isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Transparently handle the "sudo sudoedit" problem.

Browse Source 
Some admin are confused about how to give users sudoedit permission
and many users try to run sudoedit via sudo instead of directly.
If the user runs "sudo sudoedit" sudo will now treat it as plain
"sudoedit" after issuing a warning.  If the admin has specified a
fully-qualified path for sudoedit in sudoers, sudo will treat it
as just "sudoedit" and match accordingly.  In visudo (but not sudo),
a fully-qualified path for sudoedit is now treated as an error.
This commit is contained in:
Todd C. Miller
2019-11-05 15:18:34 -07:00
parent 73031bbb55
commit 635445d471
12 changed files with 167 additions and 117 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
plugins/sudoers/parse.h
View File

@@ -290,7 +290,7 @@ void alias_put(struct alias *a);
/* gram.c */
extern struct sudoers_parse_tree parsed_policy;
bool init_parser(const char *path, bool quiet);
bool init_parser(const char *path, bool quiet, bool strict);
void free_member(struct member *m);
void free_members(struct member_list *members);
void free_privilege(struct privilege *priv);