Date: Sun, 22 Mar 2026 22:17:57 +0000 From: Yusuf Yaman <nxjoseph@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Cc: Valdemar Erk <valdemar@erk.dev> Subject: git: 7450af9c503c - main - security/sudo-rs: Update 0.2.12 => 0.2.13 Message-ID: <69c06a95.21f55.768def0b@gitrepo.freebsd.org>
index | next in thread | raw e-mail
The branch main has been updated by nxjoseph: URL: https://cgit.FreeBSD.org/ports/commit/?id=7450af9c503c053659c06f96a098dd7e156a2377 commit 7450af9c503c053659c06f96a098dd7e156a2377 Author: Valdemar Erk <valdemar@erk.dev> AuthorDate: 2026-03-11 14:35:37 +0000 Commit: Yusuf Yaman <nxjoseph@FreeBSD.org> CommitDate: 2026-03-22 22:17:04 +0000 security/sudo-rs: Update 0.2.12 => 0.2.13 Changelog: - Password now gets echoed by default, see sudoers file to revert https://github.com/trifectatechfoundation/sudo-rs/releases/tag/v0.2.13 Port changes: - Replace hardcoded /usr/local with %%PREFIX%% in files/sudoers. - Use absolute path for "@includedir ..." in files/sudoers. PR: 293735 Reported by: Valdemar Erk <valdemar@erk.dev> Approved by: Marc Schoolderman <marc@trifectatech.org> (maintainer) Approved by: osa@ (mentor) --- security/sudo-rs/Makefile | 6 ++++-- security/sudo-rs/Makefile.crates | 2 +- security/sudo-rs/distinfo | 10 +++++----- security/sudo-rs/files/patch-src_pam_rpassword.rs | 14 ++++++++++++++ security/sudo-rs/files/{sudoers => sudoers.in} | 11 +++++++---- 5 files changed, 31 insertions(+), 12 deletions(-) diff --git a/security/sudo-rs/Makefile b/security/sudo-rs/Makefile index c85edcc53e91..e13cb04708df 100644 --- a/security/sudo-rs/Makefile +++ b/security/sudo-rs/Makefile @@ -1,6 +1,6 @@ PORTNAME= sudo-rs DISTVERSIONPREFIX= v -DISTVERSION= 0.2.12 +DISTVERSION= 0.2.13 CATEGORIES= security MAINTAINER= marc@trifectatech.org @@ -35,6 +35,8 @@ RS_SUFFIX= -rs PLIST_SUB+= NO_COEXIST="@comment " .endif +SUB_FILES= sudoers + PLIST_SUB+= RS_SUFFIX=${RS_SUFFIX} PORTDOCS= CHANGELOG.md CONTRIBUTING.md COPYRIGHT LICENSE-* README.md SECURITY.md @@ -55,7 +57,7 @@ post-install: ${RM} ${STAGEDIR}${PREFIX}/bin/su .if ${FLAVOR} == default ${INSTALL_DATA} ${FILESDIR}/pam.conf ${STAGEDIR}${PREFIX}/etc/pam.d/sudo.default - ${INSTALL_DATA} ${FILESDIR}/sudoers ${STAGEDIR}${PREFIX}/etc/sudoers.dist + ${INSTALL_DATA} ${WRKDIR}/sudoers ${STAGEDIR}${PREFIX}/etc/sudoers.dist .else ${MV} ${STAGEDIR}${PREFIX}/bin/sudo ${STAGEDIR}${PREFIX}/bin/sudo${RS_SUFFIX} .endif diff --git a/security/sudo-rs/Makefile.crates b/security/sudo-rs/Makefile.crates index 525a8f99b8d7..c594955d597a 100644 --- a/security/sudo-rs/Makefile.crates +++ b/security/sudo-rs/Makefile.crates @@ -1,2 +1,2 @@ CARGO_CRATES= glob-0.3.3 \ - libc-0.2.180 + libc-0.2.183 diff --git a/security/sudo-rs/distinfo b/security/sudo-rs/distinfo index 191186d4cc72..ccaec81c37d2 100644 --- a/security/sudo-rs/distinfo +++ b/security/sudo-rs/distinfo @@ -1,7 +1,7 @@ -TIMESTAMP = 1771292939 +TIMESTAMP = 1773238460 SHA256 (rust/crates/glob-0.3.3.crate) = 0cc23270f6e1808e30a928bdc84dea0b9b4136a8bc82338574f23baf47bbd280 SIZE (rust/crates/glob-0.3.3.crate) = 22861 -SHA256 (rust/crates/libc-0.2.180.crate) = bcc35a38544a891a5f7c865aca548a982ccb3b8650a5b06d0fd33a10283c56fc -SIZE (rust/crates/libc-0.2.180.crate) = 812207 -SHA256 (trifectatechfoundation-sudo-rs-v0.2.12_GH0.tar.gz) = 1f4a0577df3ae64fd35d75d30ece458fa18d57bdc7bc777aea3bfdfcb841dbeb -SIZE (trifectatechfoundation-sudo-rs-v0.2.12_GH0.tar.gz) = 1187822 +SHA256 (rust/crates/libc-0.2.183.crate) = b5b646652bf6661599e1da8901b3b9522896f01e736bad5f723fe7a3a27f899d +SIZE (rust/crates/libc-0.2.183.crate) = 816918 +SHA256 (trifectatechfoundation-sudo-rs-v0.2.13_GH0.tar.gz) = 79becefc504d14ffccc7cab18d42f8d892e78b2d13d9c5bb887c5f02a2721eaf +SIZE (trifectatechfoundation-sudo-rs-v0.2.13_GH0.tar.gz) = 1202390 diff --git a/security/sudo-rs/files/patch-src_pam_rpassword.rs b/security/sudo-rs/files/patch-src_pam_rpassword.rs new file mode 100644 index 000000000000..fd5dd22cf132 --- /dev/null +++ b/security/sudo-rs/files/patch-src_pam_rpassword.rs @@ -0,0 +1,14 @@ +Based upon https://github.com/trifectatechfoundation/sudo-rs/commit/d43ff79df262568d8977771f03977d5965bf8474 + +--- + +--- src/pam/rpassword.rs.orig 2026-03-11 14:23:39 UTC ++++ src/pam/rpassword.rs +@@ -263,6 +263,7 @@ fn read_unbuffered( + if read_byte == b'\t' && feedback.visible_len.take().is_some() { + feedback.clear(); + let _ = feedback.sink.write(b"(no echo)"); ++ continue; + } + } + diff --git a/security/sudo-rs/files/sudoers b/security/sudo-rs/files/sudoers.in similarity index 89% rename from security/sudo-rs/files/sudoers rename to security/sudo-rs/files/sudoers.in index 99ef7934c811..7c04747e20cf 100644 --- a/security/sudo-rs/files/sudoers +++ b/security/sudo-rs/files/sudoers.in @@ -10,12 +10,12 @@ ## ## Preserve editor environment variables for visudo. ## To preserve these for all commands, remove the "!visudo" qualifier. -Defaults!/usr/local/sbin/visudo env_keep += "SUDO_EDITOR EDITOR VISUAL" +Defaults!%%PREFIX%%/sbin/visudo env_keep += "SUDO_EDITOR EDITOR VISUAL" ## ## Use a hard-coded PATH instead of the user's to find commands. ## This also helps prevent poorly written scripts from running ## arbitrary commands under sudo. -Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" +Defaults secure_path="%%PREFIX%%/sbin:%%PREFIX%%/bin:/usr/sbin:/usr/bin:/sbin:/bin" ## ## Uncomment if needed to preserve environmental variables related to the ## FreeBSD pkg utility and fetch. @@ -49,6 +49,9 @@ Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/b ## not the user's own terminal, to prevent command injection. # Defaults>root !use_pty ## +## Uncomment if the historical silent password prompt is desired +# Defaults !pwfeedback +## ## ## User privilege specification @@ -69,5 +72,5 @@ root ALL=(ALL:ALL) ALL # Defaults targetpw # Ask for the password of the target user # ALL ALL=(ALL:ALL) ALL # WARNING: only use this together with 'Defaults targetpw' -## Read drop-in files from /usr/local/etc/sudoers.d -@includedir sudoers.d +## Read drop-in files from %%PREFIX%%/etc/sudoers.d +@includedir %%PREFIX%%/etc/sudoers.dhome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?69c06a95.21f55.768def0b>