Bug 639682

Summary: RFE: update to sudo 1.7.2, add /etc/sudoers.d
Product: Red Hat Enterprise Linux 6 Reporter: Moran Goldboim <mgoldboi>
Component: sudoAssignee: Daniel Kopeček <dkopecek>
Status: CLOSED DUPLICATE QA Contact: BaseOS QE Security Team <qe-baseos-security>
Severity: high Docs Contact:
Priority: high    
Version: 6.1CC: danken, dkopecek, iheim, kzak, ville.skytta, ykaul
Target Milestone: rcKeywords: FutureFeature
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: 551470 Environment:
Last Closed: 2010-11-23 10:10:13 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 551470    
Bug Blocks: 565939, 607923    

Description Moran Goldboim 2010-10-03 10:13:59 UTC 
+++ This bug was initially created as a clone of Bug #551470 +++

sudo 1.7.2 contains a new useful #includedir directive; it can be used to implement a /etc/sudoers.d directory to which for example packages can drop their sudoers snippets.

http://www.sudo.ws/cgi-bin/cvsweb/sudo/WHATSNEW?rev=1.21&content-type=text/x-cvsweb-markup
http://www.sudo.ws/cgi-bin/cvsweb/sudo/sudoers.pod.diff?r1=1.165&r2=1.166&f=h

--- Additional comment from dkopecek on 2010-01-07 11:02:17 EST ---

Updated:
 http://koji.fedoraproject.org/koji/buildinfo?buildID=149861

--- Additional comment from ville.skytta on 2010-01-08 15:47:08 EST ---

Thanks, but that build does not yet create or use the /etc/sudoers.d dir.  The attached (build tested only) patch should do the trick.

--- Additional comment from ville.skytta on 2010-01-08 15:48:01 EST ---

Created attachment 382550 [details]
Create and use /etc/sudoers.d by default

(Also includes an unrelated *.pod/man duplicate removal tweak.)

--- Additional comment from ville.skytta on 2010-01-08 15:49:43 EST ---

Created attachment 382551 [details]
/etc/sudoers part of the patch

--- Additional comment from dkopecek on 2010-01-12 08:23:43 EST ---

Thanks for the patches.

http://koji.fedoraproject.org/koji/buildinfo?buildID=150558
Comment 1 Moran Goldboim 2010-10-03 10:15:55 UTC 
Blocks RHEV
Comment 2 Daniel Kopeček 2010-11-23 10:10:13 UTC 

*** This bug has been marked as a duplicate of bug 615087 ***
Comment 3 Daniel Kopeček 2011-03-23 16:45:41 UTC 
*** Bug 690118 has been marked as a duplicate of this bug. ***
Comment 4 Dan Kenigsberg 2011-03-23 17:16:26 UTC 
(In reply to comment #3)
> *** Bug 690118 has been marked as a duplicate of this bug. ***

If this is the case, this bug should be reopened. /etc/sudoers that is shipped with sudo-1.7.4p5-3.el6.x86_64.rpm does not includedir /etc/sudoers.d/
Comment 5 Daniel Kopeček 2011-03-24 12:06:14 UTC 
Fixed in sudo-1.7.4p5-4.el6