isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Allow defaults types and suppression list to be specified in

Browse Source 
the config file.
This commit is contained in:
Todd C. Miller
2018-04-02 07:41:56 -06:00
parent 18ba38ef4c
commit 5c1d9899e1
5 changed files with 48 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
doc/cvtsudoers.cat
View File

@@ -161,6 +161,9 @@ DDEESSCCRRIIPPTTIIOONN
configuration file, _/_e_t_c_/_c_v_t_s_u_d_o_e_r_s_._c_o_n_f by default. The following configuration file, _/_e_t_c_/_c_v_t_s_u_d_o_e_r_s_._c_o_n_f by default. The following
keywords are recognized: keywords are recognized:
ddeeffaauullttss == _d_e_f_t_y_p_e_s
See the description of the --dd command line option.
eexxppaanndd__aalliiaasseess == _y_e_s | _n_o eexxppaanndd__aalliiaasseess == _y_e_s | _n_o
See the description of the --ee command line option. See the description of the --ee command line option.
@@ -182,6 +185,9 @@ DDEESSCCRRIIPPTTIIOONN
ssuuddooeerrss__bbaassee == _d_n ssuuddooeerrss__bbaassee == _d_n
See the description of the --bb command line option. See the description of the --bb command line option.
ssuupppprreessss == _s_e_c_t_i_o_n_s
See the description of the --ss command line option.
Options on the command line will override values from the configuration Options on the command line will override values from the configuration
file. file.
@@ -217,4 +223,4 @@ DDIISSCCLLAAIIMMEERR
file distributed with ssuuddoo or https://www.sudo.ws/license.html for file distributed with ssuuddoo or https://www.sudo.ws/license.html for
complete details. complete details.
Sudo 1.8.23 March 28, 2018 Sudo 1.8.23 Sudo 1.8.23 March 30, 2018 Sudo 1.8.23

12
doc/cvtsudoers.man.in
View File

@@ -16,7 +16,7 @@
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\" .\"
.TH "CVTSUDOERS" "1" "March 28, 2018" "Sudo @PACKAGE_VERSION@" "General Commands Manual" .TH "CVTSUDOERS" "1" "March 30, 2018" "Sudo @PACKAGE_VERSION@" "General Commands Manual"
.nh .nh
.if n .ad l .if n .ad l
.SH "NAME" .SH "NAME"
@@ -305,6 +305,11 @@ may also be specified in a configuration file,
by default. by default.
The following keywords are recognized: The following keywords are recognized:
.TP 6n .TP 6n
\fBdefaults =\fR \fIdeftypes\fR
See the description of the
\fB\-d\fR
command line option.
.TP 6n
\fBexpand_aliases =\fR \fIyes\fR | \fIno\fR \fBexpand_aliases =\fR \fIyes\fR | \fIno\fR
See the description of the See the description of the
\fB\-e\fR \fB\-e\fR
@@ -339,6 +344,11 @@ command line option.
See the description of the See the description of the
\fB\-b\fR \fB\-b\fR
command line option. command line option.
.TP 6n
\fBsuppress =\fR \fIsections\fR
See the description of the
\fB\-s\fR
command line option.
.PP .PP
Options on the command line will override values from the Options on the command line will override values from the
configuration file. configuration file.

10
doc/cvtsudoers.mdoc.in
View File

@@ -14,7 +14,7 @@
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\" .\"
.Dd March 28, 2018 .Dd March 30, 2018
.Dt CVTSUDOERS 1 .Dt CVTSUDOERS 1
.Os Sudo @PACKAGE_VERSION@ .Os Sudo @PACKAGE_VERSION@
.Sh NAME .Sh NAME
@@ -256,6 +256,10 @@ may also be specified in a configuration file,
by default. by default.
The following keywords are recognized: The following keywords are recognized:
.Bl -tag -width 4n .Bl -tag -width 4n
.It Sy defaults = Ar deftypes
See the description of the
.Fl d
command line option.
.It Sy expand_aliases = Ar yes | no .It Sy expand_aliases = Ar yes | no
See the description of the See the description of the
.Fl e .Fl e
@@ -284,6 +288,10 @@ command line option.
See the description of the See the description of the
.Fl b .Fl b
command line option. command line option.
.It Sy suppress = Ar sections
See the description of the
.Fl s
command line option.
.El .El
.Pp .Pp
Options on the command line will override values from the Options on the command line will override values from the

20
plugins/sudoers/cvtsudoers.c
View File

@@ -160,9 +160,7 @@ main(int argc, char *argv[])
/* handled above */ /* handled above */
break; break;
case 'd': case 'd':
conf->defaults = cvtsudoers_parse_defaults(optarg); conf->defstr = optarg;
if (conf->defaults == -1)
usage(1);
break; break;
case 'e': case 'e':
conf->expand_aliases = true; conf->expand_aliases = true;
@@ -210,9 +208,7 @@ main(int argc, char *argv[])
} }
break; break;
case 's': case 's':
conf->suppress = cvtsudoers_parse_suppression(optarg); conf->supstr = optarg;
if (conf->suppress == -1)
usage(1);
break; break;
case 'V': case 'V':
(void) printf(_("%s version %s\n"), getprogname(), (void) printf(_("%s version %s\n"), getprogname(),
@@ -258,6 +254,16 @@ main(int argc, char *argv[])
if (!cvtsudoers_parse_filter(conf->filter)) if (!cvtsudoers_parse_filter(conf->filter))
usage(1); usage(1);
} }
if (conf->defstr != NULL) {
conf->defaults = cvtsudoers_parse_defaults(conf->defstr);
if (conf->defaults == -1)
usage(1);
}
if (conf->supstr != NULL) {
conf->suppress = cvtsudoers_parse_suppression(conf->supstr);
if (conf->suppress == -1)
usage(1);
}
/* If no base DN specified, check SUDOERS_BASE. */ /* If no base DN specified, check SUDOERS_BASE. */
if (conf->sudoers_base == NULL) { if (conf->sudoers_base == NULL) {
@@ -347,6 +353,8 @@ static struct cvtsudoers_conf_table cvtsudoers_conf_vars[] = {
{ "input_format", CONF_STR, &cvtsudoers_config.input_format }, { "input_format", CONF_STR, &cvtsudoers_config.input_format },
{ "output_format", CONF_STR, &cvtsudoers_config.output_format }, { "output_format", CONF_STR, &cvtsudoers_config.output_format },
{ "match", CONF_STR, &cvtsudoers_config.filter }, { "match", CONF_STR, &cvtsudoers_config.filter },
{ "defaults", CONF_STR, &cvtsudoers_config.defstr },
{ "suppress", CONF_STR, &cvtsudoers_config.supstr },
{ "expand_aliases", CONF_BOOL, &cvtsudoers_config.expand_aliases } { "expand_aliases", CONF_BOOL, &cvtsudoers_config.expand_aliases }
}; };

12
plugins/sudoers/cvtsudoers.h
View File

@@ -52,20 +52,22 @@ struct cvtsudoers_str_list {
/* cvtsudoers.conf settings */ /* cvtsudoers.conf settings */
struct cvtsudoers_config { struct cvtsudoers_config {
char *sudoers_base;
char *input_format;
char *output_format;
char *filter;
unsigned int sudo_order; unsigned int sudo_order;
unsigned int order_increment; unsigned int order_increment;
short defaults; short defaults;
short suppress; short suppress;
bool expand_aliases; bool expand_aliases;
bool store_options; bool store_options;
char *sudoers_base;
char *input_format;
char *output_format;
char *filter;
char *defstr;
char *supstr;
}; };
/* Initial config settings for above. */ /* Initial config settings for above. */
#define INITIAL_CONFIG { NULL, NULL, NULL, NULL, 1, 1, CVT_DEFAULTS_ALL, 0, false, true } #define INITIAL_CONFIG { 1, 1, CVT_DEFAULTS_ALL, 0, false, true }
#define CONF_BOOL 0 #define CONF_BOOL 0
#define CONF_UINT 1 #define CONF_UINT 1