isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
11,939 Commits 1 Branch 0 Tags
096eacb21c5cd3f789f69d77e0ee68987c63b41c
Commit Graph

11939 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
d744271a63 Make it clear that runas_default sets the default user for Runas_Spec. 
Also use mention runas_default in other parts of the manual, use
@runas_default@ instead of root and add markup around user names.
GitHub issue #186.
 2022-10-20 08:08:48 -06:00
Todd C. Miller
3ca21f9506 Fix a typo, muti-arch -> multi-arch 
GitHub issue #185
 2022-10-20 06:57:37 -06:00
Todd C. Miller
82db62ec6b Mention log_servers eventlog fix. 2022-10-19 19:03:00 -06:00
Todd C. Miller
e7db62f645 Don't NULL out the plugin close function when logging to a log server. 
If sudo calls execve(2) directly the accept info will not be sent.
We also need the sudo front-end to wait until the command finishes
to send the exit status.
 2022-10-19 17:05:36 -06:00
Todd C. Miller
d251dfd554 Fix numbering in "Simple sudo installation" 2022-10-17 15:51:38 -06:00
Todd C. Miller
5c5ff3fdaa zlib 1.2.13 update 2022-10-14 12:38:29 -06:00
Todd C. Miller
5dbb8ac6e4 Updated translations from translationproject.org 2022-10-14 12:37:20 -06:00
Todd C. Miller
6185c4f84b Don't define _LARGEFILE64_SOURCE or _LFS64_LARGEFILE. 
We don't need them and the missing prototype for crc32_combine_gen64()
issue has been fixed upstream.
 2022-10-14 08:13:35 -06:00
Todd C. Miller
51a1a7d63f Update embedded copy of zlib to version 1.2.13. Fixes CVE-2022-37434. 2022-10-13 17:04:24 -06:00
Todd C. Miller
0be0757d64 Add fchownat() for systems without it. 2022-10-13 15:10:40 -06:00
Todd C. Miller
23e1d32934 Update NEWS for 1.9.12. 2022-10-10 09:13:36 -06:00
Todd C. Miller
3b205bc412 Update .pot files for 1.9.12 2022-10-10 09:13:22 -06:00
Todd C. Miller
3bdb585481 Use getopt() and getopt_long() for sesh command line options. 2022-10-10 09:12:48 -06:00
Todd C. Miller
8d5e59c8a8 Update the description of intercept_verify 2022-10-10 09:12:47 -06:00
Todd C. Miller
fbd8de0276 Silence a warning from the Solaris Studio compiler. 2022-10-07 11:22:58 -06:00
Todd C. Miller
57b5ff8e8c Avoid a -Wshadow warning on Solaris 9. 2022-10-07 11:00:17 -06:00
Todd C. Miller
0eb136d65c Fix a build error on Solaris 9. 2022-10-07 09:28:27 -06:00
Todd C. Miller
af83e3c10f Fix display of command tags and options in "sudo -l" when RunAs changes. 
A new line is started when RunAs changes which means we need to display
the command tags and options again.  GitHub issue #184
 2022-10-06 16:29:54 -06:00
Todd C. Miller
6a0f7ccc41 Fix printing of MYSELF when listing another user's privileges. 
We need to use list_pw if it is set instead of user_name.
GitHub issue #183
 2022-10-06 15:02:09 -06:00
Todd C. Miller
282d13532b Update NEWS file with recent changes. 2022-10-06 13:40:00 -06:00
Todd C. Miller
7e20e4b80f Apply multiarch rules when loading plugins too. 2022-10-06 12:46:38 -06:00
Todd C. Miller
0b506a2d07 sudo_dso_load: try multi-arch on Linux if we can't load the path. 
For example, if loading /usr/lib/libsss_sudo.so fails, try again
with /usr/lib/x86_64-linux-gnu/libsss_sudo.so.
 2022-10-05 15:26:14 -06:00
Todd C. Miller
b37bf44cdd Add test for sudo open_parent_dir() 2022-10-05 12:36:14 -06:00
Todd C. Miller
2e2dd48bef Add test for matching a literal "" command line argument as "" in sudoers. 
GitHub issue #182.
 2022-10-05 10:10:31 -06:00
Todd C. Miller
fa952bfbb7 Add -I flag to disable editing include files unless there is an error. 
This can be used when you only want to edit a single sudoers file
unless there is a pre-existing syntax error.
 2022-10-04 16:11:45 -06:00
Todd C. Miller
575200e734 Do not match a literal "" command line argument as "" in sudoers. 
If the empty string is specified in sudoers, no user args are allowed.
GitHub issue #182.
 2022-10-04 13:37:32 -06:00
Todd C. Miller
3940020c94 sudo_secure_open_{file,dir}: always check thatreturn value is not -1. 
Avoids false positives from static analyzers that can't figure out
that the fd is always valid when error is SUDO_PATH_SECURE.
 2022-10-04 09:33:44 -06:00
Todd C. Miller
59765dd360 Correct return value when mkdtempat() fails. 2022-10-04 09:01:44 -06:00
Todd C. Miller
719b7f933f sudo_open_parent_dir: stop before creating the last path component 
Fix a regression introduced in sudo 1.9.9 where the entire directory
path was created instead of just the parent directory.
 2022-10-04 08:51:36 -06:00
Todd C. Miller
371b974e07 Use "hg log --template" instead of "hg log --style". 2022-10-01 16:59:07 -06:00
Todd C. Miller
afaeb0ed57 Mark code that escapes/unescapes "sudo -s cmd args..." for removal. 
A future version of the plugin API will defer any such escaping
to the policy plugin so it can be configurable.
 2022-09-29 13:43:20 -06:00
Todd C. Miller
63efad271a Update with recent changes. 2022-09-29 11:16:21 -06:00
Todd C. Miller
6cd99d0b71 Improve the description of JSON output. 2022-09-29 10:52:32 -06:00
Todd C. Miller
d2a13a8154 Fix typos found by codespell 2.2.1. 2022-09-28 16:39:19 -06:00
Todd C. Miller
166e0e13bc Change max user-ID and group-ID from INT_MAX to UINT_MAX. 2022-09-28 09:06:32 -06:00
Todd C. Miller
865d3cd0bb Add support for NumberList stored in an InfoMessage. 2022-09-28 09:05:29 -06:00
Todd C. Miller
e6f2ad0ed6 Add missing NULL checks for mandatory fields in protobuf messages. 
Also no longer reject an InfoMessage with an unknown value_case,
just log and ignore it.
 2022-09-28 08:47:25 -06:00
Todd C. Miller
9150423676 Don't send ttyname to log server if it is NULL. 
Otherwise the log server will reject the AcceptMessage because a
NULL string is not allowed.
 2022-09-27 15:30:02 -06:00
Todd C. Miller
cf95f8d5ae HP-UX has struct winsize in termios.h. 2022-09-27 14:57:56 -06:00
Todd C. Miller
f360a8006c Regen dependencies 2022-09-27 14:16:03 -06:00
Todd C. Miller
87b7209ebb Add support for logging stdin/stdout/stderr in the non-pty exec path. 
If we are logging I/O but not terminal input/output (either because
no terminal is present or because that is what the plugin requested),
the non-pty exec path is now taken.
 2022-09-27 13:46:55 -06:00
Todd C. Miller
803b4939be Move exec code to call into I/O log plugin to exec_iolog.c. 
This will be shared with exec_nopty.c in the future to log
stdin/stdout/stderr without running the command in a pty.
Both exec_pty.c and exec_nopty.c now use the same closure.
 2022-09-27 13:35:45 -06:00
Todd C. Miller
3ca9220e50 Implement find_spec, not the deprecated find_module. 
Fixes a test failure due to find_module having removed from setuptools.
 2022-09-27 09:03:33 -06:00
Todd C. Miller
e66f34d250 copy_arg: fix copying an escaped backslash 
GitHub issue #179
 2022-09-23 12:30:51 -06:00
Todd C. Miller
d37710b0f6 Use mkdtempat_np() and mkostempsat_np() on macOS 2022-09-22 11:34:00 -06:00
Todd C. Miller
9d654482b2 Convert remaining uses of sudo_mkdir_parents() to sudo_open_parent_dir(). 2022-09-21 19:08:15 -06:00
Todd C. Miller
376d18b5da Add fchownat() systems without it. 2022-09-21 19:08:12 -06:00
Todd C. Miller
86c108b50b Add mkdtempat() and mkostempsat() for systems without them. 2022-09-21 19:08:11 -06:00
Todd C. Miller
88ac5e09b6 Use sudo_secure_open_file() instead of sudo_secure_file() where possible. 
Both sudo_secure_open_file() and sudo_secure_open_dir() are now passed
a struct stat pointer like sudo_secure_file() and sudo_secure_dir().
 2022-09-21 19:08:10 -06:00
Todd C. Miller
cbd52e705c Fix potential TOCTOU when creating time stamp directory and file. 2022-09-21 19:08:09 -06:00