isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
11,534 Commits 1 Branch 0 Tags
c51b81fa53dd6d34e1300d2ead3f0ff479bf308d
Commit Graph

97 Commits

Author SHA1 Message Date
Todd C. Miller
97f6fc259c Fix some debug_decl typos and remove an unneeded cast. 2021-06-02 07:22:11 -06:00
Todd C. Miller
b1d4a02eab sudo_stat_plugin(): set errno but do not warn if plugin path too long. 
The caller will display the warning (using errno) so there is no
need to do it twice.
 2021-05-28 14:15:46 -06:00
Todd C. Miller
fe9e65754c Add event_alloc to the audit plugin API. 
The sudoers audit plugin will use this to communicate with sudo_logsrvd.
 2020-11-02 15:28:21 -07:00
Todd C. Miller
e0c2635fb3 Apply Google inclusive language guidelines. 
Also replace backwards with backward.
 2020-10-30 10:15:30 -06:00
Todd C. Miller
88dcdcd11d Fix -Wshadow warnings. 2020-09-25 15:09:45 -06:00
Todd C. Miller
a3364c1e95 Fix sudoers_policy plugin options when sudoers_audit is not listed. 
As of sudo 1.9.1 the sudoers file is opened by the audit plugin,
not the policy plugin.  As a result, plugin options set for
sudoers_policy have no effect.  If sudoers_policy has plugin options
in sudo.conf and sudoers_audit is not listed, move the options to
sudoers_audit so they will have an effect.
 2020-08-17 13:45:16 -06:00
Todd C. Miller
961a4afe67 Fix some warnings from pvs-studio 2020-08-12 13:45:09 -06:00
Todd C. Miller
253e041d3b Load the sudoers module as an audit plugin if loaded as a policy plugin. 
Now that logging of successful commands is performed by sudoers as an
audit plugin we need to load sudoers_audit if sudoers_policy is also
loaded.  Otherwise, accpted commands will not be logged.
 2020-06-02 14:54:04 -06:00
Todd C. Miller
446ae3f507 Include string.h unconditionally and only use strings.h for strn?casecmp() 
In the pre-POSIX days BSD had strings.h, not string.h.
Now strings.h is only used for non-ANSI string functions.
 2020-05-18 07:59:24 -06:00
Todd C. Miller
dd88460800 We no longer need to include headers we don't use for sudo*.h files. 
Previously we needed to include headers required by the various
sudo*h files.  Now those files are more self-sufficient and we
should only include headers needed by code in the various .c files.
 2020-05-18 06:47:04 -06:00
Todd C. Miller
0972dafb1f Refactor code to alloc and insert a new plugin_container. 
The only outlier is the policy plugin which is not part of a list
since there can only be a single policy plugin.
 2020-02-06 12:49:15 -07:00
Todd C. Miller
db17cadaf6 Add an approval plugin type that runs after the policy plugin. 
The basic idea is that the approval plugin adds an additional
layer of policy.  There can be multiple approval plugins.
 2020-02-06 12:49:11 -07:00
Todd C. Miller
22105009d8 Define a new plugin type that receives accept and reject messages. 
This can be used to implement logging-only plugins.
The plugin functions now take an errstr argument that can be used
to return an error string to be logged on failure or error.
 2020-01-30 13:25:34 -07:00
Robert Manner
74f559155a src/load_plugins.c: plugins can supply a clone function 
if they want to support getting loaded multiple times.
 2020-01-23 12:46:14 -07:00
Todd C. Miller
fb5fc9876a Refactor code to allocate and fill struct plugin_container. 
This will help avoid duplicate code in the audit and approval plugins.
 2020-01-22 12:35:44 -07:00
Todd C. Miller
9c5c79194d Fix handling of duplicate policy and I/O plugins. 
The warning message said the later I/O plugin was ignored but it
actually overwrote the existing one instead.
The first registered plugin of the same name now is used, as was intended.
Specifying more than one policy plugin is no longer a fatal error;
this allows the admin to fix the situation.
 2020-01-14 13:53:52 -07:00
Todd C. Miller
486ee2b71f debug_decl and debug_decl_vars now require a semicolon at the end. 2019-12-22 08:48:16 -07:00
Robert Manner
c0d53d75eb src/load_plugins, plugins/sudoers: added developer_mode sudo.conf option 
It can be used to disable the enforcement that a plugin (shared object or
an imported python module) must be owned by root and not modifiable by
others.
This can make plugin development easier.
 2019-12-14 12:55:42 -07:00
Todd C. Miller
5793023ffd Add a plugin interface to sudo main event loop. 2019-11-15 13:36:01 -07:00
Todd C. Miller
9d8f374397 Add ssizeof macro that returns ssize_t. 
We can use this instead of casting the result of size_t to int.
Also change checks for snprintf() returning <=0 to <0.
 2019-06-25 09:45:10 -06:00
Todd C. Miller
1e1ef61902 Add SPDX-License-Identifier to files. 2019-04-29 07:21:51 -06:00
Todd C. Miller
8ee2de9980 Fix error message when a fully-qualified plugin path does not exist. 2019-03-05 10:23:07 -07:00
Todd C. Miller
6c3d20cb41 Convert PVS-Studio comment to ANSI C. 2018-10-26 08:39:09 -06:00
Todd C. Miller
64e5d34c57 Add comments in .c files so PVS-Studio will check them. 2018-10-21 08:46:05 -06:00
Todd C. Miller
8eccfbd7bd Fix a memory leak on the error path. 2018-04-18 10:09:22 -06:00
Todd C. Miller
18e06825fb Plug memory leak when an I/O plugin is specified in sudo.conf 
but the I/O plugin is not configured.
 2018-04-17 13:41:44 -06:00
Todd C. Miller
48fba3c2cc update my email to Todd.Miller@sudo.ws 2017-12-03 17:53:40 -07:00
Todd C. Miller
6dff4ac7fd Always define _PATH_SUDO_NOEXEC, _PATH_SUDO_SESH, _PATH_SUDO_PLUGIN_DIR, 
even if only defined to NULL.  This means the accessors can always be
present.

Use RTLD_PRELOAD_VAR instead of _PATH_SUDO_NOEXEC to tell when
noexec is available.

Add ENABLE_SUDO_PLUGIN_API and use it instead of _PATH_SUDO_PLUGIN_DIR
to tell when the plugin API is available.

Add sudo_conf_clear_paths() to clear the path values so the
regress tests are not affected by compile-time settings.
 2016-11-16 10:13:26 -07:00
Todd C. Miller
7c56179c7d Use "double quotes" in messages instead of a combination of the 
accent (grave) mark and apostrophe.
 2016-11-02 17:10:17 -06:00
Todd C. Miller
e8af335eb8 Fix pasto when setting I/O plugin debug files 2016-10-31 13:12:35 -06:00
Todd C. Miller
3f022419ae Be consistent with the naming of the variable used to store the 
function return value.  Previously, some code used "rval", some
used "ret".  This standardizes on "ret" and uses "rc" for temporary
return codes.
 2016-09-08 16:38:08 -06:00
Todd C. Miller
ad1068c1ee Actually use the plugin_dir Path setting in sudo.conf. 2015-12-18 14:05:02 -07:00
Todd C. Miller
374146f70f Avoid calling dlerror() multiple times since it clear the error 
status after printing the error.
Problem caused by sudo_warn/sudo_fatal being macros...
 2015-07-10 10:31:21 -06:00
Todd C. Miller
0b241088b3 There's no need to conditionalize the #include <unistd.h>, we require 
a POSIX system.
 2015-07-02 09:08:28 -06:00
Todd C. Miller
4a07b472f0 Only include stddef.h where it is needed. 2015-06-20 05:34:35 -06:00
Todd C. Miller
c36415417f Add function name to "unable to allocate memory" warnings. 2015-06-19 14:51:17 -06:00
Todd C. Miller
dc883f2454 We require ANSI C so stop using the obsolete STDC_HEADERS. 2015-06-19 14:29:27 -06:00
Todd C. Miller
cb63ca701c Avoid using exiting allocators in the front end. 2015-06-17 17:00:54 -06:00
Todd C. Miller
7107ce4d1d Remove support for converting plugin.so -> plugin.sl on HP-UX when 
plugin.so can not be found.  This was a temporary hack for using
an older (pre 1.8.7) sudoers plugin with a newer sudo front-end.
 2015-06-08 13:57:14 -06:00
Todd C. Miller
253008e62b sudo_check_plugin() returns bool. 2015-05-07 11:05:05 -06:00
Todd C. Miller
59ab26dbcc Go back to a 2 args debug_decl and just use the "default" instance, 
now renamed "active".
 2015-02-01 08:24:49 -07:00
Todd C. Miller
6b1b734ffa Add a flag argument to sudo_conf_read() so we can decide which 
bits get parsed.  This lets us parse Debug statements first and
init the debug subsystem early.
 2014-10-26 08:33:08 -06:00
Todd C. Miller
4c8573ac2b Free up plugin info structs after converting to plugin containers. 2014-10-24 15:09:35 -06:00
Todd C. Miller
4bf641df69 In the plugin registers with the debug framework at open time, the 
sudo front-end will now set the default debug instance appropriately
before calling into the plugin.  This means the plugin no longer needs
to do the sudo_debug_set_default_instance() dance.
 2014-10-24 11:17:48 -06:00
Todd C. Miller
866cfc4fc3 Add support for multiple Debug lines per program. Callers may 
register arbitrary debug facilities or use built-in defaults.  We
now use separate Debug statements for plugins and programs.
 2014-10-22 13:23:05 -06:00
Todd C. Miller
a7e724b75d Change how sudo.conf is parsed. We now do a quick parse and then 
set the values after the entire file has been parsed.  This lets
us init the debug system earlier.  Plugin-specific debug flags are
now stored in struct plugin_info and struct plugin_container and
passed to the plugin via one or more debug_flags settings.
 2014-10-22 13:20:32 -06:00
Todd C. Miller
346ff6766e Pass plugin path in the settings array. 2014-10-22 13:13:00 -06:00
Todd C. Miller
36a5767e3e efree -> sudo_efree for consistency 2014-07-10 15:35:04 -06:00
Todd C. Miller
2d61d38c23 Add sudo_ prefix to alloc.c functions and rename alloc.h -> sudo_alloc.h 2014-06-27 10:48:31 -06:00
Todd C. Miller
aecef4aa1d Rename warning/fatal -> sudo_warn/sudo_fatal to avoid namespace 
pollution in libsudo_util.so.
 2014-06-27 09:30:52 -06:00