isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
12,419 Commits 1 Branch 0 Tags
45fdfa18f1d46a1d6171a8f94f0fa9396b51de20
Commit Graph

26 Commits

Author SHA1 Message Date
Todd C. Miller
01ff7c476d parse.h is already included by sudoers.h. 2023-05-09 13:44:16 -06:00
Todd C. Miller
8cbd5462a6 Move sudoers search path to struct sudoers_parser_config. 
That way we can avoid passing it to init_parser() directly.
We still need sudoers_search_path to be shared between the lexer
and the parser.
 2023-05-08 17:04:38 -06:00
Todd C. Miller
9d7c30c5a8 Add struct sudoers_parser_config and pass it to init_parser(). 
This struct contains parser configuration such as the sudoers file
uid/gid/mode and parse flags such as verbose, strict and recovery.
 2023-05-08 17:03:31 -06:00
Todd C. Miller
f553ddc430 Make sudoers_file private to policy.c and visudo.c. 
We just need a way for the policy (and visudo) to override the
default sudoers path.  This adds a getter to be used in file.c when
sudoers is first opened.
 2023-05-02 10:47:47 -06:00
Todd C. Miller
f17b35471f Support sudoers_file being a colon-separated path of files. 
The first file found is used.
 2023-05-02 10:37:38 -06:00
Todd C. Miller
4b563ea44f Pass around const struct sudo_nss pointers where possible. 2023-03-17 13:41:38 -06:00
Todd C. Miller
0aad96bba1 Add per-source innetgr function pointer and use it in netgr_matches(). 
This will be used to implement LDAP-specific netgroup lookups when
netgroup_base is set in ldap.conf.
 2023-03-08 13:44:22 -07:00
Todd C. Miller
d7ddff2a31 Add a hook for sudoers parse errors (including defaults and aliases). 
The hook can be used to log parser errors (sudoers module) or keep
track of which files have an error (visudo).
Previously, we only kept track of a single parse error.
 2022-03-10 13:30:56 -07:00
Todd C. Miller
6ec279532e Add a source to struct sudo_nss and use it if getdefs() fails. 
Also remove useless "Problem with defaults entries" warning in testsudoers.
 2022-03-09 12:38:25 -07:00
Todd C. Miller
7d3f9293c6 Preserve the column and error message when there is a syntax error. 
This information is now included in the error mail sent to root.
 2022-03-06 18:54:30 -07:00
Todd C. Miller
132936f8f0 Make it possible to call the sudoers policy check function multiple times. 
We need to reset the Defaults values to their original state.
 2021-08-09 15:50:25 -06:00
Todd C. Miller
609910cc21 sudoers error recovery can be configured via an "error_recovery" setting. 
This setting is an argument to the sudoers plugin, similar to how
sudoers_file, sudoers_mode, sudoers_uid, etc. are implemented.
The default value is true.
 2020-08-17 13:14:30 -06:00
Todd C. Miller
7c342e5862 Let the sudoers parser recover after a parse error. 
We currently just discard the line with the error.
 2020-08-07 14:20:21 -06:00
Todd C. Miller
dd88460800 We no longer need to include headers we don't use for sudo*.h files. 
Previously we needed to include headers required by the various
sudo*h files.  Now those files are more self-sufficient and we
should only include headers needed by code in the various .c files.
 2020-05-18 06:47:04 -06:00
Todd C. Miller
486ee2b71f debug_decl and debug_decl_vars now require a semicolon at the end. 2019-12-22 08:48:16 -07:00
Todd C. Miller
e99082e05b Fix special handling of ipa_hostname that was lost in sudo 1.8.24. 
We now include the long and short hostname in sudo parser container.
 2019-08-15 14:20:12 -06:00
Todd C. Miller
1e1ef61902 Add SPDX-License-Identifier to files. 2019-04-29 07:21:51 -06:00
Todd C. Miller
6c3d20cb41 Convert PVS-Studio comment to ANSI C. 2018-10-26 08:39:09 -06:00
Todd C. Miller
019279a4b8 Fix some mangled text in the license block. 2018-10-26 08:19:41 -06:00
Todd C. Miller
64e5d34c57 Add comments in .c files so PVS-Studio will check them. 2018-10-21 08:46:05 -06:00
Todd C. Miller
70d519c8ad o Move userspecs, defaults and aliases into a new struct sudoers_parse_tree. 
o The parse tree is now passed to the alias, match and defaults functions.
o The nss API has been changed so that the nss parse() function returns
  a pointer to a struct sudoers_parse_tree which will be filled in
  by the getdefs() and query() functions.
 2018-07-26 15:12:33 -06:00
Todd C. Miller
1202beafba Fix memory leak of handle pointer on close. 2018-05-29 10:10:20 -06:00
Todd C. Miller
0b31f186cd Move cached userspecs and defaults into the handle object. 2018-05-29 09:39:40 -06:00
Todd C. Miller
e401f92830 Reorder things to avoid the need to declare static functions. 2018-05-28 07:35:51 -06:00
Todd C. Miller
f38317269d Add free_userspecs() and free_default() and use them instead of 
looping over the lists and calling free_userspec() and free_default().
 2018-05-15 16:35:07 -06:00
Todd C. Miller
f9be3a48a2 Simplify the nss interface such that each sudoers provider fills 
in a per-nss list of userspecs and defaults instead of using separate
lookup and list functions.  This makes it possible to have a single
implementation of the code for sudoers lookup and listing.
 2018-05-14 09:05:03 -06:00