isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

o Change defaults stuff to put the value right in the struct.

Browse Source 
o Implement mailer_flags
o Store syslog stuff both in int and string form.  Setting the string
  form magically updates the int version.
o Add boolean attribute to strings where it makes sense to say !foo
This commit is contained in:
Todd C. Miller
1999-10-07 21:21:08 +00:00
parent cc82693f58
commit 7769bf6a32
20 changed files with 994 additions and 879 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
INSTALL
View File

@@ -219,12 +219,12 @@ Special features/options:
If set, sudo will ignore '.' or '' (current dir) in $PATH.
The $PATH itself is not modified.
--with-alertmail
--with-mailto
User that mail from sudo is sent to. This should go to a sysadmin at
your site. The default is "root".
--with-mailsubject
Subject of the mail sent to the "alertmail" user. The token "%h"
Subject of the mail sent to the "mailto" user. The token "%h"
will expand to the hostname of the machine.
Default is "*** SECURITY information for %h ***".
@@ -268,7 +268,7 @@ Special features/options:
Override configure's guess as to the location of sendmail.
--without-sendmail
Do not use sendmail to mail messages to the "alertmail" user.
Do not use sendmail to mail messages to the "mailto" user.
Use only if don't run sendmail or the equivalent.
--with-sudoers-mode=mode

4
TODO
View File

@@ -74,3 +74,7 @@ TODO list (most will be addressed in sudo 2.0)
26) Look into %e, %p, %k in parse.lex
27) Document Defaults stuff in sudoers.pod
28) Make syslog stuff work on vanilla ultrix
29) Implement date_format and log_format options.

2
auth/aix_auth.c
View File

@@ -67,7 +67,7 @@ aixauth_verify(pw, prompt, auth)
char *message, *pass;
int reenter = 1;
pass = tgetpass(prompt, sudo_inttable[I_PW_TIMEOUT] * 60, 1);
pass = tgetpass(prompt, def_ival(I_PW_TIMEOUT) * 60, 1);
if (authenticate(pw->pw_name, pass, &reenter, &message) == 0)
return(AUTH_SUCCESS);
else

4
auth/fwtk.c
View File

@@ -117,9 +117,9 @@ fwtk_verify(pw, prompt, auth)
/* Get the password/response from the user. */
if (strncmp(resp, "challenge ", 10) == 0) {
(void) snprintf(buf, sizeof(buf), "%s\nResponse: ", &resp[10]);
pass = tgetpass(buf, sudo_inttable[I_PW_TIMEOUT] * 60, 0);
pass = tgetpass(buf, def_ival(I_PW_TIMEOUT) * 60, 0);
} else if (strncmp(resp, "password", 8) == 0) {
pass = tgetpass(prompt, sudo_inttable[I_PW_TIMEOUT] * 60, 1);
pass = tgetpass(prompt, def_ival(I_PW_TIMEOUT) * 60, 1);
} else {
(void) fprintf(stderr, "%s: %s\n", Argv[0], resp);
return(AUTH_FATAL);

2
auth/pam.c
View File

@@ -143,7 +143,7 @@ sudo_conv(num_msg, msg, response, appdata_ptr)
if (strcmp(p, "Password: ") && strcmp(p, "Password:"))
p = (char *) pm->msg;
pr->resp = estrdup((char *) tgetpass(p,
sudo_inttable[I_PW_TIMEOUT] * 60, !echo));
def_ival(I_PW_TIMEOUT) * 60, !echo));
if (*pr->resp == '\0')
nil_pw = 1; /* empty password */
break;

2
auth/rfc1938.c
View File

@@ -126,7 +126,7 @@ rfc1938_setup(pw, promptp, auth)
new_prompt = (char *) erealloc(new_prompt, np_size);
}
if (sudo_flag_set(FL_LONG_OTP_PROMPT))
if (def_flag(I_LONG_OTP_PROMPT))
(void) sprintf(new_prompt, "%s\n%s", challenge, orig_prompt);
else
(void) sprintf(new_prompt, "%.*s [ %s ]:", op_len, orig_prompt,

4
auth/sia.c
View File

@@ -80,8 +80,8 @@ sudo_collect(timeout, rendition, title, nprompts, prompts)
switch (rendition) {
case SIAFORM:
case SIAONELINER:
if (timeout <= 0 || timeout > sudo_inttable[I_PW_TIMEOUT] * 60)
timeout = sudo_inttable[I_PW_TIMEOUT] * 60;
if (timeout <= 0 || timeout > def_ival(I_PW_TIMEOUT) * 60)
timeout = def_ival(I_PW_TIMEOUT) * 60;
/*
* Substitute custom prompt if a) the sudo prompt is not "Password:"
* and b) the SIA prompt is "Password:" (so we know it is safe).

12
auth/sudo_auth.c
View File

@@ -98,7 +98,7 @@ void
verify_user(prompt)
char *prompt;
{
short counter = sudo_inttable[I_PW_TRIES] + 1;
short counter = def_ival(I_PW_TRIES) + 1;
short success = AUTH_FAILURE;
short status;
char *p;
@@ -155,7 +155,7 @@ verify_user(prompt)
#ifdef AUTH_STANDALONE
p = prompt;
#else
p = (char *) tgetpass(prompt, sudo_inttable[I_PW_TIMEOUT] * 60, 1);
p = (char *) tgetpass(prompt, def_ival(I_PW_TIMEOUT) * 60, 1);
if (!p || *p == '\0')
nil_pw = 1;
#endif /* AUTH_STANDALONE */
@@ -182,7 +182,7 @@ verify_user(prompt)
/* Exit loop on nil password, but give it a chance to match first. */
if (nil_pw) {
if (counter == sudo_inttable[I_PW_TRIES])
if (counter == def_ival(I_PW_TRIES))
exit(1);
else
break;
@@ -212,8 +212,8 @@ cleanup:
return;
case AUTH_FAILURE:
log_error(NO_MAIL, "%d incorrect password attempt%s",
sudo_inttable[I_PW_TRIES] - counter,
(sudo_inttable[I_PW_TRIES] - counter == 1) ? "" : "s");
def_ival(I_PW_TRIES) - counter,
(def_ival(I_PW_TRIES) - counter == 1) ? "" : "s");
case AUTH_FATAL:
exit(1);
}
@@ -227,7 +227,7 @@ pass_warn(fp)
#ifdef USE_INSULTS
(void) fprintf(fp, "%s\n", INSULT);
#else
(void) fprintf(fp, "%s\n", sudo_strtable[I_BADPASS_MSG]);
(void) fprintf(fp, "%s\n", def_str(I_BADPASS_MSG));
#endif /* USE_INSULTS */
}

29
check.c
View File

@@ -100,15 +100,16 @@ check_user()
lecture(); /* first time through they get a lecture */
/* Expand any escapes in the prompt. */
prompt = expand_prompt(user_prompt ? user_prompt : sudo_strtable[I_PASSPROMPT], user_name, user_shost);
prompt = expand_prompt(user_prompt ? user_prompt : def_str(I_PASSPROMPT),
user_name, user_shost);
verify_user(prompt);
}
if (status != TS_ERROR)
update_timestamp(timestampdir, timestampfile);
(void) free(timestampdir);
free(timestampdir);
if (timestampfile)
(void) free(timestampfile);
free(timestampfile);
}
/*
@@ -119,7 +120,7 @@ static void
lecture()
{
if (sudo_flag_set(FL_LECTURE)) {
if (def_flag(I_LECTURE)) {
(void) fputs("\n\
We trust you have received the usual lecture from the local System\n\
Administrator. It usually boils down to these two things:\n\
@@ -226,10 +227,10 @@ user_is_exempt()
struct group *grp;
char **gr_mem;
if (!sudo_strtable[I_EXEMPT_GRP])
if (!def_str(I_EXEMPT_GRP))
return(FALSE);
if (!(grp = getgrnam(sudo_strtable[I_EXEMPT_GRP])))
if (!(grp = getgrnam(def_str(I_EXEMPT_GRP))))
return(FALSE);
if (getgid() == grp->gr_gid)
@@ -251,9 +252,9 @@ build_timestamp(timestampdir, timestampfile)
char **timestampdir;
char **timestampfile;
{
char *dirparent = sudo_strtable[I_TIMESTAMPDIR];
char *dirparent = def_str(I_TIMESTAMPDIR);
if (sudo_flag_set(FL_TTY_TICKETS)) {
if (def_flag(I_TTY_TICKETS)) {
char *p;
if ((p = strrchr(user_tty, '/')))
@@ -285,7 +286,7 @@ timestamp_status(timestampdir, timestampfile, user, make_dirs)
{
struct stat sb;
time_t now;
char *dirparent = sudo_strtable[I_TIMESTAMPDIR];
char *dirparent = def_str(I_TIMESTAMPDIR);
int status = TS_ERROR; /* assume the worst */
/*
@@ -412,13 +413,13 @@ timestamp_status(timestampdir, timestampfile, user, make_dirs)
*/
if (status == TS_OLD) {
now = time(NULL);
if (sudo_inttable[I_TS_TIMEOUT] &&
now - sb.st_mtime < 60 * sudo_inttable[I_TS_TIMEOUT]) {
if (def_ival(I_TS_TIMEOUT) &&
now - sb.st_mtime < 60 * def_ival(I_TS_TIMEOUT)) {
/*
* Check for bogus time on the stampfile. The clock may
* have been set back or someone could be trying to spoof us.
*/
if (sb.st_mtime > now + 60 * sudo_inttable[I_TS_TIMEOUT] * 2) {
if (sb.st_mtime > now + 60 * def_ival(I_TS_TIMEOUT) * 2) {
log_error(NO_EXIT,
"timestamp too far in the future: %20.20s",
4 + ctime(&sb.st_mtime));
@@ -468,7 +469,7 @@ remove_timestamp(remove)
}
}
(void) free(timestampdir);
free(timestampdir);
if (timestampfile)
(void) free(timestampfile);
free(timestampfile);
}

145
config.h.in
View File

@@ -125,63 +125,6 @@
/* Define if you want to use execv() instead of execvp(). */
#undef USE_EXECV
/* Define if you a different ticket file for each tty. */
#undef USE_TTY_TICKETS
/* Define if you want to insult the user for entering an incorrect password. */
#undef USE_INSULTS
/* Define if you want the insults from the "classic" version sudo. */
#undef CLASSIC_INSULTS
/* Define if you want 2001-like insults. */
#undef HAL_INSULTS
/* Define if you want insults from the "Goon Show" */
#undef GOONS_INSULTS
/* Define if you want insults culled from the twisted minds of CSOps. */
#undef CSOPS_INSULTS
/* Define to override the user's path with a builtin one. */
#undef SECURE_PATH
/* Define if you use S/Key. */
#undef HAVE_SKEY
/* Define if you use NRL OPIE. */
#undef HAVE_OPIE
/* Define if you want a two line OTP (skey/opie) prompt. */
#undef LONG_OTP_PROMPT
/* Define if you use SecurID. */
#undef HAVE_SECURID
/* Define if you use AIX general authentication. */
#undef HAVE_AUTHENTICATE
/* Define if you use Kerberos IV or Kerberos V < 1.1. */
#undef HAVE_KERB4
/* Define if you use Kerberos V version 1.1 or higher. */
#undef HAVE_KERB5
/* Define if you use SIA. */
#undef HAVE_SIA
/* Define if you use PAM. */
#undef HAVE_PAM
/* Define if you use AFS. */
#undef HAVE_AFS
/* Define if you use OSF DCE. */
#undef HAVE_DCE
/* Define if you use the FWTK authsrv daemon. */
#undef HAVE_FWTK
/* Define if you have POSIX signals. */
#undef HAVE_SIGACTION
#ifdef HAVE_SIGACTION
@@ -378,12 +321,12 @@
/* Define if your struct sockadr has an sa_len field. */
#undef HAVE_SA_LEN
/* Define if you want visudo to honor EDITOR and VISUAL env variables. */
#undef ENV_EDITOR
/* Define to avoid using the passwd/shadow file for authentication. */
#undef WITHOUT_PASSWD
/* Define if you don't want sudo to prompt for a password by default. */
#undef NO_AUTHENTICATION
/* Define to void if your C compiler fully groks void, else char */
#undef VOID
@@ -394,6 +337,38 @@
/* and syslog(3) returns non-zero to denote failure */
#undef BROKEN_SYSLOG
/* Define if the code in interfaces.c does not compile for you. */
#undef STUB_LOAD_INTERFACES
/*
* Defaults for options. These may be overridden via a "Defaults" line
* in the sudoers file.
*/
/* Define if you a different ticket file for each tty. */
#undef USE_TTY_TICKETS
/* Define if you want to insult the user for entering an incorrect password. */
#undef USE_INSULTS
/* Define if you want the insults from the "classic" version sudo. */
#undef CLASSIC_INSULTS
/* Define if you want 2001-like insults. */
#undef HAL_INSULTS
/* Define if you want insults from the "Goon Show" */
#undef GOONS_INSULTS
/* Define if you want insults culled from the twisted minds of CSOps. */
#undef CSOPS_INSULTS
/* Define to override the user's path with a builtin one. */
#undef SECURE_PATH
/* Define if you want a two line OTP (skey/opie) prompt. */
#undef LONG_OTP_PROMPT
/* The umask that the root-run prog should use */
#undef SUDO_UMASK
@@ -425,9 +400,9 @@
#undef NO_ROOT_SUDO
/* Define to be the user that gets sudo mail. */
#undef ALERTMAIL
#undef MAILTO
/* Define to be the subject of the mail sent to ALERTMAIL by sudo. */
/* Define to be the subject of the mail sent to MAILTO by sudo. */
#undef MAILSUBJECT
/* Define to be the message given for a bad password. */
@@ -436,9 +411,6 @@
/* Define to be the password prompt. */
#undef PASSPROMPT
/* Define if you want visudo to honor EDITOR and VISUAL env variables. */
#undef ENV_EDITOR
/* Define to SLOG_SYSLOG, SLOG_FILE, or SLOG_BOTH */
#undef LOGGING
@@ -478,8 +450,47 @@
/* Define if you want sudo to set $HOME in shell mode. */
#undef SHELL_SETS_HOME
/* Define if the code in interfaces.c does not compile for you. */
#undef STUB_LOAD_INTERFACES
/* Define if you don't want sudo to prompt for a password by default. */
#undef NO_AUTHENTICATION
/*
* Authentication methods.
*/
/* Define if you use S/Key. */
#undef HAVE_SKEY
/* Define if you use NRL OPIE. */
#undef HAVE_OPIE
/* Define if you use SecurID. */
#undef HAVE_SECURID
/* Define if you use AIX general authentication. */
#undef HAVE_AUTHENTICATE
/* Define if you use Kerberos IV or Kerberos V < 1.1. */
#undef HAVE_KERB4
/* Define if you use Kerberos V version 1.1 or higher. */
#undef HAVE_KERB5
/* Define if you use SIA. */
#undef HAVE_SIA
/* Define if you use PAM. */
#undef HAVE_PAM
/* Define if you use AFS. */
#undef HAVE_AFS
/* Define if you use OSF DCE. */
#undef HAVE_DCE
/* Define if you use the FWTK authsrv daemon. */
#undef HAVE_FWTK
/********** You probably don't want to modify anything below here ***********/

809
configure vendored
View File

File diff suppressed because it is too large Load Diff

38
configure.in
View File

@@ -71,6 +71,14 @@ AC_ARG_WITH(otp-only, [ --with-otp-only deprecated],
;;
esac])
AC_ARG_WITH(alertmail, [ --with-alertmail deprecated],
[case $with_alertmail in
*) with_mailto="$with_alertmail"
AC_DEFINE(WITHOUT_PASSWD)
AC_MSG_WARN([--with-alertmail option deprecated, treating as --mailto])
;;
esac])
dnl
dnl Options for --with
dnl
@@ -364,7 +372,7 @@ AC_ARG_WITH(logging, [ --with-logging log via syslog, file, or both],
esac], [AC_DEFINE(LOGGING, SLOG_SYSLOG) AC_MSG_RESULT(syslog)])
AC_MSG_CHECKING(which syslog facility sudo should log with)
AC_ARG_WITH(logfac, [ --with-logfac syslog facility to log with (default is LOG_LOCAL2)],
AC_ARG_WITH(logfac, [ --with-logfac syslog facility to log with (default is local2)],
[case $with_logfac in
yes) echo "Must give --with-logfac an argument."
exit 1
@@ -372,13 +380,13 @@ AC_ARG_WITH(logfac, [ --with-logfac syslog facility to log with (defa
no) echo "Sorry, --without-logfac not supported."
exit 1
;;
*) AC_DEFINE_UNQUOTED(LOGFAC, $with_logfac)
*) AC_DEFINE_UNQUOTED(LOGFAC, "$with_logfac")
AC_MSG_RESULT([$with_logfac])
;;
esac], [AC_DEFINE(LOGFAC, LOG_LOCAL2) AC_MSG_RESULT(LOG_LOCAL2)])
esac], [AC_DEFINE_UNQUOTED(LOGFAC, "local2") AC_MSG_RESULT("local2")])
AC_MSG_CHECKING(at which syslog priority to log commands)
AC_ARG_WITH(goodpri, [ --with-goodpri syslog priority for commands (def is LOG_NOTICE)],
AC_ARG_WITH(goodpri, [ --with-goodpri syslog priority for commands (def is notice)],
[case $with_goodpri in
yes) echo "Must give --with-goodpri an argument."
exit 1
@@ -386,10 +394,10 @@ AC_ARG_WITH(goodpri, [ --with-goodpri syslog priority for commands (de
no) echo "Sorry, --without-goodpri not supported."
exit 1
;;
*) AC_DEFINE_UNQUOTED(LOGFAC, $with_goodpri)
*) AC_DEFINE_UNQUOTED(LOGFAC, "$with_goodpri")
AC_MSG_RESULT([$with_goodpri])
;;
esac], [AC_DEFINE(PRI_SUCCESS, LOG_NOTICE) AC_MSG_RESULT(LOG_NOTICE)])
esac], [AC_DEFINE_UNQUOTED(PRI_SUCCESS, "notice") AC_MSG_RESULT("notice")])
AC_MSG_CHECKING(at which syslog priority to log failures)
AC_ARG_WITH(badpri, [ --with-badpri syslog priority for failures (def is LOG_ALERT)],
@@ -400,10 +408,10 @@ AC_ARG_WITH(badpri, [ --with-badpri syslog priority for failures (def
no) echo "Sorry, --without-badpri not supported."
exit 1
;;
*) AC_DEFINE_UNQUOTED(LOGFAC, $with_badpri)
*) AC_DEFINE_UNQUOTED(LOGFAC, "$with_badpri")
AC_MSG_RESULT([$with_badpri])
;;
esac], [AC_DEFINE(PRI_FAILURE, LOG_ALERT) AC_MSG_RESULT(LOG_ALERT)])
esac], [AC_DEFINE_UNQUOTED(PRI_FAILURE, "alert") AC_MSG_RESULT("alert")])
AC_ARG_WITH(logpath, [ --with-logpath path to the sudo log file],
[case $with_logpath in
@@ -446,17 +454,17 @@ AC_ARG_WITH(ignore-dot, [ --with-ignore-dot ignore '.' in the PATH],
esac], AC_MSG_RESULT(no))
AC_MSG_CHECKING(who should get the mail that sudo sends)
AC_ARG_WITH(alertmail, [ --with-alertmail who should get sudo mail (default is "root")],
[case $with_alertmail in
yes) echo "Must give --with-alertmail an argument."
AC_ARG_WITH(mailto, [ --with-mailto who should get sudo mail (default is "root")],
[case $with_mailto in
yes) echo "Must give --with-mailto an argument."
exit 1
;;
no) echo "Sorry, --without-alertmail not supported."
no) echo "Sorry, --without-mailto not supported."
;;
*) AC_DEFINE_UNQUOTED(ALERTMAIL, "$with_alertmail")
AC_MSG_RESULT([$with_alertmail])
*) AC_DEFINE_UNQUOTED(MAILTO, "$with_mailto")
AC_MSG_RESULT([$with_mailto])
;;
esac], [AC_DEFINE(ALERTMAIL, "root") AC_MSG_RESULT(root)])
esac], [AC_DEFINE(MAILTO, "root") AC_MSG_RESULT(root)])
AC_ARG_WITH(mailsubject, [ --with-mailsubject subject of sudo mail],
[case $with_mailsubject in

519
defaults.c
View File

@@ -97,139 +97,138 @@ static struct strmap priorities[] = {
/*
* Local prototypes.
*/
static int store_int __P((char *, int, int));
static int store_str __P((char *, int, int));
static int store_syslogfac __P((char *, int, int));
static int store_syslogpri __P((char *, int, int));
static int store_umask __P((char *, int, int));
static char *num_to_name __P((int, struct strmap *));
static int store_int __P((char *, struct sudo_defs_types *, int));
static int store_str __P((char *, struct sudo_defs_types *, int));
static int store_syslogfac __P((char *, struct sudo_defs_types *, int));
static int store_syslogpri __P((char *, struct sudo_defs_types *, int));
static int store_mode __P((char *, struct sudo_defs_types *, int));
/*
* Structure describing compile-time and run-time options.
* Index for T_INT starts at one since index 0 is for flags.
* XXX - syslog things should be strings (and !facility should turn off)
* XXX - some of these names are pretty lame.
* Table describing compile-time and run-time options.
*/
struct sudo_defs_types {
char *name;
unsigned int type;
unsigned int index;
int (*store) __P((char *, int, int));
char *desc;
} sudo_defs_table[] = {
struct sudo_defs_types sudo_defs_table[] = {
{
"long_otp_prompt", T_FLAG, FL_LONG_OTP_PROMPT, NULL,
"syslog_ifac", T_INT, { 0 },
NULL
}, {
"syslog_igoodpri", T_INT, { 0 },
NULL
}, {
"syslog_ibadpri", T_INT, { 0 },
NULL
}, {
"syslog", T_LOGFAC|T_BOOL, { 0 },
"Syslog facility if syslog is being used for logging: %s"
}, {
"syslog_goodpri", T_LOGPRI, { 0 },
"Syslog priority to use when user authenticates successfully: %s"
}, {
"syslog_badpri", T_LOGPRI, { 0 },
"Syslog priority to use when user authenticates unsuccessfully: %s"
}, {
"long_otp_prompt", T_FLAG, { 0 },
"Put OTP prompt on its own line"
}, {
"ignore_dot", T_FLAG, FL_IGNORE_DOT, NULL,
"ignore_dot", T_FLAG, { 0 },
"Ignore '.' in $PATH"
}, {
"mail_if_no_user", T_FLAG, FL_MAIL_IF_NOUSER, NULL,
"mail_always", T_FLAG, { 0 },
"Always send mail when sudo is run"
}, {
"mail_if_no_user", T_FLAG, { 0 },
"Send mail if the user is not in sudoers"
}, {
"mail_if_no_host", T_FLAG, FL_MAIL_IF_NOHOST, NULL,
"mail_if_no_host", T_FLAG, { 0 },
"Send mail if the user is not in sudoers for this host"
}, {
"mail_if_no_perms", T_FLAG, FL_MAIL_IF_NOPERMS, NULL,
"mail_if_no_perms", T_FLAG, { 0 },
"Send mail if the user is not allowed to run a command"
}, {
"tty_tickets", T_FLAG, FL_TTY_TICKETS, NULL,
"Use a separate timestamp for each user/tty combo"
}, {
"lecture", T_FLAG, FL_LECTURE, NULL,
"Lecture user the first time they run sudo"
}, {
"authenticate", T_FLAG, FL_AUTHENTICATE, NULL,
"Require users to authenticate by default"
}, {
"root_sudo", T_FLAG, FL_ROOT_SUDO, NULL,
"Root may run sudo"
}, {
"log_host", T_FLAG, FL_LOG_HOST, NULL,
"Log the hostname in the (non-syslog) log file"
}, {
"log_year", T_FLAG, FL_LOG_YEAR, NULL,
"Log the year in the (non-syslog) log file"
}, {
"shell_noargs", T_FLAG, FL_SHELL_NOARGS, NULL,
"If sudo is invoked with no arguments, start a shell"
}, {
"set_home", T_FLAG, FL_SET_HOME, NULL,
"Set $HOME to the target user when starting a shell with -s"
}, {
"path_info", T_FLAG, FL_PATH_INFO, NULL,
"Allow some information gathering to give useful error messages"
}, {
"fqdn", T_FLAG, FL_FQDN, NULL,
"Require fully-qualified hsotnames in the sudoers file"
}, {
"insults", T_FLAG, FL_INSULTS, NULL,
"Insult the user when they enter an incorrect password"
}, {
"syslog", T_INT|T_BOOL, I_LOGFAC, store_syslogfac,
"Syslog facility: %s"
}, {
"syslog_goodpri", T_INT, I_GOODPRI, store_syslogpri,
"Syslog priority to use when user authenticates successfully: %s"
}, {
"syslog_badpri", T_INT, I_BADPRI, store_syslogpri,
"Syslog priority to use when user authenticates unsuccessfully: %s"
}, {
"loglinelen", T_INT, I_LOGLEN, store_int,
"Number of length at which to wrap log file lines (0 for no wrap): %d"
}, {
"timestamp_timeout", T_INT, I_TS_TIMEOUT, store_int,
"Authentication timestamp timeout: %d minutes"
}, {
"passwd_timeout", T_INT, I_PW_TIMEOUT, store_int,
"Password prompt timeout: %d minutes"
}, {
"passwd_tries", T_INT, I_PW_TRIES, store_int,
"Number of tries to enter a password: %d"
}, {
"umask", T_INT|T_BOOL, I_UMASK, store_umask,
"Umask to use or 0777 to use user's: 0%o"
}, {
"logfile", T_STR, I_LOGFILE, store_str,
"Path to log file: %s"
}, {
"mailerpath", T_STR, I_MAILERPATH, store_str,
"Path to mail program: %s"
}, {
"mailerflags", T_STR, I_MAILERARGS, store_str,
"Flags for mail program: %s"
}, {
"alertmail", T_STR, I_ALERTMAIL, store_str,
"Address to send mail to: %s"
}, {
"mailsub", T_STR, I_MAILSUB, store_str,
"Subject line for mail messages: %s"
}, {
"badpass_message", T_STR, I_BADPASS_MSG, store_str,
"Incorrect password message: %s"
}, {
"timestampdir", T_STR, I_TIMESTAMPDIR, store_str,
"Path to authentication timestamp dir: %s"
}, {
"exempt_group", T_STR, I_EXEMPT_GRP, store_str,
"Users in this group are exempt from password and PATH requirements: %s"
}, {
"passprompt", T_STR, I_PASSPROMPT, store_str,
"Default password prompt: %s"
}, {
"runas_default", T_STR, I_RUNAS_DEF, store_str,
"Default user to run commands as: %s"
}, {
"secure_path", T_STR, I_SECURE_PATH, store_str,
"Override user's $PATH with: %s"
}, {
NULL, 0, 0, NULL, NULL
"tty_tickets", T_FLAG, { 0 },
"Use a separate timestamp for each user/tty combo"
}, {
"lecture", T_FLAG, { 0 },
"Lecture user the first time they run sudo"
}, {
"authenticate", T_FLAG, { 0 },
"Require users to authenticate by default"
}, {
"root_sudo", T_FLAG, { 0 },
"Root may run sudo"
}, {
"log_host", T_FLAG, { 0 },
"Log the hostname in the (non-syslog) log file"
}, {
"log_year", T_FLAG, { 0 },
"Log the year in the (non-syslog) log file"
}, {
"shell_noargs", T_FLAG, { 0 },
"If sudo is invoked with no arguments, start a shell"
}, {
"set_home", T_FLAG, { 0 },
"Set $HOME to the target user when starting a shell with -s"
}, {
"path_info", T_FLAG, { 0 },
"Allow some information gathering to give useful error messages"
}, {
"fqdn", T_FLAG, { 0 },
"Require fully-qualified hsotnames in the sudoers file"
}, {
"insults", T_FLAG, { 0 },
"Insult the user when they enter an incorrect password"
}, {
"loglinelen", T_INT, { 0 },
"Length at which to wrap log file lines (0 for no wrap): %d"
}, {
"timestamp_timeout", T_INT|T_BOOL, { 0 },
"Authentication timestamp timeout: %d minutes"
}, {
"passwd_timeout", T_INT|T_BOOL, { 0 },
"Password prompt timeout: %d minutes"
}, {
"passwd_tries", T_INT, { 0 },
"Number of tries to enter a password: %d"
}, {
"umask", T_MODE|T_BOOL, { 0 },
"Umask to use or 0777 to use user's: 0%o"
}, {
"logfile", T_STR|T_BOOL, { 0 },
"Path to log file: %s"
}, {
"mailerpath", T_STR|T_BOOL, { 0 },
"Path to mail program: %s"
}, {
"mailerflags", T_STR|T_BOOL, { 0 },
"Flags for mail program: %s"
}, {
"mailto", T_STR|T_BOOL, { 0 },
"Address to send mail to: %s"
}, {
"mailsub", T_STR, { 0 },
"Subject line for mail messages: %s"
}, {
"badpass_message", T_STR, { 0 },
"Incorrect password message: %s"
}, {
"timestampdir", T_STR, { 0 },
"Path to authentication timestamp dir: %s"
}, {
"exempt_group", T_STR|T_BOOL, { 0 },
"Users in this group are exempt from password and PATH requirements: %s"
}, {
"passprompt", T_STR, { 0 },
"Default password prompt: %s"
}, {
"runas_default", T_STR, { 0 },
"Default user to run commands as: %s"
}, {
"secure_path", T_STR|T_BOOL, { 0 },
"Value to override user's $PATH with: %s"
}, {
NULL, 0, { 0 }, NULL
}
};
unsigned int sudo_inttable[SUDO_INTTABLE_LAST];
char *sudo_strtable[SUDO_STRTABLE_LAST];
/*
* Print version and configure info.
*/
@@ -239,28 +238,26 @@ dump_defaults()
struct sudo_defs_types *cur;
for (cur = sudo_defs_table; cur->name; cur++) {
switch (cur->type & T_MASK) {
case T_FLAG:
if ((sudo_inttable[I_FLAGS]) & (cur->index))
puts(cur->desc);
break;
case T_STR:
if (sudo_strtable[cur->index]) {
(void) printf(cur->desc, sudo_strtable[cur->index]);
if (cur->desc) {
switch (cur->type & T_MASK) {
case T_FLAG:
if (cur->sd_un.flag)
puts(cur->desc);
break;
case T_STR:
case T_LOGFAC:
case T_LOGPRI:
if (cur->sd_un.str) {
(void) printf(cur->desc, cur->sd_un.str);
putchar('\n');
}
break;
case T_INT:
case T_MODE:
(void) printf(cur->desc, cur->sd_un.ival);
putchar('\n');
}
break;
case T_INT:
if (cur->index == I_LOGFAC)
(void) printf(cur->desc,
num_to_name(sudo_inttable[cur->index], facilities));
else if (cur->index == I_GOODPRI || cur->index == I_BADPRI)
(void) printf(cur->desc,
num_to_name(sudo_inttable[cur->index], priorities));
else
(void) printf(cur->desc, sudo_inttable[cur->index]);
putchar('\n');
break;
break;
}
}
}
@@ -282,40 +279,24 @@ list_options()
(void) puts("Available options in a sudoers ``Defaults'' line:\n");
for (cur = sudo_defs_table; cur->name; cur++) {
switch (cur->type & T_MASK) {
case T_FLAG:
(void) printf("%s: %s\n", cur->name, cur->desc);
break;
case T_STR:
case T_INT:
p = strrchr(cur->desc, ':');
if (p)
(void) printf("%s: %.*s\n", cur->name, p - cur->desc,
cur->desc);
else
if (cur->name && cur->desc) {
switch (cur->type & T_MASK) {
case T_FLAG:
(void) printf("%s: %s\n", cur->name, cur->desc);
break;
break;
default:
p = strrchr(cur->desc, ':');
if (p)
(void) printf("%s: %.*s\n", cur->name, p - cur->desc,
cur->desc);
else
(void) printf("%s: %s\n", cur->name, cur->desc);
break;
}
}
}
}
/*
* Convert a syslog number to a name.
*/
static char *
num_to_name(num, table)
int num;
struct strmap *table;
{
struct strmap *t;
for (t = table; t->name; t++)
if (t->num == num)
return(t->name);
return("disabled");
}
/*
* Sets/clears an entry in the defaults structure
* If a variable that takes a value is used in a boolean
@@ -344,6 +325,22 @@ set_default(var, val, op)
}
switch (cur->type & T_MASK) {
case T_LOGFAC:
if (!store_syslogfac(val, cur, op)) {
(void) fprintf(stderr,
"%s: value '%s' is invalid for option '%s'\n", Argv[0],
val, var);
return(FALSE);
}
break;
case T_LOGPRI:
if (!store_syslogpri(val, cur, op)) {
(void) fprintf(stderr,
"%s: value '%s' is invalid for option '%s'\n", Argv[0],
val, var);
return(FALSE);
}
break;
case T_STR:
if (!val) {
/* Check for bogus boolean usage or lack of a value. */
@@ -354,7 +351,7 @@ set_default(var, val, op)
return(FALSE);
}
}
if (!cur->store(val, cur->index, op)) {
if (!store_str(val, cur, op)) {
(void) fprintf(stderr,
"%s: value '%s' is invalid for option '%s'\n", Argv[0],
val, var);
@@ -371,7 +368,24 @@ set_default(var, val, op)
return(FALSE);
}
}
if (!cur->store(val, cur->index, op)) {
if (!store_int(val, cur, op)) {
(void) fprintf(stderr,
"%s: value '%s' is invalid for option '%s'\n", Argv[0],
val, var);
return(FALSE);
}
break;
case T_MODE:
if (!val) {
/* Check for bogus boolean usage or lack of a value. */
if (!(cur->type & T_BOOL) || op != FALSE) {
(void) fprintf(stderr,
"%s: no value specified for `%s' on line %d\n", Argv[0],
var, sudolineno);
return(FALSE);
}
}
if (!store_mode(val, cur, op)) {
(void) fprintf(stderr,
"%s: value '%s' is invalid for option '%s'\n", Argv[0],
val, var);
@@ -385,10 +399,7 @@ set_default(var, val, op)
Argv[0], var, sudolineno);
return(FALSE);
}
if (op == TRUE)
sudo_inttable[0] |= cur->index;
else
sudo_inttable[0] &= ~(cur->index);
cur->sd_un.flag = op;
break;
}
@@ -403,108 +414,108 @@ void
init_defaults()
{
static int firsttime = 1;
int i;
struct sudo_defs_types *def;
/* Free any strings that were set. */
if (!firsttime) {
for (i = 0; i < SUDO_STRTABLE_LAST; i++)
if (sudo_strtable[i])
free(sudo_strtable[i]);
for (def = sudo_defs_table; def->name; def++)
switch (def->type & T_MASK) {
case T_STR:
case T_LOGFAC:
case T_LOGPRI:
if (def->sd_un.str)
free(def->sd_un.str);
break;
}
}
memset(sudo_strtable, 0, sizeof(sudo_strtable));
memset(sudo_inttable, 0, sizeof(sudo_inttable));
/* First initialize the flags. */
#ifdef LONG_OTP_PROMPT
sudo_inttable[I_FLAGS] |= FL_LONG_OTP_PROMPT;
def_flag(I_LONG_OTP_PROMPT) = TRUE;
#endif
#ifdef IGNORE_DOT_PATH
sudo_inttable[I_FLAGS] |= FL_IGNORE_DOT;
def_flag(I_IGNORE_DOT) = TRUE;
#endif
#ifdef ALWAYS_SEND_MAIL
sudo_inttable[I_FLAGS] |= FL_MAIL_ALWAYS;
def_flag(I_MAIL_ALWAYS) = TRUE;
#endif
#ifdef SEND_MAIL_WHEN_NO_USER
sudo_inttable[I_FLAGS] |= FL_MAIL_IF_NOUSER;
def_flag(I_MAIL_IF_NOUSER) = TRUE;
#endif
#ifdef SEND_MAIL_WHEN_NO_HOST
sudo_inttable[I_FLAGS] |= FL_MAIL_IF_NOHOST;
def_flag(I_MAIL_IF_NOHOST) = TRUE;
#endif
#ifdef SEND_MAIL_WHEN_NOT_OK
sudo_inttable[I_FLAGS] |= FL_MAIL_IF_NOPERMS;
def_flag(I_MAIL_IF_NOPERMS) = TRUE;
#endif
#ifdef USE_TTY_TICKETS
sudo_inttable[I_FLAGS] |= FL_TTY_TICKETS;
def_flag(I_TTY_TICKETS) = TRUE;
#endif
#ifndef NO_LECTURE
sudo_inttable[I_FLAGS] |= FL_LECTURE;
def_flag(I_LECTURE) = TRUE;
#endif
#ifndef NO_AUTHENTICATION
sudo_inttable[I_FLAGS] |= FL_AUTHENTICATE;
def_flag(I_AUTHENTICATE) = TRUE;
#endif
#ifndef NO_ROOT_SUDO
sudo_inttable[I_FLAGS] |= FL_ROOT_SUDO;
def_flag(I_ROOT_SUDO) = TRUE;
#endif
#ifdef HOST_IN_LOG
sudo_inttable[I_FLAGS] |= FL_LOG_HOST;
def_flag(I_LOG_HOST) = TRUE;
#endif
#ifdef SHELL_IF_NO_ARGS
sudo_inttable[I_FLAGS] |= FL_SHELL_NOARGS;
def_flag(I_SHELL_NOARGS) = TRUE;
#endif
#ifdef SHELL_SETS_HOME
sudo_inttable[I_FLAGS] |= FL_SET_HOME;
def_flag(I_SET_HOME) = TRUE;
#endif
#ifndef DONT_LEAK_PATH_INFO
sudo_inttable[I_FLAGS] |= FL_PATH_INFO;
def_flag(I_PATH_INFO) = TRUE;
#endif
#ifdef FQDN
sudo_inttable[I_FLAGS] |= FL_FQDN;
def_flag(I_FQDN) = TRUE;
#endif
#ifdef USE_INSULTS
sudo_inttable[I_FLAGS] |= FL_INSULTS;
def_flag(I_INSULTS) = TRUE;
#endif
/* Then initialize the ints. */
/* Syslog options need special care since they both strings and ints */
#if (LOGGING & SLOG_SYSLOG)
sudo_inttable[I_LOGFAC] = LOGFAC;
sudo_inttable[I_GOODPRI] = PRI_SUCCESS;
sudo_inttable[I_BADPRI] = PRI_FAILURE;
#else
sudo_inttable[I_LOGFAC] = (unsigned int)-1;
(void) store_syslogfac(LOGFAC, &sudo_defs_table[I_LOGFACSTR], TRUE);
(void) store_syslogpri(PRI_SUCCESS, &sudo_defs_table[I_GOODPRISTR], TRUE);
(void) store_syslogpri(PRI_FAILURE, &sudo_defs_table[I_BADPRISTR], TRUE);
#endif
/* Then initialize the int-like things. */
#ifdef SUDO_UMASK
sudo_inttable[I_UMASK] = SUDO_UMASK;
def_mode(I_UMASK) = SUDO_UMASK;
#else
sudo_inttable[I_UMASK] = 0777;
def_mode(I_UMASK) = 0777;
#endif
sudo_inttable[I_LOGLEN] = MAXLOGFILELEN;
sudo_inttable[I_TS_TIMEOUT] = TIMEOUT;
sudo_inttable[I_PW_TIMEOUT] = PASSWORD_TIMEOUT;
sudo_inttable[I_PW_TRIES] = TRIES_FOR_PASSWORD;
def_ival(I_LOGLEN) = MAXLOGFILELEN;
def_ival(I_TS_TIMEOUT) = TIMEOUT;
def_ival(I_PW_TIMEOUT) = PASSWORD_TIMEOUT;
def_ival(I_PW_TRIES) = TRIES_FOR_PASSWORD;
/* Finally do the strings */
sudo_strtable[I_ALERTMAIL] = estrdup(ALERTMAIL);
sudo_strtable[I_MAILSUB] = estrdup(MAILSUBJECT);
sudo_strtable[I_BADPASS_MSG] = estrdup(INCORRECT_PASSWORD);
sudo_strtable[I_TIMESTAMPDIR] = estrdup(_PATH_SUDO_TIMEDIR);
sudo_strtable[I_PASSPROMPT] = estrdup(PASSPROMPT);
sudo_strtable[I_RUNAS_DEF] = estrdup(RUNAS_DEFAULT);
def_str(I_MAILTO) = estrdup(MAILTO);
def_str(I_MAILSUB) = estrdup(MAILSUBJECT);
def_str(I_BADPASS_MSG) = estrdup(INCORRECT_PASSWORD);
def_str(I_TIMESTAMPDIR) = estrdup(_PATH_SUDO_TIMEDIR);
def_str(I_PASSPROMPT) = estrdup(PASSPROMPT);
def_str(I_RUNAS_DEF) = estrdup(RUNAS_DEFAULT);
#ifdef _PATH_SENDMAIL
sudo_strtable[I_MAILERPATH] = estrdup(_PATH_SENDMAIL);
def_str(I_MAILERPATH) = estrdup(_PATH_SENDMAIL);
def_str(I_MAILERFLAGS) = estrdup("-t");
#endif
#if (LOGGING & SLOG_FILE)
sudo_strtable[I_LOGFILE] = estrdup(_PATH_SUDO_LOGFILE);
def_str(I_LOGFILE) = estrdup(_PATH_SUDO_LOGFILE);
#endif
#ifdef EXEMPTGROUP
sudo_strtable[I_EXEMPT_GRP] = estrdup(EXEMPTGROUP);
def_str(I_EXEMPT_GRP) = estrdup(EXEMPTGROUP);
#endif
#ifdef SECURE_PATH
sudo_strtable[I_SECURE_PATH] = estrdup(SECURE_PATH);
#endif
#if 0
/* XXX - implement */
sudo_strtable[I_MAILERARGS] = estrdup(XXX);
def_str(I_SECURE_PATH) = estrdup(SECURE_PATH);
#endif
/*
@@ -513,104 +524,122 @@ init_defaults()
* value changes we get the change.
*/
if (user_runas == NULL)
user_runas = &sudo_strtable[I_RUNAS_DEF];
user_runas = &def_str(I_RUNAS_DEF);
firsttime = 0;
}
static int
store_int(val, index, op)
store_int(val, def, op)
char *val;
int index;
struct sudo_defs_types *def;
int op;
{
char *endp;
unsigned long ul;
if (op == FALSE) {
sudo_inttable[index] = 0;
def->sd_un.ival = 0;
} else {
ul = strtoul(val, &endp, 10);
if (*endp != '\0')
return(FALSE);
/* XXX - should check against UINT_MAX */
sudo_inttable[index] = (unsigned int)ul;
def->sd_un.ival = (unsigned int)ul;
}
return(TRUE);
}
static int
store_str(val, index, op)
store_str(val, def, op)
char *val;
int index;
struct sudo_defs_types *def;
int op;
{
if (sudo_strtable[index])
free(sudo_strtable[index]);
if (def->sd_un.str)
free(def->sd_un.str);
if (op == FALSE)
sudo_strtable[index] = NULL;
def->sd_un.str = NULL;
else
sudo_strtable[index] = estrdup(val);
def->sd_un.str = estrdup(val);
return(TRUE);
}
static int
store_syslogfac(val, index, op)
store_syslogfac(val, def, op)
char *val;
int index;
struct sudo_defs_types *def;
int op;
{
struct strmap *fac;
if (op == FALSE) {
sudo_inttable[index] = (unsigned int)-1;
free(def->sd_un.str);
def->sd_un.str = NULL;
return(TRUE);
}
for (fac = facilities; fac->name && strcmp(val, fac->name); fac++)
;
if (fac->name == NULL)
return(FALSE);
sudo_inttable[index] = fac->num;
return(FALSE); /* not found */
/* Store both name and number. */
if (def->sd_un.str)
free(def->sd_un.str);
def->sd_un.str = estrdup(fac->name);
sudo_defs_table[I_LOGFAC].sd_un.ival = fac->num;
return(TRUE);
}
static int
store_syslogpri(val, index, op)
store_syslogpri(val, def, op)
char *val;
int index;
struct sudo_defs_types *def;
int op;
{
struct strmap *pri;
struct sudo_defs_types *idef;
if (op == FALSE)
return(FALSE);
if (def == &sudo_defs_table[I_GOODPRISTR])
idef = &sudo_defs_table[I_GOODPRI];
else if (def == &sudo_defs_table[I_BADPRISTR])
idef = &sudo_defs_table[I_BADPRI];
else
return(FALSE);
for (pri = priorities; pri->name && strcmp(val, pri->name); pri++)
;
if (pri->name == NULL)
return(FALSE);
sudo_inttable[index] = pri->num;
return(FALSE); /* not found */
/* Store both name and number. */
if (def->sd_un.str)
free(def->sd_un.str);
def->sd_un.str = estrdup(pri->name);
idef->sd_un.ival = pri->num;
return(TRUE);
}
static int
store_umask(val, index, op)
store_mode(val, def, op)
char *val;
int index;
struct sudo_defs_types *def;
int op;
{
char *endp;
unsigned long ul;
if (op == FALSE) {
sudo_inttable[index] = 0777;
def->sd_un.mode = 0777;
} else {
ul = strtoul(val, &endp, 8);
if (*endp != '\0' || ul >= 0777)
return(FALSE);
sudo_inttable[index] = (mode_t)ul;
def->sd_un.mode = (mode_t)ul;
}
return(TRUE);
}

142
defaults.h
View File

@@ -38,74 +38,94 @@
#define _SUDO_DEFAULTS_H
/*
* Four types of defaults: strings, integers, booleans, and flags.
* Note that flags have their value in the index field.
* Structure describing compile-time and run-time options.
*/
struct sudo_defs_types {
char *name;
int type;
union {
int flag;
char *str;
unsigned int ival;
mode_t mode;
} sd_un;
char *desc;
};
/*
* Four types of defaults: strings, integers, and flags.
* Also, T_INT or T_STR may be ANDed with T_BOOL to indicate that
* a value is not required.
* a value is not required. Flags are boolean by nature...
*/
#define T_INT 0x01
#define T_STR 0x02
#define T_FLAG 0x08
#define T_MASK 0x0F
#define T_BOOL 0x10
#define T_INT 0x001
#define T_STR 0x002
#define T_FLAG 0x003
#define T_MODE 0x004
#define T_LOGFAC 0x005
#define T_LOGPRI 0x006
#define T_MASK 0x0FF
#define T_BOOL 0x100
/*
* Flag values
* Indexes into sudo_defs_table
*/
#define FL_LONG_OTP_PROMPT 0x00001
#define FL_IGNORE_DOT 0x00002
#define FL_MAIL_ALWAYS 0x00004
#define FL_MAIL_IF_NOUSER 0x00008
#define FL_MAIL_IF_NOHOST 0x00010
#define FL_MAIL_IF_NOPERMS 0x00020
#define FL_TTY_TICKETS 0x00040
#define FL_LECTURE 0x00080
#define FL_AUTHENTICATE 0x00100
#define FL_ROOT_SUDO 0x00200
#define FL_LOG_HOST 0x00400
#define FL_SHELL_NOARGS 0x00800
#define FL_SET_HOME 0x01000
#define FL_PATH_INFO 0x02000
#define FL_FQDN 0x04000
#define FL_INSULTS 0x08000
#define FL_LOG_YEAR 0x10000
#define FL_MAX 0xFFFFF
/* Integer versions of syslog options. */
#define I_LOGFAC 0 /* syslog facility */
#define I_GOODPRI 1 /* syslog priority for successful auth */
#define I_BADPRI 2 /* syslog priority for unsuccessful auth */
/* String versions of syslog options. */
#define I_LOGFACSTR 3 /* syslog facility */
#define I_GOODPRISTR 4 /* syslog priority for successful auth */
#define I_BADPRISTR 5 /* syslog priority for unsuccessful auth */
/* Booleans */
#define I_LONG_OTP_PROMPT 6
#define I_IGNORE_DOT 7
#define I_MAIL_ALWAYS 8
#define I_MAIL_IF_NOUSER 9
#define I_MAIL_IF_NOHOST 10
#define I_MAIL_IF_NOPERMS 11
#define I_TTY_TICKETS 12
#define I_LECTURE 13
#define I_AUTHENTICATE 14
#define I_ROOT_SUDO 15
#define I_LOG_HOST 16
#define I_LOG_YEAR 17
#define I_SHELL_NOARGS 18
#define I_SET_HOME 19
#define I_PATH_INFO 20
#define I_FQDN 21
#define I_INSULTS 22
/* Integer values */
#define I_LOGLEN 23 /* wrap log file line after N chars */
#define I_TS_TIMEOUT 24 /* timestamp stale after N minutes */
#define I_PW_TIMEOUT 25 /* exit if pass not entered in N minutes */
#define I_PW_TRIES 26 /* exit after N bad password tries */
#define I_UMASK 27 /* umask to use or 0777 to use user's */
/* Strings */
#define I_LOGFILE 28 /* path to logfile (or NULL for none) */
#define I_MAILERPATH 29 /* path to sendmail or other mailer */
#define I_MAILERFLAGS 30 /* flags to pass to the mailer */
#define I_MAILTO 31 /* who to send bitch mail to */
#define I_MAILSUB 32 /* subject line of mail msg */
#define I_BADPASS_MSG 33 /* what to say when passwd is wrong */
#define I_TIMESTAMPDIR 34 /* path to timestamp dir */
#define I_EXEMPT_GRP 35 /* no password or PATH override for these */
#define I_PASSPROMPT 36 /* password prompt */
#define I_RUNAS_DEF 37 /* default user to run commands as */
#define I_SECURE_PATH 38 /* set $PATH to this if not NULL */
/*
* Indexes into sudo_inttable
* Macros for accessing sudo_defs_table.
*/
#define I_FLAGS 0 /* various flags, as listed above */
#define I_LOGFAC 1 /* syslog facility */
#define I_GOODPRI 2 /* syslog priority for successful auth */
#define I_BADPRI 3 /* syslog priority for unsuccessful auth */
#define I_LOGLEN 4 /* wrap log file line after N chars */
#define I_TS_TIMEOUT 5 /* timestamp stale after N minutes */
#define I_PW_TIMEOUT 6 /* exit if pass not entered in N minutes */
#define I_PW_TRIES 7 /* exit after N bad password tries */
#define I_UMASK 8 /* umask to use or 0777 to use user's */
/*
* Indexes into sudo_strtable
*/
#define I_LOGFILE 0 /* path to logfile (or NULL for none) */
#define I_MAILERPATH 1 /* path to sendmail or other mailer */
#define I_MAILERARGS 2 /* flags to pass to the mailer */
#define I_ALERTMAIL 3 /* who to send bitch mail to */
#define I_MAILSUB 4 /* subject line of mail msg */
#define I_BADPASS_MSG 5 /* what to say when passwd is wrong */
#define I_TIMESTAMPDIR 6 /* path to timestamp dir */
#define I_EXEMPT_GRP 7 /* no password or PATH override for these */
#define I_PASSPROMPT 8 /* password prompt */
#define I_RUNAS_DEF 9 /* default user to run commands as */
#define I_SECURE_PATH 10 /* set $PATH to this if not NULL */
#define SUDO_INTTABLE_LAST 9
#define SUDO_STRTABLE_LAST 11
#define sudo_flag_set(_f) (sudo_inttable[I_FLAGS] & (_f))
extern unsigned int sudo_inttable[SUDO_INTTABLE_LAST];
extern char *sudo_strtable[SUDO_STRTABLE_LAST];
#define def_flag(_i) (sudo_defs_table[(_i)].sd_un.flag)
#define def_ival(_i) (sudo_defs_table[(_i)].sd_un.ival)
#define def_str(_i) (sudo_defs_table[(_i)].sd_un.str)
#define def_mode(_i) (sudo_defs_table[(_i)].sd_un.mode)
/*
* Prototypes
@@ -115,4 +135,6 @@ int set_default __P((char *, char *, int));
void init_defaults __P((void));
void list_options __P((void));
extern struct sudo_defs_types sudo_defs_table[];
#endif /* _SUDO_DEFAULTS_H */

8
find_path.c
View File

@@ -72,7 +72,7 @@ static const char rcsid[] = "$Sudo$";
* stores it in a statically allocated array, filling in a pointer
* to the array. Returns FOUND if the command was found, NOT_FOUND
* if it was not found, or NOT_FOUND_DOT if it would have been found
* but it is in '.' and FL_IGNORE_DOT is set.
* but it is in '.' and IGNORE_DOT is set.
*/
int
find_path(infile, outfile)
@@ -108,8 +108,8 @@ find_path(infile, outfile)
* Grab PATH out of the environment (or from the string table
* if SECURE_PATH is in effect) and make a local copy.
*/
if (sudo_strtable[I_SECURE_PATH])
path = sudo_strtable[I_SECURE_PATH];
if (def_str(I_SECURE_PATH))
path = def_str(I_SECURE_PATH);
else if ((path = getenv("PATH")) == NULL)
return(NOT_FOUND);
path = estrdup(path);
@@ -150,7 +150,7 @@ find_path(infile, outfile)
*/
if (!result && checkdot) {
result = sudo_goodpath(infile);
if (result && sudo_flag_set(FL_IGNORE_DOT))
if (result && def_flag(I_IGNORE_DOT))
return(NOT_FOUND_DOT);
}

4
getspwuid.c
View File

@@ -144,9 +144,9 @@ sudo_getepw(pw)
spw = getprpwnam(pw->pw_name);
if (spw != NULL && spw->ufld.fd_encrypt != NULL) {
# ifdef __alpha
# ifdef __alpha
crypt_type = spw->ufld.fd_oldcrypt;
# endif /* __alpha */
# endif /* __alpha */
return(spw->ufld.fd_encrypt);
}
}

93
logging.c
View File

@@ -154,32 +154,32 @@ do_logfile(msg)
char *beg, *oldend, *end;
FILE *fp;
mode_t oldmask;
int maxlen = sudo_inttable[I_LOGLEN];
int maxlen = def_ival(I_LOGLEN);
oldmask = umask(077);
fp = fopen(sudo_strtable[I_LOGFILE], "a");
fp = fopen(def_str(I_LOGFILE), "a");
(void) umask(oldmask);
if (fp == NULL) {
easprintf(&full_line, "Can't open log file: %s: %s",
sudo_strtable[I_LOGFILE], strerror(errno));
def_str(I_LOGFILE), strerror(errno));
send_mail(full_line);
free(full_line);
} else if (!lock_file(fileno(fp), SUDO_LOCK)) {
easprintf(&full_line, "Can't lock log file: %s: %s",
sudo_strtable[I_LOGFILE], strerror(errno));
def_str(I_LOGFILE), strerror(errno));
send_mail(full_line);
free(full_line);
} else {
if (sudo_inttable[I_LOGLEN] == 0) {
if (def_ival(I_LOGLEN) == 0) {
/* Don't pretty-print long log file lines (hard to grep) */
if (sudo_flag_set(FL_LOG_HOST))
if (def_flag(I_LOG_HOST))
(void) fprintf(fp, "%s : %s : HOST=%s : %s\n", get_timestr(),
user_name, user_shost, msg);
else
(void) fprintf(fp, "%s : %s : %s\n", get_timestr(),
user_name, msg);
} else {
if (sudo_flag_set(FL_LOG_HOST))
if (def_flag(I_LOG_HOST))
easprintf(&full_line, "%s : %s : HOST=%s : %s", get_timestr(),
user_name, user_shost, msg);
else
@@ -255,9 +255,9 @@ log_auth(status, inform_user)
int pri;
if (status & VALIDATE_OK)
pri = PRI_SUCCESS;
pri = def_ival(I_GOODPRI);
else
pri = PRI_FAILURE;
pri = def_ival(I_BADPRI);
/* Set error message, if any. */
if (status & VALIDATE_OK)
@@ -298,9 +298,9 @@ log_auth(status, inform_user)
/*
* Log via syslog and/or a file.
*/
if (sudo_inttable[I_LOGFAC] != (unsigned int)-1)
if (def_str(I_LOGFACSTR))
do_syslog(pri, logline);
if (sudo_strtable[I_LOGFILE])
if (def_str(I_LOGFILE))
do_logfile(logline);
free(logline);
@@ -379,9 +379,9 @@ log_error(va_alist)
/*
* Log to syslog and/or a file.
*/
if (sudo_inttable[I_LOGFAC] != (unsigned int)-1)
do_syslog(PRI_FAILURE, logline);
if (sudo_strtable[I_LOGFILE])
if (def_str(I_LOGFACSTR))
do_syslog(def_ival(I_BADPRI), logline);
if (def_str(I_LOGFILE))
do_logfile(logline);
free(logline);
@@ -389,8 +389,10 @@ log_error(va_alist)
free(message);
}
#define MAX_MAILFLAGS 63
/*
* Send a message to ALERTMAIL
* Send a message to MAILTO user
*/
static void
send_mail(line)
@@ -401,7 +403,7 @@ send_mail(line)
int pfd[2], pid;
/* Just return if mailer is disabled. */
if (!sudo_strtable[I_MAILERPATH])
if (!def_str(I_MAILERPATH) || !def_str(I_MAILTO))
return;
if ((pid = fork()) > 0) { /* Child. */
@@ -425,15 +427,37 @@ send_mail(line)
exit(1);
break;
case 0:
/* Grandchild. */
(void) close(pfd[1]);
(void) dup2(pfd[0], STDIN_FILENO);
(void) close(pfd[0]);
{
char *argv[MAX_MAILFLAGS + 1];
char *mpath, *mflags;
int i;
/* Run sendmail as root so user cannot kill it. */
set_perms(PERM_ROOT, 0);
execl(_PATH_SENDMAIL, "sendmail", "-t", NULL);
_exit(127);
/* Grandchild. */
(void) close(pfd[1]);
(void) dup2(pfd[0], STDIN_FILENO);
(void) close(pfd[0]);
/* Build up an argv based the mailer path and flags */
mflags = estrdup(def_str(I_MAILERFLAGS));
mpath = estrdup(def_str(I_MAILERPATH));
if ((argv[0] = strrchr(mpath, ' ')))
argv[0]++;
else
argv[0] = mpath;
i = 1;
if ((p = strtok(mflags, " \t"))) {
do {
argv[i] = p;
} while (++i < MAX_MAILFLAGS && (p = strtok(NULL, " \t")));
}
argv[i] = NULL;
/* Run mailer as root so user cannot kill it. */
set_perms(PERM_ROOT, 0);
execv(mpath, argv);
_exit(127);
}
break;
}
@@ -442,8 +466,8 @@ send_mail(line)
/* Pipes are all setup, send message via sendmail. */
(void) fprintf(mail, "To: %s\nFrom: %s\nSubject: ",
sudo_strtable[I_ALERTMAIL], user_name);
for (p = sudo_strtable[I_MAILSUB]; *p; p++) {
def_str(I_MAILTO), user_name);
for (p = def_str(I_MAILSUB); *p; p++) {
/* Expand escapes in the subject */
if (*p == '%' && *(p+1) != '%') {
switch (*(++p)) {
@@ -486,16 +510,16 @@ mail_auth(status, line)
int mail_mask;
/* If any of these bits are set in status, we send mail. */
if (sudo_flag_set(FL_MAIL_ALWAYS))
if (def_flag(I_MAIL_ALWAYS))
mail_mask =
VALIDATE_ERROR|VALIDATE_OK|FLAG_NO_USER|FLAG_NO_HOST|VALIDATE_NOT_OK;
else {
mail_mask = VALIDATE_ERROR;
if (sudo_flag_set(FL_MAIL_IF_NOUSER))
if (def_flag(I_MAIL_IF_NOUSER))
mail_mask |= FLAG_NO_USER;
if (sudo_flag_set(FL_MAIL_IF_NOHOST))
if (def_flag(I_MAIL_IF_NOHOST))
mail_mask |= FLAG_NO_HOST;
if (sudo_flag_set(FL_MAIL_IF_NOPERMS))
if (def_flag(I_MAIL_IF_NOPERMS))
mail_mask |= VALIDATE_NOT_OK;
}
@@ -538,24 +562,23 @@ get_timestr()
struct tm *timeptr;
timeptr = localtime(&now);
if (sudo_flag_set(FL_LOG_YEAR))
if (def_flag(I_LOG_YEAR))
s = "%h %e %T %Y";
else
s = "%h %e %T";
/* strftime() does not guarantee to NUL-terminate so we must check. */
buf[sizeof(buf) - 1] = '\0';
if (strftime(buf, sizeof(buf), s, timeptr) && !buf[sizeof(buf) - 1])
if (strftime(buf, sizeof(buf), s, timeptr) && buf[sizeof(buf) - 1] == '\0')
return(buf);
#else
#endif /* HAVE_STRFTIME */
s = ctime(&now) + 4; /* skip day of the week */
if (sudo_flag_set(FL_LOG_YEAR))
if (def_flag(I_LOG_YEAR))
s[20] = '\0'; /* avoid the newline */
else
s[15] = '\0'; /* don't care about year */
return(s);
#endif /* HAVE_STRFTIME */
}

12
parse.yacc
View File

@@ -115,7 +115,7 @@ int top = 0, stacksize = 0;
match[top].cmnd = -1; \
match[top].host = -1; \
match[top].runas = -1; \
match[top].nopass = sudo_flag_set(FL_AUTHENTICATE) ? -1 : TRUE; \
match[top].nopass = def_flag(I_AUTHENTICATE) ? -1 : TRUE; \
top++; \
} while (0)
@@ -324,7 +324,7 @@ privilege : hostlist '=' cmndspeclist {
*/
host_matches = -1;
runas_matches = -1;
if (sudo_flag_set(FL_AUTHENTICATE))
if (def_flag(I_AUTHENTICATE))
no_passwd = -1;
else
no_passwd = TRUE;
@@ -460,7 +460,7 @@ runasspec : /* empty */ {
*/
if (runas_matches == -1)
runas_matches = (strcmp(*user_runas,
sudo_strtable[I_RUNAS_DEF]) == 0);
def_str(I_RUNAS_DEF)) == 0);
}
| RUNAS runaslist { ; }
;
@@ -996,13 +996,13 @@ list_matches()
} while ((p = strtok(NULL, ", ")));
(void) fputs(") ", stdout);
} else {
(void) printf("(%s) ", sudo_strtable[I_RUNAS_DEF]);
(void) printf("(%s) ", def_str(I_RUNAS_DEF));
}
/* Is a password required? */
if (cm_list[i].nopasswd == TRUE && sudo_flag_set(FL_AUTHENTICATE))
if (cm_list[i].nopasswd == TRUE && def_flag(I_AUTHENTICATE))
(void) fputs("NOPASSWD: ", stdout);
else if (cm_list[i].nopasswd == FALSE && !sudo_flag_set(FL_AUTHENTICATE))
else if (cm_list[i].nopasswd == FALSE && !def_flag(I_AUTHENTICATE))
(void) fputs("PASSWD: ", stdout);
/* Print the actual command or expanded Cmnd_Alias. */

26
sudo.c
View File

@@ -229,9 +229,9 @@ main(argc, argv)
init_defaults();
/* Initialize syslog(3) if we are using it. */
if (sudo_inttable[I_LOGFAC] != (unsigned int)-1) {
if (def_str(I_LOGFACSTR)) {
#ifdef LOG_NFACILITIES
openlog("sudo", 0, sudo_inttable[I_LOGFAC]);
openlog("sudo", 0, def_ival(I_LOGFAC));
#else
openlog("sudo", 0);
#endif /* LOG_NFACILITIES */
@@ -298,7 +298,7 @@ main(argc, argv)
errorlineno);
/* Is root even allowed to run sudo? */
if (getuid() == 0 && !sudo_flag_set(FL_ROOT_SUDO)) {
if (getuid() == 0 && !def_flag(I_ROOT_SUDO)) {
(void) fputs("You are already root, you don't need to use sudo.\n",
stderr);
exit(1);
@@ -342,7 +342,7 @@ main(argc, argv)
"please report this error to sudo-bugs@courtesan.com");
}
if (sudo_inttable[I_LOGFAC] != (unsigned int)-1)
if (def_ival(I_LOGFACSTR))
closelog();
/* Reset signal mask before we exec. */
@@ -353,12 +353,12 @@ main(argc, argv)
#endif /* POSIX_SIGNALS */
/* Override user's umask if configured to do so. */
if (sudo_inttable[I_UMASK] != 0777)
(void) umask((mode_t)sudo_inttable[I_UMASK]);
if (def_ival(I_UMASK) != 0777)
(void) umask(def_mode(I_UMASK));
/* Replace the PATH envariable with a secure one. */
if (sudo_strtable[I_SECURE_PATH] && !user_is_exempt())
if (sudo_setenv("PATH", sudo_strtable[I_SECURE_PATH])) {
if (def_str(I_SECURE_PATH) && !user_is_exempt())
if (sudo_setenv("PATH", def_str(I_SECURE_PATH))) {
(void) fprintf(stderr, "%s: cannot allocate memory!\n",
Argv[0]);
exit(1);
@@ -382,7 +382,7 @@ main(argc, argv)
log_auth(validated, 1);
exit(1);
} else if (validated & VALIDATE_NOT_OK) {
if (sudo_flag_set(FL_PATH_INFO)) {
if (def_flag(I_PATH_INFO)) {
/*
* We'd like to not leak path info at all here, but that can
* *really* confuse the users. To really close the leak we'd
@@ -448,7 +448,7 @@ init_vars(sudo_mode)
log_error(USE_ERRNO|MSG_ONLY, "can't get hostname");
} else
user_host = estrdup(thost);
if (sudo_flag_set(FL_FQDN)) {
if (def_flag(I_FQDN)) {
if (!(hp = gethostbyname(user_host))) {
log_error(USE_ERRNO|MSG_ONLY|NO_EXIT,
"unable to lookup %s via gethostbyname()", user_host);
@@ -556,7 +556,7 @@ parse_args()
NewArgc = Argc - 1;
if (Argc < 2) { /* no options and no command */
if (!sudo_flag_set(FL_SHELL_NOARGS))
if (!def_flag(I_SHELL_NOARGS))
usage(1);
rval |= MODE_SHELL;
return(rval);
@@ -652,7 +652,7 @@ parse_args()
break;
case 's':
rval |= MODE_SHELL;
if (sudo_flag_set(FL_SET_HOME))
if (def_flag(I_SET_HOME))
rval |= MODE_RESET_HOME;
break;
case 'H':
@@ -661,7 +661,7 @@ parse_args()
case '-':
NewArgc--;
NewArgv++;
if (sudo_flag_set(FL_SHELL_NOARGS) && rval == MODE_RUN)
if (def_flag(I_SHELL_NOARGS) && rval == MODE_RUN)
rval |= MODE_SHELL;
return(rval);
case '\0':

12
sudo.tab.c
View File

@@ -133,7 +133,7 @@ int top = 0, stacksize = 0;
match[top].cmnd = -1; \
match[top].host = -1; \
match[top].runas = -1; \
match[top].nopass = sudo_flag_set(FL_AUTHENTICATE) ? -1 : TRUE; \
match[top].nopass = def_flag(I_AUTHENTICATE) ? -1 : TRUE; \
top++; \
} while (0)
@@ -763,13 +763,13 @@ list_matches()
} while ((p = strtok(NULL, ", ")));
(void) fputs(") ", stdout);
} else {
(void) printf("(%s) ", sudo_strtable[I_RUNAS_DEF]);
(void) printf("(%s) ", def_str(I_RUNAS_DEF));
}
/* Is a password required? */
if (cm_list[i].nopasswd == TRUE && sudo_flag_set(FL_AUTHENTICATE))
if (cm_list[i].nopasswd == TRUE && def_flag(I_AUTHENTICATE))
(void) fputs("NOPASSWD: ", stdout);
else if (cm_list[i].nopasswd == FALSE && !sudo_flag_set(FL_AUTHENTICATE))
else if (cm_list[i].nopasswd == FALSE && !def_flag(I_AUTHENTICATE))
(void) fputs("PASSWD: ", stdout);
/* Print the actual command or expanded Cmnd_Alias. */
@@ -1216,7 +1216,7 @@ case 25:
*/
host_matches = -1;
runas_matches = -1;
if (sudo_flag_set(FL_AUTHENTICATE))
if (def_flag(I_AUTHENTICATE))
no_passwd = -1;
else
no_passwd = TRUE;
@@ -1379,7 +1379,7 @@ case 40:
*/
if (runas_matches == -1)
runas_matches = (strcmp(*user_runas,
sudo_strtable[I_RUNAS_DEF]) == 0);
def_str(I_RUNAS_DEF)) == 0);
}
break;
case 41: