version 1.1.1.3, 2012/10/09 09:29:52
|
version 1.1.1.5, 2013/10/14 07:56:35
|
Line 1
|
Line 1
|
/* |
/* |
* Copyright (c) 1996, 1998-2005, 2007-2012 | * Copyright (c) 1996, 1998-2005, 2007-2013 |
* Todd C. Miller <Todd.Miller@courtesan.com> |
* Todd C. Miller <Todd.Miller@courtesan.com> |
* |
* |
* Permission to use, copy, modify, and distribute this software for any |
* Permission to use, copy, modify, and distribute this software for any |
Line 25
|
Line 25
|
|
|
#include <config.h> |
#include <config.h> |
|
|
#include <sys/param.h> |
|
#include <sys/types.h> |
#include <sys/types.h> |
#include <sys/stat.h> |
#include <sys/stat.h> |
#include <sys/socket.h> |
#include <sys/socket.h> |
Line 59
|
Line 58
|
#include <errno.h> |
#include <errno.h> |
#include <netinet/in.h> |
#include <netinet/in.h> |
#include <arpa/inet.h> |
#include <arpa/inet.h> |
#include <netdb.h> |
|
#ifdef HAVE_SETLOCALE |
|
# include <locale.h> |
|
#endif |
|
|
|
#include "tsgetgrpw.h" |
#include "tsgetgrpw.h" |
#include "sudoers.h" |
#include "sudoers.h" |
Line 81 void print_defaults(void);
|
Line 76 void print_defaults(void);
|
void print_privilege(struct privilege *); |
void print_privilege(struct privilege *); |
void print_userspecs(void); |
void print_userspecs(void); |
void usage(void) __attribute__((__noreturn__)); |
void usage(void) __attribute__((__noreturn__)); |
void cleanup(int); |
|
static void set_runaspw(const char *); |
static void set_runaspw(const char *); |
static void set_runasgr(const char *); |
static void set_runasgr(const char *); |
static int cb_runas_default(const char *); |
static int cb_runas_default(const char *); |
static int testsudoers_printf(int msg_type, const char *fmt, ...); |
|
static int testsudoers_print(const char *msg); |
static int testsudoers_print(const char *msg); |
|
|
extern void setgrfile(const char *); |
extern void setgrfile(const char *); |
Line 106 extern int (*trace_print)(const char *msg);
|
Line 99 extern int (*trace_print)(const char *msg);
|
/* |
/* |
* Globals |
* Globals |
*/ |
*/ |
struct interface *interfaces; |
|
struct sudo_user sudo_user; |
struct sudo_user sudo_user; |
struct passwd *list_pw; |
struct passwd *list_pw; |
static char *runas_group, *runas_user; |
static char *runas_group, *runas_user; |
extern int errorlineno; |
extern int errorlineno; |
extern bool parse_error; |
extern bool parse_error; |
extern char *errorfile; |
extern char *errorfile; |
sudo_printf_t sudo_printf = testsudoers_printf; |
|
sudo_conv_t sudo_conv; /* NULL in non-plugin */ |
|
|
|
/* For getopt(3) */ |
/* For getopt(3) */ |
extern char *optarg; |
extern char *optarg; |
Line 124 extern int optind;
|
Line 114 extern int optind;
|
extern char *malloc_options; |
extern char *malloc_options; |
#endif |
#endif |
#ifdef YYDEBUG |
#ifdef YYDEBUG |
extern int yydebug; | extern int sudoersdebug; |
#endif |
#endif |
|
|
|
__dso_public int main(int argc, char *argv[]); |
|
|
int |
int |
main(int argc, char *argv[]) |
main(int argc, char *argv[]) |
{ |
{ |
Line 134 main(int argc, char *argv[])
|
Line 126 main(int argc, char *argv[])
|
struct privilege *priv; |
struct privilege *priv; |
struct userspec *us; |
struct userspec *us; |
char *p, *grfile, *pwfile; |
char *p, *grfile, *pwfile; |
char hbuf[MAXHOSTNAMELEN + 1]; | char hbuf[HOST_NAME_MAX + 1]; |
int match, host_match, runas_match, cmnd_match; |
int match, host_match, runas_match, cmnd_match; |
int ch, dflag, exitcode = 0; |
int ch, dflag, exitcode = 0; |
debug_decl(main, SUDO_DEBUG_MAIN) |
debug_decl(main, SUDO_DEBUG_MAIN) |
Line 143 main(int argc, char *argv[])
|
Line 135 main(int argc, char *argv[])
|
malloc_options = "AFGJPR"; |
malloc_options = "AFGJPR"; |
#endif |
#endif |
#ifdef YYDEBUG |
#ifdef YYDEBUG |
yydebug = 1; | sudoersdebug = 1; |
#endif |
#endif |
|
|
#if !defined(HAVE_GETPROGNAME) && !defined(HAVE___PROGNAME) |
#if !defined(HAVE_GETPROGNAME) && !defined(HAVE___PROGNAME) |
setprogname(argc > 0 ? argv[0] : "testsudoers"); |
setprogname(argc > 0 ? argv[0] : "testsudoers"); |
#endif |
#endif |
|
|
#ifdef HAVE_SETLOCALE | sudoers_setlocale(SUDOERS_LOCALE_USER, NULL); |
setlocale(LC_ALL, ""); | |
#endif | |
bindtextdomain("sudoers", LOCALEDIR); /* XXX - should have own domain */ |
bindtextdomain("sudoers", LOCALEDIR); /* XXX - should have own domain */ |
textdomain("sudoers"); |
textdomain("sudoers"); |
|
|
/* Read sudo.conf. */ |
/* Read sudo.conf. */ |
sudo_conf_read(); | sudo_conf_read(NULL); |
|
|
dflag = 0; |
dflag = 0; |
grfile = pwfile = NULL; |
grfile = pwfile = NULL; |
Line 222 main(int argc, char *argv[])
|
Line 212 main(int argc, char *argv[])
|
argc -= 2; |
argc -= 2; |
} |
} |
if ((sudo_user.pw = sudo_getpwnam(user_name)) == NULL) |
if ((sudo_user.pw = sudo_getpwnam(user_name)) == NULL) |
errorx(1, _("unknown user: %s"), user_name); | fatalx(_("unknown user: %s"), user_name); |
|
|
if (user_host == NULL) { |
if (user_host == NULL) { |
if (gethostname(hbuf, sizeof(hbuf)) != 0) |
if (gethostname(hbuf, sizeof(hbuf)) != 0) |
error(1, "gethostname"); | fatal("gethostname"); |
hbuf[sizeof(hbuf) - 1] = '\0'; |
hbuf[sizeof(hbuf) - 1] = '\0'; |
user_host = hbuf; |
user_host = hbuf; |
} |
} |
Line 237 main(int argc, char *argv[])
|
Line 227 main(int argc, char *argv[])
|
} else { |
} else { |
user_shost = user_host; |
user_shost = user_host; |
} |
} |
|
user_runhost = user_host; |
|
user_srunhost = user_shost; |
|
|
/* Fill in user_args from argv. */ |
/* Fill in user_args from argv. */ |
if (argc > 0) { |
if (argc > 0) { |
Line 250 main(int argc, char *argv[])
|
Line 242 main(int argc, char *argv[])
|
for (to = user_args, from = argv; *from; from++) { |
for (to = user_args, from = argv; *from; from++) { |
n = strlcpy(to, *from, size - (to - user_args)); |
n = strlcpy(to, *from, size - (to - user_args)); |
if (n >= size - (to - user_args)) |
if (n >= size - (to - user_args)) |
errorx(1, _("internal error, %s overflow"), "init_vars()"); | fatalx(_("internal error, %s overflow"), "init_vars()"); |
to += n; |
to += n; |
*to++ = ' '; |
*to++ = ' '; |
} |
} |
Line 270 main(int argc, char *argv[])
|
Line 262 main(int argc, char *argv[])
|
/* Allocate space for data structures in the parser. */ |
/* Allocate space for data structures in the parser. */ |
init_parser("sudoers", false); |
init_parser("sudoers", false); |
|
|
if (yyparse() != 0 || parse_error) { | if (sudoersparse() != 0 || parse_error) { |
parse_error = true; |
parse_error = true; |
if (errorlineno != -1) |
if (errorlineno != -1) |
(void) printf("Parse error in %s near line %d", |
(void) printf("Parse error in %s near line %d", |
Line 366 set_runaspw(const char *user)
|
Line 358 set_runaspw(const char *user)
|
runas_pw = sudo_fakepwnam(user, runas_gr ? runas_gr->gr_gid : 0); |
runas_pw = sudo_fakepwnam(user, runas_gr ? runas_gr->gr_gid : 0); |
} else { |
} else { |
if ((runas_pw = sudo_getpwnam(user)) == NULL) |
if ((runas_pw = sudo_getpwnam(user)) == NULL) |
errorx(1, _("unknown user: %s"), user); | fatalx(_("unknown user: %s"), user); |
} |
} |
|
|
debug_return; |
debug_return; |
Line 384 set_runasgr(const char *group)
|
Line 376 set_runasgr(const char *group)
|
runas_gr = sudo_fakegrnam(group); |
runas_gr = sudo_fakegrnam(group); |
} else { |
} else { |
if ((runas_gr = sudo_getgrnam(group)) == NULL) |
if ((runas_gr = sudo_getgrnam(group)) == NULL) |
errorx(1, _("unknown group: %s"), group); | fatalx(_("unknown group: %s"), group); |
} |
} |
|
|
debug_return; |
debug_return; |
Line 414 sudo_endspent(void)
|
Line 406 sudo_endspent(void)
|
return; |
return; |
} |
} |
|
|
void |
|
set_fqdn(void) |
|
{ |
|
return; |
|
} |
|
|
|
FILE * |
FILE * |
open_sudoers(const char *sudoers, bool doedit, bool *keepopen) |
open_sudoers(const char *sudoers, bool doedit, bool *keepopen) |
{ |
{ |
Line 479 restore_perms(void)
|
Line 465 restore_perms(void)
|
} |
} |
|
|
void |
void |
cleanup(int gotsignal) |
|
{ |
|
if (!gotsignal) { |
|
sudo_endpwent(); |
|
sudo_endgrent(); |
|
} |
|
} |
|
|
|
void |
|
print_member(struct member *m) |
print_member(struct member *m) |
{ |
{ |
struct sudo_command *c; |
struct sudo_command *c; |
Line 603 print_privilege(struct privilege *priv)
|
Line 580 print_privilege(struct privilege *priv)
|
print_member(m); |
print_member(m); |
} |
} |
fputs(" = ", stdout); |
fputs(" = ", stdout); |
tags.nopasswd = tags.noexec = UNSPEC; | tags.nopasswd = UNSPEC; |
| tags.noexec = UNSPEC; |
tq_foreach_fwd(&p->cmndlist, cs) { |
tq_foreach_fwd(&p->cmndlist, cs) { |
if (cs != tq_first(&p->cmndlist)) |
if (cs != tq_first(&p->cmndlist)) |
fputs(", ", stdout); |
fputs(", ", stdout); |
Line 671 print_userspecs(void)
|
Line 649 print_userspecs(void)
|
putchar('\n'); |
putchar('\n'); |
} |
} |
debug_return; |
debug_return; |
} |
|
|
|
static int |
|
testsudoers_printf(int msg_type, const char *fmt, ...) |
|
{ |
|
va_list ap; |
|
FILE *fp; |
|
debug_decl(testsudoers_printf, SUDO_DEBUG_UTIL) |
|
|
|
switch (msg_type) { |
|
case SUDO_CONV_INFO_MSG: |
|
fp = stdout; |
|
break; |
|
case SUDO_CONV_ERROR_MSG: |
|
fp = stderr; |
|
break; |
|
default: |
|
errno = EINVAL; |
|
debug_return_int(-1); |
|
} |
|
|
|
va_start(ap, fmt); |
|
vfprintf(fp, fmt, ap); |
|
va_end(ap); |
|
|
|
debug_return_int(0); |
|
} |
} |
|
|
void |
void |