return(FALSE);
break;
case DEFAULTS_RUNAS:
- if (user_matches(runas_pw, def->binding) &&
+ if (runas_matches(def->binding) &&
!set_default(def->var, def->val, def->op))
return(FALSE);
break;
case DEFAULTS_HOST:
- if (host_matches(user_shost, user_host, def->binding) &&
+ if (host_matches(def->binding) &&
!set_default(def->var, def->val, def->op))
return(FALSE);
break;
return(TRUE);
}
-
static int
store_int(val, def, op)
char *val;
* Returns ALLOW, DENY or UNSPEC.
*/
int
-runas_matches(pw, list)
- struct passwd *pw;
+runas_matches(list)
struct member *list;
{
struct member *m;
int rval, matched = UNSPEC;
if (list == NULL)
- return(userpw_matches(def_runas_default, pw->pw_name, pw));
+ return(userpw_matches(def_runas_default, runas_pw->pw_name, runas_pw));
for (m = list; m != NULL; m = m->next) {
switch (m->type) {
matched = !m->negated;
break;
case NETGROUP:
- if (netgr_matches(m->name, NULL, NULL, pw->pw_name))
+ if (netgr_matches(m->name, NULL, NULL, runas_pw->pw_name))
matched = !m->negated;
break;
case USERGROUP:
- if (usergr_matches(m->name, pw->pw_name, pw))
+ if (usergr_matches(m->name, runas_pw->pw_name, runas_pw))
matched = !m->negated;
break;
case ALIAS:
if ((a = find_alias(m->name, RUNASALIAS)) != NULL) {
- rval = runas_matches(pw, a->first_member);
+ rval = runas_matches(a->first_member);
if (rval != UNSPEC)
matched = m->negated ? !rval : rval;
break;
}
/* FALLTHROUGH */
case WORD:
- if (userpw_matches(m->name, pw->pw_name, pw))
+ if (userpw_matches(m->name, runas_pw->pw_name, runas_pw))
matched = !m->negated;
break;
}
* Returns ALLOW, DENY or UNSPEC.
*/
int
-host_matches(shost, lhost, list)
- char *shost, *lhost;
+host_matches(list)
struct member *list;
{
struct member *m;
matched = !m->negated;
break;
case NETGROUP:
- if (netgr_matches(m->name, lhost, shost, NULL))
+ if (netgr_matches(m->name, user_host, user_shost, NULL))
matched = !m->negated;
break;
case NTWKADDR:
break;
case ALIAS:
if ((a = find_alias(m->name, HOSTALIAS)) != NULL) {
- rval = host_matches(shost, lhost, a->first_member);
+ rval = host_matches(a->first_member);
if (rval != UNSPEC)
matched = m->negated ? !rval : rval;
break;
}
/* FALLTHROUGH */
case WORD:
- if (hostname_matches(shost, lhost, m->name))
+ if (hostname_matches(user_shost, user_host, m->name))
matched = !m->negated;
break;
}
* Returns ALLOW, DENY or UNSPEC.
*/
int
-cmnd_matches(cmnd, args, list)
- char *cmnd, *args;
+cmnd_matches(list)
struct member *list;
{
struct sudo_command *c;
break;
case ALIAS:
if ((a = find_alias(m->name, CMNDALIAS)) != NULL) {
- rval = cmnd_matches(cmnd, args, a->first_member);
+ rval = cmnd_matches(a->first_member);
if (rval != UNSPEC)
matched = m->negated ? !rval : rval;
}
for (us = userspecs; us != NULL; us = us->next) {
if (user_matches(sudo_user.pw, us->user) == TRUE) {
priv = us->privileges;
- if (host_matches(user_shost, user_host, priv->hostlist) == TRUE) {
+ if (host_matches(priv->hostlist) == TRUE) {
for (cs = priv->cmndlist; cs != NULL; cs = cs->next) {
/* Only check the command when listing another user. */
if (user_uid == 0 || list_pw == NULL ||
user_uid == list_pw->pw_uid ||
- cmnd_matches(user_cmnd, user_args, cs->cmnd) == TRUE)
+ cmnd_matches(cs->cmnd) == TRUE)
matched = TRUE;
if ((pwcheck == any && nopass != TRUE) ||
(pwcheck == all && nopass == TRUE))
if (user_matches(sudo_user.pw, us->user) == TRUE) {
CLR(validated, FLAG_NO_USER);
priv = us->privileges;
- if (host_matches(user_shost, user_host, priv->hostlist) == TRUE) {
+ if (host_matches(priv->hostlist) == TRUE) {
CLR(validated, FLAG_NO_HOST);
for (cs = priv->cmndlist; cs != NULL; cs = cs->next) {
- if (runas_matches(runas_pw, cs->runaslist) == TRUE) {
- rval = cmnd_matches(user_cmnd, user_args, cs->cmnd);
+ if (runas_matches(cs->runaslist) == TRUE) {
+ rval = cmnd_matches(cs->cmnd);
if (rval != UNSPEC) {
matched = rval;
tags = &cs->tags;
for (us = userspecs; us != NULL; us = us->next) {
if (user_matches(pw, us->user) != TRUE ||
- host_matches(user_shost, user_host, us->privileges->hostlist) != TRUE)
+ host_matches(us->privileges->hostlist) != TRUE)
continue;
priv = us->privileges;
char *alias_add __P((char *, int, struct member *));
int addr_matches __P((char *));
int alias_remove __P((char *, int));
-int cmnd_matches __P((char *, char *, struct member *));
+int cmnd_matches __P((struct member *));
int command_matches __P((char *, char *));
-int host_matches __P((char *, char *, struct member *));
+int host_matches __P((struct member *));
int hostname_matches __P((char *, char *, char *));
int netgr_matches __P((char *, char *, char *, char *));
int no_aliases __P((void));
-int runas_matches __P((struct passwd *, struct member *));
+int runas_matches __P((struct member *));
int user_matches __P((struct passwd *, struct member *));
int usergr_matches __P((char *, char *, struct passwd *));
int userpw_matches __P((char *, char *, struct passwd *));
putchar('\n');
print_privilege(priv);
putchar('\n');
- if (host_matches(user_shost, user_host, priv->hostlist) == TRUE) {
+ if (host_matches(priv->hostlist) == TRUE) {
puts("\thost matched");
for (cs = priv->cmndlist; cs != NULL; cs = cs->next) {
- if (runas_matches(runas_pw, cs->runaslist) == TRUE) {
+ if (runas_matches(cs->runaslist) == TRUE) {
puts("\trunas matched");
- rval = cmnd_matches(user_cmnd, user_args, cs->cmnd);
+ rval = cmnd_matches(cs->cmnd);
if (rval != UNSPEC)
matched = rval;
printf("\tcommand %s\n", rval == ALLOW ? "allowed" :
projects / sudo / commitdiff