isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,093 Commits 1 Branch 0 Tags
a3e6610e01947df5d42a76b2b0a8b00b19a02f62
Commit Graph

465 Commits

Author SHA1 Message Date
Todd C. Miller
9efe91fa1e Move initgroups() for -U option into display_privs() so group matching 
in sudoers works correctly.
 2005-03-29 03:33:05 +00:00
Todd C. Miller
6bee8e3770 Just clean the environment once. This assumes that any further 
setenv/putenv will be able to handle the fact that we replaced environ
with our own malloc'd copy but all the implementations I've checked do.
 2005-02-20 16:48:05 +00:00
Todd C. Miller
87a8b5b48b In -i mode, base the value of insert_env()'s dupcheck flag on DID_FOO flags. 
Move checks for $HOME resetting into rebuild_env()
 2005-02-16 04:16:22 +00:00
Todd C. Miller
74894ebf62 Move setting of user_path, user_shell, user_prompt and prev_user 
into init_vars() since user_shell at least is needed there.
 2005-02-13 05:33:59 +00:00
Todd C. Miller
b7068a4138 Fix some printf format mismatches on error. 2005-02-12 23:48:46 +00:00
Todd C. Miller
778d587063 Update copyright years. 2005-02-12 22:56:07 +00:00
Todd C. Miller
ab2e7bc267 Instead of zeroing out the environment, just prune out entries 
based on the env_delete and env_check lists.  Base building up
the new environment on the current environment and the variables
we removed initially.
 2005-02-10 04:00:04 +00:00
Todd C. Miller
0b315c10d0 Set locale to "C" if locales are supported, just to be safe. 2005-02-10 03:24:00 +00:00
Todd C. Miller
d27f06b5f1 Alloc an extra slot in NewArgv. Removes the need to malloc an new 
vector if execve() fails.
 2005-02-08 03:50:42 +00:00
Todd C. Miller
9a890467a7 Use execve(2) and wrap the command in sh if we get ENOEXEC. 2005-02-07 04:16:28 +00:00
Todd C. Miller
3b8b88407f Add __unused to rcsids 2005-01-27 15:42:30 +00:00
Todd C. Miller
840d51a160 s/-O/-C/ 2005-01-18 00:41:31 +00:00
Todd C. Miller
dfccf19338 g/c pwcache_init/pwcache_destroy 2005-01-05 19:43:36 +00:00
Todd C. Miller
a5d9296d25 Adapt to pwutil.c 2005-01-05 01:10:16 +00:00
Todd C. Miller
bb76440b4f sort usage 2004-12-16 19:20:25 +00:00
Todd C. Miller
051a2110a4 Add closefrom sudoers option to start closing at a point other than 3. 
Add closefrom_override sudoers option and -C sudo flag to allow the
user to specify a different closefrom starting point.
 2004-12-16 18:33:49 +00:00
Todd C. Miller
f93cd1e97a Fix last commit. 2004-12-10 02:07:27 +00:00
Todd C. Miller
07d74adfba Make sure stdin, stdout and stderr are open and dup them to /dev/null 
if not.
 2004-12-10 00:26:22 +00:00
Todd C. Miller
1936aeb299 add sudo_ldap_close 2004-12-03 18:57:48 +00:00
Todd C. Miller
7d488657f0 Use TIME_WITH_SYS_TIME 2004-12-03 18:52:28 +00:00
Todd C. Miller
68e54d2c8b Call initgroups() in -U mode so group matches work normally. 2004-11-29 17:52:02 +00:00
Todd C. Miller
5f06b19a6e Add -U option to use in conjunction with -l instead of -u. 
Add support for "sudo -l command" to test a specific command.
 2004-11-24 21:31:51 +00:00
Todd C. Miller
f75a034f06 Set safe_cmnd after sudoers_lookup() if it has not been set. 
Previously it was set by sudo "ALL" in the parser but at that point
the fully-qualified pathname has not yet been found.
 2004-11-24 21:28:55 +00:00
Todd C. Miller
e605070143 Remove the FLAG_NOPASS, FLAG_NOEXEC and FLAG_MONITOR flags. Instead, 
we just set the approriate defaults variable.
 2004-11-19 23:00:28 +00:00
Todd C. Miller
fe869025c4 Add support for command-specific Defaults entries. E.g. 
Defaults!/usr/bin/vi noexec
 2004-11-19 21:35:12 +00:00
Todd C. Miller
2c2daa8eca Use: #include <config.h> 
Not: #include "config.h"
That way we get the correct config.h when build dir != src dir
 2004-11-19 18:39:14 +00:00
Todd C. Miller
d427384ae4 Set user_ngroups to 0 if getgroups() returns an error. 2004-11-17 00:00:48 +00:00
Todd C. Miller
f7f282ba13 Add configure check for getgroups() 2004-11-16 23:59:56 +00:00
Todd C. Miller
9846e562ad Implement group caching and use the passwd and group caches throughout. 2004-11-16 04:24:11 +00:00
Todd C. Miller
51375f969f Add local error/warning functions like err/warn but that call an additional 
cleanup routine in the error case.  This means we no longer need to compile
a special version of alloc.o for visudo.
 2004-11-15 15:53:53 +00:00
Todd C. Miller
ae2e26fd2f Cache passwd db entries in 2 reb-black trees; one indexed by uid, 
the other by user name.  The data returned from the cache should
be considered read-only and is destroyed by sudo_endpwent().
 2004-11-15 14:53:05 +00:00
Todd C. Miller
0b34123a8b Create and use private versions of setpwent() and endpwent() that 
set/end the shadow password file too.
 2004-11-15 04:06:16 +00:00
Todd C. Miller
a239e60a6a The syntax to list another user's entries is now "-u otheruser -l". 
Only root or users with sudo "ALL" may list other user's entries.
 2004-11-11 17:12:20 +00:00
Todd C. Miller
29fc2c9475 Only reset sudo_user.pw based on SUDO_USER environment variables for 
real commands and sudoedit.  This avoids a confusing message when a
user tries "sudo -l" or "sudo -v" and is denied.
 2004-10-27 16:16:23 +00:00
Todd C. Miller
efbc9997a1 Update for new parse. We now call find_path() *after* we have updated 
the global defaults based on sudoers.  Also adds support for listing
other user's privs if you are root.
 2004-10-26 22:22:46 +00:00
Todd C. Miller
48cdd1dec3 Kill use of POSIX saved uids; they aren't worth bothering with. 2004-10-13 16:46:19 +00:00
Todd C. Miller
3c8145a923 No longer call it tracing, it is now "monitoring" which should be more 
a obvious name to non-hackers.
 2004-10-04 16:07:19 +00:00
Todd C. Miller
8a33025986 Use __attribute__((__noreturn__)) 2004-09-30 17:55:21 +00:00
Todd C. Miller
cbcb60b184 Add keepopen arg to open_sudoers that open_sudoers can use to 
indicate to the caller that the fd should not be closed when it
is done with it.  To be used by visudo to keep locked fds from
being closed prematurely (and thus losing the lock).
 2004-09-29 18:36:33 +00:00
Todd C. Miller
e9b23cdee1 Add errorfile global that contains the name of the file that caused the 
error.
 2004-09-29 18:33:06 +00:00
Todd C. Miller
4b75a03343 Rewind sudoers_fp in open_sudoers() instead of sudoers_lookup() so 
we start at the right file position when reading include files.
 2004-09-28 17:52:59 +00:00
Todd C. Miller
7cf26298a2 Rename check_sudoers() open_sudoers() and make it return a FILE * 2004-09-27 16:01:54 +00:00
Todd C. Miller
d4e3f175c8 g/c sudo_pwdup proto 2004-09-25 17:15:06 +00:00
Todd C. Miller
aa8d212e3c Call systrace_attach() if FLAG_TRACE is set. 2004-09-24 17:17:29 +00:00
Todd C. Miller
0c2be08089 Don't close sudoers_fp, keep it open and set close on exec flag instead. 2004-09-24 17:13:24 +00:00
Todd C. Miller
f30ab72c44 Add cmnd_base to struct sudo_user and set it in init_vars(). 
Add cmnd_stat to struct sudo_user and set it in sudo_goodpath().
No longer use gross statics in command_matches().
Also rename some variables for improved clarity.
 2004-08-24 18:01:14 +00:00
Todd C. Miller
3c6bb6c79c Consistency. Use same error for bad -u #uid when targetpw is set 
as we do when a bad -u username is specified.
 2004-08-06 23:42:52 +00:00
Todd C. Miller
252093fa60 Error out when targetpw is enabled and sudo is run with -u #uid but 
#uid does not exist in the passwd database.  We can't do target
authentication when the target is not in passwd!
 2004-08-06 23:24:41 +00:00
Todd C. Miller
20815542a9 typo in comment 2004-06-10 16:32:59 +00:00
Todd C. Miller
713e419fe9 Remove trailing spaces, no actual code changes. 2004-06-06 23:58:11 +00:00