Bug#698793: Patch

To: Joost van Baal-Ilić <joostvb-20130127-9@mdcc.cx>
Cc: 698793@bugs.debian.org
Subject: Bug#698793: Patch
From: Tim Marston <tim@ed.am>
Date: Sun, 27 Jan 2013 13:41:22 +0000
Message-id: <[🔎] 20130127134122.GA3903@waxworlds.org>
Reply-to: Tim Marston <tim@ed.am>, 698793@bugs.debian.org
In-reply-to: <[🔎] 20130127113037.GG3890@beskar.mdcc.cx>
References: <[🔎] 20130127111140.GA16331@waxworlds.org> <[🔎] 20130127113037.GG3890@beskar.mdcc.cx>

Hi Joost,

On Sun, Jan 27, 2013 at 12:30:37PM +0100, Joost van Baal-Ilić wrote:
> Thanks a lot!  I'll wait for your next revision of this patch, as we've
> just discussed IRL.

Here it is.  I've tested the proposed solution (moving your sudoers to
sudoers.d and keeping the default one) after an upgrade to
sudo-1.8.5p2-1, and it works.

-- 
Tim Marston
ed.am

Index: en/upgrading.dbk
===================================================================
--- en/upgrading.dbk	(revision 9557)
+++ en/upgrading.dbk	(working copy)
@@ -1227,6 +1227,37 @@
 may be required, either before or during the upgrade; these are detailed
 below on a per-package basis.
 </para>
+<section id="issues-sudo">
+<title>Sudo</title>
+<para>
+If you have modified <filename>/etc/sudoers</filename> then you should be aware
+of changes made to how <systemitem role="package">sudo</systemitem>
+configuration is handled.  The default <filename>/etc/sudoers</filename> now
+includes the following two directives:
+</para>
+<programlisting>Defaults        secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"</programlisting>
+<programlisting>#includedir /etc/sudoers.d</programlisting>
+<para>
+Neither of these entries are added to your <filename>/etc/sudoers</filename>
+automatically during the upgrade.  (Although you will still be able to run
+<command>sudo</command> commands by specifying their fully-qualified path.)  So
+you might wish to consider migrating your changes to the new
+<filename>/etc/sudoers.d</filename> directory and using the default
+<filename>/etc/sudoers</filename> file.  For example:
+</para>
+<screen>
+# mv /etc/sudoers /etc/sudoers.d/mychanges
+# mv /etc/sudoers.dpkg-new /etc/sudoers
+</screen>
+<para>
+You may also need to edit your <filename>/etc/sudoers.d/mychanges</filename> to
+remove unwanted <literal>Defaults</literal> and <literal>#includedir</literal>
+entries.  You should use <command>visudo</command> for this:
+</para>
+<screen>
+# visudo -f /etc/sudoers.d/mychanges
+</screen>
+</section>
 <section id="issues-evolution">
 <title>Evolution</title>
 <para>

Reply to:

References:
- Bug#698793: Patch
  - From: Tim Marston <tim@ed.am>
- Bug#698793: Patch
  - From: Joost van Baal-Ilić <joostvb-20130127-9@mdcc.cx>

Prev by Date: Bug#696068: Please add a note about slapd
Next by Date: Processed: tagging 698793
Previous by thread: Bug#698793: Patch
Next by thread: Processed: tagging 698793
Index(es):
- Date
- Thread