isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7,624 Commits 1 Branch 0 Tags
17a2a27e46f76ebc348ae9533d81c4360b73f84d
Commit Graph

51 Commits

Author SHA1 Message Date
Todd C. Miller
935e48c6e4 Don't call into the debug subsystem after we've deregistered the 
plugin's instance.
 2014-10-23 13:42:50 -06:00
Todd C. Miller
e9914a91b1 The sudoers plugin now defines its own list of debugging subsystem names 
and defines.
 2014-10-22 13:30:52 -06:00
Todd C. Miller
866cfc4fc3 Add support for multiple Debug lines per program. Callers may 
register arbitrary debug facilities or use built-in defaults.  We
now use separate Debug statements for plugins and programs.
 2014-10-22 13:23:05 -06:00
Todd C. Miller
79f4471e41 Move sudo_printf to policy.c to match sudo_conv. 2014-10-06 10:13:42 -06:00
Todd C. Miller
e20475922d There is no longer a reason for the plugin to init the debug subsystem 
itself.  It will always be initialized by the front-end if needed.
 2014-09-08 16:24:32 -06:00
Todd C. Miller
36a5767e3e efree -> sudo_efree for consistency 2014-07-10 15:35:04 -06:00
Todd C. Miller
a8fa112a53 atobool -> sudo_strtobool 
atoid-> sudo_strtoid
atomode -> sudo_strtomode
 2014-06-27 14:53:54 -06:00
Todd C. Miller
2d61d38c23 Add sudo_ prefix to alloc.c functions and rename alloc.h -> sudo_alloc.h 2014-06-27 10:48:31 -06:00
Todd C. Miller
aecef4aa1d Rename warning/fatal -> sudo_warn/sudo_fatal to avoid namespace 
pollution in libsudo_util.so.
 2014-06-27 09:30:52 -06:00
Todd C. Miller
6bdee0488c Rename parse_gid_list -> sudo_parse_gids to avoid namespace pollution. 2014-06-26 15:51:15 -06:00
Todd C. Miller
9ba5d82926 Rename fmt_string -> sudo_new_key_val to better describe its function. 2014-06-26 15:51:15 -06:00
Todd C. Miller
2166a6afe1 Remove use of setjmp/longjmp in the sudoers plugin. We no longer 
call fatal() except in the malloc wrappers and due to libsudo_util
there is now a single copy of fatal/fatalx.
 2014-06-26 15:51:15 -06:00
Todd C. Miller
ffb07443c3 Do not allow the same callback function to be registered more that 
once in fatal_callback_register().
Add fatal_callback_deregister() to deregister a callback.
 2014-05-12 11:45:17 -06:00
Todd C. Miller
cbee9cc8cb Remove now-unused log_fatal() 2014-04-30 17:00:20 -06:00
Todd C. Miller
a78da37487 Make set_perms() and restore_perms() return an error instead of 
calling exit() on failure.
 2014-04-10 16:11:47 -06:00
Todd C. Miller
2a290f812e Return MODE_ERROR from sudoers_policy_deserialize_info() instead 
of calling fatalx().
 2014-04-07 05:34:56 -06:00
Todd C. Miller
6a295400b7 Make "internal error, %s overflow" arguments consistent, using 
__func__ where possible (when debugging is allowed).
 2014-04-01 16:42:13 -06:00
Todd C. Miller
1943396d75 Make user_cwd and user_tty dynamically allocated even for the 
"unknown" case.
 2013-12-31 15:58:52 -07:00
Todd C. Miller
d83bfb9fe6 Add atomode() function for parsing a file mode. 2013-12-10 16:56:54 -07:00
Todd C. Miller
8f9ce7249a Use strtonum() instead of atoi(), strtol() or strtoul() where possible. 2013-12-10 16:23:21 -07:00
Todd C. Miller
0d81263e26 Instead of setprogname(), add initprogname() which gets the program 
name for getprogname() using /proc or pstat() if possible.
 2013-12-01 19:12:21 -07:00
Todd C. Miller
96eb2c4f8f Add warning_gettext() wrapper function that changes to the user locale, 
then calls gettext().
Add U_ macro that calls warning_gettext() instead of gettext().
Rename warning2()/error2() back to warning_nodebug()/error_nodebug().
 2013-11-18 08:59:57 -07:00
Todd C. Miller
07a804caf3 Quiet sign comparision warnings. 2013-10-23 15:03:31 -06:00
Todd C. Miller
b8d539984f Use strtol() instead of atoi() and perform error checking 
of parameters passed from the sudo front-end.
 2013-08-15 16:20:15 -06:00
Todd C. Miller
d0e3867587 Add limited support for "sudo -l -h other_host". Since group lookups 
are done on the local host, rules that use group membership may be
incorrect if the group database is not synchronized between hosts.
 2013-08-14 13:49:14 -06:00
Todd C. Miller
9b2fb418ca Don't allow max_groups to be set to zero, it just complicates things 
needlessly.  Fixes an assertion in visudo when there is a group-based
Defaults entry.
 2013-08-12 09:14:38 -06:00
Todd C. Miller
8b4fbc5cc0 Refactor code to parse list of gids into its own function that is 
shared by the sudo front-end and the sudoers module.
Make uid/gid parse error be fatal, not just a warning.
 2013-08-08 11:40:36 -06:00
Todd C. Miller
fe23e7c038 Add endpointer and separator args to atoid() 2013-08-08 06:11:52 -06:00
Todd C. Miller
5dc56ea81d Add atoid() function to convert a string to an id_t (uid, gid or 
pid).  We have to be careful to choose() either strtol() or strtoul()
depending on whether the string appears to be signed or unsigned.
Always using strtoul() is unsafe on 64-bit platforms since the
uid might be represented as a negative number and (unsigned long)-1
on a 64-bit system is 0xffffffffffffffff not 0xffffffff.
Fixes a problem with uids larger than 0x7fffffff on 32-bit platforms.
 2013-08-07 11:23:19 -06:00
Todd C. Miller
368a6558ca Change some error/errorx -> fatal/fatalx in comments and xgettext 
flags.
 2013-04-26 16:06:05 -04:00
Todd C. Miller
fa6c857112 Allow ldap_conf and ldap_secret to be specified as plugin arguments 
in sudo.conf
 2013-04-25 14:49:02 -04:00
Todd C. Miller
39acd2fcba Rename error/errorx -> fatal/fatalx and remove the exit value as 
it was always 1.
 2013-04-18 14:07:59 -04:00
Todd C. Miller
38dac1e0a4 Stash umask in struct sudo_user so we don't need to look it up later. 2013-03-28 15:40:32 -04:00
Todd C. Miller
13dbba174e Move sudo_conv into policy.c 2013-03-27 13:42:40 -04:00
Todd C. Miller
d3ff0f31ee Dummy out close function if there is no end_session for the auth 
method and the front-end can handle a NULL close function.  Avoids
the extra sudo process when we don't actually need it.
 2013-02-24 05:54:57 -05:00
Todd C. Miller
b9159ecb26 Add maxseq sudoers option to limit the max number of I/O log files. 2013-02-18 15:06:23 -05:00
Todd C. Miller
d837700341 Use max_groups in front-end and plugin. 2013-02-14 15:52:27 -05:00
Todd C. Miller
2e08777f25 Store the session ID in the tty ticket file too. A tty may only 
be in one session at a time so if the session ID doesn't match we
ignore the ticket.
 2013-02-08 10:43:14 -05:00
Todd C. Miller
8ab7cf61bd Pass back exec_background to front end if it is enabled in sudoers. 2013-01-27 13:45:35 -05:00
Todd C. Miller
1d7072fe09 Don't include <sys/param.h>. We only needed it for MAXPATHLEN, 
MAXHOSTNAMELEN and the MIN/MAX macros.  We now use PATH_MAX and
HOST_NAME_MAX throughout without falling back on MAXPATHLEN or
MAXHOSTNAMELEN and define our own MIN/MAX macros as needed.
 2012-12-04 10:40:47 -05:00
Todd C. Miller
b7ae7977a6 Cannot wrap sigsetjmp() or we end up returning to the wrong place. 
Use a macro instead.
 2012-11-29 06:37:13 -05:00
Todd C. Miller
02ad501ecc Fix return in sudoers_policy_open that should be debug_return. 2012-11-28 16:48:04 -05:00
Todd C. Miller
2632ec7e69 Move warn/error into common and make static builds work. 2012-11-25 09:34:40 -05:00
Todd C. Miller
c2c6616a0c Move _sudo_printf from src/conversation.c to common/sudo_printf.c. 
Add sudo_printf function pointer that is initialized to _sudo_printf()
instead of requiring a sudo_conv function pointer everywhere.  The
plugin will reset sudo_printf to point to the version passed in via
the plugin open function.  Now plugin_error.c can just call sudo_printf
in all cases.  The sudoers binaries no longer need their own version
of sudo_printf.
 2012-11-25 09:34:33 -05:00
Todd C. Miller
5496ffe1e8 Add plugin_setjmp() wrapper for siglongjmp(error_jmp, 1) so we don't 
need error_jmp to be extern.  Also add plugin_clearjmp() that clears
a flag so error()/errorx() knows when to call exit() vs. longjmp().
 2012-11-25 09:34:26 -05:00
Todd C. Miller
7b3d268687 Call gettext() on parameters for warning()/warningx() instead of 
having warning() do it for us.
 2012-11-25 09:34:04 -05:00
Todd C. Miller
3e5bd8dc52 Include setjmp.h in sudoers.h 
Move error_jmp into plugin_error.c
Rename sudoers_plugin_cleanup sudoers_cleanup
Make sudoers warning/error functions work when sudo_conv is NULL
 2012-11-25 09:33:33 -05:00
Todd C. Miller
56de023de8 Avoid strerror() when possible and just rely on warning/error 
to handle errno in the proper locale.
 2012-11-09 16:32:29 -05:00
Todd C. Miller
e88c8941d8 Fix cut and pasto 2012-11-08 16:40:03 -05:00
Todd C. Miller
595d3b2651 Display warning/error messages in the user's locale. 2012-11-08 15:37:44 -05:00