isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
9,409 Commits 1 Branch 0 Tags
cdd5bb32eb56b02dfc802a05ebad8051a644c360
Commit Graph

2385 Commits

Author SHA1 Message Date
Todd C. Miller
0aa216ed55 Refactor freeing of a member_list into free_members(). 2016-11-01 14:15:07 -06:00
Todd C. Miller
9de491dc27 add_defaults() now calls sudoerserror() itself instead of the caller 
assuming any error means out of member.
 2016-11-01 14:13:47 -06:00
Todd C. Miller
484b5718d8 s/rval/ret/g -- old habits die hard 2016-11-01 12:34:24 -06:00
Todd C. Miller
2dbe50d1e1 Remove inaccurate XXX comment, sudo_file_parse() sends mail on parse error. 2016-10-31 16:21:50 -06:00
Todd C. Miller
b5f444111e The fix for Bug #408 broke editing of files in an include dir that 
have a syntax error.  Normally, visudo does not edit those files,
but if a syntax error is detected in one, the user gets a chance
to fix it.
 2016-10-31 15:57:05 -06:00
Todd C. Miller
5a8b60e4b4 Make a copy of the current sudoers path when assigning errorfile. 
Fixes a potential use after free in visudo when there is an error
in one of the include files.
 2016-10-31 15:21:18 -06:00
Todd C. Miller
a3a545e416 sudoers_debug_register() was not setting the active debug instance 
to sudoers_debug_instance when called from the I/O log plugin.  This
is because it relied on sudo_debug_register to do that but
sudoers_debug_parse_flags() doesn't set debug_files[]
sudoers_debug_instance is already set (we can only init sudoers
debug once).

To work around this, just make sudoers_debug_instance the active
debug instance in sudoers_debug_register() when it is already set.
 2016-10-31 13:36:35 -06:00
Todd C. Miller
1fdcce7faf use cp instead of *cur when comparing against plugin_path 2016-10-31 12:54:53 -06:00
Todd C. Miller
9f903d3bdd In sudo_mkdir_parents() inherit the gid of / instead of using gid 
0 for the first component.
 2016-10-30 09:09:12 -06:00
Todd C. Miller
cf707cf5f0 We want to inherit the gid from the parent directory when not setting 
permissions on intermerdiate directories.
 2016-10-30 06:36:55 -06:00
Todd C. Miller
bf62530acf Move io_mkdir_parents() to its own file and use it in ts_mkdirs(). 2016-10-29 12:45:57 -06:00
Todd C. Miller
271a07ff00 Make the I/O log file/dir permissions and owner configurable. 2016-10-29 12:45:55 -06:00
Todd C. Miller
3423d0af7c Don't try to syntax check an unrecognized Defaults value in visudo. 2016-10-28 08:24:51 -06:00
Todd C. Miller
7122a733ac Create I/O log files with the same gid as the parent directory. 2016-10-26 14:18:58 -06:00
Todd C. Miller
a401107564 Check for sudo_ldap_result_last_search() returning NULL. This can't 
happen in practice because we always call sudo_ldap_result_add_search()
first which guarantees there is a result to be found.
Quiets a PVS-Studio warning.
 2016-10-26 13:49:05 -06:00
Todd C. Miller
dbd5252798 Fix incorrect strncmp() lengths. The check for USERNAME was only 
looking at the first 5 characters (copy and paste error).  The check
for SUDO_PS1 was not checking the trailing '=' character (off by
one error).  Found by PVS-Studio.
 2016-10-26 11:25:59 -06:00
Todd C. Miller
4c8988d483 When checking for old-style bash functions in the environment, check 
for values starting with "() " (note the trailing space) rather
than "()".  Bash will only treat the value as a function if the
space after "()" is present.  The trailing space was already present
in the compare string but when it was added, the length passed to
strncmp() was not updated from 3 to 4.
Found by PVS-Studio.  No security impact.
 2016-10-26 11:22:30 -06:00
Todd C. Miller
63adb21cea Add some missing casts from uid_t/gid_t to int when printing uid/gid 
values.  We print these as signed so a value of -1 (no change) is
obvious.  Quiets PVS-Studio warnings.
 2016-10-26 11:08:33 -06:00
Todd C. Miller
cf5a12c09a def_timestamp_timeout is a double so compare against 0.0 not 0 to 
avoid making it appear to be an integer type.
 2016-10-26 10:56:32 -06:00
Todd C. Miller
e3825cbedd When checking syslog facility or priority, move the string 
compare into the body of the loop and return if it matches.
If we finish the loop it means we didn't find a match.
This makes the code a little bit more readable.
 2016-10-26 10:46:03 -06:00
Todd C. Miller
fc1b4155d7 Replace bare ";" in the body of for() loops with "continue;" for 
improved readability.
 2016-10-26 10:42:28 -06:00
Todd C. Miller
19c96da44d add vsyslog() for systems without it. 2016-10-19 11:32:36 -06:00
Todd C. Miller
c18ff022e0 Use vsyslog() if available. 2016-10-18 17:00:53 -06:00
Todd C. Miller
44c2679f83 Add syslog_maxlen to control the max size of syslog messages. 2016-10-18 15:51:47 -06:00
Todd C. Miller
9b886f6b2c The flush parameter of sudo_term_restore() is bool, not int. 2016-10-17 08:57:17 -06:00
Todd C. Miller
b5f1d4e254 regen 2016-10-08 10:36:02 -06:00
Todd C. Miller
96580de20c Clean .json files created by "make check" 2016-09-26 13:38:51 -06:00
Todd C. Miller
0a68d6799e Fix matching when no sudoRunAsUser is present in a sudoRole. 
If only a sudoRunAsGroup is present, match on the invoking user
if the -g option was specified and the group matched.
If no sudoRunAsGroup is present and the -g option was specified,
allow it if it matches the passwd gid of the runas user.
This matches the behavior of the sudoers backend.
 2016-09-19 06:19:49 -06:00
Todd C. Miller
1bccd14180 runas_pw can no longer be NULL 2016-09-19 06:08:00 -06:00
Todd C. Miller
9a55c0c25d user_matched and group_matched must be type int, not bool 2016-09-15 15:22:06 -06:00
Todd C. Miller
b165a5ff71 Use RUNAS_USER_SPECIFIED and RUNAS_GROUP_SPECIFIED when deciding 
whether to check runas user/group instead of checking runas_pw or
runas_gr.
 2016-09-15 13:47:38 -06:00
Todd C. Miller
0ff95dfaaa When matching against runas_default use userpw_matches() instead 
of just strcasecmp().
 2016-09-15 13:36:43 -06:00
Todd C. Miller
a750bebf10 Set RUNAS_USER_SPECIFIED when -u is specified and/or RUNAS_GROUP_SPECIFIED 
when -g is specified.
 2016-09-15 13:16:38 -06:00
Todd C. Miller
d64153967e Fix printing of the default runas user when a RunAsGroup is specified 
but no RunAsUser is present.
 2016-09-15 11:29:27 -06:00
Todd C. Miller
fb32867e4c Only match against runas_default if both sudoRunAsUser and 
sudoRunAsGroup are missing.
 2016-09-15 10:46:57 -06:00
Todd C. Miller
d2af18c1fa runas_pw can no longer be NULL here 2016-09-15 09:40:41 -06:00
Todd C. Miller
ef82f792a1 Update check for whether or not the runas user was set in the ldap 
and sssd backends to match the sudoers file backend.  Introduces
the runas_user_set() macro to improve readability.  Previously,
runas_pw was set late, now it is set before checking sudoers.
 2016-09-15 09:37:53 -06:00
Todd C. Miller
50d0191de3 Disable Address Sanitizer leak detection for tests which generate 
parse errors.  The parser leaks a bit on error.
 2016-09-15 08:33:01 -06:00
Todd C. Miller
37099a6e7d Fix underflow in get_ipa_hostname() when trimming trailing 
whitespace.
 2016-09-15 05:54:53 -06:00
Todd C. Miller
ff753d1e16 Support negated sudoHost entries. 2016-09-14 10:33:27 -06:00
Todd C. Miller
f51fbfa40d Support negated sudoHost entries. 2016-09-14 10:22:52 -06:00
Todd C. Miller
ca2a1f3109 Don't check the username when matching a host netgroup unless 
def_netgroup_tuple is enabled.
 2016-09-13 09:12:42 -06:00
Todd C. Miller
c73dec723c Move valid domain name check into a new valid_domain() function. 
Fix memory leak if getdomainname(2) fails and avoid using heap
garbage for the domain name matching in this case.
 2016-09-13 09:06:25 -06:00
Todd C. Miller
7687dd6527 sync with translationproject.org 2016-09-12 14:59:22 -06:00
Todd C. Miller
86ce2f89fd sync with translationproject.org 2016-09-11 07:50:12 -06:00
Todd C. Miller
ead485b96b Fix typo that broke short host name matching when the fqdn 
flag is enabled.  Bug #757
 2016-09-09 16:26:22 -06:00
Todd C. Miller
3f022419ae Be consistent with the naming of the variable used to store the 
function return value.  Previously, some code used "rval", some
used "ret".  This standardizes on "ret" and uses "rc" for temporary
return codes.
 2016-09-08 16:38:08 -06:00
Todd C. Miller
33fb814e85 sync with translationproject.org 2016-09-07 11:08:12 -06:00
Todd C. Miller
b80309e6d8 In sudoers_main() avoid setting rval prematurely. Prevents a crash 
when auditing fails after successfully authenticating.  Bug #756
 2016-09-05 19:44:46 -06:00
Todd C. Miller
43084d8f91 Apply match_group_by_gid early. 2016-09-05 06:21:23 -06:00