isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add support for runas groups. This allows the user to run a command

Browse Source 
with a different effective group.  If the -g option is specified
without -u the command will be run as the current user (only the
group will change).  the -g and -u options may be used together.
TODO: implement runas group for ldap
      improve runas group documentation
      add testsudoers support
This commit is contained in:
Todd C. Miller
2007-11-21 20:12:00 +00:00
parent bfd781ff65
commit f9f4aca556
28 changed files with 1446 additions and 1061 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
logging.c
View File

@@ -314,10 +314,12 @@ log_auth(status, inform_user)
user_name, user_shost);
else
(void) fprintf(stderr,
"Sorry, user %s is not allowed to execute '%s%s%s' as %s on %s.\n",
"Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n",
user_name, user_cmnd, user_args ? " " : "",
user_args ? user_args : "",
list_pw ? list_pw->pw_name : *user_runas, user_host);
list_pw ? list_pw->pw_name : runas_pw ?
runas_pw->pw_name : user_name, runas_gr ? ":" : "",
runas_gr ? runas_gr->gr_name : "", user_host);
}
/*
@@ -633,7 +635,10 @@ new_logline(message, serrno)
}
len += sizeof(LL_TTY_STR) + 2 + strlen(user_tty);
len += sizeof(LL_CWD_STR) + 2 + strlen(user_cwd);
len += sizeof(LL_USER_STR) + 2 + strlen(*user_runas);
if (runas_pw != NULL)
len += sizeof(LL_USER_STR) + 2 + strlen(runas_pw->pw_name);
if (runas_gr != NULL)
len += sizeof(LL_GROUP_STR) + 2 + strlen(runas_gr->gr_name);
if (sudo_user.env_vars != NULL) {
size_t evlen = 0;
struct list_member *cur;
@@ -675,10 +680,18 @@ new_logline(message, serrno)
strlcat(line, user_cwd, len) >= len ||
strlcat(line, " ; ", len) >= len)
goto toobig;
if (strlcat(line, LL_USER_STR, len) >= len ||
strlcat(line, *user_runas, len) >= len ||
strlcat(line, " ; ", len) >= len)
goto toobig;
if (runas_pw != NULL) {
if (strlcat(line, LL_USER_STR, len) >= len ||
strlcat(line, runas_pw->pw_name, len) >= len ||
strlcat(line, " ; ", len) >= len)
goto toobig;
}
if (runas_gr != NULL) {
if (strlcat(line, LL_GROUP_STR, len) >= len ||
strlcat(line, runas_gr->gr_name, len) >= len ||
strlcat(line, " ; ", len) >= len)
goto toobig;
}
if (evstr != NULL) {
if (strlcat(line, LL_ENV_STR, len) >= len ||
strlcat(line, evstr, len) >= len ||