]> granicus.if.org Git - sudo/log
sudo
6 years agoAssign short_list true, not 1 now that it is a boolean.
Todd C. Miller [Sun, 5 Aug 2018 02:02:00 +0000 (20:02 -0600)]
Assign short_list true, not 1 now that it is a boolean.

6 years agofix typo
Todd C. Miller [Sat, 4 Aug 2018 13:38:47 +0000 (07:38 -0600)]
fix typo

6 years agoFix a warning on FreeBSD which has a fancier __containerof implementation.
Todd C. Miller [Fri, 3 Aug 2018 17:45:01 +0000 (11:45 -0600)]
Fix a warning on FreeBSD which has a fancier __containerof implementation.

6 years agosync with translationproject.org
Todd C. Miller [Fri, 3 Aug 2018 16:14:58 +0000 (10:14 -0600)]
sync with translationproject.org

6 years agoRegen with aclocal 1.15.1.
Todd C. Miller [Thu, 2 Aug 2018 21:32:28 +0000 (15:32 -0600)]
Regen with aclocal 1.15.1.

6 years agoFor ldap/sssd, include defaults in the generate privilege unless
Todd C. Miller [Thu, 2 Aug 2018 20:45:00 +0000 (14:45 -0600)]
For ldap/sssd, include defaults in the generate privilege unless
we are listing in short mode (in which case we convert them to tags
if possible).  Fixes a problem where sudoOptions were not being
applied to the command.

6 years agoupdate_defaults() needs to be able to take a defaults_list for
Todd C. Miller [Thu, 2 Aug 2018 20:06:36 +0000 (14:06 -0600)]
update_defaults() needs to be able to take a defaults_list for
the ldap/sssd backends which support per-role defaults.

6 years agoregen
Todd C. Miller [Tue, 31 Jul 2018 13:14:26 +0000 (07:14 -0600)]
regen

6 years agoUpdate
Todd C. Miller [Mon, 30 Jul 2018 16:57:55 +0000 (10:57 -0600)]
Update

6 years agoo Move userspecs, defaults and aliases into a new struct sudoers_parse_tree.
Todd C. Miller [Thu, 26 Jul 2018 21:12:33 +0000 (15:12 -0600)]
o Move userspecs, defaults and aliases into a new struct sudoers_parse_tree.
o The parse tree is now passed to the alias, match and defaults functions.
o The nss API has been changed so that the nss parse() function returns
  a pointer to a struct sudoers_parse_tree which will be filled in
  by the getdefs() and query() functions.

6 years agoDon't need to preallocate 4 x NGROUP_MAX on AIX or BSD/Linux.
Todd C. Miller [Thu, 26 Jul 2018 21:12:26 +0000 (15:12 -0600)]
Don't need to preallocate 4 x NGROUP_MAX on AIX or BSD/Linux.
For BSD/Linux, getgrouplist(3) will tell us the number of groups if
we don't have enough.  For AIX, we can count the entries in the
group set before allocating the group vector.

6 years agoIgnore PAM_NEW_AUTHTOK_REQD and PAM_AUTHTOK_EXPIRED errors from
Todd C. Miller [Thu, 26 Jul 2018 18:31:29 +0000 (12:31 -0600)]
Ignore PAM_NEW_AUTHTOK_REQD and PAM_AUTHTOK_EXPIRED errors from
pam_acct_mgmt() if authentication is disabled for the user.
Bug #843

6 years agoWork around a bug on AIX where closing the pty slave causes the
Todd C. Miller [Mon, 23 Jul 2018 17:37:26 +0000 (11:37 -0600)]
Work around a bug on AIX where closing the pty slave causes the
main sudo process to lose its controlling tty (which was *not* the
pty slave).

6 years agoAdd missing aix_restoreauthdb() call to match the aix_setauthdb()
Todd C. Miller [Mon, 23 Jul 2018 16:36:08 +0000 (10:36 -0600)]
Add missing aix_restoreauthdb() call to match the aix_setauthdb()
added in b8a011be9af7.  Fixes issues on AIX where local users/groups
may not be resolved when some NIS/AD/LDAP is used for users.

6 years agoLinux getgrouplist(3) returns the number of groups on success instead
Todd C. Miller [Mon, 23 Jul 2018 13:23:17 +0000 (07:23 -0600)]
Linux getgrouplist(3) returns the number of groups on success instead
of 0 like BSD.

6 years agoWhen both a .o and .lo file was used in a Makefile, we used to make
Todd C. Miller [Fri, 20 Jul 2018 16:17:51 +0000 (10:17 -0600)]
When both a .o and .lo file was used in a Makefile, we used to make
the .o depend on the .lo.  Unfortunately, this creates a race
condition for parallel make since libtool is not atomic (it creates
a .o and then renames it when building PIC objects for shared libs).

We always link with libtool so the only reason to prefer the .o
over the .lo file is to avoid mixing .o and .lo in the dependencies.
That's not a good enough reason so change mkdep.pl to warn when
both a .o and .lo are referenced in a Makefile and do nothing else.

Bug #842

6 years agoAvoid duplicate free when netgroup_base is invalid.
Todd C. Miller [Sun, 15 Jul 2018 13:46:34 +0000 (07:46 -0600)]
Avoid duplicate free when netgroup_base is invalid.

6 years agoUse madvise(2) with MADV_WIPEONFORK if available.
Todd C. Miller [Tue, 3 Jul 2018 19:58:49 +0000 (13:58 -0600)]
Use madvise(2) with MADV_WIPEONFORK if available.

6 years agosync with translationproject.org
Todd C. Miller [Sun, 1 Jul 2018 18:00:35 +0000 (12:00 -0600)]
sync with translationproject.org

6 years agoUpdate.
Todd C. Miller [Sun, 1 Jul 2018 17:58:58 +0000 (11:58 -0600)]
Update.

6 years agosync with schema.OpenLDAP
Todd C. Miller [Mon, 25 Jun 2018 19:20:34 +0000 (13:20 -0600)]
sync with schema.OpenLDAP

6 years agoRFC 2849 specifies whitespace as the space character only so replace
Todd C. Miller [Mon, 25 Jun 2018 19:20:04 +0000 (13:20 -0600)]
RFC 2849 specifies whitespace as the space character only so replace
tabs with spaces. Bug #840

6 years agoFix typo; bug #839
Todd C. Miller [Mon, 25 Jun 2018 18:51:41 +0000 (12:51 -0600)]
Fix typo; bug #839

6 years agoShould no longer need to set max_groups.
Todd C. Miller [Sat, 16 Jun 2018 17:32:14 +0000 (11:32 -0600)]
Should no longer need to set max_groups.

6 years agoUse new sudo_getgrouplist2() function instead of getgrouplist().
Todd C. Miller [Fri, 15 Jun 2018 20:05:14 +0000 (14:05 -0600)]
Use new sudo_getgrouplist2() function instead of getgrouplist().

6 years agoAdd sudo_getgrouplist2() to dynamically allocate the group vector.
Todd C. Miller [Fri, 15 Jun 2018 20:05:13 +0000 (14:05 -0600)]
Add sudo_getgrouplist2() to dynamically allocate the group vector.
This allows us to avoid repeatedly calling getgrouplist() with
a statically sized vector on macOS, Solaris, HP-UX, and AIX.

6 years agoFix fd leak introduced by SUDO_CONV_PREFER_TTY commit. Coverity CID 186605.
Todd C. Miller [Fri, 15 Jun 2018 19:31:58 +0000 (13:31 -0600)]
Fix fd leak introduced by SUDO_CONV_PREFER_TTY commit.  Coverity CID 186605.

6 years agoFix some issues pointed out by mandoc -Tlint
Todd C. Miller [Wed, 13 Jun 2018 17:19:35 +0000 (11:19 -0600)]
Fix some issues pointed out by mandoc -Tlint

6 years agoAdd SUDO_CONV_PREFER_TTY flag for conversation function to tell
Todd C. Miller [Wed, 13 Jun 2018 17:19:33 +0000 (11:19 -0600)]
Add SUDO_CONV_PREFER_TTY flag for conversation function to tell
sudo to try writing to /dev/tty first.  Can be used in conjunction
with SUDO_CONV_INFO_MSG and SUDO_CONV_ERROR_MSG.

6 years agoUpdate for arc4random.c, arc4random_uniform.c and getentropy.c
Todd C. Miller [Fri, 8 Jun 2018 12:32:02 +0000 (06:32 -0600)]
Update for arc4random.c, arc4random_uniform.c and getentropy.c

6 years agoFreeBSD wordexp() returns WRDE_SYNTAX if it can't write to the shell
Todd C. Miller [Tue, 5 Jun 2018 21:37:16 +0000 (15:37 -0600)]
FreeBSD wordexp() returns WRDE_SYNTAX if it can't write to the shell
process.  Since we've prevented execve() from succeeding this is
the error we get back from wordexp() on FreeBSD.

6 years agoFix conversion of usec to nsec; from Scott Cheloha
Todd C. Miller [Tue, 5 Jun 2018 02:00:41 +0000 (20:00 -0600)]
Fix conversion of usec to nsec; from Scott Cheloha

6 years agoFix typo.
Todd C. Miller [Sat, 2 Jun 2018 03:15:57 +0000 (21:15 -0600)]
Fix typo.

6 years agoThe getdefs() function now get called multiple times so use the
Todd C. Miller [Tue, 29 May 2018 16:53:47 +0000 (10:53 -0600)]
The getdefs() function now get called multiple times so use the
cached data if present.

6 years agoReturn an empty defaults list, not NULL if there is no global sudoers
Todd C. Miller [Tue, 29 May 2018 16:24:57 +0000 (10:24 -0600)]
Return an empty defaults list, not NULL if there is no global sudoers
defaults entry in sss.

6 years agoFix memory leak of handle pointer on close.
Todd C. Miller [Tue, 29 May 2018 16:10:20 +0000 (10:10 -0600)]
Fix memory leak of handle pointer on close.

6 years agoRemove a needless copy when parsing options.
Todd C. Miller [Tue, 29 May 2018 15:39:42 +0000 (09:39 -0600)]
Remove a needless copy when parsing options.

6 years agoMove cached userspecs and defaults into the handle object.
Todd C. Miller [Tue, 29 May 2018 15:39:40 +0000 (09:39 -0600)]
Move cached userspecs and defaults into the handle object.

6 years agoQuiet a clang analyzer warning. It should not be possible for
Todd C. Miller [Mon, 28 May 2018 14:30:57 +0000 (08:30 -0600)]
Quiet a clang analyzer warning.  It should not be possible for
pop_include() to be called when YY_CURRENT_BUFFER is NULL.

6 years agoReorder things to avoid the need to declare static functions.
Todd C. Miller [Mon, 28 May 2018 13:35:51 +0000 (07:35 -0600)]
Reorder things to avoid the need to declare static functions.

6 years agoUse arc4random for mkstemp() and insults.
Todd C. Miller [Fri, 25 May 2018 03:04:23 +0000 (21:04 -0600)]
Use arc4random for mkstemp() and insults.

6 years agoImport arc4random() from libressl. This takes an all-in-one approach
Todd C. Miller [Fri, 25 May 2018 03:04:23 +0000 (21:04 -0600)]
Import arc4random() from libressl.  This takes an all-in-one approach
instead of the one-file-per-OS approach that libressl takes.
The fallback code does not have as many OS-specific bits as libressl.

6 years agoMove digest code into libutil
Todd C. Miller [Fri, 25 May 2018 03:04:07 +0000 (21:04 -0600)]
Move digest code into libutil

6 years agoCheck for invalid bas64 attributes.
Todd C. Miller [Sun, 20 May 2018 14:09:25 +0000 (08:09 -0600)]
Check for invalid bas64 attributes.

6 years agoFix pointer sign warnings.
Todd C. Miller [Sun, 20 May 2018 13:42:54 +0000 (07:42 -0600)]
Fix pointer sign warnings.

6 years agoAdd missing variable declaration for SELinux and Solaris.
Todd C. Miller [Sun, 20 May 2018 13:36:46 +0000 (07:36 -0600)]
Add missing variable declaration for SELinux and Solaris.

6 years agoHandle empty string and treat it as safe.
Todd C. Miller [Sun, 20 May 2018 13:36:00 +0000 (07:36 -0600)]
Handle empty string and treat it as safe.

6 years agoAdd support for base64-encoding non-safe strings in LDIF output.
Todd C. Miller [Sun, 20 May 2018 13:01:26 +0000 (07:01 -0600)]
Add support for base64-encoding non-safe strings in LDIF output.

6 years agoAdd base64_encode() by Jon Mayo.
Todd C. Miller [Sun, 20 May 2018 01:03:47 +0000 (19:03 -0600)]
Add base64_encode() by Jon Mayo.

6 years agoAdd support for parsing base64-encoded attributes
Todd C. Miller [Fri, 18 May 2018 16:11:51 +0000 (10:11 -0600)]
Add support for parsing base64-encoded attributes

6 years agorfc2253 says we need to escape " and leading and trailing space.
Todd C. Miller [Thu, 17 May 2018 17:16:44 +0000 (11:16 -0600)]
rfc2253 says we need to escape " and leading and trailing space.

6 years agoDefine ZLIB_CONST so we get the const version of the API.
Todd C. Miller [Thu, 17 May 2018 15:31:48 +0000 (09:31 -0600)]
Define ZLIB_CONST so we get the const version of the API.

6 years agoFix logic inversion when handing the authenticate Defaults option
Todd C. Miller [Wed, 16 May 2018 18:14:14 +0000 (12:14 -0600)]
Fix logic inversion when handing the authenticate Defaults option
for "sudo -l" and "sudo -v" in long list mode.

6 years agoSet handle->pw before sss_to_sudoers() since sss_check_user()
Todd C. Miller [Wed, 16 May 2018 16:48:50 +0000 (10:48 -0600)]
Set handle->pw before sss_to_sudoers() since sss_check_user()
uses it.  Coverity CID 185651

6 years agoFix memory leak on error, CID 185602
Todd C. Miller [Wed, 16 May 2018 16:45:00 +0000 (10:45 -0600)]
Fix memory leak on error, CID 185602

6 years agoSome ldap_get_values_len -> sudo_ldap_get_values_len that were
Todd C. Miller [Wed, 16 May 2018 16:37:15 +0000 (10:37 -0600)]
Some ldap_get_values_len -> sudo_ldap_get_values_len that were
missed before.

6 years agoWhen building up the cmndspec, add the actual command member last.
Todd C. Miller [Wed, 16 May 2018 16:27:28 +0000 (10:27 -0600)]
When building up the cmndspec, add the actual command member last.
This simplifies the logic regarding the SETENV tag and alsomakes
"out of memory" cleanup simpler.

6 years agoFix format string mismatch, sudo_order is unsigned.
Todd C. Miller [Wed, 16 May 2018 16:15:15 +0000 (10:15 -0600)]
Fix format string mismatch, sudo_order is unsigned.

6 years agoAdd cppcheck annotation to suppress memory leak false positive.
Todd C. Miller [Wed, 16 May 2018 16:14:39 +0000 (10:14 -0600)]
Add cppcheck annotation to suppress memory leak false positive.

6 years agoSudo "ALL" implies the SETENV tag.
Todd C. Miller [Wed, 16 May 2018 16:01:52 +0000 (10:01 -0600)]
Sudo "ALL" implies the SETENV tag.

6 years agoOnly set MODE_PRESERVE_ENV when preserving the entire environment.
Todd C. Miller [Wed, 16 May 2018 15:10:43 +0000 (09:10 -0600)]
Only set MODE_PRESERVE_ENV when preserving the entire environment.
Fixes a problem introduced in 1.8.23 where "sudo -i" could not be
used in conjunction with --preserve-env=VARIABLE.  Bug #835

6 years agoAdd free_userspecs() and free_default() and use them instead of
Todd C. Miller [Tue, 15 May 2018 22:35:07 +0000 (16:35 -0600)]
Add free_userspecs() and free_default() and use them instead of
looping over the lists and calling free_userspec() and free_default().

6 years agoDepending on the bos level, AIX 6.1 may or may not include
Todd C. Miller [Tue, 15 May 2018 15:53:46 +0000 (09:53 -0600)]
Depending on the bos level, AIX 6.1 may or may not include
getline/getdelim and AIX 7.1 may or may not include memset_s.
Since we need to build packages that will work on all AIX 6.1 and
7.1 machines, use our getline() and memset_s emulation.

6 years agoDo not leak struct sudo_command when the command is ALL.
Todd C. Miller [Mon, 14 May 2018 19:47:00 +0000 (13:47 -0600)]
Do not leak struct sudo_command when the command is ALL.
Coverity CID 185602.

6 years agoSudo 1.8.24
Todd C. Miller [Mon, 14 May 2018 19:04:14 +0000 (13:04 -0600)]
Sudo 1.8.24

6 years agoImprove comments about why we need to do a user check and how it
Todd C. Miller [Mon, 14 May 2018 16:43:51 +0000 (10:43 -0600)]
Improve comments about why we need to do a user check and how it
related to netgroups.

6 years agoAdd checks for ldap/sss functions failing due to memory allocation
Todd C. Miller [Mon, 14 May 2018 15:05:05 +0000 (09:05 -0600)]
Add checks for ldap/sss functions failing due to memory allocation
errors.

6 years agoLet the main sudoers lookup code check the host name. We still
Todd C. Miller [Mon, 14 May 2018 15:05:04 +0000 (09:05 -0600)]
Let the main sudoers lookup code check the host name.  We still
check the user name so it is possible to use a single userspec
but this may change in the future.

6 years agoSimplify the nss interface such that each sudoers provider fills
Todd C. Miller [Mon, 14 May 2018 15:05:03 +0000 (09:05 -0600)]
Simplify the nss interface such that each sudoers provider fills
in a per-nss list of userspecs and defaults instead of using separate
lookup and list functions.  This makes it possible to have a single
implementation of the code for sudoers lookup and listing.

6 years agoInclude parse.h in sudoers.h since it will soon be required.
Todd C. Miller [Mon, 14 May 2018 15:05:02 +0000 (09:05 -0600)]
Include parse.h in sudoers.h since it will soon be required.

6 years agoParse "ALL" as a command correctly.
Todd C. Miller [Mon, 14 May 2018 14:35:48 +0000 (08:35 -0600)]
Parse "ALL" as a command correctly.

6 years agoAdd debug warning if lseek() fails (should not be possible).
Todd C. Miller [Fri, 11 May 2018 13:51:43 +0000 (07:51 -0600)]
Add debug warning if lseek() fails (should not be possible).

6 years agoFix swapped args of lseek() when rewinding. This didn't cause a
Todd C. Miller [Fri, 11 May 2018 13:45:22 +0000 (07:45 -0600)]
Fix swapped args of lseek() when rewinding.  This didn't cause a
problem because the value of SEEK_SET is 0.

6 years agoFix a format-truncation warning in newer gcc by avoiding using %0x
Todd C. Miller [Fri, 11 May 2018 03:17:03 +0000 (21:17 -0600)]
Fix a format-truncation warning in newer gcc by avoiding using %0x
and %0X in the test.  We are formatting a single byte so just do
it one nybble at a time.

6 years agoRegen with autoconf git commit e17a30e987d7ee695fb4294a82d987ec3dc9b974
Todd C. Miller [Fri, 11 May 2018 02:44:09 +0000 (20:44 -0600)]
Regen with autoconf git commit e17a30e987d7ee695fb4294a82d987ec3dc9b974
AC_HEADER_MAJOR: port to glibc 2.25

6 years agoNo need to explicitly free role on EOF, it will be freed after the
Todd C. Miller [Thu, 3 May 2018 17:06:02 +0000 (11:06 -0600)]
No need to explicitly free role on EOF, it will be freed after the
loop is done.

6 years agoGarbage collect the command argv, envp and info vectors since they are
Todd C. Miller [Thu, 3 May 2018 16:52:17 +0000 (10:52 -0600)]
Garbage collect the command argv, envp and info vectors since they are
not available at policy close time.

6 years agoPlug memory leaks on parse error or when an LDIF entry doesn't match
Todd C. Miller [Thu, 3 May 2018 16:51:11 +0000 (10:51 -0600)]
Plug memory leaks on parse error or when an LDIF entry doesn't match
the dn filter.

6 years agoRename variables now that the string list functions are not ldap-specific.
Todd C. Miller [Thu, 3 May 2018 16:49:54 +0000 (10:49 -0600)]
Rename variables now that the string list functions are not ldap-specific.

6 years agoFix typo
Todd C. Miller [Mon, 30 Apr 2018 15:56:40 +0000 (09:56 -0600)]
Fix typo

6 years agofix version
Todd C. Miller [Sun, 29 Apr 2018 19:58:49 +0000 (13:58 -0600)]
fix version

6 years agosync
Todd C. Miller [Sun, 29 Apr 2018 19:52:28 +0000 (13:52 -0600)]
sync

6 years agosync with translationproject.org
Todd C. Miller [Sun, 29 Apr 2018 19:33:29 +0000 (13:33 -0600)]
sync with translationproject.org

6 years agoO_EXEC for fexecve() not O_SEARCH.
Todd C. Miller [Wed, 25 Apr 2018 20:55:55 +0000 (14:55 -0600)]
O_EXEC for fexecve() not O_SEARCH.

6 years agoDocument how to suppress the last login message on Solaris.
Todd C. Miller [Wed, 25 Apr 2018 15:56:22 +0000 (09:56 -0600)]
Document how to suppress the last login message on Solaris.

6 years agoFix compilation error with older Sun Studio compilers.
Todd C. Miller [Tue, 24 Apr 2018 22:40:16 +0000 (16:40 -0600)]
Fix compilation error with older Sun Studio compilers.

6 years agoUpdate Bug #831 decription.
Todd C. Miller [Tue, 24 Apr 2018 20:29:58 +0000 (14:29 -0600)]
Update Bug #831 decription.

6 years agoAdd Chinese(Taiwan) translation for sudo.
Todd C. Miller [Tue, 24 Apr 2018 16:45:30 +0000 (10:45 -0600)]
Add Chinese(Taiwan) translation for sudo.

6 years agoMove the check for /dev/fd/N until *after* the digest has been
Todd C. Miller [Tue, 24 Apr 2018 13:21:08 +0000 (07:21 -0600)]
Move the check for /dev/fd/N until *after* the digest has been
checked.  We still need to be able to check the digest even if there
is no /dev/fd/N or fexecve().

6 years agoRewind the fd after calling sudo_filedigest(). Otherwise, when
Todd C. Miller [Tue, 24 Apr 2018 02:43:04 +0000 (20:43 -0600)]
Rewind the fd after calling sudo_filedigest().  Otherwise, when
running a script via fexecve(), the interpreter may get EOF when
reading /dev/fd/N.  This only appears to affect BSD systems with
fdescfs.  Bug #831.

6 years agoIn open_cmnd(), return true, not false, if we the /dev/fd/N pathname
Todd C. Miller [Mon, 23 Apr 2018 20:42:35 +0000 (14:42 -0600)]
In open_cmnd(), return true, not false, if we the /dev/fd/N pathname
is not present.  We don't want to fail a match because of this.

6 years agoBug #831.
Todd C. Miller [Mon, 23 Apr 2018 17:01:49 +0000 (11:01 -0600)]
Bug #831.

6 years agoWe can only use fexecve() on a script if /dev/fd/N exists.
Todd C. Miller [Mon, 23 Apr 2018 16:54:51 +0000 (10:54 -0600)]
We can only use fexecve() on a script if /dev/fd/N exists.
Some systems, such as FreeBSD, don't have /dev/fd mounted
by default.  Bug #831

6 years agosync with translationproject.org
Todd C. Miller [Sun, 22 Apr 2018 12:58:53 +0000 (06:58 -0600)]
sync with translationproject.org

6 years agosync with translationproject.org
Todd C. Miller [Sat, 21 Apr 2018 19:56:36 +0000 (13:56 -0600)]
sync with translationproject.org

6 years agoAdd tests for round-tripping cvtsudoers, sudoers -> LDIF -> sudoers
Todd C. Miller [Sat, 21 Apr 2018 12:23:02 +0000 (06:23 -0600)]
Add tests for round-tripping cvtsudoers, sudoers -> LDIF -> sudoers
and LDIF -> sudoers -> LDIF.

6 years agoTest the -b option when converting from LDIF.
Todd C. Miller [Thu, 19 Apr 2018 15:24:08 +0000 (09:24 -0600)]
Test the -b option when converting from LDIF.

6 years agoFix the -b option when converting from LDIF.
Todd C. Miller [Thu, 19 Apr 2018 15:23:45 +0000 (09:23 -0600)]
Fix the -b option when converting from LDIF.

6 years agosync with translationproject.org
Todd C. Miller [Thu, 19 Apr 2018 03:14:10 +0000 (21:14 -0600)]
sync with translationproject.org

6 years agoFix some more typos.
Todd C. Miller [Wed, 18 Apr 2018 20:25:11 +0000 (14:25 -0600)]
Fix some more typos.