isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7,311 Commits 1 Branch 0 Tags
4d712aa9038dda6e5f739cc2362b285e485ee298
Commit Graph

31 Commits

Author SHA1 Message Date
Todd C. Miller
4d712aa903 Don't write an empty timestamp record when timestamp_timeout is 
zero.  If we find an empty record in the timestamp file, overwrite
it with a good one, truncating the file as needed.
 2014-03-17 07:14:55 -06:00
Todd C. Miller
403a48da40 Fix typo/thinko that prevented "Defaults !tty_tickets" from working. 2014-03-13 13:38:42 -06:00
Todd C. Miller
f2f96d849b Fix conversion of timestamp_timeout from double to struct timeval. 
Also quiet a printf format warning on 32-bit systems.
 2014-02-26 10:29:52 -07:00
Todd C. Miller
b299763e34 Don't warn about an insecure lecture dir twice. 
Display warnings in the user's locale.
 2014-02-06 15:46:27 -07:00
Todd C. Miller
7155fc526f Bring back boot time checking code and zero out time stamp files 
that predate the boot time.  This should help systems w/o /var/run
where the admin has setup rc.d to clear the timestamp directory.
 2014-02-03 05:45:27 -07:00
Todd C. Miller
32b897ac67 Restore warning when sudoers is unable to update the time stamp file. 2014-02-01 06:11:29 -07:00
Todd C. Miller
fb29e91ef0 Fix use of timestampowner in the new time stamp world order. Parent 
directories for timestampdir and lecture_dir are now created with
the execute bit set so that we can traverse them as non-root.
 2014-02-01 05:47:16 -07:00
Todd C. Miller
32b4713d6d sprinkle some debug printfs and add function header comments 2014-01-31 15:28:41 -07:00
Todd C. Miller
d7257a63e7 Properly handle the case where /var/run/sudo/ts doesn't exist. 2014-01-31 15:02:31 -07:00
Todd C. Miller
596fc68aca Warn on ftruncate failure(). 2014-01-30 16:24:48 -07:00
Todd C. Miller
63e7aa9942 Fix checking of lecture status. 2014-01-30 16:15:03 -07:00
Todd C. Miller
659b1f0e34 Switch to new time stamp file format. Each user now has a single 
file which may contain multiple records when per-tty time stamps
are in use (the default).  The time stamps use a monotonic timer
where available and are once again stored in /var/run/sudo.  The
lecture status is now stored separately from the time stamps in a
different directory.
 2014-01-30 15:50:40 -07:00
Todd C. Miller
96eb2c4f8f Add warning_gettext() wrapper function that changes to the user locale, 
then calls gettext().
Add U_ macro that calls warning_gettext() instead of gettext().
Rename warning2()/error2() back to warning_nodebug()/error_nodebug().
 2013-11-18 08:59:57 -07:00
Todd C. Miller
99b7351de0 Fix some #if vs. #ifdef and remove an extraneous semicolon. 
Bug #624; from Daniel Richard G.
 2013-11-17 16:15:36 -07:00
Todd C. Miller
07a804caf3 Quiet sign comparision warnings. 2013-10-23 15:03:31 -06:00
Todd C. Miller
bd52869056 Be specific that we are talking about the Unix epoch; bug #615 2013-09-03 14:50:28 -06:00
Todd C. Miller
39d630f2f2 If tty_tickets are enabled but there is no tty, use a ticket file 
based on the parent pid.
 2013-08-13 12:55:17 -06:00
Todd C. Miller
1e5e5fb440 No longer store the ctime of a devpts tty. The handling of ctime 
on devpts in Linux has been changed to conform to POSIX.  As a
result we can no longer assume that the ctime will stay unchanged
throughout the life of the session.  We store the session ID in the
time stamp file so there is a much smaller chance of the time stamp
file being reused by a new login.  While here, store the uid/gid
in the timestamp file too for good measure.
 2013-05-03 16:14:12 -04:00
Todd C. Miller
95b50f84af Use time(&now) instead of now = time(NULL) when storing the current 
time in a time_t (better compiler error checking).
Better parsing and printing of 64-bit time_t on 32-bit platforms.
 2013-04-23 13:15:22 -04:00
Todd C. Miller
1162b55040 Rename log_error() -> log_warning() for consistency with warning()/fatal() 2013-04-18 14:14:03 -04:00
Todd C. Miller
39acd2fcba Rename error/errorx -> fatal/fatalx and remove the exit value as 
it was always 1.
 2013-04-18 14:07:59 -04:00
Todd C. Miller
5555b86d7e Log timestampfile to debug file. 2013-04-09 14:17:59 -04:00
Todd C. Miller
4d3fc204f7 Pass auth_pw to the timestamp functions. 2013-03-28 13:22:09 -04:00
Todd C. Miller
8b4c192058 Move contents of timestamp.h into check.h. 2013-03-25 11:28:21 -04:00
Todd C. Miller
04b25a8bcd Completely ignore time stamp file if it is set to the epoch, 
regardless of what gettimeofday() returns.
 2013-02-21 10:05:16 -05:00
Todd C. Miller
2e08777f25 Store the session ID in the tty ticket file too. A tty may only 
be in one session at a time so if the session ID doesn't match we
ignore the ticket.
 2013-02-08 10:43:14 -05:00
Todd C. Miller
1d7072fe09 Don't include <sys/param.h>. We only needed it for MAXPATHLEN, 
MAXHOSTNAMELEN and the MIN/MAX macros.  We now use PATH_MAX and
HOST_NAME_MAX throughout without falling back on MAXPATHLEN or
MAXHOSTNAMELEN and define our own MIN/MAX macros as needed.
 2012-12-04 10:40:47 -05:00
Todd C. Miller
56de023de8 Avoid strerror() when possible and just rely on warning/error 
to handle errno in the proper locale.
 2012-11-09 16:32:29 -05:00
Todd C. Miller
a0c53bd751 Call gettext inside log_error et al instead of having the caller do it. This way we can display any messages to the user in their own locale but log in the sudoers local. 2012-11-08 15:37:44 -05:00
Todd C. Miller
0a7af23038 Make check.c independent of the underlying timestamp implementation. 2012-10-23 14:16:57 -04:00
Todd C. Miller
0fa33ccf0f Split off timestamp functions into their own source file. 2012-09-27 10:21:13 -04:00