isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7,394 Commits 1 Branch 0 Tags
088edcb6f53404bf8eebe0162a69ce5870104ed0
Commit Graph

1350 Commits

Author SHA1 Message Date
Todd C. Miller
088edcb6f5 Add exported libsudo_util functions to util.exp and mark in headers 
using __dso_public.
 2014-06-26 15:51:15 -06:00
Todd C. Miller
4d37a4a162 Top level directory reorg 
Move src/po -> po
Combine common and compat -> lib/util
Move zlib -> lib/zlib
 2014-06-26 15:51:02 -06:00
Todd C. Miller
fdda9b109d Fix sssd compiler warnings and fix the sha2 digest support. 2014-06-26 15:50:26 -06:00
Todd C. Miller
b5b75b2d8a Don't call gss_krb5_ccache_name() with a NULL pointer when restoring 
the old credential cache file name.  This can happen if there was
no old name returned by gss_krb5_ccache_name().  Fixes a crash on
kerberized LDAP on some platforms.
 2014-06-17 08:51:41 -06:00
Todd C. Miller
7e24b8e651 Add Greek PO file for sudoers from translationproject.org 2014-06-04 11:43:39 -06:00
Todd C. Miller
9e5a68627f Norwegian Bokmaal translation for sudoers from translationproject.com 2014-05-24 07:35:35 -06:00
Todd C. Miller
b0e6977c35 Try to be clearer about which are the input and output files in 
export mode.
 2014-05-13 15:00:43 -06:00
Todd C. Miller
372e30851f In -x mode, require that the input and output files be different. 
This won't currently catch collisions between the output file
and an include file.
 2014-05-13 14:18:06 -06:00
Todd C. Miller
eb5a367323 BSM and Linux audit do not yet use the argc function argument. 2014-05-13 10:25:43 -06:00
Todd C. Miller
337a712745 Pass argc to audit functions too. Will be needed for Solaris audit 
support.
 2014-05-13 09:41:53 -06:00
Todd C. Miller
ffb07443c3 Do not allow the same callback function to be registered more that 
once in fatal_callback_register().
Add fatal_callback_deregister() to deregister a callback.
 2014-05-12 11:45:17 -06:00
Todd C. Miller
2e3fbaa2c5 Add trivial sudoedit parsing tests. 2014-05-12 09:52:29 -06:00
Todd C. Miller
3c5353c2be Catalan translation for sudoers from translationproject.org. 2014-05-12 09:51:47 -06:00
Todd C. Miller
70f6249764 Sync with translationproject.org 2014-05-10 15:55:03 -06:00
Todd C. Miller
45ff42eb9f Don't try to install the temporary sudoers file if we didn't edit it. 
By default, visudo does not edit files in a #includedir.
Fixes a NULL pointer defef on GNU hurd; Bug #647
 2014-05-09 09:29:42 -06:00
Todd C. Miller
17cbfea8b7 deal with NULL gr_mem here too 2014-05-06 19:32:34 -06:00
Todd C. Miller
b0f1fa7d05 Rename log_warning flags and only send mail if SLOG_SEND_MAIL is 
set instead of mailing by default like we used to.
 2014-05-02 20:54:01 -06:00
Todd C. Miller
954a3e77b1 Add log_warningx 2014-05-02 16:40:30 -06:00
Todd C. Miller
a53946b026 Change return value of switch_dir() to an int so we can distinguish 
between an error and an empty dir in push_includedir().
 2014-05-02 07:57:29 -06:00
Todd C. Miller
480a94d07d Move code to fill in the list of dirs out of switch_dir and into 
its own function.  Quiets a false positive from cppcheck which got
confused due to variable reuse.
 2014-05-02 07:14:06 -06:00
Todd C. Miller
983ab1d163 Avoid unused variable warning if auditing is not supported. 2014-05-02 05:25:57 -06:00
Todd C. Miller
a297a19fb4 Fix library order when linking binaries. 2014-05-01 10:04:09 -06:00
Todd C. Miller
ffbe7d1dae Include limits.h and inttypes.h for SIZE_MAX define. 2014-05-01 09:51:49 -06:00
Todd C. Miller
0a9a8d9562 Move SIZE_MAX compat define into missing.h where it belongs. 2014-05-01 08:38:43 -06:00
Todd C. Miller
cbee9cc8cb Remove now-unused log_fatal() 2014-04-30 17:00:20 -06:00
Todd C. Miller
5086194c67 Eliminate calls to fatal()/fatalx()/log_fatal() in env.c and just 
pass back a return value.
 2014-04-30 16:57:12 -06:00
Todd C. Miller
e45b388a37 Make get_boottime() return bool. 2014-04-28 08:40:32 -06:00
Todd C. Miller
e61af9e6d0 Fix fd leak on Linux when determing boot time. This is usually 
masked by the closefrom() call in sudo.  From Jamie Anderson.
Bug #645
 2014-04-28 08:36:22 -06:00
Todd C. Miller
d3b4326713 Handle the (currently impossible) case where both BSM and Linux 
auditing are supported.  Pacifies cppcheck.
 2014-04-24 11:17:05 -06:00
Todd C. Miller
bd86ced96a Don't call ferror() on a closed stream, just check the return value 
of fclose() instead.  Found by cppcheck.
 2014-04-24 11:12:18 -06:00
Todd C. Miller
e8bb08cc46 Use calloc() instead of malloc(n * s) followed by memset(). 
From Jean-Philippe Ouellet.
 2014-04-22 16:06:04 -06:00
Todd C. Miller
62a278183b Format string safety in error path. 2014-04-22 16:03:57 -06:00
Todd C. Miller
134b2a4228 Rename emalloc2() -> emallocarray() and erealloc3() -> ereallocarray(). 2014-04-22 16:02:28 -06:00
Todd C. Miller
28b564daab Add missing rule for building sha2.lo when not supported by libc or libmd. 2014-04-22 09:18:43 -06:00
Todd C. Miller
b4262391e9 Disable I/O logging for halt and poweroff in addition to reboot in 
commented out example.
 2014-04-15 11:26:01 -06:00
Todd C. Miller
7d91691e1f Use PAM_REINITIALIZE_CRED instead of PAM_ESTABLISH_CRED when 
changing the user.  This is the correct flag to use with
a program that changes the uid like su or sudo and fixes a
role problem on Solaris.  From Gary Winiger; Bug #642
 2014-04-15 07:16:57 -06:00
Todd C. Miller
278a8ba391 pam_setcred should default to true; from Gary Winiger 
Bug #642
 2014-04-15 07:11:29 -06:00
Todd C. Miller
a78da37487 Make set_perms() and restore_perms() return an error instead of 
calling exit() on failure.
 2014-04-10 16:11:47 -06:00
Todd C. Miller
40375a6268 Eliminate calls to fatal() in sudoers.c and just pass back a return 
value.
 2014-04-10 16:03:26 -06:00
Todd C. Miller
a48c00dc31 Elimate calls to fatal() in the logging code. 2014-04-10 16:03:01 -06:00
Todd C. Miller
218aa1e598 Move the sha2 code into libreplace and add configure checks for 
SHA224Update in libc and libmd.  Solaris uses "void *" where we use
"unsigned char *" so we need a check for that too.  Solaris sha2.h
defines SHA224, SHA256, SHA384, and SHA512 so rename those tokens.
Adapted from changes from Vladimir Marek in bug #641.
 2014-04-09 16:31:13 -06:00
Todd C. Miller
27aff732f1 Fix matching of uids and gids broken in sudo 1.8.9. 2014-04-09 10:22:09 -06:00
Todd C. Miller
ecae6b4f9a Fix -P option in usage() 2014-04-09 10:22:07 -06:00
Todd C. Miller
b1cdb3708c Remove a few more unnecessary uses of fatal(). 2014-04-07 19:52:28 -06:00
Todd C. Miller
d702ee9813 Use log_warning() not log_fatal() for the "Invalid authentication 
methods compiled into sudo" message.  We return -1 on error anyway.
 2014-04-07 08:59:48 -06:00
Todd C. Miller
2a290f812e Return MODE_ERROR from sudoers_policy_deserialize_info() instead 
of calling fatalx().
 2014-04-07 05:34:56 -06:00
Todd C. Miller
9b7dfa7522 Remove calls to log_fatal() in I/O log functions and just pass an 
error back to the caller.
 2014-04-04 15:30:12 -06:00
Todd C. Miller
6a295400b7 Make "internal error, %s overflow" arguments consistent, using 
__func__ where possible (when debugging is allowed).
 2014-04-01 16:42:13 -06:00
Todd C. Miller
a1240a5417 Use common printf format when warning of buffer overflow prevention. 2014-03-31 15:58:24 -06:00
Todd C. Miller
7d994b5032 Remove remaining calls to fatalx(); just pass the error to the caller. 2014-03-31 15:43:52 -06:00