isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
12,351 Commits 1 Branch 0 Tags
be20e1592f58f7d7e2972db835d0994e7a79ab2c
Commit Graph

12351 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
ae12d18ff0 Use -no-undefined on macOS to avoid "-undefined dynamic_lookup" warnings. 
Starting with macOS 13, the linker warns when "-undefined dynamic_lookup"
is used.  This is added by libtool by default on macOS but we can
suppress it by passing -no-undefined to libtool.
 2023-04-14 13:02:28 -06:00
Todd C. Miller
62a2d9f94c Add make to Dockerfile and sort packages. 2023-04-08 15:25:00 -06:00
Todd C. Miller
894daa88f6 Enable the use_pty option by default for sudo 1.9.14. 
GitHub issue #258
 2023-04-06 11:30:51 -06:00
Todd C. Miller
d7b8f3ffbf Split up the monolithic sudoers_policy_main() function. 
This splits the code to find the command, perform a sudoers lookup,
ask for a password as needed, and perform post-lokup checks out
into sudoers_check_common().  The old sudoers_policy_main() has
been replaced by sudoers_check_cmnd() (called by sudoers_policy_check()),
sudoers_validate_user() (called by sudoers_policy_validate()) and
sudoers_list() (called by sudoers_policy_list()).  The list_user
lookup is now performed in sudoers_list().
 2023-04-05 13:35:09 -06:00
Todd C. Miller
859a81ad24 Move the root_sudo check until after we apply per-command Defaults. 
It is possible, though unlikely, for "root_sudo" to be used in
a per-command Defaults statement.
 2023-04-05 13:25:32 -06:00
Todd C. Miller
ab4b947169 sudoers_policy_main: restore locale if sudoers_lookup() fails. 
Previously, if sudoers_lookup() set VALIDATE_ERROR, the sudoers
locale would still be in effect instead of the original locale.
 2023-04-01 10:22:07 -06:00
Todd C. Miller
fb0a36c1a5 sudoers_lookup_pseudo: remove validated function argument 
This was always set to FLAG_NO_USER|FLAG_NO_HOST which are cleared
at the top of the fuction.  Make validated a local variables,
initialized to 0, instead.  No change in behavior.
 2023-04-01 10:17:31 -06:00
Todd C. Miller
0a4c8872a8 The I/O log file name is not just the basename of the full iolog_path. 
The audit plugin already has the correct value for iolog_file, don't
overwrite it with basename(iolog_path).  In the future we may wish
to pass in iolog_file and iolog_dir in addition to iolog_path.
Fixes Bug #1046.
 2023-03-31 15:51:14 -06:00
Todd C. Miller
ac12f82d86 Warn with "unknown user" not "unknown uid" if user cannot be resolved. 
Prior to sudo 1.8 this was after a getpwuid() but now we use
getpwnam().
 2023-03-29 14:49:41 -06:00
Todd C. Miller
ad890acf6c Set timestamp_uid and timestamp_gid via a callback. 
This also makes it possible to include the location of the line in
the sudoers file in the warning message (and mail).
 2023-03-29 14:37:09 -06:00
Todd C. Miller
493b2441d4 Fix display of escape sequencees in ldapsearch example. 2023-03-28 16:04:47 -06:00
Todd C. Miller
3b55de4e83 White space is not allowed between Defaults and '@', ':', '!', '>'. 
The EBNF made it appear that this is allowed when it really is not.
 2023-03-28 16:02:46 -06:00
Todd C. Miller
f0030cf30f Make struct {command,user}_details pointers const where possible. 2023-03-27 16:29:46 -06:00
Todd C. Miller
554397eaea Make user_details private to main. 2023-03-27 16:19:11 -06:00
Todd C. Miller
5108c279af Make user_details private to sudo.c. 2023-03-27 16:19:08 -06:00
Todd C. Miller
e435b158b8 Use sudo_get_ttysize() in help() and usage(). 
This eliminates a dependency on the user_details global.
 2023-03-25 16:27:44 -06:00
Todd C. Miller
f95c9f839c Regenerate with the autoconf 2.72c snapshot. 2023-03-27 09:55:41 -06:00
Todd C. Miller
86002226b6 Store submitcwd (from user_details) in struct command_details. 
This eliminates use of the user_details global from exec_setup().
 2023-03-25 08:27:41 -06:00
Todd C. Miller
51453c4f2e utmp_fill: user is now always non-NULL, no need for user_details. 2023-03-24 19:16:44 -06:00
Todd C. Miller
fa5a28f345 Remove list_user global. 2023-03-24 19:10:46 -06:00
Todd C. Miller
a5b11a58b7 No need to declare tgetpass_flags, it is already in sudo.h. 2023-03-24 19:10:19 -06:00
Todd C. Miller
9fd787343d No need for sudo_mode to be global anymore. 2023-03-24 17:07:20 -06:00
Todd C. Miller
11277bb921 Make command_details private to main(). 2023-03-24 15:56:00 -06:00
Todd C. Miller
8d2b9a4343 Make iobufs private to exec_iolog.c. 2023-03-24 15:26:37 -06:00
Todd C. Miller
ee3f99c88c Remove ttymode and its associated values. 2023-03-24 15:25:05 -06:00
Todd C. Miller
f9b1beced2 Move ptyname to struct exec_closure 2023-03-24 14:56:45 -06:00
Todd C. Miller
22776b0be6 Move pty_make_controlling() to exec_monitor.c where it is called. 
We can use details->tty to access the pty follower path.
 2023-03-24 14:56:13 -06:00
Todd C. Miller
7ac9ce001c Eliminate utmp_user global, just use the value in struct command details. 2023-03-24 14:44:56 -06:00
Todd C. Miller
778688d4fc Replace tty_mode global with term_raw flag in struct exec_closure. 
The pty_cleanup hook needs access to the closure so add
pty_cleanup_init() to store a pointer to the closure for use
by pty_cleanup_hook().
 2023-03-24 14:44:17 -06:00
Todd C. Miller
b81c5e8dac Register pty cleanup function in exec_pty(), not exec_cmnd_pty(). 
We want it to execute in the main sudo process, not the monitor.
 2023-03-24 11:01:58 -06:00
Todd C. Miller
11739e3def Make ttyblock private to exec_iolog.c 2023-03-24 10:58:49 -06:00
Todd C. Miller
3303dd98c0 exec_pty.c: move foreground flag to struct exec_closure. 
Also make pipeline flag private to exec_pty() and remove the unneeded
check_foreground() prototype.
 2023-03-23 19:35:57 -06:00
Todd C. Miller
51cdb194b8 On resume, always sync the pty terminal settings with /dev/tty. 
Changes made to the terminal settings while the command is suspended
are now reflected in the pty when the command is resumed.  This is
more consistent with the non-pty behavior and allows for the removal
of the "tty_initialized" global.  One downside to this change is
that if a terminal-based program using the pty is stopped with
SIGSTOP it may have the wrong terminal settings on resume.
However, this is no different from the non-pty case.
 2023-03-23 10:39:28 -06:00
Todd C. Miller
3e734fa51b Correct a comment. 2023-03-23 08:20:48 -06:00
Todd C. Miller
2a5d8bfea1 GitHub sponsor settings. 2023-03-22 19:26:07 -06:00
Todd C. Miller
f0f5e1b5bc Use built-in tests for bit types instead of using AC_CHECK_TYPES. 
This should be more portable as it handles the quirks of some older
systems.
 2023-03-22 15:37:12 -06:00
Todd C. Miller
a17491972b Quiet compiler warnings on systems where pid_t is not an int. 
Historically, pid_t was a long on some 32-bit systems like Solaris.
 2023-03-22 14:48:49 -06:00
Todd C. Miller
775059156f Silence "used uninitialized" false positives with older gcc versions. 2023-03-22 13:52:43 -06:00
Todd C. Miller
9d55ae892f exec_pty: always copy the terminal settings from /dev/tty the pty. 
Previously, we only did this when running in the foreground but
this can cause problems when running a program that reads the
terminal settings or window size in the background.  If sudo is
running in the background, the terminal settings will be updated
if it transitions to the foreground process.
Based on a suggestion from From Duncan Overbruck.
 2023-03-22 12:44:41 -06:00
Todd C. Miller
98ec786b44 check_foreground: use SFD_LEADER not SFD_FOLLOWER (which was closed). 
Also use SFD_LEADER for sudo_term_copy() in exec_pty() for consistency.
From Duncan Overbruck.
 2023-03-22 11:21:15 -06:00
Todd C. Miller
acbe617fb4 suspend_sudo_pty: fix cut & pasto in last commit to catch SIGCONT. 
Also set sa.sa_handler to SIG_DFL instead of SIG_IGN.  There is no
difference for SIGCONT but it means we can re-use sa as-is later.
 2023-03-22 08:26:36 -06:00
Todd C. Miller
0fcbcaede0 Catch SIGCONT and restore terminal settings on resume from SIGSTOP. 
While we cannot catch SIGSTOP, we _can_ catch SIGCONT and set
/dev/tty to raw mode when running in the foreground.  Ignore SIGCONT
in suspend_sudo_pty() so we don't call resume_terminal() twice.
 2023-03-21 19:11:31 -06:00
Todd C. Miller
1772fc7b66 Only convert a signal number to a name if we are going to use it. 
It is mostly used for debug logging.
 2023-03-21 15:50:39 -06:00
Todd C. Miller
adb84293ab Move updating of the window size back to the main sudo process. 
We can use the leader file descriptor with TIOCGWINSZ to set the
window size of the pty.  Thanks to Duncan Overbruck for the hint.
 2023-03-21 15:30:54 -06:00
Todd C. Miller
c64993a0b3 visudo: restore controlling terminal after running the editor. 
Otherwise, visudo will get SIGTTOU if it tries to write to the
terminal after the editor finishes.  Also avoid races by setting
the process group ID in both the parent and child, and grant the
controlling terminal in the parent, not the child.
 2023-03-21 09:22:53 -06:00
Todd C. Miller
28ecbe4d51 Warn about ignored files in sudoers.d in visudo. 2023-03-20 18:29:33 -06:00
Todd C. Miller
8049e4e32f Replace sudoers_warnings with sudoers_verbose. 
This is now an int, with values > 1 reserved for visudo.
 2023-03-20 18:27:27 -06:00
Todd C. Miller
738387aa4d Split push_include() into push_include() and push_includedir(). 
This moves the "isdir" function argument to the internal version.
 2023-03-20 13:01:02 -06:00
Todd C. Miller
4b563ea44f Pass around const struct sudo_nss pointers where possible. 2023-03-17 13:41:38 -06:00
Todd C. Miller
1f19a6b72b Pass around const struct sudoers_parse_tree pointers where possible. 2023-03-17 13:31:36 -06:00