Move tty_present() into policy.c as sudoers_tty_present().
This function is policy-dependent. For the modern sudo front-end it will simply check tcpgid and/or ttypath.
This commit is contained in:
Todd C. Miller
@@ -31,6 +31,7 @@
|
||||
#include <string.h>
|
||||
#include <unistd.h>
|
||||
#include <errno.h>
|
||||
#include <fcntl.h>
|
||||
#include <grp.h>
|
||||
#include <pwd.h>
|
||||
|
||||
@@ -1044,6 +1045,21 @@ bad:
|
||||
debug_return_bool(false);
|
||||
}
|
||||
|
||||
bool
|
||||
sudoers_tty_present(struct sudoers_context *ctx)
|
||||
{
|
||||
debug_decl(sudoers_tty_present, SUDOERS_DEBUG_PLUGIN);
|
||||
|
||||
if (ctx->user.tcpgid == 0 && ctx->user.ttypath == NULL) {
|
||||
/* No job control or terminal, check /dev/tty. */
|
||||
int fd = open(_PATH_TTY, O_RDWR);
|
||||
if (fd == -1)
|
||||
debug_return_bool(false);
|
||||
close(fd);
|
||||
}
|
||||
debug_return_bool(true);
|
||||
}
|
||||
|
||||
static int
|
||||
sudoers_policy_open(unsigned int version, sudo_conv_t conversation,
|
||||
sudo_printf_t plugin_printf, char * const settings[],
|
||||
|
||||
@@ -73,7 +73,6 @@ static bool init_vars(struct sudoers_context *ctx, char * const *);
|
||||
static bool set_loginclass(struct sudoers_context *);
|
||||
static bool set_runaspw(struct sudoers_context *ctx, const char *, bool);
|
||||
static bool set_runasgr(struct sudoers_context *ctx, const char *, bool);
|
||||
static bool tty_present(struct sudoers_context *ctx);
|
||||
|
||||
/*
|
||||
* Globals
|
||||
@@ -435,7 +434,7 @@ sudoers_check_common(struct sudoers_context *ctx, int pwflag)
|
||||
}
|
||||
|
||||
/* Bail if a tty is required and we don't have one. */
|
||||
if (def_requiretty && !tty_present(ctx)) {
|
||||
if (def_requiretty && !sudoers_tty_present(ctx)) {
|
||||
log_warningx(ctx, SLOG_NO_STDERR|SLOG_AUDIT, N_("no tty"));
|
||||
sudo_warnx("%s", U_("sorry, you must have a tty to run sudo"));
|
||||
goto bad;
|
||||
@@ -1529,21 +1528,6 @@ sudoers_cleanup(void)
|
||||
debug_return;
|
||||
}
|
||||
|
||||
static bool
|
||||
tty_present(struct sudoers_context *ctx)
|
||||
{
|
||||
debug_decl(tty_present, SUDOERS_DEBUG_PLUGIN);
|
||||
|
||||
if (ctx->user.tcpgid == 0 && ctx->user.ttypath == NULL) {
|
||||
/* No job control or terminal, check /dev/tty. */
|
||||
int fd = open(_PATH_TTY, O_RDWR);
|
||||
if (fd == -1)
|
||||
debug_return_bool(false);
|
||||
close(fd);
|
||||
}
|
||||
debug_return_bool(true);
|
||||
}
|
||||
|
||||
bool
|
||||
sudoers_set_mode(unsigned int flags, unsigned int mask)
|
||||
{
|
||||
|
||||
@@ -450,6 +450,7 @@ void sudoers_debug_deregister(void);
|
||||
/* policy.c */
|
||||
unsigned int sudoers_policy_deserialize_info(struct sudoers_context *ctx, void *v, struct defaults_list *defaults);
|
||||
bool sudoers_policy_store_result(struct sudoers_context *ctx, bool accepted, char *argv[], char *envp[], mode_t cmnd_umask, char *iolog_path, void *v);
|
||||
bool sudoers_tty_present(struct sudoers_context *ctx);
|
||||
|
||||
/* group_plugin.c */
|
||||
void group_plugin_unload(void);
|
||||
|
||||
Reference in New Issue
Block a user