isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
9,184 Commits 1 Branch 0 Tags
d052f8a68b0a87d8842d2ad29785b231d2c6259c
Commit Graph

218 Commits

Author SHA1 Message Date
Todd C. Miller
d052f8a68b Add checks for ldap/sss functions failing due to memory allocation 
errors.
 2018-05-14 09:05:05 -06:00
Todd C. Miller
904f37e03f Let the main sudoers lookup code check the host name. We still 
check the user name so it is possible to use a single userspec
but this may change in the future.
 2018-05-14 09:05:04 -06:00
Todd C. Miller
f9be3a48a2 Simplify the nss interface such that each sudoers provider fills 
in a per-nss list of userspecs and defaults instead of using separate
lookup and list functions.  This makes it possible to have a single
implementation of the code for sudoers lookup and listing.
 2018-05-14 09:05:03 -06:00
Todd C. Miller
71e98d9493 Include parse.h in sudoers.h since it will soon be required. 2018-05-14 09:05:02 -06:00
Todd C. Miller
e26ef96a65 Add case_insensitive_group and case_insensitive_user sudoers options, 
which are enabled by default.
 2018-03-05 10:42:02 -07:00
Todd C. Miller
5c36f9dec3 Initial support for adding comments that will be emitted when 
sudoers is formatted.  Currently adds a comment for the source
sudoRole when converting from ldif -> sudoers.
 2018-03-04 07:03:43 -07:00
Todd C. Miller
ceea24b965 Initial support for parsing sudoers LDIF files in cvtsudoers. 
This makes it possible to convert from LDAP sudoers to a traditional
sudoers file.  Semantic differences between file sudoers and LDAP
sudoers mean that LDIF -> sudoers is not completely equivalent.
 2018-02-22 09:53:12 -07:00
Todd C. Miller
43a3a23fed Move LDAP configuration bits into ldap_conf.c 2018-02-11 07:36:08 -07:00
Todd C. Miller
0c08de88cd No longer need to include stddef.h 2018-02-10 13:37:59 -07:00
Todd C. Miller
34820c6b15 simplify iterator 2018-02-10 04:29:43 -07:00
Todd C. Miller
4459ee42ed Use an iterator instead of fragile pointer arithmetic to iterate 
over value arrays in sudo_ldap_role_to_priv().
 2018-02-09 22:06:56 -07:00
Todd C. Miller
64e99328e3 Move sudoers formatting code into fmtsudoers. 2018-02-09 18:22:04 -07:00
Todd C. Miller
2522229e86 Rename sudo_file_append_default() -> sudo_lbuf_append_default() and 
use it for ldap and sssd too.
 2018-02-09 18:22:02 -07:00
Todd C. Miller
3226f7e28b Move common bits of ldap to sudoers conversion into ldap_common.c 
and use it in sssd.c.
 2018-02-09 18:21:40 -07:00
Todd C. Miller
4e2402a8e4 Convert ldap results into a sudoers userspec so we can use the "sudo 
-l" output functions in parse.c.
 2018-02-09 18:21:01 -07:00
Todd C. Miller
57e7b4b49e For "sudo -l", if a word includes spaces, print it in double quotes. 
Also escape spaces in the command path.  This matches the sudoers
quoting rules.
 2018-02-04 12:53:32 -07:00
Todd C. Miller
3189de5bb9 Display sudoNotBefore and sudoNotAfter in "sudo -l" 2018-02-03 14:56:00 -07:00
Todd C. Miller
a885b952fb Remove use of AC_HEADER_TIME, only obsolete platforms actually 
need this.  Also stop removing sys/time.h unless the source file
uses struct timeval.
 2018-01-17 09:52:15 -07:00
Todd C. Miller
6ca8447e00 An empty RunAsUser means run as the invoking user, similar to how 
the sudoers files works.
 2017-12-12 14:20:56 -07:00
Todd C. Miller
48fba3c2cc update my email to Todd.Miller@sudo.ws 2017-12-03 17:53:40 -07:00
Todd C. Miller
250209d7a8 When running a command as the invoking user we cannot use the gid 
list from the front-end since it may not correspond to the user's
aux group vector as defined by the group database.
 2017-11-28 09:48:43 -07:00
Todd C. Miller
ca2e1a455a Plug some memory leaks on error, some found by the clang static analyzer. 2017-11-16 09:43:24 -07:00
Todd C. Miller
88faa58735 In list (-l) or verify (-v) mode, if we have a match but authentication 
is required, clear FLAG_NOPASSWD so that when listpw/verifypw is
set to "all" and there are multiple sudoers sources a password will
be required unless none of the entries in all sources require
authentication.  From Radovan Sroka of RedHat
 2017-11-15 15:06:45 -07:00
Todd C. Miller
2cbdc26540 When checking the results for "sudo -l" and "sudo -v", keep checking 
even after we get a match since the value of doauth may depend on
evaluating all the results.  From Radovan Sroka of RedHat.
 2017-11-15 12:27:39 -07:00
Todd C. Miller
06d52c97c2 The fix for matching when no sudoRunAsUser is present in a sudoRole 
was incomplete.  If no -g option was specified on the command line
but sudoRunAsGroup is present in a sudoRole, we need to treat the
group match as failed instead of missing.
 2017-09-01 11:36:15 -06:00
Todd C. Miller
5cdee2c2c0 Fix the pass2 ldap query string when no search filter is defined. 
Due to the addition of "(sudoUser=*)" to the query we always need
the AND operator, even if no search filter is present.
 2017-08-31 11:05:48 -06:00
Todd C. Miller
98369bf985 Avoid unused variable warning when sasl is not used. 2017-07-28 14:05:54 -06:00
Todd C. Miller
7db97c7835 Avoid a clang analyzer false positive. 2017-05-12 10:02:18 -06:00
Todd C. Miller
b5e7b7bd2c Move the file digest code out of match.c and into filedigest.c. 
Inspired by RedHat changes that used libgcrypt.
Also add digest_type_to_name() to map a sudo digest type (int)
to a name (string) and use it.
 2017-02-20 16:44:12 -07:00
Todd C. Miller
e954facb9d List SELinux role/type for "sudo -l" with LDAP and SSSd backends. 
Also fix printing of the timeout.
 2017-02-14 15:56:34 -07:00
Todd C. Miller
3980f1531b Add support for command timeouts in sudoers. After the timeout, 
the command will be terminated.
 2017-02-14 15:56:34 -07:00
Todd C. Miller
df03020c4c Add support for SASL_MECH in ldap.conf; Bug #764 2017-01-17 11:09:23 -07:00
Todd C. Miller
b4f524fe7d Don't overwrite the return value of ldap_sasl_interactive_bind_s() 
by the subsequent call to sudo_set_krb5_ccache_name().  From Paul
Zirnik of SUSE.
 2017-01-16 11:20:26 -07:00
Todd C. Miller
d6c30ba273 Add sudo_ldap_is_negated() and sudo_ldap_is_negated() functions 
and use them to parse negated entries instead of doing it manually.
 2016-11-16 13:46:38 -07:00
Todd C. Miller
da73733724 Fix printing of sudoedit_follow in "sudo -l" 2016-11-16 11:03:50 -07:00
Todd C. Miller
8820ff3efb Use readline() in sudo_ldap_read_secret() 2016-11-16 09:22:18 -07:00
Todd C. Miller
79ca752802 Go back to parsing Defaults entries in update_defaults instead of 
as sudoers is read.  Otherwise, we cannot properly support early
defaults like sudoers_locale.
 2016-11-09 16:00:12 -07:00
Todd C. Miller
17868f89d7 Fix a bug in host matching where a negated sudoHost entry would 
prevent other sudoHosts following it from matching.
 2016-11-08 14:35:23 -07:00
Todd C. Miller
738c3cbf3e Use "ret", not "rc" for the function return value. 2016-11-07 13:39:42 -07:00
Todd C. Miller
df8404dbd4 Instead of parsing sudoers Defaults twice, parse once while reading 
sudoers and then just set the parsed value in update_defaults().
 2016-11-06 18:59:49 -07:00
Todd C. Miller
75e29f163e Add file:linenumber prefix to all Defaults warnings so we can see 
them when running sudo too.  For LDAP/SSSD we print the sudoRole
instead of the file name and omit the line number.
 2016-11-02 17:07:32 -06:00
Todd C. Miller
a401107564 Check for sudo_ldap_result_last_search() returning NULL. This can't 
happen in practice because we always call sudo_ldap_result_add_search()
first which guarantees there is a result to be found.
Quiets a PVS-Studio warning.
 2016-10-26 13:49:05 -06:00
Todd C. Miller
0a68d6799e Fix matching when no sudoRunAsUser is present in a sudoRole. 
If only a sudoRunAsGroup is present, match on the invoking user
if the -g option was specified and the group matched.
If no sudoRunAsGroup is present and the -g option was specified,
allow it if it matches the passwd gid of the runas user.
This matches the behavior of the sudoers backend.
 2016-09-19 06:19:49 -06:00
Todd C. Miller
9a55c0c25d user_matched and group_matched must be type int, not bool 2016-09-15 15:22:06 -06:00
Todd C. Miller
b165a5ff71 Use RUNAS_USER_SPECIFIED and RUNAS_GROUP_SPECIFIED when deciding 
whether to check runas user/group instead of checking runas_pw or
runas_gr.
 2016-09-15 13:47:38 -06:00
Todd C. Miller
0ff95dfaaa When matching against runas_default use userpw_matches() instead 
of just strcasecmp().
 2016-09-15 13:36:43 -06:00
Todd C. Miller
d64153967e Fix printing of the default runas user when a RunAsGroup is specified 
but no RunAsUser is present.
 2016-09-15 11:29:27 -06:00
Todd C. Miller
fb32867e4c Only match against runas_default if both sudoRunAsUser and 
sudoRunAsGroup are missing.
 2016-09-15 10:46:57 -06:00
Todd C. Miller
ef82f792a1 Update check for whether or not the runas user was set in the ldap 
and sssd backends to match the sudoers file backend.  Introduces
the runas_user_set() macro to improve readability.  Previously,
runas_pw was set late, now it is set before checking sudoers.
 2016-09-15 09:37:53 -06:00
Todd C. Miller
f51fbfa40d Support negated sudoHost entries. 2016-09-14 10:22:52 -06:00