isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5,787 Commits 1 Branch 0 Tags
26ec20f8b1e3c4ebb6be899cfb5112eaf4e4847b
Commit Graph

5787 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
27dbaa8ded Change trunk version to 1.8.x to distinguish from real 1.8.0. 2011-03-16 16:07:33 -04:00
Todd C. Miller
53ddb01f39 Document major changes in 1.8.1 and add upgrade notes. 2011-03-16 16:06:16 -04:00
Todd C. Miller
092b4b4d02 Be careful not to deref user_stat if it is NULL. This cannot currently 
happen in sudo but might in other programs using the parser.
 2011-03-16 15:59:44 -04:00
Todd C. Miller
de0df45cc9 configure will not add -O2 to CFLAGS if it is already defined to 
add -O2 to the CFLAGS we pass in when PIE is being used.
 2011-03-16 13:38:58 -04:00
Todd C. Miller
aa29582acc Warn about the dangers of log_input and mention iolog_file and iolog_dir 
in the log_input and log_output descriptions.
 2011-03-16 13:26:27 -04:00
Todd C. Miller
5c228d4244 sync with git version 2011-03-16 13:06:39 -04:00
Todd C. Miller
639903f132 It seems that h comes after i 2011-03-16 12:07:03 -04:00
Todd C. Miller
09f9796ea3 Move log_input and log_output to their proper, sorted, location. 
Document set_utmp and utmp_runas.
 2011-03-16 12:05:32 -04:00
Todd C. Miller
240642399b Save the controlling tty process group before suspending so we can 
restore it when we resume.  Fixes job control problems on Linux
caused by the previous attemp to fix resuming a shell when I/O
logging not enabled.
 2011-03-16 12:02:04 -04:00
Todd C. Miller
9e65afc15f Fix printing of the remainder after a newline. Fixes "sudo -l" output 
corruption that could occur in some cases.
 2011-03-16 10:26:10 -04:00
Todd C. Miller
2041d39db7 Add support for ut_exit 2011-03-15 16:18:33 -04:00
Todd C. Miller
3506f01077 Add support for controlling whether utmp is updated and which user is 
listed in the entry.
 2011-03-15 15:53:49 -04:00
Todd C. Miller
cf7ec7a3cc Fix typo; tupple vs. tuple 2011-03-15 15:52:18 -04:00
Todd C. Miller
07968755aa For legacy utmp, strip the /dev/ prefix before trying to determine 
slot since the ttys file does not include the /dev/ prefix.
 2011-03-15 15:51:44 -04:00
Todd C. Miller
5e6bc4017b Add check for _PATH_UTMP 2011-03-15 11:56:49 -04:00
Todd C. Miller
bf5f17bd63 Adapt check_iolog_path to sessid changes 2011-03-14 11:30:32 -04:00
Todd C. Miller
8653ccc809 Redo utmp handling. If no getutent()/getutxent() is available, 
assume a ttyslot-based utmp.  If getttyent() is available, use
that directly instead of ttyslot() so we don't have to do the
stdin dup2 dance.
 2011-03-14 10:20:47 -04:00
Todd C. Miller
1e9def1efa Move utmp handling into utmp.c 2011-03-11 15:54:12 -05:00
Todd C. Miller
53da5e8cdf Update copyright years. 2011-03-11 15:34:35 -05:00
Todd C. Miller
cde2cb00f0 Add "user_shell" boolean as a way to indicate to the plugin that 
the -s flag was given.
 2011-03-11 15:02:13 -05:00
Todd C. Miller
6e2778eb22 Move sessid out of sudo_user. 2011-03-11 14:07:26 -05:00
Todd C. Miller
383aef00b1 Log the TSID even if it is not a simple session ID. 2011-03-11 12:11:05 -05:00
Todd C. Miller
9660f08e32 Document noexec in sample.sudo.conf and add back noexec_file section 
in sudoers with a note that it is deprecated.
 2011-03-11 11:34:11 -05:00
Todd C. Miller
6bea3f524e Fix running commands as non-root on systems where setreuid() changes 
the saved uid based on the effective uid we are changing to.
 2011-03-11 10:48:12 -05:00
Todd C. Miller
7debf44742 Move noexec path into sudo.conf now that sudo itself handles noexec. 
Currently can be configured in sudoers too but is now undocumented
and will be removed in a future release.
 2011-03-10 16:12:33 -05:00
Todd C. Miller
dc8012265f Document "Path noexec ..." in sudo.conf. 
No longer document noexec_file in sudoers, it will be removed in a future
release.
 2011-03-10 16:06:16 -05:00
Todd C. Miller
a092d2fdcf Move noexec handling to sudo front-end where it is documented as being. 2011-03-10 15:11:49 -05:00
Todd C. Miller
c7a7d31905 Add support for disabling exec via solaris privileges. 
Includes preparation for moving noexec support out of sudoers
and into front end as documented.
 2011-03-10 14:24:10 -05:00
Todd C. Miller
7599034e69 Only export the symbols corresponding to the plugin structs. 2011-03-10 12:12:14 -05:00
Todd C. Miller
498248d1f0 Install plugins manually instead of using libtool. This works 
around a problem on AIX where libtool will install a .a file
containing the .so file instead of the .so file itself.
 2011-03-10 10:57:56 -05:00
Todd C. Miller
c6f0c59bc6 Move check into its own rule since some versions of make will run 
both targets as the default rule.
 2011-03-10 10:32:23 -05:00
Todd C. Miller
62edd57ab7 Update to libtool 2.2.10 2011-03-10 10:31:27 -05:00
Todd C. Miller
caefd1abdc In handle_signals(), restart the read() on EINTR to make sure we keep up 
with the signal pipe.  Don't return -1 on EAGAIN, it just means we have
emptied the pipe.
 2011-03-09 11:28:51 -05:00
Todd C. Miller
da24fe8c3b Reorder functions to quiet a compiler warning. 2011-03-09 11:22:34 -05:00
Todd C. Miller
1c633bb2bb Use the Sun Studio C compiler on Solaris if possible 2011-03-09 11:22:09 -05:00
Todd C. Miller
206f5ff313 Fix default setting of osversion variable. 2011-03-08 16:09:48 -05:00
Todd C. Miller
32cfe08a12 Make two login_class entris consistent. 2011-03-08 15:38:06 -05:00
Todd C. Miller
1496bfed6c Add support for adding a utmp entry when allocating a new pty. 
Requires the BSD login(3) or SYSV/POSIX getutent()/getutxent().
Currently only creates a new entry if the existing tty has
a utmp entry.
 2011-03-08 15:37:40 -05:00
Todd C. Miller
9c9c0223e6 Avoid pulling in headers we don't need on Linux 
For getutx?id(), call setutx?ent() first and always call endutx?ent().
 2011-03-08 15:34:34 -05:00
Todd C. Miller
2241947b38 Add some more libs to SUDOERS_LIBS instead of relying on them to be 
pulled in by SUDO_LIBS.
 2011-03-08 09:46:35 -05:00
Todd C. Miller
d6252de205 Fix return value of "sudo -l command" when command is not allowed, broken 
in [c7097ea22111].  The default return value is now TRUE and a bad:
label is used when permission is denied.  Also fixed missing permissions
restoration on certain errors.  On error()/errorx(), the password and
group files are now closed before returning.
 2011-03-08 09:38:21 -05:00
Todd C. Miller
47968912a2 Fix passing of login class back to sudo front end. 2011-03-07 16:55:08 -05:00
Todd C. Miller
7e10987348 Add --osversion flag to specify OS instead of running "pp --probeonly" 2011-03-07 10:34:47 -05:00
Todd C. Miller
b54425e041 Fix expr usage w/ GNU expr 2011-03-07 10:08:21 -05:00
Todd C. Miller
e65bc35c6d Fix exit value for validate and list mode. 2011-03-06 15:52:40 -05:00
Todd C. Miller
a0ba308694 Fix non-interactive mode with sudoers plugin. 2011-03-06 15:38:02 -05:00
Todd C. Miller
6968367cb1 sudoreplay can now find IDs other than %{seq} and display the session. 2011-03-05 15:34:30 -05:00
Todd C. Miller
85e8e584ae Add support for replaying sessions when iolog_file is set to something 
other than %{seq}.
 2011-03-04 20:10:44 -05:00
Todd C. Miller
f5e356ed40 If we are killed by a signal, display the name of the signal that got us. 2011-03-04 16:12:40 -05:00
Todd C. Miller
3cc46dd70a Move libs used for authentication from SUDO_LIBS to SUDOERS_LIBS 
where they belong.
 2011-03-04 08:26:48 -05:00