isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
10,433 Commits 1 Branch 0 Tags
6286ce1d16e11619efb8d5855b14dd296f355f9c
Commit Graph

10433 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
e7eef9c3a5 Fix reference counting when both sudoers policy and I/O log are loaded. 
If both sudoers policy and I/O log plugins are loaded, debug_files
will be empty when the I/O plugin is initialized.  This changes the
logic to always increase the reference count if the instance is valid.
 2020-01-14 17:50:40 -07:00
Todd C. Miller
9c5c79194d Fix handling of duplicate policy and I/O plugins. 
The warning message said the later I/O plugin was ignored but it
actually overwrote the existing one instead.
The first registered plugin of the same name now is used, as was intended.
Specifying more than one policy plugin is no longer a fatal error;
this allows the admin to fix the situation.
 2020-01-14 13:53:52 -07:00
Todd C. Miller
c592470dbd For sudoedit_checkdir consider a user-owner directory to be writable. 
The non-faccessat() code already did this so this just brings the
faccessat() path into alignment.  Bug #912
 2020-01-11 15:32:48 -07:00
Todd C. Miller
e7480c3410 Add newline before list of artwork authors. 2020-01-10 10:42:39 -07:00
Todd C. Miller
3fddfedb53 Remove MAXSYSLOGTRIES, it is no longer used. 2020-01-09 13:59:51 -07:00
Todd C. Miller
bf68dce053 Update copyright year. 2020-01-10 10:26:12 -07:00
Todd C. Miller
8747a9554e If --enable-openssl or --enable-gcrypt is given a path, append to LDFLAGS. 
Previously we appended the path to SUDOERS_LDFLAGS but now that we
use OpenSSL in the log server, LDFLAGS is the correct one to use.
 2020-01-07 11:33:26 -07:00
Todd C. Miller
b141213a10 Add Robert Manner 2020-01-07 09:46:07 -07:00
Todd C. Miller
586b418ad8 Sanity check size when converting the first record to TS_LOCKEXCL 
Coverity CID 206591
 2020-01-05 09:37:09 -07:00
Todd C. Miller
9e57bea4e3 Fix coverity CID 206586. 
Potential use after free calling gzstrerror() after gzclose().
 2020-01-05 07:48:48 -07:00
Todd C. Miller
3e0dcae6c9 Use canonical pattern when freeing a tail queue. 
Avoids some coverity false positives when using TAILQ_FOREACH_SAFE
to free the tail queue.
 2020-01-05 07:48:46 -07:00
Todd C. Miller
b3c5efd48e Avoid potential NULL deref in tls_timed_connect() error path. 
Coverity CID 206396
 2020-01-03 04:52:58 -07:00
Todd C. Miller
920cdf421a Check for sudo_ev_add() failure; Coverity CID 206395 206397 2020-01-03 04:48:56 -07:00
Todd C. Miller
b527ac3fb5 Update sample sudo.conf with all supported settings. 
The deprecated "max_groups" setting is not documented.
 2020-01-02 14:07:30 -07:00
Todd C. Miller
8aa815643f Remove POD-style C<> markup (typewriter font) from sudo.conf 2020-01-02 13:12:27 -07:00
Todd C. Miller
5bf0752021 Substitute plugin dir into examples/sudo.conf 2020-01-02 12:53:30 -07:00
Robert Manner
972ea1448e plugins/sudoers/sudoers_debug.c: fix harmless debug deregistration warning 
If the debug sudoers subsystem is not registered, because it does not
get any file names to deal with (TAILQ_EMPTY(debug_files)), deregistration
of the subsystem outputs a warning:

  sudo: sudo_debug_deregister_v1: invalid instance ID -1, max -1

This patch prevents that by only increasing the refcount if the
debug_instance was registered successfully.
 2020-01-02 11:53:08 -05:00
Robert Manner
3e9d15a4da plugins/python/Makefile.in: fix the install path of examples 
Examples are installed by default to "docdir", which refers to
PACKAGE_TARNAME variable which was empty for the python plugin Makefile.in

So the examples were installed to '.../share/doc/examples' instead
of '.../share/doc/sudo/examples'. This also made them be skipped from the
package.

Also the install target now depends on install-doc so the examples
gets installed also (similarly as other examples).
 2020-01-02 11:53:08 -05:00
Robert Manner
3f890e4db8 doc/sudo_plugin_python: indent code examples for easier readability 2020-01-02 11:53:08 -05:00
Robert Manner
9871f7e37b doc/sudo.conf: document developer_mode option 2020-01-02 11:53:08 -05:00
Todd C. Miller
a76b7543bf fix typo in previous 2019-12-31 07:48:57 -07:00
Todd C. Miller
4eaea77fa3 In update-pot match *.c not *c. 2019-12-31 06:15:19 -07:00
Todd C. Miller
a8c39ea81b Changes in sudo 1.8.30 2019-12-31 06:02:19 -07:00
Todd C. Miller
f139d2361a Add check for up to date def_data.[ch] in check-dist target. 2019-12-26 18:57:26 -07:00
Todd C. Miller
1e25d03c98 Use 64-bit resource limits on AIX. 2019-12-25 16:39:11 -07:00
Todd C. Miller
dfabda3d49 When restoring old resource limits, try to recover if we receive 
EINVAL.  On NetBSD, setrlimit(2) can return EINVAL if the new soft
limit is lower than the current resource usage.  This can be a
problem when restoring the old stack limit if sudo has raised it.
 2019-12-25 13:48:04 -07:00
Todd C. Miller
dbc905fdf8 Sudo doesn't require such a large stack. 2019-12-25 13:13:20 -07:00
Todd C. Miller
047f37ade3 Restore check for readable /etc/sudoers in pre-install target. 
If there is no installed sudoers there is nothing to check...
 2019-12-25 12:15:03 -07:00
Todd C. Miller
c8532ae7a9 Enable OpenBSD extensions on NetBSD to get reallocarray(3) prototype. 2019-12-25 11:21:49 -07:00
Todd C. Miller
c321b3e609 Add forward declaration of struct timeval for deprecated APIs. 2019-12-25 11:20:34 -07:00
Todd C. Miller
4347ed90d4 Fix compilation on systems with SIGRTMIN/SIGRTMAX but not _SC_RTSIG_MAX. 2019-12-25 11:19:58 -07:00
Todd C. Miller
291221c698 Older systems may not support WCONTINUED. 2019-12-25 11:17:35 -07:00
Todd C. Miller
58d50f44cd Support systems that have nl_langinfo(3) but not the CODESET define. 
Fixes compilation on old NetBSD versions.
 2019-12-25 11:14:18 -07:00
Todd C. Miller
8b571c59a5 Fix a typo; HAVE_KINFO_PROC2_NETBSD not HAVE_KINFO_PROC2_NETBSD2 2019-12-25 11:12:21 -07:00
Todd C. Miller
c6f8f4b545 Move init.d and sudo.pp to the etc dir. 2019-12-23 14:29:27 -07:00
Todd C. Miller
4690d3ecf6 Add cfmakeraw() for systems without it. 2019-12-23 13:15:34 -07:00
Todd C. Miller
1b10ac03ea Remove indent.pro from MANIFEST 2019-12-23 07:42:21 -07:00
Todd C. Miller
d089bd94e6 Add uncrustify.files to ignore file. 2019-12-23 07:34:52 -07:00
Todd C. Miller
79e52c7764 Substitute @prefix@ in for the example paths. 
We can't use @exampledir@ here since it contains Makefile variables.
 2019-12-23 07:27:54 -07:00
Todd C. Miller
486ee2b71f debug_decl and debug_decl_vars now require a semicolon at the end. 2019-12-22 08:48:16 -07:00
Todd C. Miller
5dcc28180e Add sudo_plugin_python manual page. 
Based on markdown docs from Robert Manner.
 2019-12-21 12:54:55 -07:00
Todd C. Miller
4392b5726e Output the name of the limit when warning about setrlimit or getrlimit. 
From Kimmo Suominen.
 2019-12-18 09:42:14 -07:00
Todd C. Miller
96a03a0891 regen 2019-12-14 13:02:53 -07:00
Todd C. Miller
42732821fd Add python module files to MANIFEST 2019-12-14 13:02:48 -07:00
Robert Manner
4ad362dd8f plugins/python: example plugin demonstrating conversation and debug API 2019-12-14 12:55:42 -07:00
Robert Manner
523bcbedb6 plugins/python: add example python group plugin 2019-12-14 12:55:42 -07:00
Robert Manner
d8432fca34 plugins/python: add example python policy plugin 2019-12-14 12:55:42 -07:00
Robert Manner
ee856cc4ba plugins/python: add example io python plugin 2019-12-14 12:55:42 -07:00
Robert Manner
91e6bf8ccd Makefile.in, configure.ac: add python plugin build 2019-12-14 12:55:42 -07:00
Robert Manner
d888d44594 plugins/python: make group plugin able to debug 
It does not get the debug settings, so it looks them up through
sudo_conf.
 2019-12-14 12:55:42 -07:00