Previously, we checked that the previous entry's binding pointer
was not the same while freeing. However, to be able to merge
Defaults records we cannot rely on Defaults entries with the same
binding being immediately adjacent. This removes the prev_binding
checks in favor of a reference count which allows us to plug the
memory leak in cvtsudoers when merging Defaults.
This means that lhost and shost in struct sudoers_parse_tree
are no longer const and that free_parse_tree() will free lhost/shost.
The only consumer that passed in lho.st/shost was the SSSD back-end
which has been updated to avoid a double-free.
If a hostname is specified with the sudoers file, it will be used to
make the userspec host-specific, if possible. Duplicate userspecs
are removed but conflicting entries are not currently pruned.
If a hostname is specified with the sudoers file, it will be used to
make the Defaults setting host-specific, if possible.
Duplicate Defaults settings are removed and conflicts are warned about.
It is not possible to resolve all conflicts automatically.
Duplicate aliases are remove. If there are conflicting alias names,
the conflicts are renamed by appending a numerical suffix.
For example, if there are two SERVERS Host_Aliases, the second one
will be renamed to SERVERS_1.
The front-end uses this to decide whether or not to enable SELinux.
If selinux-rbac is true _or_ if it is not present and selinux_role or
selinux_type are set, SELinux support is enabled.
Previously, SELinux support was only enabled if a role was specified.
Since "cd" is a shell built-in command it cannot be run directly
via sudo. The user either needs to spawn a shell via "sudo -s"
or use the -D option to run a command in a specific directory.
For CSV output we double quotes strings that contain commas. For
each literal double quote character present inside the string, two
double quotes are output.
This introduces a sudoers-specific version of LT_STATIC instead of
appending the --tag=disable-shared to SUDOERS_LDFLAGS.
I've also removed the -static flag as it should not be needed.
It now prints runchroot and runcwd (falling back on cwd).
As a result, submithost is now printed first, matching sudo.
Also avoid printing NULL pointers and skip entries that don't have
at least command, submituser and runuser set.
There is no case where we should fail to find an editor just because
the values of EDITOR, VISUAL and SUDO_EDITOR are unavailable. Both
sudoedit and the "env_editor" sudoers setting are documented as
falling back on the hard-coded list of editors in the "editors"
sudoers setting. Bug #1000
Some fuzzing inputs cause a huge number of warnings and displaying
them all can result in the fuzz run timing out. If we disable the
warnings we can avoid the timeout.