isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
9,310 Commits 1 Branch 0 Tags
901b2666fc2958852acf3a4868ad3c27ffb69601
Commit Graph

159 Commits

Author SHA1 Message Date
Todd C. Miller
23b7a1fa5c Call the policy's init_session() function before we fork the child. 
That way, the session is created and destroyed in the same process,
which is needed by some modules, such as  pam_mount.
 2012-04-23 16:38:16 -04:00
Todd C. Miller
cf4562c031 Delete creds after closing the PAM session. 2012-04-23 16:11:49 -04:00
Todd C. Miller
dfc90ff0b1 Instead of treating ^C from tgetpass() specially, always 
return AUTH_INTR if tgetpass() returned NULL.
Treat PAM_AUTHINFO_UNAVAIL like PAM_AUTH_ERR which Mac OS X
returns this when there is no tty.
 2012-04-11 19:51:56 -04:00
Todd C. Miller
44ce5720de Remove the NO_EXIT flag to log_error() and add a log_fatal() function 
that exits and is marked no_return.  Fixes false positives from
static analyzers and is easier for humans to read too.
 2012-03-26 10:59:14 -04:00
Todd C. Miller
6d10909949 Pass a pointer to user_env in to the init_session policy plugin 
function so session setup can modify the user environment as needed.
For PAM authentication, merge the PAM environment with the user
environment at init_session time.  We no longer need to swap in the
user_env for environ during session init, nor do we need to disable
the env hooks at init_session time.
 2012-03-15 09:18:36 -04:00
Todd C. Miller
37770ecf1e Initial cut at a hooks implementation. The plugin can register 
hooks for getenv, putenv, setenv and unsetenv.  This makes it
possible for the plugin to trap changes to the environment made by
authentication methods such as PAM or BSD auth so that such changes
are reflected in the environment passed back to sudo for execve().
 2012-03-07 16:35:42 -05:00
Todd C. Miller
241b1db873 Add --enable-kerb5-instance configure option to allow people using 
Kerberos V authentication to use a custom instance.  Adapted from
a diff by Michael E Burr.
 2012-01-05 15:39:05 -05:00
Todd C. Miller
db3fd558be Remove inaccurate comment 2011-12-02 14:41:32 -05:00
Todd C. Miller
199eeb38d4 Fetch the login class for the user we authenticate specifically when 
using BSD authentication.  That user may have a different login class
than what we will use to run the command.  When setting the login
class for the command, use the target user's struct passwd, not
the invoking user's.  Fixes bug 526
 2011-12-02 14:29:54 -05:00
Todd C. Miller
21a2f95821 Use stdbool.h instead of rolling our own TRUE/FALSE macros. 2011-12-02 11:27:33 -05:00
Todd C. Miller
dd2fcf16d6 Fix typo, return_debug vs. debug_return 2011-11-29 14:41:00 -05:00
Todd C. Miller
5c29710f35 Remove obsolete securid auth method. 2011-11-13 11:54:06 -05:00
Todd C. Miller
6fd3e03857 Prefix authentication functions with a "sudo_" prefix to avoid 
namespace problems.
 2011-11-13 11:46:39 -05:00
Todd C. Miller
c86561e502 Remove the old Kerberos IV support 2011-11-13 09:12:43 -05:00
Todd C. Miller
839919566e Add debug_decl/debug_return (almost) everywhere. 
Remove old sudo_debug() and convert users to sudo_debug_printf().
 2011-10-22 14:40:21 -04:00
Todd C. Miller
1e93d1fbb6 Make sudo_auth_{init,cleanup} return TRUE on success and check for 
sudo_auth_init() return value in check_user().
 2011-09-27 15:41:22 -04:00
Todd C. Miller
4540a7525e Do not return without restoring permissions. 2011-09-27 15:22:08 -04:00
Todd C. Miller
bceb5df158 Modify the authentication API such that the init and cleanup functions 
are always called, regardless of whether or not we are going to
verify a password.  This is needed for proper PAM session support.
 2011-09-27 13:18:46 -04:00
Todd C. Miller
c5f8dc95c6 Fix a PAM_USER mismatch in session open/close. We update PAM_USER 
to the target user immediately before setting resource limits, which
is after the monitor process has forked (so it has the old value).
Also, if the user did not authenticate, there is no pamh in the
monitor so we need to init pam here too.  This means we end up
calling pam_start() twice, which should be fixed, but at least the
session is always properly closed now.
 2011-09-27 11:13:44 -04:00
Todd C. Miller
7f4a0d095e Fix loop that calls authenticate(). 
If there was an error message from authenticate(), display it.
 2011-08-12 11:02:53 -04:00
Todd C. Miller
42a3966a88 Minor warning/error cleanup 2011-05-18 13:44:36 -04:00
Todd C. Miller
fce0b906eb cannot -> "unable to" in warning/error messages 2011-05-18 12:41:06 -04:00
Todd C. Miller
d006b00a4f Fix gettext marker. 2011-05-16 16:44:11 -04:00
Todd C. Miller
15bc74bd67 Include libint.h where needed. 2011-05-16 16:37:11 -04:00
Todd C. Miller
b643b190a7 Prepare sudoers module messages for translation. 2011-05-16 16:32:05 -04:00
Todd C. Miller
7708d5ce84 For AIX, keep calling authenticate() until reenter reaches 0. 2011-05-16 12:17:49 -04:00
Todd C. Miller
96b7c1f0f4 Add initial scaffolding to support localization via gettext() 2011-05-04 15:26:31 -04:00
Todd C. Miller
435d8413b5 Fix SIA support; we no longer have access to the real argc and argv 
so allocate space for a fake one and use the argv passed to the
plugin with "sudo" for argv[0].
 2011-04-26 09:51:34 -04:00
Todd C. Miller
233d90f2c3 Add check for NetBSD-style 4-argument skeychallenge() as Gentoo also 
has this.  Adapted from a patch from Diego Elio Petteno
 2011-04-06 10:08:57 -04:00
Todd C. Miller
53da5e8cdf Update copyright years. 2011-03-11 15:34:35 -05:00
Todd C. Miller
ae2f7638f5 standardize on "return foo;" rather than "return(foo);" or "return (foo);" 2011-01-24 15:15:18 -05:00
Todd C. Miller
4527bdd9b4 Use %u to print uid/gid, not %lu and adjust casts to match. 2010-11-30 15:21:36 -05:00
Todd C. Miller
6a52054147 If pam_acct_mgmt() returns PAM_AUTH_ERR print a (hopefully) more useful 
message and return AUTH_FATAL so sudo does not keep trying to validate
the user.
 2010-10-11 09:12:23 -04:00
Todd C. Miller
10c3bb62c4 Make local includes consistent; use double quotes for local includes 
except for generated ones where we use angle brackets.
Also g/c unused compat.h.
 2010-09-07 16:45:19 -04:00
Todd C. Miller
6ce5c4cd97 If the user hits ^C while a password is being read, error out before 
reading any further passwords in the pam conversation function.
Otherwise, if multiple PAM auth methods are required, the user will
have to hit ^C for each one.
 2010-08-14 10:18:49 -04:00
Todd C. Miller
d2cc4740c1 For non-standalone auth methods, stop reading the password if the 
user enters ^C at the prompt.
 2010-08-06 17:16:57 -04:00
Todd C. Miller
96cb890d53 No need to look up shadow password unless we are doing password-style 
authentication.  This moves the shadow password lookup to the auth
functions that need it.
 2010-08-06 13:55:33 -04:00
Todd C. Miller
efbc7f1d57 Only set PAM_RHOST for Solaris, where it is needed to avoid a bug. 
On Linux it causes a DNS lookup via libaudit.
 2010-07-13 08:56:31 -04:00
Todd C. Miller
d9de7b5f8e Add support for a sudo-i pam.d file to be used for "sudo -i". 
Adapted from a RedHat patch.
 2010-07-12 17:57:53 -04:00
Todd C. Miller
30fe4a067c Set usrinfo for AIX 
Set adminstrative domain for the process when looking up user's
    password or group info and when preparing for execve().
Include strings.h even if string.h exists since they may define
    different things.  Fixes warnings on AIX and others.
 2010-06-29 13:08:05 -04:00
Todd C. Miller
8e26312539 Convert to ANSI C function declarations 2010-06-14 12:30:21 -04:00
Todd C. Miller
b72a530fd0 Update copyright year 2010-06-14 12:19:49 -04:00
Todd C. Miller
e146aaaa29 Fix visiblepw sudoers option; the plugin API portion still needs documenting 2010-06-10 15:02:32 -04:00
Todd C. Miller
a4a6620b24 Add SUDO_CONV_PROMPT_MASK define which corresponds to the "pwfeedback" 
sudoers option.  Do not disable echo if TGP_ECHO is set.
 2010-06-09 10:31:05 -04:00
Todd C. Miller
426435c12c If pam_open_session() fails, pass its status to pam_end. 2010-06-08 16:54:04 -04:00
Todd C. Miller
41436a7869 Fix OpenPAM detection for newer versions. 2010-06-02 10:33:02 -04:00
Todd C. Miller
34e1a06767 Use sudo_printf to display verbose version information. 2010-05-28 12:01:06 -04:00
Todd C. Miller
b2ed46652b Clean up the sudoers auth API a bit and update the docs. 2010-05-27 14:53:11 -04:00
Todd C. Miller
7e6d1d1f7d Add init_session function to struct policy_plugin that gets called 
before the uid/gid/etc changes.  A struct passwd pointer is passed in,which may be NULL if the user does not exist in the passwd database.The sudoers module uses init_session to open the pam session as needed.
 2010-05-27 14:46:39 -04:00
Todd C. Miller
27be96c9cd Add open/close session to sudo auth, only used by PAM. 
This allows us to open (and close) the PAM session from sudoers.
 2010-05-26 17:57:47 -04:00