Return to sudo.h CVS log

Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / sudo / src

sudo

    1: /*
    2:  * Copyright (c) 1993-1996, 1998-2005, 2007-2011
    3:  *	Todd C. Miller <Todd.Miller@courtesan.com>
    4:  *
    5:  * Permission to use, copy, modify, and distribute this software for any
    6:  * purpose with or without fee is hereby granted, provided that the above
    7:  * copyright notice and this permission notice appear in all copies.
    8:  *
    9:  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
   10:  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
   11:  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
   12:  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
   13:  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
   14:  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
   15:  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
   16:  *
   17:  * Sponsored in part by the Defense Advanced Research Projects
   18:  * Agency (DARPA) and Air Force Research Laboratory, Air Force
   19:  * Materiel Command, USAF, under agreement number F39502-99-1-0512.
   20:  *
   21:  * $Sudo: sudo.h,v 1.290 2009/12/12 16:12:26 millert Exp $
   22:  */
   23: 
   24: #ifndef _SUDO_SUDO_H
   25: #define _SUDO_SUDO_H
   26: 
   27: #include <limits.h>
   28: #include <pathnames.h>
   29: 
   30: #include "missing.h"
   31: #include "alloc.h"
   32: #include "error.h"
   33: #include "fileops.h"
   34: #include "list.h"
   35: #include "gettext.h"
   36: 
   37: #ifdef __TANDEM
   38: # define ROOT_UID       65535
   39: #else
   40: # define ROOT_UID       0
   41: #endif
   42: 
   43: /*
   44:  * Pseudo-boolean values
   45:  */
   46: #undef TRUE
   47: #define TRUE                     1
   48: #undef FALSE
   49: #define FALSE                    0
   50: 
   51: /*
   52:  * Various modes sudo can be in (based on arguments) in hex
   53:  */
   54: #define MODE_RUN		0x00000001
   55: #define MODE_EDIT		0x00000002
   56: #define MODE_VALIDATE		0x00000004
   57: #define MODE_INVALIDATE		0x00000008
   58: #define MODE_KILL		0x00000010
   59: #define MODE_VERSION		0x00000020
   60: #define MODE_HELP		0x00000040
   61: #define MODE_LIST		0x00000080
   62: #define MODE_CHECK		0x00000100
   63: #define MODE_MASK		0x0000ffff
   64: 
   65: /* Mode flags */
   66: /* XXX - prune this */
   67: #define MODE_BACKGROUND		0x00010000
   68: #define MODE_SHELL		0x00020000
   69: #define MODE_LOGIN_SHELL	0x00040000
   70: #define MODE_IMPLIED_SHELL	0x00080000
   71: #define MODE_RESET_HOME		0x00100000
   72: #define MODE_PRESERVE_GROUPS	0x00200000
   73: #define MODE_PRESERVE_ENV	0x00400000
   74: #define MODE_NONINTERACTIVE	0x00800000
   75: #define MODE_LONG_LIST		0x01000000
   76: 
   77: /*
   78:  * We used to use the system definition of PASS_MAX or _PASSWD_LEN,
   79:  * but that caused problems with various alternate authentication
   80:  * methods.  So, we just define our own and assume that it is >= the
   81:  * system max.
   82:  */
   83: #define SUDO_PASS_MAX	256
   84: 
   85: /*
   86:  * Flags for tgetpass()
   87:  */
   88: #define TGP_NOECHO	0x00		/* turn echo off reading pw (default) */
   89: #define TGP_ECHO	0x01		/* leave echo on when reading passwd */
   90: #define TGP_STDIN	0x02		/* read from stdin, not /dev/tty */
   91: #define TGP_ASKPASS	0x04		/* read from askpass helper program */
   92: #define TGP_MASK	0x08		/* mask user input when reading */
   93: #define TGP_NOECHO_TRY	0x10		/* turn off echo if possible */
   94: 
   95: struct user_details {
   96:     uid_t uid;
   97:     uid_t euid;
   98:     uid_t gid;
   99:     uid_t egid;
  100:     const char *username;
  101:     const char *cwd;
  102:     const char *tty;
  103:     const char *host;
  104:     const char *shell;
  105:     GETGROUPS_T *groups;
  106:     int ngroups;
  107:     int ts_cols;
  108:     int ts_lines;
  109: };
  110: 
  111: #define CD_SET_UID		0x0001
  112: #define CD_SET_EUID		0x0002
  113: #define CD_SET_GID		0x0004
  114: #define CD_SET_EGID		0x0008
  115: #define CD_PRESERVE_GROUPS	0x0010
  116: #define CD_NOEXEC		0x0020
  117: #define CD_SET_PRIORITY		0x0040
  118: #define CD_SET_UMASK		0x0080
  119: #define CD_SET_TIMEOUT		0x0100
  120: #define CD_SUDOEDIT		0x0200
  121: #define CD_BACKGROUND		0x0400
  122: #define CD_RBAC_ENABLED		0x0800
  123: #define CD_USE_PTY		0x1000
  124: #define CD_SET_UTMP		0x2000
  125: 
  126: struct command_details {
  127:     uid_t uid;
  128:     uid_t euid;
  129:     gid_t gid;
  130:     gid_t egid;
  131:     mode_t umask;
  132:     int priority;
  133:     int timeout;
  134:     int ngroups;
  135:     int closefrom;
  136:     int flags;
  137:     GETGROUPS_T *groups;
  138:     const char *command;
  139:     const char *cwd;
  140:     const char *login_class;
  141:     const char *chroot;
  142:     const char *selinux_role;
  143:     const char *selinux_type;
  144:     const char *utmp_user;
  145:     char **argv;
  146:     char **envp;
  147: };
  148: 
  149: /* Status passed between parent and child via socketpair */
  150: struct command_status {
  151: #define CMD_INVALID 0
  152: #define CMD_ERRNO 1
  153: #define CMD_WSTATUS 2
  154: #define CMD_SIGNO 3
  155:     int type;
  156:     int val;
  157: };
  158: 
  159: struct timeval;
  160: 
  161: /* For error() and errorx() (XXX - needed?) */
  162: void cleanup(int);
  163: 
  164: /* tgetpass.c */
  165: char *tgetpass(const char *, int, int);
  166: int tty_present(void);
  167: extern const char *askpass_path;
  168: extern const char *noexec_path;
  169: 
  170: /* zero_bytes.c */
  171: void zero_bytes(volatile void *, size_t);
  172: 
  173: /* exec.c */
  174: int sudo_execve(struct command_details *details, struct command_status *cstat);
  175: void save_signals(void);
  176: void restore_signals(void);
  177: 
  178: /* term.c */
  179: int term_cbreak(int);
  180: int term_copy(int, int);
  181: int term_noecho(int);
  182: int term_raw(int, int);
  183: int term_restore(int, int);
  184: 
  185: /* fmt_string.h */
  186: char *fmt_string(const char *var, const char *value);
  187: 
  188: /* atobool.c */
  189: int atobool(const char *str);
  190: 
  191: /* parse_args.c */
  192: int parse_args(int argc, char **argv, int *nargc, char ***nargv,
  193:     char ***settingsp, char ***env_addp);
  194: extern int tgetpass_flags;
  195: 
  196: /* get_pty.c */
  197: int get_pty(int *master, int *slave, char *name, size_t namesz, uid_t uid);
  198: 
  199: /* ttysize.c */
  200: void get_ttysize(int *rowp, int *colp);
  201: 
  202: /* sudo.c */
  203: int exec_setup(struct command_details *details, const char *ptyname, int ptyfd);
  204: int run_command(struct command_details *details);
  205: void sudo_debug(int level, const char *format, ...) __printflike(2, 3);
  206: extern int debug_level;
  207: extern const char *list_user, *runas_user, *runas_group;
  208: extern struct user_details user_details;
  209: 
  210: /* sudo_edit.c */
  211: int sudo_edit(struct command_details *details);
  212: 
  213: /* parse_args.c */
  214: void usage(int);
  215: 
  216: /* selinux.c */
  217: int selinux_restore_tty(void);
  218: int selinux_setup(const char *role, const char *type, const char *ttyn,
  219:     int ttyfd);
  220: void selinux_execve(const char *path, char *argv[], char *envp[]);
  221: 
  222: /* aix.c */
  223: void aix_prep_user(char *user, const char *tty);
  224: void aix_restoreauthdb(void);
  225: void aix_setauthdb(char *user);
  226: 
  227: /* interfaces.c */
  228: int get_net_ifs(char **addrinfo);
  229: 
  230: /* setgroups.c */
  231: int sudo_setgroups(int ngids, const GETGROUPS_T *gids);
  232: 
  233: #endif /* _SUDO_SUDO_H */