Todd C. Miller [Wed, 6 Feb 2019 13:30:00 +0000 (06:30 -0700)]
On RedHat/CentOS get the OS major version from /etc/redhat-release.
We cannot determine this from the output of "pp --probe" since it
doesn't contain a period to separate the major and minor numbers.
Todd C. Miller [Fri, 25 Jan 2019 17:39:57 +0000 (10:39 -0700)]
Use $ac_cv_search_FUNCTION instead of $ac_lib and $ac_res.
Fixes a problem where libcrypt is not used with autoconf caching.
Adapted from a diff from Adam Labbe.
Todd C. Miller [Sun, 20 Jan 2019 14:49:48 +0000 (07:49 -0700)]
Minor snprintf() usage tweaks:
1) don't assume snprintf() returns -1 on error, check for <0
2) when comparing return value of sizeof(foo), cast the sizeof, not the len
3) cast return value to void in cases where snprintf cannot fail
Todd C. Miller [Mon, 7 Jan 2019 16:50:40 +0000 (09:50 -0700)]
Use PAM_SILENT to prevent pam_lastlog from printing last login
information on RedHat except when explicitly running a shell.
Adapted from a patch from Nir Soffer. Bug #867
Todd C. Miller [Mon, 7 Jan 2019 16:38:03 +0000 (09:38 -0700)]
Fix the default nofiles and stack hard limits.
The table of default hard limits in /etc/security/limits was out
of date with respect to the current documentation. The default
hard limit for nofiles should be unlimited, not 8196. The default
hard limit for stack should be 4194304 blocks (which fits in an
unsigned long on 32-bit platforms).
Todd C. Miller [Fri, 7 Dec 2018 16:51:34 +0000 (09:51 -0700)]
The fix for bug #843 was incomplete and caused pam_end() to be called early.
sudo_pam_approval() must not set the global pam status to an error
value if it returns AUTH_SUCCESS. Otherwise, sudo_pam_cleanup()
will call pam_end() before sudo_pam_begin_session(). This resulted
in a NULL PAM handle being used in sudo_pam_begin_session().
Todd C. Miller [Wed, 5 Dec 2018 17:43:14 +0000 (10:43 -0700)]
Don't run the command in a pty if no I/O plugins are logging anything.
That way an I/O plugin that doesn't actually log anything won't cause
the command to be run in a pty.
Todd C. Miller [Tue, 27 Nov 2018 20:15:08 +0000 (13:15 -0700)]
Fix section in the .TH line of *.man.in file.
The substitution for @mansectsu@ and @mansectform@ was broken.
No longer need to strip out OpenBSD from the header line.
Todd C. Miller [Tue, 27 Nov 2018 15:14:15 +0000 (08:14 -0700)]
Use roff conditionals in the manuals instead of post-processing.
We still need to process the resulting .man.in files to add back
the conditionals but this should be easier to debug as the changes
are visible in the .in file.
Some minor postprocessing is still used to make the manuals HP-UX
friendly and to change "0 seconds" -> unlimited after substitution.
Todd C. Miller [Sat, 24 Nov 2018 15:39:09 +0000 (08:39 -0700)]
Sudo plugin manual updates and clarification from Guillem Jover:
- Add missing return information for show_version().
- Fix prototypes for several function pointers.
- Update SUDO_API_VERSION_MINOR.
- Add missing references to log_suspend() and change_winsize().
- Add missing "array.".
- Clarify that argc can be zero on sudo -V.
- Clarify size requirements for conversation array arguments.
- Clarify timeout zero value for struct sudo_conv_message.
- Clarify initial and final state of reply in struct sudo_conv_reply.
Todd C. Miller [Sat, 24 Nov 2018 15:34:03 +0000 (08:34 -0700)]
Revert changes to give arguments to the .Bx macro.
This is intended for things like .Bx 4.3 to generate "4.3BSD" so
the argument ends up before the BSD, not after. Just go back to
using "BSD authentication" and "BSD login classes" so fixmdoc.sh
can operate correctly. Bug #861
Todd C. Miller [Sat, 27 Oct 2018 12:37:34 +0000 (06:37 -0600)]
Allow the group set by "sudo -g" to be any of the target user's groups.
Previously, this was only allowed if the group matched the target
user's primary group ID (from the passwd database entry).
The sudoers policy will now allow the group if it is one of the
target user's supplemental groups as well.
Todd C. Miller [Fri, 26 Oct 2018 17:11:58 +0000 (11:11 -0600)]
Skip sudo_getgrouplist2() check on systems with getgrouplist_2().
sudo_getgrouplist2() is just a wrapper on such systems and this
avoids a test failure on macOS where a user is automatically a
member of certain groups.
Todd C. Miller [Mon, 22 Oct 2018 15:12:17 +0000 (09:12 -0600)]
Pass --sourcetree-root to pvs-studio and don't check sudo_noexec.c.
Since we don't auto-generate dependencies for sudo_noexec.c we
can't easily check it from outside the source tree. This
is not a problem as it just contains stub functions.
Todd C. Miller [Fri, 19 Oct 2018 19:33:37 +0000 (13:33 -0600)]
No need to check if fd_dst is -1 in sudoedit mode.
Failure to open the destination sudoedit file is fatal so there's
no need to check that fd_dst != -1 later on. Found by PVS-Studio.
Todd C. Miller [Thu, 18 Oct 2018 20:43:08 +0000 (14:43 -0600)]
Move the allocation of role to be immediately before in_role is set.
This makes it clear that when in_role == true, role is non-NULL.
Also remove two dead stores.