]> granicus.if.org Git - sudo/log
sudo
6 years agoShould no longer need to set max_groups.
Todd C. Miller [Sat, 16 Jun 2018 17:32:14 +0000 (11:32 -0600)]
Should no longer need to set max_groups.

6 years agoUse new sudo_getgrouplist2() function instead of getgrouplist().
Todd C. Miller [Fri, 15 Jun 2018 20:05:14 +0000 (14:05 -0600)]
Use new sudo_getgrouplist2() function instead of getgrouplist().

6 years agoAdd sudo_getgrouplist2() to dynamically allocate the group vector.
Todd C. Miller [Fri, 15 Jun 2018 20:05:13 +0000 (14:05 -0600)]
Add sudo_getgrouplist2() to dynamically allocate the group vector.
This allows us to avoid repeatedly calling getgrouplist() with
a statically sized vector on macOS, Solaris, HP-UX, and AIX.

6 years agoFix fd leak introduced by SUDO_CONV_PREFER_TTY commit. Coverity CID 186605.
Todd C. Miller [Fri, 15 Jun 2018 19:31:58 +0000 (13:31 -0600)]
Fix fd leak introduced by SUDO_CONV_PREFER_TTY commit.  Coverity CID 186605.

6 years agoFix some issues pointed out by mandoc -Tlint
Todd C. Miller [Wed, 13 Jun 2018 17:19:35 +0000 (11:19 -0600)]
Fix some issues pointed out by mandoc -Tlint

6 years agoAdd SUDO_CONV_PREFER_TTY flag for conversation function to tell
Todd C. Miller [Wed, 13 Jun 2018 17:19:33 +0000 (11:19 -0600)]
Add SUDO_CONV_PREFER_TTY flag for conversation function to tell
sudo to try writing to /dev/tty first.  Can be used in conjunction
with SUDO_CONV_INFO_MSG and SUDO_CONV_ERROR_MSG.

6 years agoUpdate for arc4random.c, arc4random_uniform.c and getentropy.c
Todd C. Miller [Fri, 8 Jun 2018 12:32:02 +0000 (06:32 -0600)]
Update for arc4random.c, arc4random_uniform.c and getentropy.c

6 years agoFreeBSD wordexp() returns WRDE_SYNTAX if it can't write to the shell
Todd C. Miller [Tue, 5 Jun 2018 21:37:16 +0000 (15:37 -0600)]
FreeBSD wordexp() returns WRDE_SYNTAX if it can't write to the shell
process.  Since we've prevented execve() from succeeding this is
the error we get back from wordexp() on FreeBSD.

6 years agoFix conversion of usec to nsec; from Scott Cheloha
Todd C. Miller [Tue, 5 Jun 2018 02:00:41 +0000 (20:00 -0600)]
Fix conversion of usec to nsec; from Scott Cheloha

6 years agoFix typo.
Todd C. Miller [Sat, 2 Jun 2018 03:15:57 +0000 (21:15 -0600)]
Fix typo.

6 years agoThe getdefs() function now get called multiple times so use the
Todd C. Miller [Tue, 29 May 2018 16:53:47 +0000 (10:53 -0600)]
The getdefs() function now get called multiple times so use the
cached data if present.

6 years agoReturn an empty defaults list, not NULL if there is no global sudoers
Todd C. Miller [Tue, 29 May 2018 16:24:57 +0000 (10:24 -0600)]
Return an empty defaults list, not NULL if there is no global sudoers
defaults entry in sss.

6 years agoFix memory leak of handle pointer on close.
Todd C. Miller [Tue, 29 May 2018 16:10:20 +0000 (10:10 -0600)]
Fix memory leak of handle pointer on close.

6 years agoRemove a needless copy when parsing options.
Todd C. Miller [Tue, 29 May 2018 15:39:42 +0000 (09:39 -0600)]
Remove a needless copy when parsing options.

6 years agoMove cached userspecs and defaults into the handle object.
Todd C. Miller [Tue, 29 May 2018 15:39:40 +0000 (09:39 -0600)]
Move cached userspecs and defaults into the handle object.

6 years agoQuiet a clang analyzer warning. It should not be possible for
Todd C. Miller [Mon, 28 May 2018 14:30:57 +0000 (08:30 -0600)]
Quiet a clang analyzer warning.  It should not be possible for
pop_include() to be called when YY_CURRENT_BUFFER is NULL.

6 years agoReorder things to avoid the need to declare static functions.
Todd C. Miller [Mon, 28 May 2018 13:35:51 +0000 (07:35 -0600)]
Reorder things to avoid the need to declare static functions.

6 years agoUse arc4random for mkstemp() and insults.
Todd C. Miller [Fri, 25 May 2018 03:04:23 +0000 (21:04 -0600)]
Use arc4random for mkstemp() and insults.

6 years agoImport arc4random() from libressl. This takes an all-in-one approach
Todd C. Miller [Fri, 25 May 2018 03:04:23 +0000 (21:04 -0600)]
Import arc4random() from libressl.  This takes an all-in-one approach
instead of the one-file-per-OS approach that libressl takes.
The fallback code does not have as many OS-specific bits as libressl.

6 years agoMove digest code into libutil
Todd C. Miller [Fri, 25 May 2018 03:04:07 +0000 (21:04 -0600)]
Move digest code into libutil

6 years agoCheck for invalid bas64 attributes.
Todd C. Miller [Sun, 20 May 2018 14:09:25 +0000 (08:09 -0600)]
Check for invalid bas64 attributes.

6 years agoFix pointer sign warnings.
Todd C. Miller [Sun, 20 May 2018 13:42:54 +0000 (07:42 -0600)]
Fix pointer sign warnings.

6 years agoAdd missing variable declaration for SELinux and Solaris.
Todd C. Miller [Sun, 20 May 2018 13:36:46 +0000 (07:36 -0600)]
Add missing variable declaration for SELinux and Solaris.

6 years agoHandle empty string and treat it as safe.
Todd C. Miller [Sun, 20 May 2018 13:36:00 +0000 (07:36 -0600)]
Handle empty string and treat it as safe.

6 years agoAdd support for base64-encoding non-safe strings in LDIF output.
Todd C. Miller [Sun, 20 May 2018 13:01:26 +0000 (07:01 -0600)]
Add support for base64-encoding non-safe strings in LDIF output.

6 years agoAdd base64_encode() by Jon Mayo.
Todd C. Miller [Sun, 20 May 2018 01:03:47 +0000 (19:03 -0600)]
Add base64_encode() by Jon Mayo.

6 years agoAdd support for parsing base64-encoded attributes
Todd C. Miller [Fri, 18 May 2018 16:11:51 +0000 (10:11 -0600)]
Add support for parsing base64-encoded attributes

6 years agorfc2253 says we need to escape " and leading and trailing space.
Todd C. Miller [Thu, 17 May 2018 17:16:44 +0000 (11:16 -0600)]
rfc2253 says we need to escape " and leading and trailing space.

6 years agoDefine ZLIB_CONST so we get the const version of the API.
Todd C. Miller [Thu, 17 May 2018 15:31:48 +0000 (09:31 -0600)]
Define ZLIB_CONST so we get the const version of the API.

6 years agoFix logic inversion when handing the authenticate Defaults option
Todd C. Miller [Wed, 16 May 2018 18:14:14 +0000 (12:14 -0600)]
Fix logic inversion when handing the authenticate Defaults option
for "sudo -l" and "sudo -v" in long list mode.

6 years agoSet handle->pw before sss_to_sudoers() since sss_check_user()
Todd C. Miller [Wed, 16 May 2018 16:48:50 +0000 (10:48 -0600)]
Set handle->pw before sss_to_sudoers() since sss_check_user()
uses it.  Coverity CID 185651

6 years agoFix memory leak on error, CID 185602
Todd C. Miller [Wed, 16 May 2018 16:45:00 +0000 (10:45 -0600)]
Fix memory leak on error, CID 185602

6 years agoSome ldap_get_values_len -> sudo_ldap_get_values_len that were
Todd C. Miller [Wed, 16 May 2018 16:37:15 +0000 (10:37 -0600)]
Some ldap_get_values_len -> sudo_ldap_get_values_len that were
missed before.

6 years agoWhen building up the cmndspec, add the actual command member last.
Todd C. Miller [Wed, 16 May 2018 16:27:28 +0000 (10:27 -0600)]
When building up the cmndspec, add the actual command member last.
This simplifies the logic regarding the SETENV tag and alsomakes
"out of memory" cleanup simpler.

6 years agoFix format string mismatch, sudo_order is unsigned.
Todd C. Miller [Wed, 16 May 2018 16:15:15 +0000 (10:15 -0600)]
Fix format string mismatch, sudo_order is unsigned.

6 years agoAdd cppcheck annotation to suppress memory leak false positive.
Todd C. Miller [Wed, 16 May 2018 16:14:39 +0000 (10:14 -0600)]
Add cppcheck annotation to suppress memory leak false positive.

6 years agoSudo "ALL" implies the SETENV tag.
Todd C. Miller [Wed, 16 May 2018 16:01:52 +0000 (10:01 -0600)]
Sudo "ALL" implies the SETENV tag.

6 years agoOnly set MODE_PRESERVE_ENV when preserving the entire environment.
Todd C. Miller [Wed, 16 May 2018 15:10:43 +0000 (09:10 -0600)]
Only set MODE_PRESERVE_ENV when preserving the entire environment.
Fixes a problem introduced in 1.8.23 where "sudo -i" could not be
used in conjunction with --preserve-env=VARIABLE.  Bug #835

6 years agoAdd free_userspecs() and free_default() and use them instead of
Todd C. Miller [Tue, 15 May 2018 22:35:07 +0000 (16:35 -0600)]
Add free_userspecs() and free_default() and use them instead of
looping over the lists and calling free_userspec() and free_default().

6 years agoDepending on the bos level, AIX 6.1 may or may not include
Todd C. Miller [Tue, 15 May 2018 15:53:46 +0000 (09:53 -0600)]
Depending on the bos level, AIX 6.1 may or may not include
getline/getdelim and AIX 7.1 may or may not include memset_s.
Since we need to build packages that will work on all AIX 6.1 and
7.1 machines, use our getline() and memset_s emulation.

6 years agoDo not leak struct sudo_command when the command is ALL.
Todd C. Miller [Mon, 14 May 2018 19:47:00 +0000 (13:47 -0600)]
Do not leak struct sudo_command when the command is ALL.
Coverity CID 185602.

6 years agoSudo 1.8.24
Todd C. Miller [Mon, 14 May 2018 19:04:14 +0000 (13:04 -0600)]
Sudo 1.8.24

6 years agoImprove comments about why we need to do a user check and how it
Todd C. Miller [Mon, 14 May 2018 16:43:51 +0000 (10:43 -0600)]
Improve comments about why we need to do a user check and how it
related to netgroups.

6 years agoAdd checks for ldap/sss functions failing due to memory allocation
Todd C. Miller [Mon, 14 May 2018 15:05:05 +0000 (09:05 -0600)]
Add checks for ldap/sss functions failing due to memory allocation
errors.

6 years agoLet the main sudoers lookup code check the host name. We still
Todd C. Miller [Mon, 14 May 2018 15:05:04 +0000 (09:05 -0600)]
Let the main sudoers lookup code check the host name.  We still
check the user name so it is possible to use a single userspec
but this may change in the future.

6 years agoSimplify the nss interface such that each sudoers provider fills
Todd C. Miller [Mon, 14 May 2018 15:05:03 +0000 (09:05 -0600)]
Simplify the nss interface such that each sudoers provider fills
in a per-nss list of userspecs and defaults instead of using separate
lookup and list functions.  This makes it possible to have a single
implementation of the code for sudoers lookup and listing.

6 years agoInclude parse.h in sudoers.h since it will soon be required.
Todd C. Miller [Mon, 14 May 2018 15:05:02 +0000 (09:05 -0600)]
Include parse.h in sudoers.h since it will soon be required.

6 years agoParse "ALL" as a command correctly.
Todd C. Miller [Mon, 14 May 2018 14:35:48 +0000 (08:35 -0600)]
Parse "ALL" as a command correctly.

6 years agoAdd debug warning if lseek() fails (should not be possible).
Todd C. Miller [Fri, 11 May 2018 13:51:43 +0000 (07:51 -0600)]
Add debug warning if lseek() fails (should not be possible).

6 years agoFix swapped args of lseek() when rewinding. This didn't cause a
Todd C. Miller [Fri, 11 May 2018 13:45:22 +0000 (07:45 -0600)]
Fix swapped args of lseek() when rewinding.  This didn't cause a
problem because the value of SEEK_SET is 0.

6 years agoFix a format-truncation warning in newer gcc by avoiding using %0x
Todd C. Miller [Fri, 11 May 2018 03:17:03 +0000 (21:17 -0600)]
Fix a format-truncation warning in newer gcc by avoiding using %0x
and %0X in the test.  We are formatting a single byte so just do
it one nybble at a time.

6 years agoRegen with autoconf git commit e17a30e987d7ee695fb4294a82d987ec3dc9b974
Todd C. Miller [Fri, 11 May 2018 02:44:09 +0000 (20:44 -0600)]
Regen with autoconf git commit e17a30e987d7ee695fb4294a82d987ec3dc9b974
AC_HEADER_MAJOR: port to glibc 2.25

6 years agoNo need to explicitly free role on EOF, it will be freed after the
Todd C. Miller [Thu, 3 May 2018 17:06:02 +0000 (11:06 -0600)]
No need to explicitly free role on EOF, it will be freed after the
loop is done.

6 years agoGarbage collect the command argv, envp and info vectors since they are
Todd C. Miller [Thu, 3 May 2018 16:52:17 +0000 (10:52 -0600)]
Garbage collect the command argv, envp and info vectors since they are
not available at policy close time.

6 years agoPlug memory leaks on parse error or when an LDIF entry doesn't match
Todd C. Miller [Thu, 3 May 2018 16:51:11 +0000 (10:51 -0600)]
Plug memory leaks on parse error or when an LDIF entry doesn't match
the dn filter.

6 years agoRename variables now that the string list functions are not ldap-specific.
Todd C. Miller [Thu, 3 May 2018 16:49:54 +0000 (10:49 -0600)]
Rename variables now that the string list functions are not ldap-specific.

6 years agoFix typo
Todd C. Miller [Mon, 30 Apr 2018 15:56:40 +0000 (09:56 -0600)]
Fix typo

6 years agofix version
Todd C. Miller [Sun, 29 Apr 2018 19:58:49 +0000 (13:58 -0600)]
fix version

6 years agosync
Todd C. Miller [Sun, 29 Apr 2018 19:52:28 +0000 (13:52 -0600)]
sync

6 years agosync with translationproject.org
Todd C. Miller [Sun, 29 Apr 2018 19:33:29 +0000 (13:33 -0600)]
sync with translationproject.org

6 years agoO_EXEC for fexecve() not O_SEARCH.
Todd C. Miller [Wed, 25 Apr 2018 20:55:55 +0000 (14:55 -0600)]
O_EXEC for fexecve() not O_SEARCH.

6 years agoDocument how to suppress the last login message on Solaris.
Todd C. Miller [Wed, 25 Apr 2018 15:56:22 +0000 (09:56 -0600)]
Document how to suppress the last login message on Solaris.

6 years agoFix compilation error with older Sun Studio compilers.
Todd C. Miller [Tue, 24 Apr 2018 22:40:16 +0000 (16:40 -0600)]
Fix compilation error with older Sun Studio compilers.

6 years agoUpdate Bug #831 decription.
Todd C. Miller [Tue, 24 Apr 2018 20:29:58 +0000 (14:29 -0600)]
Update Bug #831 decription.

6 years agoAdd Chinese(Taiwan) translation for sudo.
Todd C. Miller [Tue, 24 Apr 2018 16:45:30 +0000 (10:45 -0600)]
Add Chinese(Taiwan) translation for sudo.

6 years agoMove the check for /dev/fd/N until *after* the digest has been
Todd C. Miller [Tue, 24 Apr 2018 13:21:08 +0000 (07:21 -0600)]
Move the check for /dev/fd/N until *after* the digest has been
checked.  We still need to be able to check the digest even if there
is no /dev/fd/N or fexecve().

6 years agoRewind the fd after calling sudo_filedigest(). Otherwise, when
Todd C. Miller [Tue, 24 Apr 2018 02:43:04 +0000 (20:43 -0600)]
Rewind the fd after calling sudo_filedigest().  Otherwise, when
running a script via fexecve(), the interpreter may get EOF when
reading /dev/fd/N.  This only appears to affect BSD systems with
fdescfs.  Bug #831.

6 years agoIn open_cmnd(), return true, not false, if we the /dev/fd/N pathname
Todd C. Miller [Mon, 23 Apr 2018 20:42:35 +0000 (14:42 -0600)]
In open_cmnd(), return true, not false, if we the /dev/fd/N pathname
is not present.  We don't want to fail a match because of this.

6 years agoBug #831.
Todd C. Miller [Mon, 23 Apr 2018 17:01:49 +0000 (11:01 -0600)]
Bug #831.

6 years agoWe can only use fexecve() on a script if /dev/fd/N exists.
Todd C. Miller [Mon, 23 Apr 2018 16:54:51 +0000 (10:54 -0600)]
We can only use fexecve() on a script if /dev/fd/N exists.
Some systems, such as FreeBSD, don't have /dev/fd mounted
by default.  Bug #831

6 years agosync with translationproject.org
Todd C. Miller [Sun, 22 Apr 2018 12:58:53 +0000 (06:58 -0600)]
sync with translationproject.org

6 years agosync with translationproject.org
Todd C. Miller [Sat, 21 Apr 2018 19:56:36 +0000 (13:56 -0600)]
sync with translationproject.org

6 years agoAdd tests for round-tripping cvtsudoers, sudoers -> LDIF -> sudoers
Todd C. Miller [Sat, 21 Apr 2018 12:23:02 +0000 (06:23 -0600)]
Add tests for round-tripping cvtsudoers, sudoers -> LDIF -> sudoers
and LDIF -> sudoers -> LDIF.

6 years agoTest the -b option when converting from LDIF.
Todd C. Miller [Thu, 19 Apr 2018 15:24:08 +0000 (09:24 -0600)]
Test the -b option when converting from LDIF.

6 years agoFix the -b option when converting from LDIF.
Todd C. Miller [Thu, 19 Apr 2018 15:23:45 +0000 (09:23 -0600)]
Fix the -b option when converting from LDIF.

6 years agosync with translationproject.org
Todd C. Miller [Thu, 19 Apr 2018 03:14:10 +0000 (21:14 -0600)]
sync with translationproject.org

6 years agoFix some more typos.
Todd C. Miller [Wed, 18 Apr 2018 20:25:11 +0000 (14:25 -0600)]
Fix some more typos.

6 years agomandoc now preserves the copyright notice, no need to do it ourselves
Todd C. Miller [Wed, 18 Apr 2018 20:24:51 +0000 (14:24 -0600)]
mandoc now preserves the copyright notice, no need to do it ourselves

6 years agoDescribe the special handling of LOGNAME, USER and USERNAME.
Todd C. Miller [Wed, 18 Apr 2018 20:14:47 +0000 (14:14 -0600)]
Describe the special handling of LOGNAME, USER and USERNAME.
Fix typos reported by aspell.

6 years agoFix a memory leak on the error path.
Todd C. Miller [Wed, 18 Apr 2018 16:09:22 +0000 (10:09 -0600)]
Fix a memory leak on the error path.

6 years agoDocument that the editor setting is also used by sudoedit.
Todd C. Miller [Wed, 18 Apr 2018 15:40:48 +0000 (09:40 -0600)]
Document that the editor setting is also used by sudoedit.

6 years agoPlug memory leak when an I/O plugin is specified in sudo.conf
Todd C. Miller [Tue, 17 Apr 2018 19:41:44 +0000 (13:41 -0600)]
Plug memory leak when an I/O plugin is specified in sudo.conf
but the I/O plugin is not configured.

6 years agoMonty Python insults from Philip Hudson
Todd C. Miller [Tue, 17 Apr 2018 13:10:43 +0000 (07:10 -0600)]
Monty Python insults from Philip Hudson

6 years agoadd examples
Todd C. Miller [Sun, 15 Apr 2018 23:06:26 +0000 (17:06 -0600)]
add examples

6 years agoUpdate copyright year and regen man pages.
Todd C. Miller [Sun, 15 Apr 2018 22:43:06 +0000 (16:43 -0600)]
Update copyright year and regen man pages.

6 years agosync with translationproject.org
Todd C. Miller [Sun, 15 Apr 2018 14:21:40 +0000 (08:21 -0600)]
sync with translationproject.org

6 years agocvtsudoers regress tests
Todd C. Miller [Sun, 15 Apr 2018 14:14:46 +0000 (08:14 -0600)]
cvtsudoers regress tests

6 years agoPrune alias contents when pruning and expanding aliases.
Todd C. Miller [Sun, 15 Apr 2018 14:14:46 +0000 (08:14 -0600)]
Prune alias contents when pruning and expanding aliases.
This abuses the userlist_matches_filter() and hostlist_matches_filter()
functions.  A better approach would be to call the correct function
from user_matches() and host_matches().

6 years agoFix typo
Todd C. Miller [Sun, 15 Apr 2018 01:54:54 +0000 (19:54 -0600)]
Fix typo

6 years agoFix cut & pasto that prevented "-d command" from working.
Todd C. Miller [Sat, 14 Apr 2018 12:13:44 +0000 (06:13 -0600)]
Fix cut & pasto that prevented "-d command" from working.

6 years agoFix a user after free crash as well as a memory leak when filtering
Todd C. Miller [Fri, 13 Apr 2018 16:49:05 +0000 (10:49 -0600)]
Fix a user after free crash as well as a memory leak when filtering
Defaults.

6 years agoDocument that a User_Alias or Host_Alias may be used in the match filter.
Todd C. Miller [Thu, 12 Apr 2018 12:29:41 +0000 (06:29 -0600)]
Document that a User_Alias or Host_Alias may be used in the match filter.

6 years agoDon't always expand aliases when formatting a host-based Defaults
Todd C. Miller [Thu, 12 Apr 2018 12:25:35 +0000 (06:25 -0600)]
Don't always expand aliases when formatting a host-based Defaults
line.  This was missed when expand_aliases support was added.

6 years agoAllow host and user aliases to be specified in match filters.
Todd C. Miller [Thu, 12 Apr 2018 12:21:20 +0000 (06:21 -0600)]
Allow host and user aliases to be specified in match filters.

6 years agoUpdate copyright year.
Todd C. Miller [Thu, 12 Apr 2018 11:13:49 +0000 (05:13 -0600)]
Update copyright year.

6 years agosync with translationproject.org
Todd C. Miller [Tue, 10 Apr 2018 22:07:42 +0000 (16:07 -0600)]
sync with translationproject.org

6 years agoWhen the -d option is used, remove aliases used by the non-converted
Todd C. Miller [Mon, 9 Apr 2018 17:13:33 +0000 (11:13 -0600)]
When the -d option is used, remove aliases used by the non-converted
Defaults settings if the aliases are not also referenced by userspecs.

6 years agoregen
Todd C. Miller [Thu, 5 Apr 2018 13:00:25 +0000 (07:00 -0600)]
regen

6 years agoupdate
Todd C. Miller [Thu, 5 Apr 2018 12:34:49 +0000 (06:34 -0600)]
update

6 years agoMention -p and -M options in the description of -m.
Todd C. Miller [Thu, 5 Apr 2018 12:34:22 +0000 (06:34 -0600)]
Mention -p and -M options in the description of -m.