isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7,034 Commits 1 Branch 0 Tags
38a5b0a655a8f35a1963a1f825fe28ee96b9740c
Commit Graph

7034 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
af2d4dbfb2 Don't remove the -S option description when trimming out selinux. 
Bug #592
 2013-02-28 06:03:36 -05:00
Todd C. Miller
1c30fbb713 Update for Sudo 1.8.6p7 2013-02-25 14:45:23 -05:00
Todd C. Miller
30f63386d8 Document when sudo may exec the command directly instead of forking. 2013-02-24 13:25:44 -05:00
Todd C. Miller
d946fdaa7a Document that close and version be NULL for plugin API >= 1.3 and 
that sudo may execute the command directly if there is no close,
or pty or timeout needed.
 2013-02-24 13:20:56 -05:00
Todd C. Miller
0eef336edf Fix debug_decl for sudo_auth_begin_session and sudo_auth_end_session. 2013-02-24 13:04:58 -05:00
Todd C. Miller
59692ad282 Add pam_session sudoers option. 2013-02-24 06:15:37 -05:00
Todd C. Miller
d3ff0f31ee Dummy out close function if there is no end_session for the auth 
method and the front-end can handle a NULL close function.  Avoids
the extra sudo process when we don't actually need it.
 2013-02-24 05:54:57 -05:00
Todd C. Miller
2b8cb98987 Add m4/ to paths m4_include parameters so we don't need to use 
autoconf's -I flag.
 2013-02-23 15:45:34 -05:00
Todd C. Miller
5cb928c512 If the policy plugin does not provide a close function, there is 
no command timeout and no pty is required, skip the event loop and
just exec the command directly.
 2013-02-23 14:19:07 -05:00
Todd C. Miller
5e674a790b Do not crash if the plugin close and version functions are not 
defined.  If there is no policy close function, simply print a
warning that the command was not found.
 2013-02-23 13:53:48 -05:00
Todd C. Miller
2228763ff2 Fix typos in selinux/solaris privs specific code. 2013-02-21 15:59:21 -05:00
Todd C. Miller
af4d3489f9 Pass the default plugin directory to the plugin via the settings list. 
Could be used by a stacking plugin.
 2013-02-21 15:05:51 -05:00
Todd C. Miller
04b25a8bcd Completely ignore time stamp file if it is set to the epoch, 
regardless of what gettimeofday() returns.
 2013-02-21 10:05:16 -05:00
Todd C. Miller
f336580bb1 Add Nikolai Kondrashov 2013-02-21 07:04:34 -05:00
Todd C. Miller
1da8739c38 Use userpw_matches() for username matching so #uid works for 
sudoRunAsUser.
 2013-02-21 07:03:52 -05:00
Todd C. Miller
b929dd3c46 Avoid calling realloc3() with a zero size parameter when all retrieved 
sssd rules fail.  Otherwise we'll get a run-time error due to
malloc(0) checking.
 2013-02-21 07:01:53 -05:00
Todd C. Miller
c80603eace Do not send error mail if a user is not found in SSSD. Local users 
can run sudo too.  From Nikolai Kondrashov
 2013-02-21 06:54:30 -05:00
Todd C. Miller
5d7925b24e Test setting disable_coredump to illegal value. 2013-02-20 15:48:53 -05:00
Todd C. Miller
a17fb1de71 Fix atobool() usage. 2013-02-20 15:48:12 -05:00
Todd C. Miller
299298ae42 Remove unused variable. 2013-02-20 15:47:27 -05:00
Todd C. Miller
29becec0e7 Make "sudo -l non_existent_command" warn that non_existent_command 
doesn't exist, not the "list" pseudo-command.
 2013-02-20 15:35:26 -05:00
Todd C. Miller
fa924d09bc Make sudoers file long list output better match the format used by 
ldap sudoers.  Tags are now converted to options and there is a
single command per line.
 2013-02-20 15:09:21 -05:00
Todd C. Miller
05e53aea0f Use the correct the sudoers policy symbol names and undo an editor 
goof committed when adding max_groups to sudo.conf.
 2013-02-20 13:54:31 -05:00
Todd C. Miller
064cb0ceda For "sudo -l" start a new line if the runas list changes to make 
the output easier to read.
 2013-02-20 10:47:31 -05:00
Todd C. Miller
d00ad3bbe2 For "sudo -l" and "sudo -ll" only print the runas info for subsequent 
commands in a list if the runas info has changed.  If we have new
runas info, print out the tags again so as to be less confusing to
the user.  For "sudo -ll" set the line continuation indent to 8.
 2013-02-19 16:29:17 -05:00
Todd C. Miller
e07280eeeb Rename sample_group plugin to group_file. 
Install group_file and system_group plugins by default.
 2013-02-18 15:32:36 -05:00
Todd C. Miller
b9159ecb26 Add maxseq sudoers option to limit the max number of I/O log files. 2013-02-18 15:06:23 -05:00
Todd C. Miller
618871a331 Log lines and columns in the iolog file. 2013-02-16 11:12:48 -05:00
Todd C. Miller
0c40e82c16 Add simple regress tests for sudo.conf parsing. 2013-02-15 14:42:10 -05:00
Todd C. Miller
790304789e Always display the I/O plugin version as long as its open functions 
doesn't return an error.  Previously it was only displayed if the
plugin open returned 1.
 2013-02-15 12:31:49 -05:00
Todd C. Miller
791b751425 Use sysconf(_SC_LOGIN_NAME_MAX) to find max username length instead 
of poking around in struct utmpx.
 2013-02-15 10:20:21 -05:00
Todd C. Miller
2d9da65881 #include "sudo_usage.h" not <sudo_usage.h> so we get the one in the 
build directory and not the src dir when using a separate build
directory.
 2013-02-15 08:57:21 -05:00
Todd C. Miller
0f0ef228a5 If a line was longer that 0x80000000 the bit hack to round to the 
next power of two would roll over to zero.
 2013-02-14 16:34:13 -05:00
Todd C. Miller
d837700341 Use max_groups in front-end and plugin. 2013-02-14 15:52:27 -05:00
Todd C. Miller
35548ae4e3 Pass max_groups to plugin in settings list. 2013-02-14 15:18:10 -05:00
Todd C. Miller
67fed118b6 Add max_groups setting to sudo.conf (currently unused) and remove 
unused return value from setters.
 2013-02-14 13:34:33 -05:00
Todd C. Miller
c715df98fa Reorganize configure options 2013-02-12 16:43:29 -05:00
Todd C. Miller
6871b25df5 Add Sudo 1.8.6p7 2013-02-11 15:57:36 -05:00
Todd C. Miller
a72c8d7ac5 Sync with autoconf 2.68 2013-02-10 14:34:55 -05:00
Todd C. Miller
d18e050458 Remove obsolete OS notes and move build requirements to INSTALL. 2013-02-10 09:45:06 -05:00
Todd C. Miller
987d62ec55 Sort elements of the settings, user_info and command_info lists. 2013-02-08 14:44:22 -05:00
Todd C. Miller
6ba6a454e2 Remove trailing white space 2013-02-08 14:40:43 -05:00
Todd C. Miller
2e08777f25 Store the session ID in the tty ticket file too. A tty may only 
be in one session at a time so if the session ID doesn't match we
ignore the ticket.
 2013-02-08 10:43:14 -05:00
Todd C. Miller
af0bb55283 Move tzset() call from sudoers plugin to sudo front end. 2013-02-07 14:31:48 -05:00
Todd C. Miller
74881843e1 Mention line continuation 2013-02-07 14:08:54 -05:00
Todd C. Miller
7aae6bd6e3 Add line continuation support to sudo_parseln() and make it use 
getline() instead of fgets() internally.
 2013-02-07 10:56:01 -05:00
Todd C. Miller
2d6095420a Fix memory leak in error path; found by llvm checker 2013-02-06 16:38:31 -05:00
Todd C. Miller
11e04d30dd Remove useless store detected by llvm checker. 2013-02-06 16:35:19 -05:00
Todd C. Miller
6b09c76a20 Sudo now stores its libexec files in a "sudo" subdirectory instead 
of in libexec itself.  For backwards compatibility, if the plugin
is not found in the default plugin directory, sudo will check the
parent directory default directory ends in "/sudo".
 2013-02-06 14:06:51 -05:00
Todd C. Miller
becc5fca7c Add missing __dso_public to plugin structs so they are exported. 2013-02-06 13:08:48 -05:00