isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
10,257 Commits 1 Branch 0 Tags
054939c1ed8160f97cd21dbec2afebeedeab6e68
Commit Graph

10257 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
kuberlog
054939c1ed configure.ac: fix documentation about lecture 2020-07-21 08:47:03 -06:00
Todd C. Miller
bd24a322cc Handle openssl where there is no separate libcrypto pkgconfig file. 
In this case, just use the full openssl libs to get the sha2 functions.
 2020-07-16 08:15:02 -06:00
Todd C. Miller
10f8bb6398 Ignore --enable-gcrypt if --enable-openssl is also specified. 2020-07-16 07:32:13 -06:00
Todd C. Miller
6a9ed1998b Sudo 1.9.2 2020-07-15 10:46:31 -06:00
Todd C. Miller
be89bdcf7c Fix some warnings displayed by autoconf 2.69b 
This fixes the missing HAVE_GSSAPI_GSSAPI_H define in config.h.in.
TODO: replace shadow_funcs variable in function checks with literals
 2020-07-15 10:12:55 -06:00
Todd C. Miller
ac00a07018 Initialize sudo_conv and sudo_printf in sudoers_audit_open(). 
We will need them if there is an error parsing sudoers and leaving
them unset can result in NULL deref.  Also set the text domain to
"sudoers" like we do for the policy and I/O logging open functions.
Bug #934.
 2020-07-12 10:13:53 -06:00
Todd C. Miller
1e4ce8525a Updated translations from translationproject.org 2020-07-11 09:19:41 -06:00
Todd C. Miller
b9ad3704d7 Export sudoers_audit symbol for compilers without symbol visibility. 2020-07-06 13:28:21 -06:00
Todd C. Miller
d6bc75e1e0 Document the contents of the log.json file. 2020-07-06 12:35:41 -06:00
Todd C. Miller
3175049e45 Fix typo, runas_uid should be runas_gid. 2020-07-06 12:17:58 -06:00
Todd C. Miller
90dbdf8f30 Add sudoers_audit line for completeness, matching the documentation. 
When sudoers is loaded as a policy plugin, it will be loaded
automatically as an audit plugin.  Listing it explicitly in the
default sudo.conf file helps bring attention to the fact that sudoers
now supports the audit plugin type.
 2020-07-06 10:42:46 -06:00
Todd C. Miller
e9a39c149a Add some debugging statements around Defaults lookup. 2020-07-06 09:03:15 -06:00
Todd C. Miller
660738139b Replace #includedir with @includedir in default sudoers file. 2020-07-06 08:45:04 -06:00
Todd C. Miller
9ef09595f9 Allow HP-UX share libs and modules to link against static libs. 
hppa64 and ia64 use PIC by default
 2020-06-26 09:13:38 -06:00
Todd C. Miller
4cadd54951 Use pkg-config to find the openssl cflags and libs if possible. 
We support linking against static openssl libs too.
 2020-06-25 20:55:02 -06:00
Todd C. Miller
d04805eecb Fix parsing of /etc/redhat-release on RHEL 8. 
RedHat dropped the word "server" from the release name in redhat-release
which results in the awk script printing the wrong field.  Instead
of using awk, just use sed to pull out the version number immediately
following the word "release".
 2020-06-24 14:19:14 -06:00
Todd C. Miller
820d6ae207 regen without `scare quotes' 2020-06-24 05:40:42 -06:00
Todd C. Miller
df49897bd0 Replace or remove use of `scare quotes' 
These don't translate well and look odd in many fonts.
 2020-06-24 05:40:18 -06:00
Todd C. Miller
95ba6645d2 Add FALLTHROUGH comments to quiet -Wimplicit-fallthrough 2020-06-20 14:23:19 -06:00
Todd C. Miller
1cec928d17 Fix implicit fallthrough warning and add break to default cases. 2020-06-20 14:11:40 -06:00
Todd C. Miller
5e9346d4e9 Add -Wimplicit-fallthrough to --enable-warnings if available. 
Note that clang 10 has support for -Wimplicit-fallthrough in C code
but doesn't recognize lint-style FALLTHROUGH comments like gcc does
so we can't use it.
 2020-06-20 13:51:02 -06:00
Todd C. Miller
23b1ee2f45 Fix some warnings from configure test programs. 2020-06-20 13:51:02 -06:00
Todd C. Miller
f2dce25ac1 Drop old test for -lcposix for ISC Unix. 2020-06-20 11:21:27 -06:00
Todd C. Miller
802058b362 Mention sudo-blog announce list. 2020-06-19 10:26:43 -06:00
Todd C. Miller
e6d6e9ba05 Bugs #860 and #917 were fixed in 1.9.0. 2020-06-19 06:17:39 -06:00
Todd C. Miller
65edf6344d regen to fix a typo 2020-06-18 15:23:30 -06:00
Todd C. Miller
d4739533fd Add regress test to catch swapids() bug when called by iolog_mkdtemp() 2020-06-18 15:14:00 -06:00
Todd C. Miller
88393fc96f Updated translations from translationproject.org 2020-06-18 07:13:05 -06:00
Todd C. Miller
ce76c9fe8a Document the order in which the plugin open/close functions are called. 2020-06-16 16:20:25 -06:00
Todd C. Miller
bc6e36e940 Fix a typo that prevented swapids() from restoring the original gid. 
This led to a regression when the iolog_file setting ends in six or
more X's or when the I/O logs are stored on NFS.
 2020-06-16 05:44:57 -06:00
Todd C. Miller
8bb5aedacf Replace master/slave in code with leader/follower. 2020-06-15 16:21:32 -06:00
Todd C. Miller
f093cb2e52 Replace terms master and blacklist in docs and examples. 2020-06-15 14:38:46 -06:00
Todd C. Miller
4a3aff156f Bug #929 2020-06-15 08:06:43 -06:00
Todd C. Miller
bee9950593 Clean up temporary sudoedit files on success; Bug #929 
This is a regression introduced in sudo 1.9.0.
 2020-06-14 16:40:21 -06:00
Todd C. Miller
ddd3b0eced New Romanian translation 2020-06-12 09:58:22 -06:00
Todd C. Miller
47b2df64cf Add missing entry for the LDAP/SSSD sudoHost regression. 
Also add new Romanian translation
 2020-06-11 14:57:10 -06:00
Todd C. Miller
7f96e4537c Updated translations from translationproject.org 2020-06-11 15:19:31 -06:00
Todd C. Miller
d003da33dd Romanian translation from translationproject.org. 2020-06-11 15:15:58 -06:00
Todd C. Miller
852d8c7953 Fix a typo in the audit string when "sudo -E" is not allowed. 2020-06-07 08:37:32 -06:00
Todd C. Miller
3e12b99eed Check asprintf() return value. 2020-06-06 19:13:21 -06:00
Todd C. Miller
a339945848 Prefer the python3 in /usr/bin on Solaris. 
The /opt/csw version, if it exists, may be a 32-bit version which
we can't link with.  Also handle the case where the /usr/bin/python3
link is missing.
 2020-06-06 18:45:28 -06:00
Todd C. Miller
48c2bd0007 Declare getdelim(3) if it exists in libc but is not prototyped in stdio.h. 
This can happen on systems with a gcc packages that was built on
and older versions of the OS where getdelim(3) was not present.
 2020-06-06 18:45:27 -06:00
Todd C. Miller
17b3f90f74 For python3-config, only use -I and -L/-l from --cflags and --ldflags output. 
Otherwise we may get other flags used to build python that conflict
with what sudo uses.
 2020-06-06 16:32:10 -06:00
Todd C. Miller
6c881477b6 Build 64-bit binaries and the python package on Solaris 11 and above. 
No longer prefer the Solaris Studio C compiler over gcc, it causes
issues with the Python plugin.
 2020-06-06 16:07:33 -06:00
Todd C. Miller
8da1f31954 Fix memory leak on error in fmt_info_messages(). 2020-06-06 14:08:34 -06:00
Todd C. Miller
3f4de69497 Update for 1.9.1b1 2020-06-06 07:22:00 -06:00
Todd C. Miller
d4e92164f5 regen for sudo 1.9.1 2020-06-05 10:26:31 -06:00
Todd C. Miller
f047377a07 Add basic support for reject and error audit events to sudoers. 
This is only used when logging events from plugins other than sudoers,
such as an approval plugin.  With this change, if an approval
plugin rejects the command the denial will be logged in the
sudoers log file using the message from the approval plugin.
 2020-06-04 14:41:35 -06:00
Todd C. Miller
15d93a1ca7 Fix Solaris and BSM audit warnings. 
Use BSM audit on Illumos, which lacks Solaris audit.
 2020-06-04 14:41:28 -06:00
Todd C. Miller
a5a7215936 Track whether the session was opened in sudoers. 
In sudoers_policy_close() only warn about being unable to run the
command if we actually opened the session (and thus passed all
approval plugins).
 2020-06-04 13:34:20 -06:00