| Message ID | 20210917201355.3478930-1-adolf.belka@ipfire.org |
|---|---|
| State | Superseded |
| Headers |
Return-Path: <development-bounces@lists.ipfire.org> Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4HB4sp748xz3xW7 for <patchwork@web04.haj.ipfire.org>; Fri, 17 Sep 2021 20:14:06 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail02.haj.ipfire.org", Issuer "R3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4HB4sn0fL7z1VG; Fri, 17 Sep 2021 20:14:05 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4HB4sm6RfDz30n7; Fri, 17 Sep 2021 20:14:04 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4HB4sl3wRrz2xZP for <development@lists.ipfire.org>; Fri, 17 Sep 2021 20:14:03 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4HB4sk1pMyz1Tl; Fri, 17 Sep 2021 20:14:02 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1631909642; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=Y7oGnLqpCWdL7xCQGC1vjMoO4MX77qEr0iQL3WZRvmU=; b=fDTTXD2vqS46NZFMRBwFc42DK5mSvbIFDBYacTRya+tAIA8SejyA2OSksB/teepxfSOsQ2 GDBA0axvlmTflLAA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1631909642; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=Y7oGnLqpCWdL7xCQGC1vjMoO4MX77qEr0iQL3WZRvmU=; b=m1QsZYnFPZNQRd2B1sQjzL8RTVgkPkiL8qm3sWAvD1QF0yT3a8wUUUiHw+HpAjOEbb9SLB XZAka1aTMpSDgo9oChFYcnGFsiDlLYCOCnRk8hHLNiCjAhraSy2CIIlD7zs84xrKw2d8PX 6fXx/jxc/md1XveW6nPxoxdMbsydRqzwp7nPESMmq478RsValKfeWRQ1GnVzbk/06TvHo2 I7ENOszCGva8s3b4ZeH4+cMjA99M4mzb/QL78Z13/ZX/tkPTKbGYyteVSAFJujaGMljKAx PshBw3C4DNQcc5hO2OyCwL6tnCg0T1CwHv+WcTc6OaB3iZ2WuMFCrhvb5vVPDQ== From: Adolf Belka <adolf.belka@ipfire.org> To: development@lists.ipfire.org Subject: [PATCH] sudo: Update to version 1.9.8p1 Date: Fri, 17 Sep 2021 22:13:55 +0200 Message-Id: <20210917201355.3478930-1-adolf.belka@ipfire.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFire development talk <development.lists.ipfire.org> List-Unsubscribe: <https://lists.ipfire.org/mailman/options/development>, <mailto:development-request@lists.ipfire.org?subject=unsubscribe> List-Archive: <http://lists.ipfire.org/pipermail/development/> List-Post: <mailto:development@lists.ipfire.org> List-Help: <mailto:development-request@lists.ipfire.org?subject=help> List-Subscribe: <https://lists.ipfire.org/mailman/listinfo/development>, <mailto:development-request@lists.ipfire.org?subject=subscribe> Errors-To: development-bounces@lists.ipfire.org Sender: "Development" <development-bounces@lists.ipfire.org> |
| Series |
sudo: Update to version 1.9.8p1
|
|
Commit Message
Adolf Belka
Sept. 17, 2021, 8:13 p.m. UTC
- Update from 1.9.7p2 to 1.9.8p1
- Update rootfile
- Changelog
Major changes between version 1.9.8 and 1.9.8p1:
Fixed support for passing a prompt (sudo -p) or a login class (sudo -c) on the
command line. This is a regression introduced in sudo 1.9.8. Bug #993.
Fixed a crash with sudo ALL rules in the LDAP and SSSD back-ends. This is a
regression introduced in sudo 1.9.8. Bug #994.
Fixed a compilation error when the --enable-static-sudoers configure option was
specified. This is a regression introduced in sudo 1.9.8 caused by a symbol clash
with the intercept and log server protobuf functions.
Major changes between version 1.9.7p2 and 1.9.8:
It is now possible to transparently intercepting sub-commands executed by the
original command run via sudo. Intercept support is implemented using LD_PRELOAD
(or the equivalent supported by the system) and so has some limitations. The two
main limitations are that only dynamic executables are supported and only the
execl, execle, execlp, execv, execve, execvp, and execvpe library functions are
currently intercepted. Its main use case is to support restricting privileged
shells run via sudo.
To support this, there is a new intercept Defaults setting and an INTERCEPT command
tag that can be used in sudoers. For example:
Cmnd_Alias SHELLS=/bin/bash, /bin/sh, /bin/csh, /bin/ksh, /bin/zsh
Defaults!SHELLS intercept
would cause sudo to run the listed shells in intercept mode. This can also be set
on a per-rule basis. For example:
Cmnd_Alias SHELLS=/bin/bash, /bin/sh, /bin/csh, /bin/ksh, /bin/zsh
chuck ALL = INTERCEPT: SHELLS
would only apply intercept mode to user chuck when running one of the listed shells.
In intercept mode, sudo will not prompt for a password before running a sub-command
and will not allow a set-user-ID or set-group-ID program to be run by default. The
new intercept_authenticate and sudoers settings can be used to change this behavior.
The new log_subcmds sudoers setting can be used to log commands run in a privileged
shell. It uses the same mechanism as the intercept support described above and has
the same limitations.
Support for logging sudo_logsrvd errors via syslog or to a file. Previously, most
sudo_logsrvd errors were only visible in the debug log.
Better diagnostics when there is a TLS certificate validation error.
Using the += or -= operators in a Defaults setting that takes a string, not a list,
now produces a warning from sudo and a syntax error from inside visudo.
Fixed a bug where the iolog_mode setting in sudoers and sudo_logsrvd had no effect
when creating I/O log parent directories if the I/O log file name ended with the
string XXXXXX.
Fixed a bug in the sudoers custom prompt code where the size parameter that was
passed to the strlcpy() function was incorrect. No overflow was possible since the
correct amount of memory was already pre-allocated.
The mksigname and mksiglist helper programs are now built with the host compiler,
not the target compiler, when cross-compiling. Bug #989.
Fixed compilation error when the --enable-static-sudoers configure option was
specified. This was due to a typo introduced in sudo 1.9.7. GitHub PR #113
For more details of the changes then view the ChangeLog file in the source tarball
or at https://www.sudo.ws/changes.html
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
---
config/rootfiles/common/sudo | 2 ++
lfs/sudo | 4 ++--
2 files changed, 4 insertions(+), 2 deletions(-)
Comments
Acked-by: Peter Müller <peter.mueller@ipfire.org> > - Update from 1.9.7p2 to 1.9.8p1 > - Update rootfile > - Changelog > Major changes between version 1.9.8 and 1.9.8p1: > Fixed support for passing a prompt (sudo -p) or a login class (sudo -c) on the > command line. This is a regression introduced in sudo 1.9.8. Bug #993. > Fixed a crash with sudo ALL rules in the LDAP and SSSD back-ends. This is a > regression introduced in sudo 1.9.8. Bug #994. > Fixed a compilation error when the --enable-static-sudoers configure option was > specified. This is a regression introduced in sudo 1.9.8 caused by a symbol clash > with the intercept and log server protobuf functions. > Major changes between version 1.9.7p2 and 1.9.8: > It is now possible to transparently intercepting sub-commands executed by the > original command run via sudo. Intercept support is implemented using LD_PRELOAD > (or the equivalent supported by the system) and so has some limitations. The two > main limitations are that only dynamic executables are supported and only the > execl, execle, execlp, execv, execve, execvp, and execvpe library functions are > currently intercepted. Its main use case is to support restricting privileged > shells run via sudo. > To support this, there is a new intercept Defaults setting and an INTERCEPT command > tag that can be used in sudoers. For example: > Cmnd_Alias SHELLS=/bin/bash, /bin/sh, /bin/csh, /bin/ksh, /bin/zsh > Defaults!SHELLS intercept > would cause sudo to run the listed shells in intercept mode. This can also be set > on a per-rule basis. For example: > Cmnd_Alias SHELLS=/bin/bash, /bin/sh, /bin/csh, /bin/ksh, /bin/zsh > chuck ALL = INTERCEPT: SHELLS > would only apply intercept mode to user chuck when running one of the listed shells. > In intercept mode, sudo will not prompt for a password before running a sub-command > and will not allow a set-user-ID or set-group-ID program to be run by default. The > new intercept_authenticate and sudoers settings can be used to change this behavior. > The new log_subcmds sudoers setting can be used to log commands run in a privileged > shell. It uses the same mechanism as the intercept support described above and has > the same limitations. > Support for logging sudo_logsrvd errors via syslog or to a file. Previously, most > sudo_logsrvd errors were only visible in the debug log. > Better diagnostics when there is a TLS certificate validation error. > Using the += or -= operators in a Defaults setting that takes a string, not a list, > now produces a warning from sudo and a syntax error from inside visudo. > Fixed a bug where the iolog_mode setting in sudoers and sudo_logsrvd had no effect > when creating I/O log parent directories if the I/O log file name ended with the > string XXXXXX. > Fixed a bug in the sudoers custom prompt code where the size parameter that was > passed to the strlcpy() function was incorrect. No overflow was possible since the > correct amount of memory was already pre-allocated. > The mksigname and mksiglist helper programs are now built with the host compiler, > not the target compiler, when cross-compiling. Bug #989. > Fixed compilation error when the --enable-static-sudoers configure option was > specified. This was due to a typo introduced in sudo 1.9.7. GitHub PR #113 > For more details of the changes then view the ChangeLog file in the source tarball > or at https://www.sudo.ws/changes.html > > Signed-off-by: Adolf Belka <adolf.belka@ipfire.org> > --- > config/rootfiles/common/sudo | 2 ++ > lfs/sudo | 4 ++-- > 2 files changed, 4 insertions(+), 2 deletions(-) > > diff --git a/config/rootfiles/common/sudo b/config/rootfiles/common/sudo > index babdcb484..80e83efa4 100644 > --- a/config/rootfiles/common/sudo > +++ b/config/rootfiles/common/sudo > @@ -18,6 +18,8 @@ usr/lib/sudo/group_file.so > usr/lib/sudo/libsudo_util.so.0.0.0 > #usr/lib/sudo/sample_approval.la > usr/lib/sudo/sample_approval.so > +#usr/lib/sudo/sudo_intercept.la > +usr/lib/sudo/sudo_intercept.so > #usr/lib/sudo/sudo_noexec.la > usr/lib/sudo/sudo_noexec.so > #usr/lib/sudo/sudoers.la > diff --git a/lfs/sudo b/lfs/sudo > index a74c34e7e..9fabdfd52 100644 > --- a/lfs/sudo > +++ b/lfs/sudo > @@ -24,7 +24,7 @@ > > include Config > > -VER = 1.9.7p2 > +VER = 1.9.8p1 > > THISAPP = sudo-$(VER) > DL_FILE = $(THISAPP).tar.gz > @@ -40,7 +40,7 @@ objects = $(DL_FILE) > > $(DL_FILE) = $(DL_FROM)/$(DL_FILE) > > -$(DL_FILE)_MD5 = d6f8217bfd16649236e100c49e0a7cc4 > +$(DL_FILE)_MD5 = ae9c8b32268f27d05bcdcb8f0c04d461 > > install : $(TARGET) > >
diff --git a/config/rootfiles/common/sudo b/config/rootfiles/common/sudo index babdcb484..80e83efa4 100644 --- a/config/rootfiles/common/sudo +++ b/config/rootfiles/common/sudo @@ -18,6 +18,8 @@ usr/lib/sudo/group_file.so usr/lib/sudo/libsudo_util.so.0.0.0 #usr/lib/sudo/sample_approval.la usr/lib/sudo/sample_approval.so +#usr/lib/sudo/sudo_intercept.la +usr/lib/sudo/sudo_intercept.so #usr/lib/sudo/sudo_noexec.la usr/lib/sudo/sudo_noexec.so #usr/lib/sudo/sudoers.la diff --git a/lfs/sudo b/lfs/sudo index a74c34e7e..9fabdfd52 100644 --- a/lfs/sudo +++ b/lfs/sudo @@ -24,7 +24,7 @@ include Config -VER = 1.9.7p2 +VER = 1.9.8p1 THISAPP = sudo-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = d6f8217bfd16649236e100c49e0a7cc4 +$(DL_FILE)_MD5 = ae9c8b32268f27d05bcdcb8f0c04d461 install : $(TARGET)