isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7,300 Commits 1 Branch 0 Tags
8461dc6e24f210ba348ebdda6c85fc71f7a47c8c
Commit Graph

22 Commits

Author SHA1 Message Date
Todd C. Miller
8461dc6e24 Fix compiler warning in debug code. 2014-03-06 15:21:49 -07:00
Todd C. Miller
57113a536f Handle in_res being NULL for sudo_debug_printf() in sudo_sss_filter_result(). 2014-01-08 16:48:27 -07:00
Todd C. Miller
9e964a8c0e sudo_sss_filter_user_netgroup(): fix comment typos, break out of loop 
early if we match ALL or netgroup.
 2013-12-03 15:47:45 -07:00
Todd C. Miller
302d3273a8 When filtering netgroups, use the passwd struct stashed in the handle, 
not user_name since we may be listing another users privileges.
 2013-12-03 15:39:12 -07:00
Todd C. Miller
f477b343fe Avoid passing NULL domainname to sudo_debug_printf(). 2013-12-03 15:15:12 -07:00
Todd C. Miller
f56eca8051 Add user netgroup filtering for SSSD. Previously, rules for a 
netgroup were applied to all even when they did not belong to the
specified netgroup.  RedHat Bugzilla 880150.
 2013-12-03 14:19:37 -07:00
Todd C. Miller
543d3b701e Fix several issues found by the clang static analyzer; Daniel Kopecek 2013-12-03 14:10:11 -07:00
Todd C. Miller
12f3bdf60e Add wrapper functions for dlopen() et al so that we can support 
statically compiling in the sudoers plugin but still allow other
plugins to be loaded.  The new --enable-static-sudoers configure
option will cause the sudoers plugin to be compiled statically into
the sudo binary.  This does not prevent other plugins from being
loaded as per sudo.conf.
 2013-11-22 16:35:15 -07:00
Todd C. Miller
96eb2c4f8f Add warning_gettext() wrapper function that changes to the user locale, 
then calls gettext().
Add U_ macro that calls warning_gettext() instead of gettext().
Rename warning2()/error2() back to warning_nodebug()/error_nodebug().
 2013-11-18 08:59:57 -07:00
Todd C. Miller
99b7351de0 Fix some #if vs. #ifdef and remove an extraneous semicolon. 
Bug #624; from Daniel Richard G.
 2013-11-17 16:15:36 -07:00
Todd C. Miller
923edabe6c Convert sudo to use BSD TAILQ macros instead of home ground tail 
queue functions.  This includes a private queue.h header derived
from FreeBSD.  It is simpler to just use our own header rather than
try to deal with macros that may or may not be present in various
queue.h incarnations.
 2013-10-22 09:00:37 -06:00
Todd C. Miller
4d6cb6efff Fix pasto; sudo_sss_extract_digest() not sudo_ldap_extract_digest(). 
From Dan Harnett.
 2013-07-09 10:35:26 -06:00
Todd C. Miller
cc3c76b85d Add digest support for sudoers in ldap and sss. 2013-04-16 16:03:37 -04:00
Todd C. Miller
35375a2b7e Initial implementation of checksum support in sudoers. 
Currently supports SHA-224, SHA-256, SHA-384, SHA-512.
TODO: checksum format validation in parser and base64 support.
      checksum support for ldap sudoers
 2013-04-14 07:00:21 -04:00
Todd C. Miller
236f306a2b Start warning with a lower case letter for consistency and to match 
existing translated strings.
 2013-04-11 06:38:12 -04:00
Todd C. Miller
1da8739c38 Use userpw_matches() for username matching so #uid works for 
sudoRunAsUser.
 2013-02-21 07:03:52 -05:00
Todd C. Miller
b929dd3c46 Avoid calling realloc3() with a zero size parameter when all retrieved 
sssd rules fail.  Otherwise we'll get a run-time error due to
malloc(0) checking.
 2013-02-21 07:01:53 -05:00
Todd C. Miller
c80603eace Do not send error mail if a user is not found in SSSD. Local users 
can run sudo too.  From Nikolai Kondrashov
 2013-02-21 06:54:30 -05:00
Todd C. Miller
1d7072fe09 Don't include <sys/param.h>. We only needed it for MAXPATHLEN, 
MAXHOSTNAMELEN and the MIN/MAX macros.  We now use PATH_MAX and
HOST_NAME_MAX throughout without falling back on MAXPATHLEN or
MAXHOSTNAMELEN and define our own MIN/MAX macros as needed.
 2012-12-04 10:40:47 -05:00
Todd C. Miller
7b3d268687 Call gettext() on parameters for warning()/warningx() instead of 
having warning() do it for us.
 2012-11-25 09:34:04 -05:00
Todd C. Miller
595d3b2651 Display warning/error messages in the user's locale. 2012-11-08 15:37:44 -05:00
Todd C. Miller
d89b1a6be2 Support for using SSSD (http://fedorahosted.org/sssd/) as a sudoers 
data source.  From Daniel Kopecek and Pavel Brezina.
 2012-08-10 11:59:26 -04:00