isa/sudo - sudo - Subgraph Gitea

isa/sudo

Author	SHA1	Message	Date
Todd C. Miller	acf8af9aac	#unifdef HAVE_SETLOCALE, it is C89 so no need to check for it.	2012-11-12 08:51:58 -05:00
Todd C. Miller	4bd4a91714	Parse sudo.conf in the "C" locale.	2012-11-12 05:42:48 -05:00
Todd C. Miller	595d3b2651	Display warning/error messages in the user's locale.	2012-11-08 15:37:44 -05:00
Todd C. Miller	f8660f9988	Add variants of warn/error and sudo_debug_printf that take a va_list instead of a variable number of args.	2012-11-08 15:37:42 -05:00
Todd C. Miller	1cf3def4be	If vasprintf() fails, just use the errno it sets instead of assuming ENOMEM.	2012-10-02 14:45:18 -04:00
Todd C. Miller	1d90c0ad71	No need to translate "unable to allocate memory" when we can just use the system translation via strerror().	2012-09-17 16:59:26 -04:00
Todd C. Miller	e5257d48d7	Print a trailing newline in lbuf_print() when there is not enough space to do word wrapping and the lbuf does not end with a newline.	2012-09-04 10:42:09 -04:00
Todd C. Miller	241b2395cf	Reduce the number of "internal error, foo overflow" messages that need to be translated.	2012-08-10 12:18:38 -04:00
Todd C. Miller	d89b1a6be2	Support for using SSSD (http://fedorahosted.org/sssd/) as a sudoers data source. From Daniel Kopecek and Pavel Brezina.	2012-08-10 11:59:26 -04:00
Todd C. Miller	a7424cc002	If sudo.conf contains an I/O plugin but no policy plugin, use sudoers for the policy plugin. If a policy plugin is specified without an I/O plugin, only the policy plugin will be loaded.	2012-08-09 14:11:41 -04:00
Todd C. Miller	9c9cf9da41	Do not set a resource limit to zero when we are unable to fetch a value from /etc/security/limits.	2012-07-06 10:10:03 -04:00
Todd C. Miller	f8f0021710	Add configure check for building PIE executables instead of doing it in mkpkg.	2012-07-02 10:12:41 -04:00
Todd C. Miller	9497df293a	Don't run regress tests or sudoers sanity check (using the newly-built visudo) when cross compiling. Bug #560	2012-06-20 13:38:17 -04:00
Todd C. Miller	d29aede203	No longer throw an error if sudoers is a symbolic link. Deprecated the --with-stow option as that is now (effectively) the default.	2012-05-21 13:30:59 -04:00
Todd C. Miller	38ea65203a	Move ttysize.c to common so sudoreplay can use it.	2012-04-06 16:41:08 -04:00
Todd C. Miller	c8ce3a0a85	Log the process id in the debug file output. Since we don't want to keep calling getpid(), stash the value at init time and when we fork().	2012-04-06 15:20:16 -04:00
Todd C. Miller	abdff25703	Always pass __func__, __FILE__ and __LINE__ in sudo_debug_printf() and use a new flag, SUDO_DEBUG_FILENO to specify when to use it. This allows consumers of sudo_debug_printf() to log that data without having to specify it manually.	2012-04-05 13:04:00 -04:00
Todd C. Miller	2c84bd4d08	Log warning() at SUDO_DEBUG_WARN not SUDO_DEBUG_ERROR. Log the function, file and line number in the debug log for warning() and error().	2012-04-05 12:37:15 -04:00
Todd C. Miller	2fe41248ac	Add SUDO_DEBUG_ERRNO flag to debug functions so we can log errno. Use this flag when wrapping error() and warning() so the debug output includes the error string.	2012-04-04 16:59:31 -04:00
Todd C. Miller	aecb5206e2	Fix compiler warnings on some platforms and provide a better method of defeating gcc's warn_unused_result attribute.	2012-03-29 10:33:40 -04:00
Todd C. Miller	78429a90d5	Quiet a warning on systems where the gids array in setgroups() is not prototyped as being const, even though it really is.	2012-03-28 11:14:22 -04:00
Todd C. Miller	8b3d118f62	Fix matching of "Path askpass" and "Path noexec"	2012-03-27 12:24:39 -04:00
Todd C. Miller	55d1a1a79d	Use ecalloc() when allocating structs.	2012-03-19 11:24:24 -04:00
Todd C. Miller	dbbb48c45f	Add ecalloc() and commented out recalloc(). Use inline strnlen() instead of strlen() in estrndup().	2012-03-19 11:23:25 -04:00
Todd C. Miller	96f046c1ce	Rename plugin "args" to "options"	2012-03-15 12:32:31 -04:00
Todd C. Miller	83459e13b5	Set args to NULL in default plugin info struct when there is no Plugin line in sudo.conf.	2012-03-14 15:07:50 -04:00
Todd C. Miller	37770ecf1e	Initial cut at a hooks implementation. The plugin can register hooks for getenv, putenv, setenv and unsetenv. This makes it possible for the plugin to trap changes to the environment made by authentication methods such as PAM or BSD auth so that such changes are reflected in the environment passed back to sudo for execve().	2012-03-07 16:35:42 -05:00
Todd C. Miller	a16dee915b	Add support for plugin args at the end of a Plugin line in sudo.conf. Bump the minor number accordingly and update the documentation. A plugin must check the sudo front end's version before using the plugin_args parameter since it is only supported for API version 1.2 and higher.	2012-03-02 11:04:09 -05:00
Todd C. Miller	8d05f0d1b0	Add type param to sudo_secure_path() and add sudo_secure_file() and sudo_secure_dir() wrappers which get by #includedir in sudoers.	2012-02-29 15:50:48 -05:00
Todd C. Miller	28db1fbbed	We need sysconfdir in compat/Makfile to get the proper sudo.conf path. Add standard prefix and foodir expansion in all Makefiles to avoid this problem in the future.	2012-02-27 13:28:15 -05:00
Todd C. Miller	415454ff59	Relax the user/group/mode checks on sudoers files. As long as the file is owned by the right user, not world-writable and not writable by a group other than the one specified at configure time (gid 0 by default), the file is considered OK. Note that visudo will still set the mode to the value specified at configure time.	2012-02-22 13:04:03 -05:00
Todd C. Miller	d35f50bd65	Move _PATH_SUDO_CONF override to common to match sudo_debug.c	2012-02-06 15:57:26 -05:00
Todd C. Miller	e16ae617e4	g/c now-unused debug subsystems	2012-02-05 10:17:26 -05:00
Todd C. Miller	c970d464cb	Normally, sudo disables core dumps while it is running. This behavior can now be modified at run time with a line in sudo.conf like "Set disable_coredumps false"	2012-02-03 14:57:03 -05:00
Todd C. Miller	c91f5ee680	Make sure we don't try to fall back to using the conversation function for debugging in the main sudo process if we are unable to open the debug file.	2012-02-03 12:30:07 -05:00
Todd C. Miller	ee0fb36d8b	regen dependencies	2012-01-13 06:02:17 -05:00
Todd C. Miller	fa15fc7651	The result of writev() is never checked so just cast to NULL.	2012-01-11 13:09:09 -05:00
Todd C. Miller	13561805d9	Add debug support.	2012-01-06 20:10:41 -05:00
Todd C. Miller	fa1f781a0e	Separate sudo.conf parsing from plugin loading and move the parse functions into the common lib so that visudo, etc. can use them.	2011-12-20 08:55:13 -05:00
Todd C. Miller	1c3965f534	Separate sudo.conf parsing from plugin loading and move the parse functions into the common lib so that visudo, etc. can use them.	2011-12-20 08:50:07 -05:00
Todd C. Miller	9f0abb4692	Add support for setenv entries in login.conf. We can't use LOGIN_SETENV since the plugin sets up the envp the command is executed with. Also regen the Makefile.in files while here. Fixes bug #527	2011-12-05 10:43:44 -05:00
Todd C. Miller	0e26e43b99	Remove duplicate return statements.	2011-12-02 15:23:42 -05:00
Todd C. Miller	21a2f95821	Use stdbool.h instead of rolling our own TRUE/FALSE macros.	2011-12-02 11:27:33 -05:00
Todd C. Miller	51e45647ae	Use HAVE_STRUCT_TIMESPEC and HAVE_STRUCT_IN6_ADDR instead of HAVE_TIMESPEC and HAVE_IN6_ADDR respectively.	2011-12-01 11:07:17 -05:00
Todd C. Miller	ab887a6fb0	No longer pass debug_file to plugin, plugins must now use CONV_DEBUG_MSG	2011-11-30 14:56:41 -05:00
Todd C. Miller	8fa6ab0372	Include time.h for ctime() prototype.	2011-11-30 09:14:11 -05:00
Todd C. Miller	a64f1eaea8	Do not close error pipe or debug fd via closefrom() as we need them to report an exec error should one occur.	2011-11-29 19:51:24 -05:00
Todd C. Miller	12352244bd	regen	2011-11-22 13:16:43 -05:00
Todd C. Miller	65b781a2ef	Use SUDO_CONV_DEBUG_MSG in the plugin instead of writing directly to the debug file.	2011-11-13 13:55:19 -05:00
Todd C. Miller	3ee9cef0da	Fold SUDO_DEBUG_PROGERR and SUDO_DEBUG_SYSERR into SUDO_DEBUG_ERROR	2011-11-07 16:33:49 -05:00

1 2

97 Commits