isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
8,618 Commits 1 Branch 0 Tags
6aa43ff1e40f47263b571e4cb38b79bfaba36eb6
Commit Graph

8618 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
6aa43ff1e4 HAVE_DECL_GETGROUPLIST_2 is always defined if HAVE_GETGROUPLIST_2 is, 
we need to check its value, not whether it is defined.
 2016-12-18 06:50:51 -07:00
Todd C. Miller
cc03054800 sync with translationproject.org 2016-12-15 14:26:11 -07:00
Todd C. Miller
2eeb191b94 sync with translationproject.org 2016-12-13 10:39:48 -07:00
Todd C. Miller
ae76e1a229 Use getgrouplist_2() on macOS if available. 2016-12-13 10:39:32 -07:00
Todd C. Miller
56cc9aa02d regen 2016-12-03 19:25:17 -07:00
Todd C. Miller
c62b7dc2ee In set_interfaces() treat a parse error as fatal. 2016-12-03 16:39:43 -07:00
Todd C. Miller
e8f612ead4 Fix a clang warning on macOS 2016-12-02 09:34:08 -07:00
Todd C. Miller
2884816c8e sync with translationproject.org 2016-12-01 11:42:50 -07:00
Todd C. Miller
4fc0c36ef8 update for 1.8.19b2 2016-12-01 11:42:32 -07:00
Todd C. Miller
852ffa5938 Ignore a boot time that is in the future, which can happen when the 
clock is corrected down after boot.  Otherwise, the timestamp file
will be unlinked each time sudo is run and a password is always
required.
 2016-12-01 10:52:05 -07:00
Todd C. Miller
00b6be9dfa Allow syslog priority to be negated or set to "none" to disable 
logging successes or failures.
 2016-11-30 16:26:10 -07:00
Todd C. Miller
cb1f044017 Allow stdin and ttyin to be displayed too. The only one that is 
really useful in sudoreplay is stdin when input is from a pipe.
 2016-11-30 13:38:01 -07:00
Todd C. Miller
52d6a5e40d Solaris 10 wordexp() returns 127 on execve() failure like popen() 
does.
 2016-11-30 11:05:42 -07:00
Todd C. Miller
334350af45 id_t is 64-bits on FreeBSD so use strtoll() there. 
Fixes the strtoid regress.
 2016-11-30 07:32:59 -07:00
Todd C. Miller
70d3e0e987 fix typo 2016-11-29 19:46:59 -07:00
Todd C. Miller
aaf6fff736 Fix the "all" setting for verifypw and listpw; nopass would never 
be true even if all the user's entries had the NOPASSWD tag.
Regression introduce in sudo 1.8.17.  Bug #762
 2016-11-29 19:46:25 -07:00
Todd C. Miller
7bcd0285e1 sync with translationproject.org 2016-11-28 10:47:09 -07:00
Todd C. Miller
1aea3f6e3e Just use malloc_options "S" on OpenBSD instead of "AFGJPR". 2016-11-25 09:04:00 -07:00
Todd C. Miller
4d06a612f7 Update year in license 2016-11-22 11:30:00 -07:00
Todd C. Miller
0382a2d47f regen 2016-11-21 17:47:07 -07:00
Todd C. Miller
94b844ebb5 regen 2016-11-21 17:45:46 -07:00
Todd C. Miller
6c5936296f Add SUDO_DEBUG_INSTANCE_ERROR return value for sudo_debug_register() 
and check for it in places where we check the return value of
sudo_debug_register().
 2016-11-21 06:37:23 -10:00
Todd C. Miller
de0c5c48aa update for 1.8.19 2016-11-20 12:29:01 -07:00
Todd C. Miller
695784e6ee Add support for getpwnam_shadow() on OpenBSD 2016-11-17 17:55:44 -07:00
Todd C. Miller
f70f595b5b Add umask to user_info passed in from the front end to the plugin. 2016-11-17 16:00:06 -07:00
Todd C. Miller
0cde3f5de4 Fix sign compare warning. 2016-11-17 10:27:26 -07:00
Todd C. Miller
cb7e82acca Use AX_APPEND_FLAG instead of SUDO_APPEND_CPPFLAGS and direct 
modification of LDFLAGS.
 2016-11-17 10:16:51 -07:00
Todd C. Miller
a77ecca7d3 Remove aixcrypt.exp, it was a remnant of the 90's crypto wars where 
crypt() was not exported.
 2016-11-17 08:11:59 -07:00
Todd C. Miller
80217f0bbc Remove obsolete solaris issue with snprintf 2016-11-17 08:11:01 -07:00
Todd C. Miller
c3373f03be SunOS 4.x is no longer supported 2016-11-17 08:09:06 -07:00
Todd C. Miller
e797fc643f Plug memory leak when a particular Path is set more than once. 2016-11-16 13:57:50 -07:00
Todd C. Miller
d6c30ba273 Add sudo_ldap_is_negated() and sudo_ldap_is_negated() functions 
and use them to parse negated entries instead of doing it manually.
 2016-11-16 13:46:38 -07:00
Todd C. Miller
da73733724 Fix printing of sudoedit_follow in "sudo -l" 2016-11-16 11:03:50 -07:00
Todd C. Miller
c7d6521b49 For "sudo -l" print sudoOption sudoedit_follow as FOLLOW. 2016-11-16 11:03:12 -07:00
Todd C. Miller
6dff4ac7fd Always define _PATH_SUDO_NOEXEC, _PATH_SUDO_SESH, _PATH_SUDO_PLUGIN_DIR, 
even if only defined to NULL.  This means the accessors can always be
present.

Use RTLD_PRELOAD_VAR instead of _PATH_SUDO_NOEXEC to tell when
noexec is available.

Add ENABLE_SUDO_PLUGIN_API and use it instead of _PATH_SUDO_PLUGIN_DIR
to tell when the plugin API is available.

Add sudo_conf_clear_paths() to clear the path values so the
regress tests are not affected by compile-time settings.
 2016-11-16 10:13:26 -07:00
Todd C. Miller
8820ff3efb Use readline() in sudo_ldap_read_secret() 2016-11-16 09:22:18 -07:00
Todd C. Miller
8cb9f298bd Get rid of struct sudo_conf_paths and just use #defined index values 
to access the path values.
Make all accessors available even when the feature is not enabled.
 2016-11-15 15:41:41 -07:00
Todd C. Miller
bdbb3e9855 Add ASAN_CFLAGS and ASAN_LDFLAGS and use -Wc prefix in ASAN_LDFLAGS 
to prevent libtool from strippign them out.
Avoid using ASAN flags when building sudo_noexec.so.
 2016-11-15 10:15:36 -07:00
Todd C. Miller
589e129c87 Disable noexec for HP-UX 10.x which probably doesn't support LD_PRELOAD 2016-11-14 16:42:16 -07:00
Todd C. Miller
08a4a28592 Remove SunOS 4 support, it is not modern enough to run sudo. 2016-11-14 14:40:50 -07:00
Todd C. Miller
b56bce3127 Remove HP-UX 9 support, it is not modern enough for sudo. 2016-11-14 14:38:01 -07:00
Todd C. Miller
9d11b725c5 Remove Ultrix support, modern sudo can't run on Ultrix anyway. 2016-11-14 14:33:43 -07:00
Todd C. Miller
66af45eb24 Add regress for noexec functionality 2016-11-14 14:21:08 -07:00
Todd C. Miller
068f96a213 Unbreak sudo_noexec on macOS where shared libraries and dynamic 
modules are different.  We still want to install sudo_noexec.so
without the "lib" prefix so some hackery is required.
 2016-11-14 11:04:29 -07:00
Todd C. Miller
60bf139451 Don't enable noexec for AIX 5.0-5.2, we need 5.3 and above. 2016-11-14 11:00:43 -07:00
Todd C. Miller
07cc9d8153 Need to link sudo_noexec.so with -ldl for dlsym() on some platforms. 
Otherwise, the wordexp(3) wrapper will fail due to an undefined
symbol.  Bug #761
 2016-11-13 16:00:31 -07:00
Todd C. Miller
deb6259765 In strict mode, go to the file/line with an undefined aliases 
or aliases cycle directly.
 2016-11-13 06:41:09 -07:00
Todd C. Miller
7524c231cc Store the file/lineno for alias and userspec entries so we can 
provide that info if there is an error.
 2016-11-12 19:22:32 -07:00
Todd C. Miller
90995c0acf Add simple reference-counted string allocator and use it for passing 
around references to the sudoers path.  This lets us avoid making
copies of the sudoers path for the errorfile as well as each Defaults
entry.
 2016-11-11 16:18:27 -07:00
Todd C. Miller
b5e3a7aef2 Cast len from size_t to uint64_t before bit shifting since we are 
adding to count which is also uint64_t.  Quiets a PVS-Studio warning.
 2016-11-11 10:59:42 -07:00