isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Prepare sudoers module messages for translation.

Browse Source
This commit is contained in:
Todd C. Miller
2011-05-16 16:32:05 -04:00
parent 24a087709a
commit b643b190a7
36 changed files with 424 additions and 423 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
plugins/sudoers/alias.c
View File

@@ -114,7 +114,7 @@ alias_add(char *name, int type, struct member *members)
a->seqno = 0; a->seqno = 0;
list2tq(&a->members, members); list2tq(&a->members, members);
if (rbinsert(aliases, a)) { if (rbinsert(aliases, a)) {
snprintf(errbuf, sizeof(errbuf), "Alias `%s' already defined", name); snprintf(errbuf, sizeof(errbuf), _("Alias `%s' already defined"), name);
alias_free(a); alias_free(a);
return errbuf; return errbuf;
} }

6
plugins/sudoers/auth/bsdauth.c
View File

@@ -61,14 +61,14 @@ bsdauth_init(struct passwd *pw, char **promptp, sudo_auth *auth)
if ((as = auth_open()) == NULL) { if ((as = auth_open()) == NULL) {
log_error(USE_ERRNO|NO_EXIT|NO_MAIL, log_error(USE_ERRNO|NO_EXIT|NO_MAIL,
"unable to begin bsd authentication"); _("unable to begin bsd authentication"));
return AUTH_FATAL; return AUTH_FATAL;
} }
/* XXX - maybe sanity check the auth style earlier? */ /* XXX - maybe sanity check the auth style earlier? */
login_style = login_getstyle(lc, login_style, "auth-sudo"); login_style = login_getstyle(lc, login_style, "auth-sudo");
if (login_style == NULL) { if (login_style == NULL) {
log_error(NO_EXIT|NO_MAIL, "invalid authentication type"); log_error(NO_EXIT|NO_MAIL, _("invalid authentication type"));
auth_close(as); auth_close(as);
return AUTH_FATAL; return AUTH_FATAL;
} }
@@ -76,7 +76,7 @@ bsdauth_init(struct passwd *pw, char **promptp, sudo_auth *auth)
if (auth_setitem(as, AUTHV_STYLE, login_style) < 0 || if (auth_setitem(as, AUTHV_STYLE, login_style) < 0 ||
auth_setitem(as, AUTHV_NAME, pw->pw_name) < 0 || auth_setitem(as, AUTHV_NAME, pw->pw_name) < 0 ||
auth_setitem(as, AUTHV_CLASS, login_class) < 0) { auth_setitem(as, AUTHV_CLASS, login_class) < 0) {
log_error(NO_EXIT|NO_MAIL, "unable to setup authentication"); log_error(NO_EXIT|NO_MAIL, _("unable to setup authentication"));
auth_close(as); auth_close(as);
return AUTH_FATAL; return AUTH_FATAL;
} }

12
plugins/sudoers/auth/fwtk.c
View File

@@ -56,22 +56,22 @@ fwtk_init(struct passwd *pw, char **promptp, sudo_auth *auth)
char resp[128]; /* Response from the server */ char resp[128]; /* Response from the server */
if ((confp = cfg_read("sudo")) == (Cfg *)-1) { if ((confp = cfg_read("sudo")) == (Cfg *)-1) {
warningx("cannot read fwtk config"); warningx(_("cannot read fwtk config"));
return AUTH_FATAL; return AUTH_FATAL;
} }
if (auth_open(confp)) { if (auth_open(confp)) {
warningx("cannot connect to authentication server"); warningx(_("cannot connect to authentication server"));
return AUTH_FATAL; return AUTH_FATAL;
} }
/* Get welcome message from auth server */ /* Get welcome message from auth server */
if (auth_recv(resp, sizeof(resp))) { if (auth_recv(resp, sizeof(resp))) {
warningx("lost connection to authentication server"); warningx(_("lost connection to authentication server"));
return AUTH_FATAL; return AUTH_FATAL;
} }
if (strncmp(resp, "Authsrv ready", 13) != 0) { if (strncmp(resp, "Authsrv ready", 13) != 0) {
warningx("authentication server error:\n%s", resp); warningx(_("authentication server error:\n%s"), resp);
return AUTH_FATAL; return AUTH_FATAL;
} }
@@ -90,7 +90,7 @@ fwtk_verify(struct passwd *pw, char *prompt, sudo_auth *auth)
(void) snprintf(buf, sizeof(buf), "authorize %s 'sudo'", pw->pw_name); (void) snprintf(buf, sizeof(buf), "authorize %s 'sudo'", pw->pw_name);
restart: restart:
if (auth_send(buf) || auth_recv(resp, sizeof(resp))) { if (auth_send(buf) || auth_recv(resp, sizeof(resp))) {
warningx("lost connection to authentication server"); warningx(_("lost connection to authentication server"));
return AUTH_FATAL; return AUTH_FATAL;
} }
@@ -123,7 +123,7 @@ restart:
/* Send the user's response to the server */ /* Send the user's response to the server */
(void) snprintf(buf, sizeof(buf), "response '%s'", pass); (void) snprintf(buf, sizeof(buf), "response '%s'", pass);
if (auth_send(buf) || auth_recv(resp, sizeof(resp))) { if (auth_send(buf) || auth_recv(resp, sizeof(resp))) {
warningx("lost connection to authentication server"); warningx(_("lost connection to authentication server"));
error = AUTH_FATAL; error = AUTH_FATAL;
goto done; goto done;
} }

20
plugins/sudoers/auth/kerb5.c
View File

@@ -111,7 +111,7 @@ kerb5_init(struct passwd *pw, char **promptp, sudo_auth *auth)
if ((error = krb5_parse_name(sudo_context, pw->pw_name, if ((error = krb5_parse_name(sudo_context, pw->pw_name,
&(sudo_krb5_data.princ)))) { &(sudo_krb5_data.princ)))) {
log_error(NO_EXIT|NO_MAIL, log_error(NO_EXIT|NO_MAIL,
"%s: unable to parse '%s': %s", auth->name, pw->pw_name, _("%s: unable to parse '%s': %s"), auth->name, pw->pw_name,
error_message(error)); error_message(error));
return AUTH_FAILURE; return AUTH_FAILURE;
} }
@@ -124,7 +124,7 @@ kerb5_init(struct passwd *pw, char **promptp, sudo_auth *auth)
#if 1 #if 1
if ((error = krb5_unparse_name(sudo_context, princ, &pname))) { if ((error = krb5_unparse_name(sudo_context, princ, &pname))) {
log_error(NO_EXIT|NO_MAIL, log_error(NO_EXIT|NO_MAIL,
"%s: unable to unparse princ ('%s'): %s", auth->name, _("%s: unable to unparse princ ('%s'): %s"), auth->name,
pw->pw_name, error_message(error)); pw->pw_name, error_message(error));
return AUTH_FAILURE; return AUTH_FAILURE;
} }
@@ -141,7 +141,7 @@ kerb5_init(struct passwd *pw, char **promptp, sudo_auth *auth)
if ((error = krb5_cc_resolve(sudo_context, cache_name, if ((error = krb5_cc_resolve(sudo_context, cache_name,
&(sudo_krb5_data.ccache)))) { &(sudo_krb5_data.ccache)))) {
log_error(NO_EXIT|NO_MAIL, log_error(NO_EXIT|NO_MAIL,
"%s: unable to resolve ccache: %s", auth->name, _("%s: unable to resolve ccache: %s"), auth->name,
error_message(error)); error_message(error));
return AUTH_FAILURE; return AUTH_FAILURE;
} }
@@ -185,7 +185,7 @@ kerb5_verify(struct passwd *pw, char *pass, sudo_auth *auth)
error = krb5_get_init_creds_opt_alloc(sudo_context, &opts); error = krb5_get_init_creds_opt_alloc(sudo_context, &opts);
if (error) { if (error) {
log_error(NO_EXIT|NO_MAIL, log_error(NO_EXIT|NO_MAIL,
"%s: unable to allocate options: %s", auth->name, _("%s: unable to allocate options: %s"), auth->name,
error_message(error)); error_message(error));
goto done; goto done;
} }
@@ -201,7 +201,7 @@ kerb5_verify(struct passwd *pw, char *pass, sudo_auth *auth)
/* Don't print error if just a bad password */ /* Don't print error if just a bad password */
if (error != KRB5KRB_AP_ERR_BAD_INTEGRITY) if (error != KRB5KRB_AP_ERR_BAD_INTEGRITY)
log_error(NO_EXIT|NO_MAIL, log_error(NO_EXIT|NO_MAIL,
"%s: unable to get credentials: %s", auth->name, _("%s: unable to get credentials: %s"), auth->name,
error_message(error)); error_message(error));
goto done; goto done;
} }
@@ -214,11 +214,11 @@ kerb5_verify(struct passwd *pw, char *pass, sudo_auth *auth)
/* Store cred in cred cache. */ /* Store cred in cred cache. */
if ((error = krb5_cc_initialize(sudo_context, ccache, princ))) { if ((error = krb5_cc_initialize(sudo_context, ccache, princ))) {
log_error(NO_EXIT|NO_MAIL, log_error(NO_EXIT|NO_MAIL,
"%s: unable to initialize ccache: %s", auth->name, _("%s: unable to initialize ccache: %s"), auth->name,
error_message(error)); error_message(error));
} else if ((error = krb5_cc_store_cred(sudo_context, ccache, creds))) { } else if ((error = krb5_cc_store_cred(sudo_context, ccache, creds))) {
log_error(NO_EXIT|NO_MAIL, log_error(NO_EXIT|NO_MAIL,
"%s: unable to store cred in ccache: %s", auth->name, _("%s: unable to store cred in ccache: %s"), auth->name,
error_message(error)); error_message(error));
} }
@@ -281,7 +281,7 @@ verify_krb_v5_tgt(krb5_context sudo_context, krb5_creds *cred, char *auth_name)
if ((error = krb5_sname_to_principal(sudo_context, NULL, NULL, if ((error = krb5_sname_to_principal(sudo_context, NULL, NULL,
KRB5_NT_SRV_HST, &server))) { KRB5_NT_SRV_HST, &server))) {
log_error(NO_EXIT|NO_MAIL, log_error(NO_EXIT|NO_MAIL,
"%s: unable to get host principal: %s", auth_name, _("%s: unable to get host principal: %s"), auth_name,
error_message(error)); error_message(error));
return -1; return -1;
} }
@@ -296,8 +296,8 @@ verify_krb_v5_tgt(krb5_context sudo_context, krb5_creds *cred, char *auth_name)
krb5_free_principal(sudo_context, server); krb5_free_principal(sudo_context, server);
if (error) if (error)
log_error(NO_EXIT|NO_MAIL, log_error(NO_EXIT|NO_MAIL,
"%s: Cannot verify TGT! Possible attack!: %s", auth_name, _("%s: Cannot verify TGT! Possible attack!: %s"),
error_message(error)); auth_name, error_message(error));
return error; return error;
} }
#endif #endif

21
plugins/sudoers/auth/pam.c
View File

@@ -97,7 +97,7 @@ pam_init(struct passwd *pw, char **promptp, sudo_auth *auth)
#endif #endif
pam_status = pam_start("sudo", pw->pw_name, &pam_conv, &pamh); pam_status = pam_start("sudo", pw->pw_name, &pam_conv, &pamh);
if (pam_status != PAM_SUCCESS) { if (pam_status != PAM_SUCCESS) {
log_error(USE_ERRNO|NO_EXIT|NO_MAIL, "unable to initialize PAM"); log_error(USE_ERRNO|NO_EXIT|NO_MAIL, _("unable to initialize PAM"));
return AUTH_FATAL; return AUTH_FATAL;
} }
@@ -140,28 +140,27 @@ pam_verify(struct passwd *pw, char *prompt, sudo_auth *auth)
case PAM_SUCCESS: case PAM_SUCCESS:
return AUTH_SUCCESS; return AUTH_SUCCESS;
case PAM_AUTH_ERR: case PAM_AUTH_ERR:
log_error(NO_EXIT|NO_MAIL, log_error(NO_EXIT|NO_MAIL, _("account validation failure, "
"account validation failure, is your account locked?"); "is your account locked?"));
return AUTH_FATAL; return AUTH_FATAL;
case PAM_NEW_AUTHTOK_REQD: case PAM_NEW_AUTHTOK_REQD:
log_error(NO_EXIT|NO_MAIL, "%s, %s", log_error(NO_EXIT|NO_MAIL, _("Account or password is "
"Account or password is expired", "expired, reset your password and try again"));
"reset your password and try again");
*pam_status = pam_chauthtok(pamh, *pam_status = pam_chauthtok(pamh,
PAM_CHANGE_EXPIRED_AUTHTOK); PAM_CHANGE_EXPIRED_AUTHTOK);
if (*pam_status == PAM_SUCCESS) if (*pam_status == PAM_SUCCESS)
return AUTH_SUCCESS; return AUTH_SUCCESS;
if ((s = pam_strerror(pamh, *pam_status))) if ((s = pam_strerror(pamh, *pam_status)))
log_error(NO_EXIT|NO_MAIL, "pam_chauthtok: %s", s); log_error(NO_EXIT|NO_MAIL, _("pam_chauthtok: %s"), s);
return AUTH_FAILURE; return AUTH_FAILURE;
case PAM_AUTHTOK_EXPIRED: case PAM_AUTHTOK_EXPIRED:
log_error(NO_EXIT|NO_MAIL, log_error(NO_EXIT|NO_MAIL,
"Password expired, contact your system administrator"); _("Password expired, contact your system administrator"));
return AUTH_FATAL; return AUTH_FATAL;
case PAM_ACCT_EXPIRED: case PAM_ACCT_EXPIRED:
log_error(NO_EXIT|NO_MAIL, "%s %s", log_error(NO_EXIT|NO_MAIL, "%s %s",
"Account expired or PAM config lacks an \"account\"", _("Account expired or PAM config lacks an \"account\"",
"section for sudo, contact your system administrator"); "section for sudo, contact your system administrator"));
return AUTH_FATAL; return AUTH_FATAL;
} }
/* FALLTHROUGH */ /* FALLTHROUGH */
@@ -175,7 +174,7 @@ pam_verify(struct passwd *pw, char *prompt, sudo_auth *auth)
return AUTH_FAILURE; return AUTH_FAILURE;
default: default:
if ((s = pam_strerror(pamh, *pam_status))) if ((s = pam_strerror(pamh, *pam_status)))
log_error(NO_EXIT|NO_MAIL, "pam_authenticate: %s", s); log_error(NO_EXIT|NO_MAIL, _("pam_authenticate: %s"), s);
return AUTH_FATAL; return AUTH_FATAL;
} }
} }

2
plugins/sudoers/auth/rfc1938.c
View File

@@ -100,7 +100,7 @@ rfc1938_setup(struct passwd *pw, char **promptp, sudo_auth *auth)
*/ */
if (rfc1938challenge(&rfc1938, pw->pw_name, challenge, sizeof(challenge))) { if (rfc1938challenge(&rfc1938, pw->pw_name, challenge, sizeof(challenge))) {
if (IS_ONEANDONLY(auth)) { if (IS_ONEANDONLY(auth)) {
warningx("you do not exist in the %s database", auth->name); warningx(_("you do not exist in the %s database"), auth->name);
return AUTH_FATAL; return AUTH_FATAL;
} else { } else {
return AUTH_FAILURE; return AUTH_FAILURE;

2
plugins/sudoers/auth/securid.c
View File

@@ -79,7 +79,7 @@ securid_setup(struct passwd *pw, char **promptp, sudo_auth *auth)
strlcpy(sd->username, pw->pw_name, 32); strlcpy(sd->username, pw->pw_name, 32);
return AUTH_SUCCESS; return AUTH_SUCCESS;
} else { } else {
warningx("unable to contact the SecurID server"); warningx(_("unable to contact the SecurID server"));
return AUTH_FATAL; return AUTH_FATAL;
} }
} }

22
plugins/sudoers/auth/securid5.c
View File

@@ -78,7 +78,7 @@ securid_init(struct passwd *pw, char **promptp, sudo_auth *auth)
if (AceInitialize() != SD_FALSE) if (AceInitialize() != SD_FALSE)
return AUTH_SUCCESS; return AUTH_SUCCESS;
warningx("failed to initialise the ACE API library"); warningx(_("failed to initialise the ACE API library"));
return AUTH_FATAL; return AUTH_FATAL;
} }
@@ -103,7 +103,7 @@ securid_setup(struct passwd *pw, char **promptp, sudo_auth *auth)
/* Re-initialize SecurID every time. */ /* Re-initialize SecurID every time. */
if (SD_Init(sd) != ACM_OK) { if (SD_Init(sd) != ACM_OK) {
warningx("unable to contact the SecurID server"); warningx(_("unable to contact the SecurID server"));
return AUTH_FATAL; return AUTH_FATAL;
} }
@@ -112,23 +112,23 @@ securid_setup(struct passwd *pw, char **promptp, sudo_auth *auth)
switch (retval) { switch (retval) {
case ACM_OK: case ACM_OK:
warningx("User ID locked for SecurID Authentication"); warningx(_("User ID locked for SecurID Authentication"));
return AUTH_SUCCESS; return AUTH_SUCCESS;
case ACE_UNDEFINED_USERNAME: case ACE_UNDEFINED_USERNAME:
warningx("invalid username length for SecurID"); warningx(_("invalid username length for SecurID"));
return AUTH_FATAL; return AUTH_FATAL;
case ACE_ERR_INVALID_HANDLE: case ACE_ERR_INVALID_HANDLE:
warningx("invalid Authentication Handle for SecurID"); warningx(_("invalid Authentication Handle for SecurID"));
return AUTH_FATAL; return AUTH_FATAL;
case ACM_ACCESS_DENIED: case ACM_ACCESS_DENIED:
warningx("SecurID communication failed"); warningx(_("SecurID communication failed"));
return AUTH_FATAL; return AUTH_FATAL;
default: default:
warningx("unknown SecurID error"); warningx(_("unknown SecurID error"));
return AUTH_FATAL; return AUTH_FATAL;
} }
} }
@@ -161,17 +161,17 @@ securid_verify(struct passwd *pw, char *pass, sudo_auth *auth)
break; break;
case ACE_UNDEFINED_PASSCODE: case ACE_UNDEFINED_PASSCODE:
warningx("invalid passcode length for SecurID"); warningx(_("invalid passcode length for SecurID"));
rval = AUTH_FATAL; rval = AUTH_FATAL;
break; break;
case ACE_UNDEFINED_USERNAME: case ACE_UNDEFINED_USERNAME:
warningx("invalid username length for SecurID"); warningx(_("invalid username length for SecurID"));
rval = AUTH_FATAL; rval = AUTH_FATAL;
break; break;
case ACE_ERR_INVALID_HANDLE: case ACE_ERR_INVALID_HANDLE:
warningx("invalid Authentication Handle for SecurID"); warningx(_("invalid Authentication Handle for SecurID"));
rval = AUTH_FATAL; rval = AUTH_FATAL;
break; break;
@@ -210,7 +210,7 @@ then enter the new token code.\n", \
break; break;
default: default:
warningx("unknown SecurID error"); warningx(_("unknown SecurID error"));
rval = AUTH_FATAL; rval = AUTH_FATAL;
break; break;
} }

2
plugins/sudoers/auth/sia.c
View File

@@ -103,7 +103,7 @@ sia_setup(struct passwd *pw, char **promptp, sudo_auth *auth)
if (sia_ses_init(&siah, sudo_argc, sudo_argv, NULL, pw->pw_name, user_ttypath, 1, NULL) != SIASUCCESS) { if (sia_ses_init(&siah, sudo_argc, sudo_argv, NULL, pw->pw_name, user_ttypath, 1, NULL) != SIASUCCESS) {
log_error(USE_ERRNO|NO_EXIT|NO_MAIL, log_error(USE_ERRNO|NO_EXIT|NO_MAIL,
"unable to initialize SIA session"); _("unable to initialize SIA session"));
return AUTH_FATAL; return AUTH_FATAL;
} }

16
plugins/sudoers/auth/sudo_auth.c
View File

@@ -120,10 +120,10 @@ verify_user(struct passwd *pw, char *prompt)
/* Make sure we have at least one auth method. */ /* Make sure we have at least one auth method. */
if (auth_switch[0].name == NULL) { if (auth_switch[0].name == NULL) {
audit_failure(NewArgv, "no authentication methods"); audit_failure(NewArgv, "no authentication methods");
log_error(0, "%s %s %s", log_error(0,
"There are no authentication methods compiled into sudo!", _("There are no authentication methods compiled into sudo! "
"If you want to turn off authentication, use the", "If you want to turn off authentication, use the "
"--disable-authentication configure option."); "--disable-authentication configure option."));
return -1; return -1;
} }
@@ -131,8 +131,8 @@ verify_user(struct passwd *pw, char *prompt)
standalone = IS_STANDALONE(&auth_switch[0]); standalone = IS_STANDALONE(&auth_switch[0]);
if (standalone && auth_switch[1].name != NULL) { if (standalone && auth_switch[1].name != NULL) {
audit_failure(NewArgv, "invalid authentication methods"); audit_failure(NewArgv, "invalid authentication methods");
log_error(0, "Invalid authentication methods compiled into sudo! " log_error(0, _("Invalid authentication methods compiled into sudo! "
"You cannot mix standalone and non-standalone authentication."); "You cannot mix standalone and non-standalone authentication."));
return -1; return -1;
} }
@@ -240,7 +240,7 @@ cleanup:
flags = 0; flags = 0;
else else
flags = NO_MAIL; flags = NO_MAIL;
log_error(flags, "%d incorrect password attempt%s", log_error(flags, _("%d incorrect password attempt%s"),
def_passwd_tries - counter, def_passwd_tries - counter,
(def_passwd_tries - counter == 1) ? "" : "s"); (def_passwd_tries - counter == 1) ? "" : "s");
} }
@@ -332,7 +332,7 @@ dump_auth_methods(void)
{ {
sudo_auth *auth; sudo_auth *auth;
sudo_printf(SUDO_CONV_INFO_MSG, "Authentication methods:"); sudo_printf(SUDO_CONV_INFO_MSG, _("Authentication methods:"));
for (auth = auth_switch; auth->name; auth++) for (auth = auth_switch; auth->name; auth++)
sudo_printf(SUDO_CONV_INFO_MSG, " '%s'", auth->name); sudo_printf(SUDO_CONV_INFO_MSG, " '%s'", auth->name);
sudo_printf(SUDO_CONV_INFO_MSG, "\n"); sudo_printf(SUDO_CONV_INFO_MSG, "\n");

42
plugins/sudoers/bsm_audit.c
View File

@@ -55,10 +55,10 @@ audit_sudo_selected(int sf)
if (getaudit_addr(&ainfo_addr, sizeof(ainfo_addr)) < 0) { if (getaudit_addr(&ainfo_addr, sizeof(ainfo_addr)) < 0) {
if (errno == ENOSYS) { if (errno == ENOSYS) {
if (getaudit(&ainfo) < 0) if (getaudit(&ainfo) < 0)
log_error(0, "getaudit: failed"); log_error(0, _("getaudit: failed"));
mask = &ainfo.ai_mask; mask = &ainfo.ai_mask;
} else } else
log_error(0, "getaudit: failed"); log_error(0, _("getaudit: failed"));
} else } else
mask = &ainfo_addr.ai_mask; mask = &ainfo_addr.ai_mask;
sorf = (sf == 0) ? AU_PRS_SUCCESS : AU_PRS_FAILURE; sorf = (sf == 0) ? AU_PRS_SUCCESS : AU_PRS_FAILURE;
@@ -84,7 +84,7 @@ bsm_audit_success(char **exec_args)
if (auditon(A_GETCOND, (caddr_t)&au_cond, sizeof(long)) < 0) { if (auditon(A_GETCOND, (caddr_t)&au_cond, sizeof(long)) < 0) {
if (errno == AUDIT_NOT_CONFIGURED) if (errno == AUDIT_NOT_CONFIGURED)
return; return;
log_error(0, "Could not determine audit condition"); log_error(0, _("Could not determine audit condition"));
} }
if (au_cond == AUC_NOAUDIT) if (au_cond == AUC_NOAUDIT)
return; return;
@@ -95,9 +95,9 @@ bsm_audit_success(char **exec_args)
if (!audit_sudo_selected(0)) if (!audit_sudo_selected(0))
return; return;
if (getauid(&auid) < 0) if (getauid(&auid) < 0)
log_error(0, "getauid failed"); log_error(0, _("getauid failed"));
if ((aufd = au_open()) == -1) if ((aufd = au_open()) == -1)
log_error(0, "au_open: failed"); log_error(0, _("au_open: failed"));
if (getaudit_addr(&ainfo_addr, sizeof(ainfo_addr)) == 0) { if (getaudit_addr(&ainfo_addr, sizeof(ainfo_addr)) == 0) {
tok = au_to_subject_ex(auid, geteuid(), getegid(), getuid(), tok = au_to_subject_ex(auid, geteuid(), getegid(), getuid(),
getuid(), pid, pid, &ainfo_addr.ai_termid); getuid(), pid, pid, &ainfo_addr.ai_termid);
@@ -106,24 +106,24 @@ bsm_audit_success(char **exec_args)
* NB: We should probably watch out for ERANGE here. * NB: We should probably watch out for ERANGE here.
*/ */
if (getaudit(&ainfo) < 0) if (getaudit(&ainfo) < 0)
log_error(0, "getaudit: failed"); log_error(0, _("getaudit: failed"));
tok = au_to_subject(auid, geteuid(), getegid(), getuid(), tok = au_to_subject(auid, geteuid(), getegid(), getuid(),
getuid(), pid, pid, &ainfo.ai_termid); getuid(), pid, pid, &ainfo.ai_termid);
} else } else
log_error(0, "getaudit: failed"); log_error(0, _("getaudit: failed"));
if (tok == NULL) if (tok == NULL)
log_error(0, "au_to_subject: failed"); log_error(0, _("au_to_subject: failed"));
au_write(aufd, tok); au_write(aufd, tok);
tok = au_to_exec_args(exec_args); tok = au_to_exec_args(exec_args);
if (tok == NULL) if (tok == NULL)
log_error(0, "au_to_exec_args: failed"); log_error(0, _("au_to_exec_args: failed"));
au_write(aufd, tok); au_write(aufd, tok);
tok = au_to_return32(0, 0); tok = au_to_return32(0, 0);
if (tok == NULL) if (tok == NULL)
log_error(0, "au_to_return32: failed"); log_error(0, _("au_to_return32: failed"));
au_write(aufd, tok); au_write(aufd, tok);
if (au_close(aufd, 1, AUE_sudo) == -1) if (au_close(aufd, 1, AUE_sudo) == -1)
log_error(0, "unable to commit audit record"); log_error(0, _("unable to commit audit record"));
} }
void void
@@ -145,42 +145,42 @@ bsm_audit_failure(char **exec_args, char const *const fmt, va_list ap)
if (auditon(A_GETCOND, &au_cond, sizeof(long)) < 0) { if (auditon(A_GETCOND, &au_cond, sizeof(long)) < 0) {
if (errno == AUDIT_NOT_CONFIGURED) if (errno == AUDIT_NOT_CONFIGURED)
return; return;
log_error(0, "Could not determine audit condition"); log_error(0, _("Could not determine audit condition"));
} }
if (au_cond == AUC_NOAUDIT) if (au_cond == AUC_NOAUDIT)
return; return;
if (!audit_sudo_selected(1)) if (!audit_sudo_selected(1))
return; return;
if (getauid(&auid) < 0) if (getauid(&auid) < 0)
log_error(0, "getauid: failed"); log_error(0, _("getauid: failed"));
if ((aufd = au_open()) == -1) if ((aufd = au_open()) == -1)
log_error(0, "au_open: failed"); log_error(0, _("au_open: failed"));
if (getaudit_addr(&ainfo_addr, sizeof(ainfo_addr)) == 0) { if (getaudit_addr(&ainfo_addr, sizeof(ainfo_addr)) == 0) {
tok = au_to_subject_ex(auid, geteuid(), getegid(), getuid(), tok = au_to_subject_ex(auid, geteuid(), getegid(), getuid(),
getuid(), pid, pid, &ainfo_addr.ai_termid); getuid(), pid, pid, &ainfo_addr.ai_termid);
} else if (errno == ENOSYS) { } else if (errno == ENOSYS) {
if (getaudit(&ainfo) < 0) if (getaudit(&ainfo) < 0)
log_error(0, "getaudit: failed"); log_error(0, _("getaudit: failed"));
tok = au_to_subject(auid, geteuid(), getegid(), getuid(), tok = au_to_subject(auid, geteuid(), getegid(), getuid(),
getuid(), pid, pid, &ainfo.ai_termid); getuid(), pid, pid, &ainfo.ai_termid);
} else } else
log_error(0, "getaudit: failed"); log_error(0, _("getaudit: failed"));
if (tok == NULL) if (tok == NULL)
log_error(0, "au_to_subject: failed"); log_error(0, _("au_to_subject: failed"));
au_write(aufd, tok); au_write(aufd, tok);
tok = au_to_exec_args(exec_args); tok = au_to_exec_args(exec_args);
if (tok == NULL) if (tok == NULL)
log_error(0, "au_to_exec_args: failed"); log_error(0, _("au_to_exec_args: failed"));
au_write(aufd, tok); au_write(aufd, tok);
(void) vsnprintf(text, sizeof(text), fmt, ap); (void) vsnprintf(text, sizeof(text), fmt, ap);
tok = au_to_text(text); tok = au_to_text(text);
if (tok == NULL) if (tok == NULL)
log_error(0, "au_to_text: failed"); log_error(0, _("au_to_text: failed"));
au_write(aufd, tok); au_write(aufd, tok);
tok = au_to_return32(EPERM, 1); tok = au_to_return32(EPERM, 1);
if (tok == NULL) if (tok == NULL)
log_error(0, "au_to_return32: failed"); log_error(0, _("au_to_return32: failed"));
au_write(aufd, tok); au_write(aufd, tok);
if (au_close(aufd, 1, AUE_sudo) == -1) if (au_close(aufd, 1, AUE_sudo) == -1)
log_error(0, "unable to commit audit record"); log_error(0, _("unable to commit audit record"));
} }

87
plugins/sudoers/check.c
View File

@@ -138,11 +138,11 @@ check_user(int validated, int mode)
/* Bail out if we are non-interactive and a password is required */ /* Bail out if we are non-interactive and a password is required */
if (ISSET(mode, MODE_NONINTERACTIVE)) { if (ISSET(mode, MODE_NONINTERACTIVE)) {
warningx("sorry, a password is required to run %s", getprogname()); warningx(_("sorry, a password is required to run %s"), getprogname());
return -1; return -1;
} }
/* XXX - should not lecture if askpass help is being used. */ /* XXX - should not lecture if askpass helper is being used. */
lecture(status); lecture(status);
/* Expand any escapes in the prompt. */ /* Expand any escapes in the prompt. */
@@ -163,12 +163,12 @@ check_user(int validated, int mode)
return rval; return rval;
} }
static const char lecture_text[] = "\n" #define DEFAULT_LECTURE "\n" \
"We trust you have received the usual lecture from the local System\n" "We trust you have received the usual lecture from the local System\n" \
"Administrator. It usually boils down to these three things:\n\n" "Administrator. It usually boils down to these three things:\n\n" \
" #1) Respect the privacy of others.\n" " #1) Respect the privacy of others.\n" \
" #2) Think before you type.\n" " #2) Think before you type.\n" \
" #3) With great power comes great responsibility.\n\n"; " #3) With great power comes great responsibility.\n\n"
/* /*
* Standard sudo lecture. * Standard sudo lecture.
@@ -199,7 +199,7 @@ lecture(int status)
fclose(fp); fclose(fp);
} else { } else {
msg.msg_type = SUDO_CONV_ERROR_MSG; msg.msg_type = SUDO_CONV_ERROR_MSG;
msg.msg = lecture_text; msg.msg = _(DEFAULT_LECTURE);
sudo_conv(1, &msg, &repl); sudo_conv(1, &msg, &repl);
} }
} }
@@ -222,17 +222,17 @@ update_timestamp(char *timestampdir, char *timestampfile)
*/ */
int fd = open(timestampfile, O_WRONLY|O_CREAT, 0600); int fd = open(timestampfile, O_WRONLY|O_CREAT, 0600);
if (fd == -1) if (fd == -1)
log_error(NO_EXIT|USE_ERRNO, "Can't open %s", timestampfile); log_error(NO_EXIT|USE_ERRNO, _("Can't open %s"), timestampfile);
else { else {
lock_file(fd, SUDO_LOCK); lock_file(fd, SUDO_LOCK);
if (write(fd, &tty_info, sizeof(tty_info)) != sizeof(tty_info)) if (write(fd, &tty_info, sizeof(tty_info)) != sizeof(tty_info))
log_error(NO_EXIT|USE_ERRNO, "Can't write %s", timestampfile); log_error(NO_EXIT|USE_ERRNO, _("Can't write %s"), timestampfile);
close(fd); close(fd);
} }
} else { } else {
if (touch(-1, timestampdir, NULL) == -1) { if (touch(-1, timestampdir, NULL) == -1) {
if (mkdir(timestampdir, 0700) == -1) if (mkdir(timestampdir, 0700) == -1)
log_error(NO_EXIT|USE_ERRNO, "Can't mkdir %s", timestampdir); log_error(NO_EXIT|USE_ERRNO, _("Can't mkdir %s"), timestampdir);
} }
} }
if (timestamp_uid != 0) if (timestamp_uid != 0)
@@ -363,7 +363,7 @@ expand_prompt(char *old_prompt, char *user, char *host)
oflow: oflow:
/* We pre-allocate enough space, so this should never happen. */ /* We pre-allocate enough space, so this should never happen. */
errorx(1, "internal error, expand_prompt() overflow"); errorx(1, _("internal error, expand_prompt() overflow"));
} }
/* /*
@@ -388,10 +388,8 @@ build_timestamp(char **timestampdir, char **timestampfile)
dirparent = def_timestampdir; dirparent = def_timestampdir;
len = easprintf(timestampdir, "%s/%s", dirparent, user_name); len = easprintf(timestampdir, "%s/%s", dirparent, user_name);
if (len >= PATH_MAX) { if (len >= PATH_MAX)
log_error(0, "timestamp path too long: %s", *timestampdir); goto bad;
return -1;
}
/* /*
* Timestamp file may be a file in the directory or NUL to use * Timestamp file may be a file in the directory or NUL to use
@@ -409,21 +407,20 @@ build_timestamp(char **timestampdir, char **timestampfile)
p, runas_pw->pw_name); p, runas_pw->pw_name);
else else
len = easprintf(timestampfile, "%s/%s/%s", dirparent, user_name, p); len = easprintf(timestampfile, "%s/%s/%s", dirparent, user_name, p);
if (len >= PATH_MAX) { if (len >= PATH_MAX)
log_error(0, "timestamp path too long: %s", *timestampfile); goto bad;
return -1;
}
} else if (def_targetpw) { } else if (def_targetpw) {
len = easprintf(timestampfile, "%s/%s/%s", dirparent, user_name, len = easprintf(timestampfile, "%s/%s/%s", dirparent, user_name,
runas_pw->pw_name); runas_pw->pw_name);
if (len >= PATH_MAX) { if (len >= PATH_MAX)
log_error(0, "timestamp path too long: %s", *timestampfile); goto bad;
return -1;
}
} else } else
*timestampfile = NULL; *timestampfile = NULL;
return len; return len;
bad:
log_error(0, _("timestamp path too long: %s"), *timestampfile);
return -1;
} }
/* /*
@@ -450,15 +447,15 @@ timestamp_status(char *timestampdir, char *timestampfile, char *user, int flags)
*/ */
if (lstat(dirparent, &sb) == 0) { if (lstat(dirparent, &sb) == 0) {
if (!S_ISDIR(sb.st_mode)) if (!S_ISDIR(sb.st_mode))
log_error(NO_EXIT, "%s exists but is not a directory (0%o)", log_error(NO_EXIT, _("%s exists but is not a directory (0%o)"),
dirparent, (unsigned int) sb.st_mode); dirparent, (unsigned int) sb.st_mode);
else if (sb.st_uid != timestamp_uid) else if (sb.st_uid != timestamp_uid)
log_error(NO_EXIT, "%s owned by uid %u, should be uid %u", log_error(NO_EXIT, _("%s owned by uid %u, should be uid %u"),
dirparent, (unsigned int) sb.st_uid, dirparent, (unsigned int) sb.st_uid,
(unsigned int) timestamp_uid); (unsigned int) timestamp_uid);
else if ((sb.st_mode & 0000022)) else if ((sb.st_mode & 0000022))
log_error(NO_EXIT, log_error(NO_EXIT,
"%s writable by non-owner (0%o), should be mode 0700", _("%s writable by non-owner (0%o), should be mode 0700"),
dirparent, (unsigned int) sb.st_mode); dirparent, (unsigned int) sb.st_mode);
else { else {
if ((sb.st_mode & 0000777) != 0700) if ((sb.st_mode & 0000777) != 0700)
@@ -466,12 +463,12 @@ timestamp_status(char *timestampdir, char *timestampfile, char *user, int flags)
status = TS_MISSING; status = TS_MISSING;
} }
} else if (errno != ENOENT) { } else if (errno != ENOENT) {
log_error(NO_EXIT|USE_ERRNO, "can't stat %s", dirparent); log_error(NO_EXIT|USE_ERRNO, _("can't stat %s"), dirparent);
} else { } else {
/* No dirparent, try to make one. */ /* No dirparent, try to make one. */
if (ISSET(flags, TS_MAKE_DIRS)) { if (ISSET(flags, TS_MAKE_DIRS)) {
if (mkdir(dirparent, S_IRWXU)) if (mkdir(dirparent, S_IRWXU))
log_error(NO_EXIT|USE_ERRNO, "can't mkdir %s", log_error(NO_EXIT|USE_ERRNO, _("can't mkdir %s"),
dirparent); dirparent);
else else
status = TS_MISSING; status = TS_MISSING;
@@ -494,15 +491,15 @@ timestamp_status(char *timestampdir, char *timestampfile, char *user, int flags)
if (unlink(timestampdir) == 0) if (unlink(timestampdir) == 0)
status = TS_MISSING; status = TS_MISSING;
} else } else
log_error(NO_EXIT, "%s exists but is not a directory (0%o)", log_error(NO_EXIT, _("%s exists but is not a directory (0%o)"),
timestampdir, (unsigned int) sb.st_mode); timestampdir, (unsigned int) sb.st_mode);
} else if (sb.st_uid != timestamp_uid) } else if (sb.st_uid != timestamp_uid)
log_error(NO_EXIT, "%s owned by uid %u, should be uid %u", log_error(NO_EXIT, _("%s owned by uid %u, should be uid %u"),
timestampdir, (unsigned int) sb.st_uid, timestampdir, (unsigned int) sb.st_uid,
(unsigned int) timestamp_uid); (unsigned int) timestamp_uid);
else if ((sb.st_mode & 0000022)) else if ((sb.st_mode & 0000022))
log_error(NO_EXIT, log_error(NO_EXIT,
"%s writable by non-owner (0%o), should be mode 0700", _("%s writable by non-owner (0%o), should be mode 0700"),
timestampdir, (unsigned int) sb.st_mode); timestampdir, (unsigned int) sb.st_mode);
else { else {
if ((sb.st_mode & 0000777) != 0700) if ((sb.st_mode & 0000777) != 0700)
@@ -510,7 +507,7 @@ timestamp_status(char *timestampdir, char *timestampfile, char *user, int flags)
status = TS_OLD; /* do date check later */ status = TS_OLD; /* do date check later */
} }
} else if (errno != ENOENT) { } else if (errno != ENOENT) {
log_error(NO_EXIT|USE_ERRNO, "can't stat %s", timestampdir); log_error(NO_EXIT|USE_ERRNO, _("can't stat %s"), timestampdir);
} else } else
status = TS_MISSING; status = TS_MISSING;
@@ -521,7 +518,7 @@ timestamp_status(char *timestampdir, char *timestampfile, char *user, int flags)
if (status == TS_MISSING && timestampfile && ISSET(flags, TS_MAKE_DIRS)) { if (status == TS_MISSING && timestampfile && ISSET(flags, TS_MAKE_DIRS)) {
if (mkdir(timestampdir, S_IRWXU) == -1) { if (mkdir(timestampdir, S_IRWXU) == -1) {
status = TS_ERROR; status = TS_ERROR;
log_error(NO_EXIT|USE_ERRNO, "can't mkdir %s", timestampdir); log_error(NO_EXIT|USE_ERRNO, _("can't mkdir %s"), timestampdir);
} }
} }
@@ -536,19 +533,19 @@ timestamp_status(char *timestampdir, char *timestampfile, char *user, int flags)
if (lstat(timestampfile, &sb) == 0) { if (lstat(timestampfile, &sb) == 0) {
if (!S_ISREG(sb.st_mode)) { if (!S_ISREG(sb.st_mode)) {
status = TS_ERROR; status = TS_ERROR;
log_error(NO_EXIT, "%s exists but is not a regular file (0%o)", log_error(NO_EXIT, _("%s exists but is not a regular file (0%o)"),
timestampfile, (unsigned int) sb.st_mode); timestampfile, (unsigned int) sb.st_mode);
} else { } else {
/* If bad uid or file mode, complain and kill the bogus file. */ /* If bad uid or file mode, complain and kill the bogus file. */
if (sb.st_uid != timestamp_uid) { if (sb.st_uid != timestamp_uid) {
log_error(NO_EXIT, log_error(NO_EXIT,
"%s owned by uid %u, should be uid %u", _("%s owned by uid %u, should be uid %u"),
timestampfile, (unsigned int) sb.st_uid, timestampfile, (unsigned int) sb.st_uid,
(unsigned int) timestamp_uid); (unsigned int) timestamp_uid);
(void) unlink(timestampfile); (void) unlink(timestampfile);
} else if ((sb.st_mode & 0000022)) { } else if ((sb.st_mode & 0000022)) {
log_error(NO_EXIT, log_error(NO_EXIT,
"%s writable by non-owner (0%o), should be mode 0600", _("%s writable by non-owner (0%o), should be mode 0600"),
timestampfile, (unsigned int) sb.st_mode); timestampfile, (unsigned int) sb.st_mode);
(void) unlink(timestampfile); (void) unlink(timestampfile);
} else { } else {
@@ -578,7 +575,7 @@ timestamp_status(char *timestampdir, char *timestampfile, char *user, int flags)
} }
} }
} else if (errno != ENOENT) { } else if (errno != ENOENT) {
log_error(NO_EXIT|USE_ERRNO, "can't stat %s", timestampfile); log_error(NO_EXIT|USE_ERRNO, _("can't stat %s"), timestampfile);
status = TS_ERROR; status = TS_ERROR;
} }
} }
@@ -602,7 +599,7 @@ timestamp_status(char *timestampdir, char *timestampfile, char *user, int flags)
if (mtime.tv_sec > now + 60 * def_timestamp_timeout * 2) { if (mtime.tv_sec > now + 60 * def_timestamp_timeout * 2) {
time_t tv_sec = (time_t)mtime.tv_sec; time_t tv_sec = (time_t)mtime.tv_sec;
log_error(NO_EXIT, log_error(NO_EXIT,
"timestamp too far in the future: %20.20s", _("timestamp too far in the future: %20.20s"),
4 + ctime(&tv_sec)); 4 + ctime(&tv_sec));
if (timestampfile) if (timestampfile)
(void) unlink(timestampfile); (void) unlink(timestampfile);
@@ -647,14 +644,14 @@ remove_timestamp(int remove)
else else
status = rmdir(timestampdir); status = rmdir(timestampdir);
if (status == -1 && errno != ENOENT) { if (status == -1 && errno != ENOENT) {
log_error(NO_EXIT, "can't remove %s (%s), will reset to Epoch", log_error(NO_EXIT, _("can't remove %s (%s), will reset to Epoch"),
path, strerror(errno)); path, strerror(errno));
remove = FALSE; remove = FALSE;
} }
} else { } else {
timevalclear(&tv); timevalclear(&tv);
if (touch(-1, path, &tv) == -1 && errno != ENOENT) if (touch(-1, path, &tv) == -1 && errno != ENOENT)
error(1, "can't reset %s to Epoch", path); error(1, _("can't reset %s to Epoch"), path);
} }
} }
@@ -708,13 +705,13 @@ get_authpw(void)
if (def_rootpw) { if (def_rootpw) {
if ((pw = sudo_getpwuid(0)) == NULL) if ((pw = sudo_getpwuid(0)) == NULL)
log_error(0, "unknown uid: 0"); log_error(0, _("unknown uid: 0"));
} else if (def_runaspw) { } else if (def_runaspw) {
if ((pw = sudo_getpwnam(def_runas_default)) == NULL) if ((pw = sudo_getpwnam(def_runas_default)) == NULL)
log_error(0, "unknown user: %s", def_runas_default); log_error(0, _("unknown user: %s"), def_runas_default);
} else if (def_targetpw) { } else if (def_targetpw) {
if (runas_pw->pw_name == NULL) if (runas_pw->pw_name == NULL)
log_error(NO_MAIL|MSG_ONLY, "unknown uid: %u", log_error(NO_MAIL|MSG_ONLY, _("unknown uid: %u"),
(unsigned int) runas_pw->pw_uid); (unsigned int) runas_pw->pw_uid);
pw_addref(runas_pw); pw_addref(runas_pw);
pw = runas_pw; pw = runas_pw;

58
plugins/sudoers/defaults.c
View File

@@ -194,22 +194,22 @@ list_options(void)
char *p; char *p;
sudo_printf(SUDO_CONV_INFO_MSG, sudo_printf(SUDO_CONV_INFO_MSG,
"Available options in a sudoers ``Defaults'' line:\n\n"); _("Available options in a sudoers ``Defaults'' line:\n\n"));
for (cur = sudo_defs_table; cur->name; cur++) { for (cur = sudo_defs_table; cur->name; cur++) {
if (cur->name && cur->desc) { if (cur->name && cur->desc) {
switch (cur->type & T_MASK) { switch (cur->type & T_MASK) {
case T_FLAG: case T_FLAG:
sudo_printf(SUDO_CONV_INFO_MSG, sudo_printf(SUDO_CONV_INFO_MSG,
"%s: %s\n", cur->name, cur->desc); _("%s: %s\n"), cur->name, cur->desc);
break; break;
default: default:
p = strrchr(cur->desc, ':'); p = strrchr(cur->desc, ':');
if (p) { if (p) {
sudo_printf(SUDO_CONV_INFO_MSG, "%s: %.*s\n", sudo_printf(SUDO_CONV_INFO_MSG, _("%s: %.*s\n"),
cur->name, (int) (p - cur->desc), cur->desc); cur->name, (int) (p - cur->desc), cur->desc);
} else { } else {
sudo_printf(SUDO_CONV_INFO_MSG, sudo_printf(SUDO_CONV_INFO_MSG,
"%s: %s\n", cur->name, cur->desc); _("%s: %s\n"), cur->name, cur->desc);
} }
break; break;
} }
@@ -235,7 +235,7 @@ set_default(char *var, char *val, int op)
break; break;
} }
if (!cur->name) { if (!cur->name) {
warningx("unknown defaults entry `%s'", var); warningx(_("unknown defaults entry `%s'"), var);
return FALSE; return FALSE;
} }
@@ -243,18 +243,20 @@ set_default(char *var, char *val, int op)
case T_LOGFAC: case T_LOGFAC:
if (!store_syslogfac(val, cur, op)) { if (!store_syslogfac(val, cur, op)) {
if (val) if (val)
warningx("value `%s' is invalid for option `%s'", val, var); warningx(_("value `%s' is invalid for option `%s'"),
val, var);
else else
warningx("no value specified for `%s'", var); warningx(_("no value specified for `%s'"), var);
return FALSE; return FALSE;
} }
break; break;
case T_LOGPRI: case T_LOGPRI:
if (!store_syslogpri(val, cur, op)) { if (!store_syslogpri(val, cur, op)) {
if (val) if (val)
warningx("value `%s' is invalid for option `%s'", val, var); warningx(_("value `%s' is invalid for option `%s'"),
val, var);
else else
warningx("no value specified for `%s'", var); warningx(_("no value specified for `%s'"), var);
return FALSE; return FALSE;
} }
break; break;
@@ -262,16 +264,16 @@ set_default(char *var, char *val, int op)
if (!val) { if (!val) {
/* Check for bogus boolean usage or lack of a value. */ /* Check for bogus boolean usage or lack of a value. */
if (!ISSET(cur->type, T_BOOL) || op != FALSE) { if (!ISSET(cur->type, T_BOOL) || op != FALSE) {
warningx("no value specified for `%s'", var); warningx(_("no value specified for `%s'"), var);
return FALSE; return FALSE;
} }
} }
if (ISSET(cur->type, T_PATH) && val && *val != '/') { if (ISSET(cur->type, T_PATH) && val && *val != '/') {
warningx("values for `%s' must start with a '/'", var); warningx(_("values for `%s' must start with a '/'"), var);
return FALSE; return FALSE;
} }
if (!store_str(val, cur, op)) { if (!store_str(val, cur, op)) {
warningx("value `%s' is invalid for option `%s'", val, var); warningx(_("value `%s' is invalid for option `%s'"), val, var);
return FALSE; return FALSE;
} }
break; break;
@@ -279,12 +281,12 @@ set_default(char *var, char *val, int op)
if (!val) { if (!val) {
/* Check for bogus boolean usage or lack of a value. */ /* Check for bogus boolean usage or lack of a value. */
if (!ISSET(cur->type, T_BOOL) || op != FALSE) { if (!ISSET(cur->type, T_BOOL) || op != FALSE) {
warningx("no value specified for `%s'", var); warningx(_("no value specified for `%s'"), var);
return FALSE; return FALSE;
} }
} }
if (!store_int(val, cur, op)) { if (!store_int(val, cur, op)) {
warningx("value `%s' is invalid for option `%s'", val, var); warningx(_("value `%s' is invalid for option `%s'"), val, var);
return FALSE; return FALSE;
} }
break; break;
@@ -292,12 +294,12 @@ set_default(char *var, char *val, int op)
if (!val) { if (!val) {
/* Check for bogus boolean usage or lack of a value. */ /* Check for bogus boolean usage or lack of a value. */
if (!ISSET(cur->type, T_BOOL) || op != FALSE) { if (!ISSET(cur->type, T_BOOL) || op != FALSE) {
warningx("no value specified for `%s'", var); warningx(_("no value specified for `%s'"), var);
return FALSE; return FALSE;
} }
} }
if (!store_uint(val, cur, op)) { if (!store_uint(val, cur, op)) {
warningx("value `%s' is invalid for option `%s'", val, var); warningx(_("value `%s' is invalid for option `%s'"), val, var);
return FALSE; return FALSE;
} }
break; break;
@@ -305,12 +307,12 @@ set_default(char *var, char *val, int op)
if (!val) { if (!val) {
/* Check for bogus boolean usage or lack of a value. */ /* Check for bogus boolean usage or lack of a value. */
if (!ISSET(cur->type, T_BOOL) || op != FALSE) { if (!ISSET(cur->type, T_BOOL) || op != FALSE) {
warningx("no value specified for `%s'", var); warningx(_("no value specified for `%s'"), var);
return FALSE; return FALSE;
} }
} }
if (!store_float(val, cur, op)) { if (!store_float(val, cur, op)) {
warningx("value `%s' is invalid for option `%s'", val, var); warningx(_("value `%s' is invalid for option `%s'"), val, var);
return FALSE; return FALSE;
} }
break; break;
@@ -318,18 +320,18 @@ set_default(char *var, char *val, int op)
if (!val) { if (!val) {
/* Check for bogus boolean usage or lack of a value. */ /* Check for bogus boolean usage or lack of a value. */
if (!ISSET(cur->type, T_BOOL) || op != FALSE) { if (!ISSET(cur->type, T_BOOL) || op != FALSE) {
warningx("no value specified for `%s'", var); warningx(_("no value specified for `%s'"), var);
return FALSE; return FALSE;
} }
} }
if (!store_mode(val, cur, op)) { if (!store_mode(val, cur, op)) {
warningx("value `%s' is invalid for option `%s'", val, var); warningx(_("value `%s' is invalid for option `%s'"), val, var);
return FALSE; return FALSE;
} }
break; break;
case T_FLAG: case T_FLAG:
if (val) { if (val) {
warningx("option `%s' does not take a value", var); warningx(_("option `%s' does not take a value"), var);
return FALSE; return FALSE;
} }
cur->sd_un.flag = op; cur->sd_un.flag = op;
@@ -338,22 +340,22 @@ set_default(char *var, char *val, int op)
if (!val) { if (!val) {
/* Check for bogus boolean usage or lack of a value. */ /* Check for bogus boolean usage or lack of a value. */
if (!ISSET(cur->type, T_BOOL) || op != FALSE) { if (!ISSET(cur->type, T_BOOL) || op != FALSE) {
warningx("no value specified for `%s'", var); warningx(_("no value specified for `%s'"), var);
return FALSE; return FALSE;
} }
} }
if (!store_list(val, cur, op)) { if (!store_list(val, cur, op)) {
warningx("value `%s' is invalid for option `%s'", val, var); warningx(_("value `%s' is invalid for option `%s'"), val, var);
return FALSE; return FALSE;
} }
break; break;
case T_TUPLE: case T_TUPLE:
if (!val && !ISSET(cur->type, T_BOOL)) { if (!val && !ISSET(cur->type, T_BOOL)) {
warningx("no value specified for `%s'", var); warningx(_("no value specified for `%s'"), var);
return FALSE; return FALSE;
} }
if (!store_tuple(val, cur, op)) { if (!store_tuple(val, cur, op)) {
warningx("value `%s' is invalid for option `%s'", val, var); warningx(_("value `%s' is invalid for option `%s'"), val, var);
return FALSE; return FALSE;
} }
break; break;
@@ -479,10 +481,10 @@ init_defaults(void)
/* Now do the strings */ /* Now do the strings */
def_mailto = estrdup(MAILTO); def_mailto = estrdup(MAILTO);
def_mailsub = estrdup(MAILSUBJECT); def_mailsub = estrdup(_(MAILSUBJECT));
def_badpass_message = estrdup(INCORRECT_PASSWORD); def_badpass_message = estrdup(_(INCORRECT_PASSWORD));
def_timestampdir = estrdup(_PATH_SUDO_TIMEDIR); def_timestampdir = estrdup(_PATH_SUDO_TIMEDIR);
def_passprompt = estrdup(PASSPROMPT); def_passprompt = estrdup(_(PASSPROMPT));
def_runas_default = estrdup(RUNAS_DEFAULT); def_runas_default = estrdup(RUNAS_DEFAULT);
#ifdef _PATH_SUDO_SENDMAIL #ifdef _PATH_SUDO_SENDMAIL
def_mailerpath = estrdup(_PATH_SUDO_SENDMAIL); def_mailerpath = estrdup(_PATH_SUDO_SENDMAIL);

6
plugins/sudoers/env.c
View File

@@ -256,7 +256,7 @@ sudo_setenv(const char *var, const char *val, int dupcheck)
strlcat(estring, "=", esize) >= esize || strlcat(estring, "=", esize) >= esize ||
strlcat(estring, val, esize) >= esize) { strlcat(estring, val, esize) >= esize) {
errorx(1, "internal error, sudo_setenv() overflow"); errorx(1, _("internal error, sudo_setenv() overflow"));
} }
sudo_putenv(estring, dupcheck, TRUE); sudo_putenv(estring, dupcheck, TRUE);
} }
@@ -286,7 +286,7 @@ sudo_putenv(char *str, int dupcheck, int overwrite)
#ifdef ENV_DEBUG #ifdef ENV_DEBUG
if (env.envp[env.env_len] != NULL) if (env.envp[env.env_len] != NULL)
errorx(1, "sudo_putenv: corrupted envp, len mismatch"); errorx(1, _("sudo_putenv: corrupted envp, len mismatch"));
#endif #endif
if (dupcheck) { if (dupcheck) {
@@ -691,7 +691,7 @@ validate_env_vars(char * const env_vars[])
if (bad != NULL) { if (bad != NULL) {
bad[blen - 2] = '\0'; /* remove trailing ", " */ bad[blen - 2] = '\0'; /* remove trailing ", " */
log_error(NO_MAIL, log_error(NO_MAIL,
"sorry, you are not allowed to set the following environment variables: %s", bad); _("sorry, you are not allowed to set the following environment variables: %s"), bad);
/* NOTREACHED */ /* NOTREACHED */
efree(bad); efree(bad);
} }

6
plugins/sudoers/find_path.c
View File

@@ -64,7 +64,7 @@ find_path(char *infile, char **outfile, struct stat *sbp, char *path,
int len; /* length parameter */ int len; /* length parameter */
if (strlen(infile) >= PATH_MAX) if (strlen(infile) >= PATH_MAX)
errorx(1, "%s: File name too long", infile); errorx(1, _("%s: File name too long"), infile);
/* /*
* If we were given a fully qualified or relative path * If we were given a fully qualified or relative path
@@ -103,7 +103,7 @@ find_path(char *infile, char **outfile, struct stat *sbp, char *path,
*/ */
len = snprintf(command, sizeof(command), "%s/%s", path, infile); len = snprintf(command, sizeof(command), "%s/%s", path, infile);
if (len <= 0 || len >= sizeof(command)) if (len <= 0 || len >= sizeof(command))
errorx(1, "%s: File name too long", infile); errorx(1, _("%s: File name too long"), infile);
if ((result = sudo_goodpath(command, sbp))) if ((result = sudo_goodpath(command, sbp)))
break; break;
@@ -118,7 +118,7 @@ find_path(char *infile, char **outfile, struct stat *sbp, char *path,
if (!result && checkdot) { if (!result && checkdot) {
len = snprintf(command, sizeof(command), "./%s", infile); len = snprintf(command, sizeof(command), "./%s", infile);
if (len <= 0 || len >= sizeof(command)) if (len <= 0 || len >= sizeof(command))
errorx(1, "%s: File name too long", infile); errorx(1, _("%s: File name too long"), infile);
result = sudo_goodpath(command, sbp); result = sudo_goodpath(command, sbp);
if (result && ignore_dot) if (result && ignore_dot)
return NOT_FOUND_DOT; return NOT_FOUND_DOT;

2
plugins/sudoers/gram.c
View File

@@ -112,7 +112,7 @@ yyerror(const char *s)
if (trace_print != NULL) { if (trace_print != NULL) {
LEXTRACE("<*> "); LEXTRACE("<*> ");
} else if (verbose && s != NULL) { } else if (verbose && s != NULL) {
warningx(">>> %s: %s near line %d <<<", sudoers, s, warningx(_(">>> %s: %s near line %d <<<"), sudoers, s,
sudolineno ? sudolineno - 1 : 0); sudolineno ? sudolineno - 1 : 0);
} }
parse_error = TRUE; parse_error = TRUE;

2
plugins/sudoers/gram.y
View File

@@ -100,7 +100,7 @@ yyerror(const char *s)
if (trace_print != NULL) { if (trace_print != NULL) {
LEXTRACE("<*> "); LEXTRACE("<*> ");
} else if (verbose && s != NULL) { } else if (verbose && s != NULL) {
warningx(">>> %s: %s near line %d <<<", sudoers, s, warningx(_(">>> %s: %s near line %d <<<"), sudoers, s,
sudolineno ? sudolineno - 1 : 0); sudolineno ? sudolineno - 1 : 0);
} }
parse_error = TRUE; parse_error = TRUE;

12
plugins/sudoers/group_plugin.c
View File

@@ -88,7 +88,7 @@ group_plugin_load(char *plugin_info)
(*plugin_info != '/') ? _PATH_SUDO_PLUGIN_DIR : "", plugin_info); (*plugin_info != '/') ? _PATH_SUDO_PLUGIN_DIR : "", plugin_info);
} }
if (len <= 0 || len >= sizeof(path)) { if (len <= 0 || len >= sizeof(path)) {
warningx("%s%s: %s", warningx(_("%s%s: %s"),
(*plugin_info != '/') ? _PATH_SUDO_PLUGIN_DIR : "", plugin_info, (*plugin_info != '/') ? _PATH_SUDO_PLUGIN_DIR : "", plugin_info,
strerror(ENAMETOOLONG)); strerror(ENAMETOOLONG));
goto done; goto done;
@@ -100,28 +100,28 @@ group_plugin_load(char *plugin_info)
goto done; goto done;
} }
if (sb.st_uid != ROOT_UID) { if (sb.st_uid != ROOT_UID) {
warningx("%s must be owned by uid %d", path, ROOT_UID); warningx(_("%s must be owned by uid %d"), path, ROOT_UID);
goto done; goto done;
} }
if ((sb.st_mode & (S_IWGRP|S_IWOTH)) != 0) { if ((sb.st_mode & (S_IWGRP|S_IWOTH)) != 0) {
warningx("%s must be only be writable by owner", path); warningx(_("%s must be only be writable by owner"), path);
goto done; goto done;
} }
/* Open plugin and map in symbol. */ /* Open plugin and map in symbol. */
group_handle = dlopen(path, RTLD_LAZY|RTLD_LOCAL); group_handle = dlopen(path, RTLD_LAZY|RTLD_LOCAL);
if (!group_handle) { if (!group_handle) {
warningx("unable to dlopen %s: %s", path, dlerror()); warningx(_("unable to dlopen %s: %s"), path, dlerror());
goto done; goto done;
} }
group_plugin = dlsym(group_handle, "group_plugin"); group_plugin = dlsym(group_handle, "group_plugin");
if (group_plugin == NULL) { if (group_plugin == NULL) {
warningx("unable to find symbol \"group_plugin\" in %s", path); warningx(_("unable to find symbol \"group_plugin\" in %s"), path);
goto done; goto done;
} }
if (GROUP_API_VERSION_GET_MAJOR(group_plugin->version) != GROUP_API_VERSION_MAJOR) { if (GROUP_API_VERSION_GET_MAJOR(group_plugin->version) != GROUP_API_VERSION_MAJOR) {
warningx("%s: incompatible group plugin major version %d, expected %d", warningx(_("%s: incompatible group plugin major version %d, expected %d"),
path, GROUP_API_VERSION_GET_MAJOR(group_plugin->version), path, GROUP_API_VERSION_GET_MAJOR(group_plugin->version),
GROUP_API_VERSION_MAJOR); GROUP_API_VERSION_MAJOR);
goto done; goto done;

2
plugins/sudoers/interfaces.c
View File

@@ -106,7 +106,7 @@ dump_interfaces(const char *ai)
addrinfo = estrdup(ai); addrinfo = estrdup(ai);
sudo_printf(SUDO_CONV_INFO_MSG, "Local IP address and netmask pairs:\n"); sudo_printf(SUDO_CONV_INFO_MSG, _("Local IP address and netmask pairs:\n"));
for (cp = strtok(addrinfo, " \t"); cp != NULL; cp = strtok(NULL, " \t")) for (cp = strtok(addrinfo, " \t"); cp != NULL; cp = strtok(NULL, " \t"))
sudo_printf(SUDO_CONV_INFO_MSG, "\t%s\n", cp); sudo_printf(SUDO_CONV_INFO_MSG, "\t%s\n", cp);

34
plugins/sudoers/iolog.c
View File

@@ -119,9 +119,9 @@ mkdir_parents(char *path)
*slash = '\0'; *slash = '\0';
if (stat(path, &sb) != 0) { if (stat(path, &sb) != 0) {
if (mkdir(path, S_IRWXU) != 0) if (mkdir(path, S_IRWXU) != 0)
log_error(USE_ERRNO, "Can't mkdir %s", path); log_error(USE_ERRNO, _("Can't mkdir %s"), path);
} else if (!S_ISDIR(sb.st_mode)) { } else if (!S_ISDIR(sb.st_mode)) {
log_error(0, "%s: %s", path, strerror(ENOTDIR)); log_error(0, _("%s: %s"), path, strerror(ENOTDIR));
} }
*slash = '/'; *slash = '/';
} }
@@ -150,9 +150,9 @@ io_nextid(char *iolog_dir, char sessid[7])
mkdir_parents(iolog_dir); mkdir_parents(iolog_dir);
if (stat(iolog_dir, &sb) != 0) { if (stat(iolog_dir, &sb) != 0) {
if (mkdir(iolog_dir, S_IRWXU) != 0) if (mkdir(iolog_dir, S_IRWXU) != 0)
log_error(USE_ERRNO, "Can't mkdir %s", iolog_dir); log_error(USE_ERRNO, _("Can't mkdir %s"), iolog_dir);
} else if (!S_ISDIR(sb.st_mode)) { } else if (!S_ISDIR(sb.st_mode)) {
log_error(0, "%s exists but is not a directory (0%o)", log_error(0, _("%s exists but is not a directory (0%o)"),
iolog_dir, (unsigned int) sb.st_mode); iolog_dir, (unsigned int) sb.st_mode);
} }
@@ -166,17 +166,17 @@ io_nextid(char *iolog_dir, char sessid[7])
} }
fd = open(pathbuf, O_RDWR|O_CREAT, S_IRUSR|S_IWUSR); fd = open(pathbuf, O_RDWR|O_CREAT, S_IRUSR|S_IWUSR);
if (fd == -1) if (fd == -1)
log_error(USE_ERRNO, "cannot open %s", pathbuf); log_error(USE_ERRNO, _("cannot open %s"), pathbuf);
lock_file(fd, SUDO_LOCK); lock_file(fd, SUDO_LOCK);
/* Read seq number (base 36). */ /* Read seq number (base 36). */
nread = read(fd, buf, sizeof(buf)); nread = read(fd, buf, sizeof(buf));
if (nread != 0) { if (nread != 0) {
if (nread == -1) if (nread == -1)
log_error(USE_ERRNO, "cannot read %s", pathbuf); log_error(USE_ERRNO, _("cannot read %s"), pathbuf);
id = strtoul(buf, &ep, 36); id = strtoul(buf, &ep, 36);
if (buf == ep || id >= SESSID_MAX) if (buf == ep || id >= SESSID_MAX)
log_error(0, "invalid sequence number %s", pathbuf); log_error(0, _("invalid sequence number %s"), pathbuf);
} }
id++; id++;
@@ -196,7 +196,7 @@ io_nextid(char *iolog_dir, char sessid[7])
/* Rewind and overwrite old seq file. */ /* Rewind and overwrite old seq file. */
if (lseek(fd, 0, SEEK_SET) == (off_t)-1 || write(fd, buf, 7) != 7) if (lseek(fd, 0, SEEK_SET) == (off_t)-1 || write(fd, buf, 7) != 7)
log_error(USE_ERRNO, "Can't write to %s", pathbuf); log_error(USE_ERRNO, _("Can't write to %s"), pathbuf);
close(fd); close(fd);
} }
@@ -222,10 +222,10 @@ mkdir_iopath(const char *iolog_path, char *pathbuf, size_t pathsize)
mkdir_parents(pathbuf); mkdir_parents(pathbuf);
if (len >= 6 && strcmp(&pathbuf[len - 6], "XXXXXX") == 0) { if (len >= 6 && strcmp(&pathbuf[len - 6], "XXXXXX") == 0) {
if (mkdtemp(pathbuf) == NULL) if (mkdtemp(pathbuf) == NULL)
log_error(USE_ERRNO, "Can't create %s", pathbuf); log_error(USE_ERRNO, _("Can't create %s"), pathbuf);
} else { } else {
if (mkdir(pathbuf, S_IRWXU) != 0) if (mkdir(pathbuf, S_IRWXU) != 0)
log_error(USE_ERRNO, "Can't create %s", pathbuf); log_error(USE_ERRNO, _("Can't create %s"), pathbuf);
} }
return len; return len;
@@ -473,18 +473,18 @@ sudoers_io_open(unsigned int version, sudo_conv_t conversation,
*/ */
io_logfile = open_io_fd(pathbuf, len, "/log", FALSE); io_logfile = open_io_fd(pathbuf, len, "/log", FALSE);
if (io_logfile == NULL) if (io_logfile == NULL)
log_error(USE_ERRNO, "Can't create %s", pathbuf); log_error(USE_ERRNO, _("Can't create %s"), pathbuf);
io_fds[IOFD_TIMING].v = open_io_fd(pathbuf, len, "/timing", io_fds[IOFD_TIMING].v = open_io_fd(pathbuf, len, "/timing",
iolog_compress); iolog_compress);
if (io_fds[IOFD_TIMING].v == NULL) if (io_fds[IOFD_TIMING].v == NULL)
log_error(USE_ERRNO, "Can't create %s", pathbuf); log_error(USE_ERRNO, _("Can't create %s"), pathbuf);
if (details.iolog_ttyin) { if (details.iolog_ttyin) {
io_fds[IOFD_TTYIN].v = open_io_fd(pathbuf, len, "/ttyin", io_fds[IOFD_TTYIN].v = open_io_fd(pathbuf, len, "/ttyin",
iolog_compress); iolog_compress);
if (io_fds[IOFD_TTYIN].v == NULL) if (io_fds[IOFD_TTYIN].v == NULL)
log_error(USE_ERRNO, "Can't create %s", pathbuf); log_error(USE_ERRNO, _("Can't create %s"), pathbuf);
} else { } else {
sudoers_io.log_ttyin = NULL; sudoers_io.log_ttyin = NULL;
} }
@@ -492,7 +492,7 @@ sudoers_io_open(unsigned int version, sudo_conv_t conversation,
io_fds[IOFD_STDIN].v = open_io_fd(pathbuf, len, "/stdin", io_fds[IOFD_STDIN].v = open_io_fd(pathbuf, len, "/stdin",
iolog_compress); iolog_compress);
if (io_fds[IOFD_STDIN].v == NULL) if (io_fds[IOFD_STDIN].v == NULL)
log_error(USE_ERRNO, "Can't create %s", pathbuf); log_error(USE_ERRNO, _("Can't create %s"), pathbuf);
} else { } else {
sudoers_io.log_stdin = NULL; sudoers_io.log_stdin = NULL;
} }
@@ -500,7 +500,7 @@ sudoers_io_open(unsigned int version, sudo_conv_t conversation,
io_fds[IOFD_TTYOUT].v = open_io_fd(pathbuf, len, "/ttyout", io_fds[IOFD_TTYOUT].v = open_io_fd(pathbuf, len, "/ttyout",
iolog_compress); iolog_compress);
if (io_fds[IOFD_TTYOUT].v == NULL) if (io_fds[IOFD_TTYOUT].v == NULL)
log_error(USE_ERRNO, "Can't create %s", pathbuf); log_error(USE_ERRNO, _("Can't create %s"), pathbuf);
} else { } else {
sudoers_io.log_ttyout = NULL; sudoers_io.log_ttyout = NULL;
} }
@@ -508,7 +508,7 @@ sudoers_io_open(unsigned int version, sudo_conv_t conversation,
io_fds[IOFD_STDOUT].v = open_io_fd(pathbuf, len, "/stdout", io_fds[IOFD_STDOUT].v = open_io_fd(pathbuf, len, "/stdout",
iolog_compress); iolog_compress);
if (io_fds[IOFD_STDOUT].v == NULL) if (io_fds[IOFD_STDOUT].v == NULL)
log_error(USE_ERRNO, "Can't create %s", pathbuf); log_error(USE_ERRNO, _("Can't create %s"), pathbuf);
} else { } else {
sudoers_io.log_stdout = NULL; sudoers_io.log_stdout = NULL;
} }
@@ -516,7 +516,7 @@ sudoers_io_open(unsigned int version, sudo_conv_t conversation,
io_fds[IOFD_STDERR].v = open_io_fd(pathbuf, len, "/stderr", io_fds[IOFD_STDERR].v = open_io_fd(pathbuf, len, "/stderr",
iolog_compress); iolog_compress);
if (io_fds[IOFD_STDERR].v == NULL) if (io_fds[IOFD_STDERR].v == NULL)
log_error(USE_ERRNO, "Can't create %s", pathbuf); log_error(USE_ERRNO, _("Can't create %s"), pathbuf);
} else { } else {
sudoers_io.log_stderr = NULL; sudoers_io.log_stderr = NULL;
} }

2
plugins/sudoers/iolog_path.c
View File

@@ -242,7 +242,7 @@ expand_iolog_path(const char *prefix, const char *dir, const char *file,
#ifdef HAVE_SETLOCALE #ifdef HAVE_SETLOCALE
if (!setlocale(LC_ALL, def_sudoers_locale)) { if (!setlocale(LC_ALL, def_sudoers_locale)) {
warningx("unable to set locale to \"%s\", using \"C\"", warningx(_("unable to set locale to \"%s\", using \"C\""),
def_sudoers_locale); def_sudoers_locale);
setlocale(LC_ALL, "C"); setlocale(LC_ALL, "C");
} }

123
plugins/sudoers/ldap.c
View File

@@ -360,7 +360,7 @@ sudo_ldap_conf_add_ports(void)
hostbuf[0] = '\0'; hostbuf[0] = '\0';
if (snprintf(defport, sizeof(defport), ":%d", ldap_conf.port) >= sizeof(defport)) if (snprintf(defport, sizeof(defport), ":%d", ldap_conf.port) >= sizeof(defport))
errorx(1, "sudo_ldap_conf_add_ports: port too large"); errorx(1, _("sudo_ldap_conf_add_ports: port too large"));
for ((host = strtok(ldap_conf.host, " \t")); host; (host = strtok(NULL, " \t"))) { for ((host = strtok(ldap_conf.host, " \t")); host; (host = strtok(NULL, " \t"))) {
if (hostbuf[0] != '\0') { if (hostbuf[0] != '\0') {
@@ -383,7 +383,7 @@ sudo_ldap_conf_add_ports(void)
return; return;
toobig: toobig:
errorx(1, "sudo_ldap_conf_add_ports: out of space expanding hostbuf"); errorx(1, _("sudo_ldap_conf_add_ports: out of space expanding hostbuf"));
} }
#endif #endif
@@ -412,7 +412,7 @@ sudo_ldap_parse_uri(const struct ldap_config_list_str *uri_list)
nldaps++; nldaps++;
host = uri + 8; host = uri + 8;
} else { } else {
warningx("unsupported LDAP uri type: %s", uri); warningx(_("unsupported LDAP uri type: %s"), uri);
goto done; goto done;
} }
@@ -441,17 +441,17 @@ sudo_ldap_parse_uri(const struct ldap_config_list_str *uri_list)
} }
} }
if (hostbuf[0] == '\0') { if (hostbuf[0] == '\0') {
warningx("invalid uri: %s", uri_list); warningx(_("invalid uri: %s"), uri_list);
goto done; goto done;
} }
if (nldaps != 0) { if (nldaps != 0) {
if (nldap != 0) { if (nldap != 0) {
warningx("cannot mix ldap and ldaps URIs"); warningx(_("cannot mix ldap and ldaps URIs"));
goto done; goto done;
} }
if (ldap_conf.ssl_mode == SUDO_LDAP_STARTTLS) { if (ldap_conf.ssl_mode == SUDO_LDAP_STARTTLS) {
warningx("cannot mix ldaps and starttls"); warningx(_("cannot mix ldaps and starttls"));
goto done; goto done;
} }
ldap_conf.ssl_mode = SUDO_LDAP_SSL; ldap_conf.ssl_mode = SUDO_LDAP_SSL;
@@ -470,7 +470,7 @@ done:
return rc; return rc;
toobig: toobig:
errorx(1, "sudo_ldap_parse_uri: out of space building hostbuf"); errorx(1, _("sudo_ldap_parse_uri: out of space building hostbuf"));
} }
#else #else
static char * static char *
@@ -533,7 +533,7 @@ sudo_ldap_init(LDAP **ldp, const char *host, int port)
rc = ldapssl_clientauth_init(ldap_conf.tls_certfile, NULL, rc = ldapssl_clientauth_init(ldap_conf.tls_certfile, NULL,
ldap_conf.tls_keyfile != NULL, ldap_conf.tls_keyfile, NULL); ldap_conf.tls_keyfile != NULL, ldap_conf.tls_keyfile, NULL);
if (rc != LDAP_SUCCESS) { if (rc != LDAP_SUCCESS) {
warningx("unable to initialize SSL cert and key db: %s", warningx(_("unable to initialize SSL cert and key db: %s"),
ldapssl_err2string(rc)); ldapssl_err2string(rc));
goto done; goto done;
} }
@@ -835,7 +835,7 @@ sudo_ldap_check_bool(LDAP *ld, LDAPMessage *entry, char *option)
/* walk through options */ /* walk through options */
for (p = bv; *p != NULL; p++) { for (p = bv; *p != NULL; p++) {
var = (*p)->bv_val;; var = (*p)->bv_val;;
DPRINTF(("ldap sudoOption: '%s'", var), 2); DPRINTF((_("ldap sudoOption: '%s'"), var), 2);
if ((ch = *var) == '!') if ((ch = *var) == '!')
var++; var++;
@@ -868,7 +868,7 @@ sudo_ldap_parse_options(LDAP *ld, LDAPMessage *entry)
/* walk through options */ /* walk through options */
for (p = bv; *p != NULL; p++) { for (p = bv; *p != NULL; p++) {
var = estrdup((*p)->bv_val); var = estrdup((*p)->bv_val);
DPRINTF(("ldap sudoOption: '%s'", var), 2); DPRINTF((_("ldap sudoOption: '%s'"), var), 2);
/* check for equals sign past first char */ /* check for equals sign past first char */
val = strchr(var, '='); val = strchr(var, '=');
@@ -929,13 +929,13 @@ sudo_ldap_timefilter(char *buffer, size_t buffersize)
/* Make sure we have a formatted timestamp for __now__. */ /* Make sure we have a formatted timestamp for __now__. */
time(&now); time(&now);
if ((tp = gmtime(&now)) == NULL) { if ((tp = gmtime(&now)) == NULL) {
warning("unable to get GMT"); warning(_("unable to get GMT time"));
goto done; goto done;
} }
/* Format the timestamp according to the RFC. */ /* Format the timestamp according to the RFC. */
if (strftime(timebuffer, sizeof(timebuffer), "%Y%m%d%H%MZ", tp) == 0) { if (strftime(timebuffer, sizeof(timebuffer), "%Y%m%d%H%MZ", tp) == 0) {
warning("unable to format timestamp"); warning(_("unable to format timestamp"));
goto done; goto done;
} }
@@ -943,7 +943,7 @@ sudo_ldap_timefilter(char *buffer, size_t buffersize)
bytes = snprintf(buffer, buffersize, "(&(|(!(sudoNotAfter=*))(sudoNotAfter>=%s))(|(!(sudoNotBefore=*))(sudoNotBefore<=%s)))", bytes = snprintf(buffer, buffersize, "(&(|(!(sudoNotAfter=*))(sudoNotAfter>=%s))(|(!(sudoNotBefore=*))(sudoNotBefore<=%s)))",
timebuffer, timebuffer); timebuffer, timebuffer);
if (bytes < 0 || bytes >= buffersize) { if (bytes < 0 || bytes >= buffersize) {
warning("unable to build time filter"); warning(_("unable to build time filter"));
bytes = 0; bytes = 0;
} }
@@ -1041,7 +1041,7 @@ sudo_ldap_build_pass1(struct passwd *pw)
/* Add ALL to list and end the global OR */ /* Add ALL to list and end the global OR */
if (strlcat(buf, "(sudoUser=ALL)", sz) >= sz) if (strlcat(buf, "(sudoUser=ALL)", sz) >= sz)
errorx(1, "sudo_ldap_build_pass1 allocation mismatch"); errorx(1, _("sudo_ldap_build_pass1 allocation mismatch"));
/* Add the time restriction, or simply end the global OR. */ /* Add the time restriction, or simply end the global OR. */
if (ldap_conf.timed) { if (ldap_conf.timed) {
@@ -1349,11 +1349,11 @@ sudo_ldap_read_config(void)
value = ldap_conf.krb5_ccname + value = ldap_conf.krb5_ccname +
(ldap_conf.krb5_ccname[4] == ':' ? 5 : 7); (ldap_conf.krb5_ccname[4] == ':' ? 5 : 7);
if ((fp = fopen(value, "r")) != NULL) { if ((fp = fopen(value, "r")) != NULL) {
DPRINTF(("using krb5 credential cache: %s", value), 1); DPRINTF((_("using krb5 credential cache: %s"), value), 1);
fclose(fp); fclose(fp);
} else { } else {
/* Can't open it, just ignore the entry. */ /* Can't open it, just ignore the entry. */
DPRINTF(("unable to open krb5 credential cache: %s", value), 1); DPRINTF((_("unable to open krb5 credential cache: %s"), value), 1);
efree(ldap_conf.krb5_ccname); efree(ldap_conf.krb5_ccname);
ldap_conf.krb5_ccname = NULL; ldap_conf.krb5_ccname = NULL;
} }
@@ -1635,7 +1635,7 @@ sudo_ldap_display_privs(struct sudo_nss *nss, struct passwd *pw,
goto done; goto done;
ld = handle->ld; ld = handle->ld;
DPRINTF(("ldap search for command list"), 1); DPRINTF((_("ldap search for command list")), 1);
lres = sudo_ldap_result_get(nss, pw); lres = sudo_ldap_result_get(nss, pw);
/* Display all matching entries. */ /* Display all matching entries. */
@@ -1668,7 +1668,7 @@ sudo_ldap_display_cmnd(struct sudo_nss *nss, struct passwd *pw)
* The sudo_ldap_result_get() function returns all nodes that match * The sudo_ldap_result_get() function returns all nodes that match
* the user and the host. * the user and the host.
*/ */
DPRINTF(("ldap search for command list"), 1); DPRINTF((_("ldap search for command list")), 1);
lres = sudo_ldap_result_get(nss, pw); lres = sudo_ldap_result_get(nss, pw);
for (i = 0; i < lres->nentries; i++) { for (i = 0; i < lres->nentries; i++) {
entry = lres->entries[i].entry; entry = lres->entries[i].entry;
@@ -1746,11 +1746,11 @@ sudo_ldap_set_options(LDAP *ld)
if (ival >= 0) { if (ival >= 0) {
rc = ldap_set_option(conn, cur->opt_val, &ival); rc = ldap_set_option(conn, cur->opt_val, &ival);
if (rc != LDAP_OPT_SUCCESS) { if (rc != LDAP_OPT_SUCCESS) {
warningx("ldap_set_option: %s -> %d: %s", warningx(_("ldap_set_option: %s -> %d: %s"),
cur->conf_str, ival, ldap_err2string(rc)); cur->conf_str, ival, ldap_err2string(rc));
return -1; return -1;
} }
DPRINTF(("ldap_set_option: %s -> %d", cur->conf_str, ival), 1); DPRINTF((_("ldap_set_option: %s -> %d"), cur->conf_str, ival), 1);
} }
break; break;
case CONF_STR: case CONF_STR:
@@ -1758,11 +1758,11 @@ sudo_ldap_set_options(LDAP *ld)
if (sval != NULL) { if (sval != NULL) {
rc = ldap_set_option(conn, cur->opt_val, sval); rc = ldap_set_option(conn, cur->opt_val, sval);
if (rc != LDAP_OPT_SUCCESS) { if (rc != LDAP_OPT_SUCCESS) {
warningx("ldap_set_option: %s -> %s: %s", warningx(_("ldap_set_option: %s -> %s: %s"),
cur->conf_str, sval, ldap_err2string(rc)); cur->conf_str, sval, ldap_err2string(rc));
return -1; return -1;
} }
DPRINTF(("ldap_set_option: %s -> %s", cur->conf_str, sval), 1); DPRINTF((_("ldap_set_option: %s -> %s"), cur->conf_str, sval), 1);
} }
break; break;
} }
@@ -1776,7 +1776,7 @@ sudo_ldap_set_options(LDAP *ld)
tv.tv_usec = 0; tv.tv_usec = 0;
rc = ldap_set_option(ld, LDAP_OPT_TIMEOUT, &tv); rc = ldap_set_option(ld, LDAP_OPT_TIMEOUT, &tv);
if (rc != LDAP_OPT_SUCCESS) { if (rc != LDAP_OPT_SUCCESS) {
warningx("ldap_set_option(TIMEOUT, %ld): %s", warningx(_("ldap_set_option(TIMEOUT, %ld): %s"),
(long)tv.tv_sec, ldap_err2string(rc)); (long)tv.tv_sec, ldap_err2string(rc));
return -1; return -1;
} }
@@ -1792,7 +1792,7 @@ sudo_ldap_set_options(LDAP *ld)
tv.tv_usec = 0; tv.tv_usec = 0;
rc = ldap_set_option(ld, LDAP_OPT_NETWORK_TIMEOUT, &tv); rc = ldap_set_option(ld, LDAP_OPT_NETWORK_TIMEOUT, &tv);
if (rc != LDAP_OPT_SUCCESS) { if (rc != LDAP_OPT_SUCCESS) {
warningx("ldap_set_option(NETWORK_TIMEOUT, %ld): %s", warningx(_("ldap_set_option(NETWORK_TIMEOUT, %ld): %s"),
(long)tv.tv_sec, ldap_err2string(rc)); (long)tv.tv_sec, ldap_err2string(rc));
return -1; return -1;
} }
@@ -1806,7 +1806,7 @@ sudo_ldap_set_options(LDAP *ld)
int val = LDAP_OPT_X_TLS_HARD; int val = LDAP_OPT_X_TLS_HARD;
rc = ldap_set_option(ld, LDAP_OPT_X_TLS, &val); rc = ldap_set_option(ld, LDAP_OPT_X_TLS, &val);
if (rc != LDAP_SUCCESS) { if (rc != LDAP_SUCCESS) {
warningx("ldap_set_option(LDAP_OPT_X_TLS, LDAP_OPT_X_TLS_HARD): %s", warningx(_("ldap_set_option(LDAP_OPT_X_TLS, LDAP_OPT_X_TLS_HARD): %s"),
ldap_err2string(rc)); ldap_err2string(rc));
return -1; return -1;
} }
@@ -1908,7 +1908,7 @@ sudo_ldap_bind_s(LDAP *ld)
if (gss_krb5_ccache_name(&status, ldap_conf.krb5_ccname, &old_ccname) if (gss_krb5_ccache_name(&status, ldap_conf.krb5_ccname, &old_ccname)
!= GSS_S_COMPLETE) { != GSS_S_COMPLETE) {
old_ccname = NULL; old_ccname = NULL;
DPRINTF(("gss_krb5_ccache_name() failed: %d", status), 1); DPRINTF((_("gss_krb5_ccache_name() failed: %d"), status), 1);
} }
# else # else
setenv("KRB5CCNAME", ldap_conf.krb5_ccname, TRUE); setenv("KRB5CCNAME", ldap_conf.krb5_ccname, TRUE);
@@ -1919,7 +1919,7 @@ sudo_ldap_bind_s(LDAP *ld)
if (ldap_conf.krb5_ccname != NULL) { if (ldap_conf.krb5_ccname != NULL) {
# ifdef HAVE_GSS_KRB5_CCACHE_NAME # ifdef HAVE_GSS_KRB5_CCACHE_NAME
if (gss_krb5_ccache_name(&status, old_ccname, NULL) != GSS_S_COMPLETE) if (gss_krb5_ccache_name(&status, old_ccname, NULL) != GSS_S_COMPLETE)
DPRINTF(("gss_krb5_ccache_name() failed: %d", status), 1); DPRINTF((_("gss_krb5_ccache_name() failed: %d"), status), 1);
# else # else
if (old_ccname != NULL) if (old_ccname != NULL)
setenv("KRB5CCNAME", old_ccname, TRUE); setenv("KRB5CCNAME", old_ccname, TRUE);
@@ -1928,10 +1928,11 @@ sudo_ldap_bind_s(LDAP *ld)
# endif # endif
} }
if (rc != LDAP_SUCCESS) { if (rc != LDAP_SUCCESS) {
warningx("ldap_sasl_interactive_bind_s(): %s", ldap_err2string(rc)); warningx(_("ldap_sasl_interactive_bind_s(): %s"),
ldap_err2string(rc));
return -1; return -1;
} }
DPRINTF(("ldap_sasl_interactive_bind_s() ok"), 1); DPRINTF((_("ldap_sasl_interactive_bind_s() ok")), 1);
} else } else
#endif /* HAVE_LDAP_SASL_INTERACTIVE_BIND_S */ #endif /* HAVE_LDAP_SASL_INTERACTIVE_BIND_S */
#ifdef HAVE_LDAP_SASL_BIND_S #ifdef HAVE_LDAP_SASL_BIND_S
@@ -1944,19 +1945,19 @@ sudo_ldap_bind_s(LDAP *ld)
rc = ldap_sasl_bind_s(ld, ldap_conf.binddn, LDAP_SASL_SIMPLE, &bv, rc = ldap_sasl_bind_s(ld, ldap_conf.binddn, LDAP_SASL_SIMPLE, &bv,
NULL, NULL, NULL); NULL, NULL, NULL);
if (rc != LDAP_SUCCESS) { if (rc != LDAP_SUCCESS) {
warningx("ldap_sasl_bind_s(): %s", ldap_err2string(rc)); warningx(_("ldap_sasl_bind_s(): %s"), ldap_err2string(rc));
return -1; return -1;
} }
DPRINTF(("ldap_sasl_bind_s() ok"), 1); DPRINTF((_("ldap_sasl_bind_s() ok")), 1);
} }
#else #else
{ {
rc = ldap_simple_bind_s(ld, ldap_conf.binddn, ldap_conf.bindpw); rc = ldap_simple_bind_s(ld, ldap_conf.binddn, ldap_conf.bindpw);
if (rc != LDAP_SUCCESS) { if (rc != LDAP_SUCCESS) {
warningx("ldap_simple_bind_s(): %s", ldap_err2string(rc)); warningx(_("ldap_simple_bind_s(): %s"), ldap_err2string(rc));
return -1; return -1;
} }
DPRINTF(("ldap_simple_bind_s() ok"), 1); DPRINTF((_("ldap_simple_bind_s() ok")), 1);
} }
#endif #endif
return 0; return 0;
@@ -1993,7 +1994,7 @@ sudo_ldap_open(struct sudo_nss *nss)
#endif #endif
rc = sudo_ldap_init(&ld, ldap_conf.host, ldap_conf.port); rc = sudo_ldap_init(&ld, ldap_conf.host, ldap_conf.port);
if (rc != LDAP_SUCCESS) { if (rc != LDAP_SUCCESS) {
warningx("unable to initialize LDAP: %s", ldap_err2string(rc)); warningx(_("unable to initialize LDAP: %s"), ldap_err2string(rc));
return -1; return -1;
} }
@@ -2008,23 +2009,23 @@ sudo_ldap_open(struct sudo_nss *nss)
#if defined(HAVE_LDAP_START_TLS_S) #if defined(HAVE_LDAP_START_TLS_S)
rc = ldap_start_tls_s(ld, NULL, NULL); rc = ldap_start_tls_s(ld, NULL, NULL);
if (rc != LDAP_SUCCESS) { if (rc != LDAP_SUCCESS) {
warningx("ldap_start_tls_s(): %s", ldap_err2string(rc)); warningx(_("ldap_start_tls_s(): %s"), ldap_err2string(rc));
return -1; return -1;
} }
DPRINTF(("ldap_start_tls_s() ok"), 1); DPRINTF((_("ldap_start_tls_s() ok")), 1);
#elif defined(HAVE_LDAP_SSL_CLIENT_INIT) && defined(HAVE_LDAP_START_TLS_S_NP) #elif defined(HAVE_LDAP_SSL_CLIENT_INIT) && defined(HAVE_LDAP_START_TLS_S_NP)
if (ldap_ssl_client_init(NULL, NULL, 0, &rc) != LDAP_SUCCESS) { if (ldap_ssl_client_init(NULL, NULL, 0, &rc) != LDAP_SUCCESS) {
warningx("ldap_ssl_client_init(): %s", ldap_err2string(rc)); warningx(_("ldap_ssl_client_init(): %s"), ldap_err2string(rc));
return -1; return -1;
} }
rc = ldap_start_tls_s_np(ld, NULL); rc = ldap_start_tls_s_np(ld, NULL);
if (rc != LDAP_SUCCESS) { if (rc != LDAP_SUCCESS) {
warningx("ldap_start_tls_s_np(): %s", ldap_err2string(rc)); warningx(_("ldap_start_tls_s_np(): %s",) ldap_err2string(rc));
return -1; return -1;
} }
DPRINTF(("ldap_start_tls_s_np() ok"), 1); DPRINTF((_("ldap_start_tls_s_np() ok")), 1);
#else #else
warningx("start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"); warningx(_("start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"));
#endif /* !HAVE_LDAP_START_TLS_S && !HAVE_LDAP_START_TLS_S_NP */ #endif /* !HAVE_LDAP_START_TLS_S && !HAVE_LDAP_START_TLS_S_NP */
} }
@@ -2059,7 +2060,7 @@ sudo_ldap_setdefs(struct sudo_nss *nss)
ld = handle->ld; ld = handle->ld;
filt = sudo_ldap_build_default_filter(); filt = sudo_ldap_build_default_filter();
DPRINTF(("Looking for cn=defaults: %s", filt), 1); DPRINTF((_("Looking for cn=defaults: %s"), filt), 1);
for (base = ldap_conf.base; base != NULL; base = base->next) { for (base = ldap_conf.base; base != NULL; base = base->next) {
if (ldap_conf.timeout > 0) { if (ldap_conf.timeout > 0) {
@@ -2071,10 +2072,10 @@ sudo_ldap_setdefs(struct sudo_nss *nss)
rc = ldap_search_ext_s(ld, base->val, LDAP_SCOPE_SUBTREE, rc = ldap_search_ext_s(ld, base->val, LDAP_SCOPE_SUBTREE,
filt, NULL, 0, NULL, NULL, NULL, 0, &result); filt, NULL, 0, NULL, NULL, NULL, 0, &result);
if (rc == LDAP_SUCCESS && (entry = ldap_first_entry(ld, result))) { if (rc == LDAP_SUCCESS && (entry = ldap_first_entry(ld, result))) {
DPRINTF(("found:%s", ldap_get_dn(ld, entry)), 1); DPRINTF((_("found: %s"), ldap_get_dn(ld, entry)), 1);
sudo_ldap_parse_options(ld, entry); sudo_ldap_parse_options(ld, entry);
} else } else
DPRINTF(("no default options found in %s", base->val), 1); DPRINTF((_("no default options found in %s"), base->val), 1);
if (result) if (result)
ldap_msgfree(result); ldap_msgfree(result);
@@ -2108,7 +2109,7 @@ sudo_ldap_lookup(struct sudo_nss *nss, int ret, int pwflag)
* password is required, so the order of the entries doesn't matter. * password is required, so the order of the entries doesn't matter.
*/ */
if (pwflag) { if (pwflag) {
DPRINTF(("perform search for pwflag %d", pwflag), 1); DPRINTF((_("perform search for pwflag %d"), pwflag), 1);
int doauth = UNSPEC; int doauth = UNSPEC;
enum def_tuple pwcheck = enum def_tuple pwcheck =
(pwflag == -1) ? never : sudo_defs_table[pwflag].sd_un.tuple; (pwflag == -1) ? never : sudo_defs_table[pwflag].sd_un.tuple;
@@ -2151,7 +2152,7 @@ sudo_ldap_lookup(struct sudo_nss *nss, int ret, int pwflag)
goto done; goto done;
} }
DPRINTF(("searching LDAP for sudoers entries"), 1); DPRINTF((_("searching LDAP for sudoers entries")), 1);
setenv_implied = FALSE; setenv_implied = FALSE;
for (i = 0; i < lres->nentries; i++) { for (i = 0; i < lres->nentries; i++) {
@@ -2161,10 +2162,10 @@ sudo_ldap_lookup(struct sudo_nss *nss, int ret, int pwflag)
rc = sudo_ldap_check_command(ld, entry, &setenv_implied); rc = sudo_ldap_check_command(ld, entry, &setenv_implied);
if (rc != UNSPEC) { if (rc != UNSPEC) {
/* We have a match. */ /* We have a match. */
DPRINTF(("Command %sallowed", rc == TRUE ? "" : "NOT "), 1); DPRINTF((rc == TRUE ? _("Command allowed") : _("Command not allowed")), 1);
matched = TRUE; matched = TRUE;
if (rc == TRUE) { if (rc == TRUE) {
DPRINTF(("LDAP entry: %p", entry), 1); DPRINTF((_("LDAP entry: %p"), entry), 1);
/* Apply entry-specific options. */ /* Apply entry-specific options. */
if (setenv_implied) if (setenv_implied)
def_setenv = TRUE; def_setenv = TRUE;
@@ -2187,7 +2188,7 @@ sudo_ldap_lookup(struct sudo_nss *nss, int ret, int pwflag)
} }
done: done:
DPRINTF(("done with LDAP searches"), 1); DPRINTF((_("done with LDAP searches")), 1);
DPRINTF(("user_matches=%d", lres->user_matches), 1); DPRINTF(("user_matches=%d", lres->user_matches), 1);
DPRINTF(("host_matches=%d", lres->host_matches), 1); DPRINTF(("host_matches=%d", lres->host_matches), 1);
@@ -2252,13 +2253,13 @@ sudo_ldap_result_add_entry(struct ldap_result *lres, LDAPMessage *entry)
if (bv != NULL) { if (bv != NULL) {
if (ldap_count_values_len(bv) > 0) { if (ldap_count_values_len(bv) > 0) {
/* Get the value of this attribute, 0 if not present. */ /* Get the value of this attribute, 0 if not present. */
DPRINTF(("order attribute raw: %s", (*bv)->bv_val), 1); DPRINTF((_("order attribute raw: %s"), (*bv)->bv_val), 1);
order = strtod((*bv)->bv_val, &ep); order = strtod((*bv)->bv_val, &ep);
if (ep == (*bv)->bv_val || *ep != '\0') { if (ep == (*bv)->bv_val || *ep != '\0') {
warningx("invalid sudoOrder attribute: %s", (*bv)->bv_val); warningx(_("invalid sudoOrder attribute: %s"), (*bv)->bv_val);
order = 0.0; order = 0.0;
} }
DPRINTF(("order attribute: %f", order), 1); DPRINTF((_("order attribute: %f"), order), 1);
} }
ldap_value_free_len(bv); ldap_value_free_len(bv);
} }
@@ -2289,7 +2290,7 @@ sudo_ldap_result_free_nss(struct sudo_nss *nss)
struct sudo_ldap_handle *handle = nss->handle; struct sudo_ldap_handle *handle = nss->handle;
if (handle->result != NULL) { if (handle->result != NULL) {
DPRINTF(("removing reusable search result"), 1); DPRINTF((_("freeing saved search result")), 1);
sudo_ldap_result_free(handle->result); sudo_ldap_result_free(handle->result);
if (handle->username) { if (handle->username) {
efree(handle->username); efree(handle->username);
@@ -2323,12 +2324,12 @@ sudo_ldap_result_get(struct sudo_nss *nss, struct passwd *pw)
if (handle->result) { if (handle->result) {
if (handle->groups == user_groups && if (handle->groups == user_groups &&
strcmp(pw->pw_name, handle->username) == 0) { strcmp(pw->pw_name, handle->username) == 0) {
DPRINTF(("reusing previous result (user %s) with %d entries", DPRINTF((_("reusing previous result (user %s) with %d entries"),
handle->username, handle->result->nentries), 1); handle->username, handle->result->nentries), 1);
return handle->result; return handle->result;
} }
/* User mismatch, cached result cannot be used. */ /* User mismatch, cached result cannot be used. */
DPRINTF(("removing result (user %s), new search (user %s)", DPRINTF((_("removing result (user %s), new search (user %s)"),
handle->username, pw->pw_name), 1); handle->username, pw->pw_name), 1);
sudo_ldap_result_free_nss(nss); sudo_ldap_result_free_nss(nss);
} }
@@ -2354,9 +2355,9 @@ sudo_ldap_result_get(struct sudo_nss *nss, struct passwd *pw)
lres = sudo_ldap_result_alloc(); lres = sudo_ldap_result_alloc();
for (do_netgr = 0; do_netgr < 2; do_netgr++) { for (do_netgr = 0; do_netgr < 2; do_netgr++) {
filt = do_netgr ? sudo_ldap_build_pass2() : sudo_ldap_build_pass1(pw); filt = do_netgr ? sudo_ldap_build_pass2() : sudo_ldap_build_pass1(pw);
DPRINTF(("ldap search '%s'", filt), 1); DPRINTF((_("ldap search '%s'"), filt), 1);
for (base = ldap_conf.base; base != NULL; base = base->next) { for (base = ldap_conf.base; base != NULL; base = base->next) {
DPRINTF(("searching from base '%s'", base->val), 1); DPRINTF((_("searching from base '%s'"), base->val), 1);
if (ldap_conf.timeout > 0) { if (ldap_conf.timeout > 0) {
tv.tv_sec = ldap_conf.timeout; tv.tv_sec = ldap_conf.timeout;
tv.tv_usec = 0; tv.tv_usec = 0;
@@ -2366,13 +2367,13 @@ sudo_ldap_result_get(struct sudo_nss *nss, struct passwd *pw)
rc = ldap_search_ext_s(ld, base->val, LDAP_SCOPE_SUBTREE, filt, rc = ldap_search_ext_s(ld, base->val, LDAP_SCOPE_SUBTREE, filt,
NULL, 0, NULL, NULL, NULL, 0, &result); NULL, 0, NULL, NULL, NULL, 0, &result);
if (rc != LDAP_SUCCESS) { if (rc != LDAP_SUCCESS) {
DPRINTF(("nothing found for '%s'", filt), 1); DPRINTF((_("nothing found for '%s'"), filt), 1);
continue; continue;
} }
lres->user_matches = TRUE; lres->user_matches = TRUE;
/* Add the seach result to list of search results. */ /* Add the seach result to list of search results. */
DPRINTF(("adding search result"), 1); DPRINTF((_("adding search result")), 1);
sudo_ldap_result_add_search(lres, ld, result); sudo_ldap_result_add_search(lres, ld, result);
LDAP_FOREACH(entry, ld, result) { LDAP_FOREACH(entry, ld, result) {
if ((!do_netgr || if ((!do_netgr ||
@@ -2382,13 +2383,13 @@ sudo_ldap_result_get(struct sudo_nss *nss, struct passwd *pw)
sudo_ldap_result_add_entry(lres, entry); sudo_ldap_result_add_entry(lres, entry);
} }
} }
DPRINTF(("result now has %d entries", lres->nentries), 1); DPRINTF((_("result now has %d entries"), lres->nentries), 1);
} }
efree(filt); efree(filt);
} }
/* Sort the entries by the sudoOrder attribute. */ /* Sort the entries by the sudoOrder attribute. */
DPRINTF(("sorting remaining %d entries", lres->nentries), 1); DPRINTF((_("sorting remaining %d entries"), lres->nentries), 1);
qsort(lres->entries, lres->nentries, sizeof(lres->entries[0]), qsort(lres->entries, lres->nentries, sizeof(lres->entries[0]),
ldap_entry_compare); ldap_entry_compare);
@@ -2467,7 +2468,7 @@ sudo_ldap_result_from_search(LDAP *ldap, LDAPMessage *searchresult)
LDAP_FOREACH(entry, last->ldap, last->searchresult) { LDAP_FOREACH(entry, last->ldap, last->searchresult) {
sudo_ldap_result_add_entry(result, entry); sudo_ldap_result_add_entry(result, entry);
} }
DPRINTF(("sudo_ldap_result_from_search: %d entries found", DPRINTF((_("sudo_ldap_result_from_search: %d entries found"),
result->nentries), 2); result->nentries), 2);
return result; return result;
} }

6
plugins/sudoers/linux_audit.c
View File

@@ -51,7 +51,7 @@ linux_audit_open(void)
if (au_fd == -1) { if (au_fd == -1) {
/* Kernel may not have audit support. */ /* Kernel may not have audit support. */
if (errno != EINVAL && errno != EPROTONOSUPPORT && errno != EAFNOSUPPORT) if (errno != EINVAL && errno != EPROTONOSUPPORT && errno != EAFNOSUPPORT)
error(1, "unable to open audit system"); error(1, _("unable to open audit system"));
} else { } else {
(void)fcntl(au_fd, F_SETFD, FD_CLOEXEC); (void)fcntl(au_fd, F_SETFD, FD_CLOEXEC);
} }
@@ -75,7 +75,7 @@ linux_audit_command(char *argv[], int result)
for (av = argv; *av != NULL; av++) { for (av = argv; *av != NULL; av++) {
n = strlcpy(cp, *av, size - (cp - command)); n = strlcpy(cp, *av, size - (cp - command));
if (n >= size - (cp - command)) if (n >= size - (cp - command))
errorx(1, "internal error, linux_audit_command() overflow"); errorx(1, _("internal error, linux_audit_command() overflow"));
cp += n; cp += n;
*cp++ = ' '; *cp++ = ' ';
} }
@@ -84,7 +84,7 @@ linux_audit_command(char *argv[], int result)
/* Log command, ignoring ECONNREFUSED on error. */ /* Log command, ignoring ECONNREFUSED on error. */
rc = audit_log_user_command(au_fd, AUDIT_USER_CMD, command, NULL, result); rc = audit_log_user_command(au_fd, AUDIT_USER_CMD, command, NULL, result);
if (rc <= 0 && errno != ECONNREFUSED) if (rc <= 0 && errno != ECONNREFUSED)
warning("unable to send audit message"); warning(_("unable to send audit message"));
efree(command); efree(command);

50
plugins/sudoers/logging.c
View File

@@ -138,8 +138,8 @@ do_syslog(int pri, char *msg)
/* /*
* Log the full line, breaking into multiple syslog(3) calls if necessary * Log the full line, breaking into multiple syslog(3) calls if necessary
*/ */
fmt = FMT_FIRST; fmt = _(FMT_FIRST);
maxlen = MAXSYSLOGLEN - (sizeof(FMT_FIRST) - 6 + strlen(user_name)); maxlen = MAXSYSLOGLEN - (strlen(fmt) - 5 + strlen(user_name));
for (p = msg; *p != '\0'; ) { for (p = msg; *p != '\0'; ) {
len = strlen(p); len = strlen(p);
if (len > maxlen) { if (len > maxlen) {
@@ -166,8 +166,8 @@ do_syslog(int pri, char *msg)
mysyslog(pri, fmt, user_name, p); mysyslog(pri, fmt, user_name, p);
p += len; p += len;
} }
fmt = FMT_CONTD; fmt = _(FMT_CONTD);
maxlen = MAXSYSLOGLEN - (sizeof(FMT_CONTD) - 6 + strlen(user_name)); maxlen = MAXSYSLOGLEN - (strlen(fmt) - 5 + strlen(user_name));
} }
#ifdef HAVE_SETLOCALE #ifdef HAVE_SETLOCALE
@@ -190,9 +190,11 @@ do_logfile(char *msg)
fp = fopen(def_logfile, "a"); fp = fopen(def_logfile, "a");
(void) umask(oldmask); (void) umask(oldmask);
if (fp == NULL) { if (fp == NULL) {
send_mail("Can't open log file: %s: %s", def_logfile, strerror(errno)); send_mail(_("Can't open log file: %s: %s"),
def_logfile, strerror(errno));
} else if (!lock_file(fileno(fp), SUDO_LOCK)) { } else if (!lock_file(fileno(fp), SUDO_LOCK)) {
send_mail("Can't lock log file: %s: %s", def_logfile, strerror(errno)); send_mail(_("Can't lock log file: %s: %s"),
def_logfile, strerror(errno));
} else { } else {
time_t now; time_t now;
@@ -290,11 +292,11 @@ log_denial(int status, int inform_user)
/* Set error message. */ /* Set error message. */
if (ISSET(status, FLAG_NO_USER)) if (ISSET(status, FLAG_NO_USER))
message = "user NOT in sudoers"; message = _("user NOT in sudoers");
else if (ISSET(status, FLAG_NO_HOST)) else if (ISSET(status, FLAG_NO_HOST))
message = "user NOT authorized on host"; message = _("user NOT authorized on host");
else else
message = "command not allowed"; message = _("command not allowed");
logline = new_logline(message, 0); logline = new_logline(message, 0);
@@ -304,18 +306,18 @@ log_denial(int status, int inform_user)
/* Inform the user if they failed to authenticate. */ /* Inform the user if they failed to authenticate. */
if (inform_user) { if (inform_user) {
if (ISSET(status, FLAG_NO_USER)) { if (ISSET(status, FLAG_NO_USER)) {
sudo_printf(SUDO_CONV_ERROR_MSG, "%s is not in the sudoers file. " sudo_printf(SUDO_CONV_ERROR_MSG, _("%s is not in the sudoers "
"This incident will be reported.\n", user_name); "file. This incident will be reported.\n"), user_name);
} else if (ISSET(status, FLAG_NO_HOST)) { } else if (ISSET(status, FLAG_NO_HOST)) {
sudo_printf(SUDO_CONV_ERROR_MSG, "%s is not allowed to run sudo " sudo_printf(SUDO_CONV_ERROR_MSG, _("%s is not allowed to run sudo "
"on %s. This incident will be reported.\n", "on %s. This incident will be reported.\n"),
user_name, user_shost); user_name, user_shost);
} else if (ISSET(status, FLAG_NO_CHECK)) { } else if (ISSET(status, FLAG_NO_CHECK)) {
sudo_printf(SUDO_CONV_ERROR_MSG, "Sorry, user %s may not run " sudo_printf(SUDO_CONV_ERROR_MSG, _("Sorry, user %s may not run "
"sudo on %s.\n", user_name, user_shost); "sudo on %s.\n"), user_name, user_shost);
} else { } else {
sudo_printf(SUDO_CONV_ERROR_MSG, "Sorry, user %s is not allowed " sudo_printf(SUDO_CONV_ERROR_MSG, _("Sorry, user %s is not allowed "
"to execute '%s%s%s' as %s%s%s on %s.\n", "to execute '%s%s%s' as %s%s%s on %s.\n"),
user_name, user_cmnd, user_args ? " " : "", user_name, user_cmnd, user_args ? " " : "",
user_args ? user_args : "", user_args ? user_args : "",
list_pw ? list_pw->pw_name : runas_pw ? list_pw ? list_pw->pw_name : runas_pw ?
@@ -449,14 +451,14 @@ send_mail(const char *fmt, ...)
switch (pid = fork()) { switch (pid = fork()) {
case -1: case -1:
/* Error. */ /* Error. */
error(1, "cannot fork"); error(1, _("cannot fork"));
break; break;
case 0: case 0:
/* Child. */ /* Child. */
switch (pid = fork()) { switch (pid = fork()) {
case -1: case -1:
/* Error. */ /* Error. */
mysyslog(LOG_ERR, "cannot fork: %m"); mysyslog(LOG_ERR, _("cannot fork: %m"));
_exit(1); _exit(1);
case 0: case 0:
/* Grandchild continues below. */ /* Grandchild continues below. */
@@ -506,14 +508,14 @@ send_mail(const char *fmt, ...)
(void) sigaction(SIGPIPE, &sa, NULL); (void) sigaction(SIGPIPE, &sa, NULL);
if (pipe(pfd) == -1) { if (pipe(pfd) == -1) {
mysyslog(LOG_ERR, "cannot open pipe: %m"); mysyslog(LOG_ERR, _("cannot open pipe: %m"));
_exit(1); _exit(1);
} }
switch (pid = fork()) { switch (pid = fork()) {
case -1: case -1:
/* Error. */ /* Error. */
mysyslog(LOG_ERR, "cannot fork: %m"); mysyslog(LOG_ERR, _("cannot fork: %m"));
_exit(1); _exit(1);
break; break;
case 0: case 0:
@@ -525,7 +527,7 @@ send_mail(const char *fmt, ...)
/* Child, set stdin to output side of the pipe */ /* Child, set stdin to output side of the pipe */
if (pfd[0] != STDIN_FILENO) { if (pfd[0] != STDIN_FILENO) {
if (dup2(pfd[0], STDIN_FILENO) == -1) { if (dup2(pfd[0], STDIN_FILENO) == -1) {
mysyslog(LOG_ERR, "cannot dup stdin: %m"); mysyslog(LOG_ERR, _("cannot dup stdin: %m"));
_exit(127); _exit(127);
} }
(void) close(pfd[0]); (void) close(pfd[0]);
@@ -559,7 +561,7 @@ send_mail(const char *fmt, ...)
set_perms(PERM_FULL_USER|PERM_NOEXIT); set_perms(PERM_FULL_USER|PERM_NOEXIT);
execv(mpath, argv); execv(mpath, argv);
#endif /* NO_ROOT_MAILER */ #endif /* NO_ROOT_MAILER */
mysyslog(LOG_ERR, "cannot execute %s: %m", mpath); mysyslog(LOG_ERR, _("cannot execute %s: %m"), mpath);
_exit(127); _exit(127);
} }
break; break;
@@ -769,5 +771,5 @@ new_logline(const char *message, int serrno)
return line; return line;
toobig: toobig:
errorx(1, "internal error: insufficient space for log line"); errorx(1, _("internal error: insufficient space for log line"));
} }

4
plugins/sudoers/parse.c
View File

@@ -112,7 +112,7 @@ sudo_file_parse(struct sudo_nss *nss)
init_parser(sudoers_file, 0); init_parser(sudoers_file, 0);
yyin = nss->handle; yyin = nss->handle;
if (yyparse() != 0 || parse_error) { if (yyparse() != 0 || parse_error) {
log_error(NO_EXIT, "parse error in %s near line %d", log_error(NO_EXIT, _("parse error in %s near line %d"),
errorfile, errorlineno); errorfile, errorlineno);
return -1; return -1;
} }
@@ -532,7 +532,7 @@ display_bound_defaults(int dtype, struct lbuf *lbuf)
default: default:
return -1; return -1;
} }
/* sudo_printf(SUDO_CONV_INFO_MSG, "Per-%s Defaults entries:\n", dname); */ /* sudo_printf(SUDO_CONV_INFO_MSG, _("Per-%s Defaults entries:\n"), dname); */
tq_foreach_fwd(&defaults, d) { tq_foreach_fwd(&defaults, d) {
if (d->type != dtype) if (d->type != dtype)
continue; continue;

4
plugins/sudoers/plugin_error.c
View File

@@ -94,12 +94,12 @@ _warning(int use_errno, const char *fmt, va_list ap)
msg[0].msg_type = SUDO_CONV_ERROR_MSG; msg[0].msg_type = SUDO_CONV_ERROR_MSG;
msg[0].msg = getprogname(); msg[0].msg = getprogname();
msg[1].msg_type = SUDO_CONV_ERROR_MSG; msg[1].msg_type = SUDO_CONV_ERROR_MSG;
msg[1].msg = ": "; msg[1].msg = _(": ");
msg[2].msg_type = SUDO_CONV_ERROR_MSG; msg[2].msg_type = SUDO_CONV_ERROR_MSG;
msg[2].msg = str; msg[2].msg = str;
if (use_errno) { if (use_errno) {
msg[3].msg_type = SUDO_CONV_ERROR_MSG; msg[3].msg_type = SUDO_CONV_ERROR_MSG;
msg[3].msg = ": "; msg[3].msg = _(": ");
msg[4].msg_type = SUDO_CONV_ERROR_MSG; msg[4].msg_type = SUDO_CONV_ERROR_MSG;
msg[4].msg = strerror(errno); msg[4].msg = strerror(errno);
nmsgs = 6; nmsgs = 6;

16
plugins/sudoers/pwutil.c
View File

@@ -241,7 +241,7 @@ sudo_getpwuid(uid_t uid)
if ((key.d.pw = getpwuid(uid)) != NULL) { if ((key.d.pw = getpwuid(uid)) != NULL) {
item = make_pwitem(key.d.pw, NULL); item = make_pwitem(key.d.pw, NULL);
if (rbinsert(pwcache_byuid, item) != NULL) if (rbinsert(pwcache_byuid, item) != NULL)
errorx(1, "unable to cache uid %u (%s), already exists", errorx(1, _("unable to cache uid %u (%s), already exists"),
(unsigned int) uid, item->d.pw->pw_name); (unsigned int) uid, item->d.pw->pw_name);
} else { } else {
item = emalloc(sizeof(*item)); item = emalloc(sizeof(*item));
@@ -249,7 +249,7 @@ sudo_getpwuid(uid_t uid)
item->k.uid = uid; item->k.uid = uid;
item->d.pw = NULL; item->d.pw = NULL;
if (rbinsert(pwcache_byuid, item) != NULL) if (rbinsert(pwcache_byuid, item) != NULL)
errorx(1, "unable to cache uid %u, already exists", errorx(1, _("unable to cache uid %u, already exists"),
(unsigned int) uid); (unsigned int) uid);
} }
#ifdef HAVE_SETAUTHDB #ifdef HAVE_SETAUTHDB
@@ -285,7 +285,7 @@ sudo_getpwnam(const char *name)
if ((key.d.pw = getpwnam(name)) != NULL) { if ((key.d.pw = getpwnam(name)) != NULL) {
item = make_pwitem(key.d.pw, name); item = make_pwitem(key.d.pw, name);
if (rbinsert(pwcache_byname, item) != NULL) if (rbinsert(pwcache_byname, item) != NULL)
errorx(1, "unable to cache user %s, already exists", name); errorx(1, _("unable to cache user %s, already exists"), name);
} else { } else {
len = strlen(name) + 1; len = strlen(name) + 1;
item = emalloc(sizeof(*item) + len); item = emalloc(sizeof(*item) + len);
@@ -294,7 +294,7 @@ sudo_getpwnam(const char *name)
memcpy(item->k.name, name, len); memcpy(item->k.name, name, len);
item->d.pw = NULL; item->d.pw = NULL;
if (rbinsert(pwcache_byname, item) != NULL) if (rbinsert(pwcache_byname, item) != NULL)
errorx(1, "unable to cache user %s, already exists", name); errorx(1, _("unable to cache user %s, already exists"), name);
} }
#ifdef HAVE_SETAUTHDB #ifdef HAVE_SETAUTHDB
aix_restoreauthdb(); aix_restoreauthdb();
@@ -508,7 +508,7 @@ sudo_getgrgid(gid_t gid)
if ((key.d.gr = getgrgid(gid)) != NULL) { if ((key.d.gr = getgrgid(gid)) != NULL) {
item = make_gritem(key.d.gr, NULL); item = make_gritem(key.d.gr, NULL);
if (rbinsert(grcache_bygid, item) != NULL) if (rbinsert(grcache_bygid, item) != NULL)
errorx(1, "unable to cache gid %u (%s), already exists", errorx(1, _("unable to cache gid %u (%s), already exists"),
(unsigned int) gid, key.d.gr->gr_name); (unsigned int) gid, key.d.gr->gr_name);
} else { } else {
item = emalloc(sizeof(*item)); item = emalloc(sizeof(*item));
@@ -516,7 +516,7 @@ sudo_getgrgid(gid_t gid)
item->k.gid = gid; item->k.gid = gid;
item->d.gr = NULL; item->d.gr = NULL;
if (rbinsert(grcache_bygid, item) != NULL) if (rbinsert(grcache_bygid, item) != NULL)
errorx(1, "unable to cache gid %u, already exists", errorx(1, _("unable to cache gid %u, already exists"),
(unsigned int) gid); (unsigned int) gid);
} }
done: done:
@@ -545,7 +545,7 @@ sudo_getgrnam(const char *name)
if ((key.d.gr = getgrnam(name)) != NULL) { if ((key.d.gr = getgrnam(name)) != NULL) {
item = make_gritem(key.d.gr, name); item = make_gritem(key.d.gr, name);
if (rbinsert(grcache_byname, item) != NULL) if (rbinsert(grcache_byname, item) != NULL)
errorx(1, "unable to cache group %s, already exists", name); errorx(1, _("unable to cache group %s, already exists"), name);
} else { } else {
len = strlen(name) + 1; len = strlen(name) + 1;
item = emalloc(sizeof(*item) + len); item = emalloc(sizeof(*item) + len);
@@ -554,7 +554,7 @@ sudo_getgrnam(const char *name)
memcpy(item->k.name, name, len); memcpy(item->k.name, name, len);
item->d.gr = NULL; item->d.gr = NULL;
if (rbinsert(grcache_byname, item) != NULL) if (rbinsert(grcache_byname, item) != NULL)
errorx(1, "unable to cache group %s, already exists", name); errorx(1, _("unable to cache group %s, already exists"), name);
} }
done: done:
item->refcnt++; item->refcnt++;

20
plugins/sudoers/set_perms.c
View File

@@ -246,7 +246,7 @@ set_perms(int perm)
state->egid = sudoers_gid; state->egid = sudoers_gid;
state->sgid = -1; state->sgid = -1;
if (setresgid(-1, ID(egid), -1)) if (setresgid(-1, ID(egid), -1))
error(1, "unable to change to sudoers gid"); error(1, _("unable to change to sudoers gid"));
state->ruid = ROOT_UID; state->ruid = ROOT_UID;
/* /*
@@ -287,7 +287,7 @@ done:
bad: bad:
/* XXX - better warnings inline */ /* XXX - better warnings inline */
warningx("%s: %s", errstr, warningx("%s: %s", errstr,
errno == EAGAIN ? "too many processes" : strerror(errno)); errno == EAGAIN ? _("too many processes") : strerror(errno));
if (noexit) if (noexit)
return 0; return 0;
exit(1); exit(1);
@@ -473,7 +473,7 @@ set_perms(int perm)
state->rgid = -1; state->rgid = -1;
state->egid = sudoers_gid; state->egid = sudoers_gid;
if (setregid(-1, ID(egid))) if (setregid(-1, ID(egid)))
error(1, "unable to change to sudoers gid"); error(1, _("unable to change to sudoers gid"));
state->ruid = ROOT_UID; state->ruid = ROOT_UID;
/* /*
@@ -511,7 +511,7 @@ done:
bad: bad:
/* XXX - better warnings inline */ /* XXX - better warnings inline */
warningx("%s: %s", errstr, warningx("%s: %s", errstr,
errno == EAGAIN ? "too many processes" : strerror(errno)); errno == EAGAIN ? _("too many processes") : strerror(errno));
if (noexit) if (noexit)
return 0; return 0;
exit(1); exit(1);
@@ -707,7 +707,7 @@ set_perms(int perm)
state->rgid = -1; state->rgid = -1;
state->egid = sudoers_gid; state->egid = sudoers_gid;
if (setegid(ID(egid))) if (setegid(ID(egid)))
error(1, "unable to change to sudoers gid"); error(1, _("unable to change to sudoers gid"));
state->ruid = ROOT_UID; state->ruid = ROOT_UID;
/* /*
@@ -745,7 +745,7 @@ done:
bad: bad:
/* XXX - better warnings inline */ /* XXX - better warnings inline */
warningx("%s: %s", errstr, warningx("%s: %s", errstr,
errno == EAGAIN ? "too many processes" : strerror(errno)); errno == EAGAIN ? _("too many processes") : strerror(errno));
if (noexit) if (noexit)
return 0; return 0;
exit(1); exit(1);
@@ -879,7 +879,7 @@ done:
bad: bad:
/* XXX - better warnings inline */ /* XXX - better warnings inline */
warningx("%s: %s", errstr, warningx("%s: %s", errstr,
errno == EAGAIN ? "too many processes" : strerror(errno)); errno == EAGAIN ? _("too many processes") : strerror(errno));
if (noexit) if (noexit)
return 0; return 0;
exit(1); exit(1);
@@ -940,7 +940,7 @@ runas_setgroups()
aix_setauthdb(pw->pw_name); aix_setauthdb(pw->pw_name);
# endif # endif
if (initgroups(pw->pw_name, pw->pw_gid) < 0) if (initgroups(pw->pw_name, pw->pw_gid) < 0)
log_error(USE_ERRNO|MSG_ONLY, "can't set runas group vector"); log_error(USE_ERRNO|MSG_ONLY, _("can't set runas group vector"));
# ifdef HAVE_GETGROUPS # ifdef HAVE_GETGROUPS
if (runas_groups) { if (runas_groups) {
efree(runas_groups); efree(runas_groups);
@@ -949,14 +949,14 @@ runas_setgroups()
if ((runas_ngroups = getgroups(0, NULL)) > 0) { if ((runas_ngroups = getgroups(0, NULL)) > 0) {
runas_groups = emalloc2(runas_ngroups, sizeof(GETGROUPS_T)); runas_groups = emalloc2(runas_ngroups, sizeof(GETGROUPS_T));
if (getgroups(runas_ngroups, runas_groups) < 0) if (getgroups(runas_ngroups, runas_groups) < 0)
log_error(USE_ERRNO|MSG_ONLY, "can't get runas group vector"); log_error(USE_ERRNO|MSG_ONLY, _("can't get runas group vector"));
} }
# ifdef HAVE_SETAUTHDB # ifdef HAVE_SETAUTHDB
aix_restoreauthdb(); aix_restoreauthdb();
# endif # endif
} else { } else {
if (setgroups(runas_ngroups, runas_groups) < 0) if (setgroups(runas_ngroups, runas_groups) < 0)
log_error(USE_ERRNO|MSG_ONLY, "can't set runas group vector"); log_error(USE_ERRNO|MSG_ONLY, _("can't set runas group vector"));
# endif /* HAVE_GETGROUPS */ # endif /* HAVE_GETGROUPS */
} }
} }

4
plugins/sudoers/sudo_nss.c
View File

@@ -214,13 +214,13 @@ reset_groups(struct passwd *pw)
aix_setauthdb(pw->pw_name); aix_setauthdb(pw->pw_name);
# endif # endif
if (initgroups(pw->pw_name, pw->pw_gid) == -1) if (initgroups(pw->pw_name, pw->pw_gid) == -1)
log_error(USE_ERRNO|MSG_ONLY, "can't reset group vector"); log_error(USE_ERRNO|MSG_ONLY, _("can't reset group vector"));
efree(user_groups); efree(user_groups);
user_groups = NULL; user_groups = NULL;
if ((user_ngroups = getgroups(0, NULL)) > 0) { if ((user_ngroups = getgroups(0, NULL)) > 0) {
user_groups = emalloc2(user_ngroups, sizeof(GETGROUPS_T)); user_groups = emalloc2(user_ngroups, sizeof(GETGROUPS_T));
if (getgroups(user_ngroups, user_groups) < 0) if (getgroups(user_ngroups, user_groups) < 0)
log_error(USE_ERRNO|MSG_ONLY, "can't get group vector"); log_error(USE_ERRNO|MSG_ONLY, _("can't get group vector"));
} }
# ifdef HAVE_SETAUTHDB # ifdef HAVE_SETAUTHDB
aix_restoreauthdb(); aix_restoreauthdb();

100
plugins/sudoers/sudoers.c
View File

@@ -201,11 +201,11 @@ sudoers_policy_open(unsigned int version, sudo_conv_t conversation,
if (nss->open(nss) == 0 && nss->parse(nss) == 0) { if (nss->open(nss) == 0 && nss->parse(nss) == 0) {
sources++; sources++;
if (nss->setdefs(nss) != 0) if (nss->setdefs(nss) != 0)
log_error(NO_STDERR|NO_EXIT, "problem with defaults entries"); log_error(NO_STDERR|NO_EXIT, _("problem with defaults entries"));
} }
} }
if (sources == 0) { if (sources == 0) {
warningx("no valid sudoers sources found, quitting"); warningx(_("no valid sudoers sources found, quitting"));
return -1; return -1;
} }
@@ -236,7 +236,7 @@ sudoers_policy_open(unsigned int version, sudo_conv_t conversation,
set_runaspw(runas_user ? runas_user : def_runas_default); set_runaspw(runas_user ? runas_user : def_runas_default);
if (!update_defaults(SETDEF_RUNAS)) if (!update_defaults(SETDEF_RUNAS))
log_error(NO_STDERR|NO_EXIT, "problem with defaults entries"); log_error(NO_STDERR|NO_EXIT, _("problem with defaults entries"));
if (def_fqdn) if (def_fqdn)
set_fqdn(); /* deferred until after sudoers is parsed */ set_fqdn(); /* deferred until after sudoers is parsed */
@@ -259,7 +259,7 @@ sudoers_policy_close(int exit_status, int error_code)
/* We do not currently log the exit status. */ /* We do not currently log the exit status. */
if (error_code) if (error_code)
warningx("unable to execute %s: %s", safe_cmnd, strerror(error_code)); warningx(_("unable to execute %s: %s"), safe_cmnd, strerror(error_code));
/* Close the session we opened in sudoers_policy_init_session(). */ /* Close the session we opened in sudoers_policy_init_session(). */
if (ISSET(sudo_mode, MODE_RUN|MODE_EDIT)) if (ISSET(sudo_mode, MODE_RUN|MODE_EDIT))
@@ -306,14 +306,14 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
/* Is root even allowed to run sudo? */ /* Is root even allowed to run sudo? */
if (user_uid == 0 && !def_root_sudo) { if (user_uid == 0 && !def_root_sudo) {
warningx("sudoers specifies that root is not allowed to sudo"); warningx(_("sudoers specifies that root is not allowed to sudo"));
goto bad; goto bad;
} }
/* Check for -C overriding def_closefrom. */ /* Check for -C overriding def_closefrom. */
if (user_closefrom >= 0 && user_closefrom != def_closefrom) { if (user_closefrom >= 0 && user_closefrom != def_closefrom) {
if (!def_closefrom_override) { if (!def_closefrom_override) {
warningx("you are not permitted to use the -C option"); warningx(_("you are not permitted to use the -C option"));
goto bad; goto bad;
} }
def_closefrom = user_closefrom; def_closefrom = user_closefrom;
@@ -352,7 +352,7 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
#ifdef HAVE_SETLOCALE #ifdef HAVE_SETLOCALE
if (!setlocale(LC_ALL, def_sudoers_locale)) { if (!setlocale(LC_ALL, def_sudoers_locale)) {
warningx("unable to set locale to \"%s\", using \"C\"", warningx(_("unable to set locale to \"%s\", using \"C\""),
def_sudoers_locale); def_sudoers_locale);
setlocale(LC_ALL, "C"); setlocale(LC_ALL, "C");
} }
@@ -398,7 +398,7 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
else else
pw = sudo_getpwnam(def_timestampowner); pw = sudo_getpwnam(def_timestampowner);
if (!pw) if (!pw)
log_error(0, "timestamp owner (%s): No such user", log_error(0, _("timestamp owner (%s): No such user"),
def_timestampowner); def_timestampowner);
timestamp_uid = pw->pw_uid; timestamp_uid = pw->pw_uid;
pw_delref(pw); pw_delref(pw);
@@ -418,8 +418,8 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
if (def_requiretty) { if (def_requiretty) {
int fd = open(_PATH_TTY, O_RDWR|O_NOCTTY); int fd = open(_PATH_TTY, O_RDWR|O_NOCTTY);
if (fd == -1) { if (fd == -1) {
audit_failure(NewArgv, "no tty"); audit_failure(NewArgv, _("no tty"));
warningx("sorry, you must have a tty to run sudo"); warningx(_("sorry, you must have a tty to run sudo"));
goto bad; goto bad;
} else } else
(void) close(fd); (void) close(fd);
@@ -465,7 +465,7 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
/* If the user was not allowed to run the command we are done. */ /* If the user was not allowed to run the command we are done. */
if (!ISSET(validated, VALIDATE_OK)) { if (!ISSET(validated, VALIDATE_OK)) {
if (ISSET(validated, FLAG_NO_USER | FLAG_NO_HOST)) { if (ISSET(validated, FLAG_NO_USER | FLAG_NO_HOST)) {
audit_failure(NewArgv, "No user or host"); audit_failure(NewArgv, _("No user or host"));
log_denial(validated, 1); log_denial(validated, 1);
} else { } else {
if (def_path_info) { if (def_path_info) {
@@ -479,14 +479,14 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
log_denial(validated, log_denial(validated,
!(cmnd_status == NOT_FOUND_DOT || cmnd_status == NOT_FOUND)); !(cmnd_status == NOT_FOUND_DOT || cmnd_status == NOT_FOUND));
if (cmnd_status == NOT_FOUND) if (cmnd_status == NOT_FOUND)
warningx("%s: command not found", user_cmnd); warningx(_("%s: command not found"), user_cmnd);
else if (cmnd_status == NOT_FOUND_DOT) else if (cmnd_status == NOT_FOUND_DOT)
warningx("ignoring `%s' found in '.'\nUse `sudo ./%s' if this is the `%s' you wish to run.", user_cmnd, user_cmnd, user_cmnd); warningx(_("ignoring `%s' found in '.'\nUse `sudo ./%s' if this is the `%s' you wish to run."), user_cmnd, user_cmnd, user_cmnd);
} else { } else {
/* Just tell the user they are not allowed to run foo. */ /* Just tell the user they are not allowed to run foo. */
log_denial(validated, 1); log_denial(validated, 1);
} }
audit_failure(NewArgv, "validation failure"); audit_failure(NewArgv, _("validation failure"));
} }
goto bad; goto bad;
} }
@@ -496,19 +496,19 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
/* Finally tell the user if the command did not exist. */ /* Finally tell the user if the command did not exist. */
if (cmnd_status == NOT_FOUND_DOT) { if (cmnd_status == NOT_FOUND_DOT) {
audit_failure(NewArgv, "command in current directory"); audit_failure(NewArgv, _("command in current directory"));
warningx("ignoring `%s' found in '.'\nUse `sudo ./%s' if this is the `%s' you wish to run.", user_cmnd, user_cmnd, user_cmnd); warningx(_("ignoring `%s' found in '.'\nUse `sudo ./%s' if this is the `%s' you wish to run."), user_cmnd, user_cmnd, user_cmnd);
goto bad; goto bad;
} else if (cmnd_status == NOT_FOUND) { } else if (cmnd_status == NOT_FOUND) {
audit_failure(NewArgv, "%s: command not found", user_cmnd); audit_failure(NewArgv, _("%s: command not found"), user_cmnd);
warningx("%s: command not found", user_cmnd); warningx(_("%s: command not found"), user_cmnd);
goto bad; goto bad;
} }
/* If user specified env vars make sure sudoers allows it. */ /* If user specified env vars make sure sudoers allows it. */
if (ISSET(sudo_mode, MODE_RUN) && !def_setenv) { if (ISSET(sudo_mode, MODE_RUN) && !def_setenv) {
if (ISSET(sudo_mode, MODE_PRESERVE_ENV)) { if (ISSET(sudo_mode, MODE_PRESERVE_ENV)) {
warningx("sorry, you are not allowed to preserve the environment"); warningx(_("sorry, you are not allowed to preserve the environment"));
goto bad; goto bad;
} else } else
validate_env_vars(sudo_user.env_vars); validate_env_vars(sudo_user.env_vars);
@@ -731,7 +731,7 @@ sudoers_policy_list(int argc, char * const argv[], int verbose,
if (list_user) { if (list_user) {
list_pw = sudo_getpwnam(list_user); list_pw = sudo_getpwnam(list_user);
if (list_pw == NULL) { if (list_pw == NULL) {
warningx("unknown user: %s", list_user); warningx(_("unknown user: %s"), list_user);
return -1; return -1;
} }
} }
@@ -797,8 +797,8 @@ init_vars(char * const envp[])
* YP/NIS/NIS+/LDAP/etc daemon has died. * YP/NIS/NIS+/LDAP/etc daemon has died.
*/ */
if (sudo_mode == MODE_KILL || sudo_mode == MODE_INVALIDATE) if (sudo_mode == MODE_KILL || sudo_mode == MODE_INVALIDATE)
errorx(1, "unknown user: %s", user_name); errorx(1, _("unknown user: %s"), user_name);
log_error(0, "unknown user: %s", user_name); log_error(0, _("unknown user: %s"), user_name);
/* NOTREACHED */ /* NOTREACHED */
} }
#ifdef HAVE_MBR_CHECK_MEMBERSHIP #ifdef HAVE_MBR_CHECK_MEMBERSHIP
@@ -855,7 +855,7 @@ set_cmnd(int sudo_mode)
for (to = user_args, from = NewArgv + 1; *from; from++) { for (to = user_args, from = NewArgv + 1; *from; from++) {
n = strlcpy(to, *from, size - (to - user_args)); n = strlcpy(to, *from, size - (to - user_args));
if (n >= size - (to - user_args)) if (n >= size - (to - user_args))
errorx(1, "internal error, set_cmnd() overflow"); errorx(1, _("internal error, set_cmnd() overflow"));
to += n; to += n;
*to++ = ' '; *to++ = ' ';
} }
@@ -863,7 +863,7 @@ set_cmnd(int sudo_mode)
} }
} }
if (strlen(user_cmnd) >= PATH_MAX) if (strlen(user_cmnd) >= PATH_MAX)
errorx(1, "%s: file name too long", user_cmnd); errorx(1, _("%s: file name too long"), user_cmnd);
if ((user_base = strrchr(user_cmnd, '/')) != NULL) if ((user_base = strrchr(user_cmnd, '/')) != NULL)
user_base++; user_base++;
@@ -871,7 +871,7 @@ set_cmnd(int sudo_mode)
user_base = user_cmnd; user_base = user_cmnd;
if (!update_defaults(SETDEF_CMND)) if (!update_defaults(SETDEF_CMND))
log_error(NO_STDERR|NO_EXIT, "problem with defaults entries"); log_error(NO_STDERR|NO_EXIT, _("problem with defaults entries"));
if (!runas_user && !runas_group) if (!runas_user && !runas_group)
set_runaspw(def_runas_default); /* may have been updated above */ set_runaspw(def_runas_default); /* may have been updated above */
@@ -899,17 +899,17 @@ open_sudoers(const char *sudoers, int doedit, int *keepopen)
(statbuf.st_mode & 0007777) == 0400) { (statbuf.st_mode & 0007777) == 0400) {
if (chmod(sudoers, sudoers_mode) == 0) { if (chmod(sudoers, sudoers_mode) == 0) {
warningx("fixed mode on %s", sudoers); warningx(_("fixed mode on %s"), sudoers);
SET(statbuf.st_mode, sudoers_mode); SET(statbuf.st_mode, sudoers_mode);
if (statbuf.st_gid != sudoers_gid) { if (statbuf.st_gid != sudoers_gid) {
if (chown(sudoers, (uid_t) -1, sudoers_gid) == 0) { if (chown(sudoers, (uid_t) -1, sudoers_gid) == 0) {
warningx("set group on %s", sudoers); warningx(_("set group on %s"), sudoers);
statbuf.st_gid = sudoers_gid; statbuf.st_gid = sudoers_gid;
} else } else
warning("unable to set group on %s", sudoers); warning(_("unable to set group on %s"), sudoers);
} }
} else } else
warning("unable to fix mode on %s", sudoers); warning(_("unable to fix mode on %s"), sudoers);
} }
/* /*
@@ -920,28 +920,28 @@ open_sudoers(const char *sudoers, int doedit, int *keepopen)
set_perms(PERM_SUDOERS); set_perms(PERM_SUDOERS);
if (rootstat != 0 && stat_sudoers(sudoers, &statbuf) != 0) if (rootstat != 0 && stat_sudoers(sudoers, &statbuf) != 0)
log_error(USE_ERRNO|NO_EXIT, "can't stat %s", sudoers); log_error(USE_ERRNO|NO_EXIT, _("can't stat %s"), sudoers);
else if (!S_ISREG(statbuf.st_mode)) else if (!S_ISREG(statbuf.st_mode))
log_error(NO_EXIT, "%s is not a regular file", sudoers); log_error(NO_EXIT, _("%s is not a regular file"), sudoers);
else if ((statbuf.st_mode & 07577) != sudoers_mode) else if ((statbuf.st_mode & 07577) != sudoers_mode)
log_error(NO_EXIT, "%s is mode 0%o, should be 0%o", sudoers, log_error(NO_EXIT, _("%s is mode 0%o, should be 0%o"), sudoers,
(unsigned int) (statbuf.st_mode & 07777), (unsigned int) (statbuf.st_mode & 07777),
(unsigned int) sudoers_mode); (unsigned int) sudoers_mode);
else if (statbuf.st_uid != sudoers_uid) else if (statbuf.st_uid != sudoers_uid)
log_error(NO_EXIT, "%s is owned by uid %u, should be %u", sudoers, log_error(NO_EXIT, _("%s is owned by uid %u, should be %u"), sudoers,
(unsigned int) statbuf.st_uid, (unsigned int) sudoers_uid); (unsigned int) statbuf.st_uid, (unsigned int) sudoers_uid);
else if (ISSET(statbuf.st_mode, S_IRGRP) && statbuf.st_gid != sudoers_gid) else if (ISSET(statbuf.st_mode, S_IRGRP) && statbuf.st_gid != sudoers_gid)
log_error(NO_EXIT, "%s is owned by gid %u, should be %u", sudoers, log_error(NO_EXIT, _("%s is owned by gid %u, should be %u"), sudoers,
(unsigned int) statbuf.st_gid, (unsigned int) sudoers_gid); (unsigned int) statbuf.st_gid, (unsigned int) sudoers_gid);
else if ((fp = fopen(sudoers, "r")) == NULL) else if ((fp = fopen(sudoers, "r")) == NULL)
log_error(USE_ERRNO|NO_EXIT, "can't open %s", sudoers); log_error(USE_ERRNO|NO_EXIT, _("can't open %s"), sudoers);
else { else {
/* /*
* Make sure we can actually read sudoers so we can present the * Make sure we can actually read sudoers so we can present the
* user with a reasonable error message (unlike the lexer). * user with a reasonable error message (unlike the lexer).
*/ */
if (statbuf.st_size != 0 && fgetc(fp) == EOF) { if (statbuf.st_size != 0 && fgetc(fp) == EOF) {
log_error(USE_ERRNO|NO_EXIT, "can't read %s", sudoers); log_error(USE_ERRNO|NO_EXIT, _("can't read %s"), sudoers);
fclose(fp); fclose(fp);
fp = NULL; fp = NULL;
} }
@@ -975,7 +975,7 @@ set_loginclass(struct passwd *pw)
if (login_class && strcmp(login_class, "-") != 0) { if (login_class && strcmp(login_class, "-") != 0) {
if (user_uid != 0 && if (user_uid != 0 &&
strcmp(runas_user ? runas_user : def_runas_default, "root") != 0) strcmp(runas_user ? runas_user : def_runas_default, "root") != 0)
errorx(1, "only root can use -c %s", login_class); errorx(1, _("only root can use -c %s"), login_class);
} else { } else {
login_class = pw->pw_class; login_class = pw->pw_class;
if (!login_class || !*login_class) if (!login_class || !*login_class)
@@ -985,7 +985,7 @@ set_loginclass(struct passwd *pw)
lc = login_getclass(login_class); lc = login_getclass(login_class);
if (!lc || !lc->lc_class || strcmp(lc->lc_class, login_class) != 0) { if (!lc || !lc->lc_class || strcmp(lc->lc_class, login_class) != 0) {
log_error(errflags, "unknown login class: %s", login_class); log_error(errflags, _("unknown login class: %s"), login_class);
if (!lc) if (!lc)
lc = login_getclass(NULL); /* needed for login_getstyle() later */ lc = login_getclass(NULL); /* needed for login_getstyle() later */
} }
@@ -1019,7 +1019,7 @@ set_fqdn(void)
if (!(hp = gethostbyname(user_host))) { if (!(hp = gethostbyname(user_host))) {
#endif #endif
log_error(MSG_ONLY|NO_EXIT, log_error(MSG_ONLY|NO_EXIT,
"unable to resolve host %s", user_host); _("unable to resolve host %s"), user_host);
} else { } else {
if (user_shost != user_host) if (user_shost != user_host)
efree(user_shost); efree(user_shost);
@@ -1051,8 +1051,8 @@ set_runaspw(char *user)
runas_pw = sudo_fakepwnam(user, runas_gr ? runas_gr->gr_gid : 0); runas_pw = sudo_fakepwnam(user, runas_gr ? runas_gr->gr_gid : 0);
} else { } else {
if ((runas_pw = sudo_getpwnam(user)) == NULL) { if ((runas_pw = sudo_getpwnam(user)) == NULL) {
audit_failure(NewArgv, "unknown user: %s", user); audit_failure(NewArgv, _("unknown user: %s"), user);
log_error(NO_MAIL|MSG_ONLY, "unknown user: %s", user); log_error(NO_MAIL|MSG_ONLY, _("unknown user: %s"), user);
} }
} }
} }
@@ -1071,7 +1071,7 @@ set_runasgr(char *group)
runas_gr = sudo_fakegrnam(group); runas_gr = sudo_fakegrnam(group);
} else { } else {
if ((runas_gr = sudo_getgrnam(group)) == NULL) if ((runas_gr = sudo_getgrnam(group)) == NULL)
log_error(NO_MAIL|MSG_ONLY, "unknown group: %s", group); log_error(NO_MAIL|MSG_ONLY, _("unknown group: %s"), group);
} }
} }
@@ -1103,19 +1103,19 @@ sudoers_policy_version(int verbose)
return -1; return -1;
} }
sudo_printf(SUDO_CONV_INFO_MSG, "Sudoers policy plugin version %s\n", sudo_printf(SUDO_CONV_INFO_MSG, _("Sudoers policy plugin version %s\n"),
PACKAGE_VERSION); PACKAGE_VERSION);
sudo_printf(SUDO_CONV_INFO_MSG, "Sudoers file grammar version %d\n", sudo_printf(SUDO_CONV_INFO_MSG, _("Sudoers file grammar version %d\n"),
SUDOERS_GRAMMAR_VERSION); SUDOERS_GRAMMAR_VERSION);
if (verbose) { if (verbose) {
sudo_printf(SUDO_CONV_INFO_MSG, "\nSudoers path: %s\n", sudoers_file); sudo_printf(SUDO_CONV_INFO_MSG, _("\nSudoers path: %s\n"), sudoers_file);
#ifdef HAVE_LDAP #ifdef HAVE_LDAP
# ifdef _PATH_NSSWITCH_CONF # ifdef _PATH_NSSWITCH_CONF
sudo_printf(SUDO_CONV_INFO_MSG, "nsswitch path: %s\n", _PATH_NSSWITCH_CONF); sudo_printf(SUDO_CONV_INFO_MSG, _("nsswitch path: %s\n"), _PATH_NSSWITCH_CONF);
# endif # endif
sudo_printf(SUDO_CONV_INFO_MSG, "ldap.conf path: %s\n", _PATH_LDAP_CONF); sudo_printf(SUDO_CONV_INFO_MSG, _("ldap.conf path: %s\n"), _PATH_LDAP_CONF);
sudo_printf(SUDO_CONV_INFO_MSG, "ldap.secret path: %s\n", _PATH_LDAP_SECRET); sudo_printf(SUDO_CONV_INFO_MSG, _("ldap.secret path: %s\n"), _PATH_LDAP_SECRET);
#endif #endif
dump_auth_methods(); dump_auth_methods();
dump_defaults(); dump_defaults();
@@ -1408,8 +1408,8 @@ find_editor(int nfiles, char **files, char ***argv_out)
efree(editor); efree(editor);
} }
if (!editor_path) { if (!editor_path) {
audit_failure(NewArgv, "%s: command not found", editor); audit_failure(NewArgv, _("%s: command not found"), editor);
warningx("%s: command not found", editor); warningx(_("%s: command not found"), editor);
} }
return editor_path; return editor_path;
} }

52
plugins/sudoers/sudoreplay.c
View File

@@ -259,7 +259,7 @@ main(int argc, char *argv[])
else if (strcmp(cp, "ttyout") == 0) else if (strcmp(cp, "ttyout") == 0)
SET(replay_filter, 1 << IOFD_TTYOUT); SET(replay_filter, 1 << IOFD_TTYOUT);
else else
errorx(1, "invalid filter option: %s", optarg); errorx(1, _("invalid filter option: %s"), optarg);
} }
break; break;
case 'h': case 'h':
@@ -272,13 +272,13 @@ main(int argc, char *argv[])
errno = 0; errno = 0;
max_wait = strtod(optarg, &ep); max_wait = strtod(optarg, &ep);
if (*ep != '\0' || errno != 0) if (*ep != '\0' || errno != 0)
errorx(1, "invalid max wait: %s", optarg); errorx(1, _("invalid max wait: %s"), optarg);
break; break;
case 's': case 's':
errno = 0; errno = 0;
speed = strtod(optarg, &ep); speed = strtod(optarg, &ep);
if (*ep != '\0' || errno != 0) if (*ep != '\0' || errno != 0)
errorx(1, "invalid speed factor: %s", optarg); errorx(1, _("invalid speed factor: %s"), optarg);
break; break;
case 'V': case 'V':
(void) printf("%s version %s\n", getprogname(), PACKAGE_VERSION); (void) printf("%s version %s\n", getprogname(), PACKAGE_VERSION);
@@ -304,13 +304,13 @@ main(int argc, char *argv[])
plen = snprintf(path, sizeof(path), "%s/%.2s/%.2s/%.2s/timing", plen = snprintf(path, sizeof(path), "%s/%.2s/%.2s/%.2s/timing",
session_dir, id, &id[2], &id[4]); session_dir, id, &id[2], &id[4]);
if (plen <= 0 || plen >= sizeof(path)) if (plen <= 0 || plen >= sizeof(path))
errorx(1, "%s/%.2s/%.2s/%.2s/%.2s/timing: %s", session_dir, errorx(1, _("%s/%.2s/%.2s/%.2s/%.2s/timing: %s"), session_dir,
id, &id[2], &id[4], strerror(ENAMETOOLONG)); id, &id[2], &id[4], strerror(ENAMETOOLONG));
} else { } else {
plen = snprintf(path, sizeof(path), "%s/%s/timing", plen = snprintf(path, sizeof(path), "%s/%s/timing",
session_dir, id); session_dir, id);
if (plen <= 0 || plen >= sizeof(path)) if (plen <= 0 || plen >= sizeof(path))
errorx(1, "%s/%s/timing: %s", session_dir, errorx(1, _("%s/%s/timing: %s"), session_dir,
id, strerror(ENAMETOOLONG)); id, strerror(ENAMETOOLONG));
} }
plen -= 7; plen -= 7;
@@ -320,7 +320,7 @@ main(int argc, char *argv[])
if (ISSET(replay_filter, 1 << idx) || idx == IOFD_TIMING) { if (ISSET(replay_filter, 1 << idx) || idx == IOFD_TIMING) {
io_fds[idx].v = open_io_fd(path, plen, io_fnames[idx]); io_fds[idx].v = open_io_fd(path, plen, io_fnames[idx]);
if (io_fds[idx].v == NULL) if (io_fds[idx].v == NULL)
error(1, "unable to open %s", path); error(1, _("unable to open %s"), path);
} }
} }
@@ -329,14 +329,14 @@ main(int argc, char *argv[])
strlcat(path, "/log", sizeof(path)); strlcat(path, "/log", sizeof(path));
lfile = fopen(path, "r"); lfile = fopen(path, "r");
if (lfile == NULL) if (lfile == NULL)
error(1, "unable to open %s", path); error(1, _("unable to open %s"), path);
cp = NULL; cp = NULL;
len = 0; len = 0;
/* Pull out command (third line). */ /* Pull out command (third line). */
if (getline(&cp, &len, lfile) == -1 || if (getline(&cp, &len, lfile) == -1 ||
getline(&cp, &len, lfile) == -1 || getline(&cp, &len, lfile) == -1 ||
getline(&cp, &len, lfile) == -1) { getline(&cp, &len, lfile) == -1) {
errorx(1, "invalid log file %s", path); errorx(1, _("invalid log file %s"), path);
} }
printf("Replaying sudo session: %s", cp); printf("Replaying sudo session: %s", cp);
free(cp); free(cp);
@@ -364,7 +364,7 @@ main(int argc, char *argv[])
if (ch != -1) if (ch != -1)
(void) fcntl(STDIN_FILENO, F_SETFL, ch | O_NONBLOCK); (void) fcntl(STDIN_FILENO, F_SETFL, ch | O_NONBLOCK);
if (!term_raw(STDIN_FILENO, 1)) if (!term_raw(STDIN_FILENO, 1))
error(1, "cannot set tty to raw mode"); error(1, _("cannot set tty to raw mode"));
} }
fdsw = (fd_set *)emalloc2(howmany(STDOUT_FILENO + 1, NFDBITS), fdsw = (fd_set *)emalloc2(howmany(STDOUT_FILENO + 1, NFDBITS),
sizeof(fd_mask)); sizeof(fd_mask));
@@ -378,7 +378,7 @@ main(int argc, char *argv[])
while (fgets(buf, sizeof(buf), io_fds[IOFD_TIMING].f) != NULL) { while (fgets(buf, sizeof(buf), io_fds[IOFD_TIMING].f) != NULL) {
#endif #endif
if (!parse_timing(buf, decimal, &idx, &seconds, &nbytes)) if (!parse_timing(buf, decimal, &idx, &seconds, &nbytes))
errorx(1, "invalid timing file line: %s", buf); errorx(1, _("invalid timing file line: %s"), buf);
if (interactive) if (interactive)
check_input(STDIN_FILENO, &speed); check_input(STDIN_FILENO, &speed);
@@ -420,7 +420,7 @@ main(int argc, char *argv[])
if (nready == 1) if (nready == 1)
continue; continue;
} }
error(1, "writing to standard output"); error(1, _("writing to standard output"));
} }
off += nwritten; off += nwritten;
} while (nread > off); } while (nread > off);
@@ -450,7 +450,7 @@ delay(double secs)
rval = nanosleep(&ts, &rts); rval = nanosleep(&ts, &rts);
} while (rval == -1 && errno == EINTR); } while (rval == -1 && errno == EINTR);
if (rval == -1) if (rval == -1)
error(1, "nanosleep: tv_sec %ld, tv_nsec %ld", ts.tv_sec, ts.tv_nsec); error(1, _("nanosleep: tv_sec %ld, tv_nsec %ld"), ts.tv_sec, ts.tv_nsec);
} }
static void * static void *
@@ -494,7 +494,7 @@ parse_expr(struct search_node **headp, char *argv[])
continue; continue;
case 'c': /* command */ case 'c': /* command */
if (av[0][1] == '\0') if (av[0][1] == '\0')
errorx(1, "ambiguous expression \"%s\"", *av); errorx(1, _("ambiguous expression \"%s\""), *av);
if (strncmp(*av, "cwd", strlen(*av)) == 0) if (strncmp(*av, "cwd", strlen(*av)) == 0)
type = ST_CWD; type = ST_CWD;
else if (strncmp(*av, "command", strlen(*av)) == 0) else if (strncmp(*av, "command", strlen(*av)) == 0)
@@ -519,7 +519,7 @@ parse_expr(struct search_node **headp, char *argv[])
break; break;
case 't': /* tty or to date */ case 't': /* tty or to date */
if (av[0][1] == '\0') if (av[0][1] == '\0')
errorx(1, "ambiguous expression \"%s\"", *av); errorx(1, _("ambiguous expression \"%s\""), *av);
if (strncmp(*av, "todate", strlen(*av)) == 0) if (strncmp(*av, "todate", strlen(*av)) == 0)
type = ST_TODATE; type = ST_TODATE;
else if (strncmp(*av, "tty", strlen(*av)) == 0) else if (strncmp(*av, "tty", strlen(*av)) == 0)
@@ -536,7 +536,7 @@ parse_expr(struct search_node **headp, char *argv[])
if (av[0][1] != '\0') if (av[0][1] != '\0')
goto bad; goto bad;
if (stack_top + 1 == STACK_NODE_SIZE) { if (stack_top + 1 == STACK_NODE_SIZE) {
errorx(1, "too many parenthesized expressions, max %d", errorx(1, _("too many parenthesized expressions, max %d"),
STACK_NODE_SIZE); STACK_NODE_SIZE);
} }
node_stack[stack_top++] = sn; node_stack[stack_top++] = sn;
@@ -547,13 +547,13 @@ parse_expr(struct search_node **headp, char *argv[])
goto bad; goto bad;
/* pop */ /* pop */
if (--stack_top < 0) if (--stack_top < 0)
errorx(1, "unmatched ')' in expression"); errorx(1, _("unmatched ')' in expression"));
if (node_stack[stack_top]) if (node_stack[stack_top])
sn->next = node_stack[stack_top]->next; sn->next = node_stack[stack_top]->next;
return av - argv + 1; return av - argv + 1;
bad: bad:
default: default:
errorx(1, "unknown search term \"%s\"", *av); errorx(1, _("unknown search term \"%s\""), *av);
/* NOTREACHED */ /* NOTREACHED */
} }
@@ -567,17 +567,17 @@ parse_expr(struct search_node **headp, char *argv[])
av += parse_expr(&newsn->u.expr, av + 1); av += parse_expr(&newsn->u.expr, av + 1);
} else { } else {
if (*(++av) == NULL) if (*(++av) == NULL)
errorx(1, "%s requires an argument", av[-1]); errorx(1, _("%s requires an argument"), av[-1]);
#ifdef HAVE_REGCOMP #ifdef HAVE_REGCOMP
if (type == ST_PATTERN) { if (type == ST_PATTERN) {
if (regcomp(&newsn->u.cmdre, *av, REG_EXTENDED|REG_NOSUB) != 0) if (regcomp(&newsn->u.cmdre, *av, REG_EXTENDED|REG_NOSUB) != 0)
errorx(1, "invalid regex: %s", *av); errorx(1, _("invalid regex: %s"), *av);
} else } else
#endif #endif
if (type == ST_TODATE || type == ST_FROMDATE) { if (type == ST_TODATE || type == ST_FROMDATE) {
newsn->u.tstamp = get_date(*av); newsn->u.tstamp = get_date(*av);
if (newsn->u.tstamp == -1) if (newsn->u.tstamp == -1)
errorx(1, "could not parse date \"%s\"", *av); errorx(1, _("could not parse date \"%s\""), *av);
} else { } else {
newsn->u.ptr = *av; newsn->u.ptr = *av;
} }
@@ -590,11 +590,11 @@ parse_expr(struct search_node **headp, char *argv[])
sn = newsn; sn = newsn;
} }
if (stack_top) if (stack_top)
errorx(1, "unmatched '(' in expression"); errorx(1, _("unmatched '(' in expression"));
if (or) if (or)
errorx(1, "illegal trailing \"or\""); errorx(1, _("illegal trailing \"or\""));
if (not) if (not)
errorx(1, "illegal trailing \"!\""); errorx(1, _("illegal trailing \"!\""));
return av - argv; return av - argv;
} }
@@ -666,7 +666,7 @@ list_session(char *logfile, REGEX_T *re, const char *user, const char *tty)
fp = fopen(logfile, "r"); fp = fopen(logfile, "r");
if (fp == NULL) { if (fp == NULL) {
warning("unable to open %s", logfile); warning(_("unable to open %s"), logfile);
goto done; goto done;
} }
@@ -758,7 +758,7 @@ find_sessions(const char *dir, REGEX_T *re, const char *user, const char *tty)
d = opendir(dir); d = opendir(dir);
if (d == NULL) if (d == NULL)
error(1, "unable to open %s", dir); error(1, _("unable to open %s"), dir);
/* XXX - would be faster to chdir and use relative names */ /* XXX - would be faster to chdir and use relative names */
sdlen = strlcpy(pathbuf, dir, sizeof(pathbuf)); sdlen = strlcpy(pathbuf, dir, sizeof(pathbuf));
@@ -810,7 +810,7 @@ list_sessions(int argc, char **argv, const char *pattern, const char *user,
if (pattern) { if (pattern) {
re = &rebuf; re = &rebuf;
if (regcomp(re, pattern, REG_EXTENDED|REG_NOSUB) != 0) if (regcomp(re, pattern, REG_EXTENDED|REG_NOSUB) != 0)
errorx(1, "invalid regex: %s", pattern); errorx(1, _("invalid regex: %s"), pattern);
} }
#else #else
re = (char *) pattern; re = (char *) pattern;

14
plugins/sudoers/testsudoers.c
View File

@@ -197,7 +197,7 @@ main(int argc, char *argv[])
argc -= 2; argc -= 2;
} }
if ((sudo_user.pw = sudo_getpwnam(user_name)) == NULL) if ((sudo_user.pw = sudo_getpwnam(user_name)) == NULL)
errorx(1, "no passwd entry for %s!", user_name); errorx(1, _("unknown user: %s"), user_name);
if (user_host == NULL) { if (user_host == NULL) {
if (gethostname(hbuf, sizeof(hbuf)) != 0) if (gethostname(hbuf, sizeof(hbuf)) != 0)
@@ -225,7 +225,7 @@ main(int argc, char *argv[])
for (to = user_args, from = argv + 1; *from; from++) { for (to = user_args, from = argv + 1; *from; from++) {
n = strlcpy(to, *from, size - (to - user_args)); n = strlcpy(to, *from, size - (to - user_args));
if (n >= size - (to - user_args)) if (n >= size - (to - user_args))
errorx(1, "internal error, init_vars() overflow"); errorx(1, _("internal error, init_vars() overflow"));
to += n; to += n;
*to++ = ' '; *to++ = ' ';
} }
@@ -301,11 +301,11 @@ main(int argc, char *argv[])
} }
} }
} else } else
puts("\thost unmatched"); puts(_("\thost unmatched"));
} }
} }
printf("\nCommand %s\n", match == ALLOW ? "allowed" : puts(match == ALLOW ? _("\nCommand allowed") :
match == DENY ? "denied" : "unmatched"); match == DENY ? _("\nCommand denied") : _("\nCommand unmatched"));
/* /*
* Exit codes: * Exit codes:
@@ -327,7 +327,7 @@ set_runaspw(char *user)
runas_pw = sudo_fakepwnam(user, runas_gr ? runas_gr->gr_gid : 0); runas_pw = sudo_fakepwnam(user, runas_gr ? runas_gr->gr_gid : 0);
} else { } else {
if ((runas_pw = sudo_getpwnam(user)) == NULL) if ((runas_pw = sudo_getpwnam(user)) == NULL)
errorx(1, "unknown user: %s", user); errorx(1, _("unknown user: %s"), user);
} }
} }
@@ -339,7 +339,7 @@ set_runasgr(char *group)
runas_gr = sudo_fakegrnam(group); runas_gr = sudo_fakegrnam(group);
} else { } else {
if ((runas_gr = sudo_getgrnam(group)) == NULL) if ((runas_gr = sudo_getgrnam(group)) == NULL)
errorx(1, "unknown group: %s", group); errorx(1, _("unknown group: %s"), group);
} }
} }

14
plugins/sudoers/toke.c
View File

@@ -3367,11 +3367,11 @@ switch_dir(struct include_stack *stack, char *dirpath)
if (!(dir = opendir(dirpath))) { if (!(dir = opendir(dirpath))) {
if (errno != ENOENT) { if (errno != ENOENT) {
char *errbuf; char *errbuf;
if (asprintf(&errbuf, "%s: %s", dirpath, strerror(errno)) != -1) { if (asprintf(&errbuf, _("%s: %s"), dirpath, strerror(errno)) != -1) {
yyerror(errbuf); yyerror(errbuf);
free(errbuf); free(errbuf);
} else { } else {
yyerror("unable to allocate memory"); yyerror(_("unable to allocate memory"));
} }
} }
goto done; goto done;
@@ -3490,14 +3490,14 @@ _push_include(char *path, int isdir)
/* push current state onto stack */ /* push current state onto stack */
if (idepth >= istacksize) { if (idepth >= istacksize) {
if (idepth > MAX_SUDOERS_DEPTH) { if (idepth > MAX_SUDOERS_DEPTH) {
yyerror("too many levels of includes"); yyerror(_("too many levels of includes"));
return FALSE; return FALSE;
} }
istacksize += SUDOERS_STACK_INCREMENT; istacksize += SUDOERS_STACK_INCREMENT;
istack = (struct include_stack *) realloc(istack, istack = (struct include_stack *) realloc(istack,
sizeof(*istack) * istacksize); sizeof(*istack) * istacksize);
if (istack == NULL) { if (istack == NULL) {
yyerror("unable to allocate memory"); yyerror(_("unable to allocate memory"));
return FALSE; return FALSE;
} }
} }
@@ -3518,11 +3518,11 @@ _push_include(char *path, int isdir)
} else { } else {
if ((fp = open_sudoers(path, TRUE, &keepopen)) == NULL) { if ((fp = open_sudoers(path, TRUE, &keepopen)) == NULL) {
char *errbuf; char *errbuf;
if (asprintf(&errbuf, "%s: %s", path, strerror(errno)) != -1) { if (asprintf(&errbuf, _("%s: %s"), path, strerror(errno)) != -1) {
yyerror(errbuf); yyerror(errbuf);
free(errbuf); free(errbuf);
} else { } else {
yyerror("unable to allocate memory"); yyerror(_("unable to allocate memory"));
} }
return FALSE; return FALSE;
} }
@@ -3608,7 +3608,7 @@ parse_include(char *base)
/* Make a copy of path and return it. */ /* Make a copy of path and return it. */
len += (int)(ep - cp); len += (int)(ep - cp);
if ((path = malloc(len + 1)) == NULL) if ((path = malloc(len + 1)) == NULL)
yyerror("unable to allocate memory"); yyerror(_("unable to allocate memory"));
if (subst) { if (subst) {
/* substitute for %h */ /* substitute for %h */
char *pp = path; char *pp = path;

14
plugins/sudoers/toke.l
View File

@@ -658,11 +658,11 @@ switch_dir(struct include_stack *stack, char *dirpath)
if (!(dir = opendir(dirpath))) { if (!(dir = opendir(dirpath))) {
if (errno != ENOENT) { if (errno != ENOENT) {
char *errbuf; char *errbuf;
if (asprintf(&errbuf, "%s: %s", dirpath, strerror(errno)) != -1) { if (asprintf(&errbuf, _("%s: %s"), dirpath, strerror(errno)) != -1) {
yyerror(errbuf); yyerror(errbuf);
free(errbuf); free(errbuf);
} else { } else {
yyerror("unable to allocate memory"); yyerror(_("unable to allocate memory"));
} }
} }
goto done; goto done;
@@ -781,14 +781,14 @@ _push_include(char *path, int isdir)
/* push current state onto stack */ /* push current state onto stack */
if (idepth >= istacksize) { if (idepth >= istacksize) {
if (idepth > MAX_SUDOERS_DEPTH) { if (idepth > MAX_SUDOERS_DEPTH) {
yyerror("too many levels of includes"); yyerror(_("too many levels of includes"));
return FALSE; return FALSE;
} }
istacksize += SUDOERS_STACK_INCREMENT; istacksize += SUDOERS_STACK_INCREMENT;
istack = (struct include_stack *) realloc(istack, istack = (struct include_stack *) realloc(istack,
sizeof(*istack) * istacksize); sizeof(*istack) * istacksize);
if (istack == NULL) { if (istack == NULL) {
yyerror("unable to allocate memory"); yyerror(_("unable to allocate memory"));
return FALSE; return FALSE;
} }
} }
@@ -809,11 +809,11 @@ _push_include(char *path, int isdir)
} else { } else {
if ((fp = open_sudoers(path, TRUE, &keepopen)) == NULL) { if ((fp = open_sudoers(path, TRUE, &keepopen)) == NULL) {
char *errbuf; char *errbuf;
if (asprintf(&errbuf, "%s: %s", path, strerror(errno)) != -1) { if (asprintf(&errbuf, _("%s: %s"), path, strerror(errno)) != -1) {
yyerror(errbuf); yyerror(errbuf);
free(errbuf); free(errbuf);
} else { } else {
yyerror("unable to allocate memory"); yyerror(_("unable to allocate memory"));
} }
return FALSE; return FALSE;
} }
@@ -899,7 +899,7 @@ parse_include(char *base)
/* Make a copy of path and return it. */ /* Make a copy of path and return it. */
len += (int)(ep - cp); len += (int)(ep - cp);
if ((path = malloc(len + 1)) == NULL) if ((path = malloc(len + 1)) == NULL)
yyerror("unable to allocate memory"); yyerror(_("unable to allocate memory"));
if (subst) { if (subst) {
/* substitute for %h */ /* substitute for %h */
char *pp = path; char *pp = path;

8
plugins/sudoers/toke_util.c
View File

@@ -108,7 +108,7 @@ fill_txt(const char *src, int len, int olen)
dst = olen ? realloc(yylval.string, olen + len + 1) : malloc(len + 1); dst = olen ? realloc(yylval.string, olen + len + 1) : malloc(len + 1);
if (dst == NULL) { if (dst == NULL) {
yyerror("unable to allocate memory"); yyerror(_("unable to allocate memory"));
return FALSE; return FALSE;
} }
yylval.string = dst; yylval.string = dst;
@@ -160,7 +160,7 @@ fill_cmnd(const char *src, int len)
dst = yylval.command.cmnd = (char *) malloc(len + 1); dst = yylval.command.cmnd = (char *) malloc(len + 1);
if (yylval.command.cmnd == NULL) { if (yylval.command.cmnd == NULL) {
yyerror("unable to allocate memory"); yyerror(_("unable to allocate memory"));
return FALSE; return FALSE;
} }
@@ -199,7 +199,7 @@ fill_args(const char *s, int len, int addspace)
(char *) malloc(arg_size); (char *) malloc(arg_size);
if (p == NULL) { if (p == NULL) {
efree(yylval.command.args); efree(yylval.command.args);
yyerror("unable to allocate memory"); yyerror(_("unable to allocate memory"));
return FALSE; return FALSE;
} else } else
yylval.command.args = p; yylval.command.args = p;
@@ -210,7 +210,7 @@ fill_args(const char *s, int len, int addspace)
if (addspace) if (addspace)
*p++ = ' '; *p++ = ' ';
if (strlcpy(p, s, arg_size - (p - yylval.command.args)) != len) { if (strlcpy(p, s, arg_size - (p - yylval.command.args)) != len) {
yyerror("fill_args: buffer overflow"); /* paranoia */ yyerror(_("fill_args: buffer overflow")); /* paranoia */
return FALSE; return FALSE;
} }
arg_len = new_len; arg_len = new_len;

60
plugins/sudoers/visudo.c
View File

@@ -200,7 +200,7 @@ main(int argc, char *argv[])
/* Mock up a fake sudo_user struct. */ /* Mock up a fake sudo_user struct. */
user_cmnd = ""; user_cmnd = "";
if ((sudo_user.pw = sudo_getpwuid(getuid())) == NULL) if ((sudo_user.pw = sudo_getpwuid(getuid())) == NULL)
errorx(1, "you don't exist in the passwd database"); errorx(1, _("you don't exist in the passwd database"));
get_hostname(); get_hostname();
/* Setup defaults data structures. */ /* Setup defaults data structures. */
@@ -276,7 +276,7 @@ edit_sudoers(struct sudoersfile *sp, char *editor, char *args, int lineno)
#else #else
if (stat(sp->path, &sb) == -1) if (stat(sp->path, &sb) == -1)
#endif #endif
error(1, "can't stat %s", sp->path); error(1, _("can't stat %s"), sp->path);
orig_size = sb.st_size; orig_size = sb.st_size;
mtim_get(&sb, &orig_mtim); mtim_get(&sb, &orig_mtim);
@@ -292,13 +292,13 @@ edit_sudoers(struct sudoersfile *sp, char *editor, char *args, int lineno)
(void) lseek(sp->fd, (off_t)0, SEEK_SET); (void) lseek(sp->fd, (off_t)0, SEEK_SET);
while ((nread = read(sp->fd, buf, sizeof(buf))) > 0) while ((nread = read(sp->fd, buf, sizeof(buf))) > 0)
if (write(tfd, buf, nread) != nread) if (write(tfd, buf, nread) != nread)
error(1, "write error"); error(1, _("write error"));
/* Add missing newline at EOF if needed. */ /* Add missing newline at EOF if needed. */
if (nread > 0 && buf[nread - 1] != '\n') { if (nread > 0 && buf[nread - 1] != '\n') {
buf[0] = '\n'; buf[0] = '\n';
if (write(tfd, buf, 1) != 1) if (write(tfd, buf, 1) != 1)
error(1, "write error"); error(1, _("write error"));
} }
} }
(void) close(tfd); (void) close(tfd);
@@ -352,18 +352,18 @@ edit_sudoers(struct sudoersfile *sp, char *editor, char *args, int lineno)
* Sanity checks. * Sanity checks.
*/ */
if (stat(sp->tpath, &sb) < 0) { if (stat(sp->tpath, &sb) < 0) {
warningx("cannot stat temporary file (%s), %s unchanged", warningx(_("cannot stat temporary file (%s), %s unchanged"),
sp->tpath, sp->path); sp->tpath, sp->path);
return FALSE; return FALSE;
} }
if (sb.st_size == 0 && orig_size != 0) { if (sb.st_size == 0 && orig_size != 0) {
warningx("zero length temporary file (%s), %s unchanged", warningx(_("zero length temporary file (%s), %s unchanged"),
sp->tpath, sp->path); sp->tpath, sp->path);
sp->modified = TRUE; sp->modified = TRUE;
return FALSE; return FALSE;
} }
} else { } else {
warningx("editor (%s) failed, %s unchanged", editor, sp->path); warningx(_("editor (%s) failed, %s unchanged"), editor, sp->path);
return FALSE; return FALSE;
} }
@@ -386,7 +386,7 @@ edit_sudoers(struct sudoersfile *sp, char *editor, char *args, int lineno)
if (modified) if (modified)
sp->modified = modified; sp->modified = modified;
else else
warningx("%s unchanged", sp->tpath); warningx(_("%s unchanged"), sp->tpath);
return TRUE; return TRUE;
} }
@@ -410,7 +410,7 @@ reparse_sudoers(char *editor, char *args, int strict, int quiet)
last = tq_last(&sudoerslist); last = tq_last(&sudoerslist);
fp = fopen(sp->tpath, "r+"); fp = fopen(sp->tpath, "r+");
if (fp == NULL) if (fp == NULL)
errorx(1, "can't re-open temporary file (%s), %s unchanged.", errorx(1, _("can't re-open temporary file (%s), %s unchanged."),
sp->tpath, sp->path); sp->tpath, sp->path);
/* Clean slate for each parse */ /* Clean slate for each parse */
@@ -420,7 +420,7 @@ reparse_sudoers(char *editor, char *args, int strict, int quiet)
/* Parse the sudoers temp file */ /* Parse the sudoers temp file */
yyrestart(fp); yyrestart(fp);
if (yyparse() && !parse_error) { if (yyparse() && !parse_error) {
warningx("unabled to parse temporary file (%s), unknown error", warningx(_("unabled to parse temporary file (%s), unknown error"),
sp->tpath); sp->tpath);
parse_error = TRUE; parse_error = TRUE;
errorfile = sp->path; errorfile = sp->path;
@@ -455,7 +455,7 @@ reparse_sudoers(char *editor, char *args, int strict, int quiet)
} }
} }
if (sp == NULL) if (sp == NULL)
errorx(1, "internal error, can't find %s in list!", sudoers); errorx(1, _("internal error, can't find %s in list!"), sudoers);
} }
/* If any new #include directives were added, edit them too. */ /* If any new #include directives were added, edit them too. */
@@ -490,23 +490,23 @@ install_sudoers(struct sudoersfile *sp, int oldperms)
#else #else
if (stat(sp->path, &sb) == -1) if (stat(sp->path, &sb) == -1)
#endif #endif
error(1, "can't stat %s", sp->path); error(1, _("can't stat %s"), sp->path);
if (chown(sp->tpath, sb.st_uid, sb.st_gid) != 0) { if (chown(sp->tpath, sb.st_uid, sb.st_gid) != 0) {
warning("unable to set (uid, gid) of %s to (%d, %d)", warning(_("unable to set (uid, gid) of %s to (%d, %d)"),
sp->tpath, sb.st_uid, sb.st_gid); sp->tpath, sb.st_uid, sb.st_gid);
} }
if (chmod(sp->tpath, sb.st_mode & 0777) != 0) { if (chmod(sp->tpath, sb.st_mode & 0777) != 0) {
warning("unable to change mode of %s to 0%o", sp->tpath, warning(_("unable to change mode of %s to 0%o"), sp->tpath,
(sb.st_mode & 0777)); (sb.st_mode & 0777));
} }
} else { } else {
if (chown(sp->tpath, SUDOERS_UID, SUDOERS_GID) != 0) { if (chown(sp->tpath, SUDOERS_UID, SUDOERS_GID) != 0) {
warning("unable to set (uid, gid) of %s to (%d, %d)", warning(_("unable to set (uid, gid) of %s to (%d, %d)"),
sp->tpath, SUDOERS_UID, SUDOERS_GID); sp->tpath, SUDOERS_UID, SUDOERS_GID);
return FALSE; return FALSE;
} }
if (chmod(sp->tpath, SUDOERS_MODE) != 0) { if (chmod(sp->tpath, SUDOERS_MODE) != 0) {
warning("unable to change mode of %s to 0%o", sp->tpath, warning(_("unable to change mode of %s to 0%o"), sp->tpath,
SUDOERS_MODE); SUDOERS_MODE);
return FALSE; return FALSE;
} }
@@ -523,7 +523,7 @@ install_sudoers(struct sudoersfile *sp, int oldperms)
} else { } else {
if (errno == EXDEV) { if (errno == EXDEV) {
char *av[4]; char *av[4];
warningx("%s and %s not on the same file system, using mv to rename", warningx(_("%s and %s not on the same file system, using mv to rename"),
sp->tpath, sp->path); sp->tpath, sp->path);
/* Build up argument vector for the command */ /* Build up argument vector for the command */
@@ -537,7 +537,7 @@ install_sudoers(struct sudoersfile *sp, int oldperms)
/* And run it... */ /* And run it... */
if (run_command(_PATH_MV, av)) { if (run_command(_PATH_MV, av)) {
warningx("command failed: '%s %s %s', %s unchanged", warningx(_("command failed: '%s %s %s', %s unchanged"),
_PATH_MV, sp->tpath, sp->path, sp->path); _PATH_MV, sp->tpath, sp->path, sp->path);
(void) unlink(sp->tpath); (void) unlink(sp->tpath);
efree(sp->tpath); efree(sp->tpath);
@@ -547,7 +547,7 @@ install_sudoers(struct sudoersfile *sp, int oldperms)
efree(sp->tpath); efree(sp->tpath);
sp->tpath = NULL; sp->tpath = NULL;
} else { } else {
warning("error renaming %s, %s unchanged", sp->tpath, sp->path); warning(_("error renaming %s, %s unchanged"), sp->tpath, sp->path);
(void) unlink(sp->tpath); (void) unlink(sp->tpath);
return FALSE; return FALSE;
} }
@@ -658,14 +658,14 @@ run_command(char *path, char **argv)
switch (pid = fork()) { switch (pid = fork()) {
case -1: case -1:
error(1, "unable to run %s", path); error(1, _("unable to run %s"), path);
break; /* NOTREACHED */ break; /* NOTREACHED */
case 0: case 0:
sudo_endpwent(); sudo_endpwent();
sudo_endgrent(); sudo_endgrent();
closefrom(STDERR_FILENO + 1); closefrom(STDERR_FILENO + 1);
execv(path, argv); execv(path, argv);
warning("unable to run %s", path); warning(_("unable to run %s"), path);
_exit(127); _exit(127);
break; /* NOTREACHED */ break; /* NOTREACHED */
} }
@@ -690,13 +690,13 @@ check_syntax(char *sudoers_path, int quiet, int strict)
sudoers_path = "stdin"; sudoers_path = "stdin";
} else if ((yyin = fopen(sudoers_path, "r")) == NULL) { } else if ((yyin = fopen(sudoers_path, "r")) == NULL) {
if (!quiet) if (!quiet)
warning("unable to open %s", sudoers_path); warning(_("unable to open %s"), sudoers_path);
exit(1); exit(1);
} }
init_parser(sudoers_path, quiet); init_parser(sudoers_path, quiet);
if (yyparse() && !parse_error) { if (yyparse() && !parse_error) {
if (!quiet) if (!quiet)
warningx("failed to parse %s file, unknown error", sudoers_path); warningx(_("failed to parse %s file, unknown error"), sudoers_path);
parse_error = TRUE; parse_error = TRUE;
errorfile = sudoers_path; errorfile = sudoers_path;
} }
@@ -772,7 +772,7 @@ open_sudoers(const char *path, int doedit, int *keepopen)
return NULL; return NULL;
} }
if (!lock_file(entry->fd, SUDO_TLOCK)) if (!lock_file(entry->fd, SUDO_TLOCK))
errorx(1, "%s busy, try again later", entry->path); errorx(1, _("%s busy, try again later"), entry->path);
if ((fp = fdopen(entry->fd, "r")) == NULL) if ((fp = fdopen(entry->fd, "r")) == NULL)
error(1, "%s", entry->path); error(1, "%s", entry->path);
tq_append(&sudoerslist, entry); tq_append(&sudoerslist, entry);
@@ -815,7 +815,7 @@ get_editor(char **args)
} else { } else {
if (def_env_editor) { if (def_env_editor) {
/* If we are honoring $EDITOR this is a fatal error. */ /* If we are honoring $EDITOR this is a fatal error. */
errorx(1, "specified editor (%s) doesn't exist!", UserEditor); errorx(1, _("specified editor (%s) doesn't exist"), UserEditor);
} else { } else {
/* Otherwise, just ignore $EDITOR. */ /* Otherwise, just ignore $EDITOR. */
UserEditor = NULL; UserEditor = NULL;
@@ -838,7 +838,7 @@ get_editor(char **args)
if (stat(UserEditor, &user_editor_sb) != 0) { if (stat(UserEditor, &user_editor_sb) != 0) {
/* Should never happen since we already checked above. */ /* Should never happen since we already checked above. */
error(1, "unable to stat editor (%s)", UserEditor); error(1, _("unable to stat editor (%s)"), UserEditor);
} }
EditorPath = estrdup(def_editor); EditorPath = estrdup(def_editor);
Editor = strtok(EditorPath, ":"); Editor = strtok(EditorPath, ":");
@@ -886,7 +886,7 @@ get_editor(char **args)
/* Bleah, none of the editors existed! */ /* Bleah, none of the editors existed! */
if (Editor == NULL || *Editor == '\0') if (Editor == NULL || *Editor == '\0')
errorx(1, "no editor found (editor path = %s)", def_editor); errorx(1, _("no editor found (editor path = %s)"), def_editor);
} }
*args = EditorArgs; *args = EditorArgs;
return Editor; return Editor;
@@ -1087,7 +1087,7 @@ static void
print_undefined(char *name, int type, int strict, int quiet) print_undefined(char *name, int type, int strict, int quiet)
{ {
if (!quiet) { if (!quiet) {
warningx("%s: %s_Alias `%s' referenced but not defined", warningx(_("%s: %s_Alias `%s' referenced but not defined"),
strict ? "Error" : "Warning", strict ? "Error" : "Warning",
type == HOSTALIAS ? "Host" : type == CMNDALIAS ? "Cmnd" : type == HOSTALIAS ? "Host" : type == CMNDALIAS ? "Cmnd" :
type == USERALIAS ? "User" : type == RUNASALIAS ? "Runas" : type == USERALIAS ? "User" : type == RUNASALIAS ? "Runas" :
@@ -1103,7 +1103,7 @@ print_selfref(name, type, strict, quiet)
int quiet; int quiet;
{ {
if (!quiet) { if (!quiet) {
warningx("%s: %s_Alias `%s' references self", warningx(_("%s: %s_Alias `%s' references self"),
strict ? "Error" : "Warning", strict ? "Error" : "Warning",
type == HOSTALIAS ? "Host" : type == CMNDALIAS ? "Cmnd" : type == HOSTALIAS ? "Host" : type == CMNDALIAS ? "Cmnd" :
type == USERALIAS ? "User" : type == RUNASALIAS ? "Runas" : type == USERALIAS ? "User" : type == RUNASALIAS ? "Runas" :
@@ -1117,7 +1117,7 @@ print_unused(void *v1, void *v2)
struct alias *a = (struct alias *)v1; struct alias *a = (struct alias *)v1;
char *prefix = (char *)v2; char *prefix = (char *)v2;
warningx("%s: unused %s_Alias %s", prefix, warningx(_("%s: unused %s_Alias %s"), prefix,
a->type == HOSTALIAS ? "Host" : a->type == CMNDALIAS ? "Cmnd" : a->type == HOSTALIAS ? "Host" : a->type == CMNDALIAS ? "Cmnd" :
a->type == USERALIAS ? "User" : a->type == RUNASALIAS ? "Runas" : a->type == USERALIAS ? "User" : a->type == RUNASALIAS ? "Runas" :
"Unknown", a->name); "Unknown", a->name);