isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Move sudoers JSON conversion to cvtsudoers which will eventually

Browse Source 
output to other formats too.
This commit is contained in:
Todd C. Miller
2018-01-26 11:20:37 -07:00
parent bcfb092a4e
commit 80cb1b5da9
12 changed files with 665 additions and 171 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
MANIFEST
View File

@@ -20,6 +20,9 @@ doc/LICENSE
doc/Makefile.in
doc/TROUBLESHOOTING
doc/UPGRADE
doc/cvtsudoers.cat
doc/cvtsudoers.man.in
doc/cvtsudoers.mdoc.in
doc/fixman.sh
doc/fixmdoc.sh
doc/schema.ActiveDirectory
@@ -261,6 +264,8 @@ plugins/sudoers/bsm_audit.c
plugins/sudoers/bsm_audit.h
plugins/sudoers/check.c
plugins/sudoers/check.h
plugins/sudoers/cvtsudoers.c
plugins/sudoers/cvtsudoers_json.c
plugins/sudoers/def_data.c
plugins/sudoers/def_data.h
plugins/sudoers/def_data.in
@@ -546,7 +551,6 @@ plugins/sudoers/tsdump.c
plugins/sudoers/tsgetgrpw.c
plugins/sudoers/tsgetgrpw.h
plugins/sudoers/visudo.c
plugins/sudoers/visudo_json.c
plugins/system_group/Makefile.in
plugins/system_group/system_group.c
plugins/system_group/system_group.exp

29
doc/Makefile.in
View File

@@ -1,5 +1,5 @@
#
# Copyright (c) 2010-2015, 2017 Todd C. Miller <Todd.Miller@sudo.ws>
# Copyright (c) 2010-2015, 2017-2018 Todd C. Miller <Todd.Miller@sudo.ws>
#
# Permission to use, copy, modify, and distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
@@ -71,7 +71,8 @@ DOCS = $(mansrcdir)/sudo.$(mantype) $(mansrcdir)/visudo.$(mantype) \
$(mansrcdir)/sudo.conf.$(mantype) $(mansrcdir)/sudoers.$(mantype) \
$(mansrcdir)/sudoers.ldap.$(mantype) $(mansrcdir)/sudoers.$(mantype) \
$(mansrcdir)/sudoers_timestamp.$(mantype) \
$(mansrcdir)/sudoreplay.$(mantype) $(mansrcdir)/sudo_plugin.$(mantype)
$(mansrcdir)/cvtsudoers.$(mantype) $(mansrcdir)/sudoreplay.$(mantype) \
$(mansrcdir)/sudo_plugin.$(mantype)
DEVDOCS = $(srcdir)/sudo.man.in $(srcdir)/sudo.cat \
$(srcdir)/visudo.man.in $(srcdir)/visudo.cat \
@@ -80,6 +81,7 @@ DEVDOCS = $(srcdir)/sudo.man.in $(srcdir)/sudo.cat \
$(srcdir)/sudoers.ldap.man.in $(srcdir)/sudoers.ldap.cat \
$(srcdir)/sudoers.man.in $(srcdir)/sudoers.cat \
$(srcdir)/sudoers_timestamp.man.in $(srcdir)/sudoers_timestamp.cat \
$(srcdir)/cvtsudoers.man.in $(srcdir)/cvtsudoers.cat \
$(srcdir)/sudoreplay.man.in $(srcdir)/sudoreplay.cat \
$(srcdir)/sudo_plugin.man.in $(srcdir)/sudo_plugin.cat
@@ -266,6 +268,29 @@ $(srcdir)/sudoers_timestamp.cat: varsub $(srcdir)/sudoers_timestamp.mdoc.in
$(SED) -f varsub $(srcdir)/sudoers_timestamp.mdoc.in | $(MANDOC) -Tascii -mdoc | $(SED) -e 's/ OpenBSD \([^ ].* \)/ \1 /' -e 's/(5)/(4)/g' -e 's/(8)/(1m)/g' > $@; \
fi
$(srcdir)/cvtsudoers.man.in: $(srcdir)/cvtsudoers.mdoc.in
@if [ -n "$(DEVEL)" ]; then \
echo "Generating $@"; \
mansectsu=`echo @MANSECTSU@|$(TR) A-Z a-z`; \
mansectform=`echo @MANSECTFORM@|$(TR) A-Z a-z`; \
printf '.\\" DO NOT EDIT THIS FILE, IT IS NOT THE MASTER!\n' > $@; \
printf '.\\" IT IS GENERATED AUTOMATICALLY FROM cvtsudoers.mdoc.in\n' >> $@; \
$(SED) -n -e '/^.Dd/q' -e '/^\.\\/p' $(srcdir)/cvtsudoers.mdoc.in >> $@; \
$(SED) -e "s/$$mansectsu/8/g" -e "s/$$mansectform/5/g" $(srcdir)/cvtsudoers.mdoc.in | $(MANDOC) -Tman | $(SED) -e 's/^\(\.TH "SUDOREPLAY" \)"8"\(.*"\)OpenBSD \(.*\)/\1"'$$mansectsu'"\2\3/' -e "s/(5)/($$mansectform)/g" -e "s/(8)/($$mansectsu)/g" >> $@; \
fi
$(mansrcdir)/cvtsudoers.man: $(top_builddir)/config.status $(srcdir)/cvtsudoers.man.in
cd $(top_builddir) && $(SHELL) config.status --file=doc/$@
$(mansrcdir)/cvtsudoers.mdoc: $(top_builddir)/config.status $(srcdir)/cvtsudoers.mdoc.in
cd $(top_builddir) && $(SHELL) config.status --file=doc/$@
$(srcdir)/cvtsudoers.cat: varsub $(srcdir)/cvtsudoers.mdoc.in
@if [ -n "$(DEVEL)" ]; then \
echo "Generating $@"; \
$(SED) -f varsub $(srcdir)/cvtsudoers.mdoc.in | $(MANDOC) -Tascii -mdoc | $(SED) -e 's/ OpenBSD \([^ ].* \)/ \1 /' -e 's/(5)/(4)/g' -e 's/(8)/(1m)/g' > $@; \
fi
$(srcdir)/sudoreplay.man.in: $(srcdir)/sudoreplay.mdoc.in
@if [ -n "$(DEVEL)" ]; then \
echo "Generating $@"; \

66
doc/cvtsudoers.cat Normal file
View File

@@ -0,0 +1,66 @@
CVTSUDOERS(1m) System Manager's Manual CVTSUDOERS(1m)
NNAAMMEE
ccvvttssuuddooeerrss - convert between sudoers file formats
SSYYNNOOPPSSIISS
ccvvttssuuddooeerrss [--hhVV] [--ff _f_o_r_m_a_t] [--oo _o_u_t_p_u_t___f_i_l_e] [_s_u_d_o_e_r_s___f_i_l_e]
DDEESSCCRRIIPPTTIIOONN
ccvvttssuuddooeerrss can be used to convert a policy file in _s_u_d_o_e_r_s format to
other formats. The default output format is JSON.
If no _s_u_d_o_e_r_s___f_i_l_e is specified, or if it is `-', the policy is read from
the standard input. By default, the result is written to the standard
output.
The options are as follows:
--ff, ----ffoorrmmaatt
Specify the output format. Currently, JSON is the only
supported output format. The JSON format is intended to be
easier for third-party applications to parse than the
traditional _s_u_d_o_e_r_s format. The various values have explicit
types which removes much of the ambiguity of the _s_u_d_o_e_r_s
format.
--hh, ----hheellpp Display a short help message to the standard output and exit.
--oo _o_u_t_p_u_t___f_i_l_e, ----oouuttppuutt=_o_u_t_p_u_t___f_i_l_e
Write the converted output to _o_u_t_p_u_t___f_i_l_e. If no _o_u_t_p_u_t___f_i_l_e
is specified, or if it is `-', the converted _s_u_d_o_e_r_s policy
will be written to the standard output.
--VV, ----vveerrssiioonn
Print the ccvvttssuuddooeerrss and _s_u_d_o_e_r_s grammar versions and exit.
SSEEEE AALLSSOO
sudoers(4), sudo(1m)
AAUUTTHHOORRSS
Many people have worked on ssuuddoo over the years; this version consists of
code written primarily by:
Todd C. Miller
See the CONTRIBUTORS file in the ssuuddoo distribution
(https://www.sudo.ws/contributors.html) for an exhaustive list of people
who have contributed to ssuuddoo.
BBUUGGSS
If you feel you have found a bug in ccvvttssuuddooeerrss, please submit a bug
report at https://bugzilla.sudo.ws/
SSUUPPPPOORRTT
Limited free support is available via the sudo-users mailing list, see
https://www.sudo.ws/mailman/listinfo/sudo-users to subscribe or search
the archives.
DDIISSCCLLAAIIMMEERR
ccvvttssuuddooeerrss is provided "AS IS" and any express or implied warranties,
including, but not limited to, the implied warranties of merchantability
and fitness for a particular purpose are disclaimed. See the LICENSE
file distributed with ssuuddoo or https://www.sudo.ws/license.html for
complete details.
Sudo 1.8.22 January 25, 2018 Sudo 1.8.22

114
doc/cvtsudoers.man.in Normal file
View File

@@ -0,0 +1,114 @@
.\" DO NOT EDIT THIS FILE, IT IS NOT THE MASTER!
.\" IT IS GENERATED AUTOMATICALLY FROM cvtsudoers.mdoc.in
.\"
.\" Copyright (c) 2018 Todd C. Miller <Todd.Miller@sudo.ws>
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.TH "CVTSUDOERS" "8" "January 25, 2018" "Sudo @PACKAGE_VERSION@" "System Manager's Manual"
.nh
.if n .ad l
.SH "NAME"
\fBcvtsudoers\fR
\- convert between sudoers file formats
.SH "SYNOPSIS"
.HP 11n
\fBcvtsudoers\fR
[\fB\-hV\fR]
[\fB\-f\fR\ \fIformat\fR]
[\fB\-o\fR\ \fIoutput_file\fR]
[\fIsudoers_file\fR]
.SH "DESCRIPTION"
\fBcvtsudoers\fR
can be used to convert a policy file in
\fIsudoers\fR
format to other formats.
The default output format is JSON.
.PP
If no
\fIsudoers_file\fR
is specified, or if it is
\(oq-\(cq,
the policy is read from the standard input.
By default, the result is written to the standard output.
.PP
The options are as follows:
.TP 12n
\fB\-f\fR, \fB\--format\fR
Specify the output format.
Currently, JSON is the only supported output format.
The JSON format is intended to be easier for third-party
applications to parse than the traditional
\fIsudoers\fR
format.
The various values have explicit types which removes much of the
ambiguity of the
\fIsudoers\fR
format.
.TP 12n
\fB\-h\fR, \fB\--help\fR
Display a short help message to the standard output and exit.
.TP 12n
\fB\-o\fR \fIoutput_file\fR, \fB\--output\fR=\fIoutput_file\fR
Write the converted output to
\fIoutput_file\fR.
If no
\fIoutput_file\fR
is specified, or if it is
\(oq-\(cq,
the converted
\fIsudoers\fR
policy will be written to the standard output.
.TP 12n
\fB\-V\fR, \fB\--version\fR
Print the
\fBcvtsudoers\fR
and
\fIsudoers\fR
grammar versions and exit.
.SH "SEE ALSO"
sudoers(@mansectform@),
sudo(@mansectsu@)
.SH "AUTHORS"
Many people have worked on
\fBsudo\fR
over the years; this version consists of code written primarily by:
.sp
.RS 6n
Todd C. Miller
.RE
.PP
See the CONTRIBUTORS file in the
\fBsudo\fR
distribution (https://www.sudo.ws/contributors.html) for an
exhaustive list of people who have contributed to
\fBsudo\fR.
.SH "BUGS"
If you feel you have found a bug in
\fBcvtsudoers\fR,
please submit a bug report at https://bugzilla.sudo.ws/
.SH "SUPPORT"
Limited free support is available via the sudo-users mailing list,
see https://www.sudo.ws/mailman/listinfo/sudo-users to subscribe or
search the archives.
.SH "DISCLAIMER"
\fBcvtsudoers\fR
is provided
\(LqAS IS\(Rq
and any express or implied warranties, including, but not limited
to, the implied warranties of merchantability and fitness for a
particular purpose are disclaimed.
See the LICENSE file distributed with
\fBsudo\fR
or https://www.sudo.ws/license.html for complete details.

109
doc/cvtsudoers.mdoc.in Normal file
View File

@@ -0,0 +1,109 @@
.\"
.\" Copyright (c) 2018 Todd C. Miller <Todd.Miller@sudo.ws>
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd January 25, 2018
.Dt CVTSUDOERS @mansectsu@
.Os Sudo @PACKAGE_VERSION@
.Sh NAME
.Nm cvtsudoers
.Nd convert between sudoers file formats
.Sh SYNOPSIS
.Nm cvtsudoers
.Op Fl hV
.Op Fl f Ar format
.Op Fl o Ar output_file
.Op Ar sudoers_file
.Sh DESCRIPTION
.Nm
can be used to convert a policy file in
.Em sudoers
format to other formats.
The default output format is JSON.
.Pp
If no
.Ar sudoers_file
is specified, or if it is
.Ql - ,
the policy is read from the standard input.
By default, the result is written to the standard output.
.Pp
The options are as follows:
.Bl -tag -width Fl
.It Fl f , -format
Specify the output format.
Currently, JSON is the only supported output format.
The JSON format is intended to be easier for third-party
applications to parse than the traditional
.Em sudoers
format.
The various values have explicit types which removes much of the
ambiguity of the
.Em sudoers
format.
.It Fl h , -help
Display a short help message to the standard output and exit.
.It Fl o Ar output_file , Fl -output Ns = Ns Ar output_file
Write the converted output to
.Ar output_file .
If no
.Ar output_file
is specified, or if it is
.Ql - ,
the converted
.Em sudoers
policy will be written to the standard output.
.It Fl V , -version
Print the
.Nm
and
.Em sudoers
grammar versions and exit.
.El
.El
.Sh SEE ALSO
.Xr sudoers @mansectform@ ,
.Xr sudo @mansectsu@
.Sh AUTHORS
Many people have worked on
.Nm sudo
over the years; this version consists of code written primarily by:
.Bd -ragged -offset indent
.An Todd C. Miller
.Ed
.Pp
See the CONTRIBUTORS file in the
.Nm sudo
distribution (https://www.sudo.ws/contributors.html) for an
exhaustive list of people who have contributed to
.Nm sudo .
.Sh BUGS
If you feel you have found a bug in
.Nm ,
please submit a bug report at https://bugzilla.sudo.ws/
.Sh SUPPORT
Limited free support is available via the sudo-users mailing list,
see https://www.sudo.ws/mailman/listinfo/sudo-users to subscribe or
search the archives.
.Sh DISCLAIMER
.Nm
is provided
.Dq AS IS
and any express or implied warranties, including, but not limited
to, the implied warranties of merchantability and fitness for a
particular purpose are disclaimed.
See the LICENSE file distributed with
.Nm sudo
or https://www.sudo.ws/license.html for complete details.

19
doc/visudo.cat
View File

@@ -4,7 +4,7 @@ NNAAMMEE
vviissuuddoo - edit the sudoers file
SSYYNNOOPPSSIISS
vviissuuddoo [--cchhqqssVV] [--ff _s_u_d_o_e_r_s] [--xx _o_u_t_p_u_t___f_i_l_e]
vviissuuddoo [--cchhqqssVV] [--ff _s_u_d_o_e_r_s]
DDEESSCCRRIIPPTTIIOONN
vviissuuddoo edits the _s_u_d_o_e_r_s file in a safe fashion, analogous to vipw(1m).
@@ -95,17 +95,6 @@ DDEESSCCRRIIPPTTIIOONN
--VV, ----vveerrssiioonn
Print the vviissuuddoo and _s_u_d_o_e_r_s grammar versions and exit.
--xx _o_u_t_p_u_t___f_i_l_e, ----eexxppoorrtt=_o_u_t_p_u_t___f_i_l_e
Export a _s_u_d_o_e_r_s in JSON format and write it to _o_u_t_p_u_t___f_i_l_e.
If _o_u_t_p_u_t___f_i_l_e is `-', the exported _s_u_d_o_e_r_s policy will be
written to the standard output. By default, _/_e_t_c_/_s_u_d_o_e_r_s
(and any files it includes) will be exported. The --ff option
can be used to specify a different _s_u_d_o_e_r_s file to export.
The exported format is intended to be easier for third-party
applications to parse than the traditional _s_u_d_o_e_r_s format.
The various values have explicit types which removes much of
the ambiguity of the _s_u_d_o_e_r_s format.
DDeebbuuggggiinngg aanndd ssuuddooeerrss pplluuggiinn aarrgguummeennttss
vviissuuddoo versions 1.8.4 and higher support a flexible debugging framework
that is configured via Debug lines in the sudo.conf(4) file.
@@ -200,10 +189,6 @@ DDIIAAGGNNOOSSTTIICCSS
The _s_u_d_o_e_r_s file contains a Defaults setting not recognized by
vviissuuddoo.
/etc/sudoers: input and output files must be different
The --xx flag was used and the specified _o_u_t_p_u_t___f_i_l_e has the same
path name as the _s_u_d_o_e_r_s file to export.
SSEEEE AALLSSOO
vi(1), sudo.conf(4), sudoers(4), sudo(1m), vipw(1m)
@@ -237,4 +222,4 @@ DDIISSCCLLAAIIMMEERR
file distributed with ssuuddoo or https://www.sudo.ws/license.html for
complete details.
Sudo 1.8.22 December 21, 2017 Sudo 1.8.22
Sudo 1.8.22 January 26, 2018 Sudo 1.8.22

43
doc/visudo.man.in
View File

@@ -1,7 +1,7 @@
.\" DO NOT EDIT THIS FILE, IT IS NOT THE MASTER!
.\" IT IS GENERATED AUTOMATICALLY FROM visudo.mdoc.in
.\"
.\" Copyright (c) 1996,1998-2005, 2007-2017
.\" Copyright (c) 1996,1998-2005, 2007-2018
.\" Todd C. Miller <Todd.Miller@sudo.ws>
.\"
.\" Permission to use, copy, modify, and distribute this software for any
@@ -21,7 +21,7 @@
.\" Agency (DARPA) and Air Force Research Laboratory, Air Force
.\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
.\"
.TH "VISUDO" "8" "December 21, 2017" "Sudo @PACKAGE_VERSION@" "System Manager's Manual"
.TH "VISUDO" "8" "January 26, 2018" "Sudo @PACKAGE_VERSION@" "System Manager's Manual"
.nh
.if n .ad l
.SH "NAME"
@@ -32,7 +32,6 @@
\fBvisudo\fR
[\fB\-chqsV\fR]
[\fB\-f\fR\ \fIsudoers\fR]
[\fB\-x\fR\ \fIoutput_file\fR]
.SH "DESCRIPTION"
\fBvisudo\fR
edits the
@@ -256,35 +255,6 @@ Print the
and
\fIsudoers\fR
grammar versions and exit.
.TP 12n
\fB\-x\fR \fIoutput_file\fR, \fB\--export\fR=\fIoutput_file\fR
Export a
\fIsudoers\fR
in JSON format and write it to
\fIoutput_file\fR.
If
\fIoutput_file\fR
is
\(oq-\(cq,
the exported
\fIsudoers\fR
policy will be written to the standard output.
By default,
\fI@sysconfdir@/sudoers\fR
(and any files it includes) will be exported.
The
\fB\-f\fR
option can be used to specify a different
\fIsudoers\fR
file to export.
The exported format is intended to be easier for third-party
applications to parse than the traditional
\fIsudoers\fR
format.
The various values have explicit types which removes much of the
ambiguity of the
\fIsudoers\fR
format.
.SS "Debugging and sudoers plugin arguments"
\fBvisudo\fR
versions 1.8.4 and higher support a flexible debugging framework
@@ -453,15 +423,6 @@ file contains a
\fRDefaults\fR
setting not recognized by
\fBvisudo\fR.
.TP 6n
\fR@sysconfdir@/sudoers: input and output files must be different\fR
The
\fB\-x\fR
flag was used and the specified
\fIoutput_file\fR
has the same path name as the
\fIsudoers\fR
file to export.
.SH "SEE ALSO"
vi(1),
sudo.conf(@mansectform@),

41
doc/visudo.mdoc.in
View File

@@ -1,5 +1,5 @@
.\"
.\" Copyright (c) 1996,1998-2005, 2007-2017
.\" Copyright (c) 1996,1998-2005, 2007-2018
.\" Todd C. Miller <Todd.Miller@sudo.ws>
.\"
.\" Permission to use, copy, modify, and distribute this software for any
@@ -19,7 +19,7 @@
.\" Agency (DARPA) and Air Force Research Laboratory, Air Force
.\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
.\"
.Dd December 21, 2017
.Dd January 26, 2018
.Dt VISUDO @mansectsu@
.Os Sudo @PACKAGE_VERSION@
.Sh NAME
@@ -29,7 +29,6 @@
.Nm visudo
.Op Fl chqsV
.Op Fl f Ar sudoers
.Op Fl x Ar output_file
.Sh DESCRIPTION
.Nm
edits the
@@ -248,34 +247,6 @@ Print the
and
.Em sudoers
grammar versions and exit.
.It Fl x Ar output_file , Fl -export Ns = Ns Ar output_file
Export a
.Em sudoers
in JSON format and write it to
.Ar output_file .
If
.Ar output_file
is
.Ql - ,
the exported
.Em sudoers
policy will be written to the standard output.
By default,
.Pa @sysconfdir@/sudoers
(and any files it includes) will be exported.
The
.Fl f
option can be used to specify a different
.Em sudoers
file to export.
The exported format is intended to be easier for third-party
applications to parse than the traditional
.Em sudoers
format.
The various values have explicit types which removes much of the
ambiguity of the
.Em sudoers
format.
.El
.Ss Debugging and sudoers plugin arguments
.Nm
@@ -433,14 +404,6 @@ file contains a
.Li Defaults
setting not recognized by
.Nm .
.It Li @sysconfdir@/sudoers: input and output files must be different
The
.Fl x
flag was used and the specified
.Ar output_file
has the same path name as the
.Em sudoers
file to export.
.El
.Sh SEE ALSO
.Xr vi 1 ,

71
plugins/sudoers/Makefile.in
View File

@@ -57,6 +57,7 @@ NET_LIBS = @NET_LIBS@
SUDOERS_LIBS = @SUDOERS_LIBS@ @AFS_LIBS@ @GETGROUPS_LIB@ $(LIBS) $(NET_LIBS) @ZLIB@ @LIBMD@
REPLAY_LIBS = @REPLAY_LIBS@ @ZLIB@
VISUDO_LIBS = $(NET_LIBS) @LIBMD@
CVTSUDOERS_LIBS = $(NET_LIBS) @LIBMD@
TESTSUDOERS_LIBS = $(NET_LIBS) @LIBMD@
# C preprocessor defines
@@ -121,12 +122,6 @@ plugindir = @PLUGINDIR@
# Directory in which to install the sudoers file
sudoersdir = $(sysconfdir)
# Directory in which to install sudoreplay.
replaydir = $(bindir)
# Directory in which to install visudo
visudodir = $(sbindir)
# User and group ids the installed files should be "owned" by
install_uid = 0
install_gid = 0
@@ -143,7 +138,7 @@ DEVEL = @DEVEL@
SHELL = @SHELL@
PROGS = sudoers.la visudo sudoreplay testsudoers
PROGS = sudoers.la visudo sudoreplay cvtsudoers testsudoers
TEST_PROGS = check_addr check_base64 check_digest check_env_pattern \
check_fill check_gentime check_hexchar check_iolog_path \
@@ -164,8 +159,9 @@ SUDOERS_OBJS = $(AUTH_OBJS) boottime.lo check.lo editor.lo env.lo \
set_perms.lo starttime.lo sudo_nss.lo sudoers.lo \
timestamp.lo @SUDOERS_OBJS@
VISUDO_OBJS = editor.o find_path.o goodpath.o locale.o sudo_printf.o visudo.o \
visudo_json.o
VISUDO_OBJS = editor.o find_path.o goodpath.o locale.o sudo_printf.o visudo.o
CVTSUDOERS_OBJS = cvtsudoers.o cvtsudoers_json.o locale.o sudo_printf.o
REPLAY_OBJS = getdate.o sudoreplay.o
@@ -241,6 +237,9 @@ sudoers.la: $(SUDOERS_OBJS) $(LT_LIBS) libparsesudoers.la @LT_LDDEP@
visudo: libparsesudoers.la $(VISUDO_OBJS) $(LT_LIBS)
$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(VISUDO_OBJS) $(LDFLAGS) $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) libparsesudoers.la $(LIBS) $(VISUDO_LIBS)
cvtsudoers: libparsesudoers.la $(CVTSUDOERS_OBJS) $(LT_LIBS)
$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(CVTSUDOERS_OBJS) $(LDFLAGS) $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) libparsesudoers.la $(LIBS) $(CVTSUDOERS_LIBS)
sudoreplay: timestr.lo $(REPLAY_OBJS) $(LT_LIBS)
$(LIBTOOL) $(LTFLAGS) --mode=link $(CC) -o $@ $(REPLAY_OBJS) $(LDFLAGS) $(ASAN_LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) timestr.lo $(LIBS) $(REPLAY_LIBS)
@@ -339,7 +338,7 @@ install: install-plugin install-binaries install-sudoers install-doc
install-dirs:
$(SHELL) $(top_srcdir)/mkinstalldirs $(DESTDIR)$(plugindir) \
$(DESTDIR)$(visudodir) $(DESTDIR)$(replaydir) \
$(DESTDIR)$(sbindir) $(DESTDIR)$(bindir) \
$(DESTDIR)$(sudoersdir) $(DESTDIR)$(docdir) \
`echo $(DESTDIR)$(rundir)|$(SED) 's,/[^/]*$$,,'` \
`echo $(DESTDIR)$(vardir)|$(SED) 's,/[^/]*$$,,'`
@@ -347,9 +346,10 @@ install-dirs:
$(INSTALL) -d $(INSTALL_OWNER) -m 0711 $(DESTDIR)$(vardir)
$(INSTALL) -d $(INSTALL_OWNER) -m 0700 $(DESTDIR)$(vardir)/lectured
install-binaries: visudo sudoreplay install-dirs
INSTALL_BACKUP='$(INSTALL_BACKUP)' $(LIBTOOL) $(LTFLAGS) --mode=install $(INSTALL) $(INSTALL_OWNER) -m 0755 sudoreplay $(DESTDIR)$(replaydir)/sudoreplay
INSTALL_BACKUP='$(INSTALL_BACKUP)' $(LIBTOOL) $(LTFLAGS) --mode=install $(INSTALL) $(INSTALL_OWNER) -m 0755 visudo $(DESTDIR)$(visudodir)/visudo
install-binaries: cvtsudoers sudoreplay visudo install-dirs
INSTALL_BACKUP='$(INSTALL_BACKUP)' $(LIBTOOL) $(LTFLAGS) --mode=install $(INSTALL) $(INSTALL_OWNER) -m 0755 cvtsudoers $(DESTDIR)$(bindir)/cvtsudoers
INSTALL_BACKUP='$(INSTALL_BACKUP)' $(LIBTOOL) $(LTFLAGS) --mode=install $(INSTALL) $(INSTALL_OWNER) -m 0755 sudoreplay $(DESTDIR)$(bindir)/sudoreplay
INSTALL_BACKUP='$(INSTALL_BACKUP)' $(LIBTOOL) $(LTFLAGS) --mode=install $(INSTALL) $(INSTALL_OWNER) -m 0755 visudo $(DESTDIR)$(sbindir)/visudo
install-includes:
@@ -372,11 +372,13 @@ install-sudoers: install-dirs
uninstall:
-$(LIBTOOL) $(LTFLAGS) --mode=uninstall rm -f $(DESTDIR)$(plugindir)/sudoers.la
-rm -f $(DESTDIR)$(replaydir)/sudoreplay \
$(DESTDIR)$(visudodir)/visudo
-rm -f $(DESTDIR)$(bindir)/cvtsudoers \
$(DESTDIR)$(bindir)/sudoreplay
$(DESTDIR)$(sbindir)/visudo
-test -z "$(INSTALL_BACKUP)" || \
$(DESTDIR)$(replaydir)/sudoreplay$(INSTALL_BACKUP) \
$(DESTDIR)$(visudodir)/visudo$(INSTALL_BACKUP) \
$(DESTDIR)$(bindir)/cvtsudoers$(INSTALL_BACKUP) \
$(DESTDIR)$(bindir)/sudoreplay$(INSTALL_BACKUP) \
$(DESTDIR)$(sbindir)/visudo$(INSTALL_BACKUP) \
$(DESTDIR)$(plugindir)/sudoers.so$(INSTALL_BACKUP)
-cmp $(DESTDIR)$(sudoersdir)/sudoers $(DESTDIR)$(sudoersdir)/sudoers.dist >/dev/null && \
rm -f $(DESTDIR)$(sudoersdir)/sudoers
@@ -445,7 +447,7 @@ check: $(TEST_PROGS) visudo testsudoers
diff $$toke $(srcdir)/$$toke.ok || true; \
fi; \
total=`expr $$total + 1`; \
./visudo -f $$t -x - >$$json 2>/dev/null || true; \
./cvtsudoers -o $$json $$t 2>/dev/null || true; \
total=`expr $$total + 1`; \
if cmp $$json $(srcdir)/$$json.ok >/dev/null; then \
passed=`expr $$passed + 1`; \
@@ -680,6 +682,29 @@ check_wrap.o: $(srcdir)/regress/logging/check_wrap.c \
$(incdir)/sudo_fatal.h $(incdir)/sudo_plugin.h \
$(incdir)/sudo_util.h $(top_builddir)/config.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/regress/logging/check_wrap.c
cvtsudoers.o: $(srcdir)/cvtsudoers.c $(devdir)/def_data.h $(devdir)/gram.h \
$(incdir)/compat/getopt.h $(incdir)/compat/stdbool.h \
$(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
$(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
$(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
$(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
$(srcdir)/defaults.h $(srcdir)/interfaces.h $(srcdir)/logging.h \
$(srcdir)/parse.h $(srcdir)/redblack.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(srcdir)/sudoers_version.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/cvtsudoers.c
cvtsudoers_json.o: $(srcdir)/cvtsudoers_json.c $(devdir)/def_data.h \
$(devdir)/gram.h $(incdir)/compat/stdbool.h \
$(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
$(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
$(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
$(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
$(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/parse.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/cvtsudoers_json.c
dce.lo: $(authdir)/dce.c $(devdir)/def_data.h $(incdir)/compat/stdbool.h \
$(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
@@ -1278,13 +1303,3 @@ visudo.o: $(srcdir)/visudo.c $(devdir)/def_data.h $(devdir)/gram.h \
$(srcdir)/sudoers_version.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/visudo.c
visudo_json.o: $(srcdir)/visudo_json.c $(devdir)/def_data.h $(devdir)/gram.h \
$(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
$(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
$(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
$(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
$(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/visudo_json.c

274
plugins/sudoers/cvtsudoers.c Normal file
View File

@@ -0,0 +1,274 @@
/*
* Copyright (c) 2018 Todd C. Miller <Todd.Miller@sudo.ws>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/*
* Convert from sudoers format to other formats.
* Currently outputs to JSON
*/
#include <config.h>
#include <sys/types.h>
#include <stdio.h>
#include <stdlib.h>
#ifdef HAVE_STRING_H
# include <string.h>
#endif /* HAVE_STRING_H */
#ifdef HAVE_STRINGS_H
# include <strings.h>
#endif /* HAVE_STRINGS_H */
#include <unistd.h>
#include <fcntl.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include "sudoers.h"
#include "interfaces.h"
#include "parse.h"
#include "redblack.h"
#include "sudoers_version.h"
#include "sudo_conf.h"
#include <gram.h>
#ifdef HAVE_GETOPT_LONG
# include <getopt.h>
# else
# include "compat/getopt.h"
#endif /* HAVE_GETOPT_LONG */
extern bool export_sudoers(const char *, const char *);
/*
* Globals
*/
struct sudo_user sudo_user;
struct passwd *list_pw;
static const char short_opts[] = "f:ho:V";
static struct option long_opts[] = {
{ "format", required_argument, NULL, 'f' },
{ "help", no_argument, NULL, 'h' },
#ifdef notyet
{ "input-format", required_argument, NULL, 'i' },
#endif
{ "output", required_argument, NULL, 'o' },
{ "version", no_argument, NULL, 'V' },
{ NULL, no_argument, NULL, '\0' },
};
__dso_public int main(int argc, char *argv[]);
static void get_hostname(void);
static void help(void) __attribute__((__noreturn__));
static void usage(int);
int
main(int argc, char *argv[])
{
int ch, exitcode = EXIT_FAILURE;
const char *input_file = "-", *output_file = "-";
const char *output_format = "JSON";
debug_decl(main, SUDOERS_DEBUG_MAIN)
#if defined(SUDO_DEVEL) && defined(__OpenBSD__)
{
extern char *malloc_options;
malloc_options = "S";
}
#endif
initprogname(argc > 0 ? argv[0] : "cvtsudoers");
if (!sudoers_initlocale(setlocale(LC_ALL, ""), def_sudoers_locale))
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
sudo_warn_set_locale_func(sudoers_warn_setlocale);
bindtextdomain("sudoers", LOCALEDIR); /* XXX - should have visudo domain */
textdomain("sudoers");
#if 0
/* Register fatal/fatalx callback. */
sudo_fatal_callback_register(cvtsudoers_cleanup);
#endif
/* Read debug and plugin sections of sudo.conf. */
if (sudo_conf_read(NULL, SUDO_CONF_DEBUG|SUDO_CONF_PLUGINS) == -1)
goto done;
/* Initialize the debug subsystem. */
if (!sudoers_debug_register(getprogname(), sudo_conf_debug_files(getprogname())))
goto done;
/*
* Arg handling.
*/
while ((ch = getopt_long(argc, argv, short_opts, long_opts, NULL)) != -1) {
switch (ch) {
case 'f':
if (strcasecmp(optarg, "json") != 0) {
sudo_warnx("unsupported output format %s", optarg);
usage(1);
}
output_format = optarg;
break;
case 'h':
help();
break;
case 'o':
output_file = optarg;
break;
case 'V':
(void) printf(_("%s version %s\n"), getprogname(),
PACKAGE_VERSION);
(void) printf(_("%s grammar version %d\n"), getprogname(),
SUDOERS_GRAMMAR_VERSION);
exitcode = EXIT_SUCCESS;
goto done;
default:
usage(1);
}
}
argc -= optind;
argv += optind;
/* Input file (defaults to stdin). */
if (argc > 0) {
/* XXX - allow multiple input files? */
if (argc > 1)
usage(1);
input_file = argv[0];
}
/* Mock up a fake sudo_user struct. */
/* XXX - common with visudo */
user_cmnd = user_base = "";
if (geteuid() == 0) {
const char *user = getenv("SUDO_USER");
if (user != NULL && *user != '\0')
sudo_user.pw = sudo_getpwnam(user);
}
if (sudo_user.pw == NULL) {
if ((sudo_user.pw = sudo_getpwuid(getuid())) == NULL)
sudo_fatalx(U_("you do not exist in the %s database"), "passwd");
}
get_hostname();
/* Setup defaults data structures. */
if (!init_defaults())
sudo_fatalx(U_("unable to initialize sudoers default values"));
exitcode = export_sudoers(input_file, output_file) ? EXIT_SUCCESS : EXIT_FAILURE;
done:
sudo_debug_exit_int(__func__, __FILE__, __LINE__, sudo_debug_subsys, exitcode);
return exitcode;
}
FILE *
open_sudoers(const char *sudoers, bool doedit, bool *keepopen)
{
return fopen(sudoers, "r");
}
/* XXX - Common stubs belong in their own file */
/* STUB */
bool
init_envtables(void)
{
return true;
}
/* STUB */
bool
user_is_exempt(void)
{
return false;
}
/* STUB */
void
sudo_setspent(void)
{
return;
}
/* STUB */
void
sudo_endspent(void)
{
return;
}
/* STUB */
int
group_plugin_query(const char *user, const char *group, const struct passwd *pw)
{
return false;
}
/* STUB */
struct interface_list *
get_interfaces(void)
{
static struct interface_list dummy = SLIST_HEAD_INITIALIZER(interfaces);
return &dummy;
}
/*
* Look up the hostname and set user_host and user_shost.
*/
static void
get_hostname(void)
{
char *p;
debug_decl(get_hostname, SUDOERS_DEBUG_UTIL)
if ((user_host = sudo_gethostname()) != NULL) {
if ((p = strchr(user_host, '.'))) {
*p = '\0';
if ((user_shost = strdup(user_host)) == NULL)
sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
*p = '.';
} else {
user_shost = user_host;
}
} else {
user_host = user_shost = "localhost";
}
user_runhost = user_host;
user_srunhost = user_shost;
debug_return;
}
static void
usage(int fatal)
{
(void) fprintf(fatal ? stderr : stdout,
"usage: %s [-hV] [-f format] [-o output_file] [sudoers_file]\n",
getprogname());
if (fatal)
exit(1);
}
static void
help(void)
{
(void) printf(_("%s - convert between sudoers file formats\n\n"), getprogname());
usage(0);
(void) puts(_("\nOptions:\n"
" -f, --format=JSON specify output format\n"
" -h, --help display help message and exit\n"
" -o, --output=output_file write sudoers in JSON format to output_file\n"
" -V, --version display version information and exit"));
exit(0);
}

45
plugins/sudoers/visudo_json.c → plugins/sudoers/cvtsudoers_json.c
View File

@@ -1,5 +1,5 @@
/*
* Copyright (c) 2013-2016 Todd C. Miller <Todd.Miller@sudo.ws>
* Copyright (c) 2013-2018 Todd C. Miller <Todd.Miller@sudo.ws>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@@ -982,11 +982,9 @@ print_userspecs_json(FILE *fp, int indent, bool need_comma)
/*
* Export the parsed sudoers file in JSON format.
* XXX - ignores strict flag and doesn't pass through quiet flag
*/
bool
export_sudoers(const char *sudoers_path, const char *export_path,
bool quiet, bool strict)
export_sudoers(const char *sudoers_path, const char *export_path)
{
bool ret = false, need_comma = false;
const int indent = 4;
@@ -996,29 +994,20 @@ export_sudoers(const char *sudoers_path, const char *export_path,
if (strcmp(sudoers_path, "-") == 0) {
sudoersin = stdin;
sudoers_path = "stdin";
} else if ((sudoersin = fopen(sudoers_path, "r")) == NULL) {
if (!quiet)
sudo_warn(U_("unable to open %s"), sudoers_path);
goto done;
}
} else if ((sudoersin = fopen(sudoers_path, "r")) == NULL)
sudo_fatal(U_("unable to open %s"), sudoers_path);
if (strcmp(export_path, "-") != 0) {
/* XXX - move check to front-end */
if (strcmp(sudoers_path, export_path) == 0) {
if (!quiet) {
sudo_warnx(U_("%s: input and output files must be different"),
sudoers_path);
}
goto done;
}
if ((export_fp = fopen(export_path, "w")) == NULL) {
if (!quiet)
sudo_warn(U_("unable to open %s"), export_path);
goto done;
sudo_fatalx(U_("%s: input and output files must be different"),
sudoers_path);
}
if ((export_fp = fopen(export_path, "w")) == NULL)
sudo_fatal(U_("unable to open %s"), export_path);
}
init_parser(sudoers_path, quiet);
init_parser(sudoers_path, false);
if (sudoersparse() && !parse_error) {
if (!quiet)
sudo_warnx(U_("failed to parse %s file, unknown error"), sudoers_path);
sudo_warnx(U_("failed to parse %s file, unknown error"), sudoers_path);
parse_error = true;
rcstr_delref(errorfile);
if ((errorfile = rcstr_dup(sudoers_path)) == NULL)
@@ -1027,13 +1016,11 @@ export_sudoers(const char *sudoers_path, const char *export_path,
ret = !parse_error;
if (parse_error) {
if (!quiet) {
if (errorlineno != -1)
sudo_warnx(U_("parse error in %s near line %d\n"),
errorfile, errorlineno);
else if (errorfile != NULL)
sudo_warnx(U_("parse error in %s\n"), errorfile);
}
if (errorlineno != -1)
sudo_warnx(U_("parse error in %s near line %d\n"),
errorfile, errorlineno);
else if (errorfile != NULL)
sudo_warnx(U_("parse error in %s\n"), errorfile);
goto done;
}

19
plugins/sudoers/visudo.c
View File

@@ -101,9 +101,6 @@ static void help(void) __attribute__((__noreturn__));
static void usage(int);
static void visudo_cleanup(void);
extern bool export_sudoers(const char *, const char *, bool, bool);
extern void sudoerserror(const char *);
extern void sudoersrestart(FILE *);
/*
@@ -135,7 +132,6 @@ main(int argc, char *argv[])
char *editor, **editor_argv;
int ch, oldlocale, editor_argc, exitcode = 0;
bool quiet, strict, oldperms;
const char *export_path;
debug_decl(main, SUDOERS_DEBUG_MAIN)
#if defined(SUDO_DEVEL) && defined(__OpenBSD__)
@@ -176,7 +172,6 @@ main(int argc, char *argv[])
* Arg handling.
*/
checkonly = oldperms = quiet = strict = false;
export_path = NULL;
while ((ch = getopt_long(argc, argv, short_opts, long_opts, NULL)) != -1) {
switch (ch) {
case 'V':
@@ -202,8 +197,9 @@ main(int argc, char *argv[])
quiet = true; /* quiet mode */
break;
case 'x':
export_path = optarg; /* export mode */
break;
/* XXX - make more concise */
sudo_warnx(U_("conversion of sudoers to JSON format has moved to the cvtsudoers utility"));
usage(1);
default:
usage(1);
}
@@ -233,10 +229,6 @@ main(int argc, char *argv[])
exitcode = check_syntax(sudoers_file, quiet, strict, oldperms) ? 0 : 1;
goto done;
}
if (export_path != NULL) {
exitcode = export_sudoers(sudoers_file, export_path, quiet, strict) ? 0 : 1;
goto done;
}
/*
* Parse the existing sudoers file(s) to highlight any existing
@@ -1399,7 +1391,7 @@ static void
usage(int fatal)
{
(void) fprintf(fatal ? stderr : stdout,
"usage: %s [-chqsV] [-f sudoers] [-x output_file]\n", getprogname());
"usage: %s [-chqsV] [-f sudoers]\n", getprogname());
if (fatal)
exit(1);
}
@@ -1415,7 +1407,6 @@ help(void)
" -h, --help display help message and exit\n"
" -q, --quiet less verbose (quiet) syntax error messages\n"
" -s, --strict strict syntax checking\n"
" -V, --version display version information and exit\n"
" -x, --export=output_file write sudoers in JSON format to output_file"));
" -V, --version display version information and exit\n"));
exit(0);
}