diff --git a/plugins/sudoers/defaults.c b/plugins/sudoers/defaults.c index ef9700b09..555483749 100644 --- a/plugins/sudoers/defaults.c +++ b/plugins/sudoers/defaults.c @@ -71,6 +71,7 @@ static bool store_tuple(const char *str, struct sudo_defs_types *def); static bool store_uint(const char *str, struct sudo_defs_types *def); static bool store_timespec(const char *str, struct sudo_defs_types *def); static bool store_rlimit(const char *str, struct sudo_defs_types *def); +static bool store_plugin(const char *str, struct sudo_defs_types *def, int op); static bool list_op(const char *str, size_t, struct list_members *list, enum list_ops op); static bool valid_path(const struct sudoers_context *ctx, struct sudo_defs_types *def, const char *val, const char *file, int line, int column, bool quiet); @@ -307,6 +308,9 @@ parse_default_entry(const struct sudoers_context *ctx, case T_TIMESPEC: rc = store_timespec(val, def); break; + case T_PLUGIN: + rc = store_plugin(val, def, op); + break; case T_RLIMIT: rc = store_rlimit(val, def); break; @@ -1080,6 +1084,22 @@ store_list(const char *str, struct sudo_defs_types *def, int op) debug_return_bool(true); } +static bool +store_plugin(const char *str, struct sudo_defs_types *def, int op) +{ + const enum list_ops lop = op == '-' ? delete : add; + debug_decl(store_plugin, SUDOERS_DEBUG_DEFAULTS); + + /* Remove all old members. */ + if (op == false || op == true) + (void)list_op(NULL, 0, &def->sd_un.list, freeall); + + if (!list_op(str, strlen(str), &def->sd_un.list, lop)) + debug_return_bool(false); + + debug_return_bool(true); +} + static bool store_syslogfac(const char *str, struct sudo_defs_types *def) { diff --git a/plugins/sudoers/defaults.h b/plugins/sudoers/defaults.h index 3b30cd0c6..0319eb5dd 100644 --- a/plugins/sudoers/defaults.h +++ b/plugins/sudoers/defaults.h @@ -111,6 +111,8 @@ struct early_default { #define T_TIMEOUT 0x011 #undef T_RLIMIT #define T_RLIMIT 0x012 +#undef T_PLUGIN +#define T_PLUGIN 0x013 #undef T_MASK #define T_MASK 0x0FF #undef T_BOOL diff --git a/plugins/sudoers/mkdefaults b/plugins/sudoers/mkdefaults index 485504af6..77c7df936 100755 --- a/plugins/sudoers/mkdefaults +++ b/plugins/sudoers/mkdefaults @@ -45,6 +45,7 @@ BEGIN { type_map["T_TIMESPEC"] = "tspec" type_map["T_TIMEOUT"] = "ival" type_map["T_RLIMIT"] = "str" + type_map["T_PLUGIN"] = "list" } { sub(/#.*/, "", $0)