isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
12,456 Commits 1 Branch 0 Tags
32f4b98f6b4aea4951a2d7b56a55ba4a9e035b22
Commit Graph

355 Commits

Author SHA1 Message Date
Todd C. Miller
3354d27a17 Do not follow symbolic links in sudoedit by default. This behavior 
can be controlled by the sudoedit_follow Defaults flag as well as
the FOLLOW/NOFOLLOW tags.
 2015-08-06 13:20:01 -06:00
Todd C. Miller
d96f8bcabb Avoid needless memory allocation when resolving the tty name. 2015-07-19 20:19:22 -06:00
Todd C. Miller
d4211081c0 Add some debugging printfs when malloc fails and we don't have an 
explicit call to sudo_warnx().
 2015-07-14 15:28:01 -06:00
Todd C. Miller
445e6f2e9a Check sudo_conf_read() return value and exit on fatal error (a 
warning was already printed by sudo_conf_read()).
 2015-07-07 13:17:50 -06:00
Todd C. Miller
854c084956 Fix utmp setup broken by commit be0ca60facf8 2015-07-06 13:56:39 -06:00
Todd C. Miller
0b241088b3 There's no need to conditionalize the #include <unistd.h>, we require 
a POSIX system.
 2015-07-02 09:08:28 -06:00
Todd C. Miller
4a07b472f0 Only include stddef.h where it is needed. 2015-06-20 05:34:35 -06:00
Todd C. Miller
c36415417f Add function name to "unable to allocate memory" warnings. 2015-06-19 14:51:17 -06:00
Todd C. Miller
dc883f2454 We require ANSI C so stop using the obsolete STDC_HEADERS. 2015-06-19 14:29:27 -06:00
Todd C. Miller
4f9cabd005 Remove obsolete memory.h include. 2015-06-18 21:02:57 -06:00
Todd C. Miller
cb63ca701c Avoid using exiting allocators in the front end. 2015-06-17 17:00:54 -06:00
Todd C. Miller
25917e435c We need to unlimit RLIMIT_NPROC in sudoers as well as the sudo front 
end since set_perms() and restore_perms change the read uid and may
fail with EAGAIN on Linux kernels prior to 3.1.
 2015-06-12 15:30:06 -06:00
Todd C. Miller
4131449ffb Add a few missing sudo_new_key_val() return value checks. 
Also use non-exiting allocators for consistency.
 2015-05-27 09:42:51 -06:00
Todd C. Miller
a40cf3e288 There should be no need to check for tzset() as it is POSIX. 2015-05-18 13:42:06 -06:00
Todd C. Miller
caf5d45e0f Previously, debug_return_bool was the same as debug_return_int 
except that it logged true/false for 1/0.  However, this appears
to trigger a bug in some compilers.  To avoid this, debug_return_bool
now uses bool, not int.  Callers that were passing it an int have
been converted to use debug_return_int instead.
 2015-05-07 10:33:23 -06:00
Todd C. Miller
41f3666a12 Defer conversation initialization until right before plugins 
are initialized.
 2015-04-22 13:30:58 -06:00
Todd C. Miller
6f8af4d26d Split variable declaration out of debug_decl into debug_decl_vars() 
so we can use it in main() when we know sudo_debug_enter() cannot
succeed.
 2015-04-22 13:30:58 -06:00
Todd C. Miller
be8dbeb22e Avoid using HOST_NAME_MAX directly and use sysconf(_SC_HOST_NAME_MAX) 
instead.
 2015-02-19 20:28:02 -07:00
Todd C. Miller
96eddddc12 Almost no systems actually define OPEN_MAX since it is dynamic on 
modern OSes.  If sysconf(_SC_OPEN_MAX) ever fails, fall back on
_POSIX_OPEN_MAX instead.  We can assume modern systems have sysconf().
Also remove checks for strrchr() and strtoll() for which the HAVE_*
defines are no longer used.
 2015-02-19 09:59:25 -07:00
Todd C. Miller
67eba7e534 Don't assume argv[0] is set without first checking argc. 2015-02-05 11:17:25 -07:00
Todd C. Miller
59ab26dbcc Go back to a 2 args debug_decl and just use the "default" instance, 
now renamed "active".
 2015-02-01 08:24:49 -07:00
Todd C. Miller
6b1b734ffa Add a flag argument to sudo_conf_read() so we can decide which 
bits get parsed.  This lets us parse Debug statements first and
init the debug subsystem early.
 2014-10-26 08:33:08 -06:00
Todd C. Miller
4bf641df69 In the plugin registers with the debug framework at open time, the 
sudo front-end will now set the default debug instance appropriately
before calling into the plugin.  This means the plugin no longer needs
to do the sudo_debug_set_default_instance() dance.
 2014-10-24 11:17:48 -06:00
Todd C. Miller
866cfc4fc3 Add support for multiple Debug lines per program. Callers may 
register arbitrary debug facilities or use built-in defaults.  We
now use separate Debug statements for plugins and programs.
 2014-10-22 13:23:05 -06:00
Todd C. Miller
a7e724b75d Change how sudo.conf is parsed. We now do a quick parse and then 
set the values after the entire file has been parsed.  This lets
us init the debug system earlier.  Plugin-specific debug flags are
now stored in struct plugin_info and struct plugin_container and
passed to the plugin via one or more debug_flags settings.
 2014-10-22 13:20:32 -06:00
Todd C. Miller
346ff6766e Pass plugin path in the settings array. 2014-10-22 13:13:00 -06:00
Todd C. Miller
1e0b8903f2 Return settings from parse_args as struct sudo_settings and format 
for the plugin at plugin open time.  This will allow for additional,
plugin-specific settings to be added to the array.
 2014-10-22 13:13:00 -06:00
Todd C. Miller
dc67442151 Avoid comparing new cwd with old one if getcwd() failed. 
Bug #670
 2014-10-07 10:56:50 -06:00
Todd C. Miller
bd99dcc028 Add sudo_warn_set_conversation() to specify a conversation function 
to use for warn/fatal.  If no conversation function is specified,
the standard error will be used.  We now only need sudo_printf()
for things that use the parser.
 2014-10-05 16:41:52 -06:00
Todd C. Miller
7ab40be5c0 On AIX, _PATH_BSHELL is /usr/bin/bsh but we want to use /usr/bin/sh 
(which is usually ksh).  This makes sudo's behavior when executing
a shell without the #! magic number match execvp() on AIX.
 2014-09-20 09:21:51 -06:00
Todd C. Miller
4f1deee575 Set runas egid to the same value as runas gid if egid not specified 
by the plugin.  Only affects new files created by sudoedit.  Bug #656
 2014-08-25 11:27:30 -06:00
Todd C. Miller
db35c7c0e4 Make sudoedit work with SELinux RBAC. 
Adapted from RedHat patches (Daniel Kopecek) but made to behave a
bit more like the non-SELinux bits.
 2014-08-21 15:28:36 -06:00
Todd C. Miller
32a837623e The default policy close function should only print an error message 
if the error_code is non-zero.
 2014-07-25 17:07:23 -06:00
Todd C. Miller
36a5767e3e efree -> sudo_efree for consistency 2014-07-10 15:35:04 -06:00
Todd C. Miller
a8fa112a53 atobool -> sudo_strtobool 
atoid-> sudo_strtoid
atomode -> sudo_strtomode
 2014-06-27 14:53:54 -06:00
Todd C. Miller
2d61d38c23 Add sudo_ prefix to alloc.c functions and rename alloc.h -> sudo_alloc.h 2014-06-27 10:48:31 -06:00
Todd C. Miller
aecef4aa1d Rename warning/fatal -> sudo_warn/sudo_fatal to avoid namespace 
pollution in libsudo_util.so.
 2014-06-27 09:30:52 -06:00
Todd C. Miller
d36846a699 Reduce name space pollution in libsudo_util.so 2014-06-26 16:21:19 -06:00
Todd C. Miller
6bdee0488c Rename parse_gid_list -> sudo_parse_gids to avoid namespace pollution. 2014-06-26 15:51:15 -06:00
Todd C. Miller
9ba5d82926 Rename fmt_string -> sudo_new_key_val to better describe its function. 2014-06-26 15:51:15 -06:00
Todd C. Miller
134b2a4228 Rename emalloc2() -> emallocarray() and erealloc3() -> ereallocarray(). 2014-04-22 16:02:28 -06:00
Todd C. Miller
ac3ffde5e8 parse_gid_list() now returns -1 on error instead of calling fatalx(). 2014-04-07 05:33:36 -06:00
Todd C. Miller
250e8e750c Don't call fatal/fatalx in common/*.c 2014-03-25 16:16:10 -06:00
Todd C. Miller
4d80e7cea4 Redo preserve_fds support to remap high fds so we can get the most 
out of closefrom().  The fds are then restored after closefrom().
 2013-12-24 15:01:00 -07:00
Todd C. Miller
1adeda54ef Add support for preventing fds from getting clobbered by closefrom(). 2013-12-20 11:14:32 -07:00
Todd C. Miller
d83bfb9fe6 Add atomode() function for parsing a file mode. 2013-12-10 16:56:54 -07:00
Todd C. Miller
8f9ce7249a Use strtonum() instead of atoi(), strtol() or strtoul() where possible. 2013-12-10 16:23:21 -07:00
Todd C. Miller
0d81263e26 Instead of setprogname(), add initprogname() which gets the program 
name for getprogname() using /proc or pstat() if possible.
 2013-12-01 19:12:21 -07:00
Todd C. Miller
12f3bdf60e Add wrapper functions for dlopen() et al so that we can support 
statically compiling in the sudoers plugin but still allow other
plugins to be loaded.  The new --enable-static-sudoers configure
option will cause the sudoers plugin to be compiled statically into
the sudo binary.  This does not prevent other plugins from being
loaded as per sudo.conf.
 2013-11-22 16:35:15 -07:00
Todd C. Miller
96eb2c4f8f Add warning_gettext() wrapper function that changes to the user locale, 
then calls gettext().
Add U_ macro that calls warning_gettext() instead of gettext().
Rename warning2()/error2() back to warning_nodebug()/error_nodebug().
 2013-11-18 08:59:57 -07:00