isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
11,089 Commits 1 Branch 0 Tags
0aedc965f88a08912eae945cd6cb15ca4f8faae2
Commit Graph

227 Commits

Author SHA1 Message Date
Todd C. Miller
5c13889f26 Use sudoers.so args from sudo.conf to set sudoers_file, sudoers_uid, 
sudoers_gid, and sudoers_mode in visudo.
 2014-11-10 20:12:47 -07:00
Todd C. Miller
9d4589abd0 Use sudoers_file, sudoers_uid, sudoers_gid, and sudoers_mode 
symbols from toke.l instead of the upper case defines.
 2014-11-10 15:23:51 -07:00
Todd C. Miller
9d6e1a57d5 Add sudoers_debug_deregister() and use it instead of calling 
sudo_debug_deregister() directly.
 2014-10-27 16:06:20 -06:00
Todd C. Miller
6b1b734ffa Add a flag argument to sudo_conf_read() so we can decide which 
bits get parsed.  This lets us parse Debug statements first and
init the debug subsystem early.
 2014-10-26 08:33:08 -06:00
Todd C. Miller
fe9e035ccf Set debug instance for standalone programs. 2014-10-23 09:40:36 -06:00
Todd C. Miller
8db5f29398 sudoers_debug_instance is now included in libparsesudoers so we don't 
need to declare it here.
 2014-10-23 06:19:30 -06:00
Todd C. Miller
e9914a91b1 The sudoers plugin now defines its own list of debugging subsystem names 
and defines.
 2014-10-22 13:30:52 -06:00
Todd C. Miller
866cfc4fc3 Add support for multiple Debug lines per program. Callers may 
register arbitrary debug facilities or use built-in defaults.  We
now use separate Debug statements for plugins and programs.
 2014-10-22 13:23:05 -06:00
Todd C. Miller
e64f1198b6 An unused alias is not really an error, even in strict mode. 
RedHat bz #604297
 2014-07-12 07:30:18 -06:00
Todd C. Miller
36a5767e3e efree -> sudo_efree for consistency 2014-07-10 15:35:04 -06:00
Todd C. Miller
2d61d38c23 Add sudo_ prefix to alloc.c functions and rename alloc.h -> sudo_alloc.h 2014-06-27 10:48:31 -06:00
Todd C. Miller
aecef4aa1d Rename warning/fatal -> sudo_warn/sudo_fatal to avoid namespace 
pollution in libsudo_util.so.
 2014-06-27 09:30:52 -06:00
Todd C. Miller
f029e3e744 Remove touch() from fileops.c and just call utimes/futimes directly. 
Rename lock_file -> sudo_lock_file to avoid namespace pollution
 2014-06-26 15:51:15 -06:00
Todd C. Miller
088edcb6f5 Add exported libsudo_util functions to util.exp and mark in headers 
using __dso_public.
 2014-06-26 15:51:15 -06:00
Todd C. Miller
b0e6977c35 Try to be clearer about which are the input and output files in 
export mode.
 2014-05-13 15:00:43 -06:00
Todd C. Miller
45ff42eb9f Don't try to install the temporary sudoers file if we didn't edit it. 
By default, visudo does not edit files in a #includedir.
Fixes a NULL pointer defef on GNU hurd; Bug #647
 2014-05-09 09:29:42 -06:00
Todd C. Miller
134b2a4228 Rename emalloc2() -> emallocarray() and erealloc3() -> ereallocarray(). 2014-04-22 16:02:28 -06:00
Todd C. Miller
12a1b672c0 We must include gettext.h before missing.h as it includes system 
headers.  Also add missing DEFAULT_TEXT_DOMAIN defines in sudoers
audit code that does not include sudoers.h.
 2014-02-11 09:40:59 -07:00
Todd C. Miller
b813c4de48 Use sudo_timeval macros and remove compat macros from missing.h 2014-01-30 15:51:59 -07:00
Todd C. Miller
a6e1766dd6 Fix typo; we want setlocale(LC_ALL, "") since we are setting the 
locale for the first time.
 2013-12-28 07:59:45 -07:00
Todd C. Miller
91db1efe91 Use sudoers_initlocale() in main() startup, not sudoers_setlocal() 
as the latter assumes we are already in the user's locale which may
not be the case.  For sudoreplay, we can just use setlocale()
directly as there is no sudoers locale.
 2013-12-27 06:50:06 -07:00
Todd C. Miller
68f6e23b07 Change visudo -x to take a file name argument, which may be '-' to 
write the exported sudoers file to stdout.
 2013-12-16 14:32:42 -07:00
Todd C. Miller
b2c456341a Move symbol extern defs into sudoers.h 2013-12-16 14:18:42 -07:00
Todd C. Miller
0d81263e26 Instead of setprogname(), add initprogname() which gets the program 
name for getprogname() using /proc or pstat() if possible.
 2013-12-01 19:12:21 -07:00
Todd C. Miller
188e921560 Add missing newline in help message after export option. 2013-11-28 06:08:08 -07:00
Todd C. Miller
96eb2c4f8f Add warning_gettext() wrapper function that changes to the user locale, 
then calls gettext().
Add U_ macro that calls warning_gettext() instead of gettext().
Rename warning2()/error2() back to warning_nodebug()/error_nodebug().
 2013-11-18 08:59:57 -07:00
Todd C. Miller
99b7351de0 Fix some #if vs. #ifdef and remove an extraneous semicolon. 
Bug #624; from Daniel Richard G.
 2013-11-17 16:15:36 -07:00
Todd C. Miller
6d8b078e2b Add support to visudo to export sudoers in JSON format. 2013-11-15 15:11:55 -07:00
Todd C. Miller
b38d253e98 Add "headless" tail queues and use them in place of the semi-circular 
lists in sudoers.  Once the headless tail queue is built up it is
converted to a normal TAILQ.  This removes the last consumer of
list.c and list.h so those can now be removed.
 2013-10-22 09:08:38 -06:00
Todd C. Miller
f85106ea67 Use SLIST and STAILQ macros instead of doing headless singly linked 
lists manually.  As a bonus we now use a tail queue for ldap.c and
sudoreplay.c.
 2013-10-22 09:08:09 -06:00
Todd C. Miller
923edabe6c Convert sudo to use BSD TAILQ macros instead of home ground tail 
queue functions.  This includes a private queue.h header derived
from FreeBSD.  It is simpler to just use our own header rather than
try to deal with macros that may or may not be present in various
queue.h incarnations.
 2013-10-22 09:00:37 -06:00
Todd C. Miller
020fb00948 When checking for unused Runas_Aliases, count those used as part 
of a Runas Group too.  Fixes a false positive warning.
 2013-10-04 16:22:25 -06:00
Todd C. Miller
de566ac2ce Fix setting of quiet flag when -q / --quiet is specified. 
Do not print "sudoers: parsed OK" in quiet mode.
 2013-08-26 14:40:25 -06:00
Todd C. Miller
bd589f2342 Quiet some gcc -Wformat=2 false positives 2013-08-19 06:39:33 -06:00
Todd C. Miller
acac6ae2a8 Use lower case for the long option arguments to match the manual. 
This is inconsistent with GNU but it is better to match the sudo
documentation.
 2013-08-16 10:17:47 -06:00
Todd C. Miller
ea65c82b66 Initialize user_runhost and user_srunhost to user_host and user_shost 
in visudo and testsudoers.
 2013-08-15 14:26:51 -06:00
Todd C. Miller
8b1d645534 Simplify usage messages a bit and make --help output more closely 
resemble GNU usage wrt long options.  Sync usage and man page
SYNOPSYS sections and improve long options in the manual pages.
Now that we have long options we don't need to give the mnemonic
for the single-character options in the description.
 2013-08-14 10:30:51 -06:00
Todd C. Miller
1f3ea50afd Implement memset_s() and use it instead of zero_bytes(). 
A new constant, SUDO_CONV_REPL_MAX, is defined by the plugin
API as the max conversation reply length.  This constant can be
used as a max value for memset_s() when clearing passwords
filled in by the conversation function.
 2013-08-03 08:30:06 -06:00
Todd C. Miller
39575aecf2 Long option support for visudo and sudoreplay. 2013-07-19 09:42:25 -06:00
Todd C. Miller
ab61c02546 Replace sequence number-based cycle detection in visudo with a 
"used" flag in struct alias.  The caller is required to call
alias_put() when it is done with the alias.  Inspired by a patch
from Daniel Kopecek.
 2013-05-22 11:32:08 -04:00
Todd C. Miller
368a6558ca Change some error/errorx -> fatal/fatalx in comments and xgettext 
flags.
 2013-04-26 16:06:05 -04:00
Todd C. Miller
50bdd5f131 Clear up an llvm checker warning which appears to be a false positive 
and fix an old XXX while I'm at it.
 2013-04-24 11:55:21 -04:00
Todd C. Miller
d6282d154a Update copyright years. 2013-04-24 09:35:02 -04:00
Todd C. Miller
39acd2fcba Rename error/errorx -> fatal/fatalx and remove the exit value as 
it was always 1.
 2013-04-18 14:07:59 -04:00
Todd C. Miller
328994740e Only warn once when we are unable to open the sudoers file. 2013-04-01 11:23:29 -04:00
Todd C. Miller
0c40e82c16 Add simple regress tests for sudo.conf parsing. 2013-02-15 14:42:10 -05:00
Todd C. Miller
6fe6ccb048 Fix potential stack overflow due to infinite recursion in alias 
cycle detection.  From Daniel Kopecek.
 2013-01-23 07:52:09 -05:00
Todd C. Miller
1d7072fe09 Don't include <sys/param.h>. We only needed it for MAXPATHLEN, 
MAXHOSTNAMELEN and the MIN/MAX macros.  We now use PATH_MAX and
HOST_NAME_MAX throughout without falling back on MAXPATHLEN or
MAXHOSTNAMELEN and define our own MIN/MAX macros as needed.
 2012-12-04 10:40:47 -05:00
Todd C. Miller
3c9da162e4 Use MAX_HOST_NAME+1 (limits.h) instead of MAXHOSTNAMELEN (sys/param.h 
or netdb.h).
 2012-12-04 10:18:41 -05:00
Todd C. Miller
2632ec7e69 Move warn/error into common and make static builds work. 2012-11-25 09:34:40 -05:00