isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5,413 Commits 1 Branch 0 Tags
05807cf5e1d51a6923532e063eb5ed9b0b3385be
Commit Graph

5413 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
05807cf5e1 Document iolog_file and supported escape sequences for sudoers. 
Clarify that iolog_file can contain directories.
 2010-12-27 14:43:50 -05:00
Todd C. Miller
b8499baaae Fix building of mkstemps/mkdtemp replacements. 2010-12-27 14:07:49 -05:00
Todd C. Miller
5cf56a77ec Provide mkdtemp() for systems without it. 2010-12-27 13:49:49 -05:00
Todd C. Miller
36d8fbb900 Fix typo 2010-12-27 13:49:06 -05:00
Todd C. Miller
4c1aecd48f Only use mkdtemp() if the path ends in at least 6 Xs since otherwise 
glibc mkdtemp() returns EINVAL.
 2010-12-27 12:32:28 -05:00
Todd C. Miller
fba58fa3f7 Allow sudoers to specify the iolog file in addition to the iolog dir. 
Add escape sequence support to iolog file and dir: sequence number,
    user, group, runas_user, runas_group, hostname and command in
    addition to any escape sequence recognized by strftime(3).
 2010-12-27 12:18:32 -05:00
Todd C. Miller
524021a377 Add missing sigsetjmp() call in I/O plugin open function. 
Fixes a crash when the I/O plugin calls error(), errorx() or log_error().
 2010-12-27 11:24:47 -05:00
Todd C. Miller
5d59c10b95 Give the policy module fine-grained control over what the I/O plugin 
logs.
 2010-12-21 17:43:18 -05:00
Todd C. Miller
6505d10ccf Clear OPOST from c_oflag like we used to. Fixes screen-based editors 
such as vi.
 2010-12-21 12:22:07 -05:00
Todd C. Miller
ad41fb497e Clarify umask option description. From Reuben Thomas. 2010-12-21 10:23:45 -05:00
Todd C. Miller
93e9635842 Pick last match in LDAP sudoers too 2010-12-20 16:37:44 -05:00
Todd C. Miller
4294e4db8b Document iolog_file, iolog_dir and use_pty 2010-12-20 16:29:08 -05:00
Todd C. Miller
a10f216797 Adapt plugins to version I/O logging ABI 1.1 2010-12-20 16:28:20 -05:00
Todd C. Miller
c833ff02b6 Add use_pty command_info flag for policies to indicate that a 
pty should be allocated even if no I/O logging is performed.
 2010-12-20 16:27:46 -05:00
Todd C. Miller
c1a22ff152 Add remaining plugin convenience functions 2010-12-20 16:26:30 -05:00
Todd C. Miller
9948dae706 Change I/O log API to pass in command info to the I/O log open function. 
Add iolog_file and iolog_dir parameters to command info.
This allows the policy plugin to specify the I/O log pathname.
Add convenience functions for calling plugin functions that
handle ABI backwards compatibility.
 2010-12-20 16:20:11 -05:00
Todd C. Miller
30797ab8ae Remove useless cast 2010-12-20 16:16:08 -05:00
Todd C. Miller
6649afddba Bump version to 1.8.0b3 2010-12-17 16:36:45 -05:00
Todd C. Miller
aa8a996d5e Remove extraneous newline 2010-12-13 16:58:33 -05:00
Todd C. Miller
b2a6984606 Make I/O log dir configurable. 2010-12-10 14:14:35 -05:00
Todd C. Miller
6c23688511 Rename io_logdir to iolog_dir 2010-12-10 14:13:51 -05:00
Todd C. Miller
14d792dffa Add missing '*' that prevented the generic ELF case from matching. 2010-12-07 15:29:11 -05:00
Todd C. Miller
d734f6b418 If file(1) can't identify the ELF binary type, try readelf(1). 2010-12-07 13:36:27 -05:00
Todd C. Miller
4527bdd9b4 Use %u to print uid/gid, not %lu and adjust casts to match. 2010-11-30 15:21:36 -05:00
Todd C. Miller
3f605ebfaa Clarify ordering of entries and attributes. 2010-11-30 15:05:44 -05:00
Todd C. Miller
23df0b6fa9 Fix typo and editing goof. 2010-11-30 13:40:25 -05:00
Todd C. Miller
feb02ed406 Merge in ordered LDAP entry support from Andreas Mueller. 2010-11-30 13:34:31 -05:00
Todd C. Miller
7e59d4c5c8 Make sure we don't dereference a NULL handle. 2010-11-30 11:59:28 -05:00
Todd C. Miller
7e087f09d2 Add support for RHEL 6 file modes that include a trailing dot on files with an SELinux security context 2010-11-24 11:23:08 -05:00
Todd C. Miller
d0d0e1b9f5 exec_setup() does not need to setuid(0), the Ubuntu issue was in 
the sudoers module.
 2010-11-23 07:35:27 -05:00
Todd C. Miller
8f4b215216 create_admin_success_flag() should use restore_perms() rather than 
set_perms() to restore the uid.
 2010-11-23 07:34:22 -05:00
Todd C. Miller
d39747e6a5 In exec_setup() call setuid(0) to make certain the subsequent 
uid and gid changes will succeed.  Fixes a problem on Ubuntu.
 2010-11-23 07:26:21 -05:00
Todd C. Miller
d869ca1f90 Error out if we cannot change to root's uid so we catch the failure early. 2010-11-23 07:25:03 -05:00
Todd C. Miller
bb4a8a4dc2 fix typo; from Michael T Hunter 2010-11-22 15:45:10 -05:00
Todd C. Miller
70cf50fd20 In sudoedit mode, assume command line arguments are paths and 
pass FNM_PATHNAME to fnmatch().
 2010-11-22 10:27:29 -05:00
Todd C. Miller
81da78ff3d Add workaround for an error in sys/types.h on HP-UX 11.23 when 
large file support is enabled.  Defining _XOPEN_SOURCE_EXTENDED
avoids the broken bits of the header file.
 2010-11-20 16:26:53 -05:00
Todd C. Miller
5bd089776c Fix SUDO_MAILDIR usage of AC_LANG_PROGRAM 2010-11-20 16:23:39 -05:00
Todd C. Miller
494bd14de9 For Tru64, strip off beta version. 2010-11-20 10:37:05 -05:00
Todd C. Miller
5a0f2164ef Avoid conflicts with system definitions in grp.h and pwd.h 2010-11-20 10:33:23 -05:00
Todd C. Miller
5a4762b2b7 Include stdio.h after zlib.h, not before. We need the large file defines 
to come first.
 2010-11-20 09:59:44 -05:00
Todd C. Miller
901ca2a12c regen 2010-11-19 16:57:21 -05:00
Todd C. Miller
45da484401 Don't clean ChangeLog 2010-11-19 14:06:53 -05:00
Todd C. Miller
51f401fa34 Add prototype for cleanup() 2010-11-19 12:58:03 -05:00
Todd C. Miller
c73306983c Avoid deferencing group_plugin if it is NULL in group_plugin_query(). 
This should not happen.
 2010-11-18 17:09:57 -05:00
Todd C. Miller
4b2fb225c0 group plugin init function return TRUE when successful 2010-11-18 17:06:52 -05:00
Todd C. Miller
ef5f73a49f Enlarge the array of entry wrappers int blocks of 100 entries to 
save on allocation time.  From Andreas Mueller
 2010-11-17 18:56:52 -05:00
Todd C. Miller
f9353d95ca Add back call to sudo_ldap_timefilter() in sudo_ldap_build_pass2() 
that was mistakenly dropped.
 2010-11-17 07:31:07 -05:00
Todd C. Miller
ab651135d2 Mention that sudo needs "ar" to build. 2010-11-16 10:07:46 -05:00
Todd C. Miller
4c2dcaa10b Fail with a more useful error if "ar" is not found. 2010-11-16 10:03:18 -05:00
Todd C. Miller
8940f361ea Merge in ordered LDAP entry support from Andreas Mueller 
and add local changes from the 1.7 branch.
 2010-11-14 13:22:38 -05:00