isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
12,574 Commits 1 Branch 0 Tags
c6987aa26ea12569e65bc7ab18e702b06ab8d715
Commit Graph

1652 Commits

Author SHA1 Message Date
Todd C. Miller
8db20e6ae9 remove some XXX 2012-04-13 16:16:10 -04:00
Todd C. Miller
48d3b5aad1 When looking for a device match, do a breadth-first search instead 
of depth-first.  We already special case /dev/pts/ so chances are
good that if it is not a pseudo-tty it is in the base of /dev/.
Also avoid a stat(2) when possible if struct dirent has d_type.
 2012-04-13 16:00:32 -04:00
Todd C. Miller
5f969cc12a Pass pid, ppid, sid, pgid and tcpgid to plugin in user_info list. 2012-04-13 15:18:40 -04:00
Todd C. Miller
89b90fa4cd sync with translationproject.org 2012-04-13 14:17:26 -04:00
Todd C. Miller
8f8ede3d25 New Croatian and Galician translations from translationproject.org 2012-04-13 14:15:22 -04:00
Todd C. Miller
08ad578b7c Add depth-first traversal of /dev/ for the /proc case when not /dev/pts/N 2012-04-13 12:54:03 -04:00
Todd C. Miller
83fc02bc97 Rototill code to determine the tty. For Linux, we now look up the 
tty device in /proc/pid/stat instead of trying to open /proc/pid/fd/[0-2].
The sudo_ttyname_dev() function maps the given device number to a
string.  On BSD, we can use devname().  On Solaris, _ttyname_dev()
does what we want.
TODO: write /dev/ traversal code for the generic sudo_ttyname_dev().
 2012-04-11 14:48:08 -04:00
Todd C. Miller
271f3e2054 Define PRNODEV for those w/o it. 2012-04-10 16:12:08 -04:00
Todd C. Miller
11f13be0dd Check for SVR4-style struct psinfo.pr_ttydev and use that to determine 
the tty if std{in,out,err} are not ttys.
 2012-04-10 15:53:41 -04:00
Todd C. Miller
2e59eafba6 Better support for SVR4-style /proc entries where we can't use 
ttyname() on the /proc/pid/fd/[0-2] entries.  We can, however,
attempt to map the device number back to the correct pseudo-tty
slave device.
 2012-04-10 14:35:30 -04:00
Todd C. Miller
329e224db9 When trying to determine the tty name, check parent's stderr in 
addition to its stdin and stdout.
 2012-04-10 13:49:49 -04:00
Todd C. Miller
eb8274bdcc Treat a tty read failure like EOF as it usually means the pty has 
gone away.  Handle write() on the tty returning EIO.
 2012-04-10 10:18:59 -04:00
Todd C. Miller
df04ccb207 Linux select() may return ENOMEM if there is a kernel resource 
shortage.  Older Solaris select() may return EIO instead of EBADF
when the tty goes away.  If we get an unhandled select() failure,
kill the child and exit cleanly.
 2012-04-10 10:18:39 -04:00
Todd C. Miller
30fee3aade Open /proc/pid/fd/[0-2] in non-blocking mode just in case we might 
block in open.
 2012-04-10 09:26:52 -04:00
Todd C. Miller
df067cac47 Allow the -k flag to be used along with the -i and -s flags. 2012-04-09 14:27:33 -04:00
Todd C. Miller
21f3e0deb2 sync with translationproject.org 2012-04-09 09:09:13 -04:00
Todd C. Miller
38ea65203a Move ttysize.c to common so sudoreplay can use it. 2012-04-06 16:41:08 -04:00
Todd C. Miller
c8ce3a0a85 Log the process id in the debug file output. Since we don't want 
to keep calling getpid(), stash the value at init time and when we
fork().
 2012-04-06 15:20:16 -04:00
Todd C. Miller
bb898cd5df Ignore SIGTTIN and SIGTTOU in main sudo process when I/O logging. 
It is better to receive EIO from read()/write() than to be suspended
when we don't expect it.  Fixes a problem when our terminal is
revoked which can happen when, e.g. our sshd is killed unceremoniously.
Also, only change the value of "alive" from true to false, never
from false to true.  It is possible for us to receive notification
of the child having stopped after it is already dead.  This does
not mean it has risen from the grave.
 2012-04-06 12:45:30 -04:00
Todd C. Miller
b4acbc9fe0 Distinguish between signals we received from the parent vs. those 
delivered explicitly to the monitor process in debugging info.
 2012-04-06 12:40:13 -04:00
Todd C. Miller
2311fed457 Make this compile after last change. 2012-04-05 12:59:26 -04:00
Todd C. Miller
c0a75ce9d9 Don't try to restore the terminal if we are not the foreground 
process.  Otherwise, we may be stopped by SIGTTOU when we try to
update the terminal settings when cleaning up.
 2012-04-05 12:40:51 -04:00
Todd C. Miller
6f4afc6652 If select() return EBADF in the main event loop, one of the ttys 
must have gone away so perform any I/O we can and close the bad
fds.
 2012-04-05 12:39:46 -04:00
Todd C. Miller
2fe41248ac Add SUDO_DEBUG_ERRNO flag to debug functions so we can log errno. 
Use this flag when wrapping error() and warning() so the debug
output includes the error string.
 2012-04-04 16:59:31 -04:00
Todd C. Miller
7e6d00ed12 Don't need zero_bytes() after ecalloc() 2012-03-30 14:59:27 -04:00
Todd C. Miller
9ceea5cb7b Add execvpe(), exect(), posix_spawn() and posix_spawnp() wrappers 
to sudo_noexec.c.
 2012-03-30 09:36:30 -04:00
Todd C. Miller
5eb61122a6 Fix compat setutxent and endutxent macros for systems with 
setutent() but not setutxent().  From Gustavo Zacarias
 2012-03-30 07:55:49 -04:00
Todd C. Miller
aecb5206e2 Fix compiler warnings on some platforms and provide a better method 
of defeating gcc's warn_unused_result attribute.
 2012-03-29 10:33:40 -04:00
Todd C. Miller
0a230feaed Fix compilation if RTLD_NEXT is not defined. 2012-03-28 15:27:27 -04:00
Todd C. Miller
739ea68d03 sync with translationproject.org 2012-03-28 14:22:09 -04:00
Todd C. Miller
8cc1507bbf regen 2012-03-28 14:08:28 -04:00
Todd C. Miller
e8251a0774 Quiet a compiler warning on systems where the argument to putenv(3) 
is const.
 2012-03-28 10:58:02 -04:00
Todd C. Miller
a142d780c7 Add Swedish sudo and sudoers translations from translationproject.org 2012-03-28 09:56:26 -04:00
Todd C. Miller
2f30694b87 If we are not running with an effective uid of 0, try to give the 
user enough information to debug the problem.
 2012-03-27 13:57:03 -04:00
Todd C. Miller
9be74cac45 If there is nothing to read from the askpass program, set errno to 
EINTR.  This makes the cancel button behave like the user entered
^C at the password prompt when PAM is used.
 2012-03-27 12:41:28 -04:00
Todd C. Miller
d35a8b4de4 Fetch the value of "askpass" from the sudo conf struct. 2012-03-27 12:25:04 -04:00
Todd C. Miller
413c2accd9 sync with translationproject.org 2012-03-24 13:38:38 -04:00
Todd C. Miller
2569f943dc sync with translationproject.org 2012-03-20 14:38:30 -04:00
Todd C. Miller
e0e81674c8 sync with translationproject.org 2012-03-19 11:25:07 -04:00
Todd C. Miller
55d1a1a79d Use ecalloc() when allocating structs. 2012-03-19 11:24:24 -04:00
Todd C. Miller
9eeacad6d9 sync with translationproject.org 2012-03-18 12:47:27 -04:00
Todd C. Miller
96f046c1ce Rename plugin "args" to "options" 2012-03-15 12:32:31 -04:00
Todd C. Miller
1234d08c98 regen 2012-03-15 09:19:28 -04:00
Todd C. Miller
6d10909949 Pass a pointer to user_env in to the init_session policy plugin 
function so session setup can modify the user environment as needed.
For PAM authentication, merge the PAM environment with the user
environment at init_session time.  We no longer need to swap in the
user_env for environ during session init, nor do we need to disable
the env hooks at init_session time.
 2012-03-15 09:18:36 -04:00
Todd C. Miller
b3da8ccd89 Include sudo_exec.h for the sudo_execve() prototype. 2012-03-14 21:52:31 -04:00
Todd C. Miller
c3ea638b34 regen 2012-03-14 14:20:55 -04:00
Todd C. Miller
dc727ff6d4 Fix compilation when seteuid() is not available. 2012-03-12 13:52:51 -04:00
Todd C. Miller
4bd136e11a Simply move the free of ki_proc outside the realloc() loop. 2012-03-12 11:37:33 -04:00
Todd C. Miller
1ca5009563 Bring back the erealloc() for the ENOMEM loop and just zero the 
pointer after we free it.
 2012-03-12 10:49:26 -04:00
Todd C. Miller
9052833f76 Don't try to erealloc() a potentially freed pointer; Mateusz Guzik 2012-03-12 08:54:40 -04:00