2013-02-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* .hgtags:
	Added tag SUDO_1_7_10p7 for changeset ddf399e3e306
	[23db6a503c5c] [tip] <1.7>

2013-02-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* check.c:
	Completely ignore time stamp file if it is set to the epoch,
	regardless of what gettimeofday() returns.
	[ddf399e3e306] [SUDO_1_7_10p7] <1.7>

2013-02-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo_nss.c:
	Make display_cmnd() return value match trunk version. Fixes exit
	status of "sudo -l command".
	[ac2bf49a24b8] <1.7>

2013-02-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.c:
	#include "sudo_usage.h" not <sudo_usage.h> so we get the one in the
	build directory and not the src dir when using a separate build
	directory.
	[5ae0986ff454] <1.7>

2013-02-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* .hgtags:
	Added tag SUDO_1_7_10p6 for changeset 882475dfa47c
	[5317840e3275] <1.7>

	* NEWS, configure, configure.in:
	Sudo 1.7.10p6
	[882475dfa47c] [SUDO_1_7_10p6] <1.7>

	* INSTALL.configure:
	Sync with autoconf 2.68
	[dde57bdf3274] <1.7>

	* sudo.c:
	Move call the save_signals() to before SIGINT, SIGQUIT and SIGTSTP
	are set to SIG_IGN.
	[52cc6817ffba] <1.7>

2013-02-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* check.c, config.h.in, configure, configure.in, sudo.c, sudo.h:
	Store the session ID in the tty ticket file too. A tty may only be
	in one session at a time so if the session ID doesn't match we
	ignore the ticket.
	[0c0283d1fafa] <1.7>

2013-01-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* .hgtags:
	Added tag SUDO_1_7_10p5 for changeset 765958d9ee1e
	[36f1598f6c3c] <1.7>

	* NEWS, configure, configure.in:
	Sudo 1.7.10p5
	[765958d9ee1e] [SUDO_1_7_10p5] <1.7>

	* LICENSE:
	Update copyright year
	[21762d8d1337] <1.7>

	* visudo.c:
	Fix potential stack overflow due to infinite recursion in alias
	cycle detection. From Daniel Kopecek.
	[f1fc761aaf76] <1.7>

	* ttyname.c:
	Remove ttyname() fall back code on systems where we can query the
	kernel for the tty device via /proc or sysctl(). If there is no
	controlling tty, it is better to just treat the tty as unknown
	rather than to blindly use what is hooked up to std{in,out,err}.
	[bfa23f089bba] <1.7>

2013-01-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* .hgtags:
	Added tag SUDO_1_7_10p4 for changeset a5ea48905d46
	[4ba58fd849b6] <1.7>

	* NEWS, configure, configure.in:
	Sudo 1.7.10p4
	[a5ea48905d46] [SUDO_1_7_10p4] <1.7>

	* configure, configure.in:
	Use -fstack-protector-all in preference to -fstack-protector where
	supported and restrict the test to GNU compatible compilers.
	[672766ba937a] <1.7>

	* Makefile.in, configure, configure.in:
	Break out stack smashing protector options into SSP_CFLAGS and
	SSP_LDFLAGS so we can use it everywhere.
	[74a41089c462] <1.7>

	* visudo.c:
	Avoid NULL deref for unknown Defaults in strict mode.
	[037c54fd6d53] <1.7>

	* logging.c, logging.h, sudo.c:
	Do not inform the user that the command was not permitted by the
	policy if they do not successfully authenticate. This is a
	regression introduced in sudo 1.7.10.
	[6923571cb28c] <1.7>

	* parse_args.c:
	The -a option should be #ifdef HAVE_BSD_AUTH_H, not -A.
	[7ce66d3c54ee] <1.7>

2013-01-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.c:
	Add missing call to save_signals().
	[e12296e5d843] <1.7>

2013-01-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* CONTRIBUTORS, redblack.c:
	In rbrepair(), make sure we never try to change the color of the
	sentinel node, which is the first entry, not the root. From Michael
	King
	[e8b03bdea5ae] <1.7>

	* exec_pty.c:
	No need to restore default signal handler for SIGSTOP as it is not
	catchable. Attempting to do so is harmless but sigaction() will
	fail and set errno to EINVAL which makes it looks like there is an
	error.
	[1d5359733f70] <1.7>

	* configure, configure.in:
	Disable PIE on FreeBSD/ia64, otherwise sudo will segfault.
	[b6f3c7d5fb77] <1.7>

2012-11-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* set_perms.c:
	For PERM_ROOT set egid to 0 so log files are not created with the
	gid of the user.
	[2d7355c3e38a] <1.7>

	* iolog.c, set_perms.c, sudo.c, sudo.h:
	Set gid to 0 when creating I/O log directories.
	[2b549cf3ad51] <1.7>

	* pp:
	sync with upstream
	[11717f6ac541] <1.7>

	* Makefile.in:
	Add support for SUDO_PREINSTALL_CMD so we can correct the LDAP lib
	path for HP-UX SOM binaries.
	[eda51429357f] <1.7>

2012-09-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* TROUBLESHOOTING:
	Mention HP-UX pam.conf settings.
	[52bf85b1d3b2] <1.7>

2012-09-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* exec_pty.c:
	Fix running commands that need the terminal in the background when
	I/O logging is enabled. E.g. "sudo vi &". When the command is
	foregrounded, it will now resume properly.
	[58ef49171883] <1.7>

2012-09-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* .hgtags:
	Added tag SUDO_1_7_10p3 for changeset 235ca8006055
	[c6964a733681] <1.7>

	* sudoreplay.c:
	Use 1/0 not TRUE/FALSE.
	[235ca8006055] [SUDO_1_7_10p3] <1.7>

2012-09-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, configure, configure.in:
	sudo 1.7.10p3
	[0b504b3b849a] <1.7>

	* sudoreplay.c:
	Avoid calling fclose(NULL) in the error path when we cannot open an
	I/O log file.
	[1e1b8ec3a2d2] <1.7>

2012-09-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* fixman.sh:
	Don't use embedded newline when matching, use \n. This got expanded
	at some point. Bug #573
	[6a3520c3ff11] <1.7>

	* sudoreplay.c:
	Fall back on lstat(2) if d_type in struct dirent is DT_UNKNOWN. Not
	all file systems support d_type. Bug #572
	[8a1e160265cf] <1.7>

2012-09-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* .hgtags:
	Added tag SUDO_1_7_10p2 for changeset 60d2336634f5
	[aff26f9023cc] <1.7>

	* NEWS, configure, configure.in:
	Sudo 1.7.10p2
	[60d2336634f5] [SUDO_1_7_10p2] <1.7>

	* exec.c:
	When setting the signal handler for SIGTSTP to the default value in
	non-I/O log mode, store the old handler value for when we restore it
	after resume.
	[01aab006915d] <1.7>

2012-09-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* .hgtags:
	Added tag SUDO_1_7_10p1 for changeset a8330024abe7
	[857744bf2454] <1.7>

	* NEWS:
	Mention support for SUCCESS=return in /etc/nsswitch.conf
	[a8330024abe7] [SUDO_1_7_10p1] <1.7>

	* NEWS, configure, configure.in:
	sudo 1.7.10p1
	[989cdb5456e5] <1.7>

2012-09-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* env.c:
	Avoid setting LOGNAME, USER and USERNAME variables twice when
	set_logname is enabled.
	[7b7b0cc40a58] <1.7>

	* env.c:
	Fix duplicate detection in sudo_putenv(), do not prune out the
	variable we just set when overwriting an existing instance. Fixes
	bug #570
	[aff4b88c72a7] <1.7>

2012-09-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.c, sudo_nss.c:
	Add support for [SUCCESS=return] in nsswitch.conf; from Daniel
	Kopecek
	[c2a107a882b9] <1.7>

2012-09-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* .hgtags:
	Added tag SUDO_1_7_10 for changeset 56db3dcb76c6
	[54fb06201d0c] <1.7>

	* NEWS:
	mention PIE
	[56db3dcb76c6] [SUDO_1_7_10] <1.7>

2012-08-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* strsignal.c:
	Handle NULL entries in sys_siglist.
	[2d5b597562f0] <1.7>

	* Makefile.in, mksiglist.c, mksiglist.h, strsignal.c:
	Convert my_sys_sig{list,name} -> sudo_sys_sig{list,name}
	[6b3075d2c9ea] <1.7>

2012-08-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	sync
	[cf54fa309f00] <1.7>

	* auth/sudo_auth.c:
	Fix gcc warnings.
	[5b10eeabb350] <1.7>

	* exec.c:
	Pass on SIGTSTP to the command if it was sent by a user process (not
	the kernel or the terminal) when we are not I/O logging and set the
	default SIGTSTP handler when we re-send the signal to ourself,
	restoring our handler after we resume.
	[b43fef482a9c] <1.7>

	* exec.c:
	Shells typically change their process group when they start up so
	that they can implement job control. Most well-behaved shells
	change the pgrp back to its original value before suspending so we
	must not try to restore in that case, lest we race with the child
	upon resume, potentially stopping sudo with SIGTTOU while the
	command continues to run. Some shells, such as pdksh, just suspend
	the shell by sending SIGSTOP to themselves without restoring the
	pgrp. In this case we need to change the pgrp back for them. Should
	fix bug #568
	[0d4cfce9e3cd] <1.7>

2012-08-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* check.c:
	Quiet gcc warnings on glibc systems that use warn_unused_result for
	fwrite().
	[2cc7cc934541] <1.7>

2012-08-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* toke.c, toke.l:
	Don't print an error message in yyerror() if open_sudoers() fails,
	we've already printed an error message.
	[5abac2ee140d] <1.7>

2012-08-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Substitute MANDIRTYPE into Makefile
	[925daf9ca72b] <1.7>

	* Makefile.in:
	Don't remove files in GENERATED unless DEVEL is set.
	[2090fcead8b7] <1.7>

	* NEWS:
	sync
	[b0c45ae69106] <1.7>

	* auth/sudo_auth.c, check.c, logging.c, logging.h, sudo.c, sudo.h:
	Move log_denial() calls and logic to log_failure(). Move
	authentication failure logging to log_auth_failure(). Both of these
	call audit_failure() for us.

	This subtly changes logging for commands that are denied by sudoers
	but where the user failed to enter the correct password.
	Previously, these would be logged as "N incorrect password attempts"
	but now are logged as "command not allowed". Fixes bug #563
	[c2cc2f97b204] <1.7>

2012-08-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.cat, sudo.man.in, sudo.mdoc.in, sudoers.cat, sudoers.ldap.cat,
	sudoers.ldap.man.in, sudoers.ldap.mdoc.in, sudoers.man.in,
	sudoers.mdoc.in:
	Make the capitalization consistent for .Ss and .Sx
	[21a45576f4c3] <1.7>

	* Makefile.in, fixman.sh, fixmdoc.sh, sudo.cat, sudo.man.in,
	sudo.mdoc.in:
	Add COMMAND EXECUTION section that describes how sudo runs the
	command, the extra sudo processes and signal handling.
	[fbcd178f4894] <1.7>

2012-08-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.cat, sudo.man.in, sudo.mdoc.in, sudoers.cat, sudoers.man.in:
	Add COMMAND EXECUTION section that describes how sudo runs the
	command, the extra sudo processes and signal handling.
	[5390ec673ed3] <1.7>

	* Makefile.in:
	Happy Easter
	[1e31fbc8e9c1] <1.7>

2012-08-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* CONTRIBUTORS, Makefile.in:
	Add CONTRIBUTORS file from sudo trunk
	[d81d1d4c86b1] <1.7>

2012-08-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* .hgignore, INSTALL, Makefile.in, configure, configure.in, fixman.sh,
	fixmdoc.sh, sudo.cat, sudo.man.in, sudo.mdoc.in, sudo.pod,
	sudoers.cat, sudoers.ldap.cat, sudoers.ldap.man.in,
	sudoers.ldap.mdoc.in, sudoers.ldap.pod, sudoers.man.in,
	sudoers.mdoc.in, sudoers.pod, sudoreplay.cat, sudoreplay.man.in,
	sudoreplay.mdoc.in, sudoreplay.pod, visudo.cat, visudo.man.in,
	visudo.mdoc.in, visudo.pod:
	Sudo manuals formatted in mdoc, to replace the pod versions, back-
	ported from sudo trunk.
	[662ace065b07] <1.7>

	* defaults.c, defaults.h, visudo.c:
	Add new check_defaults() function to check (but not update) the
	Defaults entries. Visudo can now use this instead of update_defaults
	to check all the defaults regardless instead of just the global
	Defaults entries.
	[6845cf85ad2c] <1.7>

	* sudo.c:
	Use AI_FQDN instead of AI_CANONNAME if available since "canonical"
	is not always the same as "fully qualified".
	[60b2bc263720] <1.7>

2012-08-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* pp:
	sync polypkg from git
	[01306bdb7f99] <1.7>

2012-08-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* iolog.c:
	Cast 2nd argument of lseek() to off_t if it is a constant for
	systems with 64-bit off_t but without a proper lseek() prototype.
	[064d583e2d2d] <1.7>

	* env.c, pwutil.c, ttysize.c:
	Fix building with a K&R compiler.
	[164e262022f9] <1.7>

	* exec.c, exec_pty.c, sudo.h, sudo_exec.h:
	If we receive a signal from the command we executed, do not forward
	it back to the command. This fixes a problem with BSD-derived
	versions of the reboot command which send SIGTERM to all other
	processes, including the sudo process. Sudo would then deliver
	SIGTERM to reboot which would die before calling the reboot() system
	call, effectively leaving the system in single user mode.
	[cfca0b1edf21] <1.7>

	* env.c, getline.c, visudo.c:
	Fix some warnings from clang checker-267
	[e99605b82cf4] <1.7>

	* getdate.c:
	Regen with modified yacc skeleton.
	[176ceadbfef6] <1.7>

2012-07-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* exec.c:
	When checking whether a signal is user-generated, compare si_code
	against SI_USER instead of <= 0 since on HP-UX, terminal-related
	signals get a code of 0.
	[ec0ef27508f9] <1.7>

2012-07-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* ldap.c:
	Active Directory apparently requires that tenths of a second be
	present in a date so append .0 to the "now" value in the time
	filter. Also remove space for the global AND from TIMEFILTER_LENGTH
	since it was not being used consistently. Buffers of
	TIMEFILTER_LENGTH now need to account for the terminating NUL byte.
	[eccff4d1e791] <1.7>

2012-07-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in, history.pod, license.pod:
	Remove pod versinons of HISTORY and LICENSE as they were not being
	kept in sync.
	[4b6594e40501] <1.7>

	* HISTORY:
	Sync with trunk version.
	[8ed8605186d0] <1.7>

2012-07-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* schema.ActiveDirectory:
	Fix errors introduced when sudoNotBefore, sudoNotAfter and sudoOrder
	were added. From David Hicks.
	[e044e99fdc35] <1.7>

2012-07-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudoers.cat, sudoers.ldap.cat, sudoers.ldap.man.in,
	sudoers.ldap.pod, sudoers.man.in, sudoers.pod, sudoreplay.cat,
	sudoreplay.man.in, sudoreplay.pod, visudo.cat, visudo.man.in,
	visudo.pod:
	More minor costmetic fixes.
	[799d0bea24a8] <1.7>

2012-07-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.cat, sudo.man.in, sudo.pod:
	Minor cosmetic fixes.
	[cfe866d879f9] <1.7>

2012-07-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* aix.c:
	Do not set a resource limit to zero when we are unable to fetch a
	value from /etc/security/limits.
	[9d1f86ef9e17] <1.7>

2012-07-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Add "Provides: sudo" to debian sudo-ldap package
	[3e1ac4729109] <1.7>

2012-07-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Only check for pie support when using gcc.
	[05b9101a94a3] <1.7>

	* INSTALL, Makefile.in, configure, configure.in, mkpkg:
	Add configure check for building PIE executables instead of doing it
	in mkpkg.
	[13e04037e942] <1.7>

	* sudo.pp:
	MacOS pp backend doesn't like modes longer than 4 characters.
	[04ef57665b92] <1.7>

2012-06-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudoers.cat, sudoers.man.in:
	fix version
	[f622623d9718] <1.7>

	* NEWS, sudoers.ldap.cat, sudoers.ldap.man.in, sudoers.ldap.pod:
	Document improved Tivoli Directory Server support.
	[0b15875554b5] <1.7>

	* config.h.in, configure, configure.in, ldap.c:
	Add support for ldaps using Tivoli LDAP libraries. Add ldap.conf
	option to specify Tivoli key db password. Allow TLS ciphers to be
	configured for Tivoli.
	[266cb46f321b] <1.7>

2012-06-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* ldap.c:
	Tivoli Directory Server 6.3 libs always return a (bogus) error when
	setting LDAP_OPT_CONNECT_TIMEOUT.
	[9d30127342d6] <1.7>

	* NEWS:
	Update
	[9ba509c8ab6c] <1.7>

	* ldap.c:
	Treat LDAP_OPT_CONNECT_TIMEOUT (Tivoli Directory Server 6.3) the
	same as LDAP_OPT_CONNECT_TIMEOUT (OpenSSH). Don't make failure to a
	set an ldap option fatal.
	[235db51e9ed1] <1.7>

2012-06-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* env.c:
	Use MAX_UID_T_LEN + 1 for uid/gid buffers, not MAX_UID_T_LEN to
	prevent potential truncation. Bug #562.
	[89a34180e84b] <1.7>

2012-06-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	If installing with installp, error out if there is already an
	instance of the rpm package installed.
	[3abc67698796] <1.7>

	* mkpkg:
	Add --disable-nls for AIX
	[97114230e2ac] <1.7>

2012-06-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Debian sudo-ldap packages should now depend on libldap-2.4-2, not
	libldap2.
	[9342bc7b7ee7] <1.7>

2012-06-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Add Homepage and Bugs to debian control file.
	[108ce83a4822] <1.7>

	* sudo.pp:
	remove obsolete comment
	[ef525426e235] <1.7>

2012-06-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkpkg:
	fix typo when setting aix_freeware
	[7449ea0ae82c] <1.7>

2012-06-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Additional ${foo} -> $(foo) Makefile tweaks.
	[9b3f96abd3d9] <1.7>

2012-06-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, sudo.c:
	Re-merge argv escaping for "sudo -s command" from trunk to fix a
	NULL pointer dereference.
	[0a98cbc1856b] <1.7>

2012-06-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkpkg, sudo.pp:
	Install AIX packages under /opt/freeware with links in /usr/bin and
	/usr/sbin. This matches the layout of the sudo package from AIX
	freeware.
	[7ee90f3d88a8] <1.7>

	* Makefile.in, configure, configure.in, sudo.pp:
	Install shared objects with mode 0644 except on HP-UX which needs
	the executable bit set.
	[2ec8c8954045] <1.7>

	* Makefile.in:
	Make installed file modes consistent with the file modes in the sudo
	package.
	[2c4627ba391d] <1.7>

2012-06-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudoers.cat, sudoers.man.in, sudoers.pod:
	Add "%:" prefix when talking about QAS non-Unix group support.
	[e0ae26ee85bc] <1.7>

	* pp, sudo.pp:
	Fix packaging of symbolic links on HP-UX when the link source
	already exists in the filesystem.
	[7628b11bcd6d] <1.7>

	* mkpkg:
	Only specify prefix if we are overriding the default value. Fixes
	the man dir (/usr/local/man vs. /usr/local/share/man).
	[9c2586a04f5b] <1.7>

	* sudo.pp:
	Fix license file path for Mac OS X.
	[e1d23ce0c816] <1.7>

	* sudo.pp:
	Fix setting of sudoedit_man variable.
	[99104f15ed67] <1.7>

	* Makefile.in:
	Echo the command when linking the sudoedit manual.
	[ab2665996aa8] <1.7>

2012-06-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Mention sudoreplay stdout playback improvements.
	[aeb2c51f8fbc] <1.7>

	* mkpkg, sudo.pp:
	Build .deb packages with selinux support.
	[196ffc957aec] <1.7>

2012-06-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Don't list paths for unstripped binaries in the lintial overrides.
	[4969c4e2cd00] <1.7>

	* pp:
	Add support for Installed-Size header in control file, required by
	newer debian versions.
	[8201524462ac] <1.7>

	* pp:
	Fix extended description in .deb files.
	[53cd12d14490] <1.7>

	* sudo.pp:
	Add Depends, Replaces and Conflicts headers for .deb packages.
	[e2f479f9469f] <1.7>

	* sudo_nss.c:
	If there are no privs to print, write the message to the lbuf
	instead of printing it directly.
	[a466dc72d3cc] <1.7>

2012-05-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Fix mismerge, no sudoers.so in 1.7
	[0e13ec26049c] <1.7>

	* Makefile.in, sudo.pp:
	Quiet lintian warnings for .deb files:

	 * install sudoedit and the sudoedit manual as symbolic links, not
	hard links and package them as such.
	 * set -e in %pos and %preun for debian
	 * add lintian overrides file
	 * fix modes to be more in line with what Debian expects
	 * add correct section
	 * install LICENSE as copyright and ChangeLog as changelog
	 * create stub changelog.debian
	[6ea913b5e7db] <1.7>

	* Makefile.in, configure, configure.in, mkpkg:
	Replace out of date MAN_POSTINSTALL with MANCOMPRESS and
	MANCOMPRESSEXT which can be used to compress the installed manual
	pages. Compress the man pages for .deb files to appease lintian.
	[6662d37d6d29] <1.7>

	* mkpkg:
	Build PIE executable on Mac OS X 10.5 and above.
	[f73a70da8679] <1.7>

	* pp, sudo.pp:
	Use a debian-compliant package maintainer field. Fix find command to
	properly skip files in the DEBIAN dir when building md5sums.
	[308a5c3e99d4] <1.7>

2012-05-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudoreplay.c:
	No need to loop over atomic_writev(), it guarantees to write all
	data or return an error.

	Fix handling of stdout/stderr that contains "\r\n" and handle a
	"\r\n" pair that spans a buffer.
	[d237778fc504] <1.7>

2012-05-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudoreplay.c:
	Instead of doing extra write()s when replaying stdout, build up a
	vector for writev() instead. This results in far fewer system
	calls.
	[7b86f7809f62] <1.7>

2012-05-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudoreplay.c:
	When replaying a log of stdout or stderr, do newline to carriage
	return + linefeed conversion. We cannot have termios do this for us
	since we've disabled output postprocessing (POST) when setting raw
	mode.
	[bbb035f6152f] <1.7>

2012-05-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Don't add -fstack-protector to CFLAGS if ld gets an error trying to
	ust it. This can happen when libssp cannot be found.
	[20d3c5e86b86] <1.7>

	* NEWS:
	Mention hardening by default and how to disable.
	[7214ea1a20aa] <1.7>

2012-05-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	When checking for -fstack-protector, treat warnings as fatal errors.
	[7c10a74a5310] <1.7>

	* ttyname.c:
	Use TRUE/FALSE as 3rd argument to sudo_ttyname_scan()
	[6eceb2d6121f] <1.7>

	* sudo.cat, sudo.man.in, sudoers.cat, sudoers.ldap.cat,
	sudoers.ldap.man.in, sudoers.man.in, sudoreplay.cat,
	sudoreplay.man.in, visudo.cat, visudo.man.in:
	regen
	[561fba9586cc] <1.7>

	* sudo.pod:
	missing "and"
	[03737c9dc309] <1.7>

	* NEWS, configure, configure.in:
	Update for sudo 1.7.10
	[120d4ff1cd8d] <1.7>

	* check.c, testsudoers.c:
	Don't prompt for a password if the user is in the exempt group, is
	root, or is running the command as themselves even if the -k option
	was specified. This makes "sudo -k command" consistent with the
	behavior one would get if the user ran "sudo -k" immediately before
	running the command.
	[e20aa01495cd] <1.7>

	* INSTALL, config.h.in, configure, configure.in, secure_path.c:
	No longer throw an error if sudoers is a symbolic link. Deprecated
	the --with-stow option as that is now (effectively) the default.
	[a90e97420f45] <1.7>

	* exec_pty.c:
	Treat a tty read failure like EOF as it usually means the pty has
	gone away. Handle write() on the tty returning EIO.
	[7b200e444c76] <1.7>

	* exec.c, exec_pty.c:
	Linux select() may return ENOMEM if there is a kernel resource
	shortage. Older Solaris select() may return EIO instead of EBADF
	when the tty goes away. If we get an unhandled select() failure,
	kill the child and exit cleanly.
	[5bdefd004ea1] <1.7>

	* exec.c:
	If select() return EBADF in the main event loop, one of the ttys
	must have gone away so perform any I/O we can and close the bad fds.
	[a7808c0675cb] <1.7>

	* defaults.c, exec.c:
	Fix compilation when I/O logging support is not compiled in.
	[afb159b2dc1a] <1.7>

	* exec_pty.c:
	Ignore SIGTTIN and SIGTTOU in main sudo process when I/O logging. It
	is better to receive EIO from read()/write() than to be suspended
	when we don't expect it. Fixes a problem when our terminal is
	revoked which can happen when, e.g. our sshd is killed
	unceremoniously. Also, only change the value of "alive" from true to
	false, never from false to true. It is possible for us to receive
	notification of the child having stopped after it is already dead.
	This does not mean it has risen from the grave.
	[c19c375498c2] <1.7>

	* exec_pty.c, sudo.c, sudo.h:
	Don't try to restore the terminal if we are not the foreground
	process. Otherwise, we may be stopped by SIGTTOU when we try to
	update the terminal settings when cleaning up.
	[07eac078be15] <1.7>

	* exec_pty.c:
	Don't need zero_bytes() after ecalloc()
	[5ebd3b5e165d] <1.7>

	* check.c:
	In Solaris 11, /dev/pts under the "dev" filesystem, not "devices".
	Update tty_is_devpts() to match so we can determine when the tty has
	been reused.
	[cf4638278680] <1.7>

	* parse_args.c:
	Allow the -k flag to be used along with the -i and -s flags.
	[30deccf57dba] <1.7>

	* config.h.in, configure, configure.in, ttyname.c:
	Rototill code to determine the tty. For Linux, we now look up the
	tty device in /proc/pid/stat instead of trying to open
	/proc/pid/fd/[0-2]. The sudo_ttyname_dev() function maps the given
	device number to a string. On BSD, we can use devname(). On
	Solaris, _ttyname_dev() does what we want. For others we do a
	breadth-first search of /dev.
	[632f8e028191] <1.7>

	* ttyname.c:
	Don't try to erealloc() a potentially freed pointer.
	[5e7f50737a16] <1.7>

	* config.h.in, configure, configure.in, ttyname.c:
	Prefer KERN_PROC2 over KERN_PROC. Fixes compilation on some
	versions of OpenBSD versions that have KERN_PROC2 but not KERN_PROC.
	[87c505c4fa33] <1.7>

	* sudoreplay.pod:
	Clarify what "sudoreplay -l" displays and mention that it is sorted.
	[c46ea829b4d7] <1.7>

	* config.h.in, configure, configure.in, sudoreplay.c:
	iIf struct dirent has d_type, use it to avoid an extra stat().
	[facb5ee78a66] <1.7>

	* sudoreplay.c:
	Sort output of "sudoreplay -l"
	[44d75226cf12] <1.7>

	* Makefile.in, alloc.c, alloc.h, sudoreplay.c, ttysize.c:
	If I/O log file includes rows + cols, warn if the user's tty is not
	big enough.
	[c03054253bb4] <1.7>

	* sudoreplay.c:
	Fix printing of TSID in "sudoreplay -l"
	[dbda38da5c30] <1.7>

	* sudoreplay.c:
	Fix printf format warning (time_t vs. long)
	[547ed3089f96] <1.7>

	* sudoreplay.c:
	Add support for replaying sessions from sudo 1.8 when iolog_file is
	set to something other than %{seq}.
	[7e5d82e45f69] <1.7>

2012-05-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* iolog.c:
	typo fix in comment
	[ee89b8b0e8d1] <1.7>

	* TROUBLESHOOTING:
	Add entry for SSL LDAP errors on Mozilla SDKs when the cert dir is
	not specified.
	[796ce694d452] <1.7>

	* pp:
	Match CentOS 6.0
	[876853af3192] <1.7>

	* configure, configure.in:
	Fix test for -z relro
	[6128719f16ee] <1.7>

	* INSTALL, aclocal.m4, configure, configure.in,
	m4/ax_check_compile_flag.m4, m4/ax_check_link_flag.m4:
	Build with -fstack-protector and link with -zrelo where supported.
	Added --disable-hardening option to disable hardening options.
	[fd2de3a2360a] <1.7>

2012-05-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* set_perms.c, sudo.c:
	If sudoers_mode is group-readable but the actual sudoers file is
	not, open the file as uid 0, not uid 1. This fixes a problem when
	sudoers has a more restrictive mode than what sudo expects to find.
	In older versions, sudo would silently chmod the file to add the
	group-readable bit.
	[4585ec2404ab] <1.7>

2012-05-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* toke.c, toke.l:
	Fix #includedir; from Mike Frysinger
	[ebe9257e81e4] <1.7>

	* Makefile.in, secure_path.c, secure_path.h:
	Relax the user/group/mode checks on sudoers files. As long as the
	file is owned by the right user, not world-writable and not writable
	by a group other than the one specified at configure time (gid 0
	byile is considered OK. Note that visudo will still set the mode to
	the value specified at configure time.
	[d0aea6ff36af] <1.7>

	* Makefile.in, gram.c, gram.y, sudo.c, toke.c, toke.l:
	Relax the user/group/mode checks on sudoers files. As long as the
	file is owned by the right user, not world-writable and not writable
	by a group other than the one specified at configure time (gid 0
	byile is considered OK. Note that visudo will still set the mode to
	the value specified at configure time.
	[63e9f6dc7af5] <1.7>

	* auth/pam.c:
	Delete creds after closing the PAM session.
	[723a207eb13f] <1.7>

	* auth/pam.c:
	Fix typo in last commit
	[edaf36dc1d10] <1.7>

	* auth/pam.c:
	Instead of treating ^C from tgetpass() specially, always return
	AUTH_INTR if tgetpass() returned NULL. Treat PAM_AUTHINFO_UNAVAIL
	like PAM_AUTH_ERR which Mac OS X returns this when there is no tty.
	[1fe8f61134dc] <1.7>

	* ldap.c:
	Need to call ldapssl_clientauth_init() for start_tls on Mozilla LDAP
	SDK.
	[20b0a65572ca] <1.7>

	* ldap.c:
	Fix printing of invalid uri
	[c8c0ab82bbd2] <1.7>

	* ldap.c:
	Provide a more useful error message if using a Mozilla-style LDAP
	SDK and you forgot to specify TLS_CERT in ldap.conf.
	[56a80bb3d1c1] <1.7>

	* ldap.c:
	Split global and per-connection LDAP options into separate arrays.
	Set global LDAP options before calling ldap_initialize() or
	ldap_init(). After we have an LDAP handle, set the per-connection
	options. Fixes a problem with OpenLDAP using the nss crypto backend;
	bug #342
	[9d54aef13aab] <1.7>

2012-05-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* ldap.c, parse.c, sudo_edit.c, sudoreplay.c, visudo.c:
	Quiet some compiler warnings
	[da46ab07671b] <1.7>

	* config.h.in, configure.in, exec.c, exec_pty.c, iolog.c, tgetpass.c,
	toke.c, toke.l, visudo.c:
	Fix compiler warnings on some platforms and provide a better method
	of defeating gcc's warn_unused_result attribute.
	[d7314954229c] <1.7>

2012-05-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* .hgtags:
	Added tag SUDO_1_7_9p1 for changeset 26d9603eb5af
	[dad699c7cd8d] <1.7>
