1Notes on upgrading from an older release
2========================================
3
4o Upgrading from a version prior to 1.6.8:
5
6    Prior to sudo 1.6.8, if /var/run did not exist, sudo would put
7    the timestamp files in /tmp/.odus.  As of sudo 1.6.8, the
8    timestamp files will be placed in /var/adm/sudo or /usr/adm/sudo
9    if there is no /var/run directory.  This directory will be
10    created if it does not already exist.
11
12    Previously, a sudoers entry that explicitly prohibited running
13    a command as a certain user did not override a previous entry
14    allowing the same command.  This has been fixed in sudo 1.6.8
15    such that the last match is now used (as it is documented).
16    Hopefully no one was depending on the previous (buggy) beghavior.
17
18o Upgrading from a version prior to 1.6:
19
20    As of sudo 1.6, parsing of runas entries and the NOPASSWD tag
21    has changed.  Prior to 1.6, a runas specifier applied only to
22    a single command directly following it.  Likewise, the NOPASSWD
23    tag only allowed the command directly following it to be run
24    without a password.  Starting with sudo 1.6, both the runas
25    specifier and the NOPASSWD tag are "sticky" for an entire
26    command list.  So, given the following line in sudo < 1.6
27
28	millert ALL=(daemon) NOPASSWD:/usr/bin/whoami,/bin/ls
29
30    millert would be able to run /usr/bin/whoami as user daemon
31    without a password and /bin/ls as root with a password.
32
33    As of sudo 1.6, the same line now means that millert is able
34    to run run both /usr/bin/whoami and /bin/ls as user daemon
35    without a password.  To expand on this, take the following
36    example:
37
38	millert ALL=(daemon) NOPASSWD:/usr/bin/whoami, (root) /bin/ls, \
39	    /sbin/dump
40
41    millert can run /usr/bin/whoami as daemon and /bin/ls and
42    /sbin/dump as root.  No password need be given for either
43    command.  In other words, the "(root)" sets the default runas
44    user to root for the rest of the list.  If we wanted to require
45    a password for /bin/ls and /sbin/dump the line could be written
46    thusly:
47
48	millert ALL=(daemon) NOPASSWD:/usr/bin/whoami, \
49	    (root) PASSWD:/bin/ls, /sbin/dump
50
51    Additionally, sudo now uses a per-user timestamp directory
52    instead of a timestamp file.  This allows tty timestamps to
53    simply be files within the user's timestamp dir.  For the
54    default, non-tty case, the timestamp on the directory itself
55    is used.
56
57    Also, the temporary file used by visudo is now /etc/sudoers.tmp
58    since some versions of vipw on systems with shadow passwords use
59    /etc/stmp for the temporary shadow file.
60
61o Upgrading from a version prior to 1.5:
62
63    By default, sudo expects the sudoers file to be mode 0440 and
64    to be owned by user and group 0.  This differs from version 1.4
65    and below which expected the sudoers file to be mode 0400 and
66    to be owned by root.  Doing a `make install' will set the sudoers
67    file to the new mode and group.  If sudo encounters a sudoers
68    file with the old permissions it will attempt to update it to
69    the new scheme.  You cannot, however, use a sudoers file with
70    the new permissions with an old sudo binary.  It is suggested
71    that if have a means of distributing sudo you distribute the
72    new binaries first, then the new sudoers file (or you can leave
73    sudoers as is and sudo will fix the permissions itself as long
74    as sudoers is on a local file system).
75