Check return value of setdefs() but don't stop setting defaults if
we hit an unknown one.
This commit is contained in:
Todd C. Miller
@@ -505,47 +505,48 @@ init_defaults(void)
|
|||||||
|
|
||||||
/*
|
/*
|
||||||
* Update the defaults based on what was set by sudoers.
|
* Update the defaults based on what was set by sudoers.
|
||||||
* Pass in a an OR'd list of which default types to update.
|
* Pass in an OR'd list of which default types to update.
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
update_defaults(int what)
|
update_defaults(int what)
|
||||||
{
|
{
|
||||||
struct defaults *def;
|
struct defaults *def;
|
||||||
|
int rc = TRUE;
|
||||||
|
|
||||||
tq_foreach_fwd(&defaults, def) {
|
tq_foreach_fwd(&defaults, def) {
|
||||||
switch (def->type) {
|
switch (def->type) {
|
||||||
case DEFAULTS:
|
case DEFAULTS:
|
||||||
if (ISSET(what, SETDEF_GENERIC) &&
|
if (ISSET(what, SETDEF_GENERIC) &&
|
||||||
!set_default(def->var, def->val, def->op))
|
!set_default(def->var, def->val, def->op))
|
||||||
return(FALSE);
|
rc = FALSE;
|
||||||
break;
|
break;
|
||||||
case DEFAULTS_USER:
|
case DEFAULTS_USER:
|
||||||
if (ISSET(what, SETDEF_USER) &&
|
if (ISSET(what, SETDEF_USER) &&
|
||||||
userlist_matches(sudo_user.pw, &def->binding) == ALLOW &&
|
userlist_matches(sudo_user.pw, &def->binding) == ALLOW &&
|
||||||
!set_default(def->var, def->val, def->op))
|
!set_default(def->var, def->val, def->op))
|
||||||
return(FALSE);
|
rc = FALSE;
|
||||||
break;
|
break;
|
||||||
case DEFAULTS_RUNAS:
|
case DEFAULTS_RUNAS:
|
||||||
if (ISSET(what, SETDEF_RUNAS) &&
|
if (ISSET(what, SETDEF_RUNAS) &&
|
||||||
runaslist_matches(&def->binding, NULL) == ALLOW &&
|
runaslist_matches(&def->binding, NULL) == ALLOW &&
|
||||||
!set_default(def->var, def->val, def->op))
|
!set_default(def->var, def->val, def->op))
|
||||||
return(FALSE);
|
rc = FALSE;
|
||||||
break;
|
break;
|
||||||
case DEFAULTS_HOST:
|
case DEFAULTS_HOST:
|
||||||
if (ISSET(what, SETDEF_HOST) &&
|
if (ISSET(what, SETDEF_HOST) &&
|
||||||
hostlist_matches(&def->binding) == ALLOW &&
|
hostlist_matches(&def->binding) == ALLOW &&
|
||||||
!set_default(def->var, def->val, def->op))
|
!set_default(def->var, def->val, def->op))
|
||||||
return(FALSE);
|
rc = FALSE;
|
||||||
break;
|
break;
|
||||||
case DEFAULTS_CMND:
|
case DEFAULTS_CMND:
|
||||||
if (ISSET(what, SETDEF_CMND) &&
|
if (ISSET(what, SETDEF_CMND) &&
|
||||||
cmndlist_matches(&def->binding) == ALLOW &&
|
cmndlist_matches(&def->binding) == ALLOW &&
|
||||||
!set_default(def->var, def->val, def->op))
|
!set_default(def->var, def->val, def->op))
|
||||||
return(FALSE);
|
rc = FALSE;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return(TRUE);
|
return(rc);
|
||||||
}
|
}
|
||||||
|
|
||||||
static int
|
static int
|
||||||
|
|||||||
@@ -227,7 +227,8 @@ sudoers_policy_open(unsigned int version, sudo_conv_t conversation,
|
|||||||
tq_foreach_fwd(snl, nss) {
|
tq_foreach_fwd(snl, nss) {
|
||||||
if (nss->open(nss) == 0 && nss->parse(nss) == 0) {
|
if (nss->open(nss) == 0 && nss->parse(nss) == 0) {
|
||||||
sources++;
|
sources++;
|
||||||
nss->setdefs(nss);
|
if (nss->setdefs(nss) != 0)
|
||||||
|
log_error(NO_STDERR|NO_EXIT, "problem with defaults entries");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (sources == 0) {
|
if (sources == 0) {
|
||||||
|
|||||||
Reference in New Issue
Block a user