isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
6,440 Commits 1 Branch 0 Tags
1e43242b33829419d23136d92f99296b37a57d0c
Commit Graph

6440 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
d29991f41b Regen .man.in files with my private mandoc. 2012-07-25 10:34:20 -04:00
Todd C. Miller
84a8573aab add MANDOC variable 2012-07-25 06:32:05 -04:00
Todd C. Miller
a06f7540f7 Regen .man.in files with hacked mandoc to avoid issues with historic 
nroff.
 2012-07-20 14:28:41 -04:00
Todd C. Miller
05e7cac89b Fix groff warnings. 2012-07-19 17:13:19 -04:00
Todd C. Miller
909f3da4d5 Fix dependencies for .man.in files. 2012-07-19 16:21:07 -04:00
Todd C. Miller
42e6496ed0 Add doc/*.mdoc to ignore file 2012-07-19 13:42:41 -04:00
Todd C. Miller
90f2cfa589 Build .man.in and .cat files from .mdoc.in files. 
Add new --with-man and --with-mdoc configure options.
 2012-07-19 13:41:14 -04:00
Todd C. Miller
0d8aa46bb1 Sudo manuals formatted in mdoc, to replace the pod versions. 2012-07-18 09:56:53 -04:00
Todd C. Miller
c5b374fac6 More minor costmetic fixes. 2012-07-18 09:16:09 -04:00
Todd C. Miller
f31f58a967 Minor cosmetic fixes. 2012-07-12 15:16:04 -04:00
Todd C. Miller
f7dc1d849f Use "a password is required" instead of "password required" when 
the -n flag is used and we need to read a password.
 2012-07-11 16:28:40 -04:00
Todd C. Miller
7aaa101736 Mention logging changes. 2012-07-10 14:59:30 -04:00
Todd C. Miller
5f83d35f78 regen 2012-07-10 14:53:52 -04:00
Todd C. Miller
6cc8c161a2 Document that other mail_* flags have precedence over mail_badpass. 2012-07-10 14:42:57 -04:00
Todd C. Miller
8b03f3e7d0 Move log_denial() calls and logic to log_failure(). 
Move authentication failure logging to log_auth_failure().
Both of these call audit_failure() for us.

This subtly changes logging for commands that are denied by sudoers
but where the user failed to enter the correct password.  Previously,
these would be logged as "N incorrect password attempts" but now
are logged as "command not allowed".  Fixes bug #563
 2012-07-10 12:42:33 -04:00
Todd C. Miller
9c9cf9da41 Do not set a resource limit to zero when we are unable to fetch a 
value from /etc/security/limits.
 2012-07-06 10:10:03 -04:00
Todd C. Miller
5904f7ede9 Add "Provides: sudo" to debian sudo-ldap package 2012-07-05 09:34:20 -04:00
Todd C. Miller
958e39fc6a Define NO_VIZ for zlib when gcc doesn't support symbol visibility 
attributes.
 2012-07-02 13:34:35 -04:00
Todd C. Miller
f38349a026 Use the autoconf cache when checking for symbol export control support. 2012-07-02 11:20:05 -04:00
Todd C. Miller
f8f0021710 Add configure check for building PIE executables instead of doing 
it in mkpkg.
 2012-07-02 10:12:41 -04:00
Todd C. Miller
aab4b3589b MacOS pp backend doesn't like modes longer than 4 characters. 2012-07-02 08:24:57 -04:00
Todd C. Miller
effd6cd911 Add -Wc,-fstack-protector to LT_LDFLAGS instead of adding 
-fstack-protector to LDFLAGS so it doesn't get stripped out.  Libtool
will strip -fstack-protector from the linker flags and we always
link with libtool.
 2012-07-01 13:47:25 -04:00
Todd C. Miller
2e36b1ef2b Regen for sudo 1.8.6 2012-06-29 16:11:27 -04:00
Todd C. Miller
80502c3bcf Document improved Tivoli Directory Server support. 2012-06-29 12:41:59 -04:00
Todd C. Miller
3c57d6a06d Add support for ldaps using Tivoli LDAP libraries. 
Add ldap.conf option to specify Tivoli key db password.
Allow TLS ciphers to be configured for Tivoli.
 2012-06-29 12:14:45 -04:00
Todd C. Miller
f56bada404 Tivoli Directory Server 6.3 libs always return a (bogus) error 
when setting LDAP_OPT_CONNECT_TIMEOUT.
 2012-06-28 15:42:38 -04:00
Todd C. Miller
06637e5283 Update 2012-06-28 15:01:02 -04:00
Todd C. Miller
cfe0034cdf Treat LDAP_OPT_CONNECT_TIMEOUT (Tivoli Directory Server 6.3) the 
same as LDAP_OPT_CONNECT_TIMEOUT (OpenSSH).
Don't make failure to a set an ldap option fatal.
 2012-06-28 14:58:15 -04:00
Todd C. Miller
7d5048a5be Zero pointers in sudo_user struct after freeing, just in case. 2012-06-27 17:04:39 -04:00
Todd C. Miller
899fcc05ac Free user_gids in close function if it has not already been freed. 2012-06-27 16:56:55 -04:00
Todd C. Miller
1cd50d0bce Defer group ID to name resolution until we actually need it. 2012-06-27 16:50:56 -04:00
Todd C. Miller
faf89fc792 It is safe to read in sudo.conf before calling user_info(). 2012-06-27 15:17:18 -04:00
Todd C. Miller
e9f5a38398 Use MAX_UID_T_LEN + 1 for uid/gid buffers, not MAX_UID_T_LEN to 
prevent potential truncation.  Bug #562.
 2012-06-27 13:41:58 -04:00
Todd C. Miller
386ba7b062 If installing with installp, error out if there is already an 
instance of the rpm package installed.
 2012-06-25 16:16:25 -04:00
Todd C. Miller
bcd8549a9c Add --disable-nls for AIX 2012-06-25 14:00:11 -04:00
Todd C. Miller
5c1ba0b49d Debian sudo-ldap packages should now depend on libldap-2.4-2, not 
libldap2.
 2012-06-22 10:57:23 -04:00
Todd C. Miller
e571d6ff68 Add Homepage and Bugs to debian control file. 2012-06-21 13:41:39 -04:00
Todd C. Miller
6103bbc67f fix typo when setting aix_freeware 2012-06-20 14:18:14 -04:00
Todd C. Miller
9497df293a Don't run regress tests or sudoers sanity check (using the newly-built 
visudo) when cross compiling.  Bug #560
 2012-06-20 13:38:17 -04:00
Todd C. Miller
bcfeddc998 Rename foo.sym -> foo.exp 
Remove foo.map from the repo and generate it on demand
Use a loader option file for HP-UX ld to explicitly export symbols
 2012-06-20 12:58:16 -04:00
Todd C. Miller
b0475b59dc Remove extraneous backslash 2012-06-20 12:32:51 -04:00
Todd C. Miller
a49238e3f1 Don't check for errorx as an exported symbols as it is now a macro. 
Check for user_in_group() instead.
 2012-06-20 09:38:25 -04:00
Todd C. Miller
b567282f86 Adjust ld map file support to use an anonymous scope to match the 
updated .map files.
 2012-06-19 13:23:37 -04:00
Todd C. Miller
c74d406313 Older versions of Solaris lack ngettext() 2012-06-18 14:29:06 -04:00
Todd C. Miller
af8a211e4b Move the check for -static-libgcc until after AC_LANG_WERROR 
has been called and use AX_CHECK_COMPILE_FLAG().
 2012-06-18 14:10:50 -04:00
Todd C. Miller
2ef0cc73fc Sudo defines HAVE_SETLOCALE not HAVE_LOCALE_H 2012-06-18 14:03:39 -04:00
Todd C. Miller
5ac272c03e Fix gcc 2.x variant macro support. 2012-06-18 14:03:11 -04:00
Todd C. Miller
45fea137f9 Fix compilation on gcc 2.95 and other compilers that only allow 
variable declarations at the beginning of a block.
 2012-06-18 13:47:01 -04:00
Todd C. Miller
fdcc8e1fce Link check_symbols with SUDO_LIBS to make sure we link with the 
requisite libraries to successfully dlopen sudoers.so.  This is
needed on HP-UX where a program dlopen()ing a shared object that
uses pthreads must also be linked with pthreads (and HP-UX LDAP
uses pthreads).
 2012-06-18 10:21:05 -04:00
Todd C. Miller
86cececc16 Add check for exported local symbols. This will cause a "make 
check" failure on systems where we don't support symbol hiding.
 2012-06-18 10:21:01 -04:00