From owner-freebsd-ports@FreeBSD.ORG Mon Jul 16 18:28:49 2007 Return-Path: X-Original-To: ports@freebsd.org Delivered-To: freebsd-ports@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 04C7916A404 for ; Mon, 16 Jul 2007 18:28:49 +0000 (UTC) (envelope-from tmclaugh@sdf.lonestar.org) Received: from straycat.dhs.org (c-24-63-86-11.hsd1.ma.comcast.net [24.63.86.11]) by mx1.freebsd.org (Postfix) with ESMTP id BC71413C4A6 for ; Mon, 16 Jul 2007 18:28:48 +0000 (UTC) (envelope-from tmclaugh@sdf.lonestar.org) Received: from [192.168.1.127] (bofh.straycat.dhs.org [192.168.1.127]) by straycat.dhs.org (8.13.8/8.13.8) with ESMTP id l6GI6hR8006888 for ; Mon, 16 Jul 2007 14:06:44 -0400 (EDT) From: Tom McLaughlin To: ports@freebsd.org Content-Type: text/plain Date: Mon, 16 Jul 2007 14:06:43 -0400 Message-Id: <1184609203.16067.54.camel@localhost> Mime-Version: 1.0 X-Mailer: Evolution 2.10.2 FreeBSD GNOME Team Port Content-Transfer-Encoding: 7bit Cc: Subject: PLEASE TEST: sudo-1.6.9 X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 16 Jul 2007 18:28:49 -0000 Hi all, After nearly 2 years sudo 1.6.9 should be released very shortly. The two things I've been excited about is group order in nsswitch no longer matters when trying to use group based permissions and SASL support has been added when using LDAP based rules. I've been using the RCs for the past few weeks and so far the only issue I've seen is some SASL related problems. (More on that later.) Before I commit an update to the port I'd like to get a little feedback. From looking at UPGRADING and CHANGES a lot of work has gone into this new release. Environment handling has been heavily redone. I don't want hate mail from people if their stuff breaks so here's your chance... http://people.freebsd.org/~tmclaugh/files/sudo-1.6.9.r4.diff As for SASL support, I'm having a problem when sasl_auth_id is set in ldap.conf which is causing sudo to fail to authenticate when attempting to bind to LDAP while nss_ldap shows no issues. (By the way, should I change sudo to use nss_ldap.conf instead of ldap.conf since that's what nss_ldap installs and the file is meant to be shared? Maybe make this configurable?) Can someone explain to me how sasl_auth_id works in nss_ldap? It seems to have no effect on my setup here. I can set it to a totally bogus value and it works just fine. I've tried with versions 255 and the new 256. I'd be curious to here from other sudo+ldap users how the SASL support works for them. Thanks. tom -- | tmclaugh at sdf.lonestar.org tmclaugh at FreeBSD.org | | FreeBSD http://www.FreeBSD.org |