isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7,300 Commits 1 Branch 0 Tags
8461dc6e24f210ba348ebdda6c85fc71f7a47c8c
Commit Graph

7300 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
8461dc6e24 Fix compiler warning in debug code. 2014-03-06 15:21:49 -07:00
Todd C. Miller
ed87af2ae4 Catalan translation for sudo from translationproject.org. 2014-03-06 11:58:08 -07:00
Todd C. Miller
23e7f606a8 Document negation fix in JSON output. 2014-03-05 05:57:41 -07:00
Todd C. Miller
0030bfe7d5 Fix handling of '!' operator when converting sudoers. We now add 
a "negated" boolean flag to objects that have the '!' operator.
 2014-03-04 16:18:35 -07:00
Todd C. Miller
c934882c3e Czech translation for sudoers from translationproject.org 2014-03-01 07:53:17 -07:00
Todd C. Miller
9c17914bf9 Try -libmldap before -lldap in case there is no link from libibmldap.so 
to libldap.so.  Since IBM ldap is installed under /opt we should only
be able to reach it if --with-ldap was given an explicit path.

Only check for ber_set_option() if LBER_OPT_DEBUG_LEVEL is defined.
 2014-02-28 11:05:13 -07:00
Todd C. Miller
d75e5f6fef Fix typo in setreuid() PERM_ROOT error message. 2014-02-27 16:40:28 -07:00
Todd C. Miller
d8f94bdfdd No longer need to disable setresuid() on debian. 2014-02-27 13:57:11 -07:00
Todd C. Miller
f2f96d849b Fix conversion of timestamp_timeout from double to struct timeval. 
Also quiet a printf format warning on 32-bit systems.
 2014-02-26 10:29:52 -07:00
Todd C. Miller
b41f5c2d3b Serbian translation for sudoers from translationproject.org. 2014-02-25 17:14:51 -07:00
Todd C. Miller
addef62246 Add Ingo Schwarze 2014-02-24 16:39:39 -07:00
Todd C. Miller
58341a8bfc When exporting sudoers in JSON format, use the same type of Options 
object for both Defaults and Cmnd_Specs.
 2014-02-24 09:31:14 -07:00
Todd C. Miller
c382071381 Silence cppcheck false positive. 2014-02-17 13:45:17 -07:00
Todd C. Miller
0cdf4407df sync with translationproject.org 2014-02-17 10:31:40 -07:00
Todd C. Miller
6bffa9a4a9 Mention init.d scripts on AIX and HP-UX 
Mention sudoers group mismatch fix
 2014-02-17 10:27:47 -07:00
Todd C. Miller
53d9429b87 Talk about clearing files at boot time, not reboot time since it 
happens when the system comes up, not down.
 2014-02-17 10:27:20 -07:00
Todd C. Miller
c6e310b948 We also need to open the sudoers file as root if there is a GID 
mismatch.
 2014-02-17 10:20:14 -07:00
Todd C. Miller
2b4bc87c07 Install /etc/rc.d/init.d/sudo and /etc/rc.d/rc2.d/S90sudo for 
AIX rpm packages.
 2014-02-17 09:02:06 -07:00
Todd C. Miller
0e9b4d30cc Remove init.d file and link in uninstall target. 2014-02-16 15:07:22 -07:00
Todd C. Miller
cb3cea3fa9 Fix INIT_DIR for real this time. 2014-02-16 14:49:15 -07:00
Todd C. Miller
0bf299c690 Use correct init.d dir on HP-UX. 
Fix pp warnings from rc.d and init.d dirs.
 2014-02-16 11:00:41 -07:00
Todd C. Miller
96d87d55dd First cut add installing an init.d file for HP-UX and AIX to remove 
old sudo timestamp files at boot time.
 2014-02-16 10:22:43 -07:00
Todd C. Miller
a61935c2b9 Use .Ar macro instead of "file ..." 
Use ".Cm -" instead of ".Li -" for the default login class.
From Ingo Schwarze.
 2014-02-15 16:12:31 -07:00
Todd C. Miller
f909c0d132 Remove some extraneous markup; from Ingo Schwarze 
* No need to explicitly end a macro with No before |
   because | counts as middle punctuation
   and falls out of the macro, anyway.
 * No need to explicitly re-open in-line macros after |
   because | counts as middle punctuation
   and the macros resume afterwards, anyway.
 * Simplify the mnemonic remarks regarding the option letters,
   no need for manual font and spacing control with No and Ns.
 * Trim Ns No to just Ns, it already implies No.
 2014-02-15 16:04:07 -07:00
Todd C. Miller
d6397e27cf Move zerowidth space in :alpha: after the colon for consistency. 2014-02-15 15:45:25 -07:00
Todd C. Miller
0ec92dae81 regen 2014-02-15 15:18:34 -07:00
Todd C. Miller
a9cfe4fc44 Remove extraneous keeps in SYNOPSIS now that mandoc does implied 
keeps when converting from mdoc to man.
 2014-02-15 15:18:20 -07:00
Todd C. Miller
94d4482238 Properly escape the : in :alpha: 2014-02-15 15:17:37 -07:00
Todd C. Miller
28c49748a9 Replace some uses of .Sy with .Ar, .Ev and .Pa as appropriate. 
From Jan Stary.
 2014-02-15 10:40:46 -07:00
Todd C. Miller
0a6ec9615b Fix indentation of Defaults entries. The initial indent should be 
outside the loop iterating over the entries.
 2014-02-12 15:00:04 -07:00
Todd C. Miller
198e73b5c8 sync with translationproject.org 2014-02-11 09:55:33 -07:00
Todd C. Miller
12a1b672c0 We must include gettext.h before missing.h as it includes system 
headers.  Also add missing DEFAULT_TEXT_DOMAIN defines in sudoers
audit code that does not include sudoers.h.
 2014-02-11 09:40:59 -07:00
Todd C. Miller
02d86aafe8 When emulating DSO_NEXT with shl_get() we need to skip the program's 
handle.  This used to be documented as being index -2 but now it
seems to be index 0.  As this is not guaranteed we need to look up
the real handle value for PROG_HANDLE and skip it when interating
through all the DSOs.  Fixes infinite recursion on HP-UX in the
getenv() replacement.
 2014-02-11 07:43:13 -07:00
Todd C. Miller
151f001d81 Export getenv() so it is visible to shared objects we link with. 2014-02-11 07:34:04 -07:00
Todd C. Miller
d748ebe48b Add some initprogname() calls to the test programs. 2014-02-08 06:24:01 -07:00
Todd C. Miller
8b94d558df regen 2014-02-07 15:15:09 -07:00
Todd C. Miller
414edf65e8 Mention that there is now a default LDAP search filter. 2014-02-07 15:03:18 -07:00
Todd C. Miller
a54e52d588 Minor word choice change. 2014-02-07 15:03:00 -07:00
Todd C. Miller
8287e21d36 Add use_netgroups sudoers option. For LDAP-based sudoers, netgroup 
support requires an expensive substring match on the server.  If
netgroups are not needed, this option can be disabled to reduce the
load on the LDAP server.
 2014-02-07 14:58:48 -07:00
Todd C. Miller
7a1cd11c0d Update copyright year. 2014-02-06 16:00:56 -07:00
Todd C. Miller
4727c52e1e Mention LDAP changes. 2014-02-06 16:00:47 -07:00
Todd C. Miller
f7a419b5f9 Use a default LDAP search filter of (objectClass=sudoRole). When 
constructing the netgroup query, add (sudoUser=*) to the query so
we don't fall below the 3 character OpenLDAP substring threshold.
Otherwise the index for sudoUser will never be used for that query.
Pointed out by Michael Stroeder.
 2014-02-06 15:50:08 -07:00
Todd C. Miller
b299763e34 Don't warn about an insecure lecture dir twice. 
Display warnings in the user's locale.
 2014-02-06 15:46:27 -07:00
Todd C. Miller
4e733589e7 Mention the fix for ^Z at the password prompt when sudo was started 
in the background.
 2014-02-05 12:57:47 -07:00
Todd C. Miller
135c85e152 In term_restore(), only restores the terminal if we are in the 
foregroup process group.  Instead of calling tcgetpgrp(), which is
racy, we set a temporary handler for SIGTTOU and check whether it
was received after a failed call to tcsetattr().
 2014-02-05 12:03:58 -07:00
Todd C. Miller
85598f77b2 Use inet_pton() instead of inet_aton() and include a version from 
BIND for those without it.
 2014-02-05 10:00:07 -07:00
Todd C. Miller
91141e5cc1 Quiet a gcc warning. 2014-02-05 09:55:31 -07:00
Todd C. Miller
fbfe7caba4 Need to include limits.h for USHRT_MAX. 2014-02-05 09:55:30 -07:00
Todd C. Miller
08af9d0516 Use bool for function return values instead of 1 or 0. 2014-02-04 15:18:16 -07:00
Todd C. Miller
249becb1ac Warn the user if the rundir needs to be cleared in the rc files. 
Neither AIX not HP-UX clear /var/run (if it even exists).
 2014-02-04 15:14:48 -07:00