isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5,368 Commits 1 Branch 0 Tags
ef5f73a49fb2a88b28208a818713c00a7f4dec7b
Commit Graph

338 Commits

Author SHA1 Message Date
Todd C. Miller
ef5f73a49f Enlarge the array of entry wrappers int blocks of 100 entries to 
save on allocation time.  From Andreas Mueller
 2010-11-17 18:56:52 -05:00
Todd C. Miller
f9353d95ca Add back call to sudo_ldap_timefilter() in sudo_ldap_build_pass2() 
that was mistakenly dropped.
 2010-11-17 07:31:07 -05:00
Todd C. Miller
8940f361ea Merge in ordered LDAP entry support from Andreas Mueller 
and add local changes from the 1.7 branch.
 2010-11-14 13:22:38 -05:00
Todd C. Miller
2b0fca31c0 Add timed entry support from Andreas Mueller. 2010-11-12 15:26:35 -05:00
Todd C. Miller
82453cfdec Don't try to unload if group_plugin is NULL. 
Don't call dlclose() if group_handle is NULL
 2010-11-12 13:14:35 -05:00
Todd C. Miller
26d71ded7b It is now plugin_cleanup(), not cleanup() 2010-11-12 13:03:28 -05:00
Todd C. Miller
5536ea49f6 Call plugin_cleanup(), not cleanup() 2010-11-12 13:02:15 -05:00
Todd C. Miller
8597c39194 Use efree() not free() and remove malloc.h include since we never 
directly call malloc() or free().
 2010-11-11 16:10:57 -05:00
Todd C. Miller
47323843a5 Give up on using VPATH to find sources as it is implemented inconsistenly 
in different versions of make.
 2010-11-09 10:27:02 -05:00
Todd C. Miller
39d1167f33 Include config.h before any other includes to make sure we get the 
right value for _FILE_OFFSET_BITS.
 2010-11-09 08:55:55 -05:00
Todd C. Miller
452d8765b2 Zero out group_plugin on unload just to be safe. 2010-11-08 17:48:05 -05:00
Todd C. Miller
da35e5f42f Unload group plugin if its init function fails. 2010-11-08 17:44:32 -05:00
Todd C. Miller
93d2420de9 Fix complilation on systems with set_auth_parameters() 
Sprinkle volatile to quiet warnings from gcc 2.8.0
 2010-10-12 10:47:16 -04:00
Todd C. Miller
c615ca742a Use INADDR_NONE instead of casting -1 to in_addr_t (which may not exist). 2010-10-12 10:31:21 -04:00
Todd C. Miller
1e01f2b7ac Quiet an HP-UX compiler warning. 2010-10-12 09:23:52 -04:00
Todd C. Miller
86a4a5232f Use HAVE_DLOPEN instead of HAVE_DLFCN_H when determining whether to 
include the local or system dlfcn.h
 2010-10-11 17:39:51 -04:00
Todd C. Miller
06b0aa1185 Fix pasto; AF_INET not AF_INET6 2010-10-11 15:43:59 -04:00
Todd C. Miller
6a52054147 If pam_acct_mgmt() returns PAM_AUTH_ERR print a (hopefully) more useful 
message and return AUTH_FATAL so sudo does not keep trying to validate
the user.
 2010-10-11 09:12:23 -04:00
Todd C. Miller
751f597b2b Make this compile correctly when no dlopen is available. 2010-10-11 09:10:10 -04:00
Todd C. Miller
66ea399856 Having a timestamp file defined is no longer indicative of tty tickets 
being enabled.  Check def_tty_tickets directly.
 2010-10-07 14:12:17 -04:00
Todd C. Miller
6b4fe798d5 Move set_project() from sudoers module into sudo proper. 2010-10-01 13:52:42 -04:00
Todd C. Miller
a627c60deb When iterating over returned LDAP entries, keep looking at remaining 
matches even if we have a positive match.  This catches negative
matches that may exist in other entries and more closely match the
sudoers file behavior.
 2010-10-01 12:17:01 -04:00
Todd C. Miller
614e2a642c Preserve ODMDIR environment variable by default on AIX. 2010-09-27 14:08:54 -04:00
Todd C. Miller
f538ed4e35 Add dlopen() emulation for systems without it. 
For HP-UX 10, emulate using shl_load().
For others, link sudoers plugin statically and use a lookup
table to emulate dlsym().
 2010-09-26 17:41:35 -04:00
Todd C. Miller
590eed3bd7 Ignore ECONNREFUSED from audit_log_user_command() which will 
occur if auditd is not running.
 2010-09-21 07:56:16 -04:00
Todd C. Miller
48d7c78330 Cast isblank argument to unsigned char. 2010-09-16 10:39:08 -04:00
Todd C. Miller
b51afe6249 Implement --with-umask-override configure flag. 2010-09-14 17:18:55 -04:00
Todd C. Miller
ed45e68da9 Take MODE_LOGIN_SHELL into account when initially setting reset_home 
instead of special-casing it later.
 2010-09-14 11:44:33 -04:00
Todd C. Miller
53f9cfe062 In login mode, make a copy of the runas user's pw_shell for NewArgv[0] 
because 1) we modify it and 2) it will runas_pw gets freed before exec.
 2010-09-14 11:30:28 -04:00
Todd C. Miller
ce942f18c0 Reset HOME for "sudo -i" even if HOME was listed in env_keep. 2010-09-14 11:28:40 -04:00
Todd C. Miller
77eb8cfe5b Use __sun for consistency with the rest of the sources. 2010-09-13 11:49:10 -04:00
Todd C. Miller
4101f2eef0 Quiet a bogus compiler warning. 2010-09-13 11:37:29 -04:00
Todd C. Miller
933c71e9c3 Don't try to delref a NULL group. 2010-09-13 11:08:04 -04:00
Todd C. Miller
4ce8b35cd3 testsudoers depends on libsudoers.la, not sudoreplay 2010-09-11 09:00:06 -04:00
Todd C. Miller
f601085de4 Make "visudo -c -f -" check the standard input. 2010-09-09 17:10:23 -04:00
Todd C. Miller
1b9ca115b7 Make -H flag work when HOME is listed in env_keep. Also makes 
"set_home" and "always_set_home" override override HOME in env_keep.
 2010-09-09 16:16:39 -04:00
Todd C. Miller
e069b74dc8 Convert sudoers plugin to use interface list passed in settings. 2010-09-08 15:07:40 -04:00
Todd C. Miller
d9a3526320 Solaris BSM audit return EINVAL when auditing is not enabled, whereas 
OpenBSM returns ENOSYS.
 2010-09-08 09:47:00 -04:00
Todd C. Miller
d739608a80 missing.h should come before most local includes 2010-09-07 18:28:55 -04:00
Todd C. Miller
0c38f1460d Make local includes consistent; use double quotes for local includes 
except for generated ones where we use angle brackets.
 2010-09-07 18:28:22 -04:00
Todd C. Miller
1d37ab560a Always fill in NewArgv for audit code. 2010-09-07 17:59:10 -04:00
Todd C. Miller
5403757edf Add missing LOG_INPUT/LOG_OUTPUT support in the lexer. 2010-09-07 17:16:05 -04:00
Todd C. Miller
10c3bb62c4 Make local includes consistent; use double quotes for local includes 
except for generated ones where we use angle brackets.
Also g/c unused compat.h.
 2010-09-07 16:45:19 -04:00
Todd C. Miller
8ec596c7d9 When matching the runas user and runas group (-u and -g command 
line options), keep track of runas group and runas user matches
separately.  Only return a positive match if we have a match for
both runas user and runas group (if specified).
 2010-09-06 07:56:15 -04:00
Todd C. Miller
df8ec6fc25 Add support for multiple URI lines by joining the contents and passing 
the result to ldap_initialize.
 2010-09-04 20:43:51 -04:00
Todd C. Miller
27f6558df9 Do not return -1 on error from the display functions; the caller 
expects a return value >= 0.
 2010-09-04 08:42:08 -04:00
Todd C. Miller
e7d56e16e2 Do not set both MODE_EDIT and MODE_RUN 2010-09-04 08:41:42 -04:00
Todd C. Miller
c31210d663 Add missing definition of timedir 2010-08-30 09:47:52 -04:00
Todd C. Miller
399381de99 Add #include of sys/types.h for .c files that include missing.h to 
be sure that size_t and ssize_t are defined.
 2010-08-30 09:14:41 -04:00
Todd C. Miller
7213f72054 Install sudoers file from the build dir not hte src dir. 2010-08-30 09:06:25 -04:00