aboutsummaryrefslogtreecommitdiff
path: root/security/sudo
Commit message (Collapse)AuthorAgeFilesLines
* - Switch to using bsd.port.options.mk.Wesley Shields2011-09-071-2/+2
| | | | Notes: svn path=/head/; revision=281336
* - Update to 1.8.2Wesley Shields2011-09-063-7/+28
| | | | | | | | - Now depend on gettext - While here, use DISTVERSION. Notes: svn path=/head/; revision=281313
* - Remove dead MASTER_SITES.Wesley Shields2011-08-021-5/+0
| | | | | | | Noticed by: The Distilator Notes: svn path=/head/; revision=278833
* Update to 1.8.1p2Wesley Shields2011-05-222-5/+5
| | | | Notes: svn path=/head/; revision=274466
* Add an AUDIT option, which is off by default for now. I will turn it onWesley Shields2011-05-131-1/+6
| | | | | | | | | with the next significant bump. Submitted by: Mike Kelly (private mail) Notes: svn path=/head/; revision=274051
* Update to 1.8.1p1.Wesley Shields2011-04-174-33/+7
| | | | | | | | No longer need to worry about etc/sudoers.d problem, as it is no longer a fatal error. Notes: svn path=/head/; revision=272839
* Fix a typo in pkg-install. Should use -m and not -M for install(1).Wesley Shields2011-04-121-1/+1
| | | | | | | Noticed by: sunpoet@ Notes: svn path=/head/; revision=272573
* The install process checks the validity of sudoers before installingWesley Shields2011-04-112-1/+19
| | | | | | | | | | | | | etc/sudoers.d. If you have an sudoers with the includedir directive the install will fail. Fix this by creating the directory in a pre-install target. This should fix "The Great sudo Debacle of 2011" once and for all. Tested by: dougb@ Notes: svn path=/head/; revision=272536
* Revert the removal of sudoers.d. It is a POLA violation. While here removeWesley Shields2011-04-114-17/+11
| | | | | | | the UPDATING entry as it no longer applies. Notes: svn path=/head/; revision=272530
* We don't install a sudoers.d, remove that from the default sudoers file.Wesley Shields2011-04-112-2/+11
| | | | | | | | | PR: ports/156305 Submitted by: Helmut Schneider <jumper99@gmx.de> Anatoly Borodin <anatoly.borodin@gmail.com> Notes: svn path=/head/; revision=272519
* Update to 1.8.1. There are a lot of behind-the-scenes changes in this port,Wesley Shields2011-04-106-38/+48
| | | | | | | | | including a plugin system now. While here, do some whitespace fixes. Notes: svn path=/head/; revision=272455
* Update to 1.7.4p6.Wesley Shields2011-01-192-4/+4
| | | | | | | | | | | "This release fixes a bug in the I/O logging support that could cause visual artifacts in full-screen programs such as text editors. This bug was listed as fixed in sudo 1.7.4p5 but the fix was merged incorrectly." Feature safe: yes Notes: svn path=/head/; revision=268002
* Update to 1.7.4p5.Wesley Shields2011-01-132-6/+4
| | | | | | | | | | | | Special thanks to rea@ for commiting the appropriate VuXML for me. :) PR: ports/153939 Submitted by: rea@ Security: 908f4cf2-1e8b-11e0-a587-001b77d09812 Feature safe: yes Notes: svn path=/head/; revision=267752
* Work around annoying, but harmless, bug with install(1) using "-b~" by changingWesley Shields2010-10-241-1/+2
| | | | | | | | | | it to use "-b ~". While here also strip libsudo_noexec.so. Submitted by: John Hein (private mail) Notes: svn path=/head/; revision=263543
* Add a bunch of new mirrors and remove dead ones. The mirror list now matchesWesley Shields2010-10-171-2/+30
| | | | | | | | | http://www.sudo.ws/sudo/download_mirrors.html. Noticed by: The Distilator Notes: svn path=/head/; revision=263123
* Add two missing files when LDAP knob is on. No need to bump PORTREVISION as itWesley Shields2010-09-141-0/+2
| | | | | | | defaults to off. Notes: svn path=/head/; revision=261152
* Remove SHELL_SETS_HOME knob since as far as I can tell it doesn't do anythingWesley Shields2010-09-141-5/+0
| | | | | | | | anymore. The configure script still supports it but the behavior is now controlled by a setting in the configuration file "Defaults env_keep += HOME". Notes: svn path=/head/; revision=261105
* Fix packaging.Wesley Shields2010-09-132-6/+10
| | | | | | | | PR: ports/150371 Submitted by: Sunpoet Po-Chuan Hsieh <sunpoet@sunpoet.net>, dim@ Notes: svn path=/head/; revision=261091
* Update to 1.7.4p4 to address a couple of minor bugs and Runas groupWesley Shields2010-09-073-19/+13
| | | | | | | | | | vulnerability. While I'm here also cleanup files/patch-Makefile.in. Security: 67b514c3-ba8f-11df-8f6e-000c29a67389 Notes: svn path=/head/; revision=260706
* Fix package installation by correcting usage of %B and installing a fileWesley Shields2010-09-052-1/+4
| | | | | | | | | | to make sure the empty directory is created. PR: ports/149912 Submitted by: Alexey V.Degtyarev <alexey@renatasystems.org> Notes: svn path=/head/; revision=260609
* Strip the binaries by default. No need to bump PORTREVISION for such aWesley Shields2010-08-221-0/+2
| | | | | | | | | | minor change. PR: ports/149135 Submitted by: Anonymous <swell.k@gmail.com> Notes: svn path=/head/; revision=259734
* Update to 1.7.4p3Wesley Shields2010-08-225-14/+21
| | | | | | | Install etc/pam.d/sudo and etc/pam.d/sudo.default Notes: svn path=/head/; revision=259711
* Fix problems when upgrading using packages:Wesley Shields2010-08-163-20/+7
| | | | | | | | | - Always install sudoers.sample. - There is no need for pkg-install anymore. - Bump PORTREVISION. Notes: svn path=/head/; revision=259350
* Update to 1.7.4p2.Wesley Shields2010-08-165-45/+56
| | | | Notes: svn path=/head/; revision=259326
* Remove unsupported argument to configure.Wesley Shields2010-07-051-1/+0
| | | | | | | | | PR: ports/148378 Submitted by: Jeremy Chadwick <freebsd@jdc.parodius.com> Feature safe: yes Notes: svn path=/head/; revision=257408
* Update to 1.7.3Wesley Shields2010-07-043-7/+7
| | | | | | | Feature safe: yes Notes: svn path=/head/; revision=257362
* Update to 1.7.2p7.Wesley Shields2010-06-032-5/+5
| | | | | | | Security: d42e5b66-6ea0-11df-9c8d-00e0815b8da8 Notes: svn path=/head/; revision=255590
* - Update to 1.7.2p6 (security fix).Wesley Shields2010-04-152-5/+5
| | | | | | | Security: 1a9f678d-48ca-11df-85f8-000c29a67389 Notes: svn path=/head/; revision=252726
* - Update to 1.7.2p5. Security fix (1.7.2p4) and general bug fixes beyond that.Wesley Shields2010-03-012-5/+5
| | | | | | | | Security: 018a84d0-2548-11df-b4a3-00e0815b8da8 Feature safe: yes Notes: svn path=/head/; revision=250463
* - Fix options screen to have a shorter description.Wesley Shields2010-01-051-1/+1
| | | | | | | Noticed by: garga@ Notes: svn path=/head/; revision=247209
* - Update to 1.7.2.2Wesley Shields2010-01-043-17/+19
| | | | | | | | | | | | | | | | - Mark jobs safe - Cleanup whitespace in OPTIONS - [1] Add ability to specify syslog facility at build time (defaults to local2, no functional change) - [2] Add ability to specify ldap configuration file (defaults to ${PREFIX}/etc/ldap.conf, no functional change) PR: [2]: ports/127822 Submitted by: [1]: skreuzer@ (private mail) [2]: Sergey Skvortsov <skv@freebsd.org> Notes: svn path=/head/; revision=247153
* - Take maintainer. Thanks Tom for all your hard work on this.Wesley Shields2009-10-121-1/+1
| | | | | | | Approved by: tmclaugh Notes: svn path=/head/; revision=242738
* Add OPTIONS for WITH_DISABLE_ROOT_SUDO, WITH_DISABLE_AUTH, andTom McLaughlin2009-06-121-1/+16
| | | | | | | | | WITH_NOARGS_SHELL Submitted by: Scott Fultz Notes: svn path=/head/; revision=235610
* Security update for sudo to 1.6.9p20 for CVE 2009-0034Tom McLaughlin2009-02-062-5/+5
| | | | | | | | | | | | | | | | | | Changes: - Only use the cached supplementory group vector when matching groups for the invoking user. (security) - When setting the umask, use the union of the user's umask and the default value set in sudoers so that we never lower the user's umask when running a command. - Sudo now operates in the C locale again when doing a match against sudoers. PR: 131446 Submitted by: Eygene Ryabinkin Security: vid:13d6d997-f455-11dd-8516-001b77d09812 Notes: svn path=/head/; revision=227734
* - Add FTP_PASSIVE_MODE to example env_keep line for pkg utilities and fetch.Tom McLaughlin2008-10-111-8/+7
| | | | | | | Suggested by: koitsu Notes: svn path=/head/; revision=221444
* Update CONFIGURE_ARGS for how we pass CONFIGURE_TARGET to configure script.Rong-En Fan2008-08-211-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Specifically, newer autoconf (> 2.13) has different semantic of the configure target. In short, one should use --build=CONFIGURE_TARGET instead of CONFIGURE_TARGET directly. Otherwise, you will get a warning and the old semantic may be removed in later autoconf releases. To workaround this issue, many ports hack the CONFIGURE_TARGET variable so that it contains the ``--build='' prefix. To solve this issue, under the fact that some ports still have configure script generated by the old autoconf, we use runtime detection in the do-configure target so that the proper argument can be used. Changes to Mk/*: - Add runtime detection magic in bsd.port.mk - Remove CONFIGURE_TARGET hack in various bsd.*.mk - USE_GNOME=gnometarget is now an no-op Changes to individual ports, other than removing the CONFIGURE_TARGET hack: = pkg-plist changed (due to the ugly CONFIGURE_TARGET prefix in * executables) - comms/gnuradio - science/abinit - science/elmer-fem - science/elmer-matc - science/elmer-meshgen2d - science/elmerfront - science/elmerpost = use x86_64 as ARCH - devel/g-wrap = other changes - print/magicfilter GNU_CONFIGURE -> HAS_CONFIGURE since it's not generated by autoconf Total # of ports modified: 1,027 Total # of ports affected: ~7,000 (set GNU_CONFIGURE to yes) PR: 126524 (obsoletes 52917) Submitted by: rafan Tested on: two pointyhat 7-amd64 exp runs (by pav) Approved by: portmgr (pav) Notes: svn path=/head/; revision=218938
* - Update to 1.6.9p17Tom McLaughlin2008-07-062-6/+5
| | | | | | | | * the -i flag implies resetting the environment as it did prior to 1.6.9. The -i and -E flags are now mutually-exclusive. Notes: svn path=/head/; revision=216420
* - Fix pkg-plist, libtool archive is no longer installed.Tom McLaughlin2008-04-102-1/+1
| | | | | | | Prompted by: pavmail Notes: svn path=/head/; revision=211011
* - Update to 1.6.9p15Tom McLaughlin2008-04-093-6/+6
| | | | | | | | | | * The HOME environment variable is once again preserved by default, as per the documentation. - Finally remember to fix the $FreeBSD$ line in pam file. Notes: svn path=/head/; revision=210944
* - Update to 1.6.9p14Tom McLaughlin2008-03-092-5/+5
| | | | | | | | | | * Check sudoers even if user is found in LDAP so Defaults can take effect. * Fix crash when pam_lastlog is (incorrectly) usesd in session section of PAM file. Notes: svn path=/head/; revision=208688
* Update to 1.6.9p12Tom McLaughlin2008-01-282-5/+5
| | | | | | | | | | | | | | | | Changes: - The ALL command in sudoers now implies SETENV permissions. - The command search is now performed using the target user's auxiliary group vector too. - Various LDAP code improvements. - Added passprompt_override flag to sudoers to cause sudo's prompt to be used in all cases. Also set when the -p flag is used. - New %p prompt escape that expands to the user whose password is being prompted, as specified by the rootpw, targetpw and runaspw sudoers flags. Notes: svn path=/head/; revision=206305
* - Make fetchable again. Add my MASTER_SITE_LOCAL to the mix and replaceTom McLaughlin2007-11-121-9/+7
| | | | | | | | | | a number of outdated sites. Notified by: Ferenc Gartner Approved by: portmgr (linimon, erwin) Notes: svn path=/head/; revision=202636
* Update to 1.6.9p6Tom McLaughlin2007-10-232-5/+5
| | | | | | | | - Sudo now only prints the password prompt if the process is in the foreground. Notes: svn path=/head/; revision=201776
* Update to 1.6.9p5:Tom McLaughlin2007-09-172-5/+5
| | | | | | | | | - Fixed a bug in the IP address matching introduced by the IPV6 merge. - Fixed sudoedit when used on a non-existent file. - Groups and netgroups are now valid in an LDAP sudoRunas statement. Notes: svn path=/head/; revision=199621
* Install schema.OpenLDAP into DOCSDIR.Tom McLaughlin2007-09-032-0/+2
| | | | | | | Prompted by: flz Notes: svn path=/head/; revision=198701
* Update to 1.6.9p4Tom McLaughlin2007-08-273-8/+23
| | | | | | | | | - IPv6 support added. - Added notes to default sudoers for handling environmental variables related to our pkg_* tools and portupgrade. Notes: svn path=/head/; revision=198399
* - Work around broken configure script and explicitly set location ofTom McLaughlin2007-08-132-4/+12
| | | | | | | | | | | | | | | | | sudo_noexec.so to unbreak NOEXEC option. [1] - Build using --with-secure-path if SUDO_SECURE_PATH is set when building the port. SUDO_SECURE_PATH should be set to a PATH string. [2] - Don't bother deleting sudo_noexec.la. Deleting the file after it's installed is ugly and since it's not harmful it's not worth patching the install. - Set CONFIGURE_TARGET. PR: 115442 [1], 115381 [2] Submitted by: vd [1], Janos Mohacsi [2] Notes: svn path=/head/; revision=197550
* Fix session stack in default pam file.Tom McLaughlin2007-08-032-1/+2
| | | | Notes: svn path=/head/; revision=196996
* Update to 1.6.9p3Tom McLaughlin2007-08-022-5/+5
| | | | | | | - Fixes bug related to supplemental group matching Notes: svn path=/head/; revision=196976
* Update to 1.6.9p2Tom McLaughlin2007-07-302-5/+5
| | | | | | | - Environment handling fix. Notes: svn path=/head/; revision=196722
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-27 19:32:01 +0000