#include <malloc.h>
#endif /* HAVE_MALLOC_H && !STDC_HEADERS */
#include <ctype.h>
+#include <grp.h>
#include <sys/param.h>
#include <sys/types.h>
#include <netinet/in.h>
+int usergr_matches(group, user)
+ char *group;
+ char *user;
+{
+ struct group *grpent;
+ char **cur;
+
+ /* make sure we have a valid usergroup, sudo style */
+ if (*group++ != '%')
+ return(FALSE);
+
+ if ((grpent = getgrnam(group)) == NULL)
+ return(FALSE);
+
+ /*
+ * Check against user's real gid as well as group's user list
+ */
+ if (getgid() == grpent->gr_gid)
+ return(TRUE);
+
+ for (cur=grpent->gr_mem; *cur; cur++) {
+ if (strcmp(*cur, user) == 0)
+ return(TRUE);
+ }
+
+ return(FALSE);
+}
+
+
+
int netgr_matches(netgr, host, user)
char *netgr;
char *host;
#endif /* HAVE_GETDOMAINNAME */
/* make sure we have a valid netgroup, sudo style */
- if (*netgr != '+')
+ if (*netgr++ != '+')
return(FALSE);
#ifdef HAVE_GETDOMAINNAME
#endif /* HAVE_GETDOMAINNAME */
#ifdef HAVE_INNETGR
- return(innetgr(netgr+1, host, user, domain));
+ return(innetgr(netgr, host, user, domain));
#else
return(FALSE);
#endif /* HAVE_INNETGR */
return(NETGROUP);
}
+\%[a-zA-Z][a-zA-Z0-9_-]* {
+ fill(yytext, yyleng);
+ return(USERGROUP);
+ }
+
{N}\.{N}\.{N}\.{N} {
fill(yytext, yyleng);
return(NTWKADDR);
extern int path_matches __P((char *, char *));
extern int addr_matches __P((char *));
extern int netgr_matches __P((char *, char *, char *));
+extern int usergr_matches __P((char *, char *));
static int find_alias __P((char *, int));
static int add_alias __P((char *, int));
static int more_aliases __P((size_t));
%token <string> ALIAS /* an UPPERCASE alias name */
%token <string> NTWKADDR /* w.x.y.z */
%token <string> NETGROUP /* a netgroup (+NAME) */
+%token <string> USERGROUP /* a usergroup (*NAME) */
%token <string> COMMAND /* an absolute pathname + args */
%token <string> NAME /* a mixed-case name */
%token <tok> COMMENT /* comment and/or carriage return */
(void) free($1);
$1 = NULL; /* XXX */
}
+ | USERGROUP {
+ if (usergr_matches($1, user_name))
+ user_matches = TRUE;
+ (void) free($1);
+ $1 = NULL; /* XXX */
+ }
| NETGROUP {
if (netgr_matches($1, NULL, user_name))
user_matches = TRUE;
int path_matches __P((char *, char *));
int addr_matches __P((char *));
int netgr_matches __P((char *, char *, char *));
+int usergr_matches __P((char *, char *));
/*
return(TRUE);
}
+int usergr_matches(g, u)
+ char *g, *u;
+{
+ return(TRUE);
+}
+
int netgr_matches(n, h, u)
char *n, *h, *u;
projects / sudo / commitdiff