isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,990 Commits 1 Branch 0 Tags
6b57ef4f6da3b7798043a6ea26e28fa8f45d1e05
Commit Graph

71 Commits

Author SHA1 Message Date
Todd C. Miller
3389108f10 Don't allow root to change its SELinux role without a password. 
Bug #611
 2013-08-26 07:04:19 -06:00
Todd C. Miller
faf150c4d0 Split up check_user(). 2013-04-04 10:04:22 -04:00
Todd C. Miller
073989aa68 Neded sys/time.h for struct timeval in struct sudo_tty_info. 2013-04-01 14:48:00 -04:00
Todd C. Miller
4d3fc204f7 Pass auth_pw to the timestamp functions. 2013-03-28 13:22:09 -04:00
Todd C. Miller
ec19ea97f2 DEFAULT_LECTURE is no longer used. 2013-03-27 15:01:26 -04:00
Todd C. Miller
8b4c192058 Move contents of timestamp.h into check.h. 2013-03-25 11:28:21 -04:00
Todd C. Miller
1d7072fe09 Don't include <sys/param.h>. We only needed it for MAXPATHLEN, 
MAXHOSTNAMELEN and the MIN/MAX macros.  We now use PATH_MAX and
HOST_NAME_MAX throughout without falling back on MAXPATHLEN or
MAXHOSTNAMELEN and define our own MIN/MAX macros as needed.
 2012-12-04 10:40:47 -05:00
Todd C. Miller
69cb0c3215 Make the sudo lecture translatable. 2012-11-09 15:37:03 -05:00
Todd C. Miller
6a7884d474 Make expand_prompt() args const and free the prompt when we are 
done with it.
 2012-11-08 16:40:37 -05:00
Todd C. Miller
a0c53bd751 Call gettext inside log_error et al instead of having the caller do it. This way we can display any messages to the user in their own locale but log in the sudoers local. 2012-11-08 15:37:44 -05:00
Todd C. Miller
2b23d2b12c Move expand_prompt() into its own source file for easier unit testing. 2012-10-23 14:27:52 -04:00
Todd C. Miller
0a7af23038 Make check.c independent of the underlying timestamp implementation. 2012-10-23 14:16:57 -04:00
Todd C. Miller
0fa33ccf0f Split off timestamp functions into their own source file. 2012-09-27 10:21:13 -04:00
Todd C. Miller
778895adfd Correct the check_user() comment header. 2012-08-22 12:52:07 -04:00
Todd C. Miller
241b2395cf Reduce the number of "internal error, foo overflow" messages that 
need to be translated.
 2012-08-10 12:18:38 -04:00
Todd C. Miller
7d255e42cb Fix some warnings from clang checker-267 2012-08-07 11:01:28 -04:00
Todd C. Miller
57699c5531 If a command matches using an empty Runas_List (i.e. Runas_List is 
present but empty) and the -u option was not specified, set runas_pw
to user_pw instead of using runas_default.  This is intended to be
used in conjunction with the Solaris Privilege Set support for rules
that grant privileges without changing the user.
 2012-08-02 14:37:32 -04:00
Todd C. Miller
8b03f3e7d0 Move log_denial() calls and logic to log_failure(). 
Move authentication failure logging to log_auth_failure().
Both of these call audit_failure() for us.

This subtly changes logging for commands that are denied by sudoers
but where the user failed to enter the correct password.  Previously,
these would be logged as "N incorrect password attempts" but now
are logged as "command not allowed".  Fixes bug #563
 2012-07-10 12:42:33 -04:00
Todd C. Miller
649edc3192 Export group cache from sudoers.so for system_group.so to use. 2012-06-13 16:21:45 -04:00
Todd C. Miller
2b7659f709 Don't prompt for a password if the user is in the exempt group, is 
root, or is running the command as themselves even if the -k option
was specified.  This makes "sudo -k command" consistent with the
behavior one would get if the user ran "sudo -k" immediately before
running the command.
 2012-05-17 10:20:14 -04:00
Todd C. Miller
087059b295 In Solaris 11, /dev/pts under the "dev" filesystem, not "devices". 
Update tty_is_devpts() to match so we can determine when the tty
has been reused.
 2012-04-05 13:21:22 -04:00
Todd C. Miller
44ce5720de Remove the NO_EXIT flag to log_error() and add a log_fatal() function 
that exits and is marked no_return.  Fixes false positives from
static analyzers and is easier for humans to read too.
 2012-03-26 10:59:14 -04:00
Todd C. Miller
21a2f95821 Use stdbool.h instead of rolling our own TRUE/FALSE macros. 2011-12-02 11:27:33 -05:00
Todd C. Miller
f190bcf94b Don't print garbage at the end of the custom lecture. 2011-11-12 13:08:13 -05:00
Todd C. Miller
9b2c889812 We need to init the auth system regardless of whether we need a 
password since we will be closing the PAM session in the monitor
process.  Fixes a crash in the monitor on Solaris; bugzilla #518
 2011-10-25 10:08:26 -04:00
Todd C. Miller
839919566e Add debug_decl/debug_return (almost) everywhere. 
Remove old sudo_debug() and convert users to sudo_debug_printf().
 2011-10-22 14:40:21 -04:00
Todd C. Miller
45ad681cd6 Delref auth_pw at the end of check_user() instead of getting a ref 
twice.
 2011-09-27 16:21:21 -04:00
Todd C. Miller
1e93d1fbb6 Make sudo_auth_{init,cleanup} return TRUE on success and check for 
sudo_auth_init() return value in check_user().
 2011-09-27 15:41:22 -04:00
Todd C. Miller
bceb5df158 Modify the authentication API such that the init and cleanup functions 
are always called, regardless of whether or not we are going to
verify a password.  This is needed for proper PAM session support.
 2011-09-27 13:18:46 -04:00
Todd C. Miller
4f9a93f658 Fix some potential problems found by the clang static analyzer, 
none serious.
 2011-07-28 10:59:37 -04:00
Todd C. Miller
6c28af1556 Use ROOT_UID not 0. 2011-05-18 13:07:35 -04:00
Todd C. Miller
7960bde2db Minor warning/error message cleanup 2011-05-18 13:04:24 -04:00
Todd C. Miller
6f8cd91928 can't -> "unable to" in warning/error messages 2011-05-18 12:36:26 -04:00
Todd C. Miller
b643b190a7 Prepare sudoers module messages for translation. 2011-05-16 16:32:05 -04:00
Todd C. Miller
39b9b97dbc Fix indentation 2011-01-27 10:03:59 -05:00
Todd C. Miller
ae2f7638f5 standardize on "return foo;" rather than "return(foo);" or "return (foo);" 2011-01-24 15:15:18 -05:00
Todd C. Miller
f7f8b6867e Update copyright year to 2011 2011-01-20 16:46:56 -05:00
Todd C. Miller
2d74e9567f If the user is running sudo as himself but as a different group we 
need to prompt for a password.
 2011-01-11 10:35:20 -05:00
Todd C. Miller
4527bdd9b4 Use %u to print uid/gid, not %lu and adjust casts to match. 2010-11-30 15:21:36 -05:00
Todd C. Miller
66ea399856 Having a timestamp file defined is no longer indicative of tty tickets 
being enabled.  Check def_tty_tickets directly.
 2010-10-07 14:12:17 -04:00
Todd C. Miller
256ee25ab5 Move get_auth() into check.c where it is actually used. 2010-08-21 08:48:35 -04:00
Todd C. Miller
151a2cab56 Update comment 2010-08-12 11:55:56 -04:00
Todd C. Miller
9f27401359 Fix mismerge 2010-08-06 13:53:17 -04:00
Todd C. Miller
640f79e13a When removing/resetting the timestamp file ignore the tty ticket contents. 2010-08-06 12:07:21 -04:00
Todd C. Miller
0186018d3d Reference count cached passwd and group structs. The cache holds 
one reference itself and another is added by sudo_getgr{gid,nam}
and sudo_getpw{uid,nam}.  The final ref on the runas and user passwd
and group structs are persistent for now.
 2010-08-04 09:58:50 -04:00
Todd C. Miller
ec57221017 Do not produce a warning for "sudo -k" if the ticket file does not 
exist.
 2010-08-03 15:16:57 -04:00
Todd C. Miller
420db23714 Quiet gcc warnings on glibc systems that use warn_unused_result for 
write(2) and others.
 2010-08-03 11:17:56 -04:00
Todd C. Miller
30fe4a067c Set usrinfo for AIX 
Set adminstrative domain for the process when looking up user's
    password or group info and when preparing for execve().
Include strings.h even if string.h exists since they may define
    different things.  Fixes warnings on AIX and others.
 2010-06-29 13:08:05 -04:00
Todd C. Miller
f5c5a9bf6a Do not update tty ticket if there is no tty. 2010-06-18 08:00:16 -06:00
Todd C. Miller
eec336115a Move askpass path specification from sudoers to sudo.conf. 2010-06-09 17:40:44 -04:00