isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,706 Commits 1 Branch 0 Tags
d26c0d87f67df84a1824a25dfba0cf6b02c33b95
Commit Graph

982 Commits

Author SHA1 Message Date
Todd C. Miller
9722784e1c Always install plugins with a .so extension regardless of what 
extension the system uses for shared libraries.  That way the
group_plugin sudoers setting can be shared between heterogenous
systems.
 2013-03-06 17:08:10 -05:00
Todd C. Miller
e051df6577 Mac OS X has netgroup functions in netdb.h. 2013-03-06 17:05:23 -05:00
Todd C. Miller
8f76579431 Tags in struct cmndtag can be set to IMPLIED as well. 2013-03-06 17:02:35 -05:00
Todd C. Miller
b0595e6e26 Quiet a compiler warning. 2013-03-06 16:50:35 -05:00
Todd C. Miller
4bfeed2210 Quiet an llvm checker warning. 2013-03-06 16:48:43 -05:00
Todd C. Miller
56d45003e5 Quiet gcc -Wuninitialized false positive 2013-03-06 15:56:26 -05:00
Todd C. Miller
593832152f Make sure groupname_len is at least 32 just to be on the safe side. 
It is better to allocate a little extra and not need it than to
have to reallocate and start over.
 2013-03-05 14:06:51 -05:00
Todd C. Miller
c47f5f7abd Fix potential double free in an error path. 2013-03-05 10:16:50 -05:00
Todd C. Miller
3e68433839 Clean up generated test files and other minor housekeeping. 2013-02-28 09:49:09 -05:00
Todd C. Miller
fa93dede39 Add back gettimeofday() call inadvertantly removed in e1abb9810a83 2013-02-28 09:25:10 -05:00
Todd C. Miller
9a4bd3cce4 Fix PAM compilation: def_pam_session, not just pam_session. 2013-02-28 08:38:06 -05:00
Todd C. Miller
0eef336edf Fix debug_decl for sudo_auth_begin_session and sudo_auth_end_session. 2013-02-24 13:04:58 -05:00
Todd C. Miller
59692ad282 Add pam_session sudoers option. 2013-02-24 06:15:37 -05:00
Todd C. Miller
d3ff0f31ee Dummy out close function if there is no end_session for the auth 
method and the front-end can handle a NULL close function.  Avoids
the extra sudo process when we don't actually need it.
 2013-02-24 05:54:57 -05:00
Todd C. Miller
2228763ff2 Fix typos in selinux/solaris privs specific code. 2013-02-21 15:59:21 -05:00
Todd C. Miller
04b25a8bcd Completely ignore time stamp file if it is set to the epoch, 
regardless of what gettimeofday() returns.
 2013-02-21 10:05:16 -05:00
Todd C. Miller
1da8739c38 Use userpw_matches() for username matching so #uid works for 
sudoRunAsUser.
 2013-02-21 07:03:52 -05:00
Todd C. Miller
b929dd3c46 Avoid calling realloc3() with a zero size parameter when all retrieved 
sssd rules fail.  Otherwise we'll get a run-time error due to
malloc(0) checking.
 2013-02-21 07:01:53 -05:00
Todd C. Miller
c80603eace Do not send error mail if a user is not found in SSSD. Local users 
can run sudo too.  From Nikolai Kondrashov
 2013-02-21 06:54:30 -05:00
Todd C. Miller
29becec0e7 Make "sudo -l non_existent_command" warn that non_existent_command 
doesn't exist, not the "list" pseudo-command.
 2013-02-20 15:35:26 -05:00
Todd C. Miller
fa924d09bc Make sudoers file long list output better match the format used by 
ldap sudoers.  Tags are now converted to options and there is a
single command per line.
 2013-02-20 15:09:21 -05:00
Todd C. Miller
064cb0ceda For "sudo -l" start a new line if the runas list changes to make 
the output easier to read.
 2013-02-20 10:47:31 -05:00
Todd C. Miller
d00ad3bbe2 For "sudo -l" and "sudo -ll" only print the runas info for subsequent 
commands in a list if the runas info has changed.  If we have new
runas info, print out the tags again so as to be less confusing to
the user.  For "sudo -ll" set the line continuation indent to 8.
 2013-02-19 16:29:17 -05:00
Todd C. Miller
e07280eeeb Rename sample_group plugin to group_file. 
Install group_file and system_group plugins by default.
 2013-02-18 15:32:36 -05:00
Todd C. Miller
b9159ecb26 Add maxseq sudoers option to limit the max number of I/O log files. 2013-02-18 15:06:23 -05:00
Todd C. Miller
618871a331 Log lines and columns in the iolog file. 2013-02-16 11:12:48 -05:00
Todd C. Miller
0c40e82c16 Add simple regress tests for sudo.conf parsing. 2013-02-15 14:42:10 -05:00
Todd C. Miller
791b751425 Use sysconf(_SC_LOGIN_NAME_MAX) to find max username length instead 
of poking around in struct utmpx.
 2013-02-15 10:20:21 -05:00
Todd C. Miller
2d9da65881 #include "sudo_usage.h" not <sudo_usage.h> so we get the one in the 
build directory and not the src dir when using a separate build
directory.
 2013-02-15 08:57:21 -05:00
Todd C. Miller
d837700341 Use max_groups in front-end and plugin. 2013-02-14 15:52:27 -05:00
Todd C. Miller
2e08777f25 Store the session ID in the tty ticket file too. A tty may only 
be in one session at a time so if the session ID doesn't match we
ignore the ticket.
 2013-02-08 10:43:14 -05:00
Todd C. Miller
af0bb55283 Move tzset() call from sudoers plugin to sudo front end. 2013-02-07 14:31:48 -05:00
Todd C. Miller
7aae6bd6e3 Add line continuation support to sudo_parseln() and make it use 
getline() instead of fgets() internally.
 2013-02-07 10:56:01 -05:00
Todd C. Miller
2d6095420a Fix memory leak in error path; found by llvm checker 2013-02-06 16:38:31 -05:00
Todd C. Miller
11e04d30dd Remove useless store detected by llvm checker. 2013-02-06 16:35:19 -05:00
Todd C. Miller
becc5fca7c Add missing __dso_public to plugin structs so they are exported. 2013-02-06 13:08:48 -05:00
Todd C. Miller
380fa828dc Sync with translationproject.org 2013-02-05 10:53:59 -05:00
Todd C. Miller
e96d583045 Sync with translationproject.org 2013-02-03 13:46:48 -05:00
Todd C. Miller
78ca828a3c Sync with translationproject.org 2013-02-01 16:00:50 -05:00
Todd C. Miller
8ab7cf61bd Pass back exec_background to front end if it is enabled in sudoers. 2013-01-27 13:45:35 -05:00
Todd C. Miller
c2e678d73a Add regress test for bug 361 2013-01-24 11:57:38 -05:00
Todd C. Miller
f2beaaa89f Add __dso_public to extern declaration of declaration to match 
actual definition.
 2013-01-24 09:01:03 -05:00
Todd C. Miller
db7ea4123a Add test for visudo cycle check core dump; test case from Daniel Kopecek 2013-01-23 08:24:11 -05:00
Todd C. Miller
6fe6ccb048 Fix potential stack overflow due to infinite recursion in alias 
cycle detection.  From Daniel Kopecek.
 2013-01-23 07:52:09 -05:00
Todd C. Miller
c00c968010 Use strtoul() not atoi(). 2013-01-23 06:21:45 -05:00
Todd C. Miller
99704cc101 Catch SIGINT, SIGQUIT and SIGTSTP in the front end before we execute 
the command.  If we get SIGINT or SIGQUIT, call the plugin close()
functions as if the command was interrupted.  If we get SIGTSTP,
uninstall the handler and deliver SIGTSTP to ourselves.
 2013-01-17 09:20:45 -05:00
Todd C. Miller
70976f30ea Fill in the comment block at the top of the .pot files and preserve 
it when regenerating them.
 2013-01-11 17:08:49 -05:00
Todd C. Miller
9479bb623b Add exec_background option in plugin command info and a sudoers 
option to match.  When set, commands are started in the background
and automatically foregrounded as needed.  There are issues with
some ill-mannered programs (like Linux su) so this is not the
default.
 2013-01-11 14:34:09 -05:00
Todd C. Miller
4bc616b677 Update copyright year. 2013-01-11 14:14:10 -05:00
Todd C. Miller
6e560f2bab Break out stack smashing protector options into SSP_CFLAGS and 
SSP_LDFLAGS so we can use it everywhere (unlike LT_LDFLAGS).
 2013-01-03 14:20:49 -05:00