diff options
author | Todd C. Miller <Todd.Miller@courtesan.com> | 2000-01-03 04:43:33 +0000 |
---|---|---|
committer | Todd C. Miller <Todd.Miller@courtesan.com> | 2000-01-03 04:43:33 +0000 |
commit | 20ec7f6f72c7dd0510bd6191bfdf65fb77990f8d (patch) | |
tree | a9e35e6f295d0255c2cddf7afdfa6e8216a86697 /parse.yacc | |
parent | 63acd70f61c3b75fa16b2b0589523f19c4ab01af (diff) | |
download | sudo-20ec7f6f72c7dd0510bd6191bfdf65fb77990f8d.tar.gz |
Make treatment of -l and -v sane wrt NOPASSWD flags. Now allow -l w/o a passwd
if there is *any* entry for the user on the host with a NOPASSWD flag.
For -v, only allow w/o a passwd if *all* entries for the user on the host
w/ the specified runas user have the NOPASSWD flag set.
Diffstat (limited to 'parse.yacc')
-rw-r--r-- | parse.yacc | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/parse.yacc b/parse.yacc index 9636079a5..9c365b671 100644 --- a/parse.yacc +++ b/parse.yacc @@ -90,6 +90,7 @@ int errorlineno = -1; int clearaliases = TRUE; int printmatches = FALSE; int pedantic = FALSE; +int keepall = FALSE; /* * Alias types @@ -411,6 +412,9 @@ cmndspec : runasspec nopasswd opcmnd { * the user was listed in sudoers. Also, we * need to be able to tell whether or not a * user was listed for this specific host. + * + * If keepall is set and the user matches then + * we need to keep entries around too... */ if (user_matches != -1 && host_matches != -1 && cmnd_matches != -1 && runas_matches != -1) @@ -419,6 +423,8 @@ cmndspec : runasspec nopasswd opcmnd { (top == 2 && host_matches != -1 && match[0].host == -1))) pushcp; + else if (user_matches == TRUE && keepall) + pushcp; cmnd_matches = -1; } ; |