isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
8,420 Commits 1 Branch 0 Tags
a08ea1b14d34d7e363bfa38528049c034b4c0620
Commit Graph

543 Commits

Author SHA1 Message Date
Todd C. Miller
9b2fb418ca Don't allow max_groups to be set to zero, it just complicates things 
needlessly.  Fixes an assertion in visudo when there is a group-based
Defaults entry.
 2013-08-12 09:14:38 -06:00
Todd C. Miller
03fc668e5a More UTF8 in names; from Tae Wong 2013-08-07 16:07:14 -06:00
Todd C. Miller
30adf33eaf Convert to last, first for easier sorting and use UTF8 (including a 
BOM).
 2013-08-07 14:14:05 -06:00
Todd C. Miller
3898f5d7ff Add pam_setcred sudoers option to allow the user to control whether 
pam_setcred() is called on the user's behalf.
 2013-08-06 14:44:21 -06:00
Todd C. Miller
52954481e1 Add pam_service and pam_login_service sudoers settings to control 
the service name passed to pam_start.
 2013-08-06 11:01:36 -06:00
Todd C. Miller
1f3ea50afd Implement memset_s() and use it instead of zero_bytes(). 
A new constant, SUDO_CONV_REPL_MAX, is defined by the plugin
API as the max conversation reply length.  This constant can be
used as a max value for memset_s() when clearing passwords
filled in by the conversation function.
 2013-08-03 08:30:06 -06:00
Todd C. Miller
39575aecf2 Long option support for visudo and sudoreplay. 2013-07-19 09:42:25 -06:00
Todd C. Miller
6e56e6d8c8 Add support for long options and fix inclusion of sudo_usage.h with 
modern gcc broken in 8597:1fcb7ba13018.
 2013-07-18 16:51:56 -06:00
Todd C. Miller
9309c9eab7 Use getopt_long() so we can make the -h flag take an optional argument. 
Includes a version for those without it.
 2013-07-17 17:00:55 -06:00
Todd C. Miller
29908cb6df Document that the -h option can be used specify a host name for future 
plugins.
 2013-07-16 16:31:59 -06:00
Todd C. Miller
1d20a0ab63 Document the remote_host setting (-h host) 2013-07-16 16:21:14 -06:00
Todd C. Miller
ba615bd58f fix "the the" 2013-07-16 16:18:14 -06:00
Todd C. Miller
e53e80187d Sync with translationproject.org 2013-07-16 07:32:57 -06:00
Todd C. Miller
adce34358c Remove old bits about sudo setuid problems that should have been 
cleaned up in changeset 7917:fa4894896d8a.  Also update the mode
of sudo to 04755 to match current packaging.
 2013-07-11 17:57:40 -04:00
Todd C. Miller
bf9d823c27 Fix formatting typo; from Eric S. Raymond 2013-06-18 06:39:02 -04:00
Todd C. Miller
e8046e4be8 Fix typo; bug 605 2013-06-12 09:15:11 -04:00
Todd C. Miller
67d8af4be5 Restrict default creation of PIE binaries (-fPIE and -pie) to Linux. 
OpenBSD also supports PIE but enables it by default so we don't
need to do anything.  This fixes problems on systems with a version
of GNU ld that accepts -pie but where the run-time linker doesn't
actually support PIE.  Also verify that a trivial PIE binary works
unless PIE is explicitly enabled.
 2013-05-28 14:40:45 -04:00
Todd C. Miller
2dd71e838a Add message about disabling PIE if sudo gets SIGSEGV. 2013-05-03 16:24:22 -04:00
Todd C. Miller
874d84f263 Mention what SHA-2 formats are supported. 2013-04-30 11:44:01 -04:00
Todd C. Miller
61c0a24c85 List code and translations separately. 2013-04-30 11:07:06 -04:00
Todd C. Miller
7c9aaa2f2f Document that sudoers will re-use existing I/O log paths unless 
they are mktemp-style with trailing X's.
 2013-04-25 15:11:06 -04:00
Todd C. Miller
fa6c857112 Allow ldap_conf and ldap_secret to be specified as plugin arguments 
in sudo.conf
 2013-04-25 14:49:02 -04:00
Todd C. Miller
67dad9a83c sudoers_debug is now deprecated in favor of the sudo debugging 
framework.
 2013-04-25 10:22:11 -04:00
Todd C. Miller
e05d2732aa Add copyright notice to scripts 2013-04-24 15:47:39 -04:00
Todd C. Miller
7ab68a35d8 Correct last change date 2013-04-24 11:14:06 -04:00
Todd C. Miller
ad019da9ef Mention .sl vs. .so extension handling on HP-UX 
Mention group membership changes
Fix typos
 2013-04-24 11:08:38 -04:00
Todd C. Miller
d6282d154a Update copyright years. 2013-04-24 09:35:02 -04:00
Todd C. Miller
ed6d6963de Document digest support. 2013-04-17 15:42:28 -04:00
Todd C. Miller
1aa4903520 SHA-224, SHA-256, SHA-384 and SHA-512. Derived from the public 
domain SHA-1 and SHA-2 implementations by Steve Reid and Wei Dai
respectively.
 2013-04-13 07:05:06 -04:00
Todd C. Miller
1614c3cad1 Document sesh Path setting. 2013-03-14 20:13:54 -04:00
Todd C. Miller
2e84f169cc Document direct execution of the command if the policy plugin has 
no close function.
 2013-03-13 11:32:31 -04:00
Todd C. Miller
7d3ce01a05 Document group_file and system_group plugins. 2013-03-05 16:38:35 -05:00
Todd C. Miller
8397297de5 Try to clarify that sudoedit in sudoers should not include a 
leading pathname.
 2013-03-05 15:06:00 -05:00
Todd C. Miller
3e68433839 Clean up generated test files and other minor housekeeping. 2013-02-28 09:49:09 -05:00
Todd C. Miller
af2d4dbfb2 Don't remove the -S option description when trimming out selinux. 
Bug #592
 2013-02-28 06:03:36 -05:00
Todd C. Miller
30f63386d8 Document when sudo may exec the command directly instead of forking. 2013-02-24 13:25:44 -05:00
Todd C. Miller
d946fdaa7a Document that close and version be NULL for plugin API >= 1.3 and 
that sudo may execute the command directly if there is no close,
or pty or timeout needed.
 2013-02-24 13:20:56 -05:00
Todd C. Miller
59692ad282 Add pam_session sudoers option. 2013-02-24 06:15:37 -05:00
Todd C. Miller
af4d3489f9 Pass the default plugin directory to the plugin via the settings list. 
Could be used by a stacking plugin.
 2013-02-21 15:05:51 -05:00
Todd C. Miller
f336580bb1 Add Nikolai Kondrashov 2013-02-21 07:04:34 -05:00
Todd C. Miller
05e53aea0f Use the correct the sudoers policy symbol names and undo an editor 
goof committed when adding max_groups to sudo.conf.
 2013-02-20 13:54:31 -05:00
Todd C. Miller
e07280eeeb Rename sample_group plugin to group_file. 
Install group_file and system_group plugins by default.
 2013-02-18 15:32:36 -05:00
Todd C. Miller
b9159ecb26 Add maxseq sudoers option to limit the max number of I/O log files. 2013-02-18 15:06:23 -05:00
Todd C. Miller
35548ae4e3 Pass max_groups to plugin in settings list. 2013-02-14 15:18:10 -05:00
Todd C. Miller
67fed118b6 Add max_groups setting to sudo.conf (currently unused) and remove 
unused return value from setters.
 2013-02-14 13:34:33 -05:00
Todd C. Miller
987d62ec55 Sort elements of the settings, user_info and command_info lists. 2013-02-08 14:44:22 -05:00
Todd C. Miller
6ba6a454e2 Remove trailing white space 2013-02-08 14:40:43 -05:00
Todd C. Miller
74881843e1 Mention line continuation 2013-02-07 14:08:54 -05:00
Todd C. Miller
6b09c76a20 Sudo now stores its libexec files in a "sudo" subdirectory instead 
of in libexec itself.  For backwards compatibility, if the plugin
is not found in the default plugin directory, sudo will check the
parent directory default directory ends in "/sudo".
 2013-02-06 14:06:51 -05:00
Todd C. Miller
fbb8ea5042 Mention that sudoers has its own plugins too. 2013-02-06 09:30:49 -05:00