isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
6,862 Commits 1 Branch 0 Tags
61c0a24c85c486b53347d16056fbe5598e30b55c
Commit Graph

6862 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
eb2259bc12 Move exec_cmnd to exec.c to fix a compilation issue with sesh.c 2013-03-14 19:59:07 -04:00
Todd C. Miller
7f32d1ca4c Make sesh path configurable in sudo.conf 2013-03-14 16:49:42 -04:00
Todd C. Miller
4493554290 Use -fno-pie and -nopie if supported when --disable-pie is specified. 2013-03-14 16:06:13 -04:00
Todd C. Miller
2e84f169cc Document direct execution of the command if the policy plugin has 
no close function.
 2013-03-13 11:32:31 -04:00
Todd C. Miller
1791721ef2 Only delete creds if we actually established them. 
Print an error if pam_setcred() fails and we actually authenticated.
 2013-03-07 16:17:44 -05:00
Todd C. Miller
496dc384ab regen 2013-03-07 15:46:11 -05:00
Todd C. Miller
d26c0d87f6 Convert efree() to a macro that just casts to void * and does free(). 
If the system free() can't handle free(NULL) this may crash but C89
was a long time ago.
 2013-03-07 15:41:34 -05:00
Todd C. Miller
d07d453ab5 Define _REENTRANT for HP-UX when we add -lpthread to SUDO_LIBS. 
Fixes a problem with errno sometimes not being set on error on HP-UX.
 2013-03-07 11:54:17 -05:00
Todd C. Miller
1e0a7d5112 Fix debug logging from the plugin when there is no error number. 
This was broken in the big debugging reorg for 1.8.7.
 2013-03-07 10:06:01 -05:00
Todd C. Miller
9722784e1c Always install plugins with a .so extension regardless of what 
extension the system uses for shared libraries.  That way the
group_plugin sudoers setting can be shared between heterogenous
systems.
 2013-03-06 17:08:10 -05:00
Todd C. Miller
e051df6577 Mac OS X has netgroup functions in netdb.h. 2013-03-06 17:05:23 -05:00
Todd C. Miller
8f76579431 Tags in struct cmndtag can be set to IMPLIED as well. 2013-03-06 17:02:35 -05:00
Todd C. Miller
b0595e6e26 Quiet a compiler warning. 2013-03-06 16:50:35 -05:00
Todd C. Miller
4bfeed2210 Quiet an llvm checker warning. 2013-03-06 16:48:43 -05:00
Todd C. Miller
56d45003e5 Quiet gcc -Wuninitialized false positive 2013-03-06 15:56:26 -05:00
Todd C. Miller
7d3ce01a05 Document group_file and system_group plugins. 2013-03-05 16:38:35 -05:00
Todd C. Miller
d695d7be95 Sudo 1.8.7 2013-03-05 15:06:29 -05:00
Todd C. Miller
8397297de5 Try to clarify that sudoedit in sudoers should not include a 
leading pathname.
 2013-03-05 15:06:00 -05:00
Todd C. Miller
593832152f Make sure groupname_len is at least 32 just to be on the safe side. 
It is better to allocate a little extra and not need it than to
have to reallocate and start over.
 2013-03-05 14:06:51 -05:00
Todd C. Miller
4e5baccb9c Add __malloc_like macro to apply __malloc__ attribute to emalloc, 
ecalloc and estrdup.  It cannot be applied to realloc since that
may return the same pointer.
 2013-03-05 10:18:32 -05:00
Todd C. Miller
c47f5f7abd Fix potential double free in an error path. 2013-03-05 10:16:50 -05:00
Todd C. Miller
19f37400d6 When running the command in a pty, defer the call to exec_setup() 
until just before we exec the command.  This is consistent with the
non-pty path.  As a side effect, the monitor process runs as root
and not the runas user.
 2013-03-05 06:56:57 -05:00
Todd C. Miller
a43318959a Update copyright year. 2013-03-02 14:01:30 -05:00
Todd C. Miller
f524c515e5 Use pst_highestfd from pstat_getproc() on HP-UX. 2013-03-01 13:01:37 -05:00
Todd C. Miller
3e68433839 Clean up generated test files and other minor housekeeping. 2013-02-28 09:49:09 -05:00
Todd C. Miller
fa93dede39 Add back gettimeofday() call inadvertantly removed in e1abb9810a83 2013-02-28 09:25:10 -05:00
Todd C. Miller
e30b0bd121 Use pstat() on HP-UX to determine the tty device. 2013-02-28 09:01:08 -05:00
Todd C. Miller
9a4bd3cce4 Fix PAM compilation: def_pam_session, not just pam_session. 2013-02-28 08:38:06 -05:00
Todd C. Miller
af2d4dbfb2 Don't remove the -S option description when trimming out selinux. 
Bug #592
 2013-02-28 06:03:36 -05:00
Todd C. Miller
1c30fbb713 Update for Sudo 1.8.6p7 2013-02-25 14:45:23 -05:00
Todd C. Miller
30f63386d8 Document when sudo may exec the command directly instead of forking. 2013-02-24 13:25:44 -05:00
Todd C. Miller
d946fdaa7a Document that close and version be NULL for plugin API >= 1.3 and 
that sudo may execute the command directly if there is no close,
or pty or timeout needed.
 2013-02-24 13:20:56 -05:00
Todd C. Miller
0eef336edf Fix debug_decl for sudo_auth_begin_session and sudo_auth_end_session. 2013-02-24 13:04:58 -05:00
Todd C. Miller
59692ad282 Add pam_session sudoers option. 2013-02-24 06:15:37 -05:00
Todd C. Miller
d3ff0f31ee Dummy out close function if there is no end_session for the auth 
method and the front-end can handle a NULL close function.  Avoids
the extra sudo process when we don't actually need it.
 2013-02-24 05:54:57 -05:00
Todd C. Miller
2b8cb98987 Add m4/ to paths m4_include parameters so we don't need to use 
autoconf's -I flag.
 2013-02-23 15:45:34 -05:00
Todd C. Miller
5cb928c512 If the policy plugin does not provide a close function, there is 
no command timeout and no pty is required, skip the event loop and
just exec the command directly.
 2013-02-23 14:19:07 -05:00
Todd C. Miller
5e674a790b Do not crash if the plugin close and version functions are not 
defined.  If there is no policy close function, simply print a
warning that the command was not found.
 2013-02-23 13:53:48 -05:00
Todd C. Miller
2228763ff2 Fix typos in selinux/solaris privs specific code. 2013-02-21 15:59:21 -05:00
Todd C. Miller
af4d3489f9 Pass the default plugin directory to the plugin via the settings list. 
Could be used by a stacking plugin.
 2013-02-21 15:05:51 -05:00
Todd C. Miller
04b25a8bcd Completely ignore time stamp file if it is set to the epoch, 
regardless of what gettimeofday() returns.
 2013-02-21 10:05:16 -05:00
Todd C. Miller
f336580bb1 Add Nikolai Kondrashov 2013-02-21 07:04:34 -05:00
Todd C. Miller
1da8739c38 Use userpw_matches() for username matching so #uid works for 
sudoRunAsUser.
 2013-02-21 07:03:52 -05:00
Todd C. Miller
b929dd3c46 Avoid calling realloc3() with a zero size parameter when all retrieved 
sssd rules fail.  Otherwise we'll get a run-time error due to
malloc(0) checking.
 2013-02-21 07:01:53 -05:00
Todd C. Miller
c80603eace Do not send error mail if a user is not found in SSSD. Local users 
can run sudo too.  From Nikolai Kondrashov
 2013-02-21 06:54:30 -05:00
Todd C. Miller
5d7925b24e Test setting disable_coredump to illegal value. 2013-02-20 15:48:53 -05:00
Todd C. Miller
a17fb1de71 Fix atobool() usage. 2013-02-20 15:48:12 -05:00
Todd C. Miller
299298ae42 Remove unused variable. 2013-02-20 15:47:27 -05:00
Todd C. Miller
29becec0e7 Make "sudo -l non_existent_command" warn that non_existent_command 
doesn't exist, not the "list" pseudo-command.
 2013-02-20 15:35:26 -05:00
Todd C. Miller
fa924d09bc Make sudoers file long list output better match the format used by 
ldap sudoers.  Tags are now converted to options and there is a
single command per line.
 2013-02-20 15:09:21 -05:00