[BACK]Return to sudo.h CVS log [TXT] [DIR] Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / sudo / src
File:  [ELWIX - Embedded LightWeight unIX -] / embedaddon / sudo / src / sudo.h
Revision 1.1.1.4 (vendor branch): download - view: text, annotated - select for diffs - revision graph
Mon Jul 22 10:46:13 2013 UTC (11 years ago) by misho
Branches: sudo, MAIN
CVS tags: v1_8_7p0, v1_8_7, HEAD
1.8.7

    1: /*
    2:  * Copyright (c) 1993-1996, 1998-2005, 2007-2013
    3:  *	Todd C. Miller <Todd.Miller@courtesan.com>
    4:  *
    5:  * Permission to use, copy, modify, and distribute this software for any
    6:  * purpose with or without fee is hereby granted, provided that the above
    7:  * copyright notice and this permission notice appear in all copies.
    8:  *
    9:  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
   10:  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
   11:  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
   12:  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
   13:  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
   14:  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
   15:  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
   16:  *
   17:  * Sponsored in part by the Defense Advanced Research Projects
   18:  * Agency (DARPA) and Air Force Research Laboratory, Air Force
   19:  * Materiel Command, USAF, under agreement number F39502-99-1-0512.
   20:  */
   21: 
   22: #ifndef _SUDO_SUDO_H
   23: #define _SUDO_SUDO_H
   24: 
   25: #include <limits.h>
   26: #include <pathnames.h>
   27: #ifdef HAVE_STDBOOL_H
   28: # include <stdbool.h>
   29: #else
   30: # include "compat/stdbool.h"
   31: #endif /* HAVE_STDBOOL_H */
   32: 
   33: #include "missing.h"
   34: #include "alloc.h"
   35: #include "error.h"
   36: #include "fileops.h"
   37: #include "list.h"
   38: #include "sudo_conf.h"
   39: #include "sudo_debug.h"
   40: #include "gettext.h"
   41: 
   42: #ifdef HAVE_PRIV_SET
   43: # include <priv.h>
   44: #endif
   45: 
   46: #ifdef __TANDEM
   47: # define ROOT_UID	65535
   48: #else
   49: # define ROOT_UID	0
   50: #endif
   51: 
   52: /*
   53:  * Various modes sudo can be in (based on arguments) in hex
   54:  */
   55: #define MODE_RUN		0x00000001
   56: #define MODE_EDIT		0x00000002
   57: #define MODE_VALIDATE		0x00000004
   58: #define MODE_INVALIDATE		0x00000008
   59: #define MODE_KILL		0x00000010
   60: #define MODE_VERSION		0x00000020
   61: #define MODE_HELP		0x00000040
   62: #define MODE_LIST		0x00000080
   63: #define MODE_CHECK		0x00000100
   64: #define MODE_MASK		0x0000ffff
   65: 
   66: /* Mode flags */
   67: /* XXX - prune this */
   68: #define MODE_BACKGROUND		0x00010000
   69: #define MODE_SHELL		0x00020000
   70: #define MODE_LOGIN_SHELL	0x00040000
   71: #define MODE_IMPLIED_SHELL	0x00080000
   72: #define MODE_RESET_HOME		0x00100000
   73: #define MODE_PRESERVE_GROUPS	0x00200000
   74: #define MODE_PRESERVE_ENV	0x00400000
   75: #define MODE_NONINTERACTIVE	0x00800000
   76: #define MODE_LONG_LIST		0x01000000
   77: 
   78: /*
   79:  * We used to use the system definition of PASS_MAX or _PASSWD_LEN,
   80:  * but that caused problems with various alternate authentication
   81:  * methods.  So, we just define our own and assume that it is >= the
   82:  * system max.
   83:  */
   84: #define SUDO_PASS_MAX	256
   85: 
   86: /*
   87:  * Flags for tgetpass()
   88:  */
   89: #define TGP_NOECHO	0x00		/* turn echo off reading pw (default) */
   90: #define TGP_ECHO	0x01		/* leave echo on when reading passwd */
   91: #define TGP_STDIN	0x02		/* read from stdin, not /dev/tty */
   92: #define TGP_ASKPASS	0x04		/* read from askpass helper program */
   93: #define TGP_MASK	0x08		/* mask user input when reading */
   94: #define TGP_NOECHO_TRY	0x10		/* turn off echo if possible */
   95: 
   96: struct user_details {
   97:     pid_t pid;
   98:     pid_t ppid;
   99:     pid_t pgid;
  100:     pid_t tcpgid;
  101:     pid_t sid;
  102:     uid_t uid;
  103:     uid_t euid;
  104:     uid_t gid;
  105:     uid_t egid;
  106:     const char *username;
  107:     const char *cwd;
  108:     const char *tty;
  109:     const char *host;
  110:     const char *shell;
  111:     GETGROUPS_T *groups;
  112:     int ngroups;
  113:     int ts_cols;
  114:     int ts_lines;
  115: };
  116: 
  117: #define CD_SET_UID		0x0001
  118: #define CD_SET_EUID		0x0002
  119: #define CD_SET_GID		0x0004
  120: #define CD_SET_EGID		0x0008
  121: #define CD_PRESERVE_GROUPS	0x0010
  122: #define CD_NOEXEC		0x0020
  123: #define CD_SET_PRIORITY		0x0040
  124: #define CD_SET_UMASK		0x0080
  125: #define CD_SET_TIMEOUT		0x0100
  126: #define CD_SUDOEDIT		0x0200
  127: #define CD_BACKGROUND		0x0400
  128: #define CD_RBAC_ENABLED		0x0800
  129: #define CD_USE_PTY		0x1000
  130: #define CD_SET_UTMP		0x2000
  131: #define CD_EXEC_BG		0x4000
  132: 
  133: struct command_details {
  134:     uid_t uid;
  135:     uid_t euid;
  136:     gid_t gid;
  137:     gid_t egid;
  138:     mode_t umask;
  139:     int priority;
  140:     int timeout;
  141:     int ngroups;
  142:     int closefrom;
  143:     int flags;
  144:     struct passwd *pw;
  145:     GETGROUPS_T *groups;
  146:     const char *command;
  147:     const char *cwd;
  148:     const char *login_class;
  149:     const char *chroot;
  150:     const char *selinux_role;
  151:     const char *selinux_type;
  152:     const char *utmp_user;
  153:     char **argv;
  154:     char **envp;
  155: #ifdef HAVE_PRIV_SET
  156:     priv_set_t *privs;
  157:     priv_set_t *limitprivs;
  158: #endif
  159: };
  160: 
  161: /* Status passed between parent and child via socketpair */
  162: struct command_status {
  163: #define CMD_INVALID 0
  164: #define CMD_ERRNO 1
  165: #define CMD_WSTATUS 2
  166: #define CMD_SIGNO 3
  167: #define CMD_PID 4
  168:     int type;
  169:     int val;
  170: };
  171: 
  172: struct timeval;
  173: 
  174: /* For fatal() and fatalx() (XXX - needed?) */
  175: void cleanup(int);
  176: 
  177: /* tgetpass.c */
  178: char *tgetpass(const char *, int, int);
  179: int tty_present(void);
  180: 
  181: /* zero_bytes.c */
  182: void zero_bytes(volatile void *, size_t);
  183: 
  184: /* exec.c */
  185: int pipe_nonblock(int fds[2]);
  186: int sudo_execute(struct command_details *details, struct command_status *cstat);
  187: 
  188: /* term.c */
  189: int term_cbreak(int);
  190: int term_copy(int, int);
  191: int term_noecho(int);
  192: int term_raw(int, int);
  193: int term_restore(int, int);
  194: 
  195: /* fmt_string.h */
  196: char *fmt_string(const char *var, const char *value);
  197: 
  198: /* atobool.c */
  199: bool atobool(const char *str);
  200: 
  201: /* parse_args.c */
  202: int parse_args(int argc, char **argv, int *nargc, char ***nargv,
  203:     char ***settingsp, char ***env_addp);
  204: extern int tgetpass_flags;
  205: 
  206: /* get_pty.c */
  207: int get_pty(int *master, int *slave, char *name, size_t namesz, uid_t uid);
  208: 
  209: /* ttysize.c */
  210: void get_ttysize(int *rowp, int *colp);
  211: 
  212: /* sudo.c */
  213: bool exec_setup(struct command_details *details, const char *ptyname, int ptyfd);
  214: int policy_init_session(struct command_details *details);
  215: int run_command(struct command_details *details);
  216: int os_init_common(int argc, char *argv[], char *envp[]);
  217: extern const char *list_user, *runas_user, *runas_group;
  218: extern struct user_details user_details;
  219: 
  220: /* sudo_edit.c */
  221: int sudo_edit(struct command_details *details);
  222: 
  223: /* parse_args.c */
  224: void usage(int);
  225: 
  226: /* openbsd.c */
  227: int os_init_openbsd(int argc, char *argv[], char *envp[]);
  228: 
  229: /* selinux.c */
  230: int selinux_restore_tty(void);
  231: int selinux_setup(const char *role, const char *type, const char *ttyn,
  232:     int ttyfd);
  233: void selinux_execve(const char *path, char *const argv[], char *const envp[],
  234:     int noexec);
  235: 
  236: /* solaris.c */
  237: void set_project(struct passwd *);
  238: int os_init_solaris(int argc, char *argv[], char *envp[]);
  239: 
  240: /* aix.c */
  241: void aix_prep_user(char *user, const char *tty);
  242: void aix_restoreauthdb(void);
  243: void aix_setauthdb(char *user);
  244: 
  245: /* hooks.c */
  246: /* XXX - move to sudo_plugin_int.h? */
  247: struct sudo_hook;
  248: int register_hook(struct sudo_hook *hook);
  249: int deregister_hook(struct sudo_hook *hook);
  250: int process_hooks_getenv(const char *name, char **val);
  251: int process_hooks_setenv(const char *name, const char *value, int overwrite);
  252: int process_hooks_putenv(char *string);
  253: int process_hooks_unsetenv(const char *name);
  254: 
  255: /* env_hooks.c */
  256: char *getenv_unhooked(const char *name);
  257: 
  258: /* interfaces.c */
  259: int get_net_ifs(char **addrinfo);
  260: 
  261: /* setgroups.c */
  262: int sudo_setgroups(int ngids, const GETGROUPS_T *gids);
  263: 
  264: /* ttyname.c */
  265: char *get_process_ttyname(void);
  266: 
  267: /* signal.c */
  268: struct sigaction;
  269: extern int signal_pipe[2];
  270: int sudo_sigaction(int signo, struct sigaction *sa, struct sigaction *osa);
  271: void init_signals(void);
  272: void restore_signals(void);
  273: void save_signals(void);
  274: 
  275: #endif /* _SUDO_SUDO_H */
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>