isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
9,550 Commits 1 Branch 0 Tags
dfc32e5b3ece9b33dab339341ebeab4edad5023c
Commit Graph

9550 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
985600e7f0 Minor snprintf() usage tweaks: 
1) don't assume snprintf() returns -1 on error, check for <0
2) when comparing return value of sizeof(foo), cast the sizeof, not the len
3) cast return value to void in cases where snprintf cannot fail
 2019-01-20 07:49:48 -07:00
Todd C. Miller
3d63eee344 The AIX nofiles hard limit fix and bug #867 will make 1.8.27. 2019-01-07 11:01:21 -07:00
Todd C. Miller
e2675d8f1e Use PAM_SILENT to prevent pam_lastlog from printing last login 
information on RedHat except when explicitly running a shell.
Adapted from a patch from Nir Soffer.  Bug #867
 2019-01-07 09:50:40 -07:00
Todd C. Miller
f7d7a9a619 Fix the default nofiles and stack hard limits. 
The table of default hard limits in /etc/security/limits was out
of date with respect to the current documentation.  The default
hard limit for nofiles should be unlimited, not 8196.  The default
hard limit for stack should be 4194304 blocks (which fits in an
unsigned long on 32-bit platforms).
 2019-01-07 09:38:03 -07:00
Todd C. Miller
32dc90c28e regen 2019-01-03 13:26:57 -07:00
Todd C. Miller
7ae29420d5 Final updates for sudo 1.8.27. 2019-01-03 13:16:57 -07:00
Todd C. Miller
64d08d8bf2 Update copyright year 2019-01-03 11:09:00 -07:00
Todd C. Miller
de94a04ba4 Update for 2019 2019-01-03 11:05:46 -07:00
Todd C. Miller
b2f7983c84 Fix setting of utmp entry when running command in a pty. 
Regression introduced in sudo 1.8.22.
 2019-01-02 07:39:33 -07:00
Todd C. Miller
efe35e5b1e Use debug_return_int not debug_return_bool in resolve_host 2018-12-24 20:31:26 -07:00
Todd C. Miller
24b0da367b sudo 1.8.27 2018-12-24 10:09:35 -07:00
Todd C. Miller
dc9338ffe7 Allow the sudoers file to be specified without the -f option. 
Bug #864
 2018-12-24 08:26:18 -07:00
Todd C. Miller
7d5b0064af The iolog_dir section is below the maxseq section, not above. 2018-12-20 06:57:05 -07:00
Todd C. Miller
3d84150736 Updated translations from translationproject.org 2018-12-12 10:47:01 -07:00
Todd C. Miller
72050203bc Add -n and -R options to help; reported by Radovan Sroka 2018-12-11 09:17:15 -07:00
Todd C. Miller
258c7d4dd0 Add missing description of padding option and missing argument to -c. 2018-12-11 09:12:06 -07:00
Todd C. Miller
142b370c1f The -c option was missing from the help info; from Radovan Sroka 2018-12-11 09:05:04 -07:00
Todd C. Miller
04a4b3c1fc Fix some typos; reported by Radovan Sroka 2018-12-11 09:02:30 -07:00
Todd C. Miller
5242773489 In sudo_pam_approval(), for the exempt case, only overwrite pam 
status when the passwd is expired or needs to be updated.
 2018-12-08 08:10:04 -07:00
Todd C. Miller
4125808a85 The fix for bug #843 was incomplete and caused pam_end() to be called early. 
sudo_pam_approval() must not set the global pam status to an error
value if it returns AUTH_SUCCESS.  Otherwise, sudo_pam_cleanup()
will call pam_end() before sudo_pam_begin_session().  This resulted
in a NULL PAM handle being used in sudo_pam_begin_session().
 2018-12-07 09:51:34 -07:00
Todd C. Miller
e91e5ee820 Don't run the command in a pty if no I/O plugins are logging anything. 
That way an I/O plugin that doesn't actually log anything won't cause
the command to be run in a pty.
 2018-12-05 10:43:14 -07:00
Todd C. Miller
83fd48a75c Update ignore patterns to match doc changes. 2018-11-29 08:49:58 -07:00
Todd C. Miller
85dd1747cf fix mode fixmdoc.sed 2018-11-29 08:47:42 -07:00
Todd C. Miller
b8ba372227 Fix section in the .TH line of *.man.in file. 
The substitution for @mansectsu@ and @mansectform@ was broken.
No longer need to strip out OpenBSD from the header line.
 2018-11-27 13:15:08 -07:00
Todd C. Miller
e0d2dc61eb Add sudoers.man.in.sed, missed from previous commit. 2018-11-27 08:33:51 -07:00
Todd C. Miller
168a7ca110 Add Guillem Jover 2018-11-27 08:27:23 -07:00
Todd C. Miller
8964dd5d20 recent changes 2018-11-27 08:26:08 -07:00
Todd C. Miller
e010706ede Use roff conditionals in the manuals instead of post-processing. 
We still need to process the resulting .man.in files to add back
the conditionals but this should be easier to debug as the changes
are visible in the .in file.
Some minor postprocessing is still used to make the manuals HP-UX
friendly and to change "0 seconds" -> unlimited after substitution.
 2018-11-27 08:14:15 -07:00
Todd C. Miller
23006c72c7 Sudo plugin manual updates and clarification from Guillem Jover: 
- Add missing return information for show_version().
- Fix prototypes for several function pointers.
- Update SUDO_API_VERSION_MINOR.
- Add missing references to log_suspend() and change_winsize().
- Add missing "array.".
- Clarify that argc can be zero on sudo -V.
- Clarify size requirements for conversation array arguments.
- Clarify timeout zero value for struct sudo_conv_message.
- Clarify initial and final state of reply in struct sudo_conv_reply.
 2018-11-24 08:39:09 -07:00
Todd C. Miller
7c0019d2a5 Revert changes to give arguments to the .Bx macro. 
This is intended for things like .Bx 4.3 to generate "4.3BSD" so
the argument ends up before the BSD, not after.  Just go back to
using "BSD authentication" and "BSD login classes" so fixmdoc.sh
can operate correctly.  Bug #861
 2018-11-24 08:34:03 -07:00
Todd C. Miller
0679f4529c Update fixmdoc.sh to match the BSD -> .Bx changes in the manuals. 
Bug #861
 2018-11-23 06:42:23 -07:00
Todd C. Miller
ecd9688818 Add support for utmps as found in HP-UX. 2018-11-18 07:45:43 -07:00
Todd C. Miller
716aa6e4ab Support st_nmtime in struct stat as found in HP-UX. 2018-11-14 13:37:46 -07:00
Todd C. Miller
7c5469264d If fcntl fails, fall back to the /proc implementation. 2018-11-14 13:37:45 -07:00
Todd C. Miller
4f5acff6eb Mention schema.olcSudo 2018-11-12 08:31:02 -07:00
Todd C. Miller
5f5d4a285c Mention schema.olcSudo here too. 2018-11-09 11:02:34 -07:00
Todd C. Miller
5e098a782d OpenLDAP schema file for Sudo in on-line configuration (OLC) format. 
From Frederic Pasteleurs.
 2018-11-09 10:38:49 -07:00
Todd C. Miller
d6c2c53688 Updated translations from translationproject.org 2018-11-09 10:15:35 -07:00
Todd C. Miller
537a2f9773 Only use closefrom_fallback() if no better method exists. 
The previous logic was too fragile.
 2018-11-08 15:17:39 -07:00
Todd C. Miller
733669ec38 Updated translations from translationproject.org 2018-11-07 11:21:05 -07:00
Todd C. Miller
cad10fbd2e Portuguese translation for sudo and sudoers from translationproject.org. 2018-11-07 11:20:27 -07:00
Todd C. Miller
cdd5bb32eb Add sudo_gai_fatal, sudo_gai_vfatal, sudo_gai_vwarn, sudo_gai_warn 
and gai_log_warning that use gai_strerror() instead of strerror().
 2018-11-05 09:08:05 -07:00
Todd C. Miller
cfa4879dbd Fix memory leak in runaslist_matches(). 2018-10-31 10:03:02 -06:00
Todd C. Miller
c88b859853 typo 2018-10-29 09:23:25 -06:00
Todd C. Miller
9c2f4b8f19 regen 2018-10-29 08:32:36 -06:00
Todd C. Miller
9378808b3a More updates for 1.8.26 2018-10-29 06:19:59 -06:00
Todd C. Miller
1fe582a0e3 Add support for negated sudoRunAsUser and sudoRunAsGroup entries. 2018-10-28 15:46:27 -06:00
Todd C. Miller
fb015fac1b Document that the target user's groups may be specified via the -g option. 2018-10-27 12:52:17 -06:00
Todd C. Miller
03c56db408 Include getpwent() version of sudo_getgrouplist2_v1() from getgrouplist.c 2018-10-27 12:10:43 -06:00
Todd C. Miller
0398996b39 Use a testsudoers group file with known contents instead of the system one. 2018-10-27 10:57:37 -06:00