Annotation of embedaddon/sudo/src/sudo.h, revision 1.1.1.3
1.1 misho 1: /*
1.1.1.2 misho 2: * Copyright (c) 1993-1996, 1998-2005, 2007-2012
1.1 misho 3: * Todd C. Miller <Todd.Miller@courtesan.com>
4: *
5: * Permission to use, copy, modify, and distribute this software for any
6: * purpose with or without fee is hereby granted, provided that the above
7: * copyright notice and this permission notice appear in all copies.
8: *
9: * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10: * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11: * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12: * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13: * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14: * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15: * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16: *
17: * Sponsored in part by the Defense Advanced Research Projects
18: * Agency (DARPA) and Air Force Research Laboratory, Air Force
19: * Materiel Command, USAF, under agreement number F39502-99-1-0512.
20: *
21: * $Sudo: sudo.h,v 1.290 2009/12/12 16:12:26 millert Exp $
22: */
23:
24: #ifndef _SUDO_SUDO_H
25: #define _SUDO_SUDO_H
26:
27: #include <limits.h>
28: #include <pathnames.h>
1.1.1.2 misho 29: #ifdef HAVE_STDBOOL_H
30: # include <stdbool.h>
31: #else
32: # include "compat/stdbool.h"
33: #endif /* HAVE_STDBOOL_H */
1.1 misho 34:
35: #include "missing.h"
36: #include "alloc.h"
37: #include "error.h"
38: #include "fileops.h"
39: #include "list.h"
1.1.1.2 misho 40: #include "sudo_conf.h"
41: #include "sudo_debug.h"
1.1 misho 42: #include "gettext.h"
43:
1.1.1.3 ! misho 44: #ifdef HAVE_PRIV_SET
! 45: # include <priv.h>
! 46: #endif
! 47:
1.1 misho 48: #ifdef __TANDEM
49: # define ROOT_UID 65535
50: #else
51: # define ROOT_UID 0
52: #endif
53:
54: /*
55: * Various modes sudo can be in (based on arguments) in hex
56: */
57: #define MODE_RUN 0x00000001
58: #define MODE_EDIT 0x00000002
59: #define MODE_VALIDATE 0x00000004
60: #define MODE_INVALIDATE 0x00000008
61: #define MODE_KILL 0x00000010
62: #define MODE_VERSION 0x00000020
63: #define MODE_HELP 0x00000040
64: #define MODE_LIST 0x00000080
65: #define MODE_CHECK 0x00000100
66: #define MODE_MASK 0x0000ffff
67:
68: /* Mode flags */
69: /* XXX - prune this */
70: #define MODE_BACKGROUND 0x00010000
71: #define MODE_SHELL 0x00020000
72: #define MODE_LOGIN_SHELL 0x00040000
73: #define MODE_IMPLIED_SHELL 0x00080000
74: #define MODE_RESET_HOME 0x00100000
75: #define MODE_PRESERVE_GROUPS 0x00200000
76: #define MODE_PRESERVE_ENV 0x00400000
77: #define MODE_NONINTERACTIVE 0x00800000
78: #define MODE_LONG_LIST 0x01000000
79:
80: /*
81: * We used to use the system definition of PASS_MAX or _PASSWD_LEN,
82: * but that caused problems with various alternate authentication
83: * methods. So, we just define our own and assume that it is >= the
84: * system max.
85: */
86: #define SUDO_PASS_MAX 256
87:
88: /*
89: * Flags for tgetpass()
90: */
91: #define TGP_NOECHO 0x00 /* turn echo off reading pw (default) */
92: #define TGP_ECHO 0x01 /* leave echo on when reading passwd */
93: #define TGP_STDIN 0x02 /* read from stdin, not /dev/tty */
94: #define TGP_ASKPASS 0x04 /* read from askpass helper program */
95: #define TGP_MASK 0x08 /* mask user input when reading */
96: #define TGP_NOECHO_TRY 0x10 /* turn off echo if possible */
97:
98: struct user_details {
1.1.1.2 misho 99: pid_t pid;
100: pid_t ppid;
101: pid_t pgid;
102: pid_t tcpgid;
103: pid_t sid;
1.1 misho 104: uid_t uid;
105: uid_t euid;
106: uid_t gid;
107: uid_t egid;
108: const char *username;
109: const char *cwd;
110: const char *tty;
111: const char *host;
112: const char *shell;
113: GETGROUPS_T *groups;
114: int ngroups;
115: int ts_cols;
116: int ts_lines;
117: };
118:
119: #define CD_SET_UID 0x0001
120: #define CD_SET_EUID 0x0002
121: #define CD_SET_GID 0x0004
122: #define CD_SET_EGID 0x0008
123: #define CD_PRESERVE_GROUPS 0x0010
124: #define CD_NOEXEC 0x0020
125: #define CD_SET_PRIORITY 0x0040
126: #define CD_SET_UMASK 0x0080
127: #define CD_SET_TIMEOUT 0x0100
128: #define CD_SUDOEDIT 0x0200
129: #define CD_BACKGROUND 0x0400
130: #define CD_RBAC_ENABLED 0x0800
131: #define CD_USE_PTY 0x1000
132: #define CD_SET_UTMP 0x2000
133:
134: struct command_details {
135: uid_t uid;
136: uid_t euid;
137: gid_t gid;
138: gid_t egid;
139: mode_t umask;
140: int priority;
141: int timeout;
142: int ngroups;
143: int closefrom;
144: int flags;
1.1.1.2 misho 145: struct passwd *pw;
1.1 misho 146: GETGROUPS_T *groups;
147: const char *command;
148: const char *cwd;
149: const char *login_class;
150: const char *chroot;
151: const char *selinux_role;
152: const char *selinux_type;
153: const char *utmp_user;
154: char **argv;
155: char **envp;
1.1.1.3 ! misho 156: #ifdef HAVE_PRIV_SET
! 157: priv_set_t *privs;
! 158: priv_set_t *limitprivs;
! 159: #endif
1.1 misho 160: };
161:
162: /* Status passed between parent and child via socketpair */
163: struct command_status {
164: #define CMD_INVALID 0
165: #define CMD_ERRNO 1
166: #define CMD_WSTATUS 2
167: #define CMD_SIGNO 3
1.1.1.3 ! misho 168: #define CMD_PID 4
1.1 misho 169: int type;
170: int val;
171: };
172:
173: struct timeval;
174:
175: /* For error() and errorx() (XXX - needed?) */
176: void cleanup(int);
177:
178: /* tgetpass.c */
179: char *tgetpass(const char *, int, int);
180: int tty_present(void);
181:
182: /* zero_bytes.c */
183: void zero_bytes(volatile void *, size_t);
184:
185: /* exec.c */
1.1.1.2 misho 186: int sudo_execute(struct command_details *details, struct command_status *cstat);
1.1 misho 187: void save_signals(void);
188: void restore_signals(void);
189:
190: /* term.c */
191: int term_cbreak(int);
192: int term_copy(int, int);
193: int term_noecho(int);
194: int term_raw(int, int);
195: int term_restore(int, int);
196:
197: /* fmt_string.h */
198: char *fmt_string(const char *var, const char *value);
199:
200: /* atobool.c */
1.1.1.2 misho 201: bool atobool(const char *str);
1.1 misho 202:
203: /* parse_args.c */
204: int parse_args(int argc, char **argv, int *nargc, char ***nargv,
205: char ***settingsp, char ***env_addp);
206: extern int tgetpass_flags;
207:
208: /* get_pty.c */
209: int get_pty(int *master, int *slave, char *name, size_t namesz, uid_t uid);
210:
211: /* ttysize.c */
212: void get_ttysize(int *rowp, int *colp);
213:
214: /* sudo.c */
1.1.1.2 misho 215: bool exec_setup(struct command_details *details, const char *ptyname, int ptyfd);
216: int policy_init_session(struct command_details *details);
1.1 misho 217: int run_command(struct command_details *details);
218: extern const char *list_user, *runas_user, *runas_group;
219: extern struct user_details user_details;
220:
221: /* sudo_edit.c */
222: int sudo_edit(struct command_details *details);
223:
224: /* parse_args.c */
225: void usage(int);
226:
227: /* selinux.c */
228: int selinux_restore_tty(void);
229: int selinux_setup(const char *role, const char *type, const char *ttyn,
230: int ttyfd);
1.1.1.2 misho 231: void selinux_execve(const char *path, char *const argv[], char *const envp[],
232: int noexec);
1.1 misho 233:
234: /* aix.c */
235: void aix_prep_user(char *user, const char *tty);
236: void aix_restoreauthdb(void);
237: void aix_setauthdb(char *user);
238:
1.1.1.2 misho 239: /* hooks.c */
240: /* XXX - move to sudo_plugin_int.h? */
241: struct sudo_hook;
242: int register_hook(struct sudo_hook *hook);
243: int deregister_hook(struct sudo_hook *hook);
244: int process_hooks_getenv(const char *name, char **val);
245: int process_hooks_setenv(const char *name, const char *value, int overwrite);
246: int process_hooks_putenv(char *string);
247: int process_hooks_unsetenv(const char *name);
248:
1.1.1.3 ! misho 249: /* env_hooks.c */
! 250: char *getenv_unhooked(const char *name);
! 251:
1.1 misho 252: /* interfaces.c */
253: int get_net_ifs(char **addrinfo);
254:
255: /* setgroups.c */
256: int sudo_setgroups(int ngids, const GETGROUPS_T *gids);
257:
1.1.1.2 misho 258: /* ttyname.c */
259: char *get_process_ttyname(void);
260:
1.1 misho 261: #endif /* _SUDO_SUDO_H */
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to sudo.h CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / sudo / src