isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7,344 Commits 1 Branch 0 Tags
a78da37487f3f6b2665b71d749629d800f92be4b
Commit Graph

53 Commits

Author SHA1 Message Date
Todd C. Miller
a78da37487 Make set_perms() and restore_perms() return an error instead of 
calling exit() on failure.
 2014-04-10 16:11:47 -06:00
Todd C. Miller
35c41deb41 Fix "sudo -l command" output when the matching command is negated. 
Bug #636
 2014-03-13 08:21:04 -06:00
Todd C. Miller
b2c456341a Move symbol extern defs into sudoers.h 2013-12-16 14:18:42 -07:00
Todd C. Miller
b38d253e98 Add "headless" tail queues and use them in place of the semi-circular 
lists in sudoers.  Once the headless tail queue is built up it is
converted to a normal TAILQ.  This removes the last consumer of
list.c and list.h so those can now be removed.
 2013-10-22 09:08:38 -06:00
Todd C. Miller
923edabe6c Convert sudo to use BSD TAILQ macros instead of home ground tail 
queue functions.  This includes a private queue.h header derived
from FreeBSD.  It is simpler to just use our own header rather than
try to deal with macros that may or may not be present in various
queue.h incarnations.
 2013-10-22 09:00:37 -06:00
Todd C. Miller
ab61c02546 Replace sequence number-based cycle detection in visudo with a 
"used" flag in struct alias.  The caller is required to call
alias_put() when it is done with the alias.  Inspired by a patch
from Daniel Kopecek.
 2013-05-22 11:32:08 -04:00
Todd C. Miller
d6282d154a Update copyright years. 2013-04-24 09:35:02 -04:00
Todd C. Miller
1162b55040 Rename log_error() -> log_warning() for consistency with warning()/fatal() 2013-04-18 14:14:03 -04:00
Todd C. Miller
b0595e6e26 Quiet a compiler warning. 2013-03-06 16:50:35 -05:00
Todd C. Miller
56d45003e5 Quiet gcc -Wuninitialized false positive 2013-03-06 15:56:26 -05:00
Todd C. Miller
2228763ff2 Fix typos in selinux/solaris privs specific code. 2013-02-21 15:59:21 -05:00
Todd C. Miller
fa924d09bc Make sudoers file long list output better match the format used by 
ldap sudoers.  Tags are now converted to options and there is a
single command per line.
 2013-02-20 15:09:21 -05:00
Todd C. Miller
064cb0ceda For "sudo -l" start a new line if the runas list changes to make 
the output easier to read.
 2013-02-20 10:47:31 -05:00
Todd C. Miller
d00ad3bbe2 For "sudo -l" and "sudo -ll" only print the runas info for subsequent 
commands in a list if the runas info has changed.  If we have new
runas info, print out the tags again so as to be less confusing to
the user.  For "sudo -ll" set the line continuation indent to 8.
 2013-02-19 16:29:17 -05:00
Todd C. Miller
1d7072fe09 Don't include <sys/param.h>. We only needed it for MAXPATHLEN, 
MAXHOSTNAMELEN and the MIN/MAX macros.  We now use PATH_MAX and
HOST_NAME_MAX throughout without falling back on MAXPATHLEN or
MAXHOSTNAMELEN and define our own MIN/MAX macros as needed.
 2012-12-04 10:40:47 -05:00
Todd C. Miller
a0c53bd751 Call gettext inside log_error et al instead of having the caller do it. This way we can display any messages to the user in their own locale but log in the sudoers local. 2012-11-08 15:37:44 -05:00
Todd C. Miller
5276ab3a5f Set yacc prefix to "sudoers" to avoid conflicts other yacc parsers. 2012-09-14 16:19:25 -04:00
Todd C. Miller
793426106e Fix NULL deref when an entry has no Runas_Entry 2012-08-22 15:50:58 -04:00
Todd C. Miller
355d40aa86 The second argument to init_parser() is now bool. 2012-08-02 15:40:11 -04:00
Todd C. Miller
57699c5531 If a command matches using an empty Runas_List (i.e. Runas_List is 
present but empty) and the -u option was not specified, set runas_pw
to user_pw instead of using runas_default.  This is intended to be
used in conjunction with the Solaris Privilege Set support for rules
that grant privileges without changing the user.
 2012-08-02 14:37:32 -04:00
Todd C. Miller
e2d210a340 Add support for parsing an empty Runas_List, which only allows the 
command to be run as the invoking user.  This can be used in
conjunction with the Solaris Privilege Set support to grant privileges
without changing the user.
 2012-08-02 14:02:54 -04:00
Todd C. Miller
4abd2a6cf4 Merge in Solaris privilege support by Darren Moffat and John Zolnowsky 2012-07-26 13:49:21 -04:00
Todd C. Miller
44ce5720de Remove the NO_EXIT flag to log_error() and add a log_fatal() function 
that exits and is marked no_return.  Fixes false positives from
static analyzers and is easier for humans to read too.
 2012-03-26 10:59:14 -04:00
Todd C. Miller
d539c606e0 Fix bogus int -> bool conversion; tags can have a value of -1. 2012-03-12 19:34:19 -04:00
Todd C. Miller
0771c981de Update copyright year. 2012-01-06 14:23:55 -05:00
Todd C. Miller
47bcaf57bc parse_error is now bool, not int 2012-01-04 15:45:27 -05:00
Todd C. Miller
0f5eaa17fd Print a more sensible error if yyparse() returns non-zero but 
yyerror() was not called.
 2012-01-04 15:45:03 -05:00
Todd C. Miller
21a2f95821 Use stdbool.h instead of rolling our own TRUE/FALSE macros. 2011-12-02 11:27:33 -05:00
Todd C. Miller
09beba8259 Revert 003bdb078a15. We need to #include <gram.h> not "gram.h" and 
<def_data.h> and not "def_data.h" when generating the parser in a
build dir.
 2011-11-12 12:18:44 -05:00
Todd C. Miller
0bf68d2103 #include "gram.h" not <gram.h> and "def_data.h" and not <def_data.h>. 2011-11-08 14:09:48 -05:00
Todd C. Miller
839919566e Add debug_decl/debug_return (almost) everywhere. 
Remove old sudo_debug() and convert users to sudo_debug_printf().
 2011-10-22 14:40:21 -04:00
Todd C. Miller
dacb1e47f3 Honor NOPASSWD tag for denied commands too. 2011-09-09 09:57:39 -04:00
Todd C. Miller
4f9a93f658 Fix some potential problems found by the clang static analyzer, 
none serious.
 2011-07-28 10:59:37 -04:00
Todd C. Miller
ab3b3eb83b Quiet gcc warnings. 2011-05-28 15:27:14 -04:00
Todd C. Miller
bd36d4f2ab Add primitive format string support to the lbuf code to make translations 
simpler.
 2011-05-20 15:25:03 -04:00
Todd C. Miller
67cc4ff025 Translate help / usage strings. 2011-05-19 16:07:14 -04:00
Todd C. Miller
b643b190a7 Prepare sudoers module messages for translation. 2011-05-16 16:32:05 -04:00
Todd C. Miller
cf7ec7a3cc Fix typo; tupple vs. tuple 2011-03-15 15:52:18 -04:00
Todd C. Miller
53da5e8cdf Update copyright years. 2011-03-11 15:34:35 -05:00
Todd C. Miller
3c0672e2e3 Allow sudoers file name, mode, uid and gid to be specified in the 
settings list.  The sudo front end does not currently set these
but may in the future.
 2011-02-23 13:38:52 -05:00
Todd C. Miller
1f5c1dda14 cosmetic change 2011-01-24 15:35:44 -05:00
Todd C. Miller
ae2f7638f5 standardize on "return foo;" rather than "return(foo);" or "return (foo);" 2011-01-24 15:15:18 -05:00
Todd C. Miller
27f6558df9 Do not return -1 on error from the display functions; the caller 
expects a return value >= 0.
 2010-09-04 08:42:08 -04:00
Todd C. Miller
30fe4a067c Set usrinfo for AIX 
Set adminstrative domain for the process when looking up user's
    password or group info and when preparing for execve().
Include strings.h even if string.h exists since they may define
    different things.  Fixes warnings on AIX and others.
 2010-06-29 13:08:05 -04:00
Todd C. Miller
2dd29bf64d Break sudoers transcript feature up into log_input and log_output. 2010-05-30 10:31:38 -04:00
Todd C. Miller
34e1a06767 Use sudo_printf to display verbose version information. 2010-05-28 12:01:06 -04:00
Todd C. Miller
05ae3ea6cb Convert to ANSI C function declarations 2010-04-22 18:09:53 -04:00
Todd C. Miller
744eae82e7 Primitive set/restore permissions. Will be replaced by a push/pop 
model.
 2010-04-10 10:34:37 -04:00
Todd C. Miller
8c9db4ef6f Better prefix determination now that we can't rely on len==0 to 
tell the beginning on an entry.
 2010-03-19 08:17:58 -04:00
Todd C. Miller
38937dca5e Use embedded newlines in lbuf instead of multiple calls to lbuf_print. 2010-03-19 07:04:34 -04:00