From ca111d6e8c2bcd05d7f84ea8c3a83655f082b729 Mon Sep 17 00:00:00 2001 From: Marc Schoolderman Date: Fri, 26 Sep 2025 21:08:23 +0200 Subject: [PATCH 1/3] update changelog --- CHANGELOG.md | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 81c425ccd..4b7993caf 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,26 @@ # Changelog +## [0.2.9] - 2025-10-3 + +### Added +- `SUDO_HOME` variable will now be set to the invoking user's home directory + +### Changed +- `Defaults noninteractive_auth` now controls whether PAM authentication + modules are allowed to attempt authentication when `sudo --non-interactive` is + being used (new default: off). Previous versions had this as always-on + to allow fully automatic authentication methods to succeed. + +### Fixed +- Two bugs in managing the PTY connected to the child process that negatively + impacted interactive usability (#1130, #1264) +- `visudo --help` showed command flags that were removed (#1239) +- Format flags in `SUDO_PROMPT` were not expanded (#1252) +- `sudo` would abort with an unhandled exception instead if an attempt was + was made to match a "netgroup", instead of ignoring these (#1262) +- A few tokenizer errors in /etc/sudoers processing (#1273, #1274, #1283) +- Some formatting mistakes in the man pages (#1285) + ## [0.2.8] - 2025-08-04 ### Added From 7f4f365620d2781ae0b8810c1b0915ed35b4317c Mon Sep 17 00:00:00 2001 From: Marc Schoolderman Date: Fri, 3 Oct 2025 14:14:43 +0200 Subject: [PATCH 2/3] bump version numbers and gen man pages --- CHANGELOG.md | 2 +- Cargo.lock | 2 +- Cargo.toml | 2 +- README.md | 4 ++-- docs/man/su.1.man | 2 +- docs/man/su.1.md | 2 +- docs/man/sudo.8.man | 2 +- docs/man/sudo.8.md | 2 +- docs/man/sudoers.5.man | 12 +++++++++++- docs/man/sudoers.5.md | 2 +- docs/man/visudo.8.man | 2 +- docs/man/visudo.8.md | 2 +- 12 files changed, 23 insertions(+), 13 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4b7993caf..7de228b09 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,6 @@ # Changelog -## [0.2.9] - 2025-10-3 +## [0.2.9] - 2025-10-03 ### Added - `SUDO_HOME` variable will now be set to the invoking user's home directory diff --git a/Cargo.lock b/Cargo.lock index 46287ccd9..02feb1f7a 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -38,7 +38,7 @@ dependencies = [ [[package]] name = "sudo-rs" -version = "0.2.8" +version = "0.2.9" dependencies = [ "glob", "libc", diff --git a/Cargo.toml b/Cargo.toml index f0c5f0251..b776d80cd 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,7 +1,7 @@ [package] name = "sudo-rs" description = "A memory safe implementation of sudo and su." -version = "0.2.8" +version = "0.2.9" license = "Apache-2.0 OR MIT" edition = "2021" repository = "https://github.com/trifectatechfoundation/sudo-rs" diff --git a/README.md b/README.md index d7458074f..cbd8bd037 100644 --- a/README.md +++ b/README.md @@ -99,11 +99,11 @@ We currently only offer these for x86-64 Linux systems. We recommend installing sudo-rs and su-rs in your `/usr/local` hierarchy so it does not affect the integrity of the package manager of your Linux distribution. You can achieve this using the commands: ```sh -sudo tar -C /usr/local -xvf sudo-0.2.8.tar.gz +sudo tar -C /usr/local -xvf sudo-0.2.9.tar.gz ``` and for su-rs: ```sh -sudo tar -C /usr/local -xvf su-0.2.8.tar.gz +sudo tar -C /usr/local -xvf su-0.2.9.tar.gz ``` This will install sudo-rs and su-rs in `/usr/local/bin` using the usual commands `sudo`, `visudo`, `sudoedit` and `su`. Please double check that in your default `PATH`, the folders `/usr/local/bin` and `/usr/local/sbin` have priority over `/usr/bin` and `/usr/sbin`. diff --git a/docs/man/su.1.man b/docs/man/su.1.man index 423cb3e48..c8095e1cf 100644 --- a/docs/man/su.1.man +++ b/docs/man/su.1.man @@ -1,6 +1,6 @@ .\" Automatically generated by Pandoc 3.6.3 .\" -.TH "SU" "1" "" "sudo\-rs 0.2.8" "sudo\-rs" +.TH "SU" "1" "" "sudo\-rs 0.2.9" "sudo\-rs" .SH NAME \f[CR]su\f[R] \- run a shell or command as another user .SH SYNOPSIS diff --git a/docs/man/su.1.md b/docs/man/su.1.md index 5eb7773e0..5d5bb2531 100644 --- a/docs/man/su.1.md +++ b/docs/man/su.1.md @@ -1,5 +1,5 @@ --- -title: SU(1) sudo-rs 0.2.8 | sudo-rs +title: SU(1) sudo-rs 0.2.9 | sudo-rs --- # NAME diff --git a/docs/man/sudo.8.man b/docs/man/sudo.8.man index 16f79d2b0..26d45ba97 100644 --- a/docs/man/sudo.8.man +++ b/docs/man/sudo.8.man @@ -1,6 +1,6 @@ .\" Automatically generated by Pandoc 3.6.3 .\" -.TH "SUDO" "8" "" "sudo\-rs 0.2.8" "sudo\-rs" +.TH "SUDO" "8" "" "sudo\-rs 0.2.9" "sudo\-rs" .SH NAME \f[CR]sudo\f[R], \f[CR]sudoedit\f[R] \- execute a command as another user diff --git a/docs/man/sudo.8.md b/docs/man/sudo.8.md index 809d79f26..40952b160 100644 --- a/docs/man/sudo.8.md +++ b/docs/man/sudo.8.md @@ -1,5 +1,5 @@ --- -title: SUDO(8) sudo-rs 0.2.8 | sudo-rs +title: SUDO(8) sudo-rs 0.2.9 | sudo-rs --- # NAME diff --git a/docs/man/sudoers.5.man b/docs/man/sudoers.5.man index 35ac8a1fb..8f1498263 100644 --- a/docs/man/sudoers.5.man +++ b/docs/man/sudoers.5.man @@ -1,6 +1,6 @@ .\" Automatically generated by Pandoc 3.6.3 .\" -.TH "SUDOERS" "5" "" "sudo\-rs 0.2.8" "sudo\-rs" +.TH "SUDOERS" "5" "" "sudo\-rs 0.2.9" "sudo\-rs" .SH NAME \f[CR]sudoers\f[R] \- sudo\-compatible security configuration .SH DESCRIPTION @@ -730,6 +730,16 @@ escapes section at the end of this manual. This flag is off by default. .RE .IP \[bu] 2 +noninteractive_auth If set, authentication will be attempted even in +non\-interactive mode (when sudo\[cq]s \-n option is specified). +This allows authentication methods that don\[cq]t require user +interaction to succeed. +Authentication methods that require input from the user\[cq]s terminal +will still fail. +If disabled, authentication will not be attempted in non\-interactive +mode. +This flag is off by default. +.IP \[bu] 2 env_editor .RS 2 .PP diff --git a/docs/man/sudoers.5.md b/docs/man/sudoers.5.md index a2d45dd9f..569a4d47f 100644 --- a/docs/man/sudoers.5.md +++ b/docs/man/sudoers.5.md @@ -1,5 +1,5 @@ --- -title: SUDOERS(5) sudo-rs 0.2.8 | sudo-rs +title: SUDOERS(5) sudo-rs 0.2.9 | sudo-rs --- # NAME diff --git a/docs/man/visudo.8.man b/docs/man/visudo.8.man index 3552ccbb6..72739d14f 100644 --- a/docs/man/visudo.8.man +++ b/docs/man/visudo.8.man @@ -1,6 +1,6 @@ .\" Automatically generated by Pandoc 3.6.3 .\" -.TH "VISUDO" "8" "" "sudo\-rs 0.2.8" "sudo\-rs" +.TH "VISUDO" "8" "" "sudo\-rs 0.2.9" "sudo\-rs" .SH NAME \f[CR]visudo\f[R] \- safely edit the sudoers file .SH SYNOPSIS diff --git a/docs/man/visudo.8.md b/docs/man/visudo.8.md index eb29dfbd2..5de6d3481 100644 --- a/docs/man/visudo.8.md +++ b/docs/man/visudo.8.md @@ -1,5 +1,5 @@ --- -title: VISUDO(8) sudo-rs 0.2.8 | sudo-rs +title: VISUDO(8) sudo-rs 0.2.9 | sudo-rs --- # NAME From a9e9ca02843e6da246b35f2f13eaffc63e7affb1 Mon Sep 17 00:00:00 2001 From: Marc Schoolderman Date: Fri, 3 Oct 2025 14:14:51 +0200 Subject: [PATCH 3/3] cargo update --- Cargo.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 02feb1f7a..1be244ce2 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -10,21 +10,21 @@ checksum = "56254986775e3233ffa9c4d7d3faaf6d36a2c09d30b20687e9f88bc8bafc16c8" [[package]] name = "glob" -version = "0.3.2" +version = "0.3.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a8d1add55171497b4705a648c6b583acafb01d58050a51727785f0b2c8e0a2b2" +checksum = "0cc23270f6e1808e30a928bdc84dea0b9b4136a8bc82338574f23baf47bbd280" [[package]] name = "libc" -version = "0.2.174" +version = "0.2.176" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1171693293099992e19cddea4e8b849964e9846f4acee11b3948bcc337be8776" +checksum = "58f929b4d672ea937a23a1ab494143d968337a5f47e56d0815df1e0890ddf174" [[package]] name = "log" -version = "0.4.27" +version = "0.4.28" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "13dc2df351e3202783a1fe0d44375f7295ffb4049267b0f3018346dc122a1d94" +checksum = "34080505efa8e45a4b816c349525ebe327ceaa8559756f0356cba97ef3bf7432" [[package]] name = "pretty_assertions"