isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
9,409 Commits 1 Branch 0 Tags
cdd5bb32eb56b02dfc802a05ebad8051a644c360
Commit Graph

176 Commits

Author SHA1 Message Date
Todd C. Miller
1fe582a0e3 Add support for negated sudoRunAsUser and sudoRunAsGroup entries. 2018-10-28 15:46:27 -06:00
Todd C. Miller
0398996b39 Use a testsudoers group file with known contents instead of the system one. 2018-10-27 10:57:37 -06:00
Todd C. Miller
6c3d20cb41 Convert PVS-Studio comment to ANSI C. 2018-10-26 08:39:09 -06:00
Todd C. Miller
1b035b5426 Add padding option to cvtsudoers. 
Bug #856
 2018-10-25 08:40:25 -06:00
Todd C. Miller
64e5d34c57 Add comments in .c files so PVS-Studio will check them. 2018-10-21 08:46:05 -06:00
Todd C. Miller
60f0d65e22 Fix expected test output now that command_timeout is parsed correctly 
in LDIF.
 2018-10-17 06:57:06 -06:00
Todd C. Miller
cf07dc0757 Add a suspend event type to the I/O log to log suspend/resume of 
the command so we can skip that delay during replay.
 2018-10-05 14:16:08 -06:00
Todd C. Miller
2121693879 Move definition of TIME_T_MAX to sudo_util.h 2018-09-24 14:21:58 -06:00
Todd C. Miller
5f61f2c0f4 Remove special handling of the USERNAME environment variable. It 
used to be set on old versions of Fedora but that hasn't been the
case for some time.  It's worth noting that ssh doesn't set USERNAME
either.
 2018-09-24 05:30:03 -06:00
Todd C. Miller
8bf279b11e Add regress test for bug #853 2018-09-20 15:10:15 -06:00
Todd C. Miller
27e549a3ef Allow for some clock drift due to ntpd, etc. 2018-08-31 09:22:59 -06:00
Todd C. Miller
0715b55474 Quick sort is not a stable sort; use distinct sudoOrder values so 
the output is predictable.
 2018-08-30 14:43:24 -06:00
Todd C. Miller
a924b4610b Fix warnings on OpenIndiana (Illumos) 2018-08-30 14:06:18 -06:00
Todd C. Miller
2221fbe2f1 Add some more ldif -> sudoers tests to verify sudoOrder. 2018-08-30 07:49:59 -06:00
Todd C. Miller
e318f27fba When parsing an I/O log timing line, store the result in a timespec, 
not a double.  The speed factor (for scaling the delay) in sudoreplay
is still a double but we only need to adjust the delay if the factor
is something other than 1.0.
 2018-08-29 09:57:12 -06:00
Todd C. Miller
f1f632665c Fix memory leak in test. 2018-08-29 07:38:27 -06:00
Todd C. Miller
4b3c8a73a0 Handle systems where root's gid is not 0. 2018-08-23 16:21:28 -06:00
Todd C. Miller
aaad554cda Add regress test for I/O log plugin endpoints 2018-08-23 15:35:02 -06:00
Todd C. Miller
3c562facca Fix test output for bug #845 2018-08-20 05:49:57 -06:00
Todd C. Miller
154a5f59a9 Move digest code into libutil 2018-05-24 21:04:07 -06:00
Todd C. Miller
1cd472c051 Check for invalid bas64 attributes. 2018-05-20 08:09:25 -06:00
Todd C. Miller
a04cb53e37 Fix pointer sign warnings. 2018-05-20 07:42:54 -06:00
Todd C. Miller
1bc8e9abfd Add support for base64-encoding non-safe strings in LDIF output. 2018-05-20 07:01:26 -06:00
Todd C. Miller
574c9fcd7a Add base64_encode() by Jon Mayo. 2018-05-19 19:03:47 -06:00
Todd C. Miller
1ab3606019 Add support for parsing base64-encoded attributes 2018-05-18 10:11:51 -06:00
Todd C. Miller
7d42a609d9 rfc2253 says we need to escape " and leading and trailing space. 2018-05-17 11:16:44 -06:00
Todd C. Miller
71e98d9493 Include parse.h in sudoers.h since it will soon be required. 2018-05-14 09:05:02 -06:00
Todd C. Miller
6e290763ca Fix a format-truncation warning in newer gcc by avoiding using %0x 
and %0X in the test.  We are formatting a single byte so just do
it one nybble at a time.
 2018-05-10 21:17:03 -06:00
Todd C. Miller
c64e57dad5 Add tests for round-tripping cvtsudoers, sudoers -> LDIF -> sudoers 
and LDIF -> sudoers -> LDIF.
 2018-04-21 06:23:02 -06:00
Todd C. Miller
48f74db604 Test the -b option when converting from LDIF. 2018-04-19 09:24:08 -06:00
Todd C. Miller
4be8aba9f8 cvtsudoers regress tests 2018-04-15 08:14:46 -06:00
Todd C. Miller
512e0be834 Use btime in /proc/stat to determine system start time instead of 
/proc/uptime.  Fixes the process start time test when run from a
container where /proc/uptime is the uptime of the container but the
process start time is relative to the host system boot time.
Bug #829
 2018-04-04 11:28:53 -06:00
Todd C. Miller
af6e1cd7c6 Silence a false positive from the clang static analyzer. 2018-03-21 15:03:17 -06:00
Todd C. Miller
e6c0d80fa8 Use fmtsudoers functions in testsudoers. 2018-03-06 15:09:21 -07:00
Todd C. Miller
81a373677a Add test for empty runas user list. 2018-03-06 14:39:11 -07:00
Todd C. Miller
4874068070 Add tests for round-tripping sudoers -> ldif -> sudoers 2018-03-02 11:30:19 -07:00
Todd C. Miller
5c36f9dec3 Initial support for adding comments that will be emitted when 
sudoers is formatted.  Currently adds a comment for the source
sudoRole when converting from ldif -> sudoers.
 2018-03-04 07:03:43 -07:00
Todd C. Miller
44fc165e7c Don't emit an empty sudoRole for global defaults if there are none. 2018-03-02 10:59:19 -07:00
Todd C. Miller
8b22ed7837 Fix LDIF conversion of commands with an associated digest. 2018-02-21 21:24:53 -07:00
Todd C. Miller
3f204c5eb8 Fix conversion of "ALL" in the JSON output format, which was being 
printed as an alias.
 2018-02-19 13:39:11 -07:00
Todd C. Miller
f31ba6c22f Remove syslog_goodpri and syslog_badpri without a value that causes 
visudo to report an error.
 2018-02-03 06:45:39 -07:00
Todd C. Miller
b374effcb4 Quote special characters when creating the cn as per RFC2253 2018-01-29 11:00:43 -07:00
Todd C. Miller
6272829dcc Add LDIF conversion to sudoers tests 2018-01-28 10:07:15 -07:00
Todd C. Miller
7dd620981b Add notbefore and notafter support to the backends. 2018-01-28 07:09:22 -07:00
Todd C. Miller
ae8917a070 Verify start time of the current process, allowing for some clock 
drift.  For Linux, process start time is relative to boot time, not
wallclock time.
 2017-12-19 10:10:54 -07:00
Todd C. Miller
6ce85b1746 Trivial test for process start time. We don't try to check the 
resulting timespec as it differs by platform.  On most it is wallclock
time, on others it is relative to boot time (Linux).
 2017-12-18 10:35:37 -07:00
Todd C. Miller
428a487e0b Include sys/types.h for mode_t used in sudoers.h. 2017-12-16 20:55:01 -07:00
Todd C. Miller
48fba3c2cc update my email to Todd.Miller@sudo.ws 2017-12-03 17:53:40 -07:00
Todd C. Miller
dd47a0a416 Add missing initprogname() calls. 2017-11-28 09:06:44 -07:00
Todd C. Miller
47df575f68 Add some patterns that could result in exponential run time for 
poorly written '*' matching.
 2017-05-18 13:10:52 -06:00