isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
12,830 Commits 1 Branch 0 Tags
main
Commit Graph

69 Commits

Author SHA1 Message Date
Todd C. Miller
ef2cff1d33 Now that we have proper number parsing functions we should store 
T_UINT defaults values as unsigned int, not int.
 2013-12-11 14:43:04 -07:00
Todd C. Miller
99b7351de0 Fix some #if vs. #ifdef and remove an extraneous semicolon. 
Bug #624; from Daniel Richard G.
 2013-11-17 16:15:36 -07:00
Todd C. Miller
0f091f478b Add __printflike to audit_failure. 2013-08-18 14:21:29 -06:00
Todd C. Miller
d6282d154a Update copyright years. 2013-04-24 09:35:02 -04:00
Todd C. Miller
1162b55040 Rename log_error() -> log_warning() for consistency with warning()/fatal() 2013-04-18 14:14:03 -04:00
Todd C. Miller
a803b4d2ec Change multiple inclusion guards to be _SUDOERS_FOO_H 2013-03-25 11:17:46 -04:00
Todd C. Miller
90147bb605 Allow sudoers programs (visudo, sudoreplay, visudo) to use 
plugin_error.c instead of the error.c from the front-end.  This
means sudoers_setlocale() needs to be independent of the sudo_user
struct and the defaults table.  The sudoers locale is now updated
via a callback.
 2012-11-25 09:33:52 -05:00
Todd C. Miller
336021a9c0 Fix compilation on systems w/o setlocale() 2012-11-12 05:36:43 -05:00
Todd C. Miller
a0c53bd751 Call gettext inside log_error et al instead of having the caller do it. This way we can display any messages to the user in their own locale but log in the sudoers local. 2012-11-08 15:37:44 -05:00
Todd C. Miller
4207589fe2 Add simple locale switching to make it easy to switch from the 
user's locale to the sudoers locale without making excessive
setlocale() calls when we don't need to.
 2012-11-08 15:37:43 -05:00
Todd C. Miller
5d052aeb60 Do not inform the user that the command was not permitted by the 
policy if they do not successfully authenticate.  This is a regression
introduced in sudo 1.8.6.
 2012-11-06 11:19:51 -05:00
Todd C. Miller
8b03f3e7d0 Move log_denial() calls and logic to log_failure(). 
Move authentication failure logging to log_auth_failure().
Both of these call audit_failure() for us.

This subtly changes logging for commands that are denied by sudoers
but where the user failed to enter the correct password.  Previously,
these would be logged as "N incorrect password attempts" but now
are logged as "command not allowed".  Fixes bug #563
 2012-07-10 12:42:33 -04:00
Todd C. Miller
44ce5720de Remove the NO_EXIT flag to log_error() and add a log_fatal() function 
that exits and is marked no_return.  Fixes false positives from
static analyzers and is easier for humans to read too.
 2012-03-26 10:59:14 -04:00
Todd C. Miller
f90731596a Split out log file word wrap code into its own file and add unit 
tests.  Fixes an off-by one in the word wrap when the log line
length matches loglinelen.
 2011-07-11 15:22:25 -04:00
Todd C. Miller
2cd108304d Add Linux audit support. 2010-06-16 11:17:02 -04:00
Todd C. Miller
b72a530fd0 Update copyright year 2010-06-14 12:19:49 -04:00
Todd C. Miller
8ae8e8442c Remove use of RETSIGTYPE; all modern systems have signal handlers that 
return void.
 2010-05-21 18:40:04 -04:00
Todd C. Miller
d5ae4c7d87 Kill __P in sudoers 2010-03-17 19:56:27 -04:00
Todd C. Miller
e90fa482f9 Rework source layout in preparation for modular sudo. 2010-02-20 09:14:01 -05:00