mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-22 01:49:11 +00:00
Code Issues Releases Wiki Activity

Don't pollute the namespace with lbuf struct and functions

Browse Source
This commit is contained in:
Todd C. Miller 2014-06-26 15:51:15 -06:00
parent 6bdee0488c
commit 7bafa63c15
17 changed files with 278 additions and 275 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
MANIFEST
View File

@ -67,7 +67,6 @@ include/compat/utime.h/
include/fatal.h
include/fileops.h
include/gettext.h
include/lbuf.h
include/missing.h
include/queue.h
include/secure_path.h
@ -75,6 +74,7 @@ include/sudo_conf.h
include/sudo_debug.h
include/sudo_dso.h
include/sudo_event.h
include/sudo_lbuf.h
include/sudo_plugin.h
include/sudo_util.h
indent.pro

4
Makefile.in
View File

@ -79,8 +79,8 @@ XGETTEXT_OPTS = -F -k_ -kN_ -kU_ --copyright-holder="Todd C. Miller" \
--package-name=@PACKAGE_NAME@ --package-version=$(VERSION) \
--flag warning:1:c-format --flag warningx:1:c-format \
--flag fatal:1:c-format --flag fatalx:1:c-format \
--flag easprintf:3:c-format --flag lbuf_append:2:c-format \
--flag lbuf_append_quoted:3:c-format --foreign-user
--flag easprintf:3:c-format --flag sudo_lbuf_append:2:c-format \
--flag sudo_lbuf_append_quoted:3:c-format --foreign-user
# Default cppcheck options when run from the top-level Makefile
CPPCHECK_OPTS = -q --force --enable=warning,performance,portability --suppress=constStatement --error-exitcode=1 --inline-suppr -U__cplusplus -UQUAD_MAX -UQUAD_MIN -UUQUAD_MAX -U_POSIX_HOST_NAME_MAX -U_POSIX_PATH_MAX

15
include/lbuf.h → include/sudo_lbuf.h
View File

@ -1,5 +1,6 @@
/*
* Copyright (c) 2007, 2010, 2011 Todd C. Miller <Todd.Miller@courtesan.com>
* Copyright (c) 2007, 2010, 2011, 2013, 2014
* Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@ -22,7 +23,7 @@
/*
* Line buffer struct.
*/
struct lbuf {
struct sudo_lbuf {
int (*output)(const char *);
char *buf;
const char *continuation;
@ -32,10 +33,10 @@ struct lbuf {
int cols;
};
__dso_public void lbuf_init(struct lbuf *, int (*)(const char *), int, const char *, int);
__dso_public void lbuf_destroy(struct lbuf *);
__dso_public void lbuf_append(struct lbuf *, const char *, ...) __printflike(2, 3);
__dso_public void lbuf_append_quoted(struct lbuf *, const char *, const char *, ...) __printflike(3, 4);
__dso_public void lbuf_print(struct lbuf *);
__dso_public void sudo_lbuf_init(struct sudo_lbuf *, int (*)(const char *), int, const char *, int);
__dso_public void sudo_lbuf_destroy(struct sudo_lbuf *);
__dso_public void sudo_lbuf_append(struct sudo_lbuf *, const char *, ...) __printflike(2, 3);
__dso_public void sudo_lbuf_append_quoted(struct sudo_lbuf *, const char *, const char *, ...) __printflike(3, 4);
__dso_public void sudo_lbuf_print(struct sudo_lbuf *);
#endif /* _SUDO_LBUF_H */

5
lib/util/Makefile.in
View File

@ -381,8 +381,9 @@ key_val.lo: $(srcdir)/key_val.c $(incdir)/compat/stdbool.h $(incdir)/missing.h \
$(incdir)/sudo_debug.h $(incdir)/sudo_util.h \
$(top_builddir)/config.h
$(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/key_val.c
lbuf.lo: $(srcdir)/lbuf.c $(incdir)/alloc.h $(incdir)/fatal.h $(incdir)/lbuf.h \
$(incdir)/missing.h $(incdir)/sudo_debug.h $(top_builddir)/config.h
lbuf.lo: $(srcdir)/lbuf.c $(incdir)/alloc.h $(incdir)/fatal.h \
$(incdir)/missing.h $(incdir)/sudo_debug.h $(incdir)/sudo_lbuf.h \
$(top_builddir)/config.h
$(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/lbuf.c
locale_stub.lo: $(top_srcdir)/src/locale_stub.c $(incdir)/fatal.h \
$(incdir)/gettext.h $(incdir)/missing.h $(top_builddir)/config.h

42
lib/util/lbuf.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007-2013 Todd C. Miller <Todd.Miller@courtesan.com>
* Copyright (c) 2007-2014 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@ -45,14 +45,14 @@
#include "missing.h"
#include "alloc.h"
#include "fatal.h"
#include "lbuf.h"
#include "sudo_lbuf.h"
#include "sudo_debug.h"
void
lbuf_init(struct lbuf *lbuf, int (*output)(const char *),
sudo_lbuf_init(struct sudo_lbuf *lbuf, int (*output)(const char *),
int indent, const char *continuation, int cols)
{
debug_decl(lbuf_init, SUDO_DEBUG_UTIL)
debug_decl(sudo_lbuf_init, SUDO_DEBUG_UTIL)
lbuf->output = output;
lbuf->continuation = continuation;
@ -66,9 +66,9 @@ lbuf_init(struct lbuf *lbuf, int (*output)(const char *),
}
void
lbuf_destroy(struct lbuf *lbuf)
sudo_lbuf_destroy(struct sudo_lbuf *lbuf)
{
debug_decl(lbuf_destroy, SUDO_DEBUG_UTIL)
debug_decl(sudo_lbuf_destroy, SUDO_DEBUG_UTIL)
efree(lbuf->buf);
lbuf->buf = NULL;
@ -77,7 +77,7 @@ lbuf_destroy(struct lbuf *lbuf)
}
static void
lbuf_expand(struct lbuf *lbuf, int extra)
sudo_lbuf_expand(struct sudo_lbuf *lbuf, int extra)
{
if (lbuf->len + extra + 1 >= lbuf->size) {
do {
@ -92,12 +92,12 @@ lbuf_expand(struct lbuf *lbuf, int extra)
* Any characters in set are quoted with a backslash.
*/
void
lbuf_append_quoted(struct lbuf *lbuf, const char *set, const char *fmt, ...)
sudo_lbuf_append_quoted(struct sudo_lbuf *lbuf, const char *set, const char *fmt, ...)
{
va_list ap;
int len;
char *cp, *s;
debug_decl(lbuf_append_quoted, SUDO_DEBUG_UTIL)
debug_decl(sudo_lbuf_append_quoted, SUDO_DEBUG_UTIL)
va_start(ap, fmt);
while (*fmt != '\0') {
@ -106,7 +106,7 @@ lbuf_append_quoted(struct lbuf *lbuf, const char *set, const char *fmt, ...)
goto done;
while ((cp = strpbrk(s, set)) != NULL) {
len = (int)(cp - s);
lbuf_expand(lbuf, len + 2);
sudo_lbuf_expand(lbuf, len + 2);
memcpy(lbuf->buf + lbuf->len, s, len);
lbuf->len += len;
lbuf->buf[lbuf->len++] = '\\';
@ -115,14 +115,14 @@ lbuf_append_quoted(struct lbuf *lbuf, const char *set, const char *fmt, ...)
}
if (*s != '\0') {
len = strlen(s);
lbuf_expand(lbuf, len);
sudo_lbuf_expand(lbuf, len);
memcpy(lbuf->buf + lbuf->len, s, len);
lbuf->len += len;
}
fmt += 2;
continue;
}
lbuf_expand(lbuf, 2);
sudo_lbuf_expand(lbuf, 2);
if (strchr(set, *fmt) != NULL)
lbuf->buf[lbuf->len++] = '\\';
lbuf->buf[lbuf->len++] = *fmt++;
@ -139,12 +139,12 @@ done:
* Parse the format and append strings, only %s and %% escapes are supported.
*/
void
lbuf_append(struct lbuf *lbuf, const char *fmt, ...)
sudo_lbuf_append(struct sudo_lbuf *lbuf, const char *fmt, ...)
{
va_list ap;
int len;
char *s;
debug_decl(lbuf_append, SUDO_DEBUG_UTIL)
debug_decl(sudo_lbuf_append, SUDO_DEBUG_UTIL)
va_start(ap, fmt);
while (*fmt != '\0') {
@ -152,13 +152,13 @@ lbuf_append(struct lbuf *lbuf, const char *fmt, ...)
if ((s = va_arg(ap, char *)) == NULL)
goto done;
len = strlen(s);
lbuf_expand(lbuf, len);
sudo_lbuf_expand(lbuf, len);
memcpy(lbuf->buf + lbuf->len, s, len);
lbuf->len += len;
fmt += 2;
continue;
}
lbuf_expand(lbuf, 1);
sudo_lbuf_expand(lbuf, 1);
lbuf->buf[lbuf->len++] = *fmt++;
}
done:
@ -170,11 +170,11 @@ done:
}
static void
lbuf_println(struct lbuf *lbuf, char *line, int len)
sudo_lbuf_println(struct sudo_lbuf *lbuf, char *line, int len)
{
char *cp, save;
int i, have, contlen;
debug_decl(lbuf_println, SUDO_DEBUG_UTIL)
debug_decl(sudo_lbuf_println, SUDO_DEBUG_UTIL)
contlen = lbuf->continuation ? strlen(lbuf->continuation) : 0;
@ -232,11 +232,11 @@ lbuf_println(struct lbuf *lbuf, char *line, int len)
* The lbuf is reset on return.
*/
void
lbuf_print(struct lbuf *lbuf)
sudo_lbuf_print(struct sudo_lbuf *lbuf)
{
char *cp, *ep;
int len;
debug_decl(lbuf_print, SUDO_DEBUG_UTIL)
debug_decl(sudo_lbuf_print, SUDO_DEBUG_UTIL)
if (lbuf->buf == NULL || lbuf->len == 0)
goto done;
@ -263,7 +263,7 @@ lbuf_print(struct lbuf *lbuf)
if ((ep = memchr(cp, '\n', len)) != NULL)
len = (int)(ep - cp);
if (len)
lbuf_println(lbuf, cp, len);
sudo_lbuf_println(lbuf, cp, len);
cp = ep ? ep + 1 : NULL;
}
}

10
lib/util/util.exp
View File

@ -44,11 +44,6 @@ get_ttysize
getprogname
initprogname
isblank
lbuf_append
lbuf_append_quoted
lbuf_destroy
lbuf_init
lbuf_print
sudo_asprintf
sudo_clock_gettime
sudo_closefrom
@ -113,6 +108,11 @@ sudo_getopt_long_only
sudo_glob
sudo_globfree
sudo_inet_pton
sudo_lbuf_append
sudo_lbuf_append_quoted
sudo_lbuf_destroy
sudo_lbuf_init
sudo_lbuf_print
sudo_lock_file
sudo_memrchr
sudo_memset_s

32
plugins/sudoers/Makefile.in
View File

@ -654,8 +654,8 @@ kerb5.lo: $(authdir)/kerb5.c $(devdir)/def_data.h $(incdir)/alloc.h \
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(authdir)/kerb5.c
ldap.lo: $(srcdir)/ldap.c $(devdir)/def_data.h $(incdir)/alloc.h \
$(incdir)/compat/stdbool.h $(incdir)/fatal.h $(incdir)/fileops.h \
$(incdir)/gettext.h $(incdir)/lbuf.h $(incdir)/missing.h \
$(incdir)/queue.h $(incdir)/sudo_debug.h $(incdir)/sudo_dso.h \
$(incdir)/gettext.h $(incdir)/missing.h $(incdir)/queue.h \
$(incdir)/sudo_debug.h $(incdir)/sudo_dso.h $(incdir)/sudo_lbuf.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
$(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(top_builddir)/config.h \
@ -720,8 +720,8 @@ pam.lo: $(authdir)/pam.c $(devdir)/def_data.h $(incdir)/alloc.h \
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(authdir)/pam.c
parse.lo: $(srcdir)/parse.c $(devdir)/def_data.h $(devdir)/gram.h \
$(incdir)/alloc.h $(incdir)/compat/stdbool.h $(incdir)/fatal.h \
$(incdir)/fileops.h $(incdir)/gettext.h $(incdir)/lbuf.h \
$(incdir)/missing.h $(incdir)/queue.h $(incdir)/sudo_debug.h \
$(incdir)/fileops.h $(incdir)/gettext.h $(incdir)/missing.h \
$(incdir)/queue.h $(incdir)/sudo_debug.h $(incdir)/sudo_lbuf.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
$(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(top_builddir)/config.h \
@ -819,8 +819,8 @@ sia.lo: $(authdir)/sia.c $(devdir)/def_data.h $(incdir)/alloc.h \
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(authdir)/sia.c
sssd.lo: $(srcdir)/sssd.c $(devdir)/def_data.h $(incdir)/alloc.h \
$(incdir)/compat/stdbool.h $(incdir)/fatal.h $(incdir)/fileops.h \
$(incdir)/gettext.h $(incdir)/lbuf.h $(incdir)/missing.h \
$(incdir)/queue.h $(incdir)/sudo_debug.h $(incdir)/sudo_dso.h \
$(incdir)/gettext.h $(incdir)/missing.h $(incdir)/queue.h \
$(incdir)/sudo_debug.h $(incdir)/sudo_dso.h $(incdir)/sudo_lbuf.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
$(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(top_builddir)/config.h \
@ -838,10 +838,11 @@ sudo_auth.lo: $(authdir)/sudo_auth.c $(devdir)/def_data.h $(incdir)/alloc.h \
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(authdir)/sudo_auth.c
sudo_nss.lo: $(srcdir)/sudo_nss.c $(devdir)/def_data.h $(incdir)/alloc.h \
$(incdir)/compat/stdbool.h $(incdir)/fatal.h $(incdir)/fileops.h \
$(incdir)/gettext.h $(incdir)/lbuf.h $(incdir)/missing.h \
$(incdir)/queue.h $(incdir)/sudo_debug.h $(incdir)/sudo_plugin.h \
$(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
$(srcdir)/sudo_nss.h $(srcdir)/sudoers.h $(top_builddir)/config.h \
$(incdir)/gettext.h $(incdir)/missing.h $(incdir)/queue.h \
$(incdir)/sudo_debug.h $(incdir)/sudo_lbuf.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_util.h \
$(srcdir)/defaults.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/sudo_nss.c
sudoers.lo: $(srcdir)/sudoers.c $(devdir)/def_data.h $(incdir)/alloc.h \
@ -888,12 +889,11 @@ timestr.lo: $(srcdir)/timestr.c $(incdir)/missing.h $(top_builddir)/config.h
toke.lo: $(devdir)/toke.c $(devdir)/def_data.h $(devdir)/gram.h \
$(incdir)/alloc.h $(incdir)/compat/sha2.h $(incdir)/compat/stdbool.h \
$(incdir)/fatal.h $(incdir)/fileops.h $(incdir)/gettext.h \
$(incdir)/lbuf.h $(incdir)/missing.h $(incdir)/queue.h \
$(incdir)/secure_path.h $(incdir)/sudo_debug.h \
$(incdir)/sudo_plugin.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
$(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
$(srcdir)/sudoers.h $(srcdir)/toke.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h
$(incdir)/missing.h $(incdir)/queue.h $(incdir)/secure_path.h \
$(incdir)/sudo_debug.h $(incdir)/sudo_lbuf.h $(incdir)/sudo_plugin.h \
$(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/logging.h \
$(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
$(srcdir)/toke.h $(top_builddir)/config.h $(top_builddir)/pathnames.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(devdir)/toke.c
toke_util.lo: $(srcdir)/toke_util.c $(devdir)/def_data.h $(devdir)/gram.h \
$(incdir)/alloc.h $(incdir)/compat/stdbool.h $(incdir)/fatal.h \

72
plugins/sudoers/ldap.c
View File

@ -68,7 +68,7 @@
#include "sudoers.h"
#include "parse.h"
#include "lbuf.h"
#include "sudo_lbuf.h"
#include "sudo_dso.h"
/* Older Netscape LDAP SDKs don't prototype ldapssl_set_strength() */
@ -350,11 +350,11 @@ static int sudo_ldap_setdefs(struct sudo_nss *nss);
static int sudo_ldap_lookup(struct sudo_nss *nss, int ret, int pwflag);
static int sudo_ldap_display_cmnd(struct sudo_nss *nss, struct passwd *pw);
static int sudo_ldap_display_defaults(struct sudo_nss *nss, struct passwd *pw,
struct lbuf *lbuf);
struct sudo_lbuf *lbuf);
static int sudo_ldap_display_bound_defaults(struct sudo_nss *nss,
struct passwd *pw, struct lbuf *lbuf);
struct passwd *pw, struct sudo_lbuf *lbuf);
static int sudo_ldap_display_privs(struct sudo_nss *nss, struct passwd *pw,
struct lbuf *lbuf);
struct sudo_lbuf *lbuf);
static struct ldap_result *sudo_ldap_result_get(struct sudo_nss *nss,
struct passwd *pw);
@ -1771,7 +1771,7 @@ sudo_ldap_get_first_rdn(LDAP *ld, LDAPMessage *entry)
*/
static int
sudo_ldap_display_defaults(struct sudo_nss *nss, struct passwd *pw,
struct lbuf *lbuf)
struct sudo_lbuf *lbuf)
{
struct berval **bv, **p;
struct timeval tv, *tvp = NULL;
@ -1805,7 +1805,7 @@ sudo_ldap_display_defaults(struct sudo_nss *nss, struct passwd *pw,
else
prefix = ", ";
for (p = bv; *p != NULL; p++) {
lbuf_append(lbuf, "%s%s", prefix, (*p)->bv_val);
sudo_lbuf_append(lbuf, "%s%s", prefix, (*p)->bv_val);
prefix = ", ";
count++;
}
@ -1825,7 +1825,7 @@ done:
*/
static int
sudo_ldap_display_bound_defaults(struct sudo_nss *nss, struct passwd *pw,
struct lbuf *lbuf)
struct sudo_lbuf *lbuf)
{
debug_decl(sudo_ldap_display_bound_defaults, SUDO_DEBUG_LDAP)
debug_return_int(0);
@ -1835,13 +1835,13 @@ sudo_ldap_display_bound_defaults(struct sudo_nss *nss, struct passwd *pw,
* Print a record in the short form, ala file sudoers.
*/
static int
sudo_ldap_display_entry_short(LDAP *ld, LDAPMessage *entry, struct lbuf *lbuf)
sudo_ldap_display_entry_short(LDAP *ld, LDAPMessage *entry, struct sudo_lbuf *lbuf)
{
struct berval **bv, **p;
int count = 0;
debug_decl(sudo_ldap_display_entry_short, SUDO_DEBUG_LDAP)
lbuf_append(lbuf, " (");
sudo_lbuf_append(lbuf, " (");
/* get the RunAsUser Values from the entry */
bv = ldap_get_values_len(ld, entry, "sudoRunAsUser");
@ -1849,22 +1849,22 @@ sudo_ldap_display_entry_short(LDAP *ld, LDAPMessage *entry, struct lbuf *lbuf)
bv = ldap_get_values_len(ld, entry, "sudoRunAs");
if (bv != NULL) {
for (p = bv; *p != NULL; p++) {
lbuf_append(lbuf, "%s%s", p != bv ? ", " : "", (*p)->bv_val);
sudo_lbuf_append(lbuf, "%s%s", p != bv ? ", " : "", (*p)->bv_val);
}
ldap_value_free_len(bv);
} else
lbuf_append(lbuf, "%s", def_runas_default);
sudo_lbuf_append(lbuf, "%s", def_runas_default);
/* get the RunAsGroup Values from the entry */
bv = ldap_get_values_len(ld, entry, "sudoRunAsGroup");
if (bv != NULL) {
lbuf_append(lbuf, " : ");
sudo_lbuf_append(lbuf, " : ");
for (p = bv; *p != NULL; p++) {
lbuf_append(lbuf, "%s%s", p != bv ? ", " : "", (*p)->bv_val);
sudo_lbuf_append(lbuf, "%s%s", p != bv ? ", " : "", (*p)->bv_val);
}
ldap_value_free_len(bv);
}
lbuf_append(lbuf, ") ");
sudo_lbuf_append(lbuf, ") ");
/* get the Option Values from the entry */
bv = ldap_get_values_len(ld, entry, "sudoOption");
@ -1874,13 +1874,13 @@ sudo_ldap_display_entry_short(LDAP *ld, LDAPMessage *entry, struct lbuf *lbuf)
if (*cp == '!')
cp++;
if (strcmp(cp, "authenticate") == 0)
lbuf_append(lbuf, (*p)->bv_val[0] == '!' ?
sudo_lbuf_append(lbuf, (*p)->bv_val[0] == '!' ?
"NOPASSWD: " : "PASSWD: ");
else if (strcmp(cp, "noexec") == 0)
lbuf_append(lbuf, (*p)->bv_val[0] == '!' ?
sudo_lbuf_append(lbuf, (*p)->bv_val[0] == '!' ?
"EXEC: " : "NOEXEC: ");
else if (strcmp(cp, "setenv") == 0)
lbuf_append(lbuf, (*p)->bv_val[0] == '!' ?
sudo_lbuf_append(lbuf, (*p)->bv_val[0] == '!' ?
"NOSETENV: " : "SETENV: ");
}
ldap_value_free_len(bv);
@ -1890,12 +1890,12 @@ sudo_ldap_display_entry_short(LDAP *ld, LDAPMessage *entry, struct lbuf *lbuf)
bv = ldap_get_values_len(ld, entry, "sudoCommand");
if (bv != NULL) {
for (p = bv; *p != NULL; p++) {
lbuf_append(lbuf, "%s%s", p != bv ? ", " : "", (*p)->bv_val);
sudo_lbuf_append(lbuf, "%s%s", p != bv ? ", " : "", (*p)->bv_val);
count++;
}
ldap_value_free_len(bv);
}
lbuf_append(lbuf, "\n");
sudo_lbuf_append(lbuf, "\n");
debug_return_int(count);
}
@ -1904,7 +1904,7 @@ sudo_ldap_display_entry_short(LDAP *ld, LDAPMessage *entry, struct lbuf *lbuf)
* Print a record in the long form.
*/
static int
sudo_ldap_display_entry_long(LDAP *ld, LDAPMessage *entry, struct lbuf *lbuf)
sudo_ldap_display_entry_long(LDAP *ld, LDAPMessage *entry, struct sudo_lbuf *lbuf)
{
struct berval **bv, **p;
char *rdn;
@ -1914,46 +1914,46 @@ sudo_ldap_display_entry_long(LDAP *ld, LDAPMessage *entry, struct lbuf *lbuf)
/* extract the dn, only show the first rdn */
rdn = sudo_ldap_get_first_rdn(ld, entry);
if (rdn != NULL)
lbuf_append(lbuf, _("\nLDAP Role: %s\n"), rdn);
sudo_lbuf_append(lbuf, _("\nLDAP Role: %s\n"), rdn);
else
lbuf_append(lbuf, _("\nLDAP Role: UNKNOWN\n"));
sudo_lbuf_append(lbuf, _("\nLDAP Role: UNKNOWN\n"));
if (rdn)
ldap_memfree(rdn);
/* get the RunAsUser Values from the entry */
lbuf_append(lbuf, " RunAsUsers: ");
sudo_lbuf_append(lbuf, " RunAsUsers: ");
bv = ldap_get_values_len(ld, entry, "sudoRunAsUser");
if (bv == NULL)
bv = ldap_get_values_len(ld, entry, "sudoRunAs");
if (bv != NULL) {
for (p = bv; *p != NULL; p++) {
lbuf_append(lbuf, "%s%s", p != bv ? ", " : "", (*p)->bv_val);
sudo_lbuf_append(lbuf, "%s%s", p != bv ? ", " : "", (*p)->bv_val);
}
ldap_value_free_len(bv);
} else
lbuf_append(lbuf, "%s", def_runas_default);
lbuf_append(lbuf, "\n");
sudo_lbuf_append(lbuf, "%s", def_runas_default);
sudo_lbuf_append(lbuf, "\n");
/* get the RunAsGroup Values from the entry */
bv = ldap_get_values_len(ld, entry, "sudoRunAsGroup");
if (bv != NULL) {
lbuf_append(lbuf, " RunAsGroups: ");
sudo_lbuf_append(lbuf, " RunAsGroups: ");
for (p = bv; *p != NULL; p++) {
lbuf_append(lbuf, "%s%s", p != bv ? ", " : "", (*p)->bv_val);
sudo_lbuf_append(lbuf, "%s%s", p != bv ? ", " : "", (*p)->bv_val);
}
ldap_value_free_len(bv);
lbuf_append(lbuf, "\n");
sudo_lbuf_append(lbuf, "\n");
}
/* get the Option Values from the entry */
bv = ldap_get_values_len(ld, entry, "sudoOption");
if (bv != NULL) {
lbuf_append(lbuf, " Options: ");
sudo_lbuf_append(lbuf, " Options: ");
for (p = bv; *p != NULL; p++) {
lbuf_append(lbuf, "%s%s", p != bv ? ", " : "", (*p)->bv_val);
sudo_lbuf_append(lbuf, "%s%s", p != bv ? ", " : "", (*p)->bv_val);
}
ldap_value_free_len(bv);
lbuf_append(lbuf, "\n");
sudo_lbuf_append(lbuf, "\n");
}
/*
@ -1963,7 +1963,7 @@ sudo_ldap_display_entry_long(LDAP *ld, LDAPMessage *entry, struct lbuf *lbuf)
bv = ldap_get_values_len(ld, entry, "sudoOrder");
if (bv != NULL) {
if (*bv != NULL) {
lbuf_append(lbuf, _(" Order: %s\n"), (*bv)->bv_val);
sudo_lbuf_append(lbuf, _(" Order: %s\n"), (*bv)->bv_val);
}
ldap_value_free_len(bv);
}
@ -1971,9 +1971,9 @@ sudo_ldap_display_entry_long(LDAP *ld, LDAPMessage *entry, struct lbuf *lbuf)
/* Get the command values from the entry. */
bv = ldap_get_values_len(ld, entry, "sudoCommand");
if (bv != NULL) {
lbuf_append(lbuf, _(" Commands:\n"));
sudo_lbuf_append(lbuf, _(" Commands:\n"));
for (p = bv; *p != NULL; p++) {
lbuf_append(lbuf, "\t%s\n", (*p)->bv_val);
sudo_lbuf_append(lbuf, "\t%s\n", (*p)->bv_val);
count++;
}
ldap_value_free_len(bv);
@ -1987,7 +1987,7 @@ sudo_ldap_display_entry_long(LDAP *ld, LDAPMessage *entry, struct lbuf *lbuf)
*/
static int
sudo_ldap_display_privs(struct sudo_nss *nss, struct passwd *pw,
struct lbuf *lbuf)
struct sudo_lbuf *lbuf)
{
struct sudo_ldap_handle *handle = nss->handle;
LDAP *ld;

155
plugins/sudoers/parse.c
View File

@ -43,7 +43,7 @@
#include "sudoers.h"
#include "parse.h"
#include "lbuf.h"
#include "sudo_lbuf.h"
#include <gram.h>
/* Characters that must be quoted in sudoers */
@ -66,9 +66,10 @@ struct sudo_nss sudo_nss_file = {
/*
* Local prototypes.
*/
static int display_bound_defaults(int dtype, struct lbuf *lbuf);
static void print_member(struct lbuf *lbuf, struct member *m, int alias_type);
static void print_member2(struct lbuf *lbuf, struct member *m,
static int display_bound_defaults(int dtype, struct sudo_lbuf *lbuf);
static void print_member(struct sudo_lbuf *lbuf, struct member *m,
int alias_type);
static void print_member2(struct sudo_lbuf *lbuf, struct member *m,
const char *separator, int alias_type);
int
@ -291,40 +292,40 @@ sudo_file_lookup(struct sudo_nss *nss, int validated, int pwflag)
static void
sudo_file_append_cmnd(struct cmndspec *cs, struct cmndtag *tags,
struct lbuf *lbuf)
struct sudo_lbuf *lbuf)
{
debug_decl(sudo_file_append_cmnd, SUDO_DEBUG_NSS)
#ifdef HAVE_PRIV_SET
if (cs->privs)
lbuf_append(lbuf, "PRIVS=\"%s\" ", cs->privs);
sudo_lbuf_append(lbuf, "PRIVS=\"%s\" ", cs->privs);
if (cs->limitprivs)
lbuf_append(lbuf, "LIMITPRIVS=\"%s\" ", cs->limitprivs);
sudo_lbuf_append(lbuf, "LIMITPRIVS=\"%s\" ", cs->limitprivs);
#endif /* HAVE_PRIV_SET */
#ifdef HAVE_SELINUX
if (cs->role)
lbuf_append(lbuf, "ROLE=%s ", cs->role);
sudo_lbuf_append(lbuf, "ROLE=%s ", cs->role);
if (cs->type)
lbuf_append(lbuf, "TYPE=%s ", cs->type);
sudo_lbuf_append(lbuf, "TYPE=%s ", cs->type);
#endif /* HAVE_SELINUX */
if (TAG_CHANGED(setenv)) {
lbuf_append(lbuf, cs->tags.setenv ? "SETENV: " : "NOSETENV: ");
sudo_lbuf_append(lbuf, cs->tags.setenv ? "SETENV: " : "NOSETENV: ");
tags->setenv = cs->tags.setenv;
}
if (TAG_CHANGED(noexec)) {
lbuf_append(lbuf, cs->tags.noexec ? "NOEXEC: " : "EXEC: ");
sudo_lbuf_append(lbuf, cs->tags.noexec ? "NOEXEC: " : "EXEC: ");
tags->noexec = cs->tags.noexec;
}
if (TAG_CHANGED(nopasswd)) {
lbuf_append(lbuf, cs->tags.nopasswd ? "NOPASSWD: " : "PASSWD: ");
sudo_lbuf_append(lbuf, cs->tags.nopasswd ? "NOPASSWD: " : "PASSWD: ");
tags->nopasswd = cs->tags.nopasswd;
}
if (TAG_CHANGED(log_input)) {
lbuf_append(lbuf, cs->tags.log_input ? "LOG_INPUT: " : "NOLOG_INPUT: ");
sudo_lbuf_append(lbuf, cs->tags.log_input ? "LOG_INPUT: " : "NOLOG_INPUT: ");
tags->log_input = cs->tags.log_input;
}
if (TAG_CHANGED(log_output)) {
lbuf_append(lbuf, cs->tags.log_output ? "LOG_OUTPUT: " : "NOLOG_OUTPUT: ");
sudo_lbuf_append(lbuf, cs->tags.log_output ? "LOG_OUTPUT: " : "NOLOG_OUTPUT: ");
tags->log_output = cs->tags.log_output;
}
print_member(lbuf, cs->cmnd, CMNDALIAS);
@ -338,7 +339,7 @@ sudo_file_append_cmnd(struct cmndspec *cs, struct cmndtag *tags,
static int
sudo_file_display_priv_short(struct passwd *pw, struct userspec *us,
struct lbuf *lbuf)
struct sudo_lbuf *lbuf)
{
struct cmndspec *cs, *prev_cs;
struct member *m;
@ -360,41 +361,41 @@ sudo_file_display_priv_short(struct passwd *pw, struct userspec *us,
TAILQ_FOREACH(cs, &priv->cmndlist, entries) {
if (RUNAS_CHANGED(cs, prev_cs)) {
if (cs != TAILQ_FIRST(&priv->cmndlist))
lbuf_append(lbuf, "\n");
lbuf_append(lbuf, " (");
sudo_lbuf_append(lbuf, "\n");
sudo_lbuf_append(lbuf, " (");
if (cs->runasuserlist != NULL) {
TAILQ_FOREACH(m, cs->runasuserlist, entries) {
if (m != TAILQ_FIRST(cs->runasuserlist))
lbuf_append(lbuf, ", ");
sudo_lbuf_append(lbuf, ", ");
print_member(lbuf, m, RUNASALIAS);
}
} else if (cs->runasgrouplist == NULL) {
lbuf_append(lbuf, "%s", def_runas_default);
sudo_lbuf_append(lbuf, "%s", def_runas_default);
} else {
lbuf_append(lbuf, "%s", pw->pw_name);
sudo_lbuf_append(lbuf, "%s", pw->pw_name);
}
if (cs->runasgrouplist != NULL) {
lbuf_append(lbuf, " : ");
sudo_lbuf_append(lbuf, " : ");
TAILQ_FOREACH(m, cs->runasgrouplist, entries) {
if (m != TAILQ_FIRST(cs->runasgrouplist))
lbuf_append(lbuf, ", ");
sudo_lbuf_append(lbuf, ", ");
print_member(lbuf, m, RUNASALIAS);
}
}
lbuf_append(lbuf, ") ");
sudo_lbuf_append(lbuf, ") ");
tags.noexec = UNSPEC;
tags.setenv = UNSPEC;
tags.nopasswd = UNSPEC;
tags.log_input = UNSPEC;
tags.log_output = UNSPEC;
} else if (cs != TAILQ_FIRST(&priv->cmndlist)) {
lbuf_append(lbuf, ", ");
sudo_lbuf_append(lbuf, ", ");
}
sudo_file_append_cmnd(cs, &tags, lbuf);
prev_cs = cs;
nfound++;
}
lbuf_append(lbuf, "\n");
sudo_lbuf_append(lbuf, "\n");
}
debug_return_int(nfound);
}
@ -435,7 +436,7 @@ new_long_entry(struct cmndspec *cs, struct cmndspec *prev_cs)
static int
sudo_file_display_priv_long(struct passwd *pw, struct userspec *us,
struct lbuf *lbuf)
struct sudo_lbuf *lbuf)
{
struct cmndspec *cs, *prev_cs;
struct member *m;
@ -449,64 +450,64 @@ sudo_file_display_priv_long(struct passwd *pw, struct userspec *us,
prev_cs = NULL;
TAILQ_FOREACH(cs, &priv->cmndlist, entries) {
if (new_long_entry(cs, prev_cs)) {
lbuf_append(lbuf, _("\nSudoers entry:\n"));
lbuf_append(lbuf, _(" RunAsUsers: "));
sudo_lbuf_append(lbuf, _("\nSudoers entry:\n"));
sudo_lbuf_append(lbuf, _(" RunAsUsers: "));
if (cs->runasuserlist != NULL) {
TAILQ_FOREACH(m, cs->runasuserlist, entries) {
if (m != TAILQ_FIRST(cs->runasuserlist))
lbuf_append(lbuf, ", ");
sudo_lbuf_append(lbuf, ", ");
print_member(lbuf, m, RUNASALIAS);
}
} else if (cs->runasgrouplist == NULL) {
lbuf_append(lbuf, "%s", def_runas_default);
sudo_lbuf_append(lbuf, "%s", def_runas_default);
} else {
lbuf_append(lbuf, "%s", pw->pw_name);
sudo_lbuf_append(lbuf, "%s", pw->pw_name);
}
lbuf_append(lbuf, "\n");
sudo_lbuf_append(lbuf, "\n");
if (cs->runasgrouplist != NULL) {
lbuf_append(lbuf, _(" RunAsGroups: "));
sudo_lbuf_append(lbuf, _(" RunAsGroups: "));
TAILQ_FOREACH(m, cs->runasgrouplist, entries) {
if (m != TAILQ_FIRST(cs->runasgrouplist))
lbuf_append(lbuf, ", ");
sudo_lbuf_append(lbuf, ", ");
print_member(lbuf, m, RUNASALIAS);
}
lbuf_append(lbuf, "\n");
sudo_lbuf_append(lbuf, "\n");
}
olen = lbuf->len;
lbuf_append(lbuf, _(" Options: "));
sudo_lbuf_append(lbuf, _(" Options: "));
if (TAG_SET(cs->tags.setenv))
lbuf_append(lbuf, "%ssetenv, ", cs->tags.setenv ? "" : "!");
sudo_lbuf_append(lbuf, "%ssetenv, ", cs->tags.setenv ? "" : "!");
if (TAG_SET(cs->tags.noexec))
lbuf_append(lbuf, "%snoexec, ", cs->tags.noexec ? "" : "!");
sudo_lbuf_append(lbuf, "%snoexec, ", cs->tags.noexec ? "" : "!");
if (TAG_SET(cs->tags.nopasswd))
lbuf_append(lbuf, "%sauthenticate, ", cs->tags.nopasswd ? "!" : "");
sudo_lbuf_append(lbuf, "%sauthenticate, ", cs->tags.nopasswd ? "!" : "");
if (TAG_SET(cs->tags.log_input))
lbuf_append(lbuf, "%slog_input, ", cs->tags.log_input ? "" : "!");
sudo_lbuf_append(lbuf, "%slog_input, ", cs->tags.log_input ? "" : "!");
if (TAG_SET(cs->tags.log_output))
lbuf_append(lbuf, "%slog_output, ", cs->tags.log_output ? "" : "!");
sudo_lbuf_append(lbuf, "%slog_output, ", cs->tags.log_output ? "" : "!");
if (lbuf->buf[lbuf->len - 2] == ',') {
lbuf->len -= 2; /* remove trailing ", " */
lbuf_append(lbuf, "\n");
sudo_lbuf_append(lbuf, "\n");
} else {
lbuf->len = olen; /* no options */
}
#ifdef HAVE_PRIV_SET
if (cs->privs)
lbuf_append(lbuf, " Privs: %s\n", cs->privs);
sudo_lbuf_append(lbuf, " Privs: %s\n", cs->privs);
if (cs->limitprivs)
lbuf_append(lbuf, " Limitprivs: %s\n", cs->limitprivs);
sudo_lbuf_append(lbuf, " Limitprivs: %s\n", cs->limitprivs);
#endif /* HAVE_PRIV_SET */
#ifdef HAVE_SELINUX
if (cs->role)
lbuf_append(lbuf, " Role: %s\n", cs->role);
sudo_lbuf_append(lbuf, " Role: %s\n", cs->role);
if (cs->type)
lbuf_append(lbuf, " Type: %s\n", cs->type);
sudo_lbuf_append(lbuf, " Type: %s\n", cs->type);
#endif /* HAVE_SELINUX */
lbuf_append(lbuf, _(" Commands:\n"));
sudo_lbuf_append(lbuf, _(" Commands:\n"));
}
lbuf_append(lbuf, "\t");
sudo_lbuf_append(lbuf, "\t");
print_member2(lbuf, cs->cmnd, "\n\t", CMNDALIAS);
lbuf_append(lbuf, "\n");
sudo_lbuf_append(lbuf, "\n");
prev_cs = cs;
nfound++;
}
@ -516,7 +517,7 @@ sudo_file_display_priv_long(struct passwd *pw, struct userspec *us,
int
sudo_file_display_privs(struct sudo_nss *nss, struct passwd *pw,
struct lbuf *lbuf)
struct sudo_lbuf *lbuf)
{
struct userspec *us;
int nfound = 0;
@ -543,7 +544,7 @@ done:
*/
int
sudo_file_display_defaults(struct sudo_nss *nss, struct passwd *pw,
struct lbuf *lbuf)
struct sudo_lbuf *lbuf)
{
struct defaults *d;
char *prefix;
@ -573,16 +574,16 @@ sudo_file_display_defaults(struct sudo_nss *nss, struct passwd *pw,
continue;
}
if (d->val != NULL) {
lbuf_append(lbuf, "%s%s%s", prefix, d->var,
sudo_lbuf_append(lbuf, "%s%s%s", prefix, d->var,
d->op == '+' ? "+=" : d->op == '-' ? "-=" : "=");
if (strpbrk(d->val, " \t") != NULL) {
lbuf_append(lbuf, "\"");
lbuf_append_quoted(lbuf, "\"", "%s", d->val);
lbuf_append(lbuf, "\"");
sudo_lbuf_append(lbuf, "\"");
sudo_lbuf_append_quoted(lbuf, "\"", "%s", d->val);
sudo_lbuf_append(lbuf, "\"");
} else
lbuf_append_quoted(lbuf, SUDOERS_QUOTED, "%s", d->val);
sudo_lbuf_append_quoted(lbuf, SUDOERS_QUOTED, "%s", d->val);
} else
lbuf_append(lbuf, "%s%s%s", prefix,
sudo_lbuf_append(lbuf, "%s%s%s", prefix,
d->op == false ? "!" : "", d->var);
prefix = ", ";
nfound++;
@ -596,7 +597,7 @@ done:
*/
int
sudo_file_display_bound_defaults(struct sudo_nss *nss, struct passwd *pw,
struct lbuf *lbuf)
struct sudo_lbuf *lbuf)
{
int nfound = 0;
debug_decl(sudo_file_display_bound_defaults, SUDO_DEBUG_NSS)
@ -612,7 +613,7 @@ sudo_file_display_bound_defaults(struct sudo_nss *nss, struct passwd *pw,
* Display Defaults entries of the given type.
*/
static int
display_bound_defaults(int dtype, struct lbuf *lbuf)
display_bound_defaults(int dtype, struct sudo_lbuf *lbuf)
{
struct defaults *d;
struct member_list *binding = NULL;
@ -649,21 +650,21 @@ display_bound_defaults(int dtype, struct lbuf *lbuf)
if (binding != d->binding) {
binding = d->binding;
if (nfound != 1)
lbuf_append(lbuf, "\n");
lbuf_append(lbuf, " Defaults%s", dsep);
sudo_lbuf_append(lbuf, "\n");
sudo_lbuf_append(lbuf, " Defaults%s", dsep);
TAILQ_FOREACH(m, binding, entries) {
if (m != TAILQ_FIRST(binding))
lbuf_append(lbuf, ",");
sudo_lbuf_append(lbuf, ",");
print_member(lbuf, m, atype);
lbuf_append(lbuf, " ");
sudo_lbuf_append(lbuf, " ");
}
} else
lbuf_append(lbuf, ", ");
sudo_lbuf_append(lbuf, ", ");
if (d->val != NULL) {
lbuf_append(lbuf, "%s%s%s", d->var, d->op == '+' ? "+=" :
sudo_lbuf_append(lbuf, "%s%s%s", d->var, d->op == '+' ? "+=" :
d->op == '-' ? "-=" : "=", d->val);
} else
lbuf_append(lbuf, "%s%s", d->op == false ? "!" : "", d->var);
sudo_lbuf_append(lbuf, "%s%s", d->op == false ? "!" : "", d->var);
}
debug_return_int(nfound);
@ -720,7 +721,7 @@ done:
* Print the contents of a struct member to stdout
*/
static void
_print_member(struct lbuf *lbuf, char *name, int type, int negated,
_print_member(struct sudo_lbuf *lbuf, char *name, int type, int negated,
const char *separator, int alias_type)
{
struct alias *a;
@ -730,26 +731,26 @@ _print_member(struct lbuf *lbuf, char *name, int type, int negated,
switch (type) {
case ALL:
lbuf_append(lbuf, "%sALL", negated ? "!" : "");
sudo_lbuf_append(lbuf, "%sALL", negated ? "!" : "");
break;
case MYSELF:
lbuf_append(lbuf, "%s%s", negated ? "!" : "", user_name);
sudo_lbuf_append(lbuf, "%s%s", negated ? "!" : "", user_name);
break;
case COMMAND:
c = (struct sudo_command *) name;
if (negated)
lbuf_append(lbuf, "!");
lbuf_append_quoted(lbuf, SUDOERS_QUOTED, "%s", c->cmnd);
sudo_lbuf_append(lbuf, "!");
sudo_lbuf_append_quoted(lbuf, SUDOERS_QUOTED, "%s", c->cmnd);
if (c->args) {
lbuf_append(lbuf, " ");
lbuf_append_quoted(lbuf, SUDOERS_QUOTED, "%s", c->args);
sudo_lbuf_append(lbuf, " ");
sudo_lbuf_append_quoted(lbuf, SUDOERS_QUOTED, "%s", c->args);
}
break;
case ALIAS:
if ((a = alias_get(name, alias_type)) != NULL) {
TAILQ_FOREACH(m, &a->members, entries) {
if (m != TAILQ_FIRST(&a->members))
lbuf_append(lbuf, "%s", separator);
sudo_lbuf_append(lbuf, "%s", separator);
_print_member(lbuf, m->name, m->type,
negated ? !m->negated : m->negated, separator,
alias_type);
@ -759,20 +760,20 @@ _print_member(struct lbuf *lbuf, char *name, int type, int negated,
}
/* FALLTHROUGH */
default:
lbuf_append(lbuf, "%s%s", negated ? "!" : "", name);
sudo_lbuf_append(lbuf, "%s%s", negated ? "!" : "", name);
break;
}
debug_return;
}
static void
print_member(struct lbuf *lbuf, struct member *m, int alias_type)
print_member(struct sudo_lbuf *lbuf, struct member *m, int alias_type)
{
_print_member(lbuf, m->name, m->type, m->negated, ", ", alias_type);
}
static void
print_member2(struct lbuf *lbuf, struct member *m, const char *separator,
print_member2(struct sudo_lbuf *lbuf, struct member *m, const char *separator,
int alias_type)
{
_print_member(lbuf, m->name, m->type, m->negated, separator, alias_type);

70
plugins/sudoers/sssd.c
View File

@ -52,7 +52,7 @@
#include "sudoers.h"
#include "parse.h"
#include "lbuf.h"
#include "sudo_lbuf.h"
#include "sudo_dso.h"
#include "sudo_debug.h"
@ -108,13 +108,13 @@ static int sudo_sss_setdefs(struct sudo_nss *nss);
static int sudo_sss_lookup(struct sudo_nss *nss, int ret, int pwflag);
static int sudo_sss_display_cmnd(struct sudo_nss *nss, struct passwd *pw);
static int sudo_sss_display_defaults(struct sudo_nss *nss, struct passwd *pw,
struct lbuf *lbuf);
struct sudo_lbuf *lbuf);
static int sudo_sss_display_bound_defaults(struct sudo_nss *nss,
struct passwd *pw, struct lbuf *lbuf);
struct passwd *pw, struct sudo_lbuf *lbuf);
static int sudo_sss_display_privs(struct sudo_nss *nss, struct passwd *pw,
struct lbuf *lbuf);
struct sudo_lbuf *sudo_lbuf);
static struct sss_sudo_result *sudo_sss_result_get(struct sudo_nss *nss,
@ -1144,7 +1144,7 @@ done:
static int
sudo_sss_display_defaults(struct sudo_nss *nss, struct passwd *pw,
struct lbuf *lbuf)
struct sudo_lbuf *lbuf)
{
struct sudo_sss_handle *handle = nss->handle;
struct sss_sudo_rule *rule;
@ -1196,7 +1196,7 @@ sudo_sss_display_defaults(struct sudo_nss *nss, struct passwd *pw,
for (j = 0; val_array[j] != NULL; ++j) {
val = val_array[j];
lbuf_append(lbuf, "%s%s", prefix, val);
sudo_lbuf_append(lbuf, "%s%s", prefix, val);
prefix = ", ";
count++;
}
@ -1213,7 +1213,7 @@ done:
// ok
static int
sudo_sss_display_bound_defaults(struct sudo_nss *nss,
struct passwd *pw, struct lbuf *lbuf)
struct passwd *pw, struct sudo_lbuf *lbuf)
{
debug_decl(sudo_sss_display_bound_defaults, SUDO_DEBUG_SSSD);
debug_return_int(0);
@ -1221,30 +1221,30 @@ sudo_sss_display_bound_defaults(struct sudo_nss *nss,
static int
sudo_sss_display_entry_long(struct sudo_sss_handle *handle,
struct sss_sudo_rule *rule, struct lbuf *lbuf)
struct sss_sudo_rule *rule, struct sudo_lbuf *lbuf)
{
char **val_array = NULL;
int count = 0, i;
debug_decl(sudo_sss_display_entry_long, SUDO_DEBUG_SSSD);
/* get the RunAsUser Values from the entry */
lbuf_append(lbuf, " RunAsUsers: ");
sudo_lbuf_append(lbuf, " RunAsUsers: ");
switch (handle->fn_get_values(rule, "sudoRunAsUser", &val_array)) {
case 0:
for (i = 0; val_array[i] != NULL; ++i)
lbuf_append(lbuf, "%s%s", i != 0 ? ", " : "", val_array[i]);
sudo_lbuf_append(lbuf, "%s%s", i != 0 ? ", " : "", val_array[i]);
handle->fn_free_values(val_array);
break;
case ENOENT:
switch (handle->fn_get_values(rule, "sudoRunAs", &val_array)) {
case 0:
for (i = 0; val_array[i] != NULL; ++i)
lbuf_append(lbuf, "%s%s", i != 0 ? ", " : "", val_array[i]);
sudo_lbuf_append(lbuf, "%s%s", i != 0 ? ", " : "", val_array[i]);
handle->fn_free_values(val_array);
break;
case ENOENT:
sudo_debug_printf(SUDO_DEBUG_INFO, "No result.");
lbuf_append(lbuf, "%s", def_runas_default);
sudo_lbuf_append(lbuf, "%s", def_runas_default);
break;
default:
sudo_debug_printf(SUDO_DEBUG_INFO, "handle->fn_get_values(sudoRunAs): != 0");
@ -1255,16 +1255,16 @@ sudo_sss_display_entry_long(struct sudo_sss_handle *handle,
sudo_debug_printf(SUDO_DEBUG_INFO, "handle->fn_get_values(sudoRunAsUser): != 0");
debug_return_int(count);
}
lbuf_append(lbuf, "\n");
sudo_lbuf_append(lbuf, "\n");
/* get the RunAsGroup Values from the entry */
switch (handle->fn_get_values(rule, "sudoRunAsGroup", &val_array)) {
case 0:
lbuf_append(lbuf, " RunAsGroups: ");
sudo_lbuf_append(lbuf, " RunAsGroups: ");
for (i = 0; val_array[i] != NULL; ++i)
lbuf_append(lbuf, "%s%s", i != 0 ? ", " : "", val_array[i]);
sudo_lbuf_append(lbuf, "%s%s", i != 0 ? ", " : "", val_array[i]);
handle->fn_free_values(val_array);
lbuf_append(lbuf, "\n");
sudo_lbuf_append(lbuf, "\n");
break;
case ENOENT:
sudo_debug_printf(SUDO_DEBUG_INFO, "No result.");
@ -1278,11 +1278,11 @@ sudo_sss_display_entry_long(struct sudo_sss_handle *handle,
/* get the Option Values from the entry */
switch (handle->fn_get_values(rule, "sudoOption", &val_array)) {
case 0:
lbuf_append(lbuf, " Options: ");
sudo_lbuf_append(lbuf, " Options: ");
for (i = 0; val_array[i] != NULL; ++i)
lbuf_append(lbuf, "%s%s", i != 0 ? ", " : "", val_array[i]);
sudo_lbuf_append(lbuf, "%s%s", i != 0 ? ", " : "", val_array[i]);
handle->fn_free_values(val_array);
lbuf_append(lbuf, "\n");
sudo_lbuf_append(lbuf, "\n");
break;
case ENOENT:
sudo_debug_printf(SUDO_DEBUG_INFO, "No result.");
@ -1295,9 +1295,9 @@ sudo_sss_display_entry_long(struct sudo_sss_handle *handle,
/* Get the command values from the entry. */
switch (handle->fn_get_values(rule, "sudoCommand", &val_array)) {
case 0:
lbuf_append(lbuf, _(" Commands:\n"));
sudo_lbuf_append(lbuf, _(" Commands:\n"));
for (i = 0; val_array[i] != NULL; ++i) {
lbuf_append(lbuf, "\t%s\n", val_array[i]);
sudo_lbuf_append(lbuf, "\t%s\n", val_array[i]);
count++;
}
handle->fn_free_values(val_array);
@ -1316,19 +1316,19 @@ sudo_sss_display_entry_long(struct sudo_sss_handle *handle,
static int
sudo_sss_display_entry_short(struct sudo_sss_handle *handle,
struct sss_sudo_rule *rule, struct lbuf *lbuf)
struct sss_sudo_rule *rule, struct sudo_lbuf *lbuf)
{
char **val_array = NULL;
int count = 0, i;
debug_decl(sudo_sss_display_entry_short, SUDO_DEBUG_SSSD);
lbuf_append(lbuf, " (");
sudo_lbuf_append(lbuf, " (");
/* get the RunAsUser Values from the entry */
switch (handle->fn_get_values(rule, "sudoRunAsUser", &val_array)) {
case 0:
for (i = 0; val_array[i] != NULL; ++i)
lbuf_append(lbuf, "%s%s", i != 0 ? ", " : "", val_array[i]);
sudo_lbuf_append(lbuf, "%s%s", i != 0 ? ", " : "", val_array[i]);
handle->fn_free_values(val_array);
break;
case ENOENT:
@ -1337,12 +1337,12 @@ sudo_sss_display_entry_short(struct sudo_sss_handle *handle,
switch (handle->fn_get_values(rule, "sudoRunAs", &val_array)) {
case 0:
for (i = 0; val_array[i] != NULL; ++i)
lbuf_append(lbuf, "%s%s", i != 0 ? ", " : "", val_array[i]);
sudo_lbuf_append(lbuf, "%s%s", i != 0 ? ", " : "", val_array[i]);
handle->fn_free_values(val_array);
break;
case ENOENT:
sudo_debug_printf(SUDO_DEBUG_INFO, "No result.");
lbuf_append(lbuf, "%s", def_runas_default);
sudo_lbuf_append(lbuf, "%s", def_runas_default);
break;
default:
sudo_debug_printf(SUDO_DEBUG_INFO,
@ -1359,9 +1359,9 @@ sudo_sss_display_entry_short(struct sudo_sss_handle *handle,
/* get the RunAsGroup Values from the entry */
switch (handle->fn_get_values(rule, "sudoRunAsGroup", &val_array)) {
case 0:
lbuf_append(lbuf, " : ");
sudo_lbuf_append(lbuf, " : ");
for (i = 0; val_array[i] != NULL; ++i)
lbuf_append(lbuf, "%s%s", i != 0 ? ", " : "", val_array[i]);
sudo_lbuf_append(lbuf, "%s%s", i != 0 ? ", " : "", val_array[i]);
handle->fn_free_values(val_array);
break;
case ENOENT:
@ -1372,7 +1372,7 @@ sudo_sss_display_entry_short(struct sudo_sss_handle *handle,
debug_return_int(count);
}
lbuf_append(lbuf, ") ");
sudo_lbuf_append(lbuf, ") ");
/* get the Option Values from the entry */
switch (handle->fn_get_values(rule, "sudoOption", &val_array)) {
@ -1382,13 +1382,13 @@ sudo_sss_display_entry_short(struct sudo_sss_handle *handle,
if (*cp == '!')
cp++;
if (strcmp(cp, "authenticate") == 0)
lbuf_append(lbuf, val_array[i][0] == '!' ?
sudo_lbuf_append(lbuf, val_array[i][0] == '!' ?
"NOPASSWD: " : "PASSWD: ");
else if (strcmp(cp, "noexec") == 0)
lbuf_append(lbuf, val_array[i][0] == '!' ?
sudo_lbuf_append(lbuf, val_array[i][0] == '!' ?
"EXEC: " : "NOEXEC: ");
else if (strcmp(cp, "setenv") == 0)
lbuf_append(lbuf, val_array[i][0] == '!' ?
sudo_lbuf_append(lbuf, val_array[i][0] == '!' ?
"NOSETENV: " : "SETENV: ");
}
handle->fn_free_values(val_array);
@ -1406,7 +1406,7 @@ sudo_sss_display_entry_short(struct sudo_sss_handle *handle,
switch (handle->fn_get_values(rule, "sudoCommand", &val_array)) {
case 0:
for (i = 0; val_array[i] != NULL; ++i) {
lbuf_append(lbuf, "%s%s", i != 0 ? ", " : "", val_array[i]);
sudo_lbuf_append(lbuf, "%s%s", i != 0 ? ", " : "", val_array[i]);
count++;
}
handle->fn_free_values(val_array);
@ -1419,14 +1419,14 @@ sudo_sss_display_entry_short(struct sudo_sss_handle *handle,
"handle->fn_get_values(sudoCommand): != 0");
debug_return_int(count);
}
lbuf_append(lbuf, "\n");
sudo_lbuf_append(lbuf, "\n");
debug_return_int(count);
}
static int
sudo_sss_display_privs(struct sudo_nss *nss, struct passwd *pw,
struct lbuf *lbuf)
struct sudo_lbuf *lbuf)
{
struct sudo_sss_handle *handle = nss->handle;

28
plugins/sudoers/sudo_nss.c
View File

@ -42,7 +42,7 @@
#include <ctype.h>
#include "sudoers.h"
#include "lbuf.h"
#include "sudo_lbuf.h"
extern struct sudo_nss sudo_nss_file;
#ifdef HAVE_LDAP
@ -270,7 +270,7 @@ void
display_privs(struct sudo_nss_list *snl, struct passwd *pw)
{
struct sudo_nss *nss;
struct lbuf defs, privs;
struct sudo_lbuf defs, privs;
struct stat sb;
int cols, count, olen;
debug_decl(display_privs, SUDO_DEBUG_NSS)
@ -278,36 +278,36 @@ display_privs(struct sudo_nss_list *snl, struct passwd *pw)
cols = sudo_user.cols;
if (fstat(STDOUT_FILENO, &sb) == 0 && S_ISFIFO(sb.st_mode))
cols = 0;
lbuf_init(&defs, output, 4, NULL, cols);
lbuf_init(&privs, output, 8, NULL, cols);
sudo_lbuf_init(&defs, output, 4, NULL, cols);
sudo_lbuf_init(&privs, output, 8, NULL, cols);
/* Display defaults from all sources. */
lbuf_append(&defs, _("Matching Defaults entries for %s on %s:\n"),
sudo_lbuf_append(&defs, _("Matching Defaults entries for %s on %s:\n"),
pw->pw_name, user_srunhost);
count = 0;
TAILQ_FOREACH(nss, snl, entries) {
count += nss->display_defaults(nss, pw, &defs);
}
if (count)
lbuf_append(&defs, "\n\n");
sudo_lbuf_append(&defs, "\n\n");
else
defs.len = 0;
/* Display Runas and Cmnd-specific defaults from all sources. */
olen = defs.len;
lbuf_append(&defs, _("Runas and Command-specific defaults for %s:\n"),
sudo_lbuf_append(&defs, _("Runas and Command-specific defaults for %s:\n"),
pw->pw_name);
count = 0;
TAILQ_FOREACH(nss, snl, entries) {
count += nss->display_bound_defaults(nss, pw, &defs);
}
if (count)
lbuf_append(&defs, "\n\n");
sudo_lbuf_append(&defs, "\n\n");
else
defs.len = olen;
/* Display privileges from all sources. */
lbuf_append(&privs,
sudo_lbuf_append(&privs,
_("User %s may run the following commands on %s:\n"),
pw->pw_name, user_srunhost);
count = 0;
@ -317,14 +317,14 @@ display_privs(struct sudo_nss_list *snl, struct passwd *pw)
if (count == 0) {
defs.len = 0;
privs.len = 0;
lbuf_append(&privs, _("User %s is not allowed to run sudo on %s.\n"),
sudo_lbuf_append(&privs, _("User %s is not allowed to run sudo on %s.\n"),
pw->pw_name, user_shost);
}
lbuf_print(&defs);
lbuf_print(&privs);
sudo_lbuf_print(&defs);
sudo_lbuf_print(&privs);
lbuf_destroy(&defs);
lbuf_destroy(&privs);
sudo_lbuf_destroy(&defs);
sudo_lbuf_destroy(&privs);
debug_return;
}

8
plugins/sudoers/sudo_nss.h
View File

@ -17,7 +17,7 @@
#ifndef _SUDOERS_NSS_H
#define _SUDOERS_NSS_H
struct lbuf;
struct sudo_lbuf;
struct passwd;
struct sudo_nss {
@ -28,9 +28,9 @@ struct sudo_nss {
int (*setdefs)(struct sudo_nss *nss);
int (*lookup)(struct sudo_nss *nss, int, int);
int (*display_cmnd)(struct sudo_nss *nss, struct passwd *);
int (*display_defaults)(struct sudo_nss *nss, struct passwd *, struct lbuf *);
int (*display_bound_defaults)(struct sudo_nss *nss, struct passwd *, struct lbuf *);
int (*display_privs)(struct sudo_nss *nss, struct passwd *, struct lbuf *);
int (*display_defaults)(struct sudo_nss *nss, struct passwd *, struct sudo_lbuf *);
int (*display_bound_defaults)(struct sudo_nss *nss, struct passwd *, struct sudo_lbuf *);
int (*display_privs)(struct sudo_nss *nss, struct passwd *, struct sudo_lbuf *);
void *handle;
short ret_if_found;
short ret_if_notfound;

8
plugins/sudoers/sudoers.h
View File

@ -214,7 +214,7 @@ struct sudo_user {
#endif
#define ROOT_GID 0
struct lbuf;
struct sudo_lbuf;
struct passwd;
struct stat;
struct timeval;
@ -256,9 +256,9 @@ int sudo_file_setdefs(struct sudo_nss *);
int sudo_file_lookup(struct sudo_nss *, int, int);
int sudo_file_parse(struct sudo_nss *);
int sudo_file_display_cmnd(struct sudo_nss *, struct passwd *);
int sudo_file_display_defaults(struct sudo_nss *, struct passwd *, struct lbuf *);
int sudo_file_display_bound_defaults(struct sudo_nss *, struct passwd *, struct lbuf *);
int sudo_file_display_privs(struct sudo_nss *, struct passwd *, struct lbuf *);
int sudo_file_display_defaults(struct sudo_nss *, struct passwd *, struct sudo_lbuf *);
int sudo_file_display_bound_defaults(struct sudo_nss *, struct passwd *, struct sudo_lbuf *);
int sudo_file_display_privs(struct sudo_nss *, struct passwd *, struct sudo_lbuf *);
/* set_perms.c */
bool rewind_perms(void);

8
plugins/sudoers/toke.c
View File

@ -2003,7 +2003,7 @@ char *yytext;
#include "parse.h"
#include "toke.h"
#include <gram.h>
#include "lbuf.h"
#include "sudo_lbuf.h"
#include "secure_path.h"
#ifdef HAVE_SHA224UPDATE
@ -4380,14 +4380,14 @@ int
sudoers_trace_print(const char *msg)
{
static bool initialized;
static struct lbuf lbuf;
static struct sudo_lbuf lbuf;
if (!initialized) {
initialized = true;
lbuf_init(&lbuf, NULL, 0, NULL, 0);
sudo_lbuf_init(&lbuf, NULL, 0, NULL, 0);
}
lbuf_append(&lbuf, "%s", msg);
sudo_lbuf_append(&lbuf, "%s", msg);
/* XXX - assumes a final newline */
if (strchr(msg, '\n') != NULL)
{

8
plugins/sudoers/toke.l
View File

@ -75,7 +75,7 @@
#include "parse.h"
#include "toke.h"
#include <gram.h>
#include "lbuf.h"
#include "sudo_lbuf.h"
#include "secure_path.h"
#ifdef HAVE_SHA224UPDATE
@ -1121,14 +1121,14 @@ int
sudoers_trace_print(const char *msg)
{
static bool initialized;
static struct lbuf lbuf;
static struct sudo_lbuf lbuf;
if (!initialized) {
initialized = true;
lbuf_init(&lbuf, NULL, 0, NULL, 0);
sudo_lbuf_init(&lbuf, NULL, 0, NULL, 0);
}
lbuf_append(&lbuf, "%s", msg);
sudo_lbuf_append(&lbuf, "%s", msg);
/* XXX - assumes a final newline */
if (strchr(msg, '\n') != NULL)
{

4
src/Makefile.in
View File

@ -292,8 +292,8 @@ openbsd.o: $(srcdir)/openbsd.c $(incdir)/alloc.h $(incdir)/compat/stdbool.h \
parse_args.o: $(srcdir)/parse_args.c $(incdir)/alloc.h \
$(incdir)/compat/getopt.h $(incdir)/compat/stdbool.h \
$(incdir)/fatal.h $(incdir)/fileops.h $(incdir)/gettext.h \
$(incdir)/lbuf.h $(incdir)/missing.h $(incdir)/queue.h \
$(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
$(incdir)/missing.h $(incdir)/queue.h $(incdir)/sudo_conf.h \
$(incdir)/sudo_debug.h $(incdir)/sudo_lbuf.h \
$(incdir)/sudo_util.h $(srcdir)/sudo.h $(top_builddir)/config.h \
$(top_builddir)/pathnames.h ./sudo_usage.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/parse_args.c

82
src/parse_args.c
View File

@ -46,7 +46,7 @@
#include <sudo_usage.h>
#include "sudo.h"
#include "lbuf.h"
#include "sudo_lbuf.h"
#ifdef HAVE_GETOPT_LONG
# include <getopt.h>
@ -547,7 +547,7 @@ usage_out(const char *buf)
void
usage(int fatal)
{
struct lbuf lbuf;
struct sudo_lbuf lbuf;
char *uvec[6];
int i, ulen;
@ -571,13 +571,13 @@ usage(int fatal)
* tty width.
*/
ulen = (int)strlen(getprogname()) + 8;
lbuf_init(&lbuf, fatal ? usage_err : usage_out, ulen, NULL,
sudo_lbuf_init(&lbuf, fatal ? usage_err : usage_out, ulen, NULL,
user_details.ts_cols);
for (i = 0; uvec[i] != NULL; i++) {
lbuf_append(&lbuf, "usage: %s%s", getprogname(), uvec[i]);
lbuf_print(&lbuf);
sudo_lbuf_append(&lbuf, "usage: %s%s", getprogname(), uvec[i]);
sudo_lbuf_print(&lbuf);
}
lbuf_destroy(&lbuf);
sudo_lbuf_destroy(&lbuf);
if (fatal)
exit(1);
}
@ -597,85 +597,85 @@ usage_excl(int fatal)
static void
help(void)
{
struct lbuf lbuf;
struct sudo_lbuf lbuf;
const int indent = 30;
const char *pname = getprogname();
debug_decl(help, SUDO_DEBUG_ARGS)
lbuf_init(&lbuf, usage_out, indent, NULL, user_details.ts_cols);
sudo_lbuf_init(&lbuf, usage_out, indent, NULL, user_details.ts_cols);
if (strcmp(pname, "sudoedit") == 0)
lbuf_append(&lbuf, _("%s - edit files as another user\n\n"), pname);
sudo_lbuf_append(&lbuf, _("%s - edit files as another user\n\n"), pname);
else
lbuf_append(&lbuf, _("%s - execute a command as another user\n\n"), pname);
lbuf_print(&lbuf);
sudo_lbuf_append(&lbuf, _("%s - execute a command as another user\n\n"), pname);
sudo_lbuf_print(&lbuf);
usage(0);
lbuf_append(&lbuf, _("\nOptions:\n"));
lbuf_append(&lbuf, " -A, --askpass %s\n",
sudo_lbuf_append(&lbuf, _("\nOptions:\n"));
sudo_lbuf_append(&lbuf, " -A, --askpass %s\n",
_("use a helper program for password prompting"));
#ifdef HAVE_BSD_AUTH_H
lbuf_append(&lbuf, " -a, --auth-type=type %s\n",
sudo_lbuf_append(&lbuf, " -a, --auth-type=type %s\n",
_("use specified BSD authentication type"));
#endif
lbuf_append(&lbuf, " -b, --background %s\n",
sudo_lbuf_append(&lbuf, " -b, --background %s\n",
_("run command in the background"));
lbuf_append(&lbuf, " -C, --close-from=num %s\n",
sudo_lbuf_append(&lbuf, " -C, --close-from=num %s\n",
_("close all file descriptors >= num"));
#ifdef HAVE_LOGIN_CAP_H
lbuf_append(&lbuf, " -c, --login-class=class %s\n",
sudo_lbuf_append(&lbuf, " -c, --login-class=class %s\n",
_("run command with the specified BSD login class"));
#endif
lbuf_append(&lbuf, " -E, --preserve-env %s\n",
sudo_lbuf_append(&lbuf, " -E, --preserve-env %s\n",
_("preserve user environment when running command"));
lbuf_append(&lbuf, " -e, --edit %s\n",
sudo_lbuf_append(&lbuf, " -e, --edit %s\n",
_("edit files instead of running a command"));
lbuf_append(&lbuf, " -g, --group=group %s\n",
sudo_lbuf_append(&lbuf, " -g, --group=group %s\n",
_("run command as the specified group name or ID"));
lbuf_append(&lbuf, " -H, --set-home %s\n",
sudo_lbuf_append(&lbuf, " -H, --set-home %s\n",
_("set HOME variable to target user's home dir"));
lbuf_append(&lbuf, " -h, --help %s\n",
sudo_lbuf_append(&lbuf, " -h, --help %s\n",
_("display help message and exit"));
lbuf_append(&lbuf, " -h, --host=host %s\n",
sudo_lbuf_append(&lbuf, " -h, --host=host %s\n",
_("run command on host (if supported by plugin)"));
lbuf_append(&lbuf, " -i, --login %s\n",
sudo_lbuf_append(&lbuf, " -i, --login %s\n",
_("run login shell as the target user; a command may also be specified"));
lbuf_append(&lbuf, " -K, --remove-timestamp %s\n",
sudo_lbuf_append(&lbuf, " -K, --remove-timestamp %s\n",
_("remove timestamp file completely"));
lbuf_append(&lbuf, " -k, --reset-timestamp %s\n",
sudo_lbuf_append(&lbuf, " -k, --reset-timestamp %s\n",
_("invalidate timestamp file"));
lbuf_append(&lbuf, " -l, --list %s\n",
sudo_lbuf_append(&lbuf, " -l, --list %s\n",
_("list user's privileges or check a specific command; use twice for longer format"));
lbuf_append(&lbuf, " -n, --non-interactive %s\n",
sudo_lbuf_append(&lbuf, " -n, --non-interactive %s\n",
_("non-interactive mode, no prompts are used"));
lbuf_append(&lbuf, " -P, --preserve-groups %s\n",
sudo_lbuf_append(&lbuf, " -P, --preserve-groups %s\n",
_("preserve group vector instead of setting to target's"));
lbuf_append(&lbuf, " -p, --prompt=prompt %s\n",
sudo_lbuf_append(&lbuf, " -p, --prompt=prompt %s\n",
_("use the specified password prompt"));
#ifdef HAVE_SELINUX
lbuf_append(&lbuf, " -r, --role=role %s\n",
sudo_lbuf_append(&lbuf, " -r, --role=role %s\n",
_("create SELinux security context with specified role"));
#endif
lbuf_append(&lbuf, " -S, --stdin %s\n",
sudo_lbuf_append(&lbuf, " -S, --stdin %s\n",
_("read password from standard input"));
lbuf_append(&lbuf, " -s, --shell %s\n",
sudo_lbuf_append(&lbuf, " -s, --shell %s\n",
_("run shell as the target user; a command may also be specified"));
#ifdef HAVE_SELINUX
lbuf_append(&lbuf, " -t, --type=type %s\n",
sudo_lbuf_append(&lbuf, " -t, --type=type %s\n",
_("create SELinux security context with specified type"));
#endif
lbuf_append(&lbuf, " -U, --other-user=user %s\n",
sudo_lbuf_append(&lbuf, " -U, --other-user=user %s\n",
_("in list mode, display privileges for user"));
lbuf_append(&lbuf, " -u, --user=user %s\n",
sudo_lbuf_append(&lbuf, " -u, --user=user %s\n",
_("run command (or edit file) as specified user name or ID"));
lbuf_append(&lbuf, " -V, --version %s\n",
sudo_lbuf_append(&lbuf, " -V, --version %s\n",
_("display version information and exit"));
lbuf_append(&lbuf, " -v, --validate %s\n",
sudo_lbuf_append(&lbuf, " -v, --validate %s\n",
_("update user's timestamp without running a command"));
lbuf_append(&lbuf, " -- %s\n",
sudo_lbuf_append(&lbuf, " -- %s\n",
_("stop processing command line arguments"));
lbuf_print(&lbuf);
lbuf_destroy(&lbuf);
sudo_lbuf_print(&lbuf);
sudo_lbuf_destroy(&lbuf);
sudo_debug_exit_int(__func__, __FILE__, __LINE__, sudo_debug_subsys, 0);
exit(0);
}