Add admin_flag sudoers option and make --enable-admin-flag take a path.
It is now possible to disable the Ubuntu admin flag in sudoers or change its location. GitHub issue #56
This commit is contained in:
Todd C. Miller
8
INSTALL
8
INSTALL
@@ -424,9 +424,11 @@ Operating system-specific options:
|
||||
Disable use of the setresuid() function for operating systems
|
||||
where it is broken (none currently known).
|
||||
|
||||
--enable-admin-flag
|
||||
Enable the creation of an Ubuntu-style admin flag file
|
||||
the first time sudo is run.
|
||||
--enable-admin-flag[=PATH]
|
||||
Enable the creation of an Ubuntu-style admin flag file the
|
||||
first time sudo is run. If PATH is not specified, the
|
||||
default value is:
|
||||
~/.sudo_as_admin_successful
|
||||
|
||||
--enable-devsearch=PATH
|
||||
Set a system-specific search path of directories to look in
|
||||
|
||||
@@ -1231,10 +1231,6 @@
|
||||
/* Define to 1 if the `unsetenv' function returns void instead of `int'. */
|
||||
#undef UNSETENV_VOID
|
||||
|
||||
/* Define to 1 if you want to create ~/.sudo_as_admin_successful if the user
|
||||
is in the admin group the first time they run sudo. */
|
||||
#undef USE_ADMIN_FLAG
|
||||
|
||||
/* Define to 1 if you want to insult the user for entering an incorrect
|
||||
password. */
|
||||
#undef USE_INSULTS
|
||||
|
||||
14
configure
vendored
14
configure
vendored
@@ -1718,7 +1718,8 @@ Optional Features:
|
||||
instead of the default C compiler.
|
||||
--disable-leaks Prevent some harmless memory leaks.
|
||||
--disable-poll Use select() instead of poll().
|
||||
--enable-admin-flag Whether to create a Ubuntu-style admin flag file
|
||||
--enable-admin-flag[=PATH]
|
||||
Whether to create a Ubuntu-style admin flag file
|
||||
--disable-nls Disable natural language support using gettext
|
||||
--disable-rpath Disable passing of -Rpath to the linker
|
||||
--enable-static-sudoers Build the sudoers policy module as part of the sudo
|
||||
@@ -6989,12 +6990,16 @@ fi
|
||||
if test ${enable_admin_flag+y}
|
||||
then :
|
||||
enableval=$enable_admin_flag; case "$enableval" in
|
||||
yes) printf "%s\n" "#define USE_ADMIN_FLAG 1" >>confdefs.h
|
||||
yes) cat >>confdefs.h <<EOF
|
||||
#define _PATH_SUDO_ADMIN_FLAG "~/.sudo_as_admin_successful"
|
||||
EOF
|
||||
|
||||
;;
|
||||
no) ;;
|
||||
*) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: Ignoring unknown argument to --enable-admin-flag: $enableval" >&5
|
||||
printf "%s\n" "$as_me: WARNING: Ignoring unknown argument to --enable-admin-flag: $enableval" >&2;}
|
||||
*) cat >>confdefs.h <<EOF
|
||||
#define _PATH_SUDO_ADMIN_FLAG "$enableval"
|
||||
EOF
|
||||
|
||||
;;
|
||||
esac
|
||||
|
||||
@@ -31913,6 +31918,5 @@ fi
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -1574,12 +1574,12 @@ AC_ARG_ENABLE(poll,
|
||||
[AS_HELP_STRING([--disable-poll], [Use select() instead of poll().])])
|
||||
|
||||
AC_ARG_ENABLE(admin-flag,
|
||||
[AS_HELP_STRING([--enable-admin-flag], [Whether to create a Ubuntu-style admin flag file])],
|
||||
[AS_HELP_STRING([--enable-admin-flag[[=PATH]]], [Whether to create a Ubuntu-style admin flag file])],
|
||||
[ case "$enableval" in
|
||||
yes) AC_DEFINE(USE_ADMIN_FLAG)
|
||||
yes) SUDO_DEFINE_UNQUOTED(_PATH_SUDO_ADMIN_FLAG, "~/.sudo_as_admin_successful")
|
||||
;;
|
||||
no) ;;
|
||||
*) AC_MSG_WARN([Ignoring unknown argument to --enable-admin-flag: $enableval])
|
||||
*) SUDO_DEFINE_UNQUOTED(_PATH_SUDO_ADMIN_FLAG, "$enableval")
|
||||
;;
|
||||
esac
|
||||
])
|
||||
@@ -5051,7 +5051,6 @@ AH_TEMPLATE(SHELL_SETS_HOME, [Define to 1 if you want sudo to set $HOME in shell
|
||||
AH_TEMPLATE(STATIC_SUDOERS_PLUGIN, [Define to 1 to compile the sudoers plugin statically into the sudo binary.])
|
||||
AH_TEMPLATE(STUB_LOAD_INTERFACES, [Define to 1 if the code in interfaces.c does not compile for you.])
|
||||
AH_TEMPLATE(UMASK_OVERRIDE, [Define to 1 to use the umask specified in sudoers even when it is less restrictive than the invoking user's.])
|
||||
AH_TEMPLATE(USE_ADMIN_FLAG, [Define to 1 if you want to create ~/.sudo_as_admin_successful if the user is in the admin group the first time they run sudo.])
|
||||
AH_TEMPLATE(USE_INSULTS, [Define to 1 if you want to insult the user for entering an incorrect password.])
|
||||
AH_TEMPLATE(USE_STOW, [Define to 1 if you use GNU stow packaging.])
|
||||
AH_TEMPLATE(WITHOUT_PASSWD, [Define to avoid using the passwd/shadow file for authentication.])
|
||||
|
||||
@@ -25,7 +25,7 @@
|
||||
.nr BA @BAMAN@
|
||||
.nr LC @LCMAN@
|
||||
.nr PS @PSMAN@
|
||||
.TH "SUDOERS" "@mansectform@" "January 8, 2020" "Sudo @PACKAGE_VERSION@" "File Formats Manual"
|
||||
.TH "SUDOERS" "@mansectform@" "February 16, 2020" "Sudo @PACKAGE_VERSION@" "File Formats Manual"
|
||||
.nh
|
||||
.if n .ad l
|
||||
.SH "NAME"
|
||||
@@ -4265,6 +4265,24 @@ is built with SELinux support.
|
||||
.PP
|
||||
\fBStrings that can be used in a boolean context\fR:
|
||||
.TP 14n
|
||||
admin_flag
|
||||
The
|
||||
\fIadmin_flag\fR
|
||||
option specifies the path to a file that is created the first time
|
||||
a user that is a member of the
|
||||
\fIsudo\fR
|
||||
or
|
||||
\fIadmin\fR
|
||||
groups runs
|
||||
\fBsudo\fR.
|
||||
Only available if
|
||||
\fBsudo\fR
|
||||
is configured with the
|
||||
\fR--enable-admin-flag\fR
|
||||
option.
|
||||
The default value is
|
||||
\fR~/.sudo_as_admin_successful\fR.
|
||||
.TP 14n
|
||||
env_file
|
||||
The
|
||||
\fIenv_file\fR
|
||||
|
||||
@@ -24,7 +24,7 @@
|
||||
.nr BA @BAMAN@
|
||||
.nr LC @LCMAN@
|
||||
.nr PS @PSMAN@
|
||||
.Dd January 8, 2020
|
||||
.Dd February 16, 2020
|
||||
.Dt SUDOERS @mansectform@
|
||||
.Os Sudo @PACKAGE_VERSION@
|
||||
.Sh NAME
|
||||
@@ -4003,6 +4003,23 @@ is built with SELinux support.
|
||||
.Pp
|
||||
.Sy Strings that can be used in a boolean context :
|
||||
.Bl -tag -width 12n
|
||||
.It admin_flag
|
||||
The
|
||||
.Em admin_flag
|
||||
option specifies the path to a file that is created the first time
|
||||
a user that is a member of the
|
||||
.Em sudo
|
||||
or
|
||||
.Em admin
|
||||
groups runs
|
||||
.Nm sudo .
|
||||
Only available if
|
||||
.Nm sudo
|
||||
is configured with the
|
||||
.Li --enable-admin-flag
|
||||
option.
|
||||
The default value is
|
||||
.Li ~/.sudo_as_admin_successful .
|
||||
.It env_file
|
||||
The
|
||||
.Em env_file
|
||||
|
||||
@@ -141,6 +141,14 @@
|
||||
# undef _PATH_SUDO_LOGFILE
|
||||
#endif /* _PATH_SUDO_LOGFILE */
|
||||
|
||||
/*
|
||||
* The path to an Ubuntu-style admin flag file that is created the
|
||||
* first time a user runs sudo.
|
||||
*/
|
||||
#ifndef _PATH_SUDO_ADMIN_FLAG
|
||||
# undef _PATH_SUDO_ADMIN_FLAG
|
||||
#endif /* _PATH_SUDO_ADMIN_FLAG */
|
||||
|
||||
#ifndef _PATH_SUDO_SENDMAIL
|
||||
# undef _PATH_SUDO_SENDMAIL
|
||||
#endif /* _PATH_SUDO_SENDMAIL */
|
||||
|
||||
@@ -573,6 +573,10 @@ struct sudo_defs_types sudo_defs_table[] = {
|
||||
"selinux", T_FLAG,
|
||||
N_("Enable SELinux RBAC support"),
|
||||
NULL,
|
||||
}, {
|
||||
"admin_flag", T_STR|T_BOOL|T_CHPATH,
|
||||
N_("Path to the file that is created the first time sudo is run: %s"),
|
||||
NULL,
|
||||
}, {
|
||||
NULL, 0, NULL
|
||||
}
|
||||
|
||||
@@ -264,6 +264,8 @@
|
||||
#define def_log_format (sudo_defs_table[I_LOG_FORMAT].sd_un.tuple)
|
||||
#define I_SELINUX 131
|
||||
#define def_selinux (sudo_defs_table[I_SELINUX].sd_un.flag)
|
||||
#define I_ADMIN_FLAG 132
|
||||
#define def_admin_flag (sudo_defs_table[I_ADMIN_FLAG].sd_un.str)
|
||||
|
||||
enum def_tuple {
|
||||
never,
|
||||
|
||||
@@ -412,3 +412,6 @@ log_format
|
||||
selinux
|
||||
T_FLAG
|
||||
"Enable SELinux RBAC support"
|
||||
admin_flag
|
||||
T_STR|T_BOOL|T_CHPATH
|
||||
"Path to the file that is created the first time sudo is run: %s"
|
||||
|
||||
@@ -531,6 +531,10 @@ init_defaults(void)
|
||||
#endif
|
||||
#ifdef HAVE_INNETGR
|
||||
def_use_netgroups = true;
|
||||
#endif
|
||||
#ifdef _PATH_SUDO_ADMIN_FLAG
|
||||
if ((def_admin_flag = strdup(_PATH_SUDO_ADMIN_FLAG)) == NULL)
|
||||
goto oom;
|
||||
#endif
|
||||
def_netgroup_tuple = false;
|
||||
def_sudoedit_checkdir = true;
|
||||
|
||||
@@ -1083,24 +1083,32 @@ done:
|
||||
debug_return_int(ret);
|
||||
}
|
||||
|
||||
#ifdef USE_ADMIN_FLAG
|
||||
#ifdef _PATH_SUDO_ADMIN_FLAG
|
||||
int
|
||||
create_admin_success_flag(void)
|
||||
{
|
||||
char flagfile[PATH_MAX];
|
||||
int len, ret = -1;
|
||||
char *flagfile;
|
||||
int ret = -1;
|
||||
debug_decl(create_admin_success_flag, SUDOERS_DEBUG_AUTH);
|
||||
|
||||
/* Is the admin flag file even enabled? */
|
||||
if (!def_admin_flag)
|
||||
debug_return_int(true);
|
||||
|
||||
/* Check whether the user is in the sudo or admin group. */
|
||||
if (!user_in_group(sudo_user.pw, "sudo") &&
|
||||
!user_in_group(sudo_user.pw, "admin"))
|
||||
debug_return_int(true);
|
||||
|
||||
/* Build path to flag file. */
|
||||
len = snprintf(flagfile, sizeof(flagfile), "%s/.sudo_as_admin_successful",
|
||||
user_dir);
|
||||
if (len < 0 || len >= ssizeof(flagfile))
|
||||
if ((flagfile = strdup(def_admin_flag)) == NULL) {
|
||||
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
|
||||
debug_return_int(-1);
|
||||
}
|
||||
if (!expand_tilde(&flagfile, user_name)) {
|
||||
free(flagfile);
|
||||
debug_return_int(false);
|
||||
}
|
||||
|
||||
/* Create admin flag file if it doesn't already exist. */
|
||||
if (set_perms(PERM_USER)) {
|
||||
@@ -1111,13 +1119,14 @@ create_admin_success_flag(void)
|
||||
if (!restore_perms())
|
||||
ret = -1;
|
||||
}
|
||||
free(flagfile);
|
||||
debug_return_int(ret);
|
||||
}
|
||||
#else /* !USE_ADMIN_FLAG */
|
||||
#else /* !_PATH_SUDO_ADMIN_FLAG */
|
||||
int
|
||||
create_admin_success_flag(void)
|
||||
{
|
||||
/* STUB */
|
||||
return true;
|
||||
}
|
||||
#endif /* USE_ADMIN_FLAG */
|
||||
#endif /* _PATH_SUDO_ADMIN_FLAG */
|
||||
|
||||
Reference in New Issue
Block a user