Todd C. Miller [Tue, 27 Mar 2012 16:39:11 +0000 (12:39 -0400)]
If there is nothing to read from the askpass program, set errno to
EINTR. This makes the cancel button behave like the user entered
^C at the password prompt when PAM is used.
Todd C. Miller [Wed, 1 Feb 2012 17:12:53 +0000 (12:12 -0500)]
Error out if user specified --with-pam but we can't find the headers
or library. Also throw an error if the headers are present but the
library is not and vice versa.
Todd C. Miller [Thu, 26 Jan 2012 21:34:49 +0000 (16:34 -0500)]
We need to init the auth system regardless of whether we need a
password since we will be closing the PAM session in the monitor
process. Fixes a crash in the monitor on Solaris; bugzilla #533
Todd C. Miller [Wed, 25 Jan 2012 21:33:15 +0000 (16:33 -0500)]
The change in a1e7e31519ec that caused to exit when the monitor
dies created a race condition between the monitor exiting and the
status being read. All we really want to do is make sure that
select() notifies us that there is a status change when the monitor
dies unexpectedly so shutdown the socketpair connected to the monitor
for writing when it dies. That way we can still read the status
that is pending on the socket and select() on Linux will tell us
that the fd is ready.
Todd C. Miller [Fri, 20 Jan 2012 15:53:12 +0000 (10:53 -0500)]
Add custom version of AC_CHECK_LIB that uses the extra libs in the
cache value name. With this we no longer need to rely on a modified
version of autoconf.
Todd C. Miller [Tue, 17 Jan 2012 17:20:28 +0000 (12:20 -0500)]
When not logging I/O, use a signal handler that only forwards SIGINT,
SIGQUIT and SIGHUP when they are user-generated signals. Fixes a
race in the non-I/O logging path where the command may receive two
keyboard-generated signals; one from the kernel and one from the
sudo process.
Todd C. Miller [Fri, 13 Jan 2012 14:50:03 +0000 (09:50 -0500)]
Include parent directories in case they don't already exist. This
fixes a directory permissions problem with the AIX package when the
/usr/local directories don't already exist.
Todd C. Miller [Thu, 12 Jan 2012 20:21:36 +0000 (15:21 -0500)]
Do not include GLOB_MARK in the flags we pass to glob(3). Fixes a
bug where a pattern like "/usr/*" include /usr/bin/ in the results,
which would be incorrectly be interpreted as if the sudoers file had
specified a directory. From Vitezslav Cizek.
Todd C. Miller [Thu, 12 Jan 2012 20:17:30 +0000 (15:17 -0500)]
When trying to determine the tty, fall back on /proc/ppid/fd/{0,1,2}
if the main process's fds 0-2 are not hooked up to a tty.
On BSD, use the KERN_PROC_PID sysctl() instead.
Todd C. Miller [Thu, 12 Jan 2012 20:04:07 +0000 (15:04 -0500)]
When not logging I/O, put command in its own pgrp and make that the
controlling pgrp if the command is in the foreground. Fixes a race
in the non-I/O logging path where the command may receive two
keyboard-generated signals; one from the kernel and one from the
sudo process.
Todd C. Miller [Thu, 12 Jan 2012 19:54:18 +0000 (14:54 -0500)]
Handle different Unix domain socket (actually socketpair) semantics
in BSD vs. Linux. In BSD if one end of the socketpair goes away
select() returns the fd as readable and the read will fail with
ECONNRESET. This doesn't appear to happen on Linux so if we notice
that the monitor process has died when I/O logging is enabled,
behave like the command has exited. This means we log the wait
status of the monitor, not the command, but there is nothing else
we can do at that point. This should only be an issue if SIGKILL
is sent to the monitor process.
Todd C. Miller [Thu, 12 Jan 2012 19:52:07 +0000 (14:52 -0500)]
Catch common signals in the monitor process so they get passed to
the command. Fixes a problem when the entire login session is killed
when ssh is disconnected or the terminal window is closed.
Todd C. Miller [Thu, 12 Jan 2012 19:23:42 +0000 (14:23 -0500)]
Fetch the login class for the user we authenticate specifically
when using BSD authentication. That user may have a different login
class than what we will use to run the command. When setting the
login class for the command, use the target user's struct passwd,
not the invoking user's.
Todd C. Miller [Thu, 12 Jan 2012 15:18:57 +0000 (10:18 -0500)]
Keep track of the last token returned. On error, if the last token
was COMMENT, decrement sudolineno since the error most likely
occurred on the preceding line. Previously we always uses sudolineno-1
which will give the wrong line number for errors within a line.
Todd C. Miller [Mon, 10 Oct 2011 17:13:42 +0000 (13:13 -0400)]
Ignore set_logname (which is now the default) for sudoedit since
we want the LOGNAME, USER and USERNAME environment variables to
refer to the calling user since that is who the editor runs as.
This allows the editor to find the user's startup files.
Fixes bugzilla #515
Todd C. Miller [Tue, 27 Sep 2011 20:29:27 +0000 (16:29 -0400)]
Modify the authentication API such that the init and cleanup functions
are always called, regardless of whether or not we are going to
verify a password. This is needed for proper PAM session support.
Todd C. Miller [Sat, 17 Sep 2011 00:03:07 +0000 (20:03 -0400)]
Remove --with-CC option; it doesn't work correctly now that we use
libtool. Users can get the same effect by setting the CC
environment variable when running configure.
Todd C. Miller [Fri, 16 Sep 2011 23:57:12 +0000 (19:57 -0400)]
Use PAM by default on AIX 6 and higher.
Fix some square brackets in case statements that needed to be
doubled up. While here, use $OSMAJOR when it makes sense.
Todd C. Miller [Sun, 14 Aug 2011 20:00:01 +0000 (16:00 -0400)]
bash 2.x doesd not support the -l flag and exits with an error if
it is specified so use --login instead. This causes an error with
bash 1.x (which uses -login instead) but this version is hopefully
less used than 2.x.
projects / sudo / log