isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
9,310 Commits 1 Branch 0 Tags
901b2666fc2958852acf3a4868ad3c27ffb69601
Commit Graph

9310 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
6e22da3412 In open_cmnd(), return true, not false, if we the /dev/fd/N pathname 
is not present.  We don't want to fail a match because of this.
 2018-04-23 14:42:35 -06:00
Todd C. Miller
3f1ec0c5fd Bug #831. 2018-04-23 11:01:49 -06:00
Todd C. Miller
def2e761e3 We can only use fexecve() on a script if /dev/fd/N exists. 
Some systems, such as FreeBSD, don't have /dev/fd mounted
by default.  Bug #831
 2018-04-23 10:54:51 -06:00
Todd C. Miller
16093ee8d9 sync with translationproject.org 2018-04-22 06:58:53 -06:00
Todd C. Miller
388ef262de sync with translationproject.org 2018-04-21 13:56:36 -06:00
Todd C. Miller
c64e57dad5 Add tests for round-tripping cvtsudoers, sudoers -> LDIF -> sudoers 
and LDIF -> sudoers -> LDIF.
 2018-04-21 06:23:02 -06:00
Todd C. Miller
48f74db604 Test the -b option when converting from LDIF. 2018-04-19 09:24:08 -06:00
Todd C. Miller
e1392cd28a Fix the -b option when converting from LDIF. 2018-04-19 09:23:45 -06:00
Todd C. Miller
109160df35 sync with translationproject.org 2018-04-18 21:14:10 -06:00
Todd C. Miller
3dd7d96933 Fix some more typos. 2018-04-18 14:25:11 -06:00
Todd C. Miller
93a8ddca2b mandoc now preserves the copyright notice, no need to do it ourselves 2018-04-18 14:24:51 -06:00
Todd C. Miller
1e26c6043e Describe the special handling of LOGNAME, USER and USERNAME. 
Fix typos reported by aspell.
 2018-04-18 14:14:47 -06:00
Todd C. Miller
8eccfbd7bd Fix a memory leak on the error path. 2018-04-18 10:09:22 -06:00
Todd C. Miller
3194a00e9e Document that the editor setting is also used by sudoedit. 2018-04-18 09:40:48 -06:00
Todd C. Miller
18e06825fb Plug memory leak when an I/O plugin is specified in sudo.conf 
but the I/O plugin is not configured.
 2018-04-17 13:41:44 -06:00
Todd C. Miller
523f0eeeab Monty Python insults from Philip Hudson 2018-04-17 07:10:43 -06:00
Todd C. Miller
f9994f79d7 add examples 2018-04-15 17:06:26 -06:00
Todd C. Miller
43ea752ded Update copyright year and regen man pages. 2018-04-15 16:43:06 -06:00
Todd C. Miller
9de8a0bd05 sync with translationproject.org 2018-04-15 08:21:40 -06:00
Todd C. Miller
4be8aba9f8 cvtsudoers regress tests 2018-04-15 08:14:46 -06:00
Todd C. Miller
1bfe03000d Prune alias contents when pruning and expanding aliases. 
This abuses the userlist_matches_filter() and hostlist_matches_filter()
functions.  A better approach would be to call the correct function
from user_matches() and host_matches().
 2018-04-15 08:14:46 -06:00
Todd C. Miller
f8f0c16c73 Fix typo 2018-04-14 19:54:54 -06:00
Todd C. Miller
d85e244c6c Fix cut & pasto that prevented "-d command" from working. 2018-04-14 06:13:44 -06:00
Todd C. Miller
38ff661621 Fix a user after free crash as well as a memory leak when filtering 
Defaults.
 2018-04-13 10:49:05 -06:00
Todd C. Miller
c1accd4b48 Document that a User_Alias or Host_Alias may be used in the match filter. 2018-04-12 06:29:41 -06:00
Todd C. Miller
df7a6ea4e8 Don't always expand aliases when formatting a host-based Defaults 
line.  This was missed when expand_aliases support was added.
 2018-04-12 06:25:35 -06:00
Todd C. Miller
2b2565b2c3 Allow host and user aliases to be specified in match filters. 2018-04-12 06:21:20 -06:00
Todd C. Miller
aa900c0f24 Update copyright year. 2018-04-12 05:13:49 -06:00
Todd C. Miller
7a3472cb07 sync with translationproject.org 2018-04-10 16:07:42 -06:00
Todd C. Miller
9e91d3f451 When the -d option is used, remove aliases used by the non-converted 
Defaults settings if the aliases are not also referenced by userspecs.
 2018-04-09 11:13:33 -06:00
Todd C. Miller
8c64cd97d2 regen 2018-04-05 07:00:25 -06:00
Todd C. Miller
9e0c75135e update 2018-04-05 06:34:49 -06:00
Todd C. Miller
0b7abea168 Mention -p and -M options in the description of -m. 2018-04-05 06:34:22 -06:00
Todd C. Miller
5ae557e308 Check sudoedit temporary directory for writability before using it. 2018-04-04 21:05:59 -06:00
Todd C. Miller
512e0be834 Use btime in /proc/stat to determine system start time instead of 
/proc/uptime.  Fixes the process start time test when run from a
container where /proc/uptime is the uptime of the container but the
process start time is relative to the host system boot time.
Bug #829
 2018-04-04 11:28:53 -06:00
Todd C. Miller
7663ae7b27 Add option to prune non-matching entries from cvtsudoers output with -m 
option is used.
 2018-04-04 09:51:05 -06:00
Todd C. Miller
5c1d9899e1 Allow defaults types and suppression list to be specified in 
the config file.
 2018-04-02 07:41:56 -06:00
Todd C. Miller
18ba38ef4c Refactor common alias code out of cvtsudoers and visudo and into alias.c. 2018-04-02 07:41:09 -06:00
Todd C. Miller
dbd5613b1a Avoid NULL deref in an error path. CID 183467 2018-03-29 18:53:53 -06:00
Todd C. Miller
18371cacba No need to initialize the last pointer passed to strtok_r(). 
This was originally added to appease newer gcc but no longer
seems to be required.  CID 183466, CID 183468, CID 183469
 2018-03-29 18:53:51 -06:00
Todd C. Miller
6f66216441 Avoid false positive NULL dereference by uses value.u.string 
instead of name as the former is guaranteed not to be NULL.
Fixes CID 183465.
 2018-03-29 18:53:50 -06:00
Todd C. Miller
b4b5243bff regen 2018-03-29 10:20:26 -06:00
Todd C. Miller
e7ba359abf Add a section on convertion from file-based sudoers. 2018-03-29 07:13:31 -06:00
Todd C. Miller
dd545f38ca Add support for "cvtsudoers -d all" 2018-03-28 17:43:58 -06:00
Todd C. Miller
aa402cdc3c Add -d option to control what type of Defaults entries are converted. 2018-03-28 08:33:07 -06:00
Todd C. Miller
a42cf67acb In pty_close() we still need to check whether the pty master and 
slave fds are open before closing them.  When no tty is present but
we are I/O logging pty_close() will be called when there is no
actual pty in use.
 2018-03-27 16:00:08 -06:00
Todd C. Miller
809c15d165 regen 2018-03-27 15:57:02 -06:00
Todd C. Miller
693cdbd96e ignore *.ldif2sudo regress output 2018-03-26 10:36:29 -06:00
Todd C. Miller
2336496347 In pty_close() there is no need to remove events associated with 
the pty slave as there are none.  We also don't need to check for
the pty fds being -1 since they are not closed elsewhere and
pty_close() is only called if pty_setup() succeeds.
 2018-03-26 06:28:23 -06:00
Todd C. Miller
5e7ff154be Move cvtsudoers to section 1. 2018-03-25 16:16:48 -06:00