Todd C. Miller
|
f2433e0368
|
Linux PAM now defines __LINUX_PAM__, not __LIBPAM_VERSION.
From Dmitry V. Levin.
|
2007-04-20 16:40:59 +00:00 |
|
Todd C. Miller
|
3f2b6b1460
|
-i is also one of the mutually exclusive options to list it in the
warning message. Noted by Chris Pepper.
|
2007-04-16 16:13:33 +00:00 |
|
Todd C. Miller
|
b679cb930b
|
The sudoers variable is env_editor, not enveditor.
From Jean-Francois Saucier.
|
2007-04-12 15:18:15 +00:00 |
|
Todd C. Miller
|
666c85dba2
|
I tracked down the original author so credit him and include his
license info.
|
2007-03-29 17:30:22 +00:00 |
|
Todd C. Miller
|
7a96eb86e6
|
Fix typos; from Jason McIntyre.
|
2007-02-06 18:25:35 +00:00 |
|
Todd C. Miller
|
832f4c3768
|
Restore signal mask before calling reapchild(). Fixes a possible race
condition that could prevent sudo from properly waiting for the child.
|
2007-02-06 18:23:45 +00:00 |
|
Todd C. Miller
|
51d61f148f
|
Don't declare pw_free() if we are not going to use it.
|
2007-01-31 15:02:24 +00:00 |
|
Todd C. Miller
|
bf500a00d6
|
Add NOEXEC support for AIX 5.3 which supports LDR_PRELOAD and
LDR_PRELOAD64. The 64-bit version is not currently supported.
Remove zero_env() prototype as it no longer exists.
|
2007-01-31 15:00:48 +00:00 |
|
Todd C. Miller
|
9d6695ed43
|
Add "Auto-Submitted: auto-generated" line to sudo mail for rfc 3834.
|
2006-12-11 18:21:29 +00:00 |
|
Todd C. Miller
|
8d97a8d20f
|
If the user enters ^C at the password prompt, abort instead of
trying to authenticate with an empty password (which causes an
annoying delay).
|
2006-09-29 14:53:42 +00:00 |
|
Todd C. Miller
|
cad6de7d73
|
Add fcntl F_CLOSEM support to closefrom(); adapted from a diff by
Darren Tucker.
|
2006-08-17 15:26:54 +00:00 |
|
Todd C. Miller
|
5994797e4d
|
pw_free() is only used by sudo_freepwcache() so ifdef it out too.
|
2006-08-17 15:25:07 +00:00 |
|
Todd C. Miller
|
6e9df267cc
|
Update to latest versions from cvs.savannah.gnu.org
|
2006-08-04 15:34:19 +00:00 |
|
Todd C. Miller
|
884b70acc9
|
Move password/group cache cleaning out of sudo_end{pw,grp}ent() so
we can close the passwd/group files early.
|
2006-07-31 17:51:44 +00:00 |
|
Todd C. Miller
|
ea8c5d5d2d
|
Add seteuid() flavor of set_perms() for systems without setreuid()
or setresuid() that have a working seteuid(). Tested on Darwin.
|
2006-07-31 17:50:06 +00:00 |
|
Todd C. Miller
|
7276bf7b9b
|
systrace_read() returns ssize_t
|
2006-07-30 19:56:11 +00:00 |
|
Todd C. Miller
|
be3a220f7d
|
Fix typo, -lldap vs. -ldap; from Tim Knox.
|
2006-07-30 19:53:52 +00:00 |
|
Todd C. Miller
|
bbe7ab84b5
|
Fix typo; Matt Ackeret
|
2006-07-28 17:12:49 +00:00 |
|
Todd C. Miller
|
c28a289f11
|
Print sudoers path in -V mode for root.
|
2006-07-17 12:25:07 +00:00 |
|
Todd C. Miller
|
296680928d
|
Do a sub tree search instead of a base search (one level in the
tree only) for sudo right objects. This allows system administrators
to categorize the rights in a tree to make them easier to manage.
|
2006-06-15 18:44:42 +00:00 |
|
Todd C. Miller
|
b6e3fb008f
|
fix typo
|
2005-12-28 18:52:45 +00:00 |
|
Todd C. Miller
|
7c588a0143
|
Convert GET_OPT and GET_OPTI to use just 2 args.
Add timelimit and bind_timelimit support; adapted from gentoo.
|
2005-12-04 17:16:36 +00:00 |
|
Todd C. Miller
|
920c811687
|
Support comments that start in the middle of a line
|
2005-11-23 23:57:10 +00:00 |
|
Todd C. Miller
|
bce8fbdd62
|
Define LDAP_DEPRECATED until we start using ldap_get_values_len()
|
2005-11-23 23:56:52 +00:00 |
|
Todd C. Miller
|
ab076942e8
|
Silence gcc -Wsign-compare; djm@openbsd.org
|
2005-11-18 14:55:24 +00:00 |
|
Todd C. Miller
|
2d282cd226
|
cleanup() now takes an int as an arg so it can be used as a signal
handler too.
|
2005-11-18 01:39:59 +00:00 |
|
Todd C. Miller
|
c7140895af
|
Make a copy of the shell field in the passwd struct for NewArgv to avoid
a use after free situation after sudo_endpwent() is called.
|
2005-11-18 01:38:32 +00:00 |
|
Todd C. Miller
|
8efcb40512
|
Add mkstemp() for those poor souls without it.
|
2005-11-17 01:36:48 +00:00 |
|
Todd C. Miller
|
6ac7edb6e3
|
Add mkstemp() for those poor souls without it.
|
2005-11-17 01:36:47 +00:00 |
|
Todd C. Miller
|
7a8ed8e07a
|
Add mkstemp() for those poor souls without it.
|
2005-11-17 01:36:47 +00:00 |
|
Todd C. Miller
|
be9d490e1a
|
Add PERL5DB to list of environment variables to remove.
|
2005-11-15 14:25:03 +00:00 |
|
Todd C. Miller
|
3553eee07e
|
Instead of calling the check function twice with a state cookie use
separate check/log functions.
Check more ioctl() calls for failure.
systrace_{read,write} now return the number of bytes read/written
or -1 on error.
|
2005-11-13 20:49:35 +00:00 |
|
Todd C. Miller
|
b9f34a5a3f
|
Add more environment variables to remove; from gentoo linux
Add some comments about what bad env variables go to what (more to do)
|
2005-11-13 19:51:43 +00:00 |
|
Todd C. Miller
|
b2a32d13c0
|
Move sudo_end{gr,pw}ent() until just before the exec since they
free up our cached copy of the passwd structs, including sudo_user
and sudo_runas. Fixes a use-after-free bug.
|
2005-11-11 22:23:08 +00:00 |
|
Todd C. Miller
|
0b3b32ab9a
|
Close all fd's before executing editor.
|
2005-11-11 22:19:53 +00:00 |
|
Todd C. Miller
|
69c627658f
|
Enable malloc debugging on OpenBSD when SUDO_DEVEL is set.
|
2005-11-11 22:17:59 +00:00 |
|
Todd C. Miller
|
50004e00b8
|
Fix fd leak when lecture file option is enabled. From Jerry Brown
|
2005-11-11 16:22:58 +00:00 |
|
Todd C. Miller
|
3c6d0cc871
|
Add PERLLIB, PERL5LIB and PERL5OPT to the default list of environment
variables to remove. From Charles Morris
|
2005-11-07 16:02:22 +00:00 |
|
Todd C. Miller
|
ce8f2b10e4
|
add JAVA_TOOL_OPTIONS to initial_badenv_table for java 5
|
2005-11-01 18:24:47 +00:00 |
|
Todd C. Miller
|
096a289d94
|
add PS4 and SHELLOPTS to initial_badenv_table for bash
|
2005-10-28 00:35:33 +00:00 |
|
Todd C. Miller
|
2c3be532a0
|
Fix typo; Toby Peterson
|
2005-08-15 00:32:08 +00:00 |
|
Todd C. Miller
|
f758302279
|
Make return buffers static so they don't get clobbered
|
2005-08-02 13:57:55 +00:00 |
|
Todd C. Miller
|
26523a7ce6
|
Fix securid5 authentication, was not checking for ACM_OK. Also add
default cases for the two switch()es. Problem noted by ccon at worldbank
|
2005-07-28 01:14:14 +00:00 |
|
Todd C. Miller
|
4e86b1d74a
|
Remove ncat() in favor of just counting bytes and pre-allocating what is
needed.
|
2005-06-27 00:10:06 +00:00 |
|
Todd C. Miller
|
73730b872b
|
Fix up some comments
Add missing fclose() for the rootbinddn case
|
2005-06-26 23:44:30 +00:00 |
|
Todd C. Miller
|
380d3c8c7b
|
align struct ldap_config
|
2005-06-26 23:38:44 +00:00 |
|
Todd C. Miller
|
76f3c652d6
|
use LINE_MAX for max conf file line size
|
2005-06-26 23:37:54 +00:00 |
|
Todd C. Miller
|
e0ac56ae6f
|
add _PATH_LDAP_SECRET
|
2005-06-26 22:36:51 +00:00 |
|
Todd C. Miller
|
69be475791
|
Mention rootbinddn
Give example ou=SUDOers container
|
2005-06-26 22:36:09 +00:00 |
|
Todd C. Miller
|
3b30d7514a
|
Support rootbinddn in ldap.conf
|
2005-06-25 22:03:10 +00:00 |
|