil@debian.org> Mon, 14 Oct 2019 21:10:58 +0200 + +sudo (1.8.27-1) unstable; urgency=medium + + * new upstream version + + -- Bdale Garbee <bdale@gag.com> Sat, 12 Jan 2019 11:10:05 -0700 + +sudo (1.8.26-2) unstable; urgency=medium + + * patch from upstream to fix man page truncation, closes: #914469 + + -- Bdale Garbee <bdale@gag.com> Fri, 23 Nov 2018 14:59:17 -0700 + +sudo (1.8.26-1) unstable; urgency=medium + + [Bdale Garbee] + * new upstream version + + [Ondřej Nový] + * d/changelog: Remove trailing whitespaces + * d/control: Remove trailing whitespaces + * d/rules: Remove trailing whitespaces + + -- Bdale Garbee <bdale@gag.com> Mon, 19 Nov 2018 00:32:06 -1000 + +sudo (1.8.23-2) unstable; urgency=high + + * fix FTBFS due to earlier sudoers2ldif removal, closes: #903415 + + -- Bdale Garbee <bdale@gag.com> Sat, 21 Jul 2018 11:22:37 -0600 + +sudo (1.8.23-1) unstable; urgency=medium + + * new upstream version + + -- Bdale Garbee <bdale@gag.com> Mon, 30 Apr 2018 20:55:10 -0600 + +sudo (1.8.21p2-3) unstable; urgency=medium + + * include sssd support in the sudo-ldap build too, closes: #884741 + + -- Bdale Garbee <bdale@gag.com> Mon, 18 Dec 2017 21:55:18 -0700 + +sudo (1.8.21p2-2) unstable; urgency=medium + + * work harder to clean up mess left by sudo-ldap using /etc/init.d/sudo + prior to version 1.8.7-1, closes: #877516 + + -- Bdale Garbee <bdale@gag.com> Mon, 02 Oct 2017 13:02:27 -0600 + +sudo (1.8.21p2-1) unstable; urgency=medium + + * new upstream version, closes: #873623, #873600, #874000 + * remove legacy /etc/sudoers.dist we no longer deliver, closes: #873561 + + -- Bdale Garbee <bdale@gag.com> Thu, 07 Sep 2017 10:42:19 -0600 + +sudo (1.8.21-1) unstable; urgency=medium + + [ Bdale Garbee ] + * new upstream version + * don't deliver /etc/sudoers.dist, closes: #862309 + * whitelist DPKG_COLORS env var, closes: #823368 + + [ Laurent Bigonville ] + * debian/sudo*.postinst: Drop /var/run/sudo -> /var/lib/sudo migration code, + this migration happened in 2010 and that code is not necessary anymore + * Move timestamp files to /run/sudo, with systemd the directory is + created/cleaned by tmpfiles.d now, the sudo initscript/service is not + doing anything in that case anymore (Closes: #786555) + * debian/sudo*.postinst: Move the debhelper marker before the creation of + the sudo group, this way the snippets added by debhelper will be executed + even if the group already exists. (Closes: #870456) + + -- Bdale Garbee <bdale@gag.com> Mon, 28 Aug 2017 09:44:06 -0600 + +sudo (1.8.20p2-1) unstable; urgency=medium + + * new upstream version + + -- Bdale Garbee <bdale@gag.com> Thu, 08 Jun 2017 11:57:02 -0600 + +sudo (1.8.20p1-1.1) unstable; urgency=high + + * Non-maintainer upload. + * Use /proc/self consistently on Linux + * CVE-2017-1000368: Arbitrary terminal access (Closes: #863897) + + -- Salvatore Bonaccorso <carnil@debian.org> Mon, 05 Jun 2017 14:19:33 +0200 + +sudo (1.8.20p1-1) unstable; urgency=high + + * New upstream version with fix for CVE-2017-1000367, closes: #863731 + + -- Bdale Garbee <bdale@gag.com> Tue, 30 May 2017 14:41:58 -0600 + +sudo (1.8.20-1) unstable; urgency=medium + + * New upstream version + * patch from Helmut Grohne to fix cross-building issues, closes: #847131 + + Let dh_auto_configure pass --host to configure + + Honour DEB_BUILD_OPTIONS=nocheck + + -- Bdale Garbee <bdale@gag.com> Wed, 10 May 2017 10:25:46 -0600 + +sudo (1.8.19p1-1) unstable; urgency=medium + + * new upstream version + + -- Bdale Garbee <bdale@gag.com> Fri, 13 Jan 2017 11:12:49 -0700 + +sudo (1.8.19-1) unstable; urgency=medium + + * new upstream version + + -- Bdale Garbee <bdale@gag.com> Mon, 19 Dec 2016 13:00:21 -0700 + +sudo (1.8.18p1-2) unstable; urgency=medium + + * merge work done by Balint Reczey in parallel / conflict with my offline work + + -- Bdale Garbee <bdale@gag.com> Thu, 15 Dec 2016 19:08:46 -0700 + +sudo (1.8.18p1-1) unstable; urgency=medium + + * new upstream version + * explicitly depend on lsb-base since we use init-functions + * move to latest debhelper compat level + + -- Bdale Garbee <bdale@gag.com> Thu, 15 Dec 2016 18:10:29 -0700 + +sudo (1.8.17p1-2) unstable; urgency=medium + + * merge 1.8.15-1.1 NMU changes + + -- Bdale Garbee <bdale@gag.com> Tue, 05 Jul 2016 16:01:55 +0200 + +sudo (1.8.17p1-1) unstable; urgency=low + + * new upstream version, closes: #805563 + * build-depend on the new mandoc package so we can rebuild man pages + properly if needed, closes: #809984 + + -- Bdale Garbee <bdale@gag.com> Tue, 05 Jul 2016 16:01:55 +0200 + +sudo (1.8.15-1.1) unstable; urgency=medium + + * Non-maintainer upload + * Disable editing of files via user-controllable symlinks + (Closes: #804149) (CVE-2015-5602) + - Fix directory writability checks for sudoedit + - Enable sudoedit directory writability checks by default + + -- Ben Hutchings <ben@decadent.org.uk> Mon, 04 Jan 2016 23:36:50 +0000 + +sudo (1.8.15-1) unstable; urgency=low + + * new upstream version, closes: #804149 + * use --with-exampledir to deliver example files more cleanly + + -- Bdale Garbee <bdale@gag.com> Wed, 23 Dec 2015 11:15:22 -0700 + +sudo (1.8.12-1) unstable; urgency=low + + * new upstream version, closes: #772707, #773383 + * patch from Christian Kastner to fix sudoers handling error when moving + between sudo and sudo-ldap packages, closes: #776137 + + -- Bdale Garbee <bdale@gag.com> Mon, 23 Feb 2015 08:56:06 -0700 + +sudo (1.8.11p2-1) unstable; urgency=low + + * new upstream version + + -- Bdale Garbee <bdale@gag.com> Thu, 30 Oct 2014 11:14:06 -0700 + +sudo (1.8.11p1-2) unstable; urgency=low + + * patch from Jakub Wilk to fix 'ignoring time stamp from the future' + messages, closes: #762465 + * upstream patch forwarded by Laurent Bigonville that fixes problem with + Linux kernel auditing code, closes: #764817 + + -- Bdale Garbee <bdale@gag.com> Mon, 20 Oct 2014 11:06:44 -0600 + +sudo (1.8.11p1-1) unstable; urgency=low + + * new upstream version, closes: #764286 + * fix typo in German translation, closes: #761601 + + -- Bdale Garbee <bdale@gag.com> Fri, 10 Oct 2014 10:16:08 -0600 + +sudo (1.8.10p3-1) unstable; urgency=low + + * new upstream release + * add hardening=+all to match login and su + * updated VCS URLs and crypto verified watch file, closes: #747473 + * harmonize configure options for LDAP version to match non-LDAP version, + in particular stop using --with-secure-path and add configure_args + * enable audit support on Linux systems, closes: #745779 + * follow upstream change from --with-timedir to --with-rundir + + -- Bdale Garbee <bdale@gag.com> Sun, 14 Sep 2014 10:20:15 -0600 + +sudo (1.8.9p5-1) unstable; urgency=low + + * new upstream release, closes: #735328 + + -- Bdale Garbee <bdale@gag.com> Tue, 04 Feb 2014 11:46:19 -0700 + +sudo (1.8.9p4-1) unstable; urgency=low + + * new upstream release, closes: #732008 + + -- Bdale Garbee <bdale@gag.com> Wed, 15 Jan 2014 14:55:25 -0700 + +sudo (1.8.9p3-1) unstable; urgency=low + + * new upstream release + + -- Bdale Garbee <bdale@gag.com> Mon, 13 Jan 2014 14:49:42 -0700 + +sudo (1.8.9~rc1-1) experimental; urgency=low + + * upstream release candidate + + -- Bdale Garbee <bdale@gag.com> Sun, 29 Dec 2013 21:36:12 -0700 + +sudo (1.8.9~b2-1) experimental; urgency=low + + * upstream beta release + * update Debian standards version + * squelch lintian complaint about missing sudo-ldap systemd service, since + the service file is always called 'sudo.service' + + -- Bdale Garbee <bdale@gag.com> Wed, 25 Dec 2013 14:48:23 -0700 + +sudo (1.8.9~b1-1) experimental; urgency=low + + * upstream beta release + + -- Bdale Garbee <bdale@gag.com> Wed, 27 Nov 2013 09:37:00 -0700 + +sudo (1.8.8-3) unstable; urgency=low + + * document in README.Debian that the sssd support is enabled in the sudo + package, not in the sudo-ldap package, closes: #728289 + + -- Bdale Garbee <bdale@gag.com> Wed, 30 Oct 2013 10:33:44 -0600 + +sudo (1.8.8-2) unstable; urgency=low + + * fix touch errors on boot, closes: #725193 + + -- Bdale Garbee <bdale@gag.com> Tue, 08 Oct 2013 20:11:38 -0600 + +sudo (1.8.8-1) unstable; urgency=low + + * new upstream release + + -- Bdale Garbee <bdale@gag.com> Mon, 30 Sep 2013 23:08:49 -0600 + +sudo (1.8.8~rc1-1) experimental; urgency=low + + * upstream release candidate with several of our patches folded in + * set filestamps to epoch instead of an arbitrary old date in the init + fragment, closes: #722335 + + -- Bdale Garbee <bdale@gag.com> Thu, 12 Sep 2013 10:16:58 -0700 + +sudo (1.8.8~b3-1) experimental; urgency=low + + * pre-release of new upstream version, put in experimental + + -- Bdale Garbee <bdale@gag.com> Wed, 04 Sep 2013 07:53:08 -0600 + +sudo (1.8.7-4) unstable; urgency=low + + * looks like we actually need both --with-sssd and --with-sssd-lib, + closes: #719987, #724763 + + -- Bdale Garbee <bdale@gag.com> Fri, 27 Sep 2013 11:48:55 -0600 + +sudo (1.8.7-3) unstable; urgency=low + + * use --with-sssd-lib to help sudo find libsss-sudo in multiarch path, + closes: #719987 + + -- Bdale Garbee <bdale@gag.com> Sat, 17 Aug 2013 15:38:53 +0200 + +sudo (1.8.7-2) unstable; urgency=low + + * let debhelper scripts manage the update-rc.d calls, closes: #719755 + + -- Bdale Garbee <bdale@gag.com> Fri, 16 Aug 2013 01:48:23 +0200 + +sudo (1.8.7-1) unstable; urgency=low + + * new upstream version, closes: #715157, #655879 + * make sudo-ldap package's init.d script be called sudo-ldap + * add sssd support to sudo, closes: #719574 + * recognize lenny, squeeze, and wheezy unmodified sudoers, closes: #660594 + + -- Bdale Garbee <bdale@gag.com> Wed, 14 Aug 2013 00:01:14 +0200 + +sudo (1.8.5p2-1) unstable; urgency=low + + * new upstream version + * patch to use flock on hurd, run autoconf in rules, closes: #655883 + * patch to avoid calling unlink with null pointer on hurd, closes: #655948 + * patch to actually use hardening build flags, closes: #655417 + * fix sudo-ldap.postinst syntax issue, closes: #669576 + + -- Bdale Garbee <bdale@gag.com> Thu, 28 Jun 2012 12:01:37 -0600 + +sudo (1.8.3p2-1) unstable; urgency=high + + * new upstream version, closes: #657985 (CVE-2012-0809) + * patch from Pino Toscano to only use selinux on Linux, closes: #655894 + + -- Bdale Garbee <bdale@gag.com> Mon, 30 Jan 2012 16:11:54 -0700 + +sudo (1.8.3p1-3) unstable; urgency=low + + * patch from Moritz Muehlenhoff enables hardened build flags, closes: #655417 + * replacement postinst script from Mike Beattie using shell instead of Perl + * include systemd service file from Michael Stapelberg, closes: #639633 + * add init.d status support, closes: #641782 + * make sudo-ldap package manage a sudoers entry in nsswitch.conf, + closes: #610600, #639530 + * enable mail_badpass in the default sudoers file, closes: #641218 + * enable selinux support, closes: #655510 + + -- Bdale Garbee <bdale@gag.com> Wed, 11 Jan 2012 16:18:13 -0700 + +sudo (1.8.3p1-2) unstable; urgency=low + + * if upgrading from squeeze, and the sudoers file is unmodified, avoid + the packaging system prompting the user about a change they didn't make + now that sudoers is a conffile, closes: #612532, #636049 + * add a recommendation for the use of visudo to the sudoers.d/README file, + closes: #648104 + + -- Bdale Garbee <bdale@gag.com> Sat, 12 Nov 2011 16:27:13 -0700 + +sudo (1.8.3p1-1) unstable; urgency=low + + * new upstream version, closes: #646478 + + -- Bdale Garbee <bdale@gag.com> Thu, 27 Oct 2011 01:03:44 +0200 + +sudo (1.8.3-1) unstable; urgency=low + + * new upstream version, closes: #639391, #639568 + + -- Bdale Garbee <bdale@gag.com> Sat, 22 Oct 2011 23:49:16 -0600 + +sudo (1.8.2-2) unstable; urgency=low + + [ Luca Capello ] + * debian/rules improvements, closes: #642535 + + mv upstream sample.* files to the examples folder. + - do not call dh_installexamples. + + [ Bdale Garbee ] + * patch from upstream for SIGBUS on sparc64, closes: #640304 + * use common-session-noninteractive in the pam config to reduce log noise + when sudo is used in cron, etc, closes: #519700 + * patch from Steven McDonald to fix segfault on startup under certain + conditions, closes: #639568 + * add a NEWS entry regarding the secure_path change made in 1.8.2-1, + closes: #639336 + + -- Bdale Garbee <bdale@gag.com> Mon, 26 Sep 2011 21:55:56 -0600 + +sudo (1.8.2-1) unstable; urgency=low + + * new upstream version, closes: #637449, #621830 + * include common-session in pam config, closes: #519700, #607199 + * move secure_path from configure to default sudoers, closes: #85123, 85917 + * improve sudoers self-documentation, closes: #613639 + * drop --disable-setresuid since modern systems should not run 2.2 kernels + * lose the --with-devel configure option since it's breaking builds in + subdirectories for some reason + + -- Bdale Garbee <bdale@gag.com> Wed, 24 Aug 2011 13:33:11 -0600 + +sudo (1.7.4p6-1) unstable; urgency=low + + * new upstream version + * touch the right stamp name after configuring, closes: #611287 + * patch from Svante Signell to fix build problem on Hurd, closes: #611290 + + -- Bdale Garbee <bdale@gag.com> Wed, 09 Feb 2011 11:32:58 -0700 + +sudo (1.7.4p4-6) unstable; urgency=low + + * update /etc/sudoers.d/README now that sudoers is a conffile + * patch from upstream to fix special case in password checking code + when only the gid is changing, closes: #609641 + + -- Bdale Garbee <bdale@gag.com> Tue, 11 Jan 2011 10:22:39 -0700 + +sudo (1.7.4p4-5) unstable; urgency=low + + * patch from Jakub Wilk to add noopt and nostrip build option support, + closes: #605580 + * make sudoers a conffile, closes: #605130 + * add descriptions to LSB init headers, closes: #604619 + * change default sudoers %sudo entry to allow gid changes, closes: #602699 + * add Vcs entries to the control file + * use debhelper install files instead of explicit installs in rules + + -- Bdale Garbee <bdale@gag.com> Wed, 01 Dec 2010 20:32:31 -0700 + +sudo (1.7.4p4-4) unstable; urgency=low + + * patch from upstream to resolve problem always prompting for a password + when run without a tty, closes: #599376 + * patch from upstream to resolve interoperability problem between HOME in + env_keep and the -H flag, closes: #596493 + * change path syntax to avoid tar error when /var/run/sudo exists but is + empty, closes: #598877 + + -- Bdale Garbee <bdale@gag.com> Thu, 07 Oct 2010 15:59:06 -0600 + +sudo (1.7.4p4-3) unstable; urgency=low + + * make postinst clause for handling /var/run -> /var/lib transition less + fragile, closes: #585514 + * cope with upstream's Makefile trying to install ChangeLog in our doc + directory, closes: #597389 + * fix README.Debian to reflect that HOME is no longer preserved by default, + closes: #596847 + + -- Bdale Garbee <bdale@gag.com> Tue, 21 Sep 2010 23:53:08 -0600 + +sudo (1.7.4p4-2) unstable; urgency=low + + * add a NEWS item about change in $HOME handling that impacts programs + like pbuilder + + -- Bdale Garbee <bdale@gag.com> Wed, 08 Sep 2010 14:29:16 -0600 + +sudo (1.7.4p4-1) unstable; urgency=high + + * new upstream version, urgency high due to fix for flaw in Runas group + matching (CVE-2010-2956), closes: #595935 + * handle transition of /var/run/sudo to /var/lib/sudo better, to avoid + re-lecturing existing users, and to clean up after ourselves on upgrade, + and remove the RAMRUN section from README.Debian since the new state dir + should fix the original problem, closes: #585514 + * deliver README.Debian to both package flavors, closes: #593579 + + -- Bdale Garbee <bdale@gag.com> Tue, 07 Sep 2010 12:22:42 -0600 + +sudo (1.7.2p7-1) unstable; urgency=high + + * new upstream release with security fix for secure path (CVE-2010-1646), + closes: #585394 + * move timestamps from /var/run/sudo to /var/lib/sudo, so that the state + about whether to give the lecture is preserved across reboots even when + RAMRUN is set, closes: #581393 + * add a note to README.Debian about LDAP needing an entry in + /etc/nsswitch.conf, closes: #522065 + * add a note to README.Debian about how to turn off lectures if using + RAMRUN in /etc/default/rcS, closes: #581393 + + -- Bdale Garbee <bdale@gag.com> Thu, 10 Jun 2010 15:42:14 -0600 + +sudo (1.7.2p6-1) unstable; urgency=low + + * new upstream version fixing CVE-2010-1163, closes: #578275, #570737 + + -- Bdale Garbee <bdale@gag.com> Mon, 19 Apr 2010 10:45:47 -0600 + +sudo (1.7.2p5-1) unstable; urgency=low + + * new upstream release, closes a bug filed upstream regarding missing man + page processing scripts in the 1.7.2p1 tarball, also includes the fix + for CVE-2010-0426 previously the subject of a security team nmu + * move to source format 3.0 (quilt) and restructure changes as patches + * fix unprocessed substitution variables in man pages, closes: #557204 + * apply patch from Neil Moore to fix Debian-specific content in the + visudo man page, closes: #555013 + * update descriptions to better explain sudo-ldap, closes: #573108 + * eliminate spurious 'and' in man page, closes: #571620 + * fix confusing text in default sudoers, closes: #566607 + + -- Bdale Garbee <bdale@gag.com> Thu, 11 Mar 2010 15:44:53 -0700 + +sudo (1.7.2p1-1) unstable; urgency=low + + * new upstream version + * add support for /etc/sudoers.d using #includedir in default sudoers, + which I think is also a good solution to the request for a crontab-like + API requested in March of 2001, closes: #539994, #271813, #89743 + * move init.d script from using rcS.d to rc[0-6].d, closes: #542924 + + -- Bdale Garbee <bdale@gag.com> Mon, 31 Aug 2009 14:09:32 -0600 + +sudo (1.7.2-2) unstable; urgency=low + + * further improve initial sudoers to not include the NOPASSWD option on + the group sudo exception, closes: #539136, #198991 + + -- Bdale Garbee <bdale@gag.com> Wed, 29 Jul 2009 16:21:04 +0200 + +sudo (1.7.2-1) unstable; urgency=low + + * new upstream version, closes: #537103 + * improve initial sudoers by having the exemption for users in group + sudo on by default, and including the ability to run any command as + any user. This makes the default install roughly equivalent to our + old use of the --with-exempt=sudo build option, closes: #536220, #536222 + + -- Bdale Garbee <bdale@gag.com> Wed, 15 Jul 2009 01:29:46 -0600 + +sudo (1.7.0-1) unstable; urgency=low + + * new upstream version, closes: #510179, #128268, #520274, #508514 + * fix ldap config file path for sudo-ldap package, including creating + a symlink in postinst and cleaning it up in postrm for the sudo-ldap + package, closes: #430826 + * fix NOPASSWD entry location in default config file for the sudo-ldap + instance too, closes: #479616 + + -- Bdale Garbee <bdale@gag.com> Sat, 28 Mar 2009 15:15:01 -0600 + +sudo (1.6.9p17-2) unstable; urgency=high + + * patch from upstream to fix privilege escalation with certain + configurations, CVE-2009-0034 + * typo in sudoers man page, closes: #507163 + + -- Bdale Garbee <bdale@gag.com> Tue, 27 Jan 2009 11:49:02 -0700 + +sudo (1.6.9p17-1) unstable; urgency=low + + * new upstream version, closes: #481008 + * deliver schemas to doc directory in sudo-ldap package, closes: #474331 + * re-apply patch from Petter Reinholdtsen to improve init.d apparently lost + in move from CVS to git for package management, closes: #475821 + * re-instate the init.d for the sudo-ldap package too... /o\ + + -- Bdale Garbee <bdale@gag.com> Sun, 06 Jul 2008 01:16:31 -0600 + +sudo (1.6.9p15-2) unstable; urgency=low + + * revert the fix for 388659 such that visudo once again defaults to using + /usr/bin/editor. I was always ambivalent about this change, it has caused + more confusion and frustration than it cured, and I find Justin's line of + reasoning persuasive. Update the man page source to reflect this choice + and the related use of --with-env-editor. Closes: #474197. + * patch from Petter Reinholdtsen to improve init.d, closes: #475821 + + -- Bdale Garbee <bdale@gag.com> Wed, 16 Apr 2008 00:38:56 -0600 + +sudo (1.6.9p15-1) unstable; urgency=low + + * new upstream version, closes: #467126, #473337 + * remove pointless postrm scripts, leaving debhelper do its thing if needed, + thanks to Justin Pryzby for pointing this out + * reinstate the init.d, since bootclean doesn't quite do what we want. This + also means we don't need the preinst scripts any more. Update the lintian + overrides since postinst is a Perl script lintian apparently isn't parsing + well. closes: #330868 + + -- Bdale Garbee <bdale@gag.com> Thu, 03 Apr 2008 14:25:56 -0600 + +sudo (1.6.9p12-1) unstable; urgency=low + + * new upstream version, closes: #464890 + + -- Bdale Garbee <bdale@gag.com> Tue, 19 Feb 2008 11:19:54 +0900 + +sudo (1.6.9p11-3) unstable; urgency=low + + * patch for configure to fix FTBFS on GNU/kFreeBSD, closes: #465956 + + -- Bdale Garbee <bdale@gag.com> Fri, 15 Feb 2008 10:54:21 -0700 + +sudo (1.6.9p11-2) unstable; urgency=low + + * update version compared in preinst when removing obsolete init.d, + closes: #459681 + * implement pam session config suggestions from Elizabeth Fong, + closes: #452457, #402329 + + -- Bdale Garbee <bdale@gag.com> Mon, 04 Feb 2008 21:26:23 -0700 + +sudo (1.6.9p11-1) unstable; urgency=low + + * new upstream version + + -- Bdale Garbee <bdale@gag.com> Fri, 11 Jan 2008 01:54:35 -0700 + +sudo (1.6.9p10-1) unstable; urgency=low + + * new upstream version + * tweak default password prompt as %u doesn't make sense. Accept patch from + Patrick Schoenfeld (recommend upstream accept it too) that adds a %p and + uses it by default, closes: #454409 + * accept patch from Martin Pitt that adds a prerm making it difficult to + "accidentally" remove sudo when there is no root password set on the + system, closes: #451241 + + -- Bdale Garbee <bdale@gag.com> Fri, 28 Dec 2007 11:44:30 -0700 + +sudo (1.6.9p9-1) unstable; urgency=low + + * new upstream version + * debian/rules: configure a more informative default password prompt to + reduce confusion when using sudo to invoke commands which also ask for + passwords, closes: #343268 + * auth/pam.c: don't use the PAM prompt if the user explicitly requested + a custom prompt, closes: #448628. + * fix configure's ability to discover that libc has dirfd, closes: #451324 + * make default editor be /usr/bin/vi instead of /usr/bin/editor, so that + the command 'visudo' invokes a vi variant by default as documented, + closes: #388659 + + -- Bdale Garbee <bdale@gag.com> Mon, 03 Dec 2007 10:26:51 -0700 + +sudo (1.6.9p6-1) unstable; urgency=low + + * new upstream version, closes: #442815, #446146, #438699, #435768, #435314 + closes: #434832, #434608, #430382 + * eliminate the now-redundant init.d scripts, closes: #397090 + * fix typo in TROUBLESHOOTING file, closes: #439624 + + -- Bdale Garbee <bdale@gag.com> Wed, 24 Oct 2007 21:13:41 -0600 + +sudo (1.6.8p12-6) unstable; urgency=low + + * fix typos in visudo.pod relating to env_editor variable, closes: #418886 + * have init.d touch directories in /var/run/sudo, not just files, as a + followup to #330868. + * fix various typos in sudoers.pod, closes: #419749 + * don't let Makefile strip binaries, closes: #438073 + + -- Bdale Garbee <bdale@gag.com> Wed, 05 Sep 2007 11:26:58 +0100 + +sudo (1.6.8p12-5) unstable; urgency=low + + * update debian/copyright to reflect new upstream URL, closes: #368746 + * add sandwich cartoon URL to the README.Debian + * don't remove sudoers on purge. can cause problems when moving between + sudo and sudo-ldap. leaving sudoers around on purge seems like the least + evil choice for now, closes: #401366 + * also preserve XAPPLRESDIR, XFILESEARCHPATH, and XUSERFILESEARCHPATH, + closes: #374509 + * accept patch that improves debian/rules from Ted Percival, closes: #382122 + * no longer build with --with-exempt=sudo, provide an example entry in the + default sudoers file instead, closes: #296605 + * add --with-devel to configure and augment build dependencies so that flex + and yacc files get re-generated on every build, closes: #316249 + + -- Bdale Garbee <bdale@gag.com> Tue, 3 Apr 2007 21:48:45 -0600 + +sudo (1.6.8p12-4) unstable; urgency=low + + * patch from Petter Reinholdtsen for the LSB info block in the init.d + script, closes: #361055 + * deliver sudoers sample again, closes: #361593 + + -- Bdale Garbee <bdale@gag.com> Sat, 15 Apr 2006 01:38:04 -0600 + +sudo (1.6.8p12-3) unstable; urgency=low + + * force-feed configure knowledge of nroff's path so we get unformatted man + pages installed without build-depending on groff-base, closes: #360894 + * add a reference to OPTIONS in the man page, closes: #186226 + + -- Bdale Garbee <bdale@gag.com> Wed, 5 Apr 2006 17:53:13 -0700 + +sudo (1.6.8p12-2) unstable; urgency=low + + * fix typos in init scripts, closes: #346325 + * update to debhelper compat level 5 + * build depend on autotools-dev to ensure config.sub/guess are fresh + * accept patch from Martin Schulze developed for 1.6.8p7-1.4 in stable, and + use it here as well. Thanks to Martin and the debian-security team. + closes: #349196, #349549, #349587, #349729, #349129, #350776, #349085 + closes: #315115, #315718, #203874 + * Non-maintainer upload by the Security Team + * Reworked the former patch to limit environment variables from being + passed through, set env_reset as default instead [sudo.c, env.c, + sudoers.pod, Bug#342948, CVE-2005-4158] + * env_reset is now set by default + * env_reset will preserve only HOME, LOGNAME, PATH, SHELL, TERM, + DISPLAY, XAUTHORITY, XAUTHORIZATION, LANG, LANGUAGE, LC_*, and USER + (in addition to the SUDO_* variables) + * Rebuild sudoers.man.in from the POD file + * Added README.Debian + * patch from Alexander Zangerl to fix duplicated PATH issue, closes: #354431 + * simplify rules file by using more of Makefile, despite having to override + default directories with more arguments to configure, closes: #292833 + * update sudo man page to reflect use of SECURE_PATH, closes: #228551 + * inconsistencies in sudoers man page resolved, closes: #220808, #161012 + * patch from Jeroen van Wolffelaar to improve behavior when FQDNs are + unresolveable (requires adding bison as build dep), closes: #314949 + + -- Bdale Garbee <bdale@gag.com> Sun, 2 Apr 2006 14:26:20 -0700 + +sudo (1.6.8p12-1) unstable; urgency=low + + * new upstream version, closes: #342948 (CVE-2005-4158) + * add env_reset to the sudoers file we create if none already exists, + as a further precaution in response to discussion about CVS-2005-4158 + * split ldap support into a new sudo-ldap package. I was trying to avoid + doing this, but the impact of going from 4 to 17 linked shlibs on the + autobuilder chroots is sufficient motivation for me. + closes: #344034 + + -- Bdale Garbee <bdale@gag.com> Wed, 28 Dec 2005 13:49:10 -0700 + +sudo (1.6.8p9-4) unstable; urgency=low + + * enable ldap support, deliver README.LDAP and sudoers2ldif, closes: #283231 + * merge patch from Martin Pitt / Ubuntu to be more robust about resetting + timestamps in the init.d script, closes: #330868 + * add dependency header to init.d script, closes: #332849 + + -- Bdale Garbee <bdale@gag.com> Sat, 10 Dec 2005 07:47:07 -0800 + +sudo (1.6.8p9-3) unstable; urgency=high + + * update debhelper compatibility level from 2 to 4 + * add man page symlink for sudoedit + * Clean SHELLOPTS and PS4 from the environment before executing programs + with sudo permissions [env.c, CAN-2005-2959] + * fix typo in manpage pointed out by Moray Allen, closes: #285995 + * fix paths in sample complex sudoers file, closes: #303542 + * fix type in sudoers man page, closes: #311244 + + -- Bdale Garbee <bdale@gag.com> Wed, 28 Sep 2005 01:18:04 -0600 + +sudo (1.6.8p9-2) unstable; urgency=high + + * merge the NMU fix for sudoedit symlink problem that was in 1.6.8p7-1.1, + closes: #305735 + + -- Bdale Garbee <bdale@gag.com> Tue, 28 Jun 2005 16:18:47 -0400 + +sudo (1.6.8p9-1) unstable; urgency=high + + * new upstream version, fixes a race condition in sudo's pathname + validation, which is a security issue (CAN-2005-1993), + closes: #315115, #315718 + + -- Bdale Garbee <bdale@gag.com> Tue, 28 Jun 2005 15:33:11 -0400 + +sudo (1.6.8p7-1) unstable; urgency=low + + * new upstream version, closes: #299585 + * update lintian overrides to squelch the postinst warning + * change sudoedit from a hard to a soft link, closes: #296896 + * fix regex doc in sudoers man page, closes: #300361 + + -- Bdale Garbee <bdale@gag.com> Sat, 26 Mar 2005 22:18:34 -0700 + +sudo (1.6.8p5-1) unstable; urgency=high + + * new upstream version + * restores ability to use config tuples without a value, which was causing + problems on upgrade closes: #283306 + * deliver sudoedit, closes: #283078 + * marking urgency high since 283306 is a serious upgrade incompatibility + + -- Bdale Garbee <bdale@gag.com> Fri, 3 Dec 2004 10:11:16 -0700 + +sudo (1.6.8p3-2) unstable; urgency=high + + * update pam.d deliverable so ldap works again, closes: #282191 + + -- Bdale Garbee <bdale@gag.com> Mon, 22 Nov 2004 11:44:46 -0700 + +sudo (1.6.8p3-1) unstable; urgency=high + + * new upstream version, fixes a flaw in sudo's environment sanitizing that + could allow a malicious user with permission to run a shell script that + utilized the bash shell to run arbitrary commands, closes: #281665 + * patch the sample sudoers to have the proper path for kill on Debian + systems, closes: #263486 + * patch the sudo manpage to reflect Debian's choice of exempt_group + default setting, closes: #236465 + * patch the sudo manpage to reflect Debian's choice of no timeout on the + password prompt, closes: #271194 + + -- Bdale Garbee <bdale@gag.com> Tue, 16 Nov 2004 23:23:41 -0700 + +sudo (1.6.7p5-2) unstable; urgency=low + + * Jeff Bailey reports that seteuid works on current sparc systems, so we + no longer need the "grosshack" stuff in the sudo rules file + * add a postrm that removes /etc/sudoers on purge. don't do this with the + normal conffile mechanism since it would generate noise on every upgrade, + closes: #245405 + + -- Bdale Garbee <bdale@gag.com> Tue, 20 Jul 2004 12:29:48 -0400 + +sudo (1.6.7p5-1) unstable; urgency=low + + * new upstream version, closes: #190265, #193222, #197244 + * change from '.' to ':' in postinst chown call, closes: #208369 + + -- Bdale Garbee <bdale@gag.com> Tue, 2 Sep 2003 21:27:06 -0600 + +sudo (1.6.7p3-2) unstable; urgency=low + + * add --disable-setresuid to configure call since 2.2 kernels don't support + setresgid, closes: #189044 + * cosmetic cleanups to debian/rules as long as I'm there + + -- Bdale Garbee <bdale@gag.com> Tue, 15 Apr 2003 16:04:48 -0600 + +sudo (1.6.7p3-1) unstable; urgency=low + + * new upstream version + * add overrides to quiet lintian about things it doesn't understand, + except the source one that can't be overridden until 129510 is fixed + + -- Bdale Garbee <bdale@gag.com> Mon, 7 Apr 2003 17:34:05 -0600 + +sudo (1.6.6-3) unstable; urgency=low + + * add code to rules file to update config.sub/guess, closes: #164501 + + -- Bdale Garbee <bdale@gag.com> Sat, 12 Oct 2002 15:35:22 -0600 + +sudo (1.6.6-2) unstable; urgency=low + + * adopt suggestion from Marcus Brinkmann to feed --with-sendmail option to + configure, and lose the build dependency on mail-transport-agent + * incorporate changes from LaMont's NMU, closes: #144665, #144737 + * update init.d to not try and set time on nonexistent timestamp files, + closes: #132616 + * build with --with-all-insults, admin must edit sudoers to turn insults + on at runtime if desired, closes: #135374 + * stop setting /usr/doc symlink in postinst + + -- Bdale Garbee <bdale@gag.com> Sat, 12 Oct 2002 01:54:24 -0600 + +sudo (1.6.6-1.1) unstable; urgency=high + + * NMU - patch from Colin Watson <cjwatson@debian.org>, in bts. + * Revert patch to auth/pam.c that left pass uninitialized, causing a + segfault (Closes: #144665). + + -- LaMont Jones <lamont@debian.org> Fri, 26 Apr 2002 22:36:04 -0600 + +sudo (1.6.6-1) unstable; urgency=high + + * new upstream version, fixes security problem with crafty prompts, + closes: #144540 + + -- Bdale Garbee <bdale@gag.com> Thu, 25 Apr 2002 12:45:49 -0600 + +sudo (1.6.5p1-4) unstable; urgency=high + + * apply patch for auth/pam.c to fix yet another way to make sudo segfault + if ctrl/C'ed at password prompt, closes: #131235 + + -- Bdale Garbee <bdale@gag.com> Sun, 3 Mar 2002 23:18:56 -0700 + +sudo (1.6.5p1-3) unstable; urgency=high + + * ugly hack to add --disable-saved-ids when building on sparc in response + to 131592, which will be reassigned to glibc for a real fix + * urgency high since the sudo currently in testing for sparc is worthless + + -- Bdale Garbee <bdale@gag.com> Sun, 17 Feb 2002 22:42:10 -0700 + +sudo (1.6.5p1-2) unstable; urgency=high + + * patch from upstream to fix seg faults caused by versions of pam that + follow a NULL pointer, closes: #129512 + + -- Bdale Garbee <bdale@gag.com> Tue, 22 Jan 2002 01:50:13 -0700 + +sudo (1.6.5p1-1) unstable; urgency=high + + * new upstream version + * add --disable-root-mailer option supported by new version to configure + call in rules file, closes: #129648 + + -- Bdale Garbee <bdale@gag.com> Fri, 18 Jan 2002 11:29:37 -0700 + +sudo (1.6.4p1-1) unstable; urgency=high + + * new upstream version, with fix for segfaulting problem in 1.6.4 + + -- Bdale Garbee <bdale@gag.com> Mon, 14 Jan 2002 20:09:46 -0700 + +sudo (1.6.4-1) unstable; urgency=high + + * new upstream version, includes an important security fix, closes: #127576 + + -- Bdale Garbee <bdale@gag.com> Mon, 14 Jan 2002 09:35:48 -0700 + +sudo (1.6.3p7-5) unstable; urgency=low + + * only touch /var/run/sudo/* if /var/run/sudo is there, closes: #126872 + * fix spelling error in init.d, closes: #126847 + + -- Bdale Garbee <bdale@gag.com> Sat, 29 Dec 2001 11:21:43 -0700 + +sudo (1.6.3p7-4) unstable; urgency=medium + + * use touch to set status files to an ancient date instead of removing them + outright on reboot. this achieves the desired effect of keeping elevated + privs from living across reboots, without forcing everyone to see the + new-sudo-user lecture after every reboot. pick a time that's 'old enough' + for systems with good clocks, and 'recent enough' that broken PC hardware + setting the clock to commonly-seen bogus dates trips over the "don't trust + future timestamps" rule. closes: #76529, #123559 + * apply patch from Steve Langasek to fix seg faults due to interaction with + PAM code. upstream confirms the problem, and says they're fixing this + differently for their next release... but this should be useful in the + meantime, and would be good to get into woody. closes: #119147 + * only run the init.d at boot, not on each runlevel change... and don't run + it during package configure. closes: #125935 + * add DEB_BUILD_OPTIONS support to rules file, closes: #94952 + + -- Bdale Garbee <bdale@gag.com> Wed, 26 Dec 2001 12:40:44 -0700 + +sudo (1.6.3p7-3) unstable; urgency=low + + * apply patch from Fumitoshi UKAI that fixes segfaults when hostname not + resolvable, closes: #86062, #69430, #77852, #82744, #55716, #56718, + * fix a typo in the manpage, closes: #97368 + * apply patch to configure.in and run autoconf to fix problem building on + the hurd, closes: #96325 + * add an init.d to clean out /var/run/sudo at boot, so privs are guaranteed + to not last across reboots, closes: #76529 + * clean up lintian-noticed cosmetic packaging issues + + -- Bdale Garbee <bdale@gag.com> Sat, 1 Dec 2001 02:59:52 -0700 + +sudo (1.6.3p7-2) unstable; urgency=low + + * update config.sub/guess for hppa support + + -- Bdale Garbee <bdale@gag.com> Sun, 22 Apr 2001 23:23:42 -0600 + +sudo (1.6.3p7-1) unstable; urgency=low + + * new upstream version + * add build dependency on mail-transport-agent, closes: #90685 + + -- Bdale Garbee <bdale@gag.com> Thu, 12 Apr 2001 17:02:42 -0600 + +sudo (1.6.3p6-1) unstable; urgency=high + + * new upstream version, fixes buffer overflow problem, + closes: #87259, #87278, #87263 + * revert to using --with-secure-path option at build time, since the option + available in sudoers is parsed too late to be useful, and upstream says + it won't get fixed quickly. This reopens 85123, which I will mark as + forwarded. Closes: #86199, #86117, #85676 + + -- Bdale Garbee <bdale@gag.com> Mon, 26 Feb 2001 11:02:51 -0700 + +sudo (1.6.3p5-2) unstable; urgency=low + + * lose the dh_suidregister call since it's obsolete + * stop using the --with-secure-path option at build time, and instead show + how to set it in sudoers. Closes: #85123 + * freshen config.sub and config.guess for ia64 and hppa + * update sudoers man page to indicate exempt_group is on by default, + closes: #70847 + + -- Bdale Garbee <bdale@gag.com> Sat, 10 Feb 2001 02:05:17 -0700 + +sudo (1.6.3p5-1) unstable; urgency=low + + * new upstream version, closes: #63940, #59175, #61817, #64652, #65743 + * this version restores core dumps before the exec, while leaving them + disabled during sudo's internal execution, closes: #58289 + * update debhelper calls in rules file + + -- Bdale Garbee <bdale@gag.com> Wed, 16 Aug 2000 00:13:15 -0600 + +sudo (1.6.2p2-1) frozen unstable; urgency=medium + + * new upstream source resulting from direct collaboration with the upstream + author to fix ugly pam-related problems on Debian in 1.6.1 and later. + Closes: #56129, #55978, #55979, #56550, #56772 + * include more upstream documentation, closes: #55054 + * pam.d fragment update, closes: #56129 + + -- Bdale Garbee <bdale@gag.com> Sun, 27 Feb 2000 11:48:48 -0700 + +sudo (1.6.1-1) unstable; urgency=low + + * new upstream source, closes: #52750 + + -- Bdale Garbee <bdale@gag.com> Fri, 7 Jan 2000 21:01:42 -0700 + +sudo (1.6-2) unstable; urgency=low + + * drop suidregister support for this package. The sudo executable is + essentially worthless unless it is setuid root, and making suidregister + work involves shipping a non-setuid executable in the .deb and setting the + perms in the postinst. On a long upgrade run, this can leave the sudo + executable 'broken' for a long time, which is unacceptable. With this + version, we ship the executable setuid root in the .deb. Closes: #51742 + + -- Bdale Garbee <bdale@gag.com> Wed, 1 Dec 1999 19:59:44 -0700 + +sudo (1.6-1) unstable; urgency=low + + * new upstream version, many options previously set at compile-time are now + configurable at runtime. + Closes: #39255, #20996, #29812, #50705, #49148, #48435, #47190, #45639 + * FHS support + + -- Bdale Garbee <bdale@gag.com> Tue, 23 Nov 1999 16:51:22 -0700 + +sudo (1.5.9p4-1) unstable; urgency=low + + * new upstream version, closes: #43464 + * empty password handling was fixed in 1.5.8, closes: #31863 + + -- Bdale Garbee <bdale@gag.com> Thu, 26 Aug 1999 00:00:57 -0600 + +sudo (1.5.9p1-1) unstable; urgency=low + + * new upstream version + + -- Bdale Garbee <bdale@gag.com> Thu, 15 Apr 1999 22:43:29 -0600 + +sudo (1.5.8p1-1) unstable; urgency=medium + + * new upstream version, closes 33690 + * add dependency on libpam-modules, closes 34215, 33432 + + -- Bdale Garbee <bdale@gag.com> Mon, 8 Mar 1999 10:27:42 -0700 + +sudo (1.5.7p4-2) unstable; urgency=medium + + * update the pam fragment provided so that sudo works with latest pam bits, + closes 33432 + + -- Bdale Garbee <bdale@gag.com> Sun, 21 Feb 1999 00:22:44 -0700 + +sudo (1.5.7p4-1) unstable; urgency=low + + * new upstream release + + -- Bdale Garbee <bdale@gag.com> Sun, 27 Dec 1998 16:13:53 -0700 + +sudo (1.5.6p5-1) unstable; urgency=low + + * new upstream patch release + * add PAM support, closes 28594 + + -- Bdale Garbee <bdale@gag.com> Mon, 2 Nov 1998 00:00:24 -0700 + +sudo (1.5.6p2-2) unstable; urgency=low + + * update copyright file, closes 24136 + * review and close forwarded bugs believed fixed in this upstream version, + closes 17606, 15786. + + -- Bdale Garbee <bdale@gag.com> Mon, 5 Oct 1998 22:30:43 -0600 + +sudo (1.5.6p2-1) unstable; urgency=low + + * new upstream release + + -- Bdale Garbee <bdale@gag.com> Mon, 5 Oct 1998 22:30:43 -0600 + +sudo (1.5.4-4) frozen unstable; urgency=low + + * update postinst to use groupadd, closes 21403 + * move the suidregister stuff earlier in postinst to ensure it always runs + + -- Bdale Garbee <bdale@gag.com> Sun, 19 Apr 1998 22:07:45 -0600 + +sudo (1.5.4-3) frozen unstable; urgency=low + + * change /etc/sudoers from a conffile to being handled in postinst, + closes 18219 + * add suidmanager support, closes 15711 + * add '-Wno-comment' to quiet warnings from gcc upstream maintainer is + unlikely to ever fix, and which just don't matter. closes 17146 + * fix FSF address in copyright file, and submit exception for lintian + warning about sudo being setuid root + + -- Bdale Garbee <bdale@gag.com> Thu, 9 Apr 1998 23:59:11 -0600 + +sudo (1.5.4-2) unstable; urgency=high + + * patch from upstream author correcting/improving security fix + + -- Bdale Garbee <bdale@gag.com> Tue, 13 Jan 1998 10:39:35 -0700 + +sudo (1.5.4-1) unstable; urgency=high + + * new upstream version, includes a security fix + * change default editor from /bin/ae to /usr/bin/editor + + -- Bdale Garbee <bdale@gag.com> Mon, 12 Jan 1998 23:36:41 -0700 + +sudo (1.5.3-1) unstable; urgency=medium + + * new upstream version, closes bug 15911. + * rules file reworked to use debhelper + * implement a really gross hack to force use of the sudo-provided + lsearch(), since the one in libc6 is broken! This closes bugs + 12552, 12557, 14881, 15259, 15916. + + -- Bdale Garbee <bdale@gag.com> Sat, 3 Jan 1998 20:39:23 -0700 + +sudo (1.5.2-6) unstable; urgency=LOW + + * don't install INSTALL in the doc directory, closes bug 13195. + + -- Bdale Garbee <bdale@gag.com> Sun, 21 Sep 1997 17:10:40 -0600 + +sudo (1.5.2-5) unstable; urgency=LOW + + * libc6 + + -- Bdale Garbee <bdale@gag.com> Fri, 5 Sep 1997 00:06:22 -0600 + +sudo (1.5.2-4) unstable; urgency=LOW + + * change TIMEOUT (how long before you have to type your password again) + to 15 mins, disable PASSWORD_TIMEOUT. This makes building large Debian + packages on slower machines much more tolerable. Closes bug 9076. + * touch debian/suid before debstd. Closes bug 8709. + + -- Bdale Garbee <bdale@gag.com> Sat, 26 Apr 1997 00:48:01 -0600 + +sudo (1.5.2-3) frozen unstable; urgency=LOW + + * patch from upstream maintainer to close Bug 6828 + * add a debian/suid file to get debstd to leave my perl postinst alone + + -- Bdale Garbee <bdale@gag.com> Fri, 11 Apr 1997 23:09:55 -0600 + +sudo (1.5.2-2) frozen unstable; urgency=LOW + + * change rules to use -O2 -Wall as per standards + + -- Bdale Garbee <bdale@gag.com> Sun, 6 Apr 1997 12:48:53 -0600 + +sudo (1.5.2-1) unstable; urgency=LOW + + * new upstream version + * cosmetic changes to debian package control files + + -- Bdale Garbee <bdale@gag.com> Wed, 30 Oct 1996 09:50:00 -0700 + +sudo (1.5-2) unstable; urgency=LOW + + * add /usr/X11R6/bin to the end of the secure path... this makes it + much easier to run xmkmf, etc., during package builds. To the extent + that /usr/local/sbin and /usr/local/bin were already included, I see + no security reasons not to add this. + + -- Bdale Garbee <bdale@gag.com> Wed, 30 Oct 1996 09:44:58 -0700 + +sudo (1.5-1) unstable; urgency=LOW + + * New upstream version + * New maintainer + * New packaging format + + -- Bdale Garbee <bdale@gag.com> Thu, 29 Aug 1996 11:44:22 +0200 + +Tue Mar 5 09:36:41 MET 1996 Michael Meskes <meskes@informatik.rwth-aachen.de> + + sudo (1.4.1-1): + + * hard code SECURE_PATH to: + "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" + + * enable ENV_EDITOR + + * enabled EXEMPTGROUP "sudo" + + * moved timestamp dir to /var/log/sudo + + * changed parser to check for long and short filenames (Bug#1162) + +Wed Apr 17 13:03:31 MET DST 1996 Michael Meskes <meskes@informatik.rwth-aachen.de> + + sudo (1.4.2-1): + + * New upstream source + + * Fixed postinst script + (thanks to Peter Tobis <tobias@et-inf.fho-emden.de>) + + * Removed special shadow binary. This version works with and without + shadow password file. + +Mon May 20 09:35:22 MET DST 1996 Michael Meskes <meskes@debian.org> + + sudo (1.4.2-2): + + * Corrected editor path to /bin/ae (Bug#3062) + + * Set file permission to 4755 for sudo and 755 for visudo (Bug#3063) + +Mon Jun 17 12:06:41 MET DST 1996 Michael Meskes <meskes@debian.org> + + sudo (1.4.3-1): + + * New upstream version + + * Changed sudoers permission to 440 (owner root, group root) to make + sudo usable via NFS + +Wed Jun 19 10:56:54 MET DST 1996 Michael Meskes <meskes@debian.org> + + sudo (1.4.3-2): + + * Applied upstream patch 1 + +Thu Jun 20 09:02:57 MET DST 1996 Michael Meskes <meskes@debian.org> + + sudo (1.4.3-3): + + * Applied upstream patch 2 + +Fri Jun 28 12:49:40 MET DST 1996 Michael Meskes <meskes@debian.org> + + sudo (1.4.3-4): + + * Applied upstream patch 3 (fixes problems with an NFS-mounted + sudoers file) + + +Sun Jun 30 13:02:44 MET DST 1996 Michael Meskes <meskes@debian.org> + + sudo (1.4.3-5): + + * Corrected postinst to use /usr/bin/perl instead of /bin/perl + [Reported by jdassen@wi.leidenuniv.nl (J.H.M.Dassen)] + +Wed Jul 10 12:44:33 MET DST 1996 Michael Meskes <meskes@debian.org> + + sudo (1.4.3-6): + + * Applied upstream patch 4 (fixes several bugs) + + * Changed priority to optional + +Thu Jul 11 19:23:52 MET DST 1996 Michael Meskes <meskes@debian.org> + + sudo (1.4.3-7): + + * Corrected postinst to create correct permission for /etc/sudoers + (Bug#3749) + +Fri Aug 2 10:50:53 MET DST 1996 Michael Meskes <meskes@debian.org> + + sudo (1.4.4-1): + + * New upstream version + + +sudo (1.4.4-2) admin; urgency=HIGH + + * Fixed major security bug reported by Peter Tobias + <tobias@et-inf.fho-emden.de> + * Added dchanges support to debian.rules + +sudo (1.4.5-1) admin; urgency=LOW + + * New upstream version + * Minor changes to debian.rules diff --git a/debian/control b/debian/control new file mode 100644 index 0000000..b5a73de --- /dev/null +++ b/debian/control @@ -0,0 +1,52 @@ +Source: sudo +Section: admin +Priority: optional +Maintainer: Sudo Maintainers <sudo@packages.debian.org> +Uploaders: Marc Haber <mh+debian-packages@zugschlus.de>, + Hanno Wagner <wagner@debian.org>, + Hilko Bengen <bengen@debian.org>, + Bastian Blank <waldi@debian.org> +Build-Depends: debhelper-compat (= 13), dh-sequence-installnss, libpam0g-dev, libldap2-dev, libsasl2-dev, libselinux1-dev [linux-any], autoconf, bison, flex, libaudit-dev [linux-any], zlib1g-dev +Standards-Version: 4.6.2 +Rules-Requires-Root: no +Vcs-Git: https://salsa.debian.org/sudo-team/sudo.git +Vcs-Browser: https://salsa.debian.org/sudo-team/sudo +Homepage: https://www.sudo.ws/ + +Package: sudo +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, libpam-modules +Pre-Depends: ${misc:Pre-Depends} +Conflicts: sudo-ldap +Replaces: sudo-ldap +Description: Provide limited super user privileges to specific users + Sudo is a program designed to allow a sysadmin to give limited root + privileges to users and log root activity. The basic philosophy is to give + as few privileges as possible but still allow people to get their work done. + . + This version is built with minimal shared library dependencies, use the + sudo-ldap package instead if you need LDAP support for sudoers. + +Package: sudo-ldap +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, libnss-sudo, libpam-modules +Pre-Depends: ${misc:Pre-Depends} +Conflicts: sudo +Replaces: sudo +Provides: sudo +Description: Provide limited super user privileges (with LDAP support) + Sudo is a program designed to allow a sysadmin to give limited root + privileges to users and log root activity. The basic philosophy is to give + as few privileges as possible but still allow people to get their work done. + . + This version is built with LDAP support, which allows an equivalent of the + sudoers database to be distributed via LDAP. Authentication is still + performed via pam. + +Package: libnss-sudo +Architecture: all +Depends: ${misc:Depends} +Multi-Arch: foreign +Description: NSS configuration for sudoers service + This empty package provides the basic configuration needed to enable the + `sudoers` NSS service. diff --git a/debian/copyright b/debian/copyright new file mode 100644 index 0000000..476e9ff --- /dev/null +++ b/debian/copyright @@ -0,0 +1,314 @@ +Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Upstream-Name: sudo +Upstream-Contact: Todd C. Miller <Todd.Miller@sudo.ws> +Source: https://www.sudo.ws/ + +Files: * +Copyright: 1994-1996, 1998-2023 Todd C. Miller <Todd.Miller@sudo.ws> +License: ISC + +Files: src/selinux.c +Copyright: 2009-2022 Todd C. Miller <Todd.Miller@sudo.ws> + 2008 Dan Walsh <dwalsh@redhat.com> +License: ISC + +Files: plugins/python/* +Copyright: 2019-2020 Robert Manner <robert.manner@oneidentity.com> +License: ISC + +Files: lib/iolog/hostcheck.c include/hostcheck.h +Copyright: 2020 Laszlo Orban <laszlo.orban@oneidentity.com> +License: ISC + +Files: plugins/sudoers/redblack.c +Copyright: 2001 Emin Martinian +License: other + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that neither the name of Emin + Martinian nor the names of any contributors are be used to endorse or + promote products derived from this software without specific prior + written permission. + . + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +Files: plugins/sudoers/sssd.c +Copyright: 2011 Daniel Kopecek <dkopecek@redhat.com> +License: ISC + +Files: plugins/sudoers/bsm_audit.c + plugins/sudoers/bsm_audit.h +Copyright: 2009 Christian S.J. Peron +License: ISC + +Files: plugins/sudoers/solaris_audit.c + plugins/sudoers/solaris_audit.h +Copyright: 2014, Oracle and/or its affiliates. +License: ISC + +Files: plugins/sudoers/po/cs.po +Copyright: 2013-2023 Petr Pisar <petr.pisar@atlas.cz> + 2011-2013 Todd C. Miller <Todd.Miller@courtesan.com> +License: ISC + +Files: po/cs.po +Copyright: 2013-2023 Petr Pisar <petr.pisar@atlas.cz> + 2011-2013 Todd C. Miller <Todd.Miller@courtesan.com> +License: public-domain + +Files: plugins/sudoers/po/de.po +Copyright: 2001-2023 Jochen Hein <jochen@jochen.org> + 2013 Hendrik Knackstedt <hendrik.knackstedt@t-online.de> + 2015 Mario Blättermann <mario.blaettermann@gmail.com> + 2011-2013 Todd C. Miller <Todd.Miller@courtesan.com> +License: public-domain + +Files: po/de.po +Copyright: 2012-2014 Jakob Kramer <jakob.kramer@gmx.de> + 2012, 2014-2017, 2019-2022 Mario Blättermann <mario.blaettermann@gmail.com> + 2011-2013 Todd C. Miller <Todd.Miller@courtesan.com> +License: ISC + +Files: plugins/sudoers/po/eo.po + po/eo.po +Copyright: 2013-2019 Felipe Castro <fefcas@gmail.com> + 2012, 2019-2023 Keith Bowes <zooplah@gmail.com> + 2011-2013 Todd C. Miller <Todd.Miller@courtesan.com> +License: ISC + +Files: plugins/sudoers/po/fr.po +Copyright: 2014-2016 Frédéric Hantrais <fhantrais@gmail.com> + 2023 Frédéric Marchal <fmarchal@perso.be> + 2011-2013 Todd C. Miller <Todd.Miller@courtesan.com> +License: public-domain + +Files: po/fr.po +Copyright: 2022-2023 Frédéric Marchal <fmarchal@perso.be> + 2011-2013 Todd C. Miller <Todd.Miller@courtesan.com> +License: public-domain + +Files: po/fur.po +Copyright: 2017, 2023 Fabio Tomat <f.t.public@gmail.com> + 2011-2013 Todd C. Miller <Todd.Miller@courtesan.com> +License: public-domain + +Files: plugins/sudoers/po/hr.po +Copyright: 2016-2023 Božidar Putanec <bozidarp@yahoo.com> + 2011-2013 Todd C. Miller <Todd.Miller@courtesan.com> +License: public-domain + +Files: po/hr.po +Copyright: 2012-2013 Tomislav Krznar <tomislav.krznar@gmail.com> + 2016-2023 Božidar Putanec <bozidarp@yahoo.com> + 2011-2013 Todd C. Miller <Todd.Miller@courtesan.com> +License: public-domain + +Files: plugins/sudoers/po/ja.po + po/ja.po +Copyright: 2011 Yasuaki Taniguchi <yasuakit@gmail.com> + 2012, 2015-2023 Takeshi Hamasaki <hmatrjp@users.sourceforge.jp> + 2011-2013 Todd C. Miller <Todd.Miller@courtesan.com> +License: public-domain + +Files: plugins/sudoers/po/ko.po + po/ko.po +Copyright: 2016-2023 Seong-ho Cho <darkcircle.0426@gmail.com> + 2011-2013 Todd C. Miller <Todd.Miller@courtesan.com> +License: ISC + +Files: plugins/sudoers/po/pl.po + po/pl.po +Copyright: 2011-2023 Jakub Bogusz <qboosh@pld-linux.org> + 2011-2013 Todd C. Miller <Todd.Miller@courtesan.com> +License: public-domain + +Files: plugins/sudoers/po/ro.po + po/ro.po +Copyright: 2020 Florentina Mușat <florentina.musat.28@gmail.com> + 2021-2023 Remus-Gabriel Chelu <remusgabriel.chelu@disroot.org> + 2011-2013 Todd C. Miller <Todd.Miller@courtesan.com> +License: ISC + +Files: plugins/sudoers/po/ru.po +Copyright: 2015 Artem Vorotnikov <artem@vorotnikov.me> + 2015, 2022 Pavel Maryanov <acid@jack.kiev.ua> + 2011-2013 Todd C. Miller <Todd.Miller@courtesan.com> +License: ISC + +Files: plugins/sudoers/po/sv.po + po/sv.po +Copyright: 2012 Daniel Nylander <po@danielnylander.se> + 2016-2022 Sebastian Rasmussen <sebras@gmail.com> + 2021 Luna Jernberg <droidbittin@gmail.com> +License: public-domain + +Files: plugins/sudoers/po/uk.po +Copyright: 2011-2023 Yuri Chornoivan <yurchor@ukr.net> + 2011-2013 Todd C. Miller <Todd.Miller@courtesan.com> +License: public-domain + +Files: plugins/sudoers/po/zh_CN.po +Copyright: 2011-2018i Wylmer Wang <wantinghard@gmail.com> + 2019-2022 Boyuan Yang <073plan@gmail.com> + 2011-2013 Todd C. Miller <Todd.Miller@courtesan.com> +License: public-domain + +Files: plugins/sudoers/po/zh_TW.po +Copyright: 2019 Hugwalk <baozou0421@gmail.com> + 2019-2021 Yi-Jyun Pan <pan93412@gmail.com> + 2011-2013 Todd C. Miller <Todd.Miller@courtesan.com> +License: public-domain + +Files: po/zh_TW.po +Copyright: 2018 林博仁 (Buo-ren, Lin) <Buo.Ren.Lin@gmail.com> + 2019-2021 Yi-Jyun Pan <pan93412@gmail.com> + 2011-2013 Todd C. Miller <Todd.Miller@courtesan.com> +License: public-domain + +Files: lib/util/mmap_alloc.c +Copyright: 2008 Otto Moerbeek <otto@drijf.net>↲ + 2022 Todd C. Miller <Todd.Miller@sudo.ws> +License: ISC + +Files: lib/util/reallocarray.c +Copyright: 2008 Otto Moerbeek <otto@drijf.net> +License: ISC + +Files: lib/util/getcwd.c lib/util/glob.c include/compat/glob.h lib/util/snprintf.c include/sudo_queue.h +Copyright: 1989, 1990, 1991, 1993 The Regents of the University of California +License: BSD-3-Clause + +Files: lib/util/fnmatch.c +Copyright: 2011, VMware, Inc. +License: BSD-3-Clause + +Files: lib/util/getopt_long.c +Copyright: 2000 The NetBSD Foundation, Inc. +License: BSD-2-Clause + +Files: lib/util/inet_pton.c +Copyright: 1996 Internet Software Consortium. +License: ISC + +Files: lib/util/arc4random.c +Copyright: 1996, David Mazieres <dm@uun.org> + 2008, Damien Miller <djm@openbsd.org> + 2013, Markus Friedl <markus@openbsd.org> + 2014, Theo de Raadt <deraadt@openbsd.org> +License: ISC + +Files: lib/util/arc4random_uniform.c +Copyright: 2008 Damien Miller <djm@openbsd.org> +License: ISC + +Files: lib/util/getentropy.c +Copyright: 2014 Theo de Raadt <deraadt@openbsd.org> + 2014 Bob Beck <beck@obtuse.com> +License: ISC + +Files: include/protobuf-c/* lib/protobuf-c/* +Copyright: 2008-2022, Dave Benson and the protobuf-c authors +License: BSD-2-Clause + +Files: lib/zlib/* +Copyright: 1995-2022 Jean-loup Gailly and Mark Adler +License: Zlib + This software is provided 'as-is', without any express or implied + warranty. In no event will the authors be held liable for any damages + arising from the use of this software. + . + Permission is granted to anyone to use this software for any purpose, + including commercial applications, and to alter it and redistribute it + freely, subject to the following restrictions: + . + 1. The origin of this software must not be misrepresented; you must not + claim that you wrote the original software. If you use this software + in a product, an acknowledgment in the product documentation would be + appreciated but is not required. + 2. Altered source versions must be plainly marked as such, and must not be + misrepresented as being the original software. + 3. This notice may not be removed or altered from any source distribution. + . + Jean-loup Gailly Mark Adler + jloup@gzip.org madler@alumni.caltech.edu + +Files: debian/* +Copyright: Bdale Garbee <bdale@gag.com> + Marc Haber <mh+debian-packages@zugschlus.de>, + Hilko Bengen <bengen@debian.org>, + Bastian Blank <waldi@debian.org>, +License: ISC + +License: ISC + Permission to use, copy, modify, and/or distribute this software for + any purpose with or without fee is hereby granted, provided that the + above copyright notice and this permission notice appear in all copies. + . + THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + +License: BSD-3-Clause + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. Neither the name of the University nor the names of its contributors + may be used to endorse or promote products derived from this software + without specific prior written permission. + . + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE HOLDERS OR + CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +License: BSD-2-Clause + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + . + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE HOLDERS OR + CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +License: public-domain + The files tagged with this license contains the following paragraphs: + . + This file is put in the public domain. diff --git a/debian/etc/pam.d/sudo b/debian/etc/pam.d/sudo new file mode 100644 index 0000000..96e8906 --- /dev/null +++ b/debian/etc/pam.d/sudo @@ -0,0 +1,8 @@ +#%PAM-1.0 + +# Set up user limits from /etc/security/limits.conf. +session required pam_limits.so + +@include common-auth +@include common-account +@include common-session-noninteractive diff --git a/debian/etc/pam.d/sudo-i b/debian/etc/pam.d/sudo-i new file mode 100644 index 0000000..d638522 --- /dev/null +++ b/debian/etc/pam.d/sudo-i @@ -0,0 +1,8 @@ +#%PAM-1.0 + +# Set up user limits from /etc/security/limits.conf. +session required pam_limits.so + +@include common-auth +@include common-account +@include common-session diff --git a/debian/etc/sudoers b/debian/etc/sudoers new file mode 100644 index 0000000..b5da8e9 --- /dev/null +++ b/debian/etc/sudoers @@ -0,0 +1,54 @@ +# +# This file MUST be edited with the 'visudo' command as root. +# +# Please consider adding local content in /etc/sudoers.d/ instead of +# directly modifying this file. +# +# See the man page for details on how to write a sudoers file. +# +Defaults env_reset +Defaults mail_badpass +Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" + +# This fixes CVE-2005-4890 and possibly breaks some versions of kdesu +# (#1011624, https://bugs.kde.org/show_bug.cgi?id=452532) +Defaults use_pty + +# This preserves proxy settings from user environments of root +# equivalent users (group sudo) +#Defaults:%sudo env_keep += "http_proxy https_proxy ftp_proxy all_proxy no_proxy" + +# This allows running arbitrary commands, but so does ALL, and it means +# different sudoers have their choice of editor respected. +#Defaults:%sudo env_keep += "EDITOR" + +# Completely harmless preservation of a user preference. +#Defaults:%sudo env_keep += "GREP_COLOR" + +# While you shouldn't normally run git as root, you need to with etckeeper +#Defaults:%sudo env_keep += "GIT_AUTHOR_* GIT_COMMITTER_*" + +# Per-user preferences; root won't have sensible values for them. +#Defaults:%sudo env_keep += "EMAIL DEBEMAIL DEBFULLNAME" + +# "sudo scp" or "sudo rsync" should be able to use your SSH agent. +#Defaults:%sudo env_keep += "SSH_AGENT_PID SSH_AUTH_SOCK" + +# Ditto for GPG agent +#Defaults:%sudo env_keep += "GPG_AGENT_INFO" + +# Host alias specification + +# User alias specification + +# Cmnd alias specification + +# User privilege specification +root ALL=(ALL:ALL) ALL + +# Allow members of group sudo to execute any command +%sudo ALL=(ALL:ALL) ALL + +# See sudoers(5) for more information on "@include" directives: + +@includedir /etc/sudoers.d diff --git a/debian/etc/sudoers.d/README b/debian/etc/sudoers.d/README new file mode 100644 index 0000000..356d882 --- /dev/null +++ b/debian/etc/sudoers.d/README @@ -0,0 +1,24 @@ +# +# The default /etc/sudoers file created on installation of the +# sudo package now includes the directive: +# +# @includedir /etc/sudoers.d +# +# This will cause sudo to read and parse any files in the /etc/sudoers.d +# directory that do not end in '~' or contain a '.' character. +# +# Note that there must be at least one file in the sudoers.d directory (this +# one will do). +# +# Note also, that because sudoers contents can vary widely, no attempt is +# made to add this directive to existing sudoers files on upgrade. Feel free +# to add the above directive to the end of your /etc/sudoers file to enable +# this functionality for existing installations if you wish! Sudo +# versions older than the one in Debian 11 (bullseye) require the +# directive will only support the old syntax #includedir, and the current +# sudo will happily accept both @includedir and #includedir +# +# Finally, please note that using the visudo command is the recommended way +# to update sudoers content, since it protects against many failure modes. +# See the man page for visudo and sudoers for more information. +# diff --git a/debian/libnss-sudo.nss b/debian/libnss-sudo.nss new file mode 100644 index 0000000..84f7755 --- /dev/null +++ b/debian/libnss-sudo.nss @@ -0,0 +1,2 @@ +sudoers database-add +sudoers first files diff --git a/debian/patches/1004909-ftbfs-kfreebsd b/debian/patches/1004909-ftbfs-kfreebsd new file mode 100644 index 0000000..1451b30 --- /dev/null +++ b/debian/patches/1004909-ftbfs-kfreebsd @@ -0,0 +1,24 @@ +Description: Fix FTBFS Issue on kFreeBSD +Author: Laurent Bigonville <bigon@debian.org> +Bug: https://bugs.debian.org/1004909 +Forwarded: https://bugzilla.sudo.ws/show_bug.cgi?id=1021 +--- a/include/sudo_compat.h ++++ b/include/sudo_compat.h +@@ -472,7 +472,7 @@ sudo_dso_public time_t sudo_timegm(struc + #ifndef HAVE_UTIMENSAT + sudo_dso_public int sudo_utimensat(int fd, const char *file, const struct timespec *times, int flag); + # undef utimensat +-# define utimensat(_a, _b, _c, _d) sudo_utimensat((_a), (_b), (_c), (_d)) ++# define utimensat(_a, _b, _c, _d) sudo_utimensat(_a, _b, _c, _d) + #endif /* HAVE_UTIMENSAT */ + #ifndef HAVE_FCHMODAT + sudo_dso_public int sudo_fchmodat(int dfd, const char *path, mode_t mode, int flag); +@@ -487,7 +487,7 @@ sudo_dso_public int sudo_fstatat(int dfd + #ifndef HAVE_FUTIMENS + sudo_dso_public int sudo_futimens(int fd, const struct timespec *times); + # undef futimens +-# define futimens(_a, _b) sudo_futimens((_a), (_b)) ++# define futimens(_a, _b) sudo_futimens(_a, _b) + #endif /* HAVE_FUTIMENS */ + #if !defined(HAVE_SNPRINTF) || defined(PREFER_PORTABLE_SNPRINTF) + sudo_dso_public int sudo_snprintf(char *str, size_t n, char const *fmt, ...) __printflike(3, 4); diff --git a/debian/patches/Whitelist-DPKG_COLORS-environment-variable.diff b/debian/patches/Whitelist-DPKG_COLORS-environment-variable.diff new file mode 100644 index 0000000..7b54b46 --- /dev/null +++ b/debian/patches/Whitelist-DPKG_COLORS-environment-variable.diff @@ -0,0 +1,19 @@ +From 18087bc16ec20ca2c8f0045a6b0408e94c53075c Mon Sep 17 00:00:00 2001 +From: Guillem Jover <guillem@hadrons.org> +Date: Wed, 4 May 2016 01:53:13 +0200 +Subject: [PATCH] Whitelist DPKG_COLORS environment variable + +--- + plugins/sudoers/env.c | 1 + + 1 file changed, 1 insertion(+) + +--- a/plugins/sudoers/env.c ++++ b/plugins/sudoers/env.c +@@ -216,6 +216,7 @@ static const char *initial_checkenv_tabl + static const char *initial_keepenv_table[] = { + "COLORS", + "DISPLAY", ++ "DPKG_COLORS", + "HOSTNAME", + "KRB5CCNAME", + "LS_COLORS", diff --git a/debian/patches/debian-bug-1039557 b/debian/patches/debian-bug-1039557 new file mode 100644 index 0000000..947c3ed --- /dev/null +++ b/debian/patches/debian-bug-1039557 @@ -0,0 +1,14 @@ +Desciption: fix event log format with environment variables +Origin: https://github.com/sudo-project/sudo/commit/12648b4e0a8cf486480442efd52f0e0b6cab6e8b +Bug: https://github.com/sudo-project/sudo/issues/254 +Forwarded: not-needed +--- a/lib/eventlog/eventlog.c ++++ b/lib/eventlog/eventlog.c +@@ -189,6 +189,7 @@ new_logline(int event_type, int flags, s + sudo_lbuf_append_esc(lbuf, LBUF_ESC_CNTRL, " %s", + evlog->env_add[i]); + } ++ sudo_lbuf_append(lbuf, " ; "); + } + if (evlog->command != NULL && evlog->argv != NULL) { + /* Command plus argv. */ diff --git a/debian/patches/paths-in-samples.diff b/debian/patches/paths-in-samples.diff new file mode 100644 index 0000000..d0144b6 --- /dev/null +++ b/debian/patches/paths-in-samples.diff @@ -0,0 +1,40 @@ +Description: fix paths in sudoers example to match Debian's +Last-Update: 2021-12-13 +Author: Bdale Garbee <bdale@gag.com> +Forwarded: not-needed +--- a/examples/sudoers.in ++++ b/examples/sudoers.in +@@ -44,7 +44,7 @@ Host_Alias CDROM = orion, perseus, hercu + # Cmnd alias specification + ## + Cmnd_Alias DUMPS = /usr/sbin/dump, /usr/sbin/rdump, /usr/sbin/restore, \ +- /usr/sbin/rrestore, /usr/bin/mt, \ ++ /usr/sbin/rrestore, /bin/mt, \ + sha224:0GomF8mNN3wlDt1HD9XldjJ3SNgpFdbjO1+NsQ== \ + /home/operator/bin/start_backups + Cmnd_Alias KILL = /usr/bin/kill, /usr/bin/top +@@ -85,7 +85,7 @@ operator ALL = DUMPS, KILL, SHUTDOWN, HA + sudoedit /etc/printcap, /usr/oper/bin/ + + # joe may su only to operator +-joe ALL = /usr/bin/su operator ++joe ALL = /bin/su operator + + # pete may change passwords for anyone but root on the hp snakes + pete HPPA = /usr/bin/passwd ^[a-zA-Z0-9_]+$, !/usr/bin/passwd root +@@ -99,13 +99,13 @@ jim +biglab = ALL + + # users in the secretaries netgroup need to help manage the printers + # as well as add and remove users +-+secretaries ALL = PRINTING, /usr/bin/adduser, /usr/bin/rmuser +++secretaries ALL = PRINTING, /usr/sbin/adduser + + # fred can run commands as oracle or sybase without a password + fred ALL = (DB) NOPASSWD: ALL + + # on the alphas, john may su to anyone except root, no flags are allowed. +-john ALPHA = /usr/bin/su ^[a-zA-Z0-9_]+$, !/usr/bin/su root ++john ALPHA = /bin/su ^[a-zA-Z0-9_]+$, !/bin/su root + + # jen can run anything on all machines except the ones + # in the "SERVERS" Host_Alias diff --git a/debian/patches/series b/debian/patches/series new file mode 100644 index 0000000..6f71106 --- /dev/null +++ b/debian/patches/series @@ -0,0 +1,7 @@ +# 1004909-ftbfs-kfreebsd +# debian-bugs-1019428 +# dont-create-ChangeLog +debian-bug-1039557 +paths-in-samples.diff +Whitelist-DPKG_COLORS-environment-variable.diff +sudo-ldap-docs diff --git a/debian/patches/sudo-ldap-docs b/debian/patches/sudo-ldap-docs new file mode 100644 index 0000000..10378dd --- /dev/null +++ b/debian/patches/sudo-ldap-docs @@ -0,0 +1,59 @@ +Description: Adapt README.LDAP to the actual state of the sudo-ldap package +Author: Marc Haber <mh+debian-packages@zugschlus.de> +Forwarded: not-needed +--- a/README.LDAP.md ++++ b/README.LDAP.md +@@ -35,22 +35,8 @@ They are one and the same. + + ## Build instructions + +-The simplest way to build sudo with LDAP support is to include the +-`--with-ldap` option. +- +- $ ./configure --with-ldap +- +-If your ldap libraries and headers are in a non-standard place, you will need +-to specify them at configure time. E.g. +- +- $ ./configure --with-ldap=/usr/local/ldapsdk +- +-Sudo is developed using OpenLDAP but Netscape-based LDAP libraries +-(such as those present in Solaris) and IBM LDAP are also known to work. +- +-If special configuration was required to build an LDAP-enabled sudo, +-let the sudo workers mailing list <sudo-workers@sudo.ws> know so +-we can improve sudo. ++The Debian package of sudo-ldap is already built with LDAP support ++using the OpenLDAP libs. + + ## Schema Changes + +@@ -177,13 +163,10 @@ I recommend using any of the following L + + There are dozens of others, some Open Source, some free, some not. + +-## Configure your /etc/ldap.conf and /etc/nsswitch.conf ++## Configure your /etc/sudo-ldap.conf and /etc/nsswitch.conf + +-The /etc/ldap.conf file is meant to be shared between sudo, pam_ldap, nss_ldap +-and other ldap applications and modules. IBM Secureway unfortunately uses +-the same file name but has a different syntax. If you need to change where +-this file is stored, re-run configure with the `--with-ldap-conf-file=PATH` +-option. ++The Debian package sudo-ldap uses /etc/sudo-ldap.conf as configuration file ++and is configured to use nsswitch. + + See the "Configuring ldap.conf" section in the sudoers.ldap manual + for a list of supported ldap.conf parameters and an example ldap.conf +@@ -195,10 +178,7 @@ After configuring /etc/ldap.conf, you mu + /etc/nsswitch.conf file to tell sudo to look in LDAP for sudoers. + See the "Configuring nsswitch.conf" section in the sudoers.ldap + manual for details. Sudo will use /etc/nsswitch.conf even if the +-underlying operating system does not support it. To disable nsswitch +-support, run configure with the `--with-nsswitch=no` option. This +-will cause sudo to consult LDAP first and /etc/sudoers second, +-unless the ignore_sudoers_file flag is set in the global LDAP options. ++underlying operating system does not support it. + + ## Debugging your LDAP configuration + diff --git a/debian/rules b/debian/rules new file mode 100755 index 0000000..181f389 --- /dev/null +++ b/debian/rules @@ -0,0 +1,90 @@ +#!/usr/bin/make -f +# Uncomment this to turn on verbose mode. +#export DH_VERBOSE=1 + +export DEB_BUILD_MAINT_OPTIONS = hardening=+all +export DEB_CFLAGS_MAINT_APPEND = -Wall -pedantic +# the following line can go away after the bookworm release +# iff no backports to bullseye and/or buster are planned. +# See #1025683 for a comprehension question. If this is cleared, +# the export can be commented out (but stay around as reminder for backports) +export DEB_LDFLAGS_MAINT_APPEND = -Wl,--as-needed +DPKG_EXPORT_BUILDFLAGS = 1 + +include /usr/share/dpkg/default.mk + +define CONFIGURE_ARGS + --with-all-insults + --with-pam --with-pam-login + --with-fqdn + --with-logging=syslog + --with-logfac=authpriv + --with-env-editor + --with-editor=/usr/bin/editor + --with-timeout=15 + --with-password-timeout=0 + --with-passprompt="[sudo] password for %p: " + --with-tty-tickets + --without-lecture + --disable-root-mailer + --with-sendmail=/usr/sbin/sendmail + --with-rundir=/run/sudo + --with-sssd --with-sssd-lib=/usr/lib/$(DEB_HOST_MULTIARCH) + --enable-zlib=system + --enable-admin-flag +endef + +ifeq ($(DEB_HOST_ARCH_OS),linux) +CONFIGURE_ARGS += --with-selinux --with-linux-audit --enable-tmpfiles.d=/usr/lib/tmpfiles.d +endif + +# Consistently use /bin/mv to ensure reproducible builds regardless of +# building on a usrmerge or non-usrmerge system. +CONFIGURE_ARGS += MVPROG=/bin/mv + +%: + dh $@ + +override_dh_auto_configure: + dh_auto_configure --builddirectory build-simple -- $(strip $(CONFIGURE_ARGS)) \ + --with-exampledir=/usr/share/doc/sudo/examples + dh_auto_configure --builddirectory build-ldap -- $(strip $(CONFIGURE_ARGS)) \ + --with-exampledir=/usr/share/doc/sudo-ldap/examples \ + --docdir=/usr/share/doc/sudo-ldap \ + --with-ldap --with-ldap-conf-file=/etc/sudo-ldap.conf + +override_dh_auto_clean override_dh_auto_build: + $(patsubst override_%,%,$@) --builddirectory build-simple + $(patsubst override_%,%,$@) --builddirectory build-ldap + +override_dh_auto_test: +ifeq (,$(filter nocheck,$(DEB_BUILD_OPTIONS))) + dh_auto_test --builddirectory build-simple + dh_auto_test --builddirectory build-ldap +endif + +override_dh_auto_install: + dh_auto_install --builddirectory build-simple --destdir debian/sudo -- INSTALL_OWNER= + dh_auto_install --builddirectory build-ldap --destdir debian/sudo-ldap -- INSTALL_OWNER= + + rm -f debian/sudo*/etc/sudoers \ + debian/sudo*/usr/share/doc/sudo*/LICENSE.md \ + rm -rf debian/sudo*/run + find debian/sudo*/ -type f -name '*.la' | xargs rm -f + + for pkg in sudo sudo-ldap; do \ + mv debian/$$pkg/etc/sudoers.dist \ + debian/$$pkg/usr/share/doc/$$pkg/examples/sudoers.dist; \ + mkdir -p debian/$$pkg/lib/systemd/system; \ + ln -s /dev/null debian/$$pkg/lib/systemd/system/sudo.service; \ + done + +execute_after_dh_fixperms: + # fix executable libraries + chmod 0644 debian/sudo*/usr/libexec/sudo/*.so + +override_dh_fixperms: + dh_fixperms --exclude=usr/bin/sudo + +override_dh_installchangelogs: + dh_installchangelogs --exclude=HISTORY diff --git a/debian/rules.predh7 b/debian/rules.predh7 new file mode 100755 index 0000000..1117b57 --- /dev/null +++ b/debian/rules.predh7 @@ -0,0 +1,192 @@ +#!/usr/bin/make -f + +export DH_VERBOSE=1 +export DEB_BUILD_MAINT_OPTIONS = hardening=+all + +CFLAGS = `dpkg-buildflags --get CFLAGS` +CFLAGS += -Wall -Wno-comment +LDFLAGS = `dpkg-buildflags --get LDFLAGS` +CPPFLAGS = `dpkg-buildflags --get CPPFLAGS` + +DEB_HOST_MULTIARCH ?= $(shell dpkg-architecture -qDEB_HOST_MULTIARCH) +DEB_HOST_ARCH_OS ?= $(shell dpkg-architecture -qDEB_HOST_ARCH_OS) +ifeq ($(DEB_HOST_ARCH_OS),linux) + configure_args += --with-selinux --with-linux-audit --enable-tmpfiles.d=yes +endif + +# Consistently use /bin/mv to ensure reproducible builds regardless of +# building on a usrmerge or non-usrmerge system. +configure_args += MVPROG=/bin/mv + +reconf-stamp: + cp -f /usr/share/misc/config.sub config.sub + cp -f /usr/share/misc/config.guess config.guess + autoconf -I m4 + touch $@ + +configure: configure-stamp +configure-stamp: reconf-stamp + dh_testdir + cp -f /usr/share/misc/config.sub config.sub + cp -f /usr/share/misc/config.guess config.guess + + # simple version + NROFFPROG=/usr/bin/nroff CFLAGS="$(CFLAGS)" \ + CPPFLAGS="$(CPPFLAGS)" LDFLAGS="$(LDFLAGS)" \ + dh_auto_configure --builddirectory=build-simple -- \ + -v \ + --with-all-insults \ + --with-pam \ + --with-fqdn \ + --with-logging=syslog \ + --with-logfac=authpriv \ + --with-env-editor \ + --with-editor=/usr/bin/editor \ + --with-exampledir=/usr/share/doc/sudo/examples \ + --with-timeout=15 \ + --with-password-timeout=0 \ + --with-passprompt="[sudo] password for %p: " \ + --disable-root-mailer \ + --with-sendmail=/usr/sbin/sendmail \ + --with-rundir=/run/sudo \ + --libexecdir=/usr/lib \ + --with-sssd --with-sssd-lib=/usr/lib/$(DEB_HOST_MULTIARCH) \ + --enable-zlib=system \ + $(configure_args) + + # LDAP version + NROFFPROG=/usr/bin/nroff CFLAGS="$(CFLAGS)" \ + CPPFLAGS="$(CPPFLAGS)" LDFLAGS="$(LDFLAGS)" \ + dh_auto_configure --builddirectory=build-ldap -- \ + -v \ + --with-all-insults \ + --with-pam \ + --with-ldap \ + --with-fqdn \ + --with-logging=syslog \ + --with-logfac=authpriv \ + --with-env-editor \ + --with-editor=/usr/bin/editor \ + --with-exampledir=/usr/share/doc/sudo-ldap/examples \ + --with-timeout=15 \ + --with-password-timeout=0 \ + --with-passprompt="[sudo] password for %p: " \ + --disable-root-mailer \ + --disable-setresuid \ + --with-sendmail=/usr/sbin/sendmail \ + --with-rundir=/run/sudo \ + --with-ldap-conf-file=/etc/sudo-ldap.conf \ + --libexecdir=/usr/lib \ + --with-sssd --with-sssd-lib=/usr/lib/$(DEB_HOST_MULTIARCH) \ + --enable-zlib=system \ + $(configure_args) + + touch configure-stamp + +build: build-arch build-indep +build-arch: build-stamp +build-indep: build-stamp +build-stamp: configure-stamp + dh_testdir + + $(MAKE) -C build-simple + $(MAKE) -C build-ldap + +ifeq (,$(filter nocheck,$(DEB_BUILD_OPTIONS))) + $(MAKE) -C build-simple check +endif + + touch build-stamp + +clean: + dh_testdir + dh_testroot + rm -f configure-stamp build-stamp + rm -rf build-simple build-ldap + rm -f config.cache + dh_clean + +install: build-stamp + dh_testdir + dh_testroot + dh_prep + dh_installdirs + + $(MAKE) -C build-simple install DESTDIR=$(CURDIR)/debian/sudo + $(MAKE) -C build-ldap install DESTDIR=$(CURDIR)/debian/sudo-ldap + + # remove stuff we don't want + rm -f debian/sudo*/etc/sudoers \ + debian/sudo*/usr/share/doc/sudo/LICENSE* \ + debian/sudo*/usr/share/doc/sudo/ChangeLog + + # provide upstream sudoers.dist as an alternate example + mv debian/sudo/etc/sudoers.dist \ + debian/sudo/usr/share/doc/sudo/examples/sudoers.dist + mv debian/sudo-ldap/etc/sudoers.dist \ + debian/sudo-ldap/usr/share/doc/sudo-ldap/examples/sudoers.dist + + # /run/sudo directory is created at boot time and shouldn't be in the + # package + rm -rf debian/sudo*/run + + # move upstream-installed docs to the right place for ldap package + mv debian/sudo-ldap/usr/share/doc/sudo/* \ + debian/sudo-ldap/usr/share/doc/sudo-ldap/ + rmdir debian/sudo-ldap/usr/share/doc/sudo + + # and install things we do want that make install doesn't know about + install -o root -g root -m 0644 debian/sudo.pam \ + debian/sudo/etc/pam.d/sudo + install -o root -g root -m 0644 debian/sudo.pam \ + debian/sudo-ldap/etc/pam.d/sudo + + install -o root -g root -m 0644 debian/sudo.lintian \ + debian/sudo/usr/share/lintian/overrides/sudo + install -o root -g root -m 0644 debian/sudo-ldap.lintian \ + debian/sudo-ldap/usr/share/lintian/overrides/sudo-ldap + + install -o root -g root -m 0440 debian/sudoers \ + debian/sudo/etc/sudoers + install -o root -g root -m 0440 debian/sudoers \ + debian/sudo-ldap/etc/sudoers + + install -o root -g root -m 0440 debian/README \ + debian/sudo/etc/sudoers.d/README + install -o root -g root -m 0440 debian/README \ + debian/sudo-ldap/etc/sudoers.d/README + + # we don't want the initscript to run, the creation of the rundir and + # the cleanup the stamp files is now done by tmpfiles when using + # systemd + ln -s /dev/null debian/sudo/lib/systemd/system/sudo.service + ln -s /dev/null debian/sudo-ldap/lib/systemd/system/sudo.service + +binary-indep: build install + +binary-arch: build install + dh_testdir + dh_testroot + dh_installdocs -A + dh_installinit -psudo --name=sudo + dh_installinit -psudo-ldap --name=sudo-ldap + dh_installman -A + dh_installinfo -A + dh_installchangelogs ChangeLog + # clear dependency_libs field in .la files + sed -i "/dependency_libs/ s/'.*'/''/" `find . -name '*.la'` + dh_strip + dh_compress + dh_fixperms + chown root.root debian/sudo/usr/bin/sudo debian/sudo-ldap/usr/bin/sudo + chmod 4755 debian/sudo/usr/bin/sudo debian/sudo-ldap/usr/bin/sudo + chmod 0440 debian/sudo/etc/sudoers.d/README \ + debian/sudo-ldap/etc/sudoers.d/README + dh_installdeb + dh_shlibdeps + dh_gencontrol + dh_md5sums + dh_builddeb + +binary: binary-indep binary-arch +.PHONY: configure build-indep build-arch build clean binary-indep binary-arch binary install diff --git a/debian/salsa-ci.yml b/debian/salsa-ci.yml new file mode 100644 index 0000000..6ef0d79 --- /dev/null +++ b/debian/salsa-ci.yml @@ -0,0 +1,14 @@ +--- +include: + - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/recipes/debian.yml + +# Enable extra Salsa-CI tests that are otherwise off by default +variables: + SALSA_CI_DISABLE_MISSING_BREAKS: 0 + SALSA_CI_DISABLE_RC_BUGS: 0 + +# Piuparts for sudo is currently failing (August 2021) when Salsa-CI was enabled. +# Remove this override once that issue is fixed. +piuparts: + allow_failure: true + diff --git a/debian/source/format b/debian/source/format new file mode 100644 index 0000000..163aaf8 --- /dev/null +++ b/debian/source/format @@ -0,0 +1 @@ +3.0 (quilt) diff --git a/debian/source/lintian-overrides b/debian/source/lintian-overrides new file mode 100644 index 0000000..7575301 --- /dev/null +++ b/debian/source/lintian-overrides @@ -0,0 +1,5 @@ +# not going to pester upstream about this +sudo source: very-long-line-length-in-source-file * > 512 [plugins/sudoers/regress/corpus/seed/policy/policy.3:*] +sudo source: very-long-line-length-in-source-file * > 512 [docs/Makefile.in:*] +sudo source: very-long-line-length-in-source-file * > 512 [configure.ac:*] +sudo source: very-long-line-length-in-source-file * > 512 [scripts/mkdep.pl:*] diff --git a/debian/source_sudo.py b/debian/source_sudo.py new file mode 100755 index 0000000..e28f6d8 --- /dev/null +++ b/debian/source_sudo.py @@ -0,0 +1,33 @@ +#!/usr/bin/python3 + +'''Apport package hook for sudo + +(c) 2010 Canonical Ltd. +Contributors: +Marc Deslauriers <marc.deslauriers@canonical.com> + +This program is free software; you can redistribute it and/or modify it +under the terms of the GNU General Public License as published by the +Free Software Foundation; either version 2 of the License, or (at your +option) any later version. See http://www.gnu.org/copyleft/gpl.html for +the full text of the license. +''' + +from apport.hookutils import * + +def add_info(report, ui): + + response = ui.yesno("The contents of your /etc/sudoers file may help developers diagnose your bug more quickly, however, it may contain sensitive information. Do you want to include it in your bug report?") + + if response == None: #user cancelled + raise StopIteration + + elif response == True: + # This needs to be run as root + report['Sudoers'] = root_command_output(['/bin/cat', '/etc/sudoers']) + report['VisudoCheck'] = root_command_output(['/usr/sbin/visudo', '-c']) + + elif response == False: + ui.information("The contents of your /etc/sudoers will NOT be included in the bug report.") + + diff --git a/debian/sudo-ldap.docs b/debian/sudo-ldap.docs new file mode 100644 index 0000000..b94c100 --- /dev/null +++ b/debian/sudo-ldap.docs @@ -0,0 +1 @@ +debian/OPTIONS diff --git a/debian/sudo-ldap.init b/debian/sudo-ldap.init new file mode 100644 index 0000000..b907b8a --- /dev/null +++ b/debian/sudo-ldap.init @@ -0,0 +1,46 @@ +#! /bin/sh + +### BEGIN INIT INFO +# Provides: sudo-ldap +# Required-Start: $local_fs $remote_fs +# Required-Stop: +# X-Start-Before: rmnologin +# Default-Start: 2 3 4 5 +# Default-Stop: +# Short-Description: Provide limited super user privileges to specific users +# Description: Provide limited super user privileges to specific users. +### END INIT INFO + +. /lib/lsb/init-functions + +N=/etc/init.d/sudo-ldap + +set -e + +case "$1" in + start) + # make sure privileges don't persist across reboots + # if the /run/sudo directory doesn't exist, let's create it with the + # correct permissions and SELinux label + if ! [ -d /run/systemd/system ] ; then + if [ -d /run/sudo ] + then + find /run/sudo -exec touch -d @0 '{}' \; + else + mkdir /run/sudo /run/sudo/ts + chown root:root /run/sudo /run/sudo/ts + chmod 0711 /run/sudo + chmod 0700 /run/sudo/ts + [ -x /sbin/restorecon ] && /sbin/restorecon /run/sudo /run/sudo/ts + fi + fi + ;; + stop|reload|restart|force-reload|status) + ;; + *) + echo "Usage: $N {start|stop|restart|force-reload|status}" >&2 + exit 1 + ;; +esac + +exit 0 diff --git a/debian/sudo-ldap.install b/debian/sudo-ldap.install new file mode 100644 index 0000000..b9fd6ab --- /dev/null +++ b/debian/sudo-ldap.install @@ -0,0 +1,2 @@ +debian/etc/* /etc +debian/source_sudo.py /usr/share/apport/package-hooks diff --git a/debian/sudo-ldap.lintian-overrides b/debian/sudo-ldap.lintian-overrides new file mode 100644 index 0000000..2c88397 --- /dev/null +++ b/debian/sudo-ldap.lintian-overrides @@ -0,0 +1,22 @@ +# sudo is set-uid root by design. +sudo-ldap: elevated-privileges 4755 root/root [usr/bin/sudo] + +# two variants for different lintian versions +# the init script job is done by systemd-tmpfiles on systemd systems +sudo-ldap: omitted-systemd-service-for-init.d-script sudo-ldap [etc/init.d/sudo-ldap] +sudo-ldap: package-supports-alternative-init-but-no-init.d-script [lib/systemd/system/sudo.service] + +# a false alarm, see #204975 +sudo-ldap: package-has-unnecessary-activation-of-ldconfig-trigger + +# a false alarm +sudo-ldap: hardening-no-fortify-functions [usr/libexec/sudo/group_file.so] + +# this is a false alarm, our shared objects are all private +sudo-ldap: custom-library-search-path RUNPATH /usr/libexec/sudo [*] + +# Debian does not ship Apport. +sudo-ldap: python3-script-but-no-python3-dep /usr/bin/python3 (does not satisfy python3:any | python3-minimal:any) [*] + +# This is a film quote +sudo-ldap: spelling-error-in-binary "allow to" "allow one to" [usr/libexec/sudo/sudoers.so] diff --git a/debian/sudo-ldap.maintscript b/debian/sudo-ldap.maintscript new file mode 100644 index 0000000..00c4807 --- /dev/null +++ b/debian/sudo-ldap.maintscript @@ -0,0 +1,2 @@ +# remove this after bookworm release +rm_conffile /etc/init.d/sudo 1.8.21p2-2~ diff --git a/debian/sudo-ldap.nss b/debian/sudo-ldap.nss new file mode 100644 index 0000000..43ba183 --- /dev/null +++ b/debian/sudo-ldap.nss @@ -0,0 +1,2 @@ +sudoers database-require +sudoers after=files ldap diff --git a/debian/sudo-ldap.postinst b/debian/sudo-ldap.postinst new file mode 100644 index 0000000..306e0f1 --- /dev/null +++ b/debian/sudo-ldap.postinst @@ -0,0 +1,59 @@ +#!/bin/sh + +set -e + +# remove old link +# this was already present in 2017 + +if [ -L /etc/alternatives/sudo ]; then + rm /etc/alternatives/sudo +fi + +# remove legacy conffile no longer delivered +# this was added in 1.8.21p2-1 in 2017. + +if [ -f /etc/sudoers.dist ]; then + rm /etc/sudoers.dist +fi + +# complain if no sudoers file is present +if [ ! -f /etc/sudoers ];then + echo "WARNING: /etc/sudoers not present!"; +fi + +# make sure sudoers has the correct permissions and owner/group +if [ -f /etc/sudoers ];then + chown root:root /etc/sudoers + chmod 440 /etc/sudoers +fi + +# create symlink to ease transition to new path for ldap config +# if old config file exists and new one doesn't +if [ -e /etc/ldap/ldap.conf -a ! -e /etc/sudo-ldap.conf ];then + ln -s ldap/ldap.conf /etc/sudo-ldap.conf +fi + +# if we've gotten this far .. remove the saved, unchanged old sudoers file +rm -f /etc/sudoers.pre-conffile + +# before 1.8.7-1 sudo-ldap used /etc/init.d/sudo instead of /etc/init.d/sudo-ldap, +# let's make sure that's taken care of +if [ "$1" = "configure" ] && dpkg --compare-versions "$2" lt-nl "1.8.21p2-2~" ; then + update-rc.d sudo remove +fi + +# Between 1.8.3p2-1 and 1.19.11p3-1, sudo-ldap's postrm unconditionally +# removed the sudoers database from /etc/nsswitch.conf. +# This breaks the "upgrade" path of the code installed by dh_installnss, +# but it is handled properly its "install" path. +# If we detect that situation, we install a file to inform the dh_installnss +# code that it should run as if sudo-ldap were being installed from scratch, +# even though this is an upgrade. +if [ "$1" = "configure" ] && + dpkg --compare-versions "$2" gt "1.8.3p2-1" && + dpkg --compare-versions "$2" lt-nl "1.9.12p1-1~" +then + touch /etc/nsswitch.conf.nss.sudo-ldap-will-install +fi + +#DEBHELPER# diff --git a/debian/sudo-ldap.postrm b/debian/sudo-ldap.postrm new file mode 100644 index 0000000..6ae8523 --- /dev/null +++ b/debian/sudo-ldap.postrm @@ -0,0 +1,28 @@ +#!/bin/sh + +set -e + +case "$1" in + purge) + rm -f /etc/sudo-ldap.conf + rm -rf /var/lib/sudo + rm -rf /run/sudo + ;; + + remove|upgrade|deconfigure) + ;; + + abort-upgrade|failed-upgrade) + if [ -e "/etc/sudoers.pre-conffile" ]; then + mv /etc/sudoers.pre-conffile /etc/sudoers + fi + ;; + + + *) + echo "unknown argument --> $1" >&2 + exit 0 + ;; +esac + +#DEBHELPER# diff --git a/debian/sudo-ldap.preinst b/debian/sudo-ldap.preinst new file mode 100644 index 0000000..a10d5f2 --- /dev/null +++ b/debian/sudo-ldap.preinst @@ -0,0 +1,24 @@ +#!/bin/sh + +set -e + +case "$1" in + install|upgrade) + if [ -n "$2" ] && dpkg --compare-versions "$2" le "1.7.4p4-4"; then + + SUDOERS="/etc/sudoers" + + if [ -e "$SUDOERS" ]; then + md5sum="$(md5sum $SUDOERS | sed -e 's/ .*//')" + if [ "$md5sum" = "c310ef4892a00cca8134f6e4fcd64b6d" ] || #lenny + [ "$md5sum" = "c5dab0f2771411ed7e67d6dab60a311f" ] || #squeeze + [ "$md5sum" = "45437b4e86fba2ab890ac81db2ec3606" ]; then #wheezy + # move unchanged sudoers file to avoid conffile question + mv "$SUDOERS" "$SUDOERS.pre-conffile" + fi + fi + fi + ;; +esac + +#DEBHELPER# diff --git a/debian/sudo-ldap.tmpfiles b/debian/sudo-ldap.tmpfiles new file mode 100644 index 0000000..28f15bb --- /dev/null +++ b/debian/sudo-ldap.tmpfiles @@ -0,0 +1 @@ +D /run/sudo 0711 root root diff --git a/debian/sudo.docs b/debian/sudo.docs new file mode 100644 index 0000000..b94c100 --- /dev/null +++ b/debian/sudo.docs @@ -0,0 +1 @@ +debian/OPTIONS diff --git a/debian/sudo.init b/debian/sudo.init new file mode 100644 index 0000000..602d9bf --- /dev/null +++ b/debian/sudo.init @@ -0,0 +1,46 @@ +#! /bin/sh + +### BEGIN INIT INFO +# Provides: sudo +# Required-Start: $local_fs $remote_fs +# Required-Stop: +# X-Start-Before: rmnologin +# Default-Start: 2 3 4 5 +# Default-Stop: +# Short-Description: Provide limited super user privileges to specific users +# Description: Provide limited super user privileges to specific users. +### END INIT INFO + +. /lib/lsb/init-functions + +N=/etc/init.d/sudo + +set -e + +case "$1" in + start) + # make sure privileges don't persist across reboots + # if the /run/sudo directory doesn't exist, let's create it with the + # correct permissions and SELinux label + if ! [ -d /run/systemd/system ] ; then + if [ -d /run/sudo ] + then + find /run/sudo -exec touch -d @0 '{}' \; + else + mkdir /run/sudo /run/sudo/ts + chown root:root /run/sudo /run/sudo/ts + chmod 0711 /run/sudo + chmod 0700 /run/sudo/ts + [ -x /sbin/restorecon ] && /sbin/restorecon /run/sudo /run/sudo/ts + fi + fi + ;; + stop|reload|restart|force-reload|status) + ;; + *) + echo "Usage: $N {start|stop|restart|force-reload|status}" >&2 + exit 1 + ;; +esac + +exit 0 diff --git a/debian/sudo.install b/debian/sudo.install new file mode 100644 index 0000000..b9fd6ab --- /dev/null +++ b/debian/sudo.install @@ -0,0 +1,2 @@ +debian/etc/* /etc +debian/source_sudo.py /usr/share/apport/package-hooks diff --git a/debian/sudo.lintian-overrides b/debian/sudo.lintian-overrides new file mode 100644 index 0000000..9c649d4 --- /dev/null +++ b/debian/sudo.lintian-overrides @@ -0,0 +1,18 @@ +# sudo is set-uid root by design. +sudo: elevated-privileges 4755 root/root [usr/bin/sudo] + +# a false alarm, see #204975 +sudo: package-has-unnecessary-activation-of-ldconfig-trigger + +# a false alarm +sudo: hardening-no-fortify-functions [usr/libexec/sudo/group_file.so] + +# this is a false alarm, our shared objects are all private +sudo: custom-library-search-path RUNPATH /usr/libexec/sudo [*] + +# Debian does not ship Apport. +sudo: python3-script-but-no-python3-dep /usr/bin/python3 (does not satisfy python3:any | python3-minimal:any) [*] + +# This is a film quote +sudo: spelling-error-in-binary "allow to" "allow one to" [usr/libexec/sudo/sudoers.so] + diff --git a/debian/sudo.postinst b/debian/sudo.postinst new file mode 100644 index 0000000..f9bed9b --- /dev/null +++ b/debian/sudo.postinst @@ -0,0 +1,33 @@ +#!/bin/sh + +set -e + +# remove old link +# this was already present in 2017 + +if [ -L /etc/alternatives/sudo ]; then + rm /etc/alternatives/sudo +fi + +# remove legacy conffile no longer delivered +# this was added in 1.8.21p2-1 in 2017. + +if [ -f /etc/sudoers.dist ]; then + rm /etc/sudoers.dist +fi + +# complain if no sudoers file is present +if [ ! -f /etc/sudoers ];then + echo "WARNING: /etc/sudoers not present!"; +fi + +# make sure sudoers has the correct permissions and owner/group +if [ -f /etc/sudoers ];then + chown root:root /etc/sudoers + chmod 440 /etc/sudoers +fi + +# if we've gotten this far .. remove the saved, unchanged old sudoers file +rm -f /etc/sudoers.pre-conffile + +#DEBHELPER# diff --git a/debian/sudo.postrm b/debian/sudo.postrm new file mode 100644 index 0000000..5276bf9 --- /dev/null +++ b/debian/sudo.postrm @@ -0,0 +1,26 @@ +#!/bin/sh + +set -e + +case "$1" in + purge) + rm -rf /var/lib/sudo + rm -rf /run/sudo + ;; + + remove|upgrade|deconfigure) + ;; + + abort-upgrade|failed-upgrade) + if [ -e "/etc/sudoers.pre-conffile" ]; then + mv /etc/sudoers.pre-conffile /etc/sudoers + fi + ;; + + *) + echo "unknown argument --> $1" >&2 + exit 0 + ;; +esac + +#DEBHELPER# diff --git a/debian/sudo.preinst b/debian/sudo.preinst new file mode 100644 index 0000000..a10d5f2 --- /dev/null +++ b/debian/sudo.preinst @@ -0,0 +1,24 @@ +#!/bin/sh + +set -e + +case "$1" in + install|upgrade) + if [ -n "$2" ] && dpkg --compare-versions "$2" le "1.7.4p4-4"; then + + SUDOERS="/etc/sudoers" + + if [ -e "$SUDOERS" ]; then + md5sum="$(md5sum $SUDOERS | sed -e 's/ .*//')" + if [ "$md5sum" = "c310ef4892a00cca8134f6e4fcd64b6d" ] || #lenny + [ "$md5sum" = "c5dab0f2771411ed7e67d6dab60a311f" ] || #squeeze + [ "$md5sum" = "45437b4e86fba2ab890ac81db2ec3606" ]; then #wheezy + # move unchanged sudoers file to avoid conffile question + mv "$SUDOERS" "$SUDOERS.pre-conffile" + fi + fi + fi + ;; +esac + +#DEBHELPER# diff --git a/debian/sudo.prerm b/debian/sudo.prerm new file mode 100644 index 0000000..1503418 --- /dev/null +++ b/debian/sudo.prerm @@ -0,0 +1,51 @@ +#!/bin/sh + +set -e + +check_password() { + if [ ! "$SUDO_FORCE_REMOVE" = "yes" ]; then + # let's check whether the root account is locked. + # if it is, we're not going another step. No Sirreee! + passwd=$(getent shadow root|cut -f2 -d:) + passwd1=$(echo "$passwd" |cut -c1) + # Note: we do need the 'xfoo' syntax here, since POSIX special-cases + # the $passwd value '!' as negation. + # bug #1001858 causes trouble here. In autopkgtest, the system + # might be switching back and forth between sudo and sudo-ldap + # without having a root password set. + # autopkgtest environment is not under our control, so we cannot + # disable this test just for autopkgtest (it's autopkgtest itself + # installing packages). + if [ "x$passwd" = "x*" ] || [ "x$passwd1" = "x!" ]; then + # yup, password is locked + echo "You have asked that the sudo package be removed," + echo "but no root password has been set." + echo "Without sudo, you may not be able to gain administrative privileges." + echo + echo "If you would prefer to access the root account with su(1)" + echo "or by logging in directly," + echo "you must set a root password with \"sudo passwd\"." + echo + echo "If you have arranged other means to access the root account," + echo "and you are sure this is what you want," + echo "you may bypass this check by setting an environment variable " + echo "(export SUDO_FORCE_REMOVE=yes)." + echo + echo "Refusing to remove sudo." + exit 1 + fi + fi +} + +case $1 in + remove) + check_password; + ;; + *) + ;; +esac + +#DEBHELPER# + +exit 0 + diff --git a/debian/sudo.tmpfiles b/debian/sudo.tmpfiles new file mode 100644 index 0000000..28f15bb --- /dev/null +++ b/debian/sudo.tmpfiles @@ -0,0 +1 @@ +D /run/sudo 0711 root root diff --git a/debian/tests/01-getroot b/debian/tests/01-getroot new file mode 100755 index 0000000..4edef3e --- /dev/null +++ b/debian/tests/01-getroot @@ -0,0 +1,100 @@ +#!/bin/sh + +set -e + +# set a root password so that we can later replace sudo with sudo-ldap +# see #1001858 +passwd=$(getent shadow root|cut -f2 -d:) +passwd1=$(echo "$passwd" |cut -c1) +# Note: we do need the 'xfoo' syntax here, since POSIX special-cases +# the $passwd value '!' as negation. +if [ "x$passwd" = "x*" ] || [ "x$passwd1" = "x!" ]; then + echo "root:rootpassword" | chpasswd +fi + +TESTNR="01" +BASEDIR="$(pwd)/debian/tests" +COMMONDIR="${BASEDIR}/common" +DIR="${BASEDIR}/${TESTNR}" +PATH="/bin:/usr/bin:/sbin:/usr/sbin" +ACCTA="test${TESTNR}a" +ACCTB="test${TESTNR}b" +PASSWD="test${TESTNR}23456" +HOMEDIRA="/home/${ACCTA}" +HOMEDIRB="/home/${ACCTB}" +LDIFDIR="${DIR}/ldif" + +trap ' + deluser --remove-home "${ACCTA}" 2>/dev/null || true + deluser --remove-home "${ACCTB}" 2>/dev/null || true +' 0 INT QUIT ABRT PIPE TERM + +printf > /etc/hosts "127.0.1.1 %s\n" "$(hostname)" +cat /etc/hosts + +printf "========= test %s\.1: account group member, correct password\n" "${TESTNR}" +deluser ${ACCTA} 2>/dev/null || true +adduser --disabled-password --home "${HOMEDIRA}" --gecos "" "${ACCTA}" +printf "%s:%s\n" "${ACCTA}" "${PASSWD}" | chpasswd +adduser "${ACCTA}" sudo +RET=0 +printf "trying %s with correct password\n" "${ACCTA}" +su - "${ACCTA}" -c "${COMMONDIR}/asuser ${PASSWD}" || RET=$? +printf "%s with correct password, return value %s\n" "${ACCTA}" "${RET}" +if [ "$(cat ${HOMEDIRA}/stdout)" != "0" ]; then + echo >&2 id -u did not give 0 + printf >&2 "stdout:\n" + cat >&2 ${HOMEDIRA}/stdout + printf >&2 "stderr:\n" + cat >&2 ${HOMEDIRA}/stderr + printf >&2 "exit code %s\n" "${RET}" + printf >&2 "exit 1\n" "${RET}" + exit 1 +fi + +printf "========= test %s\.2: account group member, wrong password\n" "${TESTNR}" +rm -f "${HOMEDIRA}/std*" +RET=0 +printf "trying %s with wrong password\n" "${ACCTA}" +su - "${ACCTA}" -c "${COMMONDIR}/asuser wrongpasswd" || RET=$? +printf "%s with wrong password, return value %s\n" "${ACCTA}" "${RET}" +head -n-0 ${HOMEDIRA}/stdout ${HOMEDIRA}/stderr +printf -- "\n-------\n" +for string in "[sudo] password for ${ACCTA}" "Sorry, try again" "sudo: no password was provided" "sudo: 1 incorrect password attempt"; do + if ! grep -F "${string}" ${HOMEDIRA}/stderr; then + printf "%s missing in stderr output\n" "${string}" + printf >&2 "stdout:\n" + cat >&2 ${HOMEDIRA}/stdout + printf >&2 "stderr:\n" + cat >&2 ${HOMEDIRA}/stderr + printf >&2 "\nexit code %s\n" "${RET}" + printf >&2 -- "------\n exit 1\n" + exit 1 + fi +done + +printf "========= test %s\.3: account not group member, correct password\n" "${TESTNR}" +deluser ${ACCTB} 2>/dev/null || true +adduser --disabled-password --home "${HOMEDIRB}" --gecos "" "${ACCTB}" +printf "%s:%s\n" "${ACCTB}" "${PASSWD}" | chpasswd +RET=0 +printf "trying %s (no sudo membership) with correct password\n" "${ACCTB}" +su - "${ACCTB}" -c "${COMMONDIR}/asuser ${PASSWD}" || RET=$? +printf "%s with correct password, return value %s\n" "${ACCTB}" "${RET}" +head -n-0 ${HOMEDIRB}/stdout ${HOMEDIRA}/stderr +printf -- "\n-------\n" +for string in "[sudo] password for ${ACCTB}" "${ACCTB} is not in the sudoers file"; do + if ! grep -F "${string}" ${HOMEDIRB}/stderr; then + printf "%s missing in stderr output\n" "${string}" + printf >&2 "stdout:\n" + cat >&2 ${HOMEDIRB}/stdout + printf >&2 "stderr:\n" + cat >&2 ${HOMEDIRB}/stderr + printf >&2 "\nexit code %s\n" "${RET}" + printf >&2 -- "------\n exit 1\n" + exit 1 + fi +done + +printf "test series sucessful, exit 0\n" +exit 0 diff --git a/debian/tests/02-1003969-audit-no-resolve b/debian/tests/02-1003969-audit-no-resolve new file mode 100755 index 0000000..3fc32aa --- /dev/null +++ b/debian/tests/02-1003969-audit-no-resolve @@ -0,0 +1,43 @@ +#!/bin/sh + +set -e + +TESTNR="02" +BASEDIR="$(pwd)/debian/tests" +COMMONDIR="${BASEDIR}/common" +DIR="${BASEDIR}/${TESTNR}" +PATH="/bin:/usr/bin:/sbin:/usr/sbin" +ACCTA="test${TESTNR}a" +ACCTB="test${TESTNR}b" +PASSWD="test${TESTNR}23456" +HOMEDIRA="/root" +LDIFDIR="${DIR}/ldif" + +trap ' + printf "\ntrap handler\n" + mv /etc/resolv.conf.disabled /etc/resolv.conf || true + mv /etc/hosts.disabled /etc/hosts || true +' 0 INT QUIT ABRT PIPE TERM + +printf "========= test %s\.1: sudo to nobody\n" "${TESTNR}" +mv /etc/resolv.conf /etc/resolv.conf.disabled +mv /etc/hosts /etc/hosts.disabled +RET=0 +printf "trying sudo to nobody\n" +cd "${HOMEDIRA}" +${COMMONDIR}/asuser "" nobody || RET=$? +printf "sudo to nobody, return value %s\n" "${RET}" +STDERRLENGTH="$(cat ${HOMEDIRA}/stderr | grep -vE 'sudo: unable to resolve host [^:]+: Temporary failure in name resolution' | wc -l)" +if [ "${STDERRLENGTH}" != "0" ]; then + echo >&2 non-empty stderr + printf >&2 "stdout:\n" + cat >&2 ${HOMEDIRA}/stdout + printf >&2 "stderr:\n" + cat >&2 ${HOMEDIRA}/stderr + printf >&2 "exit code %s\n" "${RET}" + printf >&2 "exit 1\n" "${RET}" + exit 1 +fi + +printf "test series sucessful, exit 0\n" +exit 0 diff --git a/debian/tests/03-getroot-ldap b/debian/tests/03-getroot-ldap new file mode 100755 index 0000000..f50be3a --- /dev/null +++ b/debian/tests/03-getroot-ldap @@ -0,0 +1,132 @@ +#!/bin/sh + +set -e + +TESTNR="03" +BASEDIR="$(pwd)/debian/tests" +COMMONDIR="${BASEDIR}/common" +DIR="${BASEDIR}/${TESTNR}" +PATH="/bin:/usr/bin:/sbin:/usr/sbin" +ACCTA="test${TESTNR}a" +ACCTB="test${TESTNR}b" +PASSWD="test${TESTNR}23456" +HOMEDIRA="/home/${ACCTA}" +HOMEDIRB="/home/${ACCTB}" +LDIFDIR="${DIR}/ldif" + +trap ' + kill $(pidof slapd) 2>/dev/null || true + deluser --remove-home "${ACCTA}" 2>/dev/null || true + deluser --remove-home "${ACCTB}" 2>/dev/null || true + mv /etc/disabled.sudoers /etc/sudoers 2>/dev/null || true +' 0 INT QUIT ABRT PIPE TERM + +if ! grep -q '^slapd: ALL' /etc/hosts.allow; then + echo "slapd: ALL" >> /etc/hosts.allow +fi + +< ${LDIFDIR}/debconf debconf-set-selections +printf "clean up ldap database ... " +rm -rf /var/lib/ldap/*.mdb +printf "reconfigure slapd ... " +DEBIAN_FRONTEND=noninteractive dpkg-reconfigure -pcritical slapd 2>/dev/null +if ! grep -q '^slapd: ALL$' /etc/hosts.allow; then + echo "slapd: ALL" >> /etc/hosts.allow +fi +printf "start slapd ... " +slapd -h 'ldap://127.0.0.1:11389/ ldapi:///' -g openldap -u openldap -F /etc/ldap/slapd.d +echo "URI ldap://127.0.0.1:11389" > /etc/ldap/ldap.conf +# ldapsearch -x -LLL -s base -b "" namingContexts should work here +printf "add sudo schema to slapd ... " +< /usr/share/doc/sudo-ldap/schema.olcSudo ldapadd -Y EXTERNAL -H ldapi:/// 2>/dev/null +printf "add sudo group ... " +< ${LDIFDIR}/container.ldif ldapadd -x -D 'cn=admin,dc=example,dc=com' -w ldappw 2>/dev/null +if ! grep -q '^sudoers: ldap$' /etc/nsswitch.conf; then + sed -i '/^sudoers.*/d' /etc/nsswitch.conf + echo "sudoers: ldap" >> /etc/nsswitch.conf +fi +touch /etc/ldap/ldap.conf +if ! grep -q '^sudoers_base ou=SUDOers,dc=example,dc=com' /etc/ldap/ldap.conf; then + echo "sudoers_base ou=SUDOers,dc=example,dc=com" >> /etc/ldap/ldap.conf +fi +printf "reconfigure sudo-ldap (#1001851) ... " +DEBIAN_FRONTEND=noninteractive dpkg-reconfigure -pcritical sudo-ldap 2>/dev/null +printf "cvtsudoers into sudoers.ldif ... " +cvtsudoers -b ou=SUDOers,dc=example,dc=com -o ${LDIFDIR}/sudoers.ldif /etc/sudoers +printf "\n cat sudoers.ldif\n" +cat ${LDIFDIR}/sudoers.ldif +printf "pull sudoers.ldif into ldap ..." +< ${LDIFDIR}/sudoers.ldif ldapadd -x -D 'cn=admin,dc=example,dc=com' -w ldappw +# ldapsearch -x -LLL -b "ou=SUDOers,dc=example,dc=com" should work here +printf "move away sudoers ...\n" +mv /etc/sudoers /etc/disabled.sudoers + + +printf "========= test %s\.1: account group member, correct password\n" "${TESTNR}" +printf > /etc/hosts "127.0.1.1 %s\n" "$(hostname)" +deluser ${ACCTA} 2>/dev/null || true +adduser --disabled-password --home "${HOMEDIRA}" --gecos "" "${ACCTA}" +printf "%s:%s\n" "${ACCTA}" "${PASSWD}" | chpasswd +adduser "${ACCTA}" sudo +RET=0 +printf "trying %s with correct password\n" "${ACCTA}" +su - "${ACCTA}" -c "${COMMONDIR}/asuser ${PASSWD}" || RET=$? +printf "%s with correct password, return value %s\n" "${ACCTA}" "${RET}" +if [ "$(cat ${HOMEDIRA}/stdout)" != "0" ]; then + printf >&2 "id -u did not give 0\n" + printf >&2 "stdout:\n" + cat >&2 ${HOMEDIRA}/stdout + printf >&2 "stderr:\n" + cat >&2 ${HOMEDIRA}/stderr + printf >&2 "exit code %s\n" "${RET}" + printf >&2 "exit 1\n" "${RET}" + exit 1 +fi + +printf "========= test %s\.2: account group member, wrong password\n" "${TESTNR}" +rm -f "${HOMEDIRA}/std*" +RET=0 +printf "trying %s with wrong password\n" "${ACCTA}" +su - "${ACCTA}" -c "${COMMONDIR}/asuser wrongpasswd" || RET=$? +printf "%s with wrong password, return value %s\n" "${ACCTA}" "${RET}" +head -n-0 ${HOMEDIRA}/stdout ${HOMEDIRA}/stderr +printf -- "\n-------\n" +for string in "[sudo] password for ${ACCTA}" "Sorry, try again" "sudo: no password was provided" "sudo: 1 incorrect password attempt"; do + if ! grep -F "${string}" ${HOMEDIRA}/stderr; then + printf "%s missing in stderr output\n" "${string}" + printf >&2 "stdout:\n" + cat >&2 ${HOMEDIRA}/stdout + printf >&2 "stderr:\n" + cat >&2 ${HOMEDIRA}/stderr + printf >&2 "\nexit code %s\n" "${RET}" + printf >&2 -- "------\n exit 1\n" + exit 1 + fi +done + +printf "========= test %s\.3: account not group member, correct password\n" "${TESTNR}" +deluser ${ACCTB} 2>/dev/null || true +adduser --disabled-password --home "${HOMEDIRB}" --gecos "" "${ACCTB}" +printf "%s:%s\n" "${ACCTB}" "${PASSWD}" | chpasswd +RET=0 +printf "trying %s (no sudo membership) with correct password\n" "${ACCTB}" +su - "${ACCTB}" -c "${COMMONDIR}/asuser ${PASSWD}" || RET=$? +printf "%s with correct password, return value %s\n" "${ACCTB}" "${RET}" +head -n-0 ${HOMEDIRB}/stdout ${HOMEDIRB}/stderr +printf -- "\n-------\n" +for string in "[sudo] password for ${ACCTB}" "${ACCTB} is not allowed to run sudo on"; do + if ! grep -F "${string}" ${HOMEDIRB}/stderr; then + printf "%s missing in stderr output\n" "${string}" + printf >&2 "stdout:\n" + cat >&2 ${HOMEDIRB}/stdout + printf >&2 "stderr:\n" + cat >&2 ${HOMEDIRB}/stderr + printf >&2 "\nexit code %s\n" "${RET}" + printf >&2 -- "------\n exit 1\n" + exit 1 + fi +done + +printf "test series sucessful, exit 0\n" +exit 0 + diff --git a/debian/tests/03/ldif/container.ldif b/debian/tests/03/ldif/container.ldif new file mode 100644 index 0000000..8f02a68 --- /dev/null +++ b/debian/tests/03/ldif/container.ldif @@ -0,0 +1,5 @@ +dn: ou=SUDOers,dc=example,dc=com +objectClass: top +objectClass: organizationalUnit +ou: SUDOers + diff --git a/debian/tests/03/ldif/debconf b/debian/tests/03/ldif/debconf new file mode 100644 index 0000000..d40ae8c --- /dev/null +++ b/debian/tests/03/ldif/debconf @@ -0,0 +1,16 @@ +slapd slapd/password1 password ldappw +slapd slapd/password2 password ldappw +slapd slapd/internal/adminpw password ldappw +slapd slapd/internal/generated_adminpw password ldappw +slapd slapd/password_mismatch note +slapd slapd/domain string example.com +slapd slapd/dump_database_destdir string /var/backups/slapd-VERSION +slapd slapd/purge_database boolean true +slapd slapd/dump_database select when needed +slapd slapd/no_configuration boolean false +slapd slapd/ppolicy_schema_needs_update select abort installation +slapd slapd/invalid_config boolean false +slapd shared/organization string example.com +slapd slapd/move_old_database boolean true +slapd slapd/unsafe_selfwrite_acl note + diff --git a/debian/tests/03/ldif/sudoers.ldif b/debian/tests/03/ldif/sudoers.ldif new file mode 100644 index 0000000..d321d52 --- /dev/null +++ b/debian/tests/03/ldif/sudoers.ldif @@ -0,0 +1,32 @@ +dn: cn=defaults,ou=SUDOers,dc=example,dc=com +objectClass: top +objectClass: sudoRole +cn: defaults +description: Default sudoOption's go here +sudoOption: env_reset +sudoOption: mail_badpass +sudoOption: secure_path=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +sudoOption: use_pty + +dn: cn=root,ou=SUDOers,dc=example,dc=com +objectClass: top +objectClass: sudoRole +cn: root +sudoUser: root +sudoHost: ALL +sudoRunAsUser: ALL +sudoRunAsGroup: ALL +sudoCommand: ALL +sudoOrder: 1 + +dn: cn=%sudo,ou=SUDOers,dc=example,dc=com +objectClass: top +objectClass: sudoRole +cn: %sudo +sudoUser: %sudo +sudoHost: ALL +sudoRunAsUser: ALL +sudoRunAsGroup: ALL +sudoCommand: ALL +sudoOrder: 2 + diff --git a/debian/tests/04-getroot-sssd b/debian/tests/04-getroot-sssd new file mode 100755 index 0000000..bcafaf8 --- /dev/null +++ b/debian/tests/04-getroot-sssd @@ -0,0 +1,136 @@ +#!/bin/sh + +set -e + +# DEBIAN_FRONTEND=noninteractive apt --yes install adduser slapd ldap-utils sssd cron sudo man-db procps vim whiptail +# slappasswd -s kkkk + +TESTNR="04" +BASEDIR="$(pwd)/debian/tests" +COMMONDIR="${BASEDIR}/common" +DIR="${BASEDIR}/${TESTNR}" +PATH="/bin:/usr/bin:/sbin:/usr/sbin" +ACCTA="testuser1" +ACCTB="testuser2" +PASSWD="test${TESTNR}23456" +HOMEDIRA="/home/${ACCTA}" +HOMEDIRB="/home/${ACCTB}" +LDIFDIR="${DIR}/ldif" +SSSDCONF="/etc/sssd/sssd.conf" + +trap ' + kill $(pidof slapd) 2>/dev/null || true + kill $(pidof sssd) 2>/dev/null || true +' 0 INT QUIT ABRT PIPE TERM + +# openssl req -x509 -days 365 -nodes -newkey rsa:4096 -keyout server_key.pem -out server_cert.pem --subj "/C=DE/CN=emptysid86.zugschlus.de" + +< ${LDIFDIR}/debconf debconf-set-selections +printf "clean up ldap database ... " +rm -rf /var/lib/ldap/*.mdb +printf "move configuration in place ... " +mkdir -p /etc/ldap /etc/sssd +cp ${LDIFDIR}/server_*.pem /etc/ldap/ +cp ${LDIFDIR}/ldap.conf /etc/ldap/ +chown openldap:openldap /etc/ldap/server_*.pem +chmod 600 /etc/ldap/server_key.pem +cp ${LDIFDIR}/sssd.conf /etc/sssd +chown root:root /etc/sssd/sssd.conf +chmod 600 /etc/sssd/sssd.conf +cp ${LDIFDIR}/slapd-default /etc/default/slapd +echo "slapd: [::1]" >> /etc/hosts.allow +printf "reconfigure slapd ... " +DEBIAN_FRONTEND=noninteractive dpkg-reconfigure -pcritical slapd 2>/dev/null +kill $(pidof slapd) 2>/dev/null || true +sleep 1 +printf "start slapd ... " +slapd -h "ldaps:/// ldapi:///" -g openldap -u openldap -F /etc/ldap/slapd.d +# ldapsearch -x -LLL -s base -b "" namingContexts should work here +printf "set LDAP passwords" +ldapmodify -Y external -H ldapi:/// -f ${LDIFDIR}/tls.ldif 2>/dev/null +ldapmodify -Y external -H ldapi:/// -f ${LDIFDIR}/adminpw.ldif 2>/dev/null +ldapmodify -Y external -H ldapi:/// -f ${LDIFDIR}/adminpw-example-com.ldif 2>/dev/null +printf "add users and groups OUs ..." +ldapadd -x -D "cn=admin,dc=example,dc=com" -w ldappw -f ${LDIFDIR}/sss-ous.ldif 2>/dev/null +printf "add users ..." + +printf "sssd.conf ...\n" +cp ${LDIFDIR}/sssd.conf "${SSSDCONF}" + +printf "sudoers file ...\n"A +mkdir -p /etc/sudoers.d/ +mv ${LDIFDIR}/ldapsudoers /etc/sudoers.d/ +chown root:root "${SSSDCONF}" /etc/sudoers.d/ /etc/sudoers.d/* +chmod 755 /etc/sudoers.d/ +chmod 600 "${SSSDCONF}" /etc/sudoers.d/* +kill $(pidof sssd) 2>/dev/null || true +sleep 1 +sssd --logger=files -D + +for user in testuser1 testuser2; do + ldapadd -x -D "cn=admin,dc=example,dc=com" -w ldappw -f ${LDIFDIR}/${user}.ldif 2>/dev/null + mkdir -p /home/${user} + chown ${user}:nogroup /home/${user} +done +ldapadd -x -D "cn=admin,dc=example,dc=com" -w ldappw -f ${LDIFDIR}/ldapsudoers.ldif 2>/dev/null +# ldapsearch -x -D "cn=admin,dc=example,dc=com" -w ldappw -b "dc=example,dc=com" -s sub "(objectclass=*)" should work here. + +printf "========= test %s\.1: account group member, correct password\n" "${TESTNR}" +RET=0 +printf "trying %s with correct password\n" "${ACCTA}" +su - "${ACCTA}" -c "${COMMONDIR}/asuser ${PASSWD}" || RET=$? +printf "%s with correct password, return value %s\n" "${ACCTA}" "${RET}" +if [ "$(cat ${HOMEDIRA}/stdout)" != "0" ]; then + printf >&2 "id -u did not give 0\n" + printf >&2 "stdout:\n" + cat >&2 ${HOMEDIRA}/stdout + printf >&2 "stderr:\n" + cat >&2 ${HOMEDIRA}/stderr + printf >&2 "exit code %s\n" "${RET}" + printf >&2 "exit 1\n" "${RET}" + exit 1 +fi + +printf "========= test %s\.2: account group member, wrong password\n" "${TESTNR}" +rm -f "${HOMEDIRA}/std*" +RET=0 +printf "trying %s with wrong password\n" "${ACCTA}" +su - "${ACCTA}" -c "${COMMONDIR}/asuser wrongpasswd" || RET=$? +printf "%s with wrong password, return value %s\n" "${ACCTA}" "${RET}" +head -n-0 ${HOMEDIRA}/stdout ${HOMEDIRA}/stderr +printf -- "\n-------\n" +for string in "[sudo] password for ${ACCTA}" "Sorry, try again" "sudo: no password was provided" "sudo: 1 incorrect password attempt"; do + if ! grep -F "${string}" ${HOMEDIRA}/stderr; then + printf "%s missing in stderr output\n" "${string}" + printf >&2 "stdout:\n" + cat >&2 ${HOMEDIRA}/stdout + printf >&2 "stderr:\n" + cat >&2 ${HOMEDIRA}/stderr + printf >&2 "\nexit code %s\n" "${RET}" + printf >&2 -- "------\n exit 1\n" + exit 1 + fi +done + +printf "========= test %s\.3: account not group member, correct password\n" "${TESTNR}" +printf "trying %s (no sudo membership) with correct password\n" "${ACCTB}" +su - "${ACCTB}" -c "${COMMONDIR}/asuser ${PASSWD}" || RET=$? +printf "%s with correct password, return value %s\n" "${ACCTB}" "${RET}" +head -n-0 ${HOMEDIRB}/stdout ${HOMEDIRB}/stderr +printf -- "\n-------\n" +for string in "[sudo] password for ${ACCTB}: ${ACCTB} is not in the sudoers file." ; do + if ! grep -q -F "${string}" ${HOMEDIRB}/stderr; then + printf "%s missing in stderr output\n" "${string}" + printf >&2 "stdout:\n" + cat >&2 ${HOMEDIRB}/stdout + printf >&2 "stderr:\n" + cat >&2 ${HOMEDIRB}/stderr + printf >&2 "\nexit code %s\n" "${RET}" + printf >&2 -- "------\n exit 1\n" + exit 1 + fi +done + +printf "test series sucessful, exit 0\n" +exit 0 + diff --git a/debian/tests/04/ldif/adminpw-example-com.ldif b/debian/tests/04/ldif/adminpw-example-com.ldif new file mode 100644 index 0000000..adf42d5 --- /dev/null +++ b/debian/tests/04/ldif/adminpw-example-com.ldif @@ -0,0 +1,4 @@ +dn: olcDatabase={1}mdb,cn=config +changetype: modify +replace: olcRootPW +olcRootPW: {SSHA}5VEuBX9dLCSCj+TIp7XBXQRb3F5M2aSN diff --git a/debian/tests/04/ldif/adminpw.ldif b/debian/tests/04/ldif/adminpw.ldif new file mode 100644 index 0000000..6cf1bb8 --- /dev/null +++ b/debian/tests/04/ldif/adminpw.ldif @@ -0,0 +1,7 @@ +# this sets a password ldappw for the config database +# ldapsearch -H ldapi:// -LLL -D "cn=admin,cn=config" -W -b "cn=config" "(olcRootDN=*)" dn olcRootDN olcRootPW olcSuffix +# should work without -Y EXTERNAL and as normal user now +dn: olcDatabase={0}config,cn=config +changetype: modify +replace: olcRootPW +olcRootPW: {SSHA}5VEuBX9dLCSCj+TIp7XBXQRb3F5M2aSN diff --git a/debian/tests/04/ldif/container.ldif b/debian/tests/04/ldif/container.ldif new file mode 100644 index 0000000..8f02a68 --- /dev/null +++ b/debian/tests/04/ldif/container.ldif @@ -0,0 +1,5 @@ +dn: ou=SUDOers,dc=example,dc=com +objectClass: top +objectClass: organizationalUnit +ou: SUDOers + diff --git a/debian/tests/04/ldif/debconf b/debian/tests/04/ldif/debconf new file mode 100644 index 0000000..bb14313 --- /dev/null +++ b/debian/tests/04/ldif/debconf @@ -0,0 +1,15 @@ +slapd slapd/password1 password ldappw +slapd slapd/password2 password ldappw +slapd slapd/internal/adminpw password ldappw +slapd slapd/internal/generated_adminpw password ldappw +slapd slapd/password_mismatch note +slapd slapd/domain string example.com +slapd slapd/dump_database_destdir string /var/backups/slapd-VERSION +slapd slapd/purge_database boolean true +slapd slapd/no_configuration boolean false +slapd slapd/ppolicy_schema_needs_update select abort installation +slapd slapd/invalid_config boolean false +slapd shared/organization string example.com +slapd slapd/move_old_database boolean true +slapd slapd/unsafe_selfwrite_acl note + diff --git a/debian/tests/04/ldif/ldap.conf b/debian/tests/04/ldif/ldap.conf new file mode 100644 index 0000000..3f3000a --- /dev/null +++ b/debian/tests/04/ldif/ldap.conf @@ -0,0 +1,6 @@ +BASE dc=example,dc=com +URI ldaps://[::1]:636/ +TLS_CACERT /etc/ldap/server_cert.pem +TLS_REQCERT allow +SASL_NOCANON on + diff --git a/debian/tests/04/ldif/ldapsudoers b/debian/tests/04/ldif/ldapsudoers new file mode 100644 index 0000000..8d11b0b --- /dev/null +++ b/debian/tests/04/ldif/ldapsudoers @@ -0,0 +1 @@ +%ldapsudoers ALL=(ALL:ALL) ALL diff --git a/debian/tests/04/ldif/ldapsudoers.ldif b/debian/tests/04/ldif/ldapsudoers.ldif new file mode 100644 index 0000000..029d73e --- /dev/null +++ b/debian/tests/04/ldif/ldapsudoers.ldif @@ -0,0 +1,6 @@ +dn: cn=ldapsudoers,ou=groups,dc=example,dc=com +objectClass: posixGroup +objectClass: top +gidNumber: 270 +cn: ldapsudoers +memberUid: testuser1 diff --git a/debian/tests/04/ldif/server_cert.pem b/debian/tests/04/ldif/server_cert.pem new file mode 100644 index 0000000..69392cd --- /dev/null +++ b/debian/tests/04/ldif/server_cert.pem @@ -0,0 +1,30 @@ +-----BEGIN CERTIFICATE----- +MIIFMTCCAxmgAwIBAgIUatkSzjnbPNHqrbv9GByfPIoUjtYwDQYJKoZIhvcNAQEL +BQAwKDELMAkGA1UEBhMCREUxGTAXBgNVBAMMEGxkYXAuZXhhbXBsZS5jb20wHhcN +MjMwMTAyMTc0NDA2WhcNMjQwMTAyMTc0NDA2WjAoMQswCQYDVQQGEwJERTEZMBcG +A1UEAwwQbGRhcC5leGFtcGxlLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCC +AgoCggIBAOscbfVg0NKHrFWLv2y+veqaRv/8ANup0ZSm/Qyx1zHdCV0sQMxfxeVb +OMcucCoBbAsPznHLZXaJFL3cgqdcaQ5oLYGCaaj7TbfBwm4i0bGP+xpDV7nvxyW3 +HLw5mYmoYpm5iAFaRuqWuMbCU2bILuTVO/D7V/1TUS4ciLpz9Dw5rrFy9t+ZURMv +bf45/tjlD4T6ItDrr4gBKJ6fqRbCVZl38oyiont/Spm+nBRpHpZz70F4AYo8rwMD +dLGonJ85KrVeIDg5TZEMEKgxgXu6hrvNVxyGWXmA3mOVy+vyRj8XHDebDX8qmPgF +g/Rzzm4VgrlXqtuEc/YQqyu6VqpNR9Yu0oj+q7J/A4BU316PioNB4zHWWwqqBEKu +bXy9EtXfYXppPV56/XfnYm6mbyIn0x382oBrcQiQD5pTWoz61lawrt9YDGnDvWSH +BHUhzoVSY++D0QX0hae35zZkTbW9/eXpZGr5UDVFgkZGWDPPxrXyOAgiJfwiTtqm +Du9Lp3JycX95ywGhTPBNM9nvaPk5bBSWgz9uaoP2NY4VQga4vhn2mC0WbJOtUHSm ++tMpjTcBIJzpdyH0yh7DEGORk5aev9gU+K1VcSRD/3pXkSjo7xSEfSNW+flAGwVS +UABDs/0XkdmhvL4zawnuMapEttWqHKH0wrQLkvzTkFUnqJsQ8cerAgMBAAGjUzBR +MB0GA1UdDgQWBBS1r+sdVFP2hBByMEw9iSvkvvGqxTAfBgNVHSMEGDAWgBS1r+sd +VFP2hBByMEw9iSvkvvGqxTAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUA +A4ICAQA8otnqTtetl0Tqqx+lNsmfOi2iEbptyKuvDhSBSlkdHVGD+rRilDeehdVN +9vE2fNOdYdtAfxBVEUW6S4RRY3gJZ38oik0JbYxotUYqAgFzY53Zg5CAQpmGDCYg +GMS/2zHlo5ZFNoKLMJG5o8qGao1HehBlIJ9D06mRQO88aguMa4jPBYHMb43ZWOxh +Un9P6fOl7bfRqomxgixnovPlFiELg/ZWANpECRY7lsVahKLndWf+Tw3Ayp4+CpvL +mWc0xRCYTFDua1lyLypxsH/4H5IZlDwpw8bvSAmmpdqhbA4Sh+Qo6gXn4Bm92A4L +sltnUjCliJb79Q3gkuvIB/qlPPbZ/s9L0OxRHnHYR+7JfVxlsWb2guMApGc4R3Um +5U4sK4QEFZFCBgsrA3DpXQo1pW30DCZjXjrzQ3kbPuKX8njOzPI9Q02xdoMkuqMw +o4tvo28xgWlW2HZrzU7fnm7t0MTGJG33LKlcz/tRco9Ky+YxKz5HvQAGCKrb3L6x +iOeVuT90cKfNX7pVoHNR7YSav+n9YacIknB+HBpGLKGlfvHIlwvCMtOK9axHxUiO +AZaCYYUXgFbYetyoux5PyYBDwIrJSIw7FpQkONmHLRSM2j3S9RRGi9ipR3jzvvqz +d7dsFok749nOEuJ4qvnWrJ5WkcrbrX5GcR0UL1mWSJqCRXOp1A== +-----END CERTIFICATE----- diff --git a/debian/tests/04/ldif/server_key.pem b/debian/tests/04/ldif/server_key.pem new file mode 100644 index 0000000..7baef03 --- /dev/null +++ b/debian/tests/04/ldif/server_key.pem @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDrHG31YNDSh6xV +i79svr3qmkb//ADbqdGUpv0Msdcx3QldLEDMX8XlWzjHLnAqAWwLD85xy2V2iRS9 +3IKnXGkOaC2Bgmmo+023wcJuItGxj/saQ1e578cltxy8OZmJqGKZuYgBWkbqlrjG +wlNmyC7k1Tvw+1f9U1EuHIi6c/Q8Oa6xcvbfmVETL23+Of7Y5Q+E+iLQ66+IASie +n6kWwlWZd/KMoqJ7f0qZvpwUaR6Wc+9BeAGKPK8DA3SxqJyfOSq1XiA4OU2RDBCo +MYF7uoa7zVcchll5gN5jlcvr8kY/Fxw3mw1/Kpj4BYP0c85uFYK5V6rbhHP2EKsr +ulaqTUfWLtKI/quyfwOAVN9ej4qDQeMx1lsKqgRCrm18vRLV32F6aT1eev1352Ju +pm8iJ9Md/NqAa3EIkA+aU1qM+tZWsK7fWAxpw71khwR1Ic6FUmPvg9EF9IWnt+c2 +ZE21vf3l6WRq+VA1RYJGRlgzz8a18jgIIiX8Ik7apg7vS6dycnF/ecsBoUzwTTPZ +72j5OWwUloM/bmqD9jWOFUIGuL4Z9pgtFmyTrVB0pvrTKY03ASCc6Xch9MoewxBj +kZOWnr/YFPitVXEkQ/96V5Eo6O8UhH0jVvn5QBsFUlAAQ7P9F5HZoby+M2sJ7jGq +RLbVqhyh9MK0C5L805BVJ6ibEPHHqwIDAQABAoICAE2uU4BnECf3Ts/nAAT4krxQ +ZBQRGeF6HvaMJADNQ6pEe2MPC4vbOwIYXU6mP8YJOT8AZnf/uZLsIO/IS1zrsgRi +FGL9iVadTaTgvpJwK7OMvG0Fghc7q6OA+FwSdfHfMlDTVaYIw3Sf/wYgz7iefKv7 +7jWlfgGDxUdEg0KDrFc3wcn8j6f6Oqjpm2CLnfHg4PtRQC6iKJl5tIeQfig4Zlry +IDAqTiAawzXAHka6IrKYNJ1/fpbDjRmkSyql6LXNCBjrtB6PhFrfzyMbVEpiq0Ci +zFzu4OI923yw0jMvldkjlB2lO9Tf6LHN9LbQioyhy9LcLeYgwcWz5TJp+1eCeDCg +np5ipwqhkTvx9T6rQRtInZCJZSmY+JxWYlQJ7Gz2e4V4L+9or3nTBs/YDPV+dDSs +SjcQgEstc/nEj0y4l2iEZq7N9Ro3PtWM6beM3yYacsJEdDwhH2vRBj/xl9j3fKc+ +0kvWem0r9+kKXw/LweSmeTTtrsjKZPi2pFrvXBG1yrhwmERtQOoQN0llRgQy7XBW +EUN3WMHYVfUcKzRRHrlDQ3tTuTlm1cFv6JQ5ip4sedNJSkWMBAv1yyLH5CnISm6k +OpOhz1oGHTNG91PkVvVJP8GvhOXafi84bLrXU7FJaAkgci/EGQAkqO5R3ITjYKMG +eoPul58iQ8057C9As9LhAoIBAQD4mvuPSxTwaH/9AsEPrv3fhmG0QfeD0wFUvFKO +X/gDfVbkQjH6CcNe5QjbRzooJAGdENmQzn8S9qhqcdghYKAtKnabwhgqzVv2Xr6z +XpyhmJCF+MEaTfhIw/C1HmjURwdxmk0w4uaTOixKlCwwA1bi69dDZ82dMqM1Y7u4 +uPQwykud4AAeFRETAcWAXe0BZ4d5uow7siaSRS24Do7SEAa7zcLiTqVbuKhBNqRa +FSY/r7f8W78oL7Z/TwhYP0MpQLAG9gAUc48BO6Rm5tJfMmd2D8KLQ2Lfze4ETBSA +ZJk0j1LuXNWzSM2wQ4vbhGrw4qLTue6uv9V0lY1FB0d9y+JLAoIBAQDyGrGLPPeR +IBHzXiFGGFd/it20ux1x7+iFhC/NEwJVKU6oVO39jqte4nVfFo5cb4WKuQHfmiEN +E6hcdkXBCezgTGKsvqaY+nmmoNMNg2wh/cGc6VoBMiixZYa43S+i5U4pdWZbwbgB +1zUqh1k1NcSBQErqoML2R1aORw627OV1Ef+/UpnVlQGlrqor+w1XtmOb9s6/02gb +QA+pZlLEuyJwhXhxAioFoY+G7zKcJisAKORGS7ZtvmCzOqq2cUD4EYtYPGJmjpU5 +yfwW7YoJALmoIckORHQuQXkL6nnDXOhvL66dKAU523NkbfHUmdl/DyiedZxOtUH8 +Jky+oarQm1QhAoIBAQCNDWItqyv2O1Ri+W0QuPjSGizVWZhV8yKOMUul/E17rWHf +oK86bs+qx8h+oasdm1BPDYBj6MWwvMJRosY+KdS3y6AAP9/2aQ4Eez04CDZWeXmG +id0GT7bPklzAZsCTsLlIe4PQeOzaG+eFaQypMTvbBHTeicbfqhtv72ZTKJ1kEWNV +8AIhD1LgteCZNLGEWnlDV9S5ChtYYmfORnRCO1WWuOgZ/wVTRTIxzg7yDY3mFI0P +Yf7Tjj69fNn/N+WjQlCdonXpJKe+y1g8CjrSSIbrNYXr/g/ba7vgNEptjqZea/Nh +ysp1LpmFqM1xf3AtvGkmOBh0jeNOgovk3nxxo3yBAoIBAGs6/XYhS7mAjdLP10b3 +kxGPjQD2e2UykDdKw+09xSO5BvixnTNX1HlTLg8uq2Evl+NIbBcAajEjisdhLyX/ +4mW6D15ZlupczjLKOpBarDMl9HIuPMoY0EM6J4CLnwS0MXlVYT+0vm46RncOualC +pkVlF4lyKMfx8tlTiaXlqP/AOBkiWbZqp+8dPIv8Rv2Zb+btWsdFuG+RYR5zjqdK +B0f1JdJP1hLmau6l1TGqChOpCOpFsIhM8QGRM3lZEiCNjL1JCYBJGLkeyEPTc/bm +1lQsmqNyGE9Aen+Xm9S2utA8O0eqKR5mH2bU925lshp/uUrt5oxJ5e7re8RXUJPS +qGECggEAMBcRhHnk9mlo6zi89hRY4YduN14ahxatZu99fFep9Ea3mslcTDzy26Xm +Mw0X3oij6+eJODlWpwzUMp5MylI8XEeOkfZ9il+6etFSOK6QWe2U7SDAy6nXYUVB +PZc5kTtCYSMIUmU+GjShMoEYPNCjqRSEY9sArZ85wFWEl5nRn5sEg8NLBhbURWu1 +iY1R0ie8XeXEoOWujMfhVmJUNadkeR23/XMmzfZ6M5gavkYkUjNMvCNMu7+GVeYU +uuxNmnNqjJP5GcLsd7dgzgslE+FPPxHiVjONIR7qrZwZcg9rGO2ODrLnuHZHzZha +x4rwQL3+5SADD++19sqJhDoXJW8KEw== +-----END PRIVATE KEY----- diff --git a/debian/tests/04/ldif/slapd-default b/debian/tests/04/ldif/slapd-default new file mode 100644 index 0000000..9d92858 --- /dev/null +++ b/debian/tests/04/ldif/slapd-default @@ -0,0 +1,7 @@ +SLAPD_CONF= +SLAPD_USER="openldap" +SLAPD_GROUP="openldap" +SLAPD_PIDFILE= +SLAPD_SERVICES="ldaps:/// ldapi:///" +SLAPD_SENTINEL_FILE=/etc/ldap/noslapd +SLAPD_OPTIONS="" diff --git a/debian/tests/04/ldif/sss-ous.ldif b/debian/tests/04/ldif/sss-ous.ldif new file mode 100644 index 0000000..5ba018c --- /dev/null +++ b/debian/tests/04/ldif/sss-ous.ldif @@ -0,0 +1,9 @@ +dn: ou=users,dc=example,dc=com +objectClass: top +objectClass: organizationalUnit +ou: users + +dn: ou=groups,dc=example,dc=com +objectClass: top +objectClass: organizationalUnit +ou: groups diff --git a/debian/tests/04/ldif/sssd.conf b/debian/tests/04/ldif/sssd.conf new file mode 100755 index 0000000..ee06ef5 --- /dev/null +++ b/debian/tests/04/ldif/sssd.conf @@ -0,0 +1,24 @@ +[sssd] +domains = example.com +services = nss, pam +debug_level = 0x01ff + +[domain/example.com] +id_provider = ldap +auth_provider = ldap + +ldap_uri = ldaps://[::1]:636/ +ldap_search_base = dc=example,dc=com + +ldap_tls_cacert = /etc/ldap/server_cert.pem +ldap_tls_reqcert = allow + +ldap_default_bind_dn = cn=admin,dc=example,dc=com +ldap_default_authtok_type = password +ldap_default_authtok = ldappw + +[pam] +offline_credentials_expiration = 2 +offline_failed_login_attempts = 3 +offline_failed_login_delay = 5 + diff --git a/debian/tests/04/ldif/testuser1.ldif b/debian/tests/04/ldif/testuser1.ldif new file mode 100644 index 0000000..2419a68 --- /dev/null +++ b/debian/tests/04/ldif/testuser1.ldif @@ -0,0 +1,16 @@ +dn: uid=testuser1,ou=users,dc=example,dc=com +objectClass: top +objectClass: account +objectClass: posixAccount +objectClass: shadowAccount +cn: testuser1 +uid: testuser1 +uidNumber: 10001 +gidNumber: 100 +homeDirectory: /home/testuser1 +loginShell: /bin/bash +gecos: testuser1 from LDAP +userPassword: {SSHA}n8CrO1tNcRrd4u8rMLOE91a18iFRQFBx +shadowLastChange: 0 +shadowMax: 0 +shadowWarning: 0 diff --git a/debian/tests/04/ldif/testuser2.ldif b/debian/tests/04/ldif/testuser2.ldif new file mode 100644 index 0000000..541c383 --- /dev/null +++ b/debian/tests/04/ldif/testuser2.ldif @@ -0,0 +1,17 @@ +dn: uid=testuser2,ou=users,dc=example,dc=com +objectClass: top +objectClass: account +objectClass: posixAccount +objectClass: shadowAccount +cn: testuser2 +uid: testuser2 +uidNumber: 10002 +gidNumber: 100 +homeDirectory: /home/testuser2 +loginShell: /bin/bash +gecos: testuser2 from LDAP +userPassword: {SSHA}n8CrO1tNcRrd4u8rMLOE91a18iFRQFBx +shadowLastChange: 0 +shadowMax: 0 +shadowWarning: 0 + diff --git a/debian/tests/04/ldif/tls.ldif b/debian/tests/04/ldif/tls.ldif new file mode 100644 index 0000000..012adf2 --- /dev/null +++ b/debian/tests/04/ldif/tls.ldif @@ -0,0 +1,10 @@ +dn: cn=config +changetype: modify +add: olcTLSCACertificateFile +olcTLSCACertificateFile: /etc/ldap/server_cert.pem +- +add: olcTLSCertificateKeyFile +olcTLSCertificateKeyFile: /etc/ldap/server_key.pem +- +add: olcTLSCertificateFile +olcTLSCertificateFile: /etc/ldap/server_cert.pem diff --git a/debian/tests/common/asuser b/debian/tests/common/asuser new file mode 100755 index 0000000..291b40a --- /dev/null +++ b/debian/tests/common/asuser @@ -0,0 +1,7 @@ +#!/bin/bash + +set -e + +echo "${1:-}" | sudo -u "${2:-root}" --stdin id -u > "${3:-stdout}" 2> "${4:-stderr}" + + diff --git a/debian/tests/control b/debian/tests/control new file mode 100644 index 0000000..abea94c --- /dev/null +++ b/debian/tests/control @@ -0,0 +1,16 @@ +Tests: 01-getroot +Depends: sudo, adduser +Restrictions: needs-root + +Tests: 02-1003969-audit-no-resolve +Depends: sudo +Restrictions: needs-root + +Tests: 03-getroot-ldap +Depends: sudo-ldap, adduser, slapd, ldap-utils, cron +Restrictions: needs-root + +Tests: 04-getroot-sssd +Depends: sudo, adduser, slapd, ldap-utils, sssd-common, sssd-ldap, cron +Restrictions: needs-root + diff --git a/debian/upstream/signing-key.asc b/debian/upstream/signing-key.asc new file mode 100644 index 0000000..ce0c71f --- /dev/null +++ b/debian/upstream/signing-key.asc @@ -0,0 +1,51 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBFokaiQBEADMmTjkUBpTgLLiv85lz0UGmgVj39si2Gd3RC2/qz3UmHhS0qnL +4x3LejZQOifaevT3wIgOjU+YtyHleW2lZp0a/ndtFgXHeVJTQ12Ej5NbOHBFECWk +WyXj1Rv/vBopI7OxERjAjoUQLSu6nsksclYoO0pZywm+K17os1i5Qbi0djdYjHT5 +Asiqnef5g02a8DJzQCq37VM046gFRhnp/unJoi4iexpjH/HL4tlRO7/3pDwV6MFV +WDhNcrlP6AnmSzYbFv8Nt4MsbWU0oYa1TtRmuqxn5R/Lb9i4Uj793qZz3I/cDqv7 +8kd3lRJ5TbjXR1D2alhGVP6+0KWOKd5rpDSwYNojwKdVI6faJUOjRRSHGmZiNYFW +p5UXDQUeFXmzEFWaXgIXbmH0SqpVkKvwhH/sn0G3ryLXnPizjM3RSmoxSzpJNTHB +FGPBLd9eJ724IvF5Qigo8IdpPTZUv7EHmK2va97nH+AK7HDAPWTsOpM49CZXy1xz +9N8Be3I8ayUgMO6aVuAKpQFGEpuNGq+DCvyUOyVa5jeEf50wWHXBMPlVjdZK/46a +NKmg9YyGDmZn1YIGeAc6mhW0yM/+vvz9Wof5+RHHOBbVmAI7e7Mm7gR6xLZ0zty9 +FdPtEvxPnzzPIBjStPxvFr3j/9maW7iJNX1c/FTqXY+VAfUy7mpvrEZrGQARAQAB +tCRUb2RkIEMuIE1pbGxlciA8VG9kZC5NaWxsZXJAc3Vkby53cz6JAk4EEwEIADgW +IQRZ0enMuis3ZwT901up9MAhzqRw+wUCWiRqJAIbAwULCQgHAwUVCgkICwUWAgMB +AAIeAQIXgAAKCRCp9MAhzqRw+5TmEACtyNWwMIfo/0okILNHryc61nA96XznSsQS +9u5AaRN06l6dp+1ix7FrSlXvCq1Oq7kajsF8Nnq9y2r7Os9ZsZSwGF1JGTt/qBT8 +N+Y+pEIe7igTSxv3UJINuY2uQvR6y7GOmvMVHvLUAR48WXhS3w4UVlBfDx4UEuLF +ocurDsNgqYBEv3QYORUNCVMZlJg6/d8X3KpAK+Og3V13L8NjqZ546sRZub42FjJh +xNh1mKLU+Q1Y+9JmB3EMBBOTY+OAnwQJiLcW3l1RdA8d2wTQ3+CnwywJrcUm3yKw +MGgPxs8+ywol9B2G5DtXYO82Flzfzb8kHQ6JRKBFVa3dz2NZt82VIIovfEl90zvB +aEJVlNH/XH5qsVLYLHB/NZUwxxz573HSMW4YCQgZZWaZ0byjb27KYd6S7Tj/DV5u +QvVmGcRQ7sAcJoKVG3XVlm+n5XnCWXddySOtt3XZbByIAyC5iu8LuLjCauO0sUX0 +L4yKnc0e4bqCglImJGZuuOL5tLYOL7Bd/RWj2uC+dpPaol6VAefGDUv8GqKa+Y28 +FRXKVvxcQwLYLm4DA6hYV9f/0RjjPT/8VDk/dfytydhpaDnNu1nieAa5lx3/BPYP +iuLgWg4DXpfW4IIGIMaEULDOfN7xOELfbTnIru89aWc+kqdzfrMPhLwxClHg2JWr +juE+BPzMXrkCDQRaJGokARAAxGZu+BKBt8rY8lF/7wQBfrqx2nlUTvdMlmUELT3e +8Gw/z7+qArjYn+Xm7TTh490KMaATKFnDol0vfvlMXre4hyCC1/+B2qjEKiUCvVhw +mKQFNV3pmbugTlbdEnHuf5sbzU32HWb2x2L4jMcrN97CQq6qx65S05uo7TS7DM7x +PUCrGZKeXvlQVmJv0gH3symIy2ZQoLtTYyMoaDfifKLHbQfR2WSxPy7cb6mjX1jM +OD8dGGazLDGohCDpLhs4MbFTjwh1PBhFETBbAh5/ElNefpfT25w7RkPaMLiXmxTS +Qu/uugldjAsz5uQ8D39TueoeFymBOUH76dM1VewNzHxZTp0GpnOfvhtleKg/870t +NhLphf811g1HxeNM+W9oU5kY/dcFo71SHwuVzMSGU3QOuJmLso3epFsMfs5mDML8 +UT+gXZgI2gfu0VPja4ashJ6Pd+OUpH7awFNLa7CoGILpBTIN1xxUCyzk1DNkscWY +CgMUobdSEi/W59iCPlrDW5tPCfIzTA06F6WhjFKoYaM9oqBM113J9j+t4FK7gkra +o9ksF6eKaohNEiGJWRFJUwHf1jiHWafwZTAm1ZE9yuUksBbWrcEYdoak4CRcc1Ba +ZWNd4PKn9IFoFSjbe8WAGoRLcv0sNujmN+UiQ+LesIUw3QA0YWXsN9sijUxroC/C +lZMAEQEAAYkCNgQYAQgAIBYhBFnR6cy6KzdnBP3TW6n0wCHOpHD7BQJaJGokAhsM +AAoJEKn0wCHOpHD7ok0QAJSNCcZAUTmQRlhncToRg6lLqwgIDx/GLYq6F/WDYn6M +e2QalyUskpFX12qmJBlaMFHAus7bhbtyQBcEmPW9MY+HhItvRYXpKMbgEdxnMvD5 +uY+zDHiScRECH8gtZy8Uld0HiCy2aWgwt3LtVRuLu/wt5KsLq1s9zpEHQ0P9AHnz ++EWFArCHCC8FatWE47zZLDLOuMSLeS7HBSheloyTwezfdzbKnyD3JVwoTID0LP2W +o5FspqwYkIN93zRyTrlC6lmPR+TMzMsAeAh2kHpoV03z6isTO59jIqj1Nrai8fhd +4DyfnRBBjkoXJTPeTM+MFa1gdU2B8VJfoqG7Ti780Tg83Z4/H9EEdD/pHzI8ay6x +X5ABJhDnPHTPz3fKPaxwrfOJGyCvAr8qbCVql1Dp8b3sTAlWbG/Cqz7q3NhF298o +4A1EDu5IADWKOhekdjF/dutRHMCbvJKA0q4XiZu9YVYv7yysRPTicwvN9W5z7a5o +IJLCXXtetNtoFZFoUDDZjmaCA6pcbFX9FZ96b9jLNa/BKvtlCTsosJHxf9XNiSx5 +dW9wHuojr60wvLxVK/N2anvjEfYuVxlfcKjOHpJuOX7xAcOAVAWnNvY/vSZCvAo2 +azMB5NOxu2Iz3pyqARpClI6b14giASYMfWkb2Bfx2Sc44SHXcm5MxiTt51tB8i+d +=vIKA +-----END PGP PUBLIC KEY BLOCK----- diff --git a/debian/watch b/debian/watch new file mode 100644 index 0000000..0089273 --- /dev/null +++ b/debian/watch @@ -0,0 +1,2 @@ +version=4 +opts=pgpsigurlmangle=s/$/.sig/ https://www.sudo.ws/sudo/dist/sudo-(.*)[.]tar[.]gz |