git: c403b7871cf0 - main - securty/sudo: Update to 1.9.8
Craig Leres
leres at freebsd.org
Wed Sep 15 22:52:00 UTC 2021
On 9/14/21 9:50 AM, Cy Schubert wrote:
> The branch main has been updated by cy:
>
> URL:https://cgit.FreeBSD.org/ports/commit/?id=c403b7871cf09f123de4151bb77e8438f342075e
>
> commit c403b7871cf09f123de4151bb77e8438f342075e
> Author: Cy Schubert<cy at FreeBSD.org>
> AuthorDate: 2021-09-13 15:32:19 +0000
> Commit: Cy Schubert<cy at FreeBSD.org>
> CommitDate: 2021-09-14 16:50:22 +0000
>
> securty/sudo: Update to 1.9.8
>
> Major changes between sudo 1.9.8 and 1.9.7p2:
This version isn't really working for me. I have some nagios checks that
run from nrpe3 as nagios that need root access. I install files in
/usr/local/etc/sudoers.d, e.g:
User_Alias CHECK_SSLCERT_ADMINS = nagios, leres
Cmnd_Alias CHECK_SSLCERT = /usr/local/libexec/check_sslcert
CHECK_SSLCERT_ADMINS ALL = (root) NOPASSWD: CHECK_SSLCERT
When I run the same command that nrpe3 is running I can see the error:
zinc 31 % /usr/local/bin/sudo -c root
/usr/local/libexec/check_sslcert -l 21
/usr/local/etc/letsencrypt/live/mod.lbl.gov/cert.pem
sudo: (null): option "use_loginclass" does not take a value
sudo: error initializing audit plugin sudoers_audit
I tried rebuilding with AUDIT disabled but it doesn't change anything.
Some of my systems had an older/non-default sudo.conf that had some
plugins enabled:
Plugin sudoers_policy sudoers.so
Plugin sudoers_io sudoers.so
Plugin sudoers_audit sudoers.so
but switching to the sudo.conf.defaults version (which has these
commented out) also doesn't help.
I'm so far unable to determine if my config is defective or if the new
sudo is borked.
Craig
More information about the dev-commits-ports-all
mailing list