mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-30 22:05:46 +00:00
Code Issues Releases Wiki Activity

Add support for command timeouts in sudoers. After the timeout,

Browse Source 
the command will be terminated.
This commit is contained in:
Todd C. Miller
2017-02-14 15:56:34 -07:00
parent 4f9dcd7264
commit 3980f1531b
31 changed files with 2367 additions and 1749 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
plugins/sudoers/defaults.c
View File

@@ -101,6 +101,7 @@ static bool store_mode(const char *str, union sudo_defs_val *sd_un);
static int store_str(const char *str, union sudo_defs_val *sd_un);
static bool store_syslogfac(const char *str, union sudo_defs_val *sd_un);
static bool store_syslogpri(const char *str, union sudo_defs_val *sd_un);
static bool store_timeout(const char *str, union sudo_defs_val *sd_un);
static bool store_tuple(const char *str, union sudo_defs_val *sd_un, struct def_values *tuple_vals);
static bool store_uint(const char *str, union sudo_defs_val *sd_un);
static bool store_float(const char *str, union sudo_defs_val *sd_un);
@@ -178,6 +179,13 @@ dump_defaults(void)
}
}
break;
case T_TIMEOUT:
if (cur->sd_un.ival) {
sudo_printf(SUDO_CONV_INFO_MSG, desc,
cur->sd_un.ival);
sudo_printf(SUDO_CONV_INFO_MSG, "\n");
}
break;
case T_TUPLE:
for (def = cur->values; def->sval; def++) {
if (cur->sd_un.tuple == def->nval) {
@@ -301,6 +309,9 @@ parse_default_entry(struct sudo_defs_types *def, const char *val, int op,
case T_LIST:
rc = store_list(val, sd_un, op);
break;
case T_TIMEOUT:
rc = store_timeout(val, sd_un);
break;
case T_TUPLE:
rc = store_tuple(val, sd_un, def->values);
break;
@@ -986,6 +997,25 @@ store_mode(const char *str, union sudo_defs_val *sd_un)
debug_return_bool(true);
}
static bool
store_timeout(const char *str, union sudo_defs_val *sd_un)
{
debug_decl(store_mode, SUDOERS_DEBUG_DEFAULTS)
if (str == NULL) {
sd_un->ival = 0;
} else {
int seconds = parse_timeout(str);
if (seconds == -1) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO|SUDO_DEBUG_LINENO,
"%s", str);
debug_return_bool(false);
}
sd_un->ival = seconds;
}
debug_return_bool(true);
}
static bool
list_op(const char *str, size_t len, union sudo_defs_val *sd_un,
enum list_ops op)