This patch will upgrade Sudo version 1.8.10 patchlevel 2 to Sudo version 1.8.10 patchlevel 3. To apply: $ cd sudo-1.8.10p2 $ patch -p1 < sudo-1.8.10p3.patch diff -urNa sudo-1.8.10p2/ChangeLog sudo-1.8.10p3/ChangeLog --- sudo-1.8.10p2/ChangeLog Mon Mar 17 08:11:40 2014 +++ sudo-1.8.10p3/ChangeLog Tue May 6 19:34:27 2014 @@ -1,3 +1,70 @@ +2014-05-06 Todd C. Miller + + * compat/getgrouplist.c, plugins/group_file/group_file.c, + plugins/system_group/system_group.c: + deal with NULL gr_mem here too + [0db43ed71001] + + * NEWS, configure, configure.ac: + Sudo 1.8.10p3 + [3f415a180023] + +2014-05-02 Todd C. Miller + + * common/event.c: + Fix non-blocking mode. We only want to exit the event loop when + poll() or select() returns 0 and there are no active events. This + fixes a problem on some systems where the last buffer was not being + written when the command exited. + [deb6b1a7b241] + +2014-04-28 Todd C. Miller + + * plugins/sudoers/boottime.c, plugins/sudoers/sudoers.h: + Make get_boottime() return bool. + [9ff15a995d01] + + * doc/CONTRIBUTORS, plugins/sudoers/boottime.c: + Fix fd leak on Linux when determing boot time. This is usually + masked by the closefrom() call in sudo. From Jamie Anderson. Bug + #645 + [0b4c430e8b88] + +2014-04-15 Todd C. Miller + + * doc/CONTRIBUTORS, plugins/sudoers/auth/pam.c: + Use PAM_REINITIALIZE_CRED instead of PAM_ESTABLISH_CRED when + changing the user. This is the correct flag to use with a program + that changes the uid like su or sudo and fixes a role problem on + Solaris. From Gary Winiger; Bug #642 + [ec23c3bf41bb] + + * plugins/sudoers/defaults.c: + pam_setcred should default to true; from Gary Winiger Bug #642 + [23e6628ec546] + +2014-04-09 Todd C. Miller + + * MANIFEST, plugins/sudoers/match.c, + plugins/sudoers/regress/testsudoers/test6.out.ok, + plugins/sudoers/regress/testsudoers/test6.sh, + plugins/sudoers/regress/testsudoers/test7.out.ok, + plugins/sudoers/regress/testsudoers/test7.sh: + Fix matching of uids and gids broken in sudo 1.8.9. + [315eff4add59] + + * plugins/sudoers/testsudoers.c: + Fix -P option in usage() + [50753b6222b7] + +2014-03-19 Todd C. Miller + + * plugins/sudoers/check.c, plugins/sudoers/prompt.c, + plugins/sudoers/sudoers.h: + Fix expansion of %p in the prompt for "sudo -l" when rootpw, runaspw + or targetpw is set. Bug #639 + [dff0208d1194] + 2014-03-17 Todd C. Miller * NEWS, configure, configure.ac: diff -urNa sudo-1.8.10p2/MANIFEST sudo-1.8.10p3/MANIFEST --- sudo-1.8.10p2/MANIFEST Thu Mar 13 15:18:40 2014 +++ sudo-1.8.10p3/MANIFEST Mon May 5 14:35:14 2014 @@ -364,6 +364,10 @@ plugins/sudoers/regress/testsudoers/test4.sh plugins/sudoers/regress/testsudoers/test5.out.ok plugins/sudoers/regress/testsudoers/test5.sh +plugins/sudoers/regress/testsudoers/test6.out.ok +plugins/sudoers/regress/testsudoers/test6.sh +plugins/sudoers/regress/testsudoers/test7.out.ok +plugins/sudoers/regress/testsudoers/test7.sh plugins/sudoers/regress/visudo/test1.out.ok plugins/sudoers/regress/visudo/test1.sh plugins/sudoers/regress/visudo/test2.err.ok diff -urNa sudo-1.8.10p2/NEWS sudo-1.8.10p3/NEWS --- sudo-1.8.10p2/NEWS Mon Mar 17 08:10:25 2014 +++ sudo-1.8.10p3/NEWS Tue May 6 18:11:45 2014 @@ -1,3 +1,23 @@ +What's new in Sudo 1.8.10p3? + + * Fixed expansion of %p in the prompt for "sudo -l" when rootpw, + runaspw or targetpw is set. Bug #639 + + * Fixed matching of uids and gids which was broken in version 1.8.9. + Bug #640 + + * PAM credential initialization has been re-enabled. It was + unintentionally disabled by default in version 1.8.8. The way + credentials are initialized has also been fixed. Bug #642. + + * Fixed a descriptor leak on Linux when determing boot time. Sudo + normally closes extra descriptors before running a command so + the impact is limited. Bug #645 + + * Fixed flushing of the last buffer of data when I/O logging is + enabled. This bug, introduced in version 1.8.9, could cause + incomplete command output on some systems. Bug #646 + What's new in Sudo 1.8.10p2? * Fixed a hang introduced in sudo 1.8.10 when timestamp_timeout diff -urNa sudo-1.8.10p2/common/event.c sudo-1.8.10p3/common/event.c --- sudo-1.8.10p2/common/event.c Fri Mar 7 14:51:19 2014 +++ sudo-1.8.10p3/common/event.c Mon May 5 14:35:27 2014 @@ -286,6 +286,11 @@ TAILQ_INSERT_TAIL(&base->active, ev, active_entries); SET(ev->flags, SUDO_EVQ_ACTIVE); } + if (ISSET(flags, SUDO_EVLOOP_NONBLOCK)) { + /* If nonblocking, return immediately if no active events. */ + if (TAILQ_EMPTY(&base->active)) + goto done; + } break; default: /* I/O events active, sudo_ev_scan_impl() already added them. */ @@ -333,7 +338,7 @@ SET(base->flags, SUDO_EVBASE_GOT_EXIT); goto done; } - if (flags & (SUDO_EVLOOP_ONCE | SUDO_EVLOOP_NONBLOCK)) + if (ISSET(flags, SUDO_EVLOOP_ONCE)) break; } done: diff -urNa sudo-1.8.10p2/compat/getgrouplist.c sudo-1.8.10p3/compat/getgrouplist.c --- sudo-1.8.10p2/compat/getgrouplist.c Fri Mar 7 14:50:56 2014 +++ sudo-1.8.10p3/compat/getgrouplist.c Tue May 6 19:33:06 2014 @@ -318,7 +318,7 @@ setgrent(); while ((grp = getgrent()) != NULL) { - if (grp->gr_gid == basegid) + if (grp->gr_gid == basegid || grp->gr_mem == NULL) continue; for (i = 0; grp->gr_mem[i] != NULL; i++) { diff -urNa sudo-1.8.10p2/configure sudo-1.8.10p3/configure --- sudo-1.8.10p2/configure Mon Mar 17 08:10:25 2014 +++ sudo-1.8.10p3/configure Tue May 6 18:11:45 2014 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for sudo 1.8.10p2. +# Generated by GNU Autoconf 2.69 for sudo 1.8.10p3. # # Report bugs to . # @@ -590,8 +590,8 @@ # Identity of this package. PACKAGE_NAME='sudo' PACKAGE_TARNAME='sudo' -PACKAGE_VERSION='1.8.10p2' -PACKAGE_STRING='sudo 1.8.10p2' +PACKAGE_VERSION='1.8.10p3' +PACKAGE_STRING='sudo 1.8.10p3' PACKAGE_BUGREPORT='http://www.sudo.ws/bugs/' PACKAGE_URL='' @@ -1505,7 +1505,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures sudo 1.8.10p2 to adapt to many kinds of systems. +\`configure' configures sudo 1.8.10p3 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1570,7 +1570,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of sudo 1.8.10p2:";; + short | recursive ) echo "Configuration of sudo 1.8.10p3:";; esac cat <<\_ACEOF @@ -1802,7 +1802,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -sudo configure 1.8.10p2 +sudo configure 1.8.10p3 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -2511,7 +2511,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by sudo $as_me 1.8.10p2, which was +It was created by sudo $as_me 1.8.10p3, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -22958,7 +22958,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by sudo $as_me 1.8.10p2, which was +This file was extended by sudo $as_me 1.8.10p3, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -23024,7 +23024,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -sudo config.status 1.8.10p2 +sudo config.status 1.8.10p3 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff -urNa sudo-1.8.10p2/configure.ac sudo-1.8.10p3/configure.ac --- sudo-1.8.10p2/configure.ac Mon Mar 17 08:10:25 2014 +++ sudo-1.8.10p3/configure.ac Tue May 6 18:11:46 2014 @@ -4,7 +4,7 @@ dnl Copyright (c) 1994-1996,1998-2014 Todd C. Miller dnl AC_PREREQ([2.59]) -AC_INIT([sudo], [1.8.10p2], [http://www.sudo.ws/bugs/], [sudo]) +AC_INIT([sudo], [1.8.10p3], [http://www.sudo.ws/bugs/], [sudo]) AC_CONFIG_HEADER([config.h pathnames.h]) AC_CONFIG_SRCDIR([src/sudo.c]) dnl diff -urNa sudo-1.8.10p2/doc/CONTRIBUTORS sudo-1.8.10p3/doc/CONTRIBUTORS --- sudo-1.8.10p2/doc/CONTRIBUTORS Fri Mar 7 14:51:19 2014 +++ sudo-1.8.10p3/doc/CONTRIBUTORS Tue May 6 18:21:22 2014 @@ -6,6 +6,7 @@ Ackeret, Matt Adler, Mark Allbery, Russ + Anderson, Jamie Andrew, Nick Andric, Dimitry Barron, Danny @@ -155,6 +156,7 @@ Webb, Kirk Wetzel, Timm Wieringen, Marco van + Winiger, Gary Wood, David Zacarias, Gustavo Zolnowsky, John diff -urNa sudo-1.8.10p2/plugins/group_file/group_file.c sudo-1.8.10p3/plugins/group_file/group_file.c --- sudo-1.8.10p2/plugins/group_file/group_file.c Fri Mar 7 14:50:56 2014 +++ sudo-1.8.10p3/plugins/group_file/group_file.c Tue May 6 19:33:06 2014 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2013 Todd C. Miller + * Copyright (c) 2010-2014 Todd C. Miller * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -121,7 +121,7 @@ char **member; grp = mygetgrnam(group); - if (grp != NULL) { + if (grp != NULL && grp->gr_mem != NULL) { for (member = grp->gr_mem; *member != NULL; member++) { if (strcasecmp(user, *member) == 0) return true; diff -urNa sudo-1.8.10p2/plugins/sudoers/auth/pam.c sudo-1.8.10p3/plugins/sudoers/auth/pam.c --- sudo-1.8.10p2/plugins/sudoers/auth/pam.c Fri Mar 7 14:50:56 2014 +++ sudo-1.8.10p3/plugins/sudoers/auth/pam.c Mon May 5 14:35:23 2014 @@ -230,7 +230,7 @@ (void) pam_set_item(pamh, PAM_USER, pw->pw_name); /* - * Set credentials (may include resource limits, device ownership, etc). + * Reinitialize credentials when changing the user. * We don't worry about a failure from pam_setcred() since with * stacked PAM auth modules a failure from one module may override * PAM_SUCCESS from another. For example, given a non-local user, @@ -238,7 +238,7 @@ * pam_unix is first in the stack, pam_setcred() will fail. */ if (def_pam_setcred) - (void) pam_setcred(pamh, PAM_ESTABLISH_CRED); + (void) pam_setcred(pamh, PAM_REINITIALIZE_CRED); if (def_pam_session) { *pam_status = pam_open_session(pamh, 0); diff -urNa sudo-1.8.10p2/plugins/sudoers/boottime.c sudo-1.8.10p3/plugins/sudoers/boottime.c --- sudo-1.8.10p2/plugins/sudoers/boottime.c Fri Mar 7 14:51:19 2014 +++ sudo-1.8.10p3/plugins/sudoers/boottime.c Tue May 6 18:26:16 2014 @@ -28,6 +28,11 @@ # include # endif #endif /* STDC_HEADERS */ +#ifdef HAVE_STDBOOL_H +# include +#else +# include "compat/stdbool.h" +#endif /* HAVE_STDBOOL_H */ #ifdef HAVE_STRING_H # if defined(HAVE_MEMORY_H) && !defined(STDC_HEADERS) # include @@ -60,13 +65,14 @@ */ #if defined(__linux__) -int +bool get_boottime(struct timeval *tv) { char *ep, *line = NULL; size_t linesize = 0; + bool found = false; ssize_t len; - FILE * fp; + FILE *fp; debug_decl(get_boottime, SUDO_DEBUG_UTIL) /* read btime from /proc/stat */ @@ -78,7 +84,8 @@ if (llval > 0) { tv->tv_sec = (time_t)llval; tv->tv_usec = 0; - debug_return_bool(1); + found = true; + break; } } } @@ -86,12 +93,12 @@ free(line); } - debug_return_bool(0); + debug_return_bool(found); } #elif defined(HAVE_SYSCTL) && defined(KERN_BOOTTIME) -int +bool get_boottime(struct timeval *tv) { size_t size; @@ -102,9 +109,9 @@ mib[1] = KERN_BOOTTIME; size = sizeof(*tv); if (sysctl(mib, 2, tv, &size, NULL, 0) != -1) - debug_return_bool(1); + debug_return_bool(true); - debug_return_bool(0); + debug_return_bool(false); } #elif defined(HAVE_GETUTXID) @@ -151,6 +158,6 @@ get_boottime(struct timeval *tv) { debug_decl(get_boottime, SUDO_DEBUG_UTIL) - debug_return_bool(0); + debug_return_bool(false); } #endif diff -urNa sudo-1.8.10p2/plugins/sudoers/check.c sudo-1.8.10p3/plugins/sudoers/check.c --- sudo-1.8.10p2/plugins/sudoers/check.c Fri Mar 7 14:51:21 2014 +++ sudo-1.8.10p3/plugins/sudoers/check.c Mon May 5 14:35:05 2014 @@ -93,7 +93,7 @@ /* Expand any escapes in the prompt. */ prompt = expand_prompt(user_prompt ? user_prompt : def_passprompt, - user_name, user_shost); + auth_pw->pw_name); rval = verify_user(auth_pw, prompt, validated); if (rval == true && lectured) diff -urNa sudo-1.8.10p2/plugins/sudoers/defaults.c sudo-1.8.10p3/plugins/sudoers/defaults.c --- sudo-1.8.10p2/plugins/sudoers/defaults.c Fri Mar 7 14:51:19 2014 +++ sudo-1.8.10p3/plugins/sudoers/defaults.c Mon May 5 14:35:20 2014 @@ -489,6 +489,7 @@ #endif def_editor = estrdup(EDITOR); def_set_utmp = true; + def_pam_setcred = true; /* Finally do the lists (currently just environment tables). */ init_envtables(); diff -urNa sudo-1.8.10p2/plugins/sudoers/match.c sudo-1.8.10p3/plugins/sudoers/match.c --- sudo-1.8.10p2/plugins/sudoers/match.c Fri Mar 7 14:51:19 2014 +++ sudo-1.8.10p3/plugins/sudoers/match.c Mon May 5 14:35:14 2014 @@ -803,7 +803,7 @@ if (pw != NULL && *sudoers_user == '#') { uid = (uid_t) atoid(sudoers_user + 1, NULL, NULL, &errstr); - if (errstr != NULL && uid == pw->pw_uid) { + if (errstr == NULL && uid == pw->pw_uid) { rc = true; goto done; } @@ -830,7 +830,7 @@ if (*sudoers_group == '#') { gid = (gid_t) atoid(sudoers_group + 1, NULL, NULL, &errstr); - if (errstr != NULL && gid == gr->gr_gid) { + if (errstr == NULL && gid == gr->gr_gid) { rc = true; goto done; } diff -urNa sudo-1.8.10p2/plugins/sudoers/prompt.c sudo-1.8.10p3/plugins/sudoers/prompt.c --- sudo-1.8.10p2/plugins/sudoers/prompt.c Fri Mar 7 14:50:56 2014 +++ sudo-1.8.10p3/plugins/sudoers/prompt.c Mon May 5 14:35:05 2014 @@ -47,7 +47,7 @@ * allocated result. Returns the same string if there are no escapes. */ char * -expand_prompt(const char *old_prompt, const char *user, const char *host) +expand_prompt(const char *old_prompt, const char *auth_user) { size_t len, n; int subst; @@ -72,12 +72,7 @@ break; case 'p': p++; - if (def_rootpw) - len += 2; - else if (def_targetpw || def_runaspw) - len += strlen(runas_pw->pw_name) - 2; - else - len += strlen(user_name) - 2; + len += strlen(auth_user) - 2; subst = 1; break; case 'u': @@ -123,12 +118,7 @@ continue; case 'p': p++; - if (def_rootpw) - n = strlcpy(np, "root", np - endp); - else if (def_targetpw || def_runaspw) - n = strlcpy(np, runas_pw->pw_name, np - endp); - else - n = strlcpy(np, user_name, np - endp); + n = strlcpy(np, auth_user, np - endp); if (n >= (size_t)(np - endp)) goto oflow; np += n; diff -urNa sudo-1.8.10p2/plugins/sudoers/regress/testsudoers/test6.out.ok sudo-1.8.10p3/plugins/sudoers/regress/testsudoers/test6.out.ok --- sudo-1.8.10p2/plugins/sudoers/regress/testsudoers/test6.out.ok Wed Dec 31 17:00:00 1969 +++ sudo-1.8.10p3/plugins/sudoers/regress/testsudoers/test6.out.ok Mon May 5 14:35:14 2014 @@ -0,0 +1,10 @@ +Parses OK. + +Entries for user root: + +ALL = ALL + host matched + runas matched + cmnd allowed + +Command allowed diff -urNa sudo-1.8.10p2/plugins/sudoers/regress/testsudoers/test6.sh sudo-1.8.10p3/plugins/sudoers/regress/testsudoers/test6.sh --- sudo-1.8.10p2/plugins/sudoers/regress/testsudoers/test6.sh Wed Dec 31 17:00:00 1969 +++ sudo-1.8.10p3/plugins/sudoers/regress/testsudoers/test6.sh Mon May 5 14:35:14 2014 @@ -0,0 +1,11 @@ +#!/bin/sh +# +# Verify sudoers matching by uid. +# + +exec 2>&1 +./testsudoers root id <&1 +./testsudoers root id < [args]\n", getprogname()); + (void) fprintf(stderr, "usage: %s [-dt] [-G sudoers_gid] [-g group] [-h host] [-P grfile] [-p pwfile] [-U sudoers_uid] [-u user] [args]\n", getprogname()); exit(1); } diff -urNa sudo-1.8.10p2/plugins/system_group/system_group.c sudo-1.8.10p3/plugins/system_group/system_group.c --- sudo-1.8.10p2/plugins/system_group/system_group.c Fri Mar 7 14:50:56 2014 +++ sudo-1.8.10p3/plugins/system_group/system_group.c Tue May 6 19:33:06 2014 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2013 Todd C. Miller + * Copyright (c) 2010-2014 Todd C. Miller * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -140,11 +140,13 @@ grp = sysgroup_getgrgid(gid); } if (grp != NULL) { - for (member = grp->gr_mem; *member != NULL; member++) { - if (strcasecmp(user, *member) == 0) { - if (sysgroup_gr_delref) - sysgroup_gr_delref(grp); - return true; + if (grp->gr_mem != NULL) { + for (member = grp->gr_mem; *member != NULL; member++) { + if (strcasecmp(user, *member) == 0) { + if (sysgroup_gr_delref) + sysgroup_gr_delref(grp); + return true; + } } } if (sysgroup_gr_delref)