isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
6,546 Commits 1 Branch 0 Tags
02aa965a2d77753b404f68fde9581cd8f7d76ded
Commit Graph

906 Commits

Author SHA1 Message Date
Todd C. Miller
02aa965a2d Add calls to set_perms(PERM_ROOT) becore logging to a file. We 
should already be root but since we cache the current permission
status it is basically free.  That way, if more of sudoers runs as
non-root in the future logging will still work correctly.
 2012-11-12 09:41:56 -05:00
Todd C. Miller
acf8af9aac #unifdef HAVE_SETLOCALE, it is C89 so no need to check for it. 2012-11-12 08:51:58 -05:00
Todd C. Miller
336021a9c0 Fix compilation on systems w/o setlocale() 2012-11-12 05:36:43 -05:00
Todd C. Miller
c1db4b1546 Always include locale.h from gettext.h so we no longer need to 
include locale.h from the .c files.
 2012-11-11 20:23:53 -05:00
Todd C. Miller
83dde2fbb6 Add os-specific initialization functions for solaris (workaround 
setuid locale problem in Solaris 11) and openbsd (set malloc_options
if SUDO_DEVEL).  Also move set_project() to solaris.c.
 2012-11-11 07:11:22 -05:00
Todd C. Miller
56de023de8 Avoid strerror() when possible and just rely on warning/error 
to handle errno in the proper locale.
 2012-11-09 16:32:29 -05:00
Todd C. Miller
e28ce01fe0 Set sudoers locale in log_allowed() 2012-11-09 16:31:23 -05:00
Todd C. Miller
69cb0c3215 Make the sudo lecture translatable. 2012-11-09 15:37:03 -05:00
Todd C. Miller
693e6767f0 Expand the FMT_FIRST anf FMT_CONTD macros inline so they get picked 
up by xgettext.
 2012-11-09 15:30:06 -05:00
Todd C. Miller
6a7884d474 Make expand_prompt() args const and free the prompt when we are 
done with it.
 2012-11-08 16:40:37 -05:00
Todd C. Miller
e88c8941d8 Fix cut and pasto 2012-11-08 16:40:03 -05:00
Todd C. Miller
cac7ca6a69 Expand def_mailsub in the sudoers locale, not the user's. 2012-11-08 16:39:44 -05:00
Todd C. Miller
a0c53bd751 Call gettext inside log_error et al instead of having the caller do it. This way we can display any messages to the user in their own locale but log in the sudoers local. 2012-11-08 15:37:44 -05:00
Todd C. Miller
595d3b2651 Display warning/error messages in the user's locale. 2012-11-08 15:37:44 -05:00
Todd C. Miller
f454a852cb audit_failure() now calls gettext itself using the sudoers locale. 2012-11-08 15:37:43 -05:00
Todd C. Miller
3f82a3407e Convert setlocale() to sudoers_setlocale() in the sudoers module. 
This only converts existing uses, there are more places where we
need to sprinkle sudoers_setlocale() calls.
 2012-11-08 15:37:43 -05:00
Todd C. Miller
4207589fe2 Add simple locale switching to make it easy to switch from the 
user's locale to the sudoers locale without making excessive
setlocale() calls when we don't need to.
 2012-11-08 15:37:43 -05:00
Todd C. Miller
f8660f9988 Add variants of warn/error and sudo_debug_printf that take a va_list 
instead of a variable number of args.
 2012-11-08 15:37:42 -05:00
Todd C. Miller
5d052aeb60 Do not inform the user that the command was not permitted by the 
policy if they do not successfully authenticate.  This is a regression
introduced in sudo 1.8.6.
 2012-11-06 11:19:51 -05:00
Todd C. Miller
941d759c51 Add preinstall target that runs SUDO_PREINSTALL_CMD. Used to fixup 
the rpath in HP-UX SOM shared libraries for the LDAP libs.
 2012-11-06 11:08:53 -05:00
Todd C. Miller
68376c1380 Allow sudo to be build with sss support without also including ldap 
support.  From Stephane Graber.
 2012-10-26 10:27:56 -04:00
Todd C. Miller
475662aaa4 Refactor policy plugin interface code from sudoers.c into policy.c 2012-10-25 16:58:31 -04:00
Todd C. Miller
3651377e12 Refactor command_info setting into its own function. 2012-10-25 13:16:58 -04:00
Todd C. Miller
929aef0754 Make interfaces pointer private to interfaces.c and add get_interfaces() 
accessor.
 2012-10-25 13:15:52 -04:00
Todd C. Miller
319fe95d08 Make user_cwd const since it is either a string literal or passed 
in from the front-end.
 2012-10-24 16:32:43 -04:00
Todd C. Miller
4134b24ec2 Avoid nested strtok() calls. 2012-10-24 14:24:36 -04:00
Todd C. Miller
2b23d2b12c Move expand_prompt() into its own source file for easier unit testing. 2012-10-23 14:27:52 -04:00
Todd C. Miller
0a7af23038 Make check.c independent of the underlying timestamp implementation. 2012-10-23 14:16:57 -04:00
Todd C. Miller
fb037caffc Add SUDOERS_NO_SEQ define to allow ${seq} to be disabled. 2012-10-23 11:57:07 -04:00
Todd C. Miller
a3a1574cdf Explicitly mark main() as public in executables to avoid an HP-UX 
ld warning.
 2012-10-02 15:08:02 -04:00
Todd C. Miller
0fa33ccf0f Split off timestamp functions into their own source file. 2012-09-27 10:21:13 -04:00
Todd C. Miller
6a25affb47 Add rudimentary support for name-based matching as a compile-time 
option.  This unsafe when used in conjunction with the '!' operator.
 2012-09-24 10:09:41 -04:00
Todd C. Miller
883e0ec3cc Split out implementation-specific back end code out of pwutil.c 
into pwutil_impl.c.  This will allow the main pwutil code to be
used for lookup methods other than getpw* and getgr*.
 2012-09-21 16:25:01 -04:00
Todd C. Miller
7f36643a66 Rename yyerror() to sudoerserror() to match yacc prefix changes. 
Not really needed due to the #defines that yacc makes but it is
less confusing this way as the lexer calls sudoerserror().
 2012-09-17 17:03:17 -04:00
Todd C. Miller
1d90c0ad71 No need to translate "unable to allocate memory" when we can just 
use the system translation via strerror().
 2012-09-17 16:59:26 -04:00
Todd C. Miller
f808fead0a Fall back on lstat(2) if d_type in struct dirent is DT_UNKNOWN. 
Not all file systems support d_type.  Bug #572
 2012-09-17 13:20:30 -04:00
Todd C. Miller
37d70a999c Avoid calling fclose(NULL) in the error path when we cannot open an 
I/O log file.
 2012-09-17 10:53:46 -04:00
Todd C. Miller
faf112c53b Replace the guts of sudo_setenv_nodebug() with our old setenv.c 
which supports non-standard BSD and glibc semantics.
sudo_setenv() now simply calls sudo_setenv2().
 2012-09-16 15:18:58 -04:00
Todd C. Miller
bdf93e8d3e Enable non-Unix group support for LDAP sudoers. We now check for 
non-Unix groups and netgroups with the same query in the second
pass.  Bug #571
 2012-09-15 13:41:24 -04:00
Todd C. Miller
5276ab3a5f Set yacc prefix to "sudoers" to avoid conflicts other yacc parsers. 2012-09-14 16:19:25 -04:00
Todd C. Miller
40d0492a42 Avoid setting LOGNAME, USER and USERNAME variables twice when 
set_logname is enabled.
 2012-09-11 10:24:20 -04:00
Todd C. Miller
6beab19148 Fix duplicate detection in sudo_putenv(), do not prune out the 
variable we just set when overwriting an existing instance.
Fixes bug #570
 2012-09-11 10:22:37 -04:00
Todd C. Miller
d2a46c0f81 Add some debuggging 2012-09-11 10:21:32 -04:00
Todd C. Miller
3af7a0daf5 Disable word wrap in list mode when stdout is a pipe to make "sudo 
-l | grep ..." more useful.  Adapted from a diff by Daniel Kopecek.
 2012-09-04 10:44:34 -04:00
Todd C. Miller
d787df3c1d Add support for [SUCCESS=return] in nsswitch.conf; from Daniel Kopecek 2012-09-04 09:22:10 -04:00
Todd C. Miller
a71e685aa9 regen .po files 2012-09-01 17:10:36 -04:00
Todd C. Miller
8de12a2bcf Add Vietnamese sudoers translation from translationproject.org 2012-09-01 17:00:49 -04:00
Todd C. Miller
4380a60a97 Add Vietnamese sudoers translation from translationproject.org 2012-09-01 13:10:04 -04:00
Todd C. Miller
ac4b21b3e2 Remove generated file and change path for temporary include file. 2012-08-23 14:57:57 -04:00
Todd C. Miller
6d08c4b406 When running regress tests, list pass/fail rate for each dir 
(testsudoers and visudo) instead of the total.  Also prevent the
result files from clobbering each other by keeping them in the
relevant directories.
 2012-08-23 14:47:58 -04:00