Annotation of embedaddon/sudo/src/sudo.h, revision 1.1.1.4
1.1 misho 1: /*
1.1.1.4 ! misho 2: * Copyright (c) 1993-1996, 1998-2005, 2007-2013
1.1 misho 3: * Todd C. Miller <Todd.Miller@courtesan.com>
4: *
5: * Permission to use, copy, modify, and distribute this software for any
6: * purpose with or without fee is hereby granted, provided that the above
7: * copyright notice and this permission notice appear in all copies.
8: *
9: * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10: * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11: * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12: * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13: * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14: * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15: * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16: *
17: * Sponsored in part by the Defense Advanced Research Projects
18: * Agency (DARPA) and Air Force Research Laboratory, Air Force
19: * Materiel Command, USAF, under agreement number F39502-99-1-0512.
20: */
21:
22: #ifndef _SUDO_SUDO_H
23: #define _SUDO_SUDO_H
24:
25: #include <limits.h>
26: #include <pathnames.h>
1.1.1.2 misho 27: #ifdef HAVE_STDBOOL_H
28: # include <stdbool.h>
29: #else
30: # include "compat/stdbool.h"
31: #endif /* HAVE_STDBOOL_H */
1.1 misho 32:
33: #include "missing.h"
34: #include "alloc.h"
35: #include "error.h"
36: #include "fileops.h"
37: #include "list.h"
1.1.1.2 misho 38: #include "sudo_conf.h"
39: #include "sudo_debug.h"
1.1 misho 40: #include "gettext.h"
41:
1.1.1.3 misho 42: #ifdef HAVE_PRIV_SET
43: # include <priv.h>
44: #endif
45:
1.1 misho 46: #ifdef __TANDEM
1.1.1.4 ! misho 47: # define ROOT_UID 65535
1.1 misho 48: #else
1.1.1.4 ! misho 49: # define ROOT_UID 0
1.1 misho 50: #endif
51:
52: /*
53: * Various modes sudo can be in (based on arguments) in hex
54: */
55: #define MODE_RUN 0x00000001
56: #define MODE_EDIT 0x00000002
57: #define MODE_VALIDATE 0x00000004
58: #define MODE_INVALIDATE 0x00000008
59: #define MODE_KILL 0x00000010
60: #define MODE_VERSION 0x00000020
61: #define MODE_HELP 0x00000040
62: #define MODE_LIST 0x00000080
63: #define MODE_CHECK 0x00000100
64: #define MODE_MASK 0x0000ffff
65:
66: /* Mode flags */
67: /* XXX - prune this */
68: #define MODE_BACKGROUND 0x00010000
69: #define MODE_SHELL 0x00020000
70: #define MODE_LOGIN_SHELL 0x00040000
71: #define MODE_IMPLIED_SHELL 0x00080000
72: #define MODE_RESET_HOME 0x00100000
73: #define MODE_PRESERVE_GROUPS 0x00200000
74: #define MODE_PRESERVE_ENV 0x00400000
75: #define MODE_NONINTERACTIVE 0x00800000
76: #define MODE_LONG_LIST 0x01000000
77:
78: /*
79: * We used to use the system definition of PASS_MAX or _PASSWD_LEN,
80: * but that caused problems with various alternate authentication
81: * methods. So, we just define our own and assume that it is >= the
82: * system max.
83: */
84: #define SUDO_PASS_MAX 256
85:
86: /*
87: * Flags for tgetpass()
88: */
89: #define TGP_NOECHO 0x00 /* turn echo off reading pw (default) */
90: #define TGP_ECHO 0x01 /* leave echo on when reading passwd */
91: #define TGP_STDIN 0x02 /* read from stdin, not /dev/tty */
92: #define TGP_ASKPASS 0x04 /* read from askpass helper program */
93: #define TGP_MASK 0x08 /* mask user input when reading */
94: #define TGP_NOECHO_TRY 0x10 /* turn off echo if possible */
95:
96: struct user_details {
1.1.1.2 misho 97: pid_t pid;
98: pid_t ppid;
99: pid_t pgid;
100: pid_t tcpgid;
101: pid_t sid;
1.1 misho 102: uid_t uid;
103: uid_t euid;
104: uid_t gid;
105: uid_t egid;
106: const char *username;
107: const char *cwd;
108: const char *tty;
109: const char *host;
110: const char *shell;
111: GETGROUPS_T *groups;
112: int ngroups;
113: int ts_cols;
114: int ts_lines;
115: };
116:
117: #define CD_SET_UID 0x0001
118: #define CD_SET_EUID 0x0002
119: #define CD_SET_GID 0x0004
120: #define CD_SET_EGID 0x0008
121: #define CD_PRESERVE_GROUPS 0x0010
122: #define CD_NOEXEC 0x0020
123: #define CD_SET_PRIORITY 0x0040
124: #define CD_SET_UMASK 0x0080
125: #define CD_SET_TIMEOUT 0x0100
126: #define CD_SUDOEDIT 0x0200
127: #define CD_BACKGROUND 0x0400
128: #define CD_RBAC_ENABLED 0x0800
129: #define CD_USE_PTY 0x1000
130: #define CD_SET_UTMP 0x2000
1.1.1.4 ! misho 131: #define CD_EXEC_BG 0x4000
1.1 misho 132:
133: struct command_details {
134: uid_t uid;
135: uid_t euid;
136: gid_t gid;
137: gid_t egid;
138: mode_t umask;
139: int priority;
140: int timeout;
141: int ngroups;
142: int closefrom;
143: int flags;
1.1.1.2 misho 144: struct passwd *pw;
1.1 misho 145: GETGROUPS_T *groups;
146: const char *command;
147: const char *cwd;
148: const char *login_class;
149: const char *chroot;
150: const char *selinux_role;
151: const char *selinux_type;
152: const char *utmp_user;
153: char **argv;
154: char **envp;
1.1.1.3 misho 155: #ifdef HAVE_PRIV_SET
156: priv_set_t *privs;
157: priv_set_t *limitprivs;
158: #endif
1.1 misho 159: };
160:
161: /* Status passed between parent and child via socketpair */
162: struct command_status {
163: #define CMD_INVALID 0
164: #define CMD_ERRNO 1
165: #define CMD_WSTATUS 2
166: #define CMD_SIGNO 3
1.1.1.3 misho 167: #define CMD_PID 4
1.1 misho 168: int type;
169: int val;
170: };
171:
172: struct timeval;
173:
1.1.1.4 ! misho 174: /* For fatal() and fatalx() (XXX - needed?) */
1.1 misho 175: void cleanup(int);
176:
177: /* tgetpass.c */
178: char *tgetpass(const char *, int, int);
179: int tty_present(void);
180:
181: /* zero_bytes.c */
182: void zero_bytes(volatile void *, size_t);
183:
184: /* exec.c */
1.1.1.4 ! misho 185: int pipe_nonblock(int fds[2]);
1.1.1.2 misho 186: int sudo_execute(struct command_details *details, struct command_status *cstat);
1.1 misho 187:
188: /* term.c */
189: int term_cbreak(int);
190: int term_copy(int, int);
191: int term_noecho(int);
192: int term_raw(int, int);
193: int term_restore(int, int);
194:
195: /* fmt_string.h */
196: char *fmt_string(const char *var, const char *value);
197:
198: /* atobool.c */
1.1.1.2 misho 199: bool atobool(const char *str);
1.1 misho 200:
201: /* parse_args.c */
202: int parse_args(int argc, char **argv, int *nargc, char ***nargv,
203: char ***settingsp, char ***env_addp);
204: extern int tgetpass_flags;
205:
206: /* get_pty.c */
207: int get_pty(int *master, int *slave, char *name, size_t namesz, uid_t uid);
208:
209: /* ttysize.c */
210: void get_ttysize(int *rowp, int *colp);
211:
212: /* sudo.c */
1.1.1.2 misho 213: bool exec_setup(struct command_details *details, const char *ptyname, int ptyfd);
214: int policy_init_session(struct command_details *details);
1.1 misho 215: int run_command(struct command_details *details);
1.1.1.4 ! misho 216: int os_init_common(int argc, char *argv[], char *envp[]);
1.1 misho 217: extern const char *list_user, *runas_user, *runas_group;
218: extern struct user_details user_details;
219:
220: /* sudo_edit.c */
221: int sudo_edit(struct command_details *details);
222:
223: /* parse_args.c */
224: void usage(int);
225:
1.1.1.4 ! misho 226: /* openbsd.c */
! 227: int os_init_openbsd(int argc, char *argv[], char *envp[]);
! 228:
1.1 misho 229: /* selinux.c */
230: int selinux_restore_tty(void);
231: int selinux_setup(const char *role, const char *type, const char *ttyn,
232: int ttyfd);
1.1.1.2 misho 233: void selinux_execve(const char *path, char *const argv[], char *const envp[],
234: int noexec);
1.1 misho 235:
1.1.1.4 ! misho 236: /* solaris.c */
! 237: void set_project(struct passwd *);
! 238: int os_init_solaris(int argc, char *argv[], char *envp[]);
! 239:
1.1 misho 240: /* aix.c */
241: void aix_prep_user(char *user, const char *tty);
242: void aix_restoreauthdb(void);
243: void aix_setauthdb(char *user);
244:
1.1.1.2 misho 245: /* hooks.c */
246: /* XXX - move to sudo_plugin_int.h? */
247: struct sudo_hook;
248: int register_hook(struct sudo_hook *hook);
249: int deregister_hook(struct sudo_hook *hook);
250: int process_hooks_getenv(const char *name, char **val);
251: int process_hooks_setenv(const char *name, const char *value, int overwrite);
252: int process_hooks_putenv(char *string);
253: int process_hooks_unsetenv(const char *name);
254:
1.1.1.3 misho 255: /* env_hooks.c */
256: char *getenv_unhooked(const char *name);
257:
1.1 misho 258: /* interfaces.c */
259: int get_net_ifs(char **addrinfo);
260:
261: /* setgroups.c */
262: int sudo_setgroups(int ngids, const GETGROUPS_T *gids);
263:
1.1.1.2 misho 264: /* ttyname.c */
265: char *get_process_ttyname(void);
266:
1.1.1.4 ! misho 267: /* signal.c */
! 268: struct sigaction;
! 269: extern int signal_pipe[2];
! 270: int sudo_sigaction(int signo, struct sigaction *sa, struct sigaction *osa);
! 271: void init_signals(void);
! 272: void restore_signals(void);
! 273: void save_signals(void);
! 274:
1.1 misho 275: #endif /* _SUDO_SUDO_H */
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to sudo.h CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / sudo / src