The configure script correctly detects that utimensat() and futimens()
are missing but the headers define stub versions of the functions.
Including sys/stat.h pulls in the system definitions so we can override
them safely. Bug #1021.
If noninteractive_auth is set, authentication methods that do not
require input from the user's terminal may proceed. It is off by
default, which restores the pre-1.9.9 behavior of "sudo -n".
If the Defaults name matched but the binding does not, we can simply
leave it be. Fixes a problem where given two sudoers sources that
have a host specified, if they contain conflicting Defaults entries
we would drop one of the Defaults instead of keeping both after
making them host-specific.
We convert the global Defaults to a host-based one with a single
"ALL" member. Later, when we simplify the host list, we'll convert
this back to a global Defaults.
When logging terminal input, if log_passwords is false and any
of the regular expressions in the passprompt_regex list are found
in the terminal output, terminal input will be replaced with '*'
characters until a newline or carriage return is found in the input
or an output character is received.
When logging terminal input, if log_passwords is disabled and any
of the regular expressions in the passprompt_regex list are found
in the terminal output, terminal input will be replaced with '*'
characters until a newline or carriage return is found in the input
or an output character is received.
The concatenation of command and arguments and escaping of special
characters was not documented.
Text adapted from GitHub issue #121 from Kris Rinzwind
Defaults settings passed in by the front end are already "early"
so there is no need to treat any of them as special.
Otherwise, we end up running the early defaults callbacks before
sudoers has been parsed. This means that, for instance, it is not
possible to disable the fqdn flag before its callback is run if
sudo is build with the --with-fqdn option. Bug #1016.
On some systems, such as Solaris, the max length of a directory
entry is filesystem-dependent. We could use fpathconf() and
dynamically allocate the name but it is simpler to just use
PATH_MAX here.
Fixes a problem where sudo could reduce the max stack size on some
systems if the original limit was higher than the fallback limit,
but not unlimited/infinity.
