isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3,488 Commits 1 Branch 0 Tags
596d1ef5a4d74ea04936d0eccde94e7c59d71d09
Commit Graph

96 Commits

Author SHA1 Message Date
Todd C. Miller
9846e562ad Implement group caching and use the passwd and group caches throughout. 2004-11-16 04:24:11 +00:00
Todd C. Miller
51375f969f Add local error/warning functions like err/warn but that call an additional 
cleanup routine in the error case.  This means we no longer need to compile
a special version of alloc.o for visudo.
 2004-11-15 15:53:53 +00:00
Todd C. Miller
e26e40df8a Store aliases in a red-black tree. 2004-11-15 03:55:22 +00:00
Todd C. Miller
987d5cf815 Rewrite for the new parser. Now supports a -d flag (dump) and adds a -h 
flag (host).  It now defaults to the local hostname unless otherwise
specified.
 2004-10-26 22:25:34 +00:00
Todd C. Miller
d9e4426cb1 Kill set_perms() stub--it is no longer needed. 2004-10-21 16:31:19 +00:00
Todd C. Miller
cbcb60b184 Add keepopen arg to open_sudoers that open_sudoers can use to 
indicate to the caller that the fd should not be closed when it
is done with it.  To be used by visudo to keep locked fds from
being closed prematurely (and thus losing the lock).
 2004-09-29 18:36:33 +00:00
Todd C. Miller
01212e4ebb init_parser now takes a path 2004-09-28 18:31:38 +00:00
Todd C. Miller
ec0ef3fcf7 Add open_sudoers() stubs. 2004-09-27 16:02:10 +00:00
Todd C. Miller
1a46dd74f6 Don't pass user_cmnd and user_args to command_matches(), just use 
the globals there.  Since we keep state with statics anyway it is
misleading to pretend that passing in different cmnd and cmnd_args
will work.
 2004-08-02 18:44:58 +00:00
Todd C. Miller
c01dbab988 update (c) year 2004-06-07 00:02:56 +00:00
Todd C. Miller
713e419fe9 Remove trailing spaces, no actual code changes. 2004-06-06 23:58:11 +00:00
Todd C. Miller
6190f376c1 If the user specified a uid with the -u flag and the uid exists in 
the passwd file, set runas_user to the name, not the uid.

When comparing usernames in sudoers, if a name is really a uid (starts
with '#') compare it numerically to pw_uid.
 2004-03-24 23:06:34 +00:00
Todd C. Miller
5befe6ddfe More to a less restrictive, ISC-style license. 2004-02-13 21:36:44 +00:00
Todd C. Miller
327729a7e6 Add stub set_runaspw() function 2004-01-16 23:09:34 +00:00
Todd C. Miller
4e74e8c530 add DARPA credit on affected files 2003-04-16 00:42:10 +00:00
Todd C. Miller
dcf1a5acce Use warn/err and getprogname() throughout. The main exception is 
openlog().  Since the admin may be filtering logs based on the
program name in the log files, hard code this to "sudo".
 2003-04-02 18:25:30 +00:00
Todd C. Miller
632dbebef0 fix strlcpy() rval check (innocuous) 2003-04-01 15:02:49 +00:00
Todd C. Miller
48229cbac6 update copyright year 2003-03-15 20:31:02 +00:00
Todd C. Miller
eebc763bd3 Use strlc{at,py} for paranoia's sake and exit on overflow. In all 
cases the strings were either pre-allocated to the correct size of
length checks were done before the copy but a little paranoia can
go a long way.
 2003-03-13 20:00:45 +00:00
Todd C. Miller
c289159953 g/c second arg to set_perms--it is no longer used 2002-05-05 00:43:38 +00:00
Todd C. Miller
7cc2f3b3e5 Remove Chris Jepeway's email address so people don't bug him ;-) 2002-03-16 00:44:48 +00:00
Todd C. Miller
b083b9f925 Fix CIDR handling here too. 2001-12-15 02:27:17 +00:00
Todd C. Miller
65fad4df35 o Reorder some headers and use STDC_HEADERS define properly 
o Update copyright year
 2001-12-14 19:52:54 +00:00
Todd C. Miller
7b93f51d5e Add dummy version of init_envtables() 2001-12-11 22:55:23 +00:00
Todd C. Miller
998631b73a New Defaults options: 
o stay_setuid - sudo will remain setuid if system has saved uids or setreuid(2)
 o env_reset - reset the environment to a sane default
 o env_keep - preserve environment variables that would otherwise be cleared

No longer use getenv/putenv/setenv functions--do environment munging by hand.
Potentially dangerous environment variables can be cleared only if they
contain '/' pr '%' characters to protect buggy programs.
Moved environment routines into env.c (new file)
 2000-12-30 03:29:47 +00:00
Todd C. Miller
ffca544b6c Fully qualified hosts w/ wildcards were not matching the FQHOST token type. 
There's really no need for a separate token for fully-qualified vs.
unqualified anymore so FQHOST is now history and hostname_matches
now decides which hostname (short or long) to check based on whether
or not the pattern contains a '.'.
 2000-03-23 04:38:22 +00:00
Todd C. Miller
5ce1fa96f2 Add support for wildcards in the hostname. 2000-03-23 04:09:53 +00:00
Todd C. Miller
db2c555453 kill register 2000-03-22 15:53:09 +00:00
Todd C. Miller
9e0bae9fc6 update copyright year on changed files 2000-01-17 23:46:26 +00:00
Todd C. Miller
0b59a0974d netgr_matches needs to check shost as well as host since they may be different. 2000-01-11 18:20:41 +00:00
Todd C. Miller
957fa7941d o Kill HAVE_FNMATCH_H 
o Only define HAVE_FNMATCH if <fnmatch.h> exists.
 1999-12-09 03:54:57 +00:00
Todd C. Miller
a183816d27 add set_fqdn() stub 1999-12-05 02:18:17 +00:00
Todd C. Miller
13bf42675d Add support for "Defaults" line in sudoers to make configuration variables 
changable at runtime (and on a global, per-host and per-user basis).
Both the names and the internal representation are still subject to change.
It was necessary to make sudo_user.runas but a char ** instead of a
char * since this value can be changed by a Defaults line.  There is a
similar (but more complicated) issue with sudo_user.prompt but it
is handled differently at the moment.

Add a "-L" flag to list the name of options with their descriptions.  This
may only be temporary.

Move some prototypes to parse.h

Be much less restrictive on what is allowed for a username.
 1999-09-08 08:06:28 +00:00
Todd C. Miller
a067249e1c Move inclusion of emul/fnmatch.h to be after sudo.h for __P 1999-08-28 10:00:22 +00:00
Todd C. Miller
8723291d89 CIDR-style netmask support 1999-08-24 16:42:28 +00:00
Todd C. Miller
2386dc1b45 o Add a "pedentic" flag to the parser. This makes sudo warn in cases 
where an alias may be used before it is defined.  Only turned on for visudo
and testsudoers.
o Add --disable-authentication option that makes sudo not require
authentication by default.  The PASSWD tag can be used to require
authentication for an entry.  We no longer overload --without-passwd.
 1999-08-12 14:37:27 +00:00
Todd C. Miller
0d732401f4 add 4th term to license similar to term 5 in the apache license 1999-07-31 16:19:50 +00:00
Todd C. Miller
4dc01cc916 o BSD-style copyright 
o Use "struct sudo_user" instead of old globals.
o some cometic cleanup
 1999-07-22 12:57:47 +00:00
Todd C. Miller
feb78be26e interfaces and num_interfaces are now auto, not extern 1999-07-08 09:45:16 +00:00
Todd C. Miller
80287c981c Move interface-related defines to interfaces.h so we don't have to include 
<netinet/in.h> everywhere.
 1999-05-17 01:36:30 +00:00
Todd C. Miller
06e586ee7b Function names should be flush with the start of the line so they can be found trivially in an editor and with grep 1999-04-10 04:49:03 +00:00
Todd C. Miller
eecc5ce1c9 free(3) is already void, no need to cast it 1999-04-10 04:40:57 +00:00
Todd C. Miller
59b0cff8cf Stash the "safe" path (ie: the one listed in sudoers) to the command instead 
of stashing the struct stat.  Should be safer.
 1999-04-10 04:10:01 +00:00
Todd C. Miller
3a8971f654 Quiet -Wall 1999-04-07 06:59:59 +00:00
Todd C. Miller
e6deacb6c4 Crank version to 1.6 and combine copyright statements 1999-04-05 20:57:25 +00:00
Todd C. Miller
79c46d1c81 ++version 1999-03-29 04:05:15 +00:00
Todd C. Miller
382ef75493 Use emalloc/erealloc/estrdup 1999-03-29 02:59:34 +00:00
Todd C. Miller
f9b80fcad4 add cast for strdup in places it does not have it 1999-02-11 06:41:32 +00:00
Todd C. Miller
52916f16ac add explicate copyright 1999-02-03 04:32:19 +00:00
Todd C. Miller
826fe213f2 add sudo tags 1999-01-17 23:16:20 +00:00