Use embedded newlines in lbuf instead of multiple calls to lbuf_print.
This commit is contained in:
Todd C. Miller
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2003-2009 Todd C. Miller <Todd.Miller@courtesan.com>
|
* Copyright (c) 2003-2010 Todd C. Miller <Todd.Miller@courtesan.com>
|
||||||
*
|
*
|
||||||
* This code is derived from software contributed by Aaron Spangler.
|
* This code is derived from software contributed by Aaron Spangler.
|
||||||
*
|
*
|
||||||
@@ -1150,10 +1150,7 @@ sudo_ldap_display_defaults(nss, pw, lbuf)
|
|||||||
if (rc == LDAP_SUCCESS && (entry = ldap_first_entry(ld, result))) {
|
if (rc == LDAP_SUCCESS && (entry = ldap_first_entry(ld, result))) {
|
||||||
bv = ldap_get_values_len(ld, entry, "sudoOption");
|
bv = ldap_get_values_len(ld, entry, "sudoOption");
|
||||||
if (bv != NULL) {
|
if (bv != NULL) {
|
||||||
if (lbuf->len == 0)
|
prefix = " ";
|
||||||
prefix = " ";
|
|
||||||
else
|
|
||||||
prefix = ", ";
|
|
||||||
for (p = bv; *p != NULL; p++) {
|
for (p = bv; *p != NULL; p++) {
|
||||||
lbuf_append(lbuf, prefix, (*p)->bv_val, NULL);
|
lbuf_append(lbuf, prefix, (*p)->bv_val, NULL);
|
||||||
prefix = ", ";
|
prefix = ", ";
|
||||||
@@ -1257,8 +1254,8 @@ sudo_ldap_display_entry_short(ld, entry, lbuf)
|
|||||||
}
|
}
|
||||||
ldap_value_free_len(bv);
|
ldap_value_free_len(bv);
|
||||||
}
|
}
|
||||||
|
lbuf_append(lbuf, "\n", NULL);
|
||||||
|
|
||||||
lbuf_print(lbuf); /* forces a newline */
|
|
||||||
return(count);
|
return(count);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -1277,9 +1274,7 @@ sudo_ldap_display_entry_long(ld, entry, lbuf)
|
|||||||
|
|
||||||
/* extract the dn, only show the first rdn */
|
/* extract the dn, only show the first rdn */
|
||||||
rdn = sudo_ldap_get_first_rdn(ld, entry);
|
rdn = sudo_ldap_get_first_rdn(ld, entry);
|
||||||
lbuf_print(lbuf); /* force a newline */
|
lbuf_append(lbuf, "\nLDAP Role: ", rdn ? rdn : "UNKNOWN", "\n", NULL);
|
||||||
lbuf_append(lbuf, "LDAP Role: ", rdn ? rdn : "UNKNOWN", NULL);
|
|
||||||
lbuf_print(lbuf);
|
|
||||||
if (rdn)
|
if (rdn)
|
||||||
ldap_memfree(rdn);
|
ldap_memfree(rdn);
|
||||||
|
|
||||||
@@ -1297,7 +1292,7 @@ sudo_ldap_display_entry_long(ld, entry, lbuf)
|
|||||||
ldap_value_free_len(bv);
|
ldap_value_free_len(bv);
|
||||||
} else
|
} else
|
||||||
lbuf_append(lbuf, def_runas_default, NULL);
|
lbuf_append(lbuf, def_runas_default, NULL);
|
||||||
lbuf_print(lbuf);
|
lbuf_append(lbuf, "\n", NULL);
|
||||||
|
|
||||||
/* get the RunAsGroup Values from the entry */
|
/* get the RunAsGroup Values from the entry */
|
||||||
bv = ldap_get_values_len(ld, entry, "sudoRunAsGroup");
|
bv = ldap_get_values_len(ld, entry, "sudoRunAsGroup");
|
||||||
@@ -1309,7 +1304,7 @@ sudo_ldap_display_entry_long(ld, entry, lbuf)
|
|||||||
lbuf_append(lbuf, (*p)->bv_val, NULL);
|
lbuf_append(lbuf, (*p)->bv_val, NULL);
|
||||||
}
|
}
|
||||||
ldap_value_free_len(bv);
|
ldap_value_free_len(bv);
|
||||||
lbuf_print(lbuf);
|
lbuf_append(lbuf, "\n", NULL);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* get the Option Values from the entry */
|
/* get the Option Values from the entry */
|
||||||
@@ -1322,17 +1317,15 @@ sudo_ldap_display_entry_long(ld, entry, lbuf)
|
|||||||
lbuf_append(lbuf, (*p)->bv_val, NULL);
|
lbuf_append(lbuf, (*p)->bv_val, NULL);
|
||||||
}
|
}
|
||||||
ldap_value_free_len(bv);
|
ldap_value_free_len(bv);
|
||||||
lbuf_print(lbuf);
|
lbuf_append(lbuf, "\n", NULL);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* get the Command Values from the entry */
|
/* get the Command Values from the entry */
|
||||||
bv = ldap_get_values_len(ld, entry, "sudoCommand");
|
bv = ldap_get_values_len(ld, entry, "sudoCommand");
|
||||||
if (bv != NULL) {
|
if (bv != NULL) {
|
||||||
lbuf_append(lbuf, " Commands:", NULL);
|
lbuf_append(lbuf, " Commands:\n", NULL);
|
||||||
lbuf_print(lbuf);
|
|
||||||
for (p = bv; *p != NULL; p++) {
|
for (p = bv; *p != NULL; p++) {
|
||||||
lbuf_append(lbuf, "\t", (*p)->bv_val, NULL);
|
lbuf_append(lbuf, "\t", (*p)->bv_val, "\n", NULL);
|
||||||
lbuf_print(lbuf);
|
|
||||||
count++;
|
count++;
|
||||||
}
|
}
|
||||||
ldap_value_free_len(bv);
|
ldap_value_free_len(bv);
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2004-2005, 2007-2009 Todd C. Miller <Todd.Miller@courtesan.com>
|
* Copyright (c) 2004-2005, 2007-2010 Todd C. Miller <Todd.Miller@courtesan.com>
|
||||||
*
|
*
|
||||||
* Permission to use, copy, modify, and distribute this software for any
|
* Permission to use, copy, modify, and distribute this software for any
|
||||||
* purpose with or without fee is hereby granted, provided that the above
|
* purpose with or without fee is hereby granted, provided that the above
|
||||||
@@ -352,7 +352,7 @@ sudo_file_display_priv_short(pw, us, lbuf)
|
|||||||
sudo_file_append_cmnd(cs, &tags, lbuf);
|
sudo_file_append_cmnd(cs, &tags, lbuf);
|
||||||
nfound++;
|
nfound++;
|
||||||
}
|
}
|
||||||
lbuf_print(lbuf); /* forces a newline */
|
lbuf_append(lbuf, "\n", NULL);
|
||||||
}
|
}
|
||||||
return(nfound);
|
return(nfound);
|
||||||
}
|
}
|
||||||
@@ -376,9 +376,7 @@ sudo_file_display_priv_long(pw, us, lbuf)
|
|||||||
tags.setenv = UNSPEC;
|
tags.setenv = UNSPEC;
|
||||||
tags.nopasswd = UNSPEC;
|
tags.nopasswd = UNSPEC;
|
||||||
tags.transcript = UNSPEC;
|
tags.transcript = UNSPEC;
|
||||||
lbuf_print(lbuf); /* force a newline */
|
lbuf_append(lbuf, "\nSudoers entry:\n", NULL);
|
||||||
lbuf_append(lbuf, "Sudoers entry:", NULL);
|
|
||||||
lbuf_print(lbuf);
|
|
||||||
tq_foreach_fwd(&priv->cmndlist, cs) {
|
tq_foreach_fwd(&priv->cmndlist, cs) {
|
||||||
lbuf_append(lbuf, " RunAsUsers: ", NULL);
|
lbuf_append(lbuf, " RunAsUsers: ", NULL);
|
||||||
if (!tq_empty(&cs->runasuserlist)) {
|
if (!tq_empty(&cs->runasuserlist)) {
|
||||||
@@ -393,7 +391,7 @@ sudo_file_display_priv_long(pw, us, lbuf)
|
|||||||
} else {
|
} else {
|
||||||
lbuf_append(lbuf, pw->pw_name, NULL);
|
lbuf_append(lbuf, pw->pw_name, NULL);
|
||||||
}
|
}
|
||||||
lbuf_print(lbuf);
|
lbuf_append(lbuf, "\n", NULL);
|
||||||
if (!tq_empty(&cs->runasgrouplist)) {
|
if (!tq_empty(&cs->runasgrouplist)) {
|
||||||
lbuf_append(lbuf, " RunAsGroups: ", NULL);
|
lbuf_append(lbuf, " RunAsGroups: ", NULL);
|
||||||
tq_foreach_fwd(&cs->runasgrouplist, m) {
|
tq_foreach_fwd(&cs->runasgrouplist, m) {
|
||||||
@@ -402,13 +400,11 @@ sudo_file_display_priv_long(pw, us, lbuf)
|
|||||||
print_member(lbuf, m->name, m->type, m->negated,
|
print_member(lbuf, m->name, m->type, m->negated,
|
||||||
RUNASALIAS);
|
RUNASALIAS);
|
||||||
}
|
}
|
||||||
lbuf_print(lbuf);
|
lbuf_append(lbuf, "\n", NULL);
|
||||||
}
|
}
|
||||||
lbuf_append(lbuf, " Commands: ", NULL);
|
lbuf_append(lbuf, " Commands:\n\t", NULL);
|
||||||
lbuf_print(lbuf);
|
|
||||||
lbuf_append(lbuf, "\t", NULL);
|
|
||||||
sudo_file_append_cmnd(cs, &tags, lbuf);
|
sudo_file_append_cmnd(cs, &tags, lbuf);
|
||||||
lbuf_print(lbuf);
|
lbuf_append(lbuf, "\n", NULL);
|
||||||
nfound++;
|
nfound++;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -455,11 +451,7 @@ sudo_file_display_defaults(nss, pw, lbuf)
|
|||||||
if (nss->handle == NULL)
|
if (nss->handle == NULL)
|
||||||
return(-1);
|
return(-1);
|
||||||
|
|
||||||
if (lbuf->len == 0)
|
prefix = " ";
|
||||||
prefix = " ";
|
|
||||||
else
|
|
||||||
prefix = ", ";
|
|
||||||
|
|
||||||
tq_foreach_fwd(&defaults, d) {
|
tq_foreach_fwd(&defaults, d) {
|
||||||
switch (d->type) {
|
switch (d->type) {
|
||||||
case DEFAULTS_HOST:
|
case DEFAULTS_HOST:
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2007-2009 Todd C. Miller <Todd.Miller@courtesan.com>
|
* Copyright (c) 2007-2010 Todd C. Miller <Todd.Miller@courtesan.com>
|
||||||
*
|
*
|
||||||
* Permission to use, copy, modify, and distribute this software for any
|
* Permission to use, copy, modify, and distribute this software for any
|
||||||
* purpose with or without fee is hereby granted, provided that the above
|
* purpose with or without fee is hereby granted, provided that the above
|
||||||
@@ -244,7 +244,6 @@ output(const char *buf)
|
|||||||
* Print out privileges for the specified user.
|
* Print out privileges for the specified user.
|
||||||
* We only get here if the user is allowed to run something on this host.
|
* We only get here if the user is allowed to run something on this host.
|
||||||
*/
|
*/
|
||||||
/* XXX - conversation function or newlines in lbuf */
|
|
||||||
void
|
void
|
||||||
display_privs(snl, pw)
|
display_privs(snl, pw)
|
||||||
struct sudo_nss_list *snl;
|
struct sudo_nss_list *snl;
|
||||||
@@ -260,32 +259,42 @@ display_privs(snl, pw)
|
|||||||
lbuf_init(&lbuf, output, 4, NULL, sudo_user.cols);
|
lbuf_init(&lbuf, output, 4, NULL, sudo_user.cols);
|
||||||
|
|
||||||
/* Display defaults from all sources. */
|
/* Display defaults from all sources. */
|
||||||
|
lbuf_append(&lbuf, "Matching Defaults entries for ", pw->pw_name,
|
||||||
|
" on this host:\n", NULL);
|
||||||
count = 0;
|
count = 0;
|
||||||
tq_foreach_fwd(snl, nss)
|
tq_foreach_fwd(snl, nss) {
|
||||||
count += nss->display_defaults(nss, pw, &lbuf);
|
count += nss->display_defaults(nss, pw, &lbuf);
|
||||||
|
}
|
||||||
if (count) {
|
if (count) {
|
||||||
printf("Matching Defaults entries for %s on this host:\n", pw->pw_name);
|
lbuf_append(&lbuf, "\n\n", NULL);
|
||||||
lbuf_print(&lbuf);
|
lbuf_print(&lbuf);
|
||||||
putchar('\n');
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Display Runas and Cmnd-specific defaults from all sources. */
|
/* Display Runas and Cmnd-specific defaults from all sources. */
|
||||||
|
lbuf.len = 0;
|
||||||
|
lbuf_append(&lbuf, "Runas and Command-specific defaults for", pw->pw_name,
|
||||||
|
":\n", NULL);
|
||||||
count = 0;
|
count = 0;
|
||||||
tq_foreach_fwd(snl, nss)
|
tq_foreach_fwd(snl, nss) {
|
||||||
count += nss->display_bound_defaults(nss, pw, &lbuf);
|
count += nss->display_bound_defaults(nss, pw, &lbuf);
|
||||||
|
}
|
||||||
if (count) {
|
if (count) {
|
||||||
printf("Runas and Command-specific defaults for %s:\n", pw->pw_name);
|
lbuf_append(&lbuf, "\n\n", NULL);
|
||||||
lbuf_print(&lbuf);
|
lbuf_print(&lbuf);
|
||||||
putchar('\n');
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Display privileges from all sources. */
|
/* Display privileges from all sources. */
|
||||||
printf("User %s may run the following commands on this host:\n",
|
lbuf.len = 0;
|
||||||
pw->pw_name);
|
lbuf_append(&lbuf, "User ", pw->pw_name,
|
||||||
tq_foreach_fwd(snl, nss)
|
" may run the following commands on this host:\n", NULL);
|
||||||
(void) nss->display_privs(nss, pw, &lbuf);
|
count = 0;
|
||||||
if (lbuf.len != 0)
|
tq_foreach_fwd(snl, nss) {
|
||||||
lbuf_print(&lbuf); /* print remainder, if any */
|
count += nss->display_privs(nss, pw, &lbuf);
|
||||||
|
}
|
||||||
|
if (count) {
|
||||||
|
lbuf_print(&lbuf);
|
||||||
|
}
|
||||||
|
|
||||||
lbuf_destroy(&lbuf);
|
lbuf_destroy(&lbuf);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user