Todd C. Miller [Tue, 8 May 2012 20:36:39 +0000 (16:36 -0400)]
Emulate RTLD_DEFAULT and RTLD_SELF w/ shl_findsym() using NULL
and PROG_HANDLE.
Todd C. Miller [Tue, 8 May 2012 17:35:52 +0000 (13:35 -0400)]
Add group plugin that does lookups by name using the system group
database.
Todd C. Miller [Tue, 8 May 2012 14:57:07 +0000 (10:57 -0400)]
sync with translationproject.org
Todd C. Miller [Thu, 3 May 2012 19:46:39 +0000 (15:46 -0400)]
sync with translationproject.org
Todd C. Miller [Tue, 1 May 2012 17:47:14 +0000 (13:47 -0400)]
Add mode for docdir and use '-' (default) for localedir mode. Fixes
a problem on Linux when building in a directory with the setgid bit
set.
Todd C. Miller [Mon, 30 Apr 2012 23:36:01 +0000 (19:36 -0400)]
Match CentOS 6.0
Todd C. Miller [Tue, 24 Apr 2012 20:14:12 +0000 (16:14 -0400)]
Update with recent changes
Todd C. Miller [Tue, 24 Apr 2012 19:57:16 +0000 (15:57 -0400)]
Fix version check on AIX
Todd C. Miller [Tue, 24 Apr 2012 17:42:28 +0000 (13:42 -0400)]
regen
Todd C. Miller [Tue, 24 Apr 2012 16:52:36 +0000 (12:52 -0400)]
Need to call ldapssl_clientauth_init() for start_tls on Mozilla
LDAP SDK.
Todd C. Miller [Tue, 24 Apr 2012 14:34:02 +0000 (10:34 -0400)]
Fix printing of invalid uri
Todd C. Miller [Tue, 24 Apr 2012 13:48:58 +0000 (09:48 -0400)]
Pass PAM_SILENT when deleting creds to remove an annoying warning
message on Solaris.
Todd C. Miller [Tue, 24 Apr 2012 00:04:26 +0000 (20:04 -0400)]
Fix the setutxent and endutxent compatibility defines (this time
correctly) when only setutent and endutent are available.
Todd C. Miller [Mon, 23 Apr 2012 23:56:41 +0000 (19:56 -0400)]
sudo_ldap_set_options_global() should not take an LDAP handle as
an argument since the options affect the global settings.
Todd C. Miller [Mon, 23 Apr 2012 20:47:42 +0000 (16:47 -0400)]
Debian sudo has not been built with --with-exempt=sudo since 1.6.8.
Todd C. Miller [Mon, 23 Apr 2012 20:38:16 +0000 (16:38 -0400)]
Call the policy's init_session() function before we fork the child.
That way, the session is created and destroyed in the same process,
which is needed by some modules, such as pam_mount.
Todd C. Miller [Mon, 23 Apr 2012 20:29:48 +0000 (16:29 -0400)]
Add entry for SSL LDAP errors on Mozilla SDKs when the cert dir is
not specified.
Todd C. Miller [Mon, 23 Apr 2012 20:11:49 +0000 (16:11 -0400)]
Delete creds after closing the PAM session.
Todd C. Miller [Mon, 23 Apr 2012 19:30:34 +0000 (15:30 -0400)]
Provide a more useful error message if using a Mozilla-style LDAP
SDK and you forgot to specify TLS_CERT in ldap.conf.
Todd C. Miller [Mon, 23 Apr 2012 18:56:31 +0000 (14:56 -0400)]
Add missing initialization of a sigaction structure when I/O logging.
Fixes a potential problem when suspending the command.
Todd C. Miller [Mon, 23 Apr 2012 17:08:57 +0000 (13:08 -0400)]
Split global and per-connection LDAP options into separate arrays.
Set global LDAP options before calling ldap_initialize() or ldap_init().
After we have an LDAP handle, set the per-connection options.
Fixes a problem with OpenLDAP using the nss crypto backend; bug #342
Todd C. Miller [Mon, 23 Apr 2012 12:12:36 +0000 (08:12 -0400)]
sync with translationproject.org
Todd C. Miller [Sat, 21 Apr 2012 17:37:46 +0000 (13:37 -0400)]
Move struct passwd pointer into struct command details.
Todd C. Miller [Fri, 20 Apr 2012 19:36:23 +0000 (15:36 -0400)]
Sync with upstream for Mac OS X (and other) fixes.
Todd C. Miller [Fri, 20 Apr 2012 14:38:43 +0000 (10:38 -0400)]
Only built Mac intel universal binary on an intel machine.
Todd C. Miller [Fri, 20 Apr 2012 13:41:18 +0000 (09:41 -0400)]
Do not pass libtool the -static-libtool-libs option when building
sudo and sesh. Otherwise, libtool may prefer a static version of
an installed library over a dynamic one when linking.
Todd C. Miller [Thu, 19 Apr 2012 15:54:15 +0000 (11:54 -0400)]
Add German translation for sudo
Add Croatian translation for sudoers
Todd C. Miller [Thu, 19 Apr 2012 15:49:18 +0000 (11:49 -0400)]
typo fix in comment
Todd C. Miller [Mon, 16 Apr 2012 18:23:19 +0000 (14:23 -0400)]
Update with recent changes
Todd C. Miller [Mon, 16 Apr 2012 16:55:11 +0000 (12:55 -0400)]
Sort xgettext output by file name.
Todd C. Miller [Mon, 16 Apr 2012 15:45:29 +0000 (11:45 -0400)]
Clarify what "sudoreplay -l" displays and mention that it is sorted.
Todd C. Miller [Mon, 16 Apr 2012 14:25:49 +0000 (10:25 -0400)]
Use AC_HEADER_MAJOR to determine where major/minor are defined.
Todd C. Miller [Mon, 16 Apr 2012 14:18:32 +0000 (10:18 -0400)]
Include sys/mkdev.h if present instead of sys/sysmacros.h for
minor(). This is needed on Solaris (at least) where the makedev
macros in sysmacros.h are obsolete and library functions should be
used instead.
Todd C. Miller [Mon, 16 Apr 2012 14:14:56 +0000 (10:14 -0400)]
When building on Mac OS X, only set SDK_FLAGS if specified osversion
doesn't match host.
Todd C. Miller [Sun, 15 Apr 2012 17:10:26 +0000 (13:10 -0400)]
Add back buf and tty variables for _ttyname() case that were
inadvertantly removed.
Todd C. Miller [Fri, 13 Apr 2012 20:22:16 +0000 (16:22 -0400)]
regen
Todd C. Miller [Fri, 13 Apr 2012 20:16:40 +0000 (16:16 -0400)]
Remove b8 from version number.
Todd C. Miller [Fri, 13 Apr 2012 20:16:10 +0000 (16:16 -0400)]
remove some XXX
Todd C. Miller [Fri, 13 Apr 2012 20:00:32 +0000 (16:00 -0400)]
When looking for a device match, do a breadth-first search instead
of depth-first. We already special case /dev/pts/ so chances are
good that if it is not a pseudo-tty it is in the base of /dev/.
Also avoid a stat(2) when possible if struct dirent has d_type.
Todd C. Miller [Fri, 13 Apr 2012 19:18:40 +0000 (15:18 -0400)]
Pass pid, ppid, sid, pgid and tcpgid to plugin in user_info list.
Todd C. Miller [Fri, 13 Apr 2012 18:17:26 +0000 (14:17 -0400)]
sync with translationproject.org
Todd C. Miller [Fri, 13 Apr 2012 18:15:22 +0000 (14:15 -0400)]
New Croatian and Galician translations from translationproject.org
Todd C. Miller [Fri, 13 Apr 2012 16:54:03 +0000 (12:54 -0400)]
Add depth-first traversal of /dev/ for the /proc case when not /dev/pts/N
Todd C. Miller [Fri, 13 Apr 2012 12:36:58 +0000 (08:36 -0400)]
If struct dirent has d_type, use it to avoid an extra stat().
Todd C. Miller [Fri, 13 Apr 2012 12:35:19 +0000 (08:35 -0400)]
Sort output of "sudoreplay -l"
Todd C. Miller [Thu, 12 Apr 2012 19:17:00 +0000 (15:17 -0400)]
Fix duplicate free introduced in last rev
Todd C. Miller [Wed, 11 Apr 2012 23:51:56 +0000 (19:51 -0400)]
Instead of treating ^C from tgetpass() specially, always
return AUTH_INTR if tgetpass() returned NULL.
Treat PAM_AUTHINFO_UNAVAIL like PAM_AUTH_ERR which Mac OS X
returns this when there is no tty.
Todd C. Miller [Wed, 11 Apr 2012 18:48:08 +0000 (14:48 -0400)]
Rototill code to determine the tty. For Linux, we now look up the
tty device in /proc/pid/stat instead of trying to open /proc/pid/fd/[0-2].
The sudo_ttyname_dev() function maps the given device number to a
string. On BSD, we can use devname(). On Solaris, _ttyname_dev()
does what we want.
TODO: write /dev/ traversal code for the generic sudo_ttyname_dev().
Todd C. Miller [Tue, 10 Apr 2012 20:12:08 +0000 (16:12 -0400)]
Define PRNODEV for those w/o it.
Todd C. Miller [Tue, 10 Apr 2012 19:53:41 +0000 (15:53 -0400)]
Check for SVR4-style struct psinfo.pr_ttydev and use that to determine
the tty if std{in,out,err} are not ttys.
Todd C. Miller [Tue, 10 Apr 2012 18:35:30 +0000 (14:35 -0400)]
Better support for SVR4-style /proc entries where we can't use
ttyname() on the /proc/pid/fd/[0-2] entries. We can, however,
attempt to map the device number back to the correct pseudo-tty
slave device.
Todd C. Miller [Tue, 10 Apr 2012 17:49:49 +0000 (13:49 -0400)]
When trying to determine the tty name, check parent's stderr in
addition to its stdin and stdout.
Todd C. Miller [Tue, 10 Apr 2012 14:18:59 +0000 (10:18 -0400)]
Treat a tty read failure like EOF as it usually means the pty has
gone away. Handle write() on the tty returning EIO.
Todd C. Miller [Tue, 10 Apr 2012 14:18:39 +0000 (10:18 -0400)]
Linux select() may return ENOMEM if there is a kernel resource
shortage. Older Solaris select() may return EIO instead of EBADF
when the tty goes away. If we get an unhandled select() failure,
kill the child and exit cleanly.
Todd C. Miller [Tue, 10 Apr 2012 13:26:52 +0000 (09:26 -0400)]
Open /proc/pid/fd/[0-2] in non-blocking mode just in case we might
block in open.
Todd C. Miller [Mon, 9 Apr 2012 19:39:01 +0000 (15:39 -0400)]
Fix restoration of AIX permissions.
Todd C. Miller [Mon, 9 Apr 2012 18:27:33 +0000 (14:27 -0400)]
Allow the -k flag to be used along with the -i and -s flags.
Todd C. Miller [Mon, 9 Apr 2012 13:14:53 +0000 (09:14 -0400)]
Plug memory leak in parse_logfile() in the error path.
Todd C. Miller [Mon, 9 Apr 2012 13:09:13 +0000 (09:09 -0400)]
sync with translationproject.org
Todd C. Miller [Sun, 8 Apr 2012 22:00:31 +0000 (18:00 -0400)]
Do not use GLOB_BRACE or GLOB_TILDE flags to glob()--we want the
glob() and fnmatch() results to be consistent.
Todd C. Miller [Fri, 6 Apr 2012 20:41:08 +0000 (16:41 -0400)]
Move ttysize.c to common so sudoreplay can use it.
Todd C. Miller [Fri, 6 Apr 2012 20:37:40 +0000 (16:37 -0400)]
If I/O log file includes rows + cols, warn if the user's tty is
not big enough.
Todd C. Miller [Fri, 6 Apr 2012 20:34:43 +0000 (16:34 -0400)]
Fix printing of TSID in "sudoreplay -l"
Todd C. Miller [Fri, 6 Apr 2012 19:20:16 +0000 (15:20 -0400)]
Log the process id in the debug file output. Since we don't want
to keep calling getpid(), stash the value at init time and when we
fork().
Todd C. Miller [Fri, 6 Apr 2012 16:45:30 +0000 (12:45 -0400)]
Ignore SIGTTIN and SIGTTOU in main sudo process when I/O logging.
It is better to receive EIO from read()/write() than to be suspended
when we don't expect it. Fixes a problem when our terminal is
revoked which can happen when, e.g. our sshd is killed unceremoniously.
Also, only change the value of "alive" from true to false, never
from false to true. It is possible for us to receive notification
of the child having stopped after it is already dead. This does
not mean it has risen from the grave.
Todd C. Miller [Fri, 6 Apr 2012 16:40:13 +0000 (12:40 -0400)]
Distinguish between signals we received from the parent vs. those
delivered explicitly to the monitor process in debugging info.
Todd C. Miller [Thu, 5 Apr 2012 17:21:22 +0000 (13:21 -0400)]
In Solaris 11, /dev/pts under the "dev" filesystem, not "devices".
Update tty_is_devpts() to match so we can determine when the tty
has been reused.
Todd C. Miller [Thu, 5 Apr 2012 17:04:00 +0000 (13:04 -0400)]
Always pass __func__, __FILE__ and __LINE__ in sudo_debug_printf()
and use a new flag, SUDO_DEBUG_FILENO to specify when to use it.
This allows consumers of sudo_debug_printf() to log that data without
having to specify it manually.
Todd C. Miller [Thu, 5 Apr 2012 16:59:26 +0000 (12:59 -0400)]
Make this compile after last change.
Todd C. Miller [Thu, 5 Apr 2012 16:40:51 +0000 (12:40 -0400)]
Don't try to restore the terminal if we are not the foreground
process. Otherwise, we may be stopped by SIGTTOU when we try to
update the terminal settings when cleaning up.
Todd C. Miller [Thu, 5 Apr 2012 16:39:46 +0000 (12:39 -0400)]
If select() return EBADF in the main event loop, one of the ttys
must have gone away so perform any I/O we can and close the bad
fds.
Todd C. Miller [Thu, 5 Apr 2012 16:37:15 +0000 (12:37 -0400)]
Log warning() at SUDO_DEBUG_WARN not SUDO_DEBUG_ERROR.
Log the function, file and line number in the debug log for warning()
and error().
Todd C. Miller [Wed, 4 Apr 2012 20:59:31 +0000 (16:59 -0400)]
Add SUDO_DEBUG_ERRNO flag to debug functions so we can log errno.
Use this flag when wrapping error() and warning() so the debug
output includes the error string.
Todd C. Miller [Fri, 30 Mar 2012 19:55:24 +0000 (15:55 -0400)]
Update for sudo 1.8.5
Todd C. Miller [Fri, 30 Mar 2012 19:45:11 +0000 (15:45 -0400)]
regen
Todd C. Miller [Fri, 30 Mar 2012 19:44:23 +0000 (15:44 -0400)]
sync
Todd C. Miller [Fri, 30 Mar 2012 19:25:15 +0000 (15:25 -0400)]
Use ecalloc()
Todd C. Miller [Fri, 30 Mar 2012 18:59:27 +0000 (14:59 -0400)]
Don't need zero_bytes() after ecalloc()
Todd C. Miller [Fri, 30 Mar 2012 13:36:30 +0000 (09:36 -0400)]
Add execvpe(), exect(), posix_spawn() and posix_spawnp() wrappers
to sudo_noexec.c.
Todd C. Miller [Fri, 30 Mar 2012 11:55:49 +0000 (07:55 -0400)]
Fix compat setutxent and endutxent macros for systems with
setutent() but not setutxent(). From Gustavo Zacarias
Todd C. Miller [Thu, 29 Mar 2012 17:13:38 +0000 (13:13 -0400)]
Add ignore_result definition to AH_BOTTOM
Todd C. Miller [Thu, 29 Mar 2012 14:33:40 +0000 (10:33 -0400)]
Fix compiler warnings on some platforms and provide a better method
of defeating gcc's warn_unused_result attribute.
Todd C. Miller [Thu, 29 Mar 2012 14:32:29 +0000 (10:32 -0400)]
Fix building the builtin zlib from a build dir.
When a zlib dir was specified, prepend its include path instead of
appending so we get the right zlib headers.
Todd C. Miller [Thu, 29 Mar 2012 14:28:17 +0000 (10:28 -0400)]
Update zlib to version 1.2.6
Todd C. Miller [Wed, 28 Mar 2012 21:07:29 +0000 (17:07 -0400)]
g/c __unused which is no longer used
Todd C. Miller [Wed, 28 Mar 2012 19:27:27 +0000 (15:27 -0400)]
Fix compilation if RTLD_NEXT is not defined.
Todd C. Miller [Wed, 28 Mar 2012 18:22:09 +0000 (14:22 -0400)]
sync with translationproject.org
Todd C. Miller [Wed, 28 Mar 2012 18:10:18 +0000 (14:10 -0400)]
regen
Todd C. Miller [Wed, 28 Mar 2012 18:08:28 +0000 (14:08 -0400)]
regen
Todd C. Miller [Wed, 28 Mar 2012 18:05:49 +0000 (14:05 -0400)]
Ignore Project-Id-Version when comparing pot files.
Todd C. Miller [Wed, 28 Mar 2012 17:47:49 +0000 (13:47 -0400)]
Use error() instead of log_fatal()
Todd C. Miller [Wed, 28 Mar 2012 17:39:37 +0000 (13:39 -0400)]
Fix signedness of didvar in env_update_didvar()
Todd C. Miller [Wed, 28 Mar 2012 17:17:11 +0000 (13:17 -0400)]
Quiet a compiler warning on some platforms.
Todd C. Miller [Wed, 28 Mar 2012 17:07:54 +0000 (13:07 -0400)]
cast ctype(3) function/macro arguments from char to unsigned char
to avoid potential negative subscripting.
Todd C. Miller [Wed, 28 Mar 2012 15:14:22 +0000 (11:14 -0400)]
Quiet a warning on systems where the gids array in setgroups() is
not prototyped as being const, even though it really is.
Todd C. Miller [Wed, 28 Mar 2012 14:58:02 +0000 (10:58 -0400)]
Quiet a compiler warning on systems where the argument to putenv(3)
is const.
Todd C. Miller [Wed, 28 Mar 2012 14:51:22 +0000 (10:51 -0400)]
Undo an incorrect int -> bool conversion.
Todd C. Miller [Wed, 28 Mar 2012 13:56:26 +0000 (09:56 -0400)]
Add Swedish sudo and sudoers translations from translationproject.org
Todd C. Miller [Wed, 28 Mar 2012 12:18:26 +0000 (08:18 -0400)]
No need to preserve ODMDIR on AIX now that we always read
/etc/environment.
Todd C. Miller [Tue, 27 Mar 2012 22:57:11 +0000 (18:57 -0400)]
When initializing the environment for env_reset, start out with
the contents of /etc/environment on AIX and login.conf on BSD.