isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
8,796 Commits 1 Branch 0 Tags
c91b6777d3d8fbfa65d016857fa36ecabff848f6
Commit Graph

8796 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
c91b6777d3 On HP-UX 11.0, sys/ioctl.h is not sufficient to make struct winsize 
visisble, we need termios.h too.
 2017-05-15 09:37:58 -06:00
Todd C. Miller
ea9120ee24 Always used TIOCGWINSZ. 2017-05-15 09:21:00 -06:00
Todd C. Miller
6a8eaef4b8 Move exec_setup(), unlimit_nproc() and restore_nproc() from sudo.c 
to exec.c.
 2017-05-15 09:01:10 -06:00
Todd C. Miller
befa862f75 No need to include selinux.h here. 2017-05-15 09:00:15 -06:00
Todd C. Miller
f60030b903 Fix compilation error on macOS 2017-05-15 08:57:45 -06:00
Todd C. Miller
7db97c7835 Avoid a clang analyzer false positive. 2017-05-12 10:02:18 -06:00
Todd C. Miller
1dc39e9d99 Add cov-build and cov-submit targets for checking with coverity. 2017-05-12 10:02:18 -06:00
Todd C. Miller
a842913aa7 Use debug logging instead of ignore_result() where possible. 2017-05-12 10:02:18 -06:00
Todd C. Miller
d979898e71 Remove use of non-standard sigaction_t 2017-05-12 10:02:18 -06:00
Todd C. Miller
b5c88e52b1 Remove use of the non-standard SA_INTERRUPT 2017-05-12 10:02:17 -06:00
Todd C. Miller
9c3783a175 sudo 1.8.21 2017-05-12 10:02:17 -06:00
Todd C. Miller
17514b55ea Add support for multiple '*' in env_keep, env_check and env_delete 
entries.
 2017-05-12 10:02:17 -06:00
Todd C. Miller
15790b69c2 Add SIGCHLD to the list of signals we install sudo_handler() for. 
Otherwise, it is possible for the command to exit before the SIGCHLD
handler is installed.  POSIX says that signals that are ignored by
default are still ignored even if the signal mask would block them.
We need to have a handler installed for SIGCHLD before the fork().
 2017-05-12 10:02:17 -06:00
Todd C. Miller
95e92bfe4e Activate the sigevents inside the signal pipe callback itself 
and call signal_pipe_cb() directly if the backend returns EINTR
and the signal_caught flag is set.  This has the side effect of
processing signal events in the current pass of the event loop
instead of the next one.
 2017-05-12 10:02:17 -06:00
Todd C. Miller
1186f39842 Use SUDO_EV_SIGNAL and SUDO_EV_SIGINFO instead of managing the 
signal_pipe explicitly.
 2017-05-12 10:02:17 -06:00
Todd C. Miller
9d4a92b9b4 Handle the possibility of the siginfo parameter in sa_sigaction 
handler being NULL.
 2017-05-12 10:02:17 -06:00
Todd C. Miller
2a55808775 Add support for signal events in sudo's event subsystem 2017-05-12 10:02:17 -06:00
Todd C. Miller
e453c97976 Restore the error message for sudo_ev_add() failure. 2017-05-12 10:02:17 -06:00
Todd C. Miller
a2a83557e2 Add workaround for clang static analyzer being confused by LIST_REMOVE 
and TAILQ_REMOVE.
 2017-05-12 09:56:06 -06:00
Todd C. Miller
246ed8777d Fix "make check" when openssl or gcrypt is used. Bug #787 2017-05-11 05:28:19 -06:00
Todd C. Miller
0244f931dd Only display string version of errno if sudo_ev_add() fails for now 2017-05-10 09:22:07 -06:00
Todd C. Miller
75f5f4934f update 2017-05-08 14:03:29 -06:00
Todd C. Miller
e51831fab3 Be clear that #includedir diverts control to the files in the 
specified directory and, when parsing of those files is complete,
returns control to the original file.  Bug #775
 2017-05-08 13:55:02 -06:00
Todd C. Miller
93c029f4f9 sync with translationproject.org 2017-05-07 06:44:33 -06:00
Todd C. Miller
6f3cc3f107 update 2017-05-05 14:48:19 -06:00
Todd C. Miller
e18a5c7d74 Fix a hang introduced in the last commit. Don't close the pty slave 
until after we have the controlling tty.
 2017-05-05 14:45:35 -06:00
Todd C. Miller
44dc15d02d If any of std{in,out,err} are not hooked up to a tty only interpose 
ourselves with a pipe if the plugin will actually log the data.
This avoids a problem with non-interactive commands where no tty
is present where sudo will consume stdin even when log_input is not
enabled in sudoers.
 2017-05-05 14:27:42 -06:00
Todd C. Miller
62730d13da update 2017-05-05 10:51:18 -06:00
Todd C. Miller
01228b735d Update based on information from Michael Felt. 2017-05-05 10:45:33 -06:00
Todd C. Miller
4e67ac56bd In check_input() when switch()ing on the return value of read(), 
use the default label instead of 1 for the success case.  It is
only reading a single byte so the two are equivalent but it reads
better using default.
 2017-05-04 12:25:51 -06:00
Todd C. Miller
1a047b156d Check sudo_ev_add() return value. Coverity CID 168362 2017-05-04 11:10:42 -06:00
Todd C. Miller
1d1ebb6111 Add io_open() wrapper for open(2) that retries with PERM_IOLOG if 
open(2) fails with EACCES.  Use io_open() instead of duplicate
copies of the same fallback code.
 2017-05-04 11:00:22 -06:00
Todd C. Miller
8757691fc7 Don't retry the open() if set_perms() fails. 2017-05-04 10:45:05 -06:00
Todd C. Miller
237eddd95e Fix typo (fd2 vs. fd) caught by coverity, CID 168359. 2017-05-04 10:30:59 -06:00
Todd C. Miller
32ebb4a383 sync with translationproject.org 2017-05-04 09:17:19 -06:00
Todd C. Miller
280d5ac691 Warn people not to use --enable-asan in production. 2017-05-03 12:56:06 -06:00
Todd C. Miller
80f8960fc6 Move the invocation of check_noexec into the main "check" target 
but only run it if not cross compiling and whe CHECK_NOEXEC is not
empty.
 2017-05-03 11:58:40 -06:00
Todd C. Miller
ecbf895097 Move @CHECK_NOEXEC@ to TEST_PROGS so it gets cleaned up properly. 2017-05-03 11:32:56 -06:00
Todd C. Miller
8468f13c69 Move syslog_maxlen to the "Integers" section. Move syslog_goodpri and 
syslog_badpri to the "Strings at can be used in a boolean context" section.
 2017-05-03 10:32:21 -06:00
Todd C. Miller
d9bfaa386e Fix a pasto that resulted in an extra (empty) syslog_goodpri list entry. 2017-05-03 10:24:12 -06:00
Todd C. Miller
c379665556 Add tests for parsing tuples and syslog options. 2017-05-03 09:54:30 -06:00
Todd C. Miller
2d8717bdd2 Allow the syslog Defaults option to be used in a "true" boolean 
context and use the compiled in default log facility in this case.
 2017-05-03 09:53:03 -06:00
Todd C. Miller
631d458b6f Allow a tuple to be set to boolean true. Regression introduced by 
refactor of set_default_entry() in sudo 1.8.18.
 2017-05-03 09:28:36 -06:00
Todd C. Miller
ddf1fa16f8 Replace the list of "dangerous" environment variables and explain 
how sudo handles the environment instead.
 2017-05-01 11:33:51 -06:00
Todd C. Miller
6af6f84670 Fix exponential behavior in glob() with respect to multiple '*'. 
See https://research.swtch.com/glob
Adapted from https://perl5.git.perl.org/perl.git/commit/33252c318625f3c6c89b816ee88481940e3e6f95
 2017-04-28 12:12:00 -06:00
Todd C. Miller
dab8651ed2 We no longer need to write to the tty if the command was killed by 
a signal.  Sudo will terminate itself with the same signal the
command died from.  Unfortunately, we lose the "core dumped" bit
since sudo itself will not dump core, but there doesn't appear to
be a way around that.
 2017-04-28 10:32:15 -06:00
Todd C. Miller
f57629c953 On Linux, if the command we ran dumped core, set PR_SET_DUMPABLE 
to 0.  This will prevent sudo itself from dumping core in this case.
 2017-04-27 12:28:08 -06:00
Todd C. Miller
f0425ca813 Update path to sudo_noexec.so 2017-04-27 12:02:29 -06:00
Todd C. Miller
91aec9730e If the command terminated due to a signal, sudo will send that same 
signal to itself so the parent shell knows the command died from
a signal.  However, we don't want sudo itself to dump core.
 2017-04-27 10:34:30 -06:00
Todd C. Miller
2d13bf3562 sync 2017-04-26 20:33:20 -06:00