isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,952 Commits 1 Branch 0 Tags
a0646aa4ad768869adc21a9f48c0a63a6657a72c
Commit Graph

143 Commits

Author SHA1 Message Date
Todd C. Miller
a0646aa4ad Add explicit rule to build getdate.o for HP-UX make. 2010-05-26 17:20:21 -04:00
Todd C. Miller
f14d3dca1e Back out most of change 45e406ebdea2. Create dummy .l.c and .y.c 
rules as an alternate way to prevent HP-UX make (and others) from
trying to rebuild the parser in non-dev mode.
 2010-05-26 17:01:00 -04:00
Todd C. Miller
4695dd1b70 Re-enable PATH_MAX check for command 2010-05-26 16:33:35 -04:00
Todd C. Miller
45923111e0 Repair "sudo -l -U username" 2010-05-25 14:21:21 -04:00
Todd C. Miller
937b5f166d Set selinux role and type in command details. 2010-05-25 13:58:16 -04:00
Todd C. Miller
0487aee6b4 Bring back closefrom settings. 2010-05-24 15:40:36 -04:00
Todd C. Miller
60e0e496ef If running a command or sudoedit in transcript mode, call io_nextid() 
before log_allowed() so the session id is logged.
 2010-05-24 14:30:54 -04:00
Todd C. Miller
5dd7fd4305 We cannot conditionally update gram.h or the dependency ordering gets 
messed up in devel mode.
 2010-05-24 12:10:05 -04:00
Todd C. Miller
8a8830e34f Substitute @SHELL@ into Makefiles 2010-05-21 21:29:44 -04:00
Todd C. Miller
8ae8e8442c Remove use of RETSIGTYPE; all modern systems have signal handlers that 
return void.
 2010-05-21 18:40:04 -04:00
Todd C. Miller
51b558e753 Update to libtool-2.2.6b. I haven't made any local modifications 
this time, which should be OK since we install sudo_noexec.so by
hand now.
 2010-05-21 17:59:47 -04:00
Todd C. Miller
6b370cb020 Use libtool to clean objects 2010-05-21 16:53:21 -04:00
Todd C. Miller
95d939f9bb Install sudo_plugin.h as part of "make install" and make other install 
targets callable from the top-level Makefile
 2010-05-21 15:31:36 -04:00
Todd C. Miller
b628e15dc4 The sample plugin doesn't support being run with no args so return 
a usage error in this case.
 2010-05-21 14:56:31 -04:00
Todd C. Miller
f59669fc20 Set close on exec flag for descriptors used for I/O logging so they 
are not present in the command being run.
 2010-05-21 14:51:50 -04:00
Todd C. Miller
d3d8364d4e Set close on exec flag in private versions of setpwent() and setgrent(). 2010-05-21 14:51:05 -04:00
Todd C. Miller
529bfcf674 Set user_tty to "unknown" if there is no tty, like sudo 1.7 does 
(it is used when logging).  Note that user_ttypath will still be
NULL if there is no tty.
 2010-05-21 12:19:55 -04:00
Todd C. Miller
d2b8bad2a5 Fix compilation for non PAM/BSD auth/AIX auth 2010-05-19 11:40:46 -04:00
Todd C. Miller
55ef027d88 Add argc and argv to I/O logger open function. 2010-05-17 10:38:56 -04:00
Todd C. Miller
fa717176b2 Remove check_sudoedit function pointer in struct sudo_policy. 
Instead, sudo will set sudoedit=true in the settings array.
The plugin should check for this and modify argv_out as appropriate
in check_policy.
 2010-05-17 10:25:27 -04:00
Todd C. Miller
3ac9aee52e If plugin sets "sudoedit=true" in the command info, enable 
sudoedit mode even if not invoked as sudoedit.  This allows
a plugin to enable sudoedit when the user runs an editor.
 2010-05-16 19:27:04 -04:00
Todd C. Miller
285ccb152c gram.h must not depend on gram.y if we want to avoid unnecessary 
rebuilding of targets dependent on gram.h when gram.y changes.
 2010-05-15 15:12:06 -04:00
Todd C. Miller
2d785a7953 Refactor common bits of check_policy and check_edit 2010-05-15 11:51:00 -04:00
Todd C. Miller
31087fdcd6 Add sudoedit support 2010-05-15 07:51:24 -04:00
Todd C. Miller
3efb055c88 Rely more on VPATH; fixes a dependency issue with the parser. 2010-05-14 18:31:21 -04:00
Todd C. Miller
7c9c5855fd Change how we handle the sudoedit argv. We now require that there 
be a "--" in argv to separate the editor and any command line arguments
from the files to be edited.
 2010-05-13 17:11:31 -04:00
Todd C. Miller
fdd28d411f Work in progress support for sudoedit. The actual interface used by the 
plugin for sudoedit is likely to change.
 2010-05-13 14:09:21 -04:00
Todd C. Miller
d5bfd148d6 Make find_path() a little more generic by not checking def_foo 
variables inside it.  Instead, pass in ignore_dot as a function
argument.
 2010-05-13 10:27:03 -04:00
Todd C. Miller
832ce341e4 Add version of getenv(3) that uses our own environ pointer. 2010-05-13 10:20:40 -04:00
Todd C. Miller
1487026b03 Call env_init() before we open the sudoers sources as those may 
call our setenv() replacement.
 2010-05-12 08:32:12 -04:00
Todd C. Miller
754c1a16dd Initialize env_len in env_init() 2010-05-12 08:31:29 -04:00
Todd C. Miller
a331dcb46a If the tty lives on a devpts filesystem, stash the ctime in the tty 
ticket file, as it is not updated when the tty is written to.
This helps us determine when a tty has been reused without the
user authenticating again with sudo.
 2010-05-11 14:25:14 -04:00
Todd C. Miller
b89980ac6e Fix timestamp removal with -k/-K 2010-05-11 13:08:41 -04:00
Todd C. Miller
e324082d5c audit.c is now private to the sudoers plugin 2010-05-11 12:18:41 -04:00
Todd C. Miller
f38afc9779 Add separate test for getresuid() since HP-UX has setresuid() but no 
getresuid().
 2010-05-11 10:55:59 -04:00
Todd C. Miller
c2d0888bf9 No need to use pseudo-cbreak mode now that we use pipes when stdout is 
not a tty.  Instead, check whether stdin is a tty and if not, delay
setting the tty to raw mode until the command tries to access it itself
(and receives SIGTTIN or SIGTTOU).
 2010-05-10 17:23:35 -04:00
Todd C. Miller
782f494003 Add separate I/O logging functions for tty in/out and stdin/stdout/stderr. 
NOTE: stdin logging does not currently work and is disabled for now.
 2010-05-05 07:29:28 -04:00
Todd C. Miller
9fbec34fed Add pointer to a printf like function to plugin open functon. 
This can be used instead of the conversation function to display
info and error messages.
 2010-05-04 19:17:31 -04:00
Todd C. Miller
dc72c27b1b Use print_error() when displaying ldap config info in debugging mode. 2010-05-03 18:02:19 -04:00
Todd C. Miller
13966481c7 Add print_error() function that uses the conversation function to 
print a variable number of error strings and use it in log_error().
 2010-05-03 16:53:05 -04:00
Todd C. Miller
5475020561 Move audit sources into the sudoers plugin dir; the driver does not use them. 2010-04-30 15:38:33 -04:00
Todd C. Miller
d346e50903 Use angle brackets when including headers that can only be found when 
an -I flag is specified.  The files in the compat dir could get away
with double quotes here but I've converted all the source files
to use angle brackets for consistency.
 2010-04-30 15:13:47 -04:00
Todd C. Miller
1438664047 Add missing -I$(top_srcdir) to CPPFLAGS so includes in the compat dir 
can be found when building outside the source tree.
 2010-04-30 15:13:15 -04:00
Todd C. Miller
1473d78637 Clean up links in distclean 2010-04-30 13:57:27 -04:00
Todd C. Miller
8cfde4f9db Hack around VPATH semantic differences by symlinking files we need from 
../../src into the current directory and build those.  A better fix would
be to either make a .a or .la file with those files in it or simply
use a single, flat, Makefile instead of per-subdirs Makefiles.
 2010-04-30 13:53:33 -04:00
Todd C. Miller
23f9bb59ec fmt_string is used by the sudoers plugin too so do not include sudo.h 
(which is not really needed here anyway)
 2010-04-30 13:40:57 -04:00
Todd C. Miller
5e9ec6a365 Fix building with non-BSD versions of make such as GNU make. 
Requires VPATH support, which should be in any non-neolithic make.
 2010-04-30 12:18:06 -04:00
Todd C. Miller
f42cf76d8a Re-enable bsm audit. Currently auditing is done within the sudoers 
plugin itself.  If possible, this should really be done in the main
driver but we don't presently have the needed data to do that.  This
will be re-evaluated when Linux audit support is added.
 2010-04-30 12:01:15 -04:00
Todd C. Miller
0c7e3235f6 Remove extraneous $srcdir and use more .c.lo and .c.o rules instead 
of explicit rules in the dependency.
 2010-04-30 11:14:31 -04:00
Todd C. Miller
8b832576e4 Fix mismerge; alias_remove_recursive() now returns int 2010-04-30 10:50:56 -04:00