Actually use the plugin_dir Path setting in sudo.conf.

diff --git a/plugins/sudoers/group_plugin.c b/plugins/sudoers/group_plugin.c
index b26a076a87e4d86afa3712125ba9d89aca6be893..4af7f14774d5342b87c12269f0504b9440bbe50e 100644 (file)
--- a/plugins/sudoers/group_plugin.c
+++ b/plugins/sudoers/group_plugin.c
@@ -38,6 +38,8 @@
 #include "sudoers.h"
 #include "sudo_dso.h"
 
+const char *path_plugin_dir = _PATH_SUDO_PLUGIN_DIR;
+
 #if defined(HAVE_DLOPEN) || defined(HAVE_SHL_LOAD)
 
 static void *group_handle;
@@ -62,17 +64,17 @@ group_plugin_load(char *plugin_info)
      */
     if ((args = strpbrk(plugin_info, " \t")) != NULL) {
        len = snprintf(path, sizeof(path), "%s%.*s",
-           (*plugin_info != '/') ? _PATH_SUDO_PLUGIN_DIR : "",
+           (*plugin_info != '/') ? path_plugin_dir : "",
            (int)(args - plugin_info), plugin_info);
        args++;
     } else {
        len = snprintf(path, sizeof(path), "%s%s",
-           (*plugin_info != '/') ? _PATH_SUDO_PLUGIN_DIR : "", plugin_info);
+           (*plugin_info != '/') ? path_plugin_dir : "", plugin_info);
     }
     if (len <= 0 || (size_t)len >= sizeof(path)) {
        errno = ENAMETOOLONG;
        sudo_warn("%s%s",
-           (*plugin_info != '/') ? _PATH_SUDO_PLUGIN_DIR : "", plugin_info);
+           (*plugin_info != '/') ? path_plugin_dir : "", plugin_info);
        goto done;
     }
 

diff --git a/plugins/sudoers/policy.c b/plugins/sudoers/policy.c
index 06a1b571379b288e9ee42360cece2efc558ddcf2..7de51e69c8806c257b7104fbec54f8430be94fb0 100644 (file)
--- a/plugins/sudoers/policy.c
+++ b/plugins/sudoers/policy.c
@@ -256,6 +256,10 @@ sudoers_policy_deserialize_info(void *v, char **runas_user, char **runas_group)
            remhost = *cur + sizeof("remote_host=") - 1;
            continue;
        }
+       if (MATCHES(*cur, "plugin_dir=")) {
+           path_plugin_dir = *cur + sizeof("plugin_dir=") - 1;
+           continue;
+       }
     }
 
     for (cur = info->user_info; *cur != NULL; cur++) {

diff --git a/plugins/sudoers/sudoers.h b/plugins/sudoers/sudoers.h
index cff82c4bbd7b0a4303b77c0ef6731a4240d2fd2f..438eadb8185226dde8f91b85e65a9924ed8295b5 100644 (file)
--- a/plugins/sudoers/sudoers.h
+++ b/plugins/sudoers/sudoers.h
@@ -369,6 +369,7 @@ int group_plugin_load(char *plugin_info);
 void group_plugin_unload(void);
 int group_plugin_query(const char *user, const char *group,
     const struct passwd *pwd);
+extern const char *path_plugin_dir;
 
 /* editor.c */
 char *resolve_editor(const char *ed, size_t edlen, int nfiles, char **files,

diff --git a/src/load_plugins.c b/src/load_plugins.c
index 3e7d4700eb886fb0d10d93b059bd349f0bff457c..403ae03c1470afd0d24eade2e756ea1e8b563eb3 100644 (file)
--- a/src/load_plugins.c
+++ b/src/load_plugins.c
@@ -74,12 +74,17 @@ sudo_stat_plugin(struct plugin_info *info, char *fullpath,
        }
 #endif /* STATIC_SUDOERS_PLUGIN */
 
-       len = snprintf(fullpath, pathsize, "%s%s", _PATH_SUDO_PLUGIN_DIR,
+       if (sudo_conf_plugin_dir_path() == NULL) {
+           errno = ENOENT;
+           goto done;
+       }
+
+       len = snprintf(fullpath, pathsize, "%s%s", sudo_conf_plugin_dir_path(),
            info->path);
        if (len <= 0 || (size_t)len >= pathsize) {
            sudo_warnx(U_("error in %s, line %d while loading plugin `%s'"),
                _PATH_SUDO_CONF, info->lineno, info->symbol_name);
-           sudo_warnx(U_("%s%s: %s"), _PATH_SUDO_PLUGIN_DIR, info->path,
+           sudo_warnx(U_("%s%s: %s"), sudo_conf_plugin_dir_path(), info->path,
                strerror(ENAMETOOLONG));
            goto done;
        }
@@ -109,7 +114,9 @@ sudo_check_plugin(struct plugin_info *info, char *fullpath, size_t pathsize)
     if (sudo_stat_plugin(info, fullpath, pathsize, &sb) != 0) {
        sudo_warnx(U_("error in %s, line %d while loading plugin `%s'"),
            _PATH_SUDO_CONF, info->lineno, info->symbol_name);
-       sudo_warn("%s%s", _PATH_SUDO_PLUGIN_DIR, info->path);
+       sudo_warn("%s%s",
+           sudo_conf_plugin_dir_path() ? sudo_conf_plugin_dir_path() : "",
+           info->path);
        goto done;
     }
     if (sb.st_uid != ROOT_UID) {