isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
8,225 Commits 1 Branch 0 Tags
6717c32022153bcc0aa9afa87aa96e208a6a86c5
Commit Graph

273 Commits

Author SHA1 Message Date
Todd C. Miller
6717c32022 When determining whether or not "sudo -l" or "sudo -b" should prompt 
for a password, take all sudoers sources into account.  In other
words, if both file and ldap sudoers sources are in use, "sudo -v"
will now require that all entries in both sources be have NOPASSWD
(file) or !authenticate (ldap) in the entries.
 2016-04-19 10:08:51 -06:00
Todd C. Miller
578be4f39c Use SUDOERS_DEBUG_UTIL not SUDO_DEBUG_UTIL in the plugin. 2016-01-22 11:22:58 -07:00
Todd C. Miller
333faa20e2 When parsing def_editor, break out of the loop when we find the 
first valid editor.  Bug #714
 2015-08-21 11:25:02 -06:00
Todd C. Miller
7ef9b5827e Remove extraneous while() from botched do {} while() loop 
conversion to use sudo_strsplit.  Noticed by Radovan Sroka.
 2015-08-18 08:34:10 -06:00
Todd C. Miller
4abc13bfca Move comment to match moved code. 2015-08-04 16:15:11 -06:00
Todd C. Miller
0b241088b3 There's no need to conditionalize the #include <unistd.h>, we require 
a POSIX system.
 2015-07-02 09:08:28 -06:00
Todd C. Miller
d3bc17a611 Return -1, not 0 from sudoers when there is an error (as opposed to 
a policy denial).
 2015-06-25 11:12:36 -06:00
Todd C. Miller
81f94499bf Check restore_perms() return value in all cases, pushing the 
return value back up the call stack.
 2015-06-25 11:12:36 -06:00
Todd C. Miller
4a07b472f0 Only include stddef.h where it is needed. 2015-06-20 05:34:35 -06:00
Todd C. Miller
c36415417f Add function name to "unable to allocate memory" warnings. 2015-06-19 14:51:17 -06:00
Todd C. Miller
dc883f2454 We require ANSI C so stop using the obsolete STDC_HEADERS. 2015-06-19 14:29:27 -06:00
Todd C. Miller
4f9cabd005 Remove obsolete memory.h include. 2015-06-18 21:02:57 -06:00
Todd C. Miller
ac13264b44 Use a common function for resolviong the user's editor in sudoedit 
and visudo.  The find_path() function now returns a dynamically
allocated path instead of using a static string.
 2015-06-18 09:51:36 -06:00
Todd C. Miller
07f9814450 Remove remaining SUDO_MAIN remnants. 2015-06-17 10:20:14 -06:00
Todd C. Miller
d004b02fc6 Use non-exiting allocatings in the sudoers plugin. 2015-06-17 06:49:59 -06:00
Todd C. Miller
25917e435c We need to unlimit RLIMIT_NPROC in sudoers as well as the sudo front 
end since set_perms() and restore_perms change the read uid and may
fail with EAGAIN on Linux kernels prior to 3.1.
 2015-06-12 15:30:06 -06:00
Todd C. Miller
8eff57f070 Bring back VALIDATE_ERROR which will be used in the case of memory 
allocation errors.
 2015-06-04 20:42:42 -06:00
Todd C. Miller
9d1c408b73 Non-exiting allocators for log functions. If log_allowed() fails 
the user may not run the command.  We don't try to return early for
log_failure(), log_auth_failure() or log_denial() as we would not
run the command in that case.
 2015-05-27 10:55:27 -06:00
Todd C. Miller
2bf454b74d Use non-exiting allocators in the redblack tree and fix the fallout. 
Also switch to non-exiting allocators in affected code blocks.
 2015-05-27 09:51:54 -06:00
Todd C. Miller
8d1708434f Add sudo_strsplit(), similar to strtok_r() but non-destructive and 
operates on non-C strings (requires a length parameter).
 2015-05-26 15:46:41 -06:00
Todd C. Miller
05a01d4c5d Avoid using a leading underbar in defines as they are reserved in 
ISO C.
 2015-05-21 11:13:20 -06:00
Todd C. Miller
8bc70a635c Instead of trying to make weak functions work on all platforms, 
just use a registration function for a plugin-specific setlocale
function.  The sudoers version just wraps sudoers_setlocale().
 2015-05-11 14:51:32 -06:00
Todd C. Miller
caf5d45e0f Previously, debug_return_bool was the same as debug_return_int 
except that it logged true/false for 1/0.  However, this appears
to trigger a bug in some compilers.  To avoid this, debug_return_bool
now uses bool, not int.  Callers that were passing it an int have
been converted to use debug_return_int instead.
 2015-05-07 10:33:23 -06:00
Todd C. Miller
e98778b2a2 When creating a passwd struct from a uid that is not in the passwd 
database, set pw_gid to the user's gid instead of whatever the user
specified via the -g flag (or 0 if no -g).
 2015-04-16 13:19:04 -06:00
Todd C. Miller
be4872f691 For sudoedit, run the editor with the user's original environment 
as per the documentation (and as in sudo 1.7.x).  Bug #688
 2015-03-16 20:19:24 -06:00
Todd C. Miller
59ab26dbcc Go back to a 2 args debug_decl and just use the "default" instance, 
now renamed "active".
 2015-02-01 08:24:49 -07:00
Todd C. Miller
57553fffdd Rename VALIDATE_OK -> VALIDATE_SUCCESS 
Rename VALIDATE_NOT_OK -> VALIDATE_FAILURE
 2015-01-21 11:03:48 -07:00
Todd C. Miller
832a4dee6b In set_fqdn() we neeed to set user_runhost/user_srunhost at the 
same time we set user_host/user_shost since that is what
hostlist_matches() uses.  Bug #678
 2014-11-12 20:33:41 -07:00
Todd C. Miller
e9914a91b1 The sudoers plugin now defines its own list of debugging subsystem names 
and defines.
 2014-10-22 13:30:52 -06:00
Todd C. Miller
866cfc4fc3 Add support for multiple Debug lines per program. Callers may 
register arbitrary debug facilities or use built-in defaults.  We
now use separate Debug statements for plugins and programs.
 2014-10-22 13:23:05 -06:00
Todd C. Miller
79f4471e41 Move sudo_printf to policy.c to match sudo_conv. 2014-10-06 10:13:42 -06:00
Todd C. Miller
bd99dcc028 Add sudo_warn_set_conversation() to specify a conversation function 
to use for warn/fatal.  If no conversation function is specified,
the standard error will be used.  We now only need sudo_printf()
for things that use the parser.
 2014-10-05 16:41:52 -06:00
Todd C. Miller
ecaecdc1f4 Merge secure_path.h -> sudo_util.h 2014-07-22 11:37:39 -06:00
Todd C. Miller
cedc34561d For sudoedit, audit the actual editor being run, not just the 
sudoedit command.
 2014-07-12 10:35:00 -06:00
Todd C. Miller
36a5767e3e efree -> sudo_efree for consistency 2014-07-10 15:35:04 -06:00
Todd C. Miller
a8fa112a53 atobool -> sudo_strtobool 
atoid-> sudo_strtoid
atomode -> sudo_strtomode
 2014-06-27 14:53:54 -06:00
Todd C. Miller
2d61d38c23 Add sudo_ prefix to alloc.c functions and rename alloc.h -> sudo_alloc.h 2014-06-27 10:48:31 -06:00
Todd C. Miller
aecef4aa1d Rename warning/fatal -> sudo_warn/sudo_fatal to avoid namespace 
pollution in libsudo_util.so.
 2014-06-27 09:30:52 -06:00
Todd C. Miller
2166a6afe1 Remove use of setjmp/longjmp in the sudoers plugin. We no longer 
call fatal() except in the malloc wrappers and due to libsudo_util
there is now a single copy of fatal/fatalx.
 2014-06-26 15:51:15 -06:00
Todd C. Miller
088edcb6f5 Add exported libsudo_util functions to util.exp and mark in headers 
using __dso_public.
 2014-06-26 15:51:15 -06:00
Todd C. Miller
337a712745 Pass argc to audit functions too. Will be needed for Solaris audit 
support.
 2014-05-13 09:41:53 -06:00
Todd C. Miller
b0f1fa7d05 Rename log_warning flags and only send mail if SLOG_SEND_MAIL is 
set instead of mailing by default like we used to.
 2014-05-02 20:54:01 -06:00
Todd C. Miller
954a3e77b1 Add log_warningx 2014-05-02 16:40:30 -06:00
Todd C. Miller
cbee9cc8cb Remove now-unused log_fatal() 2014-04-30 17:00:20 -06:00
Todd C. Miller
5086194c67 Eliminate calls to fatal()/fatalx()/log_fatal() in env.c and just 
pass back a return value.
 2014-04-30 16:57:12 -06:00
Todd C. Miller
62a278183b Format string safety in error path. 2014-04-22 16:03:57 -06:00
Todd C. Miller
134b2a4228 Rename emalloc2() -> emallocarray() and erealloc3() -> ereallocarray(). 2014-04-22 16:02:28 -06:00
Todd C. Miller
a78da37487 Make set_perms() and restore_perms() return an error instead of 
calling exit() on failure.
 2014-04-10 16:11:47 -06:00
Todd C. Miller
40375a6268 Eliminate calls to fatal() in sudoers.c and just pass back a return 
value.
 2014-04-10 16:03:26 -06:00
Todd C. Miller
2a290f812e Return MODE_ERROR from sudoers_policy_deserialize_info() instead 
of calling fatalx().
 2014-04-07 05:34:56 -06:00