-- cgit v1.2.1 From 011525984aba9b20306d9161de207bd7c577ad8d Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Fri, 25 Feb 2011 16:44:30 -0500 Subject: Adjust ChangeLog rule now that 1.8 is branched --- Makefile.in | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Makefile.in b/Makefile.in index 336a95369..24aa2c2ae 100644 --- a/Makefile.in +++ b/Makefile.in @@ -63,9 +63,10 @@ install install-doc: config.status ChangeLog autoconf: autoconf -I m4 +# The 1.8 branch started February 25, 2011 ChangeLog: if test -d $(srcdir)/.hg && cd $(srcdir); then \ - if hg log --style=changelog -b default > $@.tmp; then \ + if hg log --style=changelog -b 1.8 > $@.tmp && hg log --style=changelog -b default --date '<2011-02-25 21:30:00' >> $@.tmp; then \ mv -f $@.tmp $@; \ else \ rm -f $@.tmp; \ -- cgit v1.2.1 From 60b5bdd5805ab4a079a728f2970ac5b02afedd2d Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Sat, 9 Apr 2011 10:47:26 -0400 Subject: Regen man pages for 1.8.1 --- doc/sudo.cat | 152 ++++++--- doc/sudo.man.in | 35 ++- doc/sudo_plugin.cat | 226 ++++++------- doc/sudo_plugin.man.in | 22 +- doc/sudoers.cat | 818 ++++++++++++++++++++++++++---------------------- doc/sudoers.ldap.cat | 178 +++++------ doc/sudoers.ldap.man.in | 7 +- doc/sudoers.man.in | 181 ++++++----- doc/sudoreplay.cat | 68 ++-- doc/sudoreplay.man.in | 22 +- doc/visudo.cat | 6 +- doc/visudo.man.in | 4 +- 12 files changed, 964 insertions(+), 755 deletions(-) diff --git a/doc/sudo.cat b/doc/sudo.cat index 038fb46d1..d813e6b1f 100644 --- a/doc/sudo.cat +++ b/doc/sudo.cat @@ -61,7 +61,7 @@ DDEESSCCRRIIPPTTIIOONN -1.8.0rc1 February 21, 2011 1 +1.8.1 April 9, 2011 1 @@ -127,7 +127,7 @@ OOPPTTIIOONNSS -1.8.0rc1 February 21, 2011 2 +1.8.1 April 9, 2011 2 @@ -193,7 +193,7 @@ SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) -1.8.0rc1 February 21, 2011 3 +1.8.1 April 9, 2011 3 @@ -259,7 +259,7 @@ SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) -1.8.0rc1 February 21, 2011 4 +1.8.1 April 9, 2011 4 @@ -325,7 +325,7 @@ SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) -1.8.0rc1 February 21, 2011 5 +1.8.1 April 9, 2011 5 @@ -391,7 +391,7 @@ PPLLUUGGIINNSS -1.8.0rc1 February 21, 2011 6 +1.8.1 April 9, 2011 6 @@ -405,7 +405,8 @@ SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) # # Format: # Plugin plugin_name plugin_path - # Path askpass path/to/askpass + # Path askpass /path/to/askpass + # Path noexec /path/to/noexec.so # # The plugin_path is relative to /usr/local/libexec unless # fully qualified. @@ -426,6 +427,45 @@ SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) For more information, see the _s_u_d_o___p_l_u_g_i_n(1m) manual. +PPAATTHHSS + A Path line consists of the Path keyword, followed by the name of the + path to set and its value. E.g. + + Path noexec /usr/local/libexec/sudo_noexec.so + Path askpass /usr/X11R6/bin/ssh-askpass + + The following plugin-agnostic paths may be set in the _/_e_t_c_/_s_u_d_o_._c_o_n_f + file. + + askpass The fully qualified path to a helper program used to + read the user's password when no terminal is available. + This may be the case when ssuuddoo is executed from a + graphical (as opposed to text-based) application. The + program specified by _a_s_k_p_a_s_s should display the + argument passed to it as the prompt and write the + user's password to the standard output. The value of + _a_s_k_p_a_s_s may be overridden by the SUDO_ASKPASS + environment variable. + + noexec The fully-qualified path to a shared library containing + dummy versions of the _e_x_e_c_v_(_), _e_x_e_c_v_e_(_) and _f_e_x_e_c_v_e_(_) + library functions that just return an error. This is + used to implement the _n_o_e_x_e_c functionality on systems + that support LD_PRELOAD or its equivalent. Defaults to + _/_u_s_r_/_l_o_c_a_l_/_l_i_b_e_x_e_c_/_s_u_d_o___n_o_e_x_e_c_._s_o. + + + + +1.8.1 April 9, 2011 7 + + + + + +SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) + + RREETTUURRNN VVAALLUUEESS Upon successful execution of a program, the exit status from ssuuddoo will simply be the exit status of the program that was executed. @@ -454,18 +494,6 @@ SSEECCUURRIITTYY NNOOTTEESS runs. If a user runs a command such as sudo su or sudo sh, subsequent commands run from that shell are not subject to ssuuddoo's security policy. The same is true for commands that offer shell escapes (including most - - - -1.8.0rc1 February 21, 2011 7 - - - - - -SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) - - editors). If I/O logging is enabled, subsequent commands will have their input and/or output logged, but there will not be traditional logs for those commands. Because of this, care must be taken when @@ -493,6 +521,17 @@ EENNVVIIRROONNMMEENNTT SHELL Used to determine shell to run with -s option + + +1.8.1 April 9, 2011 8 + + + + + +SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) + + SUDO_ASKPASS Specifies the path to a helper program used to read the password if no terminal is available or if the -A option is specified. @@ -521,17 +560,6 @@ EENNVVIIRROONNMMEENNTT FFIILLEESS _/_e_t_c_/_s_u_d_o_._c_o_n_f ssuuddoo plugin and path configuration - - -1.8.0rc1 February 21, 2011 8 - - - - - -SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) - - EEXXAAMMPPLLEESS Note: the following examples assume a properly configured security policy. @@ -559,6 +587,17 @@ EEXXAAMMPPLLEESS To shutdown a machine: + + +1.8.1 April 9, 2011 9 + + + + + +SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) + + $ sudo shutdown -r +15 "quick reboot" To make a usage listing of the directories in the /home partition. @@ -586,18 +625,6 @@ CCAAVVEEAATTSS programs (such as editors) allow the user to run commands via shell escapes, thus avoiding ssuuddoo's checks. However, on most systems it is possible to prevent shell escapes with the _s_u_d_o_e_r_s(4) module's _n_o_e_x_e_c - - - -1.8.0rc1 February 21, 2011 9 - - - - - -SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) - - functionality. It is not meaningful to run the cd command directly via sudo, e.g., @@ -625,6 +652,18 @@ DDIISSCCLLAAIIMMEERR including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose are disclaimed. See the LICENSE file distributed with ssuuddoo or + + + +1.8.1 April 9, 2011 10 + + + + + +SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) + + http://www.sudo.ws/sudo/license.html for complete details. @@ -655,6 +694,33 @@ DDIISSCCLLAAIIMMEERR -1.8.0rc1 February 21, 2011 10 + + + + + + + + + + + + + + + + + + + + + + + + + + + +1.8.1 April 9, 2011 11 diff --git a/doc/sudo.man.in b/doc/sudo.man.in index 55a16b472..3a83e91fc 100644 --- a/doc/sudo.man.in +++ b/doc/sudo.man.in @@ -1,4 +1,4 @@ -.\" Copyright (c) 1994-1996, 1998-2005, 2007-2010 +.\" Copyright (c) 1994-1996, 1998-2005, 2007-2011 .\" Todd C. Miller .\" .\" Permission to use, copy, modify, and distribute this software for any @@ -149,7 +149,7 @@ .\" ======================================================================== .\" .IX Title "SUDO @mansectsu@" -.TH SUDO @mansectsu@ "February 21, 2011" "1.8.0rc1" "MAINTENANCE COMMANDS" +.TH SUDO @mansectsu@ "April 9, 2011" "1.8.1" "MAINTENANCE COMMANDS" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -532,7 +532,8 @@ which corresponds to the following \fI@sysconfdir@/sudo.conf\fR file. \& # \& # Format: \& # Plugin plugin_name plugin_path -\& # Path askpass path/to/askpass +\& # Path askpass /path/to/askpass +\& # Path noexec /path/to/noexec.so \& # \& # The plugin_path is relative to @prefix@/libexec unless \& # fully qualified. @@ -553,6 +554,34 @@ parameters after the \fIpath\fR are ignored. Lines that don't begin with \f(CW\*(C`Plugin\*(C'\fR or \f(CW\*(C`Path\*(C'\fR are silently ignored .PP For more information, see the \fIsudo_plugin\fR\|(@mansectsu@) manual. +.SH "PATHS" +.IX Header "PATHS" +A \f(CW\*(C`Path\*(C'\fR line consists of the \f(CW\*(C`Path\*(C'\fR keyword, followed by the +name of the path to set and its value. E.g. +.PP +.Vb 2 +\& Path noexec @noexec_file@ +\& Path askpass /usr/X11R6/bin/ssh\-askpass +.Ve +.PP +The following plugin-agnostic paths may be set in the +\&\fI@sysconfdir@/sudo.conf\fR file. +.IP "askpass" 16 +.IX Item "askpass" +The fully qualified path to a helper program used to read the user's +password when no terminal is available. This may be the case when +\&\fBsudo\fR is executed from a graphical (as opposed to text-based) +application. The program specified by \fIaskpass\fR should display +the argument passed to it as the prompt and write the user's password +to the standard output. The value of \fIaskpass\fR may be overridden +by the \f(CW\*(C`SUDO_ASKPASS\*(C'\fR environment variable. +.IP "noexec" 16 +.IX Item "noexec" +The fully-qualified path to a shared library containing dummy +versions of the \fIexecv()\fR, \fIexecve()\fR and \fIfexecve()\fR library functions +that just return an error. This is used to implement the \fInoexec\fR +functionality on systems that support \f(CW\*(C`LD_PRELOAD\*(C'\fR or its equivalent. +Defaults to \fI@noexec_file@\fR. .SH "RETURN VALUES" .IX Header "RETURN VALUES" Upon successful execution of a program, the exit status from \fBsudo\fR diff --git a/doc/sudo_plugin.cat b/doc/sudo_plugin.cat index 76693177b..d2578907a 100644 --- a/doc/sudo_plugin.cat +++ b/doc/sudo_plugin.cat @@ -61,7 +61,7 @@ DDEESSCCRRIIPPTTIIOONN -1.8.0rc1 February 21, 2011 1 +1.8.1 April 9, 2011 1 @@ -127,7 +127,7 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) -1.8.0rc1 February 21, 2011 2 +1.8.1 April 9, 2011 2 @@ -184,16 +184,16 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) Set to true if the user specified the -E flag, indicating that the user wishes to preserve the environment. + run_shell=bool + Set to true if the user specified the -s flag, indicating + that the user wishes to run a shell. + login_shell=bool Set to true if the user specified the -i flag, indicating - that the user wishes to run a login shell. - - implied_shell=bool - If the user does not specify a program on the command line, -1.8.0rc1 February 21, 2011 3 +1.8.1 April 9, 2011 3 @@ -202,6 +202,10 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) + that the user wishes to run a login shell. + + implied_shell=bool + If the user does not specify a program on the command line, ssuuddoo will pass the plugin the path to the user's shell and set _i_m_p_l_i_e_d___s_h_e_l_l to true. This allows ssuuddoo with no arguments to be used similarly to _s_u(1). If the plugin @@ -253,13 +257,9 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) The command name that sudo was run as, typically "sudo" or "sudoedit". - sudoedit=bool - Set to true when the -e flag is is specified or if invoked - as ssuuddooeeddiitt. The plugin shall substitute an editor into - -1.8.0rc1 February 21, 2011 4 +1.8.1 April 9, 2011 4 @@ -268,6 +268,9 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) + sudoedit=bool + Set to true when the -e flag is is specified or if invoked + as ssuuddooeeddiitt. The plugin shall substitute an editor into _a_r_g_v in the _c_h_e_c_k___p_o_l_i_c_y function or return -2 with a usage error if the plugin does not support _s_u_d_o_e_d_i_t. For more information, see the _c_h_e_c_k___p_o_l_i_c_y section. @@ -320,12 +323,9 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) is no terminal device available, a default value of 24 is used. - cols=int - The number of columns the user's terminal supports. If - -1.8.0rc1 February 21, 2011 5 +1.8.1 April 9, 2011 5 @@ -334,6 +334,8 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) + cols=int + The number of columns the user's terminal supports. If there is no terminal device available, a default value of 80 is used. @@ -386,12 +388,10 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) the _o_p_e_n function, the user has requested _s_u_d_o_e_d_i_t mode. _s_u_d_o_e_d_i_t is a mechanism for editing one or more files where an editor is run with the user's credentials instead of with elevated privileges. - ssuuddoo achieves this by creating user-writable temporary copies of - the files to be edited and then overwriting the originals with the -1.8.0rc1 February 21, 2011 6 +1.8.1 April 9, 2011 6 @@ -400,6 +400,8 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) + ssuuddoo achieves this by creating user-writable temporary copies of + the files to be edited and then overwriting the originals with the temporary copies after editing is complete. If the plugin supports ssuuddooeeddiitt, it should choose the editor to be used, potentially from a variable in the user's environment, such as EDITOR, and include @@ -451,13 +453,11 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) command=string Fully qualified path to the command to be executed. - runas_uid=uid - User ID to run the command as. -1.8.0rc1 February 21, 2011 7 +1.8.1 April 9, 2011 7 @@ -466,6 +466,9 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) + runas_uid=uid + User ID to run the command as. + runas_euid=uid Effective user ID to run the command as. If not specified, the value of _r_u_n_a_s___u_i_d is used. @@ -482,7 +485,7 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) the form of a comma-separated list of group IDs. If _p_r_e_s_e_r_v_e___g_r_o_u_p_s is set, this option is ignored. - login_class=login_class + login_class=string BSD login class to use when setting resource limits and nice value (optional). This option is only set on systems that support login classes. @@ -517,13 +520,10 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) timeout=int Command timeout. If non-zero then when the timeout expires - the command will be killed. - - -1.8.0rc1 February 21, 2011 8 +1.8.1 April 9, 2011 8 @@ -532,6 +532,8 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) + the command will be killed. + sudoedit=bool Set to true when in _s_u_d_o_e_d_i_t mode. The plugin may enable _s_u_d_o_e_d_i_t mode even if ssuuddoo was not invoked as ssuuddooeeddiitt. @@ -587,9 +589,7 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) - - -1.8.0rc1 February 21, 2011 9 +1.8.1 April 9, 2011 9 @@ -604,6 +604,20 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) will only run the command in a pty when an I/O log plugin is loaded. + set_utmp=bool + Create a utmp (or utmpx) entry when a pseudo-tty is + allocated. By default, the new entry will be a copy of the + user's existing utmp entry (if any), with the tty, time, + type and pid fields updated. + + utmp_user=string + User name to use when constructing a new utmp (or utmpx) + entry when _s_e_t___u_t_m_p is enabled. This option can be used to + set the user field in the utmp entry to the user the + command runs as rather than the invoking user. If not set, + ssuuddoo will base the new entry on the invoking user's + existing entry. + Unsupported values will be ignored. argv_out @@ -637,6 +651,19 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) policy allows it. If NULL, the plugin should list the privileges of the invoking user. + + + + +1.8.1 April 9, 2011 10 + + + + + +SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) + + argc The number of elements in _a_r_g_v, not counting the final NULL pointer. @@ -652,18 +679,6 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) validate int (*validate)(void); - - - -1.8.0rc1 February 21, 2011 10 - - - - - -SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) - - The validate function is called when ssuuddoo is run with the -v flag. For policy plugins such as _s_u_d_o_e_r_s that cache authentication credentials, this function will validate and cache the credentials. @@ -703,6 +718,18 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) Returns 1 on success, 0 on failure and -1 on error. On error, the plugin may optionally call the conversation or plugin_printf + + + +1.8.1 April 9, 2011 11 + + + + + +SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) + + function with SUDO_CONF_ERROR_MSG to present additional error information to the user. @@ -718,18 +745,6 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) } while(0) #define SUDO_API_VERSION_MAJOR 1 - - - -1.8.0rc1 February 21, 2011 11 - - - - - -SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) - - #define SUDO_API_VERSION_MINOR 0 #define SUDO_API_VERSION ((SUDO_API_VERSION_MAJOR << 16) | \ SUDO_API_VERSION_MINOR) @@ -770,32 +785,29 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) logging is to be performed. If the open function returns 0, no I/O will be sent to the plugin. - The io_plugin struct has the following fields: - - type - The type field should always be set to SUDO_IO_PLUGIN - version - The version field should be set to SUDO_API_VERSION. - This allows ssuuddoo to determine the API version the plugin was built - against. - - open +1.8.1 April 9, 2011 12 -1.8.0rc1 February 21, 2011 12 - +SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) + The io_plugin struct has the following fields: + type + The type field should always be set to SUDO_IO_PLUGIN -SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) + version + The version field should be set to SUDO_API_VERSION. + This allows ssuuddoo to determine the API version the plugin was built + against. + open int (*open)(unsigned int version, sudo_conv_t conversation sudo_printf_t plugin_printf, char * const settings[], char * const user_info[], int argc, char * const argv[], @@ -838,30 +850,30 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) "name=value" strings. The vector is terminated by a NULL pointer. These settings correspond to flags the user specified when running ssuuddoo. As such, they will only be present when the - corresponding flag has been specified on the command line. - When parsing _s_e_t_t_i_n_g_s, the plugin should split on the ffiirrsstt - equal sign ('=') since the _n_a_m_e field will never include one - itself but the _v_a_l_u_e might. - See the "Policy Plugin API" section for a list of all possible - settings. - user_info - A vector of information about the user running the command in - the form of "name=value" strings. The vector is terminated by +1.8.1 April 9, 2011 13 -1.8.0rc1 February 21, 2011 13 +SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) + corresponding flag has been specified on the command line. -SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) + When parsing _s_e_t_t_i_n_g_s, the plugin should split on the ffiirrsstt + equal sign ('=') since the _n_a_m_e field will never include one + itself but the _v_a_l_u_e might. + See the "Policy Plugin API" section for a list of all possible + settings. + user_info + A vector of information about the user running the command in + the form of "name=value" strings. The vector is terminated by a NULL pointer. When parsing _u_s_e_r___i_n_f_o, the plugin should split on the ffiirrsstt @@ -904,29 +916,28 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) error If the command could not be executed, this is set to the value of errno set by the _e_x_e_c_v_e(2) system call. If the command was - successfully executed, the value of error is 0. - - show_version - int (*show_version)(int verbose); - The show_version function is called by ssuuddoo when the user specifies - the -V option. The plugin may display its version information to - the user via the conversation or plugin_printf function using - SUDO_CONV_INFO_MSG. If the user requests detailed version - information, the verbose flag will be set. +1.8.1 April 9, 2011 14 -1.8.0rc1 February 21, 2011 14 +SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) + successfully executed, the value of error is 0. -SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) + show_version + int (*show_version)(int verbose); + The show_version function is called by ssuuddoo when the user specifies + the -V option. The plugin may display its version information to + the user via the conversation or plugin_printf function using + SUDO_CONV_INFO_MSG. If the user requests detailed version + information, the verbose flag will be set. log_ttyin int (*log_ttyin)(const char *buf, unsigned int len); @@ -971,29 +982,29 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) the data should be passed to the command, 0 if the data is rejected (which will terminate the command) or -1 if an error occurred. - The function arguments are as follows: - buf The buffer containing user input. - len The length of _b_u_f in bytes. - log_stdout - int (*log_stdout)(const char *buf, unsigned int len); +1.8.1 April 9, 2011 15 - The _l_o_g___s_t_d_o_u_t function is only used if the standard output does - not correspond to a tty device. It is called whenever data can be -1.8.0rc1 February 21, 2011 15 +SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) + The function arguments are as follows: + buf The buffer containing user input. -SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) + len The length of _b_u_f in bytes. + log_stdout + int (*log_stdout)(const char *buf, unsigned int len); + The _l_o_g___s_t_d_o_u_t function is only used if the standard output does + not correspond to a tty device. It is called whenever data can be read from the command but before it is written to the standard output. This allows the plugin to reject data if it chooses to (for instance if the output contains banned content). Returns 1 if @@ -1040,18 +1051,7 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) - - - - - - - - - - - -1.8.0rc1 February 21, 2011 16 +1.8.1 April 9, 2011 16 @@ -1117,7 +1117,7 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) -1.8.0rc1 February 21, 2011 17 +1.8.1 April 9, 2011 17 @@ -1183,7 +1183,7 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) -1.8.0rc1 February 21, 2011 18 +1.8.1 April 9, 2011 18 @@ -1249,6 +1249,6 @@ DDIISSCCLLAAIIMMEERR -1.8.0rc1 February 21, 2011 19 +1.8.1 April 9, 2011 19 diff --git a/doc/sudo_plugin.man.in b/doc/sudo_plugin.man.in index a129a8b9a..b78049943 100644 --- a/doc/sudo_plugin.man.in +++ b/doc/sudo_plugin.man.in @@ -139,7 +139,7 @@ .\" ======================================================================== .\" .IX Title "SUDO_PLUGIN @mansectsu@" -.TH SUDO_PLUGIN @mansectsu@ "February 21, 2011" "1.8.0rc1" "MAINTENANCE COMMANDS" +.TH SUDO_PLUGIN @mansectsu@ "April 9, 2011" "1.8.1" "MAINTENANCE COMMANDS" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -305,6 +305,10 @@ Set to true if the user specified the \f(CW\*(C`\-H\*(C'\fR flag. If true, set .IX Item "preserve_environment=bool" Set to true if the user specified the \f(CW\*(C`\-E\*(C'\fR flag, indicating that the user wishes to preserve the environment. +.IP "run_shell=bool" 4 +.IX Item "run_shell=bool" +Set to true if the user specified the \f(CW\*(C`\-s\*(C'\fR flag, indicating that +the user wishes to run a shell. .IP "login_shell=bool" 4 .IX Item "login_shell=bool" Set to true if the user specified the \f(CW\*(C`\-i\*(C'\fR flag, indicating that @@ -557,8 +561,8 @@ If not specified, the value of \fIrunas_gid\fR is used. The supplementary group vector to use for the command in the form of a comma-separated list of group IDs. If \fIpreserve_groups\fR is set, this option is ignored. -.IP "login_class=login_class" 4 -.IX Item "login_class=login_class" +.IP "login_class=string" 4 +.IX Item "login_class=string" \&\s-1BSD\s0 login class to use when setting resource limits and nice value (optional). This option is only set on systems that support login classes. @@ -646,6 +650,18 @@ which may choose to ignore it. Allocate a pseudo-tty to run the command in, regardless of whether or not I/O logging is in use. By default, \fBsudo\fR will only run the command in a pty when an I/O log plugin is loaded. +.IP "set_utmp=bool" 4 +.IX Item "set_utmp=bool" +Create a utmp (or utmpx) entry when a pseudo-tty is allocated. By +default, the new entry will be a copy of the user's existing utmp +entry (if any), with the tty, time, type and pid fields updated. +.IP "utmp_user=string" 4 +.IX Item "utmp_user=string" +User name to use when constructing a new utmp (or utmpx) entry when +\&\fIset_utmp\fR is enabled. This option can be used to set the user +field in the utmp entry to the user the command runs as rather than +the invoking user. If not set, \fBsudo\fR will base the new entry on +the invoking user's existing entry. .RE .RS 4 .Sp diff --git a/doc/sudoers.cat b/doc/sudoers.cat index f77235296..23c368b24 100644 --- a/doc/sudoers.cat +++ b/doc/sudoers.cat @@ -61,7 +61,7 @@ DDEESSCCRRIIPPTTIIOONN -1.8.0rc1 February 21, 2011 1 +1.8.1 April 9, 2011 1 @@ -127,7 +127,7 @@ SSUUDDOOEERRSS FFIILLEE FFOORRMMAATT -1.8.0rc1 February 21, 2011 2 +1.8.1 April 9, 2011 2 @@ -193,7 +193,7 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) -1.8.0rc1 February 21, 2011 3 +1.8.1 April 9, 2011 3 @@ -208,26 +208,32 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) User ',' User_List User ::= '!'* user name | - '!'* '#'uid | - '!'* '%'group | - '!'* '+'netgroup | - '!'* '%:'nonunix_group | + '!'* #uid | + '!'* %group | + '!'* %#gid | + '!'* +netgroup | + '!'* %:nonunix_group | + '!'* %:#nonunix_gid | '!'* User_Alias - A User_List is made up of one or more user names, uids (prefixed with - '#'), system groups (prefixed with '%'), netgroups (prefixed with '+') - and User_Aliases. Each list item may be prefixed with zero or more '!' - operators. An odd number of '!' operators negate the value of the - item; an even number just cancel each other out. - - A user name, group, netgroup or nonunix_group may be enclosed in double - quotes to avoid the need for escaping special characters. Alternately, - special characters may be specified in escaped hex mode, e.g. \x20 for - space. - - The actual nonunix_group syntax depends on the underlying group - provider plugin (see the _g_r_o_u_p___p_l_u_g_i_n description below). For - instance, the QAS AD plugin supports the following formats: + A User_List is made up of one or more user names, user ids (prefixed + with '#'), system group names and ids (prefixed with '%' and '%#' + respectively), netgroups (prefixed with '+'), non-Unix group names and + IDs (prefixed with '%:' and '%:#' respectively) and User_Aliases. Each + list item may be prefixed with zero or more '!' operators. An odd + number of '!' operators negate the value of the item; an even number + just cancel each other out. + + A user name, uid, group, gid, netgroup, nonunix_group or nonunix_gid + may be enclosed in double quotes to avoid the need for escaping special + characters. Alternately, special characters may be specified in + escaped hex mode, e.g. \x20 for space. When using double quotes, any + prefix characters must be included inside the quotes. + + The actual nonunix_group and nonunix_gid syntax depends on the + underlying group provider plugin (see the _g_r_o_u_p___p_l_u_g_i_n description + below). For instance, the QAS AD plugin supports the following + formats: +o Group in the same domain: "Group Name" @@ -236,43 +242,48 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) +o Group SID: "S-1-2-34-5678901234-5678901234-5678901234-567" Note that quotes around group names are optional. Unquoted strings - must use a backslash (\) to escape spaces and the '@' symbol. + must use a backslash (\) to escape spaces and special characters. See + "Other special characters and reserved words" for a list of characters + that need to be escaped. Runas_List ::= Runas_Member | Runas_Member ',' Runas_List Runas_Member ::= '!'* user name | - '!'* '#'uid | - '!'* '%'group | + '!'* #uid | + '!'* %group | + '!'* %#gid | + '!'* %:nonunix_group | + '!'* %:#nonunix_gid | '!'* +netgroup | - '!'* Runas_Alias - A Runas_List is similar to a User_List except that instead of - User_Aliases it can contain Runas_Aliases. Note that user names and - groups are matched as strings. In other words, two users (groups) with - the same uid (gid) are considered to be distinct. If you wish to match - all user names with the same uid (e.g. root and toor), you can use a - uid instead (#0 in the example given). - Host_List ::= Host | - Host ',' Host_List +1.8.1 April 9, 2011 4 -1.8.0rc1 February 21, 2011 4 +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + '!'* Runas_Alias + A Runas_List is similar to a User_List except that instead of + User_Aliases it can contain Runas_Aliases. Note that user names and + groups are matched as strings. In other words, two users (groups) with + the same uid (gid) are considered to be distinct. If you wish to match + all user names with the same uid (e.g. root and toor), you can use a + uid instead (#0 in the example given). + Host_List ::= Host | + Host ',' Host_List Host ::= '!'* host name | '!'* ip_addr | '!'* network(/netmask)? | - '!'* '+'netgroup | + '!'* +netgroup | '!'* Host_Alias A Host_List is made up of one or more host names, IP addresses, network @@ -311,6 +322,18 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) he/she wishes. However, you may also specify command line arguments (including wildcards). Alternately, you can specify "" to indicate that the command may only be run wwiitthhoouutt command line arguments. A + + + +1.8.1 April 9, 2011 5 + + + + + +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + + directory is a fully qualified path name ending in a '/'. When you specify a directory in a Cmnd_List, the user will be able to run any file within that directory (but not in any subdirectories therein). @@ -323,17 +346,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) to permit a user to run ssuuddoo with the --ee option (or as ssuuddooeeddiitt). It may take command line arguments just as a normal command does. - - -1.8.0rc1 February 21, 2011 5 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - DDeeffaauullttss Certain configuration options may be changed from their default values at runtime via one or more Default_Entry lines. These may affect all @@ -376,30 +388,30 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) See "SUDOERS OPTIONS" for a list of supported Defaults parameters. - UUsseerr SSppeecciiffiiccaattiioonn - User_Spec ::= User_List Host_List '=' Cmnd_Spec_List \ - (':' Host_List '=' Cmnd_Spec_List)* - Cmnd_Spec_List ::= Cmnd_Spec | - Cmnd_Spec ',' Cmnd_Spec_List - Cmnd_Spec ::= Runas_Spec? SELinux_Spec? Tag_Spec* Cmnd - Runas_Spec ::= '(' Runas_List? (':' Runas_List)? ')' +1.8.1 April 9, 2011 6 - SELinux_Spec ::= ('ROLE=role' | 'TYPE=type') -1.8.0rc1 February 21, 2011 6 +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + UUsseerr SSppeecciiffiiccaattiioonn + User_Spec ::= User_List Host_List '=' Cmnd_Spec_List \ + (':' Host_List '=' Cmnd_Spec_List)* + Cmnd_Spec_List ::= Cmnd_Spec | + Cmnd_Spec ',' Cmnd_Spec_List -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + Cmnd_Spec ::= Runas_Spec? SELinux_Spec? Tag_Spec* Cmnd + Runas_Spec ::= '(' Runas_List? (':' Runas_List)? ')' + SELinux_Spec ::= ('ROLE=role' | 'TYPE=type') Tag_Spec ::= ('NOPASSWD:' | 'PASSWD:' | 'NOEXEC:' | 'EXEC:' | 'SETENV:' | 'NOSETENV:' | 'LOG_INPUT:' | 'NOLOG_INPUT:' | @@ -409,7 +421,7 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) what user) on specified hosts. By default, commands are run as rroooott, but this can be changed on a per-command basis. - The basic structure of a user specification is `who = where (as_whom) + The basic structure of a user specification is `who where = (as_whom) what'. Let's break that down into its constituent parts: RRuunnaass__SSppeecc @@ -442,30 +454,30 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) dgb boulder = (operator) /bin/ls, (root) /bin/kill, /usr/bin/lprm - Then user ddggbb is now allowed to run _/_b_i_n_/_l_s as ooppeerraattoorr, but _/_b_i_n_/_k_i_l_l - and _/_u_s_r_/_b_i_n_/_l_p_r_m as rroooott. - We can extend this to allow ddggbb to run /bin/ls with either the user or - group set to ooppeerraattoorr: - dgb boulder = (operator : operator) /bin/ls, (root) /bin/kill, \ - /usr/bin/lprm - Note that while the group portion of the Runas_Spec permits the user to - run as command with that group, it does not force the user to do so. - If no group is specified on the command line, the command will run with +1.8.1 April 9, 2011 7 -1.8.0rc1 February 21, 2011 7 +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + Then user ddggbb is now allowed to run _/_b_i_n_/_l_s as ooppeerraattoorr, but _/_b_i_n_/_k_i_l_l + and _/_u_s_r_/_b_i_n_/_l_p_r_m as rroooott. -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + We can extend this to allow ddggbb to run /bin/ls with either the user or + group set to ooppeerraattoorr: + dgb boulder = (operator : operator) /bin/ls, (root) /bin/kill, \ + /usr/bin/lprm + Note that while the group portion of the Runas_Spec permits the user to + run as command with that group, it does not force the user to do so. + If no group is specified on the command line, the command will run with the group listed in the target user's password database entry. The following would all be permitted by the sudoers entry above: @@ -508,30 +520,30 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) the tag unless it is overridden by the opposite tag (i.e.: PASSWD overrides NOPASSWD and NOEXEC overrides EXEC). - _N_O_P_A_S_S_W_D _a_n_d _P_A_S_S_W_D - By default, ssuuddoo requires that a user authenticate him or herself - before running a command. This behavior can be modified via the - NOPASSWD tag. Like a Runas_Spec, the NOPASSWD tag sets a default for - the commands that follow it in the Cmnd_Spec_List. Conversely, the - PASSWD tag can be used to reverse things. For example: - ray rushmore = NOPASSWD: /bin/kill, /bin/ls, /usr/bin/lprm - would allow the user rraayy to run _/_b_i_n_/_k_i_l_l, _/_b_i_n_/_l_s, and _/_u_s_r_/_b_i_n_/_l_p_r_m - as rroooott on the machine rushmore without authenticating himself. If we +1.8.1 April 9, 2011 8 -1.8.0rc1 February 21, 2011 8 +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + _N_O_P_A_S_S_W_D _a_n_d _P_A_S_S_W_D -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + By default, ssuuddoo requires that a user authenticate him or herself + before running a command. This behavior can be modified via the + NOPASSWD tag. Like a Runas_Spec, the NOPASSWD tag sets a default for + the commands that follow it in the Cmnd_Spec_List. Conversely, the + PASSWD tag can be used to reverse things. For example: + ray rushmore = NOPASSWD: /bin/kill, /bin/ls, /usr/bin/lprm + would allow the user rraayy to run _/_b_i_n_/_k_i_l_l, _/_b_i_n_/_l_s, and _/_u_s_r_/_b_i_n_/_l_p_r_m + as rroooott on the machine rushmore without authenticating himself. If we only want rraayy to be able to run _/_b_i_n_/_k_i_l_l without a password the entry would be: @@ -564,39 +576,37 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) _S_E_T_E_N_V _a_n_d _N_O_S_E_T_E_N_V These tags override the value of the _s_e_t_e_n_v option on a per-command - basis. Note that if SETENV has been set for a command, the user - maydisable the _e_n_v___r_e_s_e_t option from the command line via the --EE - option. Additionally, environment variables set on the command line - are not subject to the restrictions imposed by _e_n_v___c_h_e_c_k, _e_n_v___d_e_l_e_t_e, - or _e_n_v___k_e_e_p. As such, only trusted users should be allowed to set + basis. Note that if SETENV has been set for a command, the user may + disable the _e_n_v___r_e_s_e_t option from the command line via the --EE option. + Additionally, environment variables set on the command line are not + subject to the restrictions imposed by _e_n_v___c_h_e_c_k, _e_n_v___d_e_l_e_t_e, or + _e_n_v___k_e_e_p. As such, only trusted users should be allowed to set variables in this manner. If the command matched is AALLLL, the SETENV tag is implied for that command; this default may be overridden by use of the NOSETENV tag. _L_O_G___I_N_P_U_T _a_n_d _N_O_L_O_G___I_N_P_U_T - These tags override the value of the _l_o_g___i_n_p_u_t option on a per-command - basis. For more information, see the description of _l_o_g___i_n_p_u_t in the - "SUDOERS OPTIONS" section below. - - _L_O_G___O_U_T_P_U_T _a_n_d _N_O_L_O_G___O_U_T_P_U_T - - These tags override the value of the _l_o_g___o_u_t_p_u_t option on a per-command - basis. For more information, see the description of _l_o_g___o_u_t_p_u_t in the - "SUDOERS OPTIONS" section below. +1.8.1 April 9, 2011 9 -1.8.0rc1 February 21, 2011 9 +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + These tags override the value of the _l_o_g___i_n_p_u_t option on a per-command + basis. For more information, see the description of _l_o_g___i_n_p_u_t in the + "SUDOERS OPTIONS" section below. -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + _L_O_G___O_U_T_P_U_T _a_n_d _N_O_L_O_G___O_U_T_P_U_T + These tags override the value of the _l_o_g___o_u_t_p_u_t option on a per-command + basis. For more information, see the description of _l_o_g___o_u_t_p_u_t in the + "SUDOERS OPTIONS" section below. WWiillddccaarrddss ssuuddoo allows shell-style _w_i_l_d_c_a_r_d_s (aka meta or glob characters) to be @@ -643,27 +653,26 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) file currently being parsed using the #include and #includedir directives. - This can be used, for example, to keep a site-wide _s_u_d_o_e_r_s file in - addition to a local, per-machine file. For the sake of this example - the site-wide _s_u_d_o_e_r_s will be _/_e_t_c_/_s_u_d_o_e_r_s and the per-machine one will - be _/_e_t_c_/_s_u_d_o_e_r_s_._l_o_c_a_l. To include _/_e_t_c_/_s_u_d_o_e_r_s_._l_o_c_a_l from within - _/_e_t_c_/_s_u_d_o_e_r_s we would use the following line in _/_e_t_c_/_s_u_d_o_e_r_s: - - #include /etc/sudoers.local - When ssuuddoo reaches this line it will suspend processing of the current +1.8.1 April 9, 2011 10 -1.8.0rc1 February 21, 2011 10 +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + This can be used, for example, to keep a site-wide _s_u_d_o_e_r_s file in + addition to a local, per-machine file. For the sake of this example + the site-wide _s_u_d_o_e_r_s will be _/_e_t_c_/_s_u_d_o_e_r_s and the per-machine one will + be _/_e_t_c_/_s_u_d_o_e_r_s_._l_o_c_a_l. To include _/_e_t_c_/_s_u_d_o_e_r_s_._l_o_c_a_l from within + _/_e_t_c_/_s_u_d_o_e_r_s we would use the following line in _/_e_t_c_/_s_u_d_o_e_r_s: + #include /etc/sudoers.local + When ssuuddoo reaches this line it will suspend processing of the current file (_/_e_t_c_/_s_u_d_o_e_r_s) and switch to _/_e_t_c_/_s_u_d_o_e_r_s_._l_o_c_a_l. Upon reaching the end of _/_e_t_c_/_s_u_d_o_e_r_s_._l_o_c_a_l, the rest of _/_e_t_c_/_s_u_d_o_e_r_s will be processed. Files that are included may themselves include other files. @@ -709,26 +718,26 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) User_Alias, Runas_Alias, or Host_Alias. You should not try to define your own _a_l_i_a_s called AALLLL as the built-in alias will be used in preference to your own. Please note that using AALLLL can be dangerous - since in a command context, it allows the user to run aannyy command on - the system. - An exclamation point ('!') can be used as a logical _n_o_t operator both - in an _a_l_i_a_s and in front of a Cmnd. This allows one to exclude certain - values. Note, however, that using a ! in conjunction with the built-in - ALL alias to allow a user to run "all but a few" commands rarely works - as intended (see SECURITY NOTES below). +1.8.1 April 9, 2011 11 -1.8.0rc1 February 21, 2011 11 +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + since in a command context, it allows the user to run aannyy command on + the system. + An exclamation point ('!') can be used as a logical _n_o_t operator both + in an _a_l_i_a_s and in front of a Cmnd. This allows one to exclude certain + values. Note, however, that using a ! in conjunction with the built-in + ALL alias to allow a user to run "all but a few" commands rarely works + as intended (see SECURITY NOTES below). Long lines can be continued with a backslash ('\') as the last character on the line. @@ -737,8 +746,8 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) characters in a _U_s_e_r _S_p_e_c_i_f_i_c_a_t_i_o_n ('=', ':', '(', ')') is optional. The following characters must be escaped with a backslash ('\') when - used as part of a word (e.g. a user name or host name): '@', '!', '=', - ':', ',', '(', ')', '\'. + used as part of a word (e.g. a user name or host name): '!', '=', ':', + ',', '(', ')', '\'. SSUUDDOOEERRSS OOPPTTIIOONNSS ssuuddoo's behavior can be modified by Default_Entry lines, as explained @@ -775,19 +784,10 @@ SSUUDDOOEERRSS OOPPTTIIOONNSS zzlliibb support. env_editor If set, vviissuuddoo will use the value of the EDITOR or - VISUAL environment variables before falling back on the - default editor list. Note that this may create a - security hole as it allows the user to run any - arbitrary command as root without logging. A safer - alternative is to place a colon-separated list of - editors in the editor variable. vviissuuddoo will then only - use the EDITOR or VISUAL if they match a value - specified in editor. This flag is _o_f_f by default. - -1.8.0rc1 February 21, 2011 12 +1.8.1 April 9, 2011 12 @@ -796,6 +796,15 @@ SSUUDDOOEERRSS OOPPTTIIOONNSS SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + VISUAL environment variables before falling back on the + default editor list. Note that this may create a + security hole as it allows the user to run any + arbitrary command as root without logging. A safer + alternative is to place a colon-separated list of + editors in the editor variable. vviissuuddoo will then only + use the EDITOR or VISUAL if they match a value + specified in editor. This flag is _o_f_f by default. + env_reset If set, ssuuddoo will reset the environment to only contain the LOGNAME, MAIL, SHELL, USER, USERNAME and the SUDO_* variables. Any variables in the caller's environment @@ -841,19 +850,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) _o_f_f by default. ignore_dot If set, ssuuddoo will ignore '.' or '' (current dir) in the - PATH environment variable; the PATH itself is not - modified. This flag is _o_f_f by default. - - ignore_local_sudoers - If set via LDAP, parsing of _/_e_t_c_/_s_u_d_o_e_r_s will be - skipped. This is intended for Enterprises that wish to - prevent the usage of local sudoers files so that only - LDAP is used. This thwarts the efforts of rogue - operators who would attempt to add roles to -1.8.0rc1 February 21, 2011 13 +1.8.1 April 9, 2011 13 @@ -862,6 +862,15 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + PATH environment variable; the PATH itself is not + modified. This flag is _o_f_f by default. + + ignore_local_sudoers + If set via LDAP, parsing of _/_e_t_c_/_s_u_d_o_e_r_s will be + skipped. This is intended for Enterprises that wish to + prevent the usage of local sudoers files so that only + LDAP is used. This thwarts the efforts of rogue + operators who would attempt to add roles to _/_e_t_c_/_s_u_d_o_e_r_s. When this option is present, _/_e_t_c_/_s_u_d_o_e_r_s does not even need to exist. Since this option tells ssuuddoo how to behave when no specific LDAP @@ -875,6 +884,54 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) log_host If set, the host name will be logged in the (non- syslog) ssuuddoo log file. This flag is _o_f_f by default. + log_input If set, ssuuddoo will run the command in a _p_s_e_u_d_o _t_t_y and + log all user input. If the standard input is not + connected to the user's tty, due to I/O redirection or + because the command is part of a pipeline, that input + is also captured and stored in a separate log file. + + Input is logged to the directory specified by the + _i_o_l_o_g___d_i_r option (_/_v_a_r_/_l_o_g_/_s_u_d_o_-_i_o by default) using a + unique session ID that is included in the normal ssuuddoo + log line, prefixed with _T_S_I_D_=. The _i_o_l_o_g___f_i_l_e option + may be used to control the format of the session ID. + + Note that user input may contain sensitive information + such as passwords (even if they are not echoed to the + screen), which will be stored in the log file + unencrypted. In most cases, logging the command output + via _l_o_g___o_u_t_p_u_t is all that is required. + + log_output If set, ssuuddoo will run the command in a _p_s_e_u_d_o _t_t_y and + log all output that is sent to the screen, similar to + the _s_c_r_i_p_t(1) command. If the standard output or + standard error is not connected to the user's tty, due + to I/O redirection or because the command is part of a + pipeline, that output is also captured and stored in + separate log files. + + Output is logged to the directory specified by the + _i_o_l_o_g___d_i_r option (_/_v_a_r_/_l_o_g_/_s_u_d_o_-_i_o by default) using a + unique session ID that is included in the normal ssuuddoo + log line, prefixed with _T_S_I_D_=. The _i_o_l_o_g___f_i_l_e option + may be used to control the format of the session ID. + + + + +1.8.1 April 9, 2011 14 + + + + + +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + + + Output logs may be viewed with the _s_u_d_o_r_e_p_l_a_y(1m) + utility, which can also be used to list or search the + available logs. + log_year If set, the four-digit year will be logged in the (non- syslog) ssuuddoo log file. This flag is _o_f_f by default. @@ -916,10 +973,19 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) path_info Normally, ssuuddoo will tell the user when a command could not be found in their PATH environment variable. Some sites may wish to disable this as it could be used to + gather information on the location of executables that + the normal user does not have access to. The + disadvantage is that if the executable is simply not in + the user's PATH, ssuuddoo will tell the user that they are + not allowed to run it, which can be confusing. This + flag is _o_n by default. + + passprompt_override + The password prompt specified by _p_a_s_s_p_r_o_m_p_t will -1.8.0rc1 February 21, 2011 14 +1.8.1 April 9, 2011 15 @@ -928,15 +994,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - gather information on the location of executables that - the normal user does not have access to. The - disadvantage is that if the executable is simply not in - the user's PATH, ssuuddoo will tell the user that they are - not allowed to run it, which can be confusing. This - flag is _o_n by default. - - passprompt_override - The password prompt specified by _p_a_s_s_p_r_o_m_p_t will normally only be used if the password prompt provided by systems such as PAM matches the string "Password:". If _p_a_s_s_p_r_o_m_p_t___o_v_e_r_r_i_d_e is set, _p_a_s_s_p_r_o_m_p_t will always @@ -983,9 +1040,18 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) instead of the password of the invoking user. This flag is _o_f_f by default. + set_home If enabled and ssuuddoo is invoked with the --ss option the + HOME environment variable will be set to the home + directory of the target user (which is root unless the + --uu option is used). This effectively makes the --ss + option imply --HH. Note that HOME is already set when + the the _e_n_v___r_e_s_e_t option is enabled, so _s_e_t___h_o_m_e is + only effective for configurations where either + _e_n_v___r_e_s_e_t is disabled or HOME is present in the + -1.8.0rc1 February 21, 2011 15 +1.8.1 April 9, 2011 16 @@ -994,14 +1060,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - set_home If enabled and ssuuddoo is invoked with the --ss option the - HOME environment variable will be set to the home - directory of the target user (which is root unless the - --uu option is used). This effectively makes the --ss - option imply --HH. Note that HOME is already set when - the the _e_n_v___r_e_s_e_t option is enabled, so _s_e_t___h_o_m_e is - only effective for configurations where either - _e_n_v___r_e_s_e_t is disabled or HOME is present in the _e_n_v___k_e_e_p list. This flag is _o_f_f by default. set_logname Normally, ssuuddoo will set the LOGNAME, USER and USERNAME @@ -1015,6 +1073,14 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) disabled, entries in the _e_n_v___k_e_e_p list will override the value of _s_e_t___l_o_g_n_a_m_e. This flag is _o_n by default. + set_utmp When enabled, ssuuddoo will create an entry in the utmp (or + utmpx) file when a pseudo-tty is allocated. A pseudo- + tty is allocated by ssuuddoo when the _l_o_g___i_n_p_u_t, _l_o_g___o_u_t_p_u_t + or _u_s_e___p_t_y flags are enabled. By default, the new + entry will be a copy of the user's existing utmp entry + (if any), with the tty, time, type and pid fields + updated. This flag is _o_n by default. + setenv Allow the user to disable the _e_n_v___r_e_s_e_t option from the command line via the --EE option. Additionally, environment variables set via the command line are not @@ -1051,7 +1117,7 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) -1.8.0rc1 February 21, 2011 16 +1.8.1 April 9, 2011 17 @@ -1060,32 +1126,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - log_input If set, ssuuddoo will run the command in a _p_s_e_u_d_o _t_t_y and - log all user input. If the standard input is not - connected to the user's tty, due to I/O redirection or - because the command is part of a pipeline, that input - is also captured and stored in a separate log file. - - Input is logged to the _/_v_a_r_/_l_o_g_/_s_u_d_o_-_i_o directory using - a unique session ID that is included in the normal ssuuddoo - log line, prefixed with _T_S_I_D_=. - - log_output If set, ssuuddoo will run the command in a _p_s_e_u_d_o _t_t_y and - log all output that is sent to the screen, similar to - the _s_c_r_i_p_t(1) command. If the standard output or - standard error is not connected to the user's tty, due - to I/O redirection or because the command is part of a - pipeline, that output is also captured and stored in - separate log files. - - Output is logged to the _/_v_a_r_/_l_o_g_/_s_u_d_o_-_i_o directory - using a unique session ID that is included in the - normal ssuuddoo log line, prefixed with _T_S_I_D_=. - - Output logs may be viewed with the _s_u_d_o_r_e_p_l_a_y(1m) - utility, which can also be used to list or search the - available logs. - tty_tickets If set, users must authenticate on a per-tty basis. With this flag enabled, ssuuddoo will use a file named for the tty the user is logged in on in the user's time @@ -1110,22 +1150,16 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) run under ssuuddoo could conceivably fork a background process that retains to the user's terminal device after the main program has finished executing. Use of - this option will make that impossible. + this option will make that impossible. This flag is + _o_f_f by default. + + utmp_runas If set, ssuuddoo will store the name of the runas user when + updating the utmp (or utmpx) file. By default, ssuuddoo + stores the name of the invoking user. This flag is _o_f_f + by default. visiblepw By default, ssuuddoo will refuse to run if the user must enter a password but it is not possible to disable echo - - - -1.8.0rc1 February 21, 2011 17 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - on the terminal. If the _v_i_s_i_b_l_e_p_w flag is set, ssuuddoo will prompt for a password even when it would be visible on the screen. This makes it possible to run @@ -1147,6 +1181,17 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) IInntteeggeerrss tthhaatt ccaann bbee uusseedd iinn aa bboooolleeaann ccoonntteexxtt: + + +1.8.1 April 9, 2011 18 + + + + + +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + + loglinelen Number of characters per line for the file log. This value is used to decide when to wrap lines for nicer log files. This has no effect on the syslog log file, @@ -1181,17 +1226,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) SSttrriinnggss: - - -1.8.0rc1 February 21, 2011 18 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - badpass_message Message that is displayed if a user enters an incorrect password. The default is Sorry, try again. unless insults are enabled. @@ -1213,6 +1247,17 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) The following percent (`%') escape sequences are supported: + + +1.8.1 April 9, 2011 19 + + + + + +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + + %{seq} expanded to a monotonically increasing base-36 sequence number, such as 0100A5, where every two @@ -1244,20 +1289,11 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) In addition, any escape sequences supported by the system's _s_t_r_f_t_i_m_e_(_) function will be expanded. + To include a literal `%' character, the string `%%' + should be used. + Path names that end in six or more Xs will have the Xs replaced with a unique combination of digits and - - - -1.8.0rc1 February 21, 2011 19 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - letters, similar to the _m_k_t_e_m_p_(_) function. iolog_file The path name, relative to _i_o_l_o_g___d_i_r, in which to store @@ -1274,12 +1310,21 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) %h will expand to the host name of the machine. Default is *** SECURITY information for %h ***. - noexec_file Path to a shared library containing dummy versions of - the _e_x_e_c_v_(_), _e_x_e_c_v_e_(_) and _f_e_x_e_c_v_e_(_) library functions - that just return an error. This is used to implement - the _n_o_e_x_e_c functionality on systems that support - LD_PRELOAD or its equivalent. Defaults to - _/_u_s_r_/_l_o_c_a_l_/_l_i_b_e_x_e_c_/_s_u_d_o___n_o_e_x_e_c_._s_o. + noexec_file This option is deprecated and will be removed in a + future release of ssuuddoo. The path to the noexec file + + + +1.8.1 April 9, 2011 20 + + + + + +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + + + should now be set in the _/_e_t_c_/_s_u_d_o_._c_o_n_f file. passprompt The default prompt to use when asking for a password; can be overridden via the --pp option or the SUDO_PROMPT @@ -1313,17 +1358,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) via command line options. This option is only available whe ssuuddoo is built with SELinux support. - - -1.8.0rc1 February 21, 2011 20 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - runas_default The default user to run commands as if the --uu option is not specified on the command line. This defaults to root. Note that if _r_u_n_a_s___d_e_f_a_u_l_t is set it mmuusstt occur @@ -1344,6 +1378,18 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) The default is _/_v_a_r_/_a_d_m_/_s_u_d_o. timestampowner The owner of the timestamp directory and the timestamps + + + +1.8.1 April 9, 2011 21 + + + + + +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + + stored therein. The default is root. type The default SELinux type to use when constructing a new @@ -1378,18 +1424,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) group_plugin A string containing a _s_u_d_o_e_r_s group plugin with optional - - - -1.8.0rc1 February 21, 2011 21 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - arguments. This can be used to implement support for the nonunix_group syntax described earlier. The string should consist of the plugin path, either fully-qualified or @@ -1410,6 +1444,18 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) along with the password prompt. It has the following possible values: + + + +1.8.1 April 9, 2011 22 + + + + + +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + + always Always lecture the user. never Never lecture the user. @@ -1444,18 +1490,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) option. If no value is specified, a value of _a_n_y is implied. - - - -1.8.0rc1 February 21, 2011 22 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - Negating the option results in a value of _n_e_v_e_r being used. The default value is _a_n_y. @@ -1477,6 +1511,17 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) should be enclosed in double quotes (") to protect against ssuuddoo interpreting the @ sign. Defaults to root. + + +1.8.1 April 9, 2011 23 + + + + + +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + + secure_path Path used for every command run from ssuuddoo. If you don't trust the people running ssuuddoo to have a sane PATH environment variable you may want to use this. Another use @@ -1510,18 +1555,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) Negating the option results in a value of _n_e_v_e_r being used. The default value is _a_l_l. - - - -1.8.0rc1 February 21, 2011 23 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - LLiissttss tthhaatt ccaann bbee uusseedd iinn aa bboooolleeaann ccoonntteexxtt: env_check Environment variables to be removed from the user's @@ -1543,6 +1576,18 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) environment when the _e_n_v___r_e_s_e_t option is not in effect. The argument may be a double-quoted, space-separated list or a single value without double-quotes. The list + + + +1.8.1 April 9, 2011 24 + + + + + +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + + can be replaced, added to, deleted from, or disabled by using the =, +=, -=, and ! operators respectively. The default list of environment variables to remove is @@ -1576,18 +1621,6 @@ FFIILLEESS _/_e_t_c_/_n_e_t_g_r_o_u_p List of network groups - - - -1.8.0rc1 February 21, 2011 24 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - _/_v_a_r_/_l_o_g_/_s_u_d_o_-_i_o I/O log files _/_v_a_r_/_a_d_m_/_s_u_d_o Directory containing time stamps for the @@ -1609,6 +1642,18 @@ EEXXAAMMPPLLEESS # User alias specification User_Alias FULLTIMERS = millert, mikef, dowdy User_Alias PARTTIMERS = bostley, jwfox, crawl + + + +1.8.1 April 9, 2011 25 + + + + + +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + + User_Alias WEBMASTERS = will, wendy, wim # Runas alias specification @@ -1642,18 +1687,6 @@ EEXXAAMMPPLLEESS Here we override some of the compiled in default values. We want ssuuddoo to log via _s_y_s_l_o_g(3) using the _a_u_t_h facility in all cases. We don't - - - -1.8.0rc1 February 21, 2011 25 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - want to subject the full time staff to the ssuuddoo lecture, user mmiilllleerrtt need not give a password, and we don't want to reset the LOGNAME, USER or USERNAME environment variables when running commands as root. @@ -1674,6 +1707,19 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) The _U_s_e_r _s_p_e_c_i_f_i_c_a_t_i_o_n is the part that actually determines who may run what. + + + + +1.8.1 April 9, 2011 26 + + + + + +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + + root ALL = (ALL) ALL %wheel ALL = (ALL) ALL @@ -1708,18 +1754,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) sudoedit /etc/printcap, /usr/oper/bin/ The ooppeerraattoorr user may run commands limited to simple maintenance. - - - -1.8.0rc1 February 21, 2011 26 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - Here, those are commands related to backups, killing processes, the printing system, shutting down the system, and any commands in the directory _/_u_s_r_/_o_p_e_r_/_b_i_n_/. @@ -1741,6 +1775,17 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) bob SPARC = (OP) ALL : SGI = (OP) ALL + + +1.8.1 April 9, 2011 27 + + + + + +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + + The user bboobb may run anything on the _S_P_A_R_C and _S_G_I machines as any user listed in the _O_P Runas_Alias (rroooott and ooppeerraattoorr). @@ -1774,18 +1819,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) For any machine in the _S_E_R_V_E_R_S Host_Alias, jjiillll may run any commands in the directory _/_u_s_r_/_b_i_n_/ except for those commands belonging to the _S_U - - - -1.8.0rc1 February 21, 2011 27 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - and _S_H_E_L_L_S Cmnd_Aliases. steve CSNETS = (operator) /usr/local/op_commands/ @@ -1807,6 +1840,18 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) ALL CDROM = NOPASSWD: /sbin/umount /CDROM,\ /sbin/mount -o nosuid\,nodev /dev/cd0a /CDROM + + + +1.8.1 April 9, 2011 28 + + + + + +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + + Any user may mount or unmount a CD-ROM on the machines in the CDROM Host_Alias (orion, perseus, hercules) without entering a password. This is a bit tedious for users to type, so it is a prime candidate for @@ -1841,17 +1886,6 @@ SSEECCUURRIITTYY NNOOTTEESS User jjoohhnn can still run /usr/bin/passwd root if _f_a_s_t___g_l_o_b is enabled by changing to _/_u_s_r_/_b_i_n and running ./passwd root instead. - - -1.8.0rc1 February 21, 2011 28 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - PPRREEVVEENNTTIINNGG SSHHEELLLL EESSCCAAPPEESS Once ssuuddoo executes a program, that program is free to do whatever it pleases, including run other programs. This can be a security issue @@ -1872,57 +1906,48 @@ PPRREEVVEENNTTIINNGG SSHHEELLLL EESSCCAAPPEESS noexec Many systems that support shared libraries have the ability to override default library functions by pointing an environment variable (usually LD_PRELOAD) to an alternate - shared library. On such systems, ssuuddoo's _n_o_e_x_e_c functionality - can be used to prevent a program run by ssuuddoo from executing - any other programs. Note, however, that this applies only to - native dynamically-linked executables. Statically-linked - executables and foreign executables running under binary - emulation are not affected. - To tell whether or not ssuuddoo supports _n_o_e_x_e_c, you can run the - following as root: - sudo -V | grep "dummy exec" - If the resulting output contains a line that begins with: +1.8.1 April 9, 2011 29 - File containing dummy exec functions: - then ssuuddoo may be able to replace the exec family of functions - in the standard library with its own that simply return an - error. Unfortunately, there is no foolproof way to know - whether or not _n_o_e_x_e_c will work at compile-time. _n_o_e_x_e_c - should work on SunOS, Solaris, *BSD, Linux, IRIX, Tru64 UNIX, - MacOS X, and HP-UX 11.x. It is known nnoott to work on AIX and - UnixWare. _n_o_e_x_e_c is expected to work on most operating - systems that support the LD_PRELOAD environment variable. - Check your operating system's manual pages for the dynamic - linker (usually ld.so, ld.so.1, dyld, dld.sl, rld, or loader) - to see if LD_PRELOAD is supported. - To enable _n_o_e_x_e_c for a command, use the NOEXEC tag as - documented in the User Specification section above. Here is - that example again: - aaron shanty = NOEXEC: /usr/bin/more, /usr/bin/vi +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + shared library. On such systems, ssuuddoo's _n_o_e_x_e_c functionality + can be used to prevent a program run by ssuuddoo from executing + any other programs. Note, however, that this applies only to + native dynamically-linked executables. Statically-linked + executables and foreign executables running under binary + emulation are not affected. -1.8.0rc1 February 21, 2011 29 - - - + The _n_o_e_x_e_c feature is known to work on SunOS, Solaris, *BSD, + Linux, IRIX, Tru64 UNIX, MacOS X, HP-UX 11.x and AIX 5.3 and + above. It should be supported on most operating systems that + support the LD_PRELOAD environment variable. Check your + operating system's manual pages for the dynamic linker + (usually ld.so, ld.so.1, dyld, dld.sl, rld, or loader) to see + if LD_PRELOAD is supported. + On Solaris 10 and higher, _n_o_e_x_e_c uses Solaris privileges + instead of the LD_PRELOAD environment variable. -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + To enable _n_o_e_x_e_c for a command, use the NOEXEC tag as + documented in the User Specification section above. Here is + that example again: + aaron shanty = NOEXEC: /usr/bin/more, /usr/bin/vi This allows user aaaarroonn to run _/_u_s_r_/_b_i_n_/_m_o_r_e and _/_u_s_r_/_b_i_n_/_v_i with _n_o_e_x_e_c enabled. This will prevent those two commands from executing other commands (such as a shell). If you are unsure whether or not your system is capable of supporting - _n_o_e_x_e_c you can always just try it out and see if it works. + _n_o_e_x_e_c you can always just try it out and check whether shell + escapes work when _n_o_e_x_e_c is enabled. Note that restricting shell escapes is not a panacea. Programs running as root are still capable of many potentially hazardous operations @@ -1947,6 +1972,18 @@ SSEECCUURRIITTYY NNOOTTEESS _s_u_d_o_e_r_s will not honor time stamps set far in the future. Time stamps with a date greater than current_time + 2 * TIMEOUT will be ignored and sudo will log and complain. This is done to keep a user from creating + + + +1.8.1 April 9, 2011 30 + + + + + +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + + his/her own time stamp with a bogus date on systems that allow users to give away files if the time stamp directory is located in a world- writable directory. @@ -1972,18 +2009,6 @@ SSEECCUURRIITTYY NNOOTTEESS If users have sudo ALL there is nothing to prevent them from creating their own program that gives them a root shell (or making their own copy of a shell) regardless of any '!' elements in the user - - - -1.8.0rc1 February 21, 2011 30 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - specification. SSEEEE AALLSSOO @@ -2013,6 +2038,18 @@ SSUUPPPPOORRTT DDIISSCCLLAAIIMMEERR ssuuddoo is provided ``AS IS'' and any express or implied warranties, including, but not limited to, the implied warranties of + + + +1.8.1 April 9, 2011 31 + + + + + +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + + merchantability and fitness for a particular purpose are disclaimed. See the LICENSE file distributed with ssuuddoo or http://www.sudo.ws/sudo/license.html for complete details. @@ -2041,6 +2078,35 @@ DDIISSCCLLAAIIMMEERR -1.8.0rc1 February 21, 2011 31 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +1.8.1 April 9, 2011 32 diff --git a/doc/sudoers.ldap.cat b/doc/sudoers.ldap.cat index 63dc4c048..21704be8f 100644 --- a/doc/sudoers.ldap.cat +++ b/doc/sudoers.ldap.cat @@ -61,7 +61,7 @@ DDEESSCCRRIIPPTTIIOONN -1.8.0rc1 February 21, 2011 1 +1.8.1 April 9, 2011 1 @@ -127,7 +127,7 @@ SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) -1.8.0rc1 February 21, 2011 2 +1.8.1 April 9, 2011 2 @@ -193,7 +193,7 @@ SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) -1.8.0rc1 February 21, 2011 3 +1.8.1 April 9, 2011 3 @@ -259,7 +259,7 @@ SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) -1.8.0rc1 February 21, 2011 4 +1.8.1 April 9, 2011 4 @@ -325,7 +325,7 @@ SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) -1.8.0rc1 February 21, 2011 5 +1.8.1 April 9, 2011 5 @@ -372,6 +372,12 @@ SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) example.com. Multiple SSUUDDOOEERRSS__BBAASSEE lines may be specified, in which case they are queried in the order specified. + SSUUDDOOEERRSS__SSEEAARRCCHH__FFIILLTTEERR ldap_filter + An LDAP filter which is used to restrict the set of records + returned when performing a ssuuddoo LDAP query. Typically, this is of + the form attribute=value or + (&(attribute=value)(attribute2=value2)). + SSUUDDOOEERRSS__TTIIMMEEDD on/true/yes/off/false/no Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes that implement time-dependent sudoers entries. @@ -382,16 +388,10 @@ SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) in a moderate amount of debugging information. A value of 2 shows the results of the matches themselves. This parameter should not be set in a production environment as the extra information is - likely to confuse users. - - BBIINNDDDDNN DN - The BBIINNDDDDNN parameter specifies the identity, in the form of a - Distinguished Name (DN), to use when performing LDAP operations. - If not specified, LDAP operations are performed with an anonymous -1.8.0rc1 February 21, 2011 6 +1.8.1 April 9, 2011 6 @@ -400,6 +400,12 @@ SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) + likely to confuse users. + + BBIINNDDDDNN DN + The BBIINNDDDDNN parameter specifies the identity, in the form of a + Distinguished Name (DN), to use when performing LDAP operations. + If not specified, LDAP operations are performed with an anonymous identity. By default, most LDAP servers will allow anonymous access. @@ -447,17 +453,11 @@ SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) TTLLSS__CCAACCEERRTT file name An alias for TTLLSS__CCAACCEERRTTFFIILLEE for OpenLDAP compatibility. - TTLLSS__CCAACCEERRTTFFIILLEE file name - The path to a certificate authority bundle which contains the - certificates for all the Certificate Authorities the client knows - to be valid, e.g. _/_e_t_c_/_s_s_l_/_c_a_-_b_u_n_d_l_e_._p_e_m. This option is only - supported by the OpenLDAP libraries. Netscape-derived LDAP - libraries use the same certificate database for CA and client - certificates (see TTLLSS__CCEERRTT). -1.8.0rc1 February 21, 2011 7 + +1.8.1 April 9, 2011 7 @@ -466,6 +466,14 @@ SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) + TTLLSS__CCAACCEERRTTFFIILLEE file name + The path to a certificate authority bundle which contains the + certificates for all the Certificate Authorities the client knows + to be valid, e.g. _/_e_t_c_/_s_s_l_/_c_a_-_b_u_n_d_l_e_._p_e_m. This option is only + supported by the OpenLDAP libraries. Netscape-derived LDAP + libraries use the same certificate database for CA and client + certificates (see TTLLSS__CCEERRTT). + TTLLSS__CCAACCEERRTTDDIIRR directory Similar to TTLLSS__CCAACCEERRTTFFIILLEE but instead of a file, it is a directory containing individual Certificate Authority certificates, e.g. @@ -511,19 +519,11 @@ SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) the OpenSSL manual for a list of valid ciphers. This option is only supported by the OpenLDAP libraries. - UUSSEE__SSAASSLL on/true/yes/off/false/no - Enable UUSSEE__SSAASSLL for LDAP servers that support SASL authentication. - SSAASSLL__AAUUTTHH__IIDD identity - The SASL user name to use when connecting to the LDAP server. By - default, ssuuddoo will use an anonymous connection. - - RROOOOTTUUSSEE__SSAASSLL on/true/yes/off/false/no - Enable RROOOOTTUUSSEE__SSAASSLL to enable SASL authentication when connecting -1.8.0rc1 February 21, 2011 8 +1.8.1 April 9, 2011 8 @@ -532,6 +532,15 @@ SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) + UUSSEE__SSAASSLL on/true/yes/off/false/no + Enable UUSSEE__SSAASSLL for LDAP servers that support SASL authentication. + + SSAASSLL__AAUUTTHH__IIDD identity + The SASL user name to use when connecting to the LDAP server. By + default, ssuuddoo will use an anonymous connection. + + RROOOOTTUUSSEE__SSAASSLL on/true/yes/off/false/no + Enable RROOOOTTUUSSEE__SSAASSLL to enable SASL authentication when connecting to an LDAP server from a privileged process, such as ssuuddoo. RROOOOTTSSAASSLL__AAUUTTHH__IIDD identity @@ -577,26 +586,26 @@ SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) sudoers: files - Note that _/_e_t_c_/_n_s_s_w_i_t_c_h_._c_o_n_f is supported even when the underlying - operating system does not use an nsswitch.conf file. - CCoonnffiigguurriinngg nneettssvvcc..ccoonnff - On AIX systems, the _/_e_t_c_/_n_e_t_s_v_c_._c_o_n_f file is consulted instead of - _/_e_t_c_/_n_s_s_w_i_t_c_h_._c_o_n_f. ssuuddoo simply treats _n_e_t_s_v_c_._c_o_n_f as a variant of - _n_s_s_w_i_t_c_h_._c_o_n_f; information in the previous section unrelated to the - file format itself still applies. +1.8.1 April 9, 2011 9 -1.8.0rc1 February 21, 2011 9 +SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) -SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) + Note that _/_e_t_c_/_n_s_s_w_i_t_c_h_._c_o_n_f is supported even when the underlying + operating system does not use an nsswitch.conf file. + CCoonnffiigguurriinngg nneettssvvcc..ccoonnff + On AIX systems, the _/_e_t_c_/_n_e_t_s_v_c_._c_o_n_f file is consulted instead of + _/_e_t_c_/_n_s_s_w_i_t_c_h_._c_o_n_f. ssuuddoo simply treats _n_e_t_s_v_c_._c_o_n_f as a variant of + _n_s_s_w_i_t_c_h_._c_o_n_f; information in the previous section unrelated to the + file format itself still applies. To consult LDAP first followed by the local sudoers file (if it exists), use: @@ -643,19 +652,10 @@ EEXXAAMMPPLLEESS #uri ldaps://secureldapserver #uri ldaps://secureldapserver ldap://ldapserver # - # The amount of time, in seconds, to wait while trying to connect to - # an LDAP server. - bind_timelimit 30 - # - # The amount of time, in seconds, to wait while performing an LDAP query. - timelimit 30 - # - # Must be set or sudo will ignore LDAP; may be specified multiple times. - sudoers_base ou=SUDOers,dc=example,dc=com -1.8.0rc1 February 21, 2011 10 +1.8.1 April 9, 2011 10 @@ -664,6 +664,15 @@ EEXXAAMMPPLLEESS SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) + # The amount of time, in seconds, to wait while trying to connect to + # an LDAP server. + bind_timelimit 30 + # + # The amount of time, in seconds, to wait while performing an LDAP query. + timelimit 30 + # + # Must be set or sudo will ignore LDAP; may be specified multiple times. + sudoers_base ou=SUDOers,dc=example,dc=com # # verbose sudoers matching from ldap #sudoers_debug 2 @@ -709,19 +718,10 @@ SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) #tls_randfile /etc/egd-pool # # You may restrict which ciphers are used. Consult your SSL - # documentation for which options go here. - # Only supported when using OpenLDAP. - # - #tls_ciphers - # - # Sudo can provide a client certificate when communicating to - # the LDAP server. - # Tips: - # * Enable both lines at the same time. -1.8.0rc1 February 21, 2011 11 +1.8.1 April 9, 2011 11 @@ -730,6 +730,15 @@ SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) + # documentation for which options go here. + # Only supported when using OpenLDAP. + # + #tls_ciphers + # + # Sudo can provide a client certificate when communicating to + # the LDAP server. + # Tips: + # * Enable both lines at the same time. # * Do not password protect the key file. # * Ensure the keyfile is only readable by root. # @@ -775,19 +784,10 @@ SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) attributetype ( 1.3.6.1.4.1.15953.9.1.2 NAME 'sudoHost' - DESC 'Host(s) who may run sudo' - EQUALITY caseExactIA5Match - SUBSTR caseExactIA5SubstringsMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) - - attributetype ( 1.3.6.1.4.1.15953.9.1.3 - NAME 'sudoCommand' - DESC 'Command(s) to be executed by sudo' - EQUALITY caseExactIA5Match -1.8.0rc1 February 21, 2011 12 +1.8.1 April 9, 2011 12 @@ -796,6 +796,15 @@ SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) + DESC 'Host(s) who may run sudo' + EQUALITY caseExactIA5Match + SUBSTR caseExactIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + + attributetype ( 1.3.6.1.4.1.15953.9.1.3 + NAME 'sudoCommand' + DESC 'Command(s) to be executed by sudo' + EQUALITY caseExactIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) attributetype ( 1.3.6.1.4.1.15953.9.1.4 @@ -841,19 +850,10 @@ SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) DESC 'an integer to order the sudoRole entries' EQUALITY integerMatch ORDERING integerOrderingMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) - - objectclass ( 1.3.6.1.4.1.15953.9.2.1 NAME 'sudoRole' SUP top STRUCTURAL - DESC 'Sudoer Entries' - MUST ( cn ) - MAY ( sudoUser $ sudoHost $ sudoCommand $ sudoRunAs $ sudoRunAsUser $ - sudoRunAsGroup $ sudoOption $ sudoNotBefore $ sudoNotAfter $ - sudoOrder $ description ) - ) -1.8.0rc1 February 21, 2011 13 +1.8.1 April 9, 2011 13 @@ -862,6 +862,16 @@ SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) + + objectclass ( 1.3.6.1.4.1.15953.9.2.1 NAME 'sudoRole' SUP top STRUCTURAL + DESC 'Sudoer Entries' + MUST ( cn ) + MAY ( sudoUser $ sudoHost $ sudoCommand $ sudoRunAs $ sudoRunAsUser $ + sudoRunAsGroup $ sudoOption $ sudoNotBefore $ sudoNotAfter $ + sudoOrder $ description ) + ) + SSEEEE AALLSSOO _l_d_a_p_._c_o_n_f(4), _s_u_d_o_e_r_s(4) @@ -909,16 +919,6 @@ DDIISSCCLLAAIIMMEERR - - - - - - - - - - -1.8.0rc1 February 21, 2011 14 +1.8.1 April 9, 2011 14 diff --git a/doc/sudoers.ldap.man.in b/doc/sudoers.ldap.man.in index e0f078ca2..b1b9d0aa4 100644 --- a/doc/sudoers.ldap.man.in +++ b/doc/sudoers.ldap.man.in @@ -140,7 +140,7 @@ .\" ======================================================================== .\" .IX Title "SUDOERS.LDAP @mansectform@" -.TH SUDOERS.LDAP @mansectform@ "February 21, 2011" "1.8.0rc1" "MAINTENANCE COMMANDS" +.TH SUDOERS.LDAP @mansectform@ "April 9, 2011" "1.8.1" "MAINTENANCE COMMANDS" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -463,6 +463,11 @@ The base \s-1DN\s0 to use when performing \fBsudo\fR \s-1LDAP\s0 queries. Typic this is of the form \f(CW\*(C`ou=SUDOers,dc=example,dc=com\*(C'\fR for the domain \&\f(CW\*(C`example.com\*(C'\fR. Multiple \fB\s-1SUDOERS_BASE\s0\fR lines may be specified, in which case they are queried in the order specified. +.IP "\fB\s-1SUDOERS_SEARCH_FILTER\s0\fR ldap_filter" 4 +.IX Item "SUDOERS_SEARCH_FILTER ldap_filter" +An \s-1LDAP\s0 filter which is used to restrict the set of records returned +when performing a \fBsudo\fR \s-1LDAP\s0 query. Typically, this is of the +form \f(CW\*(C`attribute=value\*(C'\fR or \f(CW\*(C`(&(attribute=value)(attribute2=value2))\*(C'\fR. .IP "\fB\s-1SUDOERS_TIMED\s0\fR on/true/yes/off/false/no" 4 .IX Item "SUDOERS_TIMED on/true/yes/off/false/no" Whether or not to evaluate the \f(CW\*(C`sudoNotBefore\*(C'\fR and \f(CW\*(C`sudoNotAfter\*(C'\fR diff --git a/doc/sudoers.man.in b/doc/sudoers.man.in index f9632f05a..d3efddac0 100644 --- a/doc/sudoers.man.in +++ b/doc/sudoers.man.in @@ -148,7 +148,7 @@ .\" ======================================================================== .\" .IX Title "SUDOERS @mansectform@" -.TH SUDOERS @mansectform@ "February 21, 2011" "1.8.0rc1" "MAINTENANCE COMMANDS" +.TH SUDOERS @mansectform@ "April 9, 2011" "1.8.1" "MAINTENANCE COMMANDS" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -342,27 +342,34 @@ The definitions of what constitutes a valid \fIalias\fR member follow. \& User \*(Aq,\*(Aq User_List \& \& User ::= \*(Aq!\*(Aq* user name | -\& \*(Aq!\*(Aq* \*(Aq#\*(Aquid | -\& \*(Aq!\*(Aq* \*(Aq%\*(Aqgroup | -\& \*(Aq!\*(Aq* \*(Aq+\*(Aqnetgroup | -\& \*(Aq!\*(Aq* \*(Aq%:\*(Aqnonunix_group | +\& \*(Aq!\*(Aq* #uid | +\& \*(Aq!\*(Aq* %group | +\& \*(Aq!\*(Aq* %#gid | +\& \*(Aq!\*(Aq* +netgroup | +\& \*(Aq!\*(Aq* %:nonunix_group | +\& \*(Aq!\*(Aq* %:#nonunix_gid | \& \*(Aq!\*(Aq* User_Alias .Ve .PP -A \f(CW\*(C`User_List\*(C'\fR is made up of one or more user names, uids (prefixed -with '#'), system groups (prefixed with '%'), netgroups (prefixed -with '+') and \f(CW\*(C`User_Alias\*(C'\fRes. Each list item may be prefixed with -zero or more '!' operators. An odd number of '!' operators negate -the value of the item; an even number just cancel each other out. -.PP -A \f(CW\*(C`user name\*(C'\fR, \f(CW\*(C`group\*(C'\fR, \f(CW\*(C`netgroup\*(C'\fR or \f(CW\*(C`nonunix_group\*(C'\fR may -be enclosed in double quotes to avoid the need for escaping special -characters. Alternately, special characters may be specified in -escaped hex mode, e.g. \ex20 for space. -.PP -The actual \f(CW\*(C`nonunix_group\*(C'\fR syntax depends on the underlying group -provider plugin (see the \fIgroup_plugin\fR description below). -For instance, the \s-1QAS\s0 \s-1AD\s0 plugin supports the following formats: +A \f(CW\*(C`User_List\*(C'\fR is made up of one or more user names, user ids +(prefixed with '#'), system group names and ids (prefixed with '%' +and '%#' respectively), netgroups (prefixed with '+'), non-Unix +group names and IDs (prefixed with '%:' and '%:#' respectively) and +\&\f(CW\*(C`User_Alias\*(C'\fRes. Each list item may be prefixed with zero or more +\&'!' operators. An odd number of '!' operators negate the value of +the item; an even number just cancel each other out. +.PP +A \f(CW\*(C`user name\*(C'\fR, \f(CW\*(C`uid\*(C'\fR, \f(CW\*(C`group\*(C'\fR, \f(CW\*(C`gid\*(C'\fR, \f(CW\*(C`netgroup\*(C'\fR, \f(CW\*(C`nonunix_group\*(C'\fR +or \f(CW\*(C`nonunix_gid\*(C'\fR may be enclosed in double quotes to avoid the +need for escaping special characters. Alternately, special characters +may be specified in escaped hex mode, e.g. \ex20 for space. When +using double quotes, any prefix characters must be included inside +the quotes. +.PP +The actual \f(CW\*(C`nonunix_group\*(C'\fR and \f(CW\*(C`nonunix_gid\*(C'\fR syntax depends on +the underlying group provider plugin (see the \fIgroup_plugin\fR +description below). For instance, the \s-1QAS\s0 \s-1AD\s0 plugin supports the +following formats: .IP "\(bu" 4 Group in the same domain: \*(L"Group Name\*(R" .IP "\(bu" 4 @@ -370,16 +377,21 @@ Group in any domain: \*(L"Group Name@FULLY.QUALIFIED.DOMAIN\*(R" .IP "\(bu" 4 Group \s-1SID:\s0 \*(L"S\-1\-2\-34\-5678901234\-5678901234\-5678901234\-567\*(R" .PP -Note that quotes around group names are optional. Unquoted strings must -use a backslash (\e) to escape spaces and the '@' symbol. +Note that quotes around group names are optional. Unquoted strings +must use a backslash (\e) to escape spaces and special characters. +See \*(L"Other special characters and reserved words\*(R" for a list of +characters that need to be escaped. .PP .Vb 2 \& Runas_List ::= Runas_Member | \& Runas_Member \*(Aq,\*(Aq Runas_List \& \& Runas_Member ::= \*(Aq!\*(Aq* user name | -\& \*(Aq!\*(Aq* \*(Aq#\*(Aquid | -\& \*(Aq!\*(Aq* \*(Aq%\*(Aqgroup | +\& \*(Aq!\*(Aq* #uid | +\& \*(Aq!\*(Aq* %group | +\& \*(Aq!\*(Aq* %#gid | +\& \*(Aq!\*(Aq* %:nonunix_group | +\& \*(Aq!\*(Aq* %:#nonunix_gid | \& \*(Aq!\*(Aq* +netgroup | \& \*(Aq!\*(Aq* Runas_Alias .Ve @@ -398,7 +410,7 @@ and toor), you can use a uid instead (#0 in the example given). \& Host ::= \*(Aq!\*(Aq* host name | \& \*(Aq!\*(Aq* ip_addr | \& \*(Aq!\*(Aq* network(/netmask)? | -\& \*(Aq!\*(Aq* \*(Aq+\*(Aqnetgroup | +\& \*(Aq!\*(Aq* +netgroup | \& \*(Aq!\*(Aq* Host_Alias .Ve .PP @@ -526,7 +538,7 @@ A \fBuser specification\fR determines which commands a user may run (and as what user) on specified hosts. By default, commands are run as \fBroot\fR, but this can be changed on a per-command basis. .PP -The basic structure of a user specification is `who = where (as_whom) +The basic structure of a user specification is `who where = (as_whom) what'. Let's break that down into its constituent parts: .SS "Runas_Spec" .IX Subsection "Runas_Spec" @@ -689,7 +701,7 @@ on how \f(CW\*(C`NOEXEC\*(C'\fR works and whether or not it will work on your sy .PP These tags override the value of the \fIsetenv\fR option on a per-command basis. Note that if \f(CW\*(C`SETENV\*(C'\fR has been set for a command, the user -maydisable the \fIenv_reset\fR option from the command line via the +may disable the \fIenv_reset\fR option from the command line via the \&\fB\-E\fR option. Additionally, environment variables set on the command line are not subject to the restrictions imposed by \fIenv_check\fR, \&\fIenv_delete\fR, or \fIenv_keep\fR. As such, only trusted users should @@ -852,7 +864,7 @@ characters in a \fIUser Specification\fR ('=', ':', '(', ')') is optional. .PP The following characters must be escaped with a backslash ('\e') when used as part of a word (e.g.\ a user name or host name): -\&'@', '!', '=', ':', ',', '(', ')', '\e'. +\&'!', '=', ':', ',', '(', ')', '\e'. .SH "SUDOERS OPTIONS" .IX Header "SUDOERS OPTIONS" \&\fBsudo\fR's behavior can be modified by \f(CW\*(C`Default_Entry\*(C'\fR lines, as @@ -959,6 +971,41 @@ password. This flag is \fI@insults@\fR by default. .IX Item "log_host" If set, the host name will be logged in the (non-syslog) \fBsudo\fR log file. This flag is \fIoff\fR by default. +.IP "log_input" 16 +.IX Item "log_input" +If set, \fBsudo\fR will run the command in a \fIpseudo tty\fR and log all +user input. +If the standard input is not connected to the user's tty, due to +I/O redirection or because the command is part of a pipeline, that +input is also captured and stored in a separate log file. +.Sp +Input is logged to the directory specified by the \fIiolog_dir\fR +option (\fI@iolog_dir@\fR by default) using a unique session \s-1ID\s0 that +is included in the normal \fBsudo\fR log line, prefixed with \fITSID=\fR. +The \fIiolog_file\fR option may be used to control the format of the +session \s-1ID\s0. +.Sp +Note that user input may contain sensitive information such as +passwords (even if they are not echoed to the screen), which will +be stored in the log file unencrypted. In most cases, logging the +command output via \fIlog_output\fR is all that is required. +.IP "log_output" 16 +.IX Item "log_output" +If set, \fBsudo\fR will run the command in a \fIpseudo tty\fR and log all +output that is sent to the screen, similar to the \fIscript\fR\|(1) command. +If the standard output or standard error is not connected to the +user's tty, due to I/O redirection or because the command is part +of a pipeline, that output is also captured and stored in separate +log files. +.Sp +Output is logged to the directory specified by the \fIiolog_dir\fR +option (\fI@iolog_dir@\fR by default) using a unique session \s-1ID\s0 that +is included in the normal \fBsudo\fR log line, prefixed with \fITSID=\fR. +The \fIiolog_file\fR option may be used to control the format of the +session \s-1ID\s0. +.Sp +Output logs may be viewed with the \fIsudoreplay\fR\|(@mansectsu@) utility, which +can also be used to list or search the available logs. .IP "log_year" 16 .IX Item "log_year" If set, the four-digit year will be logged in the (non-syslog) \fBsudo\fR log file. @@ -1078,6 +1125,14 @@ change this behavior. This can be done by negating the set_logname option. Note that if the \fIenv_reset\fR option has not been disabled, entries in the \fIenv_keep\fR list will override the value of \&\fIset_logname\fR. This flag is \fIon\fR by default. +.IP "set_utmp" 16 +.IX Item "set_utmp" +When enabled, \fBsudo\fR will create an entry in the utmp (or utmpx) +file when a pseudo-tty is allocated. A pseudo-tty is allocated by +\&\fBsudo\fR when the \fIlog_input\fR, \fIlog_output\fR or \fIuse_pty\fR flags +are enabled. By default, the new entry will be a copy of the user's +existing utmp entry (if any), with the tty, time, type and pid +fields updated. This flag is \fIon\fR by default. .IP "setenv" 16 .IX Item "setenv" Allow the user to disable the \fIenv_reset\fR option from the command @@ -1111,32 +1166,6 @@ of the invoking user. In addition, the timestamp file name will include the target user's name. Note that this flag precludes the use of a uid not listed in the passwd database as an argument to the \fB\-u\fR option. This flag is \fIoff\fR by default. -.IP "log_input" 16 -.IX Item "log_input" -If set, \fBsudo\fR will run the command in a \fIpseudo tty\fR and log all -user input. -If the standard input is not connected to the user's tty, due to -I/O redirection or because the command is part of a pipeline, that -input is also captured and stored in a separate log file. -.Sp -Input is logged to the \fI/var/log/sudo\-io\fR directory using a unique -session \s-1ID\s0 that is included in the normal \fBsudo\fR log line, prefixed -with \fITSID=\fR. -.IP "log_output" 16 -.IX Item "log_output" -If set, \fBsudo\fR will run the command in a \fIpseudo tty\fR and log all -output that is sent to the screen, similar to the \fIscript\fR\|(1) command. -If the standard output or standard error is not connected to the -user's tty, due to I/O redirection or because the command is part -of a pipeline, that output is also captured and stored in separate -log files. -.Sp -Output is logged to the -\&\fI/var/log/sudo\-io\fR directory using a unique session \s-1ID\s0 that is -included in the normal \fBsudo\fR log line, prefixed with \fITSID=\fR. -.Sp -Output logs may be viewed with the \fIsudoreplay\fR\|(@mansectsu@) utility, which -can also be used to list or search the available logs. .IP "tty_tickets" 16 .IX Item "tty_tickets" If set, users must authenticate on a per-tty basis. With this flag @@ -1165,7 +1194,12 @@ If set, \fBsudo\fR will run the command in a pseudo-pty even if no I/O logging is being gone. A malicious program run under \fBsudo\fR could conceivably fork a background process that retains to the user's terminal device after the main program has finished executing. Use -of this option will make that impossible. +of this option will make that impossible. This flag is \fIoff\fR by default. +.IP "utmp_runas" 16 +.IX Item "utmp_runas" +If set, \fBsudo\fR will store the name of the runas user when updating +the utmp (or utmpx) file. By default, \fBsudo\fR stores the name of +the invoking user. This flag is \fIoff\fR by default. .IP "visiblepw" 16 .IX Item "visiblepw" By default, \fBsudo\fR will refuse to run if the user must enter a @@ -1279,6 +1313,9 @@ expanded to the base name of the command being run In addition, any escape sequences supported by the system's \fIstrftime()\fR function will be expanded. .Sp +To include a literal `\f(CW\*(C`%\*(C'\fR' character, the string `\f(CW\*(C`%%\*(C'\fR' should +be used. +.Sp Path names that end in six or more \f(CW\*(C`X\*(C'\fRs will have the \f(CW\*(C`X\*(C'\fRs replaced with a unique combination of digits and letters, similar to the \&\fImktemp()\fR function. @@ -1300,10 +1337,9 @@ will expand to the host name of the machine. Default is \f(CW\*(C`@mailsub@\*(C'\fR. .IP "noexec_file" 16 .IX Item "noexec_file" -Path to a shared library containing dummy versions of the \fIexecv()\fR, -\&\fIexecve()\fR and \fIfexecve()\fR library functions that just return an error. -This is used to implement the \fInoexec\fR functionality on systems that -support \f(CW\*(C`LD_PRELOAD\*(C'\fR or its equivalent. Defaults to \fI@noexec_file@\fR. +This option is deprecated and will be removed in a future release +of \fBsudo\fR. The path to the noexec file should now be set in the +\&\fI@sysconfdir@/sudo.conf\fR file. .IP "passprompt" 16 .IX Item "passprompt" The default prompt to use when asking for a password; can be overridden @@ -1900,30 +1936,16 @@ Note, however, that this applies only to native dynamically-linked executables. Statically-linked executables and foreign executables running under binary emulation are not affected. .Sp -To tell whether or not \fBsudo\fR supports \fInoexec\fR, you can run -the following as root: -.Sp -.Vb 1 -\& sudo \-V | grep "dummy exec" -.Ve -.Sp -If the resulting output contains a line that begins with: -.Sp -.Vb 1 -\& File containing dummy exec functions: -.Ve -.Sp -then \fBsudo\fR may be able to replace the exec family of functions -in the standard library with its own that simply return an error. -Unfortunately, there is no foolproof way to know whether or not -\&\fInoexec\fR will work at compile-time. \fInoexec\fR should work on -SunOS, Solaris, *BSD, Linux, \s-1IRIX\s0, Tru64 \s-1UNIX\s0, MacOS X, and HP-UX -11.x. It is known \fBnot\fR to work on \s-1AIX\s0 and UnixWare. \fInoexec\fR -is expected to work on most operating systems that support the +The \fInoexec\fR feature is known to work on SunOS, Solaris, *BSD, +Linux, \s-1IRIX\s0, Tru64 \s-1UNIX\s0, MacOS X, HP-UX 11.x and \s-1AIX\s0 5.3 and above. +It should be supported on most operating systems that support the \&\f(CW\*(C`LD_PRELOAD\*(C'\fR environment variable. Check your operating system's manual pages for the dynamic linker (usually ld.so, ld.so.1, dyld, dld.sl, rld, or loader) to see if \f(CW\*(C`LD_PRELOAD\*(C'\fR is supported. .Sp +On Solaris 10 and higher, \fInoexec\fR uses Solaris privileges instead +of the \f(CW\*(C`LD_PRELOAD\*(C'\fR environment variable. +.Sp To enable \fInoexec\fR for a command, use the \f(CW\*(C`NOEXEC\*(C'\fR tag as documented in the User Specification section above. Here is that example again: .Sp @@ -1935,7 +1957,8 @@ This allows user \fBaaron\fR to run \fI/usr/bin/more\fR and \fI/usr/bin/vi\fR with \fInoexec\fR enabled. This will prevent those two commands from executing other commands (such as a shell). If you are unsure whether or not your system is capable of supporting \fInoexec\fR you -can always just try it out and see if it works. +can always just try it out and check whether shell escapes work +when \fInoexec\fR is enabled. .PP Note that restricting shell escapes is not a panacea. Programs running as root are still capable of many potentially hazardous diff --git a/doc/sudoreplay.cat b/doc/sudoreplay.cat index a2ec14dc6..54c96eb44 100644 --- a/doc/sudoreplay.cat +++ b/doc/sudoreplay.cat @@ -14,12 +14,17 @@ SSYYNNOOPPSSIISS ssuuddoorreeppllaayy [--hh] [--dd _d_i_r_e_c_t_o_r_y] -l [search expression] DDEESSCCRRIIPPTTIIOONN - ssuuddoorreeppllaayy plays back or lists the session logs created by ssuuddoo. When + ssuuddoorreeppllaayy plays back or lists the output logs created by ssuuddoo. When replaying, ssuuddoorreeppllaayy can play the session back in real-time, or the playback speed may be adjusted (faster or slower) based on the command - line options. The _I_D should be a six character sequence of digits and - upper case letters, e.g. 0100A5, which is logged by ssuuddoo when a - command is run with session logging enabled. + line options. + + The _I_D should either be a six character sequence of digits and upper + case letters, e.g. 0100A5, or a pattern matching the _i_o_l_o_g___f_i_l_e option + in the _s_u_d_o_e_r_s file. When a command is run via ssuuddoo with _l_o_g___o_u_t_p_u_t + enabled in the _s_u_d_o_e_r_s file, a TSID=ID string is logged via syslog or + to the ssuuddoo log file. The _I_D may also be determined using ssuuddoorreeppllaayy's + list mode. In list mode, ssuuddoorreeppllaayy can be used to find the ID of a session based on a number of criteria such as the user, tty or command run. @@ -53,15 +58,10 @@ OOPPTTIIOONNSS -l [_s_e_a_r_c_h _e_x_p_r_e_s_s_i_o_n] Enable "list mode". In this mode, ssuuddoorreeppllaayy will list available session IDs. If a _s_e_a_r_c_h _e_x_p_r_e_s_s_i_o_n is - specified, it will be used to restrict the IDs that are - displayed. An expression is composed of the following - predicates: - - -1.8.0rc1 February 21, 2011 1 +1.8.1 April 9, 2011 1 @@ -70,6 +70,10 @@ OOPPTTIIOONNSS SUDOREPLAY(1m) MAINTENANCE COMMANDS SUDOREPLAY(1m) + specified, it will be used to restrict the IDs that are + displayed. An expression is composed of the following + predicates: + command _c_o_m_m_a_n_d _p_a_t_t_e_r_n Evaluates to true if the command run matches _c_o_m_m_a_n_d _p_a_t_t_e_r_n. On systems with POSIX regular @@ -120,14 +124,10 @@ SUDOREPLAY(1m) MAINTENANCE COMMANDS SUDOREPLAY(1m) well as '(' and ')' for grouping (note that parentheses must generally be escaped from the shell). The _a_n_d operator is optional, adjacent predicates have an implied - _a_n_d unless separated by an _o_r. - - -m _m_a_x___w_a_i_t Specify an upper bound on how long to wait between key - presses or output data. By default, ssuuddoo__rreeppllaayy will -1.8.0rc1 February 21, 2011 2 +1.8.1 April 9, 2011 2 @@ -136,6 +136,10 @@ SUDOREPLAY(1m) MAINTENANCE COMMANDS SUDOREPLAY(1m) SUDOREPLAY(1m) MAINTENANCE COMMANDS SUDOREPLAY(1m) + _a_n_d unless separated by an _o_r. + + -m _m_a_x___w_a_i_t Specify an upper bound on how long to wait between key + presses or output data. By default, ssuuddoo__rreeppllaayy will accurately reproduce the delays between key presses or program output. However, this can be tedious when the session includes long pauses. When the _-_m option is @@ -185,15 +189,11 @@ SUDOREPLAY(1m) MAINTENANCE COMMANDS SUDOREPLAY(1m) tomorrow Exactly one day from now. - yesterday - 24 hours ago. - 2 hours ago - 2 hours ago. -1.8.0rc1 February 21, 2011 3 +1.8.1 April 9, 2011 3 @@ -202,6 +202,12 @@ SUDOREPLAY(1m) MAINTENANCE COMMANDS SUDOREPLAY(1m) SUDOREPLAY(1m) MAINTENANCE COMMANDS SUDOREPLAY(1m) + yesterday + 24 hours ago. + + 2 hours ago + 2 hours ago. + next Friday The first second of the next Friday. @@ -250,23 +256,24 @@ FFIILLEESS Example session timing file. Note that the _s_t_d_i_n, _s_t_d_o_u_t and _s_t_d_e_r_r files will be empty unless ssuuddoo - was used as part of a pipeline for a particular command. -EEXXAAMMPPLLEESS - List sessions run by user _m_i_l_l_e_r_t: - sudoreplay -l user millert +1.8.1 April 9, 2011 4 -1.8.0rc1 February 21, 2011 4 +SUDOREPLAY(1m) MAINTENANCE COMMANDS SUDOREPLAY(1m) -SUDOREPLAY(1m) MAINTENANCE COMMANDS SUDOREPLAY(1m) + was used as part of a pipeline for a particular command. +EEXXAAMMPPLLEESS + List sessions run by user _m_i_l_l_e_r_t: + + sudoreplay -l user millert List sessions run by user _b_o_b with a command containing the string vi: @@ -318,13 +325,6 @@ DDIISSCCLLAAIIMMEERR - - - - - - - -1.8.0rc1 February 21, 2011 5 +1.8.1 April 9, 2011 5 diff --git a/doc/sudoreplay.man.in b/doc/sudoreplay.man.in index e50ffbc34..453cfd059 100644 --- a/doc/sudoreplay.man.in +++ b/doc/sudoreplay.man.in @@ -1,4 +1,4 @@ -.\" Copyright (c) 2009-2010 Todd C. Miller +.\" Copyright (c) 2009-2011 Todd C. Miller .\" .\" Permission to use, copy, modify, and distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above @@ -139,7 +139,7 @@ .\" ======================================================================== .\" .IX Title "SUDOREPLAY @mansectsu@" -.TH SUDOREPLAY @mansectsu@ "February 21, 2011" "1.8.0rc1" "MAINTENANCE COMMANDS" +.TH SUDOREPLAY @mansectsu@ "April 9, 2011" "1.8.1" "MAINTENANCE COMMANDS" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -153,13 +153,17 @@ sudoreplay \- replay sudo session logs \&\fBsudoreplay\fR [\fB\-h\fR] [\fB\-d\fR \fIdirectory\fR] \-l [search expression] .SH "DESCRIPTION" .IX Header "DESCRIPTION" -\&\fBsudoreplay\fR plays back or lists the session logs created by -\&\fBsudo\fR. When replaying, \fBsudoreplay\fR can play the session back -in real-time, or the playback speed may be adjusted (faster or -slower) based on the command line options. The \fI\s-1ID\s0\fR should be -a six character sequence of digits and upper case letters, e.g. -0100A5, which is logged by \fBsudo\fR when a command is run with -session logging enabled. +\&\fBsudoreplay\fR plays back or lists the output logs created by \fBsudo\fR. +When replaying, \fBsudoreplay\fR can play the session back in real-time, +or the playback speed may be adjusted (faster or slower) based on +the command line options. +.PP +The \fI\s-1ID\s0\fR should either be a six character sequence of digits and +upper case letters, e.g. \f(CW\*(C`0100A5\*(C'\fR, or a pattern matching the +\&\fIiolog_file\fR option in the \fIsudoers\fR file. When a command is run +via \fBsudo\fR with \fIlog_output\fR enabled in the \fIsudoers\fR file, a +\&\f(CW\*(C`TSID=ID\*(C'\fR string is logged via syslog or to the \fBsudo\fR log file. +The \fI\s-1ID\s0\fR may also be determined using \fBsudoreplay\fR's list mode. .PP In list mode, \fBsudoreplay\fR can be used to find the \s-1ID\s0 of a session based on a number of criteria such as the user, tty or command run. diff --git a/doc/visudo.cat b/doc/visudo.cat index b56bfa999..74ebae6c3 100644 --- a/doc/visudo.cat +++ b/doc/visudo.cat @@ -61,7 +61,7 @@ OOPPTTIIOONNSS -1.8.0rc1 February 21, 2011 1 +1.8.1 April 9, 2011 1 @@ -127,7 +127,7 @@ DDIIAAGGNNOOSSTTIICCSS -1.8.0rc1 February 21, 2011 2 +1.8.1 April 9, 2011 2 @@ -193,6 +193,6 @@ DDIISSCCLLAAIIMMEERR -1.8.0rc1 February 21, 2011 3 +1.8.1 April 9, 2011 3 diff --git a/doc/visudo.man.in b/doc/visudo.man.in index 8fe835321..645a85629 100644 --- a/doc/visudo.man.in +++ b/doc/visudo.man.in @@ -1,4 +1,4 @@ -.\" Copyright (c) 1996,1998-2005, 2007-2008 +.\" Copyright (c) 1996,1998-2005, 2007-2011 .\" Todd C. Miller .\" .\" Permission to use, copy, modify, and distribute this software for any @@ -144,7 +144,7 @@ .\" ======================================================================== .\" .IX Title "VISUDO @mansectsu@" -.TH VISUDO @mansectsu@ "February 21, 2011" "1.8.0rc1" "MAINTENANCE COMMANDS" +.TH VISUDO @mansectsu@ "April 9, 2011" "1.8.1" "MAINTENANCE COMMANDS" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l -- cgit v1.2.1 -- cgit v1.2.1 From 23097092fce9b88404f40a52832ae159d58a146a Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Mon, 18 Apr 2011 09:24:27 -0400 Subject: sudo 1.8.1p1 updates --- NEWS | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/NEWS b/NEWS index f7ef73ac6..8f36d0f07 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,16 @@ +What's new in Sudo 1.8.1p1? + + * Fixed a problem on AIX where sudo was unable to set the final + uid if the PAM module modified the effective uid. + + * A non-existent includedir is now treated the same as an empty + directory and not reported as an error. + + * Removed extraneous parens in LDAP filter when sudoers_search_filter + is enabled that can cause an LDAP search error. + + * Fixed a "make -j" problem for "make install". + What's new in Sudo 1.8.1? * A new LDAP setting, sudoers_search_filter, has been added to -- cgit v1.2.1 From b997319d05dadba0421144a0921041a438930d86 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Thu, 19 May 2011 13:09:49 -0400 Subject: This is sudo 1.8.1 not 1.8.0 --- README | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README b/README index 3ed6c5b78..a3d81f97a 100644 --- a/README +++ b/README @@ -1,4 +1,4 @@ -This is Sudo version 1.8.0 +This is Sudo version 1.8.1 The sudo philosophy =================== -- cgit v1.2.1 From 4f5d873c353e18fb40179cde0e0a9be85df7d4e9 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Thu, 19 May 2011 13:16:37 -0400 Subject: No need to include version number at the top of these files. --- INSTALL | 4 ++-- README | 2 -- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/INSTALL b/INSTALL index b8156e64c..ad5ac99bc 100644 --- a/INSTALL +++ b/INSTALL @@ -1,5 +1,5 @@ -Installation instructions for Sudo 1.8 -====================================== +Sudo installation instructions +============================== Sudo uses a `configure' script to probe the capabilities and type of the system in question. In this release, `configure' takes many diff --git a/README b/README index a3d81f97a..919c74a65 100644 --- a/README +++ b/README @@ -1,5 +1,3 @@ -This is Sudo version 1.8.1 - The sudo philosophy =================== Sudo is a program designed to allow a sysadmin to give limited root privileges -- cgit v1.2.1 From fd2f9d261d48bd5de892fdac0ab494dea549e146 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Thu, 19 May 2011 13:20:49 -0400 Subject: update copyright year --- doc/license.pod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/license.pod b/doc/license.pod index 5786e385a..c3c23a976 100644 --- a/doc/license.pod +++ b/doc/license.pod @@ -3,7 +3,7 @@ =head3 Sudo is distributed under the following ISC-style license: - Copyright (c) 1994-1996, 1998-2010 + Copyright (c) 1994-1996, 1998-2011 Todd C. Miller Permission to use, copy, modify, and distribute this software for any -- cgit v1.2.1 From e3ef59206f691079f32ca7fafab5e3a11a546f8d Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Fri, 20 May 2011 13:39:37 -0400 Subject: Bump version to 1.8.2 --- configure | 18 +++++++++--------- configure.in | 2 +- plugins/sudoers/po/sudoers.pot | 2 +- src/po/sudo.pot | 2 +- 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/configure b/configure index 43079528c..514d5a40f 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.65 for sudo 1.8.1. +# Generated by GNU Autoconf 2.65 for sudo 1.8.2. # # Report bugs to . # @@ -562,8 +562,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='sudo' PACKAGE_TARNAME='sudo' -PACKAGE_VERSION='1.8.1' -PACKAGE_STRING='sudo 1.8.1' +PACKAGE_VERSION='1.8.2' +PACKAGE_STRING='sudo 1.8.2' PACKAGE_BUGREPORT='http://www.sudo.ws/bugs/' PACKAGE_URL='' @@ -1432,7 +1432,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures sudo 1.8.1 to adapt to many kinds of systems. +\`configure' configures sudo 1.8.2 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1497,7 +1497,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of sudo 1.8.1:";; + short | recursive ) echo "Configuration of sudo 1.8.2:";; esac cat <<\_ACEOF @@ -1710,7 +1710,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -sudo configure 1.8.1 +sudo configure 1.8.2 generated by GNU Autoconf 2.65 Copyright (C) 2009 Free Software Foundation, Inc. @@ -2409,7 +2409,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by sudo $as_me 1.8.1, which was +It was created by sudo $as_me 1.8.2, which was generated by GNU Autoconf 2.65. Invocation command line was $ $0 $@ @@ -19778,7 +19778,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by sudo $as_me 1.8.1, which was +This file was extended by sudo $as_me 1.8.2, which was generated by GNU Autoconf 2.65. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -19844,7 +19844,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -sudo config.status 1.8.1 +sudo config.status 1.8.2 configured by $0, generated by GNU Autoconf 2.65, with options \\"\$ac_cs_config\\" diff --git a/configure.in b/configure.in index dd01b1f7d..5a60fde0e 100644 --- a/configure.in +++ b/configure.in @@ -3,7 +3,7 @@ dnl Process this file with GNU autoconf to produce a configure script. dnl dnl Copyright (c) 1994-1996,1998-2011 Todd C. Miller dnl -AC_INIT([sudo], [1.8.1], [http://www.sudo.ws/bugs/], [sudo]) +AC_INIT([sudo], [1.8.2], [http://www.sudo.ws/bugs/], [sudo]) AC_CONFIG_HEADER([config.h pathnames.h]) dnl dnl Note: this must come after AC_INIT diff --git a/plugins/sudoers/po/sudoers.pot b/plugins/sudoers/po/sudoers.pot index a58c9f76e..10ef964f2 100644 --- a/plugins/sudoers/po/sudoers.pot +++ b/plugins/sudoers/po/sudoers.pot @@ -5,7 +5,7 @@ #, fuzzy msgid "" msgstr "" -"Project-Id-Version: sudo 1.8.x\n" +"Project-Id-Version: sudo 1.8.2\n" "Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n" "POT-Creation-Date: 2011-05-20 13:19-0400\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" diff --git a/src/po/sudo.pot b/src/po/sudo.pot index 56461eca6..4f6434a66 100644 --- a/src/po/sudo.pot +++ b/src/po/sudo.pot @@ -5,7 +5,7 @@ #, fuzzy msgid "" msgstr "" -"Project-Id-Version: sudo 1.8.x\n" +"Project-Id-Version: sudo 1.8.2\n" "Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n" "POT-Creation-Date: 2011-05-20 13:19-0400\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" -- cgit v1.2.1 From d9582bdc15eb5184f1279058fa7d2d5e259e9447 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Sun, 22 May 2011 08:36:17 -0400 Subject: Regen for sudo 1.8.2 --- doc/sudo.cat | 183 +------------------ doc/sudo.man.in | 2 +- doc/sudo_plugin.cat | 225 +----------------------- doc/sudo_plugin.man.in | 2 +- doc/sudoers.cat | 454 ++---------------------------------------------- doc/sudoers.ldap.cat | 187 +------------------- doc/sudoers.ldap.man.in | 2 +- doc/sudoers.man.in | 31 ++-- doc/sudoreplay.cat | 71 +------- doc/sudoreplay.man.in | 2 +- doc/visudo.cat | 56 +----- doc/visudo.man.in | 2 +- 12 files changed, 38 insertions(+), 1179 deletions(-) diff --git a/doc/sudo.cat b/doc/sudo.cat index d813e6b1f..b27dc2b1d 100644 --- a/doc/sudo.cat +++ b/doc/sudo.cat @@ -1,9 +1,7 @@ +SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) -SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) - - NNAAMMEE sudo, sudoedit - execute a command as another user @@ -57,19 +55,6 @@ DDEESSCCRRIIPPTTIIOONN If an I/O plugin is configured, the running command's input and output may be logged as well. - - - - -1.8.1 April 9, 2011 1 - - - - - -SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) - - OOPPTTIIOONNSS ssuuddoo accepts the following command line options: @@ -125,17 +110,6 @@ OOPPTTIIOONNSS is already root. This option is only available on systems with BSD login classes. - - -1.8.1 April 9, 2011 2 - - - - - -SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) - - -D _l_e_v_e_l Enable debugging of ssuuddoo plugins and ssuuddoo itself. The _l_e_v_e_l may be a value from 1 through 9. @@ -190,18 +164,6 @@ SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) behavior. -h The --hh (_h_e_l_p) option causes ssuuddoo to print a short help - - - -1.8.1 April 9, 2011 3 - - - - - -SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) - - message to the standard output and exit. -i [command] @@ -256,18 +218,6 @@ SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) messages and exit. -P The --PP (_p_r_e_s_e_r_v_e _g_r_o_u_p _v_e_c_t_o_r) option causes ssuuddoo to - - - -1.8.1 April 9, 2011 4 - - - - - -SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) - - preserve the invoking user's group vector unaltered. By default, the _s_u_d_o_e_r_s policy will initialize the group vector to the list of groups the target user is in. The @@ -322,18 +272,6 @@ SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) role. -U _u_s_e_r The --UU (_o_t_h_e_r _u_s_e_r) option is used in conjunction with the - - - -1.8.1 April 9, 2011 5 - - - - - -SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) - - --ll option to specify the user whose privileges should be listed. The security policy may restrict listing other users' privileges. The _s_u_d_o_e_r_s policy only allows root or @@ -384,22 +322,6 @@ PPLLUUGGIINNSS security policy and I/O logging, which corresponds to the following _/_e_t_c_/_s_u_d_o_._c_o_n_f file. - - - - - - - -1.8.1 April 9, 2011 6 - - - - - -SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) - - # # Default /etc/sudo.conf file # @@ -454,18 +376,6 @@ PPAATTHHSS that support LD_PRELOAD or its equivalent. Defaults to _/_u_s_r_/_l_o_c_a_l_/_l_i_b_e_x_e_c_/_s_u_d_o___n_o_e_x_e_c_._s_o. - - - -1.8.1 April 9, 2011 7 - - - - - -SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) - - RREETTUURRNN VVAALLUUEESS Upon successful execution of a program, the exit status from ssuuddoo will simply be the exit status of the program that was executed. @@ -521,17 +431,6 @@ EENNVVIIRROONNMMEENNTT SHELL Used to determine shell to run with -s option - - -1.8.1 April 9, 2011 8 - - - - - -SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) - - SUDO_ASKPASS Specifies the path to a helper program used to read the password if no terminal is available or if the -A option is specified. @@ -587,17 +486,6 @@ EEXXAAMMPPLLEESS To shutdown a machine: - - -1.8.1 April 9, 2011 9 - - - - - -SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) - - $ sudo shutdown -r +15 "quick reboot" To make a usage listing of the directories in the /home partition. @@ -652,75 +540,8 @@ DDIISSCCLLAAIIMMEERR including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose are disclaimed. See the LICENSE file distributed with ssuuddoo or - - - -1.8.1 April 9, 2011 10 - - - - - -SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) - - http://www.sudo.ws/sudo/license.html for complete details. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -1.8.1 April 9, 2011 11 - - +1.8.2 May 22, 2011 SUDO(1m) diff --git a/doc/sudo.man.in b/doc/sudo.man.in index 3a83e91fc..843d6acd5 100644 --- a/doc/sudo.man.in +++ b/doc/sudo.man.in @@ -149,7 +149,7 @@ .\" ======================================================================== .\" .IX Title "SUDO @mansectsu@" -.TH SUDO @mansectsu@ "April 9, 2011" "1.8.1" "MAINTENANCE COMMANDS" +.TH SUDO @mansectsu@ "May 22, 2011" "1.8.2" "MAINTENANCE COMMANDS" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff --git a/doc/sudo_plugin.cat b/doc/sudo_plugin.cat index d2578907a..263809228 100644 --- a/doc/sudo_plugin.cat +++ b/doc/sudo_plugin.cat @@ -1,9 +1,7 @@ +SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) -SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) - - NNAAMMEE sudo_plugin - Sudo Plugin API @@ -58,18 +56,6 @@ DDEESSCCRRIIPPTTIIOONN Plugin sudoers_policy sudoers.so Plugin sudoers_io sudoers.so - - - -1.8.1 April 9, 2011 1 - - - - - -SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) - - PPoolliiccyy PPlluuggiinn AAPPII A policy plugin must declare and populate a policy_plugin struct in the global scope. This structure contains pointers to the functions that @@ -124,18 +110,6 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) version The version passed in by ssuuddoo allows the plugin to determine the major and minor version number of the plugin API supported - - - -1.8.1 April 9, 2011 2 - - - - - -SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) - - by ssuuddoo. conversation @@ -190,18 +164,6 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) login_shell=bool Set to true if the user specified the -i flag, indicating - - - -1.8.1 April 9, 2011 3 - - - - - -SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) - - that the user wishes to run a login shell. implied_shell=bool @@ -257,17 +219,6 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) The command name that sudo was run as, typically "sudo" or "sudoedit". - - -1.8.1 April 9, 2011 4 - - - - - -SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) - - sudoedit=bool Set to true when the -e flag is is specified or if invoked as ssuuddooeeddiitt. The plugin shall substitute an editor into @@ -323,17 +274,6 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) is no terminal device available, a default value of 24 is used. - - -1.8.1 April 9, 2011 5 - - - - - -SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) - - cols=int The number of columns the user's terminal supports. If there is no terminal device available, a default value of @@ -388,18 +328,6 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) the _o_p_e_n function, the user has requested _s_u_d_o_e_d_i_t mode. _s_u_d_o_e_d_i_t is a mechanism for editing one or more files where an editor is run with the user's credentials instead of with elevated privileges. - - - -1.8.1 April 9, 2011 6 - - - - - -SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) - - ssuuddoo achieves this by creating user-writable temporary copies of the files to be edited and then overwriting the originals with the temporary copies after editing is complete. If the plugin supports @@ -453,19 +381,6 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) command=string Fully qualified path to the command to be executed. - - - - -1.8.1 April 9, 2011 7 - - - - - -SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) - - runas_uid=uid User ID to run the command as. @@ -520,18 +435,6 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) timeout=int Command timeout. If non-zero then when the timeout expires - - - -1.8.1 April 9, 2011 8 - - - - - -SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) - - the command will be killed. sudoedit=bool @@ -587,17 +490,6 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) screen, not output to a pipe or file. This is a hint to the I/O logging plugin which may choose to ignore it. - - -1.8.1 April 9, 2011 9 - - - - - -SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) - - use_pty=bool Allocate a pseudo-tty to run the command in, regardless of whether or not I/O logging is in use. By default, ssuuddoo @@ -651,19 +543,6 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) policy allows it. If NULL, the plugin should list the privileges of the invoking user. - - - - -1.8.1 April 9, 2011 10 - - - - - -SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) - - argc The number of elements in _a_r_g_v, not counting the final NULL pointer. @@ -718,18 +597,6 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) Returns 1 on success, 0 on failure and -1 on error. On error, the plugin may optionally call the conversation or plugin_printf - - - -1.8.1 April 9, 2011 11 - - - - - -SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) - - function with SUDO_CONF_ERROR_MSG to present additional error information to the user. @@ -785,17 +652,6 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) logging is to be performed. If the open function returns 0, no I/O will be sent to the plugin. - - -1.8.1 April 9, 2011 12 - - - - - -SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) - - The io_plugin struct has the following fields: type @@ -850,18 +706,6 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) "name=value" strings. The vector is terminated by a NULL pointer. These settings correspond to flags the user specified when running ssuuddoo. As such, they will only be present when the - - - -1.8.1 April 9, 2011 13 - - - - - -SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) - - corresponding flag has been specified on the command line. When parsing _s_e_t_t_i_n_g_s, the plugin should split on the ffiirrsstt @@ -916,18 +760,6 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) error If the command could not be executed, this is set to the value of errno set by the _e_x_e_c_v_e(2) system call. If the command was - - - -1.8.1 April 9, 2011 14 - - - - - -SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) - - successfully executed, the value of error is 0. show_version @@ -982,18 +814,6 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) the data should be passed to the command, 0 if the data is rejected (which will terminate the command) or -1 if an error occurred. - - - -1.8.1 April 9, 2011 15 - - - - - -SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) - - The function arguments are as follows: buf The buffer containing user input. @@ -1049,17 +869,6 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) informational or error messages to the user, which is usually more convenient for simple messages where no use input is required. - - -1.8.1 April 9, 2011 16 - - - - - -SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) - - struct sudo_conv_message { #define SUDO_CONV_PROMPT_ECHO_OFF 0x0001 /* do not echo user input */ #define SUDO_CONV_PROMPT_ECHO_ON 0x0002 /* echo user input */ @@ -1111,21 +920,6 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) in the global scope. This structure contains pointers to the functions that implement plugin initialization, cleanup and group lookup. - - - - - - -1.8.1 April 9, 2011 17 - - - - - -SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) - - struct sudoers_group_plugin { unsigned int version; int (*init)(int version, sudo_printf_t sudo_printf, @@ -1179,19 +973,6 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) close open file handles. query - - - - -1.8.1 April 9, 2011 18 - - - - - -SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) - - int (*query)(const char *user, const char *group, const struct passwd *pwd); @@ -1249,6 +1030,4 @@ DDIISSCCLLAAIIMMEERR -1.8.1 April 9, 2011 19 - - +1.8.2 May 22, 2011 SUDO_PLUGIN(1m) diff --git a/doc/sudo_plugin.man.in b/doc/sudo_plugin.man.in index b78049943..2fe44c61b 100644 --- a/doc/sudo_plugin.man.in +++ b/doc/sudo_plugin.man.in @@ -139,7 +139,7 @@ .\" ======================================================================== .\" .IX Title "SUDO_PLUGIN @mansectsu@" -.TH SUDO_PLUGIN @mansectsu@ "April 9, 2011" "1.8.1" "MAINTENANCE COMMANDS" +.TH SUDO_PLUGIN @mansectsu@ "May 22, 2011" "1.8.2" "MAINTENANCE COMMANDS" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff --git a/doc/sudoers.cat b/doc/sudoers.cat index 23c368b24..27429e029 100644 --- a/doc/sudoers.cat +++ b/doc/sudoers.cat @@ -1,9 +1,7 @@ +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - NNAAMMEE sudoers - default sudo security policy module @@ -58,18 +56,6 @@ DDEESSCCRRIIPPTTIIOONN _s_u_d_o_e_r_s also supports logging a command's input and output streams. I/O logging is not on by default but can be enabled using the _l_o_g___i_n_p_u_t and _l_o_g___o_u_t_p_u_t Defaults flags as well as the LOG_INPUT and LOG_OUTPUT - - - -1.8.1 April 9, 2011 1 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - command tags. CCoommmmaanndd EEnnvviirroonnmmeenntt @@ -124,18 +110,6 @@ SSUUDDOOEERRSS FFIILLEE FFOORRMMAATT Form (EBNF). Don't despair if you don't know what EBNF is; it is fairly simple, and the definitions below are annotated. - - - -1.8.1 April 9, 2011 2 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - QQuuiicckk gguuiiddee ttoo EEBBNNFF EBNF is a concise and exact way of describing the grammar of a language. Each EBNF definition is made up of _p_r_o_d_u_c_t_i_o_n _r_u_l_e_s. E.g., @@ -191,17 +165,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) Alias_Type NAME = item1, item2, item3 : NAME = item4, item5 - - -1.8.1 April 9, 2011 3 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - The definitions of what constitutes a valid _a_l_i_a_s member follow. User_List ::= User | @@ -256,18 +219,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) '!'* %:nonunix_group | '!'* %:#nonunix_gid | '!'* +netgroup | - - - -1.8.1 April 9, 2011 4 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - '!'* Runas_Alias A Runas_List is similar to a User_List except that instead of @@ -322,18 +273,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) he/she wishes. However, you may also specify command line arguments (including wildcards). Alternately, you can specify "" to indicate that the command may only be run wwiitthhoouutt command line arguments. A - - - -1.8.1 April 9, 2011 5 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - directory is a fully qualified path name ending in a '/'. When you specify a directory in a Cmnd_List, the user will be able to run any file within that directory (but not in any subdirectories therein). @@ -388,18 +327,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) See "SUDOERS OPTIONS" for a list of supported Defaults parameters. - - - -1.8.1 April 9, 2011 6 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - UUsseerr SSppeecciiffiiccaattiioonn User_Spec ::= User_List Host_List '=' Cmnd_Spec_List \ (':' Host_List '=' Cmnd_Spec_List)* @@ -454,18 +381,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) dgb boulder = (operator) /bin/ls, (root) /bin/kill, /usr/bin/lprm - - - -1.8.1 April 9, 2011 7 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - Then user ddggbb is now allowed to run _/_b_i_n_/_l_s as ooppeerraattoorr, but _/_b_i_n_/_k_i_l_l and _/_u_s_r_/_b_i_n_/_l_p_r_m as rroooott. @@ -520,18 +435,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) the tag unless it is overridden by the opposite tag (i.e.: PASSWD overrides NOPASSWD and NOEXEC overrides EXEC). - - - -1.8.1 April 9, 2011 8 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - _N_O_P_A_S_S_W_D _a_n_d _P_A_S_S_W_D By default, ssuuddoo requires that a user authenticate him or herself @@ -587,17 +490,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) _L_O_G___I_N_P_U_T _a_n_d _N_O_L_O_G___I_N_P_U_T - - -1.8.1 April 9, 2011 9 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - These tags override the value of the _l_o_g___i_n_p_u_t option on a per-command basis. For more information, see the description of _l_o_g___i_n_p_u_t in the "SUDOERS OPTIONS" section below. @@ -653,17 +545,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) file currently being parsed using the #include and #includedir directives. - - -1.8.1 April 9, 2011 10 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - This can be used, for example, to keep a site-wide _s_u_d_o_e_r_s file in addition to a local, per-machine file. For the sake of this example the site-wide _s_u_d_o_e_r_s will be _/_e_t_c_/_s_u_d_o_e_r_s and the per-machine one will @@ -718,18 +599,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) User_Alias, Runas_Alias, or Host_Alias. You should not try to define your own _a_l_i_a_s called AALLLL as the built-in alias will be used in preference to your own. Please note that using AALLLL can be dangerous - - - -1.8.1 April 9, 2011 11 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - since in a command context, it allows the user to run aannyy command on the system. @@ -784,18 +653,6 @@ SSUUDDOOEERRSS OOPPTTIIOONNSS zzlliibb support. env_editor If set, vviissuuddoo will use the value of the EDITOR or - - - -1.8.1 April 9, 2011 12 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - VISUAL environment variables before falling back on the default editor list. Note that this may create a security hole as it allows the user to run any @@ -850,18 +707,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) _o_f_f by default. ignore_dot If set, ssuuddoo will ignore '.' or '' (current dir) in the - - - -1.8.1 April 9, 2011 13 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - PATH environment variable; the PATH itself is not modified. This flag is _o_f_f by default. @@ -916,18 +761,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) log line, prefixed with _T_S_I_D_=. The _i_o_l_o_g___f_i_l_e option may be used to control the format of the session ID. - - - -1.8.1 April 9, 2011 14 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - Output logs may be viewed with the _s_u_d_o_r_e_p_l_a_y(1m) utility, which can also be used to list or search the available logs. @@ -982,18 +815,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) passprompt_override The password prompt specified by _p_a_s_s_p_r_o_m_p_t will - - - -1.8.1 April 9, 2011 15 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - normally only be used if the password prompt provided by systems such as PAM matches the string "Password:". If _p_a_s_s_p_r_o_m_p_t___o_v_e_r_r_i_d_e is set, _p_a_s_s_p_r_o_m_p_t will always @@ -1048,18 +869,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) the the _e_n_v___r_e_s_e_t option is enabled, so _s_e_t___h_o_m_e is only effective for configurations where either _e_n_v___r_e_s_e_t is disabled or HOME is present in the - - - -1.8.1 April 9, 2011 16 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - _e_n_v___k_e_e_p list. This flag is _o_f_f by default. set_logname Normally, ssuuddoo will set the LOGNAME, USER and USERNAME @@ -1115,17 +924,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) not listed in the passwd database as an argument to the --uu option. This flag is _o_f_f by default. - - -1.8.1 April 9, 2011 17 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - tty_tickets If set, users must authenticate on a per-tty basis. With this flag enabled, ssuuddoo will use a file named for the tty the user is logged in on in the user's time @@ -1181,17 +979,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) IInntteeggeerrss tthhaatt ccaann bbee uusseedd iinn aa bboooolleeaann ccoonntteexxtt: - - -1.8.1 April 9, 2011 18 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - loglinelen Number of characters per line for the file log. This value is used to decide when to wrap lines for nicer log files. This has no effect on the syslog log file, @@ -1247,17 +1034,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) The following percent (`%') escape sequences are supported: - - -1.8.1 April 9, 2011 19 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - %{seq} expanded to a monotonically increasing base-36 sequence number, such as 0100A5, where every two @@ -1312,18 +1088,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) noexec_file This option is deprecated and will be removed in a future release of ssuuddoo. The path to the noexec file - - - -1.8.1 April 9, 2011 20 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - should now be set in the _/_e_t_c_/_s_u_d_o_._c_o_n_f file. passprompt The default prompt to use when asking for a password; @@ -1360,15 +1124,20 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) runas_default The default user to run commands as if the --uu option is not specified on the command line. This defaults to - root. Note that if _r_u_n_a_s___d_e_f_a_u_l_t is set it mmuusstt occur - before any Runas_Alias specifications. + root. syslog_badpri Syslog priority to use when user authenticates unsuccessfully. Defaults to alert. + The following syslog priorities are supported: aalleerrtt, + ccrriitt, ddeebbuugg, eemmeerrgg, eerrrr, iinnffoo, nnoottiiccee, and wwaarrnniinngg. + syslog_goodpri Syslog priority to use when user authenticates successfully. Defaults to notice. + See syslog_badpri for the list of supported syslog + priorities. + sudoers_locale Locale to use when parsing the sudoers file, logging commands, and sending email. Note that changing the locale may affect how sudoers is interpreted. Defaults @@ -1378,18 +1147,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) The default is _/_v_a_r_/_a_d_m_/_s_u_d_o. timestampowner The owner of the timestamp directory and the timestamps - - - -1.8.1 April 9, 2011 21 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - stored therein. The default is root. type The default SELinux type to use when constructing a new @@ -1400,16 +1157,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) SSttrriinnggss tthhaatt ccaann bbee uusseedd iinn aa bboooolleeaann ccoonntteexxtt: - askpass The _a_s_k_p_a_s_s option specifies the fully qualified path to a - helper program used to read the user's password when no - terminal is available. This may be the case when ssuuddoo is - executed from a graphical (as opposed to text-based) - application. The program specified by _a_s_k_p_a_s_s should - display the argument passed to it as the prompt and write - the user's password to the standard output. The value of - _a_s_k_p_a_s_s may be overridden by the SUDO_ASKPASS environment - variable. - env_file The _e_n_v___f_i_l_e options specifies the fully qualified path to a file containing variables to be set in the environment of the program being run. Entries in this file should either @@ -1444,18 +1191,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) along with the password prompt. It has the following possible values: - - - -1.8.1 April 9, 2011 22 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - always Always lecture the user. never Never lecture the user. @@ -1511,17 +1246,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) should be enclosed in double quotes (") to protect against ssuuddoo interpreting the @ sign. Defaults to root. - - -1.8.1 April 9, 2011 23 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - secure_path Path used for every command run from ssuuddoo. If you don't trust the people running ssuuddoo to have a sane PATH environment variable you may want to use this. Another use @@ -1533,6 +1257,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) syslog Syslog facility if syslog is being used for logging (negate to disable syslog logging). Defaults to auth. + The following syslog facilities are supported: aauutthhpprriivv (if + your OS supports it), aauutthh, ddaaeemmoonn, uusseerr, llooccaall00, llooccaall11, + llooccaall22, llooccaall33, llooccaall44, llooccaall55, llooccaall66, and llooccaall77. + verifypw This option controls when a password will be required when a user runs ssuuddoo with the --vv option. It has the following possible values: @@ -1576,18 +1304,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) environment when the _e_n_v___r_e_s_e_t option is not in effect. The argument may be a double-quoted, space-separated list or a single value without double-quotes. The list - - - -1.8.1 April 9, 2011 24 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - can be replaced, added to, deleted from, or disabled by using the =, +=, -=, and ! operators respectively. The default list of environment variables to remove is @@ -1607,13 +1323,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) variables to keep is displayed when ssuuddoo is run by root with the _-_V option. - When logging via _s_y_s_l_o_g(3), ssuuddoo accepts the following values for the - syslog facility (the value of the ssyysslloogg Parameter): aauutthhpprriivv (if your - OS supports it), aauutthh, ddaaeemmoonn, uusseerr, llooccaall00, llooccaall11, llooccaall22, llooccaall33, - llooccaall44, llooccaall55, llooccaall66, and llooccaall77. The following syslog priorities - are supported: aalleerrtt, ccrriitt, ddeebbuugg, eemmeerrgg, eerrrr, iinnffoo, nnoottiiccee, and - wwaarrnniinngg. - FFIILLEESS _/_e_t_c_/_s_u_d_o_e_r_s List of who can run what @@ -1642,18 +1351,6 @@ EEXXAAMMPPLLEESS # User alias specification User_Alias FULLTIMERS = millert, mikef, dowdy User_Alias PARTTIMERS = bostley, jwfox, crawl - - - -1.8.1 April 9, 2011 25 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - User_Alias WEBMASTERS = will, wendy, wim # Runas alias specification @@ -1707,19 +1404,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) The _U_s_e_r _s_p_e_c_i_f_i_c_a_t_i_o_n is the part that actually determines who may run what. - - - - -1.8.1 April 9, 2011 26 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - root ALL = (ALL) ALL %wheel ALL = (ALL) ALL @@ -1775,17 +1459,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) bob SPARC = (OP) ALL : SGI = (OP) ALL - - -1.8.1 April 9, 2011 27 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - The user bboobb may run anything on the _S_P_A_R_C and _S_G_I machines as any user listed in the _O_P Runas_Alias (rroooott and ooppeerraattoorr). @@ -1840,18 +1513,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) ALL CDROM = NOPASSWD: /sbin/umount /CDROM,\ /sbin/mount -o nosuid\,nodev /dev/cd0a /CDROM - - - -1.8.1 April 9, 2011 28 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - Any user may mount or unmount a CD-ROM on the machines in the CDROM Host_Alias (orion, perseus, hercules) without entering a password. This is a bit tedious for users to type, so it is a prime candidate for @@ -1906,18 +1567,6 @@ PPRREEVVEENNTTIINNGG SSHHEELLLL EESSCCAAPPEESS noexec Many systems that support shared libraries have the ability to override default library functions by pointing an environment variable (usually LD_PRELOAD) to an alternate - - - -1.8.1 April 9, 2011 29 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - shared library. On such systems, ssuuddoo's _n_o_e_x_e_c functionality can be used to prevent a program run by ssuuddoo from executing any other programs. Note, however, that this applies only to @@ -1972,18 +1621,6 @@ SSEECCUURRIITTYY NNOOTTEESS _s_u_d_o_e_r_s will not honor time stamps set far in the future. Time stamps with a date greater than current_time + 2 * TIMEOUT will be ignored and sudo will log and complain. This is done to keep a user from creating - - - -1.8.1 April 9, 2011 30 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - his/her own time stamp with a bogus date on systems that allow users to give away files if the time stamp directory is located in a world- writable directory. @@ -2038,75 +1675,10 @@ SSUUPPPPOORRTT DDIISSCCLLAAIIMMEERR ssuuddoo is provided ``AS IS'' and any express or implied warranties, including, but not limited to, the implied warranties of - - - -1.8.1 April 9, 2011 31 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - merchantability and fitness for a particular purpose are disclaimed. See the LICENSE file distributed with ssuuddoo or http://www.sudo.ws/sudo/license.html for complete details. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -1.8.1 April 9, 2011 32 - - +1.8.2 May 22, 2011 SUDOERS(4) diff --git a/doc/sudoers.ldap.cat b/doc/sudoers.ldap.cat index 21704be8f..483500345 100644 --- a/doc/sudoers.ldap.cat +++ b/doc/sudoers.ldap.cat @@ -1,9 +1,7 @@ +SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) -SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) - - NNAAMMEE sudoers.ldap - sudo LDAP configuration @@ -58,18 +56,6 @@ DDEESSCCRRIIPPTTIIOONN Sudo first looks for the cn=default entry in the SUDOers container. If found, the multi-valued sudoOption attribute is parsed in the same - - - -1.8.1 April 9, 2011 1 - - - - - -SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) - - manner as a global Defaults line in _/_e_t_c_/_s_u_d_o_e_r_s. In the following example, the SSH_AUTH_SOCK variable will be preserved in the environment for all users. @@ -124,18 +110,6 @@ SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) A timestamp in the form yyyymmddHHMMZ that can be used to provide a start date/time for when the sudoRole will be valid. If multiple sudoNotBefore entries are present, the earliest is used. Note that - - - -1.8.1 April 9, 2011 2 - - - - - -SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) - - timestamps must be in Coordinated Universal Time (UTC), not the local timezone. @@ -190,18 +164,6 @@ SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) that the user belongs to. (The special ALL tag is matched in this query too.) If no match is returned for the user's name and groups, a third query returns all entries containing user netgroups and checks to - - - -1.8.1 April 9, 2011 3 - - - - - -SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) - - see if the user belongs to any of them. If timed entries are enabled with the SSUUDDOOEERRSS__TTIIMMEEDD configuration @@ -255,19 +217,6 @@ SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) currently ignored. For example, the following attributes do not behave the way one might expect. - - - - -1.8.1 April 9, 2011 4 - - - - - -SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) - - # does not match all but joe # rather, does not match anyone sudoUser: !joe @@ -323,17 +272,6 @@ SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) commercial versions of Unix are only capable of supporting one or the other. - - -1.8.1 April 9, 2011 5 - - - - - -SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) - - HHOOSSTT name[:port] ... If no UURRII is specified, the HHOOSSTT parameter specifies a whitespace- delimited list of LDAP servers to connect to. Each host may @@ -388,18 +326,6 @@ SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) in a moderate amount of debugging information. A value of 2 shows the results of the matches themselves. This parameter should not be set in a production environment as the extra information is - - - -1.8.1 April 9, 2011 6 - - - - - -SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) - - likely to confuse users. BBIINNDDDDNN DN @@ -453,19 +379,6 @@ SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) TTLLSS__CCAACCEERRTT file name An alias for TTLLSS__CCAACCEERRTTFFIILLEE for OpenLDAP compatibility. - - - - -1.8.1 April 9, 2011 7 - - - - - -SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) - - TTLLSS__CCAACCEERRTTFFIILLEE file name The path to a certificate authority bundle which contains the certificates for all the Certificate Authorities the client knows @@ -519,19 +432,6 @@ SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) the OpenSSL manual for a list of valid ciphers. This option is only supported by the OpenLDAP libraries. - - - - -1.8.1 April 9, 2011 8 - - - - - -SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) - - UUSSEE__SSAASSLL on/true/yes/off/false/no Enable UUSSEE__SSAASSLL for LDAP servers that support SASL authentication. @@ -586,18 +486,6 @@ SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) sudoers: files - - - -1.8.1 April 9, 2011 9 - - - - - -SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) - - Note that _/_e_t_c_/_n_s_s_w_i_t_c_h_._c_o_n_f is supported even when the underlying operating system does not use an nsswitch.conf file. @@ -652,18 +540,6 @@ EEXXAAMMPPLLEESS #uri ldaps://secureldapserver #uri ldaps://secureldapserver ldap://ldapserver # - - - -1.8.1 April 9, 2011 10 - - - - - -SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) - - # The amount of time, in seconds, to wait while trying to connect to # an LDAP server. bind_timelimit 30 @@ -718,18 +594,6 @@ SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) #tls_randfile /etc/egd-pool # # You may restrict which ciphers are used. Consult your SSL - - - -1.8.1 April 9, 2011 11 - - - - - -SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) - - # documentation for which options go here. # Only supported when using OpenLDAP. # @@ -784,18 +648,6 @@ SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) attributetype ( 1.3.6.1.4.1.15953.9.1.2 NAME 'sudoHost' - - - -1.8.1 April 9, 2011 12 - - - - - -SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) - - DESC 'Host(s) who may run sudo' EQUALITY caseExactIA5Match SUBSTR caseExactIA5SubstringsMatch @@ -850,18 +702,6 @@ SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) DESC 'an integer to order the sudoRole entries' EQUALITY integerMatch ORDERING integerOrderingMatch - - - -1.8.1 April 9, 2011 13 - - - - - -SUDOERS.LDAP(4) MAINTENANCE COMMANDS SUDOERS.LDAP(4) - - SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) objectclass ( 1.3.6.1.4.1.15953.9.2.1 NAME 'sudoRole' SUP top STRUCTURAL @@ -898,27 +738,4 @@ DDIISSCCLLAAIIMMEERR - - - - - - - - - - - - - - - - - - - - - -1.8.1 April 9, 2011 14 - - +1.8.2 May 22, 2011 SUDOERS.LDAP(4) diff --git a/doc/sudoers.ldap.man.in b/doc/sudoers.ldap.man.in index b1b9d0aa4..2f992828a 100644 --- a/doc/sudoers.ldap.man.in +++ b/doc/sudoers.ldap.man.in @@ -140,7 +140,7 @@ .\" ======================================================================== .\" .IX Title "SUDOERS.LDAP @mansectform@" -.TH SUDOERS.LDAP @mansectform@ "April 9, 2011" "1.8.1" "MAINTENANCE COMMANDS" +.TH SUDOERS.LDAP @mansectform@ "May 22, 2011" "1.8.2" "MAINTENANCE COMMANDS" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff --git a/doc/sudoers.man.in b/doc/sudoers.man.in index d3efddac0..5dc91ddc8 100644 --- a/doc/sudoers.man.in +++ b/doc/sudoers.man.in @@ -148,7 +148,7 @@ .\" ======================================================================== .\" .IX Title "SUDOERS @mansectform@" -.TH SUDOERS @mansectform@ "April 9, 2011" "1.8.1" "MAINTENANCE COMMANDS" +.TH SUDOERS @mansectform@ "May 22, 2011" "1.8.2" "MAINTENANCE COMMANDS" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -1391,16 +1391,19 @@ This option is only available whe \fBsudo\fR is built with SELinux support. .IX Item "runas_default" The default user to run commands as if the \fB\-u\fR option is not specified on the command line. This defaults to \f(CW\*(C`@runas_default@\*(C'\fR. -Note that if \fIrunas_default\fR is set it \fBmust\fR occur before -any \f(CW\*(C`Runas_Alias\*(C'\fR specifications. .IP "syslog_badpri" 16 .IX Item "syslog_badpri" Syslog priority to use when user authenticates unsuccessfully. Defaults to \f(CW\*(C`@badpri@\*(C'\fR. +.Sp +The following syslog priorities are supported: \fBalert\fR, \fBcrit\fR, +\&\fBdebug\fR, \fBemerg\fR, \fBerr\fR, \fBinfo\fR, \fBnotice\fR, and \fBwarning\fR. .IP "syslog_goodpri" 16 .IX Item "syslog_goodpri" Syslog priority to use when user authenticates successfully. Defaults to \f(CW\*(C`@goodpri@\*(C'\fR. +.Sp +See syslog_badpri for the list of supported syslog priorities. .IP "sudoers_locale" 16 .IX Item "sudoers_locale" Locale to use when parsing the sudoers file, logging commands, and @@ -1424,16 +1427,6 @@ This option is only available whe \fBsudo\fR is built with SELinux support. \} .PP \&\fBStrings that can be used in a boolean context\fR: -.IP "askpass" 12 -.IX Item "askpass" -The \fIaskpass\fR option specifies the fully qualified path to a helper -program used to read the user's password when no terminal is -available. This may be the case when \fBsudo\fR is executed from a -graphical (as opposed to text-based) application. The program -specified by \fIaskpass\fR should display the argument passed to it -as the prompt and write the user's password to the standard output. -The value of \fIaskpass\fR may be overridden by the \f(CW\*(C`SUDO_ASKPASS\*(C'\fR -environment variable. .IP "env_file" 12 .IX Item "env_file" The \fIenv_file\fR options specifies the fully qualified path to a @@ -1553,6 +1546,10 @@ This option is @secure_path@ by default. .IX Item "syslog" Syslog facility if syslog is being used for logging (negate to disable syslog logging). Defaults to \f(CW\*(C`@logfac@\*(C'\fR. +.Sp +The following syslog facilities are supported: \fBauthpriv\fR (if your +\&\s-1OS\s0 supports it), \fBauth\fR, \fBdaemon\fR, \fBuser\fR, \fBlocal0\fR, \fBlocal1\fR, +\&\fBlocal2\fR, \fBlocal3\fR, \fBlocal4\fR, \fBlocal5\fR, \fBlocal6\fR, and \fBlocal7\fR. .IP "verifypw" 12 .IX Item "verifypw" This option controls when a password will be required when a user runs @@ -1617,14 +1614,6 @@ single value without double-quotes. The list can be replaced, added to, deleted from, or disabled by using the \f(CW\*(C`=\*(C'\fR, \f(CW\*(C`+=\*(C'\fR, \f(CW\*(C`\-=\*(C'\fR, and \&\f(CW\*(C`!\*(C'\fR operators respectively. The default list of variables to keep is displayed when \fBsudo\fR is run by root with the \fI\-V\fR option. -.PP -When logging via \fIsyslog\fR\|(3), \fBsudo\fR accepts the following values -for the syslog facility (the value of the \fBsyslog\fR Parameter): -\&\fBauthpriv\fR (if your \s-1OS\s0 supports it), \fBauth\fR, \fBdaemon\fR, \fBuser\fR, -\&\fBlocal0\fR, \fBlocal1\fR, \fBlocal2\fR, \fBlocal3\fR, \fBlocal4\fR, \fBlocal5\fR, -\&\fBlocal6\fR, and \fBlocal7\fR. The following syslog priorities are -supported: \fBalert\fR, \fBcrit\fR, \fBdebug\fR, \fBemerg\fR, \fBerr\fR, \fBinfo\fR, -\&\fBnotice\fR, and \fBwarning\fR. .SH "FILES" .IX Header "FILES" .ie n .IP "\fI@sysconfdir@/sudoers\fR" 24 diff --git a/doc/sudoreplay.cat b/doc/sudoreplay.cat index 54c96eb44..f04f5fa80 100644 --- a/doc/sudoreplay.cat +++ b/doc/sudoreplay.cat @@ -1,9 +1,7 @@ +SUDOREPLAY(1m) MAINTENANCE COMMANDS SUDOREPLAY(1m) -SUDOREPLAY(1m) MAINTENANCE COMMANDS SUDOREPLAY(1m) - - NNAAMMEE sudoreplay - replay sudo session logs @@ -58,18 +56,6 @@ OOPPTTIIOONNSS -l [_s_e_a_r_c_h _e_x_p_r_e_s_s_i_o_n] Enable "list mode". In this mode, ssuuddoorreeppllaayy will list available session IDs. If a _s_e_a_r_c_h _e_x_p_r_e_s_s_i_o_n is - - - -1.8.1 April 9, 2011 1 - - - - - -SUDOREPLAY(1m) MAINTENANCE COMMANDS SUDOREPLAY(1m) - - specified, it will be used to restrict the IDs that are displayed. An expression is composed of the following predicates: @@ -124,18 +110,6 @@ SUDOREPLAY(1m) MAINTENANCE COMMANDS SUDOREPLAY(1m) well as '(' and ')' for grouping (note that parentheses must generally be escaped from the shell). The _a_n_d operator is optional, adjacent predicates have an implied - - - -1.8.1 April 9, 2011 2 - - - - - -SUDOREPLAY(1m) MAINTENANCE COMMANDS SUDOREPLAY(1m) - - _a_n_d unless separated by an _o_r. -m _m_a_x___w_a_i_t Specify an upper bound on how long to wait between key @@ -189,19 +163,6 @@ SUDOREPLAY(1m) MAINTENANCE COMMANDS SUDOREPLAY(1m) tomorrow Exactly one day from now. - - - - -1.8.1 April 9, 2011 3 - - - - - -SUDOREPLAY(1m) MAINTENANCE COMMANDS SUDOREPLAY(1m) - - yesterday 24 hours ago. @@ -256,18 +217,6 @@ FFIILLEESS Example session timing file. Note that the _s_t_d_i_n, _s_t_d_o_u_t and _s_t_d_e_r_r files will be empty unless ssuuddoo - - - -1.8.1 April 9, 2011 4 - - - - - -SUDOREPLAY(1m) MAINTENANCE COMMANDS SUDOREPLAY(1m) - - was used as part of a pipeline for a particular command. EEXXAAMMPPLLEESS @@ -311,20 +260,4 @@ DDIISSCCLLAAIIMMEERR - - - - - - - - - - - - - - -1.8.1 April 9, 2011 5 - - +1.8.2 May 22, 2011 SUDOREPLAY(1m) diff --git a/doc/sudoreplay.man.in b/doc/sudoreplay.man.in index 453cfd059..f821d7630 100644 --- a/doc/sudoreplay.man.in +++ b/doc/sudoreplay.man.in @@ -139,7 +139,7 @@ .\" ======================================================================== .\" .IX Title "SUDOREPLAY @mansectsu@" -.TH SUDOREPLAY @mansectsu@ "April 9, 2011" "1.8.1" "MAINTENANCE COMMANDS" +.TH SUDOREPLAY @mansectsu@ "May 22, 2011" "1.8.2" "MAINTENANCE COMMANDS" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff --git a/doc/visudo.cat b/doc/visudo.cat index 74ebae6c3..2058f8c78 100644 --- a/doc/visudo.cat +++ b/doc/visudo.cat @@ -1,9 +1,7 @@ +VISUDO(1m) MAINTENANCE COMMANDS VISUDO(1m) -VISUDO(1m) MAINTENANCE COMMANDS VISUDO(1m) - - NNAAMMEE visudo - edit the sudoers file @@ -58,18 +56,6 @@ OOPPTTIIOONNSS --ff may be "-", indicating that _s_u_d_o_e_r_s will be read from the standard input. - - - -1.8.1 April 9, 2011 1 - - - - - -VISUDO(1m) MAINTENANCE COMMANDS VISUDO(1m) - - -h The --hh (_h_e_l_p) option causes vviissuuddoo to print a short help message to the standard output and exit. @@ -123,19 +109,6 @@ DDIIAAGGNNOOSSTTIICCSS used. You may wish to comment out or remove the unused alias. In --ss (strict) mode this is an error, not a warning. - - - - -1.8.1 April 9, 2011 2 - - - - - -VISUDO(1m) MAINTENANCE COMMANDS VISUDO(1m) - - SSEEEE AALLSSOO _v_i(1), _s_u_d_o_e_r_s(4), _s_u_d_o(1m), _v_i_p_w(1m) @@ -170,29 +143,4 @@ DDIISSCCLLAAIIMMEERR - - - - - - - - - - - - - - - - - - - - - - - -1.8.1 April 9, 2011 3 - - +1.8.2 May 22, 2011 VISUDO(1m) diff --git a/doc/visudo.man.in b/doc/visudo.man.in index 645a85629..986f272d2 100644 --- a/doc/visudo.man.in +++ b/doc/visudo.man.in @@ -144,7 +144,7 @@ .\" ======================================================================== .\" .IX Title "VISUDO @mansectsu@" -.TH VISUDO @mansectsu@ "April 9, 2011" "1.8.1" "MAINTENANCE COMMANDS" +.TH VISUDO @mansectsu@ "May 22, 2011" "1.8.2" "MAINTENANCE COMMANDS" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l -- cgit v1.2.1 From c7203df0524d2cf627ec6b68eaae93ea8b1d7fcb Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Sun, 22 May 2011 15:58:46 -0400 Subject: Mention what is new in 1.8.2 (for now) --- NEWS | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/NEWS b/NEWS index 729ad66ef..34e8280c2 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,16 @@ +What's new in Sudo 1.8.2? + + * Added a workaround for a FreeBSD bug with dlopen() and non-standard + PAM modules. + + * Sudo, visudo, sudoreplay and the sudoers plug-in now have natural + language support (NLS). Sudo will use gettext(), if available, + to display translated messages. This can be disabled by passing + configure the --disable-nls option. + + * Group ownership of the sudoers file is only enforced when the file + mode on sudoers allows group readability or writability. + What's new in Sudo 1.8.1p2? * Two-character CIDR-style IPv4 netmasks are now matched correctly -- cgit v1.2.1 From 95b37066d2ae93869cd47415b23760778ff2a7f4 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Sat, 4 Jun 2011 10:53:56 -0400 Subject: Update 1.8.2 news --- NEWS | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/NEWS b/NEWS index 34e8280c2..b6fd1e4f9 100644 --- a/NEWS +++ b/NEWS @@ -1,16 +1,30 @@ What's new in Sudo 1.8.2? + * Sudo, visudo, sudoreplay and the sudoers plug-in now have natural + language support (NLS). This can be disabled by passing configure + the --disable-nls option. Sudo will use gettext(), if available, + to display translated messages. All translations are coordinated + via The Translation Project, http://translationproject.org/. + * Added a workaround for a FreeBSD bug with dlopen() and non-standard PAM modules. - * Sudo, visudo, sudoreplay and the sudoers plug-in now have natural - language support (NLS). Sudo will use gettext(), if available, - to display translated messages. This can be disabled by passing - configure the --disable-nls option. + * I/O logging is now supported for commands run in background mode + (using sudo's -b flag). * Group ownership of the sudoers file is only enforced when the file mode on sudoers allows group readability or writability. + * Visudo now checks the contents of an alias and warns about cycles + when the alias is expanded. + + * If the user specifes a group via sudo's -g option that matches + the target user's group in the password database, it is now + allowed even if no groups are present in the Runas_Spec. + + * The sudo Makefiles now have more complete dependencies which are + automatically generated instead of being maintained manually. + What's new in Sudo 1.8.1p2? * Two-character CIDR-style IPv4 netmasks are now matched correctly -- cgit v1.2.1 From 45fccf4e2cd8d7003a772b1fa4c906918cab5f2e Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Mon, 6 Jun 2011 11:10:39 -0400 Subject: Update PAM change to reflect latest checkin. --- NEWS | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/NEWS b/NEWS index b6fd1e4f9..291f557c7 100644 --- a/NEWS +++ b/NEWS @@ -6,8 +6,9 @@ What's new in Sudo 1.8.2? to display translated messages. All translations are coordinated via The Translation Project, http://translationproject.org/. - * Added a workaround for a FreeBSD bug with dlopen() and non-standard - PAM modules. + * Plug-ins are now loaded with the RTLD_GLOBAL flag instead of + RTLD_LOCAL. This fixes missing symbol problems in PAM modules + on certain platforms, such as FreeBSD and SuSE Linux Enterprise. * I/O logging is now supported for commands run in background mode (using sudo's -b flag). -- cgit v1.2.1 From f905c1535d5287eb3f66fe7558089366895e2396 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Wed, 22 Jun 2011 10:12:22 -0400 Subject: Mention use_pty bug fix --- NEWS | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/NEWS b/NEWS index 291f557c7..4f1f67c88 100644 --- a/NEWS +++ b/NEWS @@ -26,6 +26,10 @@ What's new in Sudo 1.8.2? * The sudo Makefiles now have more complete dependencies which are automatically generated instead of being maintained manually. + * The "use_pty" sudoers option is now correctly passed back to the + sudo front end. This was missing in previous versions of sudo + 1.8 which prevented "use_pty" from having being honored. + What's new in Sudo 1.8.1p2? * Two-character CIDR-style IPv4 netmasks are now matched correctly -- cgit v1.2.1 From d8afeaca5312c98fa0605044a539d521c39d8fb5 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Wed, 22 Jun 2011 14:26:24 -0400 Subject: Fix typo --- NEWS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/NEWS b/NEWS index 4f1f67c88..b56f94f4f 100644 --- a/NEWS +++ b/NEWS @@ -28,7 +28,7 @@ What's new in Sudo 1.8.2? * The "use_pty" sudoers option is now correctly passed back to the sudo front end. This was missing in previous versions of sudo - 1.8 which prevented "use_pty" from having being honored. + 1.8 which prevented "use_pty" from being honored. What's new in Sudo 1.8.1p2? -- cgit v1.2.1 From 74e869f7e70ebcaedbf7b30fa5c46cc998a4b4f4 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Wed, 29 Jun 2011 08:43:59 -0400 Subject: Update for 1.8.2rc5 --- NEWS | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/NEWS b/NEWS index b56f94f4f..e1de2cc40 100644 --- a/NEWS +++ b/NEWS @@ -30,6 +30,10 @@ What's new in Sudo 1.8.2? sudo front end. This was missing in previous versions of sudo 1.8 which prevented "use_pty" from being honored. + * "sudo -i command" now works correctly with the bash shell. + Previously, the .bash_profile would not be sourced prior to + running the command. + What's new in Sudo 1.8.1p2? * Two-character CIDR-style IPv4 netmasks are now matched correctly -- cgit v1.2.1 From 26aea93dd05450b64aa2cb437f96aee0da43de68 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Sun, 3 Jul 2011 11:02:05 -0400 Subject: Document group lookup change and possible side effects. --- NEWS | 5 +++++ doc/UPGRADE | 24 ++++++++++++++++++++++++ 2 files changed, 29 insertions(+) diff --git a/NEWS b/NEWS index e1de2cc40..6cee22c91 100644 --- a/NEWS +++ b/NEWS @@ -34,6 +34,11 @@ What's new in Sudo 1.8.2? Previously, the .bash_profile would not be sourced prior to running the command. + * When matching groups in the sudoers file, sudo will now match + based on the name of the group instead of the group ID. This can + substantially reduce the number of group lookups for sudoers + files that contain a large nummber of groups. + What's new in Sudo 1.8.1p2? * Two-character CIDR-style IPv4 netmasks are now matched correctly diff --git a/doc/UPGRADE b/doc/UPGRADE index 35ca9a5e5..9ecab1227 100644 --- a/doc/UPGRADE +++ b/doc/UPGRADE @@ -1,6 +1,30 @@ Notes on upgrading from an older release ======================================== +o Upgrading from a version prior to 1.8.2: + + When matching Unix groups in the sudoers file, sudo will now + match based on the name of the group as it appears in sudoers + instead of the group ID. This can substantially reduce the + number of group lookups for sudoers files that contain a large + nummber of groups. There are a few side effects of this change. + + 1) Unix groups with different names but the same group ID are + can no longer be used interchangably. Sudo will look up all + of a user's groups by group ID and use the resulting group + names when matching sudoers entries. If there are multiple + groups with the same ID, the group name returned by the + system getgrgid() library function is the name that will be + used when matching sudoers entries. + + 2) Unix group names specified in the sudoers file that are + longer than the system maximum will no longer match. For + instance, if there is a Unix group "fireflie" on a system + where group names are limited to eight characters, "%fireflies" + in sudoers will no longer match "fireflie". Previously, a + lookup by name of the group "fireflies" would have matched + the "fireflie" group on most systems. + o Upgrading from a version prior to 1.8.1: Changes in the sudoers parser could result in parse errors for -- cgit v1.2.1 From b623defffe7176610dddd38f8bdfa6bd5179414c Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Fri, 5 Aug 2011 12:34:07 -0400 Subject: Add check for out of date message catalogs when doing "make dist". --- Makefile.in | 82 +++++++++++++++++++++++++++++++++++++++++-------------------- 1 file changed, 55 insertions(+), 27 deletions(-) diff --git a/Makefile.in b/Makefile.in index 5bbdb1e59..4d4b4a16b 100644 --- a/Makefile.in +++ b/Makefile.in @@ -171,39 +171,59 @@ sync-po: rsync -Lrtvz translationproject.org::tp/latest/sudoers/ plugins/sudoers/po/ update-pot: - @cd $(top_srcdir); \ - for pot in $(POTFILES); do \ - echo "Updating $$pot"; \ - domain=`basename $$pot .pot`; \ - case "$$domain" in \ - sudo) cfiles="src/*c common/*c compat/*c";; \ - sudoers) cfiles="plugins/sudoers/*.c plugins/sudoers/auth/*.c";; \ - *) echo unknown domain $$domain; continue;; \ - esac; \ - $(XGETTEXT) $(XGETTEXT_OPTS) -d$$domain $$cfiles -o $$pot; \ - done + @if $(XGETTEXT) --help >/dev/null 2>&1; then \ + cd $(top_srcdir); \ + for pot in $(POTFILES); do \ + echo "Updating $$pot"; \ + domain=`basename $$pot .pot`; \ + case "$$domain" in \ + sudo) cfiles="src/*c common/*c compat/*c";; \ + sudoers) cfiles="plugins/sudoers/*.c plugins/sudoers/auth/*.c";; \ + *) echo unknown domain $$domain; continue;; \ + esac; \ + $(XGETTEXT) $(XGETTEXT_OPTS) -d$$domain $$cfiles -o $$pot.tmp; \ + if diff -I'^.POT-Creation-Date' $$pot.tmp $$pot >/dev/null; then \ + mv -f $$pot.tmp $$pot; \ + else \ + rm -f $$pot.tmp; \ + fi; \ + done; \ + fi update-po: update-pot - @cd $(top_srcdir); \ - for pot in $(POTFILES); do \ - podir=`dirname $$pot`; \ - for po in $$podir/*.po; do \ - echo $(ECHO_N) "Updating $$po$(ECHO_C)"; \ - $(MSGMERGE) --update $$po $$pot; \ - $(MSGFMT) --output /dev/null --check-format $$po || exit 1; \ + @if $(MSGFMT) --help >/dev/null 2>&1; then \ + cd $(top_srcdir); \ + for pot in $(POTFILES); do \ + podir=`dirname $$pot`; \ + for po in $$podir/*.po; do \ + echo $(ECHO_N) "Updating $$po$(ECHO_C)"; \ + $(MSGMERGE) --update $$po $$pot; \ + $(MSGFMT) --output /dev/null --check-format $$po || exit 1; \ + done; \ done; \ - done + fi compile-po: - @cd $(top_srcdir); \ - for pot in $(POTFILES); do \ - podir=`dirname $$pot`; \ - for po in $$podir/*.po; do \ + @if $(MSGFMT) --help >/dev/null 2>&1; then \ + cd $(top_srcdir); \ + rm -f Makefile.$$$$; \ + POFILES=""; \ + for pot in $(POTFILES); do \ + podir=`dirname $$pot`; \ + for po in $$podir/*.po; do \ + POFILES="$$POFILES $$po"; \ + done; \ + done; \ + echo "all: `echo $$POFILES | sed 's/\.po/.mo/g'`" >> Makefile.$$$$; \ + echo "" >> Makefile.$$$$; \ + for po in $$POFILES; do \ mo=`echo $$po | sed 's/po$$/mo/'`; \ - echo $(ECHO_N) "Compiling $$mo: $(ECHO_C)"; \ - $(MSGFMT) --statistics -c -o $$mo $$po; \ + echo "$$mo: $$po" >> Makefile.$$$$; \ + echo " $(MSGFMT) --statistics -c -o $$mo $$po" >> Makefile.$$$$; \ done; \ - done + make -f Makefile.$$$$; \ + rm -f Makefile.$$$$; \ + fi install-nls: @if test "$(NLS)" = "enabled"; then \ @@ -222,7 +242,15 @@ install-nls: done; \ fi -dist: ChangeLog $(srcdir)/MANIFEST +check-dist: update-pot compile-po + @if [ -d .hg ]; then \ + if hg stat -am | grep '\.[mp]ot*$$'; then \ + echo "Uncommitted message catalog changes" 1>&2; \ + false; \ + fi; \ + fi + +dist: check-dist ChangeLog $(srcdir)/MANIFEST pax -w -x ustar -s '/^/$(PACKAGE_TARNAME)-$(VERSION)\//' \ -f ../$(PACKAGE_TARNAME)-$(VERSION).tar \ `sed 's/[ ].*//' $(srcdir)/MANIFEST` -- cgit v1.2.1 From 12242ea499901bc5615a72f2eb0d8e3741fcc7b9 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Fri, 5 Aug 2011 13:35:38 -0400 Subject: Regen pot files --- plugins/sudoers/po/sudoers.pot | 101 ++++++++++++++++--------------- src/po/sudo.pot | 132 ++++++++++++++++++++--------------------- 2 files changed, 119 insertions(+), 114 deletions(-) diff --git a/plugins/sudoers/po/sudoers.pot b/plugins/sudoers/po/sudoers.pot index d84bacfd2..68effd952 100644 --- a/plugins/sudoers/po/sudoers.pot +++ b/plugins/sudoers/po/sudoers.pot @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: sudo 1.8.2\n" "Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n" -"POT-Creation-Date: 2011-07-27 14:21-0400\n" +"POT-Creation-Date: 2011-08-05 13:34-0400\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -70,7 +70,7 @@ msgid "sorry, a password is required to run %s" msgstr "" #: plugins/sudoers/check.c:225 plugins/sudoers/iolog.c:169 -#: plugins/sudoers/sudoers.c:953 plugins/sudoers/sudoreplay.c:325 +#: plugins/sudoers/sudoers.c:970 plugins/sudoers/sudoreplay.c:325 #: plugins/sudoers/sudoreplay.c:334 plugins/sudoers/sudoreplay.c:675 #: plugins/sudoers/sudoreplay.c:767 plugins/sudoers/visudo.c:700 #, c-format @@ -117,7 +117,7 @@ msgid "%s writable by non-owner (0%o), should be mode 0700" msgstr "" #: plugins/sudoers/check.c:470 plugins/sudoers/check.c:514 -#: plugins/sudoers/check.c:582 plugins/sudoers/sudoers.c:939 +#: plugins/sudoers/check.c:582 plugins/sudoers/sudoers.c:956 #: plugins/sudoers/visudo.c:284 plugins/sudoers/visudo.c:500 #, c-format msgid "unable to stat %s" @@ -143,19 +143,19 @@ msgstr "" msgid "unable to remove %s (%s), will reset to the epoch" msgstr "" -#: plugins/sudoers/check.c:659 +#: plugins/sudoers/check.c:660 #, c-format msgid "unable to reset %s to the epoch" msgstr "" -#: plugins/sudoers/check.c:713 plugins/sudoers/check.c:719 +#: plugins/sudoers/check.c:714 plugins/sudoers/check.c:720 #, c-format msgid "unknown uid: %u" msgstr "" -#: plugins/sudoers/check.c:716 plugins/sudoers/sudoers.c:747 +#: plugins/sudoers/check.c:717 plugins/sudoers/sudoers.c:747 #: plugins/sudoers/sudoers.c:813 plugins/sudoers/sudoers.c:814 -#: plugins/sudoers/sudoers.c:1070 plugins/sudoers/testsudoers.c:200 +#: plugins/sudoers/sudoers.c:1087 plugins/sudoers/testsudoers.c:200 #: plugins/sudoers/testsudoers.c:330 #, c-format msgid "unknown user: %s" @@ -586,7 +586,7 @@ msgstr "" #: plugins/sudoers/find_path.c:68 plugins/sudoers/find_path.c:107 #: plugins/sudoers/find_path.c:122 plugins/sudoers/iolog.c:124 -#: plugins/sudoers/sudoers.c:882 toke.l:663 toke.l:814 +#: plugins/sudoers/sudoers.c:899 toke.l:663 toke.l:814 #, c-format msgid "%s: %s" msgstr "" @@ -596,32 +596,32 @@ msgstr "" msgid ">>> %s: %s near line %d <<<" msgstr "" -#: plugins/sudoers/group_plugin.c:91 +#: plugins/sudoers/group_plugin.c:90 #, c-format msgid "%s%s: %s" msgstr "" -#: plugins/sudoers/group_plugin.c:103 +#: plugins/sudoers/group_plugin.c:102 #, c-format msgid "%s must be owned by uid %d" msgstr "" -#: plugins/sudoers/group_plugin.c:107 +#: plugins/sudoers/group_plugin.c:106 #, c-format msgid "%s must only be writable by owner" msgstr "" -#: plugins/sudoers/group_plugin.c:114 +#: plugins/sudoers/group_plugin.c:113 #, c-format msgid "unable to dlopen %s: %s" msgstr "" -#: plugins/sudoers/group_plugin.c:119 +#: plugins/sudoers/group_plugin.c:118 #, c-format msgid "unable to find symbol \"group_plugin\" in %s" msgstr "" -#: plugins/sudoers/group_plugin.c:124 +#: plugins/sudoers/group_plugin.c:123 #, c-format msgid "%s: incompatible group plugin major version %d, expected %d" msgstr "" @@ -630,7 +630,7 @@ msgstr "" msgid "Local IP address and netmask pairs:\n" msgstr "" -#: plugins/sudoers/iolog.c:176 plugins/sudoers/sudoers.c:960 +#: plugins/sudoers/iolog.c:176 plugins/sudoers/sudoers.c:977 #, c-format msgid "unable to read %s" msgstr "" @@ -905,33 +905,38 @@ msgstr "" msgid "unable to cache group %s, already exists" msgstr "" -#: plugins/sudoers/set_perms.c:109 plugins/sudoers/set_perms.c:350 -#: plugins/sudoers/set_perms.c:577 plugins/sudoers/set_perms.c:806 +#: plugins/sudoers/set_perms.c:109 plugins/sudoers/set_perms.c:355 +#: plugins/sudoers/set_perms.c:587 plugins/sudoers/set_perms.c:821 msgid "perm stack overflow" msgstr "" -#: plugins/sudoers/set_perms.c:218 plugins/sudoers/set_perms.c:445 -#: plugins/sudoers/set_perms.c:677 +#: plugins/sudoers/set_perms.c:117 plugins/sudoers/set_perms.c:363 +#: plugins/sudoers/set_perms.c:595 plugins/sudoers/set_perms.c:829 +msgid "perm stack underflow" +msgstr "" + +#: plugins/sudoers/set_perms.c:223 plugins/sudoers/set_perms.c:455 +#: plugins/sudoers/set_perms.c:692 msgid "unable to change to runas gid" msgstr "" -#: plugins/sudoers/set_perms.c:226 plugins/sudoers/set_perms.c:452 -#: plugins/sudoers/set_perms.c:684 +#: plugins/sudoers/set_perms.c:231 plugins/sudoers/set_perms.c:462 +#: plugins/sudoers/set_perms.c:699 msgid "unable to change to runas uid" msgstr "" -#: plugins/sudoers/set_perms.c:240 plugins/sudoers/set_perms.c:465 -#: plugins/sudoers/set_perms.c:697 +#: plugins/sudoers/set_perms.c:245 plugins/sudoers/set_perms.c:475 +#: plugins/sudoers/set_perms.c:712 #, c-format msgid "unable to change to sudoers gid" msgstr "" -#: plugins/sudoers/set_perms.c:281 plugins/sudoers/set_perms.c:503 -#: plugins/sudoers/set_perms.c:735 plugins/sudoers/set_perms.c:870 +#: plugins/sudoers/set_perms.c:286 plugins/sudoers/set_perms.c:513 +#: plugins/sudoers/set_perms.c:750 plugins/sudoers/set_perms.c:890 msgid "too many processes" msgstr "" -#: plugins/sudoers/set_perms.c:932 +#: plugins/sudoers/set_perms.c:952 msgid "unable to set runas group vector" msgstr "" @@ -956,7 +961,7 @@ msgid "User %s is not allowed to run sudo on %s.\n" msgstr "" #: plugins/sudoers/sudoers.c:198 plugins/sudoers/sudoers.c:233 -#: plugins/sudoers/sudoers.c:890 +#: plugins/sudoers/sudoers.c:907 msgid "problem with defaults entries" msgstr "" @@ -999,8 +1004,8 @@ msgid "No user or host" msgstr "" #: plugins/sudoers/sudoers.c:476 plugins/sudoers/sudoers.c:497 -#: plugins/sudoers/sudoers.c:498 plugins/sudoers/sudoers.c:1435 -#: plugins/sudoers/sudoers.c:1436 +#: plugins/sudoers/sudoers.c:498 plugins/sudoers/sudoers.c:1452 +#: plugins/sudoers/sudoers.c:1453 #, c-format msgid "%s: command not found" msgstr "" @@ -1025,99 +1030,99 @@ msgstr "" msgid "sorry, you are not allowed to preserve the environment" msgstr "" -#: plugins/sudoers/sudoers.c:874 +#: plugins/sudoers/sudoers.c:890 #, c-format msgid "internal error, set_cmnd() overflow" msgstr "" -#: plugins/sudoers/sudoers.c:918 +#: plugins/sudoers/sudoers.c:935 #, c-format msgid "fixed mode on %s" msgstr "" -#: plugins/sudoers/sudoers.c:922 +#: plugins/sudoers/sudoers.c:939 #, c-format msgid "set group on %s" msgstr "" -#: plugins/sudoers/sudoers.c:925 +#: plugins/sudoers/sudoers.c:942 #, c-format msgid "unable to set group on %s" msgstr "" -#: plugins/sudoers/sudoers.c:928 +#: plugins/sudoers/sudoers.c:945 #, c-format msgid "unable to fix mode on %s" msgstr "" -#: plugins/sudoers/sudoers.c:941 +#: plugins/sudoers/sudoers.c:958 #, c-format msgid "%s is not a regular file" msgstr "" -#: plugins/sudoers/sudoers.c:943 +#: plugins/sudoers/sudoers.c:960 #, c-format msgid "%s is mode 0%o, should be 0%o" msgstr "" -#: plugins/sudoers/sudoers.c:947 +#: plugins/sudoers/sudoers.c:964 #, c-format msgid "%s is owned by uid %u, should be %u" msgstr "" -#: plugins/sudoers/sudoers.c:950 +#: plugins/sudoers/sudoers.c:967 #, c-format msgid "%s is owned by gid %u, should be %u" msgstr "" -#: plugins/sudoers/sudoers.c:994 +#: plugins/sudoers/sudoers.c:1011 #, c-format msgid "only root can use `-c %s'" msgstr "" -#: plugins/sudoers/sudoers.c:1004 +#: plugins/sudoers/sudoers.c:1021 #, c-format msgid "unknown login class: %s" msgstr "" -#: plugins/sudoers/sudoers.c:1038 +#: plugins/sudoers/sudoers.c:1055 #, c-format msgid "unable to resolve host %s" msgstr "" -#: plugins/sudoers/sudoers.c:1088 plugins/sudoers/testsudoers.c:342 +#: plugins/sudoers/sudoers.c:1105 plugins/sudoers/testsudoers.c:342 #, c-format msgid "unknown group: %s" msgstr "" -#: plugins/sudoers/sudoers.c:1120 +#: plugins/sudoers/sudoers.c:1137 #, c-format msgid "Sudoers policy plugin version %s\n" msgstr "" -#: plugins/sudoers/sudoers.c:1122 +#: plugins/sudoers/sudoers.c:1139 #, c-format msgid "Sudoers file grammar version %d\n" msgstr "" -#: plugins/sudoers/sudoers.c:1126 +#: plugins/sudoers/sudoers.c:1143 #, c-format msgid "" "\n" "Sudoers path: %s\n" msgstr "" -#: plugins/sudoers/sudoers.c:1129 +#: plugins/sudoers/sudoers.c:1146 #, c-format msgid "nsswitch path: %s\n" msgstr "" -#: plugins/sudoers/sudoers.c:1131 +#: plugins/sudoers/sudoers.c:1148 #, c-format msgid "ldap.conf path: %s\n" msgstr "" -#: plugins/sudoers/sudoers.c:1132 +#: plugins/sudoers/sudoers.c:1149 #, c-format msgid "ldap.secret path: %s\n" msgstr "" diff --git a/src/po/sudo.pot b/src/po/sudo.pot index 2d33af98a..b2ef76720 100644 --- a/src/po/sudo.pot +++ b/src/po/sudo.pot @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: sudo 1.8.2\n" "Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n" -"POT-Creation-Date: 2011-07-27 14:21-0400\n" +"POT-Creation-Date: 2011-08-05 13:34-0400\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -192,142 +192,142 @@ msgstr "" msgid "the `-A' and `-S' options may not be used together" msgstr "" -#: src/parse_args.c:418 src/sudo.c:442 src/sudo.c:462 src/sudo.c:470 -#: src/sudo.c:480 common/alloc.c:85 common/alloc.c:105 common/alloc.c:123 +#: src/parse_args.c:429 src/sudo.c:435 src/sudo.c:455 src/sudo.c:463 +#: src/sudo.c:473 common/alloc.c:85 common/alloc.c:105 common/alloc.c:123 #: common/alloc.c:145 common/alloc.c:203 common/alloc.c:217 #, c-format msgid "unable to allocate memory" msgstr "" -#: src/parse_args.c:431 +#: src/parse_args.c:442 #, c-format msgid "sudoedit is not supported on this platform" msgstr "" -#: src/parse_args.c:502 +#: src/parse_args.c:513 #, c-format msgid "" "Only one of the -e, -h, -i, -K, -l, -s, -v or -V options may be specified" msgstr "" -#: src/parse_args.c:515 +#: src/parse_args.c:526 #, c-format msgid "" "%s - edit files as another user\n" "\n" msgstr "" -#: src/parse_args.c:517 +#: src/parse_args.c:528 #, c-format msgid "" "%s - execute a command as another user\n" "\n" msgstr "" -#: src/parse_args.c:522 +#: src/parse_args.c:533 #, c-format msgid "" "\n" "Options:\n" msgstr "" -#: src/parse_args.c:525 +#: src/parse_args.c:536 msgid "use helper program for password prompting\n" msgstr "" -#: src/parse_args.c:528 +#: src/parse_args.c:539 msgid "use specified BSD authentication type\n" msgstr "" -#: src/parse_args.c:530 +#: src/parse_args.c:541 msgid "run command in the background\n" msgstr "" -#: src/parse_args.c:532 +#: src/parse_args.c:543 msgid "close all file descriptors >= fd\n" msgstr "" -#: src/parse_args.c:535 +#: src/parse_args.c:546 msgid "run command with specified login class\n" msgstr "" -#: src/parse_args.c:538 +#: src/parse_args.c:549 msgid "preserve user environment when executing command\n" msgstr "" -#: src/parse_args.c:540 +#: src/parse_args.c:551 msgid "edit files instead of running a command\n" msgstr "" -#: src/parse_args.c:542 +#: src/parse_args.c:553 msgid "execute command as the specified group\n" msgstr "" -#: src/parse_args.c:544 +#: src/parse_args.c:555 msgid "set HOME variable to target user's home dir.\n" msgstr "" -#: src/parse_args.c:546 +#: src/parse_args.c:557 msgid "display help message and exit\n" msgstr "" -#: src/parse_args.c:548 +#: src/parse_args.c:559 msgid "run a login shell as target user\n" msgstr "" -#: src/parse_args.c:550 +#: src/parse_args.c:561 msgid "remove timestamp file completely\n" msgstr "" -#: src/parse_args.c:552 +#: src/parse_args.c:563 msgid "invalidate timestamp file\n" msgstr "" -#: src/parse_args.c:554 +#: src/parse_args.c:565 msgid "list user's available commands\n" msgstr "" -#: src/parse_args.c:556 +#: src/parse_args.c:567 msgid "non-interactive mode, will not prompt user\n" msgstr "" -#: src/parse_args.c:558 +#: src/parse_args.c:569 msgid "preserve group vector instead of setting to target's\n" msgstr "" -#: src/parse_args.c:560 +#: src/parse_args.c:571 msgid "use specified password prompt\n" msgstr "" -#: src/parse_args.c:563 src/parse_args.c:571 +#: src/parse_args.c:574 src/parse_args.c:582 msgid "create SELinux security context with specified role\n" msgstr "" -#: src/parse_args.c:566 +#: src/parse_args.c:577 msgid "read password from standard input\n" msgstr "" -#: src/parse_args.c:568 +#: src/parse_args.c:579 msgid "run a shell as target user\n" msgstr "" -#: src/parse_args.c:574 +#: src/parse_args.c:585 msgid "when listing, list specified user's privileges\n" msgstr "" -#: src/parse_args.c:576 +#: src/parse_args.c:587 msgid "run command (or edit file) as specified user\n" msgstr "" -#: src/parse_args.c:578 +#: src/parse_args.c:589 msgid "display version information and exit\n" msgstr "" -#: src/parse_args.c:580 +#: src/parse_args.c:591 msgid "update user's timestamp without running a command\n" msgstr "" -#: src/parse_args.c:582 +#: src/parse_args.c:593 msgid "stop processing command line arguments\n" msgstr "" @@ -376,7 +376,7 @@ msgstr "" msgid "unable to set new tty context" msgstr "" -#: src/selinux.c:194 src/selinux.c:207 src/sudo.c:330 +#: src/selinux.c:194 src/selinux.c:207 src/sudo.c:323 #, c-format msgid "unable to open %s" msgstr "" @@ -440,162 +440,162 @@ msgstr "" msgid "unable to execute %s" msgstr "" -#: src/sudo.c:192 +#: src/sudo.c:191 #, c-format msgid "must be setuid root" msgstr "" -#: src/sudo.c:210 +#: src/sudo.c:209 #, c-format msgid "Sudo version %s\n" msgstr "" -#: src/sudo.c:212 +#: src/sudo.c:211 #, c-format msgid "Configure options: %s\n" msgstr "" -#: src/sudo.c:217 +#: src/sudo.c:216 #, c-format msgid "fatal error, unable to load plugins" msgstr "" -#: src/sudo.c:225 +#: src/sudo.c:224 #, c-format msgid "unable to initialize policy plugin" msgstr "" -#: src/sudo.c:280 +#: src/sudo.c:279 #, c-format msgid "error initializing I/O plugin %s" msgstr "" -#: src/sudo.c:307 +#: src/sudo.c:300 #, c-format msgid "unexpected sudo mode 0x%x" msgstr "" -#: src/sudo.c:396 +#: src/sudo.c:389 #, c-format msgid "unable to get group vector" msgstr "" -#: src/sudo.c:438 +#: src/sudo.c:431 #, c-format msgid "unknown uid %u: who are you?" msgstr "" -#: src/sudo.c:780 +#: src/sudo.c:773 #, c-format msgid "resource control limit has been reached" msgstr "" -#: src/sudo.c:783 +#: src/sudo.c:776 #, c-format msgid "user \"%s\" is not a member of project \"%s\"" msgstr "" -#: src/sudo.c:787 +#: src/sudo.c:780 #, c-format msgid "the invoking task is final" msgstr "" -#: src/sudo.c:790 +#: src/sudo.c:783 #, c-format msgid "could not join project \"%s\"" msgstr "" -#: src/sudo.c:795 +#: src/sudo.c:788 #, c-format msgid "no resource pool accepting default bindings exists for project \"%s\"" msgstr "" -#: src/sudo.c:799 +#: src/sudo.c:792 #, c-format msgid "specified resource pool does not exist for project \"%s\"" msgstr "" -#: src/sudo.c:803 +#: src/sudo.c:796 #, c-format msgid "could not bind to default resource pool for project \"%s\"" msgstr "" -#: src/sudo.c:809 +#: src/sudo.c:802 #, c-format msgid "setproject failed for project \"%s\"" msgstr "" -#: src/sudo.c:811 +#: src/sudo.c:804 #, c-format msgid "warning, resource control assignment failed for project \"%s\"" msgstr "" -#: src/sudo.c:839 +#: src/sudo.c:832 #, c-format msgid "unable to remove PRIV_PROC_EXEC from PRIV_LIMIT" msgstr "" -#: src/sudo.c:945 +#: src/sudo.c:938 #, c-format msgid "unknown login class %s" msgstr "" -#: src/sudo.c:952 src/sudo.c:955 +#: src/sudo.c:945 src/sudo.c:948 #, c-format msgid "unable to set user context" msgstr "" -#: src/sudo.c:966 +#: src/sudo.c:959 #, c-format msgid "unable to set effective gid to runas gid %u" msgstr "" -#: src/sudo.c:971 +#: src/sudo.c:964 #, c-format msgid "unable to set gid to runas gid %u" msgstr "" -#: src/sudo.c:978 +#: src/sudo.c:971 #, c-format msgid "unable to set supplementary group IDs" msgstr "" -#: src/sudo.c:986 +#: src/sudo.c:979 #, c-format msgid "unable to set process priority" msgstr "" -#: src/sudo.c:994 +#: src/sudo.c:987 #, c-format msgid "unable to change root to %s" msgstr "" -#: src/sudo.c:1004 src/sudo.c:1010 src/sudo.c:1016 +#: src/sudo.c:997 src/sudo.c:1003 src/sudo.c:1009 #, c-format msgid "unable to change to runas uid (%u, %u)" msgstr "" -#: src/sudo.c:1030 +#: src/sudo.c:1023 #, c-format msgid "unable to change directory to %s" msgstr "" -#: src/sudo.c:1121 +#: src/sudo.c:1090 #, c-format msgid "unexpected child termination condition: %d" msgstr "" -#: src/sudo.c:1161 +#: src/sudo.c:1130 #, c-format msgid "policy plugin %s does not support listing privileges" msgstr "" -#: src/sudo.c:1172 +#: src/sudo.c:1141 #, c-format msgid "policy plugin %s does not support the -v option" msgstr "" -#: src/sudo.c:1183 +#: src/sudo.c:1152 #, c-format msgid "policy plugin %s does not support the -k/-K options" msgstr "" -- cgit v1.2.1 From 64a9ed79513d8b43579cda3d621477505b987ae5 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Sat, 13 Aug 2011 18:36:37 -0400 Subject: Update for 1.8.2 final --- NEWS | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/NEWS b/NEWS index 6cee22c91..0ff7110d3 100644 --- a/NEWS +++ b/NEWS @@ -13,8 +13,8 @@ What's new in Sudo 1.8.2? * I/O logging is now supported for commands run in background mode (using sudo's -b flag). - * Group ownership of the sudoers file is only enforced when the file - mode on sudoers allows group readability or writability. + * Group ownership of the sudoers file is now only enforced when + the file mode on sudoers allows group readability or writability. * Visudo now checks the contents of an alias and warns about cycles when the alias is expanded. @@ -30,14 +30,26 @@ What's new in Sudo 1.8.2? sudo front end. This was missing in previous versions of sudo 1.8 which prevented "use_pty" from being honored. - * "sudo -i command" now works correctly with the bash shell. - Previously, the .bash_profile would not be sourced prior to - running the command. + * "sudo -i command" now works correctly with the bash version + 2.0 and higher. Previously, the .bash_profile would not be + sourced prior to running the command unless bash was built with + NON_INTERACTIVE_LOGIN_SHELLS defined. * When matching groups in the sudoers file, sudo will now match based on the name of the group instead of the group ID. This can substantially reduce the number of group lookups for sudoers - files that contain a large nummber of groups. + files that contain a large number of groups. + + * Multi-factor authentication is now supported on AIX. + + * Added support for non-RFC 4517 compliant LDAP servers that require + that seconds be present in a timestamp, such as Tivoli Directory Server. + + * If the group vector is to be preserved, the PATH search for the + command is now done with the user's original group vector. + + * For LDAP-based sudoers, the "runas_default" sudoOption now works + properly in a sudoRole that contains a sudoCommand. What's new in Sudo 1.8.1p2? -- cgit v1.2.1 From e620df9fef7bbdfa2d911ad1bf433e7052fa30ea Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Sun, 14 Aug 2011 11:45:50 -0400 Subject: sync --- NEWS | 3 +++ 1 file changed, 3 insertions(+) diff --git a/NEWS b/NEWS index 0ff7110d3..abcbcc9ea 100644 --- a/NEWS +++ b/NEWS @@ -51,6 +51,9 @@ What's new in Sudo 1.8.2? * For LDAP-based sudoers, the "runas_default" sudoOption now works properly in a sudoRole that contains a sudoCommand. + * Spaces in command line arguments for "sudo -s" and "sudo -i" are + now escaped with a backslash when checking the security policy. + What's new in Sudo 1.8.1p2? * Two-character CIDR-style IPv4 netmasks are now matched correctly -- cgit v1.2.1 From 75ca8aef843e1397fa252c6cf95bfbe80ef55bd8 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Wed, 17 Aug 2011 09:54:48 -0400 Subject: regen docs --- doc/sudo.cat | 9 ++++++--- doc/sudo.man.in | 9 ++++++--- doc/sudoers.cat | 15 ++++++++------- doc/sudoers.ldap.cat | 22 +++++++++++++--------- doc/sudoers.ldap.man.in | 12 +++++++----- doc/sudoers.man.in | 11 ++++++----- doc/visudo.cat | 8 +++++++- doc/visudo.man.in | 8 +++++++- 8 files changed, 60 insertions(+), 34 deletions(-) diff --git a/doc/sudo.cat b/doc/sudo.cat index b27dc2b1d..30a6aca98 100644 --- a/doc/sudo.cat +++ b/doc/sudo.cat @@ -114,7 +114,7 @@ OOPPTTIIOONNSS _l_e_v_e_l may be a value from 1 through 9. -E The --EE (_p_r_e_s_e_r_v_e _e_n_v_i_r_o_n_m_e_n_t) option indicates to the - security policy that the uses wishes to preserve their + security policy that the user wishes to preserve their existing environment variables. The security policy may return an error if the --EE option is specified and the user does not have permission to preserve the environment. @@ -177,7 +177,10 @@ OOPPTTIIOONNSS to change to that user's home directory before running the shell. The security policy shall initialize the environment to a minimal set of variables, similar to what - is present when a user logs in. + is present when a user logs in. The _C_o_m_m_a_n_d _E_n_v_i_r_o_n_m_e_n_t + section in the _s_u_d_o_e_r_s(4) manual documents how the --ii + option affects the environment in which a command is run + when the _s_u_d_o_e_r_s policy is in use. -K The --KK (sure _k_i_l_l) option is like --kk except that it removes the user's cached credentials entirely and may not be used @@ -544,4 +547,4 @@ DDIISSCCLLAAIIMMEERR -1.8.2 May 22, 2011 SUDO(1m) +1.8.2 August 17, 2011 SUDO(1m) diff --git a/doc/sudo.man.in b/doc/sudo.man.in index 843d6acd5..435e305ca 100644 --- a/doc/sudo.man.in +++ b/doc/sudo.man.in @@ -149,7 +149,7 @@ .\" ======================================================================== .\" .IX Title "SUDO @mansectsu@" -.TH SUDO @mansectsu@ "May 22, 2011" "1.8.2" "MAINTENANCE COMMANDS" +.TH SUDO @mansectsu@ "August 17, 2011" "1.8.2" "MAINTENANCE COMMANDS" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -295,7 +295,7 @@ may be a value from 1 through 9. .IP "\-E" 12 .IX Item "-E" The \fB\-E\fR (\fIpreserve\fR \fIenvironment\fR) option indicates to the -security policy that the uses wishes to preserve their existing +security policy that the user wishes to preserve their existing environment variables. The security policy may return an error if the \fB\-E\fR option is specified and the user does not have permission to preserve the environment. @@ -361,7 +361,10 @@ If no command is specified, an interactive shell is executed. \&\fBsudo\fR attempts to change to that user's home directory before running the shell. The security policy shall initialize the environment to a minimal set of variables, similar to what is present -when a user logs in. +when a user logs in. The \fICommand Environment\fR section in the +\&\fIsudoers\fR\|(@mansectform@) manual documents how the \fB\-i\fR option affects the +environment in which a command is run when the \fIsudoers\fR policy +is in use. .IP "\-K" 12 .IX Item "-K" The \fB\-K\fR (sure \fIkill\fR) option is like \fB\-k\fR except that it removes diff --git a/doc/sudoers.cat b/doc/sudoers.cat index 27429e029..8026596a6 100644 --- a/doc/sudoers.cat +++ b/doc/sudoers.cat @@ -90,7 +90,7 @@ DDEESSCCRRIIPPTTIIOONN before ssuuddoo even begins execution and, as such, it is not possible for ssuuddoo to preserve them. - As a special case, If ssuuddoo's --ii option (initial login) is specified, + As a special case, if ssuuddoo's --ii option (initial login) is specified, _s_u_d_o_e_r_s will initialize the environment regardless of the value of _e_n_v___r_e_s_e_t. The _D_I_S_P_L_A_Y, _P_A_T_H and _T_E_R_M variables remain unchanged; _H_O_M_E, _M_A_I_L, _S_H_E_L_L, _U_S_E_R, and _L_O_G_N_A_M_E are set based on the target user. @@ -768,7 +768,7 @@ SSUUDDOOEERRSS OOPPTTIIOONNSS log_year If set, the four-digit year will be logged in the (non- syslog) ssuuddoo log file. This flag is _o_f_f by default. - long_otp_prompt When validating with a One Time Password (OPT) scheme + long_otp_prompt When validating with a One Time Password (OTP) scheme such as SS//KKeeyy or OOPPIIEE, a two-line prompt is used to make it easier to cut and paste the challenge to a local window. It's not as pretty as the default but @@ -1096,8 +1096,8 @@ SSUUDDOOEERRSS OOPPTTIIOONNSS escape sequences are supported: %H expanded to the local host name including the - domain name (on if the machine's host name is fully - qualified or the _f_q_d_n option is set) + domain name (only if the machine's host name is + fully qualified or the _f_q_d_n option is set) %h expanded to the local host name without the domain name @@ -1167,7 +1167,8 @@ SSUUDDOOEERRSS OOPPTTIIOONNSS exempt_group Users in this group are exempt from password and PATH - requirements. This is not set by default. + requirements. The group name specified should not include + a % prefix. This is not set by default. group_plugin A string containing a _s_u_d_o_e_r_s group plugin with optional @@ -1183,7 +1184,7 @@ SSUUDDOOEERRSS OOPPTTIIOONNSS For example, given _/_e_t_c_/_s_u_d_o_-_g_r_o_u_p, a group file in Unix group format, the sample group plugin can be used: - Defaults sudo_plugin="sample_group.so /etc/sudo-group" + Defaults group_plugin="sample_group.so /etc/sudo-group" For more information see _s_u_d_o___p_l_u_g_i_n(4). @@ -1681,4 +1682,4 @@ DDIISSCCLLAAIIMMEERR -1.8.2 May 22, 2011 SUDOERS(4) +1.8.2 August 17, 2011 SUDOERS(4) diff --git a/doc/sudoers.ldap.cat b/doc/sudoers.ldap.cat index 483500345..89e122a08 100644 --- a/doc/sudoers.ldap.cat +++ b/doc/sudoers.ldap.cat @@ -107,22 +107,26 @@ DDEESSCCRRIIPPTTIIOONN 1.7.0 and higher. ssuuddooNNoottBBeeffoorree - A timestamp in the form yyyymmddHHMMZ that can be used to provide a - start date/time for when the sudoRole will be valid. If multiple + A timestamp in the form yyyymmddHHMMSSZ that can be used to provide + a start date/time for when the sudoRole will be valid. If multiple sudoNotBefore entries are present, the earliest is used. Note that timestamps must be in Coordinated Universal Time (UTC), not the - local timezone. + local timezone. The minute and seconds portions are optional, but + some LDAP servers require that they be present (contrary to the + RFC). The sudoNotBefore attribute is only available in ssuuddoo versions 1.7.5 and higher and must be explicitly enabled via the SSUUDDOOEERRSS__TTIIMMEEDD option in _/_e_t_c_/_l_d_a_p_._c_o_n_f. ssuuddooNNoottAAfftteerr - A timestamp in the form yyyymmddHHMMZ that indicates an expiration - date/time, after which the sudoRole will no longer be valid. If - multiple sudoNotBefore entries are present, the last one is used. - Note that timestamps must be in Coordinated Universal Time (UTC), - not the local timezone. + A timestamp in the form yyyymmddHHMMSSZ that indicates an + expiration date/time, after which the sudoRole will no longer be + valid. If multiple sudoNotBefore entries are present, the last one + is used. Note that timestamps must be in Coordinated Universal + Time (UTC), not the local timezone. The minute and seconds + portions are optional, but some LDAP servers require that they be + present (contrary to the RFC). The sudoNotAfter attribute is only available in ssuuddoo versions 1.7.5 and higher and must be explicitly enabled via the SSUUDDOOEERRSS__TTIIMMEEDD @@ -738,4 +742,4 @@ DDIISSCCLLAAIIMMEERR -1.8.2 May 22, 2011 SUDOERS.LDAP(4) +1.8.2 August 17, 2011 SUDOERS.LDAP(4) diff --git a/doc/sudoers.ldap.man.in b/doc/sudoers.ldap.man.in index 2f992828a..215713dbd 100644 --- a/doc/sudoers.ldap.man.in +++ b/doc/sudoers.ldap.man.in @@ -140,7 +140,7 @@ .\" ======================================================================== .\" .IX Title "SUDOERS.LDAP @mansectform@" -.TH SUDOERS.LDAP @mansectform@ "May 22, 2011" "1.8.2" "MAINTENANCE COMMANDS" +.TH SUDOERS.LDAP @mansectform@ "August 17, 2011" "1.8.2" "MAINTENANCE COMMANDS" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -254,22 +254,24 @@ The \f(CW\*(C`sudoRunAsGroup\*(C'\fR attribute is only available in \fBsudo\fR v 1.7.0 and higher. .IP "\fBsudoNotBefore\fR" 4 .IX Item "sudoNotBefore" -A timestamp in the form \f(CW\*(C`yyyymmddHHMMZ\*(C'\fR that can be used to provide +A timestamp in the form \f(CW\*(C`yyyymmddHHMMSSZ\*(C'\fR that can be used to provide a start date/time for when the \f(CW\*(C`sudoRole\*(C'\fR will be valid. If multiple \f(CW\*(C`sudoNotBefore\*(C'\fR entries are present, the earliest is used. Note that timestamps must be in Coordinated Universal Time (\s-1UTC\s0), -not the local timezone. +not the local timezone. The minute and seconds portions are optional, +but some \s-1LDAP\s0 servers require that they be present (contrary to the \s-1RFC\s0). .Sp The \f(CW\*(C`sudoNotBefore\*(C'\fR attribute is only available in \fBsudo\fR versions 1.7.5 and higher and must be explicitly enabled via the \fB\s-1SUDOERS_TIMED\s0\fR option in \fI@ldap_conf@\fR. .IP "\fBsudoNotAfter\fR" 4 .IX Item "sudoNotAfter" -A timestamp in the form \f(CW\*(C`yyyymmddHHMMZ\*(C'\fR that indicates an expiration +A timestamp in the form \f(CW\*(C`yyyymmddHHMMSSZ\*(C'\fR that indicates an expiration date/time, after which the \f(CW\*(C`sudoRole\*(C'\fR will no longer be valid. If multiple \f(CW\*(C`sudoNotBefore\*(C'\fR entries are present, the last one is used. Note that timestamps must be in Coordinated Universal Time (\s-1UTC\s0), -not the local timezone. +not the local timezone. The minute and seconds portions are optional, +but some \s-1LDAP\s0 servers require that they be present (contrary to the \s-1RFC\s0). .Sp The \f(CW\*(C`sudoNotAfter\*(C'\fR attribute is only available in \fBsudo\fR versions 1.7.5 and higher and must be explicitly enabled via the \fB\s-1SUDOERS_TIMED\s0\fR diff --git a/doc/sudoers.man.in b/doc/sudoers.man.in index 5dc91ddc8..faea227c6 100644 --- a/doc/sudoers.man.in +++ b/doc/sudoers.man.in @@ -148,7 +148,7 @@ .\" ======================================================================== .\" .IX Title "SUDOERS @mansectform@" -.TH SUDOERS @mansectform@ "May 22, 2011" "1.8.2" "MAINTENANCE COMMANDS" +.TH SUDOERS @mansectform@ "August 17, 2011" "1.8.2" "MAINTENANCE COMMANDS" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -244,7 +244,7 @@ system this may include \f(CW\*(C`_RLD*\*(C'\fR, \f(CW\*(C`DYLD_*\*(C'\fR, \f(CW removed from the environment before \fBsudo\fR even begins execution and, as such, it is not possible for \fBsudo\fR to preserve them. .PP -As a special case, If \fBsudo\fR's \fB\-i\fR option (initial login) is +As a special case, if \fBsudo\fR's \fB\-i\fR option (initial login) is specified, \fIsudoers\fR will initialize the environment regardless of the value of \fIenv_reset\fR. The \fI\s-1DISPLAY\s0\fR, \fI\s-1PATH\s0\fR and \fI\s-1TERM\s0\fR variables remain unchanged; \fI\s-1HOME\s0\fR, \fI\s-1MAIL\s0\fR, \fI\s-1SHELL\s0\fR, \fI\s-1USER\s0\fR, @@ -1012,7 +1012,7 @@ If set, the four-digit year will be logged in the (non-syslog) \fBsudo\fR log fi This flag is \fIoff\fR by default. .IP "long_otp_prompt" 16 .IX Item "long_otp_prompt" -When validating with a One Time Password (\s-1OPT\s0) scheme such as +When validating with a One Time Password (\s-1OTP\s0) scheme such as \&\fBS/Key\fR or \fB\s-1OPIE\s0\fR, a two-line prompt is used to make it easier to cut and paste the challenge to a local window. It's not as pretty as the default but some people find it more convenient. This @@ -1350,7 +1350,7 @@ The following percent (`\f(CW\*(C`%\*(C'\fR') escape sequences are supported: .el .IP "\f(CW%H\fR" 4 .IX Item "%H" expanded to the local host name including the domain name -(on if the machine's host name is fully qualified or the \fIfqdn\fR +(only if the machine's host name is fully qualified or the \fIfqdn\fR option is set) .ie n .IP "%h" 4 .el .IP "\f(CW%h\fR" 4 @@ -1439,6 +1439,7 @@ as \fIenv_keep\fR and \fIenv_check\fR. .IP "exempt_group" 12 .IX Item "exempt_group" Users in this group are exempt from password and \s-1PATH\s0 requirements. +The group name specified should not include a \f(CW\*(C`%\*(C'\fR prefix. This is not set by default. .IP "group_plugin" 12 .IX Item "group_plugin" @@ -1455,7 +1456,7 @@ For example, given \fI/etc/sudo\-group\fR, a group file in Unix group format, the sample group plugin can be used: .Sp .Vb 1 -\& Defaults sudo_plugin="sample_group.so /etc/sudo\-group" +\& Defaults group_plugin="sample_group.so /etc/sudo\-group" .Ve .Sp For more information see \fIsudo_plugin\fR\|(@mansectform@). diff --git a/doc/visudo.cat b/doc/visudo.cat index 2058f8c78..ad117f3cb 100644 --- a/doc/visudo.cat +++ b/doc/visudo.cat @@ -109,6 +109,12 @@ DDIIAAGGNNOOSSTTIICCSS used. You may wish to comment out or remove the unused alias. In --ss (strict) mode this is an error, not a warning. + Warning: cycle in {User,Runas,Host,Cmnd}_Alias + The specified {User,Runas,Host,Cmnd}_Alias includes a reference to + itself, either directly or through an alias it includes. This is + only a warning by default as ssuuddoo will ignore cycles when parsing + the _s_u_d_o_e_r_s file. + SSEEEE AALLSSOO _v_i(1), _s_u_d_o_e_r_s(4), _s_u_d_o(1m), _v_i_p_w(1m) @@ -143,4 +149,4 @@ DDIISSCCLLAAIIMMEERR -1.8.2 May 22, 2011 VISUDO(1m) +1.8.2 August 17, 2011 VISUDO(1m) diff --git a/doc/visudo.man.in b/doc/visudo.man.in index 986f272d2..a711ea7fc 100644 --- a/doc/visudo.man.in +++ b/doc/visudo.man.in @@ -144,7 +144,7 @@ .\" ======================================================================== .\" .IX Title "VISUDO @mansectsu@" -.TH VISUDO @mansectsu@ "May 22, 2011" "1.8.2" "MAINTENANCE COMMANDS" +.TH VISUDO @mansectsu@ "August 17, 2011" "1.8.2" "MAINTENANCE COMMANDS" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -271,6 +271,12 @@ complain). In \fB\-s\fR (strict) mode these are errors, not warnings. The specified {User,Runas,Host,Cmnd}_Alias was defined but never used. You may wish to comment out or remove the unused alias. In \&\fB\-s\fR (strict) mode this is an error, not a warning. +.IP "Warning: cycle in {User,Runas,Host,Cmnd}_Alias" 4 +.IX Item "Warning: cycle in {User,Runas,Host,Cmnd}_Alias" +The specified {User,Runas,Host,Cmnd}_Alias includes a reference to +itself, either directly or through an alias it includes. This is +only a warning by default as \fBsudo\fR will ignore cycles when parsing +the \fIsudoers\fR file. .SH "SEE ALSO" .IX Header "SEE ALSO" \&\fIvi\fR\|(1), \fIsudoers\fR\|(@mansectform@), \fIsudo\fR\|(@mansectsu@), \fIvipw\fR\|(@mansectsu@) -- cgit v1.2.1 From 612a5bafabe7ac5730f35869cfb03081a7cebbf4 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Wed, 17 Aug 2011 11:41:30 -0400 Subject: Regen pot files --- plugins/sudoers/po/sudoers.pot | 102 ++++++++++++++++++++--------------------- 1 file changed, 51 insertions(+), 51 deletions(-) diff --git a/plugins/sudoers/po/sudoers.pot b/plugins/sudoers/po/sudoers.pot index 68effd952..21f619659 100644 --- a/plugins/sudoers/po/sudoers.pot +++ b/plugins/sudoers/po/sudoers.pot @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: sudo 1.8.2\n" "Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n" -"POT-Creation-Date: 2011-08-05 13:34-0400\n" +"POT-Creation-Date: 2011-08-17 11:40-0400\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -70,7 +70,7 @@ msgid "sorry, a password is required to run %s" msgstr "" #: plugins/sudoers/check.c:225 plugins/sudoers/iolog.c:169 -#: plugins/sudoers/sudoers.c:970 plugins/sudoers/sudoreplay.c:325 +#: plugins/sudoers/sudoers.c:971 plugins/sudoers/sudoreplay.c:325 #: plugins/sudoers/sudoreplay.c:334 plugins/sudoers/sudoreplay.c:675 #: plugins/sudoers/sudoreplay.c:767 plugins/sudoers/visudo.c:700 #, c-format @@ -117,7 +117,7 @@ msgid "%s writable by non-owner (0%o), should be mode 0700" msgstr "" #: plugins/sudoers/check.c:470 plugins/sudoers/check.c:514 -#: plugins/sudoers/check.c:582 plugins/sudoers/sudoers.c:956 +#: plugins/sudoers/check.c:582 plugins/sudoers/sudoers.c:957 #: plugins/sudoers/visudo.c:284 plugins/sudoers/visudo.c:500 #, c-format msgid "unable to stat %s" @@ -153,10 +153,10 @@ msgstr "" msgid "unknown uid: %u" msgstr "" -#: plugins/sudoers/check.c:717 plugins/sudoers/sudoers.c:747 -#: plugins/sudoers/sudoers.c:813 plugins/sudoers/sudoers.c:814 -#: plugins/sudoers/sudoers.c:1087 plugins/sudoers/testsudoers.c:200 -#: plugins/sudoers/testsudoers.c:330 +#: plugins/sudoers/check.c:717 plugins/sudoers/sudoers.c:748 +#: plugins/sudoers/sudoers.c:814 plugins/sudoers/sudoers.c:815 +#: plugins/sudoers/sudoers.c:1088 plugins/sudoers/testsudoers.c:202 +#: plugins/sudoers/testsudoers.c:337 #, c-format msgid "unknown user: %s" msgstr "" @@ -586,7 +586,7 @@ msgstr "" #: plugins/sudoers/find_path.c:68 plugins/sudoers/find_path.c:107 #: plugins/sudoers/find_path.c:122 plugins/sudoers/iolog.c:124 -#: plugins/sudoers/sudoers.c:899 toke.l:663 toke.l:814 +#: plugins/sudoers/sudoers.c:903 toke.l:663 toke.l:814 #, c-format msgid "%s: %s" msgstr "" @@ -630,7 +630,7 @@ msgstr "" msgid "Local IP address and netmask pairs:\n" msgstr "" -#: plugins/sudoers/iolog.c:176 plugins/sudoers/sudoers.c:977 +#: plugins/sudoers/iolog.c:176 plugins/sudoers/sudoers.c:978 #, c-format msgid "unable to read %s" msgstr "" @@ -649,7 +649,7 @@ msgstr "" msgid "unable to create %s" msgstr "" -#: plugins/sudoers/iolog_path.c:245 plugins/sudoers/sudoers.c:356 +#: plugins/sudoers/iolog_path.c:245 plugins/sudoers/sudoers.c:357 #, c-format msgid "unable to set locale to \"%s\", using \"C\"" msgstr "" @@ -960,169 +960,169 @@ msgstr "" msgid "User %s is not allowed to run sudo on %s.\n" msgstr "" -#: plugins/sudoers/sudoers.c:198 plugins/sudoers/sudoers.c:233 -#: plugins/sudoers/sudoers.c:907 +#: plugins/sudoers/sudoers.c:199 plugins/sudoers/sudoers.c:234 +#: plugins/sudoers/sudoers.c:911 msgid "problem with defaults entries" msgstr "" -#: plugins/sudoers/sudoers.c:202 +#: plugins/sudoers/sudoers.c:203 #, c-format msgid "no valid sudoers sources found, quitting" msgstr "" -#: plugins/sudoers/sudoers.c:256 +#: plugins/sudoers/sudoers.c:257 #, c-format msgid "unable to execute %s: %s" msgstr "" -#: plugins/sudoers/sudoers.c:305 +#: plugins/sudoers/sudoers.c:306 #, c-format msgid "sudoers specifies that root is not allowed to sudo" msgstr "" -#: plugins/sudoers/sudoers.c:312 +#: plugins/sudoers/sudoers.c:313 #, c-format msgid "you are not permitted to use the -C option" msgstr "" -#: plugins/sudoers/sudoers.c:402 +#: plugins/sudoers/sudoers.c:403 #, c-format msgid "timestamp owner (%s): No such user" msgstr "" -#: plugins/sudoers/sudoers.c:418 +#: plugins/sudoers/sudoers.c:419 msgid "no tty" msgstr "" -#: plugins/sudoers/sudoers.c:419 +#: plugins/sudoers/sudoers.c:420 #, c-format msgid "sorry, you must have a tty to run sudo" msgstr "" -#: plugins/sudoers/sudoers.c:462 +#: plugins/sudoers/sudoers.c:463 msgid "No user or host" msgstr "" -#: plugins/sudoers/sudoers.c:476 plugins/sudoers/sudoers.c:497 -#: plugins/sudoers/sudoers.c:498 plugins/sudoers/sudoers.c:1452 -#: plugins/sudoers/sudoers.c:1453 +#: plugins/sudoers/sudoers.c:477 plugins/sudoers/sudoers.c:498 +#: plugins/sudoers/sudoers.c:499 plugins/sudoers/sudoers.c:1465 +#: plugins/sudoers/sudoers.c:1466 #, c-format msgid "%s: command not found" msgstr "" -#: plugins/sudoers/sudoers.c:478 plugins/sudoers/sudoers.c:494 +#: plugins/sudoers/sudoers.c:479 plugins/sudoers/sudoers.c:495 #, c-format msgid "" "ignoring `%s' found in '.'\n" "Use `sudo ./%s' if this is the `%s' you wish to run." msgstr "" -#: plugins/sudoers/sudoers.c:483 +#: plugins/sudoers/sudoers.c:484 msgid "validation failure" msgstr "" -#: plugins/sudoers/sudoers.c:493 +#: plugins/sudoers/sudoers.c:494 msgid "command in current directory" msgstr "" -#: plugins/sudoers/sudoers.c:505 +#: plugins/sudoers/sudoers.c:506 #, c-format msgid "sorry, you are not allowed to preserve the environment" msgstr "" -#: plugins/sudoers/sudoers.c:890 +#: plugins/sudoers/sudoers.c:894 #, c-format msgid "internal error, set_cmnd() overflow" msgstr "" -#: plugins/sudoers/sudoers.c:935 +#: plugins/sudoers/sudoers.c:936 #, c-format msgid "fixed mode on %s" msgstr "" -#: plugins/sudoers/sudoers.c:939 +#: plugins/sudoers/sudoers.c:940 #, c-format msgid "set group on %s" msgstr "" -#: plugins/sudoers/sudoers.c:942 +#: plugins/sudoers/sudoers.c:943 #, c-format msgid "unable to set group on %s" msgstr "" -#: plugins/sudoers/sudoers.c:945 +#: plugins/sudoers/sudoers.c:946 #, c-format msgid "unable to fix mode on %s" msgstr "" -#: plugins/sudoers/sudoers.c:958 +#: plugins/sudoers/sudoers.c:959 #, c-format msgid "%s is not a regular file" msgstr "" -#: plugins/sudoers/sudoers.c:960 +#: plugins/sudoers/sudoers.c:961 #, c-format msgid "%s is mode 0%o, should be 0%o" msgstr "" -#: plugins/sudoers/sudoers.c:964 +#: plugins/sudoers/sudoers.c:965 #, c-format msgid "%s is owned by uid %u, should be %u" msgstr "" -#: plugins/sudoers/sudoers.c:967 +#: plugins/sudoers/sudoers.c:968 #, c-format msgid "%s is owned by gid %u, should be %u" msgstr "" -#: plugins/sudoers/sudoers.c:1011 +#: plugins/sudoers/sudoers.c:1012 #, c-format msgid "only root can use `-c %s'" msgstr "" -#: plugins/sudoers/sudoers.c:1021 +#: plugins/sudoers/sudoers.c:1022 #, c-format msgid "unknown login class: %s" msgstr "" -#: plugins/sudoers/sudoers.c:1055 +#: plugins/sudoers/sudoers.c:1056 #, c-format msgid "unable to resolve host %s" msgstr "" -#: plugins/sudoers/sudoers.c:1105 plugins/sudoers/testsudoers.c:342 +#: plugins/sudoers/sudoers.c:1106 plugins/sudoers/testsudoers.c:351 #, c-format msgid "unknown group: %s" msgstr "" -#: plugins/sudoers/sudoers.c:1137 +#: plugins/sudoers/sudoers.c:1150 #, c-format msgid "Sudoers policy plugin version %s\n" msgstr "" -#: plugins/sudoers/sudoers.c:1139 +#: plugins/sudoers/sudoers.c:1152 #, c-format msgid "Sudoers file grammar version %d\n" msgstr "" -#: plugins/sudoers/sudoers.c:1143 +#: plugins/sudoers/sudoers.c:1156 #, c-format msgid "" "\n" "Sudoers path: %s\n" msgstr "" -#: plugins/sudoers/sudoers.c:1146 +#: plugins/sudoers/sudoers.c:1159 #, c-format msgid "nsswitch path: %s\n" msgstr "" -#: plugins/sudoers/sudoers.c:1148 +#: plugins/sudoers/sudoers.c:1161 #, c-format msgid "ldap.conf path: %s\n" msgstr "" -#: plugins/sudoers/sudoers.c:1149 +#: plugins/sudoers/sudoers.c:1162 #, c-format msgid "ldap.secret path: %s\n" msgstr "" @@ -1272,28 +1272,28 @@ msgid "" " -V display version information and exit" msgstr "" -#: plugins/sudoers/testsudoers.c:228 +#: plugins/sudoers/testsudoers.c:230 #, c-format msgid "internal error, init_vars() overflow" msgstr "" -#: plugins/sudoers/testsudoers.c:304 +#: plugins/sudoers/testsudoers.c:309 msgid "\thost unmatched" msgstr "" -#: plugins/sudoers/testsudoers.c:307 +#: plugins/sudoers/testsudoers.c:312 msgid "" "\n" "Command allowed" msgstr "" -#: plugins/sudoers/testsudoers.c:308 +#: plugins/sudoers/testsudoers.c:313 msgid "" "\n" "Command denied" msgstr "" -#: plugins/sudoers/testsudoers.c:308 +#: plugins/sudoers/testsudoers.c:313 msgid "" "\n" "Command unmatched" -- cgit v1.2.1 From 957b72579fa2b30e9f1f0b248c5f5a974134f036 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Fri, 16 Sep 2011 09:31:09 -0400 Subject: Update for version 1.8.3 --- NEWS | 25 +++++++++++++++++++++++++ configure | 18 +++++++++--------- configure.in | 2 +- doc/sudo.cat | 2 +- doc/sudo.man.in | 2 +- doc/sudo_plugin.cat | 2 +- doc/sudo_plugin.man.in | 2 +- doc/sudoers.cat | 2 +- doc/sudoers.ldap.cat | 2 +- doc/sudoers.ldap.man.in | 2 +- doc/sudoers.man.in | 2 +- doc/sudoreplay.cat | 2 +- doc/sudoreplay.man.in | 2 +- doc/visudo.cat | 2 +- doc/visudo.man.in | 2 +- 15 files changed, 47 insertions(+), 22 deletions(-) diff --git a/NEWS b/NEWS index abcbcc9ea..8d3270031 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,28 @@ +What's new in Sudo 1.8.3? + + * Fixed expansion of strftime() escape sequences in the "log_dir" + sudoers setting. + + * Added new Esperanto translation from translationproject.org. + + * Sudo will now use PAM by default on AIX 6 and higher. + + * Added --enable-werror configure option for gcc's -Werror flag. + + * Visudo no longer assumes all editors support the +linenumber + command line argument. It now uses a whitelist of editors known + to support the option. + + * Fixed matching of network addresses when a netmask is specified + but the address is not the first one in the CIDR block. + + * The configure script now check whether or not errno.h declares + the errno variable. Previously, sudo would always declare errno + itself for older systems that don't declare it in errno.h. + + * The NOPASSWD tag is now honored for denied commands too, which + matches historic sudo behavior (prior to sudo 1.7.0). + What's new in Sudo 1.8.2? * Sudo, visudo, sudoreplay and the sudoers plug-in now have natural diff --git a/configure b/configure index 9dc4dc4a5..e8e04af12 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.68 for sudo 1.8.2. +# Generated by GNU Autoconf 2.68 for sudo 1.8.3. # # Report bugs to . # @@ -570,8 +570,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='sudo' PACKAGE_TARNAME='sudo' -PACKAGE_VERSION='1.8.2' -PACKAGE_STRING='sudo 1.8.2' +PACKAGE_VERSION='1.8.3' +PACKAGE_STRING='sudo 1.8.3' PACKAGE_BUGREPORT='http://www.sudo.ws/bugs/' PACKAGE_URL='' @@ -1445,7 +1445,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures sudo 1.8.2 to adapt to many kinds of systems. +\`configure' configures sudo 1.8.3 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1510,7 +1510,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of sudo 1.8.2:";; + short | recursive ) echo "Configuration of sudo 1.8.3:";; esac cat <<\_ACEOF @@ -1726,7 +1726,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -sudo configure 1.8.2 +sudo configure 1.8.3 generated by GNU Autoconf 2.68 Copyright (C) 2010 Free Software Foundation, Inc. @@ -2430,7 +2430,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by sudo $as_me 1.8.2, which was +It was created by sudo $as_me 1.8.3, which was generated by GNU Autoconf 2.68. Invocation command line was $ $0 $@ @@ -20573,7 +20573,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by sudo $as_me 1.8.2, which was +This file was extended by sudo $as_me 1.8.3, which was generated by GNU Autoconf 2.68. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -20639,7 +20639,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -sudo config.status 1.8.2 +sudo config.status 1.8.3 configured by $0, generated by GNU Autoconf 2.68, with options \\"\$ac_cs_config\\" diff --git a/configure.in b/configure.in index b8d7da154..370e15510 100644 --- a/configure.in +++ b/configure.in @@ -3,7 +3,7 @@ dnl Process this file with GNU autoconf to produce a configure script. dnl dnl Copyright (c) 1994-1996,1998-2011 Todd C. Miller dnl -AC_INIT([sudo], [1.8.2], [http://www.sudo.ws/bugs/], [sudo]) +AC_INIT([sudo], [1.8.3], [http://www.sudo.ws/bugs/], [sudo]) AC_CONFIG_HEADER([config.h pathnames.h]) dnl dnl Note: this must come after AC_INIT diff --git a/doc/sudo.cat b/doc/sudo.cat index 30a6aca98..ed8a69e8c 100644 --- a/doc/sudo.cat +++ b/doc/sudo.cat @@ -547,4 +547,4 @@ DDIISSCCLLAAIIMMEERR -1.8.2 August 17, 2011 SUDO(1m) +1.8.3 September 16, 2011 SUDO(1m) diff --git a/doc/sudo.man.in b/doc/sudo.man.in index 435e305ca..c36d63b64 100644 --- a/doc/sudo.man.in +++ b/doc/sudo.man.in @@ -149,7 +149,7 @@ .\" ======================================================================== .\" .IX Title "SUDO @mansectsu@" -.TH SUDO @mansectsu@ "August 17, 2011" "1.8.2" "MAINTENANCE COMMANDS" +.TH SUDO @mansectsu@ "September 16, 2011" "1.8.3" "MAINTENANCE COMMANDS" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff --git a/doc/sudo_plugin.cat b/doc/sudo_plugin.cat index 263809228..20cba64b6 100644 --- a/doc/sudo_plugin.cat +++ b/doc/sudo_plugin.cat @@ -1030,4 +1030,4 @@ DDIISSCCLLAAIIMMEERR -1.8.2 May 22, 2011 SUDO_PLUGIN(1m) +1.8.3 September 16, 2011 SUDO_PLUGIN(1m) diff --git a/doc/sudo_plugin.man.in b/doc/sudo_plugin.man.in index 2fe44c61b..7a161abdc 100644 --- a/doc/sudo_plugin.man.in +++ b/doc/sudo_plugin.man.in @@ -139,7 +139,7 @@ .\" ======================================================================== .\" .IX Title "SUDO_PLUGIN @mansectsu@" -.TH SUDO_PLUGIN @mansectsu@ "May 22, 2011" "1.8.2" "MAINTENANCE COMMANDS" +.TH SUDO_PLUGIN @mansectsu@ "September 16, 2011" "1.8.3" "MAINTENANCE COMMANDS" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff --git a/doc/sudoers.cat b/doc/sudoers.cat index 8026596a6..4ec196d82 100644 --- a/doc/sudoers.cat +++ b/doc/sudoers.cat @@ -1682,4 +1682,4 @@ DDIISSCCLLAAIIMMEERR -1.8.2 August 17, 2011 SUDOERS(4) +1.8.3 September 16, 2011 SUDOERS(4) diff --git a/doc/sudoers.ldap.cat b/doc/sudoers.ldap.cat index 89e122a08..f43cf9d98 100644 --- a/doc/sudoers.ldap.cat +++ b/doc/sudoers.ldap.cat @@ -742,4 +742,4 @@ DDIISSCCLLAAIIMMEERR -1.8.2 August 17, 2011 SUDOERS.LDAP(4) +1.8.3 September 16, 2011 SUDOERS.LDAP(4) diff --git a/doc/sudoers.ldap.man.in b/doc/sudoers.ldap.man.in index 215713dbd..5518c1834 100644 --- a/doc/sudoers.ldap.man.in +++ b/doc/sudoers.ldap.man.in @@ -140,7 +140,7 @@ .\" ======================================================================== .\" .IX Title "SUDOERS.LDAP @mansectform@" -.TH SUDOERS.LDAP @mansectform@ "August 17, 2011" "1.8.2" "MAINTENANCE COMMANDS" +.TH SUDOERS.LDAP @mansectform@ "September 16, 2011" "1.8.3" "MAINTENANCE COMMANDS" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff --git a/doc/sudoers.man.in b/doc/sudoers.man.in index faea227c6..c44d18c19 100644 --- a/doc/sudoers.man.in +++ b/doc/sudoers.man.in @@ -148,7 +148,7 @@ .\" ======================================================================== .\" .IX Title "SUDOERS @mansectform@" -.TH SUDOERS @mansectform@ "August 17, 2011" "1.8.2" "MAINTENANCE COMMANDS" +.TH SUDOERS @mansectform@ "September 16, 2011" "1.8.3" "MAINTENANCE COMMANDS" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff --git a/doc/sudoreplay.cat b/doc/sudoreplay.cat index f04f5fa80..f8751eb0e 100644 --- a/doc/sudoreplay.cat +++ b/doc/sudoreplay.cat @@ -260,4 +260,4 @@ DDIISSCCLLAAIIMMEERR -1.8.2 May 22, 2011 SUDOREPLAY(1m) +1.8.3 September 16, 2011 SUDOREPLAY(1m) diff --git a/doc/sudoreplay.man.in b/doc/sudoreplay.man.in index f821d7630..fcce5ef1b 100644 --- a/doc/sudoreplay.man.in +++ b/doc/sudoreplay.man.in @@ -139,7 +139,7 @@ .\" ======================================================================== .\" .IX Title "SUDOREPLAY @mansectsu@" -.TH SUDOREPLAY @mansectsu@ "May 22, 2011" "1.8.2" "MAINTENANCE COMMANDS" +.TH SUDOREPLAY @mansectsu@ "September 16, 2011" "1.8.3" "MAINTENANCE COMMANDS" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff --git a/doc/visudo.cat b/doc/visudo.cat index ad117f3cb..e66435ded 100644 --- a/doc/visudo.cat +++ b/doc/visudo.cat @@ -149,4 +149,4 @@ DDIISSCCLLAAIIMMEERR -1.8.2 August 17, 2011 VISUDO(1m) +1.8.3 September 16, 2011 VISUDO(1m) diff --git a/doc/visudo.man.in b/doc/visudo.man.in index a711ea7fc..0aaa96cf1 100644 --- a/doc/visudo.man.in +++ b/doc/visudo.man.in @@ -144,7 +144,7 @@ .\" ======================================================================== .\" .IX Title "VISUDO @mansectsu@" -.TH VISUDO @mansectsu@ "August 17, 2011" "1.8.2" "MAINTENANCE COMMANDS" +.TH VISUDO @mansectsu@ "September 16, 2011" "1.8.3" "MAINTENANCE COMMANDS" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l -- cgit v1.2.1 From 9a023da5453f3716dde437c9a25fa4c1bb50f2f0 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Fri, 16 Sep 2011 09:37:17 -0400 Subject: regen pot files for 1.8.3 --- plugins/sudoers/po/sudoers.pot | 118 ++++++++++++++++++++--------------------- src/po/sudo.pot | 38 ++++++------- 2 files changed, 78 insertions(+), 78 deletions(-) diff --git a/plugins/sudoers/po/sudoers.pot b/plugins/sudoers/po/sudoers.pot index 113ee39c6..32b9e75e5 100644 --- a/plugins/sudoers/po/sudoers.pot +++ b/plugins/sudoers/po/sudoers.pot @@ -5,9 +5,9 @@ #, fuzzy msgid "" msgstr "" -"Project-Id-Version: sudo 1.8.2\n" +"Project-Id-Version: sudo 1.8.3rc1\n" "Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n" -"POT-Creation-Date: 2011-08-17 11:39-0400\n" +"POT-Creation-Date: 2011-09-16 09:36-0400\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -72,7 +72,7 @@ msgstr "" #: plugins/sudoers/check.c:225 plugins/sudoers/iolog.c:169 #: plugins/sudoers/sudoers.c:971 plugins/sudoers/sudoreplay.c:325 #: plugins/sudoers/sudoreplay.c:334 plugins/sudoers/sudoreplay.c:675 -#: plugins/sudoers/sudoreplay.c:767 plugins/sudoers/visudo.c:700 +#: plugins/sudoers/sudoreplay.c:767 plugins/sudoers/visudo.c:744 #, c-format msgid "unable to open %s" msgstr "" @@ -118,7 +118,7 @@ msgstr "" #: plugins/sudoers/check.c:470 plugins/sudoers/check.c:514 #: plugins/sudoers/check.c:582 plugins/sudoers/sudoers.c:957 -#: plugins/sudoers/visudo.c:284 plugins/sudoers/visudo.c:500 +#: plugins/sudoers/visudo.c:304 plugins/sudoers/visudo.c:544 #, c-format msgid "unable to stat %s" msgstr "" @@ -649,7 +649,7 @@ msgstr "" msgid "unable to create %s" msgstr "" -#: plugins/sudoers/iolog_path.c:245 plugins/sudoers/sudoers.c:357 +#: plugins/sudoers/iolog_path.c:247 plugins/sudoers/sudoers.c:357 #, c-format msgid "unable to set locale to \"%s\", using \"C\"" msgstr "" @@ -847,24 +847,24 @@ msgstr "" msgid "parse error in %s near line %d" msgstr "" -#: plugins/sudoers/parse.c:369 +#: plugins/sudoers/parse.c:371 #, c-format msgid "" "\n" "Sudoers entry:\n" msgstr "" -#: plugins/sudoers/parse.c:371 +#: plugins/sudoers/parse.c:373 #, c-format msgid " RunAsUsers: " msgstr "" -#: plugins/sudoers/parse.c:386 +#: plugins/sudoers/parse.c:388 #, c-format msgid " RunAsGroups: " msgstr "" -#: plugins/sudoers/parse.c:395 +#: plugins/sudoers/parse.c:397 #, c-format msgid "" " Commands:\n" @@ -905,38 +905,38 @@ msgstr "" msgid "unable to cache group %s, already exists" msgstr "" -#: plugins/sudoers/set_perms.c:109 plugins/sudoers/set_perms.c:355 -#: plugins/sudoers/set_perms.c:587 plugins/sudoers/set_perms.c:821 +#: plugins/sudoers/set_perms.c:109 plugins/sudoers/set_perms.c:358 +#: plugins/sudoers/set_perms.c:590 plugins/sudoers/set_perms.c:824 msgid "perm stack overflow" msgstr "" -#: plugins/sudoers/set_perms.c:117 plugins/sudoers/set_perms.c:363 -#: plugins/sudoers/set_perms.c:595 plugins/sudoers/set_perms.c:829 +#: plugins/sudoers/set_perms.c:117 plugins/sudoers/set_perms.c:366 +#: plugins/sudoers/set_perms.c:598 plugins/sudoers/set_perms.c:832 msgid "perm stack underflow" msgstr "" -#: plugins/sudoers/set_perms.c:223 plugins/sudoers/set_perms.c:455 -#: plugins/sudoers/set_perms.c:692 +#: plugins/sudoers/set_perms.c:223 plugins/sudoers/set_perms.c:458 +#: plugins/sudoers/set_perms.c:695 msgid "unable to change to runas gid" msgstr "" -#: plugins/sudoers/set_perms.c:231 plugins/sudoers/set_perms.c:462 -#: plugins/sudoers/set_perms.c:699 +#: plugins/sudoers/set_perms.c:231 plugins/sudoers/set_perms.c:465 +#: plugins/sudoers/set_perms.c:702 msgid "unable to change to runas uid" msgstr "" -#: plugins/sudoers/set_perms.c:245 plugins/sudoers/set_perms.c:475 -#: plugins/sudoers/set_perms.c:712 +#: plugins/sudoers/set_perms.c:245 plugins/sudoers/set_perms.c:478 +#: plugins/sudoers/set_perms.c:715 #, c-format msgid "unable to change to sudoers gid" msgstr "" -#: plugins/sudoers/set_perms.c:286 plugins/sudoers/set_perms.c:513 -#: plugins/sudoers/set_perms.c:750 plugins/sudoers/set_perms.c:890 +#: plugins/sudoers/set_perms.c:286 plugins/sudoers/set_perms.c:516 +#: plugins/sudoers/set_perms.c:753 plugins/sudoers/set_perms.c:893 msgid "too many processes" msgstr "" -#: plugins/sudoers/set_perms.c:952 +#: plugins/sudoers/set_perms.c:955 msgid "unable to set runas group vector" msgstr "" @@ -1322,81 +1322,81 @@ msgstr "" msgid "you do not exist in the %s database" msgstr "" -#: plugins/sudoers/visudo.c:238 plugins/sudoers/visudo.c:470 +#: plugins/sudoers/visudo.c:238 plugins/sudoers/visudo.c:518 #, c-format msgid "press return to edit %s: " msgstr "" -#: plugins/sudoers/visudo.c:300 plugins/sudoers/visudo.c:306 +#: plugins/sudoers/visudo.c:320 plugins/sudoers/visudo.c:326 #, c-format msgid "write error" msgstr "" -#: plugins/sudoers/visudo.c:360 +#: plugins/sudoers/visudo.c:408 #, c-format msgid "unable to stat temporary file (%s), %s unchanged" msgstr "" -#: plugins/sudoers/visudo.c:365 +#: plugins/sudoers/visudo.c:413 #, c-format msgid "zero length temporary file (%s), %s unchanged" msgstr "" -#: plugins/sudoers/visudo.c:371 +#: plugins/sudoers/visudo.c:419 #, c-format msgid "editor (%s) failed, %s unchanged" msgstr "" -#: plugins/sudoers/visudo.c:394 +#: plugins/sudoers/visudo.c:442 #, c-format msgid "%s unchanged" msgstr "" -#: plugins/sudoers/visudo.c:418 +#: plugins/sudoers/visudo.c:466 #, c-format msgid "unable to re-open temporary file (%s), %s unchanged." msgstr "" -#: plugins/sudoers/visudo.c:428 +#: plugins/sudoers/visudo.c:476 #, c-format msgid "unabled to parse temporary file (%s), unknown error" msgstr "" -#: plugins/sudoers/visudo.c:463 +#: plugins/sudoers/visudo.c:511 #, c-format msgid "internal error, unable to find %s in list!" msgstr "" -#: plugins/sudoers/visudo.c:502 plugins/sudoers/visudo.c:511 +#: plugins/sudoers/visudo.c:546 plugins/sudoers/visudo.c:555 #, c-format -msgid "unable to set (uid, gid) of %s to (%d, %d)" +msgid "unable to set (uid, gid) of %s to (%u, %u)" msgstr "" -#: plugins/sudoers/visudo.c:506 plugins/sudoers/visudo.c:516 +#: plugins/sudoers/visudo.c:550 plugins/sudoers/visudo.c:560 #, c-format msgid "unable to change mode of %s to 0%o" msgstr "" -#: plugins/sudoers/visudo.c:533 +#: plugins/sudoers/visudo.c:577 #, c-format msgid "%s and %s not on the same file system, using mv to rename" msgstr "" -#: plugins/sudoers/visudo.c:547 +#: plugins/sudoers/visudo.c:591 #, c-format msgid "command failed: '%s %s %s', %s unchanged" msgstr "" -#: plugins/sudoers/visudo.c:557 +#: plugins/sudoers/visudo.c:601 #, c-format msgid "error renaming %s, %s unchanged" msgstr "" -#: plugins/sudoers/visudo.c:617 +#: plugins/sudoers/visudo.c:661 msgid "What now? " msgstr "" -#: plugins/sudoers/visudo.c:631 +#: plugins/sudoers/visudo.c:675 msgid "" "Options are:\n" " (e)dit sudoers file again\n" @@ -1404,99 +1404,99 @@ msgid "" " (Q)uit and save changes to sudoers file (DANGER!)\n" msgstr "" -#: plugins/sudoers/visudo.c:668 +#: plugins/sudoers/visudo.c:712 #, c-format msgid "unable to execute %s" msgstr "" -#: plugins/sudoers/visudo.c:675 +#: plugins/sudoers/visudo.c:719 #, c-format msgid "unable to run %s" msgstr "" -#: plugins/sudoers/visudo.c:706 +#: plugins/sudoers/visudo.c:750 #, c-format msgid "failed to parse %s file, unknown error" msgstr "" -#: plugins/sudoers/visudo.c:718 +#: plugins/sudoers/visudo.c:762 #, c-format msgid "parse error in %s near line %d\n" msgstr "" -#: plugins/sudoers/visudo.c:721 +#: plugins/sudoers/visudo.c:765 #, c-format msgid "parse error in %s\n" msgstr "" -#: plugins/sudoers/visudo.c:723 +#: plugins/sudoers/visudo.c:767 #, c-format msgid "%s: parsed OK\n" msgstr "" -#: plugins/sudoers/visudo.c:737 +#: plugins/sudoers/visudo.c:776 #, c-format -msgid "%s: wrong owner (uid, gid) should be (%d, %d)\n" +msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n" msgstr "" -#: plugins/sudoers/visudo.c:744 +#: plugins/sudoers/visudo.c:783 #, c-format msgid "%s: bad permissions, should be mode 0%o\n" msgstr "" -#: plugins/sudoers/visudo.c:783 +#: plugins/sudoers/visudo.c:822 #, c-format msgid "%s busy, try again later" msgstr "" -#: plugins/sudoers/visudo.c:826 +#: plugins/sudoers/visudo.c:865 #, c-format msgid "specified editor (%s) doesn't exist" msgstr "" -#: plugins/sudoers/visudo.c:849 +#: plugins/sudoers/visudo.c:888 #, c-format msgid "unable to stat editor (%s)" msgstr "" -#: plugins/sudoers/visudo.c:897 +#: plugins/sudoers/visudo.c:936 #, c-format msgid "no editor found (editor path = %s)" msgstr "" -#: plugins/sudoers/visudo.c:986 +#: plugins/sudoers/visudo.c:1025 #, c-format msgid "Error: cycle in %s_Alias `%s'" msgstr "" -#: plugins/sudoers/visudo.c:987 +#: plugins/sudoers/visudo.c:1026 #, c-format msgid "Warning: cycle in %s_Alias `%s'" msgstr "" -#: plugins/sudoers/visudo.c:990 +#: plugins/sudoers/visudo.c:1029 #, c-format msgid "Error: %s_Alias `%s' referenced but not defined" msgstr "" -#: plugins/sudoers/visudo.c:991 +#: plugins/sudoers/visudo.c:1030 #, c-format msgid "Warning: %s_Alias `%s' referenced but not defined" msgstr "" -#: plugins/sudoers/visudo.c:1128 +#: plugins/sudoers/visudo.c:1167 #, c-format msgid "%s: unused %s_Alias %s" msgstr "" -#: plugins/sudoers/visudo.c:1185 +#: plugins/sudoers/visudo.c:1224 #, c-format msgid "" "%s - safely edit the sudoers file\n" "\n" msgstr "" -#: plugins/sudoers/visudo.c:1187 +#: plugins/sudoers/visudo.c:1226 msgid "" "\n" "Options:\n" diff --git a/src/po/sudo.pot b/src/po/sudo.pot index 079b6cef4..2b9bd3780 100644 --- a/src/po/sudo.pot +++ b/src/po/sudo.pot @@ -5,9 +5,9 @@ #, fuzzy msgid "" msgstr "" -"Project-Id-Version: sudo 1.8.2\n" +"Project-Id-Version: sudo 1.8.3rc1\n" "Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n" -"POT-Creation-Date: 2011-08-17 11:39-0400\n" +"POT-Creation-Date: 2011-09-16 09:36-0400\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -550,52 +550,52 @@ msgstr "" msgid "unable to set effective gid to runas gid %u" msgstr "" -#: src/sudo.c:964 +#: src/sudo.c:965 #, c-format msgid "unable to set gid to runas gid %u" msgstr "" -#: src/sudo.c:971 +#: src/sudo.c:973 #, c-format msgid "unable to set supplementary group IDs" msgstr "" -#: src/sudo.c:979 +#: src/sudo.c:981 #, c-format msgid "unable to set process priority" msgstr "" -#: src/sudo.c:987 +#: src/sudo.c:989 #, c-format msgid "unable to change root to %s" msgstr "" -#: src/sudo.c:997 src/sudo.c:1003 src/sudo.c:1009 +#: src/sudo.c:999 src/sudo.c:1005 src/sudo.c:1011 #, c-format msgid "unable to change to runas uid (%u, %u)" msgstr "" -#: src/sudo.c:1023 +#: src/sudo.c:1025 #, c-format msgid "unable to change directory to %s" msgstr "" -#: src/sudo.c:1090 +#: src/sudo.c:1092 #, c-format msgid "unexpected child termination condition: %d" msgstr "" -#: src/sudo.c:1130 +#: src/sudo.c:1132 #, c-format msgid "policy plugin %s does not support listing privileges" msgstr "" -#: src/sudo.c:1141 +#: src/sudo.c:1143 #, c-format msgid "policy plugin %s does not support the -v option" msgstr "" -#: src/sudo.c:1152 +#: src/sudo.c:1154 #, c-format msgid "policy plugin %s does not support the -k/-K options" msgstr "" @@ -610,37 +610,37 @@ msgstr "" msgid "plugin error: missing file list for sudoedit" msgstr "" -#: src/sudo_edit.c:172 src/sudo_edit.c:280 +#: src/sudo_edit.c:168 src/sudo_edit.c:268 #, c-format msgid "%s: not a regular file" msgstr "" -#: src/sudo_edit.c:206 src/sudo_edit.c:316 +#: src/sudo_edit.c:202 src/sudo_edit.c:304 #, c-format msgid "%s: short write" msgstr "" -#: src/sudo_edit.c:281 +#: src/sudo_edit.c:269 #, c-format msgid "%s left unmodified" msgstr "" -#: src/sudo_edit.c:294 +#: src/sudo_edit.c:282 #, c-format msgid "%s unchanged" msgstr "" -#: src/sudo_edit.c:306 src/sudo_edit.c:327 +#: src/sudo_edit.c:294 src/sudo_edit.c:315 #, c-format msgid "unable to write to %s" msgstr "" -#: src/sudo_edit.c:307 src/sudo_edit.c:325 src/sudo_edit.c:328 +#: src/sudo_edit.c:295 src/sudo_edit.c:313 src/sudo_edit.c:316 #, c-format msgid "contents of edit session left in %s" msgstr "" -#: src/sudo_edit.c:324 +#: src/sudo_edit.c:312 #, c-format msgid "unable to read temporary file" msgstr "" -- cgit v1.2.1 From 715c9723cbd31a868a40bc89e52f8340b7b384a3 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Fri, 16 Sep 2011 13:39:07 -0400 Subject: regen pot files --- configure.in | 2 +- plugins/sudoers/po/sudoers.pot | 46 ++++++++++++++---------------------------- src/po/sudo.pot | 4 ++-- 3 files changed, 18 insertions(+), 34 deletions(-) diff --git a/configure.in b/configure.in index b06e9def5..97b6d969c 100644 --- a/configure.in +++ b/configure.in @@ -3,7 +3,7 @@ dnl Process this file with GNU autoconf to produce a configure script. dnl dnl Copyright (c) 1994-1996,1998-2011 Todd C. Miller dnl -AC_INIT([sudo], [1.8.3], [http://www.sudo.ws/bugs/], [sudo]) +AC_INIT([sudo], [1.8.3rc1], [http://www.sudo.ws/bugs/], [sudo]) AC_CONFIG_HEADER([config.h pathnames.h]) dnl dnl Note: this must come after AC_INIT diff --git a/plugins/sudoers/po/sudoers.pot b/plugins/sudoers/po/sudoers.pot index 32b9e75e5..ca0b29f95 100644 --- a/plugins/sudoers/po/sudoers.pot +++ b/plugins/sudoers/po/sudoers.pot @@ -5,9 +5,9 @@ #, fuzzy msgid "" msgstr "" -"Project-Id-Version: sudo 1.8.3rc1\n" +"Project-Id-Version: sudo 1.8.3\n" "Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n" -"POT-Creation-Date: 2011-09-16 09:36-0400\n" +"POT-Creation-Date: 2011-09-16 13:37-0400\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -519,51 +519,35 @@ msgstr "" msgid "Set the user in utmp to the runas user, not the invoking user" msgstr "" -#: plugins/sudoers/defaults.c:197 -msgid "" -"Available options in a sudoers ``Defaults'' line:\n" -"\n" -msgstr "" - -#: plugins/sudoers/defaults.c:204 plugins/sudoers/defaults.c:215 -#, c-format -msgid "%s: %s\n" -msgstr "" - -#: plugins/sudoers/defaults.c:211 -#, c-format -msgid "%s: %.*s\n" -msgstr "" - -#: plugins/sudoers/defaults.c:241 +#: plugins/sudoers/defaults.c:205 #, c-format msgid "unknown defaults entry `%s'" msgstr "" -#: plugins/sudoers/defaults.c:249 plugins/sudoers/defaults.c:259 -#: plugins/sudoers/defaults.c:279 plugins/sudoers/defaults.c:292 -#: plugins/sudoers/defaults.c:305 plugins/sudoers/defaults.c:318 -#: plugins/sudoers/defaults.c:331 plugins/sudoers/defaults.c:351 -#: plugins/sudoers/defaults.c:361 +#: plugins/sudoers/defaults.c:213 plugins/sudoers/defaults.c:223 +#: plugins/sudoers/defaults.c:243 plugins/sudoers/defaults.c:256 +#: plugins/sudoers/defaults.c:269 plugins/sudoers/defaults.c:282 +#: plugins/sudoers/defaults.c:295 plugins/sudoers/defaults.c:315 +#: plugins/sudoers/defaults.c:325 #, c-format msgid "value `%s' is invalid for option `%s'" msgstr "" -#: plugins/sudoers/defaults.c:252 plugins/sudoers/defaults.c:262 -#: plugins/sudoers/defaults.c:270 plugins/sudoers/defaults.c:287 -#: plugins/sudoers/defaults.c:300 plugins/sudoers/defaults.c:313 -#: plugins/sudoers/defaults.c:326 plugins/sudoers/defaults.c:346 -#: plugins/sudoers/defaults.c:357 +#: plugins/sudoers/defaults.c:216 plugins/sudoers/defaults.c:226 +#: plugins/sudoers/defaults.c:234 plugins/sudoers/defaults.c:251 +#: plugins/sudoers/defaults.c:264 plugins/sudoers/defaults.c:277 +#: plugins/sudoers/defaults.c:290 plugins/sudoers/defaults.c:310 +#: plugins/sudoers/defaults.c:321 #, c-format msgid "no value specified for `%s'" msgstr "" -#: plugins/sudoers/defaults.c:275 +#: plugins/sudoers/defaults.c:239 #, c-format msgid "values for `%s' must start with a '/'" msgstr "" -#: plugins/sudoers/defaults.c:337 +#: plugins/sudoers/defaults.c:301 #, c-format msgid "option `%s' does not take a value" msgstr "" diff --git a/src/po/sudo.pot b/src/po/sudo.pot index 2b9bd3780..0861cbaba 100644 --- a/src/po/sudo.pot +++ b/src/po/sudo.pot @@ -5,9 +5,9 @@ #, fuzzy msgid "" msgstr "" -"Project-Id-Version: sudo 1.8.3rc1\n" +"Project-Id-Version: sudo 1.8.3\n" "Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n" -"POT-Creation-Date: 2011-09-16 09:36-0400\n" +"POT-Creation-Date: 2011-09-16 13:37-0400\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" -- cgit v1.2.1 From 2c0b9b0bd1b5b55501e2a9ed1f0111330c6976b0 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Fri, 16 Sep 2011 16:53:05 -0400 Subject: sync pot files --- plugins/sudoers/po/sudoers.pot | 40 ++++++++++++++++++++-------------------- 1 file changed, 20 insertions(+), 20 deletions(-) diff --git a/plugins/sudoers/po/sudoers.pot b/plugins/sudoers/po/sudoers.pot index ca0b29f95..39390ef96 100644 --- a/plugins/sudoers/po/sudoers.pot +++ b/plugins/sudoers/po/sudoers.pot @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: sudo 1.8.3\n" "Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n" -"POT-Creation-Date: 2011-09-16 13:37-0400\n" +"POT-Creation-Date: 2011-09-16 16:52-0400\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -638,103 +638,103 @@ msgstr "" msgid "unable to set locale to \"%s\", using \"C\"" msgstr "" -#: plugins/sudoers/ldap.c:363 +#: plugins/sudoers/ldap.c:368 #, c-format msgid "sudo_ldap_conf_add_ports: port too large" msgstr "" -#: plugins/sudoers/ldap.c:386 +#: plugins/sudoers/ldap.c:391 #, c-format msgid "sudo_ldap_conf_add_ports: out of space expanding hostbuf" msgstr "" -#: plugins/sudoers/ldap.c:415 +#: plugins/sudoers/ldap.c:420 #, c-format msgid "unsupported LDAP uri type: %s" msgstr "" -#: plugins/sudoers/ldap.c:444 +#: plugins/sudoers/ldap.c:449 #, c-format msgid "invalid uri: %s" msgstr "" -#: plugins/sudoers/ldap.c:450 +#: plugins/sudoers/ldap.c:455 #, c-format msgid "unable to mix ldap and ldaps URIs" msgstr "" -#: plugins/sudoers/ldap.c:454 +#: plugins/sudoers/ldap.c:459 #, c-format msgid "unable to mix ldaps and starttls" msgstr "" -#: plugins/sudoers/ldap.c:473 +#: plugins/sudoers/ldap.c:478 #, c-format msgid "sudo_ldap_parse_uri: out of space building hostbuf" msgstr "" -#: plugins/sudoers/ldap.c:536 +#: plugins/sudoers/ldap.c:541 #, c-format msgid "unable to initialize SSL cert and key db: %s" msgstr "" -#: plugins/sudoers/ldap.c:932 +#: plugins/sudoers/ldap.c:937 #, c-format msgid "unable to get GMT time" msgstr "" -#: plugins/sudoers/ldap.c:938 +#: plugins/sudoers/ldap.c:943 #, c-format msgid "unable to format timestamp" msgstr "" -#: plugins/sudoers/ldap.c:946 +#: plugins/sudoers/ldap.c:951 #, c-format msgid "unable to build time filter" msgstr "" -#: plugins/sudoers/ldap.c:1047 +#: plugins/sudoers/ldap.c:1052 #, c-format msgid "sudo_ldap_build_pass1 allocation mismatch" msgstr "" -#: plugins/sudoers/ldap.c:1542 +#: plugins/sudoers/ldap.c:1562 #, c-format msgid "" "\n" "LDAP Role: %s\n" msgstr "" -#: plugins/sudoers/ldap.c:1544 +#: plugins/sudoers/ldap.c:1564 #, c-format msgid "" "\n" "LDAP Role: UNKNOWN\n" msgstr "" -#: plugins/sudoers/ldap.c:1591 +#: plugins/sudoers/ldap.c:1611 #, c-format msgid " Order: %s\n" msgstr "" -#: plugins/sudoers/ldap.c:1599 +#: plugins/sudoers/ldap.c:1619 #, c-format msgid " Commands:\n" msgstr "" -#: plugins/sudoers/ldap.c:1986 +#: plugins/sudoers/ldap.c:2006 #, c-format msgid "unable to initialize LDAP: %s" msgstr "" -#: plugins/sudoers/ldap.c:2017 +#: plugins/sudoers/ldap.c:2037 #, c-format msgid "" "start_tls specified but LDAP libs do not support ldap_start_tls_s() or " "ldap_start_tls_s_np()" msgstr "" -#: plugins/sudoers/ldap.c:2248 +#: plugins/sudoers/ldap.c:2268 #, c-format msgid "invalid sudoOrder attribute: %s" msgstr "" -- cgit v1.2.1 From ddaefd41dd07a82f81b5307da056452d62bf8154 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Fri, 16 Sep 2011 19:33:32 -0400 Subject: Mention DEREF support --- NEWS | 3 +++ 1 file changed, 3 insertions(+) diff --git a/NEWS b/NEWS index 8d3270031..af1c95168 100644 --- a/NEWS +++ b/NEWS @@ -23,6 +23,9 @@ What's new in Sudo 1.8.3? * The NOPASSWD tag is now honored for denied commands too, which matches historic sudo behavior (prior to sudo 1.7.0). + * Sudo now honors the "DEREF" setting in ldap.conf which controls + how alias dereferencing is done during an LDAP search. + What's new in Sudo 1.8.2? * Sudo, visudo, sudoreplay and the sudoers plug-in now have natural -- cgit v1.2.1 -- cgit v1.2.1 From 11dad4f89db052cd4420cb430c614cdb1b756199 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Tue, 27 Sep 2011 14:07:51 -0400 Subject: regen pot files --- plugins/sudoers/po/sudoers.pot | 188 ++++++++++++++++++++--------------------- src/po/sudo.pot | 8 +- 2 files changed, 98 insertions(+), 98 deletions(-) diff --git a/plugins/sudoers/po/sudoers.pot b/plugins/sudoers/po/sudoers.pot index 39390ef96..855b98849 100644 --- a/plugins/sudoers/po/sudoers.pot +++ b/plugins/sudoers/po/sudoers.pot @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: sudo 1.8.3\n" "Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n" -"POT-Creation-Date: 2011-09-16 16:52-0400\n" +"POT-Creation-Date: 2011-09-27 14:02-0400\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -64,98 +64,98 @@ msgstr "" msgid "au_to_text: failed" msgstr "" -#: plugins/sudoers/check.c:141 +#: plugins/sudoers/check.c:149 #, c-format msgid "sorry, a password is required to run %s" msgstr "" -#: plugins/sudoers/check.c:225 plugins/sudoers/iolog.c:169 -#: plugins/sudoers/sudoers.c:971 plugins/sudoers/sudoreplay.c:325 +#: plugins/sudoers/check.c:237 plugins/sudoers/iolog.c:169 +#: plugins/sudoers/sudoers.c:962 plugins/sudoers/sudoreplay.c:325 #: plugins/sudoers/sudoreplay.c:334 plugins/sudoers/sudoreplay.c:675 #: plugins/sudoers/sudoreplay.c:767 plugins/sudoers/visudo.c:744 #, c-format msgid "unable to open %s" msgstr "" -#: plugins/sudoers/check.c:229 plugins/sudoers/iolog.c:199 +#: plugins/sudoers/check.c:241 plugins/sudoers/iolog.c:199 #, c-format msgid "unable to write to %s" msgstr "" -#: plugins/sudoers/check.c:237 plugins/sudoers/check.c:475 -#: plugins/sudoers/check.c:525 plugins/sudoers/iolog.c:122 +#: plugins/sudoers/check.c:249 plugins/sudoers/check.c:487 +#: plugins/sudoers/check.c:537 plugins/sudoers/iolog.c:122 #: plugins/sudoers/iolog.c:153 #, c-format msgid "unable to mkdir %s" msgstr "" -#: plugins/sudoers/check.c:370 +#: plugins/sudoers/check.c:382 #, c-format msgid "internal error, expand_prompt() overflow" msgstr "" -#: plugins/sudoers/check.c:426 +#: plugins/sudoers/check.c:438 #, c-format msgid "timestamp path too long: %s" msgstr "" -#: plugins/sudoers/check.c:454 plugins/sudoers/check.c:498 +#: plugins/sudoers/check.c:466 plugins/sudoers/check.c:510 #: plugins/sudoers/iolog.c:155 #, c-format msgid "%s exists but is not a directory (0%o)" msgstr "" -#: plugins/sudoers/check.c:457 plugins/sudoers/check.c:501 -#: plugins/sudoers/check.c:546 +#: plugins/sudoers/check.c:469 plugins/sudoers/check.c:513 +#: plugins/sudoers/check.c:558 #, c-format msgid "%s owned by uid %u, should be uid %u" msgstr "" -#: plugins/sudoers/check.c:462 plugins/sudoers/check.c:506 +#: plugins/sudoers/check.c:474 plugins/sudoers/check.c:518 #, c-format msgid "%s writable by non-owner (0%o), should be mode 0700" msgstr "" -#: plugins/sudoers/check.c:470 plugins/sudoers/check.c:514 -#: plugins/sudoers/check.c:582 plugins/sudoers/sudoers.c:957 +#: plugins/sudoers/check.c:482 plugins/sudoers/check.c:526 +#: plugins/sudoers/check.c:594 plugins/sudoers/sudoers.c:948 #: plugins/sudoers/visudo.c:304 plugins/sudoers/visudo.c:544 #, c-format msgid "unable to stat %s" msgstr "" -#: plugins/sudoers/check.c:540 +#: plugins/sudoers/check.c:552 #, c-format msgid "%s exists but is not a regular file (0%o)" msgstr "" -#: plugins/sudoers/check.c:552 +#: plugins/sudoers/check.c:564 #, c-format msgid "%s writable by non-owner (0%o), should be mode 0600" msgstr "" -#: plugins/sudoers/check.c:606 +#: plugins/sudoers/check.c:618 #, c-format msgid "timestamp too far in the future: %20.20s" msgstr "" -#: plugins/sudoers/check.c:652 +#: plugins/sudoers/check.c:664 #, c-format msgid "unable to remove %s (%s), will reset to the epoch" msgstr "" -#: plugins/sudoers/check.c:660 +#: plugins/sudoers/check.c:672 #, c-format msgid "unable to reset %s to the epoch" msgstr "" -#: plugins/sudoers/check.c:714 plugins/sudoers/check.c:720 +#: plugins/sudoers/check.c:726 plugins/sudoers/check.c:732 +#: plugins/sudoers/sudoers.c:802 plugins/sudoers/sudoers.c:806 #, c-format msgid "unknown uid: %u" msgstr "" -#: plugins/sudoers/check.c:717 plugins/sudoers/sudoers.c:748 -#: plugins/sudoers/sudoers.c:814 plugins/sudoers/sudoers.c:815 -#: plugins/sudoers/sudoers.c:1088 plugins/sudoers/testsudoers.c:202 +#: plugins/sudoers/check.c:729 plugins/sudoers/sudoers.c:744 +#: plugins/sudoers/sudoers.c:1079 plugins/sudoers/testsudoers.c:202 #: plugins/sudoers/testsudoers.c:337 #, c-format msgid "unknown user: %s" @@ -570,7 +570,7 @@ msgstr "" #: plugins/sudoers/find_path.c:68 plugins/sudoers/find_path.c:107 #: plugins/sudoers/find_path.c:122 plugins/sudoers/iolog.c:124 -#: plugins/sudoers/sudoers.c:903 toke.l:663 toke.l:814 +#: plugins/sudoers/sudoers.c:894 toke.l:663 toke.l:814 #, c-format msgid "%s: %s" msgstr "" @@ -614,7 +614,7 @@ msgstr "" msgid "Local IP address and netmask pairs:\n" msgstr "" -#: plugins/sudoers/iolog.c:176 plugins/sudoers/sudoers.c:978 +#: plugins/sudoers/iolog.c:176 plugins/sudoers/sudoers.c:969 #, c-format msgid "unable to read %s" msgstr "" @@ -633,7 +633,7 @@ msgstr "" msgid "unable to create %s" msgstr "" -#: plugins/sudoers/iolog_path.c:247 plugins/sudoers/sudoers.c:357 +#: plugins/sudoers/iolog_path.c:247 plugins/sudoers/sudoers.c:353 #, c-format msgid "unable to set locale to \"%s\", using \"C\"" msgstr "" @@ -874,17 +874,17 @@ msgstr "" msgid "unable to cache user %s, already exists" msgstr "" -#: plugins/sudoers/pwutil.c:607 +#: plugins/sudoers/pwutil.c:619 #, c-format msgid "unable to cache gid %u (%s), already exists" msgstr "" -#: plugins/sudoers/pwutil.c:615 +#: plugins/sudoers/pwutil.c:627 #, c-format msgid "unable to cache gid %u, already exists" msgstr "" -#: plugins/sudoers/pwutil.c:644 plugins/sudoers/pwutil.c:653 +#: plugins/sudoers/pwutil.c:656 plugins/sudoers/pwutil.c:665 #, c-format msgid "unable to cache group %s, already exists" msgstr "" @@ -944,8 +944,8 @@ msgstr "" msgid "User %s is not allowed to run sudo on %s.\n" msgstr "" -#: plugins/sudoers/sudoers.c:199 plugins/sudoers/sudoers.c:234 -#: plugins/sudoers/sudoers.c:911 +#: plugins/sudoers/sudoers.c:199 plugins/sudoers/sudoers.c:230 +#: plugins/sudoers/sudoers.c:902 msgid "problem with defaults entries" msgstr "" @@ -954,159 +954,159 @@ msgstr "" msgid "no valid sudoers sources found, quitting" msgstr "" -#: plugins/sudoers/sudoers.c:257 +#: plugins/sudoers/sudoers.c:253 #, c-format msgid "unable to execute %s: %s" msgstr "" -#: plugins/sudoers/sudoers.c:306 +#: plugins/sudoers/sudoers.c:302 #, c-format msgid "sudoers specifies that root is not allowed to sudo" msgstr "" -#: plugins/sudoers/sudoers.c:313 +#: plugins/sudoers/sudoers.c:309 #, c-format msgid "you are not permitted to use the -C option" msgstr "" -#: plugins/sudoers/sudoers.c:403 +#: plugins/sudoers/sudoers.c:399 #, c-format msgid "timestamp owner (%s): No such user" msgstr "" -#: plugins/sudoers/sudoers.c:419 +#: plugins/sudoers/sudoers.c:415 msgid "no tty" msgstr "" -#: plugins/sudoers/sudoers.c:420 +#: plugins/sudoers/sudoers.c:416 #, c-format msgid "sorry, you must have a tty to run sudo" msgstr "" -#: plugins/sudoers/sudoers.c:463 +#: plugins/sudoers/sudoers.c:459 msgid "No user or host" msgstr "" -#: plugins/sudoers/sudoers.c:477 plugins/sudoers/sudoers.c:498 -#: plugins/sudoers/sudoers.c:499 plugins/sudoers/sudoers.c:1465 -#: plugins/sudoers/sudoers.c:1466 +#: plugins/sudoers/sudoers.c:473 plugins/sudoers/sudoers.c:494 +#: plugins/sudoers/sudoers.c:495 plugins/sudoers/sudoers.c:1456 +#: plugins/sudoers/sudoers.c:1457 #, c-format msgid "%s: command not found" msgstr "" -#: plugins/sudoers/sudoers.c:479 plugins/sudoers/sudoers.c:495 +#: plugins/sudoers/sudoers.c:475 plugins/sudoers/sudoers.c:491 #, c-format msgid "" "ignoring `%s' found in '.'\n" "Use `sudo ./%s' if this is the `%s' you wish to run." msgstr "" -#: plugins/sudoers/sudoers.c:484 +#: plugins/sudoers/sudoers.c:480 msgid "validation failure" msgstr "" -#: plugins/sudoers/sudoers.c:494 +#: plugins/sudoers/sudoers.c:490 msgid "command in current directory" msgstr "" -#: plugins/sudoers/sudoers.c:506 +#: plugins/sudoers/sudoers.c:502 #, c-format msgid "sorry, you are not allowed to preserve the environment" msgstr "" -#: plugins/sudoers/sudoers.c:894 +#: plugins/sudoers/sudoers.c:885 #, c-format msgid "internal error, set_cmnd() overflow" msgstr "" -#: plugins/sudoers/sudoers.c:936 +#: plugins/sudoers/sudoers.c:927 #, c-format msgid "fixed mode on %s" msgstr "" -#: plugins/sudoers/sudoers.c:940 +#: plugins/sudoers/sudoers.c:931 #, c-format msgid "set group on %s" msgstr "" -#: plugins/sudoers/sudoers.c:943 +#: plugins/sudoers/sudoers.c:934 #, c-format msgid "unable to set group on %s" msgstr "" -#: plugins/sudoers/sudoers.c:946 +#: plugins/sudoers/sudoers.c:937 #, c-format msgid "unable to fix mode on %s" msgstr "" -#: plugins/sudoers/sudoers.c:959 +#: plugins/sudoers/sudoers.c:950 #, c-format msgid "%s is not a regular file" msgstr "" -#: plugins/sudoers/sudoers.c:961 +#: plugins/sudoers/sudoers.c:952 #, c-format msgid "%s is mode 0%o, should be 0%o" msgstr "" -#: plugins/sudoers/sudoers.c:965 +#: plugins/sudoers/sudoers.c:956 #, c-format msgid "%s is owned by uid %u, should be %u" msgstr "" -#: plugins/sudoers/sudoers.c:968 +#: plugins/sudoers/sudoers.c:959 #, c-format msgid "%s is owned by gid %u, should be %u" msgstr "" -#: plugins/sudoers/sudoers.c:1012 +#: plugins/sudoers/sudoers.c:1003 #, c-format msgid "only root can use `-c %s'" msgstr "" -#: plugins/sudoers/sudoers.c:1022 +#: plugins/sudoers/sudoers.c:1013 #, c-format msgid "unknown login class: %s" msgstr "" -#: plugins/sudoers/sudoers.c:1056 +#: plugins/sudoers/sudoers.c:1047 #, c-format msgid "unable to resolve host %s" msgstr "" -#: plugins/sudoers/sudoers.c:1106 plugins/sudoers/testsudoers.c:351 +#: plugins/sudoers/sudoers.c:1097 plugins/sudoers/testsudoers.c:351 #, c-format msgid "unknown group: %s" msgstr "" -#: plugins/sudoers/sudoers.c:1150 +#: plugins/sudoers/sudoers.c:1141 #, c-format msgid "Sudoers policy plugin version %s\n" msgstr "" -#: plugins/sudoers/sudoers.c:1152 +#: plugins/sudoers/sudoers.c:1143 #, c-format msgid "Sudoers file grammar version %d\n" msgstr "" -#: plugins/sudoers/sudoers.c:1156 +#: plugins/sudoers/sudoers.c:1147 #, c-format msgid "" "\n" "Sudoers path: %s\n" msgstr "" -#: plugins/sudoers/sudoers.c:1159 +#: plugins/sudoers/sudoers.c:1150 #, c-format msgid "nsswitch path: %s\n" msgstr "" -#: plugins/sudoers/sudoers.c:1161 +#: plugins/sudoers/sudoers.c:1152 #, c-format msgid "ldap.conf path: %s\n" msgstr "" -#: plugins/sudoers/sudoers.c:1162 +#: plugins/sudoers/sudoers.c:1153 #, c-format msgid "ldap.secret path: %s\n" msgstr "" @@ -1527,47 +1527,47 @@ msgid "" "%s" msgstr "" -#: plugins/sudoers/auth/kerb5.c:114 +#: plugins/sudoers/auth/kerb5.c:110 #, c-format -msgid "%s: unable to parse '%s': %s" +msgid "%s: unable to unparse princ ('%s'): %s" msgstr "" -#: plugins/sudoers/auth/kerb5.c:127 +#: plugins/sudoers/auth/kerb5.c:149 #, c-format -msgid "%s: unable to unparse princ ('%s'): %s" +msgid "%s: unable to parse '%s': %s" msgstr "" -#: plugins/sudoers/auth/kerb5.c:144 +#: plugins/sudoers/auth/kerb5.c:160 #, c-format msgid "%s: unable to resolve ccache: %s" msgstr "" -#: plugins/sudoers/auth/kerb5.c:188 +#: plugins/sudoers/auth/kerb5.c:204 #, c-format msgid "%s: unable to allocate options: %s" msgstr "" -#: plugins/sudoers/auth/kerb5.c:204 +#: plugins/sudoers/auth/kerb5.c:220 #, c-format msgid "%s: unable to get credentials: %s" msgstr "" -#: plugins/sudoers/auth/kerb5.c:217 +#: plugins/sudoers/auth/kerb5.c:233 #, c-format msgid "%s: unable to initialize ccache: %s" msgstr "" -#: plugins/sudoers/auth/kerb5.c:221 +#: plugins/sudoers/auth/kerb5.c:237 #, c-format msgid "%s: unable to store cred in ccache: %s" msgstr "" -#: plugins/sudoers/auth/kerb5.c:284 +#: plugins/sudoers/auth/kerb5.c:300 #, c-format msgid "%s: unable to get host principal: %s" msgstr "" -#: plugins/sudoers/auth/kerb5.c:299 +#: plugins/sudoers/auth/kerb5.c:315 #, c-format msgid "%s: Cannot verify TGT! Possible attack!: %s" msgstr "" @@ -1604,50 +1604,50 @@ msgstr "" msgid "pam_authenticate: %s" msgstr "" -#: plugins/sudoers/auth/pam.c:296 +#: plugins/sudoers/auth/pam.c:300 msgid "Password: " msgstr "" -#: plugins/sudoers/auth/pam.c:297 +#: plugins/sudoers/auth/pam.c:301 msgid "Password:" msgstr "" -#: plugins/sudoers/auth/securid.c:82 plugins/sudoers/auth/securid5.c:106 +#: plugins/sudoers/auth/securid.c:82 plugins/sudoers/auth/securid5.c:105 #, c-format msgid "unable to contact the SecurID server" msgstr "" -#: plugins/sudoers/auth/securid5.c:81 +#: plugins/sudoers/auth/securid5.c:80 #, c-format msgid "failed to initialise the ACE API library" msgstr "" -#: plugins/sudoers/auth/securid5.c:115 +#: plugins/sudoers/auth/securid5.c:114 #, c-format msgid "User ID locked for SecurID Authentication" msgstr "" -#: plugins/sudoers/auth/securid5.c:119 plugins/sudoers/auth/securid5.c:169 +#: plugins/sudoers/auth/securid5.c:118 plugins/sudoers/auth/securid5.c:168 #, c-format msgid "invalid username length for SecurID" msgstr "" -#: plugins/sudoers/auth/securid5.c:123 plugins/sudoers/auth/securid5.c:174 +#: plugins/sudoers/auth/securid5.c:122 plugins/sudoers/auth/securid5.c:173 #, c-format msgid "invalid Authentication Handle for SecurID" msgstr "" -#: plugins/sudoers/auth/securid5.c:127 +#: plugins/sudoers/auth/securid5.c:126 #, c-format msgid "SecurID communication failed" msgstr "" -#: plugins/sudoers/auth/securid5.c:131 plugins/sudoers/auth/securid5.c:213 +#: plugins/sudoers/auth/securid5.c:130 plugins/sudoers/auth/securid5.c:212 #, c-format msgid "unknown SecurID error" msgstr "" -#: plugins/sudoers/auth/securid5.c:164 +#: plugins/sudoers/auth/securid5.c:163 #, c-format msgid "invalid passcode length for SecurID" msgstr "" @@ -1656,25 +1656,25 @@ msgstr "" msgid "unable to initialize SIA session" msgstr "" -#: plugins/sudoers/auth/sudo_auth.c:124 +#: plugins/sudoers/auth/sudo_auth.c:118 msgid "" -"There are no authentication methods compiled into sudo! If you want to turn " -"off authentication, use the --disable-authentication configure option." +"Invalid authentication methods compiled into sudo! You may mix standalone " +"and non-standalone authentication." msgstr "" -#: plugins/sudoers/auth/sudo_auth.c:134 +#: plugins/sudoers/auth/sudo_auth.c:195 msgid "" -"Invalid authentication methods compiled into sudo! You may mix standalone " -"and non-standalone authentication." +"There are no authentication methods compiled into sudo! If you want to turn " +"off authentication, use the --disable-authentication configure option." msgstr "" -#: plugins/sudoers/auth/sudo_auth.c:243 +#: plugins/sudoers/auth/sudo_auth.c:265 #, c-format msgid "%d incorrect password attempt" msgid_plural "%d incorrect password attempts" msgstr[0] "" msgstr[1] "" -#: plugins/sudoers/auth/sudo_auth.c:335 +#: plugins/sudoers/auth/sudo_auth.c:359 msgid "Authentication methods:" msgstr "" diff --git a/src/po/sudo.pot b/src/po/sudo.pot index 0861cbaba..285e91c49 100644 --- a/src/po/sudo.pot +++ b/src/po/sudo.pot @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: sudo 1.8.3\n" "Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n" -"POT-Creation-Date: 2011-09-16 13:37-0400\n" +"POT-Creation-Date: 2011-09-27 14:02-0400\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -670,17 +670,17 @@ msgstr "" msgid "unable to run %s" msgstr "" -#: src/utmp.c:263 +#: src/utmp.c:265 #, c-format msgid "unable to save stdin" msgstr "" -#: src/utmp.c:265 +#: src/utmp.c:267 #, c-format msgid "unable to dup2 stdin" msgstr "" -#: src/utmp.c:268 +#: src/utmp.c:270 #, c-format msgid "unable to restore stdin" msgstr "" -- cgit v1.2.1 From 37ed8bcece7f61f4495568eba25cab1223e6e947 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Tue, 27 Sep 2011 14:22:48 -0400 Subject: Update for latest release candidate --- NEWS | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/NEWS b/NEWS index af1c95168..d82640740 100644 --- a/NEWS +++ b/NEWS @@ -26,6 +26,21 @@ What's new in Sudo 1.8.3? * Sudo now honors the "DEREF" setting in ldap.conf which controls how alias dereferencing is done during an LDAP search. + * A symbol conflict with the pam_ssh_agent_auth PAM module that + would cause a crash been resolved. + + * Sudo now includes an Italian translation from translationproject.org. + + * The inability to load a group provider plugin is no longer + a fatal error. + + * A potential crash in the utmp handling code has been fixed. + + * Two PAM session issues have been resolved. In previous versions + of sudo, the PAM session was opened as one user and closed as + another. Additionally, if no authentication was performed, the + PAM session would never be closed. + What's new in Sudo 1.8.2? * Sudo, visudo, sudoreplay and the sudoers plug-in now have natural -- cgit v1.2.1 From d285e5bb7ab10ea3bb98fbbe090c3bfd783a70c0 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Sun, 2 Oct 2011 14:38:26 -0400 Subject: Combine new translations in NEWS item --- NEWS | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/NEWS b/NEWS index d82640740..8c493821e 100644 --- a/NEWS +++ b/NEWS @@ -3,7 +3,7 @@ What's new in Sudo 1.8.3? * Fixed expansion of strftime() escape sequences in the "log_dir" sudoers setting. - * Added new Esperanto translation from translationproject.org. + * Esperanto and Italian translations from translationproject.org. * Sudo will now use PAM by default on AIX 6 and higher. @@ -29,8 +29,6 @@ What's new in Sudo 1.8.3? * A symbol conflict with the pam_ssh_agent_auth PAM module that would cause a crash been resolved. - * Sudo now includes an Italian translation from translationproject.org. - * The inability to load a group provider plugin is no longer a fatal error. -- cgit v1.2.1 -- cgit v1.2.1 From eab7dd521231ec2bd74b56df36ccc1a91a3ff96f Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Wed, 4 Jan 2012 13:04:34 -0500 Subject: Bump version to 1.8.4 --- configure | 18 +++++++++--------- configure.in | 2 +- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/configure b/configure index 99f565be2..454ebf3ad 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.68 for sudo 1.8.3. +# Generated by GNU Autoconf 2.68 for sudo 1.8.4. # # Report bugs to . # @@ -570,8 +570,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='sudo' PACKAGE_TARNAME='sudo' -PACKAGE_VERSION='1.8.3' -PACKAGE_STRING='sudo 1.8.3' +PACKAGE_VERSION='1.8.4' +PACKAGE_STRING='sudo 1.8.4' PACKAGE_BUGREPORT='http://www.sudo.ws/bugs/' PACKAGE_URL='' @@ -1445,7 +1445,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures sudo 1.8.3 to adapt to many kinds of systems. +\`configure' configures sudo 1.8.4 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1510,7 +1510,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of sudo 1.8.3:";; + short | recursive ) echo "Configuration of sudo 1.8.4:";; esac cat <<\_ACEOF @@ -1726,7 +1726,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -sudo configure 1.8.3 +sudo configure 1.8.4 generated by GNU Autoconf 2.68 Copyright (C) 2010 Free Software Foundation, Inc. @@ -2430,7 +2430,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by sudo $as_me 1.8.3, which was +It was created by sudo $as_me 1.8.4, which was generated by GNU Autoconf 2.68. Invocation command line was $ $0 $@ @@ -20316,7 +20316,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by sudo $as_me 1.8.3, which was +This file was extended by sudo $as_me 1.8.4, which was generated by GNU Autoconf 2.68. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -20382,7 +20382,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -sudo config.status 1.8.3 +sudo config.status 1.8.4 configured by $0, generated by GNU Autoconf 2.68, with options \\"\$ac_cs_config\\" diff --git a/configure.in b/configure.in index fabf26a71..498e81fe0 100644 --- a/configure.in +++ b/configure.in @@ -3,7 +3,7 @@ dnl Process this file with GNU autoconf to produce a configure script. dnl dnl Copyright (c) 1994-1996,1998-2011 Todd C. Miller dnl -AC_INIT([sudo], [1.8.3], [http://www.sudo.ws/bugs/], [sudo]) +AC_INIT([sudo], [1.8.4], [http://www.sudo.ws/bugs/], [sudo]) AC_CONFIG_HEADER([config.h pathnames.h]) dnl dnl Note: this must come after AC_INIT -- cgit v1.2.1 From d5ef6a2c3cd40956763d48f7fd8047988ce58472 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Fri, 6 Jan 2012 15:15:26 -0500 Subject: regen pot files --- plugins/sudoers/po/sudoers.pot | 26 +++++++++++++------------- src/po/sudo.pot | 4 ++-- 2 files changed, 15 insertions(+), 15 deletions(-) diff --git a/plugins/sudoers/po/sudoers.pot b/plugins/sudoers/po/sudoers.pot index c411f1c47..6031b5a8c 100644 --- a/plugins/sudoers/po/sudoers.pot +++ b/plugins/sudoers/po/sudoers.pot @@ -5,9 +5,9 @@ #, fuzzy msgid "" msgstr "" -"Project-Id-Version: sudo 1.8.3\n" +"Project-Id-Version: sudo 1.8.4\n" "Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n" -"POT-Creation-Date: 2012-01-06 13:34-0500\n" +"POT-Creation-Date: 2012-01-06 15:10-0500\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -567,8 +567,8 @@ msgid "" msgstr "" #: plugins/sudoers/find_path.c:69 plugins/sudoers/find_path.c:108 -#: plugins/sudoers/find_path.c:123 plugins/sudoers/iolog.c:125 toke.l:668 -#: toke.l:823 plugins/sudoers/sudoers.c:909 +#: plugins/sudoers/find_path.c:123 plugins/sudoers/iolog.c:125 +#: plugins/sudoers/sudoers.c:909 toke.l:668 toke.l:823 #, c-format msgid "%s: %s" msgstr "" @@ -737,15 +737,6 @@ msgstr "" msgid "invalid sudoOrder attribute: %s" msgstr "" -#: toke.l:672 toke.l:802 toke.l:827 toke.l:923 plugins/sudoers/toke_util.c:113 -#: plugins/sudoers/toke_util.c:167 plugins/sudoers/toke_util.c:207 -msgid "unable to allocate memory" -msgstr "" - -#: toke.l:795 -msgid "too many levels of includes" -msgstr "" - #: plugins/sudoers/linux_audit.c:57 #, c-format msgid "unable to open audit system" @@ -1295,6 +1286,15 @@ msgid "" "Command unmatched" msgstr "" +#: toke.l:672 toke.l:802 toke.l:827 toke.l:923 plugins/sudoers/toke_util.c:113 +#: plugins/sudoers/toke_util.c:167 plugins/sudoers/toke_util.c:207 +msgid "unable to allocate memory" +msgstr "" + +#: toke.l:795 +msgid "too many levels of includes" +msgstr "" + #: plugins/sudoers/toke_util.c:218 msgid "fill_args: buffer overflow" msgstr "" diff --git a/src/po/sudo.pot b/src/po/sudo.pot index b8528f018..211b5d937 100644 --- a/src/po/sudo.pot +++ b/src/po/sudo.pot @@ -5,9 +5,9 @@ #, fuzzy msgid "" msgstr "" -"Project-Id-Version: sudo 1.8.3\n" +"Project-Id-Version: sudo 1.8.4\n" "Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n" -"POT-Creation-Date: 2012-01-06 13:34-0500\n" +"POT-Creation-Date: 2012-01-06 15:10-0500\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" -- cgit v1.2.1 From 1135b8f15ebfe96f6fb7741fd0bc988e5a19517b Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Fri, 6 Jan 2012 15:29:05 -0500 Subject: regen --- doc/sudo.cat | 67 ++++++++++++++++++++++++++++++++++++------------ doc/sudo.man.in | 68 ++++++++++++++++++++++++++++++++++++------------- doc/sudo_plugin.cat | 44 +++++++++++++++++++++++++++----- doc/sudo_plugin.man.in | 46 +++++++++++++++++++++++++++------ doc/sudoers.cat | 57 ++++++++++++++++++++++++++--------------- doc/sudoers.ldap.cat | 7 ++--- doc/sudoers.ldap.man.in | 7 ++--- doc/sudoers.man.in | 52 ++++++++++++++++++++++++------------- doc/sudoreplay.cat | 2 +- doc/sudoreplay.man.in | 2 +- doc/visudo.cat | 9 ++++--- doc/visudo.man.in | 11 ++++---- 12 files changed, 268 insertions(+), 104 deletions(-) diff --git a/doc/sudo.cat b/doc/sudo.cat index ed8a69e8c..210318493 100644 --- a/doc/sudo.cat +++ b/doc/sudo.cat @@ -6,19 +6,19 @@ NNAAMMEE sudo, sudoedit - execute a command as another user SSYYNNOOPPSSIISS - ssuuddoo [--DD _l_e_v_e_l] --hh | --KK | --kk | --VV + ssuuddoo --hh | --KK | --kk | --VV - ssuuddoo --vv [--AAkknnSS] [--aa _a_u_t_h___t_y_p_e] [--DD _l_e_v_e_l] [--gg _g_r_o_u_p _n_a_m_e|_#_g_i_d] - [--pp _p_r_o_m_p_t] [--uu _u_s_e_r _n_a_m_e|_#_u_i_d] + ssuuddoo --vv [--AAkknnSS] [--aa _a_u_t_h___t_y_p_e] [--gg _g_r_o_u_p _n_a_m_e|_#_g_i_d] [--pp _p_r_o_m_p_t] + [--uu _u_s_e_r _n_a_m_e|_#_u_i_d] - ssuuddoo --ll[[ll]] [--AAkknnSS] [--aa _a_u_t_h___t_y_p_e] [--DD _l_e_v_e_l] [--gg _g_r_o_u_p _n_a_m_e|_#_g_i_d] - [--pp _p_r_o_m_p_t] [--UU _u_s_e_r _n_a_m_e] [--uu _u_s_e_r _n_a_m_e|_#_u_i_d] [_c_o_m_m_a_n_d] + ssuuddoo --ll[[ll]] [--AAkknnSS] [--aa _a_u_t_h___t_y_p_e] [--gg _g_r_o_u_p _n_a_m_e|_#_g_i_d] [--pp _p_r_o_m_p_t] + [--UU _u_s_e_r _n_a_m_e] [--uu _u_s_e_r _n_a_m_e|_#_u_i_d] [_c_o_m_m_a_n_d] - ssuuddoo [--AAbbEEHHnnPPSS] [--aa _a_u_t_h___t_y_p_e] [--CC _f_d] [--DD _l_e_v_e_l] [--cc _c_l_a_s_s|_-] + ssuuddoo [--AAbbEEHHnnPPSS] [--aa _a_u_t_h___t_y_p_e] [--CC _f_d] [--cc _c_l_a_s_s|_-] [--gg _g_r_o_u_p _n_a_m_e|_#_g_i_d] [--pp _p_r_o_m_p_t] [--rr _r_o_l_e] [--tt _t_y_p_e] [--uu _u_s_e_r _n_a_m_e|_#_u_i_d] [VVAARR=_v_a_l_u_e] [--ii | --ss] [_c_o_m_m_a_n_d] - ssuuddooeeddiitt [--AAnnSS] [--aa _a_u_t_h___t_y_p_e] [--CC _f_d] [--cc _c_l_a_s_s|_-] [--DD _l_e_v_e_l] + ssuuddooeeddiitt [--AAnnSS] [--aa _a_u_t_h___t_y_p_e] [--CC _f_d] [--cc _c_l_a_s_s|_-] [--gg _g_r_o_u_p _n_a_m_e|_#_g_i_d] [--pp _p_r_o_m_p_t] [--uu _u_s_e_r _n_a_m_e|_#_u_i_d] file ... DDEESSCCRRIIPPTTIIOONN @@ -30,7 +30,7 @@ DDEESSCCRRIIPPTTIIOONN ssuuddoo supports a plugin architecture for security policies and input/output logging. Third parties can develop and distribute their - own policy and I/O logging modules to work seemlessly with the ssuuddoo + own policy and I/O logging modules to work seamlessly with the ssuuddoo front end. The default security policy is _s_u_d_o_e_r_s, which is configured via the file _/_e_t_c_/_s_u_d_o_e_r_s, or via LDAP. See the PLUGINS section for more information. @@ -110,9 +110,6 @@ OOPPTTIIOONNSS is already root. This option is only available on systems with BSD login classes. - -D _l_e_v_e_l Enable debugging of ssuuddoo plugins and ssuuddoo itself. The - _l_e_v_e_l may be a value from 1 through 9. - -E The --EE (_p_r_e_s_e_r_v_e _e_n_v_i_r_o_n_m_e_n_t) option indicates to the security policy that the user wishes to preserve their existing environment variables. The security policy may @@ -315,7 +312,7 @@ OOPPTTIIOONNSS line are subject to the same restrictions as normal environment variables with one important exception. If the _s_e_t_e_n_v option is set in _s_u_d_o_e_r_s, the command to be run has the SETENV tag set or the command - matched is ALL, the user may set variables that would overwise be + matched is ALL, the user may set variables that would otherwise be forbidden. See _s_u_d_o_e_r_s(4) for more information. PPLLUUGGIINNSS @@ -332,6 +329,7 @@ PPLLUUGGIINNSS # Plugin plugin_name plugin_path # Path askpass /path/to/askpass # Path noexec /path/to/noexec.so + # Debug sudo /var/log/sudo_debug all@warn # # The plugin_path is relative to /usr/local/libexec unless # fully qualified. @@ -379,6 +377,38 @@ PPAATTHHSS that support LD_PRELOAD or its equivalent. Defaults to _/_u_s_r_/_l_o_c_a_l_/_l_i_b_e_x_e_c_/_s_u_d_o___n_o_e_x_e_c_._s_o. +DDEEBBUUGG FFLLAAGGSS + ssuuddoo versions 1.8.4 and higher support a flexible debugging framework + that can help track down what ssuuddoo is doing internally when there is a + problem. + + A Debug line consists of the Debug keyword, followed by the name of the + program to debug (ssuuddoo, vviissuuddoo, ssuuddoorreeppllaayy), the debug file name and a + comma-separated list of debug flags. The debug flag syntax used by + ssuuddoo and the _s_u_d_o_e_r_s plugin is _s_u_b_s_y_s_t_e_m@_p_r_i_o_r_i_t_y but the plugin is + free to use a different format so long as it does not include a command + ,. + + For instance: + + Debug sudo /var/log/sudo_debug all@warn,plugin@info + + would log all debugging statements at the _w_a_r_n level and higher in + addition to those at the _i_n_f_o level for the plugin subsystem. + + Currently, only one Debug entry per program is supported. The sudo + Debug entry is shared by the ssuuddoo front end, ssuuddooeeddiitt and the plugins. + A future release may add support for per-plugin Debug lines and/or + support for multiple debugging files for a single program. + + For reference, the priorities supported by the ssuuddoo front end and + _s_u_d_o_e_r_s are: _c_r_i_t, _e_r_r, _w_a_r_n, _n_o_t_i_c_e, _d_i_a_g, _i_n_f_o, _t_r_a_c_e and _d_e_b_u_g. + + The following subsystems are defined: _m_a_i_n, _m_e_m_o_r_y, _a_r_g_s, _e_x_e_c, _p_t_y, + _u_t_m_p, _c_o_n_v, _p_c_o_m_m, _u_t_i_l, _l_i_s_t, _n_e_t_i_f, _a_u_d_i_t, _e_d_i_t, _s_e_l_i_n_u_x, _l_d_a_p, + _m_a_t_c_h, _p_a_r_s_e_r, _a_l_i_a_s, _d_e_f_a_u_l_t_s, _a_u_t_h, _e_n_v, _l_o_g_g_i_n_g, _n_s_s, _r_b_t_r_e_e, _p_e_r_m_s, + _p_l_u_g_i_n. The subsystem _a_l_l includes every subsystem. + RREETTUURRNN VVAALLUUEESS Upon successful execution of a program, the exit status from ssuuddoo will simply be the exit status of the program that was executed. @@ -460,7 +490,7 @@ EENNVVIIRROONNMMEENNTT SUDO_EDITOR is not set FFIILLEESS - _/_e_t_c_/_s_u_d_o_._c_o_n_f ssuuddoo plugin and path configuration + _/_e_t_c_/_s_u_d_o_._c_o_n_f ssuuddoo front end configuration EEXXAAMMPPLLEESS Note: the following examples assume a properly configured security @@ -507,8 +537,13 @@ AAUUTTHHOORRSS Todd C. Miller - See the HISTORY file in the ssuuddoo distribution or visit - http://www.sudo.ws/sudo/history.html for a short history of ssuuddoo. + See the CONTRIBUTORS file in the ssuuddoo distribution + (http://www.sudo.ws/sudo/contributors.html) for a list of people who + have contributed to ssuuddoo. + +HHIISSTTOORRYY + See the HISTORY file in the ssuuddoo distribution + (http://www.sudo.ws/sudo/history.html) for a brief history of sudo. CCAAVVEEAATTSS There is no easy way to prevent a user from gaining a root shell if @@ -547,4 +582,4 @@ DDIISSCCLLAAIIMMEERR -1.8.3 September 16, 2011 SUDO(1m) +1.8.4 January 6, 2012 SUDO(1m) diff --git a/doc/sudo.man.in b/doc/sudo.man.in index c36d63b64..ee15f8f04 100644 --- a/doc/sudo.man.in +++ b/doc/sudo.man.in @@ -1,4 +1,4 @@ -.\" Copyright (c) 1994-1996, 1998-2005, 2007-2011 +.\" Copyright (c) 1994-1996, 1998-2005, 2007-2012 .\" Todd C. Miller .\" .\" Permission to use, copy, modify, and distribute this software for any @@ -149,7 +149,7 @@ .\" ======================================================================== .\" .IX Title "SUDO @mansectsu@" -.TH SUDO @mansectsu@ "September 16, 2011" "1.8.3" "MAINTENANCE COMMANDS" +.TH SUDO @mansectsu@ "January 6, 2012" "1.8.4" "MAINTENANCE COMMANDS" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -158,24 +158,21 @@ sudo, sudoedit \- execute a command as another user .SH "SYNOPSIS" .IX Header "SYNOPSIS" -\&\fBsudo\fR [\fB\-D\fR\ \fIlevel\fR] \fB\-h\fR | \fB\-K\fR | \fB\-k\fR | \fB\-V\fR +\&\fBsudo\fR \fB\-h\fR | \fB\-K\fR | \fB\-k\fR | \fB\-V\fR .PP \&\fBsudo\fR \fB\-v\fR [\fB\-AknS\fR] .if \n(BA [\fB\-a\fR\ \fIauth_type\fR] -[\fB\-D\fR\ \fIlevel\fR] [\fB\-g\fR\ \fIgroup\ name\fR|\fI#gid\fR] [\fB\-p\fR\ \fIprompt\fR] [\fB\-u\fR\ \fIuser\ name\fR|\fI#uid\fR] .PP \&\fBsudo\fR \fB\-l[l]\fR [\fB\-AknS\fR] .if \n(BA [\fB\-a\fR\ \fIauth_type\fR] -[\fB\-D\fR\ \fIlevel\fR] [\fB\-g\fR\ \fIgroup\ name\fR|\fI#gid\fR] [\fB\-p\fR\ \fIprompt\fR] [\fB\-U\fR\ \fIuser\ name\fR] [\fB\-u\fR\ \fIuser\ name\fR|\fI#uid\fR] [\fIcommand\fR] .PP \&\fBsudo\fR [\fB\-AbEHnPS\fR] .if \n(BA [\fB\-a\fR\ \fIauth_type\fR] [\fB\-C\fR\ \fIfd\fR] -[\fB\-D\fR\ \fIlevel\fR] .if \n(LC [\fB\-c\fR\ \fIclass\fR|\fI\-\fR] [\fB\-g\fR\ \fIgroup\ name\fR|\fI#gid\fR] [\fB\-p\fR\ \fIprompt\fR] .if \n(SL [\fB\-r\fR\ \fIrole\fR] [\fB\-t\fR\ \fItype\fR] @@ -186,7 +183,6 @@ sudo, sudoedit \- execute a command as another user .if \n(BA [\fB\-a\fR\ \fIauth_type\fR] [\fB\-C\fR\ \fIfd\fR] .if \n(LC [\fB\-c\fR\ \fIclass\fR|\fI\-\fR] -[\fB\-D\fR\ \fIlevel\fR] [\fB\-g\fR\ \fIgroup\ name\fR|\fI#gid\fR] [\fB\-p\fR\ \fIprompt\fR] [\fB\-u\fR\ \fIuser\ name\fR|\fI#uid\fR] file ... .SH "DESCRIPTION" @@ -200,7 +196,7 @@ option was specified). .PP \&\fBsudo\fR supports a plugin architecture for security policies and input/output logging. Third parties can develop and distribute -their own policy and I/O logging modules to work seemlessly with +their own policy and I/O logging modules to work seamlessly with the \fBsudo\fR front end. The default security policy is \fIsudoers\fR, which is configured via the file \fI@sysconfdir@/sudoers\fR, or via \&\s-1LDAP\s0. See the \s-1PLUGINS\s0 section for more information. @@ -288,10 +284,6 @@ argument specifies an existing user class, the command must be run as root, or the \fBsudo\fR command must be run from a shell that is already root. This option is only available on systems with \s-1BSD\s0 login classes. \} -.IP "\-D \fIlevel\fR" 12 -.IX Item "-D level" -Enable debugging of \fBsudo\fR plugins and \fBsudo\fR itself. The \fIlevel\fR -may be a value from 1 through 9. .IP "\-E" 12 .IX Item "-E" The \fB\-E\fR (\fIpreserve\fR \fIenvironment\fR) option indicates to the @@ -520,7 +512,7 @@ command line are subject to the same restrictions as normal environment variables with one important exception. If the \fIsetenv\fR option is set in \fIsudoers\fR, the command to be run has the \f(CW\*(C`SETENV\*(C'\fR tag set or the command matched is \f(CW\*(C`ALL\*(C'\fR, the user may set variables -that would overwise be forbidden. See \fIsudoers\fR\|(@mansectform@) for more information. +that would otherwise be forbidden. See \fIsudoers\fR\|(@mansectform@) for more information. .SH "PLUGINS" .IX Header "PLUGINS" Plugins are dynamically loaded based on the contents of the @@ -537,6 +529,7 @@ which corresponds to the following \fI@sysconfdir@/sudo.conf\fR file. \& # Plugin plugin_name plugin_path \& # Path askpass /path/to/askpass \& # Path noexec /path/to/noexec.so +\& # Debug sudo /var/log/sudo_debug all@warn \& # \& # The plugin_path is relative to @prefix@/libexec unless \& # fully qualified. @@ -585,6 +578,43 @@ versions of the \fIexecv()\fR, \fIexecve()\fR and \fIfexecve()\fR library functi that just return an error. This is used to implement the \fInoexec\fR functionality on systems that support \f(CW\*(C`LD_PRELOAD\*(C'\fR or its equivalent. Defaults to \fI@noexec_file@\fR. +.SH "DEBUG FLAGS" +.IX Header "DEBUG FLAGS" +\&\fBsudo\fR versions 1.8.4 and higher support a flexible debugging +framework that can help track down what \fBsudo\fR is doing internally +when there is a problem. +.PP +A \f(CW\*(C`Debug\*(C'\fR line consists of the \f(CW\*(C`Debug\*(C'\fR keyword, followed by the +name of the program to debug (\fBsudo\fR, \fBvisudo\fR, \fBsudoreplay\fR), +the debug file name and a comma-separated list of debug flags. +The debug flag syntax used by \fBsudo\fR and the \fIsudoers\fR plugin is +\&\fIsubsystem\fR@\fIpriority\fR but the plugin is free to use a different +format so long as it does not include a command \f(CW\*(C`,\*(C'\fR. +.PP +For instance: +.PP +.Vb 1 +\& Debug sudo /var/log/sudo_debug all@warn,plugin@info +.Ve +.PP +would log all debugging statements at the \fIwarn\fR level and higher +in addition to those at the \fIinfo\fR level for the plugin subsystem. +.PP +Currently, only one \f(CW\*(C`Debug\*(C'\fR entry per program is supported. The +\&\f(CW\*(C`sudo\*(C'\fR \f(CW\*(C`Debug\*(C'\fR entry is shared by the \fBsudo\fR front end, \fBsudoedit\fR +and the plugins. A future release may add support for per-plugin +\&\f(CW\*(C`Debug\*(C'\fR lines and/or support for multiple debugging files for a +single program. +.PP +For reference, the priorities supported by the \fBsudo\fR front end and +\&\fIsudoers\fR are: \fIcrit\fR, \fIerr\fR, \fIwarn\fR, \fInotice\fR, \fIdiag\fR, +\&\fIinfo\fR, \fItrace\fR and \fIdebug\fR. +.PP +The following subsystems are defined: \fImain\fR, \fImemory\fR, \fIargs\fR, +\&\fIexec\fR, \fIpty\fR, \fIutmp\fR, \fIconv\fR, \fIpcomm\fR, \fIutil\fR, \fIlist\fR, +\&\fInetif\fR, \fIaudit\fR, \fIedit\fR, \fIselinux\fR, \fIldap\fR, \fImatch\fR, \fIparser\fR, +\&\fIalias\fR, \fIdefaults\fR, \fIauth\fR, \fIenv\fR, \fIlogging\fR, \fInss\fR, \fIrbtree\fR, +\&\fIperms\fR, \fIplugin\fR. The subsystem \fIall\fR includes every subsystem. .SH "RETURN VALUES" .IX Header "RETURN VALUES" Upon successful execution of a program, the exit status from \fBsudo\fR @@ -698,7 +728,7 @@ is not set .ie n .IP "\fI@sysconfdir@/sudo.conf\fR" 24 .el .IP "\fI@sysconfdir@/sudo.conf\fR" 24 .IX Item "@sysconfdir@/sudo.conf" -\&\fBsudo\fR plugin and path configuration +\&\fBsudo\fR front end configuration .SH "EXAMPLES" .IX Header "EXAMPLES" Note: the following examples assume a properly configured security policy. @@ -761,9 +791,13 @@ version consists of code written primarily by: \& Todd C. Miller .Ve .PP -See the \s-1HISTORY\s0 file in the \fBsudo\fR distribution or visit -http://www.sudo.ws/sudo/history.html for a short history -of \fBsudo\fR. +See the \s-1CONTRIBUTORS\s0 file in the \fBsudo\fR distribution +(http://www.sudo.ws/sudo/contributors.html) for a list of people +who have contributed to \fBsudo\fR. +.SH "HISTORY" +.IX Header "HISTORY" +See the \s-1HISTORY\s0 file in the \fBsudo\fR distribution +(http://www.sudo.ws/sudo/history.html) for a brief history of sudo. .SH "CAVEATS" .IX Header "CAVEATS" There is no easy way to prevent a user from gaining a root shell diff --git a/doc/sudo_plugin.cat b/doc/sudo_plugin.cat index 20cba64b6..54e13e1eb 100644 --- a/doc/sudo_plugin.cat +++ b/doc/sudo_plugin.cat @@ -133,9 +133,31 @@ DDEESSCCRRIIPPTTIIOONN equal sign ('=') since the _n_a_m_e field will never include one itself but the _v_a_l_u_e might. + debug_flags=string + A comma-separated list of debug flags that correspond to + ssuuddoo's Debug entry in _/_e_t_c_/_s_u_d_o_._c_o_n_f, if there is one. The + flags are passed to the plugin as they appear in + _/_e_t_c_/_s_u_d_o_._c_o_n_f. The syntax used by ssuuddoo and the _s_u_d_o_e_r_s + plugin is _s_u_b_s_y_s_t_e_m@_p_r_i_o_r_i_t_y but the plugin is free to use + a different format so long as it does not include a command + ,. + + For reference, the priorities supported by the ssuuddoo front + end and _s_u_d_o_e_r_s are: _c_r_i_t, _e_r_r, _w_a_r_n, _n_o_t_i_c_e, _d_i_a_g, _i_n_f_o, + _t_r_a_c_e and _d_e_b_u_g. + + The following subsystems are defined: _m_a_i_n, _m_e_m_o_r_y, _a_r_g_s, + _e_x_e_c, _p_t_y, _u_t_m_p, _c_o_n_v, _p_c_o_m_m, _u_t_i_l, _l_i_s_t, _n_e_t_i_f, _a_u_d_i_t, + _e_d_i_t, _s_e_l_i_n_u_x, _l_d_a_p, _m_a_t_c_h, _p_a_r_s_e_r, _a_l_i_a_s, _d_e_f_a_u_l_t_s, _a_u_t_h, + _e_n_v, _l_o_g_g_i_n_g, _n_s_s, _r_b_t_r_e_e, _p_e_r_m_s, _p_l_u_g_i_n. The subsystem + _a_l_l includes every subsystem. + + There is not currently a way to specify a set of debug + flags specific to the plugin--the flags are shared by ssuuddoo + and the plugin. + debug_level=number - A numeric debug level, from 1-9, if specified via the -D - flag. + This setting has been deprecated in favor of _d_e_b_u_g___f_l_a_g_s. runas_user=string The user name or uid to to run the command as, if specified @@ -875,6 +897,7 @@ DDEESSCCRRIIPPTTIIOONN #define SUDO_CONV_ERROR_MSG 0x0003 /* error message */ #define SUDO_CONV_INFO_MSG 0x0004 /* informational message */ #define SUDO_CONV_PROMPT_MASK 0x0005 /* mask user input */ + #define SUDO_CONV_DEBUG_MSG 0x0006 /* debugging message */ #define SUDO_CONV_PROMPT_ECHO_OK 0x1000 /* flag: allow echo if no tty */ int msg_type; int timeout; @@ -901,10 +924,17 @@ DDEESSCCRRIIPPTTIIOONN buffer filled in to the struct sudo_conv_reply, if any. The printf-style function uses the same underlying mechanism as the - conversation function but only supports SUDO_CONV_INFO_MSG and - SUDO_CONV_ERROR_MSG for the _m_s_g___t_y_p_e parameter. It can be more - convenient than using the conversation function if no user reply is - needed and supports standard _p_r_i_n_t_f_(_) escape sequences. + conversation function but only supports SUDO_CONV_INFO_MSG, + SUDO_CONV_ERROR_MSG and SUDO_CONV_DEBUG_MSG for the _m_s_g___t_y_p_e parameter. + It can be more convenient than using the conversation function if no + user reply is needed and supports standard _p_r_i_n_t_f_(_) escape sequences. + + Unlike, SUDO_CONV_INFO_MSG and SUDO_CONV_ERROR_MSG, messages sent with + the _m_s_g___t_y_p_e are not directly user-visible. + Instead, they are logged to the file specified in the Debug statement + (if any) in the _/_e_t_c_/_s_u_d_o_._c_o_n_f file. This allows a plugin to log + debugging information and is intended to be used in conjunction with + the _d_e_b_u_g___f_l_a_g_s setting. See the sample plugin for an example of the conversation function usage. @@ -1030,4 +1060,4 @@ DDIISSCCLLAAIIMMEERR -1.8.3 September 16, 2011 SUDO_PLUGIN(1m) +1.8.4 January 6, 2012 SUDO_PLUGIN(1m) diff --git a/doc/sudo_plugin.man.in b/doc/sudo_plugin.man.in index 7a161abdc..5ae0118ac 100644 --- a/doc/sudo_plugin.man.in +++ b/doc/sudo_plugin.man.in @@ -1,4 +1,4 @@ -.\" Copyright (c) 2009-2011 Todd C. Miller +.\" Copyright (c) 2009-2012 Todd C. Miller .\" .\" Permission to use, copy, modify, and distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above @@ -139,7 +139,7 @@ .\" ======================================================================== .\" .IX Title "SUDO_PLUGIN @mansectsu@" -.TH SUDO_PLUGIN @mansectsu@ "September 16, 2011" "1.8.3" "MAINTENANCE COMMANDS" +.TH SUDO_PLUGIN @mansectsu@ "January 6, 2012" "1.8.4" "MAINTENANCE COMMANDS" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -282,9 +282,30 @@ When parsing \fIsettings\fR, the plugin should split on the \fBfirst\fR equal sign ('=') since the \fIname\fR field will never include one itself but the \fIvalue\fR might. .RS 4 +.IP "debug_flags=string" 4 +.IX Item "debug_flags=string" +A comma-separated list of debug flags that correspond to \fBsudo\fR's +\&\f(CW\*(C`Debug\*(C'\fR entry in \fI@sysconfdir@/sudo.conf\fR, if there is one. The +flags are passed to the plugin as they appear in \fI@sysconfdir@/sudo.conf\fR. +The syntax used by \fBsudo\fR and the \fIsudoers\fR plugin is +\&\fIsubsystem\fR@\fIpriority\fR but the plugin is free to use a different +format so long as it does not include a command \f(CW\*(C`,\*(C'\fR. +.Sp +For reference, the priorities supported by the \fBsudo\fR front end and +\&\fIsudoers\fR are: \fIcrit\fR, \fIerr\fR, \fIwarn\fR, \fInotice\fR, \fIdiag\fR, +\&\fIinfo\fR, \fItrace\fR and \fIdebug\fR. +.Sp +The following subsystems are defined: \fImain\fR, \fImemory\fR, \fIargs\fR, +\&\fIexec\fR, \fIpty\fR, \fIutmp\fR, \fIconv\fR, \fIpcomm\fR, \fIutil\fR, \fIlist\fR, +\&\fInetif\fR, \fIaudit\fR, \fIedit\fR, \fIselinux\fR, \fIldap\fR, \fImatch\fR, \fIparser\fR, +\&\fIalias\fR, \fIdefaults\fR, \fIauth\fR, \fIenv\fR, \fIlogging\fR, \fInss\fR, \fIrbtree\fR, +\&\fIperms\fR, \fIplugin\fR. The subsystem \fIall\fR includes every subsystem. +.Sp +There is not currently a way to specify a set of debug flags specific +to the plugin\*(--the flags are shared by \fBsudo\fR and the plugin. .IP "debug_level=number" 4 .IX Item "debug_level=number" -A numeric debug level, from 1\-9, if specified via the \f(CW\*(C`\-D\*(C'\fR flag. +This setting has been deprecated in favor of \fIdebug_flags\fR. .IP "runas_user=string" 4 .IX Item "runas_user=string" The user name or uid to to run the command as, if specified via the @@ -1100,13 +1121,14 @@ A printf-style function is also available that can be used to display informational or error messages to the user, which is usually more convenient for simple messages where no use input is required. .PP -.Vb 11 +.Vb 12 \& struct sudo_conv_message { \& #define SUDO_CONV_PROMPT_ECHO_OFF 0x0001 /* do not echo user input */ \& #define SUDO_CONV_PROMPT_ECHO_ON 0x0002 /* echo user input */ \& #define SUDO_CONV_ERROR_MSG 0x0003 /* error message */ \& #define SUDO_CONV_INFO_MSG 0x0004 /* informational message */ \& #define SUDO_CONV_PROMPT_MASK 0x0005 /* mask user input */ +\& #define SUDO_CONV_DEBUG_MSG 0x0006 /* debugging message */ \& #define SUDO_CONV_PROMPT_ECHO_OK 0x1000 /* flag: allow echo if no tty */ \& int msg_type; \& int timeout; @@ -1135,10 +1157,18 @@ freeing the reply buffer filled in to the \f(CW\*(C`struct sudo_conv_reply\*(C'\ if any. .PP The printf-style function uses the same underlying mechanism as the -conversation function but only supports \f(CW\*(C`SUDO_CONV_INFO_MSG\*(C'\fR and -\&\f(CW\*(C`SUDO_CONV_ERROR_MSG\*(C'\fR for the \fImsg_type\fR parameter. It can be -more convenient than using the conversation function if no user -reply is needed and supports standard \fIprintf()\fR escape sequences. +conversation function but only supports \f(CW\*(C`SUDO_CONV_INFO_MSG\*(C'\fR, +\&\f(CW\*(C`SUDO_CONV_ERROR_MSG\*(C'\fR and \f(CW\*(C`SUDO_CONV_DEBUG_MSG\*(C'\fR for the \fImsg_type\fR +parameter. It can be more convenient than using the conversation +function if no user reply is needed and supports standard \fIprintf()\fR +escape sequences. +.PP +Unlike, \f(CW\*(C`SUDO_CONV_INFO_MSG\*(C'\fR and \f(CW\*(C`SUDO_CONV_ERROR_MSG\*(C'\fR, messages +sent with the <\s-1SUDO_CONV_DEBUG_MSG\s0> \fImsg_type\fR are not directly +user-visible. Instead, they are logged to the file specified in +the \f(CW\*(C`Debug\*(C'\fR statement (if any) in the \fI@sysconfdir@/sudo.conf\fR +file. This allows a plugin to log debugging information and is +intended to be used in conjunction with the \fIdebug_flags\fR setting. .PP See the sample plugin for an example of the conversation function usage. .SS "Sudoers Group Plugin \s-1API\s0" diff --git a/doc/sudoers.cat b/doc/sudoers.cat index 245975817..043e301da 100644 --- a/doc/sudoers.cat +++ b/doc/sudoers.cat @@ -65,10 +65,11 @@ DDEESSCCRRIIPPTTIIOONN distinct ways _s_u_d_o_e_r_s can deal with environment variables. By default, the _e_n_v___r_e_s_e_t option is enabled. This causes commands to - be executed with a minimal environment containing TERM, PATH, HOME, - MAIL, SHELL, LOGNAME, USER and USERNAME in addition to variables from - the invoking process permitted by the _e_n_v___c_h_e_c_k and _e_n_v___k_e_e_p options. - This is effectively a whitelist for environment variables. + be executed with a minimal environment containing the TERM, PATH, HOME, + MAIL, SHELL, LOGNAME, USER, USERNAME and SUDO_* variables in addition + to variables from the invoking process permitted by the _e_n_v___c_h_e_c_k and + _e_n_v___k_e_e_p options. This is effectively a whitelist for environment + variables. If, however, the _e_n_v___r_e_s_e_t option is disabled, any variables not explicitly denied by the _e_n_v___c_h_e_c_k and _e_n_v___d_e_l_e_t_e options are inherited @@ -97,6 +98,9 @@ DDEESSCCRRIIPPTTIIOONN On Linux and AIX systems the contents of _/_e_t_c_/_e_n_v_i_r_o_n_m_e_n_t are also included. All other environment variables are removed. + Lastly, if the _e_n_v___f_i_l_e option is defined, any variables present in + that file will be set to their specified values. + SSUUDDOOEERRSS FFIILLEE FFOORRMMAATT The _s_u_d_o_e_r_s file is composed of two types of entries: aliases (basically variables) and user specifications (which specify who may @@ -560,8 +564,16 @@ SSUUDDOOEERRSS FFIILLEE FFOORRMMAATT A hard limit of 128 nested include files is enforced to prevent include file loops. - The file name may include the %h escape, signifying the short form of - the host name. I.e., if the machine's host name is "xerxes", then + If the path to the include file is not fully-qualified (does not begin + with a _/), it must be located in the same directory as the sudoers file + it was included from. For example, if _/_e_t_c_/_s_u_d_o_e_r_s contains the line: + + #include sudoers.local + + the file that will be included is _/_e_t_c_/_s_u_d_o_e_r_s_._l_o_c_a_l. + + The file name may also include the %h escape, signifying the short form + of the host name. I.e., if the machine's host name is "xerxes", then #include /etc/sudoers.%h @@ -662,15 +674,18 @@ SSUUDDOOEERRSS OOPPTTIIOONNSS use the EDITOR or VISUAL if they match a value specified in editor. This flag is _o_f_f by default. - env_reset If set, ssuuddoo will reset the environment to only contain - the LOGNAME, MAIL, SHELL, USER, USERNAME and the SUDO_* - variables. Any variables in the caller's environment - that match the env_keep and env_check lists are then - added. The default contents of the env_keep and - env_check lists are displayed when ssuuddoo is run by root - with the _-_V option. If the _s_e_c_u_r_e___p_a_t_h option is set, - its value will be used for the PATH environment - variable. This flag is _o_n by default. + env_reset If set, ssuuddoo will run the command in a minimal + environment containing the TERM, PATH, HOME, MAIL, + SHELL, LOGNAME, USER, USERNAME and SUDO_* variables. + Any variables in the caller's environment that match + the env_keep and env_check lists are then added, + followed by any variables present in the file specified + by the _e_n_v___f_i_l_e option (if any). The default contents + of the env_keep and env_check lists are displayed when + ssuuddoo is run by root with the _-_V option. If the + _s_e_c_u_r_e___p_a_t_h option is set, its value will be used for + the PATH environment variable. This flag is _o_n by + default. fast_glob Normally, ssuuddoo uses the _g_l_o_b(3) function to do shell- style globbing when matching path names. However, @@ -1087,9 +1102,9 @@ SSUUDDOOEERRSS OOPPTTIIOONNSS %h will expand to the host name of the machine. Default is *** SECURITY information for %h ***. - noexec_file This option is deprecated and will be removed in a - future release of ssuuddoo. The path to the noexec file - should now be set in the _/_e_t_c_/_s_u_d_o_._c_o_n_f file. + noexec_file This option is no longer supported. The path to the + noexec file should now be set in the _/_e_t_c_/_s_u_d_o_._c_o_n_f + file. passprompt The default prompt to use when asking for a password; can be overridden via the --pp option or the SUDO_PROMPT @@ -1158,8 +1173,8 @@ SSUUDDOOEERRSS OOPPTTIIOONNSS SSttrriinnggss tthhaatt ccaann bbee uusseedd iinn aa bboooolleeaann ccoonntteexxtt: - env_file The _e_n_v___f_i_l_e options specifies the fully qualified path to - a file containing variables to be set in the environment of + env_file The _e_n_v___f_i_l_e option specifies the fully qualified path to a + file containing variables to be set in the environment of the program being run. Entries in this file should either be of the form VARIABLE=value or export VARIABLE=value. The value may optionally be surrounded by single or double @@ -1683,4 +1698,4 @@ DDIISSCCLLAAIIMMEERR -1.8.3 September 16, 2011 SUDOERS(4) +1.8.4 January 6, 2012 SUDOERS(4) diff --git a/doc/sudoers.ldap.cat b/doc/sudoers.ldap.cat index 2b5e85459..fcbc56a03 100644 --- a/doc/sudoers.ldap.cat +++ b/doc/sudoers.ldap.cat @@ -71,8 +71,9 @@ DDEESSCCRRIIPPTTIIOONN following attributes: ssuuddooUUsseerr - A user name, uid (prefixed with '#'), Unix group (prefixed with a - '%') or user netgroup (prefixed with a '+'). + A user name, user ID (prefixed with '#'), Unix group (prefixed with + '%'), Unix group ID (prefixed with '%#'), or user netgroup + (prefixed with '+'). ssuuddooHHoosstt A host name, IP address, IP network, or host netgroup (prefixed @@ -746,4 +747,4 @@ DDIISSCCLLAAIIMMEERR -1.8.3 September 16, 2011 SUDOERS.LDAP(4) +1.8.4 January 6, 2012 SUDOERS.LDAP(4) diff --git a/doc/sudoers.ldap.man.in b/doc/sudoers.ldap.man.in index 7732d38be..b7d38c278 100644 --- a/doc/sudoers.ldap.man.in +++ b/doc/sudoers.ldap.man.in @@ -140,7 +140,7 @@ .\" ======================================================================== .\" .IX Title "SUDOERS.LDAP @mansectform@" -.TH SUDOERS.LDAP @mansectform@ "September 16, 2011" "1.8.3" "MAINTENANCE COMMANDS" +.TH SUDOERS.LDAP @mansectform@ "January 6, 2012" "1.8.4" "MAINTENANCE COMMANDS" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -216,8 +216,9 @@ The equivalent of a sudoer in \s-1LDAP\s0 is a \f(CW\*(C`sudoRole\*(C'\fR. It c the following attributes: .IP "\fBsudoUser\fR" 4 .IX Item "sudoUser" -A user name, uid (prefixed with \f(CW\*(Aq#\*(Aq\fR), Unix group (prefixed with -a \f(CW\*(Aq%\*(Aq\fR) or user netgroup (prefixed with a \f(CW\*(Aq+\*(Aq\fR). +A user name, user \s-1ID\s0 (prefixed with \f(CW\*(Aq#\*(Aq\fR), Unix group (prefixed with +\&\f(CW\*(Aq%\*(Aq\fR), Unix group \s-1ID\s0 (prefixed with \f(CW\*(Aq%#\*(Aq\fR), or user netgroup +(prefixed with \f(CW\*(Aq+\*(Aq\fR). .IP "\fBsudoHost\fR" 4 .IX Item "sudoHost" A host name, \s-1IP\s0 address, \s-1IP\s0 network, or host netgroup (prefixed diff --git a/doc/sudoers.man.in b/doc/sudoers.man.in index 59e9a31fb..f6e7b88d3 100644 --- a/doc/sudoers.man.in +++ b/doc/sudoers.man.in @@ -148,7 +148,7 @@ .\" ======================================================================== .\" .IX Title "SUDOERS @mansectform@" -.TH SUDOERS @mansectform@ "September 16, 2011" "1.8.3" "MAINTENANCE COMMANDS" +.TH SUDOERS @mansectform@ "January 6, 2012" "1.8.4" "MAINTENANCE COMMANDS" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -218,11 +218,11 @@ environment are inherited by the command to be run. There are two distinct ways \fIsudoers\fR can deal with environment variables. .PP By default, the \fIenv_reset\fR option is enabled. This causes commands -to be executed with a minimal environment containing \f(CW\*(C`TERM\*(C'\fR, -\&\f(CW\*(C`PATH\*(C'\fR, \f(CW\*(C`HOME\*(C'\fR, \f(CW\*(C`MAIL\*(C'\fR, \f(CW\*(C`SHELL\*(C'\fR, \f(CW\*(C`LOGNAME\*(C'\fR, \f(CW\*(C`USER\*(C'\fR and \f(CW\*(C`USERNAME\*(C'\fR in -addition to variables from the invoking process permitted by the -\&\fIenv_check\fR and \fIenv_keep\fR options. This is effectively a whitelist -for environment variables. +to be executed with a minimal environment containing the \f(CW\*(C`TERM\*(C'\fR, +\&\f(CW\*(C`PATH\*(C'\fR, \f(CW\*(C`HOME\*(C'\fR, \f(CW\*(C`MAIL\*(C'\fR, \f(CW\*(C`SHELL\*(C'\fR, \f(CW\*(C`LOGNAME\*(C'\fR, \f(CW\*(C`USER\*(C'\fR, \f(CW\*(C`USERNAME\*(C'\fR +and \f(CW\*(C`SUDO_*\*(C'\fR variables in addition to variables from the +invoking process permitted by the \fIenv_check\fR and \fIenv_keep\fR +options. This is effectively a whitelist for environment variables. .PP If, however, the \fIenv_reset\fR option is disabled, any variables not explicitly denied by the \fIenv_check\fR and \fIenv_delete\fR options are @@ -251,6 +251,9 @@ variables remain unchanged; \fI\s-1HOME\s0\fR, \fI\s-1MAIL\s0\fR, \fI\s-1SHELL\s and \fI\s-1LOGNAME\s0\fR are set based on the target user. On Linux and \s-1AIX\s0 systems the contents of \fI/etc/environment\fR are also included. All other environment variables are removed. +.PP +Lastly, if the \fIenv_file\fR option is defined, any variables present +in that file will be set to their specified values. .SH "SUDOERS FILE FORMAT" .IX Header "SUDOERS FILE FORMAT" The \fIsudoers\fR file is composed of two types of entries: aliases @@ -805,7 +808,18 @@ Upon reaching the end of \fI/etc/sudoers.local\fR, the rest of themselves include other files. A hard limit of 128 nested include files is enforced to prevent include file loops. .PP -The file name may include the \f(CW%h\fR escape, signifying the short form +If the path to the include file is not fully-qualified (does not +begin with a \fI/\fR), it must be located in the same directory as the +sudoers file it was included from. For example, if \fI/etc/sudoers\fR +contains the line: +.Sp +.RS 4 +\&\f(CW\*(C`#include sudoers.local\*(C'\fR +.RE +.PP +the file that will be included is \fI/etc/sudoers.local\fR. +.PP +The file name may also include the \f(CW%h\fR escape, signifying the short form of the host name. I.e., if the machine's host name is \*(L"xerxes\*(R", then .PP \&\f(CW\*(C`#include /etc/sudoers.%h\*(C'\fR @@ -910,14 +924,17 @@ they match a value specified in \f(CW\*(C`editor\*(C'\fR. This flag is \fI@env_ default. .IP "env_reset" 16 .IX Item "env_reset" -If set, \fBsudo\fR will reset the environment to only contain the -\&\s-1LOGNAME\s0, \s-1MAIL\s0, \s-1SHELL\s0, \s-1USER\s0, \s-1USERNAME\s0 and the \f(CW\*(C`SUDO_*\*(C'\fR variables. Any +If set, \fBsudo\fR will run the command in a minimal environment +containing the \f(CW\*(C`TERM\*(C'\fR, \f(CW\*(C`PATH\*(C'\fR, \f(CW\*(C`HOME\*(C'\fR, \f(CW\*(C`MAIL\*(C'\fR, \f(CW\*(C`SHELL\*(C'\fR, +\&\f(CW\*(C`LOGNAME\*(C'\fR, \f(CW\*(C`USER\*(C'\fR, \f(CW\*(C`USERNAME\*(C'\fR and \f(CW\*(C`SUDO_*\*(C'\fR variables. Any variables in the caller's environment that match the \f(CW\*(C`env_keep\*(C'\fR -and \f(CW\*(C`env_check\*(C'\fR lists are then added. The default contents of the -\&\f(CW\*(C`env_keep\*(C'\fR and \f(CW\*(C`env_check\*(C'\fR lists are displayed when \fBsudo\fR is -run by root with the \fI\-V\fR option. If the \fIsecure_path\fR option -is set, its value will be used for the \f(CW\*(C`PATH\*(C'\fR environment variable. -This flag is \fI@env_reset@\fR by default. +and \f(CW\*(C`env_check\*(C'\fR lists are then added, followed by any variables +present in the file specified by the \fIenv_file\fR option (if any). +The default contents of the \f(CW\*(C`env_keep\*(C'\fR and \f(CW\*(C`env_check\*(C'\fR lists are +displayed when \fBsudo\fR is run by root with the \fI\-V\fR option. If +the \fIsecure_path\fR option is set, its value will be used for the +\&\f(CW\*(C`PATH\*(C'\fR environment variable. This flag is \fI@env_reset@\fR by +default. .IP "fast_glob" 16 .IX Item "fast_glob" Normally, \fBsudo\fR uses the \fIglob\fR\|(3) function to do shell-style @@ -1337,9 +1354,8 @@ will expand to the host name of the machine. Default is \f(CW\*(C`@mailsub@\*(C'\fR. .IP "noexec_file" 16 .IX Item "noexec_file" -This option is deprecated and will be removed in a future release -of \fBsudo\fR. The path to the noexec file should now be set in the -\&\fI@sysconfdir@/sudo.conf\fR file. +This option is no longer supported. The path to the noexec file +should now be set in the \fI@sysconfdir@/sudo.conf\fR file. .IP "passprompt" 16 .IX Item "passprompt" The default prompt to use when asking for a password; can be overridden @@ -1429,7 +1445,7 @@ This option is only available whe \fBsudo\fR is built with SELinux support. \&\fBStrings that can be used in a boolean context\fR: .IP "env_file" 12 .IX Item "env_file" -The \fIenv_file\fR options specifies the fully qualified path to a +The \fIenv_file\fR option specifies the fully qualified path to a file containing variables to be set in the environment of the program being run. Entries in this file should either be of the form \&\f(CW\*(C`VARIABLE=value\*(C'\fR or \f(CW\*(C`export VARIABLE=value\*(C'\fR. The value may diff --git a/doc/sudoreplay.cat b/doc/sudoreplay.cat index f8751eb0e..6195fda25 100644 --- a/doc/sudoreplay.cat +++ b/doc/sudoreplay.cat @@ -260,4 +260,4 @@ DDIISSCCLLAAIIMMEERR -1.8.3 September 16, 2011 SUDOREPLAY(1m) +1.8.4 January 6, 2012 SUDOREPLAY(1m) diff --git a/doc/sudoreplay.man.in b/doc/sudoreplay.man.in index fcce5ef1b..277d42e15 100644 --- a/doc/sudoreplay.man.in +++ b/doc/sudoreplay.man.in @@ -139,7 +139,7 @@ .\" ======================================================================== .\" .IX Title "SUDOREPLAY @mansectsu@" -.TH SUDOREPLAY @mansectsu@ "September 16, 2011" "1.8.3" "MAINTENANCE COMMANDS" +.TH SUDOREPLAY @mansectsu@ "January 6, 2012" "1.8.4" "MAINTENANCE COMMANDS" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff --git a/doc/visudo.cat b/doc/visudo.cat index e66435ded..7df23733e 100644 --- a/doc/visudo.cat +++ b/doc/visudo.cat @@ -119,13 +119,14 @@ SSEEEE AALLSSOO _v_i(1), _s_u_d_o_e_r_s(4), _s_u_d_o(1m), _v_i_p_w(1m) AAUUTTHHOORR - Many people have worked on _s_u_d_o over the years; this version of vviissuuddoo + Many people have worked on ssuuddoo over the years; this version of vviissuuddoo was written by: Todd Miller - See the HISTORY file in the sudo distribution or visit - http://www.sudo.ws/sudo/history.html for more details. + See the CONTRIBUTORS file in the ssuuddoo distribution + (http://www.sudo.ws/sudo/contributors.html) for a list of people who + have contributed to ssuuddoo. CCAAVVEEAATTSS There is no easy way to prevent a user from gaining a root shell if the @@ -149,4 +150,4 @@ DDIISSCCLLAAIIMMEERR -1.8.3 September 16, 2011 VISUDO(1m) +1.8.4 January 6, 2012 VISUDO(1m) diff --git a/doc/visudo.man.in b/doc/visudo.man.in index 0aaa96cf1..a8f059252 100644 --- a/doc/visudo.man.in +++ b/doc/visudo.man.in @@ -1,4 +1,4 @@ -.\" Copyright (c) 1996,1998-2005, 2007-2011 +.\" Copyright (c) 1996,1998-2005, 2007-2012 .\" Todd C. Miller .\" .\" Permission to use, copy, modify, and distribute this software for any @@ -144,7 +144,7 @@ .\" ======================================================================== .\" .IX Title "VISUDO @mansectsu@" -.TH VISUDO @mansectsu@ "September 16, 2011" "1.8.3" "MAINTENANCE COMMANDS" +.TH VISUDO @mansectsu@ "January 6, 2012" "1.8.4" "MAINTENANCE COMMANDS" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -282,15 +282,16 @@ the \fIsudoers\fR file. \&\fIvi\fR\|(1), \fIsudoers\fR\|(@mansectform@), \fIsudo\fR\|(@mansectsu@), \fIvipw\fR\|(@mansectsu@) .SH "AUTHOR" .IX Header "AUTHOR" -Many people have worked on \fIsudo\fR over the years; this version of +Many people have worked on \fBsudo\fR over the years; this version of \&\fBvisudo\fR was written by: .PP .Vb 1 \& Todd Miller .Ve .PP -See the \s-1HISTORY\s0 file in the sudo distribution or visit -http://www.sudo.ws/sudo/history.html for more details. +See the \s-1CONTRIBUTORS\s0 file in the \fBsudo\fR distribution +(http://www.sudo.ws/sudo/contributors.html) for a list of people +who have contributed to \fBsudo\fR. .SH "CAVEATS" .IX Header "CAVEATS" There is no easy way to prevent a user from gaining a root shell if -- cgit v1.2.1 From de8d6798280dd671f9c388da5a963fd857bb2114 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Sun, 5 Feb 2012 13:36:52 -0500 Subject: regen --- doc/sudo.cat | 42 +++++++++++++++++++++++++------ doc/sudo.man.in | 59 +++++++++++++++++++++++++++++++++++--------- doc/sudoers.cat | 53 +++++++++++++++++++++++++++++++++++++++- doc/sudoers.man.in | 72 ++++++++++++++++++++++++++++++++++++++++++++++++++++-- 4 files changed, 204 insertions(+), 22 deletions(-) diff --git a/doc/sudo.cat b/doc/sudo.cat index b28d97d82..b01a63d12 100644 --- a/doc/sudo.cat +++ b/doc/sudo.cat @@ -380,7 +380,7 @@ PPAATTHHSS DDEEBBUUGG FFLLAAGGSS ssuuddoo versions 1.8.4 and higher support a flexible debugging framework - that can help track down what ssuuddoo is doing internally when there is a + that can help track down what ssuuddoo is doing internally if there is a problem. A Debug line consists of the Debug keyword, followed by the name of the @@ -402,13 +402,39 @@ DDEEBBUUGG FFLLAAGGSS A future release may add support for per-plugin Debug lines and/or support for multiple debugging files for a single program. - For reference, the priorities supported by the ssuuddoo front end and - _s_u_d_o_e_r_s are: _c_r_i_t, _e_r_r, _w_a_r_n, _n_o_t_i_c_e, _d_i_a_g, _i_n_f_o, _t_r_a_c_e and _d_e_b_u_g. + The priorities used by the ssuuddoo front end, in order of decreasing + severity, are: _c_r_i_t, _e_r_r, _w_a_r_n, _n_o_t_i_c_e, _d_i_a_g, _i_n_f_o, _t_r_a_c_e and _d_e_b_u_g. + Each priority, when specified, also includes all priorities higher than + it. For example, a priority of _n_o_t_i_c_e would include debug messages + logged at _n_o_t_i_c_e and higher. - The following subsystems are defined: _m_a_i_n, _m_e_m_o_r_y, _a_r_g_s, _e_x_e_c, _p_t_y, - _u_t_m_p, _c_o_n_v, _p_c_o_m_m, _u_t_i_l, _l_i_s_t, _n_e_t_i_f, _a_u_d_i_t, _e_d_i_t, _s_e_l_i_n_u_x, _l_d_a_p, - _m_a_t_c_h, _p_a_r_s_e_r, _a_l_i_a_s, _d_e_f_a_u_l_t_s, _a_u_t_h, _e_n_v, _l_o_g_g_i_n_g, _n_s_s, _r_b_t_r_e_e, _p_e_r_m_s, - _p_l_u_g_i_n. The subsystem _a_l_l includes every subsystem. + The following subsystems are used by ssuuddoo: + + _a_l_l matches every subsystem + + _a_r_g_s command line argument processing + + _c_o_n_v user conversation + + _e_d_i_t sudoedit + + _e_x_e_c command execution + + _m_a_i_n ssuuddoo main function + + _n_e_t_i_f network interface handling + + _p_c_o_m_m communication with the plugin + + _p_l_u_g_i_n plugin configuration + + _p_t_y pseudo-tty related code + + _s_e_l_i_n_u_x SELinux-specific handling + + _u_t_i_l utility functions + + _u_t_m_p utmp handling RREETTUURRNN VVAALLUUEESS Upon successful execution of a program, the exit status from ssuuddoo will @@ -597,4 +623,4 @@ DDIISSCCLLAAIIMMEERR -1.8.4 February 3, 2012 SUDO(1m) +1.8.4 February 5, 2012 SUDO(1m) diff --git a/doc/sudo.man.in b/doc/sudo.man.in index bdd8da06a..76931336c 100644 --- a/doc/sudo.man.in +++ b/doc/sudo.man.in @@ -149,7 +149,7 @@ .\" ======================================================================== .\" .IX Title "SUDO @mansectsu@" -.TH SUDO @mansectsu@ "February 3, 2012" "1.8.4" "MAINTENANCE COMMANDS" +.TH SUDO @mansectsu@ "February 5, 2012" "1.8.4" "MAINTENANCE COMMANDS" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -583,7 +583,7 @@ Defaults to \fI@noexec_file@\fR. .IX Header "DEBUG FLAGS" \&\fBsudo\fR versions 1.8.4 and higher support a flexible debugging framework that can help track down what \fBsudo\fR is doing internally -when there is a problem. +if there is a problem. .PP A \f(CW\*(C`Debug\*(C'\fR line consists of the \f(CW\*(C`Debug\*(C'\fR keyword, followed by the name of the program to debug (\fBsudo\fR, \fBvisudo\fR, \fBsudoreplay\fR), @@ -607,15 +607,52 @@ and the plugins. A future release may add support for per-plugin \&\f(CW\*(C`Debug\*(C'\fR lines and/or support for multiple debugging files for a single program. .PP -For reference, the priorities supported by the \fBsudo\fR front end and -\&\fIsudoers\fR are: \fIcrit\fR, \fIerr\fR, \fIwarn\fR, \fInotice\fR, \fIdiag\fR, -\&\fIinfo\fR, \fItrace\fR and \fIdebug\fR. -.PP -The following subsystems are defined: \fImain\fR, \fImemory\fR, \fIargs\fR, -\&\fIexec\fR, \fIpty\fR, \fIutmp\fR, \fIconv\fR, \fIpcomm\fR, \fIutil\fR, \fIlist\fR, -\&\fInetif\fR, \fIaudit\fR, \fIedit\fR, \fIselinux\fR, \fIldap\fR, \fImatch\fR, \fIparser\fR, -\&\fIalias\fR, \fIdefaults\fR, \fIauth\fR, \fIenv\fR, \fIlogging\fR, \fInss\fR, \fIrbtree\fR, -\&\fIperms\fR, \fIplugin\fR. The subsystem \fIall\fR includes every subsystem. +The priorities used by the \fBsudo\fR front end, in order of decreasing +severity, are: \fIcrit\fR, \fIerr\fR, \fIwarn\fR, \fInotice\fR, \fIdiag\fR, \fIinfo\fR, +\&\fItrace\fR and \fIdebug\fR. Each priority, when specified, also includes +all priorities higher than it. For example, a priority of \fInotice\fR +would include debug messages logged at \fInotice\fR and higher. +.PP +The following subsystems are used by \fBsudo\fR: +.IP "\fIall\fR" 10 +.IX Item "all" +matches every subsystem +.IP "\fIargs\fR" 10 +.IX Item "args" +command line argument processing +.IP "\fIconv\fR" 10 +.IX Item "conv" +user conversation +.IP "\fIedit\fR" 10 +.IX Item "edit" +sudoedit +.IP "\fIexec\fR" 10 +.IX Item "exec" +command execution +.IP "\fImain\fR" 10 +.IX Item "main" +\&\fBsudo\fR main function +.IP "\fInetif\fR" 10 +.IX Item "netif" +network interface handling +.IP "\fIpcomm\fR" 10 +.IX Item "pcomm" +communication with the plugin +.IP "\fIplugin\fR" 10 +.IX Item "plugin" +plugin configuration +.IP "\fIpty\fR" 10 +.IX Item "pty" +pseudo-tty related code +.IP "\fIselinux\fR" 10 +.IX Item "selinux" +SELinux-specific handling +.IP "\fIutil\fR" 10 +.IX Item "util" +utility functions +.IP "\fIutmp\fR" 10 +.IX Item "utmp" +utmp handling .SH "RETURN VALUES" .IX Header "RETURN VALUES" Upon successful execution of a program, the exit status from \fBsudo\fR diff --git a/doc/sudoers.cat b/doc/sudoers.cat index 043e301da..b98c1e5af 100644 --- a/doc/sudoers.cat +++ b/doc/sudoers.cat @@ -1621,6 +1621,57 @@ PPRREEVVEENNTTIINNGG SSHHEELLLL EESSCCAAPPEESS privilege escalation. In the specific case of an editor, a safer approach is to give the user permission to run ssuuddooeeddiitt. +DDEEBBUUGG FFLLAAGGSS + Versions 1.8.4 and higher of the _s_u_d_o_e_r_s plugin supports a debugging + framework that can help track down what the plugin is doing internally + if there is a problem. This can be configured in the _/_e_t_c_/_s_u_d_o_._c_o_n_f + file as described in _s_u_d_o(1m). + + The _s_u_d_o_e_r_s plugin uses the same debug flag format as ssuuddoo itself: + _s_u_b_s_y_s_t_e_m@_p_r_i_o_r_i_t_y. + + The priorities used by _s_u_d_o_e_r_s, in order of decreasing severity, are: + _c_r_i_t, _e_r_r, _w_a_r_n, _n_o_t_i_c_e, _d_i_a_g, _i_n_f_o, _t_r_a_c_e and _d_e_b_u_g. Each priority, + when specified, also includes all priorities higher than it. For + example, a priority of _n_o_t_i_c_e would include debug messages logged at + _n_o_t_i_c_e and higher. + + The following subsystems are used by _s_u_d_o_e_r_s: + + _a_l_i_a_s User_Alias, Runas_Alias, Host_Alias and Cmnd_Alias processing + + _a_l_l matches every subsystem + + _a_u_d_i_t BSM and Linux audit code + + _a_u_t_h user authentication + + _d_e_f_a_u_l_t_s _s_u_d_o_e_r_s _D_e_f_a_u_l_t_s settings + + _e_n_v environment handling + + _l_d_a_p LDAP-based sudoers + + _l_o_g_g_i_n_g logging support + + _m_a_t_c_h matching of users, groups, hosts and netgroups in _s_u_d_o_e_r_s + + _n_e_t_i_f network interface handling + + _n_s_s network service switch handling in _s_u_d_o_e_r_s + + _p_a_r_s_e_r _s_u_d_o_e_r_s file parsing + + _p_e_r_m_s permission setting + + _p_l_u_g_i_n The equivalent of _m_a_i_n for the plugin. + + _p_t_y pseudo-tty related code + + _r_b_t_r_e_e redblack tree internals + + _u_t_i_l utility functions + SSEECCUURRIITTYY NNOOTTEESS _s_u_d_o_e_r_s will check the ownership of its time stamp directory (_/_v_a_r_/_a_d_m_/_s_u_d_o by default) and ignore the directory's contents if it is @@ -1698,4 +1749,4 @@ DDIISSCCLLAAIIMMEERR -1.8.4 January 6, 2012 SUDOERS(4) +1.8.4 February 5, 2012 SUDOERS(4) diff --git a/doc/sudoers.man.in b/doc/sudoers.man.in index f6e7b88d3..ef7ddd67c 100644 --- a/doc/sudoers.man.in +++ b/doc/sudoers.man.in @@ -1,4 +1,4 @@ -.\" Copyright (c) 1994-1996, 1998-2005, 2007-2011 +.\" Copyright (c) 1994-1996, 1998-2005, 2007-2012 .\" Todd C. Miller .\" .\" Permission to use, copy, modify, and distribute this software for any @@ -148,7 +148,7 @@ .\" ======================================================================== .\" .IX Title "SUDOERS @mansectform@" -.TH SUDOERS @mansectform@ "January 6, 2012" "1.8.4" "MAINTENANCE COMMANDS" +.TH SUDOERS @mansectform@ "February 5, 2012" "1.8.4" "MAINTENANCE COMMANDS" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -1972,6 +1972,74 @@ operations (such as changing or overwriting files) that could lead to unintended privilege escalation. In the specific case of an editor, a safer approach is to give the user permission to run \&\fBsudoedit\fR. +.SH "DEBUG FLAGS" +.IX Header "DEBUG FLAGS" +Versions 1.8.4 and higher of the \fIsudoers\fR plugin supports a +debugging framework that can help track down what the plugin is +doing internally if there is a problem. This can be configured in +the \fI@sysconfdir@/sudo.conf\fR file as described in \fIsudo\fR\|(@mansectsu@). +.PP +The \fIsudoers\fR plugin uses the same debug flag format as \fBsudo\fR +itself: \fIsubsystem\fR@\fIpriority\fR. +.PP +The priorities used by \fIsudoers\fR, in order of decreasing severity, +are: \fIcrit\fR, \fIerr\fR, \fIwarn\fR, \fInotice\fR, \fIdiag\fR, \fIinfo\fR, \fItrace\fR +and \fIdebug\fR. Each priority, when specified, also includes all +priorities higher than it. For example, a priority of \fInotice\fR +would include debug messages logged at \fInotice\fR and higher. +.PP +The following subsystems are used by \fIsudoers\fR: +.IP "\fIalias\fR" 10 +.IX Item "alias" +\&\f(CW\*(C`User_Alias\*(C'\fR, \f(CW\*(C`Runas_Alias\*(C'\fR, \f(CW\*(C`Host_Alias\*(C'\fR and \f(CW\*(C`Cmnd_Alias\*(C'\fR processing +.IP "\fIall\fR" 10 +.IX Item "all" +matches every subsystem +.IP "\fIaudit\fR" 10 +.IX Item "audit" +\&\s-1BSM\s0 and Linux audit code +.IP "\fIauth\fR" 10 +.IX Item "auth" +user authentication +.IP "\fIdefaults\fR" 10 +.IX Item "defaults" +\&\fIsudoers\fR \fIDefaults\fR settings +.IP "\fIenv\fR" 10 +.IX Item "env" +environment handling +.IP "\fIldap\fR" 10 +.IX Item "ldap" +LDAP-based sudoers +.IP "\fIlogging\fR" 10 +.IX Item "logging" +logging support +.IP "\fImatch\fR" 10 +.IX Item "match" +matching of users, groups, hosts and netgroups in \fIsudoers\fR +.IP "\fInetif\fR" 10 +.IX Item "netif" +network interface handling +.IP "\fInss\fR" 10 +.IX Item "nss" +network service switch handling in \fIsudoers\fR +.IP "\fIparser\fR" 10 +.IX Item "parser" +\&\fIsudoers\fR file parsing +.IP "\fIperms\fR" 10 +.IX Item "perms" +permission setting +.IP "\fIplugin\fR" 10 +.IX Item "plugin" +The equivalent of \fImain\fR for the plugin. +.IP "\fIpty\fR" 10 +.IX Item "pty" +pseudo-tty related code +.IP "\fIrbtree\fR" 10 +.IX Item "rbtree" +redblack tree internals +.IP "\fIutil\fR" 10 +.IX Item "util" +utility functions .SH "SECURITY NOTES" .IX Header "SECURITY NOTES" \&\fIsudoers\fR will check the ownership of its time stamp directory -- cgit v1.2.1 From a2bcb3446f78953a37a8a07eb11417d5b3871d55 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Mon, 6 Feb 2012 15:48:19 -0500 Subject: fix version in .pot files --- plugins/sudoers/po/sudoers.pot | 4 ++-- src/po/sudo.pot | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/plugins/sudoers/po/sudoers.pot b/plugins/sudoers/po/sudoers.pot index 026403314..8c4af90ab 100644 --- a/plugins/sudoers/po/sudoers.pot +++ b/plugins/sudoers/po/sudoers.pot @@ -5,9 +5,9 @@ #, fuzzy msgid "" msgstr "" -"Project-Id-Version: sudo 1.8.4rc1\n" +"Project-Id-Version: sudo 1.8.4\n" "Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n" -"POT-Creation-Date: 2012-02-06 13:41-0500\n" +"POT-Creation-Date: 2012-02-06 15:48-0500\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" diff --git a/src/po/sudo.pot b/src/po/sudo.pot index 85afff6f3..c9bfb09be 100644 --- a/src/po/sudo.pot +++ b/src/po/sudo.pot @@ -5,9 +5,9 @@ #, fuzzy msgid "" msgstr "" -"Project-Id-Version: sudo 1.8.4rc1\n" +"Project-Id-Version: sudo 1.8.4\n" "Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n" -"POT-Creation-Date: 2012-02-06 13:41-0500\n" +"POT-Creation-Date: 2012-02-06 15:48-0500\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" -- cgit v1.2.1 From 205db7664a0736bedb3bcbf66299c61bbd4ad3fd Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Fri, 10 Feb 2012 12:59:43 -0500 Subject: Move macos section to be with the other OS-specific sections. --- sudo.pp | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/sudo.pp b/sudo.pp index 2dc508157..b89e24531 100644 --- a/sudo.pp +++ b/sudo.pp @@ -176,6 +176,13 @@ still allow people to get their work done." EOF %endif +%if [macos] + pp_macos_bundle_id=ws.sudo.pkg.sudo + pp_macos_pkg_license=doc/LICENSE + pp_macos_pkg_readme=${pp_wrkdir}/ReadMe.txt + perl -pe 'last if (/^What/i && $seen++)' NEWS > ${pp_wrkdir}/ReadMe.txt +%endif + # OS-level directories that should generally exist but might not. extradirs=`echo ${pp_destdir}/${mandir}/[mc]* | sed "s#${pp_destdir}/##g"` extradirs="$extradirs `dirname $docdir` `dirname $timedir`" @@ -188,13 +195,6 @@ still allow people to get their work done." done osdirs=`echo $osdirs | tr " " "\n" | sort -u` -%if [macos] - pp_macos_bundle_id=ws.sudo.pkg.sudo - pp_macos_pkg_license=doc/LICENSE - pp_macos_pkg_readme=${pp_wrkdir}/ReadMe.txt - perl -pe 'last if (/^What/i && $seen++)' NEWS > ${pp_wrkdir}/ReadMe.txt -%endif - %files $osdirs - $bindir/sudo 4111 root: -- cgit v1.2.1 -- cgit v1.2.1 From c443f4190d755752fe895c6334048d0fc12e8000 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Tue, 21 Feb 2012 05:18:17 -0500 Subject: bump version to 1.8.4p1 --- configure | 18 +++++++++--------- configure.in | 2 +- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/configure b/configure index 5cada108e..c6cb23636 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.68 for sudo 1.8.4. +# Generated by GNU Autoconf 2.68 for sudo 1.8.4p1. # # Report bugs to . # @@ -570,8 +570,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='sudo' PACKAGE_TARNAME='sudo' -PACKAGE_VERSION='1.8.4' -PACKAGE_STRING='sudo 1.8.4' +PACKAGE_VERSION='1.8.4p1' +PACKAGE_STRING='sudo 1.8.4p1' PACKAGE_BUGREPORT='http://www.sudo.ws/bugs/' PACKAGE_URL='' @@ -1447,7 +1447,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures sudo 1.8.4 to adapt to many kinds of systems. +\`configure' configures sudo 1.8.4p1 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1512,7 +1512,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of sudo 1.8.4:";; + short | recursive ) echo "Configuration of sudo 1.8.4p1:";; esac cat <<\_ACEOF @@ -1730,7 +1730,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -sudo configure 1.8.4 +sudo configure 1.8.4p1 generated by GNU Autoconf 2.68 Copyright (C) 2010 Free Software Foundation, Inc. @@ -2434,7 +2434,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by sudo $as_me 1.8.4, which was +It was created by sudo $as_me 1.8.4p1, which was generated by GNU Autoconf 2.68. Invocation command line was $ $0 $@ @@ -20506,7 +20506,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by sudo $as_me 1.8.4, which was +This file was extended by sudo $as_me 1.8.4p1, which was generated by GNU Autoconf 2.68. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -20572,7 +20572,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -sudo config.status 1.8.4 +sudo config.status 1.8.4p1 configured by $0, generated by GNU Autoconf 2.68, with options \\"\$ac_cs_config\\" diff --git a/configure.in b/configure.in index ff781451f..8dea8ad09 100644 --- a/configure.in +++ b/configure.in @@ -3,7 +3,7 @@ dnl Process this file with GNU autoconf to produce a configure script. dnl dnl Copyright (c) 1994-1996,1998-2012 Todd C. Miller dnl -AC_INIT([sudo], [1.8.4], [http://www.sudo.ws/bugs/], [sudo]) +AC_INIT([sudo], [1.8.4p1], [http://www.sudo.ws/bugs/], [sudo]) AC_CONFIG_HEADER([config.h pathnames.h]) dnl dnl Note: this must come after AC_INIT -- cgit v1.2.1 From d0f7ad6c1263ec78741043c594ea7184c18154f3 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Tue, 21 Feb 2012 05:25:26 -0500 Subject: List 1.8.4p1 --- NEWS | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/NEWS b/NEWS index 6f139299c..3cbd73386 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,9 @@ +What's new in Sudo 1.8.4p1? + + * Fixed a bug introduced in sudo 1.8.4 that broke adding to or + deleting from the env_keep, env_check and env_delete lists in + sudoers on some platforms. + What's new in Sudo 1.8.4? * The -D flag in sudo has been replaced with a more general debugging -- cgit v1.2.1 -- cgit v1.2.1 From 0933dbe52f9b9522775cd184cb91e91ebd6a7963 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Fri, 24 Feb 2012 13:40:39 -0500 Subject: Target Mac OS X 10.5 when building packages. --- mkpkg | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/mkpkg b/mkpkg index 757ce2e49..c1ea8ed3c 100755 --- a/mkpkg +++ b/mkpkg @@ -227,9 +227,11 @@ case "$osversion" in $configure_opts" ;; macos*) - # Build universal binaries, curently intel-only - export CFLAGS="-O2 -g -arch i386 -arch x86_64" - export LDFLAGS="-arch i386 -arch x86_64" + # Build universal binaries (intel-only) targetting Mac OS X 10.5 + ARCH_FLAGS="-arch i386 -arch x86_64" + SDK_FLAGS="-isysroot /Developer/SDKs/MacOSX10.5.sdk -mmacosx-version-min=10.5" + export CFLAGS="-O2 -g $ARCH_FLAGS $SDK_FLAGS" + export LDFLAGS="$ARCH_FLAGS $SDK_FLAGS" # Note, must indent with tabs, not spaces due to IFS trickery configure_opts="--prefix=$prefix --with-pam -- cgit v1.2.1 From d2c59a76cd05de5b14a58697f6cd8c1ffecb70e1 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Fri, 24 Feb 2012 14:32:57 -0500 Subject: Add entry for AIX enhanced RBAC config. --- doc/TROUBLESHOOTING | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/doc/TROUBLESHOOTING b/doc/TROUBLESHOOTING index 7ff528424..f12d6d954 100644 --- a/doc/TROUBLESHOOTING +++ b/doc/TROUBLESHOOTING @@ -202,6 +202,17 @@ A) ssh does not allocate a tty by default when running a remote command. Alternately, if you do not mind your password being echoed to the screen, you can use the "visiblepw" sudoers option to allow this. +Q) When I run sudo on AIX I get the following error: + setuidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, ROOT_UID): Operation not permitted. +A) AIX's Enhanced RBAC is preventing sudo from running. To fix + this, add the following entry to /etc/security/privcmds (adjust + the path to sudo as needed) and run the setkst command as root: + + /usr/local/bin/sudo: + accessauths = ALLOW_ALL + innateprivs = PV_DAC_UID,PV_DAC_GID + secflags = FSF_EPS + Q) How do you pronounce `sudo'? A) The official pronunciation is soo-doo (for su "do"). However, an alternate pronunciation, a homophone of "pseudo", is also common. -- cgit v1.2.1 From 50fa3e1f6922b04d9339d7b0156f290ba01cd6ef Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Fri, 24 Feb 2012 15:17:48 -0500 Subject: When adding gids to the LDAP filter, only add the primary gid once. This is consistent with the space computation/allocation. From Eric Lakin --- plugins/sudoers/ldap.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/plugins/sudoers/ldap.c b/plugins/sudoers/ldap.c index 04afd87bb..a46ba1519 100644 --- a/plugins/sudoers/ldap.c +++ b/plugins/sudoers/ldap.c @@ -1166,6 +1166,8 @@ sudo_ldap_build_pass1(struct passwd *pw) (void) strlcat(buf, ")", sz); } for (i = 0; i < grlist->ngids; i++) { + if (pw->pw_gid == grlist->gids[i]) + continue; (void) snprintf(gidbuf, sizeof(gidbuf), "%u", (unsigned int)grlist->gids[i]); (void) strlcat(buf, "(sudoUser=%#", sz); -- cgit v1.2.1 From 1208e77834f1bc65c2ed8244ef0bd05f3940fd36 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Mon, 27 Feb 2012 13:28:15 -0500 Subject: We need sysconfdir in compat/Makfile to get the proper sudo.conf path. Add standard prefix and foodir expansion in all Makefiles to avoid this problem in the future. --- common/Makefile.in | 10 ++++++++++ compat/Makefile.in | 10 ++++++++++ doc/Makefile.in | 5 +++++ include/Makefile.in | 5 +++++ 4 files changed, 30 insertions(+) diff --git a/common/Makefile.in b/common/Makefile.in index 245616c66..7dd7c9d11 100644 --- a/common/Makefile.in +++ b/common/Makefile.in @@ -25,6 +25,16 @@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ incdir = $(top_srcdir)/include +# Where to install things... +prefix = @prefix@ +exec_prefix = @exec_prefix@ +bindir = @bindir@ +sbindir = @sbindir@ +sysconfdir = @sysconfdir@ +libexecdir = @libexecdir@ +datarootdir = @datarootdir@ +localstatedir = @localstatedir@ + # Compiler & tools to use CC = @CC@ LIBTOOL = @LIBTOOL@ diff --git a/compat/Makefile.in b/compat/Makefile.in index 0ea91e4a0..6b6630e67 100644 --- a/compat/Makefile.in +++ b/compat/Makefile.in @@ -25,6 +25,16 @@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ incdir = $(top_srcdir)/include +# Where to install things... +prefix = @prefix@ +exec_prefix = @exec_prefix@ +bindir = @bindir@ +sbindir = @sbindir@ +sysconfdir = @sysconfdir@ +libexecdir = @libexecdir@ +datarootdir = @datarootdir@ +localstatedir = @localstatedir@ + # Compiler & tools to use CC = @CC@ LIBTOOL = @LIBTOOL@ diff --git a/doc/Makefile.in b/doc/Makefile.in index 3b99698cb..e334fba2c 100644 --- a/doc/Makefile.in +++ b/doc/Makefile.in @@ -32,6 +32,11 @@ INSTALL = $(SHELL) $(top_srcdir)/install-sh -c # Where to install things... prefix = @prefix@ +exec_prefix = @exec_prefix@ +bindir = @bindir@ +sbindir = @sbindir@ +sysconfdir = @sysconfdir@ +libexecdir = @libexecdir@ datarootdir = @datarootdir@ localstatedir = @localstatedir@ mandir = @mandir@ diff --git a/include/Makefile.in b/include/Makefile.in index c57657652..9dbe4c462 100644 --- a/include/Makefile.in +++ b/include/Makefile.in @@ -29,6 +29,11 @@ INSTALL = $(SHELL) $(top_srcdir)/install-sh -c # Where to install things... prefix = @prefix@ +exec_prefix = @exec_prefix@ +bindir = @bindir@ +sbindir = @sbindir@ +sysconfdir = @sysconfdir@ +libexecdir = @libexecdir@ datarootdir = @datarootdir@ localstatedir = @localstatedir@ -- cgit v1.2.1 From c612e5babfc72b927d112b21ac1c12a1f7da2604 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Mon, 27 Feb 2012 14:46:11 -0500 Subject: Fix typo in safe_close() made while converting to debug framework that prevented it from actually closing anything. --- src/exec_pty.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/exec_pty.c b/src/exec_pty.c index 3175813be..d40408c0f 100644 --- a/src/exec_pty.c +++ b/src/exec_pty.c @@ -1251,5 +1251,5 @@ safe_close(int fd) errno = EINVAL; return -1; } - debug_return_int(fd); + debug_return_int(close(fd)); } -- cgit v1.2.1 From 0d465affb512dfe9539ae361207611584616bf19 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Mon, 27 Feb 2012 14:58:08 -0500 Subject: bump version to 1.8.4p2 --- NEWS | 11 +++++++++++ configure | 18 +++++++++--------- configure.in | 2 +- 3 files changed, 21 insertions(+), 10 deletions(-) diff --git a/NEWS b/NEWS index 3cbd73386..703d95869 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,14 @@ +What's new in Sudo 1.8.4p2? + + * Fixed a bug introduced in Sudo 1.8.4 where insufficient space + was allocated for group IDs in the LDAP filter. + + * Fixed a bug introduced in Sudo 1.8.4 where the path to sudo.conf + was "/sudo.conf" instead of "/etc/sudo.conf". + + * Fixed a bug introduced in Sudo 1.8.4 which could cause a hang + when I/O logging is enabled and input is from a pipe or file. + What's new in Sudo 1.8.4p1? * Fixed a bug introduced in sudo 1.8.4 that broke adding to or diff --git a/configure b/configure index c6cb23636..8bcd20723 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.68 for sudo 1.8.4p1. +# Generated by GNU Autoconf 2.68 for sudo 1.8.4p2. # # Report bugs to . # @@ -570,8 +570,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='sudo' PACKAGE_TARNAME='sudo' -PACKAGE_VERSION='1.8.4p1' -PACKAGE_STRING='sudo 1.8.4p1' +PACKAGE_VERSION='1.8.4p2' +PACKAGE_STRING='sudo 1.8.4p2' PACKAGE_BUGREPORT='http://www.sudo.ws/bugs/' PACKAGE_URL='' @@ -1447,7 +1447,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures sudo 1.8.4p1 to adapt to many kinds of systems. +\`configure' configures sudo 1.8.4p2 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1512,7 +1512,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of sudo 1.8.4p1:";; + short | recursive ) echo "Configuration of sudo 1.8.4p2:";; esac cat <<\_ACEOF @@ -1730,7 +1730,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -sudo configure 1.8.4p1 +sudo configure 1.8.4p2 generated by GNU Autoconf 2.68 Copyright (C) 2010 Free Software Foundation, Inc. @@ -2434,7 +2434,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by sudo $as_me 1.8.4p1, which was +It was created by sudo $as_me 1.8.4p2, which was generated by GNU Autoconf 2.68. Invocation command line was $ $0 $@ @@ -20506,7 +20506,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by sudo $as_me 1.8.4p1, which was +This file was extended by sudo $as_me 1.8.4p2, which was generated by GNU Autoconf 2.68. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -20572,7 +20572,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -sudo config.status 1.8.4p1 +sudo config.status 1.8.4p2 configured by $0, generated by GNU Autoconf 2.68, with options \\"\$ac_cs_config\\" diff --git a/configure.in b/configure.in index 8dea8ad09..f3dd6b9e3 100644 --- a/configure.in +++ b/configure.in @@ -3,7 +3,7 @@ dnl Process this file with GNU autoconf to produce a configure script. dnl dnl Copyright (c) 1994-1996,1998-2012 Todd C. Miller dnl -AC_INIT([sudo], [1.8.4p1], [http://www.sudo.ws/bugs/], [sudo]) +AC_INIT([sudo], [1.8.4p2], [http://www.sudo.ws/bugs/], [sudo]) AC_CONFIG_HEADER([config.h pathnames.h]) dnl dnl Note: this must come after AC_INIT -- cgit v1.2.1 -- cgit v1.2.1 From 484559533b6bd148cb70e5f3093e7d5548efb8d8 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Tue, 28 Feb 2012 10:33:16 -0500 Subject: Prefer KERN_PROC2 over KERN_PROC. Fixes compilation on some versions of OpenBSD versions that have KERN_PROC2 but not KERN_PROC. --- config.h.in | 3 +++ configure | 23 ++++++++++++++++++++--- configure.in | 12 ++++++++---- src/ttyname.c | 29 ++++++++++++++++++++--------- 4 files changed, 51 insertions(+), 16 deletions(-) diff --git a/config.h.in b/config.h.in index bab0510c1..bef46b2a3 100644 --- a/config.h.in +++ b/config.h.in @@ -505,6 +505,9 @@ /* Define to 1 if the system has the type `struct in6_addr'. */ #undef HAVE_STRUCT_IN6_ADDR +/* Define to 1 if `p_tdev' is a member of `struct kinfo_proc2'. */ +#undef HAVE_STRUCT_KINFO_PROC2_P_TDEV + /* Define to 1 if `ki_tdev' is a member of `struct kinfo_proc'. */ #undef HAVE_STRUCT_KINFO_PROC_KI_TDEV diff --git a/configure b/configure index 8bcd20723..67950da16 100755 --- a/configure +++ b/configure @@ -16452,15 +16452,15 @@ _ACEOF else - ac_fn_c_check_member "$LINENO" "struct kinfo_proc" "kp_eproc.e_tdev" "ac_cv_member_struct_kinfo_proc_kp_eproc_e_tdev" " + ac_fn_c_check_member "$LINENO" "struct kinfo_proc2" "p_tdev" "ac_cv_member_struct_kinfo_proc2_p_tdev" " #include #include " -if test "x$ac_cv_member_struct_kinfo_proc_kp_eproc_e_tdev" = xyes; then : +if test "x$ac_cv_member_struct_kinfo_proc2_p_tdev" = xyes; then : cat >>confdefs.h <<_ACEOF -#define HAVE_STRUCT_KINFO_PROC_KP_EPROC_E_TDEV 1 +#define HAVE_STRUCT_KINFO_PROC2_P_TDEV 1 _ACEOF @@ -16478,6 +16478,23 @@ cat >>confdefs.h <<_ACEOF _ACEOF +else + + ac_fn_c_check_member "$LINENO" "struct kinfo_proc" "kp_eproc.e_tdev" "ac_cv_member_struct_kinfo_proc_kp_eproc_e_tdev" " + #include + #include + +" +if test "x$ac_cv_member_struct_kinfo_proc_kp_eproc_e_tdev" = xyes; then : + +cat >>confdefs.h <<_ACEOF +#define HAVE_STRUCT_KINFO_PROC_KP_EPROC_E_TDEV 1 +_ACEOF + + +fi + + fi diff --git a/configure.in b/configure.in index f3dd6b9e3..905af5143 100644 --- a/configure.in +++ b/configure.in @@ -2102,11 +2102,15 @@ if test "$utmp_style" = "LEGACY"; then AC_CHECK_FUNCS(getttyent ttyslot, [break]) fi -AC_CHECK_FUNCS(sysctl, [AC_CHECK_MEMBERS([struct kinfo_proc.ki_tdev], - [], +AC_CHECK_FUNCS(sysctl, [AC_CHECK_MEMBERS([struct kinfo_proc.ki_tdev], [], [ - AC_CHECK_MEMBERS([struct kinfo_proc.kp_eproc.e_tdev], [], [ - AC_CHECK_MEMBERS([struct kinfo_proc.p_tdev], [], [], [ + AC_CHECK_MEMBERS([struct kinfo_proc2.p_tdev], [], [ + AC_CHECK_MEMBERS([struct kinfo_proc.p_tdev], [], [ + AC_CHECK_MEMBERS([struct kinfo_proc.kp_eproc.e_tdev], [], [], [ + #include + #include + ]) + ], [ #include #include ]) diff --git a/src/ttyname.c b/src/ttyname.c index 1a275da8f..f8baa9716 100644 --- a/src/ttyname.c +++ b/src/ttyname.c @@ -42,7 +42,7 @@ #endif /* HAVE_UNISTD_H */ #include #include -#if defined(HAVE_STRUCT_KINFO_PROC_P_TDEV) || defined (HAVE_STRUCT_KINFO_PROC_KP_EPROC_E_TDEV) +#if defined(HAVE_STRUCT_KINFO_PROC_P_TDEV) || defined (HAVE_STRUCT_KINFO_PROC_KP_EPROC_E_TDEV) || defined(HAVE_STRUCT_KINFO_PROC2_P_TDEV) # include #elif defined(HAVE_STRUCT_KINFO_PROC_KI_TDEV) # include @@ -54,15 +54,26 @@ /* * How to access the tty device number in struct kinfo_proc. */ -#if defined(HAVE_STRUCT_KINFO_PROC_KP_EPROC_E_TDEV) -# define sudo_kp_tdev kp_eproc.e_tdev -# define sudo_kp_namelen 4 -#elif defined(HAVE_STRUCT_KINFO_PROC_KI_TDEV) -# define sudo_kp_tdev ki_tdev -# define sudo_kp_namelen 4 +#if defined(HAVE_STRUCT_KINFO_PROC2_P_TDEV) +# define SUDO_KERN_PROC KERN_PROC2 +# define sudo_kinfo_proc kinfo_proc2 +# define sudo_kp_tdev p_tdev +# define sudo_kp_namelen 6 #elif defined(HAVE_STRUCT_KINFO_PROC_P_TDEV) +# define SUDO_KERN_PROC KERN_PROC +# define sudo_kinfo_proc kinfo_proc # define sudo_kp_tdev p_tdev # define sudo_kp_namelen 6 +#elif defined(HAVE_STRUCT_KINFO_PROC_KI_TDEV) +# define SUDO_KERN_PROC KERN_PROC +# define sudo_kinfo_proc kinfo_proc +# define sudo_kp_tdev ki_tdev +# define sudo_kp_namelen 4 +#elif defined(HAVE_STRUCT_KINFO_PROC_KP_EPROC_E_TDEV) +# define SUDO_KERN_PROC KERN_PROC +# define sudo_kinfo_proc kinfo_proc +# define sudo_kp_tdev kp_eproc.e_tdev +# define sudo_kp_namelen 4 #endif #ifdef sudo_kp_tdev @@ -76,7 +87,7 @@ char * get_process_ttyname(void) { char *tty = NULL; - struct kinfo_proc *ki_proc = NULL; + struct sudo_kinfo_proc *ki_proc = NULL; size_t size = sizeof(*ki_proc); int i, mib[6], rc; debug_decl(get_process_ttyname, SUDO_DEBUG_UTIL) @@ -87,7 +98,7 @@ get_process_ttyname(void) */ for (i = 0; tty == NULL && i < 2; i++) { mib[0] = CTL_KERN; - mib[1] = KERN_PROC; + mib[1] = SUDO_KERN_PROC; mib[2] = KERN_PROC_PID; mib[3] = i ? (int)getppid() : (int)getpid(); mib[4] = sizeof(*ki_proc); -- cgit v1.2.1 From 0e3b844ba47b494cd73859525fcd149677606074 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Tue, 28 Feb 2012 14:16:39 -0500 Subject: Check the owner and mode in -c (check) mode unless the -f option is specified. Previously, the owner and mode were checked on the main sudoers file when the -s (strict) option was given, but this was not documented. --- doc/visudo.pod | 8 +++--- plugins/sudoers/visudo.c | 71 ++++++++++++++++++++++++++++++------------------ 2 files changed, 48 insertions(+), 31 deletions(-) diff --git a/doc/visudo.pod b/doc/visudo.pod index 27cb2eb7e..c3e9ba74b 100644 --- a/doc/visudo.pod +++ b/doc/visudo.pod @@ -70,10 +70,10 @@ B accepts the following command line options: =item -c Enable B mode. The existing I file will be -checked for syntax and a message will be printed to the -standard output detailing the status of I. -If the syntax check completes successfully, B will -exit with a value of 0. If a syntax error is encountered, +checked for syntax errors, owner and mode. A message will be printed +to the standard output describing the status of I unless +the B<-q> option was specified. If the check completes successfully, +B will exit with a value of 0. If an error is encountered, B will exit with a value of 1. =item -f I diff --git a/plugins/sudoers/visudo.c b/plugins/sudoers/visudo.c index 2a45e5f73..72cd5bfd9 100644 --- a/plugins/sudoers/visudo.c +++ b/plugins/sudoers/visudo.c @@ -105,7 +105,7 @@ static char *get_editor(char **); static void get_hostname(void); static int whatnow(void); static int check_aliases(bool, bool); -static bool check_syntax(char *, bool, bool); +static bool check_syntax(char *, bool, bool, bool); static bool edit_sudoers(struct sudoersfile *, char *, char *, int); static bool install_sudoers(struct sudoersfile *, bool); static int print_unused(void *, void *); @@ -225,7 +225,7 @@ main(int argc, char *argv[]) init_defaults(); if (checkonly) { - exitcode = check_syntax(sudoers_path, quiet, strict) ? 0 : 1; + exitcode = check_syntax(sudoers_path, quiet, strict, oldperms) ? 0 : 1; goto done; } @@ -776,9 +776,35 @@ run_command(char *path, char **argv) } static bool -check_syntax(char *sudoers_path, bool quiet, bool strict) +check_owner(const char *path, bool quiet) { struct stat sb; + bool ok = true; + debug_decl(check_owner, SUDO_DEBUG_UTIL) + + if (stat(path, &sb) == 0) { + if (sb.st_uid != SUDOERS_UID || sb.st_gid != SUDOERS_GID) { + ok = false; + if (!quiet) { + fprintf(stderr, + _("%s: wrong owner (uid, gid) should be (%u, %u)\n"), + path, SUDOERS_UID, SUDOERS_GID); + } + } + if ((sb.st_mode & 07777) != SUDOERS_MODE) { + ok = false; + if (!quiet) { + fprintf(stderr, _("%s: bad permissions, should be mode 0%o\n"), + path, SUDOERS_MODE); + } + } + } + debug_return_bool(ok); +} + +static bool +check_syntax(char *sudoers_path, bool quiet, bool strict, bool oldperms) +{ bool ok = false; debug_decl(check_syntax, SUDO_DEBUG_UTIL) @@ -802,37 +828,28 @@ check_syntax(char *sudoers_path, bool quiet, bool strict) errorfile = sudoers_path; } ok = !parse_error; - if (!quiet) { - if (parse_error) { + + if (parse_error) { + if (!quiet) { if (errorlineno != -1) (void) printf(_("parse error in %s near line %d\n"), errorfile, errorlineno); else (void) printf(_("parse error in %s\n"), errorfile); - } else { - struct sudoersfile *sp; - (void) printf(_("%s: parsed OK\n"), sudoers_path); - tq_foreach_fwd(&sudoerslist, sp) { - (void) printf(_("%s: parsed OK\n"), sp->path); - } } - } - /* Check mode and owner in strict mode. */ - if (strict && yyin != stdin && fstat(fileno(yyin), &sb) == 0) { - if (sb.st_uid != SUDOERS_UID || sb.st_gid != SUDOERS_GID) { - ok = false; - if (!quiet) { - fprintf(stderr, - _("%s: wrong owner (uid, gid) should be (%u, %u)\n"), - sudoers_path, SUDOERS_UID, SUDOERS_GID); - } - } - if ((sb.st_mode & 07777) != SUDOERS_MODE) { + } else { + struct sudoersfile *sp; + + /* Parsed OK, check mode and owner. */ + if (oldperms || check_owner(sudoers_path, quiet)) + (void) printf(_("%s: parsed OK\n"), sudoers_path); + else ok = false; - if (!quiet) { - fprintf(stderr, _("%s: bad permissions, should be mode 0%o\n"), - sudoers_path, SUDOERS_MODE); - } + tq_foreach_fwd(&sudoerslist, sp) { + if (oldperms || check_owner(sp->path, quiet)) + (void) printf(_("%s: parsed OK\n"), sp->path); + else + ok = false; } } -- cgit v1.2.1 From 189e4bdf97449035cd0162bacd05140a45a26b60 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Thu, 1 Mar 2012 13:05:03 -0500 Subject: Add check for variadic macro support in cpp. --- configure | 25 +++++++++++++++++++++++++ configure.in | 9 +++++++++ 2 files changed, 34 insertions(+) diff --git a/configure b/configure index 67950da16..bcff8f793 100755 --- a/configure +++ b/configure @@ -14538,6 +14538,31 @@ $as_echo "#define volatile /**/" >>confdefs.h fi +# Check for variadic macro support in cpp +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +$ac_includes_default +#if defined(__GNUC__) && __GNUC__ == 2 +# define sudo_fprintf(fp, fmt...) fprintf((fp), (fmt)) +#else +# define sudo_fprintf(fp, ...) fprintf((fp), __VA_ARGS__) +#endif + +int +main () +{ +sudo_fprintf(stderr, "a %s", "test"); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + +else + as_fn_error $? "Your C compiler doesn't support variadic macros, try building with gcc instead" "$LINENO" 5 +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext if test X"$with_gnu_ld" != "yes" -a -n "$GCC"; then _CFLAGS="$CFLAGS" CFLAGS="$CFLAGS -static-libgcc" diff --git a/configure.in b/configure.in index 905af5143..e4478c74d 100644 --- a/configure.in +++ b/configure.in @@ -1913,6 +1913,15 @@ dnl AC_PROG_GCC_TRADITIONAL AC_C_CONST AC_C_VOLATILE +# Check for variadic macro support in cpp +AC_COMPILE_IFELSE([AC_LANG_PROGRAM([ +AC_INCLUDES_DEFAULT +#if defined(__GNUC__) && __GNUC__ == 2 +# define sudo_fprintf(fp, fmt...) fprintf((fp), (fmt)) +#else +# define sudo_fprintf(fp, ...) fprintf((fp), __VA_ARGS__) +#endif +], [sudo_fprintf(stderr, "a %s", "test");])], [], [AC_MSG_ERROR([Your C compiler doesn't support variadic macros, try building with gcc instead])]) if test X"$with_gnu_ld" != "yes" -a -n "$GCC"; then _CFLAGS="$CFLAGS" CFLAGS="$CFLAGS -static-libgcc" -- cgit v1.2.1 From 455e7b89e6aa4e4ae7486ab6015bcf94ebdd42c4 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Thu, 8 Mar 2012 13:19:39 -0500 Subject: Fix editor goof. --- INSTALL | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/INSTALL b/INSTALL index 1dbfcb3b0..faa294ae0 100644 --- a/INSTALL +++ b/INSTALL @@ -286,7 +286,7 @@ Special features/options: older PAM implementations or on operating systems where opening a PAM session changes the utmp or wtmp files. If PAM session support is disabled, resource limits may not - be updatedin for command being run. + be updated for the command being run. --disable-root-mailer By default sudo will run the mailer as root when tattling -- cgit v1.2.1 From 515af6357babea17326be51698d40135ce1b185a Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Fri, 9 Mar 2012 10:06:27 -0500 Subject: Include alloc.h for estrdup() prototype; from Vita Cizek --- src/sesh.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/sesh.c b/src/sesh.c index 0c0eb25de..d6b56c3c5 100644 --- a/src/sesh.c +++ b/src/sesh.c @@ -34,8 +34,9 @@ #endif /* HAVE_STDBOOL_H */ #include "missing.h" -#include "gettext.h" +#include "alloc.h" #include "error.h" +#include "gettext.h" #include "sudo_conf.h" #include "sudo_debug.h" #include "sudo_exec.h" -- cgit v1.2.1 From 74cf27fe42659a87f3e84444942fbf77843de7c8 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Fri, 9 Mar 2012 10:07:00 -0500 Subject: Honor LDFLAGS when linking sesh; from Vita Cizek --- src/Makefile.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Makefile.in b/src/Makefile.in index cf89c8562..5e6e6ab64 100644 --- a/src/Makefile.in +++ b/src/Makefile.in @@ -100,7 +100,7 @@ libsudo_noexec.la: sudo_noexec.lo $(LIBTOOL) --mode=link $(CC) $(LDFLAGS) $(LTLDFLAGS) -o $@ sudo_noexec.lo -avoid-version -rpath $(noexecdir) sesh: sesh.o error.o exec_common.o @LIBINTL@ $(LT_LIBS) - $(LIBTOOL) --mode=link $(CC) -o $@ sesh.o error.o exec_common.o @LIBINTL@ $(LIBS) -static-libtool-libs + $(LIBTOOL) --mode=link $(CC) -o $@ sesh.o error.o exec_common.o $(LDFLAGS) @LIBINTL@ $(LIBS) -static-libtool-libs pre-install: -- cgit v1.2.1 From 2b02916d31083d713048a3be3824e27ddf4f13cd Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Fri, 9 Mar 2012 12:45:24 -0500 Subject: Fix format string warning on Solaris with gcc 3.4.3. --- src/exec_pty.c | 12 ++++++------ src/ttyname.c | 2 +- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/src/exec_pty.c b/src/exec_pty.c index d40408c0f..01fb6796c 100644 --- a/src/exec_pty.c +++ b/src/exec_pty.c @@ -378,20 +378,20 @@ terminate_child(pid_t pid, bool use_pgrp) * Note that SIGCHLD will interrupt the sleep() */ if (use_pgrp) { - sudo_debug_printf(SUDO_DEBUG_INFO, "killpg %d SIGHUP", pid); + sudo_debug_printf(SUDO_DEBUG_INFO, "killpg %d SIGHUP", (int)pid); killpg(pid, SIGHUP); - sudo_debug_printf(SUDO_DEBUG_INFO, "killpg %d SIGTERM", pid); + sudo_debug_printf(SUDO_DEBUG_INFO, "killpg %d SIGTERM", (int)pid); killpg(pid, SIGTERM); sleep(2); - sudo_debug_printf(SUDO_DEBUG_INFO, "killpg %d SIGKILL", pid); + sudo_debug_printf(SUDO_DEBUG_INFO, "killpg %d SIGKILL", (int)pid); killpg(pid, SIGKILL); } else { - sudo_debug_printf(SUDO_DEBUG_INFO, "kill %d SIGHUP", pid); + sudo_debug_printf(SUDO_DEBUG_INFO, "kill %d SIGHUP", (int)pid); kill(pid, SIGHUP); - sudo_debug_printf(SUDO_DEBUG_INFO, "kill %d SIGTERM", pid); + sudo_debug_printf(SUDO_DEBUG_INFO, "kill %d SIGTERM", (int)pid); kill(pid, SIGTERM); sleep(2); - sudo_debug_printf(SUDO_DEBUG_INFO, "kill %d SIGKILL", pid); + sudo_debug_printf(SUDO_DEBUG_INFO, "kill %d SIGKILL", (int)pid); kill(pid, SIGKILL); } diff --git a/src/ttyname.c b/src/ttyname.c index f8baa9716..e7030f846 100644 --- a/src/ttyname.c +++ b/src/ttyname.c @@ -164,7 +164,7 @@ get_process_ttyname(void) /* No tty for child, check the parent via /proc. */ ppid = getppid(); for (i = STDIN_FILENO; i < STDERR_FILENO && tty == NULL; i++) { - snprintf(path, sizeof(path), "/proc/%d/fd/%d", ppid, i); + snprintf(path, sizeof(path), "/proc/%d/fd/%d", (int)ppid, i); fd = open(path, O_RDONLY|O_NOCTTY, 0); if (fd != -1) { tty = ttyname(fd); -- cgit v1.2.1 From ee57175ba10ee14ac375f5e76018ac64fcd4e1e3 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Mon, 12 Mar 2012 08:54:40 -0400 Subject: Don't try to erealloc() a potentially freed pointer; Mateusz Guzik --- src/ttyname.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/ttyname.c b/src/ttyname.c index e7030f846..f1af670f8 100644 --- a/src/ttyname.c +++ b/src/ttyname.c @@ -87,7 +87,7 @@ char * get_process_ttyname(void) { char *tty = NULL; - struct sudo_kinfo_proc *ki_proc = NULL; + struct sudo_kinfo_proc *ki_proc; size_t size = sizeof(*ki_proc); int i, mib[6], rc; debug_decl(get_process_ttyname, SUDO_DEBUG_UTIL) @@ -105,7 +105,7 @@ get_process_ttyname(void) mib[5] = 1; do { size += size / 10; - ki_proc = erealloc(ki_proc, size); + ki_proc = emalloc(size); rc = sysctl(mib, sudo_kp_namelen, ki_proc, &size, NULL, 0); } while (rc == -1 && errno == ENOMEM); if (rc != -1) { -- cgit v1.2.1 From c703fc9d327d849175bd4bae2056e8f8aa0808dd Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Mon, 12 Mar 2012 09:09:08 -0400 Subject: regen --- doc/visudo.cat | 13 +++++++------ doc/visudo.man.in | 10 +++++----- 2 files changed, 12 insertions(+), 11 deletions(-) diff --git a/doc/visudo.cat b/doc/visudo.cat index 7df23733e..33eee63e9 100644 --- a/doc/visudo.cat +++ b/doc/visudo.cat @@ -42,11 +42,12 @@ OOPPTTIIOONNSS vviissuuddoo accepts the following command line options: -c Enable cchheecckk--oonnllyy mode. The existing _s_u_d_o_e_r_s file will be - checked for syntax and a message will be printed to the - standard output detailing the status of _s_u_d_o_e_r_s. If the - syntax check completes successfully, vviissuuddoo will exit with - a value of 0. If a syntax error is encountered, vviissuuddoo - will exit with a value of 1. + checked for syntax errors, owner and mode. A message will + be printed to the standard output describing the status of + _s_u_d_o_e_r_s unless the --qq option was specified. If the check + completes successfully, vviissuuddoo will exit with a value of 0. + If an error is encountered, vviissuuddoo will exit with a value + of 1. -f _s_u_d_o_e_r_s Specify and alternate _s_u_d_o_e_r_s file location. With this option vviissuuddoo will edit (or check) the _s_u_d_o_e_r_s file of your @@ -150,4 +151,4 @@ DDIISSCCLLAAIIMMEERR -1.8.4 January 6, 2012 VISUDO(1m) +1.8.4 March 12, 2012 VISUDO(1m) diff --git a/doc/visudo.man.in b/doc/visudo.man.in index a8f059252..a44585134 100644 --- a/doc/visudo.man.in +++ b/doc/visudo.man.in @@ -144,7 +144,7 @@ .\" ======================================================================== .\" .IX Title "VISUDO @mansectsu@" -.TH VISUDO @mansectsu@ "January 6, 2012" "1.8.4" "MAINTENANCE COMMANDS" +.TH VISUDO @mansectsu@ "March 12, 2012" "1.8.4" "MAINTENANCE COMMANDS" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -192,10 +192,10 @@ error occurred (if the editor supports this feature). .IP "\-c" 12 .IX Item "-c" Enable \fBcheck-only\fR mode. The existing \fIsudoers\fR file will be -checked for syntax and a message will be printed to the -standard output detailing the status of \fIsudoers\fR. -If the syntax check completes successfully, \fBvisudo\fR will -exit with a value of 0. If a syntax error is encountered, +checked for syntax errors, owner and mode. A message will be printed +to the standard output describing the status of \fIsudoers\fR unless +the \fB\-q\fR option was specified. If the check completes successfully, +\&\fBvisudo\fR will exit with a value of 0. If an error is encountered, \&\fBvisudo\fR will exit with a value of 1. .IP "\-f \fIsudoers\fR" 12 .IX Item "-f sudoers" -- cgit v1.2.1 From 3cb99eb2be8a6fb1ce89ea983f877b2c021f90ef Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Mon, 12 Mar 2012 10:49:26 -0400 Subject: Bring back the erealloc() for the ENOMEM loop and just zero the pointer after we free it. --- src/ttyname.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/ttyname.c b/src/ttyname.c index f1af670f8..48c1fcaf2 100644 --- a/src/ttyname.c +++ b/src/ttyname.c @@ -87,7 +87,7 @@ char * get_process_ttyname(void) { char *tty = NULL; - struct sudo_kinfo_proc *ki_proc; + struct sudo_kinfo_proc *ki_proc = NULL; size_t size = sizeof(*ki_proc); int i, mib[6], rc; debug_decl(get_process_ttyname, SUDO_DEBUG_UTIL) @@ -105,7 +105,7 @@ get_process_ttyname(void) mib[5] = 1; do { size += size / 10; - ki_proc = emalloc(size); + ki_proc = erealloc(ki_proc, size); rc = sysctl(mib, sudo_kp_namelen, ki_proc, &size, NULL, 0); } while (rc == -1 && errno == ENOMEM); if (rc != -1) { @@ -130,6 +130,7 @@ get_process_ttyname(void) "unable to resolve tty via KERN_PROC: %s", strerror(errno)); } efree(ki_proc); + ki_proc = NULL; } /* If all else fails, fall back on ttyname(). */ -- cgit v1.2.1 From 657c825c5e4941f0ea3cedb82b333b7aa6902aef Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Mon, 12 Mar 2012 11:37:33 -0400 Subject: Simply move the free of ki_proc outside the realloc() loop. --- src/ttyname.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/ttyname.c b/src/ttyname.c index 48c1fcaf2..b73325a64 100644 --- a/src/ttyname.c +++ b/src/ttyname.c @@ -129,9 +129,8 @@ get_process_ttyname(void) sudo_debug_printf(SUDO_DEBUG_WARN, "unable to resolve tty via KERN_PROC: %s", strerror(errno)); } - efree(ki_proc); - ki_proc = NULL; } + efree(ki_proc); /* If all else fails, fall back on ttyname(). */ if (tty == NULL) { -- cgit v1.2.1 From 1776e3abc62ec6ce0f18381875f95bcdd0547dc4 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Mon, 12 Mar 2012 13:53:54 -0400 Subject: matches_env_check() returns int, not boolean --- plugins/sudoers/env.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/sudoers/env.c b/plugins/sudoers/env.c index 725212036..15997fa1c 100644 --- a/plugins/sudoers/env.c +++ b/plugins/sudoers/env.c @@ -666,7 +666,7 @@ validate_env_vars(char * const env_vars[]) char * const *ep; char *eq, *bad = NULL; size_t len, blen = 0, bsize = 0; - bool okvar; + int okvar; if (env_vars == NULL) return; -- cgit v1.2.1 From 8c8181cfe79feef17cb0bdfd2f0cb443829caf32 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Mon, 12 Mar 2012 14:07:44 -0400 Subject: Update for sudo 1.8.4p3 --- NEWS | 12 ++++++++++++ configure | 18 +++++++++--------- configure.in | 2 +- 3 files changed, 22 insertions(+), 10 deletions(-) diff --git a/NEWS b/NEWS index 703d95869..0abdea79d 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,15 @@ +What's new in Sudo 1.8.4p3? + + * Fixed a crash on FreeBSD when no tty is present. + + * Fixed a bug introduced in Sudo 1.8.4 that allowed users to + specify environment variables to set on the command line without + having sudo "ALL" permissions or the "SETENV" tag. + + * When visudo is run with the -c (check) option, the sudoers + file(s) owner and mode are now also checked unless the -f option + was specified. + What's new in Sudo 1.8.4p2? * Fixed a bug introduced in Sudo 1.8.4 where insufficient space diff --git a/configure b/configure index bcff8f793..d952b3b2b 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.68 for sudo 1.8.4p2. +# Generated by GNU Autoconf 2.68 for sudo 1.8.4p3. # # Report bugs to . # @@ -570,8 +570,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='sudo' PACKAGE_TARNAME='sudo' -PACKAGE_VERSION='1.8.4p2' -PACKAGE_STRING='sudo 1.8.4p2' +PACKAGE_VERSION='1.8.4p3' +PACKAGE_STRING='sudo 1.8.4p3' PACKAGE_BUGREPORT='http://www.sudo.ws/bugs/' PACKAGE_URL='' @@ -1447,7 +1447,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures sudo 1.8.4p2 to adapt to many kinds of systems. +\`configure' configures sudo 1.8.4p3 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1512,7 +1512,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of sudo 1.8.4p2:";; + short | recursive ) echo "Configuration of sudo 1.8.4p3:";; esac cat <<\_ACEOF @@ -1730,7 +1730,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -sudo configure 1.8.4p2 +sudo configure 1.8.4p3 generated by GNU Autoconf 2.68 Copyright (C) 2010 Free Software Foundation, Inc. @@ -2434,7 +2434,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by sudo $as_me 1.8.4p2, which was +It was created by sudo $as_me 1.8.4p3, which was generated by GNU Autoconf 2.68. Invocation command line was $ $0 $@ @@ -20548,7 +20548,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by sudo $as_me 1.8.4p2, which was +This file was extended by sudo $as_me 1.8.4p3, which was generated by GNU Autoconf 2.68. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -20614,7 +20614,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -sudo config.status 1.8.4p2 +sudo config.status 1.8.4p3 configured by $0, generated by GNU Autoconf 2.68, with options \\"\$ac_cs_config\\" diff --git a/configure.in b/configure.in index e4478c74d..664dfe9e9 100644 --- a/configure.in +++ b/configure.in @@ -3,7 +3,7 @@ dnl Process this file with GNU autoconf to produce a configure script. dnl dnl Copyright (c) 1994-1996,1998-2012 Todd C. Miller dnl -AC_INIT([sudo], [1.8.4p2], [http://www.sudo.ws/bugs/], [sudo]) +AC_INIT([sudo], [1.8.4p3], [http://www.sudo.ws/bugs/], [sudo]) AC_CONFIG_HEADER([config.h pathnames.h]) dnl dnl Note: this must come after AC_INIT -- cgit v1.2.1 -- cgit v1.2.1 From ec3ce5fd1c6e175e47a8b86892a93a82a6902bc2 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Mon, 12 Mar 2012 15:04:03 -0400 Subject: Fix application of debian-specific sudoers mods when building packages as non-root. --- sudo.pp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/sudo.pp b/sudo.pp index 54e3410a1..f846a8be5 100644 --- a/sudo.pp +++ b/sudo.pp @@ -161,6 +161,7 @@ still allow people to get their work done." %if [deb] # Uncomment some Defaults and the %sudo rule in sudoers # Note that the order must match that of sudoers and be tab-indented. + chmod u+w ${pp_destdir}${sudoersdir}/sudoers /bin/ed - ${pp_destdir}${sudoersdir}/sudoers <<-'EOF' /Locale settings/+1,s/^# // /X11 resource/+1,s/^# // @@ -168,6 +169,7 @@ still allow people to get their work done." w q EOF + chmod u-w ${pp_destdir}${sudoersdir}/sudoers mkdir -p ${pp_destdir}/etc/pam.d cat > ${pp_destdir}/etc/pam.d/sudo <<-EOF #%PAM-1.0 -- cgit v1.2.1 From e5c7729f0b7e66f1f75fd6886e84eb74b13b117b Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Mon, 12 Mar 2012 19:34:19 -0400 Subject: Fix bogus int -> bool conversion; tags can have a value of -1. --- plugins/sudoers/parse.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/sudoers/parse.c b/plugins/sudoers/parse.c index db77ad711..66385f07a 100644 --- a/plugins/sudoers/parse.c +++ b/plugins/sudoers/parse.c @@ -169,7 +169,7 @@ sudo_file_lookup(struct sudo_nss *nss, int validated, int pwflag) * Always check the host and user. */ if (pwflag) { - bool nopass; + int nopass; enum def_tuple pwcheck; pwcheck = (pwflag == -1) ? never : sudo_defs_table[pwflag].sd_un.tuple; -- cgit v1.2.1 From 8e7d2c868c4fcc6f6454da79285b0caec045adba Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Mon, 12 Mar 2012 19:38:24 -0400 Subject: Update for sudo 1.8.4p4 --- NEWS | 5 +++++ configure | 18 +++++++++--------- configure.in | 2 +- 3 files changed, 15 insertions(+), 10 deletions(-) diff --git a/NEWS b/NEWS index 0abdea79d..16842e788 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,8 @@ +What's new in Sudo 1.8.4p4? + + * Fixed a bug introduced in Sudo 1.8.4 which prevented "sudo -v" + from working. + What's new in Sudo 1.8.4p3? * Fixed a crash on FreeBSD when no tty is present. diff --git a/configure b/configure index d952b3b2b..934f846dd 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.68 for sudo 1.8.4p3. +# Generated by GNU Autoconf 2.68 for sudo 1.8.4p4. # # Report bugs to . # @@ -570,8 +570,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='sudo' PACKAGE_TARNAME='sudo' -PACKAGE_VERSION='1.8.4p3' -PACKAGE_STRING='sudo 1.8.4p3' +PACKAGE_VERSION='1.8.4p4' +PACKAGE_STRING='sudo 1.8.4p4' PACKAGE_BUGREPORT='http://www.sudo.ws/bugs/' PACKAGE_URL='' @@ -1447,7 +1447,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures sudo 1.8.4p3 to adapt to many kinds of systems. +\`configure' configures sudo 1.8.4p4 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1512,7 +1512,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of sudo 1.8.4p3:";; + short | recursive ) echo "Configuration of sudo 1.8.4p4:";; esac cat <<\_ACEOF @@ -1730,7 +1730,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -sudo configure 1.8.4p3 +sudo configure 1.8.4p4 generated by GNU Autoconf 2.68 Copyright (C) 2010 Free Software Foundation, Inc. @@ -2434,7 +2434,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by sudo $as_me 1.8.4p3, which was +It was created by sudo $as_me 1.8.4p4, which was generated by GNU Autoconf 2.68. Invocation command line was $ $0 $@ @@ -20548,7 +20548,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by sudo $as_me 1.8.4p3, which was +This file was extended by sudo $as_me 1.8.4p4, which was generated by GNU Autoconf 2.68. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -20614,7 +20614,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -sudo config.status 1.8.4p3 +sudo config.status 1.8.4p4 configured by $0, generated by GNU Autoconf 2.68, with options \\"\$ac_cs_config\\" diff --git a/configure.in b/configure.in index 664dfe9e9..bdbc12324 100644 --- a/configure.in +++ b/configure.in @@ -3,7 +3,7 @@ dnl Process this file with GNU autoconf to produce a configure script. dnl dnl Copyright (c) 1994-1996,1998-2012 Todd C. Miller dnl -AC_INIT([sudo], [1.8.4p3], [http://www.sudo.ws/bugs/], [sudo]) +AC_INIT([sudo], [1.8.4p4], [http://www.sudo.ws/bugs/], [sudo]) AC_CONFIG_HEADER([config.h pathnames.h]) dnl dnl Note: this must come after AC_INIT -- cgit v1.2.1 -- cgit v1.2.1 From 753ba38ba3ac55ac2bdceca80d7f558564eec018 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Tue, 13 Mar 2012 17:38:03 -0400 Subject: Make sudoersdir relative to PKG_INSTALL_ROOT for Solaris. --- sudo.pp | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/sudo.pp b/sudo.pp index f846a8be5..3d0e060e2 100644 --- a/sudo.pp +++ b/sudo.pp @@ -234,7 +234,11 @@ still allow people to get their work done." %post [!rpm,deb] # Don't overwrite an existing sudoers file +%if [solaris] + sudoersdir=${PKG_INSTALL_ROOT}%{sudoersdir} +%else sudoersdir=%{sudoersdir} +%endif if test ! -r $sudoersdir/sudoers; then cp $sudoersdir/sudoers.dist $sudoersdir/sudoers chmod %{sudoers_mode} $sudoersdir/sudoers -- cgit v1.2.1 From 24f03f2385ff09e8a5dd3962eeb61ce30e314945 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Mon, 14 May 2012 14:47:48 -0400 Subject: Add missing break between AF_INET and AF_INET6 in addr_matches_if_netmask() --- plugins/sudoers/match_addr.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/plugins/sudoers/match_addr.c b/plugins/sudoers/match_addr.c index 9634eaca8..23e686779 100644 --- a/plugins/sudoers/match_addr.c +++ b/plugins/sudoers/match_addr.c @@ -74,7 +74,7 @@ addr_matches_if(char *n) for (ifp = interfaces; ifp != NULL; ifp = ifp->next) { if (ifp->family != family) continue; - switch(family) { + switch (family) { case AF_INET: if (ifp->addr.ip4.s_addr == addr.ip4.s_addr || (ifp->addr.ip4.s_addr & ifp->netmask.ip4.s_addr) @@ -92,6 +92,7 @@ addr_matches_if(char *n) } if (j == sizeof(addr.ip6.s6_addr)) debug_return_bool(true); + break; #endif /* HAVE_STRUCT_IN6_ADDR */ } } @@ -156,10 +157,11 @@ addr_matches_if_netmask(char *n, char *m) for (ifp = interfaces; ifp != NULL; ifp = ifp->next) { if (ifp->family != family) continue; - switch(family) { + switch (family) { case AF_INET: if ((ifp->addr.ip4.s_addr & mask.ip4.s_addr) == addr.ip4.s_addr) debug_return_bool(true); + break; #ifdef HAVE_STRUCT_IN6_ADDR case AF_INET6: for (j = 0; j < sizeof(addr.ip6.s6_addr); j++) { @@ -168,6 +170,7 @@ addr_matches_if_netmask(char *n, char *m) } if (j == sizeof(addr.ip6.s6_addr)) debug_return_bool(true); + break; #endif /* HAVE_STRUCT_IN6_ADDR */ } } -- cgit v1.2.1 From ece275941352d743e1812a38a63ff8f7bb12bd7d Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Mon, 14 May 2012 14:48:18 -0400 Subject: Update for sudo 1.8.4p5 --- NEWS | 7 +++++++ configure | 18 +++++++++--------- configure.in | 2 +- 3 files changed, 17 insertions(+), 10 deletions(-) diff --git a/NEWS b/NEWS index 16842e788..ae039c4f3 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,10 @@ +What's new in Sudo 1.8.4p5? + + * Fixed a bug when matching against an IP address with an associated + netmask in the sudoers file. In certain circumstances, this + could allow users to run commands on hosts they are not authorized + for. + What's new in Sudo 1.8.4p4? * Fixed a bug introduced in Sudo 1.8.4 which prevented "sudo -v" diff --git a/configure b/configure index 934f846dd..2a24aba87 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.68 for sudo 1.8.4p4. +# Generated by GNU Autoconf 2.68 for sudo 1.8.4p5. # # Report bugs to . # @@ -570,8 +570,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='sudo' PACKAGE_TARNAME='sudo' -PACKAGE_VERSION='1.8.4p4' -PACKAGE_STRING='sudo 1.8.4p4' +PACKAGE_VERSION='1.8.4p5' +PACKAGE_STRING='sudo 1.8.4p5' PACKAGE_BUGREPORT='http://www.sudo.ws/bugs/' PACKAGE_URL='' @@ -1447,7 +1447,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures sudo 1.8.4p4 to adapt to many kinds of systems. +\`configure' configures sudo 1.8.4p5 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1512,7 +1512,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of sudo 1.8.4p4:";; + short | recursive ) echo "Configuration of sudo 1.8.4p5:";; esac cat <<\_ACEOF @@ -1730,7 +1730,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -sudo configure 1.8.4p4 +sudo configure 1.8.4p5 generated by GNU Autoconf 2.68 Copyright (C) 2010 Free Software Foundation, Inc. @@ -2434,7 +2434,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by sudo $as_me 1.8.4p4, which was +It was created by sudo $as_me 1.8.4p5, which was generated by GNU Autoconf 2.68. Invocation command line was $ $0 $@ @@ -20548,7 +20548,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by sudo $as_me 1.8.4p4, which was +This file was extended by sudo $as_me 1.8.4p5, which was generated by GNU Autoconf 2.68. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -20614,7 +20614,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -sudo config.status 1.8.4p4 +sudo config.status 1.8.4p5 configured by $0, generated by GNU Autoconf 2.68, with options \\"\$ac_cs_config\\" diff --git a/configure.in b/configure.in index bdbc12324..9d22955f0 100644 --- a/configure.in +++ b/configure.in @@ -3,7 +3,7 @@ dnl Process this file with GNU autoconf to produce a configure script. dnl dnl Copyright (c) 1994-1996,1998-2012 Todd C. Miller dnl -AC_INIT([sudo], [1.8.4p4], [http://www.sudo.ws/bugs/], [sudo]) +AC_INIT([sudo], [1.8.4p5], [http://www.sudo.ws/bugs/], [sudo]) AC_CONFIG_HEADER([config.h pathnames.h]) dnl dnl Note: this must come after AC_INIT -- cgit v1.2.1 -- cgit v1.2.1 From a81900e06e73ac346de6de0d70b0f89d7f8c2e20 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Tue, 15 May 2012 12:25:20 -0400 Subject: Create ChangeLog from default branch now that the 1.8 branch is only used for building releases. --- Makefile.in | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/Makefile.in b/Makefile.in index 6b479db69..1fbed4cd0 100644 --- a/Makefile.in +++ b/Makefile.in @@ -142,10 +142,9 @@ depend: siglist.c --file $(srcdir)/plugins/system_group/Makefile \ --file $(srcdir)/src/Makefile --file $(srcdir)/zlib/Makefile -# The 1.8 branch started February 25, 2011 ChangeLog: if test -d $(srcdir)/.hg && cd $(srcdir); then \ - if hg log --style=changelog -b 1.8 > $@.tmp && hg log --style=changelog -b default --date '<2011-02-25 21:30:00' >> $@.tmp; then \ + if hg log --style=changelog -b default > $@.tmp; then \ mv -f $@.tmp $@; \ else \ rm -f $@.tmp; \ -- cgit v1.2.1 -- cgit v1.2.1 From fe1f9eefe6da0b0bc1ba269a53a999c7c8cc36a4 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Thu, 17 May 2012 15:42:57 -0400 Subject: Fix #includedir; from Mike Frysinger --- plugins/sudoers/toke.c | 2 ++ plugins/sudoers/toke.l | 2 ++ 2 files changed, 4 insertions(+) diff --git a/plugins/sudoers/toke.c b/plugins/sudoers/toke.c index 83125a30c..40bc1472f 100644 --- a/plugins/sudoers/toke.c +++ b/plugins/sudoers/toke.c @@ -3525,6 +3525,8 @@ _push_include(char *path, bool isdir) if (isdir) { struct stat sb; switch (sudo_secure_dir(path, sudoers_uid, sudoers_gid, &sb)) { + case SUDO_PATH_SECURE: + break; case SUDO_PATH_MISSING: debug_return_bool(false); case SUDO_PATH_BAD_TYPE: diff --git a/plugins/sudoers/toke.l b/plugins/sudoers/toke.l index 40981cd83..84e8de62d 100644 --- a/plugins/sudoers/toke.l +++ b/plugins/sudoers/toke.l @@ -816,6 +816,8 @@ _push_include(char *path, bool isdir) if (isdir) { struct stat sb; switch (sudo_secure_dir(path, sudoers_uid, sudoers_gid, &sb)) { + case SUDO_PATH_SECURE: + break; case SUDO_PATH_MISSING: debug_return_bool(false); case SUDO_PATH_BAD_TYPE: -- cgit v1.2.1 From c27549ee28979668c71c0d60bd46c207f8243a4c Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Thu, 17 May 2012 15:53:37 -0400 Subject: Update for 1.8.5p1 --- NEWS | 5 +++++ configure | 18 +++++++++--------- configure.in | 2 +- 3 files changed, 15 insertions(+), 10 deletions(-) diff --git a/NEWS b/NEWS index 2e65329c7..426b63e31 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,8 @@ +What's new in Sudo 1.8.5p1? + + * Fixed a bug that prevented files in an include directory from + being evaluated. + What's new in Sudo 1.8.5? * When "noexec" is enabled, sudo_noexec.so will now be prepended diff --git a/configure b/configure index 9c2fcba8d..dbb78dd6b 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.68 for sudo 1.8.5. +# Generated by GNU Autoconf 2.68 for sudo 1.8.5p1. # # Report bugs to . # @@ -570,8 +570,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='sudo' PACKAGE_TARNAME='sudo' -PACKAGE_VERSION='1.8.5' -PACKAGE_STRING='sudo 1.8.5' +PACKAGE_VERSION='1.8.5p1' +PACKAGE_STRING='sudo 1.8.5p1' PACKAGE_BUGREPORT='http://www.sudo.ws/bugs/' PACKAGE_URL='' @@ -1447,7 +1447,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures sudo 1.8.5 to adapt to many kinds of systems. +\`configure' configures sudo 1.8.5p1 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1512,7 +1512,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of sudo 1.8.5:";; + short | recursive ) echo "Configuration of sudo 1.8.5p1:";; esac cat <<\_ACEOF @@ -1730,7 +1730,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -sudo configure 1.8.5 +sudo configure 1.8.5p1 generated by GNU Autoconf 2.68 Copyright (C) 2010 Free Software Foundation, Inc. @@ -2434,7 +2434,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by sudo $as_me 1.8.5, which was +It was created by sudo $as_me 1.8.5p1, which was generated by GNU Autoconf 2.68. Invocation command line was $ $0 $@ @@ -20682,7 +20682,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by sudo $as_me 1.8.5, which was +This file was extended by sudo $as_me 1.8.5p1, which was generated by GNU Autoconf 2.68. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -20748,7 +20748,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -sudo config.status 1.8.5 +sudo config.status 1.8.5p1 configured by $0, generated by GNU Autoconf 2.68, with options \\"\$ac_cs_config\\" diff --git a/configure.in b/configure.in index 3ab4fa2d7..c7d09be4d 100644 --- a/configure.in +++ b/configure.in @@ -3,7 +3,7 @@ dnl Process this file with GNU autoconf to produce a configure script. dnl dnl Copyright (c) 1994-1996,1998-2012 Todd C. Miller dnl -AC_INIT([sudo], [1.8.5], [http://www.sudo.ws/bugs/], [sudo]) +AC_INIT([sudo], [1.8.5p1], [http://www.sudo.ws/bugs/], [sudo]) AC_CONFIG_HEADER([config.h pathnames.h]) dnl dnl Note: this must come after AC_INIT -- cgit v1.2.1 -- cgit v1.2.1 From 67eee08c3e5addbe53f4fea224f3fd3aee21835b Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Sun, 27 May 2012 12:48:55 -0400 Subject: Provide unhooked version of getenv() and use it when looking up DISPLAY and SUDO_ASKPASS in the environment. --- src/env_hooks.c | 149 +++++++++++++++++++++++++++++--------------------------- src/sudo.h | 3 ++ src/tgetpass.c | 4 +- 3 files changed, 83 insertions(+), 73 deletions(-) diff --git a/src/env_hooks.c b/src/env_hooks.c index c518cb1bc..1e1db8cc0 100644 --- a/src/env_hooks.c +++ b/src/env_hooks.c @@ -69,6 +69,19 @@ rpl_getenv(const char *name) typedef char * (*sudo_fn_getenv_t)(const char *); +char * +getenv_unhooked(const char *name) +{ +#if defined(HAVE_DLOPEN) && defined(RTLD_NEXT) + sudo_fn_getenv_t fn; + + fn = (sudo_fn_getenv_t)dlsym(RTLD_NEXT, "getenv"); + if (fn != NULL) + return fn(name); +#endif /* HAVE_DLOPEN && RTLD_NEXT */ + return rpl_getenv(name); +} + char * getenv(const char *name) { @@ -79,16 +92,8 @@ getenv(const char *name) return val; case SUDO_HOOK_RET_ERROR: return NULL; - default: { -#if defined(HAVE_DLOPEN) && defined(RTLD_NEXT) - sudo_fn_getenv_t fn; - - fn = (sudo_fn_getenv_t)dlsym(RTLD_NEXT, "getenv"); - if (fn != NULL) - return fn(name); -#endif /* HAVE_DLOPEN && RTLD_NEXT */ - return rpl_getenv(name); - } + default: + return getenv_unhooked(name); } } @@ -136,6 +141,19 @@ rpl_putenv(PUTENV_CONST char *string) typedef int (*sudo_fn_putenv_t)(PUTENV_CONST char *); +static int +putenv_unhooked(PUTENV_CONST char *string) +{ +#if defined(HAVE_DLOPEN) && defined(RTLD_NEXT) + sudo_fn_putenv_t fn; + + fn = (sudo_fn_putenv_t)dlsym(RTLD_NEXT, "putenv"); + if (fn != NULL) + return fn(string); +#endif /* HAVE_DLOPEN && RTLD_NEXT */ + return rpl_putenv(string); +} + int putenv(PUTENV_CONST char *string) { @@ -144,16 +162,8 @@ putenv(PUTENV_CONST char *string) return 0; case SUDO_HOOK_RET_ERROR: return -1; - default: { -#if defined(HAVE_DLOPEN) && defined(RTLD_NEXT) - sudo_fn_putenv_t fn; - - fn = (sudo_fn_putenv_t)dlsym(RTLD_NEXT, "putenv"); - if (fn != NULL) - return fn(string); -#endif /* HAVE_DLOPEN && RTLD_NEXT */ - return rpl_putenv(string); - } + default: + return putenv_unhooked(string); } } @@ -201,6 +211,19 @@ rpl_setenv(const char *var, const char *val, int overwrite) typedef int (*sudo_fn_setenv_t)(const char *, const char *, int); +static int +setenv_unhooked(const char *var, const char *val, int overwrite) +{ +#if defined(HAVE_SETENV) && defined(HAVE_DLOPEN) && defined(RTLD_NEXT) + sudo_fn_setenv_t fn; + + fn = (sudo_fn_setenv_t)dlsym(RTLD_NEXT, "setenv"); + if (fn != NULL) + return fn(var, val, overwrite); +#endif /* HAVE_SETENV && HAVE_DLOPEN && RTLD_NEXT */ + return rpl_setenv(var, val, overwrite); +} + int setenv(const char *var, const char *val, int overwrite) { @@ -209,24 +232,12 @@ setenv(const char *var, const char *val, int overwrite) return 0; case SUDO_HOOK_RET_ERROR: return -1; - default: { -#if defined(HAVE_SETENV) && defined(HAVE_DLOPEN) && defined(RTLD_NEXT) - sudo_fn_setenv_t fn; - - fn = (sudo_fn_setenv_t)dlsym(RTLD_NEXT, "setenv"); - if (fn != NULL) - return fn(var, val, overwrite); -#endif /* HAVE_SETENV && HAVE_DLOPEN && RTLD_NEXT */ - return rpl_setenv(var, val, overwrite); - } + default: + return setenv_unhooked(var, val, overwrite); } } -#ifdef UNSETENV_VOID -static void -#else -int -#endif +static int rpl_unsetenv(const char *var) { char **ep = environ; @@ -234,11 +245,7 @@ rpl_unsetenv(const char *var) if (var == NULL || *var == '\0' || strchr(var, '=') != NULL) { errno = EINVAL; -#ifdef UNSETENV_VOID - return; -#else return -1; -#endif } len = strlen(var); @@ -253,9 +260,7 @@ rpl_unsetenv(const char *var) ep++; } } -#ifndef UNSETENV_VOID return 0; -#endif } #ifdef UNSETENV_VOID @@ -264,47 +269,49 @@ typedef void (*sudo_fn_unsetenv_t)(const char *); typedef int (*sudo_fn_unsetenv_t)(const char *); #endif -#ifdef UNSETENV_VOID -void -unsetenv(const char *var) +static int +unsetenv_unhooked(const char *var) { - switch (process_hooks_unsetenv(var)) { - case SUDO_HOOK_RET_STOP: - return 0; - case SUDO_HOOK_RET_ERROR: - return -1; - default: { + int rval = 0; #if defined(HAVE_UNSETENV) && defined(HAVE_DLOPEN) && defined(RTLD_NEXT) - sudo_fn_unsetenv_t fn; - - fn = (sudo_fn_unsetenv_t)dlsym(RTLD_NEXT, "unsetenv"); - if (fn != NULL) - fn(var); - else + sudo_fn_unsetenv_t fn; + + fn = (sudo_fn_unsetenv_t)dlsym(RTLD_NEXT, "unsetenv"); + if (fn != NULL) { +# ifdef UNSETENV_VOID + fn(var); +# else + rval = fn(var); +# endif + } else #endif /* HAVE_UNSETENV && HAVE_DLOPEN && RTLD_NEXT */ - rpl_unsetenv(var); - } + { + rval = rpl_unsetenv(var); } + return rval; } + +#ifdef UNSETENV_VOID +void #else int +#endif unsetenv(const char *var) { + int rval; + switch (process_hooks_unsetenv(var)) { case SUDO_HOOK_RET_STOP: - return 0; + rval = 0; + break; case SUDO_HOOK_RET_ERROR: - return -1; - default: { -#if defined(HAVE_UNSETENV) && defined(HAVE_DLOPEN) && defined(RTLD_NEXT) - sudo_fn_unsetenv_t fn; - - fn = (sudo_fn_unsetenv_t)dlsym(RTLD_NEXT, "unsetenv"); - if (fn != NULL) - return fn(var); -#endif /* HAVE_UNSETENV && HAVE_DLOPEN && RTLD_NEXT */ - return rpl_unsetenv(var); - } + rval = -1; + break; + default: + rval = unsetenv_unhooked(var); + break; } +#ifndef UNSETENV_VOID + return rval; +#endif } -#endif /* UNSETENV_VOID */ diff --git a/src/sudo.h b/src/sudo.h index 8843914b6..c50f1e1d6 100644 --- a/src/sudo.h +++ b/src/sudo.h @@ -237,6 +237,9 @@ int process_hooks_setenv(const char *name, const char *value, int overwrite); int process_hooks_putenv(char *string); int process_hooks_unsetenv(const char *name); +/* env_hooks.c */ +char *getenv_unhooked(const char *name); + /* interfaces.c */ int get_net_ifs(char **addrinfo); diff --git a/src/tgetpass.c b/src/tgetpass.c index e9915b2bd..b23db4cc5 100644 --- a/src/tgetpass.c +++ b/src/tgetpass.c @@ -78,7 +78,7 @@ tgetpass(const char *prompt, int timeout, int flags) (void) fflush(stdout); if (askpass == NULL) { - askpass = getenv("SUDO_ASKPASS"); + askpass = getenv_unhooked("SUDO_ASKPASS"); if (askpass == NULL || *askpass == '\0') askpass = sudo_conf_askpass_path(); } @@ -86,7 +86,7 @@ tgetpass(const char *prompt, int timeout, int flags) /* If no tty present and we need to disable echo, try askpass. */ if (!ISSET(flags, TGP_STDIN|TGP_ECHO|TGP_ASKPASS|TGP_NOECHO_TRY) && !tty_present()) { - if (askpass == NULL || getenv("DISPLAY") == NULL) { + if (askpass == NULL || getenv_unhooked("DISPLAY") == NULL) { warningx(_("no tty present and no askpass program specified")); debug_return_str(NULL); } -- cgit v1.2.1 From 02a9ac2ce3f49eab8dae25ec8dc907c0268ec506 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Mon, 21 May 2012 13:59:02 -0400 Subject: If sudoers_mode is group-readable but the actual sudoers file is not, open the file as uid 0, not uid 1. This fixes a problem when sudoers has a more restrictive mode than what sudo expects to find. In older versions, sudo would silently chmod the file to add the group-readable bit. --- plugins/sudoers/set_perms.c | 8 ++++---- plugins/sudoers/sudoers.c | 18 ++++++++++++++---- 2 files changed, 18 insertions(+), 8 deletions(-) diff --git a/plugins/sudoers/set_perms.c b/plugins/sudoers/set_perms.c index 97d6ee9e7..e2ae5122f 100644 --- a/plugins/sudoers/set_perms.c +++ b/plugins/sudoers/set_perms.c @@ -307,7 +307,7 @@ set_perms(int perm) * we use a non-zero uid in order to avoid NFS lossage. * Using uid 1 is a bit bogus but should work on all OS's. */ - if (sudoers_uid == ROOT_UID && (sudoers_mode & 040)) + if (sudoers_uid == ROOT_UID && (sudoers_mode & S_IRGRP)) state->euid = 1; else state->euid = sudoers_uid; @@ -617,7 +617,7 @@ set_perms(int perm) * we use a non-zero uid in order to avoid NFS lossage. * Using uid 1 is a bit bogus but should work on all OS's. */ - if (sudoers_uid == ROOT_UID && (sudoers_mode & 040)) + if (sudoers_uid == ROOT_UID && (sudoers_mode & S_IRGRP)) state->euid = 1; else state->euid = sudoers_uid; @@ -990,7 +990,7 @@ set_perms(int perm) * we use a non-zero uid in order to avoid NFS lossage. * Using uid 1 is a bit bogus but should work on all OS's. */ - if (sudoers_uid == ROOT_UID && (sudoers_mode & 040)) + if (sudoers_uid == ROOT_UID && (sudoers_mode & S_IRGRP)) state->euid = 1; else state->euid = sudoers_uid; @@ -1276,7 +1276,7 @@ set_perms(int perm) * we use a non-zero uid in order to avoid NFS lossage. * Using uid 1 is a bit bogus but should work on all OS's. */ - if (sudoers_uid == ROOT_UID && (sudoers_mode & 040)) + if (sudoers_uid == ROOT_UID && (sudoers_mode & S_IRGRP)) state->euid = 1; else state->euid = sudoers_uid; diff --git a/plugins/sudoers/sudoers.c b/plugins/sudoers/sudoers.c index af72c378f..9002712bc 100644 --- a/plugins/sudoers/sudoers.c +++ b/plugins/sudoers/sudoers.c @@ -975,13 +975,23 @@ open_sudoers(const char *sudoers, bool doedit, bool *keepopen) switch (sudo_secure_file(sudoers, sudoers_uid, sudoers_gid, &sb)) { case SUDO_PATH_SECURE: + /* + * If we are expecting sudoers to be group readable but + * it is not, we must open the file as root, not uid 1. + */ + if (sudoers_uid == ROOT_UID && (sudoers_mode & S_IRGRP)) { + if ((sb.st_mode & S_IRGRP) == 0) { + restore_perms(); + set_perms(PERM_ROOT); + } + } + /* + * Open sudoers and make sure we can read it so we can present + * the user with a reasonable error message (unlike the lexer). + */ if ((fp = fopen(sudoers, "r")) == NULL) { log_error(USE_ERRNO, _("unable to open %s"), sudoers); } else { - /* - * Make sure we can actually read sudoers so we can present the - * user with a reasonable error message (unlike the lexer). - */ if (sb.st_size != 0 && fgetc(fp) == EOF) { log_error(USE_ERRNO, _("unable to read %s"), sudoers); -- cgit v1.2.1 From 256397b814b539b2cfbb900ecf1e3fc049c26f58 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Tue, 29 May 2012 14:28:42 -0400 Subject: Update for sudo 1.8.5p2 --- NEWS | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/NEWS b/NEWS index 426b63e31..34e7b9a58 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,12 @@ +What's new in Sudo 1.8.5p2? + + * Fixed use of the SUDO_ASKPASS environment variable which was + broken in Sudo 1.8.5. + + * Fixed a problem reading the sudoers file when the file mode is + more restrictive than the expected mode. For example, when the + expected sudoers file mode is 0440 but the actual mode is 0400. + What's new in Sudo 1.8.5p1? * Fixed a bug that prevented files in an include directory from -- cgit v1.2.1 -- cgit v1.2.1 From cb6d807afe0653c26bc018e0cfe321f8a94477f9 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Mon, 13 Aug 2012 14:48:48 -0400 Subject: Can't call debug code in the process_hooks_xxx functions() since ctime() may look up the timezone via the TZ environment variable. --- src/hooks.c | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/src/hooks.c b/src/hooks.c index b2daaa95f..7c49bb9a6 100644 --- a/src/hooks.c +++ b/src/hooks.c @@ -60,12 +60,12 @@ static struct sudo_hook_list *sudo_hook_unsetenv_list; static struct sudo_hook_list *sudo_hook_getenv_list; static struct sudo_hook_list *sudo_hook_putenv_list; +/* NOTE: must not anything that might call setenv() */ int process_hooks_setenv(const char *name, const char *value, int overwrite) { struct sudo_hook_list *hook; int rc = SUDO_HOOK_RET_NEXT; - debug_decl(process_hooks_setenv, SUDO_DEBUG_HOOKS) /* First process the hooks. */ for (hook = sudo_hook_setenv_list; hook != NULL; hook = hook->next) { @@ -77,20 +77,20 @@ process_hooks_setenv(const char *name, const char *value, int overwrite) case SUDO_HOOK_RET_STOP: goto done; default: - warningx("invalid setenv hook return value: %d", rc); + warningx2("invalid setenv hook return value: %d", rc); break; } } done: - debug_return_int(rc); + return rc; } +/* NOTE: must not anything that might call putenv() */ int process_hooks_putenv(char *string) { struct sudo_hook_list *hook; int rc = SUDO_HOOK_RET_NEXT; - debug_decl(process_hooks_putenv, SUDO_DEBUG_HOOKS) /* First process the hooks. */ for (hook = sudo_hook_putenv_list; hook != NULL; hook = hook->next) { @@ -102,21 +102,21 @@ process_hooks_putenv(char *string) case SUDO_HOOK_RET_STOP: goto done; default: - warningx("invalid putenv hook return value: %d", rc); + warningx2("invalid putenv hook return value: %d", rc); break; } } done: - debug_return_int(rc); + return rc; } +/* NOTE: must not anything that might call getenv() */ int process_hooks_getenv(const char *name, char **value) { struct sudo_hook_list *hook; char *val = NULL; int rc = SUDO_HOOK_RET_NEXT; - debug_decl(process_hooks_getenv, SUDO_DEBUG_HOOKS) /* First process the hooks. */ for (hook = sudo_hook_getenv_list; hook != NULL; hook = hook->next) { @@ -128,22 +128,22 @@ process_hooks_getenv(const char *name, char **value) case SUDO_HOOK_RET_STOP: goto done; default: - warningx("invalid getenv hook return value: %d", rc); + warningx2("invalid getenv hook return value: %d", rc); break; } } done: if (val != NULL) *value = val; - debug_return_int(rc); + return rc; } +/* NOTE: must not anything that might call unsetenv() */ int process_hooks_unsetenv(const char *name) { struct sudo_hook_list *hook; int rc = SUDO_HOOK_RET_NEXT; - debug_decl(process_hooks_unsetenv, SUDO_DEBUG_HOOKS) /* First process the hooks. */ for (hook = sudo_hook_unsetenv_list; hook != NULL; hook = hook->next) { @@ -155,12 +155,12 @@ process_hooks_unsetenv(const char *name) case SUDO_HOOK_RET_STOP: goto done; default: - warningx("invalid unsetenv hook return value: %d", rc); + warningx2("invalid unsetenv hook return value: %d", rc); break; } } done: - debug_return_int(rc); + return rc; } /* Hook registration internals. */ -- cgit v1.2.1 From 94c66f7949af0a9b4a1af3a881c4e2fd6ab01fd4 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Mon, 13 Aug 2012 14:49:26 -0400 Subject: Add missing check for I/O plugin API version when checking for the presence of I/O plugin hooks. --- src/load_plugins.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/load_plugins.c b/src/load_plugins.c index 767f8ee70..872536fb0 100644 --- a/src/load_plugins.c +++ b/src/load_plugins.c @@ -159,7 +159,9 @@ sudo_load_plugins(struct plugin_container *policy_plugin, if (policy_plugin->u.policy->version >= SUDO_API_MKVERSION(1, 2)) { if (policy_plugin->u.policy->register_hooks != NULL) policy_plugin->u.policy->register_hooks(SUDO_HOOK_VERSION, register_hook); - tq_foreach_fwd(io_plugins, container) { + } + tq_foreach_fwd(io_plugins, container) { + if (container->u.io->version >= SUDO_API_MKVERSION(1, 2)) { if (container->u.io->register_hooks != NULL) container->u.io->register_hooks(SUDO_HOOK_VERSION, register_hook); } -- cgit v1.2.1 From 2d638e7ddeb4128f1f8c3de7821812c7c40fed88 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Mon, 13 Aug 2012 14:51:09 -0400 Subject: sudo 1.8.5p3 --- NEWS | 5 +++++ configure | 18 +++++++++--------- configure.in | 2 +- 3 files changed, 15 insertions(+), 10 deletions(-) diff --git a/NEWS b/NEWS index 34e7b9a58..aa31ee5d3 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,8 @@ +What's new in Sudo 1.8.5p3? + + * Fixed the loading of I/O plugins that conform to a plugin API + version older than 1.2. + What's new in Sudo 1.8.5p2? * Fixed use of the SUDO_ASKPASS environment variable which was diff --git a/configure b/configure index dbb78dd6b..6987c3255 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.68 for sudo 1.8.5p1. +# Generated by GNU Autoconf 2.68 for sudo 1.8.5p3. # # Report bugs to . # @@ -570,8 +570,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='sudo' PACKAGE_TARNAME='sudo' -PACKAGE_VERSION='1.8.5p1' -PACKAGE_STRING='sudo 1.8.5p1' +PACKAGE_VERSION='1.8.5p3' +PACKAGE_STRING='sudo 1.8.5p3' PACKAGE_BUGREPORT='http://www.sudo.ws/bugs/' PACKAGE_URL='' @@ -1447,7 +1447,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures sudo 1.8.5p1 to adapt to many kinds of systems. +\`configure' configures sudo 1.8.5p3 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1512,7 +1512,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of sudo 1.8.5p1:";; + short | recursive ) echo "Configuration of sudo 1.8.5p3:";; esac cat <<\_ACEOF @@ -1730,7 +1730,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -sudo configure 1.8.5p1 +sudo configure 1.8.5p3 generated by GNU Autoconf 2.68 Copyright (C) 2010 Free Software Foundation, Inc. @@ -2434,7 +2434,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by sudo $as_me 1.8.5p1, which was +It was created by sudo $as_me 1.8.5p3, which was generated by GNU Autoconf 2.68. Invocation command line was $ $0 $@ @@ -20682,7 +20682,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by sudo $as_me 1.8.5p1, which was +This file was extended by sudo $as_me 1.8.5p3, which was generated by GNU Autoconf 2.68. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -20748,7 +20748,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -sudo config.status 1.8.5p1 +sudo config.status 1.8.5p3 configured by $0, generated by GNU Autoconf 2.68, with options \\"\$ac_cs_config\\" diff --git a/configure.in b/configure.in index c7d09be4d..8a3b3face 100644 --- a/configure.in +++ b/configure.in @@ -3,7 +3,7 @@ dnl Process this file with GNU autoconf to produce a configure script. dnl dnl Copyright (c) 1994-1996,1998-2012 Todd C. Miller dnl -AC_INIT([sudo], [1.8.5p1], [http://www.sudo.ws/bugs/], [sudo]) +AC_INIT([sudo], [1.8.5p3], [http://www.sudo.ws/bugs/], [sudo]) AC_CONFIG_HEADER([config.h pathnames.h]) dnl dnl Note: this must come after AC_INIT -- cgit v1.2.1 -- cgit v1.2.1 -- cgit v1.2.1 -- cgit v1.2.1 From 748b52bcfaa98265069d10fe588e3425c60749f2 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Sun, 16 Sep 2012 18:40:39 -0400 Subject: When setting the signal handler for SIGTSTP to the default value in non-I/O log mode, store the old handler value for when we restore it after resume. --- src/exec.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/exec.c b/src/exec.c index 1c6427afb..f88054c7f 100644 --- a/src/exec.c +++ b/src/exec.c @@ -576,7 +576,7 @@ handle_signals(int sv[2], pid_t child, int log_io, struct command_status *cstat) zero_bytes(&sa, sizeof(sa)); sigemptyset(&sa.sa_mask); sa.sa_handler = SIG_DFL; - sigaction(SIGTSTP, &sa, NULL); + sigaction(SIGTSTP, &sa, &osa); } if (kill(getpid(), signo) != 0) warning("kill(%d, SIG%s)", (int)getpid(), signame); -- cgit v1.2.1 From 2d54239bdc14a82f3b951644723082395c45f61f Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Sun, 16 Sep 2012 21:04:33 -0400 Subject: Sudo 1.8.6p2 --- NEWS | 6 ++++++ configure | 18 +++++++++--------- configure.in | 2 +- 3 files changed, 16 insertions(+), 10 deletions(-) diff --git a/NEWS b/NEWS index 72e01d4d7..f2afb0708 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,9 @@ +What's new in Sudo 1.8.6p2? + + * Fixed suspending a command after it has already been resumed + once when I/O logging (or use_pty) is not enabled. + This was a regression introduced in version 1.8.6. + What's new in Sudo 1.8.6p1? * Fixed the setting of LOGNAME, USER and USERNAME variables in the diff --git a/configure b/configure index 179115f86..928c64489 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.68 for sudo 1.8.6p1. +# Generated by GNU Autoconf 2.68 for sudo 1.8.6p2. # # Report bugs to . # @@ -570,8 +570,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='sudo' PACKAGE_TARNAME='sudo' -PACKAGE_VERSION='1.8.6p1' -PACKAGE_STRING='sudo 1.8.6p1' +PACKAGE_VERSION='1.8.6p2' +PACKAGE_STRING='sudo 1.8.6p2' PACKAGE_BUGREPORT='http://www.sudo.ws/bugs/' PACKAGE_URL='' @@ -1468,7 +1468,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures sudo 1.8.6p1 to adapt to many kinds of systems. +\`configure' configures sudo 1.8.6p2 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1533,7 +1533,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of sudo 1.8.6p1:";; + short | recursive ) echo "Configuration of sudo 1.8.6p2:";; esac cat <<\_ACEOF @@ -1759,7 +1759,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -sudo configure 1.8.6p1 +sudo configure 1.8.6p2 generated by GNU Autoconf 2.68 Copyright (C) 2010 Free Software Foundation, Inc. @@ -2463,7 +2463,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by sudo $as_me 1.8.6p1, which was +It was created by sudo $as_me 1.8.6p2, which was generated by GNU Autoconf 2.68. Invocation command line was $ $0 $@ @@ -21495,7 +21495,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by sudo $as_me 1.8.6p1, which was +This file was extended by sudo $as_me 1.8.6p2, which was generated by GNU Autoconf 2.68. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -21561,7 +21561,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -sudo config.status 1.8.6p1 +sudo config.status 1.8.6p2 configured by $0, generated by GNU Autoconf 2.68, with options \\"\$ac_cs_config\\" diff --git a/configure.in b/configure.in index 99499a75d..77b2a1641 100644 --- a/configure.in +++ b/configure.in @@ -3,7 +3,7 @@ dnl Process this file with GNU autoconf to produce a configure script. dnl dnl Copyright (c) 1994-1996,1998-2012 Todd C. Miller dnl -AC_INIT([sudo], [1.8.6p1], [http://www.sudo.ws/bugs/], [sudo]) +AC_INIT([sudo], [1.8.6p2], [http://www.sudo.ws/bugs/], [sudo]) AC_CONFIG_HEADER([config.h pathnames.h]) dnl dnl Note: this must come after AC_INIT -- cgit v1.2.1 -- cgit v1.2.1 From 714423feaaf45765cb3902078d5e58e03a46d64b Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Mon, 17 Sep 2012 10:53:46 -0400 Subject: Avoid calling fclose(NULL) in the error path when we cannot open an I/O log file. --- plugins/sudoers/sudoreplay.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/plugins/sudoers/sudoreplay.c b/plugins/sudoers/sudoreplay.c index 2abbf1b7c..a61c0f5c2 100644 --- a/plugins/sudoers/sudoreplay.c +++ b/plugins/sudoers/sudoreplay.c @@ -884,7 +884,8 @@ parse_logfile(char *logfile) debug_return_ptr(li); bad: - fclose(fp); + if (fp != NULL) + fclose(fp); efree(buf); free_log_info(li); debug_return_ptr(NULL); -- cgit v1.2.1 From 513c3869f4e0ed9589554ebdfd5e1ba49bab9782 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Mon, 17 Sep 2012 13:20:30 -0400 Subject: Fall back on lstat(2) if d_type in struct dirent is DT_UNKNOWN. Not all file systems support d_type. Bug #572 --- plugins/sudoers/sudoreplay.c | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) diff --git a/plugins/sudoers/sudoreplay.c b/plugins/sudoers/sudoreplay.c index a61c0f5c2..adbc9bab6 100644 --- a/plugins/sudoers/sudoreplay.c +++ b/plugins/sudoers/sudoreplay.c @@ -968,6 +968,11 @@ find_sessions(const char *dir, REGEX_T *re, const char *user, const char *tty) size_t sdlen, sessions_len = 0, sessions_size = 36*36; int i, len; char pathbuf[PATH_MAX], **sessions = NULL; +#ifdef HAVE_STRUCT_DIRENT_D_TYPE + bool checked_type = true; +#else + const bool checked_type = false; +#endif debug_decl(find_sessions, SUDO_DEBUG_UTIL) d = opendir(dir); @@ -991,8 +996,14 @@ find_sessions(const char *dir, REGEX_T *re, const char *user, const char *tty) (dp->d_name[1] == '.' && dp->d_name[2] == '\0'))) continue; #ifdef HAVE_STRUCT_DIRENT_D_TYPE - if (dp->d_type != DT_DIR) - continue; + if (checked_type) { + if (dp->d_type != DT_DIR) { + /* Not all file systems support d_type. */ + if (dp->d_type != DT_UNKNOWN) + continue; + checked_type = false; + } + } #endif /* Add name to session list. */ @@ -1021,9 +1032,7 @@ find_sessions(const char *dir, REGEX_T *re, const char *user, const char *tty) } else { /* Strip off "/log" and recurse if a dir. */ pathbuf[sdlen + len - 4] = '\0'; -#ifndef HAVE_STRUCT_DIRENT_D_TYPE - if (lstat(pathbuf, &sb) == 0 && S_ISDIR(sb.st_mode)) -#endif + if (checked_type || (lstat(pathbuf, &sb) == 0 && S_ISDIR(sb.st_mode))) find_sessions(pathbuf, re, user, tty); } } -- cgit v1.2.1 From 959c1fd67b3346bfb9d67e6b8cbe16e7bded422a Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Mon, 17 Sep 2012 22:09:00 -0400 Subject: Don't use embedded newline when matching, use \n. This got expanded at some point. Bug #573 --- doc/fixman.sh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/doc/fixman.sh b/doc/fixman.sh index f0f9e1038..e57dcccbf 100755 --- a/doc/fixman.sh +++ b/doc/fixman.sh @@ -20,8 +20,7 @@ case "$OUTFILE" in cat >>"$OUTFILE" <<-'EOF' /^\\fR0\\fR$/ { N - s/^\\fR0\\fR\ - minutes\.$/unlimited./ + s/^\\fR0\\fR\nminutes\.$/unlimited./ } EOF -- cgit v1.2.1 From aaa0fc6c27c7b03e08784c17dc3469a30f7d1654 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Tue, 18 Sep 2012 09:41:58 -0400 Subject: sudo 1.8.6p3 --- NEWS | 8 ++++++++ configure | 18 +++++++++--------- configure.in | 2 +- 3 files changed, 18 insertions(+), 10 deletions(-) diff --git a/NEWS b/NEWS index f2afb0708..0a0cf11dd 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,11 @@ +What's new in Sudo 1.8.6p3? + + * Fixed post-processing of the man pages on systems with legacy + versions of sed. + + * Fixed "sudoreplay -l" on Linux systems with file systems that + set DT_UNKNOWN in the d_type field of struct dirent. + What's new in Sudo 1.8.6p2? * Fixed suspending a command after it has already been resumed diff --git a/configure b/configure index 928c64489..4969bcc5d 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.68 for sudo 1.8.6p2. +# Generated by GNU Autoconf 2.68 for sudo 1.8.6p3. # # Report bugs to . # @@ -570,8 +570,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='sudo' PACKAGE_TARNAME='sudo' -PACKAGE_VERSION='1.8.6p2' -PACKAGE_STRING='sudo 1.8.6p2' +PACKAGE_VERSION='1.8.6p3' +PACKAGE_STRING='sudo 1.8.6p3' PACKAGE_BUGREPORT='http://www.sudo.ws/bugs/' PACKAGE_URL='' @@ -1468,7 +1468,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures sudo 1.8.6p2 to adapt to many kinds of systems. +\`configure' configures sudo 1.8.6p3 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1533,7 +1533,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of sudo 1.8.6p2:";; + short | recursive ) echo "Configuration of sudo 1.8.6p3:";; esac cat <<\_ACEOF @@ -1759,7 +1759,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -sudo configure 1.8.6p2 +sudo configure 1.8.6p3 generated by GNU Autoconf 2.68 Copyright (C) 2010 Free Software Foundation, Inc. @@ -2463,7 +2463,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by sudo $as_me 1.8.6p2, which was +It was created by sudo $as_me 1.8.6p3, which was generated by GNU Autoconf 2.68. Invocation command line was $ $0 $@ @@ -21495,7 +21495,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by sudo $as_me 1.8.6p2, which was +This file was extended by sudo $as_me 1.8.6p3, which was generated by GNU Autoconf 2.68. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -21561,7 +21561,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -sudo config.status 1.8.6p2 +sudo config.status 1.8.6p3 configured by $0, generated by GNU Autoconf 2.68, with options \\"\$ac_cs_config\\" diff --git a/configure.in b/configure.in index 77b2a1641..62293a575 100644 --- a/configure.in +++ b/configure.in @@ -3,7 +3,7 @@ dnl Process this file with GNU autoconf to produce a configure script. dnl dnl Copyright (c) 1994-1996,1998-2012 Todd C. Miller dnl -AC_INIT([sudo], [1.8.6p2], [http://www.sudo.ws/bugs/], [sudo]) +AC_INIT([sudo], [1.8.6p3], [http://www.sudo.ws/bugs/], [sudo]) AC_CONFIG_HEADER([config.h pathnames.h]) dnl dnl Note: this must come after AC_INIT -- cgit v1.2.1 -- cgit v1.2.1 From 4131b23c8be1dc82c427b47a5e9ea205ecc9da6b Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Tue, 6 Nov 2012 11:08:53 -0500 Subject: Add preinstall target that runs SUDO_PREINSTALL_CMD. Used to fixup the rpath in HP-UX SOM shared libraries for the LDAP libs. --- plugins/sudoers/Makefile.in | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/plugins/sudoers/Makefile.in b/plugins/sudoers/Makefile.in index 74e7bd92e..0eac93a32 100644 --- a/plugins/sudoers/Makefile.in +++ b/plugins/sudoers/Makefile.in @@ -278,7 +278,12 @@ install-includes: install-doc: install-dirs @LDAP@$(INSTALL) -O $(install_uid) -G $(install_gid) -m 0755 $(srcdir)/sudoers2ldif $(DESTDIR)$(docdir) -install-plugin: sudoers.la install-dirs +preinstall: + if [ X"$$SUDO_PREINSTALL_CMD" != X"" ]; then \ + exec $$SUDO_PREINSTALL_CMD; \ + fi + +install-plugin: sudoers.la install-dirs preinstall if [ X"$(soext)" != X"" ]; then \ $(INSTALL) -b~ -O $(install_uid) -G $(install_gid) -m $(shlib_mode) .libs/sudoers$(soext) $(DESTDIR)$(plugindir); \ fi -- cgit v1.2.1 From e4252c9486e59fc7d930136b58c4d1f52e0e4416 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Tue, 13 Nov 2012 09:41:52 -0500 Subject: Fold preinstall into install-plugin and pass the path to the plugin binary to the preinstall command. --- plugins/sudoers/Makefile.in | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/plugins/sudoers/Makefile.in b/plugins/sudoers/Makefile.in index 0eac93a32..6eeb89f33 100644 --- a/plugins/sudoers/Makefile.in +++ b/plugins/sudoers/Makefile.in @@ -278,13 +278,10 @@ install-includes: install-doc: install-dirs @LDAP@$(INSTALL) -O $(install_uid) -G $(install_gid) -m 0755 $(srcdir)/sudoers2ldif $(DESTDIR)$(docdir) -preinstall: - if [ X"$$SUDO_PREINSTALL_CMD" != X"" ]; then \ - exec $$SUDO_PREINSTALL_CMD; \ - fi - -install-plugin: sudoers.la install-dirs preinstall +install-plugin: sudoers.la install-dirs if [ X"$(soext)" != X"" ]; then \ + test X"$$SUDO_PREINSTALL_CMD" != X"" && \ + $$SUDO_PREINSTALL_CMD .libs/sudoers$(soext); \ $(INSTALL) -b~ -O $(install_uid) -G $(install_gid) -m $(shlib_mode) .libs/sudoers$(soext) $(DESTDIR)$(plugindir); \ fi -- cgit v1.2.1 From dc45d2e7d022a3075cb2bb1d0dd3a93dab60fdb4 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Mon, 24 Sep 2012 15:06:14 -0400 Subject: Fix running commands that need the terminal in the background when I/O logging is enabled. E.g. "sudo vi &". When the command is foregrounded, it will now resume properly. --- src/exec_pty.c | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/src/exec_pty.c b/src/exec_pty.c index 6c53ee5b1..f02b87344 100644 --- a/src/exec_pty.c +++ b/src/exec_pty.c @@ -93,7 +93,7 @@ static char slavename[PATH_MAX]; static bool foreground, pipeline, tty_initialized; static int io_fds[6] = { -1, -1, -1, -1, -1, -1}; static int ttymode = TERM_COOKED; -static pid_t ppgrp, cmnd_pgrp; +static pid_t ppgrp, cmnd_pgrp, mon_pgrp; static sigset_t ttyblock; static struct io_buffer *iobufs; @@ -850,7 +850,7 @@ deliver_signal(pid_t pid, int signo, bool from_parent) case SIGCONT_BG: /* Continue in background, I take controlling tty. */ do { - status = tcsetpgrp(io_fds[SFD_SLAVE], getpid()); + status = tcsetpgrp(io_fds[SFD_SLAVE], mon_pgrp); } while (status == -1 && errno == EINTR); killpg(pid, SIGCONT); break; @@ -920,9 +920,12 @@ handle_sigchld(int backchannel, struct command_status *cstat) snprintf(signame, sizeof(signame), "%d", WSTOPSIG(status)); sudo_debug_printf(SUDO_DEBUG_INFO, "command stopped, SIG%s", signame); + /* Saved the foreground pgid so we can restore it later. */ do { - cmnd_pgrp = tcgetpgrp(io_fds[SFD_SLAVE]); - } while (cmnd_pgrp == -1 && errno == EINTR); + pid = tcgetpgrp(io_fds[SFD_SLAVE]); + } while (pid == -1 && errno == EINTR); + if (pid != mon_pgrp) + cmnd_pgrp = pid; if (send_status(backchannel, cstat) == -1) return alive; /* XXX */ } else if (WIFSIGNALED(status)) { @@ -955,7 +958,7 @@ exec_monitor(struct command_details *details, int backchannel) struct timeval tv; fd_set *fdsr; sigaction_t sa; - int errpipe[2], maxfd, n, status; + int errpipe[2], maxfd, n; bool alive = true; unsigned char signo; debug_decl(exec_monitor, SUDO_DEBUG_EXEC); @@ -1032,6 +1035,8 @@ exec_monitor(struct command_details *details, int backchannel) #endif } + mon_pgrp = getpgrp(); /* save a copy of our process group */ + /* * If stdin/stdout is not a tty, start command in the background * since it might be part of a pipeline that reads from /dev/tty. @@ -1088,8 +1093,8 @@ exec_monitor(struct command_details *details, int backchannel) setpgid(cmnd_pid, cmnd_pgrp); if (foreground) { do { - status = tcsetpgrp(io_fds[SFD_SLAVE], cmnd_pgrp); - } while (status == -1 && errno == EINTR); + n = tcsetpgrp(io_fds[SFD_SLAVE], cmnd_pgrp); + } while (n == -1 && errno == EINTR); } /* Wait for errno on pipe, signal on backchannel or for SIGCHLD */ -- cgit v1.2.1 From 612aa3150af05add1c9d6521088a1909b06a0e0b Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Fri, 26 Oct 2012 10:27:56 -0400 Subject: Allow sudo to be build with sss support without also including ldap support. From Stephane Graber. --- doc/CONTRIBUTORS | 1 + plugins/sudoers/sudo_nss.c | 4 ++++ 2 files changed, 5 insertions(+) diff --git a/doc/CONTRIBUTORS b/doc/CONTRIBUTORS index 275446192..fe5db7cfa 100644 --- a/doc/CONTRIBUTORS +++ b/doc/CONTRIBUTORS @@ -45,6 +45,7 @@ you believe you should be listed, please send a note to sudo@sudo.ws. Marc Espie Ariel Faigon Brian Farrell + Stephane Graber Steve Fobes Mike Frysinger Jean-loup Gailly diff --git a/plugins/sudoers/sudo_nss.c b/plugins/sudoers/sudo_nss.c index da3333f10..83a3fe912 100644 --- a/plugins/sudoers/sudo_nss.c +++ b/plugins/sudoers/sudo_nss.c @@ -89,9 +89,11 @@ sudo_read_nss(void) if (strcasecmp(cp, "files") == 0 && !saw_files) { tq_append(&snl, &sudo_nss_file); got_match = true; +#ifdef HAVE_LDAP } else if (strcasecmp(cp, "ldap") == 0 && !saw_ldap) { tq_append(&snl, &sudo_nss_ldap); got_match = true; +#endif #ifdef HAVE_SSSD } else if (strcasecmp(cp, "sss") == 0 && !saw_sss) { tq_append(&snl, &sudo_nss_sss); @@ -171,11 +173,13 @@ sudo_read_nss(void) tq_append(&snl, &sudo_nss_file); got_match = true; ep = &cp[5]; +#ifdef HAVE_LDAP } else if (!saw_ldap && strncasecmp(cp, "ldap", 4) == 0 && (isspace((unsigned char)cp[4]) || cp[4] == '\0')) { tq_append(&snl, &sudo_nss_ldap); got_match = true; ep = &cp[4]; +#endif #ifdef HAVE_SSSD } else if (!saw_sss && strncasecmp(cp, "sss", 3) == 0 && (isspace((unsigned char)cp[3]) || cp[3] == '\0')) { -- cgit v1.2.1 From 2a079ed6337e2f5211707fe2a08913787d448592 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Tue, 6 Nov 2012 11:00:22 -0500 Subject: The -a option should be #ifdef HAVE_BSD_AUTH_H, not -A. --- src/parse_args.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/parse_args.c b/src/parse_args.c index 1ee85a25b..532b41be6 100644 --- a/src/parse_args.c +++ b/src/parse_args.c @@ -535,12 +535,12 @@ help(void) usage(0); lbuf_append(&lbuf, _("\nOptions:\n")); -#ifdef HAVE_BSD_AUTH_H lbuf_append(&lbuf, " -A %s", _("use helper program for password prompting\n")); -#endif +#ifdef HAVE_BSD_AUTH_H lbuf_append(&lbuf, " -a type %s", _("use specified BSD authentication type\n")); +#endif lbuf_append(&lbuf, " -b %s", _("run command in the background\n")); lbuf_append(&lbuf, " -C fd %s", -- cgit v1.2.1 From 8bd6d41515e4437f2f06d61451f9604cea4e8a2c Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Tue, 6 Nov 2012 11:19:51 -0500 Subject: Do not inform the user that the command was not permitted by the policy if they do not successfully authenticate. This is a regression introduced in sudo 1.8.6. --- plugins/sudoers/audit.c | 5 +++++ plugins/sudoers/logging.c | 16 ++++++++-------- plugins/sudoers/logging.h | 1 + plugins/sudoers/sudoers.c | 2 +- 4 files changed, 15 insertions(+), 9 deletions(-) diff --git a/plugins/sudoers/audit.c b/plugins/sudoers/audit.c index d2dcca353..e6baadb9b 100644 --- a/plugins/sudoers/audit.c +++ b/plugins/sudoers/audit.c @@ -26,6 +26,11 @@ # include # endif #endif /* STDC_HEADERS */ +#ifdef HAVE_STDBOOL_H +# include +#else +# include "compat/stdbool.h" +#endif /* HAVE_STDBOOL_H */ #include #include "missing.h" diff --git a/plugins/sudoers/logging.c b/plugins/sudoers/logging.c index 11166101f..c122b3534 100644 --- a/plugins/sudoers/logging.c +++ b/plugins/sudoers/logging.c @@ -247,14 +247,20 @@ do_logfile(char *msg) } /* - * Log and mail the denial message, optionally informing the user. + * Log, audit and mail the denial message, optionally informing the user. */ -static void +void log_denial(int status, bool inform_user) { char *logline, *message; debug_decl(log_denial, SUDO_DEBUG_LOGGING) + /* Handle auditing first. */ + if (ISSET(status, FLAG_NO_USER | FLAG_NO_HOST)) + audit_failure(NewArgv, _("No user or host")); + else + audit_failure(NewArgv, _("validation failure")); + /* Set error message. */ if (ISSET(status, FLAG_NO_USER)) message = _("user NOT in sudoers"); @@ -312,12 +318,6 @@ log_failure(int status, int flags) debug_decl(log_failure, SUDO_DEBUG_LOGGING) bool inform_user = true; - /* Handle auditing first. */ - if (ISSET(status, FLAG_NO_USER | FLAG_NO_HOST)) - audit_failure(NewArgv, _("No user or host")); - else - audit_failure(NewArgv, _("validation failure")); - /* The user doesn't always get to see the log message (path info). */ if (!ISSET(status, FLAG_NO_USER | FLAG_NO_HOST) && def_path_info && (flags == NOT_FOUND_DOT || flags == NOT_FOUND)) diff --git a/plugins/sudoers/logging.h b/plugins/sudoers/logging.h index 648c2f601..81b73c0c4 100644 --- a/plugins/sudoers/logging.h +++ b/plugins/sudoers/logging.h @@ -56,6 +56,7 @@ void audit_success(char *exec_args[]); void audit_failure(char *exec_args[], char const *const fmt, ...); void log_allowed(int status); void log_auth_failure(int status, int tries); +void log_denial(int status, bool inform_user); void log_failure(int status, int flags); void log_error(int flags, const char *fmt, ...) __printflike(2, 3); void log_fatal(int flags, const char *fmt, ...) __printflike(2, 3) __attribute__((__noreturn__)); diff --git a/plugins/sudoers/sudoers.c b/plugins/sudoers/sudoers.c index fc2a51c68..b4f9a3a45 100644 --- a/plugins/sudoers/sudoers.c +++ b/plugins/sudoers/sudoers.c @@ -466,7 +466,7 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[], rval = check_user(validated, sudo_mode); if (rval != true) { if (!ISSET(validated, VALIDATE_OK)) - log_failure(validated, cmnd_status); + log_denial(validated, false); goto done; } -- cgit v1.2.1 From 4b3d850f7a36aa406ac4f36b40c004048395f829 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Sun, 25 Nov 2012 08:12:54 -0500 Subject: Avoid NULL deref for unknown Defaults in strict mode. --- plugins/sudoers/visudo.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/sudoers/visudo.c b/plugins/sudoers/visudo.c index 55c57fdd5..11617099d 100644 --- a/plugins/sudoers/visudo.c +++ b/plugins/sudoers/visudo.c @@ -840,7 +840,7 @@ check_syntax(char *sudoers_path, bool quiet, bool strict, bool oldperms) if (errorlineno != -1) (void) printf(_("parse error in %s near line %d\n"), errorfile, errorlineno); - else + else if (errorfile != NULL) (void) printf(_("parse error in %s\n"), errorfile); } } else { -- cgit v1.2.1 From 39d2c0728935af2fba877fab854a839e197260cb Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Thu, 27 Dec 2012 16:25:51 -0500 Subject: Disable PIE on FreeBSD/ia64, otherwise sudo will segfault. --- configure | 5 +++++ configure.in | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/configure b/configure index 4969bcc5d..bae91d1ea 100755 --- a/configure +++ b/configure @@ -14443,6 +14443,11 @@ done CHECKSHADOW="false" test -z "$with_pam" && AUTH_EXCL_DEF="PAM" : ${with_logincap='maybe'} + # PIE is broken on FreeBSD/ia64 + case "$host_cpu" in + ia64*) + enable_pie=no;; + esac ;; *-*-*openbsd*) # OpenBSD has a real setreuid(2) starting with 3.3 but diff --git a/configure.in b/configure.in index 62293a575..daaf5edfc 100644 --- a/configure.in +++ b/configure.in @@ -1884,6 +1884,11 @@ case "$host" in CHECKSHADOW="false" test -z "$with_pam" && AUTH_EXCL_DEF="PAM" : ${with_logincap='maybe'} + # PIE is broken on FreeBSD/ia64 + case "$host_cpu" in + ia64*) + enable_pie=no;; + esac ;; *-*-*openbsd*) # OpenBSD has a real setreuid(2) starting with 3.3 but -- cgit v1.2.1 From 522f2fbb33008379e73004ed574255b1c6364024 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Tue, 1 Jan 2013 13:31:40 -0500 Subject: In rbrepair(), make sure we never try to change the color of the sentinel node, which is the first entry, not the root. From Michael King --- doc/CONTRIBUTORS | 3 ++- plugins/sudoers/redblack.c | 6 +++--- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/doc/CONTRIBUTORS b/doc/CONTRIBUTORS index fe5db7cfa..147ce07e8 100644 --- a/doc/CONTRIBUTORS +++ b/doc/CONTRIBUTORS @@ -72,6 +72,7 @@ you believe you should be listed, please send a note to sudo@sudo.ws. Stepan Kasal Mike Kienenberger Dale King + Michael King Jim Knoble Tim Knox Alek O. Komarnitsky @@ -117,7 +118,7 @@ you believe you should be listed, please send a note to sudo@sudo.ws. Diego Elio Petteno Joel Pickett Alex Plotnick - Tran Ngoc Quan + Tran Ngoc Quan Gudleik Rasch Matt Richards Guido van Rossum diff --git a/plugins/sudoers/redblack.c b/plugins/sudoers/redblack.c index 584f2c0aa..f1b8321fb 100644 --- a/plugins/sudoers/redblack.c +++ b/plugins/sudoers/redblack.c @@ -413,7 +413,7 @@ rbrepair(struct rbtree *tree, struct rbnode *node) struct rbnode *sibling; debug_decl(rbrepair, SUDO_DEBUG_RBTREE) - while (node->color == black && node != rbroot(tree)) { + while (node->color == black && node != rbfirst(tree)) { if (node == node->parent->left) { sibling = node->parent->right; if (sibling->color == red) { @@ -436,7 +436,7 @@ rbrepair(struct rbtree *tree, struct rbnode *node) node->parent->color = black; sibling->right->color = black; rotate_left(tree, node->parent); - node = rbroot(tree); /* exit loop */ + node = rbfirst(tree); /* exit loop */ } } else { /* if (node == node->parent->right) */ sibling = node->parent->left; @@ -460,7 +460,7 @@ rbrepair(struct rbtree *tree, struct rbnode *node) node->parent->color = black; sibling->left->color = black; rotate_right(tree, node->parent); - node = rbroot(tree); /* exit loop */ + node = rbfirst(tree); /* exit loop */ } } } -- cgit v1.2.1 From 749500940c30899e0de37cb902accbc586f4b47e Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Thu, 3 Jan 2013 14:20:49 -0500 Subject: Break out stack smashing protector options into SSP_CFLAGS and SSP_LDFLAGS so we can use it everywhere (unlike LT_LDFLAGS). --- common/Makefile.in | 34 +++++----- compat/Makefile.in | 62 ++++++++++-------- configure | 8 ++- configure.in | 6 +- plugins/sample/Makefile.in | 8 ++- plugins/sample_group/Makefile.in | 10 ++- plugins/sudoers/Makefile.in | 138 ++++++++++++++++++++------------------- plugins/system_group/Makefile.in | 8 ++- src/Makefile.in | 52 ++++++++------- 9 files changed, 180 insertions(+), 146 deletions(-) diff --git a/common/Makefile.in b/common/Makefile.in index 30360908e..c21695fc6 100644 --- a/common/Makefile.in +++ b/common/Makefile.in @@ -50,6 +50,10 @@ CFLAGS = @CFLAGS@ PIE_CFLAGS = @PIE_CFLAGS@ PIE_LDFLAGS = @PIE_LDFLAGS@ +# Stack smashing protection flags +SSP_CFLAGS = @SSP_CFLAGS@ +SSP_LDFLAGS = @SSP_LDFLAGS@ + # OS dependent defines DEFS = @OSDEFS@ -D_PATH_SUDO_CONF=\"$(sysconfdir)/sudo.conf\" @@ -69,7 +73,7 @@ Makefile: $(srcdir)/Makefile.in .SUFFIXES: .c .h .lo .c.lo: - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $< + $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $< libcommon.la: $(LTOBJS) $(LIBTOOL) --mode=link $(CC) -o $@ $(LTOBJS) -no-install @@ -111,52 +115,52 @@ cleandir: realclean aix.lo: $(srcdir)/aix.c $(top_builddir)/config.h $(incdir)/missing.h \ $(incdir)/alloc.h $(incdir)/error.h $(incdir)/sudo_debug.h \ $(incdir)/gettext.h - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/aix.c + $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/aix.c alloc.lo: $(srcdir)/alloc.c $(top_builddir)/config.h $(incdir)/missing.h \ $(incdir)/alloc.h $(incdir)/error.h $(incdir)/gettext.h - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/alloc.c + $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/alloc.c atobool.lo: $(srcdir)/atobool.c $(top_builddir)/config.h $(incdir)/missing.h \ $(incdir)/sudo_debug.h - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/atobool.c + $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/atobool.c fileops.lo: $(srcdir)/fileops.c $(top_builddir)/config.h \ $(top_srcdir)/compat/stdbool.h $(top_srcdir)/compat/timespec.h \ $(incdir)/missing.h $(incdir)/fileops.h $(incdir)/sudo_debug.h - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/fileops.c + $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/fileops.c fmt_string.lo: $(srcdir)/fmt_string.c $(top_builddir)/config.h \ $(incdir)/missing.h $(incdir)/sudo_debug.h - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/fmt_string.c + $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/fmt_string.c lbuf.lo: $(srcdir)/lbuf.c $(top_builddir)/config.h $(incdir)/missing.h \ $(incdir)/alloc.h $(incdir)/error.h $(incdir)/lbuf.h \ $(incdir)/sudo_debug.h - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/lbuf.c + $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/lbuf.c list.lo: $(srcdir)/list.c $(top_builddir)/config.h $(incdir)/missing.h \ $(incdir)/list.h $(incdir)/error.h - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/list.c + $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/list.c secure_path.lo: $(srcdir)/secure_path.c $(top_builddir)/config.h \ $(incdir)/missing.h $(incdir)/sudo_debug.h \ $(incdir)/secure_path.h - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/secure_path.c + $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/secure_path.c setgroups.lo: $(srcdir)/setgroups.c $(top_builddir)/config.h \ $(incdir)/missing.h $(incdir)/sudo_debug.h - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/setgroups.c + $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/setgroups.c sudo_conf.lo: $(srcdir)/sudo_conf.c $(top_builddir)/config.h \ $(top_srcdir)/compat/stdbool.h $(incdir)/missing.h \ $(incdir)/alloc.h $(incdir)/error.h $(incdir)/fileops.h \ $(top_builddir)/pathnames.h $(incdir)/sudo_plugin.h \ $(incdir)/sudo_conf.h $(incdir)/list.h $(incdir)/sudo_debug.h \ $(incdir)/secure_path.h $(incdir)/gettext.h - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/sudo_conf.c + $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/sudo_conf.c sudo_debug.lo: $(srcdir)/sudo_debug.c $(top_builddir)/config.h \ $(top_srcdir)/compat/stdbool.h $(incdir)/missing.h \ $(incdir)/alloc.h $(incdir)/error.h $(incdir)/gettext.h \ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/sudo_debug.c + $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/sudo_debug.c term.lo: $(srcdir)/term.c $(top_builddir)/config.h $(incdir)/missing.h \ $(incdir)/sudo_debug.h - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/term.c + $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/term.c ttysize.lo: $(srcdir)/ttysize.c $(top_builddir)/config.h $(incdir)/missing.h \ $(incdir)/sudo_debug.h - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/ttysize.c + $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/ttysize.c zero_bytes.lo: $(srcdir)/zero_bytes.c $(top_builddir)/config.h \ $(incdir)/missing.h - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/zero_bytes.c + $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/zero_bytes.c diff --git a/compat/Makefile.in b/compat/Makefile.in index 1e111ef40..827db90ca 100644 --- a/compat/Makefile.in +++ b/compat/Makefile.in @@ -50,6 +50,10 @@ CFLAGS = @CFLAGS@ PIE_CFLAGS = @PIE_CFLAGS@ PIE_LDFLAGS = @PIE_LDFLAGS@ +# Stack smashing protection flags +SSP_CFLAGS = @SSP_CFLAGS@ +SSP_LDFLAGS = @SSP_LDFLAGS@ + # OS dependent defines DEFS = @OSDEFS@ @@ -74,10 +78,10 @@ Makefile: $(srcdir)/Makefile.in .SUFFIXES: .o .c .h .lo .c.o: - $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $< + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $< .c.lo: - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $< + $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $< libreplace.la: $(LTLIBOBJS) $(LIBTOOL) --mode=link $(CC) -o $@ $(LTLIBOBJS) -no-install @@ -89,10 +93,10 @@ signame.c: mksigname ./mksigname > $@ mksiglist: $(srcdir)/mksiglist.c $(srcdir)/mksiglist.h $(incdir)/missing.h $(top_builddir)/config.h - $(CC) $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/mksiglist.c -o $@ + $(CC) $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/mksiglist.c -o $@ mksigname: $(srcdir)/mksigname.c $(srcdir)/mksigname.h $(incdir)/missing.h $(top_builddir)/config.h - $(CC) $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/mksigname.c -o $@ + $(CC) $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/mksigname.c -o $@ fnm_test: fnm_test.o libreplace.la $(LIBTOOL) --mode=link $(CC) -o $@ fnm_test.o libreplace.la @@ -161,64 +165,64 @@ cleandir: realclean # Autogenerated dependencies, do not modify closefrom.lo: $(srcdir)/closefrom.c $(top_builddir)/config.h $(incdir)/missing.h - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/closefrom.c + $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/closefrom.c dlopen.lo: $(srcdir)/dlopen.c $(top_builddir)/config.h \ $(top_srcdir)/compat/dlfcn.h $(incdir)/missing.h - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/dlopen.c + $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/dlopen.c fnm_test.o: $(srcdir)/regress/fnmatch/fnm_test.c $(top_builddir)/config.h \ $(top_srcdir)/compat/fnmatch.h - $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/regress/fnmatch/fnm_test.c + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/regress/fnmatch/fnm_test.c fnmatch.lo: $(srcdir)/fnmatch.c $(top_builddir)/config.h $(incdir)/missing.h \ $(top_srcdir)/compat/charclass.h $(top_srcdir)/compat/fnmatch.h - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/fnmatch.c + $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/fnmatch.c getcwd.lo: $(srcdir)/getcwd.c $(top_builddir)/config.h $(incdir)/missing.h - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/getcwd.c + $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/getcwd.c getgrouplist.lo: $(srcdir)/getgrouplist.c $(top_builddir)/config.h \ $(incdir)/missing.h - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/getgrouplist.c + $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/getgrouplist.c getline.lo: $(srcdir)/getline.c $(top_builddir)/config.h $(incdir)/missing.h - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/getline.c + $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/getline.c getprogname.lo: $(srcdir)/getprogname.c $(top_builddir)/config.h \ $(incdir)/missing.h - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/getprogname.c + $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/getprogname.c glob.lo: $(srcdir)/glob.c $(top_builddir)/config.h $(incdir)/missing.h \ $(top_srcdir)/compat/glob.h $(top_srcdir)/compat/charclass.h - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/glob.c + $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/glob.c globtest.o: $(srcdir)/regress/glob/globtest.c $(top_builddir)/config.h \ $(top_srcdir)/compat/glob.h $(incdir)/missing.h - $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/regress/glob/globtest.c + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/regress/glob/globtest.c isblank.lo: $(srcdir)/isblank.c $(top_builddir)/config.h $(incdir)/missing.h - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/isblank.c + $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/isblank.c memrchr.lo: $(srcdir)/memrchr.c $(top_builddir)/config.h $(incdir)/missing.h - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/memrchr.c + $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/memrchr.c mksiglist.lo: $(srcdir)/mksiglist.c $(top_builddir)/config.h \ $(incdir)/missing.h $(top_srcdir)/compat/mksiglist.h - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/mksiglist.c + $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/mksiglist.c mksigname.lo: $(srcdir)/mksigname.c $(top_builddir)/config.h \ $(incdir)/missing.h $(top_srcdir)/compat/mksigname.h - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/mksigname.c + $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/mksigname.c mktemp.lo: $(srcdir)/mktemp.c $(top_builddir)/config.h $(incdir)/missing.h - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/mktemp.c + $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/mktemp.c nanosleep.lo: $(srcdir)/nanosleep.c $(top_builddir)/config.h \ $(top_srcdir)/compat/timespec.h $(incdir)/missing.h - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/nanosleep.c + $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/nanosleep.c pw_dup.lo: $(srcdir)/pw_dup.c $(top_builddir)/config.h - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/pw_dup.c + $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/pw_dup.c sig2str.lo: $(srcdir)/sig2str.c $(top_builddir)/config.h $(incdir)/missing.h - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/sig2str.c + $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/sig2str.c siglist.lo: siglist.c $(top_builddir)/config.h $(incdir)/missing.h - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) siglist.c + $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) siglist.c signame.lo: signame.c $(top_builddir)/config.h $(incdir)/missing.h - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) signame.c + $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) signame.c snprintf.lo: $(srcdir)/snprintf.c $(top_builddir)/config.h $(incdir)/missing.h - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/snprintf.c + $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/snprintf.c strlcat.lo: $(srcdir)/strlcat.c $(top_builddir)/config.h $(incdir)/missing.h - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/strlcat.c + $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/strlcat.c strlcpy.lo: $(srcdir)/strlcpy.c $(top_builddir)/config.h $(incdir)/missing.h - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/strlcpy.c + $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/strlcpy.c strsignal.lo: $(srcdir)/strsignal.c $(top_builddir)/config.h \ $(incdir)/missing.h $(incdir)/gettext.h - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/strsignal.c + $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/strsignal.c utimes.lo: $(srcdir)/utimes.c $(top_builddir)/config.h \ $(top_srcdir)/compat/utime.h $(incdir)/missing.h - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/utimes.c + $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/utimes.c diff --git a/configure b/configure index bae91d1ea..19413c353 100755 --- a/configure +++ b/configure @@ -695,6 +695,8 @@ timeout timedir iolog_dir NO_VIZ +SSP_CFLAGS +SSP_LDFLAGS PIE_CFLAGS PIE_LDFLAGS CROSS_COMPILING @@ -2895,6 +2897,8 @@ $as_echo "$as_me: Configuring Sudo version $PACKAGE_VERSION" >&6;} + + @@ -20820,8 +20824,8 @@ fi $as_echo "$ax_cv_check_ldflags___fstack_protector" >&6; } if test x"$ax_cv_check_ldflags___fstack_protector" = xyes; then : - CFLAGS="${CFLAGS} -fstack-protector" - LT_LDFLAGS="${LT_LDFLAGS} -Wc,-fstack-protector" + SSP_CFLAGS="-fstack-protector" + SSP_LDFLAGS="-Wc,-fstack-protector" else : diff --git a/configure.in b/configure.in index daaf5edfc..3982badf8 100644 --- a/configure.in +++ b/configure.in @@ -78,6 +78,8 @@ AC_SUBST([COMPAT_TEST_PROGS]) AC_SUBST([CROSS_COMPILING]) AC_SUBST([PIE_LDFLAGS]) AC_SUBST([PIE_CFLAGS]) +AC_SUBST([SSP_LDFLAGS]) +AC_SUBST([SSP_CFLAGS]) AC_SUBST([NO_VIZ]) dnl dnl Variables that get substituted in docs (not overridden by environment) @@ -3403,8 +3405,8 @@ dnl if test "$enable_hardening" != "no"; then AX_CHECK_COMPILE_FLAG([-fstack-protector], [ AX_CHECK_LINK_FLAG([-fstack-protector], [ - CFLAGS="${CFLAGS} -fstack-protector" - LT_LDFLAGS="${LT_LDFLAGS} -Wc,-fstack-protector" + SSP_CFLAGS="-fstack-protector" + SSP_LDFLAGS="-Wc,-fstack-protector" ]) ]) AX_CHECK_LINK_FLAG([-Wl,-z,relro], [LDFLAGS="${LDFLAGS} -Wl,-z,relro"]) diff --git a/plugins/sample/Makefile.in b/plugins/sample/Makefile.in index 953e013ca..1117133c9 100644 --- a/plugins/sample/Makefile.in +++ b/plugins/sample/Makefile.in @@ -50,6 +50,10 @@ LT_LDFLAGS = @LT_LDFLAGS@ @LT_LDMAP@ @LT_LDOPT@ @LT_LDEXPORTS@ PIE_CFLAGS = @PIE_CFLAGS@ PIE_LDFLAGS = @PIE_LDFLAGS@ +# Stack smashing protection flags +SSP_CFLAGS = @SSP_CFLAGS@ +SSP_LDFLAGS = @SSP_LDFLAGS@ + # Where to install things... prefix = @prefix@ exec_prefix = @exec_prefix@ @@ -89,7 +93,7 @@ Makefile: $(srcdir)/Makefile.in .SUFFIXES: .o .c .h .lo .c.lo: - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $< + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $< $(shlib_map): $(shlib_exp) @awk 'BEGIN { print "{\n\tglobal:" } { print "\t\t"$$0";" } END { print "\tlocal:\n\t\t*;\n};" }' $(shlib_exp) > $@ @@ -140,4 +144,4 @@ cleandir: realclean sample_plugin.lo: $(srcdir)/sample_plugin.c $(top_builddir)/config.h \ $(top_srcdir)/compat/stdbool.h $(top_builddir)/pathnames.h \ $(incdir)/sudo_plugin.h $(incdir)/missing.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/sample_plugin.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/sample_plugin.c diff --git a/plugins/sample_group/Makefile.in b/plugins/sample_group/Makefile.in index 3f82cf76b..a65c5bb6b 100644 --- a/plugins/sample_group/Makefile.in +++ b/plugins/sample_group/Makefile.in @@ -51,6 +51,10 @@ LT_LDFLAGS = @LT_LDFLAGS@ @LT_LDMAP@ @LT_LDOPT@ @LT_LDEXPORTS@ PIE_CFLAGS = @PIE_CFLAGS@ PIE_LDFLAGS = @PIE_LDFLAGS@ +# Stack smashing protection flags +SSP_CFLAGS = @SSP_CFLAGS@ +SSP_LDFLAGS = @SSP_LDFLAGS@ + # Where to install things... prefix = @prefix@ exec_prefix = @exec_prefix@ @@ -90,7 +94,7 @@ Makefile: $(srcdir)/Makefile.in .SUFFIXES: .o .c .h .lo .c.lo: - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $< + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $< $(shlib_map): $(shlib_exp) @awk 'BEGIN { print "{\n\tglobal:" } { print "\t\t"$$0";" } END { print "\tlocal:\n\t\t*;\n};" }' $(shlib_exp) > $@ @@ -139,8 +143,8 @@ cleandir: realclean # Autogenerated dependencies, do not modify getgrent.lo: $(srcdir)/getgrent.c $(top_builddir)/config.h $(incdir)/missing.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/getgrent.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/getgrent.c sample_group.lo: $(srcdir)/sample_group.c $(top_builddir)/config.h \ $(top_srcdir)/compat/stdbool.h $(incdir)/sudo_plugin.h \ $(incdir)/missing.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/sample_group.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/sample_group.c diff --git a/plugins/sudoers/Makefile.in b/plugins/sudoers/Makefile.in index 6eeb89f33..7ffc074b6 100644 --- a/plugins/sudoers/Makefile.in +++ b/plugins/sudoers/Makefile.in @@ -66,6 +66,10 @@ LT_LDFLAGS = @SUDOERS_LDFLAGS@ @LT_LDFLAGS@ @LT_LDMAP@ @LT_LDOPT@ @LT_LDEXPORTS@ PIE_CFLAGS = @PIE_CFLAGS@ PIE_LDFLAGS = @PIE_LDFLAGS@ +# Stack smashing protection flags +SSP_CFLAGS = @SSP_CFLAGS@ +SSP_LDFLAGS = @SSP_LDFLAGS@ + # Where to install things... prefix = @prefix@ exec_prefix = @exec_prefix@ @@ -160,10 +164,10 @@ all: $(PROGS) .SUFFIXES: .o .c .h .l .y .lo .c.o: - $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $< + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $< .c.lo: - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $< + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $< $(shlib_map): $(shlib_exp) @awk 'BEGIN { print "{\n\tglobal:" } { print "\t\t"$$0";" } END { print "\tlocal:\n\t\t*;\n};" }' $(shlib_exp) > $@ @@ -186,28 +190,28 @@ sudoers.la: $(SUDOERS_OBJS) $(LT_LIBS) libparsesudoers.la @LT_LDDEP@ $(LIBTOOL) @LT_STATIC@ --mode=link $(CC) $(LDFLAGS) $(LT_LDFLAGS) -o $@ $(SUDOERS_OBJS) libparsesudoers.la $(SUDOERS_LIBS) -module -avoid-version -rpath $(plugindir) visudo: libparsesudoers.la $(VISUDO_OBJS) $(LT_LIBS) - $(LIBTOOL) --mode=link $(CC) -o $@ $(VISUDO_OBJS) $(LDFLAGS) $(PIE_LDFLAGS) libparsesudoers.la $(LIBS) $(NET_LIBS) + $(LIBTOOL) --mode=link $(CC) -o $@ $(VISUDO_OBJS) $(LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) libparsesudoers.la $(LIBS) $(NET_LIBS) sudoreplay: timestr.lo $(REPLAY_OBJS) $(LT_LIBS) - $(LIBTOOL) --mode=link $(CC) -o $@ $(REPLAY_OBJS) $(LDFLAGS) $(PIE_LDFLAGS) timestr.lo $(REPLAY_LIBS) $(LIBS) + $(LIBTOOL) --mode=link $(CC) -o $@ $(REPLAY_OBJS) $(LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) timestr.lo $(REPLAY_LIBS) $(LIBS) testsudoers: libparsesudoers.la $(TEST_OBJS) $(LT_LIBS) - $(LIBTOOL) --mode=link $(CC) -o $@ $(TEST_OBJS) $(LDFLAGS) $(PIE_LDFLAGS) libparsesudoers.la $(LIBS) $(NET_LIBS) @LIBDL@ + $(LIBTOOL) --mode=link $(CC) -o $@ $(TEST_OBJS) $(LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) libparsesudoers.la $(LIBS) $(NET_LIBS) @LIBDL@ check_addr: $(CHECK_ADDR_OBJS) $(LT_LIBS) - $(LIBTOOL) --mode=link $(CC) -o $@ $(CHECK_ADDR_OBJS) $(LDFLAGS) $(PIE_LDFLAGS) $(LIBS) $(NET_LIBS) + $(LIBTOOL) --mode=link $(CC) -o $@ $(CHECK_ADDR_OBJS) $(LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBS) $(NET_LIBS) check_iolog_path: $(CHECK_IOLOG_PATH_OBJS) $(LT_LIBS) - $(LIBTOOL) --mode=link $(CC) -o $@ $(CHECK_IOLOG_PATH_OBJS) $(LDFLAGS) $(PIE_LDFLAGS) $(LIBS) + $(LIBTOOL) --mode=link $(CC) -o $@ $(CHECK_IOLOG_PATH_OBJS) $(LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBS) check_fill: $(CHECK_FILL_OBJS) $(LT_LIBS) - $(LIBTOOL) --mode=link $(CC) -o $@ $(CHECK_FILL_OBJS) $(LDFLAGS) $(PIE_LDFLAGS) $(LIBS) + $(LIBTOOL) --mode=link $(CC) -o $@ $(CHECK_FILL_OBJS) $(LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBS) check_symbols: $(CHECK_SYMBOLS_OBJS) $(LT_LIBS) - $(LIBTOOL) --mode=link $(CC) -o $@ $(CHECK_SYMBOLS_OBJS) $(LDFLAGS) $(PIE_LDFLAGS) $(LIBS) @SUDO_LIBS@ + $(LIBTOOL) --mode=link $(CC) -o $@ $(CHECK_SYMBOLS_OBJS) $(LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBS) @SUDO_LIBS@ check_wrap: $(CHECK_WRAP_OBJS) $(LT_LIBS) - $(LIBTOOL) --mode=link $(CC) -o $@ $(CHECK_WRAP_OBJS) $(LDFLAGS) $(PIE_LDFLAGS) $(LIBS) + $(LIBTOOL) --mode=link $(CC) -o $@ $(CHECK_WRAP_OBJS) $(LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBS) GENERATED = gram.h gram.c toke.c def_data.c def_data.h getdate.c @@ -409,7 +413,7 @@ afs.lo: $(authdir)/afs.c $(top_builddir)/config.h $(srcdir)/sudoers.h \ $(incdir)/list.h $(incdir)/fileops.h $(srcdir)/defaults.h \ $(devdir)/def_data.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h $(incdir)/gettext.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(authdir)/afs.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(authdir)/afs.c aix_auth.lo: $(authdir)/aix_auth.c $(top_builddir)/config.h \ $(srcdir)/sudoers.h $(top_srcdir)/compat/stdbool.h \ $(top_builddir)/pathnames.h $(incdir)/missing.h $(incdir)/error.h \ @@ -417,7 +421,7 @@ aix_auth.lo: $(authdir)/aix_auth.c $(top_builddir)/config.h \ $(srcdir)/defaults.h $(devdir)/def_data.h $(srcdir)/logging.h \ $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h \ $(incdir)/sudo_debug.h $(incdir)/gettext.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(authdir)/aix_auth.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(authdir)/aix_auth.c alias.lo: $(srcdir)/alias.c $(top_builddir)/config.h $(srcdir)/sudoers.h \ $(top_srcdir)/compat/stdbool.h $(top_builddir)/pathnames.h \ $(incdir)/missing.h $(incdir)/error.h $(incdir)/alloc.h \ @@ -425,32 +429,32 @@ alias.lo: $(srcdir)/alias.c $(top_builddir)/config.h $(srcdir)/sudoers.h \ $(devdir)/def_data.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h $(incdir)/gettext.h \ $(srcdir)/parse.h $(srcdir)/redblack.h $(devdir)/gram.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/alias.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/alias.c audit.lo: $(srcdir)/audit.c $(top_builddir)/config.h $(incdir)/missing.h \ $(srcdir)/logging.h $(incdir)/sudo_debug.h $(srcdir)/bsm_audit.h \ $(srcdir)/linux_audit.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/audit.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/audit.c boottime.lo: $(srcdir)/boottime.c $(top_builddir)/config.h $(incdir)/missing.h \ $(incdir)/sudo_debug.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/boottime.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/boottime.c bsdauth.lo: $(authdir)/bsdauth.c $(top_builddir)/config.h $(srcdir)/sudoers.h \ $(top_srcdir)/compat/stdbool.h $(top_builddir)/pathnames.h \ $(incdir)/missing.h $(incdir)/error.h $(incdir)/alloc.h \ $(incdir)/list.h $(incdir)/fileops.h $(srcdir)/defaults.h \ $(devdir)/def_data.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h $(incdir)/gettext.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(authdir)/bsdauth.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(authdir)/bsdauth.c bsm_audit.lo: $(srcdir)/bsm_audit.c $(top_builddir)/config.h \ $(incdir)/gettext.h $(incdir)/error.h $(incdir)/sudo_debug.h \ $(srcdir)/bsm_audit.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/bsm_audit.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/bsm_audit.c check.lo: $(srcdir)/check.c $(top_builddir)/config.h $(srcdir)/sudoers.h \ $(top_srcdir)/compat/stdbool.h $(top_builddir)/pathnames.h \ $(incdir)/missing.h $(incdir)/error.h $(incdir)/alloc.h \ $(incdir)/list.h $(incdir)/fileops.h $(srcdir)/defaults.h \ $(devdir)/def_data.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h $(incdir)/gettext.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/check.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/check.c check_addr.o: $(srcdir)/regress/parser/check_addr.c $(top_builddir)/config.h \ $(srcdir)/sudoers.h $(top_srcdir)/compat/stdbool.h \ $(top_builddir)/pathnames.h $(incdir)/missing.h \ @@ -459,12 +463,12 @@ check_addr.o: $(srcdir)/regress/parser/check_addr.c $(top_builddir)/config.h \ $(srcdir)/logging.h $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h \ $(incdir)/sudo_debug.h $(incdir)/gettext.h $(srcdir)/parse.h \ $(srcdir)/interfaces.h - $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/regress/parser/check_addr.c + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/regress/parser/check_addr.c check_fill.o: $(srcdir)/regress/parser/check_fill.c $(top_builddir)/config.h \ $(top_srcdir)/compat/stdbool.h $(incdir)/list.h \ $(srcdir)/parse.h $(srcdir)/toke.h $(incdir)/sudo_plugin.h \ $(devdir)/gram.h - $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/regress/parser/check_fill.c + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/regress/parser/check_fill.c check_iolog_path.o: $(srcdir)/regress/iolog_path/check_iolog_path.c \ $(top_builddir)/config.h $(srcdir)/sudoers.h \ $(top_srcdir)/compat/stdbool.h $(top_builddir)/pathnames.h \ @@ -474,21 +478,21 @@ check_iolog_path.o: $(srcdir)/regress/iolog_path/check_iolog_path.c \ $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h \ $(incdir)/sudo_debug.h $(incdir)/gettext.h \ $(devdir)/def_data.c - $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/regress/iolog_path/check_iolog_path.c + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/regress/iolog_path/check_iolog_path.c check_symbols.o: $(srcdir)/regress/check_symbols/check_symbols.c \ $(top_builddir)/config.h $(top_srcdir)/compat/dlfcn.h \ $(incdir)/missing.h $(incdir)/error.h - $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/regress/check_symbols/check_symbols.c + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/regress/check_symbols/check_symbols.c check_wrap.o: $(srcdir)/regress/logging/check_wrap.c $(top_builddir)/config.h \ $(incdir)/missing.h $(incdir)/error.h $(incdir)/sudo_plugin.h - $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/regress/logging/check_wrap.c + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/regress/logging/check_wrap.c dce.lo: $(authdir)/dce.c $(top_builddir)/config.h $(srcdir)/sudoers.h \ $(top_srcdir)/compat/stdbool.h $(top_builddir)/pathnames.h \ $(incdir)/missing.h $(incdir)/error.h $(incdir)/alloc.h \ $(incdir)/list.h $(incdir)/fileops.h $(srcdir)/defaults.h \ $(devdir)/def_data.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h $(incdir)/gettext.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(authdir)/dce.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(authdir)/dce.c defaults.lo: $(srcdir)/defaults.c $(top_builddir)/config.h $(srcdir)/sudoers.h \ $(top_srcdir)/compat/stdbool.h $(top_builddir)/pathnames.h \ $(incdir)/missing.h $(incdir)/error.h $(incdir)/alloc.h \ @@ -497,17 +501,17 @@ defaults.lo: $(srcdir)/defaults.c $(top_builddir)/config.h $(srcdir)/sudoers.h \ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h \ $(incdir)/gettext.h $(srcdir)/parse.h $(devdir)/gram.h \ $(devdir)/def_data.c - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/defaults.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/defaults.c env.lo: $(srcdir)/env.c $(top_builddir)/config.h $(srcdir)/sudoers.h \ $(top_srcdir)/compat/stdbool.h $(top_builddir)/pathnames.h \ $(incdir)/missing.h $(incdir)/error.h $(incdir)/alloc.h \ $(incdir)/list.h $(incdir)/fileops.h $(srcdir)/defaults.h \ $(devdir)/def_data.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h $(incdir)/gettext.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/env.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/env.c error.o: $(top_srcdir)/src/error.c $(top_builddir)/config.h \ $(incdir)/missing.h $(incdir)/error.h $(incdir)/gettext.h - $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(top_srcdir)/src/error.c + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(top_srcdir)/src/error.c find_path.lo: $(srcdir)/find_path.c $(top_builddir)/config.h \ $(srcdir)/sudoers.h $(top_srcdir)/compat/stdbool.h \ $(top_builddir)/pathnames.h $(incdir)/missing.h \ @@ -515,7 +519,7 @@ find_path.lo: $(srcdir)/find_path.c $(top_builddir)/config.h \ $(incdir)/fileops.h $(srcdir)/defaults.h $(devdir)/def_data.h \ $(srcdir)/logging.h $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h \ $(incdir)/sudo_debug.h $(incdir)/gettext.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/find_path.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/find_path.c find_path.o: find_path.lo fwtk.lo: $(authdir)/fwtk.c $(top_builddir)/config.h $(srcdir)/sudoers.h \ $(top_srcdir)/compat/stdbool.h $(top_builddir)/pathnames.h \ @@ -523,10 +527,10 @@ fwtk.lo: $(authdir)/fwtk.c $(top_builddir)/config.h $(srcdir)/sudoers.h \ $(incdir)/list.h $(incdir)/fileops.h $(srcdir)/defaults.h \ $(devdir)/def_data.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h $(incdir)/gettext.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(authdir)/fwtk.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(authdir)/fwtk.c getdate.o: $(devdir)/getdate.c $(top_builddir)/config.h \ $(top_builddir)/config.h $(incdir)/missing.h - $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(devdir)/getdate.c + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(devdir)/getdate.c getspwuid.lo: $(srcdir)/getspwuid.c $(top_builddir)/config.h \ $(srcdir)/sudoers.h $(top_srcdir)/compat/stdbool.h \ $(top_builddir)/pathnames.h $(incdir)/missing.h \ @@ -534,14 +538,14 @@ getspwuid.lo: $(srcdir)/getspwuid.c $(top_builddir)/config.h \ $(incdir)/fileops.h $(srcdir)/defaults.h $(devdir)/def_data.h \ $(srcdir)/logging.h $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h \ $(incdir)/sudo_debug.h $(incdir)/gettext.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/getspwuid.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/getspwuid.c goodpath.lo: $(srcdir)/goodpath.c $(top_builddir)/config.h $(srcdir)/sudoers.h \ $(top_srcdir)/compat/stdbool.h $(top_builddir)/pathnames.h \ $(incdir)/missing.h $(incdir)/error.h $(incdir)/alloc.h \ $(incdir)/list.h $(incdir)/fileops.h $(srcdir)/defaults.h \ $(devdir)/def_data.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h $(incdir)/gettext.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/goodpath.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/goodpath.c goodpath.o: goodpath.lo gram.lo: $(devdir)/gram.c $(top_builddir)/config.h $(top_builddir)/config.h \ $(srcdir)/sudoers.h $(top_srcdir)/compat/stdbool.h \ @@ -550,7 +554,7 @@ gram.lo: $(devdir)/gram.c $(top_builddir)/config.h $(top_builddir)/config.h \ $(srcdir)/defaults.h $(devdir)/def_data.h $(srcdir)/logging.h \ $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h \ $(incdir)/gettext.h $(srcdir)/parse.h $(srcdir)/toke.h $(devdir)/gram.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(devdir)/gram.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(devdir)/gram.c group_plugin.lo: $(srcdir)/group_plugin.c $(top_builddir)/config.h \ $(top_srcdir)/compat/dlfcn.h $(srcdir)/sudoers.h \ $(top_srcdir)/compat/stdbool.h $(top_builddir)/pathnames.h \ @@ -559,7 +563,7 @@ group_plugin.lo: $(srcdir)/group_plugin.c $(top_builddir)/config.h \ $(devdir)/def_data.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h \ $(incdir)/gettext.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/group_plugin.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/group_plugin.c group_plugin.o: group_plugin.lo interfaces.lo: $(srcdir)/interfaces.c $(top_builddir)/config.h \ $(srcdir)/sudoers.h $(top_srcdir)/compat/stdbool.h \ @@ -569,7 +573,7 @@ interfaces.lo: $(srcdir)/interfaces.c $(top_builddir)/config.h \ $(srcdir)/logging.h $(srcdir)/sudo_nss.h \ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h \ $(incdir)/gettext.h $(srcdir)/interfaces.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/interfaces.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/interfaces.c interfaces.o: interfaces.lo iolog.lo: $(srcdir)/iolog.c $(top_builddir)/config.h $(srcdir)/sudoers.h \ $(top_srcdir)/compat/stdbool.h $(top_builddir)/pathnames.h \ @@ -577,7 +581,7 @@ iolog.lo: $(srcdir)/iolog.c $(top_builddir)/config.h $(srcdir)/sudoers.h \ $(incdir)/list.h $(incdir)/fileops.h $(srcdir)/defaults.h \ $(devdir)/def_data.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h $(incdir)/gettext.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/iolog.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/iolog.c iolog_path.lo: $(srcdir)/iolog_path.c $(top_builddir)/config.h \ $(srcdir)/sudoers.h $(top_srcdir)/compat/stdbool.h \ $(top_builddir)/pathnames.h $(incdir)/missing.h \ @@ -586,7 +590,7 @@ iolog_path.lo: $(srcdir)/iolog_path.c $(top_builddir)/config.h \ $(srcdir)/logging.h $(srcdir)/sudo_nss.h \ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h \ $(incdir)/gettext.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/iolog_path.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/iolog_path.c iolog_path.o: iolog_path.lo kerb5.lo: $(authdir)/kerb5.c $(top_builddir)/config.h $(srcdir)/sudoers.h \ $(top_srcdir)/compat/stdbool.h $(top_builddir)/pathnames.h \ @@ -594,7 +598,7 @@ kerb5.lo: $(authdir)/kerb5.c $(top_builddir)/config.h $(srcdir)/sudoers.h \ $(incdir)/list.h $(incdir)/fileops.h $(srcdir)/defaults.h \ $(devdir)/def_data.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h $(incdir)/gettext.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(authdir)/kerb5.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(authdir)/kerb5.c ldap.lo: $(srcdir)/ldap.c $(top_builddir)/config.h $(srcdir)/sudoers.h \ $(top_srcdir)/compat/stdbool.h $(top_builddir)/pathnames.h \ $(incdir)/missing.h $(incdir)/error.h $(incdir)/alloc.h \ @@ -602,26 +606,26 @@ ldap.lo: $(srcdir)/ldap.c $(top_builddir)/config.h $(srcdir)/sudoers.h \ $(devdir)/def_data.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h $(incdir)/gettext.h \ $(srcdir)/parse.h $(incdir)/lbuf.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/ldap.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/ldap.c linux_audit.lo: $(srcdir)/linux_audit.c $(top_builddir)/config.h \ $(incdir)/missing.h $(incdir)/error.h $(incdir)/alloc.h \ $(incdir)/gettext.h $(incdir)/sudo_debug.h \ $(srcdir)/linux_audit.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/linux_audit.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/linux_audit.c logging.lo: $(srcdir)/logging.c $(top_builddir)/config.h $(srcdir)/sudoers.h \ $(top_srcdir)/compat/stdbool.h $(top_builddir)/pathnames.h \ $(incdir)/missing.h $(incdir)/error.h $(incdir)/alloc.h \ $(incdir)/list.h $(incdir)/fileops.h $(srcdir)/defaults.h \ $(devdir)/def_data.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h $(incdir)/gettext.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/logging.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/logging.c logwrap.lo: $(srcdir)/logwrap.c $(top_builddir)/config.h $(srcdir)/sudoers.h \ $(top_srcdir)/compat/stdbool.h $(top_builddir)/pathnames.h \ $(incdir)/missing.h $(incdir)/error.h $(incdir)/alloc.h \ $(incdir)/list.h $(incdir)/fileops.h $(srcdir)/defaults.h \ $(devdir)/def_data.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h $(incdir)/gettext.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/logwrap.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/logwrap.c logwrap.o: logwrap.lo match.lo: $(srcdir)/match.c $(top_builddir)/config.h $(srcdir)/sudoers.h \ $(top_srcdir)/compat/stdbool.h $(top_builddir)/pathnames.h \ @@ -631,7 +635,7 @@ match.lo: $(srcdir)/match.c $(top_builddir)/config.h $(srcdir)/sudoers.h \ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h $(incdir)/gettext.h \ $(srcdir)/parse.h $(devdir)/gram.h $(top_srcdir)/compat/fnmatch.h \ $(top_srcdir)/compat/glob.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/match.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/match.c match_addr.lo: $(srcdir)/match_addr.c $(top_builddir)/config.h \ $(srcdir)/sudoers.h $(top_srcdir)/compat/stdbool.h \ $(top_builddir)/pathnames.h $(incdir)/missing.h \ @@ -640,19 +644,19 @@ match_addr.lo: $(srcdir)/match_addr.c $(top_builddir)/config.h \ $(srcdir)/logging.h $(srcdir)/sudo_nss.h \ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h \ $(incdir)/gettext.h $(srcdir)/interfaces.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/match_addr.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/match_addr.c match_addr.o: match_addr.lo net_ifs.o: $(top_srcdir)/src/net_ifs.c $(top_builddir)/config.h \ $(incdir)/missing.h $(incdir)/alloc.h $(incdir)/error.h \ $(incdir)/sudo_debug.h $(incdir)/gettext.h - $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(top_srcdir)/src/net_ifs.c + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(top_srcdir)/src/net_ifs.c pam.lo: $(authdir)/pam.c $(top_builddir)/config.h $(srcdir)/sudoers.h \ $(top_srcdir)/compat/stdbool.h $(top_builddir)/pathnames.h \ $(incdir)/missing.h $(incdir)/error.h $(incdir)/alloc.h \ $(incdir)/list.h $(incdir)/fileops.h $(srcdir)/defaults.h \ $(devdir)/def_data.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h $(incdir)/gettext.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(authdir)/pam.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(authdir)/pam.c parse.lo: $(srcdir)/parse.c $(top_builddir)/config.h $(srcdir)/sudoers.h \ $(top_srcdir)/compat/stdbool.h $(top_builddir)/pathnames.h \ $(incdir)/missing.h $(incdir)/error.h $(incdir)/alloc.h \ @@ -660,18 +664,18 @@ parse.lo: $(srcdir)/parse.c $(top_builddir)/config.h $(srcdir)/sudoers.h \ $(devdir)/def_data.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h $(incdir)/gettext.h \ $(srcdir)/parse.h $(incdir)/lbuf.h $(devdir)/gram.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/parse.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/parse.c passwd.lo: $(authdir)/passwd.c $(top_builddir)/config.h $(srcdir)/sudoers.h \ $(top_srcdir)/compat/stdbool.h $(top_builddir)/pathnames.h \ $(incdir)/missing.h $(incdir)/error.h $(incdir)/alloc.h \ $(incdir)/list.h $(incdir)/fileops.h $(srcdir)/defaults.h \ $(devdir)/def_data.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h $(incdir)/gettext.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(authdir)/passwd.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(authdir)/passwd.c plugin_error.lo: $(srcdir)/plugin_error.c $(top_builddir)/config.h \ $(incdir)/missing.h $(incdir)/alloc.h $(incdir)/error.h \ $(incdir)/sudo_plugin.h $(incdir)/gettext.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/plugin_error.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/plugin_error.c pwutil.lo: $(srcdir)/pwutil.c $(top_builddir)/config.h $(srcdir)/sudoers.h \ $(top_srcdir)/compat/stdbool.h $(top_builddir)/pathnames.h \ $(incdir)/missing.h $(incdir)/error.h $(incdir)/alloc.h \ @@ -679,11 +683,11 @@ pwutil.lo: $(srcdir)/pwutil.c $(top_builddir)/config.h $(srcdir)/sudoers.h \ $(devdir)/def_data.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h $(incdir)/gettext.h \ $(srcdir)/redblack.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/pwutil.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/pwutil.c pwutil.o: pwutil.lo redblack.lo: $(srcdir)/redblack.c $(top_builddir)/config.h $(incdir)/missing.h \ $(incdir)/alloc.h $(incdir)/sudo_debug.h $(srcdir)/redblack.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/redblack.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/redblack.c redblack.o: redblack.lo rfc1938.lo: $(authdir)/rfc1938.c $(top_builddir)/config.h $(srcdir)/sudoers.h \ $(top_srcdir)/compat/stdbool.h $(top_builddir)/pathnames.h \ @@ -691,7 +695,7 @@ rfc1938.lo: $(authdir)/rfc1938.c $(top_builddir)/config.h $(srcdir)/sudoers.h \ $(incdir)/list.h $(incdir)/fileops.h $(srcdir)/defaults.h \ $(devdir)/def_data.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h $(incdir)/gettext.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(authdir)/rfc1938.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(authdir)/rfc1938.c secureware.lo: $(authdir)/secureware.c $(top_builddir)/config.h \ $(srcdir)/sudoers.h $(top_srcdir)/compat/stdbool.h \ $(top_builddir)/pathnames.h $(incdir)/missing.h \ @@ -700,7 +704,7 @@ secureware.lo: $(authdir)/secureware.c $(top_builddir)/config.h \ $(srcdir)/logging.h $(srcdir)/sudo_nss.h \ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h \ $(incdir)/gettext.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(authdir)/secureware.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(authdir)/secureware.c securid5.lo: $(authdir)/securid5.c $(top_builddir)/config.h \ $(srcdir)/sudoers.h $(top_srcdir)/compat/stdbool.h \ $(top_builddir)/pathnames.h $(incdir)/missing.h $(incdir)/error.h \ @@ -708,7 +712,7 @@ securid5.lo: $(authdir)/securid5.c $(top_builddir)/config.h \ $(srcdir)/defaults.h $(devdir)/def_data.h $(srcdir)/logging.h \ $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h \ $(incdir)/sudo_debug.h $(incdir)/gettext.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(authdir)/securid5.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(authdir)/securid5.c set_perms.lo: $(srcdir)/set_perms.c $(top_builddir)/config.h \ $(srcdir)/sudoers.h $(top_srcdir)/compat/stdbool.h \ $(top_builddir)/pathnames.h $(incdir)/missing.h \ @@ -716,14 +720,14 @@ set_perms.lo: $(srcdir)/set_perms.c $(top_builddir)/config.h \ $(incdir)/fileops.h $(srcdir)/defaults.h $(devdir)/def_data.h \ $(srcdir)/logging.h $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h \ $(incdir)/sudo_debug.h $(incdir)/gettext.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/set_perms.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/set_perms.c sia.lo: $(authdir)/sia.c $(top_builddir)/config.h $(srcdir)/sudoers.h \ $(top_srcdir)/compat/stdbool.h $(top_builddir)/pathnames.h \ $(incdir)/missing.h $(incdir)/error.h $(incdir)/alloc.h \ $(incdir)/list.h $(incdir)/fileops.h $(srcdir)/defaults.h \ $(devdir)/def_data.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h $(incdir)/gettext.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(authdir)/sia.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(authdir)/sia.c sssd.lo: $(srcdir)/sssd.c $(top_builddir)/config.h \ $(top_srcdir)/compat/dlfcn.h $(srcdir)/sudoers.h \ $(top_srcdir)/compat/stdbool.h $(top_builddir)/pathnames.h \ @@ -732,7 +736,7 @@ sssd.lo: $(srcdir)/sssd.c $(top_builddir)/config.h \ $(devdir)/def_data.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h $(incdir)/gettext.h \ $(srcdir)/parse.h $(incdir)/lbuf.h $(incdir)/sudo_debug.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/sssd.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/sssd.c sudo_auth.lo: $(authdir)/sudo_auth.c $(top_builddir)/config.h \ $(srcdir)/sudoers.h $(top_srcdir)/compat/stdbool.h \ $(top_builddir)/pathnames.h $(incdir)/missing.h \ @@ -742,7 +746,7 @@ sudo_auth.lo: $(authdir)/sudo_auth.c $(top_builddir)/config.h \ $(incdir)/sudo_debug.h $(incdir)/gettext.h $(srcdir)/insults.h \ $(srcdir)/ins_2001.h $(srcdir)/ins_goons.h \ $(srcdir)/ins_classic.h $(srcdir)/ins_csops.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(authdir)/sudo_auth.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(authdir)/sudo_auth.c sudo_nss.lo: $(srcdir)/sudo_nss.c $(top_builddir)/config.h $(srcdir)/sudoers.h \ $(top_srcdir)/compat/stdbool.h $(top_builddir)/pathnames.h \ $(incdir)/missing.h $(incdir)/error.h $(incdir)/alloc.h \ @@ -750,7 +754,7 @@ sudo_nss.lo: $(srcdir)/sudo_nss.c $(top_builddir)/config.h $(srcdir)/sudoers.h \ $(devdir)/def_data.h $(srcdir)/logging.h $(srcdir)/sudo_nss.h \ $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h \ $(incdir)/gettext.h $(incdir)/lbuf.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/sudo_nss.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/sudo_nss.c sudoers.lo: $(srcdir)/sudoers.c $(top_builddir)/config.h \ $(top_srcdir)/compat/getaddrinfo.h $(top_builddir)/config.h \ $(srcdir)/sudoers.h $(top_srcdir)/compat/stdbool.h \ @@ -761,14 +765,14 @@ sudoers.lo: $(srcdir)/sudoers.c $(top_builddir)/config.h \ $(incdir)/sudo_debug.h $(incdir)/gettext.h $(srcdir)/interfaces.h \ $(srcdir)/sudoers_version.h $(srcdir)/auth/sudo_auth.h \ $(incdir)/secure_path.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/sudoers.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/sudoers.c sudoreplay.o: $(srcdir)/sudoreplay.c $(top_builddir)/config.h \ $(top_srcdir)/compat/timespec.h $(top_srcdir)/compat/stdbool.h \ $(top_builddir)/pathnames.h $(incdir)/missing.h \ $(incdir)/alloc.h $(incdir)/error.h $(incdir)/gettext.h \ $(incdir)/sudo_plugin.h $(incdir)/sudo_conf.h $(incdir)/list.h \ $(incdir)/sudo_debug.h - $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/sudoreplay.c + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/sudoreplay.c testsudoers.o: $(srcdir)/testsudoers.c $(top_builddir)/config.h \ $(top_srcdir)/compat/fnmatch.h $(srcdir)/tsgetgrpw.h \ $(top_builddir)/config.h $(srcdir)/sudoers.h \ @@ -780,9 +784,9 @@ testsudoers.o: $(srcdir)/testsudoers.c $(top_builddir)/config.h \ $(incdir)/gettext.h $(srcdir)/interfaces.h $(srcdir)/parse.h \ $(incdir)/sudo_conf.h $(incdir)/list.h $(incdir)/secure_path.h \ $(devdir)/gram.h - $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/testsudoers.c + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/testsudoers.c timestr.lo: $(srcdir)/timestr.c $(top_builddir)/config.h $(incdir)/missing.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/timestr.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/timestr.c toke.lo: $(devdir)/toke.c $(top_builddir)/config.h $(top_builddir)/config.h \ $(srcdir)/sudoers.h $(top_srcdir)/compat/stdbool.h \ $(top_builddir)/pathnames.h $(incdir)/missing.h $(incdir)/error.h \ @@ -791,7 +795,7 @@ toke.lo: $(devdir)/toke.c $(top_builddir)/config.h $(top_builddir)/config.h \ $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h \ $(incdir)/gettext.h $(srcdir)/parse.h $(srcdir)/toke.h \ $(devdir)/gram.h $(incdir)/lbuf.h $(incdir)/secure_path.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(devdir)/toke.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(devdir)/toke.c toke_util.lo: $(srcdir)/toke_util.c $(top_builddir)/config.h \ $(srcdir)/sudoers.h $(top_srcdir)/compat/stdbool.h \ $(top_builddir)/pathnames.h $(incdir)/missing.h \ @@ -800,7 +804,7 @@ toke_util.lo: $(srcdir)/toke_util.c $(top_builddir)/config.h \ $(srcdir)/logging.h $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h \ $(incdir)/sudo_debug.h $(incdir)/gettext.h $(srcdir)/parse.h \ $(srcdir)/toke.h $(devdir)/gram.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/toke_util.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/toke_util.c toke_util.o: toke_util.lo tsgetgrpw.o: $(srcdir)/tsgetgrpw.c $(top_builddir)/config.h \ $(srcdir)/tsgetgrpw.h $(top_builddir)/config.h \ @@ -810,7 +814,7 @@ tsgetgrpw.o: $(srcdir)/tsgetgrpw.c $(top_builddir)/config.h \ $(srcdir)/defaults.h $(devdir)/def_data.h $(srcdir)/logging.h \ $(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h \ $(incdir)/sudo_debug.h $(incdir)/gettext.h - $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/tsgetgrpw.c + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/tsgetgrpw.c visudo.o: $(srcdir)/visudo.c $(top_builddir)/config.h $(srcdir)/sudoers.h \ $(top_srcdir)/compat/stdbool.h $(top_builddir)/pathnames.h \ $(incdir)/missing.h $(incdir)/error.h $(incdir)/alloc.h \ @@ -820,4 +824,4 @@ visudo.o: $(srcdir)/visudo.c $(top_builddir)/config.h $(srcdir)/sudoers.h \ $(srcdir)/interfaces.h $(srcdir)/parse.h $(srcdir)/redblack.h \ $(incdir)/gettext.h $(srcdir)/sudoers_version.h \ $(incdir)/sudo_conf.h $(incdir)/list.h $(devdir)/gram.h - $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/visudo.c + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/visudo.c diff --git a/plugins/system_group/Makefile.in b/plugins/system_group/Makefile.in index 8e8f5a7ed..aaac4bbca 100644 --- a/plugins/system_group/Makefile.in +++ b/plugins/system_group/Makefile.in @@ -51,6 +51,10 @@ LT_LDFLAGS = @LT_LDFLAGS@ @LT_LDMAP@ @LT_LDOPT@ @LT_LDEXPORTS@ PIE_CFLAGS = @PIE_CFLAGS@ PIE_LDFLAGS = @PIE_LDFLAGS@ +# Stack smashing protection flags +SSP_CFLAGS = @SSP_CFLAGS@ +SSP_LDFLAGS = @SSP_LDFLAGS@ + # Where to install things... prefix = @prefix@ exec_prefix = @exec_prefix@ @@ -90,7 +94,7 @@ Makefile: $(srcdir)/Makefile.in .SUFFIXES: .o .c .h .lo .c.lo: - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $< + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $< $(shlib_map): $(shlib_exp) @awk 'BEGIN { print "{\n\tglobal:" } { print "\t\t"$$0";" } END { print "\tlocal:\n\t\t*;\n};" }' $(shlib_exp) > $@ @@ -141,4 +145,4 @@ cleandir: realclean system_group.lo: $(srcdir)/system_group.c $(top_builddir)/config.h \ $(top_srcdir)/compat/stdbool.h $(top_srcdir)/compat/dlfcn.h \ $(incdir)/sudo_plugin.h $(incdir)/missing.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/system_group.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/system_group.c diff --git a/src/Makefile.in b/src/Makefile.in index 2a2c7450f..918cf04b3 100644 --- a/src/Makefile.in +++ b/src/Makefile.in @@ -51,6 +51,10 @@ LT_LDFLAGS = @LT_LDFLAGS@ PIE_CFLAGS = @PIE_CFLAGS@ PIE_LDFLAGS = @PIE_LDFLAGS@ +# Stack smashing protection flags +SSP_CFLAGS = @SSP_CFLAGS@ +SSP_LDFLAGS = @SSP_LDFLAGS@ + # Where to install things... prefix = @prefix@ exec_prefix = @exec_prefix@ @@ -96,19 +100,19 @@ Makefile: $(srcdir)/Makefile.in .SUFFIXES: .c .h .lo .o .c.o: - $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $< + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $< .c.lo: - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $< + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $< sudo: $(OBJS) $(LT_LIBS) - $(LIBTOOL) --mode=link $(CC) -o $@ $(OBJS) $(LDFLAGS) $(PIE_LDFLAGS) $(LIBS) + $(LIBTOOL) --mode=link $(CC) -o $@ $(OBJS) $(LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) $(LIBS) libsudo_noexec.la: sudo_noexec.lo $(LIBTOOL) --mode=link $(CC) $(LDFLAGS) $(LT_LDFLAGS) -o $@ sudo_noexec.lo -avoid-version -rpath $(noexecdir) sesh: sesh.o error.o exec_common.o @LIBINTL@ $(LT_LIBS) - $(LIBTOOL) --mode=link $(CC) -o $@ sesh.o error.o exec_common.o $(LDFLAGS) $(PIE_LDFLAGS) @LIBINTL@ $(LIBS) + $(LIBTOOL) --mode=link $(CC) -o $@ sesh.o error.o exec_common.o $(LDFLAGS) $(PIE_LDFLAGS) $(SSP_LDFLAGS) @LIBINTL@ $(LIBS) pre-install: @@ -165,7 +169,7 @@ conversation.o: $(srcdir)/conversation.c $(top_builddir)/config.h \ $(incdir)/list.h $(incdir)/sudo_conf.h $(incdir)/list.h \ $(incdir)/sudo_debug.h $(incdir)/gettext.h \ $(incdir)/sudo_plugin.h $(srcdir)/sudo_plugin_int.h - $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/conversation.c + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/conversation.c env_hooks.o: $(srcdir)/env_hooks.c $(top_builddir)/config.h \ $(top_srcdir)/compat/dlfcn.h $(srcdir)/sudo.h \ $(top_builddir)/pathnames.h $(top_srcdir)/compat/stdbool.h \ @@ -173,10 +177,10 @@ env_hooks.o: $(srcdir)/env_hooks.c $(top_builddir)/config.h \ $(incdir)/fileops.h $(incdir)/list.h $(incdir)/sudo_conf.h \ $(incdir)/list.h $(incdir)/sudo_debug.h $(incdir)/gettext.h \ $(incdir)/sudo_plugin.h - $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/env_hooks.c + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/env_hooks.c error.o: $(srcdir)/error.c $(top_builddir)/config.h $(incdir)/missing.h \ $(incdir)/error.h $(incdir)/gettext.h - $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/error.c + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/error.c exec.o: $(srcdir)/exec.c $(top_builddir)/config.h $(srcdir)/sudo.h \ $(top_builddir)/pathnames.h $(top_srcdir)/compat/stdbool.h \ $(incdir)/missing.h $(incdir)/alloc.h $(incdir)/error.h \ @@ -184,14 +188,14 @@ exec.o: $(srcdir)/exec.c $(top_builddir)/config.h $(srcdir)/sudo.h \ $(incdir)/list.h $(incdir)/sudo_debug.h $(incdir)/gettext.h \ $(srcdir)/sudo_exec.h $(incdir)/sudo_plugin.h \ $(srcdir)/sudo_plugin_int.h - $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/exec.c + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/exec.c exec_common.o: $(srcdir)/exec_common.c $(top_builddir)/config.h \ $(srcdir)/sudo.h $(top_builddir)/pathnames.h \ $(top_srcdir)/compat/stdbool.h $(incdir)/missing.h \ $(incdir)/alloc.h $(incdir)/error.h $(incdir)/fileops.h \ $(incdir)/list.h $(incdir)/sudo_conf.h $(incdir)/list.h \ $(incdir)/sudo_debug.h $(incdir)/gettext.h $(srcdir)/sudo_exec.h - $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/exec_common.c + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/exec_common.c exec_pty.o: $(srcdir)/exec_pty.c $(top_builddir)/config.h $(srcdir)/sudo.h \ $(top_builddir)/pathnames.h $(top_srcdir)/compat/stdbool.h \ $(incdir)/missing.h $(incdir)/alloc.h $(incdir)/error.h \ @@ -199,13 +203,13 @@ exec_pty.o: $(srcdir)/exec_pty.c $(top_builddir)/config.h $(srcdir)/sudo.h \ $(incdir)/list.h $(incdir)/sudo_debug.h $(incdir)/gettext.h \ $(srcdir)/sudo_exec.h $(incdir)/sudo_plugin.h \ $(srcdir)/sudo_plugin_int.h - $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/exec_pty.c + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/exec_pty.c get_pty.o: $(srcdir)/get_pty.c $(top_builddir)/config.h $(srcdir)/sudo.h \ $(top_builddir)/pathnames.h $(top_srcdir)/compat/stdbool.h \ $(incdir)/missing.h $(incdir)/alloc.h $(incdir)/error.h \ $(incdir)/fileops.h $(incdir)/list.h $(incdir)/sudo_conf.h \ $(incdir)/list.h $(incdir)/sudo_debug.h $(incdir)/gettext.h - $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/get_pty.c + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/get_pty.c hooks.o: $(srcdir)/hooks.c $(top_builddir)/config.h $(srcdir)/sudo.h \ $(top_builddir)/pathnames.h $(top_srcdir)/compat/stdbool.h \ $(incdir)/missing.h $(incdir)/alloc.h $(incdir)/error.h \ @@ -213,7 +217,7 @@ hooks.o: $(srcdir)/hooks.c $(top_builddir)/config.h $(srcdir)/sudo.h \ $(incdir)/list.h $(incdir)/sudo_debug.h $(incdir)/gettext.h \ $(incdir)/sudo_plugin.h $(srcdir)/sudo_plugin_int.h \ $(incdir)/sudo_debug.h - $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/hooks.c + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/hooks.c load_plugins.o: $(srcdir)/load_plugins.c $(top_builddir)/config.h \ $(top_srcdir)/compat/dlfcn.h $(srcdir)/sudo.h \ $(top_builddir)/pathnames.h $(top_srcdir)/compat/stdbool.h \ @@ -222,65 +226,65 @@ load_plugins.o: $(srcdir)/load_plugins.c $(top_builddir)/config.h \ $(incdir)/list.h $(incdir)/sudo_debug.h $(incdir)/gettext.h \ $(incdir)/sudo_plugin.h $(srcdir)/sudo_plugin_int.h \ $(incdir)/sudo_conf.h $(incdir)/list.h $(incdir)/sudo_debug.h - $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/load_plugins.c + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/load_plugins.c net_ifs.o: $(srcdir)/net_ifs.c $(top_builddir)/config.h $(incdir)/missing.h \ $(incdir)/alloc.h $(incdir)/error.h $(incdir)/sudo_debug.h \ $(incdir)/gettext.h - $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/net_ifs.c + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/net_ifs.c parse_args.o: $(srcdir)/parse_args.c $(top_builddir)/config.h ./sudo_usage.h \ $(srcdir)/sudo.h $(top_builddir)/pathnames.h \ $(top_srcdir)/compat/stdbool.h $(incdir)/missing.h \ $(incdir)/alloc.h $(incdir)/error.h $(incdir)/fileops.h \ $(incdir)/list.h $(incdir)/sudo_conf.h $(incdir)/list.h \ $(incdir)/sudo_debug.h $(incdir)/gettext.h $(incdir)/lbuf.h - $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/parse_args.c + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/parse_args.c preload.o: $(srcdir)/preload.c $(top_builddir)/config.h $(incdir)/sudo_plugin.h - $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/preload.c + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/preload.c selinux.o: $(srcdir)/selinux.c $(top_builddir)/config.h $(srcdir)/sudo.h \ $(top_builddir)/pathnames.h $(top_srcdir)/compat/stdbool.h \ $(incdir)/missing.h $(incdir)/alloc.h $(incdir)/error.h \ $(incdir)/fileops.h $(incdir)/list.h $(incdir)/sudo_conf.h \ $(incdir)/list.h $(incdir)/sudo_debug.h $(incdir)/gettext.h \ $(srcdir)/sudo_exec.h - $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/selinux.c + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/selinux.c sesh.o: $(srcdir)/sesh.c $(top_builddir)/config.h \ $(top_srcdir)/compat/stdbool.h $(incdir)/missing.h $(incdir)/alloc.h \ $(incdir)/error.h $(incdir)/gettext.h $(incdir)/sudo_conf.h \ $(incdir)/list.h $(incdir)/sudo_debug.h $(srcdir)/sudo_exec.h \ $(incdir)/sudo_plugin.h - $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/sesh.c + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/sesh.c sudo.o: $(srcdir)/sudo.c $(top_builddir)/config.h $(srcdir)/sudo.h \ $(top_builddir)/pathnames.h $(top_srcdir)/compat/stdbool.h \ $(incdir)/missing.h $(incdir)/alloc.h $(incdir)/error.h \ $(incdir)/fileops.h $(incdir)/list.h $(incdir)/sudo_conf.h \ $(incdir)/list.h $(incdir)/sudo_debug.h $(incdir)/gettext.h \ $(incdir)/sudo_plugin.h $(srcdir)/sudo_plugin_int.h ./sudo_usage.h - $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/sudo.c + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/sudo.c sudo_edit.o: $(srcdir)/sudo_edit.c $(top_builddir)/config.h $(srcdir)/sudo.h \ $(top_builddir)/pathnames.h $(top_srcdir)/compat/stdbool.h \ $(incdir)/missing.h $(incdir)/alloc.h $(incdir)/error.h \ $(incdir)/fileops.h $(incdir)/list.h $(incdir)/sudo_conf.h \ $(incdir)/list.h $(incdir)/sudo_debug.h $(incdir)/gettext.h - $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/sudo_edit.c + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/sudo_edit.c sudo_noexec.lo: $(srcdir)/sudo_noexec.c $(top_builddir)/config.h \ $(incdir)/missing.h - $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/sudo_noexec.c + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/sudo_noexec.c tgetpass.o: $(srcdir)/tgetpass.c $(top_builddir)/config.h $(srcdir)/sudo.h \ $(top_builddir)/pathnames.h $(top_srcdir)/compat/stdbool.h \ $(incdir)/missing.h $(incdir)/alloc.h $(incdir)/error.h \ $(incdir)/fileops.h $(incdir)/list.h $(incdir)/sudo_conf.h \ $(incdir)/list.h $(incdir)/sudo_debug.h $(incdir)/gettext.h - $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/tgetpass.c + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/tgetpass.c ttyname.o: $(srcdir)/ttyname.c $(top_builddir)/config.h $(srcdir)/sudo.h \ $(top_builddir)/pathnames.h $(top_srcdir)/compat/stdbool.h \ $(incdir)/missing.h $(incdir)/alloc.h $(incdir)/error.h \ $(incdir)/fileops.h $(incdir)/list.h $(incdir)/sudo_conf.h \ $(incdir)/list.h $(incdir)/sudo_debug.h $(incdir)/gettext.h - $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/ttyname.c + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/ttyname.c utmp.o: $(srcdir)/utmp.c $(top_builddir)/config.h $(srcdir)/sudo.h \ $(top_builddir)/pathnames.h $(top_srcdir)/compat/stdbool.h \ $(incdir)/missing.h $(incdir)/alloc.h $(incdir)/error.h \ $(incdir)/fileops.h $(incdir)/list.h $(incdir)/sudo_conf.h \ $(incdir)/list.h $(incdir)/sudo_debug.h $(incdir)/gettext.h \ $(srcdir)/sudo_exec.h - $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(DEFS) $(srcdir)/utmp.c + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/utmp.c -- cgit v1.2.1 From 17e6d9609d880ccce38ce10f52358d32062a03f3 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Thu, 3 Jan 2013 14:53:03 -0500 Subject: Sudo 1.8.6p4 --- configure | 18 +++++++++--------- configure.in | 2 +- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/configure b/configure index 19413c353..fb7055952 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.68 for sudo 1.8.6p3. +# Generated by GNU Autoconf 2.68 for sudo 1.8.6p4. # # Report bugs to . # @@ -570,8 +570,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='sudo' PACKAGE_TARNAME='sudo' -PACKAGE_VERSION='1.8.6p3' -PACKAGE_STRING='sudo 1.8.6p3' +PACKAGE_VERSION='1.8.6p4' +PACKAGE_STRING='sudo 1.8.6p4' PACKAGE_BUGREPORT='http://www.sudo.ws/bugs/' PACKAGE_URL='' @@ -1470,7 +1470,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures sudo 1.8.6p3 to adapt to many kinds of systems. +\`configure' configures sudo 1.8.6p4 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1535,7 +1535,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of sudo 1.8.6p3:";; + short | recursive ) echo "Configuration of sudo 1.8.6p4:";; esac cat <<\_ACEOF @@ -1761,7 +1761,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -sudo configure 1.8.6p3 +sudo configure 1.8.6p4 generated by GNU Autoconf 2.68 Copyright (C) 2010 Free Software Foundation, Inc. @@ -2465,7 +2465,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by sudo $as_me 1.8.6p3, which was +It was created by sudo $as_me 1.8.6p4, which was generated by GNU Autoconf 2.68. Invocation command line was $ $0 $@ @@ -21504,7 +21504,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by sudo $as_me 1.8.6p3, which was +This file was extended by sudo $as_me 1.8.6p4, which was generated by GNU Autoconf 2.68. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -21570,7 +21570,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -sudo config.status 1.8.6p3 +sudo config.status 1.8.6p4 configured by $0, generated by GNU Autoconf 2.68, with options \\"\$ac_cs_config\\" diff --git a/configure.in b/configure.in index 3982badf8..f54382fac 100644 --- a/configure.in +++ b/configure.in @@ -3,7 +3,7 @@ dnl Process this file with GNU autoconf to produce a configure script. dnl dnl Copyright (c) 1994-1996,1998-2012 Todd C. Miller dnl -AC_INIT([sudo], [1.8.6p3], [http://www.sudo.ws/bugs/], [sudo]) +AC_INIT([sudo], [1.8.6p4], [http://www.sudo.ws/bugs/], [sudo]) AC_CONFIG_HEADER([config.h pathnames.h]) dnl dnl Note: this must come after AC_INIT -- cgit v1.2.1 From 75e72a4091a4caa1c60fa570136ffbd8af9a5dd1 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Thu, 3 Jan 2013 14:52:10 -0500 Subject: Add Sudo 1.8.6p4 --- NEWS | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/NEWS b/NEWS index 0a0cf11dd..f1a3c570e 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,25 @@ +What's new in Sudo 1.8.6p4? + + * The -fstack-protector is now used when linking visudo, sudoreplay + and testsudoers. + + * Avoid building PIE binaries on FreeBSD/ia64 as they don't run + properly. + + * Fixed a crash in visudo strict mode when an unknown Defaults + setting is encountered. + + * Do not inform the user that the command was not permitted by the + policy if they do not successfully authenticate. This is a + regression introduced in sudo 1.8.6. + + * Allow sudo to be build with sss support without also including + ldap support. + + * Fix running commands that need the terminal in the background + when I/O logging is enabled. E.g. "sudo vi &". When the command + is foregrounded, it will now resume properly. + What's new in Sudo 1.8.6p3? * Fixed post-processing of the man pages on systems with legacy -- cgit v1.2.1 From a753fb58da2a49afed33a9b4628600a63eda97e8 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Thu, 10 Jan 2013 21:27:40 -0500 Subject: Only test for -fstack-protector and -fvisibility=hidden on GNU compatible compilers. --- configure | 64 +++++++++++++++++++++++++++--------------------------- configure.in | 70 +++++++++++++++++++++++++++++++----------------------------- 2 files changed, 69 insertions(+), 65 deletions(-) diff --git a/configure b/configure index fb7055952..730724615 100755 --- a/configure +++ b/configure @@ -2988,7 +2988,7 @@ AUTH_DEF=passwd SUDO_NLS=disabled LT_LDEXPORTS="-export-symbols \$(shlib_exp)" LT_LDDEP="\$(shlib_exp)" -NO_VIZ= +NO_VIZ="-DNO_VIZ" CHECKSHADOW=true shadow_defs= @@ -20398,7 +20398,8 @@ fi fi -as_CACHEVAR=`$as_echo "ax_cv_check_cflags__-fvisibility=hidden" | $as_tr_sh` +if test -n "$GCC"; then + as_CACHEVAR=`$as_echo "ax_cv_check_cflags__-fvisibility=hidden" | $as_tr_sh` { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -fvisibility=hidden" >&5 $as_echo_n "checking whether C compiler accepts -fvisibility=hidden... " >&6; } if eval \${$as_CACHEVAR+:} false; then : @@ -20431,19 +20432,21 @@ eval ac_res=\$$as_CACHEVAR $as_echo "$ac_res" >&6; } if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : - $as_echo "#define HAVE_DSO_VISIBILITY 1" >>confdefs.h + $as_echo "#define HAVE_DSO_VISIBILITY 1" >>confdefs.h - CFLAGS="${CFLAGS} -fvisibility=hidden" - LT_LDEXPORTS= - LT_LDDEP= + CFLAGS="${CFLAGS} -fvisibility=hidden" + LT_LDEXPORTS= + LT_LDDEP= + NO_VIZ= else + : +fi - NO_VIZ="-DNO_VIZ" - if test -z "$GCC"; then - case "$host" in - *-*-hpux*) - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -Bhidden_def" >&5 +else + case "$host" in + *-*-hpux*) + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -Bhidden_def" >&5 $as_echo_n "checking whether C compiler accepts -Bhidden_def... " >&6; } if ${ax_cv_check_cflags___Bhidden_def+:} false; then : $as_echo_n "(cached) " >&6 @@ -20474,19 +20477,19 @@ fi $as_echo "$ax_cv_check_cflags___Bhidden_def" >&6; } if test x"$ax_cv_check_cflags___Bhidden_def" = xyes; then : - $as_echo "#define HAVE_DSO_VISIBILITY 1" >>confdefs.h + $as_echo "#define HAVE_DSO_VISIBILITY 1" >>confdefs.h - CFLAGS="${CFLAGS} -Bhidden_def" - LT_LDEXPORTS= - LT_LDDEP= + CFLAGS="${CFLAGS} -Bhidden_def" + LT_LDEXPORTS= + LT_LDDEP= else : fi - ;; - *-*-solaris2*) - as_CACHEVAR=`$as_echo "ax_cv_check_cflags__-xldscope=hidden" | $as_tr_sh` + ;; + *-*-solaris2*) + as_CACHEVAR=`$as_echo "ax_cv_check_cflags__-xldscope=hidden" | $as_tr_sh` { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -xldscope=hidden" >&5 $as_echo_n "checking whether C compiler accepts -xldscope=hidden... " >&6; } if eval \${$as_CACHEVAR+:} false; then : @@ -20519,23 +20522,20 @@ eval ac_res=\$$as_CACHEVAR $as_echo "$ac_res" >&6; } if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : - $as_echo "#define HAVE_DSO_VISIBILITY 1" >>confdefs.h + $as_echo "#define HAVE_DSO_VISIBILITY 1" >>confdefs.h - CFLAGS="${CFLAGS} -xldscope=hidden" - LT_LDEXPORTS= - LT_LDDEP= + CFLAGS="${CFLAGS} -xldscope=hidden" + LT_LDEXPORTS= + LT_LDDEP= else : fi - ;; - esac - fi - + ;; + esac fi - if test -n "$LT_LDEXPORTS"; then if test "$lt_cv_prog_gnu_ld" = "yes"; then { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ld supports anonymous map files" >&5 @@ -20761,7 +20761,8 @@ fi fi if test "$enable_hardening" != "no"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -fstack-protector" >&5 + if test -n "$GCC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -fstack-protector" >&5 $as_echo_n "checking whether C compiler accepts -fstack-protector... " >&6; } if ${ax_cv_check_cflags___fstack_protector+:} false; then : $as_echo_n "(cached) " >&6 @@ -20792,7 +20793,7 @@ fi $as_echo "$ax_cv_check_cflags___fstack_protector" >&6; } if test x"$ax_cv_check_cflags___fstack_protector" = xyes; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the linker accepts -fstack-protector" >&5 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the linker accepts -fstack-protector" >&5 $as_echo_n "checking whether the linker accepts -fstack-protector... " >&6; } if ${ax_cv_check_ldflags___fstack_protector+:} false; then : $as_echo_n "(cached) " >&6 @@ -20824,8 +20825,8 @@ fi $as_echo "$ax_cv_check_ldflags___fstack_protector" >&6; } if test x"$ax_cv_check_ldflags___fstack_protector" = xyes; then : - SSP_CFLAGS="-fstack-protector" - SSP_LDFLAGS="-Wc,-fstack-protector" + SSP_CFLAGS="-fstack-protector" + SSP_LDFLAGS="-Wc,-fstack-protector" else : @@ -20836,6 +20837,7 @@ else : fi + fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the linker accepts -Wl,-z,relro" >&5 $as_echo_n "checking whether the linker accepts -Wl,-z,relro... " >&6; } if ${ax_cv_check_ldflags___Wl__z_relro+:} false; then : diff --git a/configure.in b/configure.in index f54382fac..5d4b53f64 100644 --- a/configure.in +++ b/configure.in @@ -192,7 +192,7 @@ AUTH_DEF=passwd SUDO_NLS=disabled LT_LDEXPORTS="-export-symbols \$(shlib_exp)" LT_LDDEP="\$(shlib_exp)" -NO_VIZ= +NO_VIZ="-DNO_VIZ" dnl dnl Other vaiables @@ -3268,34 +3268,34 @@ dnl dnl Check for symbol visibility support. dnl This test relies on AC_LANG_WERROR dnl -AX_CHECK_COMPILE_FLAG([-fvisibility=hidden], [ - AC_DEFINE(HAVE_DSO_VISIBILITY) - CFLAGS="${CFLAGS} -fvisibility=hidden" - LT_LDEXPORTS= - LT_LDDEP= -], [ - NO_VIZ="-DNO_VIZ" - if test -z "$GCC"; then - case "$host" in - *-*-hpux*) - AX_CHECK_COMPILE_FLAG([-Bhidden_def], [ - AC_DEFINE(HAVE_DSO_VISIBILITY) - CFLAGS="${CFLAGS} -Bhidden_def" - LT_LDEXPORTS= - LT_LDDEP= - ]) - ;; - *-*-solaris2*) - AX_CHECK_COMPILE_FLAG([-xldscope=hidden], [ - AC_DEFINE(HAVE_DSO_VISIBILITY) - CFLAGS="${CFLAGS} -xldscope=hidden" - LT_LDEXPORTS= - LT_LDDEP= - ]) - ;; - esac - fi -]) +if test -n "$GCC"; then + AX_CHECK_COMPILE_FLAG([-fvisibility=hidden], [ + AC_DEFINE(HAVE_DSO_VISIBILITY) + CFLAGS="${CFLAGS} -fvisibility=hidden" + LT_LDEXPORTS= + LT_LDDEP= + NO_VIZ= + ]) +else + case "$host" in + *-*-hpux*) + AX_CHECK_COMPILE_FLAG([-Bhidden_def], [ + AC_DEFINE(HAVE_DSO_VISIBILITY) + CFLAGS="${CFLAGS} -Bhidden_def" + LT_LDEXPORTS= + LT_LDDEP= + ]) + ;; + *-*-solaris2*) + AX_CHECK_COMPILE_FLAG([-xldscope=hidden], [ + AC_DEFINE(HAVE_DSO_VISIBILITY) + CFLAGS="${CFLAGS} -xldscope=hidden" + LT_LDEXPORTS= + LT_LDDEP= + ]) + ;; + esac +fi dnl dnl If the compiler doesn't have symbol visibility support, it may @@ -3403,12 +3403,14 @@ dnl Check for -fstack-protector and -z relro support dnl This test relies on AC_LANG_WERROR dnl if test "$enable_hardening" != "no"; then - AX_CHECK_COMPILE_FLAG([-fstack-protector], [ - AX_CHECK_LINK_FLAG([-fstack-protector], [ - SSP_CFLAGS="-fstack-protector" - SSP_LDFLAGS="-Wc,-fstack-protector" + if test -n "$GCC"; then + AX_CHECK_COMPILE_FLAG([-fstack-protector], [ + AX_CHECK_LINK_FLAG([-fstack-protector], [ + SSP_CFLAGS="-fstack-protector" + SSP_LDFLAGS="-Wc,-fstack-protector" + ]) ]) - ]) + fi AX_CHECK_LINK_FLAG([-Wl,-z,relro], [LDFLAGS="${LDFLAGS} -Wl,-z,relro"]) fi -- cgit v1.2.1 From 5b9daa26ad3bd2d2ac7a34b4161eb390890d9b25 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Fri, 11 Jan 2013 09:39:59 -0500 Subject: Use -fstack-protector-all in preference to -fstack-protector where supported. --- configure | 85 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++--- configure.in | 16 +++++++++--- 2 files changed, 93 insertions(+), 8 deletions(-) diff --git a/configure b/configure index 730724615..e079113c2 100755 --- a/configure +++ b/configure @@ -20762,7 +20762,83 @@ fi if test "$enable_hardening" != "no"; then if test -n "$GCC"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -fstack-protector" >&5 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -fstack-protector-all" >&5 +$as_echo_n "checking whether C compiler accepts -fstack-protector-all... " >&6; } +if ${ax_cv_check_cflags___fstack_protector_all+:} false; then : + $as_echo_n "(cached) " >&6 +else + + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS -fstack-protector-all" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ax_cv_check_cflags___fstack_protector_all=yes +else + ax_cv_check_cflags___fstack_protector_all=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_cflags___fstack_protector_all" >&5 +$as_echo "$ax_cv_check_cflags___fstack_protector_all" >&6; } +if test x"$ax_cv_check_cflags___fstack_protector_all" = xyes; then : + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the linker accepts -fstack-protector-all" >&5 +$as_echo_n "checking whether the linker accepts -fstack-protector-all... " >&6; } +if ${ax_cv_check_ldflags___fstack_protector_all+:} false; then : + $as_echo_n "(cached) " >&6 +else + + ax_check_save_flags=$LDFLAGS + LDFLAGS="$LDFLAGS -fstack-protector-all" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ax_cv_check_ldflags___fstack_protector_all=yes +else + ax_cv_check_ldflags___fstack_protector_all=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + LDFLAGS=$ax_check_save_flags +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_ldflags___fstack_protector_all" >&5 +$as_echo "$ax_cv_check_ldflags___fstack_protector_all" >&6; } +if test x"$ax_cv_check_ldflags___fstack_protector_all" = xyes; then : + + SSP_CFLAGS="-fstack-protector-all" + SSP_LDFLAGS="-Wc,-fstack-protector-all" + +else + : +fi + + +else + : +fi + + if test -z "$SSP_CFLAGS"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -fstack-protector" >&5 $as_echo_n "checking whether C compiler accepts -fstack-protector... " >&6; } if ${ax_cv_check_cflags___fstack_protector+:} false; then : $as_echo_n "(cached) " >&6 @@ -20793,7 +20869,7 @@ fi $as_echo "$ax_cv_check_cflags___fstack_protector" >&6; } if test x"$ax_cv_check_cflags___fstack_protector" = xyes; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the linker accepts -fstack-protector" >&5 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the linker accepts -fstack-protector" >&5 $as_echo_n "checking whether the linker accepts -fstack-protector... " >&6; } if ${ax_cv_check_ldflags___fstack_protector+:} false; then : $as_echo_n "(cached) " >&6 @@ -20825,8 +20901,8 @@ fi $as_echo "$ax_cv_check_ldflags___fstack_protector" >&6; } if test x"$ax_cv_check_ldflags___fstack_protector" = xyes; then : - SSP_CFLAGS="-fstack-protector" - SSP_LDFLAGS="-Wc,-fstack-protector" + SSP_CFLAGS="-fstack-protector" + SSP_LDFLAGS="-Wc,-fstack-protector" else : @@ -20837,6 +20913,7 @@ else : fi + fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the linker accepts -Wl,-z,relro" >&5 $as_echo_n "checking whether the linker accepts -Wl,-z,relro... " >&6; } diff --git a/configure.in b/configure.in index 5d4b53f64..950e0fbf1 100644 --- a/configure.in +++ b/configure.in @@ -3404,12 +3404,20 @@ dnl This test relies on AC_LANG_WERROR dnl if test "$enable_hardening" != "no"; then if test -n "$GCC"; then - AX_CHECK_COMPILE_FLAG([-fstack-protector], [ - AX_CHECK_LINK_FLAG([-fstack-protector], [ - SSP_CFLAGS="-fstack-protector" - SSP_LDFLAGS="-Wc,-fstack-protector" + AX_CHECK_COMPILE_FLAG([-fstack-protector-all], [ + AX_CHECK_LINK_FLAG([-fstack-protector-all], [ + SSP_CFLAGS="-fstack-protector-all" + SSP_LDFLAGS="-Wc,-fstack-protector-all" ]) ]) + if test -z "$SSP_CFLAGS"; then + AX_CHECK_COMPILE_FLAG([-fstack-protector], [ + AX_CHECK_LINK_FLAG([-fstack-protector], [ + SSP_CFLAGS="-fstack-protector" + SSP_LDFLAGS="-Wc,-fstack-protector" + ]) + ]) + fi fi AX_CHECK_LINK_FLAG([-Wl,-z,relro], [LDFLAGS="${LDFLAGS} -Wl,-z,relro"]) fi -- cgit v1.2.1 From 7042e3078e0fa80ed61180907a421e2d4c55330b Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Sun, 13 Jan 2013 15:24:12 -0500 Subject: Add missing call to save_signals(). --- src/sudo.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/sudo.c b/src/sudo.c index e1ecf6a47..f981e49db 100644 --- a/src/sudo.c +++ b/src/sudo.c @@ -187,9 +187,10 @@ main(int argc, char *argv[], char *envp[]) /* Make sure we are setuid root. */ sudo_check_suid(argv[0]); - /* Reset signal mask and make sure fds 0-2 are open. */ + /* Reset signal mask, save signal state and make sure fds 0-2 are open. */ (void) sigemptyset(&mask); (void) sigprocmask(SIG_SETMASK, &mask, NULL); + save_signals(); fix_fds(); /* Read sudo.conf. */ -- cgit v1.2.1 -- cgit v1.2.1 From 4d65ef69d2594084702757898356485cd645a3de Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Wed, 23 Jan 2013 07:52:09 -0500 Subject: Fix potential stack overflow due to infinite recursion in alias cycle detection. From Daniel Kopecek. --- plugins/sudoers/visudo.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/plugins/sudoers/visudo.c b/plugins/sudoers/visudo.c index 11617099d..1b55080ad 100644 --- a/plugins/sudoers/visudo.c +++ b/plugins/sudoers/visudo.c @@ -1075,18 +1075,16 @@ alias_remove_recursive(char *name, int type) bool rval = true; debug_decl(alias_remove_recursive, SUDO_DEBUG_ALIAS) - if ((a = alias_find(name, type)) != NULL) { + if ((a = alias_remove(name, type)) != NULL) { tq_foreach_fwd(&a->members, m) { if (m->type == ALIAS) { if (!alias_remove_recursive(m->name, type)) rval = false; } } + rbinsert(alias_freelist, a); } alias_seqno++; - a = alias_remove(name, type); - if (a) - rbinsert(alias_freelist, a); debug_return_bool(rval); } -- cgit v1.2.1 From 08383af3a745b8373e72a525d3850fa46eaabda1 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Fri, 18 Jan 2013 14:58:12 -0500 Subject: Use _getgroupsbymember() on Solaris to get the groups list. Fixes performance problems with the getgroupslist() compat on Solaris systems with network-based group databases. --- compat/getgrouplist.c | 33 +++++++++++++++++++++++++++++---- config.h.in | 3 +++ configure | 13 +++++++++++++ configure.in | 3 +++ 4 files changed, 48 insertions(+), 4 deletions(-) diff --git a/compat/getgrouplist.c b/compat/getgrouplist.c index 2d22714f4..cea72f511 100644 --- a/compat/getgrouplist.c +++ b/compat/getgrouplist.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010 Todd C. Miller + * Copyright (c) 2010, 2011, 2013 Todd C. Miller * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -36,7 +36,7 @@ #include "missing.h" -#ifdef HAVE_GETGRSET +#if defined(HAVE_GETGRSET) /* * BSD-compatible getgrouplist(3) using getgrset(3) */ @@ -79,7 +79,32 @@ done: return rval; } -#else /* HAVE_GETGRSET */ +#elif defined(HAVE__GETGROUPSBYMEMBER) + +/* + * BSD-compatible getgrouplist(3) using _getgroupsbymember(3) + */ +int +getgrouplist(const char *name, gid_t basegid, gid_t *groups, int *ngroupsp) +{ + int ngroups, grpsize = *ngroupsp; + int rval = -1; + + if (grpsize > 0) { + /* We support BSD semantics where the first element is the base gid */ + groups[0] = basegid; + + /* The last arg is 1 because we already filled in the base gid. */ + ngroups = _getgroupsbymember(name, groups, grpsize, 1); + if (ngroups != -1) { + rval = 0; + *ngroupsp = ngroups; + } + } + return rval; +} + +#else /* !HAVE_GETGRSET && !HAVE__GETGROUPSBYMEMBER */ /* * BSD-compatible getgrouplist(3) using getgrent(3) @@ -128,4 +153,4 @@ done: return rval; } -#endif /* HAVE_GETGRSET */ +#endif /* !HAVE_GETGRSET && !HAVE__GETGROUPSBYMEMBER */ diff --git a/config.h.in b/config.h.in index 3e9b23200..93f36da51 100644 --- a/config.h.in +++ b/config.h.in @@ -700,6 +700,9 @@ /* Define to 1 if the system has the type `_Bool'. */ #undef HAVE__BOOL +/* Define to 1 if you have the `_getgroupsbymember' function. */ +#undef HAVE__GETGROUPSBYMEMBER + /* Define to 1 if you have the `_getpty' function. */ #undef HAVE__GETPTY diff --git a/configure b/configure index e079113c2..2288686d5 100755 --- a/configure +++ b/configure @@ -13902,6 +13902,19 @@ case "$host" in # LD_PRELOAD is space-delimited RTLD_PRELOAD_DELIM=" " + # For implementing getgrouplist() + for ac_func in _getgroupsbymember +do : + ac_fn_c_check_func "$LINENO" "_getgroupsbymember" "ac_cv_func__getgroupsbymember" +if test "x$ac_cv_func__getgroupsbymember" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE__GETGROUPSBYMEMBER 1 +_ACEOF + +fi +done + + # To get the crypt(3) prototype (so we pass -Wall) OSDEFS="${OSDEFS} -D__EXTENSIONS__" # AFS support needs -lucb diff --git a/configure.in b/configure.in index 950e0fbf1..4385db5a9 100644 --- a/configure.in +++ b/configure.in @@ -1551,6 +1551,9 @@ case "$host" in # LD_PRELOAD is space-delimited RTLD_PRELOAD_DELIM=" " + # For implementing getgrouplist() + AC_CHECK_FUNCS(_getgroupsbymember) + # To get the crypt(3) prototype (so we pass -Wall) OSDEFS="${OSDEFS} -D__EXTENSIONS__" # AFS support needs -lucb -- cgit v1.2.1 From 33cae2e3a8ebe9f7c7f397cbf01adf98e2c1bd2c Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Thu, 24 Jan 2013 07:44:10 -0500 Subject: Add 1.8.6p5 --- NEWS | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/NEWS b/NEWS index f1a3c570e..c69d76b5d 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,12 @@ +What's new in Sudo 1.8.6p5? + + * Fixed a potential crash in visudo's alias cycle detection. + + * Improved performance on Solaris when retrieving the group list + for the target user. On systems with a large number of groups + where the group database is not local (NIS, LDAP, AD), fetching + the group list could take a minute or more. + What's new in Sudo 1.8.6p4? * The -fstack-protector is now used when linking visudo, sudoreplay -- cgit v1.2.1 From 4f901e575b8c65877f563c024bfaef710e24b93e Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Thu, 24 Jan 2013 07:45:49 -0500 Subject: Sudo 1.8.6p5 --- configure | 18 +++++++++--------- configure.in | 4 ++-- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/configure b/configure index 2288686d5..b50a59ea3 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.68 for sudo 1.8.6p4. +# Generated by GNU Autoconf 2.68 for sudo 1.8.6p5. # # Report bugs to . # @@ -570,8 +570,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='sudo' PACKAGE_TARNAME='sudo' -PACKAGE_VERSION='1.8.6p4' -PACKAGE_STRING='sudo 1.8.6p4' +PACKAGE_VERSION='1.8.6p5' +PACKAGE_STRING='sudo 1.8.6p5' PACKAGE_BUGREPORT='http://www.sudo.ws/bugs/' PACKAGE_URL='' @@ -1470,7 +1470,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures sudo 1.8.6p4 to adapt to many kinds of systems. +\`configure' configures sudo 1.8.6p5 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1535,7 +1535,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of sudo 1.8.6p4:";; + short | recursive ) echo "Configuration of sudo 1.8.6p5:";; esac cat <<\_ACEOF @@ -1761,7 +1761,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -sudo configure 1.8.6p4 +sudo configure 1.8.6p5 generated by GNU Autoconf 2.68 Copyright (C) 2010 Free Software Foundation, Inc. @@ -2465,7 +2465,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by sudo $as_me 1.8.6p4, which was +It was created by sudo $as_me 1.8.6p5, which was generated by GNU Autoconf 2.68. Invocation command line was $ $0 $@ @@ -21596,7 +21596,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by sudo $as_me 1.8.6p4, which was +This file was extended by sudo $as_me 1.8.6p5, which was generated by GNU Autoconf 2.68. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -21662,7 +21662,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -sudo config.status 1.8.6p4 +sudo config.status 1.8.6p5 configured by $0, generated by GNU Autoconf 2.68, with options \\"\$ac_cs_config\\" diff --git a/configure.in b/configure.in index 4385db5a9..ad04c92f4 100644 --- a/configure.in +++ b/configure.in @@ -1,9 +1,9 @@ dnl dnl Process this file with GNU autoconf to produce a configure script. dnl -dnl Copyright (c) 1994-1996,1998-2012 Todd C. Miller +dnl Copyright (c) 1994-1996,1998-2013 Todd C. Miller dnl -AC_INIT([sudo], [1.8.6p4], [http://www.sudo.ws/bugs/], [sudo]) +AC_INIT([sudo], [1.8.6p5], [http://www.sudo.ws/bugs/], [sudo]) AC_CONFIG_HEADER([config.h pathnames.h]) dnl dnl Note: this must come after AC_INIT -- cgit v1.2.1 From 11ec3196ce823b3c37905de7fd7da59e192366b8 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Thu, 24 Jan 2013 09:01:03 -0500 Subject: Add __dso_public to extern declaration of declaration to match actual definition. --- plugins/sudoers/iolog.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/sudoers/iolog.c b/plugins/sudoers/iolog.c index 45dd0aed0..f4685aa6a 100644 --- a/plugins/sudoers/iolog.c +++ b/plugins/sudoers/iolog.c @@ -102,7 +102,7 @@ struct iolog_details { static int iolog_compress; static struct timeval last_time; static union io_fd io_fds[IOFD_MAX]; -extern struct io_plugin sudoers_io; +extern __dso_public struct io_plugin sudoers_io; /* * Create parent directories for path as needed, but not path itself. -- cgit v1.2.1 -- cgit v1.2.1 From f8dfcb93742373e206765cdc06bcd08982a09c15 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Thu, 31 Jan 2013 11:05:56 -0500 Subject: Remove ttyname() fall back code on systems where we can query the kernel for the tty device via /proc or sysctl(). If there is no controlling tty, it is better to just treat the tty as unknown rather than to blindly use what is hooked up to std{in,out,err}. --- src/ttyname.c | 28 ++-------------------------- 1 file changed, 2 insertions(+), 26 deletions(-) diff --git a/src/ttyname.c b/src/ttyname.c index 9ef1b78f4..c839e0189 100644 --- a/src/ttyname.c +++ b/src/ttyname.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2012 Todd C. Miller + * Copyright (c) 2012-2013 Todd C. Miller * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -377,14 +377,6 @@ get_process_ttyname(void) } efree(ki_proc); - /* If all else fails, fall back on ttyname(). */ - if (tty == NULL) { - if ((tty = ttyname(STDIN_FILENO)) != NULL || - (tty = ttyname(STDOUT_FILENO)) != NULL || - (tty = ttyname(STDERR_FILENO)) != NULL) - tty = estrdup(tty); - } - debug_return_str(tty); } #elif defined(HAVE_STRUCT_PSINFO_PR_TTYDEV) @@ -416,14 +408,6 @@ get_process_ttyname(void) } } - /* If all else fails, fall back on ttyname(). */ - if (tty == NULL) { - if ((tty = ttyname(STDIN_FILENO)) != NULL || - (tty = ttyname(STDOUT_FILENO)) != NULL || - (tty = ttyname(STDERR_FILENO)) != NULL) - tty = estrdup(tty); - } - debug_return_str(tty); } #elif defined(__linux__) @@ -442,7 +426,7 @@ get_process_ttyname(void) int i; debug_decl(get_process_ttyname, SUDO_DEBUG_UTIL) - /* Try to determine the tty from pr_ttydev in /proc/pid/psinfo. */ + /* Try to determine the tty from tty_nr in /proc/pid/stat. */ for (i = 0; tty == NULL && i < 2; i++) { FILE *fp; char path[PATH_MAX]; @@ -470,14 +454,6 @@ get_process_ttyname(void) } efree(line); - /* If all else fails, fall back on ttyname(). */ - if (tty == NULL) { - if ((tty = ttyname(STDIN_FILENO)) != NULL || - (tty = ttyname(STDOUT_FILENO)) != NULL || - (tty = ttyname(STDERR_FILENO)) != NULL) - tty = estrdup(tty); - } - debug_return_str(tty); } #else -- cgit v1.2.1 From d75b0b43537d14a33f66c294be64e8558b4bdfb0 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Thu, 31 Jan 2013 11:45:33 -0500 Subject: Add 1.8.6p6 --- NEWS | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/NEWS b/NEWS index c69d76b5d..58e59e0f6 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,9 @@ +What's new in Sudo 1.8.6p6? + + * On systems where the controlling tty can be determined via /proc + or sysctl(), do not fall back to using ttyname() if there is no + controlling tty. + What's new in Sudo 1.8.6p5? * Fixed a potential crash in visudo's alias cycle detection. -- cgit v1.2.1 From 729416c8a7ead10bb7e95b1ad53b6e7439a22bb5 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Thu, 31 Jan 2013 16:06:49 -0500 Subject: Clarify ttyname changes. --- NEWS | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/NEWS b/NEWS index 58e59e0f6..05226c70c 100644 --- a/NEWS +++ b/NEWS @@ -1,8 +1,9 @@ What's new in Sudo 1.8.6p6? * On systems where the controlling tty can be determined via /proc - or sysctl(), do not fall back to using ttyname() if there is no - controlling tty. + or sysctl(), sudo will no longer fall back to using ttyname() + if the process has no controlling tty. This prevents sudo from + using a non-controlling tty for logging and time stamp purposes. What's new in Sudo 1.8.6p5? -- cgit v1.2.1 -- cgit v1.2.1 From c80096bd00eabaddc760bdd7d7ea56f70155e3b2 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Mon, 11 Feb 2013 15:57:36 -0500 Subject: Add Sudo 1.8.6p7 --- NEWS | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/NEWS b/NEWS index 05226c70c..76ea84f3c 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,11 @@ +What's new in Sudo 1.8.6p7? + + * The tty-specific time stamp file now includes the session ID + of the sudo process that created it. If a process with the same + tty but a different session ID runs sudo, the user will now be + prompted for a password (assuming authentication is required for + the command). + What's new in Sudo 1.8.6p6? * On systems where the controlling tty can be determined via /proc @@ -91,7 +99,7 @@ What's new in Sudo 1.8.6? ldap.conf options. A new ldap.conf option, TLS_KEYPW can be used to specify a password to decrypt the key database. - * When constructing a time filter for use with LDAP sudoNotBefore + * When constructing a time filter for use with LDAP sudoNotBefore and sudoNotAfter attributes, the current time now includes tenths of a second. This fixes a problem with timed entries on Active Directory. @@ -357,7 +365,7 @@ What's new in Sudo 1.8.3p1? * Fixed a crash in the monitor process on Solaris when NOPASSWD was specified or when authentication was disabled. - + * Fixed matching of a Runas_Alias in the group section of a Runas_Spec. -- cgit v1.2.1 From d7e4c4d4dbead1a20545bd9c72a1dc3d76e68c3a Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Mon, 25 Feb 2013 14:45:23 -0500 Subject: Update for Sudo 1.8.6p7 --- NEWS | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/NEWS b/NEWS index 76ea84f3c..bc972485f 100644 --- a/NEWS +++ b/NEWS @@ -1,5 +1,11 @@ What's new in Sudo 1.8.6p7? + * A time stamp file with the date set to the epoch by "sudo -k" + is now completely ignored regardless of what the local clock is + set to. Previously, if the local clock was set to a value between + the epoch and the time stamp timeout value, a time stamp reset + by "sudo -k" would be considered current. + * The tty-specific time stamp file now includes the session ID of the sudo process that created it. If a process with the same tty but a different session ID runs sudo, the user will now be -- cgit v1.2.1 From c6e1578fdd98e88c148717b880dee3017d310b75 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Mon, 25 Feb 2013 14:48:12 -0500 Subject: Sudo 1.8.6p7 --- configure | 18 +++++++++--------- configure.in | 2 +- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/configure b/configure index b50a59ea3..ccb826a03 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.68 for sudo 1.8.6p5. +# Generated by GNU Autoconf 2.68 for sudo 1.8.6p7. # # Report bugs to . # @@ -570,8 +570,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='sudo' PACKAGE_TARNAME='sudo' -PACKAGE_VERSION='1.8.6p5' -PACKAGE_STRING='sudo 1.8.6p5' +PACKAGE_VERSION='1.8.6p7' +PACKAGE_STRING='sudo 1.8.6p7' PACKAGE_BUGREPORT='http://www.sudo.ws/bugs/' PACKAGE_URL='' @@ -1470,7 +1470,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures sudo 1.8.6p5 to adapt to many kinds of systems. +\`configure' configures sudo 1.8.6p7 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1535,7 +1535,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of sudo 1.8.6p5:";; + short | recursive ) echo "Configuration of sudo 1.8.6p7:";; esac cat <<\_ACEOF @@ -1761,7 +1761,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -sudo configure 1.8.6p5 +sudo configure 1.8.6p7 generated by GNU Autoconf 2.68 Copyright (C) 2010 Free Software Foundation, Inc. @@ -2465,7 +2465,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by sudo $as_me 1.8.6p5, which was +It was created by sudo $as_me 1.8.6p7, which was generated by GNU Autoconf 2.68. Invocation command line was $ $0 $@ @@ -21596,7 +21596,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by sudo $as_me 1.8.6p5, which was +This file was extended by sudo $as_me 1.8.6p7, which was generated by GNU Autoconf 2.68. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -21662,7 +21662,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -sudo config.status 1.8.6p5 +sudo config.status 1.8.6p7 configured by $0, generated by GNU Autoconf 2.68, with options \\"\$ac_cs_config\\" diff --git a/configure.in b/configure.in index ad04c92f4..3f8307783 100644 --- a/configure.in +++ b/configure.in @@ -3,7 +3,7 @@ dnl Process this file with GNU autoconf to produce a configure script. dnl dnl Copyright (c) 1994-1996,1998-2013 Todd C. Miller dnl -AC_INIT([sudo], [1.8.6p5], [http://www.sudo.ws/bugs/], [sudo]) +AC_INIT([sudo], [1.8.6p7], [http://www.sudo.ws/bugs/], [sudo]) AC_CONFIG_HEADER([config.h pathnames.h]) dnl dnl Note: this must come after AC_INIT -- cgit v1.2.1 From 94e872dd3caf4bfb94b790eacaad79d119a31b44 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Mon, 25 Feb 2013 14:49:18 -0500 Subject: Store the session ID in the tty ticket file too. A tty may only be in one session at a time so if the session ID doesn't match we ignore the ticket. --- plugins/sudoers/check.c | 4 +++- plugins/sudoers/sudoers.c | 4 ++++ plugins/sudoers/sudoers.h | 3 ++- 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/plugins/sudoers/check.c b/plugins/sudoers/check.c index 21cb2b196..e7134760e 100644 --- a/plugins/sudoers/check.c +++ b/plugins/sudoers/check.c @@ -82,6 +82,7 @@ static struct tty_info { dev_t rdev; /* tty device ID */ ino_t ino; /* tty inode number */ struct timeval ctime; /* tty inode change time */ + pid_t sid; /* ID of session with controlling tty */ } tty_info; static int build_timestamp(char **, char **); @@ -138,13 +139,14 @@ check_user(int validated, int mode) if (ISSET(mode, MODE_IGNORE_TICKET)) SET(validated, FLAG_CHECK_USER); - /* Stash the tty's ctime for tty ticket comparison. */ + /* Stash the tty's device, session ID and ctime for ticket comparison. */ if (def_tty_tickets && user_ttypath && stat(user_ttypath, &sb) == 0) { tty_info.dev = sb.st_dev; tty_info.ino = sb.st_ino; tty_info.rdev = sb.st_rdev; if (tty_is_devpts(user_ttypath)) ctim_get(&sb, &tty_info.ctime); + tty_info.sid = user_sid; } if (build_timestamp(×tampdir, ×tampfile) == -1) { diff --git a/plugins/sudoers/sudoers.c b/plugins/sudoers/sudoers.c index b4f9a3a45..0399acd07 100644 --- a/plugins/sudoers/sudoers.c +++ b/plugins/sudoers/sudoers.c @@ -1410,6 +1410,10 @@ deserialize_info(char * const args[], char * const settings[], char * const user sudo_user.cols = atoi(*cur + sizeof("cols=") - 1); continue; } + if (MATCHES(*cur, "sid=")) { + sudo_user.sid = atoi(*cur + sizeof("sid=") - 1); + continue; + } } if (user_cwd == NULL) user_cwd = "unknown"; diff --git a/plugins/sudoers/sudoers.h b/plugins/sudoers/sudoers.h index 0dd061fe1..e69a9779d 100644 --- a/plugins/sudoers/sudoers.h +++ b/plugins/sudoers/sudoers.h @@ -95,6 +95,7 @@ struct sudo_user { int flags; uid_t uid; uid_t gid; + pid_t sid; }; /* @@ -171,8 +172,8 @@ struct sudo_user { #define user_name (sudo_user.name) #define user_uid (sudo_user.uid) #define user_gid (sudo_user.gid) +#define user_sid (sudo_user.sid) #define user_passwd (sudo_user.pw->pw_passwd) -#define user_uuid (sudo_user.uuid) #define user_dir (sudo_user.pw->pw_dir) #define user_gids (sudo_user.gids) #define user_ngids (sudo_user.ngids) -- cgit v1.2.1 From 106a1886d5ba2032198b002936332795ccf6d609 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Mon, 25 Feb 2013 14:49:40 -0500 Subject: Completely ignore time stamp file if it is set to the epoch, regardless of what gettimeofday() returns. --- plugins/sudoers/check.c | 53 ++++++++++++++++++++++++++----------------------- 1 file changed, 28 insertions(+), 25 deletions(-) diff --git a/plugins/sudoers/check.c b/plugins/sudoers/check.c index e7134760e..e89f9b647 100644 --- a/plugins/sudoers/check.c +++ b/plugins/sudoers/check.c @@ -629,31 +629,34 @@ timestamp_status(char *timestampdir, char *timestampfile, char *user, int flags) */ if (status == TS_OLD && !ISSET(flags, TS_REMOVE)) { mtim_get(&sb, &mtime); - /* Negative timeouts only expire manually (sudo -k). */ - if (def_timestamp_timeout < 0 && mtime.tv_sec != 0) - status = TS_CURRENT; - else { - now = time(NULL); - if (def_timestamp_timeout && - now - mtime.tv_sec < 60 * def_timestamp_timeout) { - /* - * Check for bogus time on the stampfile. The clock may - * have been set back or someone could be trying to spoof us. - */ - if (mtime.tv_sec > now + 60 * def_timestamp_timeout * 2) { - time_t tv_sec = (time_t)mtime.tv_sec; - log_error(0, - _("timestamp too far in the future: %20.20s"), - 4 + ctime(&tv_sec)); - if (timestampfile) - (void) unlink(timestampfile); - else - (void) rmdir(timestampdir); - status = TS_MISSING; - } else if (get_boottime(&boottime) && timevalcmp(&mtime, &boottime, <)) { - status = TS_OLD; - } else { - status = TS_CURRENT; + if (timevalisset(&mtime)) { + /* Negative timeouts only expire manually (sudo -k). */ + if (def_timestamp_timeout < 0) { + status = TS_CURRENT; + } else { + now = time(NULL); + if (def_timestamp_timeout && + now - mtime.tv_sec < 60 * def_timestamp_timeout) { + /* + * Check for bogus time on the stampfile. The clock may + * have been set back or user could be trying to spoof us. + */ + if (mtime.tv_sec > now + 60 * def_timestamp_timeout * 2) { + time_t tv_sec = (time_t)mtime.tv_sec; + log_error(0, + _("timestamp too far in the future: %20.20s"), + 4 + ctime(&tv_sec)); + if (timestampfile) + (void) unlink(timestampfile); + else + (void) rmdir(timestampdir); + status = TS_MISSING; + } else if (get_boottime(&boottime) && + timevalcmp(&mtime, &boottime, <)) { + status = TS_OLD; + } else { + status = TS_CURRENT; + } } } } -- cgit v1.2.1 -- cgit v1.2.1 From fb0c1829845308ff2fba7af1be154a3dc0774144 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Wed, 10 Apr 2013 12:11:12 -0400 Subject: Break out of the loop if sudo_ttyname_scan() returns non-NULL. Fixes a problem finding the tty name when it is not in /dev/pts. --- src/ttyname.c | 31 ++++++++++++++----------------- 1 file changed, 14 insertions(+), 17 deletions(-) diff --git a/src/ttyname.c b/src/ttyname.c index c839e0189..f14d069e7 100644 --- a/src/ttyname.c +++ b/src/ttyname.c @@ -180,10 +180,10 @@ static char *ignore_devs[] = { /* * Do a breadth-first scan of dir looking for the specified device. */ -static -char *sudo_ttyname_scan(const char *dir, dev_t rdev, bool builtin) +static char * +sudo_ttyname_scan(const char *dir, dev_t rdev, bool builtin) { - DIR *d; + DIR *d = NULL; char pathbuf[PATH_MAX], **subdirs = NULL, *devname = NULL; size_t sdlen, d_len, len, num_subdirs = 0, max_subdirs = 0; struct dirent *dp; @@ -260,16 +260,17 @@ char *sudo_ttyname_scan(const char *dir, dev_t rdev, bool builtin) } if (S_ISCHR(sb.st_mode) && sb.st_rdev == rdev) { devname = estrdup(pathbuf); - break; + goto done; } } - closedir(d); /* Search subdirs if we didn't find it in the root level. */ for (i = 0; devname == NULL && i < num_subdirs; i++) devname = sudo_ttyname_scan(subdirs[i], rdev, false); done: + if (d != NULL) + closedir(d); for (i = 0; i < num_subdirs; i++) efree(subdirs[i]); efree(subdirs); @@ -290,31 +291,27 @@ sudo_ttyname_dev(dev_t rdev) debug_decl(sudo_ttyname_dev, SUDO_DEBUG_UTIL) /* - * First check search_devs. + * First check search_devs for common tty devices. */ - for (sd = search_devs; (devname = *sd) != NULL; sd++) { + for (sd = search_devs; tty == NULL && (devname = *sd) != NULL; sd++) { len = strlen(devname); if (devname[len - 1] == '/') { - /* Special case /dev/pts */ if (strcmp(devname, "/dev/pts/") == 0) { + /* Special case /dev/pts */ (void)snprintf(buf, sizeof(buf), "%spts/%u", _PATH_DEV, (unsigned int)minor(rdev)); if (stat(buf, &sb) == 0) { - if (S_ISCHR(sb.st_mode) && sb.st_rdev == rdev) { + if (S_ISCHR(sb.st_mode) && sb.st_rdev == rdev) tty = estrdup(buf); - break; - } } - continue; + } else { + /* Traverse directory */ + tty = sudo_ttyname_scan(devname, rdev, true); } - /* Traverse directory */ - tty = sudo_ttyname_scan(devname, rdev, true); } else { if (stat(devname, &sb) == 0) { - if (S_ISCHR(sb.st_mode) && sb.st_rdev == rdev) { + if (S_ISCHR(sb.st_mode) && sb.st_rdev == rdev) tty = estrdup(devname); - break; - } } } } -- cgit v1.2.1 From 543334e7027992d4fcd378e0f5c2f5aa16770e9b Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Wed, 10 Apr 2013 12:30:16 -0400 Subject: AIX may have a 64-bit pr_ttydev that we need to convert to 32-bit before we try to match it against st_rdev. --- src/ttyname.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/src/ttyname.c b/src/ttyname.c index f14d069e7..b86ee5579 100644 --- a/src/ttyname.c +++ b/src/ttyname.c @@ -400,8 +400,14 @@ get_process_ttyname(void) continue; nread = read(fd, &psinfo, sizeof(psinfo)); close(fd); - if (nread == (ssize_t)sizeof(psinfo) && psinfo.pr_ttydev != (dev_t)-1) { - tty = sudo_ttyname_dev(psinfo.pr_ttydev); + if (nread == (ssize_t)sizeof(psinfo)) { + dev_t rdev = (dev_t)psinfo.pr_ttydev; +#ifdef DEVNO64 + if (psinfo.pr_ttydev & DEVNO64) + rdev = makedev(major64(psinfo.pr_ttydev), minor64(psinfo.pr_ttydev)); +#endif + if (rdev != (dev_t)-1) + tty = sudo_ttyname_dev(rdev); } } -- cgit v1.2.1 From d670a5dc25d710169937a8085373c0277e488a27 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Wed, 10 Apr 2013 16:26:41 -0400 Subject: Disable PIE on Solaris where it is not really supported. --- mkpkg | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mkpkg b/mkpkg index df05fe9e9..06e54fc17 100755 --- a/mkpkg +++ b/mkpkg @@ -247,7 +247,7 @@ case "$osversion" in # For Solaris, add project support and use let configure choose zlib. # For all others, use the builtin zlib and disable NLS support. case "$osversion" in - sol*) configure_opts="${configure_opts}${configure_opts+$tab}--with-project";; + sol*) configure_opts="${configure_opts}${configure_opts+$tab}--with-project${tab}--disable-pie";; *) configure_opts="${configure_opts}${configure_opts+$tab}--enable-zlib=builtin${tab}--disable-nls";; esac if test "$flavor" = "ldap"; then -- cgit v1.2.1 From 56a676a3896826bd88ac6dfbd3e3ea133a8ef3a4 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Thu, 11 Apr 2013 13:10:40 -0400 Subject: Check for crypt() returning NULL. Traditionally, crypt() never returned NULL but newer versions of eglibc have a crypt() that does. Bug #598 --- plugins/sudoers/auth/passwd.c | 18 ++++++++++-------- plugins/sudoers/auth/secureware.c | 28 +++++++++++++--------------- 2 files changed, 23 insertions(+), 23 deletions(-) diff --git a/plugins/sudoers/auth/passwd.c b/plugins/sudoers/auth/passwd.c index 1736f3066..c86b730d7 100644 --- a/plugins/sudoers/auth/passwd.c +++ b/plugins/sudoers/auth/passwd.c @@ -69,15 +69,15 @@ sudo_passwd_verify(struct passwd *pw, char *pass, sudo_auth *auth) char sav, *epass; char *pw_epasswd = auth->data; size_t pw_len; - int error; + int matched = 0; debug_decl(sudo_passwd_verify, SUDO_DEBUG_AUTH) pw_len = strlen(pw_epasswd); #ifdef HAVE_GETAUTHUID /* Ultrix shadow passwords may use crypt16() */ - error = strcmp(pw_epasswd, (char *) crypt16(pass, pw_epasswd)); - if (!error) + epass = (char *) crypt16(pass, pw_epasswd); + if (epass != NULL && strcmp(pw_epasswd, epass) == 0) debug_return_int(AUTH_SUCCESS); #endif /* HAVE_GETAUTHUID */ @@ -96,12 +96,14 @@ sudo_passwd_verify(struct passwd *pw, char *pass, sudo_auth *auth) */ epass = (char *) crypt(pass, pw_epasswd); pass[8] = sav; - if (HAS_AGEINFO(pw_epasswd, pw_len) && strlen(epass) == DESLEN) - error = strncmp(pw_epasswd, epass, DESLEN); - else - error = strcmp(pw_epasswd, epass); + if (epass != NULL) { + if (HAS_AGEINFO(pw_epasswd, pw_len) && strlen(epass) == DESLEN) + matched = !strncmp(pw_epasswd, epass, DESLEN); + else + matched = !strcmp(pw_epasswd, epass); + } - debug_return_int(error ? AUTH_FAILURE : AUTH_SUCCESS); + debug_return_int(matched ? AUTH_SUCCESS : AUTH_FAILURE); } int diff --git a/plugins/sudoers/auth/secureware.c b/plugins/sudoers/auth/secureware.c index 776b5dd70..33411752e 100644 --- a/plugins/sudoers/auth/secureware.c +++ b/plugins/sudoers/auth/secureware.c @@ -74,30 +74,28 @@ int sudo_secureware_verify(struct passwd *pw, char *pass, sudo_auth *auth) { char *pw_epasswd = auth->data; + char *epass = NULL; debug_decl(sudo_secureware_verify, SUDO_DEBUG_AUTH) #ifdef __alpha { extern int crypt_type; -# ifdef HAVE_DISPCRYPT - if (strcmp(pw_epasswd, dispcrypt(pass, pw_epasswd, crypt_type)) == 0) - debug_return_int(AUTH_SUCCESS); -# else - if (crypt_type == AUTH_CRYPT_BIGCRYPT) { - if (strcmp(pw_epasswd, bigcrypt(pass, pw_epasswd)) == 0) - debug_return_int(AUTH_SUCCESS); - } else if (crypt_type == AUTH_CRYPT_CRYPT16) { - if (strcmp(pw_epasswd, crypt(pass, pw_epasswd)) == 0) - debug_return_int(AUTH_SUCCESS); - } +# ifdef HAVE_DISPCRYPT + epass = dispcrypt(pass, pw_epasswd, crypt_type); +# else + if (crypt_type == AUTH_CRYPT_BIGCRYPT) + epass = bigcrypt(pass, pw_epasswd); + else if (crypt_type == AUTH_CRYPT_CRYPT16) + epass = crypt(pass, pw_epasswd); } -# endif /* HAVE_DISPCRYPT */ +# endif /* HAVE_DISPCRYPT */ #elif defined(HAVE_BIGCRYPT) - if (strcmp(pw_epasswd, bigcrypt(pass, pw_epasswd)) == 0) - debug_return_int(AUTH_SUCCESS); + epass = bigcrypt(pass, pw_epasswd); #endif /* __alpha */ - debug_return_int(AUTH_FAILURE); + if (epass != NULL && strcmp(pw_epasswd, epass) == 0) + debug_return_int(AUTH_SUCCESS); + debug_return_int(AUTH_FAILURE); } int -- cgit v1.2.1 From 44461b953cbfaec0dc03febdbc7ac82944a63bca Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Thu, 11 Apr 2013 13:16:53 -0400 Subject: Update for sudo 1.8.6p8 --- NEWS | 10 ++++++++++ configure | 18 +++++++++--------- configure.in | 2 +- 3 files changed, 20 insertions(+), 10 deletions(-) diff --git a/NEWS b/NEWS index bc972485f..23fa45743 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,13 @@ +What's new in Sudo 1.8.6p8? + + * Terminal dection now works properly on 64-bit AIX kernels. + This was broken by the removal of the ttyname() fallback in Sudo + 1.8.6p6. Sudo is now able to map an AIX 64-bit device number + to the corresponding device file in /dev. + + * Sudo now checks for crypt() returning NULL when performing + passwd-based authentication. + What's new in Sudo 1.8.6p7? * A time stamp file with the date set to the epoch by "sudo -k" diff --git a/configure b/configure index ccb826a03..5a8e4d9b3 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.68 for sudo 1.8.6p7. +# Generated by GNU Autoconf 2.68 for sudo 1.8.6p8. # # Report bugs to . # @@ -570,8 +570,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='sudo' PACKAGE_TARNAME='sudo' -PACKAGE_VERSION='1.8.6p7' -PACKAGE_STRING='sudo 1.8.6p7' +PACKAGE_VERSION='1.8.6p8' +PACKAGE_STRING='sudo 1.8.6p8' PACKAGE_BUGREPORT='http://www.sudo.ws/bugs/' PACKAGE_URL='' @@ -1470,7 +1470,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures sudo 1.8.6p7 to adapt to many kinds of systems. +\`configure' configures sudo 1.8.6p8 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1535,7 +1535,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of sudo 1.8.6p7:";; + short | recursive ) echo "Configuration of sudo 1.8.6p8:";; esac cat <<\_ACEOF @@ -1761,7 +1761,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -sudo configure 1.8.6p7 +sudo configure 1.8.6p8 generated by GNU Autoconf 2.68 Copyright (C) 2010 Free Software Foundation, Inc. @@ -2465,7 +2465,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by sudo $as_me 1.8.6p7, which was +It was created by sudo $as_me 1.8.6p8, which was generated by GNU Autoconf 2.68. Invocation command line was $ $0 $@ @@ -21596,7 +21596,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by sudo $as_me 1.8.6p7, which was +This file was extended by sudo $as_me 1.8.6p8, which was generated by GNU Autoconf 2.68. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -21662,7 +21662,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -sudo config.status 1.8.6p7 +sudo config.status 1.8.6p8 configured by $0, generated by GNU Autoconf 2.68, with options \\"\$ac_cs_config\\" diff --git a/configure.in b/configure.in index 3f8307783..2b3ce5302 100644 --- a/configure.in +++ b/configure.in @@ -3,7 +3,7 @@ dnl Process this file with GNU autoconf to produce a configure script. dnl dnl Copyright (c) 1994-1996,1998-2013 Todd C. Miller dnl -AC_INIT([sudo], [1.8.6p7], [http://www.sudo.ws/bugs/], [sudo]) +AC_INIT([sudo], [1.8.6p8], [http://www.sudo.ws/bugs/], [sudo]) AC_CONFIG_HEADER([config.h pathnames.h]) dnl dnl Note: this must come after AC_INIT -- cgit v1.2.1 -- cgit v1.2.1 From 6fb7d6ecab60bdad377f7f4e4b338d2a8707319e Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Thu, 11 Apr 2013 15:40:43 -0400 Subject: Fix typo --- NEWS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/NEWS b/NEWS index 23fa45743..9461b254a 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,6 @@ What's new in Sudo 1.8.6p8? - * Terminal dection now works properly on 64-bit AIX kernels. + * Terminal detection now works properly on 64-bit AIX kernels. This was broken by the removal of the ttyname() fallback in Sudo 1.8.6p6. Sudo is now able to map an AIX 64-bit device number to the corresponding device file in /dev. -- cgit v1.2.1 -- cgit v1.2.1 -- cgit v1.2.1 -- cgit v1.2.1 -- cgit v1.2.1