convert to tail queues in the process. This will allow us to
reverse foreach loops more easily and it makes it clearer which
functions expect a list as opposed to a single member.
Add macros for manipulating lists. Some of these should become functions.
When freeing up a list, just pop off the last item in the queue instead
of going from head to tail. This is simpler since we don't have to
stash a pointer to the next member, we always just use the last one
in the queue until the queue is empty.
Rename match functions that take a list to have list in the name.
Break cmnd_matches() into cmnd_matches() and cmndlist_matches.
runas_matches(), host_matches() and cmnd_matches() only really need to pass in
a list of members. user_matches() still needs to pass in a passwd struct
because of "sudo -l"
enum type. Currently there is only a single tuple enum but in the
future we may have one tuple enum per T_TUPLE entry in def_data.in.
Currently listpw, verifypw and lecture are tuples. This avoids the
need to have two entries (one ival, one str) for pwflags and syslog
values.
lecture is now a tuple with the following values: never, once, always
We no longer use both an int and string entry for syslog facilities
and priorities. Instead, there are logfac2str() and logpri2str()
functions that get used when we need to print the string values.
o stay_setuid - sudo will remain setuid if system has saved uids or setreuid(2)
o env_reset - reset the environment to a sane default
o env_keep - preserve environment variables that would otherwise be cleared
No longer use getenv/putenv/setenv functions--do environment munging by hand.
Potentially dangerous environment variables can be cleared only if they
contain '/' pr '%' characters to protect buggy programs.
Moved environment routines into env.c (new file)
if available.
Added stay_setuid option for systems that have libraries that perform
extra paranoia checks in system libraries for setuid programs (ie:
anything with issetugid(2)).
authentication methods (like PAM) may do their own logging via
syslog. Since we don't use syslog much (usually just once per
session) this doesn't really incur a performance penalty.
It also Fixes a SEGV with pam_kafs.
This means that visudo will now parse the sudoers file *before* it is
edited so a bogus sudoers file will cause a warning to go to stderr.
Also, visudo checks the variables once--it does not check them after
each editor run since that could be confusing.
until after the sudoers file has been parsed but since there are now
other options that operate that way this one can too. Based on a patch
from bguillory@email.com.
the union member since that only works with an ANSI compiler. We set
the value of the union by hand in init_defaults() anyway. This allows
sudo to compile on a K&R compiler again.
