Commit Graph - sudo - Subgraph Gitea

isa/sudo

Fork 0

f7f0457b92 Initial realm_auth_sudo plugin commit main isa 2025-02-11 23:06:36 -05:00
27963e39f3 Pass "make spell" with updated codespell. Todd C. Miller 2024-04-29 09:19:52 -06:00
195b7c2bc6 mon_handle_revoke: only send SIGHUP to the foreground process group. Todd C. Miller 2024-04-29 09:11:14 -06:00
a2d01a957d Avoid using ioctl(TIOCNOTTY) in the monitor. Todd C. Miller 2024-04-28 10:28:32 -06:00
e770c857f4 Fix copy and paste error in the fix for GitHub issue #369 Fixes GitHub issue #371 Todd C. Miller 2024-04-28 08:13:52 -06:00
41978a56e0 If user's tty goes away, tell monitor to revoke the tty in its session. Todd C. Miller 2024-04-27 18:53:50 -06:00
37f8a84531 Commands with multiple digests of the same type are stored in an array. Todd C. Miller 2024-04-26 07:37:26 -06:00
c429220693 Store mulitple command digests of the same type as an array. Todd C. Miller 2024-04-25 09:27:04 -06:00
78699a8f7a Call gettext() on insults when displayed, not when declared. Todd C. Miller 2024-04-22 08:15:39 -06:00
8666c66ff1 Make insults translatable alberic89 2024-04-01 18:30:34 +02:00
26ce75110f When converting CWD and CHROOT tags, store them as objects. Fixes GitHub issue #369 Todd C. Miller 2024-04-19 08:18:59 -06:00
ecdf0c80f3 Add pam_silent sudoers option. Inspired by PR #368 GitHub issue #216 Todd C. Miller 2024-04-17 19:30:11 -06:00
f0823c70c6 Remove offensive insults that were disabled by default anyway. Bug #1058 Todd C. Miller 2024-03-18 09:14:15 -06:00
b6175b78ad Remove EVLOG_JSON, callers must use EVLOG_JSON_COMPACT or EVLOG_JSON_PRETTY Todd C. Miller 2024-03-09 11:42:07 -07:00
46e31a74d7 Add "json_pretty" log format, currently the same as "json". Todd C. Miller 2024-03-09 10:59:54 -07:00
1debad3bec Add json_compact log type for compact/minified JSON. Todd C. Miller 2024-03-08 16:31:39 -07:00
b3ade1c5f9 Fix typo Todd C. Miller 2024-03-08 13:58:36 -07:00
602a58e86a Set SUDO_HOME to the invoking user's home directory. GitHub issue #358 Todd C. Miller 2024-03-08 09:15:36 -07:00
836d2b556b sudo-logsrvd.pp: Remove syslog.target (non-existent upstream since 11~ years ago) Martin 2024-03-02 13:15:17 +01:00
72cee2fa25 Explicitly link check_symbols with zlib. Todd C. Miller 2024-02-29 12:41:36 -07:00
f66ebfa0f3 m4/openssl.m4: fix cross-compilation with wolfssl Fabrice Fontaine 2024-02-22 18:41:46 +01:00
81acb2bd7b Regenerate dependencies Todd C. Miller 2024-02-21 13:17:54 -07:00
3944ab1fbe Use $(CPP) instead if $(CC) -E when buiding .i files from .c. Todd C. Miller 2024-02-21 12:31:50 -07:00
2a61e4b07d Add missing subdirs to depend target. Todd C. Miller 2024-02-21 13:01:15 -07:00
9b073f3124 Using $< in a non-suffix rule context is a GNU make extension. Todd C. Miller 2024-02-21 13:01:14 -07:00
6ec958f27e lib/utils: detect failure to generate signals list and names Yann E. MORIN 2024-02-17 18:34:04 +01:00
f3ebf31aa9 Regen with autoconf 2.72 Todd C. Miller 2024-02-18 07:10:08 -07:00
bafdcc3d40 Check if ac_cv_sys_file_offset_bits is "64", not "yes" Todd C. Miller 2024-02-18 07:09:10 -07:00
5bbfaa8e68 src/exec_ptrace: fix build without precess_vm_readv() Yann E. MORIN 2024-02-17 17:52:45 +01:00
f69031da24 Quest no longer sponsors sudo development. Todd C. Miller 2024-01-31 10:05:50 -07:00
0a39814e4b Correct a misleading debug message. Todd C. Miller 2024-01-23 10:57:00 -07:00
eb4506f434 Update embedded copy of zlib to version 1.3.1. Todd C. Miller 2024-01-23 09:16:22 -07:00
3899f2ef90 Update copyright data in the package files. Todd C. Miller 2024-01-18 07:00:38 -07:00
725d3fdc20 Prefer putchar over fputc where possible Rose 2024-01-12 13:10:17 -05:00
7fc7d69532 Add restrict qualifiers to strlcpy_no_slash Rose 2024-01-13 16:36:27 -05:00
67e328d6f8 Only log "a password is required" for "sudo -n" if a command is specified. This means that it is not logged for "sudo -nv" and "sudo -nl". We only log this message when sudo's -n flag is specified (and not when the user presses ^C at the password prompt) so that there is a record of failed non-interactive commands. Todd C. Miller 2024-01-10 13:54:41 -07:00
b39dc7c5f1 Document side-effects of enabling the use_pty option. Todd C. Miller 2024-01-08 14:28:58 -07:00
ff3dbe60b1 Update "!use_pty" example to only disable it for non-root users. Todd C. Miller 2024-01-08 14:16:29 -07:00
00452471b1 Add check for sysconf(_SC_PAGESIZE) failure. Todd C. Miller 2024-01-01 11:03:01 -07:00
f52fa574c7 sudo_edit_mktemp: remove useless cast Todd C. Miller 2024-01-01 11:05:23 -07:00
22b01501eb Welcome to 2024 Todd C. Miller 2023-12-31 07:58:23 -07:00
c15e0aeea8 Bump zlib copyright date for version 1.3 Todd C. Miller 2023-12-31 07:58:04 -07:00
69a024304f Restore the ability to override default configure settings. Todd C. Miller 2023-12-30 11:21:08 -07:00
00b2bd3589 Sudo 1.9.15p5 Todd C. Miller 2023-12-29 14:43:39 -07:00
b5a3513fb9 Handle Debian GNU Hurd Todd C. Miller 2023-12-28 18:45:30 -07:00
e4057faca2 Properly handle sysconf(_SC_LOGIN_NAME_MAX) returning -1 on failure. Todd C. Miller 2023-12-28 09:00:49 -07:00
ad4dc22d5a Automatically migrate lecture file path from name-based to uid-based. Todd C. Miller 2023-12-22 09:39:24 -07:00
63f2c54b86 Add missing checks for strdup() failure. Todd C. Miller 2023-12-21 16:55:08 -07:00
5fbf7a3625 Disable netgroup_query when netgroup_base is not set. Todd C. Miller 2023-12-19 20:16:35 -07:00
6d4ffe6743 In the NOEXEC example make it clear that "shanty" is a host. Bug #1064 Todd C. Miller 2023-12-19 09:55:09 -07:00
10fd66ac99 closefrom_nodebug: skip fds < 0 Todd C. Miller 2023-12-18 13:32:53 -07:00
7019148160 Fix printing of warning when a Defaults setting is missing a value. Todd C. Miller 2023-12-16 08:08:44 -07:00
f67a7e623e Sprinkle some more const in defaults.c. Todd C. Miller 2023-12-15 15:05:02 -07:00
2df637b262 Fix evaluation of a tuple used in "true" boolean context. Todd C. Miller 2023-12-15 14:57:59 -07:00
680352b917 Sudo 1.9.15p4 Todd C. Miller 2023-12-15 10:57:24 -07:00
fbc4c50d4d sudoers_lookup_pseudo: init match to UNSPEC for sudo_nss_can_continue(). Todd C. Miller 2023-12-15 10:45:22 -07:00
c9198ef4df Sudo 1.9.15p3 Todd C. Miller 2023-12-13 12:15:12 -07:00
de242c5738 Pass back Solaris privs as "runas_privs" and "runas_limitprivs". Todd C. Miller 2023-12-11 13:31:56 -07:00
1e03cbd0b4 sudo_term_is_raw: only try to lock the fd if it is a tty Todd C. Miller 2023-12-09 12:54:56 -07:00
d17e28ad61 setup_terminal: fix an editing error introduced in 1.9.15. Todd C. Miller 2023-12-07 07:27:06 -07:00
0c2de39da3 command_matches_regex: retry with canonicalized path if possible Todd C. Miller 2023-12-06 10:27:57 -07:00
44f0908e73 command_matches_fnmatch: retry with canonicalized path if possible Todd C. Miller 2023-12-04 18:35:08 -07:00
24f443981f If sysconf(_SC_HOST_NAME_MAX) returns 0, just use 255. Todd C. Miller 2023-12-04 09:24:30 -07:00
8faf432499 Fall back to "localhost" if gethostname() fails. Todd C. Miller 2023-12-04 09:21:56 -07:00
8dd2967766 command_matches_glob: fix comparison of canonicalized parent directories Todd C. Miller 2023-12-04 09:08:52 -07:00
9c3eb2feca Add missing print_member_list_csv() return value check. Todd C. Miller 2023-12-01 15:14:59 -07:00
79ed29c4a3 Check sudoers_debug_register() return value. Todd C. Miller 2023-12-01 15:00:08 -07:00
c3ac12297a Regenerate with the autoconf 2.72d snapshot. Todd C. Miller 2023-11-30 16:24:05 -07:00
77700a4b7a Add cmddenial_message to def_data.in Todd C. Miller 2023-11-28 15:19:24 -07:00
5eba4b48cf Typographical and Grammatical fixes THE-Spellchecker 2023-11-28 01:55:57 -05:00
b4ae559c81 Reword the description of cmddenial_message. Todd C. Miller 2023-11-28 14:49:13 -07:00
6b6e0aed0a Regenerate from sudoreplay.mdoc.in Todd C. Miller 2023-11-28 14:48:51 -07:00
a4cbfecdae Add support for a custom message when the command execution is denied. Guillaume Destuynder 2023-11-20 23:29:04 +00:00
55db829087 No need to include sys/param.h here. Todd C. Miller 2023-11-26 09:28:40 -07:00
522f1b634f tsdump: quiet compiler warnings on some platforms. Todd C. Miller 2023-11-26 09:27:46 -07:00
288593875d tsdump: display both the terminal path and device number. Todd C. Miller 2023-11-26 09:07:25 -07:00
7d7dfbfd44 Sync time stamp defines with sudoers timestamp.h Todd C. Miller 2023-11-26 08:59:05 -07:00
0c958e1852 Mention the tsdump utility Todd C. Miller 2023-11-26 08:55:41 -07:00
66c9a636d1 Build tsdump by default so it does not suffer bit rot. Todd C. Miller 2023-11-26 08:45:43 -07:00
67ed8fbe58 Add sudo_debug_exit_dev_t stub for fuzzing. Todd C. Miller 2023-11-26 08:30:41 -07:00
be911b77dd Avoid using the u_int type, which is not portable. Todd C. Miller 2023-11-26 08:24:26 -07:00
5ff6f49653 tsdump: update to use a uid-based path by default Todd C. Miller 2023-11-26 08:21:05 -07:00
ce74f50b44 Update for plugin version 1.22. Todd C. Miller 2023-11-25 18:51:28 -07:00
61dbfe0924 Document ttydev and bump plugin version to 1.22 Todd C. Miller 2023-11-25 18:38:36 -07:00
a85494b5c4 Add ttydev to sudoers_user_context and use for timestamp file. Todd C. Miller 2023-11-25 16:26:45 -07:00
3dfbf9316c Pass tty device number from front-end to policy module. Todd C. Miller 2023-11-25 16:26:44 -07:00
b9275b7eab Rename submit_time -> event_time in struct eventlog. Todd C. Miller 2023-11-23 09:08:04 -05:00
0e53d5fddf We can use evlog.submit_time in the call to eventlog_alert(). Todd C. Miller 2023-11-23 09:08:04 -05:00
39ea3176c1 Replace submit_time in struct sudoers_context with start_time. Todd C. Miller 2023-11-23 09:08:04 -05:00
432b085558 log_server_open: always pass in awake time, not wallclock time. Todd C. Miller 2023-11-23 09:08:04 -05:00
6965e1b0aa log_server_alert: use fmt_alert_message not fmt_reject_message Todd C. Miller 2023-11-23 09:08:04 -05:00
13dec64f3d log_server_alert: struct timespec argument was not actually used Todd C. Miller 2023-11-23 09:08:04 -05:00
47a43c5404 cvtsudoers_csv.c: remove most sudo_fatal() calls. Todd C. Miller 2023-11-11 10:22:14 -07:00
dd5f7a4505 No need for sudo_fatalx() here, just pass back an error. Todd C. Miller 2023-11-11 08:31:23 -07:00
2c06aa321b cvtsudoers_ldif: display warning on write error Todd C. Miller 2023-11-11 08:19:19 -07:00
7e4632691b cvtsudoers_merge.c: remove sudo_fatal() calls. Todd C. Miller 2023-11-11 08:15:06 -07:00
8cfd4467f4 Make new_member() return NULL on failure and adjust callers. Todd C. Miller 2023-11-10 16:53:57 -07:00
564d8ac01d Pass return values back instead of using sudo_fatal(). Todd C. Miller 2023-11-10 14:05:35 -07:00
d28884b1c7 Add printf_attribute_ldif() to printf-format an LDIF attribute. Todd C. Miller 2023-11-10 13:34:13 -07:00
12e55dcd78 cvtsudoers_json.c: check sudo_json_* return values. Todd C. Miller 2023-11-09 17:12:56 -07:00

Commit Graph Select branches Hide Pull Requests main Mono Color

Commit Graph

Select branches

Hide Pull Requests

main