isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7,234 Commits 1 Branch 0 Tags
32b897ac67fea808a20a184e81fe632b1fe57789
Commit Graph

679 Commits

Author SHA1 Message Date
Todd C. Miller
07e0a068dc Add missing else when the connection from the monitor to the parent 
sudo process is broken (due to the parent dying).  Prevents a
spurious "unexpected reply type on backchannel" warning.
 2013-10-24 10:40:51 -06:00
Todd C. Miller
a090d0678c When flushing output we don't care whether we are the foreground 
process or not, we still need to flush to /dev/tty.  If we are in
the background, it is OK to get SIGTTOU.
 2013-10-24 10:19:36 -06:00
Todd C. Miller
0817429583 More sign compare fixes. On Solaris id_t is signed so use uid_t 
in the set_perms.c ID macro instead.
 2013-10-23 15:19:41 -06:00
Todd C. Miller
07a804caf3 Quiet sign comparision warnings. 2013-10-23 15:03:31 -06:00
Todd C. Miller
d825a58943 Avoid a double free introduced when plugging a memory leak in 
safe_close().  A new ev_free_by_fd() function is used to remove and
free any events sharing the specified fd.  This can be used after
safe_close() to make sure we don't try to select() on a closed fd.
 2013-10-22 15:54:41 -06:00
Todd C. Miller
e8ce021e7d Quiet some llvm check false positives. The common idiom of using 
TAILQ_FIRST, TAILQ_REMOVE and free in a loop to free each entry in
a TAILQ confuses llvm.  Use TAILQ_FOREACH_SAFE instead (which is
probably faster anyway).
 2013-10-22 14:58:00 -06:00
Todd C. Miller
f85106ea67 Use SLIST and STAILQ macros instead of doing headless singly linked 
lists manually.  As a bonus we now use a tail queue for ldap.c and
sudoreplay.c.
 2013-10-22 09:08:09 -06:00
Todd C. Miller
923edabe6c Convert sudo to use BSD TAILQ macros instead of home ground tail 
queue functions.  This includes a private queue.h header derived
from FreeBSD.  It is simpler to just use our own header rather than
try to deal with macros that may or may not be present in various
queue.h incarnations.
 2013-10-22 09:00:37 -06:00
Todd C. Miller
04588f6136 Fix memory leak of I/O buffer events in safe_close(). 2013-10-18 16:28:49 -06:00
Todd C. Miller
b985948e72 Convert the monitor process to the event subsystem. 2013-10-12 05:57:42 -06:00
Todd C. Miller
83d2d25c4c Convert the main sudo event loop to use the event subsystem. 
Read events for I/O buffers are added before the loop starts.
Write events are added on demand as the buffers are filled.
 2013-10-12 05:53:52 -06:00
Todd C. Miller
79acd5db49 Simple event subsystem that uses poll() or select(). Basically a 
simplied subset of libevent2.  Currently only fd events are supported
(since that's all we need).  The poll() backend is used by default,
except on Mac OS X where poll() is broken for devices (including
/dev/tty and ptys).
 2013-10-12 05:53:43 -06:00
Todd C. Miller
ff18c65862 Use SOCK_STREAM for socketpair, not SOCK_DGRAM so we get consistent 
semantics when the other end closes.  This should make the conversion
to poll() less problematic.
 2013-10-12 05:39:02 -06:00
Todd C. Miller
4b5021fed5 Rebuild message catalog files. 2013-09-29 14:59:18 -06:00
Todd C. Miller
aff3320f3f Czech translation for sudo from translationproject.org. 2013-09-29 14:45:28 -06:00
Todd C. Miller
4b10880f82 Sync with translationproject.org 2013-09-18 11:49:24 -06:00
Todd C. Miller
c91c5343eb Do not fail if ttyname() cannot determine the tty but sudo can. 
Should fix problems with running "make check" under pbuilder.
 2013-09-11 11:20:05 -06:00
Todd C. Miller
6b0a909d9a Do not use "setup" as a verb; bug #614 2013-09-03 14:47:34 -06:00
Todd C. Miller
13fd13e17c Sync with translationproject.org 2013-09-03 09:40:53 -06:00
Todd C. Miller
316fe36126 Updated translations from translationproject.org 2013-08-26 07:04:49 -06:00
Todd C. Miller
6d1ee8cf23 Updated translations from translationproject.org 2013-08-21 10:10:48 -06:00
Todd C. Miller
40b24c5da0 Add configure checks for the exec functions we will dummy out. This 
is only really needed on Mac OS X when symbol interposition is being
performed but won't hurt elsewhere.
 2013-08-21 10:09:04 -06:00
Todd C. Miller
b0f5c498f8 Fix installation of sudo_noexec on Mac OS X. 
Use library symbol interposition on Mac OS X 10.4 and higher so
we don't need to set DYLD_FORCE_FLAT_NAMESPACE=1.
 2013-08-20 15:14:17 -06:00
Todd C. Miller
6484574f9f Don't escape '$' when running "sudo -i command". Bug #564 2013-08-19 10:40:05 -06:00
Todd C. Miller
ffef732acb Updated translations from translationproject.org 2013-08-18 14:25:23 -06:00
Todd C. Miller
1624e8987a French translation for sudo from translationproject.org. 2013-08-18 14:25:04 -06:00
Todd C. Miller
082c73338a regen 2013-08-16 10:18:34 -06:00
Todd C. Miller
a5b64a1d2e Use lower card for the long option arguments to match the manual. 
This is inconsistent with GNU but it is better to match the sudo
documentation.
 2013-08-16 09:41:46 -06:00
Todd C. Miller
d40b302843 Make it a fatal error if the plugin returns invalid or out of range 
command info.
 2013-08-15 16:39:47 -06:00
Todd C. Miller
99352d6738 Rename error.h -> fatal.h now that there is no error() function. 2013-08-15 14:24:29 -06:00
Todd C. Miller
85fc5792d4 Change some fatalx(NULL) that should be fatal(NULL). 2013-08-15 13:06:49 -06:00
Todd C. Miller
299a881fe2 If not using a pty and the child process gets SIGTTOU or SIGTTIN 
and sudo is the foreground process, make the child the foreground
process and continue it.
 2013-08-14 16:36:41 -06:00
Todd C. Miller
c909f61004 If sudo is not setuid and was not invoked with a full path, look 
in the user's PATH for the sudo binary to give a better error
message.
 2013-08-14 14:22:16 -06:00
Todd C. Miller
79104ce751 Fix parsing of "-h host" when used in conjunction with the -l flag. 2013-08-14 13:41:47 -06:00
Todd C. Miller
8b1d645534 Simplify usage messages a bit and make --help output more closely 
resemble GNU usage wrt long options.  Sync usage and man page
SYNOPSYS sections and improve long options in the manual pages.
Now that we have long options we don't need to give the mnemonic
for the single-character options in the description.
 2013-08-14 10:30:51 -06:00
Todd C. Miller
d9fd6281e4 Allow default plugin dir to be configured in sudo.conf. 2013-08-13 12:24:28 -06:00
Todd C. Miller
9b2fb418ca Don't allow max_groups to be set to zero, it just complicates things 
needlessly.  Fixes an assertion in visudo when there is a group-based
Defaults entry.
 2013-08-12 09:14:38 -06:00
Todd C. Miller
8b4fbc5cc0 Refactor code to parse list of gids into its own function that is 
shared by the sudo front-end and the sudoers module.
Make uid/gid parse error be fatal, not just a warning.
 2013-08-08 11:40:36 -06:00
Todd C. Miller
fe23e7c038 Add endpointer and separator args to atoid() 2013-08-08 06:11:52 -06:00
Todd C. Miller
dde7331a0f Use atoid() in more places. 2013-08-07 15:49:03 -06:00
Todd C. Miller
1f3ea50afd Implement memset_s() and use it instead of zero_bytes(). 
A new constant, SUDO_CONV_REPL_MAX, is defined by the plugin
API as the max conversation reply length.  This constant can be
used as a max value for memset_s() when clearing passwords
filled in by the conversation function.
 2013-08-03 08:30:06 -06:00
Todd C. Miller
235d32c994 Update dependencies now that sudo_usage.h is always included from 
the build dir.
 2013-08-01 10:50:05 -06:00
Todd C. Miller
3582ad3409 Instead of setting RLIMIT_NPROC to unlimited when sudo initializes, 
just save RLIMIT_NPROC in exec_setup() before the final setuid()
and restore it immediately after.  We don't need to modify RLIMIT_NPROC
for simple euid changes, just for changing the real (and saved)
uids before we exec.  This also means we no longer need to worry
about _SC_CHILD_MAX returning -1.  Bug #565
 2013-07-29 15:34:49 -06:00
Todd C. Miller
b1c8f0575b Now that the ldap code runs with the real and effective uid set to 
0, it is not possible for the gssapi libs to find the user's krb5
credential cache file.  To work around this, we make a temporary
copy of the user's credential cache specified by KRB5CCNAME (opened
with the user's effective uid) and point gssapi to it.  To set the
credential cache file name, we dynamically look up gss_krb5_ccache_name()
and use it if available, otherwise fall back to setting KRB5CCNAME.
 2013-07-28 17:06:43 -06:00
Todd C. Miller
6e56e6d8c8 Add support for long options and fix inclusion of sudo_usage.h with 
modern gcc broken in 8597:1fcb7ba13018.
 2013-07-18 16:51:56 -06:00
Todd C. Miller
fbfd0ad630 Add rule to rebuild sudo_usage.h when the .in file changes. 2013-07-18 14:29:30 -06:00
Todd C. Miller
deb3844959 Add make rules for building getopt_long.c 2013-07-18 10:07:41 -06:00
Todd C. Miller
db05b9ae0d Make "-h hostname" work. Optional args in GNU getopt() only work 
when there is no space between the option flag and the argument.
 2013-07-18 10:02:43 -06:00
Todd C. Miller
9309c9eab7 Use getopt_long() so we can make the -h flag take an optional argument. 
Includes a version for those without it.
 2013-07-17 17:00:55 -06:00
Todd C. Miller
c2860cce57 Overload -h option to specify an optional hostname for remote access. 
This is future-proofing; no policy plugins currently support this.
 2013-07-16 16:31:05 -06:00