Use setpassent() and setgroupent() on systems that support it to
keep the passwd and group database open. Sudo does a lot of passwd and group lookups so it can be beneficial to just leave the file open.
This commit is contained in:
Todd C. Miller
@@ -603,9 +603,15 @@
|
|||||||
/* Define to 1 if you have the `seteuid' function. */
|
/* Define to 1 if you have the `seteuid' function. */
|
||||||
#undef HAVE_SETEUID
|
#undef HAVE_SETEUID
|
||||||
|
|
||||||
|
/* Define to 1 if you have the `setgroupent' function. */
|
||||||
|
#undef HAVE_SETGROUPENT
|
||||||
|
|
||||||
/* Define to 1 if you have the `setkeycreatecon' function. */
|
/* Define to 1 if you have the `setkeycreatecon' function. */
|
||||||
#undef HAVE_SETKEYCREATECON
|
#undef HAVE_SETKEYCREATECON
|
||||||
|
|
||||||
|
/* Define to 1 if you have the `setpassent' function. */
|
||||||
|
#undef HAVE_SETPASSENT
|
||||||
|
|
||||||
/* Define to 1 if you have the `setprogname' function. */
|
/* Define to 1 if you have the `setprogname' function. */
|
||||||
#undef HAVE_SETPROGNAME
|
#undef HAVE_SETPROGNAME
|
||||||
|
|
||||||
|
|||||||
12
configure
vendored
12
configure
vendored
@@ -20915,6 +20915,18 @@ esac
|
|||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
|
|
||||||
|
for ac_func in setpassent setgroupent
|
||||||
|
do :
|
||||||
|
as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
|
||||||
|
ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
|
||||||
|
if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
|
||||||
|
cat >>confdefs.h <<_ACEOF
|
||||||
|
#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
|
||||||
|
_ACEOF
|
||||||
|
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
if test X"$with_noexec" != X"no"; then
|
if test X"$with_noexec" != X"no"; then
|
||||||
# Check for non-standard exec functions
|
# Check for non-standard exec functions
|
||||||
for ac_func in exect execvP execvpe
|
for ac_func in exect execvP execvpe
|
||||||
|
|||||||
@@ -2776,6 +2776,10 @@ AC_CHECK_FUNCS([vsyslog], [], [
|
|||||||
COMPAT_TEST_PROGS="${COMPAT_TEST_PROGS}${COMPAT_TEST_PROGS+ }vsyslog_test"
|
COMPAT_TEST_PROGS="${COMPAT_TEST_PROGS}${COMPAT_TEST_PROGS+ }vsyslog_test"
|
||||||
])
|
])
|
||||||
dnl
|
dnl
|
||||||
|
dnl 4.4BSD-based systems can force the password or group file to be held open
|
||||||
|
dnl
|
||||||
|
AC_CHECK_FUNCS([setpassent setgroupent])
|
||||||
|
dnl
|
||||||
dnl Function checks for sudo_noexec
|
dnl Function checks for sudo_noexec
|
||||||
dnl
|
dnl
|
||||||
if test X"$with_noexec" != X"no"; then
|
if test X"$with_noexec" != X"no"; then
|
||||||
|
|||||||
13
src/sudo.c
13
src/sudo.c
@@ -508,6 +508,19 @@ get_user_info(struct user_details *ud)
|
|||||||
int fd;
|
int fd;
|
||||||
debug_decl(get_user_info, SUDO_DEBUG_UTIL)
|
debug_decl(get_user_info, SUDO_DEBUG_UTIL)
|
||||||
|
|
||||||
|
/*
|
||||||
|
* On BSD systems you can set a hint to keep the password and
|
||||||
|
* group databases open instead of having to open and close
|
||||||
|
* them all the time. Since sudo does a lot of password and
|
||||||
|
* group lookups, keeping the file open can speed things up.
|
||||||
|
*/
|
||||||
|
#ifdef HAVE_SETPASSENT
|
||||||
|
setpassent(1);
|
||||||
|
#endif /* HAVE_SETPASSENT */
|
||||||
|
#ifdef HAVE_SETGROUPENT
|
||||||
|
setgroupent(1);
|
||||||
|
#endif /* HAVE_SETGROUPENT */
|
||||||
|
|
||||||
memset(ud, 0, sizeof(*ud));
|
memset(ud, 0, sizeof(*ud));
|
||||||
|
|
||||||
/* XXX - bound check number of entries */
|
/* XXX - bound check number of entries */
|
||||||
|
|||||||
Reference in New Issue
Block a user