oldmask = umask(077); /* make sure the timestamp files are private */
rtn = check_timestamp();
- if (rtn && sudo_pw_ent->pw_uid) { /* if timestamp is not current... */
+ if (rtn && user_uid) { /* if timestamp is not current... */
if (rtn == 2)
reminder(); /* do the reminder if ticket file is new */
check_passwd();
return(TRUE);
for (gr_mem = grp->gr_mem; *gr_mem; gr_mem++) {
- if (strcmp(sudo_pw_ent->pw_name, *gr_mem) == 0)
+ if (strcmp(user_name, *gr_mem) == 0)
return(TRUE);
}
else
p = tty;
- (void) sprintf(timestampfile, "%s/%s.%s", _PATH_SUDO_TIMEDIR,
- sudo_pw_ent->pw_name, p);
+ (void) sprintf(timestampfile, "%s/%s.%s", _PATH_SUDO_TIMEDIR, user_name, p);
#else
- (void) sprintf(timestampfile, "%s/%s", _PATH_SUDO_TIMEDIR,
- sudo_pw_ent->pw_name);
+ (void) sprintf(timestampfile, "%s/%s", _PATH_SUDO_TIMEDIR, user_name);
#endif /* USE_TTY_TICKETS */
timedir_is_good = 1; /* now there's an assumption for ya... */
else
p = tty;
- (void) sprintf(timestampfile, "%s/%s.%s", _PATH_SUDO_TIMEDIR,
- sudo_pw_ent->pw_name, p);
+ (void) sprintf(timestampfile, "%s/%s.%s", _PATH_SUDO_TIMEDIR, user_name, p);
#else
- (void) sprintf(timestampfile, "%s/%s", _PATH_SUDO_TIMEDIR,
- sudo_pw_ent->pw_name);
+ (void) sprintf(timestampfile, "%s/%s", _PATH_SUDO_TIMEDIR, user_name);
#endif /* USE_TTY_TICKETS */
/* become root */
/* get a password from the user */
#ifdef HAVE_SKEY
set_perms(PERM_ROOT);
- pass = skey_getpass(prompt, sudo_pw_ent, TRUE);
+ pass = skey_getpass(prompt, user_pw_ent, TRUE);
set_perms(PERM_USER);
#else
# ifdef USE_GETPASS
*/
#ifdef SHADOW_TYPE
# if (SHADOW_TYPE == SPW_ULTRIX4)
- if (!strcmp(sudo_pw_ent->pw_passwd,
- (char *) crypt16(pass, sudo_pw_ent->pw_passwd)))
+ if (!strcmp(user_passwd, (char *)crypt16(pass, user_passwd)))
return; /* if the passwd is correct return() */
# endif /* ULTRIX4 */
# if (SHADOW_TYPE == SPW_SECUREWARE) && !defined(__alpha)
- strncpy(salt, sudo_pw_ent->pw_passwd, 2);
+ strncpy(salt, user_passwd, 2);
i = AUTH_SALT_SIZE + AUTH_CIPHERTEXT_SEG_CHARS;
- if (strncmp(sudo_pw_ent->pw_passwd, crypt(pass, salt), i) == 0)
+ if (strncmp(user_passwd, crypt(pass, salt), i) == 0)
return; /* if the passwd is correct return() */
# endif /* SECUREWARE && !__alpha */
# if (SHADOW_TYPE == SPW_SECUREWARE) && defined(__alpha)
if (crypt_type == AUTH_CRYPT_BIGCRYPT) {
- if (!strcmp(sudo_pw_ent->pw_passwd,
- bigcrypt(pass, sudo_pw_ent->pw_passwd)))
+ if (!strcmp(user_passwd, bigcrypt(pass, user_passwd)))
return; /* if the passwd is correct return() */
} else if (crypt_type == AUTH_CRYPT_CRYPT16) {
- if (!strcmp(sudo_pw_ent->pw_passwd,
- crypt16(pass, sudo_pw_ent->pw_passwd)))
+ if (!strcmp(user_passwd, crypt16(pass, user_passwd)))
return; /* if the passwd is correct return() */
} else {
(void) fprintf(stderr,
#ifdef HAVE_SKEY
set_perms(PERM_ROOT);
- if (!strcmp(sudo_pw_ent->pw_passwd,
- skey_crypt(pass, sudo_pw_ent->pw_passwd, sudo_pw_ent, TRUE))) {
+ if (!strcmp(user_passwd,
+ skey_crypt(pass, user_passwd, user_pw_ent, TRUE))) {
set_perms(PERM_USER);
return; /* if the passwd is correct return() */
}
set_perms(PERM_USER);
#else
- if (!strcmp(sudo_pw_ent->pw_passwd,
- (char *) crypt(pass, sudo_pw_ent->pw_passwd)))
+ if (!strcmp(user_passwd, (char *) crypt(pass, user_passwd)))
return; /* if the passwd is correct return() */
#endif /* HAVE_SKEY */
#ifdef HAVE_KERB4
- if (sudo_pw_ent->pw_uid && sudo_krb_validate_user(sudo_pw_ent, pass) == 0)
+ if (user_uid && sudo_krb_validate_user(user_pw_ent, pass) == 0)
return;
#endif /* HAVE_KERB4 */
#ifdef HAVE_AFS
code = ka_UserAuthenticateGeneral(KA_USERAUTH_VERSION+KA_USERAUTH_DOSETPAG,
- sudo_pw_ent->pw_name,
+ user_name,
(char *) 0,
(char *) 0,
pass,
#endif /* HAVE_AFS */
#ifdef HAVE_DCE
/* XXX - this seems wrong... */
- if (dce_pwent(sudo_pw_ent->pw_name, pass))
+ if (dce_pwent(user_name, pass))
return;
#endif /* HAVE_DCE */
* necesary for mail and file logs.
*/
now = time((time_t) 0);
- (void) sprintf(logline, "%19.19s : %8.8s : ", ctime(&now),
- sudo_pw_ent->pw_name);
+ (void) sprintf(logline, "%19.19s : %8.8s : ", ctime(&now), user_name);
/*
* we need a pointer to the end of logline (XXX - use a #define not 33)
case GLOBAL_NO_PW_ENT:
(void) sprintf(p,
"There is no passwd entry for uid %ld (TTY=%s). ",
- (long) sudo_pw_ent->pw_uid, tty);
+ (long) user_uid, tty);
break;
case PASSWORD_NOT_CORRECT:
*tmp = '\0';
if (count == 0)
- syslog(pri, "%8.8s : %s", sudo_pw_ent->pw_name, p);
+ syslog(pri, "%8.8s : %s", user_name, p);
else
- syslog(pri, "%8.8s : (command continued) %s",
- sudo_pw_ent->pw_name, p);
+ syslog(pri, "%8.8s : (command continued) %s", user_name, p);
*tmp = save; /* restore saved character */
;
} else {
if (count == 0)
- syslog(pri, "%8.8s : %s", sudo_pw_ent->pw_name, p);
+ syslog(pri, "%8.8s : %s", user_name, p);
else
- syslog(pri, "%8.8s : (command continued) %s",
- sudo_pw_ent->pw_name, p);
+ syslog(pri, "%8.8s : (command continued) %s", user_name, p);
}
}
closelog();
case VALIDATE_NO_USER:
(void) fprintf(stderr,
"%s is not in the sudoers file. This incident will be reported.\n\n",
- sudo_pw_ent->pw_name);
+ user_name);
break;
case VALIDATE_NOT_OK:
if (cmnd_args)
(void) fprintf(stderr,
"Sorry, user %s is not allowed to execute \"%s %s\" on %s.\n\n",
- sudo_pw_ent->pw_name, cmnd, cmnd_args, host);
+ user_name, cmnd, cmnd_args, host);
else
(void) fprintf(stderr,
"Sorry, user %s is not allowed to execute \"%s\" on %s.\n\n",
- sudo_pw_ent->pw_name, cmnd, host);
+ user_name, cmnd, host);
break;
case VALIDATE_ERROR:
;
user : NAME {
- if (strcmp($1, sudo_pw_ent->pw_name) == 0)
+ if (strcmp($1, user_name) == 0)
user_matches = TRUE;
(void) free($1);
$1 = NULL; /* XXX */
}
| NETGROUP {
- if (netgr_matches($1, NULL, sudo_pw_ent->pw_name))
+ if (netgr_matches($1, NULL, user_name))
user_matches = TRUE;
(void) free($1);
$1 = NULL; /* XXX */
*/
int Argc;
char **Argv;
-struct passwd *sudo_pw_ent;
+struct passwd *user_pw_ent;
char *cmnd = NULL;
char *cmnd_args = NULL;
char *tty = NULL;
}
/* replace "-s" with the shell's name */
- if ((NewArgv[0] = strrchr(sudo_pw_ent->pw_shell, '/') + 1)
+ if ((NewArgv[0] = strrchr(user_shell, '/') + 1)
== (char *) 1)
- NewArgv[0] = sudo_pw_ent->pw_shell;
+ NewArgv[0] = user_shell;
for (i = 1; i < Argc; i++)
NewArgv[i] = Argv[i];
* load_globals()
*
* This function primes these important global variables:
- * sudo_pw_ent, host, cwd, interfaces.
+ * user_pw_ent, host, cwd, interfaces.
*/
static void load_globals(sudo_mode)
* if necesary. It is assumed that euid is 0 at this point so we
* can read the shadow passwd file if necesary.
*/
- sudo_pw_ent = sudo_getpwuid(getuid());
+ user_pw_ent = sudo_getpwuid(getuid());
set_perms(PERM_ROOT);
set_perms(PERM_USER);
- if (sudo_pw_ent == NULL) {
- /* need to make a fake sudo_pw_ent */
+ if (user_pw_ent == NULL) {
+ /* need to make a fake user_pw_ent */
struct passwd pw_ent;
char pw_name[MAX_UID_T_LEN+1];
pw_ent.pw_uid = getuid();
(void) sprintf(pw_name, "%ld", pw_ent.pw_uid);
pw_ent.pw_name = pw_name;
- sudo_pw_ent = &pw_ent;
+ user_pw_ent = &pw_ent;
/* complain, log, and die */
log_error(GLOBAL_NO_PW_ENT);
#endif /* UMASK */
#ifdef NO_ROOT_SUDO
- if (sudo_pw_ent -> pw_uid == 0) {
+ if (user_uid == 0) {
(void) fprintf(stderr,
"You are already root, you don't need to use sudo.\n");
exit(1);
}
/* add the SUDO_USER envariable */
- if (sudo_setenv("SUDO_USER", sudo_pw_ent -> pw_name)) {
+ if (sudo_setenv("SUDO_USER", user_name)) {
perror("malloc");
(void) fprintf(stderr, "%s: cannot allocate memory!\n", Argv[0]);
exit(1);
}
/* add the SUDO_UID envariable */
- (void) sprintf(idstr, "%ld", (long) sudo_pw_ent -> pw_uid);
+ (void) sprintf(idstr, "%ld", (long) user_uid);
if (sudo_setenv("SUDO_UID", idstr)) {
perror("malloc");
(void) fprintf(stderr, "%s: cannot allocate memory!\n", Argv[0]);
/* If we are running a shell command args start at position 1 */
if ((sudo_mode & MODE_SHELL)) {
- if (sudo_pw_ent->pw_shell && *sudo_pw_ent->pw_shell) {
- old_cmnd = sudo_pw_ent->pw_shell;
+ if (user_shell && *user_shell) {
+ old_cmnd = user_shell;
arg_start = 1;
} else {
(void) fprintf(stderr, "%s: Unable to determine shell.", Argv[0]);
break;
case PERM_USER :
- if (seteuid(sudo_pw_ent -> pw_uid)) {
- perror("seteuid(sudo_pw_ent -> pw_uid)");
+ if (seteuid(user_uid)) {
+ perror("seteuid(user_uid)");
exit(1);
}
break;
exit(1);
}
- if (setuid(sudo_pw_ent -> pw_uid)) {
+ if (setuid(user_uid)) {
perror("setuid(uid)");
exit(1);
}
#define PERM_FULL_USER 0x03
#define PERM_SUDOERS 0x04
+/*
+ * Shortcuts for user_pw_ent
+ */
+#define user_name (user_pw_ent -> pw_name)
+#define user_passwd (user_pw_ent -> pw_passwd)
+#define user_uid (user_pw_ent -> pw_uid)
+#define user_gid (user_pw_ent -> pw_gid)
+#define user_shell (user_pw_ent -> pw_shell)
+#define user_dir (user_pw_ent -> pw_dir)
+
/*
* Prototypes
*/
extern char cwd[];
extern struct interface *interfaces;
extern int num_interfaces;
-extern struct passwd *sudo_pw_ent;
+extern struct passwd *user_pw_ent;
extern char *tty;
extern char *cmnd;
extern char *cmnd_args;
char *cmnd_args = NULL;
char host[MAXHOSTNAMELEN+1];
char cwd[MAXPATHLEN+1];
-struct passwd *sudo_pw_ent;
+struct passwd *user_pw_ent;
char **Argv;
int Argc;
uid_t uid;
Argv = argv;
Argc = argc;
- sudo_pw_ent = &pw_ent; /* need sudo_pw_ent->pw_name defined */
+ user_pw_ent = &pw_ent; /* need user_pw_ent->pw_name defined */
cmnd = argv[1];
pw_ent.pw_name = argv[2];
*/
char host[] = "";
char *cmnd = "";
-struct passwd *sudo_pw_ent;
+struct passwd *user_pw_ent;
/********************************************************************
exit(1);
}
- /* sudo_pw_ent needs to be defined to _something_, this will do */
- sudo_pw_ent = pwd;
+ /* user_pw_ent needs to be defined to _something_, this will do */
+ user_pw_ent = pwd;
/*
* Copy sudoers file to stmp
projects / sudo / commitdiff