diff options
Diffstat (limited to 'plugins/sudoers/parse.c')
-rw-r--r-- | plugins/sudoers/parse.c | 40 |
1 files changed, 23 insertions, 17 deletions
diff --git a/plugins/sudoers/parse.c b/plugins/sudoers/parse.c index a56f86c81..3745efbe2 100644 --- a/plugins/sudoers/parse.c +++ b/plugins/sudoers/parse.c @@ -257,18 +257,18 @@ apply_cmndspec(struct cmndspec *cs) #ifdef HAVE_APPARMOR /* Set AppArmor profile, if specified */ if (cs->apparmor_profile != NULL) { - user_apparmor_profile = strdup(cs->apparmor_profile); - if (user_apparmor_profile == NULL) { - sudo_warnx(U_("%s: %s"), __func__, - U_("unable to allocate memory")); - debug_return_bool(false); - } + user_apparmor_profile = strdup(cs->apparmor_profile); + if (user_apparmor_profile == NULL) { + sudo_warnx(U_("%s: %s"), __func__, + U_("unable to allocate memory")); + debug_return_bool(false); + } } else { - user_apparmor_profile = def_apparmor_profile; - def_apparmor_profile = NULL; + user_apparmor_profile = def_apparmor_profile; + def_apparmor_profile = NULL; } if (user_apparmor_profile != NULL) { - sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO, + sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO, "user_apparmor_profile -> %s", user_apparmor_profile); } #endif @@ -358,11 +358,13 @@ apply_cmndspec(struct cmndspec *cs) } if (cs->tags.log_input != UNSPEC) { def_log_input = cs->tags.log_input; + cb_log_input(NULL, 0, 0, NULL, cs->tags.log_input); sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO, "def_log_input -> %s", def_log_input ? "true" : "false"); } if (cs->tags.log_output != UNSPEC) { def_log_output = cs->tags.log_output; + cb_log_output(NULL, 0, 0, NULL, cs->tags.log_output); sudo_debug_printf(SUDO_DEBUG_INFO|SUDO_DEBUG_LINENO, "def_log_output -> %s", def_log_output ? "true" : "false"); } @@ -468,7 +470,7 @@ display_priv_short(struct sudoers_parse_tree *parse_tree, struct passwd *pw, debug_decl(display_priv_short, SUDOERS_DEBUG_PARSER); TAILQ_FOREACH(priv, &us->privileges, entries) { - struct cmndspec *cs, *prev_cs = NULL; + struct cmndspec *cs; struct cmndtag tags; if (hostlist_matches(parse_tree, pw, &priv->hostlist) != ALLOW) @@ -476,11 +478,13 @@ display_priv_short(struct sudoers_parse_tree *parse_tree, struct passwd *pw, sudoers_defaults_list_to_tags(&priv->defaults, &tags); TAILQ_FOREACH(cs, &priv->cmndlist, entries) { - /* Start a new line if RunAs changes. */ + struct cmndspec *prev_cs = TAILQ_PREV(cs, cmndspec_list, entries); + if (prev_cs == NULL || RUNAS_CHANGED(cs, prev_cs)) { struct member *m; - if (cs != TAILQ_FIRST(&priv->cmndlist)) + /* Start new line, first entry or RunAs changed. */ + if (prev_cs != NULL) sudo_lbuf_append(lbuf, "\n"); sudo_lbuf_append(lbuf, " ("); if (cs->runasuserlist != NULL) { @@ -505,11 +509,13 @@ display_priv_short(struct sudoers_parse_tree *parse_tree, struct passwd *pw, } } sudo_lbuf_append(lbuf, ") "); - } else if (cs != TAILQ_FIRST(&priv->cmndlist)) { + sudoers_format_cmndspec(lbuf, parse_tree, cs, NULL, tags, true); + } else { + /* Continue existing line. */ sudo_lbuf_append(lbuf, ", "); + sudoers_format_cmndspec(lbuf, parse_tree, cs, prev_cs, tags, + true); } - sudoers_format_cmndspec(lbuf, parse_tree, cs, prev_cs, tags, true); - prev_cs = cs; nfound++; } sudo_lbuf_append(lbuf, "\n"); @@ -719,7 +725,7 @@ display_defaults(struct sudoers_parse_tree *parse_tree, struct passwd *pw, struct sudo_lbuf *lbuf) { struct defaults *d; - char *prefix; + const char *prefix; int nfound = 0; debug_decl(display_defaults, SUDOERS_DEBUG_PARSER); @@ -762,7 +768,7 @@ display_bound_defaults_by_type(struct sudoers_parse_tree *parse_tree, struct defaults *d; struct defaults_binding *binding = NULL; struct member *m; - char *dsep; + const char *dsep; int atype, nfound = 0; debug_decl(display_bound_defaults_by_type, SUDOERS_DEBUG_PARSER); |