isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
12,574 Commits 1 Branch 0 Tags
c6987aa26ea12569e65bc7ab18e702b06ab8d715
Commit Graph

1652 Commits

Author SHA1 Message Date
Todd C. Miller
1496bfed6c Add support for adding a utmp entry when allocating a new pty. 
Requires the BSD login(3) or SYSV/POSIX getutent()/getutxent().
Currently only creates a new entry if the existing tty has
a utmp entry.
 2011-03-08 15:37:40 -05:00
Todd C. Miller
e558b79e85 Move struct generic_plugin to sudo_plugin_int.h 2011-02-23 15:12:04 -05:00
Todd C. Miller
59515a4a6d add help text to sudo, visudo and sudoreplay for the -h option 2011-02-21 11:33:36 -05:00
Todd C. Miller
435e44808d add localstatedir; closes bug 471 2011-02-19 08:29:21 -05:00
Todd C. Miller
39d9feb438 The howmany macro lives in sys/sysmacros.h on SVR5 systems 
Closes Bug 470
 2011-02-19 08:23:46 -05:00
Todd C. Miller
a099aa7f2a SVR5 systems return non-zero for success on socketpair(), 
check for -1 instead.  Closes Bug 469
 2011-02-19 08:13:17 -05:00
Todd C. Miller
011ba5511f If sudo.conf contains no Plugin lines, use the default sudoers 
policy and I/O plugins.
 2011-02-16 12:15:46 -05:00
Todd C. Miller
2d88a09883 remove bogus XXX 2011-02-07 10:51:14 -05:00
Todd C. Miller
056cb8a5da Remove duplicate FD_SET of signal_pipe[0] 2011-02-06 16:55:21 -05:00
Todd C. Miller
5fc2f8f454 Pass SIGUSR1/SIGUSR2 through to the child. 2011-02-03 10:25:42 -05:00
Todd C. Miller
2959d5dadd Use special values SIGCONT_FG and SIGCONT_BG instead of SIGUSR1 and 
SIGUSR2 to indicate whether the child should be continued in the
foreground or background.
 2011-02-03 09:59:41 -05:00
Todd C. Miller
34a087acf6 Use pid_t not int and check the return value of kill() 2011-02-03 09:20:34 -05:00
Todd C. Miller
82c85571c9 Remove obsolete comment 2011-02-02 14:24:48 -05:00
Todd C. Miller
29f9e23c84 In non-pty mode before continuing the child, make it the foreground 
pgrp if possible.  Fixes resuming a shell.
 2011-02-02 14:19:23 -05:00
Todd C. Miller
8a64a8c798 If we get a signal other than SIGCHLD in the monitor, pass it directly 
to the child.
 2011-02-02 13:27:24 -05:00
Todd C. Miller
c18468d1a5 Save signal state before changing handlers and restore before 
we execute the command.
 2011-02-02 12:44:35 -05:00
Todd C. Miller
fc38481663 Perform command escaping for "sudo -s" and "sudo -i" after validating 
sudoers so the sudoers entries don't need to have all the backslashes.
 2011-01-25 09:53:57 -05:00
Todd C. Miller
ae2f7638f5 standardize on "return foo;" rather than "return(foo);" or "return (foo);" 2011-01-24 15:15:18 -05:00
Todd C. Miller
f7f8b6867e Update copyright year to 2011 2011-01-20 16:46:56 -05:00
Todd C. Miller
1defd7b456 Add regression tests for iolog_path() 2011-01-06 11:05:28 -05:00
Todd C. Miller
f8de3f6327 Add support for "make Makefile" to regenerate Makefile from Makefile.in 2011-01-06 10:44:28 -05:00
Todd C. Miller
5966b67dda Don't need iolog variables in struct command_details, they are for 
the I/O log plugins to handle.
 2010-12-28 10:50:45 -05:00
Todd C. Miller
c833ff02b6 Add use_pty command_info flag for policies to indicate that a 
pty should be allocated even if no I/O logging is performed.
 2010-12-20 16:27:46 -05:00
Todd C. Miller
c1a22ff152 Add remaining plugin convenience functions 2010-12-20 16:26:30 -05:00
Todd C. Miller
9948dae706 Change I/O log API to pass in command info to the I/O log open function. 
Add iolog_file and iolog_dir parameters to command info.
This allows the policy plugin to specify the I/O log pathname.
Add convenience functions for calling plugin functions that
handle ABI backwards compatibility.
 2010-12-20 16:20:11 -05:00
Todd C. Miller
4527bdd9b4 Use %u to print uid/gid, not %lu and adjust casts to match. 2010-11-30 15:21:36 -05:00
Todd C. Miller
d0d0e1b9f5 exec_setup() does not need to setuid(0), the Ubuntu issue was in 
the sudoers module.
 2010-11-23 07:35:27 -05:00
Todd C. Miller
d39747e6a5 In exec_setup() call setuid(0) to make certain the subsequent 
uid and gid changes will succeed.  Fixes a problem on Ubuntu.
 2010-11-23 07:26:21 -05:00
Todd C. Miller
d869ca1f90 Error out if we cannot change to root's uid so we catch the failure early. 2010-11-23 07:25:03 -05:00
Todd C. Miller
47323843a5 Give up on using VPATH to find sources as it is implemented inconsistenly 
in different versions of make.
 2010-11-09 10:27:02 -05:00
Todd C. Miller
c6965a5303 g/c unused $(GENERATED) 2010-11-09 07:41:34 -05:00
Todd C. Miller
01dcbfce70 Only chdir to cwd if it is different from the current cwd or there 
is a new root (chroot).
 2010-11-08 16:40:11 -05:00
Todd C. Miller
a11e4c8d72 If perform_io() fails, kill the child before exiting so it doesn't 
complain about connection reset.  We can get an I/O error if, for
example, and we get EIO reading from stdin.
 2010-10-15 16:24:42 -04:00
Todd C. Miller
93d2420de9 Fix complilation on systems with set_auth_parameters() 
Sprinkle volatile to quiet warnings from gcc 2.8.0
 2010-10-12 10:47:16 -04:00
Todd C. Miller
298d0cbe2d sudo binary depends on the libtool-generated libs 2010-10-11 17:40:23 -04:00
Todd C. Miller
86a4a5232f Use HAVE_DLOPEN instead of HAVE_DLFCN_H when determining whether to 
include the local or system dlfcn.h
 2010-10-11 17:39:51 -04:00
Todd C. Miller
3ff8d5e781 Use memset() instead of zero_bytes() since we don't include sudoers.h 2010-10-11 15:51:21 -04:00
Todd C. Miller
5fc7233d2f sudo_preload_table is an array 2010-10-11 09:12:07 -04:00
Todd C. Miller
e2f253e51d Fix TCGETWINSZ compat. 2010-10-07 14:11:10 -04:00
Todd C. Miller
1a4990f571 Prefer newer TIOCGWINSZ ioctl to old TIOCGSIZE 2010-10-02 17:11:07 -04:00
Todd C. Miller
6b4fe798d5 Move set_project() from sudoers module into sudo proper. 2010-10-01 13:52:42 -04:00
Todd C. Miller
413b7b55d1 Add missing signal_pipe[0] to fdsr for the non-pty case. 2010-10-01 12:03:47 -04:00
Todd C. Miller
f538ed4e35 Add dlopen() emulation for systems without it. 
For HP-UX 10, emulate using shl_load().
For others, link sudoers plugin statically and use a lookup
table to emulate dlsym().
 2010-09-26 17:41:35 -04:00
Todd C. Miller
ece29bdea1 Use SIG_SETMASK when resetting signal mask instead of SIG_UNBLOCK. 2010-09-14 09:25:52 -04:00
Todd C. Miller
01c7840dc5 Reset signal mask at sudo startup time; we need to be able to rely on 
normal signal delivery to control the child process.
 2010-09-14 09:23:19 -04:00
Todd C. Miller
c04f48b4bf Quiet gcc warnings on glibc systems that use warn_unused_result for 
write(2).
 2010-09-11 09:26:09 -04:00
Todd C. Miller
66bea8c4c9 Read as many signals on the signal pipe as we can before returning. 2010-09-10 11:27:20 -04:00
Todd C. Miller
59399d55c3 Instead of using a array to store received signals, open a pipe and 
have the signal handler write the signal number to one end and
select() on the other end.  This makes it possible to handle signals
similar to I/O without race conditions.
 2010-09-10 11:20:32 -04:00
Todd C. Miller
e069b74dc8 Convert sudoers plugin to use interface list passed in settings. 2010-09-08 15:07:40 -04:00
Todd C. Miller
1009d7a3e6 Query local network interfaces in the main sudo driver and pass to 
the plugin as "network_addrs" in the settings list.
 2010-09-08 14:20:11 -04:00