isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,307 Commits 1 Branch 0 Tags
b406b51da0684490de642b8fc189f696cf347b23
Commit Graph

6307 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
b406b51da0 No need to loop over atomic_writev(), it guarantees to write all 
data or return an error.

Fix handling of stdout/stderr that contains "\r\n" and handle a
"\r\n" pair that spans a buffer.
 2012-05-30 10:46:02 -04:00
Todd C. Miller
01da613793 Update for sudo 1.8.5p2 2012-05-29 14:28:42 -04:00
Todd C. Miller
12be3e7f54 Instead of doing extra write()s when replaying stdout, build up a 
vector for writev() instead.  This results in far fewer system
calls.
 2012-05-29 13:46:28 -04:00
Todd C. Miller
af9492d117 Provide unhooked version of getenv() and use it when looking up 
DISPLAY and SUDO_ASKPASS in the environment.
 2012-05-27 12:48:55 -04:00
Todd C. Miller
7a6cad5026 When replaying a log of stdout or stderr, do newline to carriage 
return + linefeed conversion.  We cannot have termios do this for
us since we've disabled output postprocessing (POST) when setting
raw mode.
 2012-05-25 16:24:42 -04:00
Todd C. Miller
7720a7fc89 When checking for -fstack-protector, treat warnings as fatal errors. 2012-05-24 11:03:10 -04:00
Todd C. Miller
e54a007263 Fix test for -z relro 2012-05-22 15:45:50 -04:00
Todd C. Miller
ca89eb59ea Add m4/ax_check_compile_flag.m4 and m4/ax_check_link_flag.m4 2012-05-22 13:26:02 -04:00
Todd C. Miller
e417fb3da1 Build with -fstack-protector and link with -zrelo where supported. 
Added --disable-hardening option to disable hardening options.
 2012-05-22 13:23:19 -04:00
Todd C. Miller
ca9331d498 Add tests for sudoers mode, owner and group checks. 2012-05-21 15:39:24 -04:00
Todd C. Miller
0d82c4c7ee If sudoers_mode is group-readable but the actual sudoers file is 
not, open the file as uid 0, not uid 1.  This fixes a problem when
sudoers has a more restrictive mode than what sudo expects to find.
In older versions, sudo would silently chmod the file to add the
group-readable bit.
 2012-05-21 13:59:02 -04:00
Todd C. Miller
d29aede203 No longer throw an error if sudoers is a symbolic link. Deprecated 
the --with-stow option as that is now (effectively) the default.
 2012-05-21 13:30:59 -04:00
Todd C. Miller
4f296fe211 Add basic tests for #include and #includedir 2012-05-18 14:29:55 -04:00
Todd C. Miller
b35cd75533 Add -U sudoers_uid option to testsudoers. 2012-05-18 14:29:29 -04:00
Todd C. Miller
fe5bf03061 Update for 1.8.5p1 2012-05-17 15:53:37 -04:00
Todd C. Miller
8a7ac44590 Fix #includedir; from Mike Frysinger 2012-05-17 15:42:57 -04:00
Todd C. Miller
2b7659f709 Don't prompt for a password if the user is in the exempt group, is 
root, or is running the command as themselves even if the -k option
was specified.  This makes "sudo -k command" consistent with the
behavior one would get if the user ran "sudo -k" immediately before
running the command.
 2012-05-17 10:20:14 -04:00
Todd C. Miller
025a309025 Fix capitalization 2012-05-15 12:15:30 -04:00
Todd C. Miller
071256a838 Build PIE executable on Mac OS X 10.5 and above. 2012-05-15 12:08:22 -04:00
Todd C. Miller
3d55aaa8be Update for sudo 1.8.4p5 2012-05-14 14:48:18 -04:00
Todd C. Miller
0d5a941319 Add missing break between AF_INET and AF_INET6 in addr_matches_if_netmask() 2012-05-14 14:47:48 -04:00
Todd C. Miller
d841ae9cd0 Move systrace monitor code to the attic 2012-05-14 09:47:17 -04:00
Todd C. Miller
466a126c69 The pointer to the siginfo_t struct in a signal handler may be NULL. 2012-05-11 07:57:01 -04:00
Todd C. Miller
0d69580776 Fix an alignment problem on NetBSD systems with a 64-bit time_t and 
strict alignment.  Based on a patch from Martin Husemann.
 2012-05-10 11:06:46 -04:00
Todd C. Miller
4e0ffceacb Add offsetof macro for those without it. 2012-05-10 10:01:26 -04:00
Todd C. Miller
63e1ab974e add system_group plugin 2012-05-10 10:01:09 -04:00
Todd C. Miller
aa7ac09faa Implement RTLD_NEXT and fix RTLD_DEFAULT for HP-UX. 2012-05-09 09:46:38 -04:00
Todd C. Miller
340ae13231 Mention system_group plugin 2012-05-08 16:59:10 -04:00
Todd C. Miller
c690ac2073 update depends 2012-05-08 16:57:06 -04:00
Todd C. Miller
aa3defa3f0 Only call gr_delref() when use sudo's password caching functions. 2012-05-08 16:39:37 -04:00
Todd C. Miller
75d70b334b Add missing dependency on libreplace.la 2012-05-08 16:38:36 -04:00
Todd C. Miller
6467b7b813 Emulate RTLD_DEFAULT and RTLD_SELF w/ shl_findsym() using NULL 
and PROG_HANDLE.
 2012-05-08 16:36:39 -04:00
Todd C. Miller
994d2ff69a Add group plugin that does lookups by name using the system group 
database.
 2012-05-08 13:35:52 -04:00
Todd C. Miller
4455139d54 sync with translationproject.org 2012-05-08 10:57:07 -04:00
Todd C. Miller
64178f8b67 sync with translationproject.org 2012-05-03 15:46:39 -04:00
Todd C. Miller
e828a1d7a5 Add mode for docdir and use '-' (default) for localedir mode. Fixes 
a problem on Linux when building in a directory with the setgid bit
set.
 2012-05-01 13:47:14 -04:00
Todd C. Miller
d9c13139d2 Match CentOS 6.0 2012-04-30 19:36:01 -04:00
Todd C. Miller
8722cd07ac Update with recent changes 2012-04-24 16:14:12 -04:00
Todd C. Miller
30bddced25 Fix version check on AIX 2012-04-24 15:57:16 -04:00
Todd C. Miller
4b8982ebde regen 2012-04-24 13:42:28 -04:00
Todd C. Miller
e82b67314c Need to call ldapssl_clientauth_init() for start_tls on Mozilla 
LDAP SDK.
 2012-04-24 12:52:36 -04:00
Todd C. Miller
28268ed99c Fix printing of invalid uri 2012-04-24 10:34:02 -04:00
Todd C. Miller
989361c275 Pass PAM_SILENT when deleting creds to remove an annoying warning 
message on Solaris.
 2012-04-24 09:48:58 -04:00
Todd C. Miller
0fbd5e1bc2 Fix the setutxent and endutxent compatibility defines (this time 
correctly) when only setutent and endutent are available.
 2012-04-23 20:04:26 -04:00
Todd C. Miller
f6c7ae2519 sudo_ldap_set_options_global() should not take an LDAP handle as 
an argument since the options affect the global settings.
 2012-04-23 19:56:41 -04:00
Todd C. Miller
5f513b8326 Debian sudo has not been built with --with-exempt=sudo since 1.6.8. 2012-04-23 16:47:42 -04:00
Todd C. Miller
23b7a1fa5c Call the policy's init_session() function before we fork the child. 
That way, the session is created and destroyed in the same process,
which is needed by some modules, such as  pam_mount.
 2012-04-23 16:38:16 -04:00
Todd C. Miller
1480bb88b7 Add entry for SSL LDAP errors on Mozilla SDKs when the cert dir is 
not specified.
 2012-04-23 16:29:48 -04:00
Todd C. Miller
cf4562c031 Delete creds after closing the PAM session. 2012-04-23 16:11:49 -04:00
Todd C. Miller
cde9f8aa12 Provide a more useful error message if using a Mozilla-style LDAP 
SDK and you forgot to specify TLS_CERT in ldap.conf.
 2012-04-23 15:30:34 -04:00