isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7,385 Commits 1 Branch 0 Tags
b121da2e21cabd2793fc423d84ceddd919fd6e47
Commit Graph

1345 Commits

Author SHA1 Message Date
Todd C. Miller
9e5a68627f Norwegian Bokmaal translation for sudoers from translationproject.com 2014-05-24 07:35:35 -06:00
Todd C. Miller
b0e6977c35 Try to be clearer about which are the input and output files in 
export mode.
 2014-05-13 15:00:43 -06:00
Todd C. Miller
372e30851f In -x mode, require that the input and output files be different. 
This won't currently catch collisions between the output file
and an include file.
 2014-05-13 14:18:06 -06:00
Todd C. Miller
eb5a367323 BSM and Linux audit do not yet use the argc function argument. 2014-05-13 10:25:43 -06:00
Todd C. Miller
337a712745 Pass argc to audit functions too. Will be needed for Solaris audit 
support.
 2014-05-13 09:41:53 -06:00
Todd C. Miller
ffb07443c3 Do not allow the same callback function to be registered more that 
once in fatal_callback_register().
Add fatal_callback_deregister() to deregister a callback.
 2014-05-12 11:45:17 -06:00
Todd C. Miller
2e3fbaa2c5 Add trivial sudoedit parsing tests. 2014-05-12 09:52:29 -06:00
Todd C. Miller
3c5353c2be Catalan translation for sudoers from translationproject.org. 2014-05-12 09:51:47 -06:00
Todd C. Miller
70f6249764 Sync with translationproject.org 2014-05-10 15:55:03 -06:00
Todd C. Miller
45ff42eb9f Don't try to install the temporary sudoers file if we didn't edit it. 
By default, visudo does not edit files in a #includedir.
Fixes a NULL pointer defef on GNU hurd; Bug #647
 2014-05-09 09:29:42 -06:00
Todd C. Miller
17cbfea8b7 deal with NULL gr_mem here too 2014-05-06 19:32:34 -06:00
Todd C. Miller
b0f1fa7d05 Rename log_warning flags and only send mail if SLOG_SEND_MAIL is 
set instead of mailing by default like we used to.
 2014-05-02 20:54:01 -06:00
Todd C. Miller
954a3e77b1 Add log_warningx 2014-05-02 16:40:30 -06:00
Todd C. Miller
a53946b026 Change return value of switch_dir() to an int so we can distinguish 
between an error and an empty dir in push_includedir().
 2014-05-02 07:57:29 -06:00
Todd C. Miller
480a94d07d Move code to fill in the list of dirs out of switch_dir and into 
its own function.  Quiets a false positive from cppcheck which got
confused due to variable reuse.
 2014-05-02 07:14:06 -06:00
Todd C. Miller
983ab1d163 Avoid unused variable warning if auditing is not supported. 2014-05-02 05:25:57 -06:00
Todd C. Miller
a297a19fb4 Fix library order when linking binaries. 2014-05-01 10:04:09 -06:00
Todd C. Miller
ffbe7d1dae Include limits.h and inttypes.h for SIZE_MAX define. 2014-05-01 09:51:49 -06:00
Todd C. Miller
0a9a8d9562 Move SIZE_MAX compat define into missing.h where it belongs. 2014-05-01 08:38:43 -06:00
Todd C. Miller
cbee9cc8cb Remove now-unused log_fatal() 2014-04-30 17:00:20 -06:00
Todd C. Miller
5086194c67 Eliminate calls to fatal()/fatalx()/log_fatal() in env.c and just 
pass back a return value.
 2014-04-30 16:57:12 -06:00
Todd C. Miller
e45b388a37 Make get_boottime() return bool. 2014-04-28 08:40:32 -06:00
Todd C. Miller
e61af9e6d0 Fix fd leak on Linux when determing boot time. This is usually 
masked by the closefrom() call in sudo.  From Jamie Anderson.
Bug #645
 2014-04-28 08:36:22 -06:00
Todd C. Miller
d3b4326713 Handle the (currently impossible) case where both BSM and Linux 
auditing are supported.  Pacifies cppcheck.
 2014-04-24 11:17:05 -06:00
Todd C. Miller
bd86ced96a Don't call ferror() on a closed stream, just check the return value 
of fclose() instead.  Found by cppcheck.
 2014-04-24 11:12:18 -06:00
Todd C. Miller
e8bb08cc46 Use calloc() instead of malloc(n * s) followed by memset(). 
From Jean-Philippe Ouellet.
 2014-04-22 16:06:04 -06:00
Todd C. Miller
62a278183b Format string safety in error path. 2014-04-22 16:03:57 -06:00
Todd C. Miller
134b2a4228 Rename emalloc2() -> emallocarray() and erealloc3() -> ereallocarray(). 2014-04-22 16:02:28 -06:00
Todd C. Miller
28b564daab Add missing rule for building sha2.lo when not supported by libc or libmd. 2014-04-22 09:18:43 -06:00
Todd C. Miller
b4262391e9 Disable I/O logging for halt and poweroff in addition to reboot in 
commented out example.
 2014-04-15 11:26:01 -06:00
Todd C. Miller
7d91691e1f Use PAM_REINITIALIZE_CRED instead of PAM_ESTABLISH_CRED when 
changing the user.  This is the correct flag to use with
a program that changes the uid like su or sudo and fixes a
role problem on Solaris.  From Gary Winiger; Bug #642
 2014-04-15 07:16:57 -06:00
Todd C. Miller
278a8ba391 pam_setcred should default to true; from Gary Winiger 
Bug #642
 2014-04-15 07:11:29 -06:00
Todd C. Miller
a78da37487 Make set_perms() and restore_perms() return an error instead of 
calling exit() on failure.
 2014-04-10 16:11:47 -06:00
Todd C. Miller
40375a6268 Eliminate calls to fatal() in sudoers.c and just pass back a return 
value.
 2014-04-10 16:03:26 -06:00
Todd C. Miller
a48c00dc31 Elimate calls to fatal() in the logging code. 2014-04-10 16:03:01 -06:00
Todd C. Miller
218aa1e598 Move the sha2 code into libreplace and add configure checks for 
SHA224Update in libc and libmd.  Solaris uses "void *" where we use
"unsigned char *" so we need a check for that too.  Solaris sha2.h
defines SHA224, SHA256, SHA384, and SHA512 so rename those tokens.
Adapted from changes from Vladimir Marek in bug #641.
 2014-04-09 16:31:13 -06:00
Todd C. Miller
27aff732f1 Fix matching of uids and gids broken in sudo 1.8.9. 2014-04-09 10:22:09 -06:00
Todd C. Miller
ecae6b4f9a Fix -P option in usage() 2014-04-09 10:22:07 -06:00
Todd C. Miller
b1cdb3708c Remove a few more unnecessary uses of fatal(). 2014-04-07 19:52:28 -06:00
Todd C. Miller
d702ee9813 Use log_warning() not log_fatal() for the "Invalid authentication 
methods compiled into sudo" message.  We return -1 on error anyway.
 2014-04-07 08:59:48 -06:00
Todd C. Miller
2a290f812e Return MODE_ERROR from sudoers_policy_deserialize_info() instead 
of calling fatalx().
 2014-04-07 05:34:56 -06:00
Todd C. Miller
9b7dfa7522 Remove calls to log_fatal() in I/O log functions and just pass an 
error back to the caller.
 2014-04-04 15:30:12 -06:00
Todd C. Miller
6a295400b7 Make "internal error, %s overflow" arguments consistent, using 
__func__ where possible (when debugging is allowed).
 2014-04-01 16:42:13 -06:00
Todd C. Miller
a1240a5417 Use common printf format when warning of buffer overflow prevention. 2014-03-31 15:58:24 -06:00
Todd C. Miller
7d994b5032 Remove remaining calls to fatalx(); just pass the error to the caller. 2014-03-31 15:43:52 -06:00
Todd C. Miller
2d1484fe84 Make a password/group cache collision a warning rather than fatal. 
This should not be possible in practice and we can safely return
the new (potentially duplicate) item as it will be freed by the
caller.  Make sudo_set_grlist() return an error on failure instead
of calling fatalx().
 2014-03-26 16:44:29 -06:00
Todd C. Miller
db54815996 Use log_warning() instead of log_fatal() if the ticket or lecture 
path is too long and just return an error.  This can only happen
from a misconfiguration so just ignoring the ticket/lecture file
is safe.
 2014-03-26 14:22:46 -06:00
Todd C. Miller
639ac92e6d In find_path(), return NOT_FOUND_ERROR instead of calling fatal() 
if the path is too long.  Remove an extraneous check against PATH_MAX
in set_cmnd() since find_path() already contains such a check.
 2014-03-26 14:15:15 -06:00
Todd C. Miller
4848b5691d Remove unused MODE_LISTDEFS define and correct a comment. 2014-03-26 14:03:04 -06:00
Todd C. Miller
9ff3b1b570 Make hexchar() return -1 on invalid input instead of calling fatalx(). 
Callers used to check that the string was hex before calling hexchar().
Now callers must check for a -1 return value instead.
 2014-03-26 13:50:51 -06:00