Todd C. Miller [Sun, 15 Apr 2018 14:14:46 +0000 (08:14 -0600)]
Prune alias contents when pruning and expanding aliases.
This abuses the userlist_matches_filter() and hostlist_matches_filter()
functions. A better approach would be to call the correct function
from user_matches() and host_matches().
Todd C. Miller [Wed, 4 Apr 2018 17:28:53 +0000 (11:28 -0600)]
Use btime in /proc/stat to determine system start time instead of
/proc/uptime. Fixes the process start time test when run from a
container where /proc/uptime is the uptime of the container but the
process start time is relative to the host system boot time.
Bug #829
Todd C. Miller [Fri, 30 Mar 2018 00:53:51 +0000 (18:53 -0600)]
No need to initialize the last pointer passed to strtok_r().
This was originally added to appease newer gcc but no longer
seems to be required. CID 183466, CID 183468, CID 183469
Todd C. Miller [Tue, 27 Mar 2018 22:00:08 +0000 (16:00 -0600)]
In pty_close() we still need to check whether the pty master and
slave fds are open before closing them. When no tty is present but
we are I/O logging pty_close() will be called when there is no
actual pty in use.
Todd C. Miller [Mon, 26 Mar 2018 12:28:23 +0000 (06:28 -0600)]
In pty_close() there is no need to remove events associated with
the pty slave as there are none. We also don't need to check for
the pty fds being -1 since they are not closed elsewhere and
pty_close() is only called if pty_setup() succeeds.
Todd C. Miller [Thu, 22 Mar 2018 17:38:39 +0000 (11:38 -0600)]
Add cvtsudoers command line option to suppress certain parts of the
security policy. Can be used to suppress displaying of Defaults
entries, aliases or privileges.
Todd C. Miller [Wed, 21 Mar 2018 18:24:11 +0000 (12:24 -0600)]
Initial support filtering by user, group and host in cvtsudoers.
Currently forces alias expansion when a filter is applied and the
entire matching user or host list is printed, even the non-matching
entries. This effectively allows you to grep sudoers by user, group
and host.
Todd C. Miller [Wed, 21 Mar 2018 18:11:19 +0000 (12:11 -0600)]
Add free_default() to free a struct defaults pointer so we have a
single place where we free the defaults. A pointer to the previous
Default's binding may be passed in to avoid freeing an already free
binding.
Todd C. Miller [Sun, 4 Mar 2018 14:03:43 +0000 (07:03 -0700)]
Initial support for adding comments that will be emitted when
sudoers is formatted. Currently adds a comment for the source
sudoRole when converting from ldif -> sudoers.
Todd C. Miller [Fri, 2 Mar 2018 16:27:27 +0000 (09:27 -0700)]
Refactor the code that actually converts the role to sudoers format
into role_to_sudoers() now that it is more involved than just calling
sudo_ldap_role_to_priv().
Todd C. Miller [Fri, 2 Mar 2018 13:42:29 +0000 (06:42 -0700)]
When merging two privileges, use the runas lists of the previous
privilege when possible. Otherwise, the generated sudoers line
will include a runas list for commands that is not necessary.
Todd C. Miller [Fri, 2 Mar 2018 03:31:01 +0000 (20:31 -0700)]
Use a case-insensitive comparison when matching user and group names
in sudoers with the passwd or group database. This can be necessary
when users and groups are stored in AD or LDAP.
Todd C. Miller [Wed, 28 Feb 2018 21:02:50 +0000 (14:02 -0700)]
When converting from ldif to sudoers, sudoRole objects with the
same user if possible. If both user and host are the same, merge
into a single privilege. This makes it possible to convert a
sudoers entry like:
Todd C. Miller [Wed, 28 Feb 2018 14:05:36 +0000 (07:05 -0700)]
Restore line to set MODE_PRESERVE_ENV in flags when the -E command
line option is used. The caller doesn't check MODE_PRESERVE_ENV
these days but parse_args uses it to detect usage errors when -E
is used along with a mutually excusive option. Problem found by
Yuriy Vostrikov.
Todd C. Miller [Sun, 25 Feb 2018 13:30:32 +0000 (06:30 -0700)]
When converting from LDAP to sudoers, put negated hosts and commands
at the end of the list. Since LDAP doesn't guarantee attribute order
we need to make sure negated entries always override non-negated ones.