o stay_setuid - sudo will remain setuid if system has saved uids or setreuid(2)
o env_reset - reset the environment to a sane default
o env_keep - preserve environment variables that would otherwise be cleared
No longer use getenv/putenv/setenv functions--do environment munging by hand.
Potentially dangerous environment variables can be cleared only if they
contain '/' pr '%' characters to protect buggy programs.
Moved environment routines into env.c (new file)
Sudo 1.6.3 released.
-409) Visudo now checks for the existence of an editor and gives a sensible
+409) Fixed targetpw, rootpw, and runaspw options when used with non-passwd
+ authentication (pam, etc).
+
+Sudo 1.6.3p1 released.
+
+410) When the targetpw flag is set, use the target username as part
+ of the timestamp path.
+
+Sudo 1.6.3p2 released.
+
+411) Fixed a bug that prevented the -H option from being useful.
+
+Sudo 1.6.3p3 released.
+
+412) Fixed a case where a string was used after it had been freed.
+
+Sudo 1.6.3p4 released.
+
+413) Fixed listpw and verifypw sudoers options.
+
+414) Do not write NUL when writing passwd prompt; hag@linnaean.org.
+
+Sudo 1.6.3p5 released.
+
+415) Visudo now checks for the existence of an editor and gives a sensible
error if it does not exist.
-410) The path to the editor for visudo is now a colon-separated list of
+416) The path to the editor for visudo is now a colon-separated list of
allowable editors. If the user has $EDITOR set and it matches
one of the allowed editors that editor will be used. If not,
the first editor that actually exists is used.
-411) Visudo now does its own fork/exec instead of calling system(3).
+417) Visudo now does its own fork/exec instead of calling system(3).
+
+418) Call clean_env very early in main() for paranoia's sake. Idea from
+ Marc Esipovich.
+
+419) Allow special characters (including '#') to be embedded in pathnames
+ if quoted by a '\\'. The quoted chars will be dealt with by fnmatch().
+ Unfortunately, 'sudo -l' still prints the '\\'.
+
+420) Added always_set_home option.
+
+421) Strip NLSPATH and PATH_LOCALE out from the environment to prevent
+ reading of protected files by a less priviledged user.
+
+422) Add support for BSD authentication and associated -a flag.
+
+423) Added check for _innetgr(3) since NCR systems have this instead
+ of innetgr(3).
+
+424) Added stay_setuid option for systems that have libraries that perform
+ extra paranoia checks in system libraries for setuid programs.
+
+425) Environment munging is now done by hand. We build up a new environment
+ and assign it to "environ". This means we don't rely on getenv(3),
+ putenv(3), or setenv(3).
+
+426) Added env_reset and env_keep options. This allows the sysadmin to
+ force commands to run with a clean environment. Any variable in
+ the env_keep list will not get cleared when the environment is reset
+ *or* purged of dangerous vars (e.g. LD_*).
+
+427) Added a class of environment variables that are only cleared if they
+ contain '/' or '%' characters.
PROGS = @PROGS@
-SRCS = alloc.c alloca.c check.c defaults.c fileops.c find_path.c fnmatch.c \
- getcwd.c getspwuid.c goodpath.c interfaces.c lex.yy.c lsearch.c \
- logging.c parse.c parse.lex parse.yacc putenv.c set_perms.c snprintf.c \
- strcasecmp.c strerror.c sudo.c sudo.tab.c sudo_setenv.c testsudoers.c \
+SRCS = alloc.c alloca.c check.c defaults.c env.c fileops.c find_path.c \
+ fnmatch.c getcwd.c getspwuid.c goodpath.c interfaces.c lex.yy.c \
+ lsearch.c logging.c parse.c parse.lex parse.yacc set_perms.c \
+ snprintf.c strcasecmp.c strerror.c sudo.c sudo.tab.c testsudoers.c \
tgetpass.c utime.c visudo.c $(AUTH_SRCS)
AUTH_SRCS = auth/afs.c auth/aix_auth.c auth/bsdauth.c auth/dce.c auth/fwtk.c \
PARSEOBJS = sudo.tab.o lex.yy.o alloc.o defaults.o
-SUDOBJS = check.o getspwuid.o goodpath.o fileops.o find_path.o interfaces.o \
- logging.o parse.o set_perms.o sudo.o sudo_setenv.o tgetpass.o \
+SUDOBJS = check.o env.o getspwuid.o goodpath.o fileops.o find_path.o \
+ interfaces.o logging.o parse.o set_perms.o sudo.o tgetpass.o \
$(AUTH_OBJS) $(PARSEOBJS)
VISUDOBJS = visudo.o fileops.o goodpath.o find_path.o $(PARSEOBJS)
# Dependencies (not counting auth functions)
alloc.o: alloc.c $(SUDODEP)
check.o: check.c $(SUDODEP)
+env.o: env.c $(SUDODEP)
fileops.o: fileops.c $(SUDODEP)
find_path.o: find_path.c $(SUDODEP)
getspwuid.o: getspwuid.c $(SUDODEP)
goodpath.o: goodpath.c $(SUDODEP)
logging.o: logging.c $(SUDODEP)
set_perms.o: set_perms.c $(SUDODEP)
-sudo_setenv.o: sudo_setenv.c $(SUDODEP)
tgetpass.o: tgetpass.c $(SUDODEP)
visudo.o: visudo.c $(SUDODEP) version.h
sudo.o: sudo.c $(SUDODEP) interfaces.h version.h
fnmatch.o: fnmatch.c config.h compat.h emul/fnmatch.h
getcwd.o: getcwd.c config.h compat.h
lsearch.o: lsearch.c config.h compat.h emul/search.h
-putenv.o: putenv.c config.h compat.h
snprintf.o: snprintf.c config.h compat.h
strcasecmp.o: strcasecmp.c config.h
strerror.o: strerror.c config.h
/*
- * Copyright (c) 1994-1996,1998-1999 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 1993-1996,1998-1999 Todd C. Miller <Todd.Miller@courtesan.com>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
# endif /* __hpux */
#endif /* HAVE_SETEUID */
+/*
+ * Emulate setreuid() for HP-UX via setresuid(2)
+ */
+#if !defined(HAVE_SETREUID) && defined(__hpux)
+# define setreuid(_RUID, _EUID) (setresuid(_RUID, _EUID, (uid_t) -1))
+# define HAVE_SETREUID
+#endif /* !HAVE_SETEUID && __hpux */
+
/*
* NCR's SVr4 has _innetgr(3) instead of innetgr(3) for some reason.
*/
/* Define if you have sysconf(3c). */
#undef HAVE_SYSCONF
-/* Define if you have putenv(3). */
-#undef HAVE_PUTENV
-
-/* Define if you have setenv(3). */
-#undef HAVE_SETENV
-
/* Define if you have strcasecmp(3). */
#undef HAVE_STRCASECMP
/* Define if you have seteuid(3). */
#undef HAVE_SETEUID
+/* Define if you have setreuid(3). */
+#undef HAVE_SETREUID
+
/* Define if you have waitpid(2). */
#undef HAVE_WAITPID
CHECKSHADOW="false"
fi
;;
+ *-*-*openbsd*)
+ BROKEN_SETREUID=yes
+ if test "$CHECKSHADOW" = "true"; then
+ CHECKSHADOW="false"
+ fi
+ ;;
+ *-*-*netbsd*)
+ BROKEN_SETREUID=yes
+ if test "$CHECKSHADOW" = "true"; then
+ CHECKSHADOW="false"
+ fi
+ ;;
*-*-*bsd*)
if test "$CHECKSHADOW" = "true"; then
CHECKSHADOW="false"
if test "$CHECKSHADOW" = "true"; then
echo $ac_n "checking for getspnam""... $ac_c" 1>&6
-echo "configure:4141: checking for getspnam" >&5
+echo "configure:4153: checking for getspnam" >&5
if eval "test \"`echo '$''{'ac_cv_func_getspnam'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 4146 "configure"
+#line 4158 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char getspnam(); below. */
; return 0; }
EOF
-if { (eval echo configure:4169: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:4181: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_func_getspnam=yes"
else
fi
if test "$CHECKSHADOW" = "true"; then
echo $ac_n "checking for getprpwnam""... $ac_c" 1>&6
-echo "configure:4194: checking for getprpwnam" >&5
+echo "configure:4206: checking for getprpwnam" >&5
if eval "test \"`echo '$''{'ac_cv_func_getprpwnam'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 4199 "configure"
+#line 4211 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char getprpwnam(); below. */
; return 0; }
EOF
-if { (eval echo configure:4222: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:4234: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_func_getprpwnam=yes"
else
else
echo "$ac_t""no" 1>&6
echo $ac_n "checking for getprpwnam in -lsec""... $ac_c" 1>&6
-echo "configure:4243: checking for getprpwnam in -lsec" >&5
+echo "configure:4255: checking for getprpwnam in -lsec" >&5
if test -n ""; then
ac_lib_var=`echo sec'_'getprpwnam | sed 'y% ./+-%___p_%'`
else
ac_save_LIBS="$LIBS"
LIBS="-lsec $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 4255 "configure"
+#line 4267 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
getprpwnam()
; return 0; }
EOF
-if { (eval echo configure:4266: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:4278: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
else
echo "$ac_t""no" 1>&6
echo $ac_n "checking for getprpwnam in -lsecurity""... $ac_c" 1>&6
-echo "configure:4288: checking for getprpwnam in -lsecurity" >&5
+echo "configure:4300: checking for getprpwnam in -lsecurity" >&5
if test -n ""; then
ac_lib_var=`echo security'_'getprpwnam | sed 'y% ./+-%___p_%'`
else
ac_save_LIBS="$LIBS"
LIBS="-lsecurity $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 4300 "configure"
+#line 4312 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
getprpwnam()
; return 0; }
EOF
-if { (eval echo configure:4311: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:4323: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
else
echo "$ac_t""no" 1>&6
echo $ac_n "checking for getprpwnam in -lprot""... $ac_c" 1>&6
-echo "configure:4333: checking for getprpwnam in -lprot" >&5
+echo "configure:4345: checking for getprpwnam in -lprot" >&5
if test -n ""; then
ac_lib_var=`echo prot'_'getprpwnam | sed 'y% ./+-%___p_%'`
else
ac_save_LIBS="$LIBS"
LIBS="-lprot $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 4345 "configure"
+#line 4357 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
getprpwnam()
; return 0; }
EOF
-if { (eval echo configure:4356: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:4368: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
if test $ac_cv_prog_gcc = yes; then
echo $ac_n "checking whether ${CC-cc} needs -traditional""... $ac_c" 1>&6
-echo "configure:4389: checking whether ${CC-cc} needs -traditional" >&5
+echo "configure:4401: checking whether ${CC-cc} needs -traditional" >&5
if eval "test \"`echo '$''{'ac_cv_prog_gcc_traditional'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
ac_pattern="Autoconf.*'x'"
cat > conftest.$ac_ext <<EOF
-#line 4395 "configure"
+#line 4407 "configure"
#include "confdefs.h"
#include <sgtty.h>
Autoconf TIOCGETP
if test $ac_cv_prog_gcc_traditional = no; then
cat > conftest.$ac_ext <<EOF
-#line 4413 "configure"
+#line 4425 "configure"
#include "confdefs.h"
#include <termio.h>
Autoconf TCGETA
fi
echo $ac_n "checking for working const""... $ac_c" 1>&6
-echo "configure:4435: checking for working const" >&5
+echo "configure:4447: checking for working const" >&5
if eval "test \"`echo '$''{'ac_cv_c_const'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 4440 "configure"
+#line 4452 "configure"
#include "confdefs.h"
int main() {
; return 0; }
EOF
-if { (eval echo configure:4489: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:4501: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
ac_cv_c_const=yes
else
# Extract the first word of "$ac_prog", so it can be a program name with args.
set dummy $ac_prog; ac_word=$2
echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:4514: checking for $ac_word" >&5
+echo "configure:4526: checking for $ac_word" >&5
if eval "test \"`echo '$''{'ac_cv_prog_YACC'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
test -n "$YACC" || YACC="yacc"
echo $ac_n "checking for mv""... $ac_c" 1>&6
-echo "configure:4544: checking for mv" >&5
+echo "configure:4556: checking for mv" >&5
if test -f "/usr/bin/mv"; then
echo "$ac_t""/usr/bin/mv" 1>&6
cat >> confdefs.h <<\EOF
fi
echo $ac_n "checking for bourne shell""... $ac_c" 1>&6
-echo "configure:4574: checking for bourne shell" >&5
+echo "configure:4586: checking for bourne shell" >&5
if test -f "/bin/sh"; then
echo "$ac_t""/bin/sh" 1>&6
cat >> confdefs.h <<\EOF
if test -z "$with_sendmail"; then
echo $ac_n "checking for sendmail""... $ac_c" 1>&6
-echo "configure:4629: checking for sendmail" >&5
+echo "configure:4641: checking for sendmail" >&5
if test -f "/usr/sbin/sendmail"; then
echo "$ac_t""/usr/sbin/sendmail" 1>&6
cat >> confdefs.h <<\EOF
fi
if test -z "$with_editor"; then
echo $ac_n "checking for vi""... $ac_c" 1>&6
-echo "configure:4673: checking for vi" >&5
+echo "configure:4685: checking for vi" >&5
if test -f "/usr/bin/vi"; then
echo "$ac_t""/usr/bin/vi" 1>&6
cat >> confdefs.h <<\EOF
fi
echo $ac_n "checking for ANSI C header files""... $ac_c" 1>&6
-echo "configure:4710: checking for ANSI C header files" >&5
+echo "configure:4722: checking for ANSI C header files" >&5
if eval "test \"`echo '$''{'ac_cv_header_stdc'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 4715 "configure"
+#line 4727 "configure"
#include "confdefs.h"
#include <stdlib.h>
#include <stdarg.h>
#include <float.h>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:4723: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:4735: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out`
if test -z "$ac_err"; then
rm -rf conftest*
if test $ac_cv_header_stdc = yes; then
# SunOS 4.x string.h does not declare mem*, contrary to ANSI.
cat > conftest.$ac_ext <<EOF
-#line 4740 "configure"
+#line 4752 "configure"
#include "confdefs.h"
#include <string.h>
EOF
if test $ac_cv_header_stdc = yes; then
# ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI.
cat > conftest.$ac_ext <<EOF
-#line 4758 "configure"
+#line 4770 "configure"
#include "confdefs.h"
#include <stdlib.h>
EOF
:
else
cat > conftest.$ac_ext <<EOF
-#line 4779 "configure"
+#line 4791 "configure"
#include "confdefs.h"
#include <ctype.h>
#define ISLOWER(c) ('a' <= (c) && (c) <= 'z')
exit (0); }
EOF
-if { (eval echo configure:4790: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:4802: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
then
:
else
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr that defines DIR""... $ac_c" 1>&6
-echo "configure:4818: checking for $ac_hdr that defines DIR" >&5
+echo "configure:4830: checking for $ac_hdr that defines DIR" >&5
if eval "test \"`echo '$''{'ac_cv_header_dirent_$ac_safe'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 4823 "configure"
+#line 4835 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <$ac_hdr>
DIR *dirp = 0;
; return 0; }
EOF
-if { (eval echo configure:4831: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:4843: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
eval "ac_cv_header_dirent_$ac_safe=yes"
else
# Two versions of opendir et al. are in -ldir and -lx on SCO Xenix.
if test $ac_header_dirent = dirent.h; then
echo $ac_n "checking for opendir in -ldir""... $ac_c" 1>&6
-echo "configure:4856: checking for opendir in -ldir" >&5
+echo "configure:4868: checking for opendir in -ldir" >&5
if test -n ""; then
ac_lib_var=`echo dir'_'opendir | sed 'y% ./+-%___p_%'`
else
ac_save_LIBS="$LIBS"
LIBS="-ldir $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 4868 "configure"
+#line 4880 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
opendir()
; return 0; }
EOF
-if { (eval echo configure:4879: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:4891: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
else
echo $ac_n "checking for opendir in -lx""... $ac_c" 1>&6
-echo "configure:4901: checking for opendir in -lx" >&5
+echo "configure:4913: checking for opendir in -lx" >&5
if test -n ""; then
ac_lib_var=`echo x'_'opendir | sed 'y% ./+-%___p_%'`
else
ac_save_LIBS="$LIBS"
LIBS="-lx $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 4913 "configure"
+#line 4925 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
opendir()
; return 0; }
EOF
-if { (eval echo configure:4924: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:4936: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:4950: checking for $ac_hdr" >&5
+echo "configure:4962: checking for $ac_hdr" >&5
if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 4955 "configure"
+#line 4967 "configure"
#include "confdefs.h"
#include <$ac_hdr>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:4960: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:4972: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out`
if test -z "$ac_err"; then
rm -rf conftest*
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:4991: checking for $ac_hdr" >&5
+echo "configure:5003: checking for $ac_hdr" >&5
if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 4996 "configure"
+#line 5008 "configure"
#include "confdefs.h"
#include <$ac_hdr>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:5001: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:5013: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out`
if test -z "$ac_err"; then
rm -rf conftest*
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:5031: checking for $ac_hdr" >&5
+echo "configure:5043: checking for $ac_hdr" >&5
if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 5036 "configure"
+#line 5048 "configure"
#include "confdefs.h"
#include <$ac_hdr>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:5041: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:5053: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out`
if test -z "$ac_err"; then
rm -rf conftest*
for ac_func in tcgetattr
do
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:5064: checking for $ac_func" >&5
+echo "configure:5076: checking for $ac_func" >&5
if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 5069 "configure"
+#line 5081 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char $ac_func(); below. */
; return 0; }
EOF
-if { (eval echo configure:5092: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:5104: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_func_$ac_func=yes"
else
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:5127: checking for $ac_hdr" >&5
+echo "configure:5139: checking for $ac_hdr" >&5
if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 5132 "configure"
+#line 5144 "configure"
#include "confdefs.h"
#include <$ac_hdr>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:5137: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:5149: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out`
if test -z "$ac_err"; then
rm -rf conftest*
if test "$with_bsdauth" = "yes"; then
ac_safe=`echo "bsd_auth.h" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for bsd_auth.h""... $ac_c" 1>&6
-echo "configure:5167: checking for bsd_auth.h" >&5
+echo "configure:5179: checking for bsd_auth.h" >&5
if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 5172 "configure"
+#line 5184 "configure"
#include "confdefs.h"
#include <bsd_auth.h>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:5177: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:5189: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out`
if test -z "$ac_err"; then
rm -rf conftest*
fi
echo $ac_n "checking for mode_t""... $ac_c" 1>&6
-echo "configure:5203: checking for mode_t" >&5
+echo "configure:5215: checking for mode_t" >&5
if eval "test \"`echo '$''{'ac_cv_type_mode_t'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 5208 "configure"
+#line 5220 "configure"
#include "confdefs.h"
#include <sys/types.h>
#if STDC_HEADERS
fi
echo $ac_n "checking for uid_t in sys/types.h""... $ac_c" 1>&6
-echo "configure:5236: checking for uid_t in sys/types.h" >&5
+echo "configure:5248: checking for uid_t in sys/types.h" >&5
if eval "test \"`echo '$''{'ac_cv_type_uid_t'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 5241 "configure"
+#line 5253 "configure"
#include "confdefs.h"
#include <sys/types.h>
EOF
fi
echo $ac_n "checking for size_t""... $ac_c" 1>&6
-echo "configure:5270: checking for size_t" >&5
+echo "configure:5282: checking for size_t" >&5
if eval "test \"`echo '$''{'sudo_cv_type_size_t'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 5275 "configure"
+#line 5287 "configure"
#include "confdefs.h"
#include <sys/types.h>
#if STDC_HEADERS
fi
echo $ac_n "checking for ssize_t""... $ac_c" 1>&6
-echo "configure:5305: checking for ssize_t" >&5
+echo "configure:5317: checking for ssize_t" >&5
if eval "test \"`echo '$''{'sudo_cv_type_ssize_t'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 5310 "configure"
+#line 5322 "configure"
#include "confdefs.h"
#include <sys/types.h>
#if STDC_HEADERS
fi
echo $ac_n "checking for dev_t""... $ac_c" 1>&6
-echo "configure:5340: checking for dev_t" >&5
+echo "configure:5352: checking for dev_t" >&5
if eval "test \"`echo '$''{'sudo_cv_type_dev_t'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 5345 "configure"
+#line 5357 "configure"
#include "confdefs.h"
#include <sys/types.h>
#if STDC_HEADERS
fi
echo $ac_n "checking for ino_t""... $ac_c" 1>&6
-echo "configure:5375: checking for ino_t" >&5
+echo "configure:5387: checking for ino_t" >&5
if eval "test \"`echo '$''{'sudo_cv_type_ino_t'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 5380 "configure"
+#line 5392 "configure"
#include "confdefs.h"
#include <sys/types.h>
#if STDC_HEADERS
fi
echo $ac_n "checking for full void implementation""... $ac_c" 1>&6
-echo "configure:5410: checking for full void implementation" >&5
+echo "configure:5422: checking for full void implementation" >&5
cat > conftest.$ac_ext <<EOF
-#line 5412 "configure"
+#line 5424 "configure"
#include "confdefs.h"
int main() {
foo = (void *)0; (void *)"test";
; return 0; }
EOF
-if { (eval echo configure:5420: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:5432: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
cat >> confdefs.h <<\EOF
#define VOID void
rm -f conftest*
echo $ac_n "checking max length of uid_t""... $ac_c" 1>&6
-echo "configure:5440: checking max length of uid_t" >&5
+echo "configure:5452: checking max length of uid_t" >&5
if eval "test \"`echo '$''{'sudo_cv_uid_t_len'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
{ echo "configure: error: can not run test program while cross compiling" 1>&2; exit 1; }
else
cat > conftest.$ac_ext <<EOF
-#line 5449 "configure"
+#line 5461 "configure"
#include "confdefs.h"
#include <stdio.h>
#include <pwd.h>
exit(0);
}
EOF
-if { (eval echo configure:5470: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:5482: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
then
sudo_cv_uid_t_len=`cat conftestdata`
else
echo $ac_n "checking for long long support""... $ac_c" 1>&6
-echo "configure:5493: checking for long long support" >&5
+echo "configure:5505: checking for long long support" >&5
cat > conftest.$ac_ext <<EOF
-#line 5495 "configure"
+#line 5507 "configure"
#include "confdefs.h"
int main() {
long long foo = 1000; foo /= 10;
; return 0; }
EOF
-if { (eval echo configure:5502: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:5514: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
cat >> confdefs.h <<\EOF
#define HAVE_LONG_LONG 1
{ echo "configure: error: can not run test program while cross compiling" 1>&2; exit 1; }
else
cat > conftest.$ac_ext <<EOF
-#line 5512 "configure"
+#line 5524 "configure"
#include "confdefs.h"
main() {if (sizeof(long long) == sizeof(long)) exit(0); else exit(1);}
EOF
-if { (eval echo configure:5516: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:5528: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
then
cat >> confdefs.h <<\EOF
#define LONG_IS_QUAD 1
fi
rm -f conftest*
echo $ac_n "checking for sa_len field in struct sockaddr""... $ac_c" 1>&6
-echo "configure:5538: checking for sa_len field in struct sockaddr" >&5
+echo "configure:5550: checking for sa_len field in struct sockaddr" >&5
if eval "test \"`echo '$''{'sudo_cv_sock_sa_len'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
sudo_cv_sock_sa_len=no
else
cat > conftest.$ac_ext <<EOF
-#line 5546 "configure"
+#line 5558 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <sys/socket.h>
exit(0);
}
EOF
-if { (eval echo configure:5556: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:5568: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
then
sudo_cv_sock_sa_len=yes
else
case "$DEFS" in
*"RETSIGTYPE"*) ;;
*) echo $ac_n "checking return type of signal handlers""... $ac_c" 1>&6
-echo "configure:5581: checking return type of signal handlers" >&5
+echo "configure:5593: checking return type of signal handlers" >&5
if eval "test \"`echo '$''{'ac_cv_type_signal'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 5586 "configure"
+#line 5598 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <signal.h>
int i;
; return 0; }
EOF
-if { (eval echo configure:5603: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:5615: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
ac_cv_type_signal=void
else
for ac_func in strchr strrchr memchr memcpy memset sysconf sigaction tzset seteuid strftime setrlimit initgroups fstat
do
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:5625: checking for $ac_func" >&5
+echo "configure:5637: checking for $ac_func" >&5
+if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
+ echo $ac_n "(cached) $ac_c" 1>&6
+else
+ cat > conftest.$ac_ext <<EOF
+#line 5642 "configure"
+#include "confdefs.h"
+/* System header to define __stub macros and hopefully few prototypes,
+ which can conflict with char $ac_func(); below. */
+#include <assert.h>
+/* Override any gcc2 internal prototype to avoid an error. */
+/* We use char because int might match the return type of a gcc2
+ builtin and then its argument prototype would still apply. */
+char $ac_func();
+
+int main() {
+
+/* The GNU C library defines this for functions which it implements
+ to always fail with ENOSYS. Some functions are actually named
+ something starting with __ and the normal name is an alias. */
+#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
+choke me
+#else
+$ac_func();
+#endif
+
+; return 0; }
+EOF
+if { (eval echo configure:5665: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+ rm -rf conftest*
+ eval "ac_cv_func_$ac_func=yes"
+else
+ echo "configure: failed program was:" >&5
+ cat conftest.$ac_ext >&5
+ rm -rf conftest*
+ eval "ac_cv_func_$ac_func=no"
+fi
+rm -f conftest*
+fi
+
+if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
+ echo "$ac_t""yes" 1>&6
+ ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
+ cat >> confdefs.h <<EOF
+#define $ac_tr_func 1
+EOF
+
+else
+ echo "$ac_t""no" 1>&6
+fi
+done
+
+if test -z "$BROKEN_SETREUID"; then
+ for ac_func in setreuid
+do
+echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
+echo "configure:5693: checking for $ac_func" >&5
if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 5630 "configure"
+#line 5698 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char $ac_func(); below. */
; return 0; }
EOF
-if { (eval echo configure:5653: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:5721: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_func_$ac_func=yes"
else
fi
done
+fi
if test X"$with_interfaces" != X"no"; then
for ac_func in getifaddrs
do
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:5681: checking for $ac_func" >&5
+echo "configure:5750: checking for $ac_func" >&5
if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 5686 "configure"
+#line 5755 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char $ac_func(); below. */
; return 0; }
EOF
-if { (eval echo configure:5709: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:5778: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_func_$ac_func=yes"
else
for ac_func in bigcrypt
do
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:5738: checking for $ac_func" >&5
+echo "configure:5807: checking for $ac_func" >&5
if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 5743 "configure"
+#line 5812 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char $ac_func(); below. */
; return 0; }
EOF
-if { (eval echo configure:5766: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:5835: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_func_$ac_func=yes"
else
for ac_func in set_auth_parameters
do
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:5793: checking for $ac_func" >&5
+echo "configure:5862: checking for $ac_func" >&5
if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 5798 "configure"
+#line 5867 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char $ac_func(); below. */
; return 0; }
EOF
-if { (eval echo configure:5821: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:5890: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_func_$ac_func=yes"
else
for ac_func in initprivs
do
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:5848: checking for $ac_func" >&5
+echo "configure:5917: checking for $ac_func" >&5
if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 5853 "configure"
+#line 5922 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char $ac_func(); below. */
; return 0; }
EOF
-if { (eval echo configure:5876: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:5945: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_func_$ac_func=yes"
else
fi
if test -z "$BROKEN_GETCWD"; then
echo $ac_n "checking for getcwd""... $ac_c" 1>&6
-echo "configure:5903: checking for getcwd" >&5
+echo "configure:5972: checking for getcwd" >&5
if eval "test \"`echo '$''{'ac_cv_func_getcwd'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 5908 "configure"
+#line 5977 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char getcwd(); below. */
; return 0; }
EOF
-if { (eval echo configure:5931: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:6000: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_func_getcwd=yes"
else
fi
echo $ac_n "checking for lockf""... $ac_c" 1>&6
-echo "configure:5956: checking for lockf" >&5
+echo "configure:6025: checking for lockf" >&5
if eval "test \"`echo '$''{'ac_cv_func_lockf'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 5961 "configure"
+#line 6030 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char lockf(); below. */
; return 0; }
EOF
-if { (eval echo configure:5984: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:6053: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_func_lockf=yes"
else
for ac_func in flock
do
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:6007: checking for $ac_func" >&5
+echo "configure:6076: checking for $ac_func" >&5
if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 6012 "configure"
+#line 6081 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char $ac_func(); below. */
; return 0; }
EOF
-if { (eval echo configure:6035: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:6104: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_func_$ac_func=yes"
else
fi
echo $ac_n "checking for waitpid""... $ac_c" 1>&6
-echo "configure:6062: checking for waitpid" >&5
+echo "configure:6131: checking for waitpid" >&5
if eval "test \"`echo '$''{'ac_cv_func_waitpid'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 6067 "configure"
+#line 6136 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char waitpid(); below. */
; return 0; }
EOF
-if { (eval echo configure:6090: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:6159: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_func_waitpid=yes"
else
for ac_func in wait3
do
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:6113: checking for $ac_func" >&5
+echo "configure:6182: checking for $ac_func" >&5
if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 6118 "configure"
+#line 6187 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char $ac_func(); below. */
; return 0; }
EOF
-if { (eval echo configure:6141: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:6210: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_func_$ac_func=yes"
else
fi
echo $ac_n "checking for innetgr""... $ac_c" 1>&6
-echo "configure:6168: checking for innetgr" >&5
+echo "configure:6237: checking for innetgr" >&5
if eval "test \"`echo '$''{'ac_cv_func_innetgr'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 6173 "configure"
+#line 6242 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char innetgr(); below. */
; return 0; }
EOF
-if { (eval echo configure:6196: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:6265: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_func_innetgr=yes"
else
for ac_func in getdomainname
do
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:6216: checking for $ac_func" >&5
+echo "configure:6285: checking for $ac_func" >&5
if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 6221 "configure"
+#line 6290 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char $ac_func(); below. */
; return 0; }
EOF
-if { (eval echo configure:6244: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:6313: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_func_$ac_func=yes"
else
else
echo "$ac_t""no" 1>&6
echo $ac_n "checking for _innetgr""... $ac_c" 1>&6
-echo "configure:6271: checking for _innetgr" >&5
+echo "configure:6340: checking for _innetgr" >&5
if eval "test \"`echo '$''{'ac_cv_func__innetgr'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 6276 "configure"
+#line 6345 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char _innetgr(); below. */
; return 0; }
EOF
-if { (eval echo configure:6299: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:6368: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_func__innetgr=yes"
else
for ac_func in getdomainname
do
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:6319: checking for $ac_func" >&5
+echo "configure:6388: checking for $ac_func" >&5
if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 6324 "configure"
+#line 6393 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char $ac_func(); below. */
; return 0; }
EOF
-if { (eval echo configure:6347: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:6416: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_func_$ac_func=yes"
else
fi
echo $ac_n "checking for lsearch""... $ac_c" 1>&6
-echo "configure:6378: checking for lsearch" >&5
+echo "configure:6447: checking for lsearch" >&5
if eval "test \"`echo '$''{'ac_cv_func_lsearch'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 6383 "configure"
+#line 6452 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char lsearch(); below. */
; return 0; }
EOF
-if { (eval echo configure:6406: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:6475: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_func_lsearch=yes"
else
else
echo "$ac_t""no" 1>&6
echo $ac_n "checking for lsearch in -lcompat""... $ac_c" 1>&6
-echo "configure:6427: checking for lsearch in -lcompat" >&5
+echo "configure:6496: checking for lsearch in -lcompat" >&5
if test -n ""; then
ac_lib_var=`echo compat'_'lsearch | sed 'y% ./+-%___p_%'`
else
ac_save_LIBS="$LIBS"
LIBS="-lcompat $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 6439 "configure"
+#line 6508 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
lsearch()
; return 0; }
EOF
-if { (eval echo configure:6450: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:6519: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
echo "$ac_t""yes" 1>&6
ac_safe=`echo "search.h" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for search.h""... $ac_c" 1>&6
-echo "configure:6467: checking for search.h" >&5
+echo "configure:6536: checking for search.h" >&5
if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 6472 "configure"
+#line 6541 "configure"
#include "confdefs.h"
#include <search.h>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:6477: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:6546: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out`
if test -z "$ac_err"; then
rm -rf conftest*
fi
-echo $ac_n "checking for setenv""... $ac_c" 1>&6
-echo "configure:6510: checking for setenv" >&5
-if eval "test \"`echo '$''{'ac_cv_func_setenv'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- cat > conftest.$ac_ext <<EOF
-#line 6515 "configure"
-#include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
- which can conflict with char setenv(); below. */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error. */
-/* We use char because int might match the return type of a gcc2
- builtin and then its argument prototype would still apply. */
-char setenv();
-
-int main() {
-
-/* The GNU C library defines this for functions which it implements
- to always fail with ENOSYS. Some functions are actually named
- something starting with __ and the normal name is an alias. */
-#if defined (__stub_setenv) || defined (__stub___setenv)
-choke me
-#else
-setenv();
-#endif
-
-; return 0; }
-EOF
-if { (eval echo configure:6538: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
- rm -rf conftest*
- eval "ac_cv_func_setenv=yes"
-else
- echo "configure: failed program was:" >&5
- cat conftest.$ac_ext >&5
- rm -rf conftest*
- eval "ac_cv_func_setenv=no"
-fi
-rm -f conftest*
-fi
-
-if eval "test \"`echo '$ac_cv_func_'setenv`\" = yes"; then
- echo "$ac_t""yes" 1>&6
- cat >> confdefs.h <<\EOF
-#define HAVE_SETENV 1
-EOF
-
-else
- echo "$ac_t""no" 1>&6
-echo $ac_n "checking for putenv""... $ac_c" 1>&6
-echo "configure:6559: checking for putenv" >&5
-if eval "test \"`echo '$''{'ac_cv_func_putenv'+set}'`\" = set"; then
- echo $ac_n "(cached) $ac_c" 1>&6
-else
- cat > conftest.$ac_ext <<EOF
-#line 6564 "configure"
-#include "confdefs.h"
-/* System header to define __stub macros and hopefully few prototypes,
- which can conflict with char putenv(); below. */
-#include <assert.h>
-/* Override any gcc2 internal prototype to avoid an error. */
-/* We use char because int might match the return type of a gcc2
- builtin and then its argument prototype would still apply. */
-char putenv();
-
-int main() {
-
-/* The GNU C library defines this for functions which it implements
- to always fail with ENOSYS. Some functions are actually named
- something starting with __ and the normal name is an alias. */
-#if defined (__stub_putenv) || defined (__stub___putenv)
-choke me
-#else
-putenv();
-#endif
-
-; return 0; }
-EOF
-if { (eval echo configure:6587: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
- rm -rf conftest*
- eval "ac_cv_func_putenv=yes"
-else
- echo "configure: failed program was:" >&5
- cat conftest.$ac_ext >&5
- rm -rf conftest*
- eval "ac_cv_func_putenv=no"
-fi
-rm -f conftest*
-fi
-
-if eval "test \"`echo '$ac_cv_func_'putenv`\" = yes"; then
- echo "$ac_t""yes" 1>&6
- cat >> confdefs.h <<\EOF
-#define HAVE_PUTENV 1
-EOF
-
-else
- echo "$ac_t""no" 1>&6
-LIBOBJS="$LIBOBJS putenv.o"
-fi
-
-fi
-
echo $ac_n "checking for utime""... $ac_c" 1>&6
-echo "configure:6613: checking for utime" >&5
+echo "configure:6579: checking for utime" >&5
if eval "test \"`echo '$''{'ac_cv_func_utime'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 6618 "configure"
+#line 6584 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char utime(); below. */
; return 0; }
EOF
-if { (eval echo configure:6641: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:6607: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_func_utime=yes"
else
EOF
echo $ac_n "checking for POSIX utime""... $ac_c" 1>&6
-echo "configure:6660: checking for POSIX utime" >&5
+echo "configure:6626: checking for POSIX utime" >&5
if eval "test \"`echo '$''{'sudo_cv_func_utime_posix'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
sudo_cv_func_utime_posix=no
else
cat > conftest.$ac_ext <<EOF
-#line 6669 "configure"
+#line 6635 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <sys/time.h>
exit(0);
}
EOF
-if { (eval echo configure:6681: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:6647: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
then
sudo_cv_func_utime_posix=yes
else
fi
echo $ac_n "checking for working fnmatch with FNM_CASEFOLD""... $ac_c" 1>&6
-echo "configure:6709: checking for working fnmatch with FNM_CASEFOLD" >&5
+echo "configure:6675: checking for working fnmatch with FNM_CASEFOLD" >&5
if eval "test \"`echo '$''{'sudo_cv_func_fnmatch'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
sudo_cv_func_fnmatch=no
else
cat > conftest.$ac_ext <<EOF
-#line 6718 "configure"
+#line 6684 "configure"
#include "confdefs.h"
#include <fnmatch.h>
main() { exit(fnmatch("/*/bin/echo *", "/usr/bin/echo just a test", FNM_CASEFOLD)); }
EOF
-if { (eval echo configure:6724: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:6690: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
then
sudo_cv_func_fnmatch=yes
else
for ac_func in strerror strcasecmp
do
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:6751: checking for $ac_func" >&5
+echo "configure:6717: checking for $ac_func" >&5
if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 6756 "configure"
+#line 6722 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char $ac_func(); below. */
; return 0; }
EOF
-if { (eval echo configure:6779: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:6745: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_func_$ac_func=yes"
else
echo $ac_n "checking for snprintf""... $ac_c" 1>&6
-echo "configure:6806: checking for snprintf" >&5
+echo "configure:6772: checking for snprintf" >&5
if eval "test \"`echo '$''{'ac_cv_func_snprintf'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 6811 "configure"
+#line 6777 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char snprintf(); below. */
; return 0; }
EOF
-if { (eval echo configure:6834: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:6800: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_func_snprintf=yes"
else
fi
echo $ac_n "checking for vsnprintf""... $ac_c" 1>&6
-echo "configure:6858: checking for vsnprintf" >&5
+echo "configure:6824: checking for vsnprintf" >&5
if eval "test \"`echo '$''{'ac_cv_func_vsnprintf'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 6863 "configure"
+#line 6829 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char vsnprintf(); below. */
; return 0; }
EOF
-if { (eval echo configure:6886: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:6852: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_func_vsnprintf=yes"
else
fi
echo $ac_n "checking for asprintf""... $ac_c" 1>&6
-echo "configure:6910: checking for asprintf" >&5
+echo "configure:6876: checking for asprintf" >&5
if eval "test \"`echo '$''{'ac_cv_func_asprintf'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 6915 "configure"
+#line 6881 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char asprintf(); below. */
; return 0; }
EOF
-if { (eval echo configure:6938: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:6904: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_func_asprintf=yes"
else
fi
echo $ac_n "checking for vasprintf""... $ac_c" 1>&6
-echo "configure:6962: checking for vasprintf" >&5
+echo "configure:6928: checking for vasprintf" >&5
if eval "test \"`echo '$''{'ac_cv_func_vasprintf'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 6967 "configure"
+#line 6933 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char vasprintf(); below. */
; return 0; }
EOF
-if { (eval echo configure:6990: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:6956: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_func_vasprintf=yes"
else
fi
if test -z "$LIB_CRYPT"; then
echo $ac_n "checking for crypt""... $ac_c" 1>&6
-echo "configure:7018: checking for crypt" >&5
+echo "configure:6984: checking for crypt" >&5
if eval "test \"`echo '$''{'ac_cv_func_crypt'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 7023 "configure"
+#line 6989 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char crypt(); below. */
; return 0; }
EOF
-if { (eval echo configure:7046: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:7012: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_func_crypt=yes"
else
else
echo "$ac_t""no" 1>&6
echo $ac_n "checking for crypt in -lcrypt""... $ac_c" 1>&6
-echo "configure:7064: checking for crypt in -lcrypt" >&5
+echo "configure:7030: checking for crypt in -lcrypt" >&5
if test -n ""; then
ac_lib_var=`echo crypt'_'crypt | sed 'y% ./+-%___p_%'`
else
ac_save_LIBS="$LIBS"
LIBS="-lcrypt $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 7076 "configure"
+#line 7042 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
crypt()
; return 0; }
EOF
-if { (eval echo configure:7087: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:7053: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
else
echo "$ac_t""no" 1>&6
echo $ac_n "checking for crypt in -lcrypt_d""... $ac_c" 1>&6
-echo "configure:7106: checking for crypt in -lcrypt_d" >&5
+echo "configure:7072: checking for crypt in -lcrypt_d" >&5
if test -n ""; then
ac_lib_var=`echo crypt_d'_'crypt | sed 'y% ./+-%___p_%'`
else
ac_save_LIBS="$LIBS"
LIBS="-lcrypt_d $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 7118 "configure"
+#line 7084 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
crypt()
; return 0; }
EOF
-if { (eval echo configure:7129: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:7095: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
else
echo "$ac_t""no" 1>&6
echo $ac_n "checking for crypt in -lufc""... $ac_c" 1>&6
-echo "configure:7148: checking for crypt in -lufc" >&5
+echo "configure:7114: checking for crypt in -lufc" >&5
if test -n ""; then
ac_lib_var=`echo ufc'_'crypt | sed 'y% ./+-%___p_%'`
else
ac_save_LIBS="$LIBS"
LIBS="-lufc $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 7160 "configure"
+#line 7126 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
crypt()
; return 0; }
EOF
-if { (eval echo configure:7171: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:7137: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
fi
echo $ac_n "checking for socket""... $ac_c" 1>&6
-echo "configure:7199: checking for socket" >&5
+echo "configure:7165: checking for socket" >&5
if eval "test \"`echo '$''{'ac_cv_func_socket'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 7204 "configure"
+#line 7170 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char socket(); below. */
; return 0; }
EOF
-if { (eval echo configure:7227: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:7193: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_func_socket=yes"
else
else
echo "$ac_t""no" 1>&6
echo $ac_n "checking for socket in -lsocket""... $ac_c" 1>&6
-echo "configure:7245: checking for socket in -lsocket" >&5
+echo "configure:7211: checking for socket in -lsocket" >&5
if test -n ""; then
ac_lib_var=`echo socket'_'socket | sed 'y% ./+-%___p_%'`
else
ac_save_LIBS="$LIBS"
LIBS="-lsocket $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 7257 "configure"
+#line 7223 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
socket()
; return 0; }
EOF
-if { (eval echo configure:7268: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:7234: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
else
echo "$ac_t""no" 1>&6
echo $ac_n "checking for socket in -linet""... $ac_c" 1>&6
-echo "configure:7287: checking for socket in -linet" >&5
+echo "configure:7253: checking for socket in -linet" >&5
if test -n ""; then
ac_lib_var=`echo inet'_'socket | sed 'y% ./+-%___p_%'`
else
ac_save_LIBS="$LIBS"
LIBS="-linet $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 7299 "configure"
+#line 7265 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
socket()
; return 0; }
EOF
-if { (eval echo configure:7310: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:7276: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
echo "$ac_t""no" 1>&6
echo "configure: warning: unable to find socket() trying -lsocket -lnsl" 1>&2
echo $ac_n "checking for socket in -lsocket""... $ac_c" 1>&6
-echo "configure:7330: checking for socket in -lsocket" >&5
+echo "configure:7296: checking for socket in -lsocket" >&5
if test -n "-lnsl"; then
ac_lib_var=`echo socket'_'socket-lnsl | sed 'y% ./+-%___p_%'`
else
ac_save_LIBS="$LIBS"
LIBS="-lsocket -lnsl $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 7342 "configure"
+#line 7308 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
socket()
; return 0; }
EOF
-if { (eval echo configure:7353: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:7319: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
fi
echo $ac_n "checking for inet_addr""... $ac_c" 1>&6
-echo "configure:7380: checking for inet_addr" >&5
+echo "configure:7346: checking for inet_addr" >&5
if eval "test \"`echo '$''{'ac_cv_func_inet_addr'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 7385 "configure"
+#line 7351 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char inet_addr(); below. */
; return 0; }
EOF
-if { (eval echo configure:7408: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:7374: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_func_inet_addr=yes"
else
else
echo "$ac_t""no" 1>&6
echo $ac_n "checking for __inet_addr""... $ac_c" 1>&6
-echo "configure:7426: checking for __inet_addr" >&5
+echo "configure:7392: checking for __inet_addr" >&5
if eval "test \"`echo '$''{'ac_cv_func___inet_addr'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 7431 "configure"
+#line 7397 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char __inet_addr(); below. */
; return 0; }
EOF
-if { (eval echo configure:7454: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:7420: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_func___inet_addr=yes"
else
else
echo "$ac_t""no" 1>&6
echo $ac_n "checking for inet_addr in -lnsl""... $ac_c" 1>&6
-echo "configure:7472: checking for inet_addr in -lnsl" >&5
+echo "configure:7438: checking for inet_addr in -lnsl" >&5
if test -n ""; then
ac_lib_var=`echo nsl'_'inet_addr | sed 'y% ./+-%___p_%'`
else
ac_save_LIBS="$LIBS"
LIBS="-lnsl $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 7484 "configure"
+#line 7450 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
inet_addr()
; return 0; }
EOF
-if { (eval echo configure:7495: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:7461: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
else
echo "$ac_t""no" 1>&6
echo $ac_n "checking for inet_addr in -linet""... $ac_c" 1>&6
-echo "configure:7514: checking for inet_addr in -linet" >&5
+echo "configure:7480: checking for inet_addr in -linet" >&5
if test -n ""; then
ac_lib_var=`echo inet'_'inet_addr | sed 'y% ./+-%___p_%'`
else
ac_save_LIBS="$LIBS"
LIBS="-linet $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 7526 "configure"
+#line 7492 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
inet_addr()
; return 0; }
EOF
-if { (eval echo configure:7537: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:7503: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
echo "$ac_t""no" 1>&6
echo "configure: warning: unable to find inet_addr() trying -lsocket -lnsl" 1>&2
echo $ac_n "checking for inet_addr in -lsocket""... $ac_c" 1>&6
-echo "configure:7557: checking for inet_addr in -lsocket" >&5
+echo "configure:7523: checking for inet_addr in -lsocket" >&5
if test -n "-lnsl"; then
ac_lib_var=`echo socket'_'inet_addr-lnsl | sed 'y% ./+-%___p_%'`
else
ac_save_LIBS="$LIBS"
LIBS="-lsocket -lnsl $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 7569 "configure"
+#line 7535 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
inet_addr()
; return 0; }
EOF
-if { (eval echo configure:7580: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:7546: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
fi
echo $ac_n "checking for syslog""... $ac_c" 1>&6
-echo "configure:7609: checking for syslog" >&5
+echo "configure:7575: checking for syslog" >&5
if eval "test \"`echo '$''{'ac_cv_func_syslog'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 7614 "configure"
+#line 7580 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char syslog(); below. */
; return 0; }
EOF
-if { (eval echo configure:7637: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:7603: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_func_syslog=yes"
else
else
echo "$ac_t""no" 1>&6
echo $ac_n "checking for syslog in -lsocket""... $ac_c" 1>&6
-echo "configure:7655: checking for syslog in -lsocket" >&5
+echo "configure:7621: checking for syslog in -lsocket" >&5
if test -n ""; then
ac_lib_var=`echo socket'_'syslog | sed 'y% ./+-%___p_%'`
else
ac_save_LIBS="$LIBS"
LIBS="-lsocket $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 7667 "configure"
+#line 7633 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
syslog()
; return 0; }
EOF
-if { (eval echo configure:7678: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:7644: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
else
echo "$ac_t""no" 1>&6
echo $ac_n "checking for syslog in -lnsl""... $ac_c" 1>&6
-echo "configure:7697: checking for syslog in -lnsl" >&5
+echo "configure:7663: checking for syslog in -lnsl" >&5
if test -n ""; then
ac_lib_var=`echo nsl'_'syslog | sed 'y% ./+-%___p_%'`
else
ac_save_LIBS="$LIBS"
LIBS="-lnsl $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 7709 "configure"
+#line 7675 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
syslog()
; return 0; }
EOF
-if { (eval echo configure:7720: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:7686: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
else
echo "$ac_t""no" 1>&6
echo $ac_n "checking for syslog in -linet""... $ac_c" 1>&6
-echo "configure:7739: checking for syslog in -linet" >&5
+echo "configure:7705: checking for syslog in -linet" >&5
if test -n ""; then
ac_lib_var=`echo inet'_'syslog | sed 'y% ./+-%___p_%'`
else
ac_save_LIBS="$LIBS"
LIBS="-linet $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 7751 "configure"
+#line 7717 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
syslog()
; return 0; }
EOF
-if { (eval echo configure:7762: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:7728: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
# The Ultrix 4.2 mips builtin alloca declared by alloca.h only works
# for constant arguments. Useless!
echo $ac_n "checking for working alloca.h""... $ac_c" 1>&6
-echo "configure:7792: checking for working alloca.h" >&5
+echo "configure:7758: checking for working alloca.h" >&5
if eval "test \"`echo '$''{'ac_cv_header_alloca_h'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 7797 "configure"
+#line 7763 "configure"
#include "confdefs.h"
#include <alloca.h>
int main() {
char *p = alloca(2 * sizeof(int));
; return 0; }
EOF
-if { (eval echo configure:7804: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:7770: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
ac_cv_header_alloca_h=yes
else
fi
echo $ac_n "checking for alloca""... $ac_c" 1>&6
-echo "configure:7825: checking for alloca" >&5
+echo "configure:7791: checking for alloca" >&5
if eval "test \"`echo '$''{'ac_cv_func_alloca_works'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 7830 "configure"
+#line 7796 "configure"
#include "confdefs.h"
#ifdef __GNUC__
char *p = (char *) alloca(1);
; return 0; }
EOF
-if { (eval echo configure:7853: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:7819: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
ac_cv_func_alloca_works=yes
else
echo $ac_n "checking whether alloca needs Cray hooks""... $ac_c" 1>&6
-echo "configure:7885: checking whether alloca needs Cray hooks" >&5
+echo "configure:7851: checking whether alloca needs Cray hooks" >&5
if eval "test \"`echo '$''{'ac_cv_os_cray'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 7890 "configure"
+#line 7856 "configure"
#include "confdefs.h"
#if defined(CRAY) && ! defined(CRAY2)
webecray
if test $ac_cv_os_cray = yes; then
for ac_func in _getb67 GETB67 getb67; do
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:7915: checking for $ac_func" >&5
+echo "configure:7881: checking for $ac_func" >&5
if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 7920 "configure"
+#line 7886 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char $ac_func(); below. */
; return 0; }
EOF
-if { (eval echo configure:7943: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:7909: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
eval "ac_cv_func_$ac_func=yes"
else
fi
echo $ac_n "checking stack direction for C alloca""... $ac_c" 1>&6
-echo "configure:7970: checking stack direction for C alloca" >&5
+echo "configure:7936: checking stack direction for C alloca" >&5
if eval "test \"`echo '$''{'ac_cv_c_stack_direction'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
ac_cv_c_stack_direction=0
else
cat > conftest.$ac_ext <<EOF
-#line 7978 "configure"
+#line 7944 "configure"
#include "confdefs.h"
find_stack_direction ()
{
exit (find_stack_direction() < 0);
}
EOF
-if { (eval echo configure:7997: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:7963: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
then
ac_cv_c_stack_direction=1
else
if test "$with_pam" = "yes"; then
echo $ac_n "checking for -ldl""... $ac_c" 1>&6
-echo "configure:8055: checking for -ldl" >&5
+echo "configure:8021: checking for -ldl" >&5
if eval "test \"`echo '$''{'ac_cv_lib_dl'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
ac_save_LIBS="$LIBS"
LIBS="-ldl $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 8062 "configure"
+#line 8028 "configure"
#include "confdefs.h"
int main() {
main()
; return 0; }
EOF
-if { (eval echo configure:8069: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:8035: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
ac_cv_lib_dl=yes
else
fi
echo $ac_n "checking for -ldes""... $ac_c" 1>&6
-echo "configure:8119: checking for -ldes" >&5
+echo "configure:8085: checking for -ldes" >&5
if eval "test \"`echo '$''{'ac_cv_lib_des'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
ac_save_LIBS="$LIBS"
LIBS="-ldes $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 8126 "configure"
+#line 8092 "configure"
#include "confdefs.h"
int main() {
main()
; return 0; }
EOF
-if { (eval echo configure:8133: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+if { (eval echo configure:8099: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
rm -rf conftest*
ac_cv_lib_des=yes
else
fi
echo $ac_n "checking for log file location""... $ac_c" 1>&6
-echo "configure:8252: checking for log file location" >&5
+echo "configure:8218: checking for log file location" >&5
if test -n "$with_logpath"; then
echo "$ac_t""$with_logpath" 1>&6
cat >> confdefs.h <<EOF
fi
echo $ac_n "checking for timestamp file location""... $ac_c" 1>&6
-echo "configure:8282: checking for timestamp file location" >&5
+echo "configure:8248: checking for timestamp file location" >&5
if test -n "$with_timedir"; then
echo "$ac_t""$with_timedir" 1>&6
cat >> confdefs.h <<EOF
CHECKSHADOW="false"
fi
;;
+ *-*-*openbsd*)
+ BROKEN_SETREUID=yes
+ if test "$CHECKSHADOW" = "true"; then
+ CHECKSHADOW="false"
+ fi
+ ;;
+ *-*-*netbsd*)
+ BROKEN_SETREUID=yes
+ if test "$CHECKSHADOW" = "true"; then
+ CHECKSHADOW="false"
+ fi
+ ;;
*-*-*bsd*)
if test "$CHECKSHADOW" = "true"; then
CHECKSHADOW="false"
dnl Function checks
dnl
AC_CHECK_FUNCS(strchr strrchr memchr memcpy memset sysconf sigaction tzset seteuid strftime setrlimit initgroups fstat)
+if test -z "$BROKEN_SETREUID"; then
+ AC_CHECK_FUNCS(setreuid)
+fi
if test X"$with_interfaces" != X"no"; then
AC_CHECK_FUNCS(getifaddrs)
fi
AC_CHECK_FUNC(waitpid, AC_DEFINE(HAVE_WAITPID), AC_CHECK_FUNCS(wait3))
AC_CHECK_FUNC(innetgr, AC_DEFINE(HAVE_INNETGR) AC_CHECK_FUNCS(getdomainname), [AC_CHECK_FUNC(_innetgr, AC_DEFINE(HAVE__INNETGR) AC_CHECK_FUNCS(getdomainname))])
AC_CHECK_FUNC(lsearch, AC_DEFINE(HAVE_LSEARCH), AC_CHECK_LIB(compat, lsearch, AC_CHECK_HEADER(search.h, AC_DEFINE(HAVE_LSEARCH) [LIBS="${LIBS} -lcompat"], LIBOBJS="$LIBOBJS lsearch.o"), LIBOBJS="$LIBOBJS lsearch.o"))
-AC_CHECK_FUNC(setenv, AC_DEFINE(HAVE_SETENV), AC_FUNC_CHECK(putenv, AC_DEFINE(HAVE_PUTENV), LIBOBJS="$LIBOBJS putenv.o"))
AC_CHECK_FUNC(utime, AC_DEFINE(HAVE_UTIME)
SUDO_FUNC_UTIME_POSIX, LIBOBJS="$LIBOBJS utime.o")
SUDO_FUNC_FNMATCH(AC_DEFINE(HAVE_FNMATCH), LIBOBJS="$LIBOBJS fnmatch.o")
}, {
"stay_setuid", T_FLAG,
"Only set the effective uid to the target user, not the real uid"
+ }, {
+ "env_reset", T_FLAG,
+ "Reset the environment to a default set of variables"
}, {
"loglinelen", T_INT|T_BOOL,
"Length at which to wrap log file lines (0 for no wrap): %d"
}, {
"editor", T_STR|T_PATH,
"Path to the editor for use by visudo: %s"
+ }, {
+ "env_keep", T_STR|T_BOOL,
+ "Environment variables to preserve: %s"
}, {
"listpw_i", T_INT, NULL
}, {
#define I_LOGINCLASS 29
#define I_LOGNAME 30
#define I_STAY_SETUID 31
+#define I_ENV_RESET 32
/* Integer values */
-#define I_LOGLEN 32 /* wrap log file line after N chars */
-#define I_TS_TIMEOUT 33 /* timestamp stale after N minutes */
-#define I_PW_TIMEOUT 34 /* exit if pass not entered in N minutes */
-#define I_PW_TRIES 35 /* exit after N bad password tries */
-#define I_UMASK 36 /* umask to use or 0777 to use user's */
+#define I_LOGLEN 33 /* wrap log file line after N chars */
+#define I_TS_TIMEOUT 34 /* timestamp stale after N minutes */
+#define I_PW_TIMEOUT 35 /* exit if pass not entered in N minutes */
+#define I_PW_TRIES 36 /* exit after N bad password tries */
+#define I_UMASK 37 /* umask to use or 0777 to use user's */
/* Strings */
-#define I_LOGFILE 37 /* path to logfile (or NULL for none) */
-#define I_MAILERPATH 38 /* path to sendmail or other mailer */
-#define I_MAILERFLAGS 39 /* flags to pass to the mailer */
-#define I_MAILTO 40 /* who to send bitch mail to */
-#define I_MAILSUB 41 /* subject line of mail msg */
-#define I_BADPASS_MSG 42 /* what to say when passwd is wrong */
-#define I_TIMESTAMPDIR 43 /* path to timestamp dir */
-#define I_EXEMPT_GRP 44 /* no password or PATH override for these */
-#define I_PASSPROMPT 45 /* password prompt */
-#define I_RUNAS_DEF 46 /* default user to run commands as */
-#define I_SECURE_PATH 47 /* set $PATH to this if not NULL */
-#define I_EDITOR 48 /* path to editor used by visudo */
+#define I_LOGFILE 38 /* path to logfile (or NULL for none) */
+#define I_MAILERPATH 39 /* path to sendmail or other mailer */
+#define I_MAILERFLAGS 40 /* flags to pass to the mailer */
+#define I_MAILTO 41 /* who to send bitch mail to */
+#define I_MAILSUB 42 /* subject line of mail msg */
+#define I_BADPASS_MSG 43 /* what to say when passwd is wrong */
+#define I_TIMESTAMPDIR 44 /* path to timestamp dir */
+#define I_EXEMPT_GRP 45 /* no password or PATH override for these */
+#define I_PASSPROMPT 46 /* password prompt */
+#define I_RUNAS_DEF 47 /* default user to run commands as */
+#define I_SECURE_PATH 48 /* set $PATH to this if not NULL */
+#define I_EDITOR 49 /* path to editor used by visudo */
+#define I_ENV_KEEP 50 /* list of env vars to preserve */
/* Integer versions of list/verify options */
-#define I_LISTPW 49
-#define I_VERIFYPW 50
+#define I_LISTPW 51
+#define I_VERIFYPW 52
/* String versions of list/verify options */
-#define I_LISTPWSTR 51
-#define I_VERIFYPWSTR 52
+#define I_LISTPWSTR 53
+#define I_VERIFYPWSTR 54
/*
* Macros for accessing sudo_defs_table.
--- /dev/null
+/*
+ * Copyright (c) 2000 Todd C. Miller <Todd.Miller@courtesan.com>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. The name of the author may not be used to endorse or promote products
+ * derived from this software without specific prior written permission.
+ *
+ * 4. Products derived from this software may not be called "Sudo" nor
+ * may "Sudo" appear in their names without specific prior written
+ * permission from the author.
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
+ * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+ * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "config.h"
+
+#include <stdio.h>
+#ifdef STDC_HEADERS
+#include <stdlib.h>
+#endif /* STDC_HEADERS */
+#ifdef HAVE_UNISTD_H
+#include <unistd.h>
+#endif /* HAVE_UNISTD_H */
+#ifdef HAVE_STRING_H
+#include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+#include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#include <pwd.h>
+#include <errno.h>
+#include <sys/types.h>
+#include <sys/param.h>
+#include <sys/stat.h>
+
+#include "sudo.h"
+
+#ifndef lint
+static const char rcsid[] = "$Sudo$";
+#endif /* lint */
+
+/*
+ * Local type declarations
+ */
+struct env_table {
+ char *name;
+ int len;
+ int check;
+};
+
+/*
+ * Prototypes
+ */
+char **rebuild_env __P((int, char **));
+char **zero_env __P((char **));
+static void insert_env __P((char **, char *));
+static char *format_env __P((char *, char *));
+
+/*
+ * Table of "bad" envariables to remove and len for strncmp()
+ */
+static struct env_table badenv_table[] = {
+ { "IFS=", 4, 0 },
+ { "LOCALDOMAIN=", 12, 0 },
+ { "RES_OPTIONS=", 12, 0 },
+ { "HOSTALIASES=", 12, 0 },
+ { "NLSPATH=", 8, 0 },
+ { "PATH_LOCALE=", 12, 0 },
+ { "LD_", 3, 0 },
+ { "_RLD", 4, 0 },
+#ifdef __hpux
+ { "SHLIB_PATH=", 11, 0 },
+#endif /* __hpux */
+#ifdef _AIX
+ { "LIBPATH=", 8, 0 },
+#endif /* _AIX */
+#ifdef HAVE_KERB4
+ { "KRB_CONF", 8, 0 },
+ { "KRBCONFDIR=", 11, 0 },
+ { "KRBTKFILE=", 10, 0 },
+#endif /* HAVE_KERB4 */
+#ifdef HAVE_KERB5
+ { "KRB5_CONFIG", 11, 0 },
+#endif /* HAVE_KERB5 */
+#ifdef HAVE_SECURID
+ { "VAR_ACE=", 8, 0 },
+ { "USR_ACE=", 8, 0 },
+ { "DLC_ACE=", 8, 0 },
+#endif /* HAVE_SECURID */
+ { "TERMINFO=", 9, 0 },
+ { "TERMINFO_DIRS=", 14, 0 },
+ { "TERMPATH=", 9, 0 },
+ { "TERMCAP=/", 9, 0 },
+ { "ENV=", 4, 0 },
+ { "BASH_ENV=", 9, 0 },
+ { "LC_", 3, 1 },
+ { "LANG=", 5, 1 },
+ { (char *) NULL, 0, 0 }
+};
+
+
+/*
+ * Zero out environment and replace with a minimal set of
+ * USER, LOGNAME, HOME, TZ, PATH (XXX - should just set path to default)
+ * May set user_path, user_shell, and/or user_prompt as side effects.
+ */
+char **
+zero_env(envp)
+ char **envp;
+{
+ char **ep, **nep;
+ static char *newenv[7];
+
+ for (ep = envp; *ep; ep++) {
+ switch (**ep) {
+ case 'H':
+ if (strncmp("HOME=", *ep, 5) == 0)
+ break;
+ case 'L':
+ if (strncmp("LOGNAME=", *ep, 8) == 0)
+ break;
+ case 'P':
+ if (strncmp("PATH=", *ep, 5) == 0) {
+ user_path = *ep + 5;
+ /* XXX - set to sane default instead of user's? */
+ break;
+ }
+ case 'S':
+ if (strncmp("SHELL=", *ep, 6) == 0) {
+ user_shell = *ep + 6;
+ continue;
+ } else if (!user_prompt && !strncmp("SUDO_PROMPT=", *ep, 12)) {
+ user_prompt = *ep + 12;
+ continue;
+ }
+ case 'T':
+ if (strncmp("TZ=", *ep, 3) == 0)
+ break;
+ case 'U':
+ if (strncmp("USER=", *ep, 5) == 0)
+ break;
+ default:
+ continue;
+ }
+
+ /* Deal with multiply defined variables (take first instantiation) */
+ for (nep = newenv; *nep; nep++) {
+ if (**nep == **ep)
+ break;
+ }
+ if (*nep == NULL)
+ *nep++ = *ep;
+ }
+ return(&newenv[0]);
+}
+
+/*
+ * Given a variable and value, allocate and format an environment string.
+ */
+static char *
+format_env(var, val)
+ char *var;
+ char *val;
+{
+ char *estring, *p;
+ size_t varlen, vallen;
+
+ varlen = strlen(var);
+ vallen = strlen(val);
+ p = estring = (char *) emalloc(varlen + vallen + 2);
+ strcpy(p, var);
+ p += varlen;
+ *p++ = '=';
+ strcpy(p, val);
+
+ return(estring);
+}
+
+/*
+ * Insert str into envp.
+ * Assumes str has an '=' in it and does not check for available space!
+ */
+static void
+insert_env(envp, str)
+ char **envp;
+ char *str;
+{
+ char **ep;
+ size_t varlen;
+
+ varlen = (strchr(str, '=') - str) + 1;
+
+ for (ep = envp; *ep; ep++) {
+ if (strncmp(str, *ep, varlen) == 0) {
+ *ep = str;
+ break;
+ }
+ }
+ if (*ep == NULL) {
+ *ep++ = str;
+ *ep = NULL;
+ }
+}
+
+/*
+ * Build a new environment and ether clear potentially dangerous
+ * variables from the old one or starts with a clean slate.
+ * Also adds sudo-specific variables (SUDO_*).
+ */
+char **
+rebuild_env(sudo_mode, envp)
+ int sudo_mode;
+ char **envp;
+{
+ char **newenvp, **ep, **nep, **ek, *cp;
+ char *ekflat, *ps1, **env_keep;
+ size_t env_size, eklen;
+ struct env_table *entry;
+
+ eklen = 0;
+ ekflat = ps1 = NULL;
+ env_keep = NULL;
+ if (def_str(I_ENV_KEEP)) {
+ /* XXX - start eklen at 1 instead? */
+ for (cp = def_str(I_ENV_KEEP), eklen = 2; *cp; cp++)
+ if (*cp == ' ' || *cp == '\t')
+ eklen++;
+ env_keep = emalloc(sizeof(char *) * eklen);
+ cp = ekflat = estrdup(def_str(I_ENV_KEEP));
+ eklen = 0;
+ if ((cp = strtok(cp, " \t"))) {
+ do {
+ /* XXX - hack due to assumption in rebuild_env */
+ if (strcmp("PATH", cp) && strcmp("TERM", cp))
+ env_keep[eklen++] = cp;
+ } while ((cp = strtok(NULL, " \t")));
+ }
+ env_keep[eklen] = NULL;
+ }
+
+ /*
+ * Either clean out the environment or reset to a safe default.
+ */
+ if (def_flag(I_ENV_RESET)) {
+ int didterm;
+
+ /* Alloc space for new environment. */
+ env_size = 32 + eklen;
+ nep = newenvp = (char **) emalloc(env_size * sizeof(char *));
+
+ /* XXX - set all to target user instead for -S */
+ *nep++ = format_env("HOME", user_dir);
+ *nep++ = format_env("SHELL", user_shell);
+ if (def_flag(I_LOGNAME) && runas_pw->pw_name) {
+ *nep++ = format_env("LOGNAME", runas_pw->pw_name);
+ *nep++ = format_env("USER", runas_pw->pw_name);
+ } else {
+ *nep++ = format_env("LOGNAME", user_name);
+ *nep++ = format_env("USER", user_name);
+ }
+
+ /* Pull in vars we want to keep from the old environment */
+ didterm = 0;
+ for (ep = envp; *ep; ep++) {
+ if (env_keep) {
+ for (ek = env_keep; *ek; ek++) {
+ eklen = strlen(*ek);
+ if (strncmp(*ek, *ep, eklen) == 0 && (*ep)[eklen] == '=') {
+ *nep++ = *ep;
+ break;
+ }
+ }
+ }
+
+ /* We assume PATH and TERM are not listed in env_keep. */
+ if (!def_str(I_SECURE_PATH) && strncmp(*ep, "PATH=", 5) == 0) {
+ *nep++ = *ep;
+ } else if (!didterm && strncmp(*ep, "TERM=", 5) == 0) {
+ *nep++ = *ep;
+ didterm = 1;
+ } else if (strncmp(*ep, "SUDO_PS1=", 8) == 0)
+ ps1 = *ep + 5;
+ }
+
+#if 0
+ /* XXX - set to _PATH_DEFPATH if no secure path? */
+ if (!def_str(I_SECURE_PATH))
+ *nep++ = "PATH" _PATH_DEFPATH); /* XXX - concat macro? */
+#endif
+ if (!didterm)
+ *nep++ = "TERM=unknown";
+ } else {
+ /* Alloc space for new environment. */
+ for (env_size = 16 + eklen, ep = envp; *ep; ep++, env_size++)
+ ;
+ nep = newenvp = (char **) emalloc(env_size * sizeof(char *));
+
+ /* Copy envp entries as long as they don't match badenv_table. */
+ for (ep = envp; *ep; ep++) {
+ for (entry = badenv_table; entry->name; entry++) {
+ if (strncmp(*ep, entry->name, entry->len) != 0 ||
+ (entry->check && !strpbrk(*ep, "/%"))) {
+ if (strncmp(*ep, "SUDO_PS1=", 9) == 0)
+ ps1 = *ep + 5;
+ *nep++ = *ep;
+ break;
+ }
+ }
+ }
+ }
+ *nep = NULL;
+
+ /*
+ * At this point we must use insert_env() to modify newenvp.
+ * Access via 'nep' is not allowed (since we must check for dupes).
+ */
+
+ /* Replace the PATH envariable with a secure one. */
+ if (def_str(I_SECURE_PATH) && !user_is_exempt())
+ insert_env(newenvp, format_env("PATH", def_str(I_SECURE_PATH)));
+
+ /* Set $HOME for `sudo -H'. Only valid at PERM_RUNAS. */
+ if ((sudo_mode & MODE_RESET_HOME) && runas_pw->pw_dir)
+ insert_env(newenvp, format_env("HOME", runas_pw->pw_dir));
+
+ /* Set PS1 if SUDO_PS1 is set. */
+ if (ps1)
+ insert_env(newenvp, ps1);
+
+ /* Add the SUDO_COMMAND envariable (cmnd + args). */
+ if (user_args) {
+ cp = emalloc(strlen(user_cmnd) + strlen(user_args) + 14);
+ sprintf(cp, "SUDO_COMMAND=%s %s", user_cmnd, user_args);
+ insert_env(newenvp, cp);
+ } else
+ insert_env(newenvp, format_env("SUDO_COMMAND", user_cmnd));
+
+ /* Add the SUDO_USER, SUDO_UID, SUDO_GID environment variables. */
+ insert_env(newenvp, format_env("SUDO_USER", user_name));
+ cp = emalloc(MAX_UID_T_LEN + 10);
+ sprintf(cp, "SUDO_UID=%ld", (long) user_uid);
+ insert_env(newenvp, cp);
+ cp = emalloc(MAX_UID_T_LEN + 10);
+ sprintf(cp, "SUDO_GID=%ld", (long) user_gid);
+ insert_env(newenvp, cp);
+
+ if (env_keep) {
+ free(env_keep);
+ free(ekflat);
+ }
+ return(newenvp);
+}
#include "sudo.h"
#ifndef STDC_HEADERS
-extern char *getenv __P((const char *));
extern char *strcpy __P((char *, const char *));
extern int fprintf __P((FILE *, const char *, ...));
extern ssize_t readlink __P((const char *, VOID *, size_t));
* but it is in '.' and IGNORE_DOT is set.
*/
int
-find_path(infile, outfile)
+find_path(infile, outfile, path)
char *infile; /* file to find */
char **outfile; /* result parameter */
+ char *path; /* path to search */
{
static char command[MAXPATHLEN]; /* qualified filename */
char *n; /* for traversing path */
- char *path = NULL; /* contents of PATH env var */
char *origpath; /* so we can free path later */
char *result = NULL; /* result of path/file lookup */
int checkdot = 0; /* check current dir? */
return(NOT_FOUND);
}
- /*
- * Grab PATH out of the environment (or from the string table
- * if SECURE_PATH is in effect) and make a local copy.
- */
+ /* Use PATH passed in unless SECURE_PATH is in effect. */
if (def_str(I_SECURE_PATH) && !user_is_exempt())
path = def_str(I_SECURE_PATH);
- else if ((path = getenv("PATH")) == NULL)
+ else if (path == NULL)
return(NOT_FOUND);
path = estrdup(path);
origpath = path;
static const char rcsid[] = "$Sudo$";
#endif /* lint */
-#ifndef STDC_HEADERS
-extern char *getenv __P((const char *));
-#endif /* !STDC_HEADERS */
-
/*
* Global variables (yuck)
*/
/*
- * Return the user's shell based on either the SHELL
- * environment variable or the passwd(5) entry (in that order).
+ * Return the user's shell based on either the SHELL environment variable
+ * (already assigned to user_shell) or, failing that, the passwd(5) entry.
*/
static char *
sudo_getshell(pw)
{
char *pw_shell;
- if ((pw_shell = getenv("SHELL")) == NULL)
+ if ((pw_shell = user_shell) == NULL)
pw_shell = pw->pw_shell;
-#ifdef _PATH_BSHELL
/* empty string "" means bourne shell */
if (*pw_shell == '\0')
pw_shell = _PATH_BSHELL;
-#endif /* _PATH_BSHELL */
return(pw_shell);
}
#endif /* lint */
/*
- * It might be better to use sysconf(_SC_SAVED_IDS) instead but
- * I'm * not aware of any system where this would be necessary.
+ * Prototypes
*/
-#ifdef _POSIX_SAVED_IDS
-# define TOGGLE_ROOT \
- if (seteuid(0)) { \
- log_error(NO_MAIL|USE_ERRNO|MSG_ONLY, \
- "seteuid(0)"); \
- }
-# define TOGGLE_USER \
- if (seteuid(user_uid)) { \
- log_error(NO_MAIL|USE_ERRNO|MSG_ONLY, \
- "seteuid(%ld)", (long) user_uid); \
- }
-#else
-# ifdef HAVE_SETREUID
-# define TOGGLE_ROOT \
- if (setreuid(user_uid, 0)) { \
- log_error(NO_MAIL|USE_ERRNO|MSG_ONLY, \
- "setreuid(%ld, 0)", (long) user_uid); \
- }
-# define TOGGLE_USER \
- if (setreuid(0, user_uid)) { \
- log_error(NO_MAIL|USE_ERRNO|MSG_ONLY, \
- "setreuid(0, %ld)", (long) user_uid); \
- }
-# else /* !_POSIX_SAVED_IDS && !HAVE_SETREUID */
-# define TOGGLE_ROOT \
- ;
-# define TOGGLE_USER \
- if (seteuid(user_uid)) { \
- log_error(NO_MAIL|USE_ERRNO|MSG_ONLY, \
- "seteuid(%ld)", (long) user_uid); \
- }
-# endif /* HAVE_SETREUID */
-#endif /* _POSIX_SAVED_IDS */
+static void runas_setup __P((void));
+static void fatal __P((char *));
/*
* Set real and effective uids and gids based on perm.
- * If we have POSIX saved IDs or setreuid(2) we can get away with only
+ * Since we have POSIX saved IDs we can get away with just
* toggling the effective uid/gid unless we are headed for an exec().
*/
void
-set_perms(perm, sudo_mode)
+set_perms_saved_uid(perm, sudo_mode)
int perm;
int sudo_mode;
{
- struct passwd *pw;
int error;
-#ifdef HAVE_LOGIN_CAP_H
- extern login_cap_t *lc;
-#endif
- extern char *runas_homedir;
- /*
- * If we only have setuid() and seteuid() we have to set both to root
- * initially.
- */
-#if !defined(_POSIX_SAVED_IDS) && !defined(HAVE_SETREUID)
- if (setuid(0)) {
- perror("setuid(0)");
- exit(1);
+ switch (perm) {
+ case PERM_ROOT:
+ if (seteuid(0))
+ fatal("seteuid(0)");
+ break;
+ case PERM_USER:
+ (void) setegid(user_gid);
+ if (seteuid(user_uid))
+ fatal("seteuid(user_uid)");
+ break;
+
+ case PERM_FULL_USER:
+ /* headed for exec() */
+ (void) setgid(user_gid);
+ if (setuid(user_uid))
+ fatal("setuid(user_uid)");
+ break;
+
+ case PERM_RUNAS:
+ /* headed for exec(), assume euid == 0 */
+ runas_setup();
+ if (def_flag(I_STAY_SETUID))
+ error = seteuid(runas_pw->pw_uid);
+ else
+ error = setuid(runas_pw->pw_uid);
+ if (error)
+ fatal("unable to change to runas uid");
+ break;
+
+ case PERM_SUDOERS:
+ /* assume euid == 0, ruid == user */
+ if (setegid(SUDOERS_GID))
+ fatal("unable to change to sudoers gid");
+
+ /*
+ * If SUDOERS_UID == 0 and SUDOERS_MODE
+ * is group readable we use a non-zero
+ * uid in order to avoid NFS lossage.
+ * Using uid 1 is a bit bogus but should
+ * work on all OS's.
+ */
+ if (SUDOERS_UID == 0) {
+ if ((SUDOERS_MODE & 040) && seteuid(1))
+ fatal("seteuid(1)");
+ } else {
+ if (seteuid(SUDOERS_UID))
+ fatal("seteuid(SUDOERS_UID)");
+ }
+ break;
}
-#endif
+}
+
+/*
+ * Set real and effective uids and gids based on perm.
+ * We always retain a real or effective uid of 0 unless
+ * we are headed for an exec().
+ */
+void
+set_perms_setreuid(perm, sudo_mode)
+ int perm;
+ int sudo_mode;
+{
+ int error;
switch (perm) {
case PERM_ROOT:
- TOGGLE_ROOT;
+ if (setuid(0))
+ fatal("setuid(0)");
break;
case PERM_USER:
(void) setegid(user_gid);
- TOGGLE_USER;
+ if (setreuid(0, user_uid))
+ fatal("setreuid(0, user_uid)");
break;
case PERM_FULL_USER:
/* headed for exec() */
(void) setgid(user_gid);
if (setuid(user_uid)) {
- perror("setuid(user_uid)");
+ fatal("setuid(user_uid)");
exit(1);
}
break;
case PERM_RUNAS:
/* headed for exec(), assume euid == 0 */
- /* XXX - add group/gid support */
- if (**user_runas == '#') {
- if (def_flag(I_STAY_SETUID))
- error = seteuid(atoi(*user_runas + 1));
- else
- error = setuid(atoi(*user_runas + 1));
- if (error)
- log_error(NO_MAIL|USE_ERRNO|MSG_ONLY,
- "cannot set uid to %s", *user_runas);
- } else {
- if (!(pw = getpwnam(*user_runas)))
- log_error(NO_MAIL|MSG_ONLY,
- "no passwd entry for %s!",
- *user_runas);
-
- /* Set $USER and $LOGNAME to target user */
- if (def_flag(I_LOGNAME)) {
- sudo_setenv("USER", pw->pw_name);
- sudo_setenv("LOGNAME", pw->pw_name);
- }
-
-#ifdef HAVE_LOGIN_CAP_H
- if (def_flag(I_LOGINCLASS)) {
- /*
- * We don't have setusercontext()
- * set the user since we may only
- * want to set the effective uid.
- */
- error = setusercontext(lc, pw, pw->pw_uid,
- LOGIN_SETGROUP|LOGIN_SETRESOURCES|LOGIN_SETPRIORITY);
- if (error)
- log_error(NO_MAIL|USE_ERRNO|MSG_ONLY,
- "setusercontext() failed for login class %s",
- login_class);
- } else
-#endif /* HAVE_LOGIN_CAP_H */
- {
- if (setgid(pw->pw_gid))
- log_error(NO_MAIL|USE_ERRNO|MSG_ONLY,
- "cannot set gid to %ld: %s",
- (long) pw->pw_gid);
-#ifdef HAVE_INITGROUPS
- /*
- * Initialize group vector only if are
- * going to run as a non-root user.
- */
- if (strcmp(*user_runas, "root") != 0 &&
- initgroups(*user_runas, pw->pw_gid) < 0)
- log_error(NO_MAIL|USE_ERRNO|MSG_ONLY,
- "cannot set group vector");
-#endif /* HAVE_INITGROUPS */
- }
- if (def_flag(I_STAY_SETUID))
- error = seteuid(pw->pw_uid);
- else
- error = setuid(pw->pw_uid);
- if (error)
- log_error(NO_MAIL|USE_ERRNO|MSG_ONLY,
- "cannot set uid to %ld",
- (long) pw->pw_uid);
- if (sudo_mode & MODE_RESET_HOME)
- runas_homedir = pw->pw_dir;
- }
+ runas_setup();
+ if (def_flag(I_STAY_SETUID))
+ error = setreuid(user_uid, runas_pw->pw_uid);
+ else
+ error = setuid(runas_pw->pw_uid);
+ if (error)
+ fatal("unable to change to runas uid");
break;
case PERM_SUDOERS:
/* assume euid == 0, ruid == user */
if (setegid(SUDOERS_GID))
- log_error(NO_MAIL|USE_ERRNO|MSG_ONLY,
- "setegid(SUDOERS_GID)");
+ fatal("unable to change to sudoers gid");
/*
* If SUDOERS_UID == 0 and SUDOERS_MODE
* Using uid 1 is a bit bogus but should
* work on all OS's.
*/
-#if defined(HAVE_SETREUID) && !defined(_POSIX_SAVED_IDS)
if (SUDOERS_UID == 0) {
if ((SUDOERS_MODE & 040) && setreuid(0, 1))
- log_error(NO_MAIL|USE_ERRNO|MSG_ONLY,
- "setreuid(0, 1)");
+ fatal("setreuid(0, 1)");
} else {
if (setreuid(0, SUDOERS_UID))
- log_error(NO_MAIL|USE_ERRNO|MSG_ONLY,
- "setreuid(0, SUDOERS_UID)");
+ fatal("setreuid(0, SUDOERS_UID)");
}
-#else
+ break;
+ }
+}
+
+#ifndef HAVE_SETREUID
+/*
+ * Set real and effective uids and gids based on perm.
+ * NOTE: does not support the "stay_setuid" option.
+ */
+void
+set_perms_fallback(perm, sudo_mode)
+ int perm;
+ int sudo_mode;
+{
+
+ /*
+ * Since we only have setuid() and seteuid() we have to set
+ * real and effective uidss to 0 initially.
+ */
+ if (setuid(0))
+ fatal("setuid(0)");
+
+ switch (perm) {
+ case PERM_USER:
+ (void) setegid(user_gid);
+ if (seteuid(user_uid))
+ fatal("seteuid(user_uid)");
+ break;
+
+ case PERM_FULL_USER:
+ /* headed for exec() */
+ (void) setgid(user_gid);
+ if (setuid(user_uid))
+ fatal("setuid(user_uid)");
+ break;
+
+ case PERM_RUNAS:
+ /* headed for exec(), assume euid == 0 */
+ runas_setup();
+ if (setuid(runas_pw->pw_uid))
+ fatal("unable to change to runas uid");
+ break;
+
+ case PERM_SUDOERS:
+ /* assume euid == 0, ruid == user */
+ if (setegid(SUDOERS_GID))
+ fatal("unable to change to sudoers gid");
+
+ /*
+ * If SUDOERS_UID == 0 and SUDOERS_MODE
+ * is group readable we use a non-zero
+ * uid in order to avoid NFS lossage.
+ * Using uid 1 is a bit bogus but should
+ * work on all OS's.
+ */
if (SUDOERS_UID == 0) {
if ((SUDOERS_MODE & 040) && seteuid(1))
- log_error(NO_MAIL|USE_ERRNO|MSG_ONLY,
- "seteuid(1)");
+ fatal("seteuid(1)");
} else {
if (seteuid(SUDOERS_UID))
- log_error(NO_MAIL|USE_ERRNO|MSG_ONLY,
- "seteuid(SUDOERS_UID)");
+ fatal("seteuid(SUDOERS_UID)");
}
-#endif /* HAVE_SETREUID && !_POSIX_SAVED_IDS */
break;
}
}
+#endif /* HAVE_SETREUID */
+
+static void
+runas_setup()
+{
+#ifdef HAVE_LOGIN_CAP_H
+ int error;
+ extern login_cap_t *lc;
+#endif
+
+ if (runas_pw->pw_name != NULL) {
+#ifdef HAVE_LOGIN_CAP_H
+ if (def_flag(I_LOGINCLASS)) {
+ /*
+ * We don't have setusercontext()
+ * set the user since we may only
+ * want to set the effective uid.
+ */
+ error = setusercontext(lc, runas_pw,
+ runas_pw->pw_uid,
+ LOGIN_SETGROUP|LOGIN_SETRESOURCES|LOGIN_SETPRIORITY);
+ if (error)
+ perror("unable to set user context");
+ } else
+#endif /* HAVE_LOGIN_CAP_H */
+ {
+ if (setgid(runas_pw->pw_gid))
+ perror("cannot set gid to runas gid");
+#ifdef HAVE_INITGROUPS
+ /*
+ * Initialize group vector only if are
+ * going to run as a non-root user.
+ */
+ if (strcmp(*user_runas, "root") != 0 &&
+ initgroups(*user_runas, runas_pw->pw_gid) < 0)
+ perror("cannot set group vector");
+#endif /* HAVE_INITGROUPS */
+ }
+ }
+}
+
+static void
+fatal(str)
+ char *str;
+{
+
+ if (str)
+ perror(str);
+ exit(1);
+}
/*
- * Copyright (c) 1994-1996,1998-2000 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 1993-1996,1998-2000 Todd C. Miller <Todd.Miller@courtesan.com>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
#include "interfaces.h"
#include "version.h"
-#ifndef STDC_HEADERS
-extern char *getenv __P((char *));
-#endif /* STDC_HEADERS */
-
#ifndef lint
static const char rcsid[] = "$Sudo$";
#endif /* lint */
-/* XXX - for debugging, will become a runtime option */
-#ifdef STAY_SETUID
-# define SETUID(_x) seteuid(_x)
-#else
-# define SETUID(_x) setuid(_x)
-#endif /* XXX */
-
/*
* Local type declarations
*/
struct env_table {
char *name;
int len;
+ int check;
};
/*
* Prototypes
*/
-static int parse_args __P((void));
-static void usage __P((int));
-static void usage_excl __P((int));
-static void check_sudoers __P((void));
static int init_vars __P((int));
-static void set_loginclass __P((struct passwd *));
-static void add_env __P((int));
-static void clean_env __P((char **, struct env_table *, struct env_table *));
+static int parse_args __P((void));
+static void check_sudoers __P((void));
static void initial_setup __P((void));
+static void set_loginclass __P((struct passwd *));
+static void usage __P((int));
+static void usage_excl __P((int));
static struct passwd *get_authpw __P((void));
-extern struct passwd *sudo_getpwuid __P((uid_t));
-extern struct passwd *sudo_getpwnam __P((const char *));
extern void list_matches __P((void));
+extern char **rebuild_env __P((int, char **));
+extern char **zero_env __P((char **));
+extern struct passwd *sudo_getpwnam __P((const char *));
+extern struct passwd *sudo_getpwuid __P((uid_t));
/*
* Globals
int num_interfaces;
int tgetpass_flags;
extern int errorlineno;
-char *runas_homedir = NULL; /* XXX */
#if defined(RLIMIT_CORE) && !defined(SUDO_DEVEL)
static struct rlimit corelimit;
#endif /* RLIMIT_CORE */
#ifdef HAVE_BSD_AUTH_H
char *login_style;
#endif /* HAVE_BSD_AUTH_H */
-
-/*
- * Table of "bad" envariables to remove and len for strncmp()
- */
-static struct env_table badenv_table[] = {
- { "IFS=", 4 },
- { "LOCALDOMAIN=", 12 },
- { "RES_OPTIONS=", 12 },
- { "HOSTALIASES=", 12 },
- { "NLSPATH=", 8 },
- { "PATH_LOCALE=", 12 },
- { "LD_", 3 },
- { "_RLD", 4 },
-#ifdef __hpux
- { "SHLIB_PATH=", 11 },
-#endif /* __hpux */
-#ifdef _AIX
- { "LIBPATH=", 8 },
-#endif /* _AIX */
-#ifdef HAVE_KERB4
- { "KRB_CONF", 8 },
- { "KRBCONFDIR=", 11 },
- { "KRBTKFILE=", 10 },
-#endif /* HAVE_KERB4 */
-#ifdef HAVE_KERB5
- { "KRB5_CONFIG", 11 },
-#endif /* HAVE_KERB5 */
-#ifdef HAVE_SECURID
- { "VAR_ACE=", 8 },
- { "USR_ACE=", 8 },
- { "DLC_ACE=", 8 },
-#endif /* HAVE_SECURID */
- { "TERMINFO=", 9 },
- { "TERMINFO_DIRS=", 14 },
- { "TERMPATH=", 9 },
- { "TERMCAP=/", 9 },
- { "ENV=", 4 },
- { "BASH_ENV=", 9 },
- { (char *) NULL, 0 }
-};
-/*
- * Table of envariables to remove if they contain '/' or '%'
- */
-static struct env_table naughtyenv_table[] = {
- { "LC_=", 4 },
- { "LANG=", 5 },
- { (char *) NULL, 0 }
-};
+void (*set_perms) __P((int, int));
int
-main(argc, argv)
+main(argc, argv, envp)
int argc;
char **argv;
+ char **envp;
{
int validated;
int fd;
#else
int omask;
#endif /* POSIX_SIGNALS */
- extern char **environ;
extern int printmatches;
+ extern char **environ;
/* Must be done as the first thing... */
#if defined(HAVE_GETPRPWNAM) && defined(HAVE_SET_AUTH_PARAMETERS)
# endif
#endif /* HAVE_GETPRPWNAM && HAVE_SET_AUTH_PARAMETERS */
- /* Get rid of any nasty bits in the environment. */
- clean_env(environ, badenv_table, naughtyenv_table);
+ /* Zero out the environment. */
+ environ = zero_env(envp);
Argv = argv;
Argc = argc;
*/
initial_setup();
- /*
- * Set the prompt based on $SUDO_PROMPT (can be overridden by `-p')
- */
- user_prompt = getenv("SUDO_PROMPT");
-
/* Parse our arguments. */
sudo_mode = parse_args();
cmnd_status = init_vars(sudo_mode);
- /* At this point, ruid == euid == 0 */
-
check_sudoers(); /* check mode/owner on _PATH_SUDOERS */
- add_env(!(sudo_mode & MODE_SHELL)); /* add in SUDO_* envariables */
-
/* Validate the user but don't search for pseudo-commands. */
validated = sudoers_lookup(pwflag);
+ /*
+ * Look up runas user passwd struct. If we are given a uid then
+ * there may be no corresponding passwd(5) entry (which is OK).
+ */
+ if (**user_runas == '#') {
+ runas_pw = sudo_getpwuid(atoi(*user_runas + 1));
+ if (runas_pw == NULL) {
+ runas_pw = emalloc(sizeof(struct passwd));
+ (void) memset((VOID *)runas_pw, 0, sizeof(struct passwd));
+ runas_pw->pw_uid = atoi(*user_runas + 1);
+ }
+ } else {
+ runas_pw = sudo_getpwnam(*user_runas);
+ if (runas_pw == NULL)
+ log_error(NO_MAIL|MSG_ONLY, "no passwd entry for %s!", *user_runas);
+ }
+
+ /* Customize environment and get rid of any nasty bits. */
+ environ = rebuild_env(sudo_mode, envp);
+
/* This goes after the sudoers parse since we honor sudoers options. */
if (sudo_mode == MODE_KILL || sudo_mode == MODE_INVALIDATE) {
remove_timestamp((sudo_mode == MODE_KILL));
if (def_ival(I_UMASK) != 0777)
(void) umask(def_mode(I_UMASK));
- /* Replace the PATH envariable with a secure one. */
- if (def_str(I_SECURE_PATH) && !user_is_exempt())
- sudo_setenv("PATH", def_str(I_SECURE_PATH));
-
/* Restore coredumpsize resource limit. */
#if defined(RLIMIT_CORE) && !defined(SUDO_DEVEL)
(void) setrlimit(RLIMIT_CORE, &corelimit);
/* Become specified user or root. */
set_perms(PERM_RUNAS, sudo_mode);
- /* Set $HOME for `sudo -H'. Only valid at PERM_RUNAS. */
- if ((sudo_mode & MODE_RESET_HOME) && runas_homedir)
- sudo_setenv("HOME", runas_homedir);
-
#ifndef PROFILING
if ((sudo_mode & MODE_BACKGROUND) && fork() > 0)
exit(0);
int sudo_mode;
{
char *p, thost[MAXHOSTNAMELEN];
- int nohostname;
+ int nohostname, rval;
/* Sanity check command from user. */
if (user_cmnd == NULL && strlen(NewArgv[0]) >= MAXPATHLEN) {
log_error(0, "uid %ld does not exist in the passwd file!",
(long) pw.pw_uid);
}
+ user_shell = sudo_user.pw->pw_shell;
/* It is now safe to use log_error() and set_perms() */
set_loginclass(sudo_user.pw);
/* Resolve the path and return. */
- if ((sudo_mode & MODE_RUN))
- return(find_path(NewArgv[0], &user_cmnd));
- else
- return(FOUND);
+ if ((sudo_mode & MODE_RUN)) {
+ rval = find_path(NewArgv[0], &user_cmnd, user_path);
+
+ /* set user_args */
+ if (NewArgc > 1) {
+ char *to, **from;
+ size_t size;
+
+ /* If MODE_SHELL not set then NewArgv is contiguous so just count */
+ if (!(sudo_mode & MODE_SHELL)) {
+ size = (size_t) (NewArgv[NewArgc-1] - NewArgv[1]) +
+ strlen(NewArgv[NewArgc-1]) + 1;
+ } else {
+ for (size = 0, from = NewArgv + 1; *from; from++)
+ size += strlen(*from) + 1;
+ }
+
+ /* alloc and copy. */
+ to = user_args = (char *) emalloc(size);
+ for (from = NewArgv + 1; *from; from++) {
+ (void) strcpy(to, *from);
+ to += strlen(*from);
+ *to++ = ' ';
+ }
+ *--to = '\0';
+ }
+ } else
+ rval = FOUND;
+
+ return(rval);
}
/*
return(rval);
}
-/*
- * Add sudo-specific variables into the environment.
- * Sets ``cmnd_args'' as a side effect.
- */
-static void
-add_env(contiguous)
- int contiguous;
-{
- char idstr[MAX_UID_T_LEN + 1];
- size_t size;
- char *buf;
-
- /* Add the SUDO_COMMAND envariable (cmnd + args). */
- size = strlen(user_cmnd) + 1;
- if (NewArgc > 1) {
- char *to, **from;
-
- if (contiguous) {
- size += (size_t) (NewArgv[NewArgc-1] - NewArgv[1]) +
- strlen(NewArgv[NewArgc-1]) + 1;
- } else {
- for (from = &NewArgv[1]; *from; from++)
- size += strlen(*from) + 1;
- }
-
- buf = (char *) emalloc(size);
-
- /*
- * Copy the command and it's arguments info buf.
- */
- (void) strcpy(buf, user_cmnd);
- to = buf + strlen(user_cmnd);
- for (from = &NewArgv[1]; *from; from++) {
- *to++ = ' ';
- (void) strcpy(to, *from);
- to += strlen(*from);
- }
- } else {
- buf = user_cmnd;
- }
- sudo_setenv("SUDO_COMMAND", buf);
- if (NewArgc > 1)
- free(buf);
-
- /* Grab a pointer to the flat arg string from the environment. */
- if (NewArgc > 1 && (user_args = getenv("SUDO_COMMAND"))) {
- if ((user_args = strchr(user_args, ' ')))
- user_args++;
- else
- user_args = NULL;
- }
-
- /* Add the SUDO_USER, SUDO_UID, SUDO_GID environment variables. */
- sudo_setenv("SUDO_USER", user_name);
- (void) sprintf(idstr, "%ld", (long) user_uid);
- sudo_setenv("SUDO_UID", idstr);
- (void) sprintf(idstr, "%ld", (long) user_gid);
- sudo_setenv("SUDO_GID", idstr);
-
- /* Set PS1 if SUDO_PS1 is set. */
- if ((buf = getenv("SUDO_PS1")))
- sudo_setenv("PS1", buf);
-}
-
/*
* Sanity check sudoers mode/owner/type.
* Leaves a file pointer to the sudoers file open in ``fp''.
log_error(USE_ERRNO, "can't stat %s", _PATH_SUDOERS);
else if (!S_ISREG(statbuf.st_mode))
log_error(0, "%s is not a regular file", _PATH_SUDOERS);
+ else if (statbuf.st_size == 0)
+ log_error(0, "%s is zero length", _PATH_SUDOERS);
else if ((statbuf.st_mode & 07777) != SUDOERS_MODE)
log_error(0, "%s is mode 0%o, should be 0%o", _PATH_SUDOERS,
(statbuf.st_mode & 07777), SUDOERS_MODE);
set_perms(PERM_ROOT, 0); /* change back to root */
}
-/*
- * Remove environment variables that match the entries in badenv_table.
- */
-static void
-clean_env(envp, badenv_table, naughtyenv_table)
- char **envp;
- struct env_table *badenv_table;
- struct env_table *naughtyenv_table;
-{
- struct env_table *entry;
- char **cur;
-
- /*
- * Remove any envars that match entries in badenv_table.
- */
- for (cur = envp; *cur; cur++) {
- for (entry = badenv_table; entry->name; entry++) {
- if (strncmp(*cur, entry->name, entry->len) == 0) {
- /* Got a match so remove it. */
- char **move;
-
- for (move = cur; *move; move++)
- *move = *(move + 1);
-
- cur--;
-
- break;
- }
- }
- for (entry = naughtyenv_table; entry->name; entry++) {
- if (strncmp(*cur, entry->name, entry->len) == 0 &&
- strpbrk((const char *)cur, "/%") != NULL) {
-
- /* Got a match so remove it. */
- char **move;
-
- for (move = cur; *move; move++)
- *move = *(move + 1);
-
- cur--;
-
- break;
- }
- }
- }
-}
-
/*
* Close all open files (except std*) and turn off core dumps.
+ * Also sets the set_perms() pointer to the correct function.
*/
static void
initial_setup()
#else
(void) signal(SIGCHLD, reapchild);
#endif /* POSIX_SIGNALS */
+
+ /* Set set_perms pointer to the correct function */
+#if defined(_SC_SAVED_IDS) && defined(_SC_VERSION)
+ if (sysconf(_SC_SAVED_IDS) == 1 && sysconf(_SC_VERSION) >= 199009)
+ set_perms = set_perms_saved_uid;
+ else
+#endif
+#ifdef HAVE_SETREUID
+ set_perms = set_perms_setreuid;
+#else
+ set_perms = set_perms_fallback;
+#endif
}
#ifdef HAVE_LOGIN_CAP_H
-\b-\b-\b-v\bv\bv\bv flags. This allows users to determine for themselves
whether or not they are allowed to use s\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo.
- s\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo can log both successful an unsuccessful attempts (as
+ s\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo can log both successful and unsuccessful attempts (as
well as errors) to _\bs_\by_\bs_\bl_\bo_\bg(3), a log file, or both. By
default s\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo will log via _\bs_\by_\bs_\bl_\bo_\bg(3) but this is changeable
at configure time or via the _\bs_\bu_\bd_\bo_\be_\br_\bs file.
-October 26, 2000 1.6.4 1
+December 29, 2000 1.6.4 1
as defined in /etc/login.conf, or a single '-' charac
ter. Specifying a _\bc_\bl_\ba_\bs_\bs of `-' indicates that the
command should be run restricted by the default login
- capibilities for the user the command is run as. If
+ capabilities for the user the command is run as. If
the _\bc_\bl_\ba_\bs_\bs argument specifies an existing user class,
the command must be run as root, or the s\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo command
must be run from a shell that is already root. This
-October 26, 2000 1.6.4 2
+December 29, 2000 1.6.4 2
only), and `LIBPATH' (AIX only) environment variables are
removed from the environment passed on to all commands
executed. s\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo will also remove the `IFS', `ENV',
- `BASH_ENV', `KRB_CONF', `KRB5_CONFIG', `LOCALDOMAIN',
- `RES_OPTIONS' and `HOSTALIASES' variables as they too can
- pose a threat.
-
- To prevent command spoofing, s\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo checks "." and "" (both
- denoting current directory) last when searching for a com
- mand in the user's PATH (if one or both are in the PATH).
- Note, however, that the actual `PATH' environment variable
+ `BASH_ENV', `KRB_CONF', `KRBCONFDIR', `KRBTKFILE',
+ `KRB5_CONFIG', `LOCALDOMAIN', `RES_OPTIONS', `HOSTAL
+ IASES', `NLSPATH', `PATH_LOCALE', `TERMINFO', `TER
+ MINFO_DIRS' and `TERMPATH' variables as they too can pose
+ a threat. If the `TERMCAP' variable is set and is a path
+ name, it too is ignored. Additionally, if the `LC_*' or
+ `LANGUAGE' variables contain the `/' or `%' characters,
+ they are ignored. If s\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo has been compiled with SecurID
-October 26, 2000 1.6.4 3
+December 29, 2000 1.6.4 3
sudo(1m) MAINTENANCE COMMANDS sudo(1m)
+ support, the `VAR_ACE', `USR_ACE' and `DLC_ACE' variables
+ are cleared as well.
+
+ To prevent command spoofing, s\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo checks "." and "" (both
+ denoting current directory) last when searching for a com
+ mand in the user's PATH (if one or both are in the PATH).
+ Note, however, that the actual `PATH' environment variable
is _\bn_\bo_\bt modified and is passed unchanged to the program
that s\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo executes.
tents if it is not owned by root and only writable by
root. On systems that allow non-root users to give away
files via _\bc_\bh_\bo_\bw_\bn(2), if the timestamp directory is located
- in a directory writable by anyone (eg: _\b/_\bt_\bm_\bp), it is possi
- ble for a user to create the timestamp directory before
+ in a directory writable by anyone (e.g.: _\b/_\bt_\bm_\bp), it is pos
+ sible for a user to create the timestamp directory before
s\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo is run. However, because s\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo checks the ownership
and mode of the directory and its contents, the only dam
age that can be done is to "hide" files by putting them in
where the filesystem holding ~yazza is not exported as
root:
- % sudo -u yazza ls ~yazza
- To edit the _\bi_\bn_\bd_\be_\bx_\b._\bh_\bt_\bm_\bl file as user www:
- % sudo -u www vi ~www/htdocs/index.html
- To shutdown a machine:
+December 29, 2000 1.6.4 4
-October 26, 2000 1.6.4 4
+sudo(1m) MAINTENANCE COMMANDS sudo(1m)
+ % sudo -u yazza ls ~yazza
-sudo(1m) MAINTENANCE COMMANDS sudo(1m)
+ To edit the _\bi_\bn_\bd_\be_\bx_\b._\bh_\bt_\bm_\bl file as user www:
+ % sudo -u www vi ~www/htdocs/index.html
+
+ To shutdown a machine:
% sudo shutdown -r +15 "quick reboot"
If you feel you have found a bug in sudo, please submit a
bug report at http://www.courtesan.com/sudo/bugs/
-D\bD\bD\bDI\bI\bI\bIS\bS\bS\bSC\bC\bC\bCL\bL\bL\bLA\bA\bA\bAI\bI\bI\bIM\bM\bM\bME\bE\bE\bER\bR\bR\bR
- S\bS\bS\bSu\bu\bu\bud\bd\bd\bdo\bo\bo\bo is provided ``AS IS'' and any express or implied war
- ranties, including, but not limited to, the implied war
- ranties of merchantability and fitness for a particular
- purpose are disclaimed. See the LICENSE file distributed
- with s\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo for complete details.
-
-
-October 26, 2000 1.6.4 5
+December 29, 2000 1.6.4 5
sudo(1m) MAINTENANCE COMMANDS sudo(1m)
+D\bD\bD\bDI\bI\bI\bIS\bS\bS\bSC\bC\bC\bCL\bL\bL\bLA\bA\bA\bAI\bI\bI\bIM\bM\bM\bME\bE\bE\bER\bR\bR\bR
+ S\bS\bS\bSu\bu\bu\bud\bd\bd\bdo\bo\bo\bo is provided ``AS IS'' and any express or implied war
+ ranties, including, but not limited to, the implied war
+ ranties of merchantability and fitness for a particular
+ purpose are disclaimed. See the LICENSE file distributed
+ with s\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo for complete details.
+
C\bC\bC\bCA\bA\bA\bAV\bV\bV\bVE\bE\bE\bEA\bA\bA\bAT\bT\bT\bTS\bS\bS\bS
There is no easy way to prevent a user from gaining a root
shell if that user has access to commands allowing shell
-
-
-
-
-
-
-
-October 26, 2000 1.6.4 6
+December 29, 2000 1.6.4 6
/*
- * Copyright (c) 1994-1996,1998-2000 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 1993-1996,1998-2000 Todd C. Miller <Todd.Miller@courtesan.com>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
*/
struct sudo_user {
struct passwd *pw;
+ struct passwd *_runas_pw;
+ char *path;
+ char *shell;
char *tty;
char cwd[MAXPATHLEN];
char *host;
#define user_passwd (sudo_user.pw->pw_passwd)
#define user_uid (sudo_user.pw->pw_uid)
#define user_gid (sudo_user.pw->pw_gid)
-#define user_shell (sudo_user.pw->pw_shell)
#define user_dir (sudo_user.pw->pw_dir)
+#define user_shell (sudo_user.shell)
#define user_tty (sudo_user.tty)
#define user_cwd (sudo_user.cwd)
#define user_runas (sudo_user.runas)
#define user_cmnd (sudo_user.cmnd)
#define user_args (sudo_user.cmnd_args)
+#define user_path (sudo_user.path)
#define user_prompt (sudo_user.prompt)
#define user_host (sudo_user.host)
#define user_shost (sudo_user.shost)
#define safe_cmnd (sudo_user.cmnd_safe)
#define login_class (sudo_user.class_name)
+#define runas_pw (sudo_user._runas_pw)
/*
* We used to use the system definition of PASS_MAX or _PASSWD_LEN,
#ifndef HAVE_GETCWD
char *getcwd __P((char *, size_t size));
#endif
-#if !defined(HAVE_PUTENV) && !defined(HAVE_SETENV)
-int putenv __P((const char *));
-#endif
#ifndef HAVE_SNPRINTF
int snprintf __P((char *, size_t, const char *, ...));
#endif
int strcasecmp __P((const char *, const char *));
#endif
char *sudo_goodpath __P((const char *));
-void sudo_setenv __P((char *, char *));
char *tgetpass __P((const char *, int, int));
-int find_path __P((char *, char **));
+int find_path __P((char *, char **, char *));
void check_user __P((void));
void verify_user __P((struct passwd *, char *));
int sudoers_lookup __P((int));
-void set_perms __P((int, int));
+void set_perms_saved_uid __P((int, int));
+void set_perms_setreuid __P((int, int));
+void set_perms_fallback __P((int, int));
void remove_timestamp __P((int));
int check_secureware __P((char *));
void sia_attempt_auth __P((void));
extern char **Argv;
extern FILE *sudoers_fp;
extern int tgetpass_flags;
+
+extern void (*set_perms) __P((int, int));
#endif
extern int errno;
.\" Automatically generated by Pod::Man version 1.04
-.\" Thu Oct 26 11:02:49 2000
+.\" Fri Dec 29 20:16:40 2000
.\"
.\" Standard preamble:
.\" ======================================================================
.\" ======================================================================
.\"
.IX Title "sudo @mansectsu@"
-.TH sudo @mansectsu@ "1.6.4" "October 26, 2000" "MAINTENANCE COMMANDS"
+.TH sudo @mansectsu@ "1.6.4" "December 29, 2000" "MAINTENANCE COMMANDS"
.UC
.SH "NAME"
sudo \- execute a command as another user
determine for themselves whether or not they are allowed to use
\&\fBsudo\fR.
.PP
-\&\fBsudo\fR can log both successful an unsuccessful attempts (as well
+\&\fBsudo\fR can log both successful and unsuccessful attempts (as well
as errors) to \fIsyslog\fR\|(3), a log file, or both. By default \fBsudo\fR
will log via \fIsyslog\fR\|(3) but this is changeable at configure time
or via the \fIsudoers\fR file.
argument can be either a class name as defined in /etc/login.conf,
or a single '\-' character. Specifying a \fIclass\fR of \f(CW\*(C`\-\*(C'\fR indicates
that the command should be run restricted by the default login
-capibilities for the user the command is run as. If the \fIclass\fR
+capabilities for the user the command is run as. If the \fIclass\fR
argument specifies an existing user class, the command must be run
as root, or the \fBsudo\fR command must be run from a shell that is already
root. This option is only available on systems with \s-1BSD\s0 login classes
\&\f(CW\*(C`LD_*\*(C'\fR, \f(CW\*(C`_RLD_*\*(C'\fR, \f(CW\*(C`SHLIB_PATH\*(C'\fR (\s-1HP-UX\s0 only), and \f(CW\*(C`LIBPATH\*(C'\fR (\s-1AIX\s0
only) environment variables are removed from the environment passed
on to all commands executed. \fBsudo\fR will also remove the \f(CW\*(C`IFS\*(C'\fR,
-\&\f(CW\*(C`ENV\*(C'\fR, \f(CW\*(C`BASH_ENV\*(C'\fR, \f(CW\*(C`KRB_CONF\*(C'\fR, \f(CW\*(C`KRB5_CONFIG\*(C'\fR, \f(CW\*(C`LOCALDOMAIN\*(C'\fR,
-\&\f(CW\*(C`RES_OPTIONS\*(C'\fR and \f(CW\*(C`HOSTALIASES\*(C'\fR variables as they too can pose a
-threat.
+\&\f(CW\*(C`ENV\*(C'\fR, \f(CW\*(C`BASH_ENV\*(C'\fR, \f(CW\*(C`KRB_CONF\*(C'\fR, \f(CW\*(C`KRBCONFDIR\*(C'\fR, \f(CW\*(C`KRBTKFILE\*(C'\fR,
+\&\f(CW\*(C`KRB5_CONFIG\*(C'\fR, \f(CW\*(C`LOCALDOMAIN\*(C'\fR, \f(CW\*(C`RES_OPTIONS\*(C'\fR, \f(CW\*(C`HOSTALIASES\*(C'\fR,
+\&\f(CW\*(C`NLSPATH\*(C'\fR, \f(CW\*(C`PATH_LOCALE\*(C'\fR, \f(CW\*(C`TERMINFO\*(C'\fR, \f(CW\*(C`TERMINFO_DIRS\*(C'\fR and
+\&\f(CW\*(C`TERMPATH\*(C'\fR variables as they too can pose a threat. If the
+\&\f(CW\*(C`TERMCAP\*(C'\fR variable is set and is a pathname, it too is ignored.
+Additionally, if the \f(CW\*(C`LC_*\*(C'\fR or \f(CW\*(C`LANGUAGE\*(C'\fR variables contain the
+\&\f(CW\*(C`/\*(C'\fR or \f(CW\*(C`%\*(C'\fR characters, they are ignored. If \fBsudo\fR has been
+compiled with SecurID support, the \f(CW\*(C`VAR_ACE\*(C'\fR, \f(CW\*(C`USR_ACE\*(C'\fR and
+\&\f(CW\*(C`DLC_ACE\*(C'\fR variables are cleared as well.
.PP
To prevent command spoofing, \fBsudo\fR checks \*(L".\*(R" and "" (both denoting
current directory) last when searching for a command in the user's
(\fI@timedir@\fR by default) and ignore the directory's contents if
it is not owned by root and only writable by root. On systems that
allow non-root users to give away files via \fIchown\fR\|(2), if the timestamp
-directory is located in a directory writable by anyone (eg: \fI/tmp\fR),
+directory is located in a directory writable by anyone (e.g.: \fI/tmp\fR),
it is possible for a user to create the timestamp directory before
\&\fBsudo\fR is run. However, because \fBsudo\fR checks the ownership and
mode of the directory and its contents, the only damage that can
C<LD_*>, C<_RLD_*>, C<SHLIB_PATH> (HP-UX only), and C<LIBPATH> (AIX
only) environment variables are removed from the environment passed
on to all commands executed. B<sudo> will also remove the C<IFS>,
-C<ENV>, C<BASH_ENV>, C<KRB_CONF>, C<KRB5_CONFIG>, C<LOCALDOMAIN>,
-C<RES_OPTIONS> and C<HOSTALIASES> variables as they too can pose a
-threat.
+C<ENV>, C<BASH_ENV>, C<KRB_CONF>, C<KRBCONFDIR>, C<KRBTKFILE>,
+C<KRB5_CONFIG>, C<LOCALDOMAIN>, C<RES_OPTIONS>, C<HOSTALIASES>,
+C<NLSPATH>, C<PATH_LOCALE>, C<TERMINFO>, C<TERMINFO_DIRS> and
+C<TERMPATH> variables as they too can pose a threat. If the
+C<TERMCAP> variable is set and is a pathname, it too is ignored.
+Additionally, if the C<LC_*> or C<LANGUAGE> variables contain the
+C</> or C<%> characters, they are ignored. If B<sudo> has been
+compiled with SecurID support, the C<VAR_ACE>, C<USR_ACE> and
+C<DLC_ACE> variables are cleared as well.
To prevent command spoofing, B<sudo> checks "." and "" (both denoting
current directory) last when searching for a command in the user's
-September 6, 2000 1.6.4 1
+December 29, 2000 1.6.4 1
-September 6, 2000 1.6.4 2
+December 29, 2000 1.6.4 2
-September 6, 2000 1.6.4 3
+December 29, 2000 1.6.4 3
-September 6, 2000 1.6.4 4
+December 29, 2000 1.6.4 4
-September 6, 2000 1.6.4 5
+December 29, 2000 1.6.4 5
get all aliases from DNS. If your machine's
hostname (as returned by the `hostname' com
mand) is already fully qualified you shouldn't
- need to set _\bf_\bq_\bf_\bn. This flag is _\bo_\bf_\bf by
+ need to set _\bf_\bq_\bd_\bn. This flag is _\bo_\bf_\bf by
default.
insults If set, s\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo will insult users when they enter
-September 6, 2000 1.6.4 6
+December 29, 2000 1.6.4 6
this behavior. This can be done by negating
the set_logname option.
+ stay_setuid Normally, when s\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo executes a command the
+ real and effective UIDs are set to the target
+ user (root by default). This option changes
+ that behavior such that the real UID is left
+ as the invoking user's UID. In other words,
+ this makes s\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo act as a setuid wrapper. This
+ can be useful on systems that disable some
+ potentially dangerous functionality when a
+ program is run setuid.
+
+ env_reset If set, s\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo will reset the environment to
+ only contain the following variables: `HOME',
+ `SHELL', `LOGNAME', and `USER' (in addition to
+ the `SUDO_*' variables). The `PATH'
+
+
+
+December 29, 2000 1.6.4 7
+
+
+
+
+
+sudoers(4) MAINTENANCE COMMANDS sudoers(4)
+
+
+ environment variable is preserved unaltered.
+ Other specific variables may be preserved with
+ the i<env_keep> option.
+
use_loginclass
If set, s\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo will apply the defaults specified
for the target user's login class if one
his/her password before s\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo logs the failure
and exits. The default is `3'.
-
-
-
-September 6, 2000 1.6.4 7
-
-
-
-
-
-sudoers(4) MAINTENANCE COMMANDS sudoers(4)
-
-
I\bI\bI\bIn\bn\bn\bnt\bt\bt\bte\be\be\beg\bg\bg\bge\be\be\ber\br\br\brs\bs\bs\bs t\bt\bt\bth\bh\bh\bha\ba\ba\bat\bt\bt\bt c\bc\bc\bca\ba\ba\ban\bn\bn\bn b\bb\bb\bbe\be\be\be u\bu\bu\bus\bs\bs\bse\be\be\bed\bd\bd\bd i\bi\bi\bin\bn\bn\bn a\ba\ba\ba b\bb\bb\bbo\bo\bo\boo\bo\bo\bol\bl\bl\ble\be\be\bea\ba\ba\ban\bn\bn\bn c\bc\bc\bco\bo\bo\bon\bn\bn\bnt\bt\bt\bte\be\be\bex\bx\bx\bxt\bt\bt\bt:
loglinelen Number of characters per line for the file
prompt times out. The default is `5', set
this to `0' for no password timeout.
- umask Umask to use when running the root command.
- Set this to 0777 to not override the user's
- umask. The default is `0022'.
+ umask Umask to use when running the command. Negate
+ this option or set it to 0777 to preserve the
+ user's umask. The default is `0022'.
S\bS\bS\bSt\bt\bt\btr\br\br\bri\bi\bi\bin\bn\bn\bng\bg\bg\bgs\bs\bs\bs:
incorrect password. The default is `Sorry,
try again.' unless insults are enabled.
+
+
+
+December 29, 2000 1.6.4 8
+
+
+
+
+
+sudoers(4) MAINTENANCE COMMANDS sudoers(4)
+
+
timestampdir
The directory in which s\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo stores its times
tamp files. The default is _\b/_\bv_\ba_\br_\b/_\br_\bu_\bn_\b/_\bs_\bu_\bd_\bo.
flag is not specified on the command line.
This defaults to `root'.
-
-
-
-
-September 6, 2000 1.6.4 8
-
-
-
-
-
-sudoers(4) MAINTENANCE COMMANDS sudoers(4)
-
-
syslog_goodpri
Syslog priority to use when user authenticates
successfully. Defaults to `notice'.
Syslog priority to use when user authenticates
unsuccessfully. Defaults to `alert'.
+ env_keep A double-quoted, space-separated list of envi
+ ronment variables to be preserved in the
+ user's environment. When used in conjuction
+ with the _\be_\bn_\bv_\b__\br_\be_\bs_\be_\bt option, this allows fine
+ control over the environment s\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo-spawned pro
+ cesses will get. If the _\be_\bn_\bv_\b__\br_\be_\bs_\be_\bt option is
+ not used, _\be_\bn_\bv_\b__\bk_\be_\be_\bp can be used to make excep
+ tions to the built in list of "dangerous"
+ environment variables.
+
editor A colon (':') separated list of editors
allowed to be used with v\bv\bv\bvi\bi\bi\bis\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo. v\bv\bv\bvi\bi\bi\bis\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo will
choose the editor that matches the user's USER
logging (negate to disable syslog logging).
Defaults to `local2'.
+
+
+
+
+December 29, 2000 1.6.4 9
+
+
+
+
+
+sudoers(4) MAINTENANCE COMMANDS sudoers(4)
+
+
mailerpath Path to mail program used to send warning
mail. Defaults to the path to sendmail found
at configure time.
-\b-\b-\b-t\bt\bt\bt.
mailto Address to send warning and erorr mail to.
- Defaults to `root'.
+ The address should be enclosed in double
+ quotes (`"') to protect against sudo inter
+ preting the `@' sign. Defaults to `root'.
exempt_group
Users in this group are exempt from password
required when a user runs s\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo with the -\b-\b-\b-v\bv\bv\bv
flag. It has the following possible values:
-
-
-
-
-
-September 6, 2000 1.6.4 9
-
-
-
-
-
-sudoers(4) MAINTENANCE COMMANDS sudoers(4)
-
-
all All the user's I<sudoers> entries for the
current host must have the C<NOPASSWD>
flag set to avoid entering a password.
current host must have the C<NOPASSWD>
flag set to avoid entering a password.
+
+
+
+
+December 29, 2000 1.6.4 10
+
+
+
+
+
+sudoers(4) MAINTENANCE COMMANDS sudoers(4)
+
+
any At least one of the user's I<sudoers> entries
for the current host must have the
C<NOPASSWD> flag set to avoid entering a
Cmnd_Spec_List ::= Cmnd_Spec |
Cmnd_Spec ',' Cmnd_Spec_List
-
-
-
-September 6, 2000 1.6.4 10
-
-
-
-
-
-sudoers(4) MAINTENANCE COMMANDS sudoers(4)
-
-
Cmnd_Spec ::= Runas_Spec? ('NOPASSWD:' | 'PASSWD:')? Cmnd
Runas_Spec ::= '(' Runas_List ')'
The user d\bd\bd\bdg\bg\bg\bgb\bb\bb\bb may run _\b/_\bb_\bi_\bn_\b/_\bl_\bs, _\b/_\bb_\bi_\bn_\b/_\bk_\bi_\bl_\bl, and _\b/_\bu_\bs_\br_\b/_\bb_\bi_\bn_\b/_\bl_\bp_\br_\bm
-- but only as o\bo\bo\bop\bp\bp\bpe\be\be\ber\br\br\bra\ba\ba\bat\bt\bt\bto\bo\bo\bor\br\br\br. Eg.
+
+
+
+December 29, 2000 1.6.4 11
+
+
+
+
+
+sudoers(4) MAINTENANCE COMMANDS sudoers(4)
+
+
sudo -u operator /bin/ls.
It is also possible to override a `Runas_Spec' later on in
ray rushmore = NOPASSWD: /bin/kill, PASSWD: /bin/ls, /usr/bin/lprm
-
-
-
-September 6, 2000 1.6.4 11
-
-
-
-
-
-sudoers(4) MAINTENANCE COMMANDS sudoers(4)
-
-
Note however, that the `PASSWD' tag has no effect on users
who are in the group specified by the exempt_group option.
`[...]' Matches any character in the specified range.
+
+
+
+
+December 29, 2000 1.6.4 12
+
+
+
+
+
+sudoers(4) MAINTENANCE COMMANDS sudoers(4)
+
+
`[!...]'
Matches any character n\bn\bn\bno\bo\bo\bot\bt\bt\bt in the specified range.
it occurs in the context of a user name and is followed by
one or more digits, in which case it is treated as a uid).
Both the comment character and any text after it, up to
-
-
-
-September 6, 2000 1.6.4 12
-
-
-
-
-
-sudoers(4) MAINTENANCE COMMANDS sudoers(4)
-
-
the end of the line, are ignored.
The reserved word A\bA\bA\bAL\bL\bL\bLL\bL\bL\bL is a built in _\ba_\bl_\bi_\ba_\bs that always
syntactic characters in a _\bU_\bs_\be_\br _\bS_\bp_\be_\bc_\bi_\bf_\bi_\bc_\ba_\bt_\bi_\bo_\bn ('=', ':',
'(', ')') is optional.
+
+
+December 29, 2000 1.6.4 13
+
+
+
+
+
+sudoers(4) MAINTENANCE COMMANDS sudoers(4)
+
+
The following characters must be escaped with a backslash
('\') when used as part of a word (eg. a username or host
name): '@', '!', '=', ':', ',', '(', ')', '\'.
Host_Alias SERVERS = master, mail, www, ns
Host_Alias CDROM = orion, perseus, hercules
-
-
-
-
-
-September 6, 2000 1.6.4 13
-
-
-
-
-
-sudoers(4) MAINTENANCE COMMANDS sudoers(4)
-
-
# Cmnd alias specification
Cmnd_Alias DUMPS = /usr/bin/mt, /usr/sbin/dump, /usr/sbin/rdump,\
/usr/sbin/restore, /usr/sbin/rrestore
make sure we log the year in each log line since the log
entries will be kept around for several years.
- # Override builtin defaults
+ # Override built in defaults
Defaults syslog=auth
Defaults:FULLTIMERS !lecture
Defaults:millert !authenticate
Defaults@SERVERS log_year, logfile=/var/log/sudo.log
+
+
+December 29, 2000 1.6.4 14
+
+
+
+
+
+sudoers(4) MAINTENANCE COMMANDS sudoers(4)
+
+
The _\bU_\bs_\be_\br _\bs_\bp_\be_\bc_\bi_\bf_\bi_\bc_\ba_\bt_\bi_\bo_\bn is the part that actually deter
mines who may run what.
_\bC_\bS_\bN_\bE_\bT_\bS alias (the networks `128.138.243.0',
`128.138.204.0', and `128.138.242.0'). Of those networks,
only <128.138.204.0> has an explicit netmask (in CIDR
-
-
-
-September 6, 2000 1.6.4 14
-
-
-
-
-
-sudoers(4) MAINTENANCE COMMANDS sudoers(4)
-
-
notation) indicating it is a class C network. For the
other networks in _\bC_\bS_\bN_\bE_\bT_\bS, the local machine's netmask will
be used during matching.
assumes _\bp_\ba_\bs_\bs_\bw_\bd(1) does not take multiple usernames on the
command line.
+
+
+
+December 29, 2000 1.6.4 15
+
+
+
+
+
+sudoers(4) MAINTENANCE COMMANDS sudoers(4)
+
+
bob SPARC = (OP) ALL : SGI = (OP) ALL
The user b\bb\bb\bbo\bo\bo\bob\bb\bb\bb may run anything on the _\bS_\bP_\bA_\bR_\bC and _\bS_\bG_\bI
john ALPHA = /usr/bin/su [!-]*, !/usr/bin/su *root*
-
-
-
-September 6, 2000 1.6.4 15
-
-
-
-
-
-sudoers(4) MAINTENANCE COMMANDS sudoers(4)
-
-
On the _\bA_\bL_\bP_\bH_\bA machines, user j\bj\bj\bjo\bo\bo\boh\bh\bh\bhn\bn\bn\bn may su to anyone except
root but he is not allowed to give _\bs_\bu(1) any flags.
WEBMASTERS www = (www) ALL, (root) /usr/bin/su www
On the host www, any user in the _\bW_\bE_\bB_\bM_\bA_\bS_\bT_\bE_\bR_\bS `User_Alias'
+
+
+
+December 29, 2000 1.6.4 16
+
+
+
+
+
+sudoers(4) MAINTENANCE COMMANDS sudoers(4)
+
+
(will, wendy, and wim), may run any command as user www
(which owns the web pages) or simply _\bs_\bu(1) to www.
restrictions should be considered advisory at best (and
reinforced by policy).
-
-
-September 6, 2000 1.6.4 16
-
-
-
-
-
-sudoers(4) MAINTENANCE COMMANDS sudoers(4)
-
-
C\bC\bC\bCA\bA\bA\bAV\bV\bV\bVE\bE\bE\bEA\bA\bA\bAT\bT\bT\bTS\bS\bS\bS
The _\bs_\bu_\bd_\bo_\be_\br_\bs file should a\ba\ba\bal\bl\bl\blw\bw\bw\bwa\ba\ba\bay\by\by\bys\bs\bs\bs be edited by the v\bv\bv\bvi\bi\bi\bis\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo
command which locks the file and does grammatical check
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-September 6, 2000 1.6.4 17
+December 29, 2000 1.6.4 17
.\" Automatically generated by Pod::Man version 1.04
-.\" Wed Sep 6 19:34:51 2000
+.\" Fri Dec 29 20:29:02 2000
.\"
.\" Standard preamble:
.\" ======================================================================
.\" ======================================================================
.\"
.IX Title "sudoers @mansectform@"
-.TH sudoers @mansectform@ "1.6.4" "September 6, 2000" "MAINTENANCE COMMANDS"
+.TH sudoers @mansectform@ "1.6.4" "December 29, 2000" "MAINTENANCE COMMANDS"
.UC
.SH "NAME"
sudoers \- list of which users may execute what
issues and the fact that there is no way to get all aliases from
\&\s-1DNS\s0. If your machine's hostname (as returned by the \f(CW\*(C`hostname\*(C'\fR
command) is already fully qualified you shouldn't need to set
-\&\fIfqfn\fR. This flag is \fI@fqdn@\fR by default.
+\&\fIfqdn\fR. This flag is \fI@fqdn@\fR by default.
.Ip "insults" 12
.IX Item "insults"
If set, \fBsudo\fR will insult users when they enter an incorrect
However, since some programs (including the \s-1RCS\s0 revision control system)
use \f(CW\*(C`LOGNAME\*(C'\fR to determine the real identity of the user, it may be desirable
to change this behavior. This can be done by negating the set_logname option.
+.Ip "stay_setuid" 12
+.IX Item "stay_setuid"
+Normally, when \fBsudo\fR executes a command the real and effective
+UIDs are set to the target user (root by default). This option
+changes that behavior such that the real \s-1UID\s0 is left as the invoking
+user's \s-1UID\s0. In other words, this makes \fBsudo\fR act as a setuid
+wrapper. This can be useful on systems that disable some potentially
+dangerous functionality when a program is run setuid.
+.Ip "env_reset" 12
+.IX Item "env_reset"
+If set, \fBsudo\fR will reset the environment to only contain the
+following variables: \f(CW\*(C`HOME\*(C'\fR, \f(CW\*(C`SHELL\*(C'\fR, \f(CW\*(C`LOGNAME\*(C'\fR, and \f(CW\*(C`USER\*(C'\fR
+(in addition to the \f(CW\*(C`SUDO_*\*(C'\fR variables). The \f(CW\*(C`PATH\*(C'\fR environment
+variable is preserved unaltered. Other specific variables
+may be preserved with the i<env_keep> option.
.Ip "use_loginclass" 12
.IX Item "use_loginclass"
If set, \fBsudo\fR will apply the defaults specified for the target user's
The default is \f(CW\*(C`@password_timeout@\*(C'\fR, set this to \f(CW\*(C`0\*(C'\fR for no password timeout.
.Ip "umask" 12
.IX Item "umask"
-Umask to use when running the root command. Set this to 0777 to
-not override the user's umask. The default is \f(CW\*(C`@sudo_umask@\*(C'\fR.
+Umask to use when running the command. Negate this option or set
+it to 0777 to preserve the user's umask. The default is \f(CW\*(C`@sudo_umask@\*(C'\fR.
.PP
\&\fBStrings\fR:
.Ip "mailsub" 12
.IX Item "syslog_badpri"
Syslog priority to use when user authenticates unsuccessfully.
Defaults to \f(CW\*(C`@badpri@\*(C'\fR.
+.Ip "env_keep" 12
+.IX Item "env_keep"
+A double-quoted, space-separated list of environment variables
+to be preserved in the user's environment. When used in conjuction
+with the \fIenv_reset\fR option, this allows fine control over the
+environment \fBsudo\fR\-spawned processes will get. If the \fIenv_reset\fR
+option is not used, \fIenv_keep\fR can be used to make exceptions to
+the built in list of \*(L"dangerous\*(R" environment variables.
.Ip "editor" 12
.IX Item "editor"
A colon (':') separated list of editors allowed to be used with
Flags to use when invoking mailer. Defaults to \fB\-t\fR.
.Ip "mailto" 12
.IX Item "mailto"
-Address to send warning and erorr mail to. Defaults to \f(CW\*(C`@mailto@\*(C'\fR.
+Address to send warning and erorr mail to. The address should
+be enclosed in double quotes (\f(CW\*(C`"\*(C'\fR) to protect against sudo
+interpreting the \f(CW\*(C`@\*(C'\fR sign. Defaults to \f(CW\*(C`@mailto@\*(C'\fR.
.Ip "exempt_group" 12
.IX Item "exempt_group"
Users in this group are exempt from password and \s-1PATH\s0 requirements.
the log entries will be kept around for several years.
.PP
.Vb 5
-\& # Override builtin defaults
+\& # Override built in defaults
\& Defaults syslog=auth
\& Defaults:FULLTIMERS !lecture
\& Defaults:millert !authenticate
use C<LOGNAME> to determine the real identity of the user, it may be desirable
to change this behavior. This can be done by negating the set_logname option.
+=item stay_setuid
+
+Normally, when B<sudo> executes a command the real and effective
+UIDs are set to the target user (root by default). This option
+changes that behavior such that the real UID is left as the invoking
+user's UID. In other words, this makes B<sudo> act as a setuid
+wrapper. This can be useful on systems that disable some potentially
+dangerous functionality when a program is run setuid.
+
+=item env_reset
+
+If set, B<sudo> will reset the environment to only contain the
+following variables: C<HOME>, C<SHELL>, C<LOGNAME>, and C<USER>
+(in addition to the C<SUDO_*> variables). The C<PATH> environment
+variable is preserved unaltered. Other specific variables
+may be preserved with the i<env_keep> option.
+
=item use_loginclass
If set, B<sudo> will apply the defaults specified for the target user's
Syslog priority to use when user authenticates unsuccessfully.
Defaults to C<@badpri@>.
+=item env_keep
+
+A double-quoted, space-separated list of environment variables
+to be preserved in the user's environment. When used in conjuction
+with the I<env_reset> option, this allows fine control over the
+environment B<sudo>-spawned processes will get. If the I<env_reset>
+option is not used, I<env_keep> can be used to make exceptions to
+the built in list of "dangerous" environment variables.
+
=item editor
A colon (':') separated list of editors allowed to be used with
=item mailto
-Address to send warning and erorr mail to. Defaults to C<@mailto@>.
+Address to send warning and erorr mail to. The address should
+be enclosed in double quotes (C<">) to protect against sudo
+interpreting the C<@> sign. Defaults to C<@mailto@>.
=item exempt_group
local log file and make sure we log the year in each log line since
the log entries will be kept around for several years.
- # Override builtin defaults
+ # Override built in defaults
Defaults syslog=auth
Defaults:FULLTIMERS !lecture
Defaults:millert !authenticate
static const char rcsid[] = "$Sudo$";
#endif /* lint */
+
+/*
+ * Prototypes
+ */
+void init_parser __P((void));
+void dumpaliases __P((void));
+void set_perms_dummy __P((int, int));
+
/*
* Globals
*/
int num_interfaces;
struct interface *interfaces;
struct sudo_user sudo_user;
+void (*set_perms) __P((int, int)) = set_perms_dummy;
extern int clearaliases;
extern int pedantic;
-/*
- * Prototypes for external functions
- */
-void init_parser __P((void));
-void dumpaliases __P((void));
-
/*
* Returns TRUE if "s" has shell meta characters in it,
* else returns FALSE.
}
void
-set_perms(i, j)
+set_perms_dummy(i, j)
int i, j;
{
return;
if (UserEditor && *UserEditor == '\0')
UserEditor = NULL;
else if (UserEditor) {
- if (find_path(UserEditor, &Editor) == FOUND) {
+ if (find_path(UserEditor, &Editor, getenv("PATH")) == FOUND) {
UserEditor = Editor;
} else {
if (def_flag(I_ENV_EDITOR)) {
later.
There is a hard-coded list of editors that v\bv\bv\bvi\bi\bi\bis\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo will use
- set at compile time that may be overridden via the _\be_\bd_\bi_\bt_\bo_\br
+ set at compile-time that may be overridden via the _\be_\bd_\bi_\bt_\bo_\br
_\bs_\bu_\bd_\bo_\be_\br_\bs `Default' variable. This list defaults to the
path to _\bv_\bi(1) on your system, as determined by the _\bc_\bo_\bn_\bf_\bi_\bg_\b
_\bu_\br_\be script. Normally, v\bv\bv\bvi\bi\bi\bis\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo does not honor the `EDITOR'
v\bv\bv\bvi\bi\bi\bis\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo parses the _\bs_\bu_\bd_\bo_\be_\br_\bs file after the edit and will not
save the changes if there is a syntax error. Upon finding
- an error, a message will be printed stating the line
+ an error, v\bv\bv\bvi\bi\bi\bis\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo will print a message stating the line
_\bn_\bu_\bm_\bb_\be_\br(s) where the error occurred and the user will
receive the "What now?" prompt. At this point the user
- may enter "e" to re-edit the _\bs_\bu_\bd_\bo_\be_\br_\bs file, enter "x" to
- exit without saving the changes, or "Q" to quit and save
+ may enter "e" to re-edit the _\bs_\bu_\bd_\bo_\be_\br_\bs file, "x" to exit
+ without saving the changes, or "Q" to quit and save
changes. The "Q" option should be used with extreme care
because if v\bv\bv\bvi\bi\bi\bis\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo believes there to be a parse error, so
- will s\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo and no one will be able to execute s\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo again
- until the error is fixed. Any other command at this
- prompt will print a short help message. When editing the
- _\bs_\bu_\bd_\bo_\be_\br_\bs file after a parse error has been detected the
- cursor will be placed on the line where the error occurred
- (if the editor supports this feature).
+ will s\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo and no one will be able to s\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo again until the
+ error is fixed. If "e" is typed to edit the _\bs_\bu_\bd_\bo_\be_\br_\bs file
+ after a parse error has been detected, the cursor will be
+ placed on the line where the error occurred (if the editor
+ supports this feature).
O\bO\bO\bOP\bP\bP\bPT\bT\bT\bTI\bI\bI\bIO\bO\bO\bON\bN\bN\bNS\bS\bS\bS
- v\bv\bv\bvi\bi\bi\bis\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo accepts the following command line option:
+ v\bv\bv\bvi\bi\bi\bis\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo accepts the following command line options:
-s Enable s\bs\bs\bst\bt\bt\btr\br\br\bri\bi\bi\bic\bc\bc\bct\bt\bt\bt checking of the _\bs_\bu_\bd_\bo_\be_\br_\bs file. If an
alias is used before it is defined, v\bv\bv\bvi\bi\bi\bis\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo will con
-August 13, 2000 1.6.4 1
+
+December 29, 2000 1.6.4 1
visudo(1m) MAINTENANCE COMMANDS visudo(1m)
- -V The -\b-\b-\b-V\bV\bV\bV (version) option causes v\bv\bv\bvi\bi\bi\bis\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo to print the
+ -V The -\b-\b-\b-V\bV\bV\bV (version) option causes v\bv\bv\bvi\bi\bi\bis\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo to print its
version number and exit.
E\bE\bE\bER\bR\bR\bRR\bR\bR\bRO\bO\bO\bOR\bR\bR\bRS\bS\bS\bS
listed that consists solely of upper case letters,
digits, and the underscore ('_') character. If the
latter, you can ignore the warnings (s\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo will not
- complain). In -\b-\b-\b-s\bs\bs\bs (strict) mode these are errors not
+ complain). In -\b-\b-\b-s\bs\bs\bs (strict) mode these are errors, not
warnings.
E\bE\bE\bEN\bN\bN\bNV\bV\bV\bVI\bI\bI\bIR\bR\bR\bRO\bO\bO\bON\bN\bN\bNM\bM\bM\bME\bE\bE\bEN\bN\bN\bNT\bT\bT\bT
The following environment variables are used only if
v\bv\bv\bvi\bi\bi\bis\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo was configured with the _\b-_\b-_\bw_\bi_\bt_\bh_\b-_\be_\bn_\bv_\b-_\be_\bd_\bi_\bt_\bo_\br option:
- EDITOR Used by visudo as the editor to use
- VISUAL Used by visudo if EDITOR is not set
+ EDITOR Invoked by visudo as the editor to use
+ VISUAL Used Invoked visudo if EDITOR is not set
F\bF\bF\bFI\bI\bI\bIL\bL\bL\bLE\bE\bE\bES\bS\bS\bS
A\bA\bA\bAU\bU\bU\bUT\bT\bT\bTH\bH\bH\bHO\bO\bO\bOR\bR\bR\bR
- Many people have worked on _\bs_\bu_\bd_\bo over the years, this ver
+ Many people have worked on _\bs_\bu_\bd_\bo over the years; this ver
sion of v\bv\bv\bvi\bi\bi\bis\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo was written by:
Todd Miller <Todd.Miller@courtesan.com>
- See the HISTORY file in the sudo distribution for more
+ See the HISTORY file in the sudo distribution or visit
+ http://www.courtesan.com/sudo/history.html for more
details.
B\bB\bB\bBU\bU\bU\bUG\bG\bG\bGS\bS\bS\bS
warranties, including, but not limited to, the implied
warranties of merchantability and fitness for a particular
purpose are disclaimed. See the LICENSE file distributed
- with s\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo for complete details.
-August 13, 2000 1.6.4 2
+December 29, 2000 1.6.4 2
visudo(1m) MAINTENANCE COMMANDS visudo(1m)
+ with s\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo for complete details.
+
C\bC\bC\bCA\bA\bA\bAV\bV\bV\bVE\bE\bE\bEA\bA\bA\bAT\bT\bT\bTS\bS\bS\bS
There is no easy way to prevent a user from gaining a root
shell if the editor used by v\bv\bv\bvi\bi\bi\bis\bs\bs\bsu\bu\bu\bud\bd\bd\bdo\bo\bo\bo allows shell escapes.
-
-
-August 13, 2000 1.6.4 3
+December 29, 2000 1.6.4 3
.\" Automatically generated by Pod::Man version 1.04
-.\" Sun Aug 13 14:54:27 2000
+.\" Fri Dec 29 20:16:41 2000
.\"
.\" Standard preamble:
.\" ======================================================================
.\" ======================================================================
.\"
.IX Title "visudo @mansectsu@"
-.TH visudo @mansectsu@ "1.6.4" "August 13, 2000" "MAINTENANCE COMMANDS"
+.TH visudo @mansectsu@ "1.6.4" "December 29, 2000" "MAINTENANCE COMMANDS"
.UC
.SH "NAME"
visudo \- edit the sudoers file
edited you will receive a message to try again later.
.PP
There is a hard-coded list of editors that \fBvisudo\fR will use set
-at compile time that may be overridden via the \fIeditor\fR \fIsudoers\fR
+at compile-time that may be overridden via the \fIeditor\fR \fIsudoers\fR
\&\f(CW\*(C`Default\*(C'\fR variable. This list defaults to the path to \fIvi\fR\|(1) on
your system, as determined by the \fIconfigure\fR script. Normally,
\&\fBvisudo\fR does not honor the \f(CW\*(C`EDITOR\*(C'\fR or \f(CW\*(C`VISUAL\*(C'\fR environment
.PP
\&\fBvisudo\fR parses the \fIsudoers\fR file after the edit and will
not save the changes if there is a syntax error. Upon finding
-an error, a message will be printed stating the line \fInumber\fR\|(s)
+an error, \fBvisudo\fR will print a message stating the line \fInumber\fR\|(s)
where the error occurred and the user will receive the
\&\*(L"What now?\*(R" prompt. At this point the user may enter \*(L"e\*(R"
-to re-edit the \fIsudoers\fR file, enter \*(L"x\*(R" to exit without
+to re-edit the \fIsudoers\fR file, \*(L"x\*(R" to exit without
saving the changes, or \*(L"Q\*(R" to quit and save changes. The
\&\*(L"Q\*(R" option should be used with extreme care because if \fBvisudo\fR
believes there to be a parse error, so will \fBsudo\fR and no one
-will be able to execute \fBsudo\fR again until the error is fixed.
-Any other command at this prompt will print a short help message.
-When editing the \fIsudoers\fR file after a parse error has been
-detected the cursor will be placed on the line where the error
-occurred (if the editor supports this feature).
+will be able to \fBsudo\fR again until the error is fixed.
+If \*(L"e\*(R" is typed to edit the \fIsudoers\fR file after a parse error
+has been detected, the cursor will be placed on the line where the
+error occurred (if the editor supports this feature).
.SH "OPTIONS"
.IX Header "OPTIONS"
-\&\fBvisudo\fR accepts the following command line option:
+\&\fBvisudo\fR accepts the following command line options:
.Ip "\-s" 4
.IX Item "-s"
Enable \fBstrict\fR checking of the \fIsudoers\fR file. If an alias is
letters, digits, and the underscore ('_') character.
.Ip "\-V" 4
.IX Item "-V"
-The \fB\-V\fR (version) option causes \fBvisudo\fR to print the version number
+The \fB\-V\fR (version) option causes \fBvisudo\fR to print its version number
and exit.
.SH "ERRORS"
.IX Header "ERRORS"
consists solely of upper case letters, digits, and the
underscore ('_') character. If the latter, you can ignore
the warnings (\fBsudo\fR will not complain). In \fB\-s\fR (strict)
-mode these are errors not warnings.
+mode these are errors, not warnings.
.SH "ENVIRONMENT"
.IX Header "ENVIRONMENT"
The following environment variables are used only if \fBvisudo\fR
was configured with the \fI\*(--with-env-editor\fR option:
.PP
.Vb 2
-\& EDITOR Used by visudo as the editor to use
-\& VISUAL Used by visudo if EDITOR is not set
+\& EDITOR Invoked by visudo as the editor to use
+\& VISUAL Used Invoked visudo if EDITOR is not set
.Ve
.SH "FILES"
.IX Header "FILES"
.Ve
.SH "AUTHOR"
.IX Header "AUTHOR"
-Many people have worked on \fIsudo\fR over the years, this version of
+Many people have worked on \fIsudo\fR over the years; this version of
\&\fBvisudo\fR was written by:
.PP
.Vb 1
\& Todd Miller <Todd.Miller@courtesan.com>
.Ve
-See the \s-1HISTORY\s0 file in the sudo distribution for more details.
+See the \s-1HISTORY\s0 file in the sudo distribution or visit
+http://www.courtesan.com/sudo/history.html for more details.
.SH "BUGS"
.IX Header "BUGS"
If you feel you have found a bug in sudo, please submit a bug report
projects / sudo / commitdiff