isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,651 Commits 1 Branch 0 Tags
bcd021da5e3399d9c686ed231695245dbc371ecc
Commit Graph

4651 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
62b89f9dfc Update copyright years. 2009-05-25 12:02:42 +00:00
Todd C. Miller
4341ce6cde Minor fixes for Minix-3 2009-05-24 12:33:00 +00:00
Todd C. Miller
896508077c Handle getgroups() returning 0. Also add missing check for HAVE_GETGROUPS. 2009-05-22 10:37:29 +00:00
Todd C. Miller
f54b69b0cc Replace version.h with PACKAGE_VERSION set via AC_INIT in configure. 2009-05-19 21:24:05 +00:00
Todd C. Miller
5f9f29a233 Remove group setting code in setusercontext case, we will do it ourselves 
later on in runas_setup.  Set the gid after initgroups/setgroups is called,
since on Mac OS X it seems to change the egid.
 2009-05-18 10:33:33 +00:00
Todd C. Miller
d985366233 Initial bits of non-unix group support using Quest Authentication Services 2009-05-17 22:19:38 +00:00
Todd C. Miller
f3407d8695 Accept %:foo as a non-Unix group 2009-05-17 20:52:15 +00:00
Todd C. Miller
e74bea7628 Allow user/group to be double quoted in the case of non-Unix groups 
which contain spaces.
 2009-05-17 20:22:24 +00:00
Todd C. Miller
8d34913560 Don't allow the user to specify the default runas user if their 
sudoers entry only allows them to run as a group.
 2009-05-11 16:47:10 +00:00
Todd C. Miller
c0ac222c3f Must call audit_success before we change uids. 2009-05-10 11:59:53 +00:00
Todd C. Miller
755a81e946 Add option for set_perm to not exit on failure and use this in 
the logging routines.
 2009-05-10 11:52:13 +00:00
Todd C. Miller
2a609b467c In -l mode, if the user is only allowed to run as a group, display 
the user's name, not root's before the allowed group.
 2009-05-10 11:33:45 +00:00
Todd C. Miller
3332ee9842 Fix -g mode, broken by rev 1.503 which had the side effect of setting 
the runas user to root unilaterally.
 2009-05-10 01:00:23 +00:00
Todd C. Miller
9251cf24a9 When unlocking a file with fcntl, use F_SETLK, not F_SETLKW. 2009-05-08 20:19:20 +00:00
Todd C. Miller
03f4a2e703 Only cache by the method we fetched for pwd and grp lookups. Previously 
we cached both by namd and id but this can cause problems for entries
that share the same id.  Also add more info in the error message in case
the insert fails (which should now be impossible).
 2009-05-08 17:07:10 +00:00
Todd C. Miller
2b89941122 Add a clarification from Nick Sieger 2009-04-30 19:04:08 +00:00
Todd C. Miller
8d7518a18c Inline the setting of the environment string. 2009-04-25 16:49:22 +00:00
Todd C. Miller
c0c7180bba setenv(3) in Linux treats a NUL value as the empty string 
setenv(3) in BSD doesn't return an error if the name has '=' in it, it
just treats the '=' as end of string.
 2009-04-24 18:53:15 +00:00
Todd C. Miller
182711e341 Not all systems have d_namlen 2009-04-22 20:32:08 +00:00
Todd C. Miller
db9860aa36 Fix up some pod2html issues. 2009-04-20 17:53:02 +00:00
Todd C. Miller
78c347990e Check for NULL ifa_addr and ifa_netmask. 
Adapted from a diff from Quest Software.
 2009-04-19 18:09:24 +00:00
Todd C. Miller
0509ce3f66 Ignore files ending in '~' in sudo.d (emacs backup files) 2009-04-19 13:01:20 +00:00
Todd C. Miller
72a1d82412 Ignore files ending in '~' in sudo.d (emacs backup files) 2009-04-19 12:56:42 +00:00
Todd C. Miller
95de5670a2 For #includedir, ignore any file containing a dot 2009-04-18 23:37:33 +00:00
Todd C. Miller
392edea928 Bump version 2009-04-18 23:25:38 +00:00
Todd C. Miller
3be603aa47 Implement #includedir directive. Files in an includedir are not edited 
by visudo unless they contain a syntax error.
 2009-04-18 23:25:08 +00:00
Todd C. Miller
e65ec1438a sync 2009-04-18 16:06:05 +00:00
Todd C. Miller
584a145559 Forgot umask_override 2009-04-18 14:27:42 +00:00
Todd C. Miller
bfce2852fc sync 2009-04-18 13:25:08 +00:00
Todd C. Miller
68ab808acb Rewind stream if we fdopen sudoers since it may not be at the beginning. 
Set the keepopen flag on already-open files too so the lexer doesn't
close them out from under us.
 2009-04-16 12:22:04 +00:00
Todd C. Miller
c7c8554cf3 Print the proper file name when there is a parse error in an include 
file.
 2009-04-16 12:18:10 +00:00
Todd C. Miller
e4c4083924 Sync 2009-04-11 11:45:25 +00:00
Todd C. Miller
8eae33753e Fix a warning when --without-ldap is specified. 2009-04-10 20:59:42 +00:00
Todd C. Miller
d9708f9c27 Store aliases that we remove during check_aliases in a freelist and 
free them at the end so we don't leak memory.
 2009-04-05 16:25:04 +00:00
Todd C. Miller
9703224b8e Check aliases in -c mode too. 2009-03-28 13:30:15 +00:00
Todd C. Miller
7bf7af9414 Make alias_remove return the alias struct instead of freeing it directly. 
Fixes a use after free in alias_remove_recursive, the only consumer.
 2009-03-28 13:09:51 +00:00
Todd C. Miller
0656629980 Rename find_alias -> alias_find for consistency. 2009-03-28 13:07:17 +00:00
Todd C. Miller
b65831d4b8 When checking for unused aliases, recurse if the alias points to 
another alias.
 2009-03-27 23:29:06 +00:00
Todd C. Miller
322abc61e3 Back out rev 1.105 for now. Real ldapux_client.conf support will be 
done later after some refactoring.
 2009-03-16 16:11:28 +00:00
Todd C. Miller
c07c11f6b6 Treat ldap_hostport the same as "host" for ldapux. 2009-03-14 16:02:11 +00:00
Todd C. Miller
28ce9e96e1 Only check for ldap_sasl_interactive_bind_s if we can find sasl.h. 
Fixes compilation with ldapux.
 2009-03-14 01:04:58 +00:00
Todd C. Miller
cd900bdc21 fix char subscript 2009-03-12 00:03:04 +00:00
Todd C. Miller
55ddfd48a7 remove errant carriage returns 2009-03-11 23:19:56 +00:00
Todd C. Miller
2012ce9eab fix K&R compilation 2009-03-11 23:01:10 +00:00
Todd C. Miller
fc0ca59dbe regen 2009-03-11 16:12:20 +00:00
Todd C. Miller
45334b2092 Add missing HAVE_BSM_AUDIT 2009-03-10 21:34:08 +00:00
Todd C. Miller
870fd40733 Add 1.7.1 features 2009-03-10 21:21:45 +00:00
Todd C. Miller
5dec26b06d Mention --with-netsvc 2009-03-10 21:10:06 +00:00
Todd C. Miller
f50deedc3b Document netsvc.conf support 2009-03-10 21:08:18 +00:00
Todd C. Miller
838cb61086 Add support for AIX netsvc.conf (like nsswitch.conf). 2009-03-10 20:44:05 +00:00