Commit Graph

251 Commits

Author SHA1 Message Date
Todd C. Miller
ce63ab5069 If tty_tickets is enabled and there is no tty, prompt for a password.
Do not lecture user for "sudo -k command" if user has a timestamp.
2009-12-19 23:04:58 +00:00
Todd C. Miller
ab72e242ba refactor group member checking into user_in_group() 2009-12-12 16:12:26 +00:00
Todd C. Miller
b8239bb34c Add support for mbr_check_membership() as present in darwin. 2009-12-12 15:37:52 +00:00
Todd C. Miller
600ce3dfa6 Treat timestamp files from before we booted as old. Idea from and
Apple patch.
2009-12-10 16:59:27 +00:00
Todd C. Miller
62b89f9dfc Update copyright years. 2009-05-25 12:02:42 +00:00
Todd C. Miller
15975b83ce Allow the -k flag to be specified in conjunction with a command or
another option that may require authentication.
2009-02-24 13:04:39 +00:00
Todd C. Miller
b18eede622 Even if neither stdin nor stdout are ttys we may still have /dev/tty
available to us.
2008-11-25 17:01:34 +00:00
Todd C. Miller
3cc3114d92 Move tty checks into check_user() so we only do them if we actually
need a password.
2008-11-11 18:28:08 +00:00
Todd C. Miller
c352187cf8 Add -n (non-interactive) flag. 2008-03-18 20:04:41 +00:00
Todd C. Miller
ee04914164 Add support for running a helper program to read the password when
no tty is present (or when specified with the -A flag).  TODO: docs.
2008-03-02 14:31:57 +00:00
Todd C. Miller
43f7408607 user_runas -> runas_pw 2008-01-06 00:09:18 +00:00
Todd C. Miller
0fc0e3c86d Add and document the %p escape in the password prompt.
Based on a patch from Patrick Schoenfeld.
2008-01-05 23:59:28 +00:00
Todd C. Miller
f9f4aca556 Add support for runas groups. This allows the user to run a command
with a different effective group.  If the -g option is specified
without -u the command will be run as the current user (only the
group will change).  the -g and -u options may be used together.
TODO: implement runas group for ldap
      improve runas group documentation
      add testsudoers support
2007-11-21 20:12:00 +00:00
Todd C. Miller
6f1a9c0bc9 Do not update timestamp if user not validated by sudoers. 2007-07-06 18:51:43 +00:00
Todd C. Miller
af53e335a1 don't check timestamp mtime if we are just going to remove it 2007-07-06 13:49:41 +00:00
Todd C. Miller
50004e00b8 Fix fd leak when lecture file option is enabled. From Jerry Brown 2005-11-11 16:22:58 +00:00
Todd C. Miller
3bb5c181b0 Move declatation of struct timespec to its own include files for
systems without it since it needs time_t defined.
2005-06-23 03:04:35 +00:00
Todd C. Miller
c7ea24f2cc Add explicit cast from mode_t -> u_int in printf to silence warnings on Solaris 2005-04-24 23:24:58 +00:00
Todd C. Miller
304dc46d7f Add efree() for consistency with emalloc() et al. Allows us to rely
on C89 behavior (free(NULL) is valid) even on K&R.
2005-03-29 14:29:47 +00:00
Todd C. Miller
cc84c41fbe Fix some printf format mismatches on error. 2005-02-12 23:46:13 +00:00
Todd C. Miller
778d587063 Update copyright years. 2005-02-12 22:56:07 +00:00
Todd C. Miller
3b8b88407f Add __unused to rcsids 2005-01-27 15:42:30 +00:00
Todd C. Miller
2c2daa8eca Use: #include <config.h>
Not: #include "config.h"
That way we get the correct config.h when build dir != src dir
2004-11-19 18:39:14 +00:00
Todd C. Miller
9846e562ad Implement group caching and use the passwd and group caches throughout. 2004-11-16 04:24:11 +00:00
Todd C. Miller
51375f969f Add local error/warning functions like err/warn but that call an additional
cleanup routine in the error case.  This means we no longer need to compile
a special version of alloc.o for visudo.
2004-11-15 15:53:53 +00:00
Todd C. Miller
0f056c0d5f Use timespec throughout. 2004-09-08 15:48:23 +00:00
Todd C. Miller
7f772c822f Add an extra param to touch() for nsec 2004-09-07 19:55:37 +00:00
Todd C. Miller
1c20ff1a6d Use utimes() and futimes() instead of utime() in touch(), emulating as needed.
Not all systems are able to support setting the times of an fd so touch()
takes both an fd and a file name as arguments.
2004-09-07 17:14:52 +00:00
Todd C. Miller
31f98d84df Don't ask for a password if invoking user == target user. 2004-06-10 20:19:38 +00:00
Todd C. Miller
ba803b6e1b Remove trailing spaces, no actual code changes. 2004-06-06 23:58:09 +00:00
Todd C. Miller
d33ad95208 Use PATH_MAX, not MAXPATHLEN since the former is standardized. 2004-06-01 01:22:27 +00:00
Todd C. Miller
51c9ed3198 Preliminary changes to support nsr-tandem-nsk. Based on patches from
Tom Bates.
2004-05-17 20:08:46 +00:00
Todd C. Miller
5b217d36a3 More to a less restrictive, ISC-style license. 2004-02-13 21:36:43 +00:00
Todd C. Miller
e404f54c23 Add Stan Lee / Uncle Ben quote to the lecture from RedHat 2004-01-16 23:16:24 +00:00
Todd C. Miller
9eba370a09 Update copyright year 2004-01-05 01:13:50 +00:00
Todd C. Miller
b289f73870 Add a new option, lecture_file, that can be used to point to a custom
sudo lecture.
2004-01-05 01:12:22 +00:00
Todd C. Miller
02f37dc2da Add support for tuples in def_data.in; these are implemented as an
enum type.  Currently there is only a single tuple enum but in the
future we may have one tuple enum per T_TUPLE entry in def_data.in.
Currently listpw, verifypw and lecture are tuples.  This avoids the
need to have two entries (one ival, one str) for pwflags and syslog
values.

lecture is now a tuple with the following values: never, once, always

We no longer use both an int and string entry for syslog facilities
and priorities.  Instead, there are logfac2str() and logpri2str()
functions that get used when we need to print the string values.
2003-12-30 22:31:30 +00:00
Todd C. Miller
6ad252765b Create def_* macros for each defaults value so we no longer need
the def_{flag,ival,str,list,mode} macros (which have been removed).
This is a step toward more flexible data types in def_data.in.
2003-12-30 22:20:21 +00:00
Todd C. Miller
6c51ebd37a add DARPA credit on affected files 2003-04-16 00:42:09 +00:00
Todd C. Miller
dcf1a5acce Use warn/err and getprogname() throughout. The main exception is
openlog().  Since the admin may be filtering logs based on the
program name in the log files, hard code this to "sudo".
2003-04-02 18:25:30 +00:00
Todd C. Miller
f761cef5c8 oflow detection in expand_prompt() was faulty (false positives).
The count was based on strlcat() return value which includes the
length of the entire string.
2003-04-01 14:58:55 +00:00
Todd C. Miller
48229cbac6 update copyright year 2003-03-15 20:31:02 +00:00
Todd C. Miller
b18a141ae9 Cast [ug]ids to unsigned long and printf with %lu 2003-03-15 20:19:58 +00:00
Todd C. Miller
eebc763bd3 Use strlc{at,py} for paranoia's sake and exit on overflow. In all
cases the strings were either pre-allocated to the correct size of
length checks were done before the copy but a little paranoia can
go a long way.
2003-03-13 20:00:45 +00:00
Todd C. Miller
0b0f8d6d32 Add %U and %H escapes and redo prompt rewriting. "%%" now gets collapsed
to "%" as was originally intended.  This also gets rid of lastchar (does
lookahead instead of lookback) which should simplify the logic slightly.
2002-12-14 19:15:30 +00:00
Todd C. Miller
982218c343 Don't call set_perms() when doing timestamp stuff unless timestamp_uid != 0. 2002-05-05 00:45:51 +00:00
Todd C. Miller
c289159953 g/c second arg to set_perms--it is no longer used 2002-05-05 00:43:38 +00:00
Todd C. Miller
a30951d34c Add support for non-root timestamp dirs. This allows the timestamp
dir to be shared via NFS (though this is not recommended).
2002-05-03 22:48:17 +00:00
Todd C. Miller
db63aefb21 The the loop used to expand %h and %u, the lastchar variable was not being
initialized.  This means that if the last char in the prompt is '%' and the
first char is 'h' or 'u' a extra copy of the host or user name would be
copied, for which space had not been allocated.
2002-04-25 15:30:12 +00:00
Todd C. Miller
46dd419cd9 o Reorder some headers and use STDC_HEADERS define properly
o Update copyright year
2001-12-14 19:52:47 +00:00