isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Implement #includedir directive. Files in an includedir are not edited

Browse Source 
by visudo unless they contain a syntax error.
This commit is contained in:
Todd C. Miller
2009-04-18 23:25:08 +00:00
parent e65ec1438a
commit 3be603aa47
13 changed files with 1483 additions and 1047 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
gram.c
View File

@@ -798,15 +798,18 @@ init_parser(path, quiet)
init_aliases(); init_aliases();
init_lexer();
efree(sudoers); efree(sudoers);
sudoers = path ? estrdup(path) : NULL; sudoers = path ? estrdup(path) : NULL;
parse_error = FALSE; parse_error = FALSE;
errorlineno = -1; errorlineno = -1;
errorfile = NULL;
sudolineno = 1; sudolineno = 1;
verbose = !quiet; verbose = !quiet;
} }
#line 758 "y.tab.c" #line 761 "y.tab.c"
/* allocate initial stack or double stack size, up to YYMAXDEPTH */ /* allocate initial stack or double stack size, up to YYMAXDEPTH */
#if defined(__cplusplus) || defined(__STDC__) #if defined(__cplusplus) || defined(__STDC__)
static int yygrowstack(void) static int yygrowstack(void)
@@ -1546,7 +1549,7 @@ case 92:
yyval.member = new_member(yyvsp[0].string, WORD); yyval.member = new_member(yyvsp[0].string, WORD);
} }
break; break;
#line 1498 "y.tab.c" #line 1501 "y.tab.c"
} }
yyssp -= yym; yyssp -= yym;
yystate = *yyssp; yystate = *yyssp;

3
gram.y
View File

@@ -766,11 +766,14 @@ init_parser(path, quiet)
init_aliases(); init_aliases();
init_lexer();
efree(sudoers); efree(sudoers);
sudoers = path ? estrdup(path) : NULL; sudoers = path ? estrdup(path) : NULL;
parse_error = FALSE; parse_error = FALSE;
errorlineno = -1; errorlineno = -1;
errorfile = NULL;
sudolineno = 1; sudolineno = 1;
verbose = !quiet; verbose = !quiet;
} }

2
parse.c
View File

@@ -89,7 +89,7 @@ sudo_file_open(nss)
{ {
if (def_ignore_local_sudoers) if (def_ignore_local_sudoers)
return(-1); return(-1);
nss->handle = open_sudoers(_PATH_SUDOERS, NULL); nss->handle = open_sudoers(_PATH_SUDOERS, FALSE, NULL);
return(nss->handle ? 0 : -1); return(nss->handle ? 0 : -1);
} }

1
parse.h
View File

@@ -185,6 +185,7 @@ struct alias *alias_remove __P((char *, int));
void alias_free __P((void *)); void alias_free __P((void *));
void alias_apply __P((int (*)(void *, void *), void *)); void alias_apply __P((int (*)(void *, void *), void *));
void init_aliases __P((void)); void init_aliases __P((void));
void init_lexer __P((void));
void init_parser __P((char *, int)); void init_parser __P((char *, int));
int alias_compare __P((const void *, const void *)); int alias_compare __P((const void *, const void *));

3
sudo.c
View File

@@ -1072,8 +1072,9 @@ parse_args(argc, argv)
* Returns a handle to the sudoers file or NULL on error. * Returns a handle to the sudoers file or NULL on error.
*/ */
FILE * FILE *
open_sudoers(sudoers, keepopen) open_sudoers(sudoers, doedit, keepopen)
const char *sudoers; const char *sudoers;
int doedit;
int *keepopen; int *keepopen;
{ {
struct stat statbuf; struct stat statbuf;

2
sudo.h
View File

@@ -298,7 +298,7 @@ char *sudo_getepw __P((const struct passwd *));
int pam_prep_user __P((struct passwd *)); int pam_prep_user __P((struct passwd *));
void zero_bytes __P((volatile void *, size_t)); void zero_bytes __P((volatile void *, size_t));
int gettime __P((struct timespec *)); int gettime __P((struct timespec *));
FILE *open_sudoers __P((const char *, int *)); FILE *open_sudoers __P((const char *, int, int *));
void display_privs __P((struct sudo_nss_list *, struct passwd *)); void display_privs __P((struct sudo_nss_list *, struct passwd *));
int display_cmnd __P((struct sudo_nss_list *, struct passwd *)); int display_cmnd __P((struct sudo_nss_list *, struct passwd *));
int get_ttycols __P((void)); int get_ttycols __P((void));

450
sudoers.cat
View File

@@ -61,7 +61,7 @@ DDEESSCCRRIIPPTTIIOONN
1.7.1 March 11, 2009 1 1.7.1 April 18, 2009 1
@@ -127,7 +127,7 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
1.7.1 March 11, 2009 2 1.7.1 April 18, 2009 2
@@ -193,7 +193,7 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
1.7.1 March 11, 2009 3 1.7.1 April 18, 2009 3
@@ -259,7 +259,7 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
1.7.1 March 11, 2009 4 1.7.1 April 18, 2009 4
@@ -325,7 +325,7 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
1.7.1 March 11, 2009 5 1.7.1 April 18, 2009 5
@@ -391,7 +391,7 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
1.7.1 March 11, 2009 6 1.7.1 April 18, 2009 6
@@ -453,11 +453,11 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
IInncclluuddiinngg ootthheerr ffiilleess ffrroomm wwiitthhiinn ssuuddooeerrss IInncclluuddiinngg ootthheerr ffiilleess ffrroomm wwiitthhiinn ssuuddooeerrss
It is possible to include other _s_u_d_o_e_r_s files from within the _s_u_d_o_e_r_s It is possible to include other _s_u_d_o_e_r_s files from within the _s_u_d_o_e_r_s
file currently being parsed using the #include directive, similar to file currently being parsed using the #include and #includedir
1.7.1 March 11, 2009 7 1.7.1 April 18, 2009 7
@@ -466,12 +466,13 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
the one used by the C preprocessor. This is useful, for example, for directives.
keeping a site-wide _s_u_d_o_e_r_s file in addition to a per-machine local
one. For the sake of this example the site-wide _s_u_d_o_e_r_s will be This can be used, for example, to keep a site-wide _s_u_d_o_e_r_s file in
_/_e_t_c_/_s_u_d_o_e_r_s and the per-machine one will be _/_e_t_c_/_s_u_d_o_e_r_s_._l_o_c_a_l. To addition to a local, per-machine file. For the sake of this example
include _/_e_t_c_/_s_u_d_o_e_r_s_._l_o_c_a_l from within _/_e_t_c_/_s_u_d_o_e_r_s we would use the the site-wide _s_u_d_o_e_r_s will be _/_e_t_c_/_s_u_d_o_e_r_s and the per-machine one will
following line in _/_e_t_c_/_s_u_d_o_e_r_s: be _/_e_t_c_/_s_u_d_o_e_r_s_._l_o_c_a_l. To include _/_e_t_c_/_s_u_d_o_e_r_s_._l_o_c_a_l from within
_/_e_t_c_/_s_u_d_o_e_r_s we would use the following line in _/_e_t_c_/_s_u_d_o_e_r_s:
#include /etc/sudoers.local #include /etc/sudoers.local
@@ -489,6 +490,25 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
will cause ssuuddoo to include the file _/_e_t_c_/_s_u_d_o_e_r_s_._x_e_r_x_e_s. will cause ssuuddoo to include the file _/_e_t_c_/_s_u_d_o_e_r_s_._x_e_r_x_e_s.
The #includedir directive can be used to create a _s_u_d_o_._d directory that
the system package manager can drop _s_u_d_o_e_r_s rules into as part of
package installation. For example, given:
#includedir /etc/sudoers.d
ssuuddoo will read each file in _/_e_t_c_/_s_u_d_o_e_r_s_._d, skipping files that end in
".tmp" to avoid causing problems with vviissuuddoo. Files are parsed in
sorted lexical order. That is, _/_e_t_c_/_s_u_d_o_e_r_s_._d_/_0_1___f_i_r_s_t will be parsed
before _/_e_t_c_/_s_u_d_o_e_r_s_._d_/_1_0___s_e_c_o_n_d. Be aware that because the sorting is
lexical, not numeric, _/_e_t_c_/_s_u_d_o_e_r_s_._d_/_1___w_h_o_o_p_s would be loaded aafftteerr
_/_e_t_c_/_s_u_d_o_e_r_s_._d_/_1_0___s_e_c_o_n_d. Using a consistent number of leading zeroes
in the file names can be used to avoid such problems.
Note that unlike files included via #include, vviissuuddoo will not edit the
files in a #includedir directory unless one of them contains a syntax
error. It is still possible to run vviissuuddoo with the -f flag to edit the
files directly.
OOtthheerr ssppeecciiaall cchhaarraacctteerrss aanndd rreesseerrvveedd wwoorrddss OOtthheerr ssppeecciiaall cchhaarraacctteerrss aanndd rreesseerrvveedd wwoorrddss
The pound sign ('#') is used to indicate a comment (unless it is part The pound sign ('#') is used to indicate a comment (unless it is part
@@ -500,6 +520,18 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
The reserved word AALLLL is a built-in _a_l_i_a_s that always causes a match to The reserved word AALLLL is a built-in _a_l_i_a_s that always causes a match to
succeed. It can be used wherever one might otherwise use a Cmnd_Alias, succeed. It can be used wherever one might otherwise use a Cmnd_Alias,
User_Alias, Runas_Alias, or Host_Alias. You should not try to define User_Alias, Runas_Alias, or Host_Alias. You should not try to define
1.7.1 April 18, 2009 8
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
your own _a_l_i_a_s called AALLLL as the built-in alias will be used in your own _a_l_i_a_s called AALLLL as the built-in alias will be used in
preference to your own. Please note that using AALLLL can be dangerous preference to your own. Please note that using AALLLL can be dangerous
since in a command context, it allows the user to run aannyy command on since in a command context, it allows the user to run aannyy command on
@@ -521,17 +553,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
used as part of a word (e.g. a username or hostname): '@', '!', '=', used as part of a word (e.g. a username or hostname): '@', '!', '=',
':', ',', '(', ')', '\'. ':', ',', '(', ')', '\'.
1.7.1 March 11, 2009 8
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
SSUUDDOOEERRSS OOPPTTIIOONNSS SSUUDDOOEERRSS OOPPTTIIOONNSS
ssuuddoo's behavior can be modified by Default_Entry lines, as explained ssuuddoo's behavior can be modified by Default_Entry lines, as explained
earlier. A list of all supported Defaults parameters, grouped by type, earlier. A list of all supported Defaults parameters, grouped by type,
@@ -565,6 +586,18 @@ SSUUDDOOEERRSS OOPPTTIIOONNSS
alternative is to place a colon-separated list of alternative is to place a colon-separated list of
editors in the editor variable. vviissuuddoo will then only editors in the editor variable. vviissuuddoo will then only
use the EDITOR or VISUAL if they match a value use the EDITOR or VISUAL if they match a value
1.7.1 April 18, 2009 9
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
specified in editor. This flag is _o_f_f by default. specified in editor. This flag is _o_f_f by default.
env_reset If set, ssuuddoo will reset the environment to only contain env_reset If set, ssuuddoo will reset the environment to only contain
@@ -586,18 +619,6 @@ SSUUDDOOEERRSS OOPPTTIIOONNSS
working (for example if the machine is not plugged into working (for example if the machine is not plugged into
the network). Also note that you must use the host's the network). Also note that you must use the host's
official name as DNS knows it. That is, you may not official name as DNS knows it. That is, you may not
1.7.1 March 11, 2009 9
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
use a host alias (CNAME entry) due to performance use a host alias (CNAME entry) due to performance
issues and the fact that there is no way to get all issues and the fact that there is no way to get all
aliases from DNS. If your machine's hostname (as aliases from DNS. If your machine's hostname (as
@@ -631,6 +652,18 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
log_year If set, the four-digit year will be logged in the (non- log_year If set, the four-digit year will be logged in the (non-
syslog) ssuuddoo log file. This flag is _o_f_f by default. syslog) ssuuddoo log file. This flag is _o_f_f by default.
1.7.1 April 18, 2009 10
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
long_otp_prompt When validating with a One Time Password (OPT) scheme long_otp_prompt When validating with a One Time Password (OPT) scheme
such as SS//KKeeyy or OOPPIIEE, a two-line prompt is used to such as SS//KKeeyy or OOPPIIEE, a two-line prompt is used to
make it easier to cut and paste the challenge to a make it easier to cut and paste the challenge to a
@@ -652,18 +685,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
mail_no_perms If set, mail will be sent to the _m_a_i_l_t_o user if the mail_no_perms If set, mail will be sent to the _m_a_i_l_t_o user if the
invoking user is allowed to use ssuuddoo but the command invoking user is allowed to use ssuuddoo but the command
1.7.1 March 11, 2009 10
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
they are trying is not listed in their _s_u_d_o_e_r_s file they are trying is not listed in their _s_u_d_o_e_r_s file
entry or is explicitly denied. This flag is _o_f_f by entry or is explicitly denied. This flag is _o_f_f by
default. default.
@@ -697,6 +718,18 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
preserve_groups By default, ssuuddoo will initialize the group vector to preserve_groups By default, ssuuddoo will initialize the group vector to
the list of groups the target user is in. When the list of groups the target user is in. When
1.7.1 April 18, 2009 11
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
_p_r_e_s_e_r_v_e___g_r_o_u_p_s is set, the user's existing group _p_r_e_s_e_r_v_e___g_r_o_u_p_s is set, the user's existing group
vector is left unaltered. The real and effective group vector is left unaltered. The real and effective group
IDs, however, are still set to match the target user. IDs, however, are still set to match the target user.
@@ -718,18 +751,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
as _c_r_o_n(1m) or cgi-bin scripts. This flag is _o_f_f by as _c_r_o_n(1m) or cgi-bin scripts. This flag is _o_f_f by
default. default.
1.7.1 March 11, 2009 11
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
root_sudo If set, root is allowed to run ssuuddoo too. Disabling root_sudo If set, root is allowed to run ssuuddoo too. Disabling
this prevents users from "chaining" ssuuddoo commands to this prevents users from "chaining" ssuuddoo commands to
get a root shell by doing something like "sudo sudo get a root shell by doing something like "sudo sudo
@@ -763,6 +784,18 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
This can be done by negating the set_logname option. This can be done by negating the set_logname option.
Note that if the _e_n_v___r_e_s_e_t option has not been Note that if the _e_n_v___r_e_s_e_t option has not been
disabled, entries in the _e_n_v___k_e_e_p list will override disabled, entries in the _e_n_v___k_e_e_p list will override
1.7.1 April 18, 2009 12
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
the value of _s_e_t___l_o_g_n_a_m_e. This flag is _o_f_f by default. the value of _s_e_t___l_o_g_n_a_m_e. This flag is _o_f_f by default.
setenv Allow the user to disable the _e_n_v___r_e_s_e_t option from the setenv Allow the user to disable the _e_n_v___r_e_s_e_t option from the
@@ -784,18 +817,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
style globbing when matching pathnames. However, since style globbing when matching pathnames. However, since
it accesses the file system, _g_l_o_b(3) can take a long it accesses the file system, _g_l_o_b(3) can take a long
time to complete for some patterns, especially when the time to complete for some patterns, especially when the
1.7.1 March 11, 2009 12
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
pattern references a network file system that is pattern references a network file system that is
mounted on demand (automounted). The _f_a_s_t___g_l_o_b option mounted on demand (automounted). The _f_a_s_t___g_l_o_b option
causes ssuuddoo to use the _f_n_m_a_t_c_h(3) function, which does causes ssuuddoo to use the _f_n_m_a_t_c_h(3) function, which does
@@ -829,6 +850,18 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
user is logged in on in that directory. This flag is user is logged in on in that directory. This flag is
_o_f_f by default. _o_f_f by default.
1.7.1 April 18, 2009 13
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
umask_override If set, ssuuddoo will set the umask as specified by _s_u_d_o_e_r_s umask_override If set, ssuuddoo will set the umask as specified by _s_u_d_o_e_r_s
without modification. This makes it possible to without modification. This makes it possible to
specify a more permissive umask in _s_u_d_o_e_r_s than the specify a more permissive umask in _s_u_d_o_e_r_s than the
@@ -850,18 +883,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
things like "rsh somehost sudo ls" since _r_s_h(1) does things like "rsh somehost sudo ls" since _r_s_h(1) does
not allocate a tty. This flag is _o_f_f by default. not allocate a tty. This flag is _o_f_f by default.
1.7.1 March 11, 2009 13
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
IInntteeggeerrss: IInntteeggeerrss:
closefrom Before it executes a command, ssuuddoo will close all open closefrom Before it executes a command, ssuuddoo will close all open
@@ -896,6 +917,17 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
their own timestamps via sudo -v and sudo -k their own timestamps via sudo -v and sudo -k
respectively. respectively.
1.7.1 April 18, 2009 14
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
umask Umask to use when running the command. Negate this umask Umask to use when running the command. Negate this
option or set it to 0777 to preserve the user's umask. option or set it to 0777 to preserve the user's umask.
The actual umask that is used will be the union of the The actual umask that is used will be the union of the
@@ -916,18 +948,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
matches the user's EDITOR environment variable if matches the user's EDITOR environment variable if
possible, or the first editor in the list that exists possible, or the first editor in the list that exists
and is executable. The default is the path to vi on and is executable. The default is the path to vi on
1.7.1 March 11, 2009 14
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
your system. your system.
mailsub Subject of the mail sent to the _m_a_i_l_t_o user. The escape mailsub Subject of the mail sent to the _m_a_i_l_t_o user. The escape
@@ -962,6 +982,18 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
%u expanded to the invoking user's login name %u expanded to the invoking user's login name
1.7.1 April 18, 2009 15
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
%% two consecutive % characters are collapsed into a %% two consecutive % characters are collapsed into a
single % character single % character
@@ -982,18 +1014,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
changing the locale may affect how sudoers is changing the locale may affect how sudoers is
interpreted. Defaults to "C". interpreted. Defaults to "C".
1.7.1 March 11, 2009 15
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
timestampdir The directory in which ssuuddoo stores its timestamp files. timestampdir The directory in which ssuuddoo stores its timestamp files.
The default is _/_v_a_r_/_r_u_n_/_s_u_d_o. The default is _/_v_a_r_/_r_u_n_/_s_u_d_o.
@@ -1029,6 +1049,17 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
always Always lecture the user. always Always lecture the user.
1.7.1 April 18, 2009 16
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
never Never lecture the user. never Never lecture the user.
once Only lecture the user the first time they run ssuuddoo. once Only lecture the user the first time they run ssuuddoo.
@@ -1048,18 +1079,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
all All the user's _s_u_d_o_e_r_s entries for the current host all All the user's _s_u_d_o_e_r_s entries for the current host
must have the NOPASSWD flag set to avoid entering a must have the NOPASSWD flag set to avoid entering a
1.7.1 March 11, 2009 16
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
password. password.
always The user must always enter a password to use the --ll always The user must always enter a password to use the --ll
@@ -1095,6 +1114,18 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
ssuuddoo interpreting the @ sign. Defaults to root. ssuuddoo interpreting the @ sign. Defaults to root.
secure_path Path used for every command run from ssuuddoo. If you don't secure_path Path used for every command run from ssuuddoo. If you don't
1.7.1 April 18, 2009 17
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
trust the people running ssuuddoo to have a sane PATH trust the people running ssuuddoo to have a sane PATH
environment variable you may want to use this. Another use environment variable you may want to use this. Another use
is if you want to have the "root path" be separate from the is if you want to have the "root path" be separate from the
@@ -1114,18 +1145,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
password. password.
always The user must always enter a password to use the --vv always The user must always enter a password to use the --vv
1.7.1 March 11, 2009 17
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
option. option.
any At least one of the user's _s_u_d_o_e_r_s entries for the any At least one of the user's _s_u_d_o_e_r_s entries for the
@@ -1161,6 +1180,18 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
space-separated list or a single value without double- space-separated list or a single value without double-
quotes. The list can be replaced, added to, deleted quotes. The list can be replaced, added to, deleted
from, or disabled by using the =, +=, -=, and ! from, or disabled by using the =, +=, -=, and !
1.7.1 April 18, 2009 18
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
operators respectively. The default list of operators respectively. The default list of
environment variables to remove is displayed when ssuuddoo environment variables to remove is displayed when ssuuddoo
is run by root with the _-_V option. Note that many is run by root with the _-_V option. Note that many
@@ -1180,18 +1211,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
with the _-_V option. with the _-_V option.
When logging via _s_y_s_l_o_g(3), ssuuddoo accepts the following values for the When logging via _s_y_s_l_o_g(3), ssuuddoo accepts the following values for the
1.7.1 March 11, 2009 18
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
syslog facility (the value of the ssyysslloogg Parameter): aauutthhpprriivv (if your syslog facility (the value of the ssyysslloogg Parameter): aauutthhpprriivv (if your
OS supports it), aauutthh, ddaaeemmoonn, uusseerr, llooccaall00, llooccaall11, llooccaall22, llooccaall33, OS supports it), aauutthh, ddaaeemmoonn, uusseerr, llooccaall00, llooccaall11, llooccaall22, llooccaall33,
llooccaall44, llooccaall55, llooccaall66, and llooccaall77. The following syslog priorities llooccaall44, llooccaall55, llooccaall66, and llooccaall77. The following syslog priorities
@@ -1228,6 +1247,18 @@ EEXXAAMMPPLLEESS
Host_Alias SERVERS = master, mail, www, ns Host_Alias SERVERS = master, mail, www, ns
Host_Alias CDROM = orion, perseus, hercules Host_Alias CDROM = orion, perseus, hercules
1.7.1 April 18, 2009 19
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
# Cmnd alias specification # Cmnd alias specification
Cmnd_Alias DUMPS = /usr/bin/mt, /usr/sbin/dump, /usr/sbin/rdump,\ Cmnd_Alias DUMPS = /usr/bin/mt, /usr/sbin/dump, /usr/sbin/rdump,\
/usr/sbin/restore, /usr/sbin/rrestore /usr/sbin/restore, /usr/sbin/rrestore
@@ -1246,18 +1277,6 @@ EEXXAAMMPPLLEESS
to log via _s_y_s_l_o_g(3) using the _a_u_t_h facility in all cases. We don't to log via _s_y_s_l_o_g(3) using the _a_u_t_h facility in all cases. We don't
want to subject the full time staff to the ssuuddoo lecture, user mmiilllleerrtt want to subject the full time staff to the ssuuddoo lecture, user mmiilllleerrtt
need not give a password, and we don't want to reset the LOGNAME, USER need not give a password, and we don't want to reset the LOGNAME, USER
1.7.1 March 11, 2009 19
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
or USERNAME environment variables when running commands as root. or USERNAME environment variables when running commands as root.
Additionally, on the machines in the _S_E_R_V_E_R_S Host_Alias, we keep an Additionally, on the machines in the _S_E_R_V_E_R_S Host_Alias, we keep an
additional local log file and make sure we log the year in each log additional local log file and make sure we log the year in each log
@@ -1293,6 +1312,18 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
any host but they must authenticate themselves first (since the entry any host but they must authenticate themselves first (since the entry
lacks the NOPASSWD tag). lacks the NOPASSWD tag).
1.7.1 April 18, 2009 20
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
jack CSNETS = ALL jack CSNETS = ALL
The user jjaacckk may run any command on the machines in the _C_S_N_E_T_S alias The user jjaacckk may run any command on the machines in the _C_S_N_E_T_S alias
@@ -1312,18 +1343,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
The ooppeerraattoorr user may run commands limited to simple maintenance. The ooppeerraattoorr user may run commands limited to simple maintenance.
Here, those are commands related to backups, killing processes, the Here, those are commands related to backups, killing processes, the
printing system, shutting down the system, and any commands in the printing system, shutting down the system, and any commands in the
1.7.1 March 11, 2009 20
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
directory _/_u_s_r_/_o_p_e_r_/_b_i_n_/. directory _/_u_s_r_/_o_p_e_r_/_b_i_n_/.
joe ALL = /usr/bin/su operator joe ALL = /usr/bin/su operator
@@ -1359,6 +1378,18 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
john ALPHA = /usr/bin/su [!-]*, !/usr/bin/su *root* john ALPHA = /usr/bin/su [!-]*, !/usr/bin/su *root*
1.7.1 April 18, 2009 21
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
On the _A_L_P_H_A machines, user jjoohhnn may su to anyone except root but he is On the _A_L_P_H_A machines, user jjoohhnn may su to anyone except root but he is
not allowed to specify any options to the _s_u(1) command. not allowed to specify any options to the _s_u(1) command.
@@ -1378,18 +1409,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
The user sstteevvee may run any command in the directory The user sstteevvee may run any command in the directory
/usr/local/op_commands/ but only as user operator. /usr/local/op_commands/ but only as user operator.
1.7.1 March 11, 2009 21
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
matt valkyrie = KILL matt valkyrie = KILL
On his personal workstation, valkyrie, mmaatttt needs to be able to kill On his personal workstation, valkyrie, mmaatttt needs to be able to kill
@@ -1425,6 +1444,18 @@ SSEECCUURRIITTYY NNOOTTEESS
PPRREEVVEENNTTIINNGG SSHHEELLLL EESSCCAAPPEESS PPRREEVVEENNTTIINNGG SSHHEELLLL EESSCCAAPPEESS
Once ssuuddoo executes a program, that program is free to do whatever it Once ssuuddoo executes a program, that program is free to do whatever it
1.7.1 April 18, 2009 22
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
pleases, including run other programs. This can be a security issue pleases, including run other programs. This can be a security issue
since it is not uncommon for a program to allow shell escapes, which since it is not uncommon for a program to allow shell escapes, which
lets a user bypass ssuuddoo's access control and logging. Common programs lets a user bypass ssuuddoo's access control and logging. Common programs
@@ -1444,18 +1475,6 @@ PPRREEVVEENNTTIINNGG SSHHEELLLL EESSCCAAPPEESS
to override default library functions by pointing an to override default library functions by pointing an
environment variable (usually LD_PRELOAD) to an alternate environment variable (usually LD_PRELOAD) to an alternate
shared library. On such systems, ssuuddoo's _n_o_e_x_e_c functionality shared library. On such systems, ssuuddoo's _n_o_e_x_e_c functionality
1.7.1 March 11, 2009 22
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
can be used to prevent a program run by ssuuddoo from executing can be used to prevent a program run by ssuuddoo from executing
any other programs. Note, however, that this applies only to any other programs. Note, however, that this applies only to
native dynamically-linked executables. Statically-linked native dynamically-linked executables. Statically-linked
@@ -1491,6 +1510,18 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
This allows user aaaarroonn to run _/_u_s_r_/_b_i_n_/_m_o_r_e and _/_u_s_r_/_b_i_n_/_v_i This allows user aaaarroonn to run _/_u_s_r_/_b_i_n_/_m_o_r_e and _/_u_s_r_/_b_i_n_/_v_i
with _n_o_e_x_e_c enabled. This will prevent those two commands with _n_o_e_x_e_c enabled. This will prevent those two commands
1.7.1 April 18, 2009 23
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
from executing other commands (such as a shell). If you are from executing other commands (such as a shell). If you are
unsure whether or not your system is capable of supporting unsure whether or not your system is capable of supporting
_n_o_e_x_e_c you can always just try it out and see if it works. _n_o_e_x_e_c you can always just try it out and see if it works.
@@ -1510,18 +1541,6 @@ CCAAVVEEAATTSS
_s_u_d_o_e_r_s be free of syntax errors since ssuuddoo will not run with a _s_u_d_o_e_r_s be free of syntax errors since ssuuddoo will not run with a
syntactically incorrect _s_u_d_o_e_r_s file. syntactically incorrect _s_u_d_o_e_r_s file.
1.7.1 March 11, 2009 23
SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4)
When using netgroups of machines (as opposed to users), if you store When using netgroups of machines (as opposed to users), if you store
fully qualified hostnames in the netgroup (as is usually the case), you fully qualified hostnames in the netgroup (as is usually the case), you
either need to have the machine's hostname be fully qualified as either need to have the machine's hostname be fully qualified as
@@ -1560,25 +1579,6 @@ DDIISSCCLLAAIIMMEERR
1.7.1 April 18, 2009 24
1.7.1 March 11, 2009 24

40
sudoers.man.in
View File

@@ -153,7 +153,7 @@
.\" ======================================================================== .\" ========================================================================
.\" .\"
.IX Title "SUDOERS @mansectform@" .IX Title "SUDOERS @mansectform@"
.TH SUDOERS @mansectform@ "March 11, 2009" "1.7.1" "MAINTENANCE COMMANDS" .TH SUDOERS @mansectform@ "April 18, 2009" "1.7.1" "MAINTENANCE COMMANDS"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents. .\" way too many mistakes in technical documents.
.if n .ad l .if n .ad l
@@ -598,13 +598,15 @@ with \fBany\fR arguments.
.Sh "Including other files from within sudoers" .Sh "Including other files from within sudoers"
.IX Subsection "Including other files from within sudoers" .IX Subsection "Including other files from within sudoers"
It is possible to include other \fIsudoers\fR files from within the It is possible to include other \fIsudoers\fR files from within the
\&\fIsudoers\fR file currently being parsed using the \f(CW\*(C`#include\*(C'\fR \&\fIsudoers\fR file currently being parsed using the \f(CW\*(C`#include\*(C'\fR and
directive, similar to the one used by the C preprocessor. This is \&\f(CW\*(C`#includedir\*(C'\fR directives.
useful, for example, for keeping a site-wide \fIsudoers\fR file in .PP
addition to a per-machine local one. For the sake of this example This can be used, for example, to keep a site-wide \fIsudoers\fR file
the site-wide \fIsudoers\fR will be \fI/etc/sudoers\fR and the per-machine in addition to a local, per-machine file. For the sake of this
one will be \fI/etc/sudoers.local\fR. To include \fI/etc/sudoers.local\fR example the site-wide \fIsudoers\fR will be \fI/etc/sudoers\fR and the
from within \fI/etc/sudoers\fR we would use the following line in \fI/etc/sudoers\fR: per-machine one will be \fI/etc/sudoers.local\fR. To include
\&\fI/etc/sudoers.local\fR from within \fI/etc/sudoers\fR we would use the
following line in \fI/etc/sudoers\fR:
.Sp .Sp
.RS 4 .RS 4
\&\f(CW\*(C`#include /etc/sudoers.local\*(C'\fR \&\f(CW\*(C`#include /etc/sudoers.local\*(C'\fR
@@ -625,6 +627,28 @@ of the hostname. I.e., if the machine's hostname is \*(L"xerxes\*(R", then
.Ve .Ve
.PP .PP
will cause \fBsudo\fR to include the file \fI/etc/sudoers.xerxes\fR. will cause \fBsudo\fR to include the file \fI/etc/sudoers.xerxes\fR.
.PP
The \f(CW\*(C`#includedir\*(C'\fR directive can be used to create a \fIsudo.d\fR
directory that the system package manager can drop \fIsudoers\fR rules
into as part of package installation. For example, given:
.PP
.Vb 1
\& #includedir /etc/sudoers.d
.Ve
.PP
\&\fBsudo\fR will read each file in \fI/etc/sudoers.d\fR, skipping files
that end in \*(L".tmp\*(R" to avoid causing problems with \fBvisudo\fR. Files
are parsed in sorted lexical order. That is, \fI/etc/sudoers.d/01_first\fR
will be parsed before \fI/etc/sudoers.d/10_second\fR. Be aware that
because the sorting is lexical, not numeric, \fI/etc/sudoers.d/1_whoops\fR
would be loaded \fBafter\fR \fI/etc/sudoers.d/10_second\fR. Using a
consistent number of leading zeroes in the file names can be used
to avoid such problems.
.PP
Note that unlike files included via \f(CW\*(C`#include\*(C'\fR, \fBvisudo\fR will not
edit the files in a \f(CW\*(C`#includedir\*(C'\fR directory unless one of them
contains a syntax error. It is still possible to run \fBvisudo\fR
with the \f(CW\*(C`\-f\*(C'\fR flag to edit the files directly.
.Sh "Other special characters and reserved words" .Sh "Other special characters and reserved words"
.IX Subsection "Other special characters and reserved words" .IX Subsection "Other special characters and reserved words"
The pound sign ('#') is used to indicate a comment (unless it is The pound sign ('#') is used to indicate a comment (unless it is

36
sudoers.pod
View File

@@ -441,13 +441,15 @@ with B<any> arguments.
=head2 Including other files from within sudoers =head2 Including other files from within sudoers
It is possible to include other I<sudoers> files from within the It is possible to include other I<sudoers> files from within the
I<sudoers> file currently being parsed using the C<#include> I<sudoers> file currently being parsed using the C<#include> and
directive, similar to the one used by the C preprocessor. This is C<#includedir> directives.
useful, for example, for keeping a site-wide I<sudoers> file in
addition to a per-machine local one. For the sake of this example This can be used, for example, to keep a site-wide I<sudoers> file
the site-wide I<sudoers> will be F</etc/sudoers> and the per-machine in addition to a local, per-machine file. For the sake of this
one will be F</etc/sudoers.local>. To include F</etc/sudoers.local> example the site-wide I<sudoers> will be F</etc/sudoers> and the
from within F</etc/sudoers> we would use the following line in F</etc/sudoers>: per-machine one will be F</etc/sudoers.local>. To include
F</etc/sudoers.local> from within F</etc/sudoers> we would use the
following line in F</etc/sudoers>:
=over 4 =over 4
@@ -469,6 +471,26 @@ of the hostname. I.e., if the machine's hostname is "xerxes", then
will cause B<sudo> to include the file F</etc/sudoers.xerxes>. will cause B<sudo> to include the file F</etc/sudoers.xerxes>.
The C<#includedir> directive can be used to create a F<sudo.d>
directory that the system package manager can drop I<sudoers> rules
into as part of package installation. For example, given:
#includedir /etc/sudoers.d
B<sudo> will read each file in F</etc/sudoers.d>, skipping files
that end in ".tmp" to avoid causing problems with B<visudo>. Files
are parsed in sorted lexical order. That is, F</etc/sudoers.d/01_first>
will be parsed before F</etc/sudoers.d/10_second>. Be aware that
because the sorting is lexical, not numeric, F</etc/sudoers.d/1_whoops>
would be loaded B<after> F</etc/sudoers.d/10_second>. Using a
consistent number of leading zeroes in the file names can be used
to avoid such problems.
Note that unlike files included via C<#include>, B<visudo> will not
edit the files in a C<#includedir> directory unless one of them
contains a syntax error. It is still possible to run B<visudo>
with the C<-f> flag to edit the files directly.
=head2 Other special characters and reserved words =head2 Other special characters and reserved words
The pound sign ('#') is used to indicate a comment (unless it is The pound sign ('#') is used to indicate a comment (unless it is

3
testsudoers.c
View File

@@ -373,8 +373,9 @@ set_fqdn()
} }
FILE * FILE *
open_sudoers(path, keepopen) open_sudoers(path, isdir, keepopen)
const char *path; const char *path;
int isdir;
int *keepopen; int *keepopen;
{ {
return(fopen(path, "r")); return(fopen(path, "r"));

1681
toke.c
View File

File diff suppressed because it is too large Load Diff

245
toke.l
View File

@@ -27,6 +27,7 @@
#include <sys/types.h> #include <sys/types.h>
#include <sys/param.h> #include <sys/param.h>
#include <sys/stat.h>
#include <stdio.h> #include <stdio.h>
#ifdef STDC_HEADERS #ifdef STDC_HEADERS
# include <stdlib.h> # include <stdlib.h>
@@ -50,6 +51,7 @@
# include <malloc.h> # include <malloc.h>
#endif /* HAVE_MALLOC_H && !STDC_HEADERS */ #endif /* HAVE_MALLOC_H && !STDC_HEADERS */
#include <ctype.h> #include <ctype.h>
#include <dirent.h>
#include "sudo.h" #include "sudo.h"
#include "parse.h" #include "parse.h"
#include <gram.h> #include <gram.h>
@@ -69,15 +71,16 @@ static int append __P((char *, int));
static int _fill __P((char *, int, int)); static int _fill __P((char *, int, int));
static int fill_cmnd __P((char *, int)); static int fill_cmnd __P((char *, int));
static int fill_args __P((char *, int, int)); static int fill_args __P((char *, int, int));
static int switch_buffer __P((char *)); static int _push_include __P((char *, int));
static int pop_include __P((void));
static int ipv6_valid __P((const char *s)); static int ipv6_valid __P((const char *s));
static char *parse_include __P((char *)); static char *parse_include __P((char *));
extern void yyerror __P((const char *)); extern void yyerror __P((const char *));
#define fill(a, b) _fill(a, b, 0) #define fill(a, b) _fill(a, b, 0)
#define push_include(_p) (switch_buffer((_p))) #define push_include(_p) (_push_include((_p), FALSE))
#define pop_include() (switch_buffer(NULL)) #define push_includedir(_p) (_push_include((_p), TRUE))
/* realloc() to size + COMMANDARGINC to make room for command args */ /* realloc() to size + COMMANDARGINC to make room for command args */
#define COMMANDARGINC 64 #define COMMANDARGINC 64
@@ -227,6 +230,19 @@ DEFVAR [a-z_]+
yyterminate(); yyterminate();
} }
<INITIAL>^#includedir[[:blank:]]+\/.*\n {
char *path;
if ((path = parse_include(yytext)) == NULL)
yyterminate();
LEXTRACE("INCLUDEDIR\n");
/* Push current buffer and switch to include file */
if (!push_includedir(path))
yyterminate();
}
<INITIAL>^[[:blank:]]*Defaults([:@>\!]{WORD})? { <INITIAL>^[[:blank:]]*Defaults([:@>\!]{WORD})? {
int n; int n;
for (n = 0; isblank((unsigned char)yytext[n]); n++) for (n = 0; isblank((unsigned char)yytext[n]); n++)
@@ -605,63 +621,228 @@ fill_args(s, len, addspace)
return(TRUE); return(TRUE);
} }
struct sudoers_state { struct path_list {
char *path;
struct path_list *next;
};
struct include_stack {
YY_BUFFER_STATE bs; YY_BUFFER_STATE bs;
char *path; char *path;
struct path_list *more; /* more files in case of includedir */
int lineno; int lineno;
int keepopen;
}; };
static int
pl_compare(v1, v2)
const void *v1;
const void *v2;
{
const struct path_list * const *p1 = v1;
const struct path_list * const *p2 = v2;
return(strcmp((*p1)->path, (*p2)->path));
}
static char *
switch_dir(stack, dirpath)
struct include_stack *stack;
char *dirpath;
{
DIR *dir;
int i, count = 0;
char *path = NULL;
struct dirent *dent;
struct stat sb;
struct path_list *pl, *first = NULL;
struct path_list **sorted = NULL;
if (!(dir = opendir(dirpath))) {
yyerror(dirpath);
return(FALSE);
}
while ((dent = readdir(dir))) {
/* Ignore visudo .tmp files. */
if (dent->d_namlen > 4 &&
strcmp(dent->d_name + dent->d_namlen - 4, ".tmp") == 0) {
continue;
}
if (asprintf(&path, "%s/%s", dirpath, dent->d_name) == -1) {
closedir(dir);
goto bad;
}
if (stat(path, &sb) != 0 || !S_ISREG(sb.st_mode)) {
efree(path);
continue;
}
pl = malloc(sizeof(*pl));
if (pl == NULL)
goto bad;
pl->path = path;
pl->next = first;
first = pl;
count++;
}
closedir(dir);
if (count == 0)
goto done;
/* Sort the list as an array. */
sorted = malloc(sizeof(*sorted) * count);
if (sorted == NULL)
goto bad;
pl = first;
for (i = 0; i < count; i++) {
sorted[i] = pl;
pl = pl->next;
}
qsort(sorted, count, sizeof(*sorted), pl_compare);
/* Apply sorting to the list. */
first = sorted[0];
sorted[count - 1]->next = NULL;
for (i = 1; i < count; i++)
sorted[i - 1]->next = sorted[i];
efree(sorted);
/* Pull out the first element for parsing, leave the rest for later. */
if (count) {
path = first->path;
pl = first->next;
efree(first);
stack->more = pl;
} else {
path = NULL;
}
done:
efree(dirpath);
return(path);
bad:
while (first != NULL) {
pl = first;
first = pl->next;
free(pl->path);
free(pl);
}
efree(sorted);
efree(dirpath);
efree(path);
return(NULL);
}
#define MAX_SUDOERS_DEPTH 128 #define MAX_SUDOERS_DEPTH 128
#define SUDOERS_STACK_INCREMENT 16 #define SUDOERS_STACK_INCREMENT 16
static int static size_t istacksize, idepth;
switch_buffer(path) static struct include_stack *istack;
char *path; static int keepopen;
void
init_lexer()
{
struct path_list *pl;
while (idepth) {
idepth--;
while ((pl = istack[idepth].more) != NULL) {
istack[idepth].more = pl->next;
efree(pl->path);
efree(pl);
}
efree(istack[idepth].path);
if (!istack[idepth].keepopen)
fclose(istack[idepth].bs->yy_input_file);
yy_delete_buffer(istack[idepth].bs);
}
efree(istack);
istack = NULL;
istacksize = idepth = 0;
keepopen = FALSE;
}
static int
_push_include(path, isdir)
char *path;
int isdir;
{ {
static size_t stacksize, depth;
static struct sudoers_state *state;
static int keepopen;
FILE *fp; FILE *fp;
if (path != NULL) { /* push current state onto stack */
/* push current state */ if (idepth >= istacksize) {
if (depth >= stacksize) { if (idepth > MAX_SUDOERS_DEPTH) {
if (depth > MAX_SUDOERS_DEPTH) {
yyerror("too many levels of includes"); yyerror("too many levels of includes");
return(FALSE); return(FALSE);
} }
stacksize += SUDOERS_STACK_INCREMENT; istacksize += SUDOERS_STACK_INCREMENT;
state = (struct sudoers_state *) realloc(state, istack = (struct include_stack *) realloc(istack,
sizeof(state) * stacksize); sizeof(istack) * istacksize);
if (state == NULL) { if (istack == NULL) {
yyerror("unable to allocate memory"); yyerror("unable to allocate memory");
return(FALSE); return(FALSE);
} }
} }
if ((fp = open_sudoers(path, &keepopen)) == NULL) { if (isdir) {
if (!(path = switch_dir(&istack[idepth], path))) {
yyerror(path); yyerror(path);
return(FALSE); return(FALSE);
} }
state[depth].bs = YY_CURRENT_BUFFER; if ((fp = open_sudoers(path, FALSE, &keepopen)) == NULL) {
state[depth].path = sudoers; yyerror(path);
state[depth].lineno = sudolineno; return(FALSE); /* XXX - just to go next one? */
depth++; }
} else {
if ((fp = open_sudoers(path, TRUE, &keepopen)) == NULL) {
yyerror(path);
return(FALSE);
}
istack[idepth].more = NULL;
}
/* Push the old (current) file and open the new one. */
istack[idepth].path = sudoers; /* push old path */
istack[idepth].bs = YY_CURRENT_BUFFER;
istack[idepth].lineno = sudolineno;
istack[idepth].keepopen = keepopen;
idepth++;
sudolineno = 1; sudolineno = 1;
sudoers = path; sudoers = path;
yy_switch_to_buffer(yy_create_buffer(fp, YY_BUF_SIZE)); yy_switch_to_buffer(yy_create_buffer(fp, YY_BUF_SIZE));
} else {
/* pop */ return(TRUE);
if (depth == 0) }
static int
pop_include()
{
struct path_list *pl;
FILE *fp;
if (idepth == 0)
return(FALSE); return(FALSE);
depth--;
if (!keepopen) if (!keepopen)
fclose(YY_CURRENT_BUFFER->yy_input_file); fclose(YY_CURRENT_BUFFER->yy_input_file);
yy_delete_buffer(YY_CURRENT_BUFFER); yy_delete_buffer(YY_CURRENT_BUFFER);
yy_switch_to_buffer(state[depth].bs);
efree(sudoers);
sudoers = state[depth].path;
sudolineno = state[depth].lineno;
keepopen = FALSE; keepopen = FALSE;
if ((pl = istack[idepth - 1].more) != NULL) {
/* Move to next file in the dir. */
istack[idepth - 1].more = pl->next;
if ((fp = open_sudoers(pl->path, FALSE, &keepopen)) == NULL) {
yyerror(pl->path);
return(FALSE); /* XXX - just to go next one? */
}
efree(sudoers);
sudoers = pl->path;
sudolineno = 1;
yy_switch_to_buffer(yy_create_buffer(fp, YY_BUF_SIZE));
efree(pl);
} else {
idepth--;
yy_switch_to_buffer(istack[idepth].bs);
efree(sudoers);
sudoers = istack[idepth].path;
sudolineno = istack[idepth].lineno;
} }
return(TRUE); return(TRUE);
} }
@@ -676,6 +857,8 @@ parse_include(base)
/* Pull out path from #include line. */ /* Pull out path from #include line. */
cp = base + sizeof("#include"); cp = base + sizeof("#include");
if (*cp == 'i')
cp += 3; /* includedir */
while (isblank((unsigned char) *cp)) while (isblank((unsigned char) *cp))
cp++; cp++;
ep = cp; ep = cp;

13
visudo.c
View File

@@ -93,10 +93,11 @@ __unused static const char rcsid[] = "$Sudo$";
struct sudoersfile { struct sudoersfile {
char *path; char *path;
int fd;
char *tpath; char *tpath;
int fd;
int tfd; int tfd;
int modified; int modified;
int doedit;
struct sudoersfile *next; struct sudoersfile *next;
}; };
@@ -215,8 +216,9 @@ main(argc, argv)
* Parse the existing sudoers file(s) in quiet mode to highlight any * Parse the existing sudoers file(s) in quiet mode to highlight any
* existing errors and to pull in editor and env_editor conf values. * existing errors and to pull in editor and env_editor conf values.
*/ */
if ((yyin = open_sudoers(sudoers_path, NULL)) == NULL) if ((yyin = open_sudoers(sudoers_path, TRUE, NULL)) == NULL) {
error(1, "%s", sudoers_path); error(1, "%s", sudoers_path);
}
init_parser(sudoers_path, 0); init_parser(sudoers_path, 0);
yyparse(); yyparse();
(void) update_defaults(SETDEF_GENERIC|SETDEF_HOST|SETDEF_USER); (void) update_defaults(SETDEF_GENERIC|SETDEF_HOST|SETDEF_USER);
@@ -228,6 +230,8 @@ main(argc, argv)
/* Edit the sudoers file(s) */ /* Edit the sudoers file(s) */
tq_foreach_fwd(&sudoerslist, sp) { tq_foreach_fwd(&sudoerslist, sp) {
if (!sp->doedit)
continue;
if (sp != tq_first(&sudoerslist)) { if (sp != tq_first(&sudoerslist)) {
printf("press return to edit %s: ", sp->path); printf("press return to edit %s: ", sp->path);
while ((ch = getchar()) != EOF && ch != '\n') while ((ch = getchar()) != EOF && ch != '\n')
@@ -747,8 +751,9 @@ check_syntax(sudoers_path, quiet, strict)
* any subsequent files #included via a callback from the parser. * any subsequent files #included via a callback from the parser.
*/ */
FILE * FILE *
open_sudoers(path, keepopen) open_sudoers(path, doedit, keepopen)
const char *path; const char *path;
int doedit;
int *keepopen; int *keepopen;
{ {
struct sudoersfile *entry; struct sudoersfile *entry;
@@ -766,6 +771,8 @@ open_sudoers(path, keepopen)
entry->next = NULL; entry->next = NULL;
entry->fd = open(entry->path, O_RDWR | O_CREAT, SUDOERS_MODE); entry->fd = open(entry->path, O_RDWR | O_CREAT, SUDOERS_MODE);
entry->tpath = NULL; entry->tpath = NULL;
entry->tfd = -1;
entry->doedit = doedit;
if (entry->fd == -1) { if (entry->fd == -1) {
warning("%s", entry->path); warning("%s", entry->path);
efree(entry); efree(entry);