embedaddon/sudo/plugins/sudoers/gram.y - diff

Return to gram.y CVS log

Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / sudo / plugins / sudoers

Diff for /embedaddon/sudo/plugins/sudoers/gram.y between versions 1.1.1.2 and 1.1.1.3

version 1.1.1.2, 2012/05/29 12:26:49	version 1.1.1.3, 2012/10/09 09:29:52
Line 44	Line 44
#ifdef HAVE_UNISTD_H	#ifdef HAVE_UNISTD_H
# include <unistd.h>	# include <unistd.h>
#endif /* HAVE_UNISTD_H */	#endif /* HAVE_UNISTD_H */
	#ifdef HAVE_INTTYPES_H
	# include <inttypes.h>
	#endif
#if defined(YYBISON) && defined(HAVE_ALLOCA_H) && !defined(__GNUC__)	#if defined(YYBISON) && defined(HAVE_ALLOCA_H) && !defined(__GNUC__)
# include <alloca.h>	# include <alloca.h>
#endif /* YYBISON && HAVE_ALLOCA_H && !__GNUC__ */	#endif /* YYBISON && HAVE_ALLOCA_H && !__GNUC__ */
Line 104 yyerror(const char *s)	Line 107 yyerror(const char *s)
errorlineno = sudolineno;	errorlineno = sudolineno;
errorfile = estrdup(sudoers);	errorfile = estrdup(sudoers);
}	}
if (trace_print != NULL) {	if (sudoers_warnings && s != NULL) {
LEXTRACE("<*> ");	LEXTRACE("<*> ");
} else if (sudoers_warnings && s != NULL) {	#ifndef TRACELEXER
warningx(_(">>> %s: %s near line %d <<<"), sudoers, s, sudolineno);	if (trace_print == NULL \|\| trace_print == sudoers_trace_print)
	warningx(_(">>> %s: %s near line %d <<<"), sudoers, s, sudolineno);
	#endif
}	}
parse_error = true;	parse_error = true;
debug_return;	debug_return;
Line 123 yyerror(const char *s)	Line 128 yyerror(const char *s)
struct sudo_command command;	struct sudo_command command;
struct cmndtag tag;	struct cmndtag tag;
struct selinux_info seinfo;	struct selinux_info seinfo;
	struct solaris_privs_info privinfo;
char *string;	char *string;
int tok;	int tok;
}	}
Line 161 yyerror(const char *s)	Line 167 yyerror(const char *s)
%token <tok> ERROR	%token <tok> ERROR
%token <tok> TYPE /* SELinux type */	%token <tok> TYPE /* SELinux type */
%token <tok> ROLE /* SELinux role */	%token <tok> ROLE /* SELinux role */
	%token <tok> PRIVS /* Solaris privileges */
	%token <tok> LIMITPRIVS /* Solaris limit privileges */
	%token <tok> MYSELF /* run as myself, not another user */

%type <cmndspec> cmndspec	%type <cmndspec> cmndspec
%type <cmndspec> cmndspeclist	%type <cmndspec> cmndspeclist
Line 186 yyerror(const char *s)	Line 195 yyerror(const char *s)
%type <seinfo> selinux	%type <seinfo> selinux
%type <string> rolespec	%type <string> rolespec
%type <string> typespec	%type <string> typespec
	%type <privinfo> solarisprivs
	%type <string> privsspec
	%type <string> limitprivsspec

%%	%%

Line 313 cmndspeclist : cmndspec	Line 325 cmndspeclist : cmndspec
if ($3->type == NULL)	if ($3->type == NULL)
$3->type = $3->prev->type;	$3->type = $3->prev->type;
#endif /* HAVE_SELINUX */	#endif /* HAVE_SELINUX */
	#ifdef HAVE_PRIV_SET
	/* propagate privs & limitprivs */
	if ($3->privs == NULL)
	$3->privs = $3->prev->privs;
	if ($3->limitprivs == NULL)
	$3->limitprivs = $3->prev->limitprivs;
	#endif /* HAVE_PRIV_SET */
/* propagate tags and runas list */	/* propagate tags and runas list */
if ($3->tags.nopasswd == UNSPEC)	if ($3->tags.nopasswd == UNSPEC)
$3->tags.nopasswd = $3->prev->tags.nopasswd;	$3->tags.nopasswd = $3->prev->tags.nopasswd;
Line 336 cmndspeclist : cmndspec	Line 355 cmndspeclist : cmndspec
}	}
;	;

cmndspec : runasspec selinux cmndtag opcmnd {	cmndspec : runasspec selinux solarisprivs cmndtag opcmnd {
struct cmndspec cs = ecalloc(1, sizeof(cs));	struct cmndspec cs = ecalloc(1, sizeof(cs));
if ($1 != NULL) {	if ($1 != NULL) {
list2tq(&cs->runasuserlist, $1->runasusers);	list2tq(&cs->runasuserlist, $1->runasusers);
Line 350 cmndspec : runasspec selinux cmndtag opcmnd {	Line 369 cmndspec : runasspec selinux cmndtag opcmnd {
cs->role = $2.role;	cs->role = $2.role;
cs->type = $2.type;	cs->type = $2.type;
#endif	#endif
cs->tags = $3;	#ifdef HAVE_PRIV_SET
cs->cmnd = $4;	cs->privs = $3.privs;
	cs->limitprivs = $3.limitprivs;
	#endif
	cs->tags = $4;
	cs->cmnd = $5;
cs->prev = cs;	cs->prev = cs;
cs->next = NULL;	cs->next = NULL;
/* sudo "ALL" implies the SETENV tag */	/* sudo "ALL" implies the SETENV tag */
Line 404 selinux : /* empty */ {	Line 427 selinux : /* empty */ {
}	}
;	;

	privsspec : PRIVS '=' WORD {
	$$ = $3;
	}
	;
	limitprivsspec : LIMITPRIVS '=' WORD {
	$$ = $3;
	}
	;

	solarisprivs : /* empty */ {
	$$.privs = NULL;
	$$.limitprivs = NULL;
	}
	\| privsspec {
	$$.privs = $1;
	$$.limitprivs = NULL;
	}
	\| limitprivsspec {
	$$.privs = NULL;
	$$.limitprivs = $1;
	}
	\| privsspec limitprivsspec {
	$$.privs = $1;
	$$.limitprivs = $2;
	}
	\| limitprivsspec privsspec {
	$$.limitprivs = $1;
	$$.privs = $2;
	}

runasspec : /* empty */ {	runasspec : /* empty */ {
$$ = NULL;	$$ = NULL;
}	}
Line 412 runasspec : /* empty */ {	Line 465 runasspec : /* empty */ {
}	}
;	;

runaslist : userlist {	runaslist : /* empty */ {
$$ = ecalloc(1, sizeof(struct runascontainer));	$$ = ecalloc(1, sizeof(struct runascontainer));
	$$->runasusers = new_member(NULL, MYSELF);
	/* $$->runasgroups = NULL; */
	}
	\| userlist {
	$$ = ecalloc(1, sizeof(struct runascontainer));
$$->runasusers = $1;	$$->runasusers = $1;
/* $$->runasgroups = NULL; */	/* $$->runasgroups = NULL; */
}	}
Line 427 runaslist : userlist {	Line 485 runaslist : userlist {
/* $$->runasusers = NULL; */	/* $$->runasusers = NULL; */
$$->runasgroups = $2;	$$->runasgroups = $2;
}	}
	\| ':' {
	$$ = ecalloc(1, sizeof(struct runascontainer));
	$$->runasusers = new_member(NULL, MYSELF);
	/* $$->runasgroups = NULL; */
	}
;	;

cmndtag : /* empty */ {	cmndtag : /* empty */ {
Line 696 add_userspec(struct member *members, struct privilege	Line 759 add_userspec(struct member *members, struct privilege
* the current sudoers file to path.	* the current sudoers file to path.
*/	*/
void	void
init_parser(const char *path, int quiet)	init_parser(const char *path, bool quiet)
{	{
struct defaults *d;	struct defaults *d;
struct member m, binding;	struct member m, binding;
Line 716 init_parser(const char *path, int quiet)	Line 779 init_parser(const char *path, int quiet)
#ifdef HAVE_SELINUX	#ifdef HAVE_SELINUX
char role = NULL, type = NULL;	char role = NULL, type = NULL;
#endif /* HAVE_SELINUX */	#endif /* HAVE_SELINUX */
	#ifdef HAVE_PRIV_SET
	char privs = NULL, limitprivs = NULL;
	#endif /* HAVE_PRIV_SET */

while ((m = tq_pop(&priv->hostlist)) != NULL) {	while ((m = tq_pop(&priv->hostlist)) != NULL) {
efree(m->name);	efree(m->name);
Line 733 init_parser(const char *path, int quiet)	Line 799 init_parser(const char *path, int quiet)
efree(cs->type);	efree(cs->type);
}	}
#endif /* HAVE_SELINUX */	#endif /* HAVE_SELINUX */
	#ifdef HAVE_PRIV_SET
	/* Only free the first instance of privs/limitprivs. */
	if (cs->privs != privs) {
	privs = cs->privs;
	efree(cs->privs);
	}
	if (cs->limitprivs != limitprivs) {
	limitprivs = cs->limitprivs;
	efree(cs->limitprivs);
	}
	#endif /* HAVE_PRIV_SET */
if (tq_last(&cs->runasuserlist) != runasuser) {	if (tq_last(&cs->runasuserlist) != runasuser) {
runasuser = tq_last(&cs->runasuserlist);	runasuser = tq_last(&cs->runasuserlist);
while ((m = tq_pop(&cs->runasuserlist)) != NULL) {	while ((m = tq_pop(&cs->runasuserlist)) != NULL) {

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.1.1.2
changed lines
	Added in v.1.1.1.3