isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,329 Commits 1 Branch 0 Tags
c5513388e0a1d7d2c44c12912d9d3485fc87cd36
Commit Graph

224 Commits

Author SHA1 Message Date
Todd C. Miller
0d7f771778 Implement %h escape in sudoers include filenames. 2009-02-21 21:49:19 +00:00
Todd C. Miller
c1a62bf88c When checking for alias use, also check defaults bindings. 2008-11-22 15:12:26 +00:00
Todd C. Miller
4ed7837195 malloc options in devel mode for visudo too 2008-11-19 12:37:05 +00:00
Todd C. Miller
d27ceff8ea fix check_aliases 2008-11-18 15:50:53 +00:00
Todd C. Miller
235dc7ad0e check sudoers owner and mode in strict mode 2008-11-09 20:19:19 +00:00
Todd C. Miller
840acbd3ac Update copyright years. 2008-11-09 14:13:13 +00:00
Todd C. Miller
f201db90f3 Move update_defaults into defaults.c and call it properly from 
visudo and testsudoers.
 2008-11-02 19:06:37 +00:00
Todd C. Miller
4afceb8e92 Zero out sigaction_t before use in case it has non-standard entries. 2008-11-02 14:45:31 +00:00
Todd C. Miller
8ba6fa2ae3 Defer setting runas defaults until after runaspw/gr is setup. 2008-11-01 13:20:01 +00:00
Todd C. Miller
5756ddfbeb Change how the mailer is waited for. Instead of having a SIGCHLD 
handler, use the double fork trick to orphan the child that opens
the pipe to sendmail.  Fixes a problem running su on some Linux distros.
 2008-06-21 00:34:47 +00:00
Todd C. Miller
4590132478 use warningx instead of fprintf(stderr, ...) 2008-03-06 17:43:30 +00:00
Todd C. Miller
6c1ef6839c g/c set_runaspw stub 2008-01-15 14:17:31 +00:00
Todd C. Miller
3008bb494a move update_defaults() to parse.c 2007-12-31 12:54:47 +00:00
Todd C. Miller
f9f4aca556 Add support for runas groups. This allows the user to run a command 
with a different effective group.  If the -g option is specified
without -u the command will be run as the current user (only the
group will change).  the -g and -u options may be used together.
TODO: implement runas group for ldap
      improve runas group documentation
      add testsudoers support
 2007-11-21 20:12:00 +00:00
Todd C. Miller
87dc0bb2ea Add missing sudo_setpwent() and sudo_setgrent() calls. Also 
use sudo_getpwuid() instead of getpwuid().
 2007-11-21 16:02:30 +00:00
Todd C. Miller
a0f80d6581 rename lh_ -> tq_ 2007-09-11 19:42:48 +00:00
Todd C. Miller
dee39f572f If -f flag given use the permissions of the original file as a template 2007-09-01 13:34:41 +00:00
Todd C. Miller
19fa259480 Remove support for compilers that don't support void * 2007-08-31 23:30:07 +00:00
Todd C. Miller
d72778832c Move list manipulation macros to list.h and create C versions of 
the more complex ones in list.c.  The names have been down-cased
so they appear more like normal functions.
 2007-08-31 23:13:26 +00:00
Todd C. Miller
d1dbe2ecee Change list head macros to take a pointer, not a struct. 2007-08-31 01:12:50 +00:00
Todd C. Miller
8cdea0b941 Use a list head struct when storing the semi-circular lists and 
convert to tail queues in the process.  This will allow us to
reverse foreach loops more easily and it makes it clearer which
functions expect a list as opposed to a single member.

Add macros for manipulating lists.  Some of these should become functions.

When freeing up a list, just pop off the last item in the queue instead
of going from head to tail.  This is simpler since we don't have to
stash a pointer to the next member, we always just use the last one
in the queue until the queue is empty.

Rename match functions that take a list to have list in the name.
Break cmnd_matches() into cmnd_matches() and cmndlist_matches.
 2007-08-30 17:26:35 +00:00
Todd C. Miller
5cd49e1e00 Sort SYNOPSIS and sync usage. From Igor Sobrado. 2007-07-22 19:20:42 +00:00
Todd C. Miller
db084676e5 Remove an duplicate lock_file() call and add a comment. 2007-06-16 11:31:56 +00:00
Todd C. Miller
2d282cd226 cleanup() now takes an int as an arg so it can be used as a signal 
handler too.
 2005-11-18 01:39:59 +00:00
Todd C. Miller
0b3b32ab9a Close all fd's before executing editor. 2005-11-11 22:19:53 +00:00
Todd C. Miller
2566e6b7d8 Move declatation of struct timespec to its own include files for 
systems without it since it needs time_t defined.
 2005-06-23 03:04:35 +00:00
Todd C. Miller
304dc46d7f Add efree() for consistency with emalloc() et al. Allows us to rely 
on C89 behavior (free(NULL) is valid) even on K&R.
 2005-03-29 14:29:47 +00:00
Todd C. Miller
d4b7457596 make print_unused static like proto says 2005-03-10 14:57:17 +00:00
Todd C. Miller
778d587063 Update copyright years. 2005-02-12 22:56:07 +00:00
Todd C. Miller
3b8b88407f Add __unused to rcsids 2005-01-27 15:42:30 +00:00
Todd C. Miller
0ab0ad2441 Remove sudo_*{pw,gr}* stubs and add sudo_setspent/sudo_endspent stubs instead. 
We can now just use the caching sudo_*{pw,gr}* functions in pwutil.c
Add comment about wanting to call sudo_endpwent/sudo_endgrent in cleanup()
 2005-01-05 19:46:39 +00:00
Todd C. Miller
a5d9296d25 Adapt to pwutil.c 2005-01-05 01:10:16 +00:00
Todd C. Miller
a58012cfff Only check group vector in usergr_matches() if we are matching the 
invoking or list user.  Always check the group members, even if
there was a group vector.
 2005-01-01 17:41:21 +00:00
Todd C. Miller
7d488657f0 Use TIME_WITH_SYS_TIME 2004-12-03 18:52:28 +00:00
Todd C. Miller
33db4b2edb Add check for 2-argument form of timespecsub (FreeBSD and BSD/OS) and 
fix a typo in the gettimeofday check.
 2004-11-25 17:09:31 +00:00
Todd C. Miller
fe869025c4 Add support for command-specific Defaults entries. E.g. 
Defaults!/usr/bin/vi noexec
 2004-11-19 21:35:12 +00:00
Todd C. Miller
2c2daa8eca Use: #include <config.h> 
Not: #include "config.h"
That way we get the correct config.h when build dir != src dir
 2004-11-19 18:39:14 +00:00
Todd C. Miller
6a78b91949 Make arg splitting in visudo and sudoedit consistent. 2004-11-19 17:55:14 +00:00
Todd C. Miller
3f9ee04fbb quit() should not be __noreturn__ as it is non-void on some platforms. 2004-11-19 17:30:22 +00:00
Todd C. Miller
75ad6b81a2 Add support for VISUAL and EDITOR containing command line args. 
If env_editor is not set any args in VISUAL and EDITOR are ignored.
Arguments are also now supported in def_editor.
 2004-11-18 20:28:53 +00:00
Todd C. Miller
9846e562ad Implement group caching and use the passwd and group caches throughout. 2004-11-16 04:24:11 +00:00
Todd C. Miller
51375f969f Add local error/warning functions like err/warn but that call an additional 
cleanup routine in the error case.  This means we no longer need to compile
a special version of alloc.o for visudo.
 2004-11-15 15:53:53 +00:00
Todd C. Miller
e26e40df8a Store aliases in a red-black tree. 2004-11-15 03:55:22 +00:00
Todd C. Miller
f3839f1bf0 Edit all sudoers file if there were unused or undefined aliases and we 
are in strict mode.
 2004-11-15 03:37:53 +00:00
Todd C. Miller
a768dbc34f Bring back the "secure_path" Defaults option now that Defaults take 
effect before the path is searched.
 2004-11-12 16:19:19 +00:00
Todd C. Miller
2c1da58a82 Rework for the new parser. 
Now checks for unused aliases in sudoers.
 2004-10-26 22:26:28 +00:00
Todd C. Miller
8a33025986 Use __attribute__((__noreturn__)) 2004-09-30 17:55:21 +00:00
Todd C. Miller
1e65afba3d Exit() takes a negative value to indicate it was not called via signal. 2004-09-30 17:44:24 +00:00
Todd C. Miller
2b020f9999 Define Err() and Errx() that are like err() and errx() but call Exit() 
instead of exit().  Build private copy of alloc.o for visudo that calls
Err() and Errx().
 2004-09-30 17:22:37 +00:00
Todd C. Miller
f2ae53323e Overhaul visudo for editing multiple files: 
o visudo has been broken out into functions (more work needed here)
 o each file is now edited before sudoers is re-parsed
 o if a #include line is added that file will be edited too

TODO:
 o cleanup temp files when exiting via err() or errx()
 o continue breaking things out into separate functions
 2004-09-29 18:41:38 +00:00