isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
8,878 Commits 1 Branch 0 Tags
06d52c97c22eeeaaf81a397612b4733e754ceff8
Commit Graph

8878 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
06d52c97c2 The fix for matching when no sudoRunAsUser is present in a sudoRole 
was incomplete.  If no -g option was specified on the command line
but sudoRunAsGroup is present in a sudoRole, we need to treat the
group match as failed instead of missing.
 2017-09-01 11:36:15 -06:00
Todd C. Miller
507ab6fdcd Sprinkle a few more debugging printfs. 2017-09-01 09:22:31 -06:00
Todd C. Miller
e100259619 Fix replaying sessions that contain input logs. When the inter-record 
timeout expires we need to read the next record if there is nothing
to output.
 2017-09-01 09:00:17 -06:00
Todd C. Miller
447c2c7e8c regen 2017-09-01 06:01:08 -06:00
Todd C. Miller
7652dad0d6 Fix typo (Auguest vs. August). From David Pocock. 2017-09-01 06:00:48 -06:00
Todd C. Miller
d5c41ae373 Go back to returning true from display_privs() on non-error. This 
results in "sudo -U otheruser -l" exiting with a status of 0 even
when otheruser is not allowed to run commands.  This is appropriate
since the "sudo -l" command was successful.  This does not change
the exit value when otheruser runs "sudo -l" themselves, the exit
status will be 1 since that user is not allowed to run commands.
Requested by Radovan Sroka.
 2017-08-31 11:29:19 -06:00
Todd C. Miller
5cdee2c2c0 Fix the pass2 ldap query string when no search filter is defined. 
Due to the addition of "(sudoUser=*)" to the query we always need
the AND operator, even if no search filter is present.
 2017-08-31 11:05:48 -06:00
Todd C. Miller
c3d098254d Don't forward SIGINFO to the child when it is send by the kernel 
(not another user process).  This is consistent with the handling
of other keyboard-generated signals such as SIGINT, SIGQUIT and
SIGTSTP.  Bug #796
 2017-08-29 08:58:14 -06:00
Todd C. Miller
0d31a1c302 Fix path to LICENSE and NEWS files that get used in the installer. 
Previously, the installed versions were used instead of the ones
in the destdir.
 2017-08-23 11:54:13 -06:00
Todd C. Miller
0d243a882e sync with translationproject.org 2017-08-20 19:07:07 -06:00
Todd C. Miller
b7b00c26db sync with translationproject.org 2017-08-18 10:00:27 -06:00
Todd C. Miller
b45d73acb4 sync with translationproject.org 2017-08-12 15:29:35 -06:00
Todd C. Miller
159f89f0de Preserving environment variables on the command line was bug #279 2017-08-11 09:50:07 -06:00
Todd C. Miller
a01bbfacf4 Add Friulian translation for sudo from Fabio Tomat via translationproject.org 2017-08-10 10:14:57 -06:00
Todd C. Miller
6696653e4f sync with translationproject.org 2017-08-08 06:50:24 -06:00
Todd C. Miller
54860cf7f5 In the Runas example that uses "boulder" make it clear that "boulder" 
is a host name.
 2017-08-04 14:55:03 -06:00
Todd C. Miller
deaeffe73a regen 2017-08-03 10:06:16 -06:00
Todd C. Miller
c18dde2350 Allow the user to specify a list of environment variables to preserve. 
This adds an option paramter to the --preserve-env option, a
comma-separated list of variable names.
 2017-08-03 07:32:24 -06:00
Todd C. Miller
63d954d1fc Replace tty_tickets option with timestamp_type which can be 
global, ppid or tty.  Defaults to tty (no change in behavior).
Some users want the ppid behavior.
 2017-08-01 16:14:54 -06:00
Todd C. Miller
c3b3e501b9 regen 2017-08-01 15:45:20 -06:00
Todd C. Miller
48459292ff Don't send email about an unresolvable host name if fqdn is 
enabled and the user specified the run host via the -h flag.
 2017-08-01 13:45:32 -06:00
Todd C. Miller
5ab1d724a9 fix playback of stdout/stderr without embedded carriage returns 2017-07-31 10:44:39 -06:00
Todd C. Miller
98369bf985 Avoid unused variable warning when sasl is not used. 2017-07-28 14:05:54 -06:00
Todd C. Miller
beece91719 Add support for --enable-sasl and --disable-sasl to make it possible 
to enable/disable support for LDAP with SASL authentication.  Sudo
compiles in support for SASL authentiation by default if the
ldap_sasl_interactive_bind_s() function is detected.
Bug #788
 2017-07-28 13:52:55 -06:00
Todd C. Miller
ad81862b07 List the correct pattern ("*=()*") in the env_delete description. 
Use pseudo-tty instead of pseudo terminal for consistency.
 2017-07-28 09:50:12 -06:00
Todd C. Miller
5a6b8a78f1 Include pathnames.h for /dev/fd on FreeBSD and Mac OS X. 2017-07-27 20:51:21 -06:00
Todd C. Miller
ec45b77d04 update for 1.8.21 2017-07-27 17:08:09 -06:00
Todd C. Miller
0849e2cac4 No need to call sudo_ev_del() before sudo_ev_free(); sudo_ev_free() 
will delete the event from its base before freeing it.
 2017-07-27 14:12:57 -06:00
Todd C. Miller
1cfaf6c344 Terminate the command if an I/O log function returns 0 or -1. This 
was mistakenly removed by 25b7fd056614 in Sudo 1.8.18 with the
removal of the ignore_iolog_errors variable.
 2017-07-27 14:10:44 -06:00
Todd C. Miller
4b51622914 Quiet a coverity false positive. 2017-07-27 11:36:10 -06:00
Todd C. Miller
2d30c42a03 Change to a single event loop in sudoreplay and use signal events. 2017-07-27 09:45:35 -06:00
Todd C. Miller
9ea9ecb183 start new sentences on a new line 2017-07-21 11:20:04 -06:00
Todd C. Miller
d76d5eaebc Clarify how the variable prompt options interact with each other 
and PAM.
 2017-07-21 11:18:13 -06:00
Todd C. Miller
879ba68879 Don't set passprompt_override when SUDO_PROMPT is present. 
This effectively reverts ed77d255f383.

We treat the SUDO_PROMPT environment variable similar to passprompt
in sudoers: it will only override a PAM prompt if the PAM prompt
is either "Password:" or "username's Password:".
 2017-07-21 09:07:00 -06:00
Todd C. Miller
d129f306ea Add syslog_pid sudoers option to log sudo's process ID when logging 
via syslog.  This is disabled by default to match historic behavior.
 2017-07-20 16:33:12 -06:00
Todd C. Miller
43cbcbc24d When deciding which prompt to use (PAM's or sudo's) treat the PAM 
prompt "username's Password:" as equivalent to "Password:".
Some PAM modules (on AIX at least) use this prompt.
 2017-07-20 16:06:47 -06:00
Todd C. Miller
5923a28113 Add missing argument to a few of the defaults strings in the 
"sudo -V" output.
 2017-07-20 13:58:54 -06:00
Todd C. Miller
52b25940c6 When examining environment variables or variables passed in from 
the front-end, ignore variables with no value specified.
 2017-07-20 12:02:22 -06:00
Todd C. Miller
6b4d871b14 Document that "-p prompt" overrides SUDO_PROMPT. 2017-07-20 11:44:50 -06:00
Todd C. Miller
37f591d2dd Enable passprompt_override by default if SUDO_PROMPT is present in 
the environment.  This is consistent with how "sudo -p prompt" is
handled.
 2017-07-20 11:40:49 -06:00
Todd C. Miller
1918ec4a55 When reading a single character via a switch() use "default: instead 
of "case 1:" to quiet a coverity warning.
 2017-07-17 14:44:18 -06:00
Todd C. Miller
6509482bfd Initialize ch in getsize_cb() in case we are called with the wrong 
initial state.
 2017-07-17 14:13:08 -06:00
Todd C. Miller
58858513f0 remove unused variable 2017-07-17 14:09:48 -06:00
Todd C. Miller
034132774d Call install_sudoers() even when doedit is false. If a file in a 
#includedir has a syntax error it will still have been edited and
we need to install the edited temp file.
 2017-07-17 09:42:42 -06:00
Todd C. Miller
5bc80d3ddb Reparse sudoers if a new #include file was added. 
Otherwise the new file will not get its syntax checked.
Bug #791
 2017-07-17 09:26:00 -06:00
Todd C. Miller
28fe335017 don't restore the cursor when setting terminal size, we don't want the cursor to move 2017-07-14 14:30:43 -06:00
Todd C. Miller
dbddf1bc36 Read the xterm terminal size using an event so we can easily time 
out if needed.
 2017-07-14 10:10:00 -06:00
Todd C. Miller
7f8765d327 If we free the default base in sudo_ev_base_free(), reset the default 
base to NULL.
 2017-07-14 10:09:58 -06:00
Todd C. Miller
d2a0bfbb12 Add the ability to set a default event base, to be used by plugins 
which don't have access to the event base.
 2017-07-13 13:59:31 -06:00
Todd C. Miller
9a76678317 Allow sudoreplay to adjust the window size on xterm-like terminals. 2017-07-13 11:20:45 -06:00