Todd C. Miller [Tue, 24 Apr 2018 02:43:04 +0000 (20:43 -0600)]
Rewind the fd after calling sudo_filedigest(). Otherwise, when
running a script via fexecve(), the interpreter may get EOF when
reading /dev/fd/N. This only appears to affect BSD systems with
fdescfs. Bug #831.
Todd C. Miller [Sun, 15 Apr 2018 14:14:46 +0000 (08:14 -0600)]
Prune alias contents when pruning and expanding aliases.
This abuses the userlist_matches_filter() and hostlist_matches_filter()
functions. A better approach would be to call the correct function
from user_matches() and host_matches().
Todd C. Miller [Wed, 4 Apr 2018 17:28:53 +0000 (11:28 -0600)]
Use btime in /proc/stat to determine system start time instead of
/proc/uptime. Fixes the process start time test when run from a
container where /proc/uptime is the uptime of the container but the
process start time is relative to the host system boot time.
Bug #829
Todd C. Miller [Fri, 30 Mar 2018 00:53:51 +0000 (18:53 -0600)]
No need to initialize the last pointer passed to strtok_r().
This was originally added to appease newer gcc but no longer
seems to be required. CID 183466, CID 183468, CID 183469
Todd C. Miller [Tue, 27 Mar 2018 22:00:08 +0000 (16:00 -0600)]
In pty_close() we still need to check whether the pty master and
slave fds are open before closing them. When no tty is present but
we are I/O logging pty_close() will be called when there is no
actual pty in use.
Todd C. Miller [Mon, 26 Mar 2018 12:28:23 +0000 (06:28 -0600)]
In pty_close() there is no need to remove events associated with
the pty slave as there are none. We also don't need to check for
the pty fds being -1 since they are not closed elsewhere and
pty_close() is only called if pty_setup() succeeds.
Todd C. Miller [Thu, 22 Mar 2018 17:38:39 +0000 (11:38 -0600)]
Add cvtsudoers command line option to suppress certain parts of the
security policy. Can be used to suppress displaying of Defaults
entries, aliases or privileges.
Todd C. Miller [Wed, 21 Mar 2018 18:24:11 +0000 (12:24 -0600)]
Initial support filtering by user, group and host in cvtsudoers.
Currently forces alias expansion when a filter is applied and the
entire matching user or host list is printed, even the non-matching
entries. This effectively allows you to grep sudoers by user, group
and host.
Todd C. Miller [Wed, 21 Mar 2018 18:11:19 +0000 (12:11 -0600)]
Add free_default() to free a struct defaults pointer so we have a
single place where we free the defaults. A pointer to the previous
Default's binding may be passed in to avoid freeing an already free
binding.
Todd C. Miller [Sun, 4 Mar 2018 14:03:43 +0000 (07:03 -0700)]
Initial support for adding comments that will be emitted when
sudoers is formatted. Currently adds a comment for the source
sudoRole when converting from ldif -> sudoers.
Todd C. Miller [Fri, 2 Mar 2018 16:27:27 +0000 (09:27 -0700)]
Refactor the code that actually converts the role to sudoers format
into role_to_sudoers() now that it is more involved than just calling
sudo_ldap_role_to_priv().
Todd C. Miller [Fri, 2 Mar 2018 13:42:29 +0000 (06:42 -0700)]
When merging two privileges, use the runas lists of the previous
privilege when possible. Otherwise, the generated sudoers line
will include a runas list for commands that is not necessary.
Todd C. Miller [Fri, 2 Mar 2018 03:31:01 +0000 (20:31 -0700)]
Use a case-insensitive comparison when matching user and group names
in sudoers with the passwd or group database. This can be necessary
when users and groups are stored in AD or LDAP.