Previously, this was only allowed if the group matched the target
user's primary group ID (from t...

sudo_getgrouplist2() is just a wrapper on such systems and this
avoids a test failure on macOS wh...

Fixes problems building on older LDAP sdks.

This test assumes all the groups in root's group list can
be resolved by group ID.

Bug #856

Bug #857

Since we don't auto-generate dependencies for sudo_noexec.c we
can't easily check it from outside...

on macOS.

No need to check for ERANGE in the cases where we also check
that the value is <= INT_MAX. Found...

Failure to open the destination sudoedit file is fatal so there's
no need to check that fd_dst !=...

Found by PVS-Studio.

Coverity CID 188804

This makes it clear that when in_role == true, role is non-NULL.
Also remove two dead stores.

Found by PVS-Studio.

We only need to check that sudoers_args is non-NULL once.
Found by PVS-Studio.

This is not strictly necessary as there's not anything to cleanup
in this case but it is more con...

When passing the timeout back to the front end, ignore the
user-specified timeout if it is not se...

in LDIF.

Found by PVS Studio

Found by PVS Studio.

When parsing command_timeout, role, type, privs and limitprivs,
check that val is non-NULL instea...

member list itself as well as its contents.

Update error message for when the user's uid does not exist in passwd.
Remove "This error indicat...

same error message as visudo.

error messages.

that includes the function name.

We now return the password as long as at least one character has
been read. Previously, EOF at t...

Issues include: timeout at the password prompt, read error while
reading the password, and EOF re...

All manuals now pass "make lint"

This avoids "referenced manual not found" and "operating system
explicitly specified" warnings.

The default behavior is now to not consider the time the command
was suspended as part of the nor...

the command so we can skip that delay during replay.

This fixes a minor issue where we would send an extra window size
change event the first time the...

or deleted we want to preserve or delete all of them.

used to be set on old versions of Fedora but that hasn't been the
case for some time. It's worth...

for the primary gid.

and just move the non-alias expansion printing bits into the
else clause, including the newline a...

an extra comma at the end of the entry. Bug #853.

support for nanosecond timers. Only affects systems without ppoll().
Bug #851

being locked, give the user a chance to edit anyway.

the output is predictable.

were sorted in descending order by sudoOrder. That allowed it to
avoid iterating over the entire...

needs to sort in ascending order, not descending. Bug #849

negative times.

not a double. The speed factor (for scaling the delay) in sudoreplay
is still a double but we on...

DID_* and KEPT_*.

11 instead of assuming it is present if __sun is defined. Fixes a
compilation error on OpenIndia...