From owner-freebsd-questions@FreeBSD.ORG Thu Feb 4 16:45:36 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 36F8E106566B for ; Thu, 4 Feb 2010 16:45:36 +0000 (UTC) (envelope-from kirk@strauser.com) Received: from kanga.honeypot.net (kanga.honeypot.net [IPv6:2001:470:a80a:1:21f:d0ff:fe22:b8a8]) by mx1.freebsd.org (Postfix) with ESMTP id C282C8FC15 for ; Thu, 4 Feb 2010 16:45:35 +0000 (UTC) Received: from kanga.honeypot.net (localhost [127.0.0.1]) by kanga.honeypot.net (Postfix) with ESMTP id 32ADB413CD for ; Thu, 4 Feb 2010 10:45:35 -0600 (CST) X-Virus-Scanned: amavisd-new at honeypot.net Received: from kanga.honeypot.net ([127.0.0.1]) by kanga.honeypot.net (kanga.honeypot.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XcVppTGIUeO6 for ; Thu, 4 Feb 2010 10:45:31 -0600 (CST) Received: from [10.0.7.105] (wlan2-105.honeypot.net [10.0.7.105]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by kanga.honeypot.net (Postfix) with ESMTPSA id BC8A5413C6 for ; Thu, 4 Feb 2010 10:45:31 -0600 (CST) Message-ID: <4B6AF9AA.9090802@strauser.com> Date: Thu, 04 Feb 2010 10:45:30 -0600 From: Kirk Strauser User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.7pre) Gecko/20091214 Shredder/3.0.1pre MIME-Version: 1.0 To: freebsd-questions@freebsd.org References: <4B6AF54F.9090305@strauser.com> In-Reply-To: <4B6AF54F.9090305@strauser.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: Upgrading sudo to 1.7.2.2 doesn't work with OPIE X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Feb 2010 16:45:36 -0000 On 02/04/2010 10:26 AM, Kirk Strauser wrote: > Any idea why that may be or how I could troubleshoot it, short of > bisecting the sudo releases until I find the culprit? Eh, did it anyway. The problem was with a change added between 1.7.2p1 and 1.7.2p2. This patch fixes it: --- auth/pam.c.orig 2010-02-04 10:43:28.635212518 -0600 +++ auth/pam.c 2010-02-04 10:43:34.194558424 -0600 @@ -107,13 +107,6 @@ } /* - * Set PAM_RUSER to the invoking user (the "from" user). - * We set PAM_RHOST to avoid a bug in Solaris 7 and below. - */ - (void) pam_set_item(pamh, PAM_RUSER, user_name); - (void) pam_set_item(pamh, PAM_RHOST, user_host); - - /* * Some versions of pam_lastlog have a bug that * will cause a crash if PAM_TTY is not set so if * there is no tty, set PAM_TTY to the empty string. I'll file a bug with the sudo folks, but if anyone else is having the same problem, this should get you running in the mean time. -- Kirk Strauser