mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-22 01:49:11 +00:00
Code Issues Releases Wiki Activity
12,862 Commits 6 Branches 326 Tags
Commit Graph

12862 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Todd C. Miller
e97060d2f5 Add schema for IBM Directory Server in LDIF format. 
GitHub issue #384
 2024-06-25 19:54:09 -06:00
Todd C. Miller
e924677232 Remove an errant line that should have been removed. 2024-06-16 09:06:17 -06:00
Todd C. Miller
e94feadfff Mention changes to the default sudoers file. 2024-06-15 09:29:02 -06:00
Todd C. Miller
06799eddf9 Improve the description of secure_path. 2024-06-11 08:16:23 -06:00
Todd C. Miller
e0e24456bc Enable secure_path in default sudoers file. 
It is still disabled by default in the sudo binary.
 2024-06-10 20:37:05 -06:00
Todd C. Miller
1db1453556 Preserve SUDO_EDITOR, EDITOR, and VISUAL for visudo. 2024-06-10 08:17:17 -06:00
Todd C. Miller
14a8d9c09a Update .pot files for 1.9.16 2024-06-08 09:07:07 -06:00
Todd C. Miller
eec523aab2 Sudo 1.9.16 2024-06-08 09:05:53 -06:00
Todd C. Miller
50ae48a4ba Compile in support for insults by default. 
Insults are still disabled by default but can be enabled in the
sudoers file.  To completely disable insult support, use the
--without-insults configure option.
 2024-06-08 08:24:54 -06:00
Todd C. Miller
e9d65e67aa Treat unresolvable User_Alias/Host_Alias as non-aliases in JSON output. 
This matches the behavior of the sudoers parser.  There is no way
to tell for sure if an upper case word is an alias or a user or
host name.  An unresolvable command alias is never a command since
it doesn't start with a '/'.  GitHub issue #381
 2024-06-07 10:54:35 -06:00
Todd C. Miller
4e1c587535 Set need_comma when closing an array or object. 
This fixes an issue where an empty array or object would not have
a comma after it.  GitHub issue #381
 2024-06-07 10:54:32 -06:00
Todd C. Miller
648ce410f3 Add comment that the .mdoc files are generated from .mdoc.in 2024-05-28 20:32:50 -06:00
Todd C. Miller
74d64bc896 Sync BUGS section with the bugs section of README.md. 
Also mention how to report security issues based on SECURITY.md.
GitHub issue #377.
 2024-05-28 19:54:52 -06:00
Todd C. Miller
7c74a971d9 Allow the path in Chdir_Spec | Chroot_Spec to be double-quoted. 
The other values of an Option_Spec could already be quoted but path
names are treated specially.
 2024-05-26 14:37:50 -06:00
Todd C. Miller
58fec2f0c5 regen 2024-05-21 07:33:20 -06:00
Todd C. Miller
54ac175d36 Include the name of the original .mdoc.in file in the .man.in file. 
This should make it more obvious which is the authoritative file.
 2024-05-21 07:33:13 -06:00
Todd C. Miller
62e4d29f8e When revoking the pty, kill the foreground process from the parent sudo. 
There's no need to send messages back and forth to the monitor
when the main process can just do it.  GitHub issue #367.
 2024-05-18 19:15:14 -06:00
Todd C. Miller
52772ae6eb Fix a syntax error in the systemd sudo-logsrvd.postinst script: 
sudo-logsrvd.postinst: 120: [: -eq: unexpected operator
 2024-05-18 19:31:11 -06:00
Todd C. Miller
52586b0db6 Fix check for libaudit package on Debian-based systems. 
Newer systems only have /usr/lib with /lib as a symbolic link.
 2024-05-18 19:14:11 -06:00
Todd C. Miller
ee56176b15 Add double quotes around #schemaNamingContext in example. 
GitHub issue #376
 2024-05-17 19:36:57 -06:00
Robert Manner
ba29f54d97 logsrvd,plugins/sudoers: add debug log on TLS verification error 2024-05-17 17:18:32 -06:00
Todd C. Miller
f2a979f408 apply_cmndspec: plug potential memory leak 
If apply_cmndspec() is called where the cmndspec defines an apparmor
profile or Solaris privileges, and then is called again with a
cmndspec that does not have those set we would leak the original
value.
 2024-05-06 13:04:00 -06:00
Todd C. Miller
43ffe34ab4 We do not pass apparmor_profile from the front-end to the policy. 
There is no command line option to specify a profile, it is only
passed from the policy to the front-end.
 2024-05-06 11:45:12 -06:00
Todd C. Miller
720a1450e7 Sync fuzz_sudoers dictionary with def_data.in. 2024-05-03 08:31:10 -06:00
Todd C. Miller
718df95e11 apply_cmndspec: plug apparmor_profile leak 
Also override existing Solaris privs if specified.
 2024-05-03 08:15:19 -06:00
Todd C. Miller
07d6aa247c free_cmndspec: plug apparmor_profile leak 2024-05-03 07:34:55 -06:00
Todd C. Miller
89918caf5a Python 3.12 backtraces use '~' in addition to '^' when underlining. 
GitHub issue #374
 2024-05-02 20:02:43 -06:00
Todd C. Miller
2e6c90cdef Add test for parsing SELinux, AppArmor and Solaris privileges. 2024-05-01 19:12:44 -06:00
Todd C. Miller
389c8550c9 Unifdef parser support for SELinux, AppArmor and Solaris privileges. 2024-05-01 08:04:00 -06:00
Todd C. Miller
38b98b4174 Add some missing AppArmor bits. 
o Display ApparmorProfile in "long list" format.
 o Propagate apparmor_profile setting to commands in a list.
 o Support apparmor_profile in an LDAP sudoOption.
 2024-04-30 19:18:00 -06:00
Todd C. Miller
ef52db46f9 Quiet compiler warning on Solaris 10 2024-04-30 09:36:57 -06:00
Todd C. Miller
4d47acf69b Check JSON output with jq if present. 2024-04-30 09:34:10 -06:00
Todd C. Miller
7c2204d34d Format SELinux, AppArmor and Solaris privileges as Options. 
Previously these were output as separate arrays without an enclosing
object.  GitHub issue #373
 2024-04-30 08:15:19 -06:00
Todd C. Miller
27963e39f3 Pass "make spell" with updated codespell. 2024-04-29 09:19:52 -06:00
Todd C. Miller
195b7c2bc6 mon_handle_revoke: only send SIGHUP to the foreground process group. 
There's no need to signal both the foreground process group and the
command itself (if different).  This matches the behavior of the
session leader exiting, which is what we want to simulate.
 2024-04-29 09:11:14 -06:00
Todd C. Miller
a2d01a957d Avoid using ioctl(TIOCNOTTY) in the monitor. 
We don't need to revoke the terminal in the monitor, just signal
the foreground process group.  This is more portable and has the
same effect as ioctl(TIOCNOTTY) would on Linux.  Since we now signal
the command from the monitor, there is no reason to forward SIGHUP
from the kernel.  GitHub issue #367.
 2024-04-28 10:28:32 -06:00
Todd C. Miller
e770c857f4 Fix copy and paste error in the fix for GitHub issue #369 
Fixes GitHub issue #371
 2024-04-28 08:13:52 -06:00
Todd C. Miller
41978a56e0 If user's tty goes away, tell monitor to revoke the tty in its session. 
Previously, we would simply close the pty leader in the main sudo
process.  This had the effect of revoking the pty, but the foreground
process would not necessarily receive SIGHUP.  By using TIOCNOTTY
in the monitor, the running command has a better chance of getting
SIGHUP.  Once the monitor has revoked the pty, the main sudo process
will close the pty leader, invalidating the pty.  GitHub issue #367.
 2024-04-27 18:53:50 -06:00
Todd C. Miller
37f8a84531 Commands with multiple digests of the same type are stored in an array. 2024-04-26 07:37:26 -06:00
Todd C. Miller
c429220693 Store mulitple command digests of the same type as an array. 
Otherwise, we end up with duplicated keys in the object.
GitHub issue #370
 2024-04-25 09:27:04 -06:00
Todd C. Miller
78699a8f7a Call gettext() on insults when displayed, not when declared. 2024-04-22 08:15:39 -06:00
alberic89
8666c66ff1 Make insults translatable 2024-04-22 07:46:33 -06:00
Todd C. Miller
26ce75110f When converting CWD and CHROOT tags, store them as objects. 
Fixes GitHub issue #369
 2024-04-19 08:18:59 -06:00
Todd C. Miller
ecdf0c80f3 Add pam_silent sudoers option. 
Inspired by PR #368
GitHub issue #216
 2024-04-17 19:30:11 -06:00
Todd C. Miller
f0823c70c6 Remove offensive insults that were disabled by default anyway. 
Bug #1058
 2024-03-18 09:14:15 -06:00
Todd C. Miller
b6175b78ad Remove EVLOG_JSON, callers must use EVLOG_JSON_COMPACT or EVLOG_JSON_PRETTY 2024-03-09 11:42:07 -07:00
Todd C. Miller
46e31a74d7 Add "json_pretty" log format, currently the same as "json". 
In a future version, "json" will be an alias for "json_compact"
instead.  GitHub issue #357.
 2024-03-09 10:59:54 -07:00
Todd C. Miller
1debad3bec Add json_compact log type for compact/minified JSON. 
The "json_compact" log type logs one event per line in compact/minified
JSON format.  GitHub issue #357.
 2024-03-08 16:31:39 -07:00
Todd C. Miller
b3ade1c5f9 Fix typo 2024-03-08 13:58:36 -07:00
Todd C. Miller
602a58e86a Set SUDO_HOME to the invoking user's home directory. 
GitHub issue #358
 2024-03-08 09:15:36 -07:00