isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,452 Commits 1 Branch 0 Tags
6525e882a4ca2bdbb3670a59e2c1acc0d39f6e23
Commit Graph

2452 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
6525e882a4 The listpw and verifypw sudoers options would not take effect because 
the value of the default was checked *before* sudoers was parsed.
Instead of passing in the value of PWCHECK_* to sudoers_lookup(),
pass in the arg for def_ival() so the check can be deferred until
after sudoers is parsed.
 2000-08-12 20:48:29 +00:00
Todd C. Miller
d76537718b When writing prompt, no need to write the NUL as well; hag@linnaean.org 2000-08-11 19:41:28 +00:00
Todd C. Miller
8f9dfff262 When looking for chown, check in /sbin too 2000-06-09 16:25:26 +00:00
Todd C. Miller
d9a6458794 Remove extraneous call to init_defaults() and set runas_user to NULL 
betweem parses so init_defaults will reset it each time, thus avoiding
a reference to free()d data.
 2000-06-05 02:57:10 +00:00
Todd C. Miller
d7050d5615 Add support for using getifaddrs() to get the list of ip addr / netmask 
pairs.  Currently IPv4-only.
 2000-06-04 23:57:22 +00:00
Todd C. Miller
61048797f0 Add a missing check for UserEditor == NULL 
Add missing '+' before line number when invoking editor to fix a syntax error
 2000-06-04 23:51:05 +00:00
Todd C. Miller
7a2dfb77fb Call clean_env very early in main() for paranoia's sake. Idea from 
Marc Esipovich.
 2000-05-12 20:55:35 +00:00
Todd C. Miller
fc15c3dbd1 Update proto for evasprintf and easprintf 2000-05-10 05:11:36 +00:00
Todd C. Miller
b00e117e31 Make easprintf() and evasprintf() return an int. 2000-05-10 05:10:33 +00:00
Todd C. Miller
192b2ae6c3 If the targetpw flag is set, use target username as part of the timestamp path. 
If tty tickets are in effect cat the tty and the target username with a
':' as the separator.
 2000-05-10 04:56:28 +00:00
Todd C. Miller
7dce46e8cc Backout part of last change; setting PAM_USER to the invoking user 
breaks things like targetpw.
 2000-05-09 16:05:41 +00:00
Todd C. Miller
b6becc5775 set tty and username via pam_set_item 2000-05-09 15:52:31 +00:00
Todd C. Miller
165bd7fafb Fix root, runas, and target authentication for non-passwd file auth 
methods.
 2000-05-09 15:42:38 +00:00
Todd C. Miller
30daa83259 Use B<-Z> not C<-Z> for command line flags in all places. This is more 
consistent and works around a bug in Pod::Man.
 2000-04-22 18:15:15 +00:00
Todd C. Miller
2d50daad2b Fix an occurence of 'semicolon' that should be 'colon' 2000-04-22 17:59:26 +00:00
Todd C. Miller
576ea0ed17 Fix --with-badpri help line 2000-04-19 19:30:28 +00:00
Todd C. Miller
455f27816f Bracket calls to syslog with an openlog() and closelog() since some 
authentication methods (like PAM) may do their own logging via
syslog.  Since we don't use syslog much (usually just once per
session) this doesn't really incur a performance penalty.
It also Fixes a SEGV with pam_kafs.
 2000-04-17 18:01:14 +00:00
Todd C. Miller
978e3f8bc0 Fix -H flag. runas_homedir is only valid after set_perms(PERM_RUNAS, mode) 2000-04-15 20:32:59 +00:00
Todd C. Miller
aef6d6ddb7 Clarify the fact that insults are not enabled just by including 
them in the binary.
 2000-04-12 22:56:44 +00:00
Todd C. Miller
dffa5b0145 Regenerated with perl 5.6.0 pod2man 2000-04-07 14:39:23 +00:00
Todd C. Miller
7e00f9c376 Give date string to pod2man since its default is ugly and it ain't got 
no alibi.
 2000-04-07 14:38:07 +00:00
Todd C. Miller
0755c34a8e Do section substitution on the output of pod2man and remove hack needed 
for old pod2man.
 2000-04-07 14:27:31 +00:00
Todd C. Miller
d4be49c5fc Put back real man sections, we will do the substitution later. 2000-04-07 14:26:23 +00:00
Todd C. Miller
fc6fe43af5 Don't bother checking for the path to vi if user specified --with-editor 2000-04-02 15:44:06 +00:00
Todd C. Miller
0c061c0376 Visudo now does its own fork/exec instead of calling system(3). 2000-04-01 22:25:41 +00:00
Todd C. Miller
6dd2d9592e Visudo now checks for the existence of an editor and gives a sensible 
error if it does not exist.

The path to the editor for visudo is now a colon-separated list of
allowable editors.  If the user has $EDITOR set and it matches
one of the allowed editors that editor will be used.  If not,
the first editor in the list that actually exists is used.
 2000-04-01 21:23:28 +00:00
Todd C. Miller
2588aeaa5c Clear up confusion wrt sudo's return value. 2000-04-01 21:22:11 +00:00
Todd C. Miller
aaa68a2b49 Strip sudo and visudo for bindist target 2000-03-27 17:08:46 +00:00
Todd C. Miller
6c94d8d231 Use @mansectsu@ and @mansectform@ in the man page bodies as well. 2000-03-27 03:26:24 +00:00
Todd C. Miller
92132436be Typo: @sysconf@ -> @sysconfdir@ 2000-03-27 03:07:35 +00:00
Todd C. Miller
a9a9e6601a 'make dist' should not cause any files to be modified so remove 
its dependencies.
 2000-03-27 02:57:52 +00:00
Todd C. Miller
b2a1d4ee7f Whoops, forgot to add release marker 2000-03-27 02:43:45 +00:00
Todd C. Miller
b7fdfdab4d Final change for 1.6.3 (or so I hope) 2000-03-26 16:57:31 +00:00
Todd C. Miller
6627448f53 Use SYSV man sections since BSD systems will have nroff... 2000-03-26 16:57:04 +00:00
Todd C. Miller
1eeb9cb963 When checking to see if the host/user matches in a defaults spec, check 
against TRUE, not just non-zero since it might be -1.
 2000-03-24 23:58:59 +00:00
Todd C. Miller
e736ad4a55 OSF/1 puts file formats in section 4, not 5. 2000-03-24 20:14:05 +00:00
Todd C. Miller
f32e054fe5 Make login class support work on BSD/OS 2000-03-24 20:13:12 +00:00
Todd C. Miller
5b84f29486 Update for 1.6.3 2000-03-24 01:24:48 +00:00
Todd C. Miller
1f343c7a0f If there is no inet_addr but there *is* an __inet_addr that's ok since 
inet_addr is probably just a macro then.  The better thing to do would
be to look for the macro, but this is fine for now.
 2000-03-24 01:23:05 +00:00
Todd C. Miller
6814458ab3 Don't use shlicc for BSD/OS 4.x 2000-03-24 00:50:30 +00:00
Todd C. Miller
b0bbcfc187 *.man lives in cwd, *.cat lives in $(srcdir), add a @mansrcdir@ 
configure variable so we can deal with this.
Also, only remove *.man for 'distclean' not 'clean'.
 2000-03-24 00:40:55 +00:00
Todd C. Miller
fed49d49eb set_loginclass() should be static like the proto says 2000-03-24 00:16:41 +00:00
Todd C. Miller
7ffc5a9fae Add #ifdef __STDC__ around the rangematch function header to avoid 
promotion of test to int, thus violating the prototype.  Gcc handles
this gracefully but more std ANSI compilers will complain.
 2000-03-23 19:14:03 +00:00
Todd C. Miller
9a41ebe722 Pull in newer fnmatch(3) that supports FNM_CASEFOLD 2000-03-23 15:11:56 +00:00
Todd C. Miller
4fc832c6c2 Pull in newer fnmatch(3) that supports FNM_CASEFOLD 
Check for FNM_CASEFOLD in configure
 2000-03-23 15:11:50 +00:00
Todd C. Miller
e5bd3d9683 update for 1.6.3 2000-03-23 04:41:29 +00:00
Todd C. Miller
ffca544b6c Fully qualified hosts w/ wildcards were not matching the FQHOST token type. 
There's really no need for a separate token for fully-qualified vs.
unqualified anymore so FQHOST is now history and hostname_matches
now decides which hostname (short or long) to check based on whether
or not the pattern contains a '.'.
 2000-03-23 04:38:22 +00:00
Todd C. Miller
d72d7ec3fd Fully qualified hosts w/ wildcards were not matching the FQHOST token type. 
There's really no need for a separate token for fully-qualified vs.
unqualified anymore so FQHOST is now history and hostname_matches
now decides which hostname (short or long) to check based on whether
or not the pattern contains a '.'.
 2000-03-23 04:38:20 +00:00
Todd C. Miller
9aeabf1b03 Fully qualified hosts w/ wildcards were not matching the FQHOST token type. 
There's really no need for a separate token for fully-qualified vs.
unqualified anymore so FQHOST is now history and hostname_matches
now decides which hostname (short or long) to check based on whether
or not the pattern contains a '.'.
 2000-03-23 04:38:20 +00:00
Todd C. Miller
5ce1fa96f2 Add support for wildcards in the hostname. 2000-03-23 04:09:53 +00:00