isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add keepopen arg to open_sudoers that open_sudoers can use to

Browse Source 
indicate to the caller that the fd should not be closed when it
is done with it.  To be used by visudo to keep locked fds from
being closed prematurely (and thus losing the lock).
This commit is contained in:
Todd C. Miller
2004-09-29 18:36:33 +00:00
parent e9b23cdee1
commit cbcb60b184
5 changed files with 14 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
parse.lex
View File

@@ -523,6 +523,7 @@ buffer_frob(path)
{ {
static size_t stacksize, depth; static size_t stacksize, depth;
static struct sudoers_state *state; static struct sudoers_state *state;
static int keepopen;
FILE *fp; FILE *fp;
if (path != NULL) { if (path != NULL) {
@@ -542,7 +543,7 @@ buffer_frob(path)
return(FALSE); return(FALSE);
} }
} }
if ((fp = open_sudoers(path)) == NULL) { if ((fp = open_sudoers(path, &keepopen)) == NULL) {
yyerror(path); yyerror(path);
return(FALSE); return(FALSE);
} }
@@ -558,12 +559,14 @@ buffer_frob(path)
if (depth == 0) if (depth == 0)
return(FALSE); return(FALSE);
depth--; depth--;
fclose(YY_CURRENT_BUFFER->yy_input_file); if (!keepopen)
fclose(YY_CURRENT_BUFFER->yy_input_file);
yy_delete_buffer(YY_CURRENT_BUFFER); yy_delete_buffer(YY_CURRENT_BUFFER);
yy_switch_to_buffer(state[depth].bs); yy_switch_to_buffer(state[depth].bs);
free(sudoers); free(sudoers);
sudoers = state[depth].path; sudoers = state[depth].path;
sudolineno = state[depth].lineno; sudolineno = state[depth].lineno;
keepopen = FALSE;
} }
return(TRUE); return(TRUE);
} }

7
sudo.c
View File

@@ -259,7 +259,7 @@ main(argc, argv, envp)
else if (ISSET(validated, VALIDATE_OK) && !printmatches); /* skips */ else if (ISSET(validated, VALIDATE_OK) && !printmatches); /* skips */
else if (ISSET(validated, VALIDATE_OK) && printmatches) else if (ISSET(validated, VALIDATE_OK) && printmatches)
{ {
sudoers_fp = open_sudoers(_PATH_SUDOERS); sudoers_fp = open_sudoers(_PATH_SUDOERS, NULL);
/* User is found in LDAP and we want a list of all sudo commands the /* User is found in LDAP and we want a list of all sudo commands the
* user can do, so consult sudoers but throw away result. * user can do, so consult sudoers but throw away result.
@@ -269,7 +269,7 @@ main(argc, argv, envp)
else else
#endif #endif
{ {
sudoers_fp = open_sudoers(_PATH_SUDOERS); sudoers_fp = open_sudoers(_PATH_SUDOERS, NULL);
/* Validate the user but don't search for pseudo-commands. */ /* Validate the user but don't search for pseudo-commands. */
validated = sudoers_lookup(pwflag); validated = sudoers_lookup(pwflag);
@@ -852,8 +852,9 @@ parse_args(argc, argv)
* Returns a handle to the sudoers file. * Returns a handle to the sudoers file.
*/ */
FILE * FILE *
open_sudoers(sudoers) open_sudoers(sudoers, keepopen)
const char *sudoers; const char *sudoers;
int *keepopen;
{ {
struct stat statbuf; struct stat statbuf;
FILE *fp = NULL; FILE *fp = NULL;

2
sudo.h
View File

@@ -238,7 +238,7 @@ char *sudo_getepw __P((const struct passwd *));
int pam_prep_user __P((struct passwd *)); int pam_prep_user __P((struct passwd *));
void zero_bytes __P((volatile VOID *, size_t)); void zero_bytes __P((volatile VOID *, size_t));
int gettime __P((struct timespec *)); int gettime __P((struct timespec *));
FILE *open_sudoers __P((const char *)); FILE *open_sudoers __P((const char *, int *));
YY_DECL; YY_DECL;
#ifdef HAVE_SYSTRACE #ifdef HAVE_SYSTRACE
void systrace_attach __P((pid_t)); void systrace_attach __P((pid_t));

3
testsudoers.c
View File

@@ -336,8 +336,9 @@ set_runaspw(user)
} }
FILE * FILE *
open_sudoers(path) open_sudoers(path, keepopen)
const char *path; const char *path;
int *keepopen;
{ {
return(fopen(path, "r")); return(fopen(path, "r"));
} }

3
visudo.c
View File

@@ -722,8 +722,9 @@ check_syntax(sudoers_path)
} }
FILE * FILE *
open_sudoers(path) open_sudoers(path, keepopen)
const char *path; const char *path;
int *keepopen;
{ {
FILE *fp; FILE *fp;
struct sudoersfile *newfile; struct sudoersfile *newfile;