isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
9,813 Commits 1 Branch 0 Tags
a76b7543bf1ccf6da733784c5f4629ab6f42a3ea
Commit Graph

9813 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
a76b7543bf fix typo in previous 2019-12-31 07:48:57 -07:00
Todd C. Miller
4eaea77fa3 In update-pot match *.c not *c. 2019-12-31 06:15:19 -07:00
Todd C. Miller
a8c39ea81b Changes in sudo 1.8.30 2019-12-31 06:02:19 -07:00
Todd C. Miller
f139d2361a Add check for up to date def_data.[ch] in check-dist target. 2019-12-26 18:57:26 -07:00
Todd C. Miller
1e25d03c98 Use 64-bit resource limits on AIX. 2019-12-25 16:39:11 -07:00
Todd C. Miller
dfabda3d49 When restoring old resource limits, try to recover if we receive 
EINVAL.  On NetBSD, setrlimit(2) can return EINVAL if the new soft
limit is lower than the current resource usage.  This can be a
problem when restoring the old stack limit if sudo has raised it.
 2019-12-25 13:48:04 -07:00
Todd C. Miller
dbc905fdf8 Sudo doesn't require such a large stack. 2019-12-25 13:13:20 -07:00
Todd C. Miller
047f37ade3 Restore check for readable /etc/sudoers in pre-install target. 
If there is no installed sudoers there is nothing to check...
 2019-12-25 12:15:03 -07:00
Todd C. Miller
c8532ae7a9 Enable OpenBSD extensions on NetBSD to get reallocarray(3) prototype. 2019-12-25 11:21:49 -07:00
Todd C. Miller
c321b3e609 Add forward declaration of struct timeval for deprecated APIs. 2019-12-25 11:20:34 -07:00
Todd C. Miller
4347ed90d4 Fix compilation on systems with SIGRTMIN/SIGRTMAX but not _SC_RTSIG_MAX. 2019-12-25 11:19:58 -07:00
Todd C. Miller
291221c698 Older systems may not support WCONTINUED. 2019-12-25 11:17:35 -07:00
Todd C. Miller
58d50f44cd Support systems that have nl_langinfo(3) but not the CODESET define. 
Fixes compilation on old NetBSD versions.
 2019-12-25 11:14:18 -07:00
Todd C. Miller
8b571c59a5 Fix a typo; HAVE_KINFO_PROC2_NETBSD not HAVE_KINFO_PROC2_NETBSD2 2019-12-25 11:12:21 -07:00
Todd C. Miller
c6f8f4b545 Move init.d and sudo.pp to the etc dir. 2019-12-23 14:29:27 -07:00
Todd C. Miller
4690d3ecf6 Add cfmakeraw() for systems without it. 2019-12-23 13:15:34 -07:00
Todd C. Miller
1b10ac03ea Remove indent.pro from MANIFEST 2019-12-23 07:42:21 -07:00
Todd C. Miller
d089bd94e6 Add uncrustify.files to ignore file. 2019-12-23 07:34:52 -07:00
Todd C. Miller
79e52c7764 Substitute @prefix@ in for the example paths. 
We can't use @exampledir@ here since it contains Makefile variables.
 2019-12-23 07:27:54 -07:00
Todd C. Miller
486ee2b71f debug_decl and debug_decl_vars now require a semicolon at the end. 2019-12-22 08:48:16 -07:00
Todd C. Miller
5dcc28180e Add sudo_plugin_python manual page. 
Based on markdown docs from Robert Manner.
 2019-12-21 12:54:55 -07:00
Todd C. Miller
4392b5726e Output the name of the limit when warning about setrlimit or getrlimit. 
From Kimmo Suominen.
 2019-12-18 09:42:14 -07:00
Todd C. Miller
96a03a0891 regen 2019-12-14 13:02:53 -07:00
Todd C. Miller
42732821fd Add python module files to MANIFEST 2019-12-14 13:02:48 -07:00
Robert Manner
4ad362dd8f plugins/python: example plugin demonstrating conversation and debug API 2019-12-14 12:55:42 -07:00
Robert Manner
523bcbedb6 plugins/python: add example python group plugin 2019-12-14 12:55:42 -07:00
Robert Manner
d8432fca34 plugins/python: add example python policy plugin 2019-12-14 12:55:42 -07:00
Robert Manner
ee856cc4ba plugins/python: add example io python plugin 2019-12-14 12:55:42 -07:00
Robert Manner
91e6bf8ccd Makefile.in, configure.ac: add python plugin build 2019-12-14 12:55:42 -07:00
Robert Manner
d888d44594 plugins/python: make group plugin able to debug 
It does not get the debug settings, so it looks them up through
sudo_conf.
 2019-12-14 12:55:42 -07:00
Robert Manner
9b49d44e84 plugins/python: add a sudo python module 2019-12-14 12:55:42 -07:00
Robert Manner
a6bac23bab plugins/python: add ImportBlocker which forbids loading unsafe python modules 
If non root can alter any imported python modules, he is able to run
anything he would like to as root user.
This class is a helper to avoid such situation.

This feature can be disabled with 'DeveloperMode=1' plugin option.
 2019-12-14 12:55:42 -07:00
Robert Manner
babdcbd031 plugins/python: a plugin which can load policy/io plugin written in python 2019-12-14 12:55:42 -07:00
Robert Manner
311cf122e2 plugins/python: add sudo debug helpers 2019-12-14 12:55:42 -07:00
Robert Manner
c0d53d75eb src/load_plugins, plugins/sudoers: added developer_mode sudo.conf option 
It can be used to disable the enforcement that a plugin (shared object or
an imported python module) must be owned by root and not modifiable by
others.
This can make plugin development easier.
 2019-12-14 12:55:42 -07:00
Robert Manner
6710048c8d lib/util/sudo_debug.c: add a function for querying if debugging is needed 
for a level.
Rationale: this way we can avoid computing details for the log which will
not happen at all if the computation is slow.
 2019-12-14 12:55:42 -07:00
Robert Manner
80fa75f0e8 Makefile.in: fix calling log2cl when doing out of source build 
If doing build out of source and not calling configure by absolute path,
$(top_srcdir) variable will contain a path relative to the directory we
stand in. So, after changing the current directory "cd $(srcdir)", this
path will point to somewhere else making the install step fail.
 2019-12-14 12:55:42 -07:00
Todd C. Miller
a441580540 Update SUDO_CONV_REPL_MAX in docs. 2019-12-14 12:40:55 -07:00
Todd C. Miller
9f4409c256 Remove uncrustify.files in clean target 2019-12-14 06:30:32 -07:00
Todd C. Miller
60328e5c7e Add uncrustify config file for new sudo code style. 2019-12-13 19:28:53 -07:00
Todd C. Miller
3a0445af9c Bump SUDO_CONV_REPL_MAX from 255 to 1023 2019-12-13 19:27:39 -07:00
Todd C. Miller
3ec23ad5e1 Minor style cleanups. 
Remove extraneous break after return statement.
Convert two old K&R function declarations.
 2019-12-13 19:27:38 -07:00
Todd C. Miller
718e6997fc Save/restore the raw form of the file context in case mctrans is not available. 2019-12-11 13:06:05 -07:00
Todd C. Miller
b14d633ec6 Add runas_check_shell flag to require a runas user to have a valid shell. 
Not enabled by default.
 2019-12-09 19:29:45 -07:00
Todd C. Miller
df8f06609c Add a new flag "allow_unknown_runas_id" to control matching of unknown IDs. 
Previous, sudo would always allow unknown user or group IDs if the
sudoers entry permitted it.  This included the "ALL" alias.
With this change, the admin must explicitly enable support for unknown IDs.
 2019-12-09 17:14:06 -07:00
Todd C. Miller
d7b4f88658 Use cfmakeraw() in sudo_term_raw() instead of doing it manually. 2019-12-07 12:25:51 -07:00
Todd C. Miller
9d737441f4 Fix event loop called via I/O log close function. 
We need to set events that were pending in the old base in the new one.
Fixes sending the final I/O log data and the ExitMessage to the server.
 2019-12-07 08:42:12 -07:00
Todd C. Miller
d0b80b404c Replace timeleft with pending in sudo plugin event API. 2019-12-07 08:42:10 -07:00
Todd C. Miller
bf3b93f080 Use sudo_ev_pending() instead of the deprecated sudo_ev_timeleft(). 2019-12-07 08:42:09 -07:00
Todd C. Miller
22ffffe12b Add sudo_ev_pending(), used to check whether an event is pending. 2019-12-07 08:42:08 -07:00