isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,697 Commits 1 Branch 0 Tags
7d3ce01a05115b166b278da23bb0097967e057d8
Commit Graph

118 Commits

Author SHA1 Message Date
Todd C. Miller
3e68433839 Clean up generated test files and other minor housekeeping. 2013-02-28 09:49:09 -05:00
Todd C. Miller
5d7925b24e Test setting disable_coredump to illegal value. 2013-02-20 15:48:53 -05:00
Todd C. Miller
a17fb1de71 Fix atobool() usage. 2013-02-20 15:48:12 -05:00
Todd C. Miller
299298ae42 Remove unused variable. 2013-02-20 15:47:27 -05:00
Todd C. Miller
0c40e82c16 Add simple regress tests for sudo.conf parsing. 2013-02-15 14:42:10 -05:00
Todd C. Miller
0f0ef228a5 If a line was longer that 0x80000000 the bit hack to round to the 
next power of two would roll over to zero.
 2013-02-14 16:34:13 -05:00
Todd C. Miller
67fed118b6 Add max_groups setting to sudo.conf (currently unused) and remove 
unused return value from setters.
 2013-02-14 13:34:33 -05:00
Todd C. Miller
7aae6bd6e3 Add line continuation support to sudo_parseln() and make it use 
getline() instead of fgets() internally.
 2013-02-07 10:56:01 -05:00
Todd C. Miller
630b47e22f Add group_source setting in sudo.conf to allow the admin to specify 
how a user's groups are looked up.  Legal values are static (just
the kernel list from getgroups), dynamic (whatever the group database
includes) and adaptive (only use group db if kernel group list is
full).
 2013-01-27 13:53:11 -05:00
Todd C. Miller
ef8e141248 Ignore duplicate entries in sudo.conf and report the line number 
when there is an error.  Warn, don't abort if there is more than
one policy plugin.
 2013-01-23 06:33:53 -05:00
Todd C. Miller
a6f3517f23 regen 2013-01-11 14:29:37 -05:00
Todd C. Miller
6e560f2bab Break out stack smashing protector options into SSP_CFLAGS and 
SSP_LDFLAGS so we can use it everywhere (unlike LT_LDFLAGS).
 2013-01-03 14:20:49 -05:00
Todd C. Miller
1d7072fe09 Don't include <sys/param.h>. We only needed it for MAXPATHLEN, 
MAXHOSTNAMELEN and the MIN/MAX macros.  We now use PATH_MAX and
HOST_NAME_MAX throughout without falling back on MAXPATHLEN or
MAXHOSTNAMELEN and define our own MIN/MAX macros as needed.
 2012-12-04 10:40:47 -05:00
Todd C. Miller
b7ae7977a6 Cannot wrap sigsetjmp() or we end up returning to the wrong place. 
Use a macro instead.
 2012-11-29 06:37:13 -05:00
Todd C. Miller
14e5f35d4d Include missing.h for __printflike. 2012-11-25 11:51:43 -05:00
Todd C. Miller
2632ec7e69 Move warn/error into common and make static builds work. 2012-11-25 09:34:40 -05:00
Todd C. Miller
c2c6616a0c Move _sudo_printf from src/conversation.c to common/sudo_printf.c. 
Add sudo_printf function pointer that is initialized to _sudo_printf()
instead of requiring a sudo_conv function pointer everywhere.  The
plugin will reset sudo_printf to point to the version passed in via
the plugin open function.  Now plugin_error.c can just call sudo_printf
in all cases.  The sudoers binaries no longer need their own version
of sudo_printf.
 2012-11-25 09:34:33 -05:00
Todd C. Miller
4bde57b8b2 Rename warning2()/error2() -> warning_nodebug()/error_nodebug(). 2012-11-25 09:34:10 -05:00
Todd C. Miller
7b3d268687 Call gettext() on parameters for warning()/warningx() instead of 
having warning() do it for us.
 2012-11-25 09:34:04 -05:00
Todd C. Miller
6849fff4d7 See DEFAULT_TEXT_DOMAIN 2012-11-25 08:10:12 -05:00
Todd C. Miller
0178d5ae01 Set group on sudo_debug when creating it to gid 0 so systems without 
BSD group semantics don't get the invoking user's group.
 2012-11-12 17:12:34 -05:00
Todd C. Miller
acf8af9aac #unifdef HAVE_SETLOCALE, it is C89 so no need to check for it. 2012-11-12 08:51:58 -05:00
Todd C. Miller
4bd4a91714 Parse sudo.conf in the "C" locale. 2012-11-12 05:42:48 -05:00
Todd C. Miller
595d3b2651 Display warning/error messages in the user's locale. 2012-11-08 15:37:44 -05:00
Todd C. Miller
f8660f9988 Add variants of warn/error and sudo_debug_printf that take a va_list 
instead of a variable number of args.
 2012-11-08 15:37:42 -05:00
Todd C. Miller
1cf3def4be If vasprintf() fails, just use the errno it sets instead of assuming 
ENOMEM.
 2012-10-02 14:45:18 -04:00
Todd C. Miller
1d90c0ad71 No need to translate "unable to allocate memory" when we can just 
use the system translation via strerror().
 2012-09-17 16:59:26 -04:00
Todd C. Miller
e5257d48d7 Print a trailing newline in lbuf_print() when there is not enough 
space to do word wrapping and the lbuf does not end with a newline.
 2012-09-04 10:42:09 -04:00
Todd C. Miller
241b2395cf Reduce the number of "internal error, foo overflow" messages that 
need to be translated.
 2012-08-10 12:18:38 -04:00
Todd C. Miller
d89b1a6be2 Support for using SSSD (http://fedorahosted.org/sssd/) as a sudoers 
data source.  From Daniel Kopecek and Pavel Brezina.
 2012-08-10 11:59:26 -04:00
Todd C. Miller
a7424cc002 If sudo.conf contains an I/O plugin but no policy plugin, use sudoers 
for the policy plugin.  If a policy plugin is specified without an
I/O plugin, only the policy plugin will be loaded.
 2012-08-09 14:11:41 -04:00
Todd C. Miller
9c9cf9da41 Do not set a resource limit to zero when we are unable to fetch a 
value from /etc/security/limits.
 2012-07-06 10:10:03 -04:00
Todd C. Miller
f8f0021710 Add configure check for building PIE executables instead of doing 
it in mkpkg.
 2012-07-02 10:12:41 -04:00
Todd C. Miller
9497df293a Don't run regress tests or sudoers sanity check (using the newly-built 
visudo) when cross compiling.  Bug #560
 2012-06-20 13:38:17 -04:00
Todd C. Miller
d29aede203 No longer throw an error if sudoers is a symbolic link. Deprecated 
the --with-stow option as that is now (effectively) the default.
 2012-05-21 13:30:59 -04:00
Todd C. Miller
38ea65203a Move ttysize.c to common so sudoreplay can use it. 2012-04-06 16:41:08 -04:00
Todd C. Miller
c8ce3a0a85 Log the process id in the debug file output. Since we don't want 
to keep calling getpid(), stash the value at init time and when we
fork().
 2012-04-06 15:20:16 -04:00
Todd C. Miller
abdff25703 Always pass __func__, __FILE__ and __LINE__ in sudo_debug_printf() 
and use a new flag, SUDO_DEBUG_FILENO to specify when to use it.
This allows consumers of sudo_debug_printf() to log that data without
having to specify it manually.
 2012-04-05 13:04:00 -04:00
Todd C. Miller
2c84bd4d08 Log warning() at SUDO_DEBUG_WARN not SUDO_DEBUG_ERROR. 
Log the function, file and line number in the debug log for warning()
and error().
 2012-04-05 12:37:15 -04:00
Todd C. Miller
2fe41248ac Add SUDO_DEBUG_ERRNO flag to debug functions so we can log errno. 
Use this flag when wrapping error() and warning() so the debug
output includes the error string.
 2012-04-04 16:59:31 -04:00
Todd C. Miller
aecb5206e2 Fix compiler warnings on some platforms and provide a better method 
of defeating gcc's warn_unused_result attribute.
 2012-03-29 10:33:40 -04:00
Todd C. Miller
78429a90d5 Quiet a warning on systems where the gids array in setgroups() is 
not prototyped as being const, even though it really is.
 2012-03-28 11:14:22 -04:00
Todd C. Miller
8b3d118f62 Fix matching of "Path askpass" and "Path noexec" 2012-03-27 12:24:39 -04:00
Todd C. Miller
55d1a1a79d Use ecalloc() when allocating structs. 2012-03-19 11:24:24 -04:00
Todd C. Miller
dbbb48c45f Add ecalloc() and commented out recalloc(). 
Use inline strnlen() instead of strlen() in estrndup().
 2012-03-19 11:23:25 -04:00
Todd C. Miller
96f046c1ce Rename plugin "args" to "options" 2012-03-15 12:32:31 -04:00
Todd C. Miller
83459e13b5 Set args to NULL in default plugin info struct when there is no 
Plugin line in sudo.conf.
 2012-03-14 15:07:50 -04:00
Todd C. Miller
37770ecf1e Initial cut at a hooks implementation. The plugin can register 
hooks for getenv, putenv, setenv and unsetenv.  This makes it
possible for the plugin to trap changes to the environment made by
authentication methods such as PAM or BSD auth so that such changes
are reflected in the environment passed back to sudo for execve().
 2012-03-07 16:35:42 -05:00
Todd C. Miller
a16dee915b Add support for plugin args at the end of a Plugin line in sudo.conf. 
Bump the minor number accordingly and update the documentation.  A
plugin must check the sudo front end's version before using the
plugin_args parameter since it is only supported for API version
1.2 and higher.
 2012-03-02 11:04:09 -05:00
Todd C. Miller
8d05f0d1b0 Add type param to sudo_secure_path() and add sudo_secure_file() 
and sudo_secure_dir() wrappers which get by #includedir in sudoers.
 2012-02-29 15:50:48 -05:00