From: Todd C. Miller Date: Mon, 9 Feb 2015 23:34:06 +0000 (-0700) Subject: Sanity check the TZ environment variable by special casing it in X-Git-Tag: SUDO_1_7_10p9~9 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=3918dc8637c9889f0be4b4787cbbc5aacbf29968;p=sudo Sanity check the TZ environment variable by special casing it in env_check. The --with-tzdir configure option can be used to specify the zoneinfo directory if configure doesn't find it. --HG-- branch : 1.7 --- diff --git a/INSTALL b/INSTALL index 139061152..91b79751f 100644 --- a/INSTALL +++ b/INSTALL @@ -98,6 +98,16 @@ Directory and file names: --srcdir=DIR Find the sources in DIR [configure dir or ..] + --with-tzdir=DIR + Set the directory to the system's time zone data files. This + is only used when sanitizing the TZ environment variable to + allow for fully-qualified paths in TZ. + By default, configure will look for an existing "zoneinfo" + directory in the following locations: + /usr/share /usr/share/lib /usr/lib /etc + If no zoneinfo directory is found, the TZ variable may not + contain a fully-qualified path. + Special features/options: --with-incpath=DIR Adds the specified directory (or directories) to CPPFLAGS diff --git a/Makefile.in b/Makefile.in index 7ea18868c..1b0d9375a 100644 --- a/Makefile.in +++ b/Makefile.in @@ -547,7 +547,7 @@ sudo.mdoc: $(srcdir)/sudo.mdoc.in sudo.mdoc.sed $(srcdir)/sudo.cat: varsub $(srcdir)/sudo.mdoc.in @if [ -n "$(DEVEL)" ]; then \ echo "Generating $@"; \ - $(SED) -f varsub $(srcdir)/sudo.mdoc.in | $(MANDOC) -mdoc | $(SED) -e 's/ OpenBSD \([^ ].* \)/ \1 /' -e 's/(5)/(4)/g' -e 's/(8)/(1m)/g' > $@; \ + $(SED) -f varsub $(srcdir)/sudo.mdoc.in | $(MANDOC) -Tascii -mdoc | $(SED) -e 's/ OpenBSD \([^ ].* \)/ \1 /' -e 's/(5)/(4)/g' -e 's/(8)/(1m)/g' > $@; \ fi sudo.cat: $(srcdir)/sudo.cat @@ -575,7 +575,7 @@ visudo.mdoc: $(srcdir)/visudo.mdoc.in $(srcdir)/visudo.cat: varsub $(srcdir)/visudo.mdoc.in @if [ -n "$(DEVEL)" ]; then \ echo "Generating $@"; \ - $(SED) -f varsub $(srcdir)/visudo.mdoc.in | $(MANDOC) -mdoc | $(SED) -e 's/ OpenBSD \([^ ].* \)/ \1 /' -e 's/(5)/(4)/g' -e 's/(8)/(1m)/g' > $@; \ + $(SED) -f varsub $(srcdir)/visudo.mdoc.in | $(MANDOC) -Tascii -mdoc | $(SED) -e 's/ OpenBSD \([^ ].* \)/ \1 /' -e 's/(5)/(4)/g' -e 's/(8)/(1m)/g' > $@; \ fi visudo.cat: $(srcdir)/visudo.cat @@ -606,7 +606,7 @@ sudoers.mdoc: $(srcdir)/sudoers.mdoc.in sudoers.mdoc.sed $(srcdir)/sudoers.cat: varsub $(srcdir)/sudoers.mdoc.in @if [ -n "$(DEVEL)" ]; then \ echo "Generating $@"; \ - $(SED) -f varsub $(srcdir)/sudoers.mdoc.in | $(MANDOC) -mdoc | $(SED) -e 's/ OpenBSD \([^ ].* \)/ \1 /' -e 's/(5)/(4)/g' -e 's/(8)/(1m)/g' > $@; \ + $(SED) -f varsub $(srcdir)/sudoers.mdoc.in | $(MANDOC) -Tascii -mdoc | $(SED) -e 's/ OpenBSD \([^ ].* \)/ \1 /' -e 's/(5)/(4)/g' -e 's/(8)/(1m)/g' > $@; \ fi sudoers.cat: $(srcdir)/sudoers.cat @@ -634,7 +634,7 @@ sudoers.ldap.mdoc: $(srcdir)/sudoers.ldap.mdoc.in $(srcdir)/sudoers.ldap.cat: varsub $(srcdir)/sudoers.ldap.mdoc.in @if [ -n "$(DEVEL)" ]; then \ echo "Generating $@"; \ - $(SED) -f varsub $(srcdir)/sudoers.ldap.mdoc.in | $(MANDOC) -mdoc | $(SED) -e 's/ OpenBSD \([^ ].* \)/ \1 /' -e 's/(5)/(4)/g' -e 's/(8)/(1m)/g' > $@; \ + $(SED) -f varsub $(srcdir)/sudoers.ldap.mdoc.in | $(MANDOC) -Tascii -mdoc | $(SED) -e 's/ OpenBSD \([^ ].* \)/ \1 /' -e 's/(5)/(4)/g' -e 's/(8)/(1m)/g' > $@; \ fi sudoers.ldap.cat: $(srcdir)/sudoers.ldap.cat @@ -662,7 +662,7 @@ sudoreplay.mdoc: $(srcdir)/sudoreplay.mdoc.in $(srcdir)/sudoreplay.cat: varsub $(srcdir)/sudoreplay.mdoc.in @if [ -n "$(DEVEL)" ]; then \ echo "Generating $@"; \ - $(SED) -f varsub $(srcdir)/sudoreplay.mdoc.in | $(MANDOC) -mdoc | $(SED) -e 's/ OpenBSD \([^ ].* \)/ \1 /' -e 's/(5)/(4)/g' -e 's/(8)/(1m)/g' > $@; \ + $(SED) -f varsub $(srcdir)/sudoreplay.mdoc.in | $(MANDOC) -Tascii -mdoc | $(SED) -e 's/ OpenBSD \([^ ].* \)/ \1 /' -e 's/(5)/(4)/g' -e 's/(8)/(1m)/g' > $@; \ fi sudoreplay.cat: $(srcdir)/sudoreplay.cat diff --git a/NEWS b/NEWS index 47c0630a0..4e1b932b8 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,8 @@ +What's new in Sudo 1.7.10p9? + + * The TZ environment variable is now checked for safety instead + of simply being copied to the environment of the command. + What's new in Sudo 1.7.10p8? * Sudo's exit code now indicates a failure if the user does not diff --git a/aclocal.m4 b/aclocal.m4 index eddc1ce00..a0b7aa445 100644 --- a/aclocal.m4 +++ b/aclocal.m4 @@ -138,6 +138,26 @@ AC_DEFUN([SUDO_IO_LOGDIR], [ AC_MSG_RESULT($iolog_dir) ])dnl +dnl +dnl Detect time zone file directory, if any. +dnl +AC_DEFUN([SUDO_TZDIR], [AC_MSG_CHECKING(time zone data directory) +tzdir="$with_tzdir" +if test -z "$tzdir"; then + tzdir=no + for d in /usr/share /usr/share/lib /usr/lib /etc; do + if test -d "$d/zoneinfo"; then + tzdir="$d/zoneinfo" + break + fi + done +fi +AC_MSG_RESULT([$tzdir]) +if test "${tzdir}" != "no"; then + SUDO_DEFINE_UNQUOTED(_PATH_ZONEINFO, "$tzdir") +fi +])dnl + dnl dnl check for working fnmatch(3) dnl diff --git a/configure b/configure index d666b63bd..3fae65685 100755 --- a/configure +++ b/configure @@ -1,13 +1,11 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.68 for sudo 1.7.10p8. +# Generated by GNU Autoconf 2.69 for sudo 1.7.10p9. # # Report bugs to . # # -# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001, -# 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free Software -# Foundation, Inc. +# Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. # # # This configure script is free software; the Free Software Foundation @@ -136,6 +134,31 @@ export LANGUAGE # CDPATH. (unset CDPATH) >/dev/null 2>&1 && unset CDPATH +# Use a proper internal environment variable to ensure we don't fall + # into an infinite loop, continuously re-executing ourselves. + if test x"${_as_can_reexec}" != xno && test "x$CONFIG_SHELL" != x; then + _as_can_reexec=no; export _as_can_reexec; + # We cannot yet assume a decent shell, so we have to provide a +# neutralization value for shells without unset; and this also +# works around shells that cannot unset nonexistent variables. +# Preserve -v and -x to the replacement shell. +BASH_ENV=/dev/null +ENV=/dev/null +(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV +case $- in # (((( + *v*x* | *x*v* ) as_opts=-vx ;; + *v* ) as_opts=-v ;; + *x* ) as_opts=-x ;; + * ) as_opts= ;; +esac +exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} +# Admittedly, this is quite paranoid, since all the known shells bail +# out after a failed `exec'. +$as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 +as_fn_exit 255 + fi + # We don't want this to propagate to other subprocesses. + { _as_can_reexec=; unset _as_can_reexec;} if test "x$CONFIG_SHELL" = x; then as_bourne_compatible="if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then : emulate sh @@ -169,7 +192,8 @@ if ( set x; as_fn_ret_success y && test x = \"\$1\" ); then : else exitcode=1; echo positional parameters were not saved. fi -test x\$exitcode = x0 || exit 1" +test x\$exitcode = x0 || exit 1 +test -x / || exit 1" as_suggested=" as_lineno_1=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_1a=\$LINENO as_lineno_2=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_2a=\$LINENO eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" && @@ -222,21 +246,25 @@ IFS=$as_save_IFS if test "x$CONFIG_SHELL" != x; then : - # We cannot yet assume a decent shell, so we have to provide a - # neutralization value for shells without unset; and this also - # works around shells that cannot unset nonexistent variables. - # Preserve -v and -x to the replacement shell. - BASH_ENV=/dev/null - ENV=/dev/null - (unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV - export CONFIG_SHELL - case $- in # (((( - *v*x* | *x*v* ) as_opts=-vx ;; - *v* ) as_opts=-v ;; - *x* ) as_opts=-x ;; - * ) as_opts= ;; - esac - exec "$CONFIG_SHELL" $as_opts "$as_myself" ${1+"$@"} + export CONFIG_SHELL + # We cannot yet assume a decent shell, so we have to provide a +# neutralization value for shells without unset; and this also +# works around shells that cannot unset nonexistent variables. +# Preserve -v and -x to the replacement shell. +BASH_ENV=/dev/null +ENV=/dev/null +(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV +case $- in # (((( + *v*x* | *x*v* ) as_opts=-vx ;; + *v* ) as_opts=-v ;; + *x* ) as_opts=-x ;; + * ) as_opts= ;; +esac +exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} +# Admittedly, this is quite paranoid, since all the known shells bail +# out after a failed `exec'. +$as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 +exit 255 fi if test x$as_have_required = xno; then : @@ -339,6 +367,14 @@ $as_echo X"$as_dir" | } # as_fn_mkdir_p + +# as_fn_executable_p FILE +# ----------------------- +# Test if FILE is an executable regular file. +as_fn_executable_p () +{ + test -f "$1" && test -x "$1" +} # as_fn_executable_p # as_fn_append VAR VALUE # ---------------------- # Append the text in VALUE to the end of the definition contained in VAR. Take @@ -460,6 +496,10 @@ as_cr_alnum=$as_cr_Letters$as_cr_digits chmod +x "$as_me.lineno" || { $as_echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; } + # If we had to re-execute with $CONFIG_SHELL, we're ensured to have + # already done that, so ensure we don't try to do so again and fall + # in an infinite loop. This has already happened in practice. + _as_can_reexec=no; export _as_can_reexec # Don't try to exec as it changes $[0], causing all sort of problems # (the dirname of $[0] is not the place where we might find the # original and so on. Autoconf is especially sensitive to this). @@ -494,16 +534,16 @@ if (echo >conf$$.file) 2>/dev/null; then # ... but there are two gotchas: # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. - # In both cases, we have to default to `cp -p'. + # In both cases, we have to default to `cp -pR'. ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || - as_ln_s='cp -p' + as_ln_s='cp -pR' elif ln conf$$.file conf$$ 2>/dev/null; then as_ln_s=ln else - as_ln_s='cp -p' + as_ln_s='cp -pR' fi else - as_ln_s='cp -p' + as_ln_s='cp -pR' fi rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file rmdir conf$$.dir 2>/dev/null @@ -515,28 +555,8 @@ else as_mkdir_p=false fi -if test -x / >/dev/null 2>&1; then - as_test_x='test -x' -else - if ls -dL / >/dev/null 2>&1; then - as_ls_L_option=L - else - as_ls_L_option= - fi - as_test_x=' - eval sh -c '\'' - if test -d "$1"; then - test -d "$1/."; - else - case $1 in #( - -*)set "./$1";; - esac; - case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in #(( - ???[sx]*):;;*)false;;esac;fi - '\'' sh - ' -fi -as_executable_p=$as_test_x +as_test_x='test -x' +as_executable_p=as_fn_executable_p # Sed expression to map a string onto a valid CPP name. as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" @@ -570,8 +590,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='sudo' PACKAGE_TARNAME='sudo' -PACKAGE_VERSION='1.7.10p8' -PACKAGE_STRING='sudo 1.7.10p8' +PACKAGE_VERSION='1.7.10p9' +PACKAGE_STRING='sudo 1.7.10p9' PACKAGE_BUGREPORT='http://www.sudo.ws/bugs/' PACKAGE_URL='' @@ -827,6 +847,7 @@ with_badpass_message with_fqdn with_timedir with_iologdir +with_tzdir with_sendmail with_sudoers_mode with_sudoers_uid @@ -1360,8 +1381,6 @@ target=$target_alias if test "x$host_alias" != x; then if test "x$build_alias" = x; then cross_compiling=maybe - $as_echo "$as_me: WARNING: if you wanted to set the --build type, don't use --host. - If a cross compiler is detected then cross compile mode will be used" >&2 elif test "x$build_alias" != "x$host_alias"; then cross_compiling=yes fi @@ -1447,7 +1466,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures sudo 1.7.10p8 to adapt to many kinds of systems. +\`configure' configures sudo 1.7.10p9 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1512,7 +1531,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of sudo 1.7.10p8:";; + short | recursive ) echo "Configuration of sudo 1.7.10p9:";; esac cat <<\_ACEOF @@ -1603,6 +1622,7 @@ Optional Packages: --with-fqdn expect fully qualified hosts in sudoers --with-timedir path to the sudo timestamp dir --with-iologdir=DIR directory to store sudo I/O log files in + --with-tzdir=DIR path to the time zone data directory --with-sendmail set path to sendmail --without-sendmail do not send mail at all --with-sudoers-mode mode of sudoers file (defaults to 0440) @@ -1737,10 +1757,10 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -sudo configure 1.7.10p8 -generated by GNU Autoconf 2.68 +sudo configure 1.7.10p9 +generated by GNU Autoconf 2.69 -Copyright (C) 2010 Free Software Foundation, Inc. +Copyright (C) 2012 Free Software Foundation, Inc. This configure script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it. _ACEOF @@ -1816,7 +1836,7 @@ $as_echo "$ac_try_echo"; } >&5 test ! -s conftest.err } && test -s conftest$ac_exeext && { test "$cross_compiling" = yes || - $as_test_x conftest$ac_exeext + test -x conftest$ac_exeext }; then : ac_retval=0 else @@ -2231,7 +2251,8 @@ int main () { static int test_array [1 - 2 * !(($2) >= 0)]; -test_array [0] = 0 +test_array [0] = 0; +return test_array [0]; ; return 0; @@ -2247,7 +2268,8 @@ int main () { static int test_array [1 - 2 * !(($2) <= $ac_mid)]; -test_array [0] = 0 +test_array [0] = 0; +return test_array [0]; ; return 0; @@ -2273,7 +2295,8 @@ int main () { static int test_array [1 - 2 * !(($2) < 0)]; -test_array [0] = 0 +test_array [0] = 0; +return test_array [0]; ; return 0; @@ -2289,7 +2312,8 @@ int main () { static int test_array [1 - 2 * !(($2) >= $ac_mid)]; -test_array [0] = 0 +test_array [0] = 0; +return test_array [0]; ; return 0; @@ -2323,7 +2347,8 @@ int main () { static int test_array [1 - 2 * !(($2) <= $ac_mid)]; -test_array [0] = 0 +test_array [0] = 0; +return test_array [0]; ; return 0; @@ -2441,8 +2466,8 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by sudo $as_me 1.7.10p8, which was -generated by GNU Autoconf 2.68. Invocation command line was +It was created by sudo $as_me 1.7.10p9, which was +generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -3065,7 +3090,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="${ac_tool_prefix}gcc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -3105,7 +3130,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CC="gcc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -3158,7 +3183,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="${ac_tool_prefix}cc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -3199,7 +3224,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then ac_prog_rejected=yes continue @@ -3257,7 +3282,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="$ac_tool_prefix$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -3301,7 +3326,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CC="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -3747,8 +3772,7 @@ cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include -#include -#include +struct stat; /* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */ struct buf { int x; }; FILE * (*rcsopen) (struct buf *, struct stat *, int); @@ -4599,6 +4623,16 @@ fi +# Check whether --with-tzdir was given. +if test "${with_tzdir+set}" = set; then : + withval=$with_tzdir; case $with_tzdir in + yes) as_fn_error $? "\"must give --with-tzdir an argument.\"" "$LINENO" 5 + ;; +esac +fi + + + # Check whether --with-sendmail was given. if test "${with_sendmail+set}" = set; then : withval=$with_sendmail; case $with_sendmail in @@ -5895,7 +5929,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_AR="${ac_tool_prefix}ar" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -5935,7 +5969,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_AR="ar" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -5987,7 +6021,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -6027,7 +6061,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_RANLIB="ranlib" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -6284,7 +6318,7 @@ do for ac_prog in sed gsed; do for ac_exec_ext in '' $ac_executable_extensions; do ac_path_SED="$as_dir/$ac_prog$ac_exec_ext" - { test -f "$ac_path_SED" && $as_test_x "$ac_path_SED"; } || continue + as_fn_executable_p "$ac_path_SED" || continue # Check for GNU ac_path_SED and select it if it is found. # Check for GNU $ac_path_SED case `"$ac_path_SED" --version 2>&1` in @@ -6360,7 +6394,7 @@ do for ac_prog in grep ggrep; do for ac_exec_ext in '' $ac_executable_extensions; do ac_path_GREP="$as_dir/$ac_prog$ac_exec_ext" - { test -f "$ac_path_GREP" && $as_test_x "$ac_path_GREP"; } || continue + as_fn_executable_p "$ac_path_GREP" || continue # Check for GNU ac_path_GREP and select it if it is found. # Check for GNU $ac_path_GREP case `"$ac_path_GREP" --version 2>&1` in @@ -6426,7 +6460,7 @@ do for ac_prog in egrep; do for ac_exec_ext in '' $ac_executable_extensions; do ac_path_EGREP="$as_dir/$ac_prog$ac_exec_ext" - { test -f "$ac_path_EGREP" && $as_test_x "$ac_path_EGREP"; } || continue + as_fn_executable_p "$ac_path_EGREP" || continue # Check for GNU ac_path_EGREP and select it if it is found. # Check for GNU $ac_path_EGREP case `"$ac_path_EGREP" --version 2>&1` in @@ -6493,7 +6527,7 @@ do for ac_prog in fgrep; do for ac_exec_ext in '' $ac_executable_extensions; do ac_path_FGREP="$as_dir/$ac_prog$ac_exec_ext" - { test -f "$ac_path_FGREP" && $as_test_x "$ac_path_FGREP"; } || continue + as_fn_executable_p "$ac_path_FGREP" || continue # Check for GNU ac_path_FGREP and select it if it is found. # Check for GNU $ac_path_FGREP case `"$ac_path_FGREP" --version 2>&1` in @@ -6749,7 +6783,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_DUMPBIN="$ac_tool_prefix$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -6793,7 +6827,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_DUMPBIN="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -7217,7 +7251,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_OBJDUMP="${ac_tool_prefix}objdump" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -7257,7 +7291,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_OBJDUMP="objdump" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -7563,7 +7597,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_DLLTOOL="${ac_tool_prefix}dlltool" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -7603,7 +7637,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_DLLTOOL="dlltool" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -7706,7 +7740,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_AR="$ac_tool_prefix$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -7750,7 +7784,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_AR="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -7875,7 +7909,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_STRIP="${ac_tool_prefix}strip" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -7915,7 +7949,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_STRIP="strip" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -7974,7 +8008,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -8014,7 +8048,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_RANLIB="ranlib" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -8118,7 +8152,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_AWK="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -8705,7 +8739,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_MANIFEST_TOOL="${ac_tool_prefix}mt" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -8745,7 +8779,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_MANIFEST_TOOL="mt" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -8825,7 +8859,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_DSYMUTIL="${ac_tool_prefix}dsymutil" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -8865,7 +8899,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_DSYMUTIL="dsymutil" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -8917,7 +8951,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_NMEDIT="${ac_tool_prefix}nmedit" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -8957,7 +8991,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_NMEDIT="nmedit" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -9009,7 +9043,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_LIPO="${ac_tool_prefix}lipo" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -9049,7 +9083,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_LIPO="lipo" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -9101,7 +9135,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_OTOOL="${ac_tool_prefix}otool" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -9141,7 +9175,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_OTOOL="otool" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -9193,7 +9227,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_OTOOL64="${ac_tool_prefix}otool64" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -9233,7 +9267,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_OTOOL64="otool64" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -13627,7 +13661,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_UNAMEPROG="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -13668,7 +13702,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_TRPROG="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -13709,7 +13743,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_MANDOCPROG="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -13753,7 +13787,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_NROFFPROG="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -14562,11 +14596,11 @@ else int main () { -/* FIXME: Include the comments suggested by Paul. */ + #ifndef __cplusplus - /* Ultrix mips cc rejects this. */ + /* Ultrix mips cc rejects this sort of thing. */ typedef int charset[2]; - const charset cs; + const charset cs = { 0, 0 }; /* SunOS 4.1.1 cc rejects this. */ char const *const *pcpcc; char **ppc; @@ -14583,8 +14617,9 @@ main () ++pcpcc; ppc = (char**) pcpcc; pcpcc = (char const *const *) ppc; - { /* SCO 3.2v4 cc rejects this. */ - char *t; + { /* SCO 3.2v4 cc rejects this sort of thing. */ + char tx; + char *t = &tx; char const *s = 0 ? (char *) 0 : (char const *) 0; *t++ = 0; @@ -14600,10 +14635,10 @@ main () iptr p = 0; ++p; } - { /* AIX XL C 1.02.0.0 rejects this saying + { /* AIX XL C 1.02.0.0 rejects this sort of thing, saying "k.c", line 2.27: 1506-025 (S) Operand must be a modifiable lvalue. */ - struct s { int j; const int *ap[3]; }; - struct s *b; b->j = 5; + struct s { int j; const int *ap[3]; } bx; + struct s *b = &bx; b->j = 5; } { /* ULTRIX-32 V3.1 (Rev 9) vcc rejects this */ const int foo = 10; @@ -14684,7 +14719,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_YACC="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -14727,7 +14762,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_FLEX="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -15465,6 +15500,8 @@ _ACEOF esac rm -rf conftest* fi + + fi case "$host" in @@ -15811,12 +15848,14 @@ _ACEOF fi - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for long long int" >&5 -$as_echo_n "checking for long long int... " >&6; } -if ${ac_cv_type_long_long_int+:} false; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for unsigned long long int" >&5 +$as_echo_n "checking for unsigned long long int... " >&6; } +if ${ac_cv_type_unsigned_long_long_int+:} false; then : $as_echo_n "(cached) " >&6 else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext + ac_cv_type_unsigned_long_long_int=yes + if test "x${ac_cv_prog_cc_c99-no}" = xno; then + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* For now, do not test the preprocessor; as of 2007 there are too many @@ -15849,37 +15888,64 @@ main () _ACEOF if ac_fn_c_try_link "$LINENO"; then : - if test "$cross_compiling" = yes; then : + +else + ac_cv_type_unsigned_long_long_int=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_unsigned_long_long_int" >&5 +$as_echo "$ac_cv_type_unsigned_long_long_int" >&6; } + if test $ac_cv_type_unsigned_long_long_int = yes; then + +$as_echo "#define HAVE_UNSIGNED_LONG_LONG_INT 1" >>confdefs.h + + fi + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for long long int" >&5 +$as_echo_n "checking for long long int... " >&6; } +if ${ac_cv_type_long_long_int+:} false; then : + $as_echo_n "(cached) " >&6 +else ac_cv_type_long_long_int=yes + if test "x${ac_cv_prog_cc_c99-no}" = xno; then + ac_cv_type_long_long_int=$ac_cv_type_unsigned_long_long_int + if test $ac_cv_type_long_long_int = yes; then + if test "$cross_compiling" = yes; then : + : else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include - #ifndef LLONG_MAX - # define HALF \ - (1LL << (sizeof (long long int) * CHAR_BIT - 2)) - # define LLONG_MAX (HALF - 1 + HALF) - #endif + #ifndef LLONG_MAX + # define HALF \ + (1LL << (sizeof (long long int) * CHAR_BIT - 2)) + # define LLONG_MAX (HALF - 1 + HALF) + #endif int main () { long long int n = 1; - int i; - for (i = 0; ; i++) - { - long long int m = n << i; - if (m >> i != n) - return 1; - if (LLONG_MAX / 2 < m) - break; - } - return 0; + int i; + for (i = 0; ; i++) + { + long long int m = n << i; + if (m >> i != n) + return 1; + if (LLONG_MAX / 2 < m) + break; + } + return 0; ; return 0; } _ACEOF if ac_fn_c_try_run "$LINENO"; then : - ac_cv_type_long_long_int=yes + else ac_cv_type_long_long_int=no fi @@ -15887,11 +15953,8 @@ rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ conftest.$ac_objext conftest.beam conftest.$ac_ext fi -else - ac_cv_type_long_long_int=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext + fi + fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_long_long_int" >&5 $as_echo "$ac_cv_type_long_long_int" >&6; } @@ -18376,7 +18439,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_KRB5CONFIG="yes" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -19827,6 +19890,27 @@ EOF { $as_echo "$as_me:${as_lineno-$LINENO}: result: $iolog_dir" >&5 $as_echo "$iolog_dir" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking time zone data directory" >&5 +$as_echo_n "checking time zone data directory... " >&6; } +tzdir="$with_tzdir" +if test -z "$tzdir"; then + tzdir=no + for d in /usr/share /usr/share/lib /usr/lib /etc; do + if test -d "$d/zoneinfo"; then + tzdir="$d/zoneinfo" + break + fi + done +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $tzdir" >&5 +$as_echo "$tzdir" >&6; } +if test "${tzdir}" != "no"; then + cat >>confdefs.h <conf$$.file) 2>/dev/null; then # ... but there are two gotchas: # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. - # In both cases, we have to default to `cp -p'. + # In both cases, we have to default to `cp -pR'. ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || - as_ln_s='cp -p' + as_ln_s='cp -pR' elif ln conf$$.file conf$$ 2>/dev/null; then as_ln_s=ln else - as_ln_s='cp -p' + as_ln_s='cp -pR' fi else - as_ln_s='cp -p' + as_ln_s='cp -pR' fi rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file rmdir conf$$.dir 2>/dev/null @@ -20804,28 +20888,16 @@ else as_mkdir_p=false fi -if test -x / >/dev/null 2>&1; then - as_test_x='test -x' -else - if ls -dL / >/dev/null 2>&1; then - as_ls_L_option=L - else - as_ls_L_option= - fi - as_test_x=' - eval sh -c '\'' - if test -d "$1"; then - test -d "$1/."; - else - case $1 in #( - -*)set "./$1";; - esac; - case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in #(( - ???[sx]*):;;*)false;;esac;fi - '\'' sh - ' -fi -as_executable_p=$as_test_x + +# as_fn_executable_p FILE +# ----------------------- +# Test if FILE is an executable regular file. +as_fn_executable_p () +{ + test -f "$1" && test -x "$1" +} # as_fn_executable_p +as_test_x='test -x' +as_executable_p=as_fn_executable_p # Sed expression to map a string onto a valid CPP name. as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" @@ -20846,8 +20918,8 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by sudo $as_me 1.7.10p8, which was -generated by GNU Autoconf 2.68. Invocation command line was +This file was extended by sudo $as_me 1.7.10p9, which was +generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES CONFIG_HEADERS = $CONFIG_HEADERS @@ -20912,11 +20984,11 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -sudo config.status 1.7.10p8 -configured by $0, generated by GNU Autoconf 2.68, +sudo config.status 1.7.10p9 +configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" -Copyright (C) 2010 Free Software Foundation, Inc. +Copyright (C) 2012 Free Software Foundation, Inc. This config.status script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it." @@ -21005,7 +21077,7 @@ fi _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 if \$ac_cs_recheck; then - set X '$SHELL' '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion + set X $SHELL '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion shift \$as_echo "running CONFIG_SHELL=$SHELL \$*" >&6 CONFIG_SHELL='$SHELL' diff --git a/configure.in b/configure.in index 2df9f2ff3..2191f6a03 100644 --- a/configure.in +++ b/configure.in @@ -3,7 +3,7 @@ dnl Process this file with GNU autoconf to produce a configure script. dnl dnl Copyright (c) 1994-1996,1998-2014 Todd C. Miller dnl -AC_INIT([sudo], [1.7.10p8], [http://www.sudo.ws/bugs/], [sudo]) +AC_INIT([sudo], [1.7.10p9], [http://www.sudo.ws/bugs/], [sudo]) AC_CONFIG_HEADER(config.h pathnames.h zlib/zconf.h) dnl dnl Note: this must come after AC_INIT @@ -729,6 +729,12 @@ AC_ARG_WITH(iologdir, [AS_HELP_STRING([--with-iologdir=DIR], [directory to store no) ;; esac]) +AC_ARG_WITH(tzdir, [AS_HELP_STRING([--with-tzdir=DIR], [path to the time zone data directory])], +[case $with_tzdir in + yes) AC_MSG_ERROR(["must give --with-tzdir an argument."]) + ;; +esac]) + AC_ARG_WITH(sendmail, [AS_HELP_STRING([--with-sendmail], [set path to sendmail]) AS_HELP_STRING([--without-sendmail], [do not send mail at all])], [case $with_sendmail in @@ -2976,6 +2982,7 @@ dnl SUDO_LOGFILE SUDO_TIMEDIR SUDO_IO_LOGDIR +SUDO_TZDIR dnl dnl If I/O logging is enabled, build sudoreplay and exec_pty get_pty.o iolog.o diff --git a/env.c b/env.c index 4b43d5fc0..af4a5d1a3 100644 --- a/env.c +++ b/env.c @@ -211,6 +211,7 @@ static const char *initial_checkenv_table[] = { "LC_*", "LINGUAS", "TERM", + "TZ", NULL }; @@ -226,7 +227,6 @@ static const char *initial_keepenv_table[] = { "PATH", "PS1", "PS2", - "TZ", "XAUTHORITY", "XAUTHORIZATION", NULL @@ -563,6 +563,54 @@ matches_env_delete(var) return match; } +/* + * Sanity-check the TZ environment variable. + * On many systems it is possible to set this to a pathname. + */ +static int +tz_is_sane(tzval) + const char *tzval; +{ + const char *cp; + char lastch; + + /* tzcode treats a value beginning with a ':' as a path. */ + if (tzval[0] == ':') + tzval++; + + /* Reject fully-qualified TZ that doesn't being with the zoneinfo dir. */ + if (tzval[0] == '/') { +#ifdef _PATH_ZONEINFO + if (strncmp(tzval, _PATH_ZONEINFO, sizeof(_PATH_ZONEINFO) - 1) != 0 || + tzval[sizeof(_PATH_ZONEINFO) - 1] != '/') + return FALSE; +#else + /* Assume the worst. */ + return FALSE; +#endif + } + + /* + * Make sure TZ only contains printable non-space characters + * and does not contain a '..' path element. + */ + lastch = '/'; + for (cp = tzval; *cp != '\0'; cp++) { + if (isspace((unsigned char)*cp) || !isprint((unsigned char)*cp)) + return FALSE; + if (lastch == '/' && cp[0] == '.' && cp[1] == '.' && + (cp[2] == '/' || cp[2] == '\0')) + return FALSE; + lastch = *cp; + } + + /* Reject extra long TZ values (even if not a path). */ + if ((size_t)(cp - tzval) >= PATH_MAX) + return FALSE; + + return TRUE; +} + /* * Apply the env_check list. * Returns TRUE if the variable is allowed, FALSE if denied @@ -586,7 +634,12 @@ matches_env_check(var) iswild = FALSE; if (strncmp(cur->value, var, len) == 0 && (iswild || var[len] == '=')) { - keepit = !strpbrk(var, "/%"); + if (strncmp(var, "TZ=", 3) == 0) { + /* Special case for TZ */ + keepit = tz_is_sane(var + 3); + } else { + keepit = !strpbrk(var, "/%"); + } break; } } diff --git a/pathnames.h.in b/pathnames.h.in index 96c452300..a2335464d 100644 --- a/pathnames.h.in +++ b/pathnames.h.in @@ -149,3 +149,7 @@ #ifndef _PATH_NETSVC_CONF #undef _PATH_NETSVC_CONF #endif /* _PATH_NETSVC_CONF */ + +#ifndef _PATH_ZONEINFO +#undef _PATH_ZONEINFO +#endif /* _PATH_ZONEINFO */ diff --git a/sudoers.cat b/sudoers.cat index 7fe64114f..e37a26865 100644 --- a/sudoers.cat +++ b/sudoers.cat @@ -1,4 +1,4 @@ -SUDOERS(4) Programmer's Manual SUDOERS(4) +SUDOERS(4) File Formats Manual SUDOERS(4) NNAAMMEE ssuuddooeerrss - list of which users may execute what @@ -102,11 +102,11 @@ DDEESSCCRRIIPPTTIIOONN implementation. For instance, the QAS AD backend supports the following formats: - oo Group in the same domain: "%:Group Name" + ++oo Group in the same domain: "%:Group Name" - oo Group in any domain: "%:Group Name@FULLY.QUALIFIED.DOMAIN" + ++oo Group in any domain: "%:Group Name@FULLY.QUALIFIED.DOMAIN" - oo Group SID: "%:S-1-2-34-5678901234-5678901234-5678901234-567" + ++oo Group SID: "%:S-1-2-34-5678901234-5678901234-5678901234-567" Note that quotes around group names are optional. Unquoted strings must use a backslash (`\') to escape spaces and special characters. See _O_t_h_e_r @@ -1185,19 +1185,35 @@ SSUUDDOOEERRSS OOPPTTIIOONNSS LLiissttss tthhaatt ccaann bbee uusseedd iinn aa bboooolleeaann ccoonntteexxtt: env_check Environment variables to be removed from the user's - environment if the variable's value contains `%' or `/' - characters. This can be used to guard against printf- - style format vulnerabilities in poorly-written - programs. The argument may be a double-quoted, space- - separated list or a single value without double-quotes. - The list can be replaced, added to, deleted from, or - disabled by using the =, +=, -=, and ! operators - respectively. Regardless of whether the env_reset - option is enabled or disabled, variables specified by - env_check will be preserved in the environment if they - pass the aforementioned check. The default list of - environment variables to check is displayed when ssuuddoo - is run by root with the --VV option. + environment unless they are considered ``safe''. For + all variables except Li TZ , ``safe'' means that the + variable's value does not contain any the variable's + value contains `%' or `/' characters. This can be used + to guard against printf-style format vulnerabilities in + poorly-written programs. The TZ variable is considerd + unsafe if any of the following are true: + + ++oo It consists of a fully-qualified path name that + does not match the location of the _z_o_n_e_i_n_f_o + directory. + + ++oo It contains a _._. path element. + + ++oo It contains white space or non-printable + characters. + + ++oo It is longer than the value of PATH_MAX. + + The argument may be a double-quoted, space-separated + list or a single value without double-quotes. The list + can be replaced, added to, deleted from, or disabled by + using the =, +=, -=, and ! operators respectively. + Regardless of whether the env_reset option is enabled + or disabled, variables specified by env_check will be + preserved in the environment if they pass the + aforementioned check. The default list of environment + variables to check is displayed when ssuuddoo is run by + root with the --VV option. env_delete Environment variables to be removed from the user's environment when the _e_n_v___r_e_s_e_t option is not in effect. @@ -1535,4 +1551,4 @@ DDIISSCCLLAAIIMMEERR file distributed with ssuuddoo or http://www.sudo.ws/sudo/license.html for complete details. -Sudo 1.7.10 March 1, 2014 Sudo 1.7.10 +Sudo 1.7.10p8 February 9, 2015 Sudo 1.7.10p8 diff --git a/sudoers.man.in b/sudoers.man.in index f106584c9..73bbabd31 100644 --- a/sudoers.man.in +++ b/sudoers.man.in @@ -1,7 +1,7 @@ .\" DO NOT EDIT THIS FILE, IT IS NOT THE MASTER! .\" IT IS GENERATED AUTOMATICALLY FROM sudoers.mdoc.in .\" -.\" Copyright (c) 1994-1996, 1998-2005, 2007-2012 +.\" Copyright (c) 1994-1996, 1998-2005, 2007-2014 .\" Todd C. Miller .\" .\" Permission to use, copy, modify, and distribute this software for any @@ -21,7 +21,7 @@ .\" Agency (DARPA) and Air Force Research Laboratory, Air Force .\" Materiel Command, USAF, under agreement number F39502-99-1-0512. .\" -.TH "SUDOERS" "@mansectsu@" "July 16, 2012" "Sudo @PACKAGE_VERSION@" "Programmer's Manual" +.TH "SUDOERS" "5" "February 9, 2015" "Sudo @PACKAGE_VERSION@" "File Formats Manual" .nh .if n .ad l .SH "NAME" @@ -60,7 +60,7 @@ EBNF also contains the following operators, which many readers will recognize from regular expressions. Do not, however, confuse them with -``wildcard'' +\(lqwildcard\(rq characters, which have different meanings. .TP 6n \fR\&?\fR @@ -129,7 +129,7 @@ A \fRNAME\fR is a string of uppercase letters, numbers, and underscore characters -(`_'). +(\(oq_\(cq). A \fRNAME\fR \fBmust\fR @@ -137,7 +137,7 @@ start with an uppercase letter. It is possible to put several alias definitions of the same type on a single line, joined by a colon -(`:\&'). +(\(oq:\&\(cq). E.g., .nf .sp @@ -170,24 +170,24 @@ A \fRUser_List\fR is made up of one or more user names, user ids (prefixed with -`#'), +\(oq#\(cq), system group names and ids (prefixed with -`%' +\(oq%\(cq and -`%#' +\(oq%#\(cq respectively), netgroups (prefixed with -`+'), +\(oq+\(cq), non-Unix group names and IDs (prefixed with -`%:' +\(oq%:\(cq and -`%:#' +\(oq%:#\(cq respectively) and \fRUser_Alias\fRes. Each list item may be prefixed with zero or more -`\&!' +\(oq\&!\(cq operators. An odd number of -`\&!' +\(oq\&!\(cq operators negate the value of the item; an even number just cancel each other out. .PP @@ -216,18 +216,18 @@ syntax depends on the underlying implementation. For instance, the QAS AD backend supports the following formats: .TP 6n -\fBo\fR +\fB\(bu\fR Group in the same domain: "%:Group Name" .TP 6n -\fBo\fR +\fB\(bu\fR Group in any domain: "%:Group Name@FULLY.QUALIFIED.DOMAIN" .TP 6n -\fBo\fR +\fB\(bu\fR Group SID: "%:S-1-2-34-5678901234-5678901234-5678901234-567" .PP Note that quotes around group names are optional. Unquoted strings must use a backslash -(`\e') +(\(oq\e\(cq) to escape spaces and special characters. See \fIOther special characters and reserved words\fR @@ -283,10 +283,10 @@ A \fRHost_List\fR is made up of one or more host names, IP addresses, network numbers, netgroups (prefixed with -`+') +\(oq+\(cq) and other aliases. Again, the value of an item may be negated with the -`\&!' +\(oq\&!\(cq operator. If you do not specify a netmask along with the network number, \fBsudo\fR @@ -311,7 +311,7 @@ Note that only inspects actual network interfaces; this means that IP address 127.0.0.1 (localhost) will never match. Also, the host name -``localhost'' +\(lqlocalhost\(rq will only match if that is the actual host name, which is usually only the case for non-networked systems. .nf @@ -350,7 +350,7 @@ may only be run command line arguments. A directory is a fully qualified path name ending in a -`/'. +\(oq/\(cq. When you specify a directory in a \fRCmnd_List\fR, the user will be able to run any file within that directory @@ -364,14 +364,14 @@ in the must match exactly those given by the user on the command line (or match the wildcards if there are any). Note that the following characters must be escaped with a -`\e' +\(oq\e\(cq if they are used in command arguments: -`,\&', -`:\&', -`=\&', -`\e'. +\(oq,\&\(cq, +\(oq:\&\(cq, +\(oq=\&\(cq, +\(oq\e\(cq. The special command -``\fRsudoedit\fR'' +\(lq\fRsudoedit\fR\(rq is used to permit a user to run \fBsudo\fR with the @@ -420,7 +420,7 @@ values, or \fBlists\fR. Flags are implicitly boolean and can be turned off via the -`\&!' +\(oq\&!\(cq operator. Some integer, string and list parameters may also be used in a boolean context to disable them. @@ -429,7 +429,7 @@ in double quotes (\&"") when they contain multiple words. Special characters may be escaped with a backslash -(`\e'). +(\(oq\e\(cq). .PP Lists have two additional assignment operators, \fR+=\fR @@ -479,7 +479,7 @@ run as but this can be changed on a per-command basis. .PP The basic structure of a user specification is -``who where = (as_whom) what''. +\(lqwho where = (as_whom) what\(rq. Let's break that down into its constituent parts: .SS "Runas_Spec" A @@ -491,7 +491,7 @@ A fully-specified consists of two \fRRunas_List\fRs (as defined above) separated by a colon -(`:\&') +(\(oq:\&\(cq) and enclosed in a set of parentheses. The first \fRRunas_List\fR @@ -756,10 +756,10 @@ By default, if the \fRNOPASSWD\fR tag is applied to any of the entries for a user on the current host, he or she will be able to run -``\fRsudo -l\fR'' +\(lq\fRsudo -l\fR\(rq without a password. Additionally, a user may only run -``\fRsudo -v\fR'' +\(lq\fRsudo -v\fR\(rq without a password if the \fRNOPASSWD\fR tag is present for all a user's entries that pertain to the current host. @@ -882,15 +882,15 @@ in the specified range. .TP 10n \fR\ex\fR For any character -`x', +\(oqx\(cq, evaluates to -`x'. +\(oqx\(cq. This is used to escape special characters such as: -`*', -`\&?', -`[\&', +\(oq*\(cq, +\(oq\&?\(cq, +\(oq[\&\(cq, and -`]\&'. +\(oq]\&\(cq. .PP POSIX character classes may also be used if your system's glob(3) @@ -898,7 +898,7 @@ and fnmatch(3) functions support them. However, because the -`:\&' +\(oq:\&\(cq character has special meaning in \fIsudoers\fR, it must be @@ -907,14 +907,14 @@ For example: .nf .sp .RS 4n -/bin/ls [[\:alpha\:]]* +/bin/ls [[:\&alpha:\&]]* .RE .fi .PP Would match any file name beginning with a letter. .PP Note that a forward slash -(`/') +(\(oq/\(cq) will \fBnot\fR be matched by @@ -940,9 +940,9 @@ arbitrary strings and not just path names. Wildcards in command line arguments should be used with care. Because command line arguments are matched as a single, concatenated string, a wildcard such as -`\&?' +\(oq\&?\(cq or -`*' +\(oq*\(cq can match multiple words. For example, while a sudoers entry like: .nf @@ -985,7 +985,7 @@ sudoedit Command line arguments to the \fIsudoedit\fR built-in command should always be path names, so a forward slash -(`/') +(\(oq/\(cq) will not be matched by a wildcard. .SS "Including other files from within sudoers" It is possible to include other @@ -1038,7 +1038,7 @@ file loops. .PP If the path to the include file is not fully-qualified (does not begin with a -`/', +\(oq/\(cq, it must be located in the same directory as the sudoers file it was included from. For example, if @@ -1058,7 +1058,7 @@ The file name may also include the \fR%h\fR escape, signifying the short form of the host name. In other words, if the machine's host name is -``xerxes'', +\(lqxerxes\(rq, then .nf .sp @@ -1092,9 +1092,9 @@ For example, given: will read each file in \fI/etc/sudoers.d\fR, skipping file names that end in -`~' +\(oq~\(cq or contain a -`.\&' +\(oq.\&\(cq character to avoid causing problems with package manager or editor temporary/backup files. Files are parsed in sorted lexical order. @@ -1123,7 +1123,7 @@ with the flag to edit the files directly. .SS "Other special characters and reserved words" The pound sign -(`#') +(\(oq#\(cq) is used to indicate a comment (unless it is part of a #include directive or unless it occurs in the context of a user name and is followed by one or more digits, in which case it is treated as a @@ -1154,7 +1154,7 @@ can be dangerous since in a command context, it allows the user to run command on the system. .PP An exclamation point -(`\&!') +(\(oq\&!\(cq) can be used as a logical \fInot\fR operator both in an @@ -1163,38 +1163,38 @@ and in front of a \fRCmnd\fR. This allows one to exclude certain values. Note, however, that using a -`\&!' +\(oq\&!\(cq in conjunction with the built-in \fBALL\fR alias to allow a user to run -``all but a few'' +\(lqall but a few\(rq commands rarely works as intended (see \fISECURITY NOTES\fR below). .PP Long lines can be continued with a backslash -(`\e') +(\(oq\e\(cq) as the last character on the line. .PP White space between elements in a list as well as special syntactic characters in a \fIUser Specification\fR -(`=\&', -`:\&', -`(\&', -`)\&') +(\(oq=\&\(cq, +\(oq:\&\(cq, +\(oq(\&\(cq, +\(oq)\&\(cq) is optional. .PP The following characters must be escaped with a backslash -(`\e') +(\(oq\e\(cq) when used as part of a word (e.g.\& a user name or host name): -`\&!', -`=\&', -`:\&', -`,\&', -`(\&', -`)\&', -`\e'. +\(oq\&!\(cq, +\(oq=\&\(cq, +\(oq:\&\(cq, +\(oq,\&\(cq, +\(oq(\&\(cq, +\(oq)\&\(cq, +\(oq\e\(cq. .SH "SUDOERS OPTIONS" \fBsudo\fR's behavior can be modified by @@ -1364,7 +1364,7 @@ or \fI../bin/ls\fR. This has security implications when path names that include globbing characters are used with the negation operator, -`!\&', +\(oq!\&\(cq, as such rules can be trivially bypassed. As such, this option should not be used when \fIsudoers\fR @@ -1383,7 +1383,7 @@ command) does not contain the domain name. In other words, instead of myhost you would use myhost.mydomain.edu. You may still use the short form if you wish (and even mix the two). This option is only effective when the -``canonical'' +\(lqcanonical\(rq host name, as returned by the \fBgetaddrinfo\fR() or @@ -1395,9 +1395,9 @@ for host name resolution. If the system is configured to use the \fI/etc/hosts\fR file in preference to DNS, the -``canonical'' +\(lqcanonical\(rq host name may not be fully-qualified. -The order that sources are queried for hosts name resolution +The order that sources are queried for host name resolution is usually specified in the \fI@nsswitch_conf@\fR, \fI@netsvc_conf@\fR, @@ -1408,18 +1408,19 @@ file. In the \fI/etc/hosts\fR file, the first host name of the entry is considered to be the -``canonical'' +\(lqcanonical\(rq name; subsequent names are aliases that are not used by \fBsudoers\fR. For example, the following hosts file line for the machine -``xyzzy'' +\(lqxyzzy\(rq has the fully-qualified domain name as the -``canonical'' +\(lqcanonical\(rq host name, and the short version as an alias. .sp -.RS 6n +.RS 24n 192.168.1.1 xyzzy.sudo.ws xyzzy .RE +.RS 18n .sp If the machine's hosts file entry is not formatted properly, the \fIfqdn\fR @@ -1434,7 +1435,7 @@ to make DNS lookups which renders unusable if DNS stops working (for example if the machine is disconnected from the network). Also note that just like with the hosts file, you must use the -``canonical'' +\(lqcanonical\(rq name as DNS knows it. That is, you may not use a host alias (\fRCNAME\fR @@ -1445,6 +1446,7 @@ aliases from DNS. This flag is \fI@fqdn@\fR by default. +.RE .TP 18n ignore_dot If set, @@ -1513,7 +1515,7 @@ by default) using a unique session ID that is included in the normal \fBsudo\fR log line, prefixed with -``\fRTSID=\fR''. +\(lq\fRTSID=\fR\(rq. .sp Note that user input may contain sensitive information such as passwords (even if they are not echoed to the screen), which will @@ -1543,7 +1545,7 @@ by default) using a unique session ID that is included in the normal \fBsudo\fR log line, prefixed with -``\fRTSID=\fR''. +\(lq\fRTSID=\fR\(rq. .sp Output logs may be viewed with the sudoreplay(@mansectsu@) @@ -1669,7 +1671,7 @@ The password prompt specified by \fIpassprompt\fR will normally only be used if the password prompt provided by systems such as PAM matches the string -``Password:''. +\(lqPassword:\(rq. If \fIpassprompt_override\fR is set, @@ -1729,10 +1731,10 @@ If set, root is allowed to run \fBsudo\fR too. Disabling this prevents users from -``chaining'' +\(lqchaining\(rq \fBsudo\fR commands to get a root shell by doing something like -``\fRsudo sudo /bin/sh\fR''. +\(lq\fRsudo sudo /bin/sh\fR\(rq. Note, however, that turning off \fIroot_sudo\fR will also prevent root from running @@ -1961,7 +1963,7 @@ flag is set, \fBsudo\fR will prompt for a password even when it would be visible on the screen. This makes it possible to run things like -``\fRssh somehost sudo ls\fR'' +\(lq\fRssh somehost sudo ls\fR\(rq since by default, ssh(1) does @@ -2031,9 +2033,9 @@ If set to a value less than \fR0\fR the user's time stamp will never expire. This can be used to allow users to create or delete their own time stamps via -``\fRsudo -v\fR'' +\(lq\fRsudo -v\fR\(rq and -``\fRsudo -k\fR'' +\(lq\fRsudo -k\fR\(rq respectively. .TP 18n umask @@ -2062,7 +2064,7 @@ unless insults are enabled. .TP 18n editor A colon -(`:\&') +(\(oq:\&\(cq) separated list of editors allowed to be used with \fBvisudo\fR. \fBvisudo\fR @@ -2094,7 +2096,7 @@ The escape \fR%h\fR will expand to the host name of the machine. Default is -``\fR@mailsub@\fR''. +\(lq\fR@mailsub@\fR\(rq. .TP 18n noexec_file The @@ -2121,15 +2123,18 @@ option or the \fRSUDO_PROMPT\fR environment variable. The following percent -(`%') +(\(oq%\(cq) escape sequences are supported: -.RS +.PP +.RS 18n +.PD 0 .TP 6n \fR%H\fR expanded to the local host name including the domain name (only if the machine's host name is fully qualified or the \fIfqdn\fR option is set) +.PD .TP 6n \fR%h\fR expanded to the local host name without the domain name @@ -2158,10 +2163,8 @@ characters are collapsed into a single character .PP The default value is -``\fR@passprompt@\fR''. -.PP +\(lq\fR@passprompt@\fR\(rq. .RE -.PD 0 .TP 18n role The default SELinux role to use when constructing a new security @@ -2172,7 +2175,6 @@ or via command line options. This option is only available when \fBsudo\fR is built with SELinux support. -.PD .TP 18n runas_default The default user to run commands as if the @@ -2211,7 +2213,7 @@ Locale to use when parsing the sudoers file, logging commands, and sending email. Note that changing the locale may affect how sudoers is interpreted. Defaults to -``\fRC\fR''. +\(lq\fRC\fR\(rq. .TP 18n timestampdir The directory in which @@ -2261,9 +2263,9 @@ The option specifies the fully qualified path to a file containing variables to be set in the environment of the program being run. Entries in this file should either be of the form -``\fRVARIABLE=value\fR'' +\(lq\fRVARIABLE=value\fR\(rq or -``\fRexport VARIABLE=value\fR''. +\(lq\fRexport VARIABLE=value\fR\(rq. The value may optionally be surrounded by single or double quotes. Variables in this file are subject to other \fBsudo\fR @@ -2283,10 +2285,13 @@ lecture This option controls when a short lecture will be printed along with the password prompt. It has the following possible values: -.RS +.PP +.RS 14n +.PD 0 .TP 8n always Always lecture the user. +.PD .TP 8n never Never lecture the user. @@ -2303,9 +2308,7 @@ Negating the option results in a value of being used. The default value is \fI@lecture@\fR. -.PP .RE -.PD 0 .TP 14n lecture_file Path to a file containing an alternate @@ -2315,7 +2318,6 @@ file exists. By default, \fBsudo\fR uses a built-in lecture. -.PD .TP 14n listpw This option controls when a password will be required when a user runs @@ -2324,7 +2326,9 @@ with the \fB\-l\fR option. It has the following possible values: -.RS +.PP +.RS 14n +.PD 0 .TP 10n all All the user's @@ -2333,6 +2337,7 @@ entries for the current host must have the \fRNOPASSWD\fR flag set to avoid entering a password. +.PD .TP 10n always The user must always enter a password to use the @@ -2360,9 +2365,7 @@ Negating the option results in a value of being used. The default value is \fIany\fR. -.PP .RE -.PD 0 .TP 14n logfile Path to the @@ -2373,7 +2376,6 @@ negating this option turns it off. By default, \fBsudo\fR logs via syslog. -.PD .TP 14n mailerflags Flags to use when invoking mailer. Defaults to @@ -2385,7 +2387,7 @@ Defaults to the path to sendmail found at configure time. .TP 14n mailfrom Address to use for the -``from'' +\(lqfrom\(rq address when sending warning and error mail. The address should be enclosed in double quotes (\&"") @@ -2419,9 +2421,9 @@ to have a sane \fRPATH\fR environment variable you may want to use this. Another use is if you want to have the -``root path'' +\(lqroot path\(rq be separate from the -``user path''. +\(lquser path\(rq. Users in the group specified by the \fIexempt_group\fR option are not affected by @@ -2458,7 +2460,9 @@ with the \fB\-v\fR option. It has the following possible values: -.RS +.PP +.RS 14n +.PD 0 .TP 8n all All the user's @@ -2466,6 +2470,7 @@ All the user's entries for the current host must have the \fRNOPASSWD\fR flag set to avoid entering a password. +.PD .TP 8n always The user must always enter a password to use the @@ -2497,14 +2502,46 @@ The default value is \fBLists that can be used in a boolean context\fR: .TP 18n env_check -Environment variables to be removed from the user's environment if +Environment variables to be removed from the user's environment +unless they are considered +\(lqsafe\(rq. +For all variables except +Li TZ , +\(lqsafe\(rq +means that the variable's value does not contain any the variable's value contains -`%' +\(oq%\(cq or -`/' +\(oq/\(cq characters. This can be used to guard against printf-style format vulnerabilities in poorly-written programs. +The +\fRTZ\fR +variable is considerd unsafe if any of the following are true: +.PP +.RS 18n +.PD 0 +.TP 4n +\fB\(bu\fR +It consists of a fully-qualified path name that does not match +the location of the +\fIzoneinfo\fR +directory. +.PD +.TP 4n +\fB\(bu\fR +It contains a +\fI..\fR +path element. +.TP 4n +\fB\(bu\fR +It contains white space or non-printable characters. +.TP 4n +\fB\(bu\fR +It is longer than the value of +\fRPATH_MAX\fR. +.PP The argument may be a double-quoted, space-separated list or a single value without double-quotes. The list can be replaced, added to, deleted from, or disabled by using @@ -2526,6 +2563,7 @@ is run by root with the \fB\-V\fR option. +.RE .TP 18n env_delete Environment variables to be removed from the user's environment when the @@ -2850,9 +2888,9 @@ may run any command on machines in the netgroup. \fBsudo\fR knows that -``biglab'' +\(lqbiglab\(rq is a netgroup due to the -`+' +\(oq+\(cq prefix. .nf .sp @@ -2978,13 +3016,13 @@ Any user may mount or unmount a CD-ROM on the machines in the CDROM This is a bit tedious for users to type, so it is a prime candidate for encapsulating in a shell script. .SH "SECURITY NOTES" -.SS "Limitations of the `!\&' operator" +.SS "Limitations of the \(oq!\&\(cq operator" It is generally not effective to -``subtract'' +\(lqsubtract\(rq commands from \fBALL\fR using the -`!\&' +\(oq!\&\(cq operator. A user can trivially circumvent this by copying the desired command to a different name and then executing that. @@ -3011,7 +3049,7 @@ In general, if a user has sudo \fBALL\fR there is nothing to prevent them from creating their own program that gives them a root shell (or making their own copy of a shell) regardless of any -`!\&' +\(oq!\&\(cq elements in the user specification. .SS "Security implications of \fIfast_glob\fR" If the @@ -3115,13 +3153,13 @@ for a command, use the tag as documented in the User Specification section above. Here is that example again: -.RS .nf .sp -.RS 0n +.RS 10n aaron shanty = NOEXEC: /usr/bin/more, /usr/bin/vi .RE .fi +.RS 10n .sp This allows user \fBaaron\fR @@ -3195,7 +3233,7 @@ search the archives. .SH "DISCLAIMER" \fBsudo\fR is provided -``AS IS'' +\(lqAS IS\(rq and any express or implied warranties, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose are disclaimed. diff --git a/sudoers.mdoc.in b/sudoers.mdoc.in index 90f44b6e1..7abb397f5 100644 --- a/sudoers.mdoc.in +++ b/sudoers.mdoc.in @@ -19,7 +19,7 @@ .\" Agency (DARPA) and Air Force Research Laboratory, Air Force .\" Materiel Command, USAF, under agreement number F39502-99-1-0512. .\" -.Dd March 1, 2014 +.Dd February 9, 2015 .Dt SUDOERS @mansectform@ .Os Sudo @PACKAGE_VERSION@ .Sh NAME @@ -2318,7 +2318,13 @@ The default value is .Sy Lists that can be used in a boolean context : .Bl -tag -width 16n .It env_check -Environment variables to be removed from the user's environment if +Environment variables to be removed from the user's environment +unless they are considered +.Dq safe . +For all variables except +Li TZ , +.Dq safe +means that the variable's value does not contain any the variable's value contains .Ql % or @@ -2326,6 +2332,26 @@ or characters. This can be used to guard against printf-style format vulnerabilities in poorly-written programs. +The +.Li TZ +variable is considerd unsafe if any of the following are true: +.Bl -bullet +.It +It consists of a fully-qualified path name that does not match +the location of the +.Pa zoneinfo +directory. +.It +It contains a +.Pa .. +path element. +.It +It contains white space or non-printable characters. +.It +It is longer than the value of +.Li PATH_MAX . +.El +.Pp The argument may be a double-quoted, space-separated list or a single value without double-quotes. The list can be replaced, added to, deleted from, or disabled by using