]> granicus.if.org Git - sudo/log
sudo
6 years agoWhen building up the cmndspec, add the actual command member last.
Todd C. Miller [Wed, 16 May 2018 16:27:28 +0000 (10:27 -0600)]
When building up the cmndspec, add the actual command member last.
This simplifies the logic regarding the SETENV tag and alsomakes
"out of memory" cleanup simpler.

6 years agoFix format string mismatch, sudo_order is unsigned.
Todd C. Miller [Wed, 16 May 2018 16:15:15 +0000 (10:15 -0600)]
Fix format string mismatch, sudo_order is unsigned.

6 years agoAdd cppcheck annotation to suppress memory leak false positive.
Todd C. Miller [Wed, 16 May 2018 16:14:39 +0000 (10:14 -0600)]
Add cppcheck annotation to suppress memory leak false positive.

6 years agoSudo "ALL" implies the SETENV tag.
Todd C. Miller [Wed, 16 May 2018 16:01:52 +0000 (10:01 -0600)]
Sudo "ALL" implies the SETENV tag.

6 years agoOnly set MODE_PRESERVE_ENV when preserving the entire environment.
Todd C. Miller [Wed, 16 May 2018 15:10:43 +0000 (09:10 -0600)]
Only set MODE_PRESERVE_ENV when preserving the entire environment.
Fixes a problem introduced in 1.8.23 where "sudo -i" could not be
used in conjunction with --preserve-env=VARIABLE.  Bug #835

6 years agoAdd free_userspecs() and free_default() and use them instead of
Todd C. Miller [Tue, 15 May 2018 22:35:07 +0000 (16:35 -0600)]
Add free_userspecs() and free_default() and use them instead of
looping over the lists and calling free_userspec() and free_default().

6 years agoDepending on the bos level, AIX 6.1 may or may not include
Todd C. Miller [Tue, 15 May 2018 15:53:46 +0000 (09:53 -0600)]
Depending on the bos level, AIX 6.1 may or may not include
getline/getdelim and AIX 7.1 may or may not include memset_s.
Since we need to build packages that will work on all AIX 6.1 and
7.1 machines, use our getline() and memset_s emulation.

6 years agoDo not leak struct sudo_command when the command is ALL.
Todd C. Miller [Mon, 14 May 2018 19:47:00 +0000 (13:47 -0600)]
Do not leak struct sudo_command when the command is ALL.
Coverity CID 185602.

6 years agoSudo 1.8.24
Todd C. Miller [Mon, 14 May 2018 19:04:14 +0000 (13:04 -0600)]
Sudo 1.8.24

6 years agoImprove comments about why we need to do a user check and how it
Todd C. Miller [Mon, 14 May 2018 16:43:51 +0000 (10:43 -0600)]
Improve comments about why we need to do a user check and how it
related to netgroups.

6 years agoAdd checks for ldap/sss functions failing due to memory allocation
Todd C. Miller [Mon, 14 May 2018 15:05:05 +0000 (09:05 -0600)]
Add checks for ldap/sss functions failing due to memory allocation
errors.

6 years agoLet the main sudoers lookup code check the host name. We still
Todd C. Miller [Mon, 14 May 2018 15:05:04 +0000 (09:05 -0600)]
Let the main sudoers lookup code check the host name.  We still
check the user name so it is possible to use a single userspec
but this may change in the future.

6 years agoSimplify the nss interface such that each sudoers provider fills
Todd C. Miller [Mon, 14 May 2018 15:05:03 +0000 (09:05 -0600)]
Simplify the nss interface such that each sudoers provider fills
in a per-nss list of userspecs and defaults instead of using separate
lookup and list functions.  This makes it possible to have a single
implementation of the code for sudoers lookup and listing.

6 years agoInclude parse.h in sudoers.h since it will soon be required.
Todd C. Miller [Mon, 14 May 2018 15:05:02 +0000 (09:05 -0600)]
Include parse.h in sudoers.h since it will soon be required.

6 years agoParse "ALL" as a command correctly.
Todd C. Miller [Mon, 14 May 2018 14:35:48 +0000 (08:35 -0600)]
Parse "ALL" as a command correctly.

6 years agoAdd debug warning if lseek() fails (should not be possible).
Todd C. Miller [Fri, 11 May 2018 13:51:43 +0000 (07:51 -0600)]
Add debug warning if lseek() fails (should not be possible).

6 years agoFix swapped args of lseek() when rewinding. This didn't cause a
Todd C. Miller [Fri, 11 May 2018 13:45:22 +0000 (07:45 -0600)]
Fix swapped args of lseek() when rewinding.  This didn't cause a
problem because the value of SEEK_SET is 0.

6 years agoFix a format-truncation warning in newer gcc by avoiding using %0x
Todd C. Miller [Fri, 11 May 2018 03:17:03 +0000 (21:17 -0600)]
Fix a format-truncation warning in newer gcc by avoiding using %0x
and %0X in the test.  We are formatting a single byte so just do
it one nybble at a time.

6 years agoRegen with autoconf git commit e17a30e987d7ee695fb4294a82d987ec3dc9b974
Todd C. Miller [Fri, 11 May 2018 02:44:09 +0000 (20:44 -0600)]
Regen with autoconf git commit e17a30e987d7ee695fb4294a82d987ec3dc9b974
AC_HEADER_MAJOR: port to glibc 2.25

6 years agoNo need to explicitly free role on EOF, it will be freed after the
Todd C. Miller [Thu, 3 May 2018 17:06:02 +0000 (11:06 -0600)]
No need to explicitly free role on EOF, it will be freed after the
loop is done.

6 years agoGarbage collect the command argv, envp and info vectors since they are
Todd C. Miller [Thu, 3 May 2018 16:52:17 +0000 (10:52 -0600)]
Garbage collect the command argv, envp and info vectors since they are
not available at policy close time.

6 years agoPlug memory leaks on parse error or when an LDIF entry doesn't match
Todd C. Miller [Thu, 3 May 2018 16:51:11 +0000 (10:51 -0600)]
Plug memory leaks on parse error or when an LDIF entry doesn't match
the dn filter.

6 years agoRename variables now that the string list functions are not ldap-specific.
Todd C. Miller [Thu, 3 May 2018 16:49:54 +0000 (10:49 -0600)]
Rename variables now that the string list functions are not ldap-specific.

6 years agoFix typo
Todd C. Miller [Mon, 30 Apr 2018 15:56:40 +0000 (09:56 -0600)]
Fix typo

6 years agofix version
Todd C. Miller [Sun, 29 Apr 2018 19:58:49 +0000 (13:58 -0600)]
fix version

6 years agosync
Todd C. Miller [Sun, 29 Apr 2018 19:52:28 +0000 (13:52 -0600)]
sync

6 years agosync with translationproject.org
Todd C. Miller [Sun, 29 Apr 2018 19:33:29 +0000 (13:33 -0600)]
sync with translationproject.org

6 years agoO_EXEC for fexecve() not O_SEARCH.
Todd C. Miller [Wed, 25 Apr 2018 20:55:55 +0000 (14:55 -0600)]
O_EXEC for fexecve() not O_SEARCH.

6 years agoDocument how to suppress the last login message on Solaris.
Todd C. Miller [Wed, 25 Apr 2018 15:56:22 +0000 (09:56 -0600)]
Document how to suppress the last login message on Solaris.

6 years agoFix compilation error with older Sun Studio compilers.
Todd C. Miller [Tue, 24 Apr 2018 22:40:16 +0000 (16:40 -0600)]
Fix compilation error with older Sun Studio compilers.

6 years agoUpdate Bug #831 decription.
Todd C. Miller [Tue, 24 Apr 2018 20:29:58 +0000 (14:29 -0600)]
Update Bug #831 decription.

6 years agoAdd Chinese(Taiwan) translation for sudo.
Todd C. Miller [Tue, 24 Apr 2018 16:45:30 +0000 (10:45 -0600)]
Add Chinese(Taiwan) translation for sudo.

6 years agoMove the check for /dev/fd/N until *after* the digest has been
Todd C. Miller [Tue, 24 Apr 2018 13:21:08 +0000 (07:21 -0600)]
Move the check for /dev/fd/N until *after* the digest has been
checked.  We still need to be able to check the digest even if there
is no /dev/fd/N or fexecve().

6 years agoRewind the fd after calling sudo_filedigest(). Otherwise, when
Todd C. Miller [Tue, 24 Apr 2018 02:43:04 +0000 (20:43 -0600)]
Rewind the fd after calling sudo_filedigest().  Otherwise, when
running a script via fexecve(), the interpreter may get EOF when
reading /dev/fd/N.  This only appears to affect BSD systems with
fdescfs.  Bug #831.

6 years agoIn open_cmnd(), return true, not false, if we the /dev/fd/N pathname
Todd C. Miller [Mon, 23 Apr 2018 20:42:35 +0000 (14:42 -0600)]
In open_cmnd(), return true, not false, if we the /dev/fd/N pathname
is not present.  We don't want to fail a match because of this.

6 years agoBug #831.
Todd C. Miller [Mon, 23 Apr 2018 17:01:49 +0000 (11:01 -0600)]
Bug #831.

6 years agoWe can only use fexecve() on a script if /dev/fd/N exists.
Todd C. Miller [Mon, 23 Apr 2018 16:54:51 +0000 (10:54 -0600)]
We can only use fexecve() on a script if /dev/fd/N exists.
Some systems, such as FreeBSD, don't have /dev/fd mounted
by default.  Bug #831

6 years agosync with translationproject.org
Todd C. Miller [Sun, 22 Apr 2018 12:58:53 +0000 (06:58 -0600)]
sync with translationproject.org

6 years agosync with translationproject.org
Todd C. Miller [Sat, 21 Apr 2018 19:56:36 +0000 (13:56 -0600)]
sync with translationproject.org

6 years agoAdd tests for round-tripping cvtsudoers, sudoers -> LDIF -> sudoers
Todd C. Miller [Sat, 21 Apr 2018 12:23:02 +0000 (06:23 -0600)]
Add tests for round-tripping cvtsudoers, sudoers -> LDIF -> sudoers
and LDIF -> sudoers -> LDIF.

6 years agoTest the -b option when converting from LDIF.
Todd C. Miller [Thu, 19 Apr 2018 15:24:08 +0000 (09:24 -0600)]
Test the -b option when converting from LDIF.

6 years agoFix the -b option when converting from LDIF.
Todd C. Miller [Thu, 19 Apr 2018 15:23:45 +0000 (09:23 -0600)]
Fix the -b option when converting from LDIF.

6 years agosync with translationproject.org
Todd C. Miller [Thu, 19 Apr 2018 03:14:10 +0000 (21:14 -0600)]
sync with translationproject.org

6 years agoFix some more typos.
Todd C. Miller [Wed, 18 Apr 2018 20:25:11 +0000 (14:25 -0600)]
Fix some more typos.

6 years agomandoc now preserves the copyright notice, no need to do it ourselves
Todd C. Miller [Wed, 18 Apr 2018 20:24:51 +0000 (14:24 -0600)]
mandoc now preserves the copyright notice, no need to do it ourselves

6 years agoDescribe the special handling of LOGNAME, USER and USERNAME.
Todd C. Miller [Wed, 18 Apr 2018 20:14:47 +0000 (14:14 -0600)]
Describe the special handling of LOGNAME, USER and USERNAME.
Fix typos reported by aspell.

6 years agoFix a memory leak on the error path.
Todd C. Miller [Wed, 18 Apr 2018 16:09:22 +0000 (10:09 -0600)]
Fix a memory leak on the error path.

6 years agoDocument that the editor setting is also used by sudoedit.
Todd C. Miller [Wed, 18 Apr 2018 15:40:48 +0000 (09:40 -0600)]
Document that the editor setting is also used by sudoedit.

6 years agoPlug memory leak when an I/O plugin is specified in sudo.conf
Todd C. Miller [Tue, 17 Apr 2018 19:41:44 +0000 (13:41 -0600)]
Plug memory leak when an I/O plugin is specified in sudo.conf
but the I/O plugin is not configured.

6 years agoMonty Python insults from Philip Hudson
Todd C. Miller [Tue, 17 Apr 2018 13:10:43 +0000 (07:10 -0600)]
Monty Python insults from Philip Hudson

6 years agoadd examples
Todd C. Miller [Sun, 15 Apr 2018 23:06:26 +0000 (17:06 -0600)]
add examples

6 years agoUpdate copyright year and regen man pages.
Todd C. Miller [Sun, 15 Apr 2018 22:43:06 +0000 (16:43 -0600)]
Update copyright year and regen man pages.

6 years agosync with translationproject.org
Todd C. Miller [Sun, 15 Apr 2018 14:21:40 +0000 (08:21 -0600)]
sync with translationproject.org

6 years agocvtsudoers regress tests
Todd C. Miller [Sun, 15 Apr 2018 14:14:46 +0000 (08:14 -0600)]
cvtsudoers regress tests

6 years agoPrune alias contents when pruning and expanding aliases.
Todd C. Miller [Sun, 15 Apr 2018 14:14:46 +0000 (08:14 -0600)]
Prune alias contents when pruning and expanding aliases.
This abuses the userlist_matches_filter() and hostlist_matches_filter()
functions.  A better approach would be to call the correct function
from user_matches() and host_matches().

6 years agoFix typo
Todd C. Miller [Sun, 15 Apr 2018 01:54:54 +0000 (19:54 -0600)]
Fix typo

6 years agoFix cut & pasto that prevented "-d command" from working.
Todd C. Miller [Sat, 14 Apr 2018 12:13:44 +0000 (06:13 -0600)]
Fix cut & pasto that prevented "-d command" from working.

6 years agoFix a user after free crash as well as a memory leak when filtering
Todd C. Miller [Fri, 13 Apr 2018 16:49:05 +0000 (10:49 -0600)]
Fix a user after free crash as well as a memory leak when filtering
Defaults.

6 years agoDocument that a User_Alias or Host_Alias may be used in the match filter.
Todd C. Miller [Thu, 12 Apr 2018 12:29:41 +0000 (06:29 -0600)]
Document that a User_Alias or Host_Alias may be used in the match filter.

6 years agoDon't always expand aliases when formatting a host-based Defaults
Todd C. Miller [Thu, 12 Apr 2018 12:25:35 +0000 (06:25 -0600)]
Don't always expand aliases when formatting a host-based Defaults
line.  This was missed when expand_aliases support was added.

6 years agoAllow host and user aliases to be specified in match filters.
Todd C. Miller [Thu, 12 Apr 2018 12:21:20 +0000 (06:21 -0600)]
Allow host and user aliases to be specified in match filters.

6 years agoUpdate copyright year.
Todd C. Miller [Thu, 12 Apr 2018 11:13:49 +0000 (05:13 -0600)]
Update copyright year.

6 years agosync with translationproject.org
Todd C. Miller [Tue, 10 Apr 2018 22:07:42 +0000 (16:07 -0600)]
sync with translationproject.org

6 years agoWhen the -d option is used, remove aliases used by the non-converted
Todd C. Miller [Mon, 9 Apr 2018 17:13:33 +0000 (11:13 -0600)]
When the -d option is used, remove aliases used by the non-converted
Defaults settings if the aliases are not also referenced by userspecs.

6 years agoregen
Todd C. Miller [Thu, 5 Apr 2018 13:00:25 +0000 (07:00 -0600)]
regen

6 years agoupdate
Todd C. Miller [Thu, 5 Apr 2018 12:34:49 +0000 (06:34 -0600)]
update

6 years agoMention -p and -M options in the description of -m.
Todd C. Miller [Thu, 5 Apr 2018 12:34:22 +0000 (06:34 -0600)]
Mention -p and -M options in the description of -m.

6 years agoCheck sudoedit temporary directory for writability before using it.
Todd C. Miller [Thu, 5 Apr 2018 03:05:59 +0000 (21:05 -0600)]
Check sudoedit temporary directory for writability before using it.

6 years agoUse btime in /proc/stat to determine system start time instead of
Todd C. Miller [Wed, 4 Apr 2018 17:28:53 +0000 (11:28 -0600)]
Use btime in /proc/stat to determine system start time instead of
/proc/uptime.  Fixes the process start time test when run from a
container where /proc/uptime is the uptime of the container but the
process start time is relative to the host system boot time.
Bug #829

6 years agoAdd option to prune non-matching entries from cvtsudoers output with -m
Todd C. Miller [Wed, 4 Apr 2018 15:51:05 +0000 (09:51 -0600)]
Add option to prune non-matching entries from cvtsudoers output with -m
option is used.

6 years agoAllow defaults types and suppression list to be specified in
Todd C. Miller [Mon, 2 Apr 2018 13:41:56 +0000 (07:41 -0600)]
Allow defaults types and suppression list to be specified in
the config file.

6 years agoRefactor common alias code out of cvtsudoers and visudo and into alias.c.
Todd C. Miller [Mon, 2 Apr 2018 13:41:09 +0000 (07:41 -0600)]
Refactor common alias code out of cvtsudoers and visudo and into alias.c.

6 years agoAvoid NULL deref in an error path. CID 183467
Todd C. Miller [Fri, 30 Mar 2018 00:53:53 +0000 (18:53 -0600)]
Avoid NULL deref in an error path.  CID 183467

6 years agoNo need to initialize the last pointer passed to strtok_r().
Todd C. Miller [Fri, 30 Mar 2018 00:53:51 +0000 (18:53 -0600)]
No need to initialize the last pointer passed to strtok_r().
This was originally added to appease newer gcc but no longer
seems to be required.  CID 183466, CID 183468, CID 183469

6 years agoAvoid false positive NULL dereference by uses value.u.string
Todd C. Miller [Fri, 30 Mar 2018 00:53:50 +0000 (18:53 -0600)]
Avoid false positive NULL dereference by uses value.u.string
instead of name as the former is guaranteed not to be NULL.
Fixes CID 183465.

6 years agoregen
Todd C. Miller [Thu, 29 Mar 2018 16:20:26 +0000 (10:20 -0600)]
regen

6 years agoAdd a section on convertion from file-based sudoers.
Todd C. Miller [Thu, 29 Mar 2018 13:13:31 +0000 (07:13 -0600)]
Add a section on convertion from file-based sudoers.

6 years agoAdd support for "cvtsudoers -d all"
Todd C. Miller [Wed, 28 Mar 2018 23:43:58 +0000 (17:43 -0600)]
Add support for "cvtsudoers -d all"

6 years agoAdd -d option to control what type of Defaults entries are converted.
Todd C. Miller [Wed, 28 Mar 2018 14:33:07 +0000 (08:33 -0600)]
Add -d option to control what type of Defaults entries are converted.

6 years agoIn pty_close() we still need to check whether the pty master and
Todd C. Miller [Tue, 27 Mar 2018 22:00:08 +0000 (16:00 -0600)]
In pty_close() we still need to check whether the pty master and
slave fds are open before closing them.  When no tty is present but
we are I/O logging pty_close() will be called when there is no
actual pty in use.

6 years agoregen
Todd C. Miller [Tue, 27 Mar 2018 21:57:02 +0000 (15:57 -0600)]
regen

6 years agoignore *.ldif2sudo regress output
Todd C. Miller [Mon, 26 Mar 2018 16:36:29 +0000 (10:36 -0600)]
ignore *.ldif2sudo regress output

6 years agoIn pty_close() there is no need to remove events associated with
Todd C. Miller [Mon, 26 Mar 2018 12:28:23 +0000 (06:28 -0600)]
In pty_close() there is no need to remove events associated with
the pty slave as there are none.  We also don't need to check for
the pty fds being -1 since they are not closed elsewhere and
pty_close() is only called if pty_setup() succeeds.

6 years agoMove cvtsudoers to section 1.
Todd C. Miller [Sun, 25 Mar 2018 22:16:48 +0000 (16:16 -0600)]
Move cvtsudoers to section 1.

6 years agoIn pty_close() close the slave and remove any events associated
Todd C. Miller [Sun, 25 Mar 2018 12:03:19 +0000 (06:03 -0600)]
In pty_close() close the slave and remove any events associated
with it.  Fixes a potential hang when performing the final flush
on non-BSD systems.

6 years agoFix typo in strcmp(), we are comparing var not val.
Todd C. Miller [Fri, 23 Mar 2018 15:54:52 +0000 (09:54 -0600)]
Fix typo in strcmp(), we are comparing var not val.

6 years agosync
Todd C. Miller [Fri, 23 Mar 2018 12:56:49 +0000 (06:56 -0600)]
sync

6 years agosync
Todd C. Miller [Fri, 23 Mar 2018 12:46:38 +0000 (06:46 -0600)]
sync

6 years agoregen
Todd C. Miller [Thu, 22 Mar 2018 19:30:25 +0000 (13:30 -0600)]
regen

6 years agoAdd -M option to cvtsudoers to force the use of the local passwd
Todd C. Miller [Thu, 22 Mar 2018 19:24:41 +0000 (13:24 -0600)]
Add -M option to cvtsudoers to force the use of the local passwd
and group databases when matching.

6 years agoAdd cvtsudoers command line option to suppress certain parts of the
Todd C. Miller [Thu, 22 Mar 2018 17:38:39 +0000 (11:38 -0600)]
Add cvtsudoers command line option to suppress certain parts of the
security policy.  Can be used to suppress displaying of Defaults
entries, aliases or privileges.

6 years agoSilence a false positive from the clang static analyzer.
Todd C. Miller [Wed, 21 Mar 2018 21:03:17 +0000 (15:03 -0600)]
Silence a false positive from the clang static analyzer.

6 years agoSilence a false positive from the clang static analyzer.
Todd C. Miller [Wed, 21 Mar 2018 20:55:17 +0000 (14:55 -0600)]
Silence a false positive from the clang static analyzer.

6 years agoFix memory leak on error path.
Todd C. Miller [Wed, 21 Mar 2018 20:43:17 +0000 (14:43 -0600)]
Fix memory leak on error path.

6 years agoregen
Todd C. Miller [Wed, 21 Mar 2018 19:33:44 +0000 (13:33 -0600)]
regen

6 years agoMove cvtsudoers string functions into cvtsudoers.c
Todd C. Miller [Wed, 21 Mar 2018 19:29:47 +0000 (13:29 -0600)]
Move cvtsudoers string functions into cvtsudoers.c

6 years agoregen
Todd C. Miller [Wed, 21 Mar 2018 19:29:18 +0000 (13:29 -0600)]
regen

6 years agoInitial support filtering by user, group and host in cvtsudoers.
Todd C. Miller [Wed, 21 Mar 2018 18:24:11 +0000 (12:24 -0600)]
Initial support filtering by user, group and host in cvtsudoers.
Currently forces alias expansion when a filter is applied and the
entire matching user or host list is printed, even the non-matching
entries.  This effectively allows you to grep sudoers by user, group
and host.

6 years agoAdd free_default() to free a struct defaults pointer so we have a
Todd C. Miller [Wed, 21 Mar 2018 18:11:19 +0000 (12:11 -0600)]
Add free_default() to free a struct defaults pointer so we have a
single place where we free the defaults.  A pointer to the previous
Default's binding may be passed in to avoid freeing an already free
binding.

6 years agoDecrease bullet width to 1n.
Todd C. Miller [Wed, 21 Mar 2018 12:52:50 +0000 (06:52 -0600)]
Decrease bullet width to 1n.