Sudo (su "do") allows a system administrator to give certain users (or groups of users) the ability to run some (or all) commands as root while logging all commands and arguments. Sudo operates on a per-command basis, it is not a replacement for the shell.
|Licenses||BSD Original BSD Revised|
Release Notes: A new time stamp file format that uses the monotonic clock where available was introduced. This prevents clock changes from affecting how the time stamp file is interpreted.
Release Notes: This release fixes a crash in the monitor process on Solaris when NOPASSWD was specified or when authentication was disabled. It also fixes matching of a Runas_Alias in the group section of a Runas_Spec.
Release Notes: This release adds Esperanto, Italian, and Japanese translations and fixes for the following bugs: time escapes in "log_dir" were broken; IP address/netmask matching only worked for the first address in a net block; NOPASSWD was ignored for denied commands; the DEREF setting in ldap.conf was ignored; a crash in the utmp code; PAM session open/close was done as different users; SSL/TLS LDAP did not work on Debian; and the LOGNAME, USER, and USERNAME environment variables were not preserved in sudoedit mode. visudo no longer assumes all editors support the +linenumber command line argument.
Release Notes: A bug where sudo could spin in a busy loop waiting for the child process was fixed. A bug introduced in sudo 1.7.3 that prevented the -k and -K options from functioning when the tty_tickets sudoers option is enabled was fixed. Sudo no longer prints a warning when the -k or -K options are specified and the ticket file does not exist.
Release Notes: Sudoedit will now preserve the file extension in the name of the temporary file being edited. The extension is used by some editors (such as emacs) to choose the editing mode. The HOME and MAIL environment variables are now reset based on the target user's password database entry when the env_reset sudoers option is enabled. The tty_tickets option is now on by default. If PAM is in use, sudo will wait until the process has finished before closing the PAM session. "sudo -i -u user" has been fixed in cases where user has no shell listed in the password database.