isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
8,424 Commits 1 Branch 0 Tags
caf064e17bbdfa0d3a0149b61c4f427ebb4fee8c
Commit Graph

8424 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
caf064e17b Refactor the error parts of set_default_entry() so the switch() is 
mostly just calls to store_foo() functions.  Avoids a lot of
duplicated error checking and silences a cppcheck false positive.
 2016-08-12 10:37:41 -06:00
Todd C. Miller
9051c92cb3 In set_default_entry() check for unsupported Defaults type. 2016-08-12 09:37:11 -06:00
Todd C. Miller
f17f9ba9b2 Add missing break in switch that sets the max limit for RLIMIT_NOFILE. 
Found by cppcheck.
 2016-08-12 09:24:41 -06:00
Todd C. Miller
7ac77b094c Check sudoers_initlocale return value and treat as oom. 
Coverity CID 141832
 2016-08-12 06:00:17 -06:00
Todd C. Miller
a08ea1b14d Set runas_pw early and adjust runaslist_matches() to deal. Since 
we now set runas_default early there is no need to call update_defaults
with SETDEF_RUNAS after sudoers has been parsed.
 2016-08-10 10:56:05 -06:00
Todd C. Miller
56ead73886 Load sudoers group plugin via an early callback. 2016-08-09 13:14:31 -06:00
Todd C. Miller
a9973c2e68 System Integrity Protection on Mac OS X won't allow us to write 
directly to /etc or /var.  We must install in /private/{etc,var}
instead.
 2016-08-09 12:35:08 -06:00
Todd C. Miller
d17bc132de Document that fqdn, runas_default and sudoers_locale are parsed early. 2016-08-09 10:26:02 -06:00
Todd C. Miller
ac20b8ddff Regen for 1.8.18 2016-08-09 10:25:50 -06:00
Todd C. Miller
9d94ee11c0 Avoid passing around struct defaults when it is not needed. As a 
result, we no longer need to include gram.h in the LDAP and SSSD
backends.
 2016-08-08 20:09:59 -06:00
Todd C. Miller
0bf2d9b162 Instead of deferring setting early defaults until we have traversed 
the entire defaults list, just defer running the callbacks.  Otherwise,
if the last early default setting we see has a bad value we won't
set any defaults of that type even if there was an earlier one that
was valid.
 2016-08-08 17:04:20 -06:00
Todd C. Miller
e5a7891ec8 Run callbacks once in set_default_entry() instead of each of the 
store_foo() functions.
 2016-08-08 16:47:11 -06:00
Todd C. Miller
14c9d203e8 Use /proc/cpuinfo on Linux instead of running lscpu 2016-08-03 06:31:17 -06:00
Todd C. Miller
820934082f If using GNU make on a multi-cpu system, use the -j flag to run 
make jobs in parallel, up to the number of cpus/cores.
 2016-08-03 06:15:25 -06:00
Todd C. Miller
54efa54c0e Only check SUDO_USER if euid is 0 2016-07-31 18:47:36 -06:00
Todd C. Miller
f85e95329f Initialize sudo_user based on the SUDO_USER environment variable 
if present.  This allows things like :Defaults:username editor=foo"
to work when visudo is run via sudo.
 2016-07-30 15:27:36 -06:00
Todd C. Miller
4352bb9ca9 Add function name in "command resumed" debug message 2016-07-28 06:23:39 -06:00
Todd C. Miller
383debee9f If waitpid() returns 0 or -1, display a warning, this should never happen. 
Add a check for unhandled wait status (also should never happen).
 2016-07-28 06:16:43 -06:00
Todd C. Miller
2b150925dc Flag settings have a NULL value so we can't use that to test whether 
an entry in struct early_default is set or not.  Add a "set" member
and use that instead.
 2016-07-28 06:05:39 -06:00
Todd C. Miller
4f47a2ad7d Explicitly check for a continued process with waitpid(2). Otherwise, 
waitpid() will return 0 when the command is resumed after being
suspended, which we were treating the same as -1.  Fixes suspend
and resume on Linux and probably others.
 2016-07-27 16:17:41 -06:00
Todd C. Miller
a014a2abd4 Fix --with-fqdn, the value should be NULL since it is a flag. 2016-07-27 15:03:48 -06:00
Todd C. Miller
16551031f9 Add support for early defaults to the ldap and sssd backends. 2016-07-27 14:20:17 -06:00
Todd C. Miller
cc31c2b241 Repair symlink check in sudo_edit_openat_nofollow() on systems 
without O_NOFOLLOW, it must be done relative to dfd.  Previously
the lstat() would always fail, possibly leading to a false positive.
Also add an early symlink check like in sudo_edit() while here.
 2016-07-25 10:41:33 -06:00
Todd C. Miller
bf82b3f2ba On systems that lack the O_NOFOLLOW open(2) flag, check in 
sudo_edit_open() whether the path to be opened is symlink before
opening it.  This is racey but we detect losing the last post-open
and it is better to fail early if possible.  When editing a link
to a non-existent file, a zero-length file will be left behind but
it is too dangerous to try and remove it after the fact.
Bug #753
 2016-07-25 10:26:54 -06:00
Todd C. Miller
2663575118 Update debug_decl for sudo_edit_openat_nofollow() 
Remove unused variables when O_NOFOLLOW is not present.
 2016-07-25 10:22:29 -06:00
Todd C. Miller
2c21663b22 Split set_default_entry() out of set_default() so we can call it 
from check_defaults() to validate the defaults value.  In visudo,
suppress warnings from update_defaults() and rely on check_defaults()
to provide warnings.
 2016-07-23 09:10:48 -06:00
Todd C. Miller
29d842dbaf Split binding match code out of default_type_matches() into 
default_binding_matches().  We can now use default_type_matches()
in check_defaults().
 2016-07-23 08:45:43 -06:00
Todd C. Miller
e0ac766473 Pass quiet flag to init_parser() and update_defaults() when doing 
first parse of sudoers.
 2016-07-23 05:53:35 -06:00
Todd C. Miller
256ca993b9 Update defaults in visudo after sudoers has been edited so we pick 
up locale changes.  The init_defaults() function will now re-init
the sudoers locale.
 2016-07-22 10:41:56 -06:00
Todd C. Miller
65579b69eb Set sudoers locale before calling sudoersparse(). We don't need 
to restore the user's locale since warnings are displayed in the
user's locale anyway.
 2016-07-20 19:58:42 -06:00
Todd C. Miller
ef24bd5c3c Set the locale to the sudoers locale when parsing and restore the 
user's locale afterward.  Also set the warn/fatal locale helper
function so warning messages during a sudoers parse are displayed
in the user's own locale.
 2016-07-20 16:41:23 -06:00
Todd C. Miller
6ba2769ba8 Add forward decl of union sudo_defs_val to silence a gcc warning. 2016-07-20 16:39:26 -06:00
Todd C. Miller
e257f2c9e3 Set the warn/fatal locale helper function in sudoers_policy_init() 
so warning messages during sudoers loading are displayed in the
user's own locale.
 2016-07-20 15:52:32 -06:00
Todd C. Miller
b5c2ca2fe5 Move sudoers locale callback function to locale.c and user it in 
visudo and testsudoers.
 2016-07-20 14:16:00 -06:00
Todd C. Miller
30f7ecca10 In cb_sudoers_locale() actually set the locale in addition to storing 
its name.  Otherwise, it won't take effect until sudoers lookup time.
 2016-07-20 13:36:45 -06:00
Todd C. Miller
684161618d Fix regression that would cause early defaults entries to be 
set multiple times.
 2016-07-20 13:35:04 -06:00
Todd C. Miller
1349bb760b sudo 1.8.18 2016-07-20 09:51:11 -06:00
Todd C. Miller
6daf3c5ce1 Only set early defaults once, regardless of how many times the 
variable is set in sudoers.  This avoids running an early callback
more than once.  For example, we don't want to call cb_fqdn() if
sudo is compiled with FQDN set but sudoers has "Defaults !fqdn".
 2016-07-19 14:58:06 -06:00
Todd C. Miller
5e9173df7a Make strings const in functions that set defaults as they are 
not modified.
 2016-07-19 14:55:27 -06:00
Todd C. Miller
08e369572e In cb_fqdn() just return if the fqdn flag is set to false. 2016-07-19 14:52:33 -06:00
Todd C. Miller
7218dbe542 Implement callbacks for defaults flags (T_FLAG). 2016-07-18 12:37:45 -06:00
Todd C. Miller
d92a396da5 add debug_decl for cb_runas_default and cb_sudoers_locale 2016-07-18 12:20:46 -06:00
Todd C. Miller
36b18c6e64 Convert fqdn to a callback and add it to the list of early defaults. 2016-07-18 12:19:07 -06:00
Todd C. Miller
9b42640ef5 Change defaults callbacks to take a union sudo_defs_val * instead 
of a char *.
 2016-07-18 12:11:25 -06:00
Todd C. Miller
6ddc95a47c When updating defaults, process certain values fist since they can 
influence how other defaults are parsed.  Currently, runas_default
and sudoers_locale are processed early.
 2016-07-18 11:37:32 -06:00
Todd C. Miller
eae8bc9d56 Fix typo introduced in last commit to fix fill_args() overflow check. 2016-07-16 20:59:59 -06:00
Todd C. Miller
73b0ac4bc1 Fix underflow checl in fill_args(). 2016-07-16 20:54:07 -06:00
Todd C. Miller
88ba54f478 Make sure we account for the trailing NUL when computing arg_size 
in fill_args().  Bug #752
 2016-07-16 20:12:17 -06:00
Todd C. Miller
0f816c4401 Make arg_size and arg_len unsigned since we do bitwise operations 
on them.
 2016-07-16 16:22:40 -06:00
Todd C. Miller
6f5b8cf757 Only remove backup files as part of "make uninstall" when INSTALL_BACKUP 
is set.
 2016-07-08 12:56:47 -06:00