isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5,482 Commits 1 Branch 0 Tags
3b112a17c12fde611dcbb38c285ddf0fee53a56c
Commit Graph

5482 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
f3552b0613 Update from 1.7 branch 2011-01-04 13:54:12 -05:00
Todd C. Miller
d6013eb962 Use "mv -f" when regenerating ChangeLog 2011-01-04 13:48:50 -05:00
Todd C. Miller
b92b745eaf Fix NULL dereference with "sudo -g group" when the sudoers rule has 
no runas user or group listed.  Fixes RedHat bug Bug 667103.
 2011-01-04 12:44:39 -05:00
Todd C. Miller
33201c04e8 Correct the default sudo.conf example 2011-01-03 13:09:03 -05:00
Todd C. Miller
b76c798856 Reset slashp if we allocate a new buffer for strftime() 2010-12-31 10:55:49 -05:00
Todd C. Miller
1bb3518b33 Add extra out parameter to expand_iolog_path() to allow the caller 
to split the path into dir and file components if needed.
 2010-12-31 09:55:40 -05:00
Todd C. Miller
755e3ef0ab mkdir_iopath() returns size_t now that it uses strlcpy() and not snprintf() 2010-12-30 18:08:09 -05:00
Todd C. Miller
7f580397e2 Trim leading slashes from iolog_file and trailing slashes from iolog_dir 2010-12-30 18:05:53 -05:00
Todd C. Miller
25036d7a75 Pass a single I/O log file name in command_details instead of 
separate dir + file parameters.
 2010-12-30 17:09:01 -05:00
Todd C. Miller
2fb085dfac change an error() to errorx() 2010-12-30 17:02:43 -05:00
Todd C. Miller
83de9e28f1 Add missing cwd line to I/O log info file that got dropped when 
iolog_deserialize_info() was added
 2010-12-30 17:01:41 -05:00
Todd C. Miller
fec059a890 Avoid relying on globals filled in by the sudoers policy module for 
the sudoers I/O log module.  The I/O log open function now pulls the
bits it needs out of user_info and command_info.
 2010-12-29 17:32:04 -05:00
Todd C. Miller
97b7ae8892 If no iolog file is specified by the policy plugin, use io_nextid() 
to determine the next file in the sequence.
 2010-12-29 11:07:45 -05:00
Todd C. Miller
3f6f61f852 Document iolog_compress in command_info 2010-12-28 12:25:06 -05:00
Todd C. Miller
02ed3d5b3e Add support for the iolog_compress variable in command_info. 2010-12-28 12:23:18 -05:00
Todd C. Miller
bff14f60e6 Add sigsetjmp() calls to all plugin entry points just to be safe. 2010-12-28 11:02:12 -05:00
Todd C. Miller
5966b67dda Don't need iolog variables in struct command_details, they are for 
the I/O log plugins to handle.
 2010-12-28 10:50:45 -05:00
Todd C. Miller
21dd6af796 Document use of mkdtemp() for iolog path teplates 2010-12-27 15:43:01 -05:00
Todd C. Miller
e3cd512bfa regen 2010-12-27 14:45:13 -05:00
Todd C. Miller
05807cf5e1 Document iolog_file and supported escape sequences for sudoers. 
Clarify that iolog_file can contain directories.
 2010-12-27 14:43:50 -05:00
Todd C. Miller
b8499baaae Fix building of mkstemps/mkdtemp replacements. 2010-12-27 14:07:49 -05:00
Todd C. Miller
5cf56a77ec Provide mkdtemp() for systems without it. 2010-12-27 13:49:49 -05:00
Todd C. Miller
36d8fbb900 Fix typo 2010-12-27 13:49:06 -05:00
Todd C. Miller
4c1aecd48f Only use mkdtemp() if the path ends in at least 6 Xs since otherwise 
glibc mkdtemp() returns EINVAL.
 2010-12-27 12:32:28 -05:00
Todd C. Miller
fba58fa3f7 Allow sudoers to specify the iolog file in addition to the iolog dir. 
Add escape sequence support to iolog file and dir: sequence number,
    user, group, runas_user, runas_group, hostname and command in
    addition to any escape sequence recognized by strftime(3).
 2010-12-27 12:18:32 -05:00
Todd C. Miller
524021a377 Add missing sigsetjmp() call in I/O plugin open function. 
Fixes a crash when the I/O plugin calls error(), errorx() or log_error().
 2010-12-27 11:24:47 -05:00
Todd C. Miller
5d59c10b95 Give the policy module fine-grained control over what the I/O plugin 
logs.
 2010-12-21 17:43:18 -05:00
Todd C. Miller
6505d10ccf Clear OPOST from c_oflag like we used to. Fixes screen-based editors 
such as vi.
 2010-12-21 12:22:07 -05:00
Todd C. Miller
ad41fb497e Clarify umask option description. From Reuben Thomas. 2010-12-21 10:23:45 -05:00
Todd C. Miller
93e9635842 Pick last match in LDAP sudoers too 2010-12-20 16:37:44 -05:00
Todd C. Miller
4294e4db8b Document iolog_file, iolog_dir and use_pty 2010-12-20 16:29:08 -05:00
Todd C. Miller
a10f216797 Adapt plugins to version I/O logging ABI 1.1 2010-12-20 16:28:20 -05:00
Todd C. Miller
c833ff02b6 Add use_pty command_info flag for policies to indicate that a 
pty should be allocated even if no I/O logging is performed.
 2010-12-20 16:27:46 -05:00
Todd C. Miller
c1a22ff152 Add remaining plugin convenience functions 2010-12-20 16:26:30 -05:00
Todd C. Miller
9948dae706 Change I/O log API to pass in command info to the I/O log open function. 
Add iolog_file and iolog_dir parameters to command info.
This allows the policy plugin to specify the I/O log pathname.
Add convenience functions for calling plugin functions that
handle ABI backwards compatibility.
 2010-12-20 16:20:11 -05:00
Todd C. Miller
30797ab8ae Remove useless cast 2010-12-20 16:16:08 -05:00
Todd C. Miller
6649afddba Bump version to 1.8.0b3 2010-12-17 16:36:45 -05:00
Todd C. Miller
aa8a996d5e Remove extraneous newline 2010-12-13 16:58:33 -05:00
Todd C. Miller
b2a6984606 Make I/O log dir configurable. 2010-12-10 14:14:35 -05:00
Todd C. Miller
6c23688511 Rename io_logdir to iolog_dir 2010-12-10 14:13:51 -05:00
Todd C. Miller
14d792dffa Add missing '*' that prevented the generic ELF case from matching. 2010-12-07 15:29:11 -05:00
Todd C. Miller
d734f6b418 If file(1) can't identify the ELF binary type, try readelf(1). 2010-12-07 13:36:27 -05:00
Todd C. Miller
4527bdd9b4 Use %u to print uid/gid, not %lu and adjust casts to match. 2010-11-30 15:21:36 -05:00
Todd C. Miller
3f605ebfaa Clarify ordering of entries and attributes. 2010-11-30 15:05:44 -05:00
Todd C. Miller
23df0b6fa9 Fix typo and editing goof. 2010-11-30 13:40:25 -05:00
Todd C. Miller
feb02ed406 Merge in ordered LDAP entry support from Andreas Mueller. 2010-11-30 13:34:31 -05:00
Todd C. Miller
7e59d4c5c8 Make sure we don't dereference a NULL handle. 2010-11-30 11:59:28 -05:00
Todd C. Miller
7e087f09d2 Add support for RHEL 6 file modes that include a trailing dot on files with an SELinux security context 2010-11-24 11:23:08 -05:00
Todd C. Miller
d0d0e1b9f5 exec_setup() does not need to setuid(0), the Ubuntu issue was in 
the sudoers module.
 2010-11-23 07:35:27 -05:00
Todd C. Miller
8f4b215216 create_admin_success_flag() should use restore_perms() rather than 
set_perms() to restore the uid.
 2010-11-23 07:34:22 -05:00