isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
8,391 Commits 1 Branch 0 Tags
b5c2ca2fe55b04e9c5bd8eb26a53c2056c73f249
Commit Graph

31 Commits

Author SHA1 Message Date
Todd C. Miller
b5c2ca2fe5 Move sudoers locale callback function to locale.c and user it in 
visudo and testsudoers.
 2016-07-20 14:16:00 -06:00
Todd C. Miller
787912fa91 Check fprintf() return value in writeln_wrap() and return the number 
of characters actually written, or -1 on error.
 2016-05-14 19:38:23 -06:00
Todd C. Miller
d004b02fc6 Use non-exiting allocatings in the sudoers plugin. 2015-06-17 06:49:59 -06:00
Todd C. Miller
9d1c408b73 Non-exiting allocators for log functions. If log_allowed() fails 
the user may not run the command.  We don't try to return early for
log_failure(), log_auth_failure() or log_denial() as we would not
run the command in that case.
 2015-05-27 10:55:27 -06:00
Todd C. Miller
04128f5985 Get rid of SUDO_MAIN. Modern compilers don't warn about mixing 
extern and auto declarations unless they conflict.
 2015-05-21 11:26:44 -06:00
Todd C. Miller
05a01d4c5d Avoid using a leading underbar in defines as they are reserved in 
ISO C.
 2015-05-21 11:13:20 -06:00
Todd C. Miller
8bc70a635c Instead of trying to make weak functions work on all platforms, 
just use a registration function for a plugin-specific setlocale
function.  The sudoers version just wraps sudoers_setlocale().
 2015-05-11 14:51:32 -06:00
Todd C. Miller
337a712745 Pass argc to audit functions too. Will be needed for Solaris audit 
support.
 2014-05-13 09:41:53 -06:00
Todd C. Miller
b0f1fa7d05 Rename log_warning flags and only send mail if SLOG_SEND_MAIL is 
set instead of mailing by default like we used to.
 2014-05-02 20:54:01 -06:00
Todd C. Miller
954a3e77b1 Add log_warningx 2014-05-02 16:40:30 -06:00
Todd C. Miller
cbee9cc8cb Remove now-unused log_fatal() 2014-04-30 17:00:20 -06:00
Todd C. Miller
2220f55aef Propagate errors in audit code to caller instead of using fatal(). 
If we fail to audit an otherwise successful command, return an error
from the policy.  For Linux audit, sudo may be compiled with audit
support but auditing may not be setup, so we don't consider that
an error.
 2014-03-26 13:00:56 -06:00
Todd C. Miller
ef2cff1d33 Now that we have proper number parsing functions we should store 
T_UINT defaults values as unsigned int, not int.
 2013-12-11 14:43:04 -07:00
Todd C. Miller
99b7351de0 Fix some #if vs. #ifdef and remove an extraneous semicolon. 
Bug #624; from Daniel Richard G.
 2013-11-17 16:15:36 -07:00
Todd C. Miller
0f091f478b Add __printflike to audit_failure. 2013-08-18 14:21:29 -06:00
Todd C. Miller
d6282d154a Update copyright years. 2013-04-24 09:35:02 -04:00
Todd C. Miller
1162b55040 Rename log_error() -> log_warning() for consistency with warning()/fatal() 2013-04-18 14:14:03 -04:00
Todd C. Miller
a803b4d2ec Change multiple inclusion guards to be _SUDOERS_FOO_H 2013-03-25 11:17:46 -04:00
Todd C. Miller
90147bb605 Allow sudoers programs (visudo, sudoreplay, visudo) to use 
plugin_error.c instead of the error.c from the front-end.  This
means sudoers_setlocale() needs to be independent of the sudo_user
struct and the defaults table.  The sudoers locale is now updated
via a callback.
 2012-11-25 09:33:52 -05:00
Todd C. Miller
336021a9c0 Fix compilation on systems w/o setlocale() 2012-11-12 05:36:43 -05:00
Todd C. Miller
a0c53bd751 Call gettext inside log_error et al instead of having the caller do it. This way we can display any messages to the user in their own locale but log in the sudoers local. 2012-11-08 15:37:44 -05:00
Todd C. Miller
4207589fe2 Add simple locale switching to make it easy to switch from the 
user's locale to the sudoers locale without making excessive
setlocale() calls when we don't need to.
 2012-11-08 15:37:43 -05:00
Todd C. Miller
5d052aeb60 Do not inform the user that the command was not permitted by the 
policy if they do not successfully authenticate.  This is a regression
introduced in sudo 1.8.6.
 2012-11-06 11:19:51 -05:00
Todd C. Miller
8b03f3e7d0 Move log_denial() calls and logic to log_failure(). 
Move authentication failure logging to log_auth_failure().
Both of these call audit_failure() for us.

This subtly changes logging for commands that are denied by sudoers
but where the user failed to enter the correct password.  Previously,
these would be logged as "N incorrect password attempts" but now
are logged as "command not allowed".  Fixes bug #563
 2012-07-10 12:42:33 -04:00
Todd C. Miller
44ce5720de Remove the NO_EXIT flag to log_error() and add a log_fatal() function 
that exits and is marked no_return.  Fixes false positives from
static analyzers and is easier for humans to read too.
 2012-03-26 10:59:14 -04:00
Todd C. Miller
f90731596a Split out log file word wrap code into its own file and add unit 
tests.  Fixes an off-by one in the word wrap when the log line
length matches loglinelen.
 2011-07-11 15:22:25 -04:00
Todd C. Miller
2cd108304d Add Linux audit support. 2010-06-16 11:17:02 -04:00
Todd C. Miller
b72a530fd0 Update copyright year 2010-06-14 12:19:49 -04:00
Todd C. Miller
8ae8e8442c Remove use of RETSIGTYPE; all modern systems have signal handlers that 
return void.
 2010-05-21 18:40:04 -04:00
Todd C. Miller
d5ae4c7d87 Kill __P in sudoers 2010-03-17 19:56:27 -04:00
Todd C. Miller
e90fa482f9 Rework source layout in preparation for modular sudo. 2010-02-20 09:14:01 -05:00