isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
12,830 Commits 1 Branch 0 Tags
main
Commit Graph

500 Commits

Author SHA1 Message Date
Todd C. Miller
47968912a2 Fix passing of login class back to sudo front end. 2011-03-07 16:55:08 -05:00
Todd C. Miller
e65bc35c6d Fix exit value for validate and list mode. 2011-03-06 15:52:40 -05:00
Todd C. Miller
a0ba308694 Fix non-interactive mode with sudoers plugin. 2011-03-06 15:38:02 -05:00
Todd C. Miller
3c0672e2e3 Allow sudoers file name, mode, uid and gid to be specified in the 
settings list.  The sudo front end does not currently set these
but may in the future.
 2011-02-23 13:38:52 -05:00
Todd C. Miller
ae2f7638f5 standardize on "return foo;" rather than "return(foo);" or "return (foo);" 2011-01-24 15:15:18 -05:00
Todd C. Miller
3316ac8ebc Do not reject sudoers file just because it is root-writable. 2011-01-24 14:25:51 -05:00
Todd C. Miller
f7f8b6867e Update copyright year to 2011 2011-01-20 16:46:56 -05:00
Todd C. Miller
e7a4529cf8 Fix "sudo -g" support in the sudoers module. 2011-01-11 10:42:01 -05:00
Todd C. Miller
1bb3518b33 Add extra out parameter to expand_iolog_path() to allow the caller 
to split the path into dir and file components if needed.
 2010-12-31 09:55:40 -05:00
Todd C. Miller
25036d7a75 Pass a single I/O log file name in command_details instead of 
separate dir + file parameters.
 2010-12-30 17:09:01 -05:00
Todd C. Miller
97b7ae8892 If no iolog file is specified by the policy plugin, use io_nextid() 
to determine the next file in the sequence.
 2010-12-29 11:07:45 -05:00
Todd C. Miller
02ed3d5b3e Add support for the iolog_compress variable in command_info. 2010-12-28 12:23:18 -05:00
Todd C. Miller
bff14f60e6 Add sigsetjmp() calls to all plugin entry points just to be safe. 2010-12-28 11:02:12 -05:00
Todd C. Miller
fba58fa3f7 Allow sudoers to specify the iolog file in addition to the iolog dir. 
Add escape sequence support to iolog file and dir: sequence number,
    user, group, runas_user, runas_group, hostname and command in
    addition to any escape sequence recognized by strftime(3).
 2010-12-27 12:18:32 -05:00
Todd C. Miller
5d59c10b95 Give the policy module fine-grained control over what the I/O plugin 
logs.
 2010-12-21 17:43:18 -05:00
Todd C. Miller
a10f216797 Adapt plugins to version I/O logging ABI 1.1 2010-12-20 16:28:20 -05:00
Todd C. Miller
4527bdd9b4 Use %u to print uid/gid, not %lu and adjust casts to match. 2010-11-30 15:21:36 -05:00
Todd C. Miller
8f4b215216 create_admin_success_flag() should use restore_perms() rather than 
set_perms() to restore the uid.
 2010-11-23 07:34:22 -05:00
Todd C. Miller
5536ea49f6 Call plugin_cleanup(), not cleanup() 2010-11-12 13:02:15 -05:00
Todd C. Miller
93d2420de9 Fix complilation on systems with set_auth_parameters() 
Sprinkle volatile to quiet warnings from gcc 2.8.0
 2010-10-12 10:47:16 -04:00
Todd C. Miller
6b4fe798d5 Move set_project() from sudoers module into sudo proper. 2010-10-01 13:52:42 -04:00
Todd C. Miller
f538ed4e35 Add dlopen() emulation for systems without it. 
For HP-UX 10, emulate using shl_load().
For others, link sudoers plugin statically and use a lookup
table to emulate dlsym().
 2010-09-26 17:41:35 -04:00
Todd C. Miller
53f9cfe062 In login mode, make a copy of the runas user's pw_shell for NewArgv[0] 
because 1) we modify it and 2) it will runas_pw gets freed before exec.
 2010-09-14 11:30:28 -04:00
Todd C. Miller
e069b74dc8 Convert sudoers plugin to use interface list passed in settings. 2010-09-08 15:07:40 -04:00
Todd C. Miller
1d37ab560a Always fill in NewArgv for audit code. 2010-09-07 17:59:10 -04:00
Todd C. Miller
e7d56e16e2 Do not set both MODE_EDIT and MODE_RUN 2010-09-04 08:41:42 -04:00
Todd C. Miller
256ee25ab5 Move get_auth() into check.c where it is actually used. 2010-08-21 08:48:35 -04:00
Todd C. Miller
129cf8d992 sudoers.h includes sudo_plugin.h for us 2010-08-10 16:36:54 -04:00
Todd C. Miller
8dd8aa000e Remove some obsolete configure tests, ancient Unix systems are no 
longer supported.
 2010-08-10 13:44:05 -04:00
Todd C. Miller
cb1848fab1 Retain final passwd/group refs until the policy close() function. 
Note that this doesn't get called in all cases so putting
this in a cleanup function is probably better.
 2010-08-06 13:54:35 -04:00
Todd C. Miller
26526e667f delref sudo_user.pw, runas_pw and runas_gr immediately before we return. 2010-08-06 12:07:03 -04:00
Todd C. Miller
0186018d3d Reference count cached passwd and group structs. The cache holds 
one reference itself and another is added by sudo_getgr{gid,nam}
and sudo_getpw{uid,nam}.  The final ref on the runas and user passwd
and group structs are persistent for now.
 2010-08-04 09:58:50 -04:00
Todd C. Miller
6d0395ee68 Add support for Ubuntu admin flag file and enable it when building 
Ubuntu packages.
 2010-07-28 16:34:11 -04:00
Todd C. Miller
f7f65cfb95 Check return value of setdefs() but don't stop setting defaults if 
we hit an unknown one.
 2010-07-19 12:53:25 -04:00
Todd C. Miller
482f9cfc83 Handle getcwd() failure. 2010-07-14 14:17:56 -04:00
Todd C. Miller
d9de7b5f8e Add support for a sudo-i pam.d file to be used for "sudo -i". 
Adapted from a RedHat patch.
 2010-07-12 17:57:53 -04:00
Todd C. Miller
e6b48d415c Replace built-in non-unix group support with a sudoers group plugin. 
Include a sample plugin that can read Unix-format group files.
 2010-07-02 11:11:25 -04:00
Todd C. Miller
30fe4a067c Set usrinfo for AIX 
Set adminstrative domain for the process when looking up user's
    password or group info and when preparing for execve().
Include strings.h even if string.h exists since they may define
    different things.  Fixes warnings on AIX and others.
 2010-06-29 13:08:05 -04:00
Todd C. Miller
189b43fed3 Defer call to sudo_nonunix_groupcheck_cleanup() until after we have 
closed the sudoers sources.  From Quest sudo.
 2010-06-25 10:05:51 -04:00
Todd C. Miller
d1bf11db33 Call set_fqdn() after sudoers has parsed instead of inline as a callback. 2010-06-18 17:47:55 -04:00
Todd C. Miller
d79b0ece15 Do not call set_fqdn() until sudoers parses (where is gets run as a callback). 2010-06-18 17:25:59 -04:00
Todd C. Miller
1fbb1819e7 Use sudo_printf for I/O log version 
Clarify policy plugin version string
 2010-06-10 14:24:06 -04:00
Todd C. Miller
eec336115a Move askpass path specification from sudoers to sudo.conf. 2010-06-09 17:40:44 -04:00
Todd C. Miller
bcaf51ce62 Fix setting selinux type on command line. 2010-06-08 17:10:27 -04:00
Todd C. Miller
afa3589d52 For sudoedit, make a local copy of editor string si become part of 
argv.  If no editor environment variable, split def_editor on ':'
since it may be a colon-delimited path.
 2010-06-04 12:17:19 -04:00
Todd C. Miller
2ee7524101 Add casts to quiet compiler warnings. 2010-06-01 09:54:03 -04:00
Todd C. Miller
2dd29bf64d Break sudoers transcript feature up into log_input and log_output. 2010-05-30 10:31:38 -04:00
Todd C. Miller
b6f02f38c0 Make sudoers_io functions static to iolog.c 2010-05-29 10:43:34 -04:00
Todd C. Miller
e952c8c7ff Eliminate unused variables 2010-05-28 13:21:56 -04:00
Todd C. Miller
d2d68aa24d Re-enable cleanup functions in sudoers plugin and sudo driver 
for error()/errorx().
 2010-05-28 12:15:14 -04:00