isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
9,572 Commits 1 Branch 0 Tags
9eeedb470f03f7753d202aa5fe54df5d10c0691c
Commit Graph

9572 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
9eeedb470f If the sudoreplay ID option is a fully-qualified path, use it directly. 
Previously, one had to use the -d option to override the I/O log directory.
 2019-08-27 13:40:38 -06:00
Todd C. Miller
91d508d408 regen 2019-08-27 09:07:06 -06:00
Todd C. Miller
eb95a35edc Add conditional for sesh path in sudo.conf manual. 2019-08-27 08:09:28 -06:00
Todd C. Miller
62bb4aa630 Bug #895 2019-08-26 20:33:15 -06:00
Todd C. Miller
972670bfca Use the SUDO_CONV_PREFER_TTY flag during authentication. 
This prevents the password and PAM prompts from being redirected.
Bug #895
 2019-08-26 19:30:11 -06:00
Todd C. Miller
5a22865131 Fix typo that prevented a missing linux audit lib from being detected. 2019-08-23 11:37:55 -06:00
Todd C. Miller
2087f6354c Use fputs(), not printf() for plain strings. 2019-08-20 12:43:40 -06:00
Todd C. Miller
e3967dc7dc Recent fixes. 2019-08-20 10:52:19 -06:00
Todd C. Miller
a7cd4f0d48 Add user ID to the search filter when matching sudoUser. 
We already support group IDs but the user ID was missing.
From sudo-1.8.23-ldapsearchuidfix.patch in RHEL 7.
 2019-08-20 10:33:51 -06:00
Todd C. Miller
37670a008b Fix parsing of double-quoted Defaults bindings that start with % or +. 
From sudo-1.8.23-fix-double-quote-parsing-for-Defaults-values.patch in RHEL 7.
 2019-08-20 10:25:38 -06:00
Todd C. Miller
5e692576c9 Restore core dump resource limit before the PAM session module is run. 
Otherwise, we may override the limits set by PAM.
Bug #894
 2019-08-20 07:25:53 -06:00
Todd C. Miller
b98b82e4a2 sys_signame on macOS contains lower-cases names 2019-08-19 14:25:05 -06:00
Todd C. Miller
0bbfdc9920 Add regress tests for str2sig() and sig2str(). 2019-08-19 08:37:08 -06:00
Todd C. Miller
48066e0dbd SIGIOT and SIGABRT are aliases on BSD systems. 2019-08-19 08:36:53 -06:00
Todd C. Miller
29534ad96a Fix handling of real-time signals. 2019-08-19 08:36:30 -06:00
Todd C. Miller
9f7db2df2c ipa_hostname fix 2019-08-16 06:06:51 -06:00
Todd C. Miller
e99082e05b Fix special handling of ipa_hostname that was lost in sudo 1.8.24. 
We now include the long and short hostname in sudo parser container.
 2019-08-15 14:20:12 -06:00
Todd C. Miller
b4bef30d31 Remove unused include file. 2019-08-14 15:09:39 -06:00
Todd C. Miller
44e990c2ac Mention I/O log signal change in NEWS and UPGRADE files. 2019-08-05 16:45:30 -06:00
Todd C. Miller
7a7f02a7ec Asturian translation for sudoers from translationproject.org. 2019-08-05 16:38:41 -06:00
Todd C. Miller
37887c1544 Check source dir if source file is not listed in MANIFEST. 
Previously, we just used the file name without $(srcdir).
 2019-08-05 16:33:18 -06:00
Todd C. Miller
3e56be3564 Store signal name, not number in I/O log timing file. 
The "SIG" prefix is not used so, e.g. SIGTERM -> "TERM".
This makes the I/O log files portable from one system to another.
Older I/O log files with signal numbers can still be replayed.
 2019-08-05 16:30:58 -06:00
Todd C. Miller
dfc32e5b3e Disable stringop-truncation false positive warnings on gcc 8. 
Strings in struct utmp/utmpx are not guaranteed to be NUL-terminated.
 2019-07-30 12:42:07 -06:00
Todd C. Miller
aa200cda6a Replace non-essential strncpy() calls. 2019-07-30 11:37:26 -06:00
Todd C. Miller
aa73c86a5b Revert version back to 1.8.28 2019-07-26 15:14:52 -06:00
Todd C. Miller
e91865fb22 Link util functions being tested directly with the test harness. 
Otherwise we may get the version from the installed libsudo_util.so.
 2019-07-26 15:09:13 -06:00
Todd C. Miller
7117948421 Updated translations from translationproject.org 2019-07-23 08:16:22 -06:00
Todd C. Miller
5e424640b9 Use strftime(3) instead of formatting struct tm by hand. 
Fixes a warning on newer versions of gcc.
 2019-07-19 20:14:44 -06:00
Todd C. Miller
6f3d826f8b Update error message when the password cannot be read from the terminal. 2019-07-19 17:46:57 -06:00
Todd C. Miller
f634241110 Fix for Bug #888 2019-07-19 14:10:57 -06:00
Todd C. Miller
a7137a5225 If the command in sudoers does not exist on the file system, match by name. 
We still want to match the command even if it doesn't exist so that the
NOPASSWD flag on sudoers entries with non-existant paths works as expected.
Bug #888.
 2019-07-19 13:51:23 -06:00
Todd C. Miller
15db0c3f82 More verbose error message when a password is required and no terminal 
is present.  Bug #828.
 2019-07-19 11:51:20 -06:00
Todd C. Miller
3c825e298d regen 2019-07-19 10:42:50 -06:00
Todd C. Miller
6e0f7166e3 Document that PAM session modules are now run with the silent flag. 2019-07-19 10:38:53 -06:00
Todd C. Miller
c49760e55d Simpler change to retry sudo_secure_file() as root as needed. 2019-07-14 19:37:33 -06:00
Todd C. Miller
cecf69ff3c If we are unable to stat() sudoers as non-root, try again as root. 
By default, sudo relies soley on group permissions to read sudoers
to make it possible to store sudoers on NFS.  However, if /etc/sudoers
is not accessible to non-root uids for some reason, sudo will fail.
Bug #880.
 2019-07-14 18:51:50 -06:00
Todd C. Miller
10b5529a0b Clarify that ttyin contains raw terminal input. 2019-07-12 08:24:07 -06:00
Todd C. Miller
03ba6426e7 Expand the description of the I/O log files. 2019-07-11 13:42:12 -06:00
Todd C. Miller
679f13ef53 Remove trailing whitespace. 2019-07-11 13:41:48 -06:00
Todd C. Miller
bb024cf093 Rename PLUGINDIR -> plugindir 2019-07-03 13:15:47 -06:00
Todd C. Miller
caceced2f5 Use $libexecdir in default settings used by the documentation. 
The web and pdf pages will substitute /usr/local/libexec for $noexec_file.
Also do substitution of variables using exec_prefix even if we don't use
them in the Makefile since the documentation may reference them.
 2019-07-03 13:13:04 -06:00
Todd C. Miller
cd258e1d39 Add conditional for sesh path in sudo.conf manual. 2019-07-03 09:06:45 -06:00
Todd C. Miller
6e497be935 Update plugindir even when --disable-shared is specified. 
Otherwise, the default value is substituted into the Makefiles and
documentation which may not match --prefix.  Bug #886
 2019-07-03 07:39:54 -06:00
Todd C. Miller
9d8f374397 Add ssizeof macro that returns ssize_t. 
We can use this instead of casting the result of size_t to int.
Also change checks for snprintf() returning <=0 to <0.
 2019-06-25 09:45:10 -06:00
Todd C. Miller
81602ad086 sudoedit should be used for editing files instead of "sudo editor" 
That way the user's editor config files are used by the editor.
 2019-06-21 14:54:09 -06:00
Todd C. Miller
1fe9644f54 Move the section on HOME to be after the environment section. 
Also strongly discourage the disabling of env_reset.
 2019-06-21 13:26:02 -06:00
Todd C. Miller
2d8949198d Remove the Solaris last login question, add one about HOME. 
The PAM session is opened with PAM_SILENT so last login info is not printed.
It is dangerous to preserve HOME from the user's environment.
 2019-06-20 21:49:11 -06:00
Todd C. Miller
a45732528b Use the term pseudo-terminal more consistently. 2019-06-20 16:52:49 -06:00
Todd C. Miller
ee214e5261 Document why HOME should not be preserved from the user's environment. 
Text was adapted from what is already present in the UPGRADE file.
Also mark set_home and always_set_home as obsolete.
 2019-06-20 16:32:18 -06:00
Todd C. Miller
e11fa62cdc Refer to command line options, not flags. 2019-06-20 16:12:32 -06:00