mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-28 12:57:50 +00:00
Code Issues Releases Wiki Activity
9,593 Commits 6 Branches 326 Tags
Commit Graph

48 Commits

Author SHA1 Message Date
Todd C. Miller
bcf8c3dd5e Add some debugging around context setting and tty labeling 
Also be more extact with error return values
 2019-09-27 08:47:41 -06:00
Todd C. Miller
1e1ef61902 Add SPDX-License-Identifier to files. 2019-04-29 07:21:51 -06:00
Todd C. Miller
6c3d20cb41 Convert PVS-Studio comment to ANSI C. 2018-10-26 08:39:09 -06:00
Todd C. Miller
64e5d34c57 Add comments in .c files so PVS-Studio will check them. 2018-10-21 08:46:05 -06:00
Todd C. Miller
48fba3c2cc update my email to Todd.Miller@sudo.ws 2017-12-03 17:53:40 -07:00
Todd C. Miller
777abca382 After opening a tty device, fstat() and error out if it is not 
a character device.
 2017-05-30 10:44:11 -06:00
Todd C. Miller
3f022419ae Be consistent with the naming of the variable used to store the 
function return value.  Previously, some code used "rval", some
used "ret".  This standardizes on "ret" and uses "rc" for temporary
return codes.
 2016-09-08 16:38:08 -06:00
Todd C. Miller
4e6b6fd0fa Use O_NOCTTY when opening a tty. 2016-05-16 11:00:31 -06:00
Todd C. Miller
a2085809fa Fix last commit, now that argc is not reset we need to explicitly 
start the copy from argv[1].  From Daniel Kopecek
 2016-05-13 06:40:59 -06:00
Todd C. Miller
ea5bd18b92 cosmetic change to warning string 2016-05-12 10:35:06 -06:00
Todd C. Miller
d3622b0f2c Repair SELinux support, broken by 397722cdd7ec. 
From Daniel Kopecek.
 2016-05-11 14:02:43 -06:00
Todd C. Miller
2cd22f2906 In relabel_tty() always jump to bad: on error, regardless of the 
value of se_state.enforcing.  On error, return -1 if enforcing,
else 0.  Coverity CID 104099.
 2016-05-04 13:48:44 -06:00
Todd C. Miller
70cf5674b5 Use string_to_security_class() instead of pulling SECCLASS_CHR_FILE 
from flask.h.  Avoids a warning with new SELinux includes.
 2016-04-22 11:36:08 -06:00
Todd C. Miller
b20977d445 Add support for using fexecve() if supported on commands that are 
checksummed.
 2016-01-04 10:35:18 -07:00
Todd C. Miller
7a57bae1e6 Change noexec flag in selinux_execve() from int to bool. 2015-12-16 15:16:48 -07:00
Todd C. Miller
4a07b472f0 Only include stddef.h where it is needed. 2015-06-20 05:34:35 -06:00
Todd C. Miller
c36415417f Add function name to "unable to allocate memory" warnings. 2015-06-19 14:51:17 -06:00
Todd C. Miller
cb63ca701c Avoid using exiting allocators in the front end. 2015-06-17 17:00:54 -06:00
Todd C. Miller
1298ea9107 Add target for "make splint". A few files need extra guards to avoid 
errors on systems where they would not otherwise be compiled.
No warnings from splint.
 2015-05-21 11:07:13 -06:00
Todd C. Miller
59ab26dbcc Go back to a 2 args debug_decl and just use the "default" instance, 
now renamed "active".
 2015-02-01 08:24:49 -07:00
Todd C. Miller
866cfc4fc3 Add support for multiple Debug lines per program. Callers may 
register arbitrary debug facilities or use built-in defaults.  We
now use separate Debug statements for plugins and programs.
 2014-10-22 13:23:05 -06:00
Todd C. Miller
d5ecc1590d Audit failed user role changes. RedHat bz #665131 2014-07-12 10:04:19 -06:00
Todd C. Miller
36a5767e3e efree -> sudo_efree for consistency 2014-07-10 15:35:04 -06:00
Todd C. Miller
2d61d38c23 Add sudo_ prefix to alloc.c functions and rename alloc.h -> sudo_alloc.h 2014-06-27 10:48:31 -06:00
Todd C. Miller
aecef4aa1d Rename warning/fatal -> sudo_warn/sudo_fatal to avoid namespace 
pollution in libsudo_util.so.
 2014-06-27 09:30:52 -06:00
Todd C. Miller
134b2a4228 Rename emalloc2() -> emallocarray() and erealloc3() -> ereallocarray(). 2014-04-22 16:02:28 -06:00
Todd C. Miller
bb9775879b Make noexec parameter to sudo_execve() bool. 2014-01-08 17:02:22 -07:00
Todd C. Miller
96eb2c4f8f Add warning_gettext() wrapper function that changes to the user locale, 
then calls gettext().
Add U_ macro that calls warning_gettext() instead of gettext().
Rename warning2()/error2() back to warning_nodebug()/error_nodebug().
 2013-11-18 08:59:57 -07:00
Todd C. Miller
6b0a909d9a Do not use "setup" as a verb; bug #614 2013-09-03 14:47:34 -06:00
Todd C. Miller
d6282d154a Update copyright years. 2013-04-24 09:35:02 -04:00
Todd C. Miller
39acd2fcba Rename error/errorx -> fatal/fatalx and remove the exit value as 
it was always 1.
 2013-04-18 14:07:59 -04:00
Todd C. Miller
7f32d1ca4c Make sesh path configurable in sudo.conf 2013-03-14 16:49:42 -04:00
Todd C. Miller
7b3d268687 Call gettext() on parameters for warning()/warningx() instead of 
having warning() do it for us.
 2012-11-25 09:34:04 -05:00
Todd C. Miller
595d3b2651 Display warning/error messages in the user's locale. 2012-11-08 15:37:44 -05:00
Todd C. Miller
b3da8ccd89 Include sudo_exec.h for the sudo_execve() prototype. 2012-03-14 21:52:31 -04:00
Todd C. Miller
d11e7febbc Refactor disable_execute() and my_execve() into exec_common.c for 
use by sesh.c.  This fixes NOEXEC when SELinux is used.  Instead
of disabling exec in exec_setup(), disable it immediately before
executing the command.  Adapted from a diff by Arno Schuring.
 2012-01-25 14:58:02 -05:00
Todd C. Miller
839919566e Add debug_decl/debug_return (almost) everywhere. 
Remove old sudo_debug() and convert users to sudo_debug_printf().
 2011-10-22 14:40:21 -04:00
Todd C. Miller
fce0b906eb cannot -> "unable to" in warning/error messages 2011-05-18 12:41:06 -04:00
Todd C. Miller
c865a462cc Prepare sudo front end messages for translation. 2011-05-06 17:47:51 -04:00
Todd C. Miller
867ba48dbf Add check for setkeycreatecon() when --with-selinux is specified. 2010-06-24 15:31:05 -04:00
Todd C. Miller
2cd108304d Add Linux audit support. 2010-06-16 11:17:02 -04:00
Todd C. Miller
c2f8d24f20 Check for dup2() failure. 2010-06-15 09:02:23 -04:00
Todd C. Miller
d27223b4c7 Call selinux_restore_tty() as part of cleanup() so it gets called 
from error()/errorx()
 2010-06-14 15:09:15 -04:00
Todd C. Miller
edd34a2d7e Add selinux_enabled flag into struct command_details and 
set it in command_info_to_details().
Return an error from selinux_setup() instead of exiting.
Call selinux_setup() from exec_setup().
 2010-06-08 17:59:18 -04:00
Todd C. Miller
2942edcbd0 Rework SELinux support. 2010-05-25 11:00:39 -04:00
Todd C. Miller
5f857e6e54 Make SELinux support compile again. Needs more work to be complete. 2010-05-24 18:18:50 -04:00
Todd C. Miller
0487aee6b4 Bring back closefrom settings. 2010-05-24 15:40:36 -04:00
Todd C. Miller
e90fa482f9 Rework source layout in preparation for modular sudo. 2010-02-20 09:14:01 -05:00