mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-22 09:57:41 +00:00
Code Issues Releases Wiki Activity

Don't pollute the namespace with lbuf struct and functions

Browse Source
This commit is contained in:
Todd C. Miller 2014-06-26 15:51:15 -06:00
parent 6bdee0488c
commit 7bafa63c15
17 changed files with 278 additions and 275 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
MANIFEST
View File

@ -67,7 +67,6 @@ include/compat/utime.h/
include/fatal.h include/fatal.h
include/fileops.h include/fileops.h
include/gettext.h include/gettext.h
include/lbuf.h
include/missing.h include/missing.h
include/queue.h include/queue.h
include/secure_path.h include/secure_path.h
@ -75,6 +74,7 @@ include/sudo_conf.h
include/sudo_debug.h include/sudo_debug.h
include/sudo_dso.h include/sudo_dso.h
include/sudo_event.h include/sudo_event.h
include/sudo_lbuf.h
include/sudo_plugin.h include/sudo_plugin.h
include/sudo_util.h include/sudo_util.h
indent.pro indent.pro

4
Makefile.in
View File

@ -79,8 +79,8 @@ XGETTEXT_OPTS = -F -k_ -kN_ -kU_ --copyright-holder="Todd C. Miller" \
--package-name=@PACKAGE_NAME@ --package-version=$(VERSION) \ --package-name=@PACKAGE_NAME@ --package-version=$(VERSION) \
--flag warning:1:c-format --flag warningx:1:c-format \ --flag warning:1:c-format --flag warningx:1:c-format \
--flag fatal:1:c-format --flag fatalx:1:c-format \ --flag fatal:1:c-format --flag fatalx:1:c-format \
--flag easprintf:3:c-format --flag lbuf_append:2:c-format \ --flag easprintf:3:c-format --flag sudo_lbuf_append:2:c-format \
--flag lbuf_append_quoted:3:c-format --foreign-user --flag sudo_lbuf_append_quoted:3:c-format --foreign-user
# Default cppcheck options when run from the top-level Makefile # Default cppcheck options when run from the top-level Makefile
CPPCHECK_OPTS = -q --force --enable=warning,performance,portability --suppress=constStatement --error-exitcode=1 --inline-suppr -U__cplusplus -UQUAD_MAX -UQUAD_MIN -UUQUAD_MAX -U_POSIX_HOST_NAME_MAX -U_POSIX_PATH_MAX CPPCHECK_OPTS = -q --force --enable=warning,performance,portability --suppress=constStatement --error-exitcode=1 --inline-suppr -U__cplusplus -UQUAD_MAX -UQUAD_MIN -UUQUAD_MAX -U_POSIX_HOST_NAME_MAX -U_POSIX_PATH_MAX

15
include/lbuf.h → include/sudo_lbuf.h
View File

@ -1,5 +1,6 @@
/* /*
* Copyright (c) 2007, 2010, 2011 Todd C. Miller <Todd.Miller@courtesan.com> * Copyright (c) 2007, 2010, 2011, 2013, 2014
* Todd C. Miller <Todd.Miller@courtesan.com>
* *
* Permission to use, copy, modify, and distribute this software for any * Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above * purpose with or without fee is hereby granted, provided that the above
@ -22,7 +23,7 @@
/* /*
* Line buffer struct. * Line buffer struct.
*/ */
struct lbuf { struct sudo_lbuf {
int (*output)(const char *); int (*output)(const char *);
char *buf; char *buf;
const char *continuation; const char *continuation;
@ -32,10 +33,10 @@ struct lbuf {
int cols; int cols;
}; };
__dso_public void lbuf_init(struct lbuf *, int (*)(const char *), int, const char *, int); __dso_public void sudo_lbuf_init(struct sudo_lbuf *, int (*)(const char *), int, const char *, int);
__dso_public void lbuf_destroy(struct lbuf *); __dso_public void sudo_lbuf_destroy(struct sudo_lbuf *);
__dso_public void lbuf_append(struct lbuf *, const char *, ...) __printflike(2, 3); __dso_public void sudo_lbuf_append(struct sudo_lbuf *, const char *, ...) __printflike(2, 3);
__dso_public void lbuf_append_quoted(struct lbuf *, const char *, const char *, ...) __printflike(3, 4); __dso_public void sudo_lbuf_append_quoted(struct sudo_lbuf *, const char *, const char *, ...) __printflike(3, 4);
__dso_public void lbuf_print(struct lbuf *); __dso_public void sudo_lbuf_print(struct sudo_lbuf *);
#endif /* _SUDO_LBUF_H */ #endif /* _SUDO_LBUF_H */

5
lib/util/Makefile.in
View File

@ -381,8 +381,9 @@ key_val.lo: $(srcdir)/key_val.c $(incdir)/compat/stdbool.h $(incdir)/missing.h \
$(incdir)/sudo_debug.h $(incdir)/sudo_util.h \ $(incdir)/sudo_debug.h $(incdir)/sudo_util.h \
$(top_builddir)/config.h $(top_builddir)/config.h
$(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/key_val.c $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/key_val.c
lbuf.lo: $(srcdir)/lbuf.c $(incdir)/alloc.h $(incdir)/fatal.h $(incdir)/lbuf.h \ lbuf.lo: $(srcdir)/lbuf.c $(incdir)/alloc.h $(incdir)/fatal.h \
$(incdir)/missing.h $(incdir)/sudo_debug.h $(top_builddir)/config.h $(incdir)/missing.h $(incdir)/sudo_debug.h $(incdir)/sudo_lbuf.h \
$(top_builddir)/config.h
$(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/lbuf.c $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/lbuf.c
locale_stub.lo: $(top_srcdir)/src/locale_stub.c $(incdir)/fatal.h \ locale_stub.lo: $(top_srcdir)/src/locale_stub.c $(incdir)/fatal.h \
$(incdir)/gettext.h $(incdir)/missing.h $(top_builddir)/config.h $(incdir)/gettext.h $(incdir)/missing.h $(top_builddir)/config.h

42
lib/util/lbuf.c
View File

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2007-2013 Todd C. Miller <Todd.Miller@courtesan.com> * Copyright (c) 2007-2014 Todd C. Miller <Todd.Miller@courtesan.com>
* *
* Permission to use, copy, modify, and distribute this software for any * Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above * purpose with or without fee is hereby granted, provided that the above
@ -45,14 +45,14 @@
#include "missing.h" #include "missing.h"
#include "alloc.h" #include "alloc.h"
#include "fatal.h" #include "fatal.h"
#include "lbuf.h" #include "sudo_lbuf.h"
#include "sudo_debug.h" #include "sudo_debug.h"
void void
lbuf_init(struct lbuf *lbuf, int (*output)(const char *), sudo_lbuf_init(struct sudo_lbuf *lbuf, int (*output)(const char *),
int indent, const char *continuation, int cols) int indent, const char *continuation, int cols)
{ {
debug_decl(lbuf_init, SUDO_DEBUG_UTIL) debug_decl(sudo_lbuf_init, SUDO_DEBUG_UTIL)
lbuf->output = output; lbuf->output = output;
lbuf->continuation = continuation; lbuf->continuation = continuation;
@ -66,9 +66,9 @@ lbuf_init(struct lbuf *lbuf, int (*output)(const char *),
} }
void void
lbuf_destroy(struct lbuf *lbuf) sudo_lbuf_destroy(struct sudo_lbuf *lbuf)
{ {
debug_decl(lbuf_destroy, SUDO_DEBUG_UTIL) debug_decl(sudo_lbuf_destroy, SUDO_DEBUG_UTIL)
efree(lbuf->buf); efree(lbuf->buf);
lbuf->buf = NULL; lbuf->buf = NULL;
@ -77,7 +77,7 @@ lbuf_destroy(struct lbuf *lbuf)
} }
static void static void
lbuf_expand(struct lbuf *lbuf, int extra) sudo_lbuf_expand(struct sudo_lbuf *lbuf, int extra)
{ {
if (lbuf->len + extra + 1 >= lbuf->size) { if (lbuf->len + extra + 1 >= lbuf->size) {
do { do {
@ -92,12 +92,12 @@ lbuf_expand(struct lbuf *lbuf, int extra)
* Any characters in set are quoted with a backslash. * Any characters in set are quoted with a backslash.
*/ */
void void
lbuf_append_quoted(struct lbuf *lbuf, const char *set, const char *fmt, ...) sudo_lbuf_append_quoted(struct sudo_lbuf *lbuf, const char *set, const char *fmt, ...)
{ {
va_list ap; va_list ap;
int len; int len;
char *cp, *s; char *cp, *s;
debug_decl(lbuf_append_quoted, SUDO_DEBUG_UTIL) debug_decl(sudo_lbuf_append_quoted, SUDO_DEBUG_UTIL)
va_start(ap, fmt); va_start(ap, fmt);
while (*fmt != '\0') { while (*fmt != '\0') {
@ -106,7 +106,7 @@ lbuf_append_quoted(struct lbuf *lbuf, const char *set, const char *fmt, ...)
goto done; goto done;
while ((cp = strpbrk(s, set)) != NULL) { while ((cp = strpbrk(s, set)) != NULL) {
len = (int)(cp - s); len = (int)(cp - s);
lbuf_expand(lbuf, len + 2); sudo_lbuf_expand(lbuf, len + 2);
memcpy(lbuf->buf + lbuf->len, s, len); memcpy(lbuf->buf + lbuf->len, s, len);
lbuf->len += len; lbuf->len += len;
lbuf->buf[lbuf->len++] = '\\'; lbuf->buf[lbuf->len++] = '\\';
@ -115,14 +115,14 @@ lbuf_append_quoted(struct lbuf *lbuf, const char *set, const char *fmt, ...)
} }
if (*s != '\0') { if (*s != '\0') {
len = strlen(s); len = strlen(s);
lbuf_expand(lbuf, len); sudo_lbuf_expand(lbuf, len);
memcpy(lbuf->buf + lbuf->len, s, len); memcpy(lbuf->buf + lbuf->len, s, len);
lbuf->len += len; lbuf->len += len;
} }
fmt += 2; fmt += 2;
continue; continue;
} }
lbuf_expand(lbuf, 2); sudo_lbuf_expand(lbuf, 2);
if (strchr(set, *fmt) != NULL) if (strchr(set, *fmt) != NULL)
lbuf->buf[lbuf->len++] = '\\'; lbuf->buf[lbuf->len++] = '\\';
lbuf->buf[lbuf->len++] = *fmt++; lbuf->buf[lbuf->len++] = *fmt++;
@ -139,12 +139,12 @@ done:
* Parse the format and append strings, only %s and %% escapes are supported. * Parse the format and append strings, only %s and %% escapes are supported.
*/ */
void void
lbuf_append(struct lbuf *lbuf, const char *fmt, ...) sudo_lbuf_append(struct sudo_lbuf *lbuf, const char *fmt, ...)
{ {
va_list ap; va_list ap;
int len; int len;
char *s; char *s;
debug_decl(lbuf_append, SUDO_DEBUG_UTIL) debug_decl(sudo_lbuf_append, SUDO_DEBUG_UTIL)
va_start(ap, fmt); va_start(ap, fmt);
while (*fmt != '\0') { while (*fmt != '\0') {
@ -152,13 +152,13 @@ lbuf_append(struct lbuf *lbuf, const char *fmt, ...)
if ((s = va_arg(ap, char *)) == NULL) if ((s = va_arg(ap, char *)) == NULL)
goto done; goto done;
len = strlen(s); len = strlen(s);
lbuf_expand(lbuf, len); sudo_lbuf_expand(lbuf, len);
memcpy(lbuf->buf + lbuf->len, s, len); memcpy(lbuf->buf + lbuf->len, s, len);
lbuf->len += len; lbuf->len += len;
fmt += 2; fmt += 2;
continue; continue;
} }
lbuf_expand(lbuf, 1); sudo_lbuf_expand(lbuf, 1);
lbuf->buf[lbuf->len++] = *fmt++; lbuf->buf[lbuf->len++] = *fmt++;
} }
done: done:
@ -170,11 +170,11 @@ done:
} }
static void static void
lbuf_println(struct lbuf *lbuf, char *line, int len) sudo_lbuf_println(struct sudo_lbuf *lbuf, char *line, int len)
{ {
char *cp, save; char *cp, save;
int i, have, contlen; int i, have, contlen;
debug_decl(lbuf_println, SUDO_DEBUG_UTIL) debug_decl(sudo_lbuf_println, SUDO_DEBUG_UTIL)
contlen = lbuf->continuation ? strlen(lbuf->continuation) : 0; contlen = lbuf->continuation ? strlen(lbuf->continuation) : 0;
@ -232,11 +232,11 @@ lbuf_println(struct lbuf *lbuf, char *line, int len)
* The lbuf is reset on return. * The lbuf is reset on return.
*/ */
void void
lbuf_print(struct lbuf *lbuf) sudo_lbuf_print(struct sudo_lbuf *lbuf)
{ {
char *cp, *ep; char *cp, *ep;
int len; int len;
debug_decl(lbuf_print, SUDO_DEBUG_UTIL) debug_decl(sudo_lbuf_print, SUDO_DEBUG_UTIL)
if (lbuf->buf == NULL || lbuf->len == 0) if (lbuf->buf == NULL || lbuf->len == 0)
goto done; goto done;
@ -263,7 +263,7 @@ lbuf_print(struct lbuf *lbuf)
if ((ep = memchr(cp, '\n', len)) != NULL) if ((ep = memchr(cp, '\n', len)) != NULL)
len = (int)(ep - cp); len = (int)(ep - cp);
if (len) if (len)
lbuf_println(lbuf, cp, len); sudo_lbuf_println(lbuf, cp, len);
cp = ep ? ep + 1 : NULL; cp = ep ? ep + 1 : NULL;
} }
} }

10
lib/util/util.exp
View File

@ -44,11 +44,6 @@ get_ttysize
getprogname getprogname
initprogname initprogname
isblank isblank
lbuf_append
lbuf_append_quoted
lbuf_destroy
lbuf_init
lbuf_print
sudo_asprintf sudo_asprintf
sudo_clock_gettime sudo_clock_gettime
sudo_closefrom sudo_closefrom
@ -113,6 +108,11 @@ sudo_getopt_long_only
sudo_glob sudo_glob
sudo_globfree sudo_globfree
sudo_inet_pton sudo_inet_pton
sudo_lbuf_append
sudo_lbuf_append_quoted
sudo_lbuf_destroy
sudo_lbuf_init
sudo_lbuf_print
sudo_lock_file sudo_lock_file
sudo_memrchr sudo_memrchr
sudo_memset_s sudo_memset_s

32
plugins/sudoers/Makefile.in
View File

@ -654,8 +654,8 @@ kerb5.lo: $(authdir)/kerb5.c $(devdir)/def_data.h $(incdir)/alloc.h \
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(authdir)/kerb5.c $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(authdir)/kerb5.c
ldap.lo: $(srcdir)/ldap.c $(devdir)/def_data.h $(incdir)/alloc.h \ ldap.lo: $(srcdir)/ldap.c $(devdir)/def_data.h $(incdir)/alloc.h \
$(incdir)/compat/stdbool.h $(incdir)/fatal.h $(incdir)/fileops.h \ $(incdir)/compat/stdbool.h $(incdir)/fatal.h $(incdir)/fileops.h \
$(incdir)/gettext.h $(incdir)/lbuf.h $(incdir)/missing.h \ $(incdir)/gettext.h $(incdir)/missing.h $(incdir)/queue.h \
$(incdir)/queue.h $(incdir)/sudo_debug.h $(incdir)/sudo_dso.h \ $(incdir)/sudo_debug.h $(incdir)/sudo_dso.h $(incdir)/sudo_lbuf.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \ $(incdir)/sudo_plugin.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
$(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \ $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(top_builddir)/config.h \ $(srcdir)/sudoers.h $(top_builddir)/config.h \
@ -720,8 +720,8 @@ pam.lo: $(authdir)/pam.c $(devdir)/def_data.h $(incdir)/alloc.h \
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(authdir)/pam.c $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(authdir)/pam.c
parse.lo: $(srcdir)/parse.c $(devdir)/def_data.h $(devdir)/gram.h \ parse.lo: $(srcdir)/parse.c $(devdir)/def_data.h $(devdir)/gram.h \
$(incdir)/alloc.h $(incdir)/compat/stdbool.h $(incdir)/fatal.h \ $(incdir)/alloc.h $(incdir)/compat/stdbool.h $(incdir)/fatal.h \
$(incdir)/fileops.h $(incdir)/gettext.h $(incdir)/lbuf.h \ $(incdir)/fileops.h $(incdir)/gettext.h $(incdir)/missing.h \
$(incdir)/missing.h $(incdir)/queue.h $(incdir)/sudo_debug.h \ $(incdir)/queue.h $(incdir)/sudo_debug.h $(incdir)/sudo_lbuf.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \ $(incdir)/sudo_plugin.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
$(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \ $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(top_builddir)/config.h \ $(srcdir)/sudoers.h $(top_builddir)/config.h \
@ -819,8 +819,8 @@ sia.lo: $(authdir)/sia.c $(devdir)/def_data.h $(incdir)/alloc.h \
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(authdir)/sia.c $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(authdir)/sia.c
sssd.lo: $(srcdir)/sssd.c $(devdir)/def_data.h $(incdir)/alloc.h \ sssd.lo: $(srcdir)/sssd.c $(devdir)/def_data.h $(incdir)/alloc.h \
$(incdir)/compat/stdbool.h $(incdir)/fatal.h $(incdir)/fileops.h \ $(incdir)/compat/stdbool.h $(incdir)/fatal.h $(incdir)/fileops.h \
$(incdir)/gettext.h $(incdir)/lbuf.h $(incdir)/missing.h \ $(incdir)/gettext.h $(incdir)/missing.h $(incdir)/queue.h \
$(incdir)/queue.h $(incdir)/sudo_debug.h $(incdir)/sudo_dso.h \ $(incdir)/sudo_debug.h $(incdir)/sudo_dso.h $(incdir)/sudo_lbuf.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \ $(incdir)/sudo_plugin.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
$(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \ $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(top_builddir)/config.h \ $(srcdir)/sudoers.h $(top_builddir)/config.h \
@ -838,10 +838,11 @@ sudo_auth.lo: $(authdir)/sudo_auth.c $(devdir)/def_data.h $(incdir)/alloc.h \
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(authdir)/sudo_auth.c $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(authdir)/sudo_auth.c
sudo_nss.lo: $(srcdir)/sudo_nss.c $(devdir)/def_data.h $(incdir)/alloc.h \ sudo_nss.lo: $(srcdir)/sudo_nss.c $(devdir)/def_data.h $(incdir)/alloc.h \
$(incdir)/compat/stdbool.h $(incdir)/fatal.h $(incdir)/fileops.h \ $(incdir)/compat/stdbool.h $(incdir)/fatal.h $(incdir)/fileops.h \
$(incdir)/gettext.h $(incdir)/lbuf.h $(incdir)/missing.h \ $(incdir)/gettext.h $(incdir)/missing.h $(incdir)/queue.h \
$(incdir)/queue.h $(incdir)/sudo_debug.h $(incdir)/sudo_plugin.h \ $(incdir)/sudo_debug.h $(incdir)/sudo_lbuf.h \
$(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \ $(incdir)/sudo_plugin.h $(incdir)/sudo_util.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(top_builddir)/config.h \ $(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h $(top_builddir)/pathnames.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/sudo_nss.c $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/sudo_nss.c
sudoers.lo: $(srcdir)/sudoers.c $(devdir)/def_data.h $(incdir)/alloc.h \ sudoers.lo: $(srcdir)/sudoers.c $(devdir)/def_data.h $(incdir)/alloc.h \
@ -888,12 +889,11 @@ timestr.lo: $(srcdir)/timestr.c $(incdir)/missing.h $(top_builddir)/config.h
toke.lo: $(devdir)/toke.c $(devdir)/def_data.h $(devdir)/gram.h \ toke.lo: $(devdir)/toke.c $(devdir)/def_data.h $(devdir)/gram.h \
$(incdir)/alloc.h $(incdir)/compat/sha2.h $(incdir)/compat/stdbool.h \ $(incdir)/alloc.h $(incdir)/compat/sha2.h $(incdir)/compat/stdbool.h \
$(incdir)/fatal.h $(incdir)/fileops.h $(incdir)/gettext.h \ $(incdir)/fatal.h $(incdir)/fileops.h $(incdir)/gettext.h \
$(incdir)/lbuf.h $(incdir)/missing.h $(incdir)/queue.h \ $(incdir)/missing.h $(incdir)/queue.h $(incdir)/secure_path.h \
$(incdir)/secure_path.h $(incdir)/sudo_debug.h \ $(incdir)/sudo_debug.h $(incdir)/sudo_lbuf.h $(incdir)/sudo_plugin.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \ $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
$(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \ $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/sudoers.h $(srcdir)/toke.h $(top_builddir)/config.h \ $(srcdir)/toke.h $(top_builddir)/config.h $(top_builddir)/pathnames.h
$(top_builddir)/pathnames.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(devdir)/toke.c $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(devdir)/toke.c
toke_util.lo: $(srcdir)/toke_util.c $(devdir)/def_data.h $(devdir)/gram.h \ toke_util.lo: $(srcdir)/toke_util.c $(devdir)/def_data.h $(devdir)/gram.h \
$(incdir)/alloc.h $(incdir)/compat/stdbool.h $(incdir)/fatal.h \ $(incdir)/alloc.h $(incdir)/compat/stdbool.h $(incdir)/fatal.h \

72
plugins/sudoers/ldap.c
View File

@ -68,7 +68,7 @@
#include "sudoers.h" #include "sudoers.h"
#include "parse.h" #include "parse.h"
#include "lbuf.h" #include "sudo_lbuf.h"
#include "sudo_dso.h" #include "sudo_dso.h"
/* Older Netscape LDAP SDKs don't prototype ldapssl_set_strength() */ /* Older Netscape LDAP SDKs don't prototype ldapssl_set_strength() */
@ -350,11 +350,11 @@ static int sudo_ldap_setdefs(struct sudo_nss *nss);
static int sudo_ldap_lookup(struct sudo_nss *nss, int ret, int pwflag); static int sudo_ldap_lookup(struct sudo_nss *nss, int ret, int pwflag);
static int sudo_ldap_display_cmnd(struct sudo_nss *nss, struct passwd *pw); static int sudo_ldap_display_cmnd(struct sudo_nss *nss, struct passwd *pw);
static int sudo_ldap_display_defaults(struct sudo_nss *nss, struct passwd *pw, static int sudo_ldap_display_defaults(struct sudo_nss *nss, struct passwd *pw,
struct lbuf *lbuf); struct sudo_lbuf *lbuf);
static int sudo_ldap_display_bound_defaults(struct sudo_nss *nss, static int sudo_ldap_display_bound_defaults(struct sudo_nss *nss,
struct passwd *pw, struct lbuf *lbuf); struct passwd *pw, struct sudo_lbuf *lbuf);
static int sudo_ldap_display_privs(struct sudo_nss *nss, struct passwd *pw, static int sudo_ldap_display_privs(struct sudo_nss *nss, struct passwd *pw,
struct lbuf *lbuf); struct sudo_lbuf *lbuf);
static struct ldap_result *sudo_ldap_result_get(struct sudo_nss *nss, static struct ldap_result *sudo_ldap_result_get(struct sudo_nss *nss,
struct passwd *pw); struct passwd *pw);
@ -1771,7 +1771,7 @@ sudo_ldap_get_first_rdn(LDAP *ld, LDAPMessage *entry)
*/ */
static int static int
sudo_ldap_display_defaults(struct sudo_nss *nss, struct passwd *pw, sudo_ldap_display_defaults(struct sudo_nss *nss, struct passwd *pw,
struct lbuf *lbuf) struct sudo_lbuf *lbuf)
{ {
struct berval **bv, **p; struct berval **bv, **p;
struct timeval tv, *tvp = NULL; struct timeval tv, *tvp = NULL;
@ -1805,7 +1805,7 @@ sudo_ldap_display_defaults(struct sudo_nss *nss, struct passwd *pw,
else else
prefix = ", "; prefix = ", ";
for (p = bv; *p != NULL; p++) { for (p = bv; *p != NULL; p++) {
lbuf_append(lbuf, "%s%s", prefix, (*p)->bv_val); sudo_lbuf_append(lbuf, "%s%s", prefix, (*p)->bv_val);
prefix = ", "; prefix = ", ";
count++; count++;
} }
@ -1825,7 +1825,7 @@ done:
*/ */
static int static int
sudo_ldap_display_bound_defaults(struct sudo_nss *nss, struct passwd *pw, sudo_ldap_display_bound_defaults(struct sudo_nss *nss, struct passwd *pw,
struct lbuf *lbuf) struct sudo_lbuf *lbuf)
{ {
debug_decl(sudo_ldap_display_bound_defaults, SUDO_DEBUG_LDAP) debug_decl(sudo_ldap_display_bound_defaults, SUDO_DEBUG_LDAP)
debug_return_int(0); debug_return_int(0);
@ -1835,13 +1835,13 @@ sudo_ldap_display_bound_defaults(struct sudo_nss *nss, struct passwd *pw,
* Print a record in the short form, ala file sudoers. * Print a record in the short form, ala file sudoers.
*/ */
static int static int
sudo_ldap_display_entry_short(LDAP *ld, LDAPMessage *entry, struct lbuf *lbuf) sudo_ldap_display_entry_short(LDAP *ld, LDAPMessage *entry, struct sudo_lbuf *lbuf)
{ {
struct berval **bv, **p; struct berval **bv, **p;
int count = 0; int count = 0;
debug_decl(sudo_ldap_display_entry_short, SUDO_DEBUG_LDAP) debug_decl(sudo_ldap_display_entry_short, SUDO_DEBUG_LDAP)
lbuf_append(lbuf, " ("); sudo_lbuf_append(lbuf, " (");
/* get the RunAsUser Values from the entry */ /* get the RunAsUser Values from the entry */
bv = ldap_get_values_len(ld, entry, "sudoRunAsUser"); bv = ldap_get_values_len(ld, entry, "sudoRunAsUser");
@ -1849,22 +1849,22 @@ sudo_ldap_display_entry_short(LDAP *ld, LDAPMessage *entry, struct lbuf *lbuf)
bv = ldap_get_values_len(ld, entry, "sudoRunAs"); bv = ldap_get_values_len(ld, entry, "sudoRunAs");
if (bv != NULL) { if (bv != NULL) {
for (p = bv; *p != NULL; p++) { for (p = bv; *p != NULL; p++) {
lbuf_append(lbuf, "%s%s", p != bv ? ", " : "", (*p)->bv_val); sudo_lbuf_append(lbuf, "%s%s", p != bv ? ", " : "", (*p)->bv_val);
} }
ldap_value_free_len(bv); ldap_value_free_len(bv);
} else } else
lbuf_append(lbuf, "%s", def_runas_default); sudo_lbuf_append(lbuf, "%s", def_runas_default);
/* get the RunAsGroup Values from the entry */ /* get the RunAsGroup Values from the entry */
bv = ldap_get_values_len(ld, entry, "sudoRunAsGroup"); bv = ldap_get_values_len(ld, entry, "sudoRunAsGroup");
if (bv != NULL) { if (bv != NULL) {
lbuf_append(lbuf, " : "); sudo_lbuf_append(lbuf, " : ");
for (p = bv; *p != NULL; p++) { for (p = bv; *p != NULL; p++) {
lbuf_append(lbuf, "%s%s", p != bv ? ", " : "", (*p)->bv_val); sudo_lbuf_append(lbuf, "%s%s", p != bv ? ", " : "", (*p)->bv_val);
} }
ldap_value_free_len(bv); ldap_value_free_len(bv);
} }
lbuf_append(lbuf, ") "); sudo_lbuf_append(lbuf, ") ");
/* get the Option Values from the entry */ /* get the Option Values from the entry */
bv = ldap_get_values_len(ld, entry, "sudoOption"); bv = ldap_get_values_len(ld, entry, "sudoOption");
@ -1874,13 +1874,13 @@ sudo_ldap_display_entry_short(LDAP *ld, LDAPMessage *entry, struct lbuf *lbuf)
if (*cp == '!') if (*cp == '!')
cp++; cp++;
if (strcmp(cp, "authenticate") == 0) if (strcmp(cp, "authenticate") == 0)
lbuf_append(lbuf, (*p)->bv_val[0] == '!' ? sudo_lbuf_append(lbuf, (*p)->bv_val[0] == '!' ?
"NOPASSWD: " : "PASSWD: "); "NOPASSWD: " : "PASSWD: ");
else if (strcmp(cp, "noexec") == 0) else if (strcmp(cp, "noexec") == 0)
lbuf_append(lbuf, (*p)->bv_val[0] == '!' ? sudo_lbuf_append(lbuf, (*p)->bv_val[0] == '!' ?
"EXEC: " : "NOEXEC: "); "EXEC: " : "NOEXEC: ");
else if (strcmp(cp, "setenv") == 0) else if (strcmp(cp, "setenv") == 0)
lbuf_append(lbuf, (*p)->bv_val[0] == '!' ? sudo_lbuf_append(lbuf, (*p)->bv_val[0] == '!' ?
"NOSETENV: " : "SETENV: "); "NOSETENV: " : "SETENV: ");
} }
ldap_value_free_len(bv); ldap_value_free_len(bv);
@ -1890,12 +1890,12 @@ sudo_ldap_display_entry_short(LDAP *ld, LDAPMessage *entry, struct lbuf *lbuf)
bv = ldap_get_values_len(ld, entry, "sudoCommand"); bv = ldap_get_values_len(ld, entry, "sudoCommand");
if (bv != NULL) { if (bv != NULL) {
for (p = bv; *p != NULL; p++) { for (p = bv; *p != NULL; p++) {
lbuf_append(lbuf, "%s%s", p != bv ? ", " : "", (*p)->bv_val); sudo_lbuf_append(lbuf, "%s%s", p != bv ? ", " : "", (*p)->bv_val);
count++; count++;
} }
ldap_value_free_len(bv); ldap_value_free_len(bv);
} }
lbuf_append(lbuf, "\n"); sudo_lbuf_append(lbuf, "\n");
debug_return_int(count); debug_return_int(count);
} }
@ -1904,7 +1904,7 @@ sudo_ldap_display_entry_short(LDAP *ld, LDAPMessage *entry, struct lbuf *lbuf)
* Print a record in the long form. * Print a record in the long form.
*/ */
static int static int
sudo_ldap_display_entry_long(LDAP *ld, LDAPMessage *entry, struct lbuf *lbuf) sudo_ldap_display_entry_long(LDAP *ld, LDAPMessage *entry, struct sudo_lbuf *lbuf)
{ {
struct berval **bv, **p; struct berval **bv, **p;
char *rdn; char *rdn;
@ -1914,46 +1914,46 @@ sudo_ldap_display_entry_long(LDAP *ld, LDAPMessage *entry, struct lbuf *lbuf)
/* extract the dn, only show the first rdn */ /* extract the dn, only show the first rdn */
rdn = sudo_ldap_get_first_rdn(ld, entry); rdn = sudo_ldap_get_first_rdn(ld, entry);
if (rdn != NULL) if (rdn != NULL)
lbuf_append(lbuf, _("\nLDAP Role: %s\n"), rdn); sudo_lbuf_append(lbuf, _("\nLDAP Role: %s\n"), rdn);
else else
lbuf_append(lbuf, _("\nLDAP Role: UNKNOWN\n")); sudo_lbuf_append(lbuf, _("\nLDAP Role: UNKNOWN\n"));
if (rdn) if (rdn)
ldap_memfree(rdn); ldap_memfree(rdn);
/* get the RunAsUser Values from the entry */ /* get the RunAsUser Values from the entry */
lbuf_append(lbuf, " RunAsUsers: "); sudo_lbuf_append(lbuf, " RunAsUsers: ");
bv = ldap_get_values_len(ld, entry, "sudoRunAsUser"); bv = ldap_get_values_len(ld, entry, "sudoRunAsUser");
if (bv == NULL) if (bv == NULL)
bv = ldap_get_values_len(ld, entry, "sudoRunAs"); bv = ldap_get_values_len(ld, entry, "sudoRunAs");
if (bv != NULL) { if (bv != NULL) {
for (p = bv; *p != NULL; p++) { for (p = bv; *p != NULL; p++) {
lbuf_append(lbuf, "%s%s", p != bv ? ", " : "", (*p)->bv_val); sudo_lbuf_append(lbuf, "%s%s", p != bv ? ", " : "", (*p)->bv_val);
} }
ldap_value_free_len(bv); ldap_value_free_len(bv);
} else } else
lbuf_append(lbuf, "%s", def_runas_default); sudo_lbuf_append(lbuf, "%s", def_runas_default);
lbuf_append(lbuf, "\n"); sudo_lbuf_append(lbuf, "\n");
/* get the RunAsGroup Values from the entry */ /* get the RunAsGroup Values from the entry */
bv = ldap_get_values_len(ld, entry, "sudoRunAsGroup"); bv = ldap_get_values_len(ld, entry, "sudoRunAsGroup");
if (bv != NULL) { if (bv != NULL) {
lbuf_append(lbuf, " RunAsGroups: "); sudo_lbuf_append(lbuf, " RunAsGroups: ");
for (p = bv; *p != NULL; p++) { for (p = bv; *p != NULL; p++) {
lbuf_append(lbuf, "%s%s", p != bv ? ", " : "", (*p)->bv_val); sudo_lbuf_append(lbuf, "%s%s", p != bv ? ", " : "", (*p)->bv_val);
} }
ldap_value_free_len(bv); ldap_value_free_len(bv);
lbuf_append(lbuf, "\n"); sudo_lbuf_append(lbuf, "\n");
} }
/* get the Option Values from the entry */ /* get the Option Values from the entry */
bv = ldap_get_values_len(ld, entry, "sudoOption"); bv = ldap_get_values_len(ld, entry, "sudoOption");
if (bv != NULL) { if (bv != NULL) {
lbuf_append(lbuf, " Options: "); sudo_lbuf_append(lbuf, " Options: ");
for (p = bv; *p != NULL; p++) { for (p = bv; *p != NULL; p++) {
lbuf_append(lbuf, "%s%s", p != bv ? ", " : "", (*p)->bv_val); sudo_lbuf_append(lbuf, "%s%s", p != bv ? ", " : "", (*p)->bv_val);
} }
ldap_value_free_len(bv); ldap_value_free_len(bv);
lbuf_append(lbuf, "\n"); sudo_lbuf_append(lbuf, "\n");
} }
/* /*
@ -1963,7 +1963,7 @@ sudo_ldap_display_entry_long(LDAP *ld, LDAPMessage *entry, struct lbuf *lbuf)
bv = ldap_get_values_len(ld, entry, "sudoOrder"); bv = ldap_get_values_len(ld, entry, "sudoOrder");
if (bv != NULL) { if (bv != NULL) {
if (*bv != NULL) { if (*bv != NULL) {
lbuf_append(lbuf, _(" Order: %s\n"), (*bv)->bv_val); sudo_lbuf_append(lbuf, _(" Order: %s\n"), (*bv)->bv_val);
} }
ldap_value_free_len(bv); ldap_value_free_len(bv);
} }
@ -1971,9 +1971,9 @@ sudo_ldap_display_entry_long(LDAP *ld, LDAPMessage *entry, struct lbuf *lbuf)
/* Get the command values from the entry. */ /* Get the command values from the entry. */
bv = ldap_get_values_len(ld, entry, "sudoCommand"); bv = ldap_get_values_len(ld, entry, "sudoCommand");
if (bv != NULL) { if (bv != NULL) {
lbuf_append(lbuf, _(" Commands:\n")); sudo_lbuf_append(lbuf, _(" Commands:\n"));
for (p = bv; *p != NULL; p++) { for (p = bv; *p != NULL; p++) {
lbuf_append(lbuf, "\t%s\n", (*p)->bv_val); sudo_lbuf_append(lbuf, "\t%s\n", (*p)->bv_val);
count++; count++;
} }
ldap_value_free_len(bv); ldap_value_free_len(bv);
@ -1987,7 +1987,7 @@ sudo_ldap_display_entry_long(LDAP *ld, LDAPMessage *entry, struct lbuf *lbuf)
*/ */
static int static int
sudo_ldap_display_privs(struct sudo_nss *nss, struct passwd *pw, sudo_ldap_display_privs(struct sudo_nss *nss, struct passwd *pw,
struct lbuf *lbuf) struct sudo_lbuf *lbuf)
{ {
struct sudo_ldap_handle *handle = nss->handle; struct sudo_ldap_handle *handle = nss->handle;
LDAP *ld; LDAP *ld;

155
plugins/sudoers/parse.c
View File

@ -43,7 +43,7 @@
#include "sudoers.h" #include "sudoers.h"
#include "parse.h" #include "parse.h"
#include "lbuf.h" #include "sudo_lbuf.h"
#include <gram.h> #include <gram.h>
/* Characters that must be quoted in sudoers */ /* Characters that must be quoted in sudoers */
@ -66,9 +66,10 @@ struct sudo_nss sudo_nss_file = {
/* /*
* Local prototypes. * Local prototypes.
*/ */
static int display_bound_defaults(int dtype, struct lbuf *lbuf); static int display_bound_defaults(int dtype, struct sudo_lbuf *lbuf);
static void print_member(struct lbuf *lbuf, struct member *m, int alias_type); static void print_member(struct sudo_lbuf *lbuf, struct member *m,
static void print_member2(struct lbuf *lbuf, struct member *m, int alias_type);
static void print_member2(struct sudo_lbuf *lbuf, struct member *m,
const char *separator, int alias_type); const char *separator, int alias_type);
int int
@ -291,40 +292,40 @@ sudo_file_lookup(struct sudo_nss *nss, int validated, int pwflag)
static void static void
sudo_file_append_cmnd(struct cmndspec *cs, struct cmndtag *tags, sudo_file_append_cmnd(struct cmndspec *cs, struct cmndtag *tags,
struct lbuf *lbuf) struct sudo_lbuf *lbuf)
{ {
debug_decl(sudo_file_append_cmnd, SUDO_DEBUG_NSS) debug_decl(sudo_file_append_cmnd, SUDO_DEBUG_NSS)
#ifdef HAVE_PRIV_SET #ifdef HAVE_PRIV_SET
if (cs->privs) if (cs->privs)
lbuf_append(lbuf, "PRIVS=\"%s\" ", cs->privs); sudo_lbuf_append(lbuf, "PRIVS=\"%s\" ", cs->privs);
if (cs->limitprivs) if (cs->limitprivs)
lbuf_append(lbuf, "LIMITPRIVS=\"%s\" ", cs->limitprivs); sudo_lbuf_append(lbuf, "LIMITPRIVS=\"%s\" ", cs->limitprivs);
#endif /* HAVE_PRIV_SET */ #endif /* HAVE_PRIV_SET */
#ifdef HAVE_SELINUX #ifdef HAVE_SELINUX
if (cs->role) if (cs->role)
lbuf_append(lbuf, "ROLE=%s ", cs->role); sudo_lbuf_append(lbuf, "ROLE=%s ", cs->role);
if (cs->type) if (cs->type)
lbuf_append(lbuf, "TYPE=%s ", cs->type); sudo_lbuf_append(lbuf, "TYPE=%s ", cs->type);
#endif /* HAVE_SELINUX */ #endif /* HAVE_SELINUX */
if (TAG_CHANGED(setenv)) { if (TAG_CHANGED(setenv)) {
lbuf_append(lbuf, cs->tags.setenv ? "SETENV: " : "NOSETENV: "); sudo_lbuf_append(lbuf, cs->tags.setenv ? "SETENV: " : "NOSETENV: ");
tags->setenv = cs->tags.setenv; tags->setenv = cs->tags.setenv;
} }
if (TAG_CHANGED(noexec)) { if (TAG_CHANGED(noexec)) {
lbuf_append(lbuf, cs->tags.noexec ? "NOEXEC: " : "EXEC: "); sudo_lbuf_append(lbuf, cs->tags.noexec ? "NOEXEC: " : "EXEC: ");
tags->noexec = cs->tags.noexec; tags->noexec = cs->tags.noexec;
} }
if (TAG_CHANGED(nopasswd)) { if (TAG_CHANGED(nopasswd)) {
lbuf_append(lbuf, cs->tags.nopasswd ? "NOPASSWD: " : "PASSWD: "); sudo_lbuf_append(lbuf, cs->tags.nopasswd ? "NOPASSWD: " : "PASSWD: ");
tags->nopasswd = cs->tags.nopasswd; tags->nopasswd = cs->tags.nopasswd;
} }
if (TAG_CHANGED(log_input)) { if (TAG_CHANGED(log_input)) {
lbuf_append(lbuf, cs->tags.log_input ? "LOG_INPUT: " : "NOLOG_INPUT: "); sudo_lbuf_append(lbuf, cs->tags.log_input ? "LOG_INPUT: " : "NOLOG_INPUT: ");
tags->log_input = cs->tags.log_input; tags->log_input = cs->tags.log_input;
} }
if (TAG_CHANGED(log_output)) { if (TAG_CHANGED(log_output)) {
lbuf_append(lbuf, cs->tags.log_output ? "LOG_OUTPUT: " : "NOLOG_OUTPUT: "); sudo_lbuf_append(lbuf, cs->tags.log_output ? "LOG_OUTPUT: " : "NOLOG_OUTPUT: ");
tags->log_output = cs->tags.log_output; tags->log_output = cs->tags.log_output;
} }
print_member(lbuf, cs->cmnd, CMNDALIAS); print_member(lbuf, cs->cmnd, CMNDALIAS);
@ -338,7 +339,7 @@ sudo_file_append_cmnd(struct cmndspec *cs, struct cmndtag *tags,
static int static int
sudo_file_display_priv_short(struct passwd *pw, struct userspec *us, sudo_file_display_priv_short(struct passwd *pw, struct userspec *us,
struct lbuf *lbuf) struct sudo_lbuf *lbuf)
{ {
struct cmndspec *cs, *prev_cs; struct cmndspec *cs, *prev_cs;
struct member *m; struct member *m;
@ -360,41 +361,41 @@ sudo_file_display_priv_short(struct passwd *pw, struct userspec *us,
TAILQ_FOREACH(cs, &priv->cmndlist, entries) { TAILQ_FOREACH(cs, &priv->cmndlist, entries) {
if (RUNAS_CHANGED(cs, prev_cs)) { if (RUNAS_CHANGED(cs, prev_cs)) {
if (cs != TAILQ_FIRST(&priv->cmndlist)) if (cs != TAILQ_FIRST(&priv->cmndlist))
lbuf_append(lbuf, "\n"); sudo_lbuf_append(lbuf, "\n");
lbuf_append(lbuf, " ("); sudo_lbuf_append(lbuf, " (");
if (cs->runasuserlist != NULL) { if (cs->runasuserlist != NULL) {
TAILQ_FOREACH(m, cs->runasuserlist, entries) { TAILQ_FOREACH(m, cs->runasuserlist, entries) {
if (m != TAILQ_FIRST(cs->runasuserlist)) if (m != TAILQ_FIRST(cs->runasuserlist))
lbuf_append(lbuf, ", "); sudo_lbuf_append(lbuf, ", ");
print_member(lbuf, m, RUNASALIAS); print_member(lbuf, m, RUNASALIAS);
} }
} else if (cs->runasgrouplist == NULL) { } else if (cs->runasgrouplist == NULL) {
lbuf_append(lbuf, "%s", def_runas_default); sudo_lbuf_append(lbuf, "%s", def_runas_default);
} else { } else {
lbuf_append(lbuf, "%s", pw->pw_name); sudo_lbuf_append(lbuf, "%s", pw->pw_name);
} }
if (cs->runasgrouplist != NULL) { if (cs->runasgrouplist != NULL) {
lbuf_append(lbuf, " : "); sudo_lbuf_append(lbuf, " : ");
TAILQ_FOREACH(m, cs->runasgrouplist, entries) { TAILQ_FOREACH(m, cs->runasgrouplist, entries) {
if (m != TAILQ_FIRST(cs->runasgrouplist)) if (m != TAILQ_FIRST(cs->runasgrouplist))
lbuf_append(lbuf, ", "); sudo_lbuf_append(lbuf, ", ");
print_member(lbuf, m, RUNASALIAS); print_member(lbuf, m, RUNASALIAS);
} }
} }
lbuf_append(lbuf, ") "); sudo_lbuf_append(lbuf, ") ");
tags.noexec = UNSPEC; tags.noexec = UNSPEC;
tags.setenv = UNSPEC; tags.setenv = UNSPEC;
tags.nopasswd = UNSPEC; tags.nopasswd = UNSPEC;
tags.log_input = UNSPEC; tags.log_input = UNSPEC;
tags.log_output = UNSPEC; tags.log_output = UNSPEC;
} else if (cs != TAILQ_FIRST(&priv->cmndlist)) { } else if (cs != TAILQ_FIRST(&priv->cmndlist)) {
lbuf_append(lbuf, ", "); sudo_lbuf_append(lbuf, ", ");
} }
sudo_file_append_cmnd(cs, &tags, lbuf); sudo_file_append_cmnd(cs, &tags, lbuf);
prev_cs = cs; prev_cs = cs;
nfound++; nfound++;
} }
lbuf_append(lbuf, "\n"); sudo_lbuf_append(lbuf, "\n");
} }
debug_return_int(nfound); debug_return_int(nfound);
} }
@ -435,7 +436,7 @@ new_long_entry(struct cmndspec *cs, struct cmndspec *prev_cs)
static int static int
sudo_file_display_priv_long(struct passwd *pw, struct userspec *us, sudo_file_display_priv_long(struct passwd *pw, struct userspec *us,
struct lbuf *lbuf) struct sudo_lbuf *lbuf)
{ {
struct cmndspec *cs, *prev_cs; struct cmndspec *cs, *prev_cs;
struct member *m; struct member *m;
@ -449,64 +450,64 @@ sudo_file_display_priv_long(struct passwd *pw, struct userspec *us,
prev_cs = NULL; prev_cs = NULL;
TAILQ_FOREACH(cs, &priv->cmndlist, entries) { TAILQ_FOREACH(cs, &priv->cmndlist, entries) {
if (new_long_entry(cs, prev_cs)) { if (new_long_entry(cs, prev_cs)) {
lbuf_append(lbuf, _("\nSudoers entry:\n")); sudo_lbuf_append(lbuf, _("\nSudoers entry:\n"));
lbuf_append(lbuf, _(" RunAsUsers: ")); sudo_lbuf_append(lbuf, _(" RunAsUsers: "));
if (cs->runasuserlist != NULL) { if (cs->runasuserlist != NULL) {
TAILQ_FOREACH(m, cs->runasuserlist, entries) { TAILQ_FOREACH(m, cs->runasuserlist, entries) {
if (m != TAILQ_FIRST(cs->runasuserlist)) if (m != TAILQ_FIRST(cs->runasuserlist))
lbuf_append(lbuf, ", "); sudo_lbuf_append(lbuf, ", ");
print_member(lbuf, m, RUNASALIAS); print_member(lbuf, m, RUNASALIAS);
} }
} else if (cs->runasgrouplist == NULL) { } else if (cs->runasgrouplist == NULL) {
lbuf_append(lbuf, "%s", def_runas_default); sudo_lbuf_append(lbuf, "%s", def_runas_default);
} else { } else {
lbuf_append(lbuf, "%s", pw->pw_name); sudo_lbuf_append(lbuf, "%s", pw->pw_name);
} }
lbuf_append(lbuf, "\n"); sudo_lbuf_append(lbuf, "\n");
if (cs->runasgrouplist != NULL) { if (cs->runasgrouplist != NULL) {
lbuf_append(lbuf, _(" RunAsGroups: ")); sudo_lbuf_append(lbuf, _(" RunAsGroups: "));
TAILQ_FOREACH(m, cs->runasgrouplist, entries) { TAILQ_FOREACH(m, cs->runasgrouplist, entries) {
if (m != TAILQ_FIRST(cs->runasgrouplist)) if (m != TAILQ_FIRST(cs->runasgrouplist))
lbuf_append(lbuf, ", "); sudo_lbuf_append(lbuf, ", ");
print_member(lbuf, m, RUNASALIAS); print_member(lbuf, m, RUNASALIAS);
} }
lbuf_append(lbuf, "\n"); sudo_lbuf_append(lbuf, "\n");
} }
olen = lbuf->len; olen = lbuf->len;
lbuf_append(lbuf, _(" Options: ")); sudo_lbuf_append(lbuf, _(" Options: "));
if (TAG_SET(cs->tags.setenv)) if (TAG_SET(cs->tags.setenv))
lbuf_append(lbuf, "%ssetenv, ", cs->tags.setenv ? "" : "!"); sudo_lbuf_append(lbuf, "%ssetenv, ", cs->tags.setenv ? "" : "!");
if (TAG_SET(cs->tags.noexec)) if (TAG_SET(cs->tags.noexec))
lbuf_append(lbuf, "%snoexec, ", cs->tags.noexec ? "" : "!"); sudo_lbuf_append(lbuf, "%snoexec, ", cs->tags.noexec ? "" : "!");
if (TAG_SET(cs->tags.nopasswd)) if (TAG_SET(cs->tags.nopasswd))
lbuf_append(lbuf, "%sauthenticate, ", cs->tags.nopasswd ? "!" : ""); sudo_lbuf_append(lbuf, "%sauthenticate, ", cs->tags.nopasswd ? "!" : "");
if (TAG_SET(cs->tags.log_input)) if (TAG_SET(cs->tags.log_input))
lbuf_append(lbuf, "%slog_input, ", cs->tags.log_input ? "" : "!"); sudo_lbuf_append(lbuf, "%slog_input, ", cs->tags.log_input ? "" : "!");
if (TAG_SET(cs->tags.log_output)) if (TAG_SET(cs->tags.log_output))
lbuf_append(lbuf, "%slog_output, ", cs->tags.log_output ? "" : "!"); sudo_lbuf_append(lbuf, "%slog_output, ", cs->tags.log_output ? "" : "!");
if (lbuf->buf[lbuf->len - 2] == ',') { if (lbuf->buf[lbuf->len - 2] == ',') {
lbuf->len -= 2; /* remove trailing ", " */ lbuf->len -= 2; /* remove trailing ", " */
lbuf_append(lbuf, "\n"); sudo_lbuf_append(lbuf, "\n");
} else { } else {
lbuf->len = olen; /* no options */ lbuf->len = olen; /* no options */
} }
#ifdef HAVE_PRIV_SET #ifdef HAVE_PRIV_SET
if (cs->privs) if (cs->privs)
lbuf_append(lbuf, " Privs: %s\n", cs->privs); sudo_lbuf_append(lbuf, " Privs: %s\n", cs->privs);
if (cs->limitprivs) if (cs->limitprivs)
lbuf_append(lbuf, " Limitprivs: %s\n", cs->limitprivs); sudo_lbuf_append(lbuf, " Limitprivs: %s\n", cs->limitprivs);
#endif /* HAVE_PRIV_SET */ #endif /* HAVE_PRIV_SET */
#ifdef HAVE_SELINUX #ifdef HAVE_SELINUX
if (cs->role) if (cs->role)
lbuf_append(lbuf, " Role: %s\n", cs->role); sudo_lbuf_append(lbuf, " Role: %s\n", cs->role);
if (cs->type) if (cs->type)
lbuf_append(lbuf, " Type: %s\n", cs->type); sudo_lbuf_append(lbuf, " Type: %s\n", cs->type);
#endif /* HAVE_SELINUX */ #endif /* HAVE_SELINUX */
lbuf_append(lbuf, _(" Commands:\n")); sudo_lbuf_append(lbuf, _(" Commands:\n"));
} }
lbuf_append(lbuf, "\t"); sudo_lbuf_append(lbuf, "\t");
print_member2(lbuf, cs->cmnd, "\n\t", CMNDALIAS); print_member2(lbuf, cs->cmnd, "\n\t", CMNDALIAS);
lbuf_append(lbuf, "\n"); sudo_lbuf_append(lbuf, "\n");
prev_cs = cs; prev_cs = cs;
nfound++; nfound++;
} }
@ -516,7 +517,7 @@ sudo_file_display_priv_long(struct passwd *pw, struct userspec *us,
int int
sudo_file_display_privs(struct sudo_nss *nss, struct passwd *pw, sudo_file_display_privs(struct sudo_nss *nss, struct passwd *pw,
struct lbuf *lbuf) struct sudo_lbuf *lbuf)
{ {
struct userspec *us; struct userspec *us;
int nfound = 0; int nfound = 0;
@ -543,7 +544,7 @@ done:
*/ */
int int
sudo_file_display_defaults(struct sudo_nss *nss, struct passwd *pw, sudo_file_display_defaults(struct sudo_nss *nss, struct passwd *pw,
struct lbuf *lbuf) struct sudo_lbuf *lbuf)
{ {
struct defaults *d; struct defaults *d;
char *prefix; char *prefix;
@ -573,16 +574,16 @@ sudo_file_display_defaults(struct sudo_nss *nss, struct passwd *pw,
continue; continue;
} }
if (d->val != NULL) { if (d->val != NULL) {
lbuf_append(lbuf, "%s%s%s", prefix, d->var, sudo_lbuf_append(lbuf, "%s%s%s", prefix, d->var,
d->op == '+' ? "+=" : d->op == '-' ? "-=" : "="); d->op == '+' ? "+=" : d->op == '-' ? "-=" : "=");
if (strpbrk(d->val, " \t") != NULL) { if (strpbrk(d->val, " \t") != NULL) {
lbuf_append(lbuf, "\""); sudo_lbuf_append(lbuf, "\"");
lbuf_append_quoted(lbuf, "\"", "%s", d->val); sudo_lbuf_append_quoted(lbuf, "\"", "%s", d->val);
lbuf_append(lbuf, "\""); sudo_lbuf_append(lbuf, "\"");
} else } else
lbuf_append_quoted(lbuf, SUDOERS_QUOTED, "%s", d->val); sudo_lbuf_append_quoted(lbuf, SUDOERS_QUOTED, "%s", d->val);
} else } else
lbuf_append(lbuf, "%s%s%s", prefix, sudo_lbuf_append(lbuf, "%s%s%s", prefix,
d->op == false ? "!" : "", d->var); d->op == false ? "!" : "", d->var);
prefix = ", "; prefix = ", ";
nfound++; nfound++;
@ -596,7 +597,7 @@ done:
*/ */
int int
sudo_file_display_bound_defaults(struct sudo_nss *nss, struct passwd *pw, sudo_file_display_bound_defaults(struct sudo_nss *nss, struct passwd *pw,
struct lbuf *lbuf) struct sudo_lbuf *lbuf)
{ {
int nfound = 0; int nfound = 0;
debug_decl(sudo_file_display_bound_defaults, SUDO_DEBUG_NSS) debug_decl(sudo_file_display_bound_defaults, SUDO_DEBUG_NSS)
@ -612,7 +613,7 @@ sudo_file_display_bound_defaults(struct sudo_nss *nss, struct passwd *pw,
* Display Defaults entries of the given type. * Display Defaults entries of the given type.
*/ */
static int static int
display_bound_defaults(int dtype, struct lbuf *lbuf) display_bound_defaults(int dtype, struct sudo_lbuf *lbuf)
{ {
struct defaults *d; struct defaults *d;
struct member_list *binding = NULL; struct member_list *binding = NULL;
@ -649,21 +650,21 @@ display_bound_defaults(int dtype, struct lbuf *lbuf)
if (binding != d->binding) { if (binding != d->binding) {
binding = d->binding; binding = d->binding;
if (nfound != 1) if (nfound != 1)
lbuf_append(lbuf, "\n"); sudo_lbuf_append(lbuf, "\n");
lbuf_append(lbuf, " Defaults%s", dsep); sudo_lbuf_append(lbuf, " Defaults%s", dsep);
TAILQ_FOREACH(m, binding, entries) { TAILQ_FOREACH(m, binding, entries) {
if (m != TAILQ_FIRST(binding)) if (m != TAILQ_FIRST(binding))
lbuf_append(lbuf, ","); sudo_lbuf_append(lbuf, ",");
print_member(lbuf, m, atype); print_member(lbuf, m, atype);
lbuf_append(lbuf, " "); sudo_lbuf_append(lbuf, " ");
} }
} else } else
lbuf_append(lbuf, ", "); sudo_lbuf_append(lbuf, ", ");
if (d->val != NULL) { if (d->val != NULL) {
lbuf_append(lbuf, "%s%s%s", d->var, d->op == '+' ? "+=" : sudo_lbuf_append(lbuf, "%s%s%s", d->var, d->op == '+' ? "+=" :
d->op == '-' ? "-=" : "=", d->val); d->op == '-' ? "-=" : "=", d->val);
} else } else
lbuf_append(lbuf, "%s%s", d->op == false ? "!" : "", d->var); sudo_lbuf_append(lbuf, "%s%s", d->op == false ? "!" : "", d->var);
} }
debug_return_int(nfound); debug_return_int(nfound);
@ -720,7 +721,7 @@ done:
* Print the contents of a struct member to stdout * Print the contents of a struct member to stdout
*/ */
static void static void
_print_member(struct lbuf *lbuf, char *name, int type, int negated, _print_member(struct sudo_lbuf *lbuf, char *name, int type, int negated,
const char *separator, int alias_type) const char *separator, int alias_type)
{ {
struct alias *a; struct alias *a;
@ -730,26 +731,26 @@ _print_member(struct lbuf *lbuf, char *name, int type, int negated,
switch (type) { switch (type) {
case ALL: case ALL:
lbuf_append(lbuf, "%sALL", negated ? "!" : ""); sudo_lbuf_append(lbuf, "%sALL", negated ? "!" : "");
break; break;
case MYSELF: case MYSELF:
lbuf_append(lbuf, "%s%s", negated ? "!" : "", user_name); sudo_lbuf_append(lbuf, "%s%s", negated ? "!" : "", user_name);
break; break;
case COMMAND: case COMMAND:
c = (struct sudo_command *) name; c = (struct sudo_command *) name;
if (negated) if (negated)
lbuf_append(lbuf, "!"); sudo_lbuf_append(lbuf, "!");
lbuf_append_quoted(lbuf, SUDOERS_QUOTED, "%s", c->cmnd); sudo_lbuf_append_quoted(lbuf, SUDOERS_QUOTED, "%s", c->cmnd);
if (c->args) { if (c->args) {
lbuf_append(lbuf, " "); sudo_lbuf_append(lbuf, " ");
lbuf_append_quoted(lbuf, SUDOERS_QUOTED, "%s", c->args); sudo_lbuf_append_quoted(lbuf, SUDOERS_QUOTED, "%s", c->args);
} }
break; break;
case ALIAS: case ALIAS:
if ((a = alias_get(name, alias_type)) != NULL) { if ((a = alias_get(name, alias_type)) != NULL) {
TAILQ_FOREACH(m, &a->members, entries) { TAILQ_FOREACH(m, &a->members, entries) {
if (m != TAILQ_FIRST(&a->members)) if (m != TAILQ_FIRST(&a->members))
lbuf_append(lbuf, "%s", separator); sudo_lbuf_append(lbuf, "%s", separator);
_print_member(lbuf, m->name, m->type, _print_member(lbuf, m->name, m->type,
negated ? !m->negated : m->negated, separator, negated ? !m->negated : m->negated, separator,
alias_type); alias_type);
@ -759,20 +760,20 @@ _print_member(struct lbuf *lbuf, char *name, int type, int negated,
} }
/* FALLTHROUGH */ /* FALLTHROUGH */
default: default:
lbuf_append(lbuf, "%s%s", negated ? "!" : "", name); sudo_lbuf_append(lbuf, "%s%s", negated ? "!" : "", name);
break; break;
} }
debug_return; debug_return;
} }
static void static void
print_member(struct lbuf *lbuf, struct member *m, int alias_type) print_member(struct sudo_lbuf *lbuf, struct member *m, int alias_type)
{ {
_print_member(lbuf, m->name, m->type, m->negated, ", ", alias_type); _print_member(lbuf, m->name, m->type, m->negated, ", ", alias_type);
} }
static void static void
print_member2(struct lbuf *lbuf, struct member *m, const char *separator, print_member2(struct sudo_lbuf *lbuf, struct member *m, const char *separator,
int alias_type) int alias_type)
{ {
_print_member(lbuf, m->name, m->type, m->negated, separator, alias_type); _print_member(lbuf, m->name, m->type, m->negated, separator, alias_type);

70
plugins/sudoers/sssd.c
View File

@ -52,7 +52,7 @@
#include "sudoers.h" #include "sudoers.h"
#include "parse.h" #include "parse.h"
#include "lbuf.h" #include "sudo_lbuf.h"
#include "sudo_dso.h" #include "sudo_dso.h"
#include "sudo_debug.h" #include "sudo_debug.h"
@ -108,13 +108,13 @@ static int sudo_sss_setdefs(struct sudo_nss *nss);
static int sudo_sss_lookup(struct sudo_nss *nss, int ret, int pwflag); static int sudo_sss_lookup(struct sudo_nss *nss, int ret, int pwflag);
static int sudo_sss_display_cmnd(struct sudo_nss *nss, struct passwd *pw); static int sudo_sss_display_cmnd(struct sudo_nss *nss, struct passwd *pw);
static int sudo_sss_display_defaults(struct sudo_nss *nss, struct passwd *pw, static int sudo_sss_display_defaults(struct sudo_nss *nss, struct passwd *pw,
struct lbuf *lbuf); struct sudo_lbuf *lbuf);
static int sudo_sss_display_bound_defaults(struct sudo_nss *nss, static int sudo_sss_display_bound_defaults(struct sudo_nss *nss,
struct passwd *pw, struct lbuf *lbuf); struct passwd *pw, struct sudo_lbuf *lbuf);
static int sudo_sss_display_privs(struct sudo_nss *nss, struct passwd *pw, static int sudo_sss_display_privs(struct sudo_nss *nss, struct passwd *pw,
struct lbuf *lbuf); struct sudo_lbuf *sudo_lbuf);
static struct sss_sudo_result *sudo_sss_result_get(struct sudo_nss *nss, static struct sss_sudo_result *sudo_sss_result_get(struct sudo_nss *nss,
@ -1144,7 +1144,7 @@ done:
static int static int
sudo_sss_display_defaults(struct sudo_nss *nss, struct passwd *pw, sudo_sss_display_defaults(struct sudo_nss *nss, struct passwd *pw,
struct lbuf *lbuf) struct sudo_lbuf *lbuf)
{ {
struct sudo_sss_handle *handle = nss->handle; struct sudo_sss_handle *handle = nss->handle;
struct sss_sudo_rule *rule; struct sss_sudo_rule *rule;
@ -1196,7 +1196,7 @@ sudo_sss_display_defaults(struct sudo_nss *nss, struct passwd *pw,
for (j = 0; val_array[j] != NULL; ++j) { for (j = 0; val_array[j] != NULL; ++j) {
val = val_array[j]; val = val_array[j];
lbuf_append(lbuf, "%s%s", prefix, val); sudo_lbuf_append(lbuf, "%s%s", prefix, val);
prefix = ", "; prefix = ", ";
count++; count++;
} }
@ -1213,7 +1213,7 @@ done:
// ok // ok
static int static int
sudo_sss_display_bound_defaults(struct sudo_nss *nss, sudo_sss_display_bound_defaults(struct sudo_nss *nss,
struct passwd *pw, struct lbuf *lbuf) struct passwd *pw, struct sudo_lbuf *lbuf)
{ {
debug_decl(sudo_sss_display_bound_defaults, SUDO_DEBUG_SSSD); debug_decl(sudo_sss_display_bound_defaults, SUDO_DEBUG_SSSD);
debug_return_int(0); debug_return_int(0);
@ -1221,30 +1221,30 @@ sudo_sss_display_bound_defaults(struct sudo_nss *nss,
static int static int
sudo_sss_display_entry_long(struct sudo_sss_handle *handle, sudo_sss_display_entry_long(struct sudo_sss_handle *handle,
struct sss_sudo_rule *rule, struct lbuf *lbuf) struct sss_sudo_rule *rule, struct sudo_lbuf *lbuf)
{ {
char **val_array = NULL; char **val_array = NULL;
int count = 0, i; int count = 0, i;
debug_decl(sudo_sss_display_entry_long, SUDO_DEBUG_SSSD); debug_decl(sudo_sss_display_entry_long, SUDO_DEBUG_SSSD);
/* get the RunAsUser Values from the entry */ /* get the RunAsUser Values from the entry */
lbuf_append(lbuf, " RunAsUsers: "); sudo_lbuf_append(lbuf, " RunAsUsers: ");
switch (handle->fn_get_values(rule, "sudoRunAsUser", &val_array)) { switch (handle->fn_get_values(rule, "sudoRunAsUser", &val_array)) {
case 0: case 0:
for (i = 0; val_array[i] != NULL; ++i) for (i = 0; val_array[i] != NULL; ++i)
lbuf_append(lbuf, "%s%s", i != 0 ? ", " : "", val_array[i]); sudo_lbuf_append(lbuf, "%s%s", i != 0 ? ", " : "", val_array[i]);
handle->fn_free_values(val_array); handle->fn_free_values(val_array);
break; break;
case ENOENT: case ENOENT:
switch (handle->fn_get_values(rule, "sudoRunAs", &val_array)) { switch (handle->fn_get_values(rule, "sudoRunAs", &val_array)) {
case 0: case 0:
for (i = 0; val_array[i] != NULL; ++i) for (i = 0; val_array[i] != NULL; ++i)
lbuf_append(lbuf, "%s%s", i != 0 ? ", " : "", val_array[i]); sudo_lbuf_append(lbuf, "%s%s", i != 0 ? ", " : "", val_array[i]);
handle->fn_free_values(val_array); handle->fn_free_values(val_array);
break; break;
case ENOENT: case ENOENT:
sudo_debug_printf(SUDO_DEBUG_INFO, "No result."); sudo_debug_printf(SUDO_DEBUG_INFO, "No result.");
lbuf_append(lbuf, "%s", def_runas_default); sudo_lbuf_append(lbuf, "%s", def_runas_default);
break; break;
default: default:
sudo_debug_printf(SUDO_DEBUG_INFO, "handle->fn_get_values(sudoRunAs): != 0"); sudo_debug_printf(SUDO_DEBUG_INFO, "handle->fn_get_values(sudoRunAs): != 0");
@ -1255,16 +1255,16 @@ sudo_sss_display_entry_long(struct sudo_sss_handle *handle,
sudo_debug_printf(SUDO_DEBUG_INFO, "handle->fn_get_values(sudoRunAsUser): != 0"); sudo_debug_printf(SUDO_DEBUG_INFO, "handle->fn_get_values(sudoRunAsUser): != 0");
debug_return_int(count); debug_return_int(count);
} }
lbuf_append(lbuf, "\n"); sudo_lbuf_append(lbuf, "\n");
/* get the RunAsGroup Values from the entry */ /* get the RunAsGroup Values from the entry */
switch (handle->fn_get_values(rule, "sudoRunAsGroup", &val_array)) { switch (handle->fn_get_values(rule, "sudoRunAsGroup", &val_array)) {
case 0: case 0:
lbuf_append(lbuf, " RunAsGroups: "); sudo_lbuf_append(lbuf, " RunAsGroups: ");
for (i = 0; val_array[i] != NULL; ++i) for (i = 0; val_array[i] != NULL; ++i)
lbuf_append(lbuf, "%s%s", i != 0 ? ", " : "", val_array[i]); sudo_lbuf_append(lbuf, "%s%s", i != 0 ? ", " : "", val_array[i]);
handle->fn_free_values(val_array); handle->fn_free_values(val_array);
lbuf_append(lbuf, "\n"); sudo_lbuf_append(lbuf, "\n");
break; break;
case ENOENT: case ENOENT:
sudo_debug_printf(SUDO_DEBUG_INFO, "No result."); sudo_debug_printf(SUDO_DEBUG_INFO, "No result.");
@ -1278,11 +1278,11 @@ sudo_sss_display_entry_long(struct sudo_sss_handle *handle,
/* get the Option Values from the entry */ /* get the Option Values from the entry */
switch (handle->fn_get_values(rule, "sudoOption", &val_array)) { switch (handle->fn_get_values(rule, "sudoOption", &val_array)) {
case 0: case 0:
lbuf_append(lbuf, " Options: "); sudo_lbuf_append(lbuf, " Options: ");
for (i = 0; val_array[i] != NULL; ++i) for (i = 0; val_array[i] != NULL; ++i)
lbuf_append(lbuf, "%s%s", i != 0 ? ", " : "", val_array[i]); sudo_lbuf_append(lbuf, "%s%s", i != 0 ? ", " : "", val_array[i]);
handle->fn_free_values(val_array); handle->fn_free_values(val_array);
lbuf_append(lbuf, "\n"); sudo_lbuf_append(lbuf, "\n");
break; break;
case ENOENT: case ENOENT:
sudo_debug_printf(SUDO_DEBUG_INFO, "No result."); sudo_debug_printf(SUDO_DEBUG_INFO, "No result.");
@ -1295,9 +1295,9 @@ sudo_sss_display_entry_long(struct sudo_sss_handle *handle,
/* Get the command values from the entry. */ /* Get the command values from the entry. */
switch (handle->fn_get_values(rule, "sudoCommand", &val_array)) { switch (handle->fn_get_values(rule, "sudoCommand", &val_array)) {
case 0: case 0:
lbuf_append(lbuf, _(" Commands:\n")); sudo_lbuf_append(lbuf, _(" Commands:\n"));
for (i = 0; val_array[i] != NULL; ++i) { for (i = 0; val_array[i] != NULL; ++i) {
lbuf_append(lbuf, "\t%s\n", val_array[i]); sudo_lbuf_append(lbuf, "\t%s\n", val_array[i]);
count++; count++;
} }
handle->fn_free_values(val_array); handle->fn_free_values(val_array);
@ -1316,19 +1316,19 @@ sudo_sss_display_entry_long(struct sudo_sss_handle *handle,
static int static int
sudo_sss_display_entry_short(struct sudo_sss_handle *handle, sudo_sss_display_entry_short(struct sudo_sss_handle *handle,
struct sss_sudo_rule *rule, struct lbuf *lbuf) struct sss_sudo_rule *rule, struct sudo_lbuf *lbuf)
{ {
char **val_array = NULL; char **val_array = NULL;
int count = 0, i; int count = 0, i;
debug_decl(sudo_sss_display_entry_short, SUDO_DEBUG_SSSD); debug_decl(sudo_sss_display_entry_short, SUDO_DEBUG_SSSD);
lbuf_append(lbuf, " ("); sudo_lbuf_append(lbuf, " (");
/* get the RunAsUser Values from the entry */ /* get the RunAsUser Values from the entry */
switch (handle->fn_get_values(rule, "sudoRunAsUser", &val_array)) { switch (handle->fn_get_values(rule, "sudoRunAsUser", &val_array)) {
case 0: case 0:
for (i = 0; val_array[i] != NULL; ++i) for (i = 0; val_array[i] != NULL; ++i)
lbuf_append(lbuf, "%s%s", i != 0 ? ", " : "", val_array[i]); sudo_lbuf_append(lbuf, "%s%s", i != 0 ? ", " : "", val_array[i]);
handle->fn_free_values(val_array); handle->fn_free_values(val_array);
break; break;
case ENOENT: case ENOENT:
@ -1337,12 +1337,12 @@ sudo_sss_display_entry_short(struct sudo_sss_handle *handle,
switch (handle->fn_get_values(rule, "sudoRunAs", &val_array)) { switch (handle->fn_get_values(rule, "sudoRunAs", &val_array)) {
case 0: case 0:
for (i = 0; val_array[i] != NULL; ++i) for (i = 0; val_array[i] != NULL; ++i)
lbuf_append(lbuf, "%s%s", i != 0 ? ", " : "", val_array[i]); sudo_lbuf_append(lbuf, "%s%s", i != 0 ? ", " : "", val_array[i]);
handle->fn_free_values(val_array); handle->fn_free_values(val_array);
break; break;
case ENOENT: case ENOENT:
sudo_debug_printf(SUDO_DEBUG_INFO, "No result."); sudo_debug_printf(SUDO_DEBUG_INFO, "No result.");
lbuf_append(lbuf, "%s", def_runas_default); sudo_lbuf_append(lbuf, "%s", def_runas_default);
break; break;
default: default:
sudo_debug_printf(SUDO_DEBUG_INFO, sudo_debug_printf(SUDO_DEBUG_INFO,
@ -1359,9 +1359,9 @@ sudo_sss_display_entry_short(struct sudo_sss_handle *handle,
/* get the RunAsGroup Values from the entry */ /* get the RunAsGroup Values from the entry */
switch (handle->fn_get_values(rule, "sudoRunAsGroup", &val_array)) { switch (handle->fn_get_values(rule, "sudoRunAsGroup", &val_array)) {
case 0: case 0:
lbuf_append(lbuf, " : "); sudo_lbuf_append(lbuf, " : ");
for (i = 0; val_array[i] != NULL; ++i) for (i = 0; val_array[i] != NULL; ++i)
lbuf_append(lbuf, "%s%s", i != 0 ? ", " : "", val_array[i]); sudo_lbuf_append(lbuf, "%s%s", i != 0 ? ", " : "", val_array[i]);
handle->fn_free_values(val_array); handle->fn_free_values(val_array);
break; break;
case ENOENT: case ENOENT:
@ -1372,7 +1372,7 @@ sudo_sss_display_entry_short(struct sudo_sss_handle *handle,
debug_return_int(count); debug_return_int(count);
} }
lbuf_append(lbuf, ") "); sudo_lbuf_append(lbuf, ") ");
/* get the Option Values from the entry */ /* get the Option Values from the entry */
switch (handle->fn_get_values(rule, "sudoOption", &val_array)) { switch (handle->fn_get_values(rule, "sudoOption", &val_array)) {
@ -1382,13 +1382,13 @@ sudo_sss_display_entry_short(struct sudo_sss_handle *handle,
if (*cp == '!') if (*cp == '!')
cp++; cp++;
if (strcmp(cp, "authenticate") == 0) if (strcmp(cp, "authenticate") == 0)
lbuf_append(lbuf, val_array[i][0] == '!' ? sudo_lbuf_append(lbuf, val_array[i][0] == '!' ?
"NOPASSWD: " : "PASSWD: "); "NOPASSWD: " : "PASSWD: ");
else if (strcmp(cp, "noexec") == 0) else if (strcmp(cp, "noexec") == 0)
lbuf_append(lbuf, val_array[i][0] == '!' ? sudo_lbuf_append(lbuf, val_array[i][0] == '!' ?
"EXEC: " : "NOEXEC: "); "EXEC: " : "NOEXEC: ");
else if (strcmp(cp, "setenv") == 0) else if (strcmp(cp, "setenv") == 0)
lbuf_append(lbuf, val_array[i][0] == '!' ? sudo_lbuf_append(lbuf, val_array[i][0] == '!' ?
"NOSETENV: " : "SETENV: "); "NOSETENV: " : "SETENV: ");
} }
handle->fn_free_values(val_array); handle->fn_free_values(val_array);
@ -1406,7 +1406,7 @@ sudo_sss_display_entry_short(struct sudo_sss_handle *handle,
switch (handle->fn_get_values(rule, "sudoCommand", &val_array)) { switch (handle->fn_get_values(rule, "sudoCommand", &val_array)) {
case 0: case 0:
for (i = 0; val_array[i] != NULL; ++i) { for (i = 0; val_array[i] != NULL; ++i) {
lbuf_append(lbuf, "%s%s", i != 0 ? ", " : "", val_array[i]); sudo_lbuf_append(lbuf, "%s%s", i != 0 ? ", " : "", val_array[i]);
count++; count++;
} }
handle->fn_free_values(val_array); handle->fn_free_values(val_array);
@ -1419,14 +1419,14 @@ sudo_sss_display_entry_short(struct sudo_sss_handle *handle,
"handle->fn_get_values(sudoCommand): != 0"); "handle->fn_get_values(sudoCommand): != 0");
debug_return_int(count); debug_return_int(count);
} }
lbuf_append(lbuf, "\n"); sudo_lbuf_append(lbuf, "\n");
debug_return_int(count); debug_return_int(count);
} }
static int static int
sudo_sss_display_privs(struct sudo_nss *nss, struct passwd *pw, sudo_sss_display_privs(struct sudo_nss *nss, struct passwd *pw,
struct lbuf *lbuf) struct sudo_lbuf *lbuf)
{ {
struct sudo_sss_handle *handle = nss->handle; struct sudo_sss_handle *handle = nss->handle;

28
plugins/sudoers/sudo_nss.c
View File

@ -42,7 +42,7 @@
#include <ctype.h> #include <ctype.h>
#include "sudoers.h" #include "sudoers.h"
#include "lbuf.h" #include "sudo_lbuf.h"
extern struct sudo_nss sudo_nss_file; extern struct sudo_nss sudo_nss_file;
#ifdef HAVE_LDAP #ifdef HAVE_LDAP
@ -270,7 +270,7 @@ void
display_privs(struct sudo_nss_list *snl, struct passwd *pw) display_privs(struct sudo_nss_list *snl, struct passwd *pw)
{ {
struct sudo_nss *nss; struct sudo_nss *nss;
struct lbuf defs, privs; struct sudo_lbuf defs, privs;
struct stat sb; struct stat sb;
int cols, count, olen; int cols, count, olen;
debug_decl(display_privs, SUDO_DEBUG_NSS) debug_decl(display_privs, SUDO_DEBUG_NSS)
@ -278,36 +278,36 @@ display_privs(struct sudo_nss_list *snl, struct passwd *pw)
cols = sudo_user.cols; cols = sudo_user.cols;
if (fstat(STDOUT_FILENO, &sb) == 0 && S_ISFIFO(sb.st_mode)) if (fstat(STDOUT_FILENO, &sb) == 0 && S_ISFIFO(sb.st_mode))
cols = 0; cols = 0;
lbuf_init(&defs, output, 4, NULL, cols); sudo_lbuf_init(&defs, output, 4, NULL, cols);
lbuf_init(&privs, output, 8, NULL, cols); sudo_lbuf_init(&privs, output, 8, NULL, cols);
/* Display defaults from all sources. */ /* Display defaults from all sources. */
lbuf_append(&defs, _("Matching Defaults entries for %s on %s:\n"), sudo_lbuf_append(&defs, _("Matching Defaults entries for %s on %s:\n"),
pw->pw_name, user_srunhost); pw->pw_name, user_srunhost);
count = 0; count = 0;
TAILQ_FOREACH(nss, snl, entries) { TAILQ_FOREACH(nss, snl, entries) {
count += nss->display_defaults(nss, pw, &defs); count += nss->display_defaults(nss, pw, &defs);
} }
if (count) if (count)
lbuf_append(&defs, "\n\n"); sudo_lbuf_append(&defs, "\n\n");
else else
defs.len = 0; defs.len = 0;
/* Display Runas and Cmnd-specific defaults from all sources. */ /* Display Runas and Cmnd-specific defaults from all sources. */
olen = defs.len; olen = defs.len;
lbuf_append(&defs, _("Runas and Command-specific defaults for %s:\n"), sudo_lbuf_append(&defs, _("Runas and Command-specific defaults for %s:\n"),
pw->pw_name); pw->pw_name);
count = 0; count = 0;
TAILQ_FOREACH(nss, snl, entries) { TAILQ_FOREACH(nss, snl, entries) {
count += nss->display_bound_defaults(nss, pw, &defs); count += nss->display_bound_defaults(nss, pw, &defs);
} }
if (count) if (count)
lbuf_append(&defs, "\n\n"); sudo_lbuf_append(&defs, "\n\n");
else else
defs.len = olen; defs.len = olen;
/* Display privileges from all sources. */ /* Display privileges from all sources. */
lbuf_append(&privs, sudo_lbuf_append(&privs,
_("User %s may run the following commands on %s:\n"), _("User %s may run the following commands on %s:\n"),
pw->pw_name, user_srunhost); pw->pw_name, user_srunhost);
count = 0; count = 0;
@ -317,14 +317,14 @@ display_privs(struct sudo_nss_list *snl, struct passwd *pw)
if (count == 0) { if (count == 0) {
defs.len = 0; defs.len = 0;
privs.len = 0; privs.len = 0;
lbuf_append(&privs, _("User %s is not allowed to run sudo on %s.\n"), sudo_lbuf_append(&privs, _("User %s is not allowed to run sudo on %s.\n"),
pw->pw_name, user_shost); pw->pw_name, user_shost);
} }
lbuf_print(&defs); sudo_lbuf_print(&defs);
lbuf_print(&privs); sudo_lbuf_print(&privs);
lbuf_destroy(&defs); sudo_lbuf_destroy(&defs);
lbuf_destroy(&privs); sudo_lbuf_destroy(&privs);
debug_return; debug_return;
} }

8
plugins/sudoers/sudo_nss.h
View File

@ -17,7 +17,7 @@
#ifndef _SUDOERS_NSS_H #ifndef _SUDOERS_NSS_H
#define _SUDOERS_NSS_H #define _SUDOERS_NSS_H
struct lbuf; struct sudo_lbuf;
struct passwd; struct passwd;
struct sudo_nss { struct sudo_nss {
@ -28,9 +28,9 @@ struct sudo_nss {
int (*setdefs)(struct sudo_nss *nss); int (*setdefs)(struct sudo_nss *nss);
int (*lookup)(struct sudo_nss *nss, int, int); int (*lookup)(struct sudo_nss *nss, int, int);
int (*display_cmnd)(struct sudo_nss *nss, struct passwd *); int (*display_cmnd)(struct sudo_nss *nss, struct passwd *);
int (*display_defaults)(struct sudo_nss *nss, struct passwd *, struct lbuf *); int (*display_defaults)(struct sudo_nss *nss, struct passwd *, struct sudo_lbuf *);
int (*display_bound_defaults)(struct sudo_nss *nss, struct passwd *, struct lbuf *); int (*display_bound_defaults)(struct sudo_nss *nss, struct passwd *, struct sudo_lbuf *);
int (*display_privs)(struct sudo_nss *nss, struct passwd *, struct lbuf *); int (*display_privs)(struct sudo_nss *nss, struct passwd *, struct sudo_lbuf *);
void *handle; void *handle;
short ret_if_found; short ret_if_found;
short ret_if_notfound; short ret_if_notfound;

8
plugins/sudoers/sudoers.h
View File

@ -214,7 +214,7 @@ struct sudo_user {
#endif #endif
#define ROOT_GID 0 #define ROOT_GID 0
struct lbuf; struct sudo_lbuf;
struct passwd; struct passwd;
struct stat; struct stat;
struct timeval; struct timeval;
@ -256,9 +256,9 @@ int sudo_file_setdefs(struct sudo_nss *);
int sudo_file_lookup(struct sudo_nss *, int, int); int sudo_file_lookup(struct sudo_nss *, int, int);
int sudo_file_parse(struct sudo_nss *); int sudo_file_parse(struct sudo_nss *);
int sudo_file_display_cmnd(struct sudo_nss *, struct passwd *); int sudo_file_display_cmnd(struct sudo_nss *, struct passwd *);
int sudo_file_display_defaults(struct sudo_nss *, struct passwd *, struct lbuf *); int sudo_file_display_defaults(struct sudo_nss *, struct passwd *, struct sudo_lbuf *);
int sudo_file_display_bound_defaults(struct sudo_nss *, struct passwd *, struct lbuf *); int sudo_file_display_bound_defaults(struct sudo_nss *, struct passwd *, struct sudo_lbuf *);
int sudo_file_display_privs(struct sudo_nss *, struct passwd *, struct lbuf *); int sudo_file_display_privs(struct sudo_nss *, struct passwd *, struct sudo_lbuf *);
/* set_perms.c */ /* set_perms.c */
bool rewind_perms(void); bool rewind_perms(void);

8
plugins/sudoers/toke.c
View File

@ -2003,7 +2003,7 @@ char *yytext;
#include "parse.h" #include "parse.h"
#include "toke.h" #include "toke.h"
#include <gram.h> #include <gram.h>
#include "lbuf.h" #include "sudo_lbuf.h"
#include "secure_path.h" #include "secure_path.h"
#ifdef HAVE_SHA224UPDATE #ifdef HAVE_SHA224UPDATE
@ -4380,14 +4380,14 @@ int
sudoers_trace_print(const char *msg) sudoers_trace_print(const char *msg)
{ {
static bool initialized; static bool initialized;
static struct lbuf lbuf; static struct sudo_lbuf lbuf;
if (!initialized) { if (!initialized) {
initialized = true; initialized = true;
lbuf_init(&lbuf, NULL, 0, NULL, 0); sudo_lbuf_init(&lbuf, NULL, 0, NULL, 0);
} }
lbuf_append(&lbuf, "%s", msg); sudo_lbuf_append(&lbuf, "%s", msg);
/* XXX - assumes a final newline */ /* XXX - assumes a final newline */
if (strchr(msg, '\n') != NULL) if (strchr(msg, '\n') != NULL)
{ {

8
plugins/sudoers/toke.l
View File

@ -75,7 +75,7 @@
#include "parse.h" #include "parse.h"
#include "toke.h" #include "toke.h"
#include <gram.h> #include <gram.h>
#include "lbuf.h" #include "sudo_lbuf.h"
#include "secure_path.h" #include "secure_path.h"
#ifdef HAVE_SHA224UPDATE #ifdef HAVE_SHA224UPDATE
@ -1121,14 +1121,14 @@ int
sudoers_trace_print(const char *msg) sudoers_trace_print(const char *msg)
{ {
static bool initialized; static bool initialized;
static struct lbuf lbuf; static struct sudo_lbuf lbuf;
if (!initialized) { if (!initialized) {
initialized = true; initialized = true;
lbuf_init(&lbuf, NULL, 0, NULL, 0); sudo_lbuf_init(&lbuf, NULL, 0, NULL, 0);
} }
lbuf_append(&lbuf, "%s", msg); sudo_lbuf_append(&lbuf, "%s", msg);
/* XXX - assumes a final newline */ /* XXX - assumes a final newline */
if (strchr(msg, '\n') != NULL) if (strchr(msg, '\n') != NULL)
{ {

4
src/Makefile.in
View File

@ -292,8 +292,8 @@ openbsd.o: $(srcdir)/openbsd.c $(incdir)/alloc.h $(incdir)/compat/stdbool.h \
parse_args.o: $(srcdir)/parse_args.c $(incdir)/alloc.h \ parse_args.o: $(srcdir)/parse_args.c $(incdir)/alloc.h \
$(incdir)/compat/getopt.h $(incdir)/compat/stdbool.h \ $(incdir)/compat/getopt.h $(incdir)/compat/stdbool.h \
$(incdir)/fatal.h $(incdir)/fileops.h $(incdir)/gettext.h \ $(incdir)/fatal.h $(incdir)/fileops.h $(incdir)/gettext.h \
$(incdir)/lbuf.h $(incdir)/missing.h $(incdir)/queue.h \ $(incdir)/missing.h $(incdir)/queue.h $(incdir)/sudo_conf.h \
$(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \ $(incdir)/sudo_debug.h $(incdir)/sudo_lbuf.h \
$(incdir)/sudo_util.h $(srcdir)/sudo.h $(top_builddir)/config.h \ $(incdir)/sudo_util.h $(srcdir)/sudo.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h ./sudo_usage.h $(top_builddir)/pathnames.h ./sudo_usage.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/parse_args.c $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/parse_args.c

82
src/parse_args.c
View File

@ -46,7 +46,7 @@
#include <sudo_usage.h> #include <sudo_usage.h>
#include "sudo.h" #include "sudo.h"
#include "lbuf.h" #include "sudo_lbuf.h"
#ifdef HAVE_GETOPT_LONG #ifdef HAVE_GETOPT_LONG
# include <getopt.h> # include <getopt.h>
@ -547,7 +547,7 @@ usage_out(const char *buf)
void void
usage(int fatal) usage(int fatal)
{ {
struct lbuf lbuf; struct sudo_lbuf lbuf;
char *uvec[6]; char *uvec[6];
int i, ulen; int i, ulen;
@ -571,13 +571,13 @@ usage(int fatal)
* tty width. * tty width.
*/ */
ulen = (int)strlen(getprogname()) + 8; ulen = (int)strlen(getprogname()) + 8;
lbuf_init(&lbuf, fatal ? usage_err : usage_out, ulen, NULL, sudo_lbuf_init(&lbuf, fatal ? usage_err : usage_out, ulen, NULL,
user_details.ts_cols); user_details.ts_cols);
for (i = 0; uvec[i] != NULL; i++) { for (i = 0; uvec[i] != NULL; i++) {
lbuf_append(&lbuf, "usage: %s%s", getprogname(), uvec[i]); sudo_lbuf_append(&lbuf, "usage: %s%s", getprogname(), uvec[i]);
lbuf_print(&lbuf); sudo_lbuf_print(&lbuf);
} }
lbuf_destroy(&lbuf); sudo_lbuf_destroy(&lbuf);
if (fatal) if (fatal)
exit(1); exit(1);
} }
@ -597,85 +597,85 @@ usage_excl(int fatal)
static void static void
help(void) help(void)
{ {
struct lbuf lbuf; struct sudo_lbuf lbuf;
const int indent = 30; const int indent = 30;
const char *pname = getprogname(); const char *pname = getprogname();
debug_decl(help, SUDO_DEBUG_ARGS) debug_decl(help, SUDO_DEBUG_ARGS)
lbuf_init(&lbuf, usage_out, indent, NULL, user_details.ts_cols); sudo_lbuf_init(&lbuf, usage_out, indent, NULL, user_details.ts_cols);
if (strcmp(pname, "sudoedit") == 0) if (strcmp(pname, "sudoedit") == 0)
lbuf_append(&lbuf, _("%s - edit files as another user\n\n"), pname); sudo_lbuf_append(&lbuf, _("%s - edit files as another user\n\n"), pname);
else else
lbuf_append(&lbuf, _("%s - execute a command as another user\n\n"), pname); sudo_lbuf_append(&lbuf, _("%s - execute a command as another user\n\n"), pname);
lbuf_print(&lbuf); sudo_lbuf_print(&lbuf);
usage(0); usage(0);
lbuf_append(&lbuf, _("\nOptions:\n")); sudo_lbuf_append(&lbuf, _("\nOptions:\n"));
lbuf_append(&lbuf, " -A, --askpass %s\n", sudo_lbuf_append(&lbuf, " -A, --askpass %s\n",
_("use a helper program for password prompting")); _("use a helper program for password prompting"));
#ifdef HAVE_BSD_AUTH_H #ifdef HAVE_BSD_AUTH_H
lbuf_append(&lbuf, " -a, --auth-type=type %s\n", sudo_lbuf_append(&lbuf, " -a, --auth-type=type %s\n",
_("use specified BSD authentication type")); _("use specified BSD authentication type"));
#endif #endif
lbuf_append(&lbuf, " -b, --background %s\n", sudo_lbuf_append(&lbuf, " -b, --background %s\n",
_("run command in the background")); _("run command in the background"));
lbuf_append(&lbuf, " -C, --close-from=num %s\n", sudo_lbuf_append(&lbuf, " -C, --close-from=num %s\n",
_("close all file descriptors >= num")); _("close all file descriptors >= num"));
#ifdef HAVE_LOGIN_CAP_H #ifdef HAVE_LOGIN_CAP_H
lbuf_append(&lbuf, " -c, --login-class=class %s\n", sudo_lbuf_append(&lbuf, " -c, --login-class=class %s\n",
_("run command with the specified BSD login class")); _("run command with the specified BSD login class"));
#endif #endif
lbuf_append(&lbuf, " -E, --preserve-env %s\n", sudo_lbuf_append(&lbuf, " -E, --preserve-env %s\n",
_("preserve user environment when running command")); _("preserve user environment when running command"));
lbuf_append(&lbuf, " -e, --edit %s\n", sudo_lbuf_append(&lbuf, " -e, --edit %s\n",
_("edit files instead of running a command")); _("edit files instead of running a command"));
lbuf_append(&lbuf, " -g, --group=group %s\n", sudo_lbuf_append(&lbuf, " -g, --group=group %s\n",
_("run command as the specified group name or ID")); _("run command as the specified group name or ID"));
lbuf_append(&lbuf, " -H, --set-home %s\n", sudo_lbuf_append(&lbuf, " -H, --set-home %s\n",
_("set HOME variable to target user's home dir")); _("set HOME variable to target user's home dir"));
lbuf_append(&lbuf, " -h, --help %s\n", sudo_lbuf_append(&lbuf, " -h, --help %s\n",
_("display help message and exit")); _("display help message and exit"));
lbuf_append(&lbuf, " -h, --host=host %s\n", sudo_lbuf_append(&lbuf, " -h, --host=host %s\n",
_("run command on host (if supported by plugin)")); _("run command on host (if supported by plugin)"));
lbuf_append(&lbuf, " -i, --login %s\n", sudo_lbuf_append(&lbuf, " -i, --login %s\n",
_("run login shell as the target user; a command may also be specified")); _("run login shell as the target user; a command may also be specified"));
lbuf_append(&lbuf, " -K, --remove-timestamp %s\n", sudo_lbuf_append(&lbuf, " -K, --remove-timestamp %s\n",
_("remove timestamp file completely")); _("remove timestamp file completely"));
lbuf_append(&lbuf, " -k, --reset-timestamp %s\n", sudo_lbuf_append(&lbuf, " -k, --reset-timestamp %s\n",
_("invalidate timestamp file")); _("invalidate timestamp file"));
lbuf_append(&lbuf, " -l, --list %s\n", sudo_lbuf_append(&lbuf, " -l, --list %s\n",
_("list user's privileges or check a specific command; use twice for longer format")); _("list user's privileges or check a specific command; use twice for longer format"));
lbuf_append(&lbuf, " -n, --non-interactive %s\n", sudo_lbuf_append(&lbuf, " -n, --non-interactive %s\n",
_("non-interactive mode, no prompts are used")); _("non-interactive mode, no prompts are used"));
lbuf_append(&lbuf, " -P, --preserve-groups %s\n", sudo_lbuf_append(&lbuf, " -P, --preserve-groups %s\n",
_("preserve group vector instead of setting to target's")); _("preserve group vector instead of setting to target's"));
lbuf_append(&lbuf, " -p, --prompt=prompt %s\n", sudo_lbuf_append(&lbuf, " -p, --prompt=prompt %s\n",
_("use the specified password prompt")); _("use the specified password prompt"));
#ifdef HAVE_SELINUX #ifdef HAVE_SELINUX
lbuf_append(&lbuf, " -r, --role=role %s\n", sudo_lbuf_append(&lbuf, " -r, --role=role %s\n",
_("create SELinux security context with specified role")); _("create SELinux security context with specified role"));
#endif #endif
lbuf_append(&lbuf, " -S, --stdin %s\n", sudo_lbuf_append(&lbuf, " -S, --stdin %s\n",
_("read password from standard input")); _("read password from standard input"));
lbuf_append(&lbuf, " -s, --shell %s\n", sudo_lbuf_append(&lbuf, " -s, --shell %s\n",
_("run shell as the target user; a command may also be specified")); _("run shell as the target user; a command may also be specified"));
#ifdef HAVE_SELINUX #ifdef HAVE_SELINUX
lbuf_append(&lbuf, " -t, --type=type %s\n", sudo_lbuf_append(&lbuf, " -t, --type=type %s\n",
_("create SELinux security context with specified type")); _("create SELinux security context with specified type"));
#endif #endif
lbuf_append(&lbuf, " -U, --other-user=user %s\n", sudo_lbuf_append(&lbuf, " -U, --other-user=user %s\n",
_("in list mode, display privileges for user")); _("in list mode, display privileges for user"));
lbuf_append(&lbuf, " -u, --user=user %s\n", sudo_lbuf_append(&lbuf, " -u, --user=user %s\n",
_("run command (or edit file) as specified user name or ID")); _("run command (or edit file) as specified user name or ID"));
lbuf_append(&lbuf, " -V, --version %s\n", sudo_lbuf_append(&lbuf, " -V, --version %s\n",
_("display version information and exit")); _("display version information and exit"));
lbuf_append(&lbuf, " -v, --validate %s\n", sudo_lbuf_append(&lbuf, " -v, --validate %s\n",
_("update user's timestamp without running a command")); _("update user's timestamp without running a command"));
lbuf_append(&lbuf, " -- %s\n", sudo_lbuf_append(&lbuf, " -- %s\n",
_("stop processing command line arguments")); _("stop processing command line arguments"));
lbuf_print(&lbuf); sudo_lbuf_print(&lbuf);
lbuf_destroy(&lbuf); sudo_lbuf_destroy(&lbuf);
sudo_debug_exit_int(__func__, __FILE__, __LINE__, sudo_debug_subsys, 0); sudo_debug_exit_int(__func__, __FILE__, __LINE__, sudo_debug_subsys, 0);
exit(0); exit(0);
} }