isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
9,492 Commits 1 Branch 0 Tags
91b6d71a042ceeb2c5d458d37fa72f0c0bdeb79c
Commit Graph

9492 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
b2f7983c84 Fix setting of utmp entry when running command in a pty. 
Regression introduced in sudo 1.8.22.
 2019-01-02 07:39:33 -07:00
Todd C. Miller
efe35e5b1e Use debug_return_int not debug_return_bool in resolve_host 2018-12-24 20:31:26 -07:00
Todd C. Miller
24b0da367b sudo 1.8.27 2018-12-24 10:09:35 -07:00
Todd C. Miller
dc9338ffe7 Allow the sudoers file to be specified without the -f option. 
Bug #864
 2018-12-24 08:26:18 -07:00
Todd C. Miller
7d5b0064af The iolog_dir section is below the maxseq section, not above. 2018-12-20 06:57:05 -07:00
Todd C. Miller
3d84150736 Updated translations from translationproject.org 2018-12-12 10:47:01 -07:00
Todd C. Miller
72050203bc Add -n and -R options to help; reported by Radovan Sroka 2018-12-11 09:17:15 -07:00
Todd C. Miller
258c7d4dd0 Add missing description of padding option and missing argument to -c. 2018-12-11 09:12:06 -07:00
Todd C. Miller
142b370c1f The -c option was missing from the help info; from Radovan Sroka 2018-12-11 09:05:04 -07:00
Todd C. Miller
04a4b3c1fc Fix some typos; reported by Radovan Sroka 2018-12-11 09:02:30 -07:00
Todd C. Miller
5242773489 In sudo_pam_approval(), for the exempt case, only overwrite pam 
status when the passwd is expired or needs to be updated.
 2018-12-08 08:10:04 -07:00
Todd C. Miller
4125808a85 The fix for bug #843 was incomplete and caused pam_end() to be called early. 
sudo_pam_approval() must not set the global pam status to an error
value if it returns AUTH_SUCCESS.  Otherwise, sudo_pam_cleanup()
will call pam_end() before sudo_pam_begin_session().  This resulted
in a NULL PAM handle being used in sudo_pam_begin_session().
 2018-12-07 09:51:34 -07:00
Todd C. Miller
e91e5ee820 Don't run the command in a pty if no I/O plugins are logging anything. 
That way an I/O plugin that doesn't actually log anything won't cause
the command to be run in a pty.
 2018-12-05 10:43:14 -07:00
Todd C. Miller
83fd48a75c Update ignore patterns to match doc changes. 2018-11-29 08:49:58 -07:00
Todd C. Miller
85dd1747cf fix mode fixmdoc.sed 2018-11-29 08:47:42 -07:00
Todd C. Miller
b8ba372227 Fix section in the .TH line of *.man.in file. 
The substitution for @mansectsu@ and @mansectform@ was broken.
No longer need to strip out OpenBSD from the header line.
 2018-11-27 13:15:08 -07:00
Todd C. Miller
e0d2dc61eb Add sudoers.man.in.sed, missed from previous commit. 2018-11-27 08:33:51 -07:00
Todd C. Miller
168a7ca110 Add Guillem Jover 2018-11-27 08:27:23 -07:00
Todd C. Miller
8964dd5d20 recent changes 2018-11-27 08:26:08 -07:00
Todd C. Miller
e010706ede Use roff conditionals in the manuals instead of post-processing. 
We still need to process the resulting .man.in files to add back
the conditionals but this should be easier to debug as the changes
are visible in the .in file.
Some minor postprocessing is still used to make the manuals HP-UX
friendly and to change "0 seconds" -> unlimited after substitution.
 2018-11-27 08:14:15 -07:00
Todd C. Miller
23006c72c7 Sudo plugin manual updates and clarification from Guillem Jover: 
- Add missing return information for show_version().
- Fix prototypes for several function pointers.
- Update SUDO_API_VERSION_MINOR.
- Add missing references to log_suspend() and change_winsize().
- Add missing "array.".
- Clarify that argc can be zero on sudo -V.
- Clarify size requirements for conversation array arguments.
- Clarify timeout zero value for struct sudo_conv_message.
- Clarify initial and final state of reply in struct sudo_conv_reply.
 2018-11-24 08:39:09 -07:00
Todd C. Miller
7c0019d2a5 Revert changes to give arguments to the .Bx macro. 
This is intended for things like .Bx 4.3 to generate "4.3BSD" so
the argument ends up before the BSD, not after.  Just go back to
using "BSD authentication" and "BSD login classes" so fixmdoc.sh
can operate correctly.  Bug #861
 2018-11-24 08:34:03 -07:00
Todd C. Miller
0679f4529c Update fixmdoc.sh to match the BSD -> .Bx changes in the manuals. 
Bug #861
 2018-11-23 06:42:23 -07:00
Todd C. Miller
ecd9688818 Add support for utmps as found in HP-UX. 2018-11-18 07:45:43 -07:00
Todd C. Miller
716aa6e4ab Support st_nmtime in struct stat as found in HP-UX. 2018-11-14 13:37:46 -07:00
Todd C. Miller
7c5469264d If fcntl fails, fall back to the /proc implementation. 2018-11-14 13:37:45 -07:00
Todd C. Miller
4f5acff6eb Mention schema.olcSudo 2018-11-12 08:31:02 -07:00
Todd C. Miller
5f5d4a285c Mention schema.olcSudo here too. 2018-11-09 11:02:34 -07:00
Todd C. Miller
5e098a782d OpenLDAP schema file for Sudo in on-line configuration (OLC) format. 
From Frederic Pasteleurs.
 2018-11-09 10:38:49 -07:00
Todd C. Miller
d6c2c53688 Updated translations from translationproject.org 2018-11-09 10:15:35 -07:00
Todd C. Miller
537a2f9773 Only use closefrom_fallback() if no better method exists. 
The previous logic was too fragile.
 2018-11-08 15:17:39 -07:00
Todd C. Miller
733669ec38 Updated translations from translationproject.org 2018-11-07 11:21:05 -07:00
Todd C. Miller
cad10fbd2e Portuguese translation for sudo and sudoers from translationproject.org. 2018-11-07 11:20:27 -07:00
Todd C. Miller
cdd5bb32eb Add sudo_gai_fatal, sudo_gai_vfatal, sudo_gai_vwarn, sudo_gai_warn 
and gai_log_warning that use gai_strerror() instead of strerror().
 2018-11-05 09:08:05 -07:00
Todd C. Miller
cfa4879dbd Fix memory leak in runaslist_matches(). 2018-10-31 10:03:02 -06:00
Todd C. Miller
c88b859853 typo 2018-10-29 09:23:25 -06:00
Todd C. Miller
9c2f4b8f19 regen 2018-10-29 08:32:36 -06:00
Todd C. Miller
9378808b3a More updates for 1.8.26 2018-10-29 06:19:59 -06:00
Todd C. Miller
1fe582a0e3 Add support for negated sudoRunAsUser and sudoRunAsGroup entries. 2018-10-28 15:46:27 -06:00
Todd C. Miller
fb015fac1b Document that the target user's groups may be specified via the -g option. 2018-10-27 12:52:17 -06:00
Todd C. Miller
03c56db408 Include getpwent() version of sudo_getgrouplist2_v1() from getgrouplist.c 2018-10-27 12:10:43 -06:00
Todd C. Miller
0398996b39 Use a testsudoers group file with known contents instead of the system one. 2018-10-27 10:57:37 -06:00
Todd C. Miller
391ed95f50 Allow the group set by "sudo -g" to be any of the target user's groups. 
Previously, this was only allowed if the group matched the target
user's primary group ID (from the passwd database entry).
The sudoers policy will now allow the group if it is one of the
target user's supplemental groups as well.
 2018-10-27 06:37:34 -06:00
Todd C. Miller
ffe2041a02 Skip sudo_getgrouplist2() check on systems with getgrouplist_2(). 
sudo_getgrouplist2() is just a wrapper on such systems and this
avoids a test failure on macOS where a user is automatically a
member of certain groups.
 2018-10-26 11:11:58 -06:00
Todd C. Miller
e22410ba64 Add missing exported symbol sudo_term_eof 2018-10-26 10:45:12 -06:00
Todd C. Miller
0597969301 Add missing #ifdef LDAP_OPT_X_TLS_REQUIRE_CERT 
Fixes problems building on older LDAP sdks.
 2018-10-26 10:34:16 -06:00
Todd C. Miller
5eb0fbd076 add getgrouplist_test.c 2018-10-26 10:26:27 -06:00
Todd C. Miller
a3cb22b467 Check the user's primary gid from the passwd file too. 2018-10-26 10:24:38 -06:00
Todd C. Miller
06035f193e ignore prologue 2018-10-26 10:10:52 -06:00
Todd C. Miller
6c3d20cb41 Convert PVS-Studio comment to ANSI C. 2018-10-26 08:39:09 -06:00