isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
9,601 Commits 1 Branch 0 Tags
396bc57feff3e360007634f62448b64e0626390c
Commit Graph

9601 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
396bc57fef Add sudo_strtoid() tests for -1 and range errors. 
Also adjust testsudoers/test5 which relied upon gid -1 parsing.
 2019-10-10 10:04:13 -06:00
Todd C. Miller
f752ae5cee Treat an ID of -1 as invalid since that means "no change". 
Fixes CVE-2019-14287.
Found by Joe Vennix from Apple Information Security.
 2019-10-10 10:04:13 -06:00
Todd C. Miller
fd5d0f511e Back out compiler override for now. 2019-10-06 10:46:18 -06:00
Todd C. Miller
364821602d Only prefer clang over gcc on BSD systems. 2019-10-06 08:35:28 -06:00
Todd C. Miller
c64add170e Fix "make pvs-studio" run in a build dir 2019-10-05 14:34:11 -06:00
Todd C. Miller
45a79cf86f regen 2019-09-27 15:38:52 -06:00
Todd C. Miller
ab6cfc404a Bug #898 2019-09-27 15:36:20 -06:00
Todd C. Miller
112dff276a Fix restoring the file context of the user's tty with SELinux. 
Also fix broken tty labeling when running a command in a pty.
Includes a fix for a typo introduced in the last change set.
 2019-09-27 15:32:49 -06:00
Todd C. Miller
b7b3fb72d0 _rs_random_buf is currently unused 2019-09-27 08:55:51 -06:00
Todd C. Miller
bcf8c3dd5e Add some debugging around context setting and tty labeling 
Also be more extact with error return values
 2019-09-27 08:47:41 -06:00
Todd C. Miller
73dd3849c6 Better error message when debug log file cannot be opened. 2019-09-21 07:47:24 -06:00
Todd C. Miller
81a30dd44d Ignore in-tree build directory. 2019-09-20 11:31:22 -06:00
Todd C. Miller
7355363d6a Set CC before AC_USE_SYSTEM_EXTENSIONS to get our preferred compiler. 2019-09-20 11:30:08 -06:00
Todd C. Miller
de87774ea3 Update Polypkg to the latest version from git. 2019-09-19 11:28:00 -06:00
Todd C. Miller
0faf5eed7c If no mandoc or nroff is present, install mdoc format manuals. 
If there is no installed nroff/mandoc they will need to install groff
or heirloom doctools to format the manual pages.
 2019-09-19 11:16:45 -06:00
Todd C. Miller
984382f8a9 Refer to number of terminal lines, not rows, for consistency. 2019-09-18 20:03:04 -06:00
Todd C. Miller
e49e8c1e8b Prefer clang over gcc. 
We want to use clang on systems where clang is the system compiler.
It is less common to have clang installed on systems where gcc is
the system compiler.
 2019-09-17 08:46:37 -06:00
Todd C. Miller
2707acf23f No longer need bypass_last_login on HP-UX, warnings work with clang. 
Also add deb package names for pam and ldap devel on Linux.
 2019-09-17 08:40:48 -06:00
Todd C. Miller
d35670d1ae Silence a warning from clang about string concatenation. 2019-09-17 08:25:33 -06:00
Todd C. Miller
b2fadf66de sudoedit umask fix 2019-09-14 08:50:12 -06:00
Todd C. Miller
8c96df036a Fix sorting of the time-based event queue. 2019-09-13 16:49:13 -06:00
Todd C. Miller
751c0c4440 Support default base in got_exit, got_break, loopexit, loopbreak, loopcontinue 2019-09-13 16:26:09 -06:00
Todd C. Miller
ab9a2ecac2 Create new files with the umask specified in sudoers. 2019-09-11 16:26:56 -06:00
Todd C. Miller
d94798e5d0 Enable asserts for Coverity too. 2019-08-30 14:05:03 -06:00
Todd C. Miller
ffaef7939a Add asserts() to avoid static analyzer false positives. 2019-08-30 11:13:35 -06:00
Todd C. Miller
679cd38238 Plug memory leak on malloc failure. 2019-08-30 10:38:07 -06:00
Todd C. Miller
dd37f08366 Plug memory leak on malloc failure. 2019-08-30 10:20:54 -06:00
Todd C. Miller
5138ed9bec Add sudo_pam_strerror(), like pam_strerror() but never returns NULL. 
It also uses strerror(errno) for PAM_SYSTEM_ERR.
 2019-08-29 17:30:13 -06:00
Todd C. Miller
60862b4d07 If pam_start() fails, display the PAM error using pam_strerror(). 
It is legal to pass pam_strerror() a NULL handle.
 2019-08-29 08:31:21 -06:00
Todd C. Miller
9eeedb470f If the sudoreplay ID option is a fully-qualified path, use it directly. 
Previously, one had to use the -d option to override the I/O log directory.
 2019-08-27 13:40:38 -06:00
Todd C. Miller
91d508d408 regen 2019-08-27 09:07:06 -06:00
Todd C. Miller
eb95a35edc Add conditional for sesh path in sudo.conf manual. 2019-08-27 08:09:28 -06:00
Todd C. Miller
62bb4aa630 Bug #895 2019-08-26 20:33:15 -06:00
Todd C. Miller
972670bfca Use the SUDO_CONV_PREFER_TTY flag during authentication. 
This prevents the password and PAM prompts from being redirected.
Bug #895
 2019-08-26 19:30:11 -06:00
Todd C. Miller
5a22865131 Fix typo that prevented a missing linux audit lib from being detected. 2019-08-23 11:37:55 -06:00
Todd C. Miller
2087f6354c Use fputs(), not printf() for plain strings. 2019-08-20 12:43:40 -06:00
Todd C. Miller
e3967dc7dc Recent fixes. 2019-08-20 10:52:19 -06:00
Todd C. Miller
a7cd4f0d48 Add user ID to the search filter when matching sudoUser. 
We already support group IDs but the user ID was missing.
From sudo-1.8.23-ldapsearchuidfix.patch in RHEL 7.
 2019-08-20 10:33:51 -06:00
Todd C. Miller
37670a008b Fix parsing of double-quoted Defaults bindings that start with % or +. 
From sudo-1.8.23-fix-double-quote-parsing-for-Defaults-values.patch in RHEL 7.
 2019-08-20 10:25:38 -06:00
Todd C. Miller
5e692576c9 Restore core dump resource limit before the PAM session module is run. 
Otherwise, we may override the limits set by PAM.
Bug #894
 2019-08-20 07:25:53 -06:00
Todd C. Miller
b98b82e4a2 sys_signame on macOS contains lower-cases names 2019-08-19 14:25:05 -06:00
Todd C. Miller
0bbfdc9920 Add regress tests for str2sig() and sig2str(). 2019-08-19 08:37:08 -06:00
Todd C. Miller
48066e0dbd SIGIOT and SIGABRT are aliases on BSD systems. 2019-08-19 08:36:53 -06:00
Todd C. Miller
29534ad96a Fix handling of real-time signals. 2019-08-19 08:36:30 -06:00
Todd C. Miller
9f7db2df2c ipa_hostname fix 2019-08-16 06:06:51 -06:00
Todd C. Miller
e99082e05b Fix special handling of ipa_hostname that was lost in sudo 1.8.24. 
We now include the long and short hostname in sudo parser container.
 2019-08-15 14:20:12 -06:00
Todd C. Miller
b4bef30d31 Remove unused include file. 2019-08-14 15:09:39 -06:00
Todd C. Miller
44e990c2ac Mention I/O log signal change in NEWS and UPGRADE files. 2019-08-05 16:45:30 -06:00
Todd C. Miller
7a7f02a7ec Asturian translation for sudoers from translationproject.org. 2019-08-05 16:38:41 -06:00
Todd C. Miller
37887c1544 Check source dir if source file is not listed in MANIFEST. 
Previously, we just used the file name without $(srcdir).
 2019-08-05 16:33:18 -06:00