isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
7,234 Commits 1 Branch 0 Tags
32b897ac67fea808a20a184e81fe632b1fe57789
Commit Graph

679 Commits

Author SHA1 Message Date
Todd C. Miller
b4e1f7c446 Do not error out if arg to -U option cannot be resolved, that is for 
the plugin to decide.
There is no need for runas_user and runas_group to be global, make
them local to parse_args() instead.
 2013-07-16 14:04:23 -06:00
Todd C. Miller
e53e80187d Sync with translationproject.org 2013-07-16 07:32:57 -06:00
Todd C. Miller
f32a1c7edc Remove unused variable. 2013-07-11 17:47:39 -04:00
Todd C. Miller
8b44c5d42d Regen .mo files that were out of date. 2013-06-04 05:47:19 -04:00
Todd C. Miller
5869916533 Clarify a comment. 2013-05-18 04:38:26 -04:00
Todd C. Miller
5549e44cd8 Handle d_type == DT_UNKNOWN when resolving the device to a name and 
sprinkle some more debugging.
 2013-05-16 10:18:13 -04:00
Todd C. Miller
f6e8fb8b1c Quiet a few -Wunused-result compiler warnings. 2013-05-01 11:02:09 -04:00
Todd C. Miller
368a6558ca Change some error/errorx -> fatal/fatalx in comments and xgettext 
flags.
 2013-04-26 16:06:05 -04:00
Todd C. Miller
d6282d154a Update copyright years. 2013-04-24 09:35:02 -04:00
Todd C. Miller
2b1b9ae72d Don't check the tty of the parent process. Now that we get the 
controlling tty device number from the kernel there is no need.  If
the process has really disassociated from the tty then reporting
"unknown" is appropriate.
 2013-04-21 10:35:52 -04:00
Todd C. Miller
8b0c6c5081 Change remaining errorx -> fatalx 2013-04-20 15:09:47 -04:00
Todd C. Miller
39acd2fcba Rename error/errorx -> fatal/fatalx and remove the exit value as 
it was always 1.
 2013-04-18 14:07:59 -04:00
Todd C. Miller
904428dd54 Sync with translationproject.org 2013-04-18 09:41:11 -04:00
Todd C. Miller
6c9c2b2429 Fix logic bug when checking tty via ttyname(). 2013-04-17 21:16:30 -04:00
Todd C. Miller
42313adc0d AIX may have a 64-bit pr_ttydev that we need to convert to 32-bit 
before we try to match it against st_rdev.
 2013-04-10 12:30:16 -04:00
Todd C. Miller
54f092c3e6 Break out of the loop if sudo_ttyname_scan() returns non-NULL. 
Fixes a problem finding the tty name when it is not in /dev/pts.
 2013-04-10 12:11:12 -04:00
Todd C. Miller
ec32194152 Add ttyname test. 2013-04-10 09:39:49 -04:00
Todd C. Miller
c3b9c94e87 Sync with translationproject.org 2013-04-09 14:39:44 -04:00
Todd C. Miller
382640839e regen 2013-04-02 10:40:16 -04:00
Todd C. Miller
b507f0a854 New Dutch translation for sudo and sudoers 
New Turkish translation for sudo
From translationproject.org
 2013-03-23 08:45:51 -04:00
Todd C. Miller
ce502e2ae2 Fix compilation in dynamic mode. 2013-03-18 15:26:08 -04:00
Todd C. Miller
e78381e7c2 Ubreak static build. 2013-03-18 09:55:01 -04:00
Todd C. Miller
5cda642eb9 Bump I/O buffer size 32K 2013-03-15 11:31:58 -04:00
Todd C. Miller
eb2259bc12 Move exec_cmnd to exec.c to fix a compilation issue with sesh.c 2013-03-14 19:59:07 -04:00
Todd C. Miller
7f32d1ca4c Make sesh path configurable in sudo.conf 2013-03-14 16:49:42 -04:00
Todd C. Miller
9722784e1c Always install plugins with a .so extension regardless of what 
extension the system uses for shared libraries.  That way the
group_plugin sudoers setting can be shared between heterogenous
systems.
 2013-03-06 17:08:10 -05:00
Todd C. Miller
19f37400d6 When running the command in a pty, defer the call to exec_setup() 
until just before we exec the command.  This is consistent with the
non-pty path.  As a side effect, the monitor process runs as root
and not the runas user.
 2013-03-05 06:56:57 -05:00
Todd C. Miller
e30b0bd121 Use pstat() on HP-UX to determine the tty device. 2013-02-28 09:01:08 -05:00
Todd C. Miller
5cb928c512 If the policy plugin does not provide a close function, there is 
no command timeout and no pty is required, skip the event loop and
just exec the command directly.
 2013-02-23 14:19:07 -05:00
Todd C. Miller
5e674a790b Do not crash if the plugin close and version functions are not 
defined.  If there is no policy close function, simply print a
warning that the command was not found.
 2013-02-23 13:53:48 -05:00
Todd C. Miller
af4d3489f9 Pass the default plugin directory to the plugin via the settings list. 
Could be used by a stacking plugin.
 2013-02-21 15:05:51 -05:00
Todd C. Miller
0c40e82c16 Add simple regress tests for sudo.conf parsing. 2013-02-15 14:42:10 -05:00
Todd C. Miller
790304789e Always display the I/O plugin version as long as its open functions 
doesn't return an error.  Previously it was only displayed if the
plugin open returned 1.
 2013-02-15 12:31:49 -05:00
Todd C. Miller
2d9da65881 #include "sudo_usage.h" not <sudo_usage.h> so we get the one in the 
build directory and not the src dir when using a separate build
directory.
 2013-02-15 08:57:21 -05:00
Todd C. Miller
d837700341 Use max_groups in front-end and plugin. 2013-02-14 15:52:27 -05:00
Todd C. Miller
35548ae4e3 Pass max_groups to plugin in settings list. 2013-02-14 15:18:10 -05:00
Todd C. Miller
af0bb55283 Move tzset() call from sudoers plugin to sudo front end. 2013-02-07 14:31:48 -05:00
Todd C. Miller
6b09c76a20 Sudo now stores its libexec files in a "sudo" subdirectory instead 
of in libexec itself.  For backwards compatibility, if the plugin
is not found in the default plugin directory, sudo will check the
parent directory default directory ends in "/sudo".
 2013-02-06 14:06:51 -05:00
Todd C. Miller
380fa828dc Sync with translationproject.org 2013-02-05 10:53:59 -05:00
Todd C. Miller
e96d583045 Sync with translationproject.org 2013-02-03 13:46:48 -05:00
Todd C. Miller
78ca828a3c Sync with translationproject.org 2013-02-01 16:00:50 -05:00
Todd C. Miller
23649bef16 Remove ttyname() fall back code on systems where we can query the 
kernel for the tty device via /proc or sysctl().  If there is no
controlling tty, it is better to just treat the tty as unknown
rather than to blindly use what is hooked up to std{in,out,err}.
 2013-01-31 11:05:56 -05:00
Todd C. Miller
630b47e22f Add group_source setting in sudo.conf to allow the admin to specify 
how a user's groups are looked up.  Legal values are static (just
the kernel list from getgroups), dynamic (whatever the group database
includes) and adaptive (only use group db if kernel group list is
full).
 2013-01-27 13:53:11 -05:00
Todd C. Miller
ef8e141248 Ignore duplicate entries in sudo.conf and report the line number 
when there is an error.  Warn, don't abort if there is more than
one policy plugin.
 2013-01-23 06:33:53 -05:00
Todd C. Miller
e764604485 Remove extra flag to sudo_sigaction(). We want to trap the signal 
regardless of whether or not it is ignored by the underlying command
since there's no way to know what signal handlers the command will
install.  Now we just use sudo_sigaction() to set a flag in
saved_signals[] to indicate whether a signal needs to be restored
before exec.
 2013-01-19 15:10:01 -05:00
Todd C. Miller
855a11af2b Move signal code into its own source file and add sudo_sigaction() 
wrapper that has an extra flag to check the saved_signals list to
only install the handler if the signal is not already ignored.
Bump plugin API version for the new front-end signal behavior.
 2013-01-17 13:29:46 -05:00
Todd C. Miller
99704cc101 Catch SIGINT, SIGQUIT and SIGTSTP in the front end before we execute 
the command.  If we get SIGINT or SIGQUIT, call the plugin close()
functions as if the command was interrupted.  If we get SIGTSTP,
uninstall the handler and deliver SIGTSTP to ourselves.
 2013-01-17 09:20:45 -05:00
Todd C. Miller
541315212e Rename handle_signals() to dispatch_signals(). 
Block other signals in handler() so we don't have to worry about
the write() being interrupted.
 2013-01-17 09:17:54 -05:00
Todd C. Miller
2be741d8ae Rename signal handler to avoid name clash with one in exec.c 2013-01-16 15:28:36 -05:00
Todd C. Miller
90c6ace770 Add missing call to save_signals(). 2013-01-13 15:24:12 -05:00