isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,968 Commits 1 Branch 0 Tags
1624e8987a7bb27d0befe7cc6938f15c54255e93
Commit Graph

350 Commits

Author SHA1 Message Date
Todd C. Miller
1624e8987a French translation for sudo from translationproject.org. 2013-08-18 14:25:04 -06:00
Todd C. Miller
87ec2dd6e1 Describe how remote command execution can be implemented. 2013-08-16 09:31:46 -06:00
Todd C. Miller
f76bd772ed Bump version. 2013-08-16 09:30:50 -06:00
Todd C. Miller
d0e3867587 Add limited support for "sudo -l -h other_host". Since group lookups 
are done on the local host, rules that use group membership may be
incorrect if the group database is not synchronized between hosts.
 2013-08-14 13:49:14 -06:00
Todd C. Miller
8b1d645534 Simplify usage messages a bit and make --help output more closely 
resemble GNU usage wrt long options.  Sync usage and man page
SYNOPSYS sections and improve long options in the manual pages.
Now that we have long options we don't need to give the mnemonic
for the single-character options in the description.
 2013-08-14 10:30:51 -06:00
Todd C. Miller
d9fd6281e4 Allow default plugin dir to be configured in sudo.conf. 2013-08-13 12:24:28 -06:00
Todd C. Miller
d10641cdbb UTF8 for Ruusamae, Elan; from Tae Wong 2013-08-13 10:37:52 -06:00
Todd C. Miller
9b2fb418ca Don't allow max_groups to be set to zero, it just complicates things 
needlessly.  Fixes an assertion in visudo when there is a group-based
Defaults entry.
 2013-08-12 09:14:38 -06:00
Todd C. Miller
03fc668e5a More UTF8 in names; from Tae Wong 2013-08-07 16:07:14 -06:00
Todd C. Miller
30adf33eaf Convert to last, first for easier sorting and use UTF8 (including a 
BOM).
 2013-08-07 14:14:05 -06:00
Todd C. Miller
3898f5d7ff Add pam_setcred sudoers option to allow the user to control whether 
pam_setcred() is called on the user's behalf.
 2013-08-06 14:44:21 -06:00
Todd C. Miller
52954481e1 Add pam_service and pam_login_service sudoers settings to control 
the service name passed to pam_start.
 2013-08-06 11:01:36 -06:00
Todd C. Miller
1f3ea50afd Implement memset_s() and use it instead of zero_bytes(). 
A new constant, SUDO_CONV_REPL_MAX, is defined by the plugin
API as the max conversation reply length.  This constant can be
used as a max value for memset_s() when clearing passwords
filled in by the conversation function.
 2013-08-03 08:30:06 -06:00
Todd C. Miller
39575aecf2 Long option support for visudo and sudoreplay. 2013-07-19 09:42:25 -06:00
Todd C. Miller
6e56e6d8c8 Add support for long options and fix inclusion of sudo_usage.h with 
modern gcc broken in 8597:1fcb7ba13018.
 2013-07-18 16:51:56 -06:00
Todd C. Miller
9309c9eab7 Use getopt_long() so we can make the -h flag take an optional argument. 
Includes a version for those without it.
 2013-07-17 17:00:55 -06:00
Todd C. Miller
29908cb6df Document that the -h option can be used specify a host name for future 
plugins.
 2013-07-16 16:31:59 -06:00
Todd C. Miller
1d20a0ab63 Document the remote_host setting (-h host) 2013-07-16 16:21:14 -06:00
Todd C. Miller
ba615bd58f fix "the the" 2013-07-16 16:18:14 -06:00
Todd C. Miller
e53e80187d Sync with translationproject.org 2013-07-16 07:32:57 -06:00
Todd C. Miller
adce34358c Remove old bits about sudo setuid problems that should have been 
cleaned up in changeset 7917:fa4894896d8a.  Also update the mode
of sudo to 04755 to match current packaging.
 2013-07-11 17:57:40 -04:00
Todd C. Miller
bf9d823c27 Fix formatting typo; from Eric S. Raymond 2013-06-18 06:39:02 -04:00
Todd C. Miller
e8046e4be8 Fix typo; bug 605 2013-06-12 09:15:11 -04:00
Todd C. Miller
67d8af4be5 Restrict default creation of PIE binaries (-fPIE and -pie) to Linux. 
OpenBSD also supports PIE but enables it by default so we don't
need to do anything.  This fixes problems on systems with a version
of GNU ld that accepts -pie but where the run-time linker doesn't
actually support PIE.  Also verify that a trivial PIE binary works
unless PIE is explicitly enabled.
 2013-05-28 14:40:45 -04:00
Todd C. Miller
2dd71e838a Add message about disabling PIE if sudo gets SIGSEGV. 2013-05-03 16:24:22 -04:00
Todd C. Miller
874d84f263 Mention what SHA-2 formats are supported. 2013-04-30 11:44:01 -04:00
Todd C. Miller
61c0a24c85 List code and translations separately. 2013-04-30 11:07:06 -04:00
Todd C. Miller
7c9aaa2f2f Document that sudoers will re-use existing I/O log paths unless 
they are mktemp-style with trailing X's.
 2013-04-25 15:11:06 -04:00
Todd C. Miller
fa6c857112 Allow ldap_conf and ldap_secret to be specified as plugin arguments 
in sudo.conf
 2013-04-25 14:49:02 -04:00
Todd C. Miller
67dad9a83c sudoers_debug is now deprecated in favor of the sudo debugging 
framework.
 2013-04-25 10:22:11 -04:00
Todd C. Miller
e05d2732aa Add copyright notice to scripts 2013-04-24 15:47:39 -04:00
Todd C. Miller
7ab68a35d8 Correct last change date 2013-04-24 11:14:06 -04:00
Todd C. Miller
ad019da9ef Mention .sl vs. .so extension handling on HP-UX 
Mention group membership changes
Fix typos
 2013-04-24 11:08:38 -04:00
Todd C. Miller
d6282d154a Update copyright years. 2013-04-24 09:35:02 -04:00
Todd C. Miller
ed6d6963de Document digest support. 2013-04-17 15:42:28 -04:00
Todd C. Miller
1aa4903520 SHA-224, SHA-256, SHA-384 and SHA-512. Derived from the public 
domain SHA-1 and SHA-2 implementations by Steve Reid and Wei Dai
respectively.
 2013-04-13 07:05:06 -04:00
Todd C. Miller
1614c3cad1 Document sesh Path setting. 2013-03-14 20:13:54 -04:00
Todd C. Miller
2e84f169cc Document direct execution of the command if the policy plugin has 
no close function.
 2013-03-13 11:32:31 -04:00
Todd C. Miller
7d3ce01a05 Document group_file and system_group plugins. 2013-03-05 16:38:35 -05:00
Todd C. Miller
8397297de5 Try to clarify that sudoedit in sudoers should not include a 
leading pathname.
 2013-03-05 15:06:00 -05:00
Todd C. Miller
3e68433839 Clean up generated test files and other minor housekeeping. 2013-02-28 09:49:09 -05:00
Todd C. Miller
af2d4dbfb2 Don't remove the -S option description when trimming out selinux. 
Bug #592
 2013-02-28 06:03:36 -05:00
Todd C. Miller
30f63386d8 Document when sudo may exec the command directly instead of forking. 2013-02-24 13:25:44 -05:00
Todd C. Miller
d946fdaa7a Document that close and version be NULL for plugin API >= 1.3 and 
that sudo may execute the command directly if there is no close,
or pty or timeout needed.
 2013-02-24 13:20:56 -05:00
Todd C. Miller
59692ad282 Add pam_session sudoers option. 2013-02-24 06:15:37 -05:00
Todd C. Miller
af4d3489f9 Pass the default plugin directory to the plugin via the settings list. 
Could be used by a stacking plugin.
 2013-02-21 15:05:51 -05:00
Todd C. Miller
f336580bb1 Add Nikolai Kondrashov 2013-02-21 07:04:34 -05:00
Todd C. Miller
05e53aea0f Use the correct the sudoers policy symbol names and undo an editor 
goof committed when adding max_groups to sudo.conf.
 2013-02-20 13:54:31 -05:00
Todd C. Miller
e07280eeeb Rename sample_group plugin to group_file. 
Install group_file and system_group plugins by default.
 2013-02-18 15:32:36 -05:00
Todd C. Miller
b9159ecb26 Add maxseq sudoers option to limit the max number of I/O log files. 2013-02-18 15:06:23 -05:00