diff -Nru sudo-1.8.20p2/debian/changelog sudo-1.8.20p2/debian/changelog --- sudo-1.8.20p2/debian/changelog 2017-06-08 19:57:02.000000000 +0200 +++ sudo-1.8.20p2/debian/changelog 2017-06-12 21:51:31.000000000 +0200 @@ -1,3 +1,38 @@ +sudo (1.8.20p2-1ubuntu1) artful; urgency=low + + * Merge from Debian unstable. (LP: #1697587) + Remaining changes: + - Use tmpfs location to store timestamp files + + debian/rules: change --with-rundir to /var/run/sudo + + debian/rules, debian/sudo.service, debian/sudo.sudo.init: stop + shipping init script and service file, as they are no longer + necessary. + + debian/*.preinst, debian/*.postinst, debian/*.postrm: remove old + init script with dpkg-maintscript-helper. + + debian/*.postinst: remove old /var/run/sudo to /var/lib/sudo + transition code, remove old /var/lib/sudo/ts timestamp directory. + - debian/rules: + + compile with --without-lecture --with-tty-tickets --enable-admin-flag + + install man/man8/sudo_root.8 in both flavours + + install apport hooks + - debian/source_sudo.py, debian/sudo-ldap.dirs, debian/sudo.dirs: + + add usr/share/apport/package-hooks + - debian/sudo.pam: + + Use pam_env to read /etc/environment and /etc/default/locale + environment files. Reading ~/.pam_environment is not permitted due to + security reasons. + - debian/sudoers: + + also grant admin group sudo access + + include /snap/bin in the secure_path + - debian/control, debian/rules: + + use dh-autoreconf + - Remaining patches: + + keep_home_by_default.patch: Keep HOME in the default environment + - Dropped patches no longer needed: + + CVE-2017-1000367.patch + + -- Balint Reczey Mon, 12 Jun 2017 21:51:31 +0200 + sudo (1.8.20p2-1) unstable; urgency=medium * new upstream version @@ -27,6 +62,51 @@ -- Bdale Garbee Wed, 10 May 2017 10:25:46 -0600 +sudo (1.8.19p1-1ubuntu2) artful; urgency=medium + + * SECURITY UPDATE: /proc/self/stat parsing confusion + - debian/patches/CVE-2017-1000367.patch: adjust parsing to + find ttyname + - CVE-2017-1000367 + + -- Steve Beattie Mon, 29 May 2017 03:13:37 -0700 + +sudo (1.8.19p1-1ubuntu1) zesty; urgency=low + + * Merge from Debian unstable. (LP: #1607666) + Remaining changes: + - Use tmpfs location to store timestamp files + + debian/rules: change --with-rundir to /var/run/sudo + + debian/rules, debian/sudo.service, debian/sudo.sudo.init: stop + shipping init script and service file, as they are no longer + necessary. + + debian/*.preinst, debian/*.postinst, debian/*.postrm: remove old + init script with dpkg-maintscript-helper. + + debian/*.postinst: remove old /var/run/sudo to /var/lib/sudo + transition code, remove old /var/lib/sudo/ts timestamp directory. + - debian/rules: + + compile with --without-lecture --with-tty-tickets --enable-admin-flag + + install man/man8/sudo_root.8 in both flavours + + install apport hooks + - debian/source_sudo.py, debian/sudo-ldap.dirs, debian/sudo.dirs: + + add usr/share/apport/package-hooks + - debian/sudo.pam: + + Use pam_env to read /etc/environment and /etc/default/locale + environment files. Reading ~/.pam_environment is not permitted due to + security reasons. + - debian/sudoers: + + also grant admin group sudo access + + include /snap/bin in the secure_path + - debian/control, debian/rules: + + use dh-autoreconf + - Remaining patches: + + keep_home_by_default.patch: Keep HOME in the default environment + - Dropped patches no longer needed: + + debian/patches/lp1565567.patch: upstream. + + debian/patches/also_check_sudo_group.diff: upstream. + + -- Timo Aaltonen Sat, 14 Jan 2017 01:41:17 +0200 + sudo (1.8.19p1-1) unstable; urgency=medium * new upstream version @@ -67,6 +147,61 @@ -- Bdale Garbee Tue, 05 Jul 2016 16:01:55 +0200 +sudo (1.8.16-0ubuntu3) yakkety; urgency=medium + + * debian/sudoers: + - include /snap/bin in the secure_path (LP: #1595558) + + -- Michael Vogt Mon, 15 Aug 2016 18:08:34 +0200 + +sudo (1.8.16-0ubuntu2) yakkety; urgency=medium + + * debian/patches/lp1565567.patch: fix crash when looking up a negative + cached entry which is stored as a NULL passwd or group struct pointer + in plugins/sudoers/pwutil.c. (LP: #1565567) + + -- Marc Deslauriers Wed, 04 May 2016 11:31:55 -0400 + +sudo (1.8.16-0ubuntu1) xenial; urgency=medium + + * Update to new upstream version 1.8.16. (LP: #1563825) + - Dropped patches no longer needed: + + CVE-2015-5602-6.patch + + CVE-2015-5602-7.patch + * Merge from Debian unstable. Remaining changes: + - Use tmpfs location to store timestamp files + + debian/rules: change --with-rundir to /var/run/sudo + + debian/rules, debian/sudo.service, debian/sudo.sudo.init: stop + shipping init script and service file, as they are no longer + necessary. + + debian/*.preinst, debian/*.postinst, debian/*.postrm: remove old + init script with dpkg-maintscript-helper. + + debian/*.postinst: remove old /var/run/sudo to /var/lib/sudo + transition code, remove old /var/lib/sudo/ts timestamp directory. + - debian/rules: + + compile with --without-lecture --with-tty-tickets --enable-admin-flag + + install man/man8/sudo_root.8 in both flavours + + install apport hooks + - debian/sudoers: + + also grant admin group sudo access + - debian/source_sudo.py, debian/sudo-ldap.dirs, debian/sudo.dirs: + + add usr/share/apport/package-hooks + - debian/sudo.pam: + + Use pam_env to read /etc/environment and /etc/default/locale + environment files. Reading ~/.pam_environment is not permitted due to + security reasons. + - debian/control: + + dh-autoreconf dependency fixes missing-build-dependency-for-dh_-command + - Remaining patches: + + keep_home_by_default.patch: Keep HOME in the default environment + + debian/patches/also_check_sudo_group.diff: also check the sudo group + in plugins/sudoers/sudoers.c to create the admin flag file. Leave the + admin group check for backwards compatibility. + - Dropped patches no longer needed: + + debian/patches/pam_check_untranslated_prompt.patch: upstream. + + -- Marc Deslauriers Wed, 30 Mar 2016 08:03:52 -0400 + sudo (1.8.15-1.1) unstable; urgency=medium * Non-maintainer upload @@ -84,6 +219,58 @@ -- Bdale Garbee Wed, 23 Dec 2015 11:15:22 -0700 +sudo (1.8.12-1ubuntu3) wily; urgency=medium + + * debian/patches/pam_check_untranslated_prompt.patch: also check the un- + translated version of the prompt when checking if the PAM prompt matches + "Password:". Patch from Joel Pelaez Jorge. (LP: #1414303) + + -- Mathieu Trudel-Lapierre Tue, 22 Sep 2015 11:57:43 -0400 + +sudo (1.8.12-1ubuntu2) wily; urgency=medium + + * Use tmpfs location to store timestamp files (LP: #1458031) + - debian/rules: change --with-rundir to /var/run/sudo + - debian/rules, debian/sudo.service, debian/sudo.sudo.init: stop + shipping init script and service file, as they are no longer + necessary. + - debian/*.preinst, debian/*.postinst, debian/*.postrm: remove old init + script with dpkg-maintscript-helper. + - debian/*.postinst: remove old /var/run/sudo to /var/lib/sudo + transition code, remove old /var/lib/sudo/ts timestamp directory. + + -- Marc Deslauriers Fri, 05 Jun 2015 09:31:38 -0400 + +sudo (1.8.12-1ubuntu1) wily; urgency=medium + + * Merge from Debian unstable. (LP: #1451274, LP: #1219337) + Remaining changes: + - debian/rules: + + compile with --without-lecture --with-tty-tickets --enable-admin-flag + + install man/man8/sudo_root.8 in both flavours + + install apport hooks + - debian/sudoers: + + also grant admin group sudo access + - debian/source_sudo.py, debian/sudo-ldap.dirs, debian/sudo.dirs: + + add usr/share/apport/package-hooks + - debian/sudo.pam: + + Use pam_env to read /etc/environment and /etc/default/locale + environment files. Reading ~/.pam_environment is not permitted due to + security reasons. + - debian/control: + + dh-autoreconf dependency fixes missing-build-dependency-for-dh_-command + - Remaining patches: + + keep_home_by_default.patch: Keep HOME in the default environment + + debian/patches/also_check_sudo_group.diff: also check the sudo group + in plugins/sudoers/sudoers.c to create the admin flag file. Leave the + admin group check for backwards compatibility. + * Dropped patches no longer needed: + + add_probe_interfaces_setting.diff + + actually-use-buildflags.diff + + CVE-2014-9680.patch + + -- Marc Deslauriers Wed, 13 May 2015 15:43:49 -0400 + sudo (1.8.12-1) unstable; urgency=low * new upstream version, closes: #772707, #773383 @@ -126,6 +313,64 @@ -- Bdale Garbee Sun, 14 Sep 2014 10:20:15 -0600 +sudo (1.8.9p5-1ubuntu5) vivid; urgency=medium + + * SECURITY UPDATE: arbitrary file access via TZ + - debian/patches/CVE-2014-9680.patch: sanity check TZ env variable in + configure, configure.ac, doc/sudoers.cat, doc/sudoers.man.in, + doc/sudoers.mdoc.in, m4/sudo.m4, pathnames.h.in, + plugins/sudoers/env.c. + - CVE-2014-9680 + + -- Marc Deslauriers Thu, 12 Mar 2015 10:45:21 -0400 + +sudo (1.8.9p5-1ubuntu4) vivid; urgency=medium + + * Correct sudo.pam use "session" for pam_env.so, not "auth". (LP: + #155794, LP: #25700) + + -- Dimitri John Ledkov Tue, 23 Dec 2014 04:08:33 +0000 + +sudo (1.8.9p5-1ubuntu3) vivid; urgency=medium + + * debian/patches/also_check_sudo_group.diff: also check the sudo group + in plugins/sudoers/sudoers.c to create the admin flag file. Leave the + admin group check for backwards compatibility. (LP: #1387347) + + -- Marc Deslauriers Wed, 29 Oct 2014 15:55:34 -0400 + +sudo (1.8.9p5-1ubuntu2) utopic; urgency=medium + + * debian/sudo_root.8: mention sudo group instead of deprecated group + admin (LP: #1130643) + + -- Andrey Bondarenko Sat, 23 Aug 2014 01:18:05 +0600 + +sudo (1.8.9p5-1ubuntu1) trusty; urgency=low + + * Merge from Debian unstable. Remaining changes: + - debian/rules: + + compile with --without-lecture --with-tty-tickets --enable-admin-flag + + install man/man8/sudo_root.8 in both flavours + + install apport hooks + - debian/sudoers: + + also grant admin group sudo access + - debian/source_sudo.py, debian/sudo-ldap.dirs, debian/sudo.dirs: + + add usr/share/apport/package-hooks + - debian/sudo.pam: + + Use pam_env to read /etc/environment and /etc/default/locale + environment files. Reading ~/.pam_environment is not permitted due to + security reasons. + - debian/control: + + dh-autoreconf dependency fixes missing-build-dependency-for-dh_-command + - Remaining patches: + + keep_home_by_default.patch: Keep HOME in the default environment + + actually-use-buildflags: Pass LDFLAGS everywhere + + add_probe_interfaces_setting.diff: option to disable network inf probe + * add_probe_interfaces_setting.diff: fix to not modify NEWS file. + + -- Chris J Arges Mon, 10 Feb 2014 12:21:53 -0600 + sudo (1.8.9p5-1) unstable; urgency=low * new upstream release, closes: #735328 @@ -172,6 +417,33 @@ -- Bdale Garbee Wed, 30 Oct 2013 10:33:44 -0600 +sudo (1.8.8-2ubuntu2) trusty; urgency=medium + + * Build using dh-autoreconf. + + -- Matthias Klose Sun, 15 Dec 2013 16:24:49 +0100 + +sudo (1.8.8-2ubuntu1) trusty; urgency=low + + * Merge from Debian unstable. Remaining changes: + - debian/rules: + + compile with --without-lecture --with-tty-tickets --enable-admin-flag + + install man/man8/sudo_root.8 in both flavours + + install apport hooks + - debian/sudoers: + + also grant admin group sudo access + - debian/source_sudo.py, debian/sudo-ldap.dirs, debian/sudo.dirs: + + add usr/share/apport/package-hooks + - debian/sudo.pam: + + Use pam_env to read /etc/environment and /etc/default/locale + environment files. Reading ~/.pam_environment is not permitted due to + security reasons. + - Remaining patches: + + keep_home_by_default.patch: Keep HOME in the default environment + + actually-use-buildflags: Pass LDFLAGS everywhere + + -- Stéphane Graber Tue, 22 Oct 2013 17:43:37 -0400 + sudo (1.8.8-2) unstable; urgency=low * fix touch errors on boot, closes: #725193 @@ -227,6 +499,72 @@ -- Bdale Garbee Wed, 14 Aug 2013 00:01:14 +0200 +sudo (1.8.6p3-0ubuntu3) raring; urgency=low + + * SECURITY UPDATE: authentication bypass via clock set to epoch + - debian/patches/CVE-2013-1775.patch: ignore time stamp file if it is + set to epoch in plugins/sudoers/check.c. + - CVE-2013-1775 + + -- Marc Deslauriers Wed, 27 Feb 2013 13:26:26 -0500 + +sudo (1.8.6p3-0ubuntu2) raring; urgency=low + + * The latest sssd upload dropped the soname from libsss_sudo.so, so we + can now drop our sudo delta and just use libsss_sudo.so directly. + + -- Stéphane Graber Fri, 07 Dec 2012 23:11:45 -0500 + +sudo (1.8.6p3-0ubuntu1) raring; urgency=low + + * New upstream release (1.8.6p3). + * Add patch to fix building with sssd when ldap is disabled. + * Drop sudo.manpages and sudo-ldap.manpages as the upstream build system + now does the right thing here. + * Build the main sudo package with support for sssd, this doesn't add any + additional build time or runtime dependency. sudo will dynamically load + the sssd library if 'sss' is listed for the 'sudoers' nss service. + + -- Stéphane Graber Fri, 16 Nov 2012 09:31:32 -0500 + +sudo (1.8.5p2-1ubuntu1) quantal; urgency=low + + * Merge from debian/testing (LP: #1024154), remaining changes: + - debian/patches/keep_home_by_default.patch: + + Set HOME in initial_keepenv_table. + - debian/rules: + + compile with --without-lecture --with-tty-tickets (Ubuntu specific) + + install man/man8/sudo_root.8 in both flavours (Ubuntu specific) + + install apport hooks + + The ubuntu-sudo-as-admin-successful.patch was taken upstream by + Debian however it requires a --enable-admin-flag configure flag to + actually enable it in both flavours. + - debian/control: + + Mark Debian Vcs-* as XS-Debian-Vcs-* + + update debian/control + - debian/sudoers: + + grant admin group sudo access + - debian/source_sudo.py, debian/sudo-ldap.dirs, debian/sudo.dirs: + + add usr/share/apport/package-hooks + - debian/sudo.pam: + + Use pam_env to read /etc/environment and /etc/default/locale + environment files. Reading ~/.pam_environment is not permitted due to + security reasons. + * Dropped changes: + - debian/patches/lp927828-fix-abort-in-pam-modules-when-timestamp-valid.patch + + Fixed upstream in 1.8.5 + - debian/patches/CVE-2012-2337.patch: + + Fixed upstream in 1.8.4p5 + - debian/patches/pam_env_merge.patch: + + Feature released upstream in 1.8.5 + - debian/{sudo,sudo-ldap}.{preinst,postinst,postrm}: + + Drop Ubuntu-specific sudoers file migration code because the only + upgrade path to quantal is from precise. All necessary sudoers file + migration will have already been done by the time this version of the + sudo package is installed. + + -- Tyler Hicks Mon, 16 Jul 2012 14:01:42 +0200 + sudo (1.8.5p2-1) unstable; urgency=low * new upstream version @@ -237,6 +575,54 @@ -- Bdale Garbee Thu, 28 Jun 2012 12:01:37 -0600 +sudo (1.8.3p2-1ubuntu2) quantal; urgency=low + + * debian/patches/pam_env_merge.patch: Merge the PAM environment into the + user environment (LP: #982684) + * debian/sudo.pam: Use pam_env to read /etc/environment and + /etc/default/locale environment files. Reading ~/.pam_environment is not + permitted due to security reasons. + + -- Tyler Hicks Mon, 21 May 2012 00:48:10 -0500 + +sudo (1.8.3p2-1ubuntu1) quantal; urgency=low + + * Merge from debian/testing, remaining changes: + - debian/patches/keep_home_by_default.patch: + + Set HOME in initial_keepenv_table. (rebased for 1.8.3p1) + - debian/patches/lp927828-fix-abort-in-pam-modules-when-timestamp-valid.patch + + Fix Abort in some PAM modules when timestamp is valid. (LP: #927828) + - debian/patches/CVE-2012-2337.patch: Don't perform IPv6 checks on IPv4 + addresses. Based on upstream patch. + - debian/rules: + + compile with --without-lecture --with-tty-tickets (Ubuntu specific) + + install man/man8/sudo_root.8 in both flavours (Ubuntu specific) + + install apport hooks + + The ubuntu-sudo-as-admin-successful.patch was taken upstream by + Debian however it requires a --enable-admin-flag configure flag to + actually enable it in both flavours. + - debian/control: + + Mark Debian Vcs-* as XS-Debian-Vcs-* + + update debian/control + - debian/sudoers: + + grant admin group sudo access + - debian/sudo-ldap.dirs, debian/sudo.dirs: + + add usr/share/apport/package-hooks + - debian/sudo.preinst: + + avoid conffile prompt by checking for known default /etc/sudoers + and if found installing the correct default /etc/sudoers file. + Modified for updated default sudoers. Aproach taken is different + from Debian. Maybe this should now be dropped, since an LTS was + released. + + * Dropped changes: + - debian/patches/CVE-2012-0809.patch: + + dropped, included in this new upstream release. + - debian/patches/enable_badpass.patch: + + dropped as Debian chose to set this by default in the sudoers. + + -- Dmitrijs Ledkovs Tue, 01 May 2012 16:12:45 +0100 + sudo (1.8.3p2-1) unstable; urgency=high * new upstream version, closes: #657985 (CVE-2012-0809) @@ -267,6 +653,66 @@ -- Bdale Garbee Sat, 12 Nov 2011 16:27:13 -0700 +sudo (1.8.3p1-1ubuntu5) quantal; urgency=low + + * SECURITY UPDATE: Properly handle netmasks in sudoers Host and Host_List + values (LP: #1000276) + - debian/patches/CVE-2012-2337.patch: Don't perform IPv6 checks on IPv4 + addresses. Based on upstream patch. + - CVE-2012-2337 + + -- Tyler Hicks Wed, 16 May 2012 09:42:17 -0500 + +sudo (1.8.3p1-1ubuntu4) quantal; urgency=low + + * Fix Abort in some PAM modules when timestamp is valid. (LP: #927828) + + -- TJ (Ubuntu Contributions) Mon, 30 Apr 2012 17:55:27 +0100 + +sudo (1.8.3p1-1ubuntu3) precise; urgency=low + + * SECURITY UPDATE: permissions bypass via format string + - debian/patches/CVE-2012-0809.patch: fix format string vulnerability + in src/sudo.c. + - CVE-2012-0809 + + -- Marc Deslauriers Tue, 31 Jan 2012 10:25:52 -0500 + +sudo (1.8.3p1-1ubuntu2) precise; urgency=low + + * debian/sudo.preinst: + - updated to avoid conffile prompt by migrating to the new sudoers file + changes in Precise. (LP: #894410) + + -- Marc Deslauriers Thu, 24 Nov 2011 10:48:58 -0500 + +sudo (1.8.3p1-1ubuntu1) precise; urgency=low + + * Merge from debian/testing, remaining changes: + - debian/patches/keep_home_by_default.patch: + + Set HOME in initial_keepenv_table. (rebased for 1.8.3p1) + - debian/patches/enable_badpass.patch: turn on "mail_badpass" by default: + + attempting sudo without knowing a login password is as bad as not + being listed in the sudoers file, especially if getting the password + wrong means doing the access-check-email-notification never happens + (rebased for 1.8.3p1) + - debian/rules: + + compile with --without-lecture --with-tty-tickets (Ubuntu specific) + + install man/man8/sudo_root.8 (Ubuntu specific) + + install apport hooks + + The ubuntu-sudo-as-admin-successful.patch was taken upstream by + Debian however it requires a --enable-admin-flag configure flag to + actually enable it. + - debian/sudoers: + + grant admin group sudo access + - debian/sudo-ldap.dirs, debian/sudo.dirs: + + add usr/share/apport/package-hooks + - debian/sudo.preinst: + + avoid conffile prompt by checking for known default /etc/sudoers + and if found installing the correct default /etc/sudoers file + + -- Marc Deslauriers Sun, 20 Nov 2011 12:07:45 -0500 + sudo (1.8.3p1-1) unstable; urgency=low * new upstream version, closes: #646478 @@ -309,6 +755,33 @@ -- Bdale Garbee Wed, 24 Aug 2011 13:33:11 -0600 +sudo (1.7.4p6-1ubuntu2) oneiric; urgency=low + + * debian/patches/enable_badpass.patch: turn on "mail_badpass" by default: + - attempting sudo without knowing a login password is as bad as not + being listed in the sudoers file, especially if getting the password + wrong means doing the access-check-email-notification never happens + (Closes: 641218). + + -- Kees Cook Sun, 11 Sep 2011 10:29:08 -0700 + +sudo (1.7.4p6-1ubuntu1) oneiric; urgency=low + + * Merge from debian/unstable, remaining changes: + - debian/patches/keep_home_by_default.patch: + + Set HOME in initial_keepenv_table. + - debian/rules: + + compile with --without-lecture --with-tty-tickets (Ubuntu specific) + + install man/man8/sudo_root.8 (Ubuntu specific) + + install apport hooks + - debian/sudoers: + + grant admin group sudo access + - debian/sudo-ldap.dirs, debian/sudo.dirs: + + add usr/share/apport/package-hooks + * drop debian/patches/CVE-2011-0010.patch, applied upstream now + + -- Michael Vogt Mon, 23 May 2011 09:50:37 +0200 + sudo (1.7.4p6-1) unstable; urgency=low * new upstream version @@ -325,6 +798,77 @@ -- Bdale Garbee Tue, 11 Jan 2011 10:22:39 -0700 +sudo (1.7.4p4-5ubuntu8) oneiric; urgency=low + + * debian/sudo.preinst: + - if well-known ec2 vmbuilder file is found, write a file in + sudoers.d for the 'ubuntu' user (LP: #768625) + + -- Scott Moser Thu, 21 Apr 2011 18:04:34 -0400 + +sudo (1.7.4p4-5ubuntu7) natty; urgency=low + + * debian/sudo.preinst: + - do not consider the ec2 vmbuilder default sudoers file + verbatim as its actually customized (LP: #761689) + + -- Michael Vogt Fri, 15 Apr 2011 16:40:10 +0200 + +sudo (1.7.4p4-5ubuntu6) natty; urgency=low + + * debian/patches/keep_home_by_default.patch: Set HOME in + initial_keepenv_table. LP: #760140 + + -- Steve Langasek Wed, 13 Apr 2011 12:32:25 -0700 + +sudo (1.7.4p4-5ubuntu5) natty; urgency=low + + * debian/sudo.preinst: + - avoid conffile prompt by checking for known default /etc/sudoers + and if found installing the correct default /etc/sudoers file + (LP: #690873) + + -- Michael Vogt Fri, 25 Mar 2011 09:13:43 +0100 + +sudo (1.7.4p4-5ubuntu4) natty; urgency=low + + * debian/rules: The ubuntu-sudo-as-admin-successful.patch was taken + upstream by Debian however it requires a --enable-admin-flag configure + flag to actually enable it. + (LP: #706045) + + -- Bryce Harrington Thu, 10 Feb 2011 12:01:53 -0800 + +sudo (1.7.4p4-5ubuntu3) natty; urgency=low + + * SECURITY UPDATE: privilege escalation via -g when using group Runas_List + - debian/patches/CVE-2011-0010.patch: prompt for password when the user is + running sudo as himself but as a different group + - CVE-2011-0010 + + -- Jamie Strandboge Tue, 18 Jan 2011 16:37:09 -0600 + +sudo (1.7.4p4-5ubuntu2) natty; urgency=low + + * debian/sudoers: temporarily workaround LP #690873 by adding %admin + into the default sudoers file in case people just say "yes" to the + dpkg conffile prompt. + + -- Kees Cook Wed, 15 Dec 2010 15:38:17 -0800 + +sudo (1.7.4p4-5ubuntu1) natty; urgency=low + + * Merge from debian unstable (LP: #689025), remaining changes: + - debian/rules: + + compile with --without-lecture --with-tty-tickets (Ubuntu specific) + + install man/man8/sudo_root.8 (Ubuntu specific) + + install apport hooks + - debian/sudo-ldap.dirs, debian/sudo.dirs: add + usr/share/apport/package-hooks + * This upload also fixes: LP: #609645 + + -- Lorenzo De Liso Wed, 15 Dec 2010 21:32:57 +0100 + sudo (1.7.4p4-5) unstable; urgency=low * patch from Jakub Wilk to add noopt and nostrip build option support, @@ -378,6 +922,47 @@ -- Bdale Garbee Tue, 07 Sep 2010 12:22:42 -0600 +sudo (1.7.2p7-1ubuntu3) natty; urgency=low + + * No-change upload to drop sizable upstream changelog. + + -- Martin Pitt Mon, 22 Nov 2010 11:24:33 +0100 + +sudo (1.7.2p7-1ubuntu2) maverick; urgency=low + + * SECURITY UPDATE: privilege escalation via '-g' option when using + 'user:group' in Runas_Spec + - debian/patches/CVE-2010-2956.patch: update match.c to verify both user + and group match sudoers when using '-g' + - CVE-2010-2956 + + -- Jamie Strandboge Tue, 31 Aug 2010 14:54:06 -0500 + +sudo (1.7.2p7-1ubuntu1) maverick; urgency=low + + * Merge from debian unstable. Remaining changes: + - debian/rules: + - compile with --without-lecture --with-tty-tickets (Ubuntu specific) + - install man/man8/sudo_root.8 (Ubuntu specific) + - install apport hooks + - debian/sudo-ldap.dirs, debian/sudo.dirs: add + usr/share/apport/package-hooks + - debian/patches/ubuntu-sudo-as-admin-successful.patch: adjust sudo.c so + that if the user successfully authenticated and he is in the 'admin' + group, then create a stamp ~/.sudo_as_admin_successful. Our default bash + profile checks for this and displays a short intro about sudo if the flag + is not present + * Dropped the following, now included upstream: + - fix for CVE-2010-1163 + - fix for CVE-2010-0426 + - debian/sudo.postinst, debian/sudo-ldap.postinst: update description to + match behavior in sudoers file + - don't install init script. Debian moved to /var/lib/sudo from + /var/run/sudo, so Ubuntu's tmpfs usage won't clean those out + automatically any more, so we now need the initscript. + + -- Jamie Strandboge Tue, 06 Jul 2010 11:43:05 -0500 + sudo (1.7.2p7-1) unstable; urgency=high * new upstream release with security fix for secure path (CVE-2010-1646), @@ -413,6 +998,62 @@ -- Bdale Garbee Thu, 11 Mar 2010 15:44:53 -0700 +sudo (1.7.2p1-1ubuntu5) lucid; urgency=low + + * SECURITY UPDATE: properly verify path in find_path.c for the 'sudoedit' + pseudo-command when running from the current working directory and + secure_path is disabled + - CVE-2010-XXXX + + -- Jamie Strandboge Wed, 07 Apr 2010 15:35:36 -0500 + +sudo (1.7.2p1-1ubuntu4) lucid; urgency=low + + * env.c: Revert addition of "http_proxy" again. This was an Ubuntu specific + EBW hack, caused inconsistencies with other proxy variables (such as + https_proxy and ftp_proxy), made sudo incompatible to upstream + behaviour/documentation. This is solved in a much better way in apt itself + and gnome-network-properties now. (LP: #432631) + + -- Martin Pitt Fri, 26 Mar 2010 18:48:18 +0100 + +sudo (1.7.2p1-1ubuntu3) lucid; urgency=low + + * debian/sudo.postinst, debian/sudo-ldap.postinst: update description to + match behaviour in sudoers file. (LP: #534090) + + -- Marc Deslauriers Sun, 07 Mar 2010 19:49:39 -0500 + +sudo (1.7.2p1-1ubuntu2) lucid; urgency=low + + * SECURITY UPDATE: properly verify path for the 'sudoedit' pseudo-command + in match.c + - http://sudo.ws/repos/sudo/rev/88f3181692fe + - CVE-2010-0426 + + -- Jamie Strandboge Wed, 24 Feb 2010 16:50:11 -0600 + +sudo (1.7.2p1-1ubuntu1) lucid; urgency=low + + * Merge from debian testing. Remaining changes: + - debian/rules: Disable lecture, enable tty_tickets by default. (Ubuntu + specific) + - Add debian/sudo_root.8: Explanation of root handling through sudo. + Install it in debian/rules. (Ubuntu specific) + - sudo.c: If the user successfully authenticated and he is in the 'admin' + group, then create a stamp ~/.sudo_as_admin_successful. Our default bash + profile checks for this and displays a short intro about sudo if the + flag is not present. (Ubuntu specific) + - env.c: Add "http_proxy" to initial_keepenv_table, so that it is kept + for "sudo apt-get ...". (Ubuntu specific EBW hack, should disappear at + some point) + - debian/{rules,postinst,sudo-ldap.postinst}: Disable init script + installation. Debian reintroduced it because /var/run tmpfs is not the + default there, but has been on Ubuntu for ages. + - debian/{source_sudo.py,rules,sudo-ldap.dirs,sudo.dirs}: Add apport hook + + -- Marc Deslauriers Mon, 08 Feb 2010 18:47:06 -0500 + sudo (1.7.2p1-1) unstable; urgency=low * new upstream version @@ -440,6 +1081,40 @@ -- Bdale Garbee Wed, 15 Jul 2009 01:29:46 -0600 +sudo (1.7.0-1ubuntu3) lucid; urgency=low + + * debian/{source_sudo.py,rules}: Add apport hook + + -- Marc Deslauriers Fri, 29 Jan 2010 09:31:00 -0500 + +sudo (1.7.0-1ubuntu2) karmic; urgency=low + + * env.c: add logic similar to pam_env's stripping of single and double + quotes around /etc/environment env vars; fixes literal quotes in LANG when + using sudo -i; LP: #387262. + + -- Loïc Minier Mon, 22 Jun 2009 18:03:45 +0200 + +sudo (1.7.0-1ubuntu1) karmic; urgency=low + + * Merge from debian unstable, remaining changes: + - debian/rules: Disable lecture, enable tty_tickets by default. (Ubuntu + specific) + - Add debian/sudo_root.8: Explanation of root handling through sudo. + Install it in debian/rules. (Ubuntu specific) + - sudo.c: If the user successfully authenticated and he is in the 'admin' + group, then create a stamp ~/.sudo_as_admin_successful. Our default bash + profile checks for this and displays a short intro about sudo if the + flag is not present. (Ubuntu specific) + - env.c: Add "http_proxy" to initial_keepenv_table, so that it is kept + for "sudo apt-get ...". (Ubuntu specific EBW hack, should disappear at + some point) + - debian/{rules,postinst,sudo-ldap.postinst}: Disable init script + installation. Debian reintroduced it because /var/run tmpfs is not the + default there, but has been on Ubuntu for ages. + + -- Martin Pitt Mon, 11 May 2009 18:07:03 +0200 + sudo (1.7.0-1) unstable; urgency=low * new upstream version, closes: #510179, #128268, #520274, #508514 @@ -1097,98 +1772,54 @@ -- Bdale Garbee Thu, 29 Aug 1996 11:44:22 +0200 Tue Mar 5 09:36:41 MET 1996 Michael Meskes - sudo (1.4.1-1): - * hard code SECURE_PATH to: "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" - * enable ENV_EDITOR - * enabled EXEMPTGROUP "sudo" - * moved timestamp dir to /var/log/sudo - * changed parser to check for long and short filenames (Bug#1162) - Wed Apr 17 13:03:31 MET DST 1996 Michael Meskes - sudo (1.4.2-1): - * New upstream source - * Fixed postinst script (thanks to Peter Tobis ) - * Removed special shadow binary. This version works with and without shadow password file. - Mon May 20 09:35:22 MET DST 1996 Michael Meskes - sudo (1.4.2-2): - * Corrected editor path to /bin/ae (Bug#3062) - * Set file permission to 4755 for sudo and 755 for visudo (Bug#3063) - Mon Jun 17 12:06:41 MET DST 1996 Michael Meskes - sudo (1.4.3-1): - * New upstream version - * Changed sudoers permission to 440 (owner root, group root) to make sudo usable via NFS - Wed Jun 19 10:56:54 MET DST 1996 Michael Meskes - sudo (1.4.3-2): - * Applied upstream patch 1 - Thu Jun 20 09:02:57 MET DST 1996 Michael Meskes - sudo (1.4.3-3): - * Applied upstream patch 2 - Fri Jun 28 12:49:40 MET DST 1996 Michael Meskes - sudo (1.4.3-4): - * Applied upstream patch 3 (fixes problems with an NFS-mounted sudoers file) - - Sun Jun 30 13:02:44 MET DST 1996 Michael Meskes - sudo (1.4.3-5): - * Corrected postinst to use /usr/bin/perl instead of /bin/perl [Reported by jdassen@wi.leidenuniv.nl (J.H.M.Dassen)] - Wed Jul 10 12:44:33 MET DST 1996 Michael Meskes - sudo (1.4.3-6): - * Applied upstream patch 4 (fixes several bugs) - * Changed priority to optional - Thu Jul 11 19:23:52 MET DST 1996 Michael Meskes - sudo (1.4.3-7): - * Corrected postinst to create correct permission for /etc/sudoers (Bug#3749) - Fri Aug 2 10:50:53 MET DST 1996 Michael Meskes - sudo (1.4.4-1): - * New upstream version - - sudo (1.4.4-2) admin; urgency=HIGH * Fixed major security bug reported by Peter Tobias diff -Nru sudo-1.8.20p2/debian/control sudo-1.8.20p2/debian/control --- sudo-1.8.20p2/debian/control 2017-06-08 19:57:02.000000000 +0200 +++ sudo-1.8.20p2/debian/control 2017-06-09 00:18:14.000000000 +0200 @@ -1,8 +1,10 @@ Source: sudo Section: admin Priority: optional -Maintainer: Bdale Garbee -Build-Depends: debhelper (>= 10), libpam0g-dev, libldap2-dev, libsasl2-dev, libselinux1-dev [linux-any], autoconf, autotools-dev, bison, flex, libaudit-dev [linux-any], mandoc +Maintainer: Ubuntu Developers +XSBC-Original-Maintainer: Bdale Garbee +Build-Depends: debhelper (>= 10), libpam0g-dev, libldap2-dev, libsasl2-dev, libselinux1-dev [linux-any], autoconf, autotools-dev, bison, flex, libaudit-dev [linux-any], mandoc, + dh-autoreconf, Standards-Version: 3.9.8 Vcs-Git: git://anonscm.debian.org/collab-maint/sudo.git Vcs-Browser: http://anonscm.debian.org/gitweb/?p=collab-maint/sudo.git diff -Nru sudo-1.8.20p2/debian/patches/keep_home_by_default.patch sudo-1.8.20p2/debian/patches/keep_home_by_default.patch --- sudo-1.8.20p2/debian/patches/keep_home_by_default.patch 1970-01-01 01:00:00.000000000 +0100 +++ sudo-1.8.20p2/debian/patches/keep_home_by_default.patch 2017-01-13 23:49:24.000000000 +0100 @@ -0,0 +1,18 @@ +Description: Set HOME in initial_keepenv_table + Set HOME in initial_keepenv_table; without this, $HOME will never be + preserved unless added to keep_env. There's appropriate logic to handle + resetting the home for -H and -i options, so this is the only part that's + missing. +Author: Steve Langasek +Index: sudo-1.8.16/plugins/sudoers/env.c +=================================================================== +--- sudo-1.8.16.orig/plugins/sudoers/env.c 2016-03-30 08:27:25.003539832 -0400 ++++ sudo-1.8.16/plugins/sudoers/env.c 2016-03-30 08:27:24.999539794 -0400 +@@ -189,6 +189,7 @@ + static const char *initial_keepenv_table[] = { + "COLORS", + "DISPLAY", ++ "HOME", + "HOSTNAME", + "KRB5CCNAME", + "LS_COLORS", diff -Nru sudo-1.8.20p2/debian/patches/series sudo-1.8.20p2/debian/patches/series --- sudo-1.8.20p2/debian/patches/series 2017-06-08 19:57:02.000000000 +0200 +++ sudo-1.8.20p2/debian/patches/series 2017-06-09 00:18:15.000000000 +0200 @@ -1,2 +1,3 @@ typo-in-classic-insults.diff paths-in-samples.diff +keep_home_by_default.patch diff -Nru sudo-1.8.20p2/debian/rules sudo-1.8.20p2/debian/rules --- sudo-1.8.20p2/debian/rules 2017-06-08 19:57:02.000000000 +0200 +++ sudo-1.8.20p2/debian/rules 2017-06-12 21:37:19.000000000 +0200 @@ -15,9 +15,8 @@ endif reconf-stamp: - cp -f /usr/share/misc/config.sub config.sub - cp -f /usr/share/misc/config.guess config.guess - autoconf -I m4 + dh_testdir + dh_autoreconf touch $@ configure: configure-stamp @@ -42,9 +41,11 @@ --with-timeout=15 \ --with-password-timeout=0 \ --with-passprompt="[sudo] password for %p: " \ + --without-lecture --with-tty-tickets \ --disable-root-mailer \ + --enable-admin-flag \ --with-sendmail=/usr/sbin/sendmail \ - --with-rundir=/var/lib/sudo \ + --with-rundir=/var/run/sudo \ --libexecdir=/usr/lib/sudo \ --with-sssd --with-sssd-lib=/usr/lib/$(DEB_HOST_MULTIARCH) \ $(configure_args) @@ -66,10 +67,12 @@ --with-timeout=15 \ --with-password-timeout=0 \ --with-passprompt="[sudo] password for %p: " \ + --without-lecture --with-tty-tickets \ --disable-root-mailer \ + --enable-admin-flag \ --disable-setresuid \ --with-sendmail=/usr/sbin/sendmail \ - --with-rundir=/var/lib/sudo \ + --with-rundir=/var/run/sudo \ --with-ldap-conf-file=/etc/sudo-ldap.conf \ --libexecdir=/usr/lib/sudo \ $(configure_args) @@ -97,6 +100,7 @@ rm -f configure-stamp build-stamp rm -rf build-simple build-ldap rm -f config.cache + dh_autoreconf_clean dh_clean install: build-stamp @@ -112,6 +116,7 @@ rm -f debian/sudo*/etc/sudoers \ debian/sudo*/usr/share/doc/sudo/LICENSE* \ debian/sudo*/usr/share/doc/sudo/ChangeLog + rmdir debian/sudo*/var/run/sudo # move upstream-installed docs to the right place for ldap package mv debian/sudo-ldap/usr/share/doc/sudo/* \ @@ -129,6 +134,16 @@ install -o root -g root -m 0644 debian/sudo-ldap.lintian \ debian/sudo-ldap/usr/share/lintian/overrides/sudo-ldap + install -o root -g root -m 0644 debian/sudo_root.8 \ + debian/sudo/usr/share/man/man8/sudo_root.8 + install -o root -g root -m 0644 debian/sudo_root.8 \ + debian/sudo-ldap/usr/share/man/man8/sudo_root.8 + + install -o root -g root -m 0644 $(CURDIR)/debian/source_sudo.py \ + debian/sudo/usr/share/apport/package-hooks/source_sudo.py + install -o root -g root -m 0644 $(CURDIR)/debian/source_sudo.py \ + debian/sudo-ldap/usr/share/apport/package-hooks/source_sudo.py + install -o root -g root -m 0440 debian/sudoers \ debian/sudo/etc/sudoers install -o root -g root -m 0440 debian/sudoers \ @@ -139,10 +154,6 @@ install -o root -g root -m 0440 debian/README \ debian/sudo-ldap/etc/sudoers.d/README - install -o root -g root -m 0644 debian/sudo.service \ - debian/sudo/lib/systemd/system/sudo.service - install -o root -g root -m 0644 debian/sudo.service \ - debian/sudo-ldap/lib/systemd/system/sudo.service binary-indep: build install @@ -150,8 +161,6 @@ dh_testdir dh_testroot dh_installdocs -A - dh_installinit -psudo --name=sudo - dh_installinit -psudo-ldap --name=sudo-ldap dh_installman -A dh_installinfo -A dh_installchangelogs ChangeLog diff -Nru sudo-1.8.20p2/debian/source_sudo.py sudo-1.8.20p2/debian/source_sudo.py --- sudo-1.8.20p2/debian/source_sudo.py 1970-01-01 01:00:00.000000000 +0100 +++ sudo-1.8.20p2/debian/source_sudo.py 2017-01-13 23:49:24.000000000 +0100 @@ -0,0 +1,33 @@ +#!/usr/bin/python + +'''Apport package hook for sudo + +(c) 2010 Canonical Ltd. +Contributors: +Marc Deslauriers + +This program is free software; you can redistribute it and/or modify it +under the terms of the GNU General Public License as published by the +Free Software Foundation; either version 2 of the License, or (at your +option) any later version. See http://www.gnu.org/copyleft/gpl.html for +the full text of the license. +''' + +from apport.hookutils import * + +def add_info(report, ui): + + response = ui.yesno("The contents of your /etc/sudoers file may help developers diagnose your bug more quickly, however, it may contain sensitive information. Do you want to include it in your bug report?") + + if response == None: #user cancelled + raise StopIteration + + elif response == True: + # This needs to be run as root + report['Sudoers'] = root_command_output(['/bin/cat', '/etc/sudoers']) + report['VisudoCheck'] = root_command_output(['/usr/sbin/visudo', '-c']) + + elif response == False: + ui.information("The contents of your /etc/sudoers will NOT be included in the bug report.") + + diff -Nru sudo-1.8.20p2/debian/sudo.dirs sudo-1.8.20p2/debian/sudo.dirs --- sudo-1.8.20p2/debian/sudo.dirs 2017-06-08 19:57:02.000000000 +0200 +++ sudo-1.8.20p2/debian/sudo.dirs 2017-06-09 00:18:14.000000000 +0200 @@ -7,3 +7,4 @@ usr/sbin usr/share/doc/sudo usr/share/lintian/overrides +usr/share/apport/package-hooks diff -Nru sudo-1.8.20p2/debian/sudoers sudo-1.8.20p2/debian/sudoers --- sudo-1.8.20p2/debian/sudoers 2017-06-08 19:57:02.000000000 +0200 +++ sudo-1.8.20p2/debian/sudoers 2017-06-09 00:18:14.000000000 +0200 @@ -8,7 +8,7 @@ # Defaults env_reset Defaults mail_badpass -Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" +Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin" # Host alias specification @@ -19,6 +19,9 @@ # User privilege specification root ALL=(ALL:ALL) ALL +# Members of the admin group may gain root privileges +%admin ALL=(ALL) ALL + # Allow members of group sudo to execute any command %sudo ALL=(ALL:ALL) ALL diff -Nru sudo-1.8.20p2/debian/sudo-ldap.dirs sudo-1.8.20p2/debian/sudo-ldap.dirs --- sudo-1.8.20p2/debian/sudo-ldap.dirs 2017-06-08 19:57:02.000000000 +0200 +++ sudo-1.8.20p2/debian/sudo-ldap.dirs 2017-06-09 00:18:15.000000000 +0200 @@ -7,3 +7,4 @@ usr/sbin usr/share/doc/sudo-ldap usr/share/lintian/overrides +usr/share/apport/package-hooks diff -Nru sudo-1.8.20p2/debian/sudo-ldap.postinst sudo-1.8.20p2/debian/sudo-ldap.postinst --- sudo-1.8.20p2/debian/sudo-ldap.postinst 2017-06-08 19:57:02.000000000 +0200 +++ sudo-1.8.20p2/debian/sudo-ldap.postinst 2017-06-09 00:18:14.000000000 +0200 @@ -19,14 +19,6 @@ echo "sudoers: files ldap" >> /etc/nsswitch.conf fi -# handle state directory transition from /var/run/sudo to /var/lib/sudo, -# moving any existing content over to avoid re-lecturing existing users -if [ -d "/var/run/sudo" ];then - mkdir -p /var/lib/sudo - (cd /var/run/sudo ; tar cf - .) | (cd /var/lib/sudo ; tar xf -) - rm -rf /var/run/sudo -fi - # make sure sudoers has the correct permissions and owner/group if [ -f /etc/sudoers ];then chown root:root /etc/sudoers @@ -42,6 +34,12 @@ # if we've gotten this far .. remove the saved, unchanged old sudoers file rm -f /etc/sudoers.pre-conffile +# remove the old init script +dpkg-maintscript-helper rm_conffile /etc/init.d/sudo 1.8.12-1ubuntu2~ sudo-ldap -- "$@" + +# remove the old timestamp directory +rm -rf /var/lib/sudo/ts + # make sure we have a sudo group [ -n "`getent group sudo`" ] && exit 0 # we're finished if there is a group sudo: diff -Nru sudo-1.8.20p2/debian/sudo-ldap.postrm sudo-1.8.20p2/debian/sudo-ldap.postrm --- sudo-1.8.20p2/debian/sudo-ldap.postrm 2017-06-08 19:57:02.000000000 +0200 +++ sudo-1.8.20p2/debian/sudo-ldap.postrm 2017-06-09 00:18:15.000000000 +0200 @@ -27,4 +27,7 @@ sed -i /^sudoers:/d /etc/nsswitch.conf fi +# remove the old init script +dpkg-maintscript-helper rm_conffile /etc/init.d/sudo 1.8.12-1ubuntu2~ sudo-ldap -- "$@" + #DEBHELPER# diff -Nru sudo-1.8.20p2/debian/sudo-ldap.preinst sudo-1.8.20p2/debian/sudo-ldap.preinst --- sudo-1.8.20p2/debian/sudo-ldap.preinst 2017-06-08 19:57:02.000000000 +0200 +++ sudo-1.8.20p2/debian/sudo-ldap.preinst 2017-06-09 00:18:15.000000000 +0200 @@ -19,4 +19,7 @@ ;; esac +# remove the old init script +dpkg-maintscript-helper rm_conffile /etc/init.d/sudo 1.8.12-1ubuntu2~ sudo-ldap -- "$@" + #DEBHELPER# diff -Nru sudo-1.8.20p2/debian/sudo.pam sudo-1.8.20p2/debian/sudo.pam --- sudo-1.8.20p2/debian/sudo.pam 2017-06-08 19:57:02.000000000 +0200 +++ sudo-1.8.20p2/debian/sudo.pam 2017-06-09 00:18:14.000000000 +0200 @@ -1,5 +1,7 @@ #%PAM-1.0 +session required pam_env.so readenv=1 user_readenv=0 +session required pam_env.so readenv=1 envfile=/etc/default/locale user_readenv=0 @include common-auth @include common-account @include common-session-noninteractive diff -Nru sudo-1.8.20p2/debian/sudo.postinst sudo-1.8.20p2/debian/sudo.postinst --- sudo-1.8.20p2/debian/sudo.postinst 2017-06-08 19:57:02.000000000 +0200 +++ sudo-1.8.20p2/debian/sudo.postinst 2017-06-09 00:18:14.000000000 +0200 @@ -13,14 +13,6 @@ echo "WARNING: /etc/sudoers not present!"; fi -# handle state directory transition from /var/run/sudo to /var/lib/sudo, -# moving any existing content over to avoid re-lecturing existing users -if [ -d "/var/run/sudo" ];then - mkdir -p /var/lib/sudo - (cd /var/run/sudo ; tar cf - .) | (cd /var/lib/sudo ; tar xf -) - rm -rf /var/run/sudo -fi - # make sure sudoers has the correct permissions and owner/group if [ -f /etc/sudoers ];then chown root:root /etc/sudoers @@ -30,6 +22,12 @@ # if we've gotten this far .. remove the saved, unchanged old sudoers file rm -f /etc/sudoers.pre-conffile +# remove the old init script +dpkg-maintscript-helper rm_conffile /etc/init.d/sudo 1.8.12-1ubuntu2~ sudo -- "$@" + +# remove the old timestamp directory +rm -rf /var/lib/sudo/ts + # make sure we have a sudo group [ -n "`getent group sudo`" ] && exit 0 # we're finished if there is a group sudo: diff -Nru sudo-1.8.20p2/debian/sudo.postrm sudo-1.8.20p2/debian/sudo.postrm --- sudo-1.8.20p2/debian/sudo.postrm 2017-06-08 19:57:02.000000000 +0200 +++ sudo-1.8.20p2/debian/sudo.postrm 2017-06-09 00:18:15.000000000 +0200 @@ -20,4 +20,7 @@ ;; esac +# remove the old init script +dpkg-maintscript-helper rm_conffile /etc/init.d/sudo 1.8.12-1ubuntu2~ sudo -- "$@" + #DEBHELPER# diff -Nru sudo-1.8.20p2/debian/sudo.preinst sudo-1.8.20p2/debian/sudo.preinst --- sudo-1.8.20p2/debian/sudo.preinst 2017-06-08 19:57:02.000000000 +0200 +++ sudo-1.8.20p2/debian/sudo.preinst 2017-06-09 00:18:14.000000000 +0200 @@ -19,4 +19,7 @@ ;; esac +# remove the old init script +dpkg-maintscript-helper rm_conffile /etc/init.d/sudo 1.8.12-1ubuntu2~ sudo -- "$@" + #DEBHELPER# diff -Nru sudo-1.8.20p2/debian/sudo_root.8 sudo-1.8.20p2/debian/sudo_root.8 --- sudo-1.8.20p2/debian/sudo_root.8 1970-01-01 01:00:00.000000000 +0100 +++ sudo-1.8.20p2/debian/sudo_root.8 2017-01-13 23:49:24.000000000 +0100 @@ -0,0 +1,138 @@ +.TH sudo_root 8 "February 8, 2006" + +.SH NAME +sudo_root \- How to run administrative commands + +.SH SYNOPSIS + +.B sudo +.I command + +.B sudo \-i + +.SH INTRODUCTION + +By default, the password for the user "root" (the system +administrator) is locked. This means you cannot login as root or use +su. Instead, the installer will set up sudo to allow the user that is +created during install to run all administrative commands. + +This means that in the terminal you can use sudo for commands that +require root privileges. All programs in the menu will use a graphical +sudo to prompt for a password. When sudo asks for a password, it needs +.B your password, +this means that a root password is not needed. + +To run a command which requires root privileges in a terminal, simply +prepend +.B sudo +in front of it. To get an interactive root shell, use +.B sudo \-i\fR. + +.SH ALLOWING OTHER USERS TO RUN SUDO + +By default, only the user who installed the system is permitted to run +sudo. To add more administrators, i. e. users who can run sudo, you +have to add these users to the group 'sudo' by doing one of the +following steps: + +.IP * 2 +In a shell, do + +.RS 4 +.B sudo adduser +.I username +.B sudo +.RE + +.IP * 2 +Use the graphical "Users & Groups" program in the "System settings" +menu to add the new user to the +.B sudo +group. + +.SH BENEFITS OF USING SUDO + +The benefits of leaving root disabled by default include the following: + +.IP * 2 +Users do not have to remember an extra password, which they are likely to forget. +.IP * 2 +The installer is able to ask fewer questions. +.IP * 2 +It avoids the "I can do anything" interactive login by default \- you +will be prompted for a password before major changes can happen, which +should make you think about the consequences of what you are doing. +.IP * 2 +Sudo adds a log entry of the command(s) run (in \fB/var/log/auth.log\fR). +.IP * 2 +Every attacker trying to brute\-force their way into your box will +know it has an account named root and will try that first. What they +do not know is what the usernames of your other users are. +.IP * 2 +Allows easy transfer for admin rights, in a short term or long term +period, by adding and removing users from the sudo group, while not +compromising the root account. +.IP * 2 +sudo can be set up with a much more fine\-grained security policy. +.IP * 2 +On systems with more than one administrator using sudo avoids sharing +a password amongst them. + +.SH DOWNSIDES OF USING SUDO + +Although for desktops the benefits of using sudo are great, there are +possible issues which need to be noted: + +.IP * 2 +Redirecting the output of commands run with sudo can be confusing at +first. For instance consider + +.RS 4 +.B sudo ls > /root/somefile +.RE + +.RS 2 +will not work since it is the shell that tries to write to that file. You can use +.RE + +.RS 4 +.B ls | sudo tee /root/somefile +.RE + +.RS 2 +to get the behaviour you want. +.RE + +.IP * 2 +In a lot of office environments the ONLY local user on a system is +root. All other users are imported using NSS techniques such as +nss\-ldap. To setup a workstation, or fix it, in the case of a network +failure where nss\-ldap is broken, root is required. This tends to +leave the system unusable. An extra local user, or an enabled root +password is needed here. + +.SH GOING BACK TO A TRADITIONAL ROOT ACCOUNT + +.B This is not recommended! + +To enable the root account (i.e. set a password) use: + +.RS 4 +.B sudo passwd root +.RE + +Afterwards, edit the sudo configuration with +.B sudo visudo +and comment out the line + +.RS 4 +%sudo ALL=(ALL) ALL +.RE + +to disable sudo access to members of the sudo group. + +.SH SEE ALSO +.BR sudo (8), +.B https://wiki.ubuntu.com/RootSudo +