From: Todd C. Miller Date: Wed, 4 Dec 2013 23:05:05 +0000 (-0700) Subject: Document that plugins can be compiled statically into the sudo binary. X-Git-Tag: SUDO_1_8_9^2~55 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=1739350e206903be3c008a162edae44184fb6d59;p=sudo Document that plugins can be compiled statically into the sudo binary. --- diff --git a/doc/sudo.cat b/doc/sudo.cat index 471bc4f72..28bb7409b 100644 --- a/doc/sudo.cat +++ b/doc/sudo.cat @@ -392,12 +392,14 @@ CCOOMMMMAANNDD EEXXEECCUUTTIIOONN instead of running it as a child process. PPlluuggiinnss - Plugins are dynamically loaded based on the contents of the sudo.conf(4) - file. If no sudo.conf(4) file is present, or it contains no Plugin - lines, ssuuddoo will use the traditional _s_u_d_o_e_r_s security policy and I/O - logging. See the sudo.conf(4) manual for details of the _/_e_t_c_/_s_u_d_o_._c_o_n_f - file and the sudo_plugin(1m) manual for more information about the ssuuddoo - plugin architecture. + Plugins may be specified via Plugin directives in the sudo.conf(4) file. + They may be loaded as dynamic shared objects (on systems that support + them), or compiled directly into the ssuuddoo binary. If no sudo.conf(4) + file is present, or it contains no Plugin lines, ssuuddoo will use the + traditional _s_u_d_o_e_r_s security policy and I/O logging. See the + sudo.conf(4) manual for details of the _/_e_t_c_/_s_u_d_o_._c_o_n_f file and the + sudo_plugin(1m) manual for more information about the ssuuddoo plugin + architecture. EEXXIITT VVAALLUUEE Upon successful execution of a program, the exit status from _s_u_d_o will @@ -579,4 +581,4 @@ DDIISSCCLLAAIIMMEERR file distributed with ssuuddoo or http://www.sudo.ws/sudo/license.html for complete details. -Sudo 1.8.8 August 14, 2013 Sudo 1.8.8 +Sudo 1.8.9 December 4, 2013 Sudo 1.8.9 diff --git a/doc/sudo.conf.cat b/doc/sudo.conf.cat index b1ffb496a..525b09f05 100644 --- a/doc/sudo.conf.cat +++ b/doc/sudo.conf.cat @@ -39,12 +39,12 @@ DDEESSCCRRIIPPTTIIOONN end. Plugins are dynamically loaded based on the contents of ssuuddoo..ccoonnff. A Plugin line consists of the Plugin keyword, followed by the _s_y_m_b_o_l___n_a_m_e - and the _p_a_t_h to the shared object containing the plugin. The _s_y_m_b_o_l___n_a_m_e - is the name of the struct policy_plugin or struct io_plugin in the plugin - shared object. The _p_a_t_h may be fully qualified or relative. If not - fully qualified, it is relative to the directory specified by the - _p_l_u_g_i_n___d_i_r Path setting, which defaults to _/_u_s_r_/_l_o_c_a_l_/_l_i_b_e_x_e_c_/_s_u_d_o. In - other words: + and the _p_a_t_h to the dynamic shared object that contains the plugin. The + _s_y_m_b_o_l___n_a_m_e is the name of the struct policy_plugin or struct io_plugin + symbol contained in the plugin. The _p_a_t_h may be fully qualified or + relative. If not fully qualified, it is relative to the directory + specified by the _p_l_u_g_i_n___d_i_r Path setting, which defaults to + _/_u_s_r_/_l_o_c_a_l_/_l_i_b_e_x_e_c_/_s_u_d_o. In other words: Plugin sudoers_policy sudoers.so @@ -52,17 +52,24 @@ DDEESSCCRRIIPPTTIIOONN Plugin sudoers_policy /usr/local/libexec/sudo/sudoers.so + If the plugin was compiled statically into the ssuuddoo binary instead of + being installed as a dynamic shared object, the _p_a_t_h should be specified + without a leading directory, as it does not actually exist in the file + system. For example: + + Plugin sudoers_policy sudoers.so + Starting with ssuuddoo 1.8.5, any additional parameters after the _p_a_t_h are passed as arguments to the plugin's _o_p_e_n function. For example, to override the compile-time default sudoers file mode: Plugin sudoers_policy sudoers.so sudoers_mode=0440 - The same shared object may contain multiple plugins, each with a - different symbol name. The shared object file must be owned by uid 0 and - only writable by its owner. Because of ambiguities that arise from - composite policies, only a single policy plugin may be specified. This - limitation does not apply to I/O plugins. + The same dynamic shared object may contain multiple plugins, each with a + different symbol name. The file must be owned by uid 0 and only writable + by its owner. Because of ambiguities that arise from composite policies, + only a single policy plugin may be specified. This limitation does not + apply to I/O plugins. If no ssuuddoo..ccoonnff file is present, or if it contains no Plugin lines, the ssuuddooeerrss plugin will be used as the default security policy and for I/O @@ -369,4 +376,4 @@ DDIISSCCLLAAIIMMEERR file distributed with ssuuddoo or http://www.sudo.ws/sudo/license.html for complete details. -Sudo 1.8.9 December 3, 2013 Sudo 1.8.9 +Sudo 1.8.9 December 4, 2013 Sudo 1.8.9 diff --git a/doc/sudo.conf.man.in b/doc/sudo.conf.man.in index c6e55d9fb..5721df48c 100644 --- a/doc/sudo.conf.man.in +++ b/doc/sudo.conf.man.in @@ -16,7 +16,7 @@ .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.TH "SUDO" "5" "December 3, 2013" "Sudo @PACKAGE_VERSION@" "OpenBSD Programmer's Manual" +.TH "SUDO" "5" "December 4, 2013" "Sudo @PACKAGE_VERSION@" "OpenBSD Programmer's Manual" .nh .if n .ad l .SH "NAME" @@ -100,14 +100,14 @@ keyword, followed by the \fIsymbol_name\fR and the \fIpath\fR -to the shared object containing the plugin. +to the dynamic shared object that contains the plugin. The \fIsymbol_name\fR is the name of the \fRstruct policy_plugin\fR or \fRstruct io_plugin\fR -in the plugin shared object. +symbol contained in the plugin. The \fIpath\fR may be fully qualified or relative. @@ -133,6 +133,20 @@ Plugin sudoers_policy @PLUGINDIR@/sudoers.so .RE .fi .PP +If the plugin was compiled statically into the +\fBsudo\fR +binary instead of being installed as a dynamic shared object, the +\fIpath\fR +should be specified without a leading directory, +as it does not actually exist in the file system. +For example: +.nf +.sp +.RS 6n +Plugin sudoers_policy sudoers.so +.RE +.fi +.PP Starting with \fBsudo\fR 1.8.5, any additional parameters after the @@ -148,9 +162,9 @@ Plugin sudoers_policy sudoers.so sudoers_mode=0440 .RE .fi .PP -The same shared object may contain multiple plugins, each with a -different symbol name. -The shared object file must be owned by uid 0 and only writable by its owner. +The same dynamic shared object may contain multiple plugins, +each with a different symbol name. +The file must be owned by uid 0 and only writable by its owner. Because of ambiguities that arise from composite policies, only a single policy plugin may be specified. This limitation does not apply to I/O plugins. diff --git a/doc/sudo.conf.mdoc.in b/doc/sudo.conf.mdoc.in index d2f0d43f8..b4eeab6df 100644 --- a/doc/sudo.conf.mdoc.in +++ b/doc/sudo.conf.mdoc.in @@ -14,7 +14,7 @@ .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd December 3, 2013 +.Dd December 4, 2013 .Dt SUDO @mansectform@ .Os Sudo @PACKAGE_VERSION@ .Sh NAME @@ -96,14 +96,14 @@ keyword, followed by the .Em symbol_name and the .Em path -to the shared object containing the plugin. +to the dynamic shared object that contains the plugin. The .Em symbol_name is the name of the .Li struct policy_plugin or .Li struct io_plugin -in the plugin shared object. +symbol contained in the plugin. The .Em path may be fully qualified or relative. @@ -123,6 +123,17 @@ is equivalent to: Plugin sudoers_policy @PLUGINDIR@/sudoers.so .Ed .Pp +If the plugin was compiled statically into the +.Nm sudo +binary instead of being installed as a dynamic shared object, the +.Em path +should be specified without a leading directory, +as it does not actually exist in the file system. +For example: +.Bd -literal -offset indent +Plugin sudoers_policy sudoers.so +.Ed +.Pp Starting with .Nm sudo 1.8.5, any additional parameters after the @@ -135,9 +146,9 @@ For example, to override the compile-time default sudoers file mode: Plugin sudoers_policy sudoers.so sudoers_mode=0440 .Ed .Pp -The same shared object may contain multiple plugins, each with a -different symbol name. -The shared object file must be owned by uid 0 and only writable by its owner. +The same dynamic shared object may contain multiple plugins, +each with a different symbol name. +The file must be owned by uid 0 and only writable by its owner. Because of ambiguities that arise from composite policies, only a single policy plugin may be specified. This limitation does not apply to I/O plugins. diff --git a/doc/sudo.man.in b/doc/sudo.man.in index d5e68129c..43e2d915c 100644 --- a/doc/sudo.man.in +++ b/doc/sudo.man.in @@ -21,7 +21,7 @@ .\" Agency (DARPA) and Air Force Research Laboratory, Air Force .\" Materiel Command, USAF, under agreement number F39502-99-1-0512. .\" -.TH "SUDO" "@mansectsu@" "August 14, 2013" "Sudo @PACKAGE_VERSION@" "System Manager's Manual" +.TH "SUDO" "@mansectsu@" "December 4, 2013" "Sudo @PACKAGE_VERSION@" "System Manager's Manual" .nh .if n .ad l .SH "NAME" @@ -788,9 +788,15 @@ run in a new pty, \fBsudo\fR may execute the command directly instead of running it as a child process. .SS "Plugins" -Plugins are dynamically loaded based on the contents of the +Plugins may be specified via +\fRPlugin\fR +directives in the sudo.conf(@mansectform@) file. +They may be loaded as dynamic shared objects (on systems that support them), +or compiled directly into the +\fBsudo\fR +binary. If no sudo.conf(@mansectform@) file is present, or it contains no diff --git a/doc/sudo.mdoc.in b/doc/sudo.mdoc.in index e5d14ac9c..c0cc5e6af 100644 --- a/doc/sudo.mdoc.in +++ b/doc/sudo.mdoc.in @@ -19,7 +19,7 @@ .\" Agency (DARPA) and Air Force Research Laboratory, Air Force .\" Materiel Command, USAF, under agreement number F39502-99-1-0512. .\" -.Dd August 14, 2013 +.Dd December 4, 2013 .Dt SUDO @mansectsu@ .Os Sudo @PACKAGE_VERSION@ .Sh NAME @@ -779,9 +779,15 @@ run in a new pty, .Nm sudo may execute the command directly instead of running it as a child process. .Ss Plugins -Plugins are dynamically loaded based on the contents of the +Plugins may be specified via +.Li Plugin +directives in the .Xr sudo.conf @mansectform@ file. +They may be loaded as dynamic shared objects (on systems that support them), +or compiled directly into the +.Nm sudo +binary. If no .Xr sudo.conf @mansectform@ file is present, or it contains no diff --git a/doc/sudo_plugin.cat b/doc/sudo_plugin.cat index 9fe54172f..718930131 100644 --- a/doc/sudo_plugin.cat +++ b/doc/sudo_plugin.cat @@ -5,10 +5,13 @@ NNAAMMEE DDEESSCCRRIIPPTTIIOONN Starting with version 1.8, ssuuddoo supports a plugin API for policy and - session logging. By default, the ssuuddooeerrss policy plugin and an associated - I/O logging plugin are used. Via the plugin API, ssuuddoo can be configured - to use alternate policy and/or I/O logging plugins provided by third - parties. The plugins to be used are specified in the sudo.conf(4) file. + session logging. Plugins may be compiled as dynamic shared objects (the + default on systems that support them) or compiled statically into the + ssuuddoo binary itself. By default, the ssuuddooeerrss policy plugin and an + associated I/O logging plugin are used. Via the plugin API, ssuuddoo can be + configured to use alternate policy and/or I/O logging plugins provided by + third parties. The plugins to be used are specified in the sudo.conf(4) + file. The API is versioned with a major and minor number. The minor version number is incremented when additions are made. The major number is @@ -1453,4 +1456,4 @@ DDIISSCCLLAAIIMMEERR file distributed with ssuuddoo or http://www.sudo.ws/sudo/license.html for complete details. -Sudo 1.8.8 August 16, 2013 Sudo 1.8.8 +Sudo 1.8.9 December 4, 2013 Sudo 1.8.9 diff --git a/doc/sudo_plugin.man.in b/doc/sudo_plugin.man.in index 20f07b10b..9e0343937 100644 --- a/doc/sudo_plugin.man.in +++ b/doc/sudo_plugin.man.in @@ -16,7 +16,7 @@ .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.TH "SUDO_PLUGIN" "5" "August 16, 2013" "Sudo @PACKAGE_VERSION@" "OpenBSD Programmer's Manual" +.TH "SUDO_PLUGIN" "5" "December 4, 2013" "Sudo @PACKAGE_VERSION@" "OpenBSD Programmer's Manual" .nh .if n .ad l .SH "NAME" @@ -27,6 +27,10 @@ Starting with version 1.8, \fBsudo\fR supports a plugin API for policy and session logging. +Plugins may be compiled as dynamic shared objects (the default on +systems that support them) or compiled statically into the +\fBsudo\fR +binary itself. By default, the \fBsudoers\fR policy plugin and an associated I/O logging plugin are used. diff --git a/doc/sudo_plugin.mdoc.in b/doc/sudo_plugin.mdoc.in index 7da55ef89..76d061e26 100644 --- a/doc/sudo_plugin.mdoc.in +++ b/doc/sudo_plugin.mdoc.in @@ -14,7 +14,7 @@ .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd August 16, 2013 +.Dd December 4, 2013 .Dt SUDO_PLUGIN @mansectform@ .Os Sudo @PACKAGE_VERSION@ .Sh NAME @@ -25,6 +25,10 @@ Starting with version 1.8, .Nm sudo supports a plugin API for policy and session logging. +Plugins may be compiled as dynamic shared objects (the default on +systems that support them) or compiled statically into the +.Nm sudo +binary itself. By default, the .Nm sudoers policy plugin and an associated I/O logging plugin are used.