isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
11,022 Commits 1 Branch 0 Tags
788708c9ff925a79ffdd56612f86d3dfc36d7232
Commit Graph

951 Commits

Author SHA1 Message Date
Todd C. Miller
788708c9ff Add intercept_authenticate sudoers option, defaults to false. 
By default, sudoers will not require authentication of commands run
via an intercepted session.  To require authenticaton of subsequent
commands, enable intercept_authenticate in sudoers.
 2021-08-09 15:50:26 -06:00
Todd C. Miller
9d776b4e7b Allow multiple accept/reject messages during a logsrv conversation. 
The log server now advertises a subcommands flag if it supports
logging subcommands (e.g. commands run from a sudo-spawned program
like a shell).  The client should only log additional commands
during a session if this flag is set in the ServerHello message.
 2021-08-09 15:50:25 -06:00
Todd C. Miller
6287e8ca7d Add support for loading the sudo_intercept.so DSO. 2021-08-09 15:50:25 -06:00
Todd C. Miller
786e5865cb Add "intercept" Defaults setting to allow interception of sub-commands. 
This causes "intercept" to be set to true in command_info[] which
the sudo front-end will use to determine whether or not to intercept
attempts to run further commands, such as from a shell.  Also add
"log_children" which will use the same mechanism but only log (audit)
further commands.
 2021-08-09 15:50:25 -06:00
Todd C. Miller
14ffa00c06 The tls_verify setting only affects server behavior, not the client. 
Originally, there was a flag in the ServerHello message to indicate
that the client should verify the server cert, but this was removed
TLS was moved to a separate port.  Client validation of the server
certificate is now configured in the sudoers file instead.
 2021-08-03 09:50:07 -06:00
Todd C. Miller
0dd2b6442a Add log_exit setting in the sudo_logsrvd.conf eventlog stanza 
This causes sudo_logsrvd to log a record with the exit status or
terminating signal in response to an ExitMessage.
 2021-07-09 11:08:44 -06:00
Todd C. Miller
17a415ae77 Add log_exit_status sudoers option to log when a command exits. 
This option defaults to off.
 2021-07-09 11:08:44 -06:00
Todd C. Miller
16f78f59ba Mention that xkcd inspired the sandwich logo. 2021-07-02 14:19:59 -06:00
Todd C. Miller
86680255ba Mention log server and fuzzers under Quest contributions. 2021-07-02 14:19:37 -06:00
Todd C. Miller
555596e57a Use "mandoc -Tlint -Wwarning" instead of -Wstyle. 
The style checks now include "referenced manual not found" warnings
which is not helpful.
 2021-06-26 18:20:25 -06:00
Todd C. Miller
2c1988410e Add support for logging server warning/error messages. 
We can use sudo_warn_set_conversation() to set a conversation
function that either writes to a log file or calls syslog().
 2021-06-13 18:27:36 -06:00
Todd C. Miller
5087f68853 sudoreplay does not parse sudoers to find the value of iolog_dir. 
The default value for the I/O log directory is set at build time.
 2021-05-26 08:10:22 -06:00
Todd C. Miller
7033f1c1d8 The -g option may also be used with any group the target user belongs to. 
The description in the Runas_Spec section incorrectly stated that
the -g option could not be used if no runas group was set.  Bug #975.
 2021-05-07 13:42:40 -06:00
Todd C. Miller
9d734d57e7 sudo_sendlog: rename -m (max-time) to -s (stop-after). 2021-05-04 12:14:02 -06:00
Todd C. Miller
7376fa632f Add "-m elapsed" option to specify the max elapsed time of records to send. 
Useful for testing the ability of the server to handle restarted log
transfers.
 2021-05-04 08:22:34 -06:00
Todd C. Miller
fda17ecfda Rename logsrvd log dir to /var/log/sudo_logsrvd. 2021-05-02 08:28:19 -06:00
Todd C. Miller
f49930c62e Make the failed relay retry interval configurable. 
This is the amount of time to wait before trying to resend a
journal to the relay server after a connection error.
 2021-05-02 06:19:32 -06:00
Todd C. Miller
01bdfd3be2 Write client and server information to debug file on SIGUSR1 
This can be used to debug client problems such as a connection
not being closed as expected.
 2021-04-29 16:20:02 -06:00
Todd C. Miller
cefa72c6a6 Document journal file directories in store_first mode. 2021-04-29 14:34:54 -06:00
Todd C. Miller
d6d2e3488b Fix typo. 2021-04-24 13:23:25 -06:00
Todd C. Miller
6f5b353e87 Add configuration for sudo_logsrvd store-and-forward mode. 
Adds "relay_dir" and "store_first" settings to sudo_logsrvd.conf
in the [relay] section.  Also adds a --with-relaydir configure
argument to change the default value (usually /var/log/logsrvd-relay.
 2021-04-23 16:54:15 -06:00
Todd C. Miller
a1323ba43b Fix lint warning. 2021-04-13 14:29:59 -06:00
Todd C. Miller
556b8f62cb Mention relay mode and update TLS example. 2021-04-13 14:24:50 -06:00
Todd C. Miller
28d41cecad Enable the use of OpenSSL if log client/server not disabled. 
This adds a dependency on OpenSSL unless it is explicitly disabled
(--disable-openssl) or the sudo log client and server are disabled
(--disable-log-client and --disable-log-server).
 2021-04-12 14:10:49 -06:00
Todd C. Miller
ae77355eda Document relay configuration changes. 2021-04-09 12:58:57 -06:00
Todd C. Miller
3aec794b75 Document relay and connect_timeout server settings. 2021-04-06 16:30:41 -06:00
Todd C. Miller
d4517e0a1c Move autoconf auxiliary files to the scripts directory. 2021-04-06 14:23:38 -06:00
Todd C. Miller
28d65159ed Document SUCCESS=return support in sudoers nsswitch.conf entries. 
Based on a patch from Dennis Filder.  Bug #971.
 2021-04-05 20:13:50 -06:00
Todd C. Miller
dfff132122 Add a new "fuzz" target that executes the fuzzers for 8192 runs each. 
To run indefinately, set FUZZ_RUNS=-1, e.g. "make FUZZ_RUNS=-1 fuzz"
 2021-03-18 16:48:19 -06:00
Todd C. Miller
4c182c90f1 Rename "fuzz" makefile target to "check-fuzzer". 
It's purpose is to run the fuzzers are part of a normal "make check"
to avoid bit rot, not to perform a fuzzer run.
The fuzz_logsrvd_conf fuzzer was not wired up to "make check" previously.
 2021-03-18 09:08:16 -06:00
Todd C. Miller
2759920b86 Document double escaping of backslashes. Bug #961. 2021-03-03 15:49:18 -07:00
Todd C. Miller
5ffa0ce053 Make "group_source=dynamic" the default on macOS. 
Recent versions of macOS do not reliably return all of a user's
non-local groups via getgroups(2), even when _DARWIN_UNLIMITED_GETGROUPS
is defined.  Bug #946.
 2021-03-02 14:09:31 -07:00
Todd C. Miller
14c71eaa86 Add clean rules to .PHONY target. 2021-02-19 08:54:04 -07:00
Todd C. Miller
9f1e016cde Add install-fuzz Makefile target to install the fuzzers and seed corpus. 
The FUZZ_DESTDIR make variable needs to be set in the environment
or on the command line.
 2021-02-18 19:38:54 -07:00
Todd C. Miller
a5504148a5 Add admin_flag sudoers option and make --enable-admin-flag take a path. 
It is now possible to disable the Ubuntu admin flag in sudoers
or change its location.
GitHub issue #56
 2021-02-16 13:20:02 -07:00
Todd C. Miller
a18b2a9ddf Limit max_groups in sudo.conf to 1024. 
The max_groups setting should no longer be needed anyway.
 2021-02-16 12:37:23 -07:00
Todd C. Miller
63a3f62547 Add fuzz Makefile target and run fuzzer corpus in make check. 2021-02-08 04:56:17 -07:00
Daniel Milnes
d51c49789e Fix the typo in the mdoc 2021-02-05 16:03:55 -07:00
Daniel Milnes
2b2e5d0c40 Fix a tiny typo in the Sudo manpage 2021-02-05 16:03:55 -07:00
Todd C. Miller
29f5f3c53e Fix uninstall target; there were missing line continuation chars. 
GitHub issue #87
 2021-02-03 07:35:33 -07:00
Todd C. Miller
9e111eae57 Sudo 1.9.5 2021-01-08 19:52:45 -07:00
Todd C. Miller
1b72d6a5cc Allow SELinux support to be disabled via the sudoers file. 
Defaults to true if sudo is built with SELinux support and SELinux
is not disabled on the system.
 2021-01-08 19:29:17 -07:00
Todd C. Miller
f41b2c1f59 Direct execution of a command is incompatible with using a log server. 2020-12-11 09:45:14 -07:00
Todd C. Miller
1cdc4716c2 Comment out the default plugin lines in the example sudo.conf. 
Fixes a problem when there are multiple versions of sudo installed
and not all suport the audit plugin, such as on macOS.
GitHub issue #75
 2020-12-05 09:08:43 -07:00
Todd C. Miller
0f6d581abd If pid_file is set to an empty value, disable the use of a pid file. 2020-11-24 09:43:00 -07:00
Todd C. Miller
d0042eda9e Don't overwrite sudo_logsrvd.pid if it is a symbolic link. 2020-11-24 09:00:25 -07:00
Todd C. Miller
27615b5582 For the audit plugin, command_info may be NULL. 
Fixes a NULL dereference in sudoers_audit when an I/O logging
plugin rejects input/output or returns an error.
 2020-11-17 13:04:57 -07:00
Todd C. Miller
38dd0f63b6 Event log data is sent to sudo_logsrvd even when not I/O logging. 2020-11-16 06:30:52 -07:00
Todd C. Miller
9779009fae Add info_msgs to AlertMessage and populate it. 
This lets us log eventlog info along with the alert if it is available.
 2020-11-09 17:15:11 -07:00
Todd C. Miller
fe9e65754c Add event_alloc to the audit plugin API. 
The sudoers audit plugin will use this to communicate with sudo_logsrvd.
 2020-11-02 15:28:21 -07:00