isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,698 Commits 1 Branch 0 Tags
56d45003e5ce0cb38eb1ae2eddf4871fff0f815d
Commit Graph

44 Commits

Author SHA1 Message Date
Todd C. Miller
56d45003e5 Quiet gcc -Wuninitialized false positive 2013-03-06 15:56:26 -05:00
Todd C. Miller
2228763ff2 Fix typos in selinux/solaris privs specific code. 2013-02-21 15:59:21 -05:00
Todd C. Miller
fa924d09bc Make sudoers file long list output better match the format used by 
ldap sudoers.  Tags are now converted to options and there is a
single command per line.
 2013-02-20 15:09:21 -05:00
Todd C. Miller
064cb0ceda For "sudo -l" start a new line if the runas list changes to make 
the output easier to read.
 2013-02-20 10:47:31 -05:00
Todd C. Miller
d00ad3bbe2 For "sudo -l" and "sudo -ll" only print the runas info for subsequent 
commands in a list if the runas info has changed.  If we have new
runas info, print out the tags again so as to be less confusing to
the user.  For "sudo -ll" set the line continuation indent to 8.
 2013-02-19 16:29:17 -05:00
Todd C. Miller
1d7072fe09 Don't include <sys/param.h>. We only needed it for MAXPATHLEN, 
MAXHOSTNAMELEN and the MIN/MAX macros.  We now use PATH_MAX and
HOST_NAME_MAX throughout without falling back on MAXPATHLEN or
MAXHOSTNAMELEN and define our own MIN/MAX macros as needed.
 2012-12-04 10:40:47 -05:00
Todd C. Miller
a0c53bd751 Call gettext inside log_error et al instead of having the caller do it. This way we can display any messages to the user in their own locale but log in the sudoers local. 2012-11-08 15:37:44 -05:00
Todd C. Miller
5276ab3a5f Set yacc prefix to "sudoers" to avoid conflicts other yacc parsers. 2012-09-14 16:19:25 -04:00
Todd C. Miller
793426106e Fix NULL deref when an entry has no Runas_Entry 2012-08-22 15:50:58 -04:00
Todd C. Miller
355d40aa86 The second argument to init_parser() is now bool. 2012-08-02 15:40:11 -04:00
Todd C. Miller
57699c5531 If a command matches using an empty Runas_List (i.e. Runas_List is 
present but empty) and the -u option was not specified, set runas_pw
to user_pw instead of using runas_default.  This is intended to be
used in conjunction with the Solaris Privilege Set support for rules
that grant privileges without changing the user.
 2012-08-02 14:37:32 -04:00
Todd C. Miller
e2d210a340 Add support for parsing an empty Runas_List, which only allows the 
command to be run as the invoking user.  This can be used in
conjunction with the Solaris Privilege Set support to grant privileges
without changing the user.
 2012-08-02 14:02:54 -04:00
Todd C. Miller
4abd2a6cf4 Merge in Solaris privilege support by Darren Moffat and John Zolnowsky 2012-07-26 13:49:21 -04:00
Todd C. Miller
44ce5720de Remove the NO_EXIT flag to log_error() and add a log_fatal() function 
that exits and is marked no_return.  Fixes false positives from
static analyzers and is easier for humans to read too.
 2012-03-26 10:59:14 -04:00
Todd C. Miller
d539c606e0 Fix bogus int -> bool conversion; tags can have a value of -1. 2012-03-12 19:34:19 -04:00
Todd C. Miller
0771c981de Update copyright year. 2012-01-06 14:23:55 -05:00
Todd C. Miller
47bcaf57bc parse_error is now bool, not int 2012-01-04 15:45:27 -05:00
Todd C. Miller
0f5eaa17fd Print a more sensible error if yyparse() returns non-zero but 
yyerror() was not called.
 2012-01-04 15:45:03 -05:00
Todd C. Miller
21a2f95821 Use stdbool.h instead of rolling our own TRUE/FALSE macros. 2011-12-02 11:27:33 -05:00
Todd C. Miller
09beba8259 Revert 003bdb078a15. We need to #include <gram.h> not "gram.h" and 
<def_data.h> and not "def_data.h" when generating the parser in a
build dir.
 2011-11-12 12:18:44 -05:00
Todd C. Miller
0bf68d2103 #include "gram.h" not <gram.h> and "def_data.h" and not <def_data.h>. 2011-11-08 14:09:48 -05:00
Todd C. Miller
839919566e Add debug_decl/debug_return (almost) everywhere. 
Remove old sudo_debug() and convert users to sudo_debug_printf().
 2011-10-22 14:40:21 -04:00
Todd C. Miller
dacb1e47f3 Honor NOPASSWD tag for denied commands too. 2011-09-09 09:57:39 -04:00
Todd C. Miller
4f9a93f658 Fix some potential problems found by the clang static analyzer, 
none serious.
 2011-07-28 10:59:37 -04:00
Todd C. Miller
ab3b3eb83b Quiet gcc warnings. 2011-05-28 15:27:14 -04:00
Todd C. Miller
bd36d4f2ab Add primitive format string support to the lbuf code to make translations 
simpler.
 2011-05-20 15:25:03 -04:00
Todd C. Miller
67cc4ff025 Translate help / usage strings. 2011-05-19 16:07:14 -04:00
Todd C. Miller
b643b190a7 Prepare sudoers module messages for translation. 2011-05-16 16:32:05 -04:00
Todd C. Miller
cf7ec7a3cc Fix typo; tupple vs. tuple 2011-03-15 15:52:18 -04:00
Todd C. Miller
53da5e8cdf Update copyright years. 2011-03-11 15:34:35 -05:00
Todd C. Miller
3c0672e2e3 Allow sudoers file name, mode, uid and gid to be specified in the 
settings list.  The sudo front end does not currently set these
but may in the future.
 2011-02-23 13:38:52 -05:00
Todd C. Miller
1f5c1dda14 cosmetic change 2011-01-24 15:35:44 -05:00
Todd C. Miller
ae2f7638f5 standardize on "return foo;" rather than "return(foo);" or "return (foo);" 2011-01-24 15:15:18 -05:00
Todd C. Miller
27f6558df9 Do not return -1 on error from the display functions; the caller 
expects a return value >= 0.
 2010-09-04 08:42:08 -04:00
Todd C. Miller
30fe4a067c Set usrinfo for AIX 
Set adminstrative domain for the process when looking up user's
    password or group info and when preparing for execve().
Include strings.h even if string.h exists since they may define
    different things.  Fixes warnings on AIX and others.
 2010-06-29 13:08:05 -04:00
Todd C. Miller
2dd29bf64d Break sudoers transcript feature up into log_input and log_output. 2010-05-30 10:31:38 -04:00
Todd C. Miller
34e1a06767 Use sudo_printf to display verbose version information. 2010-05-28 12:01:06 -04:00
Todd C. Miller
05ae3ea6cb Convert to ANSI C function declarations 2010-04-22 18:09:53 -04:00
Todd C. Miller
744eae82e7 Primitive set/restore permissions. Will be replaced by a push/pop 
model.
 2010-04-10 10:34:37 -04:00
Todd C. Miller
8c9db4ef6f Better prefix determination now that we can't rely on len==0 to 
tell the beginning on an entry.
 2010-03-19 08:17:58 -04:00
Todd C. Miller
38937dca5e Use embedded newlines in lbuf instead of multiple calls to lbuf_print. 2010-03-19 07:04:34 -04:00
Todd C. Miller
d5ae4c7d87 Kill __P in sudoers 2010-03-17 19:56:27 -04:00
Todd C. Miller
9b0205846b Initial bits of sudoers plugin; still needs work. 2010-03-14 19:58:47 -04:00
Todd C. Miller
e90fa482f9 Rework source layout in preparation for modular sudo. 2010-02-20 09:14:01 -05:00