isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,562 Commits 1 Branch 0 Tags
7b3d268687b0dc9ebd7ae88a8419736a6b82afbe
Commit Graph

37 Commits

Author SHA1 Message Date
Todd C. Miller
7b3d268687 Call gettext() on parameters for warning()/warningx() instead of 
having warning() do it for us.
 2012-11-25 09:34:04 -05:00
Todd C. Miller
595d3b2651 Display warning/error messages in the user's locale. 2012-11-08 15:37:44 -05:00
Todd C. Miller
805039bec5 Add missing check for I/O plugin API version when checking for the 
presence of I/O plugin hooks.
 2012-08-13 14:44:54 -04:00
Todd C. Miller
a7424cc002 If sudo.conf contains an I/O plugin but no policy plugin, use sudoers 
for the policy plugin.  If a policy plugin is specified without an
I/O plugin, only the policy plugin will be loaded.
 2012-08-09 14:11:41 -04:00
Todd C. Miller
55d1a1a79d Use ecalloc() when allocating structs. 2012-03-19 11:24:24 -04:00
Todd C. Miller
96f046c1ce Rename plugin "args" to "options" 2012-03-15 12:32:31 -04:00
Todd C. Miller
37770ecf1e Initial cut at a hooks implementation. The plugin can register 
hooks for getenv, putenv, setenv and unsetenv.  This makes it
possible for the plugin to trap changes to the environment made by
authentication methods such as PAM or BSD auth so that such changes
are reflected in the environment passed back to sudo for execve().
 2012-03-07 16:35:42 -05:00
Todd C. Miller
a16dee915b Add support for plugin args at the end of a Plugin line in sudo.conf. 
Bump the minor number accordingly and update the documentation.  A
plugin must check the sudo front end's version before using the
plugin_args parameter since it is only supported for API version
1.2 and higher.
 2012-03-02 11:04:09 -05:00
Todd C. Miller
1c3965f534 Separate sudo.conf parsing from plugin loading and move the parse 
functions into the common lib so that visudo, etc. can use them.
 2011-12-20 08:50:07 -05:00
Todd C. Miller
21a2f95821 Use stdbool.h instead of rolling our own TRUE/FALSE macros. 2011-12-02 11:27:33 -05:00
Todd C. Miller
ab887a6fb0 No longer pass debug_file to plugin, plugins must now use CONV_DEBUG_MSG 2011-11-30 14:56:41 -05:00
Todd C. Miller
e58b232740 Change Debug sudo.conf setting to take a program name as the first 
argument.  In the future, this will allow visudo and sudoreplay to
use their own Debug entries.
 2011-11-08 08:24:45 -05:00
Todd C. Miller
839919566e Add debug_decl/debug_return (almost) everywhere. 
Remove old sudo_debug() and convert users to sudo_debug_printf().
 2011-10-22 14:40:21 -04:00
Todd C. Miller
53e3ad11b5 New debug framework for sudo and plugins using /etc/sudo.conf that 
also supports function call tracing.
 2011-10-22 14:00:52 -04:00
Todd C. Miller
76f427e8d7 Fix build error when --without-noexec configure option is used. 2011-07-05 12:20:10 -04:00
Todd C. Miller
4f22a39803 Load plugins with RTLD_GLOBAL instead of RTLD_LOCAL. This fixes 
problems with pam modules not having access to symbols provided by
libpam on some platforms.  Affects FreeBSD and SLES 10 at least.
 2011-06-06 10:53:58 -04:00
Todd C. Miller
7960bde2db Minor warning/error message cleanup 2011-05-18 13:04:24 -04:00
Todd C. Miller
c865a462cc Prepare sudo front end messages for translation. 2011-05-06 17:47:51 -04:00
Todd C. Miller
b6d0a28efb Load plugins after parsing arguments and potentially printing the 
version.  That way, an error loading or initializing a plugin doesn't
break "sudo -h" or "sudo -V".
 2011-04-06 17:51:36 -04:00
Todd C. Miller
7debf44742 Move noexec path into sudo.conf now that sudo itself handles noexec. 
Currently can be configured in sudoers too but is now undocumented
and will be removed in a future release.
 2011-03-10 16:12:33 -05:00
Todd C. Miller
011ba5511f If sudo.conf contains no Plugin lines, use the default sudoers 
policy and I/O plugins.
 2011-02-16 12:15:46 -05:00
Todd C. Miller
ae2f7638f5 standardize on "return foo;" rather than "return(foo);" or "return (foo);" 2011-01-24 15:15:18 -05:00
Todd C. Miller
86a4a5232f Use HAVE_DLOPEN instead of HAVE_DLFCN_H when determining whether to 
include the local or system dlfcn.h
 2010-10-11 17:39:51 -04:00
Todd C. Miller
f538ed4e35 Add dlopen() emulation for systems without it. 
For HP-UX 10, emulate using shl_load().
For others, link sudoers plugin statically and use a lookup
table to emulate dlsym().
 2010-09-26 17:41:35 -04:00
Todd C. Miller
17dbb33e57 Use RTLD_LAZY instead of RTLD_NOW; was using RTLD_NOW as a debugging aid. 2010-07-02 16:03:21 -04:00
Todd C. Miller
66eafd0994 Add a trailing slash to _PATH_SUDO_PLUGIN_DIR to simplify usage. 2010-07-02 10:53:47 -04:00
Todd C. Miller
30fe4a067c Set usrinfo for AIX 
Set adminstrative domain for the process when looking up user's
    password or group info and when preparing for execve().
Include strings.h even if string.h exists since they may define
    different things.  Fixes warnings on AIX and others.
 2010-06-29 13:08:05 -04:00
Todd C. Miller
4fb8a83e6f Fix -A flag when askpass is specified in sudo.conf or if sudo doesn't need 
to read a password.
 2010-06-15 15:11:10 -04:00
Todd C. Miller
b72a530fd0 Update copyright year 2010-06-14 12:19:49 -04:00
Todd C. Miller
b91b65722b Store askpass path in a global instead of uses setenv() which many 
systems lack.
 2010-06-10 12:03:40 -04:00
Todd C. Miller
eec336115a Move askpass path specification from sudoers to sudo.conf. 2010-06-09 17:40:44 -04:00
Todd C. Miller
6c71d6afa4 Load the sudoers I/O plugin by default too now that it is hooked up. 2010-03-31 05:42:58 -04:00
Todd C. Miller
2e27226a0d Bring back SUDOERS_PLUGIN but add .dylib -> .so conversion for 
Darwin where libraries end in .dylib but modules end in .so
 2010-03-19 20:01:00 -04:00
Todd C. Miller
5be1b80169 Hard-code sudoers.so instead of using SUDOERS_PLUGIN since libtool 
appears to always install a shared object with the .so suffix.
 2010-03-18 12:02:05 -04:00
Todd C. Miller
5a2a2d193f Set the sudoers plugin name in configure so we get the extension right. 2010-03-17 18:48:19 -04:00
Todd C. Miller
6470a057e1 Fix strlcpy() return value check. 2010-03-04 12:06:42 -05:00
Todd C. Miller
b6a4cf7233 Modular sudo front-end which loads policy and I/O plugins that do 
most the actual work.  Currently relies on dynamic loading using
dlopen().  See doc/plugin.pod for the plugin API.
 2010-02-20 09:41:49 -05:00