Sudo Change Log

2017-05-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoreplay.c:
	Only display string version of errno if sudo_ev_add() fails for now
	[24244a02c93f] [tip]

2017-05-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	update
	[8e3359235e24]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Be clear that #includedir diverts control to the files in the
	specified directory and, when parsing of those files is complete,
	returns control to the original file. Bug #775
	[f68769f15356]

2017-05-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sr.mo, plugins/sudoers/po/sr.po, po/sr.mo,
	po/sr.po:
	sync with translationproject.org
	[4552eaf8fabf]

2017-05-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	update
	[53d1c9424816]

	* src/exec_monitor.c:
	Fix a hang introduced in the last commit. Don't close the pty slave
	until after we have the controlling tty.
	[c9c19beb60ed]

	* src/exec_monitor.c, src/exec_pty.c:
	If any of std{in,out,err} are not hooked up to a tty only interpose
	ourselves with a pipe if the plugin will actually log the data. This
	avoids a problem with non-interactive commands where no tty is
	present where sudo will consume stdin even when log_input is not
	enabled in sudoers.
	[a79edafdd307]

	* NEWS:
	update
	[144ff056cd01]

	* doc/TROUBLESHOOTING:
	Update based on information from Michael Felt.
	[7ea34380ba1d]

2017-05-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoreplay.c:
	In check_input() when switch()ing on the return value of read(), use
	the default label instead of 1 for the success case. It is only
	reading a single byte so the two are equivalent but it reads better
	using default.
	[860682b86af5]

	* plugins/sudoers/sudoreplay.c:
	Check sudo_ev_add() return value. Coverity CID 168362
	[b69779d3801f]

	* plugins/sudoers/iolog.c:
	Add io_open() wrapper for open(2) that retries with PERM_IOLOG if
	open(2) fails with EACCES. Use io_open() instead of duplicate copies
	of the same fallback code.
	[09f7992f681b]

	* plugins/sudoers/iolog.c:
	Don't retry the open() if set_perms() fails.
	[0808a9157037]

	* plugins/sudoers/iolog.c:
	Fix typo (fd2 vs. fd) caught by coverity, CID 168359.
	[f68df770e06f]

	* po/hu.mo, po/hu.po:
	sync with translationproject.org
	[ebef76dc27be]

2017-05-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL:
	Warn people not to use --enable-asan in production.
	[ecb5c1143ef4]

	* configure, configure.ac, src/Makefile.in:
	Move the invocation of check_noexec into the main "check" target but
	only run it if not cross compiling and whe CHECK_NOEXEC is not
	empty.
	[cba8fd3337c2]

	* src/Makefile.in:
	Move @CHECK_NOEXEC@ to TEST_PROGS so it gets cleaned up properly.
	[efaa9c44e749]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Move syslog_maxlen to the "Integers" section. Move syslog_goodpri
	and syslog_badpri to the "Strings at can be used in a boolean
	context" section.
	[342dfe9dd37c]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Fix a pasto that resulted in an extra (empty) syslog_goodpri list
	entry.
	[eb0563c5b8dc]

	* MANIFEST, plugins/sudoers/regress/sudoers/test20.in,
	plugins/sudoers/regress/sudoers/test20.json.ok,
	plugins/sudoers/regress/sudoers/test20.out.ok,
	plugins/sudoers/regress/sudoers/test20.toke.ok,
	plugins/sudoers/regress/sudoers/test21.in,
	plugins/sudoers/regress/sudoers/test21.json.ok,
	plugins/sudoers/regress/sudoers/test21.out.ok,
	plugins/sudoers/regress/sudoers/test21.toke.ok:
	Add tests for parsing tuples and syslog options.
	[86f3da23b4df]

	* plugins/sudoers/defaults.c:
	Allow the syslog Defaults option to be used in a "true" boolean
	context and use the compiled in default log facility in this case.
	[4fab25217602]

	* plugins/sudoers/defaults.c:
	Allow a tuple to be set to boolean true. Regression introduced by
	refactor of set_default_entry() in sudo 1.8.18.
	[9b38728deb27]

2017-05-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/TROUBLESHOOTING:
	Replace the list of "dangerous" environment variables and explain
	how sudo handles the environment instead.
	[966cf87d1bed]

2017-04-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/glob.c:
	Fix exponential behavior in glob() with respect to multiple '*'. See
	https://research.swtch.com/glob Adapted from https://perl5.git.perl.
	org/perl.git/commit/33252c318625f3c6c89b816ee88481940e3e6f95
	[3d187b0fb764]

	* src/exec_pty.c:
	We no longer need to write to the tty if the command was killed by a
	signal. Sudo will terminate itself with the same signal the command
	died from. Unfortunately, we lose the "core dumped" bit since sudo
	itself will not dump core, but there doesn't appear to be a way
	around that.
	[1be331e0c4d4]

2017-04-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo.c:
	On Linux, if the command we ran dumped core, set PR_SET_DUMPABLE to
	0. This will prevent sudo itself from dumping core in this case.
	[cf5a5793ebf4]

	* INSTALL:
	Update path to sudo_noexec.so
	[14e995667c8b]

	* src/sudo.c:
	If the command terminated due to a signal, sudo will send that same
	signal to itself so the parent shell knows the command died from a
	signal. However, we don't want sudo itself to dump core.
	[8d823e6ec41e]

2017-04-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	sync
	[1704e6005b07]

	* src/sudo.c:
	The fix for Bug #722 contained a typo/thinko that resulted in the
	exit status being 0 when a command was killed by a signal other than
	SIGINT. This fixes the signal handler setup so sudo will terminate
	with the same signal as the command. Bug #784.
	[50b988d0c97f]

	* sudo.pp:
	Better check for /etc/rc.d/rc2.d/S90sudo on AIX
	[93de5e34a6a3]

	* src/Makefile.in:
	Don't install the rc.d link when installing to a DESTDIR. DESTDIR is
	generally only set when installing to a temporary directory for
	packaging in which case the link should be made in a post-install
	script.
	[4200ef757b56]

	* plugins/sudoers/Makefile.in, sudo.pp:
	In "make install", install sample sudoers file as /etc/sudoers.dist
	and copy it to /etc/sudoers if there is no existing /etc/sudoers.
	Packages either contain /etc/sudoers (RPM and Debian) or
	/etc/sudoers.dist (everything else).
	[40f8e5806d71]

	* Makefile.in, mkdep.pl:
	Allow "make dist" and "make depend" to work for out of tree builds.
	[7b7ba3f38abb]

2017-04-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/zlib/Makefile.in:
	Add missing $(srcdir) prefix to shlib_exp definition.
	[c63e8e73507e]

2017-04-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/sudo_compat.h:
	Fix typo in killpg macro.
	[f7392d21c915]

	* include/sudo_compat.h:
	Fix the killpg macro for systems without killpg() in libc.
	[ba0c5162bc4a]

2017-04-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_pty.c:
	Use the standard idiom for popping all entries from a tail queue.
	The llvm checker gets confused by TAILQ_REMOVE and generate use-
	after-free false positives.
	[a88cacd23f09]

	* src/exec_monitor.c, src/exec_nopty.c:
	rewrite errpipe callbacks
	[5c75729cea19]

	* src/exec_monitor.c, src/exec_nopty.c:
	use pipe2() with O_CLOEXEC instead of pipe() + fcntl() and
	FD_CLOEXEC
	[c8c9cc31c43a]

	* src/exec_pty.c:
	init io_pipe[][] to -1, not 0
	[71012940a8f1]

2017-04-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sssd.c:
	In sudo_sss_check_user() it is not possible for handle to be NULL.
	[de41ba76a4ce]

	* plugins/sudoers/sssd.c:
	Fix a use after free when the fqdn sudoOption is set and no hostname
	value is present in sssd.conf.
	[716a7c502cc0]

	* src/sudo.c:
	Avoid unused variable when getgrouplist_2() is available. It would
	be nicer to just provide getgrouplist_2() (or the equivalent) and
	avoid the ugly #ifdefs.
	[2c7ac21feb5f]

	* plugins/sudoers/po/nb.mo, plugins/sudoers/po/nb.po, po/nb.mo,
	po/nb.po:
	sync with translationproject.org
	[e91a983f9de6]

2017-04-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in:
	regen
	[790d9a05f585]

2017-04-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/ttyname.c:
	In sudo_ttyname_scan() if dir is the empty string, set errno to
	ENOENT before returning.
	[f531ea6e489e]

2017-04-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Try to make it clear that when match_group_by_gid is enabled, groups
	in sudoers are looked up by group name instead of group ID. This
	doesn't usually cause problems, but if there are conflicting group
	entries (for example, from a local /etc/group file and an LDAP or AD
	group database), whether the group is resolved by name or ID can be
	used to work around conflicts.
	[fe3bfca4fcce]

2017-04-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po, po/ja.mo,
	po/ja.po:
	sync with translationproject.org
	[94d36c45e345]

	* plugins/sudoers/regress/parser/check_digest.c:
	plug memory leak in check_digest
	[40aab9e6e365]

	* src/exec.c:
	Check return value of dispatch_pending_signals() in case we received
	SIGINT or SIGQUIT before executing the command.
	[218758d1560d]

2017-03-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac:
	back out unintentional change to the version number
	[799b396c1c69]

2017-03-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/cs.mo, plugins/sudoers/po/cs.po,
	plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po,
	plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/hr.mo, plugins/sudoers/po/hr.po,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po, po/cs.mo,
	po/cs.po, po/da.mo, po/da.po, po/de.mo, po/de.po, po/fr.mo,
	po/fr.po, po/hr.mo, po/hr.po, po/it.mo, po/it.po, po/pl.mo,
	po/pl.po, po/pt_BR.mo, po/pt_BR.po, po/tr.mo, po/tr.po, po/uk.mo,
	po/uk.po, po/vi.mo, po/vi.po, po/zh_CN.mo, po/zh_CN.po:
	sync with translationproject.org
	[04c4a3ec233d]

2017-03-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac, plugins/sudoers/Makefile.in,
	plugins/sudoers/regress/parser/check_digest.c,
	plugins/sudoers/regress/parser/check_digest.out.ok:
	Make check_digest test sudo_filedigest() itself instead of the
	underlying SHA2 functions. That way we can test it regardless of
	whether we use sudo's SHA2 functions or a library version.
	[9834b37f1fb0]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document that commands matched by "sudo ALL" are not affected by
	fdexec.
	[7cc3b770a2ff]

2017-03-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Update for 1.8.20
	[14a09000c1dc]

	* plugins/sudoers/po/sudoers.pot:
	regen for restricted_env_file
	[81290b370c95]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Mention that iolog_user is useful for NFS.
	[9c8f9dfdebf0]

2017-03-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog.c:
	Only retry mkdir or create with PERM_IOLOG if errno is EACCES. Also
	always use PERM_IOLOG for mkdtemp() since we cannot retry if it
	fails. Since we are guaranteed to create a new directory there's no
	real need to try w/o PERM_IOLOG in this case.
	[c3c67d78e46a]

2017-03-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog.c:
	Add fallback to PERM_IOLOG when making the final componenet of
	iolog_dir.
	[72924e4c8f5d]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/env.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h:
	Add restricted_env_file which is like env_file but subject to the
	same restrictions as the user's own environment.
	[ec887cc57a8b]

	* plugins/sudoers/iolog.c:
	quiet a warning on older zlib
	[bcd3cac968a2]

	* plugins/sudoers/iolog.c, plugins/sudoers/timestamp.c:
	cast mode_t to unsigned int when printing with %o
	[f9ca9ead134e]

2017-03-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot:
	regen
	[f62e81f74d10]

	* plugins/sudoers/iolog.c, plugins/sudoers/mkdir_parents.c,
	plugins/sudoers/timestamp.c:
	Set umask temporarily when creating files instead of changing the
	mode after the fact. This is slightly less error prone.
	[a9b4cf336b73]

	* plugins/sudoers/iolog.c:
	remove now-useless variable
	[9a36b2449ac4]

	* plugins/sudoers/mkdir_parents.c:
	Don't set owner/mode on directories that already exist, only on
	newly-created ones.
	[2b616be0e165]

	* plugins/sudoers/iolog.c, plugins/sudoers/mkdir_parents.c:
	Explicitly set the file mode of I/O log files so the mode is not
	affected by the invoking user's umask.
	[ec7d5dd47b6b]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/iolog.c, plugins/sudoers/mkdir_parents.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/timestamp.c:
	Add PERM_IOLOG so we can create I/O log files on an NFS-mounted
	filesystem where root is remapped to an unprivileged user.
	[01804a971cd5]

	* plugins/sudoers/mkdir_parents.c:
	Restore the '/' in the path before returning if we encounter an
	error.
	[bb12cfce16fd]

2017-03-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/timestamp.c:
	When creating the timestamp directory, use the group of the
	timestamp owner instead of inheriting the group of the parent
	directory.
	[7a4a10cafe08]

2017-03-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sssd.c:
	zero out nss->handle after it has been freed to make sure we cannot
	free it twice
	[00d5340b7541]

2017-03-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/iolog.c:
	Add iolog_flush option.
	[96baa17409cf]

2017-03-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/iolog.c:
	Don't allow the user to specify an I/O log file mode that sudo can't
	read or write to. I/O logs must always be readable and writable by
	the owner.
	[b32e2ef04905]

2017-03-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.conf.cat, doc/sudo_plugin.cat,
	doc/sudoers.cat, doc/sudoers.ldap.cat, doc/sudoreplay.cat,
	doc/visudo.cat:
	Regenerate the cat pages with newer mandoc which formats double
	quotes as "foo" instead of ``foo''.
	[5f14e527ae05]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Make it clear that I/O logs will be complete even if the command run
	by sudo is terminated by a signal. The I/O log buffering just
	prevents the logs from being displayed in real-time as the command
	is running.
	[072fd419ac1e]

2017-03-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c, src/exec_monitor.c, src/signal.c, src/sudo.h:
	Replace pipe_nonblock() with pipe2()
	[c106b62d7835]

	* MANIFEST, config.h.in, configure, configure.ac,
	include/sudo_compat.h, lib/util/Makefile.in, lib/util/pipe2.c,
	mkdep.pl:
	Emulate pipe2() on systems without it.
	[5a183dd380f0]

2017-03-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/auth/kerb5.c:
	Fix declaration of sudo_krb5_verify() in the case where
	krb5_verify_user() is not present. Bug #777
	[eafd4e2d7c7f]

	* plugins/sudoers/rcstr.c:
	Use HAVE_STDBOOL_H to detect systems w/o stdbool.h. Bug #778
	[dbac86777429]

2017-03-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	regen
	[2fc489ddc143]

	* src/exec_monitor.c, src/exec_nopty.c, src/exec_pty.c:
	Move SIGCHLD handling into handle_sigchld() functions and move the
	remaining bits of dispatch_signal() into signal_pipe_cb()
	[b120f5cfa8cc]

2017-03-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/utmp.c:
	e_termination should be set to the value of WTERMSIG not WEXITSTATUS
	[95f37078ae8f]

2017-03-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, src/Makefile.in, src/exec_nopty.c, src/sudo.h,
	src/tcsetpgrp_nobg.c:
	Add tcsetpgrp_nobg() which acts like tcsetpgrp() but returns -1 for
	a background process. This is safer than blocking SIGTTOU which
	would cause tcsetpgrp() to succeed in the background.
	[7ab75c47b8bf]

2017-03-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_nopty.c:
	Prevent sudo from receiving SIGTTOU when it tries to restore the
	controlling terminal. There appears to be a race with the shell
	(bash) which we may lose.
	[aab018fb9940]

2017-03-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/timestamp.c, src/exec_monitor.c:
	Add some casts to quiet gcc warnings on Solaris and remove a now-
	useless debug printf.
	[16c862eab0ce]

	* src/exec_pty.c:
	change debug info when suspending sudo
	[f5c5ee07f8e3]

	* MANIFEST, src/Makefile.in, src/exec.c, src/exec_monitor.c,
	src/exec_nopty.c, src/exec_pty.c, src/sudo_exec.h:
	Reorganize the command execution code to separate out the pty and
	non-pty code paths into their own event loops. The non-pty exec code
	is now contained in exec_nopty.c and the pty exec code is split
	between exec_pty.c (parent process) and exec_monitor.c (session
	leader). This results in a small bit of duplicated code but improves
	readability. Some of the duplicated code will fall out in future
	changes to the event subsystem (the signal pipe).
	[fe239d2a3cbd]

2017-02-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/ttysize.c, src/exec_pty.c:
	Remove support for the TIOCGSIZE ioctl. Systems that use this rather
	than TIOCGWINSZ are too old for sudo to build on anyway.
	[0179b16c70f9]

2017-02-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c, src/exec_pty.c:
	Set the child pid to -1 after we've waited for it and take care to
	avoid killing pid -1. This makes it a bit more explicit and removes
	the need for a separate variable to track the child's status. Sudo
	already stops processing signals after it receives SIGCHLD so it is
	not vulnerable to CVE-2017-2616.
	[1123704858ae]

2017-02-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/visudo.cat, doc/visudo.man.in, doc/visudo.mdoc.in:
	Update the description of strict mode to current reality. Aliases
	haven't needed to be defined before they are used since sudo 1.7.
	[9dc4ce4ec538]

	* doc/visudo.cat, doc/visudo.man.in, doc/visudo.mdoc.in,
	plugins/sudoers/regress/visudo/test2.err.ok,
	plugins/sudoers/regress/visudo/test3.err.ok,
	plugins/sudoers/visudo.c:
	Go back to using a Warning/Error prefix in the message printed to
	stderr for alias problems. Requested by Tomas Sykora.
	[ad4dc6e34222]

2017-02-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/filedigest.c, plugins/sudoers/filedigest_openssl.c:
	fix copyright years
	[b9f013f95bb2]

2017-02-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL, MANIFEST, configure, configure.ac, mkdep.pl,
	plugins/sudoers/Makefile.in, plugins/sudoers/filedigest_gcrypt.c:
	Add support for using the message digest functions in libgcrypt
	instead of sudo's own SHA2 implementation.
	[0259467c38dd]

	* INSTALL, MANIFEST, configure, configure.ac, mkdep.pl,
	plugins/sudoers/Makefile.in, plugins/sudoers/filedigest_openssl.c:
	Add support for using the message digest functions in OpenSSL
	instead of sudo's own SHA2 implementation.
	[d77639c97e43]

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/digestname.c,
	plugins/sudoers/filedigest.c, plugins/sudoers/ldap.c,
	plugins/sudoers/match.c, plugins/sudoers/parse.h,
	plugins/sudoers/sssd.c, plugins/sudoers/visudo_json.c:
	Move the file digest code out of match.c and into filedigest.c.
	Inspired by RedHat changes that used libgcrypt. Also add
	digest_type_to_name() to map a sudo digest type (int) to a name
	(string) and use it.
	[9213d8c94b8f]

	* plugins/sudoers/gmtoff.c:
	Check for gmtime() or localtime() returning NULL and just use a zero
	offset in that case. Should not be possible.
	[ed210dd8bf46]

2017-02-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers2ldif:
	Add support for ROLE, TYPE, PRIVS, LIMITPRIVS, TIMEOUT, NOTBEFORE
	and NOTAFTER.
	[d0310b017c78]

	* config.h.in, configure, configure.ac, plugins/sudoers/timestr.c:
	strftime() was in C89 so use it unconditionally.
	[87bf66aa18fd]

	* MANIFEST, config.h.in, configure, configure.ac, doc/sudoers.cat,
	doc/sudoers.man.in, doc/sudoers.mdoc.in, include/sudo_debug.h,
	lib/util/sudo_debug.c, lib/util/util.exp.in,
	plugins/sudoers/Makefile.in, plugins/sudoers/gentime.c,
	plugins/sudoers/gmtoff.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.h, plugins/sudoers/gram.y,
	plugins/sudoers/parse.c, plugins/sudoers/parse.h,
	plugins/sudoers/regress/parser/check_gentime.c,
	plugins/sudoers/regress/sudoers/test19.in,
	plugins/sudoers/regress/sudoers/test19.json.ok,
	plugins/sudoers/regress/sudoers/test19.out.ok,
	plugins/sudoers/regress/sudoers/test19.toke.ok,
	plugins/sudoers/regress/visudo/test10.out.ok,
	plugins/sudoers/regress/visudo/test10.sh,
	plugins/sudoers/sudoers_version.h, plugins/sudoers/testsudoers.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Add NOTBEFORE and NOTAFTER command options similar to what is
	already available in LDAP.
	[3ba0f9567f83]

2017-02-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	regen
	[f2876eadc1f5]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, include/sudo_plugin.h:
	Bump version to 1.11 for timeout entry in settings[]
	[7b288e4bab93]

	* doc/sudo.conf.cat, doc/sudo_plugin.cat, doc/sudoers.ldap.cat,
	doc/sudoreplay.cat, doc/visudo.cat:
	regen
	[8c059a57d367]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in, doc/sudoers.cat,
	doc/sudoers.man.in, doc/sudoers.mdoc.in, plugins/sudoers/def_data.c,
	plugins/sudoers/def_data.h, plugins/sudoers/def_data.in,
	plugins/sudoers/policy.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, src/parse_args.c, src/sudo_usage.h.in:
	Add a command line option to specify the command timeout, as long as
	sudoers does not specify a shorter time limit.
	[a8ef7f923d0a]

2017-02-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y:
	Better error message when the timeout value does not parse.
	[2360fb093e3e]

	* plugins/sudoers/timeout.c:
	set errno to ERANGE not EOVERFLOW on range error
	[9654e1acab0d]

2017-02-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in:
	regen
	[46a124dd72aa]

	* plugins/sudoers/Makefile.in:
	Only inhibit ASAN leak detector for tests that result in a parse
	error. The parser cannot currently clean up completely on error.
	[b2f82dcd2545]

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y:
	Plug some memory leaks found by ASAN.
	[08189098a5b6]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	List SELinux role/type for "sudo -l" with LDAP and SSSd backends.
	Also fix printing of the timeout.
	[740723a49ab5]

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y:
	Only inherit SELinux role/type and Solaris privilege sets if the
	command does not include any. Previously, a command with only a role
	would inherit a type from the previous command which is not what was
	intended.
	[171a3ad972e7]

	* doc/fixman.sh, doc/fixmdoc.sh, doc/sudoers.cat, doc/sudoers.man.in,
	doc/sudoers.mdoc.in, plugins/sudoers/gram.c, plugins/sudoers/gram.h,
	plugins/sudoers/gram.y, plugins/sudoers/parse.h:
	Split out tags again so they must precede the command and not allow
	them to be mixed in with options.
	[e7e7d60316cc]

	* MANIFEST, doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/Makefile.in, plugins/sudoers/def_data.c,
	plugins/sudoers/def_data.h, plugins/sudoers/def_data.in,
	plugins/sudoers/defaults.c, plugins/sudoers/defaults.h,
	plugins/sudoers/gram.c, plugins/sudoers/gram.h,
	plugins/sudoers/gram.y, plugins/sudoers/ldap.c,
	plugins/sudoers/mkdefaults, plugins/sudoers/parse.c,
	plugins/sudoers/parse.h, plugins/sudoers/policy.c,
	plugins/sudoers/regress/sudoers/test17.in,
	plugins/sudoers/regress/sudoers/test17.json.ok,
	plugins/sudoers/regress/sudoers/test17.out.ok,
	plugins/sudoers/regress/sudoers/test17.toke.ok,
	plugins/sudoers/regress/sudoers/test18.in,
	plugins/sudoers/regress/sudoers/test18.json.ok,
	plugins/sudoers/regress/sudoers/test18.out.ok,
	plugins/sudoers/regress/sudoers/test18.toke.ok,
	plugins/sudoers/testsudoers.c, plugins/sudoers/timeout.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l,
	plugins/sudoers/visudo_json.c:
	Add support for command timeouts in sudoers. After the timeout, the
	command will be terminated.
	[a36a748e9324]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/gram.c, plugins/sudoers/gram.h,
	plugins/sudoers/gram.y, plugins/sudoers/parse.h:
	Merge command tags, SELinux type/role and Solaris privs settings
	into "command options". This relaxes the order of things so tags and
	other options can be interspersed.
	[0970fd78cbe8]

	* plugins/sudoers/rcstr.c:
	supress cppcheck memory leak false positive
	[e0caf2275a44]

	* lib/util/strtoid.c:
	fix typo that prevented compilation on FreeBSD
	[27866f6a2b5e]

2017-02-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/Makefile.in:
	Link vsyslog.lo directly into vsyslog_test to make sure the syslog()
	stub gets called. Otherwise, the real syslog will get called via
	libutil on AIX.
	[693bc8411a98]

	* lib/util/regress/vsyslog/vsyslog_test.c:
	Fix final test with a format > 2048 bytes. Keep track of tests run
	in the syslog() stub so we can detect if the stub is not being
	called.
	[d10d784446c1]

	* lib/zlib/deflate.c:
	avoid redefining the MIN macro
	[45b7b0ba0f01]

	* plugins/sudoers/parse.h, plugins/sudoers/timestr.c:
	Include parse.h in timestr.c which is where function prototype
	lives.
	[3ec9ec84a84c]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Fix for including a sudoers file that begins with the letter 'i'.
	The hack to determine whether we are parsing an include or
	includedir is no longer safe now that relative include paths are
	permitted. Bug #776.
	[4d9691a43867]

2017-02-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/def_data.c, plugins/sudoers/def_data.in:
	Display the value of syslog_maxlen in sudo -V output.
	[0841ad36531c]

2017-02-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/defaults.c:
	Add ignore_unknown_defaults flag to ignore unknown Defaults entries
	in sudoers instead of producing a warning.
	[a7fdb44677dd]

2017-01-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/match.c:
	Always set the close-on-exec bit on the fd used to generate the
	digest (i.e. the command to run) on systems that lack fexecve(2).
	That way we don't need to explicitly close it using #ifdefs.
	[f840a22fac1c]

	* plugins/sudoers/po/ca.mo, plugins/sudoers/po/ca.po,
	plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po,
	plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/sr.mo, plugins/sudoers/po/sr.po,
	plugins/sudoers/po/sv.mo, plugins/sudoers/po/sv.po, po/ca.mo,
	po/ca.po, po/eo.mo, po/eo.po, po/sv.mo, po/sv.po:
	sync with translationproject.org
	[57e877674892]

	* NEWS:
	first updates for 1.8.20
	[118208688b08]

	* configure, configure.ac:
	sudo 1.8.20
	[6cba125ea903]

2017-01-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/LICENSE, lib/zlib/adler32.c, lib/zlib/compress.c,
	lib/zlib/crc32.c, lib/zlib/deflate.c, lib/zlib/deflate.h,
	lib/zlib/gzguts.h, lib/zlib/gzlib.c, lib/zlib/gzread.c,
	lib/zlib/gzwrite.c, lib/zlib/infback.c, lib/zlib/inffast.c,
	lib/zlib/inflate.c, lib/zlib/inflate.h, lib/zlib/inftrees.c,
	lib/zlib/trees.c, lib/zlib/uncompr.c, lib/zlib/zconf.h.in,
	lib/zlib/zlib.exp, lib/zlib/zlib.h, lib/zlib/zutil.c,
	lib/zlib/zutil.h:
	update zlib to version 1.2.11
	[75a563663083]

2017-01-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/match.c:
	Fix fdexec=never when a digest is present.
	[49d3ab5baad0]

2017-01-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/defaults.c,
	plugins/sudoers/match.c:
	Add new fdexec sudoers setting to allow choose whether execve() or
	fexecve() is used.
	[6a7623aa9a64]

	* src/exec.c, src/exec_pty.c:
	Close execfd in parent processes where it is not needed.
	[f44e334d43e2]

2017-01-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/match.c:
	Add support for digest matching when the command is a glob-style
	pattern or a directory. For example:

	millert ALL = sha224:TmUvLkp3a2txliSC2X6CiK42626qdKsH72m/PQ== /bin/
	millert ALL = sha224:TmUvLkp3a2txliSC2X6CiK42626qdKsH72m/PQ== /bin/*

	would only match /bin/ls (assuming the digest matches).

	Previously, only explicit path matches checked the digest.
	[d4f6822ba9bb]

2017-01-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in, plugins/sudoers/ldap.c:
	Add support for SASL_MECH in ldap.conf; Bug #764
	[d057bb7f2ddc]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Fix documentation bug, the contents of env_file have never been
	subject to env_keep or env_check. However, variables are only added
	if they have not already been preserved.
	[4483b1b44709]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	examples/sudoers:
	Safer example for rule that can change non-root passwords. GNU
	getopts allows options to follow arguments so we need to be able to
	deny things like "passwd root -q". From Paul "Joey" Clark. Bug #772
	[c809f1372811]

2017-01-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	Don't overwrite the return value of ldap_sasl_interactive_bind_s()
	by the subsequent call to sudo_set_krb5_ccache_name(). From Paul
	Zirnik of SUSE.
	[448baff2b586]

	* plugins/sudoers/env.c:
	In sudo_unsetenv_nodebug(), decrement envp.env_len after removing
	the variable. From Paul Zirnik of SUSE.
	[3d87a008671c]

2017-01-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/Makefile.in:
	only run vsyslog_test if it exists
	[5323dfcfb009]

	* MANIFEST, configure, configure.ac, lib/util/Makefile.in,
	lib/util/regress/vsyslog/vsyslog_test.c:
	Add regress for vsyslog replacement.
	[1f767b8f5940]

2017-01-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac:
	Define HAVE_NANOSLEEP if we find nanosleep in librt
	[ec8d949bf411]

	* configure, configure.ac:
	sudo_nanosleep not nanosleep in util.exp.in
	[18a3bca78962]

	* configure, configure.ac:
	add nanosleep to util.exp.in if needed
	[6ac2e9266d67]

	* NEWS, configure, configure.ac:
	sudo 1.8.19p2
	[9c15593a007a]

	* lib/util/vsyslog.c:
	Double the size of new_fmt[] and remove an extraneous break in the
	%m handling that was leftover from an earlier edit.
	[fcb28dc9cd4e]

	* lib/util/vsyslog.c:
	Fix typo, want vsnprintf not snprintf.
	[2717f2125ecd]

	* plugins/sudoers/logging.c:
	move va_start() in mysyslog()
	[b58ec40bbfc3]

	* plugins/sudoers/sudoers.c:
	Only treat failure of expand_iolog_path() as fatal if
	ignore_iolog_errors is not set.
	[1ba009311cf7]

2017-01-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, config.h.in, configure, configure.ac,
	include/sudo_compat.h, lib/util/Makefile.in, lib/util/nanosleep.c,
	mkdep.pl, src/exec_pty.c:
	When waiting for the parent to grant us the tty, use nanosleep
	instead of spinning to avoid hogging the CPU.
	[76335b380d7c]

	* src/sudo.c:
	Use ROOT_UID instead of 0
	[5ed03a4e0b0b]

2017-01-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in:
	regen
	[99b26e2c523d]

2017-01-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/interfaces.c,
	plugins/sudoers/regress/visudo/test9.out.ok,
	plugins/sudoers/regress/visudo/test9.sh, plugins/sudoers/visudo.c:
	Fix crash in visudo introduced in sudo 1.8.9 when an IP address or
	network is used in a host-based Defaults entry. Bug #766
	[ff9001f126b5]

2017-01-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac, doc/LICENSE:
	Avoid using the system strnlen/strndup on AIX < 6. Even if configure
	correctly detects it is working on the build machine, the sudo
	package may be run on a system with an old libc were it is broken.
	[28d148db0aaa]

2016-12-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, configure, configure.ac:
	sudo 1.8.19p1
	[7bfd43fa5caf]

	* plugins/sudoers/defaults.c:
	Fix logic bug when matching syslog priority and facility.
	[576cc9eb850f]

	* doc/HISTORY:
	Dell spun off Quest so simplify the history by just talking about
	Quest and not Dell.
	[a66120495435]

2016-12-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/LICENSE:
	Fix copyright year
	[3122e55195a6]

	* NEWS:
	typo
	[ffe9e84928b6]

2016-12-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/sudo_compat.h:
	HAVE_DECL_GETGROUPLIST_2 is always defined if HAVE_GETGROUPLIST_2
	is, we need to check its value, not whether it is defined.
	[849eb3113149]

2016-12-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/ko.mo, plugins/sudoers/po/ko.po:
	sync with translationproject.org
	[abf5d356a33b]

2016-12-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, plugins/sudoers/po/cs.mo, plugins/sudoers/po/cs.po,
	plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po,
	plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po,
	plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po,
	plugins/sudoers/po/nb.mo, plugins/sudoers/po/nb.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po,
	plugins/sudoers/po/sr.mo, plugins/sudoers/po/sr.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po, po/sr.mo,
	po/sr.po:
	sync with translationproject.org
	[fec672d5a4c7]

	* config.h.in, configure.ac, include/sudo_compat.h,
	plugins/sudoers/pwutil_impl.c, src/sudo.c:
	Use getgrouplist_2() on macOS if available.
	[3bf58af56d18]

2016-12-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot:
	regen
	[3f4d52230317]

	* plugins/sudoers/interfaces.c:
	In set_interfaces() treat a parse error as fatal.
	[7d0048108b1d]

2016-12-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/regress/atofoo/atofoo_test.c:
	Fix a clang warning on macOS
	[58e9d192e907]

2016-12-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/ko.mo, plugins/sudoers/po/ko.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po, po/ko.mo,
	po/ko.po, po/vi.mo, po/vi.po:
	sync with translationproject.org
	[99cce0f5fddc]

	* NEWS:
	update for 1.8.19b2
	[18cfc9b8b8e7]

	* plugins/sudoers/timestamp.c:
	Ignore a boot time that is in the future, which can happen when the
	clock is corrected down after boot. Otherwise, the timestamp file
	will be unlinked each time sudo is run and a password is always
	required.
	[dd3b2b7ae709]

2016-11-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.in,
	plugins/sudoers/defaults.c, plugins/sudoers/logging.c:
	Allow syslog priority to be negated or set to "none" to disable
	logging successes or failures.
	[624eddac4ab1]

	* doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in,
	plugins/sudoers/sudoreplay.c:
	Allow stdin and ttyin to be displayed too. The only one that is
	really useful in sudoreplay is stdin when input is from a pipe.
	[5aa8b3a90c84]

	* src/regress/noexec/check_noexec.c:
	Solaris 10 wordexp() returns 127 on execve() failure like popen()
	does.
	[f927c50dda17]

	* config.h.in, configure, configure.ac, include/sudo_debug.h,
	lib/util/regress/atofoo/atofoo_test.c, lib/util/strtoid.c,
	lib/util/sudo_debug.c, lib/util/util.exp.in:
	id_t is 64-bits on FreeBSD so use strtoll() there. Fixes the strtoid
	regress.
	[448a9857e89f]

2016-11-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	fix typo
	[92ea657a87f5]

	* plugins/sudoers/sudoers.c:
	Fix the "all" setting for verifypw and listpw; nopass would never be
	true even if all the user's entries had the NOPASSWD tag. Regression
	introduce in sudo 1.8.17. Bug #762
	[c672e3ebfbe2]

2016-11-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/ca.mo, plugins/sudoers/po/cs.mo,
	plugins/sudoers/po/cs.po, plugins/sudoers/po/da.mo,
	plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/el.mo, plugins/sudoers/po/eo.mo,
	plugins/sudoers/po/eu.mo, plugins/sudoers/po/fi.mo,
	plugins/sudoers/po/fr.mo, plugins/sudoers/po/hr.mo,
	plugins/sudoers/po/hr.po, plugins/sudoers/po/hu.mo,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po,
	plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po,
	plugins/sudoers/po/ko.mo, plugins/sudoers/po/ko.po,
	plugins/sudoers/po/lt.mo, plugins/sudoers/po/nb.mo,
	plugins/sudoers/po/nb.po, plugins/sudoers/po/nl.mo,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po,
	plugins/sudoers/po/ru.mo, plugins/sudoers/po/sk.mo,
	plugins/sudoers/po/sl.mo, plugins/sudoers/po/sr.mo,
	plugins/sudoers/po/tr.mo, plugins/sudoers/po/uk.mo,
	plugins/sudoers/po/uk.po, plugins/sudoers/po/zh_CN.mo,
	plugins/sudoers/po/zh_CN.po, po/cs.mo, po/cs.po, po/de.mo, po/de.po,
	po/es.mo, po/es.po, po/fr.mo, po/fr.po, po/hr.mo, po/hr.po,
	po/it.mo, po/it.po, po/ja.mo, po/ja.po, po/ko.mo, po/ko.po,
	po/nb.mo, po/nb.po, po/pl.mo, po/pl.po, po/pt_BR.mo, po/pt_BR.po,
	po/tr.mo, po/tr.po, po/uk.mo, po/uk.po, po/zh_CN.mo, po/zh_CN.po:
	sync with translationproject.org
	[8a4ab570d132]

2016-11-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/visudo.c, src/openbsd.c:
	Just use malloc_options "S" on OpenBSD instead of "AFGJPR".
	[2851cd2da1c7]

2016-11-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	Update year in license
	[e370bf3d1035]

2016-11-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	regen
	[d524f0306467]

	* doc/sudo.conf.cat, doc/sudoers.ldap.cat, doc/sudoreplay.cat:
	regen
	[185328ea20c3]

	* include/sudo_debug.h, lib/util/sudo_debug.c,
	plugins/sudoers/iolog.c, plugins/sudoers/policy.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/sudoers_debug.c,
	plugins/sudoers/visudo.c, src/sudo.c:
	Add SUDO_DEBUG_INSTANCE_ERROR return value for sudo_debug_register()
	and check for it in places where we check the return value of
	sudo_debug_register().
	[d1e74c5f21a6]

2016-11-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	update for 1.8.19
	[b248866c511d]

2016-11-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.ac, plugins/sudoers/getspwuid.c:
	Add support for getpwnam_shadow() on OpenBSD
	[4db7ed374c33]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, plugins/sudoers/policy.c, src/sudo.c:
	Add umask to user_info passed in from the front end to the plugin.
	[4a4eee52a717]

	* plugins/sudoers/auth/rfc1938.c:
	Fix sign compare warning.
	[8732d632cbff]

	* MANIFEST, aclocal.m4, configure, configure.ac, m4/ax_append_flag.m4,
	m4/sudo.m4:
	Use AX_APPEND_FLAG instead of SUDO_APPEND_CPPFLAGS and direct
	modification of LDFLAGS.
	[c1464dcd45e0]

	* MANIFEST, configure, configure.ac, plugins/sudoers/aixcrypt.exp:
	Remove aixcrypt.exp, it was a remnant of the 90's crypto wars where
	crypt() was not exported.
	[785d57666d41]

	* doc/TROUBLESHOOTING:
	Remove obsolete solaris issue with snprintf
	[3ce6cc899026]

	* INSTALL:
	SunOS 4.x is no longer supported
	[2239eb30ff2c]

2016-11-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/regress/sudo_conf/test1.in, lib/util/sudo_conf.c:
	Plug memory leak when a particular Path is set more than once.
	[debc97dac01d]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	Add sudo_ldap_is_negated() and sudo_ldap_is_negated() functions and
	use them to parse negated entries instead of doing it manually.
	[12010b64afe5]

	* plugins/sudoers/ldap.c:
	Fix printing of sudoedit_follow in "sudo -l"
	[2094a8f880c4]

	* plugins/sudoers/sssd.c:
	For "sudo -l" print sudoOption sudoedit_follow as FOLLOW.
	[9c860b1fa721]

	* config.h.in, configure, configure.ac, include/sudo_conf.h,
	lib/util/regress/sudo_conf/conf_test.c,
	lib/util/regress/sudo_conf/test1.out.ok, lib/util/sudo_conf.c,
	lib/util/util.exp.in, plugins/sudoers/policy.c, src/exec_common.c,
	src/load_plugins.c, src/parse_args.c:
	Always define _PATH_SUDO_NOEXEC, _PATH_SUDO_SESH,
	_PATH_SUDO_PLUGIN_DIR, even if only defined to NULL. This means the
	accessors can always be present.

	Use RTLD_PRELOAD_VAR instead of _PATH_SUDO_NOEXEC to tell when
	noexec is available.

	Add ENABLE_SUDO_PLUGIN_API and use it instead of
	_PATH_SUDO_PLUGIN_DIR to tell when the plugin API is available.

	Add sudo_conf_clear_paths() to clear the path values so the regress
	tests are not affected by compile-time settings.
	[2b05e4a143d9]

	* plugins/sudoers/ldap.c:
	Use readline() in sudo_ldap_read_secret()
	[3f0506e5cbe3]

2016-11-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/sudo_conf.c:
	Get rid of struct sudo_conf_paths and just use #defined index values
	to access the path values. Make all accessors available even when
	the feature is not enabled.
	[58d1ec6170a8]

	* configure, configure.ac, lib/util/Makefile.in, lib/zlib/Makefile.in,
	mkdep.pl, plugins/group_file/Makefile.in,
	plugins/sample/Makefile.in, plugins/sudoers/Makefile.in,
	plugins/system_group/Makefile.in, src/Makefile.in:
	Add ASAN_CFLAGS and ASAN_LDFLAGS and use -Wc prefix in ASAN_LDFLAGS
	to prevent libtool from strippign them out. Avoid using ASAN flags
	when building sudo_noexec.so.
	[9644dd92e586]

2016-11-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac:
	Disable noexec for HP-UX 10.x which probably doesn't support
	LD_PRELOAD
	[d87bc5ea4688]

	* config.h.in, configure, configure.ac, plugins/sudoers/getspwuid.c:
	Remove SunOS 4 support, it is not modern enough to run sudo.
	[b6e15f8360b6]

	* config.h.in, configure, configure.ac, plugins/sudoers/getspwuid.c:
	Remove HP-UX 9 support, it is not modern enough for sudo.
	[226dda48c1e1]

	* config.h.in, configure, configure.ac, plugins/sudoers/auth/passwd.c,
	plugins/sudoers/getspwuid.c:
	Remove Ultrix support, modern sudo can't run on Ultrix anyway.
	[95a11ef29a2b]

	* MANIFEST, configure, configure.ac, lib/util/sudo_conf.c,
	src/Makefile.in, src/exec_common.c,
	src/regress/noexec/check_noexec.c, src/sudo_exec.h:
	Add regress for noexec functionality
	[2cadd8e04677]

	* src/Makefile.in:
	Unbreak sudo_noexec on macOS where shared libraries and dynamic
	modules are different. We still want to install sudo_noexec.so
	without the "lib" prefix so some hackery is required.
	[93d7b69491a1]

	* configure, configure.ac:
	Don't enable noexec for AIX 5.0-5.2, we need 5.3 and above.
	[92cad0180239]

2016-11-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/Makefile.in:
	Need to link sudo_noexec.so with -ldl for dlsym() on some platforms.
	Otherwise, the wordexp(3) wrapper will fail due to an undefined
	symbol. Bug #761
	[120a317ce25b]

	* plugins/sudoers/visudo.c:
	In strict mode, go to the file/line with an undefined aliases or
	aliases cycle directly.
	[b4f51b79bd9e]

2016-11-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/visudo.cat, doc/visudo.man.in, doc/visudo.mdoc.in,
	plugins/sudoers/alias.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/parse.h,
	plugins/sudoers/regress/visudo/test2.err.ok,
	plugins/sudoers/regress/visudo/test3.err.ok,
	plugins/sudoers/visudo.c:
	Store the file/lineno for alias and userspec entries so we can
	provide that info if there is an error.
	[7deb4e41ca7b]

2016-11-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/rcstr.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l, plugins/sudoers/visudo.c,
	plugins/sudoers/visudo_json.c:
	Add simple reference-counted string allocator and use it for passing
	around references to the sudoers path. This lets us avoid making
	copies of the sudoers path for the errorfile as well as each
	Defaults entry.
	[afcff7b5b647]

	* lib/util/sha2.c:
	Cast len from size_t to uint64_t before bit shifting since we are
	adding to count which is also uint64_t. Quiets a PVS-Studio warning.
	[167210670b30]

2016-11-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/regress/visudo/test7.out.ok,
	plugins/sudoers/regress/visudo/test7.sh,
	plugins/sudoers/regress/visudo/test8.err.ok,
	plugins/sudoers/regress/visudo/test8.out.ok,
	plugins/sudoers/regress/visudo/test8.sh:
	Add checks for sudoers_locale early Defaults
	[582c08c9418c]

2016-11-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/defaults.c, plugins/sudoers/defaults.h,
	plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/ldap.c, plugins/sudoers/parse.c,
	plugins/sudoers/parse.h,
	plugins/sudoers/regress/parser/check_fill.c, plugins/sudoers/sssd.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c,
	plugins/sudoers/visudo_json.c:
	Go back to parsing Defaults entries in update_defaults instead of as
	sudoers is read. Otherwise, we cannot properly support early
	defaults like sudoers_locale.
	[ff1328a86b97]

2016-11-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/parse_args.c, src/sudo.c, src/sudo.h:
	Add the argument vector allocated for -s and -i mode to the garbage
	collector list. Avoids an ASAN warning on exit when the -s or -i
	flags are used.
	[652691a5216b]

2016-11-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog.c:
	add missing sudo_pw_delref/sudo_gr_delref to plug memory leak
	[c4ba4c26e0c1]

	* mkpkg:
	Use expr instead of POSIX sh numerical expression to avoid a syntax
	error on older shells.
	[638383bb40d5]

2016-11-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, include/sudo_plugin.h:
	Bump plugin minor version to 10 for sudo_mode, sudo_group and
	sudo_user.
	[0c65dc1f2874]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	Fix a bug in host matching where a negated sudoHost entry would
	prevent other sudoHosts following it from matching.
	[40cbd5790106]

	* plugins/sudoers/defaults.c:
	Zero out sd_un before calling parse_default() so we don't try to
	free stack garbage in the ldap/sssd backends.
	[6b64a8e3a19d]

2016-11-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	Use "ret", not "rc" for the function return value.
	[fdfe637adee6]

	* include/sudo_compat.h, lib/util/strtomode.c,
	plugins/sudoers/defaults.c, plugins/sudoers/goodpath.c,
	plugins/sudoers/logging.c, plugins/sudoers/policy.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/timestamp.c,
	plugins/sudoers/visudo.c, src/sesh.c, src/sudo.c, src/sudo_edit.c:
	Use sys/stat.h defines instead of bare octal values.
	[215c80e09830]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, doc/sudoers.cat, doc/sudoers.man.in,
	doc/sudoers.mdoc.in, plugins/sudoers/iolog.c,
	plugins/sudoers/policy.c:
	Pass iolog mode, group and user from policy plugin to I/O log
	plugin.
	[1ed4967771c8]

2016-11-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/defaults.c, plugins/sudoers/defaults.h,
	plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/ldap.c, plugins/sudoers/parse.h,
	plugins/sudoers/regress/parser/check_fill.c, plugins/sudoers/sssd.c:
	Instead of parsing sudoers Defaults twice, parse once while reading
	sudoers and then just set the parsed value in update_defaults().
	[370d51681c6e]

	* plugins/sudoers/defaults.c:
	Use "struct defaults *d" instead of "struct defaults *def"
	throughout for consistency and to avoid confusino with "struct
	def_values *def". Use "str" not "var" for the string argument to
	convert and store in sd_un for the store_* functions.
	[5cc3efc609df]

	* plugins/sudoers/parse.c:
	In display_bound_defaults() rename dtype arg -> deftype.
	[b3323960e1db]

2016-11-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/regress/sudo_conf/test4.err.ok,
	lib/util/regress/sudo_conf/test5.err.ok,
	plugins/sudoers/regress/visudo/test2.err.ok,
	plugins/sudoers/regress/visudo/test3.err.ok:
	Update error output to match quoting changes.
	[27bbf5004d1e]

	* plugins/sudoers/defaults.c:
	Avoid passing in a struct sudo_defs_types pointer to the store
	functions. Pass in a pointer to the union to fill instead.
	[ea956d00aae3]

	* plugins/sudoers/defaults.h:
	no longer need struct defaults forward referebce
	[21e34ca85de5]

2016-11-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/sudo_conf.c, plugins/sudoers/alias.c,
	plugins/sudoers/defaults.c, plugins/sudoers/logging.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/visudo.c,
	plugins/sudoers/visudo_json.c, src/load_plugins.c:
	Use "double quotes" in messages instead of a combination of the
	accent (grave) mark and apostrophe.
	[10dee3ecf3e1]

	* plugins/sudoers/defaults.c, plugins/sudoers/defaults.h,
	plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	Add file:linenumber prefix to all Defaults warnings so we can see
	them when running sudo too. For LDAP/SSSD we print the sudoRole
	instead of the file name and omit the line number.
	[5c6b95cd3792]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	Use sudoedit in examples instead of "sudo vi"
	[6008c208682c]

2016-11-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/parse.c, plugins/sudoers/parse.h,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c,
	plugins/sudoers/visudo_json.c:
	Only treat an unknown Defaults entry as a parse error in visudo, not
	in sudo itself.
	[8d8aa7ac5a32]

	* plugins/sudoers/defaults.c, plugins/sudoers/defaults.h,
	plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/visudo.c:
	Instead of checking Defaults values after the fact, check them at
	sudoers parse time. This makes it possible to display the file and
	line number with the problem and for visudo to go right to the
	error.
	[ac66bd690d05]

	* plugins/sudoers/alias.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/parse.h:
	Refactor freeing of a member_list into free_members().
	[d29daa01bb9c]

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y:
	add_defaults() now calls sudoerserror() itself instead of the caller
	assuming any error means out of member.
	[a25e51321e0b]

	* plugins/sudoers/defaults.c, plugins/sudoers/mkdir_parents.c:
	s/rval/ret/g -- old habits die hard
	[fa55d08b233a]

2016-10-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c:
	Remove inaccurate XXX comment, sudo_file_parse() sends mail on parse
	error.
	[052b0e112839]

	* plugins/sudoers/visudo.c:
	The fix for Bug #408 broke editing of files in an include dir that
	have a syntax error. Normally, visudo does not edit those files, but
	if a syntax error is detected in one, the user gets a chance to fix
	it.
	[6b00f9bfff31]

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/sudoers.h, plugins/sudoers/visudo.c,
	plugins/sudoers/visudo_json.c:
	Make a copy of the current sudoers path when assigning errorfile.
	Fixes a potential use after free in visudo when there is an error in
	one of the include files.
	[eb6db5d15b61]

	* plugins/sudoers/sudoers_debug.c:
	sudoers_debug_register() was not setting the active debug instance
	to sudoers_debug_instance when called from the I/O log plugin. This
	is because it relied on sudo_debug_register to do that but
	sudoers_debug_parse_flags() doesn't set debug_files[]
	sudoers_debug_instance is already set (we can only init sudoers
	debug once).

	To work around this, just make sudoers_debug_instance the active
	debug instance in sudoers_debug_register() when it is already set.
	[71b0221c8c28]

	* src/load_plugins.c:
	Fix pasto when setting I/O plugin debug files
	[03c3aab22e65]

	* plugins/sudoers/iolog.c:
	use cp instead of *cur when comparing against plugin_path
	[f2dfe69549f5]

2016-10-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/mkdir_parents.c:
	In sudo_mkdir_parents() inherit the gid of / instead of using gid 0
	for the first component.
	[5f2bf33bccb5]

	* plugins/sudoers/iolog.c:
	We want to inherit the gid from the parent directory when not
	setting permissions on intermerdiate directories.
	[845f5a20b5fa]

2016-10-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/iolog.c,
	plugins/sudoers/mkdir_parents.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/timestamp.c:
	Move io_mkdir_parents() to its own file and use it in ts_mkdirs().
	[c1d55f588a60]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/defaults.c,
	plugins/sudoers/iolog.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	Make the I/O log file/dir permissions and owner configurable.
	[e7a74f3dfa56]

	* lib/util/Makefile.in, mkdep.pl:
	Add vsyslog.lo
	[18362a9ae32e]

	* configure, configure.ac:
	sudo 1.8.19
	[97743604e6e3]

2016-10-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/defaults.c:
	Don't try to syntax check an unrecognized Defaults value in visudo.
	[e4972655b5d3]

2016-10-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog.c:
	Create I/O log files with the same gid as the parent directory.
	[0da5824e006d]

	* plugins/sudoers/ldap.c:
	Check for sudo_ldap_result_last_search() returning NULL. This can't
	happen in practice because we always call
	sudo_ldap_result_add_search() first which guarantees there is a
	result to be found. Quiets a PVS-Studio warning.
	[4f6074f40fbc]

	* src/exec_pty.c:
	Quiet a PVS-Studio warning about the spin loop when waiting for the
	parent to assign us the terminal pgrp.
	[d063a283477b]

	* plugins/sudoers/env.c:
	Fix incorrect strncmp() lengths. The check for USERNAME was only
	looking at the first 5 characters (copy and paste error). The check
	for SUDO_PS1 was not checking the trailing '=' character (off by one
	error). Found by PVS-Studio.
	[297380eb6940]

	* plugins/sudoers/env.c:
	When checking for old-style bash functions in the environment, check
	for values starting with "() " (note the trailing space) rather than
	"()". Bash will only treat the value as a function if the space
	after "()" is present. The trailing space was already present in the
	compare string but when it was added, the length passed to strncmp()
	was not updated from 3 to 4. Found by PVS-Studio. No security
	impact.
	[7e35f39d356b]

	* plugins/sudoers/set_perms.c:
	Add some missing casts from uid_t/gid_t to int when printing uid/gid
	values. We print these as signed so a value of -1 (no change) is
	obvious. Quiets PVS-Studio warnings.
	[9773e5b166e1]

	* plugins/sudoers/timestamp.c:
	def_timestamp_timeout is a double so compare against 0.0 not 0 to
	avoid making it appear to be an integer type.
	[8675db470ab7]

	* plugins/sudoers/defaults.c:
	When checking syslog facility or priority, move the string compare
	into the body of the loop and return if it matches. If we finish the
	loop it means we didn't find a match. This makes the code a little
	bit more readable.
	[d1df1649a01e]

	* lib/util/strlcpy.c, lib/util/strnlen.c, plugins/sudoers/defaults.c,
	plugins/sudoers/env.c, plugins/sudoers/logging.c,
	plugins/sudoers/visudo_json.c, src/env_hooks.c, src/exec_pty.c:
	Replace bare ";" in the body of for() loops with "continue;" for
	improved readability.
	[92eff8dbe5f8]

2016-10-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.guess, config.sub:
	Update from http://git.savannah.gnu.org/gitweb/?p=config.git
	[86e6144dfdd7]

	* config.guess, config.sub, configure, ltmain.sh, m4/libtool.m4,
	m4/ltoptions.m4, m4/ltsugar.m4, m4/ltversion.m4, m4/lt~obsolete.m4:
	Update to libtool 2.4.6
	[8d85d9e8687b]

2016-10-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/vsyslog.c:
	Use a static buffer if possible.
	[758ce6478994]

	* MANIFEST, configure, configure.ac, include/sudo_compat.h,
	lib/util/vsyslog.c, plugins/sudoers/logging.c:
	add vsyslog() for systems without it.
	[c6457f333252]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	There are now 14 tag values, not 10. Don't bother mentioning the
	number since it keeps increasing. Bug #759
	[17e4c900dc12]

2016-10-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.ac, plugins/sudoers/logging.c:
	Use vsyslog() if available.
	[ea9b7a51eaec]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/defaults.c,
	plugins/sudoers/logging.c:
	Add syslog_maxlen to control the max size of syslog messages.
	[5f9872d2073f]

2016-10-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/tgetpass.c:
	Don't generate SIGTOU when restoring the terminal modes. It doen't
	make sense to suspend the process only to restore the terminal
	settings since in this case the shell has already taken ownership of
	the tty.
	[981c26f3fc8f]

	* plugins/sudoers/sudoreplay.c, src/exec_pty.c, src/tgetpass.c:
	The flush parameter of sudo_term_restore() is bool, not int.
	[c2597f1881f3]

2016-10-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.conf.cat, doc/sudo.conf.man.in, doc/sudo.conf.mdoc.in:
	Add wordexp() to the list of functions wrapped by sudo_noexec.so.
	[2e847ce3f02f]

2016-10-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo_noexec.c:
	Need RTLD_NEXT for wordexp() on dlopen() systems. It is missing on
	AIX 5.1 at least.
	[167a518d8129]

	* src/sudo_noexec.c:
	add missing guard around wordexp()
	[7b8357b0a358]

	* NEWS:
	expand on 1.8.18p1 changes
	[f560e06ad584]

2016-10-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, configure, configure.ac:
	sudo 1.8.18p1
	[a36e17d1c5db]

	* config.h.in, configure, configure.ac, src/sudo_noexec.c:
	Fix configure check for seccomp filter on Linux
	[5d88d7cda853]

2016-10-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.ac, src/sudo_noexec.c:
	Use a seccomp filter on Linux to disable execve(2) and execveat(2).
	This still relies on LD_PRELOAD to work so it has the same issues as
	the existing mether with respect to running 32-bit binaries on a
	64-bit kernel.
	[59d76bdc0f0c]

	* src/Makefile.in:
	regen
	[9e313cb0900b]

	* plugins/sudoers/Makefile.in:
	regen
	[5ca77049e5cd]

2016-10-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* aclocal.m4, config.h.in, configure, configure.ac, src/sudo_noexec.c:
	Wrap wordexp(3) in sudo_noexec.
	[e7d09243e51b]

2016-09-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in:
	Clean .json files created by "make check"
	[d214117fbda1]

2016-09-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* po/ca.mo, po/da.mo, po/eo.mo, po/es.mo, po/eu.mo, po/fi.mo,
	po/gl.mo, po/hr.mo, po/hu.mo, po/ko.mo, po/nl.mo, po/ru.mo,
	po/sk.mo, po/sl.mo, po/sr.mo, po/tr.mo:
	recompile .po files
	[3d91cbf75744]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	Fix matching when no sudoRunAsUser is present in a sudoRole. If only
	a sudoRunAsGroup is present, match on the invoking user if the -g
	option was specified and the group matched. If no sudoRunAsGroup is
	present and the -g option was specified, allow it if it matches the
	passwd gid of the runas user. This matches the behavior of the
	sudoers backend.
	[e1a52c34da5e]

	* plugins/sudoers/match.c:
	runas_pw can no longer be NULL
	[020c6ddcae11]

2016-09-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	RunAsGroup without RunAsUser issues
	[52d1547c9d3a]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	user_matched and group_matched must be type int, not bool
	[204d8de97a05]

	* plugins/sudoers/ldap.c, plugins/sudoers/match.c,
	plugins/sudoers/parse.h, plugins/sudoers/sssd.c:
	Use RUNAS_USER_SPECIFIED and RUNAS_GROUP_SPECIFIED when deciding
	whether to check runas user/group instead of checking runas_pw or
	runas_gr.
	[d17f223e8313]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	When matching against runas_default use userpw_matches() instead of
	just strcasecmp().
	[ce70077c5861]

	* plugins/sudoers/testsudoers.c:
	Set RUNAS_USER_SPECIFIED when -u is specified and/or
	RUNAS_GROUP_SPECIFIED when -g is specified.
	[fa7a1035a058]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	Fix printing of the default runas user when a RunAsGroup is
	specified but no RunAsUser is present.
	[c05dabd194a1]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	Only match against runas_default if both sudoRunAsUser and
	sudoRunAsGroup are missing.
	[019084f428b2]

	* plugins/sudoers/match.c:
	runas_pw can no longer be NULL here
	[e73dcebafa15]

	* plugins/sudoers/ldap.c, plugins/sudoers/match.c,
	plugins/sudoers/parse.h, plugins/sudoers/sssd.c:
	Update check for whether or not the runas user was set in the ldap
	and sssd backends to match the sudoers file backend. Introduces the
	runas_user_set() macro to improve readability. Previously, runas_pw
	was set late, now it is set before checking sudoers.
	[d8280d8a96c9]

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in:
	Document that negated sudoHosts are only supported by 1.8.18 and
	higher.
	[f56824fe61bc]

	* plugins/sudoers/Makefile.in,
	plugins/sudoers/regress/testsudoers/test4.sh,
	plugins/sudoers/regress/testsudoers/test5.sh:
	Disable Address Sanitizer leak detection for tests which generate
	parse errors. The parser leaks a bit on error.
	[4b0ddb11df3a]

	* plugins/sudoers/sssd.c:
	Fix underflow in get_ipa_hostname() when trimming trailing
	whitespace.
	[875f2f5cd363]

2016-09-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Document negated sudoHost entries.
	[41d9853f89f7]

	* plugins/sudoers/sssd.c:
	Support negated sudoHost entries.
	[7c25f9111633]

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in:
	Document negated sudoHost entries.
	[6c8444c6bc6c]

	* plugins/sudoers/ldap.c:
	Support negated sudoHost entries.
	[1899906b8ef4]

2016-09-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/match.c:
	Don't check the username when matching a host netgroup unless
	def_netgroup_tuple is enabled.
	[238c8064542f]

	* plugins/sudoers/match.c:
	Move valid domain name check into a new valid_domain() function. Fix
	memory leak if getdomainname(2) fails and avoid using heap garbage
	for the domain name matching in this case.
	[946f2441c90a]

2016-09-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po, po/it.mo,
	po/it.po:
	sync with translationproject.org
	[40eab0801eae]

2016-09-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_pty.c:
	Add back line mistakenly removed in 0cf2a9351740
	[8622c83c1474]

	* plugins/sudoers/po/nb.mo, plugins/sudoers/po/nb.po, po/nb.mo,
	po/nb.po:
	sync with translationproject.org
	[f180826bb77b]

2016-09-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Bug #757
	[de67bc9e26f8]

	* plugins/sudoers/sudoers.c:
	Fix typo that broke short host name matching when the fqdn flag is
	enabled. Bug #757
	[605c03afc80f]

2016-09-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/sudo_debug.h, lib/util/aix.c, lib/util/fnmatch.c,
	lib/util/getgrouplist.c, lib/util/secure_path.c,
	lib/util/setgroups.c, lib/util/strtoid.c, lib/util/sudo_conf.c,
	lib/util/sudo_debug.c, plugins/sample/sample_plugin.c,
	plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/securid5.c,
	plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/check.c,
	plugins/sudoers/env.c, plugins/sudoers/goodpath.c,
	plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/interfaces.c, plugins/sudoers/iolog.c,
	plugins/sudoers/ldap.c, plugins/sudoers/logging.c,
	plugins/sudoers/match.c, plugins/sudoers/parse.c,
	plugins/sudoers/policy.c, plugins/sudoers/pwutil.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/timestamp.c, plugins/sudoers/visudo.c,
	plugins/sudoers/visudo_json.c, src/env_hooks.c, src/exec.c,
	src/exec_pty.c, src/get_pty.c, src/hooks.c, src/load_plugins.c,
	src/regress/ttyname/check_ttyname.c, src/selinux.c, src/signal.c,
	src/sudo.c, src/sudo_edit.c, src/tgetpass.c, src/ttyname.c,
	src/utmp.c:
	Be consistent with the naming of the variable used to store the
	function return value. Previously, some code used "rval", some used
	"ret". This standardizes on "ret" and uses "rc" for temporary return
	codes.
	[017866310d24]

2016-09-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/ca.po, plugins/sudoers/po/cs.mo,
	plugins/sudoers/po/cs.po, plugins/sudoers/po/da.po,
	plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/el.po, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/eu.po, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/fr.po, plugins/sudoers/po/hr.po,
	plugins/sudoers/po/hu.po, plugins/sudoers/po/it.po,
	plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po,
	plugins/sudoers/po/ko.po, plugins/sudoers/po/lt.po,
	plugins/sudoers/po/nb.po, plugins/sudoers/po/nl.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po,
	plugins/sudoers/po/ru.po, plugins/sudoers/po/sk.po,
	plugins/sudoers/po/sl.po, plugins/sudoers/po/sr.po,
	plugins/sudoers/po/sv.mo, plugins/sudoers/po/sv.po,
	plugins/sudoers/po/tr.po, plugins/sudoers/po/uk.mo,
	plugins/sudoers/po/uk.po, plugins/sudoers/po/vi.mo,
	plugins/sudoers/po/vi.po, plugins/sudoers/po/zh_CN.mo,
	plugins/sudoers/po/zh_CN.po, po/ca.po, po/cs.mo, po/cs.po, po/da.po,
	po/de.mo, po/de.po, po/eo.po, po/es.po, po/eu.po, po/fi.po,
	po/fr.mo, po/fr.po, po/gl.po, po/hr.po, po/hu.po, po/it.po,
	po/ja.mo, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/pl.mo,
	po/pl.po, po/pt_BR.mo, po/pt_BR.po, po/ru.po, po/sk.po, po/sl.po,
	po/sr.po, po/sv.mo, po/sv.po, po/tr.po, po/uk.mo, po/uk.po,
	po/vi.mo, po/vi.po, po/zh_CN.mo, po/zh_CN.po:
	sync with translationproject.org
	[6312962695df]

	* MANIFEST, NEWS, doc/CONTRIBUTORS, po/nn.mo, po/nn.po:
	Norwegian Nynorsk translation of sudo from translationproject.org
	[05203a266265]

	* NEWS:
	Fix for Bug #756
	[89ff21579216]

2016-09-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c:
	In sudoers_main() avoid setting rval prematurely. Prevents a crash
	when auditing fails after successfully authenticating. Bug #756
	[d17a06bce04c]

	* plugins/sudoers/defaults.c:
	Apply match_group_by_gid early.
	[1259c7fd66ca]

2016-09-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	update
	[292a9e21474e]

	* src/ttyname.c:
	Don't disable large file support for Linux, just SVR4-style /proc.
	Otherwise, stat(2) may fail on Linux when running a 32-bit sudo on a
	64-bit machine. Bug #755
	[09450ce8b8a8]

2016-09-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/sudo_util.h:
	Make sudo_parseln() flags hex to make it more obvious that they are
	bit flags.
	[b912a078047e]

	* plugins/sudoers/env.c:
	Don't try to support line continuation in /etc/environment.
	[d7e30e821c0e]

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in, plugins/sudoers/ldap.c:
	No line continuation support in ldap.conf.
	[211caaba2395]

	* include/sudo_util.h, lib/util/parseln.c:
	Add flag to sudo_parseln() to disable line continuation support.
	[d2820247fc07]

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in:
	A comment character ('#') is only special at the beginning of the
	line.
	[b3b67b7e4fc0]

	* include/sudo_util.h, lib/util/parseln.c,
	lib/util/regress/sudo_parseln/parseln_test.c, lib/util/sudo_conf.c,
	lib/util/util.exp.in, plugins/sudoers/env.c, plugins/sudoers/ldap.c,
	plugins/sudoers/sudo_nss.c:
	Add a flags option to sudo_parseln() and a flag to only mach
	comments at the beginning of the line. Use the flag when parsing
	ldap.conf.
	[40c560fc9a10]

	* src/sudo.c:
	If get_process_ttyname() fails for errno != ENOENT, just warn
	instead of making it a fatal error. Bug #755
	[1a028b861801]

2016-08-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/mkdefaults:
	use strict
	[681281bc0f6d]

	* plugins/sudoers/def_data.h, plugins/sudoers/mkdefaults:
	Define def_foo in terms of the I_FOO index instead of a bare number.
	[abb119f84ae6]

	* plugins/sudoers/po/cs.mo, plugins/sudoers/po/cs.po,
	plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/hr.mo, plugins/sudoers/po/hr.po,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po,
	plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po,
	plugins/sudoers/po/nb.mo, plugins/sudoers/po/nb.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po:
	sync with translationproject.org
	[d339717f8692]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Mention that match_group_by_gid has no effect when sudoers is stored
	in LDAP.
	[5eb6ae45c699]

	* include/sudo_compat.h, src/sudo.c:
	Use W_EXITCODE to construct the wait status if sudo could not
	execute the command. Fixes the sudo exit value for exec(3) failure.
	[95eae2d60292]

	* src/exec.c:
	fix brace style
	[54448c10b6b5]

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	regen
	[794b06ba727b]

	* src/sudo.c:
	It is possible for get_user_info() to fail for reasons other than
	ENOMEM so print the warning message there rather than in main().
	[8c24df8d6b78]

2016-08-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	match_group_by_gid is only available in sudo 1.8.18 and above
	[dd237eb540d0]

	* doc/UPGRADE:
	Mention match_group_by_gid
	[417f27e9059a]

	* NEWS, doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document match_group_by_gid
	[2234997acb8d]

	* plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/pwutil.c:
	Add match_group_by_gid Defaults option to allow sites with slow
	group lookups and a small number of groups in sudoers to match
	groups by group ID instead of by group name.
	[20714580da96]

2016-08-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Mention "sudo -l command" bug fix.
	[cb8ade186880]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	Fix "sudo -l command" in the LDAP and SSS backends when the command
	is not allowed.
	[631038350b2a]

2016-08-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/defaults.c:
	Use sudo_strsplit() instead of doing the equivalent manually.
	[9eb6d1cc78bd]

2016-08-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Move SIGPIPE bug fix to 1.8.18 where it belongs
	[52509fd0100e]

	* plugins/sudoers/defaults.c:
	Fix memset size typo in previous commit.
	[e00299f7c50f]

	* plugins/sudoers/regress/visudo/test6.out.ok,
	plugins/sudoers/regress/visudo/test6.sh:
	Add regress for check_defaults() use-after-free bug.
	[0b362678ca10]

	* MANIFEST, plugins/sudoers/defaults.c:
	Fix use-after-free in check_defaults(), reported by Radovan Sroka of
	RedHat.
	[ab3a4227c12f]

2016-08-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	SIGPIPE bug fix
	[24c9a12f7e59]

	* src/signal.c:
	Now that we ignore SIGPIPE in sudo we need to restore it at exec
	time. Problem reported by Radovan Sroka of RedHat.
	[3cfa7e3510ff]

2016-08-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkpkg:
	Fix appending to make_opts
	[abe28b6b7663]

	* NEWS:
	Add Bug #753 and fix reference to Bug #752.
	[e8c959e1cd6c]

2016-08-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po,
	plugins/sudoers/po/nb.mo, plugins/sudoers/po/nb.po,
	plugins/sudoers/po/sr.mo, plugins/sudoers/po/sr.po, po/da.mo,
	po/da.po, po/pt_BR.mo, po/pt_BR.po:
	sync with translationproject.org
	[219c3f0aeee7]

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	regen pot files
	[d0c56a4ff553]

2016-08-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Update with logging changes.
	[f41beca23b99]

	* plugins/sudoers/logging.c:
	Avoid duplicate warnings when we cannot write to the log file. Also
	send the warning in mail if possible.
	[9b8509cff137]

	* plugins/sudoers/iolog.c, src/exec_pty.c, src/sudo.c, src/sudo.h:
	Move the ignoring of I/O log plugin errors into the I/O log plugin
	itself.
	[25b7fd056614]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/defaults.c,
	plugins/sudoers/iolog.c, plugins/sudoers/policy.c,
	plugins/sudoers/sudoers.c, src/exec_pty.c, src/sudo.c, src/sudo.h:
	Make the behavior when we cannot write to a log or audit file
	configurable. File log failures are ignored by default for
	consistency with syslog. Audit errors are ignored by default to
	allow the admin to fix the issue. I/O log file errors are still
	fatal by default since if I/O logging is activated it is usually to
	have an audit trail. Bug #751
	[dbd085e7c736]

2016-08-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/logging.c:
	Make sure we print an error message to stderr (and not just send
	mail) if do_logfile() fails. Bug #751
	[7884a23a0cdc]

2016-08-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/pwutil.c:
	Separate out the supplemental group ID checks from the supplemental
	group name checks in user_in_group(). We now call sudo_get_gidlist()
	only when the group name in sudoers begins with a '#' (which is
	seldom used).
	[80534785d8b7]

	* plugins/sudoers/ldap.c, plugins/sudoers/policy.c,
	plugins/sudoers/pwutil.c, plugins/sudoers/pwutil.h,
	plugins/sudoers/pwutil_impl.c, plugins/sudoers/set_perms.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h:
	Cache the user's group IDs and group names separately and only
	resolve group IDs -> names when needed. If the sudoers file doesn't
	contain groups we will no longer try to resolve all the user's group
	IDs to names, which can be expensive on some systems.
	[8ce3564e896e]

2016-08-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/defaults.c:
	Remove the "op" parameter from all the store_foo() functions except
	store_list() where it is actually needed. For the others, a NULL
	value indicates the setting was negated. This unconfuses static
	analyzers (and perhaps humans too).
	[fca031b57f15]

	* plugins/sudoers/defaults.c:
	Flags always have a NULL value. Regression introduced by refactor of
	set_default_entry().
	[71fe4fad097b]

	* plugins/sudoers/defaults.c:
	Set rc to true when setting a flag Defaults value.
	[cf016b6aedd4]

	* src/utmp.c:
	suppress a cppcheck false positive
	[0d44aa7cf05c]

	* plugins/sudoers/defaults.c:
	Refactor the error parts of set_default_entry() so the switch() is
	mostly just calls to store_foo() functions. Avoids a lot of
	duplicated error checking and silences a cppcheck false positive.
	[1112b894007c]

	* plugins/sudoers/defaults.c:
	In set_default_entry() check for unsupported Defaults type.
	[beb1ae20179f]

	* lib/util/aix.c:
	Add missing break in switch that sets the max limit for
	RLIMIT_NOFILE. Found by cppcheck.
	[39b1979b1b92]

	* plugins/sudoers/defaults.c:
	Check sudoers_initlocale return value and treat as oom. Coverity CID
	141832
	[b1cad9d6c49d]

2016-08-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/match.c, plugins/sudoers/parse.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/testsudoers.c:
	Set runas_pw early and adjust runaslist_matches() to deal. Since we
	now set runas_default early there is no need to call update_defaults
	with SETDEF_RUNAS after sudoers has been parsed.
	[35e0b08219a8]

2016-08-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/defaults.c, plugins/sudoers/group_plugin.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/testsudoers.c:
	Load sudoers group plugin via an early callback.
	[0fc4382cd6e4]

	* sudo.pp:
	System Integrity Protection on Mac OS X won't allow us to write
	directly to /etc or /var. We must install in /private/{etc,var}
	instead.
	[831c78241e78]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document that fqdn, runas_default and sudoers_locale are parsed
	early.
	[beb4868c449e]

	* doc/sudo.cat, doc/sudo.conf.cat, doc/sudo_plugin.cat,
	doc/sudoers.cat, doc/sudoers.ldap.cat, doc/sudoreplay.cat,
	doc/visudo.cat:
	Regen for 1.8.18
	[eb4feabb8fee]

2016-08-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/defaults.h, plugins/sudoers/ldap.c,
	plugins/sudoers/sssd.c:
	Avoid passing around struct defaults when it is not needed. As a
	result, we no longer need to include gram.h in the LDAP and SSSD
	backends.
	[14d0bfdc8bd2]

	* plugins/sudoers/defaults.c, plugins/sudoers/defaults.h,
	plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	Instead of deferring setting early defaults until we have traversed
	the entire defaults list, just defer running the callbacks.
	Otherwise, if the last early default setting we see has a bad value
	we won't set any defaults of that type even if there was an earlier
	one that was valid.
	[552863e5a097]

	* plugins/sudoers/defaults.c:
	Run callbacks once in set_default_entry() instead of each of the
	store_foo() functions.
	[b92b51c67845]

2016-08-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkpkg:
	Use /proc/cpuinfo on Linux instead of running lscpu
	[450ea436dbe4]

	* mkpkg:
	If using GNU make on a multi-cpu system, use the -j flag to run make
	jobs in parallel, up to the number of cpus/cores.
	[7a6670de96dc]

2016-07-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/visudo.c:
	Only check SUDO_USER if euid is 0
	[f42d00c94817]

2016-07-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/visudo.c:
	Initialize sudo_user based on the SUDO_USER environment variable if
	present. This allows things like :Defaults:username editor=foo" to
	work when visudo is run via sudo.
	[a526d6f74198]

2016-07-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_pty.c:
	Add function name in "command resumed" debug message
	[e209f199a79f]

	* src/exec_pty.c:
	If waitpid() returns 0 or -1, display a warning, this should never
	happen. Add a check for unhandled wait status (also should never
	happen).
	[983a0b79b527]

	* plugins/sudoers/defaults.c:
	Flag settings have a NULL value so we can't use that to test whether
	an entry in struct early_default is set or not. Add a "set" member
	and use that instead.
	[68a7c0de9b0e]

2016-07-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_pty.c:
	Explicitly check for a continued process with waitpid(2). Otherwise,
	waitpid() will return 0 when the command is resumed after being
	suspended, which we were treating the same as -1. Fixes suspend and
	resume on Linux and probably others.
	[54a464b116ad]

	* plugins/sudoers/defaults.c:
	Fix --with-fqdn, the value should be NULL since it is a flag.
	[95bc8b82911e]

	* plugins/sudoers/defaults.c, plugins/sudoers/defaults.h,
	plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	Add support for early defaults to the ldap and sssd backends.
	[3a034360c177]

2016-07-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo_edit.c:
	Repair symlink check in sudo_edit_openat_nofollow() on systems
	without O_NOFOLLOW, it must be done relative to dfd. Previously the
	lstat() would always fail, possibly leading to a false positive.
	Also add an early symlink check like in sudo_edit() while here.
	[f72901c7f7cc]

	* src/sudo_edit.c:
	On systems that lack the O_NOFOLLOW open(2) flag, check in
	sudo_edit_open() whether the path to be opened is symlink before
	opening it. This is racey but we detect losing the last post-open
	and it is better to fail early if possible. When editing a link to a
	non-existent file, a zero-length file will be left behind but it is
	too dangerous to try and remove it after the fact. Bug #753
	[dac04f305262]

	* src/sudo_edit.c:
	Update debug_decl for sudo_edit_openat_nofollow() Remove unused
	variables when O_NOFOLLOW is not present.
	[8dc0afb1de58]

2016-07-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/defaults.c, plugins/sudoers/visudo.c:
	Split set_default_entry() out of set_default() so we can call it
	from check_defaults() to validate the defaults value. In visudo,
	suppress warnings from update_defaults() and rely on
	check_defaults() to provide warnings.
	[7d9b50f42d0b]

	* plugins/sudoers/defaults.c:
	Split binding match code out of default_type_matches() into
	default_binding_matches(). We can now use default_type_matches() in
	check_defaults().
	[c158768b12c5]

	* plugins/sudoers/visudo.c:
	Pass quiet flag to init_parser() and update_defaults() when doing
	first parse of sudoers.
	[3af76c1a0d84]

2016-07-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/defaults.c, plugins/sudoers/defaults.h,
	plugins/sudoers/ldap.c, plugins/sudoers/parse.c,
	plugins/sudoers/sssd.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c:
	Update defaults in visudo after sudoers has been edited so we pick
	up locale changes. The init_defaults() function will now re-init the
	sudoers locale.
	[ceb099392289]

2016-07-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/testsudoers.c:
	Set sudoers locale before calling sudoersparse(). We don't need to
	restore the user's locale since warnings are displayed in the user's
	locale anyway.
	[c44a38a496d1]

	* plugins/sudoers/visudo.c:
	Set the locale to the sudoers locale when parsing and restore the
	user's locale afterward. Also set the warn/fatal locale helper
	function so warning messages during a sudoers parse are displayed in
	the user's own locale.
	[a0b2cdb69d43]

	* plugins/sudoers/logging.h:
	Add forward decl of union sudo_defs_val to silence a gcc warning.
	[9e717510f132]

	* plugins/sudoers/sudoers.c:
	Set the warn/fatal locale helper function in sudoers_policy_init()
	so warning messages during sudoers loading are displayed in the
	user's own locale.
	[b6c7bab1ca80]

	* plugins/sudoers/locale.c, plugins/sudoers/logging.h,
	plugins/sudoers/sudoers.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/visudo.c:
	Move sudoers locale callback function to locale.c and user it in
	visudo and testsudoers.
	[7c4e9a71e252]

	* plugins/sudoers/sudoers.c:
	In cb_sudoers_locale() actually set the locale in addition to
	storing its name. Otherwise, it won't take effect until sudoers
	lookup time.
	[ceb446c2168b]

	* plugins/sudoers/defaults.c:
	Fix regression that would cause early defaults entries to be set
	multiple times.
	[5f5cd02d5f0f]

	* NEWS, configure, configure.ac:
	sudo 1.8.18
	[7c778904c39b]

2016-07-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/defaults.c, plugins/sudoers/sudoers.c:
	Only set early defaults once, regardless of how many times the
	variable is set in sudoers. This avoids running an early callback
	more than once. For example, we don't want to call cb_fqdn() if sudo
	is compiled with FQDN set but sudoers has "Defaults !fqdn".
	[0c5d80939ea2]

	* plugins/sudoers/defaults.c, plugins/sudoers/defaults.h:
	Make strings const in functions that set defaults as they are not
	modified.
	[d01f22ab1902]

	* plugins/sudoers/sudoers.c:
	In cb_fqdn() just return if the fqdn flag is set to false.
	[0cb3d78aa944]

2016-07-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/defaults.c:
	Implement callbacks for defaults flags (T_FLAG).
	[936adcc98800]

	* plugins/sudoers/sudoers.c:
	add debug_decl for cb_runas_default and cb_sudoers_locale
	[4667b1e14172]

	* plugins/sudoers/defaults.c, plugins/sudoers/sudoers.c:
	Convert fqdn to a callback and add it to the list of early defaults.
	[df863787cf5e]

	* plugins/sudoers/defaults.c, plugins/sudoers/defaults.h,
	plugins/sudoers/iolog.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/testsudoers.c:
	Change defaults callbacks to take a union sudo_defs_val * instead of
	a char *.
	[c7730fa19e46]

	* plugins/sudoers/defaults.c:
	When updating defaults, process certain values fist since they can
	influence how other defaults are parsed. Currently, runas_default
	and sudoers_locale are processed early.
	[32062737a1ae]

2016-07-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/toke_util.c:
	Fix typo introduced in last commit to fix fill_args() overflow
	check.
	[535d13b81c5d]

	* plugins/sudoers/toke_util.c:
	Fix underflow checl in fill_args().
	[2c6852e65ad6]

	* plugins/sudoers/toke_util.c:
	Make sure we account for the trailing NUL when computing arg_size in
	fill_args(). Bug #752
	[c73c1ea4b230]

	* plugins/sudoers/toke_util.c:
	Make arg_size and arg_len unsigned since we do bitwise operations on
	them.
	[0a551c7a5e67]

2016-07-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/Makefile.in, lib/zlib/Makefile.in,
	plugins/group_file/Makefile.in, plugins/sample/Makefile.in,
	plugins/sudoers/Makefile.in, plugins/system_group/Makefile.in,
	src/Makefile.in:
	Only remove backup files as part of "make uninstall" when
	INSTALL_BACKUP is set.
	[c2541d2de89c]

	* configure, configure.ac, lib/util/Makefile.in, lib/zlib/Makefile.in,
	plugins/group_file/Makefile.in, plugins/sample/Makefile.in,
	plugins/sudoers/Makefile.in, plugins/system_group/Makefile.in,
	src/Makefile.in:
	Only keep backups of installed files on HP-UX where you cannot
	unlink a shared library that is in use.
	[8763a1d0d515]

2016-07-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Ignore a missing or insecure #includedir, it is not a fatal error.
	[8a82818c9f0d]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Make sure we always call sudoerserror() on error in
	read_dir_files(), otherwise sudo will not treat it as a fatal error.
	[1a38da425ca0]

2016-06-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c:
	Set the sudoers locale before opening the sudoers file. Previously
	the sudoers locale was used when evaluating sudoers but not during
	the inital parse. Bug #748
	[c8deb0da75b4]

	* plugins/sudoers/locale.c:
	Add debugging
	[5fbe2f109b92]

	* plugins/sudoers/Makefile.in:
	Don't link test programs with the sudoers-specific locale code if we
	don't need to.
	[41224154534e]

	* plugins/sudoers/Makefile.in:
	sudoreplay does not need to link with the sudoers-specific locale
	code.
	[348638a68f69]

2016-06-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y:
	new_digest was prototyped as static but not explicitly declared
	static.
	[52949a024acb]

	* configure, configure.ac:
	Some versions of HP-UX 11.11 do not expose struct sockaddr_ext if
	_XOPEN_SOURCE_EXTENDED is defined. Only define
	_XOPEN_SOURCE_EXTENDED if we can still compile net/if.h.
	[0189ff7daa63]

	* plugins/sudoers/Makefile.in:
	Some versions of HP-UX make will ignore suffix rules if they are
	empty.
	[cffeee232752]

2016-06-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_pty.c:
	Don't skip debug printfs in handle_sigchld() just because execve()
	returned an error.
	[0cf2a9351740]

	* include/compat/charclass.h, include/sudo_compat.h, lib/util/aix.c,
	lib/util/getaddrinfo.c, lib/util/sudo_debug.c,
	plugins/sudoers/insults.h,
	plugins/sudoers/regress/parser/check_base64.c,
	plugins/sudoers/regress/parser/check_fill.c,
	plugins/sudoers/sudoers_debug.c:
	Add definition of nitems for those without it and use it throughout.
	[4b30c8834fdd]

2016-06-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Update copyright year.
	[638c964e44fd]

	* NEWS, configure, configure.ac:
	Sudo 1.8.17p1
	[bc30a172370c]

	* src/sudo.c, src/sudo.h:
	Set user groups in exec_setup() if they were not already set by
	policy_init_session(). Bug #749
	[3bf16489800c]

2016-06-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.conf.cat, doc/sudo.conf.man.in, doc/sudo.conf.mdoc.in:
	Point the reader to the sudoers manual for the list of supported
	arguments after the plugin path.
	[40cbfa5deeb1]

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in:
	forgot to update date in last commit
	[3872a46e229b]

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in:
	Fix typo; cn=default should be cn=defaults
	[06e097667465]

2016-06-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/Makefile.in, lib/zlib/Makefile.in,
	plugins/group_file/Makefile.in, plugins/sample/Makefile.in,
	plugins/sudoers/Makefile.in, plugins/system_group/Makefile.in,
	src/Makefile.in:
	Fold lines at 80 characters for the clean: target
	[651623231cd8]

	* lib/util/Makefile.in:
	Remove mksiglist, siglist.c, mksigname, signame.c as part of
	"distclean"
	[ed7f58685633]

2016-06-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po:
	sync with translationproject.org
	[a3bb8c15ef3d]

	* plugins/sudoers/sssd.c:
	LDAP sudoers doesn't support negated users, groups or netgroups.
	[d6585245c24d]

2016-06-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Bug #746
	[e0bba3ae78c2]

	* plugins/sudoers/match.c:
	When matching paths with glob(3), check returned matches against
	user_cmnd first if it is fully-qualified. This avoids a lot of
	needless stat(2) calls and avoids a mismatch between safe_cmnd and
	argv[0] if there are multiple matches with the same inode/dev due to
	links. Bug #746.
	[29bdba0cf2eb]

	* NEWS:
	Add execve failure in pty bug fix.
	[941672cc6793]

	* plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po:
	sync with translationproject.org
	[a4f789cedecc]

	* src/exec_pty.c:
	In handle_sigchld() fix the return value when we've already received
	an exec error. We don't want to overwrite the error status but we do
	need to indicate that the command is no longer running. Fixes as
	hang on execve(2) error when running in a pty.
	[797bed2c39a7]

	* src/exec.c, src/exec_common.c:
	Move sudo_debug_execve() call into sudo_execve().
	[ab2ea3459a7c]

	* plugins/sudoers/po/cs.mo, plugins/sudoers/po/cs.po,
	plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/hr.mo, plugins/sudoers/po/hr.po,
	plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po,
	plugins/sudoers/po/nb.mo, plugins/sudoers/po/nb.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/sv.mo, plugins/sudoers/po/sv.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po, po/sr.mo,
	po/sr.po, po/sv.mo, po/sv.po:
	sync with translationproject.org
	[046ba9a0fca8]

2016-06-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	update for 1.8.17 final
	[a2f02775aba5]

	* lib/util/aix.c:
	Fix setting of hard stack limit when stack_hard is not specified in
	/etc/security/limits. When 64-bit resource limits are supported we
	can use the default value of 8388608 512-byte blocks directly. We
	should only resort to using RLIM_SAVED_MAX for 32-bit resource
	limits.
	[cc4933fc41bd]

2016-06-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot:
	regen
	[4ab85a46cf63]

2016-06-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sssd.c:
	Ignore empty ipa_hostname
	[9421ade7b47f]

	* plugins/sudoers/sssd.c:
	Better martching of ipa_hostname in sssd.conf
	[abd53491cb4b]

2016-06-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL, configure, configure.ac, pathnames.h.in,
	plugins/sudoers/sssd.c:
	Use the value of ipa_hostname from /etc/sssd/sssd.conf if present
	instead of the system hostname.
	[3f5cffcd8432]

2016-06-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sssd.c:
	When matching host, short-circuit the loop when we get a match. Only
	check username as part of the netgroup when netgroup_tuple is
	enabled.
	[2eab4070dcf7]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	Avoid using !strcmp()
	[f976b3d973e0]

2016-06-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sssd.c:
	SSSD doesn't handle netgroups, we have to ensure they are correctly
	filtered in sudo. The rules may contain mixed sudoUser specification
	so we have to check not only for netgroup membership but also for
	user and group matches. Adapted from a patch from Daniel Kopecek.
	[50d8d88bcc28]

2016-06-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/auth/pam.c:
	Return PAM_CONV_ERR from the conversation function if getpass
	returns NULL or the user pressed ^C.
	[bec7e2ec26ff]

	* plugins/sudoers/base64.c:
	Make base64 decoding table-driven.
	[2d001c111552]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Back out cfa26b99228f, it was already fixed differently. Caught by
	regress checks.
	[0584f80e9951]

2016-05-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Allow double-quoted groups and netgroups to be part of a Defaults
	spec. From Daniel Kopecek.
	[cfa26b99228f]

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in:
	The sudoers.ldap manual is installed in section 4 or 5, not 1m or 8.
	Also fix the section for ldap.conf cross-references.
	[eb1c0a2b84a1]

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in:
	Fix copy pasta, "sudoNotAfter" not "sudoNotBefore". Add missing word
	"order" in a sentence describing sudoOrder.
	[653cb783f89b]

	* plugins/sudoers/sssd.c:
	For sudo -ll (long list) print the SSSD role just like we do for the
	LDAP backend. Adapted from sudo-1.8.6p3-sssdrulenames.patch
	[46f962b1f3ef]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Setting timestamp_timeout less than zero only lasts until the next
	reboot. Adapted from a RedHat patch.
	[f8ce1dfebfe9]

	* po/it.mo, po/it.po, po/nb.mo, po/nb.po:
	sync with translationproject.org
	[31b55426358b]

2016-05-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/conversation.c:
	fputs() is now specified as returning non-negative on success, not
	explicitly zero. Fixes a failure on glibc.
	[55f8a25d4af4]

	* src/conversation.c:
	Don't try to dereference replies[] if it is a NULL pointer.
	[c4fdd838f2f5]

	* plugins/sudoers/policy.c:
	sudo_version should be unsigned
	[7719d425c65a]

	* plugins/sudoers/po/ca.mo, plugins/sudoers/po/ca.po,
	plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po,
	plugins/sudoers/po/hr.mo, plugins/sudoers/po/hr.po,
	plugins/sudoers/po/sv.mo, plugins/sudoers/po/sv.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po, po/ca.mo,
	po/ca.po, po/cs.mo, po/cs.po, po/da.mo, po/da.po, po/de.mo,
	po/de.po, po/fr.mo, po/fr.po, po/hr.mo, po/hr.po, po/ja.mo,
	po/ja.po, po/pl.mo, po/pl.po, po/sk.mo, po/sk.po, po/sv.mo,
	po/sv.po, po/uk.mo, po/uk.po, po/vi.mo, po/vi.po, po/zh_CN.mo,
	po/zh_CN.po:
	sync with translationproject.org
	[e40cdc972d19]

	* MANIFEST, NEWS, doc/CONTRIBUTORS, plugins/sudoers/po/ko.mo,
	plugins/sudoers/po/ko.po, po/ko.mo, po/ko.po:
	Korean translation for sudo and sudoers from translationproject.org.
	[188ffbed5bf2]

	* NEWS, plugins/sudoers/auth/pam.c:
	Ignore PAM_SESSION_ERR from pam_open_session() since this can
	apparently happen on systems using Solaris-derived PAM. Other errors
	from pam_open_session() are treated as fatal. This avoids the
	"policy plugin failed session initialization" error message seen on
	some systems.
	[0f7f3e7ead21]

2016-05-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, src/exec_pty.c:
	Don't read from stdin when flushing final buffers in blocking mode.
	Reading from the pipe can block too if the other end is not closed.
	[a651f913a1ef]

2016-05-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Mention visudo -x change.
	[2fd35df055b2]

	* plugins/sudoers/regress/sudoers/test1.json.ok,
	plugins/sudoers/regress/sudoers/test14.json.ok,
	plugins/sudoers/regress/sudoers/test15.json.ok,
	plugins/sudoers/regress/sudoers/test16.json.ok,
	plugins/sudoers/regress/sudoers/test2.json.ok,
	plugins/sudoers/visudo_json.c:
	There's no need to escape forward slashes in JSON output. While it
	is legal to escape a forward slash, it is not required.
	[044710f516a9]

	* doc/UPGRADE:
	Document that in 1.8.12 sudo started being able to check the NIS
	domain on Solaris.
	[bced94478c0e]

2016-05-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Better description of the I/O logging pipe issue.
	[6eee2f8a1fae]

	* src/exec_pty.c:
	In del_io_events(), avoid reading from the pty master in blocking
	mode. We now do two passes, one with SUDO_EVLOOP_NONBLOCK and
	another that could block if stdin is a pipe. This ensures we consume
	the pipe until EOF.
	[564ae2b4c305]

	* lib/util/event.c:
	Improve debug info in sudo_ev_add() and sudo_ev_del()
	[ca839439ff22]

	* src/exec_pty.c:
	In pty_close(), call del_io_events with the SUDO_EVLOOP_ONCE flag so
	the event loop will exit after a single run through. Otherwise, we
	may hang at exit on non-BSD systems.
	[e6c38d5a341b]

2016-05-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* po/sudo.pot:
	regen
	[18a4570be506]

2016-05-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_pty.c:
	Bump I/O buffer size to 64K. We don't use PIPE_BUF or _PC_PIPE_BUF
	for this because that corresponds to the value for atomic pipe
	writes. The actual pipe buffer is much larger on modern systems and
	64K is what BSD and Linux support for large pipe buffers.
	[3b5d995966ef]

	* NEWS:
	I/O logging bug fix
	[934d755ac12c]

	* src/exec_pty.c:
	Don't use SUDO_EVLOOP_NONBLOCK when flushing buffers at pty close
	time, only when the user suspends sudo. Fixes a problem where all
	buffers might not get flushed at exit when logging I/O. Reproducible
	via "sudo tar cf - foo | (cd /tmp && sudo tar xf -)" on OpenBSD.
	[bbe0e18739ec]

2016-05-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/visudo_json.c:
	Don't try to fflush(export_fp) or ferror(export_fp) if export_fp is
	NULL, which can happen on the error path.
	[ccfb4dd260fa]

	* plugins/sudoers/sudoers.c, src/exec.c, src/exec_pty.c, src/sudo.c,
	src/tgetpass.c:
	O_NOCTTY has no effect when opening /dev/tty as the open can only
	succeed if there is already a controlling tty.
	[9ca106c499b2]

	* src/sudo.c:
	Do not need to open /dev/tty with O_NONBLOCK, it doesn't block on
	first open like a physical terminal. By definition, if you have a
	controlling tty, the first open (which might block) has already
	occurred.
	[15a5f006836a]

	* src/selinux.c:
	Use O_NOCTTY when opening a tty.
	[5f9fd6458be4]

	* src/Makefile.in:
	regen
	[105ef4533724]

	* plugins/sudoers/auth/sudo_auth.c:
	No need to set pass to NULL after freeing at the end of the loop it
	since it is already set to NULL each time through the loop.
	[2657b0b4260d]

2016-05-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	SELinux fixes in 1.8.17.
	[f743cf0d9c62]

	* plugins/sudoers/logging.h, plugins/sudoers/logwrap.c:
	Check fprintf() return value in writeln_wrap() and return the number
	of characters actually written, or -1 on error.
	[4739e0f58fa3]

	* src/conversation.c:
	Check fputs() return value.
	[e85778cbe0e3]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	Do not write directly to stdout/stderr, use sudo_printf which calls
	the conversation function.
	[e86d5ed4dca7]

	* plugins/sudoers/auth/dce.c, plugins/sudoers/auth/fwtk.c,
	plugins/sudoers/auth/pam.c, plugins/sudoers/auth/securid5.c:
	Do not write directly to stdout/stderr, use sudo_printf which calls
	the conversation function.
	[002a30fdb4e0]

	* plugins/sudoers/iolog.c, plugins/sudoers/visudo_json.c:
	Use ferror() after fflush() to check the error status of the stdio
	stream we wrote to.
	[fa1db13fe9ac]

2016-05-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/parse.c:
	printf() returns < 0 on error, not explicitly -1
	[2a2385b941de]

	* doc/sudo.cat, doc/sudo.conf.cat, doc/sudo_plugin.cat,
	doc/sudoers.ldap.cat, doc/sudoreplay.cat, doc/visudo.cat:
	Regen for 1.8.17
	[e24b0f944000]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document that you need to preserve EDITOR and/or VISUAL for
	env_editor to be useful.
	[ef0ce8917307]

	* src/selinux.c:
	Fix last commit, now that argc is not reset we need to explicitly
	start the copy from argv[1]. From Daniel Kopecek
	[f52403ef587a]

2016-05-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/selinux.c:
	cosmetic change to warning string
	[a2893e3f9b70]

	* plugins/sudoers/auth/pam.c:
	Avoid adding an extraneous warning string to sudoers.pot.
	[6b07043b48f7]

	* lib/util/snprintf.c:
	Use EOVERFLOW, not ENOMEM for overflow conditions. For snprintf()
	and vsnprintf(), POSIX says we should return -1 and set errno to
	EOVERFLOW if the size param is > INT_MAX; also zero out the string
	in this case (not mandated by POSIX) for safety.
	[294720fc981a]

2016-05-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/auth/pam.c:
	Now that pam_open_session() failure is fatal we should print and log
	an error from it. Bug #744
	[0e98a92ef910]

	* src/selinux.c:
	Repair SELinux support, broken by 397722cdd7ec. From Daniel Kopecek.
	[1246583c7c1f]

	* plugins/sudoers/iolog.c, plugins/sudoers/pwutil.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c:
	Remove sudo_mkpwcache() and sudo_mkgrcache(). We now create the
	caches as needed on demand. Also remove calls to sudo_freepwcache()
	and sudo_freegrcache() that are immediately followed by execve(),
	they are not needed.
	[60448afe813d]

	* plugins/sudoers/iolog.c, plugins/sudoers/logging.c,
	plugins/sudoers/pwutil.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/testsudoers.c,
	plugins/sudoers/visudo.c:
	Eliminate use of setpwent()/endpwent() and setgrent()/endgrent().
	Sudo never iterates over the passwd or group file. Rename
	sudo_set{pw,gr}ent() -> sudo_mk{pw,gr}cache() and use
	sudo_free{pw,gr}cache() instead of sudo_end{pw,gr}ent().
	[66e6f5e7b51b]

2016-05-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/parse.h:
	Remove unnecessary NULL checks in the RUNAS_CHANGED macro. The only
	place where the pointers could be NULL is in visudo_json.c but we
	already check for "next" being NULL there. Quiets a cppcheck
	warning.
	[a0d84832c154]

2016-05-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoreplay.c:
	In replay_session() free iov at the end of the function (if needed)
	instead of after processing each line from the timing file. Coverity
	CID 104843.
	[5112f514af87]

	* plugins/sudoers/sudoreplay.c:
	Add io_log_read() and io_log_gets() to hide differences between
	gzread/fread and gzgets/fgets. Check for premature EOF and error
	from io_log_read(). Also sanity check the index in the timing file.
	Coverity CID 104630.
	[6a3b9932f567]

	* src/exec_pty.c:
	Break up io_callback() into read_callback() and write_callback() to
	make it clear that we can't get an event with both read and write
	set.
	[cd3a1e182dd4]

2016-05-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_pty.c:
	In io_callback() make sure we clear SUDO_EV_READ if we close the fd.
	It should not be possible for SUDO_EV_READ to be set when revent is
	non-NULL but this makes static analyzers happier. Coverity CID
	104124.
	[7acc249fa098]

	* plugins/sudoers/ldap.c:
	In sudo_krb5_copy_cc_file() move the close(ofd) to the done: label
	so we only have to cleanup in one place. Coverity CID 104577.
	[0f189e70c59d]

	* plugins/sudoers/ldap.c:
	Fix memory leak in sudo_netgroup_lookup() in the non-error case.
	Coverity CID 104572, 104573, 104574, 104575.
	[7f9fb7a360b7]

	* plugins/sudoers/ldap.c:
	Fix fd leak in sudo_krb5_copy_cc_file() if restore_perms() fails.
	Coverity CID 104571.
	[d9434cdfb73c]

	* plugins/sudoers/sudoreplay.c:
	Free the events and event base before returning from
	replay_session(). Coverity CID 104116, 104117.
	[321216089e4a]

	* src/sudo_edit.c:
	In sudo_edit_create_tfiles(), fix fd leak if sudo_edit_mktemp()
	fails. Coverity CID 104114.
	[713de09ff956]

	* src/sudo_edit.c:
	Fix fd leak in sudo_edit_open_nonwritable() if dir_is_writable()
	returns an error. Coverity CID 104113.
	[314a57004f00]

	* src/sudo_edit.c:
	Fix memory leak of sesh_args in selinux_edit_copy_tfiles(). Coverity
	CID 104112.
	[ac7f0cbd07c9]

	* plugins/sudoers/visudo.c:
	Fix memory leak in get_editor() if resolve_editor() fails with an
	error. Coverity CID 104107.
	[e355b1f45bcb]

	* src/sudo.c:
	Fix memory leak on error if sudo_new_key_val() fails. Coverity CID
	104103.
	[c2ee1557aef2]

	* plugins/sudoers/visudo.c:
	Ignore the return value of the initial sudoersparse(), before we
	have actually edited any files. Coverity CID 104078.
	[184d9c6aec65]

	* src/exec.c:
	Ignore the result of send() on exec error, if it fails the other end
	of the pipe is gone and we are headed for exit. Coverity CID 104066.
	[cdcd7dfcbca1]

	* plugins/sudoers/toke_util.c:
	In fill_args() clean up properly if there is an internal overflow
	(which should not be possible). Coverity CID 104569.
	[0bc710e91ec4]

	* plugins/sudoers/gc.c:
	Fix logic inversion in sudoers_gc_remove(), currently unused.
	Coverity CID 104568
	[e29df8da11ea]

2016-05-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog.c:
	In io_mkdirs(), change the order from stat then mkdir, to mkdir then
	stat. This more closely matches what "mkdir -p" does. Coverity CID
	104120.
	[e462528ff7ea]

	* plugins/sudoers/timestamp.c:
	In ts_mkdirs(), change the order from stat then mkdir, to mkdir then
	stat. This more closely matches what "mkdir -p" does. Coverity CID
	104119.
	[c0c0e2662883]

	* plugins/sudoers/sudoers.c:
	Newer versions of Ubuntu have switched from using the "admin" group
	to the "sudo" group to align with Debian.
	create_admin_success_flag() now accepts either one.
	https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/1387347
	[17b4d725dac4]

	* plugins/sudoers/timestamp.c:
	Cast off_t printed via printf(3) instead of assuming it is long
	long.
	[b1d398f4a8dc]

	* plugins/sudoers/sudoers.c:
	Instead of using stat(2) to see if the admin flag file exists and
	creating it if not, just try to create the file and treat EEXIST as
	a non-error. Coverity CID 104121.
	[bd58b0a35a3c]

	* MANIFEST, plugins/sample/README:
	README file for the sample plugin that tells the user how to build,
	install and enable it.
	[8d7096ce78cc]

	* plugins/sample/sample_plugin.c:
	Fix compilation error and export sample_policy struct. From Michael
	Evans
	[5280c1576e7f]

	* NEWS:
	Update for 1.8.17
	[979688a5ef13]

	* configure, configure.ac:
	Sudo 1.8.17
	[09311b2e9697]

	* plugins/sudoers/logging.c:
	Check return value of restore_perms() in vlog_warning(). Coverity
	CID 104079.
	[86555dd0942d]

	* plugins/sudoers/editor.c:
	Fix memory leaks in resolve_editor() in the error path. Coverity CID
	104109, 104110
	[6ac3f7e3ada9]

	* plugins/sudoers/policy.c:
	Fix memory leak of gid_list in sudoers_policy_exec_setup() in the
	error path. Coverity CID 104111.
	[eac1e9489367]

	* plugins/sudoers/logging.c:
	Fix fd leak in do_logfile() if we fail to lock the log file.
	Coverity CID 104115.
	[164a693207a8]

	* plugins/sudoers/sssd.c:
	Fix memory leak of sss_result in sudo_sss_lookup() Coverity CID
	104106
	[7dcee1e6d76f]

	* plugins/sudoers/iolog.c:
	Fix fd leak in open_io_fd() if gzdopen/fdopen fails. Coverity CID
	104105
	[c4c2848c1167]

	* plugins/sudoers/iolog.c:
	Fix fd leak in io_nextid() in error path. Coverity CID 104104
	[8920cdaab5bd]

2016-05-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/timestamp.c:
	Check lseek() return value. Coverity CID 104061.
	[bf3bb4c80cfc]

	* plugins/sudoers/timestamp.c:
	Ignore ts_write() return value when disabling an entry with a bogus
	timestamp. We ignore the timestamp entry even it doesn't succeed.
	Coverity CID 104062.
	[5e5925ebbc75]

	* plugins/sudoers/iolog.c, plugins/sudoers/match.c,
	plugins/sudoers/tsgetgrpw.c, src/exec.c, src/exec_pty.c, src/sudo.c:
	Cast the return value of fcntl() to void when setting FD_CLOEXEC.
	Coverity CID 104063, 104064, 104069, 104070, 104071, 104072, 104073,
	104074
	[48720d2f6658]

	* plugins/group_file/getgrent.c:
	Cast the return value of fcntl() to void when setting FD_CLOEXEC.
	Coverity CID 104075, 104076, 104077.
	[7fe1d9f97321]

	* plugins/sudoers/env.c:
	Avoid a false positive. Coverity CID 104056.
	[0256978219a6]

	* plugins/sudoers/visudo_json.c:
	Avoid calling fclose(NULL) on error in export_sudoers(). Coverity
	CID 104091.
	[2f73d86ab929]

	* plugins/sudoers/toke_util.c:
	In fill_args(), check for "arg_size == 0" instead of
	"sudoerslval.command.args == NULL" since the latter leads Coverity
	to imply that sudoerslval.command.args could be NULL later on.
	Coverity CID 104093.
	[bab505438881]

	* plugins/sudoers/sudoers.c:
	Avoid calling fclose(NULL) if the sudoers file is not secure and
	restore_perms() fails. Coverity CID 104090.
	[150db126c221]

2016-05-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/toke.h, plugins/sudoers/toke_util.c:
	In fill_args(), replace loop that increments arg_size() with a
	simple add and mask. Should prevent a false positive from Coverity
	CID 104094.
	[411c7e398286]

	* plugins/sudoers/sudoreplay.c:
	In parse_expr(), move the "bad" label after the "default" case in
	the switch(), not before it. This seemed to confuse Covertity,
	resulting in a false positive, CID 104095.
	[4371f26995fb]

	* doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in:
	For "sudoreplay -l", not all predicates may be shortened to a single
	character. Both 'c' and 't' have more than one possibility.
	[29a5a9a313e2]

	* src/exec.c, src/exec_pty.c, src/sudo.c:
	pid_t is defined by POSIX as a signed integer type so we don't need
	a cast when comparing to -1.
	[98f0a86260a0]

	* src/exec.c:
	In dispatch_signal() for stopped processes check for tcgetpgrp()
	returning -1. Also change checks from "saved_pgrp != -1" to "fd !=
	-1". Coverity CID 104098.
	[42ac4ad85900]

	* src/selinux.c:
	In relabel_tty() always jump to bad: on error, regardless of the
	value of se_state.enforcing. On error, return -1 if enforcing, else
	0. Coverity CID 104099.
	[db1a54d718f1]

	* config.h.in, configure.ac:
	Define NO_LEAKS when sudo is built with Coverity.
	[f4209b9ade8c]

	* src/exec_pty.c:
	In io_callback() if we write the complete buffer and find that there
	is no associated reader just return as there is nothing else to be
	done. In practice is it not possible for SUDO_EV_READ to be set if
	revent is NULL but an early return is harmless and possibly easier
	to understand. Coverity CID 104124.
	[3b3eb45b701e]

	* src/sudo_edit.c:
	Handle read() returning -1 when creating temporary files. Coverity
	CID 104100
	[e82af51e4f48]

	* plugins/sudoers/policy.c:
	Fix cut and paste error when checking cols for 0. Coverity CID
	104081
	[22a3b7d9bce1]

	* plugins/sudoers/pwutil.c:
	Use a single debug message for cache hit or store to avoid another
	situation where they get out of sync. Bug #743
	[4cf484e9b016]

	* plugins/sudoers/pwutil.c:
	Sync the "cache hit" debug messages with the "cached" debug
	messages. This fixes a bug where we could dereference a NULL pointer
	when we look up a negative cached entry which is stored as a NULL
	passwd or group struct pointer. Bug #743.
	[1d13341d53ec]

2016-04-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac:
	Remove the check for __sprintf_chk when checking for
	_FORTIFY_SOURCE, Some implementations are purely header-file based.
	As long as we can link a test program using sprintf() when
	_FORTIFY_SOURCE=2 it should be safe to use.
	[910af8ba4666]

	* config.h.in, configure, configure.ac:
	Remove configure checks for dev_t, id_t, ino_t, ptrdiff_t, size_t
	and ssize_t. These have been specified by either ANSI C or POSIX for
	long enough that if the system doesn't support them, it is unlikely
	to be able to compile sudo anyway.
	[c9fd433cfe27]

	* src/sudo.c:
	Do group setup in policy_init_session() before calling out to the
	plugin. This makes it possible for the pam_group module to change
	the group in pam_setcred(). It's a bit bogus since pam_setcred() is
	documented as not changing the group or user ID, but pam_group is
	shipped with stock Linux-PAM so we need to support it.
	[814cda602541]

2016-04-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/logging.c:
	Add missing newline when logging to a file (not syslog) and
	loglinelen is set to a non-positive number. Bug #742
	[ef0a5428a574]

2016-04-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c:
	style fix; fork_cmnd should start on a new line
	[e8211fe0f8d7]

2016-04-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, plugins/sudoers/ldap.c,
	plugins/sudoers/logging.c, src/signal.c, src/sudo.c, src/tgetpass.c:
	Ignore SIGPIPE for the duration of sudo and not just in a few select
	places. We have no control over what nss, PAM modules or sudo
	plugins might do so ignoring SIGPIPE is safest.
	[7c919101b8ec]

	* src/selinux.c:
	Use string_to_security_class() instead of pulling SECCLASS_CHR_FILE
	from flask.h. Avoids a warning with new SELinux includes.
	[24f357b419c4]

2016-04-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c, plugins/sudoers/parse.c,
	plugins/sudoers/sssd.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	When determining whether or not "sudo -l" or "sudo -b" should prompt
	for a password, take all sudoers sources into account. In other
	words, if both file and ldap sudoers sources are in use, "sudo -v"
	will now require that all entries in both sources be have NOPASSWD
	(file) or !authenticate (ldap) in the entries.
	[51e2a5ecacc6]

2016-03-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/sudo_auth.h:
	If the auth_type setting in /etc/security/login.cfg is set to
	PAM_AUTH but pam_start() fails, fall back to use AIX authentication.
	Skip the auth_type check if sudo is not compiled with PAM support.
	[cdbe432c465c]

2016-03-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.conf.cat, doc/sudo.conf.man.in, doc/sudo.conf.mdoc.in:
	The header for sudo.conf(5) should be SUDO.CONF(5) not SUDO(5).
	[d3afd5bd550f]

2016-03-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/policy.c:
	hook_version and hook_type are unsigned so use 0, not -1 in the
	final (empty) entry. Quiets a warning on Solaris Studio 12.2.
	[4947de8e35b7]

2016-03-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, config.h.in, configure, configure.ac,
	plugins/sudoers/auth/pam.c:
	Work around an ambiguity in the PAM spec with respect to the
	conversation function. It is not clear whether the "struct
	pam_message **msg" is an array of pointers or a pointer to an array.
	Linux-PAM and OpenPAM use an array of pointers while Solaris/HP-
	UX/AIX uses a pointer to an array. Bug #726.
	[d2b926e2f7d6]

2016-03-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po,
	plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po,
	plugins/sudoers/po/sr.mo, plugins/sudoers/po/sr.po, po/eo.mo,
	po/eo.po, po/it.mo, po/it.po, po/ja.mo, po/ja.po, po/ru.mo,
	po/ru.po, po/sr.mo, po/sr.po:
	sync with translationproject.org
	[271c6738213d]

2016-02-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Bug #738
	[9e7974480cdc]

2016-02-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/nb.mo, plugins/sudoers/po/nb.po, po/nb.mo,
	po/nb.po:
	sync with translationproject.org
	[6aa32f6e5240]

	* lib/util/regress/fnmatch/fnm_test.in:
	Better test for negated character classes.
	[635e3c17bca1]

	* lib/util/regress/fnmatch/fnm_test.in:
	Add test for negated character class
	[0d813e098864]

	* plugins/sudoers/po/cs.mo, plugins/sudoers/po/cs.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po, po/cs.mo,
	po/cs.po, po/de.mo, po/de.po, po/fr.mo, po/fr.po, po/pl.mo,
	po/pl.po, po/pt_BR.mo, po/pt_BR.po, po/uk.mo, po/uk.po, po/vi.mo,
	po/vi.po, po/zh_CN.mo, po/zh_CN.po:
	sync with translationproject.org
	[9398ffdc7719]

	* NEWS:
	sync
	[a27a7d40491e]

	* lib/util/fnmatch.c:
	Fix negation of character classes.
	[aed07c013a41]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	Fix the check for whether a user is allowed to lists another user's
	privileges. The "matched" variable is not boolean, it can also have
	the value UNSPEC so we need to check explicitly for true. Bug #738
	[e8ed706fda03]

	* plugins/sudoers/auth/pam.c:
	Log the number of PAM messages in the conversation function at debug
	level.
	[3f16eea5875f]

2016-02-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac:
	Don't check for posix_spawn() or posix_spawnp() if we were unable to
	find spawn.h. This should only be a problem on systems with broken
	headers. Bug #730
	[5e5b0646dca4]

2016-02-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	update for 1.8.16
	[bad5e6534f39]

	* doc/CONTRIBUTORS, plugins/sudoers/sudoers2ldif:
	Fix documented bug with duplicate role names and turn on perl
	warnings. Based on a diff from Aaron Peschel
	[344a1c1f5c93]

2016-02-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/aix.c:
	Add declaration of getauthdb() for AIX 5.1
	[f758960bcfd6]

2016-02-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	regen
	[e61e1241f15f]

	* plugins/sudoers/po/fr.mo, plugins/sudoers/po/fr.po,
	plugins/sudoers/po/nb.mo, plugins/sudoers/po/nb.po:
	sync with translationproject.org
	[2f3dea24199b]

	* INSTALL:
	Add a note that --with-solaris-audit is only for Solaris 11 and
	above. Bug #737
	[6722331c2830]

2016-02-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac:
	Remove last remnants of the deprecated --with-stow option.
	[8616d6de7ecd]

	* src/Makefile.in:
	src/load_plugins.c needs _PATH_SUDO_CONF so allow it to be
	overridden via the Makefile like other consumers of _PATH_SUDO_CONF.
	Bug #735
	[10148ef883ec]

2016-02-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac, include/sudo_util.h, lib/util/aix.c,
	lib/util/getgrouplist.c, plugins/sudoers/pwutil.c,
	plugins/sudoers/pwutil.h, plugins/sudoers/pwutil_impl.c,
	plugins/sudoers/set_perms.c, src/sudo.c:
	Add an administrative domain to the passwd/group cache key for AIX
	which can have different name <-> ID mappings depending on whether
	the database is local, LDAP, etc.
	[5319c11aefe9]

	* mkpkg, sudo.pp:
	Fedora dropped "core" from the name some time ago so just match on
	f[0-9] for the rpm distro name provided by pp. Since the version
	numbers of Fedora and RHEL are so different switch to defining
	variables to indicate which features should be enabled. Works for
	Fedora 23.
	[4ec50b352293]

2016-01-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkpkg, sudo.pp:
	Treat fedora core like centos/rhel for package building.
	[0dfc607d07a1]

2016-01-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/regress/parser/check_fill.c:
	Plug some memory leaks in the tests.
	[ce76ba538867]

	* plugins/sudoers/toke_util.c:
	If realloc of sudoerslval.command.args fails, reset
	sudoerslval.command.args as well as arg_len and arg_size after
	freeing sudoerslval.command.args.
	[6481bad56e6a]

	* src/exec_pty.c:
	When freeing the iobs after pty tear-down, also free the associated
	event structures. Quiets a memory leak warnings from address
	sanitizer and valgrind.
	[f19c689a2ded]

2016-01-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog.c:
	iolog_compress should be bool, not int
	[b437123a242b]

	* plugins/sudoers/visudo.c:
	Quiet address sanitizer leak detector.
	[b7ce672331f6]

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/env.c,
	plugins/sudoers/gc.c, plugins/sudoers/sudoers.h:
	Simple garbage collection (really a to-be-freed list) for the
	sudoers plugin. Almost identical to what sudo.c uses. Currenly only
	the environment strings are collected at exit time which is enough
	to quiet address sanitizer's leak detector.
	[47f32e047b1a]

	* src/sudo.c:
	Rename gc_cleanup to gc_run and remove I/O plugins from the plugin
	list when freeing them.
	[ea640f0b46f9]

	* src/sudo.c:
	Free up the garbage via an atexit() handler instead of requiring a
	call to gc_exit.
	[cc9c96d88595]

	* src/sudo_edit.c:
	Plug a memory leak in sudo_edit.
	[cab9a13a669b]

2016-01-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL:
	mention --enable-asan
	[ee2bc0f60c8b]

	* plugins/sudoers/auth/sudo_auth.c:
	Try to deconfuse static analyzers a bit.
	[7e728c76f5df]

	* plugins/sudoers/sssd.c:
	Avoid possible NULL deref found by clang analyzer.
	[8bb3cbfe0446]

	* config.h.in, configure, configure.ac:
	Add --enable-asan configure flag to enable address sanitizer
	[8aae250fb68e]

	* src/sudo.c, src/sudo_plugin_int.h, src/ttyname.c:
	Add support for garbage collecting info passed to the plugin before
	exit to appease address sanitizer's leak detector (and valgrind's
	leak checker). We can't free these sooner since the plugin may be
	using the memory. For plugin API 2.0 it should be make clear that
	the plugin must make a copy of the data in the arrays passed in to
	the plugin's open() function. Only enabled if NO_LEAKS is defined.
	[8458bcb165d8]

	* plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/bsdauth.c,
	plugins/sudoers/auth/fwtk.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/securid5.c, plugins/sudoers/auth/sia.c,
	plugins/sudoers/auth/sudo_auth.c:
	auth_getpass() returns a dynamically allocated copy of the plaintext
	password which needs to be freed after checking (and clearing) it.
	[28d2c83c3ac4]

	* src/sudo.c:
	Remove sudo_fatalx() calls from format_plugin_settings().
	[96a18a3ccc49]

	* plugins/sudoers/sssd.c:
	fn_free_result() (aka sss_sudo_free_result() in sss_sudo.c) handles
	a NULL poiner so there's no need to check before calling it. Add
	missing initialization of sss_sudo_result to NULL in
	sudo_sss_setdefs().
	[fa1c8eaed6ac]

	* plugins/sudoers/sssd.c:
	Add missing return when user is not found in sudo_sss_result_get().
	Previously we fell through to the default case which just logged a
	debug message and returned so this just avoids the extra (generic)
	debug message.
	[68c2201f3a85]

2016-01-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/gettime.c:
	Fix a warning on AIX.
	[4ebc19a143ff]

	* src/sudo.c:
	Pass updated user_env_out, not envp, to the I/O open function.
	[f02e6f32f189]

	* src/sudo.c:
	Pass updated argv/envp to the I/O open function like the plugin API
	documents.
	[ff9f4fae5cf3]

2016-01-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog.c:
	Add check for I/O log file handle being NULL. This could only happen
	if the front-end calls iolog_open with argc == 0 but actually runs a
	command.
	[5113a3c04494]

2016-01-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/pwutil.c:
	Additional debugging for pwutil functions.
	[908b83c3acbb]

	* config.h.in, configure, configure.ac, lib/util/aix.c:
	When calling setauthdb(), save the old registry value so we can
	restore it properly. Previously we were setting the registry to
	unrestricted instead of actually restoring it.
	[5a2921412663]

	* plugins/sudoers/sudoers.c:
	Use SUDOERS_DEBUG_UTIL not SUDO_DEBUG_UTIL in the plugin.
	[79b012777e71]

2016-01-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/sudo_debug.c:
	When parsing debug entries, don't make a lower value override a
	higher one. For example, for "pcomm@debug,all@warn" the "all@warn"
	should not set pcomm to "warn" when it is already at "debug".
	[031037a56e51]

2016-01-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/policy.c:
	Set sudoedit_checkdir=false in command_details when it is disabled
	in sudoers.
	[811dd43b29f5]

	* include/sudo_compat.h, lib/util/strtobool.c, plugins/sudoers/ldap.c,
	plugins/sudoers/sssd.c, src/sudo_edit.c:
	Update copyright year
	[5ec484920763]

	* src/sudo_edit.c:
	If the user runs "sudoedit /" we will receive ENOENT from openat(2)
	and sudoedit will try to create a file with the null string. If path
	is empty, open the cwd instead so sudoedit can give a sensible error
	message.
	[fc39d5804f1f]

	* lib/util/strtobool.c:
	Log an error for invalid boolean strings.
	[004afa5e05c5]

	* src/sudo.c:
	Fix off by one error in new SET_FLAG macro.
	[5bdce4edf8b9]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document the race with sudoedit_checkdir in 1.8.15.
	[cb7aed3367e9]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in:
	Document sudoedit_checkdir
	[89f2452272ad]

2016-01-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo_edit.c:
	There are no systems that support O_SEARCH/O_PATH that do not also
	support O_DIRECTORY so simplify the definition of DIR_OPEN_FLAGS a
	bit.
	[a48f11ea53b3]

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	regen
	[8ae4d883ac59]

	* NEWS, doc/UPGRADE:
	Add 1.8.16 changes
	[8d3a3f5cdf59]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in, doc/sudoers.cat,
	doc/sudoers.man.in, doc/sudoers.mdoc.in, plugins/sudoers/defaults.c,
	src/sudo.c:
	Make sudoedit_checkdir the default and update the documentation
	accordingly.
	[84bbc1b73411]

	* src/sudo.c:
	Add a SET_FLAG macro to simplify parsing command details boolean
	flags. Previously, flags were only set and never cleared even if the
	boolean value was false. This was not a problem as there were no
	default flags for the plugin to enable. That will change in the
	future.
	[75f24ca13f41]

2016-01-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo_edit.c:
	Need to be root when switching to a different user.
	[06d5f010b607]

	* src/sudo_edit.c:
	Use O_SEARCH on systems without O_PATH if present. It can be used
	for a similar purpose.
	[3f559a389bf9]

	* config.h.in, configure, configure.ac, src/sudo_edit.c:
	Use faccessat(2) for directory writability instead of doing the
	checks manually where possible. This also allows us to remove the
	#ifdef __linux__ bits since we no longer use fstat(2) on Linux with
	an O_PATH fd.
	[fe50d0c1f1b9]

2016-01-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Add "I/O LOG FILES" section to the manual and move many of the
	details from the log_input and log_output descriptions to it.
	[a604903f5ae3]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Use "Nm sudoers" when talking about the plugin and "Em sudoers" when
	talking about the sudoers file.
	[727a68b02de7]

2016-01-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/zlib/zlib.exp:
	Remove gzopen_w which is only defined on Windows.
	[a73236903e7b]

	* config.h.in, configure, configure.ac, include/sudo_compat.h:
	Work around the buggy pread(2) on 32-bit HP-UX 11.00 by using
	pread64() on that platform.
	[31c4be934115]

2016-01-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/defaults.c,
	plugins/sudoers/ldap.c, plugins/sudoers/match.c,
	plugins/sudoers/parse.c, plugins/sudoers/parse.h,
	plugins/sudoers/sssd.c, plugins/sudoers/testsudoers.c:
	Add support for matching the entire netgroup tuple (user, host,
	domain).
	[9f694ba7c86d]

	* plugins/sudoers/ldap.c:
	Use asprintf() to generate the netgroup filter instead of using lots
	of concatenation.
	[f8290c040aea]

	* lib/util/util.exp.in:
	Add missing sudo_debug_exit_ssize_t_v1 symbol.
	[9407fb25dfa4]

2016-01-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	In sudo_netgroup_lookup() only build up the search filter once
	instead of once per netgroup_base.
	[a03440237078]

	* plugins/sudoers/ldap.c:
	It is safe to pass ldap_msgfree() a NULL pointer.
	[abc2eaddbf83]

	* plugins/sudoers/ldap.c:
	On overflow, warn before freeing anything.
	[2e3bcfa4a8f9]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	Use user_runhost and user_srunhost instead of user_host and
	user_shost. Fixes "sudo -l -h other_host" for LDAP and sssd.
	[e1abfdc82242]

	* plugins/sudoers/match.c:
	Silence warning in digest_matches() on systems with no fexecve(2).
	[0cd3cc8fa195]

	* plugins/sudoers/sssd.c:
	Fix free() of invalid pointer introduced in the commit that stripped
	whitespace between a '!' and the name in a sudoOption.
	[4d2c1761c752]

	* plugins/sudoers/ldap.c:
	Fix free() of invalid pointer introduced in the commit that stripped
	whitespace between a '!' and the name in a sudoOption.
	[14391603a9e5]

	* src/sudo_edit.c:
	Add missing dfd argument to the version of
	sudo_edit_openat_nofollow() for systems without O_NOFOLLOW.
	[574e4a840879]

	* plugins/sudoers/def_data.c, plugins/sudoers/def_data.in:
	Update description of sudoedit_checkdir. Reported by Sander Bos.
	[ee44e7255096]

	* src/sudo_edit.c:
	No need to check whether the fd we opened is really a directory in
	sudo_edit_open_nonwritable() since if not, the openat() will fail
	with ENOTDIR anyway.
	[b41c5b289f35]

2016-01-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/CONTRIBUTORS, doc/UPGRADE, doc/sudoers.cat, doc/sudoers.man.in,
	doc/sudoers.mdoc.in, include/sudo_compat.h, src/sudo_edit.c:
	Rewritten sudoedit_checkdir support that checks all the dirs in the
	path and refuses to follow symlinks in writable directories. This is
	a better fix for CVE-2015-5602. Adapted from a diff by Ben
	Hutchings. Bug #707
	[c2e36a80a279]

2016-01-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/po/ca.mo, plugins/sudoers/po/ca.po,
	plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/fr.mo, plugins/sudoers/po/fr.po,
	plugins/sudoers/po/sr.mo, plugins/sudoers/po/sr.po, po/ca.mo,
	po/ca.po, po/fi.mo, po/fi.po, po/hu.mo, po/hu.po, po/sr.mo,
	po/sr.po:
	sync with translationproject.org
	[94ffd6b18431]

	* configure, configure.ac, doc/sudo_plugin.cat,
	doc/sudo_plugin.man.in, doc/sudo_plugin.mdoc.in, doc/sudoers.cat,
	doc/sudoers.man.in, doc/sudoers.mdoc.in, include/sudo_plugin.h,
	plugins/sudoers/match.c, plugins/sudoers/policy.c,
	plugins/sudoers/sudoers.h, src/exec.c, src/exec_common.c,
	src/selinux.c, src/sesh.c, src/sudo.c, src/sudo.h, src/sudo_exec.h:
	Add support for using fexecve() if supported on commands that are
	checksummed.
	[397722cdd7ec]

2015-12-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo_edit.c:
	Call openat() with the basename not the full path. From Ben
	Hutchings.
	[33272418bb10]

2015-12-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/group_plugin.c, plugins/sudoers/policy.c:
	Fix compilation with --disable-shared
	[84c084618676]

2015-12-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_common.c:
	Check for existing dso in LD_PRELOAD and only add it if it is not
	already present.
	[15042e8999f7]

2015-12-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	Clarify when SIGINT and SIGQUIT are relayed by sudo to the command.
	[8efed5784393]

	* plugins/sudoers/group_plugin.c, plugins/sudoers/policy.c,
	plugins/sudoers/sudoers.h, src/load_plugins.c:
	Actually use the plugin_dir Path setting in sudo.conf.
	[bccc548127a2]

	* lib/util/sudo_conf.c:
	The Path setting for the plugin directory is "plugin_dir" not
	"plugin".
	[07c2677bbce5]

	* doc/sudo.conf.cat, doc/sudo.conf.man.in, doc/sudo.conf.mdoc.in,
	lib/util/sudo_conf.c, src/exec_common.c:
	Allow sudo.conf Path settings to disable path names (by setting the
	value of NULL).
	[81a44e011a40]

2015-12-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/selinux.c, src/sudo.h:
	Change noexec flag in selinux_execve() from int to bool.
	[7cb872aac155]

	* src/exec_common.c, src/sudo_exec.h:
	Refactor code to set LD_PRELOAD (or the equivalent) in the
	environment into a preload_dso() function. Also avoid allocating a
	new copy of the environment array if the size of the array does not
	change.
	[72194b0b51f7]

	* configure, configure.ac:
	Add missing square brackets in configure option descriptions.
	[6e25685c6349]

2015-12-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document the names of the I/O log files and mention buffering.
	Document that I/O logs are in gzip format by default.
	[474838e7b365]

2015-12-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/env.c:
	Add BASHOPTS to initial_badenv_table[]; from Stephane Chazelas
	[f206a9089a69]

2015-12-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	When parsing sudoOptions that include an operator (!, +, +=, -=)
	strip out any whitespace on either side of the operator.
	[62041b5888e5]

2015-12-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers2ldif:
	Strip whitespace around '!', '=', '+=' and '-=' in Defaults entries.
	[dcc9d15b0f3c]

2015-12-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document the race condition between the digest check and command
	execution.
	[24a3d9215c64]

2015-12-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	When checking the query results, don't set user_matches in the
	netgroup pass unless sudo_ldap_check_non_unix_group() returns true.
	This was preventing the mail_no_user sudoOption from being
	effective.
	[31004144421b]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	In list mode, we always want to clear FLAG_NO_USER and FLAG_NO_HOST
	regardless of whether or not there was an actual match. Otherwise,
	warning mail may be sent which is not what we want in list mode.
	This is consistent with what the sudoers file backend does.
	[2809338a7b21]

2015-11-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/toke.h, plugins/sudoers/toke_util.c:
	Use size_t for length parameters in the fill functions used by the
	lexer.
	[0428c9067182]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Use yy_size_t for digest_len since newer flex uses yy_size_t for
	yyleng. Old flex uses int for yyleng so we need to use a cast to
	avoid a sign compare warning.
	[4a3dc6fb8f99]

2015-11-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in, README, configure, configure.ac,
	plugins/sudoers/regress/sudoers/test1.in, sudo.pp:
	Use https in sudo.ws urls
	[04e5177022d3]

	* doc/sudo.cat, doc/sudo.conf.cat, doc/sudo.conf.man.in,
	doc/sudo.conf.mdoc.in, doc/sudo.man.in, doc/sudo.mdoc.in,
	doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, doc/sudoers.cat, doc/sudoers.ldap.cat,
	doc/sudoers.ldap.man.in, doc/sudoers.ldap.mdoc.in,
	doc/sudoers.man.in, doc/sudoers.mdoc.in, doc/sudoreplay.cat,
	doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in, doc/visudo.cat,
	doc/visudo.man.in, doc/visudo.mdoc.in:
	Use https in urls.
	[855b05943b2d]

	* configure, configure.ac:
	sudo 1.8.16
	[b745f7031aeb]

	* plugins/sudoers/env.c:
	When preserving variables from the invoking user's environment, if
	there are duplicates only keep the first instance.
	[d4dfb05db5d7]

2015-11-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/sudo_debug.h, lib/util/parseln.c, lib/util/sudo_debug.c,
	plugins/sudoers/timestamp.c:
	Add debug_return_ssize_t
	[d491ed281726]

	* plugins/sudoers/timestamp.c:
	Avoid compilation error on Solaris 10 with Stun Studio 12. Bug #727
	[facd8ff1ee6c]

2015-10-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po, po/da.mo,
	po/da.po:
	sync with translationproject.org
	[6711d740d3d0]

	* NEWS:
	Mention ssp configure fix.
	[92d64fd724cc]

2015-10-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/cs.mo, plugins/sudoers/po/cs.po,
	plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po,
	plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po,
	plugins/sudoers/po/nb.mo, plugins/sudoers/po/nb.po,
	plugins/sudoers/po/nl.mo, plugins/sudoers/po/nl.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po, po/cs.mo,
	po/cs.po, po/de.mo, po/de.po, po/fr.mo, po/fr.po, po/it.mo,
	po/it.po, po/ja.mo, po/ja.po, po/nb.mo, po/nb.po, po/pl.mo,
	po/pl.po, po/pt_BR.mo, po/pt_BR.po, po/uk.mo, po/uk.po, po/vi.mo,
	po/vi.po, po/zh_CN.mo, po/zh_CN.po:
	sync with translationproject.org
	[9c8eb0062d8c]

	* configure, configure.ac:
	Don't use CPPFLAGS for the -fstack-protector check. Otherwise on
	systems with _FORTIFY_SOURCE support we'll get an error due to the
	lack of optimization flags. Bug #725
	[1a9f8571a82d]

	* configure, configure.ac:
	When checking for stack protector support we need to actually link
	the test program.
	[ab4f94aac7de]

2015-10-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac:
	Preserve LDFLAGS when checking for stack protector as they may
	include rpath settings to allow the stack protector lib to be found.
	Avoid using existing CFLAGS since we don't want the compiler to
	optimize away the stack variable.
	[e6bc59225c06]

	* configure, configure.ac:
	Better configure test for -fstack-protector. Some gcc installations
	may be missing the ssp library even though the compiler supports it.
	[4ade5d1249f4]

2015-10-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo_edit.c:
	Set errno to EISDIR instead of ENOTDIR if directory is writable
	since ENOTDIR can be a legitimate errno. This avoids a bogus
	"directory is writable" error in that case.
	[97ee37d905ce]

	* mkpkg:
	Fix the check for whether to include 32-bit arch in Mac OS X
	packages.
	[a76654512f6b]

2015-10-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	regen
	[58277a8f418b]

	* NEWS, src/sudo_edit.c:
	When creating a new file, sudoedit will now check that the file's
	parent directory exists before running the editor.
	[65bc45510fb2]

	* NEWS, doc/UPGRADE, doc/sudoers.cat, doc/sudoers.man.in,
	doc/sudoers.mdoc.in, plugins/sudoers/def_data.c,
	plugins/sudoers/def_data.h, plugins/sudoers/def_data.in,
	plugins/sudoers/match.c:
	Add always_query_group_plugin
	[7e9060d4c13a]

2015-10-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* ABOUT-NLS, MANIFEST:
	Add ABOUT-NLS from GNU gettext.
	[971c168c065a]

	* NEWS, config.h.in, configure, configure.ac, doc/sudoers.cat,
	doc/sudoers.man.in, doc/sudoers.mdoc.in, plugins/sudoers/def_data.c,
	plugins/sudoers/def_data.h, plugins/sudoers/def_data.in,
	plugins/sudoers/policy.c, plugins/sudoers/sudoers_version.h,
	src/sudo.c, src/sudo.h, src/sudo_edit.c:
	Add directory writability checks for sudoedit.
	[f5349d059a98]

2015-10-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Latest.
	[9aae49302c60]

	* src/conversation.c:
	Ignore the SUDO_CONV_PROMPT_ECHO_OK flag when echo is enabled. This
	was preventing a match of SUDO_CONV_PROMPT_ECHO_ON which resulted in
	a masked password instead of an echoed one.
	[53f6a78d79e3]

	* plugins/sudoers/auth/bsdauth.c:
	Repair challenge/response prompting for BSD authentication which got
	broken while it was converted to use the conversation function.
	[2d0b0cec5e4f]

	* plugins/sudoers/auth/sia.c, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/auth/sudo_auth.h:
	Use the auth_getpass (and the plugin conversation fuction) for Tru64
	SIA. This prevents sudo from sleeping while holding the tty ticket
	lock.
	[9221eec812cf]

	* NEWS, doc/UPGRADE, plugins/sudoers/env.c:
	For env_reset, SHELL should be set based on the target user, not the
	invoking user unless preserved via env_keep.
	[b77adbc08c91]

	* plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po:
	sync with translationproject.org
	[adb927ad5e86]

2015-10-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Hungarian and Slovak translations
	[d3b6acece125]

	* MANIFEST, doc/CONTRIBUTORS, plugins/sudoers/po/hu.mo,
	plugins/sudoers/po/hu.po, plugins/sudoers/po/sk.mo,
	plugins/sudoers/po/sk.po, po/sk.mo, po/sk.po:
	Add new Slovak and Hungarian translations from
	translationproject.org
	[132ec9b7a927]

2015-10-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo_edit.c:
	Remove S_ISREG check from sudo_edit_open(), it is already done in
	the caller.
	[9fff8c0bb1f7]

	* src/sudo_edit.c:
	Open sudoedit files with O_NONBLOCK and fail if they are not regular
	files.
	[56b01164869c]

	* plugins/sudoers/logging.c, plugins/sudoers/visudo.c, src/tgetpass.c:
	It is possible for WIFSTOPPED to be true even if waitpid() is not
	given WUNTRACED if the child is ptraced. Don't exit the waitpid()
	loop if WIFSTOPPED is true, just in case.
	[a2cab04a03da]

2015-09-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/cs.mo, plugins/sudoers/po/de.mo,
	plugins/sudoers/po/fi.mo, plugins/sudoers/po/it.mo,
	plugins/sudoers/po/ja.mo, plugins/sudoers/po/nb.mo,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pt_BR.mo,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/vi.mo,
	plugins/sudoers/po/zh_CN.mo, po/cs.mo, po/de.mo, po/fi.mo, po/fr.mo,
	po/gl.mo, po/it.mo, po/ja.mo, po/nb.mo, po/pl.mo, po/pt_BR.mo,
	po/uk.mo, po/vi.mo, po/zh_CN.mo:
	rebuild .mo files
	[676362ed6061]

	* plugins/sudoers/po/pt_BR.po, po/pt_BR.po:
	sync with translationproject.org
	[be932694e600]

2015-09-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.ac, src/sudo_noexec.c:
	There's no point in trying to interpose protected versions of the
	exec family of functions. Many modern C libraries use hidden symbols
	for the functions and syscalls defined in libc such that they cannot
	be overridden inside libc itself. We have to just wrap all the exec
	variants plus system and popen.
	[30aa4bd6c15b]

	* doc/sudo.conf.cat, doc/sudo.conf.man.in, doc/sudo.conf.mdoc.in:
	List all the functions wrapped by sudo_noexec.so.
	[57a9db56f4e0]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	The section is now called "EXEC and NOEXEC" and it is above, not
	below.
	[9b0a2537f65d]

	* src/sudo_noexec.c:
	Also wrap popen(3).
	[a826cd7787e9]

	* src/sudo_noexec.c:
	Also interpose system(3). On glibc systems you cannot interpose the
	syscalls used internally by libc.
	[58a5c06b5257]

	* src/conversation.c:
	Set active debug instance to sudo_debug_instance() during the
	conversation function.
	[22fb750d92a9]

2015-09-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	LOGNAME and USERNAME are set the same way as USER
	[54f170cf2536]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	Document behavior when the command dies from a signal in EXIT
	STATUS.
	[3c93d682e5e6]

2015-09-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Bug #722
	[5cca49bb0e02]

	* src/sudo.c:
	When the command sudo is running is killed by a signal, sudo will
	now send itself the same signal with the default signal handler
	instead of exiting. The bash shell appears to ignore some signals,
	e.g. SIGINT, unless the command is killed by that signal. This makes
	the behavior of commands run under sudo the same as without sudo
	when bash is the shell. Bug #722
	[153f016db8f1]

2015-09-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Adjust set_logname description to new behavior when any of LOGNAME,
	USER or USERNAME are preserved.
	[89009c2dcf38]

	* NEWS, plugins/sudoers/env.c:
	If some, but not all, of the LOGNAME, USER or USERNAME environment
	variables have been preserved from the invoking user's environment,
	sudo will now use the preserved value to set the remaining variables
	instead of using the runas user. This ensures that if, for example,
	only LOGNAME is present in the env_keep list, that sudo will not set
	USER and USERNAME to the runas user.
	[54a60fe72b9a]

2015-09-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/auth/pam.c:
	Fix passing of the callback pointer to the conversation function.
	This was preventing the on_suspend and on_resume functions from
	being called on PAM systems.
	[611246ded4ff]

	* include/sudo_plugin.h:
	Explicitly mark large hex constants unsigned.
	[5b67b0090814]

	* plugins/sudoers/timestamp.c:
	Cast sizeof(entry) to off_t before making it a negative offset for
	lseek(). Fixes "sudo -k" on Solaris and probably others.
	[ed5d312f6baa]

2015-09-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Add explicit mention of sudo's netgroup semantics since they differ
	from most other netgroup consumers.
	[0e9030f8cf56]

	* plugins/sudoers/po/fi.po, po/fi.po:
	sync with translationproject.org
	[f9236f25a616]

	* plugins/sudoers/check.c:
	Fix potential double free of the cookie when sudo is suspended at
	the password prompt.
	[cbecb3136155]

2015-09-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/cs.po, plugins/sudoers/po/zh_CN.po, po/cs.po,
	po/zh_CN.po:
	sync with translationproject.org
	[21138f16a3a6]

2015-09-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/de.po, plugins/sudoers/po/it.po,
	plugins/sudoers/po/ja.po, plugins/sudoers/po/nb.po,
	plugins/sudoers/po/pl.po, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.po, po/de.po, po/fr.po, po/gl.po, po/it.po,
	po/ja.po, po/nb.po, po/pl.po, po/uk.po, po/vi.po:
	sync with translationproject.org
	[2d9f3e4c3ccf]

	* NEWS:
	Bug #719
	[cfa393164a0f]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	SIGHUP is now relayed to the command. Bug #719
	[8db7c492c52a]

	* src/exec.c:
	When a terminal device is closed, SIGHUP is sent to the controlling
	process associated with that terminal. It is not sent to the entire
	process group so sudo needs to relay SIGHUP to the command when it
	is not being run in a new pty. Bug #719
	[b408a792f31a]

	* NEWS:
	Mention visudo bug in 1.8.14
	[0fec829807fd]

	* plugins/sudoers/visudo.c:
	We reserved two slots at the end of the editor argv for the line
	number and the file name. However, resolve_editor() adds "--" before
	the file names so the +line_number is interpreted as a file name,
	not a line number so we need to overwrite the "--" as well.
	[ff107430ee4b]

2015-09-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.ac, lib/util/sig2str.c,
	lib/util/strsignal.c:
	Remove checks for __sys_siglist and __sys_signame. They are internal
	to libc and there are no known systems that export those symbols
	that do not already export the single underbar or no- underbar
	versions.
	[2b3efe0a91f2]

	* plugins/sudoers/po/ru.mo, plugins/sudoers/po/ru.po, po/es.mo,
	po/es.po:
	Sync with translationproject.org
	[feb5eb934a9e]

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	regen
	[947e8320c557]

2015-09-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/tgetpass.c:
	Restore old signal handlers before tty settings. That way SIGTTOU is
	at its original value if sudo_term_restore() should fail.
	[69d2cc6c0702]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in:
	Document what happens when the on_suspend/on_resume callbacks return
	an error.
	[d8c9dcf7a926]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, include/sudo_plugin.h,
	plugins/group_file/group_file.c, plugins/group_file/plugin_test.c,
	plugins/sudoers/group_plugin.c, plugins/sudoers/policy.c,
	plugins/system_group/system_group.c, src/hooks.c:
	No need to have version macros for hooks, callbacks and the sudoers
	group plugin. We can just use the main sudo API macros. The sudoers
	group plugin macros are preserved for source compatibility but are
	not documented.
	[8c52bb83f991]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Properly escape the backslash before a comma in an example so the
	example rule is parsable by visudo.
	[6745d38e9876]

	* src/tgetpass.c:
	Ignore callbacks if major version doesn't match.
	[f852e6ebff01]

	* MANIFEST, config.h.in, configure, configure.ac,
	include/compat/timespec.h, lib/util/Makefile.in, lib/util/gettime.c,
	lib/util/utimens.c, plugins/sudoers/Makefile.in,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/timestamp.c,
	plugins/sudoers/visudo.c, src/Makefile.in, src/sudo_edit.c:
	Remove include/compat/timespec.h. Systems old enough to lack struct
	timespec are too old to build a modern sudo.
	[37812e10a449]

	* NEWS:
	Bug #713
	[8a7245d76799]

	* src/exec.c:
	Fill in cstat if exec_setup() fails. Previously it was only filled
	in for an execve() failure. Fixes an unkillable sudo process when
	exec_setup() fails and I/O logging is enabled.
	[ff1d39d9e505]

	* src/sudo.c:
	Fix running commands as non-root when neither setresuid() not
	setreuid() are available. At this point we are already root so
	setuid() must succeed. Bug #713
	[34754ad586c7]

	* src/sudo.c:
	Cast uid_t to unsigned int when printing as %u
	[669e2d5244a6]

	* doc/UPGRADE:
	Mention time stamp file locking changes, fix some spelling.
	[c4563ea85e3a]

	* NEWS:
	Update with latest changes.
	[2cbd50e7c158]

2015-09-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/check.c:
	Avoid touching the time stamp directory for "sudo -k command"
	[391d20c17775]

	* plugins/sudoers/timestamp.c:
	Bring back the check for time stamp files that predate the boot
	time. Instead of truncating we now unlink the file since another
	process may be sleeping on the lock.
	[9cdf7468d0f2]

	* config.h.in, configure, configure.ac, plugins/sudoers/iolog.c,
	plugins/sudoers/timestamp.c:
	Use pread(2) and pwrite(2) where possible.
	[86cd3f6bab9e]

	* src/exec_pty.c:
	sudo_term_* already restart themselve for all but SIGTTOU so we
	don't need to use our own restart loops.
	[113924cd05c0]

	* lib/util/locking.c:
	Set errno to EINVAL if sudo_lock_* is called with a bad type.
	[cfba014f1c1a]

	* plugins/sudoers/timestamp.c:
	Adjust new locking to work when tty_tickets is disabled. We need to
	use per-tty/ppid locking to gain exclusive access to the tty for the
	password prompt but use a separate (short term) lock that is shared
	among all sudo processes for the user.
	[d6d7a0bb6bd0]

	* plugins/sudoers/timestamp.c:
	Allow the time stamp lock to be interrupted by signals.
	[aa5017f86210]

	* lib/util/term.c, plugins/sudoers/check.c,
	plugins/sudoers/sudoreplay.c, src/tgetpass.c:
	Implement suspend/resume callbacks for the conversation function. If
	suspended, close the timestamp file (dropping all locks). On resume,
	lock the record before reading the password.

	For this to work properly we need to be able to run th callback when
	tsetattr() suspends us, not just when the user does. To accomplish
	this the term_* functions now return EINTR if SIGTTOU would be
	generated. The caller now has to restart the term_* function (and
	send itself SIGTTOU) instead of it being done automatically.
	[572374035897]

	* config.h.in, configure, configure.ac, include/sudo_util.h,
	lib/util/locking.c, lib/util/util.exp.in, plugins/sudoers/check.c,
	plugins/sudoers/check.h, plugins/sudoers/policy.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/timestamp.c:
	Lock individual records in the timestamp file instead of the entire
	file. This will make it possible for multiple sudo processes using
	the same tty to serialize their timestamp lookups.
	[f4ad82e36d90]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, include/sudo_fatal.h,
	include/sudo_plugin.h, lib/util/fatal.c, plugins/sudoers/auth/afs.c,
	plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/bsdauth.c,
	plugins/sudoers/auth/dce.c, plugins/sudoers/auth/fwtk.c,
	plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/rfc1938.c,
	plugins/sudoers/auth/secureware.c, plugins/sudoers/auth/securid5.c,
	plugins/sudoers/auth/sia.c, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/auth/sudo_auth.h, plugins/sudoers/check.c,
	plugins/sudoers/sudo_nss.c, plugins/sudoers/sudoers.h,
	src/conversation.c, src/sudo.c, src/sudo.h, src/sudo_plugin_int.h,
	src/tgetpass.c:
	Add a struct sudo_conv_callback that contains on_suspend and
	on_resume function pointer args plus a closure pointer and at it to
	the conversation function.
	[5608cb4c18f2]

2015-09-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, include/sudo_plugin.h:
	Make hook_version and hook_type unsigned.
	[77cb84793f07]

2015-09-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/base64.c, plugins/sudoers/match.c,
	plugins/sudoers/regress/parser/check_base64.c:
	When decoding base64, avoid using '=' in the decoded temporary array
	as a sentinel as it can legitimately be present. Instead, just use
	the count of bytes stored in the temp array to determine which bytes
	to fold into the destination.
	[6abef15d3954]

2015-08-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, plugins/sudoers/sudoers.c, plugins/sudoers/visudo.c:
	When parsing def_editor, break out of the loop when we find the
	first valid editor. Bug #714
	[c7508ed075c2]

2015-08-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/visudo.c:
	The condition for adding a missing newline at the end of sudoers was
	never reached. Keep track of the last character and write a newline
	character if when copying to the temp file. Found by Radovan Sroka.
	[86c20e7fc6bd]

	* plugins/sudoers/sudoers.c, plugins/sudoers/visudo.c:
	Remove extraneous while() from botched do {} while() loop conversion
	to use sudo_strsplit. Noticed by Radovan Sroka.
	[cd2d25510129]

2015-08-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/auth/pam.c, plugins/sudoers/auth/sudo_auth.c:
	In sudo_pam_begin_session() and sudo_pam_end_session() return
	AUTH_FATAL on error, not AUTH_FAILURE. In sudo_auth_begin_session()
	treat anything other than AUTH_SUCCESS as a fatal error.
	[3ad7296390f2]

	* doc/CONTRIBUTORS, src/exec.c, src/exec_pty.c:
	Linux sets si_pid in struct siginfo to 0 when the process that sent
	the signal is in a different container since the PID namespaces in
	different conatiners are separate. Avoid looking up the process
	group by id when si_pid is 0 since getpgid(0) returns the process
	group of the current process. Since sudo ignores signals sent by
	processes in its own process group, this had the effect of ignoring
	signals sent from other containers. From Maarten de Vries
	[6d3f43b95a1f]

	* plugins/sudoers/auth/pam.c:
	Sprinkle some debugging.
	[f5a94a3a1192]

2015-08-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.conf.cat, doc/sudo.conf.man.in,
	doc/sudo.man.in, doc/sudo.mdoc.in:
	Document that sudo uses the real uid to map from uid to passwd file
	user name.
	[04f6709675cc]

	* doc/sudo.cat, doc/sudo.conf.cat, doc/sudo.conf.man.in,
	doc/sudo.conf.mdoc.in, doc/sudo.man.in, doc/sudo.mdoc.in:
	disable_coredump can be set to no on modern OSes without security
	consequences.
	[ebe6d5bb2274]

2015-08-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in, doc/sudoers.cat,
	doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Emphasis on the never.
	[39ca000281c7]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Explicitly tell people not to grant sudoedit to directories the user
	can write to. While sudoedit will no longer open symbolic links,
	hard links are still an issue.
	[26e0afae9bae]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	Add warning about writable directories and sudo/sudoedit.
	[701ff725af42]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Emphasize that wildcards are not regexps. Bug #692
	[1e071810c4cb]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Emphasize that wildcards in command line arguments are dangerous.
	Document the failings of the passwd example on GNU systems. Bug #691
	[54d793aea6b2]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Escape the colons in [[:alpha:]] as required by sudoers.
	[ad875dd5ca64]

	* po/sudo.pot, src/sudo_edit.c:
	Change warning when user tries to sudoedit a symbolic link.
	[b8f44e834c2f]

2015-08-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	regen
	[5abaa0eeab86]

	* doc/sudo.conf.cat, doc/sudoers.ldap.cat, doc/sudoreplay.cat,
	doc/visudo.cat:
	regen
	[43e6b445734c]

	* doc/UPGRADE, doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in,
	doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, doc/sudoers.cat, doc/sudoers.man.in,
	doc/sudoers.mdoc.in, include/sudo_compat.h, include/sudo_plugin.h,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/gram.c,
	plugins/sudoers/gram.h, plugins/sudoers/gram.y,
	plugins/sudoers/ldap.c, plugins/sudoers/parse.c,
	plugins/sudoers/parse.h, plugins/sudoers/policy.c,
	plugins/sudoers/regress/sudoers/test1.in,
	plugins/sudoers/regress/sudoers/test1.json.ok,
	plugins/sudoers/regress/sudoers/test1.out.ok,
	plugins/sudoers/regress/sudoers/test1.toke.ok,
	plugins/sudoers/sudoers_version.h, plugins/sudoers/testsudoers.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l,
	plugins/sudoers/visudo_json.c, src/sesh.c, src/sudo.c, src/sudo.h,
	src/sudo_edit.c:
	Do not follow symbolic links in sudoedit by default. This behavior
	can be controlled by the sudoedit_follow Defaults flag as well as
	the FOLLOW/NOFOLLOW tags.
	[9636fd256325]

	* NEWS, aclocal.m4, configure, configure.ac:
	Sudo 1.8.15
	[bf18da363b06]

	* MANIFEST:
	add .json regress files to MANIFEST
	[03ddb3a9671b]

	* plugins/sudoers/Makefile.in,
	plugins/sudoers/regress/sudoers/test1.json.ok,
	plugins/sudoers/regress/sudoers/test10.json.ok,
	plugins/sudoers/regress/sudoers/test11.json.ok,
	plugins/sudoers/regress/sudoers/test12.json.ok,
	plugins/sudoers/regress/sudoers/test13.json.ok,
	plugins/sudoers/regress/sudoers/test14.json.ok,
	plugins/sudoers/regress/sudoers/test15.json.ok,
	plugins/sudoers/regress/sudoers/test16.json.ok,
	plugins/sudoers/regress/sudoers/test2.json.ok,
	plugins/sudoers/regress/sudoers/test3.json.ok,
	plugins/sudoers/regress/sudoers/test4.json.ok,
	plugins/sudoers/regress/sudoers/test5.json.ok,
	plugins/sudoers/regress/sudoers/test6.json.ok,
	plugins/sudoers/regress/sudoers/test7.json.ok,
	plugins/sudoers/regress/sudoers/test8.json.ok,
	plugins/sudoers/regress/sudoers/test9.json.ok:
	Check JSON output of sudoers test files too.
	[3d8517812b80]

2015-08-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c:
	Move comment to match moved code.
	[7a30f06462a8]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	maxseq is an int not a string
	[bffd97d22064]

2015-08-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/preserve_fds.c:
	Include sys/types.h for id_t. Bug #711
	[fda95d9ca1e9]

2015-07-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/fnmatch.c:
	Avoid a potential out of bounds read found by enh while fuzzing with
	address sanitizer enabled.
	[52d6b9916593]

2015-07-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkpkg:
	Set sssd lib location to /usr/lib64 on 64-bit RHEL/Centos. Bug #710
	[428421925a20]

2015-07-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/CONTRIBUTORS:
	Add Jakub Wilk
	[78bfdf2e441b]

2015-07-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/CONTRIBUTORS, src/Makefile.in:
	The init.d files are generated from a .in file so we need to install
	from top_builddir not top_srcdir. From Ross Burton. Bug #708
	[df1e7a0d3182]

2015-07-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/term.c:
	Replace two "return 0" with debug_return_bool(false).
	[49f8fb3dcd36]

	* src/ttyname.c:
	fix typo in previous commit
	[094488696f2c]

	* NEWS, configure, configure.ac:
	Sudo 1.8.14p3
	[0079c43d8247]

2015-07-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/ttyname.c:
	Fix errno value from get_process_ttyname() when no tty is present.
	[ff7b12bb0638]

	* src/ttyname.c:
	On AIX, only convert the tty device number from dev64_t to dev32_t
	if dev_t is 32-bits.
	[0e728a1eb07a]

2015-07-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, configure, configure.ac:
	Sudo 1.8.14p2
	[55fe56b28c7b]

	* plugins/sudoers/timestamp.c:
	Fix creation of the timestamp file; bug #704
	[1ff77fd5cc8f]

2015-07-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/regress/ttyname/check_ttyname.c, src/sudo.c, src/sudo.h,
	src/ttyname.c:
	Avoid needless memory allocation when resolving the tty name.
	[c58cce92d5e0]

2015-07-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, configure, configure.ac:
	Sudo 1.8.14p1
	[973705806759]

	* plugins/sudoers/sssd.c:
	Fix typo in sudo_sss_attrcpy() that caused a memory allocation
	error.
	[0fa324a7bb56]

2015-07-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/ja.mo, plugins/sudoers/po/uk.mo,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/zh_CN.mo:
	rebuild
	[e4c7cda46475]

2015-07-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/lbuf.c, plugins/sudoers/env.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/interfaces.c,
	plugins/sudoers/match.c, plugins/sudoers/pwutil_impl.c,
	plugins/sudoers/redblack.c, src/hooks.c, src/net_ifs.c, src/sudo.c:
	Add some debugging printfs when malloc fails and we don't have an
	explicit call to sudo_warnx().
	[07aebb5839c3]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l,
	plugins/sudoers/toke_util.c:
	Add missing warnings for memory allocation failure. Add function
	name to memory allocation warnings.
	[4f6027786a28]

	* lib/util/parseln.c:
	Return -1 if realloc() fails.
	[707632291eac]

	* lib/util/event.c, lib/util/event_poll.c, lib/util/event_select.c:
	Add line number to debug log for memory allocation errors.
	[f4f3debdfcc5]

	* plugins/sudoers/auth/pam.c:
	Add warning if calloc() fails. Add debugging for other unexpected
	errors.
	[a1e0945237d8]

	* plugins/sudoers/ldap.c:
	Add missing check for calloc(3) return value.
	[37fe3ca78e8e]

2015-07-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document that the values printed by "sudo -V" are affected by
	Defaults settings in sudoers.
	[80ec2572861b]

2015-07-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/group_plugin.c,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/sssd.c, src/load_plugins.c:
	Avoid calling dlerror() multiple times since it clear the error
	status after printing the error. Problem caused by
	sudo_warn/sudo_fatal being macros...
	[c0fd3b0fb9c3]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in, doc/sudoers.cat,
	doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Attempt to clarify the conditions under which MAIL and HOME are set
	to the target user.
	[ebd269bebe64]

2015-07-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkpkg:
	Better checks for the libaudit package for Debian and error out if
	we can't figure it out.
	[225c1bfcb629]

	* mkpkg:
	Fix linux_audit setting on non-multiarch Debian.
	[0a38e9d158f4]

	* sudo.pp:
	Fix typo that broke the linux_audit dependency on Debian.
	[0917bd45acf1]

	* NEWS:
	Mention /proc/stat btime fix.
	[754050a340e2]

	* config.h.in, configure, configure.ac, lib/util/getaddrinfo.c,
	plugins/sudoers/interfaces.c, plugins/sudoers/match_addr.c,
	src/net_ifs.c:
	Solaris 2.6 has the prototypes for inet_pton() and inet_ntop() in
	resolv.h.
	[dc0f62743845]

	* plugins/sudoers/boottime.c:
	Sprinkle debugging for boottime.
	[dfb45c763179]

	* mkpkg:
	The old Solaris /bin/sh doesn't support POSIX $( .. ) syntax, use
	backquotes instead.
	[c9e33ffef2b1]

2015-07-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkpkg, sudo.pp:
	Only use --with-sssd-lib on Debian/Ubuntu w/ multipackage. Use dpkg-
	query to determine the name of the audit package for proper
	dependencies.
	[e9669389aa2f]

	* mkpkg, plugins/sudoers/sudoers.in, sudo.pp:
	Update Debian/Ubuntu packages to be more like the vendor ones. One
	notable exception is that sudo.ws packages use /var/run, not
	/var/lib for timestamp files.
	[0f4c49a3768e]

	* plugins/sudoers/boottime.c:
	Strip newline from /proc/stat btime line to avoid a strtonum()
	failure. From Jakub Wilk.
	[8a04f85a070f]

	* src/exec_pty.c:
	In io_callback() service writes before reads. That way, if both
	SUDO_EV_READ and SUDO_EV_WRITE are set and read() returns 0 (EOF) we
	don't close the fd before the write() is performed.

	If the write() returns EPIPE, ENXIO, EIO or EBADF, clear
	SUDO_EV_READ before we close the fd to avoid calling read() on a
	closed fd.
	[167548fd8af2]

2015-07-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/regress/sudo_conf/conf_test.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/visudo.c, src/sesh.c, src/sudo.c:
	Check sudo_conf_read() return value and exit on fatal error (a
	warning was already printed by sudo_conf_read()).
	[d05797f4f197]

	* NEWS:
	Mention double-quoted sudoOption value support.
	[55684a73f097]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	Add support for parsing quoted strings in a sudoOption just like
	sudoers Defaults settings.
	[fe8291414179]

	* plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po,
	plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po, po/da.mo,
	po/da.po:
	Sync with translationproject.org
	[1c15d1a3dbdd]

2015-07-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	Update year.
	[6ca660e4a957]

	* plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/nb.mo, plugins/sudoers/po/nb.po, po/de.mo,
	po/de.po, po/nb.mo, po/nb.po:
	Sync with translationproject.org
	[d7ede74dcb19]

	* src/sudo.c:
	Fix utmp setup broken by commit be0ca60facf8
	[cd8a06f57f2b]

2015-07-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/cs.mo, plugins/sudoers/po/cs.po,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po,
	plugins/sudoers/po/ja.po, plugins/sudoers/po/pl.mo,
	plugins/sudoers/po/pl.po, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.po, plugins/sudoers/po/zh_CN.po, po/cs.mo,
	po/cs.po, po/fr.mo, po/fr.po, po/it.mo, po/it.po, po/pl.mo,
	po/pl.po:
	Sync with translationproject.org
	[aa473519e66d]

	* plugins/sudoers/po/sudoers.pot:
	regen
	[8f8aa321f043]

	* plugins/sudoers/logging.c:
	Fix typo in error message.
	[220832711826]

2015-07-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Bug #702 is the AIX timespec issue.
	[c597a312e816]

	* config.h.in, configure, configure.ac, lib/util/closefrom.c,
	lib/util/getcwd.c, lib/util/glob.c, plugins/sudoers/match.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l, src/ttyname.c:
	We require POSIX so no need to conditionally include dirent.h. Add a
	check for d_namlen and use the result in the NAMLEN macro.
	[2728194cb6cf]

	* lib/util/event.c, lib/util/event_poll.c, lib/util/event_select.c,
	lib/util/getcwd.c, lib/util/gettime.c, lib/util/glob.c,
	lib/util/lbuf.c, lib/util/locking.c, lib/util/mktemp.c,
	lib/util/parseln.c, lib/util/secure_path.c, lib/util/setgroups.c,
	lib/util/sudo_conf.c, lib/util/sudo_debug.c, lib/util/ttysize.c,
	plugins/group_file/group_file.c, plugins/sample/sample_plugin.c,
	plugins/sudoers/alias.c, plugins/sudoers/auth/afs.c,
	plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/bsdauth.c,
	plugins/sudoers/auth/dce.c, plugins/sudoers/auth/fwtk.c,
	plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/rfc1938.c,
	plugins/sudoers/auth/secureware.c, plugins/sudoers/auth/securid5.c,
	plugins/sudoers/auth/sia.c, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/check.c, plugins/sudoers/defaults.c,
	plugins/sudoers/editor.c, plugins/sudoers/env.c,
	plugins/sudoers/find_path.c, plugins/sudoers/getspwuid.c,
	plugins/sudoers/goodpath.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/group_plugin.c,
	plugins/sudoers/interfaces.c, plugins/sudoers/iolog.c,
	plugins/sudoers/ldap.c, plugins/sudoers/logging.c,
	plugins/sudoers/match.c, plugins/sudoers/match_addr.c,
	plugins/sudoers/parse.c, plugins/sudoers/policy.c,
	plugins/sudoers/pwutil.c, plugins/sudoers/pwutil_impl.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sssd.c,
	plugins/sudoers/sudo_nss.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers_debug.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/timestamp.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l,
	plugins/sudoers/toke_util.c, plugins/sudoers/visudo.c,
	plugins/sudoers/visudo_json.c, plugins/system_group/system_group.c,
	src/conversation.c, src/exec.c, src/exec_common.c, src/exec_pty.c,
	src/get_pty.c, src/hooks.c, src/load_plugins.c, src/net_ifs.c,
	src/openbsd.c, src/parse_args.c, src/preserve_fds.c, src/signal.c,
	src/solaris.c, src/sudo.c, src/sudo_edit.c, src/sudo_noexec.c,
	src/tgetpass.c, src/ttyname.c, src/utmp.c:
	There's no need to conditionalize the #include <unistd.h>, we
	require a POSIX system.
	[79389c527c08]

	* include/sudo_compat.h:
	Remove some compatibilty defines that should no longer be needed.
	[e9136646d1c6]

2015-06-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Final changes in 1.8.14
	[3a5cd4f2875a]

	* include/sudo_compat.h:
	Need to include stddef.h to get rsize_t on Mac OS X for
	sudo_memset_s() prototype.
	[9615efed4a9a]

	* lib/util/regress/parse_gids/parse_gids_test.c,
	lib/util/regress/strsplit/strsplit_test.c:
	Add missing exit value.
	[484202b53893]

	* lib/util/regress/mktemp/mktemp_test.c:
	Add missing fcntl.h include.
	[020fe6252d96]

	* configure, configure.ac:
	Do check for inet_pton before inet_ntop since we may need to record
	dependent libraries for inet_pton when linking our getaddrinfo
	replacement.
	[fde03eefd88d]

	* include/sudo_debug.h, lib/util/sudo_debug.c:
	Fix build on compilers w/o __func__ or __FUNCTION__
	[196d75416cd5]

	* lib/util/util.exp.in:
	Remove sudo_evasprintf_v1, missed during alloc.c removal.
	[7d0ac7e5909d]

	* lib/util/snprintf.c:
	Add missing fcntl.h include.
	[23b886deb879]

	* config.h.in, configure, configure.ac:
	Add check for inline support.
	[061dab0e411c]

2015-06-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/LICENSE:
	Add reallocarray.c license.
	[b4b4d46309f3]

2015-06-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/CONTRIBUTORS:
	Fix entry for Joel Pelaez Jorge.
	[386434049903]

2015-06-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/sudo_lbuf.h, lib/util/lbuf.c, lib/util/util.exp.in,
	plugins/sudoers/ldap.c, plugins/sudoers/parse.c,
	plugins/sudoers/sssd.c, plugins/sudoers/sudo_nss.c:
	Add an error flag to the lbuf struct to simplify error checking.
	Callers of the lbuf functions now check the error flag to tell if a
	memory allocation error ocurred.
	[bc44b0fbc03b]

	* plugins/sudoers/parse.c, plugins/sudoers/sudo_nss.c,
	plugins/sudoers/sudo_nss.h, plugins/sudoers/sudoers.h:
	display_privs() and display_cmnd() may need to return -1 on error.
	[b6d8826900bb]

2015-06-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudo_nss.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	Return -1, not 0 from sudoers when there is an error (as opposed to
	a policy denial).
	[5d197fe29e0e]

	* plugins/sudoers/check.c, plugins/sudoers/check.h,
	plugins/sudoers/ldap.c, plugins/sudoers/logging.c,
	plugins/sudoers/parse.c, plugins/sudoers/policy.c,
	plugins/sudoers/prompt.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/timestamp.c:
	Check restore_perms() return value in all cases, pushing the return
	value back up the call stack.
	[c9beeed2b614]

	* doc/CONTRIBUTORS:
	Add Joel Pelaez Jorge
	[55387b44d6e9]

	* plugins/sudoers/auth/pam.c:
	When checking whether the PAM prompt matches "Password:", also check
	for the untranslated version. The PAM module might not be using the
	localized string even though it exists. From Joel Pelaez Jorge.
	Fixes Bug #701
	[d87f6f2ccb42]

2015-06-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	Silence clang analyzer warning on glibc systems where the first
	argument to qsort() is marked as non-NULL. Also change some counters
	from into to unsigned int and two flags from int to bool.
	[09e400445ca2]

2015-06-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoreplay.c:
	Silence clang analyzer warning on glibc systems where the first
	argument to qsort() is marked as non-NULL.
	[34fa7256f1e2]

	* include/sudo_compat.h, include/sudo_debug.h, include/sudo_util.h,
	src/preserve_fds.c:
	Use our own bitmap macros instead of borrowing the ones from select.
	[51ef403511d9]

	* src/ttyname.c:
	Quiet clang analyzer false positive.
	[9ebecd6b6b29]

	* src/sesh.c:
	Fix uninitialized variables warnings in error case when src file
	cannot be opened. At least one of these is a false positive.
	[98b417c1307a]

	* lib/util/sudo_debug.c:
	Must call round_nfds() with fd+1 since it takes a count not the fd
	number. In other words, the lowest value is 1, not 0.
	[cc175cba5371]

2015-06-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/getline.c, plugins/sudoers/toke_util.c:
	It's safe to rely on C89 semantics for realloc(NULL, size).
	[b633582413ac]

	* plugins/sudoers/env.c:
	malloc() sets errno to ENOMEM on failure so we don't need to set it
	explicitly.
	[09cb5ceaaec3]

	* include/sudo_compat.h:
	No longer need __malloc_like
	[a41b69f256f6]

	* lib/util/util.exp.in:
	Remove symbols from the now-removed alloc.c.
	[da0753d85d20]

	* include/sudo_compat.h, lib/util/aix.c, lib/util/closefrom.c,
	lib/util/event.c, lib/util/event_poll.c, lib/util/event_select.c,
	lib/util/getaddrinfo.c, lib/util/getcwd.c, lib/util/getgrouplist.c,
	lib/util/gethostname.c, lib/util/getline.c, lib/util/getopt_long.c,
	lib/util/gettime.c, lib/util/gidlist.c, lib/util/glob.c,
	lib/util/key_val.c, lib/util/lbuf.c, lib/util/locking.c,
	lib/util/mksiglist.c, lib/util/mksigname.c, lib/util/parseln.c,
	lib/util/progname.c, lib/util/pw_dup.c, lib/util/reallocarray.c,
	lib/util/regress/atofoo/atofoo_test.c,
	lib/util/regress/parse_gids/parse_gids_test.c,
	lib/util/regress/progname/progname_test.c,
	lib/util/regress/strsplit/strsplit_test.c,
	lib/util/regress/sudo_conf/conf_test.c,
	lib/util/regress/sudo_parseln/parseln_test.c, lib/util/setgroups.c,
	lib/util/sha2.c, lib/util/sig2str.c, lib/util/snprintf.c,
	lib/util/strndup.c, lib/util/strsplit.c, lib/util/strtobool.c,
	lib/util/strtoid.c, lib/util/strtomode.c, lib/util/strtonum.c,
	lib/util/sudo_conf.c, lib/util/sudo_debug.c, lib/util/sudo_dso.c,
	lib/util/term.c, lib/util/ttysize.c, plugins/group_file/getgrent.c,
	plugins/group_file/group_file.c, plugins/group_file/plugin_test.c,
	plugins/sample/sample_plugin.c, plugins/sudoers/alias.c,
	plugins/sudoers/audit.c, plugins/sudoers/auth/afs.c,
	plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/bsdauth.c,
	plugins/sudoers/auth/dce.c, plugins/sudoers/auth/fwtk.c,
	plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/rfc1938.c,
	plugins/sudoers/auth/secureware.c, plugins/sudoers/auth/securid5.c,
	plugins/sudoers/auth/sia.c, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/base64.c, plugins/sudoers/boottime.c,
	plugins/sudoers/check.c, plugins/sudoers/defaults.c,
	plugins/sudoers/editor.c, plugins/sudoers/env.c,
	plugins/sudoers/find_path.c, plugins/sudoers/getdate.c,
	plugins/sudoers/getdate.y, plugins/sudoers/getspwuid.c,
	plugins/sudoers/group_plugin.c, plugins/sudoers/interfaces.c,
	plugins/sudoers/iolog.c, plugins/sudoers/iolog_path.c,
	plugins/sudoers/linux_audit.c, plugins/sudoers/locale.c,
	plugins/sudoers/logging.c, plugins/sudoers/logwrap.c,
	plugins/sudoers/match.c, plugins/sudoers/match_addr.c,
	plugins/sudoers/parse.c, plugins/sudoers/policy.c,
	plugins/sudoers/prompt.c, plugins/sudoers/pwutil_impl.c,
	plugins/sudoers/redblack.c,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/parser/check_addr.c,
	plugins/sudoers/regress/parser/check_base64.c,
	plugins/sudoers/regress/parser/check_digest.c,
	plugins/sudoers/regress/parser/check_fill.c,
	plugins/sudoers/regress/parser/check_hexchar.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sssd.c,
	plugins/sudoers/sudo_nss.c, plugins/sudoers/sudo_printf.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers_debug.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/timestamp.c, plugins/sudoers/timestr.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l,
	plugins/sudoers/toke_util.c, plugins/sudoers/tsgetgrpw.c,
	plugins/sudoers/visudo.c, plugins/sudoers/visudo_json.c,
	plugins/system_group/system_group.c, src/conversation.c,
	src/env_hooks.c, src/exec.c, src/exec_common.c, src/exec_pty.c,
	src/get_pty.c, src/hooks.c, src/load_plugins.c, src/net_ifs.c,
	src/openbsd.c, src/parse_args.c, src/preserve_fds.c,
	src/regress/ttyname/check_ttyname.c, src/selinux.c, src/signal.c,
	src/solaris.c, src/sudo.c, src/sudo_edit.c, src/tgetpass.c,
	src/ttyname.c, src/utmp.c:
	Only include stddef.h where it is needed.
	[ce597fb7ffb9]

2015-06-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	regen
	[cad83b927f4e]

	* lib/util/sudo_conf.c, plugins/sudoers/locale.c:
	Better handling of setlocale() returning NULL.
	[7cd4fcdb528c]

	* lib/util/aix.c, lib/util/gidlist.c, lib/util/sudo_conf.c,
	plugins/sudoers/auth/pam.c, plugins/sudoers/auth/rfc1938.c,
	plugins/sudoers/defaults.c, plugins/sudoers/editor.c,
	plugins/sudoers/env.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/group_plugin.c,
	plugins/sudoers/iolog.c, plugins/sudoers/iolog_path.c,
	plugins/sudoers/ldap.c, plugins/sudoers/linux_audit.c,
	plugins/sudoers/logging.c, plugins/sudoers/match.c,
	plugins/sudoers/parse.c, plugins/sudoers/policy.c,
	plugins/sudoers/prompt.c, plugins/sudoers/sssd.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers_debug.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/visudo.c, src/conversation.c, src/exec.c,
	src/exec_common.c, src/exec_pty.c, src/load_plugins.c,
	src/parse_args.c, src/preserve_fds.c, src/selinux.c, src/sesh.c,
	src/sudo.c, src/sudo_edit.c:
	Add function name to "unable to allocate memory" warnings.
	[98c07e26a13e]

	* configure, configure.ac, include/sudo_compat.h, lib/util/aix.c,
	lib/util/closefrom.c, lib/util/event.c, lib/util/event_poll.c,
	lib/util/event_select.c, lib/util/getaddrinfo.c, lib/util/getcwd.c,
	lib/util/getgrouplist.c, lib/util/gethostname.c, lib/util/getline.c,
	lib/util/getopt_long.c, lib/util/gettime.c, lib/util/gidlist.c,
	lib/util/glob.c, lib/util/key_val.c, lib/util/lbuf.c,
	lib/util/locking.c, lib/util/mksiglist.c, lib/util/mksigname.c,
	lib/util/parseln.c, lib/util/progname.c, lib/util/pw_dup.c,
	lib/util/reallocarray.c, lib/util/regress/atofoo/atofoo_test.c,
	lib/util/regress/parse_gids/parse_gids_test.c,
	lib/util/regress/progname/progname_test.c,
	lib/util/regress/strsplit/strsplit_test.c,
	lib/util/regress/sudo_conf/conf_test.c,
	lib/util/regress/sudo_parseln/parseln_test.c,
	lib/util/regress/tailq/hltq_test.c, lib/util/setgroups.c,
	lib/util/sha2.c, lib/util/sig2str.c, lib/util/snprintf.c,
	lib/util/strndup.c, lib/util/strsplit.c, lib/util/strtobool.c,
	lib/util/strtoid.c, lib/util/strtomode.c, lib/util/strtonum.c,
	lib/util/sudo_conf.c, lib/util/sudo_debug.c, lib/util/sudo_dso.c,
	lib/util/term.c, lib/util/ttysize.c, plugins/group_file/getgrent.c,
	plugins/group_file/group_file.c, plugins/sample/sample_plugin.c,
	plugins/sudoers/alias.c, plugins/sudoers/audit.c,
	plugins/sudoers/auth/afs.c, plugins/sudoers/auth/aix_auth.c,
	plugins/sudoers/auth/bsdauth.c, plugins/sudoers/auth/dce.c,
	plugins/sudoers/auth/fwtk.c, plugins/sudoers/auth/kerb5.c,
	plugins/sudoers/auth/pam.c, plugins/sudoers/auth/passwd.c,
	plugins/sudoers/auth/rfc1938.c, plugins/sudoers/auth/secureware.c,
	plugins/sudoers/auth/securid5.c, plugins/sudoers/auth/sia.c,
	plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/base64.c,
	plugins/sudoers/boottime.c, plugins/sudoers/check.c,
	plugins/sudoers/defaults.c, plugins/sudoers/editor.c,
	plugins/sudoers/env.c, plugins/sudoers/find_path.c,
	plugins/sudoers/getdate.c, plugins/sudoers/getdate.y,
	plugins/sudoers/getspwuid.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/group_plugin.c,
	plugins/sudoers/interfaces.c, plugins/sudoers/iolog.c,
	plugins/sudoers/iolog_path.c, plugins/sudoers/ldap.c,
	plugins/sudoers/linux_audit.c, plugins/sudoers/locale.c,
	plugins/sudoers/logging.c, plugins/sudoers/logwrap.c,
	plugins/sudoers/match.c, plugins/sudoers/match_addr.c,
	plugins/sudoers/parse.c, plugins/sudoers/policy.c,
	plugins/sudoers/prompt.c, plugins/sudoers/pwutil.c,
	plugins/sudoers/pwutil_impl.c, plugins/sudoers/redblack.c,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/parser/check_addr.c,
	plugins/sudoers/regress/parser/check_base64.c,
	plugins/sudoers/regress/parser/check_digest.c,
	plugins/sudoers/regress/parser/check_fill.c,
	plugins/sudoers/regress/parser/check_hexchar.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sssd.c,
	plugins/sudoers/sudo_nss.c, plugins/sudoers/sudo_printf.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers_debug.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/timestamp.c, plugins/sudoers/timestr.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l,
	plugins/sudoers/toke_util.c, plugins/sudoers/tsgetgrpw.c,
	plugins/sudoers/visudo.c, plugins/sudoers/visudo_json.c,
	plugins/system_group/system_group.c, src/conversation.c,
	src/env_hooks.c, src/exec.c, src/exec_common.c, src/exec_pty.c,
	src/get_pty.c, src/hooks.c, src/load_plugins.c, src/net_ifs.c,
	src/openbsd.c, src/parse_args.c, src/preserve_fds.c,
	src/regress/ttyname/check_ttyname.c, src/signal.c, src/solaris.c,
	src/sudo.c, src/sudo_edit.c, src/tgetpass.c, src/ttyname.c,
	src/utmp.c:
	We require ANSI C so stop using the obsolete STDC_HEADERS.
	[35a5a680e5fe]

	* config.h.in, configure, configure.ac:
	Add back _REENTRANT define on HP-UX to expose strtok_r on some
	versions. We may need to define it on other systems too.
	[12c36f12eed2]

	* lib/util/getgrouplist.c, lib/util/regress/glob/globtest.c,
	lib/util/sudo_debug.c, plugins/group_file/getgrent.c,
	plugins/group_file/plugin_test.c, plugins/sample/sample_plugin.c,
	plugins/sudoers/group_plugin.c, plugins/sudoers/interfaces.c,
	plugins/sudoers/ldap.c, plugins/sudoers/logging.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/sudo_nss.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/tsgetgrpw.c:
	Use strtok_r() instead of strtok()
	[6b8e3c253dcf]

	* configure, configure.ac:
	Fix check for strnlen() when cross-compiling.
	[e501c508891a]

	* plugins/sudoers/interfaces.c:
	Use sudo_strsplit() in dump_interfaces.
	[b76ee2f47f37]

2015-06-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/inet_pton.c, lib/util/key_val.c, lib/util/lbuf.c,
	lib/util/locking.c, lib/util/parseln.c,
	lib/util/regress/parse_gids/parse_gids_test.c,
	lib/util/regress/progname/progname_test.c,
	lib/util/regress/strsplit/strsplit_test.c,
	lib/util/regress/sudo_conf/conf_test.c,
	lib/util/regress/sudo_parseln/parseln_test.c,
	lib/util/regress/tailq/hltq_test.c, lib/util/sha2.c,
	lib/util/snprintf.c, lib/util/strtobool.c, lib/util/term.c,
	plugins/group_file/getgrent.c, plugins/group_file/group_file.c,
	plugins/sample/sample_plugin.c, plugins/sudoers/boottime.c,
	plugins/sudoers/editor.c, plugins/sudoers/getdate.c,
	plugins/sudoers/getdate.y, plugins/sudoers/interfaces.c,
	plugins/sudoers/iolog_path.c, plugins/sudoers/policy.c,
	plugins/sudoers/pwutil.c, plugins/sudoers/pwutil_impl.c,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/parser/check_base64.c,
	plugins/sudoers/regress/parser/check_digest.c,
	plugins/sudoers/regress/parser/check_hexchar.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/tsgetgrpw.c, plugins/system_group/system_group.c,
	src/conversation.c, src/exec_pty.c, src/net_ifs.c, src/openbsd.c,
	src/preserve_fds.c, src/regress/ttyname/check_ttyname.c,
	src/solaris.c, src/sudo.c, src/tgetpass.c, src/ttyname.c,
	src/utmp.c:
	Remove obsolete memory.h include.
	[0c1351d614a9]

	* config.h.in, configure, configure.ac, lib/util/getcwd.c,
	lib/util/gethostname.c, lib/util/glob.c, lib/util/locking.c,
	lib/util/parseln.c, lib/util/pw_dup.c, lib/util/reallocarray.c,
	lib/util/snprintf.c, lib/util/strndup.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l, plugins/sudoers/toke_util.c,
	src/env_hooks.c:
	Remove support for the obsolete malloc.h header.
	[2a118de27d4e]

	* config.h.in, configure, configure.ac, plugins/sudoers/defaults.c,
	plugins/sudoers/logging.c:
	Remove BROKEN_SYSLOG define which was for obsolete versions of HP-
	UX. Remove last remnants of 4.2BSD syslog support.
	[e234515f515d]

	* lib/util/sudo_conf.c:
	Use sudo_strsplit() instead of doing the equivalent manually.
	[220f2e4a0e68]

	* lib/util/regress/strsplit/strsplit_test.c:
	Test strsplit behavior with an empty string.
	[62ae80dcee4a]

	* lib/util/Makefile.in, lib/zlib/Makefile.in,
	plugins/group_file/Makefile.in, plugins/sample/Makefile.in,
	plugins/sudoers/Makefile.in, plugins/system_group/Makefile.in,
	src/Makefile.in:
	Allow "make LIBTOOL=/path/to/libtool" to work properly.
	[f9e5f7109107]

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/editor.c,
	plugins/sudoers/find_path.c, plugins/sudoers/goodpath.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/visudo.c:
	Use a common function for resolviong the user's editor in sudoedit
	and visudo. The find_path() function now returns a dynamically
	allocated path instead of using a static string.
	[97fe58966144]

	* config.h.in, configure, configure.ac, lib/util/Makefile.in,
	lib/zlib/Makefile.in, plugins/group_file/Makefile.in,
	plugins/sample/Makefile.in, plugins/sudoers/Makefile.in,
	plugins/system_group/Makefile.in, src/Makefile.in:
	Replace use of OSDEFS with config.h defines. Rename DEFS in
	Makefile.in to CPPDEFS and include in CPPFLAGS. Bring back
	_BSD_SOURCE as a config.h define. Remove obsolescent _REENTRANT
	define.
	[0d76a12adca8]

2015-06-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, include/sudo_alloc.h, lib/util/Makefile.in,
	lib/util/alloc.c:
	Remove now-unused sudo_alloc.h and alloc.c
	[0fe70085c75c]

	* plugins/sudoers/Makefile.in, src/Makefile.in, src/conversation.c,
	src/env_hooks.c, src/exec.c, src/exec_common.c, src/exec_pty.c,
	src/hooks.c, src/load_plugins.c, src/net_ifs.c, src/parse_args.c,
	src/preserve_fds.c, src/regress/ttyname/check_ttyname.c,
	src/selinux.c, src/sesh.c, src/sudo.c, src/sudo.h, src/sudo_edit.c,
	src/ttyname.c:
	Avoid using exiting allocators in the front end.
	[be0ca60facf8]

	* include/sudo_conf.h, include/sudo_lbuf.h, lib/util/Makefile.in,
	lib/util/aix.c, lib/util/gidlist.c, lib/util/lbuf.c,
	lib/util/sudo_conf.c, lib/util/sudo_debug.c:
	Use non-exiting allocators in libsudo_util.
	[d9b7cf17b9b4]

	* plugins/sudoers/ldap.c, plugins/sudoers/logging.c:
	Remove asprintf() return value warnings.
	[fe25ce11f96a]

	* config.h.in, configure, configure.ac:
	Use AC_FUNC_STRNLEN to check for broken strnlen() on AIX. This
	requires that we use AC_USE_SYSTEM_EXTENSIONS so remove things from
	OSDEFS that are enabled by AC_USE_SYSTEM_EXTENSIONS.
	[1f64269cab6e]

	* plugins/sudoers/ldap.c:
	Remove extraneous semicolons in CHECK_* macros.
	[ef99aa3c9d70]

	* plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/visudo.c:
	Remove remaining SUDO_MAIN remnants.
	[1c077699f444]

	* plugins/sudoers/Makefile.in, plugins/sudoers/alias.c,
	plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/bsdauth.c,
	plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/rfc1938.c,
	plugins/sudoers/auth/secureware.c, plugins/sudoers/auth/sia.c,
	plugins/sudoers/check.c, plugins/sudoers/defaults.c,
	plugins/sudoers/defaults.h, plugins/sudoers/env.c,
	plugins/sudoers/find_path.c, plugins/sudoers/getspwuid.c,
	plugins/sudoers/group_plugin.c, plugins/sudoers/interfaces.c,
	plugins/sudoers/interfaces.h, plugins/sudoers/iolog.c,
	plugins/sudoers/iolog_path.c, plugins/sudoers/linux_audit.c,
	plugins/sudoers/locale.c, plugins/sudoers/logging.h,
	plugins/sudoers/match.c, plugins/sudoers/parse.c,
	plugins/sudoers/policy.c, plugins/sudoers/prompt.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/regress/parser/check_addr.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/sudoers_debug.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c:
	Use non-exiting allocatings in the sudoers plugin.
	[a5668cb9c516]

2015-06-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sssd.c:
	Use non-exiting allocators in the sudoers SSSD backend.
	[dba29b55ac0b]

	* plugins/sudoers/ldap.c:
	Use non-exiting allocators in the sudoers LDAP backend.
	[37bfa441345a]

	* lib/util/Makefile.in:
	regen dependencies
	[5be6eb005946]

2015-06-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, lib/util/Makefile.in, mkdep.pl:
	Add missing dependency info for reallocarray.lo in
	lib/util/Makefile.in and regen configure to match last configure.ac
	change.
	[da1fc49b53dc]

	* plugins/sudoers/ldap.c:
	Use \28 and \29 instead of \( and \) in the ldap query as per RFC
	2254. Fixes netgroup queries on AIX. From Steven Soulen.
	[33267d6243aa]

2015-06-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/glob.c:
	Move pattern length check until after we have initialized the glob_t
	so we can call globfree() even on error. From Frank Denis.
	[a246f9054395]

2015-06-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c, src/sudo.c:
	We need to unlimit RLIMIT_NPROC in sudoers as well as the sudo front
	end since set_perms() and restore_perms change the read uid and may
	fail with EAGAIN on Linux kernels prior to 3.1.
	[e6a03c31f4e5]

2015-06-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	Fix underlining of "root" in -u option descriptions. Bug #699
	[b3afe47d9798]

	* doc/UPGRADE, src/load_plugins.c:
	Remove support for converting plugin.so -> plugin.sl on HP-UX when
	plugin.so can not be found. This was a temporary hack for using an
	older (pre 1.8.7) sudoers plugin with a newer sudo front-end.
	[561e2ce444ed]

2015-06-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/event.c, lib/util/event_select.c:
	Add debugging output on memory alloc failure. Add missing checks in
	event_select.c for reallocarray() failure.
	[0853c7bcbeaa]

	* lib/util/event_poll.c:
	Use non-exiting allocators.
	[5ed0e276b551]

2015-06-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/logging.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	Bring back VALIDATE_ERROR which will be used in the case of memory
	allocation errors.
	[784c885db95c]

2015-06-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/snprintf.c:
	If asprintf() or vasprintf() fail, set the dest pointer to NULL like
	BSD and Solaris do. This appears to be the direction glibc is going
	as well.
	[92fb2283dc9a]

2015-05-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/env.c:
	Use a stack buffer for the validate_env_vars() error message.
	[69df3a0cbc2b]

2015-05-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/fatal.c:
	Fix typo/thinko in static buffer conversion; use vsnprintf() not
	snprintf()
	[9d42fb3a94f6]

	* plugins/sudoers/ldap.c:
	Fix old gcc2 variadic macro support.
	[fd951ed8865e]

	* plugins/sudoers/visudo.c:
	Restore old behavior where visudo prevents you from making the main
	sudoers file zero length.
	[b03ef908120f]

	* plugins/sudoers/logging.c, plugins/sudoers/logging.h,
	plugins/sudoers/sudoers.c:
	Non-exiting allocators for log functions. If log_allowed() fails the
	user may not run the command. We don't try to return early for
	log_failure(), log_auth_failure() or log_denial() as we would not
	run the command in that case.
	[40c3d0dd75bc]

	* plugins/sudoers/alias.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l, plugins/sudoers/toke_util.c:
	Use non-exiting allocators in the parser (much of it already did).
	[f14222e5ad1b]

	* lib/util/aix.c, plugins/sudoers/pwutil.c,
	plugins/sudoers/pwutil_impl.c:
	Use non-existing allocators in the passwd/group cache functions.
	[86bbe840f348]

	* MANIFEST, configure.ac, lib/util/alloc.c, lib/util/reallocarray.c:
	Add standalone reallocarray.c from OpenBSD instead of rolling our
	own.
	[36ec5840729e]

	* plugins/sudoers/alias.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/iolog.c,
	plugins/sudoers/parse.h, plugins/sudoers/pwutil.c,
	plugins/sudoers/redblack.c, plugins/sudoers/redblack.h,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c:
	Use non-exiting allocators in the redblack tree and fix the fallout.
	Also switch to non-exiting allocators in affected code blocks.
	[bca56cf769cb]

	* plugins/sudoers/alias.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/parse.h:
	The error string returned by alias_add should be const.
	[b378188a0a8f]

	* plugins/sudoers/policy.c:
	Fix typo, efree vs. free.
	[9146ba7473ca]

	* plugins/sudoers/policy.c, src/exec_common.c, src/sudo.c:
	Add a few missing sudo_new_key_val() return value checks. Also use
	non-exiting allocators for consistency.
	[2ae76a679052]

2015-05-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, lib/util/Makefile.in,
	lib/util/regress/parse_gids/parse_gids_test.c,
	lib/util/regress/strsplit/strsplit_test.c:
	Add unit tests for strsplit and parse_gid_list.
	[e08c5ff7b5f0]

	* MANIFEST, include/sudo_util.h, lib/util/Makefile.in,
	lib/util/strsplit.c, lib/util/util.exp.in,
	plugins/sudoers/sudoers.c:
	Add sudo_strsplit(), similar to strtok_r() but non-destructive and
	operates on non-C strings (requires a length parameter).
	[45fb50775249]

2015-05-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/auth/sia.c:
	Use reallocarray() instead of sudo_emallocarray() and return an
	error on allocation failure.
	[fee12ac1e0c8]

	* plugins/sudoers/auth/kerb5.c:
	In our krb5_get_init_creds_opt_alloc() replacement use malloc()
	instead of sudo_emalloc() and return KRB5_CC_NOMEM on allocation
	failure. Only old versions of Kerberos V will need this.
	[95ac6c5b7b60]

	* lib/util/event.c, lib/util/event_select.c:
	Use non-exiting allocators.
	[91bbc657901d]

2015-05-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/fatal.c:
	Use a static buffer for sudo_warn/sudo_fatal messages where
	possible.
	[6e1d6ecc022d]

	* include/sudo_compat.h:
	Fix sudo_strnlen() prototype.
	[1367bd9227b3]

	* MANIFEST, config.h.in, configure, configure.ac,
	include/sudo_compat.h, lib/util/Makefile.in, lib/util/strndup.c,
	mkdep.pl:
	Add strndup() for those without it. As strndup.c uses strnlen(), use
	our own if it is missing.
	[cf904a9c68f7]

	* lib/util/strnlen.c:
	Add missing sudo_ prefix and include sudo_compat.h.
	[d5e5dfc3fd20]

	* MANIFEST, config.h.in, configure, configure.ac,
	include/sudo_compat.h, lib/util/strnlen.c:
	Add strnlen() replacement needed for glob.c. Only used if no glob()
	and no strnlen().
	[bb6b7c4549b1]

2015-05-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/logging.h, plugins/sudoers/sudoers.h:
	Get rid of SUDO_MAIN. Modern compilers don't warn about mixing
	extern and auto declarations unless they conflict.
	[a273b73bca6d]

	* config.h.in, configure.ac, include/compat/endian.h,
	include/compat/fnmatch.h, include/compat/getaddrinfo.h,
	include/compat/getopt.h, include/compat/glob.h,
	include/compat/nss_dbdefs.h, include/compat/sha2.h,
	include/compat/stdbool.h, include/compat/timespec.h,
	include/sudo_alloc.h, include/sudo_compat.h, include/sudo_conf.h,
	include/sudo_debug.h, include/sudo_dso.h, include/sudo_event.h,
	include/sudo_fatal.h, include/sudo_gettext.h, include/sudo_lbuf.h,
	include/sudo_plugin.h, include/sudo_queue.h, include/sudo_util.h,
	lib/util/fatal.c, plugins/sudoers/bsm_audit.h,
	plugins/sudoers/check.h, plugins/sudoers/defaults.h,
	plugins/sudoers/ins_2001.h, plugins/sudoers/ins_classic.h,
	plugins/sudoers/ins_csops.h, plugins/sudoers/ins_goons.h,
	plugins/sudoers/insults.h, plugins/sudoers/interfaces.h,
	plugins/sudoers/iolog.h, plugins/sudoers/linux_audit.h,
	plugins/sudoers/logging.h, plugins/sudoers/parse.c,
	plugins/sudoers/parse.h, plugins/sudoers/pwutil.h,
	plugins/sudoers/redblack.c, plugins/sudoers/redblack.h,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/solaris_audit.h, plugins/sudoers/sssd.c,
	plugins/sudoers/sudo_nss.h, plugins/sudoers/sudo_printf.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/sudoers_debug.h, plugins/sudoers/sudoers_version.h,
	plugins/sudoers/testsudoers.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.h, plugins/sudoers/toke.l,
	plugins/sudoers/visudo.c, src/net_ifs.c, src/sudo.h,
	src/sudo_exec.h, src/sudo_plugin_int.h, src/sudo_usage.h.in:
	Avoid using a leading underbar in defines as they are reserved in
	ISO C.
	[a442d88c6490]

	* Makefile.in, doc/Makefile.in, examples/Makefile.in,
	include/Makefile.in, lib/util/Makefile.in, lib/zlib/Makefile.in,
	plugins/group_file/Makefile.in, plugins/sample/Makefile.in,
	plugins/sudoers/Makefile.in, plugins/sudoers/auth/afs.c,
	plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/bsdauth.c,
	plugins/sudoers/auth/dce.c, plugins/sudoers/auth/fwtk.c,
	plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/rfc1938.c, plugins/sudoers/auth/secureware.c,
	plugins/sudoers/auth/securid5.c, plugins/sudoers/auth/sia.c,
	plugins/sudoers/bsm_audit.c, plugins/sudoers/linux_audit.c,
	plugins/sudoers/solaris_audit.c, plugins/sudoers/sssd.c,
	plugins/system_group/Makefile.in, src/Makefile.in, src/selinux.c:
	Add target for "make splint". A few files need extra guards to avoid
	errors on systems where they would not otherwise be compiled. No
	warnings from splint.
	[64fc04debc58]

2015-05-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.ac, src/sudo.c:
	There should be no need to check for tzset() as it is POSIX.
	[50825eb75c97]

	* configure, configure.ac:
	Add sudo_reallocarrary to util.exp.in if reallocarray is not found.
	[32588e00bb33]

2015-05-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	NLS now works on Mac OS X properly.
	[1485c9e51b04]

	* configure, configure.ac, src/Makefile.in:
	Force flat namespace on darwin to make the getenv() hooking work as
	it does on ELF.
	[0837cc3559ce]

2015-05-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/alloc.c, lib/util/snprintf.c,
	plugins/sample/sample_plugin.c, plugins/sudoers/auth/rfc1938.c,
	plugins/sudoers/redblack.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/toke_util.c:
	No need to cast malloc() return value.
	[09c7236d3e1a]

	* lib/util/getcwd.c, lib/util/getline.c, lib/util/glob.c,
	plugins/sudoers/env.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l:
	Use reallocarray where possible.
	[2b5957a38baa]

	* config.h.in, configure, configure.ac, include/sudo_compat.h,
	lib/util/alloc.c:
	Add reallocarray() for those without it.
	[3ac5a4abe077]

2015-05-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	The getenv() hook still doesn't work on Mac OS X.
	[d9297b9ff54c]

2015-05-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/sudo_fatal.h, lib/util/fatal.c:
	In sudo_warn_gettext_v1() call dgettext() not gettext() to make sure
	the domain is set correctly. The sudoers plugin uses its own text
	domain.
	[f7ce0100ff5c]

2015-05-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/Makefile.in:
	man pages should explicitly depend on config.status since it is used
	to substitute in variables/settings.
	[bebe8e19d767]

	* doc/sudo.cat, doc/sudo.conf.cat, doc/sudo_plugin.cat,
	doc/sudoers.cat, doc/sudoers.ldap.cat, doc/sudoers.man.in,
	doc/sudoreplay.cat, doc/visudo.cat:
	regen
	[2e613d7bb477]

	* NEWS, configure, configure.ac:
	Sudo 1.8.14
	[66e33bc0d18e]

	* INSTALL, MANIFEST, aclocal.m4, config.h.in, configure, configure.ac,
	include/sudo_fatal.h, lib/util/Makefile.in, lib/util/fatal.c,
	lib/util/locale_weak.c, lib/util/util.exp.in,
	m4/ax_sys_weak_alias.m4, mkdep.pl, plugins/sudoers/Makefile.in,
	plugins/sudoers/locale.c, plugins/sudoers/logging.h,
	plugins/sudoers/sudoers.c, src/Makefile.in, src/locale_stub.c:
	Instead of trying to make weak functions work on all platforms, just
	use a registration function for a plugin-specific setlocale
	function. The sudoers version just wraps sudoers_setlocale().
	[0eef64f41cdf]

	* src/parse_args.c:
	Fix indentation of -a flag help line.
	[a2ed556b6454]

	* include/sudo_compat.h:
	Fix compilation when HAVE_DECL_SIG2STR_MAX is not defined.
	[31aa465affaa]

	* doc/Makefile.in:
	Add lint target to run "mandoc -Tlint" over the manuals.
	[63ed14d91adc]

2015-05-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/sudo_compat.h:
	HAVE_DECL_SIG2STR_MAX is always defined so use a
	!HAVE_DECL_SIG2STR_MAX check instead of #ifndef.
	[65cc03302d39]

2015-05-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/tgetpass.c:
	Sync tty_present() with sudoers version.
	[040c05e68627]

	* src/load_plugins.c:
	sudo_check_plugin() returns bool.
	[15b2851bfb90]

	* plugins/sudoers/match.c:
	In usergr_matches() matched should be bool but we have to take care
	to handle group_plugin_query() returning a value other than 0/1.
	[c120901f71c7]

	* plugins/sudoers/ldap.c:
	sudo_ldap_check_non_unix_group() returns bool, not int.
	[d12e9242454f]

	* plugins/sudoers/logging.c:
	Convert two debug_return_int to debug_return_bool.
	[594d0fc8efda]

	* include/sudo_debug.h, lib/util/sudo_debug.c,
	plugins/sudoers/auth/dce.c, plugins/sudoers/check.c,
	plugins/sudoers/env.c, plugins/sudoers/group_plugin.c,
	plugins/sudoers/iolog.c, plugins/sudoers/ldap.c,
	plugins/sudoers/match.c, plugins/sudoers/policy.c,
	plugins/sudoers/sudoers.c, src/sudo.c:
	Previously, debug_return_bool was the same as debug_return_int
	except that it logged true/false for 1/0. However, this appears to
	trigger a bug in some compilers. To avoid this, debug_return_bool
	now uses bool, not int. Callers that were passing it an int have
	been converted to use debug_return_int instead.
	[ca142b5a9433]

	* src/get_pty.c, src/sudo.h:
	get_pty() should return bool
	[2c72c8d3603b]

	* src/sudo.h, src/tgetpass.c:
	Make tty_present static to tgetpass.c
	[bb73a2cc8754]

	* config.h.in, configure, configure.ac, include/sudo_compat.h:
	Add configure check for SIG2STR_MAX, which may be missing on
	UnixWare.
	[e9dcac23c639]

	* m4/ax_sys_weak_alias.m4:
	Need to quote $GCC as it may include arguments. From Tim Rice.
	[9ed8a3be94bf]

	* MANIFEST:
	Add missing m4/ax_sys_weak_alias.m4
	[269a8d5bfb49]

2015-04-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkpkg:
	There's no point in building i386 binaries for Mac OS X 10.7 and
	higher.
	[e8876ea36d14]

2015-04-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/fr.mo, plugins/sudoers/po/fr.po, po/ja.mo,
	po/ja.po:
	Sync with translationproject.org
	[414c51286530]

2015-04-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/bsm_audit.c:
	Only fall back on AUE_DARWIN_sudo if au_preselect() fails.
	[aea2f3a60b46]

2015-04-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/bsm_audit.c:
	Work around a problem on Mac OS X 10.10 which defines AUE_sudo but
	where au_preselect() only accepts AUE_DARWIN_sudo (the old value).
	[b5d32d6453d1]

2015-04-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/env_hooks.c:
	Don't use dlsym() to find the libc getenv() since this may allocate
	memory on some systems (glibc) which leads to a hang if malloc()
	calls getenv() (jemalloc).
	[441846664820]

	* src/sudo.c:
	Defer conversation initialization until right before plugins are
	initialized.
	[83db53d4945c]

	* include/sudo_debug.h, src/sudo.c:
	Split variable declaration out of debug_decl into debug_decl_vars()
	so we can use it in main() when we know sudo_debug_enter() cannot
	succeed.
	[6931948a57f8]

2015-04-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c, plugins/sudoers/testsudoers.c:
	When creating a passwd struct from a uid that is not in the passwd
	database, set pw_gid to the user's gid instead of whatever the user
	specified via the -g flag (or 0 if no -g).
	[4154970432df]

2015-04-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	Add some ldap_err2string() debugging when the LDAP search fails.
	Adapted from a diff from Steven Soulen.
	[e08d38481041]

2015-04-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po,
	plugins/sudoers/po/sr.mo, plugins/sudoers/po/sr.po, po/sr.mo,
	po/sr.po:
	Sync with translationproject.org
	[cbf24072ad07]

2015-04-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/CONTRIBUTORS:
	Add David Michael and Andrey Klyachkin.
	[e153a9b46e1f]

	* sudo.pp:
	Sync tmpfiles.d/sudo.conf with init.d/sudo.conf.in
	[9e3945c1fe6e]

	* include/sudo_util.h:
	Avoid struct assignment when stashing mtime since AIX at least uses
	a struct st_timespec that differs from struct timespec. From Andrey
	Klyachkin.
	[e267ea5b019e]

2015-04-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Work around a bug in pp that caused a warning when exampledir is a
	subdir of docdir.
	[d81db98f215f]

	* plugins/sudoers/solaris_audit.c:
	Add sys/types.h
	[e0794f05e95c]

	* lib/util/getopt_long.c, lib/util/mksiglist.c, lib/util/mksigname.c,
	lib/util/regress/fnmatch/fnm_test.c,
	lib/util/regress/glob/globtest.c, lib/util/sha2.c,
	plugins/sudoers/regress/parser/check_base64.c,
	plugins/sudoers/regress/parser/check_digest.c,
	plugins/sudoers/regress/parser/check_hexchar.c:
	Include sys/types.h instead of unistd.h to get uid_t and gid_t. Add
	missing include of sys/types.h to a few places.
	[86eb67f3c41a]

2015-04-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkpkg:
	Remove unintended commit
	[2eeeb74b9174]

	* init.d/sudo.conf.in:
	Add tmpfiles.d/sudo.conf template.
	[ead9bb7b5328]

2015-04-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* .hgignore, INSTALL, MANIFEST, Makefile.in, configure, configure.ac,
	mkpkg, src/Makefile.in, sudo.pp:
	Create template tmpfiles.d/sudo.conf for installation instead of
	creating one via echo commands in the Makefile.

	Add --enable-tmpfiles.d configure option to enable/disable use of
	tmpfiles.d and override the default directory.

	Use --disable-tmpfiles.d in mkpkg so we no longer need to ignore
	tmpfiles.d/sudo.conf in sudo.pp.
	[930983f88927]

2015-04-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL, Makefile.in, configure, configure.ac, doc/sudoers.mdoc.in,
	examples/Makefile.in, mkpkg, sudo.pp:
	Make exampledir configurable and default to
	DATAROOTDIR/examples/sudo on BSD systems.
	[4c1271298712]

2015-04-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Fix setting of pp_rpm_version when there is no patchlevel present.
	Also tighten up the regexp for pp_rpm_release.
	[d6a89aafd99d]

2015-04-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/Makefile.in, sudo.pp:
	Install /usr/lib/tmpfiles.d/sudo.conf on systems with systemd but do
	not package it. For packages we create /usr/lib/tmpfiles.d/sudo.conf
	as needed in the postinstall script.
	[522666bc079f]

2015-03-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.conf.cat, doc/sudo.conf.man.in,
	doc/sudo.conf.mdoc.in, doc/sudo.man.in, doc/sudo.mdoc.in,
	doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, doc/sudoers.cat, doc/sudoers.ldap.cat,
	doc/sudoers.ldap.man.in, doc/sudoers.ldap.mdoc.in,
	doc/sudoers.man.in, doc/sudoers.mdoc.in, doc/sudoreplay.cat,
	doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in, doc/visudo.cat,
	doc/visudo.man.in, doc/visudo.mdoc.in:
	Fix "mandoc -Tlint" warnings. Sync AUTHORS section in man pages.
	Regenerate all man pages.
	[34e4149bb225]

	* lib/util/Makefile.in, plugins/sudoers/Makefile.in, src/Makefile.in:
	Make libsudo_util depend on libintl instead of requiring users of
	libsudo_util to link with libintl directly. Bug #690
	[f2508d1a21ee]

2015-03-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/logging.c:
	Use saved errno in vlog_warning() before calling
	sudo_vwarn_nodebug(). Fixes the error message printed if set_perms()
	fails.
	[68bd7297137e]

2015-03-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Update for 1.8.13 final.
	[4c03db3a740f]

2015-03-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/env.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	For sudoedit, run the editor with the user's original environment as
	per the documentation (and as in sudo 1.7.x). Bug #688
	[a5081c8f6950]

	* plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po, po/fr.mo,
	po/fr.po:
	Sync with translationproject.org
	[0b820c5ecb0c]

2015-03-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/term.c:
	Update function names in debug_decl.
	[b83f153b2f43]

	* lib/util/term.c:
	Use TCSAFLUSH instead of TCSANOW in sudo_term_copy(). Be consistent
	with where we put TCSASOFT in the action flags.
	[6ffeec3aa184]

2015-03-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po, po/da.mo,
	po/da.po, po/fi.mo, po/fi.po, po/zh_CN.mo, po/zh_CN.po:
	Sync with translationproject.org
	[0d20f88c0a83]

2015-03-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/sha2.c:
	Include unistd.h since sudo_compat.h uses gid_t.
	[da491d83e5dc]

2015-03-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL, configure, configure.ac:
	Add --disable-weak-symbols option to disable use of weak symbols in
	libsudo_util.
	[3edf2bccb4d8]

	* configure:
	regen
	[ff1abfcd2b61]

	* m4/ax_sys_weak_alias.m4:
	When checking for weak aliases, check the gcc attribute format last
	since some C compilers just ignore unsupported attributes.
	[e172cbbfa615]

	* sudo.pp:
	Update copyright year.
	[67bcd24c6477]

	* plugins/sudoers/po/cs.mo, plugins/sudoers/po/cs.po,
	plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po,
	plugins/sudoers/po/nb.mo, plugins/sudoers/po/nb.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po, po/cs.mo,
	po/cs.po, po/de.mo, po/de.po, po/eo.mo, po/eo.po, po/it.mo,
	po/it.po, po/nb.mo, po/nb.po, po/pl.mo, po/pl.po, po/pt_BR.mo,
	po/pt_BR.po, po/uk.mo, po/uk.po, po/vi.mo, po/vi.po:
	Sync with translationproject.org
	[ceb62f98364c]

	* configure, configure.ac, include/compat/sha2.h:
	Fix symbol name collision with systems that have their own sha2
	implementation. This can result in PAM using the wrong sha2
	implementation on Solaris systems configured to use SHA512 for
	passwords.
	[3a25c4896804]

	* src/Makefile.in:
	Use SSP_LDFLAGS when linking sudo_noexec.la
	[6187b17fad90]

2015-03-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, config.h.in, configure, configure.ac,
	include/compat/utime.h, lib/util/Makefile.in, lib/util/utimens.c:
	Remove compat/utime.h, it was only useful for ancient systems that
	are no longer capable of compiling sudo.
	[94e4f02868db]

2015-03-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac, lib/util/Makefile.in:
	Link libsudo_util with -lrt on systems where clock_gettime is in
	-lrt.
	[44a9a0d0af69]

	* NEWS:
	Update.
	[811c8d7090c0]

	* lib/util/strlcat.c, lib/util/strlcpy.c:
	Update OpenBSD CVS Ids
	[933788497ee4]

	* lib/util/strlcat.c:
	Make comment match code.
	[b1b68810929d]

	* lib/util/utimens.c:
	Fix compilation error on systems without futimes().
	[4d55a58ea12e]

	* MANIFEST, config.h.in, configure, configure.ac,
	include/sudo_compat.h, include/sudo_util.h, lib/util/Makefile.in,
	lib/util/gettime.c, lib/util/util.exp.in, lib/util/utimens.c,
	lib/util/utimes.c, mkdep.pl, plugins/sudoers/Makefile.in,
	plugins/sudoers/boottime.c, plugins/sudoers/gettime.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/timestamp.c,
	plugins/sudoers/visudo.c, src/Makefile.in, src/sesh.c,
	src/sudo_edit.c:
	Use futimens() and utimensat() instead of futimes() and utimes().
	[8400f91466d8]

	* plugins/sudoers/visudo.c:
	Fix compiler warning on systems where mode_t is not unsigned int,
	such as 32-bit Solaris.
	[1eeeea1c203d]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	Fix logic for verifypw/listpw all in sudoers LDAP and sssd.
	[5bc60a34a477]

	* src/tgetpass.c:
	Fix cut & pasto that prevented the SIGPIPE handler from being
	restored before returning from tgetpass(). From mancha
	[230b0a86876e]

2015-02-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sesh.c, src/sudo_edit.c:
	Our utimes() emulation support futime() too.
	[439851535285]

2015-02-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	regen
	[40aa9164563f]

	* plugins/sudoers/testsudoers.c:
	Define YYDEBUG to 0 if not already defined so we can protect use of
	sudoersdebug with "#if YYDEBUG" like the generated parser does. From
	David Michael.
	[394e1c237aac]

2015-02-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document that Aliases may not be redefined and that "sudo -f
	/etc/sudo.d/foo" will not catch the redefinition.
	[3bff3b5f7eb1]

	* sudo.pp:
	Only create /usr/lib/tmpfiles.d/sudo.conf if
	/usr/lib/tmpfiles.d/systemd.conf also exists. Some other package may
	have created /usr/lib/tmpfiles.d even though it is not used.
	[cf013d95b7d7]

	* plugins/sudoers/Makefile.in:
	regen
	[4dde632c35cd]

	* sudo.pp:
	Clear the ts dir instead of just making sure it exists.
	[c49b6e3e2360]

	* configure, configure.ac:
	Only substiture init.d scripts that we are going to use.
	[301f16bd04c5]

2015-02-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in, sudo.pp:
	Create /usr/lib/tmpfiles.d/sudo.conf when systemd is used.
	[532dc61e7bb7]

	* plugins/sudoers/iolog.c, plugins/sudoers/visudo.c, src/sudo_edit.c,
	src/utmp.c:
	Check the return value of gettimeofday(), even though it should
	never fail.
	[747715d8a11c]

2015-02-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, configure, configure.ac, include/sudo_compat.h,
	lib/util/Makefile.in, lib/util/clock_gettime.c, mkdep.pl,
	plugins/sudoers/Makefile.in, plugins/sudoers/gettime.c,
	plugins/sudoers/po/sudoers.pot, plugins/sudoers/sudoers.h,
	plugins/sudoers/timestamp.c:
	We cannot (easily) use clock_gettime(CLOCK_MONOTONIC) directly as it
	may be present but not implemented. Add sudo_gettime_real() and
	sudo_gettime_mono() functions to get the real and monotonic times
	respectively. Now sudo_gettime_mono() checks the value of
	sysconf(_SC_MONOTONIC_CLOCK) before calling
	clock_gettime(CLOCK_MONOTONIC) and falls back on sudo_gettime_real()
	as needed. The Mach version of sudo_gettime_mono() uses
	mach_absolute_time().

	This should fix problems with timestamp files on systems where the
	CLOCK_MONOTONIC is defined but not actually implemented.
	[cd04a21af4c5]

	* include/sudo_compat.h, plugins/sudoers/timestamp.c:
	Check clock_gettime() return value and warn if it fails. Currently,
	the timestamp will be ignored if clock_gettime() fails.
	[3658154638da]

2015-02-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/sudo_debug.c:
	Plug memory leak when debug file cannot be opened. Use %zu printf
	format now that our snprintf support it.
	[a168a002cd19]

	* plugins/sudoers/auth/pam.c:
	Pam conversation function changes: o use PAM_BUF_ERR as the return
	value when calloc() fails. o sanity check the value of num_msg o
	remove the workaround for old Apple PAM o PAM_AUTH_ERR is not a
	valid PAM conversation function return value

	If getpass_error is set after a call to pam_verify (usually because
	the user pressed ^C), return AUTH_INTR immediately instead of
	checking the pam_verify return value.
	[8d378f40fe1f]

	* INSTALL, NEWS, configure, configure.ac,
	plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/auth/sudo_auth.h:
	On AIX use the value of auth_type in /etc/security/login.cfg to
	determine whether to use LAM or PAM unless the user specified the
	--with-pam or --with-aixauth configure flags.
	[cb314c1ed5f8]

	* lib/util/parseln.c:
	Fix cast.
	[4f56047e2bc4]

2015-02-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.ac, lib/util/snprintf.c:
	Update snprintf.c from OpenBSD. The floating point and wide
	character code has been retained but is not compiled by default.
	[6801a77398fc]

2015-02-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/regress/sudoers/test1.in,
	plugins/sudoers/regress/sudoers/test1.out.ok,
	plugins/sudoers/regress/sudoers/test1.toke.ok:
	Update the regression test that check that all tags are parsed.
	[d0f9af2f9d45]

	* MANIFEST, configure, configure.ac, lib/util/Makefile.in,
	lib/util/mktemp.c, lib/util/regress/mktemp/mktemp_test.c, mkdep.pl:
	Add regress for mkdtemp and mkstemps from OpenBSD
	[18714ae9bffd]

	* plugins/sudoers/po/sudoers.pot:
	regen
	[b77490dd9b33]

	* plugins/sudoers/po/nl.mo, plugins/sudoers/po/nl.po, po/tr.mo,
	po/tr.po:
	Sync with translationproject.org
	[b2946065653d]

	* config.h.in, configure.ac:
	Correct SECURE_PATH comment.
	[3fd6132d5dba]

	* NEWS, configure, configure.ac:
	Sudo 1.8.13
	[32c1183b0666]

2015-02-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, config.h.in, configure, configure.ac,
	include/sudo_compat.h, include/sudo_util.h, lib/util/Makefile.in,
	lib/util/gethostname.c, lib/util/util.exp.in,
	plugins/sudoers/match.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/visudo.c, src/sudo.c:
	Avoid using HOST_NAME_MAX directly and use
	sysconf(_SC_HOST_NAME_MAX) instead.
	[97036b819d58]

	* plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/secureware.c:
	Historically, crypt() returned the empty string on error, which
	ensured that crypt("", "") would return "", which supported matcing
	empty encrypted passwords with no additional code. Some modern
	versions of crypt() (such as glibc) return NULL on error so we need
	an explicit test to match an empty plaintext password and an empty
	encrypted password.
	[b88eb9da5e57]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Sort tags lexically in the sudoers manual
	[66716c0b7a13]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/gram.c, plugins/sudoers/gram.h,
	plugins/sudoers/gram.y, plugins/sudoers/ldap.c,
	plugins/sudoers/parse.c, plugins/sudoers/parse.h,
	plugins/sudoers/regress/sudoers/test1.out.ok,
	plugins/sudoers/sssd.c, plugins/sudoers/sudoers_version.h,
	plugins/sudoers/testsudoers.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l, plugins/sudoers/visudo_json.c:
	Add support for MAIL and NOMAIL command tags to toggle mail sending
	behavior on a per-command (or Cmnd_Alias) basis.
	[04f30a064c25]

2015-02-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/logging.c:
	Add mail_all_cmnds to always mail when a user runs a command (or
	tries to) including sudoedit. The mail_always flag goes back to its
	old semantic of always mailing when sudo is run.
	[edc904502061]

2015-02-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/getline.c, plugins/group_file/getgrent.c,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/tsgetgrpw.c:
	All modern systems should have LINE_MAX.
	[117322b6d86c]

	* config.h.in, configure, configure.ac, include/sudo_compat.h,
	lib/util/closefrom.c, lib/util/setgroups.c,
	plugins/sudoers/pwutil_impl.c, src/sudo.c:
	Almost no systems actually define OPEN_MAX since it is dynamic on
	modern OSes. If sysconf(_SC_OPEN_MAX) ever fails, fall back on
	_POSIX_OPEN_MAX instead. We can assume modern systems have
	sysconf(). Also remove checks for strrchr() and strtoll() for which
	the HAVE_* defines are no longer used.
	[c3058a6cca86]

	* Makefile.in, sudo.pp:
	Don't need to pass exampledir to polypkg now that it is just under
	docdir.
	[9f24f0184a78]

2015-02-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Fix packaging of the example dir.
	[4c7cbc3fc190]

	* lib/util/mktemp.c:
	Fix mkstemps() extension handling. Sudoedit will now preserve the
	extension properly when the system libc lacks mkstemps().
	[b86f54331972]

2015-02-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, aclocal.m4, config.h.in, configure, configure.ac,
	lib/util/Makefile.in, lib/util/locale_weak.c,
	m4/ax_sys_weak_alias.m4, mkdep.pl, src/Makefile.in,
	src/locale_stub.c:
	Use weak symbols for sudo_warn_gettext() and sudo_warn_strerror() so
	distros using "-Wl,--no-undefined" in LDFLAGS don't run into
	problems.
	[708418615aae]

	* lib/util/mksiglist.c, lib/util/mksigname.c:
	Include unistd.h in siglist.c and signame.c to get gid_t which is
	used by sudo_compat.h. Bug #686
	[0ab6450a96ec]

2015-02-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Minor change in description of TZ path handling.
	[579b02f0dbe0]

	* Makefile.in, examples/Makefile.in:
	Move example dir under the doc dir to conform to Debian guidelines.
	Bug #682.
	[494d9a0484b6]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document that a leading ':' is skipped when checking TZ for a fully-
	qualified path name.
	[91859f613b88]

2015-02-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Typo.
	[b9257ea66116]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Fix typos.
	[ac1467f71ac0]

	* plugins/sample/sample_plugin.c:
	Fix compilation on systems w/o __dso_public
	[b773ef9127fa]

2015-02-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, plugins/sudoers/po/ru.mo, plugins/sudoers/po/ru.po:
	Russian translation for sudoers from translationproject.org.
	[8a7fc2e00072]

2015-02-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, doc/CONTRIBUTORS, plugins/sudoers/po/ru.mo,
	plugins/sudoers/po/ru.po:
	Russian translation for sudoers from translationproject.org.
	[1d5869e4d4af]

	* config.h.in, configure, configure.ac, include/sudo_compat.h:
	Add check for getresuid() declaration, which may be missing on HP-
	UX. When checking for getdomainname() prototype, look in netdb.h
	too.
	[0ba583590b17]

	* INSTALL, NEWS, configure, configure.ac, doc/sudoers.cat,
	doc/sudoers.man.in, doc/sudoers.mdoc.in, m4/sudo.m4, pathnames.h.in,
	plugins/sudoers/env.c:
	Sanity check the TZ environment variable by special casing it in
	env_check. The --with-tzdir configure option can be used to specify
	the zoneinfo directory if configure doesn't find it.
	[650ac6938b59]

	* NEWS:
	Mention crash fixes.
	[f759c993e172]

	* src/parse_args.c:
	Bail with usage() early if argc <= 0.
	[aaba56c9a797]

2015-02-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/pwutil.c:
	Remove extraneous casts of node->data (which is void *).
	[950749570a00]

	* doc/CONTRIBUTORS:
	Add Stephane Chazelas
	[a6c7becabee7]

	* plugins/sudoers/pwutil.c:
	Fix a potential crash when getpwnam() of the running user fails and
	we don't replace the negative cached entry with a faked up one. From
	Stephane Chazelas
	[9088f041bbad]

	* src/parse_args.c, src/sudo.c:
	Don't assume argv[0] is set without first checking argc.
	[aabdc9d0ba26]

	* plugins/sudoers/set_perms.c:
	Handle sudo_get_grlist() returning NULL which can happen if
	getgrouplist() fails even after allocating the appropriate amount of
	memory. From Stephane Chazelas
	[25747a0ead7c]

	* lib/util/progname.c:
	Call setprogname("sudo") if getprogname() returns NULL or the empty
	string.
	[45438f7227b1]

	* config.h.in, configure, configure.ac:
	Remove configure checks for strrchr() and strtoll() for which the
	HAVE_* defines are no longer used.
	[f04216435aba]

	* config.h.in, configure, configure.ac, doc/sudoreplay.cat,
	doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in,
	plugins/sudoers/sudoreplay.c:
	Require POSIX regular expression support for sudoreplay.
	[1486747cd470]

	* plugins/sudoers/policy.c:
	The plugin no longer needs to call initprogname() now that it links
	with the same libsudo_util as sudo.
	[78b65a352ac5]

	* config.h.in, configure, configure.ac, include/sudo_compat.h:
	Check whether getdomainname(), innetgr(), setresuid() and
	setresgid() are declared and add prototypes in sudo_compat.h as
	needed.
	[03aa144afce4]

2015-02-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Add /usr/local/share/examples/ directory to parentdirs so it is
	explicitly added to the package.
	[ef1aa52b0aad]

2015-02-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/logging.c:
	Don't send mail about pseudo-command failure unless it is an
	authentication failure.
	[deddcfc1f2ab]

2015-02-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/da.mo, po/da.mo:
	Sync with translationproject.org
	[943986acd31c]

	* plugins/sudoers/po/cs.mo, plugins/sudoers/po/cs.po,
	plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po,
	plugins/sudoers/po/nb.mo, plugins/sudoers/po/nb.po,
	plugins/sudoers/po/nl.mo, plugins/sudoers/po/nl.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po, po/nl.mo,
	po/nl.po:
	Sync with translationproject.org
	[4977ac967bdd]

2015-02-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/getdate.c, plugins/sudoers/gram.c:
	Regen with yacc skeleton that the clang analyzer doesn't complain
	about.
	[e15991fd4ab1]

	* configure, configure.ac, lib/util/alloc.c, lib/util/glob.c,
	plugins/sudoers/env.c, plugins/sudoers/getdate.c,
	plugins/sudoers/getdate.y, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y:
	Use stdint.h to get SIZE_MAX as inttypes.h on some pre-C99 HP-UX
	systems doesn't include stdint.h itself.
	[9fbd35811743]

	* configure, configure.ac:
	SIZE_MAX may be in limits.h on pre-C99 compilers.
	[d3b554f7e0e5]

	* config.h.in, configure, configure.ac, lib/util/aix.c:
	Add missing prototypes for usrinfo() and setauthdb() for AIX.
	[aa4b205296cf]

	* config.h.in, configure, configure.ac, plugins/sudoers/match.c:
	Solaris uses sysinfo(SI_SRPC_DOMAIN) instead of getdomainname() to
	get the host's NIS domain.
	[9234c62a1469]

2015-02-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac:
	Remove AC_PROG_GCC_TRADITIONAL and add AC_PROG_CC_STDC since we need
	C99.
	[005775f5662b]

	* plugins/sudoers/match.c:
	Actually use the check for prior initialization in
	sudo_getdomainname().
	[06368385ad0d]

	* configure, configure.ac:
	We need to add OSDEFS to CFLAGS to expose LLONG_MAX et al on glibc
	when not explicitly asking for c99.
	[ae9435631600]

	* configure, configure.ac:
	Fix check for SIZE_MAX, which should be in stdint.h not limits.h.
	[47bf0ab7dfca]

	* lib/util/glob.c:
	Need to include inttypes.h for SIZE_MAX
	[a11f42f40294]

	* plugins/sudoers/po/sudoers.pot:
	regen
	[d35b24f95ef8]

2015-02-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/sudo_debug.h, lib/util/aix.c, lib/util/event.c,
	lib/util/event_poll.c, lib/util/event_select.c, lib/util/gidlist.c,
	lib/util/key_val.c, lib/util/lbuf.c, lib/util/locking.c,
	lib/util/parseln.c, lib/util/secure_path.c, lib/util/setgroups.c,
	lib/util/strtobool.c, lib/util/strtoid.c, lib/util/strtomode.c,
	lib/util/sudo_conf.c, lib/util/sudo_debug.c, lib/util/term.c,
	lib/util/ttysize.c, lib/util/util.exp.in, plugins/sudoers/alias.c,
	plugins/sudoers/audit.c, plugins/sudoers/auth/afs.c,
	plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/bsdauth.c,
	plugins/sudoers/auth/dce.c, plugins/sudoers/auth/fwtk.c,
	plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/rfc1938.c,
	plugins/sudoers/auth/secureware.c, plugins/sudoers/auth/securid5.c,
	plugins/sudoers/auth/sia.c, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/base64.c, plugins/sudoers/boottime.c,
	plugins/sudoers/bsm_audit.c, plugins/sudoers/check.c,
	plugins/sudoers/defaults.c, plugins/sudoers/env.c,
	plugins/sudoers/find_path.c, plugins/sudoers/getspwuid.c,
	plugins/sudoers/goodpath.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/group_plugin.c,
	plugins/sudoers/hexchar.c, plugins/sudoers/interfaces.c,
	plugins/sudoers/iolog.c, plugins/sudoers/iolog_path.c,
	plugins/sudoers/ldap.c, plugins/sudoers/linux_audit.c,
	plugins/sudoers/logging.c, plugins/sudoers/logwrap.c,
	plugins/sudoers/match.c, plugins/sudoers/match_addr.c,
	plugins/sudoers/parse.c, plugins/sudoers/policy.c,
	plugins/sudoers/prompt.c, plugins/sudoers/pwutil.c,
	plugins/sudoers/pwutil_impl.c, plugins/sudoers/redblack.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sssd.c,
	plugins/sudoers/sudo_nss.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/sudoers_debug.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/timestamp.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l, plugins/sudoers/toke_util.c,
	plugins/sudoers/visudo.c, plugins/sudoers/visudo_json.c, src/exec.c,
	src/exec_common.c, src/exec_pty.c, src/get_pty.c, src/hooks.c,
	src/load_plugins.c, src/net_ifs.c, src/parse_args.c,
	src/preserve_fds.c, src/selinux.c, src/sesh.c, src/signal.c,
	src/solaris.c, src/sudo.c, src/sudo_edit.c, src/tgetpass.c,
	src/ttyname.c, src/utmp.c:
	Go back to a 2 args debug_decl and just use the "default" instance,
	now renamed "active".
	[7130b7478355]

2015-01-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/LICENSE:
	Update copyright year.
	[e1dad7b195e4]

2015-01-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in, plugins/sudoers/ldap.c,
	plugins/sudoers/match.c, plugins/sudoers/parse.h:
	When querying LDAP netgroups, use the NIS domain if it is sent but
	also match nisNetgroupTriple entries that have no domain.
	[5a0fa3ac26f7]

	* plugins/sudoers/sudoreplay.c:
	Avoid setting the tty to non-blocking mode so "sudoreplay | cat"
	(for example) works as expected. We only read a single byte from the
	keyboard and only when interactive anyway so this should be fine.
	[9615a932545b]

	* lib/zlib/Makefile.in, plugins/sudoers/Makefile.in:
	regen
	[f19c6e000850]

	* plugins/sudoers/sudoreplay.c:
	Avoid a cppcheck warning about undefined behavior (using the address
	of a stack buffer - 1) and fix a memory leak of the iov when doing
	nl->crnl conversion.
	[e26f9008c2e4]

	* doc/CONTRIBUTORS:
	Add Steven Soulen
	[17a47303d5fe]

	* plugins/sudoers/sudoreplay.c:
	Fix handling of partial writes from writev() which can occur with
	large output buffers.
	[1065dbeaa13d]

2015-01-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in, plugins/sudoers/ldap.c:
	Add support for querying netgroups directly via LDAP since there is
	no other way to look up all the netgroups for a user (unlike regular
	groups). This introduces netgroup_base and netgroup_search_filter
	options to ldap.conf. Based on a diff from Steven Soulen.
	[7e3d55983e71]

2015-01-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in:
	Sort ldap.conf options.
	[264608124698]

2015-01-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	Add macros to ease the checking of strlcpy, strlcat and
	sudo_ldap_value_cat return values.
	[e9122413d4fa]

2015-01-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/check.c, plugins/sudoers/ldap.c,
	plugins/sudoers/logging.c, plugins/sudoers/parse.c,
	plugins/sudoers/sssd.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	Rename VALIDATE_OK -> VALIDATE_SUCCESS Rename VALIDATE_NOT_OK ->
	VALIDATE_FAILURE
	[4379cac9f75d]

	* plugins/sudoers/logging.c, plugins/sudoers/sudoers.h:
	Remove now-unused VALIDATE_ERROR define.
	[569d4936b761]

	* plugins/sudoers/logging.c:
	should_mail() now returns bool.
	[0316d1fb08c3]

	* lib/util/sudo_debug.c:
	If sudo_debug_register() fails return
	SUDO_DEBUG_INSTANCE_INITIALIZER, not -1. Otherwise we could end up
	setting the instance to -1 which is invalid.
	[032bb1db6db5]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Fix typo.
	[014be972780c]

	* doc/Makefile.in:
	Use "mandoc -Tascii" to generate .cat pages to avoid locale-specific
	characters.
	[0ec42d8924fc]

2015-01-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, m4/sudo.m4:
	Use AC_PATH_PROG to find programs instead of checking the path
	manually.
	[2b5d9893a7a7]

2015-01-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/strlcat.c, lib/util/strlcpy.c:
	Sync with OpenBSD version
	[22c073c42a9e]

2015-01-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac:
	Use AC_CHECK_HEADERS_ONCE and AC_CHECK_FUNCS_ONCE where possible and
	quote the first args in AC_CHECK_FUNCS calls.
	[84aa40ab410a]

	* config.h.in, configure, configure.ac, include/sudo_compat.h:
	Avoid inadvertantly defining things like PATH_MAX simply because the
	source file doesn't include limits.h.
	[d2e7c4093f55]

2015-01-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, ltmain.sh, m4/libtool.m4, m4/ltoptions.m4,
	m4/ltversion.m4:
	Update to libtool 2.4.4 + HP-UX patches
	[859b7378bc37]

	* src/ttyname.c:
	Document why we need sys/param.h.
	[f21a4d7122f0]

	* configure, m4/sudo.m4:
	Don't need sys/param.h.
	[6aa24ecfc9d4]

	* lib/util/closefrom.c:
	Don't appear to need sys/param.h for pstat_getproc() on HP-UX even
	though the man page lists it.
	[47d75f3db288]

	* lib/util/inet_ntop.c, lib/util/inet_pton.c:
	Should not need sys/param.h here.
	[5c83cebcd75f]

2014-12-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/match_addr.c:
	Use standard CIDR -> netmask conversion and disallow 0-bit CIDRs.
	[d30313d726eb]

2014-12-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* README.LDAP:
	Update link to gq LDAP editor, now on sourceforge.
	[706dadea1abb]

2014-12-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/compat/glob.h, lib/util/glob.c:
	Add support for GLOB_LIMIT from OpenBSD (not currently used) and
	also a limit on the max recursion depth for glob().
	[6f9e26b88612]

	* lib/util/glob.c:
	Quiet compiler sign compare warning.
	[c4f35c02122c]

2014-12-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	fnmatch fix
	[07542b07ac67]

	* lib/util/fnmatch.c:
	Remove artificial limit on length of pattern and string. It is
	possible to use fnmatch() on things other than paths (such as
	arguments) so a limit of PATH_MAX does not make sense. Fixes a bug
	where rules would fail to match if the length of the arguments were
	larger than PATH_MAX (usually 1024).
	[942770c20422]

2014-12-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.conf.cat, doc/sudo.conf.man.in,
	doc/sudo.conf.mdoc.in, doc/sudo.man.in, doc/sudo.mdoc.in,
	doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, doc/sudoers.cat, doc/sudoers.ldap.cat,
	doc/sudoers.ldap.man.in, doc/sudoers.ldap.mdoc.in,
	doc/sudoers.man.in, doc/sudoers.mdoc.in, doc/sudoreplay.cat,
	doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in, doc/visudo.cat,
	doc/visudo.man.in, doc/visudo.mdoc.in:
	Remove the extra /sudo in sudo.ws urls
	[0b804e3a1008]

2014-11-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.conf.cat, doc/sudo.conf.man.in,
	doc/sudo.conf.mdoc.in, doc/sudo.man.in, doc/sudo.mdoc.in,
	doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, doc/sudoers.cat, doc/sudoers.ldap.cat,
	doc/sudoers.ldap.man.in, doc/sudoers.ldap.mdoc.in,
	doc/sudoers.man.in, doc/sudoers.mdoc.in, doc/sudoreplay.cat,
	doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in, doc/visudo.cat,
	doc/visudo.man.in, doc/visudo.mdoc.in:
	Reference bugzilla.sudo.ws
	[7dc11bbe6f13]

2014-11-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	sync
	[da17d5a611ce]

2014-11-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y:
	Require that a digest be specified with a real command, not an alias
	or pseudo-command. Found via a crash by afl.
	[55f6166cab63]

	* NEWS:
	sync
	[4b31247735c4]

	* MANIFEST, doc/CONTRIBUTORS, plugins/sudoers/po/fr.mo,
	plugins/sudoers/po/fr.po:
	French translation for sudoers from translationproject.org.
	[5c592350c4b0]

2014-11-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c, src/exec_pty.c, src/tgetpass.c:
	Defer registration of the SIGCHLD handler until just before we exec
	the command. Fixes a problem where pam_gnome_keyring installs its
	own SIGCHLD handler and may not restore the original one. As a
	result, we now have to explicitly wait for the askpass helper to
	finish. Bug #657
	[f499500fef71]

2014-11-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in:
	Mention sssd support in the sudoers.ldap manual and cross-reference
	sssd-sudo(5).
	[32f84fbf210c]

2014-11-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/CONTRIBUTORS:
	Reorder an entry.
	[5d15735294f1]

2014-11-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in, lib/util/Makefile.in, plugins/group_file/Makefile.in,
	plugins/sample/Makefile.in, plugins/sudoers/Makefile.in,
	plugins/system_group/Makefile.in, src/Makefile.in:
	Prevent cppcheck from getting confused by our compat definition of
	the va_copy macro for pre-C99.
	[61d94525be2e]

2014-11-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog_path.c:
	Fix potential NULL pointer deref found by cppcheck.
	[668967e031e0]

	* plugins/sudoers/alias.c:
	Quiet a cppcheck false positive.
	[35a16ae4660c]

	* lib/util/sudo_debug.c:
	If there are multiple outputs, ap will be re-used so make a copy and
	operate on it instead.
	[f4f19df43c93]

	* src/hooks.c:
	Fix typo in hook return value check.
	[b12839dc6e78]

	* NEWS:
	Mention visudo use of sudoers plugin args to set default sudoers
	file name and owner/mode.
	[7f2733b53431]

	* NEWS:
	Mention fix for bug #678
	[7f7a6d8b985b]

2014-11-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/cs.mo, plugins/sudoers/po/cs.po,
	plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po,
	plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po,
	plugins/sudoers/po/nb.mo, plugins/sudoers/po/nb.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po, po/cs.mo,
	po/cs.po, po/da.mo, po/da.po, po/de.mo, po/de.po, po/eo.mo,
	po/eo.po, po/fi.mo, po/fi.po, po/it.mo, po/it.po, po/nb.mo,
	po/nb.po, po/pl.mo, po/pl.po, po/pt_BR.mo, po/pt_BR.po, po/ru.mo,
	po/ru.po, po/uk.mo, po/uk.po, po/vi.mo, po/vi.po, po/zh_CN.mo,
	po/zh_CN.po:
	Sync with translationproject.org
	[e51055fdffe1]

2014-11-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c:
	In set_fqdn() we neeed to set user_runhost/user_srunhost at the same
	time we set user_host/user_shost since that is what
	hostlist_matches() uses. Bug #678
	[4f75b01d4884]

2014-11-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/hooks.c:
	Do not call sudo_warnx() on invalid value from the env hook
	functions as the printf() family may call getenv() for locale
	reasons.
	[547fc25acb7c]

	* doc/sudo.conf.mdoc.in, doc/sudo.man.in, doc/sudo.mdoc.in,
	doc/sudo_plugin.man.in, doc/sudoers.cat, doc/sudoers.man.in,
	doc/sudoers.mdoc.in, doc/sudoreplay.mdoc.in, doc/visudo.cat,
	doc/visudo.man.in, doc/visudo.mdoc.in:
	No need to keep specifying ".Nm foo" since the Nm macro remembers
	the argument it was first called with and uses it if none is
	specified. Also fix a few minor formatting errors and regen bulleted
	lists in the .man.in files.
	[d2669e94add4]

	* doc/visudo.cat, doc/visudo.man.in, doc/visudo.mdoc.in:
	Add sudo.conf to SEE ALSO and rename section on sudo.conf
	[d4cc8ad2c2b4]

	* doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in:
	Mention sudo.conf use for debugging
	[9393fb061bcd]

	* doc/sudo.cat, doc/sudo.conf.cat, doc/sudo_plugin.cat,
	doc/sudoers.cat, doc/sudoers.ldap.cat, doc/sudoers.man.in,
	doc/sudoreplay.cat:
	regen
	[1d34d21b2136]

	* doc/visudo.cat, doc/visudo.man.in, doc/visudo.mdoc.in:
	Document sudo.conf usage now that visudo will parse the sudoers
	arguments.
	[78a413c019a9]

2014-11-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/visudo.c:
	Use sudoers.so args from sudo.conf to set sudoers_file, sudoers_uid,
	sudoers_gid, and sudoers_mode in visudo.
	[1c7408b5ff7e]

	* plugins/sudoers/visudo.c:
	Use sudoers_file, sudoers_uid, sudoers_gid, and sudoers_mode symbols
	from toke.l instead of the upper case defines.
	[21ba15518c7d]

	* lib/util/Makefile.in, lib/zlib/Makefile.in,
	plugins/group_file/Makefile.in, plugins/sample/Makefile.in,
	plugins/sudoers/Makefile.in, plugins/system_group/Makefile.in:
	Use SSP_LDFLAGS when creating shared objects.
	[2428de97d2c2]

	* lib/util/Makefile.in:
	We only build .lo (not .o) files for libsudo_util
	[2c1e0475cddc]

2014-11-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	sync
	[aab14a9942e0]

2014-11-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c, src/exec_pty.c:
	Make sure that SIGCHLD is not treated as a user-generated signal in
	which case it could be ignored. Bug #676
	[a4caaaaa47a8]

2014-10-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, ltmain.sh, m4/libtool.m4, m4/ltoptions.m4, m4/ltsugar.m4,
	m4/ltversion.m4, m4/lt~obsolete.m4:
	Update to libtool 2.4.3 + HP-UX patches
	[9ddfd96f3bea]

2014-10-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.ac, lib/util/mktemp.c:
	Use arc4random() for mkstemp/mkdtemp if available. If not, try to
	seed from /dev/urandom before falling back to the gettimeofday seed.
	[7a7096ab82c9]

2014-10-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac, include/sudo_compat.h, lib/util/mktemp.c:
	If a system lacks mkdtemp() or mkstemps(), use our own mkdtemp() and
	mkstemps(). Previously we only exposed the missing one but since the
	guts are the same we might as well use them.
	[12d4ac64462f]

2014-10-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/sudo_debug.c:
	Use a static buffer for sudo_debug_execve2() if possible.
	[abf1fd5891ab]

2014-10-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/env_hooks.c:
	Mark the putenv(), setenv() and unsetenv() symbols as global, not
	hidden. Fixes a mismatch where a plugin (or its loaded dso) would
	call setenv() to set a variables but be unable to find it later with
	getenv().
	[96127ac4bbb3]

2014-10-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in:
	Fix install-nls target from builddir.
	[da63bc37f6c5]

	* Makefile.in:
	Fix dependency on sudo.pp, it needs to relative to srcdir.
	[c76088da98e8]

	* src/sesh.c:
	Adapt to new debug subsystem registration.
	[8e13b349b44b]

2014-10-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/zlib/Makefile.in, lib/zlib/zlib.exp:
	Add missing zlib.exp file and common LT_LDFLAGS Makefile.in.
	[0bc0092d3e03]

	* lib/util/sudo_conf.c:
	Fix path settings broken in rev 9731.
	[2b33916eb287]

	* MANIFEST, lib/util/regress/sudo_conf/test4.err.ok:
	Adjust regress test now that boolean settings display an error for
	invalid input.
	[73a7365f492e]

	* plugins/sudoers/iolog.c, plugins/sudoers/policy.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/sudoers_debug.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c:
	Add sudoers_debug_deregister() and use it instead of calling
	sudo_debug_deregister() directly.
	[819b0e08196e]

	* configure, configure.ac, lib/util/Makefile.in, lib/zlib/Makefile.in,
	plugins/group_file/Makefile.in, plugins/sample/Makefile.in,
	plugins/sudoers/Makefile.in, plugins/system_group/Makefile.in:
	Use AC_PROG_AWK
	[945cf6deb18d]

	* NEWS:
	Mention shared zlib.
	[094bdada1106]

	* MANIFEST:
	Add lib/zlib/zlib.exp
	[7b5011e3eea9]

	* INSTALL, configure, configure.ac, lib/zlib/Makefile.in,
	lib/zlib/zconf.h.in:
	Add support for installing a shared zlib
	[6875ab6ca44f]

	* lib/util/Makefile.in:
	fix comment typo
	[35c3dda27eec]

	* configure, configure.ac, lib/zlib/Makefile.in:
	Newer zlib uses HAVE_HIDDEN to turn on symbol hiding so we don't
	need to disable it with NO_VIS.
	[b3eee86f015f]

	* po/sudo.pot:
	regen
	[687bc1ea88ac]

	* configure.ac, include/sudo_debug.h, lib/util/sudo_debug.c,
	lib/util/util.exp.in:
	Version the symbols for sudo_debug.c now that the API is stable.
	[873850a062a8]

2014-10-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/sudo_conf.c:
	Go back to parsing sudo.conf in place for settings and paths and
	improve debugging info for unsupported entries and parse errors.
	[264e1f7d6551]

	* include/sudo_conf.h, lib/util/regress/sudo_conf/conf_test.c,
	lib/util/sudo_conf.c, lib/util/util.exp.in,
	plugins/sudoers/sudoers_debug.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c,
	src/load_plugins.c, src/sudo.c, src/sudo_plugin_int.h:
	Add a flag argument to sudo_conf_read() so we can decide which bits
	get parsed. This lets us parse Debug statements first and init the
	debug subsystem early.
	[56dbf1e671de]

2014-10-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/zlib/gzguts.h:
	Include stdio.h after zlib.h, not before. We need the large file
	defines to come first.
	[b42b53d10252]

	* doc/LICENSE, lib/zlib/compress.c, lib/zlib/crc32.c,
	lib/zlib/crc32.h, lib/zlib/deflate.c, lib/zlib/deflate.h,
	lib/zlib/gzguts.h, lib/zlib/gzlib.c, lib/zlib/gzread.c,
	lib/zlib/gzwrite.c, lib/zlib/infback.c, lib/zlib/inffast.c,
	lib/zlib/inflate.c, lib/zlib/inftrees.c, lib/zlib/trees.c,
	lib/zlib/uncompr.c, lib/zlib/zconf.h.in, lib/zlib/zlib.h,
	lib/zlib/zutil.c, lib/zlib/zutil.h:
	Update zlib to version 1.2.8
	[f95280e0448d]

	* configure, configure.ac:
	Don't add -Wold-style-definition to CFLAGS as it causes problems
	with 3rd party libraries such as zlib.
	[1d7613d1c177]

	* src/load_plugins.c:
	Free up plugin info structs after converting to plugin containers.
	[1168e873d778]

	* INSTALL, MANIFEST, Makefile.in, configure, configure.ac,
	doc/Makefile.in, doc/TROUBLESHOOTING, doc/UPGRADE, doc/sample.pam,
	doc/sample.sudo.conf, doc/sample.sudoers, doc/sample.syslog.conf,
	examples/Makefile.in, examples/pam.conf, examples/sudo.conf,
	examples/sudoers, examples/syslog.conf, sudo.pp:
	Move sample.* files to a sudo examples dir
	[b53e3df56c66]

	* sudo.pp:
	Fix a packaging problem with the sudoedit man page link on Debian.
	[8ad77a37048e]

	* plugins/sudoers/iolog.c, plugins/sudoers/policy.c:
	Initialize the debug subsystem in sudoers early. Currently this
	means iterating over the settings list twice.
	[93b12ea08405]

	* lib/util/sudo_debug.c:
	No need to convert sudoedit -> sudo in sudo_debug_get_instance() as
	we store the actual program name and only do the sudoedit -> sudo
	conversion when reading the sudo.conf file. Fixes debugging when
	invoked as sudoedit.
	[535c01d83b14]

	* lib/util/sudo_conf.c, lib/util/sudo_debug.c,
	plugins/sudoers/iolog.c, plugins/sudoers/policy.c, src/exec_pty.c,
	src/load_plugins.c, src/sudo.c, src/sudo_plugin_int.h:
	In the plugin registers with the debug framework at open time, the
	sudo front-end will now set the default debug instance appropriately
	before calling into the plugin. This means the plugin no longer
	needs to do the sudo_debug_set_default_instance() dance.
	[10dd45a7884f]

	* Makefile.in:
	Remove duplicate -U__NBBY in CPPCHECK_OPTS
	[ad518cb36279]

2014-10-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in:
	Older shells don't support unset.
	[8762e40871ab]

	* configure, configure.ac, include/sudo_compat.h,
	lib/util/inet_ntop.c, src/net_ifs.c:
	Fix inet_ntop() replacement on older systems without it. We only
	expose the prototype for net_ifs.c due to the use of socklen_t.
	[18b95ca378ab]

	* lib/util/sudo_debug.c:
	Dynamically allocate debug_fds bitmap and realloc as needed.
	[e858199414f6]

	* Makefile.in, include/sudo_debug.h, lib/util/Makefile.in,
	lib/util/sudo_debug.c, plugins/group_file/Makefile.in,
	plugins/sample/Makefile.in, plugins/sudoers/Makefile.in,
	plugins/sudoers/sudoers_debug.c, plugins/sudoers/sudoers_debug.h,
	plugins/system_group/Makefile.in, src/Makefile.in, src/exec.c:
	Use generic bitmap macros instead of select-style fd_set.
	[c382edc413be]

	* lib/util/sudo_debug.c:
	Replace sudo_debug_num_instances with sudo_debug_max_instance
	[12625fd174a4]

	* plugins/sudoers/iolog.c, plugins/sudoers/policy.c:
	Don't call into the debug subsystem after we've deregistered the
	plugin's instance.
	[fca7279d2f40]

	* lib/util/sudo_debug.c:
	Only fill in subsystem_ids[] for the instance if the caller passed
	in an array for it. If the caller only wants the default subsystems
	we don't actually need ids[].
	[07939da6d3a5]

	* lib/util/Makefile.in:
	Link with -ldl if needed when built with --disable-shared-libutil/
	[542eeffaf57d]

	* src/regress/ttyname/check_ttyname.c:
	Fix includes order.
	[ddd58edba5af]

	* lib/util/util.exp.in:
	Remove extra newline mistakenly introduced in rev 9682.
	[36a40e308bbc]

	* plugins/sudoers/Makefile.in:
	Fix typo in unset.
	[2c5fbe4c9a54]

	* plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/visudo.c, src/sesh.c:
	Set debug instance for standalone programs.
	[306225438408]

	* plugins/sudoers/bsm_audit.c, plugins/sudoers/linux_audit.c,
	src/net_ifs.c:
	Fix compilation issues, fallout from the debug changes.
	[aff5bb3d0322]

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	regen
	[bbb69f299d1f]

	* configure, configure.ac:
	Sudo 1.8.12
	[8d9b15c1de44]

	* NEWS:
	Update with debug system changes and revent bug fixes.
	[44133de1dee2]

	* include/sudo_debug.h, lib/util/sudo_conf.c, lib/util/sudo_debug.c,
	plugins/sudoers/sudoers_debug.c, plugins/sudoers/sudoers_debug.h:
	When registering with the debug subsystem, the caller now passes in
	an arrary of ints that gets filled in with the subsytem IDs to be
	used in debug_decl.
	[80e80ba194f7]

	* plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c:
	sudoers_debug_instance is now included in libparsesudoers so we
	don't need to declare it here.
	[a56f79e6fcf8]

2014-10-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, include/sudo_debug.h, lib/util/sudo_debug.c,
	lib/util/ttysize.c, plugins/sudoers/Makefile.in,
	plugins/sudoers/alias.c, plugins/sudoers/audit.c,
	plugins/sudoers/auth/afs.c, plugins/sudoers/auth/aix_auth.c,
	plugins/sudoers/auth/bsdauth.c, plugins/sudoers/auth/dce.c,
	plugins/sudoers/auth/fwtk.c, plugins/sudoers/auth/kerb5.c,
	plugins/sudoers/auth/pam.c, plugins/sudoers/auth/passwd.c,
	plugins/sudoers/auth/rfc1938.c, plugins/sudoers/auth/secureware.c,
	plugins/sudoers/auth/securid5.c, plugins/sudoers/auth/sia.c,
	plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/base64.c,
	plugins/sudoers/boottime.c, plugins/sudoers/bsm_audit.c,
	plugins/sudoers/check.c, plugins/sudoers/defaults.c,
	plugins/sudoers/env.c, plugins/sudoers/find_path.c,
	plugins/sudoers/getspwuid.c, plugins/sudoers/goodpath.c,
	plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/group_plugin.c, plugins/sudoers/hexchar.c,
	plugins/sudoers/interfaces.c, plugins/sudoers/iolog.c,
	plugins/sudoers/iolog_path.c, plugins/sudoers/ldap.c,
	plugins/sudoers/linux_audit.c, plugins/sudoers/logging.c,
	plugins/sudoers/logwrap.c, plugins/sudoers/match.c,
	plugins/sudoers/match_addr.c, plugins/sudoers/parse.c,
	plugins/sudoers/policy.c, plugins/sudoers/prompt.c,
	plugins/sudoers/pwutil.c, plugins/sudoers/pwutil_impl.c,
	plugins/sudoers/redblack.c, plugins/sudoers/set_perms.c,
	plugins/sudoers/sssd.c, plugins/sudoers/sudo_nss.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/sudoers_debug.c, plugins/sudoers/sudoers_debug.h,
	plugins/sudoers/testsudoers.c, plugins/sudoers/timestamp.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l,
	plugins/sudoers/toke_util.c, plugins/sudoers/visudo.c,
	plugins/sudoers/visudo_json.c:
	The sudoers plugin now defines its own list of debugging subsystem
	names and defines.
	[e85d0375e059]

	* MANIFEST, include/sudo_debug.h, lib/util/aix.c, lib/util/event.c,
	lib/util/event_poll.c, lib/util/event_select.c, lib/util/gidlist.c,
	lib/util/key_val.c, lib/util/lbuf.c, lib/util/locking.c,
	lib/util/parseln.c, lib/util/secure_path.c, lib/util/setgroups.c,
	lib/util/strtobool.c, lib/util/strtoid.c, lib/util/strtomode.c,
	lib/util/sudo_conf.c, lib/util/sudo_debug.c, lib/util/term.c,
	lib/util/ttysize.c, lib/util/util.exp.in,
	plugins/sudoers/Makefile.in, plugins/sudoers/alias.c,
	plugins/sudoers/audit.c, plugins/sudoers/auth/afs.c,
	plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/bsdauth.c,
	plugins/sudoers/auth/dce.c, plugins/sudoers/auth/fwtk.c,
	plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/rfc1938.c,
	plugins/sudoers/auth/secureware.c, plugins/sudoers/auth/securid5.c,
	plugins/sudoers/auth/sia.c, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/base64.c, plugins/sudoers/boottime.c,
	plugins/sudoers/bsm_audit.c, plugins/sudoers/check.c,
	plugins/sudoers/defaults.c, plugins/sudoers/env.c,
	plugins/sudoers/find_path.c, plugins/sudoers/getspwuid.c,
	plugins/sudoers/goodpath.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/group_plugin.c,
	plugins/sudoers/hexchar.c, plugins/sudoers/interfaces.c,
	plugins/sudoers/iolog.c, plugins/sudoers/iolog_path.c,
	plugins/sudoers/ldap.c, plugins/sudoers/linux_audit.c,
	plugins/sudoers/logging.c, plugins/sudoers/logwrap.c,
	plugins/sudoers/match.c, plugins/sudoers/match_addr.c,
	plugins/sudoers/parse.c, plugins/sudoers/policy.c,
	plugins/sudoers/prompt.c, plugins/sudoers/pwutil.c,
	plugins/sudoers/pwutil_impl.c, plugins/sudoers/redblack.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sssd.c,
	plugins/sudoers/sudo_nss.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/sudoers_debug.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/timestamp.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l, plugins/sudoers/toke_util.c,
	plugins/sudoers/visudo.c, plugins/sudoers/visudo_json.c,
	src/Makefile.in, src/exec.c, src/exec_common.c, src/exec_pty.c,
	src/get_pty.c, src/hooks.c, src/load_plugins.c, src/net_ifs.c,
	src/parse_args.c, src/preserve_fds.c,
	src/regress/ttyname/check_ttyname.c, src/selinux.c, src/sesh.c,
	src/signal.c, src/solaris.c, src/sudo.c, src/sudo.h,
	src/sudo_edit.c, src/tgetpass.c, src/ttyname.c, src/utmp.c:
	Add support for multiple Debug lines per program. Callers may
	register arbitrary debug facilities or use built-in defaults. We now
	use separate Debug statements for plugins and programs.
	[5e553cbbfbb1]

	* MANIFEST, doc/sudo.conf.cat, doc/sudo.conf.man.in,
	doc/sudo.conf.mdoc.in, doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, include/sudo_conf.h, include/sudo_debug.h,
	lib/util/Makefile.in, lib/util/regress/sudo_conf/conf_test.c,
	lib/util/regress/sudo_conf/test7.in,
	lib/util/regress/sudo_conf/test7.out.ok, lib/util/sudo_conf.c,
	lib/util/sudo_debug.c, lib/util/util.exp.in,
	plugins/sudoers/Makefile.in, plugins/sudoers/solaris_audit.c,
	plugins/sudoers/sssd.c, plugins/sudoers/sudoers.h, src/hooks.c,
	src/load_plugins.c, src/parse_args.c, src/sudo.c,
	src/sudo_plugin_int.h:
	Change how sudo.conf is parsed. We now do a quick parse and then set
	the values after the entire file has been parsed. This lets us init
	the debug system earlier. Plugin-specific debug flags are now stored
	in struct plugin_info and struct plugin_container and passed to the
	plugin via one or more debug_flags settings.
	[62fb1102e1e2]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, include/sudo_plugin.h, src/load_plugins.c,
	src/sudo.c, src/sudo_plugin_int.h:
	Pass plugin path in the settings array.
	[45bc2d087115]

	* src/parse_args.c, src/sudo.c, src/sudo.h:
	Return settings from parse_args as struct sudo_settings and format
	for the plugin at plugin open time. This will allow for additional,
	plugin-specific settings to be added to the array.
	[167929871b94]

	* plugins/sudoers/parse.c:
	Remove an unneeded NULL check to quiet a cppcheck warning.
	[64cb92122658]

2014-10-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in:
	Set locale to C for visudo and testsudoers regression tests. Bug
	#672
	[adf7997a0a65]

2014-10-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/linux_audit.c:
	Fix logic bug. We only want to return -1 from linux_audit_open()
	when audit_open() fails and errno is not one of EINVAL,
	EPROTONOSUPPORT, or EAFNOSUPPORT. For those errno values, we return
	AUDIT_NOT_CONFIGURED which is not a fatal error. Bug #671
	[6f0d8f1c7648]

2014-10-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Add back fix for Bug #663
	[a3dfc76ee776]

2014-10-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	The older style bash function exporting is not used by post-
	shellshock versions of bash.
	[223efe328e86]

	* plugins/sudoers/env.c:
	Apple uses a different variant of the BASH_FUNC prefix for bash
	functions.
	[ea13c8c2a716]

2014-10-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Remove change that is part of 1.8.12 not 1.8.11p1
	[8fdad4c4f314]

	* NEWS, configure, configure.ac:
	Update for sudo 1.8.11p1
	[80e9898f7c04]

	* src/regress/ttyname/check_ttyname.c:
	Only check stdin for the tty and avoid the check entirely if we
	don't have a way to get the tty from the kernel. Bug #643
	[deb799e16416]

	* lib/util/sudo_debug.c:
	Make a copy of ap in sudo_debug_vprintf2() in case the static buffer
	is not big enough and we need to call vasprintf().
	[a5d32b9d63be]

	* src/sudo.c:
	Avoid comparing new cwd with old one if getcwd() failed. Bug #670
	[e99093578ca7]

	* plugins/sudoers/env.c:
	Fix debugging printout output for env_should_keep()
	[a9e7ea4b6751]

2014-10-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in, include/Makefile.in:
	Use INSTALL_OWNER instead of -O/-G flags so we can work with the
	autotools install-sh too. Bug #669
	[a5f87f6a52b7]

	* plugins/sudoers/policy.c, plugins/sudoers/sudoers.c:
	Move sudo_printf to policy.c to match sudo_conv.
	[f2d6065c3daf]

2014-10-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, include/sudo_fatal.h, lib/util/Makefile.in,
	lib/util/fatal.c, lib/util/sudo_printf.c, lib/util/util.exp.in,
	plugins/sudoers/Makefile.in, plugins/sudoers/sudo_printf.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	src/conversation.c, src/sudo.c, src/sudo_plugin_int.h:
	Add sudo_warn_set_conversation() to specify a conversation function
	to use for warn/fatal. If no conversation function is specified, the
	standard error will be used. We now only need sudo_printf() for
	things that use the parser.
	[d6049e53e3e3]

2014-10-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	Use correct names when referring to subsections in the sudoers
	manual.
	[7a016916f0ab]

2014-10-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, config.h.in, configure, configure.ac,
	lib/util/inet_ntop.c, src/net_ifs.c:
	Use inet_ntop() instead of inet_ntoa() and include a version for
	systems that are missing it.
	[1a1a70dba9c0]

2014-10-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac:
	Fix detection of functions in network libs like -lsocket, -lnsl and
	-linet when we have already added those libs to NET_LIBS. Fixes a
	problem where inet_pton() was not detected on Solaris.
	[27e10183649e]

	* NEWS:
	Mention --disable-shared-libutil fix.
	[7efe70688237]

	* src/Makefile.in:
	Always use --tag=disable-static to avoid installing a static
	sudo_noexec.
	[5d7d58879f99]

	* configure, configure.ac, lib/util/Makefile.in,
	plugins/sudoers/Makefile.in:
	Instead of building libutil statically for --disable-shared-libutil,
	just treat it as a convenience library. Do the same with sudoers for
	--enable-static-sudoers. Fixes link errors on Solaris among others
	when --disable-shared-libutil is used.
	[c5357fe78ab7]

	* configure, configure.ac, lib/util/Makefile.in,
	plugins/group_file/Makefile.in, plugins/sample/Makefile.in,
	plugins/sudoers/Makefile.in, plugins/system_group/Makefile.in:
	Remove LT_LDMAP and LT_LDOPT and just use LT_LDEXPORTS for the
	compiler-specific option to restrict symbol exporting.
	[09e8dab6f528]

	* src/preload.c:
	Include sys/types.h to get gid_t, etc used in sudo_compat.h. Fixes a
	build issue on Solaris.
	[b8917967df41]

2014-09-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/regress/ttyname/check_ttyname.c:
	Fix cust & pasto in error message when there is a mismatch between
	the sudo and libc ttys. From Diego Elio Petteno'. Bug #643
	[87d5f1a49535]

2014-09-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/env.c:
	Add BASH_FUNC_* to environment blacklist for newer-style bash
	functions.
	[b6e66c4a782e]

	* Makefile.in:
	Pull additional password prompts out of mkpkg instead of hard-coding
	them.
	[d2a6da883b34]

	* NEWS:
	Add post-1.8.11 changes
	[11169ace8fa4]

	* Makefile.in, configure.ac, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/sia.c, plugins/sudoers/po/sudoers.pot:
	Add a space after "Password:" in default password prompt so it is
	easier to read when pwfeedback is enabled.
	[a7750d845b5b]

	* plugins/sudoers/auth/sudo_auth.c:
	Simplify how we count the password tries
	[71b9f2021561]

	* plugins/sudoers/auth/sia.c, plugins/sudoers/auth/sudo_auth.c:
	Block SIGINT and SIGQUIT while verifying passwords so that
	authentication modules that use sleep() are not interrupted. If the
	user interrupted authentication, exit the loop.
	[1cfafd7fcb13]

	* configure, configure.ac:
	Remove Convex support; it is not modern enough to run sudo 1.8.
	[c3bdfbb2ee11]

	* configure, configure.ac:
	Only check for -lshadow if we haven't already found getspnam() in
	libc. Rather than treat this specially, just add -lshadow as another
	place to search in addition to -lgen.
	[fdf06757f25d]

2014-09-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/auth/sudo_auth.c:
	If all authentication methods fail init/setup, fail with an error.
	[4cd0481bf05e]

	* plugins/sudoers/auth/sudo_auth.c:
	Move pass_warn() so that it is defined before it is called().
	[6ea697e89fef]

2014-09-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* pp:
	Remove duplicate Requires: line in generated rpm spec file.
	[335703b110c7]

	* pp:
	In pp_files_expand() set _target to be empty. Fixes a problem with
	Solaris sh where simply using typeset doesn't causes the variable to
	be treated as local so we can inadvertantly inherit a value from a
	previous call.
	[f3cecca3c7b0]

2014-09-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac:
	Fix version for release.
	[39f6a2e9a098]

2014-09-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac, pathnames.h.in:
	Only redefine _PATH_BSHELL on AIX if we included paths.h.
	[2dd4e808f69f]

	* NEWS:
	Bug 661
	[7f2b278086b2]

	* pathnames.h.in, src/exec_common.c, src/sudo.c:
	On AIX, _PATH_BSHELL is /usr/bin/bsh but we want to use /usr/bin/sh
	(which is usually ksh). This makes sudo's behavior when executing a
	shell without the #! magic number match execvp() on AIX.
	[2b438ff99991]

	* pathnames.h.in:
	Whitespace changes.
	[107f66ecfa54]

	* configure, m4/sudo.m4:
	Prefer /usr/bin/sh to /bin/sh to match modern systems.
	[9e2ccb5b239f]

	* NEWS, lib/util/Makefile.in:
	Don't use SSP_CFLAGS or PIE_CFLAGS when building mksiglist/mksigname
	as they are built with the host compiler which may be different when
	cross-compiling. From Gustavo Zacarias. Bug 662.
	[f1a6d58c0baa]

2014-09-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/sr.mo, plugins/sudoers/po/sr.po, po/cs.mo,
	po/cs.po, po/de.mo, po/de.po, po/eo.mo, po/eo.po, po/fi.mo,
	po/fi.po, po/nb.mo, po/nb.po, po/pl.mo, po/pl.po, po/pt_BR.mo,
	po/pt_BR.po, po/ru.mo, po/ru.po, po/sr.mo, po/sr.po, po/uk.mo,
	po/uk.po, po/vi.mo, po/vi.po, po/zh_CN.mo, po/zh_CN.po:
	Sync with translationproject.org
	[588c41d2eab5]

2014-09-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudo_nss.c:
	Make sure we can't insert an nss entry in the list that has already
	been used before.
	[b5fab945991b]

	* plugins/sudoers/visudo_json.c:
	Use correct gettext macro with sudo_warnx()
	[0a532986b016]

	* NEWS:
	Make nsswitch.conf bug fix description more accurrate. It affects
	the "files" nsswitch source too.
	[a29cce3a3ee9]

	* NEWS:
	Mention nsswitch.conf duplicate entry fix.
	[f8a45b59a577]

2014-09-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/parse.c, plugins/sudoers/sudoers.h:
	Make sudoers file nsswitch functions static to parse.c since they
	are self-contained.
	[cf22385d0659]

	* plugins/sudoers/sudo_nss.c:
	Fix infinite loop when mulitple sudoers entries are present in
	nsswitch.conf. From Daniel Kopecek.
	[e773e0eee736]

2014-09-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Fix for bug #660
	[e25192ad79cc]

	* src/get_pty.c:
	Fix compilation on systems without openpty(), _getpty() or
	grantpt(). From Vasilyy Balyasnyy
	[897280412e3e]

2014-09-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/conversation.c:
	Remove remaining use of SUDO_CONV_DEBUG_MSG.
	[4ee756b687ea]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, include/sudo_plugin.h:
	SUDO_CONV_DEBUG_MSG is no longer supported.
	[7bf46cf06578]

	* doc/sudo.conf.cat, doc/sudoers.cat:
	regen
	[5bff0d4d3956]

	* include/sudo_debug.h, lib/util/sudo_debug.c, lib/util/sudo_printf.c,
	plugins/sudoers/iolog.c, plugins/sudoers/policy.c:
	There is no longer a reason for the plugin to init the debug
	subsystem itself. It will always be initialized by the front-end if
	needed.
	[970dd80a9e3c]

	* include/sudo_alloc.h, include/sudo_compat.h, include/sudo_fatal.h:
	Add function arg names to prototypes where missing.
	[e78dc4c48521]

	* lib/util/alloc.c:
	Remove obsolete definition of SIZE_T which is now handled by
	sudo_compat.h and rename the format arg to fmt in
	sudo_evasprintf_v1() for consistency with sudo_easprintf_v1().
	[72c0fc5e5114]

	* src/parse_args.c:
	If we were invoked with any name ending in "edit", treat as
	sudoedit.
	[d307572f08bc]

2014-09-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* po/sudo.pot:
	regen
	[31c115ffbba8]

	* src/exec.c, src/exec_pty.c, src/signal.c:
	Check return value of sigaction(), even though it should never fail.
	[75c578e6a07c]

2014-09-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/Makefile.in, src/Makefile.in:
	regen
	[2fcb390e8e89]

	* MANIFEST, plugins/sudoers/Makefile.in,
	plugins/sudoers/regress/parser/check_hexchar.c:
	Add hexchar unit test
	[de65e0ded4a2]

	* plugins/sudoers/regress/parser/check_addr.c:
	Avoid division by zero if there was no test data.
	[de3324077ba0]

2014-09-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/event.c:
	Remove confusing comment.
	[ee1765a06b94]

	* lib/util/sudo_debug.c:
	Use a stack buffer for the debug message when possible, most are
	small.
	[945fb94a7aaf]

2014-09-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/ca.mo, plugins/sudoers/po/ca.po, po/ca.mo,
	po/ca.po:
	Sync with translationproject.org
	[661d536a7599]

2014-08-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c:
	Convert a debug printf to a user-visible warning.
	[c3866eaea3ec]

	* include/sudo_fatal.h, include/sudo_util.h, lib/util/fatal.c:
	Move sudo_printf extern to sudo_util.h
	[50275ef999e9]

	* include/sudo_fatal.h, include/sudo_lbuf.h, lib/util/fatal.c,
	lib/util/lbuf.c:
	Some versions of the HP C Compiler don't export functions that take
	function pointers as arguments unless a typedef is used.
	[97cc0525dbd7]

	* include/sudo_lbuf.h:
	Work around a bug in the HP C compiler.
	[5c902aefeba6]

	* lib/util/lbuf.c:
	Don't need sudo_fatal.h
	[bccfe4df4794]

2014-08-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* po/da.mo, po/da.po:
	Sync with translationproject.org
	[7910e3fc0f3e]

	* src/exec.c:
	Remove signal_event from evbase before calling sudo_ev_loopexit()
	when the command has exited or been killed. It is possible that we
	could receive another signal on the pipe if they are delivered out
	of order.
	[b8ed1c9482b4]

2014-08-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_pty.c:
	Treat EOF on signal pipe (which should never happen) as ECONNRESET.
	[eb57e9047a2c]

	* include/sudo_event.h, lib/util/event.c, src/exec_pty.c:
	Don't allow sudo_ev_loopcont() to override sudo_ev_loopexit()
	[b6b53eacbc61]

	* include/sudo_event.h, lib/util/event.c, lib/util/event_poll.c,
	lib/util/event_select.c:
	Add some internal convenience functions.
	[b01063d82347]

2014-08-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Fix osrelease sed expression. It wasn't matching distros with a
	single digit version such as sles9.
	[44f3e9b7e6c0]

	* plugins/sudoers/po/cs.mo, plugins/sudoers/po/cs.po,
	plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po,
	plugins/sudoers/po/nb.mo, plugins/sudoers/po/nb.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po, po/cs.mo,
	po/cs.po, po/de.mo, po/de.po, po/eo.mo, po/eo.po, po/fi.mo,
	po/fi.po, po/it.mo, po/it.po, po/nb.mo, po/nb.po, po/pl.mo,
	po/pl.po, po/pt_BR.mo, po/pt_BR.po, po/ru.mo, po/ru.po, po/uk.mo,
	po/uk.po, po/vi.mo, po/vi.po, po/zh_CN.mo, po/zh_CN.po:
	Sync with translationproject.org
	[5b2c6063db75]

	* plugins/sudoers/iolog.c:
	Return -1 from logging functions if we get a write error.
	[a3ae43d54101]

	* NEWS:
	Mention I/O plugin changes.
	[0bd2e99fe87a]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, include/sudo_plugin.h, src/exec_pty.c:
	Change behavior when plugin I/O logging function returns 0 or -1.
	For -1 (error) return, we now kill the command and disable the I/O
	logging function that returned the error. For a 0 (reject) return,
	we no longer display the rejected output to the user's terminal. The
	plugin API revision is now 1.6.
	[27bb504860f3]

	* doc/sudoers.cat:
	regen to fix version.
	[641ea29b7dd3]

	* plugins/sample/sample_plugin.c:
	Add trivial dirty word check to the sample output logging function.
	[a14494b87b4d]

2014-08-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Update for 1.8.11b2
	[72ac1f26ba78]

	* src/sudo_edit.c:
	Fix restoration of effective uid/gid in command_details. This masked
	the effects an unset (really zero) egid. Bug 656
	[b75eed459386]

	* src/sudo.c:
	Set runas egid to the same value as runas gid if egid not specified
	by the plugin. Only affects new files created by sudoedit. Bug #656
	[f2daabba4912]

	* src/sudo_edit.c:
	Don't leak temp fd in sudo_edit_copy_tfiles(). Fix fd leak in error
	path in sudo_edit_copy_tfiles().
	[465d6a79b5cf]

2014-08-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	fix typo
	[a4659abcbc1d]

	* src/signal.c:
	We write an unsigned char, not an int, to the signal pipe.
	[fae4217be608]

2014-08-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo_edit.c:
	Sprinkle some debugging around uid/gid setting in sudoedit.
	[15e4a337f0b0]

	* src/sesh.c, src/sudo.c, src/sudo.h, src/sudo_edit.c,
	src/sudo_exec.h:
	Make sudoedit work with SELinux RBAC. Adapted from RedHat patches
	(Daniel Kopecek) but made to behave a bit more like the non-SELinux
	bits.
	[8f3f7969220f]

	* src/sudo_edit.c:
	Refactor code that copies temp files into separate functions.
	[b1057f4bee87]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in:
	Fix typo, .em should be .Em
	[ec28aa3bdd6a]

2014-08-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sesh.c:
	Add missing call to initprogname().
	[71040679765f]

	* lib/util/sudo_debug.c, lib/util/sudo_printf.c:
	Don't recurse infinitely until we blow the stack when the debug file
	can't be opened in the front-end. The conversation-type debug mode
	will be removed in the future.
	[38cd1a6343c2]

2014-08-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Only use the first two digits of the version number. Fixes a problem
	on RHEL 7 which has version numbers like 7.0.1406
	[272727fd57fb]

	* plugins/sudoers/linux_audit.c:
	Fix return value when kernel has no audit support.
	[7ca1c9857058]

	* lib/util/progname.c:
	remove unused label
	[4179ea1ffa3a]

2014-08-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* aclocal.m4, autogen.sh:
	Update to automake 1.14 (no code changes).
	[5e04db4f7c5d]

2014-08-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document the interaction between sudoers environment handling and
	the pam_env module.
	[bd56868f078c]

	* plugins/sudoers/env.c:
	Don't allow pam_env to overwrite existing variables when env_reset
	is disabled unless the variables match the black list and would
	normally be removed. It may just be better to never overwrite when
	env_reset is disabled.
	[e0ae88fce535]

2014-08-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	Update year range to include 2014
	[6b3b5f3fa791]

2014-08-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/Makefile.in:
	Remove regress .err files in distclean target.
	[d66a4f1db130]

	* lib/util/Makefile.in, plugins/group_file/Makefile.in,
	plugins/sample/Makefile.in, plugins/sudoers/Makefile.in,
	plugins/system_group/Makefile.in:
	Remove generated files for linker as part of distclean.
	[5d1bf6c32c6b]

	* .hgignore:
	Ignore .out and .err files in lib/util regress
	[9f4d91e77c0f]

	* NEWS:
	Add additional 1.8.11 changes and fix typos.
	[7980e2abb6ea]

	* configure, configure.ac, plugins/sudoers/Makefile.in:
	Avoid building/running the check_symbols test program unless we are
	building a shared sudoers plugin.
	[a6bde1a12111]

	* plugins/sudoers/Makefile.in, src/Makefile.in:
	Remove two instances of -no-fast-install that were missed before.
	[8a2c89cdf252]

	* INSTALL, NEWS, configure, configure.ac, lib/util/Makefile.in:
	Add --disable-shared-libutil configure option. It may only be used
	in conjunction with the --enable-static-sudoers option.
	[e19c71464399]

2014-08-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/Makefile.in:
	Remove noop man.sed files Use full path instead of $@.in when
	calling config.status with --file=-
	[53c69928427e]

	* src/preserve_fds.c:
	Fix "sudo -C" when we have internal fds to preserve from
	closefrom().
	[942db66345ea]

2014-08-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/env.c:
	Add explicit support for matching the full environment string
	(name=value). Bash functions may now be preserved for full matches,
	but not for name-only matches.
	[f4d816e11f66]

2014-08-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* .hgignore:
	Ignore lib/util/util.exp
	[e08306ca6a6d]

2014-07-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac:
	Fix exporting of asprintf/vasprintf symbols.
	[5ff59bdeb501]

	* configure, configure.ac:
	Don't export getaddrinfo symbols if we found the function in a
	library.
	[3bf4a5d3cfdb]

	* src/sudo_edit.c:
	It is now sudo_efree() not efree(). Don't try to free a pointer to
	garbage on error.
	[51a1ddaa220d]

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	Regen .pot files
	[8c46fe51d32e]

2014-07-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo_edit.c:
	Plug memory leak, even though we are headed for exit.
	[e2b28ddffabe]

	* configure, configure.ac, lib/util/Makefile.in,
	plugins/sudoers/Makefile.in:
	If getaddrinfo() is missing libsudoutil may need to pull in
	networking libraries.
	[4d6724d54927]

	* MANIFEST, configure, configure.ac, include/sudo_compat.h,
	lib/util/Makefile.in, lib/util/util.exp, lib/util/util.exp.in,
	m4/sudo.m4:
	Only include functions in util.exp that are actually in the library.
	Fixes a problem on Solaris where undefined functions that are listed
	as exported in the map file result in a link error. Also make sure
	we use our glob.c if the system is missing glob().
	[3121ad215f1e]

	* configure, configure.ac:
	Make sure shadow libs don't end up in LIBS, only SUDOERS_LIBS (and
	SUDO_LIBS if set_auth_parameters() or initprivs() are present.
	[fb084b157c76]

	* configure.ac:
	No need to AC_SUBST HAVE_BSM_AUDIT and HAVE_SOLARIS_AUDIT
	[5d73ccf3a7b9]

2014-07-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c, src/exec_pty.c, src/sudo_exec.h:
	Attempt to handle systems with SA_SIGINFO but that lack SI_USER.
	[0c8b09861ad5]

	* config.h.in, configure, configure.ac, include/sudo_compat.h:
	Replace use of HAVE_GETCWD with PREFER_PORTABLE_GETCWD. It is safe
	to assume getcwd() exists, we just need to handle broken ones.
	[e897223a8f38]

	* config.h.in, configure, configure.ac, plugins/sudoers/Makefile.in:
	Add check for inet_ntoa() since it may live in libnsl. Make getcwd()
	replacement private to the SunOS 4 section.
	[8e2cd0fdd6cd]

	* plugins/sudoers/match.c:
	Avoid mixing declarations and code for non-C99 compilers.
	[1fa5cf2356fd]

	* include/sudo_debug.h:
	For C89, use "const char __func__[]" instead of "const char
	*__func__".
	[c4e9f9d6691b]

	* plugins/sudoers/match.c:
	Fix compilation on systems w/o netgroups.
	[57deb66ef8ff]

2014-07-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/preserve_fds.c:
	Back out old workaround for sudoedit hang when debugging was
	enabled.
	[f547bf80c436]

	* src/sudo_edit.c:
	Don't memcpy() the preserved_fds TAILQ as the pointers into the head
	will be wrong. All we need to do is save the old command details and
	restore them after calling run_command(). Fixes a hang with sudoedit
	when debugging is enabled.
	[84ff8e1f490a]

2014-07-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo.c:
	The default policy close function should only print an error message
	if the error_code is non-zero.
	[2032c9e33e3f]

	* src/preserve_fds.c:
	If there the preserved fds list is empty, add a new element with
	TAILQ_INSERT_HEAD instead of TAILQ_INSERT_TAIL to avoid an infinite
	loop on AIX, Solaris and possibly others when debug mode is active.
	[63cefe22c515]

	* lib/util/progname.c:
	Remove support for getting program name via /proc as pr_fname is
	usually filled in after symbolic links have been processed, even on
	Solaris.
	[0460c613753c]

	* lib/util/Makefile.in:
	Use shlib_enable instead of soext when determining whether to
	install the library.
	[d46640a7733c]

	* lib/util/regress/atofoo/atofoo_test.c:
	Avoid potential division by zero
	[6411d276a138]

	* lib/util/Makefile.in:
	Don't link progname test with libsudo_util, just link in progname.lo
	directly since that is all we need. Avoid a linker issue on darwin.
	[ee6210ee5cc0]

	* lib/util/progname.c:
	Remove pstat_getproc() path as pst_ucomm on HP-UX will return the
	target of a symbolic link and not the name of the link itself. Avoid
	using pr_fname on AIX for the same reason. Bug 654
	[36aced8e3714]

	* MANIFEST, lib/util/Makefile.in,
	lib/util/regress/progname/progname_test.c:
	Add test for getprogname() and symbolic links; bug 654
	[fbbe9faeda46]

2014-07-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.conf.cat, doc/sudo.conf.man.in, doc/sudo.conf.mdoc.in:
	Document tracing
	[cfd7f14d596d]

2014-07-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/util.exp:
	sudo_term_{erase,kill} are regular symbols not functions.
	[3454a9c1328b]

2014-07-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	Fix NULL deref if base64_decode returns -1.
	[d03e207b1bb8]

	* MANIFEST, include/missing.h, include/sudo_compat.h,
	lib/util/Makefile.in, lib/util/aix.c, lib/util/alloc.c,
	lib/util/clock_gettime.c, lib/util/closefrom.c, lib/util/event.c,
	lib/util/event_poll.c, lib/util/event_select.c, lib/util/fatal.c,
	lib/util/fnmatch.c, lib/util/getaddrinfo.c, lib/util/getcwd.c,
	lib/util/getgrouplist.c, lib/util/getline.c, lib/util/getopt_long.c,
	lib/util/gidlist.c, lib/util/glob.c, lib/util/inet_pton.c,
	lib/util/isblank.c, lib/util/key_val.c, lib/util/lbuf.c,
	lib/util/locking.c, lib/util/memrchr.c, lib/util/memset_s.c,
	lib/util/mksiglist.c, lib/util/mksigname.c, lib/util/mktemp.c,
	lib/util/parseln.c, lib/util/progname.c, lib/util/pw_dup.c,
	lib/util/regress/atofoo/atofoo_test.c,
	lib/util/regress/fnmatch/fnm_test.c,
	lib/util/regress/glob/globtest.c,
	lib/util/regress/sudo_conf/conf_test.c,
	lib/util/regress/sudo_parseln/parseln_test.c,
	lib/util/regress/tailq/hltq_test.c, lib/util/secure_path.c,
	lib/util/setgroups.c, lib/util/sha2.c, lib/util/sig2str.c,
	lib/util/snprintf.c, lib/util/strlcat.c, lib/util/strlcpy.c,
	lib/util/strsignal.c, lib/util/strtobool.c, lib/util/strtoid.c,
	lib/util/strtomode.c, lib/util/strtonum.c, lib/util/sudo_conf.c,
	lib/util/sudo_debug.c, lib/util/sudo_dso.c, lib/util/sudo_printf.c,
	lib/util/term.c, lib/util/ttysize.c, lib/util/utimes.c,
	plugins/group_file/Makefile.in, plugins/group_file/getgrent.c,
	plugins/group_file/group_file.c, plugins/sample/Makefile.in,
	plugins/sample/sample_plugin.c, plugins/sudoers/Makefile.in,
	plugins/sudoers/audit.c, plugins/sudoers/base64.c,
	plugins/sudoers/boottime.c, plugins/sudoers/bsm_audit.c,
	plugins/sudoers/getdate.c, plugins/sudoers/getdate.y,
	plugins/sudoers/hexchar.c, plugins/sudoers/linux_audit.c,
	plugins/sudoers/locale.c, plugins/sudoers/redblack.c,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/parser/check_base64.c,
	plugins/sudoers/regress/parser/check_digest.c,
	plugins/sudoers/regress/parser/check_fill.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/timestr.c, plugins/system_group/Makefile.in,
	plugins/system_group/system_group.c, src/Makefile.in,
	src/locale_stub.c, src/net_ifs.c, src/preload.c,
	src/regress/ttyname/check_ttyname.c, src/sesh.c, src/sudo.h,
	src/sudo_noexec.c:
	Rename missing.h -> sudo_compat.h
	[ddcc945a0f87]

	* MANIFEST, include/secure_path.h, include/sudo_util.h,
	lib/util/Makefile.in, lib/util/secure_path.c, lib/util/sudo_conf.c,
	plugins/sudoers/Makefile.in, plugins/sudoers/sudoers.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/timestamp.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Merge secure_path.h -> sudo_util.h
	[0385dfbf2e2d]

	* include/secure_path.h, include/sudo_alloc.h, include/sudo_conf.h,
	include/sudo_dso.h, include/sudo_event.h, include/sudo_fatal.h,
	include/sudo_lbuf.h, include/sudo_util.h, lib/util/aix.c,
	lib/util/alloc.c, lib/util/event.c, lib/util/fatal.c,
	lib/util/gidlist.c, lib/util/key_val.c, lib/util/lbuf.c,
	lib/util/locking.c, lib/util/parseln.c, lib/util/secure_path.c,
	lib/util/setgroups.c, lib/util/strtobool.c, lib/util/strtoid.c,
	lib/util/strtomode.c, lib/util/sudo_conf.c, lib/util/sudo_dso.c,
	lib/util/term.c, lib/util/ttysize.c, lib/util/util.exp,
	plugins/sudoers/locale.c, src/locale_stub.c:
	Version the functions in libsudo_util
	[c6d6eba95bb4]

2014-07-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/gettext.h, include/sudo_gettext.h, lib/util/Makefile.in,
	lib/util/aix.c, lib/util/alloc.c, lib/util/fatal.c,
	lib/util/gidlist.c, lib/util/strsignal.c, lib/util/strtoid.c,
	lib/util/strtomode.c, lib/util/strtonum.c, lib/util/sudo_conf.c,
	lib/util/sudo_debug.c, plugins/sudoers/Makefile.in,
	plugins/sudoers/audit.c, plugins/sudoers/bsm_audit.c,
	plugins/sudoers/linux_audit.c, plugins/sudoers/locale.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/sudoreplay.c,
	src/Makefile.in, src/locale_stub.c, src/net_ifs.c, src/sesh.c,
	src/sudo.h:
	Rename gettext.h -> sudo_gettext.h
	[7f6b44473b8f]

	* include/fatal.h, include/sudo_fatal.h, lib/util/Makefile.in,
	lib/util/aix.c, lib/util/alloc.c, lib/util/event.c,
	lib/util/event_poll.c, lib/util/event_select.c, lib/util/fatal.c,
	lib/util/getopt_long.c, lib/util/gidlist.c, lib/util/lbuf.c,
	lib/util/regress/atofoo/atofoo_test.c,
	lib/util/regress/tailq/hltq_test.c, lib/util/sudo_conf.c,
	lib/util/sudo_debug.c, plugins/sudoers/Makefile.in,
	plugins/sudoers/bsm_audit.c, plugins/sudoers/linux_audit.c,
	plugins/sudoers/locale.c,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/sudoreplay.c,
	src/Makefile.in, src/locale_stub.c, src/net_ifs.c,
	src/regress/ttyname/check_ttyname.c, src/sesh.c, src/sudo.h:
	Rename fatal.h -> sudo_fatal.h
	[bef3401dbb24]

	* include/queue.h, include/sudo_conf.h, include/sudo_event.h,
	include/sudo_queue.h, lib/util/Makefile.in, lib/util/fatal.c,
	lib/util/regress/tailq/hltq_test.c, plugins/sudoers/Makefile.in,
	plugins/sudoers/regress/parser/check_fill.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/sudoreplay.c,
	src/Makefile.in, src/hooks.c:
	Rename queue.h -> sudo_queue.h to avoid collisions with the system
	version.
	[473614fdde5a]

	* include/sudo_debug.h, lib/util/sudo_debug.c:
	Conver sudo_debug_write() to a macro
	[0f110f27a23c]

2014-07-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/fixman.sh, doc/fixmdoc.sh:
	Fix man page post-processing; it was deleting more than intended.
	[716af03dcfb7]

2014-07-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/Makefile.in:
	Remove double $(srcdir) when running sed scripts.
	[16add67ae550]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	"an EXEC tag" not "a EXEC tag"
	[9ac1b8e322f9]

	* doc/sudoers.cat:
	Document that I/O logging is not enabled by default.
	[08fca95dd5a4]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document that exec_background is off by default.
	[87fe5defff58]

2014-07-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sesh.c:
	Error out if sesh is run as a login shell but the shell it needs to
	run has no slash. This shouldn't happen in practice.
	[10ff502888ee]

	* MANIFEST, include/compat/mksiglist.h, include/compat/mksigname.h,
	lib/util/Makefile.in, lib/util/mksiglist.c, lib/util/mksiglist.h,
	lib/util/mksigname.c, lib/util/mksigname.h:
	Move mksiglist.h and mksigname.h to lib/util where they belong.
	[d01046c69060]

	* config.h.in, configure, configure.ac, include/missing.h,
	lib/util/progname.c, lib/util/util.exp, plugins/sudoers/Makefile.in:
	Avoid passing -no-fast-install to libtool as this results in the
	build dir being left in the library path of the installed
	executable. Instead, we remove the "lt-" prefix from the program
	name in initprogname() so that the regress test output is unaffected
	by libtool's binary wrapper.
	[75d1563e95b4]

	* sudo.pp:
	Fix syntax error with some shells.
	[91e8da7702c5]

2014-07-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac:
	Force libtool to use runtime linking on AIX so that it installs the
	plugins as .so files and not .a files.
	[ae66488bd9ca]

	* plugins/sudoers/ldap.c:
	Be sure to NUL-terminate the decoded secret when converting from
	base64.
	[b3dc463c8882]

	* plugins/sudoers/ldap.c:
	Fix a pointer signednes warning calling base64_decode().
	[74f7354867a3]

	* lib/util/getgrouplist.c:
	Use sudo_strtoid() now that it is located in the same library.
	[4868532e2d65]

	* lib/util/strtoid.c:
	Skip leading space (ala strtol) so that we can pick up the sign even
	if it is not the first character of the string.
	[148ee633c6a4]

2014-07-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c:
	For sudoedit, audit the actual editor being run, not just the
	sudoedit command.
	[59a5b0ad36af]

	* src/selinux.c:
	Audit failed user role changes. RedHat bz #665131
	[cf9777687124]

	* plugins/sudoers/Makefile.in:
	Avoid running check_symbols for static sudoers
	[71b13bada1ce]

	* plugins/sudoers/regress/visudo/test3.err.ok,
	plugins/sudoers/regress/visudo/test3.sh:
	Adapt to unused alias changes.
	[4b58e36c3d8f]

	* doc/visudo.cat, doc/visudo.man.in, doc/visudo.mdoc.in,
	plugins/sudoers/visudo.c:
	An unused alias is not really an error, even in strict mode. RedHat
	bz #604297
	[f10b3b7ec5a6]

	* src/sesh.c:
	When running a login shell via sesh, make new argv[0] -shell, not
	/path/to-shell. RedHat bz #1065418
	[414cb512f102]

2014-07-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	The RHEL sudo package allows users in group wheel to run sudo.
	[9f22020a57cf]

	* Makefile.in, sudo.pp:
	Avoid packaging parent directories when they are system directories.
	Currently we just skip this when prefix is /usr
	[93ccede545cd]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Fix typo: sudo.d -> sudoers.d. From RedHat bz #726634
	[1c99a4fd9c7d]

	* mkpkg:
	RHEL 6 and above use /etc/sudo-ldap.conf not /etc/ldap.conf
	[ce3216e4390a]

	* pp:
	For rpm, do not specify a mode in %attr for symbolic links. Avoids
	the warning "Explicit %attr() mode not applicaple to symlink"
	[3f5a80ed5081]

2014-07-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/sudo_alloc.h, lib/util/aix.c, lib/util/event.c,
	lib/util/event_poll.c, lib/util/event_select.c, lib/util/fatal.c,
	lib/util/lbuf.c, lib/util/sudo_conf.c, plugins/sudoers/alias.c,
	plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/kerb5.c,
	plugins/sudoers/auth/pam.c, plugins/sudoers/auth/passwd.c,
	plugins/sudoers/auth/secureware.c, plugins/sudoers/auth/sia.c,
	plugins/sudoers/check.c, plugins/sudoers/defaults.c,
	plugins/sudoers/env.c, plugins/sudoers/find_path.c,
	plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/group_plugin.c, plugins/sudoers/interfaces.c,
	plugins/sudoers/iolog.c, plugins/sudoers/iolog_path.c,
	plugins/sudoers/ldap.c, plugins/sudoers/linux_audit.c,
	plugins/sudoers/locale.c, plugins/sudoers/logging.c,
	plugins/sudoers/match.c, plugins/sudoers/policy.c,
	plugins/sudoers/pwutil.c, plugins/sudoers/pwutil_impl.c,
	plugins/sudoers/redblack.c, plugins/sudoers/sssd.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l,
	plugins/sudoers/toke_util.c, plugins/sudoers/visudo.c, src/exec.c,
	src/exec_common.c, src/exec_pty.c, src/hooks.c, src/load_plugins.c,
	src/net_ifs.c, src/preserve_fds.c,
	src/regress/ttyname/check_ttyname.c, src/selinux.c, src/sudo.c,
	src/ttyname.c:
	efree -> sudo_efree for consistency
	[7dfd16fbb6cf]

	* doc/sudo.cat, doc/sudo.conf.cat, doc/sudo_plugin.cat,
	doc/sudoers.cat, doc/sudoreplay.cat, doc/visudo.cat:
	regen
	[a1d38600d34c]

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in, plugins/sudoers/ldap.c:
	Add support for base64 secrets in ldap.conf and ldap.secret. Based
	on an idea from anthony AT rlost DOT com
	[4999b78f8b6d]

2014-07-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkpkg:
	Don't use the HP compiler in preference to gcc. Some versions have
	trouble compiling lbuf.c.
	[322daf03ab6f]

2014-07-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac, plugins/group_file/Makefile.in,
	plugins/sample/Makefile.in, plugins/sudoers/Makefile.in,
	plugins/system_group/Makefile.in, src/Makefile.in:
	Remove @SOEXT@ and @SHLIB_EXT@ now that we use libtool to install
	shared objects. Instead, use the new @SHLIB_ENABLE@ that is set to
	the value of $enable_dlopen. For sudo_noexec.so there is nothing
	special to do since the install-noexec target is only called when
	noexec is enabled by configure.
	[4447190f212b]

	* configure, configure.ac:
	Make dynamic shared objects non-writable on HP-UX. Using writable
	DSOs can substantially increase the load time.
	[8715aff11063]

	* include/fatal.h, lib/util/fatal.c, lib/util/util.exp,
	plugins/sudoers/locale.c, src/locale_stub.c:
	Add sudo_warn_strerror() that wraps strerror() with calls to
	setlocale() in sudoers so we always get the error string in the
	user's locale. Also change _warning() to take the error number as a
	parameter instead of examining errno.
	[cc38a8389a7b]

2014-07-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in, lib/util/Makefile.in, plugins/group_file/Makefile.in,
	plugins/sample/Makefile.in, plugins/sudoers/Makefile.in,
	plugins/system_group/Makefile.in, src/Makefile.in:
	Avoid a cppcheck warning when NSIG is not defined.
	[f8e5e92bab60]

	* include/missing.h:
	Fix typos in utimes/futimes macros.
	[10f022d933c2]

2014-07-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure:
	regen
	[e351d905c0c9]

	* configure.ac:
	Fix sudo when --disable-shared configure option was specified.
	[07899f6b43f0]

2014-06-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac, lib/util/Makefile.in,
	plugins/group_file/Makefile.in, plugins/sample/Makefile.in,
	plugins/sudoers/Makefile.in, plugins/system_group/Makefile.in,
	src/Makefile.in:
	Use libtool to install/uninstall the plugins and sudo_noexec.
	[18ae09c53f2e]

2014-07-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, m4/libtool.m4:
	Do not set an internal name for HP-UX modules, only archives. This
	works around a problem with some versions of HP-UX ld where setting
	an internal name that doesn't end in .sl causes link errors.
	[9a049adb22aa]

	* plugins/group_file/Makefile.in, plugins/sample/Makefile.in,
	plugins/system_group/Makefile.in:
	Never build build static versions of other plugins.
	[52123c4c17bc]

	* lib/util/Makefile.in:
	Don't build a static libsudo_util.a unless we are linking sudoers
	statically.
	[9c3327977dff]

2014-06-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, ltmain.sh, m4/libtool.m4:
	Fix my typos in the HP-UX libtool patch
	[6e70066d86bb]

2014-06-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Mention Solaris audit.
	[d90efa19ca16]

	* INSTALL, MANIFEST, config.h.in, configure, configure.ac, mkdep.pl,
	plugins/sudoers/Makefile.in, plugins/sudoers/audit.c,
	plugins/sudoers/solaris_audit.c, plugins/sudoers/solaris_audit.h:
	Add Solaris audit support; from Gary Winiger at Oracle.
	[6f68a27e53f5]

	* MANIFEST:
	Sync MANIFEST with file name changes.
	[d9958df5f9da]

	* plugins/sudoers/toke.c:
	regen
	[ad82b20093c3]

	* include/sudo_util.h, lib/util/Makefile.in, lib/util/atobool.c,
	lib/util/atoid.c, lib/util/atomode.c, lib/util/getgrouplist.c,
	lib/util/gidlist.c, lib/util/regress/atofoo/atofoo_test.c,
	lib/util/strtobool.c, lib/util/strtoid.c, lib/util/strtomode.c,
	lib/util/sudo_conf.c, lib/util/util.exp,
	plugins/group_file/getgrent.c, plugins/sudoers/defaults.c,
	plugins/sudoers/iolog.c, plugins/sudoers/ldap.c,
	plugins/sudoers/match.c, plugins/sudoers/policy.c,
	plugins/sudoers/pwutil.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/tsgetgrpw.c, plugins/sudoers/visudo_json.c,
	plugins/system_group/system_group.c, src/sudo.c:
	atobool -> sudo_strtobool atoid-> sudo_strtoid atomode ->
	sudo_strtomode
	[aefe6f09f4a4]

	* lib/util/alloc.c, lib/util/event_select.c:
	Fix regexp damage when renaming erecalloc() -> sudo_erecalloc()
	[d772a34032cc]

	* src/sudo_edit.c:
	Handle systems like AIX that lack a way to set the modification time
	on open fds.
	[b93c0a55c21b]

	* MANIFEST:
	update MANIFEST for alloc.h -> sudo_alloc.h change
	[ce240c682554]

	* include/alloc.h, include/sudo_alloc.h, lib/util/Makefile.in,
	lib/util/aix.c, lib/util/alloc.c, lib/util/event.c,
	lib/util/event_poll.c, lib/util/event_select.c, lib/util/fatal.c,
	lib/util/gidlist.c, lib/util/lbuf.c, lib/util/sudo_conf.c,
	lib/util/sudo_debug.c, lib/util/util.exp,
	plugins/sudoers/Makefile.in, plugins/sudoers/alias.c,
	plugins/sudoers/auth/bsdauth.c, plugins/sudoers/auth/kerb5.c,
	plugins/sudoers/auth/pam.c, plugins/sudoers/auth/rfc1938.c,
	plugins/sudoers/auth/sia.c, plugins/sudoers/defaults.c,
	plugins/sudoers/env.c, plugins/sudoers/find_path.c,
	plugins/sudoers/getspwuid.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/group_plugin.c,
	plugins/sudoers/interfaces.c, plugins/sudoers/iolog.c,
	plugins/sudoers/iolog_path.c, plugins/sudoers/ldap.c,
	plugins/sudoers/linux_audit.c, plugins/sudoers/locale.c,
	plugins/sudoers/logging.c, plugins/sudoers/match.c,
	plugins/sudoers/parse.c, plugins/sudoers/policy.c,
	plugins/sudoers/prompt.c, plugins/sudoers/pwutil.c,
	plugins/sudoers/pwutil_impl.c, plugins/sudoers/redblack.c,
	plugins/sudoers/sssd.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c,
	src/Makefile.in, src/conversation.c, src/env_hooks.c, src/exec.c,
	src/exec_common.c, src/exec_pty.c, src/hooks.c, src/load_plugins.c,
	src/net_ifs.c, src/parse_args.c, src/preserve_fds.c,
	src/regress/ttyname/check_ttyname.c, src/selinux.c, src/sesh.c,
	src/sudo.c, src/sudo.h, src/sudo_edit.c, src/ttyname.c:
	Add sudo_ prefix to alloc.c functions and rename alloc.h ->
	sudo_alloc.h
	[3a19f5391442]

	* lib/util/fatal.c:
	Remove extra sudo_ prefix from vfatalxnodebug and vfatalx_nodebug.
	[819ad8075005]

	* MANIFEST, include/fileops.h, include/sudo_util.h,
	lib/util/Makefile.in, lib/util/fileops.c, lib/util/locking.c,
	lib/util/parseln.c, lib/util/regress/sudo_parseln/parseln_test.c,
	lib/util/sudo_conf.c, plugins/sudoers/Makefile.in,
	plugins/sudoers/sudoers.h, src/Makefile.in, src/sudo.h:
	Split fileops.c into parseln.c and locking.c
	[361ea81e88d9]

	* include/fatal.h, include/gettext.h, lib/util/aix.c,
	lib/util/alloc.c, lib/util/fatal.c, lib/util/getopt_long.c,
	lib/util/gidlist.c, lib/util/regress/atofoo/atofoo_test.c,
	lib/util/regress/tailq/hltq_test.c, lib/util/sudo_conf.c,
	lib/util/util.exp, plugins/sudoers/auth/fwtk.c,
	plugins/sudoers/auth/rfc1938.c, plugins/sudoers/auth/securid5.c,
	plugins/sudoers/bsm_audit.c, plugins/sudoers/defaults.c,
	plugins/sudoers/env.c, plugins/sudoers/group_plugin.c,
	plugins/sudoers/iolog.c, plugins/sudoers/ldap.c,
	plugins/sudoers/linux_audit.c, plugins/sudoers/locale.c,
	plugins/sudoers/logging.c, plugins/sudoers/match.c,
	plugins/sudoers/policy.c, plugins/sudoers/prompt.c,
	plugins/sudoers/pwutil.c,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/parser/check_addr.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sssd.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/timestamp.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l,
	plugins/sudoers/toke_util.c, plugins/sudoers/visudo.c,
	plugins/sudoers/visudo_json.c, src/exec.c, src/exec_common.c,
	src/exec_pty.c, src/hooks.c, src/load_plugins.c, src/locale_stub.c,
	src/net_ifs.c, src/parse_args.c, src/selinux.c, src/sesh.c,
	src/signal.c, src/solaris.c, src/sudo.c, src/sudo_edit.c,
	src/tgetpass.c, src/ttyname.c, src/utmp.c:
	Rename warning/fatal -> sudo_warn/sudo_fatal to avoid namespace
	pollution in libsudo_util.so.
	[4eb69f501113]

2014-06-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/sudo_util.h, lib/util/term.c, lib/util/ttysize.c,
	lib/util/util.exp, plugins/sudoers/sudoreplay.c, src/exec_pty.c,
	src/sudo.c, src/tgetpass.c:
	Reduce name space pollution in libsudo_util.so
	[215e4413529a]

	* src/solaris.c:
	Use sudo_dso_load() from libsudo_util.so instead of dlopen() since
	we no longer link sudo directly with libdl.so.
	[fe6942873c2d]

	* MANIFEST, Makefile.in, include/lbuf.h, include/sudo_lbuf.h,
	lib/util/Makefile.in, lib/util/lbuf.c, lib/util/util.exp,
	plugins/sudoers/Makefile.in, plugins/sudoers/ldap.c,
	plugins/sudoers/parse.c, plugins/sudoers/sssd.c,
	plugins/sudoers/sudo_nss.c, plugins/sudoers/sudo_nss.h,
	plugins/sudoers/sudoers.h, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l, src/Makefile.in, src/parse_args.c:
	Don't pollute the namespace with lbuf struct and functions
	[7859e3c22fb9]

	* include/sudo_util.h, lib/util/gidlist.c, lib/util/util.exp,
	plugins/sudoers/policy.c, src/sudo.c:
	Rename parse_gid_list -> sudo_parse_gids to avoid namespace
	pollution.
	[d88f3cab97e1]

	* MANIFEST, include/sudo_util.h, lib/util/Makefile.in,
	lib/util/fmt_string.c, lib/util/key_val.c, lib/util/util.exp,
	plugins/sample/sample_plugin.c, plugins/sudoers/policy.c,
	src/Makefile.in, src/exec_common.c, src/parse_args.c, src/sudo.c:
	Rename fmt_string -> sudo_new_key_val to better describe its
	function.
	[f9061e319cc3]

	* include/fileops.h, lib/util/fileops.c, lib/util/util.exp,
	plugins/sudoers/iolog.c, plugins/sudoers/ldap.c,
	plugins/sudoers/logging.c, plugins/sudoers/timestamp.c,
	plugins/sudoers/visudo.c, src/sudo_edit.c:
	Remove touch() from fileops.c and just call utimes/futimes directly.
	Rename lock_file -> sudo_lock_file to avoid namespace pollution
	[ec08128b6900]

	* NEWS, configure, configure.ac:
	Sudo 1.8.11
	[5fb775825aab]

	* include/fatal.h, lib/util/fatal.c, lib/util/util.exp,
	plugins/sudoers/iolog.c, plugins/sudoers/policy.c,
	plugins/sudoers/sudoers.c:
	Remove use of setjmp/longjmp in the sudoers plugin. We no longer
	call fatal() except in the malloc wrappers and due to libsudo_util
	there is now a single copy of fatal/fatalx.
	[109407210f9c]

	* MANIFEST, Makefile.in, doc/Makefile.in, include/alloc.h,
	include/compat/fnmatch.h, include/compat/getaddrinfo.h,
	include/compat/getopt.h, include/compat/glob.h,
	include/compat/sha2.h, include/fatal.h, include/fileops.h,
	include/lbuf.h, include/missing.h, include/secure_path.h,
	include/sudo_conf.h, include/sudo_debug.h, include/sudo_dso.h,
	include/sudo_event.h, include/sudo_util.h, install-sh,
	lib/util/Makefile.in, lib/util/fatal.c, lib/util/getaddrinfo.c,
	lib/util/pw_dup.c, lib/util/regress/fnmatch/fnm_test.c,
	lib/util/sudo_dso.c, lib/util/sudo_printf.c, lib/util/term.c,
	lib/util/util.exp, plugins/group_file/Makefile.in,
	plugins/sample/Makefile.in, plugins/sudoers/Makefile.in,
	plugins/sudoers/match.c,
	plugins/sudoers/regress/parser/check_digest.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l, plugins/sudoers/visudo.c,
	plugins/system_group/Makefile.in, src/Makefile.in, src/parse_args.c,
	src/preload.c:
	Add exported libsudo_util functions to util.exp and mark in headers
	using __dso_public.
	[18faff6ab915]

	* config.h.in, configure, configure.ac, include/compat/fnmatch.h,
	include/compat/getaddrinfo.h, include/compat/getopt.h,
	include/compat/glob.h, include/missing.h, lib/util/clock_gettime.c,
	lib/util/closefrom.c, lib/util/fnmatch.c, lib/util/getaddrinfo.c,
	lib/util/getcwd.c, lib/util/getgrouplist.c, lib/util/getline.c,
	lib/util/getopt_long.c, lib/util/glob.c, lib/util/inet_pton.c,
	lib/util/memrchr.c, lib/util/memset_s.c, lib/util/mktemp.c,
	lib/util/pw_dup.c, lib/util/sig2str.c, lib/util/snprintf.c,
	lib/util/strlcat.c, lib/util/strlcpy.c, lib/util/strsignal.c,
	lib/util/strtonum.c, lib/util/utimes.c:
	Prefix all libc replacements with sudo_ and #define the real name to
	the sudo_ version. That way we don't pollute the libc namespace.
	[5cf7101479b8]

	* .hgignore, MANIFEST, Makefile.in, common/Makefile.in, common/aix.c,
	common/alloc.c, common/atobool.c, common/atoid.c, common/atomode.c,
	common/event.c, common/event_poll.c, common/event_select.c,
	common/fatal.c, common/fileops.c, common/fmt_string.c,
	common/gidlist.c, common/lbuf.c, common/progname.c,
	common/regress/atofoo/atofoo_test.c,
	common/regress/sudo_conf/conf_test.c,
	common/regress/sudo_conf/test1.in,
	common/regress/sudo_conf/test1.out.ok,
	common/regress/sudo_conf/test2.in,
	common/regress/sudo_conf/test2.out.ok,
	common/regress/sudo_conf/test3.in,
	common/regress/sudo_conf/test3.out.ok,
	common/regress/sudo_conf/test4.in,
	common/regress/sudo_conf/test4.out.ok,
	common/regress/sudo_conf/test5.err.ok,
	common/regress/sudo_conf/test5.in,
	common/regress/sudo_conf/test5.out.ok,
	common/regress/sudo_conf/test6.in,
	common/regress/sudo_conf/test6.out.ok,
	common/regress/sudo_parseln/parseln_test.c,
	common/regress/sudo_parseln/test1.in,
	common/regress/sudo_parseln/test1.out.ok,
	common/regress/sudo_parseln/test2.in,
	common/regress/sudo_parseln/test2.out.ok,
	common/regress/sudo_parseln/test3.in,
	common/regress/sudo_parseln/test3.out.ok,
	common/regress/sudo_parseln/test4.in,
	common/regress/sudo_parseln/test4.out.ok,
	common/regress/sudo_parseln/test5.in,
	common/regress/sudo_parseln/test5.out.ok,
	common/regress/sudo_parseln/test6.in,
	common/regress/sudo_parseln/test6.out.ok,
	common/regress/tailq/hltq_test.c, common/secure_path.c,
	common/setgroups.c, common/sudo_conf.c, common/sudo_debug.c,
	common/sudo_dso.c, common/sudo_printf.c, common/term.c,
	common/ttysize.c, compat/Makefile.in, compat/charclass.h,
	compat/clock_gettime.c, compat/closefrom.c, compat/endian.h,
	compat/fnmatch.c, compat/fnmatch.h, compat/getaddrinfo.c,
	compat/getaddrinfo.h, compat/getcwd.c, compat/getgrouplist.c,
	compat/getline.c, compat/getopt.h, compat/getopt_long.c,
	compat/glob.c, compat/glob.h, compat/inet_pton.c, compat/isblank.c,
	compat/memrchr.c, compat/memset_s.c, compat/mksiglist.c,
	compat/mksiglist.h, compat/mksigname.c, compat/mksigname.h,
	compat/mktemp.c, compat/nss_dbdefs.h, compat/pw_dup.c,
	compat/regress/fnmatch/fnm_test.c,
	compat/regress/fnmatch/fnm_test.in, compat/regress/glob/files,
	compat/regress/glob/globtest.c, compat/regress/glob/globtest.in,
	compat/sha2.c, compat/sha2.h, compat/sig2str.c, compat/siglist.in,
	compat/snprintf.c, compat/stdbool.h, compat/strlcat.c,
	compat/strlcpy.c, compat/strsignal.c, compat/strtonum.c,
	compat/timespec.h, compat/utime.h, compat/utimes.c, configure,
	configure.ac, include/compat/charclass.h, include/compat/endian.h,
	include/compat/fnmatch.h, include/compat/getaddrinfo.h,
	include/compat/getopt.h, include/compat/glob.h,
	include/compat/mksiglist.h, include/compat/mksigname.h,
	include/compat/nss_dbdefs.h, include/compat/sha2.h,
	include/compat/stdbool.h, include/compat/timespec.h,
	include/compat/utime.h, lib/util/Makefile.in, lib/util/aix.c,
	lib/util/alloc.c, lib/util/atobool.c, lib/util/atoid.c,
	lib/util/atomode.c, lib/util/clock_gettime.c, lib/util/closefrom.c,
	lib/util/event.c, lib/util/event_poll.c, lib/util/event_select.c,
	lib/util/fatal.c, lib/util/fileops.c, lib/util/fmt_string.c,
	lib/util/fnmatch.c, lib/util/getaddrinfo.c, lib/util/getcwd.c,
	lib/util/getgrouplist.c, lib/util/getline.c, lib/util/getopt_long.c,
	lib/util/gidlist.c, lib/util/glob.c, lib/util/inet_pton.c,
	lib/util/isblank.c, lib/util/lbuf.c, lib/util/memrchr.c,
	lib/util/memset_s.c, lib/util/mksiglist.c, lib/util/mksigname.c,
	lib/util/mktemp.c, lib/util/progname.c, lib/util/pw_dup.c,
	lib/util/regress/atofoo/atofoo_test.c,
	lib/util/regress/fnmatch/fnm_test.c,
	lib/util/regress/fnmatch/fnm_test.in, lib/util/regress/glob/files,
	lib/util/regress/glob/globtest.c, lib/util/regress/glob/globtest.in,
	lib/util/regress/sudo_conf/conf_test.c,
	lib/util/regress/sudo_conf/test1.in,
	lib/util/regress/sudo_conf/test1.out.ok,
	lib/util/regress/sudo_conf/test2.in,
	lib/util/regress/sudo_conf/test2.out.ok,
	lib/util/regress/sudo_conf/test3.in,
	lib/util/regress/sudo_conf/test3.out.ok,
	lib/util/regress/sudo_conf/test4.in,
	lib/util/regress/sudo_conf/test4.out.ok,
	lib/util/regress/sudo_conf/test5.err.ok,
	lib/util/regress/sudo_conf/test5.in,
	lib/util/regress/sudo_conf/test5.out.ok,
	lib/util/regress/sudo_conf/test6.in,
	lib/util/regress/sudo_conf/test6.out.ok,
	lib/util/regress/sudo_parseln/parseln_test.c,
	lib/util/regress/sudo_parseln/test1.in,
	lib/util/regress/sudo_parseln/test1.out.ok,
	lib/util/regress/sudo_parseln/test2.in,
	lib/util/regress/sudo_parseln/test2.out.ok,
	lib/util/regress/sudo_parseln/test3.in,
	lib/util/regress/sudo_parseln/test3.out.ok,
	lib/util/regress/sudo_parseln/test4.in,
	lib/util/regress/sudo_parseln/test4.out.ok,
	lib/util/regress/sudo_parseln/test5.in,
	lib/util/regress/sudo_parseln/test5.out.ok,
	lib/util/regress/sudo_parseln/test6.in,
	lib/util/regress/sudo_parseln/test6.out.ok,
	lib/util/regress/tailq/hltq_test.c, lib/util/secure_path.c,
	lib/util/setgroups.c, lib/util/sha2.c, lib/util/sig2str.c,
	lib/util/siglist.in, lib/util/snprintf.c, lib/util/strlcat.c,
	lib/util/strlcpy.c, lib/util/strsignal.c, lib/util/strtonum.c,
	lib/util/sudo_conf.c, lib/util/sudo_debug.c, lib/util/sudo_dso.c,
	lib/util/sudo_printf.c, lib/util/term.c, lib/util/ttysize.c,
	lib/util/utimes.c, lib/zlib/Makefile.in, lib/zlib/adler32.c,
	lib/zlib/compress.c, lib/zlib/crc32.c, lib/zlib/crc32.h,
	lib/zlib/deflate.c, lib/zlib/deflate.h, lib/zlib/gzclose.c,
	lib/zlib/gzguts.h, lib/zlib/gzlib.c, lib/zlib/gzread.c,
	lib/zlib/gzwrite.c, lib/zlib/infback.c, lib/zlib/inffast.c,
	lib/zlib/inffast.h, lib/zlib/inffixed.h, lib/zlib/inflate.c,
	lib/zlib/inflate.h, lib/zlib/inftrees.c, lib/zlib/inftrees.h,
	lib/zlib/trees.c, lib/zlib/trees.h, lib/zlib/uncompr.c,
	lib/zlib/zconf.h.in, lib/zlib/zlib.h, lib/zlib/zutil.c,
	lib/zlib/zutil.h, plugins/group_file/Makefile.in,
	plugins/sample/Makefile.in, plugins/sudoers/Makefile.in,
	plugins/system_group/Makefile.in, po/README, po/ca.mo, po/ca.po,
	po/cs.mo, po/cs.po, po/da.mo, po/da.po, po/de.mo, po/de.po,
	po/eo.mo, po/eo.po, po/es.mo, po/es.po, po/eu.mo, po/eu.po,
	po/fi.mo, po/fi.po, po/fr.mo, po/fr.po, po/gl.mo, po/gl.po,
	po/hr.mo, po/hr.po, po/it.mo, po/it.po, po/ja.mo, po/ja.po,
	po/nb.mo, po/nb.po, po/nl.mo, po/nl.po, po/pl.mo, po/pl.po,
	po/pt_BR.mo, po/pt_BR.po, po/ru.mo, po/ru.po, po/sl.mo, po/sl.po,
	po/sr.mo, po/sr.po, po/sudo.pot, po/sv.mo, po/sv.po, po/tr.mo,
	po/tr.po, po/uk.mo, po/uk.po, po/vi.mo, po/vi.po, po/zh_CN.mo,
	po/zh_CN.po, src/Makefile.in, src/po/README, src/po/ca.mo,
	src/po/ca.po, src/po/cs.mo, src/po/cs.po, src/po/da.mo,
	src/po/da.po, src/po/de.mo, src/po/de.po, src/po/eo.mo,
	src/po/eo.po, src/po/es.mo, src/po/es.po, src/po/eu.mo,
	src/po/eu.po, src/po/fi.mo, src/po/fi.po, src/po/fr.mo,
	src/po/fr.po, src/po/gl.mo, src/po/gl.po, src/po/hr.mo,
	src/po/hr.po, src/po/it.mo, src/po/it.po, src/po/ja.mo,
	src/po/ja.po, src/po/nb.mo, src/po/nb.po, src/po/nl.mo,
	src/po/nl.po, src/po/pl.mo, src/po/pl.po, src/po/pt_BR.mo,
	src/po/pt_BR.po, src/po/ru.mo, src/po/ru.po, src/po/sl.mo,
	src/po/sl.po, src/po/sr.mo, src/po/sr.po, src/po/sudo.pot,
	src/po/sv.mo, src/po/sv.po, src/po/tr.mo, src/po/tr.po,
	src/po/uk.mo, src/po/uk.po, src/po/vi.mo, src/po/vi.po,
	src/po/zh_CN.mo, src/po/zh_CN.po, zlib/Makefile.in, zlib/adler32.c,
	zlib/compress.c, zlib/crc32.c, zlib/crc32.h, zlib/deflate.c,
	zlib/deflate.h, zlib/gzclose.c, zlib/gzguts.h, zlib/gzlib.c,
	zlib/gzread.c, zlib/gzwrite.c, zlib/infback.c, zlib/inffast.c,
	zlib/inffast.h, zlib/inffixed.h, zlib/inflate.c, zlib/inflate.h,
	zlib/inftrees.c, zlib/inftrees.h, zlib/trees.c, zlib/trees.h,
	zlib/uncompr.c, zlib/zconf.h.in, zlib/zlib.h, zlib/zutil.c,
	zlib/zutil.h:
	Top level directory reorg Move src/po -> po Combine common and
	compat -> lib/util Move zlib -> lib/zlib
	[d699ccb60e7e]

	* configure, ltmain.sh, m4/libtool.m4:
	libtool patches for HP-UX to support DESTDIR
	[9df98a9582bd]

	* pp:
	Update polypkg from trunk.
	[4dc362248196]

	* plugins/sudoers/sssd.c, plugins/sudoers/sudo_nss.c:
	Fix sssd compiler warnings and fix the sha2 digest support.
	[2975b030b298]

2014-06-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	Don't call gss_krb5_ccache_name() with a NULL pointer when restoring
	the old credential cache file name. This can happen if there was no
	old name returned by gss_krb5_ccache_name(). Fixes a crash on
	kerberized LDAP on some platforms.
	[4090029e463e]

2014-06-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, doc/CONTRIBUTORS, plugins/sudoers/po/el.mo,
	plugins/sudoers/po/el.po:
	Add Greek PO file for sudoers from translationproject.org
	[6c0cc2def911]

2014-05-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c, src/exec_pty.c:
	Ignore signals sent by the command's process group, not just the
	command itself. If we cannot determine the process group ID of the
	sender (as it may no longer exist), just check the process ID.
	[7ffa2eefd3c0]

2014-05-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c:
	In handler_user_only() only forward the signal if it was not
	generated by the command. This should fix a problem with programs
	that catch SIGTSTP, perform cleanup, and then re-send the signal to
	their process group (of which sudo is the leader).
	[d590c899e194]

	* src/exec.c, src/exec_pty.c, src/signal.c:
	Handle EINTR from write(2) when writing to pipes and socket pairs.
	[d26a40d21d7a]

2014-05-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/po/nb.mo, plugins/sudoers/po/nb.po:
	Norwegian Bokmaal translation for sudoers from
	translationproject.com
	[92e4aea46c1e]

2014-05-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, doc/CONTRIBUTORS, src/po/nb.mo, src/po/nb.po:
	Norwegian Bokmaal translation for sudo from translationproject.com
	[3497f74028fe]

2014-05-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/visudo.cat, doc/visudo.man.in, doc/visudo.mdoc.in,
	plugins/sudoers/visudo.c:
	Try to be clearer about which are the input and output files in
	export mode.
	[66167511a410]

	* plugins/sudoers/visudo_json.c:
	In -x mode, require that the input and output files be different.
	This won't currently catch collisions between the output file and an
	include file.
	[0c19b82a75e7]

	* plugins/sudoers/bsm_audit.h, plugins/sudoers/linux_audit.h:
	BSM and Linux audit do not yet use the argc function argument.
	[3291695d1dfb]

	* plugins/sudoers/audit.c, plugins/sudoers/auth/sia.c,
	plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/bsm_audit.c,
	plugins/sudoers/bsm_audit.h, plugins/sudoers/linux_audit.h,
	plugins/sudoers/logging.c, plugins/sudoers/logging.h,
	plugins/sudoers/sudoers.c:
	Pass argc to audit functions too. Will be needed for Solaris audit
	support.
	[d2114897a44e]

2014-05-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/fatal.c, include/fatal.h, plugins/sudoers/policy.c:
	Do not allow the same callback function to be registered more that
	once in fatal_callback_register(). Add fatal_callback_deregister()
	to deregister a callback.
	[eff74fb9d274]

	* MANIFEST, plugins/sudoers/regress/sudoers/test15.in,
	plugins/sudoers/regress/sudoers/test15.out.ok,
	plugins/sudoers/regress/sudoers/test15.toke.ok,
	plugins/sudoers/regress/sudoers/test16.in,
	plugins/sudoers/regress/sudoers/test16.out.ok,
	plugins/sudoers/regress/sudoers/test16.toke.ok:
	Add trivial sudoedit parsing tests.
	[291ba6f4d6fd]

	* MANIFEST, plugins/sudoers/po/ca.mo, plugins/sudoers/po/ca.po:
	Catalan translation for sudoers from translationproject.org.
	[b102f8cfeed1]

2014-05-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po,
	src/po/ca.mo, src/po/ca.po, src/po/gl.mo, src/po/gl.po:
	Sync with translationproject.org
	[62e5b4842834]

2014-05-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac:
	lockf() is broken on the Hurd -- use flock instead Bug #647
	[7b8935a0c8b9]

	* plugins/sudoers/visudo.c:
	Don't try to install the temporary sudoers file if we didn't edit
	it. By default, visudo does not edit files in a #includedir. Fixes a
	NULL pointer defef on GNU hurd; Bug #647
	[3a677c4773e5]

2014-05-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/regress/ttyname/check_ttyname.c:
	When comparing tty names, resolve the tty for fds 0-3 and compare
	each one instead of just using the first that resolves.
	[c37946b280a5]

	* compat/getgrouplist.c, configure, configure.ac:
	Solaris 8 doesn't export _nss_initf_group() so we need to provide
	out own for getgrouplist().
	[d494b39e9376]

2014-05-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/getgrouplist.c, plugins/group_file/group_file.c,
	plugins/system_group/system_group.c:
	deal with NULL gr_mem here too
	[0db43ed71001]

	* NEWS, configure, configure.ac:
	Sudo 1.8.10p3
	[3f415a180023]

2014-05-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/auth/bsdauth.c, plugins/sudoers/auth/kerb5.c,
	plugins/sudoers/auth/pam.c, plugins/sudoers/auth/sia.c,
	plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/check.c,
	plugins/sudoers/env.c, plugins/sudoers/iolog.c,
	plugins/sudoers/logging.c, plugins/sudoers/logging.h,
	plugins/sudoers/parse.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/timestamp.c:
	Rename log_warning flags and only send mail if SLOG_SEND_MAIL is set
	instead of mailing by default like we used to.
	[5b3882833aa1]

	* plugins/sudoers/auth/bsdauth.c, plugins/sudoers/auth/kerb5.c,
	plugins/sudoers/auth/pam.c, plugins/sudoers/auth/sia.c,
	plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/check.c,
	plugins/sudoers/env.c, plugins/sudoers/iolog.c,
	plugins/sudoers/logging.c, plugins/sudoers/logging.h,
	plugins/sudoers/parse.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/timestamp.c:
	Add log_warningx
	[feef646cb8b1]

	* src/exec_pty.c:
	Add debugging info for when we delete I/O events that still have
	buffered data in them.
	[7f17992cdf22]

	* common/event.c:
	Fix non-blocking mode. We only want to exit the event loop when
	poll() or select() returns 0 and there are no active events. This
	fixes a problem on some systems where the last buffer was not being
	written when the command exited.
	[deb6b1a7b241]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Change return value of switch_dir() to an int so we can distinguish
	between an error and an empty dir in push_includedir().
	[d0462b84782e]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Move code to fill in the list of dirs out of switch_dir and into its
	own function. Quiets a false positive from cppcheck which got
	confused due to variable reuse.
	[6d6296f46255]

	* plugins/sudoers/audit.c:
	Avoid unused variable warning if auditing is not supported.
	[5e6fd2ffe039]

2014-05-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in:
	Fix library order when linking binaries.
	[3fec51f98ae1]

	* plugins/sudoers/getdate.c, plugins/sudoers/getdate.y:
	Include limits.h and inttypes.h for SIZE_MAX define.
	[41f8be660384]

	* include/missing.h, plugins/sudoers/env.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y:
	Move SIZE_MAX compat define into missing.h where it belongs.
	[1bb108cf9df3]

2014-04-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog.c, plugins/sudoers/logging.c,
	plugins/sudoers/logging.h, plugins/sudoers/policy.c,
	plugins/sudoers/sudoers.c:
	Remove now-unused log_fatal()
	[53478df3bb1e]

	* plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/env.c, plugins/sudoers/ldap.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h:
	Eliminate calls to fatal()/fatalx()/log_fatal() in env.c and just
	pass back a return value.
	[d7f2be8f2740]

2014-04-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/boottime.c, plugins/sudoers/sudoers.h:
	Make get_boottime() return bool.
	[9ff15a995d01]

	* doc/CONTRIBUTORS, plugins/sudoers/boottime.c:
	Fix fd leak on Linux when determing boot time. This is usually
	masked by the closefrom() call in sudo. From Jamie Anderson. Bug
	#645
	[0b4c430e8b88]

2014-04-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/audit.c:
	Handle the (currently impossible) case where both BSM and Linux
	auditing are supported. Pacifies cppcheck.
	[899cd6b5e487]

	* plugins/sudoers/iolog.c:
	Don't call ferror() on a closed stream, just check the return value
	of fclose() instead. Found by cppcheck.
	[e843f3c8f5d8]

2014-04-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/CONTRIBUTORS, plugins/sudoers/auth/pam.c:
	Use calloc() instead of malloc(n * s) followed by memset(). From
	Jean-Philippe Ouellet.
	[f416cebd3d8e]

	* plugins/sudoers/sudoers.c:
	Format string safety in error path.
	[956fd6dbba80]

	* common/alloc.c, common/event_poll.c, common/gidlist.c,
	common/sudo_conf.c, include/alloc.h, plugins/sudoers/auth/sia.c,
	plugins/sudoers/env.c, plugins/sudoers/group_plugin.c,
	plugins/sudoers/ldap.c, plugins/sudoers/pwutil_impl.c,
	plugins/sudoers/sssd.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/visudo.c,
	src/env_hooks.c, src/exec_common.c, src/parse_args.c, src/selinux.c,
	src/sudo.c, src/sudo_edit.c, src/ttyname.c:
	Rename emalloc2() -> emallocarray() and erealloc3() ->
	ereallocarray().
	[db3941093c68]

	* compat/Makefile.in, mkdep.pl, plugins/sudoers/Makefile.in:
	Add missing rule for building sha2.lo when not supported by libc or
	libmd.
	[70a16e10ddcd]

2014-04-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.in:
	Disable I/O logging for halt and poweroff in addition to reboot in
	commented out example.
	[40a7f11686ce]

	* doc/CONTRIBUTORS, plugins/sudoers/auth/pam.c:
	Use PAM_REINITIALIZE_CRED instead of PAM_ESTABLISH_CRED when
	changing the user. This is the correct flag to use with a program
	that changes the uid like su or sudo and fixes a role problem on
	Solaris. From Gary Winiger; Bug #642
	[ec23c3bf41bb]

	* plugins/sudoers/defaults.c:
	pam_setcred should default to true; from Gary Winiger Bug #642
	[23e6628ec546]

2014-04-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c, plugins/sudoers/logging.c,
	plugins/sudoers/parse.c, plugins/sudoers/policy.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/testsudoers.c,
	plugins/sudoers/timestamp.c:
	Make set_perms() and restore_perms() return an error instead of
	calling exit() on failure.
	[b1a1a36abdb4]

	* plugins/sudoers/sudoers.c:
	Eliminate calls to fatal() in sudoers.c and just pass back a return
	value.
	[e4d87a036f6d]

	* plugins/sudoers/logging.c:
	Elimate calls to fatal() in the logging code.
	[9847acdf7066]

2014-04-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/regress/atofoo/atofoo_test.c:
	Quiet a compiler warning on Solaris.
	[3b9827834800]

	* MANIFEST, common/Makefile.in, compat/Makefile.in, compat/sha2.c,
	compat/sha2.h, config.h.in, configure, configure.ac, m4/sudo.m4,
	plugins/sudoers/Makefile.in, plugins/sudoers/gram.c,
	plugins/sudoers/gram.h, plugins/sudoers/gram.y,
	plugins/sudoers/match.c,
	plugins/sudoers/regress/parser/check_digest.c,
	plugins/sudoers/regress/sudoers/test14.toke.ok,
	plugins/sudoers/sha2.c, plugins/sudoers/sha2.h,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Move the sha2 code into libreplace and add configure checks for
	SHA224Update in libc and libmd. Solaris uses "void *" where we use
	"unsigned char *" so we need a check for that too. Solaris sha2.h
	defines SHA224, SHA256, SHA384, and SHA512 so rename those tokens.
	Adapted from changes from Vladimir Marek in bug #641.
	[cd02732f0704]

	* MANIFEST, plugins/sudoers/match.c,
	plugins/sudoers/regress/testsudoers/test6.out.ok,
	plugins/sudoers/regress/testsudoers/test6.sh,
	plugins/sudoers/regress/testsudoers/test7.out.ok,
	plugins/sudoers/regress/testsudoers/test7.sh:
	Fix matching of uids and gids broken in sudo 1.8.9.
	[315eff4add59]

	* plugins/sudoers/testsudoers.c:
	Fix -P option in usage()
	[50753b6222b7]

2014-04-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/check.c, plugins/sudoers/prompt.c,
	plugins/sudoers/set_perms.c:
	Remove a few more unnecessary uses of fatal().
	[8cfb205831dc]

	* plugins/sudoers/auth/sudo_auth.c:
	Use log_warning() not log_fatal() for the "Invalid authentication
	methods compiled into sudo" message. We return -1 on error anyway.
	[c8da5cf74348]

	* plugins/sudoers/policy.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	Return MODE_ERROR from sudoers_policy_deserialize_info() instead of
	calling fatalx().
	[6faefdd188f2]

	* common/gidlist.c, src/sudo.c:
	parse_gid_list() now returns -1 on error instead of calling
	fatalx().
	[ccf19c4a0d5b]

2014-04-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c:
	Forward SIGINFO to running command if supported. If the command is
	being run in the background (or exec_background is set in sudoers),
	it is the sudo process, not the actual command, that receives the
	^T.
	[d2b020bdf0d5]

	* plugins/sudoers/defaults.h, plugins/sudoers/iolog.c,
	plugins/sudoers/iolog_path.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/testsudoers.c:
	Remove calls to log_fatal() in I/O log functions and just pass an
	error back to the caller.
	[e89593d9dc35]

2014-04-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/alloc.c, plugins/sudoers/env.c,
	plugins/sudoers/linux_audit.c, plugins/sudoers/policy.c,
	plugins/sudoers/prompt.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/testsudoers.c:
	Make "internal error, %s overflow" arguments consistent, using
	__func__ where possible (when debugging is allowed).
	[84e2c40d101b]

2014-03-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/toke_util.c, src/net_ifs.c:
	Use common printf format when warning of buffer overflow prevention.
	[8b0d732b0eae]

	* Makefile.in:
	Remove init.d/*.sh in distclean
	[99cd1eaf4684]

	* .hgignore:
	Correctly ignore init.d/*.sh
	[04aabe1893e5]

	* plugins/sudoers/ldap.c:
	Remove remaining calls to fatalx(); just pass the error to the
	caller.
	[a8bcf903d84b]

2014-03-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/pwutil.c, plugins/sudoers/sudoers.h:
	Make a password/group cache collision a warning rather than fatal.
	This should not be possible in practice and we can safely return the
	new (potentially duplicate) item as it will be freed by the caller.
	Make sudo_set_grlist() return an error on failure instead of calling
	fatalx().
	[5e8d3006862d]

	* plugins/sudoers/timestamp.c:
	Use log_warning() instead of log_fatal() if the ticket or lecture
	path is too long and just return an error. This can only happen from
	a misconfiguration so just ignoring the ticket/lecture file is safe.
	[864c5de8345b]

	* plugins/sudoers/find_path.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	In find_path(), return NOT_FOUND_ERROR instead of calling fatal() if
	the path is too long. Remove an extraneous check against PATH_MAX in
	set_cmnd() since find_path() already contains such a check.
	[183106753690]

	* plugins/sudoers/sudoers.h:
	Remove unused MODE_LISTDEFS define and correct a comment.
	[fb47e59ce5fe]

	* plugins/sudoers/hexchar.c, plugins/sudoers/match.c,
	plugins/sudoers/toke_util.c:
	Make hexchar() return -1 on invalid input instead of calling
	fatalx(). Callers used to check that the string was hex before
	calling hexchar(). Now callers must check for a -1 return value
	instead.
	[1be217c71ce7]

	* plugins/sudoers/audit.c, plugins/sudoers/bsm_audit.c,
	plugins/sudoers/bsm_audit.h, plugins/sudoers/linux_audit.c,
	plugins/sudoers/logging.h, plugins/sudoers/sudoers.c:
	Propagate errors in audit code to caller instead of using fatal().
	If we fail to audit an otherwise successful command, return an error
	from the policy. For Linux audit, sudo may be compiled with audit
	support but auditing may not be setup, so we don't consider that an
	error.
	[9a5753bfcb95]

	* plugins/sudoers/boottime.c:
	Remove unused variable on Linux.
	[f63d7b86797d]

	* plugins/sudoers/timestamp.c:
	Fix warning on systems where mode_t is not unsigned int (Solaris).
	[acd1457c23ec]

2014-03-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/env.c, plugins/sudoers/sudoers.c:
	Audit path too long errror. Add comments about non-audit events and
	placeholders for future audit hooks.
	[434ee47c83dc]

2014-02-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/auth/API, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/auth/sudo_auth.h:
	Remove unused FLAG_USER auth flag. We have no auth methods that
	require that authentication be run as the invoking user.
	[4a9a9f557cb1]

2014-03-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/net_ifs.c:
	Fix aliasing warning in old-style interface probe code.
	[1d6ce6f46da1]

	* plugins/sudoers/set_perms.c:
	Fix some sign comparision warnings.
	[20c6068db104]

	* common/aix.c, common/gidlist.c, compat/getgrouplist.c,
	include/sudo_util.h, src/sudo.c:
	Don't call fatal/fatalx in common/*.c
	[ebf5e55a1ec1]

2014-03-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/check.c, plugins/sudoers/prompt.c,
	plugins/sudoers/sudoers.h:
	Fix expansion of %p in the prompt for "sudo -l" when rootpw, runaspw
	or targetpw is set. Bug #639
	[dff0208d1194]

2014-03-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, configure, configure.ac:
	Sudo 1.8.10p2
	[774ebec63b41]

	* plugins/sudoers/timestamp.c:
	Don't write an empty timestamp record when timestamp_timeout is
	zero. If we find an empty record in the timestamp file, overwrite it
	with a good one, truncating the file as needed.
	[9c226d81b660]

2014-03-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/visudo.cat, doc/visudo.man.in, doc/visudo.mdoc.in:
	Fix typos in description of the -x option. Bug #637
	[6ff2bfaaf99d]

2014-03-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, configure, configure.ac:
	Sudo 1.8.10p1
	[33828a3385ad]

	* plugins/sudoers/timestamp.c:
	Fix typo/thinko that prevented "Defaults !tty_tickets" from working.
	[f65cc29dbcc7]

	* plugins/sudoers/parse.c:
	Fix "sudo -l command" output when the matching command is negated.
	Bug #636
	[b4a92803f733]

2014-03-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, common/Makefile.in, common/regress/atofoo/atofoo_test.c,
	common/regress/sudo_conf/test5.err.ok,
	common/regress/tailq/hltq_test.c:
	The atofoo_test and hltq_test tests now display their own test error
	rate. Display pass/fail count separately for sudo_conf and
	sudo_parseln tests. Check stderr output for the sudo_conf test.
	[5c814709ac70]

	* src/Makefile.in:
	Don't run the check_ttyname test if cross compiling.
	[874ecc1c3db0]

	* plugins/sudoers/Makefile.in:
	CWD no longer used.
	[13b2f3c4269b]

	* plugins/sudoers/Makefile.in:
	Fix diff of toke and err output files in "make check"
	[485cdf3c75e7]

2014-03-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/po/de.mo, src/po/de.po:
	sync with translationproject.org
	[d246c72a2350]

2014-03-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac:
	Check whether ber.h is needed before ldap.h even if we are not using
	any ber functions. Needed for older versions of nss ldap.
	[c2310324dc34]

	* plugins/sudoers/sssd.c:
	Fix compiler warning in debug code.
	[8ee4cb6cafad]

	* MANIFEST, NEWS, doc/CONTRIBUTORS, src/po/ca.mo, src/po/ca.po:
	Catalan translation for sudo from translationproject.org.
	[d6af7d06ee36]

2014-03-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Document negation fix in JSON output.
	[37a85423ae49]

2014-03-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/visudo_json.c:
	Fix handling of '!' operator when converting sudoers. We now add a
	"negated" boolean flag to objects that have the '!' operator.
	[071926c10280]

2014-03-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, NEWS, plugins/sudoers/po/cs.mo, plugins/sudoers/po/cs.po:
	Czech translation for sudoers from translationproject.org
	[c0aae297f7c1]

2014-02-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac:
	Try -libmldap before -lldap in case there is no link from
	libibmldap.so to libldap.so. Since IBM ldap is installed under /opt
	we should only be able to reach it if --with-ldap was given an
	explicit path.

	Only check for ber_set_option() if LBER_OPT_DEBUG_LEVEL is defined.
	[89d50c29d737]

2014-02-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/set_perms.c:
	Fix typo in setreuid() PERM_ROOT error message.
	[533415f53165]

	* mkpkg:
	No longer need to disable setresuid() on debian.
	[96ba687c35f0]

2014-02-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/timestamp.c:
	Fix conversion of timestamp_timeout from double to struct timeval.
	Also quiet a printf format warning on 32-bit systems.
	[59d1f3094dda]

2014-02-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, NEWS, plugins/sudoers/po/sr.mo, plugins/sudoers/po/sr.po:
	Serbian translation for sudoers from translationproject.org.
	[7134b386d658]

2014-02-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/CONTRIBUTORS:
	Add Ingo Schwarze
	[114cdf286987]

	* NEWS, plugins/sudoers/visudo_json.c:
	When exporting sudoers in JSON format, use the same type of Options
	object for both Defaults and Cmnd_Specs.
	[caa57043e197]

2014-02-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/inet_pton.c:
	Silence cppcheck false positive.
	[b2781c42a80f]

	* plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po:
	sync with translationproject.org
	[baba43a6d682]

	* NEWS, doc/UPGRADE:
	Mention init.d scripts on AIX and HP-UX Mention sudoers group
	mismatch fix
	[0259cb1f7cae]

	* INSTALL:
	Talk about clearing files at boot time, not reboot time since it
	happens when the system comes up, not down.
	[e8e480bc34fd]

	* plugins/sudoers/sudoers.c:
	We also need to open the sudoers file as root if there is a GID
	mismatch.
	[2fb2ba6fc4e6]

	* sudo.pp:
	Install /etc/rc.d/init.d/sudo and /etc/rc.d/rc2.d/S90sudo for AIX
	rpm packages.
	[4aca1d318599]

2014-02-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/Makefile.in:
	Remove init.d file and link in uninstall target.
	[249a9f105cdd]

	* configure, configure.ac, sudo.pp:
	Fix INIT_DIR for real this time.
	[5444eb1afbc5]

	* configure, configure.ac, sudo.pp:
	Use correct init.d dir on HP-UX. Fix pp warnings from rc.d and
	init.d dirs.
	[809b54ef95f8]

	* .hgignore, MANIFEST, configure, configure.ac, init.d/aix.sh.in,
	init.d/hpux.sh.in, src/Makefile.in, sudo.pp:
	First cut add installing an init.d file for HP-UX and AIX to remove
	old sudo timestamp files at boot time.
	[ec6d35c62d88]

2014-02-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	Use .Ar macro instead of "file ..." Use ".Cm -" instead of ".Li -"
	for the default login class. From Ingo Schwarze.
	[f13ea603760e]

	* doc/sudo.conf.mdoc.in, doc/sudo.mdoc.in, doc/sudo_plugin.mdoc.in,
	doc/sudoers.ldap.mdoc.in, doc/sudoers.mdoc.in,
	doc/sudoreplay.mdoc.in, doc/visudo.mdoc.in:
	Remove some extraneous markup; from Ingo Schwarze
	 * No need to explicitly end a macro with No before | because | counts
	as middle punctuation and falls out of the macro, anyway.
	 * No need to explicitly re-open in-line macros after | because |
	counts as middle punctuation and the macros resume afterwards,
	anyway.
	 * Simplify the mnemonic remarks regarding the option letters, no need
	for manual font and spacing control with No and Ns.
	 * Trim Ns No to just Ns, it already implies No.
	[cc63d66c6655]

	* doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Move zerowidth space in :alpha: after the colon for consistency.
	[799f6656c6e8]

	* doc/sudo.cat, doc/sudo.conf.cat, doc/sudo.conf.man.in,
	doc/sudo.man.in, doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudoers.cat, doc/sudoers.ldap.man.in, doc/sudoers.man.in,
	doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/visudo.cat,
	doc/visudo.man.in:
	regen
	[14d682732b6f]

	* doc/sudo.mdoc.in, doc/sudoreplay.mdoc.in, doc/visudo.mdoc.in:
	Remove extraneous keeps in SYNOPSIS now that mandoc does implied
	keeps when converting from mdoc to man.
	[0f48fc289f29]

	* doc/sudoers.mdoc.in:
	Properly escape the : in :alpha:
	[e41d4533a55f]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	Replace some uses of .Sy with .Ar, .Ev and .Pa as appropriate. From
	Jan Stary.
	[90ec488905de]

2014-02-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/visudo_json.c:
	Fix indentation of Defaults entries. The initial indent should be
	outside the loop iterating over the entries.
	[dc493c888fb2]

2014-02-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po,
	plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po:
	sync with translationproject.org
	[fc517bc0908e]

	* common/aix.c, common/alloc.c, common/atoid.c, common/atomode.c,
	common/fatal.c, common/gidlist.c, common/sudo_conf.c,
	common/sudo_debug.c, compat/strsignal.c, compat/strtonum.c,
	plugins/sudoers/audit.c, plugins/sudoers/bsm_audit.c,
	plugins/sudoers/linux_audit.c, plugins/sudoers/locale.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/visudo.c, plugins/sudoers/visudo_json.c,
	src/locale_stub.c, src/net_ifs.c, src/sesh.c, src/sudo.h:
	We must include gettext.h before missing.h as it includes system
	headers. Also add missing DEFAULT_TEXT_DOMAIN defines in sudoers
	audit code that does not include sudoers.h.
	[3ac4aa43ce40]

	* common/sudo_dso.c:
	When emulating DSO_NEXT with shl_get() we need to skip the program's
	handle. This used to be documented as being index -2 but now it
	seems to be index 0. As this is not guaranteed we need to look up
	the real handle value for PROG_HANDLE and skip it when interating
	through all the DSOs. Fixes infinite recursion on HP-UX in the
	getenv() replacement.
	[ade1b3045232]

	* src/env_hooks.c:
	Export getenv() so it is visible to shared objects we link with.
	[1ac08446a3a7]

2014-02-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/regress/atofoo/atofoo_test.c,
	common/regress/sudo_conf/conf_test.c,
	common/regress/sudo_parseln/parseln_test.c,
	common/regress/tailq/hltq_test.c,
	plugins/sudoers/regress/parser/check_fill.c:
	Add some initprogname() calls to the test programs.
	[e4320585a88b]

2014-02-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot:
	regen
	[038d066a866d]

	* doc/UPGRADE:
	Mention that there is now a default LDAP search filter.
	[6351da3f8377]

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in:
	Minor word choice change.
	[7e59ab3eb453]

	* NEWS, doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/defaults.c,
	plugins/sudoers/ldap.c, plugins/sudoers/match.c:
	Add use_netgroups sudoers option. For LDAP-based sudoers, netgroup
	support requires an expensive substring match on the server. If
	netgroups are not needed, this option can be disabled to reduce the
	load on the LDAP server.
	[e6bd6c103390]

2014-02-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	Update copyright year.
	[1299eed430a5]

	* NEWS:
	Mention LDAP changes.
	[512b1e363587]

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in, plugins/sudoers/ldap.c:
	Use a default LDAP search filter of (objectClass=sudoRole). When
	constructing the netgroup query, add (sudoUser=*) to the query so we
	don't fall below the 3 character OpenLDAP substring threshold.
	Otherwise the index for sudoUser will never be used for that query.
	Pointed out by Michael Stroeder.
	[54856973af41]

	* plugins/sudoers/timestamp.c:
	Don't warn about an insecure lecture dir twice. Display warnings in
	the user's locale.
	[2c56b8b6d6f9]

2014-02-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Mention the fix for ^Z at the password prompt when sudo was started
	in the background.
	[352d52ad1f7d]

	* common/term.c, src/exec_pty.c:
	In term_restore(), only restores the terminal if we are in the
	foregroup process group. Instead of calling tcgetpgrp(), which is
	racy, we set a temporary handler for SIGTTOU and check whether it
	was received after a failed call to tcsetattr().
	[94979d51daa2]

	* MANIFEST, compat/getaddrinfo.c, compat/inet_pton.c, config.h.in,
	configure, configure.ac, doc/LICENSE, include/missing.h, mkdep.pl,
	plugins/sudoers/interfaces.c, plugins/sudoers/match_addr.c:
	Use inet_pton() instead of inet_aton() and include a version from
	BIND for those without it.
	[fe61a27c76d3]

	* common/regress/atofoo/atofoo_test.c:
	Quiet a gcc warning.
	[f197821892ea]

	* compat/getaddrinfo.c:
	Need to include limits.h for USHRT_MAX.
	[d1d8bd9a0e01]

2014-02-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/term.c, include/sudo_util.h:
	Use bool for function return values instead of 1 or 0.
	[99e357c0800b]

	* configure, configure.ac:
	Warn the user if the rundir needs to be cleared in the rc files.
	Neither AIX not HP-UX clear /var/run (if it even exists).
	[6cdbf57a2f9e]

	* NEWS:
	Update for sudo 1.8.9p5
	[efb737c32615]

	* src/preserve_fds.c:
	When the closefrom limit is greater than any of the preserved fds,
	the pfds list will be non-empty but lastfd will be -1 triggering an
	ecalloc(0) assertion. Instead, test for lastfd being -1 and make
	sure we always update it, even if dup() fails. Also restore initial
	value of lowfd after we are done relocating. Fixes bug #633
	[a11206a31f28]

	* common/term.c:
	Document function return values.
	[267bc85f6fbb]

2014-02-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_pty.c:
	term_restore() now restarts itself so we don't need to do it
	ourselves.
	[a17e885d0b0a]

	* common/term.c:
	syscall restarting is broken on Mac OS X when interrupted by a tty
	signal so restart tcsetattr() by hand. For details, see.
	http://openradar.appspot.com/radar?id=6402578615107584
	[3997b2a0577e]

	* MANIFEST, common/Makefile.in, common/regress/atofoo/atofoo_test.c:
	Add regress for atobool(), atoid() and atomode()
	[e1cbdf86d6e2]

	* plugins/sudoers/Makefile.in:
	Add back boottime.lo
	[0b7ddc31e13e]

	* INSTALL:
	Mention that rundir and vardir may be the same and what to do if
	they are.
	[301df9a31d43]

	* MANIFEST, doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/boottime.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/timestamp.c:
	Bring back boot time checking code and zero out time stamp files
	that predate the boot time. This should help systems w/o /var/run
	where the admin has setup rc.d to clear the timestamp directory.
	[e09389a8b1ca]

	* configure, configure.ac:
	Check libraries for inet_pton() if not in libc.
	[9f9bd83895e8]

2014-02-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac:
	Fix clock_gettime() detection when it lives in librt. Some systems
	have inet_aton() in libresolv (older Solaris).
	[e5f7c8bc9a81]

	* sudo.pp:
	Avoid duplicate directories if vardir and rundir are the same.
	[c5df5ebc191b]

	* plugins/sudoers/po/sudoers.pot:
	regen
	[740b2cc42fea]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Elaborate on time stamp error message causes.
	[2838fea2e21a]

2014-02-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Remove the time stamp dir and its contents when uninstalling. We
	currently leave the lecture status files installed until there is a
	better way to detect upgrades.
	[61532b7113ff]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Update time stamp error messages and regen.
	[edf570c98cd5]

	* plugins/sudoers/timestamp.c:
	Restore warning when sudoers is unable to update the time stamp
	file.
	[86648a771250]

	* INSTALL, Makefile.in, configure, configure.ac, doc/sudoers.mdoc.in,
	m4/sudo.m4, plugins/sudoers/Makefile.in, sudo.pp:
	Replace --with-timedir and --with-lecture_dir with --with-rundir and
	--with-vardir which are the parent directories of the time stamp and
	lecture dirs. These directories need to be searchable by non-root so
	that the timestampowner setting can function.
	[5c38d77a2d0c]

	* plugins/sudoers/timestamp.c:
	Fix use of timestampowner in the new time stamp world order. Parent
	directories for timestampdir and lecture_dir are now created with
	the execute bit set so that we can traverse them as non-root.
	[9ff6f07c0a5d]

2014-01-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/Makefile.in, plugins/sample/Makefile.in,
	plugins/sudoers/Makefile.in:
	Regen Makefiles.
	[59542bcdb222]

	* common/sudo_debug.c, config.h.in, include/sudo_util.h,
	plugins/sample/sample_plugin.c:
	Move ctim_get and mtim_get to sudo_util.h
	[d565391f5491]

	* plugins/sudoers/timestamp.c:
	sprinkle some debug printfs and add function header comments
	[1842d9b8170d]

	* plugins/sudoers/timestamp.c:
	Properly handle the case where /var/run/sudo/ts doesn't exist.
	[895f3ad6ad60]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	fix typo
	[50041ebb6ce6]

	* NEWS:
	Mention "sudo -K" change.
	[e99bd7657aae]

	* doc/UPGRADE:
	Upgrade info for 1.8.10
	[0867718b9af5]

2014-01-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/timestamp.c:
	Warn on ftruncate failure().
	[d2081876da25]

	* plugins/sudoers/timestamp.c:
	Fix checking of lecture status.
	[e12d78234d17]

	* mkpkg:
	Do not override timedir on Debian.
	[283fa2e69a0a]

	* common/event.c, common/event_select.c, include/missing.h,
	plugins/sudoers/iolog.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/visudo.c, src/sudo_edit.c:
	Use sudo_timeval macros and remove compat macros from missing.h
	[1de76d8b811e]

	* INSTALL, MANIFEST, NEWS, compat/Makefile.in, compat/clock_gettime.c,
	config.h.in, configure, configure.ac, doc/sudoers.cat,
	doc/sudoers.man.in, doc/sudoers.mdoc.in, include/missing.h,
	include/sudo_util.h, m4/sudo.m4, mkdep.pl, pathnames.h.in,
	plugins/sudoers/Makefile.in, plugins/sudoers/boottime.c,
	plugins/sudoers/check.h, plugins/sudoers/def_data.c,
	plugins/sudoers/def_data.h, plugins/sudoers/def_data.in,
	plugins/sudoers/defaults.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/timestamp.c, src/Makefile.in:
	Switch to new time stamp file format. Each user now has a single
	file which may contain multiple records when per-tty time stamps are
	in use (the default). The time stamps use a monotonic timer where
	available and are once again stored in /var/run/sudo. The lecture
	status is now stored separately from the time stamps in a different
	directory.
	[7e16eb37bacc]

2014-01-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/check.c:
	When listing a user's privileges, always prompt the user for their
	own password, regardless of the value of target_pw, root_pw or
	runas_pw.
	[73a13ccc7933]

2014-01-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/atomode.c:
	Zero out errstr when there is no error; fixes bug #632
	[74950ef1a0dc]

2014-01-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac, plugins/sudoers/interfaces.c,
	plugins/sudoers/match_addr.c:
	Use inet_aton() instead of inet_addr() as it allows us to
	distinguish between the address (or mask 255.255.255.255) and an
	error. In the future we may consider switching to inet_pton() for
	IPv4 too.
	[b6b4e4c77e9a]

2014-01-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/missing.h:
	Fix typo, ULONG_MAX vs. ULLONG_MAX
	[5d274daa9fb1]

	* plugins/sudoers/sudo_nss.c:
	Fix typo in the AIX case.
	[ee531c950fce]

	* plugins/sudoers/sudo_nss.c:
	Size pointer for sudo_parseln() should be size_t not ssize_t. This
	was already correct for the nsswitch.conf case.
	[cfaf895c1db4]

2014-01-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, common/sudo_conf.c, doc/sudo.conf.cat, doc/sudo.conf.man.in,
	doc/sudo.conf.mdoc.in, include/sudo_conf.h, src/net_ifs.c:
	It is now possible to disable network interface probing in sudo.conf
	by changing the value of the probe_interfaces setting.
	[e9dc28c7db60]

2014-01-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/match_addr.c:
	If inet_addr() returns INADDR_NONE, return false instead of
	iterating through the interfaces looking for a match that will never
	happen.
	[1559c301caec]

	* configure, configure.ac, src/Makefile.in:
	Add explicit dependency on sudoers.la to sudo target when sudoers is
	compiled statically into the sudo binary.
	[d08cc66e18bd]

2014-01-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/getdate.c, plugins/sudoers/getdate.y,
	plugins/sudoers/iolog_path.c, plugins/sudoers/logging.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/timestr.c:
	Do not assume localtime(), gmtime() and ctime() always return non-
	NULL.
	[a1b5b67436de]

2014-01-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in, common/Makefile.in, compat/Makefile.in,
	doc/Makefile.in, include/Makefile.in,
	plugins/group_file/Makefile.in, plugins/sample/Makefile.in,
	plugins/sudoers/Makefile.in, plugins/system_group/Makefile.in,
	src/Makefile.in, zlib/Makefile.in:
	Update copyright years
	[37d2aaa92544]

	* plugins/sudoers/visudo_json.c:
	Eliminate dead store found by clang checker.
	[86874d5340f1]

	* NEWS, configure, configure.ac:
	Update for sudo 1.8.9p4
	[f79ab7c6c1c5]

	* common/sudo_debug.c, include/sudo_debug.h, src/preserve_fds.c:
	When relocating fds, update the debug fd if it is set so we are
	guaranteed to get debugging output.
	[b1deaa472aa6]

2014-01-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c:
	If the event loop exits due to an error and we are not logging I/O,
	kill the command if still running. Fixes a bug where sudo could exit
	while the command was still running.
	[844018ff8a8c]

	* src/preserve_fds.c:
	When relocating preserved fds, start with the highest ones first to
	avoid moving fds around more than we have to. Now uses a bitmap to
	keep track of which fds are being preserved. Fixes a bug where the
	debugging fd could be relocated to the same fd as the error
	backchannel temporarily, resulting in debugging output being printed
	to the backchannel if util@debug was enabled.
	[55e006dbeaf3]

	* src/preserve_fds.c:
	When restoring fds traverse list from high -> low, not low -> high
	to avoid implicitly closing an fd we want to relocate.
	[6351225f47d7]

	* src/exec.c:
	If not logging I/O we may get EOF when the command is executed and
	the other end of the backchannel is closed. Just remove the
	backchannel event in this case or we will continue to receive the
	event. Bug #631
	[a204b69d91f7]

	* src/po/sr.mo, src/po/sr.po:
	sync with translationproject.org
	[987087ce4658]

2014-01-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/ttyname.c:
	Fix strtonum() usage when parsing /proc/self/stat on Linux. Bug #630
	[3448dffe9701]

	* NEWS, configure, configure.ac:
	Update for sudo 1.8.9p3
	[22e5a6f69999]

	* plugins/sudoers/logwrap.c:
	Remove dead store; found by cppcheck
	[a59833af3401]

2014-01-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sesh.c:
	Quiet a cppcheck warning about a negative subscript.
	[ab98b72f5bdf]

	* src/exec_common.c, src/selinux.c, src/sesh.c, src/sudo_exec.h:
	Make noexec parameter to sudo_execve() bool.
	[daa75e4c248a]

	* plugins/sudoers/sudoreplay.c:
	Quiet a few innocuous cppcheck warnings.
	[90ffa16d27b1]

	* plugins/sudoers/sssd.c:
	Handle in_res being NULL for sudo_debug_printf() in
	sudo_sss_filter_result().
	[8595cc05d2a8]

	* plugins/sudoers/iolog.c:
	When writing length to timing file, use %u not %d as it is unsigned.
	[a7f2fcb6919e]

	* plugins/sudoers/visudo_json.c:
	Close export_fp in the error path too, but do not close stdout.
	[5c918718ab45]

	* plugins/sudoers/auth/secureware.c:
	Move right brace outside #ifdef HAVE_DISPCRYPT; found by cppcheck.
	[f2619d2eb7a8]

2014-01-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/group_file/plugin_test.c:
	Make this compile again
	[f0ff8df475e8]

	* common/term.c:
	Add suppression line to quiet a bogus (inconclusive) cppcheck
	warning.
	[065207271e5d]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Do not leak old istack if realloc fails; found by cppcheck. Also
	modify yyless() to avoid a harmless cppcheck warning every time it
	is used.
	[021077017a23]

	* Makefile.in, common/Makefile.in, compat/Makefile.in,
	doc/Makefile.in, include/Makefile.in,
	plugins/group_file/Makefile.in, plugins/sample/Makefile.in,
	plugins/sudoers/Makefile.in, plugins/system_group/Makefile.in,
	src/Makefile.in, zlib/Makefile.in:
	Add cppcheck target to run cppcheck on all source files.
	[d207c2ef49a2]

2014-01-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, configure, configure.ac:
	Update for sudo 1.8.9p2
	[2e7fe6e371a4]

	* config.h.in, configure, ltmain.sh, m4/libtool.m4, m4/ltoptions.m4,
	m4/ltsugar.m4, m4/ltversion.m4, m4/lt~obsolete.m4:
	Update to libtool-2.4.2.418
	[d1dbed89d733]

	* config.guess, config.sub:
	Update from http://git.savannah.gnu.org/gitweb/?p=config.git
	[2b5e32d23be5]

2014-01-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Sudo 1.8.9 also fixes bug #617
	[cc5c18228719]

2014-01-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	The fix for the hang was already in the 1.8.9 tarballs.
	[f038ebcc1071]

	* NEWS, configure, configure.ac:
	Update for sudo 1.8.9p1
	[732fca0003cf]

	* common/atobool.c, common/event.c, plugins/sudoers/iolog.c,
	plugins/sudoers/parse.h, src/exec.c, src/preserve_fds.c:
	Update copyright year.
	[fdeb5956810e]

	* plugins/sudoers/parse.h:
	Go back to making the bit fields in struct cmndtag explicitly
	signed. This fixes a problem on gcc 4.8 (at least) which appears to
	be treating the value as unsigned by default.
	[46b9a7bb10ac]

	* common/atobool.c:
	Use debug_return_int() instead of bare return for debugging support.
	[c273f822de5f]

2014-01-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/event.c:
	Fix infinite loop that could be triggered by sudo_ev_loopbreak() and
	sudo_ev_loopcontinue().
	[1723561c46b0]

	* NEWS:
	Update for 1.8.9 final.
	[d49c14d21410]

2014-01-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog.c:
	Handle a sequence file with no trailing newline.
	[aa29306e4f6d]

2014-01-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog.c:
	Truncate io log and timing files on open when recycling them. Only
	an issue when the sequence number wraps around.
	[01b2dfe15ff0]

	* plugins/sudoers/iolog.c:
	Repair reading of the iolog sequence number that got broken when
	adding stricter strtoul() checks.
	[e0f4a11c3437]

	* src/exec.c:
	If invoked as sudoedit we can't just exec the command directly since
	the temporary files need to be updated before sudo exits.
	[508503be1c4f]

	* src/preserve_fds.c:
	Fix restoration of the close-on-exec flag when moving a relocated fd
	back into its original position.
	[5572f1f8b48a]

2014-01-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Add "see below" to reference "Secure editing" section in "Preventing
	shell escapes".
	[b2db990a36b3]

2014-01-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Add initial "Secure editing" section.
	[0d7a192e0e25]

	* doc/LICENSE:
	Update copyright year.
	[4a639d9207a9]

2013-12-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po, src/po/eo.mo,
	src/po/eo.po, src/po/fi.mo, src/po/fi.po:
	sync with translationproject.org
	[5c15a411b10d]

	* plugins/sudoers/policy.c:
	Make user_cwd and user_tty dynamically allocated even for the
	"unknown" case.
	[015454bf97f8]

2013-12-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac:
	Use -fstack-protector-strong in preference to -fstack-protector-all
	or -fstack-protector.
	[bdd1066eefc4]

	* doc/HISTORY:
	Dell acquired Quest
	[3d5b7d27a313]

2013-12-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po, src/po/ru.mo,
	src/po/ru.po, src/po/vi.mo, src/po/vi.po:
	sync with translationproject.org
	[f964671d08ce]

2013-12-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po,
	plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po,
	src/po/cs.mo, src/po/cs.po, src/po/da.mo, src/po/da.po,
	src/po/it.mo, src/po/it.po, src/po/pl.mo, src/po/pl.po,
	src/po/pt_BR.mo, src/po/pt_BR.po, src/po/uk.mo, src/po/uk.po,
	src/po/zh_CN.mo, src/po/zh_CN.po:
	sync with translationproject.org
	[5f5becf5fb7a]

	* doc/sudoers.ldap.cat:
	regen
	[77745e6bc0d5]

	* NEWS:
	Update for recent changes.
	[365b9084268a]

	* plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/visudo.c:
	Fix typo; we want setlocale(LC_ALL, "") since we are setting the
	locale for the first time.
	[e2b9660e9d48]

2013-12-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/visudo.c:
	Use sudoers_initlocale() in main() startup, not sudoers_setlocal()
	as the latter assumes we are already in the user's locale which may
	not be the case. For sudoreplay, we can just use setlocale()
	directly as there is no sudoers locale.
	[12235e50dea0]

2013-12-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/preserve_fds.c, src/sudo.c, src/sudo.h:
	Redo preserve_fds support to remap high fds so we can get the most
	out of closefrom(). The fds are then restored after closefrom().
	[7d712ec49db7]

	* plugins/sudoers/Makefile.in:
	Fix install-plugin when sudoers is compiled statically.
	[36a8bf3b588d]

2013-12-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, common/sudo_debug.c, doc/sudo_plugin.cat,
	doc/sudo_plugin.man.in, doc/sudo_plugin.mdoc.in,
	include/sudo_debug.h, include/sudo_plugin.h, src/Makefile.in,
	src/exec.c, src/exec_pty.c, src/preserve_fds.c, src/sudo.c,
	src/sudo.h, src/sudo_exec.h:
	Add support for preventing fds from getting clobbered by
	closefrom().
	[269f45964ff0]

2013-12-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in:
	regen
	[b8f458379b5b]

2013-12-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/alloc.c:
	Need to include limits.h here too.
	[b53c6edef597]

2013-12-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.ac, plugins/sudoers/parse.h:
	No need to use __signed.
	[05f9648d1953]

	* plugins/sudoers/regress/logging/check_wrap.c:
	Need limits.h here too.
	[54aac3bbf66a]

	* compat/closefrom.c:
	Still need limits.h here.
	[0abc6b2be208]

	* plugins/sudoers/po/sudoers.pot:
	regen
	[386b47ced07f]

	* compat/closefrom.c:
	Go back to using /proc/self/fd instead of /proc/$$/fd as only AIX
	lacks /proc/self and it has F_CLOSEM.
	[b5735fbcfdce]

2013-12-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/visudo_json.c:
	Use a switch to map digest type to name instead of an array of
	strings.
	[ab17ceb4dd60]

	* compat/closefrom.c:
	Use /dev/fd in closefrom() on FreeBSD < 8.0 and Mac OS X.
	[e70df3b3144b]

	* compat/snprintf.c:
	Remove _MAX and _MIN compat; we rely on missing.h for that. We
	already require the compiler handle long long so there's no need to
	use HAVE_LONG_LONG_INT everywhere.
	[2bda15071439]

	* common/ttysize.c, include/missing.h:
	Remove _MAX and _MIN defines that any system from the last 20 years
	should have. Add ULLONG_MAX in case it is missing.
	[2db0cee4aaa8]

	* doc/visudo.cat, doc/visudo.man.in, doc/visudo.mdoc.in,
	plugins/sudoers/visudo.c, plugins/sudoers/visudo_json.c:
	Change visudo -x to take a file name argument, which may be '-' to
	write the exported sudoers file to stdout.
	[84cb72c3c391]

	* plugins/sudoers/auth/bsdauth.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/parse.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/testsudoers.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l, plugins/sudoers/visudo.c,
	plugins/sudoers/visudo_json.c, src/regress/ttyname/check_ttyname.c:
	Move symbol extern defs into sudoers.h
	[b631a0b57fae]

	* plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/regress/logging/check_wrap.c:
	Add missing sudo_util.h
	[ed0edc2e2d0c]

2013-12-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoreplay.c:
	Warn if the time stamp in the I/O log file does not fit in time_t.
	Warn if the info line is not well-formed instead of silently
	ignoring it.
	[37a050de5be5]

2013-12-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/Makefile.in, plugins/sudoers/Makefile.in, src/Makefile.in:
	Rename libcommon libsudo_util
	[df3ffd4229e5]

2013-12-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, common/Makefile.in, common/aix.c, common/atobool.c,
	common/atoid.c, common/atomode.c, common/fmt_string.c,
	common/gidlist.c, common/progname.c, common/setgroups.c,
	common/sudo_conf.c, common/term.c, common/ttysize.c,
	include/missing.h, include/sudo_util.h,
	plugins/group_file/Makefile.in, plugins/group_file/getgrent.c,
	plugins/sudoers/Makefile.in, plugins/sudoers/sudoers.h,
	plugins/sudoers/sudoreplay.c, plugins/system_group/Makefile.in,
	plugins/system_group/system_group.c, src/Makefile.in, src/sudo.h:
	Move prototypes for functions provided by libcommon that don't have
	their own header files into sudo_util.h.
	[43f423a24416]

2013-12-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/def_data.c,
	plugins/sudoers/def_data.h, plugins/sudoers/def_data.in,
	plugins/sudoers/defaults.c, plugins/sudoers/defaults.h,
	plugins/sudoers/logging.c, plugins/sudoers/logging.h,
	plugins/sudoers/mkdefaults:
	Now that we have proper number parsing functions we should store
	T_UINT defaults values as unsigned int, not int.
	[67d8c2244f1d]

	* plugins/sudoers/defaults.c, plugins/sudoers/defaults.h:
	Don't use int where we really mean enum def_tuple. When this code
	was written it was assumed that we may have multiple tuple types.
	However, that hasn't happened and probably never will.
	[8491f970f343]

	* plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
	Regen after string parsing changes.
	[fd6bf79c3286]

	* common/atoid.c, common/atomode.c, compat/strtonum.c, configure,
	configure.ac, include/missing.h, plugins/sudoers/defaults.c,
	plugins/sudoers/iolog.c, plugins/sudoers/ldap.c,
	plugins/sudoers/sudoreplay.c, src/parse_args.c, src/ttyname.c:
	The OpenBSD strtonum() uses very short error strings that can't be
	translated usefully. Convert them to longer strings on error. Also
	use the longer strings for atomode() and atoid().
	[dace028594da]

2013-12-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, common/Makefile.in, common/atoid.c, common/atomode.c,
	plugins/sudoers/defaults.c, plugins/sudoers/policy.c,
	plugins/sudoers/sudoers.h, src/sudo.c, src/sudo.h:
	Add atomode() function for parsing a file mode.
	[44e29629aa5e]

	* common/sudo_conf.c, common/ttysize.c, compat/Makefile.in,
	compat/closefrom.c, compat/getaddrinfo.c, compat/strtonum.c,
	configure, configure.ac, include/missing.h,
	plugins/sudoers/boottime.c, plugins/sudoers/defaults.c,
	plugins/sudoers/iolog.c, plugins/sudoers/ldap.c,
	plugins/sudoers/match_addr.c, plugins/sudoers/policy.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/parser/check_addr.c,
	plugins/sudoers/sudoreplay.c, plugins/system_group/system_group.c,
	src/parse_args.c, src/sudo.c, src/ttyname.c:
	Use strtonum() instead of atoi(), strtol() or strtoul() where
	possible.
	[e4a1fc84b893]

	* MANIFEST, compat/Makefile.in, compat/strtonum.c, config.h.in,
	configure, configure.ac, include/missing.h, mkdep.pl:
	Add strtonum.c to compat for simpler number parsing.
	[a4c69b003da0]

2013-12-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_common.c:
	Fix a warning on Solaris, we need to use debug_return_const_ptr.
	[932aa94c0cac]

	* plugins/sudoers/Makefile.in:
	check_symbols needs to link with SUDO_LIBS in order to get -lpthread
	on HP-UX for libldap (which uses threads). It would be better to
	have a separate variable for the pthread library but this is no
	worse than it used to be.
	[94591b765371]

2013-12-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	add missing comma
	[7dcbd1c6dd25]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	Make -c option description more accurate.
	[3f305ae6037e]

2013-12-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/CONTRIBUTORS, plugins/sudoers/sudoers.c:
	When checking whether a user may change the login class, just check
	pw_uid of the runas user, which was passed in to set_loginclass().
	[aaf736440441]

2013-12-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/visudo_json.c:
	Use atoid() when parsing user/group IDs and print them as unsigned
	int.
	[40c77459a36a]

2013-12-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoreplay.c:
	Correctly parse 64-bit times in I/O log files.
	[d053ee75adc3]

	* compat/getgrouplist.c, plugins/group_file/getgrent.c,
	plugins/sudoers/pwutil.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/testsudoers.c:
	Use atoid() not atoi() when parsing uids/gids.
	[491146596626]

	* plugins/sudoers/match.c, plugins/sudoers/match_addr.c,
	plugins/sudoers/parse.h, plugins/sudoers/pwutil.c,
	plugins/sudoers/pwutil.h, plugins/sudoers/pwutil_impl.c,
	plugins/sudoers/sudoers.h:
	Better match debugging. Sprinkle const in match functions.
	[4cd8d793f165]

2013-12-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.conf.cat, doc/sudo.conf.man.in,
	doc/sudo.conf.mdoc.in, doc/sudo.man.in, doc/sudo.mdoc.in,
	doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in:
	Document that plugins can be compiled statically into the sudo
	binary.
	[434061cf909f]

2013-12-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sssd.c:
	sudo_sss_filter_user_netgroup(): fix comment typos, break out of
	loop early if we match ALL or netgroup.
	[0691731f4b12]

	* plugins/sudoers/sssd.c:
	When filtering netgroups, use the passwd struct stashed in the
	handle, not user_name since we may be listing another users
	privileges.
	[f2669cf7b70c]

	* mkpkg:
	RHEL 6 and above builds sudo with SSSD support
	[afc3d894851e]

	* plugins/sudoers/sssd.c:
	Avoid passing NULL domainname to sudo_debug_printf().
	[b08abe5e6d23]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document sssd debug subsystem.
	[250c3ab1bcf0]

	* doc/sudo.conf.cat, doc/sudo.conf.man.in, doc/sudo.conf.mdoc.in:
	Document "event" debug subsystem.
	[85d220b48edc]

	* plugins/sudoers/match.c:
	Use atoid() instead of atoi() when parsing uids/gids so we get
	proper range checking.
	[5c3e2f3f6cb9]

	* plugins/sudoers/sssd.c:
	Add user netgroup filtering for SSSD. Previously, rules for a
	netgroup were applied to all even when they did not belong to the
	specified netgroup. RedHat Bugzilla 880150.
	[784848b5462c]

	* plugins/sudoers/sssd.c:
	Fix several issues found by the clang static analyzer; Daniel
	Kopecek
	[520261dd7461]

2013-12-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* README.LDAP:
	Mention how to dump sudoers info from LDAP.
	[a53c93790a30]

	* src/exec_common.c:
	On Solaris, disabling the proc_exec privilege appears to interfere
	with DAC file permissions. Adding DAC override permissions to the
	inheritable set works around this for commands run as root without
	giving extra permissions to other users. Bug #626
	[391ad44026c3]

2013-12-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, common/Makefile.in, common/progname.c, compat/Makefile.in,
	compat/getprogname.c, configure, configure.ac, include/missing.h,
	mkdep.pl, plugins/sample/sample_plugin.c, plugins/sudoers/policy.c,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/parser/check_addr.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/visudo.c, src/parse_args.c,
	src/regress/ttyname/check_ttyname.c, src/sudo.c:
	Instead of setprogname(), add initprogname() which gets the program
	name for getprogname() using /proc or pstat() if possible.
	[e2d48d81456f]

2013-11-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/ttyname.c:
	Ignore EOVERFLOW from pstat_getproc(). The HP-UX kernel appears to
	return this in certain situations but it appears to be harmless at
	least insofar as retrieving the tty goes.
	[105bea4e1c20]

	* plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po,
	src/po/cs.mo, src/po/cs.po, src/po/eo.mo, src/po/eo.po,
	src/po/fi.mo, src/po/fi.po, src/po/it.mo, src/po/it.po,
	src/po/pl.mo, src/po/pl.po, src/po/pt_BR.mo, src/po/pt_BR.po,
	src/po/ru.mo, src/po/ru.po, src/po/uk.mo, src/po/uk.po,
	src/po/vi.mo, src/po/vi.po, src/po/zh_CN.mo, src/po/zh_CN.po:
	Sync with translationproject.org
	[3694d7ad4c9d]

2013-11-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/visudo.c:
	Add missing newline in help message after export option.
	[1c0bff0c181e]

2013-11-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac, plugins/sudoers/Makefile.in,
	src/Makefile.in:
	Do not add LIBDL to SUDO_LIBS or SUDOERS_LIBS in configure, do it in
	Makefile.in so we can make it last. Fixes a linking problem on
	Ubuntu precise.
	[f8d3bddbe742]

2013-11-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, m4/ax_func_getaddrinfo.m4:
	Do not rely on NULL being defined for getaddrinfo() test. Fixes the
	check on HP-UX 11.23.
	[a5dcf0283693]

2013-11-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
	Regen for sudo 1.8.9b1
	[945f27a7aa1c]

	* src/po/de.mo, src/po/de.po, src/po/sr.mo, src/po/sr.po:
	Sync with translationproject.org
	[52abae16ccfa]

2013-11-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL, MANIFEST, NEWS, common/Makefile.in, common/sudo_dso.c,
	compat/Makefile.in, compat/dlfcn.h, compat/dlopen.c, config.h.in,
	configure, configure.ac, include/sudo_dso.h, mkdep.pl,
	plugins/sudoers/Makefile.in, plugins/sudoers/group_plugin.c,
	plugins/sudoers/ldap.c,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/sssd.c, plugins/system_group/Makefile.in,
	plugins/system_group/system_group.c, src/Makefile.in,
	src/env_hooks.c, src/load_plugins.c, src/preload.c, src/sudo.c,
	src/sudo.h:
	Add wrapper functions for dlopen() et al so that we can support
	statically compiling in the sudoers plugin but still allow other
	plugins to be loaded. The new --enable-static-sudoers configure
	option will cause the sudoers plugin to be compiled statically into
	the sudo binary. This does not prevent other plugins from being
	loaded as per sudo.conf.
	[9425770e9d2b]

2013-11-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/visudo_json.c:
	Handle non-unix groups correctly. Get rid of runasuser and
	runasgroup types and use username and usergroup instead. The fact
	that the user or group is inside a Runas_List doesn't affect its
	underlying type.
	[ea1789258c11]

2013-11-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/visudo_json.c:
	Simplify Defaults list option object. The name and value strings are
	superfluous.
	[5852b0184669]

	* compat/dlopen.c:
	Back out unintended change.
	[85156e49e96e]

	* MANIFEST, aclocal.m4, configure, configure.ac,
	m4/ax_func_getaddrinfo.m4:
	Add dedicated test for getaddrinfo(). Tru64 UNIX contains two
	versions of getaddrinfo and we must include netdb.h to get the
	proper definition.
	[9882e3e1e8e3]

	* compat/dlopen.c,
	plugins/sudoers/regress/check_symbols/check_symbols.c:
	Define RTLD_GLOBAL for older systems without it. Bug #621
	[ed38ac84f1da]

2013-11-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/snprintf.c, include/missing.h:
	Rename snprintf replacement rpl_snprintf since we may now replace
	the libc version and #define rpl_snprintf snprintf in missing.h so
	we get our version when needed. This is consistent with how we
	replace glob and fnmatch.
	[309aa17d0dfe]

	* common/Makefile.in, common/regress/sudo_conf/conf_test.c,
	common/regress/sudo_parseln/parseln_test.c,
	common/regress/tailq/hltq_test.c, src/Makefile.in:
	libcommon tests need locale_stub.lo to link.
	[baae40f36de5]

	* MANIFEST, aclocal.m4, compat/snprintf.c, config.h.in, configure,
	configure.ac, m4/ax_func_snprintf.m4:
	Add check for C99 compliant (v)snprintf function.
	[79e02551543c]

	* compat/sig2str.c, configure, configure.ac:
	Include unistd.h in sig2str.c for Tru64 as it defines SIGRTMIN and
	SIGRTMAX in terms of sysconf(), which is prototyped in unistd.h. Bug
	#621; from Daniel Richard G.
	[2a59ccb8c966]

	* include/gettext.h, plugins/sudoers/locale.c, src/locale_stub.c:
	Add definition of U_ for --disable-nsl Don't define warning_gettext
	if --disable-nsl Bug #621; from Daniel Richard G.
	[c0054eb89c2b]

2013-11-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/visudo_json.c:
	When merging Defaults entries we need to check the type of the next
	entry and not just assume it is the same as the previous one.
	[e97d9b9cf0d5]

	* plugins/sudoers/visudo_json.c:
	runasgroups not runasgroup in the Cmnd_Spec.
	[92ea5dc20e4d]

	* plugins/sudoers/visudo_json.c:
	Fix some syntax errors and change how lists are handled.
	[027b8dea44b2]

	* common/sudo_debug.c, config.h.in, configure, configure.ac,
	include/fatal.h, include/sudo_debug.h:
	Allow sudo to compile without variadic macro support in cpp.
	Debugging support will be limited (no file info from warnings.) From
	Daniel Richard G.; Bug #621
	[51b8b868cd4b]

	* Makefile.in, common/aix.c, common/fatal.c, common/gidlist.c,
	common/sudo_conf.c, include/fatal.h, include/gettext.h,
	include/missing.h, plugins/sudoers/auth/fwtk.c,
	plugins/sudoers/auth/rfc1938.c, plugins/sudoers/auth/securid5.c,
	plugins/sudoers/bsm_audit.c, plugins/sudoers/defaults.c,
	plugins/sudoers/env.c, plugins/sudoers/group_plugin.c,
	plugins/sudoers/iolog.c, plugins/sudoers/ldap.c,
	plugins/sudoers/linux_audit.c, plugins/sudoers/locale.c,
	plugins/sudoers/logging.c, plugins/sudoers/match.c,
	plugins/sudoers/policy.c, plugins/sudoers/prompt.c,
	plugins/sudoers/pwutil.c, plugins/sudoers/set_perms.c,
	plugins/sudoers/sssd.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/timestamp.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l, plugins/sudoers/toke_util.c,
	plugins/sudoers/visudo.c, plugins/sudoers/visudo_json.c, src/exec.c,
	src/exec_common.c, src/exec_pty.c, src/load_plugins.c,
	src/locale_stub.c, src/net_ifs.c, src/parse_args.c, src/selinux.c,
	src/sesh.c, src/signal.c, src/solaris.c, src/sudo.c,
	src/sudo_edit.c, src/tgetpass.c, src/utmp.c:
	Add warning_gettext() wrapper function that changes to the user
	locale, then calls gettext(). Add U_ macro that calls
	warning_gettext() instead of gettext(). Rename warning2()/error2()
	back to warning_nodebug()/error_nodebug().
	[f3bb207db201]

2013-11-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/fileops.c, compat/getaddrinfo.c, compat/mktemp.c,
	compat/utimes.c, configure.ac, plugins/sudoers/boottime.c,
	plugins/sudoers/check.c, plugins/sudoers/getdate.c,
	plugins/sudoers/getdate.y, plugins/sudoers/group_plugin.c,
	plugins/sudoers/iolog.c, plugins/sudoers/ldap.c,
	plugins/sudoers/logging.h, plugins/sudoers/sssd.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/timestamp.c,
	plugins/sudoers/visudo.c, src/exec.c, src/exec_pty.c, src/preload.c,
	src/sudo.c, src/sudo_edit.c, src/ttyname.c, src/utmp.c:
	Fix some #if vs. #ifdef and remove an extraneous semicolon. Bug
	#624; from Daniel Richard G.
	[b212e4694018]

	* include/sudo_debug.h, plugins/sudoers/defaults.c,
	plugins/sudoers/ldap.c, src/exec_common.c:
	Add debug_return_const_str and debug_return_const_ptr for returning
	a const string or pointer. Using const for the normal versions
	produces warnings with the Tru64 compiler.
	[45018a149cb4]

	* common/event_poll.c, compat/getaddrinfo.c, config.h.in, configure,
	configure.ac, m4/sudo.m4:
	Fixes for building under Tru64; from Daniel Richard G. Bug #624
	[fc4a6cbae1ba]

2013-11-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/logging.c:
	log_{fatal,warning} now logs to the debug file itself.
	log_{fatal,warning} now calls warningx2() after setting the locale
	itself instead of using the wrapper macros. This removes the only
	use of warningx(ngettext(...)).
	[930129361e0a]

2013-11-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac:
	Add -Wpointer-arith to --enable-warnings
	[2043ae306d1b]

	* configure, configure.ac:
	Fix more instances of #include directives where the '#' was not in
	column 1. From Daniel Richard G. (bug #622)
	[75f36f39dcab]

	* MANIFEST, doc/visudo.cat, doc/visudo.man.in, doc/visudo.mdoc.in,
	plugins/sudoers/Makefile.in, plugins/sudoers/visudo.c,
	plugins/sudoers/visudo_json.c:
	Add support to visudo to export sudoers in JSON format.
	[1697b2b4bfd2]

2013-11-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/parse.h:
	Remove unused digest field from struct cmndspec, the digest really
	lives in struct sudo_command.
	[e9a1e2e112d6]

	* config.h.in, configure:
	Regen with autoconf 2.69
	[275f69f98f9e]

	* MANIFEST, Makefile.in, config.h.in, configure.ac, configure.in,
	doc/Makefile.in:
	Rename configure.in -> configure.ac
	[0aeafe425373]

	* MANIFEST, aclocal.m4, autogen.sh, config.h.in, configure,
	configure.in, ltmain.sh, m4/sudo.m4:
	From Daniel Richard G. (bug #622) Add an autogen.sh script that
	rebuilds the autoconf world. Move old aclocal.m4 contents to
	m4/sudo.m4. New (generayed) aclocal.m4 contains the m4_include
	directives. Some tests had #include directives where the '#' was not
	in column 1. Updated obsolete macro usage via autoupdate.
	[5fe8de5a56df]

2013-11-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo_exec.h:
	Very old systems (pre XPG 4.2) may not support MSG_WAITALL. The
	likelihood of receiving a partial message is quite low so this is
	not a big deal.
	[900a304f9548]

	* configure, configure.in:
	HP-UX may require _XOPEN_SOURCE_EXTENDED to be defined for
	MSG_WAITALL to be visible.
	[f08b1a00a30a]

	* MANIFEST, plugins/sudoers/regress/visudo/test5.out.ok,
	plugins/sudoers/regress/visudo/test5.sh:
	Add regress test for bug #623
	[8e83cfccaf14]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Cope with a comment on the last line of the file with no newline.
	Bug #623
	[f826243bc4e6]

	* compat/getaddrinfo.c:
	Include arpa/inet.h for HP-UX; from Daniel Richard G.
	[d4d7a4303bae]

	* doc/Makefile.in:
	Add missing $(mansrcdir) to visudo.mdoc and visudo.man. From Daniel
	Richard G.
	[f664c8d2f961]

2013-11-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/fatal.h:
	In v{warning,fatal}x?() make a new copy of ap for the debug
	functions. It is not legal to use ap twice without reinitializing
	it. Noticed by Daniel Richard G.
	[6ca8bc48ecb3]

	* include/fatal.h:
	Remove errant warning_restore_locale() call.
	[4ef7aecefcbb]

	* include/missing.h, plugins/sudoers/logging.c:
	Move va_copy compat macro to missing.h
	[c873e4cc4c8a]

	* common/Makefile.in, compat/Makefile.in, mkdep.pl,
	plugins/group_file/Makefile.in, plugins/sample/Makefile.in,
	plugins/sudoers/Makefile.in, plugins/system_group/Makefile.in,
	src/Makefile.in, zlib/Makefile.in:
	Uniquify header dependencies so we don't end up with duplicates when
	a header file includes other headers. The header dependencies are
	sorted so the generated order is stable.
	[95747db2f07a]

	* compat/Makefile.in, configure, configure.in, doc/CONTRIBUTORS,
	mkdep.pl:
	Add getaddrinfo.lo to LTLIBOBJS for systems that need it. From
	Daniel Richard G.
	[e94ee99a52a9]

	* plugins/sudoers/testsudoers.c:
	Fix pasto
	[5262735e78e0]

2013-11-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.mdoc.in:
	Fix typo.
	[6b11a4eec6b6]

2013-11-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/getdate.c, plugins/sudoers/gram.c:
	regen
	[995ca9f21862]

	* plugins/sudoers/getdate.c, plugins/sudoers/getdate.y,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/toke.c:
	Fix warnings from -Wold-style-definition
	[a748c5c7b423]

	* configure, configure.in:
	Add -Wold-style-definition to --enable-warnings
	[0484de0deb59]

	* common/event_poll.c:
	Extra debugging for ready fds.
	[91fb85cdecbb]

	* common/event_select.c:
	When deleting an event, check ev->events to determine whether to
	remove from readfds or writefds instead of blinding removing from
	both. Also fix highfd adjustment.
	[7384db65ca9c]

2013-11-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/event_select.c:
	Only check an fd that is >= 0. Timeout-only events may have a
	negative fd.
	[fa0e5cbc3cc2]

2013-11-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/event.c:
	Don't call sudo_ev_{add,del}_impl() for timeout-only events. This
	makes it possible to pass sudo_ev_alloc() an fd of -1 for events
	only use SUDO_EV_TIMEOUT.
	[6838657a1a2f]

2013-10-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/alloc.c, common/event_select.c, include/sudo_event.h:
	Make a copy of readfds/writefds before calling select() instead of
	calculating it each time. Keep track of high fd in the base.
	[6048b78f2e94]

2013-10-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/CONTRIBUTORS:
	Add Stephen Gelman
	[0028c7a91a4f]

	* plugins/sudoers/getdate.c, plugins/sudoers/gram.c:
	Fix sign comparison warning.
	[914cb36b9ed2]

	* plugins/sudoers/sudoreplay.c:
	Fix potential NULL dereference in non-interactive mode.
	[9233428d3f32]

2013-10-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c, src/exec_pty.c:
	Use MSG_WAITALL when receiving struct command_status over the Unix
	domain socket since we no longer use datagrams. This should avoid
	the need to handle incomplete reads, though in theory it is still
	possible.
	[28a92888a908]

	* plugins/sudoers/sudoreplay.c:
	SIGKILL is not catchable
	[79f82e4cb11d]

	* common/event.c, include/sudo_event.h, plugins/sudoers/sudoreplay.c:
	Add sudo_ev_get_timeleft() to get the amount of time left before an
	event times out and use it in sudoreplay.
	[d5b17ee30fa4]

2013-10-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in,
	plugins/sudoers/sudoreplay.c:
	If the user presses <return> or <enter> in sudoreplay, skip to the
	next event. Useful for skipping past long pauses in the data.
	[43343f45c94d]

	* common/event.c, common/event_poll.c, common/event_select.c:
	Fix sudo_ev_scan_impl() return value in event_poll.c. Make sure we
	clear active flag from unprocessed events if sudo_ev_loopbreak() or
	sudo_ev_loopcontinue() are used. Remove bogus optimization when the
	timeout is zero or negative; it could prevent an I/O event from
	being triggered.
	[a13603fb3134]

	* plugins/sudoers/sudoreplay.c:
	Move session replay into its own function.
	[e323f7729595]

	* common/event.c, common/event_poll.c, common/event_select.c,
	include/sudo_event.h:
	Get rid of cur and pending pointers in struct sudo_event_base. We
	now pop the first event off the active queue instead of using a
	foreach loop with deferred removal of the event. Add
	SUDO_EVQ_INSERTED and SUDO_EVQ_TIMEOUTS flags to indicate that the
	event on the event queue and timeouts queue respectively. No longer
	need to compare the timeout to {0,0} or compare the event's base
	pointer to NULL to determine queue membership.
	[f2b2251fd523]

	* common/event_poll.c:
	rename sudo_ev_loop_impl() -> sudo_ev_scan_impl()
	[614faaff04e3]

	* MANIFEST, common/event.c, common/event_poll.c,
	common/event_select.c, compat/Makefile.in, compat/nanosleep.c,
	config.h.in, configure, configure.in, include/missing.h,
	include/sudo_event.h, mkdep.pl, plugins/sudoers/Makefile.in,
	plugins/sudoers/sudoreplay.c, src/exec.c, src/exec_pty.c:
	Add support for libevent-style timed events. Adding a timed event is
	currently O(n). The only consumer of timed events is sudoreplay
	which only used a singled one so O(n) == O(1) for now. This also
	allows us to remove the nanosleep compat function as we now use a
	timeout event instead.
	[db41c08e92dc]

2013-10-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c, src/exec_pty.c:
	Now that sudo_ev_base_free() removes all events before freeing we
	don't need to do this by hand.
	[b59d43658c5f]

	* common/event.c, common/event_poll.c, common/event_select.c,
	include/sudo_event.h:
	Add a list of active events in the base that the back end sets when
	it calls poll or select. This allows the front end to iterate over
	the events instead of having that code in both back ends. It will
	also simplify support for timeout events. Also make sure we can't
	touch freed memory if a callback frees its own event.
	[933b99b3f2bc]

	* common/event.c:
	Remove any existing events before freeing the event base.
	[2543c6620cf1]

2013-10-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_pty.c:
	mon_handler() should be static
	[b1a62ef65c96]

2013-10-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	If user specified start_tls and ldaps, display a warning and ignore
	start_tls. There's no reason to make this a fatal error.
	[bf446dd1e740]

	* src/exec_pty.c:
	Add missing else when the connection from the monitor to the parent
	sudo process is broken (due to the parent dying). Prevents a
	spurious "unexpected reply type on backchannel" warning.
	[5c44053cef08]

	* src/exec_pty.c:
	When flushing output we don't care whether we are the foreground
	process or not, we still need to flush to /dev/tty. If we are in the
	background, it is OK to get SIGTTOU.
	[9716892d1fb5]

	* plugins/sudoers/ldap.c:
	Should not attempt start_tls on an ldaps connection.
	[9d01d461c52c]

2013-10-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/regress/parser/check_fill.c:
	Fix sign compare warning.
	[6130fa8df758]

	* doc/Makefile.in:
	Eliminate warning about circular dependency from GNU make.
	[7ed5df762089]

	* plugins/sudoers/set_perms.c, plugins/sudoers/sudoers.c,
	src/ttyname.c:
	More sign compare fixes. On Solaris id_t is signed so use uid_t in
	the set_perms.c ID macro instead.
	[8166dcc50d0b]

	* common/fileops.c, common/lbuf.c, common/secure_path.c,
	common/sudo_debug.c, include/secure_path.h,
	plugins/sudoers/find_path.c, plugins/sudoers/getdate.c,
	plugins/sudoers/group_plugin.c, plugins/sudoers/interfaces.h,
	plugins/sudoers/iolog.c, plugins/sudoers/iolog_path.c,
	plugins/sudoers/ldap.c, plugins/sudoers/logging.c,
	plugins/sudoers/match_addr.c, plugins/sudoers/parse.h,
	plugins/sudoers/policy.c, plugins/sudoers/prompt.c,
	plugins/sudoers/pwutil_impl.c, plugins/sudoers/set_perms.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/timestamp.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l,
	plugins/sudoers/toke_util.c, src/load_plugins.c, src/sudo.c,
	src/ttyname.c:
	Quiet sign comparision warnings.
	[e34f45dad10c]

	* configure, configure.in:
	Add -Wsign-compare to --enable-warnings
	[d560e274a6ae]

	* plugins/sudoers/ldap.c:
	Ignore SIGPIPE when connecting to the LDAP server so we can get a
	proper error message with the IBM LDAP libs. Also return
	LDAP_SUCCESS instead of 0 from most sudo_ldap_* functions that
	return an int.
	[611a4ed9b8ee]

	* plugins/sudoers/regress/parser/check_base64.c,
	plugins/sudoers/regress/parser/check_digest.c:
	Quiet compiler warnings.
	[7d82dcca7126]

2013-10-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	sudo_ldap_parse_uri() should join multiple URIs in the string list
	together but it was clearing the host entry each time through the
	loop. Fixes a bug with multiple URI entries in ldap.conf where only
	the last one was being honored.
	[83cee19b136d]

	* src/exec_pty.c:
	Avoid a double free introduced when plugging a memory leak in
	safe_close(). A new ev_free_by_fd() function is used to remove and
	free any events sharing the specified fd. This can be used after
	safe_close() to make sure we don't try to select() on a closed fd.
	[54f48a281147]

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y, src/exec.c:
	Quiet some llvm check false positives. The common idiom of using
	TAILQ_FIRST, TAILQ_REMOVE and free in a loop to free each entry in a
	TAILQ confuses llvm. Use TAILQ_FOREACH_SAFE instead (which is
	probably faster anyway).
	[bd1b8c11f416]

	* plugins/sudoers/auth/pam.c:
	If pam_open_session() fails don't call pam_getenvlist() with a NULL
	pam handle.
	[352e0329acba]

	* plugins/sudoers/defaults.c:
	Fix newly introduced use after frees found by llvm checker.
	[a81080230f1f]

	* common/event_select.c:
	Remove an errant list_next() call that should have been removed in
	the TAILQ conversion.
	[3bbf8d117ce4]

	* MANIFEST, common/Makefile.in, common/list.c,
	common/regress/tailq/hltq_test.c, include/list.h, include/queue.h,
	plugins/sudoers/Makefile.in, plugins/sudoers/alias.c,
	plugins/sudoers/defaults.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/match.c,
	plugins/sudoers/parse.c, plugins/sudoers/parse.h,
	plugins/sudoers/regress/parser/check_fill.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c:
	Add "headless" tail queues and use them in place of the semi-
	circular lists in sudoers. Once the headless tail queue is built up
	it is converted to a normal TAILQ. This removes the last consumer of
	list.c and list.h so those can now be removed.
	[5986ba762a24]

	* common/Makefile.in, common/fatal.c, plugins/sudoers/Makefile.in,
	plugins/sudoers/defaults.c, plugins/sudoers/defaults.h,
	plugins/sudoers/env.c, plugins/sudoers/interfaces.c,
	plugins/sudoers/interfaces.h, plugins/sudoers/ldap.c,
	plugins/sudoers/match_addr.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l,
	plugins/sudoers/visudo.c, src/Makefile.in, src/exec_pty.c,
	src/hooks.c:
	Use SLIST and STAILQ macros instead of doing headless singly linked
	lists manually. As a bonus we now use a tail queue for ldap.c and
	sudoreplay.c.
	[c31bc2d99082]

	* MANIFEST, common/Makefile.in, common/event.c, common/event_poll.c,
	common/event_select.c, common/list.c,
	common/regress/sudo_conf/conf_test.c, common/sudo_conf.c,
	doc/LICENSE, include/list.h, include/missing.h, include/queue.h,
	include/sudo_conf.h, include/sudo_event.h,
	plugins/sudoers/Makefile.in, plugins/sudoers/ldap.c,
	plugins/sudoers/parse.c, plugins/sudoers/parse.h,
	plugins/sudoers/sssd.c, plugins/sudoers/sudo_nss.c,
	plugins/sudoers/sudo_nss.h, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/visudo.c,
	src/Makefile.in, src/exec.c, src/exec_pty.c, src/load_plugins.c,
	src/sudo.c, src/sudo.h, src/sudo_plugin_int.h:
	Convert sudo to use BSD TAILQ macros instead of home ground tail
	queue functions. This includes a private queue.h header derived from
	FreeBSD. It is simpler to just use our own header rather than try to
	deal with macros that may or may not be present in various queue.h
	incarnations.
	[450bce095d7c]

2013-10-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoreplay.c:
	Fix AND operator broken by changes to fix OR.
	[a4d3485ee943]

2013-10-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoreplay.c:
	Fix OR operator.
	[f5c1c90ee284]

2013-10-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_pty.c:
	Fix memory leak of I/O buffer events in safe_close().
	[08cd790cfbba]

2013-10-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/sudo_debug.c:
	Don't allow the debug subsystem to be initialized twice. Otherwise
	we can exhuast our stack when built in static mode.
	[fadacb6a4617]

	* common/event_poll.c:
	Make sure we do not try to usie index -1 in base->pfds[].
	[beeb922aba3f]

2013-10-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, configure, configure.in:
	Bump version to 1.8.9
	[758dbb464796]

2013-10-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_pty.c:
	Convert the monitor process to the event subsystem.
	[c4fe8e2ba53c]

	* src/exec.c, src/exec_pty.c, src/sudo_exec.h:
	Convert the main sudo event loop to use the event subsystem. Read
	events for I/O buffers are added before the loop starts. Write
	events are added on demand as the buffers are filled.
	[72a603e997e0]

	* INSTALL, MANIFEST, common/Makefile.in, common/event.c,
	common/event_poll.c, common/event_select.c, common/list.c,
	common/sudo_debug.c, config.h.in, configure, configure.in,
	include/list.h, include/sudo_debug.h, include/sudo_event.h,
	mkdep.pl, plugins/sudoers/Makefile.in, src/Makefile.in,
	src/exec_pty.c:
	Simple event subsystem that uses poll() or select(). Basically a
	simplied subset of libevent2. Currently only fd events are supported
	(since that's all we need). The poll() backend is used by default,
	except on Mac OS X where poll() is broken for devices (including
	/dev/tty and ptys).
	[8773142b4117]

	* src/exec.c, src/exec_pty.c:
	Use SOCK_STREAM for socketpair, not SOCK_DGRAM so we get consistent
	semantics when the other end closes. This should make the conversion
	to poll() less problematic.
	[b6a321722a91]

2013-10-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/sudo_debug.c:
	Fix removal of trailing newlines in a debug message.
	[6f5ce5ac64e0]

2013-10-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/visudo.c:
	When checking for unused Runas_Aliases, count those used as part of
	a Runas Group too. Fixes a false positive warning.
	[f13271a4a377]

2013-09-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/missing.h:
	Include stddef.h for rsize_t and errno_t on systems that support it
	natively.
	[bc547d47e9c6]

	* MANIFEST:
	Fix braino.
	[67b79747312f]

	* plugins/sudoers/po/da.mo, plugins/sudoers/po/de.mo,
	plugins/sudoers/po/eo.mo, plugins/sudoers/po/fi.mo,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/pl.mo,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/uk.mo,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/zh_CN.mo:
	Rebuild message catalog files.
	[0a9befb0674e]

	* src/po/da.mo, src/po/eo.mo, src/po/fi.mo, src/po/it.mo,
	src/po/pl.mo, src/po/pt_BR.mo, src/po/ru.mo, src/po/uk.mo,
	src/po/vi.mo, src/po/zh_CN.mo:
	Rebuild message catalog files.
	[25191089ddf2]

	* MANIFEST, NEWS, doc/CONTRIBUTORS, src/po/cs.mo, src/po/cs.po:
	Czech translation for sudo from translationproject.org.
	[8bc0ed069ddb]

2013-09-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/da.po, plugins/sudoers/po/de.po,
	plugins/sudoers/po/eo.po, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/it.po, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/pt_BR.po, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.po, plugins/sudoers/po/zh_CN.po, src/po/da.po,
	src/po/eo.po, src/po/fi.po, src/po/it.po, src/po/pl.po,
	src/po/pt_BR.po, src/po/ru.po, src/po/uk.po, src/po/vi.po,
	src/po/zh_CN.po:
	Sync with translationproject.org
	[c16f9bb4579e]

	* NEWS, plugins/sudoers/getdate.c, plugins/sudoers/getdate.y:
	Change "next" back to 2. In the context of "next Friday" we really
	do want the friday of the upcoming (not current) week.
	Unfortunately, this means that things like "next week" and "next
	year" will match one more than we really want. Fixing this will
	require some fairly major changes to the grammar.
	[7f863c930121]

	* doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in:
	Mention that relative times don't always do what you might expect.
	[710a9b0dd36f]

2013-09-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/CONTRIBUTORS:
	Add diacritical for Zdenek Behan.
	[78d333f88e6c]

2013-09-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/regress/ttyname/check_ttyname.c:
	Do not fail if ttyname() cannot determine the tty but sudo can.
	Should fix problems with running "make check" under pbuilder.
	[e6fc06a6c5cf]

	* plugins/sudoers/Makefile.in:
	Remove extraneous $$CWD; from Bdale Garbee
	[4d040ddd7446]

2013-09-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, plugins/sudoers/getdate.c, plugins/sudoers/getdate.y:
	Make "this" and "next" qualifiers work a bit better. There is still
	room for improvement as "this week" will use the current time
	instead of the beginning of the week. That's a separate issue
	though.
	[e844c02f754a]

2013-09-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/regress/sudo_conf/conf_test.c,
	common/regress/sudo_parseln/parseln_test.c:
	Mark main() public to silence a warning on HP-UX.
	[ac0b869b9842]

2013-09-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot, plugins/sudoers/timestamp.c:
	Be specific that we are talking about the Unix epoch; bug #615
	[25887775371b]

	* plugins/sudoers/auth/bsdauth.c, plugins/sudoers/po/sudoers.pot,
	src/po/sudo.pot, src/selinux.c:
	Do not use "setup" as a verb; bug #614
	[17c4750aac5f]

	* plugins/sudoers/iolog.c:
	Fix logic goof when checking open() status.
	[76ece1445d71]

	* plugins/sudoers/po/nl.mo, plugins/sudoers/po/nl.po, src/po/nl.mo,
	src/po/nl.po, src/po/ru.mo, src/po/ru.po:
	Sync with translationproject.org
	[21351498000f]

	* NEWS, plugins/sudoers/sudoreplay.c:
	Work around a bug in sudo 1.8.7 timing files where the indexes are
	off by two.
	[4aa0cd58af58]

	* MANIFEST, plugins/sudoers/iolog.c, plugins/sudoers/iolog.h,
	plugins/sudoers/sudoreplay.c:
	Repair writing of the I/O log file indices broken in sudo 1.8.7.
	[6a5f867884f5]

2013-08-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Try to improve the PAGERS noexec example a bit.
	[226f11118daa]

2013-08-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in:
	Document comment character in ldap.conf Clarify what is and is not
	supported in TLS_KEYPW Mention that gsk8capicmd can be used to
	create a stash file
	[fb8f06ab4458]

2013-08-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	New bugs fixed for 1.8.8.
	[c158df7cd9d2]

	* plugins/sudoers/visudo.c:
	Fix setting of quiet flag when -q / --quiet is specified. Do not
	print "sudoers: parsed OK" in quiet mode.
	[df55acd57ce6]

	* plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po, src/po/fi.mo,
	src/po/fi.po, src/po/it.mo, src/po/it.po:
	Updated translations from translationproject.org
	[e9e8abd23a28]

	* plugins/sudoers/check.c:
	Don't allow root to change its SELinux role without a password. Bug
	#611
	[f8b599acb29d]

2013-08-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Mention new Mac OS X symbol interposition.
	[98293b7c4e0f]

	* plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po, src/po/eo.mo,
	src/po/eo.po, src/po/fr.mo, src/po/fr.po:
	Updated translations from translationproject.org
	[865be7454354]

	* config.h.in, configure, configure.in, src/sudo_noexec.c:
	Add configure checks for the exec functions we will dummy out. This
	is only really needed on Mac OS X when symbol interposition is being
	performed but won't hurt elsewhere.
	[49c20cf6bab0]

2013-08-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.in, src/Makefile.in,
	src/sudo_noexec.c:
	Fix installation of sudo_noexec on Mac OS X. Use library symbol
	interposition on Mac OS X 10.4 and higher so we don't need to set
	DYLD_FORCE_FLAT_NAMESPACE=1.
	[a82999dff8e6]

2013-08-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	Fix error display from ldap_ssl_client_init(). There are two error
	codes. The return value can be decoded via ldap_err2string() but the
	ssl reason code cannot (you have to look it up in a table online).
	[0267125ce9f0]

2013-08-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in:
	Fix typo in tls_key example for Tivoli
	[36599f424ac4]

	* src/parse_args.c:
	Don't escape '$' when running "sudo -i command". Bug #564
	[17542d52f714]

	* plugins/sudoers/iolog_path.c:
	Fix typo in comment.
	[d0510ed5eaba]

	* plugins/sudoers/auth/pam.c:
	Fix comment.
	[4e89e0bfd6af]

	* plugins/sudoers/timestr.c, plugins/sudoers/visudo.c:
	Quiet some gcc -Wformat=2 false positives
	[28a2014b9822]

2013-08-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/auth/pam.c:
	Remove now-obsolete arg to env_merge()
	[ba015cf5d935]

	* plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po,
	src/po/pl.mo, src/po/pl.po, src/po/pt_BR.mo, src/po/pt_BR.po,
	src/po/uk.mo, src/po/uk.po, src/po/vi.mo, src/po/vi.po,
	src/po/zh_CN.mo, src/po/zh_CN.po:
	Updated translations from translationproject.org
	[72b6aeaba505]

	* MANIFEST, NEWS, doc/CONTRIBUTORS, src/po/fr.mo, src/po/fr.po:
	French translation for sudo from translationproject.org.
	[a72321771860]

	* plugins/sudoers/logging.h:
	Add __printflike to audit_failure.
	[1686b3699d41]

	* include/missing.h:
	Use __nonnull__ attribute in __printflike.
	[d123613a1fb6]

2013-08-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/env.c, plugins/sudoers/sudoers.h:
	When merging the PAM environment, allow environment variables set in
	PAM to override ones set by sudo as long as they do not match the
	env_keep or env_check lists.
	[f3c64967fed7]

	* plugins/sudoers/auth/pam.c:
	Call pam_getenvlist() after we've opened the session to get the
	session-specific environment variables.
	[b413fb9e1c77]

2013-08-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	option not flag
	[08c31af7b818]

	* compat/getopt_long.c, config.h.in, configure, configure.in:
	Don't redefine opterr, optind, optopt, optarg in getopt_long.c. Add
	a check for optreset which is a BSD extension and provide a
	definition in getopt_long.c if it is not present.
	[3393e8d83400]

	* plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
	regen
	[f38f65830118]

	* plugins/sudoers/sudoreplay.c, plugins/sudoers/visudo.c:
	Use lower case for the long option arguments to match the manual.
	This is inconsistent with GNU but it is better to match the sudo
	documentation.
	[8fac2d64f5d2]

	* NEWS:
	Sudo 1.8.8
	[105c73752474]

	* src/parse_args.c:
	Use lower card for the long option arguments to match the manual.
	This is inconsistent with GNU but it is better to match the sudo
	documentation.
	[af243dd39850]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in:
	Describe how remote command execution can be implemented.
	[3eba7f93b7f6]

	* doc/sudoers.ldap.cat:
	Bump version.
	[0ee7f02f3627]

2013-08-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo.c:
	Make it a fatal error if the plugin returns invalid or out of range
	command info.
	[8a7e56c7584a]

	* plugins/sudoers/policy.c:
	Use strtol() instead of atoi() and perform error checking of
	parameters passed from the sudo front-end.
	[05e05be3c6c4]

	* plugins/sudoers/auth/pam.c:
	It is not possible for auth to be NULL here.
	[771500e776e9]

	* plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c:
	Initialize user_runhost and user_srunhost to user_host and
	user_shost in visudo and testsudoers.
	[c47cca74e1fc]

	* MANIFEST, common/Makefile.in, common/aix.c, common/alloc.c,
	common/error.c, common/fatal.c, common/gidlist.c, common/lbuf.c,
	common/list.c, common/sudo_conf.c, common/sudo_debug.c,
	compat/Makefile.in, compat/getopt_long.c, include/error.h,
	include/fatal.h, plugins/sudoers/Makefile.in,
	plugins/sudoers/bsm_audit.c, plugins/sudoers/hexchar.c,
	plugins/sudoers/linux_audit.c, plugins/sudoers/locale.c,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/sudoreplay.c,
	src/Makefile.in, src/locale_stub.c, src/net_ifs.c,
	src/regress/ttyname/check_ttyname.c, src/sesh.c, src/sudo.h:
	Rename error.h -> fatal.h now that there is no error() function.
	[3a3827f10f04]

	* common/sudo_debug.c, include/sudo_debug.h:
	Add support to the debug subsystem for zero-length strings. This can
	happen for things like warning(NULL) or fatal(NULL) where we just
	want to log the errno string.
	[3ed739c5cc91]

	* include/error.h:
	Add __printflike for vfatal, vfatalx, vwarning and vwarningx.
	[57e65ed595d2]

	* plugins/sudoers/audit.c:
	Need to include gettext.h for BSM audit.
	[a87fda2d0123]

	* common/alloc.c, plugins/sudoers/env.c, src/exec_common.c,
	src/parse_args.c, src/sudo.c:
	Change some fatalx(NULL) that should be fatal(NULL).
	[8b1efda9f578]

	* include/error.h, include/missing.h:
	Use __printf0like for warning() and fatal() since the fmt string may
	be NULL.
	[858a890f00ad]

	* compat/pw_dup.c:
	Quiet a gcc "used uninitialized in this function" false positive.
	[98f47f89ce60]

	* mkpkg:
	Enable bsm audit on Mac OS X and Solaris >= 11.
	[8607488f986c]

	* plugins/sudoers/bsm_audit.c:
	Fix compilation on Solaris 11.
	[01aa46298ed7]

	* plugins/sudoers/bsm_audit.c:
	Add missing missing.h
	[080de69a55a1]

	* plugins/sudoers/sudoers.c:
	Move the -C (user_closefrom) check until after set_cmnd() so that
	closefrom_override can be used in a command-specific Defaults line.
	Fixes bug #610 from Mengtao Sun.
	[413565c6ff6b]

2013-08-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c:
	If not using a pty and the child process gets SIGTTOU or SIGTTIN and
	sudo is the foreground process, make the child the foreground
	process and continue it.
	[5ff433443bc4]

	* src/sudo.c:
	If sudo is not setuid and was not invoked with a full path, look in
	the user's PATH for the sudo binary to give a better error message.
	[a740129a38f0]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in,
	plugins/sudoers/logging.c, plugins/sudoers/match.c,
	plugins/sudoers/policy.c, plugins/sudoers/sudo_nss.c,
	plugins/sudoers/sudoers.h:
	Add limited support for "sudo -l -h other_host". Since group lookups
	are done on the local host, rules that use group membership may be
	incorrect if the group database is not synchronized between hosts.
	[2c8b222a5f7f]

	* src/parse_args.c:
	Fix parsing of "-h host" when used in conjunction with the -l flag.
	[62f3d726d52b]

	* configure, configure.in, doc/fixman.sh, doc/fixmdoc.sh,
	doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in, doc/sudoreplay.cat,
	doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in, doc/visudo.cat,
	doc/visudo.man.in, doc/visudo.mdoc.in, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/visudo.c, src/parse_args.c, src/sudo.c,
	src/sudo_usage.h.in:
	Simplify usage messages a bit and make --help output more closely
	resemble GNU usage wrt long options. Sync usage and man page
	SYNOPSYS sections and improve long options in the manual pages. Now
	that we have long options we don't need to give the mnemonic for the
	single-character options in the description.
	[17b7e386955a]

2013-08-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/logging.c:
	Fix setting of mailer argv[0] to basename of mailerpath. No need to
	strdup() mailerpath as it is not modified.
	[8843cdd958ee]

	* plugins/sudoers/logging.c:
	Make sure the mailer exists and is a regular file before trying to
	exec it.
	[b73d6214014f]

	* plugins/sudoers/timestamp.c:
	If tty_tickets are enabled but there is no tty, use a ticket file
	based on the parent pid.
	[75408bd61ced]

	* common/sudo_conf.c, doc/sudo.conf.cat, doc/sudo.conf.man.in,
	doc/sudo.conf.mdoc.in, include/sudo_conf.h, src/parse_args.c:
	Allow default plugin dir to be configured in sudo.conf.
	[478883594cc5]

	* doc/CONTRIBUTORS:
	UTF8 for Ruusamae, Elan; from Tae Wong
	[02e0c95b4fa6]

2013-08-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, common/regress/sudo_conf/test5.in,
	common/regress/sudo_conf/test5.out.ok,
	common/regress/sudo_conf/test6.in,
	common/regress/sudo_conf/test6.out.ok, common/sudo_conf.c,
	doc/sudo.conf.cat, doc/sudo.conf.man.in, doc/sudo.conf.mdoc.in,
	plugins/sudoers/policy.c, plugins/sudoers/pwutil_impl.c, src/sudo.c:
	Don't allow max_groups to be set to zero, it just complicates things
	needlessly. Fixes an assertion in visudo when there is a group-
	based Defaults entry.
	[d62a8ea32db9]

2013-08-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, common/Makefile.in, common/gidlist.c,
	plugins/sudoers/policy.c, plugins/sudoers/sudoers.h, src/sudo.c,
	src/sudo.h:
	Refactor code to parse list of gids into its own function that is
	shared by the sudo front-end and the sudoers module. Make uid/gid
	parse error be fatal, not just a warning.
	[da3b2b06605c]

	* common/atoid.c:
	Add function comment block.
	[09a324de716f]

	* common/atoid.c:
	Default text domain is now sudo, not sudoers.
	[1acb1da6f304]

	* common/Makefile.in:
	Update dependency for atoid.lo
	[5e367cd44288]

	* common/atoid.c, plugins/sudoers/iolog.c, plugins/sudoers/policy.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/tsgetgrpw.c, src/sudo.c,
	src/sudo.h:
	Add endpointer and separator args to atoid()
	[2077e4ed8578]

2013-08-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/getgrouplist.c:
	Use private version of atoid() to avoid a dependency on libcommon.a
	(since that already depends on libreplace.a).
	[7c12d63b0560]

	* doc/CONTRIBUTORS:
	More UTF8 in names; from Tae Wong
	[512b263f51c8]

	* compat/getgrouplist.c, plugins/sudoers/iolog.c,
	plugins/sudoers/tsgetgrpw.c, src/sudo.c, src/sudo.h:
	Use atoid() in more places.
	[06f4ae57c707]

	* MANIFEST, common/Makefile.in, common/atoid.c,
	plugins/sudoers/Makefile.in, plugins/sudoers/atoid.c:
	Move atoid() to common so it can be used in src and compat too.
	[095d730701e4]

	* compat/closefrom.c:
	Avoid a crash on Mac OS X 10.8 (at least) when we close
	libdispatch's fds out from under it before executing the command.
	Switch to just setting the close on exec flag instead.
	[349ebf4987df]

	* doc/CONTRIBUTORS:
	Convert to last, first for easier sorting and use UTF8 (including a
	BOM).
	[8c30d221bd75]

	* plugins/sudoers/atoid.c:
	Add atoid() function to convert a string to an id_t (uid, gid or
	pid). We have to be careful to choose() either strtol() or strtoul()
	depending on whether the string appears to be signed or unsigned.
	Always using strtoul() is unsafe on 64-bit platforms since the uid
	might be represented as a negative number and (unsigned long)-1 on a
	64-bit system is 0xffffffffffffffff not 0xffffffff. Fixes a problem
	with uids larger than 0x7fffffff on 32-bit platforms.
	[5d818e399157]

	* MANIFEST, config.h.in, configure, configure.in,
	plugins/sudoers/Makefile.in, plugins/sudoers/policy.c,
	plugins/sudoers/sudoers.h:
	Add atoid() function to convert a string to an id_t (uid, gid or
	pid). We have to be careful to choose() either strtol() or strtoul()
	depending on whether the string appears to be signed or unsigned.
	Always using strtoul() is unsafe on 64-bit platforms since the uid
	might be represented as a negative number and (unsigned long)-1 on a
	64-bit system is 0xffffffffffffffff not 0xffffffff. Fixes a problem
	with uids larger than 0x7fffffff on 32-bit platforms.
	[cd92246a710f]

	* plugins/sudoers/sudoers.c:
	Avoid "perm stack underflow" error when logging the unknown uid
	error.
	[871514c713b7]

	* plugins/sudoers/set_perms.c:
	In rewind_perms() there is nothing to do if perm_stack_depth == 0.
	[98de335f47f0]

2013-08-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/auth/pam.c, plugins/sudoers/def_data.c,
	plugins/sudoers/def_data.h, plugins/sudoers/def_data.in:
	Add pam_setcred sudoers option to allow the user to control whether
	pam_setcred() is called on the user's behalf.
	[4260a8e43073]

	* configure, configure.in, doc/sudoers.cat, doc/sudoers.man.in,
	doc/sudoers.mdoc.in, plugins/sudoers/auth/pam.c,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/defaults.c:
	Add pam_service and pam_login_service sudoers settings to control
	the service name passed to pam_start.
	[5ea0e3588f3a]

	* mkpkg:
	Newer Xcode places the SDKs under Xcode.app
	[4b54379d5c45]

2013-08-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, common/Makefile.in, common/zero_bytes.c,
	compat/Makefile.in, compat/memset_s.c, config.h.in, configure,
	configure.in, doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, include/missing.h, include/sudo_plugin.h,
	mkdep.pl, plugins/sudoers/Makefile.in,
	plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/bsdauth.c,
	plugins/sudoers/auth/fwtk.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/secureware.c,
	plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/defaults.c,
	plugins/sudoers/logging.c, plugins/sudoers/sha2.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/tsgetgrpw.c, plugins/sudoers/visudo.c,
	src/Makefile.in, src/conversation.c, src/sudo.h, src/sudo_edit.c,
	src/tgetpass.c:
	Implement memset_s() and use it instead of zero_bytes(). A new
	constant, SUDO_CONV_REPL_MAX, is defined by the plugin API as the
	max conversation reply length. This constant can be used as a max
	value for memset_s() when clearing passwords filled in by the
	conversation function.
	[264ec146028e]

2013-08-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/group_file/Makefile.in, plugins/sample/Makefile.in,
	plugins/system_group/Makefile.in:
	Do not try to install plugins when shared modules are disabled
	(sudoers already had the check).
	[3d582c042042]

	* plugins/sudoers/Makefile.in:
	Update dependencies to take into account compat/getopt.h and
	compat/dlfcn.h.
	[301fb31cd121]

	* src/Makefile.in:
	Update dependencies now that sudo_usage.h is always included from
	the build dir.
	[c1ff70ec9515]

2013-07-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	Add some warnings and debugging to sasl ccname handling.
	[467f415861f0]

	* plugins/sudoers/ldap.c:
	Fix write loop invariant in sudo_krb5_copy_cc_file()
	[6948cf6e9b9f]

2013-07-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	Strip off leading FILE: or WRFILE: prefix before trying to copy the
	user's credential cache.
	[56c16feab62f]

2013-07-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo.c:
	Instead of setting RLIMIT_NPROC to unlimited when sudo initializes,
	just save RLIMIT_NPROC in exec_setup() before the final setuid() and
	restore it immediately after. We don't need to modify RLIMIT_NPROC
	for simple euid changes, just for changing the real (and saved) uids
	before we exec. This also means we no longer need to worry about
	_SC_CHILD_MAX returning -1. Bug #565
	[1372f1909039]

2013-07-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c, src/preload.c:
	Now that the ldap code runs with the real and effective uid set to
	0, it is not possible for the gssapi libs to find the user's krb5
	credential cache file. To work around this, we make a temporary copy
	of the user's credential cache specified by KRB5CCNAME (opened with
	the user's effective uid) and point gssapi to it. To set the
	credential cache file name, we dynamically look up
	gss_krb5_ccache_name() and use it if available, otherwise fall back
	to setting KRB5CCNAME.
	[8b86c134541a]

2013-07-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.man.in, doc/sudoreplay.cat, doc/sudoreplay.man.in,
	doc/sudoreplay.mdoc.in, doc/visudo.cat, doc/visudo.man.in,
	doc/visudo.mdoc.in, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/visudo.c:
	Long option support for visudo and sudoreplay.
	[91427968be71]

2013-07-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in, src/Makefile.in,
	src/parse_args.c, src/sudo.c, src/sudo_usage.h.in:
	Add support for long options and fix inclusion of sudo_usage.h with
	modern gcc broken in 8597:1fcb7ba13018.
	[d13134819944]

	* src/Makefile.in:
	Add rule to rebuild sudo_usage.h when the .in file changes.
	[59a32899e251]

	* compat/Makefile.in, mkdep.pl, src/Makefile.in:
	Add make rules for building getopt_long.c
	[5f57593b3a8b]

	* src/parse_args.c:
	Make "-h hostname" work. Optional args in GNU getopt() only work
	when there is no space between the option flag and the argument.
	[b8258659cabb]

2013-07-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, compat/getopt.h, compat/getopt_long.c, config.h.in,
	configure, configure.in, doc/LICENSE, src/parse_args.c:
	Use getopt_long() so we can make the -h flag take an optional
	argument. Includes a version for those without it.
	[d1dd66c8a86b]

2013-07-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	Document that the -h option can be used specify a host name for
	future plugins.
	[8470c74cf326]

	* include/sudo_plugin.h, src/parse_args.c, src/sudo_usage.h.in:
	Overload -h option to specify an optional hostname for remote
	access. This is future-proofing; no policy plugins currently support
	this.
	[0e01d8c3c623]

	* configure, configure.in:
	Bump version to 1.8.8
	[a1155bfaa28f]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in:
	Document the remote_host setting (-h host)
	[c737db906f5d]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	fix "the the"
	[0025464a3942]

	* src/parse_args.c, src/sudo.c, src/sudo.h:
	Do not error out if arg to -U option cannot be resolved, that is for
	the plugin to decide. There is no need for runas_user and
	runas_group to be global, make them local to parse_args() instead.
	[fb02a62a72ba]

	* MANIFEST, doc/CONTRIBUTORS, plugins/sudoers/po/pt_BR.mo,
	plugins/sudoers/po/pt_BR.po, src/po/es.mo, src/po/es.po,
	src/po/pt_BR.mo, src/po/pt_BR.po:
	Sync with translationproject.org
	[e8f4772d918a]

2013-07-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/TROUBLESHOOTING:
	Remove old bits about sudo setuid problems that should have been
	cleaned up in changeset 7917:fa4894896d8a. Also update the mode of
	sudo to 04755 to match current packaging.
	[1e3904cdc2de]

	* plugins/sudoers/auth/pam.c:
	Go back to ignoring the return value of pam_setcred() since with
	stacked PAM auth modules a failure from one module may override
	PAM_SUCCESS from another. If the first module in the stack fails,
	the others may be run (and succeed) but an error will be returned.
	This can cause a spurious warning on systems with non-local users
	(e.g. pam_ldap or pam_sss) where pam_unix is consulted first.
	[b6022e26135a]

	* src/net_ifs.c:
	Remove unused variable.
	[93dde7d82fde]

	* NEWS:
	Fix typo
	[5ef79671c2c7]

2013-07-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sssd.c:
	Fix pasto; sudo_sss_extract_digest() not sudo_ldap_extract_digest().
	From Dan Harnett.
	[4a0af6f12765]

2013-06-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Fix formatting typo; from Eric S. Raymond
	[058b533ba460]

2013-06-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkpkg:
	Use -gxcoff on aix so dbx can be used to debug sudo.
	[4950e019ed2d]

2013-06-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/visudo.cat, doc/visudo.man.in, doc/visudo.mdoc.in:
	Fix typo; bug 605
	[41f7b46a6e51]

2013-06-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/po/da.mo, src/po/eo.mo, src/po/es.mo, src/po/it.mo,
	src/po/tr.mo:
	Regen .mo files that were out of date.
	[9e25a254f9db]

2013-05-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, configure, configure.in:
	On Solaris 11 and higher, tag binaries for ASLR if supported by the
	linker.
	[a2a6cafa3e60]

	* mkpkg:
	No longer need to disable PIE on Solaris.
	[cf90019ae67e]

2013-05-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL, NEWS, configure, configure.in, doc/TROUBLESHOOTING:
	Restrict default creation of PIE binaries (-fPIE and -pie) to Linux.
	OpenBSD also supports PIE but enables it by default so we don't need
	to do anything. This fixes problems on systems with a version of GNU
	ld that accepts -pie but where the run-time linker doesn't actually
	support PIE. Also verify that a trivial PIE binary works unless PIE
	is explicitly enabled.
	[3c5f125efeb1]

2013-05-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* aclocal.m4, configure, configure.in:
	Attempt to detect PIE failure on Solaris 10 with GNU as and GNU ld
	where we can end up crashing due to malloc() failures. Sems OK when
	Using Sun as and ld.
	[b8ba412102ab]

	* NEWS:
	Update with final changes.
	[78ff6d2ed47a]

2013-05-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Add -fPIE to PIE_LDFLAGS as per gcc manual.
	[fe900cbb0780]

2013-05-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/Makefile.in, compat/Makefile.in:
	Add missing $(PIE_LDFLAGS) $(SSP_LDFLAGS) for test programs
	[f84bc7482b78]

	* MANIFEST, plugins/sudoers/alias.c, plugins/sudoers/match.c,
	plugins/sudoers/parse.c, plugins/sudoers/parse.h,
	plugins/sudoers/regress/visudo/test4.out.ok,
	plugins/sudoers/regress/visudo/test4.sh, plugins/sudoers/visudo.c:
	Replace sequence number-based cycle detection in visudo with a
	"used" flag in struct alias. The caller is required to call
	alias_put() when it is done with the alias. Inspired by a patch from
	Daniel Kopecek.
	[0bdbac1b3b39]

2013-05-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog.c:
	Eliminate a few relocations related to sudoers_io.
	[18e9e2cc3367]

	* plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po:
	Sync with translationproject.org
	[f38cc128a2ad]

2013-05-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/ttyname.c:
	Clarify a comment.
	[7a045ee06e95]

2013-05-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/ttyname.c:
	Handle d_type == DT_UNKNOWN when resolving the device to a name and
	sprinkle some more debugging.
	[8774133747d9]

2013-05-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/TROUBLESHOOTING:
	Add message about disabling PIE if sudo gets SIGSEGV.
	[c786af2a6751]

	* plugins/sudoers/check.h, plugins/sudoers/timestamp.c:
	No longer store the ctime of a devpts tty. The handling of ctime on
	devpts in Linux has been changed to conform to POSIX. As a result we
	can no longer assume that the ctime will stay unchanged throughout
	the life of the session. We store the session ID in the time stamp
	file so there is a much smaller chance of the time stamp file being
	reused by a new login. While here, store the uid/gid in the
	timestamp file too for good measure.
	[7028b21f7a9b]

	* configure, configure.in:
	PIE is broken on FreeBSD/arm
	[f232c60d6229]

	* mkpkg:
	Add explicit sendmail path for Linux since we may not have sendmail
	installed in the build chroot.
	[1ba2f84f4ff0]

2013-05-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/sudo_debug.c, plugins/sudoers/iolog.c,
	plugins/sudoers/set_perms.c, src/sudo.c, src/tgetpass.c:
	Quiet a few -Wunused-result compiler warnings.
	[ef12afb61423]

2013-04-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Mention what SHA-2 formats are supported.
	[bf298d0fdf8a]

	* doc/CONTRIBUTORS:
	List code and translations separately.
	[826547bc1295]

2013-04-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/tr.mo, plugins/sudoers/po/tr.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po:
	Sync with translationproject.org
	[9499a6f438b8]

	* plugins/sudoers/po/sudoers.pot:
	regen
	[cce449e284a6]

	* Makefile.in:
	Fix c-format for fatal/fatalx
	[4ad81d3faaeb]

2013-04-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in, plugins/sudoers/iolog.c, plugins/sudoers/policy.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/visudo.c, src/exec_pty.c, src/sudo.h:
	Change some error/errorx -> fatal/fatalx in comments and xgettext
	flags.
	[9d9b64fa2ec9]

	* NEWS:
	There is now a Turkish translation of sudoers.
	[701c5af6aa76]

	* MANIFEST, plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po,
	plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/tr.mo, plugins/sudoers/po/tr.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po:
	Updated translations from translationproject.org including new
	Turkish translation.
	[9cedbb50d90f]

2013-04-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document that sudoers will re-use existing I/O log paths unless they
	are mktemp-style with trailing X's.
	[4f43bd13d9e7]

	* NEWS, doc/sudoers.cat, doc/sudoers.ldap.cat,
	doc/sudoers.ldap.man.in, doc/sudoers.ldap.mdoc.in,
	doc/sudoers.man.in, doc/sudoers.mdoc.in, plugins/sudoers/ldap.c,
	plugins/sudoers/policy.c, plugins/sudoers/sudoers.h:
	Allow ldap_conf and ldap_secret to be specified as plugin arguments
	in sudo.conf
	[37c6c425b565]

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in:
	sudoers_debug is now deprecated in favor of the sudo debugging
	framework.
	[1195be1ec254]

	* plugins/sudoers/ldap.c:
	Replace DPRINTF with DPRINTF1 and DPRINTF2 macros that use
	SUDO_DEBUG_DIAG and SUDO_DEBUG_INFO respectively for logging to the
	debug file with the ldap subsystem. The sudoers_debug setting in
	ldap.conf is still honored for now but will be removed in a future
	release.
	[cfa42b4b913e]

2013-04-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers2ldif:
	Add support for converting sudoers files with SHA-2 command digests.
	[dc0d03485946]

	* doc/fixman.sh, doc/fixmdoc.sh, mkdep.pl, mkpkg,
	plugins/sudoers/sudoers2ldif:
	Add copyright notice to scripts
	[5e8bd4e6083f]

	* MANIFEST, plugins/sudoers/regress/sudoers/test14.in,
	plugins/sudoers/regress/sudoers/test14.out.ok,
	plugins/sudoers/regress/sudoers/test14.toke.ok:
	Add regress for SHA-2 digests.
	[0b258c2a2a95]

	* compat/getgrouplist.c:
	Solaris maps negative gids to GID_NOBODY.
	[57050e5c750f]

	* plugins/sudoers/visudo.c:
	Clear up an llvm checker warning which appears to be a false
	positive and fix an old XXX while I'm at it.
	[9ee13133e596]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in, doc/sudoreplay.cat,
	doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in:
	Correct last change date
	[3bc1fa5b0f76]

	* plugins/sudoers/po/sudoers.pot, plugins/sudoers/sudoreplay.c:
	No need to translate this error message.
	[4d9941970a26]

	* doc/UPGRADE:
	Mention .sl vs. .so extension handling on HP-UX Mention group
	membership changes Fix typos
	[40ac0efbdb2b]

	* aclocal.m4, common/aix.c, common/alloc.c, common/atobool.c,
	common/error.c, common/fmt_string.c, common/lbuf.c, common/list.c,
	common/setgroups.c, common/term.c, common/ttysize.c,
	compat/Makefile.in, compat/dlopen.c, compat/endian.h,
	compat/getline.c, compat/getprogname.c, compat/isblank.c,
	compat/memrchr.c, compat/mksiglist.c, compat/mktemp.c,
	compat/nanosleep.c, compat/pw_dup.c, compat/sig2str.c,
	compat/snprintf.c, compat/strlcat.c, compat/strlcpy.c,
	compat/strsignal.c, compat/utimes.c, doc/Makefile.in,
	include/Makefile.in, include/alloc.h, include/fileops.h,
	include/gettext.h, include/lbuf.h, include/missing.h,
	include/sudo_plugin.h, pathnames.h.in,
	plugins/group_file/Makefile.in, plugins/sample/Makefile.in,
	plugins/sample/sample_plugin.c, plugins/sudoers/Makefile.in,
	plugins/sudoers/alias.c, plugins/sudoers/audit.c,
	plugins/sudoers/auth/afs.c, plugins/sudoers/auth/aix_auth.c,
	plugins/sudoers/auth/bsdauth.c, plugins/sudoers/auth/dce.c,
	plugins/sudoers/auth/fwtk.c, plugins/sudoers/auth/kerb5.c,
	plugins/sudoers/auth/pam.c, plugins/sudoers/auth/passwd.c,
	plugins/sudoers/auth/rfc1938.c, plugins/sudoers/auth/secureware.c,
	plugins/sudoers/auth/securid5.c, plugins/sudoers/auth/sia.c,
	plugins/sudoers/auth/sudo_auth.h, plugins/sudoers/bsm_audit.c,
	plugins/sudoers/bsm_audit.h, plugins/sudoers/defaults.c,
	plugins/sudoers/defaults.h, plugins/sudoers/env.c,
	plugins/sudoers/find_path.c, plugins/sudoers/getspwuid.c,
	plugins/sudoers/goodpath.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/group_plugin.c,
	plugins/sudoers/interfaces.c, plugins/sudoers/interfaces.h,
	plugins/sudoers/iolog_path.c, plugins/sudoers/linux_audit.c,
	plugins/sudoers/linux_audit.h, plugins/sudoers/locale.c,
	plugins/sudoers/logging.h, plugins/sudoers/match.c,
	plugins/sudoers/match_addr.c, plugins/sudoers/parse.c,
	plugins/sudoers/parse.h, plugins/sudoers/prompt.c,
	plugins/sudoers/pwutil.h, plugins/sudoers/redblack.c,
	plugins/sudoers/redblack.h,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/parser/check_addr.c,
	plugins/sudoers/regress/parser/check_fill.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sudo_nss.c,
	plugins/sudoers/sudo_nss.h, plugins/sudoers/sudoers_version.h,
	plugins/sudoers/testsudoers.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.h, plugins/sudoers/toke.l,
	plugins/sudoers/toke_util.c, plugins/sudoers/tsgetgrpw.c,
	plugins/sudoers/visudo.c, plugins/system_group/Makefile.in,
	plugins/system_group/system_group.c, src/Makefile.in,
	src/conversation.c, src/exec.c, src/exec_common.c, src/get_pty.c,
	src/net_ifs.c, src/parse_args.c, src/preload.c, src/selinux.c,
	src/sesh.c, src/signal.c, src/sudo_edit.c, src/sudo_exec.h,
	src/sudo_noexec.c, src/sudo_plugin_int.h, src/tgetpass.c,
	src/utmp.c:
	Update copyright years.
	[5c6d72661bad]

	* plugins/sudoers/mon_systrace.h:
	Systrace support was removed long ago.
	[10a038a2da77]

2013-04-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/regress/sudoers/test10.toke.out.ok,
	plugins/sudoers/regress/sudoers/test9.toke.out.ok:
	Remove some files that were mistakenly added.
	[833502da26de]

	* common/sudo_debug.c, config.h.in, configure, configure.in,
	plugins/sudoers/boottime.c, plugins/sudoers/iolog.c,
	plugins/sudoers/ldap.c, plugins/sudoers/logging.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/timestamp.c:
	Use time(&now) instead of now = time(NULL) when storing the current
	time in a time_t (better compiler error checking). Better parsing
	and printing of 64-bit time_t on 32-bit platforms.
	[c227dc72c04e]

2013-04-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/ttyname.c:
	Don't check the tty of the parent process. Now that we get the
	controlling tty device number from the kernel there is no need. If
	the process has really disassociated from the tty then reporting
	"unknown" is appropriate.
	[62fb66e565db]

2013-04-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/error.c:
	Use EXIT_FAILURE instead of 1 as the fatal() exit value.
	[ed94c2c5e88a]

	* src/sesh.c:
	Change remaining errorx -> fatalx
	[3f6d70e19303]

2013-04-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/pwutil.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	Replace sudo_fakepwnamid() with sudo_mkpwent() and don't return an
	error if the entry already exists in the cache.
	[94d45970400a]

	* plugins/sudoers/bsm_audit.c, plugins/sudoers/po/sudoers.pot:
	Change "foo: failed" to just "foo" since we print the string form of
	errno. Gets rids of some useless translations.
	[476f37349dbc]

2013-04-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/match.c:
	Fix pasto in debug_decl
	[08650186a239]

	* plugins/sudoers/Makefile.in:
	regen
	[acf4c34fba2c]

	* plugins/sudoers/auth/bsdauth.c, plugins/sudoers/auth/kerb5.c,
	plugins/sudoers/auth/pam.c, plugins/sudoers/auth/sia.c,
	plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/logging.c,
	plugins/sudoers/logging.h, plugins/sudoers/parse.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/timestamp.c:
	Rename log_error() -> log_warning() for consistency with
	warning()/fatal()
	[474ed5a0e335]

	* plugins/sudoers/auth/API:
	The NO_EXIT flag was removed a while ago.
	[e0a4be270226]

	* common/aix.c, common/alloc.c, common/error.c, include/error.h,
	plugins/sudoers/bsm_audit.c, plugins/sudoers/env.c,
	plugins/sudoers/find_path.c, plugins/sudoers/hexchar.c,
	plugins/sudoers/iolog.c, plugins/sudoers/ldap.c,
	plugins/sudoers/linux_audit.c, plugins/sudoers/logging.c,
	plugins/sudoers/policy.c, plugins/sudoers/prompt.c,
	plugins/sudoers/pwutil.c,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/parser/check_addr.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/timestamp.c,
	plugins/sudoers/visudo.c, src/exec.c, src/exec_common.c,
	src/exec_pty.c, src/net_ifs.c, src/parse_args.c, src/selinux.c,
	src/signal.c, src/sudo.c, src/sudo_edit.c, src/tgetpass.c,
	src/utmp.c:
	Rename error/errorx -> fatal/fatalx and remove the exit value as it
	was always 1.
	[ea66f58c4da5]

	* NEWS:
	digests are supported in sudoers ldap too
	[77d6c25f7653]

	* plugins/sudoers/regress/check_symbols/check_symbols.c:
	Print test failures to stdout like the final count so the outputis
	not displayed out of order.
	[f541b78ecb93]

	* plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po,
	plugins/sudoers/po/eo.po, plugins/sudoers/po/hr.mo,
	plugins/sudoers/po/hr.po, plugins/sudoers/po/it.po, src/po/da.mo,
	src/po/da.po, src/po/eo.po, src/po/hr.mo, src/po/hr.po,
	src/po/it.po, src/po/tr.po:
	Sync with translationproject.org
	[cbd70678b99f]

	* Makefile.in:
	Check for any uncommitted changes in dist target and add force-dist
	target that omit check-dist.
	[78dc3f41e37e]

2013-04-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/regress/ttyname/check_ttyname.c:
	Fix logic bug when checking tty via ttyname().
	[279aee076194]

	* compat/endian.h:
	Fix check for _BIG_ENDIAN and _LITTLE_ENDIAN (Solaris) and
	__BIG_ENDIAN__ and __LITTLE_ENDIAN__ (HP-UX)
	[fe35e0b04502]

	* plugins/sudoers/po/sudoers.pot:
	regen
	[0ddebccd3045]

	* NEWS, doc/sample.sudoers, doc/sudoers.cat, doc/sudoers.ldap.cat,
	doc/sudoers.ldap.man.in, doc/sudoers.ldap.mdoc.in,
	doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document digest support.
	[d794c7b9a7bc]

	* MANIFEST, plugins/sudoers/Makefile.in,
	plugins/sudoers/regress/parser/check_base64.c:
	Simple bas64 decode unit test.
	[344b0df0fe50]

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/base64.c,
	plugins/sudoers/match.c, plugins/sudoers/parse.h:
	Move base64_decode into its own source file.
	[30497e7f88bc]

	* plugins/sudoers/getdate.c, plugins/sudoers/getdate.y:
	Only check year against 2038 if time_t is 32-bit.
	[9c1f2e3fc3ba]

2013-04-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c, plugins/sudoers/parse.h,
	plugins/sudoers/sssd.c:
	Add digest support for sudoers in ldap and sss.
	[314937b5e59e]

	* INSTALL, configure, configure.in:
	Error out in configure if the compiler doesn't support "long long".
	[d3645c1d50d1]

	* plugins/sudoers/match.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l:
	Include stdint.h or inttypes.h before sha2.h
	[20ad1c20313d]

	* common/lbuf.c:
	Simplify lbuf append functions by moving the realloc code into
	lbuf_expand(). We now expand as needed each time bytes need to be
	written to the lbuf. Also handle a NULL pointer being passed in for
	paranoia's sake.
	[6283ee562ef4]

	* plugins/sudoers/iolog.c:
	Zero out struct iolog_details early to avoid a potential (though
	unlikely) dereference of stack garbage if we hit a fatal error
	before iolog_deserialize_info() is called.
	[2eeca8be05fb]

2013-04-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Update copyright year.
	[b843c6a43238]

	* plugins/sudoers/sudoers_version.h:
	Bump SUDOERS_GRAMMAR_VERSION for new digest support.
	[188556fb8156]

	* plugins/sudoers/gram.c, plugins/sudoers/gram.h,
	plugins/sudoers/gram.y, plugins/sudoers/match.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Sanity check digest in parser so visudo can catch errors. Add base64
	support
	[b8586d5cc7ed]

	* MANIFEST, compat/endian.h, config.h.in, configure, configure.in,
	plugins/sudoers/Makefile.in, plugins/sudoers/sha2.c:
	For big endian architectures just use memcpy() instead of BE macros
	in a loop.
	[c71a0f4a8a8e]

2013-04-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, config.h.in, configure, configure.in,
	plugins/sudoers/Makefile.in, plugins/sudoers/gram.c,
	plugins/sudoers/gram.h, plugins/sudoers/gram.y,
	plugins/sudoers/hexchar.c, plugins/sudoers/ldap.c,
	plugins/sudoers/match.c, plugins/sudoers/parse.h,
	plugins/sudoers/regress/parser/check_digest.c,
	plugins/sudoers/regress/parser/check_digest.out.ok,
	plugins/sudoers/sha2.h, plugins/sudoers/sssd.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l,
	plugins/sudoers/toke_util.c:
	Initial implementation of checksum support in sudoers. Currently
	supports SHA-224, SHA-256, SHA-384, SHA-512. TODO: checksum format
	validation in parser and base64 support. checksum support for ldap
	sudoers
	[b8f196346eca]

2013-04-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/CONTRIBUTORS, plugins/sudoers/sha2.c, plugins/sudoers/sha2.h:
	SHA-224, SHA-256, SHA-384 and SHA-512. Derived from the public
	domain SHA-1 and SHA-2 implementations by Steve Reid and Wei Dai
	respectively.
	[7511d07c0a83]

2013-04-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Add sudo 1.8.6p8
	[0666fd0321ae]

	* plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/po/sudoers.pot:
	Add missing "not" in error message when mixing standalone and non-
	standalone authentication methods.
	[7eba4439db73]

	* plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/secureware.c:
	Check for crypt() returning NULL. Traditionally, crypt() never
	returned NULL but newer versions of eglibc have a crypt() that does.
	Bug #598
	[887b9df243df]

	* plugins/sudoers/auth/pam.c:
	Better PAM error messages
	[fd7eda53cdd7]

	* plugins/sudoers/auth/kerb5.c:
	Better error messages
	[98142874a2f4]

	* plugins/sudoers/bsm_audit.c:
	Use same error message for getauid() failure.
	[07f0d88cb1df]

	* plugins/sudoers/sssd.c:
	Start warning with a lower case letter for consistency and to match
	existing translated strings.
	[b719ac52c9e3]

2013-04-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkpkg:
	Disable PIE on Solaris where it is not really supported.
	[c36c84cdcc7a]

	* src/ttyname.c:
	AIX may have a 64-bit pr_ttydev that we need to convert to 32-bit
	before we try to match it against st_rdev.
	[5dab449fb962]

	* src/ttyname.c:
	Break out of the loop if sudo_ttyname_scan() returns non-NULL. Fixes
	a problem finding the tty name when it is not in /dev/pts.
	[6c205d087fa0]

	* compat/snprintf.c:
	Support %lld and %llu
	[feabfa06c954]

	* .hgignore, MANIFEST, src/Makefile.in,
	src/regress/ttyname/check_ttyname.c:
	Add ttyname test.
	[e987038f8c07]

2013-04-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/sl.mo, plugins/sudoers/po/sl.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po,
	src/po/de.mo, src/po/de.po, src/po/fi.mo, src/po/fi.po,
	src/po/pl.mo, src/po/pl.po, src/po/ru.mo, src/po/ru.po,
	src/po/sl.mo, src/po/sl.po, src/po/uk.mo, src/po/uk.po,
	src/po/vi.mo, src/po/vi.po, src/po/zh_CN.mo, src/po/zh_CN.po:
	Sync with translationproject.org
	[4d7b73b22079]

	* plugins/sudoers/timestamp.c:
	Log timestampfile to debug file.
	[e997281146c0]

	* plugins/sudoers/auth/pam.c, plugins/sudoers/po/sudoers.pot:
	Don't add the "Password: " string we look up in the PAM text domain
	to the sudoers.pot file.
	[771b52244abf]

2013-04-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot:
	Synce with regcomp() error message change.
	[fc6d3dfb8eb8]

	* plugins/sudoers/sudoreplay.c:
	Be consistent with error message when regcomp() fails.
	[de6c69ba04e4]

2013-04-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/regress/testsudoers/test5.out.ok,
	plugins/sudoers/regress/testsudoers/test5.sh:
	Use group -1 instead of 1 as the invalid group since the running
	user might have group 1 as their default group.
	[71404a9fa75d]

	* plugins/sudoers/Makefile.in:
	PWD may be a shell builtin, use CWD instead.
	[c443105c5091]

2013-04-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/check.c:
	Split up check_user().
	[ce7cc0767589]

2013-04-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure.in:
	Cosmetic fixes in the comments.
	[640abee43c14]

2013-04-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Use AC_LINK_IFELSE instead of AC_TRY_LINK Fix printing of status
	message for visibility checks when the test fails.
	[99665477ee55]

	* config.h.in:
	regen
	[00c22606719a]

	* configure, configure.in:
	We no longer use mbr_check_membership() and setrlimit64() is AIX-
	specific.
	[43caf685a1f1]

	* Makefile.in:
	The first (all) target must be by itself or some makes will choose
	the run the entire target list.
	[16cf3def49f5]

	* configure, configure.in:
	Do exec_prefix expansion when enable_shared even if noexec is not
	enabled.
	[7ed28cb32d8d]

	* compat/getgrouplist.c:
	Use free() not efree() since we don't include alloc.h here
	[1a008737be24]

	* plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
	regen
	[b939f941346f]

	* plugins/sudoers/regress/testsudoers/test2.sh,
	plugins/sudoers/regress/testsudoers/test3.sh,
	plugins/sudoers/regress/testsudoers/test5.sh:
	Pass in expected gid to testsudoers in addition to the uid that
	matches the test sudoers files.
	[6a1710e8cac1]

2013-04-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/missing.h:
	Tru64 5.x does declare innetgr() and getdomainname().
	[c75598e69c7e]

	* plugins/sudoers/match.c:
	Fix compilation when getdomainame() is not present.
	[e831b017a962]

	* config.h.in, configure.in, include/missing.h:
	Move SET/CLR/ISSET from config.h.in to missing.h
	[3a3dd29fd7f0]

	* configure, configure.in:
	Fix getgrouplist() check.
	[12a2adf60e98]

	* MANIFEST:
	No more timestamp.h
	[5677e26afc0f]

	* plugins/sudoers/check.c:
	Neded sys/time.h for struct timeval in struct sudo_tty_info.
	[aceaadd8c400]

	* plugins/sudoers/Makefile.in:
	regen depends
	[21675a8b67e5]

	* NEWS:
	Mention libibmldap on HP-UX
	[75b4e4b22950]

	* NEWS, plugins/sudoers/match.c:
	Instead of checking the domain name explicitly for "(none)", just
	check for illegal characters.
	[ce35dda811db]

	* plugins/sudoers/visudo.c:
	Only warn once when we are unable to open the sudoers file.
	[9e27e3aa5b10]

	* plugins/sudoers/sudoers.c:
	Fall back to opening /dev/tty to determine whether there is a tty if
	the system doesn't have kernel support for determing the tty.
	[2775bcf9a9b5]

	* compat/getprogname.c:
	Update guard to take __progname into account
	[60eae3f20232]

	* compat/snprintf.c:
	Some older systems have inttypes.h but not stdint.h
	[ed1ef160015f]

	* compat/closefrom.c, compat/dlopen.c, compat/fnmatch.c,
	compat/getaddrinfo.c, compat/getcwd.c, compat/getgrouplist.c,
	compat/getline.c, compat/getprogname.c, compat/glob.c,
	compat/isblank.c, compat/memrchr.c, compat/mktemp.c,
	compat/nanosleep.c, compat/pw_dup.c, compat/sig2str.c,
	compat/snprintf.c, compat/strlcat.c, compat/strlcpy.c,
	compat/strsignal.c, compat/utimes.c:
	Add guards in compat source files. Not really needed since we only
	include them in the Makefile if they are needed but should not hurt
	either.
	[8cbd3b4595b9]

2013-03-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y:
	Don't include gram.h in gram.y, its contents are already included.
	Move sudoerserror to the end of gram.y so COMMENT is declared when
	we need to use it.
	[7d72ebdd7222]

2013-03-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure.in:
	Remove some pre-ANSI cruft.
	[6a95704b2116]

	* plugins/sudoers/match.c:
	Rename NAME_MATCH -> SUDOERS_NAME_MATCH and avoid pulling in glob.h
	when it is set.
	[da40c550ffed]

	* NEWS, plugins/sudoers/iolog_path.c:
	We still want to recognize %{seq} for the SUDOERS_NO_SEQ case but
	just leave it as-is.
	[9a22de140d28]

2013-03-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y:
	Add missing semicolon in rule.
	[817d3f1b2a21]

	* plugins/sudoers/sudoers.c:
	Now that we can determine the terminal even when file descriptors
	are redirected we can check user_ttypath rather than opening
	/dev/tty when enforcing requiretty.
	[56a28bc09041]

	* plugins/sudoers/policy.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	Stash umask in struct sudo_user so we don't need to look it up
	later.
	[9f85749199dc]

	* plugins/sudoers/sudoers.c:
	Minor cosmetic change
	[c373e106ed49]

	* plugins/sudoers/regress/parser/check_addr.c:
	No longer need to declare interfaces
	[d7ff7e579557]

	* plugins/sudoers/logging.c:
	Fix compilation in SUDOERS_NO_SEQ case
	[9a6db9247534]

	* plugins/sudoers/regress/parser/check_addr.c:
	No longer need to define sudo_printf
	[578ad13c3546]

	* plugins/sudoers/check.c, plugins/sudoers/check.h,
	plugins/sudoers/timestamp.c:
	Pass auth_pw to the timestamp functions.
	[f603649177d6]

	* plugins/sudoers/iolog_path.c:
	Fix SUDOERS_NO_SEQ
	[17881f9bcd68]

	* plugins/sudoers/locale.c:
	Don't need all of sudoers.h in here
	[c518150c6483]

	* plugins/sudoers/sudoers.c:
	Don't need to include sudoers_version.h here.
	[8abb31102119]

2013-03-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/check.c:
	DEFAULT_LECTURE is no longer used.
	[f565c00a68c1]

	* plugins/sudoers/policy.c, plugins/sudoers/sudoers.c:
	Move sudo_conv into policy.c
	[f699aee7136b]

	* plugins/sudoers/pwutil.c:
	cosmetic fixes
	[930e60389ca8]

	* plugins/sudoers/match.c:
	RHEL (and perhaps other Linux distros) use the string "(none)"
	instead of an empty string when there is no actual NIS-style domain
	name. Bug #596
	[11aec11489ac]

	* plugins/sudoers/match.c:
	Fix return values when NAME_MATCH is defined.
	[ce030be9ccef]

2013-03-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/pwutil.c, plugins/sudoers/pwutil.h:
	Update copyright year.
	[7e4b8d49addd]

	* plugins/sudoers/pwutil.c, plugins/sudoers/pwutil.h,
	plugins/sudoers/pwutil_impl.c, plugins/sudoers/sudoers.h:
	Add sudo_set_grlist(), currently unused by the back end.
	[b37ac1d0e8fc]

	* plugins/sudoers/pwutil.c:
	Remove unused macros, fix a debug_decl
	[6136fb4a0d3b]

	* include/missing.h:
	Tru64 Unix doesn't prototype innetgr() or getdomainname().
	[585ac1874dfe]

	* include/missing.h:
	Whitespace fixes
	[0bb28cd91d97]

	* common/error.c:
	Don't need to include setjmp.h here, error.h already includes it.
	[fd05ab00e186]

2013-03-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/Makefile.in, plugins/sudoers/Makefile.in:
	regen depends
	[57991f5e16b4]

	* plugins/sudoers/check.h:
	Rename guard define.
	[ccf4dba241d6]

	* plugins/sudoers/check.c, plugins/sudoers/check.h,
	plugins/sudoers/timestamp.c, plugins/sudoers/timestamp.h:
	Move contents of timestamp.h into check.h.
	[c139757a9283]

	* plugins/sudoers/sudoers.h:
	expand_prompt() is now in prompt.c sudo_printf extern is now in
	error.h
	[219bd74ca62b]

	* plugins/sudoers/bsm_audit.h, plugins/sudoers/defaults.h,
	plugins/sudoers/ins_2001.h, plugins/sudoers/ins_classic.h,
	plugins/sudoers/ins_csops.h, plugins/sudoers/ins_goons.h,
	plugins/sudoers/insults.h, plugins/sudoers/interfaces.h,
	plugins/sudoers/linux_audit.h, plugins/sudoers/logging.h,
	plugins/sudoers/parse.h, plugins/sudoers/pwutil.h,
	plugins/sudoers/redblack.h, plugins/sudoers/sudo_nss.h,
	plugins/sudoers/sudoers.h, plugins/sudoers/timestamp.h,
	plugins/sudoers/toke.h:
	Change multiple inclusion guards to be _SUDOERS_FOO_H
	[faace6d55e78]

2013-03-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/po/nl.mo, plugins/sudoers/po/nl.po,
	src/po/nl.mo, src/po/nl.po, src/po/tr.mo, src/po/tr.po:
	New Dutch translation for sudo and sudoers New Turkish translation
	for sudo From translationproject.org
	[bc918b7b23a4]

2013-03-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.in:
	Fix a typo in a comment and make sure we don't mistakenly include
	_PATH_SUDO_ASKPASS and _PATH_SUDO_SESH in config.h.in
	[694d12ac70ec]

2013-03-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in:
	Don't build check_symbols if we are linking sudoers in statically.
	[f6602723bab7]

	* configure, configure.in:
	Use $host_os not $host when we only care about the os name and
	version.
	[05e4f4fcba06]

	* aclocal.m4, configure, configure.in:
	Suppress duplicate -L and -I flags.
	[228f2f581aed]

	* common/Makefile.in, compat/regress/fnmatch/fnm_test.c:
	Fix regress tests on non-OpenBSD platforms.
	[9d91bc859c50]

	* configure, configure.in:
	If we find sasl/sasl.h there's no need to check for sasl.h too
	[889efaa86012]

	* aclocal.m4, configure, configure.in:
	Add -R flags at the very end after configure link tests are done
	since we can only count on libtool to accept -R, the compiler front
	end may not. Also unify the libldap and libibmldap tests using
	AC_SEARCH_LIBS and check for -lCsup on HP-UX which is needed by
	libibmldap (but is not an explicit dependency).
	[ab1451894351]

2013-03-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Back out changes that broke detection of skey, opie and ldap
	libraries.
	[ffa82b8f8641]

	* plugins/sudoers/regress/testsudoers/test1.sh,
	plugins/sudoers/regress/testsudoers/test2.sh,
	plugins/sudoers/regress/testsudoers/test3.sh,
	plugins/sudoers/regress/testsudoers/test4.sh,
	plugins/sudoers/regress/testsudoers/test5.sh,
	plugins/sudoers/regress/visudo/test1.sh,
	plugins/sudoers/regress/visudo/test2.sh,
	plugins/sudoers/regress/visudo/test3.sh:
	Add explicit "exit 0" to prevent the check target from ending
	prematurely.
	[cca411b492bd]

	* plugins/sudoers/Makefile.in:
	Fix exit values in check target so we don't have to ignore errors.
	[cbc429c409e9]

	* plugins/sudoers/Makefile.in:
	Fail a test if there is unexpected stderr output.
	[4fc24d536bec]

	* MANIFEST:
	Fix path to sudo.conf manuals; remove non-existant test2.err.ok
	[6b8bcd60dd85]

	* src/load_plugins.c:
	Fix compilation in dynamic mode.
	[679856fa0774]

	* configure, configure.in:
	On HP-UX, libibmldap has a hidden dependency on libCsup
	[22994709d77c]

	* compat/dlopen.c:
	Pass BIND_VERBOSE to shl_load()
	[0060b9cfa9ab]

	* configure, configure.in:
	Only create static helper libs when --disable-shared is specified.
	[1fcdb1a437e0]

	* src/load_plugins.c:
	Ubreak static build.
	[4ac9f96be285]

	* INSTALL, aclocal.m4, configure, configure.in:
	Replace --with-rpath and --with-blibpath with --disable-rpath. Now
	that we use libtool for linking we can just use the -R flag and have
	libtool translate it to the proper linker flag.
	[09798fad6888]

2013-03-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_pty.c:
	Bump I/O buffer size 32K
	[4ef793225309]

2013-03-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in, doc/sudo.conf.cat, doc/sudo.conf.man.in,
	doc/sudo.conf.mdoc.in:
	Document sesh Path setting.
	[34b0b903b4f8]

	* src/exec.c, src/exec_common.c:
	Move exec_cmnd to exec.c to fix a compilation issue with sesh.c
	[06aa1956f38d]

	* common/sudo_conf.c, configure, configure.in, include/sudo_conf.h,
	src/selinux.c:
	Make sesh path configurable in sudo.conf
	[91d331f273b7]

	* configure, configure.in:
	Use -fno-pie and -nopie if supported when --disable-pie is
	specified.
	[777138c04dcc]

2013-03-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	Document direct execution of the command if the policy plugin has no
	close function.
	[6a14145c6e80]

2013-03-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/auth/pam.c:
	Only delete creds if we actually established them. Print an error if
	pam_setcred() fails and we actually authenticated.
	[1e015314903b]

	* common/Makefile.in, plugins/group_file/Makefile.in:
	regen
	[dd8cee2a5e1b]

	* common/alloc.c, include/alloc.h:
	Convert efree() to a macro that just casts to void * and does
	free(). If the system free() can't handle free(NULL) this may crash
	but C89 was a long time ago.
	[efd0ff9270fb]

	* configure, configure.in:
	Define _REENTRANT for HP-UX when we add -lpthread to SUDO_LIBS.
	Fixes a problem with errno sometimes not being set on error on HP-
	UX.
	[54b419d58320]

	* common/sudo_debug.c:
	Fix debug logging from the plugin when there is no error number.
	This was broken in the big debugging reorg for 1.8.7.
	[2ea7e145e928]

2013-03-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in, plugins/group_file/Makefile.in,
	plugins/sample/Makefile.in, plugins/sudoers/Makefile.in,
	plugins/system_group/Makefile.in, src/load_plugins.c:
	Always install plugins with a .so extension regardless of what
	extension the system uses for shared libraries. That way the
	group_plugin sudoers setting can be shared between heterogenous
	systems.
	[a7e6ecff6fdf]

	* plugins/sudoers/match.c:
	Mac OS X has netgroup functions in netdb.h.
	[243881a974aa]

	* plugins/sudoers/parse.h:
	Tags in struct cmndtag can be set to IMPLIED as well.
	[cb6926988cc8]

	* plugins/sudoers/parse.c:
	Quiet a compiler warning.
	[14e608c2001d]

	* plugins/sudoers/testsudoers.c:
	Quiet an llvm checker warning.
	[2eeb9f3d08f3]

	* plugins/sudoers/parse.c:
	Quiet gcc -Wuninitialized false positive
	[643ad987503d]

2013-03-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, doc/sudoers.cat, doc/sudoers.man.in,
	doc/sudoers.mdoc.in:
	Document group_file and system_group plugins.
	[b56511e79230]

	* NEWS:
	Sudo 1.8.7
	[e95183b8fa27]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Try to clarify that sudoedit in sudoers should not include a leading
	pathname.
	[7b2beac92a9c]

	* plugins/sudoers/pwutil_impl.c:
	Make sure groupname_len is at least 32 just to be on the safe side.
	It is better to allocate a little extra and not need it than to have
	to reallocate and start over.
	[6d3e1ba47de9]

	* include/alloc.h, include/missing.h:
	Add __malloc_like macro to apply __malloc__ attribute to emalloc,
	ecalloc and estrdup. It cannot be applied to realloc since that may
	return the same pointer.
	[8d70cb81d1f1]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Fix potential double free in an error path.
	[657573feb6a4]

	* src/exec_pty.c:
	When running the command in a pty, defer the call to exec_setup()
	until just before we exec the command. This is consistent with the
	non-pty path. As a side effect, the monitor process runs as root and
	not the runas user.
	[e2a7f8c7ee4c]

2013-03-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/closefrom.c:
	Update copyright year.
	[9b652af4dfc0]

2013-03-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/closefrom.c:
	Use pst_highestfd from pstat_getproc() on HP-UX.
	[09f3fea46a3d]

2013-02-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in, common/Makefile.in, doc/Makefile.in,
	plugins/sudoers/Makefile.in:
	Clean up generated test files and other minor housekeeping.
	[f5f4fdd908e1]

	* plugins/sudoers/iolog.c:
	Add back gettimeofday() call inadvertantly removed in e1abb9810a83
	[675cce8401ae]

	* config.h.in, configure, configure.in, src/ttyname.c:
	Use pstat() on HP-UX to determine the tty device.
	[2884af22a9df]

	* plugins/sudoers/auth/pam.c:
	Fix PAM compilation: def_pam_session, not just pam_session.
	[5417d7acc6ea]

	* doc/fixmdoc.sh:
	Don't remove the -S option description when trimming out selinux.
	Bug #592
	[8a94f2cfa0a0]

2013-02-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Update for Sudo 1.8.6p7
	[0858a73e9c40]

2013-02-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	Document when sudo may exec the command directly instead of forking.
	[da41951edc28]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in:
	Document that close and version be NULL for plugin API >= 1.3 and
	that sudo may execute the command directly if there is no close, or
	pty or timeout needed.
	[e5f929ddeaf8]

	* plugins/sudoers/auth/sudo_auth.c:
	Fix debug_decl for sudo_auth_begin_session and
	sudo_auth_end_session.
	[58243392c0df]

	* configure, configure.in, doc/sudoers.cat, doc/sudoers.man.in,
	doc/sudoers.mdoc.in, plugins/sudoers/auth/pam.c,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/defaults.c:
	Add pam_session sudoers option.
	[d994465db9f1]

	* plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/policy.c,
	plugins/sudoers/sudoers.h:
	Dummy out close function if there is no end_session for the auth
	method and the front-end can handle a NULL close function. Avoids
	the extra sudo process when we don't actually need it.
	[74886d5b0fb6]

2013-02-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in, aclocal.m4:
	Add m4/ to paths m4_include parameters so we don't need to use
	autoconf's -I flag.
	[4fd86e7a84f3]

	* src/exec.c, src/exec_common.c, src/exec_pty.c, src/sudo_exec.h,
	src/sudo_plugin_int.h:
	If the policy plugin does not provide a close function, there is no
	command timeout and no pty is required, skip the event loop and just
	exec the command directly.
	[ad532f107170]

	* src/sudo.c:
	Do not crash if the plugin close and version functions are not
	defined. If there is no policy close function, simply print a
	warning that the command was not found.
	[c789a9dd54e8]

2013-02-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/parse.c:
	Fix typos in selinux/solaris privs specific code.
	[9af3999361b4]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, src/parse_args.c:
	Pass the default plugin directory to the plugin via the settings
	list. Could be used by a stacking plugin.
	[688e771fc145]

	* plugins/sudoers/timestamp.c:
	Completely ignore time stamp file if it is set to the epoch,
	regardless of what gettimeofday() returns.
	[df58842af660]

	* doc/CONTRIBUTORS:
	Add Nikolai Kondrashov
	[df59791438f9]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	Use userpw_matches() for username matching so #uid works for
	sudoRunAsUser.
	[a124062334df]

	* plugins/sudoers/sssd.c:
	Avoid calling realloc3() with a zero size parameter when all
	retrieved sssd rules fail. Otherwise we'll get a run-time error due
	to malloc(0) checking.
	[84dfcb73ebd7]

	* plugins/sudoers/sssd.c:
	Do not send error mail if a user is not found in SSSD. Local users
	can run sudo too. From Nikolai Kondrashov
	[3d2ae99ee468]

2013-02-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, common/regress/sudo_conf/test4.in,
	common/regress/sudo_conf/test4.out.ok:
	Test setting disable_coredump to illegal value.
	[3c71c6c49027]

	* common/sudo_conf.c:
	Fix atobool() usage.
	[d40c9f4d06b0]

	* common/regress/sudo_conf/conf_test.c:
	Remove unused variable.
	[328b524b365b]

	* plugins/sudoers/sudoers.c:
	Make "sudo -l non_existent_command" warn that non_existent_command
	doesn't exist, not the "list" pseudo-command.
	[9dc0388fc4f3]

	* plugins/sudoers/parse.c:
	Make sudoers file long list output better match the format used by
	ldap sudoers. Tags are now converted to options and there is a
	single command per line.
	[6e6dc3f20d84]

	* doc/sudo.conf.cat, doc/sudo.conf.man.in, doc/sudo.conf.mdoc.in,
	doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Use the correct the sudoers policy symbol names and undo an editor
	goof committed when adding max_groups to sudo.conf.
	[2a6f7ddf5cc3]

	* plugins/sudoers/parse.c, plugins/sudoers/sudo_nss.c:
	For "sudo -l" start a new line if the runas list changes to make the
	output easier to read.
	[7dc3d724c924]

2013-02-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/parse.c, plugins/sudoers/sudo_nss.c:
	For "sudo -l" and "sudo -ll" only print the runas info for
	subsequent commands in a list if the runas info has changed. If we
	have new runas info, print out the tags again so as to be less
	confusing to the user. For "sudo -ll" set the line continuation
	indent to 8.
	[b5ec02fe7fc1]

2013-02-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, Makefile.in, configure, configure.in, doc/sudoers.cat,
	doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/group_file/Makefile.in, plugins/group_file/getgrent.c,
	plugins/group_file/group_file.c, plugins/group_file/group_file.exp,
	plugins/group_file/plugin_test.c, plugins/sample_group/Makefile.in,
	plugins/sample_group/getgrent.c, plugins/sample_group/plugin_test.c,
	plugins/sample_group/sample_group.c,
	plugins/sample_group/sample_group.exp:
	Rename sample_group plugin to group_file. Install group_file and
	system_group plugins by default.
	[951b3e446fae]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/iolog.c,
	plugins/sudoers/policy.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	Add maxseq sudoers option to limit the max number of I/O log files.
	[e1abb9810a83]

2013-02-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog.c:
	Log lines and columns in the iolog file.
	[03adb6230e05]

2013-02-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, common/Makefile.in, common/regress/sudo_conf/conf_test.c,
	common/regress/sudo_conf/test1.in,
	common/regress/sudo_conf/test1.out.ok,
	common/regress/sudo_conf/test2.in,
	common/regress/sudo_conf/test2.out.ok,
	common/regress/sudo_conf/test3.in,
	common/regress/sudo_conf/test3.out.ok, common/sudo_conf.c,
	include/sudo_conf.h, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c, src/sesh.c,
	src/sudo.c:
	Add simple regress tests for sudo.conf parsing.
	[3c36b61bf61c]

	* src/sudo.c:
	Always display the I/O plugin version as long as its open functions
	doesn't return an error. Previously it was only displayed if the
	plugin open returned 1.
	[4b0277db3f8c]

	* plugins/sudoers/pwutil_impl.c:
	Use sysconf(_SC_LOGIN_NAME_MAX) to find max username length instead
	of poking around in struct utmpx.
	[2c0cc5c42958]

	* plugins/sudoers/pwutil_impl.c, src/parse_args.c, src/sudo.c:
	#include "sudo_usage.h" not <sudo_usage.h> so we get the one in the
	build directory and not the src dir when using a separate build
	directory.
	[1fcb7ba13018]

2013-02-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/fileops.c:
	If a line was longer that 0x80000000 the bit hack to round to the
	next power of two would roll over to zero.
	[f4f729cf6f0f]

	* plugins/sudoers/policy.c, plugins/sudoers/pwutil_impl.c,
	plugins/sudoers/sudoers.h, src/sudo.c:
	Use max_groups in front-end and plugin.
	[bf1e74166831]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, src/parse_args.c:
	Pass max_groups to plugin in settings list.
	[d7d76e8651f4]

	* common/sudo_conf.c, doc/sudo.conf.cat, doc/sudo.conf.man.in,
	doc/sudo.conf.mdoc.in, include/sudo_conf.h:
	Add max_groups setting to sudo.conf (currently unused) and remove
	unused return value from setters.
	[f6494f71e1f0]

2013-02-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL:
	Reorganize configure options
	[23475de8039f]

2013-02-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Add Sudo 1.8.6p7
	[5192fc511cbe]

2013-02-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL.configure:
	Sync with autoconf 2.68
	[985e5c8efa4e]

	* INSTALL, README:
	Remove obsolete OS notes and move build requirements to INSTALL.
	[bf0dd53ca164]

2013-02-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in:
	Sort elements of the settings, user_info and command_info lists.
	[663062ada5b7]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	Remove trailing white space
	[027916a6c8e7]

	* plugins/sudoers/policy.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/timestamp.c, plugins/sudoers/timestamp.h:
	Store the session ID in the tty ticket file too. A tty may only be
	in one session at a time so if the session ID doesn't match we
	ignore the ticket.
	[4eb2cb8df48b]

2013-02-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c, src/sudo.c:
	Move tzset() call from sudoers plugin to sudo front end.
	[3c058dad8772]

	* doc/sudo.conf.cat, doc/sudo.conf.man.in, doc/sudo.conf.mdoc.in,
	doc/sudoers.cat, doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in:
	Mention line continuation
	[399873f8c805]

	* MANIFEST, common/Makefile.in, common/fileops.c,
	common/regress/sudo_parseln/parseln_test.c,
	common/regress/sudo_parseln/test1.in,
	common/regress/sudo_parseln/test1.out.ok,
	common/regress/sudo_parseln/test2.in,
	common/regress/sudo_parseln/test2.out.ok,
	common/regress/sudo_parseln/test3.in,
	common/regress/sudo_parseln/test3.out.ok,
	common/regress/sudo_parseln/test4.in,
	common/regress/sudo_parseln/test4.out.ok,
	common/regress/sudo_parseln/test5.in,
	common/regress/sudo_parseln/test5.out.ok,
	common/regress/sudo_parseln/test6.in,
	common/regress/sudo_parseln/test6.out.ok, common/sudo_conf.c,
	include/fileops.h, plugins/sudoers/env.c, plugins/sudoers/ldap.c,
	plugins/sudoers/sudo_nss.c:
	Add line continuation support to sudo_parseln() and make it use
	getline() instead of fgets() internally.
	[d02bf3973fc5]

2013-02-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sample/sample_plugin.c:
	Fix memory leak in error path; found by llvm checker
	[d090c26a5b00]

	* plugins/sudoers/sudoreplay.c:
	Remove useless store detected by llvm checker.
	[12a4db91651a]

	* configure, configure.in, doc/UPGRADE, mkpkg, src/Makefile.in,
	src/load_plugins.c, sudo.pp:
	Sudo now stores its libexec files in a "sudo" subdirectory instead
	of in libexec itself. For backwards compatibility, if the plugin is
	not found in the default plugin directory, sudo will check the
	parent directory default directory ends in "/sudo".
	[5de67de76489]

	* plugins/sample/sample_plugin.c, plugins/sample_group/sample_group.c,
	plugins/system_group/system_group.c:
	Add missing __dso_public to plugin structs so they are exported.
	[dde703577621]

	* doc/sudo.conf.cat, doc/sudo.conf.man.in, doc/sudo.conf.mdoc.in:
	Mention that sudoers has its own plugins too.
	[0a6c6203b512]

2013-02-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/visudo.cat, doc/visudo.man.in, doc/visudo.mdoc.in:
	Correct last change date.
	[45894291d792]

	* doc/sudo.cat, doc/sudo.conf.cat, doc/sudo.conf.man.in,
	doc/sudo.conf.mdoc.in, doc/sudo.man.in, doc/sudo.mdoc.in,
	doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, doc/sudoers.cat, doc/sudoers.man.in,
	doc/sudoers.mdoc.in:
	Remove duplicated sudo.conf info in the sudo, sudoers and
	sudo_plugin manuals and cross-reference the new sudo.conf manual.
	[b808ba29cf3a]

	* doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in:
	Fix typos
	[0e70964150c6]

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in:
	Fix some typos.
	[94ae045cfbc6]

	* MANIFEST, doc/Makefile.in, doc/sudo.conf.cat, doc/sudo.conf.man.in,
	doc/sudo.conf.mdoc.in:
	Add standalone sudo.conf manual page.
	[d64d949b700c]

	* doc/sample.sudo.conf:
	add group_source example
	[118c1ba1c014]

	* configure, configure.in, doc/sample.sudo.conf, doc/sudo.man.in,
	doc/sudo.mdoc.in, doc/sudo_plugin.man.in, doc/sudo_plugin.mdoc.in,
	doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Use PLUGINDIR in the manuals and fix a typo in the sample sudo.conf.
	[f5bd6006dc1c]

	* plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po, src/po/it.mo,
	src/po/it.po:
	Sync with translationproject.org
	[a6f2b9aac371]

2013-02-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po, src/po/fi.mo,
	src/po/fi.po, src/po/gl.mo, src/po/gl.po, src/po/vi.mo,
	src/po/vi.po:
	Sync with translationproject.org
	[ba546666969d]

2013-02-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/da.po, plugins/sudoers/po/eo.mo,
	plugins/sudoers/po/eo.po, src/po/da.po, src/po/eo.mo, src/po/eo.po,
	src/po/es.po, src/po/gl.po:
	Sync with translationproject.org
	[cdc454e34c03]

2013-01-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Clarify ttyname changes.
	[cbf2f80fe582]

	* NEWS:
	Add 1.8.6p6
	[3aa591e98b3b]

	* src/ttyname.c:
	Remove ttyname() fall back code on systems where we can query the
	kernel for the tty device via /proc or sysctl(). If there is no
	controlling tty, it is better to just treat the tty as unknown
	rather than to blindly use what is hooked up to std{in,out,err}.
	[b2bd3005d2e4]

2013-01-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/sudo_conf.c, include/sudo_conf.h, src/sudo.c:
	Add group_source setting in sudo.conf to allow the admin to specify
	how a user's groups are looked up. Legal values are static (just the
	kernel list from getgroups), dynamic (whatever the group database
	includes) and adaptive (only use group db if kernel group list is
	full).
	[87a5b02e22ad]

	* plugins/sudoers/policy.c:
	Pass back exec_background to front end if it is enabled in sudoers.
	[8230e1cd0bbd]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Mention that exec_background is for 1.8.7 and higher only.
	[fdf0d5a3e182]

2013-01-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST:
	Add missing test files.
	[1165389aa5e6]

	* plugins/sudoers/regress/visudo/test3.err.ok,
	plugins/sudoers/regress/visudo/test3.out.ok,
	plugins/sudoers/regress/visudo/test3.sh:
	Add regress test for bug 361
	[54c7fb61b82d]

	* plugins/sudoers/iolog.c:
	Add __dso_public to extern declaration of declaration to match
	actual definition.
	[4695ded501e6]

	* NEWS:
	Add 1.8.6p5
	[b07b28c5c4d7]

2013-01-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/regress/visudo/test2.err.ok,
	plugins/sudoers/regress/visudo/test2.out.ok,
	plugins/sudoers/regress/visudo/test2.sh:
	Add test for visudo cycle check core dump; test case from Daniel
	Kopecek
	[41074541147a]

	* plugins/sudoers/visudo.c:
	Fix potential stack overflow due to infinite recursion in alias
	cycle detection. From Daniel Kopecek.
	[d7e018a87434]

	* common/sudo_conf.c, include/sudo_conf.h, src/load_plugins.c:
	Ignore duplicate entries in sudo.conf and report the line number
	when there is an error. Warn, don't abort if there is more than one
	policy plugin.
	[dfcb5a698f0a]

	* plugins/sudoers/tsgetgrpw.c:
	Use strtoul() not atoi().
	[58a52cf9b6b8]

2013-01-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/Makefile.in:
	regen depends for to add compat/nss_dbdefs.h for getgrouplist.lo
	[9b44e9d26d16]

	* compat/nss_dbdefs.h:
	Fix typo that breaks the build on HP-UX.
	[b9ab6ba23485]

	* MANIFEST, compat/getgrouplist.c, compat/nss_dbdefs.h, config.h.in,
	configure, configure.in:
	Use nss_search() to implement getgrouplist() where available. Tested
	on Solaris and HP-UX. We need to include a compatibility header for
	HP-UX which uses the Solaris nsswitch implementation but doesn't
	ship nss_dbdefs.h.
	[d29dbc4dc06d]

2013-01-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c, src/exec_pty.c, src/signal.c, src/sudo.h:
	Remove extra flag to sudo_sigaction(). We want to trap the signal
	regardless of whether or not it is ignored by the underlying command
	since there's no way to know what signal handlers the command will
	install. Now we just use sudo_sigaction() to set a flag in
	saved_signals[] to indicate whether a signal needs to be restored
	before exec.
	[c042d52c7192]

2013-01-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/getgrouplist.c, config.h.in, configure, configure.in:
	Use _getgroupsbymember() on Solaris to get the groups list. Fixes
	performance problems with the getgroupslist() compat on Solaris
	systems with network-based group databases.
	[287d3ae2ce8d]

2013-01-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in:
	Document signal handler behavior in plugin API 1.3
	[20dc9d1c105f]

	* MANIFEST, include/sudo_plugin.h, src/Makefile.in, src/exec.c,
	src/exec_pty.c, src/signal.c, src/sudo.c, src/sudo.h:
	Move signal code into its own source file and add sudo_sigaction()
	wrapper that has an extra flag to check the saved_signals list to
	only install the handler if the signal is not already ignored. Bump
	plugin API version for the new front-end signal behavior.
	[5d2f27a1b404]

	* plugins/sudoers/sudoers.c, src/exec.c, src/sudo.c, src/sudo.h,
	src/sudo_exec.h:
	Catch SIGINT, SIGQUIT and SIGTSTP in the front end before we execute
	the command. If we get SIGINT or SIGQUIT, call the plugin close()
	functions as if the command was interrupted. If we get SIGTSTP,
	uninstall the handler and deliver SIGTSTP to ourselves.
	[332baf3a81b7]

	* src/exec.c, src/exec_pty.c:
	Rename handle_signals() to dispatch_signals(). Block other signals
	in handler() so we don't have to worry about the write() being
	interrupted.
	[666e95c9a0f1]

2013-01-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/tgetpass.c:
	Rename signal handler to avoid name clash with one in exec.c
	[8913101a29b6]

2013-01-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo.c:
	Add missing call to save_signals().
	[47d075d7326b]

2013-01-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in, plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
	Fill in the comment block at the top of the .pot files and preserve
	it when regenerating them.
	[6449497b76db]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, doc/sudoers.cat, doc/sudoers.man.in,
	doc/sudoers.mdoc.in, plugins/sudoers/def_data.c,
	plugins/sudoers/def_data.h, plugins/sudoers/def_data.in,
	plugins/sudoers/sudoers.c, src/exec_pty.c, src/sudo.c, src/sudo.h:
	Add exec_background option in plugin command info and a sudoers
	option to match. When set, commands are started in the background
	and automatically foregrounded as needed. There are issues with some
	ill-mannered programs (like Linux su) so this is not the default.
	[c0b32b0938f2]

	* common/Makefile.in:
	regen
	[2b2b220e7aea]

	* src/Makefile.in:
	Add SESH_OBJS variable for sesh object files.
	[d3e04ae8fd1f]

	* configure.in, doc/LICENSE, plugins/sudoers/redblack.c:
	Update copyright year.
	[61a0f0cedb13]

	* src/exec_pty.c:
	Always resume the command in the foreground if sudo itself is the
	foreground process. This helps work around poorly behaved programs
	that catch SIGTTOU/SIGTTIN but suspend themselves with SIGSTOP. At
	worst, sudo will go into the background but upon resume the command
	will be runnable. Otherwise, we can get into a situation where the
	command will immediately suspend itself.
	[c368ac3eb2e4]

	* configure, configure.in:
	Use -fstack-protector-all in preference to -fstack-protector where
	supported.
	[f930c95ceb51]

2013-01-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Only test for -fstack-protector and -fvisibility=hidden on GNU
	compatible compilers.
	[796f4696d863]

2013-01-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Add Sudo 1.8.6p4
	[8a928de8e717]

	* common/Makefile.in, compat/Makefile.in, configure, configure.in,
	plugins/sample/Makefile.in, plugins/sample_group/Makefile.in,
	plugins/sudoers/Makefile.in, plugins/system_group/Makefile.in,
	src/Makefile.in:
	Break out stack smashing protector options into SSP_CFLAGS and
	SSP_LDFLAGS so we can use it everywhere (unlike LT_LDFLAGS).
	[01be114fc9fb]

2013-01-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/CONTRIBUTORS, plugins/sudoers/redblack.c:
	In rbrepair(), make sure we never try to change the color of the
	sentinel node, which is the first entry, not the root. From Michael
	King
	[3fc4dc4004ec]

2012-12-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_pty.c:
	No need to restore default signal handler for SIGSTOP as it is not
	catchable. Attempting to do so is harmless but sigaction() will fail
	and set errno to EINVAL which makes it looks like there is an error.
	[be7c0b759e9a]

	* src/exec.c:
	Print SIGCONT_FG and SIGCONT_BG properly in debug output.
	[93e59e301c8f]

2012-12-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Disable PIE on FreeBSD/ia64, otherwise sudo will segfault.
	[9ed48f696595]

2012-12-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/missing.h:
	Add howmany() macro since some systems have this in sys/param.h
	which we no longer include.
	[2c5efaa16c45]

2012-12-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/regress/sudoers/test11.toke.out.ok:
	Remove errant file.
	[a91699beffc6]

2012-12-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/parser/check_addr.c,
	plugins/sudoers/regress/parser/check_fill.c:
	Remove obsolete sudoers_cleanup() stubs.
	[89153025a2ae]

	* common/alloc.c, common/atobool.c, common/fileops.c,
	common/fmt_string.c, common/lbuf.c, common/secure_path.c,
	common/sudo_conf.c, common/sudo_debug.c, common/term.c,
	compat/closefrom.c, compat/getcwd.c, compat/glob.c,
	compat/snprintf.c, include/missing.h,
	plugins/sample/sample_plugin.c, plugins/sample_group/getgrent.c,
	plugins/sample_group/plugin_test.c,
	plugins/sample_group/sample_group.c, plugins/sudoers/alias.c,
	plugins/sudoers/auth/afs.c, plugins/sudoers/auth/aix_auth.c,
	plugins/sudoers/auth/bsdauth.c, plugins/sudoers/auth/dce.c,
	plugins/sudoers/auth/fwtk.c, plugins/sudoers/auth/kerb5.c,
	plugins/sudoers/auth/pam.c, plugins/sudoers/auth/passwd.c,
	plugins/sudoers/auth/rfc1938.c, plugins/sudoers/auth/secureware.c,
	plugins/sudoers/auth/securid5.c, plugins/sudoers/auth/sia.c,
	plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/boottime.c,
	plugins/sudoers/check.c, plugins/sudoers/defaults.c,
	plugins/sudoers/env.c, plugins/sudoers/find_path.c,
	plugins/sudoers/getspwuid.c, plugins/sudoers/goodpath.c,
	plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/group_plugin.c, plugins/sudoers/interfaces.c,
	plugins/sudoers/iolog.c, plugins/sudoers/ldap.c,
	plugins/sudoers/logging.c, plugins/sudoers/match.c,
	plugins/sudoers/match_addr.c, plugins/sudoers/parse.c,
	plugins/sudoers/policy.c, plugins/sudoers/prompt.c,
	plugins/sudoers/pwutil.c, plugins/sudoers/pwutil_impl.c,
	plugins/sudoers/redblack.c,
	plugins/sudoers/regress/parser/check_addr.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sssd.c,
	plugins/sudoers/sudo_nss.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/timestamp.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l, plugins/sudoers/toke_util.c,
	plugins/sudoers/tsgetgrpw.c, plugins/sudoers/visudo.c,
	plugins/system_group/system_group.c, src/conversation.c, src/exec.c,
	src/exec_common.c, src/exec_pty.c, src/get_pty.c,
	src/load_plugins.c, src/net_ifs.c, src/parse_args.c, src/sudo.c,
	src/sudo_edit.c, src/tgetpass.c, src/ttyname.c, src/utmp.c:
	Don't include <sys/param.h>. We only needed it for MAXPATHLEN,
	MAXHOSTNAMELEN and the MIN/MAX macros. We now use PATH_MAX and
	HOST_NAME_MAX throughout without falling back on MAXPATHLEN or
	MAXHOSTNAMELEN and define our own MIN/MAX macros as needed.
	[f4807d46f504]

	* include/missing.h, plugins/sudoers/match.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c, src/sudo.c:
	Use MAX_HOST_NAME+1 (limits.h) instead of MAXHOSTNAMELEN
	(sys/param.h or netdb.h).
	[2544f5e306dd]

2012-11-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/logging.c:
	Move debug_decl() in log_failure() to be after the variable
	declarations for C89.
	[f48d2035ab44]

2012-11-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/error.c, include/error.h, plugins/sudoers/iolog.c,
	plugins/sudoers/logging.c, plugins/sudoers/policy.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h:
	Cannot wrap sigsetjmp() or we end up returning to the wrong place.
	Use a macro instead.
	[749ee6acdad8]

2012-11-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/policy.c:
	Fix return in sudoers_policy_open that should be debug_return.
	[a78b795b6846]

2012-11-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/ttyname.c:
	Define sudo_ttyname_dev() for the HAVE_STRUCT_PSINFO_PR_TTYDEV case
	too.
	[acfa891c229e]

	* src/solaris.c:
	Quiet a gcc warning and add comment about needing to keep the handle
	open.
	[f954f228960f]

2012-11-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL:
	mention --disable-shared
	[6954d39e2d0f]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in:
	Add missing command_info argument in I/O plugin open() prototype.
	Bug #579
	[72beb07aba0e]

2012-11-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/gram.c:
	Regen for proper line numbers.
	[6cf6e132e764]

	* configure, configure.in:
	Add locale_stub.o to SUDO_OBJS, not locale_stub.lo.
	[d604dc8ca38a]

	* common/sudo_printf.c:
	Include missing.h for __printflike.
	[a33640600faf]

	* plugins/sudoers/iolog.c:
	Saner loop invariant in io_mkdirs (cosmetic only).
	[dc30274afe38]

	* MANIFEST, common/Makefile.in, common/error.c, common/sudo_printf.c,
	configure, configure.in, include/error.h, mkdep.pl,
	plugins/sudoers/Makefile.in, plugins/sudoers/locale.c,
	plugins/sudoers/logging.c, plugins/sudoers/plugin_error.c,
	plugins/sudoers/policy.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c,
	src/Makefile.in, src/error.c, src/exec_pty.c, src/locale_stub.c,
	src/sesh.c:
	Move warn/error into common and make static builds work.
	[4d3f374f4e4c]

	* MANIFEST, common/Makefile.in, common/sudo_debug.c,
	common/sudo_printf.c, include/error.h, plugins/sudoers/Makefile.in,
	plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/iolog.c, plugins/sudoers/plugin_error.c,
	plugins/sudoers/policy.c,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/parser/check_addr.c,
	plugins/sudoers/regress/parser/check_fill.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c,
	src/Makefile.in, src/conversation.c, src/sesh.c:
	Move _sudo_printf from src/conversation.c to common/sudo_printf.c.
	Add sudo_printf function pointer that is initialized to
	_sudo_printf() instead of requiring a sudo_conv function pointer
	everywhere. The plugin will reset sudo_printf to point to the
	version passed in via the plugin open function. Now plugin_error.c
	can just call sudo_printf in all cases. The sudoers binaries no
	longer need their own version of sudo_printf.
	[9b09d3f63790]

	* plugins/sudoers/iolog.c, plugins/sudoers/logging.c,
	plugins/sudoers/plugin_error.c, plugins/sudoers/policy.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h:
	Add plugin_setjmp() wrapper for siglongjmp(error_jmp, 1) so we don't
	need error_jmp to be extern. Also add plugin_clearjmp() that clears
	a flag so error()/errorx() knows when to call exit() vs. longjmp().
	[5a4617148e70]

	* plugins/sudoers/set_perms.c:
	Let warning() call gettext() for us.
	[ab8d502ba4ac]

	* include/error.h, plugins/sudoers/plugin_error.c, src/error.c:
	Do locale swapping in the warning()/error() macros themselves
	instead of in the underlying functions.
	[4cd205540e17]

	* common/alloc.c, common/list.c, include/error.h,
	plugins/sudoers/env.c, plugins/sudoers/plugin_error.c,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/visudo.c, src/error.c,
	src/hooks.c:
	Rename warning2()/error2() -> warning_nodebug()/error_nodebug().
	[48346393634d]

	* common/sudo_conf.c, plugins/sudoers/auth/fwtk.c,
	plugins/sudoers/auth/rfc1938.c, plugins/sudoers/auth/securid5.c,
	plugins/sudoers/defaults.c, plugins/sudoers/group_plugin.c,
	plugins/sudoers/ldap.c, plugins/sudoers/linux_audit.c,
	plugins/sudoers/logging.c, plugins/sudoers/plugin_error.c,
	plugins/sudoers/policy.c, plugins/sudoers/sssd.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l,
	plugins/sudoers/toke_util.c, plugins/sudoers/visudo.c, src/error.c,
	src/exec.c, src/exec_common.c, src/exec_pty.c, src/load_plugins.c,
	src/net_ifs.c, src/parse_args.c, src/selinux.c, src/sesh.c,
	src/solaris.c, src/sudo.c, src/sudo_edit.c, src/tgetpass.c:
	Call gettext() on parameters for warning()/warningx() instead of
	having warning() do it for us.
	[c71088bc9d3e]

	* Makefile.in, plugins/sudoers/alias.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l, plugins/sudoers/toke_util.c:
	Call gettext() in sudoerserror() in the user's locale and pass the
	untranslated string to it.
	[cdbfc231b848]

	* plugins/sudoers/Makefile.in, plugins/sudoers/locale.c,
	plugins/sudoers/logging.h, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c:
	Allow sudoers programs (visudo, sudoreplay, visudo) to use
	plugin_error.c instead of the error.c from the front-end. This means
	sudoers_setlocale() needs to be independent of the sudo_user struct
	and the defaults table. The sudoers locale is now updated via a
	callback.
	[e356f5f8cd6a]

	* plugins/sudoers/iolog.c, plugins/sudoers/logging.c,
	plugins/sudoers/plugin_error.c, plugins/sudoers/policy.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h:
	Include setjmp.h in sudoers.h Move error_jmp into plugin_error.c
	Rename sudoers_plugin_cleanup sudoers_cleanup Make sudoers
	warning/error functions work when sudo_conv is NULL
	[7365ee24a779]

	* src/error.c:
	No need to change locale in front-end warning()/error().
	[23dc1df7f93b]

	* plugins/sudoers/tsgetgrpw.c:
	Ignore bad lines in passwd/group file instead if stopping processing
	when we hit one.
	[79b790559075]

	* plugins/sudoers/regress/testsudoers/test2.sh,
	plugins/sudoers/regress/testsudoers/test3.sh,
	plugins/sudoers/regress/testsudoers/test5.sh:
	Bash doesn't let you set UID to use MYUID instead.
	[5be56335f059]

	* plugins/sudoers/visudo.c:
	Avoid NULL deref for unknown Defaults in strict mode.
	[545c21c1e7d6]

	* common/sudo_conf.c, common/sudo_debug.c:
	See DEFAULT_TEXT_DOMAIN
	[3d723e1d27db]

2012-11-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* .hgignore:
	Add signame.c and mksigname.
	[d59bbf423f00]

	* plugins/sudoers/Makefile.in:
	Fold preinstall into install-plugin and pass the path to the plugin
	binary to the preinstall command.
	[2c2205af8bb7]

	* pp:
	sync with upstream
	[a4b7336b3256]

	* src/sudo.h:
	repair spacing
	[f5c1255ce514]

2012-11-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/sudo_debug.c:
	Set group on sudo_debug when creating it to gid 0 so systems without
	BSD group semantics don't get the invoking user's group.
	[7dda01196554]

	* plugins/sudoers/iolog.c:
	Rename mkdir_parents() io_mkdirs() and add a flag to specify whether
	path is a temporary, in which case the final component is created
	via mkdtemp() instead of mkdir().
	[79c0c4e7ed58]

	* plugins/sudoers/set_perms.c, plugins/sudoers/sudoers.h:
	For PERM_ROOT set egid to 0 so log files are not created with the
	gid of the user.
	[5b964ea43474]

	* plugins/sudoers/logging.c:
	Add calls to set_perms(PERM_ROOT) becore logging to a file. We
	should already be root but since we cache the current permission
	status it is basically free. That way, if more of sudoers runs as
	non-root in the future logging will still work correctly.
	[c591d4973f41]

	* common/sudo_conf.c, config.h.in, configure, configure.in,
	include/gettext.h, plugins/sudoers/locale.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c,
	src/error.c, src/exec.c, src/sesh.c, src/sudo.c:
	#unifdef HAVE_SETLOCALE, it is C89 so no need to check for it.
	[41f6bb4926f4]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in,
	doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in:
	Mention that sudo.conf is parsed in the C locale.
	[f711c416e30c]

	* common/sudo_conf.c:
	Parse sudo.conf in the "C" locale.
	[776658f651ea]

	* plugins/sudoers/locale.c, plugins/sudoers/logging.h,
	plugins/sudoers/sudoers.h:
	Fix compilation on systems w/o setlocale()
	[6940d1c1c1ce]

	* doc/TROUBLESHOOTING:
	Sudo now includes a workaround for the Solaris 11 locale issue.
	[ab93787a552c]

2012-11-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/gettext.h, plugins/sudoers/iolog_path.c,
	plugins/sudoers/locale.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c,
	src/error.c, src/exec.c, src/sesh.c, src/sudo.c, src/sudo.h:
	Always include locale.h from gettext.h so we no longer need to
	include locale.h from the .c files.
	[93d39182ccfa]

	* MANIFEST, config.h.in, configure, configure.in, mkdep.pl,
	plugins/sudoers/Makefile.in, src/Makefile.in, src/openbsd.c,
	src/solaris.c, src/sudo.c, src/sudo.h:
	Add os-specific initialization functions for solaris (workaround
	setuid locale problem in Solaris 11) and openbsd (set malloc_options
	if SUDO_DEVEL). Also move set_project() to solaris.c.
	[1d6581afbaf4]

2012-11-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/find_path.c, plugins/sudoers/group_plugin.c,
	plugins/sudoers/iolog.c, plugins/sudoers/policy.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/timestamp.c:
	Avoid strerror() when possible and just rely on warning/error to
	handle errno in the proper locale.
	[bf612caae97c]

	* plugins/sudoers/logging.c:
	Set sudoers locale in log_allowed()
	[2dd0ac704cae]

	* plugins/sudoers/check.c:
	Make the sudo lecture translatable.
	[3cdfc183d72d]

	* Makefile.in:
	Add the values of badpass_message, passprompt and mailsub to
	sudoers.pot so they can be translated.
	[51cbe8adcb94]

	* plugins/sudoers/logging.c:
	Expand the FMT_FIRST anf FMT_CONTD macros inline so they get picked
	up by xgettext.
	[c5b74115caf0]

2012-11-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/check.c, plugins/sudoers/prompt.c,
	plugins/sudoers/sudoers.h:
	Make expand_prompt() args const and free the prompt when we are done
	with it.
	[995ef8519fe6]

	* plugins/sudoers/policy.c:
	Fix cut and pasto
	[e002921c1d15]

	* plugins/sudoers/defaults.c, plugins/sudoers/logging.c:
	Expand def_mailsub in the sudoers locale, not the user's.
	[a4775f2fb385]

	* plugins/sudoers/auth/bsdauth.c, plugins/sudoers/auth/kerb5.c,
	plugins/sudoers/auth/pam.c, plugins/sudoers/auth/sia.c,
	plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/check.c,
	plugins/sudoers/env.c, plugins/sudoers/iolog.c,
	plugins/sudoers/locale.c, plugins/sudoers/logging.c,
	plugins/sudoers/logging.h, plugins/sudoers/parse.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/timestamp.c:
	Call gettext inside log_error et al instead of having the caller do
	it. This way we can display any messages to the user in their own
	locale but log in the sudoers local.
	[286e0444f785]

	* common/sudo_conf.c, plugins/sudoers/auth/fwtk.c,
	plugins/sudoers/auth/rfc1938.c, plugins/sudoers/auth/securid5.c,
	plugins/sudoers/defaults.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/group_plugin.c,
	plugins/sudoers/ldap.c, plugins/sudoers/linux_audit.c,
	plugins/sudoers/logging.c, plugins/sudoers/plugin_error.c,
	plugins/sudoers/policy.c, plugins/sudoers/sssd.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l,
	plugins/sudoers/visudo.c, src/error.c, src/exec.c,
	src/exec_common.c, src/exec_pty.c, src/load_plugins.c,
	src/net_ifs.c, src/parse_args.c, src/selinux.c, src/sesh.c,
	src/sudo.c, src/sudo_edit.c, src/tgetpass.c:
	Display warning/error messages in the user's locale.
	[00a04165c0cf]

	* plugins/sudoers/audit.c, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/logging.c, plugins/sudoers/sudoers.c:
	audit_failure() now calls gettext itself using the sudoers locale.
	[d77f1d78799a]

	* plugins/sudoers/iolog_path.c, plugins/sudoers/logging.c,
	plugins/sudoers/sudoers.c:
	Convert setlocale() to sudoers_setlocale() in the sudoers module.
	This only converts existing uses, there are more places where we
	need to sprinkle sudoers_setlocale() calls.
	[8ee0cbf0d0a9]

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/env.c,
	plugins/sudoers/locale.c, plugins/sudoers/logging.h,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h:
	Add simple locale switching to make it easy to switch from the
	user's locale to the sudoers locale without making excessive
	setlocale() calls when we don't need to.
	[5c61582fdeee]

	* common/sudo_debug.c, include/error.h, include/sudo_debug.h,
	plugins/sudoers/plugin_error.c, src/error.c:
	Add variants of warn/error and sudo_debug_printf that take a va_list
	instead of a variable number of args.
	[00392bdc063c]

	* INSTALL, doc/TROUBLESHOOTING:
	Document Solaris 11 locale issues and workarounds.
	[05f7d34af3ae]

	* Makefile.in, configure, configure.in:
	Solaris gettext() looks in lang.UTF-8, not just lang for UTF-8
	locales. Make links from localdir/lang -> localdir/lang.UTF-8
	[5ca9326480e2]

2012-11-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/audit.c, plugins/sudoers/logging.c,
	plugins/sudoers/logging.h, plugins/sudoers/sudoers.c:
	Do not inform the user that the command was not permitted by the
	policy if they do not successfully authenticate. This is a
	regression introduced in sudo 1.8.6.
	[c1279df08bfb]

	* plugins/sudoers/Makefile.in:
	Add preinstall target that runs SUDO_PREINSTALL_CMD. Used to fixup
	the rpath in HP-UX SOM shared libraries for the LDAP libs.
	[b07185657b42]

	* src/parse_args.c:
	The -a option should be #ifdef HAVE_BSD_AUTH_H, not -A.
	[22c73cbe3ff9]

2012-10-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL, configure, configure.in:
	Allow the user to specify and alternate libtool
	[c9d6fc9521fd]

2012-10-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/CONTRIBUTORS, plugins/sudoers/sudo_nss.c:
	Allow sudo to be build with sss support without also including ldap
	support. From Stephane Graber.
	[b992a80ebea1]

2012-10-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/iolog_path.c,
	plugins/sudoers/logging.c, plugins/sudoers/plugin_error.c,
	plugins/sudoers/policy.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/testsudoers.c,
	plugins/sudoers/visudo.c:
	Refactor policy plugin interface code from sudoers.c into policy.c
	[393e62910b8a]

	* plugins/sudoers/iolog.c, plugins/sudoers/sudoers.c:
	Refactor command_info setting into its own function.
	[a952b948324c]

	* plugins/sudoers/interfaces.c, plugins/sudoers/interfaces.h,
	plugins/sudoers/match_addr.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c:
	Make interfaces pointer private to interfaces.c and add
	get_interfaces() accessor.
	[b69b9334ed3c]

2012-10-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog_path.c, plugins/sudoers/logging.c,
	plugins/sudoers/sudoers.h:
	Make user_cwd const since it is either a string literal or passed in
	from the front-end.
	[90751b81e8bc]

	* configure, configure.in:
	sudo 1.8.7
	[bf727adb8af0]

	* plugins/sudoers/sudoers.c:
	Avoid nested strtok() calls.
	[9d9f22ab52a9]

2012-10-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/check.c,
	plugins/sudoers/prompt.c, plugins/sudoers/sudoers.h:
	Move expand_prompt() into its own source file for easier unit
	testing.
	[b419b48a436f]

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/check.c,
	plugins/sudoers/check.h, plugins/sudoers/sudoers.h,
	plugins/sudoers/timestamp.c, plugins/sudoers/timestamp.h:
	Make check.c independent of the underlying timestamp implementation.
	[895071bd6065]

	* plugins/sudoers/iolog_path.c:
	Add SUDOERS_NO_SEQ define to allow ${seq} to be disabled.
	[8ac38f02dd6d]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Use a list for the possible values of Tag_Spec with a minimal indent
	to improve readability. In the pod version, these were =head3. Also
	use .St -p1003.1 instead of just POSIX when talking about glob() and
	fnmatch().
	[361a6f7a5c44]

2012-10-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/ttyname.c:
	sudo_ttyname_dev() is unused if there is no /proc or sysctl().
	[6598dbf81e16]

	* compat/mksiglist.c, compat/mksigname.c,
	compat/regress/fnmatch/fnm_test.c, compat/regress/glob/globtest.c,
	plugins/sample_group/plugin_test.c,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/parser/check_addr.c,
	plugins/sudoers/regress/parser/check_fill.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/visudo.c, src/sesh.c, src/sudo.c:
	Explicitly mark main() as public in executables to avoid an HP-UX ld
	warning.
	[72a40ce218be]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	Remove grep from SEE ALSO section.
	[c7cafee1621f]

	* common/alloc.c:
	If vasprintf() fails, just use the errno it sets instead of assuming
	ENOMEM.
	[1be5bfdc0cab]

2012-09-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/TROUBLESHOOTING:
	Mention HP-UX pam.conf settings.
	[8b8e745b49fd]

2012-09-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/check.c,
	plugins/sudoers/defaults.c, plugins/sudoers/timestamp.c,
	plugins/sudoers/timestamp.h:
	Split off timestamp functions into their own source file.
	[d5833332511d]

2012-09-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Mention how !foo is not the same as ALL,!foo
	[51f8e470757d]

2012-09-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_pty.c:
	Start commands in the background when I/O logging is enabled. We
	can't do this on Mac OS X due to a kernel bug in tc[gs]etattr(2)
	which returns EINTR on signal instead of restarting automatically.
	[83b1d59146f7]

	* src/exec_pty.c:
	Handle SIGCONT_FG and SIGCONT_BG when converting signal number to
	string in deliver_signal().
	[2cefea7a976e]

2012-09-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_pty.c:
	Fix running commands that need the terminal in the background when
	I/O logging is enabled. E.g. "sudo vi &". When the command is
	foregrounded, it will now resume properly.
	[0bc13a253429]

	* plugins/sudoers/match.c:
	Add rudimentary support for name-based matching as a compile-time
	option. This unsafe when used in conjunction with the '!' operator.
	[f93bc8e6db15]

2012-09-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/pwutil.c,
	plugins/sudoers/pwutil.h, plugins/sudoers/pwutil_impl.c:
	Split out implementation-specific back end code out of pwutil.c into
	pwutil_impl.c. This will allow the main pwutil code to be used for
	lookup methods other than getpw* and getgr*.
	[999c2dde60e4]

2012-09-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, configure, configure.in:
	sudo 1.8.6p3
	[97fef3d9ed65]

2012-09-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/fixman.sh:
	Don't use embedded newline when matching, use \n. This got expanded
	at some point. Bug #573
	[6652f834b8f5]

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y:
	Rename yyerror() to sudoerserror() to match yacc prefix changes. Not
	really needed due to the #defines that yacc makes but it is less
	confusing this way as the lexer calls sudoerserror().
	[a0577be6527d]

	* common/alloc.c, plugins/sample_group/plugin_test.c,
	plugins/sudoers/env.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l, plugins/sudoers/toke_util.c,
	src/exec_common.c, src/parse_args.c, src/sudo.c:
	No need to translate "unable to allocate memory" when we can just
	use the system translation via strerror().
	[377499e5827c]

	* plugins/sudoers/sudoreplay.c:
	Fall back on lstat(2) if d_type in struct dirent is DT_UNKNOWN. Not
	all file systems support d_type. Bug #572
	[8b861c62945f]

	* plugins/sudoers/sudoreplay.c:
	Avoid calling fclose(NULL) in the error path when we cannot open an
	I/O log file.
	[9401d5c4bb05]

2012-09-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, configure, configure.in:
	Sudo 1.8.6p2
	[6e32496280f2]

	* src/exec.c:
	When setting the signal handler for SIGTSTP to the default value in
	non-I/O log mode, store the old handler value for when we restore it
	after resume.
	[242628694e42]

	* plugins/sudoers/env.c:
	Replace the guts of sudo_setenv_nodebug() with our old setenv.c
	which supports non-standard BSD and glibc semantics. sudo_setenv()
	now simply calls sudo_setenv2().
	[57ffb6c9efaa]

2012-09-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document non-Unix group support in LDAP sudoers.
	[33c89f3aeee6]

	* plugins/sudoers/ldap.c:
	Enable non-Unix group support for LDAP sudoers. We now check for
	non-Unix groups and netgroups with the same query in the second
	pass. Bug #571
	[eb98fdff54d9]

2012-09-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in, plugins/sudoers/gram.c,
	plugins/sudoers/gram.h, plugins/sudoers/parse.c,
	plugins/sudoers/regress/parser/check_fill.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/testsudoers.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.h,
	plugins/sudoers/toke.l, plugins/sudoers/toke_util.c,
	plugins/sudoers/visudo.c:
	Set yacc prefix to "sudoers" to avoid conflicts other yacc parsers.
	[cb6c0d93215e]

2012-09-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Mention support for SUCCESS=return in /etc/nsswitch.conf
	[ef1f35aa0863]

	* NEWS, configure, configure.in:
	sudo 1.8.6p1
	[73a5e1f004b3]

2012-09-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/env.c:
	Avoid setting LOGNAME, USER and USERNAME variables twice when
	set_logname is enabled.
	[0de4f5fbd1d4]

	* plugins/sudoers/env.c:
	Fix duplicate detection in sudo_putenv(), do not prune out the
	variable we just set when overwriting an existing instance. Fixes
	bug #570
	[854ee714c831]

	* plugins/sudoers/env.c:
	Add some debuggging
	[a25cd3305823]

2012-09-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudo_nss.c:
	Disable word wrap in list mode when stdout is a pipe to make "sudo
	-l | grep ..." more useful. Adapted from a diff by Daniel Kopecek.
	[65ade04511fd]

	* common/lbuf.c:
	Print a trailing newline in lbuf_print() when there is not enough
	space to do word wrapping and the lbuf does not end with a newline.
	[c0200e19cd09]

	* plugins/sudoers/sudo_nss.c, plugins/sudoers/sudoers.c:
	Add support for [SUCCESS=return] in nsswitch.conf; from Daniel
	Kopecek
	[5c480316e3ce]

	* MANIFEST:
	Add sssd.c
	[9cadd014ef97]

2012-09-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/da.mo, plugins/sudoers/po/fi.mo,
	plugins/sudoers/po/hr.mo, plugins/sudoers/po/sl.mo,
	plugins/sudoers/po/uk.mo, src/po/fi.mo, src/po/hr.mo, src/po/it.mo,
	src/po/ru.mo, src/po/sl.mo, src/po/uk.mo, src/po/vi.mo:
	regen .po files
	[62423d4d143d]

	* MANIFEST, plugins/sudoers/po/vi.mo:
	Add Vietnamese sudoers translation from translationproject.org
	[33666a605525]

	* NEWS:
	mention PIE
	[05032e5304c6]

	* MANIFEST, plugins/sudoers/po/vi.po:
	Add Vietnamese sudoers translation from translationproject.org
	[015c2204bae2]

2012-08-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in, compat/Makefile.in, mkdep.pl:
	Add missing signame dependency
	[e493bfb01929]

	* src/exec.c, src/ttyname.c:
	Silence compiler warnings.
	[1c5374b66d9b]

	* MANIFEST, compat/Makefile.in, compat/sig2str.c, compat/strsigname.c,
	config.h.in, configure, configure.in, include/missing.h, mkdep.pl,
	src/exec.c, src/exec_pty.c:
	Replace strsigname() with sig2str(), emulating it as needed.
	[1e348cca1fa6]

	* config.h.in, configure, configure.in, src/utmp.c:
	Use fseeko() for legacy utmp handling if available.
	[b4bbd8d2c0e9]

2012-08-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/strsigname.c, config.h.in, configure, configure.in:
	Detect sys_sigabbrev[] and use it in place of sys_signame[] if
	present. For some reason glibc does not declare sys_sigabbrev so we
	must add an extern definition of our own.
	[b38f3fbd7078]

	* compat/strsignal.c, compat/strsigname.c:
	Handle NULL entries in sys_siglist and sys_signame.
	[a388959d9654]

	* compat/mksiglist.c, compat/mksiglist.h, compat/mksigname.c,
	compat/mksigname.h, compat/strsignal.c, compat/strsigname.c:
	Convert my_sys_sig{list,name} -> sudo_sys_sig{list,name}
	[711e41aba59a]

2012-08-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	sync
	[5a2522488754]

	* src/exec.c:
	Pass on SIGTSTP to the command if it was sent by a user process (not
	the kernel or the terminal) when we are not I/O logging and set the
	default SIGTSTP handler when we re-send the signal to ourself,
	restoring our handler after we resume.
	[4259c47e31c0]

	* src/exec.c:
	Shells typically change their process group when they start up so
	that they can implement job control. Most well-behaved shells change
	the pgrp back to its original value before suspending so we must not
	try to restore in that case, lest we race with the child upon
	resume, potentially stopping sudo with SIGTTOU while the command
	continues to run. Some shells, such as pdksh, just suspend the shell
	by sending SIGSTOP to themselves without restoring the pgrp. In this
	case we need to change the pgrp back for them. Should fix bug #568
	[6ac6751ffd17]

2012-08-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, compat/Makefile.in, compat/mksigname.c,
	compat/mksigname.h, compat/strsignal.c, compat/strsigname.c,
	config.h.in, configure, configure.in, include/missing.h, mkdep.pl,
	src/exec.c, src/exec_pty.c:
	Use strsigname() to print signal names in the debug output. If the
	system has no strsigname(), use our own.
	[0735f18906b9]

2012-08-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/regress/testsudoers/test5.inc,
	plugins/sudoers/regress/testsudoers/test5.sh:
	Remove generated file and change path for temporary include file.
	[4e9fa830c6b5]

	* plugins/sudoers/Makefile.in:
	When running regress tests, list pass/fail rate for each dir
	(testsudoers and visudo) instead of the total. Also prevent the
	result files from clobbering each other by keeping them in the
	relevant directories.
	[6aac53baff7d]

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Don't print an error message in yyerror() if open_sudoers() fails,
	we've already printed an error message. Also restore the check for
	sudoers_warnings in yyerror().
	[aa6036df5fb2]

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/toke.c, plugins/sudoers/toke.h,
	plugins/sudoers/toke.l:
	Avoid printing the >>> parse error <<< message for testsudoers when
	the -t flag is specified.
	[76f3433c8992]

2012-08-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/parse.c:
	Fix NULL deref when an entry has no Runas_Entry
	[4b14983ff6e7]

	* plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po,
	src/po/ja.mo, src/po/ja.po, src/po/pl.mo, src/po/pl.po,
	src/po/zh_CN.mo, src/po/zh_CN.po:
	sync with translationproject.org
	[440e9c9b37de]

	* NEWS:
	sync
	[3142ba2dce60]

	* plugins/sudoers/check.c:
	Correct the check_user() comment header.
	[73da30308fff]

	* plugins/sudoers/auth/sudo_auth.c:
	Change a log_fatal() into log_error() when no auth methods are
	configured. The caller already checks the return value.
	[05f5c39793a7]

	* plugins/sudoers/logging.c:
	Add missing debug_return
	[3a76bb7c2fe7]

2012-08-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in,
	doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, doc/sudoers.cat, doc/sudoers.ldap.cat,
	doc/sudoers.ldap.man.in, doc/sudoers.ldap.mdoc.in,
	doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Make the capitalization consistent for .Ss and .Sx
	[5c5735ee4b2f]

	* doc/Makefile.in, doc/fixman.sh, doc/fixmdoc.sh, doc/sudo.cat,
	doc/sudo.man.in, doc/sudo.mdoc.in:
	Add COMMAND EXECUTION section that describes how sudo runs the
	command, the extra sudo processes and signal handling.
	[dff2d88e984e]

2012-08-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in:
	Happy Easter
	[4b9d697c6b83]

2012-08-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/Makefile.in:
	Don't echo the awk command when building siglist.in
	[21daa72921e6]

	* doc/fixman.sh, doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in,
	doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Cosmetic changes.
	[19259528e9ad]

	* doc/Makefile.in:
	The HISTORY, LICENSE and CONTRIBUTORS files are not longer
	generated.
	[ea6ac9e981e6]

	* MANIFEST, plugins/sudoers/po/da.po, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/hr.po, plugins/sudoers/po/it.mo,
	plugins/sudoers/po/it.po, plugins/sudoers/po/sl.po,
	plugins/sudoers/po/uk.po, src/po/de.mo, src/po/de.po, src/po/fi.po,
	src/po/hr.po, src/po/it.po, src/po/ru.po, src/po/sl.po,
	src/po/uk.po, src/po/vi.po:
	Sync with translationproject.org and add Italian sudoers
	translation.
	[9276740aea59]

2012-08-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Expand description of fqdn to talk about systems where the hosts
	file is searched before DNS.
	[4ee812ca6116]

2012-08-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/Makefile.in:
	For cat pages there is nothing to make unless DEVEL is set.
	[fab4a5b68708]

	* configure, configure.in, doc/Makefile.in:
	Always use mandoc to format cat pages and remove now-extraneous
	nroff configure tests.
	[5747f4ed5762]

	* pp:
	sync polypkg from git
	[89ddf6ea3e3f]

	* plugins/sudoers/sudoers.c:
	Use AI_FQDN instead of AI_CANONNAME if available since "canonical"
	is not always the same as "fully qualified".
	[7c1d9c098386]

2012-08-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.mdoc.in:
	Fix some typos. Describe error messages not related to policy
	permissions.
	[f5ebf9030d85]

	* plugins/sudoers/defaults.c, plugins/sudoers/defaults.h,
	plugins/sudoers/visudo.c:
	Add new check_defaults() function to check (but not update) the
	Defaults entries. Visudo can now use this instead of update_defaults
	to check all the defaults regardless instead of just the global
	Defaults entries.
	[3fa879ce1b65]

2012-08-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document sudoers log format.
	[08998a7061ab]

	* NEWS:
	Update for sudo 1.8.5p3
	[6e102a5d4e8d]

	* src/load_plugins.c:
	Add missing check for I/O plugin API version when checking for the
	presence of I/O plugin hooks.
	[ef05c7eeaf81]

	* src/hooks.c:
	Can't call debug code in the process_hooks_xxx functions() since
	ctime() may look up the timezone via the TZ environment variable.
	[2179fb26bd8e]

2012-08-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_common.c, src/sesh.c, src/utmp.c:
	Include signal.h before sudo_exec.h since it uses sigset_t * in the
	fork_pty prototype.
	[94fc0d859600]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in, doc/sudoreplay.cat,
	doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in, doc/visudo.cat,
	doc/visudo.man.in, doc/visudo.mdoc.in:
	Remove OPTIONS section; options now go inside DESCRIPTION
	[a619fc58a746]

	* plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
	regen
	[44719d80bc06]

	* MANIFEST, NEWS, plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po,
	plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/hr.mo, plugins/sudoers/po/hr.po,
	plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/sl.mo, plugins/sudoers/po/sl.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po,
	src/po/da.mo, src/po/da.po, src/po/hr.mo, src/po/hr.po,
	src/po/sl.mo, src/po/sl.po, src/po/vi.mo, src/po/vi.po:
	Sync with translationproject.org and add new Slovenian translation.
	[34b4b966bbac]

	* common/alloc.c, plugins/sudoers/check.c, plugins/sudoers/env.c,
	plugins/sudoers/linux_audit.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/testsudoers.c:
	Reduce the number of "internal error, foo overflow" messages that
	need to be translated.
	[93ffa2b3d53f]

	* NEWS:
	Mention HP-UX reboot fix.
	[1e39b5aa32ac]

	* INSTALL, NEWS, common/sudo_debug.c, configure, configure.in,
	doc/CONTRIBUTORS, include/sudo_debug.h, mkdep.pl, pathnames.h.in,
	plugins/sudoers/Makefile.in, plugins/sudoers/sssd.c,
	plugins/sudoers/sudo_nss.c, plugins/sudoers/sudoers.c:
	Support for using SSSD (http://fedorahosted.org/sssd/) as a sudoers
	data source. From Daniel Kopecek and Pavel Brezina.
	[3f85e95d6928]

2012-08-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/sudo_conf.c, src/load_plugins.c:
	If sudo.conf contains an I/O plugin but no policy plugin, use
	sudoers for the policy plugin. If a policy plugin is specified
	without an I/O plugin, only the policy plugin will be loaded.
	[ea192df2439d]

	* doc/Makefile.in, doc/sudoers.man.in:
	Do not modify the .Os section when building the .man.in file from
	.mdoc.in.
	[a9f9628e147f]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Add a note about wildcards matching multiple words and include an
	example. Also mention that for sudoedit, a wildcard in command line
	args does not match a slash.
	[fcb9fbac14e0]

2012-08-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_pty.c, src/sudo_exec.h:
	Fix a comment, update a variable name in a prototype; all cosmetic.
	[e89f10cbd6e1]

	* plugins/sudoers/iolog.c:
	Cast 2nd argument of lseek() to off_t if it is a constant for
	systems with 64-bit off_t but without a proper lseek() prototype.
	[d8779da135d0]

	* compat/getline.c, plugins/sudoers/check.c, plugins/sudoers/env.c,
	plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/visudo.c:
	Fix some warnings from clang checker-267
	[1e44ef7860b5]

	* plugins/sample/sample_plugin.c:
	Fix memory leak found by clang checker-267
	[f8a43617fdfb]

2012-08-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c, src/exec_pty.c, src/sudo.h, src/sudo_exec.h:
	If we receive a signal from the command we executed, do not forward
	it back to the command. This fixes a problem with BSD-derived
	versions of the reboot command which send SIGTERM to all other
	processes, including the sudo process. Sudo would then deliver
	SIGTERM to reboot which would die before calling the reboot() system
	call, effectively leaving the system in single user mode.
	[4ffab9ab9e98]

2012-08-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/fixman.sh, doc/fixmdoc.sh:
	Remove section about Solaris 10 on other systems. Add missing
	sudoers.man.in bit to fixman.sh.
	[176559199ba7]

2012-08-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Expand section on Solaris privileges.
	[3a1bfa2f1743]

	* NEWS:
	Expand a bit on the Solaris priv set changes.
	[bffb78b4a520]

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/parse.c, plugins/sudoers/parse.h,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c:
	The second argument to init_parser() is now bool.
	[fb727a4fb651]

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y:
	Fix printing of parse error message to stderr.
	[dea6b420b84f]

	* plugins/sudoers/check.c, plugins/sudoers/defaults.c,
	plugins/sudoers/match.c, plugins/sudoers/parse.c,
	plugins/sudoers/parse.h, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/testsudoers.c:
	If a command matches using an empty Runas_List (i.e. Runas_List is
	present but empty) and the -u option was not specified, set runas_pw
	to user_pw instead of using runas_default. This is intended to be
	used in conjunction with the Solaris Privilege Set support for rules
	that grant privileges without changing the user.
	[e84a081f3c11]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/gram.c, plugins/sudoers/gram.h,
	plugins/sudoers/gram.y, plugins/sudoers/match.c,
	plugins/sudoers/parse.c, plugins/sudoers/sudoers_version.h:
	Add support for parsing an empty Runas_List, which only allows the
	command to be run as the invoking user. This can be used in
	conjunction with the Solaris Privilege Set support to grant
	privileges without changing the user.
	[dc34373792fc]

2012-08-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/fixman.sh:
	Fix HP-UX, just use ".TH name section" like the vendor manuals.
	[559738237c92]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Fix compilation on Solaris
	[2d310302207c]

	* .hgignore, MANIFEST, doc/Makefile.in, doc/fixman.sh, doc/fixmdoc.sh,
	doc/sudo.man.sh, doc/sudo.mdoc.sh, doc/sudoers.man.sh,
	doc/sudoers.mdoc.sh:
	Generate a sed script file when munging *.mdoc or *.man instead of
	passing sed expressions on the command line. Older seds do not
	support \n in a replacement so generate and run a sed script
	instead.
	[0bcce3f1ca18]

	* doc/Makefile.in, doc/sudo.man.in, doc/sudo_plugin.man.in,
	doc/sudoers.ldap.man.in, doc/sudoers.man.in, doc/sudoreplay.man.in,
	doc/visudo.man.in:
	Use "Sudo VERSION" as the 4th arg to .TH instead of just "VERSION"
	[fe0f10b63776]

2012-07-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c:
	When checking whether a signal is user-generated, compare si_code
	against SI_USER instead of <= 0 since on HP-UX, terminal-related
	signals get a code of 0.
	[4e9021243343]

	* src/sudo.c:
	SuSE Enterprise Linux uses RLIMIT_NPROC and _SC_CHILD_MAX
	interchangably. This causes problems when setting RLIMIT_NPROC to
	RLIM_INFINITY due to a bug in bash where bash tries to honor the
	value of _SC_CHILD_MAX but treats a value of -1 as an error, and
	uses a default value of 32 instead.

	Previously, we just checked RLIMIT_NPROC and, if it was unlimited,
	restored the previous value of RLIMIT_NPROC. However, that makes it
	impossible to set nproc to unlimited. We now only restore the nproc
	resource limit if sysconf(_SC_CHILD_MAX) is negative. In most cases,
	pam_limits will set RLIMIT_NPROC for us.
	[cb71cc8d0b08]

2012-07-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	Active Directory apparently requires that tenths of a second be
	present in a date so append .0 to the "now" value in the time
	filter. Also remove space for the global AND from TIMEFILTER_LENGTH
	since it was not being used consistently. Buffers of
	TIMEFILTER_LENGTH now need to account for the terminating NUL byte.
	[d28619ff6e45]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Fix SELinux build
	[cc0d1f4e851b]

2012-07-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST:
	Remove pod versinons of HISTORY, CONTRIBUTORS and LICENSE as they
	were not being kept in sync.
	[fc3ad1847cb1]

	* doc/HISTORY, doc/Makefile.in, doc/contributors.pod, doc/history.pod,
	doc/license.pod:
	Remove pod versinons of HISTORY, CONTRIBUTORS and LICENSE as they
	were not being kept in sync.
	[950363dffe3a]

2012-07-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/logging.c:
	Fix printing of the permission denied message to standard error when
	a user is not allowed to run a command. This got broken by the
	recent logging changes.
	[b7af63da3ca1]

	* plugins/sudoers/sudoers_version.h:
	Bump grammar version for Solaris privs.
	[2a2baf024477]

	* doc/schema.ActiveDirectory:
	Fix errors introduced when sudoNotBefore, sudoNotAfter and sudoOrder
	were added. From David Hicks.
	[3fc432a8edb4]

2012-07-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in:
	Remove lex.yy.c when building toke.c
	[72bb9e62b289]

	* doc/Makefile.in:
	Fix building docs in a build dir.
	[7a6f435af022]

	* doc/sudo.man.pl, doc/sudo.pod, doc/sudo_plugin.pod,
	doc/sudoers.ldap.pod, doc/sudoers.man.pl, doc/sudoers.pod,
	doc/sudoreplay.pod, doc/visudo.pod:
	Remove pod versions of the manual; we now use mdoc.
	[5c967d2dd5db]

	* MANIFEST, doc/Makefile.in, doc/sudo.man.sh, doc/sudo.mdoc.sh,
	doc/sudoers.man.sh, doc/sudoers.mdoc.sh:
	Add post-processing scripts to strip out login class, BSD auth,
	SELinux and privilege set bits when they are not supported.
	[d0d51f72f597]

	* NEWS, configure.in, doc/CONTRIBUTORS, doc/Makefile.in,
	doc/contributors.pod, doc/sudoers.cat, doc/sudoers.man.in,
	doc/sudoers.man.pl, doc/sudoers.mdoc.in, doc/sudoers.pod,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/gram.c,
	plugins/sudoers/gram.h, plugins/sudoers/gram.y,
	plugins/sudoers/parse.c, plugins/sudoers/parse.h,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/testsudoers.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l, src/sudo.c, src/sudo.h:
	Merge in Solaris privilege support by Darren Moffat and John
	Zolnowsky
	[3aa0a64f2f5c]

2012-07-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/contributors.pod:
	Sync with CONTRIBUTORS file
	[9a0852306ad9]

	* doc/sudo.man.in, doc/sudo_plugin.man.in, doc/sudoers.ldap.man.in,
	doc/sudoers.man.in, doc/sudoreplay.man.in:
	Regen .man.in files with my private mandoc.
	[dc3c9fc449eb]

	* doc/Makefile.in:
	add MANDOC variable
	[35527e66afc5]

2012-07-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.man.in, doc/sudo_plugin.man.in, doc/sudoers.ldap.man.in,
	doc/sudoers.man.in, doc/sudoreplay.man.in, doc/visudo.man.in:
	Regen .man.in files with hacked mandoc to avoid issues with historic
	nroff.
	[d45cfa7d665f]

2012-07-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.mdoc.in, doc/sudoers.mdoc.in:
	Fix groff warnings.
	[111d522ca807]

	* doc/Makefile.in:
	Fix dependencies for .man.in files.
	[aefeffe1af2b]

	* .hgignore:
	Add doc/*.mdoc to ignore file
	[1e4de6ef2ad8]

	* INSTALL, MANIFEST, NEWS, configure, configure.in, doc/Makefile.in,
	doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in,
	doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, doc/sudoers.cat, doc/sudoers.ldap.cat,
	doc/sudoers.ldap.man.in, doc/sudoers.ldap.mdoc.in,
	doc/sudoers.man.in, doc/sudoers.mdoc.in, doc/sudoreplay.cat,
	doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in, doc/visudo.cat,
	doc/visudo.man.in, doc/visudo.mdoc.in:
	Build .man.in and .cat files from .mdoc.in files. Add new --with-man
	and --with-mdoc configure options.
	[c963fd7e8f80]

2012-07-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.mdoc.in, doc/sudo_plugin.mdoc.in, doc/sudoers.ldap.mdoc.in,
	doc/sudoers.mdoc.in, doc/sudoreplay.mdoc.in, doc/visudo.mdoc.in:
	Sudo manuals formatted in mdoc, to replace the pod versions.
	[e6dca4030451]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod,
	doc/sudoers.cat, doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.pod, doc/sudoers.man.in, doc/sudoers.pod,
	doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/sudoreplay.pod,
	doc/visudo.cat, doc/visudo.man.in, doc/visudo.pod:
	More minor costmetic fixes.
	[a7287a68385a]

2012-07-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.pod:
	Minor cosmetic fixes.
	[9c48bdaf3946]

2012-07-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/logging.c, plugins/sudoers/po/sudoers.pot:
	Use "a password is required" instead of "password required" when the
	-n flag is used and we need to read a password.
	[a3c30fc41648]

2012-07-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Mention logging changes.
	[8238fd6e02e8]

	* plugins/sudoers/po/sudoers.pot:
	regen
	[e2cf634ba63b]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.pod:
	Document that other mail_* flags have precedence over mail_badpass.
	[9f4cc9188f40]

	* plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/check.c,
	plugins/sudoers/logging.c, plugins/sudoers/logging.h,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h:
	Move log_denial() calls and logic to log_failure(). Move
	authentication failure logging to log_auth_failure(). Both of these
	call audit_failure() for us.

	This subtly changes logging for commands that are denied by sudoers
	but where the user failed to enter the correct password. Previously,
	these would be logged as "N incorrect password attempts" but now are
	logged as "command not allowed". Fixes bug #563
	[cad35f0b3ad7]

2012-07-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/aix.c:
	Do not set a resource limit to zero when we are unable to fetch a
	value from /etc/security/limits.
	[62bfb0a7895e]

2012-07-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Add "Provides: sudo" to debian sudo-ldap package
	[beb8afa0beb2]

2012-07-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in, zlib/Makefile.in:
	Define NO_VIZ for zlib when gcc doesn't support symbol visibility
	attributes.
	[9fdcbf526386]

	* configure, configure.in:
	Use the autoconf cache when checking for symbol export control
	support.
	[03c2cce8711f]

	* INSTALL, common/Makefile.in, compat/Makefile.in, configure,
	configure.in, mkpkg, plugins/sample/Makefile.in,
	plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in,
	plugins/system_group/Makefile.in, src/Makefile.in:
	Add configure check for building PIE executables instead of doing it
	in mkpkg.
	[02b5b78ef258]

	* sudo.pp:
	MacOS pp backend doesn't like modes longer than 4 characters.
	[01b49022bf01]

2012-07-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Add -Wc,-fstack-protector to LT_LDFLAGS instead of adding
	-fstack-protector to LDFLAGS so it doesn't get stripped out. Libtool
	will strip -fstack-protector from the linker flags and we always
	link with libtool.
	[0a0a0250ac2b]

2012-06-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo_plugin.cat,
	doc/sudo_plugin.man.in, doc/sudoers.cat, doc/sudoers.ldap.cat,
	doc/sudoers.ldap.man.in, doc/sudoers.man.in, doc/sudoreplay.cat,
	doc/sudoreplay.man.in, doc/visudo.cat, doc/visudo.man.in:
	Regen for sudo 1.8.6
	[1657ee28b496]

	* NEWS, doc/sudoers.ldap.pod:
	Document improved Tivoli Directory Server support.
	[fb411edf4687]

	* config.h.in, configure, configure.in, plugins/sudoers/ldap.c:
	Add support for ldaps using Tivoli LDAP libraries. Add ldap.conf
	option to specify Tivoli key db password. Allow TLS ciphers to be
	configured for Tivoli.
	[737e17c91e60]

2012-06-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	Tivoli Directory Server 6.3 libs always return a (bogus) error when
	setting LDAP_OPT_CONNECT_TIMEOUT.
	[504406637c38]

	* NEWS:
	Update
	[687a755604e8]

	* plugins/sudoers/ldap.c:
	Treat LDAP_OPT_CONNECT_TIMEOUT (Tivoli Directory Server 6.3) the
	same as LDAP_OPT_CONNECT_TIMEOUT (OpenSSH). Don't make failure to a
	set an ldap option fatal.
	[17cf93ae3304]

2012-06-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c:
	Zero pointers in sudo_user struct after freeing, just in case.
	[8eff1f80b943]

	* plugins/sudoers/sudoers.c:
	Free user_gids in close function if it has not already been freed.
	[cbce28877f37]

	* plugins/sudoers/pwutil.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	Defer group ID to name resolution until we actually need it.
	[463e75b81e89]

	* src/sudo.c:
	It is safe to read in sudo.conf before calling user_info().
	[3290b6434e3c]

	* plugins/sudoers/env.c, plugins/sudoers/ldap.c:
	Use MAX_UID_T_LEN + 1 for uid/gid buffers, not MAX_UID_T_LEN to
	prevent potential truncation. Bug #562.
	[29d9fc4e0c4e]

2012-06-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	If installing with installp, error out if there is already an
	instance of the rpm package installed.
	[ec24c6faba22]

	* mkpkg:
	Add --disable-nls for AIX
	[192ac2f7d65e]

2012-06-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Debian sudo-ldap packages should now depend on libldap-2.4-2, not
	libldap2.
	[cbcec71e6b58]

2012-06-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Add Homepage and Bugs to debian control file.
	[0f19d7d14e66]

2012-06-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkpkg:
	fix typo when setting aix_freeware
	[2fd6feb50195]

	* common/Makefile.in, compat/Makefile.in, configure, configure.in,
	doc/Makefile.in, include/Makefile.in, plugins/sample/Makefile.in,
	plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in,
	plugins/system_group/Makefile.in, src/Makefile.in, zlib/Makefile.in:
	Don't run regress tests or sudoers sanity check (using the newly-
	built visudo) when cross compiling. Bug #560
	[0c4e3f68b2f5]

	* MANIFEST, configure, configure.in, plugins/sample/Makefile.in,
	plugins/sample/sample_plugin.exp, plugins/sample/sample_plugin.map,
	plugins/sample/sample_plugin.sym, plugins/sample_group/Makefile.in,
	plugins/sample_group/sample_group.exp,
	plugins/sample_group/sample_group.map,
	plugins/sample_group/sample_group.sym, plugins/sudoers/Makefile.in,
	plugins/sudoers/sudoers.exp, plugins/sudoers/sudoers.map,
	plugins/sudoers/sudoers.sym, plugins/system_group/Makefile.in,
	plugins/system_group/system_group.exp,
	plugins/system_group/system_group.map,
	plugins/system_group/system_group.sym:
	Rename foo.sym -> foo.exp Remove foo.map from the repo and generate
	it on demand Use a loader option file for HP-UX ld to explicitly
	export symbols
	[2402ff5302ab]

	* src/Makefile.in:
	Remove extraneous backslash
	[8ca054de138c]

	* plugins/sudoers/regress/check_symbols/check_symbols.c:
	Don't check for errorx as an exported symbols as it is now a macro.
	Check for user_in_group() instead.
	[7b02c8ecd3ea]

2012-06-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Adjust ld map file support to use an anonymous scope to match the
	updated .map files.
	[49be44282d9e]

2012-06-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.in, include/gettext.h:
	Older versions of Solaris lack ngettext()
	[028af10dfa5f]

	* configure, configure.in:
	Move the check for -static-libgcc until after AC_LANG_WERROR has
	been called and use AX_CHECK_COMPILE_FLAG().
	[a7b09120e7ff]

	* include/gettext.h:
	Sudo defines HAVE_SETLOCALE not HAVE_LOCALE_H
	[3aa2780d4a4e]

	* include/error.h, include/sudo_debug.h:
	Fix gcc 2.x variant macro support.
	[8e71c2370997]

	* plugins/sudoers/logging.c, plugins/sudoers/sudoreplay.c:
	Fix compilation on gcc 2.95 and other compilers that only allow
	variable declarations at the beginning of a block.
	[9d80c802bb46]

	* configure, configure.in, plugins/sudoers/Makefile.in:
	Link check_symbols with SUDO_LIBS to make sure we link with the
	requisite libraries to successfully dlopen sudoers.so. This is
	needed on HP-UX where a program dlopen()ing a shared object that
	uses pthreads must also be linked with pthreads (and HP-UX LDAP uses
	pthreads).
	[b8961cd82337]

	* plugins/sudoers/regress/check_symbols/check_symbols.c:
	Add check for exported local symbols. This will cause a "make check"
	failure on systems where we don't support symbol hiding.
	[8aa549389bb1]

	* configure, configure.in:
	Additional ${foo} -> $(foo) Makefile tweaks.
	[046bbde18f52]

	* plugins/sample/sample_plugin.map,
	plugins/sample_group/sample_group.map, plugins/sudoers/sudoers.map,
	plugins/system_group/system_group.map:
	No need to provide a name for the scope in the map file since we
	don't use the it for versioning.
	[5ed4b997560d]

2012-06-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/Makefile.in,
	plugins/sudoers/regress/check_symbols/check_symbols.c:
	Add regress test for symbol visibility.
	[9adddd4e0518]

2012-06-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, configure, configure.in:
	sudo 1.8.6
	[57008a7afb77]

	* configure, configure.in, include/missing.h:
	Add support for controlling symbol visibility using the HP and
	Solaris C compilers.
	[46d5b468979e]

	* plugins/sudoers/iolog.c, plugins/sudoers/iolog_path.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/sudoers.h:
	Use the expanded io log dir when updating the sequence number.
	Includes a workaround for older versions of sudo where the sequence
	number was stored in the unexpanded io log dir.
	[210797dab9a8]

2012-06-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/parse_args.c:
	Simplify "sudo -s" argv rewriting.
	[7be143dae7c5]

	* MANIFEST, configure, configure.in, plugins/sample/Makefile.in,
	plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in,
	plugins/system_group/Makefile.in, src/Makefile.in,
	src/sudo_noexec.map:
	Don't use a map file for sudo_noexec.so since Solaris ld doesn't
	allow '*' in the global section. The libtool export flag is now
	added to LT_LDFLAGS instead of commenting/uncommenting lines.
	[38fc37a66b04]

2012-06-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.in, include/missing.h:
	The visibility attribute was actually added in gcc 3.3.x, not 4.0.
	Just assume that if -fvisibility=hidden works that the attribute is
	usable.
	[d3904d6faf14]

	* plugins/sudoers/check.c, plugins/sudoers/iolog.c,
	plugins/sudoers/iolog_path.c, plugins/sudoers/ldap.c,
	plugins/sudoers/match.c, plugins/sudoers/pwutil.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/sudoers.map,
	plugins/sudoers/sudoers.sym, plugins/sudoers/testsudoers.c,
	plugins/system_group/system_group.c:
	Export group cache from sudoers.so for system_group.so to use.
	[16695d207fc5]

	* MANIFEST, configure, configure.in, include/missing.h,
	plugins/sample/Makefile.in, plugins/sample/sample_plugin.map,
	plugins/sample_group/Makefile.in,
	plugins/sample_group/sample_group.map, plugins/sudoers/Makefile.in,
	plugins/sudoers/iolog.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.map, plugins/system_group/Makefile.in,
	plugins/system_group/system_group.map, src/sudo_noexec.c,
	src/sudo_noexec.map:
	Use gcc's visibility attribute to specify when symbols are visible
	or hidden, if available. If not available, use an ELF version script
	if it is supported. If all else fails, fall back to using libtool's
	-export-symbols.
	[64e889921727]

2012-06-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Add mode for installed locale files but leave the directories with
	default mode and owner.
	[142237dbb31f]

2012-06-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkpkg, sudo.pp:
	Install AIX packages under /opt/freeware with links in /usr/bin and
	/usr/sbin. This matches the layout of the sudo package from AIX
	freeware.
	[0b79d47bbe01]

	* Makefile.in, configure, configure.in, plugins/sample/Makefile.in,
	plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in,
	plugins/system_group/Makefile.in, src/Makefile.in, sudo.pp:
	Install shared objects with mode 0644 except on HP-UX which needs
	the executable bit set.
	[ae416af0ba6c]

	* Makefile.in, doc/Makefile.in, include/Makefile.in,
	plugins/sudoers/Makefile.in, src/Makefile.in:
	Make installed file modes consistent with the file modes in the sudo
	package.
	[307386373289]

2012-06-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.pod:
	Add "%:" prefix when talking about QAS non-Unix group support.
	[7cb25f6861f8]

	* pp, sudo.pp:
	Fix packaging of symbolic links on HP-UX when the link source
	already exists in the filesystem.
	[c9bb48031596]

	* mkpkg:
	Only specify prefix if we are overriding the default value. Fixes
	the man dir (/usr/local/man vs. /usr/local/share/man).
	[65351b6c1697]

	* sudo.pp:
	Fix setting of sudoedit_man variable.
	[9beed9ae5bba]

	* doc/Makefile.in:
	Echo the command when linking the sudoedit manual.
	[6c83b5657b55]

2012-06-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkpkg, sudo.pp:
	Build .deb packages with selinux support.
	[3fd9cb1b4526]

2012-06-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Don't list paths for unstripped binaries in the lintial overrides.
	[4c8e16f1773b]

	* pp:
	Add support for Installed-Size header in control file, required by
	newer debian versions.
	[e97d76234bee]

	* pp:
	Fix extended description in .deb files.
	[d35e27ace146]

	* sudo.pp:
	Add Depends, Replaces and Conflicts headers for .deb packages.
	[76eb6c4b3278]

2012-06-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudo_nss.c:
	If there are no privs to print, write the message to the lbuf
	instead of printing it directly.
	[ecd56226abb7]

2012-05-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Set -e in %pos and %preun for debian to quiet a lintian warning.
	[8bb908514df9]

	* doc/Makefile.in, src/Makefile.in, sudo.pp:
	Install sudoedit and the sudoedit manual as symbolic links, not hard
	links and package them as such.
	[f317ff3cf3e7]

	* sudo.pp:
	Make sudo binary permissions 755 instead of 111 Add lintian
	overrides file for .deb files.
	[991cd7d7f0e1]

	* configure, configure.in, doc/Makefile.in, mkpkg:
	Replace out of date MAN_POSTINSTALL with MANCOMPRESS and
	MANCOMPRESSEXT which can be used to compress the installed manual
	pages. Compress the man pages for .deb files to appease lintian.
	[4e34083b41d2]

	* sudo.pp:
	Debian fixes:
	 * fix modes to be more in line with what Debian expects
	 * add section
	 * install LICENSE as copyright and ChangeLog as changelog
	 * create stub changelog.debian
	[7f6c5647f588]

	* pp:
	Fix find command to properly skip files in the DEBIAN dir when
	building md5sums.
	[8918bde941fa]

	* pp, sudo.pp:
	Use a debian-compliant package maintainer field.
	[fc51a94170eb]

2012-05-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoreplay.c:
	No need to loop over atomic_writev(), it guarantees to write all
	data or return an error.

	Fix handling of stdout/stderr that contains "\r\n" and handle a
	"\r\n" pair that spans a buffer.
	[8aaf02d90c45]

2012-05-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Update for sudo 1.8.5p2
	[d369d4d40a19]

	* plugins/sudoers/sudoreplay.c:
	Instead of doing extra write()s when replaying stdout, build up a
	vector for writev() instead. This results in far fewer system calls.
	[303d866c025c]

2012-05-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/env_hooks.c, src/sudo.h, src/tgetpass.c:
	Provide unhooked version of getenv() and use it when looking up
	DISPLAY and SUDO_ASKPASS in the environment.
	[04dbdccf4a14]

2012-05-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoreplay.c:
	When replaying a log of stdout or stderr, do newline to carriage
	return + linefeed conversion. We cannot have termios do this for us
	since we've disabled output postprocessing (POST) when setting raw
	mode.
	[61352a7d996f]

2012-05-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	When checking for -fstack-protector, treat warnings as fatal errors.
	[4124cd12d511]

2012-05-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Fix test for -z relro
	[548bdb6f5c4a]

	* MANIFEST:
	Add m4/ax_check_compile_flag.m4 and m4/ax_check_link_flag.m4
	[ed063264a2a1]

	* INSTALL, aclocal.m4, configure, configure.in,
	m4/ax_check_compile_flag.m4, m4/ax_check_link_flag.m4:
	Build with -fstack-protector and link with -zrelo where supported.
	Added --disable-hardening option to disable hardening options.
	[0b6c1a1ceb03]

2012-05-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in,
	plugins/sudoers/regress/testsudoers/test1.sh,
	plugins/sudoers/regress/testsudoers/test2.sh,
	plugins/sudoers/regress/testsudoers/test3.sh,
	plugins/sudoers/regress/testsudoers/test4.out.ok,
	plugins/sudoers/regress/testsudoers/test4.sh,
	plugins/sudoers/regress/testsudoers/test5.inc,
	plugins/sudoers/regress/testsudoers/test5.out.ok,
	plugins/sudoers/regress/testsudoers/test5.sh,
	plugins/sudoers/testsudoers.c:
	Add tests for sudoers mode, owner and group checks.
	[a7607443aba0]

	* plugins/sudoers/set_perms.c, plugins/sudoers/sudoers.c:
	If sudoers_mode is group-readable but the actual sudoers file is
	not, open the file as uid 0, not uid 1. This fixes a problem when
	sudoers has a more restrictive mode than what sudo expects to find.
	In older versions, sudo would silently chmod the file to add the
	group-readable bit.
	[c056b6003e6f]

	* INSTALL, common/secure_path.c, config.h.in, configure, configure.in:
	No longer throw an error if sudoers is a symbolic link. Deprecated
	the --with-stow option as that is now (effectively) the default.
	[8ce783e54886]

2012-05-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in,
	plugins/sudoers/regress/testsudoers/test2.inc,
	plugins/sudoers/regress/testsudoers/test2.out.ok,
	plugins/sudoers/regress/testsudoers/test2.sh,
	plugins/sudoers/regress/testsudoers/test3.d/root,
	plugins/sudoers/regress/testsudoers/test3.out.ok,
	plugins/sudoers/regress/testsudoers/test3.sh:
	Add basic tests for #include and #includedir
	[b303e4218951]

	* plugins/sudoers/testsudoers.c:
	Add -U sudoers_uid option to testsudoers.
	[3f8ed13501ba]

2012-05-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, configure, configure.in:
	Update for 1.8.5p1
	[c33c49bf5b4b]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Fix #includedir; from Mike Frysinger
	[d4833d4e39a0]

	* plugins/sudoers/check.c:
	Don't prompt for a password if the user is in the exempt group, is
	root, or is running the command as themselves even if the -k option
	was specified. This makes "sudo -k command" consistent with the
	behavior one would get if the user ran "sudo -k" immediately before
	running the command.
	[632b3961df00]

2012-05-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL:
	Fix capitalization
	[7258aa977caf]

	* mkpkg:
	Build PIE executable on Mac OS X 10.5 and above.
	[2a5c7ef92182]

2012-05-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Update for sudo 1.8.4p5
	[21164f508b68]

	* plugins/sudoers/match_addr.c:
	Add missing break between AF_INET and AF_INET6 in
	addr_matches_if_netmask()
	[672a4793931a]

	* plugins/sudoers/mon_systrace.c:
	Move systrace monitor code to the attic
	[d6faf4754e9c]

2012-05-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c:
	The pointer to the siginfo_t struct in a signal handler may be NULL.
	[41a4ee934b53]

2012-05-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/pwutil.c:
	Fix an alignment problem on NetBSD systems with a 64-bit time_t and
	strict alignment. Based on a patch from Martin Husemann.
	[1e5ba3c18f17]

	* include/missing.h:
	Add offsetof macro for those without it.
	[e44cb51d2587]

	* MANIFEST:
	add system_group plugin
	[6169793b510c]

2012-05-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/dlopen.c:
	Implement RTLD_NEXT and fix RTLD_DEFAULT for HP-UX.
	[85bd03bc5d94]

2012-05-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Mention system_group plugin
	[05393dd4bdb8]

	* Makefile.in, plugins/sudoers/Makefile.in,
	plugins/system_group/Makefile.in:
	update depends
	[6feb0b824fc4]

	* plugins/system_group/system_group.c:
	Only call gr_delref() when use sudo's password caching functions.
	[1103442e21fa]

	* plugins/sample_group/Makefile.in, plugins/system_group/Makefile.in:
	Add missing dependency on libreplace.la
	[05bfd9d4657f]

	* compat/dlopen.c:
	Emulate RTLD_DEFAULT and RTLD_SELF w/ shl_findsym() using NULL and
	PROG_HANDLE.
	[2382d0693acc]

	* Makefile.in, configure, configure.in,
	plugins/system_group/Makefile.in,
	plugins/system_group/system_group.c,
	plugins/system_group/system_group.sym:
	Add group plugin that does lookups by name using the system group
	database.
	[2ddbb604112f]

	* plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po, src/po/pl.mo,
	src/po/pl.po:
	sync with translationproject.org
	[4ef05df4226d]

2012-05-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po,
	src/po/de.mo, src/po/de.po, src/po/eo.mo, src/po/eo.po,
	src/po/fi.mo, src/po/fi.po, src/po/ja.mo, src/po/ja.po,
	src/po/ru.mo, src/po/ru.po, src/po/sr.mo, src/po/sr.po,
	src/po/uk.mo, src/po/uk.po, src/po/vi.mo, src/po/vi.po,
	src/po/zh_CN.mo, src/po/zh_CN.po:
	sync with translationproject.org
	[115c3f828fc5]

2012-05-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Add mode for docdir and use '-' (default) for localedir mode. Fixes
	a problem on Linux when building in a directory with the setgid bit
	set.
	[582279c8bcb1]

2012-04-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* pp:
	Match CentOS 6.0
	[1e99ef210f98]

2012-04-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Update with recent changes
	[c5fc220ba696]

	* pp:
	Fix version check on AIX
	[d272e39112f4]

	* plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
	regen
	[72b23509465a]

	* plugins/sudoers/ldap.c:
	Need to call ldapssl_clientauth_init() for start_tls on Mozilla LDAP
	SDK.
	[87b685e70b9a]

	* plugins/sudoers/ldap.c:
	Fix printing of invalid uri
	[645aa53acdde]

	* plugins/sudoers/auth/pam.c:
	Pass PAM_SILENT when deleting creds to remove an annoying warning
	message on Solaris.
	[1dd0301ef293]

2012-04-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/utmp.c:
	Fix the setutxent and endutxent compatibility defines (this time
	correctly) when only setutent and endutent are available.
	[d136d2867db9]

	* plugins/sudoers/ldap.c:
	sudo_ldap_set_options_global() should not take an LDAP handle as an
	argument since the options affect the global settings.
	[1dc39b9d20f2]

	* mkpkg:
	Debian sudo has not been built with --with-exempt=sudo since 1.6.8.
	[c7716291a856]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod,
	plugins/sudoers/auth/pam.c, src/exec.c, src/exec_pty.c, src/sudo.c,
	src/sudo.h:
	Call the policy's init_session() function before we fork the child.
	That way, the session is created and destroyed in the same process,
	which is needed by some modules, such as pam_mount.
	[ece552ba002e]

	* doc/TROUBLESHOOTING:
	Add entry for SSL LDAP errors on Mozilla SDKs when the cert dir is
	not specified.
	[bd293e100b28]

	* plugins/sudoers/auth/pam.c:
	Delete creds after closing the PAM session.
	[5158d726d6a5]

	* plugins/sudoers/ldap.c:
	Provide a more useful error message if using a Mozilla-style LDAP
	SDK and you forgot to specify TLS_CERT in ldap.conf.
	[7cb78feb899c]

	* src/exec_pty.c:
	Add missing initialization of a sigaction structure when I/O
	logging. Fixes a potential problem when suspending the command.
	[f4480f2ba816]

	* plugins/sudoers/ldap.c:
	Split global and per-connection LDAP options into separate arrays.
	Set global LDAP options before calling ldap_initialize() or
	ldap_init(). After we have an LDAP handle, set the per-connection
	options. Fixes a problem with OpenLDAP using the nss crypto backend;
	bug #342
	[265c9d2dc12b]

	* plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po,
	plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po,
	src/po/de.mo, src/po/de.po, src/po/hr.mo, src/po/hr.po,
	src/po/vi.mo, src/po/vi.po, src/po/zh_CN.mo, src/po/zh_CN.po:
	sync with translationproject.org
	[6d7fe44be21e]

2012-04-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo.c, src/sudo.h:
	Move struct passwd pointer into struct command details.
	[d6fb1eff2065]

2012-04-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* pp:
	Sync with upstream for Mac OS X (and other) fixes.
	[c2f4998d01b0]

	* mkpkg:
	Only built Mac intel universal binary on an intel machine.
	[0009e0b7e5a8]

	* src/Makefile.in:
	Do not pass libtool the -static-libtool-libs option when building
	sudo and sesh. Otherwise, libtool may prefer a static version of an
	installed library over a dynamic one when linking.
	[6fbac9adc885]

2012-04-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, NEWS, doc/CONTRIBUTORS, plugins/sudoers/po/hr.mo,
	plugins/sudoers/po/hr.po, src/po/de.mo, src/po/de.po:
	Add German translation for sudo Add Croatian translation for sudoers
	[fa4da1a6530c]

	* plugins/sudoers/iolog.c:
	typo fix in comment
	[abd721d1288e]

2012-04-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Update with recent changes
	[6fa11e8448b9]

	* Makefile.in, plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
	Sort xgettext output by file name.
	[f650841810f0]

	* doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/sudoreplay.pod:
	Clarify what "sudoreplay -l" displays and mention that it is sorted.
	[84031c117bd6]

	* config.h.in, configure, configure.in, src/ttyname.c:
	Use AC_HEADER_MAJOR to determine where major/minor are defined.
	[3c949650a223]

	* config.h.in, configure, configure.in, src/ttyname.c:
	Include sys/mkdev.h if present instead of sys/sysmacros.h for
	minor(). This is needed on Solaris (at least) where the makedev
	macros in sysmacros.h are obsolete and library functions should be
	used instead.
	[343928acf81e]

	* mkpkg:
	When building on Mac OS X, only set SDK_FLAGS if specified osversion
	doesn't match host.
	[d84c6efac872]

2012-04-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/ttyname.c:
	Add back buf and tty variables for _ttyname() case that were
	inadvertantly removed.
	[a4a820b22a44]

2012-04-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot:
	regen
	[5446b12c1250]

	* configure, configure.in:
	Remove b8 from version number.
	[5adc4dcec061]

	* src/ttyname.c:
	remove some XXX
	[187579a5f593]

	* src/ttyname.c:
	When looking for a device match, do a breadth-first search instead
	of depth-first. We already special case /dev/pts/ so chances are
	good that if it is not a pseudo-tty it is in the base of /dev/. Also
	avoid a stat(2) when possible if struct dirent has d_type.
	[0183f8a1b278]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod,
	src/sudo.c, src/sudo.h:
	Pass pid, ppid, sid, pgid and tcpgid to plugin in user_info list.
	[f0574d878491]

	* src/po/eo.mo, src/po/es.mo, src/po/es.po, src/po/fi.mo,
	src/po/ja.mo, src/po/pl.mo, src/po/ru.mo, src/po/uk.mo,
	src/po/vi.mo:
	sync with translationproject.org
	[4527ea78fbd5]

	* MANIFEST, NEWS, doc/CONTRIBUTORS, src/po/gl.mo, src/po/gl.po,
	src/po/hr.mo, src/po/hr.po:
	New Croatian and Galician translations from translationproject.org
	[ad4bd924b4de]

	* src/ttyname.c:
	Add depth-first traversal of /dev/ for the /proc case when not
	/dev/pts/N
	[499bd3456774]

	* config.h.in, configure, configure.in, plugins/sudoers/sudoreplay.c:
	If struct dirent has d_type, use it to avoid an extra stat().
	[741dabbe4bcd]

	* plugins/sudoers/sudoreplay.c:
	Sort output of "sudoreplay -l"
	[c0615795bd4b]

2012-04-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoreplay.c:
	Fix duplicate free introduced in last rev
	[efdaabe69d75]

2012-04-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/auth/pam.c:
	Instead of treating ^C from tgetpass() specially, always return
	AUTH_INTR if tgetpass() returned NULL. Treat PAM_AUTHINFO_UNAVAIL
	like PAM_AUTH_ERR which Mac OS X returns this when there is no tty.
	[a3b17298d4d0]

	* config.h.in, configure, configure.in, src/ttyname.c:
	Rototill code to determine the tty. For Linux, we now look up the
	tty device in /proc/pid/stat instead of trying to open
	/proc/pid/fd/[0-2]. The sudo_ttyname_dev() function maps the given
	device number to a string. On BSD, we can use devname(). On Solaris,
	_ttyname_dev() does what we want. TODO: write /dev/ traversal code
	for the generic sudo_ttyname_dev().
	[6b22be4d09f0]

2012-04-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/ttyname.c:
	Define PRNODEV for those w/o it.
	[f17290e64559]

	* config.h.in, configure, configure.in, src/ttyname.c:
	Check for SVR4-style struct psinfo.pr_ttydev and use that to
	determine the tty if std{in,out,err} are not ttys.
	[76ad33a91f4b]

	* src/ttyname.c:
	Better support for SVR4-style /proc entries where we can't use
	ttyname() on the /proc/pid/fd/[0-2] entries. We can, however,
	attempt to map the device number back to the correct pseudo-tty
	slave device.
	[4f9f48cc79eb]

	* src/ttyname.c:
	When trying to determine the tty name, check parent's stderr in
	addition to its stdin and stdout.
	[604644056c7d]

	* src/exec_pty.c:
	Treat a tty read failure like EOF as it usually means the pty has
	gone away. Handle write() on the tty returning EIO.
	[16957f4a706f]

	* src/exec.c, src/exec_pty.c:
	Linux select() may return ENOMEM if there is a kernel resource
	shortage. Older Solaris select() may return EIO instead of EBADF
	when the tty goes away. If we get an unhandled select() failure,
	kill the child and exit cleanly.
	[d93940a311ab]

	* src/ttyname.c:
	Open /proc/pid/fd/[0-2] in non-blocking mode just in case we might
	block in open.
	[a9f809d09d52]

2012-04-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/set_perms.c:
	Fix restoration of AIX permissions.
	[30c717115988]

	* src/parse_args.c:
	Allow the -k flag to be used along with the -i and -s flags.
	[0653b17c97f1]

	* plugins/sudoers/sudoreplay.c:
	Plug memory leak in parse_logfile() in the error path.
	[9cce86fa833b]

	* plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po,
	src/po/da.mo, src/po/da.po, src/po/eo.po, src/po/es.po,
	src/po/fi.po, src/po/it.mo, src/po/it.po, src/po/ja.po,
	src/po/pl.po, src/po/ru.po, src/po/uk.po, src/po/vi.po,
	src/po/zh_CN.mo, src/po/zh_CN.po:
	sync with translationproject.org
	[14af43d0b170]

2012-04-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/regress/glob/globtest.c, config.h.in, configure,
	configure.in, plugins/sudoers/match.c:
	Do not use GLOB_BRACE or GLOB_TILDE flags to glob()--we want the
	glob() and fnmatch() results to be consistent.
	[4226750d73c2]

2012-04-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, common/Makefile.in, common/ttysize.c, src/Makefile.in,
	src/ttysize.c:
	Move ttysize.c to common so sudoreplay can use it.
	[b4a0aa514cd4]

	* plugins/sudoers/sudoreplay.c:
	If I/O log file includes rows + cols, warn if the user's tty is not
	big enough.
	[b980ef89efff]

	* plugins/sudoers/sudoreplay.c:
	Fix printing of TSID in "sudoreplay -l"
	[4221e3e108b4]

	* common/sudo_debug.c, include/sudo_debug.h,
	plugins/sudoers/logging.c, plugins/sudoers/visudo.c, src/exec.c,
	src/exec_pty.c:
	Log the process id in the debug file output. Since we don't want to
	keep calling getpid(), stash the value at init time and when we
	fork().
	[2782d30c024d]

	* src/exec_pty.c:
	Ignore SIGTTIN and SIGTTOU in main sudo process when I/O logging. It
	is better to receive EIO from read()/write() than to be suspended
	when we don't expect it. Fixes a problem when our terminal is
	revoked which can happen when, e.g. our sshd is killed
	unceremoniously. Also, only change the value of "alive" from true to
	false, never from false to true. It is possible for us to receive
	notification of the child having stopped after it is already dead.
	This does not mean it has risen from the grave.
	[26c9fe8ce0f9]

	* src/exec_pty.c:
	Distinguish between signals we received from the parent vs. those
	delivered explicitly to the monitor process in debugging info.
	[40716cb180e5]

2012-04-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/check.c:
	In Solaris 11, /dev/pts under the "dev" filesystem, not "devices".
	Update tty_is_devpts() to match so we can determine when the tty has
	been reused.
	[2689665df027]

	* common/sudo_debug.c, include/error.h, include/sudo_debug.h:
	Always pass __func__, __FILE__ and __LINE__ in sudo_debug_printf()
	and use a new flag, SUDO_DEBUG_FILENO to specify when to use it.
	This allows consumers of sudo_debug_printf() to log that data
	without having to specify it manually.
	[7c94c4879208]

	* src/exec_pty.c:
	Make this compile after last change.
	[ee09034f3266]

	* src/exec_pty.c:
	Don't try to restore the terminal if we are not the foreground
	process. Otherwise, we may be stopped by SIGTTOU when we try to
	update the terminal settings when cleaning up.
	[c48b24335456]

	* src/exec.c:
	If select() return EBADF in the main event loop, one of the ttys
	must have gone away so perform any I/O we can and close the bad fds.
	[3bc8678c03ce]

	* common/sudo_debug.c, include/error.h, include/sudo_debug.h,
	plugins/sudoers/toke.c, plugins/sudoers/toke.h,
	plugins/sudoers/toke.l:
	Log warning() at SUDO_DEBUG_WARN not SUDO_DEBUG_ERROR. Log the
	function, file and line number in the debug log for warning() and
	error().
	[894cd131f11d]

2012-04-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/sudo_debug.c, include/error.h, include/sudo_debug.h,
	src/conversation.c:
	Add SUDO_DEBUG_ERRNO flag to debug functions so we can log errno.
	Use this flag when wrapping error() and warning() so the debug
	output includes the error string.
	[1e2c67adaf1f]

2012-03-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Update for sudo 1.8.5
	[7d2b62b823fe]

	* plugins/sudoers/po/sudoers.pot:
	regen
	[718ad9de92cd]

	* doc/CONTRIBUTORS:
	sync
	[f48013aea641]

	* plugins/sudoers/pwutil.c:
	Use ecalloc()
	[fabd23c1f271]

	* src/exec_pty.c:
	Don't need zero_bytes() after ecalloc()
	[1a9d95cd10ef]

	* config.h.in, configure, configure.in, src/sudo_noexec.c:
	Add execvpe(), exect(), posix_spawn() and posix_spawnp() wrappers to
	sudo_noexec.c.
	[cbaa1d4b0f8a]

	* src/utmp.c:
	Fix compat setutxent and endutxent macros for systems with
	setutent() but not setutxent(). From Gustavo Zacarias
	[d7ce622fc5f2]

2012-03-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure.in:
	Add ignore_result definition to AH_BOTTOM
	[8d4096838a98]

	* common/sudo_debug.c, config.h.in, plugins/sample/sample_plugin.c,
	plugins/sudoers/iolog.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l, plugins/sudoers/visudo.c, src/env_hooks.c,
	src/exec.c, src/exec_pty.c, src/tgetpass.c:
	Fix compiler warnings on some platforms and provide a better method
	of defeating gcc's warn_unused_result attribute.
	[9a8f804fcc75]

	* configure, configure.in:
	Fix building the builtin zlib from a build dir. When a zlib dir was
	specified, prepend its include path instead of appending so we get
	the right zlib headers.
	[5f61d591b186]

	* doc/LICENSE, zlib/adler32.c, zlib/crc32.c, zlib/crc32.h,
	zlib/deflate.c, zlib/deflate.h, zlib/gzguts.h, zlib/gzlib.c,
	zlib/gzread.c, zlib/gzwrite.c, zlib/infback.c, zlib/inffixed.h,
	zlib/inflate.c, zlib/inftrees.c, zlib/trees.c, zlib/zconf.h.in,
	zlib/zlib.h, zlib/zutil.c, zlib/zutil.h:
	Update zlib to version 1.2.6
	[173c4bc4d4fc]

2012-03-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/missing.h:
	g/c __unused which is no longer used
	[7ef3f23edcd6]

	* src/env_hooks.c:
	Fix compilation if RTLD_NEXT is not defined.
	[d5605f468b71]

	* src/po/sr.mo, src/po/sr.po:
	sync with translationproject.org
	[27d559f7985d]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudoers.cat,
	doc/sudoers.man.in:
	regen
	[f9f63ce478b6]

	* plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
	regen
	[59035d82d15a]

	* Makefile.in:
	Ignore Project-Id-Version when comparing pot files.
	[22feb9ede46b]

	* plugins/sudoers/bsm_audit.c:
	Use error() instead of log_fatal()
	[54130bda4b50]

	* plugins/sudoers/env.c:
	Fix signedness of didvar in env_update_didvar()
	[77048a80b3e4]

	* plugins/sudoers/iolog.c:
	Quiet a compiler warning on some platforms.
	[8fdcaece0400]

	* compat/fnmatch.c:
	cast ctype(3) function/macro arguments from char to unsigned char to
	avoid potential negative subscripting.
	[bdcf7eef21ef]

	* common/setgroups.c:
	Quiet a warning on systems where the gids array in setgroups() is
	not prototyped as being const, even though it really is.
	[fdd758c6302d]

	* src/env_hooks.c:
	Quiet a compiler warning on systems where the argument to putenv(3)
	is const.
	[51bae2193b53]

	* plugins/sudoers/sudoreplay.c:
	Undo an incorrect int -> bool conversion.
	[b9a4ce320f14]

	* MANIFEST, NEWS, plugins/sudoers/po/sv.mo, plugins/sudoers/po/sv.po,
	src/po/sv.mo, src/po/sv.po:
	Add Swedish sudo and sudoers translations from
	translationproject.org
	[f7ce1de9073f]

	* plugins/sudoers/env.c:
	No need to preserve ODMDIR on AIX now that we always read
	/etc/environment.
	[4aa04b2f0125]

2012-03-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.pod, plugins/sudoers/env.c:
	When initializing the environment for env_reset, start out with the
	contents of /etc/environment on AIX and login.conf on BSD.
	[5717bdc321e2]

	* doc/TROUBLESHOOTING, src/sudo.c:
	If we are not running with an effective uid of 0, try to give the
	user enough information to debug the problem.
	[fa4894896d8a]

	* plugins/sudoers/getdate.c, plugins/sudoers/gram.c:
	Quiet a clang-analyzer false positive.
	[c4c0c1b9c8b0]

	* src/tgetpass.c:
	If there is nothing to read from the askpass program, set errno to
	EINTR. This makes the cancel button behave like the user entered ^C
	at the password prompt when PAM is used.
	[594302cb9caf]

	* src/sudo.h, src/tgetpass.c:
	Fetch the value of "askpass" from the sudo conf struct.
	[4593ee8f1bd3]

	* common/sudo_conf.c:
	Fix matching of "Path askpass" and "Path noexec"
	[4df28d62afb9]

2012-03-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/visudo.c:
	Quiet a clang-analyzer dead store warning.
	[dd90bf385a3f]

	* plugins/sudoers/sudoers.c:
	If the "timestampowner" user cannot be resolved, use ROOT_UID
	instead of exiting with a fatal error.
	[8d62aae99715]

	* plugins/sudoers/auth/bsdauth.c, plugins/sudoers/auth/kerb5.c,
	plugins/sudoers/auth/pam.c, plugins/sudoers/auth/sia.c,
	plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/bsm_audit.c,
	plugins/sudoers/check.c, plugins/sudoers/env.c,
	plugins/sudoers/iolog.c, plugins/sudoers/logging.c,
	plugins/sudoers/logging.h, plugins/sudoers/parse.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sudoers.c:
	Remove the NO_EXIT flag to log_error() and add a log_fatal()
	function that exits and is marked no_return. Fixes false positives
	from static analyzers and is easier for humans to read too.
	[a0fe785c2a3d]

2012-03-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po, src/po/eo.mo,
	src/po/eo.po:
	sync with translationproject.org
	[df5e8777de13]

2012-03-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/po/da.mo, src/po/da.po:
	sync with translationproject.org
	[629d99548b78]

	* plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po:
	sync with translationproject.org
	[9d122a2860d6]

2012-03-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/po/it.mo, src/po/it.po:
	sync with translationproject.org
	[6397593b15cf]

	* common/sudo_conf.c, plugins/sudoers/alias.c,
	plugins/sudoers/defaults.c, plugins/sudoers/env.c,
	plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/interfaces.c, plugins/sudoers/ldap.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/visudo.c, src/exec.c, src/exec_pty.c, src/hooks.c,
	src/load_plugins.c:
	Use ecalloc() when allocating structs.
	[8b5888868db2]

	* common/alloc.c, include/alloc.h:
	Add ecalloc() and commented out recalloc(). Use inline strnlen()
	instead of strlen() in estrndup().
	[7fb9aa46c1e0]

2012-03-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po,
	src/po/fi.mo, src/po/fi.po, src/po/ja.mo, src/po/ja.po,
	src/po/pl.mo, src/po/pl.po, src/po/ru.mo, src/po/ru.po,
	src/po/uk.mo, src/po/uk.po, src/po/vi.mo, src/po/vi.po,
	src/po/zh_CN.mo, src/po/zh_CN.po:
	sync with translationproject.org
	[45a032c37334]

2012-03-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/set_perms.c:
	Remove unused label
	[2660bb0c1313]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod:
	Document what changed in each plugin API revision
	[59b30a6fc4d1]

	* plugins/sudoers/set_perms.c:
	Remove bogus optimization that could lead to a double free of the
	group list.
	[b0bfbd2a83a8]

2012-03-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/TROUBLESHOOTING:
	Expand AIX /etc/security/privcmds entry.
	[9f3f072e034e]

	* NEWS:
	Update for sudo 1.8.5
	[086049011f25]

	* common/sudo_conf.c, doc/sample.sudo.conf, doc/sudo.cat,
	doc/sudo.man.in, doc/sudo.pod, doc/sudo_plugin.cat,
	doc/sudo_plugin.man.in, doc/sudo_plugin.pod, doc/sudoers.cat,
	doc/sudoers.man.in, doc/sudoers.pod, include/sudo_conf.h,
	include/sudo_plugin.h, src/load_plugins.c, src/sudo.c,
	src/sudo_plugin_int.h:
	Rename plugin "args" to "options"
	[f25624951bd2]

	* doc/CONTRIBUTORS:
	Add Lithuanian and Vietnamese translators
	[2b4c075b69e3]

	* Makefile.in:
	Ignore comments when comparing new and old pot files.
	[f872999347b3]

	* src/Makefile.in:
	regen
	[c8193b1b11c7]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in:
	regen
	[15e3c17e8a3a]

	* doc/sudo_plugin.pod, include/sudo_plugin.h,
	plugins/sudoers/auth/pam.c, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/auth/sudo_auth.h, plugins/sudoers/env.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h, src/hooks.c,
	src/sudo.c, src/sudo.h:
	Pass a pointer to user_env in to the init_session policy plugin
	function so session setup can modify the user environment as needed.
	For PAM authentication, merge the PAM environment with the user
	environment at init_session time. We no longer need to swap in the
	user_env for environ during session init, nor do we need to disable
	the env hooks at init_session time.
	[3f5277b359d8]

	* plugins/sample/sample_plugin.c:
	Add explicit NULL entries for init_session, register_hooks and
	deregister_hooks with appropriate comments.
	[727a57978b40]

	* compat/pw_dup.c:
	Quiet a gcc "used uninitialized in this function" false positive.
	[f14b68379ce9]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	We should always call warning() with a format string or a string
	literal. In this case, the argument (path) is not user-controlled.
	[e9ef51224024]

2012-03-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/selinux.c:
	Include sudo_exec.h for the sudo_execve() prototype.
	[769e58065edc]

	* config.h.in, configure, configure.in:
	Add check for pam_getenvlist()
	[36bde3f26c60]

	* common/sudo_conf.c:
	Set args to NULL in default plugin info struct when there is no
	Plugin line in sudo.conf.
	[93ec67708f01]

	* plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
	regen
	[a9287677795c]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo_plugin.cat,
	doc/sudo_plugin.man.in, doc/sudoers.cat, doc/sudoers.ldap.cat,
	doc/sudoers.ldap.man.in, doc/sudoers.man.in, doc/sudoreplay.cat,
	doc/sudoreplay.man.in, doc/visudo.cat, doc/visudo.man.in:
	regen
	[a242769d7962]

	* configure, configure.in:
	Bump version to 1.8.5
	[e8618f0c2505]

	* doc/sudo_plugin.pod:
	Document hooks API
	[e6ad07d27958]

2012-03-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Make sudoersdir relative to PKG_INSTALL_ROOT for Solaris.
	[fd72340042d3]

	* include/sudo_plugin.h:
	Use sudo_hook_fn_t in struct sudo_hook.
	[938f93112d6e]

	* doc/TROUBLESHOOTING:
	If cross compiling, --host must include the OS in the tuple. E.g.
	--host powerpc-unknown-linux
	[b8c010070c1e]

2012-03-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/parse.c:
	Fix bogus int -> bool conversion; tags can have a value of -1.
	[e63d6434a303]

	* plugins/sudoers/env.c:
	Add env_should_keep() and env_should_delete() wrapper functions to
	simplify things a bit and hide the fact that matches_env_check() is
	not bool.
	[7a03d7a12b50]

	* sudo.pp:
	Fix application of debian-specific sudoers mods when building
	packages as non-root.
	[34bf4c52c425]

	* plugins/sudoers/env.c:
	matches_env_check() returns int, not boolean
	[0ad915b8d5cb]

	* src/sudo_edit.c:
	Fix compilation when seteuid() is not available.
	[8a722f998000]

	* src/ttyname.c:
	Simply move the free of ki_proc outside the realloc() loop.
	[217b786da760]

	* src/ttyname.c:
	Bring back the erealloc() for the ENOMEM loop and just zero the
	pointer after we free it.
	[29a016e45127]

	* src/ttyname.c:
	Don't try to erealloc() a potentially freed pointer; Mateusz Guzik
	[266e08844065]

2012-03-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/set_perms.c:
	Use normal error path if unable to set sudoers gid.
	[01c816918c99]

	* plugins/sudoers/set_perms.c:
	Make this work again on systems w/o seteuid().
	[2e67f7421e97]

2012-03-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/set_perms.c:
	Fix compilation if no seteuid/setreuid/setresuid available.
	[d0b3c1f88eb4]

	* plugins/sudoers/set_perms.c:
	Better error messages, and added debugging throughout. Fixed
	seteuid() version of set_perms()/restore_perms(). Fixed logic bug in
	AIX version of restore_perms(). Added checks to avoid changing
	uid/gid when we don't have to. Never set gid/uid state to -1, use
	the old value instead.
	[29188d469b5c]

	* src/exec_pty.c, src/ttyname.c:
	Fix format string warning on Solaris with gcc 3.4.3.
	[d1eeb6e1dd0f]

	* src/sudo.c:
	Always declare environ now that we swap it around unilaterally.
	[aaa3e92e7d0d]

	* src/Makefile.in:
	Honor LDFLAGS when linking sesh; from Vita Cizek
	[498b41438f6e]

	* src/sesh.c:
	Include alloc.h for estrdup() prototype; from Vita Cizek
	[93203655a320]

2012-03-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c:
	Don't read /etc/environment on Linux when using PAM, PAM should set
	the environment variables as needed via pam_env.
	[b1ef62cb2d40]

	* INSTALL:
	Fix editor goof.
	[0c3dd3bb8b57]

	* src/hooks.c, src/sudo.c, src/sudo.h:
	Disable environment hooks after we get user_env back to make sure a
	plugin can't to modify user_env after we "own" it. This is kind of a
	hack but we don't want the init_session plugin function to modify
	user_env.
	[8e6d119452a5]

	* src/hooks.c, src/sudo.c:
	Add support for deregistering hooks. If an I/O log plugin fails to
	initialize, deregister its hooks (if any).
	[ac00c93900c5]

2012-03-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c, src/sudo.c:
	Move LOGIN_PATH and LOGIN_SETENV handling to plugin now that we hook
	setenv.
	[e75469dd9908]

	* MANIFEST, aclocal.m4, common/sudo_debug.c, compat/Makefile.in,
	compat/setenv.c, compat/unsetenv.c, config.h.in, configure,
	configure.in, include/sudo_debug.h, include/sudo_plugin.h, mkdep.pl,
	plugins/sudoers/auth/aix_auth.c, plugins/sudoers/env.c,
	plugins/sudoers/ldap.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, src/Makefile.in, src/env_hooks.c,
	src/hooks.c, src/load_plugins.c, src/sudo.c, src/sudo.h,
	src/sudo_plugin_int.h:
	Initial cut at a hooks implementation. The plugin can register hooks
	for getenv, putenv, setenv and unsetenv. This makes it possible for
	the plugin to trap changes to the environment made by authentication
	methods such as PAM or BSD auth so that such changes are reflected
	in the environment passed back to sudo for execve().
	[61cffa06f863]

2012-03-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, src/po/vi.mo, src/po/vi.po:
	Add Vietnamese sudo translation from translationproject.org
	[96df426790d5]

2012-03-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sample.sudo.conf, doc/sudo.pod, doc/sudo_plugin.pod,
	doc/sudoers.pod:
	List sudo_noexec.so not noexec.so in the sample sudo.conf
	[53844e190ec5]

	* common/sudo_conf.c, doc/sample.sudo.conf, doc/sudo.pod,
	doc/sudo_plugin.pod, doc/sudoers.pod, include/sudo_conf.h,
	include/sudo_plugin.h, plugins/sample/sample_plugin.c,
	plugins/sudoers/iolog.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/toke.l, src/load_plugins.c, src/sudo.c,
	src/sudo_plugin_int.h:
	Add support for plugin args at the end of a Plugin line in
	sudo.conf. Bump the minor number accordingly and update the
	documentation. A plugin must check the sudo front end's version
	before using the plugin_args parameter since it is only supported
	for API version 1.2 and higher.
	[587f1f819536]

2012-03-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in:
	update depends
	[6d2da44e11e5]

	* MANIFEST:
	secure_path.c is in common, not compat
	[619c4a663dde]

	* configure, configure.in:
	Add check for variadic macro support in cpp.
	[756854caf675]

2012-02-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/secure_path.c, common/sudo_conf.c, include/secure_path.h,
	plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Add type param to sudo_secure_path() and add sudo_secure_file() and
	sudo_secure_dir() wrappers which get by #includedir in sudoers.
	[2ec2d3d8df04]

2012-02-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/visudo.pod, plugins/sudoers/visudo.c:
	Check the owner and mode in -c (check) mode unless the -f option is
	specified. Previously, the owner and mode were checked on the main
	sudoers file when the -s (strict) option was given, but this was not
	documented.
	[b2d6ee1e547a]

	* config.h.in, configure, configure.in, src/ttyname.c:
	Prefer KERN_PROC2 over KERN_PROC. Fixes compilation on some versions
	of OpenBSD versions that have KERN_PROC2 but not KERN_PROC.
	[159f6a50456a]

2012-02-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/CONTRIBUTORS:
	Add Eric Lakin for patch in bug #538
	[490c29c234c6]

	* src/exec_pty.c:
	Fix typo in safe_close() made while converting to debug framework
	that prevented it from actually closing anything.
	[a66422a62afd]

	* src/exec_pty.c:
	Add some more debugging.
	[b5667947dda9]

	* common/Makefile.in, compat/Makefile.in, doc/Makefile.in,
	include/Makefile.in:
	We need sysconfdir in compat/Makfile to get the proper sudo.conf
	path. Add standard prefix and foodir expansion in all Makefiles to
	avoid this problem in the future.
	[62b6ce4ecae9]

2012-02-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/po/lt.mo, plugins/sudoers/po/lt.po:
	New Lithuanian sudoers translation from translationproject.org
	[10436b649035]

	* plugins/sudoers/po/ja.po:
	Update from translationproject.org
	[acb8db5f8ef1]

2012-02-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	When adding gids to the LDAP filter, only add the primary gid once.
	This is consistent with the space computation/allocation. From Eric
	Lakin
	[35d9d99c92c6]

	* doc/TROUBLESHOOTING:
	Add entry for AIX enhanced RBAC config.
	[5e10b6f8def7]

	* mkpkg:
	Target Mac OS X 10.5 when building packages.
	[06fce9bbebee]

2012-02-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, common/Makefile.in, common/secure_path.c,
	common/sudo_conf.c, include/secure_path.h,
	plugins/sudoers/Makefile.in, plugins/sudoers/sudoers.c:
	Relax the user/group/mode checks on sudoers files. As long as the
	file is owned by the right user, not world-writable and not writable
	by a group other than the one specified at configure time (gid 0 by
	default), the file is considered OK. Note that visudo will still set
	the mode to the value specified at configure time.
	[241174babfcc]

2012-02-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/set_perms.c:
	Add AIX-specific version of permission setting code to make sure
	that the saved uid gets restored properly.
	[9a6f5d22c301]

	* config.h.in, configure, configure.in, src/exec_common.c:
	Check for LD_PRELOAD variants in configure instead of checkign cpp
	symbols. In disable_execute(), compute the length of the new envp
	and allocate it once instead of reallocating on demand. Also append
	old value of LD_PRELOAD (if any) to the new value.
	[680266346917]

	* plugins/sudoers/def_data.c, plugins/sudoers/def_data.in:
	Fix the description of noexec.
	[6a6d142f3c80]

	* plugins/sudoers/defaults.c, plugins/sudoers/defaults.h:
	The "op" parameter to set_default() must be int, not bool since it
	is set to '+' or '-' for list add and subtract.
	[8da5b137bea2]

	* sudo.pp:
	Make sure sudoers is writable before calling ed script.
	[95352ab6336b]

2012-02-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/CONTRIBUTORS, doc/contributors.pod:
	Update contributors. Now includes translators and authors of compat
	code.
	[4fb5b616b50a]

2012-02-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/po/sudo.pot:
	regen
	[2c86e2c328fe]

	* pp, sudo.pp:
	Build flat packages, not package bundles, on Mac OS X.
	[57bda3cd5520]

2012-02-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Move macos section to be with the other OS-specific sections.
	[51423bb2973a]

	* plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po:
	Sync with translationproject.org
	[8ce41cbb8da0]

	* configure, configure.in:
	Don't permanently add -D_FORTIFY_SOURCE=2 to CPPFLAGS
	[fa979aa6fe7d]

	* sudo.pp:
	Add Mac OS X support, printing the latest chunk of the NEWS file and
	the license text in the installer.
	[ffeab72387c0]

	* sudo.pp:
	Add explicit file modes that match those used by "make install"
	[7eb37242c920]

	* pp:
	Sync with upstream for Mac OS X fixes.
	[97cba179041e]

	* plugins/sudoers/Makefile.in, src/Makefile.in:
	Got back to using "install-sh -M" for files installed as non-
	readable by owner. This fixes "make install" as non-root for package
	building.
	[967804ee77d6]

2012-02-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po,
	plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po:
	Sync with translationproject.org
	[0e53db12039a]

	* Makefile.in, doc/Makefile.in, include/Makefile.in,
	plugins/sample/Makefile.in, plugins/sample_group/Makefile.in,
	plugins/sudoers/Makefile.in, src/Makefile.in:
	Use -m not -M for install-sh for everything except setuid. Install
	locale .mo files mode 0444, not 0644. If timedir parent doesn't
	exist, use default dir mode, not 0700.
	[8b6f64c92090]

2012-02-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* pp:
	Re-sync with upstream; no longer need a local patch.
	[97a2c7be5e59]

	* mkpkg:
	Add support for building Mac OS X packages.
	[94d49ac223a4]

	* pp:
	Sync with upstream
	[1c97654fc841]

	* src/Makefile.in:
	No longer need to define _PATH_SUDO_CONF here.
	[2560905b7482]

	* src/exec_common.c:
	Fix noexec for Mac OS X.
	[b7a744bca2c0]

2012-02-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/Makefile.in:
	Move _PATH_SUDO_CONF override to common to match sudo_debug.c
	[f0788972a63a]

	* plugins/sudoers/set_perms.c:
	More complete fix for LDR_PRELOAD on AIX. The addition of
	set_perm(PERM_ROOT) before calling the nss open functions (needed to
	avoid a GNU TLS bug) also broke LDR_PRELOAD. Setting the effective
	and then real uid to 0 for PERM_ROOT works around the issue.
	[5888eda051af]

	* plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
	regen
	[997fe403e219]

	* src/sudo.c:
	Set real uid to root before calling sudo_edit() or run_command() so
	that the monitor process is owned by root and not by the user.
	Otherwise, on AIX at least, the monitor process shows up in ps as
	belonging to the user (and can be killed by the user).
	[d4772d7d2fc5]

	* plugins/sudoers/set_perms.c:
	For PERM_ROOT when using setreuid(), only set the euid to 0 prior to
	the call to setuid(0) if the current euid is non-zero. This
	effectively restores the state of things prior to rev 7bfeb629fccb.
	Fixes a problem on AIX where LDR_PRELOAD was not being honored for
	the command being executed.
	[b9b40325b4dc]

	* MANIFEST, compat/pw_dup.c, config.h.in, configure, configure.in,
	include/missing.h, src/sudo.c:
	Make a copy of the struct passwd in exec_setup() to make sure
	nothing in the policy init modifies it.
	[b721261c921f]

2012-02-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.pod:
	update copyright
	[f9d229d1f65e]

	* common/sudo_debug.c, include/sudo_debug.h:
	g/c now-unused debug subsystems
	[8f21726e698f]

	* doc/sudo.pod, doc/sudoers.pod:
	Enumerate the debug subsystems used by sudo and sudoers.
	[ac4f84293d14]

2012-02-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, common/sudo_conf.c, doc/sample.sudo.conf, doc/sudo.pod,
	include/sudo_conf.h, src/sudo.c:
	Normally, sudo disables core dumps while it is running. This
	behavior can now be modified at run time with a line in sudo.conf
	like "Set disable_coredumps false"
	[ad14e0508b0d]

	* NEWS:
	Mention Spanish translation
	[600f3205bd6e]

	* common/sudo_debug.c:
	Make sure we don't try to fall back to using the conversation
	function for debugging in the main sudo process if we are unable to
	open the debug file.
	[ffa329aa908c]

	* MANIFEST, src/po/es.mo, src/po/es.po:
	Add sudo Spanish translation from translationproject.org
	[c1906654e740]

2012-02-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog.c:
	Better debug subsystem usage
	[1a31f115743c]

	* src/sudo.c:
	Remove duplicate function prototypes
	[ae04b00532eb]

2012-02-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Error out if user specified --with-pam but we can't find the headers
	or library. Also throw an error if the headers are present but the
	library is not and vice versa.
	[d6bf3e3d0aae]

2012-01-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c:
	Fix the sudoers permission check when the expected sudoers mode is
	owner-writable.
	[8b0b7e770a22]

2012-01-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Verify that we can link executables built with -D_FORTIFY_SOURCE
	before using it.
	[7578215d1a95]

	* src/exec_common.c:
	Fix potential off-by-one when making a copy of the environment for
	LD_PRELOAD insertion. Fixes bug #534
	[cc699cd551b6]

	* configure, configure.in:
	Add rudimentary check for _FORTIFY_SOURCE support by checking for
	__sprintf_chk, one of the functions used by gcc to support it.
	[a992673d2ef8]

	* compat/stdbool.h, config.h.in, configure, configure.in:
	Use AC_HEADER_STDBOOL instead of checking for stdbool.h ourselves.
	[8ba1370884b3]

2012-01-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
	regen
	[1e0b38397705]

2012-01-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c, src/sudo.c:
	The change in 818e82ecbbfc that caused to exit when the monitor dies
	created a race condition between the monitor exiting and the status
	being read. All we really want to do is make sure that select()
	notifies us that there is a status change when the monitor dies
	unexpectedly so shutdown the socketpair connected to the monitor for
	writing when it dies. That way we can still read the status that is
	pending on the socket and select() on Linux will tell us that the fd
	is ready.
	[7fb5b30ea48d]

	* MANIFEST, src/Makefile.in, src/exec.c, src/exec_common.c,
	src/exec_pty.c, src/selinux.c, src/sesh.c, src/sudo.c, src/sudo.h,
	src/sudo_exec.h:
	Refactor disable_execute() and my_execve() into exec_common.c for
	use by sesh.c. This fixes NOEXEC when SELinux is used. Instead of
	disabling exec in exec_setup(), disable it immediately before
	executing the command. Adapted from a diff by Arno Schuring.
	[ec4d8b53db6b]

2012-01-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* aclocal.m4, configure, configure.in:
	Add custom version of AC_CHECK_LIB that uses the extra libs in the
	cache value name. With this we no longer need to rely on a modified
	version of autoconf.
	[1c3b1d482d6c]

2012-01-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Better handling of network functions that need -lsocket -lnsl
	[cc386342ec2b]

	* src/sudo.c:
	When setting up the execution environment, set groups before
	gid/egid like sudo 1.7 did.
	[928e1c5fa6c1]

	* configure, configure.in:
	Remove "WARNING: unable to find foo() trying -lsocket -lnsl"
	[84b23cdf138f]

	* plugins/sudoers/sudoers.c:
	For "sudo -g" prepend the specified group ID to the beginning of the
	groups list. This matches BSD convention where the effective gid is
	the first entry in the group list. This is required on newer FreeBSD
	where the effective gid is not tracked separately and thus
	setgroups() changes the egid if this convention is not followed.
	Fixes bug #532
	[782d6909108b]

2012-01-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Fix sh warning; use "test" instead of "["
	[c6ee3407f65e]

	* src/exec.c:
	When not logging I/O, use a signal handler that only forwards
	SIGINT, SIGQUIT and SIGHUP when they are user-generated signals.
	Fixes a race in the non-I/O logging path where the command may
	receive two keyboard-generated signals; one from the kernel and one
	from the sudo process.
	[9638684e786a]

	* src/exec.c:
	Back out change that put the command in its own pgrp when not
	logging I/O. It causes problems with pipelines.
	[4fc9c6e1e770]

2012-01-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/Makefile.in, configure, configure.in:
	Only run compat regress tests on compat objects we actually build.
	Fixes "make check" in the compat dir for systems that don't
	implement character classes in fnmatch() or glob(). Bug #531
	[a7addc305e83]

2012-01-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po:
	Update po files from translationproject.org
	[5ea066af1356]

2012-01-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Include parent directories in case they don't already exist. This
	fixes a directory permissions problem with the AIX package when the
	/usr/local directories don't already exist.
	[a14f783dc827]

	* pp:
	sync with git version
	[2f79d0543661]

	* common/Makefile.in, plugins/sudoers/Makefile.in, src/Makefile.in:
	regen dependencies
	[24c92ca6c64d]

	* MANIFEST, src/Makefile.in, src/sudo.c, src/sudo.h, src/ttyname.c:
	Move tty name lookup code to its own file.
	[58faf072cbf4]

2012-01-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Update with latest sudo 1.8.4 changes.
	[a4ffe4f42528]

	* config.h.in, configure, configure.in:
	Remove obsolete template for HAVE_TIMESPEC
	[75709007c906]

	* src/sudo.c:
	Add a check for devname() returning a fully-qualified pathname. None
	of the devname() implementations do this today but you never know
	when this might change.
	[16813ace38f9]

2012-01-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/visudo.c:
	For "visudo -c" also list include files that were checked when
	everything is OK.
	[ad6f85b35c9c]

	* src/sudo.c:
	The device name returned by devname() does not include the /dev/
	prefix so we need to add it ourselves.
	[b55285abb7ed]

	* src/sudo.c:
	Add debug warning if KERN_PROC sysctl fails or devname() can't
	resolve the tty device to a name.
	[b5a23916ba3a]

	* common/sudo_debug.c:
	The result of writev() is never checked so just cast to NULL.
	[4be4e9b58d5b]

	* plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po:
	Update Esperanto, Finnish, Polish and Ukrainian translations from
	translationproject.org.
	[bb91bc6ad7e9]

2012-01-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.in, src/sudo.c:
	Add support for determining tty via sysctl on other BSD variants.
	[fd15f63f719a]

	* configure, configure.in:
	Only check for struct kinfo_proc.ki_tdev on systems that support
	sysctl.
	[109b3f07a39d]

	* src/sudo.c:
	For FreeBSD, try the KERN_PROC_PID sysctl() first, falling back on
	ttyname() of std{in,out,err}.
	[95969b70bd68]

2012-01-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.in, src/sudo.c:
	On newer FreeBSD we can get the parent's tty name via sysctl().
	[3207290501ee]

	* plugins/sudoers/testsudoers.c:
	Include locale.h
	[a602cd0b8c2d]

	* src/sudo.c:
	Silence a gcc warning.
	[8c6d0e3cd534]

	* plugins/sudoers/bsm_audit.c:
	Need to include gettext.h and sudo_debug.h; from John Hein
	[447912aa7300]

	* plugins/sudoers/iolog.c:
	Initialize the debug framework from the I/O plugin too.
	[ce1bf44d96d2]

2012-01-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/testsudoers.c:
	Enable debugging via sudo.conf.
	[d85669c749d0]

2012-01-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/visudo.c:
	Use SUDO_DEBUG_ALIAS for alias checking functions.
	[fb84af30dc76]

	* configure, configure.in:
	More complete test for getaddrinfo() that doesn't rely on the
	network libraries already being added to LIBS.
	[cbaf2369f4f0]

2012-01-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/aix.c:
	Add debug support.
	[def1bdf24485]

	* configure, configure.in:
	Need -lsocket -lnsl for getaddrinfo(3) on Solaris at least.
	[a2ea1c2eac61]

	* compat/getaddrinfo.c:
	Include errno.h and missing.h
	[7d15e17cc2f2]

	* .hgignore:
	ignore doc/varsub
	[417f9fc3231b]

	* configure.in, doc/visudo.pod, plugins/sudoers/Makefile.in,
	plugins/sudoers/gram.y, plugins/sudoers/match.c,
	plugins/sudoers/parse.c, plugins/sudoers/testsudoers.c, src/exec.c,
	src/parse_args.c, src/sudo.c, src/sudo.h:
	Update copyright year.
	[5d0ffc7dd567]

	* NEWS:
	Update for sudo 1.8.4
	[841e3eff9844]

	* plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
	regen pot files
	[c509cb45b66a]

	* plugins/sudoers/sudoreplay.c:
	Enable debugging via sudo.conf.
	[5087aaee8484]

	* plugins/sudoers/visudo.c:
	Enable debugging via sudo.conf.
	[04b067c16ed3]

	* plugins/sudoers/visudo.c:
	Allow "visudo -c" to work when we only have read-only access to the
	sudoers include files.
	[d8c6713fe5c1]

	* doc/sudo.pod, doc/visudo.pod:
	Mention the CONTRIBUTORS file, not HISTORY in AUTHOR section. Add
	HISTORY section in sudo that points to HISTORY file.
	[d1f1bcb051c5]

	* doc/sudo.pod, doc/sudo_plugin.pod:
	Document Debug setting in sudo.conf and debug_flags in plugin.
	[acfc505aa4a9]

2012-01-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/match.c:
	Do not include GLOB_MARK in the flags we pass to glob(3). Fixes a
	bug where a pattern like "/usr/*" include /usr/bin/ in the results,
	which would be incorrectly be interpreted as if the sudoers file had
	specified a directory. From Vitezslav Cizek.
	[0cdb6252188c]

	* INSTALL, config.h.in, configure, configure.in,
	plugins/sudoers/auth/kerb5.c:
	Add --enable-kerb5-instance configure option to allow people using
	Kerberos V authentication to use a custom instance. Adapted from a
	diff by Michael E Burr.
	[e83af8bb7aa7]

	* doc/sudo.pod, src/parse_args.c, src/sudo.c, src/sudo.h:
	Remove -D debug_level option.
	[cbcd05094347]

	* doc/LICENSE:
	Update copyright year.
	[9f43dd7aa852]

2012-01-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/parse.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/visudo.c:
	parse_error is now bool, not int
	[5ea7fb6fda38]

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/parse.c:
	Print a more sensible error if yyparse() returns non-zero but
	yyerror() was not called.
	[d44ec88f1183]

	* plugins/sudoers/Makefile.in, plugins/sudoers/getdate.c,
	plugins/sudoers/gram.c:
	Replace y.tab.c with the correct filename in #line directives.
	[3c84fcb7e959]

2012-01-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo.c:
	When trying to determine the tty, fall back on /proc/ppid/fd/{0,1,2}
	if the main process's fds 0-2 are not hooked up to a tty. Adapted
	from a diff by Zdenek Behan.
	[b9dfce12af85]

	* src/exec.c:
	When not logging I/O, put command in its own pgrp and make that the
	controlling pgrp if the command is in the foreground. Fixes a race
	in the non-I/O logging path where the command may receive two
	keyboard-generated signals; one from the kernel and one from the
	sudo process.
	[d0e263ce496c]

2011-12-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo_edit.c:
	Quiet a bogus gcc warning.
	[2009669e0608]

	* src/parse_args.c, src/sudo.h:
	Fix warnings related to sudo.conf accessors.
	[08ddc29ba50b]

	* common/sudo_conf.c, include/sudo_conf.h:
	Separate sudo.conf parsing from plugin loading and move the parse
	functions into the common lib so that visudo, etc. can use them.
	[f1fc659a8079]

	* MANIFEST, common/Makefile.in, src/Makefile.in, src/load_plugins.c,
	src/parse_args.c, src/sudo.c, src/sudo_plugin_int.h:
	Separate sudo.conf parsing from plugin loading and move the parse
	functions into the common lib so that visudo, etc. can use them.
	[e1f2cf6bd57a]

	* doc/sudoers.pod, plugins/sudoers/def_data.c,
	plugins/sudoers/def_data.h, plugins/sudoers/def_data.in,
	plugins/sudoers/sudoers.c, src/sudo.c:
	Remove support for noexec_file in sudoers and the plugin API
	[3e2fd58879b5]

	* plugins/sudoers/sudoers.c:
	Don't dump interfaces if there are none.
	[9081bb4d3e9e]

	* plugins/sudoers/def_data.c, plugins/sudoers/def_data.in:
	Add missing %s printf escape to the group_plugin, iolog_dir and
	iolog_file descriptions.
	[7db03f2b737e]

2011-12-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/def_data.c, plugins/sudoers/def_data.in, src/exec.c:
	Fix typo in visiblepw description; from Joel Pickett
	[2fb4b26d5c2c]

2011-12-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, configure, configure.in, mkdep.pl,
	plugins/sudoers/Makefile.in, plugins/sudoers/env.c,
	plugins/sudoers/login_class.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, src/sudo.c:
	When running a login shell with a login_class specified, use
	LOGIN_SETENV instead of rolling our own login.conf setenv support
	since FreeBSD's login.conf has more than just setenv capabilities.
	This requires us to swap the plugin-provided envp for the global
	environ before calling setusercontext() and then stash the resulting
	environ pointer back into the command details, which is kind of a
	hack.
	[ad4f1190143b]

	* plugins/sudoers/Makefile.in:
	If srcdir is "." just use the basename of the yacc/lex file when
	generating the C version. This matches the generated files currently
	in the repo.
	[0b11c3df87a8]

	* doc/Makefile.in, plugins/sudoers/Makefile.in:
	Clean up the DEVEL noise
	[9de2afe457fd]

	* src/exec.c:
	Handle different Unix domain socket (actually socketpair) semantics
	in BSD vs. Linux. In BSD if one end of the socketpair goes away
	select() returns the fd as readable and the read will fail with
	ECONNRESET. This doesn't appear to happen on Linux so if we notice
	that the monitor process has died when I/O logging is enabled,
	behave like the command has exited. This means we log the wait
	status of the monitor, not the command, but there is nothing else we
	can do at that point. This should only be an issue if SIGKILL is
	sent to the monitor process.
	[818e82ecbbfc]

	* src/exec_pty.c:
	Catch common signals in the monitor process so they get passed to
	the command. Fixes a problem when the entire login session is killed
	when ssh is disconnected or the terminal window is closed.
	Previously, the monitor would exit and plugin's close method would
	not be called.
	[0e4658263138]

	* INSTALL, configure, configure.in:
	Mention how to configure pam_hpsec on HP-UX to play nicely with
	sudo.
	[a7294cd8ce98]

2011-12-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	Escape values in the search expression as per RFC 4515.
	[c2adbc5db92b]

	* doc/Makefile.in, include/Makefile.in, plugins/sample/Makefile.in,
	plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in,
	src/Makefile.in:
	No need for install target to depend explicitly on install-dirs, the
	install-foo targets all depend on it.
	[62a36ed98279]

2011-12-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* .hgignore:
	ignore src/sesh
	[463d492f6782]

	* MANIFEST, common/Makefile.in, configure, configure.in, mkdep.pl,
	plugins/sample/Makefile.in, plugins/sample_group/Makefile.in,
	plugins/sudoers/Makefile.in, plugins/sudoers/env.c,
	plugins/sudoers/login_class.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, src/Makefile.in:
	Add support for setenv entries in login.conf. We can't use
	LOGIN_SETENV since the plugin sets up the envp the command is
	executed with. Also regen the Makefile.in files while here. Fixes
	bug #527
	[088d507926e2]

2011-12-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, aclocal.m4, compat/getaddrinfo.c, compat/getaddrinfo.h,
	config.h.in, configure, configure.in, plugins/sudoers/sudoers.c,
	src/net_ifs.c:
	Add getaddrinfo() for those without it, written by Russ Allbery
	[4cf9ac831222]

	* doc/Makefile.in:
	Restore PACKAGE_TARNAME, it is used in docdir
	[9d65e893edb1]

	* MANIFEST, compat/stdbool.h:
	SunPro C Compiler also has a _Bool builtin. Also add stdbool.h to
	the MANIFEST
	[e67700dc5621]

	* common/atobool.c, common/term.c, src/exec.c:
	Remove duplicate return statements.
	[48a20d5215fd]

	* plugins/sudoers/auth/bsdauth.c:
	Remove inaccurate comment
	[e7f0265cf657]

	* plugins/sudoers/auth/bsdauth.c, plugins/sudoers/sudoers.c:
	Fetch the login class for the user we authenticate specifically when
	using BSD authentication. That user may have a different login class
	than what we will use to run the command. When setting the login
	class for the command, use the target user's struct passwd, not the
	invoking user's. Fixes bug 526
	[21bf0af892f7]

	* compat/Makefile.in, configure, configure.in, doc/Makefile.in,
	plugins/sudoers/Makefile.in:
	Replace @DEV@ prefix with DEVEL variable so we can do "make DEVEL=1"
	[8ee6e0891f27]

	* plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/parser/check_addr.c,
	plugins/sudoers/regress/parser/check_fill.c:
	Fix "make check" fallout from the sudo_conv changes in sudo_debug.
	[b0aaa63c9081]

	* common/fileops.c, common/sudo_debug.c, configure, configure.in,
	include/fileops.h, plugins/sample/Makefile.in,
	plugins/sample/sample_plugin.c, plugins/sample_group/Makefile.in,
	plugins/sample_group/sample_group.c, plugins/sudoers/alias.c,
	plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/check.c,
	plugins/sudoers/defaults.c, plugins/sudoers/defaults.h,
	plugins/sudoers/env.c, plugins/sudoers/find_path.c,
	plugins/sudoers/goodpath.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/group_plugin.c,
	plugins/sudoers/iolog.c, plugins/sudoers/iolog_path.c,
	plugins/sudoers/ldap.c, plugins/sudoers/match.c,
	plugins/sudoers/match_addr.c, plugins/sudoers/parse.c,
	plugins/sudoers/parse.h, plugins/sudoers/pwutil.c,
	plugins/sudoers/sudo_nss.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/testsudoers.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.h,
	plugins/sudoers/toke.l, plugins/sudoers/toke_util.c,
	plugins/sudoers/visudo.c, src/exec.c, src/exec_pty.c,
	src/load_plugins.c, src/sudo.c, src/sudo.h, src/sudo_exec.h,
	src/sudo_plugin_int.h, src/utmp.c:
	Use stdbool.h instead of rolling our own TRUE/FALSE macros.
	[dcb0bbc42fc9]

2011-12-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/stdbool.h, config.h.in, configure, configure.in:
	Add stdbool.h for systems without it.
	[18bd9dda1dcd]

	* aclocal.m4, config.h.in, configure, configure.in:
	No longer need SUDO_CHECK_TYPE and SUDO_TYPE_* now that the default
	includes have unistd.h in them. Add check for socklen_t for upcoming
	getaddrinfo compat.
	[d705465bef69]

	* common/fileops.c, compat/nanosleep.c, config.h.in, configure,
	configure.in, plugins/sudoers/interfaces.c,
	plugins/sudoers/interfaces.h, plugins/sudoers/match_addr.c,
	plugins/sudoers/sudoreplay.c, src/net_ifs.c:
	Use HAVE_STRUCT_TIMESPEC and HAVE_STRUCT_IN6_ADDR instead of
	HAVE_TIMESPEC and HAVE_IN6_ADDR respectively.
	[fa187c9bd2be]

	* src/sudo_noexec.c:
	No longer need to include time.h here as missing.h does not use
	time_t.
	[fa3a089bf5b1]

2011-11-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/visudo.c:
	Fix mode on sudoers as needed when the -f option is not specified.
	[7a1c40b0dc03]

	* MANIFEST, src/po/sr.mo, src/po/sr.po:
	Add Serbian translation for sudo from translationproject.org
	[9a0c25e25cba]

	* common/sudo_debug.c, plugins/sudoers/sudoers.c, src/load_plugins.c,
	src/parse_args.c:
	No longer pass debug_file to plugin, plugins must now use
	CONV_DEBUG_MSG
	[810cda1abb0b]

	* mkpkg:
	Build PIE executables for newer Debian and Ubuntu
	[1c5f25f8904a]

	* common/sudo_debug.c:
	Include time.h for ctime() prototype.
	[10090cf3bca1]

2011-11-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/sudo_debug.c, include/sudo_debug.h, src/exec.c,
	src/exec_pty.c:
	Do not close error pipe or debug fd via closefrom() as we need them
	to report an exec error should one occur.
	[732f6587fafa]

	* doc/sudoers.ldap.pod:
	Document that a sudoUser may now be a group ID.
	[2fef46b9d3d3]

	* plugins/sudoers/ldap.c:
	Add support for permitting access by group ID in addition to group
	name.
	[b9450fdf1f69]

	* plugins/sudoers/ldap.c:
	Older Netscape LDAP SDKs don't prototype ldapssl_set_strength()
	[d62a1e7cff4f]

	* compat/fnmatch.c, compat/fnmatch.h, doc/LICENSE:
	Replace UCB fnmatch.c with a non-recursive version written by
	William A. Rowe Jr.
	[354d3384adb8]

	* plugins/sudoers/auth/pam.c:
	Fix typo, return_debug vs. debug_return
	[1b522efcbb0d]

2011-11-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po:
	Update Japanese sudoers translation from translationproject.org
	[ec0f2beaad36]

	* doc/sudoers.pod:
	Make the env_reset descriptions consistent.
	[41c056f02688]

2011-11-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Do multiple expansion when expanding paths to the noexec file, sesh
	and the plugin directory. Adapted from a diff by Mike Frysinger
	[d7e16c876c66]

	* common/Makefile.in:
	regen
	[9d729e09c186]

2011-11-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* .hgignore:
	Add ignore file; from Mike Frysinger
	[1fa8d52425f8]

	* mkdep.pl:
	no longer save old Makefile.in to .old
	[378dd2395545]

	* plugins/sudoers/Makefile.in, src/Makefile.in:
	regen
	[769faf517720]

	* config.guess, config.sub, configure, ltmain.sh, m4/libtool.m4,
	m4/ltoptions.m4, m4/ltversion.m4:
	Update to libtool 2.4.2
	[9dac78d84b4f]

2011-11-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers_version.h:
	Bump grammar version for #include and #includedir relative path
	support.
	[82a4f7cd8f71]

2011-11-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.pod, plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Add support for relative paths in #include and #includedir
	[4d6e3bd0c24f]

	* plugins/sudoers/Makefile.in:
	Fix install-plugin when shared objects are unsupported or disabled.
	[cbdd770a7a1b]

	* plugins/sudoers/goodpath.c:
	Don't write to sbp if it is NULL
	[fc438f8e8570]

2011-11-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in:
	Remove all sudo/sudoers .mo files on uninstall If LINGUAS is set,
	only install matching .mo files
	[c1dc30ab4ebc]

2011-11-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/group_plugin.c, plugins/sudoers/plugin_error.c,
	plugins/sudoers/sudoers.c, src/conversation.c:
	Fix non-dynamic (no dlopen) sudo build.
	[b0bd3fa925a3]

	* configure, configure.in:
	Don't error out if the user specified --disable-shared
	[cf035dd1e5cc]

	* common/sudo_debug.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c,
	src/conversation.c:
	Use SUDO_CONV_DEBUG_MSG in the plugin instead of writing directly to
	the debug file.
	[640c62f83251]

	* plugins/sudoers/find_path.c, plugins/sudoers/goodpath.c,
	plugins/sudoers/sudoers.h:
	Make sudo_goodpath() return value bolean
	[fea2d59a6e55]

	* INSTALL, MANIFEST, configure, configure.in, mkdep.pl,
	plugins/sudoers/Makefile.in, plugins/sudoers/auth/securid.c:
	Remove obsolete securid auth method.
	[4e54f860214b]

	* plugins/sudoers/auth/afs.c, plugins/sudoers/auth/aix_auth.c,
	plugins/sudoers/auth/dce.c, plugins/sudoers/auth/fwtk.c,
	plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/rfc1938.c,
	plugins/sudoers/auth/secureware.c, plugins/sudoers/auth/securid5.c,
	plugins/sudoers/auth/sia.c, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/auth/sudo_auth.h:
	Prefix authentication functions with a "sudo_" prefix to avoid
	namespace problems.
	[581d74063ea1]

	* INSTALL, MANIFEST, config.h.in, configure, configure.in,
	doc/TROUBLESHOOTING, mkdep.pl, plugins/sudoers/Makefile.in,
	plugins/sudoers/auth/kerb4.c, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/auth/sudo_auth.h, plugins/sudoers/env.c:
	Remove the old Kerberos IV support
	[2e4b4a44209d]

2011-11-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/check.c:
	Don't print garbage at the end of the custom lecture.
	[44bb788fafaa]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Add lexer tracing as debug@parser
	[d850f3f9d414]

	* plugins/sudoers/alias.c, plugins/sudoers/defaults.c,
	plugins/sudoers/defaults.h, plugins/sudoers/gram.c,
	plugins/sudoers/match.c, plugins/sudoers/parse.c,
	plugins/sudoers/regress/parser/check_fill.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l, plugins/sudoers/toke_util.c,
	plugins/sudoers/visudo.c:
	Revert 003bdb078a15. We need to #include <gram.h> not "gram.h" and
	<def_data.h> and not "def_data.h" when generating the parser in a
	build dir.
	[7da701def753]

2011-11-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkdep.pl, plugins/sudoers/Makefile.in:
	Better devdir support in mkdep.pl
	[7dcec57bd155]

	* plugins/sudoers/Makefile.in:
	Add devdir before srcdir in include path and fix up dependecies
	accordingly.
	[6e9958eca485]

	* plugins/sudoers/alias.c, plugins/sudoers/defaults.c,
	plugins/sudoers/defaults.h, plugins/sudoers/match.c,
	plugins/sudoers/parse.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l,
	plugins/sudoers/toke_util.c, plugins/sudoers/visudo.c:
	#include "gram.h" not <gram.h> and "def_data.h" and not
	<def_data.h>.
	[003bdb078a15]

	* sudo.pp:
	Mark libexec files as optional. If we build without shared object
	support, libexec is not used.
	[4bffcf482219]

	* src/load_plugins.c:
	Change Debug sudo.conf setting to take a program name as the first
	argument. In the future, this will allow visudo and sudoreplay to
	use their own Debug entries.
	[cfb8f7e4867c]

	* src/sudo.c:
	fix sudo_debug_printf priority
	[dcb67e965609]

	* plugins/sudoers/sudoers.c:
	add missing debug_return_int
	[d88ec450c592]

2011-11-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/sudo_debug.c, include/error.h, include/sudo_debug.h,
	plugins/sudoers/logging.c, src/exec.c, src/exec_pty.c:
	Fold SUDO_DEBUG_PROGERR and SUDO_DEBUG_SYSERR into SUDO_DEBUG_ERROR
	[dcee8efc294f]

	* doc/UPGRADE:
	Add missing word in HOME security note.
	[fd844fdcc1ac]

	* plugins/sudoers/testsudoers.c:
	Prevent "testsudoers -d username" from trying to malloc(0).
	[839126e56e8c]

2011-11-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/regress/sudoers/test10.in,
	plugins/sudoers/regress/sudoers/test10.out.ok,
	plugins/sudoers/regress/sudoers/test10.toke.ok,
	plugins/sudoers/regress/sudoers/test10.toke.out.ok,
	plugins/sudoers/regress/sudoers/test11.in,
	plugins/sudoers/regress/sudoers/test11.out.ok,
	plugins/sudoers/regress/sudoers/test11.toke.ok,
	plugins/sudoers/regress/sudoers/test11.toke.out.ok,
	plugins/sudoers/regress/sudoers/test12.in,
	plugins/sudoers/regress/sudoers/test12.out.ok,
	plugins/sudoers/regress/sudoers/test12.toke.ok,
	plugins/sudoers/regress/sudoers/test13.in,
	plugins/sudoers/regress/sudoers/test13.out.ok,
	plugins/sudoers/regress/sudoers/test13.toke.ok,
	plugins/sudoers/regress/sudoers/test9.in,
	plugins/sudoers/regress/sudoers/test9.out.ok,
	plugins/sudoers/regress/sudoers/test9.toke.ok,
	plugins/sudoers/regress/sudoers/test9.toke.out.ok:
	Tests for empty sudoers (should parse OK) and syntax errors within a
	line (should report correct line number) both with and without the
	trailing newline.
	[d57c879c4718]

	* plugins/sudoers/regress/sudoers/test4.out.ok,
	plugins/sudoers/regress/sudoers/test5.out.ok,
	plugins/sudoers/regress/sudoers/test7.out.ok,
	plugins/sudoers/regress/sudoers/test8.out.ok,
	plugins/sudoers/testsudoers.c:
	Print line number when there is a parser error.
	[5444ef6ac6dc]

2011-11-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Keep track of the last token returned. On error, if the last token
	was COMMENT, decrement sudolineno since the error most likely
	occurred on the preceding line. Previously we always uses
	sudolineno-1 which will give the wrong line number for errors within
	a line.
	[d661a03a64da]

2011-11-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	update with sudo 1.8.3p1 info
	[0f79ff31f602]

	* plugins/sudoers/sudoers.c:
	Fix crash when "sudo -g group -i" is run. Fixes bug 521
	[a3087ae337c4]

2011-10-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/visudo.c:
	Make alias_remove_recursive() return TRUE/FALSE as its callers
	expect and remove two unused arguments. Fixes bug 519.
	[2ee3b2882844]

	* plugins/sudoers/regress/visudo/test1.out.ok,
	plugins/sudoers/regress/visudo/test1.sh:
	Add regress test for bugzilla 519
	[48000ebedf97]

	* plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/parser/check_addr.c,
	plugins/sudoers/regress/parser/check_fill.c:
	Disable warning/error wrapping in regress tests.
	[373c589ba561]

2011-10-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in:
	Do compile-po as part of sync-po so that the .mo files get rebuild
	automatically when we sync with translationproject.org
	[83f3cbfc2f33]

	* plugins/sudoers/Makefile.in:
	check_addr needs to link with the network libraries on Solaris
	[322bd70e316e]

	* plugins/sudoers/match.c:
	When matching a RunasAlias for a runas group, pass the alias in as
	the group_list, not the user_list. From Daniel Kopecek.
	[766545edf141]

	* plugins/sudoers/check.c, plugins/sudoers/sudoers.c:
	We need to init the auth system regardless of whether we need a
	password since we will be closing the PAM session in the monitor
	process. Fixes a crash in the monitor on Solaris; bugzilla #518
	[e82809f86fb3]

2011-10-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c:
	Get rid of done: label. If the child exits we still need to close
	the pty, update utmp and restore the SELinux tty context.
	[cc127bf48405]

2011-10-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/Makefile.in, common/atobool.c, common/fileops.c,
	common/fmt_string.c, common/lbuf.c, common/list.c,
	common/setgroups.c, common/term.c, plugins/sudoers/Makefile.in,
	plugins/sudoers/alias.c, plugins/sudoers/audit.c,
	plugins/sudoers/auth/afs.c, plugins/sudoers/auth/aix_auth.c,
	plugins/sudoers/auth/bsdauth.c, plugins/sudoers/auth/dce.c,
	plugins/sudoers/auth/fwtk.c, plugins/sudoers/auth/kerb4.c,
	plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/rfc1938.c,
	plugins/sudoers/auth/secureware.c, plugins/sudoers/auth/securid.c,
	plugins/sudoers/auth/securid5.c, plugins/sudoers/auth/sia.c,
	plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/boottime.c,
	plugins/sudoers/bsm_audit.c, plugins/sudoers/check.c,
	plugins/sudoers/defaults.c, plugins/sudoers/env.c,
	plugins/sudoers/find_path.c, plugins/sudoers/getspwuid.c,
	plugins/sudoers/goodpath.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/group_plugin.c,
	plugins/sudoers/interfaces.c, plugins/sudoers/iolog.c,
	plugins/sudoers/iolog_path.c, plugins/sudoers/ldap.c,
	plugins/sudoers/linux_audit.c, plugins/sudoers/logging.c,
	plugins/sudoers/logwrap.c, plugins/sudoers/match.c,
	plugins/sudoers/match_addr.c, plugins/sudoers/parse.c,
	plugins/sudoers/pwutil.c, plugins/sudoers/redblack.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sudo_nss.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/toke.c, plugins/sudoers/toke.h,
	plugins/sudoers/toke.l, plugins/sudoers/toke_util.c,
	src/Makefile.in, src/conversation.c, src/exec.c, src/exec_pty.c,
	src/get_pty.c, src/load_plugins.c, src/net_ifs.c, src/parse_args.c,
	src/selinux.c, src/sudo.c, src/sudo.h, src/sudo_edit.c,
	src/tgetpass.c, src/ttysize.c, src/utmp.c:
	Add debug_decl/debug_return (almost) everywhere. Remove old
	sudo_debug() and convert users to sudo_debug_printf().
	[8f3bbf907b67]

	* common/alloc.c, include/error.h, plugins/sudoers/plugin_error.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/visudo.c, src/error.c:
	Wrap error/errorx and warning/warningx functions with debug
	statements. Disable wrapping for standalone sudoers programs as well
	as memory allocation functions (to avoid infinite recursion).
	[562ed7b5ae8d]

	* README, config.h.in, configure, configure.in:
	Add checks for __func__ and __FUNCTION__ and mention that we now
	require a cpp that supports variadic macros.
	[314cfe4c5d23]

	* MANIFEST, common/Makefile.in, common/sudo_debug.c,
	include/sudo_debug.h, include/sudo_plugin.h, src/conversation.c,
	src/load_plugins.c, src/parse_args.c, src/sudo.c,
	src/sudo_plugin_int.h:
	New debug framework for sudo and plugins using /etc/sudo.conf that
	also supports function call tracing.
	[cded741e9f10]

2011-10-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po:
	Update Japanese sudoers translation from translationproject.org
	[c24725775e32]

2011-10-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Override and ignore the --disable-static option. Sudo already runs
	libtool with -tag=disable-static where applicable and we need non-
	PIC objects to build the executables.
	[aff1227b853a]

2011-10-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Add sudoedit fix
	[74655c7ccad1]

	* plugins/sudoers/po/sudoers.pot:
	regen pot files
	[28d89a831ed3]

	* plugins/sudoers/env.c:
	Ignore set_logname (which is now the default) for sudoedit since we
	want the LOGNAME, USER and USERNAME environment variables to refer
	to the calling user since that is who the editor runs as. This
	allows the editor to find the user's startup files. Fixes bugzilla
	#515
	[6c5dddf5ff05]

	* plugins/sudoers/pwutil.c:
	Instead of trying to grow the buffer in make_grlist_item(), simply
	increase the total length, free the old buffer and allocate a new
	one. This is less error prone and saves us from having to adjust all
	the pointers in the buffer. This code path is only taken when there
	are groups longer than the length of the user field in struct utmp
	or utmpx, which should be quite rare.
	[5587dc8cffaf]

	* src/po/it.mo:
	Add Italian translation for sudo from translationproject.org
	[1b3dd886e7e3]

	* MANIFEST, NEWS, plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po,
	src/po/ja.mo, src/po/ja.po:
	Japanese translation for sudo and sudoers from
	translationproject.org
	[c06dd866be6e]

2011-10-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in:
	sudoreplay depends on timestr.lo too; from Mike Frysinger
	[b9e73214b2f1]

2011-10-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot:
	Regen sudoers pot file.
	[019588bafdb3]

	* NEWS:
	Update with latest sudo 1.8.3 news
	[6868042a88e9]

	* plugins/sudoers/sudoers.c:
	It appears that LDAP or NSS may modify the euid so we need to be
	root for the open(). We restore the old perms at the end of
	sudoers_policy_open().
	[2da67a5497ef]

	* plugins/sudoers/set_perms.c:
	Better warning message on setuid() failure for the setreuid()
	version of set_perms().
	[07abcfe7bd9a]

2011-09-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/check.c:
	Delref auth_pw at the end of check_user() instead of getting a ref
	twice.
	[cb665f55e6a5]

	* plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/check.c:
	Make sudo_auth_{init,cleanup} return TRUE on success and check for
	sudo_auth_init() return value in check_user().
	[92631c919356]

	* plugins/sudoers/auth/sudo_auth.c:
	Do not return without restoring permissions.
	[59ef40b6696a]

	* plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
	regen pot files
	[9f320a340b7c]

	* plugins/sudoers/auth/API, plugins/sudoers/auth/bsdauth.c,
	plugins/sudoers/auth/fwtk.c, plugins/sudoers/auth/kerb4.c,
	plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/secureware.c,
	plugins/sudoers/auth/securid.c, plugins/sudoers/auth/securid5.c,
	plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/auth/sudo_auth.h,
	plugins/sudoers/check.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	Modify the authentication API such that the init and cleanup
	functions are always called, regardless of whether or not we are
	going to verify a password. This is needed for proper PAM session
	support.
	[19a53f3fb596]

	* compat/Makefile.in, mkdep.pl, plugins/sudoers/Makefile.in:
	Add missing dependency for getspwuid.lo and regen other depends.
	[f7f70eae819a]

	* plugins/sudoers/auth/pam.c, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/auth/sudo_auth.h, plugins/sudoers/sudoers.c:
	Fix a PAM_USER mismatch in session open/close. We update PAM_USER to
	the target user immediately before setting resource limits, which is
	after the monitor process has forked (so it has the old value).
	Also, if the user did not authenticate, there is no pamh in the
	monitor so we need to init pam here too. This means we end up
	calling pam_start() twice, which should be fixed, but at least the
	session is always properly closed now.
	[fbc063a2a872]

	* src/utmp.c:
	Add check for old being NULL in utmp_setid(); from Steven McDonald
	[e87126442f2e]

2011-09-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/pwutil.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	If the invoking user cannot be resolved by uid fake the struct
	passwd and store it in the cache so we can delref it on exit.
	[a27e2f8b9f5e]

2011-09-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c:
	Don't error out if the group plugin cannot be loaded, just warn.
	[0fbfcd381e33]

2011-09-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c:
	Quiet a false positive found by several static analysis tools. These
	tools don't know that log_error() does not return (it longjmps to
	error_jmp which returns to the sudo front-end).
	[33d0469df21b]

2011-09-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/po/da.mo, plugins/sudoers/po/eo.mo,
	plugins/sudoers/po/fi.mo, plugins/sudoers/po/pl.mo,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/zh_CN.mo, src/po/it.po:
	Add Italian translation for sudo from translationproject.org Regen
	.mo files
	[c3c888a82be6]

2011-09-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/TROUBLESHOOTING:
	Update to current reality and add bit about ssh auth
	[184a1e7c2eeb]

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y:
	Make "verbose" static; fixes a namespace clash with
	pam_ssh_agent_auth (and it doesn't need to be extern these days).
	[cc38d2eb2f4c]

	* config.h.in, configure, configure.in, src/get_pty.c:
	FreeBSD has libutil.h not util.h
	[dab4c94b6d4f]

	* configure, configure.in:
	Define _BSD_SOURCE on FreeBSD, OpenBSD and DragonflyBSD
	[41c362f0a92a]

2011-09-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/da.po, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/fi.po, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/uk.po, plugins/sudoers/po/zh_CN.po:
	Update po files from translationproject.org
	[1e99e147c7fa]

2011-09-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.ldap.pod, plugins/sudoers/ldap.c:
	Add support for DEREF in ldap.conf.
	[3c1937a98547]

	* Makefile.in:
	install target should depend on ChangeLog too, not just install-doc
	[1a7c83941175]

	* doc/sudoers.pod:
	Only iolog_file (not iolog_dir) supports mktemp-style suffixes.
	[0eca47d60a2c]

	* NEWS:
	Sync with 1.8 branch for sudo 1.8.2 and 1.8.3 changes.
	[0501415cc5ff]

	* doc/UPGRADE:
	Document group lookup change and possible side effects.
	[585743e1ebf7]

	* configure, configure.in:
	Fix some square brackets in case statements that needed to be
	doubled up. While here, use $OSMAJOR when it makes sense.
	[8973343f4696]

	* plugins/sudoers/pwutil.c:
	Fix a crash in make_grlist_item() on 64-bit machines with strict
	alignment.
	[c89508c73c46]

	* plugins/sudoers/defaults.c, plugins/sudoers/defaults.h:
	Remove list_options() function that is no longer used now that "sudo
	-L" is gone.
	[fcc6a776c135]

	* configure, configure.in:
	Error message if user tries --with-CC
	[ec5b478f813a]

	* configure, configure.in:
	Check for -libmldap too when looking for ldap libs, which is the
	Tivoli Directory Server client library.
	[bb3007a97206]

2011-09-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/parse.c:
	Honor NOPASSWD tag for denied commands too.
	[8dd92656db92]

2011-09-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL, configure, configure.in:
	Remove --with-CC option; it doesn't work correctly now that we use
	libtool. Users can get the same effect by setting the CC environment
	variable when running configure.
	[ec22bd1a55e0]

2011-08-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.in, plugins/sudoers/visudo.c,
	src/sudo_edit.c:
	Assume all modern systems support fstat(2).
	[6a5a8985f6a0]

2011-08-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/regress/glob/globtest.c, config.h.in, configure,
	configure.in, include/missing.h, plugins/sudoers/sudoers.h,
	src/sudo.h, src/sudo_noexec.c:
	Add configure test for missing errno declaration and only declare it
	ourselves if it is missing.
	[456e76c809a2]

	* plugins/sudoers/alias.c:
	Include errno.h before sudo.h to avoid conflicting with the system
	definition of errno.
	[d0b97e392512]

2011-08-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/regress/parser/check_addr.c:
	Only print individual check status when there is a failure.
	[2ac704c91441]

	* plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/parser/check_addr.c:
	Add calls to setprogname() for test programs.
	[a8d9b420e826]

	* configure, configure.in:
	Add -Wall and -Werror after all tests so they don't cause failures.
	[2661188ff3fa]

	* plugins/sudoers/Makefile.in:
	Actually run check_addr in the check target
	[0b2778bc86bf]

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/match.c,
	plugins/sudoers/match_addr.c,
	plugins/sudoers/regress/parser/check_addr.c,
	plugins/sudoers/regress/parser/check_addr.in:
	Split out address matching into its own file and add regression
	tests for it.
	[12b9a2bf8dba]

2011-08-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/match.c:
	When matching an address with a netmask in sudoers, AND the mask and
	addr before checking against the local addresses.
	[9747bb6d7b1c]

2011-08-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/match.c:
	Fix netmask matching.
	[a3c8f8cc1464]

	* plugins/sudoers/visudo.c:
	Don't assume all editors support the +linenumber command line
	argument, use a whitelist of known good editors.
	[21d43a91fd10]

2011-08-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/set_perms.c, plugins/sudoers/visudo.c, src/exec.c,
	src/exec_pty.c, src/sudo.c:
	Silence compiler warnings on Solaris with gcc 3.4.3
	[da620bae6fdb]

	* mkpkg:
	Fix building on RHEL 3
	[f3227fb2a252]

	* INSTALL, configure, configure.in:
	Add --enable-werror configure option.
	[fec2cdb95543]

	* common/setgroups.c:
	setgroups() proto lives in grp.h on RHEL4, perhaps others.
	[de91c0de5a98]

	* configure, configure.in:
	Use PAM by default on AIX 6 and higher.
	[e16493208e5f]

2011-08-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	src/po/eo.mo, src/po/eo.po:
	Add new Esperanto translation from translationproject.org
	[0d9a59e04c64]

2011-08-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog_path.c:
	Quiet an innocuous valgrind warning.
	[0582b6027161]

2011-08-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog_path.c,
	plugins/sudoers/regress/iolog_path/data:
	Fix expansion of strftime() escapes in log_dir and add a regress
	test that exhibited the problem.
	[a5c7c1c4c589]

	* plugins/sudoers/Makefile.in:
	Fix "make check" return value.
	[33b58e175230]

2011-08-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
	Regen pot files
	[063841aac19b]

	* Makefile.in:
	Fix logic inversion in pot file up to date check.
	[f6a8ca8654df]

2011-08-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Add caching for gettext() checks.
	[01b7200f6105]

	* configure, configure.in:
	Better handling of libintl header and library mismatch.
	[9a49b1d4db69]

2011-08-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c:
	Also check sudoers gid if sudoers is group writable.
	[23ef96ca0d33]

2011-08-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	If dlopen is present but libtool doesn't find it, error out since it
	probably means that libtool doesn't support the system.
	[a9da0a5f7941]

	* mkpkg:
	configure args on the command line should override builtin defaults.
	Disable NLS for non-Linux/Solaris unless explicitly enabled.
	[b2fb05614504]

	* plugins/sudoers/auth/aix_auth.c:
	Fix loop that calls authenticate(). If there was an error message
	from authenticate(), display it.
	[063a0c4f0b9a]

2011-08-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* m4/libtool.m4, m4/ltversion.m4:
	Update to autoconf 2.68 and libtool 2.4
	[5a912a6eb67b]

	* config.guess, config.sub, configure, configure.in, ltmain.sh:
	Update to autoconf 2.68 and libtool 2.4
	[931ab56aecf6]

	* doc/sudoers.pod:
	Fix typo; OPT should be OTP
	[e97bd2e46544]

	* plugins/sudoers/Makefile.in:
	Rename libsudoers convenience library to libparsesudoers to avoid
	libtool confusion.
	[2a89a613f537]

2011-08-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po:
	Add Danish sudoers translation from translationproject.org
	[27b96e85eb13]

	* plugins/sudoers/sudoers.c, plugins/sudoers/testsudoers.c:
	Add dedicated callback function for runas_default sudoers setting
	that only sets runas_pw if no runas user or group was specified by
	the user.
	[b8382d8eea34]

2011-08-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po, src/po/ru.mo,
	src/po/ru.po:
	Update Finish, Polish, Russian and Ukrainian translations from
	translationproject.org.
	[f9339aff664e]

	* plugins/sudoers/defaults.h, plugins/sudoers/sudoers.c,
	plugins/sudoers/testsudoers.c:
	Go back to using a callback for runas_default to keep runas_pw in
	sync. This is needed to make per-entry runas_default settings work
	with LDAP-based sudoers. Instead of declaring it a callback in
	def_data.in, sudo and testsudoers poke sudo_defs_table[] which is a
	bit naughty, but avoids requiring stub functions in visudo and the
	tests.
	[9aaefb908415]

2011-08-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in:
	Add check for out of date message catalogs when doing "make dist".
	[e45a29b612f4]

2011-08-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure:
	regen
	[d6f9ad26774a]

	* configure.in:
	Make sure compiler supports static-libgcc before using it.
	[b01bd9566e50]

2011-08-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/Makefile.in:
	Link libsudo_noexec.la with LDLDFLAGS for -static-libgcc
	[c99c7ab3edef]

2011-07-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/po/fi.mo, plugins/sudoers/po/pl.mo,
	plugins/sudoers/po/pl.po, plugins/sudoers/po/uk.mo,
	plugins/sudoers/po/zh_CN.mo, src/po/ru.mo, src/po/ru.po,
	src/po/zh_CN.mo:
	Add new Russian sudo translation from translationproject.org and
	rebuild the other translation files.
	[e20015459056]

2011-07-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/fi.po, plugins/sudoers/po/pl.po:
	Update Finish and Polish translations from translationproject.org
	[4e3dbba4a1de]

	* plugins/sudoers/sudoers.c, src/parse_args.c, src/sudo.c:
	Go back to escaping the command args for "sudo -i" and "sudo -s"
	before calling the plugin. Otherwise, spaces in the command args are
	not treated properly. The sudoers plugin will unescape non- spaces
	to make matching easier.
	[dfa2c4636f33]

2011-07-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/check.c, plugins/sudoers/group_plugin.c,
	plugins/sudoers/ldap.c, plugins/sudoers/parse.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l:
	Fix some potential problems found by the clang static analyzer, none
	serious.
	[ff64aa74aae6]

	* plugins/sudoers/po/uk.po, plugins/sudoers/po/zh_CN.po,
	src/po/zh_CN.po:
	Updated Ukranian and Chinese (simplified) po files from
	translationproject.org
	[ec792becb48e]

2011-07-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/pl.po:
	Updated Polish translation from translationproject.org
	[a3af53cb649c]

	* plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
	Rebuild pot files
	[c650524c0f0a]

	* plugins/sudoers/audit.c, plugins/sudoers/sudoers.c:
	Don't try to audit failure if the runas user does not exist. We
	don't have the user's command at this point so there is nothing to
	audit. Add a NULL check in audit_success() and audit_failure() just
	to be on the safe side.
	[2a0007c2022f]

	* mkpkg:
	Add -g to CFLAG for PIE builds.
	[32a0a9693c9c]

2011-07-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/pwutil.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, src/sudo.c:
	Remove fallback to per-group lookup when matching groups in sudoers.
	The sudo front-end will now use getgrouplist() to get the user's
	list of groups if getgroups() fails or returns zero groups so we
	always have a list of the user's groups. For systems with
	mbr_check_membership() which support more that NGROUPS_MAX groups
	(Mac OS X), skip the call to getgroups() and use getgrouplist() so
	we get all the groups.
	[51b3ed8c600b]

2011-07-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/setgroups.c:
	Fix setgroups() fallback code on EINVAL.
	[2b6faecd56a4]

	* plugins/sudoers/set_perms.c:
	Fix two PERM_INITIAL cases that were still using user_gids.
	[9680bab0acc6]

	* MANIFEST:
	Add Polish sudo message catalog
	[8bb40c3ba576]

	* plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h:
	user_group is no longer used, remove it
	[9acede0fe6c5]

2011-07-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po:
	Add Polish translation from translationproject.org
	[afac5c638573]

	* MANIFEST, common/Makefile.in, common/setgroups.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sudoers.h, src/sudo.c,
	src/sudo.h, src/sudo_edit.c:
	Add a wrapper for setgroups() that trims off extra groups and
	retries if setgroups() fails. Also add some missing addrefs for
	PERM_USER and PERM_FULL_USER.
	[224dfd8aae5c]

	* MANIFEST, compat/Makefile.in, compat/getgrouplist.c, config.h.in,
	configure, configure.in, include/missing.h, mkdep.pl,
	plugins/sudoers/ldap.c, plugins/sudoers/pwutil.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sudo_nss.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h, src/sudo.c:
	Instead of keeping separate groups and gids arrays, create struct
	group_info and use it to store both, along with a count for each.
	Cache group info on a per-user basis using getgrouplist() to get the
	groups. We no longer need special to special case the user or list
	user for user_in_group() and thus no longer need to reset the groups
	list when listing another user.
	[0ad849a8b2d5]

	* src/preload.c:
	Don't rely on NULL since we don't include a header for it.
	[b40937f1890c]

2011-07-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.pod:
	Fix typo
	[c1035360e169]

2011-07-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c:
	Do not shadow global sudo_mode with a local variable in set_cmnd()
	[0c72969503ad]

2011-07-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c:
	bash 2.x doesd not support the -l flag and exits with an error if it
	is specified so use --login instead. This causes an error with bash
	1.x (which uses -login instead) but this version is hopefully less
	used than 2.x.
	[5c4c296e30e6]

	* src/po/pl.mo, src/po/pl.po:
	Add Polish translation from translationproject.org
	[48592dd6edcf]

2011-07-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/set_perms.c:
	Make error strings translatable.
	[414c5c484768]

	* mkpkg:
	Only run configure with --with-pam-login for RHEL 5 and above.
	[6c16e4de4026]

	* sudo.pp:
	Fix typo in summary
	[9ac618c9a749]

2011-07-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/logwrap.c:
	Add missing logwrap.c
	[c12a413ecc1d]

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/logging.c,
	plugins/sudoers/logging.h,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/logging/check_wrap.in,
	plugins/sudoers/regress/logging/check_wrap.out.ok:
	Split out log file word wrap code into its own file and add unit
	tests. Fixes an off-by one in the word wrap when the log line length
	matches loglinelen.
	[52ed277f6690]

2011-07-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkpkg:
	For SuSE, only use /usr/lib64 as libexec if generating 64-bit
	binaries.
	[645ab903cf77]

	* src/load_plugins.c, src/sudo.c:
	Fix build error when --without-noexec configure option is used.
	[b994f7b0d8b4]

	* configure, configure.in:
	Disable noexec for AIX < 5. LDR_PRELOAD is only available in AIX 5.3
	and above.
	[c2a6f9b472f3]

2011-07-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c, plugins/sudoers/pwutil.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sudo_nss.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h:
	Resolve the list of gids passed in from the sudo frontend (the
	result of getgroups()) to names and store both the group names and
	ids in the sudo_user struct. When matching groups in the sudoers
	file, match based on the names in the groups list first and only do
	a gid-based match when we absolutely have to. By matching on the
	group name (as it is listed in sudoers) instead of id (which we
	would have to resolve) we save a lot of group lookups for sudoers
	files with a lot of groups in them.
	[8dc19353f148]

2011-06-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c:
	Workaround for "sudo -i command" and newer versions of bash which
	don't go into login mode when -c is specified unless -l is too.
	[9393762b80f3]

2011-06-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/logging.c:
	Rewrite logfile word wrapping code to be more straight-forward and
	actually wrap at the correct place.
	[f712a0c90f55]

2011-06-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/CONTRIBUTORS, doc/contributors.pod, plugins/sudoers/sudoers.c:
	Set use_pty=true in command details when use_pty is set in sudoers.
	From Ludwig Nussel
	[8d95a163dfc1]

2011-06-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po,
	src/po/zh_CN.mo, src/po/zh_CN.po:
	Sync Chinese (simplified) PO files from translationproject.org
	[acce8eb7be18]

2011-06-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/po/eu.mo, plugins/sudoers/po/fi.mo,
	plugins/sudoers/po/uk.mo, src/po/da.mo, src/po/da.po, src/po/eu.mo:
	Add Danish translation from translationproject.org and add missing
	Basque mo files.
	[0c22bb21b9c4]

	* Makefile.in, configure, configure.in:
	No longer need to specify LINGUAS in configure, "make install-nls"
	now just installs all the .mo files it finds.
	[fcd45cf04885]

2011-06-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, doc/CONTRIBUTORS, doc/Makefile.in, doc/contributors.pod:
	Build CONTRIBUTORS from newly-added contributors.pod
	[8b192f2720f4]

	* doc/CONTRIBUTORS:
	Rework the wording in the leading paragraph
	[312044145cdd]

2011-06-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, doc/CONTRIBUTORS:
	Add a CONTRIBUTORS file with the names of folks who have contributed
	code or patches to sudo since I started maintaining it (plus the
	original authors).
	[b8bdd8b59528]

2011-06-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/env.c:
	Preserve SHELL variable for "sudo -s". Otherwise we can end up with
	a situation where the SHELL variable and the actual shell being run
	do not match.
	[b8b3974aee3e]

2011-06-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Only enable Solaris project support when setproject() is present in
	libproject.
	[49ad7857ab89]

	* sudo.pp:
	Explicitly set mode and owner of /etc/sudoers instead of relying on
	"cp -p" to work in the postinstall script. On AIX 6.1 at least the
	postinstall script runs before the final file permissions are set.
	[e41ffc0212b2]

2011-06-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.pod, doc/sudoers.pod:
	Refer the user to the "Command Environment" section in description
	of sudo's -i option.
	[263cc3be7eef]

	* doc/sudo.pod:
	Fix typo
	[35dfac450f4d]

2011-06-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkdep.pl:
	If there is no old dependency for an object file, use the MANIFEST
	to find its source.
	[d15e3b9899f9]

	* compat/Makefile.in:
	Remove dependency for getgrouplist.lo as we don't ship that source
	file.
	[312a6d5fe6b0]

2011-06-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/getdate.c, plugins/sudoers/getdate.y:
	Do not declare yyparse() static as the actual function generated by
	yacc is extern.
	[9017b79dcf55]

2011-06-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in:
	Remove locale files in "make uninstall"
	[201ff261ecbe]

	* configure.in, plugins/sudoers/po/eu.po, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/uk.po, src/po/eu.po:
	Add Basque translation and sync Finish and Ukranian translations.
	[66d2c78c8a13]

	* configure, configure.in:
	FreeBSD no longer needs the main sudo binary to link with -lpam now
	that plug-ins are loaded with RTLD_GLOBAL.
	[96c710df2457]

	* plugins/sudoers/group_plugin.c, src/load_plugins.c:
	Load plugins with RTLD_GLOBAL instead of RTLD_LOCAL. This fixes
	problems with pam modules not having access to symbols provided by
	libpam on some platforms. Affects FreeBSD and SLES 10 at least.
	[0d016983ec84]

	* Makefile.in:
	Move xgettext invocation out of update-po target into update-pot
	[19a73c6d017c]

2011-06-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
	Regenerate .pot files for 1.8.2rc2
	[c3037f591dd8]

	* Makefile.in, common/Makefile.in, compat/Makefile.in,
	doc/Makefile.in, include/Makefile.in, plugins/sample/Makefile.in,
	plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in,
	src/Makefile.in, zlib/Makefile.in:
	Move nls targets to the top level Makefile so the paths in the pot
	file are saner
	[65b9285cd8d9]

	* src/po/fi.mo:
	Add compiled version of sudo Finish translation
	[8f2405384ea3]

	* MANIFEST, plugins/sudoers/po/fi.mo, plugins/sudoers/po/uk.mo:
	Update MANIFEST with .po and .mo files Rebuild sudoers fi and uk .mo
	files
	[a165e70fa9ec]

	* configure, configure.in, plugins/sudoers/po/fi.po:
	Add Finish translation from translationproject.org
	[4466f8a96ceb]

2011-06-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.pod:
	The group named by exempt_group should not have a % prefix.
	[df084d6b32c8]

2011-06-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.pod:
	Fix typo; "Defaults group_plugin" not "Defaults sudo_plugin"
	[5113699a3f8b]

2011-05-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c, src/exec_pty.c:
	Fix compressed io log corruption in background mode by using _exit()
	instead of exit() to avoid flushing buffers twice.

	Improved background mode support. When not allocating a pty, the
	command is run in its own process group. This prevents write access
	to the tty. When running in a pty, stdin is not hooked up and we
	never read from /dev/tty, which results in similar behavior.
	[87c15149894c]

	* compat/Makefile.in, mkdep.pl, plugins/sudoers/Makefile.in:
	Clean up regress files Generate proper dependencies for regress objs
	in compat
	[88bfc728c1e7]

	* plugins/sudoers/Makefile.in:
	Add missing dependency for check_fill.o.
	[0bd6362e3e17]

2011-05-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL, configure, configure.in:
	Add support for --enable-nls[=location]
	[b90db44a050f]

2011-05-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/linux_audit.c:
	Include gettext.h
	[7f909a6e48cb]

	* plugins/sudoers/ldap.c, plugins/sudoers/parse.c:
	Quiet gcc warnings.
	[b41a6cdca583]

	* configure, configure.in:
	Don't install .mo files if gettext was not found.
	[1397b34cc165]

2011-05-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c:
	Always allocate a pty when running a command in the background but
	call setsid() after forking to make sure we don't end up with a
	controlling tty.
	[b6454ba172e8]

	* plugins/sudoers/iolog.c:
	Add missing space between command name and the first command line
	argument.
	[fe217f0a36d4]

	* plugins/sudoers/sudoreplay.c:
	Quiet a compiler warning on some platforms.
	[de9f2849f236]

	* plugins/sudoers/po/README, src/po/README:
	README file that directs people to translationproject.org
	[30c0fc323281]

	* plugins/sudoers/po/uk.po, src/po/fi.po:
	Sync translations with TP
	[1d7d64559cba]

	* Makefile.in:
	Add 'sync-po' target to top-level Makefile to rsync the po files
	from translationproject.org.
	[20508211aaa3]

	* plugins/sudoers/Makefile.in:
	install nls files from install target
	[5fc07b6cab38]

	* Makefile.in, plugins/sudoers/Makefile.in, src/Makefile.in, sudo.pp:
	Include .mo files in sudo binary packags.
	[278d4821a916]

	* configure, configure.in, plugins/sudoers/po/zh_CN.mo,
	plugins/sudoers/po/zh_CN.po, src/po/zh_CN.mo, src/po/zh_CN.po:
	Add simplified chinese translation
	[2b33ffc755b9]

2011-05-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in, plugins/sudoers/po/uk.mo,
	plugins/sudoers/po/uk.po, src/po/uk.mo, src/po/uk.po:
	Add ukranian translation
	[2d8102688e93]

	* compat/Makefile.in:
	refer to siglist.c, not ./siglist.c since not all makes will treat
	foo and ./foo the same.
	[6639d293ffba]

	* plugins/sudoers/sudoers.c:
	Set def_preserve_groups before searching for the command when the -P
	flag is specified.
	[0edc7942f875]

	* Makefile.in, compat/Makefile.in, mkdep.pl,
	plugins/sudoers/Makefile.in:
	Add dependency for siglist.lo in compat. This is a generated file so
	"make depend" needs to depend on it.
	[28d0932f8b50]

	* compat/Makefile.in:
	More dependency fixes.
	[aad0d05cd020]

	* compat/Makefile.in:
	Fix a few dependencies.
	[eb21aa35a032]

	* plugins/sudoers/Makefile.in, src/Makefile.in:
	Place compiled mo files in the src dir, not the build dir. When
	installing compiled mo files, display a status message.
	[e15634c29cd3]

2011-05-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.ldap.pod, plugins/sudoers/ldap.c:
	Tivoli Directory Server requires that seconds be present in a
	timestamp, even though RFC 4517 states that they are optional.
	[55fe23dd4ef9]

	* plugins/sudoers/sudo_nss.h:
	Add missing bit of copyright
	[d2eba3c364ca]

	* doc/visudo.pod:
	Mention cycle detection warnings
	[a76bef15ab67]

	* plugins/sudoers/visudo.c:
	When checking aliases, also check the contents of the alias in case
	there are problems with an alias that is referenced inside another.
	Replace the self reference check with real alias cycle detection.
	[a66c904cf53b]

	* plugins/sudoers/alias.c:
	Set errno to ELOOP in alias_find() if there is a cycle. Set errno to
	ENOENT in alias_find() and alias_remove() if the entry could not be
	found.
	[b4f0b89e433c]

	* plugins/sudoers/visudo.c:
	Increment alias_seqno before calls to alias_remove_recursive() to
	avoid false positives with the alias loop detection. Fixes spurious
	warnings about unused aliases when they are nested.
	[a344483b8193]

	* MANIFEST:
	add mkdep.pl
	[86b7ed33eab2]

	* plugins/sudoers/Makefile.in:
	Add dependency on convenience libs to binaries
	[cd3078b3c997]

	* Makefile.in:
	mkdep.pl only works when run from the src dir
	[f35a5e47c944]

	* Makefile.in, common/Makefile.in, compat/Makefile.in, mkdep.pl,
	plugins/sample/Makefile.in, plugins/sample_group/Makefile.in,
	plugins/sudoers/Makefile.in, src/Makefile.in, zlib/Makefile.in:
	Auto-generate Makefile dependencies with a perl script.
	[a3e4afcd7975]

2011-05-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/match.c:
	If the user specifies a runas group via sudo's -g option that
	matches the runas user's group in the passwd database and that group
	is not denied in the Runas_Spec, allow it. Thus, if user root's gid
	in /etc/passwd is 0, then "sudo -u root -g root id" is allow even if
	no groups are present in the Runas_Spec.
	[e3f9732dc564]

2011-05-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in, src/Makefile.in:
	Add dependencies on gettext.h
	[a3a9dc51f78b]

	* plugins/sudoers/Makefile.in, src/Makefile.in:
	Fix install-nls target with HP-UX sh when gettext is not present.
	[0c6b9655cd41]

2011-05-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in, plugins/sudoers/po/sudoers.pot,
	src/Makefile.in, src/po/sudo.pot:
	regenerate .pot files for lbuf changes
	[918ded125a0b]

	* configure, configure.in:
	Add missing "checking" message for gettext when using the cache.
	[9c21187ad1d2]

	* common/lbuf.c, include/lbuf.h, plugins/sudoers/ldap.c,
	plugins/sudoers/parse.c, plugins/sudoers/sudo_nss.c,
	src/parse_args.c:
	Add primitive format string support to the lbuf code to make
	translations simpler.
	[ee71c7ef5299]

	* MANIFEST, plugins/sudoers/Makefile.in,
	plugins/sudoers/po/sudoers.pot, src/Makefile.in, src/po/sudo.pot:
	Add message catalog template files for sudo and the sudoers module.
	[f3f8acb1f014]

	* MANIFEST, common/aix.c, common/alloc.c, compat/strsignal.c,
	config.h.in, configure.in, doc/Makefile.in, include/gettext.h,
	plugins/sudoers/iolog.c, plugins/sudoers/plugin_error.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/visudo.c, src/error.c,
	src/net_ifs.c, src/sesh.c, src/sudo.c, src/sudo.h:
	Add gettext.h convenience header. This is similar to but distinct
	from the one included with the gettext package.
	[930a0591f73c]

2011-05-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Add checks for nroff -c and -Tascii flags
	[19ca990b3149]

	* configure, configure.in:
	Add check for HP bundled C Compiler (which cannot create shared
	libs)
	[517716a7072d]

	* plugins/sudoers/sudoreplay.c:
	Fix C format warnings.
	[6514326013fa]

	* include/error.h:
	Add __printflike
	[e1749a30a406]

	* plugins/sudoers/ldap.c, plugins/sudoers/parse.c,
	plugins/sudoers/sudo_nss.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/visudo.c, src/parse_args.c:
	Translate help / usage strings.
	[ee1cc9b1a8bd]

	* plugins/sudoers/Makefile.in, src/Makefile.in:
	Set --msgid-bugs-address to the bugzilla url
	[5a0aa250ca21]

	* Makefile.in, common/Makefile.in, compat/Makefile.in, configure,
	configure.in, doc/Makefile.in, include/Makefile.in,
	plugins/sample/Makefile.in, plugins/sample_group/Makefile.in,
	plugins/sudoers/Makefile.in, src/Makefile.in, zlib/Makefile.in:
	Add scaffolding to update .po files and install .mo files.
	[f05f4eed1fe1]

	* doc/license.pod:
	update copyright year
	[fa0c62523875]

	* INSTALL, README:
	No need to include version number at the top of these files.
	[9f2981325351]

2011-05-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/env.c,
	plugins/sudoers/find_path.c, plugins/sudoers/group_plugin.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/visudo.c:
	Minor warning/error cleanup
	[9236dc85aeab]

	* config.h.in, configure.in:
	Emulate ngettext for the non-nls case
	[13571d63fa36]

	* plugins/sudoers/ldap.c:
	Do not mark untranslatable strings for translation
	[735f5d4413fe]

	* plugins/sudoers/check.c:
	Use ROOT_UID not 0.
	[09a268db8da4]

	* plugins/sudoers/check.c, plugins/sudoers/iolog.c,
	plugins/sudoers/logging.c, src/exec.c, src/exec_pty.c,
	src/load_plugins.c, src/sudo.c, src/sudo_edit.c:
	Minor warning/error message cleanup
	[3c7b1a7939b5]

	* plugins/sudoers/auth/fwtk.c, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/iolog.c, plugins/sudoers/ldap.c,
	plugins/sudoers/logging.c, plugins/sudoers/mon_systrace.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/visudo.c, src/exec.c,
	src/exec_pty.c, src/net_ifs.c, src/selinux.c:
	cannot -> "unable to" in warning/error messages
	[31c3897649e9]

	* plugins/sudoers/check.c, plugins/sudoers/mon_systrace.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sudo_nss.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/visudo.c, src/exec_pty.c,
	src/sudo.c, src/utmp.c:
	can't -> "unable to" in warning/error messages
	[127b75f15291]

	* configure, configure.in:
	FreeBSD needs the main sudo executable to link with -lpam when
	loading dynaic pam modules for some reason.
	[944522cc9bef]

2011-05-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c, src/exec.c, src/exec_pty.c, src/sudo.c:
	We don't want to translate debugging messages.
	[56a1a365815a]

	* configure, configure.in, plugins/sudoers/Makefile.in,
	plugins/sudoers/iolog.c, plugins/sudoers/plugin_error.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/visudo.c,
	src/Makefile.in, src/sesh.c, src/sudo.c:
	Add calls to bindtextdomain() and textdomain() Currently there are
	two domains, one for the sudo front-end and one for the sudoers
	plugin and its associated utilities.
	[0426138f789e]

	* configure, configure.in:
	Fix caching of libc gettext check.
	[942142d2c43a]

	* plugins/sudoers/def_data.c, plugins/sudoers/defaults.c,
	plugins/sudoers/mkdefaults:
	Mark defaults descriptions for translation
	[5b27f018e6cf]

	* NEWS:
	Update for sudo 1.8.1p2
	[747c4dee2ca7]

2011-05-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Quiet compiler warning when SELinux is enabled.
	[1fbf77dda240]

	* plugins/sudoers/plugin_error.c, plugins/sudoers/sudoreplay.c,
	src/error.c, src/net_ifs.c, src/sesh.c:
	Add missing includes of libintl.h.
	[bc1d66316082]

	* plugins/sudoers/auth/pam.c:
	Fix gettext marker.
	[a5cf4ed66c66]

	* common/aix.c, common/alloc.c, compat/strsignal.c,
	plugins/sudoers/auth/pam.c, plugins/sudoers/sudoers.h, src/sudo.h:
	Include libint.h where needed.
	[2b0e5a663c7b]

	* plugins/sudoers/alias.c, plugins/sudoers/auth/bsdauth.c,
	plugins/sudoers/auth/fwtk.c, plugins/sudoers/auth/kerb5.c,
	plugins/sudoers/auth/pam.c, plugins/sudoers/auth/rfc1938.c,
	plugins/sudoers/auth/securid.c, plugins/sudoers/auth/securid5.c,
	plugins/sudoers/auth/sia.c, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/bsm_audit.c, plugins/sudoers/check.c,
	plugins/sudoers/defaults.c, plugins/sudoers/env.c,
	plugins/sudoers/find_path.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/group_plugin.c,
	plugins/sudoers/interfaces.c, plugins/sudoers/iolog.c,
	plugins/sudoers/iolog_path.c, plugins/sudoers/ldap.c,
	plugins/sudoers/linux_audit.c, plugins/sudoers/logging.c,
	plugins/sudoers/parse.c, plugins/sudoers/plugin_error.c,
	plugins/sudoers/pwutil.c, plugins/sudoers/set_perms.c,
	plugins/sudoers/sudo_nss.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l,
	plugins/sudoers/toke_util.c, plugins/sudoers/visudo.c:
	Prepare sudoers module messages for translation.
	[7212ae1909c5]

	* plugins/sudoers/sudoers.c:
	Only check gid of sudoers file if it is group-readable.
	[50e3bc0cb242]

	* plugins/sudoers/auth/aix_auth.c:
	For AIX, keep calling authenticate() until reenter reaches 0.
	[e240815b74b1]

2011-05-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Cache the status of the initial gettext() check.
	[32751ebe1704]

	* INSTALL, configure, configure.in:
	Add --disable-nls flag and improve checks for gettext.
	[c7e6b17052de]

	* configure, configure.in:
	When building with gcc on HP-UX, use -march=1.1 to produce portable
	binaries on a pa-risc2 host. Previously, the +Dportable option was
	used for the HP-UX C compiler but gcc always produced native
	binaries.
	[8f4c749324d7]

2011-05-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/aix.c, common/alloc.c, compat/strsignal.c, src/error.c,
	src/exec.c, src/exec_pty.c, src/load_plugins.c, src/net_ifs.c,
	src/parse_args.c, src/selinux.c, src/sesh.c, src/sudo.c,
	src/sudo_edit.c, src/tgetpass.c, src/utmp.c:
	Prepare sudo front end messages for translation.
	[2fc2fabceccb]

2011-05-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.in, plugins/sudoers/auth/pam.c:
	Add initial scaffolding to support localization via gettext()
	[7d47b59fcf95]

	* compat/fnmatch.h, compat/glob.h:
	Don't let the fnmatch/glob macros expand the function prototype.
	[a9014aa0288e]

2011-05-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/fnmatch.c, compat/fnmatch.h, compat/glob.c, compat/glob.h:
	Resolve namespace collisions on HP-UX ia64 and possibly others by
	adding a rpl_ prefix to our fnmatch and glob replacements and
	#defining rpl_foo to foo in the header files.
	[caa9b690a15d]

2011-04-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Split ALL, ROLE and TYPE into their own actions. Since you can only
	have #ifdefs inside of braces, ROLE and TYPE use a naughty goto in
	the non-SELinux case. This is safe because the actions are in one
	big switch() statement.
	[7473fc2cfa2c]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Fix regexp for matching a CIDR-style IPv4 netmask. From Marc Espie.
	[9be3480c2865]

2011-04-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/UPGRADE, doc/sudoers.pod:
	askpass moved from sudoers to sudo.conf in sudo 1.8.0
	[b2c2956cec4e]

	* doc/sudoers.pod:
	Remove obsolete warning about runas_default and ordering. Move
	syslog facility and priority lists into the section where the
	relevant options are described.
	[e57b8dc3f779]

2011-04-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/auth/sia.c:
	Fix SIA support; we no longer have access to the real argc and argv
	so allocate space for a fake one and use the argv passed to the
	plugin with "sudo" for argv[0].
	[1c0552772ad2]

2011-04-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/net_ifs.c:
	Remove useless realloc when trying to get the buffer size right.
	[792225380a62]

	* plugins/sudoers/set_perms.c:
	Be explicit when setting euid to 0 before call to setreuid(0, 0)
	[7bfeb629fccb]

2011-04-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Need to do checks for krb5_verify_user, krb5_init_secure_context and
	krb5_get_init_creds_opt_alloc regardless of whether or not
	krb5-config is present.
	[9d1b98ece1d3]

2011-04-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/set_perms.c:
	Work around weird AIX saved uid semantics on setuid() and
	setreuid(). On AIX, setuid() will only set the saved uid if the euid
	is already 0.
	[069fc08150ca]

2011-04-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	update copyright year
	[1c42d579ba6e]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Treat a missing includedir like an empty one and do not return an
	error.
	[92f71d8cbfd4]

2011-04-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* pp:
	Fix ARCH setting in cross-compile Solaris packages.
	[b0de281cc889]

	* sudo.pp:
	Fix aix version setting.
	[98437dbfb085]

	* plugins/sudoers/ldap.c:
	Remove extraneous parens in LDAP filter when sudoers_search_filter
	is enabled that causes a search error. From Matthew Thomas.
	[1d75bf1fc8d9]

2011-04-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/regress/iolog_path/check_iolog_path.c:
	Correct sizeof() to fix test failure.
	[fd2f7c0c0572]

	* plugins/sudoers/Makefile.in:
	"install" target should depend on "install-dirs". Fixes "make -j"
	problem and closes bz #487. From Chris Coleman.
	[083902d38edb]

2011-04-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in:
	Add HAVE_RFC1938_SKEYCHALLENGE
	[a94cb33758a8]

2011-04-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Mention plugin loading and libgcc changes
	[e11b30b5026a]

	* src/load_plugins.c, src/sudo.c, src/sudo_plugin_int.h:
	Load plugins after parsing arguments and potentially printing the
	version. That way, an error loading or initializing a plugin doesn't
	break "sudo -h" or "sudo -V".
	[1b76f2b096a2]

	* Makefile.in:
	When using a sub-shell to invoke the sub-make, exec make instead of
	running it inside the shell to avoid an extra process.
	[fd2c04a71fbf]

	* compat/regress/fnmatch/fnm_test.in, compat/regress/glob/globtest.c:
	Stop testing unspecified behavior in fnmatch Make glob test more
	portable
	[229803093725]

	* compat/Makefile.in:
	No need to add current dir to include path and having it breaks the
	test programs that expect to get the system glob.h and fnmatch.h
	[68085f624be4]

	* INSTALL, configure, configure.in:
	Fix and document --with-plugindir; partially from Diego Elio Petteno
	[07edc52ea89e]

	* compat/Makefile.in, compat/regress/fnmatch/fnm_test.c,
	compat/regress/fnmatch/fnm_test.in, compat/regress/glob/globtest.c,
	compat/regress/glob/globtest.in:
	Fix fnmatch and glob tests to not use hard-coded flag values in the
	input file. Link test programs with libreplace so we get our
	replacement verions as needed.
	[c2cca448f660]

	* Makefile.in:
	If make in a subdir fails, fail the target in the upper level
	Makefile too. Adapted from a patch from Diego Elio Petteno
	[76fc9a0d96fd]

	* configure, configure.in, plugins/sudoers/auth/rfc1938.c:
	Add check for NetBSD-style 4-argument skeychallenge() as Gentoo also
	has this. Adapted from a patch from Diego Elio Petteno
	[a97279a59b93]

	* plugins/sudoers/Makefile.in:
	Make SUDOERS_LDFLAGS reference $(LDFLAGS) instead of using @LDFLAGS@
	directly.
	[47b884029b3b]

	* configure, configure.in:
	Fix warnings when -without-skey, --without-opie, --without-kerb4,
	--without-kerb5 or --without-SecurID were specified.
	[71ad150f4d24]

	* MANIFEST:
	Add plugins/sudoers/sudoers_version.h
	[7423966de440]

	* configure, configure.in, plugins/sample/Makefile.in,
	plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in:
	Back out the --with-libpath addition to SUDOERS_LDFLAGS since that
	now include LDFLAGS in the sudoers Makefile.in. Add missing settng
	of @LDFLAGS@ in plugin Makefile.in files.
	[b835826f889c]

2011-04-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Mention %#gid support in User_List and Runas_List
	[5a983dff017a]

	* plugins/sudoers/sudoers.c, plugins/sudoers/sudoers_version.h,
	plugins/sudoers/visudo.c:
	Keep track of sudoers grammar version and report it in the -V
	output.
	[52901a3c0296]

	* plugins/sudoers/sudo_nss.h:
	Add multiple inclusion guard
	[50853aed046e]

	* configure, configure.in, plugins/sample/Makefile.in,
	plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in:
	The --with-libpath option now adds to SUDOERS_LDFLAGS as well as
	LDFLAGS. Remove old -static hack for HP-UX < 9. Add LTLDFLAGS and
	set it to -Wc,-static-libgcc if not using GNU ld so we don't have a
	dependency on the shared libgcc in sudoers.so.
	[66ad8bc5e32d]

	* doc/sudoers.pod:
	Fix typo; from Petr Uzel
	[f9a7afd80892]

2011-04-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/testsudoers.c:
	In dump-only mode, use "root" as the default username instead of
	"nobody" as the latter may not be available on all systems.
	[0c48e6414337]

2011-03-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/testsudoers.c:
	Remove NewArgv/NewArgc, they are no longer needed.
	[16e18f734c7e]

	* plugins/sudoers/testsudoers.c:
	Fix setting of user_args
	[aa29e0d0a54a]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Add '!' token to lex tracing
	[5227ad266235]

	* plugins/sudoers/regress/testsudoers/test1.sh:
	Use group bin in test, not wheel as most systems have the bin group
	but the same is no longer true of wheel.
	[718802b3b45e]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Avoid using pre or post increment in a parameter to a ctype(3)
	function as it might be a macro that causes the increment to happen
	more than once.
	[78e281152c3a]

2011-03-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Strip off the beta or release candidate version when building AIX
	packages.
	[28fe31668559]

	* configure, configure.in:
	We need to include OSDEFS in CFLAGS when doing the utmp/utmpx
	structure checks for glibc which only has __e_termination visible
	when _GNU_SOURCE is *not* defined.
	[59ae1698911f]

	* common/aix.c:
	getuserattr(user, ...) will fall back to the "default" entry
	automatically, there's no need to check "default" manually.
	[3c7a47a61fdb]

2011-03-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/UPGRADE:
	Document parser changes.
	[ec415503308d]

	* Makefile.in, common/Makefile.in, compat/Makefile.in,
	doc/Makefile.in, include/Makefile.in, plugins/sample/Makefile.in,
	plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in,
	src/Makefile.in, zlib/Makefile.in:
	If there is an existing sudoers file, only install if it passes a
	syntax check.
	[37427c73e8cb]

	* plugins/sudoers/regress/sudoers/test6.out.ok,
	plugins/sudoers/testsudoers.c:
	Add runasgroup support to testsudoers
	[047ea5571f33]

	* plugins/sudoers/Makefile.in:
	For "make check", keep going even if a test fails.
	[ce6a0a73c372]

	* plugins/sudoers/testsudoers.c:
	More useful exit codes:
	 * 0 - parsed OK and command matched.
	 * 1 - parse error
	 * 2 - command not matched
	 * 3 - command denied
	[1d2ce1361903]

	* doc/sudoers.pod:
	Document %#gid, and %:#nonunix_gid syntax.
	[492d4f9696c4]

	* plugins/sudoers/pwutil.c:
	Add support to user_in_group() for treating group names that begin
	with a '#' as gids.
	[20240c94a134]

	* config.h.in, configure, configure.in, src/utmp.c:
	Add explicit check for struct utmpx.ut_exit.e_termination and struct
	utmpx.ut_exit.__e_termination. HP-UX uses the latter. Only update
	ut_exit if we detect one or the other.
	[b4e8cab777e6]

2011-03-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/toke.c:
	Add back missing #include of config.h
	[9ab3897a1b2e]

	* plugins/sudoers/iolog_path.c,
	plugins/sudoers/regress/iolog_path/data:
	Avoid a NULL deref on unrecognized escapes. Collapse %% -> % like
	strftime() does.
	[93395762cdcd]

	* aclocal.m4:
	Quote first argument to AC_DEFUN(); from Elan Ruusamae
	[97f53ad31d77]

2011-03-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST:
	add new sudoers tests
	[476af91b3da3]

	* plugins/sudoers/regress/sudoers/test8.in,
	plugins/sudoers/regress/sudoers/test8.out.ok,
	plugins/sudoers/regress/sudoers/test8.toke.ok:
	Add test for a newline in the middle of a string when no line
	continuation character is used.
	[de2394bc86ab]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Use bitwise AND instead of modulus to check for length being odd. A
	newline in the middle of a string is an error unless a line
	continuation character is used.
	[bdb1d762a1d5]

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Move lexer globals initialization into init_lexer.
	[1ce62211aadb]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Fix a potential crash when a non-regular file is present in an
	includedir. Fixes bz #452
	[1586760c3525]

	* pp:
	On some Linux systems, "uname -p" contains detailed processor info
	so check "uname -m" first and then "uname -p" if needed. Recognize
	PLD Linux.
	[b8535cb9012e]

2011-03-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/redblack.c:
	Don't need all sudoers.h here.
	[8c0929f42dab]

	* src/sudo.c:
	Print sudo version early, in case policy plugin init fails.
	[47cddc4358bc]

2011-03-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/regress/sudoers/test4.toke.ok:
	Update to match change in input.
	[4a3af8e68790]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Make an empty group or netgroup a syntax error.
	[66f51ddc2ff6]

	* plugins/sudoers/regress/sudoers/test7.in,
	plugins/sudoers/regress/sudoers/test7.out.ok,
	plugins/sudoers/regress/sudoers/test7.toke.ok:
	An empty group or netgroup should be a syntax error.
	[bd5bf1e2edce]

	* plugins/sudoers/regress/sudoers/test6.in,
	plugins/sudoers/regress/sudoers/test6.out.ok,
	plugins/sudoers/regress/sudoers/test6.toke.ok:
	Check that uids work in per-user and per-runas Defaults Check that
	uids and gids work in a Command_Spec
	[c5e848e6082b]

	* plugins/sudoers/regress/sudoers/test5.in,
	plugins/sudoers/regress/sudoers/test5.out.ok,
	plugins/sudoers/regress/sudoers/test5.toke.ok:
	Test empty string in User_Alias and Command_Spec
	[3a084d777e03]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Allow a group ID in the User_Spec.
	[bc2859eb71dc]

2011-03-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Return an error for the empty string when a word is expected. Allow
	an ID for per-user or per-runas Defaults.
	[915c259b00ff]

	* plugins/sudoers/testsudoers.c:
	Fix printing "User_Alias FOO = ALL"
	[ba58c3d548b3]

2011-03-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/parse_args.c:
	Better error message about invalid -C argument
	[c9a8d15bbf5d]

	* NEWS:
	fix typo
	[cdcfbafed013]

	* doc/sudoers.pod:
	Fix placement of equal size ('=') in user specification summary.
	[5ad7178b230d]

2011-03-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST:
	update to match sudoers regress
	[e04db0648717]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Restore ability to define TRACELEXER and have trace output go to
	stderr.
	[d9531e4d1b20]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Restore old behavior of setting sawspace = TRUE for command line
	args when a line continuation character is hit to avoid causing
	problems for existing sudoers files.
	[fd930ad25550]

	* plugins/sudoers/regress/sudoers/test4.in,
	plugins/sudoers/regress/sudoers/test4.out.ok,
	plugins/sudoers/regress/sudoers/test4.toke.ok:
	Add test for line continuation and aliases
	[29ab538ca6bb]

	* plugins/sudoers/Makefile.in:
	Make test output line up nicely for parse vs. toke
	[257ef82c1434]

	* plugins/sudoers/Makefile.in,
	plugins/sudoers/regress/sudoers/test1.in,
	plugins/sudoers/regress/sudoers/test1.out.ok,
	plugins/sudoers/regress/sudoers/test1.toke.ok,
	plugins/sudoers/regress/sudoers/test2.in,
	plugins/sudoers/regress/sudoers/test2.out.ok,
	plugins/sudoers/regress/sudoers/test2.toke.ok,
	plugins/sudoers/regress/sudoers/test3.in,
	plugins/sudoers/regress/sudoers/test3.out.ok,
	plugins/sudoers/regress/sudoers/test3.toke.ok,
	plugins/sudoers/regress/testsudoers/test1.ok,
	plugins/sudoers/regress/testsudoers/test1.out.ok,
	plugins/sudoers/regress/testsudoers/test1.sh,
	plugins/sudoers/regress/testsudoers/test2.out,
	plugins/sudoers/regress/testsudoers/test2.sh,
	plugins/sudoers/regress/testsudoers/test3.ok,
	plugins/sudoers/regress/testsudoers/test3.sh,
	plugins/sudoers/regress/visudo/test1.ok,
	plugins/sudoers/regress/visudo/test1.sh:
	Move parser tests to sudoers directory and test the tokenizer output
	too.
	[44f529b3cdb6]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	If we match a rule anchored to the beginning of a line after parsing
	a line continuation character, return an ERROR token. It would be
	nicer to use REJECT instead but that substantially slows down the
	lexer.
	[355478293f8c]

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/toke.c, plugins/sudoers/toke.h,
	plugins/sudoers/toke.l:
	Move LEXTRACE macro to toke.h so we can use it in yyerror().
	[72ee7a06d3ca]

2011-03-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/testsudoers.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l:
	Make lex tracing settable at run-time in testsudoers via the -t
	flag. Trace output goes to stderr. Will be used by regress tests to
	check lexer.
	[93bd53c413c8]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Allow whitespace after the modifier in a Defaults entry. E.g.
	"Defaults: username set_home"
	[9dfcf8dd8a3a]

2011-03-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkpkg:
	Don't set CC when cross-compiling.
	[4b95b0c04e1c]

	* NEWS:
	Credit Matthew Thomas for the sudoers_search_filter changes.
	[a65998ab09f7]

	* MANIFEST:
	Add the .sym files to the MANIFEST
	[f599225cc861]

	* NEWS:
	Update for sudo 1.8.1 beta
	[71021e854c49]

	* doc/sudo_plugin.pod, plugins/sudoers/sudoers.c, src/parse_args.c:
	user_shell -> run_shell to avoid confusion with the user's SHELL
	variable.
	[dc0ac6dafc21]

	* src/exec_pty.c:
	Save the controlling tty process group before suspending in pty
	mode. Previously, we assumed that the child pgrp == child pid (which
	is usually, but not always, the case).
	[10b2883b7875]

	* doc/sudoers.ldap.pod, plugins/sudoers/ldap.c:
	Add support for sudoers_search_filter setting in ldap.conf. This can
	be used to restrict the set of records returned by the LDAP query.
	[b0f1b721d102]

2011-03-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Remove the hack to disable -g in CFLAGS unless --with-devel
	[89822cf84ef4]

	* doc/sudoers.pod:
	The '@' character does not normally need to be quoted.
	[7823f5ed829a]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	We normaly transition from GOTDEFS to STARTDEFS on whitespace, but
	if that whitespace is followed by a comma, we want to treat it as
	part of a list and not transition.
	[1ca6943e1824]

	* plugins/sudoers/regress/testsudoers/test3.ok,
	plugins/sudoers/regress/testsudoers/test3.sh:
	Add check for whitespace when a User_List is used for a per-user
	Defaults entry.
	[91f75e6dd19a]

	* plugins/sudoers/regress/testsudoers/test2.out,
	plugins/sudoers/regress/testsudoers/test2.sh:
	Expand quoted name checks to cover recent fixes.
	[ce4f76bca146]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Fix parsing of double-quoted names in Defaultd and Aliases which was
	broken in 601d97ea8792.
	[424b0d6c1dc4]

	* plugins/sudoers/Makefile.in:
	toke_util.c lives in $(srcdir) not $(devdir)
	[94866bebee83]

2011-03-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Change trunk version to 1.8.x to distinguish from real 1.8.0.
	[a9781e61d064]

	* NEWS, doc/UPGRADE:
	Document major changes in 1.8.1 and add upgrade notes.
	[f2cf51b0d9ce]

	* plugins/sudoers/match.c:
	Be careful not to deref user_stat if it is NULL. This cannot
	currently happen in sudo but might in other programs using the
	parser.
	[06a2334dd674]

	* mkpkg:
	configure will not add -O2 to CFLAGS if it is already defined to add
	-O2 to the CFLAGS we pass in when PIE is being used.
	[1ce6481ece59]

	* doc/sudoers.pod:
	Warn about the dangers of log_input and mention iolog_file and
	iolog_dir in the log_input and log_output descriptions.
	[ae854ffb0768]

	* pp:
	sync with git version
	[a993e39ce3cb]

	* doc/sudoers.pod:
	It seems that h comes after i
	[0f621109220d]

	* doc/sudoers.pod:
	Move log_input and log_output to their proper, sorted, location.
	Document set_utmp and utmp_runas.
	[273b234b9c34]

	* src/exec.c:
	Save the controlling tty process group before suspending so we can
	restore it when we resume. Fixes job control problems on Linux
	caused by the previous attemp to fix resuming a shell when I/O
	logging not enabled.
	[f03a660315ee]

	* common/lbuf.c:
	Fix printing of the remainder after a newline. Fixes "sudo -l"
	output corruption that could occur in some cases.
	[25d83fb501fc]

2011-03-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.in, src/exec_pty.c,
	src/sudo_exec.h, src/utmp.c:
	Add support for ut_exit
	[b574c13f1bba]

	* doc/sudo_plugin.pod, plugins/sudoers/def_data.c,
	plugins/sudoers/def_data.h, plugins/sudoers/def_data.in,
	plugins/sudoers/defaults.c, plugins/sudoers/sudoers.c, src/exec.c,
	src/exec_pty.c, src/sudo.c, src/sudo.h, src/sudo_exec.h, src/utmp.c:
	Add support for controlling whether utmp is updated and which user
	is listed in the entry.
	[44a81632133f]

	* plugins/sudoers/def_data.h, plugins/sudoers/defaults.h,
	plugins/sudoers/ldap.c, plugins/sudoers/mkdefaults,
	plugins/sudoers/parse.c:
	Fix typo; tupple vs. tuple
	[697744acb710]

	* src/utmp.c:
	For legacy utmp, strip the /dev/ prefix before trying to determine
	slot since the ttys file does not include the /dev/ prefix.
	[7ad5b81ff90c]

	* aclocal.m4, configure, configure.in, pathnames.h.in:
	Add check for _PATH_UTMP
	[21e638029bfd]

2011-03-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/regress/iolog_path/check_iolog_path.c:
	Adapt check_iolog_path to sessid changes
	[728b5fe2be6f]

	* config.h.in, configure, configure.in, src/Makefile.in,
	src/exec_pty.c, src/sudo_exec.h, src/utmp.c:
	Redo utmp handling. If no getutent()/getutxent() is available,
	assume a ttyslot-based utmp. If getttyent() is available, use that
	directly instead of ttyslot() so we don't have to do the stdin dup2
	dance.
	[18aa455cd140]

2011-03-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, src/Makefile.in, src/exec_pty.c, src/sudo_exec.h,
	src/utmp.c:
	Move utmp handling into utmp.c
	[f6eae6c8e012]

	* common/aix.c, common/alloc.c, common/fileops.c, common/fmt_string.c,
	common/lbuf.c, common/list.c, compat/isblank.c, compat/memrchr.c,
	compat/mksiglist.c, compat/nanosleep.c, compat/snprintf.c,
	compat/strlcat.c, compat/strlcpy.c, compat/strsignal.c,
	compat/utimes.c, doc/sudo.pod, doc/visudo.pod,
	include/sudo_plugin.h, plugins/sample/sample_plugin.c,
	plugins/sample_group/getgrent.c, plugins/sample_group/plugin_test.c,
	plugins/sudoers/alias.c, plugins/sudoers/auth/afs.c,
	plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/bsdauth.c,
	plugins/sudoers/auth/dce.c, plugins/sudoers/auth/fwtk.c,
	plugins/sudoers/auth/kerb4.c, plugins/sudoers/auth/kerb5.c,
	plugins/sudoers/auth/pam.c, plugins/sudoers/auth/passwd.c,
	plugins/sudoers/auth/rfc1938.c, plugins/sudoers/auth/secureware.c,
	plugins/sudoers/auth/securid.c, plugins/sudoers/auth/securid5.c,
	plugins/sudoers/auth/sia.c, plugins/sudoers/boottime.c,
	plugins/sudoers/bsm_audit.c, plugins/sudoers/env.c,
	plugins/sudoers/find_path.c, plugins/sudoers/goodpath.c,
	plugins/sudoers/logging.c, plugins/sudoers/parse.c,
	plugins/sudoers/parse.h, plugins/sudoers/redblack.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/timestr.c,
	plugins/sudoers/tsgetgrpw.c, plugins/sudoers/visudo.c, src/exec.c,
	src/exec_pty.c, src/get_pty.c, src/parse_args.c, src/sudo.c,
	src/sudo.h, src/sudo_edit.c, src/sudo_exec.h, src/sudo_noexec.c,
	src/sudo_plugin_int.h, src/tgetpass.c:
	Update copyright years.
	[16aa39f9060a]

	* doc/sudo_plugin.pod, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, src/parse_args.c:
	Add "user_shell" boolean as a way to indicate to the plugin that the
	-s flag was given.
	[fb1ef0897b32]

	* plugins/sudoers/iolog_path.c, plugins/sudoers/logging.c,
	plugins/sudoers/sudoers.h:
	Move sessid out of sudo_user.
	[ba298ddb57f4]

	* plugins/sudoers/iolog.c, plugins/sudoers/iolog_path.c,
	plugins/sudoers/logging.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	Log the TSID even if it is not a simple session ID.
	[d7cc1b9c513c]

	* doc/sample.sudo.conf, doc/sudo.pod, doc/sudoers.pod:
	Document noexec in sample.sudo.conf and add back noexec_file section
	in sudoers with a note that it is deprecated.
	[4a6e961e494d]

	* plugins/sudoers/set_perms.c:
	Fix running commands as non-root on systems where setreuid() changes
	the saved uid based on the effective uid we are changing to.
	[df0769b71b34]

2011-03-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/defaults.c, src/load_plugins.c, src/sudo.c,
	src/sudo.h:
	Move noexec path into sudo.conf now that sudo itself handles noexec.
	Currently can be configured in sudoers too but is now undocumented
	and will be removed in a future release.
	[6fa8befdc110]

	* doc/sudo.pod, doc/sudoers.pod:
	Document "Path noexec ..." in sudo.conf. No longer document
	noexec_file in sudoers, it will be removed in a future release.
	[24eee3a0b3e5]

	* plugins/sudoers/env.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, src/sudo.c, src/sudo.h:
	Move noexec handling to sudo front-end where it is documented as
	being.
	[3ed4f10d7052]

	* config.h.in, configure, configure.in, plugins/sudoers/sudoers.c,
	src/exec.c, src/exec_pty.c, src/sudo.c, src/sudo.h, src/sudo_edit.c,
	src/sudo_exec.h:
	Add support for disabling exec via solaris privileges. Includes
	preparation for moving noexec support out of sudoers and into front
	end as documented.
	[dec843ed553e]

	* plugins/sample/Makefile.in, plugins/sample/sample_plugin.sym,
	plugins/sample_group/Makefile.in,
	plugins/sample_group/sample_group.sym, plugins/sudoers/Makefile.in,
	plugins/sudoers/sudoers.sym:
	Only export the symbols corresponding to the plugin structs.
	[8d8d03b0ca54]

	* configure, configure.in, plugins/sample/Makefile.in,
	plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in:
	Install plugins manually instead of using libtool. This works around
	a problem on AIX where libtool will install a .a file containing the
	.so file instead of the .so file itself.
	[796971cfbddb]

	* Makefile.in:
	Move check into its own rule since some versions of make will run
	both targets as the default rule.
	[34d759979176]

	* configure, ltmain.sh, m4/libtool.m4, m4/ltoptions.m4,
	m4/ltversion.m4, m4/lt~obsolete.m4:
	Update to libtool 2.2.10
	[34c130de6af7]

2011-03-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c:
	In handle_signals(), restart the read() on EINTR to make sure we
	keep up with the signal pipe. Don't return -1 on EAGAIN, it just
	means we have emptied the pipe.
	[d5b9c8eb9000]

	* compat/mktemp.c:
	Reorder functions to quiet a compiler warning.
	[c9e9a23729f0]

	* mkpkg:
	Use the Sun Studio C compiler on Solaris if possible
	[11a86e27891e]

2011-03-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkpkg:
	Fix default setting of osversion variable.
	[52e49ca1cedd]

	* doc/sudo_plugin.pod:
	Make two login_class entris consistent.
	[18ff1fa94a91]

	* config.h.in, configure, configure.in, src/exec.c, src/exec_pty.c,
	src/sudo_exec.h:
	Add support for adding a utmp entry when allocating a new pty.
	Requires the BSD login(3) or SYSV/POSIX getutent()/getutxent().
	Currently only creates a new entry if the existing tty has a utmp
	entry.
	[32db72b81d80]

	* plugins/sudoers/boottime.c:
	Avoid pulling in headers we don't need on Linux For getutx?id(),
	call setutx?ent() first and always call endutx?ent().
	[5dad21e1ee1b]

	* configure, configure.in:
	Add some more libs to SUDOERS_LIBS instead of relying on them to be
	pulled in by SUDO_LIBS.
	[18a7c21c09a7]

	* plugins/sudoers/sudoers.c:
	Fix return value of "sudo -l command" when command is not allowed,
	broken in [c7097ea22111]. The default return value is now TRUE and a
	bad: label is used when permission is denied. Also fixed missing
	permissions restoration on certain errors. On error()/errorx(), the
	password and group files are now closed before returning.
	[4f2d0e869ae5]

2011-03-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/set_perms.c, plugins/sudoers/sudoers.c:
	Fix passing of login class back to sudo front end.
	[6f70a784ce48]

	* mkpkg:
	Add --osversion flag to specify OS instead of running "pp
	--probeonly"
	[a8efdccb7bc1]

	* sudo.pp:
	Fix expr usage w/ GNU expr
	[48895599ee63]

2011-03-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c:
	Fix exit value for validate and list mode.
	[c7097ea22111]

	* plugins/sudoers/sudoers.c:
	Fix non-interactive mode with sudoers plugin.
	[172f29597bd2]

2011-03-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoreplay.pod:
	sudoreplay can now find IDs other than %{seq} and display the
	session.
	[fc3dd3be67e9]

2011-03-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoreplay.c:
	Add support for replaying sessions when iolog_file is set to
	something other than %{seq}.
	[ca3131243874]

	* plugins/sudoers/visudo.c:
	If we are killed by a signal, display the name of the signal that
	got us.
	[994bb76a990e]

	* configure, configure.in:
	Move libs used for authentication from SUDO_LIBS to SUDOERS_LIBS
	where they belong.
	[40f94b936fa4]

	* configure.in:
	Fix bug in skey/opie check that could cause a shell warning.
	[83c043072be5]

	* plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c:
	No longer need sudo_getepw() stubs.
	[bbee15c36912]

2011-03-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudo_nss.c:
	Fix exit value of "sudo -l command" in sudoers module.
	[a6541867521b]

2011-03-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/regress/glob/globtest.c:
	Use fgets() not fgetln() for portability.
	[df1bb67fb168]

	* sudo.pp:
	Don't use the beta or release candidate version as the rpm release.
	[d661ef78021a]

2011-02-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	version 1.8.0
	[f6530d56f6ae] [SUDO_1_8_0]

	* NEWS:
	update sudo 1.8 section
	[f2ee2cf95d18]

2011-02-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/regress/testsudoers/test2.sh:
	fix test description
	[cd5730fa9f09]

	* plugins/sudoers/regress/testsudoers/test2.out,
	plugins/sudoers/regress/testsudoers/test2.sh,
	plugins/sudoers/regress/visudo/test2.out,
	plugins/sudoers/regress/visudo/test2.sh:
	convert test2 to use testsudoers
	[b5ec3f0b69f1]

	* include/sudo_plugin.h, src/sudo_plugin_int.h:
	Move struct generic_plugin to sudo_plugin_int.h
	[6f7bc629329c]

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/parse.c, plugins/sudoers/parse.h,
	plugins/sudoers/set_perms.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	Allow sudoers file name, mode, uid and gid to be specified in the
	settings list. The sudo front end does not currently set these but
	may in the future.
	[22f38a0fda2a]

2011-02-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in, doc/sudo.cat, doc/sudo.man.in,
	doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudoers.cat,
	doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in, doc/sudoers.man.in,
	doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/visudo.cat,
	doc/visudo.man.in:
	1.8.0rc1
	[5d4588b9c057]

	* doc/sudo.pod, doc/sudoreplay.pod, doc/visudo.pod,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/visudo.c,
	src/parse_args.c, src/sudo.h:
	add help text to sudo, visudo and sudoreplay for the -h option
	[52e7378d8476]

2011-02-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/snprintf.c:
	avoid using "howmany" for a parameter name since it is a select-
	related macro
	[a14d565401a1]

	* doc/sudoers.pod:
	mention group_plugin when describing nonunix_group
	[e0d1d0034b17]

	* doc/sudo_plugin.pod:
	Add missing period at end of sentence
	[6744d7e9056d]

	* Makefile.in, doc/Makefile.in, include/Makefile.in,
	plugins/sample/Makefile.in, plugins/sample_group/Makefile.in,
	plugins/sudoers/Makefile.in, src/Makefile.in:
	add localstatedir; closes bug 471
	[7aefcab85088]

	* config.h.in, configure, configure.in, plugins/sudoers/sudoreplay.c,
	src/exec.c, src/exec_pty.c:
	The howmany macro lives in sys/sysmacros.h on SVR5 systems Closes
	Bug 470
	[927ed6740f32]

	* configure.in:
	add missing AH_TEMPLATE for ENV_RESET
	[16300010c986]

	* src/exec.c:
	SVR5 systems return non-zero for success on socketpair(), check for
	-1 instead. Closes Bug 469
	[4d276494bf8e]

2011-02-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	1.8.0b5
	[d611cd5d73d3]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo_plugin.cat,
	doc/sudo_plugin.man.in, doc/sudoers.cat, doc/sudoers.ldap.cat,
	doc/sudoers.ldap.man.in, doc/sudoers.man.in, doc/sudoreplay.cat,
	doc/sudoreplay.man.in, doc/visudo.cat, doc/visudo.man.in:
	regen
	[85e96eeaed82]

	* doc/sudo.pod:
	Document that a sudo.conf file with no Pligin lines uses the default
	sudoers plugins.
	[88bd52da977f]

	* src/load_plugins.c:
	If sudo.conf contains no Plugin lines, use the default sudoers
	policy and I/O plugins.
	[fd8f4cb811ab]

2011-02-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudo_nss.c:
	Avoid printing empty "Runas and Command-specific defaults for user"
	line.
	[2dd330fe4f8b]

	* common/lbuf.c:
	Truncate the buffer at buf.len before printing in the non-wordwrap
	case.
	[901e9833f80d]

	* common/lbuf.c:
	Remove extra newline when the tty width is very small or unavailable
	[245c05506c0e]

2011-02-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/alias.c:
	Remove unneeded variable.
	[2c086d30b796]

2011-02-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Prefer getutxid over getutid
	[3f3322e9c93e]

	* plugins/sudoers/boottime.c:
	Include utmp.h / utmpx.h before missing.h as apparently including it
	afterwards causes a compilation problem on GNU Hurd.
	[a528029ae962]

2011-02-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoreplay.c, plugins/sudoers/toke_util.c:
	#include "foo.h", not <foo.h> for local includes.
	[f65ec693998e]

	* src/parse_args.c:
	remove bogus XXX
	[9136c17d53ce]

	* compat/mksiglist.c:
	Fix typo
	[1a3bb7b455c9]

	* compat/glob.c, plugins/sudoers/ldap.c, plugins/sudoers/logging.c,
	plugins/sudoers/match.c:
	return foo not return(foo)
	[5c9e0647359a]

2011-02-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c:
	Remove duplicate FD_SET of signal_pipe[0]
	[3096527d2215]

2011-02-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/mksiglist.c:
	Use "missing.h" not <missing.h> in generated code.
	[d8e09cffbe09]

2011-02-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* aclocal.m4, configure:
	fix --with-iologdir=no
	[a89699cb5f5f]

	* aclocal.m4, configure:
	fix typo that broke --with-iologdir
	[91b54eb22403]

2011-02-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in, doc/sudo.cat, doc/sudo.man.in,
	doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudoers.cat,
	doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in, doc/sudoers.man.in,
	doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/visudo.cat,
	doc/visudo.man.in:
	Bump version to 1.8.0b4
	[e2b7f2cdc02e]

	* NEWS:
	sync
	[decf5a0a8a33]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.pod:
	Attempt to clarify how users and groups interact in Runas_Specs
	[e6fb3a2dbd77]

	* plugins/sudoers/regress/visudo/test2.out,
	plugins/sudoers/regress/visudo/test2.sh:
	Add test for quoted group that contains escaped double quotes
	[44596c48c629]

	* src/exec.c, src/exec_pty.c:
	Pass SIGUSR1/SIGUSR2 through to the child.
	[c3108a827b01]

	* src/exec_pty.c, src/sudo_exec.h:
	Use special values SIGCONT_FG and SIGCONT_BG instead of SIGUSR1 and
	SIGUSR2 to indicate whether the child should be continued in the
	foreground or background.
	[35ca47cc6785]

	* src/exec.c:
	Use pid_t not int and check the return value of kill()
	[36ae7d37d7f9]

2011-02-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_pty.c:
	Remove obsolete comment
	[baebef4919f6]

	* src/exec.c:
	In non-pty mode before continuing the child, make it the foreground
	pgrp if possible. Fixes resuming a shell.
	[fef5b1d02ddb]

	* src/exec_pty.c:
	If we get a signal other than SIGCHLD in the monitor, pass it
	directly to the child.
	[b3ecb28163a0]

	* src/exec.c, src/exec_pty.c, src/sudo.h:
	Save signal state before changing handlers and restore before we
	execute the command.
	[faf7475dc4bf]

2011-02-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog.c:
	Use a char array to map a number to a base36 digit.
	[257576c51f8b]

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in, doc/sudoers.ldap.pod:
	Be clear about what versions of sudo support new LDAP attributes.
	Fix up some formatting of attribute names. Minor other tweaks.
	[39f65df71f65]

2011-01-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	match quoted strings the same way whether in a Defaults line or as a
	user/group/netgroup name. Fixes escaped double quotes in quoted
	user/group/netgroup names.
	[601d97ea8792]

	* plugins/sudoers/Makefile.in:
	'make check' depends on visudo and testsudoers
	[127c5a24df8f]

	* plugins/sudoers/sudoers2ldif:
	Add sudoOrder attribute to each entry Parse LOG_{INPUT,OUTPUT} tags
	[9029163a58c3]

2011-01-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/UPGRADE:
	Mention LDAP attribute compatibility status.
	[2c3595aaec63]

2011-01-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* README.LDAP:
	Mention phpQLAdmin
	[9304c9064fbe]

	* INSTALL, NEWS, config.h.in, configure, configure.in,
	doc/sudoers.man.in, doc/sudoers.pod, plugins/sudoers/defaults.c:
	Add --disable-env-reset configure option.
	[8a753aa13a46]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.pod:
	Document that sudoers_locale also affects logging and email.
	[998d6ac11277]

	* NEWS, config.h.in, configure, configure.in,
	plugins/sudoers/logging.c:
	Do logging and email sending in the locale specified by the
	"sudoers_locale" setting ("C" by default). Email send by sudo
	includes MIME headers when the sudoers locale is not "C".
	[cb7e55408400]

2011-01-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/check.c:
	Fix indentation
	[65ae7e92b9e4]

2011-01-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, src/parse_args.c, src/sudo.c:
	Perform command escaping for "sudo -s" and "sudo -i" after
	validating sudoers so the sudoers entries don't need to have all the
	backslashes.
	[4e168c103f4b]

2011-01-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/logging.c:
	Prepend "list " to the command logged when "sudo -l command" is used
	to make it clear that the command was listed, not run.
	[f392a6056cd6]

	* plugins/sudoers/parse.c:
	cosmetic change
	[7c0951dbc2dd]

	* common/aix.c, common/alloc.c, common/fileops.c, common/fmt_string.c,
	common/list.c, common/term.c, compat/fnmatch.c, compat/getcwd.c,
	compat/glob.c, compat/isblank.c, compat/memrchr.c, compat/mktemp.c,
	compat/nanosleep.c, compat/regress/glob/globtest.c,
	compat/snprintf.c, compat/strlcat.c, compat/strlcpy.c,
	compat/strsignal.c, compat/utimes.c, plugins/sample/sample_plugin.c,
	plugins/sample_group/getgrent.c, plugins/sample_group/plugin_test.c,
	plugins/sudoers/alias.c, plugins/sudoers/auth/afs.c,
	plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/bsdauth.c,
	plugins/sudoers/auth/dce.c, plugins/sudoers/auth/fwtk.c,
	plugins/sudoers/auth/kerb4.c, plugins/sudoers/auth/kerb5.c,
	plugins/sudoers/auth/pam.c, plugins/sudoers/auth/passwd.c,
	plugins/sudoers/auth/rfc1938.c, plugins/sudoers/auth/secureware.c,
	plugins/sudoers/auth/securid.c, plugins/sudoers/auth/securid5.c,
	plugins/sudoers/auth/sia.c, plugins/sudoers/bsm_audit.c,
	plugins/sudoers/check.c, plugins/sudoers/defaults.c,
	plugins/sudoers/find_path.c, plugins/sudoers/goodpath.c,
	plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/iolog.c, plugins/sudoers/ldap.c,
	plugins/sudoers/match.c, plugins/sudoers/mon_systrace.c,
	plugins/sudoers/parse.c, plugins/sudoers/pwutil.c,
	plugins/sudoers/redblack.c, plugins/sudoers/set_perms.c,
	plugins/sudoers/sudo_nss.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/timestr.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l, plugins/sudoers/toke_util.c,
	plugins/sudoers/tsgetgrpw.c, plugins/sudoers/visudo.c,
	src/exec_pty.c, src/get_pty.c, src/load_plugins.c, src/parse_args.c,
	src/sudo_noexec.c, src/tgetpass.c:
	standardize on "return foo;" rather than "return(foo);" or "return
	(foo);"
	[32d76c5aaf8c]

	* plugins/sudoers/sudoers.c:
	Do not reject sudoers file just because it is root-writable.
	[0febc579185b]

2011-01-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	sync
	[1ab03f8278ff]

	* plugins/sudoers/sudo_nss.c:
	For "sudo -U user -l" if user is not authorized on the host, say so.
	[289afe6dd15c]

	* plugins/sudoers/ldap.c:
	In sudo_ldap_lookup(), always do the initial sudoers check as the
	invoking user. If we are listing another user's privs we will do a
	separate lookup using list_pw later.
	[e52bc15de76d]

2011-01-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST:
	add parser fill tests
	[4f65140d3515]

	* compat/regress/glob/globtest.c, compat/regress/glob/globtest.in:
	Don't test features not supported by the bundled glob()
	[8ec7ace11949]

	* Makefile.in, aclocal.m4, common/Makefile.in, common/term.c,
	compat/Makefile.in, configure.in, doc/LICENSE, doc/Makefile.in,
	doc/sudo_plugin.man.in, doc/sudo_plugin.pod,
	doc/sudoers.ldap.man.in, doc/sudoers.ldap.pod, doc/sudoers.man.in,
	doc/sudoers.pod, include/Makefile.in, plugins/sample/Makefile.in,
	plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in,
	plugins/sudoers/check.c, plugins/sudoers/defaults.c,
	plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/iolog.c, plugins/sudoers/iolog_path.c,
	plugins/sudoers/ldap.c, plugins/sudoers/match.c,
	plugins/sudoers/pwutil.c, plugins/sudoers/sudo_nss.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l,
	plugins/sudoers/toke_util.c, src/Makefile.in, zlib/Makefile.in:
	Update copyright year to 2011
	[ac1b45cb1809]

	* plugins/sudoers/sudo_nss.c:
	When listing, use separate lbufs for the defaults and the privileges
	and only print something if the number of privileges is non-zero.
	Fixes extraneous Defaults output for "sudo -U unauthorized_user -l".
	[d0854d39f8ef]

	* plugins/sudoers/ldap.c:
	Stash pointer to user group vector in LDAP handle and only reuse the
	query if it has not changed. We always allocate a new buffer when we
	reset the group vector so a simple pointer check is sufficient.
	[88861d4eba69]

	* plugins/sudoers/sudo_nss.c:
	Check initgroups() return value.
	[3bdaf58408a7]

	* plugins/sudoers/Makefile.in,
	plugins/sudoers/regress/parser/check_fill.c:
	Add tests for the fill functions in toke_util.c
	[bca587ab4956]

2011-01-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/regress/iolog_path/check_iolog_path.c:
	fix copyright year
	[e2038cdaf055]

	* NEWS:
	sync
	[56ca5d5eaebe]

2011-01-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/term.c:
	Clear, don't set, OPOST in c_oflag as was intended in 506ad5ae9b4e.
	[b91f266624ec]

2011-01-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkpkg, sudo.pp:
	Add Requires line for audit-libs >= 1.4 for RHEL5+
	[6c02f976171b]

	* pp:
	sync with git version
	[d301c32d5865]

2011-01-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.pod:
	fix typo
	[39353f92976f]

2011-01-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Update for sudo 1.7.4p5
	[b444da76901f]

	* doc/schema.OpenLDAP, doc/schema.iPlanet:
	Add sudoNotBefore and sudoNotAfter attributes as optional attributes
	to the sudoRole object class. From Andreas Mueller
	[dacfad7e7a95]

2011-01-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Mention "sudo -g group" password check fix.
	[1eb8fb14e53b]

	* plugins/sudoers/sudoers.c:
	Fix "sudo -g" support in the sudoers module.
	[07d1b0ce530e]

	* plugins/sudoers/check.c:
	If the user is running sudo as himself but as a different group we
	need to prompt for a password.
	[caf1fcc9a117]

2011-01-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, config.h.in, configure, configure.in, doc/sudoers.ldap.cat,
	doc/sudoers.ldap.man.in, doc/sudoers.ldap.pod,
	plugins/sudoers/ldap.c:
	Add support for TIMEOUT in ldap.conf, mapping to the OpenLDAP
	LDAP_OPT_TIMEOUT. There is no corresponding option for mozilla-
	derived LDAP SDKs but we can pass the timeout parameter to
	ldap_search_ext_s() or ldap_search_st() when possible.
	[5537049991f7]

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in:
	regen
	[5b361c3c4324]

	* NEWS, doc/sudoers.ldap.pod, plugins/sudoers/ldap.c:
	Add NETWORK_TIMEOUT as an alias for BIND_TIMELIMIT for compatibility
	with OpenLDAP ldap.conf files.
	[e97843bd16fb]

	* plugins/sudoers/pwutil.c:
	If user has no supplementary groups, fall back on checking the group
	file expliticly.
	[5223ad4eb690]

2011-01-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/toke.h, plugins/sudoers/toke_util.c:
	constify
	[6e132a4cca61]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.h,
	plugins/sudoers/toke.l:
	Move fill macro to toke.h
	[623d430798cf]

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/toke.c,
	plugins/sudoers/toke.h, plugins/sudoers/toke.l,
	plugins/sudoers/toke_util.c:
	Split tokenizer utility functions out into toke_util.c
	[89a97bd51618]

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	ANSIfy
	[ca0eba1dfaa9]

2011-01-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST:
	sync
	[a43f94064bb3]

	* plugins/sudoers/Makefile.in:
	Add visudo tests to check target
	[8c82fb4ed40f]

	* compat/Makefile.in, compat/regress/fnmatch/fnm_test.c,
	compat/regress/fnmatch/fnm_test.in, compat/regress/glob/files,
	compat/regress/glob/globtest.c, compat/regress/glob/globtest.in:
	Add my regress tests for fnmatch() and glob() from OpenBSD.
	[6e8c1f211723]

	* plugins/sudoers/regress/testsudoers/test1.sh,
	plugins/sudoers/regress/visudo/test1.ok,
	plugins/sudoers/regress/visudo/test1.sh:
	Add regress test for command tags using visudo -c
	[18b0ef207c0f]

	* plugins/sudoers/Makefile.in,
	plugins/sudoers/regress/testsudoers/test1.ok,
	plugins/sudoers/regress/testsudoers/test1.sh:
	Add support for regress tests using testsudoers
	[1fa94bd2671b]

	* plugins/sudoers/testsudoers.c:
	Need to set user_name explicitly due to internal changes made when
	converting sudoers to a plugin.
	[1fa54e86a364]

2011-01-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, Makefile.in, common/Makefile.in, compat/Makefile.in,
	doc/Makefile.in, include/Makefile.in, plugins/sample/Makefile.in,
	plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/regress/iolog_path/data, src/Makefile.in,
	zlib/Makefile.in:
	Add regression tests for iolog_path()
	[afa4b416e559]

	* Makefile.in, common/Makefile.in, compat/Makefile.in,
	doc/Makefile.in, include/Makefile.in, plugins/sample/Makefile.in,
	plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in,
	src/Makefile.in, zlib/Makefile.in:
	Add support for "make Makefile" to regenerate Makefile from
	Makefile.in
	[98bd2dda3294]

	* plugins/sudoers/iolog_path.c:
	Quiest a bogus compiler warning.
	[5ff932a7ad67]

2011-01-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog_path.c:
	Protect call to setlocale() with HAVE_SETLOCALE
	[2c29ee3ccc81]

2011-01-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST:
	mkstemps.c was renamed mktemp.c
	[ae299c3b1827]

	* NEWS:
	Update from 1.7 branch
	[20817d79717b]

	* Makefile.in:
	Use "mv -f" when regenerating ChangeLog
	[c163635206c6]

	* plugins/sudoers/match.c:
	Fix NULL dereference with "sudo -g group" when the sudoers rule has
	no runas user or group listed. Fixes RedHat bug Bug 667103.
	[41a6a1243d9e]

2011-01-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod:
	Correct the default sudo.conf example
	[4e791698cad1]

2010-12-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog_path.c:
	Reset slashp if we allocate a new buffer for strftime()
	[e491daa4203b]

	* plugins/sudoers/iolog_path.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	Add extra out parameter to expand_iolog_path() to allow the caller
	to split the path into dir and file components if needed.
	[88346bc5ae39]

2010-12-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog.c:
	mkdir_iopath() returns size_t now that it uses strlcpy() and not
	snprintf()
	[3c4c64d265eb]

	* plugins/sudoers/iolog.c, plugins/sudoers/iolog_path.c:
	Trim leading slashes from iolog_file and trailing slashes from
	iolog_dir
	[a803b51f8948]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod,
	plugins/sudoers/iolog.c, plugins/sudoers/iolog_path.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h:
	Pass a single I/O log file name in command_details instead of
	separate dir + file parameters.
	[d672a3e46e80]

	* plugins/sudoers/sudoreplay.c:
	change an error() to errorx()
	[8013dcfdd69d]

	* plugins/sudoers/iolog.c:
	Add missing cwd line to I/O log info file that got dropped when
	iolog_deserialize_info() was added
	[7cf84f208423]

2010-12-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog.c:
	Avoid relying on globals filled in by the sudoers policy module for
	the sudoers I/O log module. The I/O log open function now pulls the
	bits it needs out of user_info and command_info.
	[c02f6951b0cc]

	* plugins/sudoers/iolog.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	If no iolog file is specified by the policy plugin, use io_nextid()
	to determine the next file in the sequence.
	[faa1130b1020]

2010-12-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod:
	Document iolog_compress in command_info
	[58895c7d12f5]

	* plugins/sudoers/iolog.c, plugins/sudoers/sudoers.c:
	Add support for the iolog_compress variable in command_info.
	[36f13a2fd1c1]

	* plugins/sudoers/iolog.c, plugins/sudoers/sudoers.c:
	Add sigsetjmp() calls to all plugin entry points just to be safe.
	[3fa482355bc4]

	* src/sudo.c, src/sudo.h:
	Don't need iolog variables in struct command_details, they are for
	the I/O log plugins to handle.
	[5111579ffd9d]

2010-12-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.pod:
	Document use of mkdtemp() for iolog path teplates
	[5db6101408a9]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo_plugin.cat,
	doc/sudo_plugin.man.in, doc/sudoers.cat, doc/sudoers.ldap.cat,
	doc/sudoers.ldap.man.in, doc/sudoers.man.in, doc/sudoreplay.cat,
	doc/sudoreplay.man.in, doc/visudo.cat, doc/visudo.man.in:
	regen
	[1ee11fd6d4eb]

	* doc/sudo_plugin.pod, doc/sudoers.pod:
	Document iolog_file and supported escape sequences for sudoers.
	Clarify that iolog_file can contain directories.
	[da611dedcbdb]

	* compat/Makefile.in, configure, configure.in:
	Fix building of mkstemps/mkdtemp replacements.
	[793a5e303122]

	* compat/mkstemps.c, compat/mktemp.c, config.h.in, configure,
	configure.in, include/missing.h:
	Provide mkdtemp() for systems without it.
	[b0527dfa965c]

	* plugins/sudoers/iolog_path.c:
	Fix typo
	[277f6c514cba]

	* plugins/sudoers/iolog.c:
	Only use mkdtemp() if the path ends in at least 6 Xs since otherwise
	glibc mkdtemp() returns EINVAL.
	[2e7323b05579]

	* plugins/sudoers/Makefile.in, plugins/sudoers/def_data.c,
	plugins/sudoers/def_data.h, plugins/sudoers/def_data.in,
	plugins/sudoers/defaults.c, plugins/sudoers/iolog.c,
	plugins/sudoers/iolog_path.c, plugins/sudoers/plugin_error.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h:
	Allow sudoers to specify the iolog file in addition to the iolog
	dir. Add escape sequence support to iolog file and dir: sequence
	number, user, group, runas_user, runas_group, hostname and command
	in addition to any escape sequence recognized by strftime(3).
	[75cd32ee0435]

	* plugins/sudoers/iolog.c:
	Add missing sigsetjmp() call in I/O plugin open function. Fixes a
	crash when the I/O plugin calls error(), errorx() or log_error().
	[1a6718bd817d]

2010-12-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo_plugin.pod, plugins/sudoers/iolog.c,
	plugins/sudoers/sudoers.c:
	Give the policy module fine-grained control over what the I/O plugin
	logs.
	[d29784fd2a66]

	* common/term.c:
	Clear OPOST from c_oflag like we used to. Fixes screen-based editors
	such as vi.
	[506ad5ae9b4e]

	* doc/sudoers.pod:
	Clarify umask option description. From Reuben Thomas.
	[1294ac84222b]

2010-12-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.ldap.pod, plugins/sudoers/ldap.c:
	Pick last match in LDAP sudoers too
	[fbfd8e85703b]

	* doc/sudo_plugin.pod:
	Document iolog_file, iolog_dir and use_pty
	[26120a59c20e]

	* plugins/sample/sample_plugin.c, plugins/sudoers/iolog.c,
	plugins/sudoers/sudoers.c:
	Adapt plugins to version I/O logging ABI 1.1
	[880dd64bc1e8]

	* src/exec.c, src/sudo.h:
	Add use_pty command_info flag for policies to indicate that a pty
	should be allocated even if no I/O logging is performed.
	[e7b167f8a6e5]

	* src/sudo.c:
	Add remaining plugin convenience functions
	[ffeaf96da031]

	* include/sudo_plugin.h, src/sudo.c, src/sudo.h,
	src/sudo_plugin_int.h:
	Change I/O log API to pass in command info to the I/O log open
	function. Add iolog_file and iolog_dir parameters to command info.
	This allows the policy plugin to specify the I/O log pathname. Add
	convenience functions for calling plugin functions that handle ABI
	backwards compatibility.
	[9b81dce76ce5]

	* compat/dlopen.c:
	Remove useless cast
	[7cecce969739]

2010-12-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Bump version to 1.8.0b3
	[1dc9f040aae0]

2010-12-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure.in:
	Remove extraneous newline
	[71c94551eea5]

2010-12-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.pod, plugins/sudoers/def_data.c,
	plugins/sudoers/def_data.h, plugins/sudoers/def_data.in,
	plugins/sudoers/defaults.c, plugins/sudoers/iolog.c:
	Make I/O log dir configurable.
	[99b576667a38]

	* aclocal.m4, configure, configure.in, doc/sudoers.pod:
	Rename io_logdir to iolog_dir
	[0731662acc8d]

2010-12-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* pp:
	Add missing '*' that prevented the generic ELF case from matching.
	[be77ca26bfb2]

	* pp:
	If file(1) can't identify the ELF binary type, try readelf(1).
	[38a18d32a9e3]

2010-11-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/auth/kerb4.c, plugins/sudoers/check.c,
	plugins/sudoers/env.c, plugins/sudoers/pwutil.c,
	plugins/sudoers/sudoers.c, src/sudo.c:
	Use %u to print uid/gid, not %lu and adjust casts to match.
	[03c43b8749cf]

	* doc/sudoers.ldap.pod:
	Clarify ordering of entries and attributes.
	[924e2a6bb603]

	* doc/sudoers.ldap.pod:
	Fix typo and editing goof.
	[79dc7ccd85a8]

	* doc/schema.ActiveDirectory, doc/schema.OpenLDAP, doc/schema.iPlanet,
	doc/sudoers.ldap.pod:
	Merge in ordered LDAP entry support from Andreas Mueller.
	[ea5885989bad]

	* plugins/sudoers/ldap.c:
	Make sure we don't dereference a NULL handle.
	[1a9f9ee15371]

2010-11-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* pp:
	Add support for RHEL 6 file modes that include a trailing dot on
	files with an SELinux security context
	[dc09be959547]

2010-11-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo.c:
	exec_setup() does not need to setuid(0), the Ubuntu issue was in the
	sudoers module.
	[d6dd99fc6062]

	* plugins/sudoers/sudoers.c:
	create_admin_success_flag() should use restore_perms() rather than
	set_perms() to restore the uid.
	[eba7a91c1f57]

	* src/sudo.c:
	In exec_setup() call setuid(0) to make certain the subsequent uid
	and gid changes will succeed. Fixes a problem on Ubuntu.
	[c5d32abf0645]

	* src/sudo_edit.c:
	Error out if we cannot change to root's uid so we catch the failure
	early.
	[7a2e7f8f2c80]

2010-11-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.pod:
	fix typo; from Michael T Hunter
	[a574a9d0db5b]

	* plugins/sudoers/match.c:
	In sudoedit mode, assume command line arguments are paths and pass
	FNM_PATHNAME to fnmatch().
	[ce0abff8ce9f]

2010-11-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Add workaround for an error in sys/types.h on HP-UX 11.23 when large
	file support is enabled. Defining _XOPEN_SOURCE_EXTENDED avoids the
	broken bits of the header file.
	[e337217f097a]

	* aclocal.m4:
	Fix SUDO_MAILDIR usage of AC_LANG_PROGRAM
	[fbbcee28961f]

	* sudo.pp:
	For Tru64, strip off beta version.
	[eeccd762df5e]

	* MANIFEST, plugins/sudoers/testsudoers.c,
	plugins/sudoers/tsgetgrpw.c, plugins/sudoers/tsgetgrpw.h:
	Avoid conflicts with system definitions in grp.h and pwd.h
	[b219ffe1da09]

	* zlib/gzguts.h:
	Include stdio.h after zlib.h, not before. We need the large file
	defines to come first.
	[21d6df39790f]

2010-11-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in:
	regen
	[3ff8750d0aac]

	* Makefile.in:
	Don't clean ChangeLog
	[ab0d30d289d4]

	* plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c:
	Add prototype for cleanup()
	[75626fd3769a]

2010-11-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/group_plugin.c:
	Avoid deferencing group_plugin if it is NULL in
	group_plugin_query(). This should not happen.
	[4f2933c8da7e]

	* plugins/sudoers/group_plugin.c:
	group plugin init function return TRUE when successful
	[198024477030]

2010-11-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	Enlarge the array of entry wrappers int blocks of 100 entries to
	save on allocation time. From Andreas Mueller
	[375c916bb03b]

	* plugins/sudoers/ldap.c:
	Add back call to sudo_ldap_timefilter() in sudo_ldap_build_pass2()
	that was mistakenly dropped.
	[1555f5bc132d]

2010-11-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/TROUBLESHOOTING:
	Mention that sudo needs "ar" to build.
	[65582ace2d09]

	* configure, configure.in:
	Fail with a more useful error if "ar" is not found.
	[d1cb83719c17]

2010-11-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	Merge in ordered LDAP entry support from Andreas Mueller and add
	local changes from the 1.7 branch.
	[bca29e461618]

2010-11-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/schema.ActiveDirectory, doc/schema.OpenLDAP, doc/schema.iPlanet,
	doc/sudoers.ldap.pod, plugins/sudoers/ldap.c:
	Add timed entry support from Andreas Mueller.
	[e18d1df46a8d]

	* plugins/sudoers/group_plugin.c:
	Don't try to unload if group_plugin is NULL. Don't call dlclose() if
	group_handle is NULL
	[de2273da37d5]

	* plugins/sudoers/sudoers.h:
	It is now plugin_cleanup(), not cleanup()
	[da62a4e1a78c]

	* plugins/sudoers/logging.c, plugins/sudoers/sudoers.c:
	Call plugin_cleanup(), not cleanup()
	[e800ad8b33ad]

2010-11-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	Use efree() not free() and remove malloc.h include since we never
	directly call malloc() or free().
	[107fffd134bb]

2010-11-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	set PSTAMP for Solaris and move the backend-specific bits to their
	own %if [xxx] %endif blocks in %set.
	[a94ebe8920c1]

	* pp:
	sync with git repo
	[75ff509696b4]

	* configure, configure.in:
	Only substitute file zlib files when using the builtin zlib
	[6c8145b2deb4]

	* common/Makefile.in, compat/Makefile.in, plugins/sample/Makefile.in,
	plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in,
	src/Makefile.in, zlib/Makefile.in:
	Give up on using VPATH to find sources as it is implemented
	inconsistenly in different versions of make.
	[60517c69aaee]

	* plugins/sudoers/Makefile.in, plugins/sudoers/getdate.c,
	plugins/sudoers/gram.c, plugins/sudoers/toke.c:
	Include config.h before any other includes to make sure we get the
	right value for _FILE_OFFSET_BITS.
	[8fb007ca832e]

	* MANIFEST:
	Add zlib
	[04a3e23dfaa9]

	* zlib/Makefile.in:
	Add missing targets
	[40e45a177168]

	* src/Makefile.in:
	g/c unused $(GENERATED)
	[c8758068c1bc]

2010-11-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/group_plugin.c:
	Zero out group_plugin on unload just to be safe.
	[0b10f4d101ca]

	* plugins/sudoers/group_plugin.c:
	Unload group plugin if its init function fails.
	[6552cdac4b7c]

	* src/sudo.c:
	Only chdir to cwd if it is different from the current cwd or there
	is a new root (chroot).
	[b8203e875e84]

	* configure, configure.in, doc/sudo.cat, doc/sudo.man.in,
	doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudoers.ldap.cat,
	doc/sudoers.ldap.man.in, doc/visudo.cat, doc/visudo.man.in:
	Bump version to 1.8.0b2
	[6dadeb75a878]

2010-10-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL:
	Better --enable-zlib description
	[e0da54fa59a6]

	* mkpkg:
	Use system zlib on Linux Let configure decide on Solaris For all
	others, use builtin zlib
	[3d52eddb523c]

	* zlib/zconf.h.in:
	Add large file support.
	[bec01215270d]

	* config.h.in:
	Add large file support.
	[244e95b034ec]

	* Makefile.in, configure, configure.in, doc/LICENSE, doc/license.pod,
	zlib/Makefile.in, zlib/adler32.c, zlib/compress.c, zlib/crc32.c,
	zlib/crc32.h, zlib/deflate.c, zlib/deflate.h, zlib/gzclose.c,
	zlib/gzguts.h, zlib/gzlib.c, zlib/gzread.c, zlib/gzwrite.c,
	zlib/infback.c, zlib/inffast.c, zlib/inffast.h, zlib/inffixed.h,
	zlib/inflate.c, zlib/inflate.h, zlib/inftrees.c, zlib/inftrees.h,
	zlib/trees.c, zlib/trees.h, zlib/uncompr.c, zlib/zconf.h.in,
	zlib/zlib.h, zlib/zutil.c, zlib/zutil.h:
	Add local copy of zlib for systems that lack it.
	[7542ca465c5a]

2010-10-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c:
	If perform_io() fails, kill the child before exiting so it doesn't
	complain about connection reset. We can get an I/O error if, for
	example, and we get EIO reading from stdin.
	[e59a05fa729f]

2010-10-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c, src/sudo.c:
	Fix complilation on systems with set_auth_parameters() Sprinkle
	volatile to quiet warnings from gcc 2.8.0
	[a34c2b924ba7]

	* compat/dlfcn.h, compat/dlopen.c:
	Avoid potential namespace issues with dlopen() emulation.
	[aedfababd6ca]

	* MANIFEST:
	sync
	[6afb97e6d308]

	* plugins/sudoers/interfaces.c:
	Use INADDR_NONE instead of casting -1 to in_addr_t (which may not
	exist).
	[ddfca5af1a36]

	* Makefile.in:
	Mark ChangeLog as PHONY Don't overwrite ChangeLog if we can't run hg
	[e9d04bfa4505]

	* configure, configure.in:
	HP-UX 10.20 libc has an incompatible getline
	[2e7bc202e78d]

	* plugins/sudoers/visudo.c:
	Quiet an HP-UX compiler warning.
	[55b9d587ac8c]

	* configure, configure.in:
	Check for vi even with --with-editor specified; the sample plugin
	needs it.
	[94dfc3643f76]

2010-10-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/dlopen.c:
	Fix remaining syntax errors.
	[9d729b5b577e]

	* src/Makefile.in:
	sudo binary depends on the libtool-generated libs
	[9e6148406adb]

	* plugins/sudoers/group_plugin.c, src/load_plugins.c:
	Use HAVE_DLOPEN instead of HAVE_DLFCN_H when determining whether to
	include the local or system dlfcn.h
	[68cfe4c1089b]

	* pp:
	Don't use run_as_superuser=false on HP-UX
	[532242370b09]

	* src/net_ifs.c:
	Use memset() instead of zero_bytes() since we don't include
	sudoers.h
	[a187c18c2472]

	* plugins/sudoers/interfaces.c:
	Fix pasto; AF_INET not AF_INET6
	[2d2e9d7dc6f9]

	* compat/dlopen.c:
	Actually call shl_load()
	[ed8153b8a3cd]

	* pp:
	Update from git repo. Debian: version numbers now compliant with
	policy section 5.6.12 HP-UX: minimal changes needed to work on HP-UX
	10.20
	[ecf2692bceeb]

	* configure, configure.in:
	Fix dlopen() detection for systems where dlopen() is in a separate
	library.
	[fa6b175582b6]

	* plugins/sudoers/auth/pam.c:
	If pam_acct_mgmt() returns PAM_AUTH_ERR print a (hopefully) more
	useful message and return AUTH_FATAL so sudo does not keep trying to
	validate the user.
	[1be8857e5291]

	* src/preload.c:
	sudo_preload_table is an array
	[b7704e72a9da]

	* compat/dlopen.c:
	Quiet a compiler warning and fix sudo_preload_table external
	definition.
	[8234987664cc]

	* compat/dlfcn.h:
	Fix multiple inclusion guard in dlfcn.h and fix dlerror() prototype.
	[8bab6a4053cc]

	* plugins/sudoers/group_plugin.c:
	Make this compile correctly when no dlopen is available.
	[57643879bd2b]

2010-10-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/check.c:
	Having a timestamp file defined is no longer indicative of tty
	tickets being enabled. Check def_tty_tickets directly.
	[efcc11ad157f]

	* src/exec_pty.c, src/sudo.h, src/ttysize.c:
	Fix TCGETWINSZ compat.
	[da3a8b17cf7a]

2010-10-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_pty.c, src/ttysize.c:
	Prefer newer TIOCGWINSZ ioctl to old TIOCGSIZE
	[926492dd10a6]

2010-10-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c, src/sudo.c:
	Move set_project() from sudoers module into sudo proper.
	[beabafac03b4]

	* configure, configure.in:
	Fix typo and regenerate
	[4a3caf4234f3]

	* plugins/sudoers/ldap.c:
	When iterating over returned LDAP entries, keep looking at remaining
	matches even if we have a positive match. This catches negative
	matches that may exist in other entries and more closely match the
	sudoers file behavior.
	[f47db6e609b0]

	* pp:
	Add support for multiple package instances on Solaris.
	[7f2a8b942545]

	* src/exec.c:
	Add missing signal_pipe[0] to fdsr for the non-pty case.
	[79d01e11b19c]

	* mkpkg:
	Add --with-project for Solaris
	[ffa4c2bb93f7]

	* README:
	Need ar and ranlib too
	[5c2f679172ef]

2010-09-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/env.c:
	Preserve ODMDIR environment variable by default on AIX.
	[bd47cb1e804f]

2010-09-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in, compat/Makefile.in, compat/dlfcn.h, compat/dlopen.c,
	config.h.in, configure, configure.in, plugins/sample/Makefile.in,
	plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in,
	plugins/sudoers/group_plugin.c, plugins/sudoers/plugin_error.c,
	plugins/sudoers/sudoers.c, src/Makefile.in, src/load_plugins.c,
	src/preload.c:
	Add dlopen() emulation for systems without it. For HP-UX 10, emulate
	using shl_load(). For others, link sudoers plugin statically and use
	a lookup table to emulate dlsym().
	[e92edfb3c642]

2010-09-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/fnmatch.c, compat/glob.c, compat/mksiglist.c,
	compat/nanosleep.c, compat/utimes.c:
	When including compat headers, use the compat dir as part of the
	path so we are sure to get the correct header.
	[6c2a45da6af5]

2010-09-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/linux_audit.c:
	Ignore ECONNREFUSED from audit_log_user_command() which will occur
	if auditd is not running.
	[d314fe4c8d03]

2010-09-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* pp:
	Sync with git version
	[1c0357744222]

2010-09-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/fileops.c, plugins/sudoers/defaults.c:
	Cast isblank argument to unsigned char.
	[c822dbb3ca54]

2010-09-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL, config.h.in, configure, configure.in, doc/sudoers.cat,
	doc/sudoers.man.in, doc/sudoers.pod, plugins/sudoers/defaults.c:
	Implement --with-umask-override configure flag.
	[863e3047df22]

	* plugins/sudoers/env.c:
	Take MODE_LOGIN_SHELL into account when initially setting reset_home
	instead of special-casing it later.
	[5d6b16480fd6]

	* plugins/sudoers/sudoers.c:
	In login mode, make a copy of the runas user's pw_shell for
	NewArgv[0] because 1) we modify it and 2) it will runas_pw gets
	freed before exec.
	[1d1ccb568dfa]

	* plugins/sudoers/env.c:
	Reset HOME for "sudo -i" even if HOME was listed in env_keep.
	[c1c1c65a2d63]

	* src/sudo.c:
	Use SIG_SETMASK when resetting signal mask instead of SIG_UNBLOCK.
	[7443454e5f88]

	* src/sudo.c:
	Reset signal mask at sudo startup time; we need to be able to rely
	on normal signal delivery to control the child process.
	[95800163ff94]

2010-09-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* install-sh:
	Use sed instead of expr to split a flag from its argument. Fixes a
	problem with expr interpreting its arguments as a flag when they
	start with a dash.
	[736065e14301]

	* common/lbuf.c:
	Do not need sys/time.h after all
	[91f6f668ccda]

	* common/lbuf.c:
	Include sys/time.h for utimes() and struct timeval. No longer need
	ioctl.h or termios.h
	[2d75273d3213]

	* compat/snprintf.c:
	Quiet bogus compiler warnings.
	[fe252e1968f5]

	* include/missing.h:
	Declare innetgr() for HP-UX which is missing a declaration. Declare
	domainname() for HP-UX and Solaris which are missing a declaration.
	[b37c50751138]

	* plugins/sudoers/bsm_audit.c:
	Use __sun for consistency with the rest of the sources.
	[6b086b61ccb6]

	* plugins/sudoers/group_plugin.c:
	Quiet a bogus compiler warning.
	[ebc069842c4a]

	* plugins/sudoers/pwutil.c:
	Don't try to delref a NULL group.
	[f6ff0838be21]

	* common/alloc.c, common/lbuf.c:
	Include memory.h on systems that need it.
	[4e676da81c6f]

2010-09-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c:
	Quiet gcc warnings on glibc systems that use warn_unused_result for
	write(2).
	[0532da0b7cf7]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.pod:
	sudo_plugin is in section 8; from Ted Percival
	[b4506a0de87e]

	* plugins/sudoers/Makefile.in:
	testsudoers depends on libsudoers.la, not sudoreplay
	[cdb1cc3bf06a]

2010-09-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c:
	Read as many signals on the signal pipe as we can before returning.
	[b181671da047]

	* src/exec.c, src/exec_pty.c, src/sudo_exec.h:
	Instead of using a array to store received signals, open a pipe and
	have the signal handler write the signal number to one end and
	select() on the other end. This makes it possible to handle signals
	similar to I/O without race conditions.
	[ee84d65c16b6]

2010-09-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/visudo.pod, plugins/sudoers/visudo.c:
	Make "visudo -c -f -" check the standard input.
	[195a3d2a9a26]

	* doc/sudoers.pod:
	set_home and always_set_home have an effect if HOME is present in
	the env_keep list.
	[159d0b9dc5c8]

	* plugins/sudoers/env.c:
	Make -H flag work when HOME is listed in env_keep. Also makes
	"set_home" and "always_set_home" override override HOME in env_keep.
	[a3e5b966193f]

2010-09-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in, plugins/sudoers/interfaces.c,
	plugins/sudoers/interfaces.h, plugins/sudoers/match.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/visudo.c, src/net_ifs.c:
	Convert sudoers plugin to use interface list passed in settings.
	[87d9b5f4f586]

	* doc/sudo_plugin.pod, src/Makefile.in, src/net_ifs.c,
	src/parse_args.c, src/sudo.h:
	Query local network interfaces in the main sudo driver and pass to
	the plugin as "network_addrs" in the settings list.
	[7f35bcfe77a7]

	* plugins/sudoers/bsm_audit.c:
	Solaris BSM audit return EINVAL when auditing is not enabled,
	whereas OpenBSM returns ENOSYS.
	[411b980ec58b]

2010-09-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/fnmatch.c:
	missing.h should come before most local includes
	[53921a7b8b5b]

	* plugins/sudoers/sudoreplay.c:
	missing.h should come before most local includes
	[e9abb0db1aac]

	* plugins/sudoers/sudoers.h:
	Make local includes consistent; use double quotes for local includes
	except for generated ones where we use angle brackets.
	[09de4faa9547]

	* plugins/sudoers/sudoers.c:
	Always fill in NewArgv for audit code.
	[7c3aca60519f]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Add missing LOG_INPUT/LOG_OUTPUT support in the lexer.
	[007cf6560f92]

	* common/alloc.c, common/atobool.c, common/fileops.c,
	common/fmt_string.c, common/lbuf.c, common/list.c, common/term.c,
	common/zero_bytes.c, compat/closefrom.c, compat/fnmatch.c,
	compat/getcwd.c, compat/getgrouplist.c, compat/getline.c,
	compat/getprogname.c, compat/glob.c, compat/isblank.c,
	compat/memrchr.c, compat/mksiglist.c, compat/mkstemps.c,
	compat/nanosleep.c, compat/setenv.c, compat/snprintf.c,
	compat/strlcat.c, compat/strlcpy.c, compat/strsignal.c,
	compat/unsetenv.c, compat/utimes.c, include/compat.h,
	plugins/sample/sample_plugin.c, plugins/sample_group/getgrent.c,
	plugins/sample_group/plugin_test.c,
	plugins/sample_group/sample_group.c, plugins/sudoers/audit.c,
	plugins/sudoers/auth/afs.c, plugins/sudoers/boottime.c,
	plugins/sudoers/getdate.c, plugins/sudoers/getdate.y,
	plugins/sudoers/linux_audit.c, plugins/sudoers/match.c,
	plugins/sudoers/plugin_error.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/timestr.c, src/error.c, src/sesh.c, src/sudo.h,
	src/sudo_noexec.c, src/ttysize.c:
	Make local includes consistent; use double quotes for local includes
	except for generated ones where we use angle brackets. Also g/c
	unused compat.h.
	[e57070dc8f04]

2010-09-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/match.c:
	When matching the runas user and runas group (-u and -g command line
	options), keep track of runas group and runas user matches
	separately. Only return a positive match if we have a match for both
	runas user and runas group (if specified).
	[815219e04cc8]

2010-09-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.ldap.pod, plugins/sudoers/ldap.c:
	Add support for multiple URI lines by joining the contents and
	passing the result to ldap_initialize.
	[a47cae3b72e8]

	* plugins/sudoers/ldap.c, plugins/sudoers/parse.c:
	Do not return -1 on error from the display functions; the caller
	expects a return value >= 0.
	[101456a7dd00]

	* plugins/sudoers/sudoers.c:
	Do not set both MODE_EDIT and MODE_RUN
	[8faa36694d54]

2010-09-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/missing.h:
	Move includes to the top of the file.
	[a51436798e8c]

2010-08-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in:
	Add missing definition of timedir
	[458a749c2c5e]

	* compat/fnmatch.c, compat/getprogname.c, compat/isblank.c,
	compat/mksiglist.c, compat/strsignal.c,
	plugins/sudoers/plugin_error.c, src/error.c, src/sudo_noexec.c:
	Add #include of sys/types.h for .c files that include missing.h to
	be sure that size_t and ssize_t are defined.
	[08e3132dbf4f]

	* plugins/sudoers/Makefile.in:
	Install sudoers file from the build dir not hte src dir.
	[ca89e962dbf4]

2010-08-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/set_perms.c:
	If runas_pw changes, reset the stashed runas aux group vector.
	Otherwise, if runas_default is set in a per-command Defaults
	statement, the command runs with root's aux group vector (i.e. the
	one that was used when locating the command).
	[24f9107cedd2]

	* plugins/sudoers/Makefile.in:
	Add target to generate sudoers file Remove generated sudoers file as
	part of distclean
	[fb7422e90f03]

2010-08-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c:
	When not logging I/O install a handler for SIGCONT and deliver it to
	the command upon resume. Fixes bugzilla #431
	[495dce52a5aa]

2010-08-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.h:
	g/c unused auth_pw extern definition
	[40eb7477ba17]

	* plugins/sudoers/check.c, plugins/sudoers/sudoers.c:
	Move get_auth() into check.c where it is actually used.
	[e31db0ce3a61]

2010-08-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/lbuf.c:
	Convert a remaining puts() and putchar() to use the output function.
	[d69e363a506b]

	* plugins/sudoers/plugin_error.c:
	Plug memory leak
	[68895469ea8d]

2010-08-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/env.c:
	Set dupcheck to TRUE when setting new HOME value if !env_reset but
	always_set_home is true. Prevents a duplicate HOME in the
	environment (old value plus the new one) introduced in f421f8827340.
	[9ca19183794f]

	* configure, configure.in, plugins/sudoers/sudoers,
	plugins/sudoers/sudoers.in:
	Substitute sysconfdir in the installed sudoers file to get the
	correct path for sudoers.d.
	[86072b6cd55d]

2010-08-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/get_pty.c:
	Fix typo that prevented compilation on Irix; Friedrich Haubensak
	[b48be51b65fc]

2010-08-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, common/Makefile.in, common/aix.c, common/alloc.c,
	common/atobool.c, common/fileops.c, common/fmt_string.c,
	common/lbuf.c, common/list.c, common/term.c, common/zero_bytes.c,
	compat/Makefile.in, compat/closefrom.c, compat/fnmatch.c,
	compat/getcwd.c, compat/getgrouplist.c, compat/getline.c,
	compat/getprogname.c, compat/glob.c, compat/isblank.c,
	compat/memrchr.c, compat/mksiglist.c, compat/mkstemps.c,
	compat/nanosleep.c, compat/setenv.c, compat/snprintf.c,
	compat/strlcat.c, compat/strlcpy.c, compat/strsignal.c,
	compat/unsetenv.c, compat/utimes.c, include/compat.h,
	include/missing.h, plugins/sample/sample_plugin.c,
	plugins/sample_group/getgrent.c,
	plugins/sample_group/sample_group.c, plugins/sudoers/Makefile.in,
	plugins/sudoers/audit.c, plugins/sudoers/boottime.c,
	plugins/sudoers/getdate.c, plugins/sudoers/getdate.y,
	plugins/sudoers/linux_audit.c, plugins/sudoers/plugin_error.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/timestr.c, src/Makefile.in, src/error.c, src/sesh.c,
	src/sudo.h, src/sudo_noexec.c, src/ttysize.c:
	Merge compat.h and missing.h into missing.h
	[572909ae9716]

2010-08-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/auth/pam.c:
	If the user hits ^C while a password is being read, error out before
	reading any further passwords in the pam conversation function.
	Otherwise, if multiple PAM auth methods are required, the user will
	have to hit ^C for each one.
	[23782631748c]

2010-08-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/check.c:
	Update comment
	[a5296cb3a20a]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod:
	Document sudo_conv_t function and sudo_printf_t return values.
	[745c0017814c]

	* src/conversation.c:
	Make _sudo_printf return the number of characters printed on success
	like printf(3).
	[8eeefe8d7e77]

2010-08-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c:
	sudoers.h includes sudo_plugin.h for us
	[cabe68e07807]

	* common/Makefile.in, common/gettime.c, compat/mkstemps.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/visudo.c, src/sudo.h,
	src/sudo_edit.c:
	Use gettimeofday() directly instead of via the gettime() wrapper.
	[7490426c99ae]

	* common/gettime.c, compat/snprintf.c, compat/strcasecmp.c,
	compat/strerror.c, config.h.in, configure, configure.in,
	include/compat.h, include/missing.h, plugins/sudoers/logging.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/visudo.c, src/sudo.c:
	Remove some obsolete configure tests, ancient Unix systems are no
	longer supported.
	[2be6218c3a36]

2010-08-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Set pp_kit_version and strip off patch level
	[aacfda1b676d]

	* sudo.pp:
	Better handling of versions with a patchlevel. For rpm and deb, use
	the patchlevel+1 as the release. For AIX, use the patchlevel as the
	4th version number. For the rest, just leave the patchlevel in the
	version string.
	[638bd35f2346]

2010-08-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/auth/sudo_auth.c:
	For non-standalone auth methods, stop reading the password if the
	user enters ^C at the prompt.
	[82c2911bb264]

	* configure, configure.in, plugins/sudoers/Makefile.in,
	plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/secureware.c,
	plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/auth/sudo_auth.h,
	plugins/sudoers/pwutil.c:
	No need to look up shadow password unless we are doing password-
	style authentication. This moves the shadow password lookup to the
	auth functions that need it.
	[ba9e3eba2b72]

	* plugins/sudoers/sudoers.c:
	Retain final passwd/group refs until the policy close() function.
	Note that this doesn't get called in all cases so putting this in a
	cleanup function is probably better.
	[bbe214cb4119]

	* plugins/sudoers/check.c:
	Fix mismerge
	[395115f89dd6]

	* plugins/sudoers/check.c:
	When removing/resetting the timestamp file ignore the tty ticket
	contents.
	[b709f5667a0b]

	* plugins/sudoers/sudoers.c:
	delref sudo_user.pw, runas_pw and runas_gr immediately before we
	return.
	[4d67d15dfd3b]

2010-08-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/check.c, plugins/sudoers/ldap.c,
	plugins/sudoers/match.c, plugins/sudoers/pwutil.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h:
	Reference count cached passwd and group structs. The cache holds one
	reference itself and another is added by sudo_getgr{gid,nam} and
	sudo_getpw{uid,nam}. The final ref on the runas and user passwd and
	group structs are persistent for now.
	[e544685523c3]

	* doc/UPGRADE:
	fix typo
	[e32f2d35e6c9]

2010-08-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/check.c:
	Do not produce a warning for "sudo -k" if the ticket file does not
	exist.
	[1598f6061b75]

	* plugins/sudoers/pwutil.c:
	Instead of caching struct passwd and struct group in the red-black
	tree, store a struct cache_item which includes both the key and
	datum. This allows us to user the actual name that was looked up as
	the key instead of the contents of struct passwd or struct group.
	This matters because the name in the database may not match what we
	looked up, due either to case folding or truncation (historically at
	8 characters). Also mark the disabled calls to sudo_freepwcache()
	and sudo_freegrcache() as broken since we use cached data for things
	like set_perms() and the logging functions. Fixing this would
	require making a copy of the structs for user and runas or adding a
	reference count (better).
	[225d4a22f60e]

	* plugins/sudoers/Makefile.in:
	Fix path to mkinstalldirs
	[b4968379b12d]

	* plugins/sudoers/check.c, plugins/sudoers/logging.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/visudo.c,
	src/exec_pty.c, src/get_pty.c, src/tgetpass.c:
	Quiet gcc warnings on glibc systems that use warn_unused_result for
	write(2) and others.
	[c99f138960e0]

2010-08-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Add %option noinput
	[72b9cd49b4f1]

	* aclocal.m4, configure, configure.in:
	Add cross-compile defaults for remaining AC_TRY_RUN usage. Also add
	back getgroups() check since AC_FUNC_GETGROUPS defaults to "no" when
	cross-compiling.
	[e385c176d0ee]

2010-07-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* aclocal.m4, compat/snprintf.c, config.h.in, configure, configure.in:
	Use AC_CHECK_MEMBER in SUDO_SOCK_SA_LEN Use AC_TYPE_LONG_LONG_INT
	and AC_CHECK_SIZEOF([long int]) instead of rolling our own.
	[cf3e60d9c440]

2010-07-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* pp:
	Update to latest version
	[32f93be33961]

2010-07-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Let pp determine pp_aix_version itself.
	[7cf0245d84ed]

	* INSTALL, config.h.in, configure, configure.in, mkpkg,
	plugins/sudoers/sudoers.c:
	Add support for Ubuntu admin flag file and enable it when building
	Ubuntu packages.
	[00e27cff2dfb]

	* plugins/sudoers/sudoers, sudo.pp:
	Add commented out SuSE-like targetpw settings
	[4605d47b7413]

	* configure, configure.in:
	Only try to use +DAportable for non-GCC on hppa
	[75d0f284ccf7]

	* configure, configure.in:
	Prevent configure from adding the -g flag unless in devel mode
	[b1fd3f8d45c0]

2010-07-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Go back to sudo-flavor to match existing packages and only use an
	underscore for those that need it.
	[d737069d1e1c]

	* sudo.pp:
	Use sudo_$flavor instead of sudo-$flavor since that causes the least
	amount of trouble for the various package managers.
	[71f547af35fc]

	* mkpkg:
	Fix handling of the ldap flavor Remove destdir unless --debug was
	specified Make distclean before running configure if there is a
	Makefile present
	[6316f08de7d3]

	* sudo.pp:
	Add back include file.
	[195627bf68b8]

	* mkpkg:
	Pass extra args on to configure on HP-UX, if we don't have the HP C
	compiler, disable zlib to prevent gcc from finding it in
	/usr/local/lib.
	[473efa0e2bac]

	* mkpkg:
	Use the HP ANSI C compiler on HP-UX if possible
	[fb249b6b175d]

	* plugins/sudoers/sudoreplay.c:
	Some getline() implementations (FreeBSD 8.0) do not ignore the
	length pointer when the line pointer is NULL as they should.
	[2410a1a3543c]

	* plugins/sudoers/sudoreplay.c:
	Don't need to check for *cp being non-zero, isdigit() will do that.
	[7df11ea8a487]

	* plugins/sudoers/sudoreplay.c:
	Add setlocale() so the command line arguments that use floating
	point work in different locales. Since sudo now logs the timing data
	in the C locale we must Parse the seconds in the timing file
	manually instead of using strtod(). Furthermore, sudo 1.7.3 logged
	the number of seconds with the user's locale so if the decimal point
	is not '.' try using the locale-specific version.
	[4d385765f23b]

	* src/exec.c:
	Do I/O logging in the C locale so the floating point numbers in the
	timing file are not locale-dependent.
	[5961cec044ec]

	* plugins/sudoers/sudoreplay.c:
	Use errorx() not error() for thingsthat don't set errno.
	[0fe5e692af84]

2010-07-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* pp:
	Better support for 1.2.3 style versions in Tru64 kits
	[997c549bb777]

	* sudo.pp:
	Add Tru64 kit support
	[e273a954f981]

	* pp:
	Remove apparently unnecessary use of sudo
	[be8840d85125]

	* Makefile.in, plugins/sudoers/Makefile.in:
	Create timedir as part of install-dirs target.
	[c736bc2fb14f]

	* src/exec_pty.c:
	Handle ENXIO from read/write which can occur when reading/writing a
	pty that has gone away.
	[fa2e8059879f]

	* plugins/sudoers/pwutil.c:
	sudo_pwdup() was not expanding an empty pw_shell to _PATH_BSHELL
	[3a045475d5ee]

	* mkpkg:
	platform is a pp flag not a variable
	[12eba39a47c1]

	* Makefile.in, mkpkg, sudo.pp:
	Add simple arg parsing for mkpkg so we can set debug, flavor or
	platform.
	[ada839fe252d]

	* pp:
	Make rpm backend work on AIX 5.x
	[549a76d11393]

2010-07-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers:
	Add commented out Defaults entry for log_output
	[7e67d7588900]

2010-07-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/Makefile.in:
	Remove sudo docdir completely
	[dce8e82878ef]

	* doc/sample.sudo.conf:
	Add sample sudo.conf
	[aafdba3fc411]

2010-07-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in:
	Add PACKAGE_TARNAME for docdir
	[930c92b8f8f0]

2010-07-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/Makefile.in:
	Pass install-sh -b~ here too.
	[c3f5eb446c38]

	* plugins/sample/Makefile.in, plugins/sample_group/Makefile.in,
	plugins/sudoers/Makefile.in, src/Makefile.in:
	Install binary files with -b~ to make a backup. Fixes "text file
	busy" error on HP-UX during install.
	[81f306f54f8c]

	* install-sh:
	"mv -f" on HP-UX doesn't unlink the destination first so add an
	explicit rm before moving the temporary into place.
	[fb719a79582d]

	* configure, configure.in:
	Some more ${foo} -> $(foo) conversion for consistent Makefiles.
	[0aa098770074]

	* doc/Makefile.in, plugins/sudoers/Makefile.in:
	Install sudoers2ldif in the doc dir
	[33ac3b53d7f5]

2010-07-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* pathnames.h.in:
	Add missing include of maillock.h for Solaris
	[5a58883be23a]

	* NEWS, configure, configure.in, doc/TROUBLESHOOTING, doc/UPGRADE,
	doc/sample.syslog.conf, doc/sudoers.cat:
	Change the default syslog facility from local2 to authpriv (or auth
	if the operating system doesn't support authpriv).
	[3b70ba514f49]

	* Makefile.in, sudo.pp:
	Install sudoers as /etc/sudoers on RPM and debian systems where the
	package manager will not replace a user-modified configuration file.
	This fixes upgrades from the vendor sudo packages.
	[d886b6d60b5b]

	* pp:
	RPM: use %config(noreplace) instead of %config for volatile This
	results in the new file being installed with a .rpmnew suffix
	instead of the file being replaced and the old one renamed with a
	.rpmsave suffix.
	[58be2119f8e8]

2010-07-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/mkstemps.c, plugins/sudoers/boottime.c:
	Include time.h for struct timeval
	[ddf8b04f0276]

	* src/exec_pty.c:
	The return value of strsignal() may be const and should be treated
	as const regardless.
	[620074ae1e77]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.pod:
	Mention that 127.0.0.1 will not match, nor will localhost unless
	that is the actual host name.
	[8b574122eb8f]

	* MANIFEST, NEWS, README, WHATSNEW, doc/Makefile.in, doc/UPGRADE:
	Rename WHATSNEW -> NEWS
	[d1a2c8c47d89]

	* pp:
	Updated pp with latest patches
	[98e16b9b8f62]

	* WHATSNEW:
	Sync with 1.7.4
	[65ac4dafeef7]

	* doc/UPGRADE, doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.pod,
	plugins/sudoers/sudoers:
	Add commented out line to add HOME to env_keep and add a warning to
	the note about the HOME change in UPGRADE.
	[0d6a775bb6c8]

2010-07-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoreplay.c:
	Add LINE_MAX define for those without it.
	[446d9dbe7859]

	* INSTALL, WHATSNEW, config.h.in, configure, configure.in,
	doc/UPGRADE, doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.pod,
	plugins/sudoers/defaults.c:
	The tty_tickets option is now on by default.
	[a01c48206d80]

	* WHATSNEW:
	Mention that AIX authdb support has been fixed.
	[87bd7f4eba6a]

	* common/aix.c:
	setauthdb() only sets the "old" registry if it was set by a previous
	call to setauthdb(). To restore the original value, passing NULL (or
	an empty string) to setauthdb() is sufficient.
	[470da190a254]

2010-07-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* WHATSNEW, doc/UPGRADE, doc/sudo.cat, doc/sudo.man.in, doc/sudo.pod,
	doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.pod,
	plugins/sudoers/env.c:
	Reset HOME when env_reset is enabled unless it is in env_keep
	[f421f8827340]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.pod:
	The default for set_logname has been "true" for some time now.
	[f489da5674c3]

	* plugins/sudoers/boottime.c:
	Add missing include of time.h
	[624d7014932f]

	* plugins/sudoers/logging.c:
	Fix check for dup2() return value.
	[140ea2d50d20]

	* plugins/sudoers/env.c:
	Add PYTHONUSERBASE to initial_badenv_table
	[3149aae5b12c]

	* plugins/sudoers/visudo.c:
	Treat an unknown defaults entry as a parse error.
	[b3ebad73efb2]

	* plugins/sudoers/defaults.c, plugins/sudoers/sudoers.c:
	Check return value of setdefs() but don't stop setting defaults if
	we hit an unknown one.
	[945e752239ab]

	* WHATSNEW, aclocal.m4, config.h.in, configure, configure.in,
	doc/sudo.cat, doc/sudo.man.in, doc/sudo.pod, doc/sudoers.cat,
	doc/sudoers.man.in, doc/sudoers.pod, pathnames.h.in,
	plugins/sudoers/env.c:
	If env_reset is enabled, set the MAIL environment variable based on
	the target user unless MAIL is explicitly preserved in sudoers.
	[a1b03e2e0e96]

2010-07-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* pp:
	decode debian code names
	[8741280d9960]

	* WHATSNEW:
	fix typo
	[a8a19451110b]

2010-07-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* WHATSNEW:
	Merge with 1.7.4
	[9348fa7e15b8]

	* src/sudo.c:
	Restore RLIMIT_NPROC after the uid switch if it appears that
	runas_setup() did not do it for us. Fixes a bash script problem on
	SuSE with RLIMIT_NPROC set to RLIM_INFINITY.
	[786fb272e5fd]

2010-07-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkpkg, pp, sudo.pp:
	Restore the dot removal in the os version reported by polypkg. Adapt
	mkpkg and sudo.pp to the change.
	[dcafdd53b88f]

2010-07-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL:
	document --with-pam-login
	[ea93e4c6873c]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.pod:
	The tag is NOSETENV, not UNSETENV. From Petr Uzel.
	[2ac90d8de36e]

2010-07-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Include flavor in solaris package name
	[e605f6364c9f]

	* mkpkg:
	Older shells don't support IFS= so set explictly to space, tab,
	newline.
	[7773960bc8a0]

	* mkpkg:
	Use '=' not '==' in test
	[c99d42bc48e6]

	* mkpkg:
	Fix typo that prevented debian from matching
	[84421078fcb7]

	* mkpkg:
	Add missing prefix setting for debian
	[6466f23de4aa]

	* sudo.pp:
	Use tab indents to reduce the chance of problem with <<- Fix the
	debian %set section, pp does not set pp_deb_distro Uncomment %sudo
	line in sudoers for debian Uncomment some env_keep lines for RHEL,
	SLES and debian to more closely match the vendor sudoers files. Add
	/etc/pam.d to %files Remove the /etc/sudo-ldap.conf symlink on
	debian for ldap flavor
	[c5b49feb1a0c]

	* plugins/sudoers/sudoers:
	Add commented out env_keep entries, sample Aliases and a %sudo line
	for debian.
	[387719e52d0f]

	* configure, configure.in:
	Move zlib check later on in the script to avoid a strange shell
	problem on SLES11.
	[1a3153bb1291]

	* configure.in:
	Remove check for egrep; configure has its own
	[a3b9d98cb5d2]

2010-07-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkpkg:
	Enable zlib for linux distros
	[8fa51a1405a4]

	* mkpkg:
	Add ldap flavor to default build
	[97644f5a555f]

	* mkpkg, sudo.pp:
	Simplify rpm linux distro settings
	[b9dcf10cdf20]

	* aclocal.m4, configure, configure.in, doc/UPGRADE, doc/sudoers.cat:
	Move time stamp files from /var/run/sudo to /var/{db,lib,adm}/sudo.
	[2c549c1acde9]

	* Makefile.in:
	Fix ChangeLog creation from build dir
	[3d0c7904f173]

	* plugins/sudoers/sudoers.c:
	Handle getcwd() failure.
	[aef7bef87394]

	* doc/Makefile.in, mkpkg, sudo.pp:
	Add ldap "flavor" for debian, controlled by the SUDO_FLAVOR
	environment variable.
	[be6ed611b7a8]

	* sudo.pp:
	Create sudo group on debian
	[6ed6c032042e]

	* mkpkg, sudo.pp:
	Add debian 4/5/6 and use the dot when doing version matches
	[6bcb664d1f4f]

	* aclocal.m4, configure:
	Use a loop when searching for mv, sendmail and sh
	[d5e9369f8d13]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.pod:
	Remove spurious "and"; from debian
	[a21e6f7c5b99]

	* aclocal.m4, configure, configure.in, doc/sudoers.cat,
	doc/sudoers.man.in, doc/sudoers.pod, doc/visudo.cat,
	doc/visudo.man.in, doc/visudo.pod:
	Substitute the value of EDITOR into the sudoers and visudo manuals.
	[cd79e587dd7f]

2010-07-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkpkg, pp, sudo.pp:
	Initial support for debian 4.0
	[ac6707915fa8]

	* mkpkg:
	Some platforms need -fPIE instead of -fpie
	[fd6be19e5bc2]

	* plugins/sudoers/auth/pam.c:
	Only set PAM_RHOST for Solaris, where it is needed to avoid a bug.
	On Linux it causes a DNS lookup via libaudit.
	[1e10105ade5b]

	* MANIFEST:
	Update MANIFEST to match packaging changes
	[ef86ee557b5b]

	* sudo.psf:
	We now use pp to generate HP-UX packages
	[f7aa8da7844e]

	* INSTALL.binary, plugins/sudoers/Makefile.binary.in:
	Remove vestiges of old binary package bits.
	[afffd005452f]

	* INSTALL, Makefile.in, common/Makefile.in, compat/Makefile.in,
	doc/Makefile.in, include/Makefile.in, plugins/sample/Makefile.in,
	plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in,
	src/Makefile.in:
	install-man -> install-doc
	[99b5fa05567c]

	* Makefile.in, doc/Makefile.in, include/Makefile.in, mkpkg,
	plugins/sudoers/Makefile.in, pp, src/Makefile.in, sudo.pp:
	Use http://rc.quest.com/topics/polypkg/ for packaging
	[5ca8eb75b223]

	* install-sh:
	Just ignore the -c option, it is the default Add support for -d
	option
	[a8b6b0a131e8]

2010-07-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* pathnames.h.in, plugins/sudoers/env.c, plugins/sudoers/logging.c:
	Use _PATH_STDPATH instead of _PATH_DEFPATH
	[137fa911908e]

	* plugins/sudoers/Makefile.in, src/Makefile.in:
	Do not strip binaries.
	[20166e287176]

	* INSTALL, configure, configure.in:
	Add --insults=disabled configure option to allow people to build in
	insult support but have the insults disabled unless explicitly
	enabled in sudoers.
	[523b8c552e90]

	* compat/mkstemps.c:
	Add prototype for gettime()
	[275eee40473b]

	* config.h.in, configure, configure.in, plugins/sudoers/auth/pam.c,
	plugins/sudoers/env.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	Add support for a sudo-i pam.d file to be used for "sudo -i".
	Adapted from a RedHat patch.
	[06d34f16520b]

2010-07-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/missing.h:
	Fix mkstemps() prototype
	[2421841e815b]

	* MANIFEST, compat/Makefile.in, compat/mkstemp.c, compat/mkstemps.c,
	config.h.in, configure, configure.in, include/missing.h,
	src/sudo_edit.c:
	Use mkstemps() instead of mkstemp() in sudoedit. This allows
	sudoedit to preserve the file extension (if any) which may be used
	by the editor (like emacs) to choose the editing mode.
	[d33172d2c086]

2010-07-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in, doc/sudoers.ldap.pod,
	plugins/sudoers/ldap.c:
	TLS_CACERT is now an alias for TLS_CACERTFILE. OpenLDAP uses
	TLS_CACERT, not TLS_CACERTFILE in its ldap.conf. Other LDAP client
	code, such as nss_ldap, uses TLS_CACERTFILE. Also document why you
	should avoid disabling TLS_CHECKPEER is possible.
	[196622436212]

2010-07-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod:
	Make sudo_plugin format a bit more like a man page
	[048d596e32da]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Add suport for negated user/host/command lists in a Defaults entry.
	E.g. Defaults:!baduser noexec
	[d41112cf0342]

	* Makefile.in, common/Makefile.in, compat/Makefile.in,
	doc/Makefile.in, include/Makefile.in, plugins/sample/Makefile.in,
	plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in,
	src/Makefile.in:
	Add uninstall target
	[fea66ebf136a]

	* common/Makefile.in, compat/Makefile.in:
	Remove unused AR, SED and RANLIB variables
	[2ff9928bfdb3]

	* Makefile.in:
	Do not install sample plugins
	[5443b87bd1c3]

2010-07-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, aclocal.m4, compat/setenv.c, compat/unsetenv.c, configure,
	configure.in, plugins/sudoers/env.c:
	Now that sudoers is a dynamically loaded module we cannot override
	the libc environment functions because the symbols may already have
	been resolved via libc. Remove getenv/putenv/setenv/unsetenv
	replacements from sudoers and add replacements for setenv/unsetenv
	for systems that lack them.
	[3f2b43cb8851]

	* configure, configure.in, plugins/sudoers/Makefile.in:
	Link testsudoers with -ldl when needed
	[f79606f9fcd7]

	* plugins/sample_group/plugin_test.c:
	Remove unused time.h and add limits.h for PATH_MAX
	[3f5d0074d621]

	* doc/sudoers.ldap.pod:
	Fix typo.
	[bc855fd57397]

2010-07-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sample_group/plugin_test.c:
	Do not depend on strlcpy/strlcat
	[6e7e2b5af051]

	* plugins/sample_group/plugin_test.c:
	Standalone test driver for sudoers group plugin.
	[eb1235fc3b8e]

2010-07-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/group_plugin.c, src/load_plugins.c:
	Use RTLD_LAZY instead of RTLD_NOW; was using RTLD_NOW as a debugging
	aid.
	[2a34e616229b]

	* plugins/sample_group/sample_group.c:
	Fix style nit in function declarations
	[ab87c7c76bf9]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.pod:
	Document group_plugin syntax.
	[ed1faf72ddcb]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod:
	Document the sudoers group plugin.
	[f19a62dc8cfc]

	* INSTALL, MANIFEST, Makefile.in, config.h.in, configure,
	configure.in, doc/LICENSE, doc/license.pod, include/sudo_plugin.h,
	plugins/sample_group/Makefile.in, plugins/sample_group/getgrent.c,
	plugins/sample_group/sample_group.c, plugins/sudoers/Makefile.in,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/group_plugin.c,
	plugins/sudoers/match.c, plugins/sudoers/nonunix.h,
	plugins/sudoers/set_perms.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/testsudoers.c,
	plugins/sudoers/vasgroups.c, plugins/sudoers/visudo.c, src/sudo.c:
	Replace built-in non-unix group support with a sudoers group plugin.
	Include a sample plugin that can read Unix-format group files.
	[8fc58ce0b1a8]

	* configure, configure.in, src/load_plugins.c:
	Add a trailing slash to _PATH_SUDO_PLUGIN_DIR to simplify usage.
	[5c491dddb8ef]

2010-07-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.pod, doc/sudoers.cat,
	doc/sudoers.man.in, doc/sudoers.pod:
	Move sudoers-specific bits out of sudo(8) and into sudoers(5)
	[e8a5a5830cfe]

	* aclocal.m4, configure, configure.in:
	Substitute @io_logdir@ for the sudoers I/O log directory.
	[21a75ca7b0ab]

2010-06-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, common/Makefile.in, common/aix.c, common/alloc.c,
	common/atobool.c, common/fileops.c, common/fmt_string.c,
	common/lbuf.c, common/term.c, compat/fnmatch.c, compat/getcwd.c,
	compat/getgrouplist.c, compat/getline.c, compat/glob.c,
	compat/snprintf.c, config.h.in, configure, configure.in,
	include/fileops.h, plugins/sample/sample_plugin.c,
	plugins/sudoers/alias.c, plugins/sudoers/auth/afs.c,
	plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/bsdauth.c,
	plugins/sudoers/auth/dce.c, plugins/sudoers/auth/fwtk.c,
	plugins/sudoers/auth/kerb4.c, plugins/sudoers/auth/kerb5.c,
	plugins/sudoers/auth/pam.c, plugins/sudoers/auth/passwd.c,
	plugins/sudoers/auth/rfc1938.c, plugins/sudoers/auth/secureware.c,
	plugins/sudoers/auth/securid.c, plugins/sudoers/auth/securid5.c,
	plugins/sudoers/auth/sia.c, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/boottime.c, plugins/sudoers/check.c,
	plugins/sudoers/defaults.c, plugins/sudoers/env.c,
	plugins/sudoers/find_path.c, plugins/sudoers/getdate.c,
	plugins/sudoers/getdate.y, plugins/sudoers/getspwuid.c,
	plugins/sudoers/goodpath.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/interfaces.c,
	plugins/sudoers/iolog.c, plugins/sudoers/ldap.c,
	plugins/sudoers/logging.c, plugins/sudoers/match.c,
	plugins/sudoers/parse.c, plugins/sudoers/pwutil.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sudo_nss.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l,
	plugins/sudoers/tsgetgrpw.c, plugins/sudoers/visudo.c,
	src/Makefile.in, src/aix.c, src/conversation.c, src/exec.c,
	src/exec_pty.c, src/get_pty.c, src/load_plugins.c, src/parse_args.c,
	src/sudo.c, src/sudo.h, src/sudo_edit.c, src/tgetpass.c:
	Set usrinfo for AIX Set adminstrative domain for the process when
	looking up user's password or group info and when preparing for
	execve(). Include strings.h even if string.h exists since they may
	define different things. Fixes warnings on AIX and others.
	[cf8b93e872c9]

	* Makefile.in:
	Add a separate all target for AIX make which was using the entire
	LHS (not just the first entry) of the first target as the implicit
	target.
	[a45b980a01ef]

	* plugins/sudoers/env.c:
	Do not rely on env.env_len when unsetting a variable, just use the
	NULL terminator.
	[ca6eb239c829]

	* plugins/sudoers/env.c:
	In unsetenv() check for NULL or empty name as per POSIX 1003.1-2008
	[7046ba7caa4e]

2010-06-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/vasgroups.c:
	Use warningx() instead of log_error() since the latter is not
	available to visudo or testsudoers. This does mean that they don't
	end up in syslog.
	[152b7c50f426]

	* plugins/sudoers/sudoers.c:
	Defer call to sudo_nonunix_groupcheck_cleanup() until after we have
	closed the sudoers sources. From Quest sudo.
	[c1cd573bab94]

	* plugins/sudoers/pwutil.c:
	Ignore case when matching user/group names in the cache. From Quest
	sudo.
	[2aa4ecc7d7f5]

2010-06-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.in, src/selinux.c:
	Add check for setkeycreatecon() when --with-selinux is specified.
	[affae247b4e0]

	* configure, configure.in:
	Error out if libaudit.h is missing or ununable when --with-linux-
	audit was specified
	[d82e743fac04]

	* doc/HISTORY, doc/history.pod:
	Add =head3 entries, mostly for the html version
	[ee93112d0308]

2010-06-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/HISTORY, doc/history.pod:
	Mention when LDAP was incorporate.
	[2923dc17f79c]

2010-06-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Define _LINUX_SOURCE_COMPAT on AIX for strsignal() prototype, it is
	not covered by _ALL_SOURCE.
	[c92fd69809d0]

2010-06-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog.c:
	Add a cast to quiet a compiler warning.
	[a200e07ee1bc]

	* plugins/sudoers/getdate.c, plugins/sudoers/getdate.y:
	Quiet a compiler warning.
	[c9acfc927cea]

	* plugins/sudoers/defaults.c, plugins/sudoers/sudoers.c:
	Call set_fqdn() after sudoers has parsed instead of inline as a
	callback.
	[5f4e5d075f2d]

	* WHATSNEW, plugins/sudoers/sudoers.c:
	Do not call set_fqdn() until sudoers parses (where is gets run as a
	callback).
	[09040fca6d40]

	* WHATSNEW:
	mention the change in tty ticket behavior when there is no tty
	[575a1fd98f05]

	* plugins/sudoers/check.c:
	Do not update tty ticket if there is no tty.
	[63f9c33ce6a7]

	* doc/LICENSE, doc/license.pod:
	Update copyright year
	[0722ab5d404b]

	* doc/Makefile.in:
	Do not rely on BSD make's $>
	[936a86398bd9]

	* configure, configure.in:
	Set timedir to /var/db/sudo for darwin to match Apple sudo's
	location
	[d5b9b03096f1]

2010-06-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.h:
	Add stub declarations for struct stat and struct timeval
	[f6d90551a4fd]

	* MANIFEST:
	Remove compat/sigaction.c
	[d0ed6d9a770e]

	* config.h.in, configure, configure.in, plugins/sudoers/defaults.c,
	plugins/sudoers/iolog.c, plugins/sudoers/sudoreplay.c:
	Check for zlib.h in addition to libz.
	[6e191b4a6065]

	* MANIFEST, src/Makefile.in, src/exec.c, src/exec_pty.c, src/sudo.h,
	src/sudo_exec.h:
	Move functions and symbols shared between exec.c and exec_pty.c into
	sudo_exec.h.
	[14ae63403544]

	* doc/Makefile.in:
	Comment out rules to build .man.in and .cat files unless --with-
	devel
	[3cf7e5606a85]

	* doc/Makefile.in:
	Comment out rules to build .man.in and .cat files unless --with-
	devel
	[d30495b0e29e]

	* src/parse_args.c:
	Quote any non-alphanumeric characters other than '_' or '-' when
	passing a command to be run via the shell for the -s and -i options.
	[d633f74fe2d9]

	* doc/Makefile.in:
	Add back .man suffix
	[6e63b60a2739]

	* INSTALL, MANIFEST, WHATSNEW, config.h.in, configure, configure.in,
	plugins/sudoers/Makefile.in, plugins/sudoers/audit.c,
	plugins/sudoers/bsm_audit.c, plugins/sudoers/linux_audit.c,
	plugins/sudoers/linux_audit.h, plugins/sudoers/logging.h,
	src/selinux.c:
	Add Linux audit support.
	[5a2f445e0bd4]

2010-06-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog.c:
	Remove an XXX
	[a170cbe651d1]

	* doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/sudoreplay.pod,
	plugins/sudoers/sudoreplay.c:
	Add -f (filter) option to sudoreplay to allow certain streams to be
	replayed and others ignored.
	[62e51b432ea1]

	* src/load_plugins.c, src/parse_args.c, src/sudo.c, src/sudo.h,
	src/tgetpass.c:
	Fix -A flag when askpass is specified in sudo.conf or if sudo
	doesn't need to read a password.
	[2e401e4a00e3]

	* src/exec.c, src/exec_pty.c, src/parse_args.c, src/sudo.c,
	src/sudo.h, src/sudo_edit.c, src/tgetpass.c:
	Clean up some XXXs
	[689f0b002d3d]

	* WHATSNEW, doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.pod, plugins/sudoers/ldap.c:
	Add support for multiple sudoers_base entries in ldap.conf. From
	Joachim Henke
	[e3e4a3c2bd5b]

	* config.h.in, configure, configure.in, plugins/sudoers/logging.c,
	src/exec_pty.c:
	remove setsid check, we require a POSIX system
	[cc73cb9e22c0]

	* plugins/sudoers/logging.c, src/exec_pty.c, src/selinux.c,
	src/sudo.c, src/tgetpass.c:
	Check for dup2() failure.
	[5d46d66794f5]

	* config.h.in, configure, configure.in:
	Remove dup2() check, it is not optional.
	[5f1d56de4384]

2010-06-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* WHATSNEW:
	sync with sudo 1.7.3
	[88e5c0bd6d59]

	* INSTALL:
	SunOS does not ship with an ANSI compiler
	[f13c85c67069]

	* INSTALL:
	Update OS specific notes. Delete some really ancient ones and move
	older ones to the end of the list.
	[59ce592c4c52]

	* README:
	Sudo can be downloaded from the web site too Mention "OS dependent
	notes" section in INSTALL
	[191871538984]

	* src/exec_pty.c, src/selinux.c:
	Call selinux_restore_tty() as part of cleanup() so it gets called
	from error()/errorx()
	[bb017da6b6da]

	* MANIFEST, doc/PORTING:
	Remove obsolete porting guide
	[321e35591344]

	* plugins/sudoers/interfaces.h, plugins/sudoers/match.c:
	Move union sudo_in_addr_un into interfaces.h
	[b2c8b19ee094]

	* doc/Makefile.in:
	Remove useless circular dependencies
	[5682181b59cf]

	* plugins/sudoers/auth/afs.c, plugins/sudoers/auth/aix_auth.c,
	plugins/sudoers/auth/bsdauth.c, plugins/sudoers/auth/dce.c,
	plugins/sudoers/auth/fwtk.c, plugins/sudoers/auth/kerb4.c,
	plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/rfc1938.c,
	plugins/sudoers/auth/secureware.c, plugins/sudoers/auth/securid.c,
	plugins/sudoers/auth/securid5.c, plugins/sudoers/auth/sia.c:
	Convert to ANSI C function declarations
	[a4f76927d034]

	* common/alloc.c, common/fileops.c, common/gettime.c, common/list.c,
	common/zero_bytes.c, compat/charclass.h, compat/closefrom.c,
	compat/fnmatch.c, compat/glob.c, compat/isblank.c, compat/memrchr.c,
	compat/mkstemp.c, compat/nanosleep.c, compat/snprintf.c,
	compat/strcasecmp.c, compat/strerror.c, compat/strlcat.c,
	compat/strlcpy.c, compat/timespec.h, compat/utime.h,
	compat/utimes.c, doc/HISTORY, doc/history.pod, doc/license.pod,
	include/alloc.h, include/error.h, include/lbuf.h, include/list.h,
	include/missing.h, pathnames.h.in, plugins/sudoers/alias.c,
	plugins/sudoers/audit.c, plugins/sudoers/auth/sudo_auth.h,
	plugins/sudoers/boottime.c, plugins/sudoers/bsm_audit.c,
	plugins/sudoers/bsm_audit.h, plugins/sudoers/defaults.c,
	plugins/sudoers/defaults.h, plugins/sudoers/find_path.c,
	plugins/sudoers/getspwuid.c, plugins/sudoers/goodpath.c,
	plugins/sudoers/gram.y, plugins/sudoers/interfaces.c,
	plugins/sudoers/interfaces.h, plugins/sudoers/logging.c,
	plugins/sudoers/logging.h, plugins/sudoers/match.c,
	plugins/sudoers/parse.h, plugins/sudoers/plugin_error.c,
	plugins/sudoers/pwutil.c, plugins/sudoers/redblack.c,
	plugins/sudoers/redblack.h, plugins/sudoers/sudo_nss.h,
	plugins/sudoers/sudoers.h, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/timestr.c,
	plugins/sudoers/toke.l, plugins/sudoers/visudo.c, src/aix.c,
	src/conversation.c, src/error.c, src/load_plugins.c,
	src/parse_args.c, src/sesh.c, src/sudo.h, src/sudo_noexec.c,
	src/sudo_plugin_int.h, src/sudo_usage.h.in, src/tgetpass.c:
	Update copyright year
	[26ac7991f7d8]

	* doc/Makefile.in:
	Fix commented DEVDOCS when not in devel mode.
	[e0a97eaf3793]

	* plugins/sudoers/match.c:
	Quiet a compiler warning.
	[b2a17ebd5d38]

	* plugins/sudoers/getdate.c, plugins/sudoers/getdate.y:
	Quiet a compiler warning.
	[687843bc593d]

	* plugins/sudoers/ldap.c, plugins/sudoers/sudoers.h:
	Make all functions in ldap.c static
	[b2111e89eeba]

	* doc/schema.ActiveDirectory:
	Updates from Alain Roy to provide better examples for importing the
	schema and to fix problems caused by Windows validating attributes
	which have not yet been added before committing the changes.
	[69f4c5ccaf89]

2010-06-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in, doc/Makefile.in, doc/sudo.cat,
	doc/sudo.man.in, doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudoers.cat, doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.man.in, doc/sudoreplay.cat, doc/sudoreplay.man.in,
	doc/visudo.cat, doc/visudo.man.in:
	Leave rules to build .man.in and .cat files uncommented but only
	make them part of the "all" rule in devel mode. Generate .cat files
	directly from .man.in instead of .man using default values in
	configure.in
	[c3054a44f6a5]

	* configure, configure.in:
	Bump sudo version to 1.8.0b1
	[8f79c85135e1]

	* configure, configure.in, src/sudo.c, src/sudo_usage.h.in:
	Print configure args with verbose version information.
	[1ce690660ed2]

	* TODO, plugins/sudoers/visudo.c:
	Remove tfd from struct sudoersfile; it is not used. Add prev pointer
	to struct sudoersfile. Declare list of sudoersfile using TQ_DECLARE.
	Use tq_append to append sudoers entries to the tail queue.
	[1743f9a286e4]

2010-06-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* WHATSNEW:
	Describe tty timestamp improvements
	[e214e863a313]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	A comment character may not be part of a command line argument
	unless it is quoted with a backslash. Fixes parsing of: testuser
	ALL=NOPASSWD: /usr/bin/wl #comment foo bar closes bz #441
	[ea2e990f85ed]

	* doc/sudoers.pod:
	Make this read a little bit better when passwd_timeout is 0.
	[39d362757f31]

	* doc/sudo.man.in, doc/sudo.man.pl, doc/sudo.pod:
	Attempt to handle a default password prompt timeout of zero more
	gracefully.
	[ea47d43acf5b]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Do not override value of keepopen global, instead restore it to the
	value we pushed onto the stack when popping.
	[fe282e5a3402]

	* plugins/sudoers/Makefile.in:
	Add dependency for utility programs on libreplace and libcommon
	[2339aba64928]

	* compat/sigaction.c, config.h.in, configure.in, include/compat.h,
	plugins/sudoers/logging.c, plugins/sudoers/mon_systrace.c,
	src/exec.c, src/exec_pty.c, src/tgetpass.c:
	Remove sigaction emulation Use SA_INTERRUPT in sa_flags
	[7dd61f1bd8d2]

	* MANIFEST, config.h.in, configure, configure.in, include/missing.h:
	We don't use getgrouplist() at the moment so there's no need to
	provide a compat version.
	[1597536fbada]

	* TODO:
	sync with reality
	[9e1a874e7885]

	* include/sudo_plugin.h, plugins/sudoers/auth/sudo_auth.c,
	src/conversation.c, src/sudo.h, src/tgetpass.c:
	Fix visiblepw sudoers option; the plugin API portion still needs
	documenting
	[60b6933ef5e0]

	* src/sudo.c:
	Print sudo version as well.
	[987ed459b459]

	* plugins/sudoers/iolog.c, plugins/sudoers/sudoers.c:
	Use sudo_printf for I/O log version Clarify policy plugin version
	string
	[5a58b7e8c80b]

	* plugins/sudoers/getdate.c, plugins/sudoers/getdate.y,
	plugins/sudoers/ldap.c, plugins/sudoers/sudoreplay.c:
	Silence some compiler warnings
	[afb1eba90915]

	* src/load_plugins.c, src/tgetpass.c:
	Store askpass path in a global instead of uses setenv() which many
	systems lack.
	[b440bcc0e660]

2010-06-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.pod, doc/sudo_plugin.cat,
	doc/sudo_plugin.man.in, doc/sudo_plugin.pod,
	plugins/sudoers/check.c, plugins/sudoers/def_data.c,
	plugins/sudoers/def_data.h, plugins/sudoers/def_data.in,
	plugins/sudoers/defaults.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, src/load_plugins.c, src/parse_args.c,
	src/tgetpass.c:
	Move askpass path specification from sudoers to sudo.conf.
	[5507ab867c26]

	* src/exec.c, src/exec_pty.c, src/sudo.c, src/sudo.h:
	Use a flag bit in struct command_details for selinux instead of a
	separate field.
	[c59ca4acded9]

	* src/exec.c, src/exec_pty.c, src/sudo.c, src/sudo.h:
	Implement background mode. If I/O logging we use pipes instead of a
	pty.
	[c07a4b356cbd]

	* compat/mksiglist.c, compat/strsignal.c, include/compat.h,
	src/exec.c, src/exec_pty.c, src/tgetpass.c:
	Move compat definition of NSIG to compat.h
	[ab0385467f25]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.pod, doc/sudo_plugin.cat,
	doc/sudo_plugin.man.in, doc/sudo_plugin.pod:
	Mention plugins in the sudo manual and add some missing path
	substitution in the sudo_plugin manual.
	[570f831f47a3]

	* src/Makefile.in:
	Set _PATH_SUDO_CONF based on $(sysconfdir)
	[fde51869cf07]

	* common/lbuf.c, common/term.c, config.h.in, configure, configure.in,
	src/exec.c, src/exec_pty.c, src/ttysize.c:
	Require POSIX termios to build sudo
	[9ec6b41f3f95]

	* src/tgetpass.c:
	Ignore SIGPIPE for "sudo -S"
	[7ad27fde0c06]

	* src/tgetpass.c:
	Fix uninitialized variable in TGP_ECHO case and print a newline if
	the user interrupted password input.
	[ce19204d8dd4]

	* src/tgetpass.c:
	Make TGP_ECHO override TGP_MASK and don't try to restore the
	terminal if we didn't modify it.
	[a7e11abfe7e4]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod,
	include/sudo_plugin.h, plugins/sudoers/auth/sudo_auth.c,
	src/conversation.c, src/sudo.h, src/tgetpass.c:
	Add SUDO_CONV_PROMPT_MASK define which corresponds to the
	"pwfeedback" sudoers option. Do not disable echo if TGP_ECHO is set.
	[e0550590cabe]

	* src/exec_pty.c:
	Use POSIX tcgetpgrp() instead of BSD TIOCGPGRP ioctl
	[762448182fe3]

2010-06-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c, src/exec_pty.c, src/selinux.c, src/sudo.c, src/sudo.h:
	Add selinux_enabled flag into struct command_details and set it in
	command_info_to_details(). Return an error from selinux_setup()
	instead of exiting. Call selinux_setup() from exec_setup().
	[011bea23a5a0]

2010-06-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_pty.c:
	Remove commented out copy of old sudo_execve() function.
	[9c5e21380472]

2010-06-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c:
	Fix setting selinux type on command line.
	[814b20a0b3be]

	* plugins/sudoers/iolog.c:
	In sudoers_io_close(), skip NULL io_fds[] elements.
	[4011ff7d4daf]

	* include/compat.h:
	No longer need NGROUPS_MAX define
	[cae4c49d7077]

	* compat/nanosleep.c, config.h.in, configure, configure.in,
	include/compat.h, plugins/sudoers/check.c, plugins/sudoers/iolog.c,
	plugins/sudoers/visudo.c, src/sudo_edit.c:
	Replace timerfoo macros with timevalfoo since the timer macros are
	known to be busted on some systems.
	[4f97d79f2d41]

	* src/exec_pty.c:
	Remove duplicate call to selinux_setup().
	[82bd52764e21]

	* plugins/sudoers/auth/pam.c:
	If pam_open_session() fails, pass its status to pam_end.
	[1d8de4cf8ff3]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	If a file in a #includedir has improper permissions or owner just
	skip it. This prevents packages that incorrectly install a file into
	/etc/sudoers.d from breaking sudo so easily. Syntax errors in
	#includedir files still result in a parse error (for now).
	[ade99a4549a4]

	* WHATSNEW, doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.pod,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/iolog.c:
	Add use_pty sudoers option to force use of a pty even when not
	logging I/O.
	[b280a8972a79]

	* plugins/sudoers/env.c, plugins/sudoers/sudoers.h:
	Make env_init() void as it never fails.
	[d3890e55daa7]

	* plugins/sudoers/env.c:
	No longer use _NSGetEnviron so don't need crt_externs.h
	[9b4e0e139881]

	* plugins/sudoers/env.c:
	Remove unused VNULL define
	[a42cacb263e3]

2010-06-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog.c:
	Add #define for maximum session id
	[9e18c17a28c2]

	* MANIFEST, src/Makefile.in, src/exec.c, src/exec_pty.c, src/sudo.h:
	Split exec.c into exec.c and exec_pty.c
	[d52376327332]

	* MANIFEST:
	Sync with source file moves.
	[4a62c6c9e846]

	* src/Makefile.in, src/get_pty.c, src/pty.c:
	Rename pty.c -> get_pty.c
	[5696a12bd29b]

2010-06-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog.c:
	Only use I/O input log file if def_log_input is set and output file
	if def_log_output is set.
	[d866992f1681]

2010-06-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/strsignal.c:
	Update copyright year
	[a96f2593fd4e]

	* src/pty.c:
	uid -> ttyuid
	[c3454d74ebcb]

	* plugins/sudoers/sudoers.c:
	For sudoedit, make a local copy of editor string si become part of
	argv. If no editor environment variable, split def_editor on ':'
	since it may be a colon-delimited path.
	[2ee298506a6e]

	* src/sudo_edit.c:
	Remove unneeded endpwent()/endgrent()
	[623f6743d101]

	* doc/Makefile.in:
	Use value of nroff from configure
	[b2ce649125ab]

	* src/exec.c:
	Add missing const to I/O log action function
	[d764a3955e04]

	* plugins/sudoers/check.c:
	Update copyright year and fix whitespace
	[e648c35b16be]

	* configure, configure.in:
	Fix typo
	[8e0bdfc47da4]

	* plugins/sudoers/iolog.c:
	Remove redundant tty signal blocking in log function.
	[f17f575dabd4]

2010-06-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog.c:
	Place static keyword where it belongs
	[b01aec7c86b4]

	* plugins/sudoers/logging.c:
	Always use a printf format string for send_mail()
	[13b1ada644c9]

	* common/atobool.c, plugins/sudoers/ldap.c:
	Extend atobool() so we can use it in the LDAP code.
	[73f8e6807044]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.pod:
	Sudo now stashes tty ctime for tty_tickets on Solaris too.
	[e82df13ad3fd]

	* plugins/sudoers/boottime.c:
	Fix dummy version of get_boottime()
	[01d69c06013b]

2010-06-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/check.c:
	Enable tty_is_devpts() support for Solaris with the "devices"
	filesystem.
	[237c6b25fa84]

	* src/exec.c:
	Unbreak the non-io logging case.
	[4822b9f709fb]

	* src/conversation.c, src/sudo.c, src/sudo_plugin_int.h:
	Fix symbol name conflict with sudo_printf.
	[0d44eab0a8f6]

	* plugins/sudoers/auth/pam.c:
	Fix OpenPAM detection for newer versions.
	[1b2abed232d8]

	* plugins/sudoers/vasgroups.c:
	Sync with Quest sudo git repo
	[f1d98b3cba02]

	* aclocal.m4, configure, configure.in:
	HP-UX ld uses +b instead or -R or -rpath Fix typo in libvas check
	Add missing template for ENV_DEBUG Adapted from Quest sudo
	[695dbd7b28f4]

	* README.LDAP:
	Fix typos; from Quest Sudo
	[4eba9da33b8e]

2010-06-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in:
	Add back -I$(top_srcdir); we need it for including compat/foo.h
	since we cannot rely on "foo.h" being found relative to the source
	file when the cwd is different.
	[bbf24695f325]

	* src/exec.c:
	Fix a bug where we could treat EAGAIN as a permanent error. Also set
	cstat if perform_io() returns an error.
	[200475c4326f]

	* common/alloc.c, plugins/sudoers/boottime.c,
	plugins/sudoers/sudoers.c:
	Add casts to quiet compiler warnings.
	[85eb1c336697]

	* plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/visudo.c:
	Fix typo in ternary operator usage.
	[6492ac1450e2]

2010-05-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL, configure, configure.in:
	Add --enable-warnings and fix typo in SUDO_IO_LOGDIR
	[92121d693b30]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.pod,
	doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/sudoreplay.pod:
	Update docs to match sudoers I/O logging changes
	[18d651989e49]

	* INSTALL, WHATSNEW, aclocal.m4, configure, configure.in,
	pathnames.h.in, plugins/sudoers/def_data.c,
	plugins/sudoers/def_data.h, plugins/sudoers/def_data.in,
	plugins/sudoers/defaults.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.h, plugins/sudoers/gram.y,
	plugins/sudoers/iolog.c, plugins/sudoers/parse.c,
	plugins/sudoers/parse.h, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoreplay.c:
	Break sudoers transcript feature up into log_input and log_output.
	[db3c1248d2ad]

	* plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/visudo.c:
	Use setprogname() as needed.
	[6beee63a4553]

	* plugins/sudoers/iolog.c, plugins/sudoers/sudoreplay.c:
	Adapt sudoreplay to iolog changes.
	[581f52c05f0f]

2010-05-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog.c:
	Log all input and output into separate files and store a number on
	each timing file line to indicate which file the data is in.
	[fb460c5273dd]

	* plugins/sudoers/iolog.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	Make sudoers_io functions static to iolog.c
	[b2df3cc3eecb]

2010-05-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.pod, src/parse_args.c,
	src/sudo_usage.h.in:
	Completely remove the -L flag from the sudo front end.
	[3d220030b720]

	* plugins/sudoers/sudoreplay.c:
	Fix EAGAIN handling when writing to stdout.
	[4766d77cea49]

	* plugins/sudoers/sudoers.c:
	Eliminate unused variables
	[83bd711e79c4]

	* plugins/sudoers/sudoers.c, src/exec.c, src/sudo.c:
	Re-enable cleanup functions in sudoers plugin and sudo driver for
	error()/errorx().
	[43093f937dd8]

	* plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/defaults.c,
	plugins/sudoers/interfaces.c, plugins/sudoers/iolog.c,
	plugins/sudoers/parse.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c:
	Use sudo_printf to display verbose version information.
	[435cc9f8d4a2]

	* common/Makefile.in, compat/Makefile.in, plugins/sample/Makefile.in,
	plugins/sudoers/Makefile.in, src/Makefile.in:
	Minor Makefile cleanup: fix a typo, change the removal order in the
	clean targets, and remove a superfluous include path for the sudoers
	plugin.
	[6e3b2d6b4437]

	* plugins/sudoers/env.c:
	Handle duplicate variables in the environment. For unsetenv(), keep
	looking even after remove the first instance. For sudo_putenv(),
	check for and remove dupes after we replace an existing value.
	[c1bbb88d0435]

2010-05-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in:
	Use explicit path to source file instead of $< for files that live
	in devdir and top_srcdir.
	[358ab7f6cc64]

	* plugins/sudoers/Makefile.in:
	Add explicit rules to compile gram.c and toke.c for HP-UX Pevent
	ending LIBSUDOERS_OBJS with a backslash
	[481a5c96d47e]

	* plugins/sudoers/Makefile.in, src/Makefile.in:
	Link libcommon before libreplace since libcommon may use functions
	only present in libreplace.
	[1847c496ff5b]

	* common/Makefile.in:
	Move code common to sudo and the sudoers plugin to a convenience
	library, libcommon. Removes the need to make links in the sudoers
	plugin dir and reduces re-compilation of duplicate object files.
	[4c8986352937]

	* Makefile.in, common/alloc.c, common/atobool.c, common/fileops.c,
	common/fmt_string.c, common/gettime.c, common/lbuf.c, common/list.c,
	common/term.c, common/zero_bytes.c, configure, configure.in,
	plugins/sample/Makefile.in, plugins/sudoers/Makefile.in,
	src/Makefile.in, src/alloc.c, src/atobool.c, src/fileops.c,
	src/fmt_string.c, src/gettime.c, src/lbuf.c, src/list.c, src/term.c,
	src/zero_bytes.c:
	Move code common to sudo and the sudoers plugin to a convenience
	library, libcommon. Removes the need to make links in the sudoers
	plugin dir and reduces re-compilation of duplicate object files.
	[1d1d98bd55b9]

	* src/exec.c, src/sudo.c, src/sudo.h:
	Rename script_execve to sudo_execve and rename script_foo in exec.c
	[a35ec80de96a]

	* MANIFEST, src/Makefile.in, src/exec.c, src/script.c:
	rename script.c exec.c and fix up the MANIFEST file
	[36bc3bff9578]

	* src/script.c, src/sudo.c, src/sudo.h:
	Rename script_setup() to pty_setup() and call from script_execve()
	directly.
	[899b0fb2a14d]

	* configure, configure.in:
	bump version to 1.8.0a2
	[0b1c1ca9d4e5]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod:
	Document init_session
	[b5324785a406]

	* plugins/sudoers/auth/API, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/auth/sudo_auth.h:
	Clean up the sudoers auth API a bit and update the docs.
	[c40fd4cb6e68]

	* include/sudo_plugin.h, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, src/script.c, src/sudo.c:
	Add init_session function to struct policy_plugin that gets called
	before the uid/gid/etc changes. A struct passwd pointer is passed
	in,which may be NULL if the user does not exist in the passwd
	database.The sudoers module uses init_session to open the pam
	session as needed.
	[d71723320ee8]

2010-05-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/auth/pam.c, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/auth/sudo_auth.h, plugins/sudoers/set_perms.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h:
	Add open/close session to sudo auth, only used by PAM. This allows
	us to open (and close) the PAM session from sudoers.
	[2665e2920d0d]

	* plugins/sudoers/Makefile.in:
	Add explicit rule to build getdate.o for HP-UX make.
	[7f049e989956]

	* plugins/sudoers/Makefile.in:
	Back out most of change 45e406ebdea2. Create dummy .l.c and .y.c
	rules as an alternate way to prevent HP-UX make (and others) from
	trying to rebuild the parser in non-dev mode.
	[f84badad98c5]

	* plugins/sudoers/sudoers.c:
	Re-enable PATH_MAX check for command
	[40d8a50da136]

	* Makefile.in:
	For distclean, clean the main directory last since the subdirs need
	to be able to run libtool to clean things.
	[8949a9861634]

	* compat/Makefile.in:
	Fix generation of mksiglist.h
	[b7cdc9b36650]

	* src/script.c:
	Now that we defer sending cstat until the end of script_child() we
	cannot reuse cstat when reading command status from parent.
	[25c882643466]

2010-05-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in, doc/sudo.man.in, doc/sudo.man.pl,
	doc/sudoers.cat, doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.man.in, doc/sudoers.man.pl, doc/sudoreplay.cat,
	doc/sudoreplay.man.in, doc/visudo.cat, doc/visudo.man.in:
	Use numeric registers to handle conditionals instead of trying to do
	it all with text processing.
	[478079c3fd4b]

	* doc/sudoers.pod:
	Document per-command SELinux settings
	[13840d566805]

	* plugins/sudoers/sudoers.c:
	Repair "sudo -l -U username"
	[10a0dcdf2ddf]

	* plugins/sudoers/sudoers.c:
	Set selinux role and type in command details.
	[8ae6d35a126d]

	* src/script.c, src/selinux.c, src/sudo.h:
	Rework SELinux support.
	[83279cc94bf2]

2010-05-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/script.c, src/selinux.c, src/sudo.h:
	Make SELinux support compile again. Needs more work to be complete.
	[3d3addebcf82]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	src/parse_args.c, src/script.c, src/selinux.c, src/sudo.c,
	src/sudo.h:
	Bring back closefrom settings.
	[b1c6257d4bbb]

	* plugins/sudoers/iolog.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	If running a command or sudoedit in transcript mode, call
	io_nextid() before log_allowed() so the session id is logged.
	[c42f3ae40150]

	* configure, configure.in:
	Use mandoc(1) if nroff(1) is not present.
	[daad4bbd04af]

	* doc/Makefile.in:
	Use the --file argument to config.status instead of setting
	CONFIG_FILES in the environment.
	[c89411a8bf70]

	* plugins/sudoers/Makefile.in:
	We cannot conditionally update gram.h or the dependency ordering
	gets messed up in devel mode.
	[c938953231d9]

2010-05-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in, compat/Makefile.in, configure, configure.in,
	doc/Makefile.in, include/Makefile.in, plugins/sample/Makefile.in,
	plugins/sudoers/Makefile.in, src/Makefile.in:
	Substitute @SHELL@ into Makefiles
	[36aa6a095335]

	* config.sub:
	Fix typo
	[16d294d26b58]

	* config.guess, config.sub, configure, configure.in:
	Update to autoconf 2.65
	[4fa6ea8caea3]

	* Makefile.in:
	Fix libtool target (space vs. tabs)
	[755cf3892618]

	* config.h.in, plugins/sudoers/logging.h, plugins/sudoers/visudo.c:
	Remove use of RETSIGTYPE; all modern systems have signal handlers
	that return void.
	[42b4e3aee668]

	* Makefile.in, aclocal.m4, acsite.m4, configure, configure.in,
	ltmain.sh, m4/libtool.m4, m4/ltoptions.m4, m4/ltsugar.m4,
	m4/ltversion.m4, m4/lt~obsolete.m4, plugins/sample/Makefile.in,
	plugins/sudoers/Makefile.in, src/Makefile.in:
	Update to libtool-2.2.6b. I haven't made any local modifications
	this time, which should be OK since we install sudo_noexec.so by
	hand now.
	[6f79ced593bb]

	* compat/Makefile.in, plugins/sample/Makefile.in,
	plugins/sudoers/Makefile.in, src/Makefile.in:
	Use libtool to clean objects
	[1581057d6472]

	* include/Makefile.in:
	Install sudo_plugin.h as part of "make install" and make other
	install targets callable from the top-level Makefile
	[aaaeb027d774]

	* configure, configure.in:
	regen with autoupdate to eliminate AC_TRY_LINK
	[5d5541c230f5]

	* Makefile.in, compat/Makefile.in, configure, configure.in,
	doc/Makefile.in, plugins/sample/Makefile.in,
	plugins/sudoers/Makefile.in, src/Makefile.in:
	Install sudo_plugin.h as part of "make install" and make other
	install targets callable from the top-level Makefile
	[b258b8401b1c]

	* plugins/sample/sample_plugin.c:
	The sample plugin doesn't support being run with no args so return a
	usage error in this case.
	[473b3cf965be]

	* plugins/sudoers/iolog.c:
	Set close on exec flag for descriptors used for I/O logging so they
	are not present in the command being run.
	[2c7e8708df76]

	* plugins/sudoers/tsgetgrpw.c:
	Set close on exec flag in private versions of setpwent() and
	setgrent().
	[64fef78cb833]

	* src/script.c:
	Close the I/O pipes aftering dup2()ing them to std{in,out,err}.
	Fixes extra fds being present in the command when it is part of a
	pipeline.
	[060451617713]

	* plugins/sudoers/sudoers.c:
	Set user_tty to "unknown" if there is no tty, like sudo 1.7 does (it
	is used when logging). Note that user_ttypath will still be NULL if
	there is no tty.
	[31b69a6ecda7]

	* src/script.c, src/sudo.h:
	Cosmetic changes: add comments, remove orphaned prototype and make a
	global static.
	[f7851af0143e]

2010-05-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/script.c:
	Move check for maxfd == -1 to flush_output where it belongs.
	[b826a95b4491]

	* src/script.c:
	Break out of select loop if all the fds we want to select on are -1.
	[f5b387024238]

	* src/sudo.c:
	Avoid possible malloc(0) if plugin returns an empty groups list.
	[9765a8fe5ce7]

	* src/sudo.c:
	Add debugging info when calling plugin close function
	[95a273c7ff66]

	* src/script.c:
	Avoid closing stdin/stdout/stderr when we are piping output.
	[330e76423caf]

	* src/script.c:
	When execve() of the command fails, it is possible to receive
	SIGCHLD before we've read the error status from the pipe. Re-order
	things such that we send the final status at the very end and prefer
	error status over wait status.
	[b0dcf825244f]

2010-05-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/auth/sudo_auth.c:
	Fix compilation for non PAM/BSD auth/AIX auth
	[e382b39d2e4f]

2010-05-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/script.c:
	Additional checks to make sure we don't close /dev/tty by mistake.
	When flushing, sleep in select as long as we have buffers that need
	to be written out.
	[8139cbd3dd54]

	* src/script.c:
	Now that we can use pipes for stdin/stdout/stderr there is no longer
	a need to error out when there is no tty. We just need to make sure
	we don't try to use the tty fd if it is -1.
	[666621635d26]

2010-05-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod,
	include/sudo_plugin.h, plugins/sample/sample_plugin.c,
	plugins/sudoers/iolog.c, plugins/sudoers/sudoers.h, src/sudo.c:
	Add argc and argv to I/O logger open function.
	[0d7faa007d27]

	* doc/sudo_plugin.man.in, doc/sudo_plugin.pod, include/sudo_plugin.h,
	plugins/sample/sample_plugin.c, plugins/sudoers/sudoers.c,
	src/parse_args.c, src/sudo.c, src/sudo_edit.c:
	Remove check_sudoedit function pointer in struct sudo_policy.
	Instead, sudo will set sudoedit=true in the settings array. The
	plugin should check for this and modify argv_out as appropriate in
	check_policy.
	[c0328e3276b8]

2010-05-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sample/sample_plugin.c, src/sudo.c, src/sudo.h,
	src/sudo_edit.c:
	If plugin sets "sudoedit=true" in the command info, enable sudoedit
	mode even if not invoked as sudoedit. This allows a plugin to enable
	sudoedit when the user runs an editor.
	[96d67b99e42e]

2010-05-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in:
	gram.h must not depend on gram.y if we want to avoid unnecessary
	rebuilding of targets dependent on gram.h when gram.y changes.
	[9db4b767fdca]

	* plugins/sample/sample_plugin.c:
	Refactor common bits of check_policy and check_edit
	[ac4d366a04cf]

	* plugins/sample/sample_plugin.c:
	Add sudoedit support
	[a1a6cc4c0cef]

2010-05-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in:
	Rely more on VPATH; fixes a dependency issue with the parser.
	[45e406ebdea2]

	* include/compat.h:
	Fix typo introduced in last commit
	[3ccb0f853d11]

	* include/compat.h:
	Emulate seteuid using setreuid() or setresuid() as needed. There are
	still a few places that call seteuid() directly.
	[36e8efa3a99d]

	* src/parse_args.c, src/sudo_edit.c:
	Attempt to fix building on systems that only have setuid.
	[8e9ba4083318]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod:
	Clarify sudoedit a tad.
	[d39dfaa14ade]

2010-05-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo_edit.c:
	Fix compilation on HP-UX
	[f6e47843d139]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod:
	Document sudoedit
	[4cbf5196d993]

	* plugins/sudoers/sudoers.c, src/sudo.c, src/sudo.h, src/sudo_edit.c:
	Change how we handle the sudoedit argv. We now require that there be
	a "--" in argv to separate the editor and any command line arguments
	from the files to be edited.
	[20623d549a3c]

	* include/sudo_plugin.h, plugins/sample/sample_plugin.c,
	plugins/sudoers/Makefile.in, plugins/sudoers/gettime.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sudoers.c,
	src/Makefile.in, src/gettime.c, src/parse_args.c, src/sudo.c,
	src/sudo.h, src/sudo_edit.c:
	Work in progress support for sudoedit. The actual interface used by
	the plugin for sudoedit is likely to change.
	[c31262a31997]

	* plugins/sudoers/find_path.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/visudo.c:
	Make find_path() a little more generic by not checking def_foo
	variables inside it. Instead, pass in ignore_dot as a function
	argument.
	[9c23101a094d]

	* plugins/sudoers/env.c:
	Add version of getenv(3) that uses our own environ pointer.
	[0e3783e63534]

2010-05-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/script.c:
	Avoid a potential race condition if SIGCHLD is received immediately
	before we call select().
	[99adc5ea7f0a]

	* plugins/sudoers/sudoers.c:
	Call env_init() before we open the sudoers sources as those may call
	our setenv() replacement.
	[5f82601f5ab0]

	* plugins/sudoers/env.c:
	Initialize env_len in env_init()
	[7ae02b3029b5]

2010-05-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.pod:
	Document time stamp shortcomings under SECURITY NOTES Use "time
	stamp" instead of timestamp.
	[2b86120815b2]

	* doc/Makefile.in:
	Make sed substitution of mansectsu and mansectform global.
	[94588632dba0]

	* plugins/sudoers/check.c:
	If the tty lives on a devpts filesystem, stash the ctime in the tty
	ticket file, as it is not updated when the tty is written to. This
	helps us determine when a tty has been reused without the user
	authenticating again with sudo.
	[0e62a31bceb0]

	* src/tgetpass.c:
	Fix pasto in mulitple signal fix and use _NSIG not NSIG since that
	is what our compat checks set.
	[df50f0a040c9]

	* configure, configure.in:
	Add check for whether sudo need to link with -ldl to get dlopen().
	This is a bit of a hack that will get reworked when libtool is
	updated.
	[63bdcf579533]

	* plugins/sudoers/check.c:
	Fix timestamp removal with -k/-K
	[6b4639fef973]

	* plugins/sudoers/Makefile.in:
	audit.c is now private to the sudoers plugin
	[1974f342ae0b]

	* configure, configure.in:
	Link with -lpthread on HP-UX since a plugin may be linked with
	-lpthread and dlopen() will fail if the shared object has a
	dependency on -lpthread but the main program is not linked with it.
	[d42139391263]

	* config.h.in, configure, configure.in, plugins/sudoers/set_perms.c:
	Add separate test for getresuid() since HP-UX has setresuid() but no
	getresuid().
	[910fe727a374]

	* doc/Makefile.in:
	Remove errant backslash
	[dd5464257c69]

	* src/script.c:
	Fix SIGPIPE handling. Now that we use may use pipes for stdin/stdout
	we need to pass any SIGPIPE we receive to the running command.
	[3f6b1991f4fd]

	* src/script.c:
	Also start the command in the background if stdin is not a tty.
	[d93bc33a3740]

2010-05-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoreplay.c, src/script.c, src/sudo.h, src/term.c:
	No need to use pseudo-cbreak mode now that we use pipes when stdout
	is not a tty. Instead, check whether stdin is a tty and if not,
	delay setting the tty to raw mode until the command tries to access
	it itself (and receives SIGTTIN or SIGTTOU).
	[e68315cf8c6b]

	* src/tgetpass.c:
	Use an array for signals received instead of a single variable so we
	don't lose any when there are multiple different signals.
	[2ac726dac864]

	* src/tgetpass.c:
	Do signal setup after turning off echo, not before. If we are using
	a tty but are not the foreground pgrp this will generate SIGTTOU so
	we want the default action to be taken (suspend process).
	[bebb6209c795]

2010-05-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/script.c:
	Flush the iobufs on suspend or child exit using the same logic as
	the main event loop.
	[c627feee1035]

	* src/script.c:
	Free memory after we are done with it.
	[8db9b611b45a]

2010-05-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/HISTORY:
	Quest now sponsors Sudo development
	[6cc490083bc7]

2010-05-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/Makefile.in:
	Install sudo_plugin man page.
	[c253729790b2]

	* src/script.c:
	Go back to reseting io_buffer offset and length (and now also the
	EOF handling) in the loop we do the FD_SET, not after we drain the
	buffer after write() since we don't know what order reads and writes
	will occur in.
	[5f38bfa8497f]

	* MANIFEST:
	audit files moved to sudoers plugin directory
	[b1ead182428e]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod:
	Document plugin_printf and new logging functions.
	[fe9430b60ab5]

	* src/script.c:
	Add support for logging stdin when it is not a tty. There is still a
	bug where "cat | sudo cat" has problems because both cat and sudo
	are trying to read from the tty.
	[04c9c59fcfba]

	* include/sudo_plugin.h, plugins/sample/sample_plugin.c,
	plugins/sudoers/sudoers.c, src/script.c:
	Add separate I/O logging functions for tty in/out and
	stdin/stdout/stderr. NOTE: stdin logging does not currently work and
	is disabled for now.
	[a36dfd4ca935]

2010-05-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/sudo_plugin.h, plugins/sample/sample_plugin.c,
	plugins/sudoers/iolog.c, plugins/sudoers/ldap.c,
	plugins/sudoers/logging.c, plugins/sudoers/plugin_error.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	src/conversation.c, src/sudo.c, src/sudo_plugin_int.h:
	Add pointer to a printf like function to plugin open functon. This
	can be used instead of the conversation function to display info and
	error messages.
	[98734eea8ef1]

	* Makefile.in:
	Stop if make in a subdir fails
	[228bb3ad2dbc]

	* src/script.c:
	Only set user's tty to blocking mode when doing the final flush.
	Flush pipes as well as pty master when the process is done.
	[20ff67218666]

2010-05-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	Use print_error() when displaying ldap config info in debugging
	mode.
	[d142e0cacb22]

	* compat/Makefile.in, compat/strdup.c, compat/strndup.c:
	No longer need strdup() or strndup() replacements.
	[df53697174ec]

	* plugins/sudoers/logging.c, plugins/sudoers/plugin_error.c,
	plugins/sudoers/sudoers.h:
	Add print_error() function that uses the conversation function to
	print a variable number of error strings and use it in log_error().
	[b1fa2861b575]

	* src/script.c, src/sudo.h, src/term.c:
	Do not need the opost flag to term_copy() now that we use pipes for
	stdout/stderr when they are not a tty.
	[f42811f70a19]

	* src/script.c:
	Use pipes to the sudo process if stdout or stderr is not a tty.
	Still needs some polishing and a decision as to whether it is
	desirable to add additonal entry points for logging
	stdout/stderr/stdin when they are not ttys. That would allow a
	replay program to keep things separate and to know whether the
	terminal needs to be in raw mode at replay time.
	[1a945e0ab2da]

2010-04-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in, plugins/sudoers/audit.c,
	plugins/sudoers/bsm_audit.c, plugins/sudoers/bsm_audit.h,
	src/audit.c, src/bsm_audit.c, src/bsm_audit.h:
	Move audit sources into the sudoers plugin dir; the driver does not
	use them.
	[50ec36422cd0]

	* compat/getline.c, compat/mksiglist.c, compat/nanosleep.c,
	compat/strdup.c, compat/strndup.c, plugins/sample/sample_plugin.c,
	plugins/sudoers/boottime.c, plugins/sudoers/getdate.c,
	plugins/sudoers/match.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/timestr.c, plugins/sudoers/vasgroups.c, src/alloc.c,
	src/atobool.c, src/audit.c, src/lbuf.c, src/list.c, src/sesh.c,
	src/term.c, src/ttysize.c:
	Use angle brackets when including headers that can only be found
	when an -I flag is specified. The files in the compat dir could get
	away with double quotes here but I've converted all the source files
	to use angle brackets for consistency.
	[9e30a8fc6d4b]

	* plugins/sudoers/Makefile.in:
	Add missing -I$(top_srcdir) to CPPFLAGS so includes in the compat
	dir can be found when building outside the source tree.
	[1150934b79dd]

	* plugins/sudoers/Makefile.in:
	Clean up links in distclean
	[78595028be8b]

	* plugins/sudoers/Makefile.in:
	Hack around VPATH semantic differences by symlinking files we need
	from ../../src into the current directory and build those. A better
	fix would be to either make a .a or .la file with those files in it
	or simply use a single, flat, Makefile instead of per-subdirs
	Makefiles.
	[892c332d3f05]

	* plugins/sudoers/Makefile.in, src/Makefile.in, src/fmt_string.c:
	fmt_string is used by the sudoers plugin too so do not include
	sudo.h (which is not really needed here anyway)
	[231c35e3941f]

	* compat/Makefile.in, plugins/sample/Makefile.in,
	plugins/sudoers/Makefile.in, src/Makefile.in:
	Fix building with non-BSD versions of make such as GNU make.
	Requires VPATH support, which should be in any non-neolithic make.
	[dc174f135919]

	* configure, configure.in, plugins/sudoers/Makefile.in,
	plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/sudoers.c,
	src/Makefile.in:
	Re-enable bsm audit. Currently auditing is done within the sudoers
	plugin itself. If possible, this should really be done in the main
	driver but we don't presently have the needed data to do that. This
	will be re-evaluated when Linux audit support is added.
	[1d05a3236bfe]

	* compat/Makefile.in, plugins/sample/Makefile.in,
	plugins/sudoers/Makefile.in, src/Makefile.in:
	Remove extraneous $srcdir and use more .c.lo and .c.o rules instead
	of explicit rules in the dependency.
	[88f80efd25f0]

	* plugins/sudoers/visudo.c:
	Fix mismerge; alias_remove_recursive() now returns int
	[6257a4849641]

2010-04-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/visudo.c:
	Fix a crash when checking a sudoers file that has aliases that
	reference themselves. Based on a diff from David Wood.
	[545d194484a7]

	* src/script.c:
	Print signal info after restoring the tty mode, not before.
	[a68618e67435]

	* src/script.c:
	Defer call to alarm() until after we fork the child. Pass correct
	pid to terminate_child() If the command exits due to signal, set
	alive to false like we do when it exits normally. Add missing check
	for errpipe[0] != -1 before using it in FD_ISSET
	[22f0a1549391]

2010-04-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/boottime.c:
	Use 1/0 instead of TRUE/FALSE so we don't need sudoers.h
	[0e627170c6e8]

2010-04-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/Makefile.in:
	Simplify dependencies by using .c.o and .c.lo rules.
	[6abcaef5d1ac]

	* configure, configure.in, plugins/sudoers/Makefile.in,
	src/Makefile.in:
	Substitute in @PROGS@ into src/Makefile to add sesh
	[cc46d3b6208f]

2010-04-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c:
	Add back calls to log_denial() if sudoers does not allow the
	command.
	[9783316207f0]

	* plugins/sudoers/sudoers.c:
	Pass in correct pwflag for list and validate.
	[973dd56d4b81]

	* plugins/sudoers/env.c:
	Add missing check for NULL in validate_env_vars
	[1d6eb6957824]

	* src/Makefile.in:
	Add sudo_noexec.la to "all" target, otherwise it only gets built at
	install time.
	[644a9694d2ef]

	* plugins/sudoers/sudoers.c:
	Only set sudo_user.env_vars if the env_add list is empty.
	[fccdf6f0e0e2]

	* plugins/sudoers/sudoers.c:
	Set sudo_user.env_vars so that environment variables specified on
	the command line get logged correctly.
	[9b51012c491e]

	* plugins/sudoers/env.c, plugins/sudoers/logging.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h:
	Re-enable environment files and setting environment variables on the
	command line.
	[5662d5645dbd]

2010-04-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/check.c:
	Fix typo in last commit (ifndef vs ifdef) Make sure we pass ctime()
	a pointer to time_t as tv_sec in struct timeval may be long.
	[4de0c46e788e]

	* plugins/sudoers/check.c:
	Don't stash ctime in on-disk tty ticket info for now; on many
	(most?) systems the ctime is updated when the tty is written to.
	Once I have a better idea of what systems do not update ctime on
	ttys (and have a way to test for this) the ctime stash will be
	conditionally re-enabled.
	[a90eeec0f648]

2010-04-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, Makefile.in:
	Add back "dist" target, this time using a MANIFEST file
	[29277c05499f]

	* Makefile.in:
	Remove Makefile in distclean target
	[83d695f4f450]

	* Makefile.in, src/Makefile.in:
	Update clean and cleandir targets
	[ad7b2afeb9c1]

	* include/fileops.h, plugins/sudoers/sudoers.h, src/fileops.c,
	src/sudo.h:
	Move fileops.c defines and prototypes to filesops.h
	[4545e9b6892d]

	* plugins/sudoers/check.c:
	Lock the tty timestamp when writing. We shouldn't have to lock when
	reading since the file is updated via a single write system call.
	[0c7276f02696]

2010-04-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/alias.c, plugins/sudoers/check.c,
	plugins/sudoers/defaults.c, plugins/sudoers/find_path.c,
	plugins/sudoers/getspwuid.c, plugins/sudoers/gettime.c,
	plugins/sudoers/goodpath.c, plugins/sudoers/interfaces.c,
	plugins/sudoers/iolog.c, plugins/sudoers/ldap.c,
	plugins/sudoers/logging.c, plugins/sudoers/match.c,
	plugins/sudoers/nonunix.h, plugins/sudoers/parse.c,
	plugins/sudoers/pwutil.c, plugins/sudoers/redblack.c,
	plugins/sudoers/sudo_nss.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/timestr.c, plugins/sudoers/tsgetgrpw.c,
	plugins/sudoers/vasgroups.c, plugins/sudoers/visudo.c:
	Convert to ANSI C function declarations
	[9c45def57cf7]

	* plugins/sudoers/sudoers.h:
	Remove extraneous bits and classify by source file.
	[e8ea9f109ebb]

	* include/compat.h:
	Add timercmp macro for systems without it
	[d3bf87b1d08e]

	* plugins/sudoers/boottime.c, plugins/sudoers/check.c,
	plugins/sudoers/sudoers.h:
	get_boottime() now fills in a timeval struct
	[3573c3f44e11]

	* plugins/sudoers/check.c:
	Store info from stat(2)ing the tty in the tty ticket when tty
	tickets are in use. On most systems, this closes the loophole
	whereby a user can log out of a tty, log back in and still have the
	timestamp be valid.
	[53380f9f5242]

	* config.h.in, configure.in:
	Add timespec2timeval and use it when getting ctime/mtime
	[4cb7f7caec2c]

2010-04-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/set_perms.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/testsudoers.c:
	Convert perm setting to push/pop model; still needs some work Use
	the stashed runas groups instead of using getgrouplist() Reset perms
	to the initial value on error
	[09c072ebde8b]

	* config.h.in, configure.in:
	fix ctim_get and mtim_get macros
	[58773dc1e360]

	* config.h.in, configure, configure.in, include/compat.h,
	plugins/sudoers/check.c, plugins/sudoers/gettime.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/visudo.c, src/fileops.c:
	Use timeval directly instead of converting to timespec when dealing
	with file times and time of day.
	[a0ce1ae00a67]

	* plugins/sudoers/Makefile.in:
	Don't like sudoreplay with libsudoers.la due to a yacc symbol
	conflict.
	[f1a59cc63a15]

2010-04-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Darwin >= 9.x has real setreuid(2)
	[7ec942a64275]

2010-04-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/env.c, plugins/sudoers/sudoers.h:
	Ansify env.c
	[f58551bad10a]

	* plugins/sudoers/env.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	Remove remaining references to the environ pointer.
	[96faa530816a]

2010-04-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.in, plugins/sudoers/env.c:
	Don't change the environ directly in the sudoers plugin
	[6db48ed3f7e0]

2010-04-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c:
	Fix typo
	[4aa452b07f8f]

	* plugins/sudoers/alias.c:
	Fix use after free in error message when a duplicate alias exists.
	[ce1d2812ee34]

2010-04-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod,
	src/parse_args.c:
	Add a "noninteractive" boolean to the settings passed in to the
	plugin's open function that is set when the user specifies the -n
	flag.
	[68f8d9d6d4d0]

	* config.h.in, configure, configure.in, plugins/sudoers/env.c:
	Add workaround for the lack of the environ pointer on Mac OS X in
	dlopen()ed modules. Use of environ in the sudoers plugin should
	ultimately be removed but this will do for the moment.
	[80c61647434f]

	* plugins/sudoers/visudo.c:
	Set errorfile to the sudoers path if we set parse_error manually.
	This prevents a NULL dereference in printf() when checking a sudoers
	file in strict mode when alias errors are present.
	[45e249ca99f7]

	* plugins/sudoers/sudoers.c:
	Main sudo no longer print "unable to execute" on exec failure so do
	it here.
	[50aaf62b43b5]

2010-04-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/script.c:
	Use a pipe to pass back errno to the parent if execve() fails. If we
	get an error in script_child(), kill the command and exit.
	[dc3bf870f91b]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod,
	src/parse_args.c, src/sudo.c:
	Handle plugin's open function returning -2 (usage error).
	[aadf900c1de8]

	* src/script.c:
	If execve() fails, leave it to the plugin to print an error string.
	[e25748f2d5b9]

	* src/script.c:
	If execve fails in logging mode, pass the errno directly to the
	grandparent on the backchannel and exit. The immediate parent will
	get SIGCHLD and try to report that status but its parent will no
	longer be listening. It would probably be cleaner to pass this over
	a pipe in script_child().
	[cb122acc81a8]

	* plugins/sudoers/sudoers.c:
	Don't override rval with results of check_user() unless it failed.
	[46fb7e87ac7d]

2010-04-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.pod:
	Fix typo
	[ccd0b693f3da]

	* src/parse_args.c:
	NULL-terminate env_add
	[2c534368a0c3]

2010-04-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo.c:
	Call the I/O log open function before the I/O version function.
	[e88bf898990b]

	* plugins/sudoers/iolog.c:
	Remove io_conv and just use sudo_conv
	[a280052468eb]

	* plugins/sudoers/set_perms.c:
	Fix set/restore perms for systems w/o setresuid
	[4160517f6666]

2010-04-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/check.c, plugins/sudoers/logging.c,
	plugins/sudoers/parse.c, plugins/sudoers/set_perms.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h:
	Primitive set/restore permissions. Will be replaced by a push/pop
	model.
	[aae102290866]

	* src/script.c:
	Only need to take action on SIGCHLD in parent if no I/O logger. If
	there is an I/O logger we will receive ECONNRESET or EPIPE when we
	try to read from the socketpair.
	[e1e4560401f6]

2010-04-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/memrchr.c, doc/sudoers.cat, doc/sudoers.man.in,
	doc/sudoers.pod, plugins/sudoers/find_path.c:
	Merge fb4d571495fa from the 1.7 branch to trunk.
	[c8fb424ad4d2]

2010-04-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/script.c:
	Don't set SA_RESTART when registering SIGALRM handler. Do set
	SA_RESTART when registering SIGWINCH handler.
	[173472b76525]

	* doc/Makefile.in:
	Add dev targets for *.man.in and *.cat that don't specfify the
	$(srcdir) prefix.
	[b62f425da2e4]

	* src/script.c:
	If log_input or log_output returns false, terminate the command.
	[074f4c0c34a0]

	* src/script.c:
	Better signal handling. Instead of using a single variable to store
	the received signal, use an array so we can't lose a signal when
	multiple are sent. Fix process termination by SIGALRM in non-I/O
	logger mode. Fix relaying terminal signals to the child in non-I/O
	logger mode.
	[7a4723aca99d]

	* src/script.c:
	Fix a race between when we get the child pid in the parent and when
	the child process exits. The problem exhibited as a hang after a
	short-lived process, e.g. "sudo id" when no IO logger was enabled.
	[80bcc0aca70b]

2010-04-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.pod:
	Add a note about the security implications of the fast_glob option.
	[c37a92ab7c93]

2010-04-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.in:
	Fix up some AC_DEFINE descriptions and regen config.h.in
	[f4655adc0db3]

2010-04-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/missing.h:
	No longer check for strdup or strndup for LIBOBJ replacement.
	[fdc764ee8109]

	* src/script.c:
	Avoid installing signal handlers that are io-logger specific. Fixes
	job control when no io logger is enabled.
	[0853dd0906d4]

	* doc/Makefile.in:
	Only regen man pages from pod when configured with --with-devel
	[ab1995f8103d]

2010-04-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile, Makefile.in, configure, configure.in:
	Top-level Makefile.in. Nothing is currently substituted but this is
	needed for separate build dirs.
	[e80873cbd201]

	* compat/Makefile.in, doc/Makefile.in, plugins/sample/Makefile.in,
	plugins/sudoers/Makefile.in, src/Makefile.in:
	Fix out-of-tree builds
	[59a35bef07b8]

	* Merge
	[386b848047e9]

	* doc/Makefile.in:
	We always install sudoreplay in 1.8
	[ce52ba6617c9]

2010-04-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/siglist.in:
	SIGPOLL is sometimes the same as SIGIO (like on HP-UX)
	[6d69e1b05faf]

2010-04-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	No need to provide strdup() or strndup(), sudo uses estrdup() and
	estrndup()
	[57ec23b72958]

2010-04-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog.c, plugins/sudoers/sudoers.c:
	Free str after using it in the version method. Use sudo_conv, not
	io_conv since we don't have the IO conversation function pointer in
	the I/O version method anymore now that io_open is delayed.
	[f2ed132adeb0]

2010-04-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/Makefile.in, compat/mksiglist.c, compat/mksiglist.h,
	compat/siglist.in:
	Add license to mksiglist.c and note that the bits from pdksh are
	public domain
	[d8121a2467e8]

	* compat/Makefile.in:
	Fix LIBOBJDIR vs. srcdir wrt the siglist bits
	[164160148421]

	* plugins/sudoers/Makefile.in:
	Add sudoreplay testsudoers and visudo to clean target
	[138a17e51c0c]

	* compat/Makefile.in, compat/mksiglist.c, compat/mksiglist.h,
	compat/siglist.in, compat/strsignal.c, configure, configure.in,
	include/missing.h, src/script.c:
	Create our own sys_siglist for systems without it for use by
	strsignal()
	[2e5da011ebc3]

	* compat/Makefile.in:
	Remove duplicate $(LIBOBJDIR)
	[adf9abc9432f]

2010-04-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c, src/sudo.c, src/sudo_edit.c:
	Main sudo should not block signals; the plugin should do this in
	check_policy.
	[3f3736a7c5ed]

2010-03-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/script.c:
	Fix a sizeof(ptr) vs. sizeof(*ptr)
	[aa1bcf5afcce]

	* src/script.c:
	Unlike most operating systems, HP-UX select() is not interrupted by
	SIGCHLD when the signal is registered with SA_RESTART. If we clear
	SA_RESTART when calling sigaction() for SIGCHLD we get the expected
	behavior and the code in the select() loops already handles EINTR
	correctly.
	[9eba0115e35a]

	* compat/getprogname.c:
	progname should be const
	[130228f062b7]

	* plugins/sudoers/Makefile.in:
	Move --tag=disable-static to when we link sudoers.la, not when we
	install.
	[ceb5e6c3b78b]

	* src/load_plugins.c:
	Load the sudoers I/O plugin by default too now that it is hooked up.
	[ea38befd0742]

2010-03-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/pty.c:
	It looks like AIX doesn't need to push STREAMS modules for ptys.
	[22da618ba0a1]

2010-03-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/parse_args.c, src/sudo.c:
	Delay calling the I/O plugin open function until the policy plugin
	returns success.
	[f3297c325b48]

2010-03-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in, plugins/sudoers/iolog.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	Add back io logging (transcript) support. Currently, the open
	function runs too early and it is not possible to use the io module
	independently of the policy module.
	[9bd932f66226]

	* plugins/sudoers/set_perms.c:
	Comment out dead code; will be removed when set_perms is rewritten.
	[af7a995284f8]

2010-03-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c:
	Fix off by one error when allocating user_groups.
	[6281fcf9c3bb]

2010-03-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in, plugins/sudoers/Makefile.in:
	Add REPLAY_LIBS for sudoreplay and add -lrt to it on Solaris.
	[fbce3e9eda3a]

	* plugins/sudoers/sudoers.c:
	Fix typo in preserve groups case
	[1fd72024fb5a]

	* plugins/sudoers/sudoers.c:
	In command_info it is "runas_groups" not "groups".
	[5c64dce4f285]

	* src/sudo.c:
	Fix iteration over runas_groups list.
	[b3c45a0cd643]

	* configure, configure.in, plugins/sudoers/env.c,
	plugins/sudoers/match.c, src/script.c:
	Merge 5177a284b9ff 549f8f7c2463 88f3181692fe from 1.7 branch.
	[a8108a0776c2]

	* compat/getgrouplist.c:
	getgrouplist(3) for those without it
	[4ab4d21e3b16]

	* plugins/sudoers/sudoers.c:
	Set preserve_groups or groups list in command_info
	[1266119ad654]

	* src/sudo.c:
	Fix setting of groups list
	[e75315e40bd4]

	* config.h.in, configure, configure.in, include/compat.h,
	include/missing.h:
	Add checks for getgrset and getgrouplist and use replacement
	getgrouplist if the system doesn't support it.
	[a62b8ba50863]

	* src/parse_args.c:
	Pass in preserve_groups when the -P flag is specified as per the
	design
	[7420c5d15474]

	* plugins/sudoers/sudoers.c:
	Check preserve_groups and ignore_ticket args with atobool instead of
	assuming they are true if present.
	[71c905702697]

2010-03-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in, plugins/sudoers/error.c,
	plugins/sudoers/plugin_error.c:
	Rename plugin-specific error.c to plugin_error.c Wire up visudo,
	sudoreplay and testsudoers in the build
	[9d581d5fa4d4]

	* src/Makefile.in, src/term.c:
	term.c does not needto include sudo.h
	[f6683cdcd2dd]

	* TODO, doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.pod:
	Document the -2 return in the check_policy section too
	[e9cb4c34bbcf]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	src/parse_args.c, src/sudo.c, src/sudo.h:
	Fix the -s and -i flags and add support for the "implied_shell"
	option. If the user does not specify a command, sudo will now pass
	in the path to the user's shell and set impied_shell=true. The
	plugin can them either check the command normally or return -2 to
	cause sudo to print a usage message and exit.
	[bf889c38f229]

2010-03-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.in, src/load_plugins.c:
	Bring back SUDOERS_PLUGIN but add .dylib -> .so conversion for
	Darwin where libraries end in .dylib but modules end in .so
	[2c56aaa38e21]

	* plugins/sudoers/parse.c:
	Better prefix determination now that we can't rely on len==0 to tell
	the beginning on an entry.
	[622bf18179e9]

	* plugins/sudoers/ldap.c:
	display_bound_defaults() stub should return 0, not 1 since it is a
	count, not a boolean.
	[0327a6c3d55d]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod:
	Document progname in settings
	[42031d56a2e3]

	* compat/getprogname.c, include/compat.h,
	plugins/sample/sample_plugin.c, plugins/sudoers/sudoers.c,
	src/parse_args.c, src/sudo.c:
	Rewrite compat/getprogname.c and add setprogname(). The progname is
	now passed to the plugin via the settings array.
	[25d8663e6006]

	* configure, configure.in, plugins/sudoers/Makefile.in:
	Fix --with-ldap
	[b64b633f426d]

	* plugins/sudoers/sudo_nss.c:
	Add missing whitespace for Runas and Command-specific defaults
	[65f4ddf5545e]

	* plugins/sudoers/ldap.c, plugins/sudoers/parse.c,
	plugins/sudoers/sudo_nss.c:
	Use embedded newlines in lbuf instead of multiple calls to
	lbuf_print.
	[eed3af9cc3e1]

	* src/lbuf.c:
	Add support for embedded newlines.
	[e11f79b18deb]

2010-03-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/getprogname.c:
	If system doesn't support getprogname or __programe and we are
	building a shared object don't bother with Argc/Argv, just return
	"sudo"
	[aebde9062be7]

	* config.h.in, configure, configure.in, src/load_plugins.c:
	Hard-code sudoers.so instead of using SUDOERS_PLUGIN since libtool
	appears to always install a shared object with the .so suffix.
	[f9bbd0c0e9d3]

	* compat/Makefile.in, configure, configure.in,
	plugins/sample/Makefile.in, plugins/sudoers/Makefile.in,
	src/Makefile.in:
	Play more nicely with libtool and let it build libreplace (was
	libmissing) for us.
	[a4c6ebb2495c]

	* include/missing.h:
	Include stdarg.h for va_list rather than requiring all consumers of
	missing.h to include stdarg.h themselves.
	[37382df948de]

	* include/lbuf.h, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/check.c, plugins/sudoers/sudo_nss.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h, src/lbuf.c,
	src/parse_args.c:
	Pass in output function to lbuf_init() instead of writing to stdout.
	A side effect is that the usage info can now go to stderr as it
	should.
	[6d261261a072]

2010-03-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/lbuf.h, plugins/sudoers/sudo_nss.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h, src/lbuf.c,
	src/parse_args.c, src/sudo.c:
	Use number of tty columns that is passed in user_info instead of
	getting it directly in the lbuf code.
	[8a16635c2638]

	* plugins/sudoers/alias.c, plugins/sudoers/auth/dce.c,
	plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/sia.c, plugins/sudoers/auth/sudo_auth.h,
	plugins/sudoers/check.c, plugins/sudoers/defaults.c,
	plugins/sudoers/defaults.h, plugins/sudoers/env.c,
	plugins/sudoers/getdate.c, plugins/sudoers/getdate.y,
	plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/interfaces.h, plugins/sudoers/logging.c,
	plugins/sudoers/logging.h, plugins/sudoers/match.c,
	plugins/sudoers/mon_systrace.h, plugins/sudoers/parse.c,
	plugins/sudoers/parse.h, plugins/sudoers/pwutil.c,
	plugins/sudoers/redblack.c, plugins/sudoers/redblack.h,
	plugins/sudoers/set_perms.c, plugins/sudoers/sudo_nss.h,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/timestr.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l, plugins/sudoers/tsgetgrpw.c,
	plugins/sudoers/visudo.c:
	Kill __P in sudoers
	[63601e6cb171]

	* config.h.in, configure, configure.in, src/load_plugins.c:
	Set the sudoers plugin name in configure so we get the extension
	right.
	[edad89924cd1]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod:
	Document lines/cols in user_info
	[a808872394f3]

	* src/Makefile.in, src/sudo.c, src/sudo.h, src/ttysize.c:
	Add tty size to user info
	[23f3d27e77a7]

	* src/script.c:
	Use TIOCGSIZE/TIOCSSIZE instead of TIOCGWINSZ/TIOCSWINSZ
	[a2208dd09051]

2010-03-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c:
	Kill dead code Add missing sigsetjmp in sudo_policy_invalidate Error
	out if we fail to lookup the user's name that is passed in
	[e4e3728ed482]

	* plugins/sudoers/error.c:
	Pass the error value back via siglongjmp.
	[667b8ad575ce]

	* plugins/sudoers/check.c:
	Use conversation function for lecture.
	[1ab4719f509b]

	* plugins/sudoers/check.c:
	Don't update ticket file if verify_user returns FALSE.
	[2bbc46a39a2b]

2010-03-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c, src/sudo.c:
	Wire up invalidate and validate methods for sudoers
	[c0630c7bca47]

	* plugins/sudoers/check.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	Add support for -k flag with a command.
	[edad239b098b]

	* src/parse_args.c:
	Allow -k to be specified with a command.
	[43a45add9974]

	* plugins/sudoers/sudoers.c:
	Wire up policy_list
	[27cc35699eca]

	* plugins/sudoers/error.c:
	Add newline at the end of message and space after the colon in
	warning message
	[5a591aa8e744]

	* plugins/sudoers/auth/sudo_auth.c:
	Add missing newline after pass password warning
	[337dba3870a7]

	* plugins/sudoers/sudoers.c:
	Set user_groups and user_ngroups based on user_info
	[61bee85128c8]

	* plugins/sudoers/error.c:
	Make this compile
	[7041c441e1c8]

	* plugins/sudoers/error.c, plugins/sudoers/sudoers.c:
	Make _warning in error.c use the conversation function and remove
	commented out warning/warningx in sudoers.c.
	[7c9b09024b63]

	* plugins/sudoers/logging.c:
	Use siglongjmp() in log_error for fatal errors
	[b50e26f1c73f]

	* plugins/sample/Makefile.in, plugins/sudoers/Makefile.in:
	Quiet a libtool warning
	[b2331fb006bc]

	* Makefile:
	Build sudoers plugin
	[5cdf06e66978]

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y:
	Use warningx in yyerror() so the conversation function gets used
	when built as part of sudoers.
	[85f964215eef]

2010-03-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/auth/pam.c:
	Rename sudo_conv to conversation to avoid a namespace conflict.
	[1ad359d36be9]

	* plugins/sudoers/Makefile.in, plugins/sudoers/alias.c,
	plugins/sudoers/auth/afs.c, plugins/sudoers/auth/aix_auth.c,
	plugins/sudoers/auth/bsdauth.c, plugins/sudoers/auth/dce.c,
	plugins/sudoers/auth/fwtk.c, plugins/sudoers/auth/kerb4.c,
	plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/rfc1938.c,
	plugins/sudoers/auth/secureware.c, plugins/sudoers/auth/securid.c,
	plugins/sudoers/auth/securid5.c, plugins/sudoers/auth/sia.c,
	plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/auth/sudo_auth.h,
	plugins/sudoers/check.c, plugins/sudoers/defaults.c,
	plugins/sudoers/env.c, plugins/sudoers/error.c,
	plugins/sudoers/find_path.c, plugins/sudoers/getspwuid.c,
	plugins/sudoers/goodpath.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/interfaces.c,
	plugins/sudoers/ldap.c, plugins/sudoers/logging.c,
	plugins/sudoers/match.c, plugins/sudoers/mon_systrace.c,
	plugins/sudoers/parse.c, plugins/sudoers/pwutil.c,
	plugins/sudoers/redblack.c, plugins/sudoers/set_perms.c,
	plugins/sudoers/sudo_nss.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/testsudoers.c,
	plugins/sudoers/toke.c, plugins/sudoers/tsgetgrpw.c,
	plugins/sudoers/vasgroups.c, plugins/sudoers/visudo.c:
	Initial bits of sudoers plugin; still needs work.
	[af2a2c59a952]

	* config.h.in:
	Add HAVE_STRDUP and HAVE_STRNDUP
	[50a3c0dd510f]

	* compat/Makefile.in, configure, configure.in:
	Build libmissing in two flavors (one PIC one non-PIC) and link with
	the appropriate one.
	[b62f411a4c18]

	* Makefile, compat/fnmatch.c, compat/glob.c, compat/nanosleep.c,
	compat/utimes.c, plugins/sample/Makefile.in, src/Makefile.in:
	Build libmissing in two flavors (one PIC one non-PIC) and link with
	the appropriate one.
	[e1e04972b5fe]

2010-03-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/missing.h:
	Add strdup and strndup and fix strsignal
	[c159babe2896]

2010-03-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/strdup.c, compat/strndup.c, configure, configure.in,
	plugins/sample/Makefile.in, src/Makefile.in:
	Add strdup and strndup to compat
	[25c9fd399a4d]

	* plugins/sample/sample_plugin.c:
	Need to include compat.h before missing.h
	[c94f7aad380f]

	* compat/strsignal.c:
	Must check HAVE_DECL_SYS_SIGLIST == 1 (not just if defined) since if
	it doesn't exist configure will set it to 0.
	[384580566389]

	* compat/glob.c:
	Fix botched ANSI C coversion of globexp2()
	[4a344b8cbe49]

	* configure, configure.in:
	Remove redundant getgroups check
	[0b16ec210c81]

	* configure, configure.in, src/lbuf.c, src/script.c, src/term.c:
	Require either termios or termio, no more sgtty.
	[9b2fa2f17a1c]

	* compat/strsignal.c, config.h.in, configure, configure.in:
	Change the sys_siglist check to use AC_CHECK_DECLS and also check
	for _sys_siglist and__sys_siglist
	[2e078fed2408]

2010-03-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in, src/Makefile.in:
	Change SUDO_LDFLAGS to SUDOERS_LDFLAGS and add SUDOERS_OBJS. We now
	use SUDO_OBJS for the main driver as part of OBJS.
	[9ae4a80a5ade]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod:
	Mention in the conversation function section that a newline is not
	implicit.
	[04a233b6c491]

	* include/compat.h:
	Add definition of WCOREDUMP for systems without it. This is known to
	work on AIX and SunOS 4, but may be incorrect on other systems that
	lack WCOREDUMP.
	[c85b3ce6b77d]

2010-03-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sample/sample_plugin.c, src/conversation.c:
	conversation function no longer puts a newline at the end of info or
	error messages.
	[c534cae1ac4a]

2010-03-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/script.c:
	Use parent process group id instead of parent process id when
	checking foreground status and suspending parent. Fixes an issue
	when running commands under /usr/bin/time and others.
	[564f528c3bb7]

2010-03-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* aclocal.m4:
	transcript option is now --with not --enable
	[0646fac4cf93]

	* plugins/sample/sample_plugin.c:
	Add support to -u and -g flags Check fmt_string retval Add timeout
	for debugging purposes
	[cfefa4fa60b5]

	* src/script.c, src/sudo.c:
	Wire up SIGALRM handler Set close on exec flag for child side of the
	socketpair Fix signal handling when not doing I/O logging
	[379581ec7272]

	* src/sudo.c:
	g/c unused SIGCHLD handler
	[0afa03912dce]

	* src/fmt_string.c, src/parse_args.c, src/sudo.c:
	Don't use emalloc() in fmt_string(); we want to be able to use it
	from a plugin.
	[ade64d368147]

	* include/list.h:
	tq_remove not list_remove
	[0e0e1fd5c31c]

	* configure, configure.in:
	AUTH_OBJS should contain .lo files not .o files.
	[c64c82c9d5a2]

2010-03-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/parse_args.c:
	Simplify conversion of command line args to name=value pairs.
	[75ab127c6a94]

	* plugins/sample/sample_plugin.c:
	Handle NULL reply from conversation function
	[6ce09b6cb204]

	* compat/getline.c:
	Don't depend on emalloc/erealloc
	[73df09e2109f]

	* plugins/sample/Makefile.in:
	Use $(OBJS) instead of sample_plugin.lo
	[2d995db9aa99]

	* plugins/sample/sample_plugin.c:
	runas_user is in settings not user_info
	[7ee12068bc57]

	* src/parse_args.c:
	Fix a mismatch between sudo_settings and settings_pairs that causes
	some settings to get the wrong values.
	[b1bc6d81a65f]

2010-03-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/Makefile.in, src/aix.c, src/alloc.c, src/atobool.c, src/error.c,
	src/fileops.c, src/lbuf.c, src/list.c, src/pty.c, src/sesh.c,
	src/sudo.c, src/sudo_edit.c, src/term.c, src/zero_bytes.c:
	Convert to ANSI C
	[d03b6e4a3b75]

	* src/load_plugins.c:
	Fix strlcpy() return value check.
	[7cd66999a374]

	* INSTALL, configure, configure.in:
	No longer need to substitute in script.o and pty.o; I/O logging
	support is always built.
	[45250024c5dc]

2010-02-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/script.c:
	Add fallback to /bin/sh when execve() fails with ENOEXEC.
	[7684a15a1352]

	* include/alloc.h, src/alloc.c:
	Add estrndup()
	[47621c83bed9]

2010-02-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/script.c, src/sudo.c:
	Refactor script_execve() a bit so that it can be used in non-script
	mode. Needs more cleanup.
	[f09e022d547c]

	* src/sudo.c:
	Ignore empty entries in command_info list
	[1eea9a8de21c]

	* include/list.h, src/list.c:
	Add tq_remove
	[40908a617cb2]

	* src/conversation.c:
	Pass timeout to tgetpass()
	[9e66c918b771]

	* Makefile:
	Add ChangeLog target
	[da4a39150838]

	* README, WHATSNEW:
	Bump version and update things slightly for sudo 1.8.0
	[4b73cc45e2d4]

	* configure, configure.in:
	Sudo now requires an ANSI/ISO C compiler
	[1e51f72e6964]

	* src/alloc.c, src/audit.c, src/error.c, src/lbuf.c,
	src/sudo_noexec.c:
	Convert to ANSI C
	[5cbd315dbde8]

	* include/alloc.h, include/compat.h, include/error.h, include/lbuf.h,
	include/list.h, include/missing.h:
	Convert to ANSI C
	[3f5016ff64f4]

	* compat/charclass.h, compat/closefrom.c, compat/fnmatch.c,
	compat/fnmatch.h, compat/getcwd.c, compat/getline.c,
	compat/getprogname.c, compat/glob.c, compat/glob.h,
	compat/isblank.c, compat/memrchr.c, compat/mkstemp.c,
	compat/nanosleep.c, compat/sigaction.c, compat/snprintf.c,
	compat/strcasecmp.c, compat/strerror.c, compat/strlcat.c,
	compat/strlcpy.c, compat/strsignal.c, compat/utime.h,
	compat/utimes.c:
	Convert to ANSI C
	[0d635c85461c]

2010-02-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo.c, src/tgetpass.c:
	Make user_details extern so tgetpass can get at the uid and gid. Set
	uid/gid to user before executing askpass program. Check environment
	for SUDO_ASKPASS and use that if set. TODO: a way for the policy to
	set the askpass program itself
	[d33606396176]

	* src/sudo.c:
	No longer need sudo_usage.h in sudo.c
	[063e2946c382]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.pod, doc/sudo_plugin.man.in,
	doc/sudo_plugin.pod, src/Makefile.in, src/parse_args.c,
	src/sudo_usage.h.in:
	Document -D level command line flag which maps to the debug_level
	setting.
	[61f1e2ab3ac1]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod:
	Document debug_level in plugin doc. Still need to document the -D
	flag in sudo itself.
	[8c62daea3e9b]

2010-02-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sample/sample_plugin.c:
	include missing,h for vasprintf
	[92503de49b39]

	* doc/Makefile.in, doc/plugin.pod, doc/sudo_plugin.cat,
	doc/sudo_plugin.man.in, doc/sudo_plugin.pod:
	Rename plugin.pod -> sudo_plugin.pod and wire into Makefile
	[14cfb4775238]

	* plugins/sample/sample_plugin.c:
	Need to include limits.h
	[bda7f74343d2]

	* compat/glob.c:
	No more sudo_getpw*
	[232e52907634]

	* plugins/sample/Makefile.in, src/Makefile.in:
	Add missing compat bits
	[4843dd000e08]

	* compat/closefrom.c, compat/mkstemp.c, plugins/sample/Makefile.in:
	compat files should not include sudo.h wire up compat in sample
	plugin
	[a175b8185e0f]

	* Makefile, configure, configure.in, doc/Makefile.in, src/Makefile.in:
	Fix up compat dependencies. Fix distclean target in doc/Makefile.in
	[57e49bc20857]

	* configure, configure.in:
	Fix typo
	[333655e3d5fe]

	* plugins/sample/sample_plugin.c:
	Log input and output to temp files for proof of concept.
	[ae1dfc34f7d6]

	* Makefile, configure, configure.in, doc/Makefile.in:
	Add doc Makefile.in and wire it up
	[6a310443c87d]

	* src/script.c:
	Handle SIGSTOP in addition to SIGTSTP. Fixes a problem with
	suspending a shell with the "suspend" builtint.
	[3d65f182819a]

	* src/script.c:
	In child, handle parent side of the pipe going away.
	[a29c14d78cd9]

	* src/script.c:
	No longer need to check for explicit death of the child (process #2)
	since if it dies we will get EPIPE from the socketpair. Fix a
	sizeof() that was causing a spurious error. Convert SCRIPT_DEBUG to
	sudo_debug.
	[24c55dd4ff60]

	* src/sudo.c:
	Make sudo_debug do a single vfprintf() which will result in a single
	write call on most systems. Avoids problems with interleaved debug
	printf from different processes. Also remove an extraneous error
	case since recv() can't return a short read and add some more XXX.
	[b37a8533ef1e]

2010-02-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/script.c:
	Fix uninitialized variable.
	[e012a0a30890]

	* src/Makefile.in:
	Fix sudo install target
	[1417fa4b4ab9]

	* src/parse_args.c, src/sudo.c, src/sudo.h:
	Wire up debug_level
	[144fab289c73]

	* src/Makefile.in:
	Fix dependencies
	[5170940af2ce]

	* configure, configure.in:
	Fix setting of plugin dir
	[144eda170a72]

	* Makefile:
	add clean targets
	[d53f6f6f5c3a]

	* src/atobool.c:
	Add missing source for sudo front end
	[42487de9c489]

	* plugins/sample/Makefile.in, plugins/sample/sample_plugin.c:
	Sample plugin demonstrating the sudo plugin API
	[f1fd62d7644f]

	* Makefile, configure, configure.in, install-sh, pathnames.h.in,
	plugins/sudoers/install-sh, src/Makefile.in, src/conversation.c,
	src/fileops.c, src/fmt_string.c, src/load_plugins.c,
	src/parse_args.c, src/pty.c, src/script.c, src/sudo.c, src/sudo.h,
	src/sudo_plugin_int.h, src/sudo_usage.h.in, src/tgetpass.c,
	sudo_usage.h.in:
	Modular sudo front-end which loads policy and I/O plugins that do
	most the actual work. Currently relies on dynamic loading using
	dlopen(). See doc/plugin.pod for the plugin API.
	[924f6eb2fbba]

	* doc/plugin.pod, include/sudo_plugin.h:
	Sudo plugin API
	[374ccbbd24ae]

	* compat/fnmatch.c, compat/glob.c, compat/nanosleep.c,
	compat/utimes.c, plugins/sudoers/check.c, plugins/sudoers/gettime.c,
	plugins/sudoers/match.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c,
	src/fileops.c, src/sudo_edit.c:
	Replace emul/include.h with compat/include.h to match new source
	tree layout.
	[7eccd10449a1]

	* src/lbuf.c:
	Include missing.h for memrchr() proto
	[03abd63a8a33]

	* HISTORY, LICENSE, Makefile.binary.in, Makefile.in, PORTING,
	TROUBLESHOOTING, UPGRADE, aix.c, aixcrypt.exp, alias.c, alloc.c,
	alloc.h, audit.c, auth/API, auth/afs.c, auth/aix_auth.c,
	auth/bsdauth.c, auth/dce.c, auth/fwtk.c, auth/kerb4.c, auth/kerb5.c,
	auth/pam.c, auth/passwd.c, auth/rfc1938.c, auth/secureware.c,
	auth/securid.c, auth/securid5.c, auth/sia.c, auth/sudo_auth.c,
	auth/sudo_auth.h, boottime.c, bsm_audit.c, bsm_audit.h, check.c,
	closefrom.c, compat.h, compat/charclass.h, compat/closefrom.c,
	compat/fnmatch.c, compat/fnmatch.h, compat/getcwd.c,
	compat/getline.c, compat/getprogname.c, compat/glob.c,
	compat/glob.h, compat/isblank.c, compat/memrchr.c, compat/mkstemp.c,
	compat/nanosleep.c, compat/sigaction.c, compat/snprintf.c,
	compat/strcasecmp.c, compat/strerror.c, compat/strlcat.c,
	compat/strlcpy.c, compat/strsignal.c, compat/timespec.h,
	compat/utime.h, compat/utimes.c, def_data.c, def_data.h,
	def_data.in, defaults.c, defaults.h, doc/HISTORY, doc/LICENSE,
	doc/PORTING, doc/TROUBLESHOOTING, doc/UPGRADE, doc/history.pod,
	doc/license.pod, doc/sample.pam, doc/sample.sudoers,
	doc/sample.syslog.conf, doc/schema.ActiveDirectory,
	doc/schema.OpenLDAP, doc/schema.iPlanet, doc/sudo.cat,
	doc/sudo.man.in, doc/sudo.man.pl, doc/sudo.pod, doc/sudoers.cat,
	doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in, doc/sudoers.ldap.pod,
	doc/sudoers.man.in, doc/sudoers.man.pl, doc/sudoers.pod,
	doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/sudoreplay.pod,
	doc/visudo.cat, doc/visudo.man.in, doc/visudo.pod, emul/charclass.h,
	emul/fnmatch.h, emul/glob.h, emul/timespec.h, emul/utime.h, env.c,
	error.c, error.h, fileops.c, find_path.c, fnmatch.c, getcwd.c,
	getdate.c, getdate.y, getline.c, getprogname.c, getspwuid.c,
	gettime.c, glob.c, goodpath.c, gram.c, gram.h, gram.y, history.pod,
	include/alloc.h, include/compat.h, include/error.h, include/lbuf.h,
	include/list.h, include/missing.h, ins_2001.h, ins_classic.h,
	ins_csops.h, ins_goons.h, install-sh, insults.h, interfaces.c,
	interfaces.h, isblank.c, lbuf.c, lbuf.h, ldap.c, license.pod,
	list.c, list.h, logging.c, logging.h, match.c, memrchr.c, missing.h,
	mkdefaults, mkstemp.c, mon_systrace.c, mon_systrace.h, nanosleep.c,
	nonunix.h, parse.c, parse.h, plugins/sudoers/Makefile.binary.in,
	plugins/sudoers/Makefile.in, plugins/sudoers/aixcrypt.exp,
	plugins/sudoers/alias.c, plugins/sudoers/auth/API,
	plugins/sudoers/auth/afs.c, plugins/sudoers/auth/aix_auth.c,
	plugins/sudoers/auth/bsdauth.c, plugins/sudoers/auth/dce.c,
	plugins/sudoers/auth/fwtk.c, plugins/sudoers/auth/kerb4.c,
	plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/rfc1938.c,
	plugins/sudoers/auth/secureware.c, plugins/sudoers/auth/securid.c,
	plugins/sudoers/auth/securid5.c, plugins/sudoers/auth/sia.c,
	plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/auth/sudo_auth.h,
	plugins/sudoers/boottime.c, plugins/sudoers/check.c,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/defaults.c,
	plugins/sudoers/defaults.h, plugins/sudoers/env.c,
	plugins/sudoers/find_path.c, plugins/sudoers/getdate.c,
	plugins/sudoers/getdate.y, plugins/sudoers/getspwuid.c,
	plugins/sudoers/gettime.c, plugins/sudoers/goodpath.c,
	plugins/sudoers/gram.c, plugins/sudoers/gram.h,
	plugins/sudoers/gram.y, plugins/sudoers/ins_2001.h,
	plugins/sudoers/ins_classic.h, plugins/sudoers/ins_csops.h,
	plugins/sudoers/ins_goons.h, plugins/sudoers/install-sh,
	plugins/sudoers/insults.h, plugins/sudoers/interfaces.c,
	plugins/sudoers/interfaces.h, plugins/sudoers/ldap.c,
	plugins/sudoers/logging.c, plugins/sudoers/logging.h,
	plugins/sudoers/match.c, plugins/sudoers/mkdefaults,
	plugins/sudoers/mon_systrace.c, plugins/sudoers/mon_systrace.h,
	plugins/sudoers/nonunix.h, plugins/sudoers/parse.c,
	plugins/sudoers/parse.h, plugins/sudoers/pwutil.c,
	plugins/sudoers/redblack.c, plugins/sudoers/redblack.h,
	plugins/sudoers/set_perms.c, plugins/sudoers/sudo_nss.c,
	plugins/sudoers/sudo_nss.h, plugins/sudoers/sudoers,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/sudoers2ldif, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/timestr.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l,
	plugins/sudoers/tsgetgrpw.c, plugins/sudoers/vasgroups.c,
	plugins/sudoers/visudo.c, pty.c, pwutil.c, redblack.c, redblack.h,
	sample.pam, sample.sudoers, sample.syslog.conf,
	schema.ActiveDirectory, schema.OpenLDAP, schema.iPlanet, script.c,
	selinux.c, sesh.c, set_perms.c, sigaction.c, snprintf.c, src/aix.c,
	src/alloc.c, src/audit.c, src/bsm_audit.c, src/bsm_audit.h,
	src/error.c, src/fileops.c, src/lbuf.c, src/list.c, src/pty.c,
	src/script.c, src/selinux.c, src/sesh.c, src/sudo_edit.c,
	src/sudo_noexec.c, src/term.c, src/tgetpass.c, src/zero_bytes.c,
	strcasecmp.c, strerror.c, strlcat.c, strlcpy.c, strsignal.c, sudo.c,
	sudo.cat, sudo.h, sudo.man.in, sudo.man.pl, sudo.pod, sudo_edit.c,
	sudo_noexec.c, sudo_nss.c, sudo_nss.h, sudoers, sudoers.cat,
	sudoers.ldap.cat, sudoers.ldap.man.in, sudoers.ldap.pod,
	sudoers.man.in, sudoers.man.pl, sudoers.pod, sudoers2ldif,
	sudoreplay.c, sudoreplay.cat, sudoreplay.man.in, sudoreplay.pod,
	term.c, testsudoers.c, tgetpass.c, timestr.c, toke.c, toke.l,
	tsgetgrpw.c, utimes.c, vasgroups.c, visudo.c, visudo.cat,
	visudo.man.in, visudo.pod, zero_bytes.c:
	Rework source layout in preparation for modular sudo.
	[7fc1978c6ad5]

2010-02-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Avoid a duplicate fclose() of the sudoers file.
	[5dba851088c1]

	* Fix size arg when realloc()ing include stack. From Daniel Kopecek
	[0a2935061e33]

	* Use setrlimit64(), if available, instead of setrlimit() when setting
	AIX resource limits since rlim_t is 32bits.
	[353db89bac61]

	* Fix use after free when sending error messages. From Timo Juhani
	Lindfors
	[e50dbd902382]

	* ChangeLog, Makefile.in:
	Generate the ChangeLog as part of "make dist" instead of having it
	in the repo.
	[251b70964673]

2010-01-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.binary.in, Makefile.in, aix.c, alias.c, alloc.c, alloc.h,
	auth/afs.c, auth/aix_auth.c, auth/bsdauth.c, auth/dce.c,
	auth/fwtk.c, auth/kerb4.c, auth/kerb5.c, auth/pam.c, auth/passwd.c,
	auth/rfc1938.c, auth/secureware.c, auth/securid.c, auth/securid5.c,
	auth/sia.c, auth/sudo_auth.c, auth/sudo_auth.h, check.c,
	closefrom.c, compat.h, configure.in, defaults.c, defaults.h,
	emul/charclass.h, emul/timespec.h, env.c, error.c, error.h,
	fileops.c, find_path.c, getcwd.c, getprogname.c, getspwuid.c,
	gettime.c, goodpath.c, gram.c, gram.y, ins_2001.h, ins_classic.h,
	ins_csops.h, ins_goons.h, insults.h, interfaces.c, interfaces.h,
	isblank.c, lbuf.c, lbuf.h, ldap.c, list.c, list.h, logging.c,
	logging.h, match.c, memrchr.c, missing.h, mkinstalldirs, mkstemp.c,
	mon_systrace.c, nanosleep.c, parse.c, parse.h, pathnames.h.in,
	pty.c, pwutil.c, redblack.c, redblack.h, sample.pam, sample.sudoers,
	sample.syslog.conf, script.c, selinux.c, sesh.c, set_perms.c,
	sigaction.c, snprintf.c, strcasecmp.c, strerror.c, strlcat.c,
	strlcpy.c, strsignal.c, sudo.c, sudo.h, sudo.man.in, sudo.pod,
	sudo_edit.c, sudo_noexec.c, sudo_nss.c, sudo_nss.h, sudo_usage.h.in,
	sudoers.ldap.man.in, sudoers.ldap.pod, sudoers.man.in, sudoers.pod,
	sudoers2ldif, sudoreplay.c, sudoreplay.man.in, sudoreplay.pod,
	term.c, testsudoers.c, tgetpass.c, timestr.c, toke.c, toke.l,
	utimes.c, visudo.c, visudo.man.in, visudo.pod, zero_bytes.c:
	Remove CVS $Sudo$ tags.
	[de683a8b31f5]

2010-01-18  convert-repo  <convert-repo>

	* .hgtags:
	update tags
	[9b7aa44ae436]

2009-12-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo_usage.h.in:
	make this match sudoers SYNOPSIS
	[c74ba66944c2]

	* lbuf.c, parse.c:
	Print a newline between Runas and Command-specific defaults in sudo
	-l.
	[b5bdfcc9ce4b]

	* term.c:
	Use SET and CLR macros in term_raw
	[50ca42609d6c]

	* sudoreplay.c:
	Set stdin to non-blocking mode early instead of in check_input. Use
	term_raw instead of term_cbreak since the data we get has already
	been expanded via OPOST.
	[51c47e803d62]

2009-12-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* script.c, term.c:
	Enable/disable all postprocessing instead of just nl->crnl
	processing since things like tab expansion matter too. However, if
	stdout is a tty leave postprocessing on in the pty since we run into
	problems doing it only on the real stdout with .e.g nvi.
	[62666e309673]

2009-12-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* check.c:
	If tty_tickets is enabled and there is no tty, prompt for a
	password. Do not lecture user for "sudo -k command" if user has a
	timestamp.
	[5880200c5f6b]

	* INSTALL:
	Document missing options: --with-efence and --with-bsm-audit
	[d83afcdf9ff3]

	* sudo.cat, sudo.man.in, sudo.pod, sudoers.cat, sudoers.ldap.cat,
	sudoers.ldap.man.in, sudoers.ldap.pod, sudoers.man.in, sudoers.pod,
	sudoreplay.cat, sudoreplay.man.in, sudoreplay.pod, visudo.cat,
	visudo.man.in, visudo.pod:
	username -> user name groupname -> group name hostname -> host name
	[10c85646f45d]

	* INSTALL, README.LDAP, sudoers.pod:
	filename -> file name like the rest of the docs
	[1ef8ab5a9018]

2009-12-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* parse.c:
	Fix printing of entries with multiple host entries on a single line.
	[226ceaf91d8d]

2009-12-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudoers.pod:
	Mention that targetpw affects the timestamp file name.
	[a26e22e4f72e]

	* def_data.c, def_data.h, def_data.in, defaults.c, script.c,
	sudoers.pod:
	Add compress_transcript option.
	[6e94f8cb9dfb]

2009-12-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	bump to 1.7.3b2
	[906d7e347d15]

	* pwutil.c, set_perms.c, sudo.c, sudo_nss.c:
	Better split of membership vs. traditional group check in
	user_in_group(). Allow user_ngroups to be < 0 if getgroups() fails.
	[6ebc55d4716b]

2009-12-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* pwutil.c:
	Fix pasto and add default return value.
	[7973b5e4599c]

	* check.c, match.c, pwutil.c, sudo.h:
	refactor group member checking into user_in_group()
	[48ca8c2eddf8]

	* check.c, config.h.in, configure, configure.in, match.c, sudo.c,
	sudo.h:
	Add support for mbr_check_membership() as present in darwin.
	[5501aed02b9f]

2009-12-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* match.c:
	Rename label to be accurate
	[3af17dd960f7]

	* Makefile.in, boottime.c, check.c, config.h.in, configure,
	configure.in, sudo.h:
	Treat timestamp files from before we booted as old. Idea from and
	Apple patch.
	[5c96e484c05a]

2009-12-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.c, sudo.pod, sudo_usage.h.in:
	Allow the -u flag to be used in conjunction with the -v flag as per
	older versions of sudo.
	[591e9fc13c1a]

	* logging.c:
	fix typo in last commit
	[4fd0c692dcf0]

2009-12-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* logging.c:
	Convert fmt_first and fmt_confd into macros.
	[32e870158b29]

	* sudoers.pod:
	timeouts can be floats now
	[89de639a9679]

	* WHATSNEW, def_data.c, def_data.h, def_data.in, defaults.c,
	defaults.h, mkdefaults:
	Add support for floating point timeout values (e.g. 2.5 minutes).
	[210ffa291733]

2009-12-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pod:
	The -L flag will be removed in sudo 1.7.4
	[ffd026084333]

2009-12-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudoreplay.c:
	Fix a bug due to order of operators.
	[938d34464283]

2009-11-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* match.c:
	cmnd_matches() already deals with negation so _cmndlist_matches()
	does not need to do so itself. Fixes a bug with negated entries in a
	Cmnd_List.
	[71c845f6ce73]

2009-11-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.c:
	Don't exit() from open_sudoers, just return NULL for all errors.
	[8cfa832f972a]

	* script.c:
	Can't rely on the shell sending us SIGCONT when transitioning from
	backgroup to foreground process.
	[3c6c5b6cb4b3]

	* toke.c, toke.l:
	Add missing extern def for parse_error
	[45b7b59d03b7]

2009-11-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* toke.c, toke.l:
	Avoid a parse error when #includedir doesn't find any files. Closes
	bug #375
	[1ce1b850e9e6]

	* Makefile.in:
	Include sudo.man.pl and sudoers.man.pl in the distribution tarball.
	[6a22e32da108]

2009-11-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* script.c:
	Start command out in foreground mode if stdout is a tty. Works
	around issues with some curses-based programs that don't handle
	tcsetattr getting interrupted by a signal. Still allows us to avoid
	hogging the tty if the command is part of a pipeline.
	[1c32f2b94769]

	* script.c, sudo.c, sudo.h, sudoreplay.c, term.c, tgetpass.c:
	Use a socketpair to pass signals from parent to child. Child will
	now pass command status change info back via the socketpair. This
	allows the parent to distinguish between signals it has been sent
	directly and signals the command has received. It also means the
	parent can once again print the signal notifications to the tty so
	all writes to the pty master occur in the parent. The command is now
	always started in background mode with tty signals handled by the
	parent.
	[c6790b82986d]

2009-11-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Fix a few typos in the descriptions; from Jeff Makey Only do the
	check for krb5_get_init_creds_opt_free() taking two arguments if we
	find krb5_get_init_creds_opt_alloc(). Otherwise we will get a false
	positive when using our own krb5_get_init_creds_opt_free which takes
	only a single argument.
	[845a9ff6f93d]

2009-11-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Remove a spurious comma in the kerb5 bits.
	[3433eab083db]

	* auth/kerb5.c:
	Call krb5_get_init_creds_opt_init() in our emulated
	krb5_get_init_creds_opt_alloc() for MIT kerberos.
	[7ffb40bf43e9]

2009-11-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in:
	Add HAVE_ZLIB
	[9297bde61ecc]

	* script.c:
	Need to ignore SIGTT{IN,OU} in child when running the command in the
	background. Also some minor cleanup.
	[dc208d982319]

2009-10-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* script.c:
	Instead of calling sigsuspend when waiting for SIGUSR[12] from
	parent, install the signal handlers w/o SA_RESTART and let them
	interrupt waitpid().
	[759c7d18203b]

	* script.c:
	Pass along SIGHUP and SIGTERM from parent to child.
	[035b0e254568]

	* script.c:
	Close unused bits of script_fds in processes that don't need them.
	Restore default SIGCONT handler in child.
	[e037378ab0c1]

	* script.c:
	Update foreground/background status in SIGCONT handler in parent
	process.
	[3f7f91333264]

2009-10-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* script.c:
	Defer setting terminal into raw mode until just before we fork() and
	only do it if sudo is the foreground process. If we get SIGTT{IN,OU}
	and sudo is already in the foreground be sure to set raw mode before
	continuing the child.
	[1102ef40832c]

2009-10-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* script.c:
	Fix handling of SIGTTOU/SIGTTIN in program being run. We now only
	give the command the controlling tty if the main sudo process is the
	foreground process.
	[cf3a91cb5682]

	* script.c:
	Don't bother with sudo_waitpid() here for now.
	[9086de480c2d]

	* script.c:
	fix non-zlib case
	[a258bff0f9a6]

2009-10-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* script.c:
	Remove non-wroking code that crept into rev 1.55
	[2802dd55cff5]

2009-10-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL, configure, configure.in, script.c, sudoreplay.c:
	First pass at zlib support for transcript data files
	[5d10260807da]

	* Makefile.in:
	remove vestiges of ZLDFLAGS
	[1fa0caf1c0fb]

	* script.c:
	Add missing variable declaration for when TIOCSCTTY is not defined.
	Need to include sys/termio.h for TIOCSCTTY on some systems.
	[ee7f41ac2709]

	* script.c:
	when resuming command, send SIGCONT to its pgrp not just pid
	[5cd63c1d565b]

	* selinux.c:
	remove unused variable
	[df67df4be228]

	* script.c:
	include selinux.h for is_selinux_enabled() proto
	[85ebaa880cc1]

	* script.c:
	Don't use log_error() in the child process.
	[def65fe2a433]

	* script.c:
	Do I/O in parent instead of child since the parent can have both
	/dev/tty as well as the pty fds open. The child just sets things up
	and waits for its grandchild and writes the signal description to
	the pty master if the command was killed by a signal.
	[95e473208982]

2009-10-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* missing.h, sudo.h:
	Move two struct forward declarations from sudo.h to missing.h
	[90ad28294a8c]

	* script.c:
	Make comment at the top of script_exec() match reality.
	[c5042d27dbe0]

	* sudo.c:
	if neither stdin nor stdout is a tty, check stderr
	[c532ff20c8d8]

	* Makefile.in:
	Add back dependecy of gram.h on gram.y
	[c58382b7fcca]

	* script.c:
	Make transcript mode work as long as we can figure out our tty, even
	if it is not stdin. We'd like to use /dev/tty but that won't be
	valid after the setsid().
	[7b8bba8d99e7]

2009-10-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.in, pty.c:
	Add support for IRIX-style dynamic ptys
	[bedc9bac44c1]

	* Makefile.in, alloc.h, getline.c, sudo.h, sudoreplay.c:
	Move alloc.c protos into alloc.h
	[b6a90649617d]

	* missing.h:
	Move prototypes for missing libc functions to missing.h
	[dda9ae1ccaf8]

	* Makefile.in, sudo.h, sudoreplay.c:
	Move prototypes for missing libc functions to missing.h
	[7483166b577b]

2009-10-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.in:
	Disable transcript support if no tcsetpgrp until we support older
	BSD-style job control.
	[27ac1d8163df]

	* configure, configure.in, pty.c, script.c:
	Break out pty code into pty.c
	[e85509b25d41]

	* compat.h, config.h.in, configure, configure.in:
	add killpg macro if no killpg function
	[3a125f4a51f0]

	* config.h.in, configure, configure.in, script.c:
	Push ptem and ldterm for STERAMS-based systems when allocating a
	pty.
	[36bb39b30ff2]

2009-10-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* script.c:
	Sprinkle some more O_NOCTTY and call grantpt() before unlockpt()
	[d94bd5c9bf4e]

	* script.c:
	Call tcgetpgrp() in the parent, not the child and have the child
	spin until it is granted. Fixes a race on darwin.
	[6e8d435339ce]

	* script.c:
	Only use TIOCNOTTY in the non-setsid case. If no TIOCSCTTY, just
	reopen slave.
	[0bdc63c019ca]

2009-10-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* script.c:
	In script mode, if the command is killed by a signal, print the
	signal description as well as a core dump notification like the
	shell does.
	[9df61738df07]

	* Makefile.in, config.h.in, configure, configure.in, strsignal.c,
	sudo.h:
	Add check for strsignal() and a simple implementation if it is not
	there but sys_siglist is
	[61421a188ef4]

	* script.c:
	Add missing WUNTRACED and store the signal that stopped the
	grandchild in suspended, not signo.
	[df65042b200e]

	* script.c:
	g/c unused code
	[40d8cb5c9203]

	* script.c:
	Associate the grandchild's pgrp with the tty instead of the child's
	and just get suspend notifications via SIGCHLD instead of directly.
	This fixes a hang with programs that try to set terminal attributes
	and is more consistent with how the shell handles things.
	[6865abff7e94]

2009-10-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* script.c:
	Move setpgid() of child into the parent side of the fork() where it
	belongs.
	[3defa782777c]

2009-10-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* script.c:
	fix typo
	[b6a612b3622c]

	* script.c:
	Run command in its own pgrp (like the shell does) for easier
	signalling. No need to relay SIGINT or SIGQUIT to parent, just send
	to grandchild. Don't want grandchild stopped events in the child
	(only termination). Flush output after suspending grandchild before
	signalling parent.
	[db556bf2176f]

	* script.c:
	Back out revision 1.34; the problem lies elsewhere.
	[85f590a03275]

	* script.c:
	Don't set stdout to blocking mode when flushing remaining output. It
	can cause us to hang when trying to exit. Need to investigate why.
	[6f803a3e33ca]

	* script.c:
	Handle SIGTTOU and remove some debugging.
	[52d17279053e]

	* term.c:
	Back out revision 1.10 as the signal that interrupts us may be
	SIGTTOU or SIGTTIN which the caller must handle.
	[7e2fa9107975]

	* script.c:
	Apparently we need to send SIGSTOP to the command as well as ourself
	when we get SIGTSTP, the kernel doesn't automatically stop the
	process for us.
	[1a936e9309c4]

	* script.c:
	Use an extra process to act as the glue bewteen the sessions
	associated with the user's controlling tty (what the shell uses) and
	the tty that sudo is using to do its logging. Basically, this means
	that if we get, e.g. SIGTSTP from the process sudo is running, we
	relay the signal to the parent so it's shell can do the job control.
	[6dd296988060]

	* term.c:
	Handle getting/setting terminal attributes when the fd is in non-
	blocking mode.
	[ae5ae535ea7b]

2009-10-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudoreplay.c, sudoreplay.cat, sudoreplay.man.in, sudoreplay.pod:
	Add support for pausing and changing the speed in interactive mode.
	[72a2063780a7]

	* script.c:
	Already define O_NOCTTY in compat.h, don't need it here
	[b5d80ed3e5ce]

2009-10-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudoreplay.c:
	Add missing protos
	[c4cb4e7f4d8a]

2009-09-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo_edit.c:
	Always update the stashed mtime of the temp file instead of using
	what we have for the original because the time resolution of the
	filesystem the temporary is on may not match that of the filesystem
	that holds the original. Should fix bz #371 found by Philippe Levan.
	[c86ca4bec60c]

	* sudoreplay.c:
	Use cbreak mode instead of raw mode and add signal handlers to
	restore the tty on interrupt.
	[84dd283da41c]

	* script.c, sudo.h, term.c:
	Retain NL to NLCR conversion on the real tty and skip it on the pty
	we allocate. That way, if stdout is not a pty there are no extra
	carriage returns.
	[32e4f570414e]

	* script.c:
	Fix log_output(); just pass in a string and a length.
	[ca980cc0a3fb]

2009-09-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* script.c:
	do not use errno when complaining out lack of a tty
	[8f9b8c55ab8e]

2009-09-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in, sudoreplay.c, term.c:
	Instead of messing with line endings, just set terminal to raw mode
	in sudoreplay.
	[90943fa87acb]

	* term.c:
	When copying the terminal attributes to the pty, be sure not to set
	ONLCR. This prevents extra carriage returns from ending up in the
	script output file.
	[e6b5475ac2aa]

	* script.c:
	Convert a do {} while into a while
	[e461310d2c77]

	* Makefile.in:
	Use if then instead of test && when installing binaries that may not
	exist.
	[ad4f9490d971]

	* script.c:
	Add O_NOCTTY when opening a tty device. Explicitly disconnect from
	old tty before associatng with new one.
	[0e0ca634b80c]

	* script.c, selinux.c, sudo.c, sudo.h:
	First cut at refactoring some of the selinux code so it can be used
	in conjunction with sudo's transcript support.
	[779b0d8f9d29]

2009-09-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* aclocal.m4, configure, configure.in:
	Fix default case of transcript_enabled being unset.
	[f8aa96186e6b]

	* script.c, sudoreplay.c:
	Use _PATH_SUDO_TRANSCRIPT instead of _PATH_SUDO_SESSDIR
	[2844a7a851fa]

	* INSTALL, Makefile.in, aclocal.m4, configure, configure.in, sudo.c:
	Hook up --disable-transcript and --enable-transcript=DIR
	[b3fa7e6b2480]

2009-09-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* aclocal.m4, configure, configure.in, pathnames.h.in:
	_PATH_SUDO_SESSDIR -> _PATH_SUDO_TRANSCRIPT Add --enable-
	transcript=DIR option to specify the directory
	[b0bb76d43cda]

	* sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in:
	regen
	[c7a8a0a9027c]

	* configure, configure.in, sudoers.man.pl, sudoers.pod:
	Substitute in default value for secure_path
	[c8f9ac6dbf93]

	* sudo.pod:
	Mention that the password must be followed by a newline with the -S
	option.
	[2fc589a3ee7e]

2009-09-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* script.c:
	Go back to dropping out of the select() loop when the process dies;
	Linux ptys apparently don't behave the same as BSD in regards to
	select(). No need to flush remaining output to the transcript, only
	to stdout. Add back code to check the master pty for additional data
	when we exit the main select loop.
	[abed9a9cbc6b]

2009-09-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in:
	Add getline.o to COMMON_OBJS
	[04ef7643cbc2]

	* Makefile.in:
	sudoreplay depends on libsudo.a
	[142bd0472631]

	* Makefile.in:
	More pwutil.o into COMMON_OBJS
	[4a016b933629]

	* pwutil.c, testsudoers.c, tsgetgrpw.c:
	Remove my_* redirection in pwutil.c for testsudoers and just use the
	normal libc get{pw,gr}* names.
	[9b76d637d86b]

	* sudoreplay.cat, sudoreplay.man.in, sudoreplay.pod:
	More time and date examples
	[c6ee0175ec56]

	* Makefile.in, configure, configure.in, nanosleep.c, sudoreplay.c:
	Move nanosleep() emulation into its own file Check librt.a for
	nanosleep if we don't find it in libc
	[4da0cc26aad7]

	* Makefile.in, configure, configure.in:
	Build libsudo with the common bits and link things against that.
	[2b53bc0b081a]

	* script.c:
	Fix final flush.
	[6da287d833da]

	* script.c:
	Keep reading from the pty master -> log file until read returns <=
	0. Do our best to write everything to stdout when flushing any
	remaining bits.
	[2a45d4ae280c]

	* sudoreplay.c:
	Use unbuffered I/O when writing to stdout and make sure we write the
	entire buffer.
	[f39ef9844a47]

2009-09-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudoreplay.c:
	Only use max_wait if it is non-zero
	[f6c10604d2e8]

	* getdate.c, getdate.y, getline.c:
	Need compat.h here
	[5d6722e225a0]

	* sudoreplay.c:
	Fix nanosleep emulation
	[34e5e5d72a76]

	* script.c:
	Fix comment after #endif
	[bd1347718b25]

	* sudoreplay.c:
	Add protos for missing libc bits
	[644f496427a2]

	* configure, configure.in:
	add missing line continuation char
	[db13c0d402cd]

	* config.h.in, configure, configure.in, getline.c:
	Implement getline() in terms of fgetln() if we have it.
	[3ab786eaadc5]

	* sudoreplay.c:
	Print year when formatting log line
	[90be669e3443]

	* sudoreplay.pod:
	Document cwd, attempt to document time/date formats.
	[6290fb9b65c6]

	* sudoreplay.c:
	Fix getline return value check.
	[d696d6657261]

	* Makefile.in, config.h.in, configure, configure.in, getline.c,
	sudoreplay.c:
	Use getline() if the system has it, else use provide our own for
	sudoreplay.
	[afca1d6fbe5e]

	* script.c:
	Refactor code to update output and timing files.
	[361491332b1a]

2009-09-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudoreplay.c:
	Make sudo_getln() behave more like glibc getline.
	[40c9f2ea29e6]

	* script.c:
	When flushing remaining output, also update timing file.
	[5a9a5a627549]

	* sudoreplay.c:
	Use get_timestr() and make the -l output look like the regular sudo
	log.
	[452ba9d436c9]

	* logging.c, sudo.h, timestr.c:
	Make get_timestr() take a time_t so we can use it properly in
	sudoreplay.
	[82e67cc53c9c]

	* script.c:
	Create session dir earlier now that we update the seq number early.
	[797fe8d6dc61]

2009-09-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudoreplay.c:
	Use fromdate and todate as the keywords instead of from and to; the
	short forms will still be accepted.
	[d14d9b116df4]

	* sudoreplay.c:
	Fix reading long liensin sudo_getln()
	[58dadd74118c]

	* script.c, sudoreplay.c:
	Log the cwd in the script log file. Add sudo_getln() to read
	arbitrarily long lines.
	[faceb802ab8f]

	* Makefile.in, logging.c, sudo.h, timestr.c:
	Move get_timestr() into its own source file so sudoreplay can use
	it.
	[99b054bfa20a]

2009-09-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudoreplay.c:
	Add to and from perdicates (date ranges); needs documentation
	[1d629174dcf4]

2009-09-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in, getdate.c, getdate.y:
	Fix warning and add generated getdate.c
	[b877a86b5a03]

	* Makefile.in, getdate.y:
	Add getdate.y to be used for sudoreplay date parsing.
	[b8e26fbb7a40]

2009-09-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudoreplay.c:
	Check more than just the first character of a predicate
	[4fe53728adb1]

	* sudoreplay.cat, sudoreplay.man.in, sudoreplay.pod:
	Add examples, sort predicates
	[70f8075cbccc]

	* Makefile.in, sudoreplay.c, sudoreplay.cat, sudoreplay.man.in,
	sudoreplay.pod:
	Implement search expressions in sudoreplay similar in concept to
	what find or tcpdump uses. TODO: date ranges
	[f7ce4fb4cf3a]

2009-09-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* script.c:
	Remove vhangup as it was hanging up the wrong tty. Should really
	vhangup in the child after it as set its tty.
	[2eed9df73010]

	* sudoers.pod:
	Fix cut at documenting transcript support.
	[e6c533a5568a]

	* logging.c:
	ID= -> TSID= for transcript ID
	[1bf755a35333]

2009-09-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudoers.pod:
	Move fast_glob description to where it belongs in sorted order
	[5901cfb0d25f]

	* def_data.c, def_data.h, def_data.in, gram.c, gram.h, gram.y,
	parse.c, parse.h, sudo.c:
	Rename script -> transcript
	[e06cf823122c]

2009-09-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat.h:
	Add timeradd and timersub for those without them
	[929f8aa06c2b]

	* script.c:
	Sanity check sessid before using it.
	[aa8ca5211d43]

	* sudo.c:
	Only set the session id if we are running a command or editing a
	file.
	[7205d717c098]

	* script.c:
	Actually. qsort is fine since most versions fal back to a cheaper
	sort when the number of elements to sort is small (like in our
	case).
	[d11c7cd352fe]

	* config.h.in, configure, configure.in, script.c:
	Check for dup2 and use dup instead if we don't have it.
	[98bd89830f8a]

	* script.c, sudo.c, sudo.h:
	Move the code to dup2 the script fds to low numbered descriptors
	into script_duplow() and fix the fd sorting.
	[9453fdc5fba6]

	* script.c, sudo.c, sudo.h:
	Move script_setup() back to immediately before we drop privs and
	call the new script_nextid() in its place, which will set
	sudo_user.sessid for the logging functions.
	[8434d0c8ff08]

2009-09-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in:
	Install sudoreplay
	[6acf2cdb4d3f]

	* sudoreplay.c:
	remove unused variable
	[2316360bb992]

2009-08-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* logging.c, script.c, sudo.c, sudo.h:
	Log the session ID, if there is one. Currently logs ID=XXXXXX,
	perhaps should be SESSIONID or SESSID.
	[53976905b0a6]

	* Makefile.in, configure, configure.in, sudoreplay.cat,
	sudoreplay.man.in, sudoreplay.pod:
	Add sudoreplay docs
	[da4f14f0e64c]

	* sudoreplay.c:
	add -V (version) flag
	[b5e743639ee3]

	* sudoreplay.c:
	Hook up max_wait.
	[2ec5697a92ba]

	* script.c, sudoreplay.c:
	Use base36 number for the ID and store script files with paths like
	/var/log/sudo-session/00/00/00{,.tim,.scr}. This gives us 36^6
	(2,176,782,336) unique IDs.
	[6aab019d07aa]

2009-08-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure.in:
	Add check for regcomp
	[44c3ebd7ff34]

	* sudoreplay.c:
	Add support for selecting by pattern and tty when listing.
	[66189f840c52]

2009-08-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudoreplay.c:
	The beginnings of a list mode.
	[8d0150b4a52c]

2009-08-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in:
	fix pasto
	[616b4640b8a8]

	* Makefile.in, config.h.in, configure.in:
	Add scaffolding for building sudoreplay
	[a32958505dbe]

	* sudoreplay.c:
	include error.h first arg to nanotime is const
	[fe5a7bb31bc5]

	* sudoreplay.c:
	Initial cut at sudoreplay; replay a sudo session.
	[f149fba372bd]

2009-08-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* script.c:
	Fix wait() usage and use correct wait status.
	[f4745ed7ad05]

	* sudo.c, sudo.h, tgetpass.c:
	Add protos for term_* to sudo.h
	[14fe1abd7e7b]

	* script.c:
	Fix detection of the child process exiting. Since the child is in
	its own session we should only ever get SIGCHLD for that process but
	better safe than sorry.
	[7edfdadd8505]

	* config.h.in:
	Add UNIX98 pty support.
	[82f4b53a0e8f]

	* configure, configure.in, script.c:
	Add UNIX98 pty support.
	[795b8bb0a3a1]

2009-08-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* term.c:
	For raw mode, don't bother clearing BRKINT or PARMRK and clear IUCLC
	if it is defined.
	[40f8b83baf69]

	* auth/pam.c:
	Set PAM_RUSER and PAM_RHOST early so they can be used during
	authentication. Based on a patch from Jamie Beverly.
	[3d567b453a6a]

	* match.c:
	Close dir before returning if strlcpy() reports overflow. From
	Martynas Venckus.
	[6a82f96473e5]

	* config.h.in, configure, configure.in, script.c:
	On Linux, the openpty proto libes in pty.h
	[98643a018d1c]

	* script.c:
	Call vhangup on exit if the system has it Use setpgrp() if no
	setsid()
	[3a9e13149829]

2009-08-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.in:
	Add checks for revoke and vhangup if we don't have openpty
	[fcb04572e994]

	* script.c:
	Session logging guts that got forgotten in the previous commit.
	[c2af08a63ea9]

	* Makefile.in, aclocal.m4, compat.h, config.h.in, configure,
	configure.in, def_data.c, def_data.h, def_data.in, gram.c, gram.h,
	gram.y, parse.c, parse.h, pathnames.h.in, sudo.c, sudo.h, term.c,
	tgetpass.c:
	First cut at session logging for sudo. Still need to write get_pty()
	for Unix 98 and old-style BSD ptys. Also needs documentation and
	general cleanup.
	[77e3f5e25738]

2009-08-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.c, sudo_edit.c:
	Fix a bug introduced with def_closefrom. The value of def_closefrom
	already includes the +1.
	[7291c136300d]

2009-07-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in:
	Generate sudo distributions with pax in ustar mode. No longer need
	to use a temp file or have the source dir name match the version.
	[9778177a8272]

2009-07-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* toke.c, toke.l:
	Fix expansion of %h in #include names. Fixes bugzilla 363
	[6e346879ba24]

2009-07-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkdefaults:
	If no arg assume def_data.in
	[c1dd28c0e675]

	* README, WHATSNEW:
	Update for 1.7.2
	[f5ad45f69f05] [SUDO_1_7_2]

	* ChangeLog:
	sync
	[6283549396ff]

2009-06-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudoers.cat, sudoers.man.in, sudoers.pod:
	Add missing single quotes around a colon in Runas_Spec definition.
	From Elias Benali.
	[ccc6ee4fca83]

2009-06-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.man.in, sudoers.man.in:
	regen
	[546e75304ebf]

	* redblack.c:
	In rbrepair, re-color the root or the first non-block node we find
	to be black. Re-coloring the root is probably not needed but won't
	hurt.
	[34d01ebe241b]

	* sudo.cat, sudoers.cat:
	regen
	[bebf5a39f54f]

2009-06-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* redblack.c:
	When repairing the tree, don't touch the root node.
	[9841f0d5d789]

2009-06-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* set_perms.c:
	Protect call to setegid in runas_setup with #ifdef HAVE_SETEUID.
	Reported by Josef Schmid.
	[ed044b1eb879]

2009-06-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudoers.pod:
	Document that we accept env_pam-style environment files
	[e3b545456352]

	* env.c:
	Adapt to accept pam_env-style /etc/environment which allows shell-
	style lines such as: export EDITOR="/usr/bin/vi"
	[752eb75bf007]

	* sudoers.pod:
	Make it clear that env_delete only works when !env_reset. From Loïc
	Minier
	[3bd3f8e351ba]

2009-06-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pod, sudoers.pod:
	Add non-unix group bits, adapted from Quest
	[8ce427de8dea]

	* Makefile.in:
	build the .cat page in the current working dir, not the src dir
	[00e87a307674]

	* env.c:
	Return EINVAL in setenv() if var is NULL or the empty string to
	match glibc behavior.
	[23fd7c247142]

2009-06-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Use AS_HELP_STRING for AC_ARG_WITH and AC_ARG_ENABLE
	[fedd4a3e2a85]

2009-06-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.cat, sudo.man.in, sudoers.cat, sudoers.ldap.cat,
	sudoers.ldap.man.in, sudoers.man.in, visudo.cat, visudo.man.in:
	regen
	[7b9f461a40b3]

2009-06-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL:
	Document --with-libvas and --with-libvas-rpath
	[a071e6d96c89]

2009-05-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* ldap.c, sudoers.ldap.pod:
	For netscape-derived LDAP SDKs the cert and key paths may be a
	directory or a file. However, version 5.0 of the SDK only seems to
	support using a directory. If ldapssl_clientauth_init fails and the
	cert or key paths look like they could be files, strip off the last
	path element and try again.
	[ac4e49d83043]

	* Makefile.in:
	Add non-Unix group .o to COMMON_OBJS and substitute in path to flex.
	[4547cc1a335f]

2009-05-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in, match.c, sudo.c, vasgroups.c:
	Update non-Unix group support from Quest, as reworked by me.
	[1abafce29dc6]

	* toke.c:
	regen
	[01bfca9148b7]

	* toke.l:
	Add support for escaped hex chars in names, e.g. \x20 for space.
	[3c7be8e58a39]

2009-05-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* LICENSE, Makefile.in, aclocal.m4, alias.c, auth/aix_auth.c,
	auth/pam.c, auth/sudo_auth.c, auth/sudo_auth.h, check.c, env.c,
	fileops.c, glob.c, gram.y, interfaces.c, lbuf.c, ldap.c, logging.c,
	logging.h, match.c, parse.c, parse.h, pathnames.h.in, pwutil.c,
	set_perms.c, sudo.c, sudo.h, sudo.pod, sudo_nss.c, sudo_nss.h,
	sudo_usage.h.in, sudoers.ldap.pod, sudoers.pod, testsudoers.c,
	tgetpass.c, toke.l, visudo.c:
	Update copyright years.
	[e615f676c764]

2009-05-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* interfaces.c, lbuf.c:
	Minor fixes for Minix-3
	[898c510d23f9]

2009-05-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* set_perms.c:
	Handle getgroups() returning 0. Also add missing check for
	HAVE_GETGROUPS.
	[d73b958f9ffd]

2009-05-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in, config.h.in, configure, configure.in, sudo.c,
	version.h, visudo.c:
	Replace version.h with PACKAGE_VERSION set via AC_INIT in configure.
	[5050579a264d]

2009-05-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* set_perms.c:
	Remove group setting code in setusercontext case, we will do it
	ourselves later on in runas_setup. Set the gid after
	initgroups/setgroups is called, since on Mac OS X it seems to change
	the egid.
	[09dc21d8b42d]

2009-05-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* LICENSE, Makefile.in, config.h.in, match.c, nonunix.h, sudo.c,
	vasgroups.c:
	Initial bits of non-unix group support using Quest Authentication
	Services
	[1eecab0ff27e]

	* toke.c, toke.l:
	Accept %:foo as a non-Unix group
	[4c4b5dd899a6]

	* toke.c, toke.l:
	Allow user/group to be double quoted in the case of non-Unix groups
	which contain spaces.
	[47a3d568b7e8]

2009-05-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* match.c:
	Don't allow the user to specify the default runas user if their
	sudoers entry only allows them to run as a group.
	[4d726177227c]

2009-05-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.c:
	Must call audit_success before we change uids.
	[04a9e6ce6e55]

	* logging.c, set_perms.c, sudo.h, testsudoers.c:
	Add option for set_perm to not exit on failure and use this in the
	logging routines.
	[833dce7b7f42]

	* parse.c:
	In -l mode, if the user is only allowed to run as a group, display
	the user's name, not root's before the allowed group.
	[ef92ff99d265]

	* sudo.c:
	Fix -g mode, broken by rev 1.503 which had the side effect of
	setting the runas user to root unilaterally.
	[50a2f7df4385]

2009-05-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* fileops.c:
	When unlocking a file with fcntl, use F_SETLK, not F_SETLKW.
	[30fbe832dcf3]

	* pwutil.c:
	Only cache by the method we fetched for pwd and grp lookups.
	Previously we cached both by namd and id but this can cause problems
	for entries that share the same id. Also add more info in the error
	message in case the insert fails (which should now be impossible).
	[ef95a4f0bab5]

2009-04-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudoers.pod:
	Add a clarification from Nick Sieger
	[1eadad329561]

2009-04-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* env.c:
	Inline the setting of the environment string.
	[9515d11c6295]

2009-04-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* env.c:
	setenv(3) in Linux treats a NUL value as the empty string setenv(3)
	in BSD doesn't return an error if the name has '=' in it, it just
	treats the '=' as end of string.
	[941260bf94d2]

2009-04-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* toke.c, toke.l:
	Not all systems have d_namlen
	[e377b18d8e2d]

2009-04-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudoers.pod:
	Fix up some pod2html issues.
	[823a1f10ab60]

2009-04-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* interfaces.c:
	Check for NULL ifa_addr and ifa_netmask. Adapted from a diff from
	Quest Software.
	[73de36653131]

	* sudoers.pod:
	Ignore files ending in '~' in sudo.d (emacs backup files)
	[7871fad702db]

	* toke.c, toke.l:
	Ignore files ending in '~' in sudo.d (emacs backup files)
	[53fded2a469f]

2009-04-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudoers.cat, sudoers.man.in, sudoers.pod, toke.c, toke.l:
	For #includedir, ignore any file containing a dot
	[a7daa1bce6c2]

	* Makefile.in, version.h:
	Bump version
	[ef60f14ffc44]

	* gram.c, gram.y, parse.c, parse.h, sudo.c, sudo.h, sudoers.cat,
	sudoers.man.in, sudoers.pod, testsudoers.c, toke.c, toke.l,
	visudo.c:
	Implement #includedir directive. Files in an includedir are not
	edited by visudo unless they contain a syntax error.
	[3923d85a6c79]

	* ChangeLog:
	sync
	[8741ed61a78b] [SUDO_1_7_1]

	* WHATSNEW:
	Forgot umask_override
	[7c86a21a5504]

	* ChangeLog, TODO:
	sync
	[57339ca6bccf]

2009-04-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* visudo.c:
	Rewind stream if we fdopen sudoers since it may not be at the
	beginning. Set the keepopen flag on already-open files too so the
	lexer doesn't close them out from under us.
	[61292d819aff]

	* visudo.c:
	Print the proper file name when there is a parse error in an include
	file.
	[b0e85d4aedde]

2009-04-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* WHATSNEW:
	Sync
	[997e5d485ea3]

2009-04-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Fix a warning when --without-ldap is specified.
	[d91fd9481b30]

2009-04-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* alias.c, parse.h, visudo.c:
	Store aliases that we remove during check_aliases in a freelist and
	free them at the end so we don't leak memory.
	[805e2272f6a3]

2009-03-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* visudo.c:
	Check aliases in -c mode too.
	[9199e188d9f2]

	* alias.c, parse.h, visudo.c:
	Make alias_remove return the alias struct instead of freeing it
	directly. Fixes a use after free in alias_remove_recursive, the only
	consumer.
	[a04b61804800]

	* alias.c, match.c, parse.c, parse.h, visudo.c:
	Rename find_alias -> alias_find for consistency.
	[48b0a82924f3]

2009-03-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* visudo.c:
	When checking for unused aliases, recurse if the alias points to
	another alias.
	[2d4d1a7f3a41]

2009-03-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* ldap.c:
	Back out rev 1.105 for now. Real ldapux_client.conf support will be
	done later after some refactoring.
	[8ad72e69b277]

2009-03-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* ldap.c:
	Treat ldap_hostport the same as "host" for ldapux.
	[3281dcc66da8]

	* configure, configure.in:
	Only check for ldap_sasl_interactive_bind_s if we can find sasl.h.
	Fixes compilation with ldapux.
	[ca1ed585ef0e]

2009-03-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* fileops.c:
	fix char subscript
	[41e51f080d00]

2009-03-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in:
	remove errant carriage returns
	[e9e258a31c7b]

	* audit.c, env.c:
	fix K&R compilation
	[d182e8920f13]

	* sudo.cat, sudo.man.in, sudoers.cat, sudoers.ldap.cat,
	sudoers.ldap.man.in, sudoers.man.in, visudo.cat, visudo.man.in:
	regen
	[791a5cbf04e5]

2009-03-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in:
	Add missing HAVE_BSM_AUDIT
	[49ad1bb96f04]

	* WHATSNEW:
	Add 1.7.1 features
	[f107f1604c61]

	* INSTALL:
	Mention --with-netsvc
	[d1e90d147795]

	* sudoers.ldap.pod:
	Document netsvc.conf support
	[e78f8abce6af]

	* configure, configure.in, pathnames.h.in, sudo.c, sudo_nss.c,
	sudo_nss.h:
	Add support for AIX netsvc.conf (like nsswitch.conf).
	[1df56a84dee5]

2009-03-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.in, env.c:
	Add --enable-env-debug flag to enable environment sanity checks.
	[128cdd8832e7]

	* sudoers.ldap.pod, sudoers.pod:
	Work around some pod2html issue.
	[e733b9609bd2]

2009-03-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* env.c:
	Only sync environ for putenv, setenv, and unsetenv. We need to make
	sure that sudo_putenv and sudo_setenv only modify env.envp, not
	environ.
	[be3ac732243c]

2009-03-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* env.c:
	Really fix UNSETENV_VOID
	[08ab7e882507]

	* env.c:
	Fix unsetenv when UNSETENV_VOID
	[d3038b3f2f15]

	* aclocal.m4, configure:
	Fix SUDO_FUNC_PUTENV_CONST
	[de35569c572b]

	* ldap.c:
	tivoli-based ldap does not have ldapssl_err2string
	[c63fd90d5e99]

	* configure:
	regen
	[f38f1ee828ad]

2009-03-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.in, ldap.c:
	Add support for Tivoli-based LDAP start TLS as seen in AIX.
	Untested.
	[8f8771829f85]

	* env.c:
	Add sanity checks for setenv/unsetenv
	[adbd1d95856b]

	* Makefile.in:
	Include bsm_audit.h in the tarball
	[4a4aa02b2c32]

	* Makefile.in, version.h:
	bump version for sudo 1.7.1
	[362c71d21595]

	* aclocal.m4, auth/aix_auth.c, config.h.in, configure, configure.in,
	env.c, ldap.c, sudo.h:
	Replace sudo_setenv/sudo_unsetenv with calls to setenv/unsetenv and
	provide our own setenv/unsetenv/putenv that operates on own env
	pointer. Make sync_env() inline in setenv/unsetenv/putenv functions.
	[276edcd23032]

2009-02-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.c:
	Make "sudoedit -h" work as expected
	[2bcbbb45d389]

	* auth/pam.c:
	Make sure def_prompt is always defined. This is a workaround for pam
	configs that prompt for a password in the session but don't have an
	auth line. A better fix is to expand the sudo prompt earlier and set
	def_prompt to that when initializing.
	[ee073c04aec3]

	* sudo.pod:
	Mention that the helper for -A may be graphical.
	[b64a940c4082]

	* TROUBLESHOOTING:
	Document what happens if there is no tty.
	[313d58a856a5]

	* sudo.c:
	cosmetic changes
	[894f5e3b0c3e]

	* term.c:
	Fix term_restore
	[6c6315ff14bc]

	* sudo.c:
	Fix "sudo -k" with no other args
	[59e94dc419c6]

2009-02-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* check.c, sudo.c, sudo.pod, sudo_usage.h.in:
	Allow the -k flag to be specified in conjunction with a command or
	another option that may require authentication.
	[5960ff20355d]

2009-02-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Remove unneeded AC_CANONICAL_TARGET; from Diego E. 'Flameeyes'
	[e86ab69c4a57]

	* Makefile.in:
	Parallel make fix. From Diego E. 'Flameeyes'
	[1289d7ee27db]

2009-02-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* def_data.c, def_data.h, def_data.in, sudo.c, sudoers.pod:
	Implement umask_override
	[8b87a3f7c5aa]

	* toke.c:
	regen
	[79d7ca9ac873]

	* sudoers.pod, toke.l, visudo.c:
	Implement %h escape in sudoers include filenames.
	[a7f288dd64f0]

	* audit.c:
	Need to include compat.h
	[c0dc07ce2f70]

	* Makefile.in, audit.c, bsm_audit.c, bsm_audit.h, logging.h, sudo.c:
	Make audit_success and audit_failure generic functions in
	preparation for integrating linux audit support.
	[7df020a8fd6f]

	* term.c:
	remove duplicate include
	[1dfcd01a7e46]

2009-02-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* bsm_audit.c:
	Add missing include
	[fb56e08c37ee]

	* sudo.c:
	May need to update the runas user after parsing command-based
	defaults.
	[246f130d7802]

2009-02-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* glob.c:
	Add missing pair of braces introduced with character class support.
	[0e2afa2e03e9]

2009-02-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* def_data.c, def_data.h, def_data.in, sudoers.pod, tgetpass.c:
	Rename pwstars to pwfeedback
	[a9f85a57ebac]

2009-02-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* bsm_audit.c, bsm_audit.h:
	Add const to make MacOS happy.
	[4274432d6627]

	* Makefile.in, auth/sudo_auth.c, bsm_audit.c, bsm_audit.h, configure,
	configure.in, sudo.c:
	Add bsm audit support from Christian S.J. Peron
	[bef61cd8693d]

	* term.c:
	This is new code, no DARPA notice.
	[ec6ad09b9c23]

2009-02-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* def_data.c, def_data.h, def_data.in, match.c, sudoers.pod:
	Rename simple_glob -> fast_glob
	[68d9ed803cc1]

	* match.c:
	g/c unused var
	[693fa0464eb6]

	* def_data.c, def_data.h, def_data.in, match.c, sudoers.pod:
	Add simple_glob option to use fnmatch() instead of glob(). This is
	useful when you need to specify patterns that reference network file
	systems.
	[77ba634f6949]

	* tgetpass.c:
	add term_* proto
	[520f5149d073]

	* sudoers.pod:
	mention glob()
	[ddaab8e03c52]

2009-02-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* tgetpass.c:
	Delete any pwstars we wrote after the user hits return. That way
	there is no record on screen as to the user's password length.
	[fae25cda762b]

2009-02-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* term.c:
	Move terminal setting bits from tgetpass.c to term.c
	[03d43325ee99]

	* Makefile.in, def_data.c, def_data.h, def_data.in, sudoers.pod,
	tgetpass.c:
	Add pwstars sudoers option that causes sudo to print a star every
	time the user presses a key.
	[7aab417e184d]

2009-02-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in:
	Fix up F<> brokenness for visudo.man.in and sudoers.ldap.man.in.
	[64f70e879816]

2009-01-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* ldap.c:
	For ldap_search_ext_s() the sizelimit param should be 0, not -1, to
	indicate no limit. From Mark Janssen.
	[e2c5732d54f5]

2009-01-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* toke.c, toke.l:
	Comments that begin with #- should not be parsed as uids.
	[a72a50f12f41]

2009-01-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.c:
	Do not try to set the close on exec flag if we didn't actually open
	sudoers.
	[ece3ca256904]

2008-12-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* ChangeLog:
	regen
	[e11f0e4c1bdd] [SUDO_1_7_0]

2008-12-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* TODO:
	sync
	[5b8954462bb3]

2008-12-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* auth/pam.c:
	Return PAM_AUTH_ERR instead of PAM_CONV_ERR if user enters ^C at the
	password prompt.
	[8563601cb3de]

	* configure, configure.in:
	Don't try to build sudo_noexec.so on HP-UX with the bundled compiler
	as it cannot generate shared objects.
	[6d4262ef9669]

	* emul/charclass.h, glob.c, lbuf.c, tgetpass.c:
	K&R compilation fixes
	[77921678d17c]

	* parse.c:
	Use tq_foreach_fwd when checking pseudo-commands to make it clear
	that we are not short-circuiting on last match. When pwcheck is
	'all', initialize nopass to TRUE and override it with the first non-
	TRUE entry.
	[96b209f4778f]

2008-12-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* parse.c:
	Do not short circuit pseudo commands when we get a match since,
	depending on the settings, we may need to examine all commands for
	tags.
	[fdbaf89d6f35]

2008-12-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudoers.cat, sudoers.man.in:
	regen
	[1ecce7c1b841]

	* sudoers.pod:
	hostnames may also contain wildcards
	[82b76695601c]

	* Makefile.in:
	remove stamp-* files and linux core files in clean target
	[22003f091467]

2008-12-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* auth/sudo_auth.h, config.h.in, configure, configure.in:
	Use HAVE_SIA_SES_INIT instead of HAVE_SIA for Digital UNIX
	[6905bede8410]

2008-11-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	correctly enable SIA on Digital UNIX
	[a51881d13995]

	* TODO:
	checkpoint
	[af0fe8d94d42]

	* ChangeLog:
	sync
	[831f623cf99c]

2008-11-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* check.c, sudo.h, tgetpass.c:
	Even if neither stdin nor stdout are ttys we may still have /dev/tty
	available to us.
	[20f306ba883b]

2008-11-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudoers.cat, sudoers.man.in:
	regen
	[76d97c4c318f]

	* sudoers.pod:
	fix typos; Markus Lude
	[bff8bc1e2066]

	* ChangeLog:
	sync
	[f108552531cd]

	* toke.c:
	regen
	[de828413c67e]

	* toke.l:
	Fix matching of a line that only consists of a comment char
	[09c953d8d5ca]

2008-11-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* auth/pam.c:
	MacOS pam will retry conversation function if it fails so just treat
	^C as an empty password.
	[d056058930bc]

	* visudo.c:
	When checking for alias use, also check defaults bindings.
	[2647f82c7dbd]

	* redblack.c:
	unused var
	[b7ff71c17c18]

	* redblack.c:
	Replace my rbdelete with Emin's version (which actually works ;-)
	[21b133dd0c72]

2008-11-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* testsudoers.c:
	malloc debugging
	[0fb446fa3279]

	* visudo.c:
	malloc options in devel mode for visudo too
	[98d06c6afeef]

2008-11-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.c:
	fix compilation on non-C99; from Theo
	[7c304e16c536]

	* visudo.c:
	fix check_aliases
	[83f30a3b1765]

	* alias.c:
	when destroying an alias, free the correct data pointer
	[6e1a8bd86c01]

	* auth/sudo_auth.h:
	add proto for aixauth_cleanup; from Dale King
	[eba94ffc8f63]

2008-11-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in, visudo.cat,
	visudo.man.in:
	regen
	[409fa57fff83]

	* sudo.pod, sudoers.pod, visudo.pod:
	standardize on the term 'option' for command line options (not flag)
	[228caefc2e36]

2008-11-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL:
	Add note on configuring HP-UX pam
	[f7674a581baf]

2008-11-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* check.c, sudo.c:
	Move tty checks into check_user() so we only do them if we actually
	need a password.
	[7d997d7106d6]

	* sudo.c:
	Don't error out if no tty or askpass unless we actually need to
	authenticate.
	[9f23b83ed66c]

2008-11-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* ChangeLog:
	regen
	[23f9aef32da6]

	* pathnames.h.in, sudo.c:
	s/overriden/overridden/; from Tobias Stoeckmann
	[9f7459a8fac5]

2008-11-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* WHATSNEW, visudo.c:
	check sudoers owner and mode in strict mode
	[a3468c5ac1c4]

	* gram.c, toke.c:
	regen
	[7d6b515a5443]

	* sudo.man.in, sudoers.man.in, visudo.man.in:
	Update copyright years.
	[52d340cb8cba]

	* LICENSE, alias.c, alloc.c, auth/afs.c, auth/aix_auth.c,
	auth/bsdauth.c, auth/fwtk.c, auth/kerb4.c, auth/kerb5.c, auth/pam.c,
	auth/securid.c, auth/securid5.c, auth/sia.c, auth/sudo_auth.h,
	closefrom.c, compat.h, defaults.c, defaults.h, env.c, fileops.c,
	gettime.c, gram.y, ins_csops.h, insults.h, interfaces.c,
	interfaces.h, lbuf.c, license.pod, list.c, logging.c, logging.h,
	parse.c, parse.h, pwutil.c, redblack.c, redblack.h, snprintf.c,
	sudo.c, sudo.pod, sudo_edit.c, sudo_nss.h, sudoers.pod,
	testsudoers.c, toke.l, tsgetgrpw.c, utimes.c, version.h, visudo.c,
	visudo.pod, zero_bytes.c:
	Update copyright years.
	[b4e6bf2beafa]

	* emul/charclass.h, fnmatch.c, glob.c:
	add my copyright
	[28681385014a]

2008-11-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* toke.c, toke.l:
	The loop in fill_cmnd() was going one byte too far past the end,
	resulting in a NUL being written immediately after the buffer end.
	[a5a49d603cd7]

	* UPGRADE, WHATSNEW:
	add sections on tgetpass changes
	[2e6929b6a102]

	* tgetpass.c:
	Treat EOF w/o newline as an error.
	[aa02b1db9240]

2008-11-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* parse.c:
	Fix "sudo -v" when NOPASSWD is set.
	[f4914711ea80]

	* auth/bsdauth.c, auth/fwtk.c, auth/pam.c, auth/sudo_auth.c,
	auth/sudo_auth.h:
	No longer treat an empty password at the prompt as special. To quit
	out of sudo you now need to hit ^C at the password prompt.
	[980f760ad419]

	* sudoers.cat, sudoers.man.in:
	regen
	[6ca21a2cd869]

	* def_data.c, def_data.h, def_data.in, sudo.c, sudoers.pod:
	Sudo will now refuse to run if no tty is present unless the new
	visiblepw sudoers flag is set.
	[0cc56943252e]

2008-11-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* aix.c:
	just use RLIM_INFINITY for RLIM_SAVED_MAX if RLIM_SAVED_MAX not
	defined
	[24fc6f712d5c]

	* aix.c:
	fix fallback value for RLIM_SAVED_MAX
	[e09e04e1af89]

	* auth/aix_auth.c, auth/sudo_auth.h:
	Move clearing of AUTHSTATE into aixauth_cleanup.
	[e14ae7bd259c]

	* auth/aix_auth.c, env.c:
	Unset AUTHSTATE after calling authenticate() as it may not be
	correct for the user we are running the command as.
	[d14f68f1b0ab]

	* isblank.c:
	Add isblank() function for systems without it. Needed for POSIX
	character class matching in fnmatch.c and glob.c.
	[16cba30b283f]

2008-11-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* TROUBLESHOOTING:
	expound on sudo and cd
	[8e0fa9033637]

2008-11-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* ChangeLog:
	regen
	[40cf320a10fc]

	* sudoers.cat, sudoers.man.in:
	regen
	[7cac761ae2c6]

	* sudoers.pod:
	mention defauts parse order
	[4e2ce86d1394]

2008-11-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in, aclocal.m4, compat.h, configure:
	Add isblank() function for systems without it. Needed for POSIX
	character class matching in fnmatch.c and glob.c.
	[a1ab55da8424]

	* Makefile.in:
	add emul/charclass.h to HDRS
	[7e8a019dcaa4]

2008-11-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* TODO:
	checkpoint
	[afeb9bc1baed]

	* defaults.c, parse.c, testsudoers.c, visudo.c:
	Move update_defaults into defaults.c and call it properly from
	visudo and testsudoers.
	[f4dbb369461f]

	* defaults.c, interfaces.c, pwutil.c, sudo.c, sudo_edit.c, tgetpass.c,
	tsgetgrpw.c:
	use zero_bytes() instead of memset() for consistency
	[4cee0465f4a8]

	* logging.c, mon_systrace.c, parse.c, sudo.c, sudo_edit.c, tgetpass.c,
	visudo.c:
	Zero out sigaction_t before use in case it has non-standard entries.
	[120092225459]

	* match.c:
	quiet gcc
	[098a1df49b23]

	* match.c:
	Short circuit glob() checks if basename(pattern) !=
	basename(command). Refactor code that checks for a command in a
	directory and use it in the glob case if the resolved pattern ends
	in a '/'.
	[3c46fd317acb]

2008-11-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* defaults.h, parse.c, sudo.c, testsudoers.c, visudo.c:
	Defer setting runas defaults until after runaspw/gr is setup.
	[12e75ee49c0c]

2008-10-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* match.c, sudo.c, testsudoers.c:
	Use MAXHOSTNAMELEN+1 when allocating host/domain name since some
	systems do not include space for the NUL in the size. Also manually
	NUL-terminate buffer from gethostname() since POSIX is wishy-washy
	on this.
	[7266ab3296a3]

2008-10-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.c, sudoers.pod:
	When setting the umask, use the union of the user's umask and the
	default value set in sudoers so that we never lower the user's umask
	when running a command.
	[4e804b004e38]

	* sudo.c:
	Don't try to read from a zero-length sudoers file. Remove the bogus
	Solaris work-around for EAGAIN. Since we now use fgetc() it should
	not be a problem.
	[bb8e5f68d944]

2008-10-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* parse.c:
	In update_defaults() check the return value of user*_matches against
	ALLOW so we don't inadvertantly match on UNSPEC.
	[4e422fa1527e]

2008-10-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.cat, sudo.man.in, sudoers.cat, sudoers.ldap.cat,
	sudoers.ldap.man.in, sudoers.man.in, visudo.cat, visudo.man.in:
	regen man pages; no more hyphenation
	[15de4fe2fe01]

	* sudo.c:
	Don't error out on a zero-length sudoers file. With the advent of
	#include the user could create a situation where sudo is unusable.
	[6eb461319fa5]

2008-10-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* auth/kerb5.c, config.h.in, configure, configure.in:
	Newer heimdal has 2-argument krb5_get_init_creds_opt_free() like MIT
	krb5. Really old heimdal has no krb5_get_init_creds_opt_alloc() at
	all. Add configure tests to handle all the cases.
	[4b554a98470d]

2008-10-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pod:
	resort ENVIRONMENT
	[f4f20f40653e]

	* sudoers.pod:
	document sudoers_locale
	[0bffd2dbe806]

	* sudo.pod, sudo_edit.c:
	add SUDO_EDITOR variable that sudoedit uses in preference to VISUAL
	or EDITOR
	[0ef8cb248cee]

	* toke.c, toke.l:
	In fill_cmnd(), collapse any escaped sudo-specific characters.
	Allows character classes to be used in pathnames.
	[5685244c8e44]

2008-10-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lbuf.c:
	fix typo in non-C89 function declaration
	[99a7113b3a05]

	* sudoers.pod:
	Mention POSIX characters classes now that out fnmatch() and glob()
	support them.
	[9c916f1230c3]

	* sample.sudoers, sudoers.pod:
	Replace [A-z] (which won't match in UTF8) with [A-Za-z] which is
	locale agnostic.
	[a60a62bec244]

	* parse.h:
	use __signed char if we are going to assign a negative value since
	on Power, char is unsigned by default
	[2877b319df17]

	* config.h.in, configure, configure.in:
	Add tests for __signed char and signed char.
	[5eb874fdf1d4]

	* aix.c:
	Fix AIX limit setting. getuserattr() returns values in disk blocks
	rather than bytes. The default hard stack size in newer AIX is
	RLIM_SAVED_MAX. From Dale King.
	[3db67415ecc3]

2008-09-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* emul/charclass.h, fnmatch.c, glob.c:
	Add character class support to included glob(3) and fnmatch(3).
	[6b5b4ad77899]

2008-09-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* emul/fnmatch.h:
	Remove UCB advertising clause and some compatibility defines.
	[2ade7bee74e1]

2008-09-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo_edit.c:
	Check EDITOR/VISUAL to make sure sudoedit is not re-invoking itself
	or sudo. This allows one to set EDITOR to sudoedit without getting
	into an infinite loop of sudoedit running itself until the path gets
	too big.
	[aa49ab68f82d]

	* def_data.c, def_data.h, def_data.in, defaults.c, sudo.c:
	Add sudoers_locale Defaults option to override the default sudoers
	locale of "C".
	[0639886a35bf]

2008-09-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.c:
	Set locale to system default except for during sudoers parse.
	[016dd2736728]

2008-09-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* match.c:
	Redo change in 1.34 to use pointer arithmetic.
	[f9e7b63bb450]

2008-09-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* match.c:
	Fix a dereference (read) of a freed pointer. Reported by Patrick
	Williams.
	[69877b633753]

2008-08-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.c:
	Set locale to "C" to avoid interpretation issues with character
	ranges in sudoers. May want to make the locale a sudoers option in
	the future.
	[098a95de1746]

2008-08-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in:
	we no longer use setproctitle
	[c7f20fb747ea]

	* sudo.h:
	remove #if 1
	[a368ee6816c6]

	* LICENSE, mkstemp.c:
	Use my replacement mkstemp() from the mktemp package.
	[d07c2beb0f9e]

2008-07-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* gram.c:
	regen with yacc skeleton bug fixed
	[24784571cbb8]

	* sudoers.pod:
	Remove duplicate "as root". From Martin Toft.
	[97241acfee5e]

2008-07-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* pwutil.c, sudo.c, sudo.h, testsudoers.c:
	Flesh out the fake passwd entry used for running commands as a uid
	not listed in the passwd database. Fixes an issue with some PAM
	modules.
	[a6648227f3f2]

2008-07-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.c:
	Error out in -i mode if the user has no shell. This can happen when
	running commands as a uid with no password entry.
	[0c174bef36ff]

2008-06-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* toke.c, toke.l:
	Better fix for line continuation inside double quotes. Now accepts
	whitespace between the backslash and the newline like the main
	lexer.
	[64efcdf86d31]

2008-06-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* toke.c, toke.l:
	Fix line continuation in strings. It was only being honored if
	preceded by whitespace.
	[96c21271a3e4]

2008-06-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.in, logging.c:
	Replace the double fork with a fork + daemonize.
	[328505441e67]

2008-06-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* env.c, sudo.c:
	The -i flag should imply env_reset. This got broken in sudo 1.6.9.
	[3caedfeaec87]

	* logging.c, sudo.c, sudo_edit.c, visudo.c:
	Change how the mailer is waited for. Instead of having a SIGCHLD
	handler, use the double fork trick to orphan the child that opens
	the pipe to sendmail. Fixes a problem running su on some Linux
	distros.
	[b59ce60a393d]

2008-06-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Fix configure test for dirfd() on Linux where DIR is opaque.
	[b8f729cdfecc]

2008-06-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* tgetpass.c:
	Get rid of the QNX TCSAFLUSH -> TCSADRAIN hack. If QNX still has
	this problem we'll need to revisit this again.
	[c17fee8ad530]

2008-06-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* logging.c:
	Ignore SIGPIPE instead of blocking it when piping to the mailer. If
	we only block the signal it may be delivered later when we unblock.
	Also, there is no need to block SIGCHLD since we no longer do the
	double fork. The normal SIGCHLD handler is sufficient.
	[e94a49e992e5]

2008-06-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Add description for NO_PAM_SESSION, from a redhat patch.
	[b9e4c939ec09]

2008-06-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.cat, sudo.man.in, sudo.pod:
	Fix typos in -i usage
	[2d7ce5de0235]

2008-05-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Redo the test for dgettext() in a way that hopefully will work
	around the libintl_dgettext() undefined problem.
	[d27beb0cf85e]

2008-05-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* schema.ActiveDirectory:
	change filename in comment
	[733da4ee9ac5]

2008-05-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in, README.LDAP, sudoers.ldap.cat, sudoers.ldap.man.in,
	sudoers.ldap.pod:
	Reference schema.ActiveDirectory
	[d6aec537800e]

2008-05-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* schema.OpenLDAP, schema.iPlanet:
	Mark sudoRunAs as deprecated.
	[00c50df807af]

	* schema.ActiveDirectory:
	add sudoRunAsUser and sudoRunAsGroup
	[19bcce6f72fb]

	* schema.ActiveDirectory:
	Active Directory schema by Chantal Paradis and Eric Paquet
	[06a09c92c6a5]

2008-05-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* parse.c:
	remove an XXX that was fixed
	[b88038062fa2]

	* ChangeLog:
	sync
	[8fc27c17270e]

	* parse.c:
	Initialize tags to UNSPEC instead of def_* in "sudo -l" mode. This
	fixes a problem where the tag value printed was influenced by
	defaults set in the first pass through the parser.
	[588ccd630367]

2008-05-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in, sudo.psf:
	No point in packaging the TODO file
	[9590248fffe1]

	* ChangeLog:
	sync
	[152acf4c6813]

2008-05-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* WHATSNEW, def_data.c, def_data.h, def_data.in, env.c, sudo.c,
	sudo.h, sudoers.cat, sudoers.man.in, sudoers.pod:
	Add env_file Defaults option that is similar to /etc/environment on
	some systems.
	[1daf53d51e18]

2008-05-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in, README, TODO, WHATSNEW, sudo.cat, sudo.man.in,
	sudoers.cat, sudoers.ldap.cat, sudoers.ldap.man.in, sudoers.man.in,
	version.h, visudo.cat, visudo.man.in:
	change version to 1.7.0
	[d41d126b9bd8]

	* UPGRADE:
	initial valgrind pass done
	[c59c3876d8ca]

2008-04-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* ldap.c:
	Fix typo/think in sudo_ldap_read_secret() when storing the secret.
	[830d246c09b0]

2008-04-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* ldap.c:
	define LDAPS_PORT if the system headers do not
	[247b12325701]

2008-04-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* gram.c, gram.y:
	Fix another memory leak in init_parser().
	[7bba47deba11]

	* configure, configure.in:
	There was a missing space before the ldap libs in SUDO_LIBS for some
	configurations.
	[7524cfc93759]

	* alias.c, gram.c, gram.y, toke.c, toke.l:
	Clean up some memory leaks pointed out by valgrind.
	[a965866ece1a]

2008-04-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.c:
	fix "sudo -s" broken by mode/flags breakout
	[acffe984d408]

	* configure, configure.in:
	remove duplicate check for dgettext
	[58145529133c]

2008-04-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* aix.c:
	Fall back to default stanza if no user-specific limit is found.
	[7b8cb29123ee]

2008-04-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* snprintf.c:
	include stdint.h if present
	[f0ec38529306]

	* snprintf.c:
	Use LLONG_MAX, not the old QUAD_MAX
	[01041ce508fb]

2008-04-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudoers.ldap.pod:
	fix cut and pasto
	[34240fdef5ab]

2008-03-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* pwutil.c:
	Add #ifdef PURITY
	[ce1b571ad526]

2008-03-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* auth/bsdauth.c:
	remove useless cast
	[494f8a862e1d]

2008-03-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* ChangeLog:
	sync
	[f5c97ffaabcc]

	* TODO:
	sync
	[96ff1c44c182]

	* sudo.h:
	Split MODE_* defines into primary and flags.
	[c02ee3027cb9]

2008-03-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* aix.c:
	It turns out the logic for getting AIX limits is more convoluted
	than I realized and differs depending on whether the soft and/or
	hard limits are defined.
	[cf8d3f85d395]

2008-03-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in, configure, configure.in:
	Back out AIX-specific change to set the sudo_noexec path to the .a
	file, we do really want to use the .so file. Since libtool doesn't
	do that correctly, just install the .so file ourselves in the
	Makefile.
	[05c6f33177d9]

	* install-sh:
	If the file given to install is a path, only use the basename of the
	file when building the destination path.
	[695ba4e429ce]

2008-03-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.c:
	parse_args() cleanup: Sort command line options in the getopt()
	switch The -U option requires a parameter Normalize a few ISSET
	calls Split mode into mode and flags and retire the now-obsolete
	excl variable
	[0d156835f861]

	* WHATSNEW, check.c, sudo.c, sudo.cat, sudo.h, sudo.man.in, sudo.pod,
	sudo_usage.h.in:
	Add -n (non-interactive) flag.
	[e3e50400d32d]

	* sudo.c:
	Move version printing, etc. into a separate function.
	[18c91b476e2c]

	* sudo.c:
	Don't try to cleanup nsswitch if it has not been initialized.
	[aeb1ca1b399d]

2008-03-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* logging.c:
	Block SIGPIPE in send_mail() so sudo is not killed by a problem
	executing the mailer.
	[f130e7924cca]

2008-03-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	AIX shared libs end in .a, not .so.
	[a5deb07020d8]

2008-03-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* env.c:
	Preserve HOME by default too. Matches documentation and previous
	behavior.
	[c16f17f1047c]

2008-03-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.c:
	Use getopt() to parse the command line. We need to be able to
	intersperse env variables and options yet still honor "--"" which
	complicates things slightly.
	[60f271ce5c16]

2008-03-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* ChangeLog:
	sync
	[685e67964eda]

	* acsite.m4, configure, ltmain.sh:
	update to libtool-1.5.26
	[4c9a8c3d3b40]

	* config.guess, config.sub:
	update from libtool-1.5.26 distribution
	[c6641aef2527]

	* aix.c, sudo.h:
	attempt to fix compilation errors on AIX
	[edb13e5b2184]

	* Makefile.in:
	fix typo in last commit
	[25ba7f7ceae4]

	* Makefile.in:
	Add WHATSNEW file to the distribution
	[213f4115de8f]

	* visudo.c:
	use warningx instead of fprintf(stderr, ...)
	[a3494b8ccb19]

	* list.c:
	add DEBUG to list2tq
	[115d24a3000c]

	* ChangeLog, TODO:
	sync
	[60e6f4d1fac0]

	* WHATSNEW:
	mention mailfrom
	[e2498f9e18d6]

	* Makefile.in, aix.c, config.h.in, configure, configure.in,
	set_perms.c, sudo.h:
	Add aix_setlimits() to set resource limits on AIX using a
	combination of getuserattr() and setrlimit(). Currently untested.
	[9b1441fd89ca]

2008-03-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* def_data.c, def_data.h, def_data.in, logging.c, sudoers.cat,
	sudoers.man.in, sudoers.pod:
	Add mailfrom Defaults option that sets the value of the From: field
	in the warning/error mail. If unset the login name of the invoking
	user is used.
	[029b9f05d3d9]

	* defaults.c:
	store a copy of _PATH_SUDO_ASKPASS in def_askpass that is freeable
	[a90e407d5e00]

	* gram.c, gram.y:
	When adding a default, only call list2tq() once to do the list to tq
	conversion. It is not legal to call list2tq multiple times on the
	same list since list2tq consumes and modifies the list argument.
	[fbc25d245c4a]

	* sudoers.ldap.cat, sudoers.ldap.man.in, sudoers.ldap.pod:
	comment out XXXs for now
	[595a1d43309d]

	* WHATSNEW:
	mention askpass
	[b993e0837c22]

2008-03-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.c:
	Error out if both -A and -S are specified Error out if -A is
	specified but no askpass is configured
	[24f1df2638f6]

	* configure, configure.in:
	we are not going to ship a sudo-specific askpass
	[61949e7a3943]

2008-03-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.h:
	fix definition of TGP_ASKPASS
	[0447c57ba4c3]

	* def_data.c, def_data.in:
	make askpass boolean-capable
	[e0885893a325]

	* INSTALL:
	document --with-askpass
	[c76e15ba97cf]

	* sudo.cat, sudo.man.in, sudoers.cat, sudoers.ldap.cat,
	sudoers.man.in, visudo.cat:
	regen
	[8d16242980b7]

2008-03-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pod, sudo_usage.h.in, sudoers.pod:
	document -A and askpass
	[02c07505a78c]

	* auth/sudo_auth.c, check.c, configure, configure.in, def_data.c,
	def_data.h, def_data.in, defaults.c, pathnames.h.in, sudo.c, sudo.h,
	sudo_usage.h.in, tgetpass.c:
	Add support for running a helper program to read the password when
	no tty is present (or when specified with the -A flag). TODO: docs.
	[05780f5f71fd]

	* def_data.c, def_data.in:
	add missing printf format to SELinux role and type strings
	[2b32774715e7]

2008-02-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL, configure, configure.in:
	Disable use of gss_krb5_ccache_name() by default and add
	--enable-gss-krb5-ccache-name configure option to enable it. It seems
	that gss_krb5_ccache_name() doesn't work properly with some
	combinations of Heimdal and OpenLDAP.
	[f61ebd3b19bd]

2008-02-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* selinux.c:
	Ignore setexeccon() failing in permissive mode. Also add a call to
	setkeycreatecon() (though this is probably insufficient). From Dan
	Walsh.
	[52564fc1c069]

	* auth/pam.c:
	Only set std_prompt for the PAM_PROMPT_* cases. The conversation
	function may be called for non-password reading purposes so we must
	be careful not to use def_prompt in cases where it may not be set.
	[29d88ca575ba]

2008-02-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* selinux.c:
	Don't free the new tty context, we need to keep it around when we
	restore the tty context after the command completes
	[5b4bd39b6ea8]

2008-02-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* selinux.c:
	s/newrole/sudo/
	[21b8a96ff8df]

	* sudo.man.pl, sudo.pod:
	Only put login_cap(3) in SEE ALSO section if we have login.conf
	support
	[05250ddff2c0]

2008-02-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.cat, sudo.man.in, sudoers.cat, sudoers.ldap.cat,
	sudoers.ldap.man.in, sudoers.man.in, visudo.cat, visudo.man.in:
	regen
	[301e5c5ccdbe]

	* sudoers.pod:
	Substitute in comment characters for lines partaining to login.conf,
	BSD auth and SELinux and only enable them if pertinent.
	[c1c98fa163ce]

	* sudoers.man.pl:
	Substitute in comment characters for lines partaining to login.conf,
	BSD auth and SELinux and only enable them if pertinent.
	[6c88f30b878a]

	* sudo.pod:
	Substitute in comment characters for lines partaining to login.conf,
	BSD auth and SELinux and only enable them if pertinent.
	[acdbdfd24e1d]

	* sudo.man.pl:
	Substitute in comment characters for lines partaining to login.conf,
	BSD auth and SELinux and only enable them if pertinent.
	[0c56d4750ac3]

	* Makefile.in, configure, configure.in:
	Substitute in comment characters for lines partaining to login.conf,
	BSD auth and SELinux and only enable them if pertinent.
	[9a02bd6a6658]

	* Makefile.in, sudo.pod, sudoers.ldap.pod, sudoers.pod, visudo.pod:
	Remove the =cut on the first line (above the copyright notice) to
	quiet pod2man. Also remove the hackery in the FILES section and just
	deal with the fact that there will a newline between each pathname.
	[2ac1ab191835]

2008-02-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in:
	run sudo.man.pl when generating sudo.man.in
	[859727369168]

	* configure, configure.in, sudo.man.pl:
	comment out SELinux manual bits unless --with-selinux was specified
	[97ff4212b649]

	* sudoers.pod:
	document role and type defaults for SELinux
	[870f303366b3]

	* sudo.c, sudo.cat, sudo.man.in, sudo.pod, sudo_usage.h.in:
	Document "sudo -ll" and make "sudo -l -l" be equivalent.
	[3ce6dc429ea3]

2008-02-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Treat k*bsd*-gnu like Linux, not BSD. Fixes compilation problems on
	Debian GNU/kFreeBSD.
	[c4efa567a328]

2008-02-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* auth/kerb5.c:
	Avoid Heimdal'isms introduced in the rev 1.32 rewrite of
	verify_krb_v5_tgt()
	[f80538e5a6fa]

	* logging.c, logging.h, sudo.c:
	Remove dependence on VALIDATE_NOT_OK in logging functions. Split
	log_auth() into log_allowed() and log_denial() Replace mail_auth()
	with should_mail() and a call to send_mail()
	[58aac9997557]

2008-02-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* ldap.c:
	Add debugging so we can tell if the krb5 ccache is accessible
	[c679322527bb]

	* INSTALL:
	mention --with-selinux
	[9efbe0b52194]

2008-02-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure:
	regen
	[467a834f867c]

	* selinux.c:
	add Sudo tag
	[d004ee669bed]

	* sudo.c, sudo.cat, sudo.h, sudo.man.in, sudo.pod, sudo_usage.h.in,
	sudoers.ldap.cat, sudoers.ldap.man.in, sudoers.ldap.pod,
	testsudoers.c, toke.c, toke.l:
	Add support for SELinux RBAC. Sudoers entries may specify a role and
	type. There are also role and type defaults that may be used. To
	make sure a transition occurs, when using RBAC commands are executed
	via the new sesh binary. Based on initial changes from Dan Walsh.
	[1d4abfe2c004]

	* sesh.c:
	Add support for SELinux RBAC. Sudoers entries may specify a role and
	type. There are also role and type defaults that may be used. To
	make sure a transition occurs, when using RBAC commands are executed
	via the new sesh binary. Based on initial changes from Dan Walsh.
	[1e3b395ce049]

	* Makefile.in, config.h.in, configure.in, def_data.c, def_data.h,
	def_data.in, gram.c, gram.h, gram.y, ldap.c, parse.c, parse.h,
	pathnames.h.in, selinux.c:
	Add support for SELinux RBAC. Sudoers entries may specify a role and
	type. There are also role and type defaults that may be used. To
	make sure a transition occurs, when using RBAC commands are executed
	via the new sesh binary. Based on initial changes from Dan Walsh.
	[6b421948286e]

2008-02-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lbuf.c, ldap.c, parse.c, sudo.c, sudo.h, sudo_nss.c:
	Add long list (sudo -ll) support for printing verbose LDAP and
	sudoers file entries. Still need to update manual.
	[2875be37935c]

2008-02-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* ldap.c, parse.c, sudo.h, sudo_nss.c, sudo_nss.h:
	Unify the -l output for file and ldap based sudoers and use lbufs
	for both. The ldap output does not currently include options that
	cannot be represented as tags. This will be remedied in a long list
	output mode to come.
	[b2e429456596]

2008-01-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* set_perms.c:
	Use a specific error message for errno == EAGAIN when setuid() et al
	fails. On Linux systems setuid() will fail with errno set to EAGAIN
	if changing to the new uid would result in a resource limit
	violation.
	[08d0aecd9f03]

	* sudo.c:
	Unlimit nproc on Linux systems where calling the setuid() family of
	syscalls causes the nroc resource limit to be checked. The limits
	will be reset by pam_limits.so when PAM is used. In the non-PAM case
	the nproc limit will remain unlimited but there doesn't seem to be a
	way around that other than having sudo parse
	/etc/security/limits.conf directly.
	[df024b415a8d]

	* env.c, sudo.c, sudo.pod:
	Only read /etc/environment on Linux and AIX
	[90669e2aefdb]

2008-01-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Use SUDO_DEFINE_UNQUOTED instead of AC_DEFINE_UNQUOTED to prevent
	ldap.conf and ldap.secret paths from going into config.h. Avoid
	single quotes in variable expansion when using SUDO_DEFINE_UNQUOTED
	since in some versions of bash they will end up literally in the
	resulting define.
	[25390f3ef10a]

2008-01-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* README.LDAP:
	mention --with-nsswitch=no
	[c509df927263]

	* configure, configure.in:
	ldap_ssl.h depends on ldap.h being included first
	[d96d90e9b21f]

	* config.h.in, configure, configure.in, ldap.c:
	Include ldap_ssl.h if we can find it. Needed for the
	ldapssl_set_strength defines on HP-UX at least.
	[9e530470948a]

	* sudoers.ldap.pod:
	sync
	[b9d101f4673a]

	* TODO:
	sync
	[2ce951b2ecd0]

	* sudo.cat, sudo.man.in, sudoers.cat, sudoers.ldap.cat,
	sudoers.ldap.man.in, sudoers.man.in, visudo.cat, visudo.man.in:
	regen
	[b61d793987e0]

	* Makefile.in:
	Use 78n line length when formatting cat pages.
	[761bee9d5759]

	* README.LDAP:
	Remove redundant info that is now in sudoers.ldap.pod
	[01828dcce59e]

2008-01-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudoers.ldap.cat, sudoers.ldap.man.in, sudoers.ldap.pod:
	Reorganize the first section a bit. Substitute the proper path for
	/etc/sudoers.
	[11ae165e065d]

	* sudoers.ldap.cat, sudoers.ldap.man.in, sudoers.ldap.pod:
	Substitute values for ldap.conf, ldap.secret and nsswitch.conf Move
	schema into EXAMPLES
	[ab6509d1dde7]

	* configure, configure.in:
	Substitute values for ldap.conf, ldap.secret and nsswitch.conf into
	sudoers.ldap.man.
	[6e689972f465]

	* configure, configure.in:
	substitute for sudoers.ldap.man
	[5a4a25766dee]

	* Makefile.in:
	Fix cut & pasto introduced when adding sudoers.ldap man page.
	[a7b069af8894]

	* sudoers.ldap.cat, sudoers.ldap.man.in, sudoers.ldap.pod:
	Fill in some of the missing pieces. Still needs some reorganization
	and editing.
	[5e7331722166]

2008-01-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in, sudoers.ldap.cat, sudoers.ldap.man.in,
	sudoers.ldap.pod:
	Beginnings of a sudoers.ldap man page. Currently, much of the
	information is adapted from README.LDAP.
	[aad28c8a922d]

2008-01-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* pwutil.c:
	When copying gr_mem we must guarantee that the storage space for
	gr_mem is properly aligned. The simplest way to do this is to simply
	store gr_mem directly after struct group. This is not a problem for
	gr_passwd or gr_name as they are simple strings.
	[af58fc76f1ed]

	* ldap.c:
	Fix a typo/thinko in one of the calls to
	sudo_ldap_check_user_netgroup(). From Marco van Wieringen.
	[70b2eb8097f5]

2008-01-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.in, ldap.c:
	include <mps/ldap_ssl.h> in ldap.c if available
	[34346206ef16]

2008-01-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* gram.c, gram.y:
	Make sure we define SIZE_MAX for yacc's skeleton.c
	[d8a45c7a3c42]

	* tgetpass.c:
	Use TCSAFLUSH when restoring terminal settings (and echo) to
	guarantee that any pending output is discarded
	[549a184479e5]

2008-01-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudoers:
	no longer need to specify SETENV when user has sudo ALL
	[3051b41f8032]

	* testsudoers.c:
	sync user_args size calculation with sudo.c Add -g group option,
	renaming old -g to -G Add set_runasgr() and set_runaspw() and use
	them
	[0850325180f0]

	* sudo.c, sudo.h:
	Make set_runaspw static void
	[5d44d7a340ce]

	* testsudoers.c, visudo.c:
	g/c set_runaspw stub
	[79ebb5e2cc38]

	* configure, configure.in:
	Don't add -llber twice.
	[4356d302eef4]

2008-01-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* ldap.c:
	fix typo
	[249cecc557e9]

2008-01-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* gram.c:
	regen
	[2f94ea375b67]

	* configure, configure.in:
	Fix check that determines whether -llber is required.
	[6afa99523379]

	* README.LDAP, config.h.in, configure, configure.in, ldap.c:
	For netscape-based LDAP, use ldapssl_set_strength() to implement the
	checkpeer ldap.conf option.
	[16ae24d73795]

	* auth/kerb5.c:
	Delay krb5_cc_initialize() until we actually need to use the cred
	cache, which is what krb5_verify_user() does. Better cleanup on
	failure.
	[d12e5f1695b8]

2008-01-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* auth/kerb5.c:
	Rewrite verify_krb_v5_tgt() based on what heimdal's
	krb5_verify_user() does.
	[05b5815f86c9]

2008-01-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* gram.c:
	The U suffix on constants is an ANSI feature
	[c6dfce3167f1]

	* configure, configure.in:
	Add check for ber_set_option() in -llber
	[43d0c0566074]

2008-01-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* README.LDAP:
	default if no nsswitch.conf is files only
	[c13001d9c998]

2008-01-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* README.LDAP:
	don't tell people to mail aaron about LDAP stuff
	[8165ec1ef0c6]

	* README.LDAP:
	timelimit and bind_timelimit
	[44f74cbed167]

	* ChangeLog:
	sync
	[aba1a0ab02bd]

	* ldap.c:
	Move ldap.secret reading into a separate function.
	[1948acc9f7a4]

	* check.c:
	user_runas -> runas_pw
	[334490fc2bae]

2008-01-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* TODO:
	sync
	[c7b165cc47c6]

	* check.c, sudo.pod, sudoers.pod:
	Add and document the %p escape in the password prompt. Based on a
	patch from Patrick Schoenfeld.
	[3972d4f31ffa]

	* ldap.c:
	Check strlcpy() return values.
	[9b42f3ae8ff1]

	* ldap.c:
	refactor ldap binding code into sudo_ldap_bind_s()
	[cb0c66a4d955]

	* README.LDAP:
	Make it clear that host and uri can take multiple parameters. URI is
	now supported for more than just openldap nsswitch.conf does't
	accept "compat"
	[f610dea656d6]

	* sudo.c:
	comment cleanup and update (c) year
	[6cd69c810ca5]

	* parse.c, sudo_nss.c:
	Move display_privs() and display_cmnd() from parse.c to sudo_nss.c.
	This should make it possible to build an LDAP-only sudo binary.
	[61c3f27066a0]

	* ldap.c, parse.c, sudo.c, sudo.h, sudo_nss.h:
	Improve chaining of multiple sudoers sources by passing in the
	previous return value to the next in the chain
	[2c0b722b1b2d]

	* gram.y:
	Free up parser data structures in sudo_file_close().
	[2251531d4519]

	* gram.c, parse.c:
	Free up parser data structures in sudo_file_close().
	[8371f130f401]

	* ldap.c:
	Parse uri ourself if no ldap_initialize() is present Use
	ldap_create() instead of deprecated ldap_init() Use
	ldap_sasl_bind_s() instead of deprecated ldap_simple_bind_s()
	[85d3825b1953]

	* config.h.in, configure, configure.in:
	Add check for ldap_sasl_bind_s() Remove -DLDAP_DEPRECATED from
	CFLAGS
	[240524512bc5]

2008-01-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.in:
	add check for ldap_create
	[3089badd73b8]

2008-01-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.in, ldap.c:
	Add sudo_ldap_get_first_rdn() to return the first rdn of an entry's
	dn using the mechanism appropriate for the LDAP SDK in use. Use
	ldap_unbind_ext_s() instead of deprecated ldap_unbind_s(). Emulate
	ldap_unbind_ext_s() and ldap_search_ext_s() for SDK's without them.
	[6deeca3d00cc]

	* lbuf.c:
	include unistd.h
	[8419ed0bae7f]

	* config.h.in, configure.in:
	fix typo in mtim_getnsec
	[2d5f21230a60]

2008-01-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.in:
	add check for st__tim in struct stat as used by SCO
	[587060ea2a89]

	* ldap.c:
	use ldap_search_ext_s instead of deprecated ldap_search_s
	[5fc44fe3b44c]

	* Makefile.in, TODO, sudo.cat, sudo.man.in:
	add sudo_nss.h to HDRS
	[86f01a70ff29]

	* ldap.c:
	Replace deprecated ldap_explode_dn() with calls to ldap_str2dn() and
	ldap_rdn2str().
	[aa217002cfae]

2008-01-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* ldap.c:
	Use ldap_get_values_len()/ldap_value_free_len() instead of the
	deprecated ldap_get_values()/ldap_value_free().
	[e22dceb85e57]

	* ChangeLog:
	sync
	[adad27b36107]

	* TODO:
	sync
	[c449eb47e0ef]

	* gettime.c, sudo.c:
	Remove some already fixed XXXs
	[532788d0e6da]

	* ldap.c:
	Same return value as non-existent sudoers if LDAP was unable to
	connect.
	[5819810e8e4e]

	* sudo.pod:
	mention /etc/environment
	[ea8e6102f853]

	* README.LDAP, UPGRADE, WHATSNEW:
	Update to reflect recent developments.
	[ed1fb026fe77]

	* sudo.c:
	Print nsswitch.conf, ldap.conf and ldap.secret paths in -V output.
	[55b68a58260d]

	* ldap.c:
	When building up a query don't list groups in the aux group vector
	that are the same as the passwd file group. On most systems the
	first gid in the group vector is the same as the passwd entry gid.
	[4bb51e297e0d]

	* env.c, ldap.c:
	Define LDAPNOINIT before calling ldap_init(), etc. to disable user
	ldaprc and system defaults that could affect how LDAP works.
	[ce5036440db2]

	* INSTALL, configure, configure.in, pathnames.h.in, sudo.c,
	sudo_nss.c, sudo_nss.h:
	Rename read_nss -> sudo_read_nss Add --with-nsswitch to allow users
	to specify nsswitch.conf path or disable it. If --with-nsswitch=no
	but --with-ldap, order is LDAP, then sudoers. Fix --with-ldap-conf-
	file and --with-ldap-secret-file
	[ea5d7704381f]

	* parse.c:
	Honor def_ignore_local_sudoers
	[f38e1121fae1]

2007-12-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* ldap.c:
	no longer need to check def_ignore_local_sudoers here
	[fce2a72f96fb]

	* parse.c:
	Refactor group vector resetting into a function and also call it
	from display_cmnd. Stop after the first sucessful match in
	display_cmnd. Print a newline between each display_privs method.
	[981b37b5adff]

	* parse.c:
	fix double free introduced in rev 1.218
	[c574b02d8747]

	* ldap.c:
	belt and suspenders; zero out result after freeing it
	[7732988d4620]

	* env.c, fileops.c, ldap.c, sudo.h, sudo_nss.c:
	Refactor line reading into a separate function, sudo_parseln(),
	which removes comments, leading/trailing whitespace and newlines.
	May want to rethink the use of sudo_parseln() for /etc/ldap.secret
	[61d9068f0645]

	* parse.c, sudo.c:
	Make the inability to read the sudoers file a non-fatal error if
	there are other sudoers sources available. sudoers_file_lookup now
	returns "not OK" if sudoers was not present
	[643babf597a8]

	* ldap.c:
	make it clear that the global options are from LDAP
	[9ff950349463]

	* logging.c:
	allocate proper amount of space for error string
	[8bebb7d46d19]

	* sudo_nss.c, sudo_nss.h:
	actual sudo nss code
	[5bd7d52d7738]

	* ldap.c, parse.c, sudo.c, sudo.h:
	nss-ify display_privs and display_cmnd.
	[cccfdd3253f2]

	* defaults.c, parse.c, testsudoers.c, visudo.c:
	move update_defaults() to parse.c
	[ace144b958a9]

	* Makefile.in, ldap.c, list.c, parse.c, parse.h, sudo.c, sudo.h:
	Use nsswitch to hide some sudoers vs. ldap implementation details
	and reduce the number of #ifdef LDAP TODO: fix display routines and
	error handling
	[6225edde89a6]

2007-12-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in, README.LDAP, ldap.c, pathnames.h.in, sudo.c, sudo.h:
	First cut at nsswitch.conf support. Further reorganizaton and
	related changes are forthcoming.
	[717f59d0790b]

2007-12-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* env.c, pathnames.h.in, sudo.c, sudo.h:
	Add support for reading and /etc/environment file. Still needs to be
	documented and should probably only applies to OSes that have it
	(AIX and Linux, maybe others).
	[15d3edae27e4]

	* ldap.c:
	include limits.h
	[e19875ef0f82]

2007-12-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* WHATSNEW:
	reword LDAP SASL
	[7ec3c4ec31b5]

2007-12-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* TODO:
	sync
	[87c5a7aea7bf]

	* README.LDAP:
	Add an example sudoRole, clarify netscape vs. openldap a bit more
	[6f96c0ca8107]

	* README.LDAP:
	Be clear on what is OpenLDAP vs. Netscape-derived
	[a33c8314dec5]

	* config.h.in, configure, configure.in, ldap.c:
	Use ldapssl_init() for ldaps support instead of trying to do it
	manually with ldap_init() + ldapssl_install_routines(). Use tls_cert
	and tls_key for cert7.db and key3.db respectively. Don't print
	debugging info for options that are not set. Add warning if
	start_tls specified when not supported.
	[abb62dc7e4a3]

	* ldap.c:
	fix compilation on solaris
	[03d449684e80]

	* Makefile.in:
	add missing .h and .c files for missing lib objs
	[8b37825bdfc7]

2007-12-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* ldap.c:
	fix LDAP_OPT_NETWORK_TIMEOUT setting
	[226eba89c0ad]

	* ldap.c:
	fix compilation on Solaris
	[917d47639eb6]

2007-12-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	fix typo
	[009d5c81b225]

	* README.LDAP:
	try to clear up which variables are for OpenLDAP and which are for
	netscape-derived SDKs
	[f8d9823ee73c]

	* config.h.in, configure, configure.in, ldap.c:
	Add support for "ssl on" in both netscape and openldap flavors. Only
	the OpenLDAP flavor has been tested.
	[952745829ec5]

	* logging.c, sudo.c, sudo.h:
	Call cleanup() before exit in log_error() instead of calling
	sudo_ldap_close() directly. ldap_conn can now be static to sudo.c
	[da02d1b67a2c]

	* sudo.c:
	ld -> ldap_conn
	[01afa6d927cc]

2007-12-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* logging.c, sudo.c, sudo.h:
	Better ldap cleanup.
	[25b9abe2d617]

	* ldap.c:
	Distinguish between LDAP conf settings that are connection-specific
	(which take an ld pointer) and those that are default settings
	(which do not).
	[d48dc6c9c3b4]

2007-12-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* ldap.c:
	Improved warnings on error.
	[c8dce7b4feb4]

	* ldap.c:
	Make ldap config table driven and set the config *after* we open the
	connection.
	[d9698b5a2681]

2007-12-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* ldap.c:
	fix LDAP_OPT_X_CONNECT_TIMEOUT compat define
	[598c6df06660]

	* configure, configure.in:
	some operating systems need to link with -lkrb5support when using
	krb5
	[8896365dde9e]

2007-12-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* WHATSNEW:
	minor update
	[acfeeb7f4886]

	* sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in:
	regen
	[a3c6699674f9]

2007-12-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* ChangeLog, TODO:
	sync
	[138e99b925ee]

	* ldap.c, schema.OpenLDAP, schema.iPlanet, sudoers2ldif:
	add -g support for LDAP
	[8fc27dbe9287]

2007-12-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* WHATSNEW, sudo.c, sudo.pod, sudo_usage.h.in:
	The -i and -s flags can now take an optional command.
	[6afec104ee77]

2007-12-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* auth/pam.c, def_data.c, def_data.h, def_data.in, sudo.c, sudo.pod,
	sudoers.pod:
	Add passprompt_override flag to sudoers that will cause the prompt
	to be overridden in all cases. This flag is also set when the user
	specifies the -p flag.
	[e4c5402131a6]

	* sudo.c:
	Move setting of login class until after sudoers has been parsed. Set
	NewArgv[0] for -i after runas_pw has been set.
	[62a48c8c56fa]

	* configure, configure.in:
	Move the dgettext check.
	[5fd8a4712d1c]

2007-12-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* auth/pam.c, config.h.in, configure, configure.in:
	Add basic support for looking up the string "Password: " in the PAM
	localized text db. This allows us to determine whether the PAM
	prompt is the default "Password: " one even if it has been
	localized.

	TODO: concatenate non-std PAM prompts and user-specified sudo
	prompts.
	[81c25a415d41]

2007-11-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in, config.h.in, configure, configure.in, parse.c,
	set_perms.c, sudo.c, sudo.h:
	Use AC_FUNC_GETGROUPS instead of a home-grown attempt that was
	insufficient.
	[1cce6ec1a91e]

	* acsite.m4, configure, interfaces.c, memrchr.c:
	Fix typos; Martynas Venckus
	[be1233cca11a]

2007-11-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* set_perms.c:
	Don't assume runas_pw is set; it may not be in the -g case.
	[aa11bd2193ac]

2007-11-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* logging.c, set_perms.c:
	Set aux group vector for PERM_RUNAS and restore group vector for
	PERM_ROOT if we previously changed it. Stash the runas group vector
	so we don't have to call initgroups more than once. Also add no-op
	check to check_perms.
	[53837fc755f7]

2007-11-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* WHATSNEW, check.c, def_data.in, defaults.c, gram.c, gram.h, gram.y,
	ldap.c, logging.c, match.c, mon_systrace.c, parse.c, parse.h,
	pwutil.c, set_perms.c, sudo.c, sudo.cat, sudo.h, sudo.man.in,
	sudo.pod, sudo_usage.h.in, sudoers.cat, sudoers.man.in, sudoers.pod,
	testsudoers.c, visudo.c, visudo.cat, visudo.man.in:
	Add support for runas groups. This allows the user to run a command
	with a different effective group. If the -g option is specified
	without -u the command will be run as the current user (only the
	group will change). the -g and -u options may be used together.
	TODO: implement runas group for ldap improve runas group
	documentation add testsudoers support
	[9019309df6d0]

	* configure, configure.in:
	fix setting of mandir
	[2c60f269399f]

	* sudo.pod, sudoers.pod:
	document that ALL implies SETENV
	[bcc8e5b703b9]

	* ldap.c:
	s/setenv_ok/setenv_implied/g
	[f005df2c2eea]

	* ldap.c:
	hostname_matches() returns TRUE on match in sudo 1.7.
	[c3d4377b6e8b]

	* ldap.c:
	use strcmp, not strcasecmp when comparing ALL
	[e486024574a1]

	* ldap.c:
	Make sudo ALL imply setenv. Note that unlike with file-based sudoers
	this does affect all the commands in the sudoRole.
	[bc12f54321d1]

	* gram.c, gram.y, parse.c, parse.h:
	sudo "ALL" now implies the SETENV tag but, unlike an explicit tag,
	it is not passed on to other commands in the list.
	[026e2cb40680]

	* visudo.c:
	Add missing sudo_setpwent() and sudo_setgrent() calls. Also use
	sudo_getpwuid() instead of getpwuid().
	[86f30a8fbd49]

2007-11-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudoers:
	Expand on the dangers of not using visudo to edit sudoers.
	[e434e8057d02]

2007-11-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* parse.c:
	Don't quote *?[]! on output since the lexer does not strip off the
	backslash when reading those in.
	[561da4a13afa]

2007-11-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* glob.c:
	expand "u_foo" types to "unsigned foo" to avoid compatibility
	issues.
	[b0d7c64d78c3]

2007-11-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* logging.c:
	Refactor log line generation in to new_logline().
	[6a9b9730615d]

2007-10-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* TROUBLESHOOTING:
	fix typo
	[9e19d4f86e47]

2007-10-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.in, interfaces.c, interfaces.h,
	match.c:
	Add configure check for struct in6_addr instead of relying on
	AF_INET6 since some systems define AF_INET6 but do not include IPv6
	support.
	[e24082c416bd]

2007-10-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Fix block to add -lutil for FreeBSD and NetBSD when logincap is in
	use.
	[76a9df4a63be]

2007-10-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	POSIX states that struct timespec be declared in time.h so check
	there regardless of the value of TIME_WITH_SYS_TIME.
	[e42c55ec9daf]

2007-10-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* tgetpass.c:
	Instead of defining a macro to call the appropriate method for
	turning on/off echo, just define tc[gs]etattr() and the related
	defines that use the correct terminal ioctls if needed. Also go back
	to using TCSAFLUSH instead of TCSADRAIN on all but QNX.
	[5dfb2379d995]

2007-10-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in:
	g/c @ALLOCA@
	[e6946c2e3820]

	* configure:
	regen
	[9bac7159a138]

	* INSTALL, auth/pam.c, config.h.in, configure.in:
	Add --disable-pam-session configure option to disable calling
	pam_{open,close}_session. May work around bugs in some PAM
	implementations.
	[273d0fdb4a9d]

2007-10-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* tgetpass.c:
	quiet gcc warnings
	[325565c5a579]

	* tgetpass.c:
	Avoid printing the prompt if we are already backgrounded. E.g. if
	the user runs "sudo foo &" from the shell. In this case, the call to
	tcsetattr() will cause SIGTTOU to be delivered.
	[db2139a8d8b8]

2007-09-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* def_data.c, def_data.h, def_data.in:
	Reorder things such that the definition of env_reset come right
	before the env variable lists.
	[e0d8e22a581a]

	* parse.h:
	Shrink type and seqno in struct alias from int to u_short
	[9425263dd565]

	* alias.c, match.c, parse.c, parse.h:
	Add a sequence number in the aliases for loop detection. If we find
	an alias with the seqno already set to the current (global) value we
	know we've visited it before so ignore it.
	[301a0548ffff]

2007-09-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* TODO, auth/pam.c, sudo.c, sudo.h:
	PAM wants the full tty path so add user_ttypath which holds the full
	path to the tty or is NULL if no tty was present.
	[c7c1dd4b36c8]

	* auth/pam.c:
	Set PAM_RHOST to work around a bug in Solaris 7 and lower that
	results in a segv.
	[3a8865b3a357]

2007-09-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* gram.c:
	regen
	[5647be127950]

	* alias.c, defaults.c, gram.y, list.c, list.h, match.c, parse.c,
	parse.h, testsudoers.c, visudo.c:
	rename lh_ -> tq_
	[8f500c542c4a]

2007-09-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* alloc.c:
	remove some useless casts
	[409a448b23f5]

	* alloc.c:
	pull in inttypes.h for SIZE_MAX; we avoid stdint.h since inttypes.h
	predates the final C99 spec and the standard specifies that it shall
	include stdint.h anyway
	[ae478fdef61a]

2007-09-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in, alloca.c, configure.in:
	Since we ship with a pre-generated parser there is no need to ship a
	bogus alloca implementation.
	[3f611a7cc0e5]

	* configure:
	regen
	[771eccf5269c]

	* configure.in:
	remove initial setting of CHECKSIA, we require that it be unset if
	not used
	[a2e91adc5aa2]

	* Makefile.in:
	add list.c to SRCS
	[7db0e56cf5b9]

	* configure:
	regen
	[3716ec30172e]

	* configure.in:
	only do SIA checks on Digital Unix
	[6a96e1af2597]

2007-09-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudoers.cat, sudoers.man.in:
	regen
	[ac1dc29de72b]

	* ChangeLog, TODO:
	sync
	[781effce0a2d]

	* auth/kerb5.c:
	Remove call to krb5_cc_register() as it is not needed for modern
	kerb5.
	[351b8b764f16]

	* configure:
	regen
	[ac21dbcc9c2c]

	* aclocal.m4, configure.in:
	New method for setting the default authentication type and avoiding
	conflicts in auth types.
	[5fb15be11f78]

	* match.c, parse.c, testsudoers.c:
	Each entry in a cmndlist now has an associated runaslist so no need
	to keep track of the most recent non-NULL one.
	[582e015786b0]

2007-09-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* ldap.c:
	back out partial ldaps support mistakenly committed
	[357703e94b2d]

	* ldap.c:
	Add support for unix groups and netgroups in sudoRunas
	[2f04eb91c6d0]

2007-09-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo_edit.c:
	Fix sudoedit of a non-existent file. From Tilo Stritzky.
	[a5488a03bddd]

2007-09-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure:
	regen
	[541177376ee1]

	* INSTALL:
	update --passprompt escape info
	[6d57db4cd538]

	* configure.in:
	remove now-bogus comment and update copyright date
	[6a4af45fa331]

	* configure.in:
	Fix up use of with_passwd
	[7c79d8640f77]

	* acsite.m4, config.guess, config.sub, configure.in, ltmain.sh:
	Update to autoconf-2.61 andf libtool-1.5.24
	[045259b0b439]

	* Makefile.in:
	"cmp -s" not just cmp Add @datarootdir@ to quiet autoconf-2.61
	[f5b6a7afb817]

2007-09-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* gram.c:
	regen
	[b5b78e71d2cb]

	* gram.y:
	move tags and runaslist propagation to be earlier
	[94f7805f4489]

	* visudo.c:
	If -f flag given use the permissions of the original file as a
	template
	[9303d22bddb0]

	* gram.y:
	prevent a double free() when re-initing the parser
	[5b3907c4de5a]

2007-08-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure:
	regen
	[49a90b19a17d]

	* aclocal.m4, alias.c, alloc.c, auth/API, auth/afs.c, auth/bsdauth.c,
	auth/kerb4.c, auth/kerb5.c, auth/pam.c, auth/securid.c,
	auth/securid5.c, auth/sia.c, auth/sudo_auth.h, config.h.in,
	configure.in, env.c, ldap.c, list.c, list.h, memrchr.c, parse.c,
	parse.h, pwutil.c, redblack.c, redblack.h, snprintf.c, sudo.c,
	sudo.h, testsudoers.c, visudo.c, zero_bytes.c:
	Remove support for compilers that don't support void *
	[35e1d01ae197]

	* gram.c:
	regen
	[70ce412a458a]

	* Makefile.in, alias.c, defaults.c, gram.y, list.c, list.h, match.c,
	parse.c, parse.h, testsudoers.c, visudo.c:
	Move list manipulation macros to list.h and create C versions of the
	more complex ones in list.c. The names have been down-cased so they
	appear more like normal functions.
	[9cea0e281148]

	* Makefile.in:
	Fix cmp command when regenerating parser. Make gram.o the first
	dependency for all programs so gram.h will be generated before
	anything that needs it.
	[429ea065abf1]

	* gram.y, parse.h:
	Convert NEW_DEFAULT anf NEW_MEMBER into static functions.
	[2f3433833589]

	* match.c, parse.c, testsudoers.c:
	Use LH_FOREACH_REV when checking permission and short-circuit on the
	first non-UNSPEC hit we get for the command. This means that instead
	of cycling through the all the parsed sudoers entries we start at
	the end and work backwards and quit after the first positive or
	negative match.
	[881474532f3e]

	* gram.c:
	regen
	[9152a19d4188]

	* defaults.c, gram.y, parse.c, parse.h, testsudoers.c, visudo.c:
	Change list head macros to take a pointer, not a struct.
	[054f1dcce4cc]

	* gram.c:
	regen
	[be154aae6235]

	* gram.y:
	Propagate the runasspec from one command to the next in a cmndspec.
	[4957b1cb03a3]

2007-08-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* match.c:
	Replace has_meta() with a macro that calls strpbrk().
	[a2e58846a542]

	* regen
	[5a932a5c9451]

	* alias.c, defaults.c, gram.y, match.c, parse.c, parse.h,
	testsudoers.c, visudo.c:
	Use a list head struct when storing the semi-circular lists and
	convert to tail queues in the process. This will allow us to reverse
	foreach loops more easily and it makes it clearer which functions
	expect a list as opposed to a single member.

	Add macros for manipulating lists. Some of these should become
	functions.

	When freeing up a list, just pop off the last item in the queue
	instead of going from head to tail. This is simpler since we don't
	have to stash a pointer to the next member, we always just use the
	last one in the queue until the queue is empty.

	Rename match functions that take a list to have list in the name.
	Break cmnd_matches() into cmnd_matches() and cmndlist_matches.
	[7c37b271607a]

	* parse.c:
	Fix pasto, append "!" not negated (which is an int) for sudo -l
	output.
	[93a444c3997f]

	* Makefile.in:
	Remove the dependency of gram .h on gram.y, the .c dependency is
	enough. Only move y.tab.h to gram.h if it is different; avoids
	needless rebuilding.
	[67bf4ea2a2e5]

2007-08-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudoers.pod:
	Defaults lines may be associated with lists of users, hosts,
	commands and runas users, not just single entries.
	[795effacb6be]

2007-08-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in:
	Revert the "cmp" portion of the last diff, it doesn't make sense.
	[26f34bf4e2e3]

	* Makefile.in:
	Remove *.lo for clean: When generating the parser, only move the
	generated files into place if they differ from the existing ones.
	[84673fea371b]

2007-08-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* toke.c, toke.l:
	Replace IPV6 regexp with a much simpler (readable) one and add an
	extra check when it matches to make sure we have a valid address.
	[592e9f690556]

	* match.c:
	Fix thinko introduced when merging IPV6 support.
	[da38cd5eb8c7]

2007-08-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* HISTORY, LICENSE:
	regen
	[0d7b27b90634]

	* license.pod:
	add 2007
	[510e5048ae1a]

	* UPGRADE:
	mention #uid vs. comment pitfall
	[4d2861898bcc]

	* acsite.m4:
	Merge in a patch from the libtool cvs that fixes a problem with the
	latest autoconf. From Stepan Kasal.
	[0c279ae7df3e]

	* parse.h:
	Back out he XOR swap trick, it is slower than a temp variable on
	modern CPUs.
	[91c4b024e317]

	* gram.c:
	regen
	[cb6d4106fb74]

	* gram.y, parse.h:
	Convert the tail queue to a semi-circle queue and use the XOR swap
	trick to swap the prev pointers during append.
	[8bf4d9fbee58]

2007-08-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* parse.h:
	remove useless statement
	[421ec1dd73e6]

	* toke.c, toke.l:
	Refactor #include parsing into a separate function and return
	unparsed chars (such as newline or comment) back to the lexer.
	[64166917aa3d]

2007-08-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* WHATSNEW:
	mention better uid support
	[56f510e7f2ec]

	* sudoers.pod:
	Users may now consist of a uid.
	[5fd31b2c55ed]

	* gram.c, gram.h, toke.c:
	regen
	[599e58af6dc1]

	* parse.c:
	Use lbuf_append_quoted() for sudo -l output to quote characters that
	would require quoting in sudoers.
	[3132d05c990a]

	* lbuf.c, lbuf.h:
	Add lbuf_append_quoted() which takes a set of characters which
	should be quoted with a backslash when displayed.
	[ab09bebb1d65]

	* toke.l:
	Require that the first character after a comment not be a digit or a
	dash. This allows us to remove the GOTRUNAS state and treat uid/gids
	similar to other words. It also means that we can now specify uids
	in User_Lists and a User_Spec may now contain a uid.
	[461fe01f8392]

	* gram.y, toke.l:
	Replace RUNAS token with '(' and ')' tokens to make the runas
	portion of the grammar more natural.
	[e0c383b4684d]

	* BUGS:
	The BUGS file is history
	[4d9a809585c7]

	* Makefile.in, README:
	The BUGS file is history
	[d9500e261172]

2007-08-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* toke.c, toke.l:
	Allow comments after a RunasAlias as long as the character after the
	pound sign isn't a digit or a dash.
	[d7f3bd94eeda]

	* WHATSNEW:
	Glob support was back-ported to 1.6.9
	[d1d5cfd46228]

2007-08-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in:
	remove sudo_usage.h in distclean
	[df05ce9c4127]

	* parse.c:
	If a Defaults value contains a blank, double-quote the string.
	[9057a910daad]

	* toke.c, toke.l:
	Properly deal with Defaults double-quoted strings that span multiple
	lines using the line continuation char. Previously, the entire
	thing, including the continuation char, newline, and spaces was
	stored as-is.
	[4a4e8eacefe6]

	* sudo.c:
	Be consistent when using single quotes and backticks.
	[d010b83a0fa1]

2007-08-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in, configure, configure.in, lbuf.c, lbuf.h, parse.c,
	sudo.c, sudo_usage.h.in:
	Add new linebuf code to do appends of dynamically allocated strings
	and word-wrapped output. Currently used for sudo's usage() and sudo
	-l output. Sudo usage strings are now in sudo_usage.h which is
	generated at configure time.
	[4dfd0ee8d961]

2007-08-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* parse.c, sudo.c, sudo.h:
	Fix line wrapping in usage() and use the actual tty width instead of
	assuming 80.
	[700eab37c5a6]

2007-08-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* history.pod:
	some more info
	[8140112a8ae1]

	* history.pod:
	Mentioned Chris Jepeway's parser and also the new one that is in
	sudo 1.7.
	[2132d00f0597]

2007-08-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pod, visudo.pod:
	For the options list, add flag args where appropriate and increase
	the indent level so there is room for them.
	[2b60fb572e12]

2007-08-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* parse.c:
	Fix some spacing in "sudo -l" and add a comment about some bogosity
	in the line wrapping.
	[b59b056f5ee2]

	* sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in, visudo.cat,
	visudo.man.in:
	regen
	[5fb719f18ebc]

	* INSTALL, Makefile.in, WHATSNEW, config.h.in, configure.in,
	def_data.c, def_data.h, def_data.in, gram.c, gram.h, gram.y,
	parse.c, parse.h, pathnames.h.in, sudo.c, sudo.h, sudoers.pod,
	testsudoers.c, toke.c, toke.l:
	Remove monitor support until there is a versino of systrace that
	uses a lookaside buffer (or we have a better mechanism to use).
	[61ff76878e4a]

	* config.h.in, configure, configure.in, sudo.c:
	use getaddrinfo() instead of gethostbyname() if it is available
	[cc33c136aa6a]

2007-08-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* parse.c, sudo.c:
	Deal with OSes where sizeof(gid_t) < sizeof(int).
	[130a89cbdfba]

	* interfaces.c:
	repair non-getifaddrs() code after ipv6 integration
	[7ae7a89e2236]

	* sudo.c:
	If we can open sudoers but fail to read the first byte, close the
	file stream before trying again.
	[6f31272fae7b]

2007-08-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* toke.c:
	regen
	[4d7afe0aa6fa]

	* gram.y, interfaces.c, interfaces.h, match.c, sudoers.pod, toke.l:
	Add IPv6 support; adapted from patches by YOSHIFUJI Hideaki
	[4e6ff2965a42]

	* sudo.pod, sudoers.pod, visudo.pod:
	Add some missing markup Update copyright
	[7e6d3c686b5e]

2007-08-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	fix sudo_noexec extension which got broken in the libtool update
	[3a5b447df861]

2007-08-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in:
	explicitly specify -Tascii to nroff
	[45c8da4cbefe]

2007-08-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* logging.c:
	remove an ANSI-ism that crept in
	[29086f87b2ca]

2007-08-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pod:
	Adjust list indents Prevent -- from being turned into an em dash Use
	a list for the environment instead of a literal paragraph
	[c3abcd8f76f4]

	* visudo.pod:
	Use a list for the environment instead of an indented literal
	paragraph.
	[0ffcfcb7349f]

	* sudoers.pod:
	Adjust list indentation
	[615c89e3123a]

	* license.pod:
	add =head3
	[8b2e0d38c0bd]

2007-08-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pod:
	mention that when specifying a uid for the -u option the shell may
	require that the # be escaped
	[3e3a17bff150]

2007-08-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* match.c:
	Fix off by one in group matching.
	[b529602b7fba]

2007-07-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* env.c:
	Fix typo: PYTHONINSPEC should be PYTHONINSPECT. From David Krause.
	[ffbf8907c6e7]

2007-07-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Add missing define of HAVE_GSS_KRB5_CCACHE_NAME for the
	-lgssapi_krb5 case.
	[2b85a89c2252]

	* aclocal.m4, configure, configure.in:
	Fix link tests such that new gcc doesn't optimize away the test.
	[83484ec95cba]

2007-07-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pod, sudoers.pod, visudo.pod:
	add missing over/back
	[251a12c89b91]

	* sudo.pod, sudoers.pod, visudo.pod:
	Change FILES section to use =item
	[60b9efc3a0b2]

	* env.c:
	Add back allocation of the env struct in rebuild_env but save a copy
	of the old pointer and free it before returning.
	[1100cd4fa997]

	* env.c:
	Don't init the private environment in rebuild_env() since it may
	have already been done implicitly sudo_setenv/sudo_unsetenv.

	Multiply length by sizeof(char *) in memcpy/memmove when copying the
	environment so we copy the full thing.

	Add missing set of parens so we deref the right pointer in
	sudo_unsetenv when searching for a matching variable.
	[9086a8f756b1]

2007-07-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pod, sudoers.pod, visudo.pod:
	Use file markup for paths in the FILES section
	[940d99f731f2]

	* sudo.pod, sudoers.pod, visudo.pod:
	Don't capitalize sudo/visudo
	[f067a455d44b]

	* sudoers.pod:
	Sort sudoers options; based on a diff from Igor Sobrado.
	[a9b9befe85ac]

2007-07-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pod, sudoers.pod, visudo.pod:
	Use 8 and 5 instead of @mansectsu@ and @mansectform@ since the
	latter confuses pod2man. The Makefile rules for the .man.in file
	will add @mansectsu@ and @mansectform@ back in after pod2man is done
	anyway.
	[b50ea0db727c]

2007-07-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* LICENSE, Makefile.in, license.pod:
	Move license info to pod format
	[25bdd82e592b]

	* configure, configure.in, sudoers.pod:
	Substitute value of path_info into sudoers man page.
	[9ba661a82798]

	* WHATSNEW:
	remove features that were back-ported to 1.6.9
	[e76d756cbe65]

	* sudo.c, sudo.pod, visudo.c, visudo.pod:
	Sort SYNOPSIS and sync usage. From Igor Sobrado.
	[4970386c9e54]

	* env.c:
	Only need sudo_setenv/sudo_unsetenv if we are going to use
	ldap_sasl_interactive_bind_s() but don't have
	gss_krb5_ccache_name().
	[f1a73d8b35c5]

	* ChangeLog:
	rebuild without branch info
	[5d5a33494677]

	* Makefile.in:
	Add ChangeLog target
	[a702034fdd89]

	* auth/pam.c:
	Run cleanup code if the user hits ^C at the password prompt.
	[9cf87768e921]

	* auth/pam.c:
	Some versions of pam_lastlog have a bug that will cause a crash if
	PAM_TTY is not set so if there is no tty, set PAM_TTY to the empty
	string.
	[5b63f6c88866]

2007-07-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in:
	ChageLog not Changelog
	[1243d8473ceb]

	* ChangeLog:
	sync
	[d887df98c6b0]

	* Makefile.in:
	CHANGE -> Changelog
	[917738df30dd]

	* TODO:
	sync
	[cd382f7d1948]

2007-07-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.in, ldap.c:
	Add configure hooks for gss_krb5_ccache_name() and the gssapi
	headers.
	[139606209991]

2007-07-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* env.c, sudo.c:
	rebuild_env() and insert_env_vars() no longer return environment
	pointer, they set environ directly.

	No longer need to pass around an envp pointer since we just operate
	on environ now.

	Add dosync argument to insert_env() that indicates whether it should
	reset environ when realloc()ing env.envp.

	Use an initial size of 128 for the environment.
	[4735fd5fddb8]

	* env.c:
	Split sudo_setenv() into an external version and a version only for
	use by rebuild_env().
	[fda7d655adb1]

2007-07-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* ldap.c:
	Add support for using gss_krb5_ccache_name() instead of setting
	KRB5CCNAME. Also use sudo_unsetenv() in the non-
	gss_krb5_ccache_name() case if there was no KRB5CCNAME in the
	original environment. TODO: configure setup for
	gss_krb5_ccache_name()
	[fcafa5a49caf]

	* README.LDAP:
	add krb5_ccname
	[fceb8f883886]

	* README.LDAP, ldap.c:
	Add support for sasl_secprops in ldap.conf
	[1f06f4bf7347]

	* env.c, sudo.h:
	Add sudo_unsetenv() and refactor private env syncing code into
	sync_env().
	[045ecb3fd22b]

	* README.LDAP, ldap.c:
	The ldap.conf variable is sasl_auth_id not sasl_authid.
	[a5f98491311b]

2007-07-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* ldap.c, sudo.c, sudo.h:
	Add support for krb5_ccname in ldap.conf. If specified, it will
	override the default value of KRB5CCNAME in the environment for the
	duration of the call to ldap_sasl_interactive_bind_s().
	[b08a10c3045b]

	* env.c, sudo.h:
	Remove format_env() Add sudo_setenv() to replace most format_env() +
	insert_env() combinations. insert_env() no longer takes a struct
	environment *
	[131da52f43f3]

	* ldap.c:
	Fix use_sasl vs. rootuse_sasl logic.
	[0c0417b6918c]

	* README.LDAP, config.h.in, configure, configure.in, ldap.c:
	Add support for SASL auth when connecting to an LDAP server. Adapted
	from a diff by Tom McLaughlin.
	[a6285f1356ea]

2007-07-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Only enable AIX or BSD auth if no other exclusive auth method has
	been chosen. Allows people to e.g., use PAM on AIX without adding
	--without-aixauth. A better solution is needed to deal with default
	authentication since if a non-exclusive method is chosen we will
	still get an error.
	[83f7afdc0ec3]

2007-07-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* HISTORY, Makefile.in, history.pod:
	Generate HISTORY from history.pod (which is also used for web pages)
	[60bcd5164931]

2007-07-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.man.in, sudoers.man.in:
	regen
	[63956a366191]

	* sudo.pod:
	Better explanation of environment handling in the sudo man page.
	[6c247742f7ee]

	* env.c, sudo.c:
	Defer setting user-specified env vars until after authentication.
	[4750b79323ee]

	* env.c:
	honor def_default_path for PATH set on the command line
	[6db31d9b6d65]

	* env.c, sudo.c, sudo.pod, sudoers.pod:
	Allow user to set environment variables on the command line as long
	as they are allowed by env_keep and env_check. Ie: apply the same
	restrictions as normal environment variables. TODO: deal with
	secure_path
	[26c0da3840cf]

2007-07-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.c, sudo_edit.c:
	Call rebuild_env() in call cases. Pass original envp to sudo_edit().
	Don't allow -E or env var setting in sudoedit mode. More accurate
	usage() when called as sudoedit.
	[a4af20658361]

	* ldap.c:
	warn -> warning
	[d87d1192b048]

	* sudo.pod:
	add -c option to sudoedit synopsis
	[15b596a7e2db]

	* TODO:
	udpate to reality
	[e2f8fde89db1]

	* parse.c:
	Use ALLOW/DENY instead of TRUE/FALSE when dealing with the return
	value from {user,host,runas,cmnd}_matches(). Rename *matches
	variables -> *match. Purely cosmetic.
	[e54a44c00a88]

	* parse.c:
	Move setting of FLAG_NO_CHECK into the if(pwflag) block. No change
	in behavior.
	[c6272b4f2127]

	* sudoers:
	add SETENV tag
	[3a3066bb6788]

2007-07-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* parse.c:
	Make pwcheck local to the pwflag block. Use pwcheck even if user
	didn't match since Defaults options may still apply.
	[45da9efbbafd]

	* check.c, sudo.c:
	Do not update timestamp if user not validated by sudoers.
	[a4a9d4364827]

	* set_perms.c:
	for PERM_RUNAS, set the egid to the runas user's gid and restore to
	the user's original in PERM_ROOT
	[1514bfb32847]

	* logging.c, mon_systrace.c, set_perms.c, sudo.h:
	PERM_FULL_ROOT is now no different than PERM_ROOT so remove
	PERM_FULL_ROOT
	[b9d047a3178c]

	* check.c:
	don't check timestamp mtime if we are just going to remove it
	[5d2470bc6cbd]

	* sudoers.pod:
	Move sudoers defaults parameters into their own section.
	[54701fbc0ff3]

	* testsudoers.c:
	Reduce a level of indent by a few placed continue statements.
	[5d5a9838c8ef]

	* parse.c:
	Make matching but negated commands/hosts/runas entries override a
	previous match as expected. Also reduce some levels of indent by a
	few placed continue statements.
	[dd59fa4b91a1]

2007-07-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* parse.c:
	Print default runas in "sudo -l" if sudoers don't specify one.
	[07d408c400bd]

	* match.c:
	Less hacky way of testing whether the domain was set.
	[a537059776e5]

2007-07-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL:
	Mention pam-devel and openldap-devel for Linux
	[9e708c54ecc3]

2007-07-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* README.LDAP:
	or vs. are
	[abe8c0f3a410]

2007-07-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.c:
	fix typo in Solaris project support
	[2ffeb2d80959]

	* HISTORY:
	update
	[df162b36f120]

	* sudo.c:
	Make -- on the command line match the manual page. The implied shell
	case has been simplified as a result.
	[cd217a1f6694]

2007-06-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudoers2ldif:
	add simplistic support for sudoRunas; note that if a sudoers entry
	contains multiple Runas users, all will apply to the sudoRole
	[65b11421f5c8]

	* sudoers2ldif:
	honor SETENV and NOSETENV tags
	[2c0d5ba7a09b]

2007-06-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mon_systrace.c:
	Redo setting of user_args. We now build up a private copy of argv
	first and then replace the NULs with spaces.
	[ccbba72ea112]

	* mon_systrace.c:
	getcwd() returns NULL on failure, not 0 on success
	[88cd9e66e530]

	* mon_systrace.c:
	allow chunksiz to reach 1 before erroring out
	[619d68f14964]

	* sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in, visudo.cat,
	visudo.man.in:
	regen
	[8db512d3caf0]

2007-06-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* def_data.c, def_data.h, def_data.in, env.c, gram.c, gram.h, gram.y,
	logging.c, parse.c, parse.h, sudo.c, sudo.h, sudo.pod, sudoers.pod,
	toke.c, toke.l:
	Add support for setting environment variables on the command line.
	This is only allowed if the setenv sudoers options is enabled or if
	the command is prefixed with the SETENV tag.
	[5744caebd969]

	* README.LDAP:
	replace Aaron's email address with the sudo-workers list
	[2ffce5f9afc0]

	* configure:
	regen
	[8013dff82c0c]

2007-06-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* schema.OpenLDAP, schema.iPlanet:
	Break schema out into separate files.
	[15e598e4c60b]

	* Makefile.in, README.LDAP:
	Break schema out into separate files.
	[1a53966ca1fa]

2007-06-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* auth/aix_auth.c:
	free message if set by authenticate()
	[849c220c1236]

	* match.c:
	deal with NULL gr_mem
	[49e4d74f0bbe]

2007-06-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in:
	regen
	[fead999ad3e9]

	* configure.in:
	add template for HAVE_PROJECT_H
	[e6c42c2eaad1]

	* closefrom.c:
	include fcntl.h
	[54d98b382f03]

2007-06-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL:
	mention --with-project
	[d3ea3baad7c5]

	* config.h.in, configure.in, sudo.c:
	Add Solaris 10 "project" support. From Michael Brantley.
	[f14f3c8c6554]

	* sudoers.pod:
	fix typo
	[50db81a19787]

	* configure:
	regen
	[ea71afd3e564]

	* configure.in:
	Fix preservation of LDFLAGS in the LDAP case.
	[40a3a47e8059]

	* memrchr.c:
	Remove dependecy on NULL
	[c957ae5e1733]

	* configure:
	regen
	[4955ce0c6912]

	* aclocal.m4, configure.in:
	Can't use the regular autoconf fnmatch() check since we need
	FNM_CASEFOLD so go back to our custom one.
	[f10d76237486]

	* env.c:
	Fix preserving of variables in env_keep.
	[d040049d6b84]

	* env.c:
	add XAUTHORIZATION
	[0d589a5fe015]

	* UPGRADE:
	expand upon env resetting and mention that it began in 1.6.9 not
	1.7.
	[dba251655c76]

	* sudoers.pod:
	Update descriptions of env_keep and env_check to match current
	reality.
	[dba77357954b]

2007-06-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* env.c:
	Add LINGUAS to initial_checkenv_table. Add COLORS, HOSTNAME,
	LS_COLORS, MAIL, PS1, PS2, XAUTHORITY to intial_keepenv_table.
	[eec4632bd190]

	* env.c, logging.c:
	Treat USERNAME environemnt variable like LOGNAME/USER
	[09f52dcfd70c]

	* env.c:
	Don't need to populate keepenv table with the contents of the
	checkenv table.
	[527a14afd973]

	* sudo.c:
	Don't force sudo into the C locale.
	[8a5bd301ef96]

	* env.c:
	Make env_check apply when env_reset it true. Environment variables
	are passed through unless they contain '/' or '%'. There is no need
	to have a variable in both env_check and env_keep.
	[840c802721e4]

2007-06-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* visudo.c:
	Remove an duplicate lock_file() call and add a comment.
	[5af9dcdf0eb6]

	* UPGRADE:
	Add sudo 1.6.9 upgrade note.
	[1585149f2914]

2007-06-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* interfaces.c:
	Solaris will return EINVAL if the buffer used in SIOCGIFCONF is too
	small. From Klaus Wagner.
	[d6899fc44f77]

	* logging.c, sudo.h:
	Redo the long syslog line splitting based on a patch from Eygene
	Ryabinkin. Include memrchr() for systems without it.
	[66a50e8d553a]

	* memrchr.c:
	Redo the long syslog line splitting based on a patch from Eygene
	Ryabinkin. Include memrchr() for systems without it.
	[2f6702b7d41b]

	* Makefile.in, config.h.in, configure, configure.in:
	Redo the long syslog line splitting based on a patch from Eygene
	Ryabinkin. Include memrchr() for systems without it.
	[407a46190921]

	* configure.in:
	Since we need to be able to convert timespec to timeval for utimes()
	the last 3 digits in the tv_nsec are not significant. This makes the
	sudoedit file date comparison work again.
	[9d0258849fa9]

2007-06-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* aclocal.m4, configure, configure.in:
	Add SUDO_ADD_AUTH macro to deal with adding things to AUTH_OBJS.
	This deals with exclusive authentication methods in a simple way.
	[7d70072c0f35]

2007-06-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* LICENSE:
	mkstemp.c is BSD code too.
	[29e236d98162]

	* sudo.pod, sudoers.pod, visudo.pod:
	No commercial support for now.
	[7c76b3e192dd]

2007-06-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.c:
	cleanenv() is no more.
	[518080514408]

2007-06-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* ChangeLog:
	Display branch info in Changelog
	[44e3b27427c7]

	* utimes.c:
	Include config.h early so we have it for TIME_WITH_SYS_TIME
	[4bf1a00d0703]

	* ChangeLog:
	Fix Changelog generation and update.
	[6e960dbcbece]

2007-06-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* closefrom.c:
	Use /proc/self/fd instead of /proc/$$/fd

	Move old-style fd closing into closefrom_fallback() and call that if
	/proc/self/fd doesn't exist or the F_CLOSEM fcntl() fails
	[faa7e4810758]

	* auth/kerb5.c, config.h.in, configure.in:
	o use krb5_verify_user() if available instead of doing it by hand o
	use krb5_init_secure_context() if we have it o pass an encryption
	type of 0 to krb5_kt_read_service_key() instead of
	ENCTYPE_DES_CBC_MD5 to let kerberos choose.
	[df7acf72bd7c]

	* env.c:
	Check TERM and COLORTERM for '%' and '/' characters. From Debian.
	[f92d05197e40]

	* configure.in:
	Fix closefrom() substitution in the Makefile
	[b642b13fcc5c]

	* TROUBLESHOOTING:
	Mention alternate sudo pronunciation.
	[7c71dc73409f]

2007-06-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* env.c:
	Remove KRB5_KTNAME from environment. Allow COLORTERM.
	[70f35a79f780]

	* auth/kerb5.c:
	If we cannot get a valid service key using the default keytab it is
	a fatal error. Fixes a bug where sudo could be tricked into allowing
	access when it should not by a fake KDC. From Thor Lancelot Simon.
	[a3ae6a47cb23]

2007-05-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* aclocal.m4, configure, configure.in:
	Update long long checks to use AC_CHECK_TYPES and to cache values.
	[047318eaaeb2]

	* aclocal.m4, configure.in:
	Use AC_FUNC_FNMATCH instead of a homebrew fnmatch checker. We can't
	use AC_REPLACE_FNMATCH since that assumes replacing with GNU
	fnmatch.
	[80513a1003ea]

2007-05-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Add closefrom() to LIB_OBJS not SUDO_OBJS if it is missing since we
	need it for visudo now too.
	[50837c7c2b5e]

2007-04-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudoers.pod:
	Attempt to clarify the bit talking about network numbers w/o
	netmasks.
	[211e68c1d034]

	* sudo.pod:
	Clarify timestamp dir ownership sentence.
	[9178f132c7f7]

2007-04-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* auth/pam.c:
	Linux PAM now defines __LINUX_PAM__, not __LIBPAM_VERSION. From
	Dmitry V. Levin.
	[81fce91667bc]

2007-04-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.c:
	-i is also one of the mutually exclusive options to list it in the
	warning message. Noted by Chris Pepper.
	[7da73fb248e9]

2007-04-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* visudo.pod:
	The sudoers variable is env_editor, not enveditor. From Jean-
	Francois Saucier.
	[2a86ec09a6db]

2007-03-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* redblack.c:
	I tracked down the original author so credit him and include his
	license info.
	[3733553a1bba]

2007-02-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.cat, sudo.man.in, sudo.pod, sudoers.cat, sudoers.man.in,
	sudoers.pod:
	Fix typos; from Jason McIntyre.
	[1ee4ce2512f2]

	* logging.c:
	Restore signal mask before calling reapchild(). Fixes a possible
	race condition that could prevent sudo from properly waiting for the
	child.
	[9ee4192385dc]

2007-01-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* pwutil.c:
	Don't declare pw_free() if we are not going to use it.
	[adb79a4289ca]

	* env.c:
	Add NOEXEC support for AIX 5.3 which supports LDR_PRELOAD and
	LDR_PRELOAD64. The 64-bit version is not currently supported. Remove
	zero_env() prototype as it no longer exists.
	[b4fe65027fb6]

2006-12-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* logging.c:
	Add "Auto-Submitted: auto-generated" line to sudo mail for rfc 3834.
	[78002ad90f7b]

2006-09-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* auth/pam.c:
	If the user enters ^C at the password prompt, abort instead of
	trying to authenticate with an empty password (which causes an
	annoying delay).
	[da3f27b747c7]

2006-08-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* closefrom.c, config.h.in, configure, configure.in:
	Add fcntl F_CLOSEM support to closefrom(); adapted from a diff by
	Darren Tucker.
	[0331b7780759]

	* pwutil.c:
	pw_free() is only used by sudo_freepwcache() so ifdef it out too.
	[0014c0d9eeba]

2006-08-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.guess, config.sub:
	Update to latest versions from cvs.savannah.gnu.org
	[aa0143101c20]

2006-07-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* pwutil.c, sudo_edit.c:
	Move password/group cache cleaning out of sudo_end{pw,grp}ent() so
	we can close the passwd/group files early.
	[559074bd7eb7]

	* config.h.in, configure, configure.in, set_perms.c:
	Add seteuid() flavor of set_perms() for systems without setreuid()
	or setresuid() that have a working seteuid(). Tested on Darwin.
	[508d8da99189]

2006-07-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mon_systrace.c:
	systrace_read() returns ssize_t
	[9f97d1d1a59d]

	* configure, configure.in:
	Fix typo, -lldap vs. -ldap; from Tim Knox.
	[a8cc43c3bb2a]

2006-07-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* HISTORY:
	Fix typo; Matt Ackeret
	[86964ee3dfbd]

2006-07-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.c:
	Print sudoers path in -V mode for root.
	[dc43f2d75bd9]

2006-06-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* ldap.c:
	Do a sub tree search instead of a base search (one level in the tree
	only) for sudo right objects. This allows system administrators to
	categorize the rights in a tree to make them easier to manage.
	[6d2d9abf996e]

2005-12-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pod:
	fix typo
	[1473413bcbda]

2005-12-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* ldap.c:
	Convert GET_OPT and GET_OPTI to use just 2 args. Add timelimit and
	bind_timelimit support; adapted from gentoo.
	[afc816093026]

2005-11-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* ldap.c:
	Support comments that start in the middle of a line
	[c25df6ee3db8]

	* configure, configure.in:
	Define LDAP_DEPRECATED until we start using ldap_get_values_len()
	[ee249bfe230a]

2005-11-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* closefrom.c:
	Silence gcc -Wsign-compare; djm@openbsd.org
	[28769ce6418d]

	* error.c, sudo.c, sudo.h, testsudoers.c, visudo.c:
	cleanup() now takes an int as an arg so it can be used as a signal
	handler too.
	[2bb0df34d09c]

	* sudo.c:
	Make a copy of the shell field in the passwd struct for NewArgv to
	avoid a use after free situation after sudo_endpwent() is called.
	[5dcc9ffd362e]

2005-11-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.in:
	Add mkstemp() for those poor souls without it.
	[5fdd02e863e0]

	* mkstemp.c:
	Add mkstemp() for those poor souls without it.
	[c99401207860]

	* Makefile.in:
	Add mkstemp() for those poor souls without it.
	[9c1cf2678f24]

2005-11-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* env.c:
	Add PERL5DB to list of environment variables to remove.
	[7375c27ecf75]

2005-11-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mon_systrace.c, mon_systrace.h:
	Instead of calling the check function twice with a state cookie use
	separate check/log functions.

	Check more ioctl() calls for failure.

	systrace_{read,write} now return the number of bytes read/written or
	-1 on error.
	[3dc8946d90e9]

	* env.c:
	Add more environment variables to remove; from gentoo linux Add some
	comments about what bad env variables go to what (more to do)
	[6918110a6b82]

2005-11-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.c, sudo_edit.c:
	Move sudo_end{gr,pw}ent() until just before the exec since they free
	up our cached copy of the passwd structs, including sudo_user and
	sudo_runas. Fixes a use-after-free bug.
	[54de3778bad0]

	* visudo.c:
	Close all fd's before executing editor.
	[4fcc05e1bec8]

	* sudo.c:
	Enable malloc debugging on OpenBSD when SUDO_DEVEL is set.
	[ef0e8ffa5c9f]

	* check.c:
	Fix fd leak when lecture file option is enabled. From Jerry Brown
	[ce97f9207cd8]

2005-11-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* env.c:
	Add PERLLIB, PERL5LIB and PERL5OPT to the default list of
	environment variables to remove. From Charles Morris
	[c96e1367d1c1]

2005-11-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* env.c:
	add JAVA_TOOL_OPTIONS to initial_badenv_table for java 5
	[72a6a1571226]

2005-10-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* env.c:
	add PS4 and SHELLOPTS to initial_badenv_table for bash
	[89dfb3f318f3]

2005-08-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudoers.pod:
	Fix typo; Toby Peterson
	[b7a3222b23f4]

2005-08-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* tsgetgrpw.c:
	Make return buffers static so they don't get clobbered
	[13323a39b9f5]

2005-07-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* auth/securid5.c:
	Fix securid5 authentication, was not checking for ACM_OK. Also add
	default cases for the two switch()es. Problem noted by ccon at
	worldbank
	[14091e418333]

2005-06-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* ldap.c:
	Remove ncat() in favor of just counting bytes and pre-allocating
	what is needed.
	[25b8712adb61]

2005-06-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* ldap.c:
	Fix up some comments Add missing fclose() for the rootbinddn case
	[ae95c8a89711]

	* ldap.c:
	align struct ldap_config
	[35d0d64c76f8]

	* ldap.c:
	use LINE_MAX for max conf file line size
	[da116cb8853d]

	* pathnames.h.in:
	add _PATH_LDAP_SECRET
	[128b04ecfab7]

	* README.LDAP:
	Mention rootbinddn Give example ou=SUDOers container
	[852edc69bd1c]

2005-06-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL, configure, configure.in, ldap.c:
	Support rootbinddn in ldap.conf
	[1615c91522a1]

	* env.c, sudo.pod, sudoers.pod:
	Preserve DISPLAY environment variable by default.
	[05f503d5f438]

	* acsite.m4, configure:
	set need_lib_prefix=no for all cases; this is safe for LD_PRELOAD
	[18a04dea8d05]

	* acsite.m4, configure:
	set need_version=no for all cases; this is safe for LD_PRELOAD
	[b542560e1a73]

	* aclocal.m4:
	typo
	[c040df0fcd5a]

	* configure, configure.in:
	Add dragonfly
	[f13794618636]

	* auth/pam.c:
	Fix call to pam_end() when pam_open_session() fails.
	[0be47cdfdef1]

	* configure:
	regen
	[7f5c13b4b800]

	* acsite.m4:
	rebuild acsite.m4 from libtool 1.9f libtool.m4 ltoptions.m4
	ltsugar.m4 ltversion.m4
	[a7ba9fd1a2ab]

	* config.guess, config.sub, ltmain.sh:
	merge in local changes: config.guess: o better openbsd support
	config.sub: o hiuxmpp support ltmain.sh o remove requirement that
	libs must begin with "lib" o don't print a bunch of crap about
	library installs o don't run ldconfig
	[f4149f2c720f]

	* config.guess, config.sub, ltmain.sh:
	libtool 1.9f
	[82a534e7121f]

	* configure.in:
	Update with autoupdate and make minor changes for libtool 1.9f
	[11b5ae5c1428]

2005-06-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* parse.c:
	don't call sudo_ldap_display_cmnd if ldap not setup
	[8bcf6c094ffe]

	* sudo_edit.c, visudo.c:
	Move declatation of struct timespec to its own include files for
	systems without it since it needs time_t defined.
	[b95c333299a0]

	* gettime.c:
	Move declatation of struct timespec to its own include files for
	systems without it since it needs time_t defined.
	[021b4569cc0c]

	* fileops.c:
	Move declatation of struct timespec to its own include files for
	systems without it since it needs time_t defined.
	[dd8573b2ee7d]

	* emul/timespec.h:
	Move declatation of struct timespec to its own include files for
	systems without it since it needs time_t defined.
	[f95137771564]

	* check.c, compat.h:
	Move declatation of struct timespec to its own include files for
	systems without it since it needs time_t defined.
	[2ef2ace8fe85]

	* ldap.c:
	Don't set safe_cmnd for the "sudo ALL" case.
	[ad7fa9e07da0]

2005-05-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* auth/pam.c:
	Call pam_open_session() and pam_close_session() to give pam_limits a
	chance to run. Idea from Karel Zak.
	[fed46d471350]

2005-04-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* check.c, sudo.c:
	Add explicit cast from mode_t -> u_int in printf to silence warnings
	on Solaris
	[17bb961fe22d]

	* parse.c:
	include grp.h to silence a warning on Solaris
	[14386fbab640]

2005-04-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* parse.c:
	Fix printing of += and -= defaults.
	[a667604c56cd]

2005-04-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mon_systrace.c:
	Sanity check number of syscall args with argsize. Not really needed
	but a little paranoia never hurts.
	[6bb455a2c2d6]

	* mon_systrace.c, mon_systrace.h:
	Don't do pointer arithmetic on void * Use int, not size_t/ssize_t
	for systrace lengths (since it uses int)
	[3cafccffcffd]

2005-04-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mon_systrace.c:
	Add some memsets for paranoia Fix namespace collsion w/ error Check
	rval of decode_args() and update_env() Remove improper setting of
	validated variable
	[3d385158354d]

2005-04-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* parse.c, sudo.c, sudo.h:
	In -l mode, only check local sudoers file if def_ignore_sudoers is
	not set and call LDAP versions from display_privs() and
	display_cmnd() instead of directly from main(). Because of this we
	need to defer closing the ldap connection until after -l processing
	has ocurred and we must pass in the ldap pointer to display_privs()
	and display_cmnd().
	[1dfc2e8c9f2b]

	* ldap.c:
	Reorganize LDAP code to better match normal sudoers parsing. Instead
	of storing strings for later printing in -l mode we do another query
	since the authenticating user and the user being listed may not be
	the same (the new -U flag). Also add support for "sudo -l command".

	There is still a fair bit if duplicated code that can probably be
	refactored.
	[e9568f19bde5]

2005-04-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* ldap.c:
	Replace pass variable with do_netgr for better readability.
	[1bba841b6e79]

	* ldap.c:
	use DPRINTF macro
	[02b159b66bb5]

	* ldap.c:
	estrdup, not strdup
	[22cdee7973c1]

2005-04-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* parse.c:
	Add macro to test if the tag changed to improve readability.
	[4e11b4819556]

	* parse.c:
	Avoid printing defaults header if there are no defaults to print...
	[41a28627df03]

	* glob.c:
	Fix a warning on systems without strlcpy().
	[6814e0f0e4f4]

	* pwutil.c:
	Use macros where possible for sudo_grdup() like sudo_pwdup().
	[30f201ff35cd]

2005-04-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* utimes.c:
	It is possible for tv_usec to hold >= 1000000 usecs so add in
	tv_usec / 1000000.
	[794ac4d53a65]

2005-03-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* auth/kerb5.c:
	The component in krb5_principal_get_comp_string() should be 1, not 0
	for Heimdal. From Alex Plotnick.
	[fefa351c5044]

2005-03-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* alias.c, alloc.c, check.c, defaults.c, find_path.c, gram.c, gram.y,
	interfaces.c, ldap.c, logging.c, match.c, mon_systrace.c, pwutil.c,
	redblack.c, sudo.c, sudo.h, toke.c, toke.l, visudo.c:
	Add efree() for consistency with emalloc() et al. Allows us to rely
	on C89 behavior (free(NULL) is valid) even on K&R.
	[7876bb80d87c]

	* parse.c, sudo.c:
	Move initgroups() for -U option into display_privs() so group
	matching in sudoers works correctly.
	[b074428ad2ca]

2005-03-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* ldap.c:
	Removed duplicate call to ldap_unbind_s introduced along with
	sudo_ldap_close.
	[19acc1c20f7c]

	* parse.c:
	Add missing space in Defaults printing
	[95d2935bf6d4]

2005-03-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* pwutil.c:
	Sync sudo_pwdup with OpenBSD changes: use macros for size computaton
	and string copies.
	[6b6b241495e5]

2005-03-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* pwutil.c:
	Zero old pw_passwd before replacing with version from shadow file.
	[3251b349dfe1]

	* configure, configure.in:
	Only attempt shadow password detection if PAM is not being used Add
	shadow_* variables to make shadow password detection more generic.
	[d498a3423ac9]

	* configure.in:
	Use OSDEFS for os-specific -D_FOO_BAR stuff rather than CPPFLAGS
	[04d55bbd5e35]

2005-03-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudoers.pod:
	use a non-breaking space to avoid a double space after e.g.
	[11cdb54bdf7b]

	* sudo.pod:
	commna, not colon after e.g.
	[8d5875ff72e0]

2005-03-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo_noexec.c:
	Add __ variants of the exec functions. GNU libc at least uses
	__execve() internally.
	[d1880473d790]

	* indent.pro:
	Match reality a bit more.
	[633e3fa875a7]

	* pwutil.c:
	Missed piece from rev. 1.6, fix sudo_getpwnam() too.
	[128f7b21c2ee]

	* pwutil.c:
	Store shadow password after making a local copy of struct passwd in
	case normal and shadow routines use the same internal buffer in
	libc.
	[f806052a6ffc]

2005-03-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* alloc.c, logging.c:
	Make varargs usage consistent with the rest of the code.
	[3d45affc9851]

2005-03-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo_noexec.c:
	Wrap more of the exec family since on Linux the others do not appear
	to go through the normal execve() path.
	[8167769b4e19]

	* visudo.c:
	make print_unused static like proto says
	[ecf10e1bae55]

	* glob.c:
	silence a warning on K&R systems
	[2e00425f1a5c]

	* alias.c, error.c:
	make this build in K&R land
	[156f65f8525a]

	* parse.c:
	make this build in K&R land
	[6fc9276889cb]

2005-03-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* toke.c:
	regen
	[3b349748cd21]

2005-03-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* ldap.c:
	return(foo) not return foo optimize _atobool() slightly
	[11d09d154ed5]

	* ldap.c:
	Use TRUE/FALSE
	[53999320d98f]

	* ldap.c:
	Reformat to match the rest of sudo's code.
	[1bd0f2afa0e7]

	* sudo.pod:
	I am the primary author
	[5d311ecd85c6]

2005-02-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in, README, RUNSON:
	The RUNSON file is toast--it confused too many people and really
	isn't needed in a configure-oriented world.
	[96a6ef7bbc08]

	* INSTALL:
	alternate -> alternative
	[b65015c5d0a2]

	* tgetpass.c:
	Use TCSADRAIN instead of TCSAFLUSH since some OSes have issues with
	TCSAFLUSH.
	[c66b4763ffdc]

	* toke.l:
	Allow leading blanks before Defaults and Foo_Alias definitions
	[2add513d9277]

	* Makefile.in:
	fix rules to build toke.o and gram.o in devel mode
	[96cbb414ebd3]

2005-02-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudoers.pod:
	env_keep overrides set_logname
	[401877193a15]

	* env.c:
	Fix disabling set_logname and make env_keep override set_logname.
	[0906e7a5ed93]

	* compat.h, config.h.in, configure, configure.in:
	No longer need memmove()
	[43bdb6efe3f2]

	* env.c, sudo.c:
	Just clean the environment once. This assumes that any further
	setenv/putenv will be able to handle the fact that we replaced
	environ with our own malloc'd copy but all the implementations I've
	checked do.
	[11658fe92ba2]

2005-02-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* env.c, sudo.c:
	In -i mode, base the value of insert_env()'s dupcheck flag on
	DID_FOO flags. Move checks for $HOME resetting into rebuild_env()
	[8365b0bd0c71]

2005-02-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* env.c, sudo.c:
	Move setting of user_path, user_shell, user_prompt and prev_user
	into init_vars() since user_shell at least is needed there.
	[37e22dce66e9]

2005-02-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in:
	fix devel builds
	[9fbb15ef164c]

	* sudo.c:
	Fix some printf format mismatches on error.
	[ffc1c3f11740]

	* check.c:
	Fix some printf format mismatches on error.
	[7b3b508adf50]

	* configure, gram.c, toke.c:
	regen
	[aa76f9d8b02a]

	* Makefile.in, aclocal.m4, alias.c, alloc.c, auth/afs.c,
	auth/aix_auth.c, auth/bsdauth.c, auth/dce.c, auth/fwtk.c,
	auth/kerb4.c, auth/kerb5.c, auth/pam.c, auth/passwd.c,
	auth/rfc1938.c, auth/secureware.c, auth/securid.c, auth/securid5.c,
	auth/sia.c, auth/sudo_auth.c, auth/sudo_auth.h, check.c,
	closefrom.c, compat.h, configure.in, defaults.c, defaults.h,
	emul/utime.h, env.c, error.c, fileops.c, find_path.c, getprogname.c,
	getspwuid.c, gettime.c, goodpath.c, gram.y, interfaces.c,
	interfaces.h, ldap.c, logging.c, logging.h, match.c, mon_systrace.c,
	parse.c, redblack.c, redblack.h, set_perms.c, sigaction.c,
	snprintf.c, strcasecmp.c, strerror.c, strlcat.c, strlcpy.c, sudo.c,
	sudo.h, sudo.pod, sudo_edit.c, sudo_noexec.c, sudoers.pod,
	testsudoers.c, tgetpass.c, toke.l, utimes.c, version.h, visudo.c,
	visudo.pod, zero_bytes.c:
	Update copyright years.
	[0610c3654739]

	* Makefile.binary.in:
	Update copyright years.
	[d78ffc9f2e2b]

	* LICENSE:
	Update copyright years.
	[f60473bca4b1]

	* BUGS, INSTALL, INSTALL.binary, Makefile.in, README, configure.in:
	version 1.7
	[aa977a544ca1]

	* WHATSNEW:
	What's new in sudo 1.7, based on the 1.7 CHANGES entries.
	[ecfcf7269c14]

2005-02-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat.h, logging.h, sudo.h:
	Add __printflike and use it with gcc to warn about printf-like
	format mismatches
	[b192ad4a0548]

2005-02-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* CHANGES, ChangeLog:
	Replaced CHANGES file with ChangeLog generated from cvs logs
	[d9ace9dab98f]

	* set_perms.c:
	Use warning/error instead of perror/fatal.
	[e33259df7738]

	* config.guess:
	Update OpenBSD section
	[9d2c23de6801]

	* UPGRADE:
	Add upgrading noted for 1.7
	[1fb6b6d6df07]

	* env.c, sudo.c, sudoers.pod:
	Instead of zeroing out the environment, just prune out entries based
	on the env_delete and env_check lists. Base building up the new
	environment on the current environment and the variables we removed
	initially.
	[fc192df8fd15]

	* config.h.in, configure, configure.in, sudo.c:
	Set locale to "C" if locales are supported, just to be safe.
	[91fbaa98f02e]

	* toke.c, toke.l:
	Cast argument to ctype functions to unsigned char.
	[e096b4d65796]

2005-02-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* env.c:
	correct value for DID_USER
	[b5b05d36ec15]

	* error.c, fnmatch.c, getcwd.c, glob.c, snprintf.c:
	#include <compat.h> not "compat.h"
	[7a0ad9a0ccd7]

	* defaults.c:
	Reset the environment by default.
	[4ecc6423e0f0]

	* sudo.c:
	Alloc an extra slot in NewArgv. Removes the need to malloc an new
	vector if execve() fails.
	[83dfb6f584a7]

2005-02-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL, config.h.in, configure, configure.in, sudo.c:
	Use execve(2) and wrap the command in sh if we get ENOEXEC.
	[c0c6af4e2a21]

2005-02-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo_noexec.c:
	Only include time.h on systems that lack struct timespec which gets
	defind in compat.h (using time_t).
	[e373e518b4cb]

	* sudo_noexec.c:
	Include time.h for time_t in compat.h for systems w/o struct
	timespec.
	[a34b5637e458]

	* compat.h, config.h.in, configure, configure.in:
	use bcopy on systems w/o memmove
	[f835eafd78c6]

	* compat.h:
	__attribute__((__unused__)) doesn't work in gcc 2.7.2.1 so limit its
	use to gcc >= 2.8.
	[1cb9a4e58566]

	* Makefile.in:
	Add explicit rule to build sudo_noexec.lo
	[df1dfcf8dd77]

2005-02-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL.configure, Makefile.in:
	No longer depend on VPATH; pointed out a bunch of missed
	dependencies.
	[601a45d4af6b]

	* TROUBLESHOOTING:
	Help for PAM when account section is missing
	[9b8221256756]

	* auth/pam.c:
	Give user a clue when there is a missing "account" section in the
	PAM config.
	[2529625c0495]

	* auth/pam.c:
	Better error handling.
	[518c9bda23d8]

	* config.h.in, configure, configure.in:
	Move _FOO_SOURCE to CPPFLAGS so it takes effect as early as
	possible. Silences a warning about isblank() on linux.
	[19c94d7ecdc8]

	* auth/pam.c:
	Fix typo (missing comma) that caused an incorrect number of args to
	be passed to log_error().
	[0099dfec560f]

2005-02-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* pwutil.c:
	Don't try to destroy a tree we didn't create.
	[d43c4fe03aa4]

2005-01-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* alias.c, alloc.c, auth/afs.c, auth/aix_auth.c, auth/bsdauth.c,
	auth/dce.c, auth/fwtk.c, auth/kerb4.c, auth/kerb5.c, auth/pam.c,
	auth/passwd.c, auth/rfc1938.c, auth/secureware.c, auth/securid.c,
	auth/securid5.c, auth/sia.c, auth/sudo_auth.c, check.c, closefrom.c,
	compat.h, defaults.c, env.c, error.c, fileops.c, find_path.c,
	fnmatch.c, getcwd.c, getprogname.c, getspwuid.c, gettime.c,
	goodpath.c, gram.c, gram.y, interfaces.c, ldap.c, logging.c,
	match.c, mon_systrace.c, parse.c, pwutil.c, set_perms.c,
	sigaction.c, snprintf.c, strcasecmp.c, strerror.c, strlcat.c,
	strlcpy.c, sudo.c, sudo_edit.c, sudo_noexec.c, testsudoers.c,
	tgetpass.c, toke.c, toke.l, utimes.c, visudo.c, zero_bytes.c:
	Add __unused to rcsids
	[ad6b4ac45705]

2005-01-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Fix error message when mixing invalid auth types
	[68069b3ff5bc]

	* INSTALL:
	PAM, AIX auth, BSD auth and login_cap are now on by default if the
	OS supports them.
	[4e44e9098cf0]

	* auth/sudo_auth.h, config.h.in:
	s/HAVE_AUTHENTICATE/HAVE_AIXAUTH/g
	[2d569b43b23e]

	* configure.in:
	Better checking for conflicting authentication methods Display the
	authentication methods used at the end of configure Rename --with-
	authenticate -> --with-aixauth Use --with-aixauth, --with-bsdauth,
	--with-pam, --with-logincap by default on systems that support them
	unless disabled. Add OSMAJOR variable that replaces old OSREV; now
	OSREV has full version number
	[a21115b6fe9f]

2005-01-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* def_data.c, def_data.in, sudo.c, sudoers.pod:
	s/-O/-C/
	[ee73f1b81923]

2005-01-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure.in:
	Replace: test -n "$FOO" || FOO="bar"

	With: : ${FOO='bar'}
	[37552d9054fc]

2005-01-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* pwutil.c, testsudoers.c, tsgetgrpw.c:
	Use function pointers to only call private passwd/group routines
	when using a nonstandard passwd/group file.
	[215908681dfb]

2005-01-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* CHANGES:
	sync
	[2e55c03f5790]

	* tsgetgrpw.c:
	Can't use strtok() since it doesn't handle empty fields so add
	getpwent()/getgrent() functions and call those.
	[bdaa5b0db70e]

2005-01-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in:
	Fix dummied out toke.c and gram.c dependencies.
	[4b909c8b2ebe]

	* Makefile.in:
	Rename PARSESRCS -> GENERATED since it is only used in the clean
	target Add devdir variable and use it to specify the path to parser
	sources
	[f27b3f41ca23]

	* configure:
	regen
	[22c6435dbd46]

	* configure.in:
	Add a devdir variables that defaults to $(srcdir) and is set to . if
	--devel was specified. Allows for proper dependecies building the
	parser.
	[a36d694c6d21]

	* testsudoers.c:
	Add support for custom passwd/group files.
	[296549ff4b87]

	* Makefile.in:
	Build private copy of pwutil.o for testsudoers with MYPW defined so
	it uses our own passwd/group routines.
	[bafa54ec78ca]

	* visudo.c:
	Remove sudo_*{pw,gr}* stubs and add sudo_setspent/sudo_endspent
	stubs instead. We can now just use the caching sudo_*{pw,gr}*
	functions in pwutil.c Add comment about wanting to call
	sudo_endpwent/sudo_endgrent in cleanup()
	[7e59d6b5510d]

	* tsgetgrpw.c:
	Remove caching; we will just use what is in pwutil.c Use global
	buffers for passwd/group structs Rename functions from sudo_* to
	my_*
	[8c1e068f574c]

	* logging.c, sudo.c:
	g/c pwcache_init/pwcache_destroy
	[60a24909b947]

	* sudo.h:
	Undo last commit and add sudo_setspent and sudo_endspent instead.
	[bac80db08296]

	* getspwuid.c, pwutil.c:
	Move all but the shadow stuff from getspwuid.c to pwutil.c and
	pwcache_get and pwcache_put as they are no longer needed. Also add
	preprocessor magic to use private versions of the passwd and group
	routines if MYPW is defined (for use by testsudoers).
	[a16b8678a426]

	* tsgetgrpw.c:
	zero out struct passwd/group before filling it in so if there are
	fields we don't handle they end up as 0.
	[274cb6a93301]

	* logging.c, sudo.c, sudo.h, testsudoers.c, visudo.c:
	Adapt to pwutil.c
	[43ebd04c8b82]

	* Makefile.in:
	Add tsgetgrpw.c and pwutil.c Rename the *OBJ variables for better
	readability.
	[7f88c6061e2d]

	* tsgetgrpw.c:
	Passwd and group lookup routines for testsudoers that support
	alternate passwd and group files.
	[d7803101d34e]

	* getspwuid.c, pwutil.c:
	Split off pw/gr cache and dup code into its own file. This allows
	visudo and testsudoers to use the pw/gr cache too.
	[ef333d3ffedf]

2005-01-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* parse.c:
	Print Defaults info in "sudo -l" output and wrap lines based on the
	terminal width.
	[e559eae4250e]

2005-01-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* match.c, testsudoers.c, visudo.c:
	Only check group vector in usergr_matches() if we are matching the
	invoking or list user. Always check the group members, even if there
	was a group vector.
	[d0c7ceb2a041]

2004-12-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* LICENSE, Makefile.in, fnmatch.3:
	No longer bundle fnmatch.3
	[72db4a4ff4e1]

	* CHANGES, TODO:
	checkpoint
	[e92781bfd99c]

2004-12-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.c:
	sort usage
	[15e3b876ec2c]

	* sudo.pod:
	Sort command line options
	[c1fa56584bc4]

	* def_data.c, def_data.h, def_data.in, defaults.c, logging.c, sudo.c,
	sudo.pod, sudoers.pod:
	Add closefrom sudoers option to start closing at a point other than
	3. Add closefrom_override sudoers option and -C sudo flag to allow
	the user to specify a different closefrom starting point.
	[370652b099d1]

	* pathnames.h.in:
	Add _PATH_DEVNULL for those without it.
	[0c4c3e0ceb8b]

	* LICENSE:
	no more UCB strcasecmp
	[397a6298e07f]

	* strcasecmp.c:
	replace BSD licensed one with version derived from pdksh
	[d7cfda8c57a2]

2004-12-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.c:
	Fix last commit.
	[7afb9a180532]

	* sudo.c:
	Make sure stdin, stdout and stderr are open and dup them to
	/dev/null if not.
	[590f387068bd]

2004-12-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* ldap.c, mon_systrace.c, sudo.c, sudo.h:
	add sudo_ldap_close
	[4273a36765a7]

	* fileops.c, gettime.c, sudo.c, sudo_edit.c, utimes.c, visudo.c:
	Use TIME_WITH_SYS_TIME
	[c32b59bf15fb]

	* config.h.in, configure, configure.in:
	Add TIME_WITH_SYS_TIME_H
	[57cb146f451d]

2004-12-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* env.c:
	Add missing braces to avoid DYLD_FORCE_FLAT_NAMESPACE being set
	unconditionally on darwin. From Toby Peterson.
	[d69959681c87]

	* getspwuid.c:
	Check rbinsert() return value. In the case of faked up entries there
	is usually a negative response cached that we need to overwrite.

	In pwfree() don't try to zero out a NULL pw_passwd pointer.
	[00b32d1a48c1]

	* mon_systrace.c:
	Use the double fork trick to avoid the monitor process being waited
	for by the main program run through sudo.
	[e0ce556712ff]

2004-11-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.c:
	Call initgroups() in -U mode so group matches work normally.
	[2235bea15283]

	* def_data.h, mkdefaults:
	Don't print a trailing comma for the last entry in enum def_tupple
	[c43a96bb31df]

2004-11-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudoers.cat, sudoers.man.in, sudoers.pod:
	Mention values when lecture, listpw and verifypw are used in boolean
	context.
	[a0b5c0abaccf]

	* def_data.c, def_data.in:
	verifypw when used in a boolean TRUE context should be "all", not
	"any".
	[2eb076ddd5e2]

2004-11-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* def_data.in, defaults.c:
	Allow tuples that can be used as booleans to be used as boolean
	TRUE. In this case the 2nd possible value of the tuple is used for
	TRUE.
	[bd99aa77e88b]

2004-11-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Correct the test for 2-parameter timespecsub
	[d41c9cb26b97]

	* sudo.h:
	Add strub struct definitions for passwd, timeval and timespec
	[c4ce5c43d8c5]

	* config.h.in, configure, configure.in, sudo_edit.c, visudo.c:
	Add check for 2-argument form of timespecsub (FreeBSD and BSD/OS)
	and fix a typo in the gettimeofday check.
	[8ac9893057ce]

2004-11-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* match.c, testsudoers.c:
	Deal with user_stat being NULL as it is for visudo and testsudoers.
	[3605a6ff64d0]

	* parse.c, sudo.c, sudo.cat, sudo.h, sudo.man.in, sudo.pod:
	Add -U option to use in conjunction with -l instead of -u. Add
	support for "sudo -l command" to test a specific command.
	[99638789d415]

	* gram.c, gram.y, sudo.c:
	Set safe_cmnd after sudoers_lookup() if it has not been set.
	Previously it was set by sudo "ALL" in the parser but at that point
	the fully-qualified pathname has not yet been found.
	[ac30d98f8225]

2004-11-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* parse.c, testsudoers.c:
	Correctly handle multiple privileges per userspec and runas
	inheritence.
	[a98a965181af]

2004-11-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* defaults.c:
	Zero out sd_un for each entry in sudo_defs_table in init_defaults.
	[031d3cd4a848]

2004-11-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* toke.c, toke.l:
	make per-command defaults work with sudoedit
	[e56fe33db916]

	* ldap.c, parse.c, sudo.c, sudo.h:
	Remove the FLAG_NOPASS, FLAG_NOEXEC and FLAG_MONITOR flags. Instead,
	we just set the approriate defaults variable.
	[756eeecc1d86]

	* sample.sudoers, sudoers.cat, sudoers.man.in, sudoers.pod:
	Document per-command Defaults.
	[92a0f84b91c1]

	* defaults.c, defaults.h, gram.c, gram.h, gram.y, mon_systrace.c,
	sudo.c, testsudoers.c, toke.c, toke.l, visudo.c:
	Add support for command-specific Defaults entries. E.g.
	Defaults!/usr/bin/vi noexec
	[be3d52bf01cf]

	* defaults.c, match.c, parse.c, parse.h, testsudoers.c:
	Change an occurence of user_matches() -> runas_matches() missed
	previously runas_matches(), host_matches() and cmnd_matches() only
	really need to pass in a list of members. user_matches() still needs
	to pass in a passwd struct because of "sudo -l"
	[833b22fc6fa0]

	* parse.c:
	Check def_authenticate, def_noexec and def_monitor when setting
	return flags. XXX May be better to just set the defaults directly
	and get rid of those flags.
	[b6db22b59d69]

	* alias.c, alloc.c, auth/afs.c, auth/aix_auth.c, auth/bsdauth.c,
	auth/dce.c, auth/fwtk.c, auth/kerb4.c, auth/kerb5.c, auth/pam.c,
	auth/passwd.c, auth/rfc1938.c, auth/secureware.c, auth/securid.c,
	auth/securid5.c, auth/sia.c, auth/sudo_auth.c, check.c, closefrom.c,
	defaults.c, env.c, error.c, fileops.c, find_path.c, fnmatch.c,
	getcwd.c, getprogname.c, getspwuid.c, gettime.c, glob.c, goodpath.c,
	gram.c, gram.y, interfaces.c, ldap.c, logging.c, match.c,
	mon_systrace.c, parse.c, redblack.c, set_perms.c, snprintf.c,
	strcasecmp.c, strerror.c, strlcat.c, strlcpy.c, sudo.c, sudo_edit.c,
	sudo_noexec.c, testsudoers.c, tgetpass.c, toke.c, toke.l, utimes.c,
	visudo.c, zero_bytes.c:
	Use: #include <config.h> Not: #include "config.h" That way we get
	the correct config.h when build dir != src dir
	[97e5670a442b]

	* Makefile.in:
	Back out part of rev 1.263; fix -I order
	[197ea01cad5d]

	* toke.c, toke.l:
	More robust parsing if #include; could be much better still.
	[31bc3cd8f045]

	* sudo_edit.c, visudo.c:
	Make arg splitting in visudo and sudoedit consistent.
	[7bc74485f246]

	* Makefile.in, alias.c, gram.c, gram.y, parse.h:
	Split alias routines out into their own file.
	[d90f633cf9ae]

	* error.h:
	__attribute__ is already defined in compat.h
	[676ed3fe9203]

	* visudo.c:
	quit() should not be __noreturn__ as it is non-void on some
	platforms.
	[e528c2b6ba10]

	* auth/fwtk.c, auth/rfc1938.c, auth/securid.c, auth/securid5.c:
	Add local error/warning functions like err/warn but that call an
	additional cleanup routine in the error case. This means we no
	longer need to compile a special version of alloc.o for visudo.
	[e78e8aae882e]

	* parse.h:
	Clarify comments about the data structures
	[ae894e266701]

2004-11-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* visudo.c:
	Add support for VISUAL and EDITOR containing command line args. If
	env_editor is not set any args in VISUAL and EDITOR are ignored.
	Arguments are also now supported in def_editor.
	[ff7303b8e298]

2004-11-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* parse.h:
	alias_matches() is no more
	[b59825e28084]

	* CHANGES, TODO:
	sync
	[2b8f5f63c1de]

	* Makefile.in:
	When regenerating the parser, don't replace gram.h unless it has
	changed.
	[819949668018]

	* Makefile.in:
	remove Makefile.binary for distclean
	[351eec8d00b2]

	* env.c:
	Preserve KRB5CCNAME in zero_env() and add a paranoia check to make
	sure we can't overflow new_env.
	[3284d17b9c6d]

	* sudo_edit.c:
	paranoia when stripping trailing slashes from tempdir.
	[012f1aa2b81f]

	* sudo.c:
	Set user_ngroups to 0 if getgroups() returns an error.
	[c46d43e9449a]

2004-11-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.in, sudo.c:
	Add configure check for getgroups()
	[5d8a214e2cef]

	* ldap.c:
	Use supplementary group vector in struct sudo_user.
	[3d0c463c034d]

	* match.c:
	Only do string comparisons on the group members if there is no
	supplemental group list.
	[be1c8362f7ef]

	* CHANGES, TODO:
	sync
	[db188bc5b975]

	* sudo_edit.c:
	On Digital UNIX _PATH_VAR_TMP doesn't end with a trailing slash so
	chop off any trailing slashes we see and add an explicit one.
	[e1b477dafee1]

	* match.c:
	remove bogus XXX comment
	[8aecb8a28d40]

	* match.c:
	Get rid of alias_matches and correctly fall through to the non-alias
	cases when there is no alias with the specified name.
	[2cd555246f09]

	* getspwuid.c:
	Cache non-existent passwd/group entries too.
	[8de9a467d271]

	* gram.c:
	regen
	[9ece18c58f36]

	* getspwuid.c:
	fix typo
	[9a7ae371eac1]

	* check.c, getspwuid.c, glob.c, ldap.c, logging.c, match.c,
	mon_systrace.h, sudo.c, sudo.h, testsudoers.c, visudo.c:
	Implement group caching and use the passwd and group caches
	throughout.
	[f1d8c5015169]

2004-11-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* match.c:
	Properly negate the return value of alias_matches() when
	appropriate.
	[ce59c4ce77ad]

	* match.c:
	Make hostname_matches() return TRUE for a match, else FALSE like the
	caller expects.
	[1dc03902d3a2]

	* Makefile.in:
	Add missing dependencies on gram.h
	[4f94bbb1d50c]

	* match.c:
	Use runas_matches in alias_matches() now that we have it.
	[284d22e91178]

	* parse.c, parse.h:
	Expand aliases in "sudo -l" mode
	[f67a38b79c44]

	* gram.y, match.c:
	Use ALIAS for the member type when storing an alias instead of
	HOSTALIAS/RUNASALIAS/CMNDALIAS/USERALIAS since match.c relies on the
	more generic type. Expand runas_matches instead of calling
	user_matches() inside of it since user_matches() looks up
	USERALIASes, not RUNASALIASes.
	[52004d75232b]

	* CHANGES, getspwuid.c:
	Paranoia; zero out pw_passwd before freeing passwd entry.
	[bd1b22638f00]

	* LICENSE, Makefile.in, alloc.c, check.c, config.h.in, configure,
	configure.in, defaults.c, emul/err.h, env.c, err.c, error.c,
	error.h, find_path.c, interfaces.c, logging.c, mon_systrace.c,
	sudo.c, sudo.h, sudo_edit.c, testsudoers.c, visudo.c:
	Add local error/warning functions like err/warn but that call an
	additional cleanup routine in the error case. This means we no
	longer need to compile a special version of alloc.o for visudo.
	[25000b676cfe]

	* match.c:
	Use userpw_matches() to compare usernames, not strcmp(), since the
	latter checks for "#uid".
	[fcbe4b859f66]

	* getspwuid.c, mon_systrace.c, mon_systrace.h, sudo.c:
	Cache passwd db entries in 2 reb-black trees; one indexed by uid,
	the other by user name. The data returned from the cache should be
	considered read-only and is destroyed by sudo_endpwent().
	[ee2418ff3f86]

	* match.c:
	add cast to uid_t
	[eb6415302d84]

	* gram.y:
	missing free in alias_destroy
	[572ecb680ad8]

	* redblack.c:
	Can't use rbapply() for rbdestroy since the destructor is passed a
	data pointer, not a node pointer.
	[11ce713830c0]

	* getspwuid.c, logging.c, sudo.c, sudo.h:
	Create and use private versions of setpwent() and endpwent() that
	set/end the shadow password file too.
	[616bc76d23bf]

	* gram.c, gram.h, gram.y, match.c, parse.h, testsudoers.c, visudo.c:
	Store aliases in a red-black tree.
	[ce017d540416]

	* Makefile.in, redblack.c, redblack.h:
	red-black tree implementation
	[cd5586e8f48b]

	* visudo.c:
	Edit all sudoers file if there were unused or undefined aliases and
	we are in strict mode.
	[b6d5f5bb7262]

2004-11-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* CHANGES, def_data.c, def_data.h, def_data.in, defaults.c, env.c,
	find_path.c, sudoers.cat, sudoers.man.in, sudoers.pod, visudo.c:
	Bring back the "secure_path" Defaults option now that Defaults take
	effect before the path is searched.
	[2e52c0e27606]

2004-11-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* logging.c, parse.c:
	A user can always list their own entries, even with -u. Better error
	message when failing to list another user's entries.
	[e2e24deb0071]

	* parse.c, sudo.c, sudo.h:
	The syntax to list another user's entries is now "-u otheruser -l".
	Only root or users with sudo "ALL" may list other user's entries.
	[3c0657e8f5fe]

	* sudo.cat, sudo.man.in, sudo.pod:
	Update env variable info in SECURITY NOTES
	[299716071024]

	* env.c:
	strip CDPATH too
	[9b97643b26f9]

	* env.c:
	strip exported bash functions from the environment.
	[9e5090c8284f]

2004-10-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.c:
	Only reset sudo_user.pw based on SUDO_USER environment variables for
	real commands and sudoedit. This avoids a confusing message when a
	user tries "sudo -l" or "sudo -v" and is denied.
	[3ea6d0053274]

	* gram.c, gram.y, parse.h:
	Extend LIST_APPEND to deal with appending lists too
	[d963e42f622f]

2004-10-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* logging.c:
	Convert some bitwise AND to ISSET
	[130dc40d268e]

	* lex.yy.c, toke.c:
	toke.c replaces lex.yy.c
	[048858df79e7]

	* CHANGES, TODO:
	sync
	[d19e7abf251c]

	* BUGS:
	new parser fixes most of the outstanding bugs
	[0891f66e3758]

	* configure:
	regen
	[1a3358cc7283]

	* visudo.c:
	Rework for the new parser. Now checks for unused aliases in sudoers.
	[ad462ede3094]

	* testsudoers.c:
	Rewrite for the new parser. Now supports a -d flag (dump) and adds a
	-h flag (host). It now defaults to the local hostname unless
	otherwise specified.
	[1b69685cc601]

	* sudo.h:
	Add new prototypes. Remove NOMATCH/UNSPEC (now in parse.h)
	[2e4fb3abfef0]

	* sudo.c:
	Update for new parse. We now call find_path() *after* we have
	updated the global defaults based on sudoers. Also adds support for
	listing other user's privs if you are root.
	[cf3db9fc3024]

	* mon_systrace.c:
	Working LDAP support; also remove a now-unneeded rewind().
	[649ecf1baf6b]

	* logging.c, logging.h:
	Add NO_STDERR flag.
	[6cb935af94e0]

	* ldap.c:
	Split sudo_ldap_check() into three pieces: sudo_ldap_open(),
	udo_ldap_update_defaults() and sudo_ldap_check(). This allows us to
	connecto to LDAP, apply the default options, find the command in the
	user's path, and then check whether the user is allowed to run it.
	The important thing here is that the default runas user may be
	specified as a default option and that needs to be set before we
	search for the command.
	[fc0426abc6f1]

	* ldap.c:
	Add casts to unsigned char for isspace() to quiet a gcc warning.
	[e5358e3df439]

	* defaults.h:
	Add prototype for update_defaults()
	[564dac3db74e]

	* defaults.c:
	Don't warn about line numbers now that we operate on a set of data
	structures (or LDAP) and not a file.
	[bcd9ffb9b67c]

	* config.h.in:
	No long use lsearch()
	[9d048c587319]

	* Makefile.in:
	Update for new and changed file names.
	[6f424a7c4515]

	* LICENSE:
	no more BSD lsearch.c
	[463a96d89026]

	* match.c:
	foo_matches() routines now live in match.c Added user_matches(),
	runas_matches(), host_matches(), cmnd_matches() and alias_matches()
	that operate on the parsed sudoers file.
	[b14da8a0567e]

	* parse.lex, toke.l:
	Move parse.lex -> toke.l Rename buffer_frob() -> switch_buffer()
	WORD no longer needs to exclude '@' kill yywrap()
	[a922294eb7b7]

	* gram.c, gram.h, gram.y, parse.c, parse.h, parse.yacc, sudo.tab.c,
	sudo.tab.h:
	Rewritten parser that converts sudoers into a set of data
	structures. This eliminates ordering issues and makes it possible to
	apply sudoers Defaults entries before searching for the command.
	[30d2ec4d203c]

	* configure.in, emul/search.h, lsearch.c:
	We won't be using lsearch() any longer.
	[29c4d54bfac0]

	* ldap.c:
	sudo should not send mail if someone who runs 'sudo -l' has no
	entry.
	[6fc27a69fd9c]

	* sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in, visudo.cat,
	visudo.man.in:
	regen
	[8166347917f3]

	* visudo.pod:
	Update warnings to match new visudo
	[004c0766798f]

	* sudoers.pod:
	The new parser doesn't have the old ordering constraints.
	[ffd43bd08661]

	* sudo.pod:
	Document that -l now takes an optional username argument
	[278f9557de8b]

2004-10-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* RUNSON:
	AIX 5.2.0.0 works
	[523acd29d858]

	* ldap.c:
	If LDAP_OPT_SUCCESS is not defined, use LDAP_SUCCESS instead. Fixes
	a compilation problem with Solaris 9's native LDAP.

	Set FLAG_MONITOR when needed.
	[35824ade672d]

2004-10-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mon_systrace.c:
	Call sudo_goodpath() *after* changing the cwd to match the traced
	process. Fixes relative paths.
	[12ee111d0ad7]

2004-10-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* testsudoers.c:
	Kill set_perms() stub--it is no longer needed.
	[116ed702935d]

2004-10-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudoers.cat, sudoers.man.in, sudoers.pod:
	stay_setuid now requires set_reuid() or setresuid()
	[8511f67e25d5]

	* INSTALL, PORTING, TROUBLESHOOTING, config.h.in, configure,
	configure.in, set_perms.c, sudo.c, sudo.h:
	Kill use of POSIX saved uids; they aren't worth bothering with.
	[b3b1f19f18c1]

2004-10-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* glob.c:
	remove call to issetugid()
	[63f2e492c08f]

	* sudoers.cat, sudoers.man.in, sudoers.pod:
	Remove warning about wildcards. Now that we use glob() the bug is
	fixed.
	[b15729d32266]

	* parse.c:
	Use glob(3) instead of fnmatch(3) for matching pathnames and stat
	each result that matches the basename of the user's command. This
	makes "cd /usr/bin ; sudo ./blah" work when sudoers allows
	/usr/bin/blah. Fixes bug #143.
	[e31eb6310340]

	* config.h.in, configure, configure.in:
	Define HAVE_EXTENDED_GLOB for extended glob (GLOB_TILDE and
	GLOB_BRACE)
	[677ed6661e17]

	* config.h.in, configure, configure.in:
	Check for a glob() that supports GLOB_BRACE and GLOB_TILDE
	[aaa2329dd266]

	* LICENSE:
	reference glob
	[bedc9a923423]

	* glob.c:
	4.4BSD glob(3) with fixes from OpenBSD and some unneeded extensions
	removed.
	[81799451473c]

	* emul/glob.h:
	4.4BSD glob(3) with fixes from OpenBSD and some unneeded extensions
	removed.
	[0335cf31fb1e]

2004-10-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mon_systrace.c:
	Just return if STRIOCINJECT or STRIOCREPLACE fail. It probably means
	we are out of space in the stack gap...
	[5b02b702021e]

	* CHANGES:
	sync
	[be3826273e56]

	* mon_systrace.c:
	Take a stab at ldap sudoers support here.
	[9d023695b0de]

	* mon_systrace.c, mon_systrace.h:
	Detach from tracee on SIGHUP, SIGINT and SIGTERM. Now "sudo reboot"
	doesn't cause reboot to inadvertanly kill itself.
	[d4aab2365610]

	* mon_systrace.c:
	put "monitor" in the proctitle, not "systrace"
	[9a9025767d86]

	* mon_systrace.c:
	When modifying the environment, don't replace envp when we can get
	away with just rewriting pointers in the traced process.
	[c03622f7a2e2]

	* mon_systrace.c, mon_systrace.h:
	Add environment updating via STRIOCINJECT (if available).
	[037291016870]

	* sudoers.cat, sudoers.man.in:
	regen
	[869acc511046]

2004-10-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lex.yy.c:
	regen
	[4e61a9bd3c97]

	* parse.lex:
	Fix bug introduced in unput() removal; want yyless(0) not yyless(1)
	[b70d7bd6e147]

	* mon_systrace.c:
	Include file is now mon_systrace.h
	[ead4e36d92ae]

	* Makefile.in, configure, configure.in, def_data.c, def_data.h,
	def_data.in, lex.yy.c, parse.c, parse.h, parse.lex, parse.yacc,
	sudo.c, sudo.h, sudo.tab.c, sudo.tab.h, sudoers.pod:
	No longer call it tracing, it is now "monitoring" which should be
	more a obvious name to non-hackers.
	[aa811ded0789]

2004-10-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mon_systrace.c, mon_systrace.h:
	Fix some XXX
	[a271072dacc6]

	* mon_systrace.c, mon_systrace.h:
	No need to include syscall.h, use 1024 as the max # of entries (the
	max that systrace(4) allows).

	Only need to use SYSTR_POLICY_ASSIGN once

	Change check_syscall() -> find_handler() and have it return the
	handler instead of just running it. We need this since handler now
	have two parts: one part that generates and answer and another that
	gets called after the answer is accepted (to do logging).

	Add some missing check_exec for emul execv
	[a89d243f0525]

	* sample.pam, sample.sudoers, sample.syslog.conf, sudoers:
	Add $Sudo$ tags.
	[6f3fedb0daba]

	* config.h.in:
	Add missing HAVE_LINUX_SYSTRACE_H
	[ff75ab7bfc53]

	* Makefile.in:
	add trace_systrace.o dependency
	[88a408668ab2]

2004-09-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Also look for systrace.h in /usr/include/linux
	[98b98b436cf3]

	* mon_systrace.c, mon_systrace.h:
	Move all struct defs and prototypes into trace_systrace.h and mark
	all but systace_attach() static.
	[85511253b570]

	* mon_systrace.c, mon_systrace.h:
	Add support for tracing emulations. At the moment, all emulations
	are compiled in. It might make sense to #ifdef them in the future,
	though this impeeds readability.
	[87bb50abf277]

	* Makefile.in, configure, configure.in:
	rename systrace.c -> trace_systrace.c
	[31cfa4407d93]

	* parse.yacc, sudo.tab.c:
	Allow this to build with a K&R compiler again
	[32876af5bb98]

	* TODO:
	sync
	[46865bd70f7c]

	* compat.h, sudo.c, visudo.c:
	Use __attribute__((__noreturn__))
	[65bbad71fe89]

	* visudo.c:
	Exit() takes a negative value to indicate it was not called via
	signal.
	[b93032ed7b60]

	* sudo.cat, sudo.man.in, sudoers.cat, sudoers.man.in, visudo.cat,
	visudo.man.in:
	regen
	[45bcf4661558]

	* Makefile.in, visudo.c:
	Define Err() and Errx() that are like err() and errx() but call
	Exit() instead of exit(). Build private copy of alloc.o for visudo
	that calls Err() and Errx().
	[c6d02bf42edd]

2004-09-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lex.yy.c, sudo.tab.c:
	regen
	[39de7e7c59da]

	* CHANGES:
	sync
	[ba481d9ed1aa]

	* visudo.c:
	Overhaul visudo for editing multiple files: o visudo has been broken
	out into functions (more work needed here) o each file is now edited
	before sudoers is re-parsed o if a #include line is added that file
	will be edited too

	TODO: o cleanup temp files when exiting via err() or errx() o
	continue breaking things out into separate functions
	[80c35cf534eb]

	* parse.lex, sudo.c, sudo.h, testsudoers.c, visudo.c:
	Add keepopen arg to open_sudoers that open_sudoers can use to
	indicate to the caller that the fd should not be closed when it is
	done with it. To be used by visudo to keep locked fds from being
	closed prematurely (and thus losing the lock).
	[f330fe632470]

	* parse.yacc, sudo.c:
	Add errorfile global that contains the name of the file that caused
	the error.
	[98079c7a37ed]

	* parse.lex:
	return COMMENT to yacc grammar for a #include line
	[2024a8de4fa8]

	* parse.lex:
	Remove us of unput() in favor of yyless() which is cheaper.
	[c61291902beb]

	* parse.yacc:
	Allow an empty sudoers file.
	[62fb111db2e7]

2004-09-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mon_systrace.c:
	Rewind sudoers_fp now that sudoers_lookup() doesn't do it for us.
	[9e15869ef597]

	* lex.yy.c, sudo.tab.c:
	regen
	[c29bdd43bfad]

	* visudo.c:
	Do signal setup before calling edit_sudoers(). Don't shadow the
	"quiet" global.
	[74252efd09ff]

	* visudo.c:
	If a sudoers file includes other files, edit those too. Does not yes
	deal with creating the new includes files itself.
	[06af7b9c173f]

	* testsudoers.c:
	init_parser now takes a path
	[b5ee186eb192]

	* parse.c, parse.h, parse.lex, parse.yacc:
	More scaffolding for dealing with multiple sudoers files: o
	init_parser() now takes a path used to populate the sudoers global o
	the sudoers global is used to print the correct file in yyerror() o
	when switching to a new sudoers file, perserve old file name and
	line number
	[d9be4970b8bd]

	* Makefile.in, pathnames.h.in:
	Kill _PATH_SUDOERS_TMP; it is not meaningful now that we can have
	multiple sudoers files.
	[6ccc4e921c43]

	* parse.c, sudo.c:
	Rewind sudoers_fp in open_sudoers() instead of sudoers_lookup() so
	we start at the right file position when reading include files.
	[91fcb961e7a4]

	* sudoers.pod:
	document #include
	[fbb92a25a726]

	* lex.yy.c:
	regen
	[50cd7a4c9dff]

	* parse.lex:
	Add max depth of 128 for the include stack to avoid loops.

	Since yyerror() doesn't stop parsing, pass return values back to
	yylex and call yyterminate() on error.
	[e79dbffb729d]

2004-09-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudoers.pod:
	document tracing
	[165a467eadd8]

	* sudo.pod:
	Mention PREVENTING SHELL ESCAPES section of sudoers man page
	[3217ccecd834]

	* lex.yy.c, sudo.tab.c:
	regen
	[fbd58d1d3a76]

	* parse.lex:
	Add support for #include in sudoers (visudo support TBD)
	[a78015ca81af]

	* parse.yacc:
	make yyerror()'s argument const
	[7d8e168c019a]

	* testsudoers.c, visudo.c:
	Add open_sudoers() stubs.
	[087466787198]

	* sudo.c, sudo.h:
	Rename check_sudoers() open_sudoers() and make it return a FILE *
	[142fc511fc65]

2004-09-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* BUGS, INSTALL, INSTALL.binary, Makefile.in, README, configure.in,
	version.h:
	Crank version
	[1adc3f839480]

	* Makefile.in, sudo.psf:
	Better HP-UX depot construction
	[2d952b000e63]

2004-09-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mon_systrace.c:
	o Made children global so check_exec() can lookup a child. o
	Replaced uid in struct childinfo with struct passwd * (for runas) o
	new_child() now takes a parent pid so the runas info can be
	inherited o Added find_child() to lookup a child by its pid o
	update_child() now fills in a struct passwd o Converted the big
	if/else mess in set_policy to a switch o Syscalls that change uid
	are now "ask" so we get SYSTR_MSG_UGID events
	[29b9ea3f09a3]

	* getspwuid.c:
	Add flag to sudo_pwdup that indicates whether or not to lookup the
	shadow password. Will be used to a struct passwd that has the shadow
	password already filled in.
	[e19d43dd7238]

	* mon_systrace.c:
	add missing increment of addr in read_string()
	[f9eb0f060cb6]

	* mon_systrace.c:
	Remove bogus call to update_child() and some cosmetic fixes
	[701ab0b97fef]

	* mon_systrace.c:
	Don't leak /dev/systrace fd to tracee Make initialized global for
	simplicity If STRIOCATTACH returns EBUSY we are already being traced
	Check for user_args == NULL in setproctitle() call Add missing calls
	to STRIOCANSWER
	[1956edf9bc3a]

	* sudo.c:
	g/c sudo_pwdup proto
	[b7c4d6249ecb]

	* Makefile.in, sudo.psf:
	Add target for building a depot file
	[357019efd99b]

	* mon_systrace.c:
	trim includes
	[501534428471]

2004-09-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lex.yy.c, sudo.tab.c, sudo.tab.h:
	regen
	[52fd250c6986]

	* INSTALL:
	document --with-systrace
	[79623927c94e]

	* config.h.in, configure, configure.in:
	Add check for setproctitle
	[1730cf1c26ed]

	* mon_systrace.c:
	pass struct str_msg_ask in to syscall checker so it can set the
	error code
	[1703fd2fdef6]

	* mon_systrace.c:
	systrace(4) support for sudo. On systems with the systrace(4) kernel
	facility (OpenBSD, NetBSD, Linux w/ patches) sudo can intercept exec
	calls and check the exec args against the sudoers file. In other
	words, sudo can now control subcommands and shell escapes.
	[928c9217c386]

	* sudo.c, sudo.h:
	Call systrace_attach() if FLAG_TRACE is set.
	[014ba9402fa5]

	* parse.c, parse.h, parse.lex, parse.yacc, sudo.h:
	Add trace Defaults option and TRACE/NOTRACE tags and set FLAG_TRACE
	[a99904db5e56]

	* parse.c, sudo.c:
	Don't close sudoers_fp, keep it open and set close on exec flag
	instead.
	[43a9fec60bee]

	* def_data.c, def_data.h, def_data.in:
	Add trace option
	[5b643b86730a]

	* Makefile.in:
	Add systrace
	[47a0519c427c]

	* INSTALL:
	SunOS /bin/sh blows up with configure
	[005a23cc5615]

	* configure, configure.in:
	Include sys/param.h before systrace.h
	[9345bc8efecf]

	* configure:
	regen
	[a8f53fcbb254]

	* pathnames.h.in:
	_PATH_DEV_SYSTRACE
	[d2ad1e492a00]

	* configure.in:
	line up options in --help
	[fa51f2821d09]

	* config.h.in, configure.in:
	Add --with-systrace
	[a264d54bc413]

2004-09-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure:
	regen
	[a4dad0bcc523]

	* aclocal.m4, configure.in:
	make this work