Todd C. Miller [Tue, 27 Nov 2018 15:14:15 +0000 (08:14 -0700)]
Use roff conditionals in the manuals instead of post-processing.
We still need to process the resulting .man.in files to add back
the conditionals but this should be easier to debug as the changes
are visible in the .in file.
Some minor postprocessing is still used to make the manuals HP-UX
friendly and to change "0 seconds" -> unlimited after substitution.
Todd C. Miller [Sat, 24 Nov 2018 15:39:09 +0000 (08:39 -0700)]
Sudo plugin manual updates and clarification from Guillem Jover:
- Add missing return information for show_version().
- Fix prototypes for several function pointers.
- Update SUDO_API_VERSION_MINOR.
- Add missing references to log_suspend() and change_winsize().
- Add missing "array.".
- Clarify that argc can be zero on sudo -V.
- Clarify size requirements for conversation array arguments.
- Clarify timeout zero value for struct sudo_conv_message.
- Clarify initial and final state of reply in struct sudo_conv_reply.
Todd C. Miller [Sat, 24 Nov 2018 15:34:03 +0000 (08:34 -0700)]
Revert changes to give arguments to the .Bx macro.
This is intended for things like .Bx 4.3 to generate "4.3BSD" so
the argument ends up before the BSD, not after. Just go back to
using "BSD authentication" and "BSD login classes" so fixmdoc.sh
can operate correctly. Bug #861
Todd C. Miller [Sat, 27 Oct 2018 12:37:34 +0000 (06:37 -0600)]
Allow the group set by "sudo -g" to be any of the target user's groups.
Previously, this was only allowed if the group matched the target
user's primary group ID (from the passwd database entry).
The sudoers policy will now allow the group if it is one of the
target user's supplemental groups as well.
Todd C. Miller [Fri, 26 Oct 2018 17:11:58 +0000 (11:11 -0600)]
Skip sudo_getgrouplist2() check on systems with getgrouplist_2().
sudo_getgrouplist2() is just a wrapper on such systems and this
avoids a test failure on macOS where a user is automatically a
member of certain groups.
Todd C. Miller [Mon, 22 Oct 2018 15:12:17 +0000 (09:12 -0600)]
Pass --sourcetree-root to pvs-studio and don't check sudo_noexec.c.
Since we don't auto-generate dependencies for sudo_noexec.c we
can't easily check it from outside the source tree. This
is not a problem as it just contains stub functions.
Todd C. Miller [Fri, 19 Oct 2018 19:33:37 +0000 (13:33 -0600)]
No need to check if fd_dst is -1 in sudoedit mode.
Failure to open the destination sudoedit file is fatal so there's
no need to check that fd_dst != -1 later on. Found by PVS-Studio.
Todd C. Miller [Thu, 18 Oct 2018 20:43:08 +0000 (14:43 -0600)]
Move the allocation of role to be immediately before in_role is set.
This makes it clear that when in_role == true, role is non-NULL.
Also remove two dead stores.
Todd C. Miller [Thu, 18 Oct 2018 20:19:09 +0000 (14:19 -0600)]
If sudo_ldap_get_values_len() fails goto cleanup instead of oom.
This is not strictly necessary as there's not anything to cleanup
in this case but it is more consistent with the code that follows.
Todd C. Miller [Thu, 18 Oct 2018 14:08:44 +0000 (08:08 -0600)]
Fix handling of timeout values in sudoers.
When passing the timeout back to the front end, ignore the
user-specified timeout if it is not set (initialized to 0).
Otherwise, sudo would choose a zero user-specified timeout over
the sudoers-specified timeout (non-zero).
Todd C. Miller [Tue, 16 Oct 2018 18:49:34 +0000 (12:49 -0600)]
sudo_ldap_parse_option() never returns '=' as the operator.
When parsing command_timeout, role, type, privs and limitprivs,
check that val is non-NULL instead. Found by PVS Studio.
Todd C. Miller [Sat, 13 Oct 2018 12:21:52 +0000 (06:21 -0600)]
Some DIAGNOSTICS updates:
Update error message for when the user's uid does not exist in passwd.
Remove "This error indicates" and some other cosmetic cleanups.
Todd C. Miller [Tue, 9 Oct 2018 20:20:13 +0000 (14:20 -0600)]
Make EOF handling while reading the password prompt more like getpass(3).
We now return the password as long as at least one character has
been read. Previously, EOF at the password prompt was treated as
if nothing was entered.
Todd C. Miller [Tue, 9 Oct 2018 19:25:52 +0000 (13:25 -0600)]
Print a warning for password read issues.
Issues include: timeout at the password prompt, read error while
reading the password, and EOF reading the password.
Todd C. Miller [Sun, 7 Oct 2018 13:26:28 +0000 (07:26 -0600)]
Use -Wstyle with -Tlint since sudo is not part of the base system.
This avoids "referenced manual not found" and "operating system
explicitly specified" warnings.
Todd C. Miller [Fri, 5 Oct 2018 20:48:35 +0000 (14:48 -0600)]
Add new -S option to sleep while the command was suspended.
The default behavior is now to not consider the time the command
was suspended as part of the normal inter-event delay.
Todd C. Miller [Fri, 5 Oct 2018 20:04:29 +0000 (14:04 -0600)]
Initialize the pty rows/cols based on the values we stored in user_details.
This fixes a minor issue where we would send an extra window size
change event the first time the command was suspended.
Todd C. Miller [Mon, 24 Sep 2018 11:30:03 +0000 (05:30 -0600)]
Remove special handling of the USERNAME environment variable. It
used to be set on old versions of Fedora but that hasn't been the
case for some time. It's worth noting that ssh doesn't set USERNAME
either.
Todd C. Miller [Thu, 20 Sep 2018 21:15:14 +0000 (15:15 -0600)]
In print_member_json_int() eliminate the need_newline variable
and just move the non-alias expansion printing bits into the
else clause, including the newline and comma printing.