sudo
12 years agosync with translationproject.org
Todd C. Miller [Mon, 9 Apr 2012 13:09:13 +0000 (09:09 -0400)]
sync with translationproject.org

12 years agoDo not use GLOB_BRACE or GLOB_TILDE flags to glob()--we want the
Todd C. Miller [Sun, 8 Apr 2012 22:00:31 +0000 (18:00 -0400)]
Do not use GLOB_BRACE or GLOB_TILDE flags to glob()--we want the
glob() and fnmatch() results to be consistent.

12 years agoMove ttysize.c to common so sudoreplay can use it.
Todd C. Miller [Fri, 6 Apr 2012 20:41:08 +0000 (16:41 -0400)]
Move ttysize.c to common so sudoreplay can use it.

12 years agoIf I/O log file includes rows + cols, warn if the user's tty is
Todd C. Miller [Fri, 6 Apr 2012 20:37:40 +0000 (16:37 -0400)]
If I/O log file includes rows + cols, warn if the user's tty is
not big enough.

12 years agoFix printing of TSID in "sudoreplay -l"
Todd C. Miller [Fri, 6 Apr 2012 20:34:43 +0000 (16:34 -0400)]
Fix printing of TSID in "sudoreplay -l"

12 years agoLog the process id in the debug file output. Since we don't want
Todd C. Miller [Fri, 6 Apr 2012 19:20:16 +0000 (15:20 -0400)]
Log the process id in the debug file output.  Since we don't want
to keep calling getpid(), stash the value at init time and when we
fork().

12 years agoIgnore SIGTTIN and SIGTTOU in main sudo process when I/O logging.
Todd C. Miller [Fri, 6 Apr 2012 16:45:30 +0000 (12:45 -0400)]
Ignore SIGTTIN and SIGTTOU in main sudo process when I/O logging.
It is better to receive EIO from read()/write() than to be suspended
when we don't expect it.  Fixes a problem when our terminal is
revoked which can happen when, e.g. our sshd is killed unceremoniously.
Also, only change the value of "alive" from true to false, never
from false to true.  It is possible for us to receive notification
of the child having stopped after it is already dead.  This does
not mean it has risen from the grave.

12 years agoDistinguish between signals we received from the parent vs. those
Todd C. Miller [Fri, 6 Apr 2012 16:40:13 +0000 (12:40 -0400)]
Distinguish between signals we received from the parent vs. those
delivered explicitly to the monitor process in debugging info.

12 years agoIn Solaris 11, /dev/pts under the "dev" filesystem, not "devices".
Todd C. Miller [Thu, 5 Apr 2012 17:21:22 +0000 (13:21 -0400)]
In Solaris 11, /dev/pts under the "dev" filesystem, not "devices".
Update tty_is_devpts() to match so we can determine when the tty
has been reused.

12 years agoAlways pass __func__, __FILE__ and __LINE__ in sudo_debug_printf()
Todd C. Miller [Thu, 5 Apr 2012 17:04:00 +0000 (13:04 -0400)]
Always pass __func__, __FILE__ and __LINE__ in sudo_debug_printf()
and use a new flag, SUDO_DEBUG_FILENO to specify when to use it.
This allows consumers of sudo_debug_printf() to log that data without
having to specify it manually.

12 years agoMake this compile after last change.
Todd C. Miller [Thu, 5 Apr 2012 16:59:26 +0000 (12:59 -0400)]
Make this compile after last change.

12 years agoDon't try to restore the terminal if we are not the foreground
Todd C. Miller [Thu, 5 Apr 2012 16:40:51 +0000 (12:40 -0400)]
Don't try to restore the terminal if we are not the foreground
process.  Otherwise, we may be stopped by SIGTTOU when we try to
update the terminal settings when cleaning up.

12 years agoIf select() return EBADF in the main event loop, one of the ttys
Todd C. Miller [Thu, 5 Apr 2012 16:39:46 +0000 (12:39 -0400)]
If select() return EBADF in the main event loop, one of the ttys
must have gone away so perform any I/O we can and close the bad
fds.

12 years agoLog warning() at SUDO_DEBUG_WARN not SUDO_DEBUG_ERROR.
Todd C. Miller [Thu, 5 Apr 2012 16:37:15 +0000 (12:37 -0400)]
Log warning() at SUDO_DEBUG_WARN not SUDO_DEBUG_ERROR.
Log the function, file and line number in the debug log for warning()
and error().

12 years agoAdd SUDO_DEBUG_ERRNO flag to debug functions so we can log errno.
Todd C. Miller [Wed, 4 Apr 2012 20:59:31 +0000 (16:59 -0400)]
Add SUDO_DEBUG_ERRNO flag to debug functions so we can log errno.
Use this flag when wrapping error() and warning() so the debug
output includes the error string.

12 years agoUpdate for sudo 1.8.5
Todd C. Miller [Fri, 30 Mar 2012 19:55:24 +0000 (15:55 -0400)]
Update for sudo 1.8.5

12 years agoregen
Todd C. Miller [Fri, 30 Mar 2012 19:45:11 +0000 (15:45 -0400)]
regen

12 years agosync
Todd C. Miller [Fri, 30 Mar 2012 19:44:23 +0000 (15:44 -0400)]
sync

12 years agoUse ecalloc()
Todd C. Miller [Fri, 30 Mar 2012 19:25:15 +0000 (15:25 -0400)]
Use ecalloc()

12 years agoDon't need zero_bytes() after ecalloc()
Todd C. Miller [Fri, 30 Mar 2012 18:59:27 +0000 (14:59 -0400)]
Don't need zero_bytes() after ecalloc()

12 years agoAdd execvpe(), exect(), posix_spawn() and posix_spawnp() wrappers
Todd C. Miller [Fri, 30 Mar 2012 13:36:30 +0000 (09:36 -0400)]
Add execvpe(), exect(), posix_spawn() and posix_spawnp() wrappers
to sudo_noexec.c.

12 years agoFix compat setutxent and endutxent macros for systems with
Todd C. Miller [Fri, 30 Mar 2012 11:55:49 +0000 (07:55 -0400)]
Fix compat setutxent and endutxent macros for systems with
setutent() but not setutxent().  From Gustavo Zacarias

12 years agoAdd ignore_result definition to AH_BOTTOM
Todd C. Miller [Thu, 29 Mar 2012 17:13:38 +0000 (13:13 -0400)]
Add ignore_result definition to AH_BOTTOM

12 years agoFix compiler warnings on some platforms and provide a better method
Todd C. Miller [Thu, 29 Mar 2012 14:33:40 +0000 (10:33 -0400)]
Fix compiler warnings on some platforms and provide a better method
of defeating gcc's warn_unused_result attribute.

12 years agoFix building the builtin zlib from a build dir.
Todd C. Miller [Thu, 29 Mar 2012 14:32:29 +0000 (10:32 -0400)]
Fix building the builtin zlib from a build dir.
When a zlib dir was specified, prepend its include path instead of
appending so we get the right zlib headers.

12 years agoUpdate zlib to version 1.2.6
Todd C. Miller [Thu, 29 Mar 2012 14:28:17 +0000 (10:28 -0400)]
Update zlib to version 1.2.6

12 years agog/c __unused which is no longer used
Todd C. Miller [Wed, 28 Mar 2012 21:07:29 +0000 (17:07 -0400)]
g/c __unused which is no longer used

12 years agoFix compilation if RTLD_NEXT is not defined.
Todd C. Miller [Wed, 28 Mar 2012 19:27:27 +0000 (15:27 -0400)]
Fix compilation if RTLD_NEXT is not defined.

12 years agosync with translationproject.org
Todd C. Miller [Wed, 28 Mar 2012 18:22:09 +0000 (14:22 -0400)]
sync with translationproject.org

12 years agoregen
Todd C. Miller [Wed, 28 Mar 2012 18:10:18 +0000 (14:10 -0400)]
regen

12 years agoregen
Todd C. Miller [Wed, 28 Mar 2012 18:08:28 +0000 (14:08 -0400)]
regen

12 years agoIgnore Project-Id-Version when comparing pot files.
Todd C. Miller [Wed, 28 Mar 2012 18:05:49 +0000 (14:05 -0400)]
Ignore Project-Id-Version when comparing pot files.

12 years agoUse error() instead of log_fatal()
Todd C. Miller [Wed, 28 Mar 2012 17:47:49 +0000 (13:47 -0400)]
Use error() instead of log_fatal()

12 years agoFix signedness of didvar in env_update_didvar()
Todd C. Miller [Wed, 28 Mar 2012 17:39:37 +0000 (13:39 -0400)]
Fix signedness of didvar in env_update_didvar()

12 years agoQuiet a compiler warning on some platforms.
Todd C. Miller [Wed, 28 Mar 2012 17:17:11 +0000 (13:17 -0400)]
Quiet a compiler warning on some platforms.

12 years agocast ctype(3) function/macro arguments from char to unsigned char
Todd C. Miller [Wed, 28 Mar 2012 17:07:54 +0000 (13:07 -0400)]
cast ctype(3) function/macro arguments from char to unsigned char
to avoid potential negative subscripting.

12 years agoQuiet a warning on systems where the gids array in setgroups() is
Todd C. Miller [Wed, 28 Mar 2012 15:14:22 +0000 (11:14 -0400)]
Quiet a warning on systems where the gids array in setgroups() is
not prototyped as being const, even though it really is.

12 years agoQuiet a compiler warning on systems where the argument to putenv(3)
Todd C. Miller [Wed, 28 Mar 2012 14:58:02 +0000 (10:58 -0400)]
Quiet a compiler warning on systems where the argument to putenv(3)
is const.

12 years agoUndo an incorrect int -> bool conversion.
Todd C. Miller [Wed, 28 Mar 2012 14:51:22 +0000 (10:51 -0400)]
Undo an incorrect int -> bool conversion.

12 years agoAdd Swedish sudo and sudoers translations from translationproject.org
Todd C. Miller [Wed, 28 Mar 2012 13:56:26 +0000 (09:56 -0400)]
Add Swedish sudo and sudoers translations from translationproject.org

12 years agoNo need to preserve ODMDIR on AIX now that we always read
Todd C. Miller [Wed, 28 Mar 2012 12:18:26 +0000 (08:18 -0400)]
No need to preserve ODMDIR on AIX now that we always read
/etc/environment.

12 years agoWhen initializing the environment for env_reset, start out with
Todd C. Miller [Tue, 27 Mar 2012 22:57:11 +0000 (18:57 -0400)]
When initializing the environment for env_reset, start out with
the contents of /etc/environment on AIX and login.conf on BSD.

12 years agoIf we are not running with an effective uid of 0, try to give the
Todd C. Miller [Tue, 27 Mar 2012 17:57:03 +0000 (13:57 -0400)]
If we are not running with an effective uid of 0, try to give the
user enough information to debug the problem.

12 years agoQuiet a clang-analyzer false positive.
Todd C. Miller [Tue, 27 Mar 2012 17:01:45 +0000 (13:01 -0400)]
Quiet a clang-analyzer false positive.

12 years agoIf there is nothing to read from the askpass program, set errno to
Todd C. Miller [Tue, 27 Mar 2012 16:41:28 +0000 (12:41 -0400)]
If there is nothing to read from the askpass program, set errno to
EINTR.  This makes the cancel button behave like the user entered
^C at the password prompt when PAM is used.

12 years agoFetch the value of "askpass" from the sudo conf struct.
Todd C. Miller [Tue, 27 Mar 2012 16:25:04 +0000 (12:25 -0400)]
Fetch the value of "askpass" from the sudo conf struct.

12 years agoFix matching of "Path askpass" and "Path noexec"
Todd C. Miller [Tue, 27 Mar 2012 16:24:39 +0000 (12:24 -0400)]
Fix matching of "Path askpass" and "Path noexec"

12 years agoQuiet a clang-analyzer dead store warning.
Todd C. Miller [Mon, 26 Mar 2012 15:03:23 +0000 (11:03 -0400)]
Quiet a clang-analyzer dead store warning.

12 years agoIf the "timestampowner" user cannot be resolved, use ROOT_UID instead
Todd C. Miller [Mon, 26 Mar 2012 15:02:06 +0000 (11:02 -0400)]
If the "timestampowner" user cannot be resolved, use ROOT_UID instead
of exiting with a fatal error.

12 years agoRemove the NO_EXIT flag to log_error() and add a log_fatal() function
Todd C. Miller [Mon, 26 Mar 2012 14:59:14 +0000 (10:59 -0400)]
Remove the NO_EXIT flag to log_error() and add a log_fatal() function
that exits and is marked no_return.  Fixes false positives from
static analyzers and is easier for humans to read too.

12 years agosync with translationproject.org
Todd C. Miller [Sat, 24 Mar 2012 17:38:38 +0000 (13:38 -0400)]
sync with translationproject.org

12 years agosync with translationproject.org
Todd C. Miller [Tue, 20 Mar 2012 18:38:30 +0000 (14:38 -0400)]
sync with translationproject.org

12 years agosync with translationproject.org
Todd C. Miller [Tue, 20 Mar 2012 18:08:58 +0000 (14:08 -0400)]
sync with translationproject.org

12 years agosync with translationproject.org
Todd C. Miller [Mon, 19 Mar 2012 15:25:07 +0000 (11:25 -0400)]
sync with translationproject.org

12 years agoUse ecalloc() when allocating structs.
Todd C. Miller [Mon, 19 Mar 2012 15:24:24 +0000 (11:24 -0400)]
Use ecalloc() when allocating structs.

12 years agoAdd ecalloc() and commented out recalloc().
Todd C. Miller [Mon, 19 Mar 2012 15:23:25 +0000 (11:23 -0400)]
Add ecalloc() and commented out recalloc().
Use inline strnlen() instead of strlen() in estrndup().

12 years agosync with translationproject.org
Todd C. Miller [Sun, 18 Mar 2012 16:47:27 +0000 (12:47 -0400)]
sync with translationproject.org

12 years agoRemove unused label
Todd C. Miller [Sat, 17 Mar 2012 00:13:43 +0000 (20:13 -0400)]
Remove unused label

12 years agoDocument what changed in each plugin API revision
Todd C. Miller [Fri, 16 Mar 2012 18:39:12 +0000 (14:39 -0400)]
Document what changed in each plugin API revision

12 years agoRemove bogus optimization that could lead to a double free of the
Todd C. Miller [Fri, 16 Mar 2012 16:00:32 +0000 (12:00 -0400)]
Remove bogus optimization that could lead to a double free of the
group list.

12 years agoExpand AIX /etc/security/privcmds entry.
Todd C. Miller [Thu, 15 Mar 2012 19:25:13 +0000 (15:25 -0400)]
Expand AIX /etc/security/privcmds entry.

12 years agoUpdate for sudo 1.8.5
Todd C. Miller [Thu, 15 Mar 2012 16:32:56 +0000 (12:32 -0400)]
Update for sudo 1.8.5

12 years agoRename plugin "args" to "options"
Todd C. Miller [Thu, 15 Mar 2012 16:32:31 +0000 (12:32 -0400)]
Rename plugin "args" to "options"

12 years agoAdd Lithuanian and Vietnamese translators
Todd C. Miller [Thu, 15 Mar 2012 16:21:36 +0000 (12:21 -0400)]
Add Lithuanian and Vietnamese translators

12 years agoIgnore comments when comparing new and old pot files.
Todd C. Miller [Thu, 15 Mar 2012 15:44:35 +0000 (11:44 -0400)]
Ignore comments when comparing new and old pot files.

12 years agoregen
Todd C. Miller [Thu, 15 Mar 2012 13:19:28 +0000 (09:19 -0400)]
regen

12 years agoregen
Todd C. Miller [Thu, 15 Mar 2012 13:18:50 +0000 (09:18 -0400)]
regen

12 years agoPass a pointer to user_env in to the init_session policy plugin
Todd C. Miller [Thu, 15 Mar 2012 13:18:36 +0000 (09:18 -0400)]
Pass a pointer to user_env in to the init_session policy plugin
function so session setup can modify the user environment as needed.
For PAM authentication, merge the PAM environment with the user
environment at init_session time.  We no longer need to swap in the
user_env for environ during session init, nor do we need to disable
the env hooks at init_session time.

12 years agoAdd explicit NULL entries for init_session, register_hooks and
Todd C. Miller [Thu, 15 Mar 2012 13:02:19 +0000 (09:02 -0400)]
Add explicit NULL entries for init_session, register_hooks and
deregister_hooks with appropriate comments.

12 years agoQuiet a gcc "used uninitialized in this function" false positive.
Todd C. Miller [Thu, 15 Mar 2012 12:56:12 +0000 (08:56 -0400)]
Quiet a gcc "used uninitialized in this function" false positive.

12 years agoWe should always call warning() with a format string or a string literal.
Todd C. Miller [Thu, 15 Mar 2012 12:47:23 +0000 (08:47 -0400)]
We should always call warning() with a format string or a string literal.
In this case, the argument (path) is not user-controlled.

12 years agoInclude sudo_exec.h for the sudo_execve() prototype.
Todd C. Miller [Thu, 15 Mar 2012 01:52:31 +0000 (21:52 -0400)]
Include sudo_exec.h for the sudo_execve() prototype.

12 years agoAdd check for pam_getenvlist()
Todd C. Miller [Thu, 15 Mar 2012 00:55:11 +0000 (20:55 -0400)]
Add check for pam_getenvlist()

12 years agoSet args to NULL in default plugin info struct when there is no
Todd C. Miller [Wed, 14 Mar 2012 19:07:50 +0000 (15:07 -0400)]
Set args to NULL in default plugin info struct when there is no
Plugin line in sudo.conf.

12 years agoregen
Todd C. Miller [Wed, 14 Mar 2012 18:20:55 +0000 (14:20 -0400)]
regen

12 years agoregen
Todd C. Miller [Wed, 14 Mar 2012 18:20:16 +0000 (14:20 -0400)]
regen

12 years agoBump version to 1.8.5
Todd C. Miller [Wed, 14 Mar 2012 18:17:44 +0000 (14:17 -0400)]
Bump version to 1.8.5

12 years agoDocument hooks API
Todd C. Miller [Wed, 14 Mar 2012 18:11:18 +0000 (14:11 -0400)]
Document hooks API

12 years agoMake sudoersdir relative to PKG_INSTALL_ROOT for Solaris.
Todd C. Miller [Tue, 13 Mar 2012 21:38:03 +0000 (17:38 -0400)]
Make sudoersdir relative to PKG_INSTALL_ROOT for Solaris.

12 years agoUse sudo_hook_fn_t in struct sudo_hook.
Todd C. Miller [Tue, 13 Mar 2012 21:32:50 +0000 (17:32 -0400)]
Use sudo_hook_fn_t in struct sudo_hook.

12 years agoIf cross compiling, --host must include the OS in the tuple.
Todd C. Miller [Tue, 13 Mar 2012 15:01:23 +0000 (11:01 -0400)]
If cross compiling, --host must include the OS in the tuple.
E.g. --host powerpc-unknown-linux

12 years agoFix bogus int -> bool conversion; tags can have a value of -1.
Todd C. Miller [Mon, 12 Mar 2012 23:34:19 +0000 (19:34 -0400)]
Fix bogus int -> bool conversion; tags can have a value of -1.

12 years agoAdd env_should_keep() and env_should_delete() wrapper functions to
Todd C. Miller [Mon, 12 Mar 2012 20:45:22 +0000 (16:45 -0400)]
Add env_should_keep() and env_should_delete() wrapper functions to
simplify things a bit and hide the fact that matches_env_check()
is not bool.

12 years agoFix application of debian-specific sudoers mods when building packages
Todd C. Miller [Mon, 12 Mar 2012 19:04:03 +0000 (15:04 -0400)]
Fix application of debian-specific sudoers mods when building packages
as non-root.

12 years agomatches_env_check() returns int, not boolean
Todd C. Miller [Mon, 12 Mar 2012 17:53:54 +0000 (13:53 -0400)]
matches_env_check() returns int, not boolean

12 years agoFix compilation when seteuid() is not available.
Todd C. Miller [Mon, 12 Mar 2012 17:52:51 +0000 (13:52 -0400)]
Fix compilation when seteuid() is not available.

12 years agoSimply move the free of ki_proc outside the realloc() loop.
Todd C. Miller [Mon, 12 Mar 2012 15:37:33 +0000 (11:37 -0400)]
Simply move the free of ki_proc outside the realloc() loop.

12 years agoBring back the erealloc() for the ENOMEM loop and just zero the
Todd C. Miller [Mon, 12 Mar 2012 14:49:26 +0000 (10:49 -0400)]
Bring back the erealloc() for the ENOMEM loop and just zero the
pointer after we free it.

12 years agoDon't try to erealloc() a potentially freed pointer; Mateusz Guzik
Todd C. Miller [Mon, 12 Mar 2012 12:54:40 +0000 (08:54 -0400)]
Don't try to erealloc() a potentially freed pointer; Mateusz Guzik

12 years agoUse normal error path if unable to set sudoers gid.
Todd C. Miller [Sat, 10 Mar 2012 21:38:14 +0000 (16:38 -0500)]
Use normal error path if unable to set sudoers gid.

12 years agoMake this work again on systems w/o seteuid().
Todd C. Miller [Sat, 10 Mar 2012 20:29:46 +0000 (15:29 -0500)]
Make this work again on systems w/o seteuid().

12 years agoFix compilation if no seteuid/setreuid/setresuid available.
Todd C. Miller [Fri, 9 Mar 2012 22:28:59 +0000 (17:28 -0500)]
Fix compilation if no seteuid/setreuid/setresuid available.

12 years agoBetter error messages, and added debugging throughout.
Todd C. Miller [Fri, 9 Mar 2012 22:07:41 +0000 (17:07 -0500)]
Better error messages, and added debugging throughout.
Fixed seteuid() version of set_perms()/restore_perms().
Fixed logic bug in AIX version of restore_perms().
Added checks to avoid changing uid/gid when we don't have to.
Never set gid/uid state to -1, use the old value instead.

12 years agoFix format string warning on Solaris with gcc 3.4.3.
Todd C. Miller [Fri, 9 Mar 2012 17:45:24 +0000 (12:45 -0500)]
Fix format string warning on Solaris with gcc 3.4.3.

12 years agoAlways declare environ now that we swap it around unilaterally.
Todd C. Miller [Fri, 9 Mar 2012 17:42:30 +0000 (12:42 -0500)]
Always declare environ now that we swap it around unilaterally.

12 years agoHonor LDFLAGS when linking sesh; from Vita Cizek
Todd C. Miller [Fri, 9 Mar 2012 15:07:00 +0000 (10:07 -0500)]
Honor LDFLAGS when linking sesh; from Vita Cizek

12 years agoInclude alloc.h for estrdup() prototype; from Vita Cizek
Todd C. Miller [Fri, 9 Mar 2012 15:06:27 +0000 (10:06 -0500)]
Include alloc.h for estrdup() prototype; from Vita Cizek

12 years agoDon't read /etc/environment on Linux when using PAM, PAM should set
Todd C. Miller [Thu, 8 Mar 2012 19:51:03 +0000 (14:51 -0500)]
Don't read /etc/environment on Linux when using PAM, PAM should set
the environment variables as needed via pam_env.

12 years agoFix editor goof.
Todd C. Miller [Thu, 8 Mar 2012 18:19:39 +0000 (13:19 -0500)]
Fix editor goof.

12 years agoDisable environment hooks after we get user_env back to make sure
Todd C. Miller [Thu, 8 Mar 2012 16:30:21 +0000 (11:30 -0500)]
Disable environment hooks after we get user_env back to make sure
a plugin can't to modify user_env after we "own" it.  This is kind
of a hack but we don't want the init_session plugin function to
modify user_env.