Add support for runchroot and runcwd to "sudo -l" and cvtsudoers.

2020-09-01 06:26:05 -06:00
parent 86513c78b6
commit 9ff960457a
13 changed files with 195 additions and 18 deletions
--- a/plugins/sudoers/ldap_util.c
+++ b/plugins/sudoers/ldap_util.c
@@ -516,6 +516,12 @@ sudo_ldap_role_to_priv(const char *cn, void *hosts, void *runasusers,
 		    op = sudo_ldap_parse_option(opt, &var, &val);
 		    if (strcmp(var, "command_timeout") == 0 && val != NULL) {
 			cmndspec->timeout = parse_timeout(val);
+		    } else if (strcmp(var, "runchroot") == 0 && val != NULL) {
+			if ((cmndspec->runchroot = strdup(val)) == NULL)
+			    break;
+		    } else if (strcmp(var, "runcwd") == 0 && val != NULL) {
+			if ((cmndspec->runcwd = strdup(val)) == NULL)
+			    break;
 #ifdef HAVE_SELINUX
 		    } else if (strcmp(var, "role") == 0 && val != NULL) {
 			if ((cmndspec->role = strdup(val)) == NULL)