/* A colon-separated list of pathnames to be used as the editor for visudo. */
#undef EDITOR
+/* Define to 1 to enable sudo's plugin interface. */
+#undef ENABLE_SUDO_PLUGIN_API
+
/* Define to 1 to enable environment function debugging. */
#undef ENV_DEBUG
#define _PATH_SUDO_PLUGIN_DIR "$PLUGINDIR/"
EOF
+
+$as_echo "#define ENABLE_SUDO_PLUGIN_API 1" >>confdefs.h
+
fi
exec_prefix="$oexec_prefix"
+fi
+if test X"$with_noexec" = X"no"; then
+ cat >>confdefs.h <<EOF
+#define _PATH_SUDO_NOEXEC NULL
+EOF
+
fi
if test X"$with_selinux" = X"no"; then
cat >>confdefs.h <<EOF
#define _PATH_SUDO_SESH NULL
EOF
+fi
+if test X"$enable_shared" = X"no"; then
+ cat >>confdefs.h <<EOF
+#define _PATH_SUDO_PLUGIN_DIR NULL
+EOF
+
fi
if test X"$LDFLAGS_R" != X""; then
eval PLUGINDIR="$_PLUGINDIR"
done
SUDO_DEFINE_UNQUOTED(_PATH_SUDO_PLUGIN_DIR, "$PLUGINDIR/")
+ AC_DEFINE(ENABLE_SUDO_PLUGIN_API, 1, [Define to 1 to enable sudo's plugin interface.])
fi
exec_prefix="$oexec_prefix"
fi
+if test X"$with_noexec" = X"no"; then
+ SUDO_DEFINE_UNQUOTED(_PATH_SUDO_NOEXEC, NULL)
+fi
if test X"$with_selinux" = X"no"; then
SUDO_DEFINE_UNQUOTED(_PATH_SUDO_SESH, NULL)
fi
+if test X"$enable_shared" = X"no"; then
+ SUDO_DEFINE_UNQUOTED(_PATH_SUDO_PLUGIN_DIR, NULL)
+fi
dnl
dnl Add -R options to LDFLAGS, etc.
__dso_public bool sudo_conf_probe_interfaces_v1(void);
__dso_public int sudo_conf_group_source_v1(void);
__dso_public int sudo_conf_max_groups_v1(void);
+__dso_public void sudo_conf_clear_paths_v1(void);
#define sudo_conf_askpass_path() sudo_conf_askpass_path_v1()
#define sudo_conf_sesh_path() sudo_conf_sesh_path_v1()
#define sudo_conf_noexec_path() sudo_conf_noexec_path_v1()
#define sudo_conf_probe_interfaces() sudo_conf_probe_interfaces_v1()
#define sudo_conf_group_source() sudo_conf_group_source_v1()
#define sudo_conf_max_groups() sudo_conf_max_groups_v1()
+#define sudo_conf_clear_paths() sudo_conf_clear_paths_v1()
#endif /* SUDO_CONF_H */
fprintf(stderr, "usage: %s conf_file\n", getprogname());
exit(EXIT_FAILURE);
}
+ sudo_conf_clear_paths();
if (sudo_conf_read(argv[1], SUDO_CONF_ALL) == -1)
exit(EXIT_FAILURE);
sudo_conf_dump();
printf("Set max_groups %d\n", sudo_conf_max_groups());
if (sudo_conf_askpass_path() != NULL)
printf("Path askpass %s\n", sudo_conf_askpass_path());
-#ifdef _PATH_SUDO_NOEXEC
+ if (sudo_conf_sesh_path() != NULL)
+ printf("Path sesh %s\n", sudo_conf_sesh_path());
if (sudo_conf_noexec_path() != NULL)
printf("Path noexec %s\n", sudo_conf_noexec_path());
-#endif
+ if (sudo_conf_plugin_dir_path() != NULL)
+ printf("Path plugin_dir %s\n", sudo_conf_plugin_dir_path());
TAILQ_FOREACH(info, plugins, entries) {
printf("Plugin %s %s", info->symbol_name, info->path);
if (info->options) {
Set group_source static
Set max_groups -1
Path askpass /usr/X11R6/bin/ssh-askpass
+Path noexec /usr/libexec/sudo_noexec.so
Plugin sudoers_policy sudoers.so
Plugin sudoers_io sudoers.so
# define ROOT_UID 0
#endif
-/* Avoid excessive #ifdefs in the code. */
-#ifndef _PATH_SUDO_NOEXEC
-# define _PATH_SUDO_NOEXEC NULL
-#endif
-#ifndef _PATH_SUDO_PLUGIN_DIR
-# define _PATH_SUDO_PLUGIN_DIR NULL
-#endif
-
struct sudo_conf_table {
const char *name;
unsigned int namelen;
free(prev_locale);
debug_return_int(ret);
}
+
+/*
+ * Used by the sudo_conf regress test to clear compile-time path settings.
+ */
+void
+sudo_conf_clear_paths_v1(void)
+{
+ struct sudo_conf_path_table *cur;
+ debug_decl(sudo_conf_clear_paths, SUDO_DEBUG_UTIL)
+
+ for (cur = sudo_conf_data.path_table; cur->pname != NULL; cur++)
+ cur->pval = NULL;
+}
@COMPAT_EXP@initprogname
sudo_conf_askpass_path_v1
+sudo_conf_clear_paths_v1
sudo_conf_debug_files_v1
sudo_conf_debugging_v1
sudo_conf_disable_coredump_v1
remhost = *cur + sizeof("remote_host=") - 1;
continue;
}
-#ifdef _PATH_SUDO_PLUGIN_DIR
+#ifdef ENABLE_SUDO_PLUGIN_API
if (MATCHES(*cur, "plugin_dir=")) {
path_plugin_dir = *cur + sizeof("plugin_dir=") - 1;
continue;
#include "sudo.h"
#include "sudo_exec.h"
-#ifdef _PATH_SUDO_NOEXEC
+#ifdef RTLD_PRELOAD_VAR
/*
* Add a DSO file to LD_PRELOAD or the system equivalent.
*/
debug_return_ptr(envp);
}
-#endif /* _PATH_SUDO_NOEXEC */
+#endif /* RTLD_PRELOAD_VAR */
/*
* Disable execution of child processes in the command we are about
sudo_warn(U_("unable to remove PRIV_PROC_EXEC from PRIV_LIMIT"));
#endif /* HAVE_PRIV_SET */
-#ifdef _PATH_SUDO_NOEXEC
+#ifdef RTLD_PRELOAD_VAR
if (dso != NULL)
envp = preload_dso(envp, dso);
-#endif /* _PATH_SUDO_NOEXEC */
+#endif /* RTLD_PRELOAD_VAR */
debug_return_ptr(envp);
}
/* We always use the same name for the sudoers plugin, regardless of the OS */
#define SUDOERS_PLUGIN "sudoers.so"
-#ifdef _PATH_SUDO_PLUGIN_DIR
+#ifdef ENABLE_SUDO_PLUGIN_API
static int
sudo_stat_plugin(struct plugin_info *info, char *fullpath,
size_t pathsize, struct stat *sb)
(void)strlcpy(fullpath, info->path, pathsize);
debug_return_bool(true);
}
-#endif /* _PATH_SUDO_PLUGIN_DIR */
+#endif /* ENABLE_SUDO_PLUGIN_API */
/*
* Load the plugin specified by "info".
SET(flags, (MODE_IMPLIED_SHELL | MODE_SHELL));
sudo_settings[ARG_IMPLIED_SHELL].value = "true";
}
-#ifdef _PATH_SUDO_PLUGIN_DIR
+#ifdef ENABLE_SUDO_PLUGIN_API
sudo_settings[ARG_PLUGIN_DIR].value = sudo_conf_plugin_dir_path();
#endif