isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,969 Commits 1 Branch 0 Tags
d2d68aa24d1e65cc500b19a4c3d8c2249c12f01f
Commit Graph

35 Commits

Author SHA1 Message Date
Todd C. Miller
d2d68aa24d Re-enable cleanup functions in sudoers plugin and sudo driver 
for error()/errorx().
 2010-05-28 12:15:14 -04:00
Todd C. Miller
9773ba3f79 Rename script_execve to sudo_execve and rename script_foo in exec.c 2010-05-27 16:46:31 -04:00
Todd C. Miller
f8f82ffa8e Rename script_setup() to pty_setup() and call from script_execve() 
directly.
 2010-05-27 16:29:48 -04:00
Todd C. Miller
7e6d1d1f7d Add init_session function to struct policy_plugin that gets called 
before the uid/gid/etc changes.  A struct passwd pointer is passed in,which may be NULL if the user does not exist in the passwd database.The sudoers module uses init_session to open the pam session as needed.
 2010-05-27 14:46:39 -04:00
Todd C. Miller
0487aee6b4 Bring back closefrom settings. 2010-05-24 15:40:36 -04:00
Todd C. Miller
20c125297f Avoid possible malloc(0) if plugin returns an empty groups list. 2010-05-20 17:10:16 -04:00
Todd C. Miller
9360e67a3d Add debugging info when calling plugin close function 2010-05-20 17:01:53 -04:00
Todd C. Miller
55ef027d88 Add argc and argv to I/O logger open function. 2010-05-17 10:38:56 -04:00
Todd C. Miller
fa717176b2 Remove check_sudoedit function pointer in struct sudo_policy. 
Instead, sudo will set sudoedit=true in the settings array.
The plugin should check for this and modify argv_out as appropriate
in check_policy.
 2010-05-17 10:25:27 -04:00
Todd C. Miller
3ac9aee52e If plugin sets "sudoedit=true" in the command info, enable 
sudoedit mode even if not invoked as sudoedit.  This allows
a plugin to enable sudoedit when the user runs an editor.
 2010-05-16 19:27:04 -04:00
Todd C. Miller
7c9c5855fd Change how we handle the sudoedit argv. We now require that there 
be a "--" in argv to separate the editor and any command line arguments
from the files to be edited.
 2010-05-13 17:11:31 -04:00
Todd C. Miller
fdd28d411f Work in progress support for sudoedit. The actual interface used by the 
plugin for sudoedit is likely to change.
 2010-05-13 14:09:21 -04:00
Todd C. Miller
9fbec34fed Add pointer to a printf like function to plugin open functon. 
This can be used instead of the conversation function to display
info and error messages.
 2010-05-04 19:17:31 -04:00
Todd C. Miller
f19be6da31 Handle plugin's open function returning -2 (usage error). 2010-04-13 09:36:43 -04:00
Todd C. Miller
0494774f30 Call the I/O log open function before the I/O version function. 2010-04-11 17:13:11 -04:00
Todd C. Miller
44341c9c15 Main sudo should not block signals; the plugin should do this in 
check_policy.
 2010-04-01 06:35:19 -04:00
Todd C. Miller
e17f1e5cbd Delay calling the I/O plugin open function until the policy plugin 
returns success.
 2010-03-28 08:41:06 -04:00
Todd C. Miller
43ea59f64f Fix iteration over runas_groups list. 2010-03-22 18:08:17 -04:00
Todd C. Miller
7af5cdfaf4 Fix setting of groups list 2010-03-22 08:26:05 -04:00
Todd C. Miller
6b180d24da Fix the -s and -i flags and add support for the "implied_shell" 
option.  If the user does not specify a command, sudo will now pass
in the path to the user's shell and set impied_shell=true.  The
plugin can them either check the command normally or return -2 to
cause sudo to print a usage message and exit.
 2010-03-21 08:54:06 -04:00
Todd C. Miller
eec5235d19 Rewrite compat/getprogname.c and add setprogname(). 
The progname is now passed to the plugin via the settings array.
 2010-03-19 07:52:31 -04:00
Todd C. Miller
038ec569de Use number of tty columns that is passed in user_info instead of 
getting it directly in the lbuf code.
 2010-03-17 21:25:32 -04:00
Todd C. Miller
96a98bed4b Add tty size to user info 2010-03-17 10:36:02 -04:00
Todd C. Miller
ee223889c1 Wire up invalidate and validate methods for sudoers 2010-03-15 20:24:55 -04:00
Todd C. Miller
4e938c0074 Wire up SIGALRM handler 
Set close on exec flag for child side of the socketpair
Fix signal handling when not doing I/O logging
 2010-03-06 14:34:23 -05:00
Todd C. Miller
d73f580f5a g/c unused SIGCHLD handler 2010-03-06 14:29:32 -05:00
Todd C. Miller
cc23068c2a Don't use emalloc() in fmt_string(); we want to be able to use it from 
a plugin.
 2010-03-06 14:29:04 -05:00
Todd C. Miller
c857c74e3a Convert to ANSI C 2010-03-04 20:18:22 -05:00
Todd C. Miller
f145264ee0 Refactor script_execve() a bit so that it can be used in non-script 
mode.  Needs more cleanup.
 2010-02-27 16:53:56 -05:00
Todd C. Miller
157b7805cf Ignore empty entries in command_info list 2010-02-27 13:36:30 -05:00
Todd C. Miller
9e5ff964ad Make user_details extern so tgetpass can get at the uid and gid. 
Set uid/gid to user before executing askpass program.
Check environment for SUDO_ASKPASS and use that if set.
TODO: a way for the policy to set the askpass program itself
 2010-02-24 19:53:45 -05:00
Todd C. Miller
f3b2c9ac1d No longer need sudo_usage.h in sudo.c 2010-02-24 07:49:16 -05:00
Todd C. Miller
c2aaf8fbfb Make sudo_debug do a single vfprintf() which will result in a single 
write call on most systems.  Avoids problems with interleaved debug
printf from different processes.  Also remove an extraneous error case
since recv() can't return a short read and add some more XXX.
 2010-02-21 10:24:27 -05:00
Todd C. Miller
abb431b363 Wire up debug_level 2010-02-20 13:25:10 -05:00
Todd C. Miller
b6a4cf7233 Modular sudo front-end which loads policy and I/O plugins that do 
most the actual work.  Currently relies on dynamic loading using
dlopen().  See doc/plugin.pod for the plugin API.
 2010-02-20 09:41:49 -05:00