isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
9,049 Commits 1 Branch 0 Tags
ceea24b96554951c21b1241c6ec74eb61d5cc28d
Commit Graph

2163 Commits

Author SHA1 Message Date
Todd C. Miller
ceea24b965 Initial support for parsing sudoers LDIF files in cvtsudoers. 
This makes it possible to convert from LDAP sudoers to a traditional
sudoers file.  Semantic differences between file sudoers and LDAP
sudoers mean that LDIF -> sudoers is not completely equivalent.
 2018-02-22 09:53:12 -07:00
Todd C. Miller
8b22ed7837 Fix LDIF conversion of commands with an associated digest. 2018-02-21 21:24:53 -07:00
Todd C. Miller
91f97d2f23 In array_to_member_list() use the correct type for netgroups and 
user groups.
 2018-02-21 21:09:57 -07:00
Todd C. Miller
337ace6441 Prepend digest to command if present. 
Fix printing of group IDs and non-unix groups.
 2018-02-21 21:08:37 -07:00
Todd C. Miller
c13557b6cb Fix gcc false positive for uninitialized variable 2018-02-21 21:02:36 -07:00
Todd C. Miller
4f9296928c Add option to cvtsudoers to expand aliases in the output. 2018-02-19 15:32:56 -07:00
Todd C. Miller
3f204c5eb8 Fix conversion of "ALL" in the JSON output format, which was being 
printed as an alias.
 2018-02-19 13:39:11 -07:00
Todd C. Miller
42fe0409f6 Add sudo_ev_dispatch(), a wrapper for ev_loop() with no flags. 
Similar the dispatch function in libevent.
 2018-02-19 11:00:10 -07:00
Todd C. Miller
43a3a23fed Move LDAP configuration bits into ldap_conf.c 2018-02-11 07:36:08 -07:00
Todd C. Miller
0c08de88cd No longer need to include stddef.h 2018-02-10 13:37:59 -07:00
Todd C. Miller
e2213dc1e3 Remove dead store, found by cppcheck. 2018-02-10 09:44:34 -07:00
Todd C. Miller
34820c6b15 simplify iterator 2018-02-10 04:29:43 -07:00
Todd C. Miller
6e2a267060 Silence a false positive from cppcheck. 2018-02-10 04:08:42 -07:00
Todd C. Miller
d0d413d077 Cast version to int when printing. Avoids a cppcheck warning. 2018-02-10 04:00:17 -07:00
Todd C. Miller
4459ee42ed Use an iterator instead of fragile pointer arithmetic to iterate 
over value arrays in sudo_ldap_role_to_priv().
 2018-02-09 22:06:56 -07:00
Todd C. Miller
64e99328e3 Move sudoers formatting code into fmtsudoers. 2018-02-09 18:22:04 -07:00
Todd C. Miller
dda1d6cef7 Clean up some XXX in parse.c 2018-02-09 18:22:03 -07:00
Todd C. Miller
2522229e86 Rename sudo_file_append_default() -> sudo_lbuf_append_default() and 
use it for ldap and sssd too.
 2018-02-09 18:22:02 -07:00
Todd C. Miller
3226f7e28b Move common bits of ldap to sudoers conversion into ldap_common.c 
and use it in sssd.c.
 2018-02-09 18:21:40 -07:00
Todd C. Miller
4e2402a8e4 Convert ldap results into a sudoers userspec so we can use the "sudo 
-l" output functions in parse.c.
 2018-02-09 18:21:01 -07:00
Todd C. Miller
5cca4b6906 Refactor member freeing code into free_member(). 
Refactor userspec freeing code into free_userspec().
 2018-02-05 13:33:29 -07:00
Todd C. Miller
9d49592f14 Fix compilation with glibc where stdout is not constant. 2018-02-05 06:23:33 -07:00
Todd C. Miller
57e7b4b49e For "sudo -l", if a word includes spaces, print it in double quotes. 
Also escape spaces in the command path.  This matches the sudoers
quoting rules.
 2018-02-04 12:53:32 -07:00
Todd C. Miller
3189de5bb9 Display sudoNotBefore and sudoNotAfter in "sudo -l" 2018-02-03 14:56:00 -07:00
Todd C. Miller
105ced47b8 For "sudo -l", if a word includes spaces, print it in double quotes. 
Also escape spaces in the command path.  This matches the sudoers
quoting rules.
 2018-02-03 06:59:37 -07:00
Todd C. Miller
40c200af18 Add back printing of negation operator ('!') when printing a word 
with spaces in it.
 2018-02-03 06:57:12 -07:00
Todd C. Miller
1aca11c788 Use visudo to validate "cvtsudoers -f sudoers" output. 2018-02-03 06:46:56 -07:00
Todd C. Miller
f31ba6c22f Remove syslog_goodpri and syslog_badpri without a value that causes 
visudo to report an error.
 2018-02-03 06:45:39 -07:00
Todd C. Miller
61b6ae64de When outputting sudoers, if a word includes spaces, print it in 
double quotes.  Also escape spaces in the command path.
 2018-02-03 06:18:47 -07:00
Todd C. Miller
3354cbd021 Add sudoers output format to cvtsudoers. In the future this may 
be used with filters to emit a partial sudoers file instead of a
full one.
 2018-02-02 14:29:19 -07:00
Todd C. Miller
df08d0d8f4 When printing a member name, quote sudoers special characters unless 
it is a UID/GID, in which case we print the '#' unquoted.
 2018-02-02 14:29:17 -07:00
Todd C. Miller
f4ce2b25fc Move SUDOERS_QUOTED define to parse.h 2018-02-02 06:28:04 -07:00
Todd C. Miller
07d9cec271 Remove extraneous break statement and fix some whitespace. 2018-01-30 11:12:38 -07:00
Todd C. Miller
5e9e641b3d Check the return value of sudoers_debug_register(). 
Coverity CID 182574
 2018-01-29 14:02:21 -07:00
Todd C. Miller
f3ef0f5091 Fix memory leak, su->count is now 0 when it is unused, not 1. 
Covertity CID 182573
 2018-01-29 13:58:25 -07:00
Todd C. Miller
7766278031 Quiet a clang analyzer false positive. 2018-01-29 11:50:56 -07:00
Todd C. Miller
b374effcb4 Quote special characters when creating the cn as per RFC2253 2018-01-29 11:00:43 -07:00
Todd C. Miller
7f310d7386 Remove sudoers2ldif, it has been replaced by cvtsudoers. 2018-01-29 09:18:48 -07:00
Todd C. Miller
831de0fc8b Add -b option to specify the base dn. 2018-01-28 19:58:10 -07:00
Todd C. Miller
4acaa9c74a Switch the default output format to LDIF 2018-01-28 19:36:16 -07:00
Todd C. Miller
7e5e1f6a6d Execute cvtsudoers if the user runs "visudo -x" but also emit a 
warning.
 2018-01-28 16:34:16 -07:00
Todd C. Miller
63321f19a9 Revert 04ec05108b2b, change the default input source back to stdin. 2018-01-28 16:11:02 -07:00
Todd C. Miller
6272829dcc Add LDIF conversion to sudoers tests 2018-01-28 10:07:15 -07:00
Todd C. Miller
7dd620981b Add notbefore and notafter support to the backends. 2018-01-28 07:09:22 -07:00
Todd C. Miller
681fb2e76e Add ldif backend to cvtsudoers, to replace sudoers2ldif 2018-01-27 20:08:02 -07:00
Todd C. Miller
7638e71730 fix make check 2018-01-27 19:52:20 -07:00
Todd C. Miller
cc31b3fd40 Parse sudoers in the front end, not the back end. 2018-01-26 17:29:56 -07:00
Todd C. Miller
98c19a68c9 Use the built-in sudoers file location as the default sudoers file 
for cvtsudoers and move parse_sudoers_options() to stubs.c since
it is shared between visudo.c and cvtsudoers.c.
 2018-01-26 13:15:10 -07:00
Todd C. Miller
0f3030d502 Move common stub functions required by the parser out of visudo.c 
and cvtsudoers.c and into stubs.c.
 2018-01-26 12:51:24 -07:00
Todd C. Miller
02d917e602 Rename export_sudoers() to convert_sudoers_json() and move the 
check for the same input and output file to the front-end.
 2018-01-26 12:28:49 -07:00