mirror of
https://github.com/sudo-project/sudo.git
synced 2025-08-31 14:25:15 +00:00
Set usrinfo for AIX
Set adminstrative domain for the process when looking up user's
password or group info and when preparing for execve().
Include strings.h even if string.h exists since they may define
different things. Fixes warnings on AIX and others.
This commit is contained in:
Todd C. Miller
@@ -38,14 +38,16 @@
|
||||
# include <memory.h>
|
||||
# endif
|
||||
# include <string.h>
|
||||
#else
|
||||
# ifdef HAVE_STRINGS_H
|
||||
# include <strings.h>
|
||||
# endif
|
||||
#endif /* HAVE_STRING_H */
|
||||
#ifdef HAVE_STRINGS_H
|
||||
# include <strings.h>
|
||||
#endif /* HAVE_STRINGS_H */
|
||||
#ifdef HAVE_UNISTD_H
|
||||
# include <unistd.h>
|
||||
#endif /* HAVE_UNISTD_H */
|
||||
#ifdef HAVE_SETAUTHDB
|
||||
# include <usersec.h>
|
||||
#endif /* HAVE_SETAUTHDB */
|
||||
#include <pwd.h>
|
||||
#include <grp.h>
|
||||
|
||||
@@ -166,11 +168,14 @@ sudo_getpwuid(uid_t uid)
|
||||
key.pw_uid = uid;
|
||||
if ((node = rbfind(pwcache_byuid, &key)) != NULL) {
|
||||
pw = (struct passwd *) node->data;
|
||||
return(pw->pw_name != NULL ? pw : NULL);
|
||||
goto done;
|
||||
}
|
||||
/*
|
||||
* Cache passwd db entry if it exists or a negative response if not.
|
||||
*/
|
||||
#ifdef HAVE_SETAUTHDB
|
||||
aix_setauthdb(IDtouser(uid));
|
||||
#endif
|
||||
if ((pw = getpwuid(uid)) != NULL) {
|
||||
pw = sudo_pwdup(pw);
|
||||
cp = sudo_getepw(pw); /* get shadow password */
|
||||
@@ -180,15 +185,18 @@ sudo_getpwuid(uid_t uid)
|
||||
if (rbinsert(pwcache_byuid, (void *) pw) != NULL)
|
||||
errorx(1, "unable to cache uid %lu (%s), already exists",
|
||||
uid, pw->pw_name);
|
||||
return(pw);
|
||||
} else {
|
||||
pw = emalloc(sizeof(*pw));
|
||||
zero_bytes(pw, sizeof(*pw));
|
||||
pw->pw_uid = uid;
|
||||
if (rbinsert(pwcache_byuid, (void *) pw) != NULL)
|
||||
errorx(1, "unable to cache uid %lu, already exists", uid);
|
||||
return(NULL);
|
||||
}
|
||||
#ifdef HAVE_SETAUTHDB
|
||||
aix_restoreauthdb();
|
||||
#endif
|
||||
done:
|
||||
return(pw->pw_name != NULL ? pw : NULL);
|
||||
}
|
||||
|
||||
/*
|
||||
@@ -206,11 +214,14 @@ sudo_getpwnam(const char *name)
|
||||
key.pw_name = (char *) name;
|
||||
if ((node = rbfind(pwcache_byname, &key)) != NULL) {
|
||||
pw = (struct passwd *) node->data;
|
||||
return(pw->pw_uid != (uid_t) -1 ? pw : NULL);
|
||||
goto done;
|
||||
}
|
||||
/*
|
||||
* Cache passwd db entry if it exists or a negative response if not.
|
||||
*/
|
||||
#ifdef HAVE_SETAUTHDB
|
||||
aix_setauthdb((char *) name);
|
||||
#endif
|
||||
if ((pw = getpwnam(name)) != NULL) {
|
||||
pw = sudo_pwdup(pw);
|
||||
cp = sudo_getepw(pw); /* get shadow password */
|
||||
@@ -219,7 +230,6 @@ sudo_getpwnam(const char *name)
|
||||
pw->pw_passwd = cp;
|
||||
if (rbinsert(pwcache_byname, (void *) pw) != NULL)
|
||||
errorx(1, "unable to cache user %s, already exists", name);
|
||||
return(pw);
|
||||
} else {
|
||||
len = strlen(name) + 1;
|
||||
cp = emalloc(sizeof(*pw) + len);
|
||||
@@ -231,8 +241,12 @@ sudo_getpwnam(const char *name)
|
||||
pw->pw_uid = (uid_t) -1;
|
||||
if (rbinsert(pwcache_byname, (void *) pw) != NULL)
|
||||
errorx(1, "unable to cache user %s, already exists", name);
|
||||
return(NULL);
|
||||
}
|
||||
#ifdef HAVE_SETAUTHDB
|
||||
aix_restoreauthdb();
|
||||
#endif
|
||||
done:
|
||||
return(pw->pw_uid != (uid_t) -1 ? pw : NULL);
|
||||
}
|
||||
|
||||
/*
|
||||
@@ -434,7 +448,7 @@ sudo_getgrgid(gid_t gid)
|
||||
key.gr_gid = gid;
|
||||
if ((node = rbfind(grcache_bygid, &key)) != NULL) {
|
||||
gr = (struct group *) node->data;
|
||||
return(gr->gr_name != NULL ? gr : NULL);
|
||||
goto done;
|
||||
}
|
||||
/*
|
||||
* Cache group db entry if it exists or a negative response if not.
|
||||
@@ -444,15 +458,15 @@ sudo_getgrgid(gid_t gid)
|
||||
if (rbinsert(grcache_bygid, (void *) gr) != NULL)
|
||||
errorx(1, "unable to cache gid %lu (%s), already exists",
|
||||
gid, gr->gr_name);
|
||||
return(gr);
|
||||
} else {
|
||||
gr = emalloc(sizeof(*gr));
|
||||
zero_bytes(gr, sizeof(*gr));
|
||||
gr->gr_gid = gid;
|
||||
if (rbinsert(grcache_bygid, (void *) gr) != NULL)
|
||||
errorx(1, "unable to cache gid %lu, already exists, gid");
|
||||
return(NULL);
|
||||
}
|
||||
done:
|
||||
return(gr->gr_name != NULL ? gr : NULL);
|
||||
}
|
||||
|
||||
/*
|
||||
@@ -469,7 +483,7 @@ sudo_getgrnam(const char *name)
|
||||
key.gr_name = (char *) name;
|
||||
if ((node = rbfind(grcache_byname, &key)) != NULL) {
|
||||
gr = (struct group *) node->data;
|
||||
return(gr->gr_gid != (gid_t) -1 ? gr : NULL);
|
||||
goto done;
|
||||
}
|
||||
/*
|
||||
* Cache group db entry if it exists or a negative response if not.
|
||||
@@ -478,7 +492,6 @@ sudo_getgrnam(const char *name)
|
||||
gr = sudo_grdup(gr);
|
||||
if (rbinsert(grcache_byname, (void *) gr) != NULL)
|
||||
errorx(1, "unable to cache group %s, already exists", name);
|
||||
return(gr);
|
||||
} else {
|
||||
len = strlen(name) + 1;
|
||||
cp = emalloc(sizeof(*gr) + len);
|
||||
@@ -490,8 +503,9 @@ sudo_getgrnam(const char *name)
|
||||
gr->gr_gid = (gid_t) -1;
|
||||
if (rbinsert(grcache_byname, (void *) gr) != NULL)
|
||||
errorx(1, "unable to cache group %s, already exists", name);
|
||||
return(NULL);
|
||||
}
|
||||
done:
|
||||
return(gr->gr_gid != (gid_t) -1 ? gr : NULL);
|
||||
}
|
||||
|
||||
void
|
||||
@@ -540,7 +554,14 @@ user_in_group(struct passwd *pw, const char *group)
|
||||
#endif
|
||||
struct group *grp;
|
||||
|
||||
if ((grp = sudo_getgrnam(group)) == NULL)
|
||||
#ifdef HAVE_SETAUTHDB
|
||||
aix_setauthdb(pw->pw_name);
|
||||
#endif
|
||||
grp = sudo_getgrnam(group);
|
||||
#ifdef HAVE_SETAUTHDB
|
||||
aix_restoreauthdb();
|
||||
#endif
|
||||
if (grp == NULL)
|
||||
return(FALSE);
|
||||
|
||||
/* check against user's primary (passwd file) gid */
|
||||
|
||||
Reference in New Issue
Block a user