summaryrefslogtreecommitdiff
path: root/debian/changelog
diff options
context:
space:
mode:
authorJoey Hess2018-08-20 18:00:13 -0400
committerJoey Hess2018-08-20 18:00:19 -0400
commit8690c09cc914da6ac3a6ba46ab3ba7690a344cf9 (patch)
tree07923e54f82c7e82f0106764f5ade20e6525ba28 /debian/changelog
parent4be2ad75fc22080a11ac3a0988bfc8113345fcaa (diff)
Sudo.enabledFor: Write to /etc/sudoers.d/000users rather than to /etc/sudoers
(Any old lines it wrote to /etc/sudoers will be removed.) This fixes a potential ordering problem; the property used to append the line to /etc/sudoers, but that would override more specific lines in the include directory. By putting it in a file that is included first, it'll come before all includes, without needing to parse the sudoers file in order to put it before the includedir line. Note that, if there is a more specific line for the user in /etc/sudoers before the includedir, it will be overridden by the line in /etc/sudoers.d/000users. But, this is not a behavior change from before, when the line was appended to the end. This commit was sponsored by Jeff Goeke-Smith on Patreon.
Diffstat (limited to 'debian/changelog')
-rw-r--r--debian/changelog5
1 files changed, 5 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog
index f0b8db04..8faca945 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -6,6 +6,11 @@ propellor (5.5.0) UNRELEASED; urgency=medium
* Added Systemd.escapePath helper function useful when creating mount
units.
* Added Sudo.sudoersDFile property.
+ * Sudo.enabledFor: Write to /etc/sudoers.d/000users rather than to
+ /etc/sudoers. (Any old lines it wrote to /etc/sudoers will be removed.)
+ This fixes a potential ordering problem; the property used to append
+ the line to /etc/sudoers, but that would override more specific lines
+ in the include directory.
-- Joey Hess <id@joeyh.name> Thu, 09 Aug 2018 10:54:41 -0400