changable at runtime (and on a global, per-host and per-user basis).
Both the names and the internal representation are still subject to change.
It was necessary to make sudo_user.runas but a char ** instead of a
char * since this value can be changed by a Defaults line. There is a
similar (but more complicated) issue with sudo_user.prompt but it
is handled differently at the moment.
Add a "-L" flag to list the name of options with their descriptions. This
may only be temporary.
Move some prototypes to parse.h
Be much less restrictive on what is allowed for a username.
stored with the contents. This could lead to incorrect output
if the sudoers file had different alias types with the same name.
Normal parsing (ie: not in '-l' mode) is unaffected.
o real dependencies in the Makefile
o --with-devel option to enable yacc, lex, and -Wall
o style -- "foo -> bar" becomes "foo->bar"
o ALL goes back to being a token, not a string but don't leak memory
o rename hsotspec -> host in parse.yacc
where an alias may be used before it is defined. Only turned on for visudo
and testsudoers.
o Add --disable-authentication option that makes sudo not require
authentication by default. The PASSWD tag can be used to require
authentication for an entry. We no longer overload --without-passwd.
o find_alias() now returns an aliasinfo * instead of boolean
o add_alias() now takes a value parameter to store in the aliasinfo.val
o The cmnd, hostspec, runasuser, and user rules now return:
1) positive match
0) negative match (due to '!')
-1) no match
This means setting $$ explicitly in all cases, which I should have done in
the first place. It also means that we always store a value that is != -1
and when we see a '!' we can set *_matches to !rv if rv != -1.
The upshot of all of this is that '!' now works the way it should in
lists and some of the rules are more uniform and sensible.
o Add shortcut macros for append() to make things more readable.
o The separator in append() is now a string instead of a char.
o In append(), only prepend the separator if the last char is not a '!'.
This is a hack but it greatly simplifies '!' handling.
o In -l mode, Runas lists and NOPASSWD/PASSWD tags are now inherited
across entries in a list (matches current behavior).
o Fix formatting in -l mode such that items in a list are separated by
a space. Greatlt improves readability.
o Space for name field in struct aliasinfo is now allocated dyanically
instead of using a (big) buffer.
o In add_alias(), only search the list once (lsearch instead of lfind + lsearch)
It turns out the old DES crypt does the right thing with passwords
longert than 8 characters.
o Fix common typo (necesary -> necessary)
o Update TODO list
but the NOPASSWD flag was set.
Make runasspec, runaslist, runasuser, and nopasswd typeless in parse.yacc
Add support for '!' in the runas list
Fix double printing of '%' and '+' for groups and netgroups respectively
Add *_matched macros (no need for local stack variable). Should only be
used directly after a pop (since top must be >= 2).
