Todd C. Miller [Mon, 14 May 2018 15:05:04 +0000 (09:05 -0600)]
Let the main sudoers lookup code check the host name. We still
check the user name so it is possible to use a single userspec
but this may change in the future.
Todd C. Miller [Mon, 14 May 2018 15:05:03 +0000 (09:05 -0600)]
Simplify the nss interface such that each sudoers provider fills
in a per-nss list of userspecs and defaults instead of using separate
lookup and list functions. This makes it possible to have a single
implementation of the code for sudoers lookup and listing.
Todd C. Miller [Fri, 11 May 2018 03:17:03 +0000 (21:17 -0600)]
Fix a format-truncation warning in newer gcc by avoiding using %0x
and %0X in the test. We are formatting a single byte so just do
it one nybble at a time.
Todd C. Miller [Tue, 24 Apr 2018 13:21:08 +0000 (07:21 -0600)]
Move the check for /dev/fd/N until *after* the digest has been
checked. We still need to be able to check the digest even if there
is no /dev/fd/N or fexecve().
Todd C. Miller [Tue, 24 Apr 2018 02:43:04 +0000 (20:43 -0600)]
Rewind the fd after calling sudo_filedigest(). Otherwise, when
running a script via fexecve(), the interpreter may get EOF when
reading /dev/fd/N. This only appears to affect BSD systems with
fdescfs. Bug #831.
Todd C. Miller [Sun, 15 Apr 2018 14:14:46 +0000 (08:14 -0600)]
Prune alias contents when pruning and expanding aliases.
This abuses the userlist_matches_filter() and hostlist_matches_filter()
functions. A better approach would be to call the correct function
from user_matches() and host_matches().
Todd C. Miller [Wed, 4 Apr 2018 17:28:53 +0000 (11:28 -0600)]
Use btime in /proc/stat to determine system start time instead of
/proc/uptime. Fixes the process start time test when run from a
container where /proc/uptime is the uptime of the container but the
process start time is relative to the host system boot time.
Bug #829
Todd C. Miller [Fri, 30 Mar 2018 00:53:51 +0000 (18:53 -0600)]
No need to initialize the last pointer passed to strtok_r().
This was originally added to appease newer gcc but no longer
seems to be required. CID 183466, CID 183468, CID 183469
Todd C. Miller [Tue, 27 Mar 2018 22:00:08 +0000 (16:00 -0600)]
In pty_close() we still need to check whether the pty master and
slave fds are open before closing them. When no tty is present but
we are I/O logging pty_close() will be called when there is no
actual pty in use.
Todd C. Miller [Mon, 26 Mar 2018 12:28:23 +0000 (06:28 -0600)]
In pty_close() there is no need to remove events associated with
the pty slave as there are none. We also don't need to check for
the pty fds being -1 since they are not closed elsewhere and
pty_close() is only called if pty_setup() succeeds.
Todd C. Miller [Thu, 22 Mar 2018 17:38:39 +0000 (11:38 -0600)]
Add cvtsudoers command line option to suppress certain parts of the
security policy. Can be used to suppress displaying of Defaults
entries, aliases or privileges.
Todd C. Miller [Wed, 21 Mar 2018 18:24:11 +0000 (12:24 -0600)]
Initial support filtering by user, group and host in cvtsudoers.
Currently forces alias expansion when a filter is applied and the
entire matching user or host list is printed, even the non-matching
entries. This effectively allows you to grep sudoers by user, group
and host.
Todd C. Miller [Wed, 21 Mar 2018 18:11:19 +0000 (12:11 -0600)]
Add free_default() to free a struct defaults pointer so we have a
single place where we free the defaults. A pointer to the previous
Default's binding may be passed in to avoid freeing an already free
binding.