|
version 1.1.1.2, 2012/05/29 12:26:49
|
version 1.1.1.3, 2012/10/09 09:29:52
|
|
Line 96 sudo_file_close(struct sudo_nss *nss)
|
Line 96 sudo_file_close(struct sudo_nss *nss)
|
| debug_decl(sudo_file_close, SUDO_DEBUG_NSS) |
debug_decl(sudo_file_close, SUDO_DEBUG_NSS) |
| |
|
| /* Free parser data structures and close sudoers file. */ |
/* Free parser data structures and close sudoers file. */ |
| init_parser(NULL, 0); | init_parser(NULL, false); |
| if (nss->handle != NULL) { |
if (nss->handle != NULL) { |
| fclose(nss->handle); |
fclose(nss->handle); |
| nss->handle = NULL; |
nss->handle = NULL; |
|
Line 116 sudo_file_parse(struct sudo_nss *nss)
|
Line 116 sudo_file_parse(struct sudo_nss *nss)
|
| if (nss->handle == NULL) |
if (nss->handle == NULL) |
| debug_return_int(-1); |
debug_return_int(-1); |
| |
|
| init_parser(sudoers_file, 0); | init_parser(sudoers_file, false); |
| yyin = nss->handle; |
yyin = nss->handle; |
| if (yyparse() != 0 || parse_error) { |
if (yyparse() != 0 || parse_error) { |
| if (errorlineno != -1) { |
if (errorlineno != -1) { |
|
Line 158 sudo_file_lookup(struct sudo_nss *nss, int validated,
|
Line 158 sudo_file_lookup(struct sudo_nss *nss, int validated,
|
| struct cmndtag *tags = NULL; |
struct cmndtag *tags = NULL; |
| struct privilege *priv; |
struct privilege *priv; |
| struct userspec *us; |
struct userspec *us; |
| |
struct member *matching_user; |
| debug_decl(sudo_file_lookup, SUDO_DEBUG_NSS) |
debug_decl(sudo_file_lookup, SUDO_DEBUG_NSS) |
| |
|
| if (nss->handle == NULL) |
if (nss->handle == NULL) |
|
Line 225 sudo_file_lookup(struct sudo_nss *nss, int validated,
|
Line 226 sudo_file_lookup(struct sudo_nss *nss, int validated,
|
| else |
else |
| continue; |
continue; |
| tq_foreach_rev(&priv->cmndlist, cs) { |
tq_foreach_rev(&priv->cmndlist, cs) { |
| |
matching_user = NULL; |
| runas_match = runaslist_matches(&cs->runasuserlist, |
runas_match = runaslist_matches(&cs->runasuserlist, |
| &cs->runasgrouplist); | &cs->runasgrouplist, &matching_user, NULL); |
| if (runas_match == ALLOW) { |
if (runas_match == ALLOW) { |
| cmnd_match = cmnd_matches(cs->cmnd); |
cmnd_match = cmnd_matches(cs->cmnd); |
| if (cmnd_match != UNSPEC) { |
if (cmnd_match != UNSPEC) { |
|
Line 239 sudo_file_lookup(struct sudo_nss *nss, int validated,
|
Line 241 sudo_file_lookup(struct sudo_nss *nss, int validated,
|
| if (user_type == NULL) |
if (user_type == NULL) |
| user_type = cs->type ? estrdup(cs->type) : def_type; |
user_type = cs->type ? estrdup(cs->type) : def_type; |
| #endif /* HAVE_SELINUX */ |
#endif /* HAVE_SELINUX */ |
| |
#ifdef HAVE_PRIV_SET |
| |
/* Set Solaris privilege sets */ |
| |
if (runas_privs == NULL) |
| |
runas_privs = cs->privs ? estrdup(cs->privs) : def_privs; |
| |
if (runas_limitprivs == NULL) |
| |
runas_limitprivs = cs->limitprivs ? estrdup(cs->limitprivs) : def_limitprivs; |
| |
#endif /* HAVE_PRIV_SET */ |
| |
/* |
| |
* If user is running command as himself, |
| |
* set runas_pw = sudo_user.pw. |
| |
* XXX - hack, want more general solution |
| |
*/ |
| |
if (matching_user && matching_user->type == MYSELF) { |
| |
sudo_pw_delref(runas_pw); |
| |
sudo_pw_addref(sudo_user.pw); |
| |
runas_pw = sudo_user.pw; |
| |
} |
| goto matched2; |
goto matched2; |
| } |
} |
| } |
} |
|
Line 281 sudo_file_append_cmnd(struct cmndspec *cs, struct cmnd
|
Line 300 sudo_file_append_cmnd(struct cmndspec *cs, struct cmnd
|
| struct member *m; |
struct member *m; |
| debug_decl(sudo_file_append_cmnd, SUDO_DEBUG_NSS) |
debug_decl(sudo_file_append_cmnd, SUDO_DEBUG_NSS) |
| |
|
| |
#ifdef HAVE_PRIV_SET |
| |
if (cs->privs) |
| |
lbuf_append(lbuf, "PRIVS=\"%s\" ", cs->privs); |
| |
if (cs->limitprivs) |
| |
lbuf_append(lbuf, "LIMITPRIVS=\"%s\" ", cs->limitprivs); |
| |
#endif /* HAVE_PRIV_SET */ |
| #ifdef HAVE_SELINUX |
#ifdef HAVE_SELINUX |
| if (cs->role) |
if (cs->role) |
| lbuf_append(lbuf, "ROLE=%s ", cs->role); |
lbuf_append(lbuf, "ROLE=%s ", cs->role); |
|
Line 600 sudo_file_display_cmnd(struct sudo_nss *nss, struct pa
|
Line 625 sudo_file_display_cmnd(struct sudo_nss *nss, struct pa
|
| continue; |
continue; |
| tq_foreach_rev(&priv->cmndlist, cs) { |
tq_foreach_rev(&priv->cmndlist, cs) { |
| runas_match = runaslist_matches(&cs->runasuserlist, |
runas_match = runaslist_matches(&cs->runasuserlist, |
| &cs->runasgrouplist); | &cs->runasgrouplist, NULL, NULL); |
| if (runas_match == ALLOW) { |
if (runas_match == ALLOW) { |
| cmnd_match = cmnd_matches(cs->cmnd); |
cmnd_match = cmnd_matches(cs->cmnd); |
| if (cmnd_match != UNSPEC) { |
if (cmnd_match != UNSPEC) { |
|
Line 636 _print_member(struct lbuf *lbuf, char *name, int type,
|
Line 661 _print_member(struct lbuf *lbuf, char *name, int type,
|
| switch (type) { |
switch (type) { |
| case ALL: |
case ALL: |
| lbuf_append(lbuf, "%sALL", negated ? "!" : ""); |
lbuf_append(lbuf, "%sALL", negated ? "!" : ""); |
| |
break; |
| |
case MYSELF: |
| |
lbuf_append(lbuf, "%s%s", negated ? "!" : "", user_name); |
| break; |
break; |
| case COMMAND: |
case COMMAND: |
| c = (struct sudo_command *) name; |
c = (struct sudo_command *) name; |
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to parse.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / sudo / plugins / sudoers