From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Thu, 31 Aug 2017 17:29:19 +0000 (-0600)
Subject: Go back to returning true from display_privs() on non-error.  This
X-Git-Tag: SUDO_1_8_21p1^2~7
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=d5c41ae373d03fc74499c5a514cf98fdc9b243f9;p=sudo

Go back to returning true from display_privs() on non-error.  This
results in "sudo -U otheruser -l" exiting with a status of 0 even
when otheruser is not allowed to run commands.  This is appropriate
since the "sudo -l" command was successful.  This does not change
the exit value when otheruser runs "sudo -l" themselves, the exit
status will be 1 since that user is not allowed to run commands.
Requested by Radovan Sroka.
---

diff --git a/plugins/sudoers/sudo_nss.c b/plugins/sudoers/sudo_nss.c
index 18f4de002..98075ccd6 100644
--- a/plugins/sudoers/sudo_nss.c
+++ b/plugins/sudoers/sudo_nss.c
@@ -268,8 +268,7 @@ output(const char *buf)
 
 /*
  * Print out privileges for the specified user.
- * Returns true if the user is allowed to run commands, false if not
- * or -1 on error.
+ * Returns true on success or -1 on error.
  */
 int
 display_privs(struct sudo_nss_list *snl, struct passwd *pw)
@@ -348,7 +347,7 @@ display_privs(struct sudo_nss_list *snl, struct passwd *pw)
     sudo_lbuf_destroy(&defs);
     sudo_lbuf_destroy(&privs);
 
-    debug_return_int(count > 0);
+    debug_return_int(true);
 bad:
     sudo_lbuf_destroy(&defs);
     sudo_lbuf_destroy(&privs);