From: Todd C. Miller Date: Mon, 5 Jan 2004 19:56:43 +0000 (+0000) Subject: Merge the NOPASSWD/PASSWD and NOEXEC/EXEC rules so that order is not X-Git-Tag: SUDO_1_6_8~277 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=db230cc5206d36e5fe2642448053c787af93c585;p=sudo Merge the NOPASSWD/PASSWD and NOEXEC/EXEC rules so that order is not important. --- diff --git a/parse.yacc b/parse.yacc index 248adf7b1..74df784c1 100644 --- a/parse.yacc +++ b/parse.yacc @@ -437,7 +437,7 @@ cmndspeclist : cmndspec | cmndspeclist ',' cmndspec ; -cmndspec : runasspec noexec nopasswd opcmnd { +cmndspec : runasspec cmndtag opcmnd { /* * Push the entry onto the stack if it is worth * saving and clear cmnd_matches for next cmnd. @@ -618,47 +618,39 @@ runasuser : WORD { } ; -nopasswd : /* empty */ { - /* Inherit NOPASSWD/PASSWD status. */ +cmndtag : /* empty */ { + /* Inherit {NOPASSWD,PASSWD,NOEXEC,EXEC} status. */ if (printmatches == TRUE && host_matches == TRUE && user_matches == TRUE) { if (no_passwd == TRUE) cm_list[cm_list_len].nopasswd = TRUE; else cm_list[cm_list_len].nopasswd = FALSE; + if (no_execve == TRUE) + cm_list[cm_list_len].noexecve = TRUE; + else + cm_list[cm_list_len].noexecve = FALSE; } } - | NOPASSWD { + | cmndtag NOPASSWD { no_passwd = TRUE; if (printmatches == TRUE && host_matches == TRUE && user_matches == TRUE) cm_list[cm_list_len].nopasswd = TRUE; } - | PASSWD { + | cmndtag PASSWD { no_passwd = FALSE; if (printmatches == TRUE && host_matches == TRUE && user_matches == TRUE) cm_list[cm_list_len].nopasswd = FALSE; } - ; - -noexec : /* empty */ { - /* Inherit NOEXEC/EXEC status. */ - if (printmatches == TRUE && host_matches == TRUE && - user_matches == TRUE) { - if (no_execve == TRUE) - cm_list[cm_list_len].noexecve = TRUE; - else - cm_list[cm_list_len].noexecve = FALSE; - } - } - | NOEXEC { + | cmndtag NOEXEC { no_execve = TRUE; if (printmatches == TRUE && host_matches == TRUE && user_matches == TRUE) cm_list[cm_list_len].noexecve = TRUE; } - | EXEC { + | cmndtag EXEC { no_execve = FALSE; if (printmatches == TRUE && host_matches == TRUE && user_matches == TRUE) diff --git a/sudo.tab.c b/sudo.tab.c index 87a579657..083bb5af3 100644 --- a/sudo.tab.c +++ b/sudo.tab.c @@ -274,13 +274,13 @@ short yylhs[] = 0, 0, 7, 7, 9, 7, 7, 7, 7, 7, 7, 15, 16, 18, 16, 19, 16, 21, 16, 17, 17, 22, 22, 22, 22, 22, 10, 10, 23, 25, - 25, 2, 2, 2, 2, 2, 24, 24, 26, 30, - 31, 30, 27, 27, 5, 5, 4, 32, 4, 3, - 3, 3, 3, 3, 29, 29, 29, 28, 28, 28, - 1, 1, 1, 12, 12, 34, 33, 20, 20, 13, - 13, 36, 35, 37, 37, 14, 14, 39, 38, 11, - 11, 41, 40, 8, 8, 42, 42, 6, 6, 6, - 6, 6, + 25, 2, 2, 2, 2, 2, 24, 24, 26, 29, + 30, 29, 27, 27, 5, 5, 4, 31, 4, 3, + 3, 3, 3, 3, 28, 28, 28, 28, 28, 1, + 1, 1, 12, 12, 33, 32, 20, 20, 13, 13, + 35, 34, 36, 36, 14, 14, 38, 37, 11, 11, + 40, 39, 8, 8, 41, 41, 6, 6, 6, 6, + 6, }; #if defined(__cplusplus) || defined(__STDC__) const short yylen[] = @@ -291,13 +291,13 @@ short yylen[] = 1, 2, 1, 2, 0, 3, 2, 2, 2, 2, 1, 2, 1, 0, 3, 0, 3, 0, 3, 1, 3, 1, 2, 3, 3, 3, 1, 3, 3, 1, - 2, 1, 1, 1, 1, 1, 1, 3, 4, 1, + 2, 1, 1, 1, 1, 1, 1, 3, 3, 1, 0, 3, 0, 2, 1, 3, 1, 0, 3, 1, - 1, 1, 1, 1, 0, 1, 1, 0, 1, 1, - 1, 1, 1, 1, 3, 0, 4, 1, 3, 1, - 3, 0, 4, 1, 3, 1, 3, 0, 4, 1, - 3, 0, 4, 1, 3, 1, 2, 1, 1, 1, - 1, 1, + 1, 1, 1, 1, 0, 2, 2, 2, 2, 1, + 1, 1, 1, 3, 0, 4, 1, 3, 1, 3, + 0, 4, 1, 3, 1, 3, 0, 4, 1, 3, + 0, 4, 1, 3, 1, 2, 1, 1, 1, 1, + 1, }; #if defined(__cplusplus) || defined(__STDC__) const short yydefred[] = @@ -306,19 +306,19 @@ short yydefred[] = #endif { 0, 0, 13, 18, 14, 16, 3, 0, 0, 0, 0, - 0, 1, 0, 11, 0, 4, 0, 0, 0, 66, - 0, 64, 72, 0, 70, 82, 0, 80, 78, 0, - 76, 2, 91, 90, 89, 88, 92, 0, 86, 0, - 84, 0, 0, 12, 0, 36, 33, 34, 35, 32, - 0, 30, 0, 68, 0, 53, 52, 51, 50, 54, + 0, 1, 0, 11, 0, 4, 0, 0, 0, 65, + 0, 63, 71, 0, 69, 81, 0, 79, 77, 0, + 75, 2, 90, 89, 88, 87, 91, 0, 85, 0, + 83, 0, 0, 12, 0, 36, 33, 34, 35, 32, + 0, 30, 0, 67, 0, 53, 52, 51, 50, 54, 48, 47, 45, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 87, 0, 0, 0, 27, 0, 0, 0, - 23, 0, 31, 0, 0, 0, 0, 65, 0, 71, - 0, 81, 0, 77, 85, 0, 0, 24, 25, 26, - 21, 69, 49, 46, 0, 63, 62, 61, 41, 40, - 74, 0, 0, 0, 28, 0, 0, 37, 0, 0, - 0, 0, 0, 59, 60, 0, 42, 75, 38, 56, - 57, 0, 39, + 0, 0, 86, 0, 0, 0, 27, 0, 0, 0, + 23, 0, 31, 0, 0, 0, 0, 64, 0, 70, + 0, 80, 0, 76, 84, 0, 0, 24, 25, 26, + 21, 68, 49, 46, 0, 62, 61, 60, 41, 40, + 73, 0, 0, 0, 28, 0, 0, 37, 55, 0, + 0, 0, 0, 0, 42, 74, 38, 56, 57, 58, + 59, 39, }; #if defined(__cplusplus) || defined(__STDC__) const short yydgoto[] = @@ -328,107 +328,107 @@ short yydgoto[] = { 11, 110, 52, 62, 63, 64, 39, 12, 40, 13, 75, 27, 21, 24, 30, 14, 15, 44, 18, 19, 76, - 17, 45, 77, 117, 54, 118, 119, 126, 132, 111, - 120, 85, 22, 65, 25, 67, 112, 31, 71, 28, - 69, 41, + 17, 45, 77, 117, 54, 118, 119, 124, 111, 120, + 85, 22, 65, 25, 67, 112, 31, 71, 28, 69, + 41, }; #if defined(__cplusplus) || defined(__STDC__) const short yysindex[] = #else short yysindex[] = #endif - { -234, - -262, 0, 0, 0, 0, 0, -242, -238, -235, -229, - -234, 0, 296, 0, -31, 0, 305, 296, 309, 0, - -19, 0, 0, -10, 0, 0, -4, 0, 0, 2, - 0, 0, 0, 0, 0, 0, 0, -212, 0, 283, - 0, -26, -194, 0, 22, 0, 0, 0, 0, 0, - -205, 0, 23, 0, 25, 0, 0, 0, 0, 0, - 0, 0, 0, 27, -23, -242, 11, -238, 12, -235, - 14, -229, 0, 296, 18, -34, 0, -185, -184, -180, - 0, -31, 0, 305, -199, 309, 305, 0, -33, 0, - 296, 0, 309, 0, 0, 305, -183, 0, 0, 0, - 0, 0, 0, 0, 23, 0, 0, 0, 0, 0, - 0, 40, 25, 27, 0, 309, 42, 0, -257, -221, - -33, 27, -183, 0, 0, -244, 0, 0, 0, 0, - 0, -33, 0,}; + { -239, + -264, 0, 0, 0, 0, 0, -247, -240, -236, -235, + -239, 0, 307, 0, -31, 0, 328, 307, 320, 0, + -9, 0, 0, -8, 0, 0, -4, 0, 0, 2, + 0, 0, 0, 0, 0, 0, 0, -242, 0, 294, + 0, -3, -226, 0, 11, 0, 0, 0, 0, 0, + -217, 0, 17, 0, 20, 0, 0, 0, 0, 0, + 0, 0, 0, 21, 5, -247, 6, -240, 7, -236, + 8, -235, 0, 307, 13, -32, 0, -191, -190, -189, + 0, -31, 0, 328, -210, 320, 328, 0, -33, 0, + 307, 0, 320, 0, 0, 328, -192, 0, 0, 0, + 0, 0, 0, 0, 17, 0, 0, 0, 0, 0, + 0, 34, 20, 21, 0, 320, 35, 0, 0, -243, + -33, 21, -192, -27, 0, 0, 0, 0, 0, 0, + 0, 0,}; #if defined(__cplusplus) || defined(__STDC__) const short yyrindex[] = #else short yyrindex[] = #endif - { 328, + { 342, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 328, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 342, 0, 0, 0, 0, 0, 0, 0, 0, 0, 139, 0, 0, 162, 0, 0, 185, 0, 0, 208, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 236, 0, 0, 0, 0, 0, - 0, 0, -30, 0, -24, 0, 0, 0, 0, 0, - 0, 0, 0, -12, 0, 0, 0, 0, 0, 0, + 0, 0, -30, 0, -26, 0, 0, 0, 0, 0, + 0, 0, 0, -25, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 260, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, -27, 0, 0, 0, + 0, 0, 0, 0, 0, 0, -20, 0, 0, 0, 0, 0, 0, 0, 24, 0, 0, 0, 0, 0, - 0, 47, 70, 93, 0, 0, 116, 0, 282, 0, - 0, -20, -27, 0, 0, -25, 0, 0, 0, 0, - 0, 0, 0,}; + 0, 47, 70, 93, 0, 0, 116, 0, 0, 0, + 0, 271, -20, 0, 0, 0, 0, 0, 0, 0, + 0, 0,}; #if defined(__cplusplus) || defined(__STDC__) const short yygindex[] = #else short yygindex[] = #endif { 0, - -32, 36, 4, 5, -88, 52, 81, -14, 0, 0, - 0, 0, 0, 0, 0, 0, 13, 0, 0, -6, - 0, 0, -2, 0, 15, -22, 0, 0, 0, -114, - 0, 0, 30, 0, 29, 0, 0, 26, 0, 32, - 0, 33, + -39, 32, -1, 3, -84, 48, 74, -14, 0, 0, + 0, 0, 0, 0, 0, 0, 9, 0, 0, -12, + 0, 0, -6, 0, 4, -36, 0, 0, -62, 0, + 0, 26, 0, 27, 0, 0, 22, 0, 28, 0, + 23, }; -#define YYTABLESIZE 601 +#define YYTABLESIZE 615 #if defined(__cplusplus) || defined(__STDC__) const short yytable[] = #else short yytable[] = #endif { 109, - 22, 43, 19, 55, 114, 43, 128, 55, 15, 84, - 53, 16, 44, 124, 125, 20, 79, 133, 80, 23, - 17, 1, 26, 67, 130, 131, 97, 122, 29, 2, - 3, 4, 5, 22, 78, 106, 107, 87, 66, 6, - 7, 8, 9, 10, 22, 33, 73, 68, 34, 35, - 36, 108, 46, 70, 47, 48, 67, 49, 56, 72, - 37, 57, 58, 59, 81, 82, 84, 50, 74, 83, - 86, 89, 91, 60, 93, 96, 113, 98, 99, 73, - 105, 67, 100, 121, 116, 123, 83, 127, 103, 73, - 104, 32, 79, 115, 101, 88, 90, 94, 102, 0, - 129, 92, 83, 0, 73, 0, 95, 0, 0, 0, + 22, 43, 19, 55, 53, 109, 15, 17, 114, 16, + 20, 84, 43, 106, 107, 33, 1, 23, 34, 35, + 36, 26, 29, 66, 2, 3, 4, 5, 97, 108, + 37, 122, 81, 22, 6, 7, 8, 9, 10, 79, + 46, 80, 47, 48, 22, 49, 72, 56, 66, 68, + 57, 58, 59, 70, 82, 50, 66, 78, 126, 72, + 84, 132, 60, 74, 86, 87, 89, 91, 93, 82, + 96, 98, 99, 100, 105, 116, 113, 121, 123, 72, + 125, 66, 83, 103, 32, 73, 127, 102, 104, 115, + 101, 88, 78, 94, 90, 0, 95, 92, 0, 0, + 0, 0, 82, 0, 72, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 29, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 79, 0, 83, 0, 0, + 0, 0, 0, 0, 0, 78, 0, 82, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 8, 0, 0, 0, 0, 0, 0, 0, 0, 0, 29, 0, - 79, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 78, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 9, 0, 0, 0, 0, 0, 0, 0, 0, 0, 8, 0, 29, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 9, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 10, 0, 0, 0, 0, 0, 0, 0, 0, 0, 7, 0, 0, - 0, 0, 0, 106, 107, 0, 0, 42, 19, 43, - 43, 55, 55, 0, 15, 20, 44, 44, 0, 108, - 10, 43, 43, 43, 43, 43, 17, 55, 44, 44, - 44, 44, 44, 0, 0, 0, 22, 0, 22, 6, + 0, 0, 0, 106, 107, 0, 0, 42, 19, 106, + 107, 0, 15, 17, 0, 20, 43, 43, 0, 108, + 10, 128, 129, 130, 131, 108, 0, 0, 43, 43, + 43, 43, 43, 0, 0, 0, 22, 0, 22, 6, 0, 22, 22, 22, 22, 22, 22, 22, 20, 0, - 0, 0, 0, 22, 22, 22, 22, 22, 22, 67, - 0, 67, 0, 0, 67, 67, 67, 67, 67, 67, - 67, 0, 6, 0, 0, 0, 67, 67, 67, 67, - 67, 67, 73, 0, 73, 0, 0, 73, 73, 73, - 73, 73, 73, 73, 58, 51, 0, 0, 0, 73, - 73, 73, 73, 73, 73, 83, 74, 83, 38, 0, - 83, 83, 83, 83, 83, 83, 83, 51, 0, 0, - 0, 61, 83, 83, 83, 83, 83, 83, 79, 0, - 79, 0, 0, 79, 79, 79, 79, 79, 79, 79, - 5, 0, 0, 0, 0, 79, 79, 79, 79, 79, - 79, 29, 0, 29, 0, 0, 29, 29, 29, 29, + 0, 0, 0, 22, 22, 22, 22, 22, 22, 66, + 0, 66, 0, 0, 66, 66, 66, 66, 66, 66, + 66, 0, 6, 0, 0, 0, 66, 66, 66, 66, + 66, 66, 72, 44, 72, 0, 0, 72, 72, 72, + 72, 72, 72, 72, 0, 0, 0, 0, 0, 72, + 72, 72, 72, 72, 72, 82, 51, 82, 0, 0, + 82, 82, 82, 82, 82, 82, 82, 74, 0, 38, + 0, 0, 82, 82, 82, 82, 82, 82, 78, 0, + 78, 0, 61, 78, 78, 78, 78, 78, 78, 78, + 51, 0, 0, 0, 0, 78, 78, 78, 78, 78, + 78, 29, 0, 29, 5, 0, 29, 29, 29, 29, 29, 29, 29, 0, 0, 0, 0, 0, 29, 29, 29, 29, 29, 29, 8, 0, 8, 0, 0, 8, 8, 8, 8, 8, 8, 8, 0, 0, 0, 0, @@ -443,15 +443,16 @@ short yytable[] = 0, 20, 0, 20, 0, 0, 20, 20, 20, 20, 20, 20, 20, 0, 0, 0, 0, 0, 20, 20, 20, 20, 20, 20, 0, 6, 0, 6, 0, 0, - 6, 6, 6, 6, 6, 6, 6, 0, 0, 0, - 0, 0, 6, 6, 6, 6, 6, 6, 58, 58, - 46, 0, 47, 48, 0, 49, 0, 0, 0, 0, - 58, 58, 0, 33, 58, 50, 34, 35, 36, 0, - 0, 0, 46, 0, 47, 48, 56, 49, 37, 57, - 58, 59, 0, 0, 0, 0, 0, 50, 0, 0, - 0, 60, 0, 0, 0, 5, 0, 0, 5, 5, - 5, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 5, + 6, 6, 6, 6, 6, 6, 6, 44, 44, 0, + 0, 0, 6, 6, 6, 6, 6, 6, 0, 44, + 44, 44, 44, 44, 0, 0, 0, 0, 0, 0, + 0, 46, 0, 47, 48, 0, 49, 0, 0, 0, + 0, 0, 0, 0, 33, 0, 50, 34, 35, 36, + 0, 0, 0, 0, 0, 0, 0, 56, 0, 37, + 57, 58, 59, 0, 0, 46, 0, 47, 48, 0, + 49, 0, 60, 0, 0, 0, 0, 0, 0, 5, + 50, 0, 5, 5, 5, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 5, }; #if defined(__cplusplus) || defined(__STDC__) const short yycheck[] = @@ -459,17 +460,17 @@ const short yycheck[] = short yycheck[] = #endif { 33, - 0, 33, 33, 18, 93, 33, 121, 33, 33, 44, - 17, 274, 33, 271, 272, 258, 43, 132, 45, 258, - 33, 256, 258, 0, 269, 270, 61, 116, 258, 264, - 265, 266, 267, 33, 61, 257, 258, 61, 58, 274, - 275, 276, 277, 278, 44, 258, 0, 58, 261, 262, - 263, 273, 258, 58, 260, 261, 33, 263, 258, 58, - 273, 261, 262, 263, 259, 44, 44, 273, 44, 0, - 44, 61, 61, 273, 61, 58, 91, 263, 263, 33, - 87, 58, 263, 44, 268, 44, 51, 120, 85, 38, - 86, 11, 0, 96, 82, 66, 68, 72, 84, -1, - 123, 70, 33, -1, 58, -1, 74, -1, -1, -1, + 0, 33, 33, 18, 17, 33, 33, 33, 93, 274, + 258, 44, 33, 257, 258, 258, 256, 258, 261, 262, + 263, 258, 258, 0, 264, 265, 266, 267, 61, 273, + 273, 116, 259, 33, 274, 275, 276, 277, 278, 43, + 258, 45, 260, 261, 44, 263, 0, 258, 58, 58, + 261, 262, 263, 58, 44, 273, 33, 61, 121, 58, + 44, 124, 273, 44, 44, 61, 61, 61, 61, 0, + 58, 263, 263, 263, 87, 268, 91, 44, 44, 33, + 120, 58, 51, 85, 11, 38, 123, 84, 86, 96, + 82, 66, 0, 72, 68, -1, 74, 70, -1, -1, + -1, -1, 33, -1, 58, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 0, -1, -1, -1, -1, -1, -1, -1, -1, -1, 33, -1, 58, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 0, -1, @@ -482,21 +483,21 @@ short yycheck[] = -1, -1, -1, -1, -1, -1, -1, 0, -1, -1, -1, -1, -1, -1, -1, -1, -1, 33, -1, -1, -1, -1, -1, 257, 258, -1, -1, 259, 259, 257, - 258, 257, 258, -1, 259, 0, 257, 258, -1, 273, - 33, 269, 270, 271, 272, 273, 259, 273, 269, 270, + 258, -1, 259, 259, -1, 0, 257, 258, -1, 273, + 33, 269, 270, 271, 272, 273, -1, -1, 269, 270, 271, 272, 273, -1, -1, -1, 256, -1, 258, 0, -1, 261, 262, 263, 264, 265, 266, 267, 33, -1, -1, -1, -1, 273, 274, 275, 276, 277, 278, 256, -1, 258, -1, -1, 261, 262, 263, 264, 265, 266, 267, -1, 33, -1, -1, -1, 273, 274, 275, 276, - 277, 278, 256, -1, 258, -1, -1, 261, 262, 263, - 264, 265, 266, 267, 33, 33, -1, -1, -1, 273, - 274, 275, 276, 277, 278, 256, 44, 258, 33, -1, - 261, 262, 263, 264, 265, 266, 267, 33, -1, -1, - -1, 33, 273, 274, 275, 276, 277, 278, 256, -1, - 258, -1, -1, 261, 262, 263, 264, 265, 266, 267, + 277, 278, 256, 33, 258, -1, -1, 261, 262, 263, + 264, 265, 266, 267, -1, -1, -1, -1, -1, 273, + 274, 275, 276, 277, 278, 256, 33, 258, -1, -1, + 261, 262, 263, 264, 265, 266, 267, 44, -1, 33, + -1, -1, 273, 274, 275, 276, 277, 278, 256, -1, + 258, -1, 33, 261, 262, 263, 264, 265, 266, 267, 33, -1, -1, -1, -1, 273, 274, 275, 276, 277, - 278, 256, -1, 258, -1, -1, 261, 262, 263, 264, + 278, 256, -1, 258, 33, -1, 261, 262, 263, 264, 265, 266, 267, -1, -1, -1, -1, -1, 273, 274, 275, 276, 277, 278, 256, -1, 258, -1, -1, 261, 262, 263, 264, 265, 266, 267, -1, -1, -1, -1, @@ -511,15 +512,16 @@ short yycheck[] = -1, 256, -1, 258, -1, -1, 261, 262, 263, 264, 265, 266, 267, -1, -1, -1, -1, -1, 273, 274, 275, 276, 277, 278, -1, 256, -1, 258, -1, -1, - 261, 262, 263, 264, 265, 266, 267, -1, -1, -1, - -1, -1, 273, 274, 275, 276, 277, 278, 257, 258, - 258, -1, 260, 261, -1, 263, -1, -1, -1, -1, - 269, 270, -1, 258, 273, 273, 261, 262, 263, -1, - -1, -1, 258, -1, 260, 261, 258, 263, 273, 261, - 262, 263, -1, -1, -1, -1, -1, 273, -1, -1, - -1, 273, -1, -1, -1, 258, -1, -1, 261, 262, - 263, -1, -1, -1, -1, -1, -1, -1, -1, -1, - 273, + 261, 262, 263, 264, 265, 266, 267, 257, 258, -1, + -1, -1, 273, 274, 275, 276, 277, 278, -1, 269, + 270, 271, 272, 273, -1, -1, -1, -1, -1, -1, + -1, 258, -1, 260, 261, -1, 263, -1, -1, -1, + -1, -1, -1, -1, 258, -1, 273, 261, 262, 263, + -1, -1, -1, -1, -1, -1, -1, 258, -1, 273, + 261, 262, 263, -1, -1, 258, -1, 260, 261, -1, + 263, -1, 273, -1, -1, -1, -1, -1, -1, 258, + 273, -1, 261, 262, 263, -1, -1, -1, -1, -1, + -1, -1, -1, -1, 273, }; #define YYFINAL 11 #ifndef YYDEBUG @@ -589,7 +591,7 @@ char *yyrule[] = "host : ALIAS", "cmndspeclist : cmndspec", "cmndspeclist : cmndspeclist ',' cmndspec", -"cmndspec : runasspec noexec nopasswd opcmnd", +"cmndspec : runasspec cmndtag opcmnd", "opcmnd : cmnd", "$$5 :", "opcmnd : '!' $$5 cmnd", @@ -605,12 +607,11 @@ char *yyrule[] = "runasuser : NETGROUP", "runasuser : ALIAS", "runasuser : ALL", -"nopasswd :", -"nopasswd : NOPASSWD", -"nopasswd : PASSWD", -"noexec :", -"noexec : NOEXEC", -"noexec : EXEC", +"cmndtag :", +"cmndtag : cmndtag NOPASSWD", +"cmndtag : cmndtag PASSWD", +"cmndtag : cmndtag NOEXEC", +"cmndtag : cmndtag EXEC", "cmnd : ALL", "cmnd : ALIAS", "cmnd : COMMAND", @@ -669,7 +670,7 @@ short *yyss; short *yysslim; YYSTYPE *yyvs; int yystacksize; -#line 895 "parse.yacc" +#line 887 "parse.yacc" #define MOREALIASES (32) aliasinfo *aliases = NULL; @@ -1026,7 +1027,7 @@ init_parser() if (printmatches == TRUE) expand_match_list(); } -#line 978 "sudo.tab.c" +#line 979 "sudo.tab.c" /* allocate initial stack or double stack size, up to YYMAXDEPTH */ #if defined(__cplusplus) || defined(__STDC__) static int yygrowstack(void) @@ -1666,18 +1667,22 @@ break; case 55: #line 621 "parse.yacc" { - /* Inherit NOPASSWD/PASSWD status. */ + /* Inherit {NOPASSWD,PASSWD,NOEXEC,EXEC} status. */ if (printmatches == TRUE && host_matches == TRUE && user_matches == TRUE) { if (no_passwd == TRUE) cm_list[cm_list_len].nopasswd = TRUE; else cm_list[cm_list_len].nopasswd = FALSE; + if (no_execve == TRUE) + cm_list[cm_list_len].noexecve = TRUE; + else + cm_list[cm_list_len].noexecve = FALSE; } } break; case 56: -#line 631 "parse.yacc" +#line 635 "parse.yacc" { no_passwd = TRUE; if (printmatches == TRUE && host_matches == TRUE && @@ -1686,7 +1691,7 @@ case 56: } break; case 57: -#line 637 "parse.yacc" +#line 641 "parse.yacc" { no_passwd = FALSE; if (printmatches == TRUE && host_matches == TRUE && @@ -1695,20 +1700,7 @@ case 57: } break; case 58: -#line 645 "parse.yacc" -{ - /* Inherit NOEXEC/EXEC status. */ - if (printmatches == TRUE && host_matches == TRUE && - user_matches == TRUE) { - if (no_execve == TRUE) - cm_list[cm_list_len].noexecve = TRUE; - else - cm_list[cm_list_len].noexecve = FALSE; - } - } -break; -case 59: -#line 655 "parse.yacc" +#line 647 "parse.yacc" { no_execve = TRUE; if (printmatches == TRUE && host_matches == TRUE && @@ -1716,8 +1708,8 @@ case 59: cm_list[cm_list_len].noexecve = TRUE; } break; -case 60: -#line 661 "parse.yacc" +case 59: +#line 653 "parse.yacc" { no_execve = FALSE; if (printmatches == TRUE && host_matches == TRUE && @@ -1725,8 +1717,8 @@ case 60: cm_list[cm_list_len].noexecve = FALSE; } break; -case 61: -#line 669 "parse.yacc" +case 60: +#line 661 "parse.yacc" { if (printmatches == TRUE) { if (in_alias == TRUE) @@ -1745,8 +1737,8 @@ case 61: safe_cmnd = estrdup(user_cmnd); } break; -case 62: -#line 686 "parse.yacc" +case 61: +#line 678 "parse.yacc" { aliasinfo *aip; @@ -1777,8 +1769,8 @@ case 62: free(yyvsp[0].string); } break; -case 63: -#line 715 "parse.yacc" +case 62: +#line 707 "parse.yacc" { if (printmatches == TRUE) { if (in_alias == TRUE) { @@ -1806,12 +1798,12 @@ case 63: free(yyvsp[0].command.args); } break; -case 66: -#line 747 "parse.yacc" +case 65: +#line 739 "parse.yacc" { push; } break; -case 67: -#line 747 "parse.yacc" +case 66: +#line 739 "parse.yacc" { if ((host_matches != -1 || pedantic) && !add_alias(yyvsp[-3].string, HOST_ALIAS, host_matches)) { @@ -1821,8 +1813,8 @@ case 67: pop; } break; -case 72: -#line 765 "parse.yacc" +case 71: +#line 757 "parse.yacc" { push; if (printmatches == TRUE) { @@ -1834,8 +1826,8 @@ case 72: } } break; -case 73: -#line 774 "parse.yacc" +case 72: +#line 766 "parse.yacc" { if ((cmnd_matches != -1 || pedantic) && !add_alias(yyvsp[-3].string, CMND_ALIAS, cmnd_matches)) { @@ -1849,12 +1841,12 @@ case 73: in_alias = FALSE; } break; -case 74: -#line 788 "parse.yacc" +case 73: +#line 780 "parse.yacc" { ; } break; -case 78: -#line 796 "parse.yacc" +case 77: +#line 788 "parse.yacc" { if (printmatches == TRUE) { in_alias = TRUE; @@ -1865,8 +1857,8 @@ case 78: } } break; -case 79: -#line 804 "parse.yacc" +case 78: +#line 796 "parse.yacc" { if ((yyvsp[0].BOOLEAN != -1 || pedantic) && !add_alias(yyvsp[-3].string, RUNAS_ALIAS, yyvsp[0].BOOLEAN)) { @@ -1879,12 +1871,12 @@ case 79: in_alias = FALSE; } break; -case 82: -#line 821 "parse.yacc" +case 81: +#line 813 "parse.yacc" { push; } break; -case 83: -#line 821 "parse.yacc" +case 82: +#line 813 "parse.yacc" { if ((user_matches != -1 || pedantic) && !add_alias(yyvsp[-3].string, USER_ALIAS, user_matches)) { @@ -1895,22 +1887,22 @@ case 83: free(yyvsp[-3].string); } break; -case 86: -#line 836 "parse.yacc" +case 85: +#line 828 "parse.yacc" { if (yyvsp[0].BOOLEAN != -1) user_matches = yyvsp[0].BOOLEAN; } break; -case 87: -#line 840 "parse.yacc" +case 86: +#line 832 "parse.yacc" { if (yyvsp[0].BOOLEAN != -1) user_matches = ! yyvsp[0].BOOLEAN; } break; -case 88: -#line 846 "parse.yacc" +case 87: +#line 838 "parse.yacc" { if (strcmp(yyvsp[0].string, user_name) == 0) yyval.BOOLEAN = TRUE; @@ -1919,8 +1911,8 @@ case 88: free(yyvsp[0].string); } break; -case 89: -#line 853 "parse.yacc" +case 88: +#line 845 "parse.yacc" { if (usergr_matches(yyvsp[0].string, user_name)) yyval.BOOLEAN = TRUE; @@ -1929,8 +1921,8 @@ case 89: free(yyvsp[0].string); } break; -case 90: -#line 860 "parse.yacc" +case 89: +#line 852 "parse.yacc" { if (netgr_matches(yyvsp[0].string, NULL, NULL, user_name)) yyval.BOOLEAN = TRUE; @@ -1939,8 +1931,8 @@ case 90: free(yyvsp[0].string); } break; -case 91: -#line 867 "parse.yacc" +case 90: +#line 859 "parse.yacc" { aliasinfo *aip = find_alias(yyvsp[0].string, USER_ALIAS); @@ -1964,13 +1956,13 @@ case 91: free(yyvsp[0].string); } break; -case 92: -#line 889 "parse.yacc" +case 91: +#line 881 "parse.yacc" { yyval.BOOLEAN = TRUE; } break; -#line 1922 "sudo.tab.c" +#line 1914 "sudo.tab.c" } yyssp -= yym; yystate = *yyssp;