Use ALIAS for the member type when storing an alias instead of

HOSTALIAS/RUNASALIAS/CMNDALIAS/USERALIAS since match.c relies on
the more generic type.  Expand runas_matches instead of calling
user_matches() inside of it since user_matches() looks up USERALIASes,
not RUNASALIASes.

diff --git a/gram.y b/gram.y
index 9fe4f10cfc2ac50f2fb920c48eb491704cfe451a..443733e1d28db5fe8437348a853fab7548defdd7 100644 (file)
--- a/gram.y
+++ b/gram.y
@@ -276,7 +276,7 @@ ophost              :       host {
                ;
 
 host           :       ALIAS {
-                           NEW_MEMBER($$, $1, HOSTALIAS);
+                           NEW_MEMBER($$, $1, ALIAS);
                        }
                |       ALL {
                            NEW_MEMBER($$, NULL, ALL);
@@ -346,7 +346,7 @@ oprunasuser :       runasuser {
                ;
 
 runasuser      :       ALIAS {
-                           NEW_MEMBER($$, $1, RUNASALIAS);
+                           NEW_MEMBER($$, $1, ALIAS);
                        }
                |       ALL {
                            NEW_MEMBER($$, NULL, ALL);
@@ -392,7 +392,7 @@ cmnd                :       ALL {
                            safe_cmnd = estrdup(user_cmnd);
                        }
                |       ALIAS {
-                           NEW_MEMBER($$, $1, CMNDALIAS);
+                           NEW_MEMBER($$, $1, ALIAS);
                        }
                |       COMMAND {
                            struct sudo_command *c = emalloc(sizeof(*c));
@@ -486,7 +486,7 @@ opuser              :       user {
                ;
 
 user           :       ALIAS {
-                           NEW_MEMBER($$, $1, USERALIAS);
+                           NEW_MEMBER($$, $1, ALIAS);
                        }
                |       ALL {
                            NEW_MEMBER($$, NULL, ALL);

diff --git a/match.c b/match.c
index 3307ac4316cdc7162f31fadab6a97d631791696a..6d77d98c03fc50a07be080cf37c54f04dc06d630 100644 (file)
--- a/match.c
+++ b/match.c
@@ -146,9 +146,37 @@ runas_matches(pw, list)
     struct passwd *pw;
     struct member *list;
 {
+    struct member *m;
+    int rval, matched = UNSPEC;
+
     if (list == NULL)
        return(userpw_matches(def_runas_default, pw->pw_name, pw));
-    return(user_matches(pw, list));
+
+    for (m = list; m != NULL; m = m->next) {
+       switch (m->type) {
+           case ALIAS:
+               rval = alias_matches(m->name, RUNASALIAS, pw, NULL);
+               if (rval != UNSPEC || (rval = !strcmp(m->name, pw->pw_name)))
+                   matched = rval;
+               break;
+           case ALL:
+               matched = !m->negated;
+               break;
+           case NETGROUP:
+               if (netgr_matches(m->name, NULL, NULL, pw->pw_name))
+                   matched = !m->negated;
+               break;
+           case USERGROUP:
+               if (usergr_matches(m->name, pw->pw_name, pw))
+                   matched = !m->negated;
+               break;
+           case WORD:
+               if (userpw_matches(m->name, pw->pw_name, pw))
+                   matched = !m->negated;
+               break;
+       }
+    }
+    return(matched);
 }
 
 /*