Todd C. Miller
251c79a77b
Add missing missing.h
2013-08-15 10:08:27 -06:00
Todd C. Miller
c376c71618
Move the -C (user_closefrom) check until after set_cmnd() so that
...
closefrom_override can be used in a command-specific Defaults line.
Fixes bug #610 from Mengtao Sun.
2013-08-15 09:56:17 -06:00
Todd C. Miller
299a881fe2
If not using a pty and the child process gets SIGTTOU or SIGTTIN
...
and sudo is the foreground process, make the child the foreground
process and continue it.
2013-08-14 16:36:41 -06:00
Todd C. Miller
c909f61004
If sudo is not setuid and was not invoked with a full path, look
...
in the user's PATH for the sudo binary to give a better error
message.
2013-08-14 14:22:16 -06:00
Todd C. Miller
d0e3867587
Add limited support for "sudo -l -h other_host". Since group lookups
...
are done on the local host, rules that use group membership may be
incorrect if the group database is not synchronized between hosts.
2013-08-14 13:49:14 -06:00
Todd C. Miller
79104ce751
Fix parsing of "-h host" when used in conjunction with the -l flag.
2013-08-14 13:41:47 -06:00
Todd C. Miller
8b1d645534
Simplify usage messages a bit and make --help output more closely
...
resemble GNU usage wrt long options. Sync usage and man page
SYNOPSYS sections and improve long options in the manual pages.
Now that we have long options we don't need to give the mnemonic
for the single-character options in the description.
2013-08-14 10:30:51 -06:00
Todd C. Miller
91e66c481f
Fix setting of mailer argv[0] to basename of mailerpath.
...
No need to strdup() mailerpath as it is not modified.
2013-08-13 14:53:55 -06:00
Todd C. Miller
04b290e385
Make sure the mailer exists and is a regular file before trying
...
to exec it.
2013-08-13 14:48:24 -06:00
Todd C. Miller
39d630f2f2
If tty_tickets are enabled but there is no tty, use a ticket file
...
based on the parent pid.
2013-08-13 12:55:17 -06:00
Todd C. Miller
d9fd6281e4
Allow default plugin dir to be configured in sudo.conf.
2013-08-13 12:24:28 -06:00
Todd C. Miller
d10641cdbb
UTF8 for Ruusamae, Elan; from Tae Wong
2013-08-13 10:37:52 -06:00
Todd C. Miller
9b2fb418ca
Don't allow max_groups to be set to zero, it just complicates things
...
needlessly. Fixes an assertion in visudo when there is a group-based
Defaults entry.
2013-08-12 09:14:38 -06:00
Todd C. Miller
8b4fbc5cc0
Refactor code to parse list of gids into its own function that is
...
shared by the sudo front-end and the sudoers module.
Make uid/gid parse error be fatal, not just a warning.
2013-08-08 11:40:36 -06:00
Todd C. Miller
6126c08f7d
Add function comment block.
2013-08-08 11:38:39 -06:00
Todd C. Miller
141f91e777
Default text domain is now sudo, not sudoers.
2013-08-08 10:37:25 -06:00
Todd C. Miller
5556a0f211
Update dependency for atoid.lo
2013-08-08 08:39:58 -06:00
Todd C. Miller
fe23e7c038
Add endpointer and separator args to atoid()
2013-08-08 06:11:52 -06:00
Todd C. Miller
39cbfcd406
Use private version of atoid() to avoid a dependency on libcommon.a
...
(since that already depends on libreplace.a).
2013-08-07 16:52:50 -06:00
Todd C. Miller
03fc668e5a
More UTF8 in names; from Tae Wong
2013-08-07 16:07:14 -06:00
Todd C. Miller
dde7331a0f
Use atoid() in more places.
2013-08-07 15:49:03 -06:00
Todd C. Miller
40cb480f07
Move atoid() to common so it can be used in src and compat too.
2013-08-07 15:10:45 -06:00
Todd C. Miller
2c6e68df0e
Avoid a crash on Mac OS X 10.8 (at least) when we close libdispatch's
...
fds out from under it before executing the command. Switch to just
setting the close on exec flag instead.
2013-08-07 15:04:58 -06:00
Todd C. Miller
30adf33eaf
Convert to last, first for easier sorting and use UTF8 (including a
...
BOM).
2013-08-07 14:14:05 -06:00
Todd C. Miller
c3fb47a88e
Add atoid() function to convert a string to an id_t (uid, gid or
...
pid). We have to be careful to choose() either strtol() or strtoul()
depending on whether the string appears to be signed or unsigned.
Always using strtoul() is unsafe on 64-bit platforms since the
uid might be represented as a negative number and (unsigned long)-1
on a 64-bit system is 0xffffffffffffffff not 0xffffffff.
Fixes a problem with uids larger than 0x7fffffff on 32-bit platforms.
2013-08-07 13:13:56 -06:00
Todd C. Miller
5dc56ea81d
Add atoid() function to convert a string to an id_t (uid, gid or
...
pid). We have to be careful to choose() either strtol() or strtoul()
depending on whether the string appears to be signed or unsigned.
Always using strtoul() is unsafe on 64-bit platforms since the
uid might be represented as a negative number and (unsigned long)-1
on a 64-bit system is 0xffffffffffffffff not 0xffffffff.
Fixes a problem with uids larger than 0x7fffffff on 32-bit platforms.
2013-08-07 11:23:19 -06:00
Todd C. Miller
972ee9a0fb
Avoid "perm stack underflow" error when logging the unknown uid error.
2013-08-07 10:13:04 -06:00
Todd C. Miller
23a2bdbcba
In rewind_perms() there is nothing to do if perm_stack_depth == 0.
2013-08-07 09:42:14 -06:00
Todd C. Miller
3898f5d7ff
Add pam_setcred sudoers option to allow the user to control whether
...
pam_setcred() is called on the user's behalf.
2013-08-06 14:44:21 -06:00
Todd C. Miller
52954481e1
Add pam_service and pam_login_service sudoers settings to control
...
the service name passed to pam_start.
2013-08-06 11:01:36 -06:00
Todd C. Miller
385e20c7bc
Newer Xcode places the SDKs under Xcode.app
2013-08-06 10:58:50 -06:00
Todd C. Miller
1f3ea50afd
Implement memset_s() and use it instead of zero_bytes().
...
A new constant, SUDO_CONV_REPL_MAX, is defined by the plugin
API as the max conversation reply length. This constant can be
used as a max value for memset_s() when clearing passwords
filled in by the conversation function.
2013-08-03 08:30:06 -06:00
Todd C. Miller
8c867be419
Do not try to install plugins when shared modules are disabled
...
(sudoers already had the check).
2013-08-01 10:51:46 -06:00
Todd C. Miller
d882303b88
Update dependencies to take into account compat/getopt.h and
...
compat/dlfcn.h.
2013-08-01 10:51:06 -06:00
Todd C. Miller
235d32c994
Update dependencies now that sudo_usage.h is always included from
...
the build dir.
2013-08-01 10:50:05 -06:00
Todd C. Miller
62da46a9cb
Add some warnings and debugging to sasl ccname handling.
2013-07-31 15:20:14 -06:00
Todd C. Miller
c0c782ae14
Fix write loop invariant in sudo_krb5_copy_cc_file()
2013-07-31 15:03:46 -06:00
Todd C. Miller
09e752274e
Strip off leading FILE: or WRFILE: prefix before trying to copy
...
the user's credential cache.
2013-07-30 15:37:04 -06:00
Todd C. Miller
3582ad3409
Instead of setting RLIMIT_NPROC to unlimited when sudo initializes,
...
just save RLIMIT_NPROC in exec_setup() before the final setuid()
and restore it immediately after. We don't need to modify RLIMIT_NPROC
for simple euid changes, just for changing the real (and saved)
uids before we exec. This also means we no longer need to worry
about _SC_CHILD_MAX returning -1. Bug #565
2013-07-29 15:34:49 -06:00
Todd C. Miller
b1c8f0575b
Now that the ldap code runs with the real and effective uid set to
...
0, it is not possible for the gssapi libs to find the user's krb5
credential cache file. To work around this, we make a temporary
copy of the user's credential cache specified by KRB5CCNAME (opened
with the user's effective uid) and point gssapi to it. To set the
credential cache file name, we dynamically look up gss_krb5_ccache_name()
and use it if available, otherwise fall back to setting KRB5CCNAME.
2013-07-28 17:06:43 -06:00
Todd C. Miller
39575aecf2
Long option support for visudo and sudoreplay.
2013-07-19 09:42:25 -06:00
Todd C. Miller
6e56e6d8c8
Add support for long options and fix inclusion of sudo_usage.h with
...
modern gcc broken in 8597:1fcb7ba13018.
2013-07-18 16:51:56 -06:00
Todd C. Miller
fbfd0ad630
Add rule to rebuild sudo_usage.h when the .in file changes.
2013-07-18 14:29:30 -06:00
Todd C. Miller
deb3844959
Add make rules for building getopt_long.c
2013-07-18 10:07:41 -06:00
Todd C. Miller
db05b9ae0d
Make "-h hostname" work. Optional args in GNU getopt() only work
...
when there is no space between the option flag and the argument.
2013-07-18 10:02:43 -06:00
Todd C. Miller
9309c9eab7
Use getopt_long() so we can make the -h flag take an optional argument.
...
Includes a version for those without it.
2013-07-17 17:00:55 -06:00
Todd C. Miller
29908cb6df
Document that the -h option can be used specify a host name for future
...
plugins.
2013-07-16 16:31:59 -06:00
Todd C. Miller
c2860cce57
Overload -h option to specify an optional hostname for remote access.
...
This is future-proofing; no policy plugins currently support this.
2013-07-16 16:31:05 -06:00
Todd C. Miller
1e4497331c
Bump version to 1.8.8
2013-07-16 16:29:42 -06:00
Todd C. Miller
1d20a0ab63
Document the remote_host setting (-h host)
2013-07-16 16:21:14 -06:00