isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add a sudoers_context struct that embeds the user and runas structs.

Browse Source
This commit is contained in:
Todd C. Miller
2023-08-20 16:27:08 -06:00
parent 1b9fb405a3
commit 2d2529a15e
36 changed files with 920 additions and 912 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
plugins/sudoers/audit.c
View File

@@ -355,7 +355,7 @@ sudoers_audit_accept(const char *plugin_name, unsigned int plugin_type,
ret = false;
if (!ISSET(sudo_mode, MODE_POLICY_INTERCEPTED))
uuid_str = user_ctx.uuid_str;
uuid_str = ctx.user.uuid_str;
audit_to_eventlog(&evlog, command_info, run_argv, run_envp, uuid_str);
if (!log_allowed(&evlog) && !def_ignore_logfile_errors)

2
plugins/sudoers/auth/bsdauth.c
View File

@@ -92,7 +92,7 @@ bsdauth_init(struct passwd *pw, sudo_auth *auth)
if (auth_setitem(state.as, AUTHV_STYLE, login_style) < 0 ||
auth_setitem(state.as, AUTHV_NAME, pw->pw_name) < 0 ||
auth_setitem(state.as, AUTHV_CLASS, runas_ctx.class) < 0) {
auth_setitem(state.as, AUTHV_CLASS, ctx.runas.class) < 0) {
log_warningx(0, N_("unable to initialize BSD authentication"));
goto bad;
}

18
plugins/sudoers/auth/pam.c
View File

@@ -191,7 +191,7 @@ static int
sudo_pam_init2(struct passwd *pw, sudo_auth *auth, bool quiet)
{
static int pam_status = PAM_SUCCESS;
const char *ttypath = user_ctx.ttypath;
const char *ttypath = ctx.user.ttypath;
const char *errstr, *pam_service;
int rc;
debug_decl(sudo_pam_init, SUDOERS_DEBUG_AUTH);
@@ -234,19 +234,19 @@ sudo_pam_init2(struct passwd *pw, sudo_auth *auth, bool quiet)
* Note: PAM_RHOST may cause a DNS lookup on Linux in libaudit.
*/
if (def_pam_ruser) {
rc = pam_set_item(pamh, PAM_RUSER, user_ctx.name);
rc = pam_set_item(pamh, PAM_RUSER, ctx.user.name);
if (rc != PAM_SUCCESS) {
errstr = sudo_pam_strerror(pamh, rc);
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"pam_set_item(pamh, PAM_RUSER, %s): %s", user_ctx.name, errstr);
"pam_set_item(pamh, PAM_RUSER, %s): %s", ctx.user.name, errstr);
}
}
if (def_pam_rhost) {
rc = pam_set_item(pamh, PAM_RHOST, user_ctx.host);
rc = pam_set_item(pamh, PAM_RHOST, ctx.user.host);
if (rc != PAM_SUCCESS) {
errstr = sudo_pam_strerror(pamh, rc);
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"pam_set_item(pamh, PAM_RHOST, %s): %s", user_ctx.host, errstr);
"pam_set_item(pamh, PAM_RHOST, %s): %s", ctx.user.host, errstr);
}
}
if (ttypath != NULL) {
@@ -297,8 +297,8 @@ sudo_pam_verify(struct passwd *pw, const char *prompt, sudo_auth *auth, struct s
/* Set KRB5CCNAME from the user environment if not set to propagate this
* information to PAM modules that may use it to authentication. */
envccname = sudo_getenv("KRB5CCNAME");
if (envccname == NULL && user_ctx.ccname != NULL) {
if (sudo_setenv("KRB5CCNAME", user_ctx.ccname, true) != 0) {
if (envccname == NULL && ctx.user.ccname != NULL) {
if (sudo_setenv("KRB5CCNAME", ctx.user.ccname, true) != 0) {
sudo_debug_printf(SUDO_DEBUG_WARN|SUDO_DEBUG_LINENO,
"unable to set KRB5CCNAME");
debug_return_int(AUTH_FAILURE);
@@ -631,8 +631,8 @@ use_pam_prompt(const char *pam_prompt)
* Some PAM modules use "^username's Password: ?$" instead of
* "^Password: ?" so check for that too.
*/
user_len = strlen(user_ctx.name);
if (strncmp(pam_prompt, user_ctx.name, user_len) == 0) {
user_len = strlen(ctx.user.name);
if (strncmp(pam_prompt, ctx.user.name, user_len) == 0) {
const char *cp = pam_prompt + user_len;
if (strncmp(cp, "'s Password:", 12) == 0 &&
(cp[12] == '\0' || (cp[12] == ' ' && cp[13] == '\0')))

2
plugins/sudoers/auth/passwd.c
View File

@@ -50,7 +50,7 @@ sudo_passwd_init(struct passwd *pw, sudo_auth *auth)
debug_return_int(AUTH_SUCCESS);
#ifdef HAVE_SKEYACCESS
if (skeyaccess(pw, user_ctx.tty, NULL, NULL) == 0)
if (skeyaccess(pw, ctx.user.tty, NULL, NULL) == 0)
debug_return_int(AUTH_FAILURE);
#endif
sudo_setspent();

4
plugins/sudoers/auth/sia.c
View File

@@ -65,7 +65,7 @@ sudo_sia_setup(struct passwd *pw, char **promptp, sudo_auth *auth)
sudo_argv[sudo_argc] = NULL;
/* We don't let SIA prompt the user for input. */
if (sia_ses_init(&siah, sudo_argc, sudo_argv, NULL, pw->pw_name, user_ctx.ttypath, 0, NULL) != SIASUCCESS) {
if (sia_ses_init(&siah, sudo_argc, sudo_argv, NULL, pw->pw_name, ctx.user.ttypath, 0, NULL) != SIASUCCESS) {
log_warning(0, N_("unable to initialize SIA session"));
debug_return_int(AUTH_FATAL);
}
@@ -122,7 +122,7 @@ sudo_sia_begin_session(struct passwd *pw, char **user_envp[], sudo_auth *auth)
debug_decl(sudo_sia_begin_session, SUDOERS_DEBUG_AUTH);
/* Re-init sia for the target user's session. */
if (sia_ses_init(&siah, NewArgc, NewArgv, NULL, pw->pw_name, user_ctx.ttypath, 0, NULL) != SIASUCCESS) {
if (sia_ses_init(&siah, NewArgc, NewArgv, NULL, pw->pw_name, ctx.user.ttypath, 0, NULL) != SIASUCCESS) {
log_warning(0, N_("unable to initialize SIA session"));
goto done;
}

58
plugins/sudoers/callbacks.c
View File

@@ -95,7 +95,7 @@ resolve_host(const char *host, char **longp, char **shortp)
/*
* Look up the fully qualified domain name of user and runas hosts.
* Sets user_ctx.host, user_ctx.shost, runas_ctx.host and runas_ctx.shost.
* Sets ctx.user.host, ctx.user.shost, ctx.runas.host and ctx.runas.shost.
*/
static bool
cb_fqdn(const char *file, int line, int column,
@@ -111,35 +111,35 @@ cb_fqdn(const char *file, int line, int column,
debug_return_bool(true);
/* If the -h flag was given we need to resolve both host names. */
remote = strcmp(runas_ctx.host, user_ctx.host) != 0;
remote = strcmp(ctx.runas.host, ctx.user.host) != 0;
/* First resolve user_ctx.host, setting host and shost. */
if (resolve_host(user_ctx.host, &lhost, &shost) != 0) {
if ((rc = resolve_host(runas_ctx.host, &lhost, &shost)) != 0) {
/* First resolve ctx.user.host, setting host and shost. */
if (resolve_host(ctx.user.host, &lhost, &shost) != 0) {
if ((rc = resolve_host(ctx.runas.host, &lhost, &shost)) != 0) {
gai_log_warning(SLOG_PARSE_ERROR|SLOG_RAW_MSG, rc,
N_("unable to resolve host %s"), user_ctx.host);
N_("unable to resolve host %s"), ctx.user.host);
debug_return_bool(false);
}
}
if (user_ctx.shost != user_ctx.host)
free(user_ctx.shost);
free(user_ctx.host);
user_ctx.host = lhost;
user_ctx.shost = shost;
if (ctx.user.shost != ctx.user.host)
free(ctx.user.shost);
free(ctx.user.host);
ctx.user.host = lhost;
ctx.user.shost = shost;
/* Next resolve runas_ctx.host, setting host and shost in runas_ctx. */
/* Next resolve ctx.runas.host, setting host and shost in ctx.runas. */
lhost = shost = NULL;
if (remote) {
if ((rc = resolve_host(runas_ctx.host, &lhost, &shost)) != 0) {
if ((rc = resolve_host(ctx.runas.host, &lhost, &shost)) != 0) {
gai_log_warning(SLOG_NO_LOG|SLOG_RAW_MSG, rc,
N_("unable to resolve host %s"), runas_ctx.host);
N_("unable to resolve host %s"), ctx.runas.host);
debug_return_bool(false);
}
} else {
/* Not remote, just use user_ctx.host. */
if ((lhost = strdup(user_ctx.host)) != NULL) {
if (user_ctx.shost != user_ctx.host)
shost = strdup(user_ctx.shost);
/* Not remote, just use ctx.user.host. */
if ((lhost = strdup(ctx.user.host)) != NULL) {
if (ctx.user.shost != ctx.user.host)
shost = strdup(ctx.user.shost);
else
shost = lhost;
}
@@ -152,16 +152,16 @@ cb_fqdn(const char *file, int line, int column,
}
}
if (lhost != NULL && shost != NULL) {
if (runas_ctx.shost != runas_ctx.host)
free(runas_ctx.shost);
free(runas_ctx.host);
runas_ctx.host = lhost;
runas_ctx.shost = shost;
if (ctx.runas.shost != ctx.runas.host)
free(ctx.runas.shost);
free(ctx.runas.host);
ctx.runas.host = lhost;
ctx.runas.shost = shost;
}
sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO,
"host %s, shost %s, runas host %s, runas shost %s",
user_ctx.host, user_ctx.shost, runas_ctx.host, runas_ctx.shost);
ctx.user.host, ctx.user.shost, ctx.runas.host, ctx.runas.shost);
debug_return_bool(true);
}
@@ -227,11 +227,11 @@ cb_runchroot(const char *file, int line, int column,
sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO,
"def_runchroot now %s", sd_un->str);
if (user_ctx.cmnd != NULL) {
/* Update user_ctx.cmnd and cmnd_status based on the new chroot. */
if (ctx.user.cmnd != NULL) {
/* Update ctx.user.cmnd and cmnd_status based on the new chroot. */
set_cmnd_status(sd_un->str);
sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO,
"user_ctx.cmnd now %s", user_ctx.cmnd);
"ctx.user.cmnd now %s", ctx.user.cmnd);
}
debug_return_bool(true);
@@ -409,7 +409,7 @@ cb_intercept_type(const char *file, int line, int column,
/* Set explicitly in sudoers. */
if (sd_un->tuple == dso) {
/* Reset intercept_allow_setid default value. */
if (!ISSET(user_ctx.flags, USER_INTERCEPT_SETID))
if (!ISSET(ctx.settings.flags, USER_INTERCEPT_SETID))
def_intercept_allow_setid = false;
}
}
@@ -426,7 +426,7 @@ cb_intercept_allow_setid(const char *file, int line, int column,
/* Operator will be -1 if set by front-end. */
if (op != -1) {
/* Set explicitly in sudoers. */
SET(user_ctx.flags, USER_INTERCEPT_SETID);
SET(ctx.settings.flags, USER_INTERCEPT_SETID);
}
debug_return_bool(true);

38
plugins/sudoers/check.c
View File

@@ -72,7 +72,7 @@ getpass_resume(int signo, void *vclosure)
{
struct getpass_closure *closure = vclosure;
closure->cookie = timestamp_open(user_ctx.name, user_ctx.sid);
closure->cookie = timestamp_open(ctx.user.name, ctx.user.sid);
if (closure->cookie == NULL)
return -1;
if (!timestamp_lock(closure->cookie, closure->auth_pw))
@@ -103,7 +103,7 @@ check_user_interactive(unsigned int validated, unsigned int mode,
/* Open, lock and read time stamp file if we are using it. */
if (!ISSET(mode, MODE_IGNORE_TICKET)) {
/* Open time stamp file and check its status. */
closure->cookie = timestamp_open(user_ctx.name, user_ctx.sid);
closure->cookie = timestamp_open(ctx.user.name, ctx.user.sid);
if (closure->cookie != NULL) {
if (timestamp_lock(closure->cookie, closure->auth_pw)) {
closure->tstat = timestamp_status(closure->cookie,
@@ -138,7 +138,7 @@ check_user_interactive(unsigned int validated, unsigned int mode,
/* Expand any escapes in the prompt. */
prompt = expand_prompt(
user_ctx.prompt ? user_ctx.prompt : def_passprompt,
ctx.user.prompt ? ctx.user.prompt : def_passprompt,
closure->auth_pw->pw_name);
if (prompt == NULL)
goto done;
@@ -197,17 +197,17 @@ check_user(unsigned int validated, unsigned int mode)
ret = true;
goto done;
}
if (user_ctx.uid == 0 || (user_ctx.uid == runas_ctx.pw->pw_uid &&
(runas_ctx.gr == NULL ||
user_in_group(user_ctx.pw, runas_ctx.gr->gr_name)))) {
if (ctx.user.uid == 0 || (ctx.user.uid == ctx.runas.pw->pw_uid &&
(ctx.runas.gr == NULL ||
user_in_group(ctx.user.pw, ctx.runas.gr->gr_name)))) {
#ifdef HAVE_SELINUX
if (runas_ctx.role == NULL && runas_ctx.type == NULL)
if (ctx.runas.role == NULL && ctx.runas.type == NULL)
#endif
#ifdef HAVE_APPARMOR
if (runas_ctx.apparmor_profile == NULL)
if (ctx.runas.apparmor_profile == NULL)
#endif
#ifdef HAVE_PRIV_SET
if (runas_ctx.privs == NULL && runas_ctx.limitprivs == NULL)
if (ctx.runas.privs == NULL && ctx.runas.limitprivs == NULL)
#endif
{
sudo_debug_printf(SUDO_DEBUG_INFO,
@@ -329,7 +329,7 @@ user_is_exempt(void)
debug_decl(user_is_exempt, SUDOERS_DEBUG_AUTH);
if (def_exempt_group) {
if (user_in_group(user_ctx.pw, def_exempt_group))
if (user_in_group(ctx.user.pw, def_exempt_group))
ret = true;
}
debug_return_bool(ret);
@@ -338,7 +338,7 @@ user_is_exempt(void)
/*
* Get passwd entry for the user we are going to authenticate as.
* By default, this is the user invoking sudo. In the most common
* case, this matches user_ctx.pw or runas_ctx.pw.
* case, this matches ctx.user.pw or ctx.runas.pw.
*/
static struct passwd *
get_authpw(unsigned int mode)
@@ -348,8 +348,8 @@ get_authpw(unsigned int mode)
if (ISSET(mode, (MODE_CHECK|MODE_LIST))) {
/* In list mode we always prompt for the user's password. */
sudo_pw_addref(user_ctx.pw);
pw = user_ctx.pw;
sudo_pw_addref(ctx.user.pw);
pw = ctx.user.pw;
} else {
if (def_rootpw) {
if ((pw = sudo_getpwuid(ROOT_UID)) == NULL) {
@@ -361,17 +361,17 @@ get_authpw(unsigned int mode)
N_("unknown user %s"), def_runas_default);
}
} else if (def_targetpw) {
if (runas_ctx.pw->pw_name == NULL) {
if (ctx.runas.pw->pw_name == NULL) {
/* This should never be NULL as we fake up the passwd struct */
log_warningx(SLOG_RAW_MSG, N_("unknown uid %u"),
(unsigned int) runas_ctx.pw->pw_uid);
(unsigned int) ctx.runas.pw->pw_uid);
} else {
sudo_pw_addref(runas_ctx.pw);
pw = runas_ctx.pw;
sudo_pw_addref(ctx.runas.pw);
pw = ctx.runas.pw;
}
} else {
sudo_pw_addref(user_ctx.pw);
pw = user_ctx.pw;
sudo_pw_addref(ctx.user.pw);
pw = ctx.user.pw;
}
}

11
plugins/sudoers/cvtsudoers.c
View File

@@ -61,8 +61,7 @@
* Globals
*/
struct cvtsudoers_filter *filters;
struct sudoers_user_context user_ctx;
struct sudoers_runas_context runas_ctx;
struct sudoers_context ctx;
static FILE *logfp;
static const char short_opts[] = "b:c:d:ef:hi:I:l:m:Mo:O:pP:s:V";
static struct option long_opts[] = {
@@ -966,15 +965,15 @@ cmnd_matches_filter(struct sudoers_parse_tree *parse_tree,
}
/* Only need one command in the filter to match. */
user_ctx.cmnd = s->str;
user_ctx.cmnd_base = sudo_basename(user_ctx.cmnd);
ctx.user.cmnd = s->str;
ctx.user.cmnd_base = sudo_basename(ctx.user.cmnd);
if (cmnd_matches(parse_tree, m, NULL, NULL) == true) {
matched = true;
break;
}
}
user_ctx.cmnd_base = NULL;
user_ctx.cmnd = NULL;
ctx.user.cmnd_base = NULL;
ctx.user.cmnd = NULL;
debug_return_bool(matched);
}

4
plugins/sudoers/defaults.c
View File

@@ -706,7 +706,7 @@ default_binding_matches(struct sudoers_parse_tree *parse_tree,
case DEFAULTS:
debug_return_bool(true);
case DEFAULTS_USER:
if (userlist_matches(parse_tree, user_ctx.pw, &d->binding->members) == ALLOW)
if (userlist_matches(parse_tree, ctx.user.pw, &d->binding->members) == ALLOW)
debug_return_bool(true);
break;
case DEFAULTS_RUNAS:
@@ -714,7 +714,7 @@ default_binding_matches(struct sudoers_parse_tree *parse_tree,
debug_return_bool(true);
break;
case DEFAULTS_HOST:
if (hostlist_matches(parse_tree, user_ctx.pw, &d->binding->members) == ALLOW)
if (hostlist_matches(parse_tree, ctx.user.pw, &d->binding->members) == ALLOW)
debug_return_bool(true);
break;
case DEFAULTS_CMND:

32
plugins/sudoers/display.c
View File

@@ -459,14 +459,14 @@ display_privs(const struct sudo_nss_list *snl, struct passwd *pw, bool verbose)
struct stat sb;
debug_decl(display_privs, SUDOERS_DEBUG_PARSER);
cols = user_ctx.cols;
cols = ctx.user.cols;
if (fstat(STDOUT_FILENO, &sb) == 0 && S_ISFIFO(sb.st_mode))
cols = 0;
sudo_lbuf_init(&def_buf, output, 4, NULL, cols);
sudo_lbuf_init(&priv_buf, output, 8, NULL, cols);
sudo_lbuf_append(&def_buf, _("Matching Defaults entries for %s on %s:\n"),
pw->pw_name, runas_ctx.shost);
pw->pw_name, ctx.runas.shost);
count = 0;
TAILQ_FOREACH(nss, snl, entries) {
n = display_defaults(nss->parse_tree, pw, &def_buf);
@@ -502,7 +502,7 @@ display_privs(const struct sudo_nss_list *snl, struct passwd *pw, bool verbose)
/* Display privileges from all sources. */
sudo_lbuf_append(&priv_buf,
_("User %s may run the following commands on %s:\n"),
pw->pw_name, runas_ctx.shost);
pw->pw_name, ctx.runas.shost);
count = 0;
TAILQ_FOREACH(nss, snl, entries) {
if (nss->query(nss, pw) != -1) {
@@ -517,7 +517,7 @@ display_privs(const struct sudo_nss_list *snl, struct passwd *pw, bool verbose)
priv_buf.len = 0;
sudo_lbuf_append(&priv_buf,
_("User %s is not allowed to run sudo on %s.\n"),
pw->pw_name, runas_ctx.shost);
pw->pw_name, ctx.runas.shost);
}
if (sudo_lbuf_error(&def_buf) || sudo_lbuf_error(&priv_buf))
goto bad;
@@ -548,13 +548,13 @@ display_cmnd_check(const struct sudoers_parse_tree *parse_tree,
debug_decl(display_cmnd_check, SUDOERS_DEBUG_PARSER);
/*
* For "sudo -l command", user_ctx.cmnd is "list" and the actual
* command we are checking is in user_ctx.cmnd_list.
* For "sudo -l command", ctx.user.cmnd is "list" and the actual
* command we are checking is in ctx.user.cmnd_list.
*/
saved_user_cmnd = user_ctx.cmnd;
saved_user_base = user_ctx.cmnd_base;
user_ctx.cmnd = user_ctx.cmnd_list;
user_ctx.cmnd_base = sudo_basename(user_ctx.cmnd);
saved_user_cmnd = ctx.user.cmnd;
saved_user_base = ctx.user.cmnd_base;
ctx.user.cmnd = ctx.user.cmnd_list;
ctx.user.cmnd_base = sudo_basename(ctx.user.cmnd);
TAILQ_FOREACH_REVERSE(us, &parse_tree->userspecs, userspec_list, entries) {
if (userlist_matches(parse_tree, pw, &us->users) != ALLOW)
@@ -589,13 +589,13 @@ display_cmnd_check(const struct sudoers_parse_tree *parse_tree,
}
}
done:
user_ctx.cmnd = saved_user_cmnd;
user_ctx.cmnd_base = saved_user_base;
ctx.user.cmnd = saved_user_cmnd;
ctx.user.cmnd_base = saved_user_base;
debug_return_int(cmnd_match);
}
/*
* Check user_ctx.cmnd against sudoers and print the matching entry if the
* Check ctx.user.cmnd against sudoers and print the matching entry if the
* command is allowed.
* Returns true if the command is allowed, false if not or -1 on error.
*/
@@ -633,9 +633,9 @@ display_cmnd(const struct sudo_nss_list *snl, struct passwd *pw, bool verbose)
match_info.priv, match_info.cs, NULL, &lbuf);
sudo_lbuf_append(&lbuf, " Matched: ");
}
sudo_lbuf_append(&lbuf, "%s%s%s\n", user_ctx.cmnd_list,
user_ctx.cmnd_args ? " " : "",
user_ctx.cmnd_args ? user_ctx.cmnd_args : "");
sudo_lbuf_append(&lbuf, "%s%s%s\n", ctx.user.cmnd_list,
ctx.user.cmnd_args ? " " : "",
ctx.user.cmnd_args ? ctx.user.cmnd_args : "");
sudo_lbuf_print(&lbuf);
ret = sudo_lbuf_error(&lbuf) ? -1 : true;
sudo_lbuf_destroy(&lbuf);

52
plugins/sudoers/env.c
View File

@@ -901,11 +901,11 @@ rebuild_env(void)
if (!ISSET(sudo_mode, MODE_LOGIN_SHELL)) {
#ifdef HAVE_LOGIN_CAP_H
/* Insert login class environment variables. */
if (runas_ctx.class) {
login_cap_t *lc = login_getclass(runas_ctx.class);
if (ctx.runas.class) {
login_cap_t *lc = login_getclass(ctx.runas.class);
if (lc != NULL) {
setusercontext(lc, runas_ctx.pw,
runas_ctx.pw->pw_uid, LOGIN_SETPATH|LOGIN_SETENV);
setusercontext(lc, ctx.runas.pw,
ctx.runas.pw->pw_uid, LOGIN_SETPATH|LOGIN_SETENV);
login_close(lc);
}
}
@@ -951,27 +951,27 @@ rebuild_env(void)
* on sudoers options).
*/
if (ISSET(sudo_mode, MODE_LOGIN_SHELL)) {
CHECK_SETENV2("SHELL", runas_ctx.pw->pw_shell,
CHECK_SETENV2("SHELL", ctx.runas.pw->pw_shell,
ISSET(didvar, DID_SHELL), true);
#ifdef _AIX
CHECK_SETENV2("LOGIN", runas_ctx.pw->pw_name,
CHECK_SETENV2("LOGIN", ctx.runas.pw->pw_name,
ISSET(didvar, DID_LOGIN), true);
#endif
CHECK_SETENV2("LOGNAME", runas_ctx.pw->pw_name,
CHECK_SETENV2("LOGNAME", ctx.runas.pw->pw_name,
ISSET(didvar, DID_LOGNAME), true);
CHECK_SETENV2("USER", runas_ctx.pw->pw_name,
CHECK_SETENV2("USER", ctx.runas.pw->pw_name,
ISSET(didvar, DID_USER), true);
} else {
/* We will set LOGNAME later in the def_set_logname case. */
if (!def_set_logname) {
#ifdef _AIX
if (!ISSET(didvar, DID_LOGIN))
CHECK_SETENV2("LOGIN", user_ctx.name, false, true);
CHECK_SETENV2("LOGIN", ctx.user.name, false, true);
#endif
if (!ISSET(didvar, DID_LOGNAME))
CHECK_SETENV2("LOGNAME", user_ctx.name, false, true);
CHECK_SETENV2("LOGNAME", ctx.user.name, false, true);
if (!ISSET(didvar, DID_USER))
CHECK_SETENV2("USER", user_ctx.name, false, true);
CHECK_SETENV2("USER", ctx.user.name, false, true);
}
}
@@ -986,10 +986,10 @@ rebuild_env(void)
if (ISSET(sudo_mode, MODE_LOGIN_SHELL) || !ISSET(didvar, KEPT_MAIL)) {
if (_PATH_MAILDIR[sizeof(_PATH_MAILDIR) - 2] == '/') {
len = asprintf(&cp, "MAIL=%s%s", _PATH_MAILDIR,
runas_ctx.pw->pw_name);
ctx.runas.pw->pw_name);
} else {
len = asprintf(&cp, "MAIL=%s/%s", _PATH_MAILDIR,
runas_ctx.pw->pw_name);
ctx.runas.pw->pw_name);
}
if (len == -1)
goto bad;
@@ -1036,10 +1036,10 @@ rebuild_env(void)
if ((didvar & KEPT_USER_VARIABLES) == 0) {
/* Nothing preserved, set them all. */
#ifdef _AIX
CHECK_SETENV2("LOGIN", runas_ctx.pw->pw_name, true, true);
CHECK_SETENV2("LOGIN", ctx.runas.pw->pw_name, true, true);
#endif
CHECK_SETENV2("LOGNAME", runas_ctx.pw->pw_name, true, true);
CHECK_SETENV2("USER", runas_ctx.pw->pw_name, true, true);
CHECK_SETENV2("LOGNAME", ctx.runas.pw->pw_name, true, true);
CHECK_SETENV2("USER", ctx.runas.pw->pw_name, true, true);
} else if ((didvar & KEPT_USER_VARIABLES) != KEPT_USER_VARIABLES) {
/*
* Preserved some of LOGIN, LOGNAME, USER but not all.
@@ -1071,11 +1071,11 @@ rebuild_env(void)
/* Set $HOME to target user if not preserving user's value. */
if (reset_home)
CHECK_SETENV2("HOME", runas_ctx.pw->pw_dir, true, true);
CHECK_SETENV2("HOME", ctx.runas.pw->pw_dir, true, true);
/* Provide default values for $SHELL, $TERM and $PATH if not set. */
if (!ISSET(didvar, DID_SHELL))
CHECK_SETENV2("SHELL", runas_ctx.pw->pw_shell, false, false);
CHECK_SETENV2("SHELL", ctx.runas.pw->pw_shell, false, false);
if (!ISSET(didvar, DID_TERM))
CHECK_PUTENV("TERM=unknown", false, false);
if (!ISSET(didvar, DID_PATH))
@@ -1086,14 +1086,14 @@ rebuild_env(void)
CHECK_PUTENV(ps1, true, true);
/* Add the SUDO_COMMAND envariable (cmnd + args). */
if (user_ctx.cmnd_args) {
if (ctx.user.cmnd_args) {
/*
* We limit user_ctx.cmnd_args to 4096 bytes to avoid an execve(2)
* We limit ctx.user.cmnd_args to 4096 bytes to avoid an execve(2)
* failure for very long argument vectors. The command's environment
* also counts against the ARG_MAX limit.
*/
len = asprintf(&cp, "SUDO_COMMAND=%s %.*s", user_ctx.cmnd, 4096,
user_ctx.cmnd_args);
len = asprintf(&cp, "SUDO_COMMAND=%s %.*s", ctx.user.cmnd, 4096,
ctx.user.cmnd_args);
if (len == -1)
goto bad;
if (sudo_putenv(cp, true, true) == -1) {
@@ -1102,14 +1102,14 @@ rebuild_env(void)
}
sudoers_gc_add(GC_PTR, cp);
} else {
CHECK_SETENV2("SUDO_COMMAND", user_ctx.cmnd, true, true);
CHECK_SETENV2("SUDO_COMMAND", ctx.user.cmnd, true, true);
}
/* Add the SUDO_USER, SUDO_UID, SUDO_GID environment variables. */
CHECK_SETENV2("SUDO_USER", user_ctx.name, true, true);
(void)snprintf(idbuf, sizeof(idbuf), "%u", (unsigned int) user_ctx.uid);
CHECK_SETENV2("SUDO_USER", ctx.user.name, true, true);
(void)snprintf(idbuf, sizeof(idbuf), "%u", (unsigned int) ctx.user.uid);
CHECK_SETENV2("SUDO_UID", idbuf, true, true);
(void)snprintf(idbuf, sizeof(idbuf), "%u", (unsigned int) user_ctx.gid);
(void)snprintf(idbuf, sizeof(idbuf), "%u", (unsigned int) ctx.user.gid);
CHECK_SETENV2("SUDO_GID", idbuf, true, true);
debug_return_bool(true);

4
plugins/sudoers/fmtsudoers.c
View File

@@ -52,8 +52,8 @@ sudoers_format_member_int(struct sudo_lbuf *lbuf,
switch (type) {
case MYSELF:
sudo_lbuf_append(lbuf, "%s%s", negated ? "!" : "",
runas_ctx.list_pw ? runas_ctx.list_pw->pw_name :
(user_ctx.name ? user_ctx.name : ""));
ctx.runas.list_pw ? ctx.runas.list_pw->pw_name :
(ctx.user.name ? ctx.user.name : ""));
break;
case ALL:
if (name == NULL) {

20
plugins/sudoers/iolog_path_escapes.c
View File

@@ -63,7 +63,7 @@ static size_t
fill_user(char *str, size_t strsize, void *unused)
{
debug_decl(fill_user, SUDOERS_DEBUG_UTIL);
debug_return_size_t(strlcpy(str, user_ctx.name, strsize));
debug_return_size_t(strlcpy(str, ctx.user.name, strsize));
}
static size_t
@@ -73,11 +73,11 @@ fill_group(char *str, size_t strsize, void *unused)
size_t len;
debug_decl(fill_group, SUDOERS_DEBUG_UTIL);
if ((grp = sudo_getgrgid(user_ctx.gid)) != NULL) {
if ((grp = sudo_getgrgid(ctx.user.gid)) != NULL) {
len = strlcpy(str, grp->gr_name, strsize);
sudo_gr_delref(grp);
} else {
len = (size_t)snprintf(str, strsize, "#%u", (unsigned int)user_ctx.gid);
len = (size_t)snprintf(str, strsize, "#%u", (unsigned int)ctx.user.gid);
}
debug_return_size_t(len);
}
@@ -86,7 +86,7 @@ static size_t
fill_runas_user(char *str, size_t strsize, void *unused)
{
debug_decl(fill_runas_user, SUDOERS_DEBUG_UTIL);
debug_return_size_t(strlcpy(str, runas_ctx.pw->pw_name, strsize));
debug_return_size_t(strlcpy(str, ctx.runas.pw->pw_name, strsize));
}
static size_t
@@ -96,15 +96,15 @@ fill_runas_group(char *str, size_t strsize, void *unused)
size_t len;
debug_decl(fill_runas_group, SUDOERS_DEBUG_UTIL);
if (runas_ctx.gr != NULL) {
len = strlcpy(str, runas_ctx.gr->gr_name, strsize);
if (ctx.runas.gr != NULL) {
len = strlcpy(str, ctx.runas.gr->gr_name, strsize);
} else {
if ((grp = sudo_getgrgid(runas_ctx.pw->pw_gid)) != NULL) {
if ((grp = sudo_getgrgid(ctx.runas.pw->pw_gid)) != NULL) {
len = strlcpy(str, grp->gr_name, strsize);
sudo_gr_delref(grp);
} else {
len = (size_t)snprintf(str, strsize, "#%u",
(unsigned int)runas_ctx.pw->pw_gid);
(unsigned int)ctx.runas.pw->pw_gid);
}
}
debug_return_size_t(len);
@@ -114,14 +114,14 @@ static size_t
fill_hostname(char *str, size_t strsize, void *unused)
{
debug_decl(fill_hostname, SUDOERS_DEBUG_UTIL);
debug_return_size_t(strlcpy(str, user_ctx.shost, strsize));
debug_return_size_t(strlcpy(str, ctx.user.shost, strsize));
}
static size_t
fill_command(char *str, size_t strsize, void *unused)
{
debug_decl(fill_command, SUDOERS_DEBUG_UTIL);
debug_return_size_t(strlcpy(str, user_ctx.cmnd_base, strsize));
debug_return_size_t(strlcpy(str, ctx.user.cmnd_base, strsize));
}
/* Note: "seq" must be first in the list. */

18
plugins/sudoers/ldap.c
View File

@@ -329,8 +329,8 @@ sudo_ldap_check_non_unix_group(const struct sudo_nss *nss, LDAPMessage *entry,
}
if (*val == '+') {
if (netgr_matches(nss, val,
def_netgroup_tuple ? runas_ctx.host : NULL,
def_netgroup_tuple ? runas_ctx.shost : NULL, pw->pw_name))
def_netgroup_tuple ? ctx.runas.host : NULL,
def_netgroup_tuple ? ctx.runas.shost : NULL, pw->pw_name))
ret = true;
DPRINTF2("ldap sudoUser netgroup '%s%s' ... %s",
negated ? "!" : "", val, ret ? "MATCH!" : "not");
@@ -666,11 +666,11 @@ sudo_netgroup_lookup(LDAP *ld, struct passwd *pw,
if ((escaped_user = sudo_ldap_value_dup(pw->pw_name)) == NULL)
goto oom;
if (def_netgroup_tuple) {
escaped_host = sudo_ldap_value_dup(runas_ctx.host);
if (runas_ctx.host == runas_ctx.shost)
escaped_host = sudo_ldap_value_dup(ctx.runas.host);
if (ctx.runas.host == ctx.runas.shost)
escaped_shost = escaped_host;
else
escaped_shost = sudo_ldap_value_dup(runas_ctx.shost);
escaped_shost = sudo_ldap_value_dup(ctx.runas.shost);
if (escaped_host == NULL || escaped_shost == NULL)
goto oom;
}
@@ -1441,12 +1441,12 @@ sudo_ldap_bind_s(LDAP *ld)
int rc;
/* Make temp copy of the user's credential cache as needed. */
if (ldap_conf.krb5_ccname == NULL && user_ctx.ccname != NULL) {
new_ccname = tmp_ccname = sudo_krb5_copy_cc_file(user_ctx.ccname);
if (ldap_conf.krb5_ccname == NULL && ctx.user.ccname != NULL) {
new_ccname = tmp_ccname = sudo_krb5_copy_cc_file(ctx.user.ccname);
if (tmp_ccname == NULL) {
/* XXX - fatal error */
sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO,
"unable to copy user ccache %s", user_ctx.ccname);
"unable to copy user ccache %s", ctx.user.ccname);
}
}
@@ -1925,7 +1925,7 @@ sudo_ldap_query(const struct sudo_nss *nss, struct passwd *pw)
free_userspecs(&handle->parse_tree.userspecs);
DPRINTF1("%s: ldap search user %s, host %s", __func__, pw->pw_name,
runas_ctx.host);
ctx.runas.host);
if ((lres = sudo_ldap_result_get(nss, pw)) == NULL)
goto done;

92
plugins/sudoers/logging.c
View File

@@ -156,7 +156,7 @@ log_server_reject(struct eventlog *evlog, const char *message)
debug_return_bool(false);
/* Open connection to log server, send hello and reject messages. */
client_closure = log_server_open(&details, &user_ctx.submit_time,
client_closure = log_server_open(&details, &ctx.user.submit_time,
false, SEND_REJECT, message);
if (client_closure != NULL) {
client_closure_free(client_closure);
@@ -256,14 +256,14 @@ log_reject(const char *message, bool logit, bool mailit)
debug_decl(log_reject, SUDOERS_DEBUG_LOGGING);
if (!ISSET(sudo_mode, MODE_POLICY_INTERCEPTED))
uuid_str = user_ctx.uuid_str;
uuid_str = ctx.user.uuid_str;
if (mailit) {
SET(evl_flags, EVLOG_MAIL);
if (!logit)
SET(evl_flags, EVLOG_MAIL_ONLY);
}
sudoers_to_eventlog(&evlog, runas_ctx.cmnd, NewArgv, env_get(), uuid_str);
sudoers_to_eventlog(&evlog, ctx.runas.cmnd, NewArgv, env_get(), uuid_str);
ret = eventlog_reject(&evlog, evl_flags, message, NULL, NULL);
if (!log_server_reject(&evlog, message))
ret = false;
@@ -313,17 +313,17 @@ log_denial(unsigned int status, bool inform_user)
if (ISSET(status, FLAG_NO_USER)) {
sudo_printf(SUDO_CONV_ERROR_MSG, _("%s is not in the sudoers "
"file.\n"), user_ctx.name);
"file.\n"), ctx.user.name);
} else if (ISSET(status, FLAG_NO_HOST)) {
sudo_printf(SUDO_CONV_ERROR_MSG, _("%s is not allowed to run sudo "
"on %s.\n"), user_ctx.name, runas_ctx.shost);
"on %s.\n"), ctx.user.name, ctx.runas.shost);
} else if (ISSET(status, FLAG_NO_CHECK)) {
sudo_printf(SUDO_CONV_ERROR_MSG, _("Sorry, user %s may not run "
"sudo on %s.\n"), user_ctx.name, runas_ctx.shost);
"sudo on %s.\n"), ctx.user.name, ctx.runas.shost);
} else {
const struct passwd *runas_pw =
runas_ctx.list_pw ? runas_ctx.list_pw : runas_ctx.pw;
const char *cmnd1 = user_ctx.cmnd;
ctx.runas.list_pw ? ctx.runas.list_pw : ctx.runas.pw;
const char *cmnd1 = ctx.user.cmnd;
const char *cmnd2 = "";
if (ISSET(sudo_mode, MODE_CHECK)) {
@@ -333,12 +333,12 @@ log_denial(unsigned int status, bool inform_user)
}
sudo_printf(SUDO_CONV_ERROR_MSG, _("Sorry, user %s is not allowed "
"to execute '%s%s%s%s' as %s%s%s on %s.\n"),
user_ctx.name, cmnd1, cmnd2, user_ctx.cmnd_args ? " " : "",
user_ctx.cmnd_args ? user_ctx.cmnd_args : "",
runas_pw ? runas_pw->pw_name : user_ctx.name,
runas_ctx.gr ? ":" : "",
runas_ctx.gr ? runas_ctx.gr->gr_name : "",
user_ctx.host);
ctx.user.name, cmnd1, cmnd2, ctx.user.cmnd_args ? " " : "",
ctx.user.cmnd_args ? ctx.user.cmnd_args : "",
runas_pw ? runas_pw->pw_name : ctx.user.name,
ctx.runas.gr ? ":" : "",
ctx.runas.gr ? ctx.runas.gr->gr_name : "",
ctx.user.host);
}
if (mailit) {
sudo_printf(SUDO_CONV_ERROR_MSG, "%s",
@@ -360,15 +360,15 @@ log_failure(unsigned int status, int cmnd_status)
/* The user doesn't always get to see the log message (path info). */
if (!ISSET(status, FLAG_NO_USER | FLAG_NO_HOST) &&
runas_ctx.list_pw == NULL && def_path_info &&
ctx.runas.list_pw == NULL && def_path_info &&
(cmnd_status == NOT_FOUND_DOT || cmnd_status == NOT_FOUND))
inform_user = false;
ret = log_denial(status, inform_user);
if (!inform_user) {
const char *cmnd = user_ctx.cmnd;
const char *cmnd = ctx.user.cmnd;
if (ISSET(sudo_mode, MODE_CHECK))
cmnd = user_ctx.cmnd_list ? user_ctx.cmnd_list : NewArgv[1];
cmnd = ctx.user.cmnd_list ? ctx.user.cmnd_list : NewArgv[1];
/*
* We'd like to not leak path info at all here, but that can
@@ -608,7 +608,7 @@ log_exit_status(int status)
ret = false;
goto done;
}
sudo_timespecsub(&run_time, &user_ctx.submit_time, &run_time);
sudo_timespecsub(&run_time, &ctx.user.submit_time, &run_time);
if (WIFEXITED(status)) {
exit_value = WEXITSTATUS(status);
@@ -628,8 +628,8 @@ log_exit_status(int status)
/* Log and mail messages should be in the sudoers locale. */
sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale);
sudoers_to_eventlog(&evlog, user_ctx.cmnd_saved, saved_argv, env_get(),
user_ctx.uuid_str);
sudoers_to_eventlog(&evlog, ctx.user.cmnd_saved, saved_argv, env_get(),
ctx.user.uuid_str);
if (def_mail_always) {
SET(evl_flags, EVLOG_MAIL);
if (!def_log_exit_status)
@@ -731,8 +731,8 @@ vlog_warning(unsigned int flags, int errnum, const char * restrict fmt,
if (ISSET(flags, SLOG_NO_LOG))
SET(evl_flags, EVLOG_MAIL_ONLY);
}
sudoers_to_eventlog(&evlog, runas_ctx.cmnd, NewArgv, env_get(),
user_ctx.uuid_str);
sudoers_to_eventlog(&evlog, ctx.runas.cmnd, NewArgv, env_get(),
ctx.user.uuid_str);
if (!eventlog_alert(&evlog, evl_flags, &now, message, errstr))
ret = false;
if (!log_server_alert(&evlog, &now, message, errstr))
@@ -846,8 +846,8 @@ mail_parse_errors(void)
sudo_warn("%s", U_("unable to get time of day"));
goto done;
}
sudoers_to_eventlog(&evlog, runas_ctx.cmnd, NewArgv, env_get(),
user_ctx.uuid_str);
sudoers_to_eventlog(&evlog, ctx.runas.cmnd, NewArgv, env_get(),
ctx.user.uuid_str);
/* Convert parse_error_list to a string vector. */
n = 0;
@@ -959,45 +959,45 @@ sudoers_to_eventlog(struct eventlog *evlog, const char *cmnd,
debug_decl(sudoers_to_eventlog, SUDOERS_DEBUG_LOGGING);
/* We rely on the reference held by the group cache. */
if ((grp = sudo_getgrgid(user_ctx.pw->pw_gid)) != NULL)
if ((grp = sudo_getgrgid(ctx.user.pw->pw_gid)) != NULL)
sudo_gr_delref(grp);
memset(evlog, 0, sizeof(*evlog));
evlog->iolog_file = user_ctx.iolog_file;
evlog->iolog_path = user_ctx.iolog_path;
evlog->iolog_file = ctx.user.iolog_file;
evlog->iolog_path = ctx.user.iolog_path;
evlog->command = cmnd ? (char *)cmnd : (argv ? argv[0] : NULL);
evlog->cwd = user_ctx.cwd;
evlog->cwd = ctx.user.cwd;
if (def_runchroot != NULL && strcmp(def_runchroot, "*") != 0) {
evlog->runchroot = def_runchroot;
}
if (def_runcwd && strcmp(def_runcwd, "*") != 0) {
evlog->runcwd = def_runcwd;
} else if (ISSET(sudo_mode, MODE_LOGIN_SHELL) && runas_ctx.pw != NULL) {
evlog->runcwd = runas_ctx.pw->pw_dir;
} else if (ISSET(sudo_mode, MODE_LOGIN_SHELL) && ctx.runas.pw != NULL) {
evlog->runcwd = ctx.runas.pw->pw_dir;
} else {
evlog->runcwd = user_ctx.cwd;
evlog->runcwd = ctx.user.cwd;
}
evlog->rungroup = runas_ctx.gr ? runas_ctx.gr->gr_name : runas_ctx.group;
evlog->source = user_ctx.source;
evlog->submithost = user_ctx.host;
evlog->submituser = user_ctx.name;
evlog->rungroup = ctx.runas.gr ? ctx.runas.gr->gr_name : ctx.runas.group;
evlog->source = ctx.user.source;
evlog->submithost = ctx.user.host;
evlog->submituser = ctx.user.name;
if (grp != NULL)
evlog->submitgroup = grp->gr_name;
evlog->ttyname = user_ctx.ttypath;
evlog->ttyname = ctx.user.ttypath;
evlog->argv = (char **)argv;
evlog->env_add = (char **)user_ctx.env_vars;
evlog->env_add = (char **)ctx.user.env_vars;
evlog->envp = (char **)envp;
evlog->submit_time = user_ctx.submit_time;
evlog->lines = user_ctx.lines;
evlog->columns = user_ctx.cols;
if (runas_ctx.pw != NULL) {
evlog->rungid = runas_ctx.pw->pw_gid;
evlog->runuid = runas_ctx.pw->pw_uid;
evlog->runuser = runas_ctx.pw->pw_name;
evlog->submit_time = ctx.user.submit_time;
evlog->lines = ctx.user.lines;
evlog->columns = ctx.user.cols;
if (ctx.runas.pw != NULL) {
evlog->rungid = ctx.runas.pw->pw_gid;
evlog->runuid = ctx.runas.pw->pw_uid;
evlog->runuser = ctx.runas.pw->pw_name;
} else {
evlog->rungid = (gid_t)-1;
evlog->runuid = (uid_t)-1;
evlog->runuser = runas_ctx.user;
evlog->runuser = ctx.runas.user;
}
if (uuid_str == NULL) {
unsigned char uuid[16];
@@ -1013,7 +1013,7 @@ sudoers_to_eventlog(struct eventlog *evlog, const char *cmnd,
if (sudo_gettime_real(&now) == -1) {
sudo_warn("%s", U_("unable to get time of day"));
} else {
sudo_timespecsub(&now, &user_ctx.submit_time, &evlog->iolog_offset);
sudo_timespecsub(&now, &ctx.user.submit_time, &evlog->iolog_offset);
}
}

84
plugins/sudoers/lookup.c
View File

@@ -72,7 +72,7 @@ sudoers_lookup_pseudo(struct sudo_nss_list *snl, struct passwd *pw, time_t now,
pwcheck = (pwflag == -1) ? never : sudo_defs_table[pwflag].sd_un.tuple;
nopass = (pwcheck == never || pwcheck == all) ? true : false;
if (runas_ctx.list_pw != NULL) {
if (ctx.runas.list_pw != NULL) {
root_pw = sudo_getpwuid(ROOT_UID);
if (root_pw == NULL)
sudo_warnx(U_("unknown uid %u"), ROOT_UID);
@@ -144,8 +144,8 @@ sudoers_lookup_pseudo(struct sudo_nss_list *snl, struct passwd *pw, time_t now,
* Root can list any user's privileges.
* A user may always list their own privileges.
*/
if (user_ctx.uid == 0 || runas_ctx.list_pw == NULL ||
user_ctx.uid == runas_ctx.list_pw->pw_uid) {
if (ctx.user.uid == 0 || ctx.runas.list_pw == NULL ||
ctx.user.uid == ctx.runas.list_pw->pw_uid) {
cmnd_match = ALLOW;
runas_match = ALLOW;
} else if (date_match != DENY) {
@@ -154,7 +154,7 @@ sudoers_lookup_pseudo(struct sudo_nss_list *snl, struct passwd *pw, time_t now,
* user must match the list user or root.
*/
runas_match = runas_matches_pw(nss->parse_tree, cs,
runas_ctx.list_pw);
ctx.runas.list_pw);
switch (runas_match) {
case DENY:
break;
@@ -202,7 +202,7 @@ sudoers_lookup_pseudo(struct sudo_nss_list *snl, struct passwd *pw, time_t now,
}
if (root_pw != NULL)
sudo_pw_delref(root_pw);
if (match == ALLOW || user_ctx.uid == 0) {
if (match == ALLOW || ctx.user.uid == 0) {
/* User has an entry for this host. */
SET(validated, VALIDATE_SUCCESS);
} else if (match == DENY)
@@ -291,13 +291,13 @@ sudoers_lookup_check(struct sudo_nss *nss, struct passwd *pw,
if (cmnd_match != UNSPEC) {
/*
* If user is running command as themselves,
* set runas_ctx.pw = user_ctx.pw.
* set ctx.runas.pw = ctx.user.pw.
* XXX - hack, want more general solution
*/
if (matching_user && matching_user->type == MYSELF) {
sudo_pw_delref(runas_ctx.pw);
sudo_pw_addref(user_ctx.pw);
runas_ctx.pw = user_ctx.pw;
sudo_pw_delref(ctx.runas.pw);
sudo_pw_addref(ctx.user.pw);
ctx.runas.pw = ctx.user.pw;
}
*matching_cs = cs;
*defs = &priv->defaults;
@@ -327,93 +327,93 @@ apply_cmndspec(struct cmndspec *cs)
if (cs != NULL) {
#ifdef HAVE_SELINUX
/* Set role and type if not specified on command line. */
if (runas_ctx.role == NULL) {
if (ctx.runas.role == NULL) {
if (cs->role != NULL) {
runas_ctx.role = strdup(cs->role);
if (runas_ctx.role == NULL) {
ctx.runas.role = strdup(cs->role);
if (ctx.runas.role == NULL) {
sudo_warnx(U_("%s: %s"), __func__,
U_("unable to allocate memory"));
debug_return_bool(false);
}
} else {
runas_ctx.role = def_role;
ctx.runas.role = def_role;
def_role = NULL;
}
if (runas_ctx.role != NULL) {
if (ctx.runas.role != NULL) {
sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO,
"runas_ctx.role -> %s", runas_ctx.role);
"ctx.runas.role -> %s", ctx.runas.role);
}
}
if (runas_ctx.type == NULL) {
if (ctx.runas.type == NULL) {
if (cs->type != NULL) {
runas_ctx.type = strdup(cs->type);
if (runas_ctx.type == NULL) {
ctx.runas.type = strdup(cs->type);
if (ctx.runas.type == NULL) {
sudo_warnx(U_("%s: %s"), __func__,
U_("unable to allocate memory"));
debug_return_bool(false);
}
} else {
runas_ctx.type = def_type;
ctx.runas.type = def_type;
def_type = NULL;
}
if (runas_ctx.type != NULL) {
if (ctx.runas.type != NULL) {
sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO,
"runas_ctx.type -> %s", runas_ctx.type);
"ctx.runas.type -> %s", ctx.runas.type);
}
}
#endif /* HAVE_SELINUX */
#ifdef HAVE_APPARMOR
/* Set AppArmor profile, if specified */
if (cs->apparmor_profile != NULL) {
runas_ctx.apparmor_profile = strdup(cs->apparmor_profile);
if (runas_ctx.apparmor_profile == NULL) {
ctx.runas.apparmor_profile = strdup(cs->apparmor_profile);
if (ctx.runas.apparmor_profile == NULL) {
sudo_warnx(U_("%s: %s"), __func__,
U_("unable to allocate memory"));
debug_return_bool(false);
}
} else {
runas_ctx.apparmor_profile = def_apparmor_profile;
ctx.runas.apparmor_profile = def_apparmor_profile;
def_apparmor_profile = NULL;
}
if (runas_ctx.apparmor_profile != NULL) {
if (ctx.runas.apparmor_profile != NULL) {
sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO,
"runas_ctx.apparmor_profile -> %s", runas_ctx.apparmor_profile);
"ctx.runas.apparmor_profile -> %s", ctx.runas.apparmor_profile);
}
#endif
#ifdef HAVE_PRIV_SET
/* Set Solaris privilege sets */
if (runas_ctx.privs == NULL) {
if (ctx.runas.privs == NULL) {
if (cs->privs != NULL) {
runas_ctx.privs = strdup(cs->privs);
if (runas_ctx.privs == NULL) {
ctx.runas.privs = strdup(cs->privs);
if (ctx.runas.privs == NULL) {
sudo_warnx(U_("%s: %s"), __func__,
U_("unable to allocate memory"));
debug_return_bool(false);
}
} else {
runas_ctx.privs = def_privs;
ctx.runas.privs = def_privs;
def_privs = NULL;
}
if (runas_ctx.privs != NULL) {
if (ctx.runas.privs != NULL) {
sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO,
"runas_ctx.privs -> %s", runas_ctx.privs);
"ctx.runas.privs -> %s", ctx.runas.privs);
}
}
if (runas_ctx.limitprivs == NULL) {
if (ctx.runas.limitprivs == NULL) {
if (cs->limitprivs != NULL) {
runas_ctx.limitprivs = strdup(cs->limitprivs);
if (runas_ctx.limitprivs == NULL) {
ctx.runas.limitprivs = strdup(cs->limitprivs);
if (ctx.runas.limitprivs == NULL) {
sudo_warnx(U_("%s: %s"), __func__,
U_("unable to allocate memory"));
debug_return_bool(false);
}
} else {
runas_ctx.limitprivs = def_limitprivs;
ctx.runas.limitprivs = def_limitprivs;
def_limitprivs = NULL;
}
if (runas_ctx.limitprivs != NULL) {
if (ctx.runas.limitprivs != NULL) {
sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO,
"runas_ctx.limitprivs -> %s", runas_ctx.limitprivs);
"ctx.runas.limitprivs -> %s", ctx.runas.limitprivs);
}
}
#endif /* HAVE_PRIV_SET */
@@ -551,10 +551,10 @@ sudoers_lookup(struct sudo_nss_list *snl, struct passwd *pw, time_t now,
if (match != UNSPEC) {
if (info.cmnd_path != NULL) {
/* Update cmnd, cmnd_stat, cmnd_status from matching entry. */
free(user_ctx.cmnd);
user_ctx.cmnd = info.cmnd_path;
if (user_ctx.cmnd_stat != NULL)
*user_ctx.cmnd_stat = info.cmnd_stat;
free(ctx.user.cmnd);
ctx.user.cmnd = info.cmnd_path;
if (ctx.user.cmnd_stat != NULL)
*ctx.user.cmnd_stat = info.cmnd_stat;
*cmnd_status = info.status;
}
if (defs != NULL)

42
plugins/sudoers/match.c
View File

@@ -66,8 +66,8 @@ int
user_matches(const struct sudoers_parse_tree *parse_tree,
const struct passwd *pw, const struct member *m)
{
const char *lhost = parse_tree->lhost ? parse_tree->lhost : runas_ctx.host;
const char *shost = parse_tree->shost ? parse_tree->shost : runas_ctx.shost;
const char *lhost = parse_tree->lhost ? parse_tree->lhost : ctx.runas.host;
const char *shost = parse_tree->shost ? parse_tree->shost : ctx.runas.shost;
int matched = UNSPEC;
struct alias *a;
debug_decl(user_matches, SUDOERS_DEBUG_MATCH);
@@ -130,12 +130,12 @@ runas_getgroups(void)
debug_decl(runas_getgroups, SUDOERS_DEBUG_MATCH);
if (def_preserve_groups) {
sudo_gidlist_addref(user_ctx.gid_list);
debug_return_ptr(user_ctx.gid_list);
sudo_gidlist_addref(ctx.user.gid_list);
debug_return_ptr(ctx.user.gid_list);
}
/* Only use results from a group db query, not the front end. */
pw = runas_ctx.pw ? runas_ctx.pw : user_ctx.pw;
pw = ctx.runas.pw ? ctx.runas.pw : ctx.user.pw;
debug_return_ptr(sudo_get_gidlist(pw, ENTRY_TYPE_QUERIED));
}
@@ -149,8 +149,8 @@ static int
runas_userlist_matches(const struct sudoers_parse_tree *parse_tree,
const struct member_list *user_list, struct member **matching_user)
{
const char *lhost = parse_tree->lhost ? parse_tree->lhost : runas_ctx.host;
const char *shost = parse_tree->shost ? parse_tree->shost : runas_ctx.shost;
const char *lhost = parse_tree->lhost ? parse_tree->lhost : ctx.runas.host;
const char *shost = parse_tree->shost ? parse_tree->shost : ctx.runas.shost;
int user_matched = UNSPEC;
struct member *m;
struct alias *a;
@@ -165,11 +165,11 @@ runas_userlist_matches(const struct sudoers_parse_tree *parse_tree,
if (netgr_matches(parse_tree->nss, m->name,
def_netgroup_tuple ? lhost : NULL,
def_netgroup_tuple ? shost : NULL,
runas_ctx.pw->pw_name))
ctx.runas.pw->pw_name))
user_matched = !m->negated;
break;
case USERGROUP:
if (usergr_matches(m->name, runas_ctx.pw->pw_name, runas_ctx.pw))
if (usergr_matches(m->name, ctx.runas.pw->pw_name, ctx.runas.pw))
user_matched = !m->negated;
break;
case ALIAS:
@@ -184,7 +184,7 @@ runas_userlist_matches(const struct sudoers_parse_tree *parse_tree,
}
FALLTHROUGH;
case WORD:
if (userpw_matches(m->name, runas_ctx.pw->pw_name, runas_ctx.pw))
if (userpw_matches(m->name, ctx.runas.pw->pw_name, ctx.runas.pw))
user_matched = !m->negated;
break;
case MYSELF:
@@ -193,9 +193,9 @@ runas_userlist_matches(const struct sudoers_parse_tree *parse_tree,
* was specified on the command line without a user _or_
* the user specified their own name on the command line.
*/
if ((!ISSET(runas_ctx.flags, RUNAS_USER_SPECIFIED) &&
ISSET(runas_ctx.flags, RUNAS_GROUP_SPECIFIED)) ||
strcmp(user_ctx.name, runas_ctx.pw->pw_name) == 0)
if ((!ISSET(ctx.settings.flags, RUNAS_USER_SPECIFIED) &&
ISSET(ctx.settings.flags, RUNAS_GROUP_SPECIFIED)) ||
strcmp(ctx.user.name, ctx.runas.pw->pw_name) == 0)
user_matched = !m->negated;
break;
}
@@ -240,7 +240,7 @@ runas_grouplist_matches(const struct sudoers_parse_tree *parse_tree,
}
FALLTHROUGH;
case WORD:
if (group_matches(m->name, runas_ctx.gr))
if (group_matches(m->name, ctx.runas.gr))
group_matched = !m->negated;
break;
}
@@ -257,13 +257,13 @@ runas_grouplist_matches(const struct sudoers_parse_tree *parse_tree,
* The runas group was not explicitly allowed by sudoers.
* Check whether it is one of the target user's groups.
*/
if (runas_ctx.pw->pw_gid == runas_ctx.gr->gr_gid) {
if (ctx.runas.pw->pw_gid == ctx.runas.gr->gr_gid) {
group_matched = ALLOW; /* runas group matches passwd db */
} else if ((runas_groups = runas_getgroups()) != NULL) {
int i;
for (i = 0; i < runas_groups->ngids; i++) {
if (runas_groups->gids[i] == runas_ctx.gr->gr_gid) {
if (runas_groups->gids[i] == ctx.runas.gr->gr_gid) {
group_matched = ALLOW; /* matched aux group vector */
break;
}
@@ -303,14 +303,14 @@ runaslist_matches(const struct sudoers_parse_tree *parse_tree,
}
user_matched = runas_userlist_matches(parse_tree, user_list, matching_user);
if (ISSET(runas_ctx.flags, RUNAS_GROUP_SPECIFIED)) {
if (ISSET(ctx.settings.flags, RUNAS_GROUP_SPECIFIED)) {
group_matched = runas_grouplist_matches(parse_tree, group_list,
matching_group);
}
if (user_matched == DENY || group_matched == DENY)
debug_return_int(DENY);
if (user_matched == group_matched || runas_ctx.gr == NULL)
if (user_matched == group_matched || ctx.runas.gr == NULL)
debug_return_int(user_matched);
debug_return_int(UNSPEC);
}
@@ -337,15 +337,15 @@ hostlist_matches_int(const struct sudoers_parse_tree *parse_tree,
}
/*
* Check for runas_ctx.host and runas_ctx.shost in a list of members.
* Check for ctx.runas.host and ctx.runas.shost in a list of members.
* Returns ALLOW, DENY or UNSPEC.
*/
int
hostlist_matches(const struct sudoers_parse_tree *parse_tree,
const struct passwd *pw, const struct member_list *list)
{
const char *lhost = parse_tree->lhost ? parse_tree->lhost : runas_ctx.host;
const char *shost = parse_tree->shost ? parse_tree->shost : runas_ctx.shost;
const char *lhost = parse_tree->lhost ? parse_tree->lhost : ctx.runas.host;
const char *shost = parse_tree->shost ? parse_tree->shost : ctx.runas.shost;
return hostlist_matches_int(parse_tree, pw, lhost, shost, list);
}

200
plugins/sudoers/match_command.c
View File

@@ -81,7 +81,7 @@ regex_matches(const char *pattern, const char *str)
static bool
command_args_match(const char *sudoers_cmnd, const char *sudoers_args)
{
const char *args = user_ctx.cmnd_args ? user_ctx.cmnd_args : "";
const char *args = ctx.user.cmnd_args ? ctx.user.cmnd_args : "";
int flags = 0;
debug_decl(command_args_match, SUDOERS_DEBUG_MATCH);
@@ -92,7 +92,7 @@ command_args_match(const char *sudoers_cmnd, const char *sudoers_args)
if (sudoers_args == NULL)
debug_return_bool(true);
if (strcmp("\"\"", sudoers_args) == 0)
debug_return_bool(user_ctx.cmnd_args ? false : true);
debug_return_bool(ctx.user.cmnd_args ? false : true);
/*
* If args are specified in sudoers, they must match the user args.
@@ -202,8 +202,8 @@ set_cmnd_fd(int fd, int rootfd)
{
debug_decl(set_cmnd_fd, SUDOERS_DEBUG_MATCH);
if (runas_ctx.execfd != -1)
close(runas_ctx.execfd);
if (ctx.runas.execfd != -1)
close(ctx.runas.execfd);
if (fd != -1) {
if (def_fdexec == never) {
@@ -240,14 +240,14 @@ set_cmnd_fd(int fd, int rootfd)
}
}
runas_ctx.execfd = fd;
ctx.runas.execfd = fd;
debug_return;
}
#ifndef SUDOERS_NAME_MATCH
/*
* Return true if user_ctx.cmnd names one of the inodes in dir, else false.
* Return true if ctx.user.cmnd names one of the inodes in dir, else false.
*/
static bool
command_matches_dir(const char *sudoers_dir, size_t dlen, int rootfd,
@@ -260,10 +260,10 @@ command_matches_dir(const char *sudoers_dir, size_t dlen, int rootfd,
debug_decl(command_matches_dir, SUDOERS_DEBUG_MATCH);
/* Compare the canonicalized directories, if possible. */
if (user_ctx.cmnd_dir != NULL) {
if (ctx.user.cmnd_dir != NULL) {
char *resolved = canon_path(sudoers_dir);
if (resolved != NULL) {
if (strcmp(resolved, user_ctx.cmnd_dir) != 0) {
if (strcmp(resolved, ctx.user.cmnd_dir) != 0) {
canon_path_free(resolved);
goto done;
}
@@ -272,7 +272,7 @@ command_matches_dir(const char *sudoers_dir, size_t dlen, int rootfd,
}
/* Check for command in sudoers_dir. */
len = snprintf(path, sizeof(path), "%s/%s", sudoers_dir, user_ctx.cmnd_base);
len = snprintf(path, sizeof(path), "%s/%s", sudoers_dir, ctx.user.cmnd_base);
if (len < 0 || len >= ssizeof(path))
goto done;
@@ -284,13 +284,13 @@ command_matches_dir(const char *sudoers_dir, size_t dlen, int rootfd,
if (!intercept_ok(path, intercepted, &sudoers_stat))
goto done;
if (user_ctx.cmnd_stat == NULL ||
(user_ctx.cmnd_stat->st_dev == sudoers_stat.st_dev &&
user_ctx.cmnd_stat->st_ino == sudoers_stat.st_ino)) {
if (ctx.user.cmnd_stat == NULL ||
(ctx.user.cmnd_stat->st_dev == sudoers_stat.st_dev &&
ctx.user.cmnd_stat->st_ino == sudoers_stat.st_ino)) {
if (!digest_matches(fd, path, digests))
goto done;
free(runas_ctx.cmnd);
if ((runas_ctx.cmnd = strdup(path)) == NULL) {
free(ctx.runas.cmnd);
if ((ctx.runas.cmnd = strdup(path)) == NULL) {
sudo_warnx(U_("%s: %s"), __func__,
U_("unable to allocate memory"));
}
@@ -304,7 +304,7 @@ done:
}
#else /* SUDOERS_NAME_MATCH */
/*
* Return true if user_ctx.cmnd names one of the inodes in dir, else false.
* Return true if ctx.user.cmnd names one of the inodes in dir, else false.
*/
static bool
command_matches_dir(const char *sudoers_dir, size_t dlen, int rootfd,
@@ -313,18 +313,18 @@ command_matches_dir(const char *sudoers_dir, size_t dlen, int rootfd,
int fd = -1;
debug_decl(command_matches_dir, SUDOERS_DEBUG_MATCH);
/* Match user_ctx.cmnd against sudoers_dir. */
if (strncmp(user_ctx.cmnd, sudoers_dir, dlen) != 0 || user_ctx.cmnd[dlen] != '/')
/* Match ctx.user.cmnd against sudoers_dir. */
if (strncmp(ctx.user.cmnd, sudoers_dir, dlen) != 0 || ctx.user.cmnd[dlen] != '/')
goto bad;
/* Make sure user_ctx.cmnd is not in a subdir of sudoers_dir. */
if (strchr(user_ctx.cmnd + dlen + 1, '\0') != NULL)
/* Make sure ctx.user.cmnd is not in a subdir of sudoers_dir. */
if (strchr(ctx.user.cmnd + dlen + 1, '\0') != NULL)
goto bad;
/* Open the file for fdexec or for digest matching. */
if (!open_cmnd(user_ctx.cmnd, digests, &fd))
if (!open_cmnd(ctx.user.cmnd, digests, &fd))
goto bad;
if (!digest_matches(fd, user_ctx.cmnd, digests))
if (!digest_matches(fd, ctx.user.cmnd, digests))
goto bad;
set_cmnd_fd(fd, rootfd);
@@ -346,32 +346,32 @@ command_matches_all(int rootfd, bool intercepted,
int fd = -1;
debug_decl(command_matches_all, SUDOERS_DEBUG_MATCH);
if (strchr(user_ctx.cmnd, '/') != NULL) {
if (strchr(ctx.user.cmnd, '/') != NULL) {
#ifndef SUDOERS_NAME_MATCH
/* Open the file for fdexec or for digest matching. */
bool open_error = !open_cmnd(user_ctx.cmnd, digests, &fd);
bool open_error = !open_cmnd(ctx.user.cmnd, digests, &fd);
/* A non-existent file is not an error for "sudo ALL". */
if (do_stat(fd, user_ctx.cmnd, &sb)) {
if (do_stat(fd, ctx.user.cmnd, &sb)) {
if (open_error) {
/* File exists but we couldn't open it above? */
goto bad;
}
if (!intercept_ok(user_ctx.cmnd, intercepted, &sb))
if (!intercept_ok(ctx.user.cmnd, intercepted, &sb))
goto bad;
}
#else
/* Open the file for fdexec or for digest matching. */
(void)open_cmnd(user_ctx.cmnd, digests, &fd);
(void)open_cmnd(ctx.user.cmnd, digests, &fd);
#endif
}
/* Check digest of user_ctx.cmnd since we have no sudoers_cmnd for ALL. */
if (!digest_matches(fd, user_ctx.cmnd, digests))
/* Check digest of ctx.user.cmnd since we have no sudoers_cmnd for ALL. */
if (!digest_matches(fd, ctx.user.cmnd, digests))
goto bad;
set_cmnd_fd(fd, rootfd);
/* No need to set runas_ctx.cmnd for ALL. */
/* No need to set ctx.runas.cmnd for ALL. */
debug_return_bool(true);
bad:
if (fd != -1)
@@ -383,7 +383,7 @@ static bool
command_matches_fnmatch(const char *sudoers_cmnd, const char *sudoers_args,
int rootfd, bool intercepted, const struct command_digest_list *digests)
{
const char *cmnd = user_ctx.cmnd;
const char *cmnd = ctx.user.cmnd;
char buf[PATH_MAX];
int len, fd = -1;
#ifndef SUDOERS_NAME_MATCH
@@ -391,12 +391,12 @@ command_matches_fnmatch(const char *sudoers_cmnd, const char *sudoers_args,
#endif
debug_decl(command_matches_fnmatch, SUDOERS_DEBUG_MATCH);
/* A relative user_ctx.cmnd will not match, try canonicalized version. */
if (user_ctx.cmnd[0] != '/') {
if (user_ctx.cmnd_dir == NULL)
/* A relative ctx.user.cmnd will not match, try canonicalized version. */
if (ctx.user.cmnd[0] != '/') {
if (ctx.user.cmnd_dir == NULL)
debug_return_bool(false);
len = snprintf(buf, sizeof(buf), "%s/%s", user_ctx.cmnd_dir,
user_ctx.cmnd_base);
len = snprintf(buf, sizeof(buf), "%s/%s", ctx.user.cmnd_dir,
ctx.user.cmnd_base);
if (len < 0 || len >= ssizeof(buf))
debug_return_bool(false);
cmnd = buf;
@@ -427,7 +427,7 @@ command_matches_fnmatch(const char *sudoers_cmnd, const char *sudoers_args,
goto bad;
set_cmnd_fd(fd, rootfd);
/* No need to set runas_ctx.cmnd since cmnd matches sudoers_cmnd */
/* No need to set ctx.runas.cmnd since cmnd matches sudoers_cmnd */
debug_return_bool(true);
bad:
if (fd != -1)
@@ -441,7 +441,7 @@ static bool
command_matches_regex(const char *sudoers_cmnd, const char *sudoers_args,
int rootfd, bool intercepted, const struct command_digest_list *digests)
{
const char *cmnd = user_ctx.cmnd;
const char *cmnd = ctx.user.cmnd;
char buf[PATH_MAX];
int len, fd = -1;
#ifndef SUDOERS_NAME_MATCH
@@ -449,12 +449,12 @@ command_matches_regex(const char *sudoers_cmnd, const char *sudoers_args,
#endif
debug_decl(command_matches_regex, SUDOERS_DEBUG_MATCH);
/* A relative user_ctx.cmnd will not match, try canonicalized version. */
if (user_ctx.cmnd[0] != '/') {
if (user_ctx.cmnd_dir == NULL)
/* A relative ctx.user.cmnd will not match, try canonicalized version. */
if (ctx.user.cmnd[0] != '/') {
if (ctx.user.cmnd_dir == NULL)
debug_return_bool(false);
len = snprintf(buf, sizeof(buf), "%s/%s", user_ctx.cmnd_dir,
user_ctx.cmnd_base);
len = snprintf(buf, sizeof(buf), "%s/%s", ctx.user.cmnd_dir,
ctx.user.cmnd_base);
if (len < 0 || len >= ssizeof(buf))
debug_return_bool(false);
cmnd = buf;
@@ -485,7 +485,7 @@ command_matches_regex(const char *sudoers_cmnd, const char *sudoers_args,
goto bad;
set_cmnd_fd(fd, rootfd);
/* No need to set runas_ctx.cmnd since cmnd matches sudoers_cmnd */
/* No need to set ctx.runas.cmnd since cmnd matches sudoers_cmnd */
debug_return_bool(true);
bad:
if (fd != -1)
@@ -511,12 +511,12 @@ command_matches_glob(const char *sudoers_cmnd, const char *sudoers_args,
/*
* First check to see if we can avoid the call to glob(3).
* Short circuit if there are no meta chars in the command itself
* and user_ctx.cmnd_base and basename(sudoers_cmnd) don't match.
* and ctx.user.cmnd_base and basename(sudoers_cmnd) don't match.
*/
dlen = strlen(sudoers_cmnd);
if (sudoers_cmnd[dlen - 1] != '/') {
base = sudo_basename(sudoers_cmnd);
if (!has_meta(base) && strcmp(user_ctx.cmnd_base, base) != 0)
if (!has_meta(base) && strcmp(ctx.user.cmnd_base, base) != 0)
debug_return_bool(false);
}
@@ -532,15 +532,15 @@ command_matches_glob(const char *sudoers_cmnd, const char *sudoers_args,
debug_return_bool(false);
}
/* If user_ctx.cmnd is fully-qualified, check for an exact match. */
if (user_ctx.cmnd[0] == '/') {
/* If ctx.user.cmnd is fully-qualified, check for an exact match. */
if (ctx.user.cmnd[0] == '/') {
for (ap = gl.gl_pathv; (cp = *ap) != NULL; ap++) {
if (fd != -1) {
close(fd);
fd = -1;
}
if (strcmp(cp, user_ctx.cmnd) != 0)
if (strcmp(cp, ctx.user.cmnd) != 0)
continue;
/* Open the file for fdexec or for digest matching. */
if (!open_cmnd(cp, digests, &fd))
@@ -549,16 +549,16 @@ command_matches_glob(const char *sudoers_cmnd, const char *sudoers_args,
continue;
if (!intercept_ok(cp, intercepted, &sudoers_stat))
continue;
if (user_ctx.cmnd_stat == NULL ||
(user_ctx.cmnd_stat->st_dev == sudoers_stat.st_dev &&
user_ctx.cmnd_stat->st_ino == sudoers_stat.st_ino)) {
if (ctx.user.cmnd_stat == NULL ||
(ctx.user.cmnd_stat->st_dev == sudoers_stat.st_dev &&
ctx.user.cmnd_stat->st_ino == sudoers_stat.st_ino)) {
/* There could be multiple matches, check digest early. */
if (!digest_matches(fd, cp, digests)) {
bad_digest = true;
continue;
}
free(runas_ctx.cmnd);
if ((runas_ctx.cmnd = strdup(cp)) == NULL) {
free(ctx.runas.cmnd);
if ((ctx.runas.cmnd = strdup(cp)) == NULL) {
sudo_warnx(U_("%s: %s"), __func__,
U_("unable to allocate memory"));
cp = NULL; /* fail closed */
@@ -588,13 +588,13 @@ command_matches_glob(const char *sudoers_cmnd, const char *sudoers_args,
continue;
}
/* Only proceed if user_ctx.cmnd_base and basename(cp) match */
/* Only proceed if ctx.user.cmnd_base and basename(cp) match */
base = sudo_basename(cp);
if (strcmp(user_ctx.cmnd_base, base) != 0)
if (strcmp(ctx.user.cmnd_base, base) != 0)
continue;
/* Compare the canonicalized parent directories, if possible. */
if (user_ctx.cmnd_dir != NULL) {
if (ctx.user.cmnd_dir != NULL) {
char *slash = strchr(cp, '/');
if (slash != NULL) {
char *resolved;
@@ -603,7 +603,7 @@ command_matches_glob(const char *sudoers_cmnd, const char *sudoers_args,
*slash = '/';
if (resolved != NULL) {
/* Canonicalized directories must match. */
int result = strcmp(resolved, user_ctx.cmnd_dir);
int result = strcmp(resolved, ctx.user.cmnd_dir);
canon_path_free(resolved);
if (result != 0)
continue;
@@ -618,13 +618,13 @@ command_matches_glob(const char *sudoers_cmnd, const char *sudoers_args,
continue;
if (!intercept_ok(cp, intercepted, &sudoers_stat))
continue;
if (user_ctx.cmnd_stat == NULL ||
(user_ctx.cmnd_stat->st_dev == sudoers_stat.st_dev &&
user_ctx.cmnd_stat->st_ino == sudoers_stat.st_ino)) {
if (ctx.user.cmnd_stat == NULL ||
(ctx.user.cmnd_stat->st_dev == sudoers_stat.st_dev &&
ctx.user.cmnd_stat->st_ino == sudoers_stat.st_ino)) {
if (!digest_matches(fd, cp, digests))
continue;
free(runas_ctx.cmnd);
if ((runas_ctx.cmnd = strdup(cp)) == NULL) {
free(ctx.runas.cmnd);
if ((ctx.runas.cmnd = strdup(cp)) == NULL) {
sudo_warnx(U_("%s: %s"), __func__,
U_("unable to allocate memory"));
cp = NULL; /* fail closed */
@@ -637,7 +637,7 @@ done:
globfree(&gl);
if (cp != NULL) {
if (command_args_match(sudoers_cmnd, sudoers_args)) {
/* runas_ctx.cmnd was set above. */
/* ctx.runas.cmnd was set above. */
set_cmnd_fd(fd, rootfd);
debug_return_bool(true);
}
@@ -664,13 +664,13 @@ command_matches_normal(const char *sudoers_cmnd, const char *sudoers_args,
intercepted, digests));
}
/* Only proceed if user_ctx.cmnd_base and basename(sudoers_cmnd) match */
/* Only proceed if ctx.user.cmnd_base and basename(sudoers_cmnd) match */
base = sudo_basename(sudoers_cmnd);
if (strcmp(user_ctx.cmnd_base, base) != 0)
if (strcmp(ctx.user.cmnd_base, base) != 0)
debug_return_bool(false);
/* Compare the canonicalized parent directories, if possible. */
if (user_ctx.cmnd_dir != NULL) {
if (ctx.user.cmnd_dir != NULL) {
const char *slash = strrchr(sudoers_cmnd, '/');
if (slash != NULL) {
char sudoers_cmnd_dir[PATH_MAX], *resolved;
@@ -682,7 +682,7 @@ command_matches_normal(const char *sudoers_cmnd, const char *sudoers_args,
sudoers_cmnd_dir[len] = '\0';
resolved = canon_path(sudoers_cmnd_dir);
if (resolved != NULL) {
if (strcmp(resolved, user_ctx.cmnd_dir) != 0) {
if (strcmp(resolved, ctx.user.cmnd_dir) != 0) {
canon_path_free(resolved);
goto bad;
}
@@ -702,15 +702,15 @@ command_matches_normal(const char *sudoers_cmnd, const char *sudoers_args,
* c) there are args in sudoers and on command line and they match
* d) there is a digest and it matches
*/
if (user_ctx.cmnd_stat != NULL && do_stat(fd, sudoers_cmnd, &sudoers_stat)) {
if (ctx.user.cmnd_stat != NULL && do_stat(fd, sudoers_cmnd, &sudoers_stat)) {
if (!intercept_ok(sudoers_cmnd, intercepted, &sudoers_stat))
goto bad;
if (user_ctx.cmnd_stat->st_dev != sudoers_stat.st_dev ||
user_ctx.cmnd_stat->st_ino != sudoers_stat.st_ino)
if (ctx.user.cmnd_stat->st_dev != sudoers_stat.st_dev ||
ctx.user.cmnd_stat->st_ino != sudoers_stat.st_ino)
goto bad;
} else {
/* Either user or sudoers command does not exist, match by name. */
if (strcmp(user_ctx.cmnd, sudoers_cmnd) != 0)
if (strcmp(ctx.user.cmnd, sudoers_cmnd) != 0)
goto bad;
}
if (!command_args_match(sudoers_cmnd, sudoers_args))
@@ -719,8 +719,8 @@ command_matches_normal(const char *sudoers_cmnd, const char *sudoers_args,
/* XXX - log functions not available but we should log very loudly */
goto bad;
}
free(runas_ctx.cmnd);
if ((runas_ctx.cmnd = strdup(sudoers_cmnd)) == NULL) {
free(ctx.runas.cmnd);
if ((ctx.runas.cmnd = strdup(sudoers_cmnd)) == NULL) {
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
goto bad;
}
@@ -755,17 +755,17 @@ command_matches_normal(const char *sudoers_cmnd, const char *sudoers_args,
intercepted, digests));
}
if (strcmp(user_ctx.cmnd, sudoers_cmnd) == 0) {
if (strcmp(ctx.user.cmnd, sudoers_cmnd) == 0) {
if (command_args_match(sudoers_cmnd, sudoers_args)) {
/* Open the file for fdexec or for digest matching. */
if (!open_cmnd(user_ctx.cmnd, digests, &fd))
if (!open_cmnd(ctx.user.cmnd, digests, &fd))
goto bad;
if (!digest_matches(fd, user_ctx.cmnd, digests))
if (!digest_matches(fd, ctx.user.cmnd, digests))
goto bad;
/* Successful match. */
free(runas_ctx.cmnd);
if ((runas_ctx.cmnd = strdup(sudoers_cmnd)) == NULL) {
free(ctx.runas.cmnd);
if ((ctx.runas.cmnd = strdup(sudoers_cmnd)) == NULL) {
sudo_warnx(U_("%s: %s"), __func__,
U_("unable to allocate memory"));
goto bad;
@@ -783,7 +783,7 @@ bad:
/*
* If path doesn't end in /, return true iff cmnd & path name the same inode;
* otherwise, return true if user_ctx.cmnd names one of the inodes in path.
* otherwise, return true if ctx.user.cmnd names one of the inodes in path.
*/
bool
command_matches(const char *sudoers_cmnd, const char *sudoers_args,
@@ -798,14 +798,14 @@ command_matches(const char *sudoers_cmnd, const char *sudoers_args,
bool rc = false;
debug_decl(command_matches, SUDOERS_DEBUG_MATCH);
if (runas_ctx.chroot != NULL) {
if (ctx.runas.chroot != NULL) {
if (runchroot != NULL && strcmp(runchroot, "*") != 0 &&
strcmp(runchroot, runas_ctx.chroot) != 0) {
strcmp(runchroot, ctx.runas.chroot) != 0) {
/* CHROOT mismatch */
goto done;
}
/* User-specified runchroot (cmnd_stat already set appropriately). */
runchroot = runas_ctx.chroot;
runchroot = ctx.runas.chroot;
} else if (runchroot == NULL) {
/* No rule-specific runchroot, use global (cmnd_stat already set). */
if (def_runchroot != NULL && strcmp(def_runchroot, "*") != '\0')
@@ -825,14 +825,14 @@ command_matches(const char *sudoers_cmnd, const char *sudoers_args,
/* Rule-specific runchroot, set cmnd and cmnd_stat after pivot. */
int status;
/* Save old user_ctx.cmnd first, set_cmnd_path() will free it. */
saved_user_cmnd = user_ctx.cmnd;
user_ctx.cmnd = NULL;
if (user_ctx.cmnd_stat != NULL)
saved_user_stat = *user_ctx.cmnd_stat;
/* Save old ctx.user.cmnd first, set_cmnd_path() will free it. */
saved_user_cmnd = ctx.user.cmnd;
ctx.user.cmnd = NULL;
if (ctx.user.cmnd_stat != NULL)
saved_user_stat = *ctx.user.cmnd_stat;
status = set_cmnd_path(NULL);
if (status != FOUND) {
user_ctx.cmnd = saved_user_cmnd;
ctx.user.cmnd = saved_user_cmnd;
saved_user_cmnd = NULL;
}
if (info != NULL)
@@ -862,9 +862,9 @@ command_matches(const char *sudoers_cmnd, const char *sudoers_args,
*/
if (strcmp(sudoers_cmnd, "list") == 0 ||
strcmp(sudoers_cmnd, "sudoedit") == 0) {
if (strcmp(user_ctx.cmnd, sudoers_cmnd) == 0 &&
if (strcmp(ctx.user.cmnd, sudoers_cmnd) == 0 &&
command_args_match(sudoers_cmnd, sudoers_args)) {
/* No need to set user_ctx.cmnd since cmnd == sudoers_cmnd */
/* No need to set ctx.user.cmnd since cmnd == sudoers_cmnd */
rc = true;
}
}
@@ -892,24 +892,24 @@ done:
if (runchroot != NULL)
(void)unpivot_root(pivot_fds);
/* Restore user_ctx.cmnd and user_ctx.cmnd_stat. */
/* Restore ctx.user.cmnd and ctx.user.cmnd_stat. */
if (saved_user_cmnd != NULL) {
if (info != NULL) {
free(info->cmnd_path);
info->cmnd_path = user_ctx.cmnd;
if (user_ctx.cmnd_stat != NULL)
info->cmnd_stat = *user_ctx.cmnd_stat;
info->cmnd_path = ctx.user.cmnd;
if (ctx.user.cmnd_stat != NULL)
info->cmnd_stat = *ctx.user.cmnd_stat;
} else {
free(user_ctx.cmnd);
free(ctx.user.cmnd);
}
user_ctx.cmnd = saved_user_cmnd;
if (user_ctx.cmnd_stat != NULL)
*user_ctx.cmnd_stat = saved_user_stat;
ctx.user.cmnd = saved_user_cmnd;
if (ctx.user.cmnd_stat != NULL)
*ctx.user.cmnd_stat = saved_user_stat;
}
sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
"user command \"%s%s%s\" matches sudoers command \"%s%s%s\"%s%s: %s",
user_ctx.cmnd, user_ctx.cmnd_args ? " " : "",
user_ctx.cmnd_args ? user_ctx.cmnd_args : "", sudoers_cmnd,
ctx.user.cmnd, ctx.user.cmnd_args ? " " : "",
ctx.user.cmnd_args ? ctx.user.cmnd_args : "", sudoers_cmnd,
sudoers_args ? " " : "", sudoers_args ? sudoers_args : "",
runchroot ? ", chroot " : "", runchroot ? runchroot : "",
rc ? "true" : "false");

252
plugins/sudoers/policy.c
View File

@@ -120,7 +120,7 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults)
} \
} while (0)
if (sudo_gettime_real(&user_ctx.submit_time) == -1) {
if (sudo_gettime_real(&ctx.user.submit_time) == -1) {
sudo_warn("%s", U_("unable to get time of day"));
goto bad;
}
@@ -184,15 +184,15 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults)
sudoers_conf.sudoers_path = path_sudoers;
/* Parse command line settings. */
user_ctx.flags = 0;
user_ctx.closefrom = -1;
ctx.settings.flags = 0;
ctx.user.closefrom = -1;
sudoedit_nfiles = 0;
sudo_mode = 0;
for (cur = info->settings; *cur != NULL; cur++) {
if (MATCHES(*cur, "closefrom=")) {
p = *cur + sizeof("closefrom=") - 1;
user_ctx.closefrom = (int)sudo_strtonum(p, 3, INT_MAX, &errstr);
if (user_ctx.closefrom == 0) {
ctx.user.closefrom = (int)sudo_strtonum(p, 3, INT_MAX, &errstr);
if (ctx.user.closefrom == 0) {
sudo_warnx(U_("%s: %s"), *cur, U_(errstr));
goto bad;
}
@@ -200,8 +200,8 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults)
}
if (MATCHES(*cur, "cmnd_chroot=")) {
CHECK(*cur, "cmnd_chroot=");
runas_ctx.chroot = *cur + sizeof("cmnd_chroot=") - 1;
if (strlen(runas_ctx.chroot) >= PATH_MAX) {
ctx.runas.chroot = *cur + sizeof("cmnd_chroot=") - 1;
if (strlen(ctx.runas.chroot) >= PATH_MAX) {
sudo_warnx(U_("path name for \"%s\" too long"), "cmnd_chroot");
goto bad;
}
@@ -209,8 +209,8 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults)
}
if (MATCHES(*cur, "cmnd_cwd=")) {
CHECK(*cur, "cmnd_cwd=");
runas_ctx.cwd = *cur + sizeof("cmnd_cwd=") - 1;
if (strlen(runas_ctx.cwd) >= PATH_MAX) {
ctx.runas.cwd = *cur + sizeof("cmnd_cwd=") - 1;
if (strlen(ctx.runas.cwd) >= PATH_MAX) {
sudo_warnx(U_("path name for \"%s\" too long"), "cmnd_cwd");
goto bad;
}
@@ -218,19 +218,19 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults)
}
if (MATCHES(*cur, "runas_user=")) {
CHECK(*cur, "runas_user=");
runas_ctx.user = *cur + sizeof("runas_user=") - 1;
SET(runas_ctx.flags, RUNAS_USER_SPECIFIED);
ctx.runas.user = *cur + sizeof("runas_user=") - 1;
SET(ctx.settings.flags, RUNAS_USER_SPECIFIED);
continue;
}
if (MATCHES(*cur, "runas_group=")) {
CHECK(*cur, "runas_group=");
runas_ctx.group = *cur + sizeof("runas_group=") - 1;
SET(runas_ctx.flags, RUNAS_GROUP_SPECIFIED);
ctx.runas.group = *cur + sizeof("runas_group=") - 1;
SET(ctx.settings.flags, RUNAS_GROUP_SPECIFIED);
continue;
}
if (MATCHES(*cur, "prompt=")) {
/* Allow epmpty prompt. */
user_ctx.prompt = *cur + sizeof("prompt=") - 1;
ctx.user.prompt = *cur + sizeof("prompt=") - 1;
if (!append_default("passprompt_override", NULL, true, NULL, defaults))
goto oom;
continue;
@@ -297,19 +297,19 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults)
}
if (MATCHES(*cur, "login_class=")) {
CHECK(*cur, "login_class=");
runas_ctx.class = *cur + sizeof("login_class=") - 1;
ctx.runas.class = *cur + sizeof("login_class=") - 1;
if (!append_default("use_loginclass", NULL, true, NULL, defaults))
goto oom;
continue;
}
if (MATCHES(*cur, "intercept_ptrace=")) {
if (parse_bool(*cur, sizeof("intercept_ptrace") - 1, &user_ctx.flags,
if (parse_bool(*cur, sizeof("intercept_ptrace") - 1, &ctx.settings.flags,
HAVE_INTERCEPT_PTRACE) == -1)
goto bad;
continue;
}
if (MATCHES(*cur, "intercept_setid=")) {
if (parse_bool(*cur, sizeof("intercept_setid") - 1, &user_ctx.flags,
if (parse_bool(*cur, sizeof("intercept_setid") - 1, &ctx.settings.flags,
CAN_INTERCEPT_SETID) == -1)
goto bad;
continue;
@@ -317,17 +317,17 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults)
#ifdef HAVE_SELINUX
if (MATCHES(*cur, "selinux_role=")) {
CHECK(*cur, "selinux_role=");
free(runas_ctx.role);
runas_ctx.role = strdup(*cur + sizeof("selinux_role=") - 1);
if (runas_ctx.role == NULL)
free(ctx.runas.role);
ctx.runas.role = strdup(*cur + sizeof("selinux_role=") - 1);
if (ctx.runas.role == NULL)
goto oom;
continue;
}
if (MATCHES(*cur, "selinux_type=")) {
CHECK(*cur, "selinux_type=");
free(runas_ctx.type);
runas_ctx.type = strdup(*cur + sizeof("selinux_type=") - 1);
if (runas_ctx.type == NULL)
free(ctx.runas.type);
ctx.runas.type = strdup(*cur + sizeof("selinux_type=") - 1);
if (ctx.runas.type == NULL)
goto oom;
continue;
}
@@ -335,9 +335,9 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults)
#ifdef HAVE_APPARMOR
if (MATCHES(*cur, "apparmor_profile=")) {
CHECK(*cur, "apparmor_profile=");
free(runas_ctx.apparmor_profile);
runas_ctx.apparmor_profile = strdup(*cur + sizeof("apparmor_profile=") - 1);
if (runas_ctx.apparmor_profile == NULL)
free(ctx.runas.apparmor_profile);
ctx.runas.apparmor_profile = strdup(*cur + sizeof("apparmor_profile=") - 1);
if (ctx.runas.apparmor_profile == NULL)
goto oom;
continue;
}
@@ -376,8 +376,8 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults)
}
if (MATCHES(*cur, "timeout=")) {
p = *cur + sizeof("timeout=") - 1;
user_ctx.timeout = parse_timeout(p);
if (user_ctx.timeout == -1) {
ctx.user.timeout = parse_timeout(p);
if (ctx.user.timeout == -1) {
if (errno == ERANGE)
sudo_warnx(U_("%s: %s"), p, U_("timeout value too large"));
else
@@ -404,20 +404,20 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults)
if (ISSET(flags, MODE_IGNORE_TICKET))
CLR(flags, MODE_UPDATE_TICKET);
user_ctx.gid = (gid_t)-1;
user_ctx.uid = (gid_t)-1;
user_ctx.umask = (mode_t)-1;
ctx.user.gid = (gid_t)-1;
ctx.user.uid = (gid_t)-1;
ctx.user.umask = (mode_t)-1;
for (cur = info->user_info; *cur != NULL; cur++) {
if (MATCHES(*cur, "user=")) {
CHECK(*cur, "user=");
free(user_ctx.name);
if ((user_ctx.name = strdup(*cur + sizeof("user=") - 1)) == NULL)
free(ctx.user.name);
if ((ctx.user.name = strdup(*cur + sizeof("user=") - 1)) == NULL)
goto oom;
continue;
}
if (MATCHES(*cur, "uid=")) {
p = *cur + sizeof("uid=") - 1;
user_ctx.uid = (uid_t) sudo_strtoid(p, &errstr);
ctx.user.uid = (uid_t) sudo_strtoid(p, &errstr);
if (errstr != NULL) {
sudo_warnx(U_("%s: %s"), *cur, U_(errstr));
goto bad;
@@ -426,7 +426,7 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults)
}
if (MATCHES(*cur, "gid=")) {
p = *cur + sizeof("gid=") - 1;
user_ctx.gid = (gid_t) sudo_strtoid(p, &errstr);
ctx.user.gid = (gid_t) sudo_strtoid(p, &errstr);
if (errstr != NULL) {
sudo_warnx(U_("%s: %s"), *cur, U_(errstr));
goto bad;
@@ -440,41 +440,41 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults)
}
if (MATCHES(*cur, "cwd=")) {
CHECK(*cur, "cwd=");
free(user_ctx.cwd);
if ((user_ctx.cwd = strdup(*cur + sizeof("cwd=") - 1)) == NULL)
free(ctx.user.cwd);
if ((ctx.user.cwd = strdup(*cur + sizeof("cwd=") - 1)) == NULL)
goto oom;
continue;
}
if (MATCHES(*cur, "tty=")) {
CHECK(*cur, "tty=");
free(user_ctx.ttypath);
if ((user_ctx.ttypath = strdup(*cur + sizeof("tty=") - 1)) == NULL)
free(ctx.user.ttypath);
if ((ctx.user.ttypath = strdup(*cur + sizeof("tty=") - 1)) == NULL)
goto oom;
user_ctx.tty = user_ctx.ttypath;
if (strncmp(user_ctx.tty, _PATH_DEV, sizeof(_PATH_DEV) - 1) == 0)
user_ctx.tty += sizeof(_PATH_DEV) - 1;
ctx.user.tty = ctx.user.ttypath;
if (strncmp(ctx.user.tty, _PATH_DEV, sizeof(_PATH_DEV) - 1) == 0)
ctx.user.tty += sizeof(_PATH_DEV) - 1;
continue;
}
if (MATCHES(*cur, "host=")) {
CHECK(*cur, "host=");
if (user_ctx.shost != user_ctx.host)
free(user_ctx.shost);
free(user_ctx.host);
if ((user_ctx.host = strdup(*cur + sizeof("host=") - 1)) == NULL)
if (ctx.user.shost != ctx.user.host)
free(ctx.user.shost);
free(ctx.user.host);
if ((ctx.user.host = strdup(*cur + sizeof("host=") - 1)) == NULL)
goto oom;
if ((p = strchr(user_ctx.host, '.')) != NULL) {
user_ctx.shost = strndup(user_ctx.host, (size_t)(p - user_ctx.host));
if (user_ctx.shost == NULL)
if ((p = strchr(ctx.user.host, '.')) != NULL) {
ctx.user.shost = strndup(ctx.user.host, (size_t)(p - ctx.user.host));
if (ctx.user.shost == NULL)
goto oom;
} else {
user_ctx.shost = user_ctx.host;
ctx.user.shost = ctx.user.host;
}
continue;
}
if (MATCHES(*cur, "lines=")) {
p = *cur + sizeof("lines=") - 1;
user_ctx.lines = (int)sudo_strtonum(p, 1, INT_MAX, &errstr);
if (user_ctx.lines == 0) {
ctx.user.lines = (int)sudo_strtonum(p, 1, INT_MAX, &errstr);
if (ctx.user.lines == 0) {
sudo_warnx(U_("%s: %s"), *cur, U_(errstr));
goto bad;
}
@@ -482,8 +482,8 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults)
}
if (MATCHES(*cur, "cols=")) {
p = *cur + sizeof("cols=") - 1;
user_ctx.cols = (int)sudo_strtonum(p, 1, INT_MAX, &errstr);
if (user_ctx.cols == 0) {
ctx.user.cols = (int)sudo_strtonum(p, 1, INT_MAX, &errstr);
if (ctx.user.cols == 0) {
sudo_warnx(U_("%s: %s"), *cur, U_(errstr));
goto bad;
}
@@ -491,7 +491,7 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults)
}
if (MATCHES(*cur, "sid=")) {
p = *cur + sizeof("sid=") - 1;
user_ctx.sid = (pid_t) sudo_strtoid(p, &errstr);
ctx.user.sid = (pid_t) sudo_strtoid(p, &errstr);
if (errstr != NULL) {
sudo_warnx(U_("%s: %s"), *cur, U_(errstr));
goto bad;
@@ -500,7 +500,7 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults)
}
if (MATCHES(*cur, "tcpgid=")) {
p = *cur + sizeof("tcpgid=") - 1;
user_ctx.tcpgid = (pid_t) sudo_strtoid(p, &errstr);
ctx.user.tcpgid = (pid_t) sudo_strtoid(p, &errstr);
if (errstr != NULL) {
sudo_warnx(U_("%s: %s"), *cur, U_(errstr));
goto bad;
@@ -509,7 +509,7 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults)
}
if (MATCHES(*cur, "umask=")) {
p = *cur + sizeof("umask=") - 1;
user_ctx.umask = sudo_strtomode(p, &errstr);
ctx.user.umask = sudo_strtomode(p, &errstr);
if (errstr != NULL) {
sudo_warnx(U_("%s: %s"), *cur, U_(errstr));
goto bad;
@@ -519,56 +519,56 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults)
}
/* User name, user-ID, group-ID and host name must be specified. */
if (user_ctx.name == NULL) {
if (ctx.user.name == NULL) {
sudo_warnx("%s", U_("user name not set by sudo front-end"));
goto bad;
}
if (user_ctx.uid == (uid_t)-1) {
if (ctx.user.uid == (uid_t)-1) {
sudo_warnx("%s", U_("user-ID not set by sudo front-end"));
goto bad;
}
if (user_ctx.gid == (gid_t)-1) {
if (ctx.user.gid == (gid_t)-1) {
sudo_warnx("%s", U_("group-ID not set by sudo front-end"));
goto bad;
}
if (user_ctx.host == NULL) {
if (ctx.user.host == NULL) {
sudo_warnx("%s", U_("host name not set by sudo front-end"));
goto bad;
}
if (runas_ctx.shost != runas_ctx.host)
free(runas_ctx.shost);
free(runas_ctx.host);
if ((runas_ctx.host = strdup(remhost ? remhost : user_ctx.host)) == NULL)
if (ctx.runas.shost != ctx.runas.host)
free(ctx.runas.shost);
free(ctx.runas.host);
if ((ctx.runas.host = strdup(remhost ? remhost : ctx.user.host)) == NULL)
goto oom;
if ((p = strchr(runas_ctx.host, '.')) != NULL) {
runas_ctx.shost = strndup(runas_ctx.host, (size_t)(p - runas_ctx.host));
if (runas_ctx.shost == NULL)
if ((p = strchr(ctx.runas.host, '.')) != NULL) {
ctx.runas.shost = strndup(ctx.runas.host, (size_t)(p - ctx.runas.host));
if (ctx.runas.shost == NULL)
goto oom;
} else {
runas_ctx.shost = runas_ctx.host;
ctx.runas.shost = ctx.runas.host;
}
if (user_ctx.cwd == NULL) {
if ((user_ctx.cwd = strdup("unknown")) == NULL)
if (ctx.user.cwd == NULL) {
if ((ctx.user.cwd = strdup("unknown")) == NULL)
goto oom;
}
if (user_ctx.tty == NULL) {
if ((user_ctx.tty = strdup("unknown")) == NULL)
if (ctx.user.tty == NULL) {
if ((ctx.user.tty = strdup("unknown")) == NULL)
goto oom;
/* user_ctx.ttypath remains NULL */
/* ctx.user.ttypath remains NULL */
}
if (groups != NULL) {
/* sudo_parse_gids() will print a warning on error. */
user_ctx.ngids = sudo_parse_gids(groups, &user_ctx.gid, &user_ctx.gids);
if (user_ctx.ngids == -1)
ctx.user.ngids = sudo_parse_gids(groups, &ctx.user.gid, &ctx.user.gids);
if (ctx.user.ngids == -1)
goto bad;
}
/* umask is only set in user_info[] for API 1.10 and above. */
if (user_ctx.umask == (mode_t)-1) {
user_ctx.umask = umask(0);
umask(user_ctx.umask);
if (ctx.user.umask == (mode_t)-1) {
ctx.user.umask = umask(0);
umask(ctx.user.umask);
}
/* Always reset the environment for a login shell. */
@@ -576,11 +576,11 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults)
def_env_reset = true;
/* Some systems support fexecve() which we use for digest matches. */
runas_ctx.execfd = -1;
ctx.runas.execfd = -1;
/* Create a UUID to store in the event log. */
sudo_uuid_create(uuid);
if (sudo_uuid_to_string(uuid, user_ctx.uuid_str, sizeof(user_ctx.uuid_str)) == NULL) {
if (sudo_uuid_to_string(uuid, ctx.user.uuid_str, sizeof(ctx.user.uuid_str)) == NULL) {
sudo_warnx("%s", U_("unable to generate UUID"));
goto bad;
}
@@ -589,17 +589,17 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults)
* Set intercept defaults based on flags set above.
* We pass -1 as the operator to indicate it is set by the front end.
*/
if (ISSET(user_ctx.flags, HAVE_INTERCEPT_PTRACE)) {
if (ISSET(ctx.settings.flags, HAVE_INTERCEPT_PTRACE)) {
if (!append_default("intercept_type", "trace", -1, NULL, defaults))
goto oom;
}
if (ISSET(user_ctx.flags, CAN_INTERCEPT_SETID)) {
if (ISSET(ctx.settings.flags, CAN_INTERCEPT_SETID)) {
if (!append_default("intercept_allow_setid", NULL, -1, NULL, defaults))
goto oom;
}
#ifdef NO_ROOT_MAILER
eventlog_set_mailuid(user_ctx.uid);
eventlog_set_mailuid(ctx.user.uid);
#endif
/* Dump settings and user info (XXX - plugin args) */
@@ -678,8 +678,8 @@ sudoers_policy_store_result(bool accepted, char *argv[], char *envp[],
if (command_info == NULL)
goto oom;
if (runas_ctx.cmnd != NULL) {
command_info[info_len] = sudo_new_key_val("command", runas_ctx.cmnd);
if (ctx.runas.cmnd != NULL) {
command_info[info_len] = sudo_new_key_val("command", ctx.runas.cmnd);
if (command_info[info_len++] == NULL)
goto oom;
}
@@ -752,7 +752,7 @@ sudoers_policy_store_result(bool accepted, char *argv[], char *envp[],
}
if (def_runcwd && strcmp(def_runcwd, "*") != 0) {
/* Set cwd to explicit value (sudoers or user-specified). */
if (!expand_tilde(&def_runcwd, runas_ctx.pw->pw_name)) {
if (!expand_tilde(&def_runcwd, ctx.runas.pw->pw_name)) {
sudo_warnx(U_("invalid working directory: %s"), def_runcwd);
goto bad;
}
@@ -760,38 +760,38 @@ sudoers_policy_store_result(bool accepted, char *argv[], char *envp[],
goto oom;
} else if (ISSET(sudo_mode, MODE_LOGIN_SHELL)) {
/* Set cwd to run user's homedir. */
if ((command_info[info_len++] = sudo_new_key_val("cwd", runas_ctx.pw->pw_dir)) == NULL)
if ((command_info[info_len++] = sudo_new_key_val("cwd", ctx.runas.pw->pw_dir)) == NULL)
goto oom;
if ((command_info[info_len++] = strdup("cwd_optional=true")) == NULL)
goto oom;
}
if ((command_info[info_len++] = sudo_new_key_val("runas_user", runas_ctx.pw->pw_name)) == NULL)
if ((command_info[info_len++] = sudo_new_key_val("runas_user", ctx.runas.pw->pw_name)) == NULL)
goto oom;
if (runas_ctx.gr != NULL) {
if ((command_info[info_len++] = sudo_new_key_val("runas_group", runas_ctx.gr->gr_name)) == NULL)
if (ctx.runas.gr != NULL) {
if ((command_info[info_len++] = sudo_new_key_val("runas_group", ctx.runas.gr->gr_name)) == NULL)
goto oom;
}
if (def_stay_setuid) {
if (asprintf(&command_info[info_len++], "runas_uid=%u",
(unsigned int)user_ctx.uid) == -1)
(unsigned int)ctx.user.uid) == -1)
goto oom;
if (asprintf(&command_info[info_len++], "runas_gid=%u",
(unsigned int)user_ctx.gid) == -1)
(unsigned int)ctx.user.gid) == -1)
goto oom;
if (asprintf(&command_info[info_len++], "runas_euid=%u",
(unsigned int)runas_ctx.pw->pw_uid) == -1)
(unsigned int)ctx.runas.pw->pw_uid) == -1)
goto oom;
if (asprintf(&command_info[info_len++], "runas_egid=%u",
runas_ctx.gr ? (unsigned int)runas_ctx.gr->gr_gid :
(unsigned int)runas_ctx.pw->pw_gid) == -1)
ctx.runas.gr ? (unsigned int)ctx.runas.gr->gr_gid :
(unsigned int)ctx.runas.pw->pw_gid) == -1)
goto oom;
} else {
if (asprintf(&command_info[info_len++], "runas_uid=%u",
(unsigned int)runas_ctx.pw->pw_uid) == -1)
(unsigned int)ctx.runas.pw->pw_uid) == -1)
goto oom;
if (asprintf(&command_info[info_len++], "runas_gid=%u",
runas_ctx.gr ? (unsigned int)runas_ctx.gr->gr_gid :
(unsigned int)runas_ctx.pw->pw_gid) == -1)
ctx.runas.gr ? (unsigned int)ctx.runas.gr->gr_gid :
(unsigned int)ctx.runas.pw->pw_gid) == -1)
goto oom;
}
if (def_preserve_groups) {
@@ -805,7 +805,7 @@ sudoers_policy_store_result(bool accepted, char *argv[], char *envp[],
struct gid_list *gidlist;
/* Only use results from a group db query, not the front end. */
gidlist = sudo_get_gidlist(runas_ctx.pw, ENTRY_TYPE_QUERIED);
gidlist = sudo_get_gidlist(ctx.runas.pw, ENTRY_TYPE_QUERIED);
/* We reserve an extra spot in the list for the effective gid. */
glsize = sizeof("runas_groups=") - 1 +
@@ -820,8 +820,8 @@ sudoers_policy_store_result(bool accepted, char *argv[], char *envp[],
glsize -= (size_t)(cp - gid_list);
/* On BSD systems the effective gid is the first group in the list. */
egid = runas_ctx.gr ? (unsigned int)runas_ctx.gr->gr_gid :
(unsigned int)runas_ctx.pw->pw_gid;
egid = ctx.runas.gr ? (unsigned int)ctx.runas.gr->gr_gid :
(unsigned int)ctx.runas.pw->pw_gid;
len = snprintf(cp, glsize, "%u", (unsigned int)egid);
if (len < 0 || (size_t)len >= glsize) {
sudo_warnx(U_("internal error, %s overflow"), __func__);
@@ -885,7 +885,7 @@ sudoers_policy_store_result(bool accepted, char *argv[], char *envp[],
goto oom;
}
if (def_utmp_runas) {
if ((command_info[info_len++] = sudo_new_key_val("utmp_user", runas_ctx.pw->pw_name)) == NULL)
if ((command_info[info_len++] = sudo_new_key_val("utmp_user", ctx.runas.pw->pw_name)) == NULL)
goto oom;
}
if (def_iolog_mode != (S_IRUSR|S_IWUSR)) {
@@ -931,15 +931,15 @@ sudoers_policy_store_result(bool accepted, char *argv[], char *envp[],
goto oom;
}
if (def_command_timeout > 0 || user_ctx.timeout > 0) {
int timeout = user_ctx.timeout;
if (def_command_timeout > 0 || ctx.user.timeout > 0) {
int timeout = ctx.user.timeout;
if (timeout == 0 || (def_command_timeout > 0 && def_command_timeout < timeout))
timeout = def_command_timeout;
if (asprintf(&command_info[info_len++], "timeout=%u", timeout) == -1)
goto oom;
}
if (def_runchroot != NULL && strcmp(def_runchroot, "*") != 0) {
if (!expand_tilde(&def_runchroot, runas_ctx.pw->pw_name)) {
if (!expand_tilde(&def_runchroot, ctx.runas.pw->pw_name)) {
sudo_warnx(U_("invalid chroot directory: %s"), def_runchroot);
goto bad;
}
@@ -954,13 +954,13 @@ sudoers_policy_store_result(bool accepted, char *argv[], char *envp[],
if ((command_info[info_len++] = strdup("umask_override=true")) == NULL)
goto oom;
}
if (runas_ctx.execfd != -1) {
if (ctx.runas.execfd != -1) {
if (sudo_version < SUDO_API_MKVERSION(1, 9)) {
/* execfd only supported by plugin API 1.9 and higher */
close(runas_ctx.execfd);
runas_ctx.execfd = -1;
close(ctx.runas.execfd);
ctx.runas.execfd = -1;
} else {
if (asprintf(&command_info[info_len++], "execfd=%d", runas_ctx.execfd) == -1)
if (asprintf(&command_info[info_len++], "execfd=%d", ctx.runas.execfd) == -1)
goto oom;
}
}
@@ -1008,40 +1008,40 @@ sudoers_policy_store_result(bool accepted, char *argv[], char *envp[],
if ((command_info[info_len++] = sudo_new_key_val("rlimit_stack", def_rlimit_stack)) == NULL)
goto oom;
}
if (user_ctx.source != NULL) {
command_info[info_len] = sudo_new_key_val("source", user_ctx.source);
if (ctx.user.source != NULL) {
command_info[info_len] = sudo_new_key_val("source", ctx.user.source);
if (command_info[info_len++] == NULL)
goto oom;
}
#ifdef HAVE_LOGIN_CAP_H
if (def_use_loginclass) {
if ((command_info[info_len++] = sudo_new_key_val("login_class", runas_ctx.class)) == NULL)
if ((command_info[info_len++] = sudo_new_key_val("login_class", ctx.runas.class)) == NULL)
goto oom;
}
#endif /* HAVE_LOGIN_CAP_H */
#ifdef HAVE_SELINUX
if (def_selinux && runas_ctx.role != NULL) {
if ((command_info[info_len++] = sudo_new_key_val("selinux_role", runas_ctx.role)) == NULL)
if (def_selinux && ctx.runas.role != NULL) {
if ((command_info[info_len++] = sudo_new_key_val("selinux_role", ctx.runas.role)) == NULL)
goto oom;
}
if (def_selinux && runas_ctx.type != NULL) {
if ((command_info[info_len++] = sudo_new_key_val("selinux_type", runas_ctx.type)) == NULL)
if (def_selinux && ctx.runas.type != NULL) {
if ((command_info[info_len++] = sudo_new_key_val("selinux_type", ctx.runas.type)) == NULL)
goto oom;
}
#endif /* HAVE_SELINUX */
#ifdef HAVE_APPARMOR
if (runas_ctx.apparmor_profile != NULL) {
if ((command_info[info_len++] = sudo_new_key_val("apparmor_profile", runas_ctx.apparmor_profile)) == NULL)
if (ctx.runas.apparmor_profile != NULL) {
if ((command_info[info_len++] = sudo_new_key_val("apparmor_profile", ctx.runas.apparmor_profile)) == NULL)
goto oom;
}
#endif /* HAVE_APPARMOR */
#ifdef HAVE_PRIV_SET
if (runas_ctx.privs != NULL) {
if ((command_info[info_len++] = sudo_new_key_val("privs", runas_ctx.privs)) == NULL)
if (ctx.runas.privs != NULL) {
if ((command_info[info_len++] = sudo_new_key_val("privs", ctx.runas.privs)) == NULL)
goto oom;
}
if (runas_ctx.limitprivs != NULL) {
if ((command_info[info_len++] = sudo_new_key_val("limitprivs", runas_ctx.limitprivs)) == NULL)
if (ctx.runas.limitprivs != NULL) {
if ((command_info[info_len++] = sudo_new_key_val("limitprivs", ctx.runas.limitprivs)) == NULL)
goto oom;
}
#endif /* HAVE_PRIV_SET */
@@ -1129,11 +1129,11 @@ sudoers_policy_close(int exit_status, int error_code)
if (session_opened) {
/* Close the session we opened in sudoers_policy_init_session(). */
(void)sudo_auth_end_session(runas_ctx.pw);
(void)sudo_auth_end_session(ctx.runas.pw);
if (error_code) {
errno = error_code;
sudo_warn(U_("unable to execute %s"), runas_ctx.cmnd);
sudo_warn(U_("unable to execute %s"), ctx.runas.cmnd);
} else {
log_exit_status(exit_status);
}
@@ -1145,7 +1145,7 @@ sudoers_policy_close(int exit_status, int error_code)
/* Free stashed copy of the environment. */
(void)env_init(NULL);
/* Free sudoers sources, user_ctx and passwd/group caches. */
/* Free sudoers sources, ctx.user.and passwd/group caches. */
sudoers_cleanup();
/* command_info was freed by the g/c code. */

16
plugins/sudoers/prompt.c
View File

@@ -55,12 +55,12 @@ expand_prompt(const char *old_prompt, const char *auth_user)
switch (p[1]) {
case 'h':
p++;
len += strlen(user_ctx.shost) - 2;
len += strlen(ctx.user.shost) - 2;
subst = 1;
break;
case 'H':
p++;
len += strlen(user_ctx.host) - 2;
len += strlen(ctx.user.host) - 2;
subst = 1;
break;
case 'p':
@@ -70,12 +70,12 @@ expand_prompt(const char *old_prompt, const char *auth_user)
break;
case 'u':
p++;
len += strlen(user_ctx.name) - 2;
len += strlen(ctx.user.name) - 2;
subst = 1;
break;
case 'U':
p++;
len += strlen(runas_ctx.pw->pw_name) - 2;
len += strlen(ctx.runas.pw->pw_name) - 2;
subst = 1;
break;
case '%':
@@ -100,7 +100,7 @@ expand_prompt(const char *old_prompt, const char *auth_user)
switch (p[1]) {
case 'h':
p++;
n = strlcpy(np, user_ctx.shost, len);
n = strlcpy(np, ctx.user.shost, len);
if (n >= len)
goto oflow;
np += n;
@@ -108,7 +108,7 @@ expand_prompt(const char *old_prompt, const char *auth_user)
continue;
case 'H':
p++;
n = strlcpy(np, user_ctx.host, len);
n = strlcpy(np, ctx.user.host, len);
if (n >= len)
goto oflow;
np += n;
@@ -124,7 +124,7 @@ expand_prompt(const char *old_prompt, const char *auth_user)
continue;
case 'u':
p++;
n = strlcpy(np, user_ctx.name, len);
n = strlcpy(np, ctx.user.name, len);
if (n >= len)
goto oflow;
np += n;
@@ -132,7 +132,7 @@ expand_prompt(const char *old_prompt, const char *auth_user)
continue;
case 'U':
p++;
n = strlcpy(np, runas_ctx.pw->pw_name, len);
n = strlcpy(np, ctx.runas.pw->pw_name, len);
if (n >= len)
goto oflow;
np += n;

14
plugins/sudoers/pwutil_impl.c
View File

@@ -246,7 +246,7 @@ PREFIX(make_gritem)(gid_t gid, const char *name)
/*
* Dynamically allocate space for a struct item plus the key and data
* elements. Fills in datum from user_ctx.gids or from sudo_getgrouplist2(3).
* elements. Fills in datum from ctx.user.gids or from sudo_getgrouplist2(3).
*/
struct cache_item *
PREFIX(make_gidlist_item)(const struct passwd *pw, char * const *gidstrs,
@@ -264,7 +264,7 @@ PREFIX(make_gidlist_item)(const struct passwd *pw, char * const *gidstrs,
* Ignore supplied gids if the entry type says we must query the group db.
*/
if (type != ENTRY_TYPE_QUERIED && (gidstrs != NULL ||
(pw == user_ctx.pw && user_ctx.gids != NULL))) {
(pw == ctx.user.pw && ctx.user.gids != NULL))) {
if (gidstrs != NULL) {
/* Use supplied gids list (string format). */
ngids = 1;
@@ -290,11 +290,11 @@ PREFIX(make_gidlist_item)(const struct passwd *pw, char * const *gidstrs,
gids[ngids++] = gid;
}
} else {
/* Adopt user_ctx.gids. */
gids = user_ctx.gids;
ngids = user_ctx.ngids;
user_ctx.gids = NULL;
user_ctx.ngids = 0;
/* Adopt ctx.user.gids. */
gids = ctx.user.gids;
ngids = ctx.user.ngids;
ctx.user.gids = NULL;
ctx.user.ngids = 0;
}
type = ENTRY_TYPE_FRONTEND;
} else {

2
plugins/sudoers/regress/exptilde/check_exptilde.c
View File

@@ -31,7 +31,7 @@
#include <def_data.c>
struct sudoers_user_context user_ctx;
struct sudoers_context ctx;
struct test_data {
const char *input;

109
plugins/sudoers/regress/fuzz/fuzz_sudoers.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright (c) 2021 Todd C. Miller <Todd.Miller@sudo.ws>
* Copyright (c) 2021-2023 Todd C. Miller <Todd.Miller@sudo.ws>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@@ -49,8 +49,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
static const char *orig_cmnd;
/* Required to link with parser. */
struct sudoers_user_context user_ctx;
struct sudoers_runas_context runas_ctx;
struct sudoers_context ctx;
sudo_conv_t sudo_conv = fuzz_conversation;
sudo_printf_t sudo_printf = fuzz_printf;
unsigned int sudo_mode;
@@ -107,12 +106,12 @@ init_envtables(void)
int
set_cmnd_path(const char *runchroot)
{
/* Reallocate user_ctx.cmnd to catch bugs in command_matches(). */
/* Reallocate ctx.user.cmnd to catch bugs in command_matches(). */
char *new_cmnd = strdup(orig_cmnd);
if (new_cmnd == NULL)
return NOT_FOUND_ERROR;
free(user_ctx.cmnd);
user_ctx.cmnd = new_cmnd;
free(ctx.user.cmnd);
ctx.user.cmnd = new_cmnd;
return FOUND;
}
@@ -285,14 +284,14 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
sudo_pw_delref(pw);
/* The minimum needed to perform matching (cmnd must be dynamic). */
user_ctx.host = user_ctx.shost = runas_ctx.host = runas_ctx.shost =
ctx.user.host = ctx.user.shost = ctx.runas.host = ctx.runas.shost =
(char *)"localhost";
orig_cmnd = (char *)"/usr/bin/id";
user_ctx.cmnd = strdup(orig_cmnd);
if (user_ctx.cmnd == NULL)
ctx.user.cmnd = strdup(orig_cmnd);
if (ctx.user.cmnd == NULL)
goto done;
user_ctx.cmnd_args = (char *)"-u";
user_ctx.cmnd_base = sudo_basename(user_ctx.cmnd);
ctx.user.cmnd_args = (char *)"-u";
ctx.user.cmnd_base = sudo_basename(ctx.user.cmnd);
time(&now);
/* Add a fake network interfaces. */
@@ -326,71 +325,71 @@ LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
int cmnd_status;
/* Invoking user. */
user_ctx.name = (char *)ud->user;
if (user_ctx.pw != NULL)
sudo_pw_delref(user_ctx.pw);
user_ctx.pw = sudo_getpwnam(user_ctx.name);
if (user_ctx.pw == NULL) {
sudo_warnx_nodebug("unknown user %s", user_ctx.name);
ctx.user.name = (char *)ud->user;
if (ctx.user.pw != NULL)
sudo_pw_delref(ctx.user.pw);
ctx.user.pw = sudo_getpwnam(ctx.user.name);
if (ctx.user.pw == NULL) {
sudo_warnx_nodebug("unknown user %s", ctx.user.name);
continue;
}
/* Run user. */
if (runas_ctx.pw != NULL)
sudo_pw_delref(runas_ctx.pw);
if (ctx.runas.pw != NULL)
sudo_pw_delref(ctx.runas.pw);
if (ud->runuser != NULL) {
runas_ctx.user = (char *)ud->runuser;
SET(runas_ctx.flags, RUNAS_USER_SPECIFIED);
runas_ctx.pw = sudo_getpwnam(runas_ctx.user);
ctx.runas.user = (char *)ud->runuser;
SET(ctx.settings.flags, RUNAS_USER_SPECIFIED);
ctx.runas.pw = sudo_getpwnam(ctx.runas.user);
} else {
runas_ctx.user = NULL;
CLR(runas_ctx.flags, RUNAS_USER_SPECIFIED);
runas_ctx.pw = sudo_getpwnam("root");
ctx.runas.user = NULL;
CLR(ctx.settings.flags, RUNAS_USER_SPECIFIED);
ctx.runas.pw = sudo_getpwnam("root");
}
if (runas_ctx.pw == NULL) {
sudo_warnx_nodebug("unknown run user %s", runas_ctx.user);
if (ctx.runas.pw == NULL) {
sudo_warnx_nodebug("unknown run user %s", ctx.runas.user);
continue;
}
/* Run group. */
if (runas_ctx.gr != NULL)
sudo_gr_delref(runas_ctx.gr);
if (ctx.runas.gr != NULL)
sudo_gr_delref(ctx.runas.gr);
if (ud->rungroup != NULL) {
runas_ctx.group = (char *)ud->rungroup;
SET(runas_ctx.flags, RUNAS_GROUP_SPECIFIED);
runas_ctx.gr = sudo_getgrnam(runas_ctx.group);
if (runas_ctx.gr == NULL) {
ctx.runas.group = (char *)ud->rungroup;
SET(ctx.settings.flags, RUNAS_GROUP_SPECIFIED);
ctx.runas.gr = sudo_getgrnam(ctx.runas.group);
if (ctx.runas.gr == NULL) {
sudo_warnx_nodebug("unknown run group %s",
runas_ctx.group);
ctx.runas.group);
continue;
}
} else {
runas_ctx.group = NULL;
CLR(runas_ctx.flags, RUNAS_GROUP_SPECIFIED);
runas_ctx.gr = NULL;
ctx.runas.group = NULL;
CLR(ctx.settings.flags, RUNAS_GROUP_SPECIFIED);
ctx.runas.gr = NULL;
}
update_defaults(&parse_tree, NULL, SETDEF_ALL, false);
sudoers_lookup(&snl, user_ctx.pw, now, NULL, NULL, &cmnd_status,
sudoers_lookup(&snl, ctx.user.pw, now, NULL, NULL, &cmnd_status,
false);
/* Match again as a pseudo-command (list, validate, etc). */
sudoers_lookup(&snl, user_ctx.pw, now, NULL, NULL, &cmnd_status,
sudoers_lookup(&snl, ctx.user.pw, now, NULL, NULL, &cmnd_status,
true);
/* Display privileges. */
display_privs(&snl, user_ctx.pw, false);
display_privs(&snl, user_ctx.pw, true);
display_privs(&snl, ctx.user.pw, false);
display_privs(&snl, ctx.user.pw, true);
}
/* Expand tildes in runcwd and runchroot. */
if (runas_ctx.pw != NULL) {
if (ctx.runas.pw != NULL) {
if (def_runcwd != NULL && strcmp(def_runcwd, "*") != 0) {
expand_tilde(&def_runcwd, runas_ctx.pw->pw_name);
expand_tilde(&def_runcwd, ctx.runas.pw->pw_name);
}
if (def_runchroot != NULL && strcmp(def_runchroot, "*") != 0) {
expand_tilde(&def_runchroot, runas_ctx.pw->pw_name);
expand_tilde(&def_runchroot, ctx.runas.pw->pw_name);
}
}
@@ -404,19 +403,19 @@ done:
fclose(fp);
free_parse_tree(&parse_tree);
reset_parser();
if (user_ctx.pw != NULL)
sudo_pw_delref(user_ctx.pw);
if (runas_ctx.pw != NULL)
sudo_pw_delref(runas_ctx.pw);
if (runas_ctx.gr != NULL)
sudo_gr_delref(runas_ctx.gr);
if (ctx.user.pw != NULL)
sudo_pw_delref(ctx.user.pw);
if (ctx.runas.pw != NULL)
sudo_pw_delref(ctx.runas.pw);
if (ctx.runas.gr != NULL)
sudo_gr_delref(ctx.runas.gr);
sudo_freepwcache();
sudo_freegrcache();
free(user_ctx.cmnd);
free(runas_ctx.cmnd);
free(user_ctx.cmnd_list);
memset(&user_ctx, 0, sizeof(user_ctx));
memset(&runas_ctx, 0, sizeof(runas_ctx));
free(ctx.user.cmnd);
free(ctx.runas.cmnd);
free(ctx.user.cmnd_list);
memset(&ctx.user. 0, sizeof(ctx.user.);
memset(&ctx.runas. 0, sizeof(ctx.runas.);
sudoers_setlocale(SUDOERS_LOCALE_USER, NULL);
sudoers_debug_deregister();
fflush(stdout);

5
plugins/sudoers/regress/fuzz/fuzz_sudoers_ldif.c
View File

@@ -32,8 +32,7 @@ static int fuzz_printf(int msg_type, const char * restrict fmt, ...);
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
/* Required to link with parser. */
struct sudoers_user_context user_ctx;
struct sudoers_runas_context runas_ctx;
struct sudoers_context ctx;
sudo_printf_t sudo_printf = fuzz_printf;
FILE *
@@ -62,7 +61,7 @@ init_envtables(void)
int
set_cmnd_path(const char *runchroot)
{
/* Cannot return FOUND without also setting user_ctx.cmnd to a new value. */
/* Cannot return FOUND without also setting ctx.user.cmnd to a new value. */
return NOT_FOUND;
}

13
plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c
View File

@@ -36,8 +36,7 @@
extern struct io_plugin sudoers_io;
struct sudoers_user_context user_ctx;
struct sudoers_runas_context runas_ctx;
struct sudoers_context ctx;
sudo_printf_t sudo_printf;
sudo_conv_t sudo_conv;
struct sudo_plugin_event * (*plugin_event_alloc)(void);
@@ -248,9 +247,9 @@ test_endpoints(int *ntests, int *nerrors, const char *iolog_dir, char *envp[])
/* Set runas uid/gid to root. */
snprintf(runas_uid, sizeof(runas_uid), "runas_uid=%u",
(unsigned int)runas_ctx.pw->pw_uid);
(unsigned int)ctx.runas.pw->pw_uid);
snprintf(runas_gid, sizeof(runas_gid), "runas_gid=%u",
(unsigned int)runas_ctx.pw->pw_gid);
(unsigned int)ctx.runas.pw->pw_gid);
/* Set path to the iolog directory the user passed in. */
snprintf(iolog_path, sizeof(iolog_path), "iolog_path=%s", iolog_dir);
@@ -385,15 +384,15 @@ main(int argc, char *argv[], char *envp[])
if ((tpw = getpwnam("root")) == NULL)
sudo_fatalx("unable to look up uid 0 or root");
}
runas_ctx.pw = pw_dup(tpw);
ctx.runas.pw = pw_dup(tpw);
/* Set invoking user. */
if ((tpw = getpwuid(geteuid())) == NULL)
sudo_fatalx("unable to look up invoking user's uid");
user_ctx.pw = pw_dup(tpw);
ctx.user.pw = pw_dup(tpw);
/* Set iolog uid/gid to invoking user. */
iolog_set_owner(user_ctx.pw->pw_uid, user_ctx.pw->pw_gid);
iolog_set_owner(ctx.user.pw->pw_uid, ctx.user.pw->pw_gid);
test_endpoints(&tests, &errors, iolog_dir, envp);

146
plugins/sudoers/set_perms.c
View File

@@ -157,7 +157,7 @@ set_perms(int perm)
state->egid = getegid();
state->sgid = state->egid; /* in case we are setgid */
#endif
state->gidlist = user_ctx.gid_list;
state->gidlist = ctx.user.gid_list;
sudo_gidlist_addref(state->gidlist);
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_INITIAL: "
"ruid: %d, euid: %d, suid: %d, rgid: %d, egid: %d, sgid: %d",
@@ -196,7 +196,7 @@ set_perms(int perm)
case PERM_USER:
state->rgid = ostate->rgid;
state->egid = user_ctx.gid;
state->egid = ctx.user.gid;
state->sgid = ostate->sgid;
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_USER: gid: "
"[%d, %d, %d] -> [%d, %d, %d]", __func__,
@@ -208,7 +208,7 @@ set_perms(int perm)
(int)ID(rgid), (int)ID(egid), (int)ID(sgid));
goto bad;
}
state->gidlist = user_ctx.gid_list;
state->gidlist = ctx.user.gid_list;
sudo_gidlist_addref(state->gidlist);
if (state->gidlist != ostate->gidlist) {
if (sudo_setgroups(state->gidlist->ngids, state->gidlist->gids)) {
@@ -216,8 +216,8 @@ set_perms(int perm)
goto bad;
}
}
state->ruid = user_ctx.uid;
state->euid = user_ctx.uid;
state->ruid = ctx.user.uid;
state->euid = ctx.user.uid;
state->suid = ROOT_UID;
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_USER: uid: "
"[%d, %d, %d] -> [%d, %d, %d]", __func__,
@@ -233,9 +233,9 @@ set_perms(int perm)
case PERM_FULL_USER:
/* headed for exec() */
state->rgid = user_ctx.gid;
state->egid = user_ctx.gid;
state->sgid = user_ctx.gid;
state->rgid = ctx.user.gid;
state->egid = ctx.user.gid;
state->sgid = ctx.user.gid;
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_FULL_USER: gid: "
"[%d, %d, %d] -> [%d, %d, %d]", __func__,
(int)ostate->rgid, (int)ostate->egid, (int)ostate->sgid,
@@ -246,7 +246,7 @@ set_perms(int perm)
(int)ID(rgid), (int)ID(egid), (int)ID(sgid));
goto bad;
}
state->gidlist = user_ctx.gid_list;
state->gidlist = ctx.user.gid_list;
sudo_gidlist_addref(state->gidlist);
if (state->gidlist != ostate->gidlist) {
if (sudo_setgroups(state->gidlist->ngids, state->gidlist->gids)) {
@@ -254,9 +254,9 @@ set_perms(int perm)
goto bad;
}
}
state->ruid = user_ctx.uid;
state->euid = user_ctx.uid;
state->suid = user_ctx.uid;
state->ruid = ctx.user.uid;
state->euid = ctx.user.uid;
state->suid = ctx.user.uid;
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_FULL_USER: uid: "
"[%d, %d, %d] -> [%d, %d, %d]", __func__,
(int)ostate->ruid, (int)ostate->euid, (int)ostate->suid,
@@ -271,7 +271,7 @@ set_perms(int perm)
case PERM_RUNAS:
state->rgid = ostate->rgid;
state->egid = runas_ctx.gr ? runas_ctx.gr->gr_gid : runas_ctx.pw->pw_gid;
state->egid = ctx.runas.gr ? ctx.runas.gr->gr_gid : ctx.runas.pw->pw_gid;
state->sgid = ostate->sgid;
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_RUNAS: gid: "
"[%d, %d, %d] -> [%d, %d, %d]", __func__,
@@ -287,7 +287,7 @@ set_perms(int perm)
goto bad;
}
state->ruid = ostate->ruid;
state->euid = runas_ctx.pw ? runas_ctx.pw->pw_uid : user_ctx.uid;
state->euid = ctx.runas.pw ? ctx.runas.pw->pw_uid : ctx.user.uid;
state->suid = ostate->suid;
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_RUNAS: uid: "
"[%d, %d, %d] -> [%d, %d, %d]", __func__,
@@ -480,7 +480,7 @@ set_perms(int perm)
state->rgid = getgidx(ID_REAL);
state->egid = getgidx(ID_EFFECTIVE);
state->sgid = getgidx(ID_SAVED);
state->gidlist = user_ctx.gid_list;
state->gidlist = ctx.user.gid_list;
sudo_gidlist_addref(state->gidlist);
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_INITIAL: "
"ruid: %d, euid: %d, suid: %d, rgid: %d, egid: %d, sgid: %d",
@@ -519,18 +519,18 @@ set_perms(int perm)
case PERM_USER:
state->rgid = ostate->rgid;
state->egid = user_ctx.gid;
state->egid = ctx.user.gid;
state->sgid = ostate->sgid;
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_USER: gid: "
"[%d, %d, %d] -> [%d, %d, %d]", __func__,
(int)ostate->rgid, (int)ostate->egid, (int)ostate->sgid,
(int)state->rgid, (int)state->egid, (int)state->sgid);
if (GID_CHANGED && setgidx(ID_EFFECTIVE, user_ctx.gid)) {
if (GID_CHANGED && setgidx(ID_EFFECTIVE, ctx.user.gid)) {
(void)snprintf(errbuf, sizeof(errbuf),
"PERM_USER: setgidx(ID_EFFECTIVE, %d)", (int)user_ctx.gid);
"PERM_USER: setgidx(ID_EFFECTIVE, %d)", (int)ctx.user.gid);
goto bad;
}
state->gidlist = user_ctx.gid_list;
state->gidlist = ctx.user.gid_list;
sudo_gidlist_addref(state->gidlist);
if (state->gidlist != ostate->gidlist) {
if (sudo_setgroups(state->gidlist->ngids, state->gidlist->gids)) {
@@ -538,8 +538,8 @@ set_perms(int perm)
goto bad;
}
}
state->ruid = user_ctx.uid;
state->euid = user_ctx.uid;
state->ruid = ctx.user.uid;
state->euid = ctx.user.uid;
state->suid = ROOT_UID;
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_USER: uid: "
"[%d, %d, %d] -> [%d, %d, %d]", __func__,
@@ -553,29 +553,29 @@ set_perms(int perm)
goto bad;
}
}
if (setuidx(ID_EFFECTIVE|ID_REAL, user_ctx.uid)) {
if (setuidx(ID_EFFECTIVE|ID_REAL, ctx.user.uid)) {
(void)snprintf(errbuf, sizeof(errbuf),
"PERM_USER: setuidx(ID_EFFECTIVE|ID_REAL, %d)", (int)user_ctx.uid);
"PERM_USER: setuidx(ID_EFFECTIVE|ID_REAL, %d)", (int)ctx.user.uid);
goto bad;
}
break;
case PERM_FULL_USER:
/* headed for exec() */
state->rgid = user_ctx.gid;
state->egid = user_ctx.gid;
state->sgid = user_ctx.gid;
state->rgid = ctx.user.gid;
state->egid = ctx.user.gid;
state->sgid = ctx.user.gid;
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_FULL_USER: gid: "
"[%d, %d, %d] -> [%d, %d, %d]", __func__,
(int)ostate->rgid, (int)ostate->egid, (int)ostate->sgid,
(int)state->rgid, (int)state->egid, (int)state->sgid);
if (GID_CHANGED && setgidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, user_ctx.gid)) {
if (GID_CHANGED && setgidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, ctx.user.gid)) {
(void)snprintf(errbuf, sizeof(errbuf),
"PERM_FULL_USER: setgidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, %d)",
(int)user_ctx.gid);
(int)ctx.user.gid);
goto bad;
}
state->gidlist = user_ctx.gid_list;
state->gidlist = ctx.user.gid_list;
sudo_gidlist_addref(state->gidlist);
if (state->gidlist != ostate->gidlist) {
if (sudo_setgroups(state->gidlist->ngids, state->gidlist->gids)) {
@@ -583,24 +583,24 @@ set_perms(int perm)
goto bad;
}
}
state->ruid = user_ctx.uid;
state->euid = user_ctx.uid;
state->suid = user_ctx.uid;
state->ruid = ctx.user.uid;
state->euid = ctx.user.uid;
state->suid = ctx.user.uid;
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_FULL_USER: uid: "
"[%d, %d, %d] -> [%d, %d, %d]", __func__,
(int)ostate->ruid, (int)ostate->euid, (int)ostate->suid,
(int)state->ruid, (int)state->euid, (int)state->suid);
if (UID_CHANGED && setuidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, user_ctx.uid)) {
if (UID_CHANGED && setuidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, ctx.user.uid)) {
(void)snprintf(errbuf, sizeof(errbuf),
"PERM_FULL_USER: setuidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, %d)",
(int)user_ctx.uid);
(int)ctx.user.uid);
goto bad;
}
break;
case PERM_RUNAS:
state->rgid = ostate->rgid;
state->egid = runas_ctx.gr ? runas_ctx.gr->gr_gid : runas_ctx.pw->pw_gid;
state->egid = ctx.runas.gr ? ctx.runas.gr->gr_gid : ctx.runas.pw->pw_gid;
state->sgid = ostate->sgid;
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_RUNAS: gid: "
"[%d, %d, %d] -> [%d, %d, %d]", __func__,
@@ -616,7 +616,7 @@ set_perms(int perm)
goto bad;
}
state->ruid = ostate->ruid;
state->euid = runas_ctx.pw ? runas_ctx.pw->pw_uid : user_ctx.uid;
state->euid = ctx.runas.pw ? ctx.runas.pw->pw_uid : ctx.user.uid;
state->suid = ostate->suid;
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_RUNAS: uid: "
"[%d, %d, %d] -> [%d, %d, %d]", __func__,
@@ -890,7 +890,7 @@ set_perms(int perm)
state->euid = geteuid();
state->rgid = getgid();
state->egid = getegid();
state->gidlist = user_ctx.gid_list;
state->gidlist = ctx.user.gid_list;
sudo_gidlist_addref(state->gidlist);
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_INITIAL: "
"ruid: %d, euid: %d, rgid: %d, egid: %d", __func__,
@@ -937,7 +937,7 @@ set_perms(int perm)
case PERM_USER:
state->rgid = ostate->rgid;
state->egid = user_ctx.gid;
state->egid = ctx.user.gid;
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_USER: gid: "
"[%d, %d] -> [%d, %d]", __func__, (int)ostate->rgid,
(int)ostate->egid, (int)state->rgid, (int)state->egid);
@@ -946,7 +946,7 @@ set_perms(int perm)
"PERM_USER: setregid(%d, %d)", (int)ID(rgid), (int)ID(egid));
goto bad;
}
state->gidlist = user_ctx.gid_list;
state->gidlist = ctx.user.gid_list;
sudo_gidlist_addref(state->gidlist);
if (state->gidlist != ostate->gidlist) {
if (sudo_setgroups(state->gidlist->ngids, state->gidlist->gids)) {
@@ -955,7 +955,7 @@ set_perms(int perm)
}
}
state->ruid = ROOT_UID;
state->euid = user_ctx.uid;
state->euid = ctx.user.uid;
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_USER: uid: "
"[%d, %d] -> [%d, %d]", __func__, (int)ostate->ruid,
(int)ostate->euid, (int)state->ruid, (int)state->euid);
@@ -968,8 +968,8 @@ set_perms(int perm)
case PERM_FULL_USER:
/* headed for exec() */
state->rgid = user_ctx.gid;
state->egid = user_ctx.gid;
state->rgid = ctx.user.gid;
state->egid = ctx.user.gid;
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_FULL_USER: gid: "
"[%d, %d] -> [%d, %d]", __func__, (int)ostate->rgid,
(int)ostate->egid, (int)state->rgid, (int)state->egid);
@@ -979,7 +979,7 @@ set_perms(int perm)
(int)ID(rgid), (int)ID(egid));
goto bad;
}
state->gidlist = user_ctx.gid_list;
state->gidlist = ctx.user.gid_list;
sudo_gidlist_addref(state->gidlist);
if (state->gidlist != ostate->gidlist) {
if (sudo_setgroups(state->gidlist->ngids, state->gidlist->gids)) {
@@ -987,8 +987,8 @@ set_perms(int perm)
goto bad;
}
}
state->ruid = user_ctx.uid;
state->euid = user_ctx.uid;
state->ruid = ctx.user.uid;
state->euid = ctx.user.uid;
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_FULL_USER: uid: "
"[%d, %d] -> [%d, %d]", __func__, (int)ostate->ruid,
(int)ostate->euid, (int)state->ruid, (int)state->euid);
@@ -1002,7 +1002,7 @@ set_perms(int perm)
case PERM_RUNAS:
state->rgid = ostate->rgid;
state->egid = runas_ctx.gr ? runas_ctx.gr->gr_gid : runas_ctx.pw->pw_gid;
state->egid = ctx.runas.gr ? ctx.runas.gr->gr_gid : ctx.runas.pw->pw_gid;
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_RUNAS: gid: "
"[%d, %d] -> [%d, %d]", __func__, (int)ostate->rgid,
(int)ostate->egid, (int)state->rgid, (int)state->egid);
@@ -1016,7 +1016,7 @@ set_perms(int perm)
goto bad;
}
state->ruid = ROOT_UID;
state->euid = runas_ctx.pw ? runas_ctx.pw->pw_uid : user_ctx.uid;
state->euid = ctx.runas.pw ? ctx.runas.pw->pw_uid : ctx.user.uid;
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_RUNAS: uid: "
"[%d, %d] -> [%d, %d]", __func__, (int)ostate->ruid,
(int)ostate->euid, (int)state->ruid, (int)state->euid);
@@ -1223,7 +1223,7 @@ set_perms(int perm)
state->euid = geteuid();
state->rgid = getgid();
state->egid = getegid();
state->gidlist = user_ctx.gid_list;
state->gidlist = ctx.user.gid_list;
sudo_gidlist_addref(state->gidlist);
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_INITIAL: "
"ruid: %d, euid: %d, rgid: %d, egid: %d", __func__,
@@ -1252,17 +1252,17 @@ set_perms(int perm)
break;
case PERM_USER:
state->egid = user_ctx.gid;
state->egid = ctx.user.gid;
state->rgid = ostate->rgid;
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_USER: gid: "
"[%d, %d] -> [%d, %d]", __func__, (int)ostate->rgid,
(int)ostate->egid, (int)state->rgid, (int)state->egid);
if (GID_CHANGED && setegid(user_ctx.gid)) {
if (GID_CHANGED && setegid(ctx.user.gid)) {
(void)snprintf(errbuf, sizeof(errbuf),
"PERM_USER: setegid(%d)", (int)user_ctx.gid);
"PERM_USER: setegid(%d)", (int)ctx.user.gid);
goto bad;
}
state->gidlist = user_ctx.gid_list;
state->gidlist = ctx.user.gid_list;
sudo_gidlist_addref(state->gidlist);
if (state->gidlist != ostate->gidlist) {
if (sudo_setgroups(state->gidlist->ngids, state->gidlist->gids)) {
@@ -1271,30 +1271,30 @@ set_perms(int perm)
}
}
state->ruid = ROOT_UID;
state->euid = user_ctx.uid;
state->euid = ctx.user.uid;
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_USER: uid: "
"[%d, %d] -> [%d, %d]", __func__, (int)ostate->ruid,
(int)ostate->euid, (int)state->ruid, (int)state->euid);
if (seteuid(user_ctx.uid)) {
if (seteuid(ctx.user.uid)) {
(void)snprintf(errbuf, sizeof(errbuf),
"PERM_USER: seteuid(%d)", (int)user_ctx.uid);
"PERM_USER: seteuid(%d)", (int)ctx.user.uid);
goto bad;
}
break;
case PERM_FULL_USER:
/* headed for exec() */
state->rgid = user_ctx.gid;
state->egid = user_ctx.gid;
state->rgid = ctx.user.gid;
state->egid = ctx.user.gid;
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_FULL_USER: gid: "
"[%d, %d] -> [%d, %d]", __func__, (int)ostate->rgid,
(int)ostate->egid, (int)state->rgid, (int)state->egid);
if (GID_CHANGED && setgid(user_ctx.gid)) {
if (GID_CHANGED && setgid(ctx.user.gid)) {
(void)snprintf(errbuf, sizeof(errbuf),
"PERM_FULL_USER: setgid(%d)", (int)user_ctx.gid);
"PERM_FULL_USER: setgid(%d)", (int)ctx.user.gid);
goto bad;
}
state->gidlist = user_ctx.gid_list;
state->gidlist = ctx.user.gid_list;
sudo_gidlist_addref(state->gidlist);
if (state->gidlist != ostate->gidlist) {
if (sudo_setgroups(state->gidlist->ngids, state->gidlist->gids)) {
@@ -1302,21 +1302,21 @@ set_perms(int perm)
goto bad;
}
}
state->ruid = user_ctx.uid;
state->euid = user_ctx.uid;
state->ruid = ctx.user.uid;
state->euid = ctx.user.uid;
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_FULL_USER: uid: "
"[%d, %d] -> [%d, %d]", __func__, (int)ostate->ruid,
(int)ostate->euid, (int)state->ruid, (int)state->euid);
if (setuid(user_ctx.uid)) {
if (setuid(ctx.user.uid)) {
(void)snprintf(errbuf, sizeof(errbuf),
"PERM_FULL_USER: setuid(%d)", (int)user_ctx.uid);
"PERM_FULL_USER: setuid(%d)", (int)ctx.user.uid);
goto bad;
}
break;
case PERM_RUNAS:
state->rgid = ostate->rgid;
state->egid = runas_ctx.gr ? runas_ctx.gr->gr_gid : runas_ctx.pw->pw_gid;
state->egid = ctx.runas.gr ? ctx.runas.gr->gr_gid : ctx.runas.pw->pw_gid;
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_RUNAS: gid: "
"[%d, %d] -> [%d, %d]", __func__, (int)ostate->rgid,
(int)ostate->egid, (int)state->rgid, (int)state->egid);
@@ -1330,7 +1330,7 @@ set_perms(int perm)
goto bad;
}
state->ruid = ostate->ruid;
state->euid = runas_ctx.pw ? runas_ctx.pw->pw_uid : user_ctx.uid;
state->euid = ctx.runas.pw ? ctx.runas.pw->pw_uid : ctx.user.uid;
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_RUNAS: uid: "
"[%d, %d] -> [%d, %d]", __func__, (int)ostate->ruid,
(int)ostate->euid, (int)state->ruid, (int)state->euid);
@@ -1506,7 +1506,7 @@ set_perms(int perm)
/* Stash initial state */
state->ruid = geteuid() == ROOT_UID ? ROOT_UID : getuid();
state->rgid = getgid();
state->gidlist = user_ctx.gid_list;
state->gidlist = ctx.user.gid_list;
sudo_gidlist_addref(state->gidlist);
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_INITIAL: "
"ruid: %d, rgid: %d", __func__, (int)state->ruid, (int)state->rgid);
@@ -1533,11 +1533,11 @@ set_perms(int perm)
break;
case PERM_FULL_USER:
state->rgid = user_ctx.gid;
state->rgid = ctx.user.gid;
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_FULL_USER: gid: "
"[%d] -> [%d]", __func__, (int)ostate->rgid, (int)state->rgid);
(void) setgid(user_ctx.gid);
state->gidlist = user_ctx.gid_list;
(void) setgid(ctx.user.gid);
state->gidlist = ctx.user.gid_list;
sudo_gidlist_addref(state->gidlist);
if (state->gidlist != ostate->gidlist) {
if (sudo_setgroups(state->gidlist->ngids, state->gidlist->gids)) {
@@ -1545,12 +1545,12 @@ set_perms(int perm)
goto bad;
}
}
state->ruid = user_ctx.uid;
state->ruid = ctx.user.uid;
sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_FULL_USER: uid: "
"[%d] -> [%d]", __func__, (int)ostate->ruid, (int)state->ruid);
if (setuid(user_ctx.uid)) {
if (setuid(ctx.user.uid)) {
(void)snprintf(errbuf, sizeof(errbuf),
"PERM_FULL_USER: setuid(%d)", (int)user_ctx.uid);
"PERM_FULL_USER: setuid(%d)", (int)ctx.user.uid);
goto bad;
}
break;

8
plugins/sudoers/solaris_audit.c
View File

@@ -62,12 +62,12 @@ adt_sudo_common(char *const argv[])
}
/* get the real executable name */
if (user_ctx.cmnd != NULL) {
if (strlcpy(cmdpath, (const char *)user_ctx.cmnd,
if (ctx.user.cmnd != NULL) {
if (strlcpy(cmdpath, (const char *)ctx.user.cmnd,
sizeof(cmdpath)) >= sizeof(cmdpath)) {
log_warningx(SLOG_NO_STDERR,
_("truncated audit path user_ctx.cmnd: %s"),
user_ctx.cmnd);
_("truncated audit path ctx.user.cmnd: %s"),
ctx.user.cmnd);
}
} else {
if (strlcpy(cmdpath, argv[0],

16
plugins/sudoers/sssd.c
View File

@@ -136,7 +136,7 @@ get_ipa_hostname(char **shostp, char **lhostp)
}
if (shost != NULL && lhost != NULL) {
sudo_debug_printf(SUDO_DEBUG_INFO,
"ipa_hostname %s overrides %s", lhost, user_ctx.host);
"ipa_hostname %s overrides %s", lhost, ctx.user.host);
*shostp = shost;
*lhostp = lhost;
ret = true;
@@ -165,8 +165,8 @@ get_ipa_hostname(char **shostp, char **lhostp)
static bool
sudo_sss_check_user(struct sudo_sss_handle *handle, struct sss_sudo_rule *rule)
{
const char *host = handle->ipa_host ? handle->ipa_host : runas_ctx.host;
const char *shost = handle->ipa_shost ? handle->ipa_shost : runas_ctx.shost;
const char *host = handle->ipa_host ? handle->ipa_host : ctx.runas.host;
const char *shost = handle->ipa_shost ? handle->ipa_shost : ctx.runas.shost;
char **val_array;
int i, rc, ret = false;
debug_decl(sudo_sss_check_user, SUDOERS_DEBUG_SSSD);
@@ -629,9 +629,9 @@ sudo_sss_open(struct sudo_nss *nss)
/*
* If the runas host matches the local host, check for ipa_hostname
* in sssd.conf and use it in preference to runas_ctx.host.
* in sssd.conf and use it in preference to ctx.runas.host.
*/
if (strcasecmp(runas_ctx.host, user_ctx.host) == 0) {
if (strcasecmp(ctx.runas.host, ctx.user.host) == 0) {
if (get_ipa_hostname(&handle->ipa_shost, &handle->ipa_host) == -1) {
free(handle);
debug_return_int(ENOMEM);
@@ -681,7 +681,7 @@ sudo_sss_query(const struct sudo_nss *nss, struct passwd *pw)
sudo_debug_printf(SUDO_DEBUG_DIAG,
"searching SSSD/LDAP for sudoers entries for user %s, host %s",
pw->pw_name, runas_ctx.host);
pw->pw_name, ctx.runas.host);
/* Stash a ref to the passwd struct in the handle. */
sudo_pw_addref(pw);
@@ -754,8 +754,8 @@ sudo_sss_getdefs(const struct sudo_nss *nss)
sudo_debug_printf(SUDO_DEBUG_DIAG, "Looking for cn=defaults");
/* NOTE: these are global defaults, user-ID and name are not used. */
rc = handle->fn_send_recv_defaults(user_ctx.pw->pw_uid,
user_ctx.pw->pw_name, &sss_error, &handle->domainname, &sss_result);
rc = handle->fn_send_recv_defaults(ctx.user.pw->pw_uid,
ctx.user.pw->pw_name, &sss_error, &handle->domainname, &sss_result);
switch (rc) {
case 0:
break;

20
plugins/sudoers/stubs.c
View File

@@ -85,7 +85,7 @@ get_interfaces(void)
int
set_cmnd_path(const char *runchroot)
{
/* Cannot return FOUND without also setting user_ctx.cmnd to a new value. */
/* Cannot return FOUND without also setting ctx.user.cmnd to a new value. */
return NOT_FOUND;
}
@@ -111,7 +111,7 @@ unpivot_root(int fds[2])
}
/*
* Look up the hostname and set user_ctx.host and user_ctx.shost.
* Look up the hostname and set ctx.user.host and ctx.user.shost.
*/
void
get_hostname(void)
@@ -119,22 +119,22 @@ get_hostname(void)
char *cp;
debug_decl(get_hostname, SUDOERS_DEBUG_UTIL);
if ((user_ctx.host = sudo_gethostname()) != NULL) {
if ((cp = strchr(user_ctx.host, '.'))) {
if ((ctx.user.host = sudo_gethostname()) != NULL) {
if ((cp = strchr(ctx.user.host, '.'))) {
*cp = '\0';
if ((user_ctx.shost = strdup(user_ctx.host)) == NULL)
if ((ctx.user.shost = strdup(ctx.user.host)) == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
*cp = '.';
} else {
user_ctx.shost = user_ctx.host;
ctx.user.shost = ctx.user.host;
}
} else {
user_ctx.host = user_ctx.shost = strdup("localhost");
if (user_ctx.host == NULL)
ctx.user.host = ctx.user.shost = strdup("localhost");
if (ctx.user.host == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
}
runas_ctx.host = user_ctx.host;
runas_ctx.shost = user_ctx.shost;
ctx.runas.host = ctx.user.host;
ctx.runas.shost = ctx.user.shost;
debug_return;
}

363
plugins/sudoers/sudoers.c
View File

@@ -79,8 +79,7 @@ static bool tty_present(void);
/*
* Globals
*/
struct sudoers_user_context user_ctx;
struct sudoers_runas_context runas_ctx;
struct sudoers_context ctx;
unsigned int sudo_mode;
static char *prev_user;
@@ -268,7 +267,7 @@ sudoers_init(void *info, sudoers_logger_t logger, char * const envp[])
}
/* Set login class if applicable (after sudoers is parsed). */
if (set_loginclass(runas_ctx.pw ? runas_ctx.pw : user_ctx.pw))
if (set_loginclass(ctx.runas.pw ? ctx.runas.pw : ctx.user.pw))
ret = true;
cleanup:
@@ -287,7 +286,7 @@ cleanup:
/*
* Expand I/O log dir and file into a full path.
* Returns the full I/O log path prefixed with "iolog_path=".
* Sets user_ctx.iolog_file as a side effect.
* Sets ctx.user.iolog_file as a side effect.
*/
static char *
format_iolog_path(void)
@@ -316,8 +315,8 @@ format_iolog_path(void)
}
/* Stash pointer to the I/O log for the event log. */
user_ctx.iolog_path = iolog_path + sizeof("iolog_path=") - 1;
user_ctx.iolog_file = user_ctx.iolog_path + 1 + strlen(dir);
ctx.user.iolog_path = iolog_path + sizeof("iolog_path=") - 1;
ctx.user.iolog_file = ctx.user.iolog_path + 1 + strlen(dir);
done:
debug_return_str(iolog_path);
@@ -365,7 +364,7 @@ sudoers_check_common(int pwflag)
goto done;
/* Is root even allowed to run sudo? */
if (user_ctx.uid == 0 && !def_root_sudo) {
if (ctx.user.uid == 0 && !def_root_sudo) {
/* Not an audit event (should it be?). */
sudo_warnx("%s",
U_("sudoers specifies that root is not allowed to sudo"));
@@ -374,14 +373,14 @@ sudoers_check_common(int pwflag)
}
/* Check for -C overriding def_closefrom. */
if (user_ctx.closefrom >= 0 && user_ctx.closefrom != def_closefrom) {
if (ctx.user.closefrom >= 0 && ctx.user.closefrom != def_closefrom) {
if (!def_closefrom_override) {
log_warningx(SLOG_NO_STDERR|SLOG_AUDIT,
N_("user not allowed to override closefrom limit"));
sudo_warnx("%s", U_("you are not permitted to use the -C option"));
goto bad;
}
def_closefrom = user_ctx.closefrom;
def_closefrom = ctx.user.closefrom;
}
/*
@@ -389,7 +388,7 @@ sudoers_check_common(int pwflag)
*/
time(&now);
sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale);
validated = sudoers_lookup(snl, user_ctx.pw, now, cb_lookup, &match_info,
validated = sudoers_lookup(snl, ctx.user.pw, now, cb_lookup, &match_info,
&cmnd_status, pwflag);
sudoers_setlocale(oldlocale, NULL);
if (ISSET(validated, VALIDATE_ERROR)) {
@@ -398,22 +397,22 @@ sudoers_check_common(int pwflag)
}
if (match_info.us != NULL && match_info.us->file != NULL) {
free(user_ctx.source);
free(ctx.user.source);
if (match_info.us->line != 0) {
if (asprintf(&user_ctx.source, "%s:%d:%d", match_info.us->file,
if (asprintf(&ctx.user.source, "%s:%d:%d", match_info.us->file,
match_info.us->line, match_info.us->column) == -1)
user_ctx.source = NULL;
ctx.user.source = NULL;
} else {
user_ctx.source = strdup(match_info.us->file);
ctx.user.source = strdup(match_info.us->file);
}
if (user_ctx.source == NULL) {
if (ctx.user.source == NULL) {
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
goto done;
}
}
if (runas_ctx.cmnd == NULL) {
if ((runas_ctx.cmnd = strdup(user_ctx.cmnd)) == NULL) {
if (ctx.runas.cmnd == NULL) {
if ((ctx.runas.cmnd = strdup(ctx.user.cmnd)) == NULL) {
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
goto done;
}
@@ -422,13 +421,13 @@ sudoers_check_common(int pwflag)
/* Defer uid/gid checks until after defaults have been updated. */
if (unknown_runas_uid && !def_runas_allow_unknown_id) {
log_warningx(SLOG_AUDIT, N_("unknown user %s"),
runas_ctx.pw->pw_name);
ctx.runas.pw->pw_name);
goto done;
}
if (runas_ctx.gr != NULL) {
if (ctx.runas.gr != NULL) {
if (unknown_runas_gid && !def_runas_allow_unknown_id) {
log_warningx(SLOG_AUDIT, N_("unknown group %s"),
runas_ctx.gr->gr_name);
ctx.runas.gr->gr_name);
goto done;
}
}
@@ -449,10 +448,10 @@ sudoers_check_common(int pwflag)
/* Check runas user's shell if running (or checking) a command. */
if (ISSET(sudo_mode, MODE_RUN|MODE_CHECK)) {
if (!check_user_shell(runas_ctx.pw)) {
if (!check_user_shell(ctx.runas.pw)) {
log_warningx(SLOG_RAW_MSG|SLOG_AUDIT,
N_("invalid shell for user %s: %s"),
runas_ctx.pw->pw_name, runas_ctx.pw->pw_shell);
ctx.runas.pw->pw_name, ctx.runas.pw->pw_shell);
goto bad;
}
}
@@ -487,45 +486,45 @@ sudoers_check_common(int pwflag)
goto done;
}
/* Check whether runas_ctx.chroot is permitted (if specified). */
switch (check_user_runchroot(runas_ctx.chroot)) {
/* Check whether ctx.runas.chroot is permitted (if specified). */
switch (check_user_runchroot(ctx.runas.chroot)) {
case true:
break;
case false:
log_warningx(SLOG_NO_STDERR|SLOG_AUDIT,
N_("user not allowed to change root directory to %s"),
runas_ctx.chroot);
ctx.runas.chroot);
sudo_warnx(U_("you are not permitted to use the -R option with %s"),
user_ctx.cmnd);
ctx.user.cmnd);
goto bad;
default:
goto done;
}
/* Check whether runas_ctx.cwd is permitted (if specified). */
switch (check_user_runcwd(runas_ctx.cwd)) {
/* Check whether ctx.runas.cwd is permitted (if specified). */
switch (check_user_runcwd(ctx.runas.cwd)) {
case true:
break;
case false:
log_warningx(SLOG_NO_STDERR|SLOG_AUDIT,
N_("user not allowed to change directory to %s"), runas_ctx.cwd);
N_("user not allowed to change directory to %s"), ctx.runas.cwd);
sudo_warnx(U_("you are not permitted to use the -D option with %s"),
user_ctx.cmnd);
ctx.user.cmnd);
goto bad;
default:
goto done;
}
/* If run as root with SUDO_USER set, set user_ctx.pw to that user. */
/* If run as root with SUDO_USER set, set ctx.user.pw to that user. */
/* XXX - causes confusion when root is not listed in sudoers */
if (ISSET(sudo_mode, MODE_RUN|MODE_EDIT) && prev_user != NULL) {
if (user_ctx.uid == 0 && strcmp(prev_user, "root") != 0) {
if (ctx.user.uid == 0 && strcmp(prev_user, "root") != 0) {
struct passwd *pw;
if ((pw = sudo_getpwnam(prev_user)) != NULL) {
if (user_ctx.pw != NULL)
sudo_pw_delref(user_ctx.pw);
user_ctx.pw = pw;
if (ctx.user.pw != NULL)
sudo_pw_delref(ctx.user.pw);
ctx.user.pw = pw;
}
}
}
@@ -539,23 +538,23 @@ sudoers_check_common(int pwflag)
}
/* Create Ubuntu-style dot file to indicate sudo was successful. */
if (create_admin_success_flag(user_ctx.pw) == -1)
if (create_admin_success_flag(ctx.user.pw) == -1)
goto done;
/* Finally tell the user if the command did not exist. */
if (cmnd_status == NOT_FOUND_DOT) {
audit_failure(NewArgv, N_("command in current directory"));
sudo_warnx(U_("ignoring \"%s\" found in '.'\nUse \"sudo ./%s\" if this is the \"%s\" you wish to run."), user_ctx.cmnd, user_ctx.cmnd, user_ctx.cmnd);
sudo_warnx(U_("ignoring \"%s\" found in '.'\nUse \"sudo ./%s\" if this is the \"%s\" you wish to run."), ctx.user.cmnd, ctx.user.cmnd, ctx.user.cmnd);
goto bad;
} else if (cmnd_status == NOT_FOUND) {
if (ISSET(sudo_mode, MODE_CHECK)) {
audit_failure(NewArgv, N_("%s: command not found"), NewArgv[1]);
sudo_warnx(U_("%s: command not found"), NewArgv[1]);
} else {
audit_failure(NewArgv, N_("%s: command not found"), user_ctx.cmnd);
sudo_warnx(U_("%s: command not found"), user_ctx.cmnd);
if (strncmp(user_ctx.cmnd, "cd", 2) == 0 && (user_ctx.cmnd[2] == '\0' ||
isblank((unsigned char)user_ctx.cmnd[2]))) {
audit_failure(NewArgv, N_("%s: command not found"), ctx.user.cmnd);
sudo_warnx(U_("%s: command not found"), ctx.user.cmnd);
if (strncmp(ctx.user.cmnd, "cd", 2) == 0 && (ctx.user.cmnd[2] == '\0' ||
isblank((unsigned char)ctx.user.cmnd[2]))) {
sudo_warnx("%s",
U_("\"cd\" is a shell built-in command, it cannot be run directly."));
sudo_warnx("%s",
@@ -568,7 +567,7 @@ sudoers_check_common(int pwflag)
}
/* If user specified a timeout make sure sudoers allows it. */
if (!def_user_command_timeouts && user_ctx.timeout > 0) {
if (!def_user_command_timeouts && ctx.user.timeout > 0) {
log_warningx(SLOG_NO_STDERR|SLOG_AUDIT,
N_("user not allowed to set a command timeout"));
sudo_warnx("%s",
@@ -585,7 +584,7 @@ sudoers_check_common(int pwflag)
U_("sorry, you are not allowed to preserve the environment"));
goto bad;
} else {
if (!validate_env_vars(user_ctx.env_vars))
if (!validate_env_vars(ctx.user.env_vars))
goto bad;
}
}
@@ -644,7 +643,7 @@ sudoers_check_cmnd(int argc, char * const argv[], char *env_add[],
/* Environment variables specified on the command line. */
if (env_add != NULL && env_add[0] != NULL)
user_ctx.env_vars = env_add;
ctx.user.env_vars = env_add;
/*
* Make a local copy of argc/argv, with special handling for the
@@ -663,8 +662,8 @@ sudoers_check_cmnd(int argc, char * const argv[], char *env_add[],
memcpy(NewArgv, argv, (size_t)argc * sizeof(char *));
NewArgc = argc;
NewArgv[NewArgc] = NULL;
if (ISSET(sudo_mode, MODE_LOGIN_SHELL) && runas_ctx.pw != NULL) {
NewArgv[0] = strdup(runas_ctx.pw->pw_shell);
if (ISSET(sudo_mode, MODE_LOGIN_SHELL) && ctx.runas.pw != NULL) {
NewArgv[0] = strdup(ctx.runas.pw->pw_shell);
if (NewArgv[0] == NULL) {
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
goto error;
@@ -701,7 +700,7 @@ sudoers_check_cmnd(int argc, char * const argv[], char *env_add[],
if (def_umask != ACCESSPERMS) {
cmnd_umask = def_umask;
if (!def_umask_override)
cmnd_umask |= user_ctx.umask;
cmnd_umask |= ctx.user.umask;
}
if (ISSET(sudo_mode, MODE_LOGIN_SHELL)) {
@@ -734,10 +733,10 @@ sudoers_check_cmnd(int argc, char * const argv[], char *env_add[],
#endif
#ifdef HAVE_LOGIN_CAP_H
/* Set environment based on login class. */
if (runas_ctx.class) {
login_cap_t *lc = login_getclass(runas_ctx.class);
if (ctx.runas.class) {
login_cap_t *lc = login_getclass(ctx.runas.class);
if (lc != NULL) {
setusercontext(lc, runas_ctx.pw, runas_ctx.pw->pw_uid,
setusercontext(lc, ctx.runas.pw, ctx.runas.pw->pw_uid,
LOGIN_SETPATH|LOGIN_SETENV);
login_close(lc);
}
@@ -756,7 +755,7 @@ sudoers_check_cmnd(int argc, char * const argv[], char *env_add[],
}
/* Insert user-specified environment variables. */
if (!insert_env_vars(user_ctx.env_vars)) {
if (!insert_env_vars(ctx.user.env_vars)) {
sudo_warnx("%s",
U_("error setting user-specified environment variables"));
goto error;
@@ -769,10 +768,10 @@ sudoers_check_cmnd(int argc, char * const argv[], char *env_add[],
int edit_argc;
sudoedit_nfiles = NewArgc - 1;
free(runas_ctx.cmnd);
runas_ctx.cmnd = find_editor(sudoedit_nfiles, NewArgv + 1,
free(ctx.runas.cmnd);
ctx.runas.cmnd = find_editor(sudoedit_nfiles, NewArgv + 1,
&edit_argc, &edit_argv, NULL, &env_editor);
if (runas_ctx.cmnd == NULL) {
if (ctx.runas.cmnd == NULL) {
switch (errno) {
case ENOENT:
audit_failure(NewArgv, N_("%s: command not found"),
@@ -805,9 +804,9 @@ sudoers_check_cmnd(int argc, char * const argv[], char *env_add[],
}
/* Save the initial command and argv so we have it for exit logging. */
if (user_ctx.cmnd_saved == NULL) {
user_ctx.cmnd_saved = strdup(runas_ctx.cmnd);
if (user_ctx.cmnd_saved == NULL) {
if (ctx.user.cmnd_saved == NULL) {
ctx.user.cmnd_saved = strdup(ctx.runas.cmnd);
if (ctx.user.cmnd_saved == NULL) {
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
goto error;
}
@@ -922,10 +921,10 @@ sudoers_list(int argc, char * const argv[], const char *list_user, bool verbose)
goto done;
if (list_user) {
if (runas_ctx.list_pw != NULL)
sudo_pw_delref(runas_ctx.list_pw);
runas_ctx.list_pw = sudo_getpwnam(list_user);
if (runas_ctx.list_pw == NULL) {
if (ctx.runas.list_pw != NULL)
sudo_pw_delref(ctx.runas.list_pw);
ctx.runas.list_pw = sudo_getpwnam(list_user);
if (ctx.runas.list_pw == NULL) {
sudo_warnx(U_("unknown user %s"), list_user);
goto done;
}
@@ -947,7 +946,7 @@ sudoers_list(int argc, char * const argv[], const char *list_user, bool verbose)
if (ret != true)
goto done;
pw = runas_ctx.list_pw ? runas_ctx.list_pw : user_ctx.pw;
pw = ctx.runas.list_pw ? ctx.runas.list_pw : ctx.user.pw;
if (ISSET(sudo_mode, MODE_CHECK))
ret = display_cmnd(snl, pw, verbose);
else
@@ -972,7 +971,7 @@ done:
}
/*
* Initialize timezone and fill in user_ctx.
* Initialize timezone and fill in ctx.user.
*/
static bool
init_vars(char * const envp[])
@@ -993,17 +992,17 @@ init_vars(char * const envp[])
switch (**ep) {
case 'K':
if (MATCHES(*ep, "KRB5CCNAME="))
user_ctx.ccname = *ep + sizeof("KRB5CCNAME=") - 1;
ctx.user.ccname = *ep + sizeof("KRB5CCNAME=") - 1;
break;
case 'P':
if (MATCHES(*ep, "PATH="))
user_ctx.path = *ep + sizeof("PATH=") - 1;
ctx.user.path = *ep + sizeof("PATH=") - 1;
break;
case 'S':
if (MATCHES(*ep, "SUDO_PROMPT=")) {
/* Don't override "sudo -p prompt" */
if (user_ctx.prompt == NULL)
user_ctx.prompt = *ep + sizeof("SUDO_PROMPT=") - 1;
if (ctx.user.prompt == NULL)
ctx.user.prompt = *ep + sizeof("SUDO_PROMPT=") - 1;
break;
}
if (MATCHES(*ep, "SUDO_USER="))
@@ -1017,26 +1016,26 @@ init_vars(char * const envp[])
* Get a local copy of the user's passwd struct and group list if we
* don't already have them.
*/
if (user_ctx.pw == NULL) {
if ((user_ctx.pw = sudo_getpwnam(user_ctx.name)) == NULL) {
if (ctx.user.pw == NULL) {
if ((ctx.user.pw = sudo_getpwnam(ctx.user.name)) == NULL) {
/*
* It is not unusual for users to place "sudo -k" in a .logout
* file which can cause sudo to be run during reboot after the
* YP/NIS/NIS+/LDAP/etc daemon has died.
*/
if (sudo_mode == MODE_KILL || sudo_mode == MODE_INVALIDATE) {
sudo_warnx(U_("unknown user %s"), user_ctx.name);
sudo_warnx(U_("unknown user %s"), ctx.user.name);
debug_return_bool(false);
}
/* Need to make a fake struct passwd for the call to log_warningx(). */
user_ctx.pw = sudo_mkpwent(user_ctx.name, user_ctx.uid,
user_ctx.gid, NULL, NULL);
ctx.user.pw = sudo_mkpwent(ctx.user.name, ctx.user.uid,
ctx.user.gid, NULL, NULL);
unknown_user = true;
}
}
if (user_ctx.gid_list == NULL)
user_ctx.gid_list = sudo_get_gidlist(user_ctx.pw, ENTRY_TYPE_ANY);
if (ctx.user.gid_list == NULL)
ctx.user.gid_list = sudo_get_gidlist(ctx.user.pw, ENTRY_TYPE_ANY);
/* Store initialize permissions so we can restore them later. */
if (!set_perms(PERM_INITIAL))
@@ -1047,7 +1046,7 @@ init_vars(char * const envp[])
/* It is now safe to use log_warningx() and set_perms() */
if (unknown_user) {
log_warningx(SLOG_SEND_MAIL, N_("unknown user %s"), user_ctx.name);
log_warningx(SLOG_SEND_MAIL, N_("unknown user %s"), ctx.user.name);
debug_return_bool(false);
}
@@ -1056,15 +1055,15 @@ init_vars(char * const envp[])
* Note that if runas_group was specified without runas_user we
* run the command as the invoking user.
*/
if (runas_ctx.group != NULL) {
if (!set_runasgr(runas_ctx.group, false))
if (ctx.runas.group != NULL) {
if (!set_runasgr(ctx.runas.group, false))
debug_return_bool(false);
if (!set_runaspw(runas_ctx.user ?
runas_ctx.user : user_ctx.name, false))
if (!set_runaspw(ctx.runas.user ?
ctx.runas.user : ctx.user.name, false))
debug_return_bool(false);
} else {
if (!set_runaspw(runas_ctx.user ?
runas_ctx.user : def_runas_default, false))
if (!set_runaspw(ctx.runas.user ?
ctx.runas.user : def_runas_default, false))
debug_return_bool(false);
}
@@ -1072,26 +1071,26 @@ init_vars(char * const envp[])
}
/*
* Fill in user_ctx.cmnd and user_ctx.cmnd_stat variables.
* Does not fill in user_ctx.cmnd_base.
* Fill in ctx.user.cmnd and ctx.user.cmnd_stat variables.
* Does not fill in ctx.user.cmnd_base.
*/
int
set_cmnd_path(const char *runchroot)
{
const char *cmnd_in;
char *cmnd_out = NULL;
char *path = user_ctx.path;
char *path = ctx.user.path;
int ret, pivot_fds[2];
debug_decl(set_cmnd_path, SUDOERS_DEBUG_PLUGIN);
cmnd_in = ISSET(sudo_mode, MODE_CHECK) ? NewArgv[1] : NewArgv[0];
free(user_ctx.cmnd_list);
user_ctx.cmnd_list = NULL;
free(user_ctx.cmnd);
user_ctx.cmnd = NULL;
canon_path_free(user_ctx.cmnd_dir);
user_ctx.cmnd_dir = NULL;
free(ctx.user.cmnd_list);
ctx.user.cmnd_list = NULL;
free(ctx.user.cmnd);
ctx.user.cmnd = NULL;
canon_path_free(ctx.user.cmnd_dir);
ctx.user.cmnd_dir = NULL;
if (def_secure_path && !user_is_exempt())
path = def_secure_path;
@@ -1103,7 +1102,7 @@ set_cmnd_path(const char *runchroot)
if (!set_perms(PERM_RUNAS))
goto error;
ret = find_path(cmnd_in, &cmnd_out, user_ctx.cmnd_stat, path,
ret = find_path(cmnd_in, &cmnd_out, ctx.user.cmnd_stat, path,
def_ignore_dot, NULL);
if (!restore_perms())
goto error;
@@ -1111,7 +1110,7 @@ set_cmnd_path(const char *runchroot)
/* Failed as root, try as invoking user. */
if (!set_perms(PERM_USER))
goto error;
ret = find_path(cmnd_in, &cmnd_out, user_ctx.cmnd_stat, path,
ret = find_path(cmnd_in, &cmnd_out, ctx.user.cmnd_stat, path,
def_ignore_dot, NULL);
if (!restore_perms())
goto error;
@@ -1121,17 +1120,17 @@ set_cmnd_path(const char *runchroot)
char *slash = strrchr(cmnd_out, '/');
if (slash != NULL) {
*slash = '\0';
user_ctx.cmnd_dir = canon_path(cmnd_out);
if (user_ctx.cmnd_dir == NULL && errno == ENOMEM)
ctx.user.cmnd_dir = canon_path(cmnd_out);
if (ctx.user.cmnd_dir == NULL && errno == ENOMEM)
goto error;
*slash = '/';
}
}
if (ISSET(sudo_mode, MODE_CHECK))
user_ctx.cmnd_list = cmnd_out;
ctx.user.cmnd_list = cmnd_out;
else
user_ctx.cmnd = cmnd_out;
ctx.user.cmnd = cmnd_out;
/* Restore root. */
if (runchroot != NULL)
@@ -1146,8 +1145,8 @@ error:
}
/*
* Fill in user_ctx.cmnd, user_ctx.cmnd_stat and cmnd_status variables.
* Does not fill in user_ctx.cmnd_base.
* Fill in ctx.user.cmnd, ctx.user.cmnd_stat and cmnd_status variables.
* Does not fill in ctx.user.cmnd_base.
*/
void
set_cmnd_status(const char *runchroot)
@@ -1156,8 +1155,8 @@ set_cmnd_status(const char *runchroot)
}
/*
* Fill in user_ctx.cmnd, user_ctx.cmnd_args, user_ctx.cmnd_base and
* user_ctx.cmnd_stat variables and apply any command-specific defaults entries.
* Fill in ctx.user.cmnd, ctx.user.cmnd_args, ctx.user.cmnd_base and
* ctx.user.cmnd_stat variables and apply any command-specific defaults entries.
*/
static int
set_cmnd(void)
@@ -1166,21 +1165,21 @@ set_cmnd(void)
int ret = FOUND;
debug_decl(set_cmnd, SUDOERS_DEBUG_PLUGIN);
/* Allocate user_ctx.cmnd_stat for find_path() and match functions. */
free(user_ctx.cmnd_stat);
user_ctx.cmnd_stat = calloc(1, sizeof(struct stat));
if (user_ctx.cmnd_stat == NULL) {
/* Allocate ctx.user.cmnd_stat for find_path() and match functions. */
free(ctx.user.cmnd_stat);
ctx.user.cmnd_stat = calloc(1, sizeof(struct stat));
if (ctx.user.cmnd_stat == NULL) {
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
debug_return_int(NOT_FOUND_ERROR);
}
/* Re-initialize for when we are called multiple times. */
free(runas_ctx.cmnd);
runas_ctx.cmnd = NULL;
free(ctx.runas.cmnd);
ctx.runas.cmnd = NULL;
if (ISSET(sudo_mode, MODE_RUN|MODE_EDIT|MODE_CHECK)) {
if (!ISSET(sudo_mode, MODE_EDIT)) {
const char *runchroot = runas_ctx.chroot;
const char *runchroot = ctx.runas.chroot;
if (runchroot == NULL && def_runchroot != NULL &&
strcmp(def_runchroot, "*") != 0)
runchroot = def_runchroot;
@@ -1195,14 +1194,14 @@ set_cmnd(void)
}
}
/* set user_ctx.cmnd_args */
free(user_ctx.cmnd_args);
user_ctx.cmnd_args = NULL;
/* set ctx.user.cmnd_args */
free(ctx.user.cmnd_args);
ctx.user.cmnd_args = NULL;
if (ISSET(sudo_mode, MODE_CHECK)) {
if (NewArgc > 2) {
/* Skip the command being listed in NewArgv[1]. */
user_ctx.cmnd_args = strvec_join(NewArgv + 2, ' ', NULL);
if (user_ctx.cmnd_args == NULL)
ctx.user.cmnd_args = strvec_join(NewArgv + 2, ' ', NULL);
if (ctx.user.cmnd_args == NULL)
debug_return_int(NOT_FOUND_ERROR);
}
} else if (NewArgc > 1) {
@@ -1214,23 +1213,23 @@ set_cmnd(void)
* for sudoers matching and logging purposes.
* TODO: move escaping to the policy plugin instead
*/
user_ctx.cmnd_args = strvec_join(NewArgv + 1, ' ', strlcpy_unescape);
ctx.user.cmnd_args = strvec_join(NewArgv + 1, ' ', strlcpy_unescape);
} else {
user_ctx.cmnd_args = strvec_join(NewArgv + 1, ' ', NULL);
ctx.user.cmnd_args = strvec_join(NewArgv + 1, ' ', NULL);
}
if (user_ctx.cmnd_args == NULL)
if (ctx.user.cmnd_args == NULL)
debug_return_int(NOT_FOUND_ERROR);
}
}
if (user_ctx.cmnd == NULL) {
user_ctx.cmnd = strdup(NewArgv[0]);
if (user_ctx.cmnd == NULL)
if (ctx.user.cmnd == NULL) {
ctx.user.cmnd = strdup(NewArgv[0]);
if (ctx.user.cmnd == NULL)
debug_return_int(NOT_FOUND_ERROR);
}
user_ctx.cmnd_base = sudo_basename(user_ctx.cmnd);
ctx.user.cmnd_base = sudo_basename(ctx.user.cmnd);
/* Convert "sudo sudoedit" -> "sudoedit" */
if (ISSET(sudo_mode, MODE_RUN) && strcmp(user_ctx.cmnd_base, "sudoedit") == 0) {
if (ISSET(sudo_mode, MODE_RUN) && strcmp(ctx.user.cmnd_base, "sudoedit") == 0) {
char *new_cmnd;
CLR(sudo_mode, MODE_RUN);
@@ -1240,8 +1239,8 @@ set_cmnd(void)
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
debug_return_int(NOT_FOUND_ERROR);
}
free(user_ctx.cmnd);
user_ctx.cmnd_base = user_ctx.cmnd = new_cmnd;
free(ctx.user.cmnd);
ctx.user.cmnd_base = ctx.user.cmnd = new_cmnd;
}
TAILQ_FOREACH(nss, snl, entries) {
@@ -1371,30 +1370,30 @@ set_loginclass(struct passwd *pw)
if (!def_use_loginclass)
goto done;
if (runas_ctx.class && strcmp(runas_ctx.class, "-") != 0) {
if (user_ctx.uid != 0 && pw->pw_uid != 0) {
sudo_warnx(U_("only root can use \"-c %s\""), runas_ctx.class);
if (ctx.runas.class && strcmp(ctx.runas.class, "-") != 0) {
if (ctx.user.uid != 0 && pw->pw_uid != 0) {
sudo_warnx(U_("only root can use \"-c %s\""), ctx.runas.class);
ret = false;
goto done;
}
} else {
runas_ctx.class = pw->pw_class;
if (!runas_ctx.class || !*runas_ctx.class)
runas_ctx.class = (char *)
ctx.runas.class = pw->pw_class;
if (!ctx.runas.class || !*ctx.runas.class)
ctx.runas.class = (char *)
((pw->pw_uid == 0) ? LOGIN_DEFROOTCLASS : LOGIN_DEFCLASS);
}
/* Make sure specified login class is valid. */
lc = login_getclass(runas_ctx.class);
if (!lc || !lc->lc_class || strcmp(lc->lc_class, runas_ctx.class) != 0) {
lc = login_getclass(ctx.runas.class);
if (!lc || !lc->lc_class || strcmp(lc->lc_class, ctx.runas.class) != 0) {
/*
* Don't make it an error if the user didn't specify the login
* class themselves. We do this because if login.conf gets
* corrupted we want the admin to be able to use sudo to fix it.
*/
log_warningx(errflags, N_("unknown login class %s"), runas_ctx.class);
log_warningx(errflags, N_("unknown login class %s"), ctx.runas.class);
def_use_loginclass = false;
if (runas_ctx.class)
if (ctx.runas.class)
ret = false;
}
login_close(lc);
@@ -1411,7 +1410,7 @@ set_loginclass(struct passwd *pw)
/*
* Get passwd entry for the user we are going to run commands as
* and store it in runas_ctx.pw. By default, commands run as "root".
* and store it in ctx.runas.pw. By default, commands run as "root".
*/
static bool
set_runaspw(const char *user, bool quiet)
@@ -1426,7 +1425,7 @@ set_runaspw(const char *user, bool quiet)
if (errstr == NULL) {
if ((pw = sudo_getpwuid(uid)) == NULL) {
unknown_runas_uid = true;
pw = sudo_fakepwnam(user, user_ctx.gid);
pw = sudo_fakepwnam(user, ctx.user.gid);
}
}
}
@@ -1437,15 +1436,15 @@ set_runaspw(const char *user, bool quiet)
debug_return_bool(false);
}
}
if (runas_ctx.pw != NULL)
sudo_pw_delref(runas_ctx.pw);
runas_ctx.pw = pw;
if (ctx.runas.pw != NULL)
sudo_pw_delref(ctx.runas.pw);
ctx.runas.pw = pw;
debug_return_bool(true);
}
/*
* Get group entry for the group we are going to run commands as
* and store it in runas_ctx.gr.
* and store it in ctx.runas.gr.
*/
static bool
set_runasgr(const char *group, bool quiet)
@@ -1471,9 +1470,9 @@ set_runasgr(const char *group, bool quiet)
debug_return_bool(false);
}
}
if (runas_ctx.gr != NULL)
sudo_gr_delref(runas_ctx.gr);
runas_ctx.gr = gr;
if (ctx.runas.gr != NULL)
sudo_gr_delref(ctx.runas.gr);
ctx.runas.gr = gr;
debug_return_bool(true);
}
@@ -1487,7 +1486,7 @@ cb_runas_default(const char *file, int line, int column,
debug_decl(cb_runas_default, SUDOERS_DEBUG_PLUGIN);
/* Only reset runaspw if user didn't specify one. */
if (runas_ctx.user == NULL && runas_ctx.group == NULL)
if (ctx.runas.user == NULL && ctx.runas.group == NULL)
debug_return_bool(set_runaspw(sd_un->str, true));
debug_return_bool(true);
}
@@ -1501,30 +1500,30 @@ sudoers_user_ctx_free(void)
debug_decl(sudoers_user_ctx_free, SUDOERS_DEBUG_PLUGIN);
/* Free remaining references to password and group entries. */
if (user_ctx.pw != NULL)
sudo_pw_delref(user_ctx.pw);
if (user_ctx.gid_list != NULL)
sudo_gidlist_delref(user_ctx.gid_list);
if (ctx.user.pw != NULL)
sudo_pw_delref(ctx.user.pw);
if (ctx.user.gid_list != NULL)
sudo_gidlist_delref(ctx.user.gid_list);
/* Free dynamic contents of user_ctx. */
free(user_ctx.cwd);
free(user_ctx.name);
free(user_ctx.gids);
if (user_ctx.ttypath != NULL)
free(user_ctx.ttypath);
/* Free dynamic contents of ctx.user. */
free(ctx.user.cwd);
free(ctx.user.name);
free(ctx.user.gids);
if (ctx.user.ttypath != NULL)
free(ctx.user.ttypath);
else
free(user_ctx.tty);
if (user_ctx.shost != user_ctx.host)
free(user_ctx.shost);
free(user_ctx.host);
free(user_ctx.cmnd);
canon_path_free(user_ctx.cmnd_dir);
free(user_ctx.cmnd_args);
free(user_ctx.cmnd_list);
free(user_ctx.cmnd_saved);
free(user_ctx.source);
free(user_ctx.cmnd_stat);
memset(&user_ctx, 0, sizeof(user_ctx));
free(ctx.user.tty);
if (ctx.user.shost != ctx.user.host)
free(ctx.user.shost);
free(ctx.user.host);
free(ctx.user.cmnd);
canon_path_free(ctx.user.cmnd_dir);
free(ctx.user.cmnd_args);
free(ctx.user.cmnd_list);
free(ctx.user.cmnd_saved);
free(ctx.user.source);
free(ctx.user.cmnd_stat);
memset(&ctx.user, 0, sizeof(ctx.user));
debug_return;
}
@@ -1538,30 +1537,30 @@ sudoers_runas_ctx_free(void)
debug_decl(sudoers_runas_ctx_free, SUDOERS_DEBUG_PLUGIN);
/* Free remaining references to password and group entries. */
if (runas_ctx.pw != NULL)
sudo_pw_delref(runas_ctx.pw);
if (runas_ctx.gr != NULL)
sudo_gr_delref(runas_ctx.gr);
if (runas_ctx.list_pw != NULL)
sudo_pw_delref(runas_ctx.list_pw);
if (ctx.runas.pw != NULL)
sudo_pw_delref(ctx.runas.pw);
if (ctx.runas.gr != NULL)
sudo_gr_delref(ctx.runas.gr);
if (ctx.runas.list_pw != NULL)
sudo_pw_delref(ctx.runas.list_pw);
/* Free dynamic contents of runas_ctx. */
free(runas_ctx.cmnd);
if (runas_ctx.shost != runas_ctx.host)
free(runas_ctx.shost);
free(runas_ctx.host);
/* Free dynamic contents of ctx.runas. */
free(ctx.runas.cmnd);
if (ctx.runas.shost != ctx.runas.host)
free(ctx.runas.shost);
free(ctx.runas.host);
#ifdef HAVE_SELINUX
free(runas_ctx.role);
free(runas_ctx.type);
free(ctx.runas.role);
free(ctx.runas.type);
#endif
#ifdef HAVE_APPARMOR
free(runas_ctx.apparmor_profile);
free(ctx.runas.apparmor_profile);
#endif
#ifdef HAVE_PRIV_SET
free(runas_ctx.privs);
free(runas_ctx.limitprivs);
free(ctx.runas.privs);
free(ctx.runas.limitprivs);
#endif
memset(&runas_ctx, 0, sizeof(runas_ctx));
memset(&ctx.runas, 0, sizeof(ctx.runas));
debug_return;
}
@@ -1619,7 +1618,7 @@ tty_present(void)
{
debug_decl(tty_present, SUDOERS_DEBUG_PLUGIN);
if (user_ctx.tcpgid == 0 && user_ctx.ttypath == NULL) {
if (ctx.user.tcpgid == 0 && ctx.user.ttypath == NULL) {
/* No job control or terminal, check /dev/tty. */
int fd = open(_PATH_TTY, O_RDWR);
if (fd == -1)

41
plugins/sudoers/sudoers.h
View File

@@ -77,7 +77,6 @@ struct group_list {
/*
* Info pertaining to the invoking user.
* XXX - can we embed struct eventlog here or use it instead?
*/
struct sudoers_user_context {
struct timespec submit_time;
@@ -104,7 +103,6 @@ struct sudoers_user_context {
char *iolog_file;
char *iolog_path;
GETGROUPS_T *gids;
unsigned int flags;
int ngids;
int closefrom;
int lines;
@@ -118,8 +116,10 @@ struct sudoers_user_context {
char uuid_str[37];
};
/*
* Info pertaining to the runas user.
*/
struct sudoers_runas_context {
unsigned int flags;
int execfd;
struct passwd *pw;
struct group *gr;
@@ -145,6 +145,26 @@ struct sudoers_runas_context {
#endif
};
/*
* Settings passed in from the sudo front-end.
*/
struct sudoers_plugin_settings {
unsigned int flags;
int max_groups;
const char *plugin_dir;
const char *ldap_conf;
const char *ldap_secret;
};
/*
* Global configuration for the sudoers module.
*/
struct sudoers_context {
struct sudoers_user_context user;
struct sudoers_runas_context runas;
struct sudoers_plugin_settings settings;
};
/*
* sudo_get_gidlist() type values
*/
@@ -153,17 +173,13 @@ struct sudoers_runas_context {
#define ENTRY_TYPE_FRONTEND 0x02
/*
* user_ctx.flag values
*/
#define CAN_INTERCEPT_SETID 0x01U
#define HAVE_INTERCEPT_PTRACE 0x02U
#define USER_INTERCEPT_SETID 0x04U
/*
* runas_ctx.flag values
* sudoers_plugin_settings.flag values
*/
#define RUNAS_USER_SPECIFIED 0x01U
#define RUNAS_GROUP_SPECIFIED 0x02U
#define CAN_INTERCEPT_SETID 0x04U
#define HAVE_INTERCEPT_PTRACE 0x08U
#define USER_INTERCEPT_SETID 0x10U
/*
* Return values for sudoers_lookup(), also used as arguments for log_auth()
@@ -385,8 +401,7 @@ int sudoers_list(int argc, char *const argv[], const char *list_user, bool verbo
int sudoers_validate_user(void);
void sudoers_cleanup(void);
bool sudoers_override_umask(void);
extern struct sudoers_user_context user_ctx;
extern struct sudoers_runas_context runas_ctx;
extern struct sudoers_context ctx;
extern unsigned int sudo_mode;
extern int sudoedit_nfiles;
extern sudo_conv_t sudo_conv;

99
plugins/sudoers/testsudoers.c
View File

@@ -79,8 +79,7 @@ static int testsudoers_query(const struct sudo_nss *nss, struct passwd *pw);
/*
* Globals
*/
struct sudoers_user_context user_ctx;
struct sudoers_runas_context runas_ctx;
struct sudoers_context ctx;
static const char *orig_cmnd;
static char *runas_group, *runas_user;
unsigned int sudo_mode = MODE_RUN;
@@ -136,7 +135,7 @@ main(int argc, char *argv[])
while ((ch = getopt(argc, argv, "+D:dg:G:h:i:L:lP:p:R:T:tu:U:v")) != -1) {
switch (ch) {
case 'D':
runas_ctx.cwd = optarg;
ctx.runas.cwd = optarg;
break;
case 'd':
dflag = 1;
@@ -149,10 +148,10 @@ main(int argc, char *argv[])
break;
case 'g':
runas_group = optarg;
SET(runas_ctx.flags, RUNAS_GROUP_SPECIFIED);
SET(ctx.settings.flags, RUNAS_GROUP_SPECIFIED);
break;
case 'h':
user_ctx.host = optarg;
ctx.user.host = optarg;
break;
case 'i':
if (strcasecmp(optarg, "ldif") == 0) {
@@ -165,8 +164,8 @@ main(int argc, char *argv[])
}
break;
case 'L':
runas_ctx.list_pw = sudo_getpwnam(optarg);
if (runas_ctx.list_pw == NULL) {
ctx.runas.list_pw = sudo_getpwnam(optarg);
if (ctx.runas.list_pw == NULL) {
sudo_warnx(U_("unknown user %s"), optarg);
usage();
}
@@ -193,7 +192,7 @@ main(int argc, char *argv[])
sudo_fatalx("invalid time: %s", optarg);
break;
case 'R':
runas_ctx.chroot = optarg;
ctx.runas.chroot = optarg;
break;
case 't':
trace_print = testsudoers_error;
@@ -206,7 +205,7 @@ main(int argc, char *argv[])
break;
case 'u':
runas_user = optarg;
SET(runas_ctx.flags, RUNAS_USER_SPECIFIED);
SET(ctx.settings.flags, RUNAS_USER_SPECIFIED);
break;
case 'v':
if (sudo_mode != MODE_RUN) {
@@ -246,48 +245,48 @@ main(int argc, char *argv[])
} else if (pwflag == 0) {
usage();
}
user_ctx.name = argc ? *argv++ : (char *)"root";
ctx.user.name = argc ? *argv++ : (char *)"root";
argc = 0;
} else {
if (argc > 2 && sudo_mode == MODE_LIST)
sudo_mode = MODE_CHECK;
user_ctx.name = *argv++;
ctx.user.name = *argv++;
argc--;
if (orig_cmnd == NULL) {
orig_cmnd = *argv++;
argc--;
}
}
user_ctx.cmnd = strdup(orig_cmnd);
if (user_ctx.cmnd == NULL)
ctx.user.cmnd = strdup(orig_cmnd);
if (ctx.user.cmnd == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
user_ctx.cmnd_base = sudo_basename(user_ctx.cmnd);
ctx.user.cmnd_base = sudo_basename(ctx.user.cmnd);
if (getcwd(cwdbuf, sizeof(cwdbuf)) == NULL)
strlcpy(cwdbuf, "/", sizeof(cwdbuf));
user_ctx.cwd = cwdbuf;
ctx.user.cwd = cwdbuf;
if ((user_ctx.pw = sudo_getpwnam(user_ctx.name)) == NULL)
sudo_fatalx(U_("unknown user %s"), user_ctx.name);
user_ctx.uid = user_ctx.pw->pw_uid;
user_ctx.gid = user_ctx.pw->pw_gid;
if ((ctx.user.pw = sudo_getpwnam(ctx.user.name)) == NULL)
sudo_fatalx(U_("unknown user %s"), ctx.user.name);
ctx.user.uid = ctx.user.pw->pw_uid;
ctx.user.gid = ctx.user.pw->pw_gid;
if (user_ctx.host == NULL) {
if ((user_ctx.host = sudo_gethostname()) == NULL)
if (ctx.user.host == NULL) {
if ((ctx.user.host = sudo_gethostname()) == NULL)
sudo_fatal("gethostname");
}
if ((p = strchr(user_ctx.host, '.'))) {
if ((p = strchr(ctx.user.host, '.'))) {
*p = '\0';
if ((user_ctx.shost = strdup(user_ctx.host)) == NULL)
if ((ctx.user.shost = strdup(ctx.user.host)) == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
*p = '.';
} else {
user_ctx.shost = user_ctx.host;
ctx.user.shost = ctx.user.host;
}
runas_ctx.host = user_ctx.host;
runas_ctx.shost = user_ctx.shost;
ctx.runas.host = ctx.user.host;
ctx.runas.shost = ctx.user.shost;
/* Fill in user_ctx.cmnd_args from argv. */
/* Fill in ctx.user.cmnd_args from argv. */
if (argc > 0) {
char *to, **from;
size_t size, n;
@@ -295,11 +294,11 @@ main(int argc, char *argv[])
for (size = 0, from = argv; *from; from++)
size += strlen(*from) + 1;
if ((user_ctx.cmnd_args = malloc(size)) == NULL)
if ((ctx.user.cmnd_args = malloc(size)) == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
for (to = user_ctx.cmnd_args, from = argv; *from; from++) {
n = strlcpy(to, *from, size - (size_t)(to - user_ctx.cmnd_args));
if (n >= size - (size_t)(to - user_ctx.cmnd_args))
for (to = ctx.user.cmnd_args, from = argv; *from; from++) {
n = strlcpy(to, *from, size - (size_t)(to - ctx.user.cmnd_args));
if (n >= size - (size_t)(to - ctx.user.cmnd_args))
sudo_fatalx(U_("internal error, %s overflow"), getprogname());
to += n;
*to++ = ' ';
@@ -339,7 +338,7 @@ main(int argc, char *argv[])
*/
if (runas_group != NULL) {
set_runasgr(runas_group);
set_runaspw(runas_user ? runas_user : user_ctx.name);
set_runaspw(runas_user ? runas_user : ctx.user.name);
} else
set_runaspw(runas_user ? runas_user : def_runas_default);
@@ -379,27 +378,27 @@ main(int argc, char *argv[])
testsudoers_nss.query = testsudoers_query;
testsudoers_nss.parse_tree = &parsed_policy;
printf("\nEntries for user %s:\n", user_ctx.name);
validated = sudoers_lookup(&snl, user_ctx.pw, now, cb_lookup, NULL,
printf("\nEntries for user %s:\n", ctx.user.name);
validated = sudoers_lookup(&snl, ctx.user.pw, now, cb_lookup, NULL,
&status, pwflag);
/* Validate user-specified chroot or cwd (if any) and runas user shell. */
if (ISSET(validated, VALIDATE_SUCCESS)) {
if (!check_user_shell(runas_ctx.pw)) {
if (!check_user_shell(ctx.runas.pw)) {
printf(U_("\nInvalid shell for user %s: %s\n"),
runas_ctx.pw->pw_name, runas_ctx.pw->pw_shell);
ctx.runas.pw->pw_name, ctx.runas.pw->pw_shell);
CLR(validated, VALIDATE_SUCCESS);
SET(validated, VALIDATE_FAILURE);
}
if (check_user_runchroot(runas_ctx.chroot) != true) {
if (check_user_runchroot(ctx.runas.chroot) != true) {
printf("\nUser %s is not allowed to change root directory to %s\n",
user_ctx.name, runas_ctx.chroot);
ctx.user.name, ctx.runas.chroot);
CLR(validated, VALIDATE_SUCCESS);
SET(validated, VALIDATE_FAILURE);
}
if (check_user_runcwd(runas_ctx.cwd) != true) {
if (check_user_runcwd(ctx.runas.cwd) != true) {
printf("\nUser %s is not allowed to change directory to %s\n",
user_ctx.name, runas_ctx.cwd);
ctx.user.name, ctx.runas.cwd);
CLR(validated, VALIDATE_SUCCESS);
SET(validated, VALIDATE_FAILURE);
}
@@ -447,16 +446,16 @@ set_runaspw(const char *user)
uid_t uid = sudo_strtoid(user + 1, &errstr);
if (errstr == NULL) {
if ((pw = sudo_getpwuid(uid)) == NULL)
pw = sudo_fakepwnam(user, user_ctx.gid);
pw = sudo_fakepwnam(user, ctx.user.gid);
}
}
if (pw == NULL) {
if ((pw = sudo_getpwnam(user)) == NULL)
sudo_fatalx(U_("unknown user %s"), user);
}
if (runas_ctx.pw != NULL)
sudo_pw_delref(runas_ctx.pw);
runas_ctx.pw = pw;
if (ctx.runas.pw != NULL)
sudo_pw_delref(ctx.runas.pw);
ctx.runas.pw = pw;
debug_return;
}
@@ -478,9 +477,9 @@ set_runasgr(const char *group)
if ((gr = sudo_getgrnam(group)) == NULL)
sudo_fatalx(U_("unknown group %s"), group);
}
if (runas_ctx.gr != NULL)
sudo_gr_delref(runas_ctx.gr);
runas_ctx.gr = gr;
if (ctx.runas.gr != NULL)
sudo_gr_delref(ctx.runas.gr);
ctx.runas.gr = gr;
debug_return;
}
@@ -615,12 +614,12 @@ unpivot_root(int fds[2])
int
set_cmnd_path(const char *runchroot)
{
/* Reallocate user_ctx.cmnd to catch bugs in command_matches(). */
/* Reallocate ctx.user.cmnd to catch bugs in command_matches(). */
char *new_cmnd = strdup(orig_cmnd);
if (new_cmnd == NULL)
return NOT_FOUND_ERROR;
free(user_ctx.cmnd);
user_ctx.cmnd = new_cmnd;
free(ctx.user.cmnd);
ctx.user.cmnd = new_cmnd;
return FOUND;
}

16
plugins/sudoers/timestamp.c
View File

@@ -405,14 +405,14 @@ ts_init_key(struct timestamp_entry *entry, struct passwd *pw,
} else {
entry->flags |= TS_ANYUID;
}
entry->sid = user_ctx.sid;
entry->sid = ctx.user.sid;
switch (ticket_type) {
default:
/* Unknown time stamp ticket type, treat as tty (should not happen). */
sudo_warnx("unknown time stamp ticket type %d", ticket_type);
FALLTHROUGH;
case tty:
if (user_ctx.ttypath != NULL && stat(user_ctx.ttypath, &sb) == 0) {
if (ctx.user.ttypath != NULL && stat(ctx.user.ttypath, &sb) == 0) {
/* tty-based time stamp */
entry->type = TS_TTY;
entry->u.ttydev = sb.st_rdev;
@@ -1039,7 +1039,7 @@ timestamp_remove(bool unlink_it)
goto done;
}
if (asprintf(&fname, "%s/%s", def_timestampdir, user_ctx.name) == -1) {
if (asprintf(&fname, "%s/%s", def_timestampdir, ctx.user.name) == -1) {
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
ret = -1;
goto done;
@@ -1047,12 +1047,12 @@ timestamp_remove(bool unlink_it)
/* For "sudo -K" simply unlink the time stamp file. */
if (unlink_it) {
ret = unlinkat(dfd, user_ctx.name, 0) ? -1 : true;
ret = unlinkat(dfd, ctx.user.name, 0) ? -1 : true;
goto done;
}
/* Open time stamp file and lock it for exclusive access. */
fd = ts_openat(dfd, user_ctx.name, O_RDWR);
fd = ts_openat(dfd, ctx.user.name, O_RDWR);
switch (fd) {
case TIMESTAMP_OPEN_ERROR:
if (errno != ENOENT)
@@ -1107,7 +1107,7 @@ already_lectured(void)
dfd = ts_secure_opendir(def_lecture_status_dir, false, true);
if (dfd != -1) {
ret = fstatat(dfd, user_ctx.name, &sb, AT_SYMLINK_NOFOLLOW) == 0;
ret = fstatat(dfd, ctx.user.name, &sb, AT_SYMLINK_NOFOLLOW) == 0;
close(dfd);
}
debug_return_bool(ret);
@@ -1129,7 +1129,7 @@ set_lectured(void)
goto done;
/* Create lecture file. */
fd = ts_openat(dfd, user_ctx.name, O_WRONLY|O_CREAT|O_EXCL);
fd = ts_openat(dfd, ctx.user.name, O_WRONLY|O_CREAT|O_EXCL);
switch (fd) {
case TIMESTAMP_OPEN_ERROR:
/* Failed to open, not a fatal error. */
@@ -1171,7 +1171,7 @@ create_admin_success_flag(struct passwd *pw)
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
debug_return_int(-1);
}
if (!expand_tilde(&flagfile, user_ctx.name)) {
if (!expand_tilde(&flagfile, ctx.user.name)) {
free(flagfile);
debug_return_int(false);
}

8
plugins/sudoers/toke.c
View File

@@ -5894,7 +5894,7 @@ init_lexer(void)
}
/*
* Like strlcpy() but expand %h escapes to user_ctx.shost.
* Like strlcpy() but expand %h escapes to ctx.user.shost.
*/
static size_t
strlcpy_expand_host(char *dst, const char *src, size_t size)
@@ -5905,7 +5905,7 @@ strlcpy_expand_host(char *dst, const char *src, size_t size)
while ((ch = *src++) != '\0') {
if (ch == '%' && *src == 'h') {
size_t n = strlcpy(dst, user_ctx.shost, size);
size_t n = strlcpy(dst, ctx.user.shost, size);
len += n;
if (n >= size) {
/* truncated */
@@ -5967,7 +5967,7 @@ expand_include(const char *src)
if (*src == '/') {
/* Fully-qualified path, make a copy and expand %h escapes. */
dst_size = src_len + (nhost * strlen(user_ctx.shost)) - (nhost * 2) + 1;
dst_size = src_len + (nhost * strlen(ctx.user.shost)) - (nhost * 2) + 1;
dst0 = sudo_rcstr_alloc(dst_size - 1);
if (dst0 == NULL) {
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
@@ -5992,7 +5992,7 @@ expand_include(const char *src)
dst_size += (size_t)(dirend - cp) + 1;
}
/* Includes space for ':' separator and NUL terminator. */
dst_size += src_len + (nhost * strlen(user_ctx.shost)) - (nhost * 2) + 1;
dst_size += src_len + (nhost * strlen(ctx.user.shost)) - (nhost * 2) + 1;
}
/* Make a copy of the fully-qualified path and return it. */

8
plugins/sudoers/toke.l
View File

@@ -1115,7 +1115,7 @@ init_lexer(void)
}
/*
* Like strlcpy() but expand %h escapes to user_ctx.shost.
* Like strlcpy() but expand %h escapes to ctx.user.shost.
*/
static size_t
strlcpy_expand_host(char *dst, const char *src, size_t size)
@@ -1126,7 +1126,7 @@ strlcpy_expand_host(char *dst, const char *src, size_t size)
while ((ch = *src++) != '\0') {
if (ch == '%' && *src == 'h') {
size_t n = strlcpy(dst, user_ctx.shost, size);
size_t n = strlcpy(dst, ctx.user.shost, size);
len += n;
if (n >= size) {
/* truncated */
@@ -1188,7 +1188,7 @@ expand_include(const char *src)
if (*src == '/') {
/* Fully-qualified path, make a copy and expand %h escapes. */
dst_size = src_len + (nhost * strlen(user_ctx.shost)) - (nhost * 2) + 1;
dst_size = src_len + (nhost * strlen(ctx.user.shost)) - (nhost * 2) + 1;
dst0 = sudo_rcstr_alloc(dst_size - 1);
if (dst0 == NULL) {
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
@@ -1213,7 +1213,7 @@ expand_include(const char *src)
dst_size += (size_t)(dirend - cp) + 1;
}
/* Includes space for ':' separator and NUL terminator. */
dst_size += src_len + (nhost * strlen(user_ctx.shost)) - (nhost * 2) + 1;
dst_size += src_len + (nhost * strlen(ctx.user.shost)) - (nhost * 2) + 1;
}
/* Make a copy of the fully-qualified path and return it. */

13
plugins/sudoers/visudo.c
View File

@@ -108,8 +108,7 @@ extern void get_hostname(void);
/*
* Globals
*/
struct sudoers_user_context user_ctx;
struct sudoers_runas_context runas_ctx;
struct sudoers_context ctx;
static const char *path_sudoers = _PATH_SUDOERS;
static struct sudoersfile_list sudoerslist = TAILQ_HEAD_INITIALIZER(sudoerslist);
static struct sudoers_parser_config sudoers_conf = SUDOERS_PARSER_CONFIG_INITIALIZER;
@@ -259,16 +258,16 @@ main(int argc, char *argv[])
}
/* Mock up a fake struct sudoers_user_context. */
user_ctx.cmnd = user_ctx.cmnd_base = strdup("true");
if (user_ctx.cmnd == NULL)
ctx.user.cmnd = ctx.user.cmnd_base = strdup("true");
if (ctx.user.cmnd == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
if (geteuid() == 0) {
const char *user = getenv("SUDO_USER");
if (user != NULL && *user != '\0')
user_ctx.pw = sudo_getpwnam(user);
ctx.user.pw = sudo_getpwnam(user);
}
if (user_ctx.pw == NULL) {
if ((user_ctx.pw = sudo_getpwuid(getuid())) == NULL)
if (ctx.user.pw == NULL) {
if ((ctx.user.pw = sudo_getpwuid(getuid())) == NULL)
sudo_fatalx(U_("you do not exist in the %s database"), "passwd");
}
get_hostname();