isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
8,025 Commits 1 Branch 0 Tags
f1053af3b55dee37ac0cf9a07d0b71823c19894f
Commit Graph

841 Commits

Author SHA1 Message Date
Todd C. Miller
81d42ae4e6 sync with translationproject.org 2012-08-22 12:56:28 -04:00
Todd C. Miller
57f1c7fe05 Sync with translationproject.org and add Italian sudoers translation. 2012-08-17 09:56:44 -04:00
Todd C. Miller
805039bec5 Add missing check for I/O plugin API version when checking for the 
presence of I/O plugin hooks.
 2012-08-13 14:44:54 -04:00
Todd C. Miller
f32aaed29d Can't call debug code in the process_hooks_xxx functions() since 
ctime() may look up the timezone via the TZ environment variable.
 2012-08-13 14:39:40 -04:00
Todd C. Miller
e4e815dd82 Include signal.h before sudo_exec.h since it uses sigset_t * in the 
fork_pty prototype.
 2012-08-10 15:29:07 -04:00
Todd C. Miller
66ad86594e regen 2012-08-10 13:18:19 -04:00
Todd C. Miller
ef33ee45d9 Sync with translationproject.org and add new Slovenian translation. 2012-08-10 13:07:53 -04:00
Todd C. Miller
a7424cc002 If sudo.conf contains an I/O plugin but no policy plugin, use sudoers 
for the policy plugin.  If a policy plugin is specified without an
I/O plugin, only the policy plugin will be loaded.
 2012-08-09 14:11:41 -04:00
Todd C. Miller
0655deab57 Fix a comment, update a variable name in a prototype; all cosmetic. 2012-08-07 14:47:58 -04:00
Todd C. Miller
dc08cf3c99 If we receive a signal from the command we executed, do not forward 
it back to the command.  This fixes a problem with BSD-derived
versions of the reboot command which send SIGTERM to all other
processes, including the sudo process.  Sudo would then deliver
SIGTERM to reboot which would die before calling the reboot() system
call, effectively leaving the system in single user mode.
 2012-08-06 14:38:35 -04:00
Todd C. Miller
5e502bd6d6 When checking whether a signal is user-generated, compare si_code 
against SI_USER instead of <= 0 since on HP-UX, terminal-related
signals get a code of 0.
 2012-07-31 13:36:48 -04:00
Todd C. Miller
9c321baa78 SuSE Enterprise Linux uses RLIMIT_NPROC and _SC_CHILD_MAX interchangably. 
This causes problems when setting RLIMIT_NPROC to RLIM_INFINITY due
to a bug in bash where bash tries to honor the value of _SC_CHILD_MAX
but treats a value of -1 as an error, and uses a default value of
32 instead.

Previously, we just checked RLIMIT_NPROC and, if it was unlimited,
restored the previous value of RLIMIT_NPROC.  However, that makes
it impossible to set nproc to unlimited.  We now only restore the
nproc resource limit if sysconf(_SC_CHILD_MAX) is negative.  In
most cases, pam_limits will set RLIMIT_NPROC for us.
 2012-07-31 11:11:25 -04:00
Todd C. Miller
4abd2a6cf4 Merge in Solaris privilege support by Darren Moffat and John Zolnowsky 2012-07-26 13:49:21 -04:00
Todd C. Miller
f8f0021710 Add configure check for building PIE executables instead of doing 
it in mkpkg.
 2012-07-02 10:12:41 -04:00
Todd C. Miller
faf89fc792 It is safe to read in sudo.conf before calling user_info(). 2012-06-27 15:17:18 -04:00
Todd C. Miller
9497df293a Don't run regress tests or sudoers sanity check (using the newly-built 
visudo) when cross compiling.  Bug #560
 2012-06-20 13:38:17 -04:00
Todd C. Miller
b0475b59dc Remove extraneous backslash 2012-06-20 12:32:51 -04:00
Todd C. Miller
85c6078659 Simplify "sudo -s" argv rewriting. 2012-06-14 16:17:15 -04:00
Todd C. Miller
47abbb90a2 Don't use a map file for sudo_noexec.so since Solaris ld doesn't 
allow '*' in the global section.  The libtool export flag is now
added to LT_LDFLAGS instead of commenting/uncommenting lines.
 2012-06-14 11:35:02 -04:00
Todd C. Miller
6f6b0dec6c Use gcc's visibility attribute to specify when symbols are visible 
or hidden, if available.  If not available, use an ELF version
script if it is supported.  If all else fails, fall back to using
libtool's -export-symbols.
 2012-06-13 14:01:16 -04:00
Todd C. Miller
a8e0687ca9 Install shared objects with mode 0644 except on HP-UX which needs 
the executable bit set.
 2012-06-11 10:45:34 -04:00
Todd C. Miller
c131cb36f5 Make installed file modes consistent with the file modes in the 
sudo package.
 2012-06-11 10:17:19 -04:00
Todd C. Miller
61a3ed1c10 Install sudoedit and the sudoedit manual as symbolic links, not 
hard links and package them as such.
 2012-05-31 15:50:16 -04:00
Todd C. Miller
af9492d117 Provide unhooked version of getenv() and use it when looking up 
DISPLAY and SUDO_ASKPASS in the environment.
 2012-05-27 12:48:55 -04:00
Todd C. Miller
466a126c69 The pointer to the siginfo_t struct in a signal handler may be NULL. 2012-05-11 07:57:01 -04:00
Todd C. Miller
4455139d54 sync with translationproject.org 2012-05-08 10:57:07 -04:00
Todd C. Miller
64178f8b67 sync with translationproject.org 2012-05-03 15:46:39 -04:00
Todd C. Miller
4b8982ebde regen 2012-04-24 13:42:28 -04:00
Todd C. Miller
0fbd5e1bc2 Fix the setutxent and endutxent compatibility defines (this time 
correctly) when only setutent and endutent are available.
 2012-04-23 20:04:26 -04:00
Todd C. Miller
23b7a1fa5c Call the policy's init_session() function before we fork the child. 
That way, the session is created and destroyed in the same process,
which is needed by some modules, such as  pam_mount.
 2012-04-23 16:38:16 -04:00
Todd C. Miller
ce9863358a Add missing initialization of a sigaction structure when I/O logging. 
Fixes a potential problem when suspending the command.
 2012-04-23 14:56:31 -04:00
Todd C. Miller
3491dd8189 sync with translationproject.org 2012-04-23 08:12:36 -04:00
Todd C. Miller
886ee33603 Move struct passwd pointer into struct command details. 2012-04-21 13:37:46 -04:00
Todd C. Miller
f490ff2288 Do not pass libtool the -static-libtool-libs option when building 
sudo and sesh.  Otherwise, libtool may prefer a static version of
an installed library over a dynamic one when linking.
 2012-04-20 09:41:18 -04:00
Todd C. Miller
4c36371ee1 Add German translation for sudo 
Add Croatian translation for sudoers
 2012-04-19 11:54:15 -04:00
Todd C. Miller
0ed6753914 Sort xgettext output by file name. 2012-04-16 12:55:11 -04:00
Todd C. Miller
cf3fce6651 Use AC_HEADER_MAJOR to determine where major/minor are defined. 2012-04-16 10:25:49 -04:00
Todd C. Miller
dbcd7222a1 Include sys/mkdev.h if present instead of sys/sysmacros.h for 
minor().  This is needed on Solaris (at least) where the makedev
macros in sysmacros.h are obsolete and library functions should be
used instead.
 2012-04-16 10:18:32 -04:00
Todd C. Miller
21eddb5d60 Add back buf and tty variables for _ttyname() case that were 
inadvertantly removed.
 2012-04-15 13:10:26 -04:00
Todd C. Miller
8db20e6ae9 remove some XXX 2012-04-13 16:16:10 -04:00
Todd C. Miller
48d3b5aad1 When looking for a device match, do a breadth-first search instead 
of depth-first.  We already special case /dev/pts/ so chances are
good that if it is not a pseudo-tty it is in the base of /dev/.
Also avoid a stat(2) when possible if struct dirent has d_type.
 2012-04-13 16:00:32 -04:00
Todd C. Miller
5f969cc12a Pass pid, ppid, sid, pgid and tcpgid to plugin in user_info list. 2012-04-13 15:18:40 -04:00
Todd C. Miller
89b90fa4cd sync with translationproject.org 2012-04-13 14:17:26 -04:00
Todd C. Miller
8f8ede3d25 New Croatian and Galician translations from translationproject.org 2012-04-13 14:15:22 -04:00
Todd C. Miller
08ad578b7c Add depth-first traversal of /dev/ for the /proc case when not /dev/pts/N 2012-04-13 12:54:03 -04:00
Todd C. Miller
83fc02bc97 Rototill code to determine the tty. For Linux, we now look up the 
tty device in /proc/pid/stat instead of trying to open /proc/pid/fd/[0-2].
The sudo_ttyname_dev() function maps the given device number to a
string.  On BSD, we can use devname().  On Solaris, _ttyname_dev()
does what we want.
TODO: write /dev/ traversal code for the generic sudo_ttyname_dev().
 2012-04-11 14:48:08 -04:00
Todd C. Miller
271f3e2054 Define PRNODEV for those w/o it. 2012-04-10 16:12:08 -04:00
Todd C. Miller
11f13be0dd Check for SVR4-style struct psinfo.pr_ttydev and use that to determine 
the tty if std{in,out,err} are not ttys.
 2012-04-10 15:53:41 -04:00
Todd C. Miller
2e59eafba6 Better support for SVR4-style /proc entries where we can't use 
ttyname() on the /proc/pid/fd/[0-2] entries.  We can, however,
attempt to map the device number back to the correct pseudo-tty
slave device.
 2012-04-10 14:35:30 -04:00
Todd C. Miller
329e224db9 When trying to determine the tty name, check parent's stderr in 
addition to its stdin and stdout.
 2012-04-10 13:49:49 -04:00