isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5,575 Commits 1 Branch 0 Tags
cf7ec7a3ccf873067c29f265e39c5756d150de1f
Commit Graph

435 Commits

Author SHA1 Message Date
Todd C. Miller
cf7ec7a3cc Fix typo; tupple vs. tuple 2011-03-15 15:52:18 -04:00
Todd C. Miller
bf5f17bd63 Adapt check_iolog_path to sessid changes 2011-03-14 11:30:32 -04:00
Todd C. Miller
53da5e8cdf Update copyright years. 2011-03-11 15:34:35 -05:00
Todd C. Miller
cde2cb00f0 Add "user_shell" boolean as a way to indicate to the plugin that 
the -s flag was given.
 2011-03-11 15:02:13 -05:00
Todd C. Miller
6e2778eb22 Move sessid out of sudo_user. 2011-03-11 14:07:26 -05:00
Todd C. Miller
383aef00b1 Log the TSID even if it is not a simple session ID. 2011-03-11 12:11:05 -05:00
Todd C. Miller
6bea3f524e Fix running commands as non-root on systems where setreuid() changes 
the saved uid based on the effective uid we are changing to.
 2011-03-11 10:48:12 -05:00
Todd C. Miller
7debf44742 Move noexec path into sudo.conf now that sudo itself handles noexec. 
Currently can be configured in sudoers too but is now undocumented
and will be removed in a future release.
 2011-03-10 16:12:33 -05:00
Todd C. Miller
a092d2fdcf Move noexec handling to sudo front-end where it is documented as being. 2011-03-10 15:11:49 -05:00
Todd C. Miller
c7a7d31905 Add support for disabling exec via solaris privileges. 
Includes preparation for moving noexec support out of sudoers
and into front end as documented.
 2011-03-10 14:24:10 -05:00
Todd C. Miller
7599034e69 Only export the symbols corresponding to the plugin structs. 2011-03-10 12:12:14 -05:00
Todd C. Miller
498248d1f0 Install plugins manually instead of using libtool. This works 
around a problem on AIX where libtool will install a .a file
containing the .so file instead of the .so file itself.
 2011-03-10 10:57:56 -05:00
Todd C. Miller
9c9c0223e6 Avoid pulling in headers we don't need on Linux 
For getutx?id(), call setutx?ent() first and always call endutx?ent().
 2011-03-08 15:34:34 -05:00
Todd C. Miller
d6252de205 Fix return value of "sudo -l command" when command is not allowed, broken 
in [c7097ea22111].  The default return value is now TRUE and a bad:
label is used when permission is denied.  Also fixed missing permissions
restoration on certain errors.  On error()/errorx(), the password and
group files are now closed before returning.
 2011-03-08 09:38:21 -05:00
Todd C. Miller
47968912a2 Fix passing of login class back to sudo front end. 2011-03-07 16:55:08 -05:00
Todd C. Miller
e65bc35c6d Fix exit value for validate and list mode. 2011-03-06 15:52:40 -05:00
Todd C. Miller
a0ba308694 Fix non-interactive mode with sudoers plugin. 2011-03-06 15:38:02 -05:00
Todd C. Miller
85e8e584ae Add support for replaying sessions when iolog_file is set to something 
other than %{seq}.
 2011-03-04 20:10:44 -05:00
Todd C. Miller
f5e356ed40 If we are killed by a signal, display the name of the signal that got us. 2011-03-04 16:12:40 -05:00
Todd C. Miller
95512ae05e No longer need sudo_getepw() stubs. 2011-03-04 08:08:22 -05:00
Todd C. Miller
8ee8a0d87a Fix exit value of "sudo -l command" in sudoers module. 2011-03-03 09:38:15 -05:00
Todd C. Miller
4688f1ce60 fix test description 2011-02-23 15:39:24 -05:00
Todd C. Miller
a64bd36b33 convert test2 to use testsudoers 2011-02-23 15:26:13 -05:00
Todd C. Miller
3c0672e2e3 Allow sudoers file name, mode, uid and gid to be specified in the 
settings list.  The sudo front end does not currently set these
but may in the future.
 2011-02-23 13:38:52 -05:00
Todd C. Miller
59515a4a6d add help text to sudo, visudo and sudoreplay for the -h option 2011-02-21 11:33:36 -05:00
Todd C. Miller
435e44808d add localstatedir; closes bug 471 2011-02-19 08:29:21 -05:00
Todd C. Miller
39d9feb438 The howmany macro lives in sys/sysmacros.h on SVR5 systems 
Closes Bug 470
 2011-02-19 08:23:46 -05:00
Todd C. Miller
c3d795ff95 Avoid printing empty "Runas and Command-specific defaults for user" 
line.
 2011-02-14 11:29:20 -05:00
Todd C. Miller
289afc301e Remove unneeded variable. 2011-02-11 09:47:23 -05:00
Todd C. Miller
63449de859 Include utmp.h / utmpx.h before missing.h as apparently including it 
afterwards causes a compilation problem on GNU Hurd.
 2011-02-09 15:09:57 -05:00
Todd C. Miller
4294650039 #include "foo.h", not <foo.h> for local includes. 2011-02-07 10:51:43 -05:00
Todd C. Miller
21d8f01fac return foo not return(foo) 2011-02-07 06:47:29 -05:00
Todd C. Miller
310867e4ed Add test for quoted group that contains escaped double quotes 2011-02-03 13:07:01 -05:00
Todd C. Miller
af2ac7ccc6 Use a char array to map a number to a base36 digit. 2011-02-01 14:54:08 -05:00
Todd C. Miller
342e351d58 match quoted strings the same way whether in a Defaults line or as 
a user/group/netgroup name.  Fixes escaped double quotes in quoted
user/group/netgroup names.
 2011-01-31 15:13:51 -05:00
Todd C. Miller
4ce8e4b3f3 'make check' depends on visudo and testsudoers 2011-01-31 14:38:59 -05:00
Todd C. Miller
68e4921791 Add sudoOrder attribute to each entry 
Parse LOG_{INPUT,OUTPUT} tags
 2011-01-31 09:47:32 -05:00
Todd C. Miller
ed8e30cf6e Add --disable-env-reset configure option. 2011-01-28 16:52:25 -05:00
Todd C. Miller
807a9ca94b Do logging and email sending in the locale specified by the 
"sudoers_locale" setting ("C" by default).  Email send by sudo
includes MIME headers when the sudoers locale is not "C".
 2011-01-28 16:11:47 -05:00
Todd C. Miller
39b9b97dbc Fix indentation 2011-01-27 10:03:59 -05:00
Todd C. Miller
51515c6c01 Prepend "list " to the command logged when "sudo -l command" is 
used to make it clear that the command was listed, not run.
 2011-01-24 15:39:09 -05:00
Todd C. Miller
1f5c1dda14 cosmetic change 2011-01-24 15:35:44 -05:00
Todd C. Miller
ae2f7638f5 standardize on "return foo;" rather than "return(foo);" or "return (foo);" 2011-01-24 15:15:18 -05:00
Todd C. Miller
3316ac8ebc Do not reject sudoers file just because it is root-writable. 2011-01-24 14:25:51 -05:00
Todd C. Miller
fbbd0603da For "sudo -U user -l" if user is not authorized on the host, say so. 2011-01-21 10:10:26 -05:00
Todd C. Miller
be034d5e7e In sudo_ldap_lookup(), always do the initial sudoers check as the 
invoking user.  If we are listing another user's privs we will
do a separate lookup using list_pw later.
 2011-01-21 08:10:26 -05:00
Todd C. Miller
f7f8b6867e Update copyright year to 2011 2011-01-20 16:46:56 -05:00
Todd C. Miller
96767abfe4 When listing, use separate lbufs for the defaults and the privileges and 
only print something if the number of privileges is non-zero.  Fixes
extraneous Defaults output for "sudo -U unauthorized_user -l".
 2011-01-20 16:19:42 -05:00
Todd C. Miller
215500bb55 Stash pointer to user group vector in LDAP handle and only reuse 
the query if it has not changed.  We always allocate a new buffer
when we reset the group vector so a simple pointer check is sufficient.
 2011-01-20 16:16:08 -05:00
Todd C. Miller
165dcfa37f Check initgroups() return value. 2011-01-20 16:15:34 -05:00