isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
8,785 Commits 1 Branch 0 Tags
17514b55ea3a8c1a3d10f194e56e68133e20597d
Commit Graph

115 Commits

Author SHA1 Message Date
Todd C. Miller
d6282d154a Update copyright years. 2013-04-24 09:35:02 -04:00
Todd C. Miller
39acd2fcba Rename error/errorx -> fatal/fatalx and remove the exit value as 
it was always 1.
 2013-04-18 14:07:59 -04:00
Todd C. Miller
7aae6bd6e3 Add line continuation support to sudo_parseln() and make it use 
getline() instead of fgets() internally.
 2013-02-07 10:56:01 -05:00
Todd C. Miller
1d7072fe09 Don't include <sys/param.h>. We only needed it for MAXPATHLEN, 
MAXHOSTNAMELEN and the MIN/MAX macros.  We now use PATH_MAX and
HOST_NAME_MAX throughout without falling back on MAXPATHLEN or
MAXHOSTNAMELEN and define our own MIN/MAX macros as needed.
 2012-12-04 10:40:47 -05:00
Todd C. Miller
4bde57b8b2 Rename warning2()/error2() -> warning_nodebug()/error_nodebug(). 2012-11-25 09:34:10 -05:00
Todd C. Miller
a0c53bd751 Call gettext inside log_error et al instead of having the caller do it. This way we can display any messages to the user in their own locale but log in the sudoers local. 2012-11-08 15:37:44 -05:00
Todd C. Miller
4207589fe2 Add simple locale switching to make it easy to switch from the 
user's locale to the sudoers locale without making excessive
setlocale() calls when we don't need to.
 2012-11-08 15:37:43 -05:00
Todd C. Miller
1d90c0ad71 No need to translate "unable to allocate memory" when we can just 
use the system translation via strerror().
 2012-09-17 16:59:26 -04:00
Todd C. Miller
faf112c53b Replace the guts of sudo_setenv_nodebug() with our old setenv.c 
which supports non-standard BSD and glibc semantics.
sudo_setenv() now simply calls sudo_setenv2().
 2012-09-16 15:18:58 -04:00
Todd C. Miller
40d0492a42 Avoid setting LOGNAME, USER and USERNAME variables twice when 
set_logname is enabled.
 2012-09-11 10:24:20 -04:00
Todd C. Miller
6beab19148 Fix duplicate detection in sudo_putenv(), do not prune out the 
variable we just set when overwriting an existing instance.
Fixes bug #570
 2012-09-11 10:22:37 -04:00
Todd C. Miller
d2a46c0f81 Add some debuggging 2012-09-11 10:21:32 -04:00
Todd C. Miller
241b2395cf Reduce the number of "internal error, foo overflow" messages that 
need to be translated.
 2012-08-10 12:18:38 -04:00
Todd C. Miller
7d255e42cb Fix some warnings from clang checker-267 2012-08-07 11:01:28 -04:00
Todd C. Miller
e9f5a38398 Use MAX_UID_T_LEN + 1 for uid/gid buffers, not MAX_UID_T_LEN to 
prevent potential truncation.  Bug #562.
 2012-06-27 13:41:58 -04:00
Todd C. Miller
b78ca957a3 Fix signedness of didvar in env_update_didvar() 2012-03-28 13:39:37 -04:00
Todd C. Miller
cfdc45ea62 No need to preserve ODMDIR on AIX now that we always read 
/etc/environment.
 2012-03-28 08:18:26 -04:00
Todd C. Miller
caf01d98c4 When initializing the environment for env_reset, start out with 
the contents of /etc/environment on AIX and login.conf on BSD.
 2012-03-27 18:57:11 -04:00
Todd C. Miller
44ce5720de Remove the NO_EXIT flag to log_error() and add a log_fatal() function 
that exits and is marked no_return.  Fixes false positives from
static analyzers and is easier for humans to read too.
 2012-03-26 10:59:14 -04:00
Todd C. Miller
55d1a1a79d Use ecalloc() when allocating structs. 2012-03-19 11:24:24 -04:00
Todd C. Miller
6d10909949 Pass a pointer to user_env in to the init_session policy plugin 
function so session setup can modify the user environment as needed.
For PAM authentication, merge the PAM environment with the user
environment at init_session time.  We no longer need to swap in the
user_env for environ during session init, nor do we need to disable
the env hooks at init_session time.
 2012-03-15 09:18:36 -04:00
Todd C. Miller
19fc56462d Add env_should_keep() and env_should_delete() wrapper functions to 
simplify things a bit and hide the fact that matches_env_check()
is not bool.
 2012-03-12 16:45:22 -04:00
Todd C. Miller
749784ea5b matches_env_check() returns int, not boolean 2012-03-12 13:53:54 -04:00
Todd C. Miller
37770ecf1e Initial cut at a hooks implementation. The plugin can register 
hooks for getenv, putenv, setenv and unsetenv.  This makes it
possible for the plugin to trap changes to the environment made by
authentication methods such as PAM or BSD auth so that such changes
are reflected in the environment passed back to sudo for execve().
 2012-03-07 16:35:42 -05:00
Todd C. Miller
a24d86b32c When running a login shell with a login_class specified, use 
LOGIN_SETENV instead of rolling our own login.conf setenv support
since FreeBSD's login.conf has more than just setenv capabilities.
This requires us to swap the plugin-provided envp for the global
environ before calling setusercontext() and then stash the resulting
environ pointer back into the command details, which is kind of a
hack.
 2011-12-08 17:17:25 -05:00
Todd C. Miller
9f0abb4692 Add support for setenv entries in login.conf. We can't use LOGIN_SETENV 
since the plugin sets up the envp the command is executed with.
Also regen the Makefile.in files while here.  Fixes bug #527
 2011-12-05 10:43:44 -05:00
Todd C. Miller
21a2f95821 Use stdbool.h instead of rolling our own TRUE/FALSE macros. 2011-12-02 11:27:33 -05:00
Todd C. Miller
c86561e502 Remove the old Kerberos IV support 2011-11-13 09:12:43 -05:00
Todd C. Miller
839919566e Add debug_decl/debug_return (almost) everywhere. 
Remove old sudo_debug() and convert users to sudo_debug_printf().
 2011-10-22 14:40:21 -04:00
Todd C. Miller
b7a6107702 Ignore set_logname (which is now the default) for sudoedit since 
we want the LOGNAME, USER and USERNAME environment variables to
refer to the calling user since that is who the editor runs as.
This allows the editor to find the user's startup files.
Fixes bugzilla #515
 2011-10-10 13:10:24 -04:00
Todd C. Miller
7a06f32cbb Preserve SHELL variable for "sudo -s". Otherwise we can end up 
with a situation where the SHELL variable and the actual shell being
run do not match.
 2011-06-13 07:20:28 -04:00
Todd C. Miller
42a3966a88 Minor warning/error cleanup 2011-05-18 13:44:36 -04:00
Todd C. Miller
b643b190a7 Prepare sudoers module messages for translation. 2011-05-16 16:32:05 -04:00
Todd C. Miller
53da5e8cdf Update copyright years. 2011-03-11 15:34:35 -05:00
Todd C. Miller
a092d2fdcf Move noexec handling to sudo front-end where it is documented as being. 2011-03-10 15:11:49 -05:00
Todd C. Miller
4527bdd9b4 Use %u to print uid/gid, not %lu and adjust casts to match. 2010-11-30 15:21:36 -05:00
Todd C. Miller
614e2a642c Preserve ODMDIR environment variable by default on AIX. 2010-09-27 14:08:54 -04:00
Todd C. Miller
ed45e68da9 Take MODE_LOGIN_SHELL into account when initially setting reset_home 
instead of special-casing it later.
 2010-09-14 11:44:33 -04:00
Todd C. Miller
ce942f18c0 Reset HOME for "sudo -i" even if HOME was listed in env_keep. 2010-09-14 11:28:40 -04:00
Todd C. Miller
1b9ca115b7 Make -H flag work when HOME is listed in env_keep. Also makes 
"set_home" and "always_set_home" override override HOME in env_keep.
 2010-09-09 16:16:39 -04:00
Todd C. Miller
3d48cae18c Set dupcheck to TRUE when setting new HOME value if !env_reset but 
always_set_home is true.  Prevents a duplicate HOME in the environment
(old value plus the new one) introduced in f421f8827340.
 2010-08-18 15:26:26 -04:00
Todd C. Miller
ee7221f1fe Reset HOME when env_reset is enabled unless it is in env_keep 2010-07-19 15:35:47 -04:00
Todd C. Miller
2eb1879fd7 Add PYTHONUSERBASE to initial_badenv_table 2010-07-19 12:54:01 -04:00
Todd C. Miller
69ecb34581 If env_reset is enabled, set the MAIL environment variable based 
on the target user unless MAIL is explicitly preserved in sudoers.
 2010-07-19 12:50:59 -04:00
Todd C. Miller
5b9e39ac87 Use _PATH_STDPATH instead of _PATH_DEFPATH 2010-07-12 18:07:52 -04:00
Todd C. Miller
d9de7b5f8e Add support for a sudo-i pam.d file to be used for "sudo -i". 
Adapted from a RedHat patch.
 2010-07-12 17:57:53 -04:00
Todd C. Miller
6229c0e206 Now that sudoers is a dynamically loaded module we cannot override 
the libc environment functions because the symbols may already have
been resolved via libc.  Remove getenv/putenv/setenv/unsetenv
replacements from sudoers and add replacements for setenv/unsetenv
for systems that lack them.
 2010-07-06 16:44:33 -04:00
Todd C. Miller
30fe4a067c Set usrinfo for AIX 
Set adminstrative domain for the process when looking up user's
    password or group info and when preparing for execve().
Include strings.h even if string.h exists since they may define
    different things.  Fixes warnings on AIX and others.
 2010-06-29 13:08:05 -04:00
Todd C. Miller
862d1675cc Do not rely on env.env_len when unsetting a variable, just use the 
NULL terminator.
 2010-06-29 09:26:55 -04:00
Todd C. Miller
0c0a02dfd1 In unsetenv() check for NULL or empty name as per POSIX 1003.1-2008 2010-06-29 09:10:43 -04:00