Defaults settings passed in by the front end are already "early"
so there is no need to treat any of them as special.
Otherwise, we end up running the early defaults callbacks before
sudoers has been parsed. This means that, for instance, it is not
possible to disable the fqdn flag before its callback is run if
sudo is build with the --with-fqdn option. Bug #1016.
This makes it possible to use a different PAM configuration for
when "sudo -A" is used. The main use case is to only use PAM modules
that can interact with the askpass program. GitHub issue #112.
In the past, some PAM modules assumed that PAM_TTY was set and would
misbehave (or crash) if not. This was primarily obsolete versions
of Linux-PAM, so it should now be safe to remove this. Setting
PAM_TTY to an empty string can cause its own set of issues.
GitHub issue #74
For "sudo -n" we only want to reject a command if user input is
actually required. In the case of PAM at least, we may not need
to interact with the user. Bug #956, GitHub issue #83
If a host is specified for the input file, cvtsudoers will bind
global Defaults to that host and change host "ALL" in a userspec
to the host name. However, if all the input files have matching
hosts we can simplify the merged file by converting back to ALL
after resolving conflicts.
The switch() in the sudo_ldap_set_options_table() function needed to be
updated to treat CONF_DEREF_VAL and CONF_REQCERT_VAL data types as int.
Fix from Dennis Filder. Bug #1013.
When only the user (ALL) is specified explicitly, and the group is implied, only sudo -u works. Specifying both the user and group, like (ALL:ALL), is required to:
1) Use sudo -g by itself (with no -u user)
2) Use sudo -u and -g together, with a -g group that is different from the -u user's primary group
The "-l logfile" option can be used to store a log of what
actions cvtsudoers took when merging multiple files.
For example, which aliases were renamed, which entries were overriden
or removed as duplicated.
The warning that need_comma is always false is correct but in this
case it is better to use a consistent construct so that if the code
is re-ordered no bugs are introduced.
Previously, we checked that the previous entry's binding pointer
was not the same while freeing. However, to be able to merge
Defaults records we cannot rely on Defaults entries with the same
binding being immediately adjacent. This removes the prev_binding
checks in favor of a reference count which allows us to plug the
memory leak in cvtsudoers when merging Defaults.
This means that lhost and shost in struct sudoers_parse_tree
are no longer const and that free_parse_tree() will free lhost/shost.
The only consumer that passed in lho.st/shost was the SSSD back-end
which has been updated to avoid a double-free.
If a hostname is specified with the sudoers file, it will be used to
make the userspec host-specific, if possible. Duplicate userspecs
are removed but conflicting entries are not currently pruned.
If a hostname is specified with the sudoers file, it will be used to
make the Defaults setting host-specific, if possible.
Duplicate Defaults settings are removed and conflicts are warned about.
It is not possible to resolve all conflicts automatically.
Duplicate aliases are remove. If there are conflicting alias names,
the conflicts are renamed by appending a numerical suffix.
For example, if there are two SERVERS Host_Aliases, the second one
will be renamed to SERVERS_1.
