isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
8,201 Commits 1 Branch 0 Tags
6cbba7d66556dc67d71c6dfae91bcf35ff9bef8c
Commit Graph

8201 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
480d267116 Update. 2015-03-02 15:38:47 -07:00
Todd C. Miller
30adf83b12 Update OpenBSD CVS Ids 2015-03-02 14:43:38 -07:00
Todd C. Miller
5647a1ac46 Make comment match code. 2015-03-02 14:42:17 -07:00
Todd C. Miller
3c79ea75bb Fix compilation error on systems without futimes(). 2015-03-02 14:28:46 -07:00
Todd C. Miller
ee72cba937 Use futimens() and utimensat() instead of futimes() and utimes(). 2015-03-02 13:58:50 -07:00
Todd C. Miller
ea514dc391 Fix compiler warning on systems where mode_t is not unsigned int, 
such as 32-bit Solaris.
 2015-03-02 13:58:45 -07:00
Todd C. Miller
c9d4e1084c Fix logic for verifypw/listpw all in sudoers LDAP and sssd. 2015-03-02 11:37:43 -07:00
Todd C. Miller
b78a985bf0 Fix cut & pasto that prevented the SIGPIPE handler from being 
restored before returning from tgetpass().  From mancha
 2015-03-02 08:49:04 -07:00
Todd C. Miller
f25cf99679 Our utimes() emulation support futime() too. 2015-02-28 15:13:19 -07:00
Todd C. Miller
74d3745cc6 regen 2015-02-27 14:48:41 -07:00
Todd C. Miller
233783511d Define YYDEBUG to 0 if not already defined so we can protect use 
of sudoersdebug with "#if YYDEBUG" like the generated parser does.
From David Michael.
 2015-02-27 07:10:20 -07:00
Todd C. Miller
f95d762586 Document that Aliases may not be redefined and that "sudo -f /etc/sudo.d/foo" 
will not catch the redefinition.
 2015-02-26 16:54:14 -07:00
Todd C. Miller
8e1ceb5a7b Only create /usr/lib/tmpfiles.d/sudo.conf if 
/usr/lib/tmpfiles.d/systemd.conf also exists.  Some other package
may have created /usr/lib/tmpfiles.d even though it is not used.
 2015-02-26 09:55:01 -07:00
Todd C. Miller
d09a838939 regen 2015-02-26 09:40:10 -07:00
Todd C. Miller
a056794e9c Clear the ts dir instead of just making sure it exists. 2015-02-26 09:21:18 -07:00
Todd C. Miller
083f59a75c Only substiture init.d scripts that we are going to use. 2015-02-26 09:19:08 -07:00
Todd C. Miller
8fdc46433c Create /usr/lib/tmpfiles.d/sudo.conf when systemd is used. 2015-02-25 16:45:12 -07:00
Todd C. Miller
973286c7ac Check the return value of gettimeofday(), even though it should 
never fail.
 2015-02-25 07:10:25 -07:00
Todd C. Miller
5d2e9426b2 We cannot (easily) use clock_gettime(CLOCK_MONOTONIC) directly as 
it may be present but not implemented.  Add sudo_gettime_real() and
sudo_gettime_mono() functions to get the real and monotonic times
respectively.  Now sudo_gettime_mono() checks the value of
sysconf(_SC_MONOTONIC_CLOCK) before calling clock_gettime(CLOCK_MONOTONIC)
and falls back on sudo_gettime_real() as needed.  The Mach version
of sudo_gettime_mono() uses mach_absolute_time().

This should fix problems with timestamp files on systems where
the CLOCK_MONOTONIC is defined but not actually implemented.
 2015-02-24 11:19:21 -07:00
Todd C. Miller
01a4d6ccbf Check clock_gettime() return value and warn if it fails. 
Currently, the timestamp will be ignored if clock_gettime() fails.
 2015-02-24 09:53:50 -07:00
Todd C. Miller
23f4e49f4d Plug memory leak when debug file cannot be opened. 
Use %zu printf format now that our snprintf support it.
 2015-02-23 15:40:37 -07:00
Todd C. Miller
a604f0f02d Pam conversation function changes: 
o use PAM_BUF_ERR as the return value when calloc() fails.
 o sanity check the value of num_msg
 o remove the workaround for old Apple PAM
 o PAM_AUTH_ERR is not a valid PAM conversation function return value

If getpass_error is set after a call to pam_verify (usually because
the user pressed ^C), return AUTH_INTR immediately instead of
checking the pam_verify return value.
 2015-02-23 11:12:45 -07:00
Todd C. Miller
e11f32fd42 On AIX use the value of auth_type in /etc/security/login.cfg to 
determine whether to use LAM or PAM unless the user specified the
--with-pam or --with-aixauth configure flags.
 2015-02-23 11:12:43 -07:00
Todd C. Miller
1ce9dd5e07 Fix cast. 2015-02-23 06:32:43 -07:00
Todd C. Miller
b5831d55d8 Update snprintf.c from OpenBSD. The floating point and wide character 
code has been retained but is not compiled by default.
 2015-02-21 16:52:14 -07:00
Todd C. Miller
1ca3e1834e Update the regression test that check that all tags are parsed. 2015-02-20 16:02:37 -07:00
Todd C. Miller
49128a79e3 Add regress for mkdtemp and mkstemps from OpenBSD 2015-02-20 14:37:02 -07:00
Todd C. Miller
bd8eebd6f7 regen 2015-02-20 06:33:37 -07:00
Todd C. Miller
bb5093f40f Sync with translationproject.org 2015-02-20 06:33:02 -07:00
Todd C. Miller
f9af2bc99e Correct SECURE_PATH comment. 2015-02-20 06:30:41 -07:00
Todd C. Miller
93b52daaba Sudo 1.8.13 2015-02-20 06:29:41 -07:00
Todd C. Miller
be8dbeb22e Avoid using HOST_NAME_MAX directly and use sysconf(_SC_HOST_NAME_MAX) 
instead.
 2015-02-19 20:28:02 -07:00
Todd C. Miller
9b514ed83c Historically, crypt() returned the empty string on error, which 
ensured that crypt("", "") would return "", which supported matcing
empty encrypted passwords with no additional code.  Some modern
versions of crypt() (such as glibc) return NULL on error so we need
an explicit test to match an empty plaintext password and an empty
encrypted password.
 2015-02-19 14:17:57 -07:00
Todd C. Miller
615aee9d1e Sort tags lexically in the sudoers manual 2015-02-19 10:13:25 -07:00
Todd C. Miller
45548cf049 Add support for MAIL and NOMAIL command tags to toggle mail sending 
behavior on a per-command (or Cmnd_Alias) basis.
 2015-02-19 10:02:20 -07:00
Todd C. Miller
53ac30b63a Add mail_all_cmnds to always mail when a user runs a command (or 
tries to) including sudoedit.  The mail_always flag goes back to
its old semantic of always mailing when sudo is run.
 2015-02-15 20:30:11 -07:00
Todd C. Miller
8bb5897091 All modern systems should have LINE_MAX. 2015-02-19 09:59:25 -07:00
Todd C. Miller
96eddddc12 Almost no systems actually define OPEN_MAX since it is dynamic on 
modern OSes.  If sysconf(_SC_OPEN_MAX) ever fails, fall back on
_POSIX_OPEN_MAX instead.  We can assume modern systems have sysconf().
Also remove checks for strrchr() and strtoll() for which the HAVE_*
defines are no longer used.
 2015-02-19 09:59:25 -07:00
Todd C. Miller
7d1ee77136 Don't need to pass exampledir to polypkg now that it is just under 
docdir.
 2015-02-19 09:47:57 -07:00
Todd C. Miller
2ed7f2dd94 Fix packaging of the example dir. 2015-02-18 16:17:24 -07:00
Todd C. Miller
1ae2e55141 Fix mkstemps() extension handling. Sudoedit will now preserve the 
extension properly when the system libc lacks mkstemps().
 2015-02-18 06:24:31 -07:00
Todd C. Miller
166db8eeb4 Use weak symbols for sudo_warn_gettext() and sudo_warn_strerror() 
so distros using "-Wl,--no-undefined" in LDFLAGS don't run into
problems.
 2015-02-17 06:42:10 -07:00
Todd C. Miller
8cae9876f3 Include unistd.h in siglist.c and signame.c to get gid_t which 
is used by sudo_compat.h.  Bug #686
 2015-02-17 06:21:06 -07:00
Todd C. Miller
915e08eecc Minor change in description of TZ path handling. 2015-02-10 13:39:03 -07:00
Todd C. Miller
117a30face Move example dir under the doc dir to conform to Debian guidelines. 
Bug #682.
 2015-02-10 09:50:09 -07:00
Todd C. Miller
00f663d54d Document that a leading ':' is skipped when checking TZ for a 
fully-qualified path name.
 2015-02-10 09:37:10 -07:00
Todd C. Miller
9669abdafd Typo. 2015-02-09 16:21:52 -07:00
Todd C. Miller
0414ea4579 Fix typos. 2015-02-09 11:39:28 -07:00
Todd C. Miller
2e32bb10fe Fix compilation on systems w/o __dso_public 2015-02-09 08:52:19 -07:00
Todd C. Miller
9206ba54c5 Russian translation for sudoers from translationproject.org. 2015-02-07 07:47:39 -07:00