isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
11,359 Commits 1 Branch 0 Tags
a2d27bc9ec55b569c25ffa0481855b9c94fe8b8c
Commit Graph

11359 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
e64a089aea Add reference counting to Defaults bindings. 
Previously, we checked that the previous entry's binding pointer
was not the same while freeing.  However, to be able to merge
Defaults records we cannot rely on Defaults entries with the same
binding being immediately adjacent.  This removes the prev_binding
checks in favor of a reference count which allows us to plug the
memory leak in cvtsudoers when merging Defaults.
 2021-11-20 08:01:37 -07:00
Todd C. Miller
aed51033e1 cvtsudoers: use init_parse_tree() to initialize a parse tree. 
Also free the parse tree before exit.
 2021-11-19 12:29:21 -07:00
Todd C. Miller
730ebabdba init_parse_tree() now takes ownership of lhost and shost, if any. 
This means that lhost and shost in struct sudoers_parse_tree
are no longer const and that free_parse_tree() will free lhost/shost.
The only consumer that passed in lho.st/shost was the SSSD back-end
which has been updated to avoid a double-free.
 2021-11-19 12:29:21 -07:00
Todd C. Miller
cc79038730 Document how to merge sudoers files with cvtsudoers. 2021-11-19 12:29:21 -07:00
Todd C. Miller
f5c6e2df7b cvtsudoers: merge userspecs when multiple sudoers files are specified 
If a hostname is specified with the sudoers file, it will be used to
make the userspec host-specific, if possible.  Duplicate userspecs
are removed but conflicting entries are not currently pruned.
 2021-11-19 12:29:21 -07:00
Todd C. Miller
d31109ded2 cvtsudoers: merge Defaults when multiple sudoers files are specified 
If a hostname is specified with the sudoers file, it will be used to
make the Defaults setting host-specific, if possible.
Duplicate Defaults settings are removed and conflicts are warned about.
It is not possible to resolve all conflicts automatically.
 2021-11-19 12:29:21 -07:00
Todd C. Miller
ab9e44a6ca cvtsudoers: merge aliases when multiple sudoers files are specified 
Duplicate aliases are remove.  If there are conflicting alias names,
the conflicts are renamed by appending a numerical suffix.
For example, if there are two SERVERS Host_Aliases, the second one
will be renamed to SERVERS_1.
 2021-11-19 12:29:21 -07:00
Todd C. Miller
33fbf59467 Add support for specifying the hostname as a prefix to the sudoers file. 
If present, the host name is copied into the struct sudoers_parse_tree.
 2021-11-16 19:00:56 -07:00
Todd C. Miller
4cb34a2015 cvtsudoers: parse multiple sudoers files and store them in a tail queue 
In the future the parsed files will be merged before they are output.
 2021-11-11 16:04:45 -07:00
Todd C. Miller
b1309f76db Add sudoers_parse_tree_list, a tail queue of struct sudoers_parse_tree. 
This will be used to store multiple parse trees and merge them
into a single sudoers_parse_tree.
 2021-11-11 15:40:51 -07:00
Todd C. Miller
7baee707b0 Add a background image for the macOS installer. 2021-11-19 12:26:31 -07:00
Todd C. Miller
7b0b186994 Update PolyPkg 2021-11-19 12:26:30 -07:00
Todd C. Miller
0a89b87a3f mkpkg: handle a macOS SDK that just uses the major version. 
For example, MacOSX11.sdk instead of MacOSX11.3.sdk.
 2021-11-18 15:40:36 -07:00
Todd C. Miller
70c0d35faa Add missing dependencies for timegm. 2021-11-18 13:28:19 -07:00
Todd C. Miller
3ab280fc61 Fix formatting of links. 2021-11-11 14:19:22 -07:00
Todd C. Miller
781a4fb691 Add contributing guide. 2021-11-11 13:56:36 -07:00
Todd C. Miller
658eba7ee4 Create codeql-analysis.yml 2021-11-11 09:46:55 -07:00
Todd C. Miller
85325a7d2f Add security doc, inspired by the Microsoft template. 2021-11-10 17:26:26 -07:00
Todd C. Miller
289a045a4f Rename "doc" directory to "docs" for better GitHub compatibility. 2021-11-10 16:45:16 -07:00
Todd C. Miller
5faf46de6f Use $(SED), not sed, when generating mksiglist.h/mksigname.h 2021-11-10 13:35:44 -07:00
Todd C. Miller
09b82a22ca Add configure check for sha1sum and use "openssh dgst -sha1" if missing. 
Only needed when building the seed corpus zip files.
 2021-11-10 13:31:42 -07:00
Todd C. Miller
c2d03f7cca sudo_compat.h: include unistd.h regardless of OS type 
This helps to avoid issues with mismatched headers and libraries.
 2021-11-10 13:30:27 -07:00
Todd C. Miller
55d17eaa34 install_sudoers: fix return value when there is no temp file to install 
This can happen when no changes were made.  Also preserve the edited
temp file on error if we are unable to move it into place.
 2021-11-09 16:09:48 -07:00
Todd C. Miller
def7a51f4d Bump plugin version in test data to 1.18. 2021-11-09 13:59:36 -07:00
Todd C. Miller
8e656b63c8 free_defs_val: free rlimits like strings (which they are). 2021-11-09 13:45:06 -07:00
Todd C. Miller
288bb82543 Rename {check,set}_perms variable to {check,set}_mode. 
Avoids a name clash with the set_perms() function.
 2021-11-09 13:41:27 -07:00
Todd C. Miller
7085a64475 Avoid symbol name clash with is_writable() function variable. 
Rename "is_writable" variable to "writable".
 2021-11-09 13:39:30 -07:00
Todd C. Miller
03927f998f Mention that the core dump size resource limit now defaults to 0. 2021-11-09 13:33:39 -07:00
Todd C. Miller
6f7f8601e4 Document new resource limit settings. 2021-11-09 13:33:39 -07:00
Todd C. Miller
7c8746bc70 Document resource limit support in command_info[] and Bump plugin API minor. 
This is supported beginning with sudo 1.9.9 and plugin API 1.17.
 2021-11-09 12:57:25 -07:00
Todd C. Miller
19065cb221 Use strtoul() on systems without strtoull(). 
We can assume that systems without strtoull() have 32-bit resource limits.
 2021-11-08 18:21:15 -07:00
Todd C. Miller
74ef983f60 Add front-end support for setting resouce limits. 
The special value "user" means preserve the invoking user's limit.
The value "default" means don't override the default limit for the
user as assigned by the system (PAM, loging.conf, userdb, etc).
 2021-11-08 18:21:11 -07:00
Todd C. Miller
f279df5e18 Add basic support for setting resource limits in sudoers. 
The default for rlimit_core is "0,0"
Resource limits are passed back to the front-end in command_info[]
when set.
 2021-11-08 17:46:19 -07:00
Todd C. Miller
9c465f84ad switch_user_nonfatal: only define if using faccessat() 2021-11-08 17:45:26 -07:00
Todd C. Miller
cdd41af66f visudo: add -O and -P options to check/set owner and permissions. 
This can be used in conjunction with the -c option to check that
the sudoers file ownership and permissions are correct.
Bug #1007
 2021-11-06 12:37:13 -06:00
Todd C. Miller
78709eaeec UPGRADE: mention SELinux behavior change. 2021-11-05 12:42:13 -06:00
Todd C. Miller
22d624c028 Rename selinux_setcon -> selinux_setexeccon 2021-11-05 12:34:03 -06:00
Todd C. Miller
e92c3d841e In the SELinux role is "unconfined_r", disable SELinux support. 
We only want to apply SELinux to confined users.  This is a bit of
a hack as unconfined_r is specific to the targeted policy.
 2021-11-05 12:33:31 -06:00
Todd C. Miller
e97fb5fd0b Separate out the code to compute the context from selinux_setup(). 
This makes it possible to determine whether we really need to execute
the command via the sesh helper.  What was left of selinux_setup()
is now selinux_relabel_tty() and selinux_audit_role_change().
 2021-11-05 12:33:20 -06:00
Todd C. Miller
a336a8422f Pass status of selinux sudoers setting to front-end as selinux-rbac. 
The front-end uses this to decide whether or not to enable SELinux.
If selinux-rbac is true _or_ if it is not present and selinux_role or
selinux_type are set, SELinux support is enabled.
Previously, SELinux support was only enabled if a role was specified.
 2021-11-05 12:32:02 -06:00
Todd C. Miller
6804632591 Make get_exec_context static, it is unused outside selinux.c. 2021-11-01 14:15:08 -06:00
Todd C. Miller
a527d6dfdd dir_is_writable: add fallback if changing UIDs fails 
The SELinux policy may not allow uid/gid changes which will break
the writability checks and cause sudoedit to fail.
 2021-11-05 12:24:51 -06:00
Todd C. Miller
733fe4bd1a Build python package on Fedora 2021-11-04 10:59:24 -06:00
Todd C. Miller
ff888e7009 Fix lint warning: skipping paragraph macro: Pp before Bd 2021-11-01 13:28:09 -06:00
Todd C. Miller
4e1e07b883 Escape some minus signs ('-') as required by newer groff. 2021-10-31 10:45:08 -06:00
Todd C. Miller
4eebd53bce parse_gentime: use timegm() to generate time since the epoch 
The timegm() function is non-standard but widely available.
Provide an implementation for those systems that lack it.
Bug #1006
 2021-10-31 09:27:34 -06:00
Todd C. Miller
b506497fe4 Fix pasto in gmtime_r and localtime_r macros. 
Also add missing Makefile targets for them.
 2021-10-31 09:01:18 -06:00
Todd C. Miller
dcd2199f79 Take daylight saving time into consideration when computing offset. 
Otherwise, the resulting time may be off by and hour, depending on
whether DST is currently active compared to the target time.
 2021-10-31 08:42:49 -06:00
Todd C. Miller
12c8dba4ca Back out f2d82771e7dd, arm64e on macOS is still in preview state. 
Until arm64e on macOS is finalized, continue to build arm64 packages.
 2021-10-29 13:03:36 -06:00
Todd C. Miller
491aee866b Build arm64e ABI binaries on macOS 11 and above. 
We originally used arm64 here but the correct ABI is arm64e.
The arm64 arch will be removed in a future release.
 2021-10-27 09:51:09 -06:00