#if defined(HAVE_MALLOC_H) && !defined(STDC_HEADERS)
# include <malloc.h>
#endif /* HAVE_MALLOC_H && !STDC_HEADERS */
+#ifdef HAVE_ERR_H
+# include <err.h>
+#else
+# include "emul/err.h"
+#endif /* HAVE_ERR_H */
#include <limits.h>
#include "sudo.h"
# endif /* SIZE_T_MAX */
#endif /* SIZE_MAX */
-extern char **Argv; /* from sudo.c */
-
/*
* emalloc() calls the system malloc(3) and exits with an error if
* malloc(3) fails.
{
VOID *ptr;
- if (size == 0) {
- (void) fprintf(stderr, "%s: internal error, tried to emalloc(0)\n",
- Argv[0]);
- exit(1);
- }
- if ((ptr = (VOID *) malloc(size)) == NULL) {
- (void) fprintf(stderr, "%s: cannot allocate memory!\n", Argv[0]);
- exit(1);
- }
+ if (size == 0)
+ errx(1, "internal error, tried to emalloc(0)");
+
+ if ((ptr = (VOID *) malloc(size)) == NULL)
+ errx(1, "unable to allocate memory");
return(ptr);
}
{
VOID *ptr;
- if (nmemb == 0 || size == 0) {
- (void) fprintf(stderr, "%s: internal error, tried to emalloc2(0)\n",
- Argv[0]);
- exit(1);
- }
- if (nmemb > SIZE_MAX / size) {
- (void) fprintf(stderr, "%s: internal error, emalloc2() overflow\n",
- Argv[0]);
- exit(1);
- }
+ if (nmemb == 0 || size == 0)
+ errx(1, "internal error, tried to emalloc2(0)");
+ if (nmemb > SIZE_MAX / size)
+ errx(1, "internal error, emalloc2() overflow");
+
size *= nmemb;
- if ((ptr = (VOID *) malloc(size)) == NULL) {
- (void) fprintf(stderr, "%s: cannot allocate memory!\n", Argv[0]);
- exit(1);
- }
+ if ((ptr = (VOID *) malloc(size)) == NULL)
+ errx(1, "unable to allocate memory");
return(ptr);
}
size_t size;
{
- if (size == 0) {
- (void) fprintf(stderr, "%s: internal error, tried to erealloc(0)\n",
- Argv[0]);
- exit(1);
- }
+ if (size == 0)
+ errx(1, "internal error, tried to erealloc(0)");
+
ptr = ptr ? (VOID *) realloc(ptr, size) : (VOID *) malloc(size);
- if (ptr == NULL) {
- (void) fprintf(stderr, "%s: cannot allocate memory!\n", Argv[0]);
- exit(1);
- }
+ if (ptr == NULL)
+ errx(1, "unable to allocate memory");
return(ptr);
}
size_t size;
{
- if (nmemb == 0 || size == 0) {
- (void) fprintf(stderr, "%s: internal error, tried to erealloc3(0)\n",
- Argv[0]);
- exit(1);
- }
- if (nmemb > SIZE_MAX / size) {
- (void) fprintf(stderr, "%s: internal error, erealloc3() overflow\n",
- Argv[0]);
- exit(1);
- }
+ if (nmemb == 0 || size == 0)
+ errx(1, "internal error, tried to erealloc3(0)");
+ if (nmemb > SIZE_MAX / size)
+ errx(1, "internal error, erealloc3() overflow");
+
size *= nmemb;
ptr = ptr ? (VOID *) realloc(ptr, size) : (VOID *) malloc(size);
- if (ptr == NULL) {
- (void) fprintf(stderr, "%s: cannot allocate memory!\n", Argv[0]);
- exit(1);
- }
+ if (ptr == NULL)
+ errx(1, "unable to allocate memory");
return(ptr);
}
len = vasprintf(ret, fmt, ap);
va_end(ap);
- if (len == -1) {
- (void) fprintf(stderr, "%s: cannot allocate memory!\n", Argv[0]);
- exit(1);
- }
+ if (len == -1)
+ errx(1, "unable to allocate memory");
return(len);
}
{
int len;
- if ((len = vasprintf(ret, format, args)) == -1) {
- (void) fprintf(stderr, "%s: cannot allocate memory!\n", Argv[0]);
- exit(1);
- }
+ if ((len = vasprintf(ret, format, args)) == -1)
+ errx(1, "unable to allocate memory");
return(len);
}
/*
- * Copyright (c) 1999-2002 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 1999-2003 Todd C. Miller <Todd.Miller@courtesan.com>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
#ifdef HAVE_UNISTD_H
# include <unistd.h>
#endif /* HAVE_UNISTD_H */
+#ifdef HAVE_ERR_H
+# include <err.h>
+#else
+# include "emul/err.h"
+#endif /* HAVE_ERR_H */
#include <pwd.h>
#include <auth.h>
char resp[128]; /* Response from the server */
if ((confp = cfg_read("sudo")) == (Cfg *)-1) {
- (void) fprintf(stderr, "%s: cannot read fwtk config.\n", Argv[0]);
+ warnx("cannot read fwtk config");
return(AUTH_FATAL);
}
if (auth_open(confp)) {
- (void) fprintf(stderr, "%s: cannot connect to authentication server.\n",
- Argv[0]);
+ warnx("cannot connect to authentication server");
return(AUTH_FATAL);
}
/* Get welcome message from auth server */
if (auth_recv(resp, sizeof(resp))) {
- (void) fprintf(stderr,
- "%s: lost connection to authentication server.\n", Argv[0]);
+ warnx("lost connection to authentication server");
return(AUTH_FATAL);
}
if (strncmp(resp, "Authsrv ready", 13) != 0) {
- (void) fprintf(stderr,
- "%s: authentication server error.\n%s\n", Argv[0], resp);
+ warnx("authentication server error:\n%s", resp);
return(AUTH_FATAL);
}
/* Send username to authentication server. */
(void) snprintf(buf, sizeof(buf), "authorize %s 'sudo'", pw->pw_name);
if (auth_send(buf) || auth_recv(resp, sizeof(resp))) {
- (void) fprintf(stderr,
- "%s: lost connection to authentication server.\n", Argv[0]);
+ warnx("lost connection to authentication server");
return(AUTH_FATAL);
}
pass = tgetpass(prompt, def_ival(I_PASSWD_TIMEOUT) * 60,
tgetpass_flags);
} else {
- (void) fprintf(stderr, "%s: %s\n", Argv[0], resp);
+ warnx("%s", resp);
return(AUTH_FATAL);
}
if (!pass) { /* ^C or error */
/* Send the user's response to the server */
(void) snprintf(buf, sizeof(buf), "response '%s'", pass);
if (auth_send(buf) || auth_recv(resp, sizeof(resp))) {
- (void) fprintf(stderr,
- "%s: lost connection to authentication server.\n", Argv[0]);
+ warnx("lost connection to authentication server");
error = AUTH_FATAL;
goto done;
}
/* Main loop prints "Permission Denied" or insult. */
if (strcmp(resp, "Permission Denied.") != 0)
- fprintf(stderr, "%s: %s\n", Argv[0], resp);
+ warnx("%s", resp);
error = AUTH_FAILURE;
done:
memset(pass, 0, strlen(pass));
#ifdef HAVE_UNISTD_H
# include <unistd.h>
#endif /* HAVE_UNISTD_H */
+#ifdef HAVE_ERR_H
+# include <err.h>
+#else
+# include "emul/err.h"
+#endif /* HAVE_ERR_H */
#include <pwd.h>
#if defined(HAVE_SKEY)
*/
if (rfc1938challenge(&rfc1938, pw->pw_name, challenge, sizeof(challenge))) {
if (IS_ONEANDONLY(auth)) {
- (void) fprintf(stderr,
- "%s: You do not exist in the %s database.\n",
- Argv[0], auth->name);
+ warnx("you do not exist in the %s database", auth->name);
return(AUTH_FATAL);
} else {
return(AUTH_FAILURE);
/*
- * Copyright (c) 1999-2001 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 1999-2001, 2003 Todd C. Miller <Todd.Miller@courtesan.com>
* All rights reserved.
*
* This code is derived from software contributed by Giles Todd
#ifdef HAVE_UNISTD_H
# include <unistd.h>
#endif /* HAVE_UNISTD_H */
+#ifdef HAVE_ERR_H
+# include <err.h>
+#else
+# include "emul/err.h"
+#endif /* HAVE_ERR_H */
#include <pwd.h>
#include <sdi_athd.h>
strlcpy(sd->username, pw->pw_name, 32);
return(AUTH_SUCCESS);
} else {
- (void) fprintf(stderr, "%s: Cannot contact SecurID server\n", Argv[0]);
+ warnx("unable to contact the SecurID server");
return(AUTH_FATAL);
}
}
/*
- * Copyright (c) 1999-2002 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 1999-2003 Todd C. Miller <Todd.Miller@courtesan.com>
* Copyright (c) 2002 Michael Stroucken <michael@stroucken.org>
* All rights reserved.
*
#ifdef HAVE_UNISTD_H
# include <unistd.h>
#endif /* HAVE_UNISTD_H */
+#ifdef HAVE_ERR_H
+# include <err.h>
+#else
+# include "emul/err.h"
+#endif /* HAVE_ERR_H */
#include <pwd.h>
/* Needed for SecurID v5.0 Authentication on UNIX */
if (AceInitialize() != SD_FALSE)
return(AUTH_SUCCESS);
- fprintf(stderr, "Failed to initialise ACE API library.\n");
+ warnx("failed to initialise the ACE API library");
return(AUTH_FATAL);
}
/* Re-initialize SecurID every time. */
if (SD_Init(sd) != ACM_OK) {
- (void) fprintf(stderr, "%s: Cannot contact SecurID server\n", Argv[0]);
+ warnx("unable to contact the SecurID server");
return(AUTH_FATAL);
}
switch (retval) {
case ACE_UNDEFINED_USERNAME:
- fprintf(stderr, "Invalid username length for SecurID\n");
+ warnx("invalid username length for SecurID");
return(AUTH_FATAL);
case ACE_ERR_INVALID_HANDLE:
- fprintf(stderr, "Invalid Authentication Handle for SecurID\n");
+ warnx("invalid Authentication Handle for SecurID");
return(AUTH_FATAL);
case ACM_ACCESS_DENIED:
- fprintf(stderr, "SecurID communication has failed\n");
+ warnx("SecurID communication failed");
return(AUTH_FATAL);
case ACM_OK:
- fprintf(stderr, "User ID locked for SecurID Authentication\n");
+ warnx("User ID locked for SecurID Authentication");
return(AUTH_SUCCESS);
}
}
/* Have ACE verify password */
switch (SD_Check(*sd, pass, pw->pw_name)) {
case ACE_UNDEFINED_PASSCODE:
- fprintf(stderr, "Invalid passcode length for SecurID\n");
+ warnx("invalid passcode length for SecurID");
rval = AUTH_FATAL;
break;
case ACE_UNDEFINED_USERNAME:
- fprintf(stderr, "Invalid username length for SecurID\n");
+ warnx("invalid username length for SecurID");
rval = AUTH_FATAL;
break;
case ACE_ERR_INVALID_HANDLE:
- fprintf(stderr, "Invalid Authentication Handle for SecurID\n");
+ warnx("invalid Authentication Handle for SecurID");
rval = AUTH_FATAL;
case ACM_ACCESS_DENIED:
/*
- * Copyright (c) 1999-2001 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 1999-2001, 2003 Todd C. Miller <Todd.Miller@courtesan.com>
* All rights reserved.
*
* This code is derived from software contributed by Spider Boardman
sudo_auth *auth;
{
SIAENTITY *siah = NULL;
+ extern int Argc;
+ extern char **Argv;
if (sia_ses_init(&siah, Argc, Argv, NULL, pw->pw_name, ttyname(0), 1, NULL)
!= SIASUCCESS) {
#ifdef HAVE_UNISTD_H
# include <unistd.h>
#endif /* HAVE_UNISTD_H */
+#ifdef HAVE_ERR_H
+# include <err.h>
+#else
+# include "emul/err.h"
+#endif /* HAVE_ERR_H */
#include <errno.h>
#include <fcntl.h>
#include <signal.h>
oflow:
/* We pre-allocate enough space, so this should never happen. */
- (void) fprintf(stderr, "%s: internal error, expand_prompt() overflow\n",
- Argv[0]);
- exit(1);
+ errx(1, "internal error, expand_prompt() overflow");
}
/*
else
status = rmdir(timestampdir);
if (status == -1 && errno != ENOENT) {
- log_error(NO_EXIT, "can't remove %s (%s), will reset to epoch",
+ log_error(NO_EXIT, "can't remove %s (%s), will reset to Epoch",
ts, strerror(errno));
remove = FALSE;
}
}
- if (!remove && touch(ts, 0) == -1) {
- (void) fprintf(stderr, "%s: can't reset %s to epoch: %s\n",
- Argv[0], ts, strerror(errno));
- }
+ if (!remove && touch(ts, 0) == -1)
+ err(1, "can't reset %s to Epoch", ts);
}
free(timestampdir);
# define RLIM_INFINITY (-1)
#endif
+/*
+ * If we lack getprogname(), emulate with __progname if possible.
+ * Otherwise, add a prototype for use with our own getprogname.c.
+ */
+#ifndef HAVE_GETPROGNAME
+# ifdef HAVE___PROGNAME
+extern const char *__progname;
+# define getprogname() (__progname)
+# else
+const char *getprogname __P((void));
+#endif /* HAVE___PROGNAME */
+#endif /* !HAVE_GETPROGNAME */
+
#endif /* _SUDO_COMPAT_H */
/*
- * Copyright (c) 1999-2001 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 1999-2001, 2003 Todd C. Miller <Todd.Miller@courtesan.com>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
# ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif /* HAVE_UNISTD_H */
+#ifdef HAVE_ERR_H
+# include <err.h>
+#else
+# include "emul/err.h"
+#endif /* HAVE_ERR_H */
#include <ctype.h>
#include "sudo.h"
break;
}
if (!cur->name) {
- (void) fprintf(stderr,
- "%s: unknown defaults entry `%s' referenced near line %d\n", Argv[0],
+ warnx("unknown defaults entry `%s' referenced near line %d",
var, sudolineno);
return(FALSE);
}
case T_LOGFAC:
if (!store_syslogfac(val, cur, op)) {
if (val)
- (void) fprintf(stderr,
- "%s: value '%s' is invalid for option '%s'\n", Argv[0],
- val, var);
+ warnx("value `%s' is invalid for option `%s'", val, var);
else
- (void) fprintf(stderr,
- "%s: no value specified for `%s' on line %d\n", Argv[0],
+ warnx("no value specified for `%s' on line %d",
var, sudolineno);
return(FALSE);
}
case T_LOGPRI:
if (!store_syslogpri(val, cur, op)) {
if (val)
- (void) fprintf(stderr,
- "%s: value '%s' is invalid for option '%s'\n", Argv[0],
- val, var);
+ warnx("value `%s' is invalid for option `%s'", val, var);
else
- (void) fprintf(stderr,
- "%s: no value specified for `%s' on line %d\n", Argv[0],
+ warnx("no value specified for `%s' on line %d",
var, sudolineno);
return(FALSE);
}
case T_PWFLAG:
if (!store_pwflag(val, cur, op)) {
if (val)
- (void) fprintf(stderr,
- "%s: value '%s' is invalid for option '%s'\n", Argv[0],
- val, var);
+ warnx("value `%s' is invalid for option `%s'", val, var);
else
- (void) fprintf(stderr,
- "%s: no value specified for `%s' on line %d\n", Argv[0],
+ warnx("no value specified for `%s' on line %d",
var, sudolineno);
return(FALSE);
}
if (!val) {
/* Check for bogus boolean usage or lack of a value. */
if (!(cur->type & T_BOOL) || op != FALSE) {
- (void) fprintf(stderr,
- "%s: no value specified for `%s' on line %d\n", Argv[0],
+ warnx("no value specified for `%s' on line %d",
var, sudolineno);
return(FALSE);
}
}
if ((cur->type & T_PATH) && val && *val != '/') {
- (void) fprintf(stderr,
- "%s: values for `%s' must start with a '/'\n", Argv[0],
- var);
+ warnx("values for `%s' must start with a '/'", var);
return(FALSE);
}
if (!store_str(val, cur, op)) {
- (void) fprintf(stderr,
- "%s: value '%s' is invalid for option '%s'\n", Argv[0],
- val, var);
+ warnx("value `%s' is invalid for option `%s'", val, var);
return(FALSE);
}
break;
if (!val) {
/* Check for bogus boolean usage or lack of a value. */
if (!(cur->type & T_BOOL) || op != FALSE) {
- (void) fprintf(stderr,
- "%s: no value specified for `%s' on line %d\n", Argv[0],
+ warnx("no value specified for `%s' on line %d",
var, sudolineno);
return(FALSE);
}
}
if (!store_int(val, cur, op)) {
- (void) fprintf(stderr,
- "%s: value '%s' is invalid for option '%s'\n", Argv[0],
- val, var);
+ warnx("value `%s' is invalid for option `%s'", val, var);
return(FALSE);
}
break;
if (!val) {
/* Check for bogus boolean usage or lack of a value. */
if (!(cur->type & T_BOOL) || op != FALSE) {
- (void) fprintf(stderr,
- "%s: no value specified for `%s' on line %d\n", Argv[0],
+ warnx("no value specified for `%s' on line %d",
var, sudolineno);
return(FALSE);
}
}
if (!store_uint(val, cur, op)) {
- (void) fprintf(stderr,
- "%s: value '%s' is invalid for option '%s'\n", Argv[0],
- val, var);
+ warnx("value `%s' is invalid for option `%s'", val, var);
return(FALSE);
}
break;
if (!val) {
/* Check for bogus boolean usage or lack of a value. */
if (!(cur->type & T_BOOL) || op != FALSE) {
- (void) fprintf(stderr,
- "%s: no value specified for `%s' on line %d\n", Argv[0],
+ warnx("no value specified for `%s' on line %d",
var, sudolineno);
return(FALSE);
}
}
if (!store_mode(val, cur, op)) {
- (void) fprintf(stderr,
- "%s: value '%s' is invalid for option '%s'\n", Argv[0],
- val, var);
+ warnx("value `%s' is invalid for option `%s'", val, var);
return(FALSE);
}
break;
case T_FLAG:
if (val) {
- (void) fprintf(stderr,
- "%s: option `%s' does not take a value on line %d\n",
- Argv[0], var, sudolineno);
+ warnx("option `%s' does not take a value on line %d",
+ var, sudolineno);
return(FALSE);
}
cur->sd_un.flag = op;
if (!val) {
/* Check for bogus boolean usage or lack of a value. */
if (!(cur->type & T_BOOL) || op != FALSE) {
- (void) fprintf(stderr,
- "%s: no value specified for `%s' on line %d\n", Argv[0],
+ warnx("no value specified for `%s' on line %d",
var, sudolineno);
return(FALSE);
}
}
if (!store_list(val, cur, op)) {
- (void) fprintf(stderr,
- "%s: value '%s' is invalid for option '%s'\n", Argv[0],
- val, var);
+ warnx("value `%s' is invalid for option `%s'", val, var);
return(FALSE);
}
}
#ifdef HAVE_UNISTD_H
# include <unistd.h>
#endif /* HAVE_UNISTD_H */
+#ifdef HAVE_ERR_H
+# include <err.h>
+#else
+# include "emul/err.h"
+#endif /* HAVE_ERR_H */
#include <pwd.h>
-#include <errno.h>
#include "sudo.h"
#endif
#ifdef HAVE_KERB4
"KRB_CONF*",
- "KRBCONFDIR"
+ "KRBCONFDIR",
"KRBTKFILE",
#endif /* HAVE_KERB4 */
#ifdef HAVE_KERB5
if (strlcpy(estring, var, esize) >= esize ||
strlcat(estring, "=", esize) >= esize ||
strlcat(estring, val, esize) >= esize) {
- (void) fprintf(stderr, "%s: internal error, format_env() overflow\n",
- Argv[0]);
- exit(1);
+
+ errx(1, "internal error, format_env() overflow");
}
return(estring);
#ifdef HAVE_UNISTD_H
# include <unistd.h>
#endif /* HAVE_UNISTD_H */
-#include <errno.h>
+#ifdef HAVE_ERR_H
+# include <err.h>
+#else
+# include "emul/err.h"
+#endif /* HAVE_ERR_H */
#include "sudo.h"
int checkdot = 0; /* check current dir? */
int len; /* length parameter */
- if (strlen(infile) >= MAXPATHLEN) {
- (void) fprintf(stderr, "%s: path too long: %s\n", Argv[0], infile);
- exit(1);
- }
+ if (strlen(infile) >= MAXPATHLEN)
+ errx(1, "%s: File name too long", infile);
/*
* If we were given a fully qualified or relative path
* Resolve the path and exit the loop if found.
*/
len = snprintf(command, sizeof(command), "%s/%s", path, infile);
- if (len <= 0 || len >= sizeof(command)) {
- (void) fprintf(stderr, "%s: path too long: %s\n", Argv[0], infile);
- exit(1);
- }
+ if (len <= 0 || len >= sizeof(command))
+ errx(1, "%s: File name too long", infile);
if ((result = sudo_goodpath(command)))
break;
#ifdef HAVE_UNISTD_H
# include <unistd.h>
#endif /* HAVE_UNISTD_H */
+#ifdef HAVE_ERR_H
+# include <err.h>
+#else
+# include "emul/err.h"
+#endif /* HAVE_ERR_H */
#include <netdb.h>
-#include <errno.h>
#ifdef _ISC
# include <sys/stream.h>
# include <sys/sioctl.h>
# include <sys/stropts.h>
-# include <net/errno.h>
# define STRSET(cmd, param, len) {strioctl.ic_cmd=(cmd);\
strioctl.ic_dp=(param);\
strioctl.ic_timout=0;\
#endif /* _ISC */
sock = socket(AF_INET, SOCK_DGRAM, 0);
- if (sock < 0) {
- (void) fprintf(stderr, "%s: cannot open socket: %s\n",
- Argv[0], strerror(errno));
- exit(1);
- }
+ if (sock < 0)
+ err(1, "cannot open socket");
/*
* Get interface configuration or return (leaving num_interfaces == 0)
puts("Local IP address and netmask pairs:");
for (i = 0; i < num_interfaces; i++)
printf("\t%s / 0x%x\n", inet_ntoa(interfaces[i].addr),
- ntohl(interfaces[i].netmask.s_addr));
+ (unsigned int)ntohl(interfaces[i].netmask.s_addr));
}
#ifdef HAVE_UNISTD_H
# include <unistd.h>
#endif /* HAVE_UNISTD_H */
+#ifdef HAVE_ERR_H
+# include <err.h>
+#else
+# include "emul/err.h"
+#endif /* HAVE_ERR_H */
#include <pwd.h>
#include <signal.h>
#include <time.h>
va_start(ap);
#endif
#ifdef LOG_NFACILITIES
- openlog(Argv[0], 0, def_ival(I_LOGFAC));
+ openlog("sudo", 0, def_ival(I_LOGFAC));
#else
- openlog(Argv[0], 0);
+ openlog("sudo", 0);
#endif
vsnprintf(buf, sizeof(buf), fmt, ap);
#ifdef BROKEN_SYSLOG
/*
* Tell the user.
*/
- (void) fprintf(stderr, "%s: %s", Argv[0], message);
if (flags & USE_ERRNO)
- (void) fprintf(stderr, ": %s", strerror(serrno));
- (void) fputc('\n', stderr);
+ warn("%s", message);
+ else
+ warnx("%s", message);
/*
* Send a copy of the error via mail.
(void) sigaddset(&set, SIGCHLD);
(void) sigprocmask(SIG_BLOCK, &set, &oset);
- if (pipe(pfd) == -1) {
- (void) fprintf(stderr, "%s: cannot open pipe: %s\n",
- Argv[0], strerror(errno));
- exit(1);
- }
+ if (pipe(pfd) == -1)
+ err(1, "cannot open pipe");
switch (pid = fork()) {
case -1:
/* Error. */
- (void) fprintf(stderr, "%s: cannot fork: %s\n",
- Argv[0], strerror(errno));
- exit(1);
+ err(1, "cannot fork");
break;
case 0:
{
#endif /* HAVE_UNISTD_H */
#ifdef HAVE_FNMATCH
# include <fnmatch.h>
-#endif /* HAVE_FNMATCH_H */
+#endif /* HAVE_FNMATCH */
#ifdef HAVE_NETGROUP_H
# include <netgroup.h>
#endif /* HAVE_NETGROUP_H */
* with this distribution.
*/
-#define _SUDO_SUDO_C
+#define _SUDO_MAIN
#include "config.h"
#ifdef HAVE_UNISTD_H
# include <unistd.h>
#endif /* HAVE_UNISTD_H */
+#ifdef HAVE_ERR_H
+# include <err.h>
+#else
+# include "emul/err.h"
+#endif /* HAVE_ERR_H */
#include <pwd.h>
#include <errno.h>
#include <fcntl.h>
* Prototypes
*/
static int init_vars __P((int));
-static int parse_args __P((void));
+static int parse_args __P((int, char **));
static void check_sudoers __P((void));
static void initial_setup __P((void));
static void set_loginclass __P((struct passwd *));
/*
* Globals
*/
-int Argc;
-char **Argv;
-int NewArgc = 0;
-char **NewArgv = NULL;
+int Argc, NewArgc;
+char **Argv, **NewArgv;
struct sudo_user sudo_user;
struct passwd *auth_pw;
-FILE *sudoers_fp = NULL;
+FILE *sudoers_fp;
struct interface *interfaces;
int num_interfaces;
int tgetpass_flags;
extern int printmatches;
extern char **environ;
+ Argc = argc;
+ Argv = argv;
+
/* Must be done as the first thing... */
#if defined(HAVE_GETPRPWNAM) && defined(HAVE_SET_AUTH_PARAMETERS)
- (void) set_auth_parameters(argc, argv);
+ (void) set_auth_parameters(Argc, Argv);
# ifdef HAVE_INITPRIVS
initprivs();
# endif
/* Zero out the environment. */
environ = zero_env(envp);
- Argv = argv;
- Argc = argc;
-
- if (geteuid() != 0) {
- (void) fprintf(stderr, "Sorry, %s must be setuid root.\n", Argv[0]);
- exit(1);
- }
+ if (geteuid() != 0)
+ errx(1, "must be setuid root");
/*
* Signal setup:
setpwent();
/* Parse our arguments. */
- sudo_mode = parse_args();
+ sudo_mode = parse_args(Argc, Argv);
/* Setup defaults data structures. */
init_defaults();
if (user_uid == 0 && !def_flag(I_ROOT_SUDO)) {
(void) fprintf(stderr,
"Sorry, %s has been configured to not allow root to run it.\n",
- Argv[0]);
+ getprogname());
exit(1);
}
if (validated & VALIDATE_OK) {
/* Finally tell the user if the command did not exist. */
if (cmnd_status == NOT_FOUND_DOT) {
- (void) fprintf(stderr, "%s: ignoring `%s' found in '.'\nUse `sudo ./%s' if this is the `%s' you wish to run.\n", Argv[0], user_cmnd, user_cmnd, user_cmnd);
+ warnx("ignoring `%s' found in '.'\nUse `sudo ./%s' if this is the `%s' you wish to run.", user_cmnd, user_cmnd, user_cmnd);
exit(1);
} else if (cmnd_status == NOT_FOUND) {
- (void) fprintf(stderr, "%s: %s: command not found\n", Argv[0],
- user_cmnd);
+ warnx("%s: command not found", user_cmnd);
exit(1);
}
/*
* If we got here then the exec() failed...
*/
- (void) fprintf(stderr, "%s: unable to exec %s: %s\n",
- Argv[0], safe_cmnd, strerror(errno));
+ warn("unable to execute %s", safe_cmnd);
exit(127);
} else if ((validated & FLAG_NO_USER) || (validated & FLAG_NO_HOST)) {
log_auth(validated, 1);
log_auth(validated,
!(cmnd_status == NOT_FOUND_DOT || cmnd_status == NOT_FOUND));
if (cmnd_status == NOT_FOUND)
- (void) fprintf(stderr, "%s: %s: command not found\n", Argv[0],
- user_cmnd);
+ warnx("%s: command not found", user_cmnd);
else if (cmnd_status == NOT_FOUND_DOT)
- (void) fprintf(stderr, "%s: ignoring `%s' found in '.'\nUse `sudo ./%s' if this is the `%s' you wish to run.\n", Argv[0], user_cmnd, user_cmnd, user_cmnd);
+ warnx("ignoring `%s' found in '.'\nUse `sudo ./%s' if this is the `%s' you wish to run.", user_cmnd, user_cmnd, user_cmnd);
} else {
/* Just tell the user they are not allowed to run foo. */
log_auth(validated, 1);
int nohostname, rval;
/* Sanity check command from user. */
- if (user_cmnd == NULL && strlen(NewArgv[0]) >= MAXPATHLEN) {
- (void) fprintf(stderr, "%s: %s: Pathname too long\n", Argv[0],
- NewArgv[0]);
- exit(1);
- }
+ if (user_cmnd == NULL && strlen(NewArgv[0]) >= MAXPATHLEN)
+ errx(1, "%s: File name too long", NewArgv[0]);
#ifdef HAVE_TZSET
(void) tzset(); /* set the timezone if applicable */
if (!getcwd(user_cwd, sizeof(user_cwd))) {
set_perms(PERM_ROOT);
if (!getcwd(user_cwd, sizeof(user_cwd))) {
- (void) fprintf(stderr, "%s: Can't get working directory!\n",
- Argv[0]);
+ warnx("cannot get working directory");
(void) strlcpy(user_cwd, "unknown", sizeof(user_cwd));
}
} else
NewArgv = (char **) emalloc2((++NewArgc + 1), sizeof(char *));
if (user_shell && *user_shell) {
NewArgv[0] = user_shell;
- } else {
- (void) fprintf(stderr, "%s: Unable to determine shell.", Argv[0]);
- exit(1);
- }
+ } else
+ errx(1, "unable to determine shell");
- /* copy the args from Argv */
+ /* copy the args from NewArgv */
for (dst = NewArgv + 1; (*dst = *src) != NULL; ++src, ++dst)
;
}
user_args = (char *) emalloc(size);
for (to = user_args, from = NewArgv + 1; *from; from++) {
n = strlcpy(to, *from, size - (to - user_args));
- if (n >= size - (to - user_args)) {
- (void) fprintf(stderr,
- "%s: internal error, init_vars() overflow\n", Argv[0]);
- exit(1);
- }
+ if (n >= size - (to - user_args))
+ errx(1, "internal error, init_vars() overflow");
to += n;
*to++ = ' ';
}
* Command line argument parsing, can't use getopt(3).
*/
static int
-parse_args()
+parse_args(argc, argv)
+ int argc;
+ char **argv;
{
int rval = MODE_RUN; /* what mode is sudo to be run in? */
int excl = 0; /* exclusive arg, no others allowed */
- NewArgv = Argv + 1;
- NewArgc = Argc - 1;
+ NewArgv = argv + 1;
+ NewArgc = argc - 1;
if (NewArgc == 0) { /* no options and no command */
rval |= (MODE_IMPLIED_SHELL | MODE_SHELL);
}
while (NewArgc > 0 && NewArgv[0][0] == '-') {
- if (NewArgv[0][1] != '\0' && NewArgv[0][2] != '\0') {
- (void) fprintf(stderr, "%s: Please use single character options\n",
- Argv[0]);
- usage(1);
- }
+ if (NewArgv[0][1] != '\0' && NewArgv[0][2] != '\0')
+ warnx("please use single character options");
switch (NewArgv[0][1]) {
case 'p':
user_prompt = NewArgv[1];
- /* Shift Argv over and adjust Argc. */
NewArgc--;
NewArgv++;
break;
user_runas = &NewArgv[1];
- /* Shift Argv over and adjust Argc. */
NewArgc--;
NewArgv++;
break;
login_style = NewArgv[1];
- /* Shift Argv over and adjust Argc. */
NewArgc--;
NewArgv++;
break;
login_class = NewArgv[1];
def_flag(I_USE_LOGINCLASS) = TRUE;
- /* Shift Argv over and adjust Argc. */
NewArgc--;
NewArgv++;
break;
rval |= (MODE_IMPLIED_SHELL | MODE_SHELL);
return(rval);
case '\0':
- (void) fprintf(stderr, "%s: '-' requires an argument\n",
- Argv[0]);
+ warnx("'-' requires an argument");
usage(1);
default:
- (void) fprintf(stderr, "%s: Illegal option %s\n", Argv[0],
- NewArgv[0]);
+ warnx("illegal option `%s'", NewArgv[0]);
usage(1);
}
NewArgc--;
(statbuf.st_mode & 0007777) == 0400) {
if (chmod(_PATH_SUDOERS, SUDOERS_MODE) == 0) {
- (void) fprintf(stderr, "%s: fixed mode on %s\n",
- Argv[0], _PATH_SUDOERS);
+ warnx("fixed mode on %s", _PATH_SUDOERS);
statbuf.st_mode |= SUDOERS_MODE;
if (statbuf.st_gid != SUDOERS_GID) {
if (!chown(_PATH_SUDOERS,(uid_t) -1,SUDOERS_GID)) {
- (void) fprintf(stderr, "%s: set group on %s\n",
- Argv[0], _PATH_SUDOERS);
+ warnx("set group on %s", _PATH_SUDOERS);
statbuf.st_gid = SUDOERS_GID;
- } else {
- (void) fprintf(stderr,"%s: Unable to set group on %s: %s\n",
- Argv[0], _PATH_SUDOERS, strerror(errno));
- }
+ } else
+ warn("unable to set group on %s", _PATH_SUDOERS);
}
- } else {
- (void) fprintf(stderr, "%s: Unable to fix mode on %s: %s\n",
- Argv[0], _PATH_SUDOERS, strerror(errno));
- }
+ } else
+ warn("unable to fix mode on %s", _PATH_SUDOERS);
}
/*
errflags = NO_MAIL|MSG_ONLY|NO_EXIT;
if (login_class && strcmp(login_class, "-") != 0) {
- if (strcmp(*user_runas, "root") != 0 && user_uid != 0) {
- (void) fprintf(stderr, "%s: only root can use -c %s\n",
- Argv[0], login_class);
- exit(1);
- }
+ if (strcmp(*user_runas, "root") != 0 && user_uid != 0)
+ errx(1, "only root can use -c %s", login_class);
} else {
login_class = pw->pw_class;
if (!login_class || !*login_class)
YY_DECL;
/* Only provide extern declarations outside of sudo.c. */
-#ifndef _SUDO_SUDO_C
+#ifndef _SUDO_MAIN
extern struct sudo_user sudo_user;
extern struct passwd *auth_pw;
-extern int Argc;
-extern char **Argv;
extern FILE *sudoers_fp;
extern int tgetpass_flags;
extern uid_t timestamp_uid;
* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
+#define _SUDO_MAIN
+
#include "config.h"
#include <sys/param.h>
#endif /* HAVE_UNISTD_H */
#ifdef HAVE_FNMATCH
# include <fnmatch.h>
-#endif /* HAVE_FNMATCH_H */
+#endif /* HAVE_FNMATCH */
#ifdef HAVE_NETGROUP_H
# include <netgroup.h>
#endif /* HAVE_NETGROUP_H */
+#ifdef HAVE_ERR_H
+# include <err.h>
+#else
+# include "emul/err.h"
+#endif /* HAVE_ERR_H */
#include <ctype.h>
#include <pwd.h>
#include <grp.h>
/*
* Globals
*/
-char **Argv, **NewArgv;
int Argc, NewArgc;
+char **Argv, **NewArgv;
int parse_error = FALSE;
int num_interfaces;
struct interface *interfaces;
struct sudo_user sudo_user;
-void (*set_perms) __P((int)) = set_perms_dummy;
extern int clearaliases;
extern int pedantic;
+void (*set_perms) __P((int)) = set_perms_dummy;
/*
* Returns TRUE if "s" has shell meta characters in it,
NewArgc = Argc - 3;
} else {
(void) fprintf(stderr,
- "usage: %s [-u user] <user> <host> <command> [args]\n", Argv[0]);
+ "usage: sudo [-u user] <user> <host> <command> [args]\n");
exit(1);
}
user_args = (char *) emalloc(size);
for (to = user_args, from = NewArgv + 1; *from; from++) {
n = strlcpy(to, *from, size - (to - user_args));
- if (n >= size - (to - user_args)) {
- (void) fprintf(stderr,
- "%s: internal error, init_vars() overflow\n", Argv[0]);
- exit(1);
- }
+ if (n >= size - (to - user_args))
+ errx(1, "internal error, init_vars() overflow");
to += n;
*to++ = ' ';
}
* Lock the sudoers file for safe editing (ala vipw) and check for parse errors.
*/
+#define _SUDO_MAIN
+
#include "config.h"
#include <sys/types.h>
#ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif /* HAVE_UNISTD_H */
+#ifdef HAVE_ERR_H
+# include <err.h>
+#else
+# include "emul/err.h"
+#endif /* HAVE_ERR_H */
#include <ctype.h>
#include <pwd.h>
#include <time.h>
/* Warn about aliases that are used before being defined. */
pedantic = 1;
- /*
- * Parse command line options
- */
- Argv = argv;
+ Argv = argv; /* for warn/err */
/*
* Arg handling.
while ((ch = getopt(argc, argv, "Vcf:sq")) != -1) {
switch (ch) {
case 'V':
- (void) printf("visudo version %s\n", version);
+ (void) printf("%s version %s\n", getprogname(), version);
exit(0);
case 'c':
checkonly++; /* check mode */
/* Mock up a fake sudo_user struct. */
user_host = user_shost = user_cmnd = "";
- if ((sudo_user.pw = getpwuid(getuid())) == NULL) {
- (void) fprintf(stderr, "%s: Can't find you in the passwd database.\n",
- Argv[0]);
- exit(1);
- }
+ if ((sudo_user.pw = getpwuid(getuid())) == NULL)
+ errx(1, "you don't exist in the passwd database");
/* Setup defaults data structures. */
init_defaults();
* sudoers_fd must remain open throughout in order to hold the lock.
*/
sudoers_fd = open(sudoers, O_RDWR | O_CREAT, SUDOERS_MODE);
- if (sudoers_fd == -1) {
- (void) fprintf(stderr, "%s: %s: %s\n", Argv[0], sudoers,
- strerror(errno));
- exit(1);
- }
- if (!lock_file(sudoers_fd, SUDO_TLOCK)) {
- (void) fprintf(stderr, "%s: sudoers file busy, try again later.\n",
- Argv[0]);
- exit(1);
- }
+ if (sudoers_fd == -1)
+ err(1, "%s", sudoers);
+ if (!lock_file(sudoers_fd, SUDO_TLOCK))
+ errx(1, "sudoers file busy, try again later");
#ifdef HAVE_FSTAT
- if (fstat(sudoers_fd, &sudoers_sb) == -1) {
+ if (fstat(sudoers_fd, &sudoers_sb) == -1)
#else
- if (stat(sudoers, &sudoers_sb) == -1) {
+ if (stat(sudoers, &sudoers_sb) == -1)
#endif
- (void) fprintf(stderr, "%s: can't stat %s: %s\n",
- Argv[0], sudoers, strerror(errno));
- exit(1);
- }
+ err(1, "can't stat %s", sudoers);
/*
* Open sudoers temp file.
*/
stmp_fd = open(stmp, O_WRONLY | O_CREAT | O_TRUNC, 0600);
- if (stmp_fd < 0) {
- (void) fprintf(stderr, "%s: %s: %s\n", Argv[0], stmp, strerror(errno));
- exit(1);
- }
+ if (stmp_fd < 0)
+ err(1, "%s", stmp);
/* Install signal handlers to clean up stmp if we are killed. */
setup_signals();
/* Copy sudoers -> stmp and reset the mtime */
if (sudoers_sb.st_size) {
while ((n = read(sudoers_fd, buf, sizeof(buf))) > 0)
- if (write(stmp_fd, buf, n) != n) {
- (void) fprintf(stderr, "%s: Write failed: %s\n", Argv[0],
- strerror(errno));
- Exit(-1);
- }
+ if (write(stmp_fd, buf, n) != n)
+ err(1, "write error");
/* Add missing newline at EOF if needed. */
if (n > 0 && buf[n - 1] != '\n') {
} else {
if (def_flag(I_ENV_EDITOR)) {
/* If we are honoring $EDITOR this is a fatal error. */
- (void) fprintf(stderr,
- "%s: specified editor (%s) doesn't exist!\n",
- Argv[0], UserEditor);
+ warnx("specified editor (%s) doesn't exist!", UserEditor);
Exit(-1);
} else {
/* Otherwise, just ignore $EDITOR. */
if (stat(UserEditor, &user_editor_sb) != 0) {
/* Should never happen since we already checked above. */
- (void) fprintf(stderr, "%s: unable to stat editor (%s): %s\n",
- Argv[0], UserEditor, strerror(errno));
+ warn("unable to stat editor (%s)", UserEditor);
Exit(-1);
}
EditorPath = estrdup(def_str(I_EDITOR));
/* Bleah, none of the editors existed! */
if (Editor == NULL || *Editor == '\0') {
- (void) fprintf(stderr, "%s: no editor found (editor path = %s)\n",
- Argv[0], def_str(I_EDITOR));
+ warnx("no editor found (editor path = %s)", def_str(I_EDITOR));
Exit(-1);
}
}
* Sanity checks.
*/
if (stat(stmp, &stmp_sb) < 0) {
- (void) fprintf(stderr,
- "%s: Can't stat temporary file (%s), %s unchanged.\n",
- Argv[0], stmp, sudoers);
+ warnx("cannot stat temporary file (%s), %s unchanged",
+ stmp, sudoers);
Exit(-1);
}
if (stmp_sb.st_size == 0) {
- (void) fprintf(stderr,
- "%s: Zero length temporary file (%s), %s unchanged.\n",
- Argv[0], stmp, sudoers);
+ warnx("zero length temporary file (%s), %s unchanged",
+ stmp, sudoers);
Exit(-1);
}
yyout = stdout;
yyin = fopen(stmp, "r+");
if (yyin == NULL) {
- (void) fprintf(stderr,
- "%s: Can't re-open temporary file (%s), %s unchanged.\n",
- Argv[0], stmp, sudoers);
+ warnx("can't re-open temporary file (%s), %s unchanged.",
+ stmp, sudoers);
Exit(-1);
}
/* Parse the sudoers temp file */
yyrestart(yyin);
if (yyparse() && parse_error != TRUE) {
- (void) fprintf(stderr,
- "%s: Failed to parse temporary file (%s), unknown error.\n",
- Argv[0], stmp);
+ warnx("unabled to parse temporary file (%s), unknown error",
+ stmp);
parse_error = TRUE;
}
fclose(yyin);
} else {
- (void) fprintf(stderr,
- "%s: Editor (%s) failed, %s unchanged.\n", Argv[0],
- Editor, sudoers);
+ warnx("editor (%s) failed, %s unchanged", Editor, sudoers);
Exit(-1);
}
*/
if (sudoers_sb.st_mtime != now && sudoers_sb.st_mtime == stmp_sb.st_mtime &&
sudoers_sb.st_size == stmp_sb.st_size) {
- (void) fprintf(stderr, "%s: sudoers file unchanged.\n", Argv[0]);
+ warnx("sudoers file unchanged");
Exit(0);
}
* we move it to sudoers things are kosher.
*/
if (chown(stmp, SUDOERS_UID, SUDOERS_GID)) {
- (void) fprintf(stderr,
- "%s: Unable to set (uid, gid) of %s to (%d, %d): %s\n",
- Argv[0], stmp, SUDOERS_UID, SUDOERS_GID, strerror(errno));
+ warn("unable to set (uid, gid) of %s to (%d, %d)",
+ stmp, SUDOERS_UID, SUDOERS_GID);
Exit(-1);
}
if (chmod(stmp, SUDOERS_MODE)) {
- (void) fprintf(stderr,
- "%s: Unable to change mode of %s to %o: %s\n",
- Argv[0], stmp, SUDOERS_MODE, strerror(errno));
+ warn("unable to change mode of %s to 0%o", stmp, SUDOERS_MODE);
Exit(-1);
}
*/
if (rename(stmp, sudoers)) {
if (errno == EXDEV) {
- (void) fprintf(stderr,
- "%s: %s and %s not on the same filesystem, using mv to rename.\n",
- Argv[0], stmp, sudoers);
+ warnx("%s and %s not on the same filesystem, using mv to rename",
+ stmp, sudoers);
/* Build up argument vector for the command */
if ((av[0] = strrchr(_PATH_MV, '/')) != NULL)
/* And run it... */
if (run_command(_PATH_MV, av)) {
- (void) fprintf(stderr,
- "%s: Command failed: '%s %s %s', %s unchanged.\n",
- Argv[0], _PATH_MV, stmp, sudoers, sudoers);
+ warnx("command failed: '%s %s %s', %s unchanged",
+ _PATH_MV, stmp, sudoers, sudoers);
Exit(-1);
}
} else {
- (void) fprintf(stderr, "%s: Error renaming %s, %s unchanged: %s\n",
- Argv[0], stmp, sudoers, strerror(errno));
+ warn("error renaming %s, %s unchanged", stmp, sudoers);
Exit(-1);
}
}
switch (pid = fork()) {
case -1:
- (void) fprintf(stderr,
- "%s: unable to run %s: %s\n", Argv[0], path, strerror(errno));
+ warn("unable to run %s", path);
Exit(-1);
break; /* NOTREACHED */
case 0:
(void) sigprocmask(SIG_SETMASK, &oset, NULL);
execv(path, argv);
- (void) fprintf(stderr,
- "%s: unable to run %s: %s\n", Argv[0], path, strerror(errno));
+ warn("unable to run %s", path);
_exit(127);
break; /* NOTREACHED */
}
if ((yyin = fopen(sudoers, "r")) == NULL) {
if (!quiet)
- (void) fprintf(stderr, "%s: unable to open %s: %s\n", Argv[0],
- sudoers, strerror(errno));
+ warn("unable to open %s", sudoers);
exit(1);
}
yyout = stdout;
init_parser();
if (yyparse() && parse_error != TRUE) {
if (!quiet)
- (void) fprintf(stderr,
- "%s: failed to parse %s file, unknown error.\n",
- Argv[0], sudoers);
+ warnx("failed to parse %s file, unknown error", sudoers);
parse_error = TRUE;
}
if (!quiet){
(void) unlink(stmp);
if (sig > 0) {
- write(STDERR_FILENO, Argv[0], strlen(Argv[0]));
+ write(STDERR_FILENO, getprogname(), strlen(getprogname()));
write(STDERR_FILENO, emsg, sizeof(emsg) - 1);
_exit(-sig);
}
usage()
{
(void) fprintf(stderr, "usage: %s [-c] [-f sudoers] [-q] [-s] [-V]\n",
- Argv[0]);
+ getprogname());
exit(1);
}
projects / sudo / commitdiff