isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,149 Commits 1 Branch 0 Tags
f587fa1535d99d95d6b4e909d263e52e59133b32
Commit Graph

734 Commits

Author SHA1 Message Date
Todd C. Miller
b330cbbed8 We should always call warning() with a format string or a string literal. 
In this case, the argument (path) is not user-controlled.
 2012-03-15 08:47:23 -04:00
Todd C. Miller
c3ea638b34 regen 2012-03-14 14:20:55 -04:00
Todd C. Miller
d539c606e0 Fix bogus int -> bool conversion; tags can have a value of -1. 2012-03-12 19:34:19 -04:00
Todd C. Miller
19fc56462d Add env_should_keep() and env_should_delete() wrapper functions to 
simplify things a bit and hide the fact that matches_env_check()
is not bool.
 2012-03-12 16:45:22 -04:00
Todd C. Miller
749784ea5b matches_env_check() returns int, not boolean 2012-03-12 13:53:54 -04:00
Todd C. Miller
1e8f5d4aa4 Use normal error path if unable to set sudoers gid. 2012-03-10 16:38:14 -05:00
Todd C. Miller
7971a5e499 Make this work again on systems w/o seteuid(). 2012-03-10 15:29:46 -05:00
Todd C. Miller
9c2dd5eec6 Fix compilation if no seteuid/setreuid/setresuid available. 2012-03-09 17:28:59 -05:00
Todd C. Miller
b49bb17c3e Better error messages, and added debugging throughout. 
Fixed seteuid() version of set_perms()/restore_perms().
Fixed logic bug in AIX version of restore_perms().
Added checks to avoid changing uid/gid when we don't have to.
Never set gid/uid state to -1, use the old value instead.
 2012-03-09 17:07:41 -05:00
Todd C. Miller
08c6c776c9 Don't read /etc/environment on Linux when using PAM, PAM should set 
the environment variables as needed via pam_env.
 2012-03-08 14:51:03 -05:00
Todd C. Miller
d4a3a5d8b9 Move LOGIN_PATH and LOGIN_SETENV handling to plugin now that we 
hook setenv.
 2012-03-07 16:38:57 -05:00
Todd C. Miller
37770ecf1e Initial cut at a hooks implementation. The plugin can register 
hooks for getenv, putenv, setenv and unsetenv.  This makes it
possible for the plugin to trap changes to the environment made by
authentication methods such as PAM or BSD auth so that such changes
are reflected in the environment passed back to sudo for execve().
 2012-03-07 16:35:42 -05:00
Todd C. Miller
a16dee915b Add support for plugin args at the end of a Plugin line in sudo.conf. 
Bump the minor number accordingly and update the documentation.  A
plugin must check the sudo front end's version before using the
plugin_args parameter since it is only supported for API version
1.2 and higher.
 2012-03-02 11:04:09 -05:00
Todd C. Miller
c623857fc9 update depends 2012-03-01 13:19:30 -05:00
Todd C. Miller
8d05f0d1b0 Add type param to sudo_secure_path() and add sudo_secure_file() 
and sudo_secure_dir() wrappers which get by #includedir in sudoers.
 2012-02-29 15:50:48 -05:00
Todd C. Miller
35280a8437 Check the owner and mode in -c (check) mode unless the -f option 
is specified.  Previously, the owner and mode were checked on the
main sudoers file when the -s (strict) option was given, but this
was not documented.
 2012-02-28 14:16:39 -05:00
Todd C. Miller
5c970b2179 New Lithuanian sudoers translation from translationproject.org 2012-02-25 13:42:26 -05:00
Todd C. Miller
5802083375 Update from translationproject.org 2012-02-25 13:40:32 -05:00
Todd C. Miller
4f9da8fdaa When adding gids to the LDAP filter, only add the primary gid once. 
This is consistent with the space computation/allocation.
From Eric Lakin
 2012-02-24 15:17:48 -05:00
Todd C. Miller
415454ff59 Relax the user/group/mode checks on sudoers files. As long as the 
file is owned by the right user, not world-writable and not writable
by a group other than the one specified at configure time (gid 0
by default), the file is considered OK.  Note that visudo will still
set the mode to the value specified at configure time.
 2012-02-22 13:04:03 -05:00
Todd C. Miller
98486afbdf Add AIX-specific version of permission setting code to make sure 
that the saved uid gets restored properly.
 2012-02-21 16:07:28 -05:00
Todd C. Miller
6fb0090db9 Fix the description of noexec. 2012-02-21 05:15:48 -05:00
Todd C. Miller
f6fdc909b4 The "op" parameter to set_default() must be int, not bool since it is 
set to '+' or '-' for list add and subtract.
 2012-02-21 05:13:13 -05:00
Todd C. Miller
d439d8b489 Sync with translationproject.org 2012-02-10 14:30:01 -05:00
Todd C. Miller
dfbd6e429b Got back to using "install-sh -M" for files installed as non-readable 
by owner.  This fixes "make install" as non-root for package building.
 2012-02-10 11:31:54 -05:00
Todd C. Miller
5c941edc97 Sync with translationproject.org 2012-02-09 11:17:35 -05:00
Todd C. Miller
cb66fc6f10 Use -m not -M for install-sh for everything except setuid. 
Install locale .mo files mode 0444, not 0644.
If timedir parent doesn't exist, use default dir mode, not 0700.
 2012-02-09 11:11:58 -05:00
Todd C. Miller
e066ff5caf More complete fix for LDR_PRELOAD on AIX. The addition of 
set_perm(PERM_ROOT) before calling the nss open functions (needed
to avoid a GNU TLS bug) also broke LDR_PRELOAD.  Setting the effective
and then real uid to 0 for PERM_ROOT works around the issue.
 2012-02-06 15:46:17 -05:00
Todd C. Miller
8dd16b63d2 regen 2012-02-06 13:40:24 -05:00
Todd C. Miller
656807823d For PERM_ROOT when using setreuid(), only set the euid to 0 prior 
to the call to setuid(0) if the current euid is non-zero.  This
effectively restores the state of things prior to rev 7bfeb629fccb.
Fixes a problem on AIX where LDR_PRELOAD was not being honored for
the command being executed.
 2012-02-06 13:29:19 -05:00
Todd C. Miller
3da971ba33 Better debug subsystem usage 2012-02-02 11:28:33 -05:00
Todd C. Miller
491b4495f5 Fix the sudoers permission check when the expected sudoers mode is 
owner-writable.
 2012-01-31 16:24:57 -05:00
Todd C. Miller
f3f986c75d regen 2012-01-29 14:48:20 -05:00
Todd C. Miller
a5dfea7cd4 For "sudo -g" prepend the specified group ID to the beginning of 
the groups list.  This matches BSD convention where the effective
gid is the first entry in the group list.  This is required on newer
FreeBSD where the effective gid is not tracked separately and thus
setgroups() changes the egid if this convention is not followed.
Fixes bug #532
 2012-01-19 11:03:22 -05:00
Todd C. Miller
0df60d8ec0 Update po files from translationproject.org 2012-01-14 07:19:43 -05:00
Todd C. Miller
ee0fb36d8b regen dependencies 2012-01-13 06:02:17 -05:00
Todd C. Miller
315b998a6d For "visudo -c" also list include files that were checked when 
everything is OK.
 2012-01-11 16:25:39 -05:00
Todd C. Miller
8fd2b8b934 Update Esperanto, Finnish, Polish and Ukrainian translations from 
translationproject.org.
 2012-01-11 07:09:25 -05:00
Todd C. Miller
c30872260f Include locale.h 2012-01-09 15:34:05 -05:00
Todd C. Miller
d5571aa1e0 Need to include gettext.h and sudo_debug.h; from John Hein 2012-01-09 12:36:43 -05:00
Todd C. Miller
373043b4db Initialize the debug framework from the I/O plugin too. 2012-01-09 11:00:59 -05:00
Todd C. Miller
5dd3f0ec56 Enable debugging via sudo.conf. 2012-01-08 12:11:14 -05:00
Todd C. Miller
efbf020d42 Use SUDO_DEBUG_ALIAS for alias checking functions. 2012-01-07 12:24:43 -05:00
Todd C. Miller
0771c981de Update copyright year. 2012-01-06 14:23:55 -05:00
Todd C. Miller
6021ad08cc regen pot files 2012-01-06 13:49:16 -05:00
Todd C. Miller
ae43a19ad6 Enable debugging via sudo.conf. 2012-01-06 13:13:04 -05:00
Todd C. Miller
38526ca149 Enable debugging via sudo.conf. 2012-01-06 10:58:13 -05:00
Todd C. Miller
baa9273dd5 Allow "visudo -c" to work when we only have read-only access to the 
sudoers include files.
 2012-01-06 10:54:30 -05:00
Todd C. Miller
c4ba511613 Do not include GLOB_MARK in the flags we pass to glob(3). Fixes a 
bug where a pattern like "/usr/*" include /usr/bin/ in the results,
which would be incorrectly be interpreted as if the sudoers file
had specified a directory.  From Vitezslav Cizek.
 2012-01-05 15:54:00 -05:00
Todd C. Miller
241b1db873 Add --enable-kerb5-instance configure option to allow people using 
Kerberos V authentication to use a custom instance.  Adapted from
a diff by Michael E Burr.
 2012-01-05 15:39:05 -05:00