isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7,180 Commits 1 Branch 0 Tags
27598bc0ab4ee2961d253f1946a43c02a1f16dcc
Commit Graph

7180 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
7dabe334b3 Fix a warning on Solaris, we need to use debug_return_const_ptr. 2013-12-09 14:06:46 -07:00
Todd C. Miller
b7c647a4fe check_symbols needs to link with SUDO_LIBS in order to get -lpthread 
on HP-UX for libldap (which uses threads).  It would be better to
have a separate variable for the pthread library but this is no
worse than it used to be.
 2013-12-09 14:00:55 -07:00
Todd C. Miller
8e04c592ae add missing comma 2013-12-08 11:20:32 -07:00
Todd C. Miller
47dbe189f9 Make -c option description more accurate. 2013-12-08 11:06:27 -07:00
Todd C. Miller
8bdf3d9a27 When checking whether a user may change the login class, just check 
pw_uid of the runas user, which was passed in to set_loginclass().
 2013-12-07 09:17:54 -07:00
Todd C. Miller
acdff2d998 Use atoid() when parsing user/group IDs and print them as unsigned int. 2013-12-06 14:10:03 -07:00
Todd C. Miller
e964aa4d8c Correctly parse 64-bit times in I/O log files. 2013-12-05 16:19:50 -07:00
Todd C. Miller
e1ac1a2ff3 Use atoid() not atoi() when parsing uids/gids. 2013-12-05 15:51:56 -07:00
Todd C. Miller
2508da6f68 Better match debugging. 
Sprinkle const in match functions.
 2013-12-05 14:34:56 -07:00
Todd C. Miller
1739350e20 Document that plugins can be compiled statically into the sudo binary. 2013-12-04 16:05:05 -07:00
Todd C. Miller
9e964a8c0e sudo_sss_filter_user_netgroup(): fix comment typos, break out of loop 
early if we match ALL or netgroup.
 2013-12-03 15:47:45 -07:00
Todd C. Miller
302d3273a8 When filtering netgroups, use the passwd struct stashed in the handle, 
not user_name since we may be listing another users privileges.
 2013-12-03 15:39:12 -07:00
Todd C. Miller
af72b1ad50 RHEL 6 and above builds sudo with SSSD support 2013-12-03 15:18:42 -07:00
Todd C. Miller
f477b343fe Avoid passing NULL domainname to sudo_debug_printf(). 2013-12-03 15:15:12 -07:00
Todd C. Miller
ede55a2f74 Document sssd debug subsystem. 2013-12-03 14:42:33 -07:00
Todd C. Miller
5b491573e1 Document "event" debug subsystem. 2013-12-03 14:40:58 -07:00
Todd C. Miller
878ddb1788 Use atoid() instead of atoi() when parsing uids/gids so we get 
proper range checking.
 2013-12-03 14:33:26 -07:00
Todd C. Miller
f56eca8051 Add user netgroup filtering for SSSD. Previously, rules for a 
netgroup were applied to all even when they did not belong to the
specified netgroup.  RedHat Bugzilla 880150.
 2013-12-03 14:19:37 -07:00
Todd C. Miller
543d3b701e Fix several issues found by the clang static analyzer; Daniel Kopecek 2013-12-03 14:10:11 -07:00
Todd C. Miller
dc69e5af57 Mention how to dump sudoers info from LDAP. 2013-12-02 16:00:15 -07:00
Todd C. Miller
b082a614f5 On Solaris, disabling the proc_exec privilege appears to interfere 
with DAC file permissions.  Adding DAC override permissions to the
inheritable set works around this for commands run as root without
giving extra permissions to other users.  Bug #626
 2013-12-02 11:14:25 -07:00
Todd C. Miller
0d81263e26 Instead of setprogname(), add initprogname() which gets the program 
name for getprogname() using /proc or pstat() if possible.
 2013-12-01 19:12:21 -07:00
Todd C. Miller
902215a8c0 Ignore EOVERFLOW from pstat_getproc(). The HP-UX kernel appears 
to return this in certain situations but it appears to be harmless
at least insofar as retrieving the tty goes.
 2013-11-30 18:43:57 -07:00
Todd C. Miller
fdf56ee940 Sync with translationproject.org 2013-11-30 15:19:19 -07:00
Todd C. Miller
188e921560 Add missing newline in help message after export option. 2013-11-28 06:08:08 -07:00
Todd C. Miller
4247c1741b Do not add LIBDL to SUDO_LIBS or SUDOERS_LIBS in configure, do it 
in Makefile.in so we can make it last.  Fixes a linking problem on
Ubuntu precise.
 2013-11-26 07:15:55 -07:00
Todd C. Miller
94ad47ff98 Do not rely on NULL being defined for getaddrinfo() test. 
Fixes the check on HP-UX 11.23.
 2013-11-25 09:54:04 -07:00
Todd C. Miller
58a0540b96 Regen for sudo 1.8.9b1 2013-11-24 16:37:32 -07:00
Todd C. Miller
853384124d Sync with translationproject.org 2013-11-24 16:31:40 -07:00
Todd C. Miller
12f3bdf60e Add wrapper functions for dlopen() et al so that we can support 
statically compiling in the sudoers plugin but still allow other
plugins to be loaded.  The new --enable-static-sudoers configure
option will cause the sudoers plugin to be compiled statically into
the sudo binary.  This does not prevent other plugins from being
loaded as per sudo.conf.
 2013-11-22 16:35:15 -07:00
Todd C. Miller
0fb17059a6 Handle non-unix groups correctly. Get rid of runasuser and runasgroup 
types and use username and usergroup instead.  The fact that the user
or group is inside a Runas_List doesn't affect its underlying type.
 2013-11-21 09:45:55 -07:00
Todd C. Miller
bf700fdd58 Simplify Defaults list option object. The name and value strings 
are superfluous.
 2013-11-20 14:35:35 -07:00
Todd C. Miller
6270991362 Back out unintended change. 2013-11-20 12:21:34 -07:00
Todd C. Miller
6a1d1e1483 Add dedicated test for getaddrinfo(). Tru64 UNIX contains two 
versions of getaddrinfo and we must include netdb.h to get the
proper definition.
 2013-11-20 12:04:47 -07:00
Todd C. Miller
ba40be9dd2 Define RTLD_GLOBAL for older systems without it. Bug #621 2013-11-20 07:22:10 -07:00
Todd C. Miller
192cbbb490 Rename snprintf replacement rpl_snprintf since we may now replace 
the libc version and #define rpl_snprintf snprintf in missing.h so
we get our version when needed.  This is consistent with how we
replace glob and fnmatch.
 2013-11-19 16:06:08 -07:00
Todd C. Miller
4075ee77cf libcommon tests need locale_stub.lo to link. 2013-11-19 11:00:41 -07:00
Todd C. Miller
42b1e4a9c4 Add check for C99 compliant (v)snprintf function. 2013-11-19 10:40:25 -07:00
Todd C. Miller
0a47860ef7 Include unistd.h in sig2str.c for Tru64 as it defines SIGRTMIN and 
SIGRTMAX in terms of sysconf(), which is prototyped in unistd.h.
Bug #621; from Daniel Richard G.
 2013-11-19 09:48:01 -07:00
Todd C. Miller
054a94e6c9 Add definition of U_ for --disable-nsl 
Don't define warning_gettext if --disable-nsl
Bug #621; from Daniel Richard G.
 2013-11-19 09:45:13 -07:00
Todd C. Miller
0a7ebf8b23 When merging Defaults entries we need to check the type of the 
next entry and not just assume it is the same as the previous one.
 2013-11-18 16:59:02 -07:00
Todd C. Miller
f16ce9714d runasgroups not runasgroup in the Cmnd_Spec. 2013-11-18 16:28:10 -07:00
Todd C. Miller
a1b1c80b26 Fix some syntax errors and change how lists are handled. 2013-11-18 12:00:44 -07:00
Todd C. Miller
3dab6bd8e9 Allow sudo to compile without variadic macro support in cpp. 
Debugging support will be limited (no file info from warnings.)
From Daniel Richard G.; Bug #621
 2013-11-18 09:10:09 -07:00
Todd C. Miller
96eb2c4f8f Add warning_gettext() wrapper function that changes to the user locale, 
then calls gettext().
Add U_ macro that calls warning_gettext() instead of gettext().
Rename warning2()/error2() back to warning_nodebug()/error_nodebug().
 2013-11-18 08:59:57 -07:00
Todd C. Miller
99b7351de0 Fix some #if vs. #ifdef and remove an extraneous semicolon. 
Bug #624; from Daniel Richard G.
 2013-11-17 16:15:36 -07:00
Todd C. Miller
6c71ad5c15 Add debug_return_const_str and debug_return_const_ptr for returning 
a const string or pointer.  Using const for the normal versions
produces warnings with the Tru64 compiler.
 2013-11-17 16:11:39 -07:00
Todd C. Miller
bf65cc041e Fixes for building under Tru64; from Daniel Richard G. 
Bug #624
 2013-11-17 14:16:13 -07:00
Todd C. Miller
7017c904c1 log_{fatal,warning} now logs to the debug file itself. 
log_{fatal,warning} now calls warningx2() after setting the
locale itself instead of using the wrapper macros.
This removes the only use of warningx(ngettext(...)).
 2013-11-16 09:21:43 -07:00
Todd C. Miller
942f732a50 Add -Wpointer-arith to --enable-warnings 2013-11-15 15:33:46 -07:00