isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7,718 Commits 1 Branch 0 Tags
97469c243c57d06f10ce72a38d212d4ea059f51a
Commit Graph

7718 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
97469c243c Avoid setting the tty to non-blocking mode so "sudoreplay | cat" 
(for example) works as expected.  We only read a single byte from
the keyboard and only when interactive anyway so this should be fine.
 2015-01-30 13:07:21 -07:00
Todd C. Miller
00e7dbd645 regen 2015-01-30 12:57:27 -07:00
Todd C. Miller
0ac881ba4b Avoid a cppcheck warning about undefined behavior (using the address 
of a stack buffer - 1) and fix a memory leak of the iov when
doing nl->crnl conversion.
 2015-01-30 10:45:15 -07:00
Todd C. Miller
1517d18b1d Add Steven Soulen 2015-01-30 09:24:46 -07:00
Todd C. Miller
770e6ca190 Fix handling of partial writes from writev() which can occur with 
large output buffers.
 2015-01-30 09:23:30 -07:00
Todd C. Miller
4dd2a3c6b8 Add support for querying netgroups directly via LDAP since there 
is no other way to look up all the netgroups for a user (unlike
regular groups).  This introduces netgroup_base and netgroup_search_filter
options to ldap.conf.  Based on a diff from Steven Soulen.
 2015-01-29 14:08:30 -07:00
Todd C. Miller
4ae3ab43c0 Sort ldap.conf options. 2015-01-27 09:29:02 -07:00
Todd C. Miller
741bb8ec79 Add macros to ease the checking of strlcpy, strlcat and 
sudo_ldap_value_cat return values.
 2015-01-22 11:42:32 -07:00
Todd C. Miller
57553fffdd Rename VALIDATE_OK -> VALIDATE_SUCCESS 
Rename VALIDATE_NOT_OK -> VALIDATE_FAILURE
 2015-01-21 11:03:48 -07:00
Todd C. Miller
399d364a90 Remove now-unused VALIDATE_ERROR define. 2015-01-21 10:36:55 -07:00
Todd C. Miller
5415b3d2af should_mail() now returns bool. 2015-01-21 10:33:56 -07:00
Todd C. Miller
2188c83a20 If sudo_debug_register() fails return SUDO_DEBUG_INSTANCE_INITIALIZER, 
not -1.  Otherwise we could end up setting the instance to -1 which
is invalid.
 2015-01-21 10:08:41 -07:00
Todd C. Miller
721cab85e7 Fix typo. 2015-01-21 08:51:41 -07:00
Todd C. Miller
716e6a991a Use "mandoc -Tascii" to generate .cat pages to avoid locale-specific 
characters.
 2015-01-21 08:51:27 -07:00
Todd C. Miller
a33d88c996 Use AC_PATH_PROG to find programs instead of checking the path manually. 2015-01-19 14:25:17 -07:00
Todd C. Miller
d2d9e6fcc1 Sync with OpenBSD version 2015-01-16 06:48:08 -07:00
Todd C. Miller
f80ffcc917 Use AC_CHECK_HEADERS_ONCE and AC_CHECK_FUNCS_ONCE where 
possible and quote the first args in AC_CHECK_FUNCS calls.
 2015-01-15 21:00:01 -07:00
Todd C. Miller
55a34e6941 Avoid inadvertantly defining things like PATH_MAX simply because 
the source file doesn't include limits.h.
 2015-01-15 17:01:30 -07:00
Todd C. Miller
078ba38067 Update to libtool 2.4.4 + HP-UX patches 2015-01-14 17:00:16 -07:00
Todd C. Miller
acea28b9a5 Document why we need sys/param.h. 2015-01-14 11:01:41 -07:00
Todd C. Miller
532a0e6cc7 Don't need sys/param.h. 2015-01-14 11:00:01 -07:00
Todd C. Miller
19a8a69a92 Don't appear to need sys/param.h for pstat_getproc() on HP-UX even 
though the man page lists it.
 2015-01-14 10:58:32 -07:00
Todd C. Miller
6bd40c622b Should not need sys/param.h here. 2015-01-14 10:55:42 -07:00
Todd C. Miller
cb09010da5 Use standard CIDR -> netmask conversion and disallow 0-bit CIDRs. 2014-12-31 15:47:33 -07:00
Todd C. Miller
86fbde75b2 Update link to gq LDAP editor, now on sourceforge. 2014-12-24 08:05:22 -07:00
Todd C. Miller
237f3c9dfe Add support for GLOB_LIMIT from OpenBSD (not currently used) and 
also a limit on the max recursion depth for glob().
 2014-12-16 17:04:13 -07:00
Todd C. Miller
b633e88c12 Quiet compiler sign compare warning. 2014-12-16 10:46:25 -07:00
Todd C. Miller
88c4a9668e fnmatch fix 2014-12-10 14:06:34 -07:00
Todd C. Miller
d0c333969a Remove artificial limit on length of pattern and string. It is 
possible to use fnmatch() on things other than paths (such as
arguments) so a limit of PATH_MAX does not make sense.  Fixes a bug
where rules would fail to match if the length of the arguments were
larger than PATH_MAX (usually 1024).
 2014-12-10 14:00:12 -07:00
Todd C. Miller
b1dc5c54d8 Remove the extra /sudo in sudo.ws urls 2014-12-04 17:00:38 -07:00
Todd C. Miller
9d3fe082fc Reference bugzilla.sudo.ws 2014-11-27 09:51:06 -07:00
Todd C. Miller
e0d927a98a sync 2014-11-20 13:34:17 -07:00
Todd C. Miller
c287419788 Require that a digest be specified with a real command, not an alias 
or pseudo-command.  Found via a crash by afl.
 2014-11-19 17:07:24 -07:00
Todd C. Miller
034ad90e16 sync 2014-11-19 15:20:18 -07:00
Todd C. Miller
02b3fa2fdd French translation for sudoers from translationproject.org. 2014-11-19 15:20:11 -07:00
Todd C. Miller
29039859b7 Defer registration of the SIGCHLD handler until just before we exec 
the command.  Fixes a problem where pam_gnome_keyring installs its
own SIGCHLD handler and may not restore the original one.  As a
result, we now have to explicitly wait for the askpass helper to
finish.  Bug #657
 2014-11-18 14:05:51 -07:00
Todd C. Miller
552dbe5253 Mention sssd support in the sudoers.ldap manual and cross-reference 
sssd-sudo(5).
 2014-11-17 15:26:12 -07:00
Todd C. Miller
eab8a28abf Reorder an entry. 2014-11-16 07:30:55 -07:00
Todd C. Miller
bc6269e58b Prevent cppcheck from getting confused by our compat definition of 
the va_copy macro for pre-C99.
 2014-11-15 06:32:39 -07:00
Todd C. Miller
3870fdf622 Fix potential NULL pointer deref found by cppcheck. 2014-11-14 16:31:56 -07:00
Todd C. Miller
0c88ecd3bc Quiet a cppcheck false positive. 2014-11-14 16:31:30 -07:00
Todd C. Miller
cbe917c540 If there are multiple outputs, ap will be re-used so make a copy 
and operate on it instead.
 2014-11-14 16:30:22 -07:00
Todd C. Miller
1c96c5ec39 Fix typo in hook return value check. 2014-11-14 14:56:29 -07:00
Todd C. Miller
cafd7baa2d Mention visudo use of sudoers plugin args to set default sudoers 
file name and owner/mode.
 2014-11-14 14:17:01 -07:00
Todd C. Miller
d956785e96 Mention fix for bug #678 2014-11-14 13:11:11 -07:00
Todd C. Miller
b4432df5e2 Sync with translationproject.org 2014-11-10 12:37:58 -07:00
Todd C. Miller
832a4dee6b In set_fqdn() we neeed to set user_runhost/user_srunhost at the 
same time we set user_host/user_shost since that is what
hostlist_matches() uses.  Bug #678
 2014-11-12 20:33:41 -07:00
Todd C. Miller
ae00eb719e Do not call sudo_warnx() on invalid value from the env hook functions 
as the printf() family may call getenv() for locale reasons.
 2014-11-11 15:31:16 -07:00
Todd C. Miller
4d04c5644b No need to keep specifying ".Nm foo" since the Nm macro remembers 
the argument it was first called with and uses it if none is
specified.  Also fix a few minor formatting errors and
regen bulleted lists in the .man.in files.
 2014-11-11 15:29:19 -07:00
Todd C. Miller
fbac05467b Add sudo.conf to SEE ALSO and rename section on sudo.conf 2014-11-11 14:18:07 -07:00