isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
9,348 Commits 1 Branch 0 Tags
ec2cc68c0b2fa8b89c71279ee61a65d5f92f0267
Commit Graph

2354 Commits

Author SHA1 Message Date
Todd C. Miller
a71eb86a71 Add new -S option to sleep while the command was suspended. 
The default behavior is now to not consider the time the command
was suspended as part of the normal inter-event delay.
 2018-10-05 14:48:35 -06:00
Todd C. Miller
cf07dc0757 Add a suspend event type to the I/O log to log suspend/resume of 
the command so we can skip that delay during replay.
 2018-10-05 14:16:08 -06:00
Todd C. Miller
c0e8bde104 Add support for OpenLDAP's TLS_REQCERT setting in ldap.conf. 2018-09-27 09:58:10 -06:00
Todd C. Miller
2121693879 Move definition of TIME_T_MAX to sudo_util.h 2018-09-24 14:21:58 -06:00
Todd C. Miller
d537daf787 Treat LOGIN, LOGNAME and USER specially. If one is preserved 
or deleted we want to preserve or delete all of them.
 2018-09-24 05:30:28 -06:00
Todd C. Miller
5f61f2c0f4 Remove special handling of the USERNAME environment variable. It 
used to be set on old versions of Fedora but that hasn't been the
case for some time.  It's worth noting that ssh doesn't set USERNAME
either.
 2018-09-24 05:30:03 -06:00
Todd C. Miller
72ce2c807b In print_member_json_int() eliminate the need_newline variable 
and just move the non-alias expansion printing bits into the
else clause, including the newline and comma printing.
 2018-09-20 15:15:14 -06:00
Todd C. Miller
8bf279b11e Add regress test for bug #853 2018-09-20 15:10:15 -06:00
Todd C. Miller
8aad365082 When expanding an alias in print_member_json_int() avoid printing 
an extra comma at the end of the entry.  Bug #853.
 2018-09-20 14:56:25 -06:00
Todd C. Miller
1a9b932ffd regen 2018-09-02 06:29:32 -06:00
Todd C. Miller
27e549a3ef Allow for some clock drift due to ntpd, etc. 2018-08-31 09:22:59 -06:00
Todd C. Miller
470a7830dc If sudo_lock_file() fails for a reason other than the file already 
being locked, give the user a chance to edit anyway.
 2018-08-31 08:08:45 -06:00
Todd C. Miller
0715b55474 Quick sort is not a stable sort; use distinct sudoOrder values so 
the output is predictable.
 2018-08-30 14:43:24 -06:00
Todd C. Miller
a924b4610b Fix warnings on OpenIndiana (Illumos) 2018-08-30 14:06:18 -06:00
Todd C. Miller
765d99e1f9 Correct ldap_to_sudoers() return value. 2018-08-30 13:47:02 -06:00
Todd C. Miller
ae04b40c05 The sssd backend used to take the first match, assuming that entries 
were sorted in descending order by sudoOrder.  That allowed it to
avoid iterating over the entire list of rules.  Now that we convert
to a sudoers parse tree, we need to convert rules in ascending
order, not descending.  The simplest way to accomplish this is to
simply iterate over the rules from last to first, reversing the
sort order.  Bug #849
 2018-08-30 08:36:09 -06:00
Todd C. Miller
2221fbe2f1 Add some more ldif -> sudoers tests to verify sudoOrder. 2018-08-30 07:49:59 -06:00
Todd C. Miller
ea38e9d909 For conversion to a sudoers parse tree, ldap_entry_compare() now 
needs to sort in ascending order, not descending.  Bug #849
 2018-08-30 07:48:16 -06:00
Todd C. Miller
58445393a7 No need to set input_file for stdin in parse_ldif(); noted by clang analyzer. 2018-08-29 10:57:37 -06:00
Todd C. Miller
e0b413eb17 Use TIME_T_MAX when parsing the I/O log file timestamp and disallow 
negative times.
 2018-08-29 10:54:32 -06:00
Todd C. Miller
e318f27fba When parsing an I/O log timing line, store the result in a timespec, 
not a double.  The speed factor (for scaling the delay) in sudoreplay
is still a double but we only need to adjust the delay if the factor
is something other than 1.0.
 2018-08-29 09:57:12 -06:00
Todd C. Miller
f1f632665c Fix memory leak in test. 2018-08-29 07:38:27 -06:00
Todd C. Miller
2ff7870263 Update conversion of DID_* to KEPT_* to match the new values of 
DID_* and KEPT_*.
 2018-08-28 20:25:06 -06:00
Todd C. Miller
8acc29dc01 Set the LOGIN environment variable on AIX like we do LOGNAME. 2018-08-28 18:32:39 -06:00
Todd C. Miller
fdd7296122 Add a test for the 4-argument au_close() function found in Solaris 
11 instead of assuming it is present if __sun is defined.  Fixes a
compilation error on OpenIndiana and older Solaris versions.
 2018-08-27 13:50:23 -06:00
Todd C. Miller
901b2666fc Add ldif support to testsudoers 2018-08-27 05:21:04 -06:00
Todd C. Miller
4782b22a47 Move ldif -> sudoers conversion code into parse_ldif.c 2018-08-26 20:02:49 -06:00
Todd C. Miller
52d54997ee Move string list functions to their own file. 2018-08-26 19:48:14 -06:00
Todd C. Miller
04d1f56d90 Use struct timespec, not struct timeval in the event subsystem. 
Use ppoll() or pselect() if avaialble which use timespec.
 2018-08-25 21:02:05 -06:00
Todd C. Miller
5d1dddc467 Eliminate most use of parsed_sudoers in cvtsudoers 2018-08-24 10:27:00 -06:00
Todd C. Miller
b2e3adccf3 Make alias_apply() take 3 arguments, the first being a pointer to the 
struct sudoers_parse_tree.
 2018-08-24 09:52:53 -06:00
Todd C. Miller
4b3c8a73a0 Handle systems where root's gid is not 0. 2018-08-23 16:21:28 -06:00
Todd C. Miller
2960e3963d Add missing files from last commit. 2018-08-23 15:50:17 -06:00
Todd C. Miller
aaad554cda Add regress test for I/O log plugin endpoints 2018-08-23 15:35:02 -06:00
Todd C. Miller
0d36ea9325 We cannot reuse last_time for the I/O log info file now that it is 
a monotonic timer.  Just call time(3) in write_info_log() directly.
 2018-08-23 13:50:00 -06:00
Todd C. Miller
fe58062547 Cast uid/gid to unsigned int before printing. 2018-08-22 12:58:24 -06:00
Todd C. Miller
aaefdd7575 Include stddef.h for offsetof() definition. 2018-08-22 10:27:33 -06:00
Todd C. Miller
dcf168e702 fix compiler warnings on Solaris 11 2018-08-22 10:40:11 -06:00
Todd C. Miller
9e6c14b091 Fix printing of T_TIMESPEC values. 2018-08-21 17:35:44 -06:00
Todd C. Miller
31e065c6ca Remove unused struct script_buf 2018-08-21 10:30:42 -06:00
Todd C. Miller
3c562facca Fix test output for bug #845 2018-08-20 05:49:57 -06:00
Todd C. Miller
5af2682283 Fix pasto when converting sudoNotAfter; from Miguel Sanders 
Bug #845
 2018-08-20 05:48:14 -06:00
Todd C. Miller
3f1470ebed Use a monotonic timer that only runs while not suspended for the 
iolog timing values and write nsec-precision entries.
 2018-08-19 09:55:08 -06:00
Todd C. Miller
afad4eb94d Fix I/O log timing file on systems without a C99-compatible snprintf(). 
On those systems we use our own snprintf() that doesn't support
floating point.  We don't actually need floating point in this case
since the we can print seconds and microseconds without using it.
 2018-08-18 20:29:30 -06:00
Todd C. Miller
92975ee7c7 Fix get_starttime() on HP-UX. 2018-08-17 15:58:17 -06:00
Todd C. Miller
9317367e29 Add CHECK_SYMBOLS_LDFLAGS to check_symbols target. Non-ELF HP-UX 
executables don't support SHLIB_PATH or LD_LIBRARY_PATH unless ld
is passed the +s flag.  This lets the check_symbols test pass on
systems where the ldap libraries aren't installed in the standard
location.
 2018-08-16 21:07:36 -06:00
Todd C. Miller
7a929ce135 Add debugging info so we can tell why a timestamp record doesn't match. 2018-08-15 09:19:50 -06:00
Todd C. Miller
a7b42e9b20 sync with translationproject.org 2018-08-13 06:16:28 -06:00
Todd C. Miller
418bf793f7 Fix the return value of sudoers_io_change_winsize() on success. 
Otherwise, we only log a single window size change.
 2018-08-11 21:29:43 -06:00
Todd C. Miller
d026469289 sync with translationproject.org 2018-08-11 19:57:14 -06:00