version 1.1.1.4, 2013/07/22 10:46:10
|
version 1.1.1.5, 2013/10/14 07:56:33
|
Line 1
|
Line 1
|
|
2013-09-29 Todd C. Miller <Todd.Miller@courtesan.com> |
|
|
|
* include/missing.h: |
|
Include stddef.h for rsize_t and errno_t on systems that support it |
|
natively. |
|
[bc547d47e9c6] |
|
|
|
* MANIFEST: |
|
Fix braino. |
|
[67b79747312f] |
|
|
|
* plugins/sudoers/po/da.mo, plugins/sudoers/po/de.mo, |
|
plugins/sudoers/po/eo.mo, plugins/sudoers/po/fi.mo, |
|
plugins/sudoers/po/it.mo, plugins/sudoers/po/pl.mo, |
|
plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/uk.mo, |
|
plugins/sudoers/po/vi.mo, plugins/sudoers/po/zh_CN.mo: |
|
Rebuild message catalog files. |
|
[0a9befb0674e] |
|
|
|
* src/po/da.mo, src/po/eo.mo, src/po/fi.mo, src/po/it.mo, |
|
src/po/pl.mo, src/po/pt_BR.mo, src/po/ru.mo, src/po/uk.mo, |
|
src/po/vi.mo, src/po/zh_CN.mo: |
|
Rebuild message catalog files. |
|
[25191089ddf2] |
|
|
|
* MANIFEST, NEWS, doc/CONTRIBUTORS, src/po/cs.mo, src/po/cs.po: |
|
Czech translation for sudo from translationproject.org. |
|
[8bc0ed069ddb] |
|
|
|
2013-09-18 Todd C. Miller <Todd.Miller@courtesan.com> |
|
|
|
* plugins/sudoers/po/da.po, plugins/sudoers/po/de.po, |
|
plugins/sudoers/po/eo.po, plugins/sudoers/po/fi.po, |
|
plugins/sudoers/po/it.po, plugins/sudoers/po/pl.po, |
|
plugins/sudoers/po/pt_BR.po, plugins/sudoers/po/uk.po, |
|
plugins/sudoers/po/vi.po, plugins/sudoers/po/zh_CN.po, src/po/da.po, |
|
src/po/eo.po, src/po/fi.po, src/po/it.po, src/po/pl.po, |
|
src/po/pt_BR.po, src/po/ru.po, src/po/uk.po, src/po/vi.po, |
|
src/po/zh_CN.po: |
|
Sync with translationproject.org |
|
[c16f9bb4579e] |
|
|
|
* NEWS, plugins/sudoers/getdate.c, plugins/sudoers/getdate.y: |
|
Change "next" back to 2. In the context of "next Friday" we really |
|
do want the friday of the upcoming (not current) week. |
|
Unfortunately, this means that things like "next week" and "next |
|
year" will match one more than we really want. Fixing this will |
|
require some fairly major changes to the grammar. |
|
[7f863c930121] |
|
|
|
* doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in: |
|
Mention that relative times don't always do what you might expect. |
|
[710a9b0dd36f] |
|
|
|
2013-09-17 Todd C. Miller <Todd.Miller@courtesan.com> |
|
|
|
* doc/CONTRIBUTORS: |
|
Add diacritical for Zdenek Behan. |
|
[78d333f88e6c] |
|
|
|
2013-09-11 Todd C. Miller <Todd.Miller@courtesan.com> |
|
|
|
* src/regress/ttyname/check_ttyname.c: |
|
Do not fail if ttyname() cannot determine the tty but sudo can. |
|
Should fix problems with running "make check" under pbuilder. |
|
[e6fc06a6c5cf] |
|
|
|
* plugins/sudoers/Makefile.in: |
|
Remove extraneous $$CWD; from Bdale Garbee |
|
[4d040ddd7446] |
|
|
|
2013-09-09 Todd C. Miller <Todd.Miller@courtesan.com> |
|
|
|
* NEWS, plugins/sudoers/getdate.c, plugins/sudoers/getdate.y: |
|
Make "this" and "next" qualifiers work a bit better. There is still |
|
room for improvement as "this week" will use the current time |
|
instead of the beginning of the week. That's a separate issue |
|
though. |
|
[e844c02f754a] |
|
|
|
2013-09-06 Todd C. Miller <Todd.Miller@courtesan.com> |
|
|
|
* common/regress/sudo_conf/conf_test.c, |
|
common/regress/sudo_parseln/parseln_test.c: |
|
Mark main() public to silence a warning on HP-UX. |
|
[ac0b869b9842] |
|
|
|
2013-09-03 Todd C. Miller <Todd.Miller@courtesan.com> |
|
|
|
* plugins/sudoers/po/sudoers.pot, plugins/sudoers/timestamp.c: |
|
Be specific that we are talking about the Unix epoch; bug #615 |
|
[25887775371b] |
|
|
|
* plugins/sudoers/auth/bsdauth.c, plugins/sudoers/po/sudoers.pot, |
|
src/po/sudo.pot, src/selinux.c: |
|
Do not use "setup" as a verb; bug #614 |
|
[17c4750aac5f] |
|
|
|
* plugins/sudoers/iolog.c: |
|
Fix logic goof when checking open() status. |
|
[76ece1445d71] |
|
|
|
* plugins/sudoers/po/nl.mo, plugins/sudoers/po/nl.po, src/po/nl.mo, |
|
src/po/nl.po, src/po/ru.mo, src/po/ru.po: |
|
Sync with translationproject.org |
|
[21351498000f] |
|
|
|
* NEWS, plugins/sudoers/sudoreplay.c: |
|
Work around a bug in sudo 1.8.7 timing files where the indexes are |
|
off by two. |
|
[4aa0cd58af58] |
|
|
|
* MANIFEST, plugins/sudoers/iolog.c, plugins/sudoers/iolog.h, |
|
plugins/sudoers/sudoreplay.c: |
|
Repair writing of the I/O log file indices broken in sudo 1.8.7. |
|
[6a5f867884f5] |
|
|
|
2013-08-31 Todd C. Miller <Todd.Miller@courtesan.com> |
|
|
|
* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in: |
|
Try to improve the PAGERS noexec example a bit. |
|
[226f11118daa] |
|
|
|
2013-08-30 Todd C. Miller <Todd.Miller@courtesan.com> |
|
|
|
* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in, |
|
doc/sudoers.ldap.mdoc.in: |
|
Document comment character in ldap.conf Clarify what is and is not |
|
supported in TLS_KEYPW Mention that gsk8capicmd can be used to |
|
create a stash file |
|
[fb8f06ab4458] |
|
|
|
2013-08-26 Todd C. Miller <Todd.Miller@courtesan.com> |
|
|
|
* NEWS: |
|
New bugs fixed for 1.8.8. |
|
[c158df7cd9d2] |
|
|
|
* plugins/sudoers/visudo.c: |
|
Fix setting of quiet flag when -q / --quiet is specified. Do not |
|
print "sudoers: parsed OK" in quiet mode. |
|
[df55acd57ce6] |
|
|
|
* plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po, |
|
plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po, src/po/fi.mo, |
|
src/po/fi.po, src/po/it.mo, src/po/it.po: |
|
Updated translations from translationproject.org |
|
[e9e8abd23a28] |
|
|
|
* plugins/sudoers/check.c: |
|
Don't allow root to change its SELinux role without a password. Bug |
|
#611 |
|
[f8b599acb29d] |
|
|
|
2013-08-21 Todd C. Miller <Todd.Miller@courtesan.com> |
|
|
|
* NEWS: |
|
Mention new Mac OS X symbol interposition. |
|
[98293b7c4e0f] |
|
|
|
* plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po, src/po/eo.mo, |
|
src/po/eo.po, src/po/fr.mo, src/po/fr.po: |
|
Updated translations from translationproject.org |
|
[865be7454354] |
|
|
|
* config.h.in, configure, configure.in, src/sudo_noexec.c: |
|
Add configure checks for the exec functions we will dummy out. This |
|
is only really needed on Mac OS X when symbol interposition is being |
|
performed but won't hurt elsewhere. |
|
[49c20cf6bab0] |
|
|
|
2013-08-20 Todd C. Miller <Todd.Miller@courtesan.com> |
|
|
|
* config.h.in, configure, configure.in, src/Makefile.in, |
|
src/sudo_noexec.c: |
|
Fix installation of sudo_noexec on Mac OS X. Use library symbol |
|
interposition on Mac OS X 10.4 and higher so we don't need to set |
|
DYLD_FORCE_FLAT_NAMESPACE=1. |
|
[a82999dff8e6] |
|
|
|
2013-08-17 Todd C. Miller <Todd.Miller@courtesan.com> |
|
|
|
* plugins/sudoers/ldap.c: |
|
Fix error display from ldap_ssl_client_init(). There are two error |
|
codes. The return value can be decoded via ldap_err2string() but |
|
the ssl reason code cannot (you have to look it up in a table |
|
online). |
|
[0267125ce9f0] |
|
|
|
2013-08-19 Todd C. Miller <Todd.Miller@courtesan.com> |
|
|
|
* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in, |
|
doc/sudoers.ldap.mdoc.in: |
|
Fix typo in tls_key example for Tivoli |
|
[36599f424ac4] |
|
|
|
* src/parse_args.c: |
|
Don't escape '$' when running "sudo -i command". Bug #564 |
|
[17542d52f714] |
|
|
|
* plugins/sudoers/iolog_path.c: |
|
Fix typo in comment. |
|
[d0510ed5eaba] |
|
|
|
* plugins/sudoers/auth/pam.c: |
|
Fix comment. |
|
[4e89e0bfd6af] |
|
|
|
* plugins/sudoers/timestr.c, plugins/sudoers/visudo.c: |
|
Quiet some gcc -Wformat=2 false positives |
|
[28a2014b9822] |
|
|
|
2013-08-18 Todd C. Miller <Todd.Miller@courtesan.com> |
|
|
|
* plugins/sudoers/auth/pam.c: |
|
Remove now-obsolete arg to env_merge() |
|
[ba015cf5d935] |
|
|
|
* plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po, |
|
plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po, |
|
plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po, |
|
plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po, |
|
plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po, |
|
src/po/pl.mo, src/po/pl.po, src/po/pt_BR.mo, src/po/pt_BR.po, |
|
src/po/uk.mo, src/po/uk.po, src/po/vi.mo, src/po/vi.po, |
|
src/po/zh_CN.mo, src/po/zh_CN.po: |
|
Updated translations from translationproject.org |
|
[72b6aeaba505] |
|
|
|
* MANIFEST, NEWS, doc/CONTRIBUTORS, src/po/fr.mo, src/po/fr.po: |
|
French translation for sudo from translationproject.org. |
|
[a72321771860] |
|
|
|
* plugins/sudoers/logging.h: |
|
Add __printflike to audit_failure. |
|
[1686b3699d41] |
|
|
|
* include/missing.h: |
|
Use __nonnull__ attribute in __printflike. |
|
[d123613a1fb6] |
|
|
|
2013-08-17 Todd C. Miller <Todd.Miller@courtesan.com> |
|
|
|
* plugins/sudoers/env.c, plugins/sudoers/sudoers.h: |
|
When merging the PAM environment, allow environment variables set in |
|
PAM to override ones set by sudo as long as they do not match the |
|
env_keep or env_check lists. |
|
[f3c64967fed7] |
|
|
|
* plugins/sudoers/auth/pam.c: |
|
Call pam_getenvlist() after we've opened the session to get the |
|
session-specific environment variables. |
|
[b413fb9e1c77] |
|
|
|
2013-08-16 Todd C. Miller <Todd.Miller@courtesan.com> |
|
|
|
* NEWS: |
|
option not flag |
|
[08c31af7b818] |
|
|
|
* compat/getopt_long.c, config.h.in, configure, configure.in: |
|
Don't redefine opterr, optind, optopt, optarg in getopt_long.c. Add |
|
a check for optreset which is a BSD extension and provide a |
|
definition in getopt_long.c if it is not present. |
|
[3393e8d83400] |
|
|
|
* plugins/sudoers/po/sudoers.pot, src/po/sudo.pot: |
|
regen |
|
[f38f65830118] |
|
|
|
* plugins/sudoers/sudoreplay.c, plugins/sudoers/visudo.c: |
|
Use lower case for the long option arguments to match the manual. |
|
This is inconsistent with GNU but it is better to match the sudo |
|
documentation. |
|
[8fac2d64f5d2] |
|
|
|
* NEWS: |
|
Sudo 1.8.8 |
|
[105c73752474] |
|
|
|
* src/parse_args.c: |
|
Use lower card for the long option arguments to match the manual. |
|
This is inconsistent with GNU but it is better to match the sudo |
|
documentation. |
|
[af243dd39850] |
|
|
|
* doc/sudo_plugin.cat, doc/sudo_plugin.man.in, |
|
doc/sudo_plugin.mdoc.in: |
|
Describe how remote command execution can be implemented. |
|
[3eba7f93b7f6] |
|
|
|
* doc/sudoers.ldap.cat: |
|
Bump version. |
|
[0ee7f02f3627] |
|
|
|
2013-08-15 Todd C. Miller <Todd.Miller@courtesan.com> |
|
|
|
* src/sudo.c: |
|
Make it a fatal error if the plugin returns invalid or out of range |
|
command info. |
|
[8a7e56c7584a] |
|
|
|
* plugins/sudoers/policy.c: |
|
Use strtol() instead of atoi() and perform error checking of |
|
parameters passed from the sudo front-end. |
|
[05e05be3c6c4] |
|
|
|
* plugins/sudoers/auth/pam.c: |
|
It is not possible for auth to be NULL here. |
|
[771500e776e9] |
|
|
|
* plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c: |
|
Initialize user_runhost and user_srunhost to user_host and |
|
user_shost in visudo and testsudoers. |
|
[c47cca74e1fc] |
|
|
|
* MANIFEST, common/Makefile.in, common/aix.c, common/alloc.c, |
|
common/error.c, common/fatal.c, common/gidlist.c, common/lbuf.c, |
|
common/list.c, common/sudo_conf.c, common/sudo_debug.c, |
|
compat/Makefile.in, compat/getopt_long.c, include/error.h, |
|
include/fatal.h, plugins/sudoers/Makefile.in, |
|
plugins/sudoers/bsm_audit.c, plugins/sudoers/hexchar.c, |
|
plugins/sudoers/linux_audit.c, plugins/sudoers/locale.c, |
|
plugins/sudoers/regress/check_symbols/check_symbols.c, |
|
plugins/sudoers/regress/logging/check_wrap.c, |
|
plugins/sudoers/sudoers.h, plugins/sudoers/sudoreplay.c, |
|
src/Makefile.in, src/locale_stub.c, src/net_ifs.c, |
|
src/regress/ttyname/check_ttyname.c, src/sesh.c, src/sudo.h: |
|
Rename error.h -> fatal.h now that there is no error() function. |
|
[3a3827f10f04] |
|
|
|
* common/sudo_debug.c, include/sudo_debug.h: |
|
Add support to the debug subsystem for zero-length strings. This |
|
can happen for things like warning(NULL) or fatal(NULL) where we |
|
just want to log the errno string. |
|
[3ed739c5cc91] |
|
|
|
* include/error.h: |
|
Add __printflike for vfatal, vfatalx, vwarning and vwarningx. |
|
[57e65ed595d2] |
|
|
|
* plugins/sudoers/audit.c: |
|
Need to include gettext.h for BSM audit. |
|
[a87fda2d0123] |
|
|
|
* common/alloc.c, plugins/sudoers/env.c, src/exec_common.c, |
|
src/parse_args.c, src/sudo.c: |
|
Change some fatalx(NULL) that should be fatal(NULL). |
|
[8b1efda9f578] |
|
|
|
* include/error.h, include/missing.h: |
|
Use __printf0like for warning() and fatal() since the fmt string may |
|
be NULL. |
|
[858a890f00ad] |
|
|
|
* compat/pw_dup.c: |
|
Quiet a gcc "used uninitialized in this function" false positive. |
|
[98f47f89ce60] |
|
|
|
* mkpkg: |
|
Enable bsm audit on Mac OS X and Solaris >= 11. |
|
[8607488f986c] |
|
|
|
* plugins/sudoers/bsm_audit.c: |
|
Fix compilation on Solaris 11. |
|
[01aa46298ed7] |
|
|
|
* plugins/sudoers/bsm_audit.c: |
|
Add missing missing.h |
|
[080de69a55a1] |
|
|
|
* plugins/sudoers/sudoers.c: |
|
Move the -C (user_closefrom) check until after set_cmnd() so that |
|
closefrom_override can be used in a command-specific Defaults line. |
|
Fixes bug #610 from Mengtao Sun. |
|
[413565c6ff6b] |
|
|
|
2013-08-14 Todd C. Miller <Todd.Miller@courtesan.com> |
|
|
|
* src/exec.c: |
|
If not using a pty and the child process gets SIGTTOU or SIGTTIN and |
|
sudo is the foreground process, make the child the foreground |
|
process and continue it. |
|
[5ff433443bc4] |
|
|
|
* src/sudo.c: |
|
If sudo is not setuid and was not invoked with a full path, look in |
|
the user's PATH for the sudo binary to give a better error message. |
|
[a740129a38f0] |
|
|
|
* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in, |
|
plugins/sudoers/logging.c, plugins/sudoers/match.c, |
|
plugins/sudoers/policy.c, plugins/sudoers/sudo_nss.c, |
|
plugins/sudoers/sudoers.h: |
|
Add limited support for "sudo -l -h other_host". Since group |
|
lookups are done on the local host, rules that use group membership |
|
may be incorrect if the group database is not synchronized between |
|
hosts. |
|
[2c8b222a5f7f] |
|
|
|
* src/parse_args.c: |
|
Fix parsing of "-h host" when used in conjunction with the -l flag. |
|
[62f3d726d52b] |
|
|
|
* configure, configure.in, doc/fixman.sh, doc/fixmdoc.sh, |
|
doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in, doc/sudoreplay.cat, |
|
doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in, doc/visudo.cat, |
|
doc/visudo.man.in, doc/visudo.mdoc.in, plugins/sudoers/sudoreplay.c, |
|
plugins/sudoers/visudo.c, src/parse_args.c, src/sudo.c, |
|
src/sudo_usage.h.in: |
|
Simplify usage messages a bit and make --help output more closely |
|
resemble GNU usage wrt long options. Sync usage and man page |
|
SYNOPSYS sections and improve long options in the manual pages. Now |
|
that we have long options we don't need to give the mnemonic for the |
|
single-character options in the description. |
|
[17b7e386955a] |
|
|
|
2013-08-13 Todd C. Miller <Todd.Miller@courtesan.com> |
|
|
|
* plugins/sudoers/logging.c: |
|
Fix setting of mailer argv[0] to basename of mailerpath. No need to |
|
strdup() mailerpath as it is not modified. |
|
[8843cdd958ee] |
|
|
|
* plugins/sudoers/logging.c: |
|
Make sure the mailer exists and is a regular file before trying to |
|
exec it. |
|
[b73d6214014f] |
|
|
|
* plugins/sudoers/timestamp.c: |
|
If tty_tickets are enabled but there is no tty, use a ticket file |
|
based on the parent pid. |
|
[75408bd61ced] |
|
|
|
* common/sudo_conf.c, doc/sudo.conf.cat, doc/sudo.conf.man.in, |
|
doc/sudo.conf.mdoc.in, include/sudo_conf.h, src/parse_args.c: |
|
Allow default plugin dir to be configured in sudo.conf. |
|
[478883594cc5] |
|
|
|
* doc/CONTRIBUTORS: |
|
UTF8 for Ruusamae, Elan; from Tae Wong |
|
[02e0c95b4fa6] |
|
|
|
2013-08-12 Todd C. Miller <Todd.Miller@courtesan.com> |
|
|
|
* MANIFEST, common/regress/sudo_conf/test5.in, |
|
common/regress/sudo_conf/test5.out.ok, |
|
common/regress/sudo_conf/test6.in, |
|
common/regress/sudo_conf/test6.out.ok, common/sudo_conf.c, |
|
doc/sudo.conf.cat, doc/sudo.conf.man.in, doc/sudo.conf.mdoc.in, |
|
plugins/sudoers/policy.c, plugins/sudoers/pwutil_impl.c, src/sudo.c: |
|
Don't allow max_groups to be set to zero, it just complicates things |
|
needlessly. Fixes an assertion in visudo when there is a group- |
|
based Defaults entry. |
|
[d62a8ea32db9] |
|
|
|
2013-08-08 Todd C. Miller <Todd.Miller@courtesan.com> |
|
|
|
* MANIFEST, common/Makefile.in, common/gidlist.c, |
|
plugins/sudoers/policy.c, plugins/sudoers/sudoers.h, src/sudo.c, |
|
src/sudo.h: |
|
Refactor code to parse list of gids into its own function that is |
|
shared by the sudo front-end and the sudoers module. Make uid/gid |
|
parse error be fatal, not just a warning. |
|
[da3b2b06605c] |
|
|
|
* common/atoid.c: |
|
Add function comment block. |
|
[09a324de716f] |
|
|
|
* common/atoid.c: |
|
Default text domain is now sudo, not sudoers. |
|
[1acb1da6f304] |
|
|
|
* common/Makefile.in: |
|
Update dependency for atoid.lo |
|
[5e367cd44288] |
|
|
|
* common/atoid.c, plugins/sudoers/iolog.c, plugins/sudoers/policy.c, |
|
plugins/sudoers/sudoers.h, plugins/sudoers/tsgetgrpw.c, src/sudo.c, |
|
src/sudo.h: |
|
Add endpointer and separator args to atoid() |
|
[2077e4ed8578] |
|
|
|
2013-08-07 Todd C. Miller <Todd.Miller@courtesan.com> |
|
|
|
* compat/getgrouplist.c: |
|
Use private version of atoid() to avoid a dependency on libcommon.a |
|
(since that already depends on libreplace.a). |
|
[7c12d63b0560] |
|
|
|
* doc/CONTRIBUTORS: |
|
More UTF8 in names; from Tae Wong |
|
[512b263f51c8] |
|
|
|
* compat/getgrouplist.c, plugins/sudoers/iolog.c, |
|
plugins/sudoers/tsgetgrpw.c, src/sudo.c, src/sudo.h: |
|
Use atoid() in more places. |
|
[06f4ae57c707] |
|
|
|
* MANIFEST, common/Makefile.in, common/atoid.c, |
|
plugins/sudoers/Makefile.in, plugins/sudoers/atoid.c: |
|
Move atoid() to common so it can be used in src and compat too. |
|
[095d730701e4] |
|
|
|
* compat/closefrom.c: |
|
Avoid a crash on Mac OS X 10.8 (at least) when we close |
|
libdispatch's fds out from under it before executing the command. |
|
Switch to just setting the close on exec flag instead. |
|
[349ebf4987df] |
|
|
|
* doc/CONTRIBUTORS: |
|
Convert to last, first for easier sorting and use UTF8 (including a |
|
BOM). |
|
[8c30d221bd75] |
|
|
|
* plugins/sudoers/atoid.c: |
|
Add atoid() function to convert a string to an id_t (uid, gid or |
|
pid). We have to be careful to choose() either strtol() or |
|
strtoul() depending on whether the string appears to be signed or |
|
unsigned. Always using strtoul() is unsafe on 64-bit platforms since |
|
the uid might be represented as a negative number and (unsigned |
|
long)-1 on a 64-bit system is 0xffffffffffffffff not 0xffffffff. |
|
Fixes a problem with uids larger than 0x7fffffff on 32-bit |
|
platforms. |
|
[5d818e399157] |
|
|
|
* MANIFEST, config.h.in, configure, configure.in, |
|
plugins/sudoers/Makefile.in, plugins/sudoers/policy.c, |
|
plugins/sudoers/sudoers.h: |
|
Add atoid() function to convert a string to an id_t (uid, gid or |
|
pid). We have to be careful to choose() either strtol() or |
|
strtoul() depending on whether the string appears to be signed or |
|
unsigned. Always using strtoul() is unsafe on 64-bit platforms since |
|
the uid might be represented as a negative number and (unsigned |
|
long)-1 on a 64-bit system is 0xffffffffffffffff not 0xffffffff. |
|
Fixes a problem with uids larger than 0x7fffffff on 32-bit |
|
platforms. |
|
[cd92246a710f] |
|
|
|
* plugins/sudoers/sudoers.c: |
|
Avoid "perm stack underflow" error when logging the unknown uid |
|
error. |
|
[871514c713b7] |
|
|
|
* plugins/sudoers/set_perms.c: |
|
In rewind_perms() there is nothing to do if perm_stack_depth == 0. |
|
[98de335f47f0] |
|
|
|
2013-08-06 Todd C. Miller <Todd.Miller@courtesan.com> |
|
|
|
* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in, |
|
plugins/sudoers/auth/pam.c, plugins/sudoers/def_data.c, |
|
plugins/sudoers/def_data.h, plugins/sudoers/def_data.in: |
|
Add pam_setcred sudoers option to allow the user to control whether |
|
pam_setcred() is called on the user's behalf. |
|
[4260a8e43073] |
|
|
|
* configure, configure.in, doc/sudoers.cat, doc/sudoers.man.in, |
|
doc/sudoers.mdoc.in, plugins/sudoers/auth/pam.c, |
|
plugins/sudoers/def_data.c, plugins/sudoers/def_data.h, |
|
plugins/sudoers/def_data.in, plugins/sudoers/defaults.c: |
|
Add pam_service and pam_login_service sudoers settings to control |
|
the service name passed to pam_start. |
|
[5ea0e3588f3a] |
|
|
|
* mkpkg: |
|
Newer Xcode places the SDKs under Xcode.app |
|
[4b54379d5c45] |
|
|
|
2013-08-03 Todd C. Miller <Todd.Miller@courtesan.com> |
|
|
|
* MANIFEST, common/Makefile.in, common/zero_bytes.c, |
|
compat/Makefile.in, compat/memset_s.c, config.h.in, configure, |
|
configure.in, doc/sudo_plugin.cat, doc/sudo_plugin.man.in, |
|
doc/sudo_plugin.mdoc.in, include/missing.h, include/sudo_plugin.h, |
|
mkdep.pl, plugins/sudoers/Makefile.in, |
|
plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/bsdauth.c, |
|
plugins/sudoers/auth/fwtk.c, plugins/sudoers/auth/pam.c, |
|
plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/secureware.c, |
|
plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/defaults.c, |
|
plugins/sudoers/logging.c, plugins/sudoers/sha2.c, |
|
plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h, |
|
plugins/sudoers/tsgetgrpw.c, plugins/sudoers/visudo.c, |
|
src/Makefile.in, src/conversation.c, src/sudo.h, src/sudo_edit.c, |
|
src/tgetpass.c: |
|
Implement memset_s() and use it instead of zero_bytes(). A new |
|
constant, SUDO_CONV_REPL_MAX, is defined by the plugin API as the |
|
max conversation reply length. This constant can be used as a max |
|
value for memset_s() when clearing passwords filled in by the |
|
conversation function. |
|
[264ec146028e] |
|
|
|
2013-08-01 Todd C. Miller <Todd.Miller@courtesan.com> |
|
|
|
* plugins/group_file/Makefile.in, plugins/sample/Makefile.in, |
|
plugins/system_group/Makefile.in: |
|
Do not try to install plugins when shared modules are disabled |
|
(sudoers already had the check). |
|
[3d582c042042] |
|
|
|
* plugins/sudoers/Makefile.in: |
|
Update dependencies to take into account compat/getopt.h and |
|
compat/dlfcn.h. |
|
[301fb31cd121] |
|
|
|
* src/Makefile.in: |
|
Update dependencies now that sudo_usage.h is always included from |
|
the build dir. |
|
[c1ff70ec9515] |
|
|
|
2013-07-31 Todd C. Miller <Todd.Miller@courtesan.com> |
|
|
|
* plugins/sudoers/ldap.c: |
|
Add some warnings and debugging to sasl ccname handling. |
|
[467f415861f0] |
|
|
|
* plugins/sudoers/ldap.c: |
|
Fix write loop invariant in sudo_krb5_copy_cc_file() |
|
[6948cf6e9b9f] |
|
|
|
2013-07-30 Todd C. Miller <Todd.Miller@courtesan.com> |
|
|
|
* plugins/sudoers/ldap.c: |
|
Strip off leading FILE: or WRFILE: prefix before trying to copy the |
|
user's credential cache. |
|
[56c16feab62f] |
|
|
|
2013-07-29 Todd C. Miller <Todd.Miller@courtesan.com> |
|
|
|
* src/sudo.c: |
|
Instead of setting RLIMIT_NPROC to unlimited when sudo initializes, |
|
just save RLIMIT_NPROC in exec_setup() before the final setuid() and |
|
restore it immediately after. We don't need to modify RLIMIT_NPROC |
|
for simple euid changes, just for changing the real (and saved) uids |
|
before we exec. This also means we no longer need to worry about |
|
_SC_CHILD_MAX returning -1. Bug #565 |
|
[1372f1909039] |
|
|
|
2013-07-28 Todd C. Miller <Todd.Miller@courtesan.com> |
|
|
|
* plugins/sudoers/ldap.c, src/preload.c: |
|
Now that the ldap code runs with the real and effective uid set to |
|
0, it is not possible for the gssapi libs to find the user's krb5 |
|
credential cache file. To work around this, we make a temporary |
|
copy of the user's credential cache specified by KRB5CCNAME (opened |
|
with the user's effective uid) and point gssapi to it. To set the |
|
credential cache file name, we dynamically look up |
|
gss_krb5_ccache_name() and use it if available, otherwise fall back |
|
to setting KRB5CCNAME. |
|
[8b86c134541a] |
|
|
|
2013-07-19 Todd C. Miller <Todd.Miller@courtesan.com> |
|
|
|
* doc/sudo.man.in, doc/sudoreplay.cat, doc/sudoreplay.man.in, |
|
doc/sudoreplay.mdoc.in, doc/visudo.cat, doc/visudo.man.in, |
|
doc/visudo.mdoc.in, plugins/sudoers/sudoreplay.c, |
|
plugins/sudoers/visudo.c: |
|
Long option support for visudo and sudoreplay. |
|
[91427968be71] |
|
|
|
2013-07-18 Todd C. Miller <Todd.Miller@courtesan.com> |
|
|
|
* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in, src/Makefile.in, |
|
src/parse_args.c, src/sudo.c, src/sudo_usage.h.in: |
|
Add support for long options and fix inclusion of sudo_usage.h with |
|
modern gcc broken in 8597:1fcb7ba13018. |
|
[d13134819944] |
|
|
|
* src/Makefile.in: |
|
Add rule to rebuild sudo_usage.h when the .in file changes. |
|
[59a32899e251] |
|
|
|
* compat/Makefile.in, mkdep.pl, src/Makefile.in: |
|
Add make rules for building getopt_long.c |
|
[5f57593b3a8b] |
|
|
|
* src/parse_args.c: |
|
Make "-h hostname" work. Optional args in GNU getopt() only work |
|
when there is no space between the option flag and the argument. |
|
[b8258659cabb] |
|
|
|
2013-07-17 Todd C. Miller <Todd.Miller@courtesan.com> |
|
|
|
* MANIFEST, compat/getopt.h, compat/getopt_long.c, config.h.in, |
|
configure, configure.in, doc/LICENSE, src/parse_args.c: |
|
Use getopt_long() so we can make the -h flag take an optional |
|
argument. Includes a version for those without it. |
|
[d1dd66c8a86b] |
|
|
|
2013-07-16 Todd C. Miller <Todd.Miller@courtesan.com> |
|
|
|
* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in: |
|
Document that the -h option can be used specify a host name for |
|
future plugins. |
|
[8470c74cf326] |
|
|
|
* include/sudo_plugin.h, src/parse_args.c, src/sudo_usage.h.in: |
|
Overload -h option to specify an optional hostname for remote |
|
access. This is future-proofing; no policy plugins currently support |
|
this. |
|
[0e01d8c3c623] |
|
|
|
* configure, configure.in: |
|
Bump version to 1.8.8 |
|
[a1155bfaa28f] |
|
|
|
* doc/sudo_plugin.cat, doc/sudo_plugin.man.in, |
|
doc/sudo_plugin.mdoc.in: |
|
Document the remote_host setting (-h host) |
|
[c737db906f5d] |
|
|
|
* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in: |
|
fix "the the" |
|
[0025464a3942] |
|
|
|
* src/parse_args.c, src/sudo.c, src/sudo.h: |
|
Do not error out if arg to -U option cannot be resolved, that is for |
|
the plugin to decide. There is no need for runas_user and |
|
runas_group to be global, make them local to parse_args() instead. |
|
[fb02a62a72ba] |
|
|
|
* MANIFEST, doc/CONTRIBUTORS, plugins/sudoers/po/pt_BR.mo, |
|
plugins/sudoers/po/pt_BR.po, src/po/es.mo, src/po/es.po, |
|
src/po/pt_BR.mo, src/po/pt_BR.po: |
|
Sync with translationproject.org |
|
[e8f4772d918a] |
|
|
|
2013-07-11 Todd C. Miller <Todd.Miller@courtesan.com> |
|
|
|
* doc/TROUBLESHOOTING: |
|
Remove old bits about sudo setuid problems that should have been |
|
cleaned up in changeset 7917:fa4894896d8a. Also update the mode of |
|
sudo to 04755 to match current packaging. |
|
[1e3904cdc2de] |
|
|
|
* plugins/sudoers/auth/pam.c: |
|
Go back to ignoring the return value of pam_setcred() since with |
|
stacked PAM auth modules a failure from one module may override |
|
PAM_SUCCESS from another. If the first module in the stack fails, |
|
the others may be run (and succeed) but an error will be returned. |
|
This can cause a spurious warning on systems with non-local users |
|
(e.g. pam_ldap or pam_sss) where pam_unix is consulted first. |
|
[b6022e26135a] |
|
|
|
* src/net_ifs.c: |
|
Remove unused variable. |
|
[93dde7d82fde] |
|
|
|
* NEWS: |
|
Fix typo |
|
[5ef79671c2c7] |
|
|
|
2013-07-09 Todd C. Miller <Todd.Miller@courtesan.com> |
|
|
|
* plugins/sudoers/sssd.c: |
|
Fix pasto; sudo_sss_extract_digest() not sudo_ldap_extract_digest(). |
|
From Dan Harnett. |
|
[4a0af6f12765] |
|
|
|
2013-06-18 Todd C. Miller <Todd.Miller@courtesan.com> |
|
|
|
* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in: |
|
Fix formatting typo; from Eric S. Raymond |
|
[058b533ba460] |
|
|
|
2013-06-17 Todd C. Miller <Todd.Miller@courtesan.com> |
|
|
|
* mkpkg: |
|
Use -gxcoff on aix so dbx can be used to debug sudo. |
|
[4950e019ed2d] |
|
|
2013-06-12 Todd C. Miller <Todd.Miller@courtesan.com> |
2013-06-12 Todd C. Miller <Todd.Miller@courtesan.com> |
|
|
* doc/visudo.cat, doc/visudo.man.in, doc/visudo.mdoc.in: |
* doc/visudo.cat, doc/visudo.man.in, doc/visudo.mdoc.in: |