isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
6,583 Commits 1 Branch 0 Tags
652d0de98a12dd24e736385e08b0de3d76cc0616
Commit Graph

106 Commits

Author SHA1 Message Date
Todd C. Miller
1d7072fe09 Don't include <sys/param.h>. We only needed it for MAXPATHLEN, 
MAXHOSTNAMELEN and the MIN/MAX macros.  We now use PATH_MAX and
HOST_NAME_MAX throughout without falling back on MAXPATHLEN or
MAXHOSTNAMELEN and define our own MIN/MAX macros as needed.
 2012-12-04 10:40:47 -05:00
Todd C. Miller
b7ae7977a6 Cannot wrap sigsetjmp() or we end up returning to the wrong place. 
Use a macro instead.
 2012-11-29 06:37:13 -05:00
Todd C. Miller
14e5f35d4d Include missing.h for __printflike. 2012-11-25 11:51:43 -05:00
Todd C. Miller
2632ec7e69 Move warn/error into common and make static builds work. 2012-11-25 09:34:40 -05:00
Todd C. Miller
c2c6616a0c Move _sudo_printf from src/conversation.c to common/sudo_printf.c. 
Add sudo_printf function pointer that is initialized to _sudo_printf()
instead of requiring a sudo_conv function pointer everywhere.  The
plugin will reset sudo_printf to point to the version passed in via
the plugin open function.  Now plugin_error.c can just call sudo_printf
in all cases.  The sudoers binaries no longer need their own version
of sudo_printf.
 2012-11-25 09:34:33 -05:00
Todd C. Miller
4bde57b8b2 Rename warning2()/error2() -> warning_nodebug()/error_nodebug(). 2012-11-25 09:34:10 -05:00
Todd C. Miller
7b3d268687 Call gettext() on parameters for warning()/warningx() instead of 
having warning() do it for us.
 2012-11-25 09:34:04 -05:00
Todd C. Miller
6849fff4d7 See DEFAULT_TEXT_DOMAIN 2012-11-25 08:10:12 -05:00
Todd C. Miller
0178d5ae01 Set group on sudo_debug when creating it to gid 0 so systems without 
BSD group semantics don't get the invoking user's group.
 2012-11-12 17:12:34 -05:00
Todd C. Miller
acf8af9aac #unifdef HAVE_SETLOCALE, it is C89 so no need to check for it. 2012-11-12 08:51:58 -05:00
Todd C. Miller
4bd4a91714 Parse sudo.conf in the "C" locale. 2012-11-12 05:42:48 -05:00
Todd C. Miller
595d3b2651 Display warning/error messages in the user's locale. 2012-11-08 15:37:44 -05:00
Todd C. Miller
f8660f9988 Add variants of warn/error and sudo_debug_printf that take a va_list 
instead of a variable number of args.
 2012-11-08 15:37:42 -05:00
Todd C. Miller
1cf3def4be If vasprintf() fails, just use the errno it sets instead of assuming 
ENOMEM.
 2012-10-02 14:45:18 -04:00
Todd C. Miller
1d90c0ad71 No need to translate "unable to allocate memory" when we can just 
use the system translation via strerror().
 2012-09-17 16:59:26 -04:00
Todd C. Miller
e5257d48d7 Print a trailing newline in lbuf_print() when there is not enough 
space to do word wrapping and the lbuf does not end with a newline.
 2012-09-04 10:42:09 -04:00
Todd C. Miller
241b2395cf Reduce the number of "internal error, foo overflow" messages that 
need to be translated.
 2012-08-10 12:18:38 -04:00
Todd C. Miller
d89b1a6be2 Support for using SSSD (http://fedorahosted.org/sssd/) as a sudoers 
data source.  From Daniel Kopecek and Pavel Brezina.
 2012-08-10 11:59:26 -04:00
Todd C. Miller
a7424cc002 If sudo.conf contains an I/O plugin but no policy plugin, use sudoers 
for the policy plugin.  If a policy plugin is specified without an
I/O plugin, only the policy plugin will be loaded.
 2012-08-09 14:11:41 -04:00
Todd C. Miller
9c9cf9da41 Do not set a resource limit to zero when we are unable to fetch a 
value from /etc/security/limits.
 2012-07-06 10:10:03 -04:00
Todd C. Miller
f8f0021710 Add configure check for building PIE executables instead of doing 
it in mkpkg.
 2012-07-02 10:12:41 -04:00
Todd C. Miller
9497df293a Don't run regress tests or sudoers sanity check (using the newly-built 
visudo) when cross compiling.  Bug #560
 2012-06-20 13:38:17 -04:00
Todd C. Miller
d29aede203 No longer throw an error if sudoers is a symbolic link. Deprecated 
the --with-stow option as that is now (effectively) the default.
 2012-05-21 13:30:59 -04:00
Todd C. Miller
38ea65203a Move ttysize.c to common so sudoreplay can use it. 2012-04-06 16:41:08 -04:00
Todd C. Miller
c8ce3a0a85 Log the process id in the debug file output. Since we don't want 
to keep calling getpid(), stash the value at init time and when we
fork().
 2012-04-06 15:20:16 -04:00
Todd C. Miller
abdff25703 Always pass __func__, __FILE__ and __LINE__ in sudo_debug_printf() 
and use a new flag, SUDO_DEBUG_FILENO to specify when to use it.
This allows consumers of sudo_debug_printf() to log that data without
having to specify it manually.
 2012-04-05 13:04:00 -04:00
Todd C. Miller
2c84bd4d08 Log warning() at SUDO_DEBUG_WARN not SUDO_DEBUG_ERROR. 
Log the function, file and line number in the debug log for warning()
and error().
 2012-04-05 12:37:15 -04:00
Todd C. Miller
2fe41248ac Add SUDO_DEBUG_ERRNO flag to debug functions so we can log errno. 
Use this flag when wrapping error() and warning() so the debug
output includes the error string.
 2012-04-04 16:59:31 -04:00
Todd C. Miller
aecb5206e2 Fix compiler warnings on some platforms and provide a better method 
of defeating gcc's warn_unused_result attribute.
 2012-03-29 10:33:40 -04:00
Todd C. Miller
78429a90d5 Quiet a warning on systems where the gids array in setgroups() is 
not prototyped as being const, even though it really is.
 2012-03-28 11:14:22 -04:00
Todd C. Miller
8b3d118f62 Fix matching of "Path askpass" and "Path noexec" 2012-03-27 12:24:39 -04:00
Todd C. Miller
55d1a1a79d Use ecalloc() when allocating structs. 2012-03-19 11:24:24 -04:00
Todd C. Miller
dbbb48c45f Add ecalloc() and commented out recalloc(). 
Use inline strnlen() instead of strlen() in estrndup().
 2012-03-19 11:23:25 -04:00
Todd C. Miller
96f046c1ce Rename plugin "args" to "options" 2012-03-15 12:32:31 -04:00
Todd C. Miller
83459e13b5 Set args to NULL in default plugin info struct when there is no 
Plugin line in sudo.conf.
 2012-03-14 15:07:50 -04:00
Todd C. Miller
37770ecf1e Initial cut at a hooks implementation. The plugin can register 
hooks for getenv, putenv, setenv and unsetenv.  This makes it
possible for the plugin to trap changes to the environment made by
authentication methods such as PAM or BSD auth so that such changes
are reflected in the environment passed back to sudo for execve().
 2012-03-07 16:35:42 -05:00
Todd C. Miller
a16dee915b Add support for plugin args at the end of a Plugin line in sudo.conf. 
Bump the minor number accordingly and update the documentation.  A
plugin must check the sudo front end's version before using the
plugin_args parameter since it is only supported for API version
1.2 and higher.
 2012-03-02 11:04:09 -05:00
Todd C. Miller
8d05f0d1b0 Add type param to sudo_secure_path() and add sudo_secure_file() 
and sudo_secure_dir() wrappers which get by #includedir in sudoers.
 2012-02-29 15:50:48 -05:00
Todd C. Miller
28db1fbbed We need sysconfdir in compat/Makfile to get the proper sudo.conf 
path.  Add standard prefix and foodir expansion in all Makefiles
to avoid this problem in the future.
 2012-02-27 13:28:15 -05:00
Todd C. Miller
415454ff59 Relax the user/group/mode checks on sudoers files. As long as the 
file is owned by the right user, not world-writable and not writable
by a group other than the one specified at configure time (gid 0
by default), the file is considered OK.  Note that visudo will still
set the mode to the value specified at configure time.
 2012-02-22 13:04:03 -05:00
Todd C. Miller
d35f50bd65 Move _PATH_SUDO_CONF override to common to match sudo_debug.c 2012-02-06 15:57:26 -05:00
Todd C. Miller
e16ae617e4 g/c now-unused debug subsystems 2012-02-05 10:17:26 -05:00
Todd C. Miller
c970d464cb Normally, sudo disables core dumps while it is running. This 
behavior can now be modified at run time with a line in sudo.conf
like "Set disable_coredumps false"
 2012-02-03 14:57:03 -05:00
Todd C. Miller
c91f5ee680 Make sure we don't try to fall back to using the conversation 
function for debugging in the main sudo process if we are unable
to open the debug file.
 2012-02-03 12:30:07 -05:00
Todd C. Miller
ee0fb36d8b regen dependencies 2012-01-13 06:02:17 -05:00
Todd C. Miller
fa15fc7651 The result of writev() is never checked so just cast to NULL. 2012-01-11 13:09:09 -05:00
Todd C. Miller
13561805d9 Add debug support. 2012-01-06 20:10:41 -05:00
Todd C. Miller
fa1f781a0e Separate sudo.conf parsing from plugin loading and move the parse 
functions into the common lib so that visudo, etc. can use them.
 2011-12-20 08:55:13 -05:00
Todd C. Miller
1c3965f534 Separate sudo.conf parsing from plugin loading and move the parse 
functions into the common lib so that visudo, etc. can use them.
 2011-12-20 08:50:07 -05:00
Todd C. Miller
9f0abb4692 Add support for setenv entries in login.conf. We can't use LOGIN_SETENV 
since the plugin sets up the envp the command is executed with.
Also regen the Makefile.in files while here.  Fixes bug #527
 2011-12-05 10:43:44 -05:00