isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7,513 Commits 1 Branch 0 Tags
db35c7c0e42b2226bcc95619025f9932b60aab10
Commit Graph

7513 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
db35c7c0e4 Make sudoedit work with SELinux RBAC. 
Adapted from RedHat patches (Daniel Kopecek) but made to behave a
bit more like the non-SELinux bits.
 2014-08-21 15:28:36 -06:00
Todd C. Miller
a147330f3f Refactor code that copies temp files into separate functions. 2014-08-21 15:28:35 -06:00
Todd C. Miller
ffbc003b7c Fix typo, .em should be .Em 2014-08-21 09:23:34 -06:00
Todd C. Miller
2c542178a3 Add missing call to initprogname(). 2014-08-18 16:46:55 -06:00
Todd C. Miller
2246b1827f Don't recurse infinitely until we blow the stack when the debug 
file can't be opened in the front-end.  The conversation-type debug
mode will be removed in the future.
 2014-08-18 16:35:58 -06:00
Todd C. Miller
dbe0b213da Only use the first two digits of the version number. 
Fixes a problem on RHEL 7 which has version numbers like 7.0.1406
 2014-08-15 16:46:24 -06:00
Todd C. Miller
fb82e823f4 Fix return value when kernel has no audit support. 2014-08-15 15:56:25 -06:00
Todd C. Miller
6d8c6ed37a remove unused label 2014-08-15 14:37:07 -06:00
Todd C. Miller
b0faa6da1d Update to automake 1.14 (no code changes). 2014-08-14 16:36:23 -06:00
Todd C. Miller
2d22d0dca8 Document the interaction between sudoers environment handling and 
the pam_env module.
 2014-08-11 11:23:16 -06:00
Todd C. Miller
c49ca1d315 Don't allow pam_env to overwrite existing variables when env_reset 
is disabled unless the variables match the black list and would
normally be removed.  It may just be better to never overwrite when
env_reset is disabled.
 2014-08-11 10:37:08 -06:00
Todd C. Miller
2f472d5966 Update year range to include 2014 2014-08-09 20:46:21 -06:00
Todd C. Miller
dcd505d0c5 Remove regress .err files in distclean target. 2014-08-08 14:53:14 -06:00
Todd C. Miller
69762d8882 Remove generated files for linker as part of distclean. 2014-08-08 14:49:06 -06:00
Todd C. Miller
bd57aad60b Ignore .out and .err files in lib/util regress 2014-08-08 14:44:22 -06:00
Todd C. Miller
53a251dc07 Add additional 1.8.11 changes and fix typos. 2014-08-08 14:33:22 -06:00
Todd C. Miller
696080917c Avoid building/running the check_symbols test program unless we are 
building a shared sudoers plugin.
 2014-08-08 11:19:20 -06:00
Todd C. Miller
dd43530f0a Remove two instances of -no-fast-install that were missed before. 2014-08-08 11:07:09 -06:00
Todd C. Miller
76a6dad424 Add --disable-shared-libutil configure option. It may only be used 
in conjunction with the --enable-static-sudoers option.
 2014-08-08 11:03:24 -06:00
Todd C. Miller
779946ea3a Remove noop man.sed files 
Use full path instead of $@.in when calling config.status with --file=-
 2014-08-07 09:55:12 -06:00
Todd C. Miller
703263bf0e Fix "sudo -C" when we have internal fds to preserve from closefrom(). 2014-08-07 09:38:03 -06:00
Todd C. Miller
df0fd41530 Add explicit support for matching the full environment string 
(name=value).  Bash functions may now be preserved for full matches,
but not for name-only matches.
 2014-08-06 16:45:57 -06:00
Todd C. Miller
84fa5a505c Ignore lib/util/util.exp 2014-08-05 16:07:31 -06:00
Todd C. Miller
d75d22e98a Fix exporting of asprintf/vasprintf symbols. 2014-07-30 15:47:15 -06:00
Todd C. Miller
0a9e9016f1 Don't export getaddrinfo symbols if we found the function in a library. 2014-07-30 15:08:05 -06:00
Todd C. Miller
7a988d489c It is now sudo_efree() not efree(). 
Don't try to free a pointer to garbage on error.
 2014-07-30 09:46:48 -06:00
Todd C. Miller
080d0e650f Regen .pot files 2014-07-30 09:37:47 -06:00
Todd C. Miller
edf0d39703 Plug memory leak, even though we are headed for exit. 2014-07-29 19:33:55 -06:00
Todd C. Miller
f29880c1c7 If getaddrinfo() is missing libsudoutil may need to pull in networking 
libraries.
 2014-07-29 13:06:18 -06:00
Todd C. Miller
daf634b728 Only include functions in util.exp that are actually in the library. 
Fixes a problem on Solaris where undefined functions that are listed
as exported in the map file result in a link error.
Also make sure we use our glob.c if the system is missing glob().
 2014-07-29 10:52:43 -06:00
Todd C. Miller
f99a910236 Make sure shadow libs don't end up in LIBS, only SUDOERS_LIBS (and 
SUDO_LIBS if set_auth_parameters() or initprivs() are present.
 2014-07-29 09:30:25 -06:00
Todd C. Miller
58a59896b4 No need to AC_SUBST HAVE_BSM_AUDIT and HAVE_SOLARIS_AUDIT 2014-07-29 09:25:07 -06:00
Todd C. Miller
ae0014d6f4 Attempt to handle systems with SA_SIGINFO but that lack SI_USER. 2014-07-28 20:25:46 -06:00
Todd C. Miller
99ae71452a Replace use of HAVE_GETCWD with PREFER_PORTABLE_GETCWD. 
It is safe to assume getcwd() exists, we just need to handle broken ones.
 2014-07-28 16:36:43 -06:00
Todd C. Miller
b0a09fb671 Add check for inet_ntoa() since it may live in libnsl. 
Make getcwd() replacement private to the SunOS 4 section.
 2014-07-28 16:11:39 -06:00
Todd C. Miller
014edc20a3 Avoid mixing declarations and code for non-C99 compilers. 2014-07-28 15:21:44 -06:00
Todd C. Miller
120f0684b5 For C89, use "const char __func__[]" instead of "const char *__func__". 2014-07-28 15:01:48 -06:00
Todd C. Miller
d058611bd6 Fix compilation on systems w/o netgroups. 2014-07-28 06:22:52 -06:00
Todd C. Miller
787a89ed0d Back out old workaround for sudoedit hang when debugging was enabled. 2014-07-26 06:07:34 -06:00
Todd C. Miller
6f77ffd7c7 Don't memcpy() the preserved_fds TAILQ as the pointers into the 
head will be wrong.  All we need to do is save the old command
details and restore them after calling run_command().  Fixes a hang
with sudoedit when debugging is enabled.
 2014-07-26 06:06:18 -06:00
Todd C. Miller
32a837623e The default policy close function should only print an error message 
if the error_code is non-zero.
 2014-07-25 17:07:23 -06:00
Todd C. Miller
7e5a239741 If there the preserved fds list is empty, add a new element with 
TAILQ_INSERT_HEAD instead of TAILQ_INSERT_TAIL to avoid an infinite
loop on AIX, Solaris and possibly others when debug mode is active.
 2014-07-25 17:00:10 -06:00
Todd C. Miller
8c86e5c116 Remove support for getting program name via /proc as pr_fname is 
usually filled in after symbolic links have been processed, even
on Solaris.
 2014-07-25 14:08:59 -06:00
Todd C. Miller
ceb1f6eae6 Use shlib_enable instead of soext when determining whether to install 
the library.
 2014-07-25 14:08:50 -06:00
Todd C. Miller
cd56a87590 Avoid potential division by zero 2014-07-25 14:07:39 -06:00
Todd C. Miller
ebbd62eac8 Don't link progname test with libsudo_util, just link in progname.lo 
directly since that is all we need.  Avoid a linker issue on darwin.
 2014-07-25 14:07:09 -06:00
Todd C. Miller
7421524478 Remove pstat_getproc() path as pst_ucomm on HP-UX will return the 
target of a symbolic link and not the name of the link itself.
Avoid using pr_fname on AIX for the same reason.
Bug 654
 2014-07-25 09:42:41 -06:00
Todd C. Miller
f6fec06037 Add test for getprogname() and symbolic links; bug 654 2014-07-25 09:37:58 -06:00
Todd C. Miller
5ff2c80250 Document tracing 2014-07-24 14:39:50 -06:00
Todd C. Miller
536e5f4189 sudo_term_{erase,kill} are regular symbols not functions. 2014-07-23 17:06:33 -06:00