isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

If -f flag given use the permissions of the original file as a template

Browse Source
This commit is contained in:
Todd C. Miller
2007-09-01 13:34:41 +00:00
parent cbe6be8f8f
commit dee39f572f
1 changed files with 30 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
visudo.c
View File

@@ -108,7 +108,7 @@ static char whatnow __P((void));
static int check_aliases __P((int)); static int check_aliases __P((int));
static int check_syntax __P((char *, int)); static int check_syntax __P((char *, int));
static int edit_sudoers __P((struct sudoersfile *, char *, char *, int)); static int edit_sudoers __P((struct sudoersfile *, char *, char *, int));
static int install_sudoers __P((struct sudoersfile *)); static int install_sudoers __P((struct sudoersfile *, int));
static int print_unused __P((void *, void *)); static int print_unused __P((void *, void *));
static int reparse_sudoers __P((char *, char *, int, int)); static int reparse_sudoers __P((char *, char *, int, int));
static int run_command __P((char *, char **)); static int run_command __P((char *, char **));
@@ -148,7 +148,7 @@ main(argc, argv)
{ {
struct sudoersfile *sp; struct sudoersfile *sp;
char *args, *editor, *sudoers_path; char *args, *editor, *sudoers_path;
int ch, checkonly, quiet, strict; int ch, checkonly, quiet, strict, oldperms;
Argv = argv; Argv = argv;
if ((Argc = argc) < 1) if ((Argc = argc) < 1)
@@ -157,7 +157,7 @@ main(argc, argv)
/* /*
* Arg handling. * Arg handling.
*/ */
checkonly = quiet = strict = 0; checkonly = oldperms = quiet = strict = FALSE;
sudoers_path = _PATH_SUDOERS; sudoers_path = _PATH_SUDOERS;
while ((ch = getopt(argc, argv, "Vcf:sq")) != -1) { while ((ch = getopt(argc, argv, "Vcf:sq")) != -1) {
switch (ch) { switch (ch) {
@@ -169,6 +169,7 @@ main(argc, argv)
break; break;
case 'f': case 'f':
sudoers_path = optarg; /* sudoers file path */ sudoers_path = optarg; /* sudoers file path */
oldperms = TRUE;
break; break;
case 's': case 's':
strict++; /* strict mode */ strict++; /* strict mode */
@@ -229,7 +230,7 @@ main(argc, argv)
if (!sp->modified) if (!sp->modified)
(void) unlink(sp->tpath); (void) unlink(sp->tpath);
else else
(void) install_sudoers(sp); (void) install_sudoers(sp, oldperms);
} }
exit(0); exit(0);
@@ -464,21 +465,37 @@ reparse_sudoers(editor, args, strict, quiet)
* move it into place. Returns TRUE on success, else FALSE. * move it into place. Returns TRUE on success, else FALSE.
*/ */
static int static int
install_sudoers(sp) install_sudoers(sp, oldperms)
struct sudoersfile *sp; struct sudoersfile *sp;
int oldperms;
{ {
struct stat sb;
/* /*
* Change mode and ownership of temp file so when * Change mode and ownership of temp file so when
* we move it to sp->path things are kosher. * we move it to sp->path things are kosher.
*/ */
if (chown(sp->tpath, SUDOERS_UID, SUDOERS_GID) != 0) { if (oldperms) {
warning("unable to set (uid, gid) of %s to (%d, %d)", /* Use perms of the existing file. */
sp->tpath, SUDOERS_UID, SUDOERS_GID); #ifdef HAVE_FSTAT
return(FALSE); if (fstat(sp->fd, &sb) == -1)
} #else
if (chmod(sp->tpath, SUDOERS_MODE) != 0) { if (stat(sp->path, &sb) == -1)
warning("unable to change mode of %s to 0%o", sp->tpath, SUDOERS_MODE); #endif
return(FALSE); error(1, "can't stat %s", sp->path);
(void) chown(sp->tpath, sb.st_uid, sb.st_gid);
(void) chmod(sp->tpath, sb.st_mode & 0777);
} else {
if (chown(sp->tpath, SUDOERS_UID, SUDOERS_GID) != 0) {
warning("unable to set (uid, gid) of %s to (%d, %d)",
sp->tpath, SUDOERS_UID, SUDOERS_GID);
return(FALSE);
}
if (chmod(sp->tpath, SUDOERS_MODE) != 0) {
warning("unable to change mode of %s to 0%o", sp->tpath,
SUDOERS_MODE);
return(FALSE);
}
} }
/* /*