]>
granicus.if.org Git - sudo/log
Todd C. Miller [Mon, 8 Nov 1999 22:45:42 +0000 (22:45 +0000)]
o Use AC_MSG_ERROR throughout
o Check syslog configure options for danity
Todd C. Miller [Fri, 5 Nov 1999 22:11:55 +0000 (22:11 +0000)]
Fix printing of type T_MODE in dump_defaults()
Todd C. Miller [Fri, 5 Nov 1999 17:00:00 +0000 (17:00 +0000)]
missing sys/types.h
Todd C. Miller [Fri, 5 Nov 1999 05:42:45 +0000 (05:42 +0000)]
Break out options that may be overridden at run time into their own
section. Add a not about Max OS X and correct some lies.
Todd C. Miller [Thu, 4 Nov 1999 19:01:11 +0000 (19:01 +0000)]
o Now use getrlimit to find the highest fd when closing all non-std fd's
o Turn off core dumps via setrlimit for the sake of paranoia
Todd C. Miller [Thu, 4 Nov 1999 18:57:43 +0000 (18:57 +0000)]
updates
Todd C. Miller [Mon, 1 Nov 1999 15:59:05 +0000 (15:59 +0000)]
updates
Todd C. Miller [Mon, 1 Nov 1999 15:58:46 +0000 (15:58 +0000)]
When read()'ing, do a single character at a time to be sure we don't go
oast the newline.
Todd C. Miller [Mon, 1 Nov 1999 15:43:12 +0000 (15:43 +0000)]
For the sudo_root option, check against user_uid, not getuid() since
at this point, ruid == euid == 0.
Todd C. Miller [Mon, 1 Nov 1999 04:14:21 +0000 (04:14 +0000)]
some updates
Todd C. Miller [Mon, 1 Nov 1999 04:14:09 +0000 (04:14 +0000)]
Fix compilation problem when --with-logging=file was specified. This
means that syslog is now required to build sudo but that should not
be a problem. If it is it can be fixed trivially with a configure
check for syslog() or syslog.h.
Todd C. Miller [Mon, 1 Nov 1999 04:00:57 +0000 (04:00 +0000)]
Make this work again for things like "sudo echo hi | more" where the tty
gets put into character at a time mode. We read until we read end of
line or we run out of space (similar to fgets(3)).
Todd C. Miller [Wed, 20 Oct 1999 15:23:42 +0000 (15:23 +0000)]
change ital to bold
Todd C. Miller [Wed, 20 Oct 1999 15:23:19 +0000 (15:23 +0000)]
update
Todd C. Miller [Sat, 16 Oct 1999 17:56:31 +0000 (17:56 +0000)]
Error out if syslog parameters are given without a value. For Ultrix or
4.2BSD "syslog" is allowed without a value since there are no facilities
in the 4.2BSD syslog.
Todd C. Miller [Fri, 15 Oct 1999 20:37:04 +0000 (20:37 +0000)]
Ignore the syslog facility for systems w/ old syslog like Ultrix.
Todd C. Miller [Fri, 15 Oct 1999 16:51:08 +0000 (16:51 +0000)]
people with "." early in their path can have problems running sudo from the build dir ;-)
Todd C. Miller [Wed, 13 Oct 1999 04:18:41 +0000 (04:18 +0000)]
Remove -r realm option
Todd C. Miller [Wed, 13 Oct 1999 02:34:55 +0000 (02:34 +0000)]
New krb5 code from Frank Cusack <fcusack@iconnet.net>.
Todd C. Miller [Wed, 13 Oct 1999 02:33:09 +0000 (02:33 +0000)]
update to reality
Todd C. Miller [Tue, 12 Oct 1999 00:53:41 +0000 (00:53 +0000)]
include <auth.h> to get function prototypes.
Todd C. Miller [Tue, 12 Oct 1999 00:05:39 +0000 (00:05 +0000)]
document -L flag
Todd C. Miller [Mon, 11 Oct 1999 23:42:57 +0000 (23:42 +0000)]
in set_perms(), always call setuid(0) before changing the ruid/euid
so we always know it will succeed.
Todd C. Miller [Mon, 11 Oct 1999 16:24:02 +0000 (16:24 +0000)]
#undef T_FOO to avoid conflicts with system defines (like on ULTRIX).
Todd C. Miller [Mon, 11 Oct 1999 15:55:11 +0000 (15:55 +0000)]
Docuement "Defaults" lines in /etc/sudoers. Still needs some fleshing
out but this is a start.
Todd C. Miller [Sun, 10 Oct 1999 21:22:10 +0000 (21:22 +0000)]
use strtol, not strtoul since not everyone has not strtoul
Todd C. Miller [Sun, 10 Oct 1999 21:21:22 +0000 (21:21 +0000)]
use strtol, not strtoul since not everyone has not strtoul
Todd C. Miller [Sun, 10 Oct 1999 19:01:30 +0000 (19:01 +0000)]
last {WORD} rule should only apply in the INITIAL state
Todd C. Miller [Sun, 10 Oct 1999 18:38:40 +0000 (18:38 +0000)]
o Add support for escaped characters in the WORD macro
o Modify fill() to squash escape chars
Todd C. Miller [Sun, 10 Oct 1999 17:56:02 +0000 (17:56 +0000)]
o Add T_PATH flag to allow simple sanity checks for default values that
are supposed to be pathnames.
o Fix a duplicate free when visudo finds an error.
Todd C. Miller [Sat, 9 Oct 1999 05:01:48 +0000 (05:01 +0000)]
mail_if_foo -> mail_foo
Todd C. Miller [Fri, 8 Oct 1999 01:12:50 +0000 (01:12 +0000)]
o Add requiretty option
o Move O_NOCTTY to compat.h
Todd C. Miller [Fri, 8 Oct 1999 01:12:02 +0000 (01:12 +0000)]
The exit() in log_error() was mistakenly removed in a previous version.
Put it back...
Todd C. Miller [Thu, 7 Oct 1999 21:21:08 +0000 (21:21 +0000)]
o Change defaults stuff to put the value right in the struct.
o Implement mailer_flags
o Store syslog stuff both in int and string form. Setting the string
form magically updates the int version.
o Add boolean attribute to strings where it makes sense to say !foo
Todd C. Miller [Thu, 7 Oct 1999 21:13:45 +0000 (21:13 +0000)]
add O_NOCTTY when opening /dev/tty just in case
Todd C. Miller [Wed, 6 Oct 1999 04:48:47 +0000 (04:48 +0000)]
cleanup function no longer takes a status arg
Todd C. Miller [Wed, 6 Oct 1999 04:48:15 +0000 (04:48 +0000)]
the the
Todd C. Miller [Wed, 15 Sep 1999 09:15:33 +0000 (09:15 +0000)]
Use strftime() instead of ctime() if it is available.
Todd C. Miller [Tue, 14 Sep 1999 16:58:56 +0000 (16:58 +0000)]
fix copyright date
Todd C. Miller [Tue, 14 Sep 1999 16:57:10 +0000 (16:57 +0000)]
update ReliantUNIX entry
Todd C. Miller [Tue, 14 Sep 1999 16:56:32 +0000 (16:56 +0000)]
add log_year option
Todd C. Miller [Tue, 14 Sep 1999 08:01:25 +0000 (08:01 +0000)]
add --without-sendmail to help output
Todd C. Miller [Tue, 14 Sep 1999 07:42:16 +0000 (07:42 +0000)]
enforce an otctal arg for --with-suoders-mode
Todd C. Miller [Wed, 8 Sep 1999 08:06:28 +0000 (08:06 +0000)]
Add support for "Defaults" line in sudoers to make configuration variables
changable at runtime (and on a global, per-host and per-user basis).
Both the names and the internal representation are still subject to change.
It was necessary to make sudo_user.runas but a char ** instead of a
char * since this value can be changed by a Defaults line. There is a
similar (but more complicated) issue with sudo_user.prompt but it
is handled differently at the moment.
Add a "-L" flag to list the name of options with their descriptions. This
may only be temporary.
Move some prototypes to parse.h
Be much less restrictive on what is allowed for a username.
Todd C. Miller [Wed, 8 Sep 1999 08:01:10 +0000 (08:01 +0000)]
Add more info
Todd C. Miller [Sat, 4 Sep 1999 07:09:04 +0000 (07:09 +0000)]
UCB has dropped the advertising clause from their license.
Todd C. Miller [Tue, 31 Aug 1999 09:39:45 +0000 (09:39 +0000)]
move dce_verofy proto to correct section
Todd C. Miller [Tue, 31 Aug 1999 09:39:17 +0000 (09:39 +0000)]
remove XXX
Todd C. Miller [Sat, 28 Aug 1999 10:00:54 +0000 (10:00 +0000)]
Add fnmatch() prototype
Todd C. Miller [Sat, 28 Aug 1999 10:00:22 +0000 (10:00 +0000)]
Move inclusion of emul/fnmatch.h to be after sudo.h for __P
Todd C. Miller [Sat, 28 Aug 1999 09:59:18 +0000 (09:59 +0000)]
add strcasecmp proto
Todd C. Miller [Sat, 28 Aug 1999 09:50:27 +0000 (09:50 +0000)]
add check for case where there are no auth methods
Todd C. Miller [Sat, 28 Aug 1999 09:36:32 +0000 (09:36 +0000)]
Define _XOPEN_EXTENDED_SOURCE on AIX and __USE_FIXED_PROTOTYPES__ on SunOS4 w/ gcc
Todd C. Miller [Sat, 28 Aug 1999 09:24:15 +0000 (09:24 +0000)]
include strings.h everywhere we include string.h
Todd C. Miller [Sat, 28 Aug 1999 09:22:47 +0000 (09:22 +0000)]
nicer output when showing auth methods
Todd C. Miller [Sat, 28 Aug 1999 09:00:07 +0000 (09:00 +0000)]
Add support for SEND_MAIL_WHEN_NO_HOST
Todd C. Miller [Sat, 28 Aug 1999 08:49:08 +0000 (08:49 +0000)]
Add _GNU_SOURCE for Linux
Todd C. Miller [Sat, 28 Aug 1999 08:22:27 +0000 (08:22 +0000)]
fix definition of OCTECT
Todd C. Miller [Sat, 28 Aug 1999 08:10:08 +0000 (08:10 +0000)]
aix_auth.o not authenticate.o
Todd C. Miller [Fri, 27 Aug 1999 21:02:24 +0000 (21:02 +0000)]
Only block SIGINT, SIGQUIT, SIGTSTP (which can be generated from
the keyboard). Since we run with ruid/euid == 0 the user can't
really signal us in nasty ways.
Todd C. Miller [Fri, 27 Aug 1999 21:01:06 +0000 (21:01 +0000)]
Don't need to worry about catching too many signals since we do locking
on the tmp file. If a lockfile is really stale, it will be detected
and overwritten.
Todd C. Miller [Fri, 27 Aug 1999 20:09:30 +0000 (20:09 +0000)]
include auth/API in tarball
Todd C. Miller [Fri, 27 Aug 1999 20:09:15 +0000 (20:09 +0000)]
move memset() of plaintext pw outside of verify loop and only do the
memset if we are *not* in standalone mode.
Todd C. Miller [Fri, 27 Aug 1999 17:46:54 +0000 (17:46 +0000)]
DCE is not a standalone method
Todd C. Miller [Fri, 27 Aug 1999 15:53:29 +0000 (15:53 +0000)]
fix --enable-noargs-shell
Todd C. Miller [Fri, 27 Aug 1999 15:06:19 +0000 (15:06 +0000)]
"#ifdef __STDC__" not "#if __STDC__" (I missed one)
Todd C. Miller [Fri, 27 Aug 1999 14:54:52 +0000 (14:54 +0000)]
_cleanup() function returns an int.
Todd C. Miller [Fri, 27 Aug 1999 14:50:46 +0000 (14:50 +0000)]
there were still some return(0)'s hanging around, make them AUTH_FAILURE
Todd C. Miller [Fri, 27 Aug 1999 14:39:24 +0000 (14:39 +0000)]
typo in comment
Todd C. Miller [Fri, 27 Aug 1999 14:03:19 +0000 (14:03 +0000)]
add missing semicolon
Todd C. Miller [Fri, 27 Aug 1999 12:31:25 +0000 (12:31 +0000)]
missing backslash
Todd C. Miller [Thu, 26 Aug 1999 21:24:50 +0000 (21:24 +0000)]
Kill _XOPEN_EXTENDED_SOURCE -- causes problems on some OSes
Todd C. Miller [Thu, 26 Aug 1999 13:21:31 +0000 (13:21 +0000)]
add parse.h to HDRS
Todd C. Miller [Thu, 26 Aug 1999 13:16:06 +0000 (13:16 +0000)]
Kill VISUDO_LIBS and VISUDO_LDFLAGS. Add LIBS, NET_LIBS, and LDFLAGS.
Common libs go in LIBS, commong ld flags go in LDFLAGS and network libs
like -lsocket, -lnsl go in NET_LIBS. This allows testsudoers to build
on Solaris and is a bit cleaner in general.
Todd C. Miller [Thu, 26 Aug 1999 10:56:21 +0000 (10:56 +0000)]
mention ptmp -> sudoers.tmp
Todd C. Miller [Thu, 26 Aug 1999 10:12:46 +0000 (10:12 +0000)]
Define _XOPEN_SOURCE_EXTENDED not _XOPEN_SOURCE
Todd C. Miller [Thu, 26 Aug 1999 09:37:27 +0000 (09:37 +0000)]
add 2 reports
Todd C. Miller [Thu, 26 Aug 1999 09:20:32 +0000 (09:20 +0000)]
Minor changes, mostly cosmetic. verify_krb_v5_tgt() changed to return a value more like a system function
Todd C. Miller [Thu, 26 Aug 1999 09:19:25 +0000 (09:19 +0000)]
Add an XXX
Todd C. Miller [Thu, 26 Aug 1999 09:19:00 +0000 (09:19 +0000)]
more things todo!
Todd C. Miller [Thu, 26 Aug 1999 09:18:42 +0000 (09:18 +0000)]
update based on what is in the man page
Todd C. Miller [Thu, 26 Aug 1999 09:10:50 +0000 (09:10 +0000)]
minor change to first line printed in -l mode
Todd C. Miller [Thu, 26 Aug 1999 09:10:12 +0000 (09:10 +0000)]
rename "ENVIRONMENT VARIABLES" section to "ENVIRONMENT" to be more standard and add "EXAMPLES" section
Todd C. Miller [Thu, 26 Aug 1999 09:08:31 +0000 (09:08 +0000)]
rename "ENVIRONMENT VARIABLES" section to "ENVIRONMENT" to be more standard
Todd C. Miller [Thu, 26 Aug 1999 09:06:41 +0000 (09:06 +0000)]
add FLAG_NO_CHECK
Todd C. Miller [Thu, 26 Aug 1999 09:05:57 +0000 (09:05 +0000)]
make an OCTET really be limited to 0-255
Todd C. Miller [Thu, 26 Aug 1999 09:04:59 +0000 (09:04 +0000)]
mention timestamp changes
Todd C. Miller [Thu, 26 Aug 1999 09:04:45 +0000 (09:04 +0000)]
cosmetic cleanup
Todd C. Miller [Thu, 26 Aug 1999 09:00:59 +0000 (09:00 +0000)]
new sudoers(8) man page
Todd C. Miller [Tue, 24 Aug 1999 17:45:05 +0000 (17:45 +0000)]
Update comments about syslog name tables
Todd C. Miller [Tue, 24 Aug 1999 17:37:38 +0000 (17:37 +0000)]
include strcasecmp() for those without it
Todd C. Miller [Tue, 24 Aug 1999 16:43:37 +0000 (16:43 +0000)]
Use the : operator some more and fix a typo
Todd C. Miller [Tue, 24 Aug 1999 16:43:17 +0000 (16:43 +0000)]
update the history of sudo
Todd C. Miller [Tue, 24 Aug 1999 16:42:28 +0000 (16:42 +0000)]
CIDR-style netmask support
Todd C. Miller [Tue, 24 Aug 1999 16:41:46 +0000 (16:41 +0000)]
recent changes
Todd C. Miller [Tue, 24 Aug 1999 16:40:58 +0000 (16:40 +0000)]
these should be generated with byacc, not bison
Todd C. Miller [Tue, 24 Aug 1999 16:40:23 +0000 (16:40 +0000)]
regen
Todd C. Miller [Tue, 24 Aug 1999 15:58:39 +0000 (15:58 +0000)]
In "sudo -l" mode, the type of the stored (expanded) alias was not
stored with the contents. This could lead to incorrect output
if the sudoers file had different alias types with the same name.
Normal parsing (ie: not in '-l' mode) is unaffected.
Todd C. Miller [Mon, 23 Aug 1999 16:47:42 +0000 (16:47 +0000)]
define _XOPEN_SOURCE to get at crypt() proto on some systems
Todd C. Miller [Sun, 22 Aug 1999 17:10:20 +0000 (17:10 +0000)]
fix comment