isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Copy command options when converting a sudoRole with multiple sudoCommands.

Browse Source 
A sudoRole with multiple sudoCommands is converted to a privilege
with multiple cmndspecs.  However, we were not copying some of the
command options to subsequent cmndspecs in the list.
This commit is contained in:
Todd C. Miller
2021-01-30 08:26:58 -07:00
parent 75f76eba81
commit 4eb591c6f3
1 changed files with 11 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
plugins/sudoers/ldap_util.c
View File

@@ -470,6 +470,17 @@ sudo_ldap_role_to_priv(const char *cn, void *hosts, void *runasusers,
cmndspec->runasgrouplist = prev_cmndspec->runasgrouplist;
cmndspec->notbefore = prev_cmndspec->notbefore;
cmndspec->notafter = prev_cmndspec->notafter;
cmndspec->timeout = prev_cmndspec->timeout;
cmndspec->runchroot = prev_cmndspec->runchroot;
cmndspec->runcwd = prev_cmndspec->runcwd;
#ifdef HAVE_SELINUX
cmndspec->role = prev_cmndspec->role;
cmndspec->type = prev_cmndspec->type;
#endif /* HAVE_SELINUX */
#ifdef HAVE_PRIV_SET
cmndspec->privs = prev_cmndspec->privs;
cmndspec->limitprivs = prev_cmndspec->limitprivs;
#endif /* HAVE_PRIV_SET */
cmndspec->tags = prev_cmndspec->tags;
if (cmndspec->tags.setenv == IMPLIED)
cmndspec->tags.setenv = UNSPEC;