1: /*
2: * Copyright (c) 1993-1996, 1998-2005, 2007-2013
3: * Todd C. Miller <Todd.Miller@courtesan.com>
4: *
5: * Permission to use, copy, modify, and distribute this software for any
6: * purpose with or without fee is hereby granted, provided that the above
7: * copyright notice and this permission notice appear in all copies.
8: *
9: * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10: * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11: * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12: * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13: * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14: * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15: * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16: *
17: * Sponsored in part by the Defense Advanced Research Projects
18: * Agency (DARPA) and Air Force Research Laboratory, Air Force
19: * Materiel Command, USAF, under agreement number F39502-99-1-0512.
20: */
21:
22: #ifndef _SUDO_SUDO_H
23: #define _SUDO_SUDO_H
24:
25: #include <limits.h>
26: #include <pathnames.h>
27: #ifdef HAVE_STDBOOL_H
28: # include <stdbool.h>
29: #else
30: # include "compat/stdbool.h"
31: #endif /* HAVE_STDBOOL_H */
32:
33: #include "gettext.h" /* must be included before missing.h */
34:
35: #include "missing.h"
36: #include "alloc.h"
37: #include "fatal.h"
38: #include "fileops.h"
39: #include "sudo_conf.h"
40: #include "sudo_debug.h"
41: #include "sudo_util.h"
42:
43: #ifdef HAVE_PRIV_SET
44: # include <priv.h>
45: #endif
46:
47: #ifdef __TANDEM
48: # define ROOT_UID 65535
49: #else
50: # define ROOT_UID 0
51: #endif
52:
53: /*
54: * Various modes sudo can be in (based on arguments) in hex
55: */
56: #define MODE_RUN 0x00000001
57: #define MODE_EDIT 0x00000002
58: #define MODE_VALIDATE 0x00000004
59: #define MODE_INVALIDATE 0x00000008
60: #define MODE_KILL 0x00000010
61: #define MODE_VERSION 0x00000020
62: #define MODE_HELP 0x00000040
63: #define MODE_LIST 0x00000080
64: #define MODE_CHECK 0x00000100
65: #define MODE_MASK 0x0000ffff
66:
67: /* Mode flags */
68: /* XXX - prune this */
69: #define MODE_BACKGROUND 0x00010000
70: #define MODE_SHELL 0x00020000
71: #define MODE_LOGIN_SHELL 0x00040000
72: #define MODE_IMPLIED_SHELL 0x00080000
73: #define MODE_RESET_HOME 0x00100000
74: #define MODE_PRESERVE_GROUPS 0x00200000
75: #define MODE_PRESERVE_ENV 0x00400000
76: #define MODE_NONINTERACTIVE 0x00800000
77: #define MODE_LONG_LIST 0x01000000
78:
79: /*
80: * Flags for tgetpass()
81: */
82: #define TGP_NOECHO 0x00 /* turn echo off reading pw (default) */
83: #define TGP_ECHO 0x01 /* leave echo on when reading passwd */
84: #define TGP_STDIN 0x02 /* read from stdin, not /dev/tty */
85: #define TGP_ASKPASS 0x04 /* read from askpass helper program */
86: #define TGP_MASK 0x08 /* mask user input when reading */
87: #define TGP_NOECHO_TRY 0x10 /* turn off echo if possible */
88:
89: struct user_details {
90: pid_t pid;
91: pid_t ppid;
92: pid_t pgid;
93: pid_t tcpgid;
94: pid_t sid;
95: uid_t uid;
96: uid_t euid;
97: uid_t gid;
98: uid_t egid;
99: const char *username;
100: const char *cwd;
101: const char *tty;
102: const char *host;
103: const char *shell;
104: GETGROUPS_T *groups;
105: int ngroups;
106: int ts_cols;
107: int ts_lines;
108: };
109:
110: #define CD_SET_UID 0x0001
111: #define CD_SET_EUID 0x0002
112: #define CD_SET_GID 0x0004
113: #define CD_SET_EGID 0x0008
114: #define CD_PRESERVE_GROUPS 0x0010
115: #define CD_NOEXEC 0x0020
116: #define CD_SET_PRIORITY 0x0040
117: #define CD_SET_UMASK 0x0080
118: #define CD_SET_TIMEOUT 0x0100
119: #define CD_SUDOEDIT 0x0200
120: #define CD_BACKGROUND 0x0400
121: #define CD_RBAC_ENABLED 0x0800
122: #define CD_USE_PTY 0x1000
123: #define CD_SET_UTMP 0x2000
124: #define CD_EXEC_BG 0x4000
125:
126: struct preserved_fd {
127: TAILQ_ENTRY(preserved_fd) entries;
128: int lowfd;
129: int highfd;
130: int flags;
131: };
132: TAILQ_HEAD(preserved_fd_list, preserved_fd);
133:
134: struct command_details {
135: uid_t uid;
136: uid_t euid;
137: gid_t gid;
138: gid_t egid;
139: mode_t umask;
140: int priority;
141: int timeout;
142: int ngroups;
143: int closefrom;
144: int flags;
145: struct preserved_fd_list preserved_fds;
146: struct passwd *pw;
147: GETGROUPS_T *groups;
148: const char *command;
149: const char *cwd;
150: const char *login_class;
151: const char *chroot;
152: const char *selinux_role;
153: const char *selinux_type;
154: const char *utmp_user;
155: char **argv;
156: char **envp;
157: #ifdef HAVE_PRIV_SET
158: priv_set_t *privs;
159: priv_set_t *limitprivs;
160: #endif
161: };
162:
163: /* Status passed between parent and child via socketpair */
164: struct command_status {
165: #define CMD_INVALID 0
166: #define CMD_ERRNO 1
167: #define CMD_WSTATUS 2
168: #define CMD_SIGNO 3
169: #define CMD_PID 4
170: int type;
171: int val;
172: };
173:
174: struct timeval;
175:
176: /* For fatal() and fatalx() (XXX - needed?) */
177: void cleanup(int);
178:
179: /* tgetpass.c */
180: char *tgetpass(const char *, int, int);
181: int tty_present(void);
182:
183: /* exec.c */
184: int pipe_nonblock(int fds[2]);
185: int sudo_execute(struct command_details *details, struct command_status *cstat);
186:
187: /* parse_args.c */
188: int parse_args(int argc, char **argv, int *nargc, char ***nargv,
189: char ***settingsp, char ***env_addp);
190: extern int tgetpass_flags;
191:
192: /* get_pty.c */
193: int get_pty(int *master, int *slave, char *name, size_t namesz, uid_t uid);
194:
195: /* sudo.c */
196: bool exec_setup(struct command_details *details, const char *ptyname, int ptyfd);
197: int policy_init_session(struct command_details *details);
198: int run_command(struct command_details *details);
199: int os_init_common(int argc, char *argv[], char *envp[]);
200: extern const char *list_user;
201: extern struct user_details user_details;
202:
203: /* sudo_edit.c */
204: int sudo_edit(struct command_details *details);
205:
206: /* parse_args.c */
207: void usage(int);
208:
209: /* openbsd.c */
210: int os_init_openbsd(int argc, char *argv[], char *envp[]);
211:
212: /* selinux.c */
213: int selinux_restore_tty(void);
214: int selinux_setup(const char *role, const char *type, const char *ttyn,
215: int ttyfd);
216: void selinux_execve(const char *path, char *const argv[], char *const envp[],
217: int noexec);
218:
219: /* solaris.c */
220: void set_project(struct passwd *);
221: int os_init_solaris(int argc, char *argv[], char *envp[]);
222:
223: /* hooks.c */
224: /* XXX - move to sudo_plugin_int.h? */
225: struct sudo_hook;
226: int register_hook(struct sudo_hook *hook);
227: int deregister_hook(struct sudo_hook *hook);
228: int process_hooks_getenv(const char *name, char **val);
229: int process_hooks_setenv(const char *name, const char *value, int overwrite);
230: int process_hooks_putenv(char *string);
231: int process_hooks_unsetenv(const char *name);
232:
233: /* env_hooks.c */
234: char *getenv_unhooked(const char *name);
235:
236: /* interfaces.c */
237: int get_net_ifs(char **addrinfo);
238:
239: /* ttyname.c */
240: char *get_process_ttyname(void);
241:
242: /* signal.c */
243: struct sigaction;
244: extern int signal_pipe[2];
245: int sudo_sigaction(int signo, struct sigaction *sa, struct sigaction *osa);
246: void init_signals(void);
247: void restore_signals(void);
248: void save_signals(void);
249:
250: /* preload.c */
251: void preload_static_symbols(void);
252:
253: /* preserve_fds.c */
254: int add_preserved_fd(struct preserved_fd_list *pfds, int fd);
255: void closefrom_except(int startfd, struct preserved_fd_list *pfds);
256: void parse_preserved_fds(struct preserved_fd_list *pfds, const char *fdstr);
257:
258: #endif /* _SUDO_SUDO_H */
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to sudo.h CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / sudo / src