isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,159 Commits 1 Branch 0 Tags
2ff9d0318c65a7fbc3977c768a59375ff35e7d70
Commit Graph

6159 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
2ff9d0318c Remove bogus optimization that could lead to a double free of the 
group list.
 2012-03-16 12:00:32 -04:00
Todd C. Miller
ced34a6e26 Expand AIX /etc/security/privcmds entry. 2012-03-15 15:25:13 -04:00
Todd C. Miller
db40f6b1ba Update for sudo 1.8.5 2012-03-15 12:32:56 -04:00
Todd C. Miller
96f046c1ce Rename plugin "args" to "options" 2012-03-15 12:32:31 -04:00
Todd C. Miller
741f57e68c Add Lithuanian and Vietnamese translators 2012-03-15 12:21:36 -04:00
Todd C. Miller
039c214878 Ignore comments when comparing new and old pot files. 2012-03-15 11:44:35 -04:00
Todd C. Miller
1234d08c98 regen 2012-03-15 09:19:28 -04:00
Todd C. Miller
d73ed51c58 regen 2012-03-15 09:18:50 -04:00
Todd C. Miller
6d10909949 Pass a pointer to user_env in to the init_session policy plugin 
function so session setup can modify the user environment as needed.
For PAM authentication, merge the PAM environment with the user
environment at init_session time.  We no longer need to swap in the
user_env for environ during session init, nor do we need to disable
the env hooks at init_session time.
 2012-03-15 09:18:36 -04:00
Todd C. Miller
0b1baf07ec Add explicit NULL entries for init_session, register_hooks and 
deregister_hooks with appropriate comments.
 2012-03-15 09:02:19 -04:00
Todd C. Miller
f587fa1535 Quiet a gcc "used uninitialized in this function" false positive. 2012-03-15 08:56:12 -04:00
Todd C. Miller
b330cbbed8 We should always call warning() with a format string or a string literal. 
In this case, the argument (path) is not user-controlled.
 2012-03-15 08:47:23 -04:00
Todd C. Miller
b3da8ccd89 Include sudo_exec.h for the sudo_execve() prototype. 2012-03-14 21:52:31 -04:00
Todd C. Miller
9cd65dafc6 Add check for pam_getenvlist() 2012-03-14 20:55:11 -04:00
Todd C. Miller
83459e13b5 Set args to NULL in default plugin info struct when there is no 
Plugin line in sudo.conf.
 2012-03-14 15:07:50 -04:00
Todd C. Miller
c3ea638b34 regen 2012-03-14 14:20:55 -04:00
Todd C. Miller
b61c0ab473 regen 2012-03-14 14:20:16 -04:00
Todd C. Miller
ed774f2b13 Bump version to 1.8.5 2012-03-14 14:17:44 -04:00
Todd C. Miller
e852b3ab06 Document hooks API 2012-03-14 14:11:18 -04:00
Todd C. Miller
ca0d9c4be9 Make sudoersdir relative to PKG_INSTALL_ROOT for Solaris. 2012-03-13 17:38:03 -04:00
Todd C. Miller
7e11069932 Use sudo_hook_fn_t in struct sudo_hook. 2012-03-13 17:32:50 -04:00
Todd C. Miller
779b6c8e0d If cross compiling, --host must include the OS in the tuple. 
E.g. --host powerpc-unknown-linux
 2012-03-13 11:01:23 -04:00
Todd C. Miller
d539c606e0 Fix bogus int -> bool conversion; tags can have a value of -1. 2012-03-12 19:34:19 -04:00
Todd C. Miller
19fc56462d Add env_should_keep() and env_should_delete() wrapper functions to 
simplify things a bit and hide the fact that matches_env_check()
is not bool.
 2012-03-12 16:45:22 -04:00
Todd C. Miller
fa99904b20 Fix application of debian-specific sudoers mods when building packages 
as non-root.
 2012-03-12 15:04:03 -04:00
Todd C. Miller
749784ea5b matches_env_check() returns int, not boolean 2012-03-12 13:53:54 -04:00
Todd C. Miller
dc727ff6d4 Fix compilation when seteuid() is not available. 2012-03-12 13:52:51 -04:00
Todd C. Miller
4bd136e11a Simply move the free of ki_proc outside the realloc() loop. 2012-03-12 11:37:33 -04:00
Todd C. Miller
1ca5009563 Bring back the erealloc() for the ENOMEM loop and just zero the 
pointer after we free it.
 2012-03-12 10:49:26 -04:00
Todd C. Miller
9052833f76 Don't try to erealloc() a potentially freed pointer; Mateusz Guzik 2012-03-12 08:54:40 -04:00
Todd C. Miller
1e8f5d4aa4 Use normal error path if unable to set sudoers gid. 2012-03-10 16:38:14 -05:00
Todd C. Miller
7971a5e499 Make this work again on systems w/o seteuid(). 2012-03-10 15:29:46 -05:00
Todd C. Miller
9c2dd5eec6 Fix compilation if no seteuid/setreuid/setresuid available. 2012-03-09 17:28:59 -05:00
Todd C. Miller
b49bb17c3e Better error messages, and added debugging throughout. 
Fixed seteuid() version of set_perms()/restore_perms().
Fixed logic bug in AIX version of restore_perms().
Added checks to avoid changing uid/gid when we don't have to.
Never set gid/uid state to -1, use the old value instead.
 2012-03-09 17:07:41 -05:00
Todd C. Miller
f745a041e2 Fix format string warning on Solaris with gcc 3.4.3. 2012-03-09 12:45:24 -05:00
Todd C. Miller
4d1752d4d1 Always declare environ now that we swap it around unilaterally. 2012-03-09 12:42:30 -05:00
Todd C. Miller
b455bccc5e Honor LDFLAGS when linking sesh; from Vita Cizek 2012-03-09 10:07:00 -05:00
Todd C. Miller
f5f3d4cf3f Include alloc.h for estrdup() prototype; from Vita Cizek 2012-03-09 10:06:27 -05:00
Todd C. Miller
08c6c776c9 Don't read /etc/environment on Linux when using PAM, PAM should set 
the environment variables as needed via pam_env.
 2012-03-08 14:51:03 -05:00
Todd C. Miller
d4259ef2ca Fix editor goof. 2012-03-08 13:19:39 -05:00
Todd C. Miller
20a7633a3f Disable environment hooks after we get user_env back to make sure 
a plugin can't to modify user_env after we "own" it.  This is kind
of a hack but we don't want the init_session plugin function to
modify user_env.
 2012-03-08 11:30:21 -05:00
Todd C. Miller
9b58120c36 Add support for deregistering hooks. If an I/O log plugin fails 
to initialize, deregister its hooks (if any).
 2012-03-08 11:29:32 -05:00
Todd C. Miller
d4a3a5d8b9 Move LOGIN_PATH and LOGIN_SETENV handling to plugin now that we 
hook setenv.
 2012-03-07 16:38:57 -05:00
Todd C. Miller
37770ecf1e Initial cut at a hooks implementation. The plugin can register 
hooks for getenv, putenv, setenv and unsetenv.  This makes it
possible for the plugin to trap changes to the environment made by
authentication methods such as PAM or BSD auth so that such changes
are reflected in the environment passed back to sudo for execve().
 2012-03-07 16:35:42 -05:00
Todd C. Miller
1504256134 Add Vietnamese sudo translation from translationproject.org 2012-03-05 09:42:52 -05:00
Todd C. Miller
bfb6f79105 List sudo_noexec.so not noexec.so in the sample sudo.conf 2012-03-02 11:15:40 -05:00
Todd C. Miller
a16dee915b Add support for plugin args at the end of a Plugin line in sudo.conf. 
Bump the minor number accordingly and update the documentation.  A
plugin must check the sudo front end's version before using the
plugin_args parameter since it is only supported for API version
1.2 and higher.
 2012-03-02 11:04:09 -05:00
Todd C. Miller
c623857fc9 update depends 2012-03-01 13:19:30 -05:00
Todd C. Miller
c7635121d8 secure_path.c is in common, not compat 2012-03-01 13:05:43 -05:00
Todd C. Miller
06e390a566 Add check for variadic macro support in cpp. 2012-03-01 13:05:03 -05:00