Package: sudo Version: 1.8.8-2 Severity: important I've always tied my sudo permissions to the local hostname. I am never entirely sure of the security benefit, but using system automation, it's trivial to do.
So I have plenty of lines like the following in files in /etc/sudoers.d: %staff fishbowl.rw.madduck.net=(root) NOPASSWD: /usr/sbin/apt-get update Ever since 1.8.8 came out, this stopped working, yet I cannot find anything related in the changelogs: % sudo -l Sorry, user madduck may not run sudo on fishbowl. % hostname --fqdn fishbowl.rw.madduck.net Changing the lines to use just the hostname, not the FQDN, makes it work again. Curiously, however, sudo knows well about those FQDN, i.e.: % sudo apt-get install -t experimental sudo [sudo] madd...@fishbowl.rw.madduck.net's password: … Sudo from experimental, version 1.8.9~b1-1, has the same problem. -- System Information: Debian Release: jessie/sid Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.11-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_NZ, LC_CTYPE=en_NZ.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages sudo depends on: ii libc6 2.17-96 ii libpam-modules 1.1.3-10 ii libpam0g 1.1.3-10 ii libselinux1 2.2.1-1 sudo recommends no packages. sudo suggests no packages. -- Configuration Files: /etc/sudoers [Errno 13] Permission denied: u'/etc/sudoers' /etc/sudoers.d/README [Errno 13] Permission denied: u'/etc/sudoers.d/README' -- no debconf information -- .''`. martin f. krafft <madduck@d.o> Related projects: : :' : proud Debian developer http://debiansystem.info `. `'` http://people.debian.org/~madduck http://vcs-pkg.org `- Debian - when you have better things to do than fixing systems
digital_signature_gpg.asc
Description: Digital signature (see http://martin-krafft.net/gpg/sig-policy/999bbcc4/current)
