Add a source to struct sudo_nss and use it if getdefs() fails.

Also remove useless "Problem with defaults entries" warning in testsudoers.
2022-03-09 12:38:25 -07:00
parent 31ab2e2297
commit 6ec279532e
8 changed files with 23 additions and 11 deletions
--- a/plugins/sudoers/file.c
+++ b/plugins/sudoers/file.c
@@ -146,6 +146,7 @@ sudo_file_getdefs(struct sudo_nss *nss)
 /* sudo_nss implementation */
 struct sudo_nss sudo_nss_file = {
    { NULL, NULL },
    "sudoers",
    sudo_file_open,
    sudo_file_close,
    sudo_file_parse,
--- a/plugins/sudoers/ldap.c
+++ b/plugins/sudoers/ldap.c
@@ -2143,6 +2143,7 @@ sudo_ldap_result_from_search(LDAP *ldap, LDAPMessage *searchresult)
 /* sudo_nss implementation */
 struct sudo_nss sudo_nss_ldap = {
    { NULL, NULL },
    "ldap",
    sudo_ldap_open,
    sudo_ldap_close,
    sudo_ldap_parse,
--- a/plugins/sudoers/regress/fuzz/fuzz_policy.c
+++ b/plugins/sudoers/regress/fuzz/fuzz_policy.c
@@ -660,6 +660,7 @@ sudo_file_getdefs(struct sudo_nss *nss)
 static struct sudo_nss sudo_nss_file = {
    { NULL, NULL },
    "sudoers",
    sudo_file_open,
    sudo_file_close,
    sudo_file_parse,
--- a/plugins/sudoers/regress/sudoers/test18.out.ok
+++ b/plugins/sudoers/regress/sudoers/test18.out.ok
@@ -1,4 +1,3 @@
 Problem with defaults entries
 Defaults command_timeout=2d8h10m59ss
 Defaults:root command_timeout=15f
--- a/plugins/sudoers/sssd.c
+++ b/plugins/sudoers/sssd.c
@@ -802,6 +802,7 @@ bad:
 /* sudo_nss implementation */
 struct sudo_nss sudo_nss_sss = {
    { NULL, NULL },
    "sss",
    sudo_sss_open,
    sudo_sss_close,
    sudo_sss_parse,
--- a/plugins/sudoers/sudo_nss.h
+++ b/plugins/sudoers/sudo_nss.h
@@ -27,6 +27,7 @@ struct defaults_list;
 /* XXX - parse_tree, ret_if_found and ret_if_notfound should be private */
 struct sudo_nss {
    TAILQ_ENTRY(sudo_nss) entries;
    const char *source;
    int (*open)(struct sudo_nss *nss);
    int (*close)(struct sudo_nss *nss);
    struct sudoers_parse_tree *(*parse)(struct sudo_nss *nss);
--- a/plugins/sudoers/sudoers.c
+++ b/plugins/sudoers/sudoers.c
@@ -168,7 +168,11 @@ sudoers_reinit_defaults(void)
    }
    TAILQ_FOREACH_SAFE(nss, snl, entries, nss_next) {
-	if (nss->getdefs(nss) == -1 || !update_defaults(nss->parse_tree, NULL,
+	if (nss->getdefs(nss) == -1) {
 	    log_warningx(SLOG_SEND_MAIL|SLOG_NO_STDERR,
 		N_("unable to get defaults from %s"), nss->source);
 	}
 	if (!update_defaults(nss->parse_tree, NULL,
 		SETDEF_GENERIC|SETDEF_HOST|SETDEF_USER|SETDEF_RUNAS, false)) {
 	    log_warningx(SLOG_SEND_MAIL|SLOG_NO_STDERR,
 		N_("problem with defaults entries"));
@@ -243,7 +247,11 @@ sudoers_init(void *info, char * const envp[])
 	}
 	sources++;
-	if (nss->getdefs(nss) == -1 || !update_defaults(nss->parse_tree, NULL,
+	if (nss->getdefs(nss) == -1) {
 	    log_warningx(SLOG_SEND_MAIL|SLOG_NO_STDERR,
 		N_("unable to get defaults from %s"), nss->source);
 	}
 	if (!update_defaults(nss->parse_tree, NULL,
 		SETDEF_GENERIC|SETDEF_HOST|SETDEF_USER|SETDEF_RUNAS, false)) {
 	    log_warningx(SLOG_SEND_MAIL|SLOG_NO_STDERR,
 		N_("problem with defaults entries"));
--- a/plugins/sudoers/testsudoers.c
+++ b/plugins/sudoers/testsudoers.c
@@ -292,18 +292,18 @@ main(int argc, char *argv[])
 	}
        break;
    case format_sudoers:
-	if (sudoersparse() != 0 || parse_error)
+	if (sudoersparse() != 0)
 	    parse_error = true;
        break;
    default:
        sudo_fatalx("error: unhandled input %d", input_format);
    }
    if (!update_defaults(&parsed_policy, NULL, SETDEF_ALL, false))
 	parse_error = true;
    if (!parse_error)
 	(void) puts("Parses OK");
    if (!update_defaults(&parsed_policy, NULL, SETDEF_ALL, false))
 	(void) puts("Problem with defaults entries");
    if (dflag) {
 	(void) putchar('\n');
 	dump_sudoers(&lbuf);