There are also role and type defaults that may be used. To make sure a
transition occurs, when using RBAC commands are executed via the new sesh
binary. Based on initial changes from Dan Walsh.
with a different effective group. If the -g option is specified
without -u the command will be run as the current user (only the
group will change). the -g and -u options may be used together.
TODO: implement runas group for ldap
improve runas group documentation
add testsudoers support
convert to tail queues in the process. This will allow us to
reverse foreach loops more easily and it makes it clearer which
functions expect a list as opposed to a single member.
Add macros for manipulating lists. Some of these should become functions.
When freeing up a list, just pop off the last item in the queue instead
of going from head to tail. This is simpler since we don't have to
stash a pointer to the next member, we always just use the last one
in the queue until the queue is empty.
Rename match functions that take a list to have list in the name.
Break cmnd_matches() into cmnd_matches() and cmndlist_matches.
runas_matches(), host_matches() and cmnd_matches() only really need to pass in
a list of members. user_matches() still needs to pass in a passwd struct
because of "sudo -l"
o init_parser() now takes a path used to populate the sudoers global
o the sudoers global is used to print the correct file in yyerror()
o when switching to a new sudoers file, perserve old file name and line number
the passwd file, set runas_user to the name, not the uid.
When comparing usernames in sudoers, if a name is really a uid (starts
with '#') compare it numerically to pw_uid.
function that just sets error and returns -1. This adds a
"noexec_file" option to load the filename as well as a "noexec" flag
to enable it unconditionally. There is also a NOEXEC tag that can
be attached to specific commands and an EXEC tag to disable it.
There's really no need for a separate token for fully-qualified vs.
unqualified anymore so FQHOST is now history and hostname_matches
now decides which hostname (short or long) to check based on whether
or not the pattern contains a '.'.
changable at runtime (and on a global, per-host and per-user basis).
Both the names and the internal representation are still subject to change.
It was necessary to make sudo_user.runas but a char ** instead of a
char * since this value can be changed by a Defaults line. There is a
similar (but more complicated) issue with sudo_user.prompt but it
is handled differently at the moment.
Add a "-L" flag to list the name of options with their descriptions. This
may only be temporary.
Move some prototypes to parse.h
Be much less restrictive on what is allowed for a username.
stored with the contents. This could lead to incorrect output
if the sudoers file had different alias types with the same name.
Normal parsing (ie: not in '-l' mode) is unaffected.
