isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7,234 Commits 1 Branch 0 Tags
32b897ac67fea808a20a184e81fe632b1fe57789
Commit Graph

679 Commits

Author SHA1 Message Date
Todd C. Miller
b813c4de48 Use sudo_timeval macros and remove compat macros from missing.h 2014-01-30 15:51:59 -07:00
Todd C. Miller
659b1f0e34 Switch to new time stamp file format. Each user now has a single 
file which may contain multiple records when per-tty time stamps
are in use (the default).  The time stamps use a monotonic timer
where available and are once again stored in /var/run/sudo.  The
lecture status is now stored separately from the time stamps in a
different directory.
 2014-01-30 15:50:40 -07:00
Todd C. Miller
1a42e5f63d It is now possible to disable network interface probing in sudo.conf 
by changing the value of the probe_interfaces setting.
 2014-01-23 14:52:54 -07:00
Todd C. Miller
cf6bca1390 Add explicit dependency on sudoers.la to sudo target when sudoers 
is compiled statically into the sudo binary.
 2014-01-22 14:47:27 -07:00
Todd C. Miller
5a6db565c1 Update copyright years 2014-01-15 06:19:34 -07:00
Todd C. Miller
8ca711ee15 When relocating fds, update the debug fd if it is set so we are 
guaranteed to get debugging output.
 2014-01-15 06:00:59 -07:00
Todd C. Miller
640a5ddb48 If the event loop exits due to an error and we are not logging I/O, 
kill the command if still running.  Fixes a bug where sudo could
exit while the command was still running.
 2014-01-14 20:34:20 -07:00
Todd C. Miller
77b126acc4 When relocating preserved fds, start with the highest ones first 
to avoid moving fds around more than we have to.  Now uses a bitmap
to keep track of which fds are being preserved.  Fixes a bug where
the debugging fd could be relocated to the same fd as the error
backchannel temporarily, resulting in debugging output being printed
to the backchannel if util@debug was enabled.
 2014-01-14 20:20:26 -07:00
Todd C. Miller
26cff8bcb5 When restoring fds traverse list from high -> low, not low -> high 
to avoid implicitly closing an fd we want to relocate.
 2014-01-14 14:22:04 -07:00
Todd C. Miller
d7277fc96e If not logging I/O we may get EOF when the command is executed and 
the other end of the backchannel is closed.  Just remove the
backchannel event in this case or we will continue to receive
the event.  Bug #631
 2014-01-14 10:54:56 -07:00
Todd C. Miller
6a76d1a1c2 sync with translationproject.org 2014-01-14 09:26:14 -07:00
Todd C. Miller
d99b4f0909 Fix strtonum() usage when parsing /proc/self/stat on Linux. 
Bug #630
 2014-01-13 11:11:26 -07:00
Todd C. Miller
73f6e56c57 Quiet a cppcheck warning about a negative subscript. 2014-01-08 17:03:06 -07:00
Todd C. Miller
bb9775879b Make noexec parameter to sudo_execve() bool. 2014-01-08 17:02:22 -07:00
Todd C. Miller
78355e618f Add cppcheck target to run cppcheck on all source files. 2014-01-13 09:50:39 -07:00
Todd C. Miller
27598bc0ab Update copyright year. 2014-01-07 10:43:31 -07:00
Todd C. Miller
d013b23ce3 If invoked as sudoedit we can't just exec the command directly since 
the temporary files need to be updated before sudo exits.
 2014-01-03 16:41:25 -07:00
Todd C. Miller
38bf95a767 Fix restoration of the close-on-exec flag when moving a relocated 
fd back into its original position.
 2014-01-03 14:34:14 -07:00
Todd C. Miller
929d8a38ea sync with translationproject.org 2013-12-31 16:23:44 -07:00
Todd C. Miller
42dbe7f4bd sync with translationproject.org 2013-12-29 09:12:23 -07:00
Todd C. Miller
72cd57dea3 sync with translationproject.org 2013-12-28 18:40:15 -07:00
Todd C. Miller
4d80e7cea4 Redo preserve_fds support to remap high fds so we can get the most 
out of closefrom().  The fds are then restored after closefrom().
 2013-12-24 15:01:00 -07:00
Todd C. Miller
1adeda54ef Add support for preventing fds from getting clobbered by closefrom(). 2013-12-20 11:14:32 -07:00
Todd C. Miller
b2c456341a Move symbol extern defs into sudoers.h 2013-12-16 14:18:42 -07:00
Todd C. Miller
62b559db15 Rename libcommon libsudo_util 2013-12-13 07:46:05 -07:00
Todd C. Miller
3e2d818ed9 Move prototypes for functions provided by libcommon that don't have 
their own header files into sudo_util.h.
 2013-12-12 18:29:07 -07:00
Todd C. Miller
03b013ab26 Regen after string parsing changes. 2013-12-11 13:55:12 -07:00
Todd C. Miller
cbf41b8b96 The OpenBSD strtonum() uses very short error strings that can't 
be translated usefully.  Convert them to longer strings on error.
Also use the longer strings for atomode() and atoid().
 2013-12-11 13:43:10 -07:00
Todd C. Miller
d83bfb9fe6 Add atomode() function for parsing a file mode. 2013-12-10 16:56:54 -07:00
Todd C. Miller
8f9ce7249a Use strtonum() instead of atoi(), strtol() or strtoul() where possible. 2013-12-10 16:23:21 -07:00
Todd C. Miller
7dabe334b3 Fix a warning on Solaris, we need to use debug_return_const_ptr. 2013-12-09 14:06:46 -07:00
Todd C. Miller
b082a614f5 On Solaris, disabling the proc_exec privilege appears to interfere 
with DAC file permissions.  Adding DAC override permissions to the
inheritable set works around this for commands run as root without
giving extra permissions to other users.  Bug #626
 2013-12-02 11:14:25 -07:00
Todd C. Miller
0d81263e26 Instead of setprogname(), add initprogname() which gets the program 
name for getprogname() using /proc or pstat() if possible.
 2013-12-01 19:12:21 -07:00
Todd C. Miller
902215a8c0 Ignore EOVERFLOW from pstat_getproc(). The HP-UX kernel appears 
to return this in certain situations but it appears to be harmless
at least insofar as retrieving the tty goes.
 2013-11-30 18:43:57 -07:00
Todd C. Miller
fdf56ee940 Sync with translationproject.org 2013-11-30 15:19:19 -07:00
Todd C. Miller
4247c1741b Do not add LIBDL to SUDO_LIBS or SUDOERS_LIBS in configure, do it 
in Makefile.in so we can make it last.  Fixes a linking problem on
Ubuntu precise.
 2013-11-26 07:15:55 -07:00
Todd C. Miller
58a0540b96 Regen for sudo 1.8.9b1 2013-11-24 16:37:32 -07:00
Todd C. Miller
853384124d Sync with translationproject.org 2013-11-24 16:31:40 -07:00
Todd C. Miller
12f3bdf60e Add wrapper functions for dlopen() et al so that we can support 
statically compiling in the sudoers plugin but still allow other
plugins to be loaded.  The new --enable-static-sudoers configure
option will cause the sudoers plugin to be compiled statically into
the sudo binary.  This does not prevent other plugins from being
loaded as per sudo.conf.
 2013-11-22 16:35:15 -07:00
Todd C. Miller
4075ee77cf libcommon tests need locale_stub.lo to link. 2013-11-19 11:00:41 -07:00
Todd C. Miller
054a94e6c9 Add definition of U_ for --disable-nsl 
Don't define warning_gettext if --disable-nsl
Bug #621; from Daniel Richard G.
 2013-11-19 09:45:13 -07:00
Todd C. Miller
96eb2c4f8f Add warning_gettext() wrapper function that changes to the user locale, 
then calls gettext().
Add U_ macro that calls warning_gettext() instead of gettext().
Rename warning2()/error2() back to warning_nodebug()/error_nodebug().
 2013-11-18 08:59:57 -07:00
Todd C. Miller
99b7351de0 Fix some #if vs. #ifdef and remove an extraneous semicolon. 
Bug #624; from Daniel Richard G.
 2013-11-17 16:15:36 -07:00
Todd C. Miller
6c71ad5c15 Add debug_return_const_str and debug_return_const_ptr for returning 
a const string or pointer.  Using const for the normal versions
produces warnings with the Tru64 compiler.
 2013-11-17 16:11:39 -07:00
Todd C. Miller
bb45f8e84d Very old systems (pre XPG 4.2) may not support MSG_WAITALL. The 
likelihood of receiving a partial message is quite low so this is
not a big deal.
 2013-11-12 15:14:58 -07:00
Todd C. Miller
87e1ae76af Uniquify header dependencies so we don't end up with duplicates 
when a header file includes other headers.  The header dependencies
are sorted so the generated order is stable.
 2013-11-11 13:53:06 -07:00
Todd C. Miller
fd88ed42c8 Use MSG_WAITALL when receiving struct command_status over the Unix 
domain socket since we no longer use datagrams.  This should avoid
the need to handle incomplete reads, though in theory it is still
possible.
 2013-10-29 15:26:32 -06:00
Todd C. Miller
8861e01d16 Add support for libevent-style timed events. Adding a timed event 
is currently O(n).  The only consumer of timed events is sudoreplay
which only used a singled one so O(n) == O(1) for now.  This also
allows us to remove the nanosleep compat function as we now use a
timeout event instead.
 2013-10-28 10:00:09 -06:00
Todd C. Miller
d8b368b503 Now that sudo_ev_base_free() removes all events before freeing we 
don't need to do this by hand.
 2013-10-26 07:52:59 -06:00
Todd C. Miller
60d20f1e6e mon_handler() should be static 2013-10-25 13:55:21 -06:00