Annotation of embedaddon/sudo/plugins/sudoers/gram.c, revision 1.1.1.1
1.1 misho 1: #include <config.h>
2: #include <stdlib.h>
3: #include <string.h>
4: #define YYBYACC 1
5: #define YYMAJOR 1
6: #define YYMINOR 9
7: #define YYLEX yylex()
8: #define YYEMPTY -1
9: #define yyclearin (yychar=(YYEMPTY))
10: #define yyerrok (yyerrflag=0)
11: #define YYRECOVERING() (yyerrflag!=0)
12: #define YYPREFIX "yy"
13: #line 2 "gram.y"
14: /*
15: * Copyright (c) 1996, 1998-2005, 2007-2011
16: * Todd C. Miller <Todd.Miller@courtesan.com>
17: *
18: * Permission to use, copy, modify, and distribute this software for any
19: * purpose with or without fee is hereby granted, provided that the above
20: * copyright notice and this permission notice appear in all copies.
21: *
22: * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
23: * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
24: * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
25: * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
26: * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
27: * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
28: * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
29: * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
30: * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31: *
32: * Sponsored in part by the Defense Advanced Research Projects
33: * Agency (DARPA) and Air Force Research Laboratory, Air Force
34: * Materiel Command, USAF, under agreement number F39502-99-1-0512.
35: */
36:
37: #include <config.h>
38:
39: #include <sys/types.h>
40: #include <sys/param.h>
41: #include <stdio.h>
42: #ifdef STDC_HEADERS
43: # include <stdlib.h>
44: # include <stddef.h>
45: #else
46: # ifdef HAVE_STDLIB_H
47: # include <stdlib.h>
48: # endif
49: #endif /* STDC_HEADERS */
50: #ifdef HAVE_STRING_H
51: # include <string.h>
52: #endif /* HAVE_STRING_H */
53: #ifdef HAVE_STRINGS_H
54: # include <strings.h>
55: #endif /* HAVE_STRINGS_H */
56: #ifdef HAVE_UNISTD_H
57: # include <unistd.h>
58: #endif /* HAVE_UNISTD_H */
59: #if defined(YYBISON) && defined(HAVE_ALLOCA_H) && !defined(__GNUC__)
60: # include <alloca.h>
61: #endif /* YYBISON && HAVE_ALLOCA_H && !__GNUC__ */
62: #include <limits.h>
63:
64: #include "sudoers.h" /* XXX */
65: #include "parse.h"
66: #include "toke.h"
67:
68: /*
69: * We must define SIZE_MAX for yacc's skeleton.c.
70: * If there is no SIZE_MAX or SIZE_T_MAX we have to assume that size_t
71: * could be signed (as it is on SunOS 4.x).
72: */
73: #ifndef SIZE_MAX
74: # ifdef SIZE_T_MAX
75: # define SIZE_MAX SIZE_T_MAX
76: # else
77: # define SIZE_MAX INT_MAX
78: # endif /* SIZE_T_MAX */
79: #endif /* SIZE_MAX */
80:
81: /*
82: * Globals
83: */
84: extern int sudolineno;
85: extern char *sudoers;
86: static int verbose = FALSE;
87: int parse_error = FALSE;
88: int pedantic = FALSE;
89: int errorlineno = -1;
90: char *errorfile = NULL;
91:
92: struct defaults_list defaults;
93: struct userspec_list userspecs;
94:
95: /*
96: * Local protoypes
97: */
98: static void add_defaults(int, struct member *, struct defaults *);
99: static void add_userspec(struct member *, struct privilege *);
100: static struct defaults *new_default(char *, char *, int);
101: static struct member *new_member(char *, int);
102: void yyerror(const char *);
103:
104: void
105: yyerror(const char *s)
106: {
107: /* Save the line the first error occurred on. */
108: if (errorlineno == -1) {
109: errorlineno = sudolineno ? sudolineno - 1 : 0;
110: errorfile = estrdup(sudoers);
111: }
112: if (trace_print != NULL) {
113: LEXTRACE("<*> ");
114: } else if (verbose && s != NULL) {
115: warningx(_(">>> %s: %s near line %d <<<"), sudoers, s,
116: sudolineno ? sudolineno - 1 : 0);
117: }
118: parse_error = TRUE;
119: }
120: #line 110 "gram.y"
121: #ifndef YYSTYPE_DEFINED
122: #define YYSTYPE_DEFINED
123: typedef union {
124: struct cmndspec *cmndspec;
125: struct defaults *defaults;
126: struct member *member;
127: struct runascontainer *runas;
128: struct privilege *privilege;
129: struct sudo_command command;
130: struct cmndtag tag;
131: struct selinux_info seinfo;
132: char *string;
133: int tok;
134: } YYSTYPE;
135: #endif /* YYSTYPE_DEFINED */
136: #line 136 "y.tab.c"
137: #define COMMAND 257
138: #define ALIAS 258
139: #define DEFVAR 259
140: #define NTWKADDR 260
141: #define NETGROUP 261
142: #define USERGROUP 262
143: #define WORD 263
144: #define DEFAULTS 264
145: #define DEFAULTS_HOST 265
146: #define DEFAULTS_USER 266
147: #define DEFAULTS_RUNAS 267
148: #define DEFAULTS_CMND 268
149: #define NOPASSWD 269
150: #define PASSWD 270
151: #define NOEXEC 271
152: #define EXEC 272
153: #define SETENV 273
154: #define NOSETENV 274
155: #define LOG_INPUT 275
156: #define NOLOG_INPUT 276
157: #define LOG_OUTPUT 277
158: #define NOLOG_OUTPUT 278
159: #define ALL 279
160: #define COMMENT 280
161: #define HOSTALIAS 281
162: #define CMNDALIAS 282
163: #define USERALIAS 283
164: #define RUNASALIAS 284
165: #define ERROR 285
166: #define TYPE 286
167: #define ROLE 287
168: #define YYERRCODE 256
169: #if defined(__cplusplus) || defined(__STDC__)
170: const short yylhs[] =
171: #else
172: short yylhs[] =
173: #endif
174: { -1,
175: 0, 0, 25, 25, 26, 26, 26, 26, 26, 26,
176: 26, 26, 26, 26, 26, 26, 4, 4, 3, 3,
177: 3, 3, 3, 20, 20, 19, 10, 10, 8, 8,
178: 8, 8, 8, 2, 2, 1, 6, 6, 23, 24,
179: 22, 22, 22, 22, 22, 17, 17, 18, 18, 18,
180: 21, 21, 21, 21, 21, 21, 21, 21, 21, 21,
181: 21, 5, 5, 5, 28, 28, 31, 9, 9, 29,
182: 29, 32, 7, 7, 30, 30, 33, 27, 27, 34,
183: 13, 13, 11, 11, 12, 12, 12, 12, 12, 16,
184: 16, 14, 14, 15, 15, 15,
185: };
186: #if defined(__cplusplus) || defined(__STDC__)
187: const short yylen[] =
188: #else
189: short yylen[] =
190: #endif
191: { 2,
192: 0, 1, 1, 2, 1, 2, 2, 2, 2, 2,
193: 2, 2, 3, 3, 3, 3, 1, 3, 1, 2,
194: 3, 3, 3, 1, 3, 3, 1, 2, 1, 1,
195: 1, 1, 1, 1, 3, 4, 1, 2, 3, 3,
196: 0, 1, 1, 2, 2, 0, 3, 1, 3, 2,
197: 0, 2, 2, 2, 2, 2, 2, 2, 2, 2,
198: 2, 1, 1, 1, 1, 3, 3, 1, 3, 1,
199: 3, 3, 1, 3, 1, 3, 3, 1, 3, 3,
200: 1, 3, 1, 2, 1, 1, 1, 1, 1, 1,
201: 3, 1, 2, 1, 1, 1,
202: };
203: #if defined(__cplusplus) || defined(__STDC__)
204: const short yydefred[] =
205: #else
206: short yydefred[] =
207: #endif
208: { 0,
209: 0, 85, 87, 88, 89, 0, 0, 0, 0, 0,
210: 86, 5, 0, 0, 0, 0, 0, 0, 81, 83,
211: 0, 0, 3, 6, 0, 0, 17, 0, 29, 32,
212: 31, 33, 30, 0, 27, 0, 68, 0, 0, 64,
213: 63, 62, 0, 37, 73, 0, 0, 0, 65, 0,
214: 0, 70, 0, 0, 78, 0, 0, 75, 84, 0,
215: 0, 24, 0, 4, 0, 0, 0, 20, 0, 28,
216: 0, 0, 0, 0, 38, 0, 0, 0, 0, 0,
217: 0, 0, 0, 0, 0, 82, 0, 0, 21, 22,
218: 23, 18, 69, 74, 0, 66, 0, 71, 0, 79,
219: 0, 76, 0, 34, 0, 0, 25, 0, 0, 0,
220: 0, 0, 0, 51, 0, 0, 94, 96, 95, 0,
221: 90, 92, 0, 0, 47, 35, 0, 0, 0, 44,
222: 45, 93, 0, 0, 40, 39, 52, 53, 54, 55,
223: 56, 57, 58, 59, 60, 61, 36, 91,
224: };
225: #if defined(__cplusplus) || defined(__STDC__)
226: const short yydgoto[] =
227: #else
228: short yydgoto[] =
229: #endif
230: { 18,
231: 104, 105, 27, 28, 44, 45, 46, 35, 61, 37,
232: 19, 20, 21, 121, 122, 123, 106, 110, 62, 63,
233: 129, 114, 115, 116, 22, 23, 54, 48, 51, 57,
234: 49, 52, 58, 55,
235: };
236: #if defined(__cplusplus) || defined(__STDC__)
237: const short yysindex[] =
238: #else
239: short yysindex[] =
240: #endif
241: { 475,
242: -270, 0, 0, 0, 0, -29, 567, 594, 594, -2,
243: 0, 0, -240, -222, -216, -212, -241, 0, 0, 0,
244: -25, 475, 0, 0, -10, -207, 0, 9, 0, 0,
245: 0, 0, 0, -235, 0, -33, 0, -31, -31, 0,
246: 0, 0, -242, 0, 0, -30, -7, 3, 0, -6,
247: 4, 0, -5, 6, 0, -1, 8, 0, 0, 594,
248: -20, 0, 10, 0, -205, -196, -194, 0, -29, 0,
249: 567, 9, 9, 9, 0, -2, 9, 567, -240, -2,
250: -222, 594, -216, 594, -212, 0, 31, 567, 0, 0,
251: 0, 0, 0, 0, 26, 0, 28, 0, 29, 0,
252: 29, 0, 541, 0, 32, -247, 0, 86, -15, 33,
253: 31, 14, 16, 0, -208, -204, 0, 0, 0, -231,
254: 0, 0, 38, 86, 0, 0, -179, -178, 491, 0,
255: 0, 0, 86, 38, 0, 0, 0, 0, 0, 0,
256: 0, 0, 0, 0, 0, 0, 0, 0,};
257: #if defined(__cplusplus) || defined(__STDC__)
258: const short yyrindex[] =
259: #else
260: short yyrindex[] =
261: #endif
262: { 87,
263: 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
264: 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
265: 0, 90, 0, 0, 1, 0, 0, 177, 0, 0,
266: 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
267: 0, 0, 0, 0, 0, 0, 0, 207, 0, 0,
268: 237, 0, 0, 271, 0, 0, 300, 0, 0, 0,
269: 0, 0, 329, 0, 0, 0, 0, 0, 0, 0,
270: 0, 358, 387, 417, 0, 0, 446, 0, 0, 0,
271: 0, 0, 0, 0, 0, 0, -26, 0, 0, 0,
272: 0, 0, 0, 0, 30, 0, 59, 0, 89, 0,
273: 118, 0, 0, 0, 148, 514, 0, 0, 45, 0,
274: -26, 0, 0, 0, 537, 565, 0, 0, 0, 0,
275: 0, 0, 50, 0, 0, 0, 0, 0, 0, 0,
276: 0, 0, 0, 52, 0, 0, 0, 0, 0, 0,
277: 0, 0, 0, 0, 0, 0, 0, 0,};
278: #if defined(__cplusplus) || defined(__STDC__)
279: const short yygindex[] =
280: #else
281: short yygindex[] =
282: #endif
283: { 0,
284: -17, 0, 27, 11, 54, -64, 15, 64, 2, 34,
285: 39, 84, -3, -27, -18, -21, 0, 0, 19, 0,
286: 0, 0, -12, -4, 0, 88, 0, 0, 0, 0,
287: 35, 40, 23, 37,
288: };
289: #define YYTABLESIZE 873
290: #if defined(__cplusplus) || defined(__STDC__)
291: const short yytable[] =
292: #else
293: short yytable[] =
294: #endif
295: { 26,
296: 19, 26, 26, 26, 38, 39, 46, 34, 36, 24,
297: 71, 94, 60, 76, 40, 41, 2, 47, 60, 3,
298: 4, 5, 29, 71, 30, 31, 117, 32, 60, 67,
299: 43, 118, 66, 19, 67, 50, 42, 11, 112, 113,
300: 87, 53, 124, 33, 19, 56, 72, 119, 73, 74,
301: 65, 68, 69, 78, 80, 82, 77, 89, 72, 84,
302: 79, 81, 67, 83, 147, 85, 90, 88, 91, 71,
303: 103, 76, 60, 125, 127, 111, 128, 112, 99, 95,
304: 101, 133, 113, 135, 136, 48, 1, 67, 80, 2,
305: 50, 72, 49, 126, 97, 92, 75, 70, 86, 109,
306: 59, 132, 134, 131, 93, 148, 107, 102, 0, 64,
307: 130, 0, 0, 96, 0, 0, 72, 77, 120, 100,
308: 98, 80, 0, 0, 0, 0, 0, 0, 0, 0,
309: 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
310: 0, 0, 0, 0, 0, 0, 80, 26, 0, 0,
311: 77, 0, 0, 0, 0, 0, 0, 0, 0, 0,
312: 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
313: 0, 0, 0, 0, 0, 77, 12, 0, 0, 0,
314: 26, 0, 0, 0, 0, 0, 0, 0, 0, 0,
315: 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
316: 0, 0, 0, 0, 0, 26, 9, 0, 0, 12,
317: 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
318: 0, 0, 0, 0, 0, 25, 0, 25, 25, 25,
319: 46, 46, 29, 0, 30, 31, 10, 32, 0, 9,
320: 0, 0, 46, 46, 46, 46, 46, 46, 46, 46,
321: 46, 46, 46, 33, 40, 41, 19, 0, 19, 46,
322: 46, 19, 19, 19, 19, 19, 19, 19, 19, 10,
323: 8, 0, 0, 0, 0, 0, 42, 0, 0, 19,
324: 19, 19, 19, 19, 19, 67, 0, 67, 0, 0,
325: 67, 67, 67, 67, 67, 67, 67, 67, 0, 11,
326: 0, 0, 0, 8, 0, 0, 0, 0, 67, 67,
327: 67, 67, 67, 67, 72, 0, 72, 0, 0, 72,
328: 72, 72, 72, 72, 72, 72, 72, 0, 7, 0,
329: 0, 0, 11, 0, 0, 0, 0, 72, 72, 72,
330: 72, 72, 72, 117, 80, 0, 80, 0, 118, 80,
331: 80, 80, 80, 80, 80, 80, 80, 15, 0, 0,
332: 0, 7, 0, 0, 119, 0, 0, 80, 80, 80,
333: 80, 80, 80, 77, 0, 77, 0, 0, 77, 77,
334: 77, 77, 77, 77, 77, 77, 13, 0, 0, 0,
335: 15, 0, 0, 0, 0, 0, 77, 77, 77, 77,
336: 77, 77, 0, 26, 0, 26, 0, 0, 26, 26,
337: 26, 26, 26, 26, 26, 26, 14, 0, 0, 13,
338: 0, 0, 0, 0, 0, 0, 26, 26, 26, 26,
339: 26, 26, 12, 0, 12, 0, 0, 12, 12, 12,
340: 12, 12, 12, 12, 12, 16, 0, 0, 0, 14,
341: 0, 0, 0, 0, 0, 12, 12, 12, 12, 12,
342: 12, 0, 9, 0, 9, 0, 0, 9, 9, 9,
343: 9, 9, 9, 9, 9, 0, 0, 0, 16, 0,
344: 0, 0, 0, 0, 0, 9, 9, 9, 9, 9,
345: 9, 0, 10, 0, 10, 0, 0, 10, 10, 10,
346: 10, 10, 10, 10, 10, 0, 0, 17, 0, 0,
347: 0, 0, 0, 0, 0, 10, 10, 10, 10, 10,
348: 10, 0, 0, 43, 0, 0, 8, 0, 8, 0,
349: 0, 8, 8, 8, 8, 8, 8, 8, 8, 0,
350: 0, 0, 0, 0, 0, 0, 41, 0, 0, 8,
351: 8, 8, 8, 8, 8, 11, 0, 11, 0, 0,
352: 11, 11, 11, 11, 11, 11, 11, 11, 0, 42,
353: 0, 0, 0, 17, 0, 0, 0, 0, 11, 11,
354: 11, 11, 11, 11, 7, 0, 7, 0, 0, 7,
355: 7, 7, 7, 7, 7, 7, 7, 43, 108, 34,
356: 0, 0, 0, 0, 0, 0, 0, 7, 7, 7,
357: 7, 7, 7, 15, 0, 15, 0, 0, 15, 15,
358: 15, 15, 15, 15, 15, 15, 17, 0, 0, 0,
359: 0, 0, 0, 0, 0, 0, 15, 15, 15, 15,
360: 15, 15, 13, 0, 13, 0, 0, 13, 13, 13,
361: 13, 13, 13, 13, 13, 0, 0, 0, 0, 0,
362: 0, 0, 0, 0, 0, 13, 13, 13, 13, 13,
363: 13, 0, 14, 0, 14, 0, 0, 14, 14, 14,
364: 14, 14, 14, 14, 14, 0, 0, 0, 0, 0,
365: 0, 0, 0, 0, 0, 14, 14, 14, 14, 14,
366: 14, 16, 0, 16, 0, 0, 16, 16, 16, 16,
367: 16, 16, 16, 16, 0, 0, 0, 0, 0, 0,
368: 0, 0, 0, 0, 16, 16, 16, 16, 16, 16,
369: 1, 0, 2, 0, 0, 3, 4, 5, 6, 7,
370: 8, 9, 10, 0, 0, 0, 0, 40, 41, 0,
371: 0, 0, 0, 11, 12, 13, 14, 15, 16, 137,
372: 138, 139, 140, 141, 142, 143, 144, 145, 146, 42,
373: 41, 41, 0, 0, 0, 0, 0, 0, 0, 0,
374: 0, 0, 41, 41, 41, 41, 41, 41, 41, 41,
375: 41, 41, 41, 42, 42, 0, 0, 0, 2, 0,
376: 0, 3, 4, 5, 0, 42, 42, 42, 42, 42,
377: 42, 42, 42, 42, 42, 42, 0, 0, 0, 11,
378: 0, 43, 43, 0, 29, 0, 30, 31, 0, 32,
379: 0, 0, 0, 43, 43, 43, 43, 43, 43, 43,
380: 43, 43, 43, 43, 0, 33, 0, 0, 0, 0,
381: 0, 2, 0, 0, 3, 4, 5, 0, 0, 0,
382: 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
383: 0, 0, 11,
384: };
385: #if defined(__cplusplus) || defined(__STDC__)
386: const short yycheck[] =
387: #else
388: short yycheck[] =
389: #endif
390: { 33,
391: 0, 33, 33, 33, 8, 9, 33, 33, 7, 280,
392: 44, 76, 44, 44, 257, 258, 258, 258, 44, 261,
393: 262, 263, 258, 44, 260, 261, 258, 263, 44, 0,
394: 33, 263, 43, 33, 45, 258, 279, 279, 286, 287,
395: 61, 258, 58, 279, 44, 258, 36, 279, 38, 39,
396: 61, 259, 44, 61, 61, 61, 46, 263, 0, 61,
397: 58, 58, 33, 58, 129, 58, 263, 58, 263, 44,
398: 40, 44, 44, 41, 61, 44, 61, 286, 82, 78,
399: 84, 44, 287, 263, 263, 41, 0, 58, 0, 0,
400: 41, 33, 41, 111, 80, 69, 43, 34, 60, 103,
401: 17, 120, 124, 116, 71, 133, 88, 85, -1, 22,
402: 115, -1, -1, 79, -1, -1, 58, 0, 33, 83,
403: 81, 33, -1, -1, -1, -1, -1, -1, -1, -1,
404: -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
405: -1, -1, -1, -1, -1, -1, 58, 0, -1, -1,
406: 33, -1, -1, -1, -1, -1, -1, -1, -1, -1,
407: -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
408: -1, -1, -1, -1, -1, 58, 0, -1, -1, -1,
409: 33, -1, -1, -1, -1, -1, -1, -1, -1, -1,
410: -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
411: -1, -1, -1, -1, -1, 58, 0, -1, -1, 33,
412: -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
413: -1, -1, -1, -1, -1, 259, -1, 259, 259, 259,
414: 257, 258, 258, -1, 260, 261, 0, 263, -1, 33,
415: -1, -1, 269, 270, 271, 272, 273, 274, 275, 276,
416: 277, 278, 279, 279, 257, 258, 256, -1, 258, 286,
417: 287, 261, 262, 263, 264, 265, 266, 267, 268, 33,
418: 0, -1, -1, -1, -1, -1, 279, -1, -1, 279,
419: 280, 281, 282, 283, 284, 256, -1, 258, -1, -1,
420: 261, 262, 263, 264, 265, 266, 267, 268, -1, 0,
421: -1, -1, -1, 33, -1, -1, -1, -1, 279, 280,
422: 281, 282, 283, 284, 256, -1, 258, -1, -1, 261,
423: 262, 263, 264, 265, 266, 267, 268, -1, 0, -1,
424: -1, -1, 33, -1, -1, -1, -1, 279, 280, 281,
425: 282, 283, 284, 258, 256, -1, 258, -1, 263, 261,
426: 262, 263, 264, 265, 266, 267, 268, 0, -1, -1,
427: -1, 33, -1, -1, 279, -1, -1, 279, 280, 281,
428: 282, 283, 284, 256, -1, 258, -1, -1, 261, 262,
429: 263, 264, 265, 266, 267, 268, 0, -1, -1, -1,
430: 33, -1, -1, -1, -1, -1, 279, 280, 281, 282,
431: 283, 284, -1, 256, -1, 258, -1, -1, 261, 262,
432: 263, 264, 265, 266, 267, 268, 0, -1, -1, 33,
433: -1, -1, -1, -1, -1, -1, 279, 280, 281, 282,
434: 283, 284, 256, -1, 258, -1, -1, 261, 262, 263,
435: 264, 265, 266, 267, 268, 0, -1, -1, -1, 33,
436: -1, -1, -1, -1, -1, 279, 280, 281, 282, 283,
437: 284, -1, 256, -1, 258, -1, -1, 261, 262, 263,
438: 264, 265, 266, 267, 268, -1, -1, -1, 33, -1,
439: -1, -1, -1, -1, -1, 279, 280, 281, 282, 283,
440: 284, -1, 256, -1, 258, -1, -1, 261, 262, 263,
441: 264, 265, 266, 267, 268, -1, -1, 33, -1, -1,
442: -1, -1, -1, -1, -1, 279, 280, 281, 282, 283,
443: 284, -1, -1, 33, -1, -1, 256, -1, 258, -1,
444: -1, 261, 262, 263, 264, 265, 266, 267, 268, -1,
445: -1, -1, -1, -1, -1, -1, 33, -1, -1, 279,
446: 280, 281, 282, 283, 284, 256, -1, 258, -1, -1,
447: 261, 262, 263, 264, 265, 266, 267, 268, -1, 33,
448: -1, -1, -1, 33, -1, -1, -1, -1, 279, 280,
449: 281, 282, 283, 284, 256, -1, 258, -1, -1, 261,
450: 262, 263, 264, 265, 266, 267, 268, 33, 58, 33,
451: -1, -1, -1, -1, -1, -1, -1, 279, 280, 281,
452: 282, 283, 284, 256, -1, 258, -1, -1, 261, 262,
453: 263, 264, 265, 266, 267, 268, 33, -1, -1, -1,
454: -1, -1, -1, -1, -1, -1, 279, 280, 281, 282,
455: 283, 284, 256, -1, 258, -1, -1, 261, 262, 263,
456: 264, 265, 266, 267, 268, -1, -1, -1, -1, -1,
457: -1, -1, -1, -1, -1, 279, 280, 281, 282, 283,
458: 284, -1, 256, -1, 258, -1, -1, 261, 262, 263,
459: 264, 265, 266, 267, 268, -1, -1, -1, -1, -1,
460: -1, -1, -1, -1, -1, 279, 280, 281, 282, 283,
461: 284, 256, -1, 258, -1, -1, 261, 262, 263, 264,
462: 265, 266, 267, 268, -1, -1, -1, -1, -1, -1,
463: -1, -1, -1, -1, 279, 280, 281, 282, 283, 284,
464: 256, -1, 258, -1, -1, 261, 262, 263, 264, 265,
465: 266, 267, 268, -1, -1, -1, -1, 257, 258, -1,
466: -1, -1, -1, 279, 280, 281, 282, 283, 284, 269,
467: 270, 271, 272, 273, 274, 275, 276, 277, 278, 279,
468: 257, 258, -1, -1, -1, -1, -1, -1, -1, -1,
469: -1, -1, 269, 270, 271, 272, 273, 274, 275, 276,
470: 277, 278, 279, 257, 258, -1, -1, -1, 258, -1,
471: -1, 261, 262, 263, -1, 269, 270, 271, 272, 273,
472: 274, 275, 276, 277, 278, 279, -1, -1, -1, 279,
473: -1, 257, 258, -1, 258, -1, 260, 261, -1, 263,
474: -1, -1, -1, 269, 270, 271, 272, 273, 274, 275,
475: 276, 277, 278, 279, -1, 279, -1, -1, -1, -1,
476: -1, 258, -1, -1, 261, 262, 263, -1, -1, -1,
477: -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
478: -1, -1, 279,
479: };
480: #define YYFINAL 18
481: #ifndef YYDEBUG
482: #define YYDEBUG 0
483: #endif
484: #define YYMAXTOKEN 287
485: #if YYDEBUG
486: #if defined(__cplusplus) || defined(__STDC__)
487: const char * const yyname[] =
488: #else
489: char *yyname[] =
490: #endif
491: {
492: "end-of-file",0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
493: "'!'",0,0,0,0,0,0,"'('","')'",0,"'+'","','","'-'",0,0,0,0,0,0,0,0,0,0,0,0,"':'",
494: 0,0,"'='",0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
495: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
496: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
497: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
498: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
499: "COMMAND","ALIAS","DEFVAR","NTWKADDR","NETGROUP","USERGROUP","WORD","DEFAULTS",
500: "DEFAULTS_HOST","DEFAULTS_USER","DEFAULTS_RUNAS","DEFAULTS_CMND","NOPASSWD",
501: "PASSWD","NOEXEC","EXEC","SETENV","NOSETENV","LOG_INPUT","NOLOG_INPUT",
502: "LOG_OUTPUT","NOLOG_OUTPUT","ALL","COMMENT","HOSTALIAS","CMNDALIAS","USERALIAS",
503: "RUNASALIAS","ERROR","TYPE","ROLE",
504: };
505: #if defined(__cplusplus) || defined(__STDC__)
506: const char * const yyrule[] =
507: #else
508: char *yyrule[] =
509: #endif
510: {"$accept : file",
511: "file :",
512: "file : line",
513: "line : entry",
514: "line : line entry",
515: "entry : COMMENT",
516: "entry : error COMMENT",
517: "entry : userlist privileges",
518: "entry : USERALIAS useraliases",
519: "entry : HOSTALIAS hostaliases",
520: "entry : CMNDALIAS cmndaliases",
521: "entry : RUNASALIAS runasaliases",
522: "entry : DEFAULTS defaults_list",
523: "entry : DEFAULTS_USER userlist defaults_list",
524: "entry : DEFAULTS_RUNAS userlist defaults_list",
525: "entry : DEFAULTS_HOST hostlist defaults_list",
526: "entry : DEFAULTS_CMND cmndlist defaults_list",
527: "defaults_list : defaults_entry",
528: "defaults_list : defaults_list ',' defaults_entry",
529: "defaults_entry : DEFVAR",
530: "defaults_entry : '!' DEFVAR",
531: "defaults_entry : DEFVAR '=' WORD",
532: "defaults_entry : DEFVAR '+' WORD",
533: "defaults_entry : DEFVAR '-' WORD",
534: "privileges : privilege",
535: "privileges : privileges ':' privilege",
536: "privilege : hostlist '=' cmndspeclist",
537: "ophost : host",
538: "ophost : '!' host",
539: "host : ALIAS",
540: "host : ALL",
541: "host : NETGROUP",
542: "host : NTWKADDR",
543: "host : WORD",
544: "cmndspeclist : cmndspec",
545: "cmndspeclist : cmndspeclist ',' cmndspec",
546: "cmndspec : runasspec selinux cmndtag opcmnd",
547: "opcmnd : cmnd",
548: "opcmnd : '!' cmnd",
549: "rolespec : ROLE '=' WORD",
550: "typespec : TYPE '=' WORD",
551: "selinux :",
552: "selinux : rolespec",
553: "selinux : typespec",
554: "selinux : rolespec typespec",
555: "selinux : typespec rolespec",
556: "runasspec :",
557: "runasspec : '(' runaslist ')'",
558: "runaslist : userlist",
559: "runaslist : userlist ':' grouplist",
560: "runaslist : ':' grouplist",
561: "cmndtag :",
562: "cmndtag : cmndtag NOPASSWD",
563: "cmndtag : cmndtag PASSWD",
564: "cmndtag : cmndtag NOEXEC",
565: "cmndtag : cmndtag EXEC",
566: "cmndtag : cmndtag SETENV",
567: "cmndtag : cmndtag NOSETENV",
568: "cmndtag : cmndtag LOG_INPUT",
569: "cmndtag : cmndtag NOLOG_INPUT",
570: "cmndtag : cmndtag LOG_OUTPUT",
571: "cmndtag : cmndtag NOLOG_OUTPUT",
572: "cmnd : ALL",
573: "cmnd : ALIAS",
574: "cmnd : COMMAND",
575: "hostaliases : hostalias",
576: "hostaliases : hostaliases ':' hostalias",
577: "hostalias : ALIAS '=' hostlist",
578: "hostlist : ophost",
579: "hostlist : hostlist ',' ophost",
580: "cmndaliases : cmndalias",
581: "cmndaliases : cmndaliases ':' cmndalias",
582: "cmndalias : ALIAS '=' cmndlist",
583: "cmndlist : opcmnd",
584: "cmndlist : cmndlist ',' opcmnd",
585: "runasaliases : runasalias",
586: "runasaliases : runasaliases ':' runasalias",
587: "runasalias : ALIAS '=' userlist",
588: "useraliases : useralias",
589: "useraliases : useraliases ':' useralias",
590: "useralias : ALIAS '=' userlist",
591: "userlist : opuser",
592: "userlist : userlist ',' opuser",
593: "opuser : user",
594: "opuser : '!' user",
595: "user : ALIAS",
596: "user : ALL",
597: "user : NETGROUP",
598: "user : USERGROUP",
599: "user : WORD",
600: "grouplist : opgroup",
601: "grouplist : grouplist ',' opgroup",
602: "opgroup : group",
603: "opgroup : '!' group",
604: "group : ALIAS",
605: "group : ALL",
606: "group : WORD",
607: };
608: #endif
609: #ifdef YYSTACKSIZE
610: #undef YYMAXDEPTH
611: #define YYMAXDEPTH YYSTACKSIZE
612: #else
613: #ifdef YYMAXDEPTH
614: #define YYSTACKSIZE YYMAXDEPTH
615: #else
616: #define YYSTACKSIZE 10000
617: #define YYMAXDEPTH 10000
618: #endif
619: #endif
620: #define YYINITSTACKSIZE 200
621: /* LINTUSED */
622: int yydebug;
623: int yynerrs;
624: int yyerrflag;
625: int yychar;
626: short *yyssp;
627: YYSTYPE *yyvsp;
628: YYSTYPE yyval;
629: YYSTYPE yylval;
630: short *yyss;
631: short *yysslim;
632: YYSTYPE *yyvs;
633: int yystacksize;
634: #line 604 "gram.y"
635: static struct defaults *
636: new_default(char *var, char *val, int op)
637: {
638: struct defaults *d;
639:
640: d = emalloc(sizeof(struct defaults));
641: d->var = var;
642: d->val = val;
643: tq_init(&d->binding);
644: d->type = 0;
645: d->op = op;
646: d->prev = d;
647: d->next = NULL;
648:
649: return d;
650: }
651:
652: static struct member *
653: new_member(char *name, int type)
654: {
655: struct member *m;
656:
657: m = emalloc(sizeof(struct member));
658: m->name = name;
659: m->type = type;
660: m->prev = m;
661: m->next = NULL;
662:
663: return m;
664: }
665:
666: /*
667: * Add a list of defaults structures to the defaults list.
668: * The binding, if non-NULL, specifies a list of hosts, users, or
669: * runas users the entries apply to (specified by the type).
670: */
671: static void
672: add_defaults(int type, struct member *bmem, struct defaults *defs)
673: {
674: struct defaults *d;
675: struct member_list binding;
676:
677: /*
678: * We can only call list2tq once on bmem as it will zero
679: * out the prev pointer when it consumes bmem.
680: */
681: list2tq(&binding, bmem);
682:
683: /*
684: * Set type and binding (who it applies to) for new entries.
685: */
686: for (d = defs; d != NULL; d = d->next) {
687: d->type = type;
688: d->binding = binding;
689: }
690: tq_append(&defaults, defs);
691: }
692:
693: /*
694: * Allocate a new struct userspec, populate it, and insert it at the
695: * and of the userspecs list.
696: */
697: static void
698: add_userspec(struct member *members, struct privilege *privs)
699: {
700: struct userspec *u;
701:
702: u = emalloc(sizeof(*u));
703: list2tq(&u->users, members);
704: list2tq(&u->privileges, privs);
705: u->prev = u;
706: u->next = NULL;
707: tq_append(&userspecs, u);
708: }
709:
710: /*
711: * Free up space used by data structures from a previous parser run and sets
712: * the current sudoers file to path.
713: */
714: void
715: init_parser(const char *path, int quiet)
716: {
717: struct defaults *d;
718: struct member *m, *binding;
719: struct userspec *us;
720: struct privilege *priv;
721: struct cmndspec *cs;
722: struct sudo_command *c;
723:
724: while ((us = tq_pop(&userspecs)) != NULL) {
725: while ((m = tq_pop(&us->users)) != NULL) {
726: efree(m->name);
727: efree(m);
728: }
729: while ((priv = tq_pop(&us->privileges)) != NULL) {
730: struct member *runasuser = NULL, *runasgroup = NULL;
731: #ifdef HAVE_SELINUX
732: char *role = NULL, *type = NULL;
733: #endif /* HAVE_SELINUX */
734:
735: while ((m = tq_pop(&priv->hostlist)) != NULL) {
736: efree(m->name);
737: efree(m);
738: }
739: while ((cs = tq_pop(&priv->cmndlist)) != NULL) {
740: #ifdef HAVE_SELINUX
741: /* Only free the first instance of a role/type. */
742: if (cs->role != role) {
743: role = cs->role;
744: efree(cs->role);
745: }
746: if (cs->type != type) {
747: type = cs->type;
748: efree(cs->type);
749: }
750: #endif /* HAVE_SELINUX */
751: if (tq_last(&cs->runasuserlist) != runasuser) {
752: runasuser = tq_last(&cs->runasuserlist);
753: while ((m = tq_pop(&cs->runasuserlist)) != NULL) {
754: efree(m->name);
755: efree(m);
756: }
757: }
758: if (tq_last(&cs->runasgrouplist) != runasgroup) {
759: runasgroup = tq_last(&cs->runasgrouplist);
760: while ((m = tq_pop(&cs->runasgrouplist)) != NULL) {
761: efree(m->name);
762: efree(m);
763: }
764: }
765: if (cs->cmnd->type == COMMAND) {
766: c = (struct sudo_command *) cs->cmnd->name;
767: efree(c->cmnd);
768: efree(c->args);
769: }
770: efree(cs->cmnd->name);
771: efree(cs->cmnd);
772: efree(cs);
773: }
774: efree(priv);
775: }
776: efree(us);
777: }
778: tq_init(&userspecs);
779:
780: binding = NULL;
781: while ((d = tq_pop(&defaults)) != NULL) {
782: if (tq_last(&d->binding) != binding) {
783: binding = tq_last(&d->binding);
784: while ((m = tq_pop(&d->binding)) != NULL) {
785: if (m->type == COMMAND) {
786: c = (struct sudo_command *) m->name;
787: efree(c->cmnd);
788: efree(c->args);
789: }
790: efree(m->name);
791: efree(m);
792: }
793: }
794: efree(d->var);
795: efree(d->val);
796: efree(d);
797: }
798: tq_init(&defaults);
799:
800: init_aliases();
801:
802: init_lexer();
803:
804: efree(sudoers);
805: sudoers = path ? estrdup(path) : NULL;
806:
807: parse_error = FALSE;
808: errorlineno = -1;
809: errorfile = NULL;
810: verbose = !quiet;
811: }
812: #line 760 "y.tab.c"
813: /* allocate initial stack or double stack size, up to YYMAXDEPTH */
814: #if defined(__cplusplus) || defined(__STDC__)
815: static int yygrowstack(void)
816: #else
817: static int yygrowstack()
818: #endif
819: {
820: int newsize, i;
821: short *newss;
822: YYSTYPE *newvs;
823:
824: if ((newsize = yystacksize) == 0)
825: newsize = YYINITSTACKSIZE;
826: else if (newsize >= YYMAXDEPTH)
827: return -1;
828: else if ((newsize *= 2) > YYMAXDEPTH)
829: newsize = YYMAXDEPTH;
830: i = yyssp - yyss;
831: #ifdef SIZE_MAX
832: #define YY_SIZE_MAX SIZE_MAX
833: #else
834: #define YY_SIZE_MAX 0x7fffffff
835: #endif
836: if (newsize && YY_SIZE_MAX / newsize < sizeof *newss)
837: goto bail;
838: newss = yyss ? (short *)realloc(yyss, newsize * sizeof *newss) :
839: (short *)malloc(newsize * sizeof *newss); /* overflow check above */
840: if (newss == NULL)
841: goto bail;
842: yyss = newss;
843: yyssp = newss + i;
844: if (newsize && YY_SIZE_MAX / newsize < sizeof *newvs)
845: goto bail;
846: newvs = yyvs ? (YYSTYPE *)realloc(yyvs, newsize * sizeof *newvs) :
847: (YYSTYPE *)malloc(newsize * sizeof *newvs); /* overflow check above */
848: if (newvs == NULL)
849: goto bail;
850: yyvs = newvs;
851: yyvsp = newvs + i;
852: yystacksize = newsize;
853: yysslim = yyss + newsize - 1;
854: return 0;
855: bail:
856: if (yyss)
857: free(yyss);
858: if (yyvs)
859: free(yyvs);
860: yyss = yyssp = NULL;
861: yyvs = yyvsp = NULL;
862: yystacksize = 0;
863: return -1;
864: }
865:
866: #define YYABORT goto yyabort
867: #define YYREJECT goto yyabort
868: #define YYACCEPT goto yyaccept
869: #define YYERROR goto yyerrlab
870: int
871: #if defined(__cplusplus) || defined(__STDC__)
872: yyparse(void)
873: #else
874: yyparse()
875: #endif
876: {
877: int yym, yyn, yystate;
878: #if YYDEBUG
879: #if defined(__cplusplus) || defined(__STDC__)
880: const char *yys;
881: #else /* !(defined(__cplusplus) || defined(__STDC__)) */
882: char *yys;
883: #endif /* !(defined(__cplusplus) || defined(__STDC__)) */
884:
885: if ((yys = getenv("YYDEBUG")))
886: {
887: yyn = *yys;
888: if (yyn >= '0' && yyn <= '9')
889: yydebug = yyn - '0';
890: }
891: #endif /* YYDEBUG */
892:
893: yynerrs = 0;
894: yyerrflag = 0;
895: yychar = (-1);
896:
897: if (yyss == NULL && yygrowstack()) goto yyoverflow;
898: yyssp = yyss;
899: yyvsp = yyvs;
900: *yyssp = yystate = 0;
901:
902: yyloop:
903: if ((yyn = yydefred[yystate]) != 0) goto yyreduce;
904: if (yychar < 0)
905: {
906: if ((yychar = yylex()) < 0) yychar = 0;
907: #if YYDEBUG
908: if (yydebug)
909: {
910: yys = 0;
911: if (yychar <= YYMAXTOKEN) yys = yyname[yychar];
912: if (!yys) yys = "illegal-symbol";
913: printf("%sdebug: state %d, reading %d (%s)\n",
914: YYPREFIX, yystate, yychar, yys);
915: }
916: #endif
917: }
918: if ((yyn = yysindex[yystate]) && (yyn += yychar) >= 0 &&
919: yyn <= YYTABLESIZE && yycheck[yyn] == yychar)
920: {
921: #if YYDEBUG
922: if (yydebug)
923: printf("%sdebug: state %d, shifting to state %d\n",
924: YYPREFIX, yystate, yytable[yyn]);
925: #endif
926: if (yyssp >= yysslim && yygrowstack())
927: {
928: goto yyoverflow;
929: }
930: *++yyssp = yystate = yytable[yyn];
931: *++yyvsp = yylval;
932: yychar = (-1);
933: if (yyerrflag > 0) --yyerrflag;
934: goto yyloop;
935: }
936: if ((yyn = yyrindex[yystate]) && (yyn += yychar) >= 0 &&
937: yyn <= YYTABLESIZE && yycheck[yyn] == yychar)
938: {
939: yyn = yytable[yyn];
940: goto yyreduce;
941: }
942: if (yyerrflag) goto yyinrecovery;
943: #if defined(lint) || defined(__GNUC__)
944: goto yynewerror;
945: #endif
946: yynewerror:
947: yyerror("syntax error");
948: #if defined(lint) || defined(__GNUC__)
949: goto yyerrlab;
950: #endif
951: yyerrlab:
952: ++yynerrs;
953: yyinrecovery:
954: if (yyerrflag < 3)
955: {
956: yyerrflag = 3;
957: for (;;)
958: {
959: if ((yyn = yysindex[*yyssp]) && (yyn += YYERRCODE) >= 0 &&
960: yyn <= YYTABLESIZE && yycheck[yyn] == YYERRCODE)
961: {
962: #if YYDEBUG
963: if (yydebug)
964: printf("%sdebug: state %d, error recovery shifting\
965: to state %d\n", YYPREFIX, *yyssp, yytable[yyn]);
966: #endif
967: if (yyssp >= yysslim && yygrowstack())
968: {
969: goto yyoverflow;
970: }
971: *++yyssp = yystate = yytable[yyn];
972: *++yyvsp = yylval;
973: goto yyloop;
974: }
975: else
976: {
977: #if YYDEBUG
978: if (yydebug)
979: printf("%sdebug: error recovery discarding state %d\n",
980: YYPREFIX, *yyssp);
981: #endif
982: if (yyssp <= yyss) goto yyabort;
983: --yyssp;
984: --yyvsp;
985: }
986: }
987: }
988: else
989: {
990: if (yychar == 0) goto yyabort;
991: #if YYDEBUG
992: if (yydebug)
993: {
994: yys = 0;
995: if (yychar <= YYMAXTOKEN) yys = yyname[yychar];
996: if (!yys) yys = "illegal-symbol";
997: printf("%sdebug: state %d, error recovery discards token %d (%s)\n",
998: YYPREFIX, yystate, yychar, yys);
999: }
1000: #endif
1001: yychar = (-1);
1002: goto yyloop;
1003: }
1004: yyreduce:
1005: #if YYDEBUG
1006: if (yydebug)
1007: printf("%sdebug: state %d, reducing by rule %d (%s)\n",
1008: YYPREFIX, yystate, yyn, yyrule[yyn]);
1009: #endif
1010: yym = yylen[yyn];
1011: if (yym)
1012: yyval = yyvsp[1-yym];
1013: else
1014: memset(&yyval, 0, sizeof yyval);
1015: switch (yyn)
1016: {
1017: case 1:
1018: #line 185 "gram.y"
1019: { ; }
1020: break;
1021: case 5:
1022: #line 193 "gram.y"
1023: {
1024: ;
1025: }
1026: break;
1027: case 6:
1028: #line 196 "gram.y"
1029: {
1030: yyerrok;
1031: }
1032: break;
1033: case 7:
1034: #line 199 "gram.y"
1035: {
1036: add_userspec(yyvsp[-1].member, yyvsp[0].privilege);
1037: }
1038: break;
1039: case 8:
1040: #line 202 "gram.y"
1041: {
1042: ;
1043: }
1044: break;
1045: case 9:
1046: #line 205 "gram.y"
1047: {
1048: ;
1049: }
1050: break;
1051: case 10:
1052: #line 208 "gram.y"
1053: {
1054: ;
1055: }
1056: break;
1057: case 11:
1058: #line 211 "gram.y"
1059: {
1060: ;
1061: }
1062: break;
1063: case 12:
1064: #line 214 "gram.y"
1065: {
1066: add_defaults(DEFAULTS, NULL, yyvsp[0].defaults);
1067: }
1068: break;
1069: case 13:
1070: #line 217 "gram.y"
1071: {
1072: add_defaults(DEFAULTS_USER, yyvsp[-1].member, yyvsp[0].defaults);
1073: }
1074: break;
1075: case 14:
1076: #line 220 "gram.y"
1077: {
1078: add_defaults(DEFAULTS_RUNAS, yyvsp[-1].member, yyvsp[0].defaults);
1079: }
1080: break;
1081: case 15:
1082: #line 223 "gram.y"
1083: {
1084: add_defaults(DEFAULTS_HOST, yyvsp[-1].member, yyvsp[0].defaults);
1085: }
1086: break;
1087: case 16:
1088: #line 226 "gram.y"
1089: {
1090: add_defaults(DEFAULTS_CMND, yyvsp[-1].member, yyvsp[0].defaults);
1091: }
1092: break;
1093: case 18:
1094: #line 232 "gram.y"
1095: {
1096: list_append(yyvsp[-2].defaults, yyvsp[0].defaults);
1097: yyval.defaults = yyvsp[-2].defaults;
1098: }
1099: break;
1100: case 19:
1101: #line 238 "gram.y"
1102: {
1103: yyval.defaults = new_default(yyvsp[0].string, NULL, TRUE);
1104: }
1105: break;
1106: case 20:
1107: #line 241 "gram.y"
1108: {
1109: yyval.defaults = new_default(yyvsp[0].string, NULL, FALSE);
1110: }
1111: break;
1112: case 21:
1113: #line 244 "gram.y"
1114: {
1115: yyval.defaults = new_default(yyvsp[-2].string, yyvsp[0].string, TRUE);
1116: }
1117: break;
1118: case 22:
1119: #line 247 "gram.y"
1120: {
1121: yyval.defaults = new_default(yyvsp[-2].string, yyvsp[0].string, '+');
1122: }
1123: break;
1124: case 23:
1125: #line 250 "gram.y"
1126: {
1127: yyval.defaults = new_default(yyvsp[-2].string, yyvsp[0].string, '-');
1128: }
1129: break;
1130: case 25:
1131: #line 256 "gram.y"
1132: {
1133: list_append(yyvsp[-2].privilege, yyvsp[0].privilege);
1134: yyval.privilege = yyvsp[-2].privilege;
1135: }
1136: break;
1137: case 26:
1138: #line 262 "gram.y"
1139: {
1140: struct privilege *p = emalloc(sizeof(*p));
1141: list2tq(&p->hostlist, yyvsp[-2].member);
1142: list2tq(&p->cmndlist, yyvsp[0].cmndspec);
1143: p->prev = p;
1144: p->next = NULL;
1145: yyval.privilege = p;
1146: }
1147: break;
1148: case 27:
1149: #line 272 "gram.y"
1150: {
1151: yyval.member = yyvsp[0].member;
1152: yyval.member->negated = FALSE;
1153: }
1154: break;
1155: case 28:
1156: #line 276 "gram.y"
1157: {
1158: yyval.member = yyvsp[0].member;
1159: yyval.member->negated = TRUE;
1160: }
1161: break;
1162: case 29:
1163: #line 282 "gram.y"
1164: {
1165: yyval.member = new_member(yyvsp[0].string, ALIAS);
1166: }
1167: break;
1168: case 30:
1169: #line 285 "gram.y"
1170: {
1171: yyval.member = new_member(NULL, ALL);
1172: }
1173: break;
1174: case 31:
1175: #line 288 "gram.y"
1176: {
1177: yyval.member = new_member(yyvsp[0].string, NETGROUP);
1178: }
1179: break;
1180: case 32:
1181: #line 291 "gram.y"
1182: {
1183: yyval.member = new_member(yyvsp[0].string, NTWKADDR);
1184: }
1185: break;
1186: case 33:
1187: #line 294 "gram.y"
1188: {
1189: yyval.member = new_member(yyvsp[0].string, WORD);
1190: }
1191: break;
1192: case 35:
1193: #line 300 "gram.y"
1194: {
1195: list_append(yyvsp[-2].cmndspec, yyvsp[0].cmndspec);
1196: #ifdef HAVE_SELINUX
1197: /* propagate role and type */
1198: if (yyvsp[0].cmndspec->role == NULL)
1199: yyvsp[0].cmndspec->role = yyvsp[0].cmndspec->prev->role;
1200: if (yyvsp[0].cmndspec->type == NULL)
1201: yyvsp[0].cmndspec->type = yyvsp[0].cmndspec->prev->type;
1202: #endif /* HAVE_SELINUX */
1203: /* propagate tags and runas list */
1204: if (yyvsp[0].cmndspec->tags.nopasswd == UNSPEC)
1205: yyvsp[0].cmndspec->tags.nopasswd = yyvsp[0].cmndspec->prev->tags.nopasswd;
1206: if (yyvsp[0].cmndspec->tags.noexec == UNSPEC)
1207: yyvsp[0].cmndspec->tags.noexec = yyvsp[0].cmndspec->prev->tags.noexec;
1208: if (yyvsp[0].cmndspec->tags.setenv == UNSPEC &&
1209: yyvsp[0].cmndspec->prev->tags.setenv != IMPLIED)
1210: yyvsp[0].cmndspec->tags.setenv = yyvsp[0].cmndspec->prev->tags.setenv;
1211: if (yyvsp[0].cmndspec->tags.log_input == UNSPEC)
1212: yyvsp[0].cmndspec->tags.log_input = yyvsp[0].cmndspec->prev->tags.log_input;
1213: if (yyvsp[0].cmndspec->tags.log_output == UNSPEC)
1214: yyvsp[0].cmndspec->tags.log_output = yyvsp[0].cmndspec->prev->tags.log_output;
1215: if ((tq_empty(&yyvsp[0].cmndspec->runasuserlist) &&
1216: tq_empty(&yyvsp[0].cmndspec->runasgrouplist)) &&
1217: (!tq_empty(&yyvsp[0].cmndspec->prev->runasuserlist) ||
1218: !tq_empty(&yyvsp[0].cmndspec->prev->runasgrouplist))) {
1219: yyvsp[0].cmndspec->runasuserlist = yyvsp[0].cmndspec->prev->runasuserlist;
1220: yyvsp[0].cmndspec->runasgrouplist = yyvsp[0].cmndspec->prev->runasgrouplist;
1221: }
1222: yyval.cmndspec = yyvsp[-2].cmndspec;
1223: }
1224: break;
1225: case 36:
1226: #line 332 "gram.y"
1227: {
1228: struct cmndspec *cs = emalloc(sizeof(*cs));
1229: if (yyvsp[-3].runas != NULL) {
1230: list2tq(&cs->runasuserlist, yyvsp[-3].runas->runasusers);
1231: list2tq(&cs->runasgrouplist, yyvsp[-3].runas->runasgroups);
1232: efree(yyvsp[-3].runas);
1233: } else {
1234: tq_init(&cs->runasuserlist);
1235: tq_init(&cs->runasgrouplist);
1236: }
1237: #ifdef HAVE_SELINUX
1238: cs->role = yyvsp[-2].seinfo.role;
1239: cs->type = yyvsp[-2].seinfo.type;
1240: #endif
1241: cs->tags = yyvsp[-1].tag;
1242: cs->cmnd = yyvsp[0].member;
1243: cs->prev = cs;
1244: cs->next = NULL;
1245: /* sudo "ALL" implies the SETENV tag */
1246: if (cs->cmnd->type == ALL && !cs->cmnd->negated &&
1247: cs->tags.setenv == UNSPEC)
1248: cs->tags.setenv = IMPLIED;
1249: yyval.cmndspec = cs;
1250: }
1251: break;
1252: case 37:
1253: #line 358 "gram.y"
1254: {
1255: yyval.member = yyvsp[0].member;
1256: yyval.member->negated = FALSE;
1257: }
1258: break;
1259: case 38:
1260: #line 362 "gram.y"
1261: {
1262: yyval.member = yyvsp[0].member;
1263: yyval.member->negated = TRUE;
1264: }
1265: break;
1266: case 39:
1267: #line 368 "gram.y"
1268: {
1269: yyval.string = yyvsp[0].string;
1270: }
1271: break;
1272: case 40:
1273: #line 373 "gram.y"
1274: {
1275: yyval.string = yyvsp[0].string;
1276: }
1277: break;
1278: case 41:
1279: #line 378 "gram.y"
1280: {
1281: yyval.seinfo.role = NULL;
1282: yyval.seinfo.type = NULL;
1283: }
1284: break;
1285: case 42:
1286: #line 382 "gram.y"
1287: {
1288: yyval.seinfo.role = yyvsp[0].string;
1289: yyval.seinfo.type = NULL;
1290: }
1291: break;
1292: case 43:
1293: #line 386 "gram.y"
1294: {
1295: yyval.seinfo.type = yyvsp[0].string;
1296: yyval.seinfo.role = NULL;
1297: }
1298: break;
1299: case 44:
1300: #line 390 "gram.y"
1301: {
1302: yyval.seinfo.role = yyvsp[-1].string;
1303: yyval.seinfo.type = yyvsp[0].string;
1304: }
1305: break;
1306: case 45:
1307: #line 394 "gram.y"
1308: {
1309: yyval.seinfo.type = yyvsp[-1].string;
1310: yyval.seinfo.role = yyvsp[0].string;
1311: }
1312: break;
1313: case 46:
1314: #line 400 "gram.y"
1315: {
1316: yyval.runas = NULL;
1317: }
1318: break;
1319: case 47:
1320: #line 403 "gram.y"
1321: {
1322: yyval.runas = yyvsp[-1].runas;
1323: }
1324: break;
1325: case 48:
1326: #line 408 "gram.y"
1327: {
1328: yyval.runas = emalloc(sizeof(struct runascontainer));
1329: yyval.runas->runasusers = yyvsp[0].member;
1330: yyval.runas->runasgroups = NULL;
1331: }
1332: break;
1333: case 49:
1334: #line 413 "gram.y"
1335: {
1336: yyval.runas = emalloc(sizeof(struct runascontainer));
1337: yyval.runas->runasusers = yyvsp[-2].member;
1338: yyval.runas->runasgroups = yyvsp[0].member;
1339: }
1340: break;
1341: case 50:
1342: #line 418 "gram.y"
1343: {
1344: yyval.runas = emalloc(sizeof(struct runascontainer));
1345: yyval.runas->runasusers = NULL;
1346: yyval.runas->runasgroups = yyvsp[0].member;
1347: }
1348: break;
1349: case 51:
1350: #line 425 "gram.y"
1351: {
1352: yyval.tag.nopasswd = yyval.tag.noexec = yyval.tag.setenv =
1353: yyval.tag.log_input = yyval.tag.log_output = UNSPEC;
1354: }
1355: break;
1356: case 52:
1357: #line 429 "gram.y"
1358: {
1359: yyval.tag.nopasswd = TRUE;
1360: }
1361: break;
1362: case 53:
1363: #line 432 "gram.y"
1364: {
1365: yyval.tag.nopasswd = FALSE;
1366: }
1367: break;
1368: case 54:
1369: #line 435 "gram.y"
1370: {
1371: yyval.tag.noexec = TRUE;
1372: }
1373: break;
1374: case 55:
1375: #line 438 "gram.y"
1376: {
1377: yyval.tag.noexec = FALSE;
1378: }
1379: break;
1380: case 56:
1381: #line 441 "gram.y"
1382: {
1383: yyval.tag.setenv = TRUE;
1384: }
1385: break;
1386: case 57:
1387: #line 444 "gram.y"
1388: {
1389: yyval.tag.setenv = FALSE;
1390: }
1391: break;
1392: case 58:
1393: #line 447 "gram.y"
1394: {
1395: yyval.tag.log_input = TRUE;
1396: }
1397: break;
1398: case 59:
1399: #line 450 "gram.y"
1400: {
1401: yyval.tag.log_input = FALSE;
1402: }
1403: break;
1404: case 60:
1405: #line 453 "gram.y"
1406: {
1407: yyval.tag.log_output = TRUE;
1408: }
1409: break;
1410: case 61:
1411: #line 456 "gram.y"
1412: {
1413: yyval.tag.log_output = FALSE;
1414: }
1415: break;
1416: case 62:
1417: #line 461 "gram.y"
1418: {
1419: yyval.member = new_member(NULL, ALL);
1420: }
1421: break;
1422: case 63:
1423: #line 464 "gram.y"
1424: {
1425: yyval.member = new_member(yyvsp[0].string, ALIAS);
1426: }
1427: break;
1428: case 64:
1429: #line 467 "gram.y"
1430: {
1431: struct sudo_command *c = emalloc(sizeof(*c));
1432: c->cmnd = yyvsp[0].command.cmnd;
1433: c->args = yyvsp[0].command.args;
1434: yyval.member = new_member((char *)c, COMMAND);
1435: }
1436: break;
1437: case 67:
1438: #line 479 "gram.y"
1439: {
1440: char *s;
1441: if ((s = alias_add(yyvsp[-2].string, HOSTALIAS, yyvsp[0].member)) != NULL) {
1442: yyerror(s);
1443: YYERROR;
1444: }
1445: }
1446: break;
1447: case 69:
1448: #line 489 "gram.y"
1449: {
1450: list_append(yyvsp[-2].member, yyvsp[0].member);
1451: yyval.member = yyvsp[-2].member;
1452: }
1453: break;
1454: case 72:
1455: #line 499 "gram.y"
1456: {
1457: char *s;
1458: if ((s = alias_add(yyvsp[-2].string, CMNDALIAS, yyvsp[0].member)) != NULL) {
1459: yyerror(s);
1460: YYERROR;
1461: }
1462: }
1463: break;
1464: case 74:
1465: #line 509 "gram.y"
1466: {
1467: list_append(yyvsp[-2].member, yyvsp[0].member);
1468: yyval.member = yyvsp[-2].member;
1469: }
1470: break;
1471: case 77:
1472: #line 519 "gram.y"
1473: {
1474: char *s;
1475: if ((s = alias_add(yyvsp[-2].string, RUNASALIAS, yyvsp[0].member)) != NULL) {
1476: yyerror(s);
1477: YYERROR;
1478: }
1479: }
1480: break;
1481: case 80:
1482: #line 532 "gram.y"
1483: {
1484: char *s;
1485: if ((s = alias_add(yyvsp[-2].string, USERALIAS, yyvsp[0].member)) != NULL) {
1486: yyerror(s);
1487: YYERROR;
1488: }
1489: }
1490: break;
1491: case 82:
1492: #line 542 "gram.y"
1493: {
1494: list_append(yyvsp[-2].member, yyvsp[0].member);
1495: yyval.member = yyvsp[-2].member;
1496: }
1497: break;
1498: case 83:
1499: #line 548 "gram.y"
1500: {
1501: yyval.member = yyvsp[0].member;
1502: yyval.member->negated = FALSE;
1503: }
1504: break;
1505: case 84:
1506: #line 552 "gram.y"
1507: {
1508: yyval.member = yyvsp[0].member;
1509: yyval.member->negated = TRUE;
1510: }
1511: break;
1512: case 85:
1513: #line 558 "gram.y"
1514: {
1515: yyval.member = new_member(yyvsp[0].string, ALIAS);
1516: }
1517: break;
1518: case 86:
1519: #line 561 "gram.y"
1520: {
1521: yyval.member = new_member(NULL, ALL);
1522: }
1523: break;
1524: case 87:
1525: #line 564 "gram.y"
1526: {
1527: yyval.member = new_member(yyvsp[0].string, NETGROUP);
1528: }
1529: break;
1530: case 88:
1531: #line 567 "gram.y"
1532: {
1533: yyval.member = new_member(yyvsp[0].string, USERGROUP);
1534: }
1535: break;
1536: case 89:
1537: #line 570 "gram.y"
1538: {
1539: yyval.member = new_member(yyvsp[0].string, WORD);
1540: }
1541: break;
1542: case 91:
1543: #line 576 "gram.y"
1544: {
1545: list_append(yyvsp[-2].member, yyvsp[0].member);
1546: yyval.member = yyvsp[-2].member;
1547: }
1548: break;
1549: case 92:
1550: #line 582 "gram.y"
1551: {
1552: yyval.member = yyvsp[0].member;
1553: yyval.member->negated = FALSE;
1554: }
1555: break;
1556: case 93:
1557: #line 586 "gram.y"
1558: {
1559: yyval.member = yyvsp[0].member;
1560: yyval.member->negated = TRUE;
1561: }
1562: break;
1563: case 94:
1564: #line 592 "gram.y"
1565: {
1566: yyval.member = new_member(yyvsp[0].string, ALIAS);
1567: }
1568: break;
1569: case 95:
1570: #line 595 "gram.y"
1571: {
1572: yyval.member = new_member(NULL, ALL);
1573: }
1574: break;
1575: case 96:
1576: #line 598 "gram.y"
1577: {
1578: yyval.member = new_member(yyvsp[0].string, WORD);
1579: }
1580: break;
1581: #line 1529 "y.tab.c"
1582: }
1583: yyssp -= yym;
1584: yystate = *yyssp;
1585: yyvsp -= yym;
1586: yym = yylhs[yyn];
1587: if (yystate == 0 && yym == 0)
1588: {
1589: #if YYDEBUG
1590: if (yydebug)
1591: printf("%sdebug: after reduction, shifting from state 0 to\
1592: state %d\n", YYPREFIX, YYFINAL);
1593: #endif
1594: yystate = YYFINAL;
1595: *++yyssp = YYFINAL;
1596: *++yyvsp = yyval;
1597: if (yychar < 0)
1598: {
1599: if ((yychar = yylex()) < 0) yychar = 0;
1600: #if YYDEBUG
1601: if (yydebug)
1602: {
1603: yys = 0;
1604: if (yychar <= YYMAXTOKEN) yys = yyname[yychar];
1605: if (!yys) yys = "illegal-symbol";
1606: printf("%sdebug: state %d, reading %d (%s)\n",
1607: YYPREFIX, YYFINAL, yychar, yys);
1608: }
1609: #endif
1610: }
1611: if (yychar == 0) goto yyaccept;
1612: goto yyloop;
1613: }
1614: if ((yyn = yygindex[yym]) && (yyn += yystate) >= 0 &&
1615: yyn <= YYTABLESIZE && yycheck[yyn] == yystate)
1616: yystate = yytable[yyn];
1617: else
1618: yystate = yydgoto[yym];
1619: #if YYDEBUG
1620: if (yydebug)
1621: printf("%sdebug: after reduction, shifting from state %d \
1622: to state %d\n", YYPREFIX, *yyssp, yystate);
1623: #endif
1624: if (yyssp >= yysslim && yygrowstack())
1625: {
1626: goto yyoverflow;
1627: }
1628: *++yyssp = yystate;
1629: *++yyvsp = yyval;
1630: goto yyloop;
1631: yyoverflow:
1632: yyerror("yacc stack overflow");
1633: yyabort:
1634: if (yyss)
1635: free(yyss);
1636: if (yyvs)
1637: free(yyvs);
1638: yyss = yyssp = NULL;
1639: yyvs = yyvsp = NULL;
1640: yystacksize = 0;
1641: return (1);
1642: yyaccept:
1643: if (yyss)
1644: free(yyss);
1645: if (yyvs)
1646: free(yyvs);
1647: yyss = yyssp = NULL;
1648: yyvs = yyvsp = NULL;
1649: yystacksize = 0;
1650: return (0);
1651: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>