isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,346 Commits 1 Branch 0 Tags
af8a211e4b320b29aa764eebfac22ed9f51c83c0
Commit Graph

84 Commits

Author SHA1 Message Date
Todd C. Miller
d29aede203 No longer throw an error if sudoers is a symbolic link. Deprecated 
the --with-stow option as that is now (effectively) the default.
 2012-05-21 13:30:59 -04:00
Todd C. Miller
38ea65203a Move ttysize.c to common so sudoreplay can use it. 2012-04-06 16:41:08 -04:00
Todd C. Miller
c8ce3a0a85 Log the process id in the debug file output. Since we don't want 
to keep calling getpid(), stash the value at init time and when we
fork().
 2012-04-06 15:20:16 -04:00
Todd C. Miller
abdff25703 Always pass __func__, __FILE__ and __LINE__ in sudo_debug_printf() 
and use a new flag, SUDO_DEBUG_FILENO to specify when to use it.
This allows consumers of sudo_debug_printf() to log that data without
having to specify it manually.
 2012-04-05 13:04:00 -04:00
Todd C. Miller
2c84bd4d08 Log warning() at SUDO_DEBUG_WARN not SUDO_DEBUG_ERROR. 
Log the function, file and line number in the debug log for warning()
and error().
 2012-04-05 12:37:15 -04:00
Todd C. Miller
2fe41248ac Add SUDO_DEBUG_ERRNO flag to debug functions so we can log errno. 
Use this flag when wrapping error() and warning() so the debug
output includes the error string.
 2012-04-04 16:59:31 -04:00
Todd C. Miller
aecb5206e2 Fix compiler warnings on some platforms and provide a better method 
of defeating gcc's warn_unused_result attribute.
 2012-03-29 10:33:40 -04:00
Todd C. Miller
78429a90d5 Quiet a warning on systems where the gids array in setgroups() is 
not prototyped as being const, even though it really is.
 2012-03-28 11:14:22 -04:00
Todd C. Miller
8b3d118f62 Fix matching of "Path askpass" and "Path noexec" 2012-03-27 12:24:39 -04:00
Todd C. Miller
55d1a1a79d Use ecalloc() when allocating structs. 2012-03-19 11:24:24 -04:00
Todd C. Miller
dbbb48c45f Add ecalloc() and commented out recalloc(). 
Use inline strnlen() instead of strlen() in estrndup().
 2012-03-19 11:23:25 -04:00
Todd C. Miller
96f046c1ce Rename plugin "args" to "options" 2012-03-15 12:32:31 -04:00
Todd C. Miller
83459e13b5 Set args to NULL in default plugin info struct when there is no 
Plugin line in sudo.conf.
 2012-03-14 15:07:50 -04:00
Todd C. Miller
37770ecf1e Initial cut at a hooks implementation. The plugin can register 
hooks for getenv, putenv, setenv and unsetenv.  This makes it
possible for the plugin to trap changes to the environment made by
authentication methods such as PAM or BSD auth so that such changes
are reflected in the environment passed back to sudo for execve().
 2012-03-07 16:35:42 -05:00
Todd C. Miller
a16dee915b Add support for plugin args at the end of a Plugin line in sudo.conf. 
Bump the minor number accordingly and update the documentation.  A
plugin must check the sudo front end's version before using the
plugin_args parameter since it is only supported for API version
1.2 and higher.
 2012-03-02 11:04:09 -05:00
Todd C. Miller
8d05f0d1b0 Add type param to sudo_secure_path() and add sudo_secure_file() 
and sudo_secure_dir() wrappers which get by #includedir in sudoers.
 2012-02-29 15:50:48 -05:00
Todd C. Miller
28db1fbbed We need sysconfdir in compat/Makfile to get the proper sudo.conf 
path.  Add standard prefix and foodir expansion in all Makefiles
to avoid this problem in the future.
 2012-02-27 13:28:15 -05:00
Todd C. Miller
415454ff59 Relax the user/group/mode checks on sudoers files. As long as the 
file is owned by the right user, not world-writable and not writable
by a group other than the one specified at configure time (gid 0
by default), the file is considered OK.  Note that visudo will still
set the mode to the value specified at configure time.
 2012-02-22 13:04:03 -05:00
Todd C. Miller
d35f50bd65 Move _PATH_SUDO_CONF override to common to match sudo_debug.c 2012-02-06 15:57:26 -05:00
Todd C. Miller
e16ae617e4 g/c now-unused debug subsystems 2012-02-05 10:17:26 -05:00
Todd C. Miller
c970d464cb Normally, sudo disables core dumps while it is running. This 
behavior can now be modified at run time with a line in sudo.conf
like "Set disable_coredumps false"
 2012-02-03 14:57:03 -05:00
Todd C. Miller
c91f5ee680 Make sure we don't try to fall back to using the conversation 
function for debugging in the main sudo process if we are unable
to open the debug file.
 2012-02-03 12:30:07 -05:00
Todd C. Miller
ee0fb36d8b regen dependencies 2012-01-13 06:02:17 -05:00
Todd C. Miller
fa15fc7651 The result of writev() is never checked so just cast to NULL. 2012-01-11 13:09:09 -05:00
Todd C. Miller
13561805d9 Add debug support. 2012-01-06 20:10:41 -05:00
Todd C. Miller
fa1f781a0e Separate sudo.conf parsing from plugin loading and move the parse 
functions into the common lib so that visudo, etc. can use them.
 2011-12-20 08:55:13 -05:00
Todd C. Miller
1c3965f534 Separate sudo.conf parsing from plugin loading and move the parse 
functions into the common lib so that visudo, etc. can use them.
 2011-12-20 08:50:07 -05:00
Todd C. Miller
9f0abb4692 Add support for setenv entries in login.conf. We can't use LOGIN_SETENV 
since the plugin sets up the envp the command is executed with.
Also regen the Makefile.in files while here.  Fixes bug #527
 2011-12-05 10:43:44 -05:00
Todd C. Miller
0e26e43b99 Remove duplicate return statements. 2011-12-02 15:23:42 -05:00
Todd C. Miller
21a2f95821 Use stdbool.h instead of rolling our own TRUE/FALSE macros. 2011-12-02 11:27:33 -05:00
Todd C. Miller
51e45647ae Use HAVE_STRUCT_TIMESPEC and HAVE_STRUCT_IN6_ADDR instead of 
HAVE_TIMESPEC and HAVE_IN6_ADDR respectively.
 2011-12-01 11:07:17 -05:00
Todd C. Miller
ab887a6fb0 No longer pass debug_file to plugin, plugins must now use CONV_DEBUG_MSG 2011-11-30 14:56:41 -05:00
Todd C. Miller
8fa6ab0372 Include time.h for ctime() prototype. 2011-11-30 09:14:11 -05:00
Todd C. Miller
a64f1eaea8 Do not close error pipe or debug fd via closefrom() as we need them 
to report an exec error should one occur.
 2011-11-29 19:51:24 -05:00
Todd C. Miller
12352244bd regen 2011-11-22 13:16:43 -05:00
Todd C. Miller
65b781a2ef Use SUDO_CONV_DEBUG_MSG in the plugin instead of writing 
directly to the debug file.
 2011-11-13 13:55:19 -05:00
Todd C. Miller
3ee9cef0da Fold SUDO_DEBUG_PROGERR and SUDO_DEBUG_SYSERR into SUDO_DEBUG_ERROR 2011-11-07 16:33:49 -05:00
Todd C. Miller
839919566e Add debug_decl/debug_return (almost) everywhere. 
Remove old sudo_debug() and convert users to sudo_debug_printf().
 2011-10-22 14:40:21 -04:00
Todd C. Miller
9923464d96 Wrap error/errorx and warning/warningx functions with debug statements. 
Disable wrapping for standalone sudoers programs as well as memory
allocation functions (to avoid infinite recursion).
 2011-10-22 14:28:33 -04:00
Todd C. Miller
53e3ad11b5 New debug framework for sudo and plugins using /etc/sudo.conf that 
also supports function call tracing.
 2011-10-22 14:00:52 -04:00
Todd C. Miller
da95b0ea58 setgroups() proto lives in grp.h on RHEL4, perhaps others. 2011-08-23 10:14:52 -04:00
Todd C. Miller
cb63967bfd Fix setgroups() fallback code on EINVAL. 2011-07-22 15:33:33 -04:00
Todd C. Miller
022591f4bf Add a wrapper for setgroups() that trims off extra groups and retries 
if setgroups() fails.  Also add some missing addrefs for PERM_USER
and PERM_FULL_USER.
 2011-07-20 16:54:12 -04:00
Todd C. Miller
e66169b3ed Move nls targets to the top level Makefile so the paths in 
the pot file are saner
 2011-06-04 18:27:13 -04:00
Todd C. Miller
78e235945f Auto-generate Makefile dependencies with a perl script. 2011-05-25 09:02:25 -04:00
Todd C. Miller
bd36d4f2ab Add primitive format string support to the lbuf code to make translations 
simpler.
 2011-05-20 15:25:03 -04:00
Todd C. Miller
bf7e7b5752 Add gettext.h convenience header. This is similar to but distinct from 
the one included with the gettext package.
 2011-05-20 11:48:17 -04:00
Todd C. Miller
3164f58143 Add scaffolding to update .po files and install .mo files. 2011-05-19 15:25:29 -04:00
Todd C. Miller
15bc74bd67 Include libint.h where needed. 2011-05-16 16:37:11 -04:00
Todd C. Miller
c865a462cc Prepare sudo front end messages for translation. 2011-05-06 17:47:51 -04:00