isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,845 Commits 1 Branch 0 Tags
2ee651df79a166fc4f2bc1941362f97cc2841314
Commit Graph

92 Commits

Author SHA1 Message Date
Todd C. Miller
2ee651df79 Use 1/0 instead of TRUE/FALSE so we don't need sudoers.h 2010-04-28 09:56:50 -04:00
Todd C. Miller
1c67169b9d Substitute in @PROGS@ into src/Makefile to add sesh 2010-04-27 11:56:51 -04:00
Todd C. Miller
b0b6b4cf54 Add back calls to log_denial() if sudoers does not allow the command. 2010-04-26 22:10:34 -04:00
Todd C. Miller
e1a9e5aec0 Pass in correct pwflag for list and validate. 2010-04-26 21:53:59 -04:00
Todd C. Miller
ac06e777fa Add missing check for NULL in validate_env_vars 2010-04-26 21:38:43 -04:00
Todd C. Miller
1abb3b7f57 Only set sudo_user.env_vars if the env_add list is empty. 2010-04-26 21:28:58 -04:00
Todd C. Miller
90f8bf3482 Set sudo_user.env_vars so that environment variables specified on 
the command line get logged correctly.
 2010-04-26 20:41:28 -04:00
Todd C. Miller
b041c91caf Re-enable environment files and setting environment variables on the 
command line.
 2010-04-26 17:14:11 -04:00
Todd C. Miller
af092dc406 Fix typo in last commit (ifndef vs ifdef) 
Make sure we pass ctime() a pointer to time_t as tv_sec in struct
timeval may be long.
 2010-04-24 19:22:52 -04:00
Todd C. Miller
17220f44d6 Don't stash ctime in on-disk tty ticket info for now; on many (most?) 
systems the ctime is updated when the tty is written to.  Once I
have a better idea of what systems do not update ctime on ttys (and
have a way to test for this) the ctime stash will be conditionally
re-enabled.
 2010-04-24 19:05:11 -04:00
Todd C. Miller
4b04e875ed Move fileops.c defines and prototypes to filesops.h 2010-04-23 06:02:39 -04:00
Todd C. Miller
f7f9def5ef Lock the tty timestamp when writing. We shouldn't have to lock when 
reading since the file is updated via a single write system call.
 2010-04-23 05:56:24 -04:00
Todd C. Miller
05ae3ea6cb Convert to ANSI C function declarations 2010-04-22 18:09:53 -04:00
Todd C. Miller
c17d3e061d Remove extraneous bits and classify by source file. 2010-04-22 17:40:01 -04:00
Todd C. Miller
6a27866c30 get_boottime() now fills in a timeval struct 2010-04-22 10:33:16 -04:00
Todd C. Miller
7d6941a820 Store info from stat(2)ing the tty in the tty ticket when tty tickets 
are in use.  On most systems, this closes the loophole whereby a user
can log out of a tty, log back in and still have the timestamp be valid.
 2010-04-22 10:16:18 -04:00
Todd C. Miller
1bb9f62143 Convert perm setting to push/pop model; still needs some work 
Use the stashed runas groups instead of using getgrouplist()
Reset perms to the initial value on error
 2010-04-20 17:00:31 -04:00
Todd C. Miller
b4a26b7691 Use timeval directly instead of converting to timespec when dealing 
with file times and time of day.
 2010-04-20 16:44:02 -04:00
Todd C. Miller
0a3a849ef4 Don't like sudoreplay with libsudoers.la due to a yacc symbol conflict. 2010-04-20 16:37:41 -04:00
Todd C. Miller
257133328d Ansify env.c 2010-04-17 13:28:36 -04:00
Todd C. Miller
0df204052f Remove remaining references to the environ pointer. 2010-04-17 13:26:03 -04:00
Todd C. Miller
b71844daf7 Don't change the environ directly in the sudoers plugin 2010-04-16 07:56:16 -04:00
Todd C. Miller
9f0b8f7aae Fix typo 2010-04-15 06:29:31 -04:00
Todd C. Miller
399aa0d5c7 Fix use after free in error message when a duplicate alias exists. 2010-04-15 06:14:41 -04:00
Todd C. Miller
fb87c040cc Add workaround for the lack of the environ pointer on Mac OS X 
in dlopen()ed modules.  Use of environ in the sudoers plugin should
ultimately be removed but this will do for the moment.
 2010-04-14 06:38:32 -04:00
Todd C. Miller
2b7f0ca955 Set errorfile to the sudoers path if we set parse_error manually. 
This prevents a NULL dereference in printf() when checking a sudoers
file in strict mode when alias errors are present.
 2010-04-14 06:24:42 -04:00
Todd C. Miller
6aecf3fb15 Main sudo no longer print "unable to execute" on exec failure so do it here. 2010-04-14 05:51:11 -04:00
Todd C. Miller
f321a85815 Don't override rval with results of check_user() unless it failed. 2010-04-13 05:53:03 -04:00
Todd C. Miller
7c344181da Remove io_conv and just use sudo_conv 2010-04-11 17:12:12 -04:00
Todd C. Miller
0d2524e68e Fix set/restore perms for systems w/o setresuid 2010-04-11 16:38:42 -04:00
Todd C. Miller
744eae82e7 Primitive set/restore permissions. Will be replaced by a push/pop 
model.
 2010-04-10 10:34:37 -04:00
Todd C. Miller
32672c1f1a Merge fb4d571495fa from the 1.7 branch to trunk. 2010-04-09 06:18:43 -04:00
Todd C. Miller
43b6359df3 Fix out-of-tree builds 2010-04-04 14:01:21 -04:00
Todd C. Miller
3242c1091d Free str after using it in the version method. Use sudo_conv, not 
io_conv since we don't have the IO conversation function pointer
in the I/O version method anymore now that io_open is delayed.
 2010-04-04 08:40:23 -04:00
Todd C. Miller
ee52f3c390 Add sudoreplay testsudoers and visudo to clean target 2010-04-02 07:49:29 -04:00
Todd C. Miller
44341c9c15 Main sudo should not block signals; the plugin should do this in 
check_policy.
 2010-04-01 06:35:19 -04:00
Todd C. Miller
3a98967119 Move --tag=disable-static to when we link sudoers.la, not when 
we install.
 2010-03-31 05:44:17 -04:00
Todd C. Miller
05e8023e78 Add back io logging (transcript) support. Currently, the open function 
runs too early and it is not possible to use the io module independently
of the policy module.
 2010-03-27 20:19:40 -04:00
Todd C. Miller
681c6faf3e Comment out dead code; will be removed when set_perms is rewritten. 2010-03-27 09:12:48 -04:00
Todd C. Miller
eae881b5aa Fix off by one error when allocating user_groups. 2010-03-23 05:21:38 -04:00
Todd C. Miller
0ea0d60cbd Add REPLAY_LIBS for sudoreplay and add -lrt to it on Solaris. 2010-03-22 19:55:49 -04:00
Todd C. Miller
e12858ee90 Fix typo in preserve groups case 2010-03-22 19:39:02 -04:00
Todd C. Miller
fc63d106f8 In command_info it is "runas_groups" not "groups". 2010-03-22 19:27:02 -04:00
Todd C. Miller
8df6ba9fee Merge 5177a284b9ff 549f8f7c2463 88f3181692fe from 1.7 branch. 2010-03-22 10:19:07 -04:00
Todd C. Miller
a72669d8a6 Set preserve_groups or groups list in command_info 2010-03-22 08:28:11 -04:00
Todd C. Miller
0ea44bcba1 Check preserve_groups and ignore_ticket args with atobool instead 
of assuming they are true if present.
 2010-03-22 08:09:50 -04:00
Todd C. Miller
066e6a7e8f Rename plugin-specific error.c to plugin_error.c 
Wire up visudo, sudoreplay and testsudoers in the build
 2010-03-21 12:58:14 -04:00
Todd C. Miller
6b180d24da Fix the -s and -i flags and add support for the "implied_shell" 
option.  If the user does not specify a command, sudo will now pass
in the path to the user's shell and set impied_shell=true.  The
plugin can them either check the command normally or return -2 to
cause sudo to print a usage message and exit.
 2010-03-21 08:54:06 -04:00
Todd C. Miller
8c9db4ef6f Better prefix determination now that we can't rely on len==0 to 
tell the beginning on an entry.
 2010-03-19 08:17:58 -04:00
Todd C. Miller
5fb6784ab1 display_bound_defaults() stub should return 0, not 1 since it is a count, 
not a boolean.
 2010-03-19 08:17:09 -04:00