isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7,018 Commits 1 Branch 0 Tags
923edabe6c0860fe7ea9350030f72ddc41c1df6c
Commit Graph

27 Commits

Author SHA1 Message Date
Todd C. Miller
923edabe6c Convert sudo to use BSD TAILQ macros instead of home ground tail 
queue functions.  This includes a private queue.h header derived
from FreeBSD.  It is simpler to just use our own header rather than
try to deal with macros that may or may not be present in various
queue.h incarnations.
 2013-10-22 09:00:37 -06:00
Todd C. Miller
99352d6738 Rename error.h -> fatal.h now that there is no error() function. 2013-08-15 14:24:29 -06:00
Todd C. Miller
d9fd6281e4 Allow default plugin dir to be configured in sudo.conf. 2013-08-13 12:24:28 -06:00
Todd C. Miller
9b2fb418ca Don't allow max_groups to be set to zero, it just complicates things 
needlessly.  Fixes an assertion in visudo when there is a group-based
Defaults entry.
 2013-08-12 09:14:38 -06:00
Todd C. Miller
7f32d1ca4c Make sesh path configurable in sudo.conf 2013-03-14 16:49:42 -04:00
Todd C. Miller
a17fb1de71 Fix atobool() usage. 2013-02-20 15:48:12 -05:00
Todd C. Miller
0c40e82c16 Add simple regress tests for sudo.conf parsing. 2013-02-15 14:42:10 -05:00
Todd C. Miller
67fed118b6 Add max_groups setting to sudo.conf (currently unused) and remove 
unused return value from setters.
 2013-02-14 13:34:33 -05:00
Todd C. Miller
7aae6bd6e3 Add line continuation support to sudo_parseln() and make it use 
getline() instead of fgets() internally.
 2013-02-07 10:56:01 -05:00
Todd C. Miller
630b47e22f Add group_source setting in sudo.conf to allow the admin to specify 
how a user's groups are looked up.  Legal values are static (just
the kernel list from getgroups), dynamic (whatever the group database
includes) and adaptive (only use group db if kernel group list is
full).
 2013-01-27 13:53:11 -05:00
Todd C. Miller
ef8e141248 Ignore duplicate entries in sudo.conf and report the line number 
when there is an error.  Warn, don't abort if there is more than
one policy plugin.
 2013-01-23 06:33:53 -05:00
Todd C. Miller
1d7072fe09 Don't include <sys/param.h>. We only needed it for MAXPATHLEN, 
MAXHOSTNAMELEN and the MIN/MAX macros.  We now use PATH_MAX and
HOST_NAME_MAX throughout without falling back on MAXPATHLEN or
MAXHOSTNAMELEN and define our own MIN/MAX macros as needed.
 2012-12-04 10:40:47 -05:00
Todd C. Miller
7b3d268687 Call gettext() on parameters for warning()/warningx() instead of 
having warning() do it for us.
 2012-11-25 09:34:04 -05:00
Todd C. Miller
6849fff4d7 See DEFAULT_TEXT_DOMAIN 2012-11-25 08:10:12 -05:00
Todd C. Miller
acf8af9aac #unifdef HAVE_SETLOCALE, it is C89 so no need to check for it. 2012-11-12 08:51:58 -05:00
Todd C. Miller
4bd4a91714 Parse sudo.conf in the "C" locale. 2012-11-12 05:42:48 -05:00
Todd C. Miller
595d3b2651 Display warning/error messages in the user's locale. 2012-11-08 15:37:44 -05:00
Todd C. Miller
a7424cc002 If sudo.conf contains an I/O plugin but no policy plugin, use sudoers 
for the policy plugin.  If a policy plugin is specified without an
I/O plugin, only the policy plugin will be loaded.
 2012-08-09 14:11:41 -04:00
Todd C. Miller
8b3d118f62 Fix matching of "Path askpass" and "Path noexec" 2012-03-27 12:24:39 -04:00
Todd C. Miller
55d1a1a79d Use ecalloc() when allocating structs. 2012-03-19 11:24:24 -04:00
Todd C. Miller
96f046c1ce Rename plugin "args" to "options" 2012-03-15 12:32:31 -04:00
Todd C. Miller
83459e13b5 Set args to NULL in default plugin info struct when there is no 
Plugin line in sudo.conf.
 2012-03-14 15:07:50 -04:00
Todd C. Miller
a16dee915b Add support for plugin args at the end of a Plugin line in sudo.conf. 
Bump the minor number accordingly and update the documentation.  A
plugin must check the sudo front end's version before using the
plugin_args parameter since it is only supported for API version
1.2 and higher.
 2012-03-02 11:04:09 -05:00
Todd C. Miller
8d05f0d1b0 Add type param to sudo_secure_path() and add sudo_secure_file() 
and sudo_secure_dir() wrappers which get by #includedir in sudoers.
 2012-02-29 15:50:48 -05:00
Todd C. Miller
415454ff59 Relax the user/group/mode checks on sudoers files. As long as the 
file is owned by the right user, not world-writable and not writable
by a group other than the one specified at configure time (gid 0
by default), the file is considered OK.  Note that visudo will still
set the mode to the value specified at configure time.
 2012-02-22 13:04:03 -05:00
Todd C. Miller
c970d464cb Normally, sudo disables core dumps while it is running. This 
behavior can now be modified at run time with a line in sudo.conf
like "Set disable_coredumps false"
 2012-02-03 14:57:03 -05:00
Todd C. Miller
fa1f781a0e Separate sudo.conf parsing from plugin loading and move the parse 
functions into the common lib so that visudo, etc. can use them.
 2011-12-20 08:55:13 -05:00