mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-22 01:49:11 +00:00
Code Issues Releases Wiki Activity
13,044 Commits 6 Branches 326 Tags
Commit Graph

3899 Commits

Author SHA1 Message Date
Todd C. Miller
4751a4d2dd Make a ttydev parse error non-fatal for now 
This is new for sudo 1.9.16 so we don't want to break sudo if there
ends up being a bug in formatting dev_t from the front-end.
 2024-08-15 09:31:48 -06:00
Todd C. Miller
827fa8b76d Use sudo_strtonum() instead of strtoull(). 
Fixes building on systems that lack strtoull().  While dev_t is
unsigned on most systems, we can still use sudo_strtonum() here as
long as we allow the full range of values [LLONG_MIN,LLONG_MAX].
We don't use strtoul() here since some 32-bit systems have 64-bit
dev_t.
 2024-08-13 12:43:10 -06:00
Todd C. Miller
e3fd614e7e Sync base64_encode and base64_decode prototypes with parse.h. 2024-08-13 08:09:24 -06:00
Rose Silicon
60b6f30022 Restrict-qualify dst in base64_decode 
Definition restrict qualifies but not declaration in header.
 2024-08-13 08:07:07 -06:00
Rose
818aae38ce Add restrict qualifiers to base64_decode and base64_encode 2024-08-12 10:54:45 -06:00
Rose
85d08e96bd Restrict-qualify iolog_path_escapes like we do with check_iolog_path 
Also add it to the function pointer definition to act as a hint to use restrict in the various copy functions.
 2024-08-12 10:15:21 -06:00
Todd C. Miller
1381a69f59 Use FD_CLOEXEC instead of just 1 2024-08-02 19:48:41 -06:00
Todd C. Miller
cb2457410a Updated translations from translationproject.org 2024-07-27 10:17:59 -06:00
Todd C. Miller
b2af245b31 Updated translations from translationproject.org 2024-06-25 20:08:49 -06:00
Todd C. Miller
e0e24456bc Enable secure_path in default sudoers file. 
It is still disabled by default in the sudo binary.
 2024-06-10 20:37:05 -06:00
Todd C. Miller
1db1453556 Preserve SUDO_EDITOR, EDITOR, and VISUAL for visudo. 2024-06-10 08:17:17 -06:00
Todd C. Miller
14a8d9c09a Update .pot files for 1.9.16 2024-06-08 09:07:07 -06:00
Todd C. Miller
e9d65e67aa Treat unresolvable User_Alias/Host_Alias as non-aliases in JSON output. 
This matches the behavior of the sudoers parser.  There is no way
to tell for sure if an upper case word is an alias or a user or
host name.  An unresolvable command alias is never a command since
it doesn't start with a '/'.  GitHub issue #381
 2024-06-07 10:54:35 -06:00
Todd C. Miller
7c74a971d9 Allow the path in Chdir_Spec | Chroot_Spec to be double-quoted. 
The other values of an Option_Spec could already be quoted but path
names are treated specially.
 2024-05-26 14:37:50 -06:00
Robert Manner
ba29f54d97 logsrvd,plugins/sudoers: add debug log on TLS verification error 2024-05-17 17:18:32 -06:00
Todd C. Miller
f2a979f408 apply_cmndspec: plug potential memory leak 
If apply_cmndspec() is called where the cmndspec defines an apparmor
profile or Solaris privileges, and then is called again with a
cmndspec that does not have those set we would leak the original
value.
 2024-05-06 13:04:00 -06:00
Todd C. Miller
43ffe34ab4 We do not pass apparmor_profile from the front-end to the policy. 
There is no command line option to specify a profile, it is only
passed from the policy to the front-end.
 2024-05-06 11:45:12 -06:00
Todd C. Miller
720a1450e7 Sync fuzz_sudoers dictionary with def_data.in. 2024-05-03 08:31:10 -06:00
Todd C. Miller
718df95e11 apply_cmndspec: plug apparmor_profile leak 
Also override existing Solaris privs if specified.
 2024-05-03 08:15:19 -06:00
Todd C. Miller
07d6aa247c free_cmndspec: plug apparmor_profile leak 2024-05-03 07:34:55 -06:00
Todd C. Miller
89918caf5a Python 3.12 backtraces use '~' in addition to '^' when underlining. 
GitHub issue #374
 2024-05-02 20:02:43 -06:00
Todd C. Miller
2e6c90cdef Add test for parsing SELinux, AppArmor and Solaris privileges. 2024-05-01 19:12:44 -06:00
Todd C. Miller
389c8550c9 Unifdef parser support for SELinux, AppArmor and Solaris privileges. 2024-05-01 08:04:00 -06:00
Todd C. Miller
38b98b4174 Add some missing AppArmor bits. 
o Display ApparmorProfile in "long list" format.
 o Propagate apparmor_profile setting to commands in a list.
 o Support apparmor_profile in an LDAP sudoOption.
 2024-04-30 19:18:00 -06:00
Todd C. Miller
4d47acf69b Check JSON output with jq if present. 2024-04-30 09:34:10 -06:00
Todd C. Miller
7c2204d34d Format SELinux, AppArmor and Solaris privileges as Options. 
Previously these were output as separate arrays without an enclosing
object.  GitHub issue #373
 2024-04-30 08:15:19 -06:00
Todd C. Miller
27963e39f3 Pass "make spell" with updated codespell. 2024-04-29 09:19:52 -06:00
Todd C. Miller
e770c857f4 Fix copy and paste error in the fix for GitHub issue #369 
Fixes GitHub issue #371
 2024-04-28 08:13:52 -06:00
Todd C. Miller
c429220693 Store mulitple command digests of the same type as an array. 
Otherwise, we end up with duplicated keys in the object.
GitHub issue #370
 2024-04-25 09:27:04 -06:00
Todd C. Miller
78699a8f7a Call gettext() on insults when displayed, not when declared. 2024-04-22 08:15:39 -06:00
alberic89
8666c66ff1 Make insults translatable 2024-04-22 07:46:33 -06:00
Todd C. Miller
26ce75110f When converting CWD and CHROOT tags, store them as objects. 
Fixes GitHub issue #369
 2024-04-19 08:18:59 -06:00
Todd C. Miller
ecdf0c80f3 Add pam_silent sudoers option. 
Inspired by PR #368
GitHub issue #216
 2024-04-17 19:30:11 -06:00
Todd C. Miller
f0823c70c6 Remove offensive insults that were disabled by default anyway. 
Bug #1058
 2024-03-18 09:14:15 -06:00
Todd C. Miller
b6175b78ad Remove EVLOG_JSON, callers must use EVLOG_JSON_COMPACT or EVLOG_JSON_PRETTY 2024-03-09 11:42:07 -07:00
Todd C. Miller
46e31a74d7 Add "json_pretty" log format, currently the same as "json". 
In a future version, "json" will be an alias for "json_compact"
instead.  GitHub issue #357.
 2024-03-09 10:59:54 -07:00
Todd C. Miller
1debad3bec Add json_compact log type for compact/minified JSON. 
The "json_compact" log type logs one event per line in compact/minified
JSON format.  GitHub issue #357.
 2024-03-08 16:31:39 -07:00
Todd C. Miller
b3ade1c5f9 Fix typo 2024-03-08 13:58:36 -07:00
Todd C. Miller
602a58e86a Set SUDO_HOME to the invoking user's home directory. 
GitHub issue #358
 2024-03-08 09:15:36 -07:00
Todd C. Miller
72cee2fa25 Explicitly link check_symbols with zlib. 
Fixes a test failure on some systems when using sudo's built-in zlib.
 2024-02-29 12:41:36 -07:00
Todd C. Miller
81acb2bd7b Regenerate dependencies 2024-02-21 13:17:54 -07:00
Todd C. Miller
3944ab1fbe Use $(CPP) instead if $(CC) -E when buiding .i files from .c. 2024-02-21 12:31:50 -07:00
Rose
725d3fdc20 Prefer putchar over fputc where possible 
putchar is easier to understand than fputc and printf and does less work than those two do.
 2024-01-13 15:24:43 -07:00
Rose
7fc7d69532 Add restrict qualifiers to strlcpy_no_slash 
It's just strlcpy except it replaces '/' with '_'.
 2024-01-13 15:20:10 -07:00
Todd C. Miller
67e328d6f8 Only log "a password is required" for "sudo -n" if a command is specified. 
This means that it is not logged for "sudo -nv" and "sudo -nl".
We only log this message when sudo's -n flag is specified (and not
when the user presses ^C at the password prompt) so that there is
a record of failed non-interactive commands.
 2024-01-10 13:54:41 -07:00
Todd C. Miller
ff3dbe60b1 Update "!use_pty" example to only disable it for non-root users. 
Also add a commented out entry for "exec_background" which can also
be used to prevent sudo from consuming tty input.
Related to GitHub issue #338
 2024-01-08 14:16:29 -07:00
Todd C. Miller
e4057faca2 Properly handle sysconf(_SC_LOGIN_NAME_MAX) returning -1 on failure. 
The cast to size_t needs to be outside the MAX() macro or the -1
will get cast to unsigned.
 2023-12-28 09:00:49 -07:00
Todd C. Miller
ad4dc22d5a Automatically migrate lecture file path from name-based to uid-based. 
GitHub issue #342.
 2023-12-22 09:39:24 -07:00
Todd C. Miller
5fbf7a3625 Disable netgroup_query when netgroup_base is not set. 
The logic was inverted when support for netgroup_query was added.
This supercedes PR #341.
 2023-12-19 20:16:35 -07:00
Todd C. Miller
7019148160 Fix printing of warning when a Defaults setting is missing a value. 
This is a bug in parse_default_entry() introduced in sudo 1.8.19
when support for using the default syslog facility was added at the
wrong place in a switch().
 2023-12-16 08:08:44 -07:00