isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
11,874 Commits 1 Branch 0 Tags
57b5ff8e8cba59b09b1ec2bc192a799f5ca19e65
Commit Graph

160 Commits

Author SHA1 Message Date
Todd C. Miller
4bfeed2210 Quiet an llvm checker warning. 2013-03-06 16:48:43 -05:00
Todd C. Miller
0c40e82c16 Add simple regress tests for sudo.conf parsing. 2013-02-15 14:42:10 -05:00
Todd C. Miller
1d7072fe09 Don't include <sys/param.h>. We only needed it for MAXPATHLEN, 
MAXHOSTNAMELEN and the MIN/MAX macros.  We now use PATH_MAX and
HOST_NAME_MAX throughout without falling back on MAXPATHLEN or
MAXHOSTNAMELEN and define our own MIN/MAX macros as needed.
 2012-12-04 10:40:47 -05:00
Todd C. Miller
3c9da162e4 Use MAX_HOST_NAME+1 (limits.h) instead of MAXHOSTNAMELEN (sys/param.h 
or netdb.h).
 2012-12-04 10:18:41 -05:00
Todd C. Miller
2632ec7e69 Move warn/error into common and make static builds work. 2012-11-25 09:34:40 -05:00
Todd C. Miller
c2c6616a0c Move _sudo_printf from src/conversation.c to common/sudo_printf.c. 
Add sudo_printf function pointer that is initialized to _sudo_printf()
instead of requiring a sudo_conv function pointer everywhere.  The
plugin will reset sudo_printf to point to the version passed in via
the plugin open function.  Now plugin_error.c can just call sudo_printf
in all cases.  The sudoers binaries no longer need their own version
of sudo_printf.
 2012-11-25 09:34:33 -05:00
Todd C. Miller
90147bb605 Allow sudoers programs (visudo, sudoreplay, visudo) to use 
plugin_error.c instead of the error.c from the front-end.  This
means sudoers_setlocale() needs to be independent of the sudo_user
struct and the defaults table.  The sudoers locale is now updated
via a callback.
 2012-11-25 09:33:52 -05:00
Todd C. Miller
acf8af9aac #unifdef HAVE_SETLOCALE, it is C89 so no need to check for it. 2012-11-12 08:51:58 -05:00
Todd C. Miller
c1db4b1546 Always include locale.h from gettext.h so we no longer need to 
include locale.h from the .c files.
 2012-11-11 20:23:53 -05:00
Todd C. Miller
475662aaa4 Refactor policy plugin interface code from sudoers.c into policy.c 2012-10-25 16:58:31 -04:00
Todd C. Miller
929aef0754 Make interfaces pointer private to interfaces.c and add get_interfaces() 
accessor.
 2012-10-25 13:15:52 -04:00
Todd C. Miller
a3a1574cdf Explicitly mark main() as public in executables to avoid an HP-UX 
ld warning.
 2012-10-02 15:08:02 -04:00
Todd C. Miller
5276ab3a5f Set yacc prefix to "sudoers" to avoid conflicts other yacc parsers. 2012-09-14 16:19:25 -04:00
Todd C. Miller
241b2395cf Reduce the number of "internal error, foo overflow" messages that 
need to be translated.
 2012-08-10 12:18:38 -04:00
Todd C. Miller
355d40aa86 The second argument to init_parser() is now bool. 2012-08-02 15:40:11 -04:00
Todd C. Miller
57699c5531 If a command matches using an empty Runas_List (i.e. Runas_List is 
present but empty) and the -u option was not specified, set runas_pw
to user_pw instead of using runas_default.  This is intended to be
used in conjunction with the Solaris Privilege Set support for rules
that grant privileges without changing the user.
 2012-08-02 14:37:32 -04:00
Todd C. Miller
4abd2a6cf4 Merge in Solaris privilege support by Darren Moffat and John Zolnowsky 2012-07-26 13:49:21 -04:00
Todd C. Miller
649edc3192 Export group cache from sudoers.so for system_group.so to use. 2012-06-13 16:21:45 -04:00
Todd C. Miller
ca9331d498 Add tests for sudoers mode, owner and group checks. 2012-05-21 15:39:24 -04:00
Todd C. Miller
b35cd75533 Add -U sudoers_uid option to testsudoers. 2012-05-18 14:29:29 -04:00
Todd C. Miller
c30872260f Include locale.h 2012-01-09 15:34:05 -05:00
Todd C. Miller
5dd3f0ec56 Enable debugging via sudo.conf. 2012-01-08 12:11:14 -05:00
Todd C. Miller
0771c981de Update copyright year. 2012-01-06 14:23:55 -05:00
Todd C. Miller
47bcaf57bc parse_error is now bool, not int 2012-01-04 15:45:27 -05:00
Todd C. Miller
21a2f95821 Use stdbool.h instead of rolling our own TRUE/FALSE macros. 2011-12-02 11:27:33 -05:00
Todd C. Miller
65b781a2ef Use SUDO_CONV_DEBUG_MSG in the plugin instead of writing 
directly to the debug file.
 2011-11-13 13:55:19 -05:00
Todd C. Miller
09beba8259 Revert 003bdb078a15. We need to #include <gram.h> not "gram.h" and 
<def_data.h> and not "def_data.h" when generating the parser in a
build dir.
 2011-11-12 12:18:44 -05:00
Todd C. Miller
0bf68d2103 #include "gram.h" not <gram.h> and "def_data.h" and not <def_data.h>. 2011-11-08 14:09:48 -05:00
Todd C. Miller
cf7ad29f49 Prevent "testsudoers -d username" from trying to malloc(0). 2011-11-07 08:44:05 -05:00
Todd C. Miller
9fddb9eed7 Print line number when there is a parser error. 2011-11-06 17:00:40 -05:00
Todd C. Miller
9923464d96 Wrap error/errorx and warning/warningx functions with debug statements. 
Disable wrapping for standalone sudoers programs as well as memory
allocation functions (to avoid infinite recursion).
 2011-10-22 14:28:33 -04:00
Todd C. Miller
6099e1bc42 Add dedicated callback function for runas_default sudoers setting 
that only sets runas_pw if no runas user or group was specified by
the user.
 2011-08-10 09:02:37 -04:00
Todd C. Miller
01ae3d4771 Go back to using a callback for runas_default to keep runas_pw in 
sync.  This is needed to make per-entry runas_default settings work
with LDAP-based sudoers.  Instead of declaring it a callback in
def_data.in, sudo and testsudoers poke sudo_defs_table[] which is
a bit naughty, but avoids requiring stub functions in visudo and
the tests.
 2011-08-09 14:54:42 -04:00
Todd C. Miller
b643b190a7 Prepare sudoers module messages for translation. 2011-05-16 16:32:05 -04:00
Todd C. Miller
3ffb649863 In dump-only mode, use "root" as the default username instead of 
"nobody" as the latter may not be available on all systems.
 2011-04-01 13:54:30 -04:00
Todd C. Miller
129ccecd3d Remove NewArgv/NewArgc, they are no longer needed. 2011-03-31 14:06:11 -04:00
Todd C. Miller
987e1dbe62 Fix setting of user_args 2011-03-31 13:57:05 -04:00
Todd C. Miller
8b9d773bae Add runasgroup support to testsudoers 2011-03-29 14:40:07 -04:00
Todd C. Miller
b87465b56f More useful exit codes: 
* 0 - parsed OK and command matched.
 * 1 - parse error
 * 2 - command not matched
 * 3 - command denied
 2011-03-29 13:09:58 -04:00
Todd C. Miller
cf8caed3bb Fix printing "User_Alias FOO = ALL" 2011-03-23 16:00:30 -04:00
Todd C. Miller
a27b3f3407 Make lex tracing settable at run-time in testsudoers via the -t 
flag.  Trace output goes to stderr.  Will be used by regress tests
to check lexer.
 2011-03-20 21:25:57 -04:00
Todd C. Miller
95512ae05e No longer need sudo_getepw() stubs. 2011-03-04 08:08:22 -05:00
Todd C. Miller
ae2f7638f5 standardize on "return foo;" rather than "return(foo);" or "return (foo);" 2011-01-24 15:15:18 -05:00
Todd C. Miller
f7f8b6867e Update copyright year to 2011 2011-01-20 16:46:56 -05:00
Todd C. Miller
217d296111 Need to set user_name explicitly due to internal changes made when 
converting sudoers to a plugin.
 2011-01-07 11:56:15 -05:00
Todd C. Miller
5a0f2164ef Avoid conflicts with system definitions in grp.h and pwd.h 2010-11-20 10:33:23 -05:00
Todd C. Miller
51f401fa34 Add prototype for cleanup() 2010-11-19 12:58:03 -05:00
Todd C. Miller
e069b74dc8 Convert sudoers plugin to use interface list passed in settings. 2010-09-08 15:07:40 -04:00
Todd C. Miller
e6b48d415c Replace built-in non-unix group support with a sudoers group plugin. 
Include a sample plugin that can read Unix-format group files.
 2010-07-02 11:11:25 -04:00
Todd C. Miller
30fe4a067c Set usrinfo for AIX 
Set adminstrative domain for the process when looking up user's
    password or group info and when preparing for execve().
Include strings.h even if string.h exists since they may define
    different things.  Fixes warnings on AIX and others.
 2010-06-29 13:08:05 -04:00