Todd C. Miller [Mon, 4 Feb 2019 21:07:20 +0000 (14:07 -0700)]
include stddef.h to make sure we get NULL
Todd C. Miller [Sat, 2 Feb 2019 20:55:30 +0000 (13:55 -0700)]
Fix memory leak when there are no network interfaces or an error occurs.
Todd C. Miller [Fri, 25 Jan 2019 17:39:57 +0000 (10:39 -0700)]
Use $ac_cv_search_FUNCTION instead of $ac_lib and $ac_res.
Fixes a problem where libcrypt is not used with autoconf caching.
Adapted from a diff from Adam Labbe.
Todd C. Miller [Thu, 24 Jan 2019 21:59:13 +0000 (14:59 -0700)]
Updated translations from translationproject.org
Todd C. Miller [Tue, 22 Jan 2019 13:41:16 +0000 (06:41 -0700)]
Fix listpw=never and verifypw=never. Bug #869
Todd C. Miller [Sun, 20 Jan 2019 14:49:48 +0000 (07:49 -0700)]
Minor snprintf() usage tweaks:
1) don't assume snprintf() returns -1 on error, check for <0
2) when comparing return value of sizeof(foo), cast the sizeof, not the len
3) cast return value to void in cases where snprintf cannot fail
Todd C. Miller [Mon, 7 Jan 2019 18:01:21 +0000 (11:01 -0700)]
The AIX nofiles hard limit fix and bug #867 will make 1.8.27.
Todd C. Miller [Mon, 7 Jan 2019 16:50:40 +0000 (09:50 -0700)]
Use PAM_SILENT to prevent pam_lastlog from printing last login
information on RedHat except when explicitly running a shell.
Adapted from a patch from Nir Soffer. Bug #867
Todd C. Miller [Mon, 7 Jan 2019 16:38:03 +0000 (09:38 -0700)]
Fix the default nofiles and stack hard limits.
The table of default hard limits in /etc/security/limits was out
of date with respect to the current documentation. The default
hard limit for nofiles should be unlimited, not 8196. The default
hard limit for stack should be
4194304 blocks (which fits in an
unsigned long on 32-bit platforms).
Todd C. Miller [Thu, 3 Jan 2019 20:26:57 +0000 (13:26 -0700)]
regen
Todd C. Miller [Thu, 3 Jan 2019 20:16:57 +0000 (13:16 -0700)]
Final updates for sudo 1.8.27.
Todd C. Miller [Thu, 3 Jan 2019 18:09:00 +0000 (11:09 -0700)]
Update copyright year
Todd C. Miller [Thu, 3 Jan 2019 18:05:46 +0000 (11:05 -0700)]
Update for 2019
Todd C. Miller [Wed, 2 Jan 2019 14:39:33 +0000 (07:39 -0700)]
Fix setting of utmp entry when running command in a pty.
Regression introduced in sudo 1.8.22.
Todd C. Miller [Tue, 25 Dec 2018 03:31:26 +0000 (20:31 -0700)]
Use debug_return_int not debug_return_bool in resolve_host
Todd C. Miller [Mon, 24 Dec 2018 17:09:35 +0000 (10:09 -0700)]
sudo 1.8.27
Todd C. Miller [Mon, 24 Dec 2018 15:26:18 +0000 (08:26 -0700)]
Allow the sudoers file to be specified without the -f option.
Bug #864
Todd C. Miller [Thu, 20 Dec 2018 13:57:05 +0000 (06:57 -0700)]
The iolog_dir section is below the maxseq section, not above.
Todd C. Miller [Wed, 12 Dec 2018 17:47:01 +0000 (10:47 -0700)]
Updated translations from translationproject.org
Todd C. Miller [Tue, 11 Dec 2018 16:17:15 +0000 (09:17 -0700)]
Add -n and -R options to help; reported by Radovan Sroka
Todd C. Miller [Tue, 11 Dec 2018 16:12:06 +0000 (09:12 -0700)]
Add missing description of padding option and missing argument to -c.
Todd C. Miller [Tue, 11 Dec 2018 16:05:04 +0000 (09:05 -0700)]
The -c option was missing from the help info; from Radovan Sroka
Todd C. Miller [Tue, 11 Dec 2018 16:02:30 +0000 (09:02 -0700)]
Fix some typos; reported by Radovan Sroka
Todd C. Miller [Sat, 8 Dec 2018 15:10:04 +0000 (08:10 -0700)]
In sudo_pam_approval(), for the exempt case, only overwrite pam
status when the passwd is expired or needs to be updated.
Todd C. Miller [Fri, 7 Dec 2018 16:51:34 +0000 (09:51 -0700)]
The fix for bug #843 was incomplete and caused pam_end() to be called early.
sudo_pam_approval() must not set the global pam status to an error
value if it returns AUTH_SUCCESS. Otherwise, sudo_pam_cleanup()
will call pam_end() before sudo_pam_begin_session(). This resulted
in a NULL PAM handle being used in sudo_pam_begin_session().
Todd C. Miller [Wed, 5 Dec 2018 17:43:14 +0000 (10:43 -0700)]
Don't run the command in a pty if no I/O plugins are logging anything.
That way an I/O plugin that doesn't actually log anything won't cause
the command to be run in a pty.
Todd C. Miller [Thu, 29 Nov 2018 15:49:58 +0000 (08:49 -0700)]
Update ignore patterns to match doc changes.
Todd C. Miller [Thu, 29 Nov 2018 15:47:42 +0000 (08:47 -0700)]
fix mode fixmdoc.sed
Todd C. Miller [Tue, 27 Nov 2018 20:15:08 +0000 (13:15 -0700)]
Fix section in the .TH line of *.man.in file.
The substitution for @mansectsu@ and @mansectform@ was broken.
No longer need to strip out OpenBSD from the header line.
Todd C. Miller [Tue, 27 Nov 2018 15:33:51 +0000 (08:33 -0700)]
Add sudoers.man.in.sed, missed from previous commit.
Todd C. Miller [Tue, 27 Nov 2018 15:27:23 +0000 (08:27 -0700)]
Add Guillem Jover
Todd C. Miller [Tue, 27 Nov 2018 15:26:08 +0000 (08:26 -0700)]
recent changes
Todd C. Miller [Tue, 27 Nov 2018 15:14:15 +0000 (08:14 -0700)]
Use roff conditionals in the manuals instead of post-processing.
We still need to process the resulting .man.in files to add back
the conditionals but this should be easier to debug as the changes
are visible in the .in file.
Some minor postprocessing is still used to make the manuals HP-UX
friendly and to change "0 seconds" -> unlimited after substitution.
Todd C. Miller [Sat, 24 Nov 2018 15:39:09 +0000 (08:39 -0700)]
Sudo plugin manual updates and clarification from Guillem Jover:
- Add missing return information for show_version().
- Fix prototypes for several function pointers.
- Update SUDO_API_VERSION_MINOR.
- Add missing references to log_suspend() and change_winsize().
- Add missing "array.".
- Clarify that argc can be zero on sudo -V.
- Clarify size requirements for conversation array arguments.
- Clarify timeout zero value for struct sudo_conv_message.
- Clarify initial and final state of reply in struct sudo_conv_reply.
Todd C. Miller [Sat, 24 Nov 2018 15:34:03 +0000 (08:34 -0700)]
Revert changes to give arguments to the .Bx macro.
This is intended for things like .Bx 4.3 to generate "4.3BSD" so
the argument ends up before the BSD, not after. Just go back to
using "BSD authentication" and "BSD login classes" so fixmdoc.sh
can operate correctly. Bug #861
Todd C. Miller [Fri, 23 Nov 2018 13:42:23 +0000 (06:42 -0700)]
Update fixmdoc.sh to match the BSD -> .Bx changes in the manuals.
Bug #861
Todd C. Miller [Sun, 18 Nov 2018 14:45:43 +0000 (07:45 -0700)]
Add support for utmps as found in HP-UX.
Todd C. Miller [Wed, 14 Nov 2018 20:37:46 +0000 (13:37 -0700)]
Support st_nmtime in struct stat as found in HP-UX.
Todd C. Miller [Wed, 14 Nov 2018 20:37:45 +0000 (13:37 -0700)]
If fcntl fails, fall back to the /proc implementation.
Todd C. Miller [Mon, 12 Nov 2018 15:31:02 +0000 (08:31 -0700)]
Mention schema.olcSudo
Todd C. Miller [Fri, 9 Nov 2018 18:02:34 +0000 (11:02 -0700)]
Mention schema.olcSudo here too.
Todd C. Miller [Fri, 9 Nov 2018 17:38:49 +0000 (10:38 -0700)]
OpenLDAP schema file for Sudo in on-line configuration (OLC) format.
From Frederic Pasteleurs.
Todd C. Miller [Fri, 9 Nov 2018 17:15:35 +0000 (10:15 -0700)]
Updated translations from translationproject.org
Todd C. Miller [Thu, 8 Nov 2018 22:17:39 +0000 (15:17 -0700)]
Only use closefrom_fallback() if no better method exists.
The previous logic was too fragile.
Todd C. Miller [Wed, 7 Nov 2018 18:21:05 +0000 (11:21 -0700)]
Updated translations from translationproject.org
Todd C. Miller [Wed, 7 Nov 2018 18:20:27 +0000 (11:20 -0700)]
Portuguese translation for sudo and sudoers from translationproject.org.
Todd C. Miller [Mon, 5 Nov 2018 16:08:05 +0000 (09:08 -0700)]
Add sudo_gai_fatal, sudo_gai_vfatal, sudo_gai_vwarn, sudo_gai_warn
and gai_log_warning that use gai_strerror() instead of strerror().
Todd C. Miller [Wed, 31 Oct 2018 16:03:02 +0000 (10:03 -0600)]
Fix memory leak in runaslist_matches().
Todd C. Miller [Mon, 29 Oct 2018 15:23:25 +0000 (09:23 -0600)]
typo
Todd C. Miller [Mon, 29 Oct 2018 14:32:36 +0000 (08:32 -0600)]
regen
Todd C. Miller [Mon, 29 Oct 2018 12:19:59 +0000 (06:19 -0600)]
More updates for 1.8.26
Todd C. Miller [Sun, 28 Oct 2018 21:46:27 +0000 (15:46 -0600)]
Add support for negated sudoRunAsUser and sudoRunAsGroup entries.
Todd C. Miller [Sat, 27 Oct 2018 18:52:17 +0000 (12:52 -0600)]
Document that the target user's groups may be specified via the -g option.
Todd C. Miller [Sat, 27 Oct 2018 18:10:43 +0000 (12:10 -0600)]
Include getpwent() version of sudo_getgrouplist2_v1() from getgrouplist.c
Todd C. Miller [Sat, 27 Oct 2018 16:57:37 +0000 (10:57 -0600)]
Use a testsudoers group file with known contents instead of the system one.
Todd C. Miller [Sat, 27 Oct 2018 12:37:34 +0000 (06:37 -0600)]
Allow the group set by "sudo -g" to be any of the target user's groups.
Previously, this was only allowed if the group matched the target
user's primary group ID (from the passwd database entry).
The sudoers policy will now allow the group if it is one of the
target user's supplemental groups as well.
Todd C. Miller [Fri, 26 Oct 2018 17:11:58 +0000 (11:11 -0600)]
Skip sudo_getgrouplist2() check on systems with getgrouplist_2().
sudo_getgrouplist2() is just a wrapper on such systems and this
avoids a test failure on macOS where a user is automatically a
member of certain groups.
Todd C. Miller [Fri, 26 Oct 2018 16:45:12 +0000 (10:45 -0600)]
Add missing exported symbol sudo_term_eof
Todd C. Miller [Fri, 26 Oct 2018 16:34:16 +0000 (10:34 -0600)]
Add missing #ifdef LDAP_OPT_X_TLS_REQUIRE_CERT
Fixes problems building on older LDAP sdks.
Todd C. Miller [Fri, 26 Oct 2018 16:26:27 +0000 (10:26 -0600)]
add getgrouplist_test.c
Todd C. Miller [Fri, 26 Oct 2018 16:24:38 +0000 (10:24 -0600)]
Check the user's primary gid from the passwd file too.
Todd C. Miller [Fri, 26 Oct 2018 16:10:52 +0000 (10:10 -0600)]
ignore prologue
Todd C. Miller [Fri, 26 Oct 2018 14:39:09 +0000 (08:39 -0600)]
Convert PVS-Studio comment to ANSI C.
Todd C. Miller [Fri, 26 Oct 2018 14:19:41 +0000 (08:19 -0600)]
Fix some mangled text in the license block.
Todd C. Miller [Fri, 26 Oct 2018 12:52:46 +0000 (06:52 -0600)]
Add regress test for sudo_getgrouplist2().
This test assumes all the groups in root's group list can
be resolved by group ID.
Todd C. Miller [Thu, 25 Oct 2018 15:04:52 +0000 (09:04 -0600)]
More changes in 1.8.26
Todd C. Miller [Thu, 25 Oct 2018 14:40:25 +0000 (08:40 -0600)]
Add padding option to cvtsudoers.
Bug #856
Todd C. Miller [Thu, 25 Oct 2018 13:17:31 +0000 (07:17 -0600)]
Remove an errant grset++ in the AIX version of sudo_getgrouplist2().
Bug #857
Todd C. Miller [Mon, 22 Oct 2018 15:12:17 +0000 (09:12 -0600)]
Pass --sourcetree-root to pvs-studio and don't check sudo_noexec.c.
Since we don't auto-generate dependencies for sudo_noexec.c we
can't easily check it from outside the source tree. This
is not a problem as it just contains stub functions.
Todd C. Miller [Mon, 22 Oct 2018 12:21:59 +0000 (06:21 -0600)]
Asturian translation for sudo from translationproject.org
Todd C. Miller [Sun, 21 Oct 2018 21:24:33 +0000 (15:24 -0600)]
Add support for CLOCK_MONOTONIC_RAW and CLOCK_UPTIME_RAW, present
on macOS.
Todd C. Miller [Sun, 21 Oct 2018 14:46:09 +0000 (08:46 -0600)]
Add --enable-pvs-studio configure option to create PVS-Studio.cfg.
Todd C. Miller [Sun, 21 Oct 2018 14:46:05 +0000 (08:46 -0600)]
Add pvs-studio target and associated production rules.
Todd C. Miller [Sun, 21 Oct 2018 14:46:05 +0000 (08:46 -0600)]
Add comments in .c files so PVS-Studio will check them.
Todd C. Miller [Sat, 20 Oct 2018 14:47:12 +0000 (08:47 -0600)]
Simplify range checks.
No need to check for ERANGE in the cases where we also check
that the value is <= INT_MAX. Found by PVS-Studio.
Todd C. Miller [Fri, 19 Oct 2018 19:35:20 +0000 (13:35 -0600)]
Avoid some PVS-Studio false positives.
Todd C. Miller [Fri, 19 Oct 2018 19:35:05 +0000 (13:35 -0600)]
Remove some calls to sudo_fatalx(); just propagate the error return.
Todd C. Miller [Fri, 19 Oct 2018 19:33:37 +0000 (13:33 -0600)]
No need to check if fd_dst is -1 in sudoedit mode.
Failure to open the destination sudoedit file is fatal so there's
no need to check that fd_dst != -1 later on. Found by PVS-Studio.
Todd C. Miller [Fri, 19 Oct 2018 19:32:24 +0000 (13:32 -0600)]
In timestamp_open() no need to free cookie on error, it is NULL.
Found by PVS-Studio.
Todd C. Miller [Thu, 18 Oct 2018 21:38:54 +0000 (15:38 -0600)]
Fix a memory leak on malloc() error in sudo_ldap_role_to_priv().
Coverity CID 188804
Todd C. Miller [Thu, 18 Oct 2018 20:43:08 +0000 (14:43 -0600)]
Move the allocation of role to be immediately before in_role is set.
This makes it clear that when in_role == true, role is non-NULL.
Also remove two dead stores.
Todd C. Miller [Thu, 18 Oct 2018 20:29:33 +0000 (14:29 -0600)]
Fix trimming of non-escaped trailing space in ldif_parse_attribute().
Found by PVS-Studio.
Todd C. Miller [Thu, 18 Oct 2018 20:24:55 +0000 (14:24 -0600)]
Simplify the logic surrounding sudoers_args in command_args_match().
We only need to check that sudoers_args is non-NULL once.
Found by PVS-Studio.
Todd C. Miller [Thu, 18 Oct 2018 20:19:09 +0000 (14:19 -0600)]
If sudo_ldap_get_values_len() fails goto cleanup instead of oom.
This is not strictly necessary as there's not anything to cleanup
in this case but it is more consistent with the code that follows.
Todd C. Miller [Thu, 18 Oct 2018 14:08:44 +0000 (08:08 -0600)]
Fix handling of timeout values in sudoers.
When passing the timeout back to the front end, ignore the
user-specified timeout if it is not set (initialized to 0).
Otherwise, sudo would choose a zero user-specified timeout over
the sudoers-specified timeout (non-zero).
Todd C. Miller [Wed, 17 Oct 2018 15:54:53 +0000 (09:54 -0600)]
Fix cut & pastos in cvtsudoers_make_gritem()
Todd C. Miller [Wed, 17 Oct 2018 12:57:06 +0000 (06:57 -0600)]
Fix expected test output now that command_timeout is parsed correctly
in LDIF.
Todd C. Miller [Wed, 17 Oct 2018 12:21:48 +0000 (06:21 -0600)]
tv_nsec can never be negative after timespecsub.
Found by PVS Studio
Todd C. Miller [Tue, 16 Oct 2018 18:50:43 +0000 (12:50 -0600)]
Avoid potentially undefined behavior.
Found by PVS Studio.
Todd C. Miller [Tue, 16 Oct 2018 18:49:34 +0000 (12:49 -0600)]
sudo_ldap_parse_option() never returns '=' as the operator.
When parsing command_timeout, role, type, privs and limitprivs,
check that val is non-NULL instead. Found by PVS Studio.
Todd C. Miller [Tue, 16 Oct 2018 16:31:43 +0000 (10:31 -0600)]
Fix up #line entries that reference lex.sudoers.c.
Todd C. Miller [Sat, 13 Oct 2018 14:08:16 +0000 (08:08 -0600)]
Fix workaround for broken sudo 1.8.7 timing files.
Todd C. Miller [Sat, 13 Oct 2018 13:31:34 +0000 (07:31 -0600)]
Fix memory leak when reusing the runas list. We need to free the
member list itself as well as its contents.
Todd C. Miller [Sat, 13 Oct 2018 12:21:52 +0000 (06:21 -0600)]
Some DIAGNOSTICS updates:
Update error message for when the user's uid does not exist in passwd.
Remove "This error indicates" and some other cosmetic cleanups.
Todd C. Miller [Sat, 13 Oct 2018 12:19:03 +0000 (06:19 -0600)]
If the user's passwd entry cannot be resolved via the uid, use the
same error message as visudo.
Todd C. Miller [Fri, 12 Oct 2018 15:40:37 +0000 (09:40 -0600)]
Add a DIAGNOSTICS section with an explanation of the more non-trivial
error messages.
Todd C. Miller [Fri, 12 Oct 2018 14:39:12 +0000 (08:39 -0600)]
Replace sudo_fatal(NULL) with an "unable to allocate memory" message
that includes the function name.
Todd C. Miller [Tue, 9 Oct 2018 20:20:13 +0000 (14:20 -0600)]
Make EOF handling while reading the password prompt more like getpass(3).
We now return the password as long as at least one character has
been read. Previously, EOF at the password prompt was treated as
if nothing was entered.
Todd C. Miller [Tue, 9 Oct 2018 20:13:28 +0000 (14:13 -0600)]
regen
Todd C. Miller [Tue, 9 Oct 2018 19:25:52 +0000 (13:25 -0600)]
Print a warning for password read issues.
Issues include: timeout at the password prompt, read error while
reading the password, and EOF reading the password.