isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
10,262 Commits 1 Branch 0 Tags
03ad96e44580182effdb9b896938b6871bfbd8f1
Commit Graph

135 Commits

Author SHA1 Message Date
Todd C. Miller
79ca752802 Go back to parsing Defaults entries in update_defaults instead of 
as sudoers is read.  Otherwise, we cannot properly support early
defaults like sudoers_locale.
 2016-11-09 16:00:12 -07:00
Todd C. Miller
17868f89d7 Fix a bug in host matching where a negated sudoHost entry would 
prevent other sudoHosts following it from matching.
 2016-11-08 14:35:23 -07:00
Todd C. Miller
df8404dbd4 Instead of parsing sudoers Defaults twice, parse once while reading 
sudoers and then just set the parsed value in update_defaults().
 2016-11-06 18:59:49 -07:00
Todd C. Miller
75e29f163e Add file:linenumber prefix to all Defaults warnings so we can see 
them when running sudo too.  For LDAP/SSSD we print the sudoRole
instead of the file name and omit the line number.
 2016-11-02 17:07:32 -06:00
Todd C. Miller
0a68d6799e Fix matching when no sudoRunAsUser is present in a sudoRole. 
If only a sudoRunAsGroup is present, match on the invoking user
if the -g option was specified and the group matched.
If no sudoRunAsGroup is present and the -g option was specified,
allow it if it matches the passwd gid of the runas user.
This matches the behavior of the sudoers backend.
 2016-09-19 06:19:49 -06:00
Todd C. Miller
9a55c0c25d user_matched and group_matched must be type int, not bool 2016-09-15 15:22:06 -06:00
Todd C. Miller
b165a5ff71 Use RUNAS_USER_SPECIFIED and RUNAS_GROUP_SPECIFIED when deciding 
whether to check runas user/group instead of checking runas_pw or
runas_gr.
 2016-09-15 13:47:38 -06:00
Todd C. Miller
0ff95dfaaa When matching against runas_default use userpw_matches() instead 
of just strcasecmp().
 2016-09-15 13:36:43 -06:00
Todd C. Miller
d64153967e Fix printing of the default runas user when a RunAsGroup is specified 
but no RunAsUser is present.
 2016-09-15 11:29:27 -06:00
Todd C. Miller
fb32867e4c Only match against runas_default if both sudoRunAsUser and 
sudoRunAsGroup are missing.
 2016-09-15 10:46:57 -06:00
Todd C. Miller
ef82f792a1 Update check for whether or not the runas user was set in the ldap 
and sssd backends to match the sudoers file backend.  Introduces
the runas_user_set() macro to improve readability.  Previously,
runas_pw was set late, now it is set before checking sudoers.
 2016-09-15 09:37:53 -06:00
Todd C. Miller
37099a6e7d Fix underflow in get_ipa_hostname() when trimming trailing 
whitespace.
 2016-09-15 05:54:53 -06:00
Todd C. Miller
ff753d1e16 Support negated sudoHost entries. 2016-09-14 10:33:27 -06:00
Todd C. Miller
5b51b7f11a Fix "sudo -l command" in the LDAP and SSS backends when the command 
is not allowed.
 2016-08-29 10:04:24 -06:00
Todd C. Miller
9d94ee11c0 Avoid passing around struct defaults when it is not needed. As a 
result, we no longer need to include gram.h in the LDAP and SSSD
backends.
 2016-08-08 20:09:59 -06:00
Todd C. Miller
0bf2d9b162 Instead of deferring setting early defaults until we have traversed 
the entire defaults list, just defer running the callbacks.  Otherwise,
if the last early default setting we see has a bad value we won't
set any defaults of that type even if there was an earlier one that
was valid.
 2016-08-08 17:04:20 -06:00
Todd C. Miller
16551031f9 Add support for early defaults to the ldap and sssd backends. 2016-07-27 14:20:17 -06:00
Todd C. Miller
256ca993b9 Update defaults in visudo after sudoers has been edited so we pick 
up locale changes.  The init_defaults() function will now re-init
the sudoers locale.
 2016-07-22 10:41:56 -06:00
Todd C. Miller
d9e14bc659 LDAP sudoers doesn't support negated users, groups or netgroups. 2016-06-12 09:36:19 -06:00
Todd C. Miller
3169259821 Ignore empty ipa_hostname 2016-06-05 14:42:54 -06:00
Todd C. Miller
c6a21bd53d Better martching of ipa_hostname in sssd.conf 2016-06-05 05:40:32 -06:00
Todd C. Miller
9b027676c0 Use the value of ipa_hostname from /etc/sssd/sssd.conf if present 
instead of the system hostname.
 2016-06-04 19:52:10 -06:00
Todd C. Miller
ccf88d3bb2 When matching host, short-circuit the loop when we get a match. 
Only check username as part of the netgroup when netgroup_tuple is
enabled.
 2016-06-03 14:07:40 -06:00
Todd C. Miller
a71cac91f2 Avoid using !strcmp() 2016-06-03 13:58:12 -06:00
Todd C. Miller
b6beccf19e SSSD doesn't handle netgroups, we have to ensure they are correctly filtered 
in sudo. The rules may contain mixed sudoUser specification so we have to
check not only for netgroup membership but also for user and group matches.
Adapted from a patch from Daniel Kopecek.
 2016-06-02 10:47:39 -06:00
Todd C. Miller
461a419d04 For sudo -ll (long list) print the SSSD role just like we do 
for the LDAP backend.  Adapted from sudo-1.8.6p3-sssdrulenames.patch
 2016-05-31 13:07:31 -06:00
Todd C. Miller
9d526c1af5 Do not write directly to stdout/stderr, use sudo_printf which calls 
the conversation function.
 2016-05-14 19:34:13 -06:00
Todd C. Miller
7a5149d738 Fix memory leak of sss_result in sudo_sss_lookup() 
Coverity CID 104106
 2016-05-06 08:22:03 -06:00
Todd C. Miller
6717c32022 When determining whether or not "sudo -l" or "sudo -b" should prompt 
for a password, take all sudoers sources into account.  In other
words, if both file and ldap sudoers sources are in use, "sudo -v"
will now require that all entries in both sources be have NOPASSWD
(file) or !authenticate (ldap) in the entries.
 2016-04-19 10:08:51 -06:00
Todd C. Miller
95dd64ea75 Fix the check for whether a user is allowed to lists another user's 
privileges.  The "matched" variable is not boolean, it can also
have the value UNSPEC so we need to check explicitly for true.
Bug #738
 2016-02-26 09:32:08 -07:00
Todd C. Miller
23a82ab2e8 Avoid possible NULL deref found by clang analyzer. 2016-01-27 16:07:35 -07:00
Todd C. Miller
e48ceebf14 fn_free_result() (aka sss_sudo_free_result() in sss_sudo.c) handles 
a NULL poiner so there's no need to check before calling it.  Add
missing initialization of sss_sudo_result to NULL in sudo_sss_setdefs().
 2016-01-27 09:28:08 -07:00
Todd C. Miller
60ea106cc4 Add missing return when user is not found in sudo_sss_result_get(). 
Previously we fell through to the default case which just logged a
debug message and returned so this just avoids the extra (generic)
debug message.
 2016-01-27 09:20:04 -07:00
Todd C. Miller
f4e5b135bb Update copyright year 2016-01-20 15:40:51 -07:00
Todd C. Miller
5a77989a33 Add support for matching the entire netgroup tuple (user, host, domain). 2016-01-12 14:59:44 -07:00
Todd C. Miller
0f991ff78b Use user_runhost and user_srunhost instead of user_host and user_shost. 
Fixes "sudo -l -h other_host" for LDAP and sssd.
 2016-01-11 15:54:02 -07:00
Todd C. Miller
9308d05e7e Fix free() of invalid pointer introduced in the commit that stripped 
whitespace between a '!' and the name in a sudoOption.
 2016-01-11 16:52:52 -07:00
Todd C. Miller
d46d0fbc6f When parsing sudoOptions that include an operator (!, +, +=, -=) 
strip out any whitespace on either side of the operator.
 2015-12-09 14:57:33 -07:00
Todd C. Miller
9c9b487b0c In list mode, we always want to clear FLAG_NO_USER and FLAG_NO_HOST 
regardless of whether or not there was an actual match.  Otherwise,
warning mail may be sent which is not what we want in list mode.
This is consistent with what the sudoers file backend does.
 2015-12-02 10:43:41 -07:00
Todd C. Miller
db8607fe4e Fix typo in sudo_sss_attrcpy() that caused a memory allocation error. 2015-07-17 13:58:26 -06:00
Todd C. Miller
374146f70f Avoid calling dlerror() multiple times since it clear the error 
status after printing the error.
Problem caused by sudo_warn/sudo_fatal being macros...
 2015-07-10 10:31:21 -06:00
Todd C. Miller
ea85db3ecd Add support for parsing quoted strings in a sudoOption just like 
sudoers Defaults settings.
 2015-07-07 10:58:05 -06:00
Todd C. Miller
0b241088b3 There's no need to conditionalize the #include <unistd.h>, we require 
a POSIX system.
 2015-07-02 09:08:28 -06:00
Todd C. Miller
54f9de6cce Add an error flag to the lbuf struct to simplify error checking. 
Callers of the lbuf functions now check the error flag to tell if
a memory allocation error ocurred.
 2015-06-26 15:58:04 -06:00
Todd C. Miller
4a07b472f0 Only include stddef.h where it is needed. 2015-06-20 05:34:35 -06:00
Todd C. Miller
c36415417f Add function name to "unable to allocate memory" warnings. 2015-06-19 14:51:17 -06:00
Todd C. Miller
dc883f2454 We require ANSI C so stop using the obsolete STDC_HEADERS. 2015-06-19 14:29:27 -06:00
Todd C. Miller
6da04821d7 Use non-exiting allocators in the sudoers SSSD backend. 2015-06-16 15:00:47 -06:00
Todd C. Miller
05a01d4c5d Avoid using a leading underbar in defines as they are reserved in 
ISO C.
 2015-05-21 11:13:20 -06:00
Todd C. Miller
1298ea9107 Add target for "make splint". A few files need extra guards to avoid 
errors on systems where they would not otherwise be compiled.
No warnings from splint.
 2015-05-21 11:07:13 -06:00