isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
9,039 Commits 1 Branch 0 Tags
d5d170252a1065a6b10c3e8d0a7df1aee13a33df
Commit Graph

1055 Commits

Author SHA1 Message Date
Todd C. Miller
04457ecee9 Set active debug instance to sudo_debug_instance() during the 
conversation function.
 2015-09-28 12:28:18 -06:00
Todd C. Miller
9486afb4e5 When the command sudo is running is killed by a signal, sudo will 
now send itself the same signal with the default signal handler
instead of exiting.  The bash shell appears to ignore some signals,
e.g.  SIGINT, unless the command is killed by that signal.  This
makes the behavior of commands run under sudo the same as without
sudo when bash is the shell.  Bug #722
 2015-09-26 10:53:16 -06:00
Todd C. Miller
3f6f1cd15c When a terminal device is closed, SIGHUP is sent to the controlling 
process associated with that terminal.  It is not sent to the entire
process group so sudo needs to relay SIGHUP to the command when it
is not being run in a new pty.  Bug #719
 2015-09-15 10:30:36 -06:00
Todd C. Miller
38b7aea6b7 Restore old signal handlers before tty settings. That way SIGTTOU 
is at its original value if sudo_term_restore() should fail.
 2015-09-09 15:27:09 -06:00
Todd C. Miller
edfeee6a7a No need to have version macros for hooks, callbacks and the sudoers 
group plugin.  We can just use the main sudo API macros.  The sudoers
group plugin macros are preserved for source compatibility but are
not documented.
 2015-09-09 14:56:52 -06:00
Todd C. Miller
2f1d675055 Ignore callbacks if major version doesn't match. 2015-09-09 13:29:57 -06:00
Todd C. Miller
67183d74f4 Remove include/compat/timespec.h. Systems old enough to lack struct 
timespec are too old to build a modern sudo.
 2015-09-09 11:13:22 -06:00
Todd C. Miller
d08faa73a7 Fill in cstat if exec_setup() fails. Previously it was only filled 
in for an execve() failure.  Fixes an unkillable sudo process when
exec_setup() fails and I/O logging is enabled.
 2015-09-09 10:50:21 -06:00
Todd C. Miller
27c2a3d158 Fix running commands as non-root when neither setresuid() not 
setreuid() are available.  At this point we are already root so
setuid() must succeed.  Bug #713
 2015-09-09 10:45:56 -06:00
Todd C. Miller
0dbfbee035 Cast uid_t to unsigned int when printing as %u 2015-09-09 10:14:03 -06:00
Todd C. Miller
70914b3328 sudo_term_* already restart themselve for all but SIGTTOU so we 
don't need to use our own restart loops.
 2015-09-07 06:06:08 -06:00
Todd C. Miller
0c70df5de9 Implement suspend/resume callbacks for the conversation function. 
If suspended, close the timestamp file (dropping all locks).  On
resume, lock the record before reading the password.

For this to work properly we need to be able to run th callback
when tsetattr() suspends us, not just when the user does.  To
accomplish this the term_* functions now return EINTR if SIGTTOU
would be generated.  The caller now has to restart the term_*
function (and send itself SIGTTOU) instead of it being done
automatically.
 2015-09-07 06:06:08 -06:00
Todd C. Miller
98a15d9879 Add a struct sudo_conv_callback that contains on_suspend and on_resume 
function pointer args plus a closure pointer and at it to the
conversation function.
 2015-09-07 06:06:08 -06:00
Todd C. Miller
13869d349c Linux sets si_pid in struct siginfo to 0 when the process that sent 
the signal is in a different container since the PID namespaces in
different conatiners are separate.  Avoid looking up the process
group by id when si_pid is 0 since getpgid(0) returns the process
group of the current process.  Since sudo ignores signals sent
by processes in its own process group, this had the effect of
ignoring signals sent from other containers.  From Maarten de Vries
 2015-08-10 15:13:37 -06:00
Todd C. Miller
2fbce103f6 Change warning when user tries to sudoedit a symbolic link. 2015-08-07 07:09:01 -06:00
Todd C. Miller
3354d27a17 Do not follow symbolic links in sudoedit by default. This behavior 
can be controlled by the sudoedit_follow Defaults flag as well as
the FOLLOW/NOFOLLOW tags.
 2015-08-06 13:20:01 -06:00
Todd C. Miller
918190fce9 Include sys/types.h for id_t. Bug #711 2015-08-02 19:59:32 -06:00
Todd C. Miller
ddd35459c3 The init.d files are generated from a .in file so we need to install 
from top_builddir not top_srcdir.  From Ross Burton.  Bug #708
 2015-07-24 13:38:03 -06:00
Todd C. Miller
0765f5fe7f fix typo in previous commit 2015-07-22 06:21:21 -06:00
Todd C. Miller
83d8cbf811 Fix errno value from get_process_ttyname() when no tty is present. 2015-07-21 15:20:49 -06:00
Todd C. Miller
aeaa6a6111 On AIX, only convert the tty device number from dev64_t to dev32_t 
if dev_t is 32-bits.
 2015-07-21 15:02:56 -06:00
Todd C. Miller
d96f8bcabb Avoid needless memory allocation when resolving the tty name. 2015-07-19 20:19:22 -06:00
Todd C. Miller
d4211081c0 Add some debugging printfs when malloc fails and we don't have an 
explicit call to sudo_warnx().
 2015-07-14 15:28:01 -06:00
Todd C. Miller
374146f70f Avoid calling dlerror() multiple times since it clear the error 
status after printing the error.
Problem caused by sudo_warn/sudo_fatal being macros...
 2015-07-10 10:31:21 -06:00
Todd C. Miller
43a57126ea Solaris 2.6 has the prototypes for inet_pton() and inet_ntop() in 
resolv.h.
 2015-07-09 10:11:25 -06:00
Todd C. Miller
61182c87ea In io_callback() service writes before reads. That way, if both 
SUDO_EV_READ and SUDO_EV_WRITE are set and read() returns 0 (EOF)
we don't close the fd before the write() is performed.

If the write() returns EPIPE, ENXIO, EIO or EBADF, clear SUDO_EV_READ
before we close the fd to avoid calling read() on a closed fd.
 2015-07-08 10:12:15 -06:00
Todd C. Miller
445e6f2e9a Check sudo_conf_read() return value and exit on fatal error (a 
warning was already printed by sudo_conf_read()).
 2015-07-07 13:17:50 -06:00
Todd C. Miller
854c084956 Fix utmp setup broken by commit be0ca60facf8 2015-07-06 13:56:39 -06:00
Todd C. Miller
d77941c2be We require POSIX so no need to conditionally include dirent.h. 
Add a check for d_namlen and use the result in the NAMLEN macro.
 2015-07-02 09:24:48 -06:00
Todd C. Miller
0b241088b3 There's no need to conditionalize the #include <unistd.h>, we require 
a POSIX system.
 2015-07-02 09:08:28 -06:00
Todd C. Miller
a76b93e23a Use our own bitmap macros instead of borrowing the ones from select. 2015-06-23 16:37:00 -06:00
Todd C. Miller
7b086b6842 Quiet clang analyzer false positive. 2015-06-23 12:58:02 -06:00
Todd C. Miller
2aeeb54f3f Fix uninitialized variables warnings in error case when src file 
cannot be opened.  At least one of these is a false positive.
 2015-06-23 12:57:47 -06:00
Todd C. Miller
4a07b472f0 Only include stddef.h where it is needed. 2015-06-20 05:34:35 -06:00
Todd C. Miller
c36415417f Add function name to "unable to allocate memory" warnings. 2015-06-19 14:51:17 -06:00
Todd C. Miller
dc883f2454 We require ANSI C so stop using the obsolete STDC_HEADERS. 2015-06-19 14:29:27 -06:00
Todd C. Miller
4f9cabd005 Remove obsolete memory.h include. 2015-06-18 21:02:57 -06:00
Todd C. Miller
a50555faa2 Remove support for the obsolete malloc.h header. 2015-06-18 20:30:59 -06:00
Todd C. Miller
ea744042ed Allow "make LIBTOOL=/path/to/libtool" to work properly. 2015-06-18 13:06:15 -06:00
Todd C. Miller
a38253b101 Replace use of OSDEFS with config.h defines. 
Rename DEFS in Makefile.in to CPPDEFS and include in CPPFLAGS.
Bring back _BSD_SOURCE as a config.h define.
Remove obsolescent _REENTRANT define.
 2015-06-18 09:33:05 -06:00
Todd C. Miller
cb63ca701c Avoid using exiting allocators in the front end. 2015-06-17 17:00:54 -06:00
Todd C. Miller
25917e435c We need to unlimit RLIMIT_NPROC in sudoers as well as the sudo front 
end since set_perms() and restore_perms change the read uid and may
fail with EAGAIN on Linux kernels prior to 3.1.
 2015-06-12 15:30:06 -06:00
Todd C. Miller
7107ce4d1d Remove support for converting plugin.so -> plugin.sl on HP-UX when 
plugin.so can not be found.  This was a temporary hack for using
an older (pre 1.8.7) sudoers plugin with a newer sudo front-end.
 2015-06-08 13:57:14 -06:00
Todd C. Miller
4131449ffb Add a few missing sudo_new_key_val() return value checks. 
Also use non-exiting allocators for consistency.
 2015-05-27 09:42:51 -06:00
Todd C. Miller
05a01d4c5d Avoid using a leading underbar in defines as they are reserved in 
ISO C.
 2015-05-21 11:13:20 -06:00
Todd C. Miller
1298ea9107 Add target for "make splint". A few files need extra guards to avoid 
errors on systems where they would not otherwise be compiled.
No warnings from splint.
 2015-05-21 11:07:13 -06:00
Todd C. Miller
a40cf3e288 There should be no need to check for tzset() as it is POSIX. 2015-05-18 13:42:06 -06:00
Todd C. Miller
0b1e027b12 Force flat namespace on darwin to make the getenv() hooking work 
as it does on ELF.
 2015-05-15 15:48:24 -06:00
Todd C. Miller
8bc70a635c Instead of trying to make weak functions work on all platforms, 
just use a registration function for a plugin-specific setlocale
function.  The sudoers version just wraps sudoers_setlocale().
 2015-05-11 14:51:32 -06:00
Todd C. Miller
fc7143760b Fix indentation of -a flag help line. 2015-05-11 13:34:41 -06:00