isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
9,499 Commits 1 Branch 0 Tags
e28ba02c78f658da8be4903aaacc87ca4eacb10f
Commit Graph

9499 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
e28ba02c78 Fix a typo. 2019-05-22 08:58:51 -06:00
Todd C. Miller
19e2da8eec Support using macOS SDKs from /Library/Developer/CommandLineTools/SDKs 2019-05-22 08:57:48 -06:00
Todd C. Miller
cd2cfeb8cb It is safe to assume _POSIX_VDISABLE is defined. 
The old compat defines were to support pre-termios systems.
 2019-05-16 12:24:48 -06:00
Todd C. Miller
30a5ee9c5d Remove second catopen() which is never called. 2019-05-06 10:04:07 -06:00
Todd C. Miller
14e72b3ec6 Sudo's conversation functions now filters out the last login information. 2019-05-01 10:56:43 -06:00
Todd C. Miller
976550084e Add pam_acct_mgmt setting to enable/disable PAM account validation. 2019-04-29 19:44:13 -06:00
Todd C. Miller
4b240c2673 regen 2019-04-29 19:43:17 -06:00
Todd C. Miller
91b6d71a04 Sudo 1.8.28 2019-04-29 19:40:51 -06:00
Todd C. Miller
1e1ef61902 Add SPDX-License-Identifier to files. 2019-04-29 07:21:51 -06:00
Todd C. Miller
96ac6adae5 Filter out last login messages on HP-UX unless running a shell. 
HP-UX in trusted mode will display last login messages as part of
the PAM account management module by libpam_comsec.  There is no
way to suppress these messages from the PAM configuration in trusted
mode so we need to filter them in the conversation function.  In
regular mode, similar (but different) messages may be produced by
libpam_hpsec.
 2019-04-28 07:26:45 -06:00
Todd C. Miller
30a56af6ef FreeBSD's /dev/fd only contains fds 0-2 unless fdescfs is mounted. 
In practice this doesn't matter since FreeBSD >= 8 has a native closefrom
 2019-04-26 15:21:29 -06:00
Todd C. Miller
aa0146d68d Keep debug fds open in send_mail() to aid in debugging. 
Adds closefrom_nodebug() which acts like closefrom(3) but doesn't
close debug fds for use by send_mail().
Also moves the code to exec the mailer to its own function.
 2019-04-20 17:28:45 -06:00
Todd C. Miller
9048ee6c48 Set def_mailerflags even if sendmail was not found at configure time. 
Fixes a NULL dereference when mailerpath is set but mailerflags is not.
Bug #878
 2019-04-19 10:14:10 -06:00
Todd C. Miller
de65d70929 Add a proper getdelim(3) replacement and use it instead of getline(3). 2019-04-08 10:37:30 -06:00
Todd C. Miller
f0910c01da Restrict the PAM_TTY kludge to Solaris and Linux-PAM. 
Setting PAM_TTY to the empty string causes problems with some modules
on HP-UX so restrict it to systems where it is fixes known issues.
 2019-04-08 08:50:03 -06:00
Todd C. Miller
731e796711 Fix the counting of supplementary groups on AIX. 
We should not assume that basegid will be present in the list of
gids returned by getgrset().
 2019-03-18 14:08:21 -06:00
Todd C. Miller
194968eaf0 Plug a memory leak on user/group lookup failure found by ASAN. 2019-03-14 11:31:05 -06:00
Todd C. Miller
e31ac5a998 Fix test failure when run by a user other than the file owner. 2019-03-08 09:07:20 -07:00
Todd C. Miller
28b0bff4f3 Updated translations from translationproject.org 2019-03-08 08:36:01 -07:00
Todd C. Miller
0c31cf15fe Test cvtsudoers stdout and stderr separately. 
Fixes a test failure on systems with musl libc.  Bug #873
 2019-03-08 06:58:30 -07:00
Todd C. Miller
0766e0c647 Better comment about EOVERFLOW and pstat_getproc(). 
Also remove some useless casts.
 2019-03-06 20:15:11 -07:00
Todd C. Miller
17ca31c381 Ignore EOVERFLOW from pstat_getproc(), it is not a fatal error. 
It just means that one of the fields in pstat lacks the precision to
store a value.  That's not an issue for pst_highestfd.
 2019-03-06 20:13:40 -07:00
Todd C. Miller
9c4487b732 update copyright year 2019-03-06 10:46:23 -07:00
Todd C. Miller
8ee2de9980 Fix error message when a fully-qualified plugin path does not exist. 2019-03-05 10:23:07 -07:00
Todd C. Miller
0e8fffdb30 Fix unescaped '\' and remove an extra '[' in the definition of digest. 2019-03-04 08:52:28 -07:00
Todd C. Miller
ea3ede690f Ignore carriage return before a linefeed. 
This allows sudo to parse files with DOS-style line endings.
 2019-03-03 14:41:59 -07:00
Todd C. Miller
f4853cb754 For sssd, the nsswitch.conf setting should be "sss" not "sssd". 
From Johnathan Smith.
 2019-02-26 13:15:40 -07:00
Todd C. Miller
e1205f08d6 Add simple API for to allow reading environment data from different sources. 
Currently, this is used to read a file like /etc/environment.
 2019-02-20 17:05:02 -07:00
Todd C. Miller
f3344b5881 Fix pasto; the unrestricted env file was read when we want the restricted one. 2019-02-19 11:03:02 -07:00
Todd C. Miller
c0a12d9d95 Be sure to include sudo_queue.h where needed instead of relying on other headers. 2019-02-19 08:31:08 -07:00
Todd C. Miller
683c65b98b Only export sudo_arc4random_uniform() if arc4random_uniform() is missing. 2019-02-18 16:03:55 -07:00
Todd C. Miller
f17683482b Quiet a warning on gcc 8 2019-02-18 15:56:12 -07:00
Todd C. Miller
da98428e91 AIX 7.1 defines O_CLOEXEC but it can't be used outside the kernel. 
Redefine O_CLOEXEC if it doesn't fit in an int and pipe2() is missing.
 2019-02-18 15:45:31 -07:00
Todd C. Miller
36d4373403 Split command match code out into match_command.c. 
Also remove unused SUDOERS_NAME_MATCH code.
 2019-02-18 11:35:52 -07:00
Todd C. Miller
cf2bfbcd3f Split out digest matching into its own file. 2019-02-17 08:21:13 -07:00
Todd C. Miller
a04409747c Split out digest matching into its own file. 2019-02-17 06:47:37 -07:00
Todd C. Miller
1e6e048180 Rename FOLLOW and NOFOLLOW tokens FOLLOWLNK and NOFOLLOWLNK. 
Fixes a namespace collision on Solaris when bison is used.
 2019-02-12 12:02:02 -07:00
Todd C. Miller
bc25915050 Add stub definition of digest_matches() for SUDOERS_NAME_MATCH 2019-02-06 13:12:33 -07:00
Todd C. Miller
694999487b No longer need to include sudo_lbuf.h 2019-02-06 10:25:52 -07:00
Todd C. Miller
ffc4db6aee On RedHat/CentOS get the OS major version from /etc/redhat-release. 
We cannot determine this from the output of "pp --probe" since it
doesn't contain a period to separate the major and minor numbers.
 2019-02-06 06:30:00 -07:00
Todd C. Miller
6dceca47cc Use SET macro instead of bitwise OR. 2019-02-05 16:47:08 -07:00
Todd C. Miller
c92f80b79e In sudo_make_grlist_item() the calculation of total did not include 
space for pointers to the group names.
 2019-02-05 16:46:30 -07:00
Todd C. Miller
4f74fe3a8e Use correct debug_decl() names. 2019-02-05 14:29:39 -07:00
Todd C. Miller
928faf27f2 Add fallback values for sudoers uid, gid and mode if not set in Makefile. 2019-02-05 10:02:17 -07:00
Todd C. Miller
13c3244220 include stddef.h to make sure we get NULL 2019-02-04 14:07:20 -07:00
Todd C. Miller
3788c65483 Fix memory leak when there are no network interfaces or an error occurs. 2019-02-02 13:55:30 -07:00
Todd C. Miller
c1d934894d Use $ac_cv_search_FUNCTION instead of $ac_lib and $ac_res. 
Fixes a problem where libcrypt is not used with autoconf caching.
Adapted from a diff from Adam Labbe.
 2019-01-25 10:39:57 -07:00
Todd C. Miller
df8b855b2a Updated translations from translationproject.org 2019-01-24 14:59:13 -07:00
Todd C. Miller
ecc9c366e4 Fix listpw=never and verifypw=never. Bug #869 2019-01-22 06:41:16 -07:00
Todd C. Miller
985600e7f0 Minor snprintf() usage tweaks: 
1) don't assume snprintf() returns -1 on error, check for <0
2) when comparing return value of sizeof(foo), cast the sizeof, not the len
3) cast return value to void in cases where snprintf cannot fail
 2019-01-20 07:49:48 -07:00