isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,826 Commits 1 Branch 0 Tags
2bc52eb394bab7f0d4ad9829bca2942201cdc45d
Commit Graph

78 Commits

Author SHA1 Message Date
Todd C. Miller
6a27866c30 get_boottime() now fills in a timeval struct 2010-04-22 10:33:16 -04:00
Todd C. Miller
7d6941a820 Store info from stat(2)ing the tty in the tty ticket when tty tickets 
are in use.  On most systems, this closes the loophole whereby a user
can log out of a tty, log back in and still have the timestamp be valid.
 2010-04-22 10:16:18 -04:00
Todd C. Miller
1bb9f62143 Convert perm setting to push/pop model; still needs some work 
Use the stashed runas groups instead of using getgrouplist()
Reset perms to the initial value on error
 2010-04-20 17:00:31 -04:00
Todd C. Miller
b4a26b7691 Use timeval directly instead of converting to timespec when dealing 
with file times and time of day.
 2010-04-20 16:44:02 -04:00
Todd C. Miller
0a3a849ef4 Don't like sudoreplay with libsudoers.la due to a yacc symbol conflict. 2010-04-20 16:37:41 -04:00
Todd C. Miller
257133328d Ansify env.c 2010-04-17 13:28:36 -04:00
Todd C. Miller
0df204052f Remove remaining references to the environ pointer. 2010-04-17 13:26:03 -04:00
Todd C. Miller
b71844daf7 Don't change the environ directly in the sudoers plugin 2010-04-16 07:56:16 -04:00
Todd C. Miller
9f0b8f7aae Fix typo 2010-04-15 06:29:31 -04:00
Todd C. Miller
399aa0d5c7 Fix use after free in error message when a duplicate alias exists. 2010-04-15 06:14:41 -04:00
Todd C. Miller
fb87c040cc Add workaround for the lack of the environ pointer on Mac OS X 
in dlopen()ed modules.  Use of environ in the sudoers plugin should
ultimately be removed but this will do for the moment.
 2010-04-14 06:38:32 -04:00
Todd C. Miller
2b7f0ca955 Set errorfile to the sudoers path if we set parse_error manually. 
This prevents a NULL dereference in printf() when checking a sudoers
file in strict mode when alias errors are present.
 2010-04-14 06:24:42 -04:00
Todd C. Miller
6aecf3fb15 Main sudo no longer print "unable to execute" on exec failure so do it here. 2010-04-14 05:51:11 -04:00
Todd C. Miller
f321a85815 Don't override rval with results of check_user() unless it failed. 2010-04-13 05:53:03 -04:00
Todd C. Miller
7c344181da Remove io_conv and just use sudo_conv 2010-04-11 17:12:12 -04:00
Todd C. Miller
0d2524e68e Fix set/restore perms for systems w/o setresuid 2010-04-11 16:38:42 -04:00
Todd C. Miller
744eae82e7 Primitive set/restore permissions. Will be replaced by a push/pop 
model.
 2010-04-10 10:34:37 -04:00
Todd C. Miller
32672c1f1a Merge fb4d571495fa from the 1.7 branch to trunk. 2010-04-09 06:18:43 -04:00
Todd C. Miller
43b6359df3 Fix out-of-tree builds 2010-04-04 14:01:21 -04:00
Todd C. Miller
3242c1091d Free str after using it in the version method. Use sudo_conv, not 
io_conv since we don't have the IO conversation function pointer
in the I/O version method anymore now that io_open is delayed.
 2010-04-04 08:40:23 -04:00
Todd C. Miller
ee52f3c390 Add sudoreplay testsudoers and visudo to clean target 2010-04-02 07:49:29 -04:00
Todd C. Miller
44341c9c15 Main sudo should not block signals; the plugin should do this in 
check_policy.
 2010-04-01 06:35:19 -04:00
Todd C. Miller
3a98967119 Move --tag=disable-static to when we link sudoers.la, not when 
we install.
 2010-03-31 05:44:17 -04:00
Todd C. Miller
05e8023e78 Add back io logging (transcript) support. Currently, the open function 
runs too early and it is not possible to use the io module independently
of the policy module.
 2010-03-27 20:19:40 -04:00
Todd C. Miller
681c6faf3e Comment out dead code; will be removed when set_perms is rewritten. 2010-03-27 09:12:48 -04:00
Todd C. Miller
eae881b5aa Fix off by one error when allocating user_groups. 2010-03-23 05:21:38 -04:00
Todd C. Miller
0ea0d60cbd Add REPLAY_LIBS for sudoreplay and add -lrt to it on Solaris. 2010-03-22 19:55:49 -04:00
Todd C. Miller
e12858ee90 Fix typo in preserve groups case 2010-03-22 19:39:02 -04:00
Todd C. Miller
fc63d106f8 In command_info it is "runas_groups" not "groups". 2010-03-22 19:27:02 -04:00
Todd C. Miller
8df6ba9fee Merge 5177a284b9ff 549f8f7c2463 88f3181692fe from 1.7 branch. 2010-03-22 10:19:07 -04:00
Todd C. Miller
a72669d8a6 Set preserve_groups or groups list in command_info 2010-03-22 08:28:11 -04:00
Todd C. Miller
0ea44bcba1 Check preserve_groups and ignore_ticket args with atobool instead 
of assuming they are true if present.
 2010-03-22 08:09:50 -04:00
Todd C. Miller
066e6a7e8f Rename plugin-specific error.c to plugin_error.c 
Wire up visudo, sudoreplay and testsudoers in the build
 2010-03-21 12:58:14 -04:00
Todd C. Miller
6b180d24da Fix the -s and -i flags and add support for the "implied_shell" 
option.  If the user does not specify a command, sudo will now pass
in the path to the user's shell and set impied_shell=true.  The
plugin can them either check the command normally or return -2 to
cause sudo to print a usage message and exit.
 2010-03-21 08:54:06 -04:00
Todd C. Miller
8c9db4ef6f Better prefix determination now that we can't rely on len==0 to 
tell the beginning on an entry.
 2010-03-19 08:17:58 -04:00
Todd C. Miller
5fb6784ab1 display_bound_defaults() stub should return 0, not 1 since it is a count, 
not a boolean.
 2010-03-19 08:17:09 -04:00
Todd C. Miller
eec5235d19 Rewrite compat/getprogname.c and add setprogname(). 
The progname is now passed to the plugin via the settings array.
 2010-03-19 07:52:31 -04:00
Todd C. Miller
0dbf4362d9 Fix --with-ldap 2010-03-19 07:32:14 -04:00
Todd C. Miller
71baab8acc Add missing whitespace for Runas and Command-specific defaults 2010-03-19 07:31:42 -04:00
Todd C. Miller
38937dca5e Use embedded newlines in lbuf instead of multiple calls to lbuf_print. 2010-03-19 07:04:34 -04:00
Todd C. Miller
ba9d2f5bb6 Play more nicely with libtool and let it build libreplace (was libmissing) 
for us.
 2010-03-18 11:42:12 -04:00
Todd C. Miller
b4f4afdf69 Pass in output function to lbuf_init() instead of writing to stdout. 
A side effect is that the usage info can now go to stderr as it should.
 2010-03-18 06:42:17 -04:00
Todd C. Miller
038ec569de Use number of tty columns that is passed in user_info instead of 
getting it directly in the lbuf code.
 2010-03-17 21:25:32 -04:00
Todd C. Miller
d5ae4c7d87 Kill __P in sudoers 2010-03-17 19:56:27 -04:00
Todd C. Miller
a5d2775f73 Kill dead code 
Add missing sigsetjmp in sudo_policy_invalidate
Error out if we fail to lookup the user's name that is passed in
 2010-03-16 08:50:03 -04:00
Todd C. Miller
0d8159fa2f Pass the error value back via siglongjmp. 2010-03-16 08:41:36 -04:00
Todd C. Miller
51c55cd487 Use conversation function for lecture. 2010-03-16 07:41:41 -04:00
Todd C. Miller
cbf298bfc8 Don't update ticket file if verify_user returns FALSE. 2010-03-16 07:13:57 -04:00
Todd C. Miller
ee223889c1 Wire up invalidate and validate methods for sudoers 2010-03-15 20:24:55 -04:00
Todd C. Miller
248bae4e56 Add support for -k flag with a command. 2010-03-15 19:41:15 -04:00