indicate to the caller that the fd should not be closed when it
is done with it. To be used by visudo to keep locked fds from
being closed prematurely (and thus losing the lock).
Add cmnd_stat to struct sudo_user and set it in sudo_goodpath().
No longer use gross statics in command_matches().
Also rename some variables for improved clarity.
the passwd file, set runas_user to the name, not the uid.
When comparing usernames in sudoers, if a name is really a uid (starts
with '#') compare it numerically to pw_uid.
password check. That way, if sudo/sudoedit is run from a root process
that was invoked by sudo, we check sudoers for root, not the previous
user. This makes sudoedit much more useful and means that for the
sudo case, we get correct logging on who actually ran the command.
to edit files with the editor of their choice as the invoking user,
not the runas user. Temporary files are used for the actual edit
and the temp file is copied over the original after the editor is done.
use that to determine the invoking user's true identity. That way
the proper info gets logged by someone who has done "sudo su" but
still uses sudo to as root. We can't do this for non-root users
since that would open up a security hole, though perhaps it would
be acceptable to use getlogin(2) on OSes where this a system call
(and doesn't just look in the utmp file).
reset the contents of runas_pw if the user specified a user via the -u flag.
Avoid unnecessary passwd lookups in set_authpw(). In most cases we already
have the info in runas_pw.
function that just sets error and returns -1. This adds a
"noexec_file" option to load the filename as well as a "noexec" flag
to enable it unconditionally. There is also a NOEXEC tag that can
be attached to specific commands and an EXEC tag to disable it.
enum type. Currently there is only a single tuple enum but in the
future we may have one tuple enum per T_TUPLE entry in def_data.in.
Currently listpw, verifypw and lecture are tuples. This avoids the
need to have two entries (one ival, one str) for pwflags and syslog
values.
lecture is now a tuple with the following values: never, once, always
We no longer use both an int and string entry for syslog facilities
and priorities. Instead, there are logfac2str() and logpri2str()
functions that get used when we need to print the string values.
users to place "sudo -k" in a .logout file which can cause sudo to
be run during reboot after the YP/NIS/NIS+/LDAP/etc daemon has died.
Previously, this would result in useless mail and logging.
