isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
7,234 Commits 1 Branch 0 Tags
32b897ac67fea808a20a184e81fe632b1fe57789
Commit Graph

679 Commits

Author SHA1 Message Date
Todd C. Miller
2fe41248ac Add SUDO_DEBUG_ERRNO flag to debug functions so we can log errno. 
Use this flag when wrapping error() and warning() so the debug
output includes the error string.
 2012-04-04 16:59:31 -04:00
Todd C. Miller
7e6d00ed12 Don't need zero_bytes() after ecalloc() 2012-03-30 14:59:27 -04:00
Todd C. Miller
9ceea5cb7b Add execvpe(), exect(), posix_spawn() and posix_spawnp() wrappers 
to sudo_noexec.c.
 2012-03-30 09:36:30 -04:00
Todd C. Miller
5eb61122a6 Fix compat setutxent and endutxent macros for systems with 
setutent() but not setutxent().  From Gustavo Zacarias
 2012-03-30 07:55:49 -04:00
Todd C. Miller
aecb5206e2 Fix compiler warnings on some platforms and provide a better method 
of defeating gcc's warn_unused_result attribute.
 2012-03-29 10:33:40 -04:00
Todd C. Miller
0a230feaed Fix compilation if RTLD_NEXT is not defined. 2012-03-28 15:27:27 -04:00
Todd C. Miller
739ea68d03 sync with translationproject.org 2012-03-28 14:22:09 -04:00
Todd C. Miller
8cc1507bbf regen 2012-03-28 14:08:28 -04:00
Todd C. Miller
e8251a0774 Quiet a compiler warning on systems where the argument to putenv(3) 
is const.
 2012-03-28 10:58:02 -04:00
Todd C. Miller
a142d780c7 Add Swedish sudo and sudoers translations from translationproject.org 2012-03-28 09:56:26 -04:00
Todd C. Miller
2f30694b87 If we are not running with an effective uid of 0, try to give the 
user enough information to debug the problem.
 2012-03-27 13:57:03 -04:00
Todd C. Miller
9be74cac45 If there is nothing to read from the askpass program, set errno to 
EINTR.  This makes the cancel button behave like the user entered
^C at the password prompt when PAM is used.
 2012-03-27 12:41:28 -04:00
Todd C. Miller
d35a8b4de4 Fetch the value of "askpass" from the sudo conf struct. 2012-03-27 12:25:04 -04:00
Todd C. Miller
413c2accd9 sync with translationproject.org 2012-03-24 13:38:38 -04:00
Todd C. Miller
2569f943dc sync with translationproject.org 2012-03-20 14:38:30 -04:00
Todd C. Miller
e0e81674c8 sync with translationproject.org 2012-03-19 11:25:07 -04:00
Todd C. Miller
55d1a1a79d Use ecalloc() when allocating structs. 2012-03-19 11:24:24 -04:00
Todd C. Miller
9eeacad6d9 sync with translationproject.org 2012-03-18 12:47:27 -04:00
Todd C. Miller
96f046c1ce Rename plugin "args" to "options" 2012-03-15 12:32:31 -04:00
Todd C. Miller
1234d08c98 regen 2012-03-15 09:19:28 -04:00
Todd C. Miller
6d10909949 Pass a pointer to user_env in to the init_session policy plugin 
function so session setup can modify the user environment as needed.
For PAM authentication, merge the PAM environment with the user
environment at init_session time.  We no longer need to swap in the
user_env for environ during session init, nor do we need to disable
the env hooks at init_session time.
 2012-03-15 09:18:36 -04:00
Todd C. Miller
b3da8ccd89 Include sudo_exec.h for the sudo_execve() prototype. 2012-03-14 21:52:31 -04:00
Todd C. Miller
c3ea638b34 regen 2012-03-14 14:20:55 -04:00
Todd C. Miller
dc727ff6d4 Fix compilation when seteuid() is not available. 2012-03-12 13:52:51 -04:00
Todd C. Miller
4bd136e11a Simply move the free of ki_proc outside the realloc() loop. 2012-03-12 11:37:33 -04:00
Todd C. Miller
1ca5009563 Bring back the erealloc() for the ENOMEM loop and just zero the 
pointer after we free it.
 2012-03-12 10:49:26 -04:00
Todd C. Miller
9052833f76 Don't try to erealloc() a potentially freed pointer; Mateusz Guzik 2012-03-12 08:54:40 -04:00
Todd C. Miller
f745a041e2 Fix format string warning on Solaris with gcc 3.4.3. 2012-03-09 12:45:24 -05:00
Todd C. Miller
4d1752d4d1 Always declare environ now that we swap it around unilaterally. 2012-03-09 12:42:30 -05:00
Todd C. Miller
b455bccc5e Honor LDFLAGS when linking sesh; from Vita Cizek 2012-03-09 10:07:00 -05:00
Todd C. Miller
f5f3d4cf3f Include alloc.h for estrdup() prototype; from Vita Cizek 2012-03-09 10:06:27 -05:00
Todd C. Miller
20a7633a3f Disable environment hooks after we get user_env back to make sure 
a plugin can't to modify user_env after we "own" it.  This is kind
of a hack but we don't want the init_session plugin function to
modify user_env.
 2012-03-08 11:30:21 -05:00
Todd C. Miller
9b58120c36 Add support for deregistering hooks. If an I/O log plugin fails 
to initialize, deregister its hooks (if any).
 2012-03-08 11:29:32 -05:00
Todd C. Miller
d4a3a5d8b9 Move LOGIN_PATH and LOGIN_SETENV handling to plugin now that we 
hook setenv.
 2012-03-07 16:38:57 -05:00
Todd C. Miller
37770ecf1e Initial cut at a hooks implementation. The plugin can register 
hooks for getenv, putenv, setenv and unsetenv.  This makes it
possible for the plugin to trap changes to the environment made by
authentication methods such as PAM or BSD auth so that such changes
are reflected in the environment passed back to sudo for execve().
 2012-03-07 16:35:42 -05:00
Todd C. Miller
1504256134 Add Vietnamese sudo translation from translationproject.org 2012-03-05 09:42:52 -05:00
Todd C. Miller
a16dee915b Add support for plugin args at the end of a Plugin line in sudo.conf. 
Bump the minor number accordingly and update the documentation.  A
plugin must check the sudo front end's version before using the
plugin_args parameter since it is only supported for API version
1.2 and higher.
 2012-03-02 11:04:09 -05:00
Todd C. Miller
966fa83a9a Prefer KERN_PROC2 over KERN_PROC. Fixes compilation on some versions 
of OpenBSD versions that have KERN_PROC2 but not KERN_PROC.
 2012-02-28 10:33:16 -05:00
Todd C. Miller
6a37b4bf73 Fix typo in safe_close() made while converting to debug framework 
that prevented it from actually closing anything.
 2012-02-27 14:46:11 -05:00
Todd C. Miller
cc97c2e75c Add some more debugging. 2012-02-27 14:42:22 -05:00
Todd C. Miller
22f4f10a3a Check for LD_PRELOAD variants in configure instead of checkign cpp 
symbols.  In disable_execute(), compute the length of the new envp
and allocate it once instead of reallocating on demand.  Also append
old value of LD_PRELOAD (if any) to the new value.
 2012-02-21 13:26:02 -05:00
Todd C. Miller
dfaf443687 regen 2012-02-16 17:03:46 -05:00
Todd C. Miller
dfbd6e429b Got back to using "install-sh -M" for files installed as non-readable 
by owner.  This fixes "make install" as non-root for package building.
 2012-02-10 11:31:54 -05:00
Todd C. Miller
cb66fc6f10 Use -m not -M for install-sh for everything except setuid. 
Install locale .mo files mode 0444, not 0644.
If timedir parent doesn't exist, use default dir mode, not 0700.
 2012-02-09 11:11:58 -05:00
Todd C. Miller
c4d3f289f3 No longer need to define _PATH_SUDO_CONF here. 2012-02-07 11:45:11 -05:00
Todd C. Miller
cd0e10e1b7 Fix noexec for Mac OS X. 2012-02-07 00:18:08 -05:00
Todd C. Miller
8dd16b63d2 regen 2012-02-06 13:40:24 -05:00
Todd C. Miller
c6ef580100 Set real uid to root before calling sudo_edit() or run_command() 
so that the monitor process is owned by root and not by the user.
Otherwise, on AIX at least, the monitor process shows up in ps as
belonging to the user (and can be killed by the user).
 2012-02-06 13:33:46 -05:00
Todd C. Miller
8c1d8a7b15 Make a copy of the struct passwd in exec_setup() to make sure nothing 
in the policy init modifies it.
 2012-02-06 10:56:39 -05:00
Todd C. Miller
c970d464cb Normally, sudo disables core dumps while it is running. This 
behavior can now be modified at run time with a line in sudo.conf
like "Set disable_coredumps false"
 2012-02-03 14:57:03 -05:00