Version 0.2.9

To use the precompiled binaries attached below, consult our manual installation instructions

Added

• SUDO_HOME variable will now be set to the invoking user's home directory

Changed

• Defaults noninteractive_auth now controls whether PAM authentication
  modules are allowed to attempt authentication when sudo --non-interactive is
  being used (new default: off). Previous versions had this as always-on
  to allow fully automatic authentication methods to succeed.

Fixed

• Two bugs in managing the PTY connected to the child process that negatively
  impacted interactive usability (#1130, #1264)
• visudo --help showed command flags that were removed (#1239)
• Format flags in SUDO_PROMPT were not expanded (#1252)
• sudo would abort with an unhandled exception instead if an attempt was
  was made to match a "netgroup", instead of ignoring these (#1262)
• A few tokenizer errors in /etc/sudoers processing (#1273, #1274, #1283)
• Some formatting mistakes in the man pages (#1285)

Contributors for this release

Merged pull requests: @bjorn3, @squell, @raviksharma, @vmeurisse
Closed issues opened by: @Pu-Anlai, @SimangaThinkDev, @uusijani, @parapente, @fweimer-rh

Version 0.2.8

To use the precompiled binaries attached below, consult our manual installation instructions

Added

• sudo -e, sudoedit to safely edit files as another user.

Fixed

• NOEXEC: could not be used to prevent all shell escapes on multi-architecture
  installations (#1229)
• sudo --list would not show NOEXEC, SETENV and APPARMOR_PROFILE (#1228)
• Skip paths not accessible by the target user during command resolution (#1234)

Contributors for this release

Merged pull requests: @bjorn3, @squell
Closed issues opened by: @mrnossiom, @awebeer256, @Fedqys

Version 0.2.7

To use the precompiled binaries attached below, consult our manual installation instructions

Added

• Linux kernels older than 5.9 are now supported.
• Support for Defaults noexec/NOEXEC: on Linux systems based on seccomp
  filtering to prevent shell escapes in wide range of cases. This should also
  work on programs not written in C and statically linked executables.
• Support for passwd_timeout
• Support for umask and umask_override
• --preserve-env=VAR is now supported to preserve selected environment
  variables in a more convenient way

Changed

• sudo-rs now uses CLOEXEC to close open file descriptors in the child process
• Relative paths like ./ in secure_path/PATH are now ignored.
• apparmor.so is dynamically loaded by sudo itself, as-needed

Fixed

• Usernames that start with _ or have non-western characters were not supported
  as a valid username in /etc/sudoers (#1149)
• Other usability improvements in /etc/sudoers (#1117, #1126, #1134, #1157)

Contributors for this release

Merged pull requests: @bjorn3, @squell, new contributors: @MggMuggins, @piguycs, @dzvon, @sohomdatta1
Closed issues opened by: @HanabishiRecca, @hyder365, @bertptrs, @mikkorantalainen, @satmandu, @raviksharma, @TheEdgeOfRage

Version 0.2.6

To use the precompiled binaries attached below, consult our manual installation instructions

Added

• Support for Defaults setenv
• Support for the list pseudocommand to control sudo -U
• Support for switching AppArmor profiles though Defaults apparmor_profile and
  the APPARMOR_PROFILE command modifier. To enable this, build sudo-rs with
  the apparmor feature enabled.

Changed

• Added a check against PAM modules changing the user during authentication (#1062)
• list pseudocommand now controls whether a password is required for sudo -l -U

Fixed

• Usernames commonly used by Active Directory were not parsed correctly (#1064)
• Test compilation was broken on 32-bit systems (#1074)
• pwfeedback was ignored for sudo --list and sudo --validate (#1092)
• Compilation with musl instead of glibc on Linux was not possible (#1084)
• sudo --list now does more checking before reporting errors or listing the
  rights of a user, fixing two security bugs (CVE-2025-46717 and CVE-2025-46718)

Contributors for this release

Merged pull requests by: @bjorn3, @squell, @rnijveld, new contributors: @3v1n0
Closed issues opened by: @oneElectron, @mpibpc-mroose, @jbicha, @zonia3000

Version 0.2.5

To use the precompiled binaries attached below, consult our manual installation instructions

Added

• sudo visudo will protect you from accidentally locking yourself out
• Support for --prompt and SUDO_PROMPT environment variable
• Support for Defaults targetpw
• Support for VAR=VALUE matching in Defaults env_keep/env_check
• Support for --bell

Changed

• Portability: sudo-rs supports FreeBSD!
• sudo -v will only ask for a password if the policy requires it

Fixed

• Manual wrongly claimed timestamp_timeout supported negative values (#1032)
• timestamp_timeout in excess of 292 billion years were not rejected (#1048)
• Usernames in /etc/sudoers can contain special characters by using double
  quotes or escaping them (#1054)

---

Contributors for this release

Merged pull requests by: @bjorn3, @squell, new contributors: @shurizzle, @millert, @inventor500
Closed issues opened by @bertptrs, @HanabishiRecca, @decathorpe, @woodsb02, @id3v1669, @Timmmm

Version 0.2.4

Added

• Support for 'SETENV:' and corresponding 'sudo VAR=value command' syntax
• Support for 'Defaults rootpw'
• Support for 'Defaults pwfeedback'
• Support for host/user/runas/command-specific Defaults

Changed

• Portability: sudo-rs now has experimental support for FreeBSD!
• pam-login feature now controls if PAM service name 'sudo-i' is used

Fixed

• Bug in syslog writer could cause sudo to hang (#856)
• SHELL was not canonicalized when using 'sudo -s' or 'sudo -i' (#962)
• RunAs_Spec was not carried over on the same /etc/sudoers line (#974)
• sudo --list did not unfold multiple-level aliases (#978)
• The man page for sudoers(5) was missing (#943)

Other

• sudo-rs copyright changed to Trifecta Tech Foundation

---

Credits for this release

Merged pull requests by: @bjorn3, @squell, @rnijveld, new contributors: @sylvestre, @van-sprundel
Closed issues opened by: @japaric, @BriocheBerlin, @mkg20001, @GentsunCheng, @aidanharris, @jplatte, @raforg

Version 0.2.3

Changed

• Portability: sudo-rs now is compatible with s390x-unknown-linux-gnu
• Removed unneeded code & fix hints given by newer Rust version

Fixed

• visudo would not properly truncate a sudoers file (#833)
• high CPU load when child process did not terminate after closure of a terminal (#841)

Version 0.2.2

Changed

• Several changes to the code to improve type safety
• Improved error message when a PTY cannot be opened
• Improved portability of the PAM bindings
• su: improved parsing of su command line options
• Add path information to parse errors originating from included files

Fixed

• Fixed a panic with large messages written to the syslog
• sudo: respect --login regardless of the presence of --chdir

Version 0.2.1

Version 0.2.1 is a bugfix release. This release includes a bug fix for a security issue. Users of sudo-rs are advised to upgrade to the latest version as soon a possible. Please see the security advisory for details.

Changed

• Session records/timestamps are now stored in files with uids instead of usernames, fixing a security bug (CVE-2023-42456)
• visudo will now resolve EDITOR via PATH
• Input/output errors while writing text to the terminal no longer cause sudo to exit immediately
• Switched several internal API calls from libc to Rust's std library
• The %h escape sequence in sudoers includes directives is not supported in sudo-rs, this now gives a better diagnostic and no longer tries to include the file
• Our PAM integration was hardened against allocation failures
• An attempt was made to harden against rowhammer type attacks
• Release builds no longer include debugging symbols

Fixed

• Fixed an invalid parsing when an escaped null byte was present in the sudoers file
• Replaced informal error message in visudo with a proper error message

Version 0.2.0

This is the first stable release of sudo-rs! To easily install it without needing to install the entire Rust toolchain, we provide binaries (attached below). You can use the provided tar balls to install sudo-rs without removing your existing, original sudo installation. To install sudo-rs, simply extract the provided tar balls and put the files in your /usr/local hierarchy, for example by running

sudo tar -C /usr/local -xvf sudo-0.2.0.tar.gz

Sudo-rs will use your existing /etc/sudoers configuration, but if you create a /etc/sudoers-rs file, it will read that instead. Note that sudo-rs does not implement all features of the original sudo, please check the README for more information on what is and is not supported. You can also find instructions on compiling sudo-rs yourself.

We will be working with popular Linux distributions to provide an easier installation path through the regular package managers.