This patch will upgrade Sudo version 1.8.1 to Sudo version 1.8.1 patchlevel 1. To apply: $ cd sudo-1.8.1 $ patch -p1 < sudo-1.8.1p1.patch diff -urNa sudo-1.8.1/ChangeLog sudo-1.8.1p1/ChangeLog --- sudo-1.8.1/ChangeLog Sat Apr 9 11:17:45 2011 +++ sudo-1.8.1p1/ChangeLog Fri Apr 15 21:50:56 2011 @@ -1,11 +1,52 @@ +2011-04-15 Todd C. Miller + + * Work around weird AIX saved uid semantics on setuid() and + setreuid(). On AIX, setuid() will only set the saved uid if the euid + is already 0. + [5d0a69e9d181] [tip] <1.8> + +2011-04-14 Todd C. Miller + + * update copyright year + [fa8da6d55783] <1.8> + + * Treat a missing includedir like an empty one and do not return an + error. + [5fd9fe004728] <1.8> + +2011-04-12 Todd C. Miller + + * Fix ARCH setting in cross-compile Solaris packages. + [8ce40940f6c9] <1.8> + + * Fix aix version setting. + [02a9e25d46ba] <1.8> + + * Remove extraneous parens in LDAP filter when sudoers_search_filter + is enabled that causes a search error. From Matthew Thomas. + [b67be9b51ec6] <1.8> + +2011-04-11 Todd C. Miller + + * Correct sizeof() to fix test failure. + [a11b89fd13f9] <1.8> + + * "install" target should depend on "install-dirs". Fixes "make -j" + problem and closes bz #487. From Chris Coleman. + [06ab0558f848] <1.8> + 2011-04-09 Todd C. Miller + * .hgtags: + Added tag SUDO_1_8_1 for changeset 0ed6281995f0 + [543d41a163e9] <1.8> + * doc/sudo.cat, doc/sudo.man.in, doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudoers.cat, doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in, doc/sudoers.man.in, doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/visudo.cat, doc/visudo.man.in: Regen man pages for 1.8.1 - [0ed6281995f0] [tip] <1.8> + [0ed6281995f0] [SUDO_1_8_1] <1.8> 2011-04-07 Todd C. Miller diff -urNa sudo-1.8.1/NEWS sudo-1.8.1p1/NEWS --- sudo-1.8.1/NEWS Wed Apr 6 17:57:40 2011 +++ sudo-1.8.1p1/NEWS Fri Apr 15 21:50:08 2011 @@ -1,3 +1,16 @@ +What's new in Sudo 1.8.1p1? + + * Fixed a problem on AIX where sudo was unable to set the final + uid if the PAM module modified the effective uid. + + * A non-existent includedir is now treated the same as an empty + directory and not reported as an error. + + * Removed extraneous parens in LDAP filter when sudoers_search_filter + is enabled that can cause an LDAP search error. + + * Fixed a "make -j" problem for "make install". + What's new in Sudo 1.8.1? * A new LDAP setting, sudoers_search_filter, has been added to diff -urNa sudo-1.8.1/configure sudo-1.8.1p1/configure --- sudo-1.8.1/configure Sat Apr 9 10:46:16 2011 +++ sudo-1.8.1p1/configure Fri Apr 15 14:41:59 2011 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.65 for sudo 1.8.1. +# Generated by GNU Autoconf 2.65 for sudo 1.8.1p1. # # Report bugs to . # @@ -562,8 +562,8 @@ # Identity of this package. PACKAGE_NAME='sudo' PACKAGE_TARNAME='sudo' -PACKAGE_VERSION='1.8.1' -PACKAGE_STRING='sudo 1.8.1' +PACKAGE_VERSION='1.8.1p1' +PACKAGE_STRING='sudo 1.8.1p1' PACKAGE_BUGREPORT='http://www.sudo.ws/bugs/' PACKAGE_URL='' @@ -1429,7 +1429,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures sudo 1.8.1 to adapt to many kinds of systems. +\`configure' configures sudo 1.8.1p1 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1494,7 +1494,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of sudo 1.8.1:";; + short | recursive ) echo "Configuration of sudo 1.8.1p1:";; esac cat <<\_ACEOF @@ -1706,7 +1706,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -sudo configure 1.8.1 +sudo configure 1.8.1p1 generated by GNU Autoconf 2.65 Copyright (C) 2009 Free Software Foundation, Inc. @@ -2405,7 +2405,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by sudo $as_me 1.8.1, which was +It was created by sudo $as_me 1.8.1p1, which was generated by GNU Autoconf 2.65. Invocation command line was $ $0 $@ @@ -19622,7 +19622,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by sudo $as_me 1.8.1, which was +This file was extended by sudo $as_me 1.8.1p1, which was generated by GNU Autoconf 2.65. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -19688,7 +19688,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -sudo config.status 1.8.1 +sudo config.status 1.8.1p1 configured by $0, generated by GNU Autoconf 2.65, with options \\"\$ac_cs_config\\" diff -urNa sudo-1.8.1/configure.in sudo-1.8.1p1/configure.in --- sudo-1.8.1/configure.in Sat Apr 9 10:46:16 2011 +++ sudo-1.8.1p1/configure.in Fri Apr 15 14:41:51 2011 @@ -3,7 +3,7 @@ dnl dnl Copyright (c) 1994-1996,1998-2011 Todd C. Miller dnl -AC_INIT([sudo], [1.8.1], [http://www.sudo.ws/bugs/], [sudo]) +AC_INIT([sudo], [1.8.1p1], [http://www.sudo.ws/bugs/], [sudo]) AC_CONFIG_HEADER([config.h pathnames.h]) dnl dnl Note: this must come after AC_INIT diff -urNa sudo-1.8.1/plugins/sudoers/Makefile.in sudo-1.8.1p1/plugins/sudoers/Makefile.in --- sudo-1.8.1/plugins/sudoers/Makefile.in Wed Apr 6 10:59:31 2011 +++ sudo-1.8.1p1/plugins/sudoers/Makefile.in Mon Apr 11 08:28:33 2011 @@ -349,7 +349,7 @@ install-includes: -install-doc: +install-doc: install-dirs @LDAP@$(INSTALL) -O $(install_uid) -G $(install_gid) -M 0555 $(srcdir)/sudoers2ldif $(DESTDIR)$(docdir) install-plugin: sudoers.la install-dirs diff -urNa sudo-1.8.1/plugins/sudoers/ldap.c sudo-1.8.1p1/plugins/sudoers/ldap.c --- sudo-1.8.1/plugins/sudoers/ldap.c Fri Mar 18 09:39:20 2011 +++ sudo-1.8.1p1/plugins/sudoers/ldap.c Tue Apr 12 11:48:34 2011 @@ -960,7 +960,7 @@ char *filt; if (ldap_conf.search_filter) - easprintf(&filt, "(&(%s)(cn=defaults))", ldap_conf.search_filter); + easprintf(&filt, "(&%s(cn=defaults))", ldap_conf.search_filter); else filt = estrdup("cn=defaults"); return filt; diff -urNa sudo-1.8.1/plugins/sudoers/regress/iolog_path/check_iolog_path.c sudo-1.8.1p1/plugins/sudoers/regress/iolog_path/check_iolog_path.c --- sudo-1.8.1/plugins/sudoers/regress/iolog_path/check_iolog_path.c Wed Mar 16 13:43:19 2011 +++ sudo-1.8.1p1/plugins/sudoers/regress/iolog_path/check_iolog_path.c Mon Apr 11 11:41:57 2011 @@ -193,9 +193,9 @@ exit(errors); } -void io_nextid(char *iolog_dir, char *id) +void io_nextid(char *iolog_dir, char id[7]) { - memcpy(id, sessid, sizeof(id)); + memcpy(id, sessid, sizeof(sessid)); } void diff -urNa sudo-1.8.1/plugins/sudoers/set_perms.c sudo-1.8.1p1/plugins/sudoers/set_perms.c --- sudo-1.8.1/plugins/sudoers/set_perms.c Wed Mar 16 13:40:56 2011 +++ sudo-1.8.1p1/plugins/sudoers/set_perms.c Fri Apr 15 12:30:58 2011 @@ -535,6 +535,9 @@ * the ruid is ROOT_UID so call setuid() first. */ if (OID(euid) == ROOT_UID) { + /* setuid() may not set the saved ID unless the euid is ROOT_UID */ + if (ID(euid) != ROOT_UID) + (void)setreuid(-1, ROOT_UID); if (setuid(ROOT_UID)) { warning("setuid(%d)", ROOT_UID); goto bad; diff -urNa sudo-1.8.1/plugins/sudoers/toke.c sudo-1.8.1p1/plugins/sudoers/toke.c --- sudo-1.8.1/plugins/sudoers/toke.c Thu Mar 31 13:57:59 2011 +++ sudo-1.8.1p1/plugins/sudoers/toke.c Thu Apr 14 15:08:15 2011 @@ -1468,6 +1468,7 @@ # include # endif #endif +#include #include #include "sudoers.h" #include "parse.h" @@ -1506,7 +1507,7 @@ #define INSTR 5 -#line 1509 "lex.yy.c" +#line 1510 "lex.yy.c" /* Macros after this point can all be overridden by user definitions in * section 1. @@ -1660,9 +1661,9 @@ register char *yy_cp, *yy_bp; register int yy_act; -#line 118 "toke.l" +#line 119 "toke.l" -#line 1665 "lex.yy.c" +#line 1666 "lex.yy.c" if ( yy_init ) { @@ -1748,7 +1749,7 @@ case 1: YY_RULE_SETUP -#line 119 "toke.l" +#line 120 "toke.l" { LEXTRACE(", "); return ','; @@ -1756,12 +1757,12 @@ YY_BREAK case 2: YY_RULE_SETUP -#line 124 "toke.l" +#line 125 "toke.l" BEGIN STARTDEFS; YY_BREAK case 3: YY_RULE_SETUP -#line 126 "toke.l" +#line 127 "toke.l" { BEGIN INDEFS; LEXTRACE("DEFVAR "); @@ -1773,7 +1774,7 @@ case 4: YY_RULE_SETUP -#line 135 "toke.l" +#line 136 "toke.l" { BEGIN STARTDEFS; LEXTRACE(", "); @@ -1782,7 +1783,7 @@ YY_BREAK case 5: YY_RULE_SETUP -#line 141 "toke.l" +#line 142 "toke.l" { LEXTRACE("= "); return '='; @@ -1790,7 +1791,7 @@ YY_BREAK case 6: YY_RULE_SETUP -#line 146 "toke.l" +#line 147 "toke.l" { LEXTRACE("+= "); return '+'; @@ -1798,7 +1799,7 @@ YY_BREAK case 7: YY_RULE_SETUP -#line 151 "toke.l" +#line 152 "toke.l" { LEXTRACE("-= "); return '-'; @@ -1806,7 +1807,7 @@ YY_BREAK case 8: YY_RULE_SETUP -#line 156 "toke.l" +#line 157 "toke.l" { LEXTRACE("BEGINSTR "); yylval.string = NULL; @@ -1816,7 +1817,7 @@ YY_BREAK case 9: YY_RULE_SETUP -#line 163 "toke.l" +#line 164 "toke.l" { LEXTRACE("WORD(2) "); if (!fill(yytext, yyleng)) @@ -1828,7 +1829,7 @@ case 10: YY_RULE_SETUP -#line 172 "toke.l" +#line 173 "toke.l" { /* Line continuation char followed by newline. */ ++sudolineno; @@ -1837,7 +1838,7 @@ YY_BREAK case 11: YY_RULE_SETUP -#line 178 "toke.l" +#line 179 "toke.l" { LEXTRACE("ENDSTR "); BEGIN prev_state; @@ -1872,7 +1873,7 @@ YY_BREAK case 12: YY_RULE_SETUP -#line 210 "toke.l" +#line 211 "toke.l" { LEXTRACE("BACKSLASH "); if (!append(yytext, yyleng)) @@ -1881,7 +1882,7 @@ YY_BREAK case 13: YY_RULE_SETUP -#line 216 "toke.l" +#line 217 "toke.l" { LEXTRACE("STRBODY "); if (!append(yytext, yyleng)) @@ -1892,7 +1893,7 @@ case 14: YY_RULE_SETUP -#line 224 "toke.l" +#line 225 "toke.l" { /* quoted fnmatch glob char, pass verbatim */ LEXTRACE("QUOTEDCHAR "); @@ -1903,7 +1904,7 @@ YY_BREAK case 15: YY_RULE_SETUP -#line 232 "toke.l" +#line 233 "toke.l" { /* quoted sudoers special char, strip backslash */ LEXTRACE("QUOTEDCHAR "); @@ -1914,7 +1915,7 @@ YY_BREAK case 16: YY_RULE_SETUP -#line 240 "toke.l" +#line 241 "toke.l" { BEGIN INITIAL; yyless(0); @@ -1923,7 +1924,7 @@ YY_BREAK case 17: YY_RULE_SETUP -#line 246 "toke.l" +#line 247 "toke.l" { LEXTRACE("ARG "); if (!fill_args(yytext, yyleng, sawspace)) @@ -1934,7 +1935,7 @@ case 18: YY_RULE_SETUP -#line 254 "toke.l" +#line 255 "toke.l" { char *path; @@ -1955,7 +1956,7 @@ YY_BREAK case 19: YY_RULE_SETUP -#line 272 "toke.l" +#line 273 "toke.l" { char *path; @@ -1979,7 +1980,7 @@ YY_BREAK case 20: YY_RULE_SETUP -#line 293 "toke.l" +#line 294 "toke.l" { char deftype; int n; @@ -2022,7 +2023,7 @@ YY_BREAK case 21: YY_RULE_SETUP -#line 333 "toke.l" +#line 334 "toke.l" { int n; @@ -2051,7 +2052,7 @@ YY_BREAK case 22: YY_RULE_SETUP -#line 359 "toke.l" +#line 360 "toke.l" { /* cmnd does not require passwd for this user */ LEXTRACE("NOPASSWD "); @@ -2060,7 +2061,7 @@ YY_BREAK case 23: YY_RULE_SETUP -#line 365 "toke.l" +#line 366 "toke.l" { /* cmnd requires passwd for this user */ LEXTRACE("PASSWD "); @@ -2069,7 +2070,7 @@ YY_BREAK case 24: YY_RULE_SETUP -#line 371 "toke.l" +#line 372 "toke.l" { LEXTRACE("NOEXEC "); return NOEXEC; @@ -2077,7 +2078,7 @@ YY_BREAK case 25: YY_RULE_SETUP -#line 376 "toke.l" +#line 377 "toke.l" { LEXTRACE("EXEC "); return EXEC; @@ -2085,7 +2086,7 @@ YY_BREAK case 26: YY_RULE_SETUP -#line 381 "toke.l" +#line 382 "toke.l" { LEXTRACE("SETENV "); return SETENV; @@ -2093,7 +2094,7 @@ YY_BREAK case 27: YY_RULE_SETUP -#line 386 "toke.l" +#line 387 "toke.l" { LEXTRACE("NOSETENV "); return NOSETENV; @@ -2101,7 +2102,7 @@ YY_BREAK case 28: YY_RULE_SETUP -#line 391 "toke.l" +#line 392 "toke.l" { LEXTRACE("LOG_OUTPUT "); return LOG_OUTPUT; @@ -2109,7 +2110,7 @@ YY_BREAK case 29: YY_RULE_SETUP -#line 396 "toke.l" +#line 397 "toke.l" { LEXTRACE("NOLOG_OUTPUT "); return NOLOG_OUTPUT; @@ -2117,7 +2118,7 @@ YY_BREAK case 30: YY_RULE_SETUP -#line 401 "toke.l" +#line 402 "toke.l" { LEXTRACE("LOG_INPUT "); return LOG_INPUT; @@ -2125,7 +2126,7 @@ YY_BREAK case 31: YY_RULE_SETUP -#line 406 "toke.l" +#line 407 "toke.l" { LEXTRACE("NOLOG_INPUT "); return NOLOG_INPUT; @@ -2133,7 +2134,7 @@ YY_BREAK case 32: YY_RULE_SETUP -#line 411 "toke.l" +#line 412 "toke.l" { /* empty group or netgroup */ LEXTRACE("ERROR "); @@ -2142,7 +2143,7 @@ YY_BREAK case 33: YY_RULE_SETUP -#line 417 "toke.l" +#line 418 "toke.l" { /* netgroup */ if (!fill(yytext, yyleng)) @@ -2153,7 +2154,7 @@ YY_BREAK case 34: YY_RULE_SETUP -#line 425 "toke.l" +#line 426 "toke.l" { /* group */ if (!fill(yytext, yyleng)) @@ -2164,7 +2165,7 @@ YY_BREAK case 35: YY_RULE_SETUP -#line 433 "toke.l" +#line 434 "toke.l" { if (!fill(yytext, yyleng)) yyterminate(); @@ -2174,7 +2175,7 @@ YY_BREAK case 36: YY_RULE_SETUP -#line 440 "toke.l" +#line 441 "toke.l" { if (!fill(yytext, yyleng)) yyterminate(); @@ -2184,7 +2185,7 @@ YY_BREAK case 37: YY_RULE_SETUP -#line 447 "toke.l" +#line 448 "toke.l" { if (!ipv6_valid(yytext)) { LEXTRACE("ERROR "); @@ -2198,7 +2199,7 @@ YY_BREAK case 38: YY_RULE_SETUP -#line 458 "toke.l" +#line 459 "toke.l" { if (!ipv6_valid(yytext)) { LEXTRACE("ERROR "); @@ -2212,7 +2213,7 @@ YY_BREAK case 39: YY_RULE_SETUP -#line 469 "toke.l" +#line 470 "toke.l" { if (strcmp(yytext, "ALL") == 0) { LEXTRACE("ALL "); @@ -2237,7 +2238,7 @@ YY_BREAK case 40: YY_RULE_SETUP -#line 491 "toke.l" +#line 492 "toke.l" { /* no command args allowed for Defaults!/path */ if (!fill_cmnd(yytext, yyleng)) @@ -2248,7 +2249,7 @@ YY_BREAK case 41: YY_RULE_SETUP -#line 499 "toke.l" +#line 500 "toke.l" { BEGIN GOTCMND; LEXTRACE("COMMAND "); @@ -2258,7 +2259,7 @@ YY_BREAK case 42: YY_RULE_SETUP -#line 506 "toke.l" +#line 507 "toke.l" { /* directories can't have args... */ if (yytext[yyleng - 1] == '/') { @@ -2276,7 +2277,7 @@ YY_BREAK case 43: YY_RULE_SETUP -#line 521 "toke.l" +#line 522 "toke.l" { LEXTRACE("BEGINSTR "); yylval.string = NULL; @@ -2286,7 +2287,7 @@ YY_BREAK case 44: YY_RULE_SETUP -#line 528 "toke.l" +#line 529 "toke.l" { /* a word */ if (!fill(yytext, yyleng)) @@ -2297,7 +2298,7 @@ YY_BREAK case 45: YY_RULE_SETUP -#line 536 "toke.l" +#line 537 "toke.l" { LEXTRACE("( "); return '('; @@ -2305,7 +2306,7 @@ YY_BREAK case 46: YY_RULE_SETUP -#line 541 "toke.l" +#line 542 "toke.l" { LEXTRACE(") "); return ')'; @@ -2313,7 +2314,7 @@ YY_BREAK case 47: YY_RULE_SETUP -#line 546 "toke.l" +#line 547 "toke.l" { LEXTRACE(", "); return ','; @@ -2321,7 +2322,7 @@ YY_BREAK case 48: YY_RULE_SETUP -#line 551 "toke.l" +#line 552 "toke.l" { LEXTRACE("= "); return '='; @@ -2329,7 +2330,7 @@ YY_BREAK case 49: YY_RULE_SETUP -#line 556 "toke.l" +#line 557 "toke.l" { LEXTRACE(": "); return ':'; @@ -2337,7 +2338,7 @@ YY_BREAK case 50: YY_RULE_SETUP -#line 561 "toke.l" +#line 562 "toke.l" { if (yyleng & 1) { LEXTRACE("!"); @@ -2347,7 +2348,7 @@ YY_BREAK case 51: YY_RULE_SETUP -#line 568 "toke.l" +#line 569 "toke.l" { if (YY_START == INSTR) { LEXTRACE("ERROR "); @@ -2362,14 +2363,14 @@ YY_BREAK case 52: YY_RULE_SETUP -#line 580 "toke.l" +#line 581 "toke.l" { /* throw away space/tabs */ sawspace = TRUE; /* but remember for fill_args */ } YY_BREAK case 53: YY_RULE_SETUP -#line 584 "toke.l" +#line 585 "toke.l" { sawspace = TRUE; /* remember for fill_args */ ++sudolineno; @@ -2378,7 +2379,7 @@ YY_BREAK case 54: YY_RULE_SETUP -#line 590 "toke.l" +#line 591 "toke.l" { BEGIN INITIAL; ++sudolineno; @@ -2389,7 +2390,7 @@ YY_BREAK case 55: YY_RULE_SETUP -#line 598 "toke.l" +#line 599 "toke.l" { LEXTRACE("ERROR "); return ERROR; @@ -2401,7 +2402,7 @@ case YY_STATE_EOF(STARTDEFS): case YY_STATE_EOF(INDEFS): case YY_STATE_EOF(INSTR): -#line 603 "toke.l" +#line 604 "toke.l" { if (YY_START != INITIAL) { BEGIN INITIAL; @@ -2414,10 +2415,10 @@ YY_BREAK case 56: YY_RULE_SETUP -#line 613 "toke.l" +#line 614 "toke.l" ECHO; YY_BREAK -#line 2420 "lex.yy.c" +#line 2421 "lex.yy.c" case YY_END_OF_BUFFER: { @@ -3308,7 +3309,7 @@ return 0; } #endif -#line 613 "toke.l" +#line 614 "toke.l" struct path_list { char *path; @@ -3344,8 +3345,16 @@ struct path_list **sorted = NULL; if (!(dir = opendir(dirpath))) { - yyerror(dirpath); - return NULL; + if (errno != ENOENT) { + char *errbuf; + if (asprintf(&errbuf, "%s: %s", dirpath, strerror(errno)) != -1) { + yyerror(errbuf); + free(errbuf); + } else { + yyerror("unable to allocate memory"); + } + } + goto done; } while ((dent = readdir(dir))) { /* Ignore files that end in '~' or have a '.' in them. */ @@ -3488,7 +3497,13 @@ } } else { if ((fp = open_sudoers(path, TRUE, &keepopen)) == NULL) { - yyerror(path); + char *errbuf; + if (asprintf(&errbuf, "%s: %s", path, strerror(errno)) != -1) { + yyerror(errbuf); + free(errbuf); + } else { + yyerror("unable to allocate memory"); + } return FALSE; } istack[idepth].more = NULL; diff -urNa sudo-1.8.1/plugins/sudoers/toke.l sudo-1.8.1p1/plugins/sudoers/toke.l --- sudo-1.8.1/plugins/sudoers/toke.l Thu Mar 31 13:57:59 2011 +++ sudo-1.8.1p1/plugins/sudoers/toke.l Thu Apr 14 15:08:15 2011 @@ -65,6 +65,7 @@ # include # endif #endif +#include #include #include "sudoers.h" #include "parse.h" @@ -645,8 +646,16 @@ struct path_list **sorted = NULL; if (!(dir = opendir(dirpath))) { - yyerror(dirpath); - return NULL; + if (errno != ENOENT) { + char *errbuf; + if (asprintf(&errbuf, "%s: %s", dirpath, strerror(errno)) != -1) { + yyerror(errbuf); + free(errbuf); + } else { + yyerror("unable to allocate memory"); + } + } + goto done; } while ((dent = readdir(dir))) { /* Ignore files that end in '~' or have a '.' in them. */ @@ -789,7 +798,13 @@ } } else { if ((fp = open_sudoers(path, TRUE, &keepopen)) == NULL) { - yyerror(path); + char *errbuf; + if (asprintf(&errbuf, "%s: %s", path, strerror(errno)) != -1) { + yyerror(errbuf); + free(errbuf); + } else { + yyerror("unable to allocate memory"); + } return FALSE; } istack[idepth].more = NULL; diff -urNa sudo-1.8.1/pp sudo-1.8.1p1/pp --- sudo-1.8.1/pp Sun Mar 27 09:25:28 2011 +++ sudo-1.8.1p1/pp Tue Apr 12 11:53:13 2011 @@ -3138,9 +3138,9 @@ echo "$prototype::"; cat $prototype fi >&2 - pkgmk -a $pp_solaris_arch -d $pp_wrkdir/pkg \ - -f $prototype || { error "pkgmk failed"; return; } - pkgtrans -s $pp_wrkdir/pkg \ + pkgmk -d $pp_wrkdir/pkg -f $prototype \ + || { error "pkgmk failed"; return; } + pkgtrans -s $pp_wrkdir/pkg \ $pp_wrkdir/`pp_backend_solaris_names` \ ${pp_solaris_name:-$name} \ || { error "pkgtrans failed"; return; } diff -urNa sudo-1.8.1/sudo.pp sudo-1.8.1p1/sudo.pp --- sudo-1.8.1/sudo.pp Wed Mar 30 12:26:07 2011 +++ sudo-1.8.1p1/sudo.pp Thu Apr 14 16:42:04 2011 @@ -12,14 +12,14 @@ The basic philosophy is to give as few privileges as possible but \ still allow people to get their work done." vendor="Todd C. Miller" - copyright="(c) 1993-1996,1998-2010 Todd C. Miller" + copyright="(c) 1993-1996,1998-2011 Todd C. Miller" %if [aix] # AIX package summary is limited to 40 characters summary="Configurable super-user privileges" # Convert to 4 part version for AIX, including patch level - pp_aix_version=`echo $version|sed -e 's/^\([0-9]*\.[0-9]*\.[0-9]*\)p\([0-9]*\)$/\1.\2/' -e 's/^\([0-9]*\.[0-9]*\.[0-9]*\)[^0-9\.].*$/\1.0/'` + pp_aix_version=`echo $version|sed -e 's/^\([0-9]*\.[0-9]*\.[0-9]*\)p\([0-9]*\)$/\1.\2/' -e 's/^\([0-9]*\.[0-9]*\.[0-9]*\)[^0-9\.].*$/\1/' -e 's/^\([0-9]*\.[0-9]*\.[0-9]*\)$/\1.0/'` %endif %if [kit]