2 /*static char yysccsid[] = "from: @(#)yaccpar 1.9 (Berkeley) 02/21/93";*/
5 __attribute__ ((unused))
6 #endif /* __GNUC__ >= 2 */
7 = "$OpenBSD: skeleton.c,v 1.29 2008/07/08 15:06:50 otto Exp $";
16 #define yyclearin (yychar=(YYEMPTY))
17 #define yyerrok (yyerrflag=0)
18 #define YYRECOVERING() (yyerrflag!=0)
22 * Copyright (c) 1996, 1998-2005, 2007-2008
23 * Todd C. Miller <Todd.Miller@courtesan.com>
25 * Permission to use, copy, modify, and distribute this software for any
26 * purpose with or without fee is hereby granted, provided that the above
27 * copyright notice and this permission notice appear in all copies.
29 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
30 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
31 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
32 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
33 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
34 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
35 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
36 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
37 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
39 * Sponsored in part by the Defense Advanced Research Projects
40 * Agency (DARPA) and Air Force Research Laboratory, Air Force
41 * Materiel Command, USAF, under agreement number F39502-99-1-0512.
46 #include <sys/types.h>
47 #include <sys/param.h>
56 #endif /* STDC_HEADERS */
60 # ifdef HAVE_STRINGS_H
63 #endif /* HAVE_STRING_H */
66 #endif /* HAVE_UNISTD_H */
67 #if defined(YYBISON) && defined(HAVE_ALLOCA_H) && !defined(__GNUC__)
69 #endif /* YYBISON && HAVE_ALLOCA_H && !__GNUC__ */
76 __unused static const char rcsid[] = "$Sudo: gram.c,v 1.34 2008/11/09 14:15:36 millert Exp $";
80 * We must define SIZE_MAX for yacc's skeleton.c.
81 * If there is no SIZE_MAX or SIZE_T_MAX we have to assume that size_t
82 * could be signed (as it is on SunOS 4.x).
86 # define SIZE_MAX SIZE_T_MAX
88 # define SIZE_MAX INT_MAX
89 # endif /* SIZE_T_MAX */
95 extern int sudolineno;
100 int errorlineno = -1;
101 char *errorfile = NULL;
103 struct defaults_list defaults;
104 struct userspec_list userspecs;
109 static void add_defaults __P((int, struct member *, struct defaults *));
110 static void add_userspec __P((struct member *, struct privilege *));
111 static struct defaults *new_default __P((char *, char *, int));
112 static struct member *new_member __P((char *, int));
113 void yyerror __P((const char *));
119 /* Save the line the first error occurred on. */
120 if (errorlineno == -1) {
121 errorlineno = sudolineno ? sudolineno - 1 : 0;
122 errorfile = estrdup(sudoers);
124 if (verbose && s != NULL) {
126 (void) fprintf(stderr, ">>> %s: %s near line %d <<<\n", sudoers, s,
127 sudolineno ? sudolineno - 1 : 0);
129 (void) fprintf(stderr, "<*> ");
135 #ifndef YYSTYPE_DEFINED
136 #define YYSTYPE_DEFINED
138 struct cmndspec *cmndspec;
139 struct defaults *defaults;
140 struct member *member;
141 struct runascontainer *runas;
142 struct privilege *privilege;
143 struct sudo_command command;
145 struct selinux_info seinfo;
149 #endif /* YYSTYPE_DEFINED */
156 #define USERGROUP 262
159 #define DEFAULTS_HOST 265
160 #define DEFAULTS_USER 266
161 #define DEFAULTS_RUNAS 267
162 #define DEFAULTS_CMND 268
171 #define HOSTALIAS 277
172 #define CMNDALIAS 278
173 #define USERALIAS 279
174 #define RUNASALIAS 280
178 #define YYERRCODE 256
179 #if defined(__cplusplus) || defined(__STDC__)
180 const short yylhs[] =
185 0, 0, 25, 25, 26, 26, 26, 26, 26, 26,
186 26, 26, 26, 26, 26, 26, 4, 4, 3, 3,
187 3, 3, 3, 20, 20, 19, 10, 10, 8, 8,
188 8, 8, 8, 2, 2, 1, 6, 6, 23, 24,
189 22, 22, 22, 22, 22, 17, 17, 18, 18, 18,
190 21, 21, 21, 21, 21, 21, 21, 5, 5, 5,
191 28, 28, 31, 9, 9, 29, 29, 32, 7, 7,
192 30, 30, 33, 27, 27, 34, 13, 13, 11, 11,
193 12, 12, 12, 12, 12, 16, 16, 14, 14, 15,
196 #if defined(__cplusplus) || defined(__STDC__)
197 const short yylen[] =
202 0, 1, 1, 2, 1, 2, 2, 2, 2, 2,
203 2, 2, 3, 3, 3, 3, 1, 3, 1, 2,
204 3, 3, 3, 1, 3, 3, 1, 2, 1, 1,
205 1, 1, 1, 1, 3, 4, 1, 2, 3, 3,
206 0, 1, 1, 2, 2, 0, 3, 1, 3, 2,
207 0, 2, 2, 2, 2, 2, 2, 1, 1, 1,
208 1, 3, 3, 1, 3, 1, 3, 3, 1, 3,
209 1, 3, 3, 1, 3, 3, 1, 3, 1, 2,
210 1, 1, 1, 1, 1, 1, 3, 1, 2, 1,
213 #if defined(__cplusplus) || defined(__STDC__)
214 const short yydefred[] =
219 0, 81, 83, 84, 85, 0, 0, 0, 0, 0,
220 82, 5, 0, 0, 0, 0, 0, 0, 77, 79,
221 0, 0, 3, 6, 0, 0, 17, 0, 29, 32,
222 31, 33, 30, 0, 27, 0, 64, 0, 0, 60,
223 59, 58, 0, 37, 69, 0, 0, 0, 61, 0,
224 0, 66, 0, 0, 74, 0, 0, 71, 80, 0,
225 0, 24, 0, 4, 0, 0, 0, 20, 0, 28,
226 0, 0, 0, 0, 38, 0, 0, 0, 0, 0,
227 0, 0, 0, 0, 0, 78, 0, 0, 21, 22,
228 23, 18, 65, 70, 0, 62, 0, 67, 0, 75,
229 0, 72, 0, 34, 0, 0, 25, 0, 0, 0,
230 0, 0, 0, 51, 0, 0, 90, 92, 91, 0,
231 86, 88, 0, 0, 47, 35, 0, 0, 0, 44,
232 45, 89, 0, 0, 40, 39, 52, 53, 54, 55,
235 #if defined(__cplusplus) || defined(__STDC__)
236 const short yydgoto[] =
241 104, 105, 27, 28, 44, 45, 46, 35, 61, 37,
242 19, 20, 21, 121, 122, 123, 106, 110, 62, 63,
243 129, 114, 115, 116, 22, 23, 54, 48, 51, 57,
246 #if defined(__cplusplus) || defined(__STDC__)
247 const short yysindex[] =
252 -266, 0, 0, 0, 0, -9, 463, 510, 510, -2,
253 0, 0, -243, -218, -215, -211, -225, 0, 0, 0,
254 -28, 405, 0, 0, -36, -210, 0, 4, 0, 0,
255 0, 0, 0, -231, 0, -33, 0, -25, -25, 0,
256 0, 0, -240, 0, 0, -21, -6, -1, 0, 2,
257 6, 0, 7, 8, 0, 9, 11, 0, 0, 510,
258 -22, 0, 13, 0, -203, -201, -198, 0, -9, 0,
259 463, 4, 4, 4, 0, -2, 4, 463, -243, -2,
260 -218, 510, -215, 510, -211, 0, 27, 463, 0, 0,
261 0, 0, 0, 0, 28, 0, 30, 0, 31, 0,
262 31, 0, 141, 0, 32, -262, 0, -27, -16, 36,
263 27, 18, 19, 0, -200, -202, 0, 0, 0, -217,
264 0, 0, 39, -27, 0, 0, -177, -175, 250, 0,
265 0, 0, -27, 39, 0, 0, 0, 0, 0, 0,
267 #if defined(__cplusplus) || defined(__STDC__)
268 const short yyrindex[] =
273 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
274 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
275 0, 91, 0, 0, 1, 0, 0, 156, 0, 0,
276 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
277 0, 0, 0, 0, 0, 0, 0, 181, 0, 0,
278 206, 0, 0, 237, 0, 0, 274, 0, 0, 0,
279 0, 0, 300, 0, 0, 0, 0, 0, 0, 0,
280 0, 326, 352, 378, 0, 0, 430, 0, 0, 0,
281 0, 0, 0, 0, 0, 0, -29, 0, 0, 0,
282 0, 0, 0, 0, 26, 0, 52, 0, 78, 0,
283 104, 0, 0, 0, 130, 442, 0, 0, 51, 0,
284 -29, 0, 0, 0, 461, 485, 0, 0, 0, 0,
285 0, 0, 53, 0, 0, 0, 0, 0, 0, 0,
286 0, 0, 0, 54, 0, 0, 0, 0, 0, 0,
288 #if defined(__cplusplus) || defined(__STDC__)
289 const short yygindex[] =
294 -18, 0, 29, 15, 56, -73, 16, 63, -5, 34,
295 40, 84, 5, -31, -17, -15, 0, 0, 24, 0,
296 0, 0, -10, -8, 0, 92, 0, 0, 0, 0,
299 #define YYTABLESIZE 785
300 #if defined(__cplusplus) || defined(__STDC__)
301 const short yytable[] =
306 19, 36, 94, 46, 34, 120, 66, 26, 67, 24,
307 71, 26, 38, 39, 47, 60, 40, 41, 60, 112,
308 113, 71, 76, 26, 65, 63, 29, 60, 30, 31,
309 43, 32, 2, 19, 42, 3, 4, 5, 87, 50,
310 117, 124, 53, 33, 19, 118, 56, 69, 68, 11,
311 72, 68, 73, 74, 78, 143, 79, 119, 63, 89,
312 77, 90, 80, 81, 91, 83, 103, 82, 85, 84,
313 88, 71, 95, 76, 60, 111, 125, 76, 127, 128,
314 113, 112, 133, 63, 68, 135, 99, 136, 101, 1,
315 2, 48, 126, 50, 49, 97, 70, 92, 75, 86,
316 59, 144, 132, 73, 93, 131, 130, 109, 134, 68,
317 76, 107, 0, 64, 0, 96, 0, 102, 98, 0,
318 0, 0, 0, 100, 0, 0, 0, 0, 0, 26,
319 0, 0, 0, 0, 0, 76, 73, 0, 0, 0,
320 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
321 0, 0, 0, 0, 0, 12, 0, 0, 0, 0,
322 0, 73, 26, 0, 0, 0, 0, 0, 0, 0,
323 0, 0, 0, 17, 0, 0, 0, 0, 0, 0,
324 9, 0, 0, 0, 0, 0, 0, 26, 12, 0,
325 0, 0, 0, 0, 0, 0, 0, 0, 108, 0,
326 0, 0, 0, 0, 0, 10, 0, 0, 0, 0,
327 0, 0, 0, 9, 0, 0, 0, 0, 0, 0,
328 0, 0, 0, 0, 0, 25, 0, 46, 46, 29,
329 117, 30, 31, 25, 32, 118, 8, 25, 10, 46,
330 46, 46, 46, 46, 46, 46, 33, 119, 0, 25,
331 0, 0, 46, 46, 40, 41, 19, 0, 19, 0,
332 0, 19, 19, 19, 19, 19, 19, 19, 19, 8,
333 0, 0, 42, 11, 0, 19, 19, 19, 19, 19,
334 19, 63, 43, 63, 0, 0, 63, 63, 63, 63,
335 63, 63, 63, 63, 0, 0, 0, 0, 0, 7,
336 63, 63, 63, 63, 63, 63, 11, 68, 0, 68,
337 0, 0, 68, 68, 68, 68, 68, 68, 68, 68,
338 0, 0, 0, 0, 0, 15, 68, 68, 68, 68,
339 68, 68, 7, 76, 0, 76, 0, 0, 76, 76,
340 76, 76, 76, 76, 76, 76, 0, 0, 0, 0,
341 0, 13, 76, 76, 76, 76, 76, 76, 15, 73,
342 0, 73, 0, 0, 73, 73, 73, 73, 73, 73,
343 73, 73, 0, 0, 0, 0, 0, 14, 73, 73,
344 73, 73, 73, 73, 13, 26, 0, 26, 0, 0,
345 26, 26, 26, 26, 26, 26, 26, 26, 2, 0,
346 0, 3, 4, 5, 26, 26, 26, 26, 26, 26,
347 14, 12, 0, 12, 0, 11, 12, 12, 12, 12,
348 12, 12, 12, 12, 0, 0, 0, 0, 0, 16,
349 12, 12, 12, 12, 12, 12, 9, 17, 9, 0,
350 0, 9, 9, 9, 9, 9, 9, 9, 9, 0,
351 0, 0, 0, 0, 0, 9, 9, 9, 9, 9,
352 9, 10, 16, 10, 0, 0, 10, 10, 10, 10,
353 10, 10, 10, 10, 41, 0, 0, 0, 0, 0,
354 10, 10, 10, 10, 10, 10, 0, 0, 0, 0,
355 0, 0, 8, 42, 8, 34, 0, 8, 8, 8,
356 8, 8, 8, 8, 8, 0, 40, 41, 0, 0,
357 0, 8, 8, 8, 8, 8, 8, 43, 137, 138,
358 139, 140, 141, 142, 42, 0, 0, 0, 0, 11,
359 0, 11, 0, 0, 11, 11, 11, 11, 11, 11,
360 11, 11, 17, 0, 0, 0, 0, 0, 11, 11,
361 11, 11, 11, 11, 0, 7, 0, 7, 0, 0,
362 7, 7, 7, 7, 7, 7, 7, 7, 0, 0,
363 0, 0, 0, 0, 7, 7, 7, 7, 7, 7,
364 0, 15, 0, 15, 0, 0, 15, 15, 15, 15,
365 15, 15, 15, 15, 0, 0, 0, 0, 0, 0,
366 15, 15, 15, 15, 15, 15, 0, 13, 0, 13,
367 0, 0, 13, 13, 13, 13, 13, 13, 13, 13,
368 0, 0, 0, 0, 0, 0, 13, 13, 13, 13,
369 13, 13, 0, 14, 0, 14, 0, 0, 14, 14,
370 14, 14, 14, 14, 14, 14, 0, 0, 0, 0,
371 0, 0, 14, 14, 14, 14, 14, 14, 0, 0,
372 1, 0, 2, 0, 0, 3, 4, 5, 6, 7,
373 8, 9, 10, 0, 0, 0, 0, 0, 0, 11,
374 12, 13, 14, 15, 16, 16, 0, 16, 0, 0,
375 16, 16, 16, 16, 16, 16, 16, 16, 41, 41,
376 0, 0, 0, 0, 16, 16, 16, 16, 16, 16,
377 41, 41, 41, 41, 41, 41, 41, 42, 42, 0,
378 29, 0, 30, 31, 0, 32, 0, 0, 0, 42,
379 42, 42, 42, 42, 42, 42, 0, 33, 0, 0,
380 0, 43, 43, 0, 0, 0, 0, 0, 0, 0,
381 0, 0, 0, 43, 43, 43, 43, 43, 43, 43,
382 0, 0, 0, 0, 0, 0, 0, 2, 0, 0,
383 3, 4, 5, 0, 0, 0, 0, 0, 0, 0,
386 #if defined(__cplusplus) || defined(__STDC__)
387 const short yycheck[] =
392 0, 7, 76, 33, 33, 33, 43, 33, 45, 276,
393 44, 33, 8, 9, 258, 44, 257, 258, 44, 282,
394 283, 44, 44, 33, 61, 0, 258, 44, 260, 261,
395 33, 263, 258, 33, 275, 261, 262, 263, 61, 258,
396 258, 58, 258, 275, 44, 263, 258, 44, 259, 275,
397 36, 0, 38, 39, 61, 129, 58, 275, 33, 263,
398 46, 263, 61, 58, 263, 58, 40, 61, 58, 61,
399 58, 44, 78, 44, 44, 44, 41, 0, 61, 61,
400 283, 282, 44, 58, 33, 263, 82, 263, 84, 0,
401 0, 41, 111, 41, 41, 80, 34, 69, 43, 60,
402 17, 133, 120, 0, 71, 116, 115, 103, 124, 58,
403 33, 88, -1, 22, -1, 79, -1, 85, 81, -1,
404 -1, -1, -1, 83, -1, -1, -1, -1, -1, 0,
405 -1, -1, -1, -1, -1, 58, 33, -1, -1, -1,
406 -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
407 -1, -1, -1, -1, -1, 0, -1, -1, -1, -1,
408 -1, 58, 33, -1, -1, -1, -1, -1, -1, -1,
409 -1, -1, -1, 33, -1, -1, -1, -1, -1, -1,
410 0, -1, -1, -1, -1, -1, -1, 58, 33, -1,
411 -1, -1, -1, -1, -1, -1, -1, -1, 58, -1,
412 -1, -1, -1, -1, -1, 0, -1, -1, -1, -1,
413 -1, -1, -1, 33, -1, -1, -1, -1, -1, -1,
414 -1, -1, -1, -1, -1, 259, -1, 257, 258, 258,
415 258, 260, 261, 259, 263, 263, 0, 259, 33, 269,
416 270, 271, 272, 273, 274, 275, 275, 275, -1, 259,
417 -1, -1, 282, 283, 257, 258, 256, -1, 258, -1,
418 -1, 261, 262, 263, 264, 265, 266, 267, 268, 33,
419 -1, -1, 275, 0, -1, 275, 276, 277, 278, 279,
420 280, 256, 33, 258, -1, -1, 261, 262, 263, 264,
421 265, 266, 267, 268, -1, -1, -1, -1, -1, 0,
422 275, 276, 277, 278, 279, 280, 33, 256, -1, 258,
423 -1, -1, 261, 262, 263, 264, 265, 266, 267, 268,
424 -1, -1, -1, -1, -1, 0, 275, 276, 277, 278,
425 279, 280, 33, 256, -1, 258, -1, -1, 261, 262,
426 263, 264, 265, 266, 267, 268, -1, -1, -1, -1,
427 -1, 0, 275, 276, 277, 278, 279, 280, 33, 256,
428 -1, 258, -1, -1, 261, 262, 263, 264, 265, 266,
429 267, 268, -1, -1, -1, -1, -1, 0, 275, 276,
430 277, 278, 279, 280, 33, 256, -1, 258, -1, -1,
431 261, 262, 263, 264, 265, 266, 267, 268, 258, -1,
432 -1, 261, 262, 263, 275, 276, 277, 278, 279, 280,
433 33, 256, -1, 258, -1, 275, 261, 262, 263, 264,
434 265, 266, 267, 268, -1, -1, -1, -1, -1, 0,
435 275, 276, 277, 278, 279, 280, 256, 33, 258, -1,
436 -1, 261, 262, 263, 264, 265, 266, 267, 268, -1,
437 -1, -1, -1, -1, -1, 275, 276, 277, 278, 279,
438 280, 256, 33, 258, -1, -1, 261, 262, 263, 264,
439 265, 266, 267, 268, 33, -1, -1, -1, -1, -1,
440 275, 276, 277, 278, 279, 280, -1, -1, -1, -1,
441 -1, -1, 256, 33, 258, 33, -1, 261, 262, 263,
442 264, 265, 266, 267, 268, -1, 257, 258, -1, -1,
443 -1, 275, 276, 277, 278, 279, 280, 33, 269, 270,
444 271, 272, 273, 274, 275, -1, -1, -1, -1, 256,
445 -1, 258, -1, -1, 261, 262, 263, 264, 265, 266,
446 267, 268, 33, -1, -1, -1, -1, -1, 275, 276,
447 277, 278, 279, 280, -1, 256, -1, 258, -1, -1,
448 261, 262, 263, 264, 265, 266, 267, 268, -1, -1,
449 -1, -1, -1, -1, 275, 276, 277, 278, 279, 280,
450 -1, 256, -1, 258, -1, -1, 261, 262, 263, 264,
451 265, 266, 267, 268, -1, -1, -1, -1, -1, -1,
452 275, 276, 277, 278, 279, 280, -1, 256, -1, 258,
453 -1, -1, 261, 262, 263, 264, 265, 266, 267, 268,
454 -1, -1, -1, -1, -1, -1, 275, 276, 277, 278,
455 279, 280, -1, 256, -1, 258, -1, -1, 261, 262,
456 263, 264, 265, 266, 267, 268, -1, -1, -1, -1,
457 -1, -1, 275, 276, 277, 278, 279, 280, -1, -1,
458 256, -1, 258, -1, -1, 261, 262, 263, 264, 265,
459 266, 267, 268, -1, -1, -1, -1, -1, -1, 275,
460 276, 277, 278, 279, 280, 256, -1, 258, -1, -1,
461 261, 262, 263, 264, 265, 266, 267, 268, 257, 258,
462 -1, -1, -1, -1, 275, 276, 277, 278, 279, 280,
463 269, 270, 271, 272, 273, 274, 275, 257, 258, -1,
464 258, -1, 260, 261, -1, 263, -1, -1, -1, 269,
465 270, 271, 272, 273, 274, 275, -1, 275, -1, -1,
466 -1, 257, 258, -1, -1, -1, -1, -1, -1, -1,
467 -1, -1, -1, 269, 270, 271, 272, 273, 274, 275,
468 -1, -1, -1, -1, -1, -1, -1, 258, -1, -1,
469 261, 262, 263, -1, -1, -1, -1, -1, -1, -1,
476 #define YYMAXTOKEN 283
478 #if defined(__cplusplus) || defined(__STDC__)
479 const char * const yyname[] =
484 "end-of-file",0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
485 "'!'",0,0,0,0,0,0,"'('","')'",0,"'+'","','","'-'",0,0,0,0,0,0,0,0,0,0,0,0,"':'",
486 0,0,"'='",0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
487 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
488 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
489 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
490 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
491 "COMMAND","ALIAS","DEFVAR","NTWKADDR","NETGROUP","USERGROUP","WORD","DEFAULTS",
492 "DEFAULTS_HOST","DEFAULTS_USER","DEFAULTS_RUNAS","DEFAULTS_CMND","NOPASSWD",
493 "PASSWD","NOEXEC","EXEC","SETENV","NOSETENV","ALL","COMMENT","HOSTALIAS",
494 "CMNDALIAS","USERALIAS","RUNASALIAS","ERROR","TYPE","ROLE",
496 #if defined(__cplusplus) || defined(__STDC__)
497 const char * const yyrule[] =
507 "entry : error COMMENT",
508 "entry : userlist privileges",
509 "entry : USERALIAS useraliases",
510 "entry : HOSTALIAS hostaliases",
511 "entry : CMNDALIAS cmndaliases",
512 "entry : RUNASALIAS runasaliases",
513 "entry : DEFAULTS defaults_list",
514 "entry : DEFAULTS_USER userlist defaults_list",
515 "entry : DEFAULTS_RUNAS userlist defaults_list",
516 "entry : DEFAULTS_HOST hostlist defaults_list",
517 "entry : DEFAULTS_CMND cmndlist defaults_list",
518 "defaults_list : defaults_entry",
519 "defaults_list : defaults_list ',' defaults_entry",
520 "defaults_entry : DEFVAR",
521 "defaults_entry : '!' DEFVAR",
522 "defaults_entry : DEFVAR '=' WORD",
523 "defaults_entry : DEFVAR '+' WORD",
524 "defaults_entry : DEFVAR '-' WORD",
525 "privileges : privilege",
526 "privileges : privileges ':' privilege",
527 "privilege : hostlist '=' cmndspeclist",
535 "cmndspeclist : cmndspec",
536 "cmndspeclist : cmndspeclist ',' cmndspec",
537 "cmndspec : runasspec selinux cmndtag opcmnd",
540 "rolespec : ROLE '=' WORD",
541 "typespec : TYPE '=' WORD",
543 "selinux : rolespec",
544 "selinux : typespec",
545 "selinux : rolespec typespec",
546 "selinux : typespec rolespec",
548 "runasspec : '(' runaslist ')'",
549 "runaslist : userlist",
550 "runaslist : userlist ':' grouplist",
551 "runaslist : ':' grouplist",
553 "cmndtag : cmndtag NOPASSWD",
554 "cmndtag : cmndtag PASSWD",
555 "cmndtag : cmndtag NOEXEC",
556 "cmndtag : cmndtag EXEC",
557 "cmndtag : cmndtag SETENV",
558 "cmndtag : cmndtag NOSETENV",
562 "hostaliases : hostalias",
563 "hostaliases : hostaliases ':' hostalias",
564 "hostalias : ALIAS '=' hostlist",
566 "hostlist : hostlist ',' ophost",
567 "cmndaliases : cmndalias",
568 "cmndaliases : cmndaliases ':' cmndalias",
569 "cmndalias : ALIAS '=' cmndlist",
571 "cmndlist : cmndlist ',' opcmnd",
572 "runasaliases : runasalias",
573 "runasaliases : runasaliases ':' runasalias",
574 "runasalias : ALIAS '=' userlist",
575 "useraliases : useralias",
576 "useraliases : useraliases ':' useralias",
577 "useralias : ALIAS '=' userlist",
579 "userlist : userlist ',' opuser",
587 "grouplist : opgroup",
588 "grouplist : grouplist ',' opgroup",
590 "opgroup : '!' group",
598 #define YYMAXDEPTH YYSTACKSIZE
601 #define YYSTACKSIZE YYMAXDEPTH
603 #define YYSTACKSIZE 10000
604 #define YYMAXDEPTH 10000
607 #define YYINITSTACKSIZE 200
622 static struct defaults *
623 new_default(var, val, op)
630 d = emalloc(sizeof(struct defaults));
633 tq_init(&d->binding);
642 static struct member *
643 new_member(name, type)
649 m = emalloc(sizeof(struct member));
659 * Add a list of defaults structures to the defaults list.
660 * The binding, if non-NULL, specifies a list of hosts, users, or
661 * runas users the entries apply to (specified by the type).
664 add_defaults(type, bmem, defs)
667 struct defaults *defs;
670 struct member_list binding;
673 * We can only call list2tq once on bmem as it will zero
674 * out the prev pointer when it consumes bmem.
676 list2tq(&binding, bmem);
679 * Set type and binding (who it applies to) for new entries.
681 for (d = defs; d != NULL; d = d->next) {
683 d->binding = binding;
685 tq_append(&defaults, defs);
689 * Allocate a new struct userspec, populate it, and insert it at the
690 * and of the userspecs list.
693 add_userspec(members, privs)
694 struct member *members;
695 struct privilege *privs;
699 u = emalloc(sizeof(*u));
700 list2tq(&u->users, members);
701 list2tq(&u->privileges, privs);
704 tq_append(&userspecs, u);
708 * Free up space used by data structures from a previous parser run and sets
709 * the current sudoers file to path.
712 init_parser(path, quiet)
717 struct member *m, *binding;
719 struct privilege *priv;
721 struct sudo_command *c;
723 while ((us = tq_pop(&userspecs)) != NULL) {
724 while ((m = tq_pop(&us->users)) != NULL) {
728 while ((priv = tq_pop(&us->privileges)) != NULL) {
729 struct member *runasuser = NULL, *runasgroup = NULL;
731 char *role = NULL, *type = NULL;
732 #endif /* HAVE_SELINUX */
734 while ((m = tq_pop(&priv->hostlist)) != NULL) {
738 while ((cs = tq_pop(&priv->cmndlist)) != NULL) {
740 /* Only free the first instance of a role/type. */
741 if (cs->role != role) {
745 if (cs->type != type) {
749 #endif /* HAVE_SELINUX */
750 if (tq_last(&cs->runasuserlist) != runasuser) {
751 runasuser = tq_last(&cs->runasuserlist);
752 while ((m = tq_pop(&cs->runasuserlist)) != NULL) {
757 if (tq_last(&cs->runasgrouplist) != runasgroup) {
758 runasgroup = tq_last(&cs->runasgrouplist);
759 while ((m = tq_pop(&cs->runasgrouplist)) != NULL) {
764 if (cs->cmnd->type == COMMAND) {
765 c = (struct sudo_command *) cs->cmnd->name;
769 efree(cs->cmnd->name);
780 while ((d = tq_pop(&defaults)) != NULL) {
781 if (tq_last(&d->binding) != binding) {
782 binding = tq_last(&d->binding);
783 while ((m = tq_pop(&d->binding)) != NULL) {
784 if (m->type == COMMAND) {
785 c = (struct sudo_command *) m->name;
802 sudoers = path ? estrdup(path) : NULL;
810 /* allocate initial stack or double stack size, up to YYMAXDEPTH */
811 #if defined(__cplusplus) || defined(__STDC__)
812 static int yygrowstack(void)
814 static int yygrowstack()
821 if ((newsize = yystacksize) == 0)
822 newsize = YYINITSTACKSIZE;
823 else if (newsize >= YYMAXDEPTH)
825 else if ((newsize *= 2) > YYMAXDEPTH)
826 newsize = YYMAXDEPTH;
829 #define YY_SIZE_MAX SIZE_MAX
831 #define YY_SIZE_MAX 0x7fffffff
833 if (newsize && YY_SIZE_MAX / newsize < sizeof *newss)
835 newss = yyss ? (short *)realloc(yyss, newsize * sizeof *newss) :
836 (short *)malloc(newsize * sizeof *newss); /* overflow check above */
841 if (newsize && YY_SIZE_MAX / newsize < sizeof *newvs)
843 newvs = yyvs ? (YYSTYPE *)realloc(yyvs, newsize * sizeof *newvs) :
844 (YYSTYPE *)malloc(newsize * sizeof *newvs); /* overflow check above */
849 yystacksize = newsize;
850 yysslim = yyss + newsize - 1;
863 #define YYABORT goto yyabort
864 #define YYREJECT goto yyabort
865 #define YYACCEPT goto yyaccept
866 #define YYERROR goto yyerrlab
868 #if defined(__cplusplus) || defined(__STDC__)
874 int yym, yyn, yystate;
876 #if defined(__cplusplus) || defined(__STDC__)
878 #else /* !(defined(__cplusplus) || defined(__STDC__)) */
880 #endif /* !(defined(__cplusplus) || defined(__STDC__)) */
882 if ((yys = getenv("YYDEBUG")))
885 if (yyn >= '0' && yyn <= '9')
894 if (yyss == NULL && yygrowstack()) goto yyoverflow;
897 *yyssp = yystate = 0;
900 if ((yyn = yydefred[yystate]) != 0) goto yyreduce;
903 if ((yychar = yylex()) < 0) yychar = 0;
908 if (yychar <= YYMAXTOKEN) yys = yyname[yychar];
909 if (!yys) yys = "illegal-symbol";
910 printf("%sdebug: state %d, reading %d (%s)\n",
911 YYPREFIX, yystate, yychar, yys);
915 if ((yyn = yysindex[yystate]) && (yyn += yychar) >= 0 &&
916 yyn <= YYTABLESIZE && yycheck[yyn] == yychar)
920 printf("%sdebug: state %d, shifting to state %d\n",
921 YYPREFIX, yystate, yytable[yyn]);
923 if (yyssp >= yysslim && yygrowstack())
927 *++yyssp = yystate = yytable[yyn];
930 if (yyerrflag > 0) --yyerrflag;
933 if ((yyn = yyrindex[yystate]) && (yyn += yychar) >= 0 &&
934 yyn <= YYTABLESIZE && yycheck[yyn] == yychar)
939 if (yyerrflag) goto yyinrecovery;
940 #if defined(lint) || defined(__GNUC__)
944 yyerror("syntax error");
945 #if defined(lint) || defined(__GNUC__)
956 if ((yyn = yysindex[*yyssp]) && (yyn += YYERRCODE) >= 0 &&
957 yyn <= YYTABLESIZE && yycheck[yyn] == YYERRCODE)
961 printf("%sdebug: state %d, error recovery shifting\
962 to state %d\n", YYPREFIX, *yyssp, yytable[yyn]);
964 if (yyssp >= yysslim && yygrowstack())
968 *++yyssp = yystate = yytable[yyn];
976 printf("%sdebug: error recovery discarding state %d\n",
979 if (yyssp <= yyss) goto yyabort;
987 if (yychar == 0) goto yyabort;
992 if (yychar <= YYMAXTOKEN) yys = yyname[yychar];
993 if (!yys) yys = "illegal-symbol";
994 printf("%sdebug: state %d, error recovery discards token %d (%s)\n",
995 YYPREFIX, yystate, yychar, yys);
1004 printf("%sdebug: state %d, reducing by rule %d (%s)\n",
1005 YYPREFIX, yystate, yyn, yyrule[yyn]);
1009 yyval = yyvsp[1-yym];
1011 memset(&yyval, 0, sizeof yyval);
1033 add_userspec(yyvsp[-1].member, yyvsp[0].privilege);
1063 add_defaults(DEFAULTS, NULL, yyvsp[0].defaults);
1069 add_defaults(DEFAULTS_USER, yyvsp[-1].member, yyvsp[0].defaults);
1075 add_defaults(DEFAULTS_RUNAS, yyvsp[-1].member, yyvsp[0].defaults);
1081 add_defaults(DEFAULTS_HOST, yyvsp[-1].member, yyvsp[0].defaults);
1087 add_defaults(DEFAULTS_CMND, yyvsp[-1].member, yyvsp[0].defaults);
1093 list_append(yyvsp[-2].defaults, yyvsp[0].defaults);
1094 yyval.defaults = yyvsp[-2].defaults;
1100 yyval.defaults = new_default(yyvsp[0].string, NULL, TRUE);
1106 yyval.defaults = new_default(yyvsp[0].string, NULL, FALSE);
1112 yyval.defaults = new_default(yyvsp[-2].string, yyvsp[0].string, TRUE);
1118 yyval.defaults = new_default(yyvsp[-2].string, yyvsp[0].string, '+');
1124 yyval.defaults = new_default(yyvsp[-2].string, yyvsp[0].string, '-');
1130 list_append(yyvsp[-2].privilege, yyvsp[0].privilege);
1131 yyval.privilege = yyvsp[-2].privilege;
1137 struct privilege *p = emalloc(sizeof(*p));
1138 list2tq(&p->hostlist, yyvsp[-2].member);
1139 list2tq(&p->cmndlist, yyvsp[0].cmndspec);
1142 yyval.privilege = p;
1148 yyval.member = yyvsp[0].member;
1149 yyval.member->negated = FALSE;
1155 yyval.member = yyvsp[0].member;
1156 yyval.member->negated = TRUE;
1162 yyval.member = new_member(yyvsp[0].string, ALIAS);
1168 yyval.member = new_member(NULL, ALL);
1174 yyval.member = new_member(yyvsp[0].string, NETGROUP);
1180 yyval.member = new_member(yyvsp[0].string, NTWKADDR);
1186 yyval.member = new_member(yyvsp[0].string, WORD);
1192 list_append(yyvsp[-2].cmndspec, yyvsp[0].cmndspec);
1194 /* propagate role and type */
1195 if (yyvsp[0].cmndspec->role == NULL)
1196 yyvsp[0].cmndspec->role = yyvsp[0].cmndspec->prev->role;
1197 if (yyvsp[0].cmndspec->type == NULL)
1198 yyvsp[0].cmndspec->type = yyvsp[0].cmndspec->prev->type;
1199 #endif /* HAVE_SELINUX */
1200 /* propagate tags and runas list */
1201 if (yyvsp[0].cmndspec->tags.nopasswd == UNSPEC)
1202 yyvsp[0].cmndspec->tags.nopasswd = yyvsp[0].cmndspec->prev->tags.nopasswd;
1203 if (yyvsp[0].cmndspec->tags.noexec == UNSPEC)
1204 yyvsp[0].cmndspec->tags.noexec = yyvsp[0].cmndspec->prev->tags.noexec;
1205 if (yyvsp[0].cmndspec->tags.setenv == UNSPEC &&
1206 yyvsp[0].cmndspec->prev->tags.setenv != IMPLIED)
1207 yyvsp[0].cmndspec->tags.setenv = yyvsp[0].cmndspec->prev->tags.setenv;
1208 if ((tq_empty(&yyvsp[0].cmndspec->runasuserlist) &&
1209 tq_empty(&yyvsp[0].cmndspec->runasgrouplist)) &&
1210 (!tq_empty(&yyvsp[0].cmndspec->prev->runasuserlist) ||
1211 !tq_empty(&yyvsp[0].cmndspec->prev->runasgrouplist))) {
1212 yyvsp[0].cmndspec->runasuserlist = yyvsp[0].cmndspec->prev->runasuserlist;
1213 yyvsp[0].cmndspec->runasgrouplist = yyvsp[0].cmndspec->prev->runasgrouplist;
1215 yyval.cmndspec = yyvsp[-2].cmndspec;
1221 struct cmndspec *cs = emalloc(sizeof(*cs));
1222 if (yyvsp[-3].runas != NULL) {
1223 list2tq(&cs->runasuserlist, yyvsp[-3].runas->runasusers);
1224 list2tq(&cs->runasgrouplist, yyvsp[-3].runas->runasgroups);
1225 efree(yyvsp[-3].runas);
1227 tq_init(&cs->runasuserlist);
1228 tq_init(&cs->runasgrouplist);
1231 cs->role = yyvsp[-2].seinfo.role;
1232 cs->type = yyvsp[-2].seinfo.type;
1234 cs->tags = yyvsp[-1].tag;
1235 cs->cmnd = yyvsp[0].member;
1238 /* sudo "ALL" implies the SETENV tag */
1239 if (cs->cmnd->type == ALL && !cs->cmnd->negated &&
1240 cs->tags.setenv == UNSPEC)
1241 cs->tags.setenv = IMPLIED;
1242 yyval.cmndspec = cs;
1248 yyval.member = yyvsp[0].member;
1249 yyval.member->negated = FALSE;
1255 yyval.member = yyvsp[0].member;
1256 yyval.member->negated = TRUE;
1262 yyval.string = yyvsp[0].string;
1268 yyval.string = yyvsp[0].string;
1274 yyval.seinfo.role = NULL;
1275 yyval.seinfo.type = NULL;
1281 yyval.seinfo.role = yyvsp[0].string;
1282 yyval.seinfo.type = NULL;
1288 yyval.seinfo.type = yyvsp[0].string;
1289 yyval.seinfo.role = NULL;
1295 yyval.seinfo.role = yyvsp[-1].string;
1296 yyval.seinfo.type = yyvsp[0].string;
1302 yyval.seinfo.type = yyvsp[-1].string;
1303 yyval.seinfo.role = yyvsp[0].string;
1315 yyval.runas = yyvsp[-1].runas;
1321 yyval.runas = emalloc(sizeof(struct runascontainer));
1322 yyval.runas->runasusers = yyvsp[0].member;
1323 yyval.runas->runasgroups = NULL;
1329 yyval.runas = emalloc(sizeof(struct runascontainer));
1330 yyval.runas->runasusers = yyvsp[-2].member;
1331 yyval.runas->runasgroups = yyvsp[0].member;
1337 yyval.runas = emalloc(sizeof(struct runascontainer));
1338 yyval.runas->runasusers = NULL;
1339 yyval.runas->runasgroups = yyvsp[0].member;
1345 yyval.tag.nopasswd = yyval.tag.noexec = yyval.tag.setenv = UNSPEC;
1351 yyval.tag.nopasswd = TRUE;
1357 yyval.tag.nopasswd = FALSE;
1363 yyval.tag.noexec = TRUE;
1369 yyval.tag.noexec = FALSE;
1375 yyval.tag.setenv = TRUE;
1381 yyval.tag.setenv = FALSE;
1387 yyval.member = new_member(NULL, ALL);
1393 yyval.member = new_member(yyvsp[0].string, ALIAS);
1399 struct sudo_command *c = emalloc(sizeof(*c));
1400 c->cmnd = yyvsp[0].command.cmnd;
1401 c->args = yyvsp[0].command.args;
1402 yyval.member = new_member((char *)c, COMMAND);
1409 if ((s = alias_add(yyvsp[-2].string, HOSTALIAS, yyvsp[0].member)) != NULL) {
1418 list_append(yyvsp[-2].member, yyvsp[0].member);
1419 yyval.member = yyvsp[-2].member;
1426 if ((s = alias_add(yyvsp[-2].string, CMNDALIAS, yyvsp[0].member)) != NULL) {
1435 list_append(yyvsp[-2].member, yyvsp[0].member);
1436 yyval.member = yyvsp[-2].member;
1443 if ((s = alias_add(yyvsp[-2].string, RUNASALIAS, yyvsp[0].member)) != NULL) {
1453 if ((s = alias_add(yyvsp[-2].string, USERALIAS, yyvsp[0].member)) != NULL) {
1462 list_append(yyvsp[-2].member, yyvsp[0].member);
1463 yyval.member = yyvsp[-2].member;
1469 yyval.member = yyvsp[0].member;
1470 yyval.member->negated = FALSE;
1476 yyval.member = yyvsp[0].member;
1477 yyval.member->negated = TRUE;
1483 yyval.member = new_member(yyvsp[0].string, ALIAS);
1489 yyval.member = new_member(NULL, ALL);
1495 yyval.member = new_member(yyvsp[0].string, NETGROUP);
1501 yyval.member = new_member(yyvsp[0].string, USERGROUP);
1507 yyval.member = new_member(yyvsp[0].string, WORD);
1513 list_append(yyvsp[-2].member, yyvsp[0].member);
1514 yyval.member = yyvsp[-2].member;
1520 yyval.member = yyvsp[0].member;
1521 yyval.member->negated = FALSE;
1527 yyval.member = yyvsp[0].member;
1528 yyval.member->negated = TRUE;
1534 yyval.member = new_member(yyvsp[0].string, ALIAS);
1540 yyval.member = new_member(NULL, ALL);
1546 yyval.member = new_member(yyvsp[0].string, WORD);
1549 #line 1498 "y.tab.c"
1555 if (yystate == 0 && yym == 0)
1559 printf("%sdebug: after reduction, shifting from state 0 to\
1560 state %d\n", YYPREFIX, YYFINAL);
1567 if ((yychar = yylex()) < 0) yychar = 0;
1572 if (yychar <= YYMAXTOKEN) yys = yyname[yychar];
1573 if (!yys) yys = "illegal-symbol";
1574 printf("%sdebug: state %d, reading %d (%s)\n",
1575 YYPREFIX, YYFINAL, yychar, yys);
1579 if (yychar == 0) goto yyaccept;
1582 if ((yyn = yygindex[yym]) && (yyn += yystate) >= 0 &&
1583 yyn <= YYTABLESIZE && yycheck[yyn] == yystate)
1584 yystate = yytable[yyn];
1586 yystate = yydgoto[yym];
1589 printf("%sdebug: after reduction, shifting from state %d \
1590 to state %d\n", YYPREFIX, *yyssp, yystate);
1592 if (yyssp >= yysslim && yygrowstack())
1600 yyerror("yacc stack overflow");
1606 yyss = yyssp = NULL;
1607 yyvs = yyvsp = NULL;
1615 yyss = yyssp = NULL;
1616 yyvs = yyvsp = NULL;