isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,803 Commits 1 Branch 0 Tags
fa2f5f53d78f70f1f9f1e99ca809cfc6d8ce97cc
Commit Graph

4803 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
fa2f5f53d7 Fix typo 2010-04-12 11:29:40 -04:00
Todd C. Miller
7ce802792e NULL-terminate env_add 2010-04-12 07:56:32 -04:00
Todd C. Miller
0494774f30 Call the I/O log open function before the I/O version function. 2010-04-11 17:13:11 -04:00
Todd C. Miller
7c344181da Remove io_conv and just use sudo_conv 2010-04-11 17:12:12 -04:00
Todd C. Miller
0d2524e68e Fix set/restore perms for systems w/o setresuid 2010-04-11 16:38:42 -04:00
Todd C. Miller
744eae82e7 Primitive set/restore permissions. Will be replaced by a push/pop 
model.
 2010-04-10 10:34:37 -04:00
Todd C. Miller
711b8d1c04 Only need to take action on SIGCHLD in parent if no I/O logger. 
If there is an I/O logger we will receive ECONNRESET or EPIPE when
we try to read from the socketpair.
 2010-04-10 10:31:47 -04:00
Todd C. Miller
32672c1f1a Merge fb4d571495fa from the 1.7 branch to trunk. 2010-04-09 06:18:43 -04:00
Todd C. Miller
96fdf201f0 Qualify the command even if it is in the current working directory, 
e.g. "./foo" instead of just returning "foo".  This removes an ambiguity
between real commands and possible pseudo-commands in command matching.

--HG--
branch : 1.7
 2010-04-09 06:10:07 -04:00
Todd C. Miller
93126eb5ab Don't set SA_RESTART when registering SIGALRM handler. 
Do set SA_RESTART when registering SIGWINCH handler.
 2010-04-08 20:17:26 -04:00
Todd C. Miller
7ebcbf1027 Add dev targets for *.man.in and *.cat that don't specfify the $(srcdir) 
prefix.
 2010-04-08 20:08:30 -04:00
Todd C. Miller
b457f13718 If log_input or log_output returns false, terminate the command. 2010-04-08 09:40:27 -04:00
Todd C. Miller
5b3d150932 Better signal handling. 
Instead of using a single variable to store the received signal, use
an array so we can't lose a signal when multiple are sent.
Fix process termination by SIGALRM in non-I/O logger mode.
Fix relaying terminal signals to the child in non-I/O logger mode.
 2010-04-08 07:40:04 -04:00
Todd C. Miller
a3f4278388 Fix a race between when we get the child pid in the parent and when 
the child process exits.  The problem exhibited as a hang after a
short-lived process, e.g. "sudo id" when no IO logger was enabled.
 2010-04-08 06:12:47 -04:00
Todd C. Miller
29f22dba2d Add a note about the security implications of the fast_glob option. 2010-04-07 10:09:31 -04:00
Todd C. Miller
99f3be056a Add a note about the security implications of the fast_glob option. 
--HG--
branch : 1.7
 2010-04-07 09:34:41 -04:00
Todd C. Miller
348fb62191 Remove duplicate includes 
--HG--
branch : 1.7
 2010-04-07 06:39:35 -04:00
Todd C. Miller
6a5ea5be01 Fix up some AC_DEFINE descriptions and regen config.h.in 2010-04-06 04:53:42 -04:00
Todd C. Miller
5770391ec4 No longer check for strdup or strndup for LIBOBJ replacement. 2010-04-05 19:47:49 -04:00
Todd C. Miller
2634cf08cc Avoid installing signal handlers that are io-logger specific. Fixes 
job control when no io logger is enabled.
 2010-04-05 16:27:30 -04:00
Todd C. Miller
81819d0c09 Only regen man pages from pod when configured with --with-devel 2010-04-05 12:24:12 -04:00
Todd C. Miller
717da12e96 Top-level Makefile.in. Nothing is currently substituted but this 
is needed for separate build dirs.
 2010-04-04 20:05:02 -04:00
Todd C. Miller
43b6359df3 Fix out-of-tree builds 2010-04-04 14:01:21 -04:00
Todd C. Miller
fb55653a4c Merge 2010-04-04 12:47:57 -04:00
Todd C. Miller
d710ea091c We always install sudoreplay in 1.8 2010-04-04 12:31:57 -04:00
Todd C. Miller
3242c1091d Free str after using it in the version method. Use sudo_conv, not 
io_conv since we don't have the IO conversation function pointer
in the I/O version method anymore now that io_open is delayed.
 2010-04-04 08:40:23 -04:00
Todd C. Miller
0716ab38af SIGPOLL is sometimes the same as SIGIO (like on HP-UX) 2010-04-03 09:44:32 -04:00
Todd C. Miller
c2eeceaa1f No need to provide strdup() or strndup(), sudo uses estrdup() and estrndup() 2010-04-02 14:46:00 -04:00
Todd C. Miller
8ca9287405 Add license to mksiglist.c and note that the bits from pdksh are public domain 2010-04-02 11:18:57 -04:00
Todd C. Miller
7539f636b6 Fix LIBOBJDIR vs. srcdir wrt the siglist bits 2010-04-02 09:49:21 -04:00
Todd C. Miller
ee52f3c390 Add sudoreplay testsudoers and visudo to clean target 2010-04-02 07:49:29 -04:00
Todd C. Miller
8c91f0a30c Create our own sys_siglist for systems without it for use by strsignal() 2010-04-02 07:47:19 -04:00
Todd C. Miller
d83ebba560 Remove duplicate $(LIBOBJDIR) 2010-04-02 07:15:02 -04:00
Todd C. Miller
44341c9c15 Main sudo should not block signals; the plugin should do this in 
check_policy.
 2010-04-01 06:35:19 -04:00
Todd C. Miller
ca2eee07b5 Fix a sizeof(ptr) vs. sizeof(*ptr) 2010-03-31 20:30:34 -04:00
Todd C. Miller
c3e87c2db3 Unlike most operating systems, HP-UX select() is not interrupted 
by SIGCHLD when the signal is registered with SA_RESTART.  If
we clear SA_RESTART when calling sigaction() for SIGCHLD we get
the expected behavior and the code in the select() loops already
handles EINTR correctly.
 2010-03-31 12:43:26 -04:00
Todd C. Miller
8cde6d699e progname should be const 2010-03-31 10:36:39 -04:00
Todd C. Miller
3a98967119 Move --tag=disable-static to when we link sudoers.la, not when 
we install.
 2010-03-31 05:44:17 -04:00
Todd C. Miller
6c71d6afa4 Load the sudoers I/O plugin by default too now that it is hooked up. 2010-03-31 05:42:58 -04:00
Todd C. Miller
5d6f19671c It looks like AIX doesn't need to push STREAMS modules for ptys. 2010-03-30 12:06:27 -04:00
Todd C. Miller
e17f1e5cbd Delay calling the I/O plugin open function until the policy plugin 
returns success.
 2010-03-28 08:41:06 -04:00
Todd C. Miller
05e8023e78 Add back io logging (transcript) support. Currently, the open function 
runs too early and it is not possible to use the io module independently
of the policy module.
 2010-03-27 20:19:40 -04:00
Todd C. Miller
681c6faf3e Comment out dead code; will be removed when set_perms is rewritten. 2010-03-27 09:12:48 -04:00
Todd C. Miller
eae881b5aa Fix off by one error when allocating user_groups. 2010-03-23 05:21:38 -04:00
Todd C. Miller
0ea0d60cbd Add REPLAY_LIBS for sudoreplay and add -lrt to it on Solaris. 2010-03-22 19:55:49 -04:00
Todd C. Miller
e12858ee90 Fix typo in preserve groups case 2010-03-22 19:39:02 -04:00
Todd C. Miller
fc63d106f8 In command_info it is "runas_groups" not "groups". 2010-03-22 19:27:02 -04:00
Todd C. Miller
43ea59f64f Fix iteration over runas_groups list. 2010-03-22 18:08:17 -04:00
Todd C. Miller
8df6ba9fee Merge 5177a284b9ff 549f8f7c2463 88f3181692fe from 1.7 branch. 2010-03-22 10:19:07 -04:00
Todd C. Miller
617fb0e31a getgrouplist(3) for those without it 2010-03-22 09:54:10 -04:00