isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
9,757 Commits 1 Branch 0 Tags
4b6de608c25a6ffbdb507be958e12f814b43077c
Commit Graph

104 Commits

Author SHA1 Message Date
Todd C. Miller
8b03f3e7d0 Move log_denial() calls and logic to log_failure(). 
Move authentication failure logging to log_auth_failure().
Both of these call audit_failure() for us.

This subtly changes logging for commands that are denied by sudoers
but where the user failed to enter the correct password.  Previously,
these would be logged as "N incorrect password attempts" but now
are logged as "command not allowed".  Fixes bug #563
 2012-07-10 12:42:33 -04:00
Todd C. Miller
649edc3192 Export group cache from sudoers.so for system_group.so to use. 2012-06-13 16:21:45 -04:00
Todd C. Miller
2b7659f709 Don't prompt for a password if the user is in the exempt group, is 
root, or is running the command as themselves even if the -k option
was specified.  This makes "sudo -k command" consistent with the
behavior one would get if the user ran "sudo -k" immediately before
running the command.
 2012-05-17 10:20:14 -04:00
Todd C. Miller
087059b295 In Solaris 11, /dev/pts under the "dev" filesystem, not "devices". 
Update tty_is_devpts() to match so we can determine when the tty
has been reused.
 2012-04-05 13:21:22 -04:00
Todd C. Miller
44ce5720de Remove the NO_EXIT flag to log_error() and add a log_fatal() function 
that exits and is marked no_return.  Fixes false positives from
static analyzers and is easier for humans to read too.
 2012-03-26 10:59:14 -04:00
Todd C. Miller
21a2f95821 Use stdbool.h instead of rolling our own TRUE/FALSE macros. 2011-12-02 11:27:33 -05:00
Todd C. Miller
f190bcf94b Don't print garbage at the end of the custom lecture. 2011-11-12 13:08:13 -05:00
Todd C. Miller
9b2c889812 We need to init the auth system regardless of whether we need a 
password since we will be closing the PAM session in the monitor
process.  Fixes a crash in the monitor on Solaris; bugzilla #518
 2011-10-25 10:08:26 -04:00
Todd C. Miller
839919566e Add debug_decl/debug_return (almost) everywhere. 
Remove old sudo_debug() and convert users to sudo_debug_printf().
 2011-10-22 14:40:21 -04:00
Todd C. Miller
45ad681cd6 Delref auth_pw at the end of check_user() instead of getting a ref 
twice.
 2011-09-27 16:21:21 -04:00
Todd C. Miller
1e93d1fbb6 Make sudo_auth_{init,cleanup} return TRUE on success and check for 
sudo_auth_init() return value in check_user().
 2011-09-27 15:41:22 -04:00
Todd C. Miller
bceb5df158 Modify the authentication API such that the init and cleanup functions 
are always called, regardless of whether or not we are going to
verify a password.  This is needed for proper PAM session support.
 2011-09-27 13:18:46 -04:00
Todd C. Miller
4f9a93f658 Fix some potential problems found by the clang static analyzer, 
none serious.
 2011-07-28 10:59:37 -04:00
Todd C. Miller
6c28af1556 Use ROOT_UID not 0. 2011-05-18 13:07:35 -04:00
Todd C. Miller
7960bde2db Minor warning/error message cleanup 2011-05-18 13:04:24 -04:00
Todd C. Miller
6f8cd91928 can't -> "unable to" in warning/error messages 2011-05-18 12:36:26 -04:00
Todd C. Miller
b643b190a7 Prepare sudoers module messages for translation. 2011-05-16 16:32:05 -04:00
Todd C. Miller
39b9b97dbc Fix indentation 2011-01-27 10:03:59 -05:00
Todd C. Miller
ae2f7638f5 standardize on "return foo;" rather than "return(foo);" or "return (foo);" 2011-01-24 15:15:18 -05:00
Todd C. Miller
f7f8b6867e Update copyright year to 2011 2011-01-20 16:46:56 -05:00
Todd C. Miller
2d74e9567f If the user is running sudo as himself but as a different group we 
need to prompt for a password.
 2011-01-11 10:35:20 -05:00
Todd C. Miller
4527bdd9b4 Use %u to print uid/gid, not %lu and adjust casts to match. 2010-11-30 15:21:36 -05:00
Todd C. Miller
66ea399856 Having a timestamp file defined is no longer indicative of tty tickets 
being enabled.  Check def_tty_tickets directly.
 2010-10-07 14:12:17 -04:00
Todd C. Miller
256ee25ab5 Move get_auth() into check.c where it is actually used. 2010-08-21 08:48:35 -04:00
Todd C. Miller
151a2cab56 Update comment 2010-08-12 11:55:56 -04:00
Todd C. Miller
9f27401359 Fix mismerge 2010-08-06 13:53:17 -04:00
Todd C. Miller
640f79e13a When removing/resetting the timestamp file ignore the tty ticket contents. 2010-08-06 12:07:21 -04:00
Todd C. Miller
0186018d3d Reference count cached passwd and group structs. The cache holds 
one reference itself and another is added by sudo_getgr{gid,nam}
and sudo_getpw{uid,nam}.  The final ref on the runas and user passwd
and group structs are persistent for now.
 2010-08-04 09:58:50 -04:00
Todd C. Miller
ec57221017 Do not produce a warning for "sudo -k" if the ticket file does not 
exist.
 2010-08-03 15:16:57 -04:00
Todd C. Miller
420db23714 Quiet gcc warnings on glibc systems that use warn_unused_result for 
write(2) and others.
 2010-08-03 11:17:56 -04:00
Todd C. Miller
30fe4a067c Set usrinfo for AIX 
Set adminstrative domain for the process when looking up user's
    password or group info and when preparing for execve().
Include strings.h even if string.h exists since they may define
    different things.  Fixes warnings on AIX and others.
 2010-06-29 13:08:05 -04:00
Todd C. Miller
f5c5a9bf6a Do not update tty ticket if there is no tty. 2010-06-18 08:00:16 -06:00
Todd C. Miller
eec336115a Move askpass path specification from sudoers to sudo.conf. 2010-06-09 17:40:44 -04:00
Todd C. Miller
79f178923e Replace timerfoo macros with timevalfoo since the timer macros are known 
to be busted on some systems.
 2010-06-08 18:38:23 -04:00
Todd C. Miller
8fa9464d0c Update copyright year and fix whitespace 2010-06-04 09:09:39 -04:00
Todd C. Miller
7ce0dfc61b Enable tty_is_devpts() support for Solaris with the "devices" filesystem. 2010-06-02 14:30:13 -04:00
Todd C. Miller
a331dcb46a If the tty lives on a devpts filesystem, stash the ctime in the tty 
ticket file, as it is not updated when the tty is written to.
This helps us determine when a tty has been reused without the
user authenticating again with sudo.
 2010-05-11 14:25:14 -04:00
Todd C. Miller
b89980ac6e Fix timestamp removal with -k/-K 2010-05-11 13:08:41 -04:00
Todd C. Miller
af092dc406 Fix typo in last commit (ifndef vs ifdef) 
Make sure we pass ctime() a pointer to time_t as tv_sec in struct
timeval may be long.
 2010-04-24 19:22:52 -04:00
Todd C. Miller
17220f44d6 Don't stash ctime in on-disk tty ticket info for now; on many (most?) 
systems the ctime is updated when the tty is written to.  Once I
have a better idea of what systems do not update ctime on ttys (and
have a way to test for this) the ctime stash will be conditionally
re-enabled.
 2010-04-24 19:05:11 -04:00
Todd C. Miller
f7f9def5ef Lock the tty timestamp when writing. We shouldn't have to lock when 
reading since the file is updated via a single write system call.
 2010-04-23 05:56:24 -04:00
Todd C. Miller
05ae3ea6cb Convert to ANSI C function declarations 2010-04-22 18:09:53 -04:00
Todd C. Miller
6a27866c30 get_boottime() now fills in a timeval struct 2010-04-22 10:33:16 -04:00
Todd C. Miller
7d6941a820 Store info from stat(2)ing the tty in the tty ticket when tty tickets 
are in use.  On most systems, this closes the loophole whereby a user
can log out of a tty, log back in and still have the timestamp be valid.
 2010-04-22 10:16:18 -04:00
Todd C. Miller
b4a26b7691 Use timeval directly instead of converting to timespec when dealing 
with file times and time of day.
 2010-04-20 16:44:02 -04:00
Todd C. Miller
744eae82e7 Primitive set/restore permissions. Will be replaced by a push/pop 
model.
 2010-04-10 10:34:37 -04:00
Todd C. Miller
b4f4afdf69 Pass in output function to lbuf_init() instead of writing to stdout. 
A side effect is that the usage info can now go to stderr as it should.
 2010-03-18 06:42:17 -04:00
Todd C. Miller
d5ae4c7d87 Kill __P in sudoers 2010-03-17 19:56:27 -04:00
Todd C. Miller
51c55cd487 Use conversation function for lecture. 2010-03-16 07:41:41 -04:00
Todd C. Miller
cbf298bfc8 Don't update ticket file if verify_user returns FALSE. 2010-03-16 07:13:57 -04:00