This patch will upgrade Sudo version 1.7.10 patchlevel 8 to Sudo version 1.7.10 patchlevel 9. To apply: $ cd sudo-1.7.10p8 $ patch -p1 < sudo-1.7.10p9.patch diff -urNa sudo-1.7.10p8/CONTRIBUTORS sudo-1.7.10p9/CONTRIBUTORS --- sudo-1.7.10p8/CONTRIBUTORS Sun Dec 8 11:11:12 2013 +++ sudo-1.7.10p9/CONTRIBUTORS Tue Feb 10 10:05:31 2015 @@ -6,6 +6,7 @@ Matt Ackeret Mark Adler Russ Allbery + Jamie Anderson Nick Andrew Dimitry Andric Danny Barron diff -urNa sudo-1.7.10p8/ChangeLog sudo-1.7.10p9/ChangeLog --- sudo-1.7.10p8/ChangeLog Wed Mar 5 14:10:19 2014 +++ sudo-1.7.10p9/ChangeLog Tue Feb 10 10:11:01 2015 @@ -1,8 +1,85 @@ +2015-02-10 Todd C. Miller + + * .hgtags: + Added tag SUDO_1_7_10p9 for changeset 772c68ed1580 + [764a5b003c47] [tip] <1.7> + + * sudo.pp: + Fix a packaging problem with the sudoedit man page link on Debian. + [772c68ed1580] [SUDO_1_7_10p9] <1.7> + + * sudo.pp: + Only use the first two digits of the version number. Fixes a problem + on RHEL 7 which has version numbers like 7.0.1406 + [43f6c34f8f1b] <1.7> + + * pp: + Remove duplicate Requires: line in generated rpm spec file. + [494a0a3df2f3] <1.7> + + * pp: + In pp_files_expand() set _target to be empty. Fixes a problem with + Solaris sh where simply using typeset doesn't causes the variable to + be treated as local so we can inadvertantly inherit a value from a + previous call. + [27bf77c83d4b] <1.7> + + * pp: + For rpm, do not specify a mode in %attr for symbolic links. Avoids + the warning "Explicit %attr() mode not applicaple to symlink" + [b2e92f5b8ef2] <1.7> + + * pp: + Update polypkg from trunk. + [77f1d789b356] <1.7> + +2015-02-09 Todd C. Miller + + * configure.in: + Use -fstack-protector-strong in preference to -fstack-protector-all + or -fstack-protector. + [8c1a0d87c3fb] <1.7> + + * NEWS, configure.in: + On Solaris 11 and higher, tag binaries for ASLR if supported by the + linker. + [351c860c389d] <1.7> + + * INSTALL, NEWS, TROUBLESHOOTING, aclocal.m4, configure, configure.in: + Restrict default creation of PIE binaries (-fPIE and -pie) to Linux. + OpenBSD also supports PIE but enables it by default so we don't need + to do anything. This fixes problems on systems with a version of GNU + ld that accepts -pie but where the run-time linker doesn't actually + support PIE. Also verify that a trivial PIE binary works unless PIE + is explicitly enabled. + [f8df753736ad] <1.7> + + * INSTALL, Makefile.in, NEWS, aclocal.m4, configure, configure.in, + env.c, pathnames.h.in, sudoers.cat, sudoers.man.in, sudoers.mdoc.in: + Sanity check the TZ environment variable by special casing it in + env_check. The --with-tzdir configure option can be used to specify + the zoneinfo directory if configure doesn't find it. + [33b545d19c03] <1.7> + 2014-03-05 Todd C. Miller + * mkpkg: + Update Mac SDK paths. + [ccc6a9fa73e9] <1.7> + +2014-04-28 Todd C. Miller + + * CONTRIBUTORS, boottime.c: + Fix fd leak on Linux when determing boot time. This is usually + masked by the closefrom() call in sudo. From Jamie Anderson. Bug + #645 + [6ee258610636] <1.7> + +2014-03-05 Todd C. Miller + * .hgtags: Fix up SUDO_1_7_10p8 tag. - [cc328781ad4d] [tip] <1.7> + [cc328781ad4d] <1.7> * .hgtags: Added tag SUDO_1_7_10p8 for changeset dcacf314271c @@ -6193,7 +6270,7 @@ [752eb75bf007] * sudoers.pod: - Make it clear that env_delete only works when !env_reset. From Lo??c + Make it clear that env_delete only works when !env_reset. From Loïc Minier [3bd3f8e351ba] @@ -9678,7 +9755,7 @@ * mon_systrace.c: Redo setting of user_args. We now build up a private copy of argv - first and then replace the NULs?with spaces. + first and then replace the NULs with spaces. [ccbba72ea112] * mon_systrace.c: @@ -10738,7 +10815,7 @@ [91fbaa98f02e] * toke.c, toke.l: - Cast?argument to ctype functions to unsigned char. + Cast argument to ctype functions to unsigned char. [e096b4d65796] 2005-02-08 Todd C. Miller diff -urNa sudo-1.7.10p8/INSTALL sudo-1.7.10p9/INSTALL --- sudo-1.7.10p8/INSTALL Fri Mar 1 09:08:29 2013 +++ sudo-1.7.10p9/INSTALL Tue Feb 10 10:09:58 2015 @@ -98,6 +98,16 @@ --srcdir=DIR Find the sources in DIR [configure dir or ..] + --with-tzdir=DIR + Set the directory to the system's time zone data files. This + is only used when sanitizing the TZ environment variable to + allow for fully-qualified paths in TZ. + By default, configure will look for an existing "zoneinfo" + directory in the following locations: + /usr/share /usr/share/lib /usr/lib /etc + If no zoneinfo directory is found, the TZ variable may not + contain a fully-qualified path. + Special features/options: --with-incpath=DIR Adds the specified directory (or directories) to CPPFLAGS @@ -111,6 +121,18 @@ so configure and the compiler will look there for libraries. Multiple directories may be specified as with --with-incpath. + --enable-pie + Build sudo and related programs as as a position independent + executables (PIE). This improves the effectiveness of address + space layout randomization (ASLR) on systems that support it. + Sudo will create PIE binaries by default on Linux systems. + + --disable-pie + Disable the creation of position independent executables (PIE), + even if the compiler creates PIE binaries by default. This + option may be needed on some Linux systems where PIE binaries + are not fully supported. + --with-rpath Tells configure to use -Rpath in addition to -Lpath when passing library paths to the loader. This option is on @@ -646,11 +668,6 @@ which are enabled by default. This includes compiling with _FORTIFY_SOURCE defined to 2, building with -fstack-protector and linking with -zrelro, where supported. - - --disable-pie - Disable the creation of position independent executables (PIE) - even when the compiler and linker support them. - By default, sudo will be built as a PIE where possible. --enable-admin-flag Enable the creation of an Ubuntu-style admin flag file diff -urNa sudo-1.7.10p8/Makefile.in sudo-1.7.10p9/Makefile.in --- sudo-1.7.10p8/Makefile.in Fri Mar 1 09:08:29 2013 +++ sudo-1.7.10p9/Makefile.in Tue Feb 10 10:09:58 2015 @@ -547,7 +547,7 @@ $(srcdir)/sudo.cat: varsub $(srcdir)/sudo.mdoc.in @if [ -n "$(DEVEL)" ]; then \ echo "Generating $@"; \ - $(SED) -f varsub $(srcdir)/sudo.mdoc.in | $(MANDOC) -mdoc | $(SED) -e 's/ OpenBSD \([^ ].* \)/ \1 /' -e 's/(5)/(4)/g' -e 's/(8)/(1m)/g' > $@; \ + $(SED) -f varsub $(srcdir)/sudo.mdoc.in | $(MANDOC) -Tascii -mdoc | $(SED) -e 's/ OpenBSD \([^ ].* \)/ \1 /' -e 's/(5)/(4)/g' -e 's/(8)/(1m)/g' > $@; \ fi sudo.cat: $(srcdir)/sudo.cat @@ -575,7 +575,7 @@ $(srcdir)/visudo.cat: varsub $(srcdir)/visudo.mdoc.in @if [ -n "$(DEVEL)" ]; then \ echo "Generating $@"; \ - $(SED) -f varsub $(srcdir)/visudo.mdoc.in | $(MANDOC) -mdoc | $(SED) -e 's/ OpenBSD \([^ ].* \)/ \1 /' -e 's/(5)/(4)/g' -e 's/(8)/(1m)/g' > $@; \ + $(SED) -f varsub $(srcdir)/visudo.mdoc.in | $(MANDOC) -Tascii -mdoc | $(SED) -e 's/ OpenBSD \([^ ].* \)/ \1 /' -e 's/(5)/(4)/g' -e 's/(8)/(1m)/g' > $@; \ fi visudo.cat: $(srcdir)/visudo.cat @@ -606,7 +606,7 @@ $(srcdir)/sudoers.cat: varsub $(srcdir)/sudoers.mdoc.in @if [ -n "$(DEVEL)" ]; then \ echo "Generating $@"; \ - $(SED) -f varsub $(srcdir)/sudoers.mdoc.in | $(MANDOC) -mdoc | $(SED) -e 's/ OpenBSD \([^ ].* \)/ \1 /' -e 's/(5)/(4)/g' -e 's/(8)/(1m)/g' > $@; \ + $(SED) -f varsub $(srcdir)/sudoers.mdoc.in | $(MANDOC) -Tascii -mdoc | $(SED) -e 's/ OpenBSD \([^ ].* \)/ \1 /' -e 's/(5)/(4)/g' -e 's/(8)/(1m)/g' > $@; \ fi sudoers.cat: $(srcdir)/sudoers.cat @@ -634,7 +634,7 @@ $(srcdir)/sudoers.ldap.cat: varsub $(srcdir)/sudoers.ldap.mdoc.in @if [ -n "$(DEVEL)" ]; then \ echo "Generating $@"; \ - $(SED) -f varsub $(srcdir)/sudoers.ldap.mdoc.in | $(MANDOC) -mdoc | $(SED) -e 's/ OpenBSD \([^ ].* \)/ \1 /' -e 's/(5)/(4)/g' -e 's/(8)/(1m)/g' > $@; \ + $(SED) -f varsub $(srcdir)/sudoers.ldap.mdoc.in | $(MANDOC) -Tascii -mdoc | $(SED) -e 's/ OpenBSD \([^ ].* \)/ \1 /' -e 's/(5)/(4)/g' -e 's/(8)/(1m)/g' > $@; \ fi sudoers.ldap.cat: $(srcdir)/sudoers.ldap.cat @@ -662,7 +662,7 @@ $(srcdir)/sudoreplay.cat: varsub $(srcdir)/sudoreplay.mdoc.in @if [ -n "$(DEVEL)" ]; then \ echo "Generating $@"; \ - $(SED) -f varsub $(srcdir)/sudoreplay.mdoc.in | $(MANDOC) -mdoc | $(SED) -e 's/ OpenBSD \([^ ].* \)/ \1 /' -e 's/(5)/(4)/g' -e 's/(8)/(1m)/g' > $@; \ + $(SED) -f varsub $(srcdir)/sudoreplay.mdoc.in | $(MANDOC) -Tascii -mdoc | $(SED) -e 's/ OpenBSD \([^ ].* \)/ \1 /' -e 's/(5)/(4)/g' -e 's/(8)/(1m)/g' > $@; \ fi sudoreplay.cat: $(srcdir)/sudoreplay.cat diff -urNa sudo-1.7.10p8/NEWS sudo-1.7.10p9/NEWS --- sudo-1.7.10p8/NEWS Wed Mar 5 06:20:18 2014 +++ sudo-1.7.10p9/NEWS Tue Feb 10 10:09:58 2015 @@ -1,3 +1,15 @@ +What's new in Sudo 1.7.10p9? + + * The TZ environment variable is now checked for safety instead + of simply being copied to the environment of the command. + + * Sudo now only builds Position Independent Executables (PIE) + by default on Linux systems and verifies that a trivial test + program builds and runs. + + * On Solaris 11.1 and higher, sudo binaries will now have the + ASLR tag enabled if supported by the linker. + What's new in Sudo 1.7.10p8? * Sudo's exit code now indicates a failure if the user does not diff -urNa sudo-1.7.10p8/TROUBLESHOOTING sudo-1.7.10p9/TROUBLESHOOTING --- sudo-1.7.10p8/TROUBLESHOOTING Fri Mar 1 09:08:29 2013 +++ sudo-1.7.10p9/TROUBLESHOOTING Tue Feb 10 10:09:58 2015 @@ -266,6 +266,15 @@ innateprivs = PV_DAC_GID,PV_DAC_O,PV_DAC_R,PV_DAC_UID,PV_DAC_W,PV_DAC_X,PV_FS_CHOWN,PV_PROC_ENV,PV_PROC_PRIO,PV_PROC_RAC secflags = FSF_EPS +Q) Sudo configures and builds without error but when I run it I get + a Segmentation fault. +A) If you are on a Linux system, the first thing to try is to run + configure with the --disable-pie option, then "make clean" and + "make". If that fixes the problem then your operating system + does not properly support position independent executables. + Please send a message to sudo@sudo.ws with system details such + as the Linux distro, kernel version and CPU architecture. + Q) How do you pronounce `sudo'? A) The official pronunciation is soo-doo (for su "do"). However, an alternate pronunciation, a homophone of "pseudo", is also common. diff -urNa sudo-1.7.10p8/aclocal.m4 sudo-1.7.10p9/aclocal.m4 --- sudo-1.7.10p8/aclocal.m4 Fri Mar 1 09:08:29 2013 +++ sudo-1.7.10p9/aclocal.m4 Tue Feb 10 10:09:58 2015 @@ -139,6 +139,26 @@ ])dnl dnl +dnl Detect time zone file directory, if any. +dnl +AC_DEFUN([SUDO_TZDIR], [AC_MSG_CHECKING(time zone data directory) +tzdir="$with_tzdir" +if test -z "$tzdir"; then + tzdir=no + for d in /usr/share /usr/share/lib /usr/lib /etc; do + if test -d "$d/zoneinfo"; then + tzdir="$d/zoneinfo" + break + fi + done +fi +AC_MSG_RESULT([$tzdir]) +if test "${tzdir}" != "no"; then + SUDO_DEFINE_UNQUOTED(_PATH_ZONEINFO, "$tzdir") +fi +])dnl + +dnl dnl check for working fnmatch(3) dnl AC_DEFUN([SUDO_FUNC_FNMATCH], @@ -151,6 +171,23 @@ rm -f core core.* *.core]) AC_MSG_RESULT($sudo_cv_func_fnmatch) AS_IF([test $sudo_cv_func_fnmatch = yes], [$1], [$2])]) + +dnl +dnl Attempt to check for working PIE support. +dnl This is a bit of a hack but on Solaris 10 with GNU ld and GNU as +dnl we can end up with strange values from malloc(). +dnl A better check would be to verify that ASLR works with PIE. +dnl +AC_DEFUN([SUDO_WORKING_PIE], +[AC_MSG_CHECKING([for working PIE support]) +AC_CACHE_VAL(sudo_cv_working_pie, +[rm -f conftestdata; > conftestdata +AC_RUN_IFELSE([AC_LANG_SOURCE([AC_INCLUDES_DEFAULT +main() { char *p = malloc(1024); if (p == NULL) return 1; memset(p, 0, 1024); return 0; }])], [sudo_cv_working_pie=yes], [sudo_cv_working_pie=no], + [sudo_cv_working_pie=no]) +rm -f core core.* *.core]) +AC_MSG_RESULT($sudo_cv_working_pie) +AS_IF([test $sudo_cv_working_pie = yes], [$1], [$2])]) dnl dnl check for isblank(3) diff -urNa sudo-1.7.10p8/boottime.c sudo-1.7.10p9/boottime.c --- sudo-1.7.10p8/boottime.c Fri Mar 1 09:08:29 2013 +++ sudo-1.7.10p9/boottime.c Tue Feb 10 10:05:31 2015 @@ -66,8 +66,9 @@ { char *line = NULL; size_t linesize = 0; + int found = 0; ssize_t len; - FILE * fp; + FILE *fp; /* read btime from /proc/stat */ fp = fopen("/proc/stat", "r"); @@ -76,14 +77,15 @@ if (strncmp(line, "btime ", 6) == 0) { tv->tv_sec = atoi(line + 6); tv->tv_usec = 0; - return 1; + found = 1; + break; } } fclose(fp); free(line); } - return 0; + return found; } #elif defined(HAVE_SYSCTL) && defined(KERN_BOOTTIME) diff -urNa sudo-1.7.10p8/configure sudo-1.7.10p9/configure --- sudo-1.7.10p8/configure Wed Mar 5 06:09:14 2014 +++ sudo-1.7.10p9/configure Tue Feb 10 10:09:58 2015 @@ -1,13 +1,11 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.68 for sudo 1.7.10p8. +# Generated by GNU Autoconf 2.69 for sudo 1.7.10p9. # # Report bugs to . # # -# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001, -# 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free Software -# Foundation, Inc. +# Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. # # # This configure script is free software; the Free Software Foundation @@ -136,6 +134,31 @@ # CDPATH. (unset CDPATH) >/dev/null 2>&1 && unset CDPATH +# Use a proper internal environment variable to ensure we don't fall + # into an infinite loop, continuously re-executing ourselves. + if test x"${_as_can_reexec}" != xno && test "x$CONFIG_SHELL" != x; then + _as_can_reexec=no; export _as_can_reexec; + # We cannot yet assume a decent shell, so we have to provide a +# neutralization value for shells without unset; and this also +# works around shells that cannot unset nonexistent variables. +# Preserve -v and -x to the replacement shell. +BASH_ENV=/dev/null +ENV=/dev/null +(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV +case $- in # (((( + *v*x* | *x*v* ) as_opts=-vx ;; + *v* ) as_opts=-v ;; + *x* ) as_opts=-x ;; + * ) as_opts= ;; +esac +exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} +# Admittedly, this is quite paranoid, since all the known shells bail +# out after a failed `exec'. +$as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 +as_fn_exit 255 + fi + # We don't want this to propagate to other subprocesses. + { _as_can_reexec=; unset _as_can_reexec;} if test "x$CONFIG_SHELL" = x; then as_bourne_compatible="if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then : emulate sh @@ -169,7 +192,8 @@ else exitcode=1; echo positional parameters were not saved. fi -test x\$exitcode = x0 || exit 1" +test x\$exitcode = x0 || exit 1 +test -x / || exit 1" as_suggested=" as_lineno_1=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_1a=\$LINENO as_lineno_2=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_2a=\$LINENO eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" && @@ -222,21 +246,25 @@ if test "x$CONFIG_SHELL" != x; then : - # We cannot yet assume a decent shell, so we have to provide a - # neutralization value for shells without unset; and this also - # works around shells that cannot unset nonexistent variables. - # Preserve -v and -x to the replacement shell. - BASH_ENV=/dev/null - ENV=/dev/null - (unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV - export CONFIG_SHELL - case $- in # (((( - *v*x* | *x*v* ) as_opts=-vx ;; - *v* ) as_opts=-v ;; - *x* ) as_opts=-x ;; - * ) as_opts= ;; - esac - exec "$CONFIG_SHELL" $as_opts "$as_myself" ${1+"$@"} + export CONFIG_SHELL + # We cannot yet assume a decent shell, so we have to provide a +# neutralization value for shells without unset; and this also +# works around shells that cannot unset nonexistent variables. +# Preserve -v and -x to the replacement shell. +BASH_ENV=/dev/null +ENV=/dev/null +(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV +case $- in # (((( + *v*x* | *x*v* ) as_opts=-vx ;; + *v* ) as_opts=-v ;; + *x* ) as_opts=-x ;; + * ) as_opts= ;; +esac +exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} +# Admittedly, this is quite paranoid, since all the known shells bail +# out after a failed `exec'. +$as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 +exit 255 fi if test x$as_have_required = xno; then : @@ -339,6 +367,14 @@ } # as_fn_mkdir_p + +# as_fn_executable_p FILE +# ----------------------- +# Test if FILE is an executable regular file. +as_fn_executable_p () +{ + test -f "$1" && test -x "$1" +} # as_fn_executable_p # as_fn_append VAR VALUE # ---------------------- # Append the text in VALUE to the end of the definition contained in VAR. Take @@ -460,6 +496,10 @@ chmod +x "$as_me.lineno" || { $as_echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; } + # If we had to re-execute with $CONFIG_SHELL, we're ensured to have + # already done that, so ensure we don't try to do so again and fall + # in an infinite loop. This has already happened in practice. + _as_can_reexec=no; export _as_can_reexec # Don't try to exec as it changes $[0], causing all sort of problems # (the dirname of $[0] is not the place where we might find the # original and so on. Autoconf is especially sensitive to this). @@ -494,16 +534,16 @@ # ... but there are two gotchas: # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. - # In both cases, we have to default to `cp -p'. + # In both cases, we have to default to `cp -pR'. ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || - as_ln_s='cp -p' + as_ln_s='cp -pR' elif ln conf$$.file conf$$ 2>/dev/null; then as_ln_s=ln else - as_ln_s='cp -p' + as_ln_s='cp -pR' fi else - as_ln_s='cp -p' + as_ln_s='cp -pR' fi rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file rmdir conf$$.dir 2>/dev/null @@ -515,28 +555,8 @@ as_mkdir_p=false fi -if test -x / >/dev/null 2>&1; then - as_test_x='test -x' -else - if ls -dL / >/dev/null 2>&1; then - as_ls_L_option=L - else - as_ls_L_option= - fi - as_test_x=' - eval sh -c '\'' - if test -d "$1"; then - test -d "$1/."; - else - case $1 in #( - -*)set "./$1";; - esac; - case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in #(( - ???[sx]*):;;*)false;;esac;fi - '\'' sh - ' -fi -as_executable_p=$as_test_x +as_test_x='test -x' +as_executable_p=as_fn_executable_p # Sed expression to map a string onto a valid CPP name. as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" @@ -570,8 +590,8 @@ # Identity of this package. PACKAGE_NAME='sudo' PACKAGE_TARNAME='sudo' -PACKAGE_VERSION='1.7.10p8' -PACKAGE_STRING='sudo 1.7.10p8' +PACKAGE_VERSION='1.7.10p9' +PACKAGE_STRING='sudo 1.7.10p9' PACKAGE_BUGREPORT='http://www.sudo.ws/bugs/' PACKAGE_URL='' @@ -827,6 +847,7 @@ with_fqdn with_timedir with_iologdir +with_tzdir with_sendmail with_sudoers_mode with_sudoers_uid @@ -1360,8 +1381,6 @@ if test "x$host_alias" != x; then if test "x$build_alias" = x; then cross_compiling=maybe - $as_echo "$as_me: WARNING: if you wanted to set the --build type, don't use --host. - If a cross compiler is detected then cross compile mode will be used" >&2 elif test "x$build_alias" != "x$host_alias"; then cross_compiling=yes fi @@ -1447,7 +1466,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures sudo 1.7.10p8 to adapt to many kinds of systems. +\`configure' configures sudo 1.7.10p9 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1512,7 +1531,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of sudo 1.7.10p8:";; + short | recursive ) echo "Configuration of sudo 1.7.10p9:";; esac cat <<\_ACEOF @@ -1538,8 +1557,7 @@ --enable-werror Whether to enable the -Werror compiler option --disable-hardening Do not use compiler/linker exploit mitigation options - --disable-pie Do not build position independent executables, even - if the compiler/linker supports them + --enable-pie Build sudo as a position independent executable. --enable-admin-flag Whether to create a Ubuntu-style admin flag file --enable-gss-krb5-ccache-name Use GSS-API to set the Kerberos V cred cache name @@ -1603,6 +1621,7 @@ --with-fqdn expect fully qualified hosts in sudoers --with-timedir path to the sudo timestamp dir --with-iologdir=DIR directory to store sudo I/O log files in + --with-tzdir=DIR path to the time zone data directory --with-sendmail set path to sendmail --without-sendmail do not send mail at all --with-sudoers-mode mode of sudoers file (defaults to 0440) @@ -1737,10 +1756,10 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -sudo configure 1.7.10p8 -generated by GNU Autoconf 2.68 +sudo configure 1.7.10p9 +generated by GNU Autoconf 2.69 -Copyright (C) 2010 Free Software Foundation, Inc. +Copyright (C) 2012 Free Software Foundation, Inc. This configure script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it. _ACEOF @@ -1816,7 +1835,7 @@ test ! -s conftest.err } && test -s conftest$ac_exeext && { test "$cross_compiling" = yes || - $as_test_x conftest$ac_exeext + test -x conftest$ac_exeext }; then : ac_retval=0 else @@ -2231,7 +2250,8 @@ main () { static int test_array [1 - 2 * !(($2) >= 0)]; -test_array [0] = 0 +test_array [0] = 0; +return test_array [0]; ; return 0; @@ -2247,7 +2267,8 @@ main () { static int test_array [1 - 2 * !(($2) <= $ac_mid)]; -test_array [0] = 0 +test_array [0] = 0; +return test_array [0]; ; return 0; @@ -2273,7 +2294,8 @@ main () { static int test_array [1 - 2 * !(($2) < 0)]; -test_array [0] = 0 +test_array [0] = 0; +return test_array [0]; ; return 0; @@ -2289,7 +2311,8 @@ main () { static int test_array [1 - 2 * !(($2) >= $ac_mid)]; -test_array [0] = 0 +test_array [0] = 0; +return test_array [0]; ; return 0; @@ -2323,7 +2346,8 @@ main () { static int test_array [1 - 2 * !(($2) <= $ac_mid)]; -test_array [0] = 0 +test_array [0] = 0; +return test_array [0]; ; return 0; @@ -2441,8 +2465,8 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by sudo $as_me 1.7.10p8, which was -generated by GNU Autoconf 2.68. Invocation command line was +It was created by sudo $as_me 1.7.10p9, which was +generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -3065,7 +3089,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="${ac_tool_prefix}gcc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -3105,7 +3129,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CC="gcc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -3158,7 +3182,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="${ac_tool_prefix}cc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -3199,7 +3223,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then ac_prog_rejected=yes continue @@ -3257,7 +3281,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="$ac_tool_prefix$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -3301,7 +3325,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CC="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -3747,8 +3771,7 @@ /* end confdefs.h. */ #include #include -#include -#include +struct stat; /* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */ struct buf { int x; }; FILE * (*rcsopen) (struct buf *, struct stat *, int); @@ -4599,6 +4622,16 @@ +# Check whether --with-tzdir was given. +if test "${with_tzdir+set}" = set; then : + withval=$with_tzdir; case $with_tzdir in + yes) as_fn_error $? "\"must give --with-tzdir an argument.\"" "$LINENO" 5 + ;; +esac +fi + + + # Check whether --with-sendmail was given. if test "${with_sendmail+set}" = set; then : withval=$with_sendmail; case $with_sendmail in @@ -5597,8 +5630,6 @@ # Check whether --enable-pie was given. if test "${enable_pie+set}" = set; then : enableval=$enable_pie; -else - enable_pie=yes fi @@ -5895,7 +5926,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_AR="${ac_tool_prefix}ar" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -5935,7 +5966,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_AR="ar" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -5987,7 +6018,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -6027,7 +6058,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_RANLIB="ranlib" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -6284,7 +6315,7 @@ for ac_prog in sed gsed; do for ac_exec_ext in '' $ac_executable_extensions; do ac_path_SED="$as_dir/$ac_prog$ac_exec_ext" - { test -f "$ac_path_SED" && $as_test_x "$ac_path_SED"; } || continue + as_fn_executable_p "$ac_path_SED" || continue # Check for GNU ac_path_SED and select it if it is found. # Check for GNU $ac_path_SED case `"$ac_path_SED" --version 2>&1` in @@ -6360,7 +6391,7 @@ for ac_prog in grep ggrep; do for ac_exec_ext in '' $ac_executable_extensions; do ac_path_GREP="$as_dir/$ac_prog$ac_exec_ext" - { test -f "$ac_path_GREP" && $as_test_x "$ac_path_GREP"; } || continue + as_fn_executable_p "$ac_path_GREP" || continue # Check for GNU ac_path_GREP and select it if it is found. # Check for GNU $ac_path_GREP case `"$ac_path_GREP" --version 2>&1` in @@ -6426,7 +6457,7 @@ for ac_prog in egrep; do for ac_exec_ext in '' $ac_executable_extensions; do ac_path_EGREP="$as_dir/$ac_prog$ac_exec_ext" - { test -f "$ac_path_EGREP" && $as_test_x "$ac_path_EGREP"; } || continue + as_fn_executable_p "$ac_path_EGREP" || continue # Check for GNU ac_path_EGREP and select it if it is found. # Check for GNU $ac_path_EGREP case `"$ac_path_EGREP" --version 2>&1` in @@ -6493,7 +6524,7 @@ for ac_prog in fgrep; do for ac_exec_ext in '' $ac_executable_extensions; do ac_path_FGREP="$as_dir/$ac_prog$ac_exec_ext" - { test -f "$ac_path_FGREP" && $as_test_x "$ac_path_FGREP"; } || continue + as_fn_executable_p "$ac_path_FGREP" || continue # Check for GNU ac_path_FGREP and select it if it is found. # Check for GNU $ac_path_FGREP case `"$ac_path_FGREP" --version 2>&1` in @@ -6749,7 +6780,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_DUMPBIN="$ac_tool_prefix$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -6793,7 +6824,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_DUMPBIN="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -7217,7 +7248,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_OBJDUMP="${ac_tool_prefix}objdump" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -7257,7 +7288,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_OBJDUMP="objdump" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -7563,7 +7594,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_DLLTOOL="${ac_tool_prefix}dlltool" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -7603,7 +7634,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_DLLTOOL="dlltool" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -7706,7 +7737,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_AR="$ac_tool_prefix$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -7750,7 +7781,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_AR="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -7875,7 +7906,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_STRIP="${ac_tool_prefix}strip" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -7915,7 +7946,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_STRIP="strip" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -7974,7 +8005,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -8014,7 +8045,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_RANLIB="ranlib" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -8118,7 +8149,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_AWK="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -8705,7 +8736,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_MANIFEST_TOOL="${ac_tool_prefix}mt" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -8745,7 +8776,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_MANIFEST_TOOL="mt" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -8825,7 +8856,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_DSYMUTIL="${ac_tool_prefix}dsymutil" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -8865,7 +8896,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_DSYMUTIL="dsymutil" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -8917,7 +8948,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_NMEDIT="${ac_tool_prefix}nmedit" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -8957,7 +8988,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_NMEDIT="nmedit" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -9009,7 +9040,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_LIPO="${ac_tool_prefix}lipo" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -9049,7 +9080,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_LIPO="lipo" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -9101,7 +9132,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_OTOOL="${ac_tool_prefix}otool" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -9141,7 +9172,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_OTOOL="otool" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -9193,7 +9224,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_OTOOL64="${ac_tool_prefix}otool64" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -9233,7 +9264,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_OTOOL64="otool64" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -13627,7 +13658,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_UNAMEPROG="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -13668,7 +13699,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_TRPROG="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -13709,7 +13740,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_MANDOCPROG="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -13753,7 +13784,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_NROFFPROG="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -14389,11 +14420,6 @@ CHECKSHADOW="false" test -z "$with_pam" && AUTH_EXCL_DEF="PAM" : ${with_logincap='maybe'} - # PIE is broken on FreeBSD/ia64 - case "$host_cpu" in - ia64*) - enable_pie=no;; - esac ;; *-*-*openbsd*) # OpenBSD has a real setreuid(2) starting with 3.3 but @@ -14562,11 +14588,11 @@ int main () { -/* FIXME: Include the comments suggested by Paul. */ + #ifndef __cplusplus - /* Ultrix mips cc rejects this. */ + /* Ultrix mips cc rejects this sort of thing. */ typedef int charset[2]; - const charset cs; + const charset cs = { 0, 0 }; /* SunOS 4.1.1 cc rejects this. */ char const *const *pcpcc; char **ppc; @@ -14583,8 +14609,9 @@ ++pcpcc; ppc = (char**) pcpcc; pcpcc = (char const *const *) ppc; - { /* SCO 3.2v4 cc rejects this. */ - char *t; + { /* SCO 3.2v4 cc rejects this sort of thing. */ + char tx; + char *t = &tx; char const *s = 0 ? (char *) 0 : (char const *) 0; *t++ = 0; @@ -14600,10 +14627,10 @@ iptr p = 0; ++p; } - { /* AIX XL C 1.02.0.0 rejects this saying + { /* AIX XL C 1.02.0.0 rejects this sort of thing, saying "k.c", line 2.27: 1506-025 (S) Operand must be a modifiable lvalue. */ - struct s { int j; const int *ap[3]; }; - struct s *b; b->j = 5; + struct s { int j; const int *ap[3]; } bx; + struct s *b = &bx; b->j = 5; } { /* ULTRIX-32 V3.1 (Rev 9) vcc rejects this */ const int foo = 10; @@ -14684,7 +14711,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_YACC="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -14727,7 +14754,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_FLEX="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -15465,6 +15492,8 @@ esac rm -rf conftest* fi + + fi case "$host" in @@ -15811,12 +15840,14 @@ fi - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for long long int" >&5 -$as_echo_n "checking for long long int... " >&6; } -if ${ac_cv_type_long_long_int+:} false; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for unsigned long long int" >&5 +$as_echo_n "checking for unsigned long long int... " >&6; } +if ${ac_cv_type_unsigned_long_long_int+:} false; then : $as_echo_n "(cached) " >&6 else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext + ac_cv_type_unsigned_long_long_int=yes + if test "x${ac_cv_prog_cc_c99-no}" = xno; then + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* For now, do not test the preprocessor; as of 2007 there are too many @@ -15849,37 +15880,64 @@ _ACEOF if ac_fn_c_try_link "$LINENO"; then : - if test "$cross_compiling" = yes; then : + +else + ac_cv_type_unsigned_long_long_int=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_unsigned_long_long_int" >&5 +$as_echo "$ac_cv_type_unsigned_long_long_int" >&6; } + if test $ac_cv_type_unsigned_long_long_int = yes; then + +$as_echo "#define HAVE_UNSIGNED_LONG_LONG_INT 1" >>confdefs.h + + fi + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for long long int" >&5 +$as_echo_n "checking for long long int... " >&6; } +if ${ac_cv_type_long_long_int+:} false; then : + $as_echo_n "(cached) " >&6 +else ac_cv_type_long_long_int=yes + if test "x${ac_cv_prog_cc_c99-no}" = xno; then + ac_cv_type_long_long_int=$ac_cv_type_unsigned_long_long_int + if test $ac_cv_type_long_long_int = yes; then + if test "$cross_compiling" = yes; then : + : else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include - #ifndef LLONG_MAX - # define HALF \ - (1LL << (sizeof (long long int) * CHAR_BIT - 2)) - # define LLONG_MAX (HALF - 1 + HALF) - #endif + #ifndef LLONG_MAX + # define HALF \ + (1LL << (sizeof (long long int) * CHAR_BIT - 2)) + # define LLONG_MAX (HALF - 1 + HALF) + #endif int main () { long long int n = 1; - int i; - for (i = 0; ; i++) - { - long long int m = n << i; - if (m >> i != n) - return 1; - if (LLONG_MAX / 2 < m) - break; - } - return 0; + int i; + for (i = 0; ; i++) + { + long long int m = n << i; + if (m >> i != n) + return 1; + if (LLONG_MAX / 2 < m) + break; + } + return 0; ; return 0; } _ACEOF if ac_fn_c_try_run "$LINENO"; then : - ac_cv_type_long_long_int=yes + else ac_cv_type_long_long_int=no fi @@ -15887,12 +15945,9 @@ conftest.$ac_objext conftest.beam conftest.$ac_ext fi -else - ac_cv_type_long_long_int=no + fi + fi fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_long_long_int" >&5 $as_echo "$ac_cv_type_long_long_int" >&6; } if test $ac_cv_type_long_long_int = yes; then @@ -18376,7 +18431,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_KRB5CONFIG="yes" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -19827,7 +19882,28 @@ { $as_echo "$as_me:${as_lineno-$LINENO}: result: $iolog_dir" >&5 $as_echo "$iolog_dir" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking time zone data directory" >&5 +$as_echo_n "checking time zone data directory... " >&6; } +tzdir="$with_tzdir" +if test -z "$tzdir"; then + tzdir=no + for d in /usr/share /usr/share/lib /usr/lib /etc; do + if test -d "$d/zoneinfo"; then + tzdir="$d/zoneinfo" + break + fi + done +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $tzdir" >&5 +$as_echo "$tzdir" >&6; } +if test "${tzdir}" != "no"; then + cat >>confdefs.h <&5 + +ac_c_werror_flag=yes + +if test -n "$GCC"; then + if test -z "$enable_pie"; then + case "$host_os" in + linux*) + # Attempt to build with PIE support + enable_pie="maybe" + ;; + esac + fi + if test -n "$enable_pie"; then + if test "$enable_pie" = "no"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -fno-pie" >&5 +$as_echo_n "checking whether C compiler accepts -fno-pie... " >&6; } +if ${ax_cv_check_cflags___fno_pie+:} false; then : + $as_echo_n "(cached) " >&6 +else + + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS -fno-pie" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ax_cv_check_cflags___fno_pie=yes +else + ax_cv_check_cflags___fno_pie=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_cflags___fno_pie" >&5 +$as_echo "$ax_cv_check_cflags___fno_pie" >&6; } +if test x"$ax_cv_check_cflags___fno_pie" = xyes; then : + + _CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS -fno-pie" + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the linker accepts -nopie" >&5 +$as_echo_n "checking whether the linker accepts -nopie... " >&6; } +if ${ax_cv_check_ldflags___nopie+:} false; then : + $as_echo_n "(cached) " >&6 +else + + ax_check_save_flags=$LDFLAGS + LDFLAGS="$LDFLAGS -nopie" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ax_cv_check_ldflags___nopie=yes +else + ax_cv_check_ldflags___nopie=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + LDFLAGS=$ax_check_save_flags +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_ldflags___nopie" >&5 +$as_echo "$ax_cv_check_ldflags___nopie" >&6; } +if test x"$ax_cv_check_ldflags___nopie" = xyes; then : + + PIE_CFLAGS="-fno-pie" + PIE_LDFLAGS="-nopie" + +else + : +fi + + CFLAGS="$_CFLAGS" + +else + : +fi + + else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -fPIE" >&5 $as_echo_n "checking whether C compiler accepts -fPIE... " >&6; } if ${ax_cv_check_cflags___fPIE+:} false; then : $as_echo_n "(cached) " >&6 @@ -19988,9 +20156,9 @@ $as_echo "$ax_cv_check_cflags___fPIE" >&6; } if test x"$ax_cv_check_cflags___fPIE" = xyes; then : - _CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS -fPIE" - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the linker accepts -pie" >&5 + _CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS -fPIE" + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the linker accepts -pie" >&5 $as_echo_n "checking whether the linker accepts -pie... " >&6; } if ${ax_cv_check_ldflags___pie+:} false; then : $as_echo_n "(cached) " >&6 @@ -20022,24 +20190,59 @@ $as_echo "$ax_cv_check_ldflags___pie" >&6; } if test x"$ax_cv_check_ldflags___pie" = xyes; then : - PIE_CFLAGS="-fPIE" - PIE_LDFLAGS="-pie" + if test "$enable_pie" = "maybe"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for working PIE support" >&5 +$as_echo_n "checking for working PIE support... " >&6; } +if ${sudo_cv_working_pie+:} false; then : + $as_echo_n "(cached) " >&6 +else + rm -f conftestdata; > conftestdata +if test "$cross_compiling" = yes; then : + sudo_cv_working_pie=no +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$ac_includes_default +main() { char *p = malloc(1024); if (p == NULL) return 1; memset(p, 0, 1024); return 0; } +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + sudo_cv_working_pie=yes +else + sudo_cv_working_pie=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi +rm -f core core.* *.core +fi + +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $sudo_cv_working_pie" >&5 +$as_echo "$sudo_cv_working_pie" >&6; } +if test $sudo_cv_working_pie = yes; then : + enable_pie=yes +fi + fi + if test "$enable_pie" = "yes"; then + PIE_CFLAGS="-fPIE" + PIE_LDFLAGS="-fPIE -pie" + fi + else : fi - CFLAGS="$_CFLAGS" + CFLAGS="$_CFLAGS" else : fi + fi + fi fi if test "$enable_hardening" != "no"; then - -ac_c_werror_flag=yes if test -n "$GCC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -fstack-protector-all" >&5 $as_echo_n "checking whether C compiler accepts -fstack-protector-all... " >&6; } @@ -20735,16 +20938,16 @@ # ... but there are two gotchas: # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. - # In both cases, we have to default to `cp -p'. + # In both cases, we have to default to `cp -pR'. ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || - as_ln_s='cp -p' + as_ln_s='cp -pR' elif ln conf$$.file conf$$ 2>/dev/null; then as_ln_s=ln else - as_ln_s='cp -p' + as_ln_s='cp -pR' fi else - as_ln_s='cp -p' + as_ln_s='cp -pR' fi rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file rmdir conf$$.dir 2>/dev/null @@ -20804,29 +21007,17 @@ as_mkdir_p=false fi -if test -x / >/dev/null 2>&1; then - as_test_x='test -x' -else - if ls -dL / >/dev/null 2>&1; then - as_ls_L_option=L - else - as_ls_L_option= - fi - as_test_x=' - eval sh -c '\'' - if test -d "$1"; then - test -d "$1/."; - else - case $1 in #( - -*)set "./$1";; - esac; - case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in #(( - ???[sx]*):;;*)false;;esac;fi - '\'' sh - ' -fi -as_executable_p=$as_test_x +# as_fn_executable_p FILE +# ----------------------- +# Test if FILE is an executable regular file. +as_fn_executable_p () +{ + test -f "$1" && test -x "$1" +} # as_fn_executable_p +as_test_x='test -x' +as_executable_p=as_fn_executable_p + # Sed expression to map a string onto a valid CPP name. as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" @@ -20846,8 +21037,8 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by sudo $as_me 1.7.10p8, which was -generated by GNU Autoconf 2.68. Invocation command line was +This file was extended by sudo $as_me 1.7.10p9, which was +generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES CONFIG_HEADERS = $CONFIG_HEADERS @@ -20912,11 +21103,11 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -sudo config.status 1.7.10p8 -configured by $0, generated by GNU Autoconf 2.68, +sudo config.status 1.7.10p9 +configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" -Copyright (C) 2010 Free Software Foundation, Inc. +Copyright (C) 2012 Free Software Foundation, Inc. This config.status script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it." @@ -21005,7 +21196,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 if \$ac_cs_recheck; then - set X '$SHELL' '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion + set X $SHELL '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion shift \$as_echo "running CONFIG_SHELL=$SHELL \$*" >&6 CONFIG_SHELL='$SHELL' diff -urNa sudo-1.7.10p8/configure.in sudo-1.7.10p9/configure.in --- sudo-1.7.10p8/configure.in Wed Mar 5 06:08:53 2014 +++ sudo-1.7.10p9/configure.in Tue Feb 10 10:09:58 2015 @@ -3,7 +3,7 @@ dnl dnl Copyright (c) 1994-1996,1998-2014 Todd C. Miller dnl -AC_INIT([sudo], [1.7.10p8], [http://www.sudo.ws/bugs/], [sudo]) +AC_INIT([sudo], [1.7.10p9], [http://www.sudo.ws/bugs/], [sudo]) AC_CONFIG_HEADER(config.h pathnames.h zlib/zconf.h) dnl dnl Note: this must come after AC_INIT @@ -729,6 +729,12 @@ no) ;; esac]) +AC_ARG_WITH(tzdir, [AS_HELP_STRING([--with-tzdir=DIR], [path to the time zone data directory])], +[case $with_tzdir in + yes) AC_MSG_ERROR(["must give --with-tzdir an argument."]) + ;; +esac]) + AC_ARG_WITH(sendmail, [AS_HELP_STRING([--with-sendmail], [set path to sendmail]) AS_HELP_STRING([--without-sendmail], [do not send mail at all])], [case $with_sendmail in @@ -1333,8 +1339,7 @@ [], [enable_hardening=yes]) AC_ARG_ENABLE(pie, -[AS_HELP_STRING([--disable-pie], [Do not build position independent executables, even if the compiler/linker supports them])], -[], [enable_pie=yes]) +[AS_HELP_STRING([--enable-pie], [Build sudo as a position independent executable.])]) AC_ARG_ENABLE(admin-flag, [AS_HELP_STRING([--enable-admin-flag], [Whether to create a Ubuntu-style admin flag file])], @@ -1821,11 +1826,6 @@ CHECKSHADOW="false" test -z "$with_pam" && AUTH_EXCL_DEF="PAM" : ${with_logincap='maybe'} - # PIE is broken on FreeBSD/ia64 - case "$host_cpu" in - ia64*) - enable_pie=no;; - esac ;; *-*-*openbsd*) # OpenBSD has a real setreuid(2) starting with 3.3 but @@ -2976,6 +2976,7 @@ SUDO_LOGFILE SUDO_TIMEDIR SUDO_IO_LOGDIR +SUDO_TZDIR dnl dnl If I/O logging is enabled, build sudoreplay and exec_pty get_pty.o iolog.o @@ -3024,42 +3025,90 @@ fi dnl +dnl Turn warnings into errors. +dnl All compiler/loader tests after this point will fail if +dnl a warning is displayed (nornally, warnings are not fata). +dnl +AC_LANG_WERROR + +dnl dnl Check for PIE executable support if using gcc. dnl This test relies on AC_LANG_WERROR dnl -if test "$enable_pie" != "no" -a -n "$GCC"; then - AX_CHECK_COMPILE_FLAG([-fPIE], [ - _CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS -fPIE" - AX_CHECK_LINK_FLAG([-pie], [ - PIE_CFLAGS="-fPIE" - PIE_LDFLAGS="-pie" - ]) - CFLAGS="$_CFLAGS" - ]) +if test -n "$GCC"; then + if test -z "$enable_pie"; then + case "$host_os" in + linux*) + # Attempt to build with PIE support + enable_pie="maybe" + ;; + esac + fi + if test -n "$enable_pie"; then + if test "$enable_pie" = "no"; then + AX_CHECK_COMPILE_FLAG([-fno-pie], [ + _CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS -fno-pie" + AX_CHECK_LINK_FLAG([-nopie], [ + PIE_CFLAGS="-fno-pie" + PIE_LDFLAGS="-nopie" + ]) + CFLAGS="$_CFLAGS" + ]) + else + AX_CHECK_COMPILE_FLAG([-fPIE], [ + _CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS -fPIE" + AX_CHECK_LINK_FLAG([-pie], [ + if test "$enable_pie" = "maybe"; then + SUDO_WORKING_PIE([enable_pie=yes], []) + fi + if test "$enable_pie" = "yes"; then + PIE_CFLAGS="-fPIE" + PIE_LDFLAGS="-fPIE -pie" + fi + ]) + CFLAGS="$_CFLAGS" + ]) + fi + fi fi +if test "$enable_pie" != "yes"; then + # Solaris 11.1 and higher supports tagging binaries to use ASLR + case "$host_os" in + solaris2.1[[1-9]]|solaris2.[[2-9]][[0-9]]) + AX_CHECK_LINK_FLAG([-Wl,-z,aslr], [PIE_LDFLAGS="${PIE_LDFLAGS}${PIE_LDFLAGS+ }-Wl,-z,aslr"]) + ;; + esac +fi dnl dnl Check for -fstack-protector and -z relro support -dnl This must be towards the end as it turns warnings -dnl into fatal errors (and there is no way to undo that) +dnl This test relies on AC_LANG_WERROR dnl if test "$enable_hardening" != "no"; then - AC_LANG_WERROR if test -n "$GCC"; then - AX_CHECK_COMPILE_FLAG([-fstack-protector-all], [ - AX_CHECK_LINK_FLAG([-fstack-protector-all], [ - SSP_CFLAGS="-fstack-protector-all" - SSP_LDFLAGS="-fstack-protector-all" + AX_CHECK_COMPILE_FLAG([-fstack-protector-strong], [ + AX_CHECK_LINK_FLAG([-fstack-protector-strong], [ + SSP_CFLAGS="-fstack-protector-strong" + SSP_LDFLAGS="-Wc,-fstack-protector-strong" ]) ]) if test -z "$SSP_CFLAGS"; then - AX_CHECK_COMPILE_FLAG([-fstack-protector], [ - AX_CHECK_LINK_FLAG([-fstack-protector], [ - SSP_CFLAGS="-fstack-protector" - SSP_LDFLAGS="-fstack-protector" + AX_CHECK_COMPILE_FLAG([-fstack-protector-all], [ + AX_CHECK_LINK_FLAG([-fstack-protector-all], [ + SSP_CFLAGS="-fstack-protector-all" + SSP_LDFLAGS="-Wc,-fstack-protector-all" ]) ]) + if test -z "$SSP_CFLAGS"; then + AX_CHECK_COMPILE_FLAG([-fstack-protector], [ + AX_CHECK_LINK_FLAG([-fstack-protector], [ + SSP_CFLAGS="-fstack-protector" + SSP_LDFLAGS="-Wc,-fstack-protector" + ]) + ]) + fi fi fi AX_CHECK_LINK_FLAG([-Wl,-z,relro], [LDFLAGS="${LDFLAGS} -Wl,-z,relro"]) diff -urNa sudo-1.7.10p8/env.c sudo-1.7.10p9/env.c --- sudo-1.7.10p8/env.c Wed Mar 5 06:06:25 2014 +++ sudo-1.7.10p9/env.c Tue Feb 10 10:09:58 2015 @@ -211,6 +211,7 @@ "LC_*", "LINGUAS", "TERM", + "TZ", NULL }; @@ -226,7 +227,6 @@ "PATH", "PS1", "PS2", - "TZ", "XAUTHORITY", "XAUTHORIZATION", NULL @@ -564,6 +564,54 @@ } /* + * Sanity-check the TZ environment variable. + * On many systems it is possible to set this to a pathname. + */ +static int +tz_is_sane(tzval) + const char *tzval; +{ + const char *cp; + char lastch; + + /* tzcode treats a value beginning with a ':' as a path. */ + if (tzval[0] == ':') + tzval++; + + /* Reject fully-qualified TZ that doesn't being with the zoneinfo dir. */ + if (tzval[0] == '/') { +#ifdef _PATH_ZONEINFO + if (strncmp(tzval, _PATH_ZONEINFO, sizeof(_PATH_ZONEINFO) - 1) != 0 || + tzval[sizeof(_PATH_ZONEINFO) - 1] != '/') + return FALSE; +#else + /* Assume the worst. */ + return FALSE; +#endif + } + + /* + * Make sure TZ only contains printable non-space characters + * and does not contain a '..' path element. + */ + lastch = '/'; + for (cp = tzval; *cp != '\0'; cp++) { + if (isspace((unsigned char)*cp) || !isprint((unsigned char)*cp)) + return FALSE; + if (lastch == '/' && cp[0] == '.' && cp[1] == '.' && + (cp[2] == '/' || cp[2] == '\0')) + return FALSE; + lastch = *cp; + } + + /* Reject extra long TZ values (even if not a path). */ + if ((size_t)(cp - tzval) >= PATH_MAX) + return FALSE; + + return TRUE; +} + +/* * Apply the env_check list. * Returns TRUE if the variable is allowed, FALSE if denied * or -1 if no match. @@ -586,7 +634,12 @@ iswild = FALSE; if (strncmp(cur->value, var, len) == 0 && (iswild || var[len] == '=')) { - keepit = !strpbrk(var, "/%"); + if (strncmp(var, "TZ=", 3) == 0) { + /* Special case for TZ */ + keepit = tz_is_sane(var + 3); + } else { + keepit = !strpbrk(var, "/%"); + } break; } } diff -urNa sudo-1.7.10p8/mkpkg sudo-1.7.10p9/mkpkg --- sudo-1.7.10p8/mkpkg Wed Mar 5 09:58:08 2014 +++ sudo-1.7.10p9/mkpkg Tue Feb 10 10:09:58 2015 @@ -210,7 +210,14 @@ esac if test "${osversion}" != "`$top_srcdir/pp --probe`"; then sdkvers=`echo "${osversion}" | sed 's/^macos\([0-9][0-9]\)\([0-9]*\)-.*$/\1.\2/'` - SDK_FLAGS="-isysroot /Developer/SDKs/MacOSX${sdkvers}.sdk -mmacosx-version-min=${sdkvers}" + # Newer Xcode puts /Developer under the app Contents dir. + SDK_DIR="/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs" + if test -d "${SDK_DIR}/MacOSX${sdkvers}.sdk"; then + SDK_DIR="${SDK_DIR}/MacOSX${sdkvers}.sdk" + elif test -d "/Developer/SDKs/MacOSX${sdkvers}.sdk"; then + SDK_DIR="/Developer/SDKs/MacOSX${sdkvers}.sdk" + fi + SDK_FLAGS="-isysroot ${SDK_DIR} -mmacosx-version-min=${sdkvers}" fi export CFLAGS="-O2 -g $ARCH_FLAGS $SDK_FLAGS" export LDFLAGS="$ARCH_FLAGS $SDK_FLAGS" diff -urNa sudo-1.7.10p8/pathnames.h.in sudo-1.7.10p9/pathnames.h.in --- sudo-1.7.10p8/pathnames.h.in Fri Mar 1 09:08:30 2013 +++ sudo-1.7.10p9/pathnames.h.in Tue Feb 10 10:09:58 2015 @@ -149,3 +149,7 @@ #ifndef _PATH_NETSVC_CONF #undef _PATH_NETSVC_CONF #endif /* _PATH_NETSVC_CONF */ + +#ifndef _PATH_ZONEINFO +#undef _PATH_ZONEINFO +#endif /* _PATH_ZONEINFO */ diff -urNa sudo-1.7.10p8/pp sudo-1.7.10p9/pp --- sudo-1.7.10p8/pp Fri Mar 1 09:08:30 2013 +++ sudo-1.7.10p9/pp Tue Feb 10 10:09:58 2015 @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2012 Quest Software, Inc. ALL RIGHTS RESERVED -pp_revision="371" +# Copyright 2014 Quest Software, Inc. ALL RIGHTS RESERVED +pp_revision="20140924" # Copyright 2012 Quest Software, Inc. ALL RIGHTS RESERVED. # # Redistribution and use in source and binary forms, with or without @@ -1255,7 +1255,7 @@ pp_files_expand () { typeset _p _mode _group _owner _flags _path _optional _has_target _tree - typeset _path _file _tgt _m _o _g _f _type _lm _ll _lo _lg _ls _lx + typeset _target _file _tgt _m _o _g _f _type _lm _ll _lo _lg _ls _lx typeset _ignore _a test $# -eq 0 && return @@ -1285,6 +1285,7 @@ #-- process the flags argument _flags= + _target= _optional=false _has_target=false _ignore=false @@ -2055,7 +2056,9 @@ (cd $pp_destdir && pp_verbose /usr/sbin/backup -i -q -p -f -) \ < $pp_wrkdir/bff.list \ > $pp_wrkdir/$outbff || pp_error "backup failed" - $pp_aix_sudo /usr/sbin/installp -l -d $pp_wrkdir/$outbff + if test -n "$pp_aix_sudo" -o -x /usr/sbin/installp; then + $pp_aix_sudo /usr/sbin/installp -l -d $pp_wrkdir/$outbff + fi } pp_backend_aix_cleanup () { @@ -2429,14 +2432,20 @@ fi } - pp_running () { - if test ! -s "\$pidfile"; then - return 1 - else - read pid < "\$pidfile" - kill -0 "\$pid" 2>/dev/null - fi - } + pp_running () { + if test -s "\$pidfile"; then + read pid < "\$pidfile" 2>/dev/null + if test \${pid:-0} -gt 1 && kill -0 "\$pid" 2>/dev/null; then + # make sure command name matches + c="\`echo $cmd | sed -e 's: .*::' -e 's:^.*/::'\`" + pid="\`ps -p \$pid 2>/dev/null | sed -n \"s/^ *\(\$pid\) .*\$c *\$/\1/p\"\`" + if test -n "\$pid"; then + return 0 + fi + fi + fi + return 1 + } case \$1 in start_msg) echo "Starting the \$svc service";; @@ -3673,10 +3682,18 @@ # returns true if $svc is running pp_running () { - test -s "$pidfile" || return 1 - read pid junk < "$pidfile" 2>/dev/null - test ${pid:-0} -gt 1 && - kill -0 "$pid" 2>/dev/null + if test -s "$pidfile"; then + read pid < "$pidfile" 2>/dev/null + if test ${pid:-0} -gt 1 && kill -0 "$pid" 2>/dev/null; then + # make sure command name matches up to the first 8 chars + c="`echo $_cmd | sed -e 's: .*::' -e 's:^.*/::' -e 's/^\(........\).*$/\1/'`" + pid="`ps -p $pid 2>/dev/null | sed -n \"s/^ *\($pid\) .*$c *$/\1/p\"`" + if test -n "$pid"; then + return 0 + fi + fi + fi + return 1 } # prints a message describing $svc's running state @@ -3743,12 +3760,12 @@ file=${pp_solaris_service_script:-"/etc/init.d/${pp_solaris_service_script_name:-$svc}"} echo ' -'$file' stop >/dev/null 2>/dev/null if [ "x${PKG_INSTALL_ROOT}" = 'x' ]; then if [ -x /usr/sbin/svcadm ] ; then - # Likely un-needed, but just in case. /usr/sbin/svcadm disable -s '$svc' 2>/dev/null /usr/sbin/svccfg delete '$svc' 2>/dev/null + else + '$file' stop >/dev/null 2>/dev/null fi fi ' @@ -5501,7 +5518,10 @@ while read t m o g f p st; do _l="$p" test $t = d && _l="%dir ${_l%/}/" - if test x"$m" = x"-"; then + if test $t = s; then + # rpm warns if %attr contains a mode for symlinks + m=- + elif test x"$m" = x"-"; then case "$t" in d) m=755;; f) m=644;; @@ -5645,7 +5665,6 @@ pp_rpm_label "Vendor" "${pp_rpm_vendor:-$vendor}" >>$specfile pp_rpm_label "Packager" "$pp_rpm_packager" >>$specfile pp_rpm_label "Provides" "$pp_rpm_provides" >>$specfile - pp_rpm_label "Requires" "$pp_rpm_requires" >>$specfile test -n "$pp_rpm_serial" && pp_warn "pp_rpm_serial deprecated" if test -n "$pp_rpm_epoch"; then @@ -6294,6 +6313,8 @@ # Generated by PolyPackage ${pp_version} # ${copyright} + prog="`echo $cmd | sed -e 's: .*::' -e 's:^.*/::'`" + . if test x"${svc_description}" = x"${pp_rpm_default_svc_description}"; then @@ -6357,22 +6378,38 @@ #-- delivers signal $1 to the pidfile # returns 0=success 1=failure pp_signal () { - if test -r "$pidfile"; then - read pid < $pidfile + if test -s "$pidfile"; then + read pid < "$pidfile" 2>/dev/null kill "$@" "$pid" 2>/dev/null else return 1 fi } + #-- verifies that ${svc_name} is running + # returns 0=success 1=failure + pp_running () { + if test -s "$pidfile"; then + read pid < "$pidfile" 2>/dev/null + if test ${pid:-0} -gt 1 && kill -0 "$pid" 2>/dev/null; then + # make sure name matches + pid="`ps -p $pid 2>/dev/null | sed -n \"s/^ *\($pid\) .*$prog *$/\1/p\"`" + if test -n "$pid"; then + return 0 + fi + fi + fi + return 1 + } + #-- prints information about the service status # returns 0=running 1=crashed 3=stopped pp_status () { pp_msg "Checking for ${svc_name}" - if pp_signal -0; then + if pp_running; then pp_success_msg "running" return 0 - elif test -r "$pidfile"; then + elif test -s "$pidfile"; then pp_failure_msg "not running (crashed)" return 1 else diff -urNa sudo-1.7.10p8/sudo.pp sudo-1.7.10p9/sudo.pp --- sudo-1.7.10p8/sudo.pp Fri Mar 1 09:08:30 2013 +++ sudo-1.7.10p9/sudo.pp Tue Feb 10 10:09:58 2015 @@ -84,7 +84,7 @@ %if [rpm] # Add distro info to release - osrelease=`echo "$pp_rpm_distro" | sed -e 's/^[^0-9]*//' -e 's/-.*$//'` + osrelease=`echo "$pp_rpm_distro" | sed -e 's/^[^0-9]*\([0-9]\{1,2\}\).*/\1/'` case "$pp_rpm_distro" in centos*|rhel*) pp_rpm_release="$pp_rpm_release.el${osrelease%%[0-9]}" @@ -285,14 +285,14 @@ %endif %files [!aix] - $sudoedit_man 0644 symlink,ignore-others $sudoedit_man_target $mandir/man*/* 0644 + $sudoedit_man 0644 symlink,ignore-others $sudoedit_man_target %files [aix] # Some versions use catpages, some use manpages. - $sudoedit_man 0644 symlink,ignore-others $sudoedit_man_target $mandir/cat*/* 0644 optional $mandir/man*/* 0644 optional + $sudoedit_man 0644 symlink,ignore-others $sudoedit_man_target %pre [aix] if rpm -q %{name} >/dev/null 2>&1; then diff -urNa sudo-1.7.10p8/sudoers.cat sudo-1.7.10p9/sudoers.cat --- sudo-1.7.10p8/sudoers.cat Wed Mar 5 06:53:12 2014 +++ sudo-1.7.10p9/sudoers.cat Tue Feb 10 10:09:58 2015 @@ -1,4 +1,4 @@ -SUDOERS(4) Programmer's Manual SUDOERS(4) +SUDOERS(4) File Formats Manual SUDOERS(4) NNAAMMEE ssuuddooeerrss - list of which users may execute what @@ -102,11 +102,11 @@ implementation. For instance, the QAS AD backend supports the following formats: - oo Group in the same domain: "%:Group Name" + ++oo Group in the same domain: "%:Group Name" - oo Group in any domain: "%:Group Name@FULLY.QUALIFIED.DOMAIN" + ++oo Group in any domain: "%:Group Name@FULLY.QUALIFIED.DOMAIN" - oo Group SID: "%:S-1-2-34-5678901234-5678901234-5678901234-567" + ++oo Group SID: "%:S-1-2-34-5678901234-5678901234-5678901234-567" Note that quotes around group names are optional. Unquoted strings must use a backslash (`\') to escape spaces and special characters. See _O_t_h_e_r @@ -1185,20 +1185,36 @@ LLiissttss tthhaatt ccaann bbee uusseedd iinn aa bboooolleeaann ccoonntteexxtt: env_check Environment variables to be removed from the user's - environment if the variable's value contains `%' or `/' - characters. This can be used to guard against printf- - style format vulnerabilities in poorly-written - programs. The argument may be a double-quoted, space- - separated list or a single value without double-quotes. - The list can be replaced, added to, deleted from, or - disabled by using the =, +=, -=, and ! operators - respectively. Regardless of whether the env_reset - option is enabled or disabled, variables specified by - env_check will be preserved in the environment if they - pass the aforementioned check. The default list of - environment variables to check is displayed when ssuuddoo - is run by root with the --VV option. + environment unless they are considered ``safe''. For + all variables except Li TZ , ``safe'' means that the + variable's value does not contain any the variable's + value contains `%' or `/' characters. This can be used + to guard against printf-style format vulnerabilities in + poorly-written programs. The TZ variable is considerd + unsafe if any of the following are true: + ++oo It consists of a fully-qualified path name that + does not match the location of the _z_o_n_e_i_n_f_o + directory. + + ++oo It contains a _._. path element. + + ++oo It contains white space or non-printable + characters. + + ++oo It is longer than the value of PATH_MAX. + + The argument may be a double-quoted, space-separated + list or a single value without double-quotes. The list + can be replaced, added to, deleted from, or disabled by + using the =, +=, -=, and ! operators respectively. + Regardless of whether the env_reset option is enabled + or disabled, variables specified by env_check will be + preserved in the environment if they pass the + aforementioned check. The default list of environment + variables to check is displayed when ssuuddoo is run by + root with the --VV option. + env_delete Environment variables to be removed from the user's environment when the _e_n_v___r_e_s_e_t option is not in effect. The argument may be a double-quoted, space-separated @@ -1535,4 +1551,4 @@ file distributed with ssuuddoo or http://www.sudo.ws/sudo/license.html for complete details. -Sudo 1.7.10 March 1, 2014 Sudo 1.7.10 +Sudo 1.7.10p8 February 9, 2015 Sudo 1.7.10p8 diff -urNa sudo-1.7.10p8/sudoers.man.in sudo-1.7.10p9/sudoers.man.in --- sudo-1.7.10p8/sudoers.man.in Thu Nov 7 14:45:51 2013 +++ sudo-1.7.10p9/sudoers.man.in Tue Feb 10 10:09:58 2015 @@ -1,7 +1,7 @@ .\" DO NOT EDIT THIS FILE, IT IS NOT THE MASTER! .\" IT IS GENERATED AUTOMATICALLY FROM sudoers.mdoc.in .\" -.\" Copyright (c) 1994-1996, 1998-2005, 2007-2012 +.\" Copyright (c) 1994-1996, 1998-2005, 2007-2014 .\" Todd C. Miller .\" .\" Permission to use, copy, modify, and distribute this software for any @@ -21,7 +21,7 @@ .\" Agency (DARPA) and Air Force Research Laboratory, Air Force .\" Materiel Command, USAF, under agreement number F39502-99-1-0512. .\" -.TH "SUDOERS" "@mansectsu@" "July 16, 2012" "Sudo @PACKAGE_VERSION@" "Programmer's Manual" +.TH "SUDOERS" "5" "February 9, 2015" "Sudo @PACKAGE_VERSION@" "File Formats Manual" .nh .if n .ad l .SH "NAME" @@ -60,7 +60,7 @@ operators, which many readers will recognize from regular expressions. Do not, however, confuse them with -``wildcard'' +\(lqwildcard\(rq characters, which have different meanings. .TP 6n \fR\&?\fR @@ -129,7 +129,7 @@ \fRNAME\fR is a string of uppercase letters, numbers, and underscore characters -(`_'). +(\(oq_\(cq). A \fRNAME\fR \fBmust\fR @@ -137,7 +137,7 @@ uppercase letter. It is possible to put several alias definitions of the same type on a single line, joined by a colon -(`:\&'). +(\(oq:\&\(cq). E.g., .nf .sp @@ -170,24 +170,24 @@ \fRUser_List\fR is made up of one or more user names, user ids (prefixed with -`#'), +\(oq#\(cq), system group names and ids (prefixed with -`%' +\(oq%\(cq and -`%#' +\(oq%#\(cq respectively), netgroups (prefixed with -`+'), +\(oq+\(cq), non-Unix group names and IDs (prefixed with -`%:' +\(oq%:\(cq and -`%:#' +\(oq%:#\(cq respectively) and \fRUser_Alias\fRes. Each list item may be prefixed with zero or more -`\&!' +\(oq\&!\(cq operators. An odd number of -`\&!' +\(oq\&!\(cq operators negate the value of the item; an even number just cancel each other out. .PP @@ -216,18 +216,18 @@ the underlying implementation. For instance, the QAS AD backend supports the following formats: .TP 6n -\fBo\fR +\fB\(bu\fR Group in the same domain: "%:Group Name" .TP 6n -\fBo\fR +\fB\(bu\fR Group in any domain: "%:Group Name@FULLY.QUALIFIED.DOMAIN" .TP 6n -\fBo\fR +\fB\(bu\fR Group SID: "%:S-1-2-34-5678901234-5678901234-5678901234-567" .PP Note that quotes around group names are optional. Unquoted strings must use a backslash -(`\e') +(\(oq\e\(cq) to escape spaces and special characters. See \fIOther special characters and reserved words\fR @@ -283,10 +283,10 @@ \fRHost_List\fR is made up of one or more host names, IP addresses, network numbers, netgroups (prefixed with -`+') +\(oq+\(cq) and other aliases. Again, the value of an item may be negated with the -`\&!' +\(oq\&!\(cq operator. If you do not specify a netmask along with the network number, \fBsudo\fR @@ -311,7 +311,7 @@ only inspects actual network interfaces; this means that IP address 127.0.0.1 (localhost) will never match. Also, the host name -``localhost'' +\(lqlocalhost\(rq will only match if that is the actual host name, which is usually only the case for non-networked systems. .nf @@ -350,7 +350,7 @@ command line arguments. A directory is a fully qualified path name ending in a -`/'. +\(oq/\(cq. When you specify a directory in a \fRCmnd_List\fR, the user will be able to run any file within that directory @@ -364,14 +364,14 @@ must match exactly those given by the user on the command line (or match the wildcards if there are any). Note that the following characters must be escaped with a -`\e' +\(oq\e\(cq if they are used in command arguments: -`,\&', -`:\&', -`=\&', -`\e'. +\(oq,\&\(cq, +\(oq:\&\(cq, +\(oq=\&\(cq, +\(oq\e\(cq. The special command -``\fRsudoedit\fR'' +\(lq\fRsudoedit\fR\(rq is used to permit a user to run \fBsudo\fR with the @@ -420,7 +420,7 @@ or \fBlists\fR. Flags are implicitly boolean and can be turned off via the -`\&!' +\(oq\&!\(cq operator. Some integer, string and list parameters may also be used in a boolean context to disable them. @@ -429,7 +429,7 @@ (\&"") when they contain multiple words. Special characters may be escaped with a backslash -(`\e'). +(\(oq\e\(cq). .PP Lists have two additional assignment operators, \fR+=\fR @@ -479,7 +479,7 @@ but this can be changed on a per-command basis. .PP The basic structure of a user specification is -``who where = (as_whom) what''. +\(lqwho where = (as_whom) what\(rq. Let's break that down into its constituent parts: .SS "Runas_Spec" A @@ -491,7 +491,7 @@ consists of two \fRRunas_List\fRs (as defined above) separated by a colon -(`:\&') +(\(oq:\&\(cq) and enclosed in a set of parentheses. The first \fRRunas_List\fR @@ -756,10 +756,10 @@ \fRNOPASSWD\fR tag is applied to any of the entries for a user on the current host, he or she will be able to run -``\fRsudo -l\fR'' +\(lq\fRsudo -l\fR\(rq without a password. Additionally, a user may only run -``\fRsudo -v\fR'' +\(lq\fRsudo -v\fR\(rq without a password if the \fRNOPASSWD\fR tag is present for all a user's entries that pertain to the current host. @@ -882,15 +882,15 @@ .TP 10n \fR\ex\fR For any character -`x', +\(oqx\(cq, evaluates to -`x'. +\(oqx\(cq. This is used to escape special characters such as: -`*', -`\&?', -`[\&', +\(oq*\(cq, +\(oq\&?\(cq, +\(oq[\&\(cq, and -`]\&'. +\(oq]\&\(cq. .PP POSIX character classes may also be used if your system's glob(3) @@ -898,7 +898,7 @@ fnmatch(3) functions support them. However, because the -`:\&' +\(oq:\&\(cq character has special meaning in \fIsudoers\fR, it must be @@ -907,14 +907,14 @@ .nf .sp .RS 4n -/bin/ls [[\:alpha\:]]* +/bin/ls [[:\&alpha:\&]]* .RE .fi .PP Would match any file name beginning with a letter. .PP Note that a forward slash -(`/') +(\(oq/\(cq) will \fBnot\fR be matched by @@ -940,9 +940,9 @@ Wildcards in command line arguments should be used with care. Because command line arguments are matched as a single, concatenated string, a wildcard such as -`\&?' +\(oq\&?\(cq or -`*' +\(oq*\(cq can match multiple words. For example, while a sudoers entry like: .nf @@ -985,7 +985,7 @@ Command line arguments to the \fIsudoedit\fR built-in command should always be path names, so a forward slash -(`/') +(\(oq/\(cq) will not be matched by a wildcard. .SS "Including other files from within sudoers" It is possible to include other @@ -1038,7 +1038,7 @@ .PP If the path to the include file is not fully-qualified (does not begin with a -`/', +\(oq/\(cq, it must be located in the same directory as the sudoers file it was included from. For example, if @@ -1058,7 +1058,7 @@ \fR%h\fR escape, signifying the short form of the host name. In other words, if the machine's host name is -``xerxes'', +\(lqxerxes\(rq, then .nf .sp @@ -1092,9 +1092,9 @@ will read each file in \fI/etc/sudoers.d\fR, skipping file names that end in -`~' +\(oq~\(cq or contain a -`.\&' +\(oq.\&\(cq character to avoid causing problems with package manager or editor temporary/backup files. Files are parsed in sorted lexical order. @@ -1123,7 +1123,7 @@ flag to edit the files directly. .SS "Other special characters and reserved words" The pound sign -(`#') +(\(oq#\(cq) is used to indicate a comment (unless it is part of a #include directive or unless it occurs in the context of a user name and is followed by one or more digits, in which case it is treated as a @@ -1154,7 +1154,7 @@ command on the system. .PP An exclamation point -(`\&!') +(\(oq\&!\(cq) can be used as a logical \fInot\fR operator both in an @@ -1163,38 +1163,38 @@ \fRCmnd\fR. This allows one to exclude certain values. Note, however, that using a -`\&!' +\(oq\&!\(cq in conjunction with the built-in \fBALL\fR alias to allow a user to run -``all but a few'' +\(lqall but a few\(rq commands rarely works as intended (see \fISECURITY NOTES\fR below). .PP Long lines can be continued with a backslash -(`\e') +(\(oq\e\(cq) as the last character on the line. .PP White space between elements in a list as well as special syntactic characters in a \fIUser Specification\fR -(`=\&', -`:\&', -`(\&', -`)\&') +(\(oq=\&\(cq, +\(oq:\&\(cq, +\(oq(\&\(cq, +\(oq)\&\(cq) is optional. .PP The following characters must be escaped with a backslash -(`\e') +(\(oq\e\(cq) when used as part of a word (e.g.\& a user name or host name): -`\&!', -`=\&', -`:\&', -`,\&', -`(\&', -`)\&', -`\e'. +\(oq\&!\(cq, +\(oq=\&\(cq, +\(oq:\&\(cq, +\(oq,\&\(cq, +\(oq(\&\(cq, +\(oq)\&\(cq, +\(oq\e\(cq. .SH "SUDOERS OPTIONS" \fBsudo\fR's behavior can be modified by @@ -1364,7 +1364,7 @@ \fI../bin/ls\fR. This has security implications when path names that include globbing characters are used with the negation operator, -`!\&', +\(oq!\&\(cq, as such rules can be trivially bypassed. As such, this option should not be used when \fIsudoers\fR @@ -1383,7 +1383,7 @@ In other words, instead of myhost you would use myhost.mydomain.edu. You may still use the short form if you wish (and even mix the two). This option is only effective when the -``canonical'' +\(lqcanonical\(rq host name, as returned by the \fBgetaddrinfo\fR() or @@ -1395,9 +1395,9 @@ If the system is configured to use the \fI/etc/hosts\fR file in preference to DNS, the -``canonical'' +\(lqcanonical\(rq host name may not be fully-qualified. -The order that sources are queried for hosts name resolution +The order that sources are queried for host name resolution is usually specified in the \fI@nsswitch_conf@\fR, \fI@netsvc_conf@\fR, @@ -1408,18 +1408,19 @@ In the \fI/etc/hosts\fR file, the first host name of the entry is considered to be the -``canonical'' +\(lqcanonical\(rq name; subsequent names are aliases that are not used by \fBsudoers\fR. For example, the following hosts file line for the machine -``xyzzy'' +\(lqxyzzy\(rq has the fully-qualified domain name as the -``canonical'' +\(lqcanonical\(rq host name, and the short version as an alias. .sp -.RS 6n +.RS 24n 192.168.1.1 xyzzy.sudo.ws xyzzy .RE +.RS 18n .sp If the machine's hosts file entry is not formatted properly, the \fIfqdn\fR @@ -1434,7 +1435,7 @@ unusable if DNS stops working (for example if the machine is disconnected from the network). Also note that just like with the hosts file, you must use the -``canonical'' +\(lqcanonical\(rq name as DNS knows it. That is, you may not use a host alias (\fRCNAME\fR @@ -1445,6 +1446,7 @@ This flag is \fI@fqdn@\fR by default. +.RE .TP 18n ignore_dot If set, @@ -1513,7 +1515,7 @@ using a unique session ID that is included in the normal \fBsudo\fR log line, prefixed with -``\fRTSID=\fR''. +\(lq\fRTSID=\fR\(rq. .sp Note that user input may contain sensitive information such as passwords (even if they are not echoed to the screen), which will @@ -1543,7 +1545,7 @@ using a unique session ID that is included in the normal \fBsudo\fR log line, prefixed with -``\fRTSID=\fR''. +\(lq\fRTSID=\fR\(rq. .sp Output logs may be viewed with the sudoreplay(@mansectsu@) @@ -1669,7 +1671,7 @@ \fIpassprompt\fR will normally only be used if the password prompt provided by systems such as PAM matches the string -``Password:''. +\(lqPassword:\(rq. If \fIpassprompt_override\fR is set, @@ -1729,10 +1731,10 @@ \fBsudo\fR too. Disabling this prevents users from -``chaining'' +\(lqchaining\(rq \fBsudo\fR commands to get a root shell by doing something like -``\fRsudo sudo /bin/sh\fR''. +\(lq\fRsudo sudo /bin/sh\fR\(rq. Note, however, that turning off \fIroot_sudo\fR will also prevent root from running @@ -1961,7 +1963,7 @@ \fBsudo\fR will prompt for a password even when it would be visible on the screen. This makes it possible to run things like -``\fRssh somehost sudo ls\fR'' +\(lq\fRssh somehost sudo ls\fR\(rq since by default, ssh(1) does @@ -2031,9 +2033,9 @@ \fR0\fR the user's time stamp will never expire. This can be used to allow users to create or delete their own time stamps via -``\fRsudo -v\fR'' +\(lq\fRsudo -v\fR\(rq and -``\fRsudo -k\fR'' +\(lq\fRsudo -k\fR\(rq respectively. .TP 18n umask @@ -2062,7 +2064,7 @@ .TP 18n editor A colon -(`:\&') +(\(oq:\&\(cq) separated list of editors allowed to be used with \fBvisudo\fR. \fBvisudo\fR @@ -2094,7 +2096,7 @@ \fR%h\fR will expand to the host name of the machine. Default is -``\fR@mailsub@\fR''. +\(lq\fR@mailsub@\fR\(rq. .TP 18n noexec_file The @@ -2121,15 +2123,18 @@ \fRSUDO_PROMPT\fR environment variable. The following percent -(`%') +(\(oq%\(cq) escape sequences are supported: -.RS +.PP +.RS 18n +.PD 0 .TP 6n \fR%H\fR expanded to the local host name including the domain name (only if the machine's host name is fully qualified or the \fIfqdn\fR option is set) +.PD .TP 6n \fR%h\fR expanded to the local host name without the domain name @@ -2158,10 +2163,8 @@ character .PP The default value is -``\fR@passprompt@\fR''. -.PP +\(lq\fR@passprompt@\fR\(rq. .RE -.PD 0 .TP 18n role The default SELinux role to use when constructing a new security @@ -2172,7 +2175,6 @@ This option is only available when \fBsudo\fR is built with SELinux support. -.PD .TP 18n runas_default The default user to run commands as if the @@ -2211,7 +2213,7 @@ sending email. Note that changing the locale may affect how sudoers is interpreted. Defaults to -``\fRC\fR''. +\(lq\fRC\fR\(rq. .TP 18n timestampdir The directory in which @@ -2261,9 +2263,9 @@ option specifies the fully qualified path to a file containing variables to be set in the environment of the program being run. Entries in this file should either be of the form -``\fRVARIABLE=value\fR'' +\(lq\fRVARIABLE=value\fR\(rq or -``\fRexport VARIABLE=value\fR''. +\(lq\fRexport VARIABLE=value\fR\(rq. The value may optionally be surrounded by single or double quotes. Variables in this file are subject to other \fBsudo\fR @@ -2283,10 +2285,13 @@ This option controls when a short lecture will be printed along with the password prompt. It has the following possible values: -.RS +.PP +.RS 14n +.PD 0 .TP 8n always Always lecture the user. +.PD .TP 8n never Never lecture the user. @@ -2303,9 +2308,7 @@ being used. The default value is \fI@lecture@\fR. -.PP .RE -.PD 0 .TP 14n lecture_file Path to a file containing an alternate @@ -2315,7 +2318,6 @@ By default, \fBsudo\fR uses a built-in lecture. -.PD .TP 14n listpw This option controls when a password will be required when a user runs @@ -2324,7 +2326,9 @@ \fB\-l\fR option. It has the following possible values: -.RS +.PP +.RS 14n +.PD 0 .TP 10n all All the user's @@ -2333,6 +2337,7 @@ the \fRNOPASSWD\fR flag set to avoid entering a password. +.PD .TP 10n always The user must always enter a password to use the @@ -2360,9 +2365,7 @@ being used. The default value is \fIany\fR. -.PP .RE -.PD 0 .TP 14n logfile Path to the @@ -2373,7 +2376,6 @@ By default, \fBsudo\fR logs via syslog. -.PD .TP 14n mailerflags Flags to use when invoking mailer. Defaults to @@ -2385,7 +2387,7 @@ .TP 14n mailfrom Address to use for the -``from'' +\(lqfrom\(rq address when sending warning and error mail. The address should be enclosed in double quotes (\&"") @@ -2419,9 +2421,9 @@ \fRPATH\fR environment variable you may want to use this. Another use is if you want to have the -``root path'' +\(lqroot path\(rq be separate from the -``user path''. +\(lquser path\(rq. Users in the group specified by the \fIexempt_group\fR option are not affected by @@ -2458,7 +2460,9 @@ \fB\-v\fR option. It has the following possible values: -.RS +.PP +.RS 14n +.PD 0 .TP 8n all All the user's @@ -2466,6 +2470,7 @@ entries for the current host must have the \fRNOPASSWD\fR flag set to avoid entering a password. +.PD .TP 8n always The user must always enter a password to use the @@ -2497,14 +2502,46 @@ \fBLists that can be used in a boolean context\fR: .TP 18n env_check -Environment variables to be removed from the user's environment if +Environment variables to be removed from the user's environment +unless they are considered +\(lqsafe\(rq. +For all variables except +Li TZ , +\(lqsafe\(rq +means that the variable's value does not contain any the variable's value contains -`%' +\(oq%\(cq or -`/' +\(oq/\(cq characters. This can be used to guard against printf-style format vulnerabilities in poorly-written programs. +The +\fRTZ\fR +variable is considerd unsafe if any of the following are true: +.PP +.RS 18n +.PD 0 +.TP 4n +\fB\(bu\fR +It consists of a fully-qualified path name that does not match +the location of the +\fIzoneinfo\fR +directory. +.PD +.TP 4n +\fB\(bu\fR +It contains a +\fI..\fR +path element. +.TP 4n +\fB\(bu\fR +It contains white space or non-printable characters. +.TP 4n +\fB\(bu\fR +It is longer than the value of +\fRPATH_MAX\fR. +.PP The argument may be a double-quoted, space-separated list or a single value without double-quotes. The list can be replaced, added to, deleted from, or disabled by using @@ -2526,6 +2563,7 @@ the \fB\-V\fR option. +.RE .TP 18n env_delete Environment variables to be removed from the user's environment when the @@ -2850,9 +2888,9 @@ netgroup. \fBsudo\fR knows that -``biglab'' +\(lqbiglab\(rq is a netgroup due to the -`+' +\(oq+\(cq prefix. .nf .sp @@ -2978,13 +3016,13 @@ This is a bit tedious for users to type, so it is a prime candidate for encapsulating in a shell script. .SH "SECURITY NOTES" -.SS "Limitations of the `!\&' operator" +.SS "Limitations of the \(oq!\&\(cq operator" It is generally not effective to -``subtract'' +\(lqsubtract\(rq commands from \fBALL\fR using the -`!\&' +\(oq!\&\(cq operator. A user can trivially circumvent this by copying the desired command to a different name and then executing that. @@ -3011,7 +3049,7 @@ \fBALL\fR there is nothing to prevent them from creating their own program that gives them a root shell (or making their own copy of a shell) regardless of any -`!\&' +\(oq!\&\(cq elements in the user specification. .SS "Security implications of \fIfast_glob\fR" If the @@ -3115,13 +3153,13 @@ tag as documented in the User Specification section above. Here is that example again: -.RS .nf .sp -.RS 0n +.RS 10n aaron shanty = NOEXEC: /usr/bin/more, /usr/bin/vi .RE .fi +.RS 10n .sp This allows user \fBaaron\fR @@ -3195,7 +3233,7 @@ .SH "DISCLAIMER" \fBsudo\fR is provided -``AS IS'' +\(lqAS IS\(rq and any express or implied warranties, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose are disclaimed. diff -urNa sudo-1.7.10p8/sudoers.mdoc.in sudo-1.7.10p9/sudoers.mdoc.in --- sudo-1.7.10p8/sudoers.mdoc.in Wed Mar 5 06:06:27 2014 +++ sudo-1.7.10p9/sudoers.mdoc.in Tue Feb 10 10:09:58 2015 @@ -19,7 +19,7 @@ .\" Agency (DARPA) and Air Force Research Laboratory, Air Force .\" Materiel Command, USAF, under agreement number F39502-99-1-0512. .\" -.Dd March 1, 2014 +.Dd February 9, 2015 .Dt SUDOERS @mansectform@ .Os Sudo @PACKAGE_VERSION@ .Sh NAME @@ -2318,7 +2318,13 @@ .Sy Lists that can be used in a boolean context : .Bl -tag -width 16n .It env_check -Environment variables to be removed from the user's environment if +Environment variables to be removed from the user's environment +unless they are considered +.Dq safe . +For all variables except +Li TZ , +.Dq safe +means that the variable's value does not contain any the variable's value contains .Ql % or @@ -2326,6 +2332,26 @@ characters. This can be used to guard against printf-style format vulnerabilities in poorly-written programs. +The +.Li TZ +variable is considerd unsafe if any of the following are true: +.Bl -bullet +.It +It consists of a fully-qualified path name that does not match +the location of the +.Pa zoneinfo +directory. +.It +It contains a +.Pa .. +path element. +.It +It contains white space or non-printable characters. +.It +It is longer than the value of +.Li PATH_MAX . +.El +.Pp The argument may be a double-quoted, space-separated list or a single value without double-quotes. The list can be replaced, added to, deleted from, or disabled by using