isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
9,280 Commits 1 Branch 0 Tags
afca08c74d5a246696640ca113dc18c3cc51618c
Commit Graph

9280 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
8c64cd97d2 regen 2018-04-05 07:00:25 -06:00
Todd C. Miller
9e0c75135e update 2018-04-05 06:34:49 -06:00
Todd C. Miller
0b7abea168 Mention -p and -M options in the description of -m. 2018-04-05 06:34:22 -06:00
Todd C. Miller
5ae557e308 Check sudoedit temporary directory for writability before using it. 2018-04-04 21:05:59 -06:00
Todd C. Miller
512e0be834 Use btime in /proc/stat to determine system start time instead of 
/proc/uptime.  Fixes the process start time test when run from a
container where /proc/uptime is the uptime of the container but the
process start time is relative to the host system boot time.
Bug #829
 2018-04-04 11:28:53 -06:00
Todd C. Miller
7663ae7b27 Add option to prune non-matching entries from cvtsudoers output with -m 
option is used.
 2018-04-04 09:51:05 -06:00
Todd C. Miller
5c1d9899e1 Allow defaults types and suppression list to be specified in 
the config file.
 2018-04-02 07:41:56 -06:00
Todd C. Miller
18ba38ef4c Refactor common alias code out of cvtsudoers and visudo and into alias.c. 2018-04-02 07:41:09 -06:00
Todd C. Miller
dbd5613b1a Avoid NULL deref in an error path. CID 183467 2018-03-29 18:53:53 -06:00
Todd C. Miller
18371cacba No need to initialize the last pointer passed to strtok_r(). 
This was originally added to appease newer gcc but no longer
seems to be required.  CID 183466, CID 183468, CID 183469
 2018-03-29 18:53:51 -06:00
Todd C. Miller
6f66216441 Avoid false positive NULL dereference by uses value.u.string 
instead of name as the former is guaranteed not to be NULL.
Fixes CID 183465.
 2018-03-29 18:53:50 -06:00
Todd C. Miller
b4b5243bff regen 2018-03-29 10:20:26 -06:00
Todd C. Miller
e7ba359abf Add a section on convertion from file-based sudoers. 2018-03-29 07:13:31 -06:00
Todd C. Miller
dd545f38ca Add support for "cvtsudoers -d all" 2018-03-28 17:43:58 -06:00
Todd C. Miller
aa402cdc3c Add -d option to control what type of Defaults entries are converted. 2018-03-28 08:33:07 -06:00
Todd C. Miller
a42cf67acb In pty_close() we still need to check whether the pty master and 
slave fds are open before closing them.  When no tty is present but
we are I/O logging pty_close() will be called when there is no
actual pty in use.
 2018-03-27 16:00:08 -06:00
Todd C. Miller
809c15d165 regen 2018-03-27 15:57:02 -06:00
Todd C. Miller
693cdbd96e ignore *.ldif2sudo regress output 2018-03-26 10:36:29 -06:00
Todd C. Miller
2336496347 In pty_close() there is no need to remove events associated with 
the pty slave as there are none.  We also don't need to check for
the pty fds being -1 since they are not closed elsewhere and
pty_close() is only called if pty_setup() succeeds.
 2018-03-26 06:28:23 -06:00
Todd C. Miller
5e7ff154be Move cvtsudoers to section 1. 2018-03-25 16:16:48 -06:00
Todd C. Miller
4df454310d In pty_close() close the slave and remove any events associated 
with it.  Fixes a potential hang when performing the final flush
on non-BSD systems.
 2018-03-25 06:03:19 -06:00
Todd C. Miller
6da40a7b5b Fix typo in strcmp(), we are comparing var not val. 2018-03-23 09:54:52 -06:00
Todd C. Miller
22c9ed8e77 sync 2018-03-23 06:56:49 -06:00
Todd C. Miller
7cdc79eb7d sync 2018-03-23 06:46:38 -06:00
Todd C. Miller
30f8174084 regen 2018-03-22 13:30:25 -06:00
Todd C. Miller
14ee65c525 Add -M option to cvtsudoers to force the use of the local passwd 
and group databases when matching.
 2018-03-22 13:24:41 -06:00
Todd C. Miller
8a237eb07d Add cvtsudoers command line option to suppress certain parts of the 
security policy.  Can be used to suppress displaying of Defaults
entries, aliases or privileges.
 2018-03-22 11:38:39 -06:00
Todd C. Miller
af6e1cd7c6 Silence a false positive from the clang static analyzer. 2018-03-21 15:03:17 -06:00
Todd C. Miller
821e8a07da Silence a false positive from the clang static analyzer. 2018-03-21 14:55:17 -06:00
Todd C. Miller
fbed17e1a4 Fix memory leak on error path. 2018-03-21 14:43:17 -06:00
Todd C. Miller
e9512df6b6 regen 2018-03-21 13:33:44 -06:00
Todd C. Miller
bbd3e558b1 Move cvtsudoers string functions into cvtsudoers.c 2018-03-21 13:29:47 -06:00
Todd C. Miller
9ab5dc5f76 regen 2018-03-21 13:29:18 -06:00
Todd C. Miller
ff79de8592 Initial support filtering by user, group and host in cvtsudoers. 
Currently forces alias expansion when a filter is applied and the
entire matching user or host list is printed, even the non-matching
entries.  This effectively allows you to grep sudoers by user, group
and host.
 2018-03-21 12:24:11 -06:00
Todd C. Miller
bc5e2d06a7 Add free_default() to free a struct defaults pointer so we have a 
single place where we free the defaults.  A pointer to the previous
Default's binding may be passed in to avoid freeing an already free
binding.
 2018-03-21 12:11:19 -06:00
Todd C. Miller
b6c53ac846 Decrease bullet width to 1n. 2018-03-21 06:52:50 -06:00
Todd C. Miller
b06e046835 Add aix_setauthdb() before the initial getpwuid() call. 2018-03-17 07:49:08 -06:00
Todd C. Miller
910f288948 fix compilation on Solaris 2018-03-10 20:16:20 -07:00
Todd C. Miller
1cb5ab8b9c Make "sudoreplay -m 0" skip the pauses entirely. 2018-03-08 07:53:29 -07:00
Todd C. Miller
0ffd23945f Document that a negative value for -m will elmininate the pauses. 2018-03-08 06:22:21 -07:00
Todd C. Miller
24f8e62e75 Update copyright date, remove unneeded include and add a few comments. 2018-03-06 15:59:31 -07:00
Todd C. Miller
e6c0d80fa8 Use fmtsudoers functions in testsudoers. 2018-03-06 15:09:21 -07:00
Todd C. Miller
81a373677a Add test for empty runas user list. 2018-03-06 14:39:11 -07:00
Todd C. Miller
3e7db48284 Don't print an empty user list as ALL. 2018-03-06 14:38:17 -07:00
Todd C. Miller
bb31544fcc In sudoers_format_userspecs make the separator optional and silence 
a printf format warning.
 2018-03-06 13:42:56 -07:00
Todd C. Miller
f984de1ba9 Use correct defines when checking for sysctl kinfo_proc support. 2018-03-06 12:05:07 -07:00
Todd C. Miller
bdbd102c9c Fix crash when converting sudoers entry with a runas list that is 
present but empty.
 2018-03-06 12:00:37 -07:00
Todd C. Miller
217e0a9b4b Less confusing sysctl checks for kinfo_proc. 2018-03-05 17:35:02 -07:00
Todd C. Miller
e26ef96a65 Add case_insensitive_group and case_insensitive_user sudoers options, 
which are enabled by default.
 2018-03-05 10:42:02 -07:00
Todd C. Miller
6014b4075c Kill dead store found by clang-analyzer. 2018-03-04 11:59:45 -07:00