privs. Previously, only root or a user with the ability to run any
command as either root or the target user on the current host could
use the -U option. For "sudo -l [-U otheruser] command", NewArgv[0]
is now set to "list" (just like "sudo -l") and the actual command
to be checked starts with NewArgv[1].
This causes "intercept" to be set to true in command_info[] which
the sudo front-end will use to determine whether or not to intercept
attempts to run further commands, such as from a shell. Also add
"log_children" which will use the same mechanism but only log (audit)
further commands.
Our getdelim(3) emulation won't set the error flag if the error is
due to an allocation failure. This explains the premature EOF
without error seen in Bug #960.
We should assume that the contents of buf are undefined when getdelim(3)
returns -1. We now peek ahead one char and skip the getdelim(3) call if
EOF is detected. This will preserve the original value of the last line.
AIX and Illumos appear to have this behavior. We now preserve the
first character of the buffer on EOF to work around this.
Fixes reporting of syntax errors on the last line of a file.
The parser will use that when reporting on an ERROR state. This
prevents the lexer from reporting errors about tokens that are not
actually consumed by the parser and we don't have to worry about
both the lexer and the parser reporting errors. It also means we
only get one error per sudoers line.
Previously we needed to emulate some of the state transitions that
happen at end-of-line at end-of-file as well. Those are no longer
needed now that we are guaranteed to always have a newline at the end.
For include files, we may need to inject a newline token now that
the grammar requires lines to end with a newline or EOF. There is
no END (EOF) token processed after popping off an include file since
everything is just treated as one big file.
Strings are not allowed to span multiple lines without a continuation
character. Also provide a better error message if we are in the
middle of a string and hit EOF.
The ERROR token is now only used for errors detected by the lexer
and for which we've already printed an error. This lets us remove
the hack in sudoerserror() and just check last_token to determine
whether or not to display the error.
These are less confusing than #include and #includedir when the
hash character is also the comment character.
This commit also adds real parsing of include directives as opposed
to the pure lexer approach used previously. As a result, it is now
possible to include files with spaces by either using a double-quoted
string or escaping the space characters with a backslash.
