This makes it possible to run an arbitrary script between "make
install" and the polypkg run. This will be used to copy different
word size versions of sudo_intercept.so and sudo_noexec.so.
The noexec and intercept DSO settings may now include both a 32-bit
DSO and a 64-bit DSO specified by a colon. For example:
/usr/libexec/sudo/sudo_intercept.so:/usr/libexec/sudo/sudo_intercept_64.so.
If visudo is used to create a new file, the file will only be created
if the user writes to the file via the editor. Simply running
visudo and exiting the editor will no longer cause the file to be
created. There is an exception for file created due to the addition
of a @include directive, which need to be present for the sudoers
file to parse properly. GitHub issue #294.
This prevents visudo from creating a new zero-length sudoers file
if the user exited the editor without making any changes. Files
created via a @include directive are preserved, even if empty, to
avoid a parse error. GitHub issue #294.
Previously, sudo only checked that the fd was a terminal, not that
it matched sudo's idea of the user's terminal. This matters when
input or output is redirected to a different terminal. In that
case we want to interpose the fd with a pipe even if it refers to
a terminal. Bug #1056.
This makes sudoers_lookup_pseudo(), which is used for pseudo-command
like "list" and "validate" a bit more like sudoers_lookup_check().
Time of day checks are performed, and callbacks are supported. We
cannot use the same code for regular commands and pseudo-commands
due to the "pwcheck == all" case.
Reported by the sudo-rs project.
There was a missing space between "list" and the actual command.
This also changes the output to include the command as specified
by the user, not the path found in the path. Previously, if the
command did not exist it would not be included in the message.
We now create the LogHandler class for each interpreter in
python_plugin_init() instead of just once in sudo_module_init().
This fixes the crash seen in Py_EndInterpreter() with Python 3.12
and significantly reduces the number of leaked objects tracked by
MemorySanitizer.
In sudo_module_set_default_loghandler() if we don't leak the reference
to py_loghandler we get a crash in Py_EndInterpreter() with Python
3.12. This probably indicates a reference counting bug elsewhere.
We should only match a rule with an empty runas user if a group was
specified on the command line (sudo -g) without a user (no -u option)
or the user specified their own name on the command line.
GitHub issue #290
This fixes a problem with "stair-stepped" output when the sudo-run
command's output is piped to another program and the command reads
input from the terminal.
Add cmnd_foreground flag that is only true if sudo is the foreground
process and the CD_EXEC_BG flag is not set and pass it to exec_monitor().
This means exec_monitor() no longer needs to check for CD_EXEC_BG.
This is more portable and eliminates the need to check for SYMLOOP_MAX
(and provide it if missing) in configure. Also quiet some -Wconversion
warnings.
