isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5,353 Commits 1 Branch 0 Tags
aef91eb1df4655832b22ae0707bee5375e3ab8cc
Commit Graph

328 Commits

Author SHA1 Message Date
Todd C. Miller
452d8765b2 Zero out group_plugin on unload just to be safe. 2010-11-08 17:48:05 -05:00
Todd C. Miller
da35e5f42f Unload group plugin if its init function fails. 2010-11-08 17:44:32 -05:00
Todd C. Miller
93d2420de9 Fix complilation on systems with set_auth_parameters() 
Sprinkle volatile to quiet warnings from gcc 2.8.0
 2010-10-12 10:47:16 -04:00
Todd C. Miller
c615ca742a Use INADDR_NONE instead of casting -1 to in_addr_t (which may not exist). 2010-10-12 10:31:21 -04:00
Todd C. Miller
1e01f2b7ac Quiet an HP-UX compiler warning. 2010-10-12 09:23:52 -04:00
Todd C. Miller
86a4a5232f Use HAVE_DLOPEN instead of HAVE_DLFCN_H when determining whether to 
include the local or system dlfcn.h
 2010-10-11 17:39:51 -04:00
Todd C. Miller
06b0aa1185 Fix pasto; AF_INET not AF_INET6 2010-10-11 15:43:59 -04:00
Todd C. Miller
6a52054147 If pam_acct_mgmt() returns PAM_AUTH_ERR print a (hopefully) more useful 
message and return AUTH_FATAL so sudo does not keep trying to validate
the user.
 2010-10-11 09:12:23 -04:00
Todd C. Miller
751f597b2b Make this compile correctly when no dlopen is available. 2010-10-11 09:10:10 -04:00
Todd C. Miller
66ea399856 Having a timestamp file defined is no longer indicative of tty tickets 
being enabled.  Check def_tty_tickets directly.
 2010-10-07 14:12:17 -04:00
Todd C. Miller
6b4fe798d5 Move set_project() from sudoers module into sudo proper. 2010-10-01 13:52:42 -04:00
Todd C. Miller
a627c60deb When iterating over returned LDAP entries, keep looking at remaining 
matches even if we have a positive match.  This catches negative
matches that may exist in other entries and more closely match the
sudoers file behavior.
 2010-10-01 12:17:01 -04:00
Todd C. Miller
614e2a642c Preserve ODMDIR environment variable by default on AIX. 2010-09-27 14:08:54 -04:00
Todd C. Miller
f538ed4e35 Add dlopen() emulation for systems without it. 
For HP-UX 10, emulate using shl_load().
For others, link sudoers plugin statically and use a lookup
table to emulate dlsym().
 2010-09-26 17:41:35 -04:00
Todd C. Miller
590eed3bd7 Ignore ECONNREFUSED from audit_log_user_command() which will 
occur if auditd is not running.
 2010-09-21 07:56:16 -04:00
Todd C. Miller
48d7c78330 Cast isblank argument to unsigned char. 2010-09-16 10:39:08 -04:00
Todd C. Miller
b51afe6249 Implement --with-umask-override configure flag. 2010-09-14 17:18:55 -04:00
Todd C. Miller
ed45e68da9 Take MODE_LOGIN_SHELL into account when initially setting reset_home 
instead of special-casing it later.
 2010-09-14 11:44:33 -04:00
Todd C. Miller
53f9cfe062 In login mode, make a copy of the runas user's pw_shell for NewArgv[0] 
because 1) we modify it and 2) it will runas_pw gets freed before exec.
 2010-09-14 11:30:28 -04:00
Todd C. Miller
ce942f18c0 Reset HOME for "sudo -i" even if HOME was listed in env_keep. 2010-09-14 11:28:40 -04:00
Todd C. Miller
77eb8cfe5b Use __sun for consistency with the rest of the sources. 2010-09-13 11:49:10 -04:00
Todd C. Miller
4101f2eef0 Quiet a bogus compiler warning. 2010-09-13 11:37:29 -04:00
Todd C. Miller
933c71e9c3 Don't try to delref a NULL group. 2010-09-13 11:08:04 -04:00
Todd C. Miller
4ce8b35cd3 testsudoers depends on libsudoers.la, not sudoreplay 2010-09-11 09:00:06 -04:00
Todd C. Miller
f601085de4 Make "visudo -c -f -" check the standard input. 2010-09-09 17:10:23 -04:00
Todd C. Miller
1b9ca115b7 Make -H flag work when HOME is listed in env_keep. Also makes 
"set_home" and "always_set_home" override override HOME in env_keep.
 2010-09-09 16:16:39 -04:00
Todd C. Miller
e069b74dc8 Convert sudoers plugin to use interface list passed in settings. 2010-09-08 15:07:40 -04:00
Todd C. Miller
d9a3526320 Solaris BSM audit return EINVAL when auditing is not enabled, whereas 
OpenBSM returns ENOSYS.
 2010-09-08 09:47:00 -04:00
Todd C. Miller
d739608a80 missing.h should come before most local includes 2010-09-07 18:28:55 -04:00
Todd C. Miller
0c38f1460d Make local includes consistent; use double quotes for local includes 
except for generated ones where we use angle brackets.
 2010-09-07 18:28:22 -04:00
Todd C. Miller
1d37ab560a Always fill in NewArgv for audit code. 2010-09-07 17:59:10 -04:00
Todd C. Miller
5403757edf Add missing LOG_INPUT/LOG_OUTPUT support in the lexer. 2010-09-07 17:16:05 -04:00
Todd C. Miller
10c3bb62c4 Make local includes consistent; use double quotes for local includes 
except for generated ones where we use angle brackets.
Also g/c unused compat.h.
 2010-09-07 16:45:19 -04:00
Todd C. Miller
8ec596c7d9 When matching the runas user and runas group (-u and -g command 
line options), keep track of runas group and runas user matches
separately.  Only return a positive match if we have a match for
both runas user and runas group (if specified).
 2010-09-06 07:56:15 -04:00
Todd C. Miller
df8ec6fc25 Add support for multiple URI lines by joining the contents and passing 
the result to ldap_initialize.
 2010-09-04 20:43:51 -04:00
Todd C. Miller
27f6558df9 Do not return -1 on error from the display functions; the caller 
expects a return value >= 0.
 2010-09-04 08:42:08 -04:00
Todd C. Miller
e7d56e16e2 Do not set both MODE_EDIT and MODE_RUN 2010-09-04 08:41:42 -04:00
Todd C. Miller
c31210d663 Add missing definition of timedir 2010-08-30 09:47:52 -04:00
Todd C. Miller
399381de99 Add #include of sys/types.h for .c files that include missing.h to 
be sure that size_t and ssize_t are defined.
 2010-08-30 09:14:41 -04:00
Todd C. Miller
7213f72054 Install sudoers file from the build dir not hte src dir. 2010-08-30 09:06:25 -04:00
Todd C. Miller
94de54b19d If runas_pw changes, reset the stashed runas aux group vector. 
Otherwise, if runas_default is set in a per-command Defaults statement,
the command runs with root's aux group vector (i.e. the one that
was used when locating the command).
 2010-08-26 11:40:04 -04:00
Todd C. Miller
209a210511 Add target to generate sudoers file 
Remove generated sudoers file as part of distclean
 2010-08-26 11:06:12 -04:00
Todd C. Miller
88f9fea400 g/c unused auth_pw extern definition 2010-08-21 10:02:50 -04:00
Todd C. Miller
256ee25ab5 Move get_auth() into check.c where it is actually used. 2010-08-21 08:48:35 -04:00
Todd C. Miller
a2694e9e26 Plug memory leak 2010-08-20 14:24:07 -04:00
Todd C. Miller
3d48cae18c Set dupcheck to TRUE when setting new HOME value if !env_reset but 
always_set_home is true.  Prevents a duplicate HOME in the environment
(old value plus the new one) introduced in f421f8827340.
 2010-08-18 15:26:26 -04:00
Todd C. Miller
598341d366 Substitute sysconfdir in the installed sudoers file to get the 
correct path for sudoers.d.
 2010-08-18 08:09:10 -04:00
Todd C. Miller
f454727bb8 Merge compat.h and missing.h into missing.h 2010-08-16 14:05:44 -04:00
Todd C. Miller
6ce5c4cd97 If the user hits ^C while a password is being read, error out before 
reading any further passwords in the pam conversation function.
Otherwise, if multiple PAM auth methods are required, the user will
have to hit ^C for each one.
 2010-08-14 10:18:49 -04:00
Todd C. Miller
151a2cab56 Update comment 2010-08-12 11:55:56 -04:00