isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
12,726 Commits 1 Branch 0 Tags
0f40753d46bfd704869e77d25c765a81ff1e3457
Commit Graph

1666 Commits

Author SHA1 Message Date
Todd C. Miller
413c2accd9 sync with translationproject.org 2012-03-24 13:38:38 -04:00
Todd C. Miller
2569f943dc sync with translationproject.org 2012-03-20 14:38:30 -04:00
Todd C. Miller
e0e81674c8 sync with translationproject.org 2012-03-19 11:25:07 -04:00
Todd C. Miller
55d1a1a79d Use ecalloc() when allocating structs. 2012-03-19 11:24:24 -04:00
Todd C. Miller
9eeacad6d9 sync with translationproject.org 2012-03-18 12:47:27 -04:00
Todd C. Miller
96f046c1ce Rename plugin "args" to "options" 2012-03-15 12:32:31 -04:00
Todd C. Miller
1234d08c98 regen 2012-03-15 09:19:28 -04:00
Todd C. Miller
6d10909949 Pass a pointer to user_env in to the init_session policy plugin 
function so session setup can modify the user environment as needed.
For PAM authentication, merge the PAM environment with the user
environment at init_session time.  We no longer need to swap in the
user_env for environ during session init, nor do we need to disable
the env hooks at init_session time.
 2012-03-15 09:18:36 -04:00
Todd C. Miller
b3da8ccd89 Include sudo_exec.h for the sudo_execve() prototype. 2012-03-14 21:52:31 -04:00
Todd C. Miller
c3ea638b34 regen 2012-03-14 14:20:55 -04:00
Todd C. Miller
dc727ff6d4 Fix compilation when seteuid() is not available. 2012-03-12 13:52:51 -04:00
Todd C. Miller
4bd136e11a Simply move the free of ki_proc outside the realloc() loop. 2012-03-12 11:37:33 -04:00
Todd C. Miller
1ca5009563 Bring back the erealloc() for the ENOMEM loop and just zero the 
pointer after we free it.
 2012-03-12 10:49:26 -04:00
Todd C. Miller
9052833f76 Don't try to erealloc() a potentially freed pointer; Mateusz Guzik 2012-03-12 08:54:40 -04:00
Todd C. Miller
f745a041e2 Fix format string warning on Solaris with gcc 3.4.3. 2012-03-09 12:45:24 -05:00
Todd C. Miller
4d1752d4d1 Always declare environ now that we swap it around unilaterally. 2012-03-09 12:42:30 -05:00
Todd C. Miller
b455bccc5e Honor LDFLAGS when linking sesh; from Vita Cizek 2012-03-09 10:07:00 -05:00
Todd C. Miller
f5f3d4cf3f Include alloc.h for estrdup() prototype; from Vita Cizek 2012-03-09 10:06:27 -05:00
Todd C. Miller
20a7633a3f Disable environment hooks after we get user_env back to make sure 
a plugin can't to modify user_env after we "own" it.  This is kind
of a hack but we don't want the init_session plugin function to
modify user_env.
 2012-03-08 11:30:21 -05:00
Todd C. Miller
9b58120c36 Add support for deregistering hooks. If an I/O log plugin fails 
to initialize, deregister its hooks (if any).
 2012-03-08 11:29:32 -05:00
Todd C. Miller
d4a3a5d8b9 Move LOGIN_PATH and LOGIN_SETENV handling to plugin now that we 
hook setenv.
 2012-03-07 16:38:57 -05:00
Todd C. Miller
37770ecf1e Initial cut at a hooks implementation. The plugin can register 
hooks for getenv, putenv, setenv and unsetenv.  This makes it
possible for the plugin to trap changes to the environment made by
authentication methods such as PAM or BSD auth so that such changes
are reflected in the environment passed back to sudo for execve().
 2012-03-07 16:35:42 -05:00
Todd C. Miller
1504256134 Add Vietnamese sudo translation from translationproject.org 2012-03-05 09:42:52 -05:00
Todd C. Miller
a16dee915b Add support for plugin args at the end of a Plugin line in sudo.conf. 
Bump the minor number accordingly and update the documentation.  A
plugin must check the sudo front end's version before using the
plugin_args parameter since it is only supported for API version
1.2 and higher.
 2012-03-02 11:04:09 -05:00
Todd C. Miller
966fa83a9a Prefer KERN_PROC2 over KERN_PROC. Fixes compilation on some versions 
of OpenBSD versions that have KERN_PROC2 but not KERN_PROC.
 2012-02-28 10:33:16 -05:00
Todd C. Miller
6a37b4bf73 Fix typo in safe_close() made while converting to debug framework 
that prevented it from actually closing anything.
 2012-02-27 14:46:11 -05:00
Todd C. Miller
cc97c2e75c Add some more debugging. 2012-02-27 14:42:22 -05:00
Todd C. Miller
22f4f10a3a Check for LD_PRELOAD variants in configure instead of checkign cpp 
symbols.  In disable_execute(), compute the length of the new envp
and allocate it once instead of reallocating on demand.  Also append
old value of LD_PRELOAD (if any) to the new value.
 2012-02-21 13:26:02 -05:00
Todd C. Miller
dfaf443687 regen 2012-02-16 17:03:46 -05:00
Todd C. Miller
dfbd6e429b Got back to using "install-sh -M" for files installed as non-readable 
by owner.  This fixes "make install" as non-root for package building.
 2012-02-10 11:31:54 -05:00
Todd C. Miller
cb66fc6f10 Use -m not -M for install-sh for everything except setuid. 
Install locale .mo files mode 0444, not 0644.
If timedir parent doesn't exist, use default dir mode, not 0700.
 2012-02-09 11:11:58 -05:00
Todd C. Miller
c4d3f289f3 No longer need to define _PATH_SUDO_CONF here. 2012-02-07 11:45:11 -05:00
Todd C. Miller
cd0e10e1b7 Fix noexec for Mac OS X. 2012-02-07 00:18:08 -05:00
Todd C. Miller
8dd16b63d2 regen 2012-02-06 13:40:24 -05:00
Todd C. Miller
c6ef580100 Set real uid to root before calling sudo_edit() or run_command() 
so that the monitor process is owned by root and not by the user.
Otherwise, on AIX at least, the monitor process shows up in ps as
belonging to the user (and can be killed by the user).
 2012-02-06 13:33:46 -05:00
Todd C. Miller
8c1d8a7b15 Make a copy of the struct passwd in exec_setup() to make sure nothing 
in the policy init modifies it.
 2012-02-06 10:56:39 -05:00
Todd C. Miller
c970d464cb Normally, sudo disables core dumps while it is running. This 
behavior can now be modified at run time with a line in sudo.conf
like "Set disable_coredumps false"
 2012-02-03 14:57:03 -05:00
Todd C. Miller
2a2d2c4cd5 Add sudo Spanish translation from translationproject.org 2012-02-03 09:15:14 -05:00
Todd C. Miller
f5f9aadccc Remove duplicate function prototypes 2012-02-02 11:28:19 -05:00
Todd C. Miller
ca4a338c45 Fix potential off-by-one when making a copy of the environment for 
LD_PRELOAD insertion.  Fixes bug #534
 2012-01-30 13:49:24 -05:00
Todd C. Miller
f3f986c75d regen 2012-01-29 14:48:20 -05:00
Todd C. Miller
1877c455d1 The change in 818e82ecbbfc that caused to exit when the monitor 
dies created a race condition between the monitor exiting and the
status being read.  All we really want to do is make sure that
select() notifies us that there is a status change when the monitor
dies unexpectedly so shutdown the socketpair connected to the monitor
for writing when it dies.  That way we can still read the status
that is pending on the socket and select() on Linux will tell us
that the fd is ready.
 2012-01-25 16:29:08 -05:00
Todd C. Miller
d11e7febbc Refactor disable_execute() and my_execve() into exec_common.c for 
use by sesh.c.  This fixes NOEXEC when SELinux is used.  Instead
of disabling exec in exec_setup(), disable it immediately before
executing the command.  Adapted from a diff by Arno Schuring.
 2012-01-25 14:58:02 -05:00
Todd C. Miller
66a66729af When setting up the execution environment, set groups before gid/egid 
like sudo 1.7 did.
 2012-01-19 12:55:23 -05:00
Todd C. Miller
2fd77381a1 When not logging I/O, use a signal handler that only forwards SIGINT, 
SIGQUIT and SIGHUP when they are user-generated signals.  Fixes a
race in the non-I/O logging path where the command may receive two
keyboard-generated signals; one from the kernel and one from the
sudo process.
 2012-01-17 10:27:33 -05:00
Todd C. Miller
97cecaf6eb Back out change that put the command in its own pgrp when not logging 
I/O.  It causes problems with pipelines.
 2012-01-17 10:25:44 -05:00
Todd C. Miller
ee0fb36d8b regen dependencies 2012-01-13 06:02:17 -05:00
Todd C. Miller
106bbebba7 Move tty name lookup code to its own file. 2012-01-13 06:01:58 -05:00
Todd C. Miller
1c038be413 Add a check for devname() returning a fully-qualified pathname. 
None of the devname() implementations do this today but you never
know when this might change.
 2012-01-12 07:50:40 -05:00
Todd C. Miller
f05de3f3f1 The device name returned by devname() does not include the /dev/ 
prefix so we need to add it ourselves.
 2012-01-11 15:38:18 -05:00