runas_matches(), host_matches() and cmnd_matches() only really need to pass in
a list of members. user_matches() still needs to pass in a passwd struct
because of "sudo -l"
indicate to the caller that the fd should not be closed when it
is done with it. To be used by visudo to keep locked fds from
being closed prematurely (and thus losing the lock).
the passwd file, set runas_user to the name, not the uid.
When comparing usernames in sudoers, if a name is really a uid (starts
with '#') compare it numerically to pw_uid.
o stay_setuid - sudo will remain setuid if system has saved uids or setreuid(2)
o env_reset - reset the environment to a sane default
o env_keep - preserve environment variables that would otherwise be cleared
No longer use getenv/putenv/setenv functions--do environment munging by hand.
Potentially dangerous environment variables can be cleared only if they
contain '/' pr '%' characters to protect buggy programs.
Moved environment routines into env.c (new file)
There's really no need for a separate token for fully-qualified vs.
unqualified anymore so FQHOST is now history and hostname_matches
now decides which hostname (short or long) to check based on whether
or not the pattern contains a '.'.
changable at runtime (and on a global, per-host and per-user basis).
Both the names and the internal representation are still subject to change.
It was necessary to make sudo_user.runas but a char ** instead of a
char * since this value can be changed by a Defaults line. There is a
similar (but more complicated) issue with sudo_user.prompt but it
is handled differently at the moment.
Add a "-L" flag to list the name of options with their descriptions. This
may only be temporary.
Move some prototypes to parse.h
Be much less restrictive on what is allowed for a username.
where an alias may be used before it is defined. Only turned on for visudo
and testsudoers.
o Add --disable-authentication option that makes sudo not require
authentication by default. The PASSWD tag can be used to require
authentication for an entry. We no longer overload --without-passwd.
