isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7,831 Commits 1 Branch 0 Tags
02aa57c16916c182833bd4fe2d977bcd5cc9f7c7
Commit Graph

111 Commits

Author SHA1 Message Date
Todd C. Miller
fa3552fa76 Create template tmpfiles.d/sudo.conf for installation instead of 
creating one via echo commands in the Makefile.

Add --enable-tmpfiles.d configure option to enable/disable use of
tmpfiles.d and override the default directory.

Use --disable-tmpfiles.d in mkpkg so we no longer need to ignore
tmpfiles.d/sudo.conf in sudo.pp.
 2015-04-07 15:35:01 -06:00
Todd C. Miller
d297f5fd84 Make exampledir configurable and default to DATAROOTDIR/examples/sudo 
on BSD systems.
 2015-04-06 15:10:26 -06:00
Todd C. Miller
5cfd0cff9c Add --disable-weak-symbols option to disable use of weak symbols 
in libsudo_util.
 2015-03-05 14:43:06 -07:00
Todd C. Miller
35dcb05a5f Fix symbol name collision with systems that have their own sha2 
implementation.  This can result in PAM using the wrong sha2
implementation on Solaris systems configured to use SHA512 for
passwords.
 2015-03-05 12:27:26 -07:00
Todd C. Miller
a7edf7d984 Remove compat/utime.h, it was only useful for ancient systems that 
are no longer capable of compiling sudo.
 2015-03-03 16:57:55 -07:00
Todd C. Miller
1592192cef Link libsudo_util with -lrt on systems where clock_gettime is in -lrt. 2015-03-02 16:05:57 -07:00
Todd C. Miller
ee72cba937 Use futimens() and utimensat() instead of futimes() and utimes(). 2015-03-02 13:58:50 -07:00
Todd C. Miller
083f59a75c Only substiture init.d scripts that we are going to use. 2015-02-26 09:19:08 -07:00
Todd C. Miller
5d2e9426b2 We cannot (easily) use clock_gettime(CLOCK_MONOTONIC) directly as 
it may be present but not implemented.  Add sudo_gettime_real() and
sudo_gettime_mono() functions to get the real and monotonic times
respectively.  Now sudo_gettime_mono() checks the value of
sysconf(_SC_MONOTONIC_CLOCK) before calling clock_gettime(CLOCK_MONOTONIC)
and falls back on sudo_gettime_real() as needed.  The Mach version
of sudo_gettime_mono() uses mach_absolute_time().

This should fix problems with timestamp files on systems where
the CLOCK_MONOTONIC is defined but not actually implemented.
 2015-02-24 11:19:21 -07:00
Todd C. Miller
e11f32fd42 On AIX use the value of auth_type in /etc/security/login.cfg to 
determine whether to use LAM or PAM unless the user specified the
--with-pam or --with-aixauth configure flags.
 2015-02-23 11:12:43 -07:00
Todd C. Miller
b5831d55d8 Update snprintf.c from OpenBSD. The floating point and wide character 
code has been retained but is not compiled by default.
 2015-02-21 16:52:14 -07:00
Todd C. Miller
49128a79e3 Add regress for mkdtemp and mkstemps from OpenBSD 2015-02-20 14:37:02 -07:00
Todd C. Miller
f9af2bc99e Correct SECURE_PATH comment. 2015-02-20 06:30:41 -07:00
Todd C. Miller
93b52daaba Sudo 1.8.13 2015-02-20 06:29:41 -07:00
Todd C. Miller
be8dbeb22e Avoid using HOST_NAME_MAX directly and use sysconf(_SC_HOST_NAME_MAX) 
instead.
 2015-02-19 20:28:02 -07:00
Todd C. Miller
96eddddc12 Almost no systems actually define OPEN_MAX since it is dynamic on 
modern OSes.  If sysconf(_SC_OPEN_MAX) ever fails, fall back on
_POSIX_OPEN_MAX instead.  We can assume modern systems have sysconf().
Also remove checks for strrchr() and strtoll() for which the HAVE_*
defines are no longer used.
 2015-02-19 09:59:25 -07:00
Todd C. Miller
166db8eeb4 Use weak symbols for sudo_warn_gettext() and sudo_warn_strerror() 
so distros using "-Wl,--no-undefined" in LDFLAGS don't run into
problems.
 2015-02-17 06:42:10 -07:00
Todd C. Miller
3eb9a854d8 Add check for getresuid() declaration, which may be missing on HP-UX. 
When checking for getdomainname() prototype, look in netdb.h too.
 2015-02-06 11:33:30 -07:00
Todd C. Miller
c3c28773f5 Sanity check the TZ environment variable by special casing it in 
env_check.  The --with-tzdir configure option can be used to
specify the zoneinfo directory if configure doesn't find it.
 2015-02-06 11:01:05 -07:00
Todd C. Miller
88f79588e0 Remove configure checks for strrchr() and strtoll() for which the 
HAVE_* defines are no longer used.
 2015-02-05 11:17:22 -07:00
Todd C. Miller
a3435e7d12 Require POSIX regular expression support for sudoreplay. 2015-02-05 11:16:06 -07:00
Todd C. Miller
1bb633a210 Check whether getdomainname(), innetgr(), setresuid() and setresgid() 
are declared and add prototypes in sudo_compat.h as needed.
 2015-02-05 11:08:55 -07:00
Todd C. Miller
a9bf105eda Use stdint.h to get SIZE_MAX as inttypes.h on some pre-C99 HP-UX 
systems doesn't include stdint.h itself.
 2015-02-03 10:00:30 -07:00
Todd C. Miller
a17d562fdb SIZE_MAX may be in limits.h on pre-C99 compilers. 2015-02-03 07:33:26 -07:00
Todd C. Miller
f2a554f297 Add missing prototypes for usrinfo() and setauthdb() for AIX. 2015-02-03 07:33:25 -07:00
Todd C. Miller
536c83cec3 Solaris uses sysinfo(SI_SRPC_DOMAIN) instead of getdomainname() to 
get the host's NIS domain.
 2015-02-03 07:33:24 -07:00
Todd C. Miller
7fdbbf16a4 Remove AC_PROG_GCC_TRADITIONAL and add AC_PROG_CC_STDC since we 
need C99.
 2015-02-02 20:10:50 -07:00
Todd C. Miller
109a866fb5 We need to add OSDEFS to CFLAGS to expose LLONG_MAX et al on glibc 
when not explicitly asking for c99.
 2015-02-02 15:36:12 -07:00
Todd C. Miller
bb19428fce Fix check for SIZE_MAX, which should be in stdint.h not limits.h. 2015-02-02 14:36:38 -07:00
Todd C. Miller
f80ffcc917 Use AC_CHECK_HEADERS_ONCE and AC_CHECK_FUNCS_ONCE where 
possible and quote the first args in AC_CHECK_FUNCS calls.
 2015-01-15 21:00:01 -07:00
Todd C. Miller
55a34e6941 Avoid inadvertantly defining things like PATH_MAX simply because 
the source file doesn't include limits.h.
 2015-01-15 17:01:30 -07:00
Todd C. Miller
2040d4dde5 Use arc4random() for mkstemp/mkdtemp if available. If not, try to 
seed from /dev/urandom before falling back to the gettimeofday seed.
 2014-10-31 06:57:19 -06:00
Todd C. Miller
ccc210eddb If a system lacks mkdtemp() or mkstemps(), use our own mkdtemp() 
and mkstemps().  Previously we only exposed the missing one but
since the guts are the same we might as well use them.
 2014-10-29 13:03:39 -06:00
Todd C. Miller
0982f7838b Use AC_PROG_AWK 2014-10-27 14:54:13 -06:00
Todd C. Miller
9a9e865375 Add support for installing a shared zlib 2014-10-27 14:39:07 -06:00
Todd C. Miller
7c295e40d4 Newer zlib uses HAVE_HIDDEN to turn on symbol hiding so we don't 
need to disable it with NO_VIS.
 2014-10-27 14:20:33 -06:00
Todd C. Miller
adfdad9ae0 Version the symbols for sudo_debug.c now that the API is stable. 2014-10-27 05:26:08 -06:00
Todd C. Miller
d5a2d0f2d4 Don't add -Wold-style-definition to CFLAGS as it causes problems 
with 3rd party libraries such as zlib.
 2014-10-24 15:26:21 -06:00
Todd C. Miller
b91a91d289 Move sample.* files to a sudo examples dir 2014-10-24 14:25:12 -06:00
Todd C. Miller
d0cc4d9e4b Fix inet_ntop() replacement on older systems without it. 
We only expose the prototype for net_ifs.c due to the
use of socklen_t.
 2014-10-23 15:44:03 -06:00
Todd C. Miller
fbc54368cc Sudo 1.8.12 2014-10-23 07:29:08 -06:00
Todd C. Miller
a50e72b81b Update for sudo 1.8.11p1 2014-10-07 14:14:43 -06:00
Todd C. Miller
5f9e84ea51 Use inet_ntop() instead of inet_ntoa() and include a version for 
systems that are missing it.
 2014-10-02 07:55:08 -06:00
Todd C. Miller
1d7bab5046 Fix detection of functions in network libs like -lsocket, -lnsl and 
-linet when we have already added those libs to NET_LIBS.
Fixes a problem where inet_pton() was not detected on Solaris.
 2014-10-01 15:42:07 -06:00
Todd C. Miller
0b0481fa36 Instead of building libutil statically for --disable-shared-libutil, 
just treat it as a convenience library.  Do the same with sudoers
for --enable-static-sudoers.  Fixes link errors on Solaris among
others when --disable-shared-libutil is used.
 2014-10-01 14:32:30 -06:00
Todd C. Miller
05d3a4c5e5 Remove LT_LDMAP and LT_LDOPT and just use LT_LDEXPORTS for the 
compiler-specific option to restrict symbol exporting.
 2014-10-01 13:24:57 -06:00
Todd C. Miller
496c2e287b Add a space after "Password:" in default password prompt so it is 
easier to read when pwfeedback is enabled.
 2014-09-27 10:24:19 -06:00
Todd C. Miller
0660d88b2b Remove Convex support; it is not modern enough to run sudo 1.8. 2014-09-27 10:16:26 -06:00
Todd C. Miller
27943df344 Only check for -lshadow if we haven't already found getspnam() in 
libc.  Rather than treat this specially, just add -lshadow as another
place to search in addition to -lgen.
 2014-09-27 10:13:28 -06:00
Todd C. Miller
1073df76c6 Fix version for release. 2014-09-23 11:00:32 -06:00