isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
9,277 Commits 1 Branch 0 Tags
6953e7fc798bb33c4e4fb3817e49ad624fadea4c
Commit Graph

9277 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
246ed8777d Fix "make check" when openssl or gcrypt is used. Bug #787 2017-05-11 05:28:19 -06:00
Todd C. Miller
0244f931dd Only display string version of errno if sudo_ev_add() fails for now 2017-05-10 09:22:07 -06:00
Todd C. Miller
75f5f4934f update 2017-05-08 14:03:29 -06:00
Todd C. Miller
e51831fab3 Be clear that #includedir diverts control to the files in the 
specified directory and, when parsing of those files is complete,
returns control to the original file.  Bug #775
 2017-05-08 13:55:02 -06:00
Todd C. Miller
93c029f4f9 sync with translationproject.org 2017-05-07 06:44:33 -06:00
Todd C. Miller
6f3cc3f107 update 2017-05-05 14:48:19 -06:00
Todd C. Miller
e18a5c7d74 Fix a hang introduced in the last commit. Don't close the pty slave 
until after we have the controlling tty.
 2017-05-05 14:45:35 -06:00
Todd C. Miller
44dc15d02d If any of std{in,out,err} are not hooked up to a tty only interpose 
ourselves with a pipe if the plugin will actually log the data.
This avoids a problem with non-interactive commands where no tty
is present where sudo will consume stdin even when log_input is not
enabled in sudoers.
 2017-05-05 14:27:42 -06:00
Todd C. Miller
62730d13da update 2017-05-05 10:51:18 -06:00
Todd C. Miller
01228b735d Update based on information from Michael Felt. 2017-05-05 10:45:33 -06:00
Todd C. Miller
4e67ac56bd In check_input() when switch()ing on the return value of read(), 
use the default label instead of 1 for the success case.  It is
only reading a single byte so the two are equivalent but it reads
better using default.
 2017-05-04 12:25:51 -06:00
Todd C. Miller
1a047b156d Check sudo_ev_add() return value. Coverity CID 168362 2017-05-04 11:10:42 -06:00
Todd C. Miller
1d1ebb6111 Add io_open() wrapper for open(2) that retries with PERM_IOLOG if 
open(2) fails with EACCES.  Use io_open() instead of duplicate
copies of the same fallback code.
 2017-05-04 11:00:22 -06:00
Todd C. Miller
8757691fc7 Don't retry the open() if set_perms() fails. 2017-05-04 10:45:05 -06:00
Todd C. Miller
237eddd95e Fix typo (fd2 vs. fd) caught by coverity, CID 168359. 2017-05-04 10:30:59 -06:00
Todd C. Miller
32ebb4a383 sync with translationproject.org 2017-05-04 09:17:19 -06:00
Todd C. Miller
280d5ac691 Warn people not to use --enable-asan in production. 2017-05-03 12:56:06 -06:00
Todd C. Miller
80f8960fc6 Move the invocation of check_noexec into the main "check" target 
but only run it if not cross compiling and whe CHECK_NOEXEC is not
empty.
 2017-05-03 11:58:40 -06:00
Todd C. Miller
ecbf895097 Move @CHECK_NOEXEC@ to TEST_PROGS so it gets cleaned up properly. 2017-05-03 11:32:56 -06:00
Todd C. Miller
8468f13c69 Move syslog_maxlen to the "Integers" section. Move syslog_goodpri and 
syslog_badpri to the "Strings at can be used in a boolean context" section.
 2017-05-03 10:32:21 -06:00
Todd C. Miller
d9bfaa386e Fix a pasto that resulted in an extra (empty) syslog_goodpri list entry. 2017-05-03 10:24:12 -06:00
Todd C. Miller
c379665556 Add tests for parsing tuples and syslog options. 2017-05-03 09:54:30 -06:00
Todd C. Miller
2d8717bdd2 Allow the syslog Defaults option to be used in a "true" boolean 
context and use the compiled in default log facility in this case.
 2017-05-03 09:53:03 -06:00
Todd C. Miller
631d458b6f Allow a tuple to be set to boolean true. Regression introduced by 
refactor of set_default_entry() in sudo 1.8.18.
 2017-05-03 09:28:36 -06:00
Todd C. Miller
ddf1fa16f8 Replace the list of "dangerous" environment variables and explain 
how sudo handles the environment instead.
 2017-05-01 11:33:51 -06:00
Todd C. Miller
6af6f84670 Fix exponential behavior in glob() with respect to multiple '*'. 
See https://research.swtch.com/glob
Adapted from https://perl5.git.perl.org/perl.git/commit/33252c318625f3c6c89b816ee88481940e3e6f95
 2017-04-28 12:12:00 -06:00
Todd C. Miller
dab8651ed2 We no longer need to write to the tty if the command was killed by 
a signal.  Sudo will terminate itself with the same signal the
command died from.  Unfortunately, we lose the "core dumped" bit
since sudo itself will not dump core, but there doesn't appear to
be a way around that.
 2017-04-28 10:32:15 -06:00
Todd C. Miller
f57629c953 On Linux, if the command we ran dumped core, set PR_SET_DUMPABLE 
to 0.  This will prevent sudo itself from dumping core in this case.
 2017-04-27 12:28:08 -06:00
Todd C. Miller
f0425ca813 Update path to sudo_noexec.so 2017-04-27 12:02:29 -06:00
Todd C. Miller
91aec9730e If the command terminated due to a signal, sudo will send that same 
signal to itself so the parent shell knows the command died from
a signal.  However, we don't want sudo itself to dump core.
 2017-04-27 10:34:30 -06:00
Todd C. Miller
2d13bf3562 sync 2017-04-26 20:33:20 -06:00
Todd C. Miller
9ee50beaa7 The fix for Bug #722 contained a typo/thinko that resulted in the 
exit status being 0 when a command was killed by a signal other
than SIGINT.  This fixes the signal handler setup so sudo will
terminate with the same signal as the command.  Bug #784.
 2017-04-26 20:17:34 -06:00
Todd C. Miller
2180eab1f9 Better check for /etc/rc.d/rc2.d/S90sudo on AIX 2017-04-26 15:49:10 -06:00
Todd C. Miller
54a23d2c5d Don't install the rc.d link when installing to a DESTDIR. 
DESTDIR is generally only set when installing to a temporary
directory for packaging in which case the link should be
made in a post-install script.
 2017-04-26 14:49:05 -06:00
Todd C. Miller
9bccceaea1 In "make install", install sample sudoers file as /etc/sudoers.dist 
and copy it to /etc/sudoers if there is no existing /etc/sudoers.
Packages either contain /etc/sudoers (RPM and Debian) or /etc/sudoers.dist
(everything else).
 2017-04-26 13:52:49 -06:00
Todd C. Miller
495931f4a8 Allow "make dist" and "make depend" to work for out of tree builds. 2017-04-26 10:43:42 -06:00
Todd C. Miller
f7df250625 Add missing $(srcdir) prefix to shlib_exp definition. 2017-04-24 10:05:38 -06:00
Todd C. Miller
11c82e2f1b Fix typo in killpg macro. 2017-04-21 09:25:17 -06:00
Todd C. Miller
18c8ce10ea Fix the killpg macro for systems without killpg() in libc. 2017-04-21 07:28:45 -06:00
Todd C. Miller
9f1afe23fe Use the standard idiom for popping all entries from a tail queue. 
The llvm checker gets confused by TAILQ_REMOVE and generate
use-after-free false positives.
 2017-04-20 16:13:14 -06:00
Todd C. Miller
c60259bd63 rewrite errpipe callbacks 2017-04-20 16:12:53 -06:00
Todd C. Miller
c2176c32a7 use pipe2() with O_CLOEXEC instead of pipe() + fcntl() and FD_CLOEXEC 2017-04-20 15:10:57 -06:00
Todd C. Miller
6e75179528 init io_pipe[][] to -1, not 0 2017-04-20 15:09:07 -06:00
Todd C. Miller
f3daaba1c4 In sudo_sss_check_user() it is not possible for handle to be NULL. 2017-04-19 14:30:30 -06:00
Todd C. Miller
583fac17ea Fix a use after free when the fqdn sudoOption is set and no hostname 
value is present in sssd.conf.
 2017-04-19 14:15:18 -06:00
Todd C. Miller
a245fedc22 Avoid unused variable when getgrouplist_2() is available. 
It would be nicer to just provide getgrouplist_2() (or the equivalent)
and avoid the ugly #ifdefs.
 2017-04-19 09:39:55 -06:00
Todd C. Miller
871b912f46 sync with translationproject.org 2017-04-19 09:07:55 -06:00
Todd C. Miller
7c63dbf65e regen 2017-04-13 13:45:00 -06:00
Todd C. Miller
d989f8af30 In sudo_ttyname_scan() if dir is the empty string, set errno to 
ENOENT before returning.
 2017-04-12 17:06:48 -06:00
Todd C. Miller
0b81e0b195 Try to make it clear that when match_group_by_gid is enabled, groups 
in sudoers are looked up by group name instead of group ID.  This
doesn't usually cause problems, but if there are conflicting group
entries (for example, from a local /etc/group file and an LDAP or
AD group database), whether the group is resolved by name or ID can
be used to work around conflicts.
 2017-04-11 16:56:04 -06:00