diff --git a/plugins/sudoers/audit.c b/plugins/sudoers/audit.c index 400d592ba..e4906e70a 100644 --- a/plugins/sudoers/audit.c +++ b/plugins/sudoers/audit.c @@ -355,7 +355,7 @@ sudoers_audit_accept(const char *plugin_name, unsigned int plugin_type, ret = false; if (!ISSET(sudo_mode, MODE_POLICY_INTERCEPTED)) - uuid_str = user_ctx.uuid_str; + uuid_str = ctx.user.uuid_str; audit_to_eventlog(&evlog, command_info, run_argv, run_envp, uuid_str); if (!log_allowed(&evlog) && !def_ignore_logfile_errors) diff --git a/plugins/sudoers/auth/bsdauth.c b/plugins/sudoers/auth/bsdauth.c index 18ebb3601..1e9264bbd 100644 --- a/plugins/sudoers/auth/bsdauth.c +++ b/plugins/sudoers/auth/bsdauth.c @@ -92,7 +92,7 @@ bsdauth_init(struct passwd *pw, sudo_auth *auth) if (auth_setitem(state.as, AUTHV_STYLE, login_style) < 0 || auth_setitem(state.as, AUTHV_NAME, pw->pw_name) < 0 || - auth_setitem(state.as, AUTHV_CLASS, runas_ctx.class) < 0) { + auth_setitem(state.as, AUTHV_CLASS, ctx.runas.class) < 0) { log_warningx(0, N_("unable to initialize BSD authentication")); goto bad; } diff --git a/plugins/sudoers/auth/pam.c b/plugins/sudoers/auth/pam.c index e7b3caf57..ca96229b8 100644 --- a/plugins/sudoers/auth/pam.c +++ b/plugins/sudoers/auth/pam.c @@ -191,7 +191,7 @@ static int sudo_pam_init2(struct passwd *pw, sudo_auth *auth, bool quiet) { static int pam_status = PAM_SUCCESS; - const char *ttypath = user_ctx.ttypath; + const char *ttypath = ctx.user.ttypath; const char *errstr, *pam_service; int rc; debug_decl(sudo_pam_init, SUDOERS_DEBUG_AUTH); @@ -234,19 +234,19 @@ sudo_pam_init2(struct passwd *pw, sudo_auth *auth, bool quiet) * Note: PAM_RHOST may cause a DNS lookup on Linux in libaudit. */ if (def_pam_ruser) { - rc = pam_set_item(pamh, PAM_RUSER, user_ctx.name); + rc = pam_set_item(pamh, PAM_RUSER, ctx.user.name); if (rc != PAM_SUCCESS) { errstr = sudo_pam_strerror(pamh, rc); sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, - "pam_set_item(pamh, PAM_RUSER, %s): %s", user_ctx.name, errstr); + "pam_set_item(pamh, PAM_RUSER, %s): %s", ctx.user.name, errstr); } } if (def_pam_rhost) { - rc = pam_set_item(pamh, PAM_RHOST, user_ctx.host); + rc = pam_set_item(pamh, PAM_RHOST, ctx.user.host); if (rc != PAM_SUCCESS) { errstr = sudo_pam_strerror(pamh, rc); sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, - "pam_set_item(pamh, PAM_RHOST, %s): %s", user_ctx.host, errstr); + "pam_set_item(pamh, PAM_RHOST, %s): %s", ctx.user.host, errstr); } } if (ttypath != NULL) { @@ -297,8 +297,8 @@ sudo_pam_verify(struct passwd *pw, const char *prompt, sudo_auth *auth, struct s /* Set KRB5CCNAME from the user environment if not set to propagate this * information to PAM modules that may use it to authentication. */ envccname = sudo_getenv("KRB5CCNAME"); - if (envccname == NULL && user_ctx.ccname != NULL) { - if (sudo_setenv("KRB5CCNAME", user_ctx.ccname, true) != 0) { + if (envccname == NULL && ctx.user.ccname != NULL) { + if (sudo_setenv("KRB5CCNAME", ctx.user.ccname, true) != 0) { sudo_debug_printf(SUDO_DEBUG_WARN|SUDO_DEBUG_LINENO, "unable to set KRB5CCNAME"); debug_return_int(AUTH_FAILURE); @@ -631,8 +631,8 @@ use_pam_prompt(const char *pam_prompt) * Some PAM modules use "^username's Password: ?$" instead of * "^Password: ?" so check for that too. */ - user_len = strlen(user_ctx.name); - if (strncmp(pam_prompt, user_ctx.name, user_len) == 0) { + user_len = strlen(ctx.user.name); + if (strncmp(pam_prompt, ctx.user.name, user_len) == 0) { const char *cp = pam_prompt + user_len; if (strncmp(cp, "'s Password:", 12) == 0 && (cp[12] == '\0' || (cp[12] == ' ' && cp[13] == '\0'))) diff --git a/plugins/sudoers/auth/passwd.c b/plugins/sudoers/auth/passwd.c index 369b0d133..7b6467ccc 100644 --- a/plugins/sudoers/auth/passwd.c +++ b/plugins/sudoers/auth/passwd.c @@ -50,7 +50,7 @@ sudo_passwd_init(struct passwd *pw, sudo_auth *auth) debug_return_int(AUTH_SUCCESS); #ifdef HAVE_SKEYACCESS - if (skeyaccess(pw, user_ctx.tty, NULL, NULL) == 0) + if (skeyaccess(pw, ctx.user.tty, NULL, NULL) == 0) debug_return_int(AUTH_FAILURE); #endif sudo_setspent(); diff --git a/plugins/sudoers/auth/sia.c b/plugins/sudoers/auth/sia.c index 0fdfaf1b8..624952427 100644 --- a/plugins/sudoers/auth/sia.c +++ b/plugins/sudoers/auth/sia.c @@ -65,7 +65,7 @@ sudo_sia_setup(struct passwd *pw, char **promptp, sudo_auth *auth) sudo_argv[sudo_argc] = NULL; /* We don't let SIA prompt the user for input. */ - if (sia_ses_init(&siah, sudo_argc, sudo_argv, NULL, pw->pw_name, user_ctx.ttypath, 0, NULL) != SIASUCCESS) { + if (sia_ses_init(&siah, sudo_argc, sudo_argv, NULL, pw->pw_name, ctx.user.ttypath, 0, NULL) != SIASUCCESS) { log_warning(0, N_("unable to initialize SIA session")); debug_return_int(AUTH_FATAL); } @@ -122,7 +122,7 @@ sudo_sia_begin_session(struct passwd *pw, char **user_envp[], sudo_auth *auth) debug_decl(sudo_sia_begin_session, SUDOERS_DEBUG_AUTH); /* Re-init sia for the target user's session. */ - if (sia_ses_init(&siah, NewArgc, NewArgv, NULL, pw->pw_name, user_ctx.ttypath, 0, NULL) != SIASUCCESS) { + if (sia_ses_init(&siah, NewArgc, NewArgv, NULL, pw->pw_name, ctx.user.ttypath, 0, NULL) != SIASUCCESS) { log_warning(0, N_("unable to initialize SIA session")); goto done; } diff --git a/plugins/sudoers/callbacks.c b/plugins/sudoers/callbacks.c index be5e1cf7c..29054f0f8 100644 --- a/plugins/sudoers/callbacks.c +++ b/plugins/sudoers/callbacks.c @@ -95,7 +95,7 @@ resolve_host(const char *host, char **longp, char **shortp) /* * Look up the fully qualified domain name of user and runas hosts. - * Sets user_ctx.host, user_ctx.shost, runas_ctx.host and runas_ctx.shost. + * Sets ctx.user.host, ctx.user.shost, ctx.runas.host and ctx.runas.shost. */ static bool cb_fqdn(const char *file, int line, int column, @@ -111,35 +111,35 @@ cb_fqdn(const char *file, int line, int column, debug_return_bool(true); /* If the -h flag was given we need to resolve both host names. */ - remote = strcmp(runas_ctx.host, user_ctx.host) != 0; + remote = strcmp(ctx.runas.host, ctx.user.host) != 0; - /* First resolve user_ctx.host, setting host and shost. */ - if (resolve_host(user_ctx.host, &lhost, &shost) != 0) { - if ((rc = resolve_host(runas_ctx.host, &lhost, &shost)) != 0) { + /* First resolve ctx.user.host, setting host and shost. */ + if (resolve_host(ctx.user.host, &lhost, &shost) != 0) { + if ((rc = resolve_host(ctx.runas.host, &lhost, &shost)) != 0) { gai_log_warning(SLOG_PARSE_ERROR|SLOG_RAW_MSG, rc, - N_("unable to resolve host %s"), user_ctx.host); + N_("unable to resolve host %s"), ctx.user.host); debug_return_bool(false); } } - if (user_ctx.shost != user_ctx.host) - free(user_ctx.shost); - free(user_ctx.host); - user_ctx.host = lhost; - user_ctx.shost = shost; + if (ctx.user.shost != ctx.user.host) + free(ctx.user.shost); + free(ctx.user.host); + ctx.user.host = lhost; + ctx.user.shost = shost; - /* Next resolve runas_ctx.host, setting host and shost in runas_ctx. */ + /* Next resolve ctx.runas.host, setting host and shost in ctx.runas. */ lhost = shost = NULL; if (remote) { - if ((rc = resolve_host(runas_ctx.host, &lhost, &shost)) != 0) { + if ((rc = resolve_host(ctx.runas.host, &lhost, &shost)) != 0) { gai_log_warning(SLOG_NO_LOG|SLOG_RAW_MSG, rc, - N_("unable to resolve host %s"), runas_ctx.host); + N_("unable to resolve host %s"), ctx.runas.host); debug_return_bool(false); } } else { - /* Not remote, just use user_ctx.host. */ - if ((lhost = strdup(user_ctx.host)) != NULL) { - if (user_ctx.shost != user_ctx.host) - shost = strdup(user_ctx.shost); + /* Not remote, just use ctx.user.host. */ + if ((lhost = strdup(ctx.user.host)) != NULL) { + if (ctx.user.shost != ctx.user.host) + shost = strdup(ctx.user.shost); else shost = lhost; } @@ -152,16 +152,16 @@ cb_fqdn(const char *file, int line, int column, } } if (lhost != NULL && shost != NULL) { - if (runas_ctx.shost != runas_ctx.host) - free(runas_ctx.shost); - free(runas_ctx.host); - runas_ctx.host = lhost; - runas_ctx.shost = shost; + if (ctx.runas.shost != ctx.runas.host) + free(ctx.runas.shost); + free(ctx.runas.host); + ctx.runas.host = lhost; + ctx.runas.shost = shost; } sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO, "host %s, shost %s, runas host %s, runas shost %s", - user_ctx.host, user_ctx.shost, runas_ctx.host, runas_ctx.shost); + ctx.user.host, ctx.user.shost, ctx.runas.host, ctx.runas.shost); debug_return_bool(true); } @@ -227,11 +227,11 @@ cb_runchroot(const char *file, int line, int column, sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO, "def_runchroot now %s", sd_un->str); - if (user_ctx.cmnd != NULL) { - /* Update user_ctx.cmnd and cmnd_status based on the new chroot. */ + if (ctx.user.cmnd != NULL) { + /* Update ctx.user.cmnd and cmnd_status based on the new chroot. */ set_cmnd_status(sd_un->str); sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO, - "user_ctx.cmnd now %s", user_ctx.cmnd); + "ctx.user.cmnd now %s", ctx.user.cmnd); } debug_return_bool(true); @@ -409,7 +409,7 @@ cb_intercept_type(const char *file, int line, int column, /* Set explicitly in sudoers. */ if (sd_un->tuple == dso) { /* Reset intercept_allow_setid default value. */ - if (!ISSET(user_ctx.flags, USER_INTERCEPT_SETID)) + if (!ISSET(ctx.settings.flags, USER_INTERCEPT_SETID)) def_intercept_allow_setid = false; } } @@ -426,7 +426,7 @@ cb_intercept_allow_setid(const char *file, int line, int column, /* Operator will be -1 if set by front-end. */ if (op != -1) { /* Set explicitly in sudoers. */ - SET(user_ctx.flags, USER_INTERCEPT_SETID); + SET(ctx.settings.flags, USER_INTERCEPT_SETID); } debug_return_bool(true); diff --git a/plugins/sudoers/check.c b/plugins/sudoers/check.c index 10cb3ff44..c7fefcde4 100644 --- a/plugins/sudoers/check.c +++ b/plugins/sudoers/check.c @@ -72,7 +72,7 @@ getpass_resume(int signo, void *vclosure) { struct getpass_closure *closure = vclosure; - closure->cookie = timestamp_open(user_ctx.name, user_ctx.sid); + closure->cookie = timestamp_open(ctx.user.name, ctx.user.sid); if (closure->cookie == NULL) return -1; if (!timestamp_lock(closure->cookie, closure->auth_pw)) @@ -103,7 +103,7 @@ check_user_interactive(unsigned int validated, unsigned int mode, /* Open, lock and read time stamp file if we are using it. */ if (!ISSET(mode, MODE_IGNORE_TICKET)) { /* Open time stamp file and check its status. */ - closure->cookie = timestamp_open(user_ctx.name, user_ctx.sid); + closure->cookie = timestamp_open(ctx.user.name, ctx.user.sid); if (closure->cookie != NULL) { if (timestamp_lock(closure->cookie, closure->auth_pw)) { closure->tstat = timestamp_status(closure->cookie, @@ -138,7 +138,7 @@ check_user_interactive(unsigned int validated, unsigned int mode, /* Expand any escapes in the prompt. */ prompt = expand_prompt( - user_ctx.prompt ? user_ctx.prompt : def_passprompt, + ctx.user.prompt ? ctx.user.prompt : def_passprompt, closure->auth_pw->pw_name); if (prompt == NULL) goto done; @@ -197,17 +197,17 @@ check_user(unsigned int validated, unsigned int mode) ret = true; goto done; } - if (user_ctx.uid == 0 || (user_ctx.uid == runas_ctx.pw->pw_uid && - (runas_ctx.gr == NULL || - user_in_group(user_ctx.pw, runas_ctx.gr->gr_name)))) { + if (ctx.user.uid == 0 || (ctx.user.uid == ctx.runas.pw->pw_uid && + (ctx.runas.gr == NULL || + user_in_group(ctx.user.pw, ctx.runas.gr->gr_name)))) { #ifdef HAVE_SELINUX - if (runas_ctx.role == NULL && runas_ctx.type == NULL) + if (ctx.runas.role == NULL && ctx.runas.type == NULL) #endif #ifdef HAVE_APPARMOR - if (runas_ctx.apparmor_profile == NULL) + if (ctx.runas.apparmor_profile == NULL) #endif #ifdef HAVE_PRIV_SET - if (runas_ctx.privs == NULL && runas_ctx.limitprivs == NULL) + if (ctx.runas.privs == NULL && ctx.runas.limitprivs == NULL) #endif { sudo_debug_printf(SUDO_DEBUG_INFO, @@ -329,7 +329,7 @@ user_is_exempt(void) debug_decl(user_is_exempt, SUDOERS_DEBUG_AUTH); if (def_exempt_group) { - if (user_in_group(user_ctx.pw, def_exempt_group)) + if (user_in_group(ctx.user.pw, def_exempt_group)) ret = true; } debug_return_bool(ret); @@ -338,7 +338,7 @@ user_is_exempt(void) /* * Get passwd entry for the user we are going to authenticate as. * By default, this is the user invoking sudo. In the most common - * case, this matches user_ctx.pw or runas_ctx.pw. + * case, this matches ctx.user.pw or ctx.runas.pw. */ static struct passwd * get_authpw(unsigned int mode) @@ -348,8 +348,8 @@ get_authpw(unsigned int mode) if (ISSET(mode, (MODE_CHECK|MODE_LIST))) { /* In list mode we always prompt for the user's password. */ - sudo_pw_addref(user_ctx.pw); - pw = user_ctx.pw; + sudo_pw_addref(ctx.user.pw); + pw = ctx.user.pw; } else { if (def_rootpw) { if ((pw = sudo_getpwuid(ROOT_UID)) == NULL) { @@ -361,17 +361,17 @@ get_authpw(unsigned int mode) N_("unknown user %s"), def_runas_default); } } else if (def_targetpw) { - if (runas_ctx.pw->pw_name == NULL) { + if (ctx.runas.pw->pw_name == NULL) { /* This should never be NULL as we fake up the passwd struct */ log_warningx(SLOG_RAW_MSG, N_("unknown uid %u"), - (unsigned int) runas_ctx.pw->pw_uid); + (unsigned int) ctx.runas.pw->pw_uid); } else { - sudo_pw_addref(runas_ctx.pw); - pw = runas_ctx.pw; + sudo_pw_addref(ctx.runas.pw); + pw = ctx.runas.pw; } } else { - sudo_pw_addref(user_ctx.pw); - pw = user_ctx.pw; + sudo_pw_addref(ctx.user.pw); + pw = ctx.user.pw; } } diff --git a/plugins/sudoers/cvtsudoers.c b/plugins/sudoers/cvtsudoers.c index 8ec807a00..ef205b6c0 100644 --- a/plugins/sudoers/cvtsudoers.c +++ b/plugins/sudoers/cvtsudoers.c @@ -61,8 +61,7 @@ * Globals */ struct cvtsudoers_filter *filters; -struct sudoers_user_context user_ctx; -struct sudoers_runas_context runas_ctx; +struct sudoers_context ctx; static FILE *logfp; static const char short_opts[] = "b:c:d:ef:hi:I:l:m:Mo:O:pP:s:V"; static struct option long_opts[] = { @@ -966,15 +965,15 @@ cmnd_matches_filter(struct sudoers_parse_tree *parse_tree, } /* Only need one command in the filter to match. */ - user_ctx.cmnd = s->str; - user_ctx.cmnd_base = sudo_basename(user_ctx.cmnd); + ctx.user.cmnd = s->str; + ctx.user.cmnd_base = sudo_basename(ctx.user.cmnd); if (cmnd_matches(parse_tree, m, NULL, NULL) == true) { matched = true; break; } } - user_ctx.cmnd_base = NULL; - user_ctx.cmnd = NULL; + ctx.user.cmnd_base = NULL; + ctx.user.cmnd = NULL; debug_return_bool(matched); } diff --git a/plugins/sudoers/defaults.c b/plugins/sudoers/defaults.c index 03b2d2b82..151309383 100644 --- a/plugins/sudoers/defaults.c +++ b/plugins/sudoers/defaults.c @@ -706,7 +706,7 @@ default_binding_matches(struct sudoers_parse_tree *parse_tree, case DEFAULTS: debug_return_bool(true); case DEFAULTS_USER: - if (userlist_matches(parse_tree, user_ctx.pw, &d->binding->members) == ALLOW) + if (userlist_matches(parse_tree, ctx.user.pw, &d->binding->members) == ALLOW) debug_return_bool(true); break; case DEFAULTS_RUNAS: @@ -714,7 +714,7 @@ default_binding_matches(struct sudoers_parse_tree *parse_tree, debug_return_bool(true); break; case DEFAULTS_HOST: - if (hostlist_matches(parse_tree, user_ctx.pw, &d->binding->members) == ALLOW) + if (hostlist_matches(parse_tree, ctx.user.pw, &d->binding->members) == ALLOW) debug_return_bool(true); break; case DEFAULTS_CMND: diff --git a/plugins/sudoers/display.c b/plugins/sudoers/display.c index 7ed8b3156..087cf015f 100644 --- a/plugins/sudoers/display.c +++ b/plugins/sudoers/display.c @@ -459,14 +459,14 @@ display_privs(const struct sudo_nss_list *snl, struct passwd *pw, bool verbose) struct stat sb; debug_decl(display_privs, SUDOERS_DEBUG_PARSER); - cols = user_ctx.cols; + cols = ctx.user.cols; if (fstat(STDOUT_FILENO, &sb) == 0 && S_ISFIFO(sb.st_mode)) cols = 0; sudo_lbuf_init(&def_buf, output, 4, NULL, cols); sudo_lbuf_init(&priv_buf, output, 8, NULL, cols); sudo_lbuf_append(&def_buf, _("Matching Defaults entries for %s on %s:\n"), - pw->pw_name, runas_ctx.shost); + pw->pw_name, ctx.runas.shost); count = 0; TAILQ_FOREACH(nss, snl, entries) { n = display_defaults(nss->parse_tree, pw, &def_buf); @@ -502,7 +502,7 @@ display_privs(const struct sudo_nss_list *snl, struct passwd *pw, bool verbose) /* Display privileges from all sources. */ sudo_lbuf_append(&priv_buf, _("User %s may run the following commands on %s:\n"), - pw->pw_name, runas_ctx.shost); + pw->pw_name, ctx.runas.shost); count = 0; TAILQ_FOREACH(nss, snl, entries) { if (nss->query(nss, pw) != -1) { @@ -517,7 +517,7 @@ display_privs(const struct sudo_nss_list *snl, struct passwd *pw, bool verbose) priv_buf.len = 0; sudo_lbuf_append(&priv_buf, _("User %s is not allowed to run sudo on %s.\n"), - pw->pw_name, runas_ctx.shost); + pw->pw_name, ctx.runas.shost); } if (sudo_lbuf_error(&def_buf) || sudo_lbuf_error(&priv_buf)) goto bad; @@ -548,13 +548,13 @@ display_cmnd_check(const struct sudoers_parse_tree *parse_tree, debug_decl(display_cmnd_check, SUDOERS_DEBUG_PARSER); /* - * For "sudo -l command", user_ctx.cmnd is "list" and the actual - * command we are checking is in user_ctx.cmnd_list. + * For "sudo -l command", ctx.user.cmnd is "list" and the actual + * command we are checking is in ctx.user.cmnd_list. */ - saved_user_cmnd = user_ctx.cmnd; - saved_user_base = user_ctx.cmnd_base; - user_ctx.cmnd = user_ctx.cmnd_list; - user_ctx.cmnd_base = sudo_basename(user_ctx.cmnd); + saved_user_cmnd = ctx.user.cmnd; + saved_user_base = ctx.user.cmnd_base; + ctx.user.cmnd = ctx.user.cmnd_list; + ctx.user.cmnd_base = sudo_basename(ctx.user.cmnd); TAILQ_FOREACH_REVERSE(us, &parse_tree->userspecs, userspec_list, entries) { if (userlist_matches(parse_tree, pw, &us->users) != ALLOW) @@ -589,13 +589,13 @@ display_cmnd_check(const struct sudoers_parse_tree *parse_tree, } } done: - user_ctx.cmnd = saved_user_cmnd; - user_ctx.cmnd_base = saved_user_base; + ctx.user.cmnd = saved_user_cmnd; + ctx.user.cmnd_base = saved_user_base; debug_return_int(cmnd_match); } /* - * Check user_ctx.cmnd against sudoers and print the matching entry if the + * Check ctx.user.cmnd against sudoers and print the matching entry if the * command is allowed. * Returns true if the command is allowed, false if not or -1 on error. */ @@ -633,9 +633,9 @@ display_cmnd(const struct sudo_nss_list *snl, struct passwd *pw, bool verbose) match_info.priv, match_info.cs, NULL, &lbuf); sudo_lbuf_append(&lbuf, " Matched: "); } - sudo_lbuf_append(&lbuf, "%s%s%s\n", user_ctx.cmnd_list, - user_ctx.cmnd_args ? " " : "", - user_ctx.cmnd_args ? user_ctx.cmnd_args : ""); + sudo_lbuf_append(&lbuf, "%s%s%s\n", ctx.user.cmnd_list, + ctx.user.cmnd_args ? " " : "", + ctx.user.cmnd_args ? ctx.user.cmnd_args : ""); sudo_lbuf_print(&lbuf); ret = sudo_lbuf_error(&lbuf) ? -1 : true; sudo_lbuf_destroy(&lbuf); diff --git a/plugins/sudoers/env.c b/plugins/sudoers/env.c index 8dcdbf7f5..ce84e91f2 100644 --- a/plugins/sudoers/env.c +++ b/plugins/sudoers/env.c @@ -901,11 +901,11 @@ rebuild_env(void) if (!ISSET(sudo_mode, MODE_LOGIN_SHELL)) { #ifdef HAVE_LOGIN_CAP_H /* Insert login class environment variables. */ - if (runas_ctx.class) { - login_cap_t *lc = login_getclass(runas_ctx.class); + if (ctx.runas.class) { + login_cap_t *lc = login_getclass(ctx.runas.class); if (lc != NULL) { - setusercontext(lc, runas_ctx.pw, - runas_ctx.pw->pw_uid, LOGIN_SETPATH|LOGIN_SETENV); + setusercontext(lc, ctx.runas.pw, + ctx.runas.pw->pw_uid, LOGIN_SETPATH|LOGIN_SETENV); login_close(lc); } } @@ -951,27 +951,27 @@ rebuild_env(void) * on sudoers options). */ if (ISSET(sudo_mode, MODE_LOGIN_SHELL)) { - CHECK_SETENV2("SHELL", runas_ctx.pw->pw_shell, + CHECK_SETENV2("SHELL", ctx.runas.pw->pw_shell, ISSET(didvar, DID_SHELL), true); #ifdef _AIX - CHECK_SETENV2("LOGIN", runas_ctx.pw->pw_name, + CHECK_SETENV2("LOGIN", ctx.runas.pw->pw_name, ISSET(didvar, DID_LOGIN), true); #endif - CHECK_SETENV2("LOGNAME", runas_ctx.pw->pw_name, + CHECK_SETENV2("LOGNAME", ctx.runas.pw->pw_name, ISSET(didvar, DID_LOGNAME), true); - CHECK_SETENV2("USER", runas_ctx.pw->pw_name, + CHECK_SETENV2("USER", ctx.runas.pw->pw_name, ISSET(didvar, DID_USER), true); } else { /* We will set LOGNAME later in the def_set_logname case. */ if (!def_set_logname) { #ifdef _AIX if (!ISSET(didvar, DID_LOGIN)) - CHECK_SETENV2("LOGIN", user_ctx.name, false, true); + CHECK_SETENV2("LOGIN", ctx.user.name, false, true); #endif if (!ISSET(didvar, DID_LOGNAME)) - CHECK_SETENV2("LOGNAME", user_ctx.name, false, true); + CHECK_SETENV2("LOGNAME", ctx.user.name, false, true); if (!ISSET(didvar, DID_USER)) - CHECK_SETENV2("USER", user_ctx.name, false, true); + CHECK_SETENV2("USER", ctx.user.name, false, true); } } @@ -986,10 +986,10 @@ rebuild_env(void) if (ISSET(sudo_mode, MODE_LOGIN_SHELL) || !ISSET(didvar, KEPT_MAIL)) { if (_PATH_MAILDIR[sizeof(_PATH_MAILDIR) - 2] == '/') { len = asprintf(&cp, "MAIL=%s%s", _PATH_MAILDIR, - runas_ctx.pw->pw_name); + ctx.runas.pw->pw_name); } else { len = asprintf(&cp, "MAIL=%s/%s", _PATH_MAILDIR, - runas_ctx.pw->pw_name); + ctx.runas.pw->pw_name); } if (len == -1) goto bad; @@ -1036,10 +1036,10 @@ rebuild_env(void) if ((didvar & KEPT_USER_VARIABLES) == 0) { /* Nothing preserved, set them all. */ #ifdef _AIX - CHECK_SETENV2("LOGIN", runas_ctx.pw->pw_name, true, true); + CHECK_SETENV2("LOGIN", ctx.runas.pw->pw_name, true, true); #endif - CHECK_SETENV2("LOGNAME", runas_ctx.pw->pw_name, true, true); - CHECK_SETENV2("USER", runas_ctx.pw->pw_name, true, true); + CHECK_SETENV2("LOGNAME", ctx.runas.pw->pw_name, true, true); + CHECK_SETENV2("USER", ctx.runas.pw->pw_name, true, true); } else if ((didvar & KEPT_USER_VARIABLES) != KEPT_USER_VARIABLES) { /* * Preserved some of LOGIN, LOGNAME, USER but not all. @@ -1071,11 +1071,11 @@ rebuild_env(void) /* Set $HOME to target user if not preserving user's value. */ if (reset_home) - CHECK_SETENV2("HOME", runas_ctx.pw->pw_dir, true, true); + CHECK_SETENV2("HOME", ctx.runas.pw->pw_dir, true, true); /* Provide default values for $SHELL, $TERM and $PATH if not set. */ if (!ISSET(didvar, DID_SHELL)) - CHECK_SETENV2("SHELL", runas_ctx.pw->pw_shell, false, false); + CHECK_SETENV2("SHELL", ctx.runas.pw->pw_shell, false, false); if (!ISSET(didvar, DID_TERM)) CHECK_PUTENV("TERM=unknown", false, false); if (!ISSET(didvar, DID_PATH)) @@ -1086,14 +1086,14 @@ rebuild_env(void) CHECK_PUTENV(ps1, true, true); /* Add the SUDO_COMMAND envariable (cmnd + args). */ - if (user_ctx.cmnd_args) { + if (ctx.user.cmnd_args) { /* - * We limit user_ctx.cmnd_args to 4096 bytes to avoid an execve(2) + * We limit ctx.user.cmnd_args to 4096 bytes to avoid an execve(2) * failure for very long argument vectors. The command's environment * also counts against the ARG_MAX limit. */ - len = asprintf(&cp, "SUDO_COMMAND=%s %.*s", user_ctx.cmnd, 4096, - user_ctx.cmnd_args); + len = asprintf(&cp, "SUDO_COMMAND=%s %.*s", ctx.user.cmnd, 4096, + ctx.user.cmnd_args); if (len == -1) goto bad; if (sudo_putenv(cp, true, true) == -1) { @@ -1102,14 +1102,14 @@ rebuild_env(void) } sudoers_gc_add(GC_PTR, cp); } else { - CHECK_SETENV2("SUDO_COMMAND", user_ctx.cmnd, true, true); + CHECK_SETENV2("SUDO_COMMAND", ctx.user.cmnd, true, true); } /* Add the SUDO_USER, SUDO_UID, SUDO_GID environment variables. */ - CHECK_SETENV2("SUDO_USER", user_ctx.name, true, true); - (void)snprintf(idbuf, sizeof(idbuf), "%u", (unsigned int) user_ctx.uid); + CHECK_SETENV2("SUDO_USER", ctx.user.name, true, true); + (void)snprintf(idbuf, sizeof(idbuf), "%u", (unsigned int) ctx.user.uid); CHECK_SETENV2("SUDO_UID", idbuf, true, true); - (void)snprintf(idbuf, sizeof(idbuf), "%u", (unsigned int) user_ctx.gid); + (void)snprintf(idbuf, sizeof(idbuf), "%u", (unsigned int) ctx.user.gid); CHECK_SETENV2("SUDO_GID", idbuf, true, true); debug_return_bool(true); diff --git a/plugins/sudoers/fmtsudoers.c b/plugins/sudoers/fmtsudoers.c index a1b866dee..1924df815 100644 --- a/plugins/sudoers/fmtsudoers.c +++ b/plugins/sudoers/fmtsudoers.c @@ -52,8 +52,8 @@ sudoers_format_member_int(struct sudo_lbuf *lbuf, switch (type) { case MYSELF: sudo_lbuf_append(lbuf, "%s%s", negated ? "!" : "", - runas_ctx.list_pw ? runas_ctx.list_pw->pw_name : - (user_ctx.name ? user_ctx.name : "")); + ctx.runas.list_pw ? ctx.runas.list_pw->pw_name : + (ctx.user.name ? ctx.user.name : "")); break; case ALL: if (name == NULL) { diff --git a/plugins/sudoers/iolog_path_escapes.c b/plugins/sudoers/iolog_path_escapes.c index 80ce0f22e..0afd4bf14 100644 --- a/plugins/sudoers/iolog_path_escapes.c +++ b/plugins/sudoers/iolog_path_escapes.c @@ -63,7 +63,7 @@ static size_t fill_user(char *str, size_t strsize, void *unused) { debug_decl(fill_user, SUDOERS_DEBUG_UTIL); - debug_return_size_t(strlcpy(str, user_ctx.name, strsize)); + debug_return_size_t(strlcpy(str, ctx.user.name, strsize)); } static size_t @@ -73,11 +73,11 @@ fill_group(char *str, size_t strsize, void *unused) size_t len; debug_decl(fill_group, SUDOERS_DEBUG_UTIL); - if ((grp = sudo_getgrgid(user_ctx.gid)) != NULL) { + if ((grp = sudo_getgrgid(ctx.user.gid)) != NULL) { len = strlcpy(str, grp->gr_name, strsize); sudo_gr_delref(grp); } else { - len = (size_t)snprintf(str, strsize, "#%u", (unsigned int)user_ctx.gid); + len = (size_t)snprintf(str, strsize, "#%u", (unsigned int)ctx.user.gid); } debug_return_size_t(len); } @@ -86,7 +86,7 @@ static size_t fill_runas_user(char *str, size_t strsize, void *unused) { debug_decl(fill_runas_user, SUDOERS_DEBUG_UTIL); - debug_return_size_t(strlcpy(str, runas_ctx.pw->pw_name, strsize)); + debug_return_size_t(strlcpy(str, ctx.runas.pw->pw_name, strsize)); } static size_t @@ -96,15 +96,15 @@ fill_runas_group(char *str, size_t strsize, void *unused) size_t len; debug_decl(fill_runas_group, SUDOERS_DEBUG_UTIL); - if (runas_ctx.gr != NULL) { - len = strlcpy(str, runas_ctx.gr->gr_name, strsize); + if (ctx.runas.gr != NULL) { + len = strlcpy(str, ctx.runas.gr->gr_name, strsize); } else { - if ((grp = sudo_getgrgid(runas_ctx.pw->pw_gid)) != NULL) { + if ((grp = sudo_getgrgid(ctx.runas.pw->pw_gid)) != NULL) { len = strlcpy(str, grp->gr_name, strsize); sudo_gr_delref(grp); } else { len = (size_t)snprintf(str, strsize, "#%u", - (unsigned int)runas_ctx.pw->pw_gid); + (unsigned int)ctx.runas.pw->pw_gid); } } debug_return_size_t(len); @@ -114,14 +114,14 @@ static size_t fill_hostname(char *str, size_t strsize, void *unused) { debug_decl(fill_hostname, SUDOERS_DEBUG_UTIL); - debug_return_size_t(strlcpy(str, user_ctx.shost, strsize)); + debug_return_size_t(strlcpy(str, ctx.user.shost, strsize)); } static size_t fill_command(char *str, size_t strsize, void *unused) { debug_decl(fill_command, SUDOERS_DEBUG_UTIL); - debug_return_size_t(strlcpy(str, user_ctx.cmnd_base, strsize)); + debug_return_size_t(strlcpy(str, ctx.user.cmnd_base, strsize)); } /* Note: "seq" must be first in the list. */ diff --git a/plugins/sudoers/ldap.c b/plugins/sudoers/ldap.c index 2d5d039de..d5bf2f043 100644 --- a/plugins/sudoers/ldap.c +++ b/plugins/sudoers/ldap.c @@ -329,8 +329,8 @@ sudo_ldap_check_non_unix_group(const struct sudo_nss *nss, LDAPMessage *entry, } if (*val == '+') { if (netgr_matches(nss, val, - def_netgroup_tuple ? runas_ctx.host : NULL, - def_netgroup_tuple ? runas_ctx.shost : NULL, pw->pw_name)) + def_netgroup_tuple ? ctx.runas.host : NULL, + def_netgroup_tuple ? ctx.runas.shost : NULL, pw->pw_name)) ret = true; DPRINTF2("ldap sudoUser netgroup '%s%s' ... %s", negated ? "!" : "", val, ret ? "MATCH!" : "not"); @@ -666,11 +666,11 @@ sudo_netgroup_lookup(LDAP *ld, struct passwd *pw, if ((escaped_user = sudo_ldap_value_dup(pw->pw_name)) == NULL) goto oom; if (def_netgroup_tuple) { - escaped_host = sudo_ldap_value_dup(runas_ctx.host); - if (runas_ctx.host == runas_ctx.shost) + escaped_host = sudo_ldap_value_dup(ctx.runas.host); + if (ctx.runas.host == ctx.runas.shost) escaped_shost = escaped_host; else - escaped_shost = sudo_ldap_value_dup(runas_ctx.shost); + escaped_shost = sudo_ldap_value_dup(ctx.runas.shost); if (escaped_host == NULL || escaped_shost == NULL) goto oom; } @@ -1441,12 +1441,12 @@ sudo_ldap_bind_s(LDAP *ld) int rc; /* Make temp copy of the user's credential cache as needed. */ - if (ldap_conf.krb5_ccname == NULL && user_ctx.ccname != NULL) { - new_ccname = tmp_ccname = sudo_krb5_copy_cc_file(user_ctx.ccname); + if (ldap_conf.krb5_ccname == NULL && ctx.user.ccname != NULL) { + new_ccname = tmp_ccname = sudo_krb5_copy_cc_file(ctx.user.ccname); if (tmp_ccname == NULL) { /* XXX - fatal error */ sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO, - "unable to copy user ccache %s", user_ctx.ccname); + "unable to copy user ccache %s", ctx.user.ccname); } } @@ -1925,7 +1925,7 @@ sudo_ldap_query(const struct sudo_nss *nss, struct passwd *pw) free_userspecs(&handle->parse_tree.userspecs); DPRINTF1("%s: ldap search user %s, host %s", __func__, pw->pw_name, - runas_ctx.host); + ctx.runas.host); if ((lres = sudo_ldap_result_get(nss, pw)) == NULL) goto done; diff --git a/plugins/sudoers/logging.c b/plugins/sudoers/logging.c index ae04dba7f..51212c0c5 100644 --- a/plugins/sudoers/logging.c +++ b/plugins/sudoers/logging.c @@ -156,7 +156,7 @@ log_server_reject(struct eventlog *evlog, const char *message) debug_return_bool(false); /* Open connection to log server, send hello and reject messages. */ - client_closure = log_server_open(&details, &user_ctx.submit_time, + client_closure = log_server_open(&details, &ctx.user.submit_time, false, SEND_REJECT, message); if (client_closure != NULL) { client_closure_free(client_closure); @@ -256,14 +256,14 @@ log_reject(const char *message, bool logit, bool mailit) debug_decl(log_reject, SUDOERS_DEBUG_LOGGING); if (!ISSET(sudo_mode, MODE_POLICY_INTERCEPTED)) - uuid_str = user_ctx.uuid_str; + uuid_str = ctx.user.uuid_str; if (mailit) { SET(evl_flags, EVLOG_MAIL); if (!logit) SET(evl_flags, EVLOG_MAIL_ONLY); } - sudoers_to_eventlog(&evlog, runas_ctx.cmnd, NewArgv, env_get(), uuid_str); + sudoers_to_eventlog(&evlog, ctx.runas.cmnd, NewArgv, env_get(), uuid_str); ret = eventlog_reject(&evlog, evl_flags, message, NULL, NULL); if (!log_server_reject(&evlog, message)) ret = false; @@ -313,17 +313,17 @@ log_denial(unsigned int status, bool inform_user) if (ISSET(status, FLAG_NO_USER)) { sudo_printf(SUDO_CONV_ERROR_MSG, _("%s is not in the sudoers " - "file.\n"), user_ctx.name); + "file.\n"), ctx.user.name); } else if (ISSET(status, FLAG_NO_HOST)) { sudo_printf(SUDO_CONV_ERROR_MSG, _("%s is not allowed to run sudo " - "on %s.\n"), user_ctx.name, runas_ctx.shost); + "on %s.\n"), ctx.user.name, ctx.runas.shost); } else if (ISSET(status, FLAG_NO_CHECK)) { sudo_printf(SUDO_CONV_ERROR_MSG, _("Sorry, user %s may not run " - "sudo on %s.\n"), user_ctx.name, runas_ctx.shost); + "sudo on %s.\n"), ctx.user.name, ctx.runas.shost); } else { const struct passwd *runas_pw = - runas_ctx.list_pw ? runas_ctx.list_pw : runas_ctx.pw; - const char *cmnd1 = user_ctx.cmnd; + ctx.runas.list_pw ? ctx.runas.list_pw : ctx.runas.pw; + const char *cmnd1 = ctx.user.cmnd; const char *cmnd2 = ""; if (ISSET(sudo_mode, MODE_CHECK)) { @@ -333,12 +333,12 @@ log_denial(unsigned int status, bool inform_user) } sudo_printf(SUDO_CONV_ERROR_MSG, _("Sorry, user %s is not allowed " "to execute '%s%s%s%s' as %s%s%s on %s.\n"), - user_ctx.name, cmnd1, cmnd2, user_ctx.cmnd_args ? " " : "", - user_ctx.cmnd_args ? user_ctx.cmnd_args : "", - runas_pw ? runas_pw->pw_name : user_ctx.name, - runas_ctx.gr ? ":" : "", - runas_ctx.gr ? runas_ctx.gr->gr_name : "", - user_ctx.host); + ctx.user.name, cmnd1, cmnd2, ctx.user.cmnd_args ? " " : "", + ctx.user.cmnd_args ? ctx.user.cmnd_args : "", + runas_pw ? runas_pw->pw_name : ctx.user.name, + ctx.runas.gr ? ":" : "", + ctx.runas.gr ? ctx.runas.gr->gr_name : "", + ctx.user.host); } if (mailit) { sudo_printf(SUDO_CONV_ERROR_MSG, "%s", @@ -360,15 +360,15 @@ log_failure(unsigned int status, int cmnd_status) /* The user doesn't always get to see the log message (path info). */ if (!ISSET(status, FLAG_NO_USER | FLAG_NO_HOST) && - runas_ctx.list_pw == NULL && def_path_info && + ctx.runas.list_pw == NULL && def_path_info && (cmnd_status == NOT_FOUND_DOT || cmnd_status == NOT_FOUND)) inform_user = false; ret = log_denial(status, inform_user); if (!inform_user) { - const char *cmnd = user_ctx.cmnd; + const char *cmnd = ctx.user.cmnd; if (ISSET(sudo_mode, MODE_CHECK)) - cmnd = user_ctx.cmnd_list ? user_ctx.cmnd_list : NewArgv[1]; + cmnd = ctx.user.cmnd_list ? ctx.user.cmnd_list : NewArgv[1]; /* * We'd like to not leak path info at all here, but that can @@ -608,7 +608,7 @@ log_exit_status(int status) ret = false; goto done; } - sudo_timespecsub(&run_time, &user_ctx.submit_time, &run_time); + sudo_timespecsub(&run_time, &ctx.user.submit_time, &run_time); if (WIFEXITED(status)) { exit_value = WEXITSTATUS(status); @@ -628,8 +628,8 @@ log_exit_status(int status) /* Log and mail messages should be in the sudoers locale. */ sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale); - sudoers_to_eventlog(&evlog, user_ctx.cmnd_saved, saved_argv, env_get(), - user_ctx.uuid_str); + sudoers_to_eventlog(&evlog, ctx.user.cmnd_saved, saved_argv, env_get(), + ctx.user.uuid_str); if (def_mail_always) { SET(evl_flags, EVLOG_MAIL); if (!def_log_exit_status) @@ -731,8 +731,8 @@ vlog_warning(unsigned int flags, int errnum, const char * restrict fmt, if (ISSET(flags, SLOG_NO_LOG)) SET(evl_flags, EVLOG_MAIL_ONLY); } - sudoers_to_eventlog(&evlog, runas_ctx.cmnd, NewArgv, env_get(), - user_ctx.uuid_str); + sudoers_to_eventlog(&evlog, ctx.runas.cmnd, NewArgv, env_get(), + ctx.user.uuid_str); if (!eventlog_alert(&evlog, evl_flags, &now, message, errstr)) ret = false; if (!log_server_alert(&evlog, &now, message, errstr)) @@ -846,8 +846,8 @@ mail_parse_errors(void) sudo_warn("%s", U_("unable to get time of day")); goto done; } - sudoers_to_eventlog(&evlog, runas_ctx.cmnd, NewArgv, env_get(), - user_ctx.uuid_str); + sudoers_to_eventlog(&evlog, ctx.runas.cmnd, NewArgv, env_get(), + ctx.user.uuid_str); /* Convert parse_error_list to a string vector. */ n = 0; @@ -959,45 +959,45 @@ sudoers_to_eventlog(struct eventlog *evlog, const char *cmnd, debug_decl(sudoers_to_eventlog, SUDOERS_DEBUG_LOGGING); /* We rely on the reference held by the group cache. */ - if ((grp = sudo_getgrgid(user_ctx.pw->pw_gid)) != NULL) + if ((grp = sudo_getgrgid(ctx.user.pw->pw_gid)) != NULL) sudo_gr_delref(grp); memset(evlog, 0, sizeof(*evlog)); - evlog->iolog_file = user_ctx.iolog_file; - evlog->iolog_path = user_ctx.iolog_path; + evlog->iolog_file = ctx.user.iolog_file; + evlog->iolog_path = ctx.user.iolog_path; evlog->command = cmnd ? (char *)cmnd : (argv ? argv[0] : NULL); - evlog->cwd = user_ctx.cwd; + evlog->cwd = ctx.user.cwd; if (def_runchroot != NULL && strcmp(def_runchroot, "*") != 0) { evlog->runchroot = def_runchroot; } if (def_runcwd && strcmp(def_runcwd, "*") != 0) { evlog->runcwd = def_runcwd; - } else if (ISSET(sudo_mode, MODE_LOGIN_SHELL) && runas_ctx.pw != NULL) { - evlog->runcwd = runas_ctx.pw->pw_dir; + } else if (ISSET(sudo_mode, MODE_LOGIN_SHELL) && ctx.runas.pw != NULL) { + evlog->runcwd = ctx.runas.pw->pw_dir; } else { - evlog->runcwd = user_ctx.cwd; + evlog->runcwd = ctx.user.cwd; } - evlog->rungroup = runas_ctx.gr ? runas_ctx.gr->gr_name : runas_ctx.group; - evlog->source = user_ctx.source; - evlog->submithost = user_ctx.host; - evlog->submituser = user_ctx.name; + evlog->rungroup = ctx.runas.gr ? ctx.runas.gr->gr_name : ctx.runas.group; + evlog->source = ctx.user.source; + evlog->submithost = ctx.user.host; + evlog->submituser = ctx.user.name; if (grp != NULL) evlog->submitgroup = grp->gr_name; - evlog->ttyname = user_ctx.ttypath; + evlog->ttyname = ctx.user.ttypath; evlog->argv = (char **)argv; - evlog->env_add = (char **)user_ctx.env_vars; + evlog->env_add = (char **)ctx.user.env_vars; evlog->envp = (char **)envp; - evlog->submit_time = user_ctx.submit_time; - evlog->lines = user_ctx.lines; - evlog->columns = user_ctx.cols; - if (runas_ctx.pw != NULL) { - evlog->rungid = runas_ctx.pw->pw_gid; - evlog->runuid = runas_ctx.pw->pw_uid; - evlog->runuser = runas_ctx.pw->pw_name; + evlog->submit_time = ctx.user.submit_time; + evlog->lines = ctx.user.lines; + evlog->columns = ctx.user.cols; + if (ctx.runas.pw != NULL) { + evlog->rungid = ctx.runas.pw->pw_gid; + evlog->runuid = ctx.runas.pw->pw_uid; + evlog->runuser = ctx.runas.pw->pw_name; } else { evlog->rungid = (gid_t)-1; evlog->runuid = (uid_t)-1; - evlog->runuser = runas_ctx.user; + evlog->runuser = ctx.runas.user; } if (uuid_str == NULL) { unsigned char uuid[16]; @@ -1013,7 +1013,7 @@ sudoers_to_eventlog(struct eventlog *evlog, const char *cmnd, if (sudo_gettime_real(&now) == -1) { sudo_warn("%s", U_("unable to get time of day")); } else { - sudo_timespecsub(&now, &user_ctx.submit_time, &evlog->iolog_offset); + sudo_timespecsub(&now, &ctx.user.submit_time, &evlog->iolog_offset); } } diff --git a/plugins/sudoers/lookup.c b/plugins/sudoers/lookup.c index 7b57acbdf..8d78e26e0 100644 --- a/plugins/sudoers/lookup.c +++ b/plugins/sudoers/lookup.c @@ -72,7 +72,7 @@ sudoers_lookup_pseudo(struct sudo_nss_list *snl, struct passwd *pw, time_t now, pwcheck = (pwflag == -1) ? never : sudo_defs_table[pwflag].sd_un.tuple; nopass = (pwcheck == never || pwcheck == all) ? true : false; - if (runas_ctx.list_pw != NULL) { + if (ctx.runas.list_pw != NULL) { root_pw = sudo_getpwuid(ROOT_UID); if (root_pw == NULL) sudo_warnx(U_("unknown uid %u"), ROOT_UID); @@ -144,8 +144,8 @@ sudoers_lookup_pseudo(struct sudo_nss_list *snl, struct passwd *pw, time_t now, * Root can list any user's privileges. * A user may always list their own privileges. */ - if (user_ctx.uid == 0 || runas_ctx.list_pw == NULL || - user_ctx.uid == runas_ctx.list_pw->pw_uid) { + if (ctx.user.uid == 0 || ctx.runas.list_pw == NULL || + ctx.user.uid == ctx.runas.list_pw->pw_uid) { cmnd_match = ALLOW; runas_match = ALLOW; } else if (date_match != DENY) { @@ -154,7 +154,7 @@ sudoers_lookup_pseudo(struct sudo_nss_list *snl, struct passwd *pw, time_t now, * user must match the list user or root. */ runas_match = runas_matches_pw(nss->parse_tree, cs, - runas_ctx.list_pw); + ctx.runas.list_pw); switch (runas_match) { case DENY: break; @@ -202,7 +202,7 @@ sudoers_lookup_pseudo(struct sudo_nss_list *snl, struct passwd *pw, time_t now, } if (root_pw != NULL) sudo_pw_delref(root_pw); - if (match == ALLOW || user_ctx.uid == 0) { + if (match == ALLOW || ctx.user.uid == 0) { /* User has an entry for this host. */ SET(validated, VALIDATE_SUCCESS); } else if (match == DENY) @@ -291,13 +291,13 @@ sudoers_lookup_check(struct sudo_nss *nss, struct passwd *pw, if (cmnd_match != UNSPEC) { /* * If user is running command as themselves, - * set runas_ctx.pw = user_ctx.pw. + * set ctx.runas.pw = ctx.user.pw. * XXX - hack, want more general solution */ if (matching_user && matching_user->type == MYSELF) { - sudo_pw_delref(runas_ctx.pw); - sudo_pw_addref(user_ctx.pw); - runas_ctx.pw = user_ctx.pw; + sudo_pw_delref(ctx.runas.pw); + sudo_pw_addref(ctx.user.pw); + ctx.runas.pw = ctx.user.pw; } *matching_cs = cs; *defs = &priv->defaults; @@ -327,93 +327,93 @@ apply_cmndspec(struct cmndspec *cs) if (cs != NULL) { #ifdef HAVE_SELINUX /* Set role and type if not specified on command line. */ - if (runas_ctx.role == NULL) { + if (ctx.runas.role == NULL) { if (cs->role != NULL) { - runas_ctx.role = strdup(cs->role); - if (runas_ctx.role == NULL) { + ctx.runas.role = strdup(cs->role); + if (ctx.runas.role == NULL) { sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory")); debug_return_bool(false); } } else { - runas_ctx.role = def_role; + ctx.runas.role = def_role; def_role = NULL; } - if (runas_ctx.role != NULL) { + if (ctx.runas.role != NULL) { sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO, - "runas_ctx.role -> %s", runas_ctx.role); + "ctx.runas.role -> %s", ctx.runas.role); } } - if (runas_ctx.type == NULL) { + if (ctx.runas.type == NULL) { if (cs->type != NULL) { - runas_ctx.type = strdup(cs->type); - if (runas_ctx.type == NULL) { + ctx.runas.type = strdup(cs->type); + if (ctx.runas.type == NULL) { sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory")); debug_return_bool(false); } } else { - runas_ctx.type = def_type; + ctx.runas.type = def_type; def_type = NULL; } - if (runas_ctx.type != NULL) { + if (ctx.runas.type != NULL) { sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO, - "runas_ctx.type -> %s", runas_ctx.type); + "ctx.runas.type -> %s", ctx.runas.type); } } #endif /* HAVE_SELINUX */ #ifdef HAVE_APPARMOR /* Set AppArmor profile, if specified */ if (cs->apparmor_profile != NULL) { - runas_ctx.apparmor_profile = strdup(cs->apparmor_profile); - if (runas_ctx.apparmor_profile == NULL) { + ctx.runas.apparmor_profile = strdup(cs->apparmor_profile); + if (ctx.runas.apparmor_profile == NULL) { sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory")); debug_return_bool(false); } } else { - runas_ctx.apparmor_profile = def_apparmor_profile; + ctx.runas.apparmor_profile = def_apparmor_profile; def_apparmor_profile = NULL; } - if (runas_ctx.apparmor_profile != NULL) { + if (ctx.runas.apparmor_profile != NULL) { sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO, - "runas_ctx.apparmor_profile -> %s", runas_ctx.apparmor_profile); + "ctx.runas.apparmor_profile -> %s", ctx.runas.apparmor_profile); } #endif #ifdef HAVE_PRIV_SET /* Set Solaris privilege sets */ - if (runas_ctx.privs == NULL) { + if (ctx.runas.privs == NULL) { if (cs->privs != NULL) { - runas_ctx.privs = strdup(cs->privs); - if (runas_ctx.privs == NULL) { + ctx.runas.privs = strdup(cs->privs); + if (ctx.runas.privs == NULL) { sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory")); debug_return_bool(false); } } else { - runas_ctx.privs = def_privs; + ctx.runas.privs = def_privs; def_privs = NULL; } - if (runas_ctx.privs != NULL) { + if (ctx.runas.privs != NULL) { sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO, - "runas_ctx.privs -> %s", runas_ctx.privs); + "ctx.runas.privs -> %s", ctx.runas.privs); } } - if (runas_ctx.limitprivs == NULL) { + if (ctx.runas.limitprivs == NULL) { if (cs->limitprivs != NULL) { - runas_ctx.limitprivs = strdup(cs->limitprivs); - if (runas_ctx.limitprivs == NULL) { + ctx.runas.limitprivs = strdup(cs->limitprivs); + if (ctx.runas.limitprivs == NULL) { sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory")); debug_return_bool(false); } } else { - runas_ctx.limitprivs = def_limitprivs; + ctx.runas.limitprivs = def_limitprivs; def_limitprivs = NULL; } - if (runas_ctx.limitprivs != NULL) { + if (ctx.runas.limitprivs != NULL) { sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO, - "runas_ctx.limitprivs -> %s", runas_ctx.limitprivs); + "ctx.runas.limitprivs -> %s", ctx.runas.limitprivs); } } #endif /* HAVE_PRIV_SET */ @@ -551,10 +551,10 @@ sudoers_lookup(struct sudo_nss_list *snl, struct passwd *pw, time_t now, if (match != UNSPEC) { if (info.cmnd_path != NULL) { /* Update cmnd, cmnd_stat, cmnd_status from matching entry. */ - free(user_ctx.cmnd); - user_ctx.cmnd = info.cmnd_path; - if (user_ctx.cmnd_stat != NULL) - *user_ctx.cmnd_stat = info.cmnd_stat; + free(ctx.user.cmnd); + ctx.user.cmnd = info.cmnd_path; + if (ctx.user.cmnd_stat != NULL) + *ctx.user.cmnd_stat = info.cmnd_stat; *cmnd_status = info.status; } if (defs != NULL) diff --git a/plugins/sudoers/match.c b/plugins/sudoers/match.c index 1da883bf0..1c3c1594d 100644 --- a/plugins/sudoers/match.c +++ b/plugins/sudoers/match.c @@ -66,8 +66,8 @@ int user_matches(const struct sudoers_parse_tree *parse_tree, const struct passwd *pw, const struct member *m) { - const char *lhost = parse_tree->lhost ? parse_tree->lhost : runas_ctx.host; - const char *shost = parse_tree->shost ? parse_tree->shost : runas_ctx.shost; + const char *lhost = parse_tree->lhost ? parse_tree->lhost : ctx.runas.host; + const char *shost = parse_tree->shost ? parse_tree->shost : ctx.runas.shost; int matched = UNSPEC; struct alias *a; debug_decl(user_matches, SUDOERS_DEBUG_MATCH); @@ -130,12 +130,12 @@ runas_getgroups(void) debug_decl(runas_getgroups, SUDOERS_DEBUG_MATCH); if (def_preserve_groups) { - sudo_gidlist_addref(user_ctx.gid_list); - debug_return_ptr(user_ctx.gid_list); + sudo_gidlist_addref(ctx.user.gid_list); + debug_return_ptr(ctx.user.gid_list); } /* Only use results from a group db query, not the front end. */ - pw = runas_ctx.pw ? runas_ctx.pw : user_ctx.pw; + pw = ctx.runas.pw ? ctx.runas.pw : ctx.user.pw; debug_return_ptr(sudo_get_gidlist(pw, ENTRY_TYPE_QUERIED)); } @@ -149,8 +149,8 @@ static int runas_userlist_matches(const struct sudoers_parse_tree *parse_tree, const struct member_list *user_list, struct member **matching_user) { - const char *lhost = parse_tree->lhost ? parse_tree->lhost : runas_ctx.host; - const char *shost = parse_tree->shost ? parse_tree->shost : runas_ctx.shost; + const char *lhost = parse_tree->lhost ? parse_tree->lhost : ctx.runas.host; + const char *shost = parse_tree->shost ? parse_tree->shost : ctx.runas.shost; int user_matched = UNSPEC; struct member *m; struct alias *a; @@ -165,11 +165,11 @@ runas_userlist_matches(const struct sudoers_parse_tree *parse_tree, if (netgr_matches(parse_tree->nss, m->name, def_netgroup_tuple ? lhost : NULL, def_netgroup_tuple ? shost : NULL, - runas_ctx.pw->pw_name)) + ctx.runas.pw->pw_name)) user_matched = !m->negated; break; case USERGROUP: - if (usergr_matches(m->name, runas_ctx.pw->pw_name, runas_ctx.pw)) + if (usergr_matches(m->name, ctx.runas.pw->pw_name, ctx.runas.pw)) user_matched = !m->negated; break; case ALIAS: @@ -184,7 +184,7 @@ runas_userlist_matches(const struct sudoers_parse_tree *parse_tree, } FALLTHROUGH; case WORD: - if (userpw_matches(m->name, runas_ctx.pw->pw_name, runas_ctx.pw)) + if (userpw_matches(m->name, ctx.runas.pw->pw_name, ctx.runas.pw)) user_matched = !m->negated; break; case MYSELF: @@ -193,9 +193,9 @@ runas_userlist_matches(const struct sudoers_parse_tree *parse_tree, * was specified on the command line without a user _or_ * the user specified their own name on the command line. */ - if ((!ISSET(runas_ctx.flags, RUNAS_USER_SPECIFIED) && - ISSET(runas_ctx.flags, RUNAS_GROUP_SPECIFIED)) || - strcmp(user_ctx.name, runas_ctx.pw->pw_name) == 0) + if ((!ISSET(ctx.settings.flags, RUNAS_USER_SPECIFIED) && + ISSET(ctx.settings.flags, RUNAS_GROUP_SPECIFIED)) || + strcmp(ctx.user.name, ctx.runas.pw->pw_name) == 0) user_matched = !m->negated; break; } @@ -240,7 +240,7 @@ runas_grouplist_matches(const struct sudoers_parse_tree *parse_tree, } FALLTHROUGH; case WORD: - if (group_matches(m->name, runas_ctx.gr)) + if (group_matches(m->name, ctx.runas.gr)) group_matched = !m->negated; break; } @@ -257,13 +257,13 @@ runas_grouplist_matches(const struct sudoers_parse_tree *parse_tree, * The runas group was not explicitly allowed by sudoers. * Check whether it is one of the target user's groups. */ - if (runas_ctx.pw->pw_gid == runas_ctx.gr->gr_gid) { + if (ctx.runas.pw->pw_gid == ctx.runas.gr->gr_gid) { group_matched = ALLOW; /* runas group matches passwd db */ } else if ((runas_groups = runas_getgroups()) != NULL) { int i; for (i = 0; i < runas_groups->ngids; i++) { - if (runas_groups->gids[i] == runas_ctx.gr->gr_gid) { + if (runas_groups->gids[i] == ctx.runas.gr->gr_gid) { group_matched = ALLOW; /* matched aux group vector */ break; } @@ -303,14 +303,14 @@ runaslist_matches(const struct sudoers_parse_tree *parse_tree, } user_matched = runas_userlist_matches(parse_tree, user_list, matching_user); - if (ISSET(runas_ctx.flags, RUNAS_GROUP_SPECIFIED)) { + if (ISSET(ctx.settings.flags, RUNAS_GROUP_SPECIFIED)) { group_matched = runas_grouplist_matches(parse_tree, group_list, matching_group); } if (user_matched == DENY || group_matched == DENY) debug_return_int(DENY); - if (user_matched == group_matched || runas_ctx.gr == NULL) + if (user_matched == group_matched || ctx.runas.gr == NULL) debug_return_int(user_matched); debug_return_int(UNSPEC); } @@ -337,15 +337,15 @@ hostlist_matches_int(const struct sudoers_parse_tree *parse_tree, } /* - * Check for runas_ctx.host and runas_ctx.shost in a list of members. + * Check for ctx.runas.host and ctx.runas.shost in a list of members. * Returns ALLOW, DENY or UNSPEC. */ int hostlist_matches(const struct sudoers_parse_tree *parse_tree, const struct passwd *pw, const struct member_list *list) { - const char *lhost = parse_tree->lhost ? parse_tree->lhost : runas_ctx.host; - const char *shost = parse_tree->shost ? parse_tree->shost : runas_ctx.shost; + const char *lhost = parse_tree->lhost ? parse_tree->lhost : ctx.runas.host; + const char *shost = parse_tree->shost ? parse_tree->shost : ctx.runas.shost; return hostlist_matches_int(parse_tree, pw, lhost, shost, list); } diff --git a/plugins/sudoers/match_command.c b/plugins/sudoers/match_command.c index 0ec0b6672..714bf43e2 100644 --- a/plugins/sudoers/match_command.c +++ b/plugins/sudoers/match_command.c @@ -81,7 +81,7 @@ regex_matches(const char *pattern, const char *str) static bool command_args_match(const char *sudoers_cmnd, const char *sudoers_args) { - const char *args = user_ctx.cmnd_args ? user_ctx.cmnd_args : ""; + const char *args = ctx.user.cmnd_args ? ctx.user.cmnd_args : ""; int flags = 0; debug_decl(command_args_match, SUDOERS_DEBUG_MATCH); @@ -92,7 +92,7 @@ command_args_match(const char *sudoers_cmnd, const char *sudoers_args) if (sudoers_args == NULL) debug_return_bool(true); if (strcmp("\"\"", sudoers_args) == 0) - debug_return_bool(user_ctx.cmnd_args ? false : true); + debug_return_bool(ctx.user.cmnd_args ? false : true); /* * If args are specified in sudoers, they must match the user args. @@ -202,8 +202,8 @@ set_cmnd_fd(int fd, int rootfd) { debug_decl(set_cmnd_fd, SUDOERS_DEBUG_MATCH); - if (runas_ctx.execfd != -1) - close(runas_ctx.execfd); + if (ctx.runas.execfd != -1) + close(ctx.runas.execfd); if (fd != -1) { if (def_fdexec == never) { @@ -240,14 +240,14 @@ set_cmnd_fd(int fd, int rootfd) } } - runas_ctx.execfd = fd; + ctx.runas.execfd = fd; debug_return; } #ifndef SUDOERS_NAME_MATCH /* - * Return true if user_ctx.cmnd names one of the inodes in dir, else false. + * Return true if ctx.user.cmnd names one of the inodes in dir, else false. */ static bool command_matches_dir(const char *sudoers_dir, size_t dlen, int rootfd, @@ -260,10 +260,10 @@ command_matches_dir(const char *sudoers_dir, size_t dlen, int rootfd, debug_decl(command_matches_dir, SUDOERS_DEBUG_MATCH); /* Compare the canonicalized directories, if possible. */ - if (user_ctx.cmnd_dir != NULL) { + if (ctx.user.cmnd_dir != NULL) { char *resolved = canon_path(sudoers_dir); if (resolved != NULL) { - if (strcmp(resolved, user_ctx.cmnd_dir) != 0) { + if (strcmp(resolved, ctx.user.cmnd_dir) != 0) { canon_path_free(resolved); goto done; } @@ -272,7 +272,7 @@ command_matches_dir(const char *sudoers_dir, size_t dlen, int rootfd, } /* Check for command in sudoers_dir. */ - len = snprintf(path, sizeof(path), "%s/%s", sudoers_dir, user_ctx.cmnd_base); + len = snprintf(path, sizeof(path), "%s/%s", sudoers_dir, ctx.user.cmnd_base); if (len < 0 || len >= ssizeof(path)) goto done; @@ -284,13 +284,13 @@ command_matches_dir(const char *sudoers_dir, size_t dlen, int rootfd, if (!intercept_ok(path, intercepted, &sudoers_stat)) goto done; - if (user_ctx.cmnd_stat == NULL || - (user_ctx.cmnd_stat->st_dev == sudoers_stat.st_dev && - user_ctx.cmnd_stat->st_ino == sudoers_stat.st_ino)) { + if (ctx.user.cmnd_stat == NULL || + (ctx.user.cmnd_stat->st_dev == sudoers_stat.st_dev && + ctx.user.cmnd_stat->st_ino == sudoers_stat.st_ino)) { if (!digest_matches(fd, path, digests)) goto done; - free(runas_ctx.cmnd); - if ((runas_ctx.cmnd = strdup(path)) == NULL) { + free(ctx.runas.cmnd); + if ((ctx.runas.cmnd = strdup(path)) == NULL) { sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory")); } @@ -304,7 +304,7 @@ done: } #else /* SUDOERS_NAME_MATCH */ /* - * Return true if user_ctx.cmnd names one of the inodes in dir, else false. + * Return true if ctx.user.cmnd names one of the inodes in dir, else false. */ static bool command_matches_dir(const char *sudoers_dir, size_t dlen, int rootfd, @@ -313,18 +313,18 @@ command_matches_dir(const char *sudoers_dir, size_t dlen, int rootfd, int fd = -1; debug_decl(command_matches_dir, SUDOERS_DEBUG_MATCH); - /* Match user_ctx.cmnd against sudoers_dir. */ - if (strncmp(user_ctx.cmnd, sudoers_dir, dlen) != 0 || user_ctx.cmnd[dlen] != '/') + /* Match ctx.user.cmnd against sudoers_dir. */ + if (strncmp(ctx.user.cmnd, sudoers_dir, dlen) != 0 || ctx.user.cmnd[dlen] != '/') goto bad; - /* Make sure user_ctx.cmnd is not in a subdir of sudoers_dir. */ - if (strchr(user_ctx.cmnd + dlen + 1, '\0') != NULL) + /* Make sure ctx.user.cmnd is not in a subdir of sudoers_dir. */ + if (strchr(ctx.user.cmnd + dlen + 1, '\0') != NULL) goto bad; /* Open the file for fdexec or for digest matching. */ - if (!open_cmnd(user_ctx.cmnd, digests, &fd)) + if (!open_cmnd(ctx.user.cmnd, digests, &fd)) goto bad; - if (!digest_matches(fd, user_ctx.cmnd, digests)) + if (!digest_matches(fd, ctx.user.cmnd, digests)) goto bad; set_cmnd_fd(fd, rootfd); @@ -346,32 +346,32 @@ command_matches_all(int rootfd, bool intercepted, int fd = -1; debug_decl(command_matches_all, SUDOERS_DEBUG_MATCH); - if (strchr(user_ctx.cmnd, '/') != NULL) { + if (strchr(ctx.user.cmnd, '/') != NULL) { #ifndef SUDOERS_NAME_MATCH /* Open the file for fdexec or for digest matching. */ - bool open_error = !open_cmnd(user_ctx.cmnd, digests, &fd); + bool open_error = !open_cmnd(ctx.user.cmnd, digests, &fd); /* A non-existent file is not an error for "sudo ALL". */ - if (do_stat(fd, user_ctx.cmnd, &sb)) { + if (do_stat(fd, ctx.user.cmnd, &sb)) { if (open_error) { /* File exists but we couldn't open it above? */ goto bad; } - if (!intercept_ok(user_ctx.cmnd, intercepted, &sb)) + if (!intercept_ok(ctx.user.cmnd, intercepted, &sb)) goto bad; } #else /* Open the file for fdexec or for digest matching. */ - (void)open_cmnd(user_ctx.cmnd, digests, &fd); + (void)open_cmnd(ctx.user.cmnd, digests, &fd); #endif } - /* Check digest of user_ctx.cmnd since we have no sudoers_cmnd for ALL. */ - if (!digest_matches(fd, user_ctx.cmnd, digests)) + /* Check digest of ctx.user.cmnd since we have no sudoers_cmnd for ALL. */ + if (!digest_matches(fd, ctx.user.cmnd, digests)) goto bad; set_cmnd_fd(fd, rootfd); - /* No need to set runas_ctx.cmnd for ALL. */ + /* No need to set ctx.runas.cmnd for ALL. */ debug_return_bool(true); bad: if (fd != -1) @@ -383,7 +383,7 @@ static bool command_matches_fnmatch(const char *sudoers_cmnd, const char *sudoers_args, int rootfd, bool intercepted, const struct command_digest_list *digests) { - const char *cmnd = user_ctx.cmnd; + const char *cmnd = ctx.user.cmnd; char buf[PATH_MAX]; int len, fd = -1; #ifndef SUDOERS_NAME_MATCH @@ -391,12 +391,12 @@ command_matches_fnmatch(const char *sudoers_cmnd, const char *sudoers_args, #endif debug_decl(command_matches_fnmatch, SUDOERS_DEBUG_MATCH); - /* A relative user_ctx.cmnd will not match, try canonicalized version. */ - if (user_ctx.cmnd[0] != '/') { - if (user_ctx.cmnd_dir == NULL) + /* A relative ctx.user.cmnd will not match, try canonicalized version. */ + if (ctx.user.cmnd[0] != '/') { + if (ctx.user.cmnd_dir == NULL) debug_return_bool(false); - len = snprintf(buf, sizeof(buf), "%s/%s", user_ctx.cmnd_dir, - user_ctx.cmnd_base); + len = snprintf(buf, sizeof(buf), "%s/%s", ctx.user.cmnd_dir, + ctx.user.cmnd_base); if (len < 0 || len >= ssizeof(buf)) debug_return_bool(false); cmnd = buf; @@ -427,7 +427,7 @@ command_matches_fnmatch(const char *sudoers_cmnd, const char *sudoers_args, goto bad; set_cmnd_fd(fd, rootfd); - /* No need to set runas_ctx.cmnd since cmnd matches sudoers_cmnd */ + /* No need to set ctx.runas.cmnd since cmnd matches sudoers_cmnd */ debug_return_bool(true); bad: if (fd != -1) @@ -441,7 +441,7 @@ static bool command_matches_regex(const char *sudoers_cmnd, const char *sudoers_args, int rootfd, bool intercepted, const struct command_digest_list *digests) { - const char *cmnd = user_ctx.cmnd; + const char *cmnd = ctx.user.cmnd; char buf[PATH_MAX]; int len, fd = -1; #ifndef SUDOERS_NAME_MATCH @@ -449,12 +449,12 @@ command_matches_regex(const char *sudoers_cmnd, const char *sudoers_args, #endif debug_decl(command_matches_regex, SUDOERS_DEBUG_MATCH); - /* A relative user_ctx.cmnd will not match, try canonicalized version. */ - if (user_ctx.cmnd[0] != '/') { - if (user_ctx.cmnd_dir == NULL) + /* A relative ctx.user.cmnd will not match, try canonicalized version. */ + if (ctx.user.cmnd[0] != '/') { + if (ctx.user.cmnd_dir == NULL) debug_return_bool(false); - len = snprintf(buf, sizeof(buf), "%s/%s", user_ctx.cmnd_dir, - user_ctx.cmnd_base); + len = snprintf(buf, sizeof(buf), "%s/%s", ctx.user.cmnd_dir, + ctx.user.cmnd_base); if (len < 0 || len >= ssizeof(buf)) debug_return_bool(false); cmnd = buf; @@ -485,7 +485,7 @@ command_matches_regex(const char *sudoers_cmnd, const char *sudoers_args, goto bad; set_cmnd_fd(fd, rootfd); - /* No need to set runas_ctx.cmnd since cmnd matches sudoers_cmnd */ + /* No need to set ctx.runas.cmnd since cmnd matches sudoers_cmnd */ debug_return_bool(true); bad: if (fd != -1) @@ -511,12 +511,12 @@ command_matches_glob(const char *sudoers_cmnd, const char *sudoers_args, /* * First check to see if we can avoid the call to glob(3). * Short circuit if there are no meta chars in the command itself - * and user_ctx.cmnd_base and basename(sudoers_cmnd) don't match. + * and ctx.user.cmnd_base and basename(sudoers_cmnd) don't match. */ dlen = strlen(sudoers_cmnd); if (sudoers_cmnd[dlen - 1] != '/') { base = sudo_basename(sudoers_cmnd); - if (!has_meta(base) && strcmp(user_ctx.cmnd_base, base) != 0) + if (!has_meta(base) && strcmp(ctx.user.cmnd_base, base) != 0) debug_return_bool(false); } @@ -532,15 +532,15 @@ command_matches_glob(const char *sudoers_cmnd, const char *sudoers_args, debug_return_bool(false); } - /* If user_ctx.cmnd is fully-qualified, check for an exact match. */ - if (user_ctx.cmnd[0] == '/') { + /* If ctx.user.cmnd is fully-qualified, check for an exact match. */ + if (ctx.user.cmnd[0] == '/') { for (ap = gl.gl_pathv; (cp = *ap) != NULL; ap++) { if (fd != -1) { close(fd); fd = -1; } - if (strcmp(cp, user_ctx.cmnd) != 0) + if (strcmp(cp, ctx.user.cmnd) != 0) continue; /* Open the file for fdexec or for digest matching. */ if (!open_cmnd(cp, digests, &fd)) @@ -549,16 +549,16 @@ command_matches_glob(const char *sudoers_cmnd, const char *sudoers_args, continue; if (!intercept_ok(cp, intercepted, &sudoers_stat)) continue; - if (user_ctx.cmnd_stat == NULL || - (user_ctx.cmnd_stat->st_dev == sudoers_stat.st_dev && - user_ctx.cmnd_stat->st_ino == sudoers_stat.st_ino)) { + if (ctx.user.cmnd_stat == NULL || + (ctx.user.cmnd_stat->st_dev == sudoers_stat.st_dev && + ctx.user.cmnd_stat->st_ino == sudoers_stat.st_ino)) { /* There could be multiple matches, check digest early. */ if (!digest_matches(fd, cp, digests)) { bad_digest = true; continue; } - free(runas_ctx.cmnd); - if ((runas_ctx.cmnd = strdup(cp)) == NULL) { + free(ctx.runas.cmnd); + if ((ctx.runas.cmnd = strdup(cp)) == NULL) { sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory")); cp = NULL; /* fail closed */ @@ -588,13 +588,13 @@ command_matches_glob(const char *sudoers_cmnd, const char *sudoers_args, continue; } - /* Only proceed if user_ctx.cmnd_base and basename(cp) match */ + /* Only proceed if ctx.user.cmnd_base and basename(cp) match */ base = sudo_basename(cp); - if (strcmp(user_ctx.cmnd_base, base) != 0) + if (strcmp(ctx.user.cmnd_base, base) != 0) continue; /* Compare the canonicalized parent directories, if possible. */ - if (user_ctx.cmnd_dir != NULL) { + if (ctx.user.cmnd_dir != NULL) { char *slash = strchr(cp, '/'); if (slash != NULL) { char *resolved; @@ -603,7 +603,7 @@ command_matches_glob(const char *sudoers_cmnd, const char *sudoers_args, *slash = '/'; if (resolved != NULL) { /* Canonicalized directories must match. */ - int result = strcmp(resolved, user_ctx.cmnd_dir); + int result = strcmp(resolved, ctx.user.cmnd_dir); canon_path_free(resolved); if (result != 0) continue; @@ -618,13 +618,13 @@ command_matches_glob(const char *sudoers_cmnd, const char *sudoers_args, continue; if (!intercept_ok(cp, intercepted, &sudoers_stat)) continue; - if (user_ctx.cmnd_stat == NULL || - (user_ctx.cmnd_stat->st_dev == sudoers_stat.st_dev && - user_ctx.cmnd_stat->st_ino == sudoers_stat.st_ino)) { + if (ctx.user.cmnd_stat == NULL || + (ctx.user.cmnd_stat->st_dev == sudoers_stat.st_dev && + ctx.user.cmnd_stat->st_ino == sudoers_stat.st_ino)) { if (!digest_matches(fd, cp, digests)) continue; - free(runas_ctx.cmnd); - if ((runas_ctx.cmnd = strdup(cp)) == NULL) { + free(ctx.runas.cmnd); + if ((ctx.runas.cmnd = strdup(cp)) == NULL) { sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory")); cp = NULL; /* fail closed */ @@ -637,7 +637,7 @@ done: globfree(&gl); if (cp != NULL) { if (command_args_match(sudoers_cmnd, sudoers_args)) { - /* runas_ctx.cmnd was set above. */ + /* ctx.runas.cmnd was set above. */ set_cmnd_fd(fd, rootfd); debug_return_bool(true); } @@ -664,13 +664,13 @@ command_matches_normal(const char *sudoers_cmnd, const char *sudoers_args, intercepted, digests)); } - /* Only proceed if user_ctx.cmnd_base and basename(sudoers_cmnd) match */ + /* Only proceed if ctx.user.cmnd_base and basename(sudoers_cmnd) match */ base = sudo_basename(sudoers_cmnd); - if (strcmp(user_ctx.cmnd_base, base) != 0) + if (strcmp(ctx.user.cmnd_base, base) != 0) debug_return_bool(false); /* Compare the canonicalized parent directories, if possible. */ - if (user_ctx.cmnd_dir != NULL) { + if (ctx.user.cmnd_dir != NULL) { const char *slash = strrchr(sudoers_cmnd, '/'); if (slash != NULL) { char sudoers_cmnd_dir[PATH_MAX], *resolved; @@ -682,7 +682,7 @@ command_matches_normal(const char *sudoers_cmnd, const char *sudoers_args, sudoers_cmnd_dir[len] = '\0'; resolved = canon_path(sudoers_cmnd_dir); if (resolved != NULL) { - if (strcmp(resolved, user_ctx.cmnd_dir) != 0) { + if (strcmp(resolved, ctx.user.cmnd_dir) != 0) { canon_path_free(resolved); goto bad; } @@ -702,15 +702,15 @@ command_matches_normal(const char *sudoers_cmnd, const char *sudoers_args, * c) there are args in sudoers and on command line and they match * d) there is a digest and it matches */ - if (user_ctx.cmnd_stat != NULL && do_stat(fd, sudoers_cmnd, &sudoers_stat)) { + if (ctx.user.cmnd_stat != NULL && do_stat(fd, sudoers_cmnd, &sudoers_stat)) { if (!intercept_ok(sudoers_cmnd, intercepted, &sudoers_stat)) goto bad; - if (user_ctx.cmnd_stat->st_dev != sudoers_stat.st_dev || - user_ctx.cmnd_stat->st_ino != sudoers_stat.st_ino) + if (ctx.user.cmnd_stat->st_dev != sudoers_stat.st_dev || + ctx.user.cmnd_stat->st_ino != sudoers_stat.st_ino) goto bad; } else { /* Either user or sudoers command does not exist, match by name. */ - if (strcmp(user_ctx.cmnd, sudoers_cmnd) != 0) + if (strcmp(ctx.user.cmnd, sudoers_cmnd) != 0) goto bad; } if (!command_args_match(sudoers_cmnd, sudoers_args)) @@ -719,8 +719,8 @@ command_matches_normal(const char *sudoers_cmnd, const char *sudoers_args, /* XXX - log functions not available but we should log very loudly */ goto bad; } - free(runas_ctx.cmnd); - if ((runas_ctx.cmnd = strdup(sudoers_cmnd)) == NULL) { + free(ctx.runas.cmnd); + if ((ctx.runas.cmnd = strdup(sudoers_cmnd)) == NULL) { sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory")); goto bad; } @@ -755,17 +755,17 @@ command_matches_normal(const char *sudoers_cmnd, const char *sudoers_args, intercepted, digests)); } - if (strcmp(user_ctx.cmnd, sudoers_cmnd) == 0) { + if (strcmp(ctx.user.cmnd, sudoers_cmnd) == 0) { if (command_args_match(sudoers_cmnd, sudoers_args)) { /* Open the file for fdexec or for digest matching. */ - if (!open_cmnd(user_ctx.cmnd, digests, &fd)) + if (!open_cmnd(ctx.user.cmnd, digests, &fd)) goto bad; - if (!digest_matches(fd, user_ctx.cmnd, digests)) + if (!digest_matches(fd, ctx.user.cmnd, digests)) goto bad; /* Successful match. */ - free(runas_ctx.cmnd); - if ((runas_ctx.cmnd = strdup(sudoers_cmnd)) == NULL) { + free(ctx.runas.cmnd); + if ((ctx.runas.cmnd = strdup(sudoers_cmnd)) == NULL) { sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory")); goto bad; @@ -783,7 +783,7 @@ bad: /* * If path doesn't end in /, return true iff cmnd & path name the same inode; - * otherwise, return true if user_ctx.cmnd names one of the inodes in path. + * otherwise, return true if ctx.user.cmnd names one of the inodes in path. */ bool command_matches(const char *sudoers_cmnd, const char *sudoers_args, @@ -798,14 +798,14 @@ command_matches(const char *sudoers_cmnd, const char *sudoers_args, bool rc = false; debug_decl(command_matches, SUDOERS_DEBUG_MATCH); - if (runas_ctx.chroot != NULL) { + if (ctx.runas.chroot != NULL) { if (runchroot != NULL && strcmp(runchroot, "*") != 0 && - strcmp(runchroot, runas_ctx.chroot) != 0) { + strcmp(runchroot, ctx.runas.chroot) != 0) { /* CHROOT mismatch */ goto done; } /* User-specified runchroot (cmnd_stat already set appropriately). */ - runchroot = runas_ctx.chroot; + runchroot = ctx.runas.chroot; } else if (runchroot == NULL) { /* No rule-specific runchroot, use global (cmnd_stat already set). */ if (def_runchroot != NULL && strcmp(def_runchroot, "*") != '\0') @@ -825,14 +825,14 @@ command_matches(const char *sudoers_cmnd, const char *sudoers_args, /* Rule-specific runchroot, set cmnd and cmnd_stat after pivot. */ int status; - /* Save old user_ctx.cmnd first, set_cmnd_path() will free it. */ - saved_user_cmnd = user_ctx.cmnd; - user_ctx.cmnd = NULL; - if (user_ctx.cmnd_stat != NULL) - saved_user_stat = *user_ctx.cmnd_stat; + /* Save old ctx.user.cmnd first, set_cmnd_path() will free it. */ + saved_user_cmnd = ctx.user.cmnd; + ctx.user.cmnd = NULL; + if (ctx.user.cmnd_stat != NULL) + saved_user_stat = *ctx.user.cmnd_stat; status = set_cmnd_path(NULL); if (status != FOUND) { - user_ctx.cmnd = saved_user_cmnd; + ctx.user.cmnd = saved_user_cmnd; saved_user_cmnd = NULL; } if (info != NULL) @@ -862,9 +862,9 @@ command_matches(const char *sudoers_cmnd, const char *sudoers_args, */ if (strcmp(sudoers_cmnd, "list") == 0 || strcmp(sudoers_cmnd, "sudoedit") == 0) { - if (strcmp(user_ctx.cmnd, sudoers_cmnd) == 0 && + if (strcmp(ctx.user.cmnd, sudoers_cmnd) == 0 && command_args_match(sudoers_cmnd, sudoers_args)) { - /* No need to set user_ctx.cmnd since cmnd == sudoers_cmnd */ + /* No need to set ctx.user.cmnd since cmnd == sudoers_cmnd */ rc = true; } } @@ -892,24 +892,24 @@ done: if (runchroot != NULL) (void)unpivot_root(pivot_fds); - /* Restore user_ctx.cmnd and user_ctx.cmnd_stat. */ + /* Restore ctx.user.cmnd and ctx.user.cmnd_stat. */ if (saved_user_cmnd != NULL) { if (info != NULL) { free(info->cmnd_path); - info->cmnd_path = user_ctx.cmnd; - if (user_ctx.cmnd_stat != NULL) - info->cmnd_stat = *user_ctx.cmnd_stat; + info->cmnd_path = ctx.user.cmnd; + if (ctx.user.cmnd_stat != NULL) + info->cmnd_stat = *ctx.user.cmnd_stat; } else { - free(user_ctx.cmnd); + free(ctx.user.cmnd); } - user_ctx.cmnd = saved_user_cmnd; - if (user_ctx.cmnd_stat != NULL) - *user_ctx.cmnd_stat = saved_user_stat; + ctx.user.cmnd = saved_user_cmnd; + if (ctx.user.cmnd_stat != NULL) + *ctx.user.cmnd_stat = saved_user_stat; } sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO, "user command \"%s%s%s\" matches sudoers command \"%s%s%s\"%s%s: %s", - user_ctx.cmnd, user_ctx.cmnd_args ? " " : "", - user_ctx.cmnd_args ? user_ctx.cmnd_args : "", sudoers_cmnd, + ctx.user.cmnd, ctx.user.cmnd_args ? " " : "", + ctx.user.cmnd_args ? ctx.user.cmnd_args : "", sudoers_cmnd, sudoers_args ? " " : "", sudoers_args ? sudoers_args : "", runchroot ? ", chroot " : "", runchroot ? runchroot : "", rc ? "true" : "false"); diff --git a/plugins/sudoers/policy.c b/plugins/sudoers/policy.c index d1d36723b..285df8398 100644 --- a/plugins/sudoers/policy.c +++ b/plugins/sudoers/policy.c @@ -120,7 +120,7 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults) } \ } while (0) - if (sudo_gettime_real(&user_ctx.submit_time) == -1) { + if (sudo_gettime_real(&ctx.user.submit_time) == -1) { sudo_warn("%s", U_("unable to get time of day")); goto bad; } @@ -184,15 +184,15 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults) sudoers_conf.sudoers_path = path_sudoers; /* Parse command line settings. */ - user_ctx.flags = 0; - user_ctx.closefrom = -1; + ctx.settings.flags = 0; + ctx.user.closefrom = -1; sudoedit_nfiles = 0; sudo_mode = 0; for (cur = info->settings; *cur != NULL; cur++) { if (MATCHES(*cur, "closefrom=")) { p = *cur + sizeof("closefrom=") - 1; - user_ctx.closefrom = (int)sudo_strtonum(p, 3, INT_MAX, &errstr); - if (user_ctx.closefrom == 0) { + ctx.user.closefrom = (int)sudo_strtonum(p, 3, INT_MAX, &errstr); + if (ctx.user.closefrom == 0) { sudo_warnx(U_("%s: %s"), *cur, U_(errstr)); goto bad; } @@ -200,8 +200,8 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults) } if (MATCHES(*cur, "cmnd_chroot=")) { CHECK(*cur, "cmnd_chroot="); - runas_ctx.chroot = *cur + sizeof("cmnd_chroot=") - 1; - if (strlen(runas_ctx.chroot) >= PATH_MAX) { + ctx.runas.chroot = *cur + sizeof("cmnd_chroot=") - 1; + if (strlen(ctx.runas.chroot) >= PATH_MAX) { sudo_warnx(U_("path name for \"%s\" too long"), "cmnd_chroot"); goto bad; } @@ -209,8 +209,8 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults) } if (MATCHES(*cur, "cmnd_cwd=")) { CHECK(*cur, "cmnd_cwd="); - runas_ctx.cwd = *cur + sizeof("cmnd_cwd=") - 1; - if (strlen(runas_ctx.cwd) >= PATH_MAX) { + ctx.runas.cwd = *cur + sizeof("cmnd_cwd=") - 1; + if (strlen(ctx.runas.cwd) >= PATH_MAX) { sudo_warnx(U_("path name for \"%s\" too long"), "cmnd_cwd"); goto bad; } @@ -218,19 +218,19 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults) } if (MATCHES(*cur, "runas_user=")) { CHECK(*cur, "runas_user="); - runas_ctx.user = *cur + sizeof("runas_user=") - 1; - SET(runas_ctx.flags, RUNAS_USER_SPECIFIED); + ctx.runas.user = *cur + sizeof("runas_user=") - 1; + SET(ctx.settings.flags, RUNAS_USER_SPECIFIED); continue; } if (MATCHES(*cur, "runas_group=")) { CHECK(*cur, "runas_group="); - runas_ctx.group = *cur + sizeof("runas_group=") - 1; - SET(runas_ctx.flags, RUNAS_GROUP_SPECIFIED); + ctx.runas.group = *cur + sizeof("runas_group=") - 1; + SET(ctx.settings.flags, RUNAS_GROUP_SPECIFIED); continue; } if (MATCHES(*cur, "prompt=")) { /* Allow epmpty prompt. */ - user_ctx.prompt = *cur + sizeof("prompt=") - 1; + ctx.user.prompt = *cur + sizeof("prompt=") - 1; if (!append_default("passprompt_override", NULL, true, NULL, defaults)) goto oom; continue; @@ -297,19 +297,19 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults) } if (MATCHES(*cur, "login_class=")) { CHECK(*cur, "login_class="); - runas_ctx.class = *cur + sizeof("login_class=") - 1; + ctx.runas.class = *cur + sizeof("login_class=") - 1; if (!append_default("use_loginclass", NULL, true, NULL, defaults)) goto oom; continue; } if (MATCHES(*cur, "intercept_ptrace=")) { - if (parse_bool(*cur, sizeof("intercept_ptrace") - 1, &user_ctx.flags, + if (parse_bool(*cur, sizeof("intercept_ptrace") - 1, &ctx.settings.flags, HAVE_INTERCEPT_PTRACE) == -1) goto bad; continue; } if (MATCHES(*cur, "intercept_setid=")) { - if (parse_bool(*cur, sizeof("intercept_setid") - 1, &user_ctx.flags, + if (parse_bool(*cur, sizeof("intercept_setid") - 1, &ctx.settings.flags, CAN_INTERCEPT_SETID) == -1) goto bad; continue; @@ -317,17 +317,17 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults) #ifdef HAVE_SELINUX if (MATCHES(*cur, "selinux_role=")) { CHECK(*cur, "selinux_role="); - free(runas_ctx.role); - runas_ctx.role = strdup(*cur + sizeof("selinux_role=") - 1); - if (runas_ctx.role == NULL) + free(ctx.runas.role); + ctx.runas.role = strdup(*cur + sizeof("selinux_role=") - 1); + if (ctx.runas.role == NULL) goto oom; continue; } if (MATCHES(*cur, "selinux_type=")) { CHECK(*cur, "selinux_type="); - free(runas_ctx.type); - runas_ctx.type = strdup(*cur + sizeof("selinux_type=") - 1); - if (runas_ctx.type == NULL) + free(ctx.runas.type); + ctx.runas.type = strdup(*cur + sizeof("selinux_type=") - 1); + if (ctx.runas.type == NULL) goto oom; continue; } @@ -335,9 +335,9 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults) #ifdef HAVE_APPARMOR if (MATCHES(*cur, "apparmor_profile=")) { CHECK(*cur, "apparmor_profile="); - free(runas_ctx.apparmor_profile); - runas_ctx.apparmor_profile = strdup(*cur + sizeof("apparmor_profile=") - 1); - if (runas_ctx.apparmor_profile == NULL) + free(ctx.runas.apparmor_profile); + ctx.runas.apparmor_profile = strdup(*cur + sizeof("apparmor_profile=") - 1); + if (ctx.runas.apparmor_profile == NULL) goto oom; continue; } @@ -376,8 +376,8 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults) } if (MATCHES(*cur, "timeout=")) { p = *cur + sizeof("timeout=") - 1; - user_ctx.timeout = parse_timeout(p); - if (user_ctx.timeout == -1) { + ctx.user.timeout = parse_timeout(p); + if (ctx.user.timeout == -1) { if (errno == ERANGE) sudo_warnx(U_("%s: %s"), p, U_("timeout value too large")); else @@ -404,20 +404,20 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults) if (ISSET(flags, MODE_IGNORE_TICKET)) CLR(flags, MODE_UPDATE_TICKET); - user_ctx.gid = (gid_t)-1; - user_ctx.uid = (gid_t)-1; - user_ctx.umask = (mode_t)-1; + ctx.user.gid = (gid_t)-1; + ctx.user.uid = (gid_t)-1; + ctx.user.umask = (mode_t)-1; for (cur = info->user_info; *cur != NULL; cur++) { if (MATCHES(*cur, "user=")) { CHECK(*cur, "user="); - free(user_ctx.name); - if ((user_ctx.name = strdup(*cur + sizeof("user=") - 1)) == NULL) + free(ctx.user.name); + if ((ctx.user.name = strdup(*cur + sizeof("user=") - 1)) == NULL) goto oom; continue; } if (MATCHES(*cur, "uid=")) { p = *cur + sizeof("uid=") - 1; - user_ctx.uid = (uid_t) sudo_strtoid(p, &errstr); + ctx.user.uid = (uid_t) sudo_strtoid(p, &errstr); if (errstr != NULL) { sudo_warnx(U_("%s: %s"), *cur, U_(errstr)); goto bad; @@ -426,7 +426,7 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults) } if (MATCHES(*cur, "gid=")) { p = *cur + sizeof("gid=") - 1; - user_ctx.gid = (gid_t) sudo_strtoid(p, &errstr); + ctx.user.gid = (gid_t) sudo_strtoid(p, &errstr); if (errstr != NULL) { sudo_warnx(U_("%s: %s"), *cur, U_(errstr)); goto bad; @@ -440,41 +440,41 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults) } if (MATCHES(*cur, "cwd=")) { CHECK(*cur, "cwd="); - free(user_ctx.cwd); - if ((user_ctx.cwd = strdup(*cur + sizeof("cwd=") - 1)) == NULL) + free(ctx.user.cwd); + if ((ctx.user.cwd = strdup(*cur + sizeof("cwd=") - 1)) == NULL) goto oom; continue; } if (MATCHES(*cur, "tty=")) { CHECK(*cur, "tty="); - free(user_ctx.ttypath); - if ((user_ctx.ttypath = strdup(*cur + sizeof("tty=") - 1)) == NULL) + free(ctx.user.ttypath); + if ((ctx.user.ttypath = strdup(*cur + sizeof("tty=") - 1)) == NULL) goto oom; - user_ctx.tty = user_ctx.ttypath; - if (strncmp(user_ctx.tty, _PATH_DEV, sizeof(_PATH_DEV) - 1) == 0) - user_ctx.tty += sizeof(_PATH_DEV) - 1; + ctx.user.tty = ctx.user.ttypath; + if (strncmp(ctx.user.tty, _PATH_DEV, sizeof(_PATH_DEV) - 1) == 0) + ctx.user.tty += sizeof(_PATH_DEV) - 1; continue; } if (MATCHES(*cur, "host=")) { CHECK(*cur, "host="); - if (user_ctx.shost != user_ctx.host) - free(user_ctx.shost); - free(user_ctx.host); - if ((user_ctx.host = strdup(*cur + sizeof("host=") - 1)) == NULL) + if (ctx.user.shost != ctx.user.host) + free(ctx.user.shost); + free(ctx.user.host); + if ((ctx.user.host = strdup(*cur + sizeof("host=") - 1)) == NULL) goto oom; - if ((p = strchr(user_ctx.host, '.')) != NULL) { - user_ctx.shost = strndup(user_ctx.host, (size_t)(p - user_ctx.host)); - if (user_ctx.shost == NULL) + if ((p = strchr(ctx.user.host, '.')) != NULL) { + ctx.user.shost = strndup(ctx.user.host, (size_t)(p - ctx.user.host)); + if (ctx.user.shost == NULL) goto oom; } else { - user_ctx.shost = user_ctx.host; + ctx.user.shost = ctx.user.host; } continue; } if (MATCHES(*cur, "lines=")) { p = *cur + sizeof("lines=") - 1; - user_ctx.lines = (int)sudo_strtonum(p, 1, INT_MAX, &errstr); - if (user_ctx.lines == 0) { + ctx.user.lines = (int)sudo_strtonum(p, 1, INT_MAX, &errstr); + if (ctx.user.lines == 0) { sudo_warnx(U_("%s: %s"), *cur, U_(errstr)); goto bad; } @@ -482,8 +482,8 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults) } if (MATCHES(*cur, "cols=")) { p = *cur + sizeof("cols=") - 1; - user_ctx.cols = (int)sudo_strtonum(p, 1, INT_MAX, &errstr); - if (user_ctx.cols == 0) { + ctx.user.cols = (int)sudo_strtonum(p, 1, INT_MAX, &errstr); + if (ctx.user.cols == 0) { sudo_warnx(U_("%s: %s"), *cur, U_(errstr)); goto bad; } @@ -491,7 +491,7 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults) } if (MATCHES(*cur, "sid=")) { p = *cur + sizeof("sid=") - 1; - user_ctx.sid = (pid_t) sudo_strtoid(p, &errstr); + ctx.user.sid = (pid_t) sudo_strtoid(p, &errstr); if (errstr != NULL) { sudo_warnx(U_("%s: %s"), *cur, U_(errstr)); goto bad; @@ -500,7 +500,7 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults) } if (MATCHES(*cur, "tcpgid=")) { p = *cur + sizeof("tcpgid=") - 1; - user_ctx.tcpgid = (pid_t) sudo_strtoid(p, &errstr); + ctx.user.tcpgid = (pid_t) sudo_strtoid(p, &errstr); if (errstr != NULL) { sudo_warnx(U_("%s: %s"), *cur, U_(errstr)); goto bad; @@ -509,7 +509,7 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults) } if (MATCHES(*cur, "umask=")) { p = *cur + sizeof("umask=") - 1; - user_ctx.umask = sudo_strtomode(p, &errstr); + ctx.user.umask = sudo_strtomode(p, &errstr); if (errstr != NULL) { sudo_warnx(U_("%s: %s"), *cur, U_(errstr)); goto bad; @@ -519,56 +519,56 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults) } /* User name, user-ID, group-ID and host name must be specified. */ - if (user_ctx.name == NULL) { + if (ctx.user.name == NULL) { sudo_warnx("%s", U_("user name not set by sudo front-end")); goto bad; } - if (user_ctx.uid == (uid_t)-1) { + if (ctx.user.uid == (uid_t)-1) { sudo_warnx("%s", U_("user-ID not set by sudo front-end")); goto bad; } - if (user_ctx.gid == (gid_t)-1) { + if (ctx.user.gid == (gid_t)-1) { sudo_warnx("%s", U_("group-ID not set by sudo front-end")); goto bad; } - if (user_ctx.host == NULL) { + if (ctx.user.host == NULL) { sudo_warnx("%s", U_("host name not set by sudo front-end")); goto bad; } - if (runas_ctx.shost != runas_ctx.host) - free(runas_ctx.shost); - free(runas_ctx.host); - if ((runas_ctx.host = strdup(remhost ? remhost : user_ctx.host)) == NULL) + if (ctx.runas.shost != ctx.runas.host) + free(ctx.runas.shost); + free(ctx.runas.host); + if ((ctx.runas.host = strdup(remhost ? remhost : ctx.user.host)) == NULL) goto oom; - if ((p = strchr(runas_ctx.host, '.')) != NULL) { - runas_ctx.shost = strndup(runas_ctx.host, (size_t)(p - runas_ctx.host)); - if (runas_ctx.shost == NULL) + if ((p = strchr(ctx.runas.host, '.')) != NULL) { + ctx.runas.shost = strndup(ctx.runas.host, (size_t)(p - ctx.runas.host)); + if (ctx.runas.shost == NULL) goto oom; } else { - runas_ctx.shost = runas_ctx.host; + ctx.runas.shost = ctx.runas.host; } - if (user_ctx.cwd == NULL) { - if ((user_ctx.cwd = strdup("unknown")) == NULL) + if (ctx.user.cwd == NULL) { + if ((ctx.user.cwd = strdup("unknown")) == NULL) goto oom; } - if (user_ctx.tty == NULL) { - if ((user_ctx.tty = strdup("unknown")) == NULL) + if (ctx.user.tty == NULL) { + if ((ctx.user.tty = strdup("unknown")) == NULL) goto oom; - /* user_ctx.ttypath remains NULL */ + /* ctx.user.ttypath remains NULL */ } if (groups != NULL) { /* sudo_parse_gids() will print a warning on error. */ - user_ctx.ngids = sudo_parse_gids(groups, &user_ctx.gid, &user_ctx.gids); - if (user_ctx.ngids == -1) + ctx.user.ngids = sudo_parse_gids(groups, &ctx.user.gid, &ctx.user.gids); + if (ctx.user.ngids == -1) goto bad; } /* umask is only set in user_info[] for API 1.10 and above. */ - if (user_ctx.umask == (mode_t)-1) { - user_ctx.umask = umask(0); - umask(user_ctx.umask); + if (ctx.user.umask == (mode_t)-1) { + ctx.user.umask = umask(0); + umask(ctx.user.umask); } /* Always reset the environment for a login shell. */ @@ -576,11 +576,11 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults) def_env_reset = true; /* Some systems support fexecve() which we use for digest matches. */ - runas_ctx.execfd = -1; + ctx.runas.execfd = -1; /* Create a UUID to store in the event log. */ sudo_uuid_create(uuid); - if (sudo_uuid_to_string(uuid, user_ctx.uuid_str, sizeof(user_ctx.uuid_str)) == NULL) { + if (sudo_uuid_to_string(uuid, ctx.user.uuid_str, sizeof(ctx.user.uuid_str)) == NULL) { sudo_warnx("%s", U_("unable to generate UUID")); goto bad; } @@ -589,17 +589,17 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults) * Set intercept defaults based on flags set above. * We pass -1 as the operator to indicate it is set by the front end. */ - if (ISSET(user_ctx.flags, HAVE_INTERCEPT_PTRACE)) { + if (ISSET(ctx.settings.flags, HAVE_INTERCEPT_PTRACE)) { if (!append_default("intercept_type", "trace", -1, NULL, defaults)) goto oom; } - if (ISSET(user_ctx.flags, CAN_INTERCEPT_SETID)) { + if (ISSET(ctx.settings.flags, CAN_INTERCEPT_SETID)) { if (!append_default("intercept_allow_setid", NULL, -1, NULL, defaults)) goto oom; } #ifdef NO_ROOT_MAILER - eventlog_set_mailuid(user_ctx.uid); + eventlog_set_mailuid(ctx.user.uid); #endif /* Dump settings and user info (XXX - plugin args) */ @@ -678,8 +678,8 @@ sudoers_policy_store_result(bool accepted, char *argv[], char *envp[], if (command_info == NULL) goto oom; - if (runas_ctx.cmnd != NULL) { - command_info[info_len] = sudo_new_key_val("command", runas_ctx.cmnd); + if (ctx.runas.cmnd != NULL) { + command_info[info_len] = sudo_new_key_val("command", ctx.runas.cmnd); if (command_info[info_len++] == NULL) goto oom; } @@ -752,7 +752,7 @@ sudoers_policy_store_result(bool accepted, char *argv[], char *envp[], } if (def_runcwd && strcmp(def_runcwd, "*") != 0) { /* Set cwd to explicit value (sudoers or user-specified). */ - if (!expand_tilde(&def_runcwd, runas_ctx.pw->pw_name)) { + if (!expand_tilde(&def_runcwd, ctx.runas.pw->pw_name)) { sudo_warnx(U_("invalid working directory: %s"), def_runcwd); goto bad; } @@ -760,38 +760,38 @@ sudoers_policy_store_result(bool accepted, char *argv[], char *envp[], goto oom; } else if (ISSET(sudo_mode, MODE_LOGIN_SHELL)) { /* Set cwd to run user's homedir. */ - if ((command_info[info_len++] = sudo_new_key_val("cwd", runas_ctx.pw->pw_dir)) == NULL) + if ((command_info[info_len++] = sudo_new_key_val("cwd", ctx.runas.pw->pw_dir)) == NULL) goto oom; if ((command_info[info_len++] = strdup("cwd_optional=true")) == NULL) goto oom; } - if ((command_info[info_len++] = sudo_new_key_val("runas_user", runas_ctx.pw->pw_name)) == NULL) + if ((command_info[info_len++] = sudo_new_key_val("runas_user", ctx.runas.pw->pw_name)) == NULL) goto oom; - if (runas_ctx.gr != NULL) { - if ((command_info[info_len++] = sudo_new_key_val("runas_group", runas_ctx.gr->gr_name)) == NULL) + if (ctx.runas.gr != NULL) { + if ((command_info[info_len++] = sudo_new_key_val("runas_group", ctx.runas.gr->gr_name)) == NULL) goto oom; } if (def_stay_setuid) { if (asprintf(&command_info[info_len++], "runas_uid=%u", - (unsigned int)user_ctx.uid) == -1) + (unsigned int)ctx.user.uid) == -1) goto oom; if (asprintf(&command_info[info_len++], "runas_gid=%u", - (unsigned int)user_ctx.gid) == -1) + (unsigned int)ctx.user.gid) == -1) goto oom; if (asprintf(&command_info[info_len++], "runas_euid=%u", - (unsigned int)runas_ctx.pw->pw_uid) == -1) + (unsigned int)ctx.runas.pw->pw_uid) == -1) goto oom; if (asprintf(&command_info[info_len++], "runas_egid=%u", - runas_ctx.gr ? (unsigned int)runas_ctx.gr->gr_gid : - (unsigned int)runas_ctx.pw->pw_gid) == -1) + ctx.runas.gr ? (unsigned int)ctx.runas.gr->gr_gid : + (unsigned int)ctx.runas.pw->pw_gid) == -1) goto oom; } else { if (asprintf(&command_info[info_len++], "runas_uid=%u", - (unsigned int)runas_ctx.pw->pw_uid) == -1) + (unsigned int)ctx.runas.pw->pw_uid) == -1) goto oom; if (asprintf(&command_info[info_len++], "runas_gid=%u", - runas_ctx.gr ? (unsigned int)runas_ctx.gr->gr_gid : - (unsigned int)runas_ctx.pw->pw_gid) == -1) + ctx.runas.gr ? (unsigned int)ctx.runas.gr->gr_gid : + (unsigned int)ctx.runas.pw->pw_gid) == -1) goto oom; } if (def_preserve_groups) { @@ -805,7 +805,7 @@ sudoers_policy_store_result(bool accepted, char *argv[], char *envp[], struct gid_list *gidlist; /* Only use results from a group db query, not the front end. */ - gidlist = sudo_get_gidlist(runas_ctx.pw, ENTRY_TYPE_QUERIED); + gidlist = sudo_get_gidlist(ctx.runas.pw, ENTRY_TYPE_QUERIED); /* We reserve an extra spot in the list for the effective gid. */ glsize = sizeof("runas_groups=") - 1 + @@ -820,8 +820,8 @@ sudoers_policy_store_result(bool accepted, char *argv[], char *envp[], glsize -= (size_t)(cp - gid_list); /* On BSD systems the effective gid is the first group in the list. */ - egid = runas_ctx.gr ? (unsigned int)runas_ctx.gr->gr_gid : - (unsigned int)runas_ctx.pw->pw_gid; + egid = ctx.runas.gr ? (unsigned int)ctx.runas.gr->gr_gid : + (unsigned int)ctx.runas.pw->pw_gid; len = snprintf(cp, glsize, "%u", (unsigned int)egid); if (len < 0 || (size_t)len >= glsize) { sudo_warnx(U_("internal error, %s overflow"), __func__); @@ -885,7 +885,7 @@ sudoers_policy_store_result(bool accepted, char *argv[], char *envp[], goto oom; } if (def_utmp_runas) { - if ((command_info[info_len++] = sudo_new_key_val("utmp_user", runas_ctx.pw->pw_name)) == NULL) + if ((command_info[info_len++] = sudo_new_key_val("utmp_user", ctx.runas.pw->pw_name)) == NULL) goto oom; } if (def_iolog_mode != (S_IRUSR|S_IWUSR)) { @@ -931,15 +931,15 @@ sudoers_policy_store_result(bool accepted, char *argv[], char *envp[], goto oom; } - if (def_command_timeout > 0 || user_ctx.timeout > 0) { - int timeout = user_ctx.timeout; + if (def_command_timeout > 0 || ctx.user.timeout > 0) { + int timeout = ctx.user.timeout; if (timeout == 0 || (def_command_timeout > 0 && def_command_timeout < timeout)) timeout = def_command_timeout; if (asprintf(&command_info[info_len++], "timeout=%u", timeout) == -1) goto oom; } if (def_runchroot != NULL && strcmp(def_runchroot, "*") != 0) { - if (!expand_tilde(&def_runchroot, runas_ctx.pw->pw_name)) { + if (!expand_tilde(&def_runchroot, ctx.runas.pw->pw_name)) { sudo_warnx(U_("invalid chroot directory: %s"), def_runchroot); goto bad; } @@ -954,13 +954,13 @@ sudoers_policy_store_result(bool accepted, char *argv[], char *envp[], if ((command_info[info_len++] = strdup("umask_override=true")) == NULL) goto oom; } - if (runas_ctx.execfd != -1) { + if (ctx.runas.execfd != -1) { if (sudo_version < SUDO_API_MKVERSION(1, 9)) { /* execfd only supported by plugin API 1.9 and higher */ - close(runas_ctx.execfd); - runas_ctx.execfd = -1; + close(ctx.runas.execfd); + ctx.runas.execfd = -1; } else { - if (asprintf(&command_info[info_len++], "execfd=%d", runas_ctx.execfd) == -1) + if (asprintf(&command_info[info_len++], "execfd=%d", ctx.runas.execfd) == -1) goto oom; } } @@ -1008,40 +1008,40 @@ sudoers_policy_store_result(bool accepted, char *argv[], char *envp[], if ((command_info[info_len++] = sudo_new_key_val("rlimit_stack", def_rlimit_stack)) == NULL) goto oom; } - if (user_ctx.source != NULL) { - command_info[info_len] = sudo_new_key_val("source", user_ctx.source); + if (ctx.user.source != NULL) { + command_info[info_len] = sudo_new_key_val("source", ctx.user.source); if (command_info[info_len++] == NULL) goto oom; } #ifdef HAVE_LOGIN_CAP_H if (def_use_loginclass) { - if ((command_info[info_len++] = sudo_new_key_val("login_class", runas_ctx.class)) == NULL) + if ((command_info[info_len++] = sudo_new_key_val("login_class", ctx.runas.class)) == NULL) goto oom; } #endif /* HAVE_LOGIN_CAP_H */ #ifdef HAVE_SELINUX - if (def_selinux && runas_ctx.role != NULL) { - if ((command_info[info_len++] = sudo_new_key_val("selinux_role", runas_ctx.role)) == NULL) + if (def_selinux && ctx.runas.role != NULL) { + if ((command_info[info_len++] = sudo_new_key_val("selinux_role", ctx.runas.role)) == NULL) goto oom; } - if (def_selinux && runas_ctx.type != NULL) { - if ((command_info[info_len++] = sudo_new_key_val("selinux_type", runas_ctx.type)) == NULL) + if (def_selinux && ctx.runas.type != NULL) { + if ((command_info[info_len++] = sudo_new_key_val("selinux_type", ctx.runas.type)) == NULL) goto oom; } #endif /* HAVE_SELINUX */ #ifdef HAVE_APPARMOR - if (runas_ctx.apparmor_profile != NULL) { - if ((command_info[info_len++] = sudo_new_key_val("apparmor_profile", runas_ctx.apparmor_profile)) == NULL) + if (ctx.runas.apparmor_profile != NULL) { + if ((command_info[info_len++] = sudo_new_key_val("apparmor_profile", ctx.runas.apparmor_profile)) == NULL) goto oom; } #endif /* HAVE_APPARMOR */ #ifdef HAVE_PRIV_SET - if (runas_ctx.privs != NULL) { - if ((command_info[info_len++] = sudo_new_key_val("privs", runas_ctx.privs)) == NULL) + if (ctx.runas.privs != NULL) { + if ((command_info[info_len++] = sudo_new_key_val("privs", ctx.runas.privs)) == NULL) goto oom; } - if (runas_ctx.limitprivs != NULL) { - if ((command_info[info_len++] = sudo_new_key_val("limitprivs", runas_ctx.limitprivs)) == NULL) + if (ctx.runas.limitprivs != NULL) { + if ((command_info[info_len++] = sudo_new_key_val("limitprivs", ctx.runas.limitprivs)) == NULL) goto oom; } #endif /* HAVE_PRIV_SET */ @@ -1129,11 +1129,11 @@ sudoers_policy_close(int exit_status, int error_code) if (session_opened) { /* Close the session we opened in sudoers_policy_init_session(). */ - (void)sudo_auth_end_session(runas_ctx.pw); + (void)sudo_auth_end_session(ctx.runas.pw); if (error_code) { errno = error_code; - sudo_warn(U_("unable to execute %s"), runas_ctx.cmnd); + sudo_warn(U_("unable to execute %s"), ctx.runas.cmnd); } else { log_exit_status(exit_status); } @@ -1145,7 +1145,7 @@ sudoers_policy_close(int exit_status, int error_code) /* Free stashed copy of the environment. */ (void)env_init(NULL); - /* Free sudoers sources, user_ctx and passwd/group caches. */ + /* Free sudoers sources, ctx.user.and passwd/group caches. */ sudoers_cleanup(); /* command_info was freed by the g/c code. */ diff --git a/plugins/sudoers/prompt.c b/plugins/sudoers/prompt.c index 52b41461c..7ef0b2b9e 100644 --- a/plugins/sudoers/prompt.c +++ b/plugins/sudoers/prompt.c @@ -55,12 +55,12 @@ expand_prompt(const char *old_prompt, const char *auth_user) switch (p[1]) { case 'h': p++; - len += strlen(user_ctx.shost) - 2; + len += strlen(ctx.user.shost) - 2; subst = 1; break; case 'H': p++; - len += strlen(user_ctx.host) - 2; + len += strlen(ctx.user.host) - 2; subst = 1; break; case 'p': @@ -70,12 +70,12 @@ expand_prompt(const char *old_prompt, const char *auth_user) break; case 'u': p++; - len += strlen(user_ctx.name) - 2; + len += strlen(ctx.user.name) - 2; subst = 1; break; case 'U': p++; - len += strlen(runas_ctx.pw->pw_name) - 2; + len += strlen(ctx.runas.pw->pw_name) - 2; subst = 1; break; case '%': @@ -100,7 +100,7 @@ expand_prompt(const char *old_prompt, const char *auth_user) switch (p[1]) { case 'h': p++; - n = strlcpy(np, user_ctx.shost, len); + n = strlcpy(np, ctx.user.shost, len); if (n >= len) goto oflow; np += n; @@ -108,7 +108,7 @@ expand_prompt(const char *old_prompt, const char *auth_user) continue; case 'H': p++; - n = strlcpy(np, user_ctx.host, len); + n = strlcpy(np, ctx.user.host, len); if (n >= len) goto oflow; np += n; @@ -124,7 +124,7 @@ expand_prompt(const char *old_prompt, const char *auth_user) continue; case 'u': p++; - n = strlcpy(np, user_ctx.name, len); + n = strlcpy(np, ctx.user.name, len); if (n >= len) goto oflow; np += n; @@ -132,7 +132,7 @@ expand_prompt(const char *old_prompt, const char *auth_user) continue; case 'U': p++; - n = strlcpy(np, runas_ctx.pw->pw_name, len); + n = strlcpy(np, ctx.runas.pw->pw_name, len); if (n >= len) goto oflow; np += n; diff --git a/plugins/sudoers/pwutil_impl.c b/plugins/sudoers/pwutil_impl.c index bfc7eda4e..0924b8f5d 100644 --- a/plugins/sudoers/pwutil_impl.c +++ b/plugins/sudoers/pwutil_impl.c @@ -246,7 +246,7 @@ PREFIX(make_gritem)(gid_t gid, const char *name) /* * Dynamically allocate space for a struct item plus the key and data - * elements. Fills in datum from user_ctx.gids or from sudo_getgrouplist2(3). + * elements. Fills in datum from ctx.user.gids or from sudo_getgrouplist2(3). */ struct cache_item * PREFIX(make_gidlist_item)(const struct passwd *pw, char * const *gidstrs, @@ -264,7 +264,7 @@ PREFIX(make_gidlist_item)(const struct passwd *pw, char * const *gidstrs, * Ignore supplied gids if the entry type says we must query the group db. */ if (type != ENTRY_TYPE_QUERIED && (gidstrs != NULL || - (pw == user_ctx.pw && user_ctx.gids != NULL))) { + (pw == ctx.user.pw && ctx.user.gids != NULL))) { if (gidstrs != NULL) { /* Use supplied gids list (string format). */ ngids = 1; @@ -290,11 +290,11 @@ PREFIX(make_gidlist_item)(const struct passwd *pw, char * const *gidstrs, gids[ngids++] = gid; } } else { - /* Adopt user_ctx.gids. */ - gids = user_ctx.gids; - ngids = user_ctx.ngids; - user_ctx.gids = NULL; - user_ctx.ngids = 0; + /* Adopt ctx.user.gids. */ + gids = ctx.user.gids; + ngids = ctx.user.ngids; + ctx.user.gids = NULL; + ctx.user.ngids = 0; } type = ENTRY_TYPE_FRONTEND; } else { diff --git a/plugins/sudoers/regress/exptilde/check_exptilde.c b/plugins/sudoers/regress/exptilde/check_exptilde.c index f3fc78f2e..38cb4712f 100644 --- a/plugins/sudoers/regress/exptilde/check_exptilde.c +++ b/plugins/sudoers/regress/exptilde/check_exptilde.c @@ -31,7 +31,7 @@ #include -struct sudoers_user_context user_ctx; +struct sudoers_context ctx; struct test_data { const char *input; diff --git a/plugins/sudoers/regress/fuzz/fuzz_sudoers.c b/plugins/sudoers/regress/fuzz/fuzz_sudoers.c index 121b1ba06..4ca2cb44f 100644 --- a/plugins/sudoers/regress/fuzz/fuzz_sudoers.c +++ b/plugins/sudoers/regress/fuzz/fuzz_sudoers.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021 Todd C. Miller + * Copyright (c) 2021-2023 Todd C. Miller * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -49,8 +49,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size); static const char *orig_cmnd; /* Required to link with parser. */ -struct sudoers_user_context user_ctx; -struct sudoers_runas_context runas_ctx; +struct sudoers_context ctx; sudo_conv_t sudo_conv = fuzz_conversation; sudo_printf_t sudo_printf = fuzz_printf; unsigned int sudo_mode; @@ -107,12 +106,12 @@ init_envtables(void) int set_cmnd_path(const char *runchroot) { - /* Reallocate user_ctx.cmnd to catch bugs in command_matches(). */ + /* Reallocate ctx.user.cmnd to catch bugs in command_matches(). */ char *new_cmnd = strdup(orig_cmnd); if (new_cmnd == NULL) return NOT_FOUND_ERROR; - free(user_ctx.cmnd); - user_ctx.cmnd = new_cmnd; + free(ctx.user.cmnd); + ctx.user.cmnd = new_cmnd; return FOUND; } @@ -285,14 +284,14 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) sudo_pw_delref(pw); /* The minimum needed to perform matching (cmnd must be dynamic). */ - user_ctx.host = user_ctx.shost = runas_ctx.host = runas_ctx.shost = + ctx.user.host = ctx.user.shost = ctx.runas.host = ctx.runas.shost = (char *)"localhost"; orig_cmnd = (char *)"/usr/bin/id"; - user_ctx.cmnd = strdup(orig_cmnd); - if (user_ctx.cmnd == NULL) + ctx.user.cmnd = strdup(orig_cmnd); + if (ctx.user.cmnd == NULL) goto done; - user_ctx.cmnd_args = (char *)"-u"; - user_ctx.cmnd_base = sudo_basename(user_ctx.cmnd); + ctx.user.cmnd_args = (char *)"-u"; + ctx.user.cmnd_base = sudo_basename(ctx.user.cmnd); time(&now); /* Add a fake network interfaces. */ @@ -326,71 +325,71 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) int cmnd_status; /* Invoking user. */ - user_ctx.name = (char *)ud->user; - if (user_ctx.pw != NULL) - sudo_pw_delref(user_ctx.pw); - user_ctx.pw = sudo_getpwnam(user_ctx.name); - if (user_ctx.pw == NULL) { - sudo_warnx_nodebug("unknown user %s", user_ctx.name); + ctx.user.name = (char *)ud->user; + if (ctx.user.pw != NULL) + sudo_pw_delref(ctx.user.pw); + ctx.user.pw = sudo_getpwnam(ctx.user.name); + if (ctx.user.pw == NULL) { + sudo_warnx_nodebug("unknown user %s", ctx.user.name); continue; } /* Run user. */ - if (runas_ctx.pw != NULL) - sudo_pw_delref(runas_ctx.pw); + if (ctx.runas.pw != NULL) + sudo_pw_delref(ctx.runas.pw); if (ud->runuser != NULL) { - runas_ctx.user = (char *)ud->runuser; - SET(runas_ctx.flags, RUNAS_USER_SPECIFIED); - runas_ctx.pw = sudo_getpwnam(runas_ctx.user); + ctx.runas.user = (char *)ud->runuser; + SET(ctx.settings.flags, RUNAS_USER_SPECIFIED); + ctx.runas.pw = sudo_getpwnam(ctx.runas.user); } else { - runas_ctx.user = NULL; - CLR(runas_ctx.flags, RUNAS_USER_SPECIFIED); - runas_ctx.pw = sudo_getpwnam("root"); + ctx.runas.user = NULL; + CLR(ctx.settings.flags, RUNAS_USER_SPECIFIED); + ctx.runas.pw = sudo_getpwnam("root"); } - if (runas_ctx.pw == NULL) { - sudo_warnx_nodebug("unknown run user %s", runas_ctx.user); + if (ctx.runas.pw == NULL) { + sudo_warnx_nodebug("unknown run user %s", ctx.runas.user); continue; } /* Run group. */ - if (runas_ctx.gr != NULL) - sudo_gr_delref(runas_ctx.gr); + if (ctx.runas.gr != NULL) + sudo_gr_delref(ctx.runas.gr); if (ud->rungroup != NULL) { - runas_ctx.group = (char *)ud->rungroup; - SET(runas_ctx.flags, RUNAS_GROUP_SPECIFIED); - runas_ctx.gr = sudo_getgrnam(runas_ctx.group); - if (runas_ctx.gr == NULL) { + ctx.runas.group = (char *)ud->rungroup; + SET(ctx.settings.flags, RUNAS_GROUP_SPECIFIED); + ctx.runas.gr = sudo_getgrnam(ctx.runas.group); + if (ctx.runas.gr == NULL) { sudo_warnx_nodebug("unknown run group %s", - runas_ctx.group); + ctx.runas.group); continue; } } else { - runas_ctx.group = NULL; - CLR(runas_ctx.flags, RUNAS_GROUP_SPECIFIED); - runas_ctx.gr = NULL; + ctx.runas.group = NULL; + CLR(ctx.settings.flags, RUNAS_GROUP_SPECIFIED); + ctx.runas.gr = NULL; } update_defaults(&parse_tree, NULL, SETDEF_ALL, false); - sudoers_lookup(&snl, user_ctx.pw, now, NULL, NULL, &cmnd_status, + sudoers_lookup(&snl, ctx.user.pw, now, NULL, NULL, &cmnd_status, false); /* Match again as a pseudo-command (list, validate, etc). */ - sudoers_lookup(&snl, user_ctx.pw, now, NULL, NULL, &cmnd_status, + sudoers_lookup(&snl, ctx.user.pw, now, NULL, NULL, &cmnd_status, true); /* Display privileges. */ - display_privs(&snl, user_ctx.pw, false); - display_privs(&snl, user_ctx.pw, true); + display_privs(&snl, ctx.user.pw, false); + display_privs(&snl, ctx.user.pw, true); } /* Expand tildes in runcwd and runchroot. */ - if (runas_ctx.pw != NULL) { + if (ctx.runas.pw != NULL) { if (def_runcwd != NULL && strcmp(def_runcwd, "*") != 0) { - expand_tilde(&def_runcwd, runas_ctx.pw->pw_name); + expand_tilde(&def_runcwd, ctx.runas.pw->pw_name); } if (def_runchroot != NULL && strcmp(def_runchroot, "*") != 0) { - expand_tilde(&def_runchroot, runas_ctx.pw->pw_name); + expand_tilde(&def_runchroot, ctx.runas.pw->pw_name); } } @@ -404,19 +403,19 @@ done: fclose(fp); free_parse_tree(&parse_tree); reset_parser(); - if (user_ctx.pw != NULL) - sudo_pw_delref(user_ctx.pw); - if (runas_ctx.pw != NULL) - sudo_pw_delref(runas_ctx.pw); - if (runas_ctx.gr != NULL) - sudo_gr_delref(runas_ctx.gr); + if (ctx.user.pw != NULL) + sudo_pw_delref(ctx.user.pw); + if (ctx.runas.pw != NULL) + sudo_pw_delref(ctx.runas.pw); + if (ctx.runas.gr != NULL) + sudo_gr_delref(ctx.runas.gr); sudo_freepwcache(); sudo_freegrcache(); - free(user_ctx.cmnd); - free(runas_ctx.cmnd); - free(user_ctx.cmnd_list); - memset(&user_ctx, 0, sizeof(user_ctx)); - memset(&runas_ctx, 0, sizeof(runas_ctx)); + free(ctx.user.cmnd); + free(ctx.runas.cmnd); + free(ctx.user.cmnd_list); + memset(&ctx.user. 0, sizeof(ctx.user.); + memset(&ctx.runas. 0, sizeof(ctx.runas.); sudoers_setlocale(SUDOERS_LOCALE_USER, NULL); sudoers_debug_deregister(); fflush(stdout); diff --git a/plugins/sudoers/regress/fuzz/fuzz_sudoers_ldif.c b/plugins/sudoers/regress/fuzz/fuzz_sudoers_ldif.c index b1b0ea54e..434fa22ba 100644 --- a/plugins/sudoers/regress/fuzz/fuzz_sudoers_ldif.c +++ b/plugins/sudoers/regress/fuzz/fuzz_sudoers_ldif.c @@ -32,8 +32,7 @@ static int fuzz_printf(int msg_type, const char * restrict fmt, ...); int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size); /* Required to link with parser. */ -struct sudoers_user_context user_ctx; -struct sudoers_runas_context runas_ctx; +struct sudoers_context ctx; sudo_printf_t sudo_printf = fuzz_printf; FILE * @@ -62,7 +61,7 @@ init_envtables(void) int set_cmnd_path(const char *runchroot) { - /* Cannot return FOUND without also setting user_ctx.cmnd to a new value. */ + /* Cannot return FOUND without also setting ctx.user.cmnd to a new value. */ return NOT_FOUND; } diff --git a/plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c b/plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c index b96555113..b7dbbcaf8 100644 --- a/plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c +++ b/plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c @@ -36,8 +36,7 @@ extern struct io_plugin sudoers_io; -struct sudoers_user_context user_ctx; -struct sudoers_runas_context runas_ctx; +struct sudoers_context ctx; sudo_printf_t sudo_printf; sudo_conv_t sudo_conv; struct sudo_plugin_event * (*plugin_event_alloc)(void); @@ -248,9 +247,9 @@ test_endpoints(int *ntests, int *nerrors, const char *iolog_dir, char *envp[]) /* Set runas uid/gid to root. */ snprintf(runas_uid, sizeof(runas_uid), "runas_uid=%u", - (unsigned int)runas_ctx.pw->pw_uid); + (unsigned int)ctx.runas.pw->pw_uid); snprintf(runas_gid, sizeof(runas_gid), "runas_gid=%u", - (unsigned int)runas_ctx.pw->pw_gid); + (unsigned int)ctx.runas.pw->pw_gid); /* Set path to the iolog directory the user passed in. */ snprintf(iolog_path, sizeof(iolog_path), "iolog_path=%s", iolog_dir); @@ -385,15 +384,15 @@ main(int argc, char *argv[], char *envp[]) if ((tpw = getpwnam("root")) == NULL) sudo_fatalx("unable to look up uid 0 or root"); } - runas_ctx.pw = pw_dup(tpw); + ctx.runas.pw = pw_dup(tpw); /* Set invoking user. */ if ((tpw = getpwuid(geteuid())) == NULL) sudo_fatalx("unable to look up invoking user's uid"); - user_ctx.pw = pw_dup(tpw); + ctx.user.pw = pw_dup(tpw); /* Set iolog uid/gid to invoking user. */ - iolog_set_owner(user_ctx.pw->pw_uid, user_ctx.pw->pw_gid); + iolog_set_owner(ctx.user.pw->pw_uid, ctx.user.pw->pw_gid); test_endpoints(&tests, &errors, iolog_dir, envp); diff --git a/plugins/sudoers/set_perms.c b/plugins/sudoers/set_perms.c index c729916df..a6d33d09c 100644 --- a/plugins/sudoers/set_perms.c +++ b/plugins/sudoers/set_perms.c @@ -157,7 +157,7 @@ set_perms(int perm) state->egid = getegid(); state->sgid = state->egid; /* in case we are setgid */ #endif - state->gidlist = user_ctx.gid_list; + state->gidlist = ctx.user.gid_list; sudo_gidlist_addref(state->gidlist); sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_INITIAL: " "ruid: %d, euid: %d, suid: %d, rgid: %d, egid: %d, sgid: %d", @@ -196,7 +196,7 @@ set_perms(int perm) case PERM_USER: state->rgid = ostate->rgid; - state->egid = user_ctx.gid; + state->egid = ctx.user.gid; state->sgid = ostate->sgid; sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_USER: gid: " "[%d, %d, %d] -> [%d, %d, %d]", __func__, @@ -208,7 +208,7 @@ set_perms(int perm) (int)ID(rgid), (int)ID(egid), (int)ID(sgid)); goto bad; } - state->gidlist = user_ctx.gid_list; + state->gidlist = ctx.user.gid_list; sudo_gidlist_addref(state->gidlist); if (state->gidlist != ostate->gidlist) { if (sudo_setgroups(state->gidlist->ngids, state->gidlist->gids)) { @@ -216,8 +216,8 @@ set_perms(int perm) goto bad; } } - state->ruid = user_ctx.uid; - state->euid = user_ctx.uid; + state->ruid = ctx.user.uid; + state->euid = ctx.user.uid; state->suid = ROOT_UID; sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_USER: uid: " "[%d, %d, %d] -> [%d, %d, %d]", __func__, @@ -233,9 +233,9 @@ set_perms(int perm) case PERM_FULL_USER: /* headed for exec() */ - state->rgid = user_ctx.gid; - state->egid = user_ctx.gid; - state->sgid = user_ctx.gid; + state->rgid = ctx.user.gid; + state->egid = ctx.user.gid; + state->sgid = ctx.user.gid; sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_FULL_USER: gid: " "[%d, %d, %d] -> [%d, %d, %d]", __func__, (int)ostate->rgid, (int)ostate->egid, (int)ostate->sgid, @@ -246,7 +246,7 @@ set_perms(int perm) (int)ID(rgid), (int)ID(egid), (int)ID(sgid)); goto bad; } - state->gidlist = user_ctx.gid_list; + state->gidlist = ctx.user.gid_list; sudo_gidlist_addref(state->gidlist); if (state->gidlist != ostate->gidlist) { if (sudo_setgroups(state->gidlist->ngids, state->gidlist->gids)) { @@ -254,9 +254,9 @@ set_perms(int perm) goto bad; } } - state->ruid = user_ctx.uid; - state->euid = user_ctx.uid; - state->suid = user_ctx.uid; + state->ruid = ctx.user.uid; + state->euid = ctx.user.uid; + state->suid = ctx.user.uid; sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_FULL_USER: uid: " "[%d, %d, %d] -> [%d, %d, %d]", __func__, (int)ostate->ruid, (int)ostate->euid, (int)ostate->suid, @@ -271,7 +271,7 @@ set_perms(int perm) case PERM_RUNAS: state->rgid = ostate->rgid; - state->egid = runas_ctx.gr ? runas_ctx.gr->gr_gid : runas_ctx.pw->pw_gid; + state->egid = ctx.runas.gr ? ctx.runas.gr->gr_gid : ctx.runas.pw->pw_gid; state->sgid = ostate->sgid; sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_RUNAS: gid: " "[%d, %d, %d] -> [%d, %d, %d]", __func__, @@ -287,7 +287,7 @@ set_perms(int perm) goto bad; } state->ruid = ostate->ruid; - state->euid = runas_ctx.pw ? runas_ctx.pw->pw_uid : user_ctx.uid; + state->euid = ctx.runas.pw ? ctx.runas.pw->pw_uid : ctx.user.uid; state->suid = ostate->suid; sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_RUNAS: uid: " "[%d, %d, %d] -> [%d, %d, %d]", __func__, @@ -480,7 +480,7 @@ set_perms(int perm) state->rgid = getgidx(ID_REAL); state->egid = getgidx(ID_EFFECTIVE); state->sgid = getgidx(ID_SAVED); - state->gidlist = user_ctx.gid_list; + state->gidlist = ctx.user.gid_list; sudo_gidlist_addref(state->gidlist); sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_INITIAL: " "ruid: %d, euid: %d, suid: %d, rgid: %d, egid: %d, sgid: %d", @@ -519,18 +519,18 @@ set_perms(int perm) case PERM_USER: state->rgid = ostate->rgid; - state->egid = user_ctx.gid; + state->egid = ctx.user.gid; state->sgid = ostate->sgid; sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_USER: gid: " "[%d, %d, %d] -> [%d, %d, %d]", __func__, (int)ostate->rgid, (int)ostate->egid, (int)ostate->sgid, (int)state->rgid, (int)state->egid, (int)state->sgid); - if (GID_CHANGED && setgidx(ID_EFFECTIVE, user_ctx.gid)) { + if (GID_CHANGED && setgidx(ID_EFFECTIVE, ctx.user.gid)) { (void)snprintf(errbuf, sizeof(errbuf), - "PERM_USER: setgidx(ID_EFFECTIVE, %d)", (int)user_ctx.gid); + "PERM_USER: setgidx(ID_EFFECTIVE, %d)", (int)ctx.user.gid); goto bad; } - state->gidlist = user_ctx.gid_list; + state->gidlist = ctx.user.gid_list; sudo_gidlist_addref(state->gidlist); if (state->gidlist != ostate->gidlist) { if (sudo_setgroups(state->gidlist->ngids, state->gidlist->gids)) { @@ -538,8 +538,8 @@ set_perms(int perm) goto bad; } } - state->ruid = user_ctx.uid; - state->euid = user_ctx.uid; + state->ruid = ctx.user.uid; + state->euid = ctx.user.uid; state->suid = ROOT_UID; sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_USER: uid: " "[%d, %d, %d] -> [%d, %d, %d]", __func__, @@ -553,29 +553,29 @@ set_perms(int perm) goto bad; } } - if (setuidx(ID_EFFECTIVE|ID_REAL, user_ctx.uid)) { + if (setuidx(ID_EFFECTIVE|ID_REAL, ctx.user.uid)) { (void)snprintf(errbuf, sizeof(errbuf), - "PERM_USER: setuidx(ID_EFFECTIVE|ID_REAL, %d)", (int)user_ctx.uid); + "PERM_USER: setuidx(ID_EFFECTIVE|ID_REAL, %d)", (int)ctx.user.uid); goto bad; } break; case PERM_FULL_USER: /* headed for exec() */ - state->rgid = user_ctx.gid; - state->egid = user_ctx.gid; - state->sgid = user_ctx.gid; + state->rgid = ctx.user.gid; + state->egid = ctx.user.gid; + state->sgid = ctx.user.gid; sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_FULL_USER: gid: " "[%d, %d, %d] -> [%d, %d, %d]", __func__, (int)ostate->rgid, (int)ostate->egid, (int)ostate->sgid, (int)state->rgid, (int)state->egid, (int)state->sgid); - if (GID_CHANGED && setgidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, user_ctx.gid)) { + if (GID_CHANGED && setgidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, ctx.user.gid)) { (void)snprintf(errbuf, sizeof(errbuf), "PERM_FULL_USER: setgidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, %d)", - (int)user_ctx.gid); + (int)ctx.user.gid); goto bad; } - state->gidlist = user_ctx.gid_list; + state->gidlist = ctx.user.gid_list; sudo_gidlist_addref(state->gidlist); if (state->gidlist != ostate->gidlist) { if (sudo_setgroups(state->gidlist->ngids, state->gidlist->gids)) { @@ -583,24 +583,24 @@ set_perms(int perm) goto bad; } } - state->ruid = user_ctx.uid; - state->euid = user_ctx.uid; - state->suid = user_ctx.uid; + state->ruid = ctx.user.uid; + state->euid = ctx.user.uid; + state->suid = ctx.user.uid; sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_FULL_USER: uid: " "[%d, %d, %d] -> [%d, %d, %d]", __func__, (int)ostate->ruid, (int)ostate->euid, (int)ostate->suid, (int)state->ruid, (int)state->euid, (int)state->suid); - if (UID_CHANGED && setuidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, user_ctx.uid)) { + if (UID_CHANGED && setuidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, ctx.user.uid)) { (void)snprintf(errbuf, sizeof(errbuf), "PERM_FULL_USER: setuidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, %d)", - (int)user_ctx.uid); + (int)ctx.user.uid); goto bad; } break; case PERM_RUNAS: state->rgid = ostate->rgid; - state->egid = runas_ctx.gr ? runas_ctx.gr->gr_gid : runas_ctx.pw->pw_gid; + state->egid = ctx.runas.gr ? ctx.runas.gr->gr_gid : ctx.runas.pw->pw_gid; state->sgid = ostate->sgid; sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_RUNAS: gid: " "[%d, %d, %d] -> [%d, %d, %d]", __func__, @@ -616,7 +616,7 @@ set_perms(int perm) goto bad; } state->ruid = ostate->ruid; - state->euid = runas_ctx.pw ? runas_ctx.pw->pw_uid : user_ctx.uid; + state->euid = ctx.runas.pw ? ctx.runas.pw->pw_uid : ctx.user.uid; state->suid = ostate->suid; sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_RUNAS: uid: " "[%d, %d, %d] -> [%d, %d, %d]", __func__, @@ -890,7 +890,7 @@ set_perms(int perm) state->euid = geteuid(); state->rgid = getgid(); state->egid = getegid(); - state->gidlist = user_ctx.gid_list; + state->gidlist = ctx.user.gid_list; sudo_gidlist_addref(state->gidlist); sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_INITIAL: " "ruid: %d, euid: %d, rgid: %d, egid: %d", __func__, @@ -937,7 +937,7 @@ set_perms(int perm) case PERM_USER: state->rgid = ostate->rgid; - state->egid = user_ctx.gid; + state->egid = ctx.user.gid; sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_USER: gid: " "[%d, %d] -> [%d, %d]", __func__, (int)ostate->rgid, (int)ostate->egid, (int)state->rgid, (int)state->egid); @@ -946,7 +946,7 @@ set_perms(int perm) "PERM_USER: setregid(%d, %d)", (int)ID(rgid), (int)ID(egid)); goto bad; } - state->gidlist = user_ctx.gid_list; + state->gidlist = ctx.user.gid_list; sudo_gidlist_addref(state->gidlist); if (state->gidlist != ostate->gidlist) { if (sudo_setgroups(state->gidlist->ngids, state->gidlist->gids)) { @@ -955,7 +955,7 @@ set_perms(int perm) } } state->ruid = ROOT_UID; - state->euid = user_ctx.uid; + state->euid = ctx.user.uid; sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_USER: uid: " "[%d, %d] -> [%d, %d]", __func__, (int)ostate->ruid, (int)ostate->euid, (int)state->ruid, (int)state->euid); @@ -968,8 +968,8 @@ set_perms(int perm) case PERM_FULL_USER: /* headed for exec() */ - state->rgid = user_ctx.gid; - state->egid = user_ctx.gid; + state->rgid = ctx.user.gid; + state->egid = ctx.user.gid; sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_FULL_USER: gid: " "[%d, %d] -> [%d, %d]", __func__, (int)ostate->rgid, (int)ostate->egid, (int)state->rgid, (int)state->egid); @@ -979,7 +979,7 @@ set_perms(int perm) (int)ID(rgid), (int)ID(egid)); goto bad; } - state->gidlist = user_ctx.gid_list; + state->gidlist = ctx.user.gid_list; sudo_gidlist_addref(state->gidlist); if (state->gidlist != ostate->gidlist) { if (sudo_setgroups(state->gidlist->ngids, state->gidlist->gids)) { @@ -987,8 +987,8 @@ set_perms(int perm) goto bad; } } - state->ruid = user_ctx.uid; - state->euid = user_ctx.uid; + state->ruid = ctx.user.uid; + state->euid = ctx.user.uid; sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_FULL_USER: uid: " "[%d, %d] -> [%d, %d]", __func__, (int)ostate->ruid, (int)ostate->euid, (int)state->ruid, (int)state->euid); @@ -1002,7 +1002,7 @@ set_perms(int perm) case PERM_RUNAS: state->rgid = ostate->rgid; - state->egid = runas_ctx.gr ? runas_ctx.gr->gr_gid : runas_ctx.pw->pw_gid; + state->egid = ctx.runas.gr ? ctx.runas.gr->gr_gid : ctx.runas.pw->pw_gid; sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_RUNAS: gid: " "[%d, %d] -> [%d, %d]", __func__, (int)ostate->rgid, (int)ostate->egid, (int)state->rgid, (int)state->egid); @@ -1016,7 +1016,7 @@ set_perms(int perm) goto bad; } state->ruid = ROOT_UID; - state->euid = runas_ctx.pw ? runas_ctx.pw->pw_uid : user_ctx.uid; + state->euid = ctx.runas.pw ? ctx.runas.pw->pw_uid : ctx.user.uid; sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_RUNAS: uid: " "[%d, %d] -> [%d, %d]", __func__, (int)ostate->ruid, (int)ostate->euid, (int)state->ruid, (int)state->euid); @@ -1223,7 +1223,7 @@ set_perms(int perm) state->euid = geteuid(); state->rgid = getgid(); state->egid = getegid(); - state->gidlist = user_ctx.gid_list; + state->gidlist = ctx.user.gid_list; sudo_gidlist_addref(state->gidlist); sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_INITIAL: " "ruid: %d, euid: %d, rgid: %d, egid: %d", __func__, @@ -1252,17 +1252,17 @@ set_perms(int perm) break; case PERM_USER: - state->egid = user_ctx.gid; + state->egid = ctx.user.gid; state->rgid = ostate->rgid; sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_USER: gid: " "[%d, %d] -> [%d, %d]", __func__, (int)ostate->rgid, (int)ostate->egid, (int)state->rgid, (int)state->egid); - if (GID_CHANGED && setegid(user_ctx.gid)) { + if (GID_CHANGED && setegid(ctx.user.gid)) { (void)snprintf(errbuf, sizeof(errbuf), - "PERM_USER: setegid(%d)", (int)user_ctx.gid); + "PERM_USER: setegid(%d)", (int)ctx.user.gid); goto bad; } - state->gidlist = user_ctx.gid_list; + state->gidlist = ctx.user.gid_list; sudo_gidlist_addref(state->gidlist); if (state->gidlist != ostate->gidlist) { if (sudo_setgroups(state->gidlist->ngids, state->gidlist->gids)) { @@ -1271,30 +1271,30 @@ set_perms(int perm) } } state->ruid = ROOT_UID; - state->euid = user_ctx.uid; + state->euid = ctx.user.uid; sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_USER: uid: " "[%d, %d] -> [%d, %d]", __func__, (int)ostate->ruid, (int)ostate->euid, (int)state->ruid, (int)state->euid); - if (seteuid(user_ctx.uid)) { + if (seteuid(ctx.user.uid)) { (void)snprintf(errbuf, sizeof(errbuf), - "PERM_USER: seteuid(%d)", (int)user_ctx.uid); + "PERM_USER: seteuid(%d)", (int)ctx.user.uid); goto bad; } break; case PERM_FULL_USER: /* headed for exec() */ - state->rgid = user_ctx.gid; - state->egid = user_ctx.gid; + state->rgid = ctx.user.gid; + state->egid = ctx.user.gid; sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_FULL_USER: gid: " "[%d, %d] -> [%d, %d]", __func__, (int)ostate->rgid, (int)ostate->egid, (int)state->rgid, (int)state->egid); - if (GID_CHANGED && setgid(user_ctx.gid)) { + if (GID_CHANGED && setgid(ctx.user.gid)) { (void)snprintf(errbuf, sizeof(errbuf), - "PERM_FULL_USER: setgid(%d)", (int)user_ctx.gid); + "PERM_FULL_USER: setgid(%d)", (int)ctx.user.gid); goto bad; } - state->gidlist = user_ctx.gid_list; + state->gidlist = ctx.user.gid_list; sudo_gidlist_addref(state->gidlist); if (state->gidlist != ostate->gidlist) { if (sudo_setgroups(state->gidlist->ngids, state->gidlist->gids)) { @@ -1302,21 +1302,21 @@ set_perms(int perm) goto bad; } } - state->ruid = user_ctx.uid; - state->euid = user_ctx.uid; + state->ruid = ctx.user.uid; + state->euid = ctx.user.uid; sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_FULL_USER: uid: " "[%d, %d] -> [%d, %d]", __func__, (int)ostate->ruid, (int)ostate->euid, (int)state->ruid, (int)state->euid); - if (setuid(user_ctx.uid)) { + if (setuid(ctx.user.uid)) { (void)snprintf(errbuf, sizeof(errbuf), - "PERM_FULL_USER: setuid(%d)", (int)user_ctx.uid); + "PERM_FULL_USER: setuid(%d)", (int)ctx.user.uid); goto bad; } break; case PERM_RUNAS: state->rgid = ostate->rgid; - state->egid = runas_ctx.gr ? runas_ctx.gr->gr_gid : runas_ctx.pw->pw_gid; + state->egid = ctx.runas.gr ? ctx.runas.gr->gr_gid : ctx.runas.pw->pw_gid; sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_RUNAS: gid: " "[%d, %d] -> [%d, %d]", __func__, (int)ostate->rgid, (int)ostate->egid, (int)state->rgid, (int)state->egid); @@ -1330,7 +1330,7 @@ set_perms(int perm) goto bad; } state->ruid = ostate->ruid; - state->euid = runas_ctx.pw ? runas_ctx.pw->pw_uid : user_ctx.uid; + state->euid = ctx.runas.pw ? ctx.runas.pw->pw_uid : ctx.user.uid; sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_RUNAS: uid: " "[%d, %d] -> [%d, %d]", __func__, (int)ostate->ruid, (int)ostate->euid, (int)state->ruid, (int)state->euid); @@ -1506,7 +1506,7 @@ set_perms(int perm) /* Stash initial state */ state->ruid = geteuid() == ROOT_UID ? ROOT_UID : getuid(); state->rgid = getgid(); - state->gidlist = user_ctx.gid_list; + state->gidlist = ctx.user.gid_list; sudo_gidlist_addref(state->gidlist); sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_INITIAL: " "ruid: %d, rgid: %d", __func__, (int)state->ruid, (int)state->rgid); @@ -1533,11 +1533,11 @@ set_perms(int perm) break; case PERM_FULL_USER: - state->rgid = user_ctx.gid; + state->rgid = ctx.user.gid; sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_FULL_USER: gid: " "[%d] -> [%d]", __func__, (int)ostate->rgid, (int)state->rgid); - (void) setgid(user_ctx.gid); - state->gidlist = user_ctx.gid_list; + (void) setgid(ctx.user.gid); + state->gidlist = ctx.user.gid_list; sudo_gidlist_addref(state->gidlist); if (state->gidlist != ostate->gidlist) { if (sudo_setgroups(state->gidlist->ngids, state->gidlist->gids)) { @@ -1545,12 +1545,12 @@ set_perms(int perm) goto bad; } } - state->ruid = user_ctx.uid; + state->ruid = ctx.user.uid; sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_FULL_USER: uid: " "[%d] -> [%d]", __func__, (int)ostate->ruid, (int)state->ruid); - if (setuid(user_ctx.uid)) { + if (setuid(ctx.user.uid)) { (void)snprintf(errbuf, sizeof(errbuf), - "PERM_FULL_USER: setuid(%d)", (int)user_ctx.uid); + "PERM_FULL_USER: setuid(%d)", (int)ctx.user.uid); goto bad; } break; diff --git a/plugins/sudoers/solaris_audit.c b/plugins/sudoers/solaris_audit.c index 00c29d248..df166938d 100644 --- a/plugins/sudoers/solaris_audit.c +++ b/plugins/sudoers/solaris_audit.c @@ -62,12 +62,12 @@ adt_sudo_common(char *const argv[]) } /* get the real executable name */ - if (user_ctx.cmnd != NULL) { - if (strlcpy(cmdpath, (const char *)user_ctx.cmnd, + if (ctx.user.cmnd != NULL) { + if (strlcpy(cmdpath, (const char *)ctx.user.cmnd, sizeof(cmdpath)) >= sizeof(cmdpath)) { log_warningx(SLOG_NO_STDERR, - _("truncated audit path user_ctx.cmnd: %s"), - user_ctx.cmnd); + _("truncated audit path ctx.user.cmnd: %s"), + ctx.user.cmnd); } } else { if (strlcpy(cmdpath, argv[0], diff --git a/plugins/sudoers/sssd.c b/plugins/sudoers/sssd.c index cc51236ea..5b04e7b2a 100644 --- a/plugins/sudoers/sssd.c +++ b/plugins/sudoers/sssd.c @@ -136,7 +136,7 @@ get_ipa_hostname(char **shostp, char **lhostp) } if (shost != NULL && lhost != NULL) { sudo_debug_printf(SUDO_DEBUG_INFO, - "ipa_hostname %s overrides %s", lhost, user_ctx.host); + "ipa_hostname %s overrides %s", lhost, ctx.user.host); *shostp = shost; *lhostp = lhost; ret = true; @@ -165,8 +165,8 @@ get_ipa_hostname(char **shostp, char **lhostp) static bool sudo_sss_check_user(struct sudo_sss_handle *handle, struct sss_sudo_rule *rule) { - const char *host = handle->ipa_host ? handle->ipa_host : runas_ctx.host; - const char *shost = handle->ipa_shost ? handle->ipa_shost : runas_ctx.shost; + const char *host = handle->ipa_host ? handle->ipa_host : ctx.runas.host; + const char *shost = handle->ipa_shost ? handle->ipa_shost : ctx.runas.shost; char **val_array; int i, rc, ret = false; debug_decl(sudo_sss_check_user, SUDOERS_DEBUG_SSSD); @@ -629,9 +629,9 @@ sudo_sss_open(struct sudo_nss *nss) /* * If the runas host matches the local host, check for ipa_hostname - * in sssd.conf and use it in preference to runas_ctx.host. + * in sssd.conf and use it in preference to ctx.runas.host. */ - if (strcasecmp(runas_ctx.host, user_ctx.host) == 0) { + if (strcasecmp(ctx.runas.host, ctx.user.host) == 0) { if (get_ipa_hostname(&handle->ipa_shost, &handle->ipa_host) == -1) { free(handle); debug_return_int(ENOMEM); @@ -681,7 +681,7 @@ sudo_sss_query(const struct sudo_nss *nss, struct passwd *pw) sudo_debug_printf(SUDO_DEBUG_DIAG, "searching SSSD/LDAP for sudoers entries for user %s, host %s", - pw->pw_name, runas_ctx.host); + pw->pw_name, ctx.runas.host); /* Stash a ref to the passwd struct in the handle. */ sudo_pw_addref(pw); @@ -754,8 +754,8 @@ sudo_sss_getdefs(const struct sudo_nss *nss) sudo_debug_printf(SUDO_DEBUG_DIAG, "Looking for cn=defaults"); /* NOTE: these are global defaults, user-ID and name are not used. */ - rc = handle->fn_send_recv_defaults(user_ctx.pw->pw_uid, - user_ctx.pw->pw_name, &sss_error, &handle->domainname, &sss_result); + rc = handle->fn_send_recv_defaults(ctx.user.pw->pw_uid, + ctx.user.pw->pw_name, &sss_error, &handle->domainname, &sss_result); switch (rc) { case 0: break; diff --git a/plugins/sudoers/stubs.c b/plugins/sudoers/stubs.c index 7113c0d3e..831d94185 100644 --- a/plugins/sudoers/stubs.c +++ b/plugins/sudoers/stubs.c @@ -85,7 +85,7 @@ get_interfaces(void) int set_cmnd_path(const char *runchroot) { - /* Cannot return FOUND without also setting user_ctx.cmnd to a new value. */ + /* Cannot return FOUND without also setting ctx.user.cmnd to a new value. */ return NOT_FOUND; } @@ -111,7 +111,7 @@ unpivot_root(int fds[2]) } /* - * Look up the hostname and set user_ctx.host and user_ctx.shost. + * Look up the hostname and set ctx.user.host and ctx.user.shost. */ void get_hostname(void) @@ -119,22 +119,22 @@ get_hostname(void) char *cp; debug_decl(get_hostname, SUDOERS_DEBUG_UTIL); - if ((user_ctx.host = sudo_gethostname()) != NULL) { - if ((cp = strchr(user_ctx.host, '.'))) { + if ((ctx.user.host = sudo_gethostname()) != NULL) { + if ((cp = strchr(ctx.user.host, '.'))) { *cp = '\0'; - if ((user_ctx.shost = strdup(user_ctx.host)) == NULL) + if ((ctx.user.shost = strdup(ctx.user.host)) == NULL) sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); *cp = '.'; } else { - user_ctx.shost = user_ctx.host; + ctx.user.shost = ctx.user.host; } } else { - user_ctx.host = user_ctx.shost = strdup("localhost"); - if (user_ctx.host == NULL) + ctx.user.host = ctx.user.shost = strdup("localhost"); + if (ctx.user.host == NULL) sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); } - runas_ctx.host = user_ctx.host; - runas_ctx.shost = user_ctx.shost; + ctx.runas.host = ctx.user.host; + ctx.runas.shost = ctx.user.shost; debug_return; } diff --git a/plugins/sudoers/sudoers.c b/plugins/sudoers/sudoers.c index e37202132..49efb5e18 100644 --- a/plugins/sudoers/sudoers.c +++ b/plugins/sudoers/sudoers.c @@ -79,8 +79,7 @@ static bool tty_present(void); /* * Globals */ -struct sudoers_user_context user_ctx; -struct sudoers_runas_context runas_ctx; +struct sudoers_context ctx; unsigned int sudo_mode; static char *prev_user; @@ -268,7 +267,7 @@ sudoers_init(void *info, sudoers_logger_t logger, char * const envp[]) } /* Set login class if applicable (after sudoers is parsed). */ - if (set_loginclass(runas_ctx.pw ? runas_ctx.pw : user_ctx.pw)) + if (set_loginclass(ctx.runas.pw ? ctx.runas.pw : ctx.user.pw)) ret = true; cleanup: @@ -287,7 +286,7 @@ cleanup: /* * Expand I/O log dir and file into a full path. * Returns the full I/O log path prefixed with "iolog_path=". - * Sets user_ctx.iolog_file as a side effect. + * Sets ctx.user.iolog_file as a side effect. */ static char * format_iolog_path(void) @@ -316,8 +315,8 @@ format_iolog_path(void) } /* Stash pointer to the I/O log for the event log. */ - user_ctx.iolog_path = iolog_path + sizeof("iolog_path=") - 1; - user_ctx.iolog_file = user_ctx.iolog_path + 1 + strlen(dir); + ctx.user.iolog_path = iolog_path + sizeof("iolog_path=") - 1; + ctx.user.iolog_file = ctx.user.iolog_path + 1 + strlen(dir); done: debug_return_str(iolog_path); @@ -365,7 +364,7 @@ sudoers_check_common(int pwflag) goto done; /* Is root even allowed to run sudo? */ - if (user_ctx.uid == 0 && !def_root_sudo) { + if (ctx.user.uid == 0 && !def_root_sudo) { /* Not an audit event (should it be?). */ sudo_warnx("%s", U_("sudoers specifies that root is not allowed to sudo")); @@ -374,14 +373,14 @@ sudoers_check_common(int pwflag) } /* Check for -C overriding def_closefrom. */ - if (user_ctx.closefrom >= 0 && user_ctx.closefrom != def_closefrom) { + if (ctx.user.closefrom >= 0 && ctx.user.closefrom != def_closefrom) { if (!def_closefrom_override) { log_warningx(SLOG_NO_STDERR|SLOG_AUDIT, N_("user not allowed to override closefrom limit")); sudo_warnx("%s", U_("you are not permitted to use the -C option")); goto bad; } - def_closefrom = user_ctx.closefrom; + def_closefrom = ctx.user.closefrom; } /* @@ -389,7 +388,7 @@ sudoers_check_common(int pwflag) */ time(&now); sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale); - validated = sudoers_lookup(snl, user_ctx.pw, now, cb_lookup, &match_info, + validated = sudoers_lookup(snl, ctx.user.pw, now, cb_lookup, &match_info, &cmnd_status, pwflag); sudoers_setlocale(oldlocale, NULL); if (ISSET(validated, VALIDATE_ERROR)) { @@ -398,22 +397,22 @@ sudoers_check_common(int pwflag) } if (match_info.us != NULL && match_info.us->file != NULL) { - free(user_ctx.source); + free(ctx.user.source); if (match_info.us->line != 0) { - if (asprintf(&user_ctx.source, "%s:%d:%d", match_info.us->file, + if (asprintf(&ctx.user.source, "%s:%d:%d", match_info.us->file, match_info.us->line, match_info.us->column) == -1) - user_ctx.source = NULL; + ctx.user.source = NULL; } else { - user_ctx.source = strdup(match_info.us->file); + ctx.user.source = strdup(match_info.us->file); } - if (user_ctx.source == NULL) { + if (ctx.user.source == NULL) { sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory")); goto done; } } - if (runas_ctx.cmnd == NULL) { - if ((runas_ctx.cmnd = strdup(user_ctx.cmnd)) == NULL) { + if (ctx.runas.cmnd == NULL) { + if ((ctx.runas.cmnd = strdup(ctx.user.cmnd)) == NULL) { sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory")); goto done; } @@ -422,13 +421,13 @@ sudoers_check_common(int pwflag) /* Defer uid/gid checks until after defaults have been updated. */ if (unknown_runas_uid && !def_runas_allow_unknown_id) { log_warningx(SLOG_AUDIT, N_("unknown user %s"), - runas_ctx.pw->pw_name); + ctx.runas.pw->pw_name); goto done; } - if (runas_ctx.gr != NULL) { + if (ctx.runas.gr != NULL) { if (unknown_runas_gid && !def_runas_allow_unknown_id) { log_warningx(SLOG_AUDIT, N_("unknown group %s"), - runas_ctx.gr->gr_name); + ctx.runas.gr->gr_name); goto done; } } @@ -449,10 +448,10 @@ sudoers_check_common(int pwflag) /* Check runas user's shell if running (or checking) a command. */ if (ISSET(sudo_mode, MODE_RUN|MODE_CHECK)) { - if (!check_user_shell(runas_ctx.pw)) { + if (!check_user_shell(ctx.runas.pw)) { log_warningx(SLOG_RAW_MSG|SLOG_AUDIT, N_("invalid shell for user %s: %s"), - runas_ctx.pw->pw_name, runas_ctx.pw->pw_shell); + ctx.runas.pw->pw_name, ctx.runas.pw->pw_shell); goto bad; } } @@ -487,45 +486,45 @@ sudoers_check_common(int pwflag) goto done; } - /* Check whether runas_ctx.chroot is permitted (if specified). */ - switch (check_user_runchroot(runas_ctx.chroot)) { + /* Check whether ctx.runas.chroot is permitted (if specified). */ + switch (check_user_runchroot(ctx.runas.chroot)) { case true: break; case false: log_warningx(SLOG_NO_STDERR|SLOG_AUDIT, N_("user not allowed to change root directory to %s"), - runas_ctx.chroot); + ctx.runas.chroot); sudo_warnx(U_("you are not permitted to use the -R option with %s"), - user_ctx.cmnd); + ctx.user.cmnd); goto bad; default: goto done; } - /* Check whether runas_ctx.cwd is permitted (if specified). */ - switch (check_user_runcwd(runas_ctx.cwd)) { + /* Check whether ctx.runas.cwd is permitted (if specified). */ + switch (check_user_runcwd(ctx.runas.cwd)) { case true: break; case false: log_warningx(SLOG_NO_STDERR|SLOG_AUDIT, - N_("user not allowed to change directory to %s"), runas_ctx.cwd); + N_("user not allowed to change directory to %s"), ctx.runas.cwd); sudo_warnx(U_("you are not permitted to use the -D option with %s"), - user_ctx.cmnd); + ctx.user.cmnd); goto bad; default: goto done; } - /* If run as root with SUDO_USER set, set user_ctx.pw to that user. */ + /* If run as root with SUDO_USER set, set ctx.user.pw to that user. */ /* XXX - causes confusion when root is not listed in sudoers */ if (ISSET(sudo_mode, MODE_RUN|MODE_EDIT) && prev_user != NULL) { - if (user_ctx.uid == 0 && strcmp(prev_user, "root") != 0) { + if (ctx.user.uid == 0 && strcmp(prev_user, "root") != 0) { struct passwd *pw; if ((pw = sudo_getpwnam(prev_user)) != NULL) { - if (user_ctx.pw != NULL) - sudo_pw_delref(user_ctx.pw); - user_ctx.pw = pw; + if (ctx.user.pw != NULL) + sudo_pw_delref(ctx.user.pw); + ctx.user.pw = pw; } } } @@ -539,23 +538,23 @@ sudoers_check_common(int pwflag) } /* Create Ubuntu-style dot file to indicate sudo was successful. */ - if (create_admin_success_flag(user_ctx.pw) == -1) + if (create_admin_success_flag(ctx.user.pw) == -1) goto done; /* Finally tell the user if the command did not exist. */ if (cmnd_status == NOT_FOUND_DOT) { audit_failure(NewArgv, N_("command in current directory")); - sudo_warnx(U_("ignoring \"%s\" found in '.'\nUse \"sudo ./%s\" if this is the \"%s\" you wish to run."), user_ctx.cmnd, user_ctx.cmnd, user_ctx.cmnd); + sudo_warnx(U_("ignoring \"%s\" found in '.'\nUse \"sudo ./%s\" if this is the \"%s\" you wish to run."), ctx.user.cmnd, ctx.user.cmnd, ctx.user.cmnd); goto bad; } else if (cmnd_status == NOT_FOUND) { if (ISSET(sudo_mode, MODE_CHECK)) { audit_failure(NewArgv, N_("%s: command not found"), NewArgv[1]); sudo_warnx(U_("%s: command not found"), NewArgv[1]); } else { - audit_failure(NewArgv, N_("%s: command not found"), user_ctx.cmnd); - sudo_warnx(U_("%s: command not found"), user_ctx.cmnd); - if (strncmp(user_ctx.cmnd, "cd", 2) == 0 && (user_ctx.cmnd[2] == '\0' || - isblank((unsigned char)user_ctx.cmnd[2]))) { + audit_failure(NewArgv, N_("%s: command not found"), ctx.user.cmnd); + sudo_warnx(U_("%s: command not found"), ctx.user.cmnd); + if (strncmp(ctx.user.cmnd, "cd", 2) == 0 && (ctx.user.cmnd[2] == '\0' || + isblank((unsigned char)ctx.user.cmnd[2]))) { sudo_warnx("%s", U_("\"cd\" is a shell built-in command, it cannot be run directly.")); sudo_warnx("%s", @@ -568,7 +567,7 @@ sudoers_check_common(int pwflag) } /* If user specified a timeout make sure sudoers allows it. */ - if (!def_user_command_timeouts && user_ctx.timeout > 0) { + if (!def_user_command_timeouts && ctx.user.timeout > 0) { log_warningx(SLOG_NO_STDERR|SLOG_AUDIT, N_("user not allowed to set a command timeout")); sudo_warnx("%s", @@ -585,7 +584,7 @@ sudoers_check_common(int pwflag) U_("sorry, you are not allowed to preserve the environment")); goto bad; } else { - if (!validate_env_vars(user_ctx.env_vars)) + if (!validate_env_vars(ctx.user.env_vars)) goto bad; } } @@ -644,7 +643,7 @@ sudoers_check_cmnd(int argc, char * const argv[], char *env_add[], /* Environment variables specified on the command line. */ if (env_add != NULL && env_add[0] != NULL) - user_ctx.env_vars = env_add; + ctx.user.env_vars = env_add; /* * Make a local copy of argc/argv, with special handling for the @@ -663,8 +662,8 @@ sudoers_check_cmnd(int argc, char * const argv[], char *env_add[], memcpy(NewArgv, argv, (size_t)argc * sizeof(char *)); NewArgc = argc; NewArgv[NewArgc] = NULL; - if (ISSET(sudo_mode, MODE_LOGIN_SHELL) && runas_ctx.pw != NULL) { - NewArgv[0] = strdup(runas_ctx.pw->pw_shell); + if (ISSET(sudo_mode, MODE_LOGIN_SHELL) && ctx.runas.pw != NULL) { + NewArgv[0] = strdup(ctx.runas.pw->pw_shell); if (NewArgv[0] == NULL) { sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory")); goto error; @@ -701,7 +700,7 @@ sudoers_check_cmnd(int argc, char * const argv[], char *env_add[], if (def_umask != ACCESSPERMS) { cmnd_umask = def_umask; if (!def_umask_override) - cmnd_umask |= user_ctx.umask; + cmnd_umask |= ctx.user.umask; } if (ISSET(sudo_mode, MODE_LOGIN_SHELL)) { @@ -734,10 +733,10 @@ sudoers_check_cmnd(int argc, char * const argv[], char *env_add[], #endif #ifdef HAVE_LOGIN_CAP_H /* Set environment based on login class. */ - if (runas_ctx.class) { - login_cap_t *lc = login_getclass(runas_ctx.class); + if (ctx.runas.class) { + login_cap_t *lc = login_getclass(ctx.runas.class); if (lc != NULL) { - setusercontext(lc, runas_ctx.pw, runas_ctx.pw->pw_uid, + setusercontext(lc, ctx.runas.pw, ctx.runas.pw->pw_uid, LOGIN_SETPATH|LOGIN_SETENV); login_close(lc); } @@ -756,7 +755,7 @@ sudoers_check_cmnd(int argc, char * const argv[], char *env_add[], } /* Insert user-specified environment variables. */ - if (!insert_env_vars(user_ctx.env_vars)) { + if (!insert_env_vars(ctx.user.env_vars)) { sudo_warnx("%s", U_("error setting user-specified environment variables")); goto error; @@ -769,10 +768,10 @@ sudoers_check_cmnd(int argc, char * const argv[], char *env_add[], int edit_argc; sudoedit_nfiles = NewArgc - 1; - free(runas_ctx.cmnd); - runas_ctx.cmnd = find_editor(sudoedit_nfiles, NewArgv + 1, + free(ctx.runas.cmnd); + ctx.runas.cmnd = find_editor(sudoedit_nfiles, NewArgv + 1, &edit_argc, &edit_argv, NULL, &env_editor); - if (runas_ctx.cmnd == NULL) { + if (ctx.runas.cmnd == NULL) { switch (errno) { case ENOENT: audit_failure(NewArgv, N_("%s: command not found"), @@ -805,9 +804,9 @@ sudoers_check_cmnd(int argc, char * const argv[], char *env_add[], } /* Save the initial command and argv so we have it for exit logging. */ - if (user_ctx.cmnd_saved == NULL) { - user_ctx.cmnd_saved = strdup(runas_ctx.cmnd); - if (user_ctx.cmnd_saved == NULL) { + if (ctx.user.cmnd_saved == NULL) { + ctx.user.cmnd_saved = strdup(ctx.runas.cmnd); + if (ctx.user.cmnd_saved == NULL) { sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory")); goto error; } @@ -922,10 +921,10 @@ sudoers_list(int argc, char * const argv[], const char *list_user, bool verbose) goto done; if (list_user) { - if (runas_ctx.list_pw != NULL) - sudo_pw_delref(runas_ctx.list_pw); - runas_ctx.list_pw = sudo_getpwnam(list_user); - if (runas_ctx.list_pw == NULL) { + if (ctx.runas.list_pw != NULL) + sudo_pw_delref(ctx.runas.list_pw); + ctx.runas.list_pw = sudo_getpwnam(list_user); + if (ctx.runas.list_pw == NULL) { sudo_warnx(U_("unknown user %s"), list_user); goto done; } @@ -947,7 +946,7 @@ sudoers_list(int argc, char * const argv[], const char *list_user, bool verbose) if (ret != true) goto done; - pw = runas_ctx.list_pw ? runas_ctx.list_pw : user_ctx.pw; + pw = ctx.runas.list_pw ? ctx.runas.list_pw : ctx.user.pw; if (ISSET(sudo_mode, MODE_CHECK)) ret = display_cmnd(snl, pw, verbose); else @@ -972,7 +971,7 @@ done: } /* - * Initialize timezone and fill in user_ctx. + * Initialize timezone and fill in ctx.user. */ static bool init_vars(char * const envp[]) @@ -993,17 +992,17 @@ init_vars(char * const envp[]) switch (**ep) { case 'K': if (MATCHES(*ep, "KRB5CCNAME=")) - user_ctx.ccname = *ep + sizeof("KRB5CCNAME=") - 1; + ctx.user.ccname = *ep + sizeof("KRB5CCNAME=") - 1; break; case 'P': if (MATCHES(*ep, "PATH=")) - user_ctx.path = *ep + sizeof("PATH=") - 1; + ctx.user.path = *ep + sizeof("PATH=") - 1; break; case 'S': if (MATCHES(*ep, "SUDO_PROMPT=")) { /* Don't override "sudo -p prompt" */ - if (user_ctx.prompt == NULL) - user_ctx.prompt = *ep + sizeof("SUDO_PROMPT=") - 1; + if (ctx.user.prompt == NULL) + ctx.user.prompt = *ep + sizeof("SUDO_PROMPT=") - 1; break; } if (MATCHES(*ep, "SUDO_USER=")) @@ -1017,26 +1016,26 @@ init_vars(char * const envp[]) * Get a local copy of the user's passwd struct and group list if we * don't already have them. */ - if (user_ctx.pw == NULL) { - if ((user_ctx.pw = sudo_getpwnam(user_ctx.name)) == NULL) { + if (ctx.user.pw == NULL) { + if ((ctx.user.pw = sudo_getpwnam(ctx.user.name)) == NULL) { /* * It is not unusual for users to place "sudo -k" in a .logout * file which can cause sudo to be run during reboot after the * YP/NIS/NIS+/LDAP/etc daemon has died. */ if (sudo_mode == MODE_KILL || sudo_mode == MODE_INVALIDATE) { - sudo_warnx(U_("unknown user %s"), user_ctx.name); + sudo_warnx(U_("unknown user %s"), ctx.user.name); debug_return_bool(false); } /* Need to make a fake struct passwd for the call to log_warningx(). */ - user_ctx.pw = sudo_mkpwent(user_ctx.name, user_ctx.uid, - user_ctx.gid, NULL, NULL); + ctx.user.pw = sudo_mkpwent(ctx.user.name, ctx.user.uid, + ctx.user.gid, NULL, NULL); unknown_user = true; } } - if (user_ctx.gid_list == NULL) - user_ctx.gid_list = sudo_get_gidlist(user_ctx.pw, ENTRY_TYPE_ANY); + if (ctx.user.gid_list == NULL) + ctx.user.gid_list = sudo_get_gidlist(ctx.user.pw, ENTRY_TYPE_ANY); /* Store initialize permissions so we can restore them later. */ if (!set_perms(PERM_INITIAL)) @@ -1047,7 +1046,7 @@ init_vars(char * const envp[]) /* It is now safe to use log_warningx() and set_perms() */ if (unknown_user) { - log_warningx(SLOG_SEND_MAIL, N_("unknown user %s"), user_ctx.name); + log_warningx(SLOG_SEND_MAIL, N_("unknown user %s"), ctx.user.name); debug_return_bool(false); } @@ -1056,15 +1055,15 @@ init_vars(char * const envp[]) * Note that if runas_group was specified without runas_user we * run the command as the invoking user. */ - if (runas_ctx.group != NULL) { - if (!set_runasgr(runas_ctx.group, false)) + if (ctx.runas.group != NULL) { + if (!set_runasgr(ctx.runas.group, false)) debug_return_bool(false); - if (!set_runaspw(runas_ctx.user ? - runas_ctx.user : user_ctx.name, false)) + if (!set_runaspw(ctx.runas.user ? + ctx.runas.user : ctx.user.name, false)) debug_return_bool(false); } else { - if (!set_runaspw(runas_ctx.user ? - runas_ctx.user : def_runas_default, false)) + if (!set_runaspw(ctx.runas.user ? + ctx.runas.user : def_runas_default, false)) debug_return_bool(false); } @@ -1072,26 +1071,26 @@ init_vars(char * const envp[]) } /* - * Fill in user_ctx.cmnd and user_ctx.cmnd_stat variables. - * Does not fill in user_ctx.cmnd_base. + * Fill in ctx.user.cmnd and ctx.user.cmnd_stat variables. + * Does not fill in ctx.user.cmnd_base. */ int set_cmnd_path(const char *runchroot) { const char *cmnd_in; char *cmnd_out = NULL; - char *path = user_ctx.path; + char *path = ctx.user.path; int ret, pivot_fds[2]; debug_decl(set_cmnd_path, SUDOERS_DEBUG_PLUGIN); cmnd_in = ISSET(sudo_mode, MODE_CHECK) ? NewArgv[1] : NewArgv[0]; - free(user_ctx.cmnd_list); - user_ctx.cmnd_list = NULL; - free(user_ctx.cmnd); - user_ctx.cmnd = NULL; - canon_path_free(user_ctx.cmnd_dir); - user_ctx.cmnd_dir = NULL; + free(ctx.user.cmnd_list); + ctx.user.cmnd_list = NULL; + free(ctx.user.cmnd); + ctx.user.cmnd = NULL; + canon_path_free(ctx.user.cmnd_dir); + ctx.user.cmnd_dir = NULL; if (def_secure_path && !user_is_exempt()) path = def_secure_path; @@ -1103,7 +1102,7 @@ set_cmnd_path(const char *runchroot) if (!set_perms(PERM_RUNAS)) goto error; - ret = find_path(cmnd_in, &cmnd_out, user_ctx.cmnd_stat, path, + ret = find_path(cmnd_in, &cmnd_out, ctx.user.cmnd_stat, path, def_ignore_dot, NULL); if (!restore_perms()) goto error; @@ -1111,7 +1110,7 @@ set_cmnd_path(const char *runchroot) /* Failed as root, try as invoking user. */ if (!set_perms(PERM_USER)) goto error; - ret = find_path(cmnd_in, &cmnd_out, user_ctx.cmnd_stat, path, + ret = find_path(cmnd_in, &cmnd_out, ctx.user.cmnd_stat, path, def_ignore_dot, NULL); if (!restore_perms()) goto error; @@ -1121,17 +1120,17 @@ set_cmnd_path(const char *runchroot) char *slash = strrchr(cmnd_out, '/'); if (slash != NULL) { *slash = '\0'; - user_ctx.cmnd_dir = canon_path(cmnd_out); - if (user_ctx.cmnd_dir == NULL && errno == ENOMEM) + ctx.user.cmnd_dir = canon_path(cmnd_out); + if (ctx.user.cmnd_dir == NULL && errno == ENOMEM) goto error; *slash = '/'; } } if (ISSET(sudo_mode, MODE_CHECK)) - user_ctx.cmnd_list = cmnd_out; + ctx.user.cmnd_list = cmnd_out; else - user_ctx.cmnd = cmnd_out; + ctx.user.cmnd = cmnd_out; /* Restore root. */ if (runchroot != NULL) @@ -1146,8 +1145,8 @@ error: } /* - * Fill in user_ctx.cmnd, user_ctx.cmnd_stat and cmnd_status variables. - * Does not fill in user_ctx.cmnd_base. + * Fill in ctx.user.cmnd, ctx.user.cmnd_stat and cmnd_status variables. + * Does not fill in ctx.user.cmnd_base. */ void set_cmnd_status(const char *runchroot) @@ -1156,8 +1155,8 @@ set_cmnd_status(const char *runchroot) } /* - * Fill in user_ctx.cmnd, user_ctx.cmnd_args, user_ctx.cmnd_base and - * user_ctx.cmnd_stat variables and apply any command-specific defaults entries. + * Fill in ctx.user.cmnd, ctx.user.cmnd_args, ctx.user.cmnd_base and + * ctx.user.cmnd_stat variables and apply any command-specific defaults entries. */ static int set_cmnd(void) @@ -1166,21 +1165,21 @@ set_cmnd(void) int ret = FOUND; debug_decl(set_cmnd, SUDOERS_DEBUG_PLUGIN); - /* Allocate user_ctx.cmnd_stat for find_path() and match functions. */ - free(user_ctx.cmnd_stat); - user_ctx.cmnd_stat = calloc(1, sizeof(struct stat)); - if (user_ctx.cmnd_stat == NULL) { + /* Allocate ctx.user.cmnd_stat for find_path() and match functions. */ + free(ctx.user.cmnd_stat); + ctx.user.cmnd_stat = calloc(1, sizeof(struct stat)); + if (ctx.user.cmnd_stat == NULL) { sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory")); debug_return_int(NOT_FOUND_ERROR); } /* Re-initialize for when we are called multiple times. */ - free(runas_ctx.cmnd); - runas_ctx.cmnd = NULL; + free(ctx.runas.cmnd); + ctx.runas.cmnd = NULL; if (ISSET(sudo_mode, MODE_RUN|MODE_EDIT|MODE_CHECK)) { if (!ISSET(sudo_mode, MODE_EDIT)) { - const char *runchroot = runas_ctx.chroot; + const char *runchroot = ctx.runas.chroot; if (runchroot == NULL && def_runchroot != NULL && strcmp(def_runchroot, "*") != 0) runchroot = def_runchroot; @@ -1195,14 +1194,14 @@ set_cmnd(void) } } - /* set user_ctx.cmnd_args */ - free(user_ctx.cmnd_args); - user_ctx.cmnd_args = NULL; + /* set ctx.user.cmnd_args */ + free(ctx.user.cmnd_args); + ctx.user.cmnd_args = NULL; if (ISSET(sudo_mode, MODE_CHECK)) { if (NewArgc > 2) { /* Skip the command being listed in NewArgv[1]. */ - user_ctx.cmnd_args = strvec_join(NewArgv + 2, ' ', NULL); - if (user_ctx.cmnd_args == NULL) + ctx.user.cmnd_args = strvec_join(NewArgv + 2, ' ', NULL); + if (ctx.user.cmnd_args == NULL) debug_return_int(NOT_FOUND_ERROR); } } else if (NewArgc > 1) { @@ -1214,23 +1213,23 @@ set_cmnd(void) * for sudoers matching and logging purposes. * TODO: move escaping to the policy plugin instead */ - user_ctx.cmnd_args = strvec_join(NewArgv + 1, ' ', strlcpy_unescape); + ctx.user.cmnd_args = strvec_join(NewArgv + 1, ' ', strlcpy_unescape); } else { - user_ctx.cmnd_args = strvec_join(NewArgv + 1, ' ', NULL); + ctx.user.cmnd_args = strvec_join(NewArgv + 1, ' ', NULL); } - if (user_ctx.cmnd_args == NULL) + if (ctx.user.cmnd_args == NULL) debug_return_int(NOT_FOUND_ERROR); } } - if (user_ctx.cmnd == NULL) { - user_ctx.cmnd = strdup(NewArgv[0]); - if (user_ctx.cmnd == NULL) + if (ctx.user.cmnd == NULL) { + ctx.user.cmnd = strdup(NewArgv[0]); + if (ctx.user.cmnd == NULL) debug_return_int(NOT_FOUND_ERROR); } - user_ctx.cmnd_base = sudo_basename(user_ctx.cmnd); + ctx.user.cmnd_base = sudo_basename(ctx.user.cmnd); /* Convert "sudo sudoedit" -> "sudoedit" */ - if (ISSET(sudo_mode, MODE_RUN) && strcmp(user_ctx.cmnd_base, "sudoedit") == 0) { + if (ISSET(sudo_mode, MODE_RUN) && strcmp(ctx.user.cmnd_base, "sudoedit") == 0) { char *new_cmnd; CLR(sudo_mode, MODE_RUN); @@ -1240,8 +1239,8 @@ set_cmnd(void) sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory")); debug_return_int(NOT_FOUND_ERROR); } - free(user_ctx.cmnd); - user_ctx.cmnd_base = user_ctx.cmnd = new_cmnd; + free(ctx.user.cmnd); + ctx.user.cmnd_base = ctx.user.cmnd = new_cmnd; } TAILQ_FOREACH(nss, snl, entries) { @@ -1371,30 +1370,30 @@ set_loginclass(struct passwd *pw) if (!def_use_loginclass) goto done; - if (runas_ctx.class && strcmp(runas_ctx.class, "-") != 0) { - if (user_ctx.uid != 0 && pw->pw_uid != 0) { - sudo_warnx(U_("only root can use \"-c %s\""), runas_ctx.class); + if (ctx.runas.class && strcmp(ctx.runas.class, "-") != 0) { + if (ctx.user.uid != 0 && pw->pw_uid != 0) { + sudo_warnx(U_("only root can use \"-c %s\""), ctx.runas.class); ret = false; goto done; } } else { - runas_ctx.class = pw->pw_class; - if (!runas_ctx.class || !*runas_ctx.class) - runas_ctx.class = (char *) + ctx.runas.class = pw->pw_class; + if (!ctx.runas.class || !*ctx.runas.class) + ctx.runas.class = (char *) ((pw->pw_uid == 0) ? LOGIN_DEFROOTCLASS : LOGIN_DEFCLASS); } /* Make sure specified login class is valid. */ - lc = login_getclass(runas_ctx.class); - if (!lc || !lc->lc_class || strcmp(lc->lc_class, runas_ctx.class) != 0) { + lc = login_getclass(ctx.runas.class); + if (!lc || !lc->lc_class || strcmp(lc->lc_class, ctx.runas.class) != 0) { /* * Don't make it an error if the user didn't specify the login * class themselves. We do this because if login.conf gets * corrupted we want the admin to be able to use sudo to fix it. */ - log_warningx(errflags, N_("unknown login class %s"), runas_ctx.class); + log_warningx(errflags, N_("unknown login class %s"), ctx.runas.class); def_use_loginclass = false; - if (runas_ctx.class) + if (ctx.runas.class) ret = false; } login_close(lc); @@ -1411,7 +1410,7 @@ set_loginclass(struct passwd *pw) /* * Get passwd entry for the user we are going to run commands as - * and store it in runas_ctx.pw. By default, commands run as "root". + * and store it in ctx.runas.pw. By default, commands run as "root". */ static bool set_runaspw(const char *user, bool quiet) @@ -1426,7 +1425,7 @@ set_runaspw(const char *user, bool quiet) if (errstr == NULL) { if ((pw = sudo_getpwuid(uid)) == NULL) { unknown_runas_uid = true; - pw = sudo_fakepwnam(user, user_ctx.gid); + pw = sudo_fakepwnam(user, ctx.user.gid); } } } @@ -1437,15 +1436,15 @@ set_runaspw(const char *user, bool quiet) debug_return_bool(false); } } - if (runas_ctx.pw != NULL) - sudo_pw_delref(runas_ctx.pw); - runas_ctx.pw = pw; + if (ctx.runas.pw != NULL) + sudo_pw_delref(ctx.runas.pw); + ctx.runas.pw = pw; debug_return_bool(true); } /* * Get group entry for the group we are going to run commands as - * and store it in runas_ctx.gr. + * and store it in ctx.runas.gr. */ static bool set_runasgr(const char *group, bool quiet) @@ -1471,9 +1470,9 @@ set_runasgr(const char *group, bool quiet) debug_return_bool(false); } } - if (runas_ctx.gr != NULL) - sudo_gr_delref(runas_ctx.gr); - runas_ctx.gr = gr; + if (ctx.runas.gr != NULL) + sudo_gr_delref(ctx.runas.gr); + ctx.runas.gr = gr; debug_return_bool(true); } @@ -1487,7 +1486,7 @@ cb_runas_default(const char *file, int line, int column, debug_decl(cb_runas_default, SUDOERS_DEBUG_PLUGIN); /* Only reset runaspw if user didn't specify one. */ - if (runas_ctx.user == NULL && runas_ctx.group == NULL) + if (ctx.runas.user == NULL && ctx.runas.group == NULL) debug_return_bool(set_runaspw(sd_un->str, true)); debug_return_bool(true); } @@ -1501,30 +1500,30 @@ sudoers_user_ctx_free(void) debug_decl(sudoers_user_ctx_free, SUDOERS_DEBUG_PLUGIN); /* Free remaining references to password and group entries. */ - if (user_ctx.pw != NULL) - sudo_pw_delref(user_ctx.pw); - if (user_ctx.gid_list != NULL) - sudo_gidlist_delref(user_ctx.gid_list); + if (ctx.user.pw != NULL) + sudo_pw_delref(ctx.user.pw); + if (ctx.user.gid_list != NULL) + sudo_gidlist_delref(ctx.user.gid_list); - /* Free dynamic contents of user_ctx. */ - free(user_ctx.cwd); - free(user_ctx.name); - free(user_ctx.gids); - if (user_ctx.ttypath != NULL) - free(user_ctx.ttypath); + /* Free dynamic contents of ctx.user. */ + free(ctx.user.cwd); + free(ctx.user.name); + free(ctx.user.gids); + if (ctx.user.ttypath != NULL) + free(ctx.user.ttypath); else - free(user_ctx.tty); - if (user_ctx.shost != user_ctx.host) - free(user_ctx.shost); - free(user_ctx.host); - free(user_ctx.cmnd); - canon_path_free(user_ctx.cmnd_dir); - free(user_ctx.cmnd_args); - free(user_ctx.cmnd_list); - free(user_ctx.cmnd_saved); - free(user_ctx.source); - free(user_ctx.cmnd_stat); - memset(&user_ctx, 0, sizeof(user_ctx)); + free(ctx.user.tty); + if (ctx.user.shost != ctx.user.host) + free(ctx.user.shost); + free(ctx.user.host); + free(ctx.user.cmnd); + canon_path_free(ctx.user.cmnd_dir); + free(ctx.user.cmnd_args); + free(ctx.user.cmnd_list); + free(ctx.user.cmnd_saved); + free(ctx.user.source); + free(ctx.user.cmnd_stat); + memset(&ctx.user, 0, sizeof(ctx.user)); debug_return; } @@ -1538,30 +1537,30 @@ sudoers_runas_ctx_free(void) debug_decl(sudoers_runas_ctx_free, SUDOERS_DEBUG_PLUGIN); /* Free remaining references to password and group entries. */ - if (runas_ctx.pw != NULL) - sudo_pw_delref(runas_ctx.pw); - if (runas_ctx.gr != NULL) - sudo_gr_delref(runas_ctx.gr); - if (runas_ctx.list_pw != NULL) - sudo_pw_delref(runas_ctx.list_pw); + if (ctx.runas.pw != NULL) + sudo_pw_delref(ctx.runas.pw); + if (ctx.runas.gr != NULL) + sudo_gr_delref(ctx.runas.gr); + if (ctx.runas.list_pw != NULL) + sudo_pw_delref(ctx.runas.list_pw); - /* Free dynamic contents of runas_ctx. */ - free(runas_ctx.cmnd); - if (runas_ctx.shost != runas_ctx.host) - free(runas_ctx.shost); - free(runas_ctx.host); + /* Free dynamic contents of ctx.runas. */ + free(ctx.runas.cmnd); + if (ctx.runas.shost != ctx.runas.host) + free(ctx.runas.shost); + free(ctx.runas.host); #ifdef HAVE_SELINUX - free(runas_ctx.role); - free(runas_ctx.type); + free(ctx.runas.role); + free(ctx.runas.type); #endif #ifdef HAVE_APPARMOR - free(runas_ctx.apparmor_profile); + free(ctx.runas.apparmor_profile); #endif #ifdef HAVE_PRIV_SET - free(runas_ctx.privs); - free(runas_ctx.limitprivs); + free(ctx.runas.privs); + free(ctx.runas.limitprivs); #endif - memset(&runas_ctx, 0, sizeof(runas_ctx)); + memset(&ctx.runas, 0, sizeof(ctx.runas)); debug_return; } @@ -1619,7 +1618,7 @@ tty_present(void) { debug_decl(tty_present, SUDOERS_DEBUG_PLUGIN); - if (user_ctx.tcpgid == 0 && user_ctx.ttypath == NULL) { + if (ctx.user.tcpgid == 0 && ctx.user.ttypath == NULL) { /* No job control or terminal, check /dev/tty. */ int fd = open(_PATH_TTY, O_RDWR); if (fd == -1) diff --git a/plugins/sudoers/sudoers.h b/plugins/sudoers/sudoers.h index 4c50d36b7..2b7b273f4 100644 --- a/plugins/sudoers/sudoers.h +++ b/plugins/sudoers/sudoers.h @@ -77,7 +77,6 @@ struct group_list { /* * Info pertaining to the invoking user. - * XXX - can we embed struct eventlog here or use it instead? */ struct sudoers_user_context { struct timespec submit_time; @@ -104,7 +103,6 @@ struct sudoers_user_context { char *iolog_file; char *iolog_path; GETGROUPS_T *gids; - unsigned int flags; int ngids; int closefrom; int lines; @@ -118,8 +116,10 @@ struct sudoers_user_context { char uuid_str[37]; }; +/* + * Info pertaining to the runas user. + */ struct sudoers_runas_context { - unsigned int flags; int execfd; struct passwd *pw; struct group *gr; @@ -145,6 +145,26 @@ struct sudoers_runas_context { #endif }; +/* + * Settings passed in from the sudo front-end. + */ +struct sudoers_plugin_settings { + unsigned int flags; + int max_groups; + const char *plugin_dir; + const char *ldap_conf; + const char *ldap_secret; +}; + +/* + * Global configuration for the sudoers module. + */ +struct sudoers_context { + struct sudoers_user_context user; + struct sudoers_runas_context runas; + struct sudoers_plugin_settings settings; +}; + /* * sudo_get_gidlist() type values */ @@ -153,17 +173,13 @@ struct sudoers_runas_context { #define ENTRY_TYPE_FRONTEND 0x02 /* - * user_ctx.flag values - */ -#define CAN_INTERCEPT_SETID 0x01U -#define HAVE_INTERCEPT_PTRACE 0x02U -#define USER_INTERCEPT_SETID 0x04U - -/* - * runas_ctx.flag values + * sudoers_plugin_settings.flag values */ #define RUNAS_USER_SPECIFIED 0x01U #define RUNAS_GROUP_SPECIFIED 0x02U +#define CAN_INTERCEPT_SETID 0x04U +#define HAVE_INTERCEPT_PTRACE 0x08U +#define USER_INTERCEPT_SETID 0x10U /* * Return values for sudoers_lookup(), also used as arguments for log_auth() @@ -385,8 +401,7 @@ int sudoers_list(int argc, char *const argv[], const char *list_user, bool verbo int sudoers_validate_user(void); void sudoers_cleanup(void); bool sudoers_override_umask(void); -extern struct sudoers_user_context user_ctx; -extern struct sudoers_runas_context runas_ctx; +extern struct sudoers_context ctx; extern unsigned int sudo_mode; extern int sudoedit_nfiles; extern sudo_conv_t sudo_conv; diff --git a/plugins/sudoers/testsudoers.c b/plugins/sudoers/testsudoers.c index 7efce88c9..83d6222de 100644 --- a/plugins/sudoers/testsudoers.c +++ b/plugins/sudoers/testsudoers.c @@ -79,8 +79,7 @@ static int testsudoers_query(const struct sudo_nss *nss, struct passwd *pw); /* * Globals */ -struct sudoers_user_context user_ctx; -struct sudoers_runas_context runas_ctx; +struct sudoers_context ctx; static const char *orig_cmnd; static char *runas_group, *runas_user; unsigned int sudo_mode = MODE_RUN; @@ -136,7 +135,7 @@ main(int argc, char *argv[]) while ((ch = getopt(argc, argv, "+D:dg:G:h:i:L:lP:p:R:T:tu:U:v")) != -1) { switch (ch) { case 'D': - runas_ctx.cwd = optarg; + ctx.runas.cwd = optarg; break; case 'd': dflag = 1; @@ -149,10 +148,10 @@ main(int argc, char *argv[]) break; case 'g': runas_group = optarg; - SET(runas_ctx.flags, RUNAS_GROUP_SPECIFIED); + SET(ctx.settings.flags, RUNAS_GROUP_SPECIFIED); break; case 'h': - user_ctx.host = optarg; + ctx.user.host = optarg; break; case 'i': if (strcasecmp(optarg, "ldif") == 0) { @@ -165,8 +164,8 @@ main(int argc, char *argv[]) } break; case 'L': - runas_ctx.list_pw = sudo_getpwnam(optarg); - if (runas_ctx.list_pw == NULL) { + ctx.runas.list_pw = sudo_getpwnam(optarg); + if (ctx.runas.list_pw == NULL) { sudo_warnx(U_("unknown user %s"), optarg); usage(); } @@ -193,7 +192,7 @@ main(int argc, char *argv[]) sudo_fatalx("invalid time: %s", optarg); break; case 'R': - runas_ctx.chroot = optarg; + ctx.runas.chroot = optarg; break; case 't': trace_print = testsudoers_error; @@ -206,7 +205,7 @@ main(int argc, char *argv[]) break; case 'u': runas_user = optarg; - SET(runas_ctx.flags, RUNAS_USER_SPECIFIED); + SET(ctx.settings.flags, RUNAS_USER_SPECIFIED); break; case 'v': if (sudo_mode != MODE_RUN) { @@ -246,48 +245,48 @@ main(int argc, char *argv[]) } else if (pwflag == 0) { usage(); } - user_ctx.name = argc ? *argv++ : (char *)"root"; + ctx.user.name = argc ? *argv++ : (char *)"root"; argc = 0; } else { if (argc > 2 && sudo_mode == MODE_LIST) sudo_mode = MODE_CHECK; - user_ctx.name = *argv++; + ctx.user.name = *argv++; argc--; if (orig_cmnd == NULL) { orig_cmnd = *argv++; argc--; } } - user_ctx.cmnd = strdup(orig_cmnd); - if (user_ctx.cmnd == NULL) + ctx.user.cmnd = strdup(orig_cmnd); + if (ctx.user.cmnd == NULL) sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); - user_ctx.cmnd_base = sudo_basename(user_ctx.cmnd); + ctx.user.cmnd_base = sudo_basename(ctx.user.cmnd); if (getcwd(cwdbuf, sizeof(cwdbuf)) == NULL) strlcpy(cwdbuf, "/", sizeof(cwdbuf)); - user_ctx.cwd = cwdbuf; + ctx.user.cwd = cwdbuf; - if ((user_ctx.pw = sudo_getpwnam(user_ctx.name)) == NULL) - sudo_fatalx(U_("unknown user %s"), user_ctx.name); - user_ctx.uid = user_ctx.pw->pw_uid; - user_ctx.gid = user_ctx.pw->pw_gid; + if ((ctx.user.pw = sudo_getpwnam(ctx.user.name)) == NULL) + sudo_fatalx(U_("unknown user %s"), ctx.user.name); + ctx.user.uid = ctx.user.pw->pw_uid; + ctx.user.gid = ctx.user.pw->pw_gid; - if (user_ctx.host == NULL) { - if ((user_ctx.host = sudo_gethostname()) == NULL) + if (ctx.user.host == NULL) { + if ((ctx.user.host = sudo_gethostname()) == NULL) sudo_fatal("gethostname"); } - if ((p = strchr(user_ctx.host, '.'))) { + if ((p = strchr(ctx.user.host, '.'))) { *p = '\0'; - if ((user_ctx.shost = strdup(user_ctx.host)) == NULL) + if ((ctx.user.shost = strdup(ctx.user.host)) == NULL) sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); *p = '.'; } else { - user_ctx.shost = user_ctx.host; + ctx.user.shost = ctx.user.host; } - runas_ctx.host = user_ctx.host; - runas_ctx.shost = user_ctx.shost; + ctx.runas.host = ctx.user.host; + ctx.runas.shost = ctx.user.shost; - /* Fill in user_ctx.cmnd_args from argv. */ + /* Fill in ctx.user.cmnd_args from argv. */ if (argc > 0) { char *to, **from; size_t size, n; @@ -295,11 +294,11 @@ main(int argc, char *argv[]) for (size = 0, from = argv; *from; from++) size += strlen(*from) + 1; - if ((user_ctx.cmnd_args = malloc(size)) == NULL) + if ((ctx.user.cmnd_args = malloc(size)) == NULL) sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); - for (to = user_ctx.cmnd_args, from = argv; *from; from++) { - n = strlcpy(to, *from, size - (size_t)(to - user_ctx.cmnd_args)); - if (n >= size - (size_t)(to - user_ctx.cmnd_args)) + for (to = ctx.user.cmnd_args, from = argv; *from; from++) { + n = strlcpy(to, *from, size - (size_t)(to - ctx.user.cmnd_args)); + if (n >= size - (size_t)(to - ctx.user.cmnd_args)) sudo_fatalx(U_("internal error, %s overflow"), getprogname()); to += n; *to++ = ' '; @@ -339,7 +338,7 @@ main(int argc, char *argv[]) */ if (runas_group != NULL) { set_runasgr(runas_group); - set_runaspw(runas_user ? runas_user : user_ctx.name); + set_runaspw(runas_user ? runas_user : ctx.user.name); } else set_runaspw(runas_user ? runas_user : def_runas_default); @@ -379,27 +378,27 @@ main(int argc, char *argv[]) testsudoers_nss.query = testsudoers_query; testsudoers_nss.parse_tree = &parsed_policy; - printf("\nEntries for user %s:\n", user_ctx.name); - validated = sudoers_lookup(&snl, user_ctx.pw, now, cb_lookup, NULL, + printf("\nEntries for user %s:\n", ctx.user.name); + validated = sudoers_lookup(&snl, ctx.user.pw, now, cb_lookup, NULL, &status, pwflag); /* Validate user-specified chroot or cwd (if any) and runas user shell. */ if (ISSET(validated, VALIDATE_SUCCESS)) { - if (!check_user_shell(runas_ctx.pw)) { + if (!check_user_shell(ctx.runas.pw)) { printf(U_("\nInvalid shell for user %s: %s\n"), - runas_ctx.pw->pw_name, runas_ctx.pw->pw_shell); + ctx.runas.pw->pw_name, ctx.runas.pw->pw_shell); CLR(validated, VALIDATE_SUCCESS); SET(validated, VALIDATE_FAILURE); } - if (check_user_runchroot(runas_ctx.chroot) != true) { + if (check_user_runchroot(ctx.runas.chroot) != true) { printf("\nUser %s is not allowed to change root directory to %s\n", - user_ctx.name, runas_ctx.chroot); + ctx.user.name, ctx.runas.chroot); CLR(validated, VALIDATE_SUCCESS); SET(validated, VALIDATE_FAILURE); } - if (check_user_runcwd(runas_ctx.cwd) != true) { + if (check_user_runcwd(ctx.runas.cwd) != true) { printf("\nUser %s is not allowed to change directory to %s\n", - user_ctx.name, runas_ctx.cwd); + ctx.user.name, ctx.runas.cwd); CLR(validated, VALIDATE_SUCCESS); SET(validated, VALIDATE_FAILURE); } @@ -447,16 +446,16 @@ set_runaspw(const char *user) uid_t uid = sudo_strtoid(user + 1, &errstr); if (errstr == NULL) { if ((pw = sudo_getpwuid(uid)) == NULL) - pw = sudo_fakepwnam(user, user_ctx.gid); + pw = sudo_fakepwnam(user, ctx.user.gid); } } if (pw == NULL) { if ((pw = sudo_getpwnam(user)) == NULL) sudo_fatalx(U_("unknown user %s"), user); } - if (runas_ctx.pw != NULL) - sudo_pw_delref(runas_ctx.pw); - runas_ctx.pw = pw; + if (ctx.runas.pw != NULL) + sudo_pw_delref(ctx.runas.pw); + ctx.runas.pw = pw; debug_return; } @@ -478,9 +477,9 @@ set_runasgr(const char *group) if ((gr = sudo_getgrnam(group)) == NULL) sudo_fatalx(U_("unknown group %s"), group); } - if (runas_ctx.gr != NULL) - sudo_gr_delref(runas_ctx.gr); - runas_ctx.gr = gr; + if (ctx.runas.gr != NULL) + sudo_gr_delref(ctx.runas.gr); + ctx.runas.gr = gr; debug_return; } @@ -615,12 +614,12 @@ unpivot_root(int fds[2]) int set_cmnd_path(const char *runchroot) { - /* Reallocate user_ctx.cmnd to catch bugs in command_matches(). */ + /* Reallocate ctx.user.cmnd to catch bugs in command_matches(). */ char *new_cmnd = strdup(orig_cmnd); if (new_cmnd == NULL) return NOT_FOUND_ERROR; - free(user_ctx.cmnd); - user_ctx.cmnd = new_cmnd; + free(ctx.user.cmnd); + ctx.user.cmnd = new_cmnd; return FOUND; } diff --git a/plugins/sudoers/timestamp.c b/plugins/sudoers/timestamp.c index 91d916e53..9d2ff7d79 100644 --- a/plugins/sudoers/timestamp.c +++ b/plugins/sudoers/timestamp.c @@ -405,14 +405,14 @@ ts_init_key(struct timestamp_entry *entry, struct passwd *pw, } else { entry->flags |= TS_ANYUID; } - entry->sid = user_ctx.sid; + entry->sid = ctx.user.sid; switch (ticket_type) { default: /* Unknown time stamp ticket type, treat as tty (should not happen). */ sudo_warnx("unknown time stamp ticket type %d", ticket_type); FALLTHROUGH; case tty: - if (user_ctx.ttypath != NULL && stat(user_ctx.ttypath, &sb) == 0) { + if (ctx.user.ttypath != NULL && stat(ctx.user.ttypath, &sb) == 0) { /* tty-based time stamp */ entry->type = TS_TTY; entry->u.ttydev = sb.st_rdev; @@ -1039,7 +1039,7 @@ timestamp_remove(bool unlink_it) goto done; } - if (asprintf(&fname, "%s/%s", def_timestampdir, user_ctx.name) == -1) { + if (asprintf(&fname, "%s/%s", def_timestampdir, ctx.user.name) == -1) { sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory")); ret = -1; goto done; @@ -1047,12 +1047,12 @@ timestamp_remove(bool unlink_it) /* For "sudo -K" simply unlink the time stamp file. */ if (unlink_it) { - ret = unlinkat(dfd, user_ctx.name, 0) ? -1 : true; + ret = unlinkat(dfd, ctx.user.name, 0) ? -1 : true; goto done; } /* Open time stamp file and lock it for exclusive access. */ - fd = ts_openat(dfd, user_ctx.name, O_RDWR); + fd = ts_openat(dfd, ctx.user.name, O_RDWR); switch (fd) { case TIMESTAMP_OPEN_ERROR: if (errno != ENOENT) @@ -1107,7 +1107,7 @@ already_lectured(void) dfd = ts_secure_opendir(def_lecture_status_dir, false, true); if (dfd != -1) { - ret = fstatat(dfd, user_ctx.name, &sb, AT_SYMLINK_NOFOLLOW) == 0; + ret = fstatat(dfd, ctx.user.name, &sb, AT_SYMLINK_NOFOLLOW) == 0; close(dfd); } debug_return_bool(ret); @@ -1129,7 +1129,7 @@ set_lectured(void) goto done; /* Create lecture file. */ - fd = ts_openat(dfd, user_ctx.name, O_WRONLY|O_CREAT|O_EXCL); + fd = ts_openat(dfd, ctx.user.name, O_WRONLY|O_CREAT|O_EXCL); switch (fd) { case TIMESTAMP_OPEN_ERROR: /* Failed to open, not a fatal error. */ @@ -1171,7 +1171,7 @@ create_admin_success_flag(struct passwd *pw) sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory")); debug_return_int(-1); } - if (!expand_tilde(&flagfile, user_ctx.name)) { + if (!expand_tilde(&flagfile, ctx.user.name)) { free(flagfile); debug_return_int(false); } diff --git a/plugins/sudoers/toke.c b/plugins/sudoers/toke.c index 53dec0726..8dd20c440 100644 --- a/plugins/sudoers/toke.c +++ b/plugins/sudoers/toke.c @@ -5894,7 +5894,7 @@ init_lexer(void) } /* - * Like strlcpy() but expand %h escapes to user_ctx.shost. + * Like strlcpy() but expand %h escapes to ctx.user.shost. */ static size_t strlcpy_expand_host(char *dst, const char *src, size_t size) @@ -5905,7 +5905,7 @@ strlcpy_expand_host(char *dst, const char *src, size_t size) while ((ch = *src++) != '\0') { if (ch == '%' && *src == 'h') { - size_t n = strlcpy(dst, user_ctx.shost, size); + size_t n = strlcpy(dst, ctx.user.shost, size); len += n; if (n >= size) { /* truncated */ @@ -5967,7 +5967,7 @@ expand_include(const char *src) if (*src == '/') { /* Fully-qualified path, make a copy and expand %h escapes. */ - dst_size = src_len + (nhost * strlen(user_ctx.shost)) - (nhost * 2) + 1; + dst_size = src_len + (nhost * strlen(ctx.user.shost)) - (nhost * 2) + 1; dst0 = sudo_rcstr_alloc(dst_size - 1); if (dst0 == NULL) { sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory")); @@ -5992,7 +5992,7 @@ expand_include(const char *src) dst_size += (size_t)(dirend - cp) + 1; } /* Includes space for ':' separator and NUL terminator. */ - dst_size += src_len + (nhost * strlen(user_ctx.shost)) - (nhost * 2) + 1; + dst_size += src_len + (nhost * strlen(ctx.user.shost)) - (nhost * 2) + 1; } /* Make a copy of the fully-qualified path and return it. */ diff --git a/plugins/sudoers/toke.l b/plugins/sudoers/toke.l index 5aecde96b..e14380aec 100644 --- a/plugins/sudoers/toke.l +++ b/plugins/sudoers/toke.l @@ -1115,7 +1115,7 @@ init_lexer(void) } /* - * Like strlcpy() but expand %h escapes to user_ctx.shost. + * Like strlcpy() but expand %h escapes to ctx.user.shost. */ static size_t strlcpy_expand_host(char *dst, const char *src, size_t size) @@ -1126,7 +1126,7 @@ strlcpy_expand_host(char *dst, const char *src, size_t size) while ((ch = *src++) != '\0') { if (ch == '%' && *src == 'h') { - size_t n = strlcpy(dst, user_ctx.shost, size); + size_t n = strlcpy(dst, ctx.user.shost, size); len += n; if (n >= size) { /* truncated */ @@ -1188,7 +1188,7 @@ expand_include(const char *src) if (*src == '/') { /* Fully-qualified path, make a copy and expand %h escapes. */ - dst_size = src_len + (nhost * strlen(user_ctx.shost)) - (nhost * 2) + 1; + dst_size = src_len + (nhost * strlen(ctx.user.shost)) - (nhost * 2) + 1; dst0 = sudo_rcstr_alloc(dst_size - 1); if (dst0 == NULL) { sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory")); @@ -1213,7 +1213,7 @@ expand_include(const char *src) dst_size += (size_t)(dirend - cp) + 1; } /* Includes space for ':' separator and NUL terminator. */ - dst_size += src_len + (nhost * strlen(user_ctx.shost)) - (nhost * 2) + 1; + dst_size += src_len + (nhost * strlen(ctx.user.shost)) - (nhost * 2) + 1; } /* Make a copy of the fully-qualified path and return it. */ diff --git a/plugins/sudoers/visudo.c b/plugins/sudoers/visudo.c index 35e76891c..19cf07395 100644 --- a/plugins/sudoers/visudo.c +++ b/plugins/sudoers/visudo.c @@ -108,8 +108,7 @@ extern void get_hostname(void); /* * Globals */ -struct sudoers_user_context user_ctx; -struct sudoers_runas_context runas_ctx; +struct sudoers_context ctx; static const char *path_sudoers = _PATH_SUDOERS; static struct sudoersfile_list sudoerslist = TAILQ_HEAD_INITIALIZER(sudoerslist); static struct sudoers_parser_config sudoers_conf = SUDOERS_PARSER_CONFIG_INITIALIZER; @@ -259,16 +258,16 @@ main(int argc, char *argv[]) } /* Mock up a fake struct sudoers_user_context. */ - user_ctx.cmnd = user_ctx.cmnd_base = strdup("true"); - if (user_ctx.cmnd == NULL) + ctx.user.cmnd = ctx.user.cmnd_base = strdup("true"); + if (ctx.user.cmnd == NULL) sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory")); if (geteuid() == 0) { const char *user = getenv("SUDO_USER"); if (user != NULL && *user != '\0') - user_ctx.pw = sudo_getpwnam(user); + ctx.user.pw = sudo_getpwnam(user); } - if (user_ctx.pw == NULL) { - if ((user_ctx.pw = sudo_getpwuid(getuid())) == NULL) + if (ctx.user.pw == NULL) { + if ((ctx.user.pw = sudo_getpwuid(getuid())) == NULL) sudo_fatalx(U_("you do not exist in the %s database"), "passwd"); } get_hostname();