isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
9,409 Commits 1 Branch 0 Tags
cdd5bb32eb56b02dfc802a05ebad8051a644c360
Commit Graph

173 Commits

Author SHA1 Message Date
Todd C. Miller
6c3d20cb41 Convert PVS-Studio comment to ANSI C. 2018-10-26 08:39:09 -06:00
Todd C. Miller
64e5d34c57 Add comments in .c files so PVS-Studio will check them. 2018-10-21 08:46:05 -06:00
Todd C. Miller
cf07dc0757 Add a suspend event type to the I/O log to log suspend/resume of 
the command so we can skip that delay during replay.
 2018-10-05 14:16:08 -06:00
Todd C. Miller
0d36ea9325 We cannot reuse last_time for the I/O log info file now that it is 
a monotonic timer.  Just call time(3) in write_info_log() directly.
 2018-08-23 13:50:00 -06:00
Todd C. Miller
31e065c6ca Remove unused struct script_buf 2018-08-21 10:30:42 -06:00
Todd C. Miller
3f1470ebed Use a monotonic timer that only runs while not suspended for the 
iolog timing values and write nsec-precision entries.
 2018-08-19 09:55:08 -06:00
Todd C. Miller
afad4eb94d Fix I/O log timing file on systems without a C99-compatible snprintf(). 
On those systems we use our own snprintf() that doesn't support
floating point.  We don't actually need floating point in this case
since the we can print seconds and microseconds without using it.
 2018-08-18 20:29:30 -06:00
Todd C. Miller
418bf793f7 Fix the return value of sudoers_io_change_winsize() on success. 
Otherwise, we only log a single window size change.
 2018-08-11 21:29:43 -06:00
Todd C. Miller
e2213dc1e3 Remove dead store, found by cppcheck. 2018-02-10 09:44:34 -07:00
Todd C. Miller
a885b952fb Remove use of AC_HEADER_TIME, only obsolete platforms actually 
need this.  Also stop removing sys/time.h unless the source file
uses struct timeval.
 2018-01-17 09:52:15 -07:00
Todd C. Miller
48fba3c2cc update my email to Todd.Miller@sudo.ws 2017-12-03 17:53:40 -07:00
Todd C. Miller
f79a236533 Log window size change events in the sudoers I/O plugin. 
Let sudoreplay parse a timing file with window change events
(currently ignored).
 2017-07-12 05:47:28 -06:00
Todd C. Miller
a842913aa7 Use debug logging instead of ignore_result() where possible. 2017-05-12 10:02:18 -06:00
Todd C. Miller
1d1ebb6111 Add io_open() wrapper for open(2) that retries with PERM_IOLOG if 
open(2) fails with EACCES.  Use io_open() instead of duplicate
copies of the same fallback code.
 2017-05-04 11:00:22 -06:00
Todd C. Miller
8757691fc7 Don't retry the open() if set_perms() fails. 2017-05-04 10:45:05 -06:00
Todd C. Miller
237eddd95e Fix typo (fd2 vs. fd) caught by coverity, CID 168359. 2017-05-04 10:30:59 -06:00
Todd C. Miller
4df6b62b56 Only retry mkdir or create with PERM_IOLOG if errno is EACCES. 
Also always use PERM_IOLOG for mkdtemp() since we cannot retry
if it fails.  Since we are guaranteed to create a new directory
there's no real need to try w/o PERM_IOLOG in this case.
 2017-03-23 17:00:27 -06:00
Todd C. Miller
31b16fd3e9 Add fallback to PERM_IOLOG when making the final componenet of iolog_dir. 2017-03-22 15:55:16 -06:00
Todd C. Miller
4621e43676 quiet a warning on older zlib 2017-03-22 08:47:10 -06:00
Todd C. Miller
8d1e994d84 cast mode_t to unsigned int when printing with %o 2017-03-22 08:37:12 -06:00
Todd C. Miller
7668b4b42b Set umask temporarily when creating files instead of changing the 
mode after the fact.  This is slightly less error prone.
 2017-03-21 16:21:17 -06:00
Todd C. Miller
2a37590b7d remove now-useless variable 2017-03-21 15:04:47 -06:00
Todd C. Miller
1bd90d8fff Explicitly set the file mode of I/O log files so the mode is not 
affected by the invoking user's umask.
 2017-03-21 13:54:27 -06:00
Todd C. Miller
8d57491dc1 Add PERM_IOLOG so we can create I/O log files on an NFS-mounted 
filesystem where root is remapped to an unprivileged user.
 2017-03-21 13:41:14 -06:00
Todd C. Miller
c4e703696a Add iolog_flush option. 2017-03-20 10:25:58 -06:00
Todd C. Miller
8c8d078f66 Don't allow the user to specify an I/O log file mode that sudo can't 
read or write to.  I/O logs must always be readable and writable
by the owner.
 2017-03-17 10:56:17 -06:00
Todd C. Miller
6c5936296f Add SUDO_DEBUG_INSTANCE_ERROR return value for sudo_debug_register() 
and check for it in places where we check the return value of
sudo_debug_register().
 2016-11-21 06:37:23 -10:00
Todd C. Miller
cefcb6f501 add missing sudo_pw_delref/sudo_gr_delref to plug memory leak 2016-11-09 16:07:12 -07:00
Todd C. Miller
2b020c9f17 Pass iolog mode, group and user from policy plugin to I/O log plugin. 2016-11-07 10:19:04 -07:00
Todd C. Miller
1fdcce7faf use cp instead of *cur when comparing against plugin_path 2016-10-31 12:54:53 -06:00
Todd C. Miller
cf707cf5f0 We want to inherit the gid from the parent directory when not setting 
permissions on intermerdiate directories.
 2016-10-30 06:36:55 -06:00
Todd C. Miller
bf62530acf Move io_mkdir_parents() to its own file and use it in ts_mkdirs(). 2016-10-29 12:45:57 -06:00
Todd C. Miller
271a07ff00 Make the I/O log file/dir permissions and owner configurable. 2016-10-29 12:45:55 -06:00
Todd C. Miller
7122a733ac Create I/O log files with the same gid as the parent directory. 2016-10-26 14:18:58 -06:00
Todd C. Miller
3f022419ae Be consistent with the naming of the variable used to store the 
function return value.  Previously, some code used "rval", some
used "ret".  This standardizes on "ret" and uses "rc" for temporary
return codes.
 2016-09-08 16:38:08 -06:00
Todd C. Miller
3e4c7eed31 Move the ignoring of I/O log plugin errors into the I/O log plugin 
itself.
 2016-08-17 14:38:00 -06:00
Todd C. Miller
ed18d0d5f8 Make the behavior when we cannot write to a log or audit file 
configurable.  File log failures are ignored by default for consistency
with syslog.  Audit errors are ignored by default to allow the admin
to fix the issue.  I/O log file errors are still fatal by default
since if I/O logging is activated it is usually to have an audit trail.
Bug #751
 2016-08-17 07:22:51 -06:00
Todd C. Miller
9b42640ef5 Change defaults callbacks to take a union sudo_defs_val * instead 
of a char *.
 2016-07-18 12:11:25 -06:00
Todd C. Miller
578af5af4d Use ferror() after fflush() to check the error status of the stdio 
stream we wrote to.
 2016-05-14 18:48:20 -06:00
Todd C. Miller
05db5aa3b8 Remove sudo_mkpwcache() and sudo_mkgrcache(). We now create the 
caches as needed on demand.  Also remove calls to sudo_freepwcache()
and sudo_freegrcache() that are immediately followed by execve(),
they are not needed.
 2016-05-11 09:40:31 -06:00
Todd C. Miller
23d288563e Eliminate use of setpwent()/endpwent() and setgrent()/endgrent(). 
Sudo never iterates over the passwd or group file.
Rename sudo_set{pw,gr}ent() -> sudo_mk{pw,gr}cache() and
use sudo_free{pw,gr}cache() instead of sudo_end{pw,gr}ent().
 2016-05-11 07:06:45 -06:00
Todd C. Miller
c56a812ea2 In io_mkdirs(), change the order from stat then mkdir, to mkdir then stat. 
This more closely matches what "mkdir -p" does.
Coverity CID 104120.
 2016-05-06 16:42:42 -06:00
Todd C. Miller
4bfdf0c2b4 Fix fd leak in open_io_fd() if gzdopen/fdopen fails. 
Coverity CID 104105
 2016-05-06 08:11:34 -06:00
Todd C. Miller
444d2a5c3e Fix fd leak in io_nextid() in error path. 
Coverity CID 104104
 2016-05-06 08:07:40 -06:00
Todd C. Miller
6473d55aa7 Cast the return value of fcntl() to void when setting FD_CLOEXEC. 
Coverity CID 104063, 104064, 104069, 104070, 104071, 104072, 104073, 104074
 2016-05-05 16:16:24 -06:00
Todd C. Miller
5cbe1edcfe iolog_compress should be bool, not int 2016-01-28 15:36:15 -07:00
Todd C. Miller
a6886d2345 Add check for I/O log file handle being NULL. This could only 
happen if the front-end calls iolog_open with argc == 0 but actually
runs a command.
 2016-01-25 16:18:22 -07:00
Todd C. Miller
7d0a623fdd Use pread(2) and pwrite(2) where possible. 2015-09-07 06:06:08 -06:00
Todd C. Miller
0b241088b3 There's no need to conditionalize the #include <unistd.h>, we require 
a POSIX system.
 2015-07-02 09:08:28 -06:00
Todd C. Miller
4a07b472f0 Only include stddef.h where it is needed. 2015-06-20 05:34:35 -06:00