case SUDO_PATH_MISSING:
/* Root should always be able to read sudo.conf. */
if (errno != ENOENT && geteuid() == ROOT_UID)
- warning(_("unable to stat %s"), _PATH_SUDO_CONF);
+ warning(N_("unable to stat %s"), _PATH_SUDO_CONF);
goto done;
case SUDO_PATH_BAD_TYPE:
- warningx(_("%s is not a regular file"), _PATH_SUDO_CONF);
+ warningx(N_("%s is not a regular file"), _PATH_SUDO_CONF);
goto done;
case SUDO_PATH_WRONG_OWNER:
- warningx(_("%s is owned by uid %u, should be %u"),
+ warningx(N_("%s is owned by uid %u, should be %u"),
_PATH_SUDO_CONF, (unsigned int) sb.st_uid, ROOT_UID);
goto done;
case SUDO_PATH_WORLD_WRITABLE:
- warningx(_("%s is world writable"), _PATH_SUDO_CONF);
+ warningx(N_("%s is world writable"), _PATH_SUDO_CONF);
goto done;
case SUDO_PATH_GROUP_WRITABLE:
- warningx(_("%s is group writable"), _PATH_SUDO_CONF);
+ warningx(N_("%s is group writable"), _PATH_SUDO_CONF);
goto done;
default:
/* NOTREACHED */
if ((fp = fopen(_PATH_SUDO_CONF, "r")) == NULL) {
if (errno != ENOENT && geteuid() == ROOT_UID)
- warning(_("unable to open %s"), _PATH_SUDO_CONF);
+ warning(N_("unable to open %s"), _PATH_SUDO_CONF);
goto done;
}
debug_decl(sudo_fwtk_init, SUDO_DEBUG_AUTH)
if ((confp = cfg_read("sudo")) == (Cfg *)-1) {
- warningx(_("unable to read fwtk config"));
+ warningx(N_("unable to read fwtk config"));
debug_return_int(AUTH_FATAL);
}
if (auth_open(confp)) {
- warningx(_("unable to connect to authentication server"));
+ warningx(N_("unable to connect to authentication server"));
debug_return_int(AUTH_FATAL);
}
/* Get welcome message from auth server */
if (auth_recv(resp, sizeof(resp))) {
- warningx(_("lost connection to authentication server"));
+ warningx(N_("lost connection to authentication server"));
debug_return_int(AUTH_FATAL);
}
if (strncmp(resp, "Authsrv ready", 13) != 0) {
- warningx(_("authentication server error:\n%s"), resp);
+ warningx(N_("authentication server error:\n%s"), resp);
debug_return_int(AUTH_FATAL);
}
(void) snprintf(buf, sizeof(buf), "authorize %s 'sudo'", pw->pw_name);
restart:
if (auth_send(buf) || auth_recv(resp, sizeof(resp))) {
- warningx(_("lost connection to authentication server"));
+ warningx(N_("lost connection to authentication server"));
debug_return_int(AUTH_FATAL);
}
/* Send the user's response to the server */
(void) snprintf(buf, sizeof(buf), "response '%s'", pass);
if (auth_send(buf) || auth_recv(resp, sizeof(resp))) {
- warningx(_("lost connection to authentication server"));
+ warningx(N_("lost connection to authentication server"));
error = AUTH_FATAL;
goto done;
}
/* Main loop prints "Permission Denied" or insult. */
if (strcmp(resp, "Permission Denied.") != 0)
- warningx("%s", resp);
+ warningx(N"%s", resp);
error = AUTH_FAILURE;
done:
zero_bytes(pass, strlen(pass));
*/
if (rfc1938challenge(&rfc1938, pw->pw_name, challenge, sizeof(challenge))) {
if (IS_ONEANDONLY(auth)) {
- warningx(_("you do not exist in the %s database"), auth->name);
+ warningx(N_("you do not exist in the %s database"), auth->name);
debug_return_int(AUTH_FATAL);
} else {
debug_return_int(AUTH_FAILURE);
if (AceInitialize() != SD_FALSE)
debug_return_int(AUTH_SUCCESS);
- warningx(_("failed to initialise the ACE API library"));
+ warningx(N_("failed to initialise the ACE API library"));
debug_return_int(AUTH_FATAL);
}
/* Re-initialize SecurID every time. */
if (SD_Init(sd) != ACM_OK) {
- warningx(_("unable to contact the SecurID server"));
+ warningx(N_("unable to contact the SecurID server"));
debug_return_int(AUTH_FATAL);
}
switch (retval) {
case ACM_OK:
- warningx(_("User ID locked for SecurID Authentication"));
+ warningx(N_("User ID locked for SecurID Authentication"));
debug_return_int(AUTH_SUCCESS);
case ACE_UNDEFINED_USERNAME:
- warningx(_("invalid username length for SecurID"));
+ warningx(N_("invalid username length for SecurID"));
debug_return_int(AUTH_FATAL);
case ACE_ERR_INVALID_HANDLE:
- warningx(_("invalid Authentication Handle for SecurID"));
+ warningx(N_("invalid Authentication Handle for SecurID"));
debug_return_int(AUTH_FATAL);
case ACM_ACCESS_DENIED:
- warningx(_("SecurID communication failed"));
+ warningx(N_("SecurID communication failed"));
debug_return_int(AUTH_FATAL);
default:
- warningx(_("unknown SecurID error"));
+ warningx(N_("unknown SecurID error"));
debug_return_int(AUTH_FATAL);
}
}
break;
case ACE_UNDEFINED_PASSCODE:
- warningx(_("invalid passcode length for SecurID"));
+ warningx(N_("invalid passcode length for SecurID"));
rval = AUTH_FATAL;
break;
case ACE_UNDEFINED_USERNAME:
- warningx(_("invalid username length for SecurID"));
+ warningx(N_("invalid username length for SecurID"));
rval = AUTH_FATAL;
break;
case ACE_ERR_INVALID_HANDLE:
- warningx(_("invalid Authentication Handle for SecurID"));
+ warningx(N_("invalid Authentication Handle for SecurID"));
rval = AUTH_FATAL;
break;
break;
default:
- warningx(_("unknown SecurID error"));
+ warningx(N_("unknown SecurID error"));
rval = AUTH_FATAL;
break;
}
break;
}
if (!cur->name) {
- warningx(_("unknown defaults entry `%s'"), var);
+ warningx(N_("unknown defaults entry `%s'"), var);
debug_return_bool(false);
}
case T_LOGFAC:
if (!store_syslogfac(val, cur, op)) {
if (val)
- warningx(_("value `%s' is invalid for option `%s'"),
+ warningx(N_("value `%s' is invalid for option `%s'"),
val, var);
else
- warningx(_("no value specified for `%s'"), var);
+ warningx(N_("no value specified for `%s'"), var);
debug_return_bool(false);
}
break;
case T_LOGPRI:
if (!store_syslogpri(val, cur, op)) {
if (val)
- warningx(_("value `%s' is invalid for option `%s'"),
+ warningx(N_("value `%s' is invalid for option `%s'"),
val, var);
else
- warningx(_("no value specified for `%s'"), var);
+ warningx(N_("no value specified for `%s'"), var);
debug_return_bool(false);
}
break;
if (!val) {
/* Check for bogus boolean usage or lack of a value. */
if (!ISSET(cur->type, T_BOOL) || op != false) {
- warningx(_("no value specified for `%s'"), var);
+ warningx(N_("no value specified for `%s'"), var);
debug_return_bool(false);
}
}
if (ISSET(cur->type, T_PATH) && val && *val != '/') {
- warningx(_("values for `%s' must start with a '/'"), var);
+ warningx(N_("values for `%s' must start with a '/'"), var);
debug_return_bool(false);
}
if (!store_str(val, cur, op)) {
- warningx(_("value `%s' is invalid for option `%s'"), val, var);
+ warningx(N_("value `%s' is invalid for option `%s'"), val, var);
debug_return_bool(false);
}
break;
if (!val) {
/* Check for bogus boolean usage or lack of a value. */
if (!ISSET(cur->type, T_BOOL) || op != false) {
- warningx(_("no value specified for `%s'"), var);
+ warningx(N_("no value specified for `%s'"), var);
debug_return_bool(false);
}
}
if (!store_int(val, cur, op)) {
- warningx(_("value `%s' is invalid for option `%s'"), val, var);
+ warningx(N_("value `%s' is invalid for option `%s'"), val, var);
debug_return_bool(false);
}
break;
if (!val) {
/* Check for bogus boolean usage or lack of a value. */
if (!ISSET(cur->type, T_BOOL) || op != false) {
- warningx(_("no value specified for `%s'"), var);
+ warningx(N_("no value specified for `%s'"), var);
debug_return_bool(false);
}
}
if (!store_uint(val, cur, op)) {
- warningx(_("value `%s' is invalid for option `%s'"), val, var);
+ warningx(N_("value `%s' is invalid for option `%s'"), val, var);
debug_return_bool(false);
}
break;
if (!val) {
/* Check for bogus boolean usage or lack of a value. */
if (!ISSET(cur->type, T_BOOL) || op != false) {
- warningx(_("no value specified for `%s'"), var);
+ warningx(N_("no value specified for `%s'"), var);
debug_return_bool(false);
}
}
if (!store_float(val, cur, op)) {
- warningx(_("value `%s' is invalid for option `%s'"), val, var);
+ warningx(N_("value `%s' is invalid for option `%s'"), val, var);
debug_return_bool(false);
}
break;
if (!val) {
/* Check for bogus boolean usage or lack of a value. */
if (!ISSET(cur->type, T_BOOL) || op != false) {
- warningx(_("no value specified for `%s'"), var);
+ warningx(N_("no value specified for `%s'"), var);
debug_return_bool(false);
}
}
if (!store_mode(val, cur, op)) {
- warningx(_("value `%s' is invalid for option `%s'"), val, var);
+ warningx(N_("value `%s' is invalid for option `%s'"), val, var);
debug_return_bool(false);
}
break;
case T_FLAG:
if (val) {
- warningx(_("option `%s' does not take a value"), var);
+ warningx(N_("option `%s' does not take a value"), var);
debug_return_bool(false);
}
cur->sd_un.flag = op;
if (!val) {
/* Check for bogus boolean usage or lack of a value. */
if (!ISSET(cur->type, T_BOOL) || op != false) {
- warningx(_("no value specified for `%s'"), var);
+ warningx(N_("no value specified for `%s'"), var);
debug_return_bool(false);
}
}
if (!store_list(val, cur, op)) {
- warningx(_("value `%s' is invalid for option `%s'"), val, var);
+ warningx(N_("value `%s' is invalid for option `%s'"), val, var);
debug_return_bool(false);
}
break;
case T_TUPLE:
if (!val && !ISSET(cur->type, T_BOOL)) {
- warningx(_("no value specified for `%s'"), var);
+ warningx(N_("no value specified for `%s'"), var);
debug_return_bool(false);
}
if (!store_tuple(val, cur, op)) {
- warningx(_("value `%s' is invalid for option `%s'"), val, var);
+ warningx(N_("value `%s' is invalid for option `%s'"), val, var);
debug_return_bool(false);
}
break;
}
if (cur->name == NULL) {
if (!quiet)
- warningx(_("unknown defaults entry `%s'"), def->var);
+ warningx(N_("unknown defaults entry `%s'"), def->var);
rc = false;
}
}
if (sudoers_warnings && s != NULL) {
LEXTRACE("<*> ");
#ifndef TRACELEXER
+ /* XXX 's' will be in sudoers locale, not user's */
if (trace_print == NULL || trace_print == sudoers_trace_print)
- warningx(_(">>> %s: %s near line %d <<<"), sudoers, s, sudolineno);
+ warningx(N_(">>> %s: %s near line %d <<<"), sudoers, s, sudolineno);
#endif
}
parse_error = true;
debug_return;
}
-#line 121 "gram.y"
+#line 122 "gram.y"
#ifndef YYSTYPE_DEFINED
#define YYSTYPE_DEFINED
typedef union {
int tok;
} YYSTYPE;
#endif /* YYSTYPE_DEFINED */
-#line 174 "gram.c"
+#line 175 "gram.c"
#define COMMAND 257
#define ALIAS 258
#define DEFVAR 259
short *yysslim;
YYSTYPE *yyvs;
int yystacksize;
-#line 673 "gram.y"
+#line 674 "gram.y"
static struct defaults *
new_default(char *var, char *val, int op)
{
debug_return;
}
-#line 852 "gram.c"
+#line 853 "gram.c"
/* allocate initial stack or double stack size, up to YYMAXDEPTH */
#if defined(__cplusplus) || defined(__STDC__)
static int yygrowstack(void)
switch (yyn)
{
case 1:
-#line 203 "gram.y"
+#line 204 "gram.y"
{ ; }
break;
case 5:
-#line 211 "gram.y"
+#line 212 "gram.y"
{
;
}
break;
case 6:
-#line 214 "gram.y"
+#line 215 "gram.y"
{
yyerrok;
}
break;
case 7:
-#line 217 "gram.y"
+#line 218 "gram.y"
{
add_userspec(yyvsp[-1].member, yyvsp[0].privilege);
}
break;
case 8:
-#line 220 "gram.y"
+#line 221 "gram.y"
{
;
}
break;
case 9:
-#line 223 "gram.y"
+#line 224 "gram.y"
{
;
}
break;
case 10:
-#line 226 "gram.y"
+#line 227 "gram.y"
{
;
}
break;
case 11:
-#line 229 "gram.y"
+#line 230 "gram.y"
{
;
}
break;
case 12:
-#line 232 "gram.y"
+#line 233 "gram.y"
{
add_defaults(DEFAULTS, NULL, yyvsp[0].defaults);
}
break;
case 13:
-#line 235 "gram.y"
+#line 236 "gram.y"
{
add_defaults(DEFAULTS_USER, yyvsp[-1].member, yyvsp[0].defaults);
}
break;
case 14:
-#line 238 "gram.y"
+#line 239 "gram.y"
{
add_defaults(DEFAULTS_RUNAS, yyvsp[-1].member, yyvsp[0].defaults);
}
break;
case 15:
-#line 241 "gram.y"
+#line 242 "gram.y"
{
add_defaults(DEFAULTS_HOST, yyvsp[-1].member, yyvsp[0].defaults);
}
break;
case 16:
-#line 244 "gram.y"
+#line 245 "gram.y"
{
add_defaults(DEFAULTS_CMND, yyvsp[-1].member, yyvsp[0].defaults);
}
break;
case 18:
-#line 250 "gram.y"
+#line 251 "gram.y"
{
list_append(yyvsp[-2].defaults, yyvsp[0].defaults);
yyval.defaults = yyvsp[-2].defaults;
}
break;
case 19:
-#line 256 "gram.y"
+#line 257 "gram.y"
{
yyval.defaults = new_default(yyvsp[0].string, NULL, true);
}
break;
case 20:
-#line 259 "gram.y"
+#line 260 "gram.y"
{
yyval.defaults = new_default(yyvsp[0].string, NULL, false);
}
break;
case 21:
-#line 262 "gram.y"
+#line 263 "gram.y"
{
yyval.defaults = new_default(yyvsp[-2].string, yyvsp[0].string, true);
}
break;
case 22:
-#line 265 "gram.y"
+#line 266 "gram.y"
{
yyval.defaults = new_default(yyvsp[-2].string, yyvsp[0].string, '+');
}
break;
case 23:
-#line 268 "gram.y"
+#line 269 "gram.y"
{
yyval.defaults = new_default(yyvsp[-2].string, yyvsp[0].string, '-');
}
break;
case 25:
-#line 274 "gram.y"
+#line 275 "gram.y"
{
list_append(yyvsp[-2].privilege, yyvsp[0].privilege);
yyval.privilege = yyvsp[-2].privilege;
}
break;
case 26:
-#line 280 "gram.y"
+#line 281 "gram.y"
{
struct privilege *p = ecalloc(1, sizeof(*p));
list2tq(&p->hostlist, yyvsp[-2].member);
}
break;
case 27:
-#line 290 "gram.y"
+#line 291 "gram.y"
{
yyval.member = yyvsp[0].member;
yyval.member->negated = false;
}
break;
case 28:
-#line 294 "gram.y"
+#line 295 "gram.y"
{
yyval.member = yyvsp[0].member;
yyval.member->negated = true;
}
break;
case 29:
-#line 300 "gram.y"
+#line 301 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, ALIAS);
}
break;
case 30:
-#line 303 "gram.y"
+#line 304 "gram.y"
{
yyval.member = new_member(NULL, ALL);
}
break;
case 31:
-#line 306 "gram.y"
+#line 307 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, NETGROUP);
}
break;
case 32:
-#line 309 "gram.y"
+#line 310 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, NTWKADDR);
}
break;
case 33:
-#line 312 "gram.y"
+#line 313 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, WORD);
}
break;
case 35:
-#line 318 "gram.y"
+#line 319 "gram.y"
{
list_append(yyvsp[-2].cmndspec, yyvsp[0].cmndspec);
#ifdef HAVE_SELINUX
}
break;
case 36:
-#line 357 "gram.y"
+#line 358 "gram.y"
{
struct cmndspec *cs = ecalloc(1, sizeof(*cs));
if (yyvsp[-4].runas != NULL) {
}
break;
case 37:
-#line 387 "gram.y"
+#line 388 "gram.y"
{
yyval.member = yyvsp[0].member;
yyval.member->negated = false;
}
break;
case 38:
-#line 391 "gram.y"
+#line 392 "gram.y"
{
yyval.member = yyvsp[0].member;
yyval.member->negated = true;
}
break;
case 39:
-#line 397 "gram.y"
+#line 398 "gram.y"
{
yyval.string = yyvsp[0].string;
}
break;
case 40:
-#line 402 "gram.y"
+#line 403 "gram.y"
{
yyval.string = yyvsp[0].string;
}
break;
case 41:
-#line 407 "gram.y"
+#line 408 "gram.y"
{
yyval.seinfo.role = NULL;
yyval.seinfo.type = NULL;
}
break;
case 42:
-#line 411 "gram.y"
+#line 412 "gram.y"
{
yyval.seinfo.role = yyvsp[0].string;
yyval.seinfo.type = NULL;
}
break;
case 43:
-#line 415 "gram.y"
+#line 416 "gram.y"
{
yyval.seinfo.type = yyvsp[0].string;
yyval.seinfo.role = NULL;
}
break;
case 44:
-#line 419 "gram.y"
+#line 420 "gram.y"
{
yyval.seinfo.role = yyvsp[-1].string;
yyval.seinfo.type = yyvsp[0].string;
}
break;
case 45:
-#line 423 "gram.y"
+#line 424 "gram.y"
{
yyval.seinfo.type = yyvsp[-1].string;
yyval.seinfo.role = yyvsp[0].string;
}
break;
case 46:
-#line 429 "gram.y"
+#line 430 "gram.y"
{
yyval.string = yyvsp[0].string;
}
break;
case 47:
-#line 433 "gram.y"
+#line 434 "gram.y"
{
yyval.string = yyvsp[0].string;
}
break;
case 48:
-#line 438 "gram.y"
+#line 439 "gram.y"
{
yyval.privinfo.privs = NULL;
yyval.privinfo.limitprivs = NULL;
}
break;
case 49:
-#line 442 "gram.y"
+#line 443 "gram.y"
{
yyval.privinfo.privs = yyvsp[0].string;
yyval.privinfo.limitprivs = NULL;
}
break;
case 50:
-#line 446 "gram.y"
+#line 447 "gram.y"
{
yyval.privinfo.privs = NULL;
yyval.privinfo.limitprivs = yyvsp[0].string;
}
break;
case 51:
-#line 450 "gram.y"
+#line 451 "gram.y"
{
yyval.privinfo.privs = yyvsp[-1].string;
yyval.privinfo.limitprivs = yyvsp[0].string;
}
break;
case 52:
-#line 454 "gram.y"
+#line 455 "gram.y"
{
yyval.privinfo.limitprivs = yyvsp[-1].string;
yyval.privinfo.privs = yyvsp[0].string;
}
break;
case 53:
-#line 459 "gram.y"
+#line 460 "gram.y"
{
yyval.runas = NULL;
}
break;
case 54:
-#line 462 "gram.y"
+#line 463 "gram.y"
{
yyval.runas = yyvsp[-1].runas;
}
break;
case 55:
-#line 467 "gram.y"
+#line 468 "gram.y"
{
yyval.runas = ecalloc(1, sizeof(struct runascontainer));
yyval.runas->runasusers = new_member(NULL, MYSELF);
}
break;
case 56:
-#line 472 "gram.y"
+#line 473 "gram.y"
{
yyval.runas = ecalloc(1, sizeof(struct runascontainer));
yyval.runas->runasusers = yyvsp[0].member;
}
break;
case 57:
-#line 477 "gram.y"
+#line 478 "gram.y"
{
yyval.runas = ecalloc(1, sizeof(struct runascontainer));
yyval.runas->runasusers = yyvsp[-2].member;
}
break;
case 58:
-#line 482 "gram.y"
+#line 483 "gram.y"
{
yyval.runas = ecalloc(1, sizeof(struct runascontainer));
/* $$->runasusers = NULL; */
}
break;
case 59:
-#line 487 "gram.y"
+#line 488 "gram.y"
{
yyval.runas = ecalloc(1, sizeof(struct runascontainer));
yyval.runas->runasusers = new_member(NULL, MYSELF);
}
break;
case 60:
-#line 494 "gram.y"
+#line 495 "gram.y"
{
yyval.tag.nopasswd = yyval.tag.noexec = yyval.tag.setenv =
yyval.tag.log_input = yyval.tag.log_output = UNSPEC;
}
break;
case 61:
-#line 498 "gram.y"
+#line 499 "gram.y"
{
yyval.tag.nopasswd = true;
}
break;
case 62:
-#line 501 "gram.y"
+#line 502 "gram.y"
{
yyval.tag.nopasswd = false;
}
break;
case 63:
-#line 504 "gram.y"
+#line 505 "gram.y"
{
yyval.tag.noexec = true;
}
break;
case 64:
-#line 507 "gram.y"
+#line 508 "gram.y"
{
yyval.tag.noexec = false;
}
break;
case 65:
-#line 510 "gram.y"
+#line 511 "gram.y"
{
yyval.tag.setenv = true;
}
break;
case 66:
-#line 513 "gram.y"
+#line 514 "gram.y"
{
yyval.tag.setenv = false;
}
break;
case 67:
-#line 516 "gram.y"
+#line 517 "gram.y"
{
yyval.tag.log_input = true;
}
break;
case 68:
-#line 519 "gram.y"
+#line 520 "gram.y"
{
yyval.tag.log_input = false;
}
break;
case 69:
-#line 522 "gram.y"
+#line 523 "gram.y"
{
yyval.tag.log_output = true;
}
break;
case 70:
-#line 525 "gram.y"
+#line 526 "gram.y"
{
yyval.tag.log_output = false;
}
break;
case 71:
-#line 530 "gram.y"
+#line 531 "gram.y"
{
yyval.member = new_member(NULL, ALL);
}
break;
case 72:
-#line 533 "gram.y"
+#line 534 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, ALIAS);
}
break;
case 73:
-#line 536 "gram.y"
+#line 537 "gram.y"
{
struct sudo_command *c = ecalloc(1, sizeof(*c));
c->cmnd = yyvsp[0].command.cmnd;
}
break;
case 76:
-#line 548 "gram.y"
+#line 549 "gram.y"
{
char *s;
if ((s = alias_add(yyvsp[-2].string, HOSTALIAS, yyvsp[0].member)) != NULL) {
}
break;
case 78:
-#line 558 "gram.y"
+#line 559 "gram.y"
{
list_append(yyvsp[-2].member, yyvsp[0].member);
yyval.member = yyvsp[-2].member;
}
break;
case 81:
-#line 568 "gram.y"
+#line 569 "gram.y"
{
char *s;
if ((s = alias_add(yyvsp[-2].string, CMNDALIAS, yyvsp[0].member)) != NULL) {
}
break;
case 83:
-#line 578 "gram.y"
+#line 579 "gram.y"
{
list_append(yyvsp[-2].member, yyvsp[0].member);
yyval.member = yyvsp[-2].member;
}
break;
case 86:
-#line 588 "gram.y"
+#line 589 "gram.y"
{
char *s;
if ((s = alias_add(yyvsp[-2].string, RUNASALIAS, yyvsp[0].member)) != NULL) {
}
break;
case 89:
-#line 601 "gram.y"
+#line 602 "gram.y"
{
char *s;
if ((s = alias_add(yyvsp[-2].string, USERALIAS, yyvsp[0].member)) != NULL) {
}
break;
case 91:
-#line 611 "gram.y"
+#line 612 "gram.y"
{
list_append(yyvsp[-2].member, yyvsp[0].member);
yyval.member = yyvsp[-2].member;
}
break;
case 92:
-#line 617 "gram.y"
+#line 618 "gram.y"
{
yyval.member = yyvsp[0].member;
yyval.member->negated = false;
}
break;
case 93:
-#line 621 "gram.y"
+#line 622 "gram.y"
{
yyval.member = yyvsp[0].member;
yyval.member->negated = true;
}
break;
case 94:
-#line 627 "gram.y"
+#line 628 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, ALIAS);
}
break;
case 95:
-#line 630 "gram.y"
+#line 631 "gram.y"
{
yyval.member = new_member(NULL, ALL);
}
break;
case 96:
-#line 633 "gram.y"
+#line 634 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, NETGROUP);
}
break;
case 97:
-#line 636 "gram.y"
+#line 637 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, USERGROUP);
}
break;
case 98:
-#line 639 "gram.y"
+#line 640 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, WORD);
}
break;
case 100:
-#line 645 "gram.y"
+#line 646 "gram.y"
{
list_append(yyvsp[-2].member, yyvsp[0].member);
yyval.member = yyvsp[-2].member;
}
break;
case 101:
-#line 651 "gram.y"
+#line 652 "gram.y"
{
yyval.member = yyvsp[0].member;
yyval.member->negated = false;
}
break;
case 102:
-#line 655 "gram.y"
+#line 656 "gram.y"
{
yyval.member = yyvsp[0].member;
yyval.member->negated = true;
}
break;
case 103:
-#line 661 "gram.y"
+#line 662 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, ALIAS);
}
break;
case 104:
-#line 664 "gram.y"
+#line 665 "gram.y"
{
yyval.member = new_member(NULL, ALL);
}
break;
case 105:
-#line 667 "gram.y"
+#line 668 "gram.y"
{
yyval.member = new_member(yyvsp[0].string, WORD);
}
break;
-#line 1692 "gram.c"
+#line 1693 "gram.c"
}
yyssp -= yym;
yystate = *yyssp;
if (sudoers_warnings && s != NULL) {
LEXTRACE("<*> ");
#ifndef TRACELEXER
+ /* XXX 's' will be in sudoers locale, not user's */
if (trace_print == NULL || trace_print == sudoers_trace_print)
- warningx(_(">>> %s: %s near line %d <<<"), sudoers, s, sudolineno);
+ warningx(N_(">>> %s: %s near line %d <<<"), sudoers, s, sudolineno);
#endif
}
parse_error = true;
(*plugin_info != '/') ? _PATH_SUDO_PLUGIN_DIR : "", plugin_info);
}
if (len <= 0 || len >= sizeof(path)) {
- warningx(_("%s%s: %s"),
+ warningx(N_("%s%s: %s"),
(*plugin_info != '/') ? _PATH_SUDO_PLUGIN_DIR : "", plugin_info,
strerror(ENAMETOOLONG));
goto done;
goto done;
}
if (sb.st_uid != ROOT_UID) {
- warningx(_("%s must be owned by uid %d"), path, ROOT_UID);
+ warningx(N_("%s must be owned by uid %d"), path, ROOT_UID);
goto done;
}
if ((sb.st_mode & (S_IWGRP|S_IWOTH)) != 0) {
- warningx(_("%s must only be writable by owner"), path);
+ warningx(N_("%s must only be writable by owner"), path);
goto done;
}
/* Open plugin and map in symbol. */
group_handle = dlopen(path, RTLD_LAZY|RTLD_GLOBAL);
if (!group_handle) {
- warningx(_("unable to dlopen %s: %s"), path, dlerror());
+ warningx(N_("unable to dlopen %s: %s"), path, dlerror());
goto done;
}
group_plugin = dlsym(group_handle, "group_plugin");
if (group_plugin == NULL) {
- warningx(_("unable to find symbol \"group_plugin\" in %s"), path);
+ warningx(N_("unable to find symbol \"group_plugin\" in %s"), path);
goto done;
}
if (GROUP_API_VERSION_GET_MAJOR(group_plugin->version) != GROUP_API_VERSION_MAJOR) {
- warningx(_("%s: incompatible group plugin major version %d, expected %d"),
+ warningx(N_("%s: incompatible group plugin major version %d, expected %d"),
path, GROUP_API_VERSION_GET_MAJOR(group_plugin->version),
GROUP_API_VERSION_MAJOR);
goto done;
nldaps++;
host = uri + 8;
} else {
- warningx(_("unsupported LDAP uri type: %s"), uri);
+ warningx(N_("unsupported LDAP uri type: %s"), uri);
goto done;
}
}
}
if (hostbuf[0] == '\0') {
- warningx(_("invalid uri: %s"), uri_list->val);
+ warningx(N_("invalid uri: %s"), uri_list->val);
goto done;
}
if (nldaps != 0) {
if (nldap != 0) {
- warningx(_("unable to mix ldap and ldaps URIs"));
+ warningx(N_("unable to mix ldap and ldaps URIs"));
goto done;
}
if (ldap_conf.ssl_mode == SUDO_LDAP_STARTTLS) {
- warningx(_("unable to mix ldaps and starttls"));
+ warningx(N_("unable to mix ldaps and starttls"));
goto done;
}
ldap_conf.ssl_mode = SUDO_LDAP_SSL;
}
}
if (rc != LDAP_SUCCESS) {
- warningx(_("unable to initialize SSL cert and key db: %s"),
+ warningx(N_("unable to initialize SSL cert and key db: %s"),
ldapssl_err2string(rc));
if (ldap_conf.tls_certfile == NULL)
- warningx(_("you must set TLS_CERT in %s to use SSL"),
+ warningx(N_("you must set TLS_CERT in %s to use SSL"),
_PATH_LDAP_CONF);
goto done;
}
/* Make sure we have a formatted timestamp for __now__. */
time(&now);
if ((tp = gmtime(&now)) == NULL) {
- warning(_("unable to get GMT time"));
+ warning(N_("unable to get GMT time"));
goto done;
}
/* Format the timestamp according to the RFC. */
if (strftime(timebuffer, sizeof(timebuffer), "%Y%m%d%H%M%S.0Z", tp) == 0) {
- warningx(_("unable to format timestamp"));
+ warningx(N_("unable to format timestamp"));
goto done;
}
bytes = snprintf(buffer, buffersize, "(&(|(!(sudoNotAfter=*))(sudoNotAfter>=%s))(|(!(sudoNotBefore=*))(sudoNotBefore<=%s)))",
timebuffer, timebuffer);
if (bytes < 0 || bytes >= buffersize) {
- warning(_("unable to build time filter"));
+ warning(N_("unable to build time filter"));
bytes = 0;
}
rc = ldap_initialize(&ld, buf);
efree(buf);
if (rc != LDAP_SUCCESS)
- warningx(_("unable to initialize LDAP: %s"), ldap_err2string(rc));
+ warningx(N_("unable to initialize LDAP: %s"), ldap_err2string(rc));
} else
#endif
rc = sudo_ldap_init(&ld, ldap_conf.host, ldap_conf.port);
}
DPRINTF(("ldap_start_tls_s_np() ok"), 1);
#else
- warningx(_("start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"));
+ warningx(N_("start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"));
#endif /* !HAVE_LDAP_START_TLS_S && !HAVE_LDAP_START_TLS_S_NP */
}
DPRINTF(("order attribute raw: %s", (*bv)->bv_val), 1);
order = strtod((*bv)->bv_val, &ep);
if (ep == (*bv)->bv_val || *ep != '\0') {
- warningx(_("invalid sudoOrder attribute: %s"), (*bv)->bv_val);
+ warningx(N_("invalid sudoOrder attribute: %s"), (*bv)->bv_val);
order = 0.0;
}
DPRINTF(("order attribute: %f", order), 1);
/* Log command, ignoring ECONNREFUSED on error. */
rc = audit_log_user_command(au_fd, AUDIT_USER_CMD, command, NULL, result);
if (rc <= 0 && errno != ECONNREFUSED)
- warning(_("unable to send audit message"));
+ warning(N_("unable to send audit message"));
efree(command);
* their path to just contain a single dir.
*/
if (flags == NOT_FOUND)
- warningx(_("%s: command not found"), user_cmnd);
+ warningx(N_("%s: command not found"), user_cmnd);
else if (flags == NOT_FOUND_DOT)
- warningx(_("ignoring `%s' found in '.'\nUse `sudo ./%s' if this is the `%s' you wish to run."), user_cmnd, user_cmnd, user_cmnd);
+ warningx(N_("ignoring `%s' found in '.'\nUse `sudo ./%s' if this is the `%s' you wish to run."), user_cmnd, user_cmnd, user_cmnd);
}
debug_return;
#include <stdlib.h>
#include <string.h>
#include <setjmp.h>
+#ifdef HAVE_STDBOOL_H
+# include <stdbool.h>
+#else
+# include "compat/stdbool.h"
+#endif /* HAVE_STDBOOL_H */
#include "missing.h"
#include "alloc.h"
#include "error.h"
+#include "logging.h"
#include "sudo_plugin.h"
#define DEFAULT_TEXT_DOMAIN "sudoers"
struct sudo_conv_message msg[6];
struct sudo_conv_reply repl[6];
char *str;
- int nmsgs = 4;
+ int oldlocale, nmsgs = 4;
- evasprintf(&str, fmt, ap);
+ /* Warnings are displayed in the user's locale. */
+ sudoers_setlocale(SUDOERS_LOCALE_USER, &oldlocale);
+
+ evasprintf(&str, _(fmt), ap);
/* Call conversation function */
memset(&msg, 0, sizeof(msg));
memset(&repl, 0, sizeof(repl));
sudo_conv(nmsgs, msg, repl);
efree(str);
+
+ sudoers_setlocale(oldlocale, NULL);
}
/* We do not currently log the exit status. */
if (error_code)
- warningx(_("unable to execute %s: %s"), safe_cmnd, strerror(error_code));
+ warningx(N_("unable to execute %s: %s"), safe_cmnd, strerror(error_code));
/* Close the session we opened in sudoers_policy_init_session(). */
if (ISSET(sudo_mode, MODE_RUN|MODE_EDIT))
if (list_user) {
list_pw = sudo_getpwnam(list_user);
if (list_pw == NULL) {
- warningx(_("unknown user: %s"), list_user);
+ warningx(N_("unknown user: %s"), list_user);
debug_return_bool(-1);
}
}
/* Load symbols */
handle->ssslib = dlopen(path, RTLD_LAZY);
if (handle->ssslib == NULL) {
- warningx(_("Unable to dlopen %s: %s"), path, dlerror());
- warningx(_("Unable to initialize SSS source. Is SSSD installed on your machine?"));
+ warningx(N_("Unable to dlopen %s: %s"), path, dlerror());
+ warningx(N_("Unable to initialize SSS source. Is SSSD installed on your machine?"));
debug_return_int(EFAULT);
}
handle->fn_send_recv = dlsym(handle->ssslib, "sss_sudo_send_recv");
if (handle->fn_send_recv == NULL) {
- warningx(_("unable to find symbol \"%s\" in %s"), path,
+ warningx(N_("unable to find symbol \"%s\" in %s"), path,
"sss_sudo_send_recv");
debug_return_int(EFAULT);
}
handle->fn_send_recv_defaults =
dlsym(handle->ssslib, "sss_sudo_send_recv_defaults");
if (handle->fn_send_recv_defaults == NULL) {
- warningx(_("unable to find symbol \"%s\" in %s"), path,
+ warningx(N_("unable to find symbol \"%s\" in %s"), path,
"sss_sudo_send_recv_defaults");
debug_return_int(EFAULT);
}
handle->fn_free_result = dlsym(handle->ssslib, "sss_sudo_free_result");
if (handle->fn_free_result == NULL) {
- warningx(_("unable to find symbol \"%s\" in %s"), path,
+ warningx(N_("unable to find symbol \"%s\" in %s"), path,
"sss_sudo_free_result");
debug_return_int(EFAULT);
}
handle->fn_get_values = dlsym(handle->ssslib, "sss_sudo_get_values");
if (handle->fn_get_values == NULL) {
- warningx(_("unable to find symbol \"%s\" in %s"), path,
+ warningx(N_("unable to find symbol \"%s\" in %s"), path,
"sss_sudo_get_values");
debug_return_int(EFAULT);
}
handle->fn_free_values = dlsym(handle->ssslib, "sss_sudo_free_values");
if (handle->fn_free_values == NULL) {
- warningx(_("unable to find symbol \"%s\" in %s"), path,
+ warningx(N_("unable to find symbol \"%s\" in %s"), path,
"sss_sudo_free_values");
debug_return_int(EFAULT);
}
}
}
if (sources == 0) {
- warningx(_("no valid sudoers sources found, quitting"));
+ warningx(N_("no valid sudoers sources found, quitting"));
debug_return_bool(-1);
}
/* Is root even allowed to run sudo? */
if (user_uid == 0 && !def_root_sudo) {
- warningx(_("sudoers specifies that root is not allowed to sudo"));
+ warningx(N_("sudoers specifies that root is not allowed to sudo"));
goto bad;
}
/* Check for -C overriding def_closefrom. */
if (user_closefrom >= 0 && user_closefrom != def_closefrom) {
if (!def_closefrom_override) {
- warningx(_("you are not permitted to use the -C option"));
+ warningx(N_("you are not permitted to use the -C option"));
goto bad;
}
def_closefrom = user_closefrom;
int fd = open(_PATH_TTY, O_RDWR|O_NOCTTY);
if (fd == -1) {
audit_failure(NewArgv, N_("no tty"));
- warningx(_("sorry, you must have a tty to run sudo"));
+ warningx(N_("sorry, you must have a tty to run sudo"));
goto bad;
} else
(void) close(fd);
/* Finally tell the user if the command did not exist. */
if (cmnd_status == NOT_FOUND_DOT) {
audit_failure(NewArgv, N_("command in current directory"));
- warningx(_("ignoring `%s' found in '.'\nUse `sudo ./%s' if this is the `%s' you wish to run."), user_cmnd, user_cmnd, user_cmnd);
+ warningx(N_("ignoring `%s' found in '.'\nUse `sudo ./%s' if this is the `%s' you wish to run."), user_cmnd, user_cmnd, user_cmnd);
goto bad;
} else if (cmnd_status == NOT_FOUND) {
audit_failure(NewArgv, N_("%s: command not found"), user_cmnd);
- warningx(_("%s: command not found"), user_cmnd);
+ warningx(N_("%s: command not found"), user_cmnd);
goto bad;
}
/* If user specified env vars make sure sudoers allows it. */
if (ISSET(sudo_mode, MODE_RUN) && !def_setenv) {
if (ISSET(sudo_mode, MODE_PRESERVE_ENV)) {
- warningx(_("sorry, you are not allowed to preserve the environment"));
+ warningx(N_("sorry, you are not allowed to preserve the environment"));
goto bad;
} else
validate_env_vars(sudo_user.env_vars);
}
if (!editor_path) {
audit_failure(NewArgv, N_("%s: command not found"), editor);
- warningx(_("%s: command not found"), editor);
+ warningx(N_("%s: command not found"), editor);
}
debug_return_str(editor_path);
}
fp = fopen(logfile, "r");
if (fp == NULL) {
- warning(_("unable to open %s"), logfile);
+ warning(N_("unable to open %s"), logfile);
goto bad;
}
debug_return_bool(false);
case SUDO_PATH_WRONG_OWNER:
if (sudoers_warnings) {
- warningx(_("%s is owned by uid %u, should be %u"),
+ warningx(N_("%s is owned by uid %u, should be %u"),
path, (unsigned int) sb.st_uid,
(unsigned int) sudoers_uid);
}
debug_return_bool(false);
case SUDO_PATH_WORLD_WRITABLE:
if (sudoers_warnings) {
- warningx(_("%s is world writable"), path);
+ warningx(N_("%s is world writable"), path);
}
debug_return_bool(false);
case SUDO_PATH_GROUP_WRITABLE:
if (sudoers_warnings) {
- warningx(_("%s is owned by gid %u, should be %u"),
+ warningx(N_("%s is owned by gid %u, should be %u"),
path, (unsigned int) sb.st_gid,
(unsigned int) sudoers_gid);
}
debug_return_bool(false);
case SUDO_PATH_WRONG_OWNER:
if (sudoers_warnings) {
- warningx(_("%s is owned by uid %u, should be %u"),
+ warningx(N_("%s is owned by uid %u, should be %u"),
path, (unsigned int) sb.st_uid,
(unsigned int) sudoers_uid);
}
debug_return_bool(false);
case SUDO_PATH_WORLD_WRITABLE:
if (sudoers_warnings) {
- warningx(_("%s is world writable"), path);
+ warningx(N_("%s is world writable"), path);
}
debug_return_bool(false);
case SUDO_PATH_GROUP_WRITABLE:
if (sudoers_warnings) {
- warningx(_("%s is owned by gid %u, should be %u"),
+ warningx(N_("%s is owned by gid %u, should be %u"),
path, (unsigned int) sb.st_gid,
(unsigned int) sudoers_gid);
}
* Sanity checks.
*/
if (stat(sp->tpath, &sb) < 0) {
- warningx(_("unable to stat temporary file (%s), %s unchanged"),
+ warningx(N_("unable to stat temporary file (%s), %s unchanged"),
sp->tpath, sp->path);
goto done;
}
if (sb.st_size == 0 && orig_size != 0) {
- warningx(_("zero length temporary file (%s), %s unchanged"),
+ warningx(N_("zero length temporary file (%s), %s unchanged"),
sp->tpath, sp->path);
sp->modified = true;
goto done;
}
} else {
- warningx(_("editor (%s) failed, %s unchanged"), editor, sp->path);
+ warningx(N_("editor (%s) failed, %s unchanged"), editor, sp->path);
goto done;
}
if (modified)
sp->modified = modified;
else
- warningx(_("%s unchanged"), sp->tpath);
+ warningx(N_("%s unchanged"), sp->tpath);
rval = true;
done:
/* Parse the sudoers temp file */
sudoersrestart(fp);
if (sudoersparse() && !parse_error) {
- warningx(_("unabled to parse temporary file (%s), unknown error"),
+ warningx(N_("unabled to parse temporary file (%s), unknown error"),
sp->tpath);
parse_error = true;
errorfile = sp->path;
if (fstat(sp->fd, &sb) == -1)
error(1, _("unable to stat %s"), sp->path);
if (chown(sp->tpath, sb.st_uid, sb.st_gid) != 0) {
- warning(_("unable to set (uid, gid) of %s to (%u, %u)"),
+ warning(N_("unable to set (uid, gid) of %s to (%u, %u)"),
sp->tpath, (unsigned int)sb.st_uid, (unsigned int)sb.st_gid);
}
if (chmod(sp->tpath, sb.st_mode & 0777) != 0) {
- warning(_("unable to change mode of %s to 0%o"), sp->tpath,
+ warning(N_("unable to change mode of %s to 0%o"), sp->tpath,
(unsigned int)(sb.st_mode & 0777));
}
} else {
if (chown(sp->tpath, SUDOERS_UID, SUDOERS_GID) != 0) {
- warning(_("unable to set (uid, gid) of %s to (%u, %u)"),
+ warning(N_("unable to set (uid, gid) of %s to (%u, %u)"),
sp->tpath, SUDOERS_UID, SUDOERS_GID);
goto done;
}
if (chmod(sp->tpath, SUDOERS_MODE) != 0) {
- warning(_("unable to change mode of %s to 0%o"), sp->tpath,
+ warning(N_("unable to change mode of %s to 0%o"), sp->tpath,
SUDOERS_MODE);
goto done;
}
} else {
if (errno == EXDEV) {
char *av[4];
- warningx(_("%s and %s not on the same file system, using mv to rename"),
+ warningx(N_("%s and %s not on the same file system, using mv to rename"),
sp->tpath, sp->path);
/* Build up argument vector for the command */
/* And run it... */
if (run_command(_PATH_MV, av)) {
- warningx(_("command failed: '%s %s %s', %s unchanged"),
+ warningx(N_("command failed: '%s %s %s', %s unchanged"),
_PATH_MV, sp->tpath, sp->path, sp->path);
(void) unlink(sp->tpath);
efree(sp->tpath);
efree(sp->tpath);
sp->tpath = NULL;
} else {
- warning(_("error renaming %s, %s unchanged"), sp->tpath, sp->path);
+ warning(N_("error renaming %s, %s unchanged"), sp->tpath, sp->path);
(void) unlink(sp->tpath);
goto done;
}
sudo_endgrent();
closefrom(STDERR_FILENO + 1);
execv(path, argv);
- warning(_("unable to run %s"), path);
+ warning(N_("unable to run %s"), path);
_exit(127);
break; /* NOTREACHED */
}
sudoers_path = "stdin";
} else if ((sudoersin = fopen(sudoers_path, "r")) == NULL) {
if (!quiet)
- warning(_("unable to open %s"), sudoers_path);
+ warning(N_("unable to open %s"), sudoers_path);
goto done;
}
init_parser(sudoers_path, quiet);
if (sudoersparse() && !parse_error) {
if (!quiet)
- warningx(_("failed to parse %s file, unknown error"), sudoers_path);
+ warningx(N_("failed to parse %s file, unknown error"), sudoers_path);
parse_error = true;
errorfile = sudoers_path;
}
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
+#ifdef HAVE_SETLOCALE
+# include <locale.h>
+#endif
#include "missing.h"
+#include "alloc.h"
#include "error.h"
#define DEFAULT_TEXT_DOMAIN "sudo"
_warning(int use_errno, const char *fmt, va_list ap)
{
int serrno = errno;
+#ifdef HAVE_SETLOCALE
+ char *prev_locale = estrdup(setlocale(LC_ALL, NULL));
+
+ /* Set locale to user's if different. */
+ if (*prev_locale != '\0')
+ setlocale(LC_ALL, "");
+#endif
fputs(getprogname(), stderr);
if (fmt != NULL) {
fputs(_(": "), stderr);
- vfprintf(stderr, fmt, ap);
+ vfprintf(stderr, _(fmt), ap);
}
if (use_errno) {
fputs(_(": "), stderr);
fputs(strerror(serrno), stderr);
}
putc('\n', stderr);
+
+#ifdef HAVE_SETLOCALE
+ /* Restore locale if needed. */
+ if (*prev_locale != '\0')
+ setlocale(LC_ALL, prev_locale);
+ efree(prev_locale);
+#endif
}
/* One of the ttys must have gone away. */
goto do_tty_io;
}
- warning(_("select failed"));
+ warning(N_("select failed"));
sudo_debug_printf(SUDO_DEBUG_ERROR,
"select failure, terminating child");
schedule_signal(SIGKILL);
if (ISSET(details->flags, CD_RBAC_ENABLED)) {
/* This is probably not needed in log_io mode. */
if (selinux_restore_tty() != 0)
- warningx(_("unable to restore tty label"));
+ warningx(N_("unable to restore tty label"));
}
#endif
/* Solaris privileges, remove PRIV_PROC_EXEC post-execve. */
if (priv_set(PRIV_OFF, PRIV_LIMIT, "PRIV_PROC_EXEC", NULL) == 0)
debug_return_ptr(envp);
- warning(_("unable to remove PRIV_PROC_EXEC from PRIV_LIMIT"));
+ warning(N_("unable to remove PRIV_PROC_EXEC from PRIV_LIMIT"));
#endif /* HAVE_PRIV_SET */
#ifdef _PATH_SUDO_NOEXEC
error(1, _("unable to create pipe"));
cmnd_pid = sudo_debug_fork();
if (cmnd_pid == -1) {
- warning(_("unable to fork"));
+ warning(N_("unable to fork"));
goto bad;
}
if (cmnd_pid == 0) {
if (n == -1) {
if (errno == EINTR || errno == EAGAIN)
continue;
- warning(_("error reading from signal pipe"));
+ warning(N_("error reading from signal pipe"));
goto done;
}
/*
if (n == -1) {
if (errno == EINTR)
continue;
- warning(_("error reading from pipe"));
+ warning(N_("error reading from pipe"));
goto done;
}
/* Got errno or EOF, either way we are done with errpipe. */
if (n == -1) {
if (errno == EINTR)
continue;
- warning(_("error reading from socketpair"));
+ warning(N_("error reading from socketpair"));
goto done;
}
if (cstmp.type != CMD_SIGNO) {
- warningx(_("unexpected reply type on backchannel: %d"),
+ warningx(N_("unexpected reply type on backchannel: %d"),
cstmp.type);
continue;
}
break; /* all I/O flushed */
if (errno == EINTR || errno == ENOMEM)
continue;
- warning(_("select failed"));
+ warning(N_("select failed"));
}
if (perform_io(fdsr, fdsw, NULL) != 0 || nready == -1)
break;
if (info->path[0] == '/') {
if (strlcpy(path, info->path, sizeof(path)) >= sizeof(path)) {
- warningx(_("%s: %s"), info->path, strerror(ENAMETOOLONG));
+ warningx(N_("%s: %s"), info->path, strerror(ENAMETOOLONG));
goto done;
}
} else {
if (snprintf(path, sizeof(path), "%s%s", _PATH_SUDO_PLUGIN_DIR,
info->path) >= sizeof(path)) {
- warningx(_("%s%s: %s"), _PATH_SUDO_PLUGIN_DIR, info->path,
+ warningx(N_("%s%s: %s"), _PATH_SUDO_PLUGIN_DIR, info->path,
strerror(ENAMETOOLONG));
goto done;
}
goto done;
}
if (sb.st_uid != ROOT_UID) {
- warningx(_("%s must be owned by uid %d"), path, ROOT_UID);
+ warningx(N_("%s must be owned by uid %d"), path, ROOT_UID);
goto done;
}
if ((sb.st_mode & (S_IWGRP|S_IWOTH)) != 0) {
- warningx(_("%s must be only be writable by owner"), path);
+ warningx(N_("%s must be only be writable by owner"), path);
goto done;
}
/* Open plugin and map in symbol */
handle = dlopen(path, RTLD_LAZY|RTLD_GLOBAL);
if (!handle) {
- warningx(_("unable to dlopen %s: %s"), path, dlerror());
+ warningx(N_("unable to dlopen %s: %s"), path, dlerror());
goto done;
}
plugin = dlsym(handle, info->symbol_name);
if (!plugin) {
- warningx(_("%s: unable to find symbol %s"), path,
+ warningx(N_("%s: unable to find symbol %s"), path,
info->symbol_name);
goto done;
}
if (plugin->type != SUDO_POLICY_PLUGIN && plugin->type != SUDO_IO_PLUGIN) {
- warningx(_("%s: unknown policy type %d"), path, plugin->type);
+ warningx(N_("%s: unknown policy type %d"), path, plugin->type);
goto done;
}
if (SUDO_API_VERSION_GET_MAJOR(plugin->version) != SUDO_API_VERSION_MAJOR) {
- warningx(_("%s: incompatible policy major version %d, expected %d"),
+ warningx(N_("%s: incompatible policy major version %d, expected %d"),
path, SUDO_API_VERSION_GET_MAJOR(plugin->version),
SUDO_API_VERSION_MAJOR);
goto done;
}
if (plugin->type == SUDO_POLICY_PLUGIN) {
if (policy_plugin->handle) {
- warningx(_("%s: only a single policy plugin may be loaded"),
+ warningx(N_("%s: only a single policy plugin may be loaded"),
_PATH_SUDO_CONF);
goto done;
}
}
}
if (policy_plugin->u.policy->check_policy == NULL) {
- warningx(_("policy plugin %s does not include a check_policy method"),
+ warningx(N_("policy plugin %s does not include a check_policy method"),
policy_plugin->name);
rval = false;
goto done;
"%s%s/", cp == *addrinfo ? "" : " ",
inet_ntoa(sin->sin_addr));
if (len <= 0 || len >= ailen - (*addrinfo - cp)) {
- warningx(_("load_interfaces: overflow detected"));
+ warningx(N_("load_interfaces: overflow detected"));
goto done;
}
cp += len;
len = snprintf(cp, ailen - (*addrinfo - cp),
"%s", inet_ntoa(sin->sin_addr));
if (len <= 0 || len >= ailen - (*addrinfo - cp)) {
- warningx(_("load_interfaces: overflow detected"));
+ warningx(N_("load_interfaces: overflow detected"));
goto done;
}
cp += len;
len = snprintf(cp, ailen - (*addrinfo - cp),
"%s%s/", cp == *addrinfo ? "" : " ", addrbuf);
if (len <= 0 || len >= ailen - (*addrinfo - cp)) {
- warningx(_("load_interfaces: overflow detected"));
+ warningx(N_("load_interfaces: overflow detected"));
goto done;
}
cp += len;
inet_ntop(AF_INET6, &sin6->sin6_addr, addrbuf, sizeof(addrbuf));
len = snprintf(cp, ailen - (*addrinfo - cp), "%s", addrbuf);
if (len <= 0 || len >= ailen - (*addrinfo - cp)) {
- warningx(_("load_interfaces: overflow detected"));
+ warningx(N_("load_interfaces: overflow detected"));
goto done;
}
cp += len;
"%s%s/", cp == *addrinfo ? "" : " ",
inet_ntoa(sin->sin_addr));
if (len <= 0 || len >= ailen - (*addrinfo - cp)) {
- warningx(_("load_interfaces: overflow detected"));
+ warningx(N_("load_interfaces: overflow detected"));
goto done;
}
cp += len;
len = snprintf(cp, ailen - (*addrinfo - cp),
"%s", inet_ntoa(sin->sin_addr));
if (len <= 0 || len >= ailen - (*addrinfo - cp)) {
- warningx(_("load_interfaces: overflow detected"));
+ warningx(N_("load_interfaces: overflow detected"));
goto done;
}
cp += len;
break;
case 'C':
if (atoi(optarg) < 3) {
- warningx(_("the argument to -C must be a number greater than or equal to 3"));
+ warningx(N_("the argument to -C must be a number greater than or equal to 3"));
usage(1);
}
sudo_settings[ARG_CLOSEFROM].value = optarg;
if (ISSET(flags, MODE_LOGIN_SHELL)) {
if (ISSET(flags, MODE_SHELL)) {
- warningx(_("you may not specify both the `-i' and `-s' options"));
+ warningx(N_("you may not specify both the `-i' and `-s' options"));
usage(1);
}
if (ISSET(flags, MODE_PRESERVE_ENV)) {
- warningx(_("you may not specify both the `-i' and `-E' options"));
+ warningx(N_("you may not specify both the `-i' and `-E' options"));
usage(1);
}
SET(flags, MODE_SHELL);
if (mode == MODE_EDIT &&
(ISSET(flags, MODE_PRESERVE_ENV) || env_add[0] != NULL)) {
if (ISSET(mode, MODE_PRESERVE_ENV))
- warningx(_("the `-E' option is not valid in edit mode"));
+ warningx(N_("the `-E' option is not valid in edit mode"));
if (env_add[0] != NULL)
- warningx(_("you may not specify environment variables in edit mode"));
+ warningx(N_("you may not specify environment variables in edit mode"));
usage(1);
}
if ((runas_user != NULL || runas_group != NULL) &&
usage(1);
}
if (list_user != NULL && mode != MODE_LIST && mode != MODE_CHECK) {
- warningx(_("the `-U' option may only be used with the `-l' option"));
+ warningx(N_("the `-U' option may only be used with the `-l' option"));
usage(1);
}
if (ISSET(tgetpass_flags, TGP_STDIN) && ISSET(tgetpass_flags, TGP_ASKPASS)) {
- warningx(_("the `-A' and `-S' options may not be used together"));
+ warningx(N_("the `-A' and `-S' options may not be used together"));
usage(1);
}
if ((argc == 0 && mode == MODE_EDIT) ||
{
debug_decl(usage_excl, SUDO_DEBUG_ARGS)
- warningx(_("Only one of the -e, -h, -i, -K, -l, -s, -v or -V options may be specified"));
+ warningx(N_("Only one of the -e, -h, -i, -K, -l, -s, -v or -V options may be specified"));
usage(fatal);
}
rc = audit_log_user_message(au_fd, AUDIT_USER_ROLE_CHANGE,
message, NULL, NULL, ttyn, 1);
if (rc <= 0)
- warning(_("unable to send audit message"));
+ warning(N_("unable to send audit message"));
efree(message);
close(au_fd);
}
/* Verify that the tty still has the context set by sudo. */
if ((retval = fgetfilecon(se_state.ttyfd, &chk_tty_context)) < 0) {
- warning(_("unable to fgetfilecon %s"), se_state.ttyn);
+ warning(N_("unable to fgetfilecon %s"), se_state.ttyn);
goto skip_relabel;
}
if ((retval = strcmp(chk_tty_context, se_state.new_tty_context))) {
- warningx(_("%s changed labels"), se_state.ttyn);
+ warningx(N_("%s changed labels"), se_state.ttyn);
goto skip_relabel;
}
if ((retval = fsetfilecon(se_state.ttyfd, se_state.tty_context)) < 0)
- warning(_("unable to restore context for %s"), se_state.ttyn);
+ warning(N_("unable to restore context for %s"), se_state.ttyn);
skip_relabel:
if (se_state.ttyfd != -1) {
if (ptyfd == -1) {
se_state.ttyfd = open(ttyn, O_RDWR|O_NONBLOCK);
if (se_state.ttyfd == -1) {
- warning(_("unable to open %s, not relabeling tty"), ttyn);
+ warning(N_("unable to open %s, not relabeling tty"), ttyn);
if (se_state.enforcing)
goto bad;
}
}
if (fgetfilecon(se_state.ttyfd, &tty_con) < 0) {
- warning(_("unable to get current tty context, not relabeling tty"));
+ warning(N_("unable to get current tty context, not relabeling tty"));
if (se_state.enforcing)
goto bad;
}
if (tty_con && (security_compute_relabel(se_state.new_context, tty_con,
SECCLASS_CHR_FILE, &new_tty_con) < 0)) {
- warning(_("unable to get new tty context, not relabeling tty"));
+ warning(N_("unable to get new tty context, not relabeling tty"));
if (se_state.enforcing)
goto bad;
}
if (new_tty_con != NULL) {
if (fsetfilecon(se_state.ttyfd, new_tty_con) < 0) {
- warning(_("unable to set new tty context"));
+ warning(N_("unable to set new tty context"));
if (se_state.enforcing)
goto bad;
}
/* Reopen pty that was relabeled, std{in,out,err} are reset later. */
se_state.ttyfd = open(ttyn, O_RDWR|O_NOCTTY, 0);
if (se_state.ttyfd == -1) {
- warning(_("unable to open %s"), ttyn);
+ warning(N_("unable to open %s"), ttyn);
if (se_state.enforcing)
goto bad;
}
close(se_state.ttyfd);
se_state.ttyfd = open(ttyn, O_RDWR|O_NONBLOCK);
if (se_state.ttyfd == -1) {
- warning(_("unable to open %s"), ttyn);
+ warning(N_("unable to open %s"), ttyn);
goto bad;
}
(void)fcntl(se_state.ttyfd, F_SETFL,
/* We must have a role, the type is optional (we can use the default). */
if (!role) {
- warningx(_("you must specify a role for type %s"), type);
+ warningx(N_("you must specify a role for type %s"), type);
errno = EINVAL;
goto bad;
}
if (!type) {
if (get_default_type(role, &typebuf)) {
- warningx(_("unable to get default type for role %s"), role);
+ warningx(N_("unable to get default type for role %s"), role);
errno = EINVAL;
goto bad;
}
* type we will be running the command as.
*/
if (context_role_set(context, role)) {
- warning(_("failed to set new role %s"), role);
+ warning(N_("failed to set new role %s"), role);
goto bad;
}
if (context_type_set(context, type)) {
- warning(_("failed to set new type %s"), type);
+ warning(N_("failed to set new type %s"), type);
goto bad;
}
*/
new_context = estrdup(context_str(context));
if (security_check_context(new_context) < 0) {
- warningx(_("%s is not a valid context"), new_context);
+ warningx(N_("%s is not a valid context"), new_context);
errno = EINVAL;
goto bad;
}
/* Store the caller's SID in old_context. */
if (getprevcon(&se_state.old_context)) {
- warning(_("failed to get old_context"));
+ warning(N_("failed to get old_context"));
goto done;
}
se_state.enforcing = security_getenforce();
if (se_state.enforcing < 0) {
- warning(_("unable to determine enforcing mode."));
+ warning(N_("unable to determine enforcing mode."));
goto done;
}
goto done;
if (relabel_tty(ttyn, ptyfd) < 0) {
- warning(_("unable to setup tty context for %s"), se_state.new_context);
+ warning(N_("unable to setup tty context for %s"), se_state.new_context);
goto done;
}
debug_decl(selinux_execve, SUDO_DEBUG_SELINUX)
if (setexeccon(se_state.new_context)) {
- warning(_("unable to set exec context to %s"), se_state.new_context);
+ warning(N_("unable to set exec context to %s"), se_state.new_context);
if (se_state.enforcing)
debug_return;
}
#ifdef HAVE_SETKEYCREATECON
if (setkeycreatecon(se_state.new_context)) {
- warning(_("unable to set key creation context to %s"), se_state.new_context);
+ warning(N_("unable to set key creation context to %s"), se_state.new_context);
if (se_state.enforcing)
debug_return;
}
*cp = '-';
}
sudo_execve(cmnd, argv, envp, noexec);
- warning(_("unable to execute %s"), argv[0]);
+ warning(N_("unable to execute %s"), argv[0]);
sudo_debug_exit_int(__func__, __FILE__, __LINE__, sudo_debug_subsys, EXIT_FAILURE);
_exit(EXIT_FAILURE);
}
case SETPROJ_ERR_TASK:
switch (errno) {
case EAGAIN:
- warningx(_("resource control limit has been reached"));
+ warningx(N_("resource control limit has been reached"));
break;
case ESRCH:
- warningx(_("user \"%s\" is not a member of project \"%s\""),
+ warningx(N_("user \"%s\" is not a member of project \"%s\""),
pw->pw_name, proj.pj_name);
break;
case EACCES:
- warningx(_("the invoking task is final"));
+ warningx(N_("the invoking task is final"));
break;
default:
- warningx(_("could not join project \"%s\""), proj.pj_name);
+ warningx(N_("could not join project \"%s\""), proj.pj_name);
}
case SETPROJ_ERR_POOL:
switch (errno) {
case EACCES:
- warningx(_("no resource pool accepting default bindings "
+ warningx(N_("no resource pool accepting default bindings "
"exists for project \"%s\""), proj.pj_name);
break;
case ESRCH:
- warningx(_("specified resource pool does not exist for "
+ warningx(N_("specified resource pool does not exist for "
"project \"%s\""), proj.pj_name);
break;
default:
- warningx(_("could not bind to default resource pool for "
+ warningx(N_("could not bind to default resource pool for "
"project \"%s\""), proj.pj_name);
}
break;
default:
if (errval <= 0) {
- warningx(_("setproject failed for project \"%s\""), proj.pj_name);
+ warningx(N_("setproject failed for project \"%s\""), proj.pj_name);
} else {
- warningx(_("warning, resource control assignment failed for "
+ warningx(N_("warning, resource control assignment failed for "
"project \"%s\""), proj.pj_name);
}
}
*/
lc = login_getclass((char *)details->login_class);
if (!lc) {
- warningx(_("unknown login class %s"), details->login_class);
+ warningx(N_("unknown login class %s"), details->login_class);
errno = ENOENT;
goto done;
}
}
if (setusercontext(lc, details->pw, details->pw->pw_uid, flags)) {
if (details->pw->pw_uid != ROOT_UID) {
- warning(_("unable to set user context"));
+ warning(N_("unable to set user context"));
goto done;
} else
- warning(_("unable to set user context"));
+ warning(N_("unable to set user context"));
}
}
#endif /* HAVE_LOGIN_CAP_H */
if (!ISSET(details->flags, CD_PRESERVE_GROUPS)) {
if (details->ngroups >= 0) {
if (sudo_setgroups(details->ngroups, details->groups) < 0) {
- warning(_("unable to set supplementary group IDs"));
+ warning(N_("unable to set supplementary group IDs"));
goto done;
}
}
}
#ifdef HAVE_SETEUID
if (ISSET(details->flags, CD_SET_EGID) && setegid(details->egid)) {
- warning(_("unable to set effective gid to runas gid %u"),
+ warning(N_("unable to set effective gid to runas gid %u"),
(unsigned int)details->egid);
goto done;
}
#endif
if (ISSET(details->flags, CD_SET_GID) && setgid(details->gid)) {
- warning(_("unable to set gid to runas gid %u"),
+ warning(N_("unable to set gid to runas gid %u"),
(unsigned int)details->gid);
goto done;
}
if (ISSET(details->flags, CD_SET_PRIORITY)) {
if (setpriority(PRIO_PROCESS, 0, details->priority) != 0) {
- warning(_("unable to set process priority"));
+ warning(N_("unable to set process priority"));
goto done;
}
}
(void) umask(details->umask);
if (details->chroot) {
if (chroot(details->chroot) != 0 || chdir("/") != 0) {
- warning(_("unable to change root to %s"), details->chroot);
+ warning(N_("unable to change root to %s"), details->chroot);
goto done;
}
}
#ifdef HAVE_SETRESUID
if (setresuid(details->uid, details->euid, details->euid) != 0) {
- warning(_("unable to change to runas uid (%u, %u)"), details->uid,
+ warning(N_("unable to change to runas uid (%u, %u)"), details->uid,
details->euid);
goto done;
}
#elif HAVE_SETREUID
if (setreuid(details->uid, details->euid) != 0) {
- warning(_("unable to change to runas uid (%u, %u)"),
+ warning(N_("unable to change to runas uid (%u, %u)"),
(unsigned int)details->uid, (unsigned int)details->euid);
goto done;
}
#else
if (seteuid(details->euid) != 0 || setuid(details->euid) != 0) {
- warning(_("unable to change to runas uid (%u, %u)"), details->uid,
+ warning(N_("unable to change to runas uid (%u, %u)"), details->uid,
details->euid);
goto done;
}
if (details->chroot || strcmp(details->cwd, user_details.cwd) != 0) {
/* Note: cwd is relative to the new root, if any. */
if (chdir(details->cwd) != 0) {
- warning(_("unable to change directory to %s"), details->cwd);
+ warning(N_("unable to change directory to %s"), details->cwd);
goto done;
}
}
exitcode = WTERMSIG(cstat.val) | 128;
break;
default:
- warningx(_("unexpected child termination condition: %d"), cstat.type);
+ warningx(N_("unexpected child termination condition: %d"), cstat.type);
break;
}
debug_return_int(exitcode);
{
debug_decl(policy_list, SUDO_DEBUG_PCOMM)
if (plugin->u.policy->list == NULL) {
- warningx(_("policy plugin %s does not support listing privileges"),
+ warningx(N_("policy plugin %s does not support listing privileges"),
plugin->name);
debug_return_bool(false);
}
{
debug_decl(policy_validate, SUDO_DEBUG_PCOMM)
if (plugin->u.policy->validate == NULL) {
- warningx(_("policy plugin %s does not support the -v option"),
+ warningx(N_("policy plugin %s does not support the -v option"),
plugin->name);
debug_return_bool(false);
}
* We will change the euid as needed below.
*/
if (setuid(ROOT_UID) != 0) {
- warning(_("unable to change uid to root (%u)"), ROOT_UID);
+ warning(N_("unable to change uid to root (%u)"), ROOT_UID);
goto cleanup;
}
editor_argc++;
}
if (nfiles == 0) {
- warningx(_("plugin error: missing file list for sudoedit"));
+ warningx(N_("plugin error: missing file list for sudoedit"));
goto cleanup;
}
if (rc)
warning("%s", files[i]);
else
- warningx(_("%s: not a regular file"), files[i]);
+ warningx(N_("%s: not a regular file"), files[i]);
if (ofd != -1)
close(ofd);
continue;
if (nwritten == -1)
warning("%s", tf[j].tfile);
else
- warningx(_("%s: short write"), tf[j].tfile);
+ warningx(N_("%s: short write"), tf[j].tfile);
goto cleanup;
}
}
if (rc)
warning("%s", tf[i].tfile);
else
- warningx(_("%s: not a regular file"), tf[i].tfile);
- warningx(_("%s left unmodified"), tf[i].ofile);
+ warningx(N_("%s: not a regular file"), tf[i].tfile);
+ warningx(N_("%s left unmodified"), tf[i].ofile);
if (tfd != -1)
close(tfd);
continue;
*/
timevalsub(&tv1, &tv2);
if (timevalisset(&tv2)) {
- warningx(_("%s unchanged"), tf[i].ofile);
+ warningx(N_("%s unchanged"), tf[i].ofile);
unlink(tf[i].tfile);
close(tfd);
continue;
switch_user(ROOT_UID, user_details.egid,
user_details.ngroups, user_details.groups);
if (ofd == -1) {
- warning(_("unable to write to %s"), tf[i].ofile);
- warningx(_("contents of edit session left in %s"), tf[i].tfile);
+ warning(N_("unable to write to %s"), tf[i].ofile);
+ warningx(N_("contents of edit session left in %s"), tf[i].tfile);
close(tfd);
continue;
}
if (nwritten == -1)
warning("%s", tf[i].ofile);
else
- warningx(_("%s: short write"), tf[i].ofile);
+ warningx(N_("%s: short write"), tf[i].ofile);
break;
}
}
/* success, got EOF */
unlink(tf[i].tfile);
} else if (nread < 0) {
- warning(_("unable to read temporary file"));
- warningx(_("contents of edit session left in %s"), tf[i].tfile);
+ warning(N_("unable to read temporary file"));
+ warningx(N_("contents of edit session left in %s"), tf[i].tfile);
} else {
- warning(_("unable to write to %s"), tf[i].ofile);
- warningx(_("contents of edit session left in %s"), tf[i].tfile);
+ warning(N_("unable to write to %s"), tf[i].ofile);
+ warningx(N_("contents of edit session left in %s"), tf[i].tfile);
}
close(ofd);
}
if (!ISSET(flags, TGP_STDIN|TGP_ECHO|TGP_ASKPASS|TGP_NOECHO_TRY) &&
!tty_present()) {
if (askpass == NULL || getenv_unhooked("DISPLAY") == NULL) {
- warningx(_("no tty present and no askpass program specified"));
+ warningx(N_("no tty present and no askpass program specified"));
debug_return_str(NULL);
}
SET(flags, TGP_ASKPASS);
}
(void) setuid(ROOT_UID);
if (setgid(user_details.gid)) {
- warning(_("unable to set gid to %u"), (unsigned int)user_details.gid);
+ warning(N_("unable to set gid to %u"), (unsigned int)user_details.gid);
_exit(255);
}
if (setuid(user_details.uid)) {
- warning(_("unable to set uid to %u"), (unsigned int)user_details.uid);
+ warning(N_("unable to set uid to %u"), (unsigned int)user_details.uid);
_exit(255);
}
closefrom(STDERR_FILENO + 1);
execl(askpass, askpass, prompt, (char *)NULL);
- warning(_("unable to run %s"), askpass);
+ warning(N_("unable to run %s"), askpass);
_exit(255);
}
projects / sudo / commitdiff