isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
4,461 Commits 1 Branch 0 Tags
c8fc35b0a69b08f1b39bca112be72bafe24b44d3
Commit Graph

4461 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
3086f937f0 build the .cat page in the current working dir, not the src dir 2009-06-15 21:18:53 +00:00
Todd C. Miller
44ace77355 Return EINVAL in setenv() if var is NULL or the empty string to match 
glibc behavior.
 2009-06-15 13:10:01 +00:00
Todd C. Miller
633357448a Use AS_HELP_STRING for AC_ARG_WITH and AC_ARG_ENABLE 2009-06-13 20:52:50 +00:00
Todd C. Miller
e939739aae regen 2009-06-11 20:29:12 +00:00
Todd C. Miller
54c599d714 Document --with-libvas and --with-libvas-rpath 2009-06-09 14:08:55 +00:00
Todd C. Miller
9606d21653 For netscape-derived LDAP SDKs the cert and key paths may be a 
directory or a file.  However, version 5.0 of the SDK only seems
to support using a directory.  If ldapssl_clientauth_init fails and
the cert or key paths look like they could be files, strip off the
last path element and try again.
 2009-05-29 13:43:12 +00:00
Todd C. Miller
073981ea84 Add non-Unix group .o to COMMON_OBJS and substitute in path to flex. 2009-05-29 13:40:52 +00:00
Todd C. Miller
7b7ae44ea3 Update non-Unix group support from Quest, as reworked by me. 2009-05-27 00:49:07 +00:00
Todd C. Miller
3ea51f2266 regen 2009-05-27 00:47:17 +00:00
Todd C. Miller
c708413952 Add support for escaped hex chars in names, e.g. \x20 for space. 2009-05-27 00:46:51 +00:00
Todd C. Miller
62b89f9dfc Update copyright years. 2009-05-25 12:02:42 +00:00
Todd C. Miller
4341ce6cde Minor fixes for Minix-3 2009-05-24 12:33:00 +00:00
Todd C. Miller
896508077c Handle getgroups() returning 0. Also add missing check for HAVE_GETGROUPS. 2009-05-22 10:37:29 +00:00
Todd C. Miller
f54b69b0cc Replace version.h with PACKAGE_VERSION set via AC_INIT in configure. 2009-05-19 21:24:05 +00:00
Todd C. Miller
5f9f29a233 Remove group setting code in setusercontext case, we will do it ourselves 
later on in runas_setup.  Set the gid after initgroups/setgroups is called,
since on Mac OS X it seems to change the egid.
 2009-05-18 10:33:33 +00:00
Todd C. Miller
d985366233 Initial bits of non-unix group support using Quest Authentication Services 2009-05-17 22:19:38 +00:00
Todd C. Miller
f3407d8695 Accept %:foo as a non-Unix group 2009-05-17 20:52:15 +00:00
Todd C. Miller
e74bea7628 Allow user/group to be double quoted in the case of non-Unix groups 
which contain spaces.
 2009-05-17 20:22:24 +00:00
Todd C. Miller
8d34913560 Don't allow the user to specify the default runas user if their 
sudoers entry only allows them to run as a group.
 2009-05-11 16:47:10 +00:00
Todd C. Miller
c0ac222c3f Must call audit_success before we change uids. 2009-05-10 11:59:53 +00:00
Todd C. Miller
755a81e946 Add option for set_perm to not exit on failure and use this in 
the logging routines.
 2009-05-10 11:52:13 +00:00
Todd C. Miller
2a609b467c In -l mode, if the user is only allowed to run as a group, display 
the user's name, not root's before the allowed group.
 2009-05-10 11:33:45 +00:00
Todd C. Miller
3332ee9842 Fix -g mode, broken by rev 1.503 which had the side effect of setting 
the runas user to root unilaterally.
 2009-05-10 01:00:23 +00:00
Todd C. Miller
9251cf24a9 When unlocking a file with fcntl, use F_SETLK, not F_SETLKW. 2009-05-08 20:19:20 +00:00
Todd C. Miller
03f4a2e703 Only cache by the method we fetched for pwd and grp lookups. Previously 
we cached both by namd and id but this can cause problems for entries
that share the same id.  Also add more info in the error message in case
the insert fails (which should now be impossible).
 2009-05-08 17:07:10 +00:00
Todd C. Miller
2b89941122 Add a clarification from Nick Sieger 2009-04-30 19:04:08 +00:00
Todd C. Miller
8d7518a18c Inline the setting of the environment string. 2009-04-25 16:49:22 +00:00
Todd C. Miller
c0c7180bba setenv(3) in Linux treats a NUL value as the empty string 
setenv(3) in BSD doesn't return an error if the name has '=' in it, it
just treats the '=' as end of string.
 2009-04-24 18:53:15 +00:00
Todd C. Miller
182711e341 Not all systems have d_namlen 2009-04-22 20:32:08 +00:00
Todd C. Miller
db9860aa36 Fix up some pod2html issues. 2009-04-20 17:53:02 +00:00
Todd C. Miller
78c347990e Check for NULL ifa_addr and ifa_netmask. 
Adapted from a diff from Quest Software.
 2009-04-19 18:09:24 +00:00
Todd C. Miller
0509ce3f66 Ignore files ending in '~' in sudo.d (emacs backup files) 2009-04-19 13:01:20 +00:00
Todd C. Miller
72a1d82412 Ignore files ending in '~' in sudo.d (emacs backup files) 2009-04-19 12:56:42 +00:00
Todd C. Miller
95de5670a2 For #includedir, ignore any file containing a dot 2009-04-18 23:37:33 +00:00
Todd C. Miller
392edea928 Bump version 2009-04-18 23:25:38 +00:00
Todd C. Miller
3be603aa47 Implement #includedir directive. Files in an includedir are not edited 
by visudo unless they contain a syntax error.
 2009-04-18 23:25:08 +00:00
Todd C. Miller
e65ec1438a sync 2009-04-18 16:06:05 +00:00
Todd C. Miller
584a145559 Forgot umask_override 2009-04-18 14:27:42 +00:00
Todd C. Miller
bfce2852fc sync 2009-04-18 13:25:08 +00:00
Todd C. Miller
68ab808acb Rewind stream if we fdopen sudoers since it may not be at the beginning. 
Set the keepopen flag on already-open files too so the lexer doesn't
close them out from under us.
 2009-04-16 12:22:04 +00:00
Todd C. Miller
c7c8554cf3 Print the proper file name when there is a parse error in an include 
file.
 2009-04-16 12:18:10 +00:00
Todd C. Miller
e4c4083924 Sync 2009-04-11 11:45:25 +00:00
Todd C. Miller
8eae33753e Fix a warning when --without-ldap is specified. 2009-04-10 20:59:42 +00:00
Todd C. Miller
d9708f9c27 Store aliases that we remove during check_aliases in a freelist and 
free them at the end so we don't leak memory.
 2009-04-05 16:25:04 +00:00
Todd C. Miller
9703224b8e Check aliases in -c mode too. 2009-03-28 13:30:15 +00:00
Todd C. Miller
7bf7af9414 Make alias_remove return the alias struct instead of freeing it directly. 
Fixes a use after free in alias_remove_recursive, the only consumer.
 2009-03-28 13:09:51 +00:00
Todd C. Miller
0656629980 Rename find_alias -> alias_find for consistency. 2009-03-28 13:07:17 +00:00
Todd C. Miller
b65831d4b8 When checking for unused aliases, recurse if the alias points to 
another alias.
 2009-03-27 23:29:06 +00:00
Todd C. Miller
322abc61e3 Back out rev 1.105 for now. Real ldapux_client.conf support will be 
done later after some refactoring.
 2009-03-16 16:11:28 +00:00
Todd C. Miller
c07c11f6b6 Treat ldap_hostport the same as "host" for ldapux. 2009-03-14 16:02:11 +00:00