Upgrading sudo to 1.7.2.2 doesn't work with OPIE

Kirk Strauser kirk at strauser.com
Thu Feb 4 16:45:36 UTC 2010


On 02/04/2010 10:26 AM, Kirk Strauser wrote:
> Any idea why that may be or how I could troubleshoot it, short of 
> bisecting the sudo releases until I find the culprit?

Eh, did it anyway. The problem was with a change added between 1.7.2p1 
and 1.7.2p2. This patch fixes it:

--- auth/pam.c.orig     2010-02-04 10:43:28.635212518 -0600
+++ auth/pam.c  2010-02-04 10:43:34.194558424 -0600
@@ -107,13 +107,6 @@
      }

      /*
-     * Set PAM_RUSER to the invoking user (the "from" user).
-     * We set PAM_RHOST to avoid a bug in Solaris 7 and below.
-     */
-    (void) pam_set_item(pamh, PAM_RUSER, user_name);
-    (void) pam_set_item(pamh, PAM_RHOST, user_host);
-
-    /*
       * Some versions of pam_lastlog have a bug that
       * will cause a crash if PAM_TTY is not set so if
       * there is no tty, set PAM_TTY to the empty string.

I'll file a bug with the sudo folks, but if anyone else is having the 
same problem, this should get you running in the mean time.
-- 
Kirk Strauser


More information about the freebsd-questions mailing list