mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-31 14:25:15 +00:00
Code Issues Releases Wiki Activity
4,152 Commits 6 Branches 326 Tags
229a79b6b887b16b8ef443c42508ba71c921c36d
Commit Graph

4152 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
229a79b6b8 update to libtool-1.5.26 2008-03-06 19:43:25 +00:00
Todd C. Miller
af25553572 update from libtool-1.5.26 distribution 2008-03-06 19:32:46 +00:00
Todd C. Miller
59c1ac153c attempt to fix compilation errors on AIX 2008-03-06 18:18:17 +00:00
Todd C. Miller
d2a05f214b fix typo in last commit 2008-03-06 18:08:13 +00:00
Todd C. Miller
094c79a203 Add WHATSNEW file to the distribution 2008-03-06 18:07:31 +00:00
Todd C. Miller
4590132478 use warningx instead of fprintf(stderr, ...) 2008-03-06 17:43:30 +00:00
Todd C. Miller
3fbd32170a add DEBUG to list2tq 2008-03-06 17:31:57 +00:00
Todd C. Miller
e87d5f8450 sync 2008-03-06 17:29:18 +00:00
Todd C. Miller
06053753da mention mailfrom 2008-03-06 17:21:17 +00:00
Todd C. Miller
897239afe9 Add aix_setlimits() to set resource limits on AIX using a combination 
of getuserattr() and setrlimit().  Currently untested.
 2008-03-06 17:19:57 +00:00
Todd C. Miller
0f9e7f96f4 Add mailfrom Defaults option that sets the value of the From: 
field in the warning/error mail.  If unset the login name of
the invoking user is used.
 2008-03-05 21:52:19 +00:00
Todd C. Miller
2314fd903b store a copy of _PATH_SUDO_ASKPASS in def_askpass that is freeable 2008-03-05 21:18:06 +00:00
Todd C. Miller
cb1a3be9d9 When adding a default, only call list2tq() once to do the list to 
tq conversion.  It is not legal to call list2tq multiple times on
the same list since list2tq consumes and modifies the list argument.
 2008-03-05 20:19:50 +00:00
Todd C. Miller
c880b55b8c comment out XXXs for now 2008-03-05 14:38:08 +00:00
Todd C. Miller
9c1b476df1 mention askpass 2008-03-05 14:36:27 +00:00
Todd C. Miller
0c6a760fc2 Error out if both -A and -S are specified 
Error out if -A is specified but no askpass is configured
 2008-03-04 22:20:28 +00:00
Todd C. Miller
64d226e1d7 we are not going to ship a sudo-specific askpass 2008-03-04 22:16:49 +00:00
Todd C. Miller
5d86a9d6fe fix definition of TGP_ASKPASS 2008-03-03 19:30:50 +00:00
Todd C. Miller
cbf038c61c make askpass boolean-capable 2008-03-03 18:54:34 +00:00
Todd C. Miller
9a6917851c document --with-askpass 2008-03-03 18:53:45 +00:00
Todd C. Miller
c0773d037a regen 2008-03-03 00:27:07 +00:00
Todd C. Miller
143691e6d7 document -A and askpass 2008-03-02 22:31:08 +00:00
Todd C. Miller
ee04914164 Add support for running a helper program to read the password when 
no tty is present (or when specified with the -A flag).  TODO: docs.
 2008-03-02 14:31:57 +00:00
Todd C. Miller
5b248a0765 add missing printf format to SELinux role and type strings 2008-03-02 13:38:46 +00:00
Todd C. Miller
f20935284b Disable use of gss_krb5_ccache_name() by default and add 
--enable-gss-krb5-ccache-name configure option to enable it.  It
seems that gss_krb5_ccache_name() doesn't work properly with some
combinations of Heimdal and OpenLDAP.
 2008-02-27 14:26:28 +00:00
Todd C. Miller
9c3a47892b Ignore setexeccon() failing in permissive mode. Also add a 
call to setkeycreatecon() (though this is probably insufficient).
From Dan Walsh.
 2008-02-22 20:33:00 +00:00
Todd C. Miller
48eee67e55 Only set std_prompt for the PAM_PROMPT_* cases. The conversation function 
may be called for non-password reading purposes so we must be careful
not to use def_prompt in cases where it may not be set.
 2008-02-22 20:19:34 +00:00
Todd C. Miller
1a347284ea Don't free the new tty context, we need to keep it around when we restore the tty context after the command completes 2008-02-20 17:00:40 +00:00
Todd C. Miller
361280501f s/newrole/sudo/ 2008-02-19 21:04:20 +00:00
Todd C. Miller
c2378eb4d1 Only put login_cap(3) in SEE ALSO section if we have login.conf support 2008-02-19 18:21:41 +00:00
Todd C. Miller
795a303ea1 regen 2008-02-18 16:05:20 +00:00
Todd C. Miller
b072179192 Substitute in comment characters for lines partaining to login.conf, 
BSD auth and SELinux and only enable them if pertinent.
 2008-02-18 15:53:33 +00:00
Todd C. Miller
2b4e67ff8e Substitute in comment characters for lines partaining to login.conf, 
BSD auth and SELinux and only enable them if pertinent.
 2008-02-18 15:53:33 +00:00
Todd C. Miller
ef16f80a32 Substitute in comment characters for lines partaining to login.conf, 
BSD auth and SELinux and only enable them if pertinent.
 2008-02-18 15:53:33 +00:00
Todd C. Miller
a228c72091 Substitute in comment characters for lines partaining to login.conf, 
BSD auth and SELinux and only enable them if pertinent.
 2008-02-18 15:53:33 +00:00
Todd C. Miller
cf6bca4b07 Substitute in comment characters for lines partaining to login.conf, 
BSD auth and SELinux and only enable them if pertinent.
 2008-02-18 15:53:33 +00:00
Todd C. Miller
7a1e2dfb59 Remove the =cut on the first line (above the copyright notice) to quiet 
pod2man.  Also remove the hackery in the FILES section and just deal
with the fact that there will a newline between each pathname.
 2008-02-18 15:42:43 +00:00
Todd C. Miller
07daaa3903 run sudo.man.pl when generating sudo.man.in 2008-02-17 13:19:49 +00:00
Todd C. Miller
279ee07ee0 comment out SELinux manual bits unless --with-selinux was specified 2008-02-17 13:11:38 +00:00
Todd C. Miller
229b231461 document role and type defaults for SELinux 2008-02-17 13:04:45 +00:00
Todd C. Miller
211be00ccb Document "sudo -ll" and make "sudo -l -l" be equivalent. 2008-02-17 01:26:23 +00:00
Todd C. Miller
506285209d Treat k*bsd*-gnu like Linux, not BSD. 
Fixes compilation problems on Debian GNU/kFreeBSD.
 2008-02-15 20:23:54 +00:00
Todd C. Miller
dd2c345be9 Avoid Heimdal'isms introduced in the rev 1.32 rewrite of verify_krb_v5_tgt() 2008-02-13 22:17:14 +00:00
Todd C. Miller
04bb8f00fc Remove dependence on VALIDATE_NOT_OK in logging functions. 
Split log_auth() into log_allowed() and log_denial()
Replace mail_auth() with should_mail() and a call to send_mail()
 2008-02-13 12:28:37 +00:00
Todd C. Miller
4f5d9371a3 Add debugging so we can tell if the krb5 ccache is accessible 2008-02-10 23:06:19 +00:00
Todd C. Miller
ebae55854a mention --with-selinux 2008-02-10 22:34:40 +00:00
Todd C. Miller
9635907f29 regen 2008-02-09 14:48:21 +00:00
Todd C. Miller
cc47d67b4f add Sudo tag 2008-02-09 14:43:32 +00:00
Todd C. Miller
4c992e1901 Add support for SELinux RBAC. Sudoers entries may specify a role and type. 
There are also role and type defaults that may be used.  To make sure a
transition occurs, when using RBAC commands are executed via the new sesh
binary.  Based on initial changes from Dan Walsh.
 2008-02-09 14:30:07 +00:00
Todd C. Miller
c7a2ef7a1e Add support for SELinux RBAC. Sudoers entries may specify a role and type. 
There are also role and type defaults that may be used.  To make sure a
transition occurs, when using RBAC commands are executed via the new sesh
binary.  Based on initial changes from Dan Walsh.
 2008-02-09 14:30:06 +00:00