isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
12,802 Commits 1 Branch 0 Tags
5bbfaa8e68b5ee6f27d4fbfa3c4e789341724f9c
Commit Graph

12802 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Yann E. MORIN
5bbfaa8e68 src/exec_ptrace: fix build without precess_vm_readv() 
Commit 32f4b98f6b (sudo frontend: silence most -Wconversion warnings.)
broke the build on C libraries that miss process_vm_readv(), like
uClibc-ng.

Indeed, the ssize_t nwritten is declared guarded by HAVE_PROCESS_VM_READV,
but is then re-assigned and used a few lines below, outside any guard.

Fix that by always declaring the object, as it is always needed.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
 2024-02-17 11:28:46 -07:00
Todd C. Miller
f69031da24 Quest no longer sponsors sudo development. 2024-01-31 10:05:50 -07:00
Todd C. Miller
0a39814e4b Correct a misleading debug message. 2024-01-23 10:57:00 -07:00
Todd C. Miller
eb4506f434 Update embedded copy of zlib to version 1.3.1. 2024-01-23 09:16:22 -07:00
Todd C. Miller
3899f2ef90 Update copyright data in the package files. 2024-01-18 07:00:38 -07:00
Rose
725d3fdc20 Prefer putchar over fputc where possible 
putchar is easier to understand than fputc and printf and does less work than those two do.
 2024-01-13 15:24:43 -07:00
Rose
7fc7d69532 Add restrict qualifiers to strlcpy_no_slash 
It's just strlcpy except it replaces '/' with '_'.
 2024-01-13 15:20:10 -07:00
Todd C. Miller
67e328d6f8 Only log "a password is required" for "sudo -n" if a command is specified. 
This means that it is not logged for "sudo -nv" and "sudo -nl".
We only log this message when sudo's -n flag is specified (and not
when the user presses ^C at the password prompt) so that there is
a record of failed non-interactive commands.
 2024-01-10 13:54:41 -07:00
Todd C. Miller
b39dc7c5f1 Document side-effects of enabling the use_pty option. 2024-01-08 14:28:58 -07:00
Todd C. Miller
ff3dbe60b1 Update "!use_pty" example to only disable it for non-root users. 
Also add a commented out entry for "exec_background" which can also
be used to prevent sudo from consuming tty input.
Related to GitHub issue #338
 2024-01-08 14:16:29 -07:00
Todd C. Miller
00452471b1 Add check for sysconf(_SC_PAGESIZE) failure. 2024-01-01 11:03:01 -07:00
Todd C. Miller
f52fa574c7 sudo_edit_mktemp: remove useless cast 2024-01-01 11:05:23 -07:00
Todd C. Miller
22b01501eb Welcome to 2024 2023-12-31 07:58:23 -07:00
Todd C. Miller
c15e0aeea8 Bump zlib copyright date for version 1.3 2023-12-31 07:58:04 -07:00
Todd C. Miller
69a024304f Restore the ability to override default configure settings. 
The user-specified options must go last...
 2023-12-30 11:21:08 -07:00
Todd C. Miller
00b2bd3589 Sudo 1.9.15p5 2023-12-29 14:43:39 -07:00
Todd C. Miller
b5a3513fb9 Handle Debian GNU Hurd 2023-12-28 18:45:30 -07:00
Todd C. Miller
e4057faca2 Properly handle sysconf(_SC_LOGIN_NAME_MAX) returning -1 on failure. 
The cast to size_t needs to be outside the MAX() macro or the -1
will get cast to unsigned.
 2023-12-28 09:00:49 -07:00
Todd C. Miller
ad4dc22d5a Automatically migrate lecture file path from name-based to uid-based. 
GitHub issue #342.
 2023-12-22 09:39:24 -07:00
Todd C. Miller
63f2c54b86 Add missing checks for strdup() failure. 2023-12-21 16:55:08 -07:00
Todd C. Miller
5fbf7a3625 Disable netgroup_query when netgroup_base is not set. 
The logic was inverted when support for netgroup_query was added.
This supercedes PR #341.
 2023-12-19 20:16:35 -07:00
Todd C. Miller
6d4ffe6743 In the NOEXEC example make it clear that "shanty" is a host. 
Bug #1064
 2023-12-19 09:55:09 -07:00
Todd C. Miller
10fd66ac99 closefrom_nodebug: skip fds < 0 
This can only happen if lowfd < 0, which is never the case.
Quiets a static analyzer warning.
 2023-12-18 13:32:53 -07:00
Todd C. Miller
7019148160 Fix printing of warning when a Defaults setting is missing a value. 
This is a bug in parse_default_entry() introduced in sudo 1.8.19
when support for using the default syslog facility was added at the
wrong place in a switch().
 2023-12-16 08:08:44 -07:00
Todd C. Miller
f67a7e623e Sprinkle some more const in defaults.c. 2023-12-15 15:05:02 -07:00
Todd C. Miller
2df637b262 Fix evaluation of a tuple used in "true" boolean context. 
Previously, a tuple in boolean context was always treated as a
negated entry, which doesn't match the documentation.  We assume
that there are at least two tuple entries where the first maps to
boolean false and the second maps to boolean true.
 2023-12-15 14:57:59 -07:00
Todd C. Miller
680352b917 Sudo 1.9.15p4 2023-12-15 10:57:24 -07:00
Todd C. Miller
fbc4c50d4d sudoers_lookup_pseudo: init match to UNSPEC for sudo_nss_can_continue(). 
Otherwise, processing will stop after the first sudoers nsswitch
service specification where [SUCCESS=return] is present.
 2023-12-15 10:45:22 -07:00
Todd C. Miller
c9198ef4df Sudo 1.9.15p3 2023-12-13 12:15:12 -07:00
Todd C. Miller
de242c5738 Pass back Solaris privs as "runas_privs" and "runas_limitprivs". 
The "runas_" prefix got inadvertantly removed in the big sudoers_context
refactor.
 2023-12-11 13:31:56 -07:00
Todd C. Miller
1e03cbd0b4 sudo_term_is_raw: only try to lock the fd if it is a tty 
This moves sudo_isatty() to libsudo_util so sudo_term_is_raw() can
use it.  Fixes GitHub issue #335
 2023-12-09 12:54:56 -07:00
Todd C. Miller
d17e28ad61 setup_terminal: fix an editing error introduced in 1.9.15. 2023-12-07 07:27:06 -07:00
Todd C. Miller
0c2de39da3 command_matches_regex: retry with canonicalized path if possible 
If ctx->user.cmnd doesn't match, use ctx->user.cmnd_dir (if present)
to construct a canonicalized path and match on that.
 2023-12-06 10:27:57 -07:00
Todd C. Miller
44f0908e73 command_matches_fnmatch: retry with canonicalized path if possible 
If ctx->user.cmnd doesn't match, use ctx->user.cmnd_dir (if present)
to construct a canonicalized path and match on that.
 2023-12-04 18:35:08 -07:00
Todd C. Miller
24f443981f If sysconf(_SC_HOST_NAME_MAX) returns 0, just use 255. 
This should not actually be possible.
 2023-12-04 09:24:30 -07:00
Todd C. Miller
8faf432499 Fall back to "localhost" if gethostname() fails. 
GitHub issue #332
 2023-12-04 09:21:56 -07:00
Todd C. Miller
8dd2967766 command_matches_glob: fix comparison of canonicalized parent directories 
Bug #1062
 2023-12-04 09:08:52 -07:00
Todd C. Miller
9c3eb2feca Add missing print_member_list_csv() return value check. 2023-12-01 15:14:59 -07:00
Todd C. Miller
79ed29c4a3 Check sudoers_debug_register() return value. 2023-12-01 15:00:08 -07:00
Todd C. Miller
c3ac12297a Regenerate with the autoconf 2.72d snapshot. 2023-11-30 16:24:05 -07:00
Todd C. Miller
77700a4b7a Add cmddenial_message to def_data.in 2023-11-28 15:19:24 -07:00
THE-Spellchecker
5eba4b48cf Typographical and Grammatical fixes 2023-11-28 15:00:04 -07:00
Todd C. Miller
b4ae559c81 Reword the description of cmddenial_message. 2023-11-28 14:49:13 -07:00
Todd C. Miller
6b6e0aed0a Regenerate from sudoreplay.mdoc.in 2023-11-28 14:48:51 -07:00
Guillaume Destuynder
a4cbfecdae Add support for a custom message when the command execution is denied. 2023-11-28 14:19:26 -07:00
Todd C. Miller
55db829087 No need to include sys/param.h here. 2023-11-26 09:28:40 -07:00
Todd C. Miller
522f1b634f tsdump: quiet compiler warnings on some platforms. 
Quiet a -Wshadow warning from gcc.
Cast major() and minor() to unsigned int when printing.
 2023-11-26 09:27:46 -07:00
Todd C. Miller
288593875d tsdump: display both the terminal path and device number. 
If no terminal device can be found, print "major, minor" device
numbers instead.
 2023-11-26 09:07:25 -07:00
Todd C. Miller
7d7dfbfd44 Sync time stamp defines with sudoers timestamp.h 
The types and flags are now explicitly unsigned.
 2023-11-26 08:59:05 -07:00
Todd C. Miller
0c958e1852 Mention the tsdump utility 2023-11-26 08:55:41 -07:00