isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
8,201 Commits 1 Branch 0 Tags
6cbba7d66556dc67d71c6dfae91bcf35ff9bef8c
Commit Graph

8201 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
6cbba7d665 Add an administrative domain to the passwd/group cache key for 
AIX which can have different name <-> ID mappings depending
on whether the database is local, LDAP, etc.
 2016-02-01 11:08:58 -07:00
Todd C. Miller
9b19ea440c Fedora dropped "core" from the name some time ago so just match on 
f[0-9] for the rpm distro name provided by pp.  Since the version
numbers of Fedora and RHEL are so different switch to defining
variables to indicate which features should be enabled.  Works for
Fedora 23.
 2016-02-01 11:07:10 -07:00
Todd C. Miller
25abb72184 Treat fedora core like centos/rhel for package building. 2016-01-31 07:36:44 -07:00
Todd C. Miller
73163c750a Plug some memory leaks in the tests. 2016-01-29 11:34:09 -07:00
Todd C. Miller
2224cfd000 If realloc of sudoerslval.command.args fails, reset sudoerslval.command.args 
as well as arg_len and arg_size after freeing sudoerslval.command.args.
 2016-01-29 11:10:36 -07:00
Todd C. Miller
a7e5ae1e5b When freeing the iobs after pty tear-down, also free the associated 
event structures.  Quiets a memory leak warnings from address
sanitizer and valgrind.
 2016-01-29 10:31:54 -07:00
Todd C. Miller
5cbe1edcfe iolog_compress should be bool, not int 2016-01-28 15:36:15 -07:00
Todd C. Miller
3bebdfea79 Quiet address sanitizer leak detector. 2016-01-28 15:07:54 -07:00
Todd C. Miller
21d6fc3d8f Simple garbage collection (really a to-be-freed list) for the sudoers 
plugin.  Almost identical to what sudo.c uses.  Currenly only the
environment strings are collected at exit time which is enough to
quiet address sanitizer's leak detector.
 2016-01-28 14:53:48 -07:00
Todd C. Miller
7b2fbed45d Rename gc_cleanup to gc_run and remove I/O plugins from the plugin 
list when freeing them.
 2016-01-28 14:48:11 -07:00
Todd C. Miller
23aeb0b5ec Free up the garbage via an atexit() handler instead of requiring 
a call to gc_exit.
 2016-01-28 11:01:42 -07:00
Todd C. Miller
78ac87cd90 Plug a memory leak in sudo_edit. 2016-01-28 10:54:34 -07:00
Todd C. Miller
fd9f010064 mention --enable-asan 2016-01-27 16:49:24 -07:00
Todd C. Miller
873d5cc5ff Try to deconfuse static analyzers a bit. 2016-01-27 16:19:22 -07:00
Todd C. Miller
23a82ab2e8 Avoid possible NULL deref found by clang analyzer. 2016-01-27 16:07:35 -07:00
Todd C. Miller
3d0b0f061e Add --enable-asan configure flag to enable address sanitizer 2016-01-27 15:37:25 -07:00
Todd C. Miller
9b3ef072f9 Add support for garbage collecting info passed to the plugin before 
exit to appease address sanitizer's leak detector (and valgrind's
leak checker).  We can't free these sooner since the plugin may be
using the memory.  For plugin API 2.0 it should be make clear that
the plugin must make a copy of the data in the arrays passed in to
the plugin's open() function.  Only enabled if NO_LEAKS is defined.
 2016-01-27 15:37:15 -07:00
Todd C. Miller
ab11cdde2c auth_getpass() returns a dynamically allocated copy of the plaintext 
password which needs to be freed after checking (and clearing) it.
 2016-01-27 15:36:50 -07:00
Todd C. Miller
91bce65e29 Remove sudo_fatalx() calls from format_plugin_settings(). 2016-01-27 13:59:04 -07:00
Todd C. Miller
e48ceebf14 fn_free_result() (aka sss_sudo_free_result() in sss_sudo.c) handles 
a NULL poiner so there's no need to check before calling it.  Add
missing initialization of sss_sudo_result to NULL in sudo_sss_setdefs().
 2016-01-27 09:28:08 -07:00
Todd C. Miller
60ea106cc4 Add missing return when user is not found in sudo_sss_result_get(). 
Previously we fell through to the default case which just logged a
debug message and returned so this just avoids the extra (generic)
debug message.
 2016-01-27 09:20:04 -07:00
Todd C. Miller
6635f97b33 Fix a warning on AIX. 2016-01-26 14:35:14 -07:00
Todd C. Miller
5507b2328c Pass updated user_env_out, not envp, to the I/O open function. 2016-01-26 07:42:57 -07:00
Todd C. Miller
ca330adada Pass updated argv/envp to the I/O open function like the plugin API 
documents.
 2016-01-26 07:39:43 -07:00
Todd C. Miller
a6886d2345 Add check for I/O log file handle being NULL. This could only 
happen if the front-end calls iolog_open with argc == 0 but actually
runs a command.
 2016-01-25 16:18:22 -07:00
Todd C. Miller
c28f59271a Additional debugging for pwutil functions. 2016-01-22 17:04:59 -07:00
Todd C. Miller
41a32a1c58 When calling setauthdb(), save the old registry value so we can 
restore it properly.  Previously we were setting the registry to
unrestricted instead of actually restoring it.
 2016-01-22 17:04:58 -07:00
Todd C. Miller
578be4f39c Use SUDOERS_DEBUG_UTIL not SUDO_DEBUG_UTIL in the plugin. 2016-01-22 11:22:58 -07:00
Todd C. Miller
5016fa23df When parsing debug entries, don't make a lower value override a 
higher one.  For example, for "pcomm@debug,all@warn" the "all@warn"
should not set pcomm to "warn" when it is already at "debug".
 2016-01-21 07:43:25 -07:00
Todd C. Miller
7ed519125e Set sudoedit_checkdir=false in command_details when it is disabled 
in sudoers.
 2016-01-20 15:51:43 -07:00
Todd C. Miller
f4e5b135bb Update copyright year 2016-01-20 15:40:51 -07:00
Todd C. Miller
726b4dc968 If the user runs "sudoedit /" we will receive ENOENT from openat(2) 
and sudoedit will try to create a file with the null string.  If
path is empty, open the cwd instead so sudoedit can give a sensible
error message.
 2016-01-20 15:36:20 -07:00
Todd C. Miller
399ec8b2b0 Log an error for invalid boolean strings. 2016-01-20 15:34:00 -07:00
Todd C. Miller
5bae35c05c Fix off by one error in new SET_FLAG macro. 2016-01-20 15:09:32 -07:00
Todd C. Miller
ec37504dfb Document the race with sudoedit_checkdir in 1.8.15. 2016-01-20 11:00:05 -07:00
Todd C. Miller
42671f6b95 Document sudoedit_checkdir 2016-01-20 10:56:47 -07:00
Todd C. Miller
5e300f1e4c There are no systems that support O_SEARCH/O_PATH that do not also 
support O_DIRECTORY so simplify the definition of DIR_OPEN_FLAGS a
bit.
 2016-01-19 19:50:27 -07:00
Todd C. Miller
5dae4d3f35 regen 2016-01-19 15:23:07 -07:00
Todd C. Miller
647bfa4a9d Add 1.8.16 changes 2016-01-19 15:21:15 -07:00
Todd C. Miller
de0208a01b Make sudoedit_checkdir the default and update the documentation accordingly. 2016-01-19 14:16:25 -07:00
Todd C. Miller
e719d954e7 Add a SET_FLAG macro to simplify parsing command details boolean 
flags.  Previously, flags were only set and never cleared even if
the boolean value was false.  This was not a problem as there were
no default flags for the plugin to enable.  That will change in the
future.
 2016-01-19 10:32:33 -07:00
Todd C. Miller
4b96e94f37 Need to be root when switching to a different user. 2016-01-18 13:12:50 -07:00
Todd C. Miller
9f481f128d Use O_SEARCH on systems without O_PATH if present. It can be used 
for a similar purpose.
 2016-01-18 12:38:41 -07:00
Todd C. Miller
c1b1481204 Use faccessat(2) for directory writability instead of doing the 
checks manually where possible.  This also allows us to remove the
#ifdef __linux__ bits since we no longer use fstat(2) on Linux with
an O_PATH fd.
 2016-01-18 10:45:47 -07:00
Todd C. Miller
7f8a29dfc0 Add "I/O LOG FILES" section to the manual and move many of the 
details from the log_input and log_output descriptions to it.
 2016-01-16 16:47:42 -07:00
Todd C. Miller
ad8c96403d Use "Nm sudoers" when talking about the plugin and "Em sudoers" when 
talking about the sudoers file.
 2016-01-16 16:46:17 -07:00
Todd C. Miller
12a8becd70 Remove gzopen_w which is only defined on Windows. 2016-01-13 13:40:19 -07:00
Todd C. Miller
4bcef637f8 Work around the buggy pread(2) on 32-bit HP-UX 11.00 by using 
pread64() on that platform.
 2016-01-13 11:10:33 -07:00
Todd C. Miller
5a77989a33 Add support for matching the entire netgroup tuple (user, host, domain). 2016-01-12 14:59:44 -07:00
Todd C. Miller
9d7bc0311f Use asprintf() to generate the netgroup filter instead of using 
lots of concatenation.
 2016-01-12 14:29:09 -07:00