|
version 1.1, 2012/02/21 16:23:02
|
version 1.1.1.4, 2013/07/22 10:46:12
|
|
Line 1
|
Line 1
|
| /* |
/* |
| * Copyright (c) 1996, 1998-2000, 2004, 2007-2011 | * Copyright (c) 1996, 1998-2000, 2004, 2007-2013 |
| * Todd C. Miller <Todd.Miller@courtesan.com> |
* Todd C. Miller <Todd.Miller@courtesan.com> |
| * |
* |
| * Permission to use, copy, modify, and distribute this software for any |
* Permission to use, copy, modify, and distribute this software for any |
|
Line 15
|
Line 15
|
| * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
| */ |
*/ |
| |
|
| #ifndef _SUDO_PARSE_H | #ifndef _SUDOERS_PARSE_H |
| #define _SUDO_PARSE_H | #define _SUDOERS_PARSE_H |
| |
|
| #undef UNSPEC |
#undef UNSPEC |
| #define UNSPEC -1 |
#define UNSPEC -1 |
|
Line 27
|
Line 27
|
| #undef IMPLIED |
#undef IMPLIED |
| #define IMPLIED 2 |
#define IMPLIED 2 |
| |
|
| |
#define SUDO_DIGEST_SHA224 0 |
| |
#define SUDO_DIGEST_SHA256 1 |
| |
#define SUDO_DIGEST_SHA384 2 |
| |
#define SUDO_DIGEST_SHA512 3 |
| |
#define SUDO_DIGEST_INVALID 4 |
| |
|
| |
struct sudo_digest { |
| |
int digest_type; |
| |
char *digest_str; |
| |
}; |
| |
|
| /* |
/* |
| * A command with args. XXX - merge into struct member. | * A command with option args and digest. |
| | * XXX - merge into struct member |
| */ |
*/ |
| struct sudo_command { |
struct sudo_command { |
| char *cmnd; |
char *cmnd; |
| char *args; |
char *args; |
| |
struct sudo_digest *digest; |
| }; |
}; |
| |
|
| /* |
/* |
| * Tags associated with a command. |
* Tags associated with a command. |
| * Possible valus: TRUE, FALSE, UNSPEC. | * Possible values: true, false, IMPLIED, UNSPEC. |
| */ |
*/ |
| struct cmndtag { |
struct cmndtag { |
| __signed int nopasswd: 3; |
__signed int nopasswd: 3; |
|
Line 57 struct selinux_info {
|
Line 70 struct selinux_info {
|
| }; |
}; |
| |
|
| /* |
/* |
| * The parses sudoers file is stored as a collection of linked lists, | * Solaris privileges container struct |
| | * Currently just contains permitted and limit privileges. |
| | * It could have PFEXEC and PRIV_AWARE flags added in the future. |
| | */ |
| | struct solaris_privs_info { |
| | char *privs; |
| | char *limitprivs; |
| | }; |
| | |
| | /* |
| | * The parsed sudoers file is stored as a collection of linked lists, |
| * modelled after the yacc grammar. |
* modelled after the yacc grammar. |
| * |
* |
| * Other than the alias struct, which is stored in a red-black tree, |
* Other than the alias struct, which is stored in a red-black tree, |
|
Line 107 struct cmndspec {
|
Line 130 struct cmndspec {
|
| struct member_list runasuserlist; /* list of runas users */ |
struct member_list runasuserlist; /* list of runas users */ |
| struct member_list runasgrouplist; /* list of runas groups */ |
struct member_list runasgrouplist; /* list of runas groups */ |
| struct member *cmnd; /* command to allow/deny */ |
struct member *cmnd; /* command to allow/deny */ |
| |
char *digest; /* optional command digest */ |
| struct cmndtag tags; /* tag specificaion */ |
struct cmndtag tags; /* tag specificaion */ |
| #ifdef HAVE_SELINUX |
#ifdef HAVE_SELINUX |
| char *role, *type; /* SELinux role and type */ |
char *role, *type; /* SELinux role and type */ |
| #endif |
#endif |
| |
#ifdef HAVE_PRIV_SET |
| |
char *privs, *limitprivs; /* Solaris privilege sets */ |
| |
#endif |
| }; |
}; |
| |
|
| /* |
/* |
|
Line 135 struct runascontainer {
|
Line 162 struct runascontainer {
|
| struct alias { |
struct alias { |
| char *name; /* alias name */ |
char *name; /* alias name */ |
| unsigned short type; /* {USER,HOST,RUNAS,CMND}ALIAS */ |
unsigned short type; /* {USER,HOST,RUNAS,CMND}ALIAS */ |
| unsigned short seqno; /* sequence number */ | bool used; /* "use bool used; /* "used" flag for cycle detection */ |
| struct member_list members; /* list of alias members */ |
struct member_list members; /* list of alias members */ |
| }; |
}; |
| |
|
|
Line 148 struct defaults {
|
Line 175 struct defaults {
|
| char *val; /* variable value */ |
char *val; /* variable value */ |
| struct member_list binding; /* user/host/runas binding */ |
struct member_list binding; /* user/host/runas binding */ |
| int type; /* DEFAULTS{,_USER,_RUNAS,_HOST} */ |
int type; /* DEFAULTS{,_USER,_RUNAS,_HOST} */ |
| int op; /* TRUE, FALSE, '+', '-' */ | int op; /* true, false, '+', '-' */ |
| }; |
}; |
| |
|
| /* |
/* |
|
Line 157 struct defaults {
|
Line 184 struct defaults {
|
| extern struct userspec_list userspecs; |
extern struct userspec_list userspecs; |
| extern struct defaults_list defaults; |
extern struct defaults_list defaults; |
| |
|
| /* | /* alias.c */ |
| * Alias sequence number to avoid loops. | bool no_aliases(void); |
| */ | char *alias_add(char *name, int type, struct member *members); |
| extern unsigned int alias_seqno; | int alias_compare(const void *a1, const void *a2); |
| struct alias *alias_get(char *name, int type); |
| /* | struct alias *alias_remove(char *name, int type); |
| * Prototypes | void alias_apply(int (*func)(void *, void *), void *cookie); |
| */ | void alias_free(void *a); |
| char *alias_add(char *, int, struct member *); | void alias_put(struct alias *a); |
| int addr_matches(char *); | |
| int cmnd_matches(struct member *); | |
| int cmndlist_matches(struct member_list *); | |
| int command_matches(char *, char *); | |
| int hostlist_matches(struct member_list *); | |
| int hostname_matches(char *, char *, char *); | |
| int netgr_matches(char *, char *, char *, char *); | |
| int no_aliases(void); | |
| int runaslist_matches(struct member_list *, struct member_list *); | |
| int userlist_matches(struct passwd *, struct member_list *); | |
| int usergr_matches(char *, char *, struct passwd *); | |
| int userpw_matches(char *, char *, struct passwd *); | |
| int group_matches(char *, struct group *); | |
| struct alias *alias_find(char *, int); | |
| struct alias *alias_remove(char *, int); | |
| void alias_free(void *); | |
| void alias_apply(int (*)(void *, void *), void *); | |
| void init_aliases(void); |
void init_aliases(void); |
| |
|
| |
/* gram.c */ |
| |
void init_parser(const char *, bool); |
| |
|
| |
/* match_addr.c */ |
| |
bool addr_matches(char *n); |
| |
|
| |
/* match.c */ |
| |
bool command_matches(char *sudoers_cmnd, char *sudoers_args, struct sudo_digest *digest); |
| |
bool group_matches(char *sudoers_group, struct group *gr); |
| |
bool hostname_matches(char *shost, char *lhost, char *pattern); |
| |
bool netgr_matches(char *netgr, char *lhost, char *shost, char *user); |
| |
bool usergr_matches(char *group, char *user, struct passwd *pw); |
| |
bool userpw_matches(char *sudoers_user, char *user, struct passwd *pw); |
| |
int cmnd_matches(struct member *m); |
| |
int cmndlist_matches(struct member_list *list); |
| |
int hostlist_matches(struct member_list *list); |
| |
int runaslist_matches(struct member_list *user_list, struct member_list *group_list, struct member **matching_user, struct member **matching_group); |
| |
int userlist_matches(struct passwd *pw, struct member_list *list); |
| |
|
| |
/* toke.c */ |
| void init_lexer(void); |
void init_lexer(void); |
| void init_parser(const char *, int); |
|
| int alias_compare(const void *, const void *); |
|
| |
|
| #endif /* _SUDO_PARSE_H */ | /* hexchar.c */ |
| | int hexchar(const char *s); |
| | |
| | /* base64.c */ |
| | size_t base64_decode(const char *str, unsigned char *dst, size_t dsize); |
| | |
| | #endif /* _SUDOERS_PARSE_H */ |
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to parse.h CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / sudo / plugins / sudoers