-2012-03-12 Todd C. Miller <Todd.Miller@courtesan.com>
+2012-05-15 Todd C. Miller <Todd.Miller@courtesan.com>
- * .hgtags:
- Added tag SUDO_1_8_4p4 for changeset 11a942f61d47
- [4a20e5e9af5d] [tip] <1.8>
+ * INSTALL:
+ Fix capitalization
+ [7258aa977caf]
+
+ * mkpkg:
+ Build PIE executable on Mac OS X 10.5 and above.
+ [2a5c7ef92182]
+
+2012-05-14 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * NEWS:
+ Update for sudo 1.8.4p5
+ [21164f508b68]
+
+ * plugins/sudoers/match_addr.c:
+ Add missing break between AF_INET and AF_INET6 in
+ addr_matches_if_netmask()
+ [672a4793931a]
+
+ * plugins/sudoers/mon_systrace.c:
+ Move systrace monitor code to the attic
+ [d6faf4754e9c]
+
+2012-05-11 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * src/exec.c:
+ The pointer to the siginfo_t struct in a signal handler may be NULL.
+ [41a4ee934b53]
+
+2012-05-10 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * plugins/sudoers/pwutil.c:
+ Fix an alignment problem on NetBSD systems with a 64-bit time_t and
+ strict alignment. Based on a patch from Martin Husemann.
+ [1e5ba3c18f17]
+
+ * include/missing.h:
+ Add offsetof macro for those without it.
+ [e44cb51d2587]
+
+ * MANIFEST:
+ add system_group plugin
+ [6169793b510c]
+
+2012-05-09 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * compat/dlopen.c:
+ Implement RTLD_NEXT and fix RTLD_DEFAULT for HP-UX.
+ [85bd03bc5d94]
+
+2012-05-08 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * NEWS:
+ Mention system_group plugin
+ [05393dd4bdb8]
+
+ * Makefile.in, plugins/sudoers/Makefile.in,
+ plugins/system_group/Makefile.in:
+ update depends
+ [6feb0b824fc4]
+
+ * plugins/system_group/system_group.c:
+ Only call gr_delref() when use sudo's password caching functions.
+ [1103442e21fa]
+
+ * plugins/sample_group/Makefile.in, plugins/system_group/Makefile.in:
+ Add missing dependency on libreplace.la
+ [05bfd9d4657f]
+
+ * compat/dlopen.c:
+ Emulate RTLD_DEFAULT and RTLD_SELF w/ shl_findsym() using NULL and
+ PROG_HANDLE.
+ [2382d0693acc]
+
+ * Makefile.in, configure, configure.in,
+ plugins/system_group/Makefile.in,
+ plugins/system_group/system_group.c,
+ plugins/system_group/system_group.sym:
+ Add group plugin that does lookups by name using the system group
+ database.
+ [2ddbb604112f]
+
+ * plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po, src/po/pl.mo,
+ src/po/pl.po:
+ sync with translationproject.org
+ [4ef05df4226d]
+
+2012-05-03 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
+ plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
+ plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po,
+ plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
+ plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po,
+ src/po/de.mo, src/po/de.po, src/po/eo.mo, src/po/eo.po,
+ src/po/fi.mo, src/po/fi.po, src/po/ja.mo, src/po/ja.po,
+ src/po/ru.mo, src/po/ru.po, src/po/sr.mo, src/po/sr.po,
+ src/po/uk.mo, src/po/uk.po, src/po/vi.mo, src/po/vi.po,
+ src/po/zh_CN.mo, src/po/zh_CN.po:
+ sync with translationproject.org
+ [115c3f828fc5]
+
+2012-05-01 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * sudo.pp:
+ Add mode for docdir and use '-' (default) for localedir mode. Fixes
+ a problem on Linux when building in a directory with the setgid bit
+ set.
+ [582279c8bcb1]
+
+2012-04-30 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * pp:
+ Match CentOS 6.0
+ [1e99ef210f98]
+
+2012-04-24 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * NEWS:
+ Update with recent changes
+ [c5fc220ba696]
+
+ * pp:
+ Fix version check on AIX
+ [d272e39112f4]
+
+ * plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
+ regen
+ [72b23509465a]
+
+ * plugins/sudoers/ldap.c:
+ Need to call ldapssl_clientauth_init() for start_tls on Mozilla LDAP
+ SDK.
+ [87b685e70b9a]
+
+ * plugins/sudoers/ldap.c:
+ Fix printing of invalid uri
+ [645aa53acdde]
+
+ * plugins/sudoers/auth/pam.c:
+ Pass PAM_SILENT when deleting creds to remove an annoying warning
+ message on Solaris.
+ [1dd0301ef293]
+
+2012-04-23 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * src/utmp.c:
+ Fix the setutxent and endutxent compatibility defines (this time
+ correctly) when only setutent and endutent are available.
+ [d136d2867db9]
+
+ * plugins/sudoers/ldap.c:
+ sudo_ldap_set_options_global() should not take an LDAP handle as an
+ argument since the options affect the global settings.
+ [1dc39b9d20f2]
+
+ * mkpkg:
+ Debian sudo has not been built with --with-exempt=sudo since 1.6.8.
+ [c7716291a856]
+
+ * doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod,
+ plugins/sudoers/auth/pam.c, src/exec.c, src/exec_pty.c, src/sudo.c,
+ src/sudo.h:
+ Call the policy's init_session() function before we fork the child.
+ That way, the session is created and destroyed in the same process,
+ which is needed by some modules, such as pam_mount.
+ [ece552ba002e]
+
+ * doc/TROUBLESHOOTING:
+ Add entry for SSL LDAP errors on Mozilla SDKs when the cert dir is
+ not specified.
+ [bd293e100b28]
+
+ * plugins/sudoers/auth/pam.c:
+ Delete creds after closing the PAM session.
+ [5158d726d6a5]
+
+ * plugins/sudoers/ldap.c:
+ Provide a more useful error message if using a Mozilla-style LDAP
+ SDK and you forgot to specify TLS_CERT in ldap.conf.
+ [7cb78feb899c]
+
+ * src/exec_pty.c:
+ Add missing initialization of a sigaction structure when I/O
+ logging. Fixes a potential problem when suspending the command.
+ [f4480f2ba816]
+
+ * plugins/sudoers/ldap.c:
+ Split global and per-connection LDAP options into separate arrays.
+ Set global LDAP options before calling ldap_initialize() or
+ ldap_init(). After we have an LDAP handle, set the per-connection
+ options. Fixes a problem with OpenLDAP using the nss crypto backend;
+ bug #342
+ [265c9d2dc12b]
+
+ * plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po,
+ plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
+ plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
+ plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
+ plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po,
+ src/po/de.mo, src/po/de.po, src/po/hr.mo, src/po/hr.po,
+ src/po/vi.mo, src/po/vi.po, src/po/zh_CN.mo, src/po/zh_CN.po:
+ sync with translationproject.org
+ [6d7fe44be21e]
+
+2012-04-21 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * src/sudo.c, src/sudo.h:
+ Move struct passwd pointer into struct command details.
+ [d6fb1eff2065]
+
+2012-04-20 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * pp:
+ Sync with upstream for Mac OS X (and other) fixes.
+ [c2f4998d01b0]
+
+ * mkpkg:
+ Only built Mac intel universal binary on an intel machine.
+ [0009e0b7e5a8]
+
+ * src/Makefile.in:
+ Do not pass libtool the -static-libtool-libs option when building
+ sudo and sesh. Otherwise, libtool may prefer a static version of an
+ installed library over a dynamic one when linking.
+ [6fbac9adc885]
+
+2012-04-19 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * MANIFEST, NEWS, doc/CONTRIBUTORS, plugins/sudoers/po/hr.mo,
+ plugins/sudoers/po/hr.po, src/po/de.mo, src/po/de.po:
+ Add German translation for sudo Add Croatian translation for sudoers
+ [fa4da1a6530c]
+
+ * plugins/sudoers/iolog.c:
+ typo fix in comment
+ [abd721d1288e]
+
+2012-04-16 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * NEWS:
+ Update with recent changes
+ [6fa11e8448b9]
+
+ * Makefile.in, plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
+ Sort xgettext output by file name.
+ [f650841810f0]
+
+ * doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/sudoreplay.pod:
+ Clarify what "sudoreplay -l" displays and mention that it is sorted.
+ [84031c117bd6]
+
+ * config.h.in, configure, configure.in, src/ttyname.c:
+ Use AC_HEADER_MAJOR to determine where major/minor are defined.
+ [3c949650a223]
+
+ * config.h.in, configure, configure.in, src/ttyname.c:
+ Include sys/mkdev.h if present instead of sys/sysmacros.h for
+ minor(). This is needed on Solaris (at least) where the makedev
+ macros in sysmacros.h are obsolete and library functions should be
+ used instead.
+ [343928acf81e]
+
+ * mkpkg:
+ When building on Mac OS X, only set SDK_FLAGS if specified osversion
+ doesn't match host.
+ [d84c6efac872]
+
+2012-04-15 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * src/ttyname.c:
+ Add back buf and tty variables for _ttyname() case that were
+ inadvertantly removed.
+ [a4a820b22a44]
+
+2012-04-13 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * plugins/sudoers/po/sudoers.pot:
+ regen
+ [5446b12c1250]
+
+ * configure, configure.in:
+ Remove b8 from version number.
+ [5adc4dcec061]
+
+ * src/ttyname.c:
+ remove some XXX
+ [187579a5f593]
+
+ * src/ttyname.c:
+ When looking for a device match, do a breadth-first search instead
+ of depth-first. We already special case /dev/pts/ so chances are
+ good that if it is not a pseudo-tty it is in the base of /dev/. Also
+ avoid a stat(2) when possible if struct dirent has d_type.
+ [0183f8a1b278]
+
+ * doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod,
+ src/sudo.c, src/sudo.h:
+ Pass pid, ppid, sid, pgid and tcpgid to plugin in user_info list.
+ [f0574d878491]
+
+ * src/po/eo.mo, src/po/es.mo, src/po/es.po, src/po/fi.mo,
+ src/po/ja.mo, src/po/pl.mo, src/po/ru.mo, src/po/uk.mo,
+ src/po/vi.mo:
+ sync with translationproject.org
+ [4527ea78fbd5]
+
+ * MANIFEST, NEWS, doc/CONTRIBUTORS, src/po/gl.mo, src/po/gl.po,
+ src/po/hr.mo, src/po/hr.po:
+ New Croatian and Galician translations from translationproject.org
+ [ad4bd924b4de]
+
+ * src/ttyname.c:
+ Add depth-first traversal of /dev/ for the /proc case when not
+ /dev/pts/N
+ [499bd3456774]
+
+ * config.h.in, configure, configure.in, plugins/sudoers/sudoreplay.c:
+ If struct dirent has d_type, use it to avoid an extra stat().
+ [741dabbe4bcd]
+
+ * plugins/sudoers/sudoreplay.c:
+ Sort output of "sudoreplay -l"
+ [c0615795bd4b]
+
+2012-04-12 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * plugins/sudoers/sudoreplay.c:
+ Fix duplicate free introduced in last rev
+ [efdaabe69d75]
+
+2012-04-11 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * plugins/sudoers/auth/pam.c:
+ Instead of treating ^C from tgetpass() specially, always return
+ AUTH_INTR if tgetpass() returned NULL. Treat PAM_AUTHINFO_UNAVAIL
+ like PAM_AUTH_ERR which Mac OS X returns this when there is no tty.
+ [a3b17298d4d0]
+
+ * config.h.in, configure, configure.in, src/ttyname.c:
+ Rototill code to determine the tty. For Linux, we now look up the
+ tty device in /proc/pid/stat instead of trying to open
+ /proc/pid/fd/[0-2]. The sudo_ttyname_dev() function maps the given
+ device number to a string. On BSD, we can use devname(). On
+ Solaris, _ttyname_dev() does what we want. TODO: write /dev/
+ traversal code for the generic sudo_ttyname_dev().
+ [6b22be4d09f0]
+
+2012-04-10 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * src/ttyname.c:
+ Define PRNODEV for those w/o it.
+ [f17290e64559]
+
+ * config.h.in, configure, configure.in, src/ttyname.c:
+ Check for SVR4-style struct psinfo.pr_ttydev and use that to
+ determine the tty if std{in,out,err} are not ttys.
+ [76ad33a91f4b]
+
+ * src/ttyname.c:
+ Better support for SVR4-style /proc entries where we can't use
+ ttyname() on the /proc/pid/fd/[0-2] entries. We can, however,
+ attempt to map the device number back to the correct pseudo-tty
+ slave device.
+ [4f9f48cc79eb]
+
+ * src/ttyname.c:
+ When trying to determine the tty name, check parent's stderr in
+ addition to its stdin and stdout.
+ [604644056c7d]
+
+ * src/exec_pty.c:
+ Treat a tty read failure like EOF as it usually means the pty has
+ gone away. Handle write() on the tty returning EIO.
+ [16957f4a706f]
+
+ * src/exec.c, src/exec_pty.c:
+ Linux select() may return ENOMEM if there is a kernel resource
+ shortage. Older Solaris select() may return EIO instead of EBADF
+ when the tty goes away. If we get an unhandled select() failure,
+ kill the child and exit cleanly.
+ [d93940a311ab]
+
+ * src/ttyname.c:
+ Open /proc/pid/fd/[0-2] in non-blocking mode just in case we might
+ block in open.
+ [a9f809d09d52]
+
+2012-04-09 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * plugins/sudoers/set_perms.c:
+ Fix restoration of AIX permissions.
+ [30c717115988]
+
+ * src/parse_args.c:
+ Allow the -k flag to be used along with the -i and -s flags.
+ [0653b17c97f1]
+
+ * plugins/sudoers/sudoreplay.c:
+ Plug memory leak in parse_logfile() in the error path.
+ [9cce86fa833b]
+
+ * plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po,
+ src/po/da.mo, src/po/da.po, src/po/eo.po, src/po/es.po,
+ src/po/fi.po, src/po/it.mo, src/po/it.po, src/po/ja.po,
+ src/po/pl.po, src/po/ru.po, src/po/uk.po, src/po/vi.po,
+ src/po/zh_CN.mo, src/po/zh_CN.po:
+ sync with translationproject.org
+ [14af43d0b170]
+
+2012-04-08 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * compat/regress/glob/globtest.c, config.h.in, configure,
+ configure.in, plugins/sudoers/match.c:
+ Do not use GLOB_BRACE or GLOB_TILDE flags to glob()--we want the
+ glob() and fnmatch() results to be consistent.
+ [4226750d73c2]
+
+2012-04-06 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * MANIFEST, common/Makefile.in, common/ttysize.c, src/Makefile.in,
+ src/ttysize.c:
+ Move ttysize.c to common so sudoreplay can use it.
+ [b4a0aa514cd4]
+
+ * plugins/sudoers/sudoreplay.c:
+ If I/O log file includes rows + cols, warn if the user's tty is not
+ big enough.
+ [b980ef89efff]
+
+ * plugins/sudoers/sudoreplay.c:
+ Fix printing of TSID in "sudoreplay -l"
+ [4221e3e108b4]
+
+ * common/sudo_debug.c, include/sudo_debug.h,
+ plugins/sudoers/logging.c, plugins/sudoers/visudo.c, src/exec.c,
+ src/exec_pty.c:
+ Log the process id in the debug file output. Since we don't want to
+ keep calling getpid(), stash the value at init time and when we
+ fork().
+ [2782d30c024d]
+
+ * src/exec_pty.c:
+ Ignore SIGTTIN and SIGTTOU in main sudo process when I/O logging. It
+ is better to receive EIO from read()/write() than to be suspended
+ when we don't expect it. Fixes a problem when our terminal is
+ revoked which can happen when, e.g. our sshd is killed
+ unceremoniously. Also, only change the value of "alive" from true to
+ false, never from false to true. It is possible for us to receive
+ notification of the child having stopped after it is already dead.
+ This does not mean it has risen from the grave.
+ [26c9fe8ce0f9]
+
+ * src/exec_pty.c:
+ Distinguish between signals we received from the parent vs. those
+ delivered explicitly to the monitor process in debugging info.
+ [40716cb180e5]
+
+2012-04-05 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * plugins/sudoers/check.c:
+ In Solaris 11, /dev/pts under the "dev" filesystem, not "devices".
+ Update tty_is_devpts() to match so we can determine when the tty has
+ been reused.
+ [2689665df027]
+
+ * common/sudo_debug.c, include/error.h, include/sudo_debug.h:
+ Always pass __func__, __FILE__ and __LINE__ in sudo_debug_printf()
+ and use a new flag, SUDO_DEBUG_FILENO to specify when to use it.
+ This allows consumers of sudo_debug_printf() to log that data
+ without having to specify it manually.
+ [7c94c4879208]
+
+ * src/exec_pty.c:
+ Make this compile after last change.
+ [ee09034f3266]
+
+ * src/exec_pty.c:
+ Don't try to restore the terminal if we are not the foreground
+ process. Otherwise, we may be stopped by SIGTTOU when we try to
+ update the terminal settings when cleaning up.
+ [c48b24335456]
+
+ * src/exec.c:
+ If select() return EBADF in the main event loop, one of the ttys
+ must have gone away so perform any I/O we can and close the bad fds.
+ [3bc8678c03ce]
+
+ * common/sudo_debug.c, include/error.h, include/sudo_debug.h,
+ plugins/sudoers/toke.c, plugins/sudoers/toke.h,
+ plugins/sudoers/toke.l:
+ Log warning() at SUDO_DEBUG_WARN not SUDO_DEBUG_ERROR. Log the
+ function, file and line number in the debug log for warning() and
+ error().
+ [894cd131f11d]
+
+2012-04-04 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * common/sudo_debug.c, include/error.h, include/sudo_debug.h,
+ src/conversation.c:
+ Add SUDO_DEBUG_ERRNO flag to debug functions so we can log errno.
+ Use this flag when wrapping error() and warning() so the debug
+ output includes the error string.
+ [1e2c67adaf1f]
+
+2012-03-30 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * NEWS:
+ Update for sudo 1.8.5
+ [7d2b62b823fe]
+
+ * plugins/sudoers/po/sudoers.pot:
+ regen
+ [718ad9de92cd]
+
+ * doc/CONTRIBUTORS:
+ sync
+ [f48013aea641]
+
+ * plugins/sudoers/pwutil.c:
+ Use ecalloc()
+ [fabd23c1f271]
+
+ * src/exec_pty.c:
+ Don't need zero_bytes() after ecalloc()
+ [1a9d95cd10ef]
+
+ * config.h.in, configure, configure.in, src/sudo_noexec.c:
+ Add execvpe(), exect(), posix_spawn() and posix_spawnp() wrappers to
+ sudo_noexec.c.
+ [cbaa1d4b0f8a]
+
+ * src/utmp.c:
+ Fix compat setutxent and endutxent macros for systems with
+ setutent() but not setutxent(). From Gustavo Zacarias
+ [d7ce622fc5f2]
+
+2012-03-29 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * configure.in:
+ Add ignore_result definition to AH_BOTTOM
+ [8d4096838a98]
+
+ * common/sudo_debug.c, config.h.in, plugins/sample/sample_plugin.c,
+ plugins/sudoers/iolog.c, plugins/sudoers/toke.c,
+ plugins/sudoers/toke.l, plugins/sudoers/visudo.c, src/env_hooks.c,
+ src/exec.c, src/exec_pty.c, src/tgetpass.c:
+ Fix compiler warnings on some platforms and provide a better method
+ of defeating gcc's warn_unused_result attribute.
+ [9a8f804fcc75]
+
+ * configure, configure.in:
+ Fix building the builtin zlib from a build dir. When a zlib dir was
+ specified, prepend its include path instead of appending so we get
+ the right zlib headers.
+ [5f61d591b186]
+
+ * doc/LICENSE, zlib/adler32.c, zlib/crc32.c, zlib/crc32.h,
+ zlib/deflate.c, zlib/deflate.h, zlib/gzguts.h, zlib/gzlib.c,
+ zlib/gzread.c, zlib/gzwrite.c, zlib/infback.c, zlib/inffixed.h,
+ zlib/inflate.c, zlib/inftrees.c, zlib/trees.c, zlib/zconf.h.in,
+ zlib/zlib.h, zlib/zutil.c, zlib/zutil.h:
+ Update zlib to version 1.2.6
+ [173c4bc4d4fc]
+
+2012-03-28 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * include/missing.h:
+ g/c __unused which is no longer used
+ [7ef3f23edcd6]
+
+ * src/env_hooks.c:
+ Fix compilation if RTLD_NEXT is not defined.
+ [d5605f468b71]
+
+ * src/po/sr.mo, src/po/sr.po:
+ sync with translationproject.org
+ [27d559f7985d]
+
+ * doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudoers.cat,
+ doc/sudoers.man.in:
+ regen
+ [f9f63ce478b6]
+
+ * plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
+ regen
+ [59035d82d15a]
+
+ * Makefile.in:
+ Ignore Project-Id-Version when comparing pot files.
+ [22feb9ede46b]
+
+ * plugins/sudoers/bsm_audit.c:
+ Use error() instead of log_fatal()
+ [54130bda4b50]
+
+ * plugins/sudoers/env.c:
+ Fix signedness of didvar in env_update_didvar()
+ [77048a80b3e4]
+
+ * plugins/sudoers/iolog.c:
+ Quiet a compiler warning on some platforms.
+ [8fdcaece0400]
+
+ * compat/fnmatch.c:
+ cast ctype(3) function/macro arguments from char to unsigned char to
+ avoid potential negative subscripting.
+ [bdcf7eef21ef]
+
+ * common/setgroups.c:
+ Quiet a warning on systems where the gids array in setgroups() is
+ not prototyped as being const, even though it really is.
+ [fdd758c6302d]
+
+ * src/env_hooks.c:
+ Quiet a compiler warning on systems where the argument to putenv(3)
+ is const.
+ [51bae2193b53]
+
+ * plugins/sudoers/sudoreplay.c:
+ Undo an incorrect int -> bool conversion.
+ [b9a4ce320f14]
+
+ * MANIFEST, NEWS, plugins/sudoers/po/sv.mo, plugins/sudoers/po/sv.po,
+ src/po/sv.mo, src/po/sv.po:
+ Add Swedish sudo and sudoers translations from
+ translationproject.org
+ [f7ce1de9073f]
+
+ * plugins/sudoers/env.c:
+ No need to preserve ODMDIR on AIX now that we always read
+ /etc/environment.
+ [4aa04b2f0125]
+
+2012-03-27 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * doc/sudoers.pod, plugins/sudoers/env.c:
+ When initializing the environment for env_reset, start out with the
+ contents of /etc/environment on AIX and login.conf on BSD.
+ [5717bdc321e2]
+
+ * doc/TROUBLESHOOTING, src/sudo.c:
+ If we are not running with an effective uid of 0, try to give the
+ user enough information to debug the problem.
+ [fa4894896d8a]
+
+ * plugins/sudoers/getdate.c, plugins/sudoers/gram.c:
+ Quiet a clang-analyzer false positive.
+ [c4c0c1b9c8b0]
+
+ * src/tgetpass.c:
+ If there is nothing to read from the askpass program, set errno to
+ EINTR. This makes the cancel button behave like the user entered ^C
+ at the password prompt when PAM is used.
+ [594302cb9caf]
+
+ * src/sudo.h, src/tgetpass.c:
+ Fetch the value of "askpass" from the sudo conf struct.
+ [4593ee8f1bd3]
+
+ * common/sudo_conf.c:
+ Fix matching of "Path askpass" and "Path noexec"
+ [4df28d62afb9]
+
+2012-03-26 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * plugins/sudoers/visudo.c:
+ Quiet a clang-analyzer dead store warning.
+ [dd90bf385a3f]
+
+ * plugins/sudoers/sudoers.c:
+ If the "timestampowner" user cannot be resolved, use ROOT_UID
+ instead of exiting with a fatal error.
+ [8d62aae99715]
+
+ * plugins/sudoers/auth/bsdauth.c, plugins/sudoers/auth/kerb5.c,
+ plugins/sudoers/auth/pam.c, plugins/sudoers/auth/sia.c,
+ plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/bsm_audit.c,
+ plugins/sudoers/check.c, plugins/sudoers/env.c,
+ plugins/sudoers/iolog.c, plugins/sudoers/logging.c,
+ plugins/sudoers/logging.h, plugins/sudoers/parse.c,
+ plugins/sudoers/set_perms.c, plugins/sudoers/sudoers.c:
+ Remove the NO_EXIT flag to log_error() and add a log_fatal()
+ function that exits and is marked no_return. Fixes false positives
+ from static analyzers and is easier for humans to read too.
+ [a0fe785c2a3d]
+
+2012-03-24 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po, src/po/eo.mo,
+ src/po/eo.po:
+ sync with translationproject.org
+ [df5e8777de13]
+
+2012-03-20 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * src/po/da.mo, src/po/da.po:
+ sync with translationproject.org
+ [629d99548b78]
+
+ * plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po:
+ sync with translationproject.org
+ [9d122a2860d6]
+
+2012-03-19 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * src/po/it.mo, src/po/it.po:
+ sync with translationproject.org
+ [6397593b15cf]
+
+ * common/sudo_conf.c, plugins/sudoers/alias.c,
+ plugins/sudoers/defaults.c, plugins/sudoers/env.c,
+ plugins/sudoers/gram.c, plugins/sudoers/gram.y,
+ plugins/sudoers/interfaces.c, plugins/sudoers/ldap.c,
+ plugins/sudoers/sudoers.c, plugins/sudoers/sudoreplay.c,
+ plugins/sudoers/visudo.c, src/exec.c, src/exec_pty.c, src/hooks.c,
+ src/load_plugins.c:
+ Use ecalloc() when allocating structs.
+ [8b5888868db2]
+
+ * common/alloc.c, include/alloc.h:
+ Add ecalloc() and commented out recalloc(). Use inline strnlen()
+ instead of strlen() in estrndup().
+ [7fb9aa46c1e0]
+
+2012-03-18 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
+ plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po,
+ plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
+ plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
+ plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po,
+ src/po/fi.mo, src/po/fi.po, src/po/ja.mo, src/po/ja.po,
+ src/po/pl.mo, src/po/pl.po, src/po/ru.mo, src/po/ru.po,
+ src/po/uk.mo, src/po/uk.po, src/po/vi.mo, src/po/vi.po,
+ src/po/zh_CN.mo, src/po/zh_CN.po:
+ sync with translationproject.org
+ [45a032c37334]
+
+2012-03-16 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * plugins/sudoers/set_perms.c:
+ Remove unused label
+ [2660bb0c1313]
+
+ * doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod:
+ Document what changed in each plugin API revision
+ [59b30a6fc4d1]
+
+ * plugins/sudoers/set_perms.c:
+ Remove bogus optimization that could lead to a double free of the
+ group list.
+ [b0bfbd2a83a8]
+
+2012-03-15 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * doc/TROUBLESHOOTING:
+ Expand AIX /etc/security/privcmds entry.
+ [9f3f072e034e]
+
+ * NEWS:
+ Update for sudo 1.8.5
+ [086049011f25]
+
+ * common/sudo_conf.c, doc/sample.sudo.conf, doc/sudo.cat,
+ doc/sudo.man.in, doc/sudo.pod, doc/sudo_plugin.cat,
+ doc/sudo_plugin.man.in, doc/sudo_plugin.pod, doc/sudoers.cat,
+ doc/sudoers.man.in, doc/sudoers.pod, include/sudo_conf.h,
+ include/sudo_plugin.h, src/load_plugins.c, src/sudo.c,
+ src/sudo_plugin_int.h:
+ Rename plugin "args" to "options"
+ [f25624951bd2]
+
+ * doc/CONTRIBUTORS:
+ Add Lithuanian and Vietnamese translators
+ [2b4c075b69e3]
+
+ * Makefile.in:
+ Ignore comments when comparing new and old pot files.
+ [f872999347b3]
- * NEWS, configure, configure.in:
- Update for sudo 1.8.4p4
- [11a942f61d47] [SUDO_1_8_4p4] <1.8>
+ * src/Makefile.in:
+ regen
+ [c8193b1b11c7]
+
+ * doc/sudo_plugin.cat, doc/sudo_plugin.man.in:
+ regen
+ [15e3c17e8a3a]
+
+ * doc/sudo_plugin.pod, include/sudo_plugin.h,
+ plugins/sudoers/auth/pam.c, plugins/sudoers/auth/sudo_auth.c,
+ plugins/sudoers/auth/sudo_auth.h, plugins/sudoers/env.c,
+ plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h, src/hooks.c,
+ src/sudo.c, src/sudo.h:
+ Pass a pointer to user_env in to the init_session policy plugin
+ function so session setup can modify the user environment as needed.
+ For PAM authentication, merge the PAM environment with the user
+ environment at init_session time. We no longer need to swap in the
+ user_env for environ during session init, nor do we need to disable
+ the env hooks at init_session time.
+ [3f5277b359d8]
+
+ * plugins/sample/sample_plugin.c:
+ Add explicit NULL entries for init_session, register_hooks and
+ deregister_hooks with appropriate comments.
+ [727a57978b40]
+
+ * compat/pw_dup.c:
+ Quiet a gcc "used uninitialized in this function" false positive.
+ [f14b68379ce9]
+
+ * plugins/sudoers/toke.c, plugins/sudoers/toke.l:
+ We should always call warning() with a format string or a string
+ literal. In this case, the argument (path) is not user-controlled.
+ [e9ef51224024]
+
+2012-03-14 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * src/selinux.c:
+ Include sudo_exec.h for the sudo_execve() prototype.
+ [769e58065edc]
+
+ * config.h.in, configure, configure.in:
+ Add check for pam_getenvlist()
+ [36bde3f26c60]
+
+ * common/sudo_conf.c:
+ Set args to NULL in default plugin info struct when there is no
+ Plugin line in sudo.conf.
+ [93ec67708f01]
+
+ * plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
+ regen
+ [a9287677795c]
+
+ * doc/sudo.cat, doc/sudo.man.in, doc/sudo_plugin.cat,
+ doc/sudo_plugin.man.in, doc/sudoers.cat, doc/sudoers.ldap.cat,
+ doc/sudoers.ldap.man.in, doc/sudoers.man.in, doc/sudoreplay.cat,
+ doc/sudoreplay.man.in, doc/visudo.cat, doc/visudo.man.in:
+ regen
+ [a242769d7962]
+
+ * configure, configure.in:
+ Bump version to 1.8.5
+ [e8618f0c2505]
+
+ * doc/sudo_plugin.pod:
+ Document hooks API
+ [e6ad07d27958]
+
+2012-03-13 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * sudo.pp:
+ Make sudoersdir relative to PKG_INSTALL_ROOT for Solaris.
+ [fd72340042d3]
+
+ * include/sudo_plugin.h:
+ Use sudo_hook_fn_t in struct sudo_hook.
+ [938f93112d6e]
+
+ * doc/TROUBLESHOOTING:
+ If cross compiling, --host must include the OS in the tuple. E.g.
+ --host powerpc-unknown-linux
+ [b8c010070c1e]
+
+2012-03-12 Todd C. Miller <Todd.Miller@courtesan.com>
* plugins/sudoers/parse.c:
Fix bogus int -> bool conversion; tags can have a value of -1.
- [85ec4ae84fcf] <1.8>
+ [e63d6434a303]
+
+ * plugins/sudoers/env.c:
+ Add env_should_keep() and env_should_delete() wrapper functions to
+ simplify things a bit and hide the fact that matches_env_check() is
+ not bool.
+ [7a03d7a12b50]
* sudo.pp:
Fix application of debian-specific sudoers mods when building
packages as non-root.
- [e3e7f75d718c] <1.8>
-
- * .hgtags:
- Added tag SUDO_1_8_4p3 for changeset 3093c8558862
- [b82d3b208a4d] <1.8>
-
- * NEWS, configure, configure.in:
- Update for sudo 1.8.4p3
- [3093c8558862] [SUDO_1_8_4p3] <1.8>
+ [34bf4c52c425]
* plugins/sudoers/env.c:
matches_env_check() returns int, not boolean
- [110f954181e1] <1.8>
+ [0ad915b8d5cb]
+
+ * src/sudo_edit.c:
+ Fix compilation when seteuid() is not available.
+ [8a722f998000]
* src/ttyname.c:
Simply move the free of ki_proc outside the realloc() loop.
- [18209f1ff9f7] <1.8>
+ [217b786da760]
* src/ttyname.c:
Bring back the erealloc() for the ENOMEM loop and just zero the
pointer after we free it.
- [83a1c1ec6b03] <1.8>
-
- * doc/visudo.cat, doc/visudo.man.in:
- regen
- [04ea41a8657c] <1.8>
+ [29a016e45127]
* src/ttyname.c:
Don't try to erealloc() a potentially freed pointer; Mateusz Guzik
- [cca8a33ed286] <1.8>
+ [266e08844065]
+
+2012-03-10 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * plugins/sudoers/set_perms.c:
+ Use normal error path if unable to set sudoers gid.
+ [01c816918c99]
+
+ * plugins/sudoers/set_perms.c:
+ Make this work again on systems w/o seteuid().
+ [2e67f7421e97]
2012-03-09 Todd C. Miller <Todd.Miller@courtesan.com>
+ * plugins/sudoers/set_perms.c:
+ Fix compilation if no seteuid/setreuid/setresuid available.
+ [d0b3c1f88eb4]
+
+ * plugins/sudoers/set_perms.c:
+ Better error messages, and added debugging throughout. Fixed
+ seteuid() version of set_perms()/restore_perms(). Fixed logic bug in
+ AIX version of restore_perms(). Added checks to avoid changing
+ uid/gid when we don't have to. Never set gid/uid state to -1, use
+ the old value instead.
+ [29188d469b5c]
+
* src/exec_pty.c, src/ttyname.c:
Fix format string warning on Solaris with gcc 3.4.3.
- [45322f41e677] <1.8>
+ [d1eeb6e1dd0f]
+
+ * src/sudo.c:
+ Always declare environ now that we swap it around unilaterally.
+ [aaa3e92e7d0d]
* src/Makefile.in:
Honor LDFLAGS when linking sesh; from Vita Cizek
- [349b3c929637] <1.8>
+ [498b41438f6e]
* src/sesh.c:
Include alloc.h for estrdup() prototype; from Vita Cizek
- [f5ed422a6553] <1.8>
+ [93203655a320]
2012-03-08 Todd C. Miller <Todd.Miller@courtesan.com>
+ * plugins/sudoers/sudoers.c:
+ Don't read /etc/environment on Linux when using PAM, PAM should set
+ the environment variables as needed via pam_env.
+ [b1ef62cb2d40]
+
* INSTALL:
Fix editor goof.
- [574f0b17a91f] <1.8>
+ [0c3dd3bb8b57]
+
+ * src/hooks.c, src/sudo.c, src/sudo.h:
+ Disable environment hooks after we get user_env back to make sure a
+ plugin can't to modify user_env after we "own" it. This is kind of
+ a hack but we don't want the init_session plugin function to modify
+ user_env.
+ [8e6d119452a5]
+
+ * src/hooks.c, src/sudo.c:
+ Add support for deregistering hooks. If an I/O log plugin fails to
+ initialize, deregister its hooks (if any).
+ [ac00c93900c5]
+
+2012-03-07 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * plugins/sudoers/sudoers.c, src/sudo.c:
+ Move LOGIN_PATH and LOGIN_SETENV handling to plugin now that we hook
+ setenv.
+ [e75469dd9908]
+
+ * MANIFEST, aclocal.m4, common/sudo_debug.c, compat/Makefile.in,
+ compat/setenv.c, compat/unsetenv.c, config.h.in, configure,
+ configure.in, include/sudo_debug.h, include/sudo_plugin.h, mkdep.pl,
+ plugins/sudoers/auth/aix_auth.c, plugins/sudoers/env.c,
+ plugins/sudoers/ldap.c, plugins/sudoers/sudoers.c,
+ plugins/sudoers/sudoers.h, src/Makefile.in, src/env_hooks.c,
+ src/hooks.c, src/load_plugins.c, src/sudo.c, src/sudo.h,
+ src/sudo_plugin_int.h:
+ Initial cut at a hooks implementation. The plugin can register
+ hooks for getenv, putenv, setenv and unsetenv. This makes it
+ possible for the plugin to trap changes to the environment made by
+ authentication methods such as PAM or BSD auth so that such changes
+ are reflected in the environment passed back to sudo for execve().
+ [61cffa06f863]
+
+2012-03-05 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * MANIFEST, src/po/vi.mo, src/po/vi.po:
+ Add Vietnamese sudo translation from translationproject.org
+ [96df426790d5]
+
+2012-03-02 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * doc/sample.sudo.conf, doc/sudo.pod, doc/sudo_plugin.pod,
+ doc/sudoers.pod:
+ List sudo_noexec.so not noexec.so in the sample sudo.conf
+ [53844e190ec5]
+
+ * common/sudo_conf.c, doc/sample.sudo.conf, doc/sudo.pod,
+ doc/sudo_plugin.pod, doc/sudoers.pod, include/sudo_conf.h,
+ include/sudo_plugin.h, plugins/sample/sample_plugin.c,
+ plugins/sudoers/iolog.c, plugins/sudoers/sudoers.c,
+ plugins/sudoers/toke.l, src/load_plugins.c, src/sudo.c,
+ src/sudo_plugin_int.h:
+ Add support for plugin args at the end of a Plugin line in
+ sudo.conf. Bump the minor number accordingly and update the
+ documentation. A plugin must check the sudo front end's version
+ before using the plugin_args parameter since it is only supported
+ for API version 1.2 and higher.
+ [587f1f819536]
2012-03-01 Todd C. Miller <Todd.Miller@courtesan.com>
+ * plugins/sudoers/Makefile.in:
+ update depends
+ [6d2da44e11e5]
+
+ * MANIFEST:
+ secure_path.c is in common, not compat
+ [619c4a663dde]
+
* configure, configure.in:
Add check for variadic macro support in cpp.
- [1ce59ac2e4f9] <1.8>
+ [756854caf675]
+
+2012-02-29 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * common/secure_path.c, common/sudo_conf.c, include/secure_path.h,
+ plugins/sudoers/gram.c, plugins/sudoers/gram.y,
+ plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
+ plugins/sudoers/toke.c, plugins/sudoers/toke.l:
+ Add type param to sudo_secure_path() and add sudo_secure_file() and
+ sudo_secure_dir() wrappers which get by #includedir in sudoers.
+ [2ec2d3d8df04]
2012-02-28 Todd C. Miller <Todd.Miller@courtesan.com>
specified. Previously, the owner and mode were checked on the main
sudoers file when the -s (strict) option was given, but this was not
documented.
- [dff2805fc49e] <1.8>
+ [b2d6ee1e547a]
* config.h.in, configure, configure.in, src/ttyname.c:
Prefer KERN_PROC2 over KERN_PROC. Fixes compilation on some
versions of OpenBSD versions that have KERN_PROC2 but not KERN_PROC.
- [dceb6078cda5] <1.8>
+ [159f6a50456a]
2012-02-27 Todd C. Miller <Todd.Miller@courtesan.com>
- * .hgtags:
- Added tag SUDO_1_8_4p2 for changeset db564e1c02cf
- [52638c160a4b] <1.8>
-
- * NEWS, configure, configure.in:
- bump version to 1.8.4p2
- [db564e1c02cf] [SUDO_1_8_4p2] <1.8>
+ * doc/CONTRIBUTORS:
+ Add Eric Lakin for patch in bug #538
+ [490c29c234c6]
* src/exec_pty.c:
Fix typo in safe_close() made while converting to debug framework
that prevented it from actually closing anything.
- [833a8ce346d2] <1.8>
+ [a66422a62afd]
+
+ * src/exec_pty.c:
+ Add some more debugging.
+ [b5667947dda9]
* common/Makefile.in, compat/Makefile.in, doc/Makefile.in,
include/Makefile.in:
We need sysconfdir in compat/Makfile to get the proper sudo.conf
path. Add standard prefix and foodir expansion in all Makefiles to
avoid this problem in the future.
- [ce1caa89c24d] <1.8>
+ [62b6ce4ecae9]
+
+2012-02-25 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * MANIFEST, plugins/sudoers/po/lt.mo, plugins/sudoers/po/lt.po:
+ New Lithuanian sudoers translation from translationproject.org
+ [10436b649035]
+
+ * plugins/sudoers/po/ja.po:
+ Update from translationproject.org
+ [acb8db5f8ef1]
2012-02-24 Todd C. Miller <Todd.Miller@courtesan.com>
When adding gids to the LDAP filter, only add the primary gid once.
This is consistent with the space computation/allocation. From Eric
Lakin
- [229db740f035] <1.8>
+ [35d9d99c92c6]
* doc/TROUBLESHOOTING:
Add entry for AIX enhanced RBAC config.
- [24f1e176e398] <1.8>
+ [5e10b6f8def7]
* mkpkg:
Target Mac OS X 10.5 when building packages.
- [7b296251013d] <1.8>
+ [06fce9bbebee]
-2012-02-21 Todd C. Miller <Todd.Miller@courtesan.com>
+2012-02-22 Todd C. Miller <Todd.Miller@courtesan.com>
- * .hgtags:
- Added tag SUDO_1_8_4p1 for changeset aeb6b9701150
- [26bc7af7c304] <1.8>
-
- * NEWS:
- List 1.8.4p1
- [aeb6b9701150] [SUDO_1_8_4p1] <1.8>
+ * MANIFEST, common/Makefile.in, common/secure_path.c,
+ common/sudo_conf.c, include/secure_path.h,
+ plugins/sudoers/Makefile.in, plugins/sudoers/sudoers.c:
+ Relax the user/group/mode checks on sudoers files. As long as the
+ file is owned by the right user, not world-writable and not writable
+ by a group other than the one specified at configure time (gid 0 by
+ default), the file is considered OK. Note that visudo will still
+ set the mode to the value specified at configure time.
+ [241174babfcc]
- * configure, configure.in:
- bump version to 1.8.4p1
- [2c7edc0bf0b7] <1.8>
-
- * Fix the description of noexec.
- [b5baebe2f820] <1.8>
+2012-02-21 Todd C. Miller <Todd.Miller@courtesan.com>
- * The "op" parameter to set_default() must be int, not bool since it
+ * plugins/sudoers/set_perms.c:
+ Add AIX-specific version of permission setting code to make sure
+ that the saved uid gets restored properly.
+ [9a6f5d22c301]
+
+ * config.h.in, configure, configure.in, src/exec_common.c:
+ Check for LD_PRELOAD variants in configure instead of checkign cpp
+ symbols. In disable_execute(), compute the length of the new envp
+ and allocate it once instead of reallocating on demand. Also append
+ old value of LD_PRELOAD (if any) to the new value.
+ [680266346917]
+
+ * plugins/sudoers/def_data.c, plugins/sudoers/def_data.in:
+ Fix the description of noexec.
+ [6a6d142f3c80]
+
+ * plugins/sudoers/defaults.c, plugins/sudoers/defaults.h:
+ The "op" parameter to set_default() must be int, not bool since it
is set to '+' or '-' for list add and subtract.
- [b6bf0980fb08] <1.8>
+ [8da5b137bea2]
- * Make sure sudoers is writable before calling ed script.
- [97e0078b19ae] <1.8>
+ * sudo.pp:
+ Make sure sudoers is writable before calling ed script.
+ [95352ab6336b]
2012-02-17 Todd C. Miller <Todd.Miller@courtesan.com>
- * .hgtags:
- Added tag SUDO_1_8_4 for changeset 7b0b7dfc84c7
- [18d646360da5] <1.8>
-
- * Update contributors. Now includes translators and authors of compat
+ * doc/CONTRIBUTORS, doc/contributors.pod:
+ Update contributors. Now includes translators and authors of compat
code.
- [7b0b7dfc84c7] [SUDO_1_8_4] <1.8>
+ [4fb5b616b50a]
2012-02-16 Todd C. Miller <Todd.Miller@courtesan.com>
* src/po/sudo.pot:
regen
- [fda54a3b1cd1] <1.8>
+ [2c86e2c328fe]
- * Build flat packages, not package bundles, on Mac OS X.
- [2f6f0704a09e] <1.8>
+ * pp, sudo.pp:
+ Build flat packages, not package bundles, on Mac OS X.
+ [57bda3cd5520]
2012-02-10 Todd C. Miller <Todd.Miller@courtesan.com>
- * Sync with translationproject.org
- [77a0b5480ae5] <1.8>
+ * sudo.pp:
+ Move macos section to be with the other OS-specific sections.
+ [51423bb2973a]
+
+ * plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
+ plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po:
+ Sync with translationproject.org
+ [8ce41cbb8da0]
* configure, configure.in:
Don't permanently add -D_FORTIFY_SOURCE=2 to CPPFLAGS
- [6588fc4a55a1] <1.8>
+ [fa979aa6fe7d]
* sudo.pp:
- Move macos section to be with the other OS-specific sections.
- [c3cc794fd586] <1.8>
-
- * Add Mac OS X support, printing the latest chunk of the NEWS file and
+ Add Mac OS X support, printing the latest chunk of the NEWS file and
the license text in the installer.
- [905d8fab423f] <1.8>
+ [ffeab72387c0]
- * Add explicit file modes that match those used by "make install"
- [7e1eb99baf92] <1.8>
+ * sudo.pp:
+ Add explicit file modes that match those used by "make install"
+ [7eb37242c920]
- * Sync with upstream for Mac OS X fixes.
- [90cec33d1108] <1.8>
+ * pp:
+ Sync with upstream for Mac OS X fixes.
+ [97cba179041e]
- * Got back to using "install-sh -M" for files installed as non-
+ * plugins/sudoers/Makefile.in, src/Makefile.in:
+ Got back to using "install-sh -M" for files installed as non-
readable by owner. This fixes "make install" as non-root for
package building.
- [9e1e87961712] <1.8>
+ [967804ee77d6]
2012-02-09 Todd C. Miller <Todd.Miller@courtesan.com>
- * Sync with translationproject.org
- [0c835326e22c] <1.8>
+ * plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po,
+ plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
+ plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
+ plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
+ plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po:
+ Sync with translationproject.org
+ [0e53db12039a]
- * Makefile.in:
+ * Makefile.in, doc/Makefile.in, include/Makefile.in,
+ plugins/sample/Makefile.in, plugins/sample_group/Makefile.in,
+ plugins/sudoers/Makefile.in, src/Makefile.in:
Use -m not -M for install-sh for everything except setuid. Install
locale .mo files mode 0444, not 0644. If timedir parent doesn't
exist, use default dir mode, not 0700.
- [451576bb0772] <1.8>
+ [8b6f64c92090]
2012-02-07 Todd C. Miller <Todd.Miller@courtesan.com>
- * Re-sync with upstream; no longer need a local patch.
- [342d3dceba65] <1.8>
+ * pp:
+ Re-sync with upstream; no longer need a local patch.
+ [97a2c7be5e59]
- * Add support for building Mac OS X packages.
- [e047b6fbba17] <1.8>
+ * mkpkg:
+ Add support for building Mac OS X packages.
+ [94d49ac223a4]
- * Sync with upstream
- [20cc2ff83ee3] <1.8>
+ * pp:
+ Sync with upstream
+ [1c97654fc841]
- * No longer need to define _PATH_SUDO_CONF here.
- [7da6e017c6d0] <1.8>
+ * src/Makefile.in:
+ No longer need to define _PATH_SUDO_CONF here.
+ [2560905b7482]
- * Fix noexec for Mac OS X.
- [71b8ee9eea74] <1.8>
+ * src/exec_common.c:
+ Fix noexec for Mac OS X.
+ [b7a744bca2c0]
2012-02-06 Todd C. Miller <Todd.Miller@courtesan.com>
- * Move _PATH_SUDO_CONF override to common to match sudo_conf.c
- [639fe46fc8c0] <1.8>
-
- * plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
- fix version in .pot files
- [37dbb6f99fc9] <1.8>
+ * common/Makefile.in:
+ Move _PATH_SUDO_CONF override to common to match sudo_debug.c
+ [f0788972a63a]
- * More complete fix for LDR_PRELOAD on AIX. The addition of
+ * plugins/sudoers/set_perms.c:
+ More complete fix for LDR_PRELOAD on AIX. The addition of
set_perm(PERM_ROOT) before calling the nss open functions (needed to
avoid a GNU TLS bug) also broke LDR_PRELOAD. Setting the effective
and then real uid to 0 for PERM_ROOT works around the issue.
- [5d52d2565dca] <1.8>
+ [5888eda051af]
* plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
regen
- [98e788019e50] <1.8>
+ [997fe403e219]
- * Set real uid to root before calling sudo_edit() or run_command() so
+ * src/sudo.c:
+ Set real uid to root before calling sudo_edit() or run_command() so
that the monitor process is owned by root and not by the user.
Otherwise, on AIX at least, the monitor process shows up in ps as
belonging to the user (and can be killed by the user).
- [de4d852fef96] <1.8>
+ [d4772d7d2fc5]
- * For PERM_ROOT when using setreuid(), only set the euid to 0 prior to
+ * plugins/sudoers/set_perms.c:
+ For PERM_ROOT when using setreuid(), only set the euid to 0 prior to
the call to setuid(0) if the current euid is non-zero. This
effectively restores the state of things prior to rev 7bfeb629fccb.
Fixes a problem on AIX where LDR_PRELOAD was not being honored for
the command being executed.
- [be1222842fc1] <1.8>
+ [b9b40325b4dc]
- * configure, configure.in:
+ * MANIFEST, compat/pw_dup.c, config.h.in, configure, configure.in,
+ include/missing.h, src/sudo.c:
Make a copy of the struct passwd in exec_setup() to make sure
nothing in the policy init modifies it.
- [5cbbbfffd1dc] <1.8>
+ [b721261c921f]
2012-02-05 Todd C. Miller <Todd.Miller@courtesan.com>
- * doc/sudo.cat, doc/sudo.man.in, doc/sudoers.cat, doc/sudoers.man.in:
- regen
- [b67fc8934d2e] <1.8>
-
- * update copyright
- [df51e0f417de] <1.8>
+ * doc/sudoers.pod:
+ update copyright
+ [f9d229d1f65e]
- * g/c now-unused debug subsystems
- [888961d378f3] <1.8>
+ * common/sudo_debug.c, include/sudo_debug.h:
+ g/c now-unused debug subsystems
+ [8f21726e698f]
- * Enumerate the debug subsystems used by sudo and sudoers.
- [5418d7dd8ef4] <1.8>
+ * doc/sudo.pod, doc/sudoers.pod:
+ Enumerate the debug subsystems used by sudo and sudoers.
+ [ac4f84293d14]
2012-02-03 Todd C. Miller <Todd.Miller@courtesan.com>
- * NEWS, doc/sudo.cat, doc/sudo.man.in:
+ * NEWS, common/sudo_conf.c, doc/sample.sudo.conf, doc/sudo.pod,
+ include/sudo_conf.h, src/sudo.c:
Normally, sudo disables core dumps while it is running. This
behavior can now be modified at run time with a line in sudo.conf
like "Set disable_coredumps false"
- [ad21e940c5c2] <1.8>
+ [ad14e0508b0d]
* NEWS:
Mention Spanish translation
- [bef71da9a4c2] <1.8>
+ [600f3205bd6e]
- * Make sure we don't try to fall back to using the conversation
+ * common/sudo_debug.c:
+ Make sure we don't try to fall back to using the conversation
function for debugging in the main sudo process if we are unable to
open the debug file.
- [1f0e6451c85c] <1.8>
+ [ffa329aa908c]
- * Add sudo Spanish translation from translationproject.org
- [2f71e4ecc6f9] <1.8>
+ * MANIFEST, src/po/es.mo, src/po/es.po:
+ Add sudo Spanish translation from translationproject.org
+ [c1906654e740]
- * Better debug subsystem usage
- [b313903c1fe4] <1.8>
+2012-02-02 Todd C. Miller <Todd.Miller@courtesan.com>
- * Remove duplicate function prototypes
- [60860ae4d303] <1.8>
+ * plugins/sudoers/iolog.c:
+ Better debug subsystem usage
+ [1a31f115743c]
+
+ * src/sudo.c:
+ Remove duplicate function prototypes
+ [ae04b00532eb]
2012-02-01 Todd C. Miller <Todd.Miller@courtesan.com>
Error out if user specified --with-pam but we can't find the headers
or library. Also throw an error if the headers are present but the
library is not and vice versa.
- [445de14974ff] <1.8>
+ [d6bf3e3d0aae]
2012-01-31 Todd C. Miller <Todd.Miller@courtesan.com>
- * Fix the sudoers permission check when the expected sudoers mode is
+ * plugins/sudoers/sudoers.c:
+ Fix the sudoers permission check when the expected sudoers mode is
owner-writable.
- [ee1104bb2142] <1.8>
+ [8b0b7e770a22]
2012-01-30 Todd C. Miller <Todd.Miller@courtesan.com>
* configure, configure.in:
Verify that we can link executables built with -D_FORTIFY_SOURCE
before using it.
- [4dee7e2b5795] <1.8>
+ [7578215d1a95]
- * Fix potential off-by-one when making a copy of the environment for
+ * src/exec_common.c:
+ Fix potential off-by-one when making a copy of the environment for
LD_PRELOAD insertion. Fixes bug #534
- [3ddcf9a4de63] <1.8>
+ [cc699cd551b6]
* configure, configure.in:
Add rudimentary check for _FORTIFY_SOURCE support by checking for
__sprintf_chk, one of the functions used by gcc to support it.
- [029db376a497] <1.8>
+ [a992673d2ef8]
- * configure, configure.in:
+ * compat/stdbool.h, config.h.in, configure, configure.in:
Use AC_HEADER_STDBOOL instead of checking for stdbool.h ourselves.
- [201d1f3b4aa2] <1.8>
+ [8ba1370884b3]
2012-01-29 Todd C. Miller <Todd.Miller@courtesan.com>
* plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
regen
- [3c0ebf67b333] <1.8>
+ [1e0b38397705]
2012-01-25 Todd C. Miller <Todd.Miller@courtesan.com>
- * The change in 4fe0f357d34b that caused to exit when the monitor dies
+ * src/exec.c, src/sudo.c:
+ The change in 818e82ecbbfc that caused to exit when the monitor dies
created a race condition between the monitor exiting and the status
being read. All we really want to do is make sure that select()
notifies us that there is a status change when the monitor dies
writing when it dies. That way we can still read the status that is
pending on the socket and select() on Linux will tell us that the fd
is ready.
- [16c1a3da35c6] <1.8>
+ [7fb5b30ea48d]
- * Refactor disable_execute() and my_execve() into exec_common.c for
+ * MANIFEST, src/Makefile.in, src/exec.c, src/exec_common.c,
+ src/exec_pty.c, src/selinux.c, src/sesh.c, src/sudo.c, src/sudo.h,
+ src/sudo_exec.h:
+ Refactor disable_execute() and my_execve() into exec_common.c for
use by sesh.c. This fixes NOEXEC when SELinux is used. Instead of
disabling exec in exec_setup(), disable it immediately before
executing the command. Adapted from a diff by Arno Schuring.
- [d266fdb5d00e] <1.8>
+ [ec4d8b53db6b]
2012-01-20 Todd C. Miller <Todd.Miller@courtesan.com>
- * configure, configure.in:
+ * aclocal.m4, configure, configure.in:
Add custom version of AC_CHECK_LIB that uses the extra libs in the
cache value name. With this we no longer need to rely on a modified
version of autoconf.
- [f5293f1a5968] <1.8>
+ [1c3b1d482d6c]
2012-01-19 Todd C. Miller <Todd.Miller@courtesan.com>
* configure, configure.in:
Better handling of network functions that need -lsocket -lnsl
- [91dcddb6ec61] <1.8>
+ [cc386342ec2b]
- * When setting up the execution environment, set groups before
+ * src/sudo.c:
+ When setting up the execution environment, set groups before
gid/egid like sudo 1.7 did.
- [97a921461313] <1.8>
+ [928e1c5fa6c1]
* configure, configure.in:
Remove "WARNING: unable to find foo() trying -lsocket -lnsl"
- [c1c174183607] <1.8>
+ [84b23cdf138f]
- * For "sudo -g" prepend the specified group ID to the beginning of the
+ * plugins/sudoers/sudoers.c:
+ For "sudo -g" prepend the specified group ID to the beginning of the
groups list. This matches BSD convention where the effective gid is
the first entry in the group list. This is required on newer
FreeBSD where the effective gid is not tracked separately and thus
setgroups() changes the egid if this convention is not followed.
Fixes bug #532
- [5050708c2579] <1.8>
+ [782d6909108b]
2012-01-17 Todd C. Miller <Todd.Miller@courtesan.com>
* configure, configure.in:
Fix sh warning; use "test" instead of "["
- [417fbc1dc5e8] <1.8>
+ [c6ee3407f65e]
- * When not logging I/O, use a signal handler that only forwards
+ * src/exec.c:
+ When not logging I/O, use a signal handler that only forwards
SIGINT, SIGQUIT and SIGHUP when they are user-generated signals.
Fixes a race in the non-I/O logging path where the command may
receive two keyboard-generated signals; one from the kernel and one
from the sudo process.
- [24137cae39af] <1.8>
+ [9638684e786a]
- * Back out change that put the command in its own pgrp when not
+ * src/exec.c:
+ Back out change that put the command in its own pgrp when not
logging I/O. It causes problems with pipelines.
- [9c906f88e28c] <1.8>
+ [4fc9c6e1e770]
- * configure, configure.in:
+2012-01-16 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * compat/Makefile.in, configure, configure.in:
Only run compat regress tests on compat objects we actually build.
Fixes "make check" in the compat dir for systems that don't
implement character classes in fnmatch() or glob(). Bug #531
- [c052875fa32e] <1.8>
+ [a7addc305e83]
2012-01-14 Todd C. Miller <Todd.Miller@courtesan.com>
- * Update po files from translationproject.org
- [8e54824c7b71] <1.8>
+ * plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po:
+ Update po files from translationproject.org
+ [5ea066af1356]
2012-01-13 Todd C. Miller <Todd.Miller@courtesan.com>
- * Include parent directories in case they don't already exist. This
+ * sudo.pp:
+ Include parent directories in case they don't already exist. This
fixes a directory permissions problem with the AIX package when the
/usr/local directories don't already exist.
- [83df6fcba859] <1.8>
+ [a14f783dc827]
- * sync with git version
- [0964a02ba83e] <1.8>
+ * pp:
+ sync with git version
+ [2f79d0543661]
- * regen dependencies
- [342e3719dc9e] <1.8>
+ * common/Makefile.in, plugins/sudoers/Makefile.in, src/Makefile.in:
+ regen dependencies
+ [24c92ca6c64d]
- * Move tty name lookup code to its own file.
- [9679de390de0] <1.8>
+ * MANIFEST, src/Makefile.in, src/sudo.c, src/sudo.h, src/ttyname.c:
+ Move tty name lookup code to its own file.
+ [58faf072cbf4]
2012-01-12 Todd C. Miller <Todd.Miller@courtesan.com>
* NEWS:
Update with latest sudo 1.8.4 changes.
- [ef4e0a762766] <1.8>
+ [a4ffe4f42528]
- * configure, configure.in:
+ * config.h.in, configure, configure.in:
Remove obsolete template for HAVE_TIMESPEC
- [54a81b130d7e] <1.8>
+ [75709007c906]
- * Add a check for devname() returning a fully-qualified pathname. None
+ * src/sudo.c:
+ Add a check for devname() returning a fully-qualified pathname. None
of the devname() implementations do this today but you never know
when this might change.
- [634654d38143] <1.8>
+ [16813ace38f9]
2012-01-11 Todd C. Miller <Todd.Miller@courtesan.com>
- * For "visudo -c" also list include files that were checked when
+ * plugins/sudoers/visudo.c:
+ For "visudo -c" also list include files that were checked when
everything is OK.
- [aa3be04c5d12] <1.8>
-
- * The device name returned by devname() does not include the /dev/
- prefix so we need to add it ourselves. Also add debug warning if
- KERN_PROC sysctl fails or devname() can't resolve the tty device to
- a name.
- [5e90760f6c24] <1.8>
+ [ad6f85b35c9c]
- * The result of writev() is never checked so just cast to NULL.
- [4a6820c77d7c] <1.8>
+ * src/sudo.c:
+ The device name returned by devname() does not include the /dev/
+ prefix so we need to add it ourselves.
+ [b55285abb7ed]
- * Update Esperanto, Finnish, Polish and Ukrainian translations from
+ * src/sudo.c:
+ Add debug warning if KERN_PROC sysctl fails or devname() can't
+ resolve the tty device to a name.
+ [b5a23916ba3a]
+
+ * common/sudo_debug.c:
+ The result of writev() is never checked so just cast to NULL.
+ [4be4e9b58d5b]
+
+ * plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
+ plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
+ plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
+ plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po:
+ Update Esperanto, Finnish, Polish and Ukrainian translations from
translationproject.org.
- [3796fba03ff1] <1.8>
+ [bb91bc6ad7e9]
2012-01-10 Todd C. Miller <Todd.Miller@courtesan.com>
- * configure, configure.in:
+ * config.h.in, configure, configure.in, src/sudo.c:
Add support for determining tty via sysctl on other BSD variants.
- [6e4b1ce7f45a] <1.8>
+ [fd15f63f719a]
* configure, configure.in:
Only check for struct kinfo_proc.ki_tdev on systems that support
sysctl.
- [33c700b439ff] <1.8>
+ [109b3f07a39d]
- * For FreeBSD, try the KERN_PROC_PID sysctl() first, falling back on
+ * src/sudo.c:
+ For FreeBSD, try the KERN_PROC_PID sysctl() first, falling back on
ttyname() of std{in,out,err}.
- [30789189030b] <1.8>
+ [95969b70bd68]
2012-01-09 Todd C. Miller <Todd.Miller@courtesan.com>
- * configure, configure.in:
+ * config.h.in, configure, configure.in, src/sudo.c:
On newer FreeBSD we can get the parent's tty name via sysctl().
- [d9449833859b] <1.8>
+ [3207290501ee]
+
+ * plugins/sudoers/testsudoers.c:
+ Include locale.h
+ [a602cd0b8c2d]
+
+ * src/sudo.c:
+ Silence a gcc warning.
+ [8c6d0e3cd534]
- * Include locale.h
- [98114209d1b5] <1.8>
+ * plugins/sudoers/bsm_audit.c:
+ Need to include gettext.h and sudo_debug.h; from John Hein
+ [447912aa7300]
- * Silence a gcc warning.
- [113934aaafa8] <1.8>
+ * plugins/sudoers/iolog.c:
+ Initialize the debug framework from the I/O plugin too.
+ [ce1bf44d96d2]
- * Need to include gettext.h and sudo_debug.h; from John Hein
- [3ec4bf7fcacf] <1.8>
+2012-01-08 Todd C. Miller <Todd.Miller@courtesan.com>
- * Initialize the debug framework from the I/O plugin too.
- [ff525b1d9c4b] <1.8>
+ * plugins/sudoers/testsudoers.c:
+ Enable debugging via sudo.conf.
+ [d85669c749d0]
- * Enable debugging via sudo.conf.
- [2970ab524d25] <1.8>
+2012-01-07 Todd C. Miller <Todd.Miller@courtesan.com>
- * Use SUDO_DEBUG_ALIAS for alias checking functions.
- [854fd74fe685] <1.8>
+ * plugins/sudoers/visudo.c:
+ Use SUDO_DEBUG_ALIAS for alias checking functions.
+ [fb84af30dc76]
* configure, configure.in:
More complete test for getaddrinfo() that doesn't rely on the
network libraries already being added to LIBS.
- [543af760a5d3] <1.8>
+ [cbaf2369f4f0]
2012-01-06 Todd C. Miller <Todd.Miller@courtesan.com>
- * Add debug support.
- [3b6aff4ee2bd] <1.8>
+ * common/aix.c:
+ Add debug support.
+ [def1bdf24485]
* configure, configure.in:
Need -lsocket -lnsl for getaddrinfo(3) on Solaris at least.
- [f5b3fba6c83a] <1.8>
+ [a2ea1c2eac61]
- * Include errno.h and missing.h
- [8a05166bb4d0] <1.8>
+ * compat/getaddrinfo.c:
+ Include errno.h and missing.h
+ [7d15e17cc2f2]
- * doc/sudo.cat, doc/sudo.man.in, doc/sudo_plugin.cat,
- doc/sudo_plugin.man.in, doc/sudoers.cat, doc/sudoers.ldap.cat,
- doc/sudoers.ldap.man.in, doc/sudoers.man.in, doc/sudoreplay.cat,
- doc/sudoreplay.man.in, doc/visudo.cat, doc/visudo.man.in:
- regen
- [f45ed34d9a97] <1.8>
+ * .hgignore:
+ ignore doc/varsub
+ [417f9fc3231b]
- * ignore doc/varsub
- [51d0dfb2e274] <1.8>
-
- * plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
- regen pot files
- [9ba13496954e] <1.8>
-
- * configure.in:
+ * configure.in, doc/visudo.pod, plugins/sudoers/Makefile.in,
+ plugins/sudoers/gram.y, plugins/sudoers/match.c,
+ plugins/sudoers/parse.c, plugins/sudoers/testsudoers.c, src/exec.c,
+ src/parse_args.c, src/sudo.c, src/sudo.h:
Update copyright year.
- [5219ae27b734] <1.8>
+ [5d0ffc7dd567]
* NEWS:
Update for sudo 1.8.4
- [75a6711efa76] <1.8>
+ [841e3eff9844]
* plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
regen pot files
- [c8183dc16517] <1.8>
+ [c509cb45b66a]
+
+ * plugins/sudoers/sudoreplay.c:
+ Enable debugging via sudo.conf.
+ [5087aaee8484]
- * Enable debugging via sudo.conf.
- [63bee1548d5b] <1.8>
+ * plugins/sudoers/visudo.c:
+ Enable debugging via sudo.conf.
+ [04b067c16ed3]
- * Allow "visudo -c" to work when we only have read-only access to the
+ * plugins/sudoers/visudo.c:
+ Allow "visudo -c" to work when we only have read-only access to the
sudoers include files.
- [c8a5e1f16e60] <1.8>
+ [d8c6713fe5c1]
- * Mention the CONTRIBUTORS file, not HISTORY in AUTHOR section. Add
+ * doc/sudo.pod, doc/visudo.pod:
+ Mention the CONTRIBUTORS file, not HISTORY in AUTHOR section. Add
HISTORY section in sudo that points to HISTORY file.
- [8d845530d44f] <1.8>
+ [d1f1bcb051c5]
+
+ * doc/sudo.pod, doc/sudo_plugin.pod:
+ Document Debug setting in sudo.conf and debug_flags in plugin.
+ [acfc505aa4a9]
- * Document Debug setting in sudo.conf and debug_flags in plugin.
- [da43e61209c0] <1.8>
+2012-01-05 Todd C. Miller <Todd.Miller@courtesan.com>
- * Do not include GLOB_MARK in the flags we pass to glob(3). Fixes a
+ * plugins/sudoers/match.c:
+ Do not include GLOB_MARK in the flags we pass to glob(3). Fixes a
bug where a pattern like "/usr/*" include /usr/bin/ in the results,
which would be incorrectly be interpreted as if the sudoers file had
specified a directory. From Vitezslav Cizek.
- [5c71c962d1ad] <1.8>
+ [0cdb6252188c]
- * INSTALL, configure, configure.in:
+ * INSTALL, config.h.in, configure, configure.in,
+ plugins/sudoers/auth/kerb5.c:
Add --enable-kerb5-instance configure option to allow people using
Kerberos V authentication to use a custom instance. Adapted from a
diff by Michael E Burr.
- [f432314f0a33] <1.8>
+ [e83af8bb7aa7]
- * Remove -D debug_level option.
- [2754a61efbbe] <1.8>
+ * doc/sudo.pod, src/parse_args.c, src/sudo.c, src/sudo.h:
+ Remove -D debug_level option.
+ [cbcd05094347]
- * Update copyright year.
- [3bd531625eeb] <1.8>
+ * doc/LICENSE:
+ Update copyright year.
+ [9f43dd7aa852]
2012-01-04 Todd C. Miller <Todd.Miller@courtesan.com>
- * parse_error is now bool, not int
- [0cbd5c12b3eb] <1.8>
+ * plugins/sudoers/parse.c, plugins/sudoers/testsudoers.c,
+ plugins/sudoers/visudo.c:
+ parse_error is now bool, not int
+ [5ea7fb6fda38]
- * Print a more sensible error if yyparse() returns non-zero but
+ * plugins/sudoers/gram.c, plugins/sudoers/gram.y,
+ plugins/sudoers/parse.c:
+ Print a more sensible error if yyparse() returns non-zero but
yyerror() was not called.
- [325a9871ff32] <1.8>
+ [d44ec88f1183]
- * Replace y.tab.c with the correct filename in #line directives.
- [3073f5823a41] <1.8>
+ * plugins/sudoers/Makefile.in, plugins/sudoers/getdate.c,
+ plugins/sudoers/gram.c:
+ Replace y.tab.c with the correct filename in #line directives.
+ [3c84fcb7e959]
- * configure, configure.in:
- Bump version to 1.8.4
- [4fe77346a1d1] <1.8>
+2012-01-03 Todd C. Miller <Todd.Miller@courtesan.com>
- * When trying to determine the tty, fall back on /proc/ppid/fd/{0,1,2}
+ * src/sudo.c:
+ When trying to determine the tty, fall back on /proc/ppid/fd/{0,1,2}
if the main process's fds 0-2 are not hooked up to a tty. Adapted
from a diff by Zdenek Behan.
- [40863388db30] <1.8>
+ [b9dfce12af85]
- * When not logging I/O, put command in its own pgrp and make that the
+ * src/exec.c:
+ When not logging I/O, put command in its own pgrp and make that the
controlling pgrp if the command is in the foreground. Fixes a race
in the non-I/O logging path where the command may receive two
keyboard-generated signals; one from the kernel and one from the
sudo process.
- [9f6ed53a62d6] <1.8>
+ [d0e263ce496c]
- * Quiet a bogus gcc warning.
- [423322e16e27] <1.8>
+2011-12-20 Todd C. Miller <Todd.Miller@courtesan.com>
- * Fix warnings related to sudo.conf accessors.
- [67b769099eec] <1.8>
+ * src/sudo_edit.c:
+ Quiet a bogus gcc warning.
+ [2009669e0608]
+
+ * src/parse_args.c, src/sudo.h:
+ Fix warnings related to sudo.conf accessors.
+ [08ddc29ba50b]
+
+ * common/sudo_conf.c, include/sudo_conf.h:
+ Separate sudo.conf parsing from plugin loading and move the parse
+ functions into the common lib so that visudo, etc. can use them.
+ [f1fc659a8079]
- * Separate sudo.conf parsing from plugin loading and move the parse
+ * MANIFEST, common/Makefile.in, src/Makefile.in, src/load_plugins.c,
+ src/parse_args.c, src/sudo.c, src/sudo_plugin_int.h:
+ Separate sudo.conf parsing from plugin loading and move the parse
functions into the common lib so that visudo, etc. can use them.
- [916162ff2443] <1.8>
+ [e1f2cf6bd57a]
- * Remove support for noexec_file in sudoers and the plugin API
- [e8a6743911be] <1.8>
+ * doc/sudoers.pod, plugins/sudoers/def_data.c,
+ plugins/sudoers/def_data.h, plugins/sudoers/def_data.in,
+ plugins/sudoers/sudoers.c, src/sudo.c:
+ Remove support for noexec_file in sudoers and the plugin API
+ [3e2fd58879b5]
- * Don't dump interfaces if there are none.
- [5a0326c36a1b] <1.8>
+ * plugins/sudoers/sudoers.c:
+ Don't dump interfaces if there are none.
+ [9081bb4d3e9e]
- * Add missing %s printf escape to the group_plugin, iolog_dir and
+ * plugins/sudoers/def_data.c, plugins/sudoers/def_data.in:
+ Add missing %s printf escape to the group_plugin, iolog_dir and
iolog_file descriptions.
- [05e3018e336c] <1.8>
+ [7db03f2b737e]
- * Fix typo in visiblepw description; from Joel Pickett
- [f3a99aaf938f] <1.8>
+2011-12-18 Todd C. Miller <Todd.Miller@courtesan.com>
- * configure, configure.in, plugins/sudoers/login_class.c:
+ * plugins/sudoers/def_data.c, plugins/sudoers/def_data.in, src/exec.c:
+ Fix typo in visiblepw description; from Joel Pickett
+ [2fb4b26d5c2c]
+
+2011-12-08 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * MANIFEST, configure, configure.in, mkdep.pl,
+ plugins/sudoers/Makefile.in, plugins/sudoers/env.c,
+ plugins/sudoers/login_class.c, plugins/sudoers/sudoers.c,
+ plugins/sudoers/sudoers.h, src/sudo.c:
When running a login shell with a login_class specified, use
LOGIN_SETENV instead of rolling our own login.conf setenv support
since FreeBSD's login.conf has more than just setenv capabilities.
environ before calling setusercontext() and then stash the resulting
environ pointer back into the command details, which is kind of a
hack.
- [99c71b6f629a] <1.8>
+ [ad4f1190143b]
- * If srcdir is "." just use the basename of the yacc/lex file when
+ * plugins/sudoers/Makefile.in:
+ If srcdir is "." just use the basename of the yacc/lex file when
generating the C version. This matches the generated files
currently in the repo.
- [abcc3703d2e4] <1.8>
+ [0b11c3df87a8]
- * Clean up the DEVEL noise
- [b22a09c484cf] <1.8>
+ * doc/Makefile.in, plugins/sudoers/Makefile.in:
+ Clean up the DEVEL noise
+ [9de2afe457fd]
- * Handle different Unix domain socket (actually socketpair) semantics
+ * src/exec.c:
+ Handle different Unix domain socket (actually socketpair) semantics
in BSD vs. Linux. In BSD if one end of the socketpair goes away
select() returns the fd as readable and the read will fail with
ECONNRESET. This doesn't appear to happen on Linux so if we notice
status of the monitor, not the command, but there is nothing else we
can do at that point. This should only be an issue if SIGKILL is
sent to the monitor process.
- [4fe0f357d34b] <1.8>
+ [818e82ecbbfc]
- * Catch common signals in the monitor process so they get passed to
+ * src/exec_pty.c:
+ Catch common signals in the monitor process so they get passed to
the command. Fixes a problem when the entire login session is
killed when ssh is disconnected or the terminal window is closed.
Previously, the monitor would exit and plugin's close method would
not be called.
- [e41b2d9fc2c2] <1.8>
+ [0e4658263138]
* INSTALL, configure, configure.in:
Mention how to configure pam_hpsec on HP-UX to play nicely with
sudo.
- [ee4c73cce11d] <1.8>
+ [a7294cd8ce98]
+
+2011-12-07 Todd C. Miller <Todd.Miller@courtesan.com>
- * Escape values in the search expression as per RFC 4515.
- [a249b85caccc] <1.8>
+ * plugins/sudoers/ldap.c:
+ Escape values in the search expression as per RFC 4515.
+ [c2adbc5db92b]
- * No need for install target to depend explicitly on install-dirs, the
+ * doc/Makefile.in, include/Makefile.in, plugins/sample/Makefile.in,
+ plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in,
+ src/Makefile.in:
+ No need for install target to depend explicitly on install-dirs, the
install-foo targets all depend on it.
- [5f40ec883621] <1.8>
+ [62a36ed98279]
- * ignore src/sesh
- [0227b029ee08] <1.8>
+2011-12-05 Todd C. Miller <Todd.Miller@courtesan.com>
- * configure, configure.in:
+ * .hgignore:
+ ignore src/sesh
+ [463d492f6782]
+
+ * MANIFEST, common/Makefile.in, configure, configure.in, mkdep.pl,
+ plugins/sample/Makefile.in, plugins/sample_group/Makefile.in,
+ plugins/sudoers/Makefile.in, plugins/sudoers/env.c,
+ plugins/sudoers/login_class.c, plugins/sudoers/sudoers.c,
+ plugins/sudoers/sudoers.h, src/Makefile.in:
Add support for setenv entries in login.conf. We can't use
LOGIN_SETENV since the plugin sets up the envp the command is
executed with. Also regen the Makefile.in files while here. Fixes
bug #527
- [67d30f44bf45] <1.8>
+ [088d507926e2]
- * configure, configure.in:
+2011-12-02 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * MANIFEST, aclocal.m4, compat/getaddrinfo.c, compat/getaddrinfo.h,
+ config.h.in, configure, configure.in, plugins/sudoers/sudoers.c,
+ src/net_ifs.c:
Add getaddrinfo() for those without it, written by Russ Allbery
- [57dd9b565bb6] <1.8>
+ [4cf9ac831222]
- * Restore PACKAGE_TARNAME, it is used in docdir
- [cf27a773d65e] <1.8>
+ * doc/Makefile.in:
+ Restore PACKAGE_TARNAME, it is used in docdir
+ [9d65e893edb1]
- * SunPro C Compiler also has a _Bool builtin. Also add stdbool.h to
+ * MANIFEST, compat/stdbool.h:
+ SunPro C Compiler also has a _Bool builtin. Also add stdbool.h to
the MANIFEST
- [4fa4f6cef15e] <1.8>
+ [e67700dc5621]
- * Remove duplicate return statements.
- [f0f9000461c1] <1.8>
+ * common/atobool.c, common/term.c, src/exec.c:
+ Remove duplicate return statements.
+ [48a20d5215fd]
- * emove inaccurate comment
- [e3bf2cef6256] <1.8>
+ * plugins/sudoers/auth/bsdauth.c:
+ Remove inaccurate comment
+ [e7f0265cf657]
- * Fetch the login class for the user we authenticate specifically when
+ * plugins/sudoers/auth/bsdauth.c, plugins/sudoers/sudoers.c:
+ Fetch the login class for the user we authenticate specifically when
using BSD authentication. That user may have a different login
class than what we will use to run the command. When setting the
login class for the command, use the target user's struct passwd,
not the invoking user's. Fixes bug 526
- [e3094ce63bd7] <1.8>
+ [21bf0af892f7]
- * configure, configure.in:
+ * compat/Makefile.in, configure, configure.in, doc/Makefile.in,
+ plugins/sudoers/Makefile.in:
Replace @DEV@ prefix with DEVEL variable so we can do "make DEVEL=1"
- [453f562645a2] <1.8>
+ [8ee6e0891f27]
- * Fix "make check" fallout from the sudo_conv changes in sudo_debug.
- [1e2f0d298b06] <1.8>
-
- * configure, configure.in:
+ * plugins/sudoers/regress/iolog_path/check_iolog_path.c,
+ plugins/sudoers/regress/logging/check_wrap.c,
+ plugins/sudoers/regress/parser/check_addr.c,
+ plugins/sudoers/regress/parser/check_fill.c:
+ Fix "make check" fallout from the sudo_conv changes in sudo_debug.
+ [b0aaa63c9081]
+
+ * common/fileops.c, common/sudo_debug.c, configure, configure.in,
+ include/fileops.h, plugins/sample/Makefile.in,
+ plugins/sample/sample_plugin.c, plugins/sample_group/Makefile.in,
+ plugins/sample_group/sample_group.c, plugins/sudoers/alias.c,
+ plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/check.c,
+ plugins/sudoers/defaults.c, plugins/sudoers/defaults.h,
+ plugins/sudoers/env.c, plugins/sudoers/find_path.c,
+ plugins/sudoers/goodpath.c, plugins/sudoers/gram.c,
+ plugins/sudoers/gram.y, plugins/sudoers/group_plugin.c,
+ plugins/sudoers/iolog.c, plugins/sudoers/iolog_path.c,
+ plugins/sudoers/ldap.c, plugins/sudoers/match.c,
+ plugins/sudoers/match_addr.c, plugins/sudoers/parse.c,
+ plugins/sudoers/parse.h, plugins/sudoers/pwutil.c,
+ plugins/sudoers/sudo_nss.c, plugins/sudoers/sudoers.c,
+ plugins/sudoers/sudoers.h, plugins/sudoers/testsudoers.c,
+ plugins/sudoers/toke.c, plugins/sudoers/toke.h,
+ plugins/sudoers/toke.l, plugins/sudoers/toke_util.c,
+ plugins/sudoers/visudo.c, src/exec.c, src/exec_pty.c,
+ src/load_plugins.c, src/sudo.c, src/sudo.h, src/sudo_exec.h,
+ src/sudo_plugin_int.h, src/utmp.c:
Use stdbool.h instead of rolling our own TRUE/FALSE macros.
- [2a5841db0c50] <1.8>
+ [dcb0bbc42fc9]
- * configure, configure.in:
+2011-12-01 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * compat/stdbool.h, config.h.in, configure, configure.in:
Add stdbool.h for systems without it.
- [8ac0317f2ba0] <1.8>
+ [18bd9dda1dcd]
- * configure, configure.in:
+ * aclocal.m4, config.h.in, configure, configure.in:
No longer need SUDO_CHECK_TYPE and SUDO_TYPE_* now that the default
includes have unistd.h in them. Add check for socklen_t for
upcoming getaddrinfo compat.
- [7c0ed30c075d] <1.8>
+ [d705465bef69]
- * configure, configure.in:
+ * common/fileops.c, compat/nanosleep.c, config.h.in, configure,
+ configure.in, plugins/sudoers/interfaces.c,
+ plugins/sudoers/interfaces.h, plugins/sudoers/match_addr.c,
+ plugins/sudoers/sudoreplay.c, src/net_ifs.c:
Use HAVE_STRUCT_TIMESPEC and HAVE_STRUCT_IN6_ADDR instead of
HAVE_TIMESPEC and HAVE_IN6_ADDR respectively.
- [57a6a5bf69a2] <1.8>
+ [fa187c9bd2be]
- * No longer need to include time.h here as missing.h does not use
+ * src/sudo_noexec.c:
+ No longer need to include time.h here as missing.h does not use
time_t.
- [029653d78ba2] <1.8>
+ [fa3a089bf5b1]
- * Fix mode on sudoers as needed when the -f option is not specified.
- [c4aba4a1b23b] <1.8>
+2011-11-30 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * plugins/sudoers/visudo.c:
+ Fix mode on sudoers as needed when the -f option is not specified.
+ [7a1c40b0dc03]
- * Add Serbian translation for sudo from translationproject.org
- [47a04d718e36] <1.8>
+ * MANIFEST, src/po/sr.mo, src/po/sr.po:
+ Add Serbian translation for sudo from translationproject.org
+ [9a0c25e25cba]
- * No longer pass debug_file to plugin, plugins must now use
+ * common/sudo_debug.c, plugins/sudoers/sudoers.c, src/load_plugins.c,
+ src/parse_args.c:
+ No longer pass debug_file to plugin, plugins must now use
CONV_DEBUG_MSG
- [c7ceddf724bf] <1.8>
+ [810cda1abb0b]
+
+ * mkpkg:
+ Build PIE executables for newer Debian and Ubuntu
+ [1c5f25f8904a]
- * Build PIE executables for newer Debian and Ubuntu
- [2e9162e59c2c] <1.8>
+ * common/sudo_debug.c:
+ Include time.h for ctime() prototype.
+ [10090cf3bca1]
- * Include time.h for ctime() prototype.
- [5f27df493b93] <1.8>
+2011-11-29 Todd C. Miller <Todd.Miller@courtesan.com>
- * Do not close error pipe or debug fd via closefrom() as we need them
+ * common/sudo_debug.c, include/sudo_debug.h, src/exec.c,
+ src/exec_pty.c:
+ Do not close error pipe or debug fd via closefrom() as we need them
to report an exec error should one occur.
- [9638f4e7fd14] <1.8>
+ [732f6587fafa]
- * Document that a sudoUser may now be a group ID.
- [42d725aa8b6d] <1.8>
+ * doc/sudoers.ldap.pod:
+ Document that a sudoUser may now be a group ID.
+ [2fef46b9d3d3]
- * Add support for permitting access by group ID in addition to group
+ * plugins/sudoers/ldap.c:
+ Add support for permitting access by group ID in addition to group
name.
- [3506e5c7e41c] <1.8>
+ [b9450fdf1f69]
- * Older Netscape LDAP SDKs don't prototype ldapssl_set_strength()
- [4c973a863d0d] <1.8>
+ * plugins/sudoers/ldap.c:
+ Older Netscape LDAP SDKs don't prototype ldapssl_set_strength()
+ [d62a1e7cff4f]
- * Replace UCB fnmatch.c with a non-recursive version written by
+ * compat/fnmatch.c, compat/fnmatch.h, doc/LICENSE:
+ Replace UCB fnmatch.c with a non-recursive version written by
William A. Rowe Jr.
- [76666139f49d] <1.8>
+ [354d3384adb8]
- * Fix typo, return_debug vs. debug_return
- [810d9b2d2f9a] <1.8>
+ * plugins/sudoers/auth/pam.c:
+ Fix typo, return_debug vs. debug_return
+ [1b522efcbb0d]
+
+2011-11-23 Todd C. Miller <Todd.Miller@courtesan.com>
- * Update Japanese sudoers translation from translationproject.org
- [b051e2bc692e] <1.8>
+ * plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po:
+ Update Japanese sudoers translation from translationproject.org
+ [ec0f2beaad36]
+
+ * doc/sudoers.pod:
+ Make the env_reset descriptions consistent.
+ [41c056f02688]
- * Make the env_reset descriptions consistent.
- [3cf883ec8b33] <1.8>
+2011-11-22 Todd C. Miller <Todd.Miller@courtesan.com>
* configure, configure.in:
Do multiple expansion when expanding paths to the noexec file, sesh
and the plugin directory. Adapted from a diff by Mike Frysinger
- [68cdecdd8457] <1.8>
+ [d7e16c876c66]
- * regen
- [ca37d8cb647b] <1.8>
+ * common/Makefile.in:
+ regen
+ [9d729e09c186]
- * Add ignore file; from Mike Frysinger
- [0bd0f92a2d40] <1.8>
+2011-11-21 Todd C. Miller <Todd.Miller@courtesan.com>
- * no longer save old Makefile.in to .old
- [7dcf2a857c6b] <1.8>
+ * .hgignore:
+ Add ignore file; from Mike Frysinger
+ [1fa8d52425f8]
- * regen
- [a029a2ad7256] <1.8>
+ * mkdep.pl:
+ no longer save old Makefile.in to .old
+ [378dd2395545]
- * configure:
+ * plugins/sudoers/Makefile.in, src/Makefile.in:
+ regen
+ [769faf517720]
+
+ * config.guess, config.sub, configure, ltmain.sh, m4/libtool.m4,
+ m4/ltoptions.m4, m4/ltversion.m4:
Update to libtool 2.4.2
- [6590ddb6a23f] <1.8>
+ [9dac78d84b4f]
- * Bump grammar version for #include and #includedir relative path
+2011-11-18 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * plugins/sudoers/sudoers_version.h:
+ Bump grammar version for #include and #includedir relative path
support.
- [138a446a638e] <1.8>
+ [82a4f7cd8f71]
+
+2011-11-17 Todd C. Miller <Todd.Miller@courtesan.com>
- * Add support for relative paths in #include and #includedir
- [8bf56e39e1ad] <1.8>
+ * doc/sudoers.pod, plugins/sudoers/toke.c, plugins/sudoers/toke.l:
+ Add support for relative paths in #include and #includedir
+ [4d6e3bd0c24f]
+
+ * plugins/sudoers/Makefile.in:
+ Fix install-plugin when shared objects are unsupported or disabled.
+ [cbdd770a7a1b]
- * Fix install-plugin when shared objects are unsupported or disabled.
- [952cf7867482] <1.8>
+ * plugins/sudoers/goodpath.c:
+ Don't write to sbp if it is NULL
+ [fc438f8e8570]
- * Don't write to sbp if it is NULL
- [0cc959722ab8] <1.8>
+2011-11-16 Todd C. Miller <Todd.Miller@courtesan.com>
* Makefile.in:
- If LINGUAS is set, only install matching .mo files
- [5d83050eec1f] <1.8>
+ Remove all sudo/sudoers .mo files on uninstall If LINGUAS is set,
+ only install matching .mo files
+ [c1dc30ab4ebc]
- * Fix non-dynamic (no dlopen) sudo build.
- [fd688ac640a0] <1.8>
+2011-11-13 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * plugins/sudoers/group_plugin.c, plugins/sudoers/plugin_error.c,
+ plugins/sudoers/sudoers.c, src/conversation.c:
+ Fix non-dynamic (no dlopen) sudo build.
+ [b0bd3fa925a3]
* configure, configure.in:
Don't error out if the user specified --disable-shared
- [4f811a8ee9e8] <1.8>
+ [cf035dd1e5cc]
- * Use SUDO_CONV_DEBUG_MSG in the plugin instead of writing directly to
+ * common/sudo_debug.c, plugins/sudoers/sudoreplay.c,
+ plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c,
+ src/conversation.c:
+ Use SUDO_CONV_DEBUG_MSG in the plugin instead of writing directly to
the debug file.
- [bc6124038170] <1.8>
+ [640c62f83251]
- * Make sudo_goodpath() return value bolean
- [25bf43cdf7f0] <1.8>
+ * plugins/sudoers/find_path.c, plugins/sudoers/goodpath.c,
+ plugins/sudoers/sudoers.h:
+ Make sudo_goodpath() return value bolean
+ [fea2d59a6e55]
- * INSTALL, configure, configure.in, plugins/sudoers/auth/securid.c:
+ * INSTALL, MANIFEST, configure, configure.in, mkdep.pl,
+ plugins/sudoers/Makefile.in, plugins/sudoers/auth/securid.c:
Remove obsolete securid auth method.
- [a8a092f8bd83] <1.8>
+ [4e54f860214b]
- * Prefix authentication functions with a "sudo_" prefix to avoid
+ * plugins/sudoers/auth/afs.c, plugins/sudoers/auth/aix_auth.c,
+ plugins/sudoers/auth/dce.c, plugins/sudoers/auth/fwtk.c,
+ plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/pam.c,
+ plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/rfc1938.c,
+ plugins/sudoers/auth/secureware.c, plugins/sudoers/auth/securid5.c,
+ plugins/sudoers/auth/sia.c, plugins/sudoers/auth/sudo_auth.c,
+ plugins/sudoers/auth/sudo_auth.h:
+ Prefix authentication functions with a "sudo_" prefix to avoid
namespace problems.
- [049ea2995793] <1.8>
+ [581d74063ea1]
- * INSTALL, configure, configure.in, plugins/sudoers/auth/kerb4.c:
+ * INSTALL, MANIFEST, config.h.in, configure, configure.in,
+ doc/TROUBLESHOOTING, mkdep.pl, plugins/sudoers/Makefile.in,
+ plugins/sudoers/auth/kerb4.c, plugins/sudoers/auth/sudo_auth.c,
+ plugins/sudoers/auth/sudo_auth.h, plugins/sudoers/env.c:
Remove the old Kerberos IV support
- [c59b0b39af66] <1.8>
+ [2e4b4a44209d]
+
+2011-11-12 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * plugins/sudoers/check.c:
+ Don't print garbage at the end of the custom lecture.
+ [44bb788fafaa]
- * Don't print garbage at the end of the custom lecture.
- [4f1fd9a1241a] <1.8>
+ * plugins/sudoers/toke.c, plugins/sudoers/toke.l:
+ Add lexer tracing as debug@parser
+ [d850f3f9d414]
+
+ * plugins/sudoers/alias.c, plugins/sudoers/defaults.c,
+ plugins/sudoers/defaults.h, plugins/sudoers/gram.c,
+ plugins/sudoers/match.c, plugins/sudoers/parse.c,
+ plugins/sudoers/regress/parser/check_fill.c,
+ plugins/sudoers/testsudoers.c, plugins/sudoers/toke.c,
+ plugins/sudoers/toke.l, plugins/sudoers/toke_util.c,
+ plugins/sudoers/visudo.c:
+ Revert 003bdb078a15. We need to #include <gram.h> not "gram.h" and
+ <def_data.h> and not "def_data.h" when generating the parser in a
+ build dir.
+ [7da701def753]
+
+2011-11-08 Todd C. Miller <Todd.Miller@courtesan.com>
- * Add lexer tracing as debug@parser
- [ebf43f87296a] <1.8>
+ * mkdep.pl, plugins/sudoers/Makefile.in:
+ Better devdir support in mkdep.pl
+ [7dcec57bd155]
- * Add devdir before srcdir in include path and fix up dependecies
- accordingly and add better devdir support to mkdep.pl. We also need
- to #include <gram.h> not "gram.h" and <def_data.h> and not
- "def_data.h" when generating the parser in a build dir.
- [daeafaec094b] <1.8>
+ * plugins/sudoers/Makefile.in:
+ Add devdir before srcdir in include path and fix up dependecies
+ accordingly.
+ [6e9958eca485]
+
+ * plugins/sudoers/alias.c, plugins/sudoers/defaults.c,
+ plugins/sudoers/defaults.h, plugins/sudoers/match.c,
+ plugins/sudoers/parse.c, plugins/sudoers/testsudoers.c,
+ plugins/sudoers/toke.c, plugins/sudoers/toke.l,
+ plugins/sudoers/toke_util.c, plugins/sudoers/visudo.c:
+ #include "gram.h" not <gram.h> and "def_data.h" and not
+ <def_data.h>.
+ [003bdb078a15]
- * Mark libexec files as optional. If we build without shared object
+ * sudo.pp:
+ Mark libexec files as optional. If we build without shared object
support, libexec is not used.
- [194434733454] <1.8>
+ [4bffcf482219]
- * Change Debug sudo.conf setting to take a program name as the first
+ * src/load_plugins.c:
+ Change Debug sudo.conf setting to take a program name as the first
argument. In the future, this will allow visudo and sudoreplay to
use their own Debug entries.
- [92abedbd38c6] <1.8>
+ [cfb8f7e4867c]
- * fix sudo_debug_printf priority
- [0815bedee086] <1.8>
+ * src/sudo.c:
+ fix sudo_debug_printf priority
+ [dcb67e965609]
- * add missing debug_return_int
- [37840a0d8fe4] <1.8>
+ * plugins/sudoers/sudoers.c:
+ add missing debug_return_int
+ [d88ec450c592]
- * Fold SUDO_DEBUG_PROGERR and SUDO_DEBUG_SYSERR into SUDO_DEBUG_ERROR
- [82f7deaff7ba] <1.8>
+2011-11-07 Todd C. Miller <Todd.Miller@courtesan.com>
- * Add missing word in HOME security note.
- [87bd6a891eac] <1.8>
+ * common/sudo_debug.c, include/error.h, include/sudo_debug.h,
+ plugins/sudoers/logging.c, src/exec.c, src/exec_pty.c:
+ Fold SUDO_DEBUG_PROGERR and SUDO_DEBUG_SYSERR into SUDO_DEBUG_ERROR
+ [dcee8efc294f]
- * Prevent "testsudoers -d username" from trying to malloc(0).
- [d7acceacf6e8] <1.8>
+ * doc/UPGRADE:
+ Add missing word in HOME security note.
+ [fd844fdcc1ac]
- * Tests for empty sudoers (should parse OK) and syntax errors within a
+ * plugins/sudoers/testsudoers.c:
+ Prevent "testsudoers -d username" from trying to malloc(0).
+ [839126e56e8c]
+
+2011-11-06 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * plugins/sudoers/regress/sudoers/test10.in,
+ plugins/sudoers/regress/sudoers/test10.out.ok,
+ plugins/sudoers/regress/sudoers/test10.toke.ok,
+ plugins/sudoers/regress/sudoers/test10.toke.out.ok,
+ plugins/sudoers/regress/sudoers/test11.in,
+ plugins/sudoers/regress/sudoers/test11.out.ok,
+ plugins/sudoers/regress/sudoers/test11.toke.ok,
+ plugins/sudoers/regress/sudoers/test11.toke.out.ok,
+ plugins/sudoers/regress/sudoers/test12.in,
+ plugins/sudoers/regress/sudoers/test12.out.ok,
+ plugins/sudoers/regress/sudoers/test12.toke.ok,
+ plugins/sudoers/regress/sudoers/test13.in,
+ plugins/sudoers/regress/sudoers/test13.out.ok,
+ plugins/sudoers/regress/sudoers/test13.toke.ok,
+ plugins/sudoers/regress/sudoers/test9.in,
+ plugins/sudoers/regress/sudoers/test9.out.ok,
+ plugins/sudoers/regress/sudoers/test9.toke.ok,
+ plugins/sudoers/regress/sudoers/test9.toke.out.ok:
+ Tests for empty sudoers (should parse OK) and syntax errors within a
line (should report correct line number) both with and without the
trailing newline.
- [cf44b45af86d] <1.8>
+ [d57c879c4718]
+
+ * plugins/sudoers/regress/sudoers/test4.out.ok,
+ plugins/sudoers/regress/sudoers/test5.out.ok,
+ plugins/sudoers/regress/sudoers/test7.out.ok,
+ plugins/sudoers/regress/sudoers/test8.out.ok,
+ plugins/sudoers/testsudoers.c:
+ Print line number when there is a parser error.
+ [5444ef6ac6dc]
- * Print line number when there is a parser error.
- [34380cefcfdf] <1.8>
+2011-11-05 Todd C. Miller <Todd.Miller@courtesan.com>
- * Keep track of the last token returned. On error, if the last token
+ * plugins/sudoers/gram.c, plugins/sudoers/gram.y,
+ plugins/sudoers/toke.c, plugins/sudoers/toke.l:
+ Keep track of the last token returned. On error, if the last token
was COMMENT, decrement sudolineno since the error most likely
occurred on the preceding line. Previously we always uses
sudolineno-1 which will give the wrong line number for errors within
a line.
- [02ce7cc40f4d] <1.8>
+ [d661a03a64da]
+
+2011-11-03 Todd C. Miller <Todd.Miller@courtesan.com>
* NEWS:
update with sudo 1.8.3p1 info
- [5f4cd440bf00] <1.8>
+ [0f79ff31f602]
+
+ * plugins/sudoers/sudoers.c:
+ Fix crash when "sudo -g group -i" is run. Fixes bug 521
+ [a3087ae337c4]
- * Fix crash when "sudo -g group -i" is run. Fixes bug 521
- [83ee9a90b107] <1.8>
+2011-10-26 Todd C. Miller <Todd.Miller@courtesan.com>
- * Make alias_remove_recursive() return TRUE/FALSE as its callers
+ * plugins/sudoers/visudo.c:
+ Make alias_remove_recursive() return TRUE/FALSE as its callers
expect and remove two unused arguments. Fixes bug 519.
- [ec2cfa235c65] <1.8>
+ [2ee3b2882844]
+
+ * plugins/sudoers/regress/visudo/test1.out.ok,
+ plugins/sudoers/regress/visudo/test1.sh:
+ Add regress test for bugzilla 519
+ [48000ebedf97]
- * Add regress test for bugzilla 519
- [237b3698c8ae] <1.8>
+ * plugins/sudoers/regress/iolog_path/check_iolog_path.c,
+ plugins/sudoers/regress/logging/check_wrap.c,
+ plugins/sudoers/regress/parser/check_addr.c,
+ plugins/sudoers/regress/parser/check_fill.c:
+ Disable warning/error wrapping in regress tests.
+ [373c589ba561]
- * Disable warning/error wrapping in regress tests.
- [630ac985bcfc] <1.8>
+2011-10-25 Todd C. Miller <Todd.Miller@courtesan.com>
* Makefile.in:
Do compile-po as part of sync-po so that the .mo files get rebuild
automatically when we sync with translationproject.org
- [f09f15a5c40e] <1.8>
+ [83f3cbfc2f33]
- * check_addr needs to link with the network libraries on Solaris
- [04465307990f] <1.8>
+ * plugins/sudoers/Makefile.in:
+ check_addr needs to link with the network libraries on Solaris
+ [322bd70e316e]
- * When matching a RunasAlias for a runas group, pass the alias in as
+ * plugins/sudoers/match.c:
+ When matching a RunasAlias for a runas group, pass the alias in as
the group_list, not the user_list. From Daniel Kopecek.
- [9c8f4b57b7cb] <1.8>
+ [766545edf141]
- * We need to init the auth system regardless of whether we need a
+ * plugins/sudoers/check.c, plugins/sudoers/sudoers.c:
+ We need to init the auth system regardless of whether we need a
password since we will be closing the PAM session in the monitor
process. Fixes a crash in the monitor on Solaris; bugzilla #518
- [7e312caf74eb] <1.8>
+ [e82809f86fb3]
+
+2011-10-24 Todd C. Miller <Todd.Miller@courtesan.com>
- * Get rid of done: label. If the child exits we still need to close
+ * src/exec.c:
+ Get rid of done: label. If the child exits we still need to close
the pty, update utmp and restore the SELinux tty context.
- [cda935f856e8] <1.8>
+ [cc127bf48405]
+
+2011-10-22 Todd C. Miller <Todd.Miller@courtesan.com>
- * Add debug_decl/debug_return (almost) everywhere. Remove old
+ * common/Makefile.in, common/atobool.c, common/fileops.c,
+ common/fmt_string.c, common/lbuf.c, common/list.c,
+ common/setgroups.c, common/term.c, plugins/sudoers/Makefile.in,
+ plugins/sudoers/alias.c, plugins/sudoers/audit.c,
+ plugins/sudoers/auth/afs.c, plugins/sudoers/auth/aix_auth.c,
+ plugins/sudoers/auth/bsdauth.c, plugins/sudoers/auth/dce.c,
+ plugins/sudoers/auth/fwtk.c, plugins/sudoers/auth/kerb4.c,
+ plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/pam.c,
+ plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/rfc1938.c,
+ plugins/sudoers/auth/secureware.c, plugins/sudoers/auth/securid.c,
+ plugins/sudoers/auth/securid5.c, plugins/sudoers/auth/sia.c,
+ plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/boottime.c,
+ plugins/sudoers/bsm_audit.c, plugins/sudoers/check.c,
+ plugins/sudoers/defaults.c, plugins/sudoers/env.c,
+ plugins/sudoers/find_path.c, plugins/sudoers/getspwuid.c,
+ plugins/sudoers/goodpath.c, plugins/sudoers/gram.c,
+ plugins/sudoers/gram.y, plugins/sudoers/group_plugin.c,
+ plugins/sudoers/interfaces.c, plugins/sudoers/iolog.c,
+ plugins/sudoers/iolog_path.c, plugins/sudoers/ldap.c,
+ plugins/sudoers/linux_audit.c, plugins/sudoers/logging.c,
+ plugins/sudoers/logwrap.c, plugins/sudoers/match.c,
+ plugins/sudoers/match_addr.c, plugins/sudoers/parse.c,
+ plugins/sudoers/pwutil.c, plugins/sudoers/redblack.c,
+ plugins/sudoers/set_perms.c, plugins/sudoers/sudo_nss.c,
+ plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
+ plugins/sudoers/toke.c, plugins/sudoers/toke.h,
+ plugins/sudoers/toke.l, plugins/sudoers/toke_util.c,
+ src/Makefile.in, src/conversation.c, src/exec.c, src/exec_pty.c,
+ src/get_pty.c, src/load_plugins.c, src/net_ifs.c, src/parse_args.c,
+ src/selinux.c, src/sudo.c, src/sudo.h, src/sudo_edit.c,
+ src/tgetpass.c, src/ttysize.c, src/utmp.c:
+ Add debug_decl/debug_return (almost) everywhere. Remove old
sudo_debug() and convert users to sudo_debug_printf().
- [a97d9dc61e3f] <1.8>
+ [8f3bbf907b67]
- * Wrap error/errorx and warning/warningx functions with debug
+ * common/alloc.c, include/error.h, plugins/sudoers/plugin_error.c,
+ plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
+ plugins/sudoers/visudo.c, src/error.c:
+ Wrap error/errorx and warning/warningx functions with debug
statements. Disable wrapping for standalone sudoers programs as well
as memory allocation functions (to avoid infinite recursion).
- [e942083dab8e] <1.8>
+ [562ed7b5ae8d]
- * README, configure, configure.in:
+ * README, config.h.in, configure, configure.in:
Add checks for __func__ and __FUNCTION__ and mention that we now
require a cpp that supports variadic macros.
- [961dfb044b4e] <1.8>
+ [314cfe4c5d23]
- * New debug framework for sudo and plugins using /etc/sudo.conf that
+ * MANIFEST, common/Makefile.in, common/sudo_debug.c,
+ include/sudo_debug.h, include/sudo_plugin.h, src/conversation.c,
+ src/load_plugins.c, src/parse_args.c, src/sudo.c,
+ src/sudo_plugin_int.h:
+ New debug framework for sudo and plugins using /etc/sudo.conf that
also supports function call tracing.
- [94d9aa72df19] <1.8>
+ [cded741e9f10]
2011-10-21 Todd C. Miller <Todd.Miller@courtesan.com>
- * .hgtags:
- Added tag SUDO_1_8_3 for changeset 82bec4d3a203
- [6c953ef6f577] <1.8>
-
- * Update Japanese sudoers translation from translationproject.org
- [82bec4d3a203] [SUDO_1_8_3] <1.8>
+ * plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po:
+ Update Japanese sudoers translation from translationproject.org
+ [c24725775e32]
2011-10-12 Todd C. Miller <Todd.Miller@courtesan.com>
Override and ignore the --disable-static option. Sudo already runs
libtool with -tag=disable-static where applicable and we need non-
PIC objects to build the executables.
- [dff177464029] <1.8>
+ [aff1227b853a]
2011-10-10 Todd C. Miller <Todd.Miller@courtesan.com>
* NEWS:
Add sudoedit fix
- [3238dc7e4fb2] <1.8>
+ [74655c7ccad1]
* plugins/sudoers/po/sudoers.pot:
regen pot files
- [7981d6cbf1ab] <1.8>
+ [28d89a831ed3]
- * Ignore set_logname (which is now the default) for sudoedit since we
+ * plugins/sudoers/env.c:
+ Ignore set_logname (which is now the default) for sudoedit since we
want the LOGNAME, USER and USERNAME environment variables to refer
to the calling user since that is who the editor runs as. This
allows the editor to find the user's startup files. Fixes bugzilla
#515
- [3b9486e5fddb] <1.8>
+ [6c5dddf5ff05]
- * Instead of trying to grow the buffer in make_grlist_item(), simply
+ * plugins/sudoers/pwutil.c:
+ Instead of trying to grow the buffer in make_grlist_item(), simply
increase the total length, free the old buffer and allocate a new
one. This is less error prone and saves us from having to adjust
all the pointers in the buffer. This code path is only taken when
there are groups longer than the length of the user field in struct
utmp or utmpx, which should be quite rare.
- [cb7c5ac834b5] <1.8>
+ [5587dc8cffaf]
- * Add Italian translation for sudo from translationproject.org
- [c7876fccbc38] <1.8>
+ * src/po/it.mo:
+ Add Italian translation for sudo from translationproject.org
+ [1b3dd886e7e3]
- * NEWS:
+ * MANIFEST, NEWS, plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po,
+ src/po/ja.mo, src/po/ja.po:
Japanese translation for sudo and sudoers from
translationproject.org
- [9945a3ef7ff7] <1.8>
+ [c06dd866be6e]
2011-10-07 Todd C. Miller <Todd.Miller@courtesan.com>
- * sudoreplay depends on timestr.lo too; from Mike Frysinger
- [ad9ae493205f] <1.8>
+ * plugins/sudoers/Makefile.in:
+ sudoreplay depends on timestr.lo too; from Mike Frysinger
+ [b9e73214b2f1]
2011-10-04 Todd C. Miller <Todd.Miller@courtesan.com>
* plugins/sudoers/po/sudoers.pot:
Regen sudoers pot file.
- [2c4d99361994] <1.8>
+ [019588bafdb3]
* NEWS:
Update with latest sudo 1.8.3 news
- [4e7f59d339d4] <1.8>
+ [6868042a88e9]
- * ldap_start_tls_s() on Debian (at least) sets the effective and saved
- uids to the same value as the real uid. This prevents sudo from
- setting the uid or gid later on. As a workaround, we now set perms
- to root during sudoers_policy_open().
- [eb4c4f15833a] <1.8>
+ * plugins/sudoers/sudoers.c:
+ It appears that LDAP or NSS may modify the euid so we need to be
+ root for the open(). We restore the old perms at the end of
+ sudoers_policy_open().
+ [2da67a5497ef]
- * Better warning message on setuid() failure for the setreuid()
+ * plugins/sudoers/set_perms.c:
+ Better warning message on setuid() failure for the setreuid()
version of set_perms().
- [308c72f601e4] <1.8>
-
-2011-10-02 Todd C. Miller <Todd.Miller@courtesan.com>
-
- * NEWS:
- Combine new translations in NEWS item
- [0aa07471a5e6] <1.8>
+ [07abcfe7bd9a]
2011-09-27 Todd C. Miller <Todd.Miller@courtesan.com>
- * Delref auth_pw at the end of check_user() instead of getting a ref
+ * plugins/sudoers/check.c:
+ Delref auth_pw at the end of check_user() instead of getting a ref
twice.
- [1c882f2fb46c] <1.8>
+ [cb665f55e6a5]
- * Make sudo_auth_{init,cleanup} return TRUE on success and check for
+ * plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/check.c:
+ Make sudo_auth_{init,cleanup} return TRUE on success and check for
sudo_auth_init() return value in check_user().
- [573bf35ecac9] <1.8>
-
- * Do not return without restoring permissions.
- [2444a0b96469] <1.8>
+ [92631c919356]
- * plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
- regen pot files
- [d286bce8dbb1] <1.8>
-
- * NEWS:
- Update for latest release candidate
- [63d184ba6263] <1.8>
+ * plugins/sudoers/auth/sudo_auth.c:
+ Do not return without restoring permissions.
+ [59ef40b6696a]
* plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
regen pot files
- [ac3ec1315df7] <1.8>
+ [9f320a340b7c]
- * Modify the authentication API such that the init and cleanup
+ * plugins/sudoers/auth/API, plugins/sudoers/auth/bsdauth.c,
+ plugins/sudoers/auth/fwtk.c, plugins/sudoers/auth/kerb4.c,
+ plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/pam.c,
+ plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/secureware.c,
+ plugins/sudoers/auth/securid.c, plugins/sudoers/auth/securid5.c,
+ plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/auth/sudo_auth.h,
+ plugins/sudoers/check.c, plugins/sudoers/sudoers.c,
+ plugins/sudoers/sudoers.h:
+ Modify the authentication API such that the init and cleanup
functions are always called, regardless of whether or not we are
going to verify a password. This is needed for proper PAM session
support.
- [ea281ca46d94] <1.8>
+ [19a53f3fb596]
- * Add missing dependency for getspwgen other depends.
- [9c124272910d] <1.8>
+ * compat/Makefile.in, mkdep.pl, plugins/sudoers/Makefile.in:
+ Add missing dependency for getspwuid.lo and regen other depends.
+ [f7f70eae819a]
- * Fix a PAM_USER mismatch in session open/close. We update PAM_USER
+ * plugins/sudoers/auth/pam.c, plugins/sudoers/auth/sudo_auth.c,
+ plugins/sudoers/auth/sudo_auth.h, plugins/sudoers/sudoers.c:
+ Fix a PAM_USER mismatch in session open/close. We update PAM_USER
to the target user immediately before setting resource limits, which
is after the monitor process has forked (so it has the old value).
Also, if the user did not authenticate, there is no pamh in the
monitor so we need to init pam here too. This means we end up
calling pam_start() twice, which should be fixed, but at least the
session is always properly closed now.
- [d0866ee5f190] <1.8>
+ [fbc063a2a872]
- * Add check for old being NULL in utmp_setid(); from Steven McDonald
- [30cc283ac2b4] <1.8>
+ * src/utmp.c:
+ Add check for old being NULL in utmp_setid(); from Steven McDonald
+ [e87126442f2e]
2011-09-25 Todd C. Miller <Todd.Miller@courtesan.com>
- * If the invoking user cannot be resolved by uid fake the struct
+ * plugins/sudoers/pwutil.c, plugins/sudoers/sudoers.c,
+ plugins/sudoers/sudoers.h:
+ If the invoking user cannot be resolved by uid fake the struct
passwd and store it in the cache so we can delref it on exit.
- [19d44f44d45d] <1.8>
+ [a27e2f8b9f5e]
2011-09-24 Todd C. Miller <Todd.Miller@courtesan.com>
- * Don't error out if the group plugin cannot be loaded, just warn.
- [e91d9912c9a0] <1.8>
+ * plugins/sudoers/sudoers.c:
+ Don't error out if the group plugin cannot be loaded, just warn.
+ [0fbfcd381e33]
2011-09-23 Todd C. Miller <Todd.Miller@courtesan.com>
- * Quiet a false positive found by several static analysis tools. These
+ * plugins/sudoers/sudoers.c:
+ Quiet a false positive found by several static analysis tools. These
tools don't know that log_error() does not return (it longjmps to
error_jmp which returns to the sudo front-end).
- [3cc319e31ed6] <1.8>
+ [33d0469df21b]
2011-09-22 Todd C. Miller <Todd.Miller@courtesan.com>
- * Add Italian translation for sudo from translationproject.org Regen
+ * MANIFEST, plugins/sudoers/po/da.mo, plugins/sudoers/po/eo.mo,
+ plugins/sudoers/po/fi.mo, plugins/sudoers/po/pl.mo,
+ plugins/sudoers/po/uk.mo, plugins/sudoers/po/zh_CN.mo, src/po/it.po:
+ Add Italian translation for sudo from translationproject.org Regen
.mo files
- [c0b27f9d7e57] <1.8>
-
- * .hgtags:
- Added tag SUDO_1_8_2 for changeset 3682e51af1d0
- [f0be566e9ea2] <1.8>
+ [c3c888a82be6]
2011-09-21 Todd C. Miller <Todd.Miller@courtesan.com>
- * Update to current reality and add bit about ssh auth
- [48dcb86ce9be] <1.8>
+ * doc/TROUBLESHOOTING:
+ Update to current reality and add bit about ssh auth
+ [184a1e7c2eeb]
- * Make "verbose" static; fixes a namespace clash with
+ * plugins/sudoers/gram.c, plugins/sudoers/gram.y:
+ Make "verbose" static; fixes a namespace clash with
pam_ssh_agent_auth (and it doesn't need to be extern these days).
- [b60fdd82de94] <1.8>
+ [cc38d2eb2f4c]
- * configure, configure.in:
+ * config.h.in, configure, configure.in, src/get_pty.c:
FreeBSD has libutil.h not util.h
- [c03b121e0193] <1.8>
+ [dab4c94b6d4f]
* configure, configure.in:
Define _BSD_SOURCE on FreeBSD, OpenBSD and DragonflyBSD
- [002e3e0bb173] <1.8>
+ [41c362f0a92a]
- * Update po files from translationproject.org
- [2b36af902213] <1.8>
+2011-09-20 Todd C. Miller <Todd.Miller@courtesan.com>
-2011-09-16 Todd C. Miller <Todd.Miller@courtesan.com>
-
- * NEWS:
- Mention DEREF support
- [dfeb152f1686] <1.8>
+ * plugins/sudoers/po/da.po, plugins/sudoers/po/eo.po,
+ plugins/sudoers/po/fi.po, plugins/sudoers/po/pl.po,
+ plugins/sudoers/po/uk.po, plugins/sudoers/po/zh_CN.po:
+ Update po files from translationproject.org
+ [1e99e147c7fa]
- * plugins/sudoers/po/sudoers.pot:
- sync pot files
- [1fba22e927a3] <1.8>
+2011-09-16 Todd C. Miller <Todd.Miller@courtesan.com>
- * doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in:
+ * doc/sudoers.ldap.pod, plugins/sudoers/ldap.c:
Add support for DEREF in ldap.conf.
- [fe1cf6ad0add] <1.8>
+ [3c1937a98547]
* Makefile.in:
install target should depend on ChangeLog too, not just install-doc
- [f54e2ab633b8] <1.8>
+ [1a7c83941175]
- * NEWS, configure.in, doc/sudoers.cat, doc/sudoers.man.in:
+ * doc/sudoers.pod:
Only iolog_file (not iolog_dir) supports mktemp-style suffixes.
- [44a25099594e] <1.8>
+ [0eca47d60a2c]
- * configure.in, plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
- regen pot files
- [e14ee85cf49b] <1.8>
+ * NEWS:
+ Sync with 1.8 branch for sudo 1.8.2 and 1.8.3 changes.
+ [0501415cc5ff]
+
+ * doc/UPGRADE:
+ Document group lookup change and possible side effects.
+ [585743e1ebf7]
* configure, configure.in:
Fix some square brackets in case statements that needed to be
doubled up. While here, use $OSMAJOR when it makes sense.
- [853c6e5f994c] <1.8>
+ [8973343f4696]
- * Fix a crash in make_grlist_item() on 64-bit machines with strict
+ * plugins/sudoers/pwutil.c:
+ Fix a crash in make_grlist_item() on 64-bit machines with strict
alignment.
- [e877c89ae32f] <1.8>
+ [c89508c73c46]
- * Remove list_options() function that is no longer used now that "sudo
+ * plugins/sudoers/defaults.c, plugins/sudoers/defaults.h:
+ Remove list_options() function that is no longer used now that "sudo
-L" is gone.
- [f31543c80b98] <1.8>
+ [fcc6a776c135]
* configure, configure.in:
Error message if user tries --with-CC
- [0ed7558b8924] <1.8>
+ [ec5b478f813a]
* configure, configure.in:
Check for -libmldap too when looking for ldap libs, which is the
Tivoli Directory Server client library.
- [831e32d1453c] <1.8>
-
- * plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
- regen pot files for 1.8.3
- [df2fb085cff2] <1.8>
-
- * NEWS, configure, configure.in, doc/sudo.cat, doc/sudo.man.in,
- doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudoers.cat,
- doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in, doc/sudoers.man.in,
- doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/visudo.cat,
- doc/visudo.man.in:
- Update for version 1.8.3
- [38cf153add0a] <1.8>
+ [bb3007a97206]
2011-09-09 Todd C. Miller <Todd.Miller@courtesan.com>
- * Honor NOPASSWD tag for denied commands too.
- [f473c443ad54] <1.8>
+ * plugins/sudoers/parse.c:
+ Honor NOPASSWD tag for denied commands too.
+ [8dd92656db92]
+
+2011-09-08 Todd C. Miller <Todd.Miller@courtesan.com>
* INSTALL, configure, configure.in:
Remove --with-CC option; it doesn't work correctly now that we use
libtool. Users can get the same effect by setting the CC
environment variable when running configure.
- [4f04869d74fd] <1.8>
+ [ec22bd1a55e0]
2011-08-31 Todd C. Miller <Todd.Miller@courtesan.com>
- * configure, configure.in:
+ * config.h.in, configure, configure.in, plugins/sudoers/visudo.c,
+ src/sudo_edit.c:
Assume all modern systems support fstat(2).
- [0422b19dced3] <1.8>
+ [6a5a8985f6a0]
2011-08-30 Todd C. Miller <Todd.Miller@courtesan.com>
- * configure, configure.in:
+ * compat/regress/glob/globtest.c, config.h.in, configure,
+ configure.in, include/missing.h, plugins/sudoers/sudoers.h,
+ src/sudo.h, src/sudo_noexec.c:
Add configure test for missing errno declaration and only declare it
ourselves if it is missing.
- [6d26974f7e16] <1.8>
+ [456e76c809a2]
- * Include errno.h before sudo.h to avoid conflicting with the system
+ * plugins/sudoers/alias.c:
+ Include errno.h before sudo.h to avoid conflicting with the system
definition of errno.
- [8000bdc0968f] <1.8>
+ [d0b97e392512]
2011-08-29 Todd C. Miller <Todd.Miller@courtesan.com>
- * Only print individual check status when there is a failure.
- [bbdd669e7615] <1.8>
+ * plugins/sudoers/regress/parser/check_addr.c:
+ Only print individual check status when there is a failure.
+ [2ac704c91441]
- * Add calls to setprogname() for test programs.
- [c721f3466a3a] <1.8>
+ * plugins/sudoers/regress/iolog_path/check_iolog_path.c,
+ plugins/sudoers/regress/logging/check_wrap.c,
+ plugins/sudoers/regress/parser/check_addr.c:
+ Add calls to setprogname() for test programs.
+ [a8d9b420e826]
* configure, configure.in:
Add -Wall and -Werror after all tests so they don't cause failures.
- [20d75ce40086] <1.8>
-
- * Actually run check_addr in the check target
- [dcd96ef0dc57] <1.8>
+ [2661188ff3fa]
- * Split out address matching into its own file and add regression
+ * plugins/sudoers/Makefile.in:
+ Actually run check_addr in the check target
+ [0b2778bc86bf]
+
+ * MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/match.c,
+ plugins/sudoers/match_addr.c,
+ plugins/sudoers/regress/parser/check_addr.c,
+ plugins/sudoers/regress/parser/check_addr.in:
+ Split out address matching into its own file and add regression
tests for it.
- [863f28589c24] <1.8>
+ [12b9a2bf8dba]
2011-08-27 Todd C. Miller <Todd.Miller@courtesan.com>
- * Fix matching a network number with netmask when the network number
- is not the first address in the CIDR block.
- [719942c986e9] <1.8>
+ * plugins/sudoers/match.c:
+ When matching an address with a netmask in sudoers, AND the mask and
+ addr before checking against the local addresses.
+ [9747bb6d7b1c]
2011-08-26 Todd C. Miller <Todd.Miller@courtesan.com>
- * Don't assume all editors support the +linenumber command line
+ * plugins/sudoers/match.c:
+ Fix netmask matching.
+ [a3c8f8cc1464]
+
+ * plugins/sudoers/visudo.c:
+ Don't assume all editors support the +linenumber command line
argument, use a whitelist of known good editors.
- [d8d884af3b05] <1.8>
+ [21d43a91fd10]
2011-08-23 Todd C. Miller <Todd.Miller@courtesan.com>
- * Silence compiler warnings on Solaris with gcc 3.4.3
- [8047cdb5d6a1] <1.8>
+ * plugins/sudoers/set_perms.c, plugins/sudoers/visudo.c, src/exec.c,
+ src/exec_pty.c, src/sudo.c:
+ Silence compiler warnings on Solaris with gcc 3.4.3
+ [da620bae6fdb]
- * Fix building on RHEL 3
- [6bb0464a7450] <1.8>
+ * mkpkg:
+ Fix building on RHEL 3
+ [f3227fb2a252]
* INSTALL, configure, configure.in:
Add --enable-werror configure option.
- [aa40fd459836] <1.8>
+ [fec2cdb95543]
- * setgroups() proto lives in grp.h on RHEL4, perhaps others.
- [92f98cbaebf0] <1.8>
+ * common/setgroups.c:
+ setgroups() proto lives in grp.h on RHEL4, perhaps others.
+ [de91c0de5a98]
* configure, configure.in:
Use PAM by default on AIX 6 and higher.
- [7ef53d5ac819] <1.8>
+ [e16493208e5f]
2011-08-22 Todd C. Miller <Todd.Miller@courtesan.com>
- * Add new Esperanto translation from translationproject.org
- [109ed683b885] <1.8>
+ * MANIFEST, plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
+ src/po/eo.mo, src/po/eo.po:
+ Add new Esperanto translation from translationproject.org
+ [0d9a59e04c64]
2011-08-19 Todd C. Miller <Todd.Miller@courtesan.com>
- * Quiet an innocuous valgrind warning.
- [fc453e49f9dd] <1.8>
+ * plugins/sudoers/iolog_path.c:
+ Quiet an innocuous valgrind warning.
+ [0582b6027161]
2011-08-18 Todd C. Miller <Todd.Miller@courtesan.com>
- * Fix expansion of strftime() escapes in log_dir and add a regress
+ * plugins/sudoers/iolog_path.c,
+ plugins/sudoers/regress/iolog_path/data:
+ Fix expansion of strftime() escapes in log_dir and add a regress
test that exhibited the problem.
- [784e60d21f11] <1.8>
+ [a5c7c1c4c589]
- * plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
+ * plugins/sudoers/Makefile.in:
Fix "make check" return value.
- [d3608efd8da6] <1.8>
+ [33b58e175230]
2011-08-17 Todd C. Miller <Todd.Miller@courtesan.com>
- * plugins/sudoers/po/sudoers.pot:
+ * plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
Regen pot files
- [3682e51af1d0] [SUDO_1_8_2] <1.8>
+ [063841aac19b]
* Makefile.in:
Fix logic inversion in pot file up to date check.
- [343dbbca9422] <1.8>
-
- * doc/sudo.cat, doc/sudo.man.in, doc/sudoers.cat,
- doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in, doc/sudoers.man.in,
- doc/visudo.cat, doc/visudo.man.in:
- regen docs
- [96234478bde2] <1.8>
+ [f6a8ca8654df]
2011-08-15 Todd C. Miller <Todd.Miller@courtesan.com>
* configure, configure.in:
Add caching for gettext() checks.
- [4039d21424c3] <1.8>
+ [01b7200f6105]
* configure, configure.in:
Better handling of libintl header and library mismatch.
- [cc9faee8e486] <1.8>
-
-2011-08-14 Todd C. Miller <Todd.Miller@courtesan.com>
-
- * NEWS:
- sync
- [73649a44d934] <1.8>
+ [9a49b1d4db69]
2011-08-13 Todd C. Miller <Todd.Miller@courtesan.com>
- * Also check sudoers gid if sudoers is group writable.
- [3d345347f6ac] <1.8>
-
- * NEWS:
- Update for 1.8.2 final
- [441c22fea363] <1.8>
+ * plugins/sudoers/sudoers.c:
+ Also check sudoers gid if sudoers is group writable.
+ [23ef96ca0d33]
2011-08-12 Todd C. Miller <Todd.Miller@courtesan.com>
* configure, configure.in:
If dlopen is present but libtool doesn't find it, error out since it
probably means that libtool doesn't support the system.
- [6fc7c0de4f6d] <1.8>
+ [a9da0a5f7941]
- * configure args on the command line should override builtin defaults.
+ * mkpkg:
+ configure args on the command line should override builtin defaults.
Disable NLS for non-Linux/Solaris unless explicitly enabled.
- [0ef165f892c2] <1.8>
+ [b2fb05614504]
- * Fix loop that calls authenticate(). If there was an error message
+ * plugins/sudoers/auth/aix_auth.c:
+ Fix loop that calls authenticate(). If there was an error message
from authenticate(), display it.
- [f0686011ff2e] <1.8>
+ [063a0c4f0b9a]
2011-08-11 Todd C. Miller <Todd.Miller@courtesan.com>
- * configure, configure.in:
+ * m4/libtool.m4, m4/ltversion.m4:
+ Update to autoconf 2.68 and libtool 2.4
+ [5a912a6eb67b]
+
+ * config.guess, config.sub, configure, configure.in, ltmain.sh:
Update to autoconf 2.68 and libtool 2.4
- [00df5f3647e1] <1.8>
+ [931ab56aecf6]
- * Fix typo; OPT should be OTP
- [31da1f989740] <1.8>
+ * doc/sudoers.pod:
+ Fix typo; OPT should be OTP
+ [e97bd2e46544]
- * Rename libsudoers convenience library to libparsesudoers to avoid
+ * plugins/sudoers/Makefile.in:
+ Rename libsudoers convenience library to libparsesudoers to avoid
libtool confusion.
- [e9ae9d611dd5] <1.8>
+ [2a89a613f537]
2011-08-10 Todd C. Miller <Todd.Miller@courtesan.com>
- * Add Danish sudoers translation from translationproject.org
- [fa9cd9758249] <1.8>
+ * MANIFEST, plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po:
+ Add Danish sudoers translation from translationproject.org
+ [27b96e85eb13]
- * Add dedicated callback function for runas_default sudoers setting
+ * plugins/sudoers/sudoers.c, plugins/sudoers/testsudoers.c:
+ Add dedicated callback function for runas_default sudoers setting
that only sets runas_pw if no runas user or group was specified by
the user.
- [3fb4b18525de] <1.8>
+ [b8382d8eea34]
2011-08-09 Todd C. Miller <Todd.Miller@courtesan.com>
- * Update Finish, Polish, Russian and Ukrainian translations from
+ * plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
+ plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
+ plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po, src/po/ru.mo,
+ src/po/ru.po:
+ Update Finish, Polish, Russian and Ukrainian translations from
translationproject.org.
- [0fcd8f6aff0a] <1.8>
+ [f9339aff664e]
- * Makefile.in:
+ * plugins/sudoers/defaults.h, plugins/sudoers/sudoers.c,
+ plugins/sudoers/testsudoers.c:
Go back to using a callback for runas_default to keep runas_pw in
sync. This is needed to make per-entry runas_default settings work
with LDAP-based sudoers. Instead of declaring it a callback in
def_data.in, sudo and testsudoers poke sudo_defs_table[] which is a
bit naughty, but avoids requiring stub functions in visudo and the
tests.
- [4e8e70832f06] <1.8>
+ [9aaefb908415]
2011-08-05 Todd C. Miller <Todd.Miller@courtesan.com>
- * plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
- Regen pot files
- [ca5c58c599a6] <1.8>
-
* Makefile.in:
Add check for out of date message catalogs when doing "make dist".
- [36414e5c762b] <1.8>
+ [e45a29b612f4]
2011-08-02 Todd C. Miller <Todd.Miller@courtesan.com>
- * configure, configure.in:
+ * configure:
+ regen
+ [d6f9ad26774a]
+
+ * configure.in:
Make sure compiler supports static-libgcc before using it.
- [6c98e8809291] <1.8>
+ [b01bd9566e50]
2011-08-01 Todd C. Miller <Todd.Miller@courtesan.com>
- * Link libsudo_noexec.la with LDLDFLAGS for -static-libgcc
- [a0a3a3fa6470] <1.8>
+ * src/Makefile.in:
+ Link libsudo_noexec.la with LDLDFLAGS for -static-libgcc
+ [c99c7ab3edef]
2011-07-30 Todd C. Miller <Todd.Miller@courtesan.com>
- * Add new Russian sudo translation from translationproject.org and
+ * MANIFEST, plugins/sudoers/po/fi.mo, plugins/sudoers/po/pl.mo,
+ plugins/sudoers/po/pl.po, plugins/sudoers/po/uk.mo,
+ plugins/sudoers/po/zh_CN.mo, src/po/ru.mo, src/po/ru.po,
+ src/po/zh_CN.mo:
+ Add new Russian sudo translation from translationproject.org and
rebuild the other translation files.
- [e953d7d1ca6d] <1.8>
+ [e20015459056]
2011-07-29 Todd C. Miller <Todd.Miller@courtesan.com>
- * Update Finish and Polish translations from translationproject.org
- [17e408d73c85] <1.8>
+ * plugins/sudoers/po/fi.po, plugins/sudoers/po/pl.po:
+ Update Finish and Polish translations from translationproject.org
+ [4e3dbba4a1de]
- * Go back to escaping the command args for "sudo -i" and "sudo -s"
+ * plugins/sudoers/sudoers.c, src/parse_args.c, src/sudo.c:
+ Go back to escaping the command args for "sudo -i" and "sudo -s"
before calling the plugin. Otherwise, spaces in the command args
are not treated properly. The sudoers plugin will unescape non-
spaces to make matching easier.
- [f666191a4e80] <1.8>
+ [dfa2c4636f33]
2011-07-28 Todd C. Miller <Todd.Miller@courtesan.com>
- * Fix some potential problems found by the clang static analyzer, none
+ * plugins/sudoers/check.c, plugins/sudoers/group_plugin.c,
+ plugins/sudoers/ldap.c, plugins/sudoers/parse.c,
+ plugins/sudoers/set_perms.c, plugins/sudoers/toke.c,
+ plugins/sudoers/toke.l:
+ Fix some potential problems found by the clang static analyzer, none
serious.
- [c1ab4b940980] <1.8>
+ [ff64aa74aae6]
- * Updated Ukranian and Chinese (simplified) po files from
+ * plugins/sudoers/po/uk.po, plugins/sudoers/po/zh_CN.po,
+ src/po/zh_CN.po:
+ Updated Ukranian and Chinese (simplified) po files from
translationproject.org
- [792a66672715] <1.8>
+ [ec792becb48e]
2011-07-27 Todd C. Miller <Todd.Miller@courtesan.com>
- * Updated Polish translation from translationproject.org
- [5f434cc04482] <1.8>
+ * plugins/sudoers/po/pl.po:
+ Updated Polish translation from translationproject.org
+ [a3af53cb649c]
* plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
Rebuild pot files
- [639230dbd741] <1.8>
+ [c650524c0f0a]
- * Don't try to audit failure if the runas user does not exist. We
+ * plugins/sudoers/audit.c, plugins/sudoers/sudoers.c:
+ Don't try to audit failure if the runas user does not exist. We
don't have the user's command at this point so there is nothing to
audit. Add a NULL check in audit_success() and audit_failure() just
to be on the safe side.
- [2bfb96a32b00] <1.8>
+ [2a0007c2022f]
- * Add -g to CFLAG for PIE builds.
- [e4c94977ca4e] <1.8>
+ * mkpkg:
+ Add -g to CFLAG for PIE builds.
+ [32a0a9693c9c]
2011-07-25 Todd C. Miller <Todd.Miller@courtesan.com>
- * Remove fallback to per-group lookup when matching groups in sudoers.
+ * plugins/sudoers/pwutil.c, plugins/sudoers/sudoers.c,
+ plugins/sudoers/sudoers.h, src/sudo.c:
+ Remove fallback to per-group lookup when matching groups in sudoers.
The sudo front-end will now use getgrouplist() to get the user's
list of groups if getgroups() fails or returns zero groups so we
always have a list of the user's groups. For systems with
mbr_check_membership() which support more that NGROUPS_MAX groups
(Mac OS X), skip the call to getgroups() and use getgrouplist() so
we get all the groups.
- [168d6d4a386b] <1.8>
+ [51b3ed8c600b]
2011-07-22 Todd C. Miller <Todd.Miller@courtesan.com>
- * Fix setgroups() fallback code on EINVAL.
- [dd1310945ab3] <1.8>
+ * common/setgroups.c:
+ Fix setgroups() fallback code on EINVAL.
+ [2b6faecd56a4]
- * Fix two PERM_INITIAL cases that were still using user_gids.
- [d497d0d47a23] <1.8>
+ * plugins/sudoers/set_perms.c:
+ Fix two PERM_INITIAL cases that were still using user_gids.
+ [9680bab0acc6]
- * Add Polish sudo message catalog
- [1a0aa3f9f179] <1.8>
+ * MANIFEST:
+ Add Polish sudo message catalog
+ [8bb40c3ba576]
- * user_group is no longer used, remove it
- [379185a76094] <1.8>
+ * plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h:
+ user_group is no longer used, remove it
+ [9acede0fe6c5]
-2011-07-21 Todd C. Miller <Todd.Miller@courtesan.com>
+2011-07-20 Todd C. Miller <Todd.Miller@courtesan.com>
- * Add Polish translation from translationproject.org
- [2e7cdfe4ef41] <1.8>
+ * MANIFEST, plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po:
+ Add Polish translation from translationproject.org
+ [afac5c638573]
- * Add a wrapper for setgroups() that trims off extra groups and
+ * MANIFEST, common/Makefile.in, common/setgroups.c,
+ plugins/sudoers/set_perms.c, plugins/sudoers/sudoers.h, src/sudo.c,
+ src/sudo.h, src/sudo_edit.c:
+ Add a wrapper for setgroups() that trims off extra groups and
retries if setgroups() fails. Also add some missing addrefs for
PERM_USER and PERM_FULL_USER.
- [bacb4170a510] <1.8>
+ [224dfd8aae5c]
- * configure, configure.in:
+ * MANIFEST, compat/Makefile.in, compat/getgrouplist.c, config.h.in,
+ configure, configure.in, include/missing.h, mkdep.pl,
+ plugins/sudoers/ldap.c, plugins/sudoers/pwutil.c,
+ plugins/sudoers/set_perms.c, plugins/sudoers/sudo_nss.c,
+ plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h, src/sudo.c:
Instead of keeping separate groups and gids arrays, create struct
group_info and use it to store both, along with a count for each.
Cache group info on a per-user basis using getgrouplist() to get the
groups. We no longer need special to special case the user or list
user for user_in_group() and thus no longer need to reset the groups
list when listing another user.
- [f1d8962821a0] <1.8>
+ [0ad849a8b2d5]
+
+ * src/preload.c:
+ Don't rely on NULL since we don't include a header for it.
+ [b40937f1890c]
+
+2011-07-19 Todd C. Miller <Todd.Miller@courtesan.com>
- * Don't rely on NULL since we don't include a header for it.
- [ed46286f848b] <1.8>
+ * doc/sudoers.pod:
+ Fix typo
+ [c1035360e169]
- * Fix typo
- [a38b8fbb0e70] <1.8>
+2011-07-18 Todd C. Miller <Todd.Miller@courtesan.com>
- * Do not shadow global sudo_mode with a local variable in set_cmnd()
- [8e462ebafea4] <1.8>
+ * plugins/sudoers/sudoers.c:
+ Do not shadow global sudo_mode with a local variable in set_cmnd()
+ [0c72969503ad]
2011-07-17 Todd C. Miller <Todd.Miller@courtesan.com>
- * bash 2.x doesd not support the -l flag and exits with an error if it
+ * plugins/sudoers/sudoers.c:
+ bash 2.x doesd not support the -l flag and exits with an error if it
is specified so use --login instead. This causes an error with bash
1.x (which uses -login instead) but this version is hopefully less
used than 2.x.
- [73020a67b9d5] <1.8>
+ [5c4c296e30e6]
- * Add Polish translation from translationproject.org
- [8cac0da9ffb1] <1.8>
+ * src/po/pl.mo, src/po/pl.po:
+ Add Polish translation from translationproject.org
+ [48592dd6edcf]
2011-07-13 Todd C. Miller <Todd.Miller@courtesan.com>
- * Make error strings translatable.
- [d1ff594f27b5] <1.8>
+ * plugins/sudoers/set_perms.c:
+ Make error strings translatable.
+ [414c5c484768]
- * Only run configure with --with-pam-login for RHEL 5 and above.
- [2f1a0ff5230e] <1.8>
+ * mkpkg:
+ Only run configure with --with-pam-login for RHEL 5 and above.
+ [6c16e4de4026]
- * Fix typo in summary
- [1e1d7dcae9ab] <1.8>
+ * sudo.pp:
+ Fix typo in summary
+ [9ac618c9a749]
2011-07-11 Todd C. Miller <Todd.Miller@courtesan.com>
- * Add missing logwrap.c
- [abcd28c194d2] <1.8>
+ * plugins/sudoers/logwrap.c:
+ Add missing logwrap.c
+ [c12a413ecc1d]
- * Split out log file word wrap code into its own file and add unit
+ * MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/logging.c,
+ plugins/sudoers/logging.h,
+ plugins/sudoers/regress/logging/check_wrap.c,
+ plugins/sudoers/regress/logging/check_wrap.in,
+ plugins/sudoers/regress/logging/check_wrap.out.ok:
+ Split out log file word wrap code into its own file and add unit
tests. Fixes an off-by one in the word wrap when the log line
length matches loglinelen.
- [0ae1c7aa9ef1] <1.8>
+ [52ed277f6690]
2011-07-05 Todd C. Miller <Todd.Miller@courtesan.com>
- * For SuSE, only use /usr/lib64 as libexec if generating 64-bit
+ * mkpkg:
+ For SuSE, only use /usr/lib64 as libexec if generating 64-bit
binaries.
- [4448fa1c639f] <1.8>
+ [645ab903cf77]
- * Fix build error when --without-noexec configure option is used.
- [f6bfd748ae45] <1.8>
+ * src/load_plugins.c, src/sudo.c:
+ Fix build error when --without-noexec configure option is used.
+ [b994f7b0d8b4]
* configure, configure.in:
Disable noexec for AIX < 5. LDR_PRELOAD is only available in AIX
5.3 and above.
- [9d957ae1840d] <1.8>
-
-2011-07-03 Todd C. Miller <Todd.Miller@courtesan.com>
-
- * NEWS, doc/UPGRADE:
- Document group lookup change and possible side effects.
- [fe4b2d2701b2] <1.8>
+ [c2a6f9b472f3]
2011-07-01 Todd C. Miller <Todd.Miller@courtesan.com>
- * Resolve the list of gids passed in from the sudo frontend (the
+ * plugins/sudoers/ldap.c, plugins/sudoers/pwutil.c,
+ plugins/sudoers/set_perms.c, plugins/sudoers/sudo_nss.c,
+ plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h:
+ Resolve the list of gids passed in from the sudo frontend (the
result of getgroups()) to names and store both the group names and
ids in the sudo_user struct. When matching groups in the sudoers
file, match based on the names in the groups list first and only do
group name (as it is listed in sudoers) instead of id (which we
would have to resolve) we save a lot of group lookups for sudoers
files with a lot of groups in them.
- [c10d208bd7e5] <1.8>
-
-2011-06-29 Todd C. Miller <Todd.Miller@courtesan.com>
-
- * NEWS:
- Update for 1.8.2rc5
- [f6a3aa2edf7a] <1.8>
+ [8dc19353f148]
2011-06-26 Todd C. Miller <Todd.Miller@courtesan.com>
- * Workaround for "sudo -i command" and newer versions of bash which
+ * plugins/sudoers/sudoers.c:
+ Workaround for "sudo -i command" and newer versions of bash which
don't go into login mode when -c is specified unless -l is too.
- [381e74d35006] <1.8>
+ [9393762b80f3]
2011-06-23 Todd C. Miller <Todd.Miller@courtesan.com>
- * Rewrite logfile word wrapping code to be more straight-forward and
+ * plugins/sudoers/logging.c:
+ Rewrite logfile word wrapping code to be more straight-forward and
actually wrap at the correct place.
- [8a7862d6a82f] <1.8>
+ [f712a0c90f55]
2011-06-22 Todd C. Miller <Todd.Miller@courtesan.com>
- * NEWS:
- Fix typo
- [2456ad2ad3e3] <1.8>
-
- * NEWS:
- Mention use_pty bug fix
- [f4eab5193452] <1.8>
-
- * Set use_pty=true in command details when use_pty is set in sudoers.
+ * doc/CONTRIBUTORS, doc/contributors.pod, plugins/sudoers/sudoers.c:
+ Set use_pty=true in command details when use_pty is set in sudoers.
From Ludwig Nussel
- [abaafc5793d9] <1.8>
+ [8d95a163dfc1]
2011-06-20 Todd C. Miller <Todd.Miller@courtesan.com>
- * Sync Chinese (simplified) PO files from translationproject.org
- [a4cf84dd9ddf] <1.8>
+ * plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po,
+ src/po/zh_CN.mo, src/po/zh_CN.po:
+ Sync Chinese (simplified) PO files from translationproject.org
+ [acce8eb7be18]
2011-06-18 Todd C. Miller <Todd.Miller@courtesan.com>
- * Add Danish translation from translationproject.org and add missing
+ * MANIFEST, plugins/sudoers/po/eu.mo, plugins/sudoers/po/fi.mo,
+ plugins/sudoers/po/uk.mo, src/po/da.mo, src/po/da.po, src/po/eu.mo:
+ Add Danish translation from translationproject.org and add missing
Basque mo files.
- [672b88adcc34] <1.8>
+ [0c22bb21b9c4]
* Makefile.in, configure, configure.in:
No longer need to specify LINGUAS in configure, "make install-nls"
now just installs all the .mo files it finds.
- [c226a39ece48] <1.8>
+ [fcd45cf04885]
2011-06-17 Todd C. Miller <Todd.Miller@courtesan.com>
- * Build CONTRIBUTORS from newly-added contributors.pod
- [b8871dd293ff] <1.8>
+ * MANIFEST, doc/CONTRIBUTORS, doc/Makefile.in, doc/contributors.pod:
+ Build CONTRIBUTORS from newly-added contributors.pod
+ [8b192f2720f4]
- * Rework the wording in the leading paragraph
- [d8b081dedeb3] <1.8>
+ * doc/CONTRIBUTORS:
+ Rework the wording in the leading paragraph
+ [312044145cdd]
-2011-06-16 Todd C. Miller <Todd.Miller@courtesan.com>
+2011-06-14 Todd C. Miller <Todd.Miller@courtesan.com>
- * Add a CONTRIBUTORS file with the names of folks who have contributed
+ * MANIFEST, doc/CONTRIBUTORS:
+ Add a CONTRIBUTORS file with the names of folks who have contributed
code or patches to sudo since I started maintaining it (plus the
original authors).
- [8b064e8996af] <1.8>
+ [b8bdd8b59528]
2011-06-13 Todd C. Miller <Todd.Miller@courtesan.com>
- * Preserve SHELL variable for "sudo -s". Otherwise we can end up with
+ * plugins/sudoers/env.c:
+ Preserve SHELL variable for "sudo -s". Otherwise we can end up with
a situation where the SHELL variable and the actual shell being run
do not match.
- [8f5bb61a8b76] <1.8>
+ [b8b3974aee3e]
2011-06-10 Todd C. Miller <Todd.Miller@courtesan.com>
* configure, configure.in:
Only enable Solaris project support when setproject() is present in
libproject.
- [bf370ff3c194] <1.8>
+ [49ad7857ab89]
- * Explicitly set mode and owner of /etc/sudoers instead of relying on
+ * sudo.pp:
+ Explicitly set mode and owner of /etc/sudoers instead of relying on
"cp -p" to work in the postinstall script. On AIX 6.1 at least the
postinstall script runs before the final file permissions are set.
- [7a4a87405349] <1.8>
+ [e41ffc0212b2]
- * Refer the user to the "Command Environment" section in description
+2011-06-09 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * doc/sudo.pod, doc/sudoers.pod:
+ Refer the user to the "Command Environment" section in description
of sudo's -i option.
- [1a063eaf9670] <1.8>
+ [263cc3be7eef]
+
+ * doc/sudo.pod:
+ Fix typo
+ [35dfac450f4d]
- * Fix typo
- [442c50370c44] <1.8>
+2011-06-08 Todd C. Miller <Todd.Miller@courtesan.com>
- * If there is no old dependency for an object file, use the MANIFEST
+ * mkdep.pl:
+ If there is no old dependency for an object file, use the MANIFEST
to find its source.
- [d95c77ad283f] <1.8>
+ [d15e3b9899f9]
- * Remove dependency for getgrouplist.lo as we don't ship that source
+ * compat/Makefile.in:
+ Remove dependency for getgrouplist.lo as we don't ship that source
file.
- [bbede77e6256] <1.8>
+ [312a6d5fe6b0]
+
+2011-06-07 Todd C. Miller <Todd.Miller@courtesan.com>
- * Do not declare yyparse() static as the actual function generated by
+ * plugins/sudoers/getdate.c, plugins/sudoers/getdate.y:
+ Do not declare yyparse() static as the actual function generated by
yacc is extern.
- [8e615bd15a4c] <1.8>
+ [9017b79dcf55]
+
+2011-06-06 Todd C. Miller <Todd.Miller@courtesan.com>
* Makefile.in:
Remove locale files in "make uninstall"
- [9791be90d5ac] <1.8>
-
-2011-06-06 Todd C. Miller <Todd.Miller@courtesan.com>
+ [201ff261ecbe]
- * configure.in:
+ * configure.in, plugins/sudoers/po/eu.po, plugins/sudoers/po/fi.po,
+ plugins/sudoers/po/uk.po, src/po/eu.po:
Add Basque translation and sync Finish and Ukranian translations.
- [64af34789164] <1.8>
-
- * NEWS:
- Update PAM change to reflect latest checkin.
- [657cddf2077a] <1.8>
+ [66d2c78c8a13]
* configure, configure.in:
FreeBSD no longer needs the main sudo binary to link with -lpam now
that plug-ins are loaded with RTLD_GLOBAL.
- [573a6f4b29af] <1.8>
+ [96c710df2457]
- * Load plugins with RTLD_GLOBAL instead of RTLD_LOCAL. This fixes
+ * plugins/sudoers/group_plugin.c, src/load_plugins.c:
+ Load plugins with RTLD_GLOBAL instead of RTLD_LOCAL. This fixes
problems with pam modules not having access to symbols provided by
libpam on some platforms. Affects FreeBSD and SLES 10 at least.
- [4ec864fdba46] <1.8>
+ [0d016983ec84]
* Makefile.in:
Move xgettext invocation out of update-po target into update-pot
- [421ac1a073ea] <1.8>
+ [19a73c6d017c]
2011-06-04 Todd C. Miller <Todd.Miller@courtesan.com>
* plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
Regenerate .pot files for 1.8.2rc2
- [d2a891e3d3dd] <1.8>
+ [c3037f591dd8]
- * Makefile.in:
+ * Makefile.in, common/Makefile.in, compat/Makefile.in,
+ doc/Makefile.in, include/Makefile.in, plugins/sample/Makefile.in,
+ plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in,
+ src/Makefile.in, zlib/Makefile.in:
Move nls targets to the top level Makefile so the paths in the pot
file are saner
- [6c256cb77f78] <1.8>
-
- * NEWS:
- Update 1.8.2 news
- [17bd04278b04] <1.8>
+ [65b9285cd8d9]
- * Add compiled version of sudo Finish translation
- [ff9d20a02aa0] <1.8>
+ * src/po/fi.mo:
+ Add compiled version of sudo Finish translation
+ [8f2405384ea3]
- * Update MANIFEST with .po and .mo files Rebuild sudoers fi and uk .mo
+ * MANIFEST, plugins/sudoers/po/fi.mo, plugins/sudoers/po/uk.mo:
+ Update MANIFEST with .po and .mo files Rebuild sudoers fi and uk .mo
files
- [60c4f3b3829c] <1.8>
+ [a165e70fa9ec]
- * configure, configure.in:
+ * configure, configure.in, plugins/sudoers/po/fi.po:
Add Finish translation from translationproject.org
- [ade788a35521] <1.8>
+ [4466f8a96ceb]
+
+2011-06-03 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * doc/sudoers.pod:
+ The group named by exempt_group should not have a % prefix.
+ [df084d6b32c8]
- * The group named by exempt_group should not have a % prefix.
- [1f74c691c1e1] <1.8>
+2011-06-01 Todd C. Miller <Todd.Miller@courtesan.com>
- * Fix typo; "Defaults group_plugin" not "Defaults sudo_plugin"
- [58d36c0e76f9] <1.8>
+ * doc/sudoers.pod:
+ Fix typo; "Defaults group_plugin" not "Defaults sudo_plugin"
+ [5113699a3f8b]
+
+2011-05-31 Todd C. Miller <Todd.Miller@courtesan.com>
- * Fix compressed io log corruption in background mode by using _exit()
+ * src/exec.c, src/exec_pty.c:
+ Fix compressed io log corruption in background mode by using _exit()
instead of exit() to avoid flushing buffers twice.
Improved background mode support. When not allocating a pty, the
command is run in its own process group. This prevents write access
to the tty. When running in a pty, stdin is not hooked up and we
never read from /dev/tty, which results in similar behavior.
- [fe50d6a5c5b9] <1.8>
+ [87c15149894c]
-2011-05-31 Todd C. Miller <Todd.Miller@courtesan.com>
-
- * Clean up regress files Generate proper dependencies for regress objs
+ * compat/Makefile.in, mkdep.pl, plugins/sudoers/Makefile.in:
+ Clean up regress files Generate proper dependencies for regress objs
in compat
- [264196584549] <1.8>
+ [88bfc728c1e7]
- * Add missing dependency for check_fill.o.
- [c41f4e6ff078] <1.8>
+ * plugins/sudoers/Makefile.in:
+ Add missing dependency for check_fill.o.
+ [0bd6362e3e17]
-2011-05-30 Todd C. Miller <Todd.Miller@courtesan.com>
+2011-05-29 Todd C. Miller <Todd.Miller@courtesan.com>
* INSTALL, configure, configure.in:
Add support for --enable-nls[=location]
- [0ea8e7bd1739] <1.8>
+ [b90db44a050f]
2011-05-28 Todd C. Miller <Todd.Miller@courtesan.com>
- * Include gettext.h
- [fe8bab6403c6] <1.8>
+ * plugins/sudoers/linux_audit.c:
+ Include gettext.h
+ [7f909a6e48cb]
- * Quiet gcc warnings.
- [aa16d09710a7] <1.8>
+ * plugins/sudoers/ldap.c, plugins/sudoers/parse.c:
+ Quiet gcc warnings.
+ [b41a6cdca583]
* configure, configure.in:
Don't install .mo files if gettext was not found.
- [c6b233e829aa] <1.8>
+ [1397b34cc165]
2011-05-27 Todd C. Miller <Todd.Miller@courtesan.com>
- * Always allocate a pty when running a command in the background but
+ * src/exec.c:
+ Always allocate a pty when running a command in the background but
call setsid() after forking to make sure we don't end up with a
controlling tty.
- [77c6b2923714] <1.8>
+ [b6454ba172e8]
- * Add missing space between command name and the first command line
+ * plugins/sudoers/iolog.c:
+ Add missing space between command name and the first command line
argument.
- [d0a36b9c0f38] <1.8>
+ [fe217f0a36d4]
- * Quiet a compiler warning on some platforms.
- [654e76cf0574] <1.8>
+ * plugins/sudoers/sudoreplay.c:
+ Quiet a compiler warning on some platforms.
+ [de9f2849f236]
- * README file that directs people to translationproject.org
- [5545e9a5ae37] <1.8>
+ * plugins/sudoers/po/README, src/po/README:
+ README file that directs people to translationproject.org
+ [30c0fc323281]
- * Sync translations with TP
- [b054ce577022] <1.8>
+ * plugins/sudoers/po/uk.po, src/po/fi.po:
+ Sync translations with TP
+ [1d7d64559cba]
* Makefile.in:
Add 'sync-po' target to top-level Makefile to rsync the po files
from translationproject.org.
- [87a5011b0410] <1.8>
+ [20508211aaa3]
- * install nls files from install target
- [a3feba9ef323] <1.8>
+ * plugins/sudoers/Makefile.in:
+ install nls files from install target
+ [5fc07b6cab38]
- * Makefile.in:
+ * Makefile.in, plugins/sudoers/Makefile.in, src/Makefile.in, sudo.pp:
Include .mo files in sudo binary packags.
- [bc3ee7e7fb44] <1.8>
+ [278d4821a916]
- * configure, configure.in:
+ * configure, configure.in, plugins/sudoers/po/zh_CN.mo,
+ plugins/sudoers/po/zh_CN.po, src/po/zh_CN.mo, src/po/zh_CN.po:
Add simplified chinese translation
- [c22e6842c766] <1.8>
+ [2b33ffc755b9]
2011-05-26 Todd C. Miller <Todd.Miller@courtesan.com>
- * configure, configure.in:
+ * configure, configure.in, plugins/sudoers/po/uk.mo,
+ plugins/sudoers/po/uk.po, src/po/uk.mo, src/po/uk.po:
Add ukranian translation
- [0bb9e6437f0f] <1.8>
+ [2d8102688e93]
- * refer to siglist.c, not ./siglist.c since not all makes will treat
+ * compat/Makefile.in:
+ refer to siglist.c, not ./siglist.c since not all makes will treat
foo and ./foo the same.
- [909051ff6061] <1.8>
+ [6639d293ffba]
- * Set def_preserve_groups before searching for the command when the -P
+ * plugins/sudoers/sudoers.c:
+ Set def_preserve_groups before searching for the command when the -P
flag is specified.
- [08e9378f50e4] <1.8>
+ [0edc7942f875]
- * Makefile.in:
+ * Makefile.in, compat/Makefile.in, mkdep.pl,
+ plugins/sudoers/Makefile.in:
Add dependency for siglist.lo in compat. This is a generated file
so "make depend" needs to depend on it.
- [e6c0daf36af0] <1.8>
+ [28d0932f8b50]
- * More dependency fixes.
- [7fed03624689] <1.8>
+ * compat/Makefile.in:
+ More dependency fixes.
+ [aad0d05cd020]
- * Fix a few dependencies.
- [7cb86c721961] <1.8>
+ * compat/Makefile.in:
+ Fix a few dependencies.
+ [eb21aa35a032]
- * Place compiled mo files in the src dir, not the build dir. When
+ * plugins/sudoers/Makefile.in, src/Makefile.in:
+ Place compiled mo files in the src dir, not the build dir. When
installing compiled mo files, display a status message.
- [b87aa18a9968] <1.8>
+ [e15634c29cd3]
2011-05-25 Todd C. Miller <Todd.Miller@courtesan.com>
- * Tivoli Directory Server requires that seconds be present in a
+ * doc/sudoers.ldap.pod, plugins/sudoers/ldap.c:
+ Tivoli Directory Server requires that seconds be present in a
timestamp, even though RFC 4517 states that they are optional.
- [47ebf110ea7a] <1.8>
+ [55fe23dd4ef9]
- * Add missing bit of copyright
- [d05d28a91bc4] <1.8>
+ * plugins/sudoers/sudo_nss.h:
+ Add missing bit of copyright
+ [d2eba3c364ca]
- * Mention cycle detection warnings
- [ee8231aa1aed] <1.8>
+ * doc/visudo.pod:
+ Mention cycle detection warnings
+ [a76bef15ab67]
- * When checking aliases, also check the contents of the alias in case
+ * plugins/sudoers/visudo.c:
+ When checking aliases, also check the contents of the alias in case
there are problems with an alias that is referenced inside another.
Replace the self reference check with real alias cycle detection.
- [abcfe1bc95d8] <1.8>
+ [a66c904cf53b]
- * Set errno to ELOOP in alias_find() if there is a cycle. Set errno to
+ * plugins/sudoers/alias.c:
+ Set errno to ELOOP in alias_find() if there is a cycle. Set errno to
ENOENT in alias_find() and alias_remove() if the entry could not be
found.
- [e73d169f4e9b] <1.8>
+ [b4f0b89e433c]
- * Increment alias_seqno before calls to alias_remove_recursive() to
+ * plugins/sudoers/visudo.c:
+ Increment alias_seqno before calls to alias_remove_recursive() to
avoid false positives with the alias loop detection. Fixes spurious
warnings about unused aliases when they are nested.
- [ac094820ef19] <1.8>
+ [a344483b8193]
- * add mkdep.pl
- [3721e9654ba6] <1.8>
+ * MANIFEST:
+ add mkdep.pl
+ [86b7ed33eab2]
- * Add dependency on convenience libs to binaries
- [8a4db8226dfe] <1.8>
+ * plugins/sudoers/Makefile.in:
+ Add dependency on convenience libs to binaries
+ [cd3078b3c997]
* Makefile.in:
mkdep.pl only works when run from the src dir
- [2480427a0680] <1.8>
+ [f35a5e47c944]
- * Makefile.in:
+ * Makefile.in, common/Makefile.in, compat/Makefile.in, mkdep.pl,
+ plugins/sample/Makefile.in, plugins/sample_group/Makefile.in,
+ plugins/sudoers/Makefile.in, src/Makefile.in, zlib/Makefile.in:
Auto-generate Makefile dependencies with a perl script.
- [ef5f56907d97] <1.8>
+ [a3e4afcd7975]
2011-05-23 Todd C. Miller <Todd.Miller@courtesan.com>
- * If the user specifies a runas group via sudo's -g option that
+ * plugins/sudoers/match.c:
+ If the user specifies a runas group via sudo's -g option that
matches the runas user's group in the passwd database and that group
is not denied in the Runas_Spec, allow it. Thus, if user root's gid
in /etc/passwd is 0, then "sudo -u root -g root id" is allow even if
no groups are present in the Runas_Spec.
- [942e1e7c5090] <1.8>
+ [e3f9732dc564]
2011-05-22 Todd C. Miller <Todd.Miller@courtesan.com>
- * NEWS:
- Mention what is new in 1.8.2 (for now)
- [d44b26eceee5] <1.8>
-
- * Add dependencies on gettext.h
- [32c61c6af852] <1.8>
-
- * Fix install-nls target with HP-UX sh when gettext is not present.
- [3441cece9638] <1.8>
+ * plugins/sudoers/Makefile.in, src/Makefile.in:
+ Add dependencies on gettext.h
+ [a3a9dc51f78b]
- * doc/sudo.cat, doc/sudo.man.in, doc/sudo_plugin.cat,
- doc/sudo_plugin.man.in, doc/sudoers.cat, doc/sudoers.ldap.cat,
- doc/sudoers.ldap.man.in, doc/sudoers.man.in, doc/sudoreplay.cat,
- doc/sudoreplay.man.in, doc/visudo.cat, doc/visudo.man.in:
- Regen for sudo 1.8.2
- [9ea124b542cc] <1.8>
+ * plugins/sudoers/Makefile.in, src/Makefile.in:
+ Fix install-nls target with HP-UX sh when gettext is not present.
+ [0c6b9655cd41]
2011-05-20 Todd C. Miller <Todd.Miller@courtesan.com>
- * plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
+ * plugins/sudoers/Makefile.in, plugins/sudoers/po/sudoers.pot,
+ src/Makefile.in, src/po/sudo.pot:
regenerate .pot files for lbuf changes
- [a8a9cc62c3a5] <1.8>
+ [918ded125a0b]
* configure, configure.in:
Add missing "checking" message for gettext when using the cache.
- [4136bc346576] <1.8>
+ [9c21187ad1d2]
- * Add primitive format string support to the lbuf code to make
+ * common/lbuf.c, include/lbuf.h, plugins/sudoers/ldap.c,
+ plugins/sudoers/parse.c, plugins/sudoers/sudo_nss.c,
+ src/parse_args.c:
+ Add primitive format string support to the lbuf code to make
translations simpler.
- [22fc74618d09] <1.8>
+ [ee71c7ef5299]
- * configure, configure.in, plugins/sudoers/po/sudoers.pot,
- src/po/sudo.pot:
- Bump version to 1.8.2
- [999de1ac5b3e] <1.8>
+ * MANIFEST, plugins/sudoers/Makefile.in,
+ plugins/sudoers/po/sudoers.pot, src/Makefile.in, src/po/sudo.pot:
+ Add message catalog template files for sudo and the sudoers module.
+ [f3f8acb1f014]
- * Add message catalog template files for sudo and the sudoers module.
- [6afad75e7afa] <1.8>
-
- * configure.in:
+ * MANIFEST, common/aix.c, common/alloc.c, compat/strsignal.c,
+ config.h.in, configure.in, doc/Makefile.in, include/gettext.h,
+ plugins/sudoers/iolog.c, plugins/sudoers/plugin_error.c,
+ plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
+ plugins/sudoers/sudoreplay.c, plugins/sudoers/visudo.c, src/error.c,
+ src/net_ifs.c, src/sesh.c, src/sudo.c, src/sudo.h:
Add gettext.h convenience header. This is similar to but distinct
from the one included with the gettext package.
- [5ae5a86e0d06] <1.8>
+ [930a0591f73c]
+
+2011-05-19 Todd C. Miller <Todd.Miller@courtesan.com>
* configure, configure.in:
Add checks for nroff -c and -Tascii flags
- [580c21905280] <1.8>
+ [19ca990b3149]
* configure, configure.in:
Add check for HP bundled C Compiler (which cannot create shared
libs)
- [34f616cbb0f3] <1.8>
+ [517716a7072d]
- * Fix C format warnings.
- [f20a43a817f0] <1.8>
+ * plugins/sudoers/sudoreplay.c:
+ Fix C format warnings.
+ [6514326013fa]
- * Add __printflike
- [76bf8a4bf075] <1.8>
+ * include/error.h:
+ Add __printflike
+ [e1749a30a406]
- * Translate help / usage strings.
- [16c5b7902d4c] <1.8>
+ * plugins/sudoers/ldap.c, plugins/sudoers/parse.c,
+ plugins/sudoers/sudo_nss.c, plugins/sudoers/sudoreplay.c,
+ plugins/sudoers/visudo.c, src/parse_args.c:
+ Translate help / usage strings.
+ [ee1cc9b1a8bd]
- * Set --msgid-bugs-address to the bugzilla url
- [3e3cfa7b4ceb] <1.8>
+ * plugins/sudoers/Makefile.in, src/Makefile.in:
+ Set --msgid-bugs-address to the bugzilla url
+ [5a0aa250ca21]
- * INSTALL, Makefile.in, README, configure, configure.in:
+ * Makefile.in, common/Makefile.in, compat/Makefile.in, configure,
+ configure.in, doc/Makefile.in, include/Makefile.in,
+ plugins/sample/Makefile.in, plugins/sample_group/Makefile.in,
+ plugins/sudoers/Makefile.in, src/Makefile.in, zlib/Makefile.in:
Add scaffolding to update .po files and install .mo files.
- [a51e60b35e47] <1.8>
+ [f05f4eed1fe1]
- * Minor warning/error cleanup
- [593144ac87ff] <1.8>
+ * doc/license.pod:
+ update copyright year
+ [fa0c62523875]
- * configure.in:
+ * INSTALL, README:
+ No need to include version number at the top of these files.
+ [9f2981325351]
+
+2011-05-18 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/env.c,
+ plugins/sudoers/find_path.c, plugins/sudoers/group_plugin.c,
+ plugins/sudoers/sudoers.c, plugins/sudoers/sudoreplay.c,
+ plugins/sudoers/visudo.c:
+ Minor warning/error cleanup
+ [9236dc85aeab]
+
+ * config.h.in, configure.in:
Emulate ngettext for the non-nls case
- [7cdf82de4dee] <1.8>
+ [13571d63fa36]
+
+ * plugins/sudoers/ldap.c:
+ Do not mark untranslatable strings for translation
+ [735f5d4413fe]
- * Do not mark untranslatable strings for translation
- [088271ed02d0] <1.8>
+ * plugins/sudoers/check.c:
+ Use ROOT_UID not 0.
+ [09a268db8da4]
- * Use ROOT_UID not 0.
- [f901fa2fdaf2] <1.8>
+ * plugins/sudoers/check.c, plugins/sudoers/iolog.c,
+ plugins/sudoers/logging.c, src/exec.c, src/exec_pty.c,
+ src/load_plugins.c, src/sudo.c, src/sudo_edit.c:
+ Minor warning/error message cleanup
+ [3c7b1a7939b5]
- * Minor warning/error message cleanup
- [b99c7ef46236] <1.8>
+ * plugins/sudoers/auth/fwtk.c, plugins/sudoers/auth/sudo_auth.c,
+ plugins/sudoers/iolog.c, plugins/sudoers/ldap.c,
+ plugins/sudoers/logging.c, plugins/sudoers/mon_systrace.c,
+ plugins/sudoers/sudoreplay.c, plugins/sudoers/visudo.c, src/exec.c,
+ src/exec_pty.c, src/net_ifs.c, src/selinux.c:
+ cannot -> "unable to" in warning/error messages
+ [31c3897649e9]
- * cannot -> "unable to" in warning/error messages can't -> "unable to"
- in warning/error messages
- [5119140fabc7] <1.8>
+ * plugins/sudoers/check.c, plugins/sudoers/mon_systrace.c,
+ plugins/sudoers/set_perms.c, plugins/sudoers/sudo_nss.c,
+ plugins/sudoers/sudoers.c, plugins/sudoers/visudo.c, src/exec_pty.c,
+ src/sudo.c, src/utmp.c:
+ can't -> "unable to" in warning/error messages
+ [127b75f15291]
* configure, configure.in:
FreeBSD needs the main sudo executable to link with -lpam when
loading dynaic pam modules for some reason.
- [738b6778a505] <1.8>
+ [944522cc9bef]
- * We don't want to translate debugging messages.
- [357a575c2dfd] <1.8>
+2011-05-17 Todd C. Miller <Todd.Miller@courtesan.com>
- * configure, configure.in:
+ * plugins/sudoers/ldap.c, src/exec.c, src/exec_pty.c, src/sudo.c:
+ We don't want to translate debugging messages.
+ [56a1a365815a]
+
+ * configure, configure.in, plugins/sudoers/Makefile.in,
+ plugins/sudoers/iolog.c, plugins/sudoers/plugin_error.c,
+ plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
+ plugins/sudoers/sudoreplay.c, plugins/sudoers/visudo.c,
+ src/Makefile.in, src/sesh.c, src/sudo.c:
Add calls to bindtextdomain() and textdomain() Currently there are
two domains, one for the sudo front-end and one for the sudoers
plugin and its associated utilities.
- [907f39439d80] <1.8>
+ [0426138f789e]
* configure, configure.in:
Fix caching of libc gettext check.
- [e229c21f412f] <1.8>
+ [942142d2c43a]
- * Mark defaults descriptions for translation
- [65e03d1f8203] <1.8>
+ * plugins/sudoers/def_data.c, plugins/sudoers/defaults.c,
+ plugins/sudoers/mkdefaults:
+ Mark defaults descriptions for translation
+ [5b27f018e6cf]
* NEWS:
Update for sudo 1.8.1p2
- [89c31f2aa11e] <1.8>
+ [747c4dee2ca7]
- * Quiet compiler warning when SELinux is enabled.
- [51b1d7c8aa86] <1.8>
+2011-05-16 Todd C. Miller <Todd.Miller@courtesan.com>
- * dd missing includes of libintl.h.
- [25662143d36d] <1.8>
+ * plugins/sudoers/toke.c, plugins/sudoers/toke.l:
+ Quiet compiler warning when SELinux is enabled.
+ [1fbf77dda240]
+
+ * plugins/sudoers/plugin_error.c, plugins/sudoers/sudoreplay.c,
+ src/error.c, src/net_ifs.c, src/sesh.c:
+ Add missing includes of libintl.h.
+ [bc1d66316082]
+
+ * plugins/sudoers/auth/pam.c:
+ Fix gettext marker.
+ [a5cf4ed66c66]
- * Fix gettext marker.
- [7618856ba5de] <1.8>
+ * common/aix.c, common/alloc.c, compat/strsignal.c,
+ plugins/sudoers/auth/pam.c, plugins/sudoers/sudoers.h, src/sudo.h:
+ Include libint.h where needed.
+ [2b0e5a663c7b]
- * Include libint.h where needed.
- [cc256b297b9d] <1.8>
+ * plugins/sudoers/alias.c, plugins/sudoers/auth/bsdauth.c,
+ plugins/sudoers/auth/fwtk.c, plugins/sudoers/auth/kerb5.c,
+ plugins/sudoers/auth/pam.c, plugins/sudoers/auth/rfc1938.c,
+ plugins/sudoers/auth/securid.c, plugins/sudoers/auth/securid5.c,
+ plugins/sudoers/auth/sia.c, plugins/sudoers/auth/sudo_auth.c,
+ plugins/sudoers/bsm_audit.c, plugins/sudoers/check.c,
+ plugins/sudoers/defaults.c, plugins/sudoers/env.c,
+ plugins/sudoers/find_path.c, plugins/sudoers/gram.c,
+ plugins/sudoers/gram.y, plugins/sudoers/group_plugin.c,
+ plugins/sudoers/interfaces.c, plugins/sudoers/iolog.c,
+ plugins/sudoers/iolog_path.c, plugins/sudoers/ldap.c,
+ plugins/sudoers/linux_audit.c, plugins/sudoers/logging.c,
+ plugins/sudoers/parse.c, plugins/sudoers/plugin_error.c,
+ plugins/sudoers/pwutil.c, plugins/sudoers/set_perms.c,
+ plugins/sudoers/sudo_nss.c, plugins/sudoers/sudoers.c,
+ plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
+ plugins/sudoers/toke.c, plugins/sudoers/toke.l,
+ plugins/sudoers/toke_util.c, plugins/sudoers/visudo.c:
+ Prepare sudoers module messages for translation.
+ [7212ae1909c5]
- * Prepare sudoers module messages for translation.
- [1b7f0bbaa55f] <1.8>
+ * plugins/sudoers/sudoers.c:
+ Only check gid of sudoers file if it is group-readable.
+ [50e3bc0cb242]
- * Only check gid of sudoers file if it is group-readable.
- [f3cae943f35a] <1.8>
+ * plugins/sudoers/auth/aix_auth.c:
+ For AIX, keep calling authenticate() until reenter reaches 0.
+ [e240815b74b1]
- * For AIX, keep calling authenticate() until reenter reaches 0.
- [e412676bac73] <1.8>
+2011-05-09 Todd C. Miller <Todd.Miller@courtesan.com>
* configure, configure.in:
Cache the status of the initial gettext() check.
- [c32281768c0f] <1.8>
+ [32751ebe1704]
* INSTALL, configure, configure.in:
Add --disable-nls flag and improve checks for gettext.
- [b39674c1e538] <1.8>
+ [c7e6b17052de]
* configure, configure.in:
When building with gcc on HP-UX, use -march=1.1 to produce portable
binaries on a pa-risc2 host. Previously, the +Dportable option was
used for the HP-UX C compiler but gcc always produced native
binaries.
- [41351c23ad41] <1.8>
-
- * Prepare sudo front end messages for translation.
- [7807d6f74dac] <1.8>
-
- * configure, configure.in:
- Add initial scaffolding to support localization via gettext()
- [cdbbff7e6376] <1.8>
+ [8f4c749324d7]
-2011-05-19 Todd C. Miller <Todd.Miller@courtesan.com>
-
- * doc/license.pod:
- update copyright year
- [d681661f03cc] <1.8>
+2011-05-06 Todd C. Miller <Todd.Miller@courtesan.com>
- * INSTALL, README:
- No need to include version number at the top of these files.
- [7e11f673f773] <1.8>
-
- * README:
- This is sudo 1.8.1 not 1.8.0
- [4d674f230d8a] <1.8>
+ * common/aix.c, common/alloc.c, compat/strsignal.c, src/error.c,
+ src/exec.c, src/exec_pty.c, src/load_plugins.c, src/net_ifs.c,
+ src/parse_args.c, src/selinux.c, src/sesh.c, src/sudo.c,
+ src/sudo_edit.c, src/tgetpass.c, src/utmp.c:
+ Prepare sudo front end messages for translation.
+ [2fc2fabceccb]
2011-05-04 Todd C. Miller <Todd.Miller@courtesan.com>
- * Don't let the fnmatch/glob macros expand the function prototype.
- [d449e9a8f447] <1.8>
+ * config.h.in, configure, configure.in, plugins/sudoers/auth/pam.c:
+ Add initial scaffolding to support localization via gettext()
+ [7d47b59fcf95]
+
+ * compat/fnmatch.h, compat/glob.h:
+ Don't let the fnmatch/glob macros expand the function prototype.
+ [a9014aa0288e]
2011-05-03 Todd C. Miller <Todd.Miller@courtesan.com>
- * Resolve namespace collisions on HP-UX ia64 and possibly others by
+ * compat/fnmatch.c, compat/fnmatch.h, compat/glob.c, compat/glob.h:
+ Resolve namespace collisions on HP-UX ia64 and possibly others by
adding a rpl_ prefix to our fnmatch and glob replacements and
#defining rpl_foo to foo in the header files.
- [d23889375b21] <1.8>
+ [caa9b690a15d]
2011-04-29 Todd C. Miller <Todd.Miller@courtesan.com>
- * Split ALL, ROLE and TYPE into their own actions. Since you can only
+ * plugins/sudoers/toke.c, plugins/sudoers/toke.l:
+ Split ALL, ROLE and TYPE into their own actions. Since you can only
have #ifdefs inside of braces, ROLE and TYPE use a naughty goto in
the non-SELinux case. This is safe because the actions are in one
big switch() statement.
- [0bd9b7e37ab1] <1.8>
+ [7473fc2cfa2c]
+
+ * plugins/sudoers/toke.c, plugins/sudoers/toke.l:
+ Fix regexp for matching a CIDR-style IPv4 netmask. From Marc Espie.
+ [9be3480c2865]
- * Fix regexp for matching a CIDR-style IPv4 netmask. From Marc Espie.
- [8dec97b359e0] <1.8>
+2011-04-27 Todd C. Miller <Todd.Miller@courtesan.com>
- * askpass moved from sudoers to sudo.conf in sudo 1.8.0
- [1001d87d82ed] <1.8>
+ * doc/UPGRADE, doc/sudoers.pod:
+ askpass moved from sudoers to sudo.conf in sudo 1.8.0
+ [b2c2956cec4e]
- * Remove obsolete warning about runas_default and ordering. Move
+ * doc/sudoers.pod:
+ Remove obsolete warning about runas_default and ordering. Move
syslog facility and priority lists into the section where the
relevant options are described.
- [1286b9624021] <1.8>
+ [e57b8dc3f779]
2011-04-26 Todd C. Miller <Todd.Miller@courtesan.com>
- * Fix SIA support; we no longer have access to the real argc and argv
+ * plugins/sudoers/auth/sia.c:
+ Fix SIA support; we no longer have access to the real argc and argv
so allocate space for a fake one and use the argv passed to the
plugin with "sudo" for argv[0].
- [7c11eeffb91c] <1.8>
+ [1c0552772ad2]
- * Remove useless realloc when trying to get the buffer size right.
- [58128e7f4e28] <1.8>
+2011-04-23 Todd C. Miller <Todd.Miller@courtesan.com>
- * Be explicit when setting euid to 0 before call to setreuid(0, 0)
- [95769a564ab8] <1.8>
+ * src/net_ifs.c:
+ Remove useless realloc when trying to get the buffer size right.
+ [792225380a62]
-2011-04-18 Todd C. Miller <Todd.Miller@courtesan.com>
+ * plugins/sudoers/set_perms.c:
+ Be explicit when setting euid to 0 before call to setreuid(0, 0)
+ [7bfeb629fccb]
- * NEWS:
- sudo 1.8.1p1 updates
- [de3d688b5bb1] <1.8>
+2011-04-18 Todd C. Miller <Todd.Miller@courtesan.com>
* configure, configure.in:
Need to do checks for krb5_verify_user, krb5_init_secure_context and
- krb5_get_init_creds_opt_alloc regardless of whether or
- notkrb5-config is present.
- [456c4a9cd5d6] <1.8>
+ krb5_get_init_creds_opt_alloc regardless of whether or not
+ krb5-config is present.
+ [9d1b98ece1d3]
2011-04-15 Todd C. Miller <Todd.Miller@courtesan.com>
- * Work around weird AIX saved uid semantics on setuid() and
+ * plugins/sudoers/set_perms.c:
+ Work around weird AIX saved uid semantics on setuid() and
setreuid(). On AIX, setuid() will only set the saved uid if the euid
is already 0.
- [5d0a69e9d181] <1.8>
+ [069fc08150ca]
2011-04-14 Todd C. Miller <Todd.Miller@courtesan.com>
- * update copyright year
- [fa8da6d55783] <1.8>
+ * sudo.pp:
+ update copyright year
+ [1c42d579ba6e]
- * Treat a missing includedir like an empty one and do not return an
+ * plugins/sudoers/toke.c, plugins/sudoers/toke.l:
+ Treat a missing includedir like an empty one and do not return an
error.
- [5fd9fe004728] <1.8>
+ [92f71d8cbfd4]
2011-04-12 Todd C. Miller <Todd.Miller@courtesan.com>
- * Fix ARCH setting in cross-compile Solaris packages.
- [8ce40940f6c9] <1.8>
+ * pp:
+ Fix ARCH setting in cross-compile Solaris packages.
+ [b0de281cc889]
- * Fix aix version setting.
- [02a9e25d46ba] <1.8>
+ * sudo.pp:
+ Fix aix version setting.
+ [98437dbfb085]
- * Remove extraneous parens in LDAP filter when sudoers_search_filter
+ * plugins/sudoers/ldap.c:
+ Remove extraneous parens in LDAP filter when sudoers_search_filter
is enabled that causes a search error. From Matthew Thomas.
- [b67be9b51ec6] <1.8>
+ [1d75bf1fc8d9]
2011-04-11 Todd C. Miller <Todd.Miller@courtesan.com>
- * Correct sizeof() to fix test failure.
- [a11b89fd13f9] <1.8>
+ * plugins/sudoers/regress/iolog_path/check_iolog_path.c:
+ Correct sizeof() to fix test failure.
+ [fd2f7c0c0572]
- * "install" target should depend on "install-dirs". Fixes "make -j"
+ * plugins/sudoers/Makefile.in:
+ "install" target should depend on "install-dirs". Fixes "make -j"
problem and closes bz #487. From Chris Coleman.
- [06ab0558f848] <1.8>
-
-2011-04-09 Todd C. Miller <Todd.Miller@courtesan.com>
-
- * .hgtags:
- Added tag SUDO_1_8_1 for changeset 0ed6281995f0
- [543d41a163e9] <1.8>
-
- * doc/sudo.cat, doc/sudo.man.in, doc/sudo_plugin.cat,
- doc/sudo_plugin.man.in, doc/sudoers.cat, doc/sudoers.ldap.cat,
- doc/sudoers.ldap.man.in, doc/sudoers.man.in, doc/sudoreplay.cat,
- doc/sudoreplay.man.in, doc/visudo.cat, doc/visudo.man.in:
- Regen man pages for 1.8.1
- [0ed6281995f0] [SUDO_1_8_1] <1.8>
+ [083902d38edb]
2011-04-07 Todd C. Miller <Todd.Miller@courtesan.com>
- * Add HAVE_RFC1938_SKEYCHALLENGE
- [c0d7eb39799d] <1.8>
+ * config.h.in:
+ Add HAVE_RFC1938_SKEYCHALLENGE
+ [a94cb33758a8]
2011-04-06 Todd C. Miller <Todd.Miller@courtesan.com>
- * Mention plugin loading and libgcc changes
- [b74929cba37c] <1.8>
+ * NEWS:
+ Mention plugin loading and libgcc changes
+ [e11b30b5026a]
- * Load plugins after parsing arguments and potentially printing the
+ * src/load_plugins.c, src/sudo.c, src/sudo_plugin_int.h:
+ Load plugins after parsing arguments and potentially printing the
version. That way, an error loading or initializing a plugin
doesn't break "sudo -h" or "sudo -V".
- [c1ecb5979cf0] <1.8>
+ [1b76f2b096a2]
* Makefile.in:
When using a sub-shell to invoke the sub-make, exec make instead of
running it inside the shell to avoid an extra process.
- [9439f016c993] <1.8>
+ [fd2c04a71fbf]
- * Stop testing unspecified behavior in fnmatch Make glob test more
+ * compat/regress/fnmatch/fnm_test.in, compat/regress/glob/globtest.c:
+ Stop testing unspecified behavior in fnmatch Make glob test more
portable
- [87a91d76fbff] <1.8>
+ [229803093725]
- * No need to add current dir to include path and having it breaks the
+ * compat/Makefile.in:
+ No need to add current dir to include path and having it breaks the
test programs that expect to get the system glob.h and fnmatch.h
- [3ae7f9e7b710] <1.8>
+ [68085f624be4]
- * configure, configure.in:
+ * INSTALL, configure, configure.in:
Fix and document --with-plugindir; partially from Diego Elio Petteno
- [0220a0c2606f] <1.8>
+ [07edc52ea89e]
- * Fix fnmatch and glob tests to not use hard-coded flag values in the
+ * compat/Makefile.in, compat/regress/fnmatch/fnm_test.c,
+ compat/regress/fnmatch/fnm_test.in, compat/regress/glob/globtest.c,
+ compat/regress/glob/globtest.in:
+ Fix fnmatch and glob tests to not use hard-coded flag values in the
input file. Link test programs with libreplace so we get our
replacement verions as needed.
- [66bab80241e0] <1.8>
+ [c2cca448f660]
* Makefile.in:
If make in a subdir fails, fail the target in the upper level
Makefile too. Adapted from a patch from Diego Elio Petteno
- [bc35b7813507] <1.8>
+ [76fc9a0d96fd]
- * configure, configure.in:
+ * configure, configure.in, plugins/sudoers/auth/rfc1938.c:
Add check for NetBSD-style 4-argument skeychallenge() as Gentoo also
has this. Adapted from a patch from Diego Elio Petteno
- [bb6228f484b9] <1.8>
+ [a97279a59b93]
- * Make SUDOERS_LDFLAGS reference $(LDFLAGS) instead of using @LDFLAGS@
+ * plugins/sudoers/Makefile.in:
+ Make SUDOERS_LDFLAGS reference $(LDFLAGS) instead of using @LDFLAGS@
directly.
- [47e6d5fadc6d] <1.8>
+ [47b884029b3b]
* configure, configure.in:
Fix warnings when -without-skey, --without-opie, --without-kerb4,
--without-kerb5 or --without-SecurID were specified.
- [1b75035dd129] <1.8>
+ [71ad150f4d24]
- * Add plugins/sudoers/sudoers_version.h
- [1d470c6033ca] <1.8>
+ * MANIFEST:
+ Add plugins/sudoers/sudoers_version.h
+ [7423966de440]
- * configure, configure.in:
+ * configure, configure.in, plugins/sample/Makefile.in,
+ plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in:
Back out the --with-libpath addition to SUDOERS_LDFLAGS since that
now include LDFLAGS in the sudoers Makefile.in. Add missing settng
of @LDFLAGS@ in plugin Makefile.in files.
- [dd237f43aa12] <1.8>
+ [b835826f889c]
2011-04-05 Todd C. Miller <Todd.Miller@courtesan.com>
- * Mention %#gid support in User_List and Runas_List
- [37e259b9181b] <1.8>
+ * NEWS:
+ Mention %#gid support in User_List and Runas_List
+ [5a983dff017a]
- * Keep track of sudoers grammar version and report it in the -V
+ * plugins/sudoers/sudoers.c, plugins/sudoers/sudoers_version.h,
+ plugins/sudoers/visudo.c:
+ Keep track of sudoers grammar version and report it in the -V
output.
- [0e0b891dd8a4] <1.8>
+ [52901a3c0296]
- * Add multiple inclusion guard
- [ec6884f51ea8] <1.8>
+ * plugins/sudoers/sudo_nss.h:
+ Add multiple inclusion guard
+ [50853aed046e]
- * configure, configure.in:
+ * configure, configure.in, plugins/sample/Makefile.in,
+ plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in:
The --with-libpath option now adds to SUDOERS_LDFLAGS as well as
LDFLAGS. Remove old -static hack for HP-UX < 9. Add LTLDFLAGS and
set it to -Wc,-static-libgcc if not using GNU ld so we don't
have a dependency on the shared libgcc in sudoers.so.
- [28d03f3eb0d2] <1.8>
+ [66ad8bc5e32d]
- * Fix typo; from Petr Uzel
- [d19b9bd92bd3] <1.8>
+ * doc/sudoers.pod:
+ Fix typo; from Petr Uzel
+ [f9a7afd80892]
2011-04-01 Todd C. Miller <Todd.Miller@courtesan.com>
- * In dump-only mode, use "root" as the default username instead of
+ * plugins/sudoers/testsudoers.c:
+ In dump-only mode, use "root" as the default username instead of
"nobody" as the latter may not be available on all systems.
- [b304111616dd] <1.8>
+ [0c48e6414337]
2011-03-31 Todd C. Miller <Todd.Miller@courtesan.com>
- * Remove NewArgv/NewArgc, they are no longer needed.
- [c0a36a42a68c] <1.8>
+ * plugins/sudoers/testsudoers.c:
+ Remove NewArgv/NewArgc, they are no longer needed.
+ [16e18f734c7e]
- * Fix setting of user_args
- [529e79ea95d1] <1.8>
+ * plugins/sudoers/testsudoers.c:
+ Fix setting of user_args
+ [aa29e0d0a54a]
- * Add '!' token to lex tracing
- [aef295d428e7] <1.8>
+ * plugins/sudoers/toke.c, plugins/sudoers/toke.l:
+ Add '!' token to lex tracing
+ [5227ad266235]
- * Use group bin in test, not wheel as most systems have the bin group
+ * plugins/sudoers/regress/testsudoers/test1.sh:
+ Use group bin in test, not wheel as most systems have the bin group
but the same is no longer true of wheel.
- [350347f09c1a] <1.8>
+ [718802b3b45e]
- * Avoid using pre or post increment in a parameter to a ctype(3)
+ * plugins/sudoers/toke.c, plugins/sudoers/toke.l:
+ Avoid using pre or post increment in a parameter to a ctype(3)
function as it might be a macro that causes the increment to happen
more than once.
- [8a94ebdd53b8] <1.8>
+ [78e281152c3a]
2011-03-30 Todd C. Miller <Todd.Miller@courtesan.com>
- * Strip off the beta or release candidate version when building AIX
+ * sudo.pp:
+ Strip off the beta or release candidate version when building AIX
packages.
- [00ad950764e2] <1.8>
+ [28fe31668559]
* configure, configure.in:
We need to include OSDEFS in CFLAGS when doing the utmp/utmpx
structure checks for glibc which only has __e_termination visible
when _GNU_SOURCE is *not* defined.
- [1d58420a4a4a] <1.8>
+ [59ae1698911f]
- * getuserattr(user, ...) will fall back to the "default" entry
+ * common/aix.c:
+ getuserattr(user, ...) will fall back to the "default" entry
automatically, there's no need to check "default" manually.
- [cefffa82967d] <1.8>
-
- * Document parser changes.
- [5038238f60eb] <1.8>
+ [3c7a47a61fdb]
2011-03-29 Todd C. Miller <Todd.Miller@courtesan.com>
- * Makefile.in:
+ * doc/UPGRADE:
+ Document parser changes.
+ [ec415503308d]
+
+ * Makefile.in, common/Makefile.in, compat/Makefile.in,
+ doc/Makefile.in, include/Makefile.in, plugins/sample/Makefile.in,
+ plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in,
+ src/Makefile.in, zlib/Makefile.in:
If there is an existing sudoers file, only install if it passes a
syntax check.
- [b1e4c9c56fe0] <1.8>
+ [37427c73e8cb]
- * Add runasgroup support to testsudoers
- [30838590e9de] <1.8>
+ * plugins/sudoers/regress/sudoers/test6.out.ok,
+ plugins/sudoers/testsudoers.c:
+ Add runasgroup support to testsudoers
+ [047ea5571f33]
- * For "make check", keep going even if a test fails.
- [d3a72f67227e] <1.8>
+ * plugins/sudoers/Makefile.in:
+ For "make check", keep going even if a test fails.
+ [ce6a0a73c372]
- * More useful exit codes:
+ * plugins/sudoers/testsudoers.c:
+ More useful exit codes:
* 0 - parsed OK and command matched.
* 1 - parse error
* 2 - command not matched
* 3 - command denied
- [59301e0769cd] <1.8>
+ [1d2ce1361903]
- * Document %#gid, and %:#nonunix_gid syntax.
- [39ee15af58e9] <1.8>
+ * doc/sudoers.pod:
+ Document %#gid, and %:#nonunix_gid syntax.
+ [492d4f9696c4]
- * Add support to user_in_group() for treating group names that begin
+ * plugins/sudoers/pwutil.c:
+ Add support to user_in_group() for treating group names that begin
with a '#' as gids.
- [0eb19980cf5f] <1.8>
+ [20240c94a134]
- * configure, configure.in:
+ * config.h.in, configure, configure.in, src/utmp.c:
Add explicit check for struct utmpx.ut_exit.e_termination and struct
utmpx.ut_exit.__e_termination. HP-UX uses the latter. Only update
ut_exit if we detect one or the other.
- [ab5b665fc04b] <1.8>
+ [b4e8cab777e6]
2011-03-28 Todd C. Miller <Todd.Miller@courtesan.com>
- * Add back missing #include of config.h
- [9c82bec81018] <1.8>
+ * plugins/sudoers/toke.c:
+ Add back missing #include of config.h
+ [9ab3897a1b2e]
- * Avoid a NULL deref on unrecognized escapes. Collapse %% -> % like
+ * plugins/sudoers/iolog_path.c,
+ plugins/sudoers/regress/iolog_path/data:
+ Avoid a NULL deref on unrecognized escapes. Collapse %% -> % like
strftime() does.
- [1ae630470f8a] <1.8>
+ [93395762cdcd]
- * Quote first argument to AC_DEFUN(); from Elan Ruusamae
- [c467e9e3b399] <1.8>
+ * aclocal.m4:
+ Quote first argument to AC_DEFUN(); from Elan Ruusamae
+ [97f53ad31d77]
2011-03-27 Todd C. Miller <Todd.Miller@courtesan.com>
- * add new sudoers tests
- [05f2a0924acc] <1.8>
+ * MANIFEST:
+ add new sudoers tests
+ [476af91b3da3]
- * Add test for a newline in the middle of a string when no line
+ * plugins/sudoers/regress/sudoers/test8.in,
+ plugins/sudoers/regress/sudoers/test8.out.ok,
+ plugins/sudoers/regress/sudoers/test8.toke.ok:
+ Add test for a newline in the middle of a string when no line
continuation character is used.
- [24b79be5822b] <1.8>
+ [de2394bc86ab]
- * Use bitwise AND instead of modulus to check for length being odd. A
+ * plugins/sudoers/toke.c, plugins/sudoers/toke.l:
+ Use bitwise AND instead of modulus to check for length being odd. A
newline in the middle of a string is an error unless a line
continuation character is used.
- [65c468599688] <1.8>
+ [bdb1d762a1d5]
- * Move lexer globals initialization into init_lexer.
- [07a1171a1853] <1.8>
+ * plugins/sudoers/gram.c, plugins/sudoers/gram.y,
+ plugins/sudoers/toke.c, plugins/sudoers/toke.l:
+ Move lexer globals initialization into init_lexer.
+ [1ce62211aadb]
- * Fix a potential crash when a non-regular file is present in an
+ * plugins/sudoers/toke.c, plugins/sudoers/toke.l:
+ Fix a potential crash when a non-regular file is present in an
includedir. Fixes bz #452
- [5057cb9516e4] <1.8>
+ [1586760c3525]
- * On some Linux systems, "uname -p" contains detailed processor info
+ * pp:
+ On some Linux systems, "uname -p" contains detailed processor info
so check "uname -m" first and then "uname -p" if needed. Recognize
PLD Linux.
- [56226c84a060] <1.8>
+ [b8535cb9012e]
2011-03-25 Todd C. Miller <Todd.Miller@courtesan.com>
- * Don't need all sudoers.h here.
- [43b6ae5999c5] <1.8>
+ * plugins/sudoers/redblack.c:
+ Don't need all sudoers.h here.
+ [8c0929f42dab]
- * Print sudo version early, in case policy plugin init fails.
- [620f2d0ec4b1] <1.8>
+ * src/sudo.c:
+ Print sudo version early, in case policy plugin init fails.
+ [47cddc4358bc]
2011-03-24 Todd C. Miller <Todd.Miller@courtesan.com>
- * Update to match change in input.
- [69540f84721d] <1.8>
-
- * Make an empty group or netgroup a syntax error.
- [4b85bddc494e] <1.8>
+ * plugins/sudoers/regress/sudoers/test4.toke.ok:
+ Update to match change in input.
+ [4a3af8e68790]
- * An empty group or netgroup should be a syntax error.
- [6ec796972eff] <1.8>
-
- * Check that uids work in per-user and per-runas Defaults Check that
+ * plugins/sudoers/toke.c, plugins/sudoers/toke.l:
+ Make an empty group or netgroup a syntax error.
+ [66f51ddc2ff6]
+
+ * plugins/sudoers/regress/sudoers/test7.in,
+ plugins/sudoers/regress/sudoers/test7.out.ok,
+ plugins/sudoers/regress/sudoers/test7.toke.ok:
+ An empty group or netgroup should be a syntax error.
+ [bd5bf1e2edce]
+
+ * plugins/sudoers/regress/sudoers/test6.in,
+ plugins/sudoers/regress/sudoers/test6.out.ok,
+ plugins/sudoers/regress/sudoers/test6.toke.ok:
+ Check that uids work in per-user and per-runas Defaults Check that
uids and gids work in a Command_Spec
- [68cf62353420] <1.8>
+ [c5e848e6082b]
- * Test empty string in User_Alias and Command_Spec
- [017d487c31be] <1.8>
+ * plugins/sudoers/regress/sudoers/test5.in,
+ plugins/sudoers/regress/sudoers/test5.out.ok,
+ plugins/sudoers/regress/sudoers/test5.toke.ok:
+ Test empty string in User_Alias and Command_Spec
+ [3a084d777e03]
- * Allow a group ID in the User_Spec.
- [37e0bf69c8d8] <1.8>
-
- * Return an error for the empty string when a word is expected. Allow
- an ID for per-user or per-runas Defaults.
- [4c9020779582] <1.8>
+ * plugins/sudoers/toke.c, plugins/sudoers/toke.l:
+ Allow a group ID in the User_Spec.
+ [bc2859eb71dc]
2011-03-23 Todd C. Miller <Todd.Miller@courtesan.com>
- * Fix printing "User_Alias FOO = ALL"
- [97c9fd7caeb7] <1.8>
+ * plugins/sudoers/toke.c, plugins/sudoers/toke.l:
+ Return an error for the empty string when a word is expected. Allow
+ an ID for per-user or per-runas Defaults.
+ [915c259b00ff]
+
+ * plugins/sudoers/testsudoers.c:
+ Fix printing "User_Alias FOO = ALL"
+ [ba58c3d548b3]
2011-03-22 Todd C. Miller <Todd.Miller@courtesan.com>
- * Better error message about invalid -C argument
- [2301e7a3835b] <1.8>
+ * src/parse_args.c:
+ Better error message about invalid -C argument
+ [c9a8d15bbf5d]
- * fix typo
- [c5acde62a309] <1.8>
+ * NEWS:
+ fix typo
+ [cdcfbafed013]
- * Fix placement of equal size ('=') in user specification summary.
- [4d0ffef77ae4] <1.8>
+ * doc/sudoers.pod:
+ Fix placement of equal size ('=') in user specification summary.
+ [5ad7178b230d]
2011-03-21 Todd C. Miller <Todd.Miller@courtesan.com>
- * update to match sudoers regress
- [0efb8dc9092a] <1.8>
+ * MANIFEST:
+ update to match sudoers regress
+ [e04db0648717]
- * Restore ability to define TRACELEXER and have trace output go to
+ * plugins/sudoers/toke.c, plugins/sudoers/toke.l:
+ Restore ability to define TRACELEXER and have trace output go to
stderr.
- [441c8b372217] <1.8>
+ [d9531e4d1b20]
- * Restore old behavior of setting sawspace = TRUE for command line
+ * plugins/sudoers/toke.c, plugins/sudoers/toke.l:
+ Restore old behavior of setting sawspace = TRUE for command line
args when a line continuation character is hit to avoid causing
problems for existing sudoers files.
- [963ded6ce070] <1.8>
+ [fd930ad25550]
- * Add test for line continuation and aliases
- [5703d11a3c46] <1.8>
+ * plugins/sudoers/regress/sudoers/test4.in,
+ plugins/sudoers/regress/sudoers/test4.out.ok,
+ plugins/sudoers/regress/sudoers/test4.toke.ok:
+ Add test for line continuation and aliases
+ [29ab538ca6bb]
- * Make test output line up nicely for parse vs. toke
- [15321ce2d7d9] <1.8>
+ * plugins/sudoers/Makefile.in:
+ Make test output line up nicely for parse vs. toke
+ [257ef82c1434]
- * plugins/sudoers/regress/testsudoers/test1.ok,
+ * plugins/sudoers/Makefile.in,
+ plugins/sudoers/regress/sudoers/test1.in,
+ plugins/sudoers/regress/sudoers/test1.out.ok,
+ plugins/sudoers/regress/sudoers/test1.toke.ok,
+ plugins/sudoers/regress/sudoers/test2.in,
+ plugins/sudoers/regress/sudoers/test2.out.ok,
+ plugins/sudoers/regress/sudoers/test2.toke.ok,
+ plugins/sudoers/regress/sudoers/test3.in,
+ plugins/sudoers/regress/sudoers/test3.out.ok,
+ plugins/sudoers/regress/sudoers/test3.toke.ok,
+ plugins/sudoers/regress/testsudoers/test1.ok,
+ plugins/sudoers/regress/testsudoers/test1.out.ok,
+ plugins/sudoers/regress/testsudoers/test1.sh,
plugins/sudoers/regress/testsudoers/test2.out,
plugins/sudoers/regress/testsudoers/test2.sh,
plugins/sudoers/regress/testsudoers/test3.ok,
plugins/sudoers/regress/visudo/test1.sh:
Move parser tests to sudoers directory and test the tokenizer output
too.
- [111c1ccda334] <1.8>
+ [44f529b3cdb6]
- * If we match a rule anchored to the beginning of a line after parsing
+ * plugins/sudoers/toke.c, plugins/sudoers/toke.l:
+ If we match a rule anchored to the beginning of a line after parsing
a line continuation character, return an ERROR token. It would be
nicer to use REJECT instead but that substantially slows down the
lexer.
- [67e54b14aa9d] <1.8>
+ [355478293f8c]
- * Move LEXTRACE macro to toke.h so we can use it in yyerror().
- [e6e04037deed] <1.8>
+ * plugins/sudoers/gram.c, plugins/sudoers/gram.y,
+ plugins/sudoers/toke.c, plugins/sudoers/toke.h,
+ plugins/sudoers/toke.l:
+ Move LEXTRACE macro to toke.h so we can use it in yyerror().
+ [72ee7a06d3ca]
- * Make lex tracing settable at run-time in testsudoers via the -t
+2011-03-20 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * plugins/sudoers/testsudoers.c, plugins/sudoers/toke.c,
+ plugins/sudoers/toke.l:
+ Make lex tracing settable at run-time in testsudoers via the -t
flag. Trace output goes to stderr. Will be used by regress tests
to check lexer.
- [a973f43cc0c2] <1.8>
+ [93bd53c413c8]
- * Allow whitespace after the modifier in a Defaults entry. E.g.
+ * plugins/sudoers/toke.c, plugins/sudoers/toke.l:
+ Allow whitespace after the modifier in a Defaults entry. E.g.
"Defaults: username set_home"
- [bf876c9fc5bb] <1.8>
+ [9dfcf8dd8a3a]
2011-03-18 Todd C. Miller <Todd.Miller@courtesan.com>
- * Don't set CC when cross-compiling.
- [d3c33dcb02f2] <1.8>
+ * mkpkg:
+ Don't set CC when cross-compiling.
+ [4b95b0c04e1c]
- * Credit Matthew Thomas for the sudoers_search_filter changes.
- [2209b80664af] <1.8>
+ * NEWS:
+ Credit Matthew Thomas for the sudoers_search_filter changes.
+ [a65998ab09f7]
- * Add the .sym files to the MANIFEST
- [bb452b28a009] <1.8>
+ * MANIFEST:
+ Add the .sym files to the MANIFEST
+ [f599225cc861]
- * Update for sudo 1.8.1 beta
- [700d42d80e00] <1.8>
+ * NEWS:
+ Update for sudo 1.8.1 beta
+ [71021e854c49]
- * user_shell -> run_shell to avoid confusion with the user's SHELL
+ * doc/sudo_plugin.pod, plugins/sudoers/sudoers.c, src/parse_args.c:
+ user_shell -> run_shell to avoid confusion with the user's SHELL
variable.
- [451b96d5f97e] <1.8>
+ [dc0ac6dafc21]
- * Save the controlling tty process group before suspending in pty
+ * src/exec_pty.c:
+ Save the controlling tty process group before suspending in pty
mode. Previously, we assumed that the child pgrp == child pid
(which is usually, but not always, the case).
- [b0841d861191] <1.8>
+ [10b2883b7875]
- * Add support for sudoers_search_filter setting in ldap.conf. This
+ * doc/sudoers.ldap.pod, plugins/sudoers/ldap.c:
+ Add support for sudoers_search_filter setting in ldap.conf. This
can be used to restrict the set of records returned by the LDAP
query.
- [70c5f496e2b3] <1.8>
+ [b0f1b721d102]
2011-03-17 Todd C. Miller <Todd.Miller@courtesan.com>
* configure, configure.in:
Remove the hack to disable -g in CFLAGS unless --with-devel
- [9459839f50ba] <1.8>
+ [89822cf84ef4]
- * The '@' character does not normally need to be quoted.
- [e66c4c64e514] <1.8>
+ * doc/sudoers.pod:
+ The '@' character does not normally need to be quoted.
+ [7823f5ed829a]
- * We normaly transition from GOTDEFS to STARTDEFS on whitespace, but
+ * plugins/sudoers/toke.c, plugins/sudoers/toke.l:
+ We normaly transition from GOTDEFS to STARTDEFS on whitespace, but
if that whitespace is followed by a comma, we want to treat it as
part of a list and not transition.
- [52ae2df9959d] <1.8>
+ [1ca6943e1824]
- * Add check for whitespace when a User_List is used for a per-user
+ * plugins/sudoers/regress/testsudoers/test3.ok,
+ plugins/sudoers/regress/testsudoers/test3.sh:
+ Add check for whitespace when a User_List is used for a per-user
Defaults entry.
- [44a4db95be86] <1.8>
+ [91f75e6dd19a]
- * Expand quoted name checks to cover recent fixes.
- [bd494b5c2bed] <1.8>
+ * plugins/sudoers/regress/testsudoers/test2.out,
+ plugins/sudoers/regress/testsudoers/test2.sh:
+ Expand quoted name checks to cover recent fixes.
+ [ce4f76bca146]
- * Fix parsing of double-quoted names in Defaults and Aliases which was
+ * plugins/sudoers/toke.c, plugins/sudoers/toke.l:
+ Fix parsing of double-quoted names in Defaultd and Aliases which was
broken in 601d97ea8792.
- [dfdd58c3eb3b] <1.8>
+ [424b0d6c1dc4]
- * toke_util.c lives in $(srcdir) not $(devdir)
- [94f8f024782e] <1.8>
+ * plugins/sudoers/Makefile.in:
+ toke_util.c lives in $(srcdir) not $(devdir)
+ [94866bebee83]
2011-03-16 Todd C. Miller <Todd.Miller@courtesan.com>
* configure, configure.in:
- Update version to 1.8.1
- [531a7d520f18] <1.8>
+ Change trunk version to 1.8.x to distinguish from real 1.8.0.
+ [a9781e61d064]
- * Document major changes in 1.8.1 and add upgrade notes.
- [116821646140] <1.8>
+ * NEWS, doc/UPGRADE:
+ Document major changes in 1.8.1 and add upgrade notes.
+ [f2cf51b0d9ce]
- * Be careful not to deref user_stat if it is NULL. This cannot
+ * plugins/sudoers/match.c:
+ Be careful not to deref user_stat if it is NULL. This cannot
currently happen in sudo but might in other programs using the
parser.
- [d72a9c7151c4] <1.8>
+ [06a2334dd674]
- * configure will not add -O2 to CFLAGS if it is already defined to add
+ * mkpkg:
+ configure will not add -O2 to CFLAGS if it is already defined to add
-O2 to the CFLAGS we pass in when PIE is being used.
- [2c7fe82be93d] <1.8>
+ [1ce6481ece59]
- * Warn about the dangers of log_input and mention iolog_file and
+ * doc/sudoers.pod:
+ Warn about the dangers of log_input and mention iolog_file and
iolog_dir in the log_input and log_output descriptions.
- [edc6aa59aa45] <1.8>
+ [ae854ffb0768]
- * sync with git version
- [b121cf739c77] <1.8>
+ * pp:
+ sync with git version
+ [a993e39ce3cb]
- * It seems that h comes after i
- [99ad15015f05] <1.8>
+ * doc/sudoers.pod:
+ It seems that h comes after i
+ [0f621109220d]
- * Move log_input and log_output to their proper, sorted, location.
+ * doc/sudoers.pod:
+ Move log_input and log_output to their proper, sorted, location.
Document set_utmp and utmp_runas.
- [216ce8b0ae1a] <1.8>
+ [273b234b9c34]
- * Save the controlling tty process group before suspending so we can
+ * src/exec.c:
+ Save the controlling tty process group before suspending so we can
restore it when we resume. Fixes job control problems on Linux
caused by the previous attemp to fix resuming a shell when I/O
logging not enabled.
- [dfe038f733be] <1.8>
+ [f03a660315ee]
- * Fix printing of the remainder after a newline. Fixes "sudo -l"
+ * common/lbuf.c:
+ Fix printing of the remainder after a newline. Fixes "sudo -l"
output corruption that could occur in some cases.
- [ab2f0a629e0d] <1.8>
+ [25d83fb501fc]
- * Add support for ut_exit
- [7039ec6a73fa] <1.8>
+2011-03-15 Todd C. Miller <Todd.Miller@courtesan.com>
- * Add support for controlling whether utmp is updated and which user
+ * config.h.in, configure, configure.in, src/exec_pty.c,
+ src/sudo_exec.h, src/utmp.c:
+ Add support for ut_exit
+ [b574c13f1bba]
+
+ * doc/sudo_plugin.pod, plugins/sudoers/def_data.c,
+ plugins/sudoers/def_data.h, plugins/sudoers/def_data.in,
+ plugins/sudoers/defaults.c, plugins/sudoers/sudoers.c, src/exec.c,
+ src/exec_pty.c, src/sudo.c, src/sudo.h, src/sudo_exec.h, src/utmp.c:
+ Add support for controlling whether utmp is updated and which user
is listed in the entry.
- [1b008ce71eab] <1.8>
+ [44a81632133f]
- * Fix typo; tupple vs. tuple
- [67bb5c67ae3d] <1.8>
+ * plugins/sudoers/def_data.h, plugins/sudoers/defaults.h,
+ plugins/sudoers/ldap.c, plugins/sudoers/mkdefaults,
+ plugins/sudoers/parse.c:
+ Fix typo; tupple vs. tuple
+ [697744acb710]
- * For legacy utmp, strip the /dev/ prefix before trying to determine
+ * src/utmp.c:
+ For legacy utmp, strip the /dev/ prefix before trying to determine
slot since the ttys file does not include the /dev/ prefix.
- [8f597114381d] <1.8>
+ [7ad5b81ff90c]
- * Add check for _PATH_UTMP
- [fe7e2456f017] <1.8>
+ * aclocal.m4, configure, configure.in, pathnames.h.in:
+ Add check for _PATH_UTMP
+ [21e638029bfd]
+
+2011-03-14 Todd C. Miller <Todd.Miller@courtesan.com>
- * Adapt check_iolog_path to sessid changes
- [3016201869b6] <1.8>
+ * plugins/sudoers/regress/iolog_path/check_iolog_path.c:
+ Adapt check_iolog_path to sessid changes
+ [728b5fe2be6f]
- * Redo utmp handling. If no getutent()/getutxent() is available,
+ * config.h.in, configure, configure.in, src/Makefile.in,
+ src/exec_pty.c, src/sudo_exec.h, src/utmp.c:
+ Redo utmp handling. If no getutent()/getutxent() is available,
assume a ttyslot-based utmp. If getttyent() is available, use that
directly instead of ttyslot() so we don't have to do the stdin dup2
dance.
- [817490c7c20e] <1.8>
+ [18aa455cd140]
- * Move utmp handling into utmp.c
- [e4729d9259e9] <1.8>
+2011-03-11 Todd C. Miller <Todd.Miller@courtesan.com>
- * Update copyright years.
- [1065afc00233] <1.8>
+ * MANIFEST, src/Makefile.in, src/exec_pty.c, src/sudo_exec.h,
+ src/utmp.c:
+ Move utmp handling into utmp.c
+ [f6eae6c8e012]
-2011-03-11 Todd C. Miller <Todd.Miller@courtesan.com>
+ * common/aix.c, common/alloc.c, common/fileops.c, common/fmt_string.c,
+ common/lbuf.c, common/list.c, compat/isblank.c, compat/memrchr.c,
+ compat/mksiglist.c, compat/nanosleep.c, compat/snprintf.c,
+ compat/strlcat.c, compat/strlcpy.c, compat/strsignal.c,
+ compat/utimes.c, doc/sudo.pod, doc/visudo.pod,
+ include/sudo_plugin.h, plugins/sample/sample_plugin.c,
+ plugins/sample_group/getgrent.c, plugins/sample_group/plugin_test.c,
+ plugins/sudoers/alias.c, plugins/sudoers/auth/afs.c,
+ plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/bsdauth.c,
+ plugins/sudoers/auth/dce.c, plugins/sudoers/auth/fwtk.c,
+ plugins/sudoers/auth/kerb4.c, plugins/sudoers/auth/kerb5.c,
+ plugins/sudoers/auth/pam.c, plugins/sudoers/auth/passwd.c,
+ plugins/sudoers/auth/rfc1938.c, plugins/sudoers/auth/secureware.c,
+ plugins/sudoers/auth/securid.c, plugins/sudoers/auth/securid5.c,
+ plugins/sudoers/auth/sia.c, plugins/sudoers/boottime.c,
+ plugins/sudoers/bsm_audit.c, plugins/sudoers/env.c,
+ plugins/sudoers/find_path.c, plugins/sudoers/goodpath.c,
+ plugins/sudoers/logging.c, plugins/sudoers/parse.c,
+ plugins/sudoers/parse.h, plugins/sudoers/redblack.c,
+ plugins/sudoers/set_perms.c, plugins/sudoers/timestr.c,
+ plugins/sudoers/tsgetgrpw.c, plugins/sudoers/visudo.c, src/exec.c,
+ src/exec_pty.c, src/get_pty.c, src/parse_args.c, src/sudo.c,
+ src/sudo.h, src/sudo_edit.c, src/sudo_exec.h, src/sudo_noexec.c,
+ src/sudo_plugin_int.h, src/tgetpass.c:
+ Update copyright years.
+ [16aa39f9060a]
- * Add "user_shell" boolean as a way to indicate to the plugin that the
+ * doc/sudo_plugin.pod, plugins/sudoers/sudoers.c,
+ plugins/sudoers/sudoers.h, src/parse_args.c:
+ Add "user_shell" boolean as a way to indicate to the plugin that the
-s flag was given.
- [6e8bc49b7ea7] <1.8>
+ [fb1ef0897b32]
- * Move sessid out of sudo_user.
- [00d67d5ba894] <1.8>
+ * plugins/sudoers/iolog_path.c, plugins/sudoers/logging.c,
+ plugins/sudoers/sudoers.h:
+ Move sessid out of sudo_user.
+ [ba298ddb57f4]
- * Log the TSID even if it is not a simple session ID.
- [490cf0adae29] <1.8>
+ * plugins/sudoers/iolog.c, plugins/sudoers/iolog_path.c,
+ plugins/sudoers/logging.c, plugins/sudoers/sudoers.c,
+ plugins/sudoers/sudoers.h:
+ Log the TSID even if it is not a simple session ID.
+ [d7cc1b9c513c]
- * Document noexec in sample.sudo.conf and add back noexec_file section
+ * doc/sample.sudo.conf, doc/sudo.pod, doc/sudoers.pod:
+ Document noexec in sample.sudo.conf and add back noexec_file section
in sudoers with a note that it is deprecated.
- [c7a2d8d0c563] <1.8>
+ [4a6e961e494d]
- * Fix running commands as non-root on systems where setreuid() changes
+ * plugins/sudoers/set_perms.c:
+ Fix running commands as non-root on systems where setreuid() changes
the saved uid based on the effective uid we are changing to.
- [f3b27db56ba6] <1.8>
+ [df0769b71b34]
2011-03-10 Todd C. Miller <Todd.Miller@courtesan.com>
- * Move noexec path into sudo.conf now that sudo itself handles noexec.
+ * plugins/sudoers/defaults.c, src/load_plugins.c, src/sudo.c,
+ src/sudo.h:
+ Move noexec path into sudo.conf now that sudo itself handles noexec.
Currently can be configured in sudoers too but is now undocumented
and will be removed in a future release.
- [9c5f64709994] <1.8>
+ [6fa8befdc110]
- * Document "Path noexec ..." in sudo.conf. No longer document
+ * doc/sudo.pod, doc/sudoers.pod:
+ Document "Path noexec ..." in sudo.conf. No longer document
noexec_file in sudoers, it will be removed in a future release.
- [959fa6b5217b] <1.8>
+ [24eee3a0b3e5]
- * Move noexec handling to sudo front-end where it is documented as
+ * plugins/sudoers/env.c, plugins/sudoers/sudoers.c,
+ plugins/sudoers/sudoers.h, src/sudo.c, src/sudo.h:
+ Move noexec handling to sudo front-end where it is documented as
being.
- [ef6cd4a40c61] <1.8>
+ [3ed4f10d7052]
- * Add support for disabling exec via solaris privileges. Includes
+ * config.h.in, configure, configure.in, plugins/sudoers/sudoers.c,
+ src/exec.c, src/exec_pty.c, src/sudo.c, src/sudo.h, src/sudo_edit.c,
+ src/sudo_exec.h:
+ Add support for disabling exec via solaris privileges. Includes
preparation for moving noexec support out of sudoers and into front
end as documented.
- [d9c05ba9a24f] <1.8>
-
- * Only export the symbols corresponding to the plugin structs.
- [cb07af1d9b39] <1.8>
-
- * Install plugins manually instead of using libtool. This works
+ [dec843ed553e]
+
+ * plugins/sample/Makefile.in, plugins/sample/sample_plugin.sym,
+ plugins/sample_group/Makefile.in,
+ plugins/sample_group/sample_group.sym, plugins/sudoers/Makefile.in,
+ plugins/sudoers/sudoers.sym:
+ Only export the symbols corresponding to the plugin structs.
+ [8d8d03b0ca54]
+
+ * configure, configure.in, plugins/sample/Makefile.in,
+ plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in:
+ Install plugins manually instead of using libtool. This works
around a problem on AIX where libtool will install a .a file
containing the .so file instead of the .so file itself.
- [1ccf5af58c05] <1.8>
+ [796971cfbddb]
* Makefile.in:
Move check into its own rule since some versions of make will run
both targets as the default rule.
- [7159f37eb552] <1.8>
+ [34d759979176]
- * Update to libtool 2.2.10
- [9e49773b32b7] <1.8>
+ * configure, ltmain.sh, m4/libtool.m4, m4/ltoptions.m4,
+ m4/ltversion.m4, m4/lt~obsolete.m4:
+ Update to libtool 2.2.10
+ [34c130de6af7]
- * In handle_signals(), restart the read() on EINTR to make sure we
+2011-03-09 Todd C. Miller <Todd.Miller@courtesan.com>
+
+ * src/exec.c:
+ In handle_signals(), restart the read() on EINTR to make sure we
keep up with the signal pipe. Don't return -1 on EAGAIN, it just
means we have emptied the pipe.
- [dc2926097b2d] <1.8>
+ [d5b9c8eb9000]
- * Reorder functions to quiet a compiler warning.
- [5201367e5db4] <1.8>
+ * compat/mktemp.c:
+ Reorder functions to quiet a compiler warning.
+ [c9e9a23729f0]
- * Use the Sun Studio C compiler on Solaris if possible
- [b8d43b423fb9] <1.8>
+ * mkpkg:
+ Use the Sun Studio C compiler on Solaris if possible
+ [11a86e27891e]
2011-03-08 Todd C. Miller <Todd.Miller@courtesan.com>
- * Fix default setting of osversion variable.
- [e12905851be5] <1.8>
+ * mkpkg:
+ Fix default setting of osversion variable.
+ [52e49ca1cedd]
- * Make two login_class entris consistent.
- [0671d7b204be] <1.8>
+ * doc/sudo_plugin.pod:
+ Make two login_class entris consistent.
+ [18ff1fa94a91]
- * Add support for adding a utmp entry when allocating a new pty.
+ * config.h.in, configure, configure.in, src/exec.c, src/exec_pty.c,
+ src/sudo_exec.h:
+ Add support for adding a utmp entry when allocating a new pty.
Requires the BSD login(3) or SYSV/POSIX getutent()/getutxent().
Currently only creates a new entry if the existing tty has a utmp
entry.
- [40ff30099e79] <1.8>
+ [32db72b81d80]
- * Avoid pulling in headers we don't need on Linux For getutx?id(),
+ * plugins/sudoers/boottime.c:
+ Avoid pulling in headers we don't need on Linux For getutx?id(),
call setutx?ent() first and always call endutx?ent().
- [b86f7a13aae9] <1.8>
+ [5dad21e1ee1b]
- * Add some more libs to SUDOERS_LIBS instead of relying on them to be
+ * configure, configure.in:
+ Add some more libs to SUDOERS_LIBS instead of relying on them to be
pulled in by SUDO_LIBS.
- [bcbd16ec56c6] <1.8>
+ [18a7c21c09a7]
- * Fix return value of "sudo -l command" when command is not allowed,
+ * plugins/sudoers/sudoers.c:
+ Fix return value of "sudo -l command" when command is not allowed,
broken in [c7097ea22111]. The default return value is now TRUE and
a bad: label is used when permission is denied. Also fixed missing
permissions restoration on certain errors. On error()/errorx(), the
password and group files are now closed before returning.
- [757c941a47b2] <1.8>
+ [4f2d0e869ae5]
2011-03-07 Todd C. Miller <Todd.Miller@courtesan.com>
- * Fix passing of login class back to sudo front end.
- [5e649de6b7f5] <1.8>
+ * plugins/sudoers/set_perms.c, plugins/sudoers/sudoers.c:
+ Fix passing of login class back to sudo front end.
+ [6f70a784ce48]
- * Add --osversion flag to specify OS instead of running "pp
+ * mkpkg:
+ Add --osversion flag to specify OS instead of running "pp
--probeonly"
- [8a03943ac5e8] <1.8>
+ [a8efdccb7bc1]
- * Fix expr usage w/ GNU expr
- [bdecfa1f54fc] <1.8>
+ * sudo.pp:
+ Fix expr usage w/ GNU expr
+ [48895599ee63]
2011-03-06 Todd C. Miller <Todd.Miller@courtesan.com>
- * Fix exit value for validate and list mode.
- [6f8b20199935] <1.8>
+ * plugins/sudoers/sudoers.c:
+ Fix exit value for validate and list mode.
+ [c7097ea22111]
- * Fix non-interactive mode with sudoers plugin.
- [cf5aca4fcbcf] <1.8>
+ * plugins/sudoers/sudoers.c:
+ Fix non-interactive mode with sudoers plugin.
+ [172f29597bd2]
2011-03-05 Todd C. Miller <Todd.Miller@courtesan.com>
- * sudoreplay can now find IDs other than %{seq} and display the
+ * doc/sudoreplay.pod:
+ sudoreplay can now find IDs other than %{seq} and display the
session.
- [60396b417633] <1.8>
-
- * Add support for replaying sessions when iolog_file is set to
- something other than %{seq}.
- [1cd2baa74d56] <1.8>
+ [fc3dd3be67e9]
2011-03-04 Todd C. Miller <Todd.Miller@courtesan.com>
- * If we are killed by a signal, display the name of the signal that
+ * plugins/sudoers/sudoreplay.c:
+ Add support for replaying sessions when iolog_file is set to
+ something other than %{seq}.
+ [ca3131243874]
+
+ * plugins/sudoers/visudo.c:
+ If we are killed by a signal, display the name of the signal that
got us.
- [1b38c4d42282] <1.8>
+ [994bb76a990e]
- * Move libs used for authentication from SUDO_LIBS to SUDOERS_LIBS
+ * configure, configure.in:
+ Move libs used for authentication from SUDO_LIBS to SUDOERS_LIBS
where they belong.
- [78e97a921104] <1.8>
+ [40f94b936fa4]
- * Fix bug in skey/opie check that could cause a shell warning.
- [f20229a04f30] <1.8>
+ * configure.in:
+ Fix bug in skey/opie check that could cause a shell warning.
+ [83c043072be5]
- * No longer need sudo_getepw() stubs.
- [795631ac7db0] <1.8>
+ * plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c:
+ No longer need sudo_getepw() stubs.
+ [bbee15c36912]
2011-03-03 Todd C. Miller <Todd.Miller@courtesan.com>
- * Fix exit value of "sudo -l command" in sudoers module.
- [4a05d6019b3d] <1.8>
+ * plugins/sudoers/sudo_nss.c:
+ Fix exit value of "sudo -l command" in sudoers module.
+ [a6541867521b]
2011-03-02 Todd C. Miller <Todd.Miller@courtesan.com>
- * Use fgets() not fgetln() for portability.
- [1f2050745096] <1.8>
-
- * Don't use the beta or release candidate version as the rpm release.
- [a5b049477646] <1.8>
-
-2011-02-25 Todd C. Miller <Todd.Miller@courtesan.com>
-
- * Makefile.in:
- Adjust ChangeLog rule now that 1.8 is branched
- [a994ac361e44] <1.8>
+ * compat/regress/glob/globtest.c:
+ Use fgets() not fgetln() for portability.
+ [df1bb67fb168]
- * .hgtags:
- Added tag SUDO_1_8_0 for changeset f6530d56f6ae
- [99a2b3801419] <1.8>
+ * sudo.pp:
+ Don't use the beta or release candidate version as the rpm release.
+ [d661ef78021a]
2011-02-25 Todd C. Miller <Todd.Miller@courtesan.com>
common/fmt_string.c
common/lbuf.c
common/list.c
+common/secure_path.c
common/setgroups.c
common/sudo_conf.c
common/sudo_debug.c
common/term.c
+common/ttysize.c
common/zero_bytes.c
compat/Makefile.in
compat/charclass.h
compat/regress/glob/files
compat/regress/glob/globtest.c
compat/regress/glob/globtest.in
-compat/setenv.c
compat/siglist.in
compat/snprintf.c
compat/stdbool.h
compat/strlcpy.c
compat/strsignal.c
compat/timespec.h
-compat/unsetenv.c
compat/utime.h
compat/utimes.c
config.guess
include/lbuf.h
include/list.h
include/missing.h
+include/secure_path.h
include/sudo_conf.h
include/sudo_debug.h
include/sudo_plugin.h
plugins/sample_group/plugin_test.c
plugins/sample_group/sample_group.c
plugins/sample_group/sample_group.sym
+plugins/system_group/Makefile.in
+plugins/system_group/system_group.c
+plugins/system_group/system_group.sym
plugins/sudoers/Makefile.in
plugins/sudoers/aixcrypt.exp
plugins/sudoers/alias.c
plugins/sudoers/po/eu.po
plugins/sudoers/po/fi.mo
plugins/sudoers/po/fi.po
+plugins/sudoers/po/hr.mo
+plugins/sudoers/po/hr.po
plugins/sudoers/po/ja.mo
plugins/sudoers/po/ja.po
+plugins/sudoers/po/lt.mo
+plugins/sudoers/po/lt.po
plugins/sudoers/po/pl.mo
plugins/sudoers/po/pl.po
plugins/sudoers/po/sudoers.pot
+plugins/sudoers/po/sv.mo
+plugins/sudoers/po/sv.po
plugins/sudoers/po/uk.mo
plugins/sudoers/po/uk.po
plugins/sudoers/po/zh_CN.mo
pp
src/Makefile.in
src/conversation.c
+src/env_hooks.c
src/error.c
src/exec.c
src/exec_common.c
src/exec_pty.c
src/get_pty.c
+src/hooks.c
src/load_plugins.c
src/net_ifs.c
src/parse_args.c
src/po/README
src/po/da.mo
src/po/da.po
+src/po/de.mo
+src/po/de.po
src/po/eo.mo
src/po/eo.po
src/po/es.mo
src/po/eu.po
src/po/fi.mo
src/po/fi.po
+src/po/gl.mo
+src/po/gl.po
+src/po/hr.mo
+src/po/hr.po
src/po/it.mo
src/po/it.po
src/po/ja.mo
src/po/sr.mo
src/po/sr.po
src/po/sudo.pot
+src/po/sv.mo
+src/po/sv.po
src/po/uk.mo
src/po/uk.po
+src/po/vi.mo
+src/po/vi.po
src/po/zh_CN.mo
src/po/zh_CN.po
src/preload.c
src/sudo_usage.h.in
src/tgetpass.c
src/ttyname.c
-src/ttysize.c
src/utmp.c
sudo.pp
zlib/Makefile.in
SUBDIRS = compat common @ZLIB_SRC@ plugins/sudoers src include doc
-SAMPLES = plugins/sample plugins/sample_group
+SAMPLES = plugins/sample plugins/sample_group plugins/system_group
VERSION = @PACKAGE_VERSION@
PACKAGE_TARNAME = @PACKAGE_TARNAME@
MSGFMT = msgfmt
MSGMERGE = msgmerge
XGETTEXT = xgettext
-XGETTEXT_OPTS = -k_ -kN_ --copyright-holder="Todd C. Miller" \
+XGETTEXT_OPTS = -F -k_ -kN_ --copyright-holder="Todd C. Miller" \
"--msgid-bugs-address=http://www.sudo.ws/bugs" \
--package-name=@PACKAGE_NAME@ --package-version=$(VERSION) \
--flag warning:1:c-format --flag warningx:1:c-format \
$(srcdir)/compat/Makefile.in $(srcdir)/plugins/sample/Makefile.in \
$(srcdir)/plugins/sample_group/Makefile.in \
$(srcdir)/plugins/sudoers/Makefile.in \
+ $(srcdir)/plugins/system_group/Makefile.in \
$(srcdir)/src/Makefile.in $(srcdir)/zlib/Makefile.in; \
./config.status --file $(srcdir)/common/Makefile \
--file $(srcdir)/compat/Makefile \
--file $(srcdir)/plugins/sample/Makefile \
--file $(srcdir)/plugins/sample_group/Makefile \
--file $(srcdir)/plugins/sudoers/Makefile \
+ --file $(srcdir)/plugins/system_group/Makefile \
--file $(srcdir)/src/Makefile --file $(srcdir)/zlib/Makefile
-# The 1.8 branch started February 25, 2011
ChangeLog:
if test -d $(srcdir)/.hg && cd $(srcdir); then \
- if hg log --style=changelog -b 1.8 > $@.tmp && hg log --style=changelog -b default --date '<2011-02-25 21:30:00' >> $@.tmp; then \
+ if hg log --style=changelog -b default > $@.tmp; then \
mv -f $@.tmp $@; \
else \
rm -f $@.tmp; \
*) echo unknown domain $$domain; continue;; \
esac; \
$(XGETTEXT) $(XGETTEXT_OPTS) -d$$domain $$cfiles -o $$pot.tmp; \
- if diff -I'^.POT-Creation-Date' $$pot.tmp $$pot >/dev/null; then \
+ if diff -I'^.POT-Creation-Date' -I'^.Project-Id-Version' -I'^#' $$pot.tmp $$pot >/dev/null; then \
rm -f $$pot.tmp; \
else \
mv -f $$pot.tmp $$pot; \
+What's new in Sudo 1.8.5?
+
+ * When "noexec" is enabled, sudo_noexec.so will now be prepended
+ to any existing LD_PRELOAD variable instead of replacing it.
+
+ * The sudo_noexec.so shared library now wraps the execvpe(),
+ exect(), posix_spawn() and posix_spawnp() functions.
+
+ * The user/group/mode checks on sudoers files have been relaxed.
+ As long as the file is owned by the sudoers uid, not world-writable
+ and not writable by a group other than the sudoers gid, the file
+ is considered OK. Note that visudo will still set the mode to
+ the value specified at configure time.
+
+ * It is now possible to specify the sudoers path, uid, gid and
+ file mode as options to the plugin in the sudo.conf file.
+
+ * Croatian, Galician, German, Lithuanian, Swedish and Vietnamese
+ translations from translationproject.org.
+
+ * /etc/environment is no longer read directly on Linux systems
+ when PAM is used. Sudo now merges the PAM environment into the
+ user's environment which is typically set by the pam_env module.
+
+ * The initial evironment created when env_reset is in effect now
+ includes the contents of /etc/environment on AIX systems and the
+ "setenv" and "path" entries from /etc/login.conf on BSD systems.
+
+ * The plugin API has been extended in three ways. First, options
+ specified in sudo.conf after the plugin pathname are passed to
+ the plugin's open function. Second, sudo has limited support
+ for hooks that can be used by plugins. Currently, the hooks are
+ limited to environment handling functions. Third, the init_session
+ policy plugin function is passed a pointer to the user environment
+ which can be updated during session setup. The plugin API version
+ has been incremented to version 1.2. See the sudo_plugin manual
+ for more information.
+
+ * The policy plugin's init_session function is now called by the
+ parent sudo process, not the child process that executes the
+ command. This allows the PAM session to be open and closed in
+ the same process, which some PAM modules require.
+
+ * Fixed parsing of "Path askpass" and "Path noexec" in sudo.conf,
+ which was broken in version 1.8.4.
+
+ * On systems with an SVR4-style /proc file system, the /proc/pid/psinfo
+ file is now uses to determine the controlling terminal, if possible.
+ This allows tty-based tickets to work properly even when, e.g.
+ standard input, output and error are redirected to /dev/null.
+
+ * The output of "sudoreplay -l" is now sorted by file name (or
+ sequence number). Previously, entries were displayed in the
+ order in which they were found on the file system.
+
+ * Sudo now behaves properly when I/O logging is enabled and the
+ controlling terminal is revoked (e.g. the running sshd is killed).
+ Previously, sudo may have exited without calling the I/O plugin's
+ close function which can lead to an incomplete I/O log.
+
+ * Sudo can now detect when a user has logged out and back in again
+ on Solaris 11, just like it can on Solaris 10.
+
+ * The built-in zlib included with Sudo has been upgraded to version
+ 1.2.6.
+
+ * Setting the SSL parameter to start_tls in ldap.conf now works
+ properly when using Mozilla-based SDKs that support the
+ ldap_start_tls_s() function.
+
+ * The TLS_CHECKPEER parameter in ldap.conf now works when the
+ Mozilla NSS crypto backend is used with OpenLDAP.
+
+ * A new group provider plugin, system_group, is included which
+ performs group look ups by name using the system groups database.
+ This can be used to restore the pre-1.7.3 sudo group lookup
+ behavior.
+
+What's new in Sudo 1.8.4p5?
+
+ * Fixed a bug when matching against an IP address with an associated
+ netmask in the sudoers file. In certain circumstances, this
+ could allow users to run commands on hosts they are not authorized
+ for.
+
What's new in Sudo 1.8.4p4?
* Fixed a bug introduced in Sudo 1.8.4 which prevented "sudo -v"
fi
])
+dnl
+dnl check putenv() argument for const
+dnl
+AC_DEFUN([SUDO_FUNC_PUTENV_CONST],
+[AC_CACHE_CHECK([whether putenv takes a const argument],
+sudo_cv_func_putenv_const,
+[AC_COMPILE_IFELSE([AC_LANG_PROGRAM([AC_INCLUDES_DEFAULT
+int putenv(const char *string) {return 0;}], [])],
+ [sudo_cv_func_putenv_const=yes],
+ [sudo_cv_func_putenv_const=no])
+ ])
+ if test $sudo_cv_func_putenv_const = yes; then
+ AC_DEFINE(PUTENV_CONST, const, [Define to const if the `putenv' takes a const argument.])
+ else
+ AC_DEFINE(PUTENV_CONST, [])
+ fi
+])
+
dnl
dnl check for sa_len field in struct sockaddr
dnl
SHELL = @SHELL@
-LTOBJS = alloc.lo atobool.lo fileops.lo fmt_string.lo lbuf.lo \
- list.lo setgroups.lo sudo_conf.lo sudo_debug.lo term.lo \
- zero_bytes.lo @COMMON_OBJS@
+LTOBJS = alloc.lo atobool.lo fileops.lo fmt_string.lo lbuf.lo list.lo \
+ secure_path.lo setgroups.lo sudo_conf.lo sudo_debug.lo term.lo \
+ ttysize.lo zero_bytes.lo @COMMON_OBJS@
all: libcommon.la
list.lo: $(srcdir)/list.c $(top_builddir)/config.h $(incdir)/missing.h \
$(incdir)/list.h $(incdir)/error.h
$(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/list.c
+secure_path.lo: $(srcdir)/secure_path.c $(top_builddir)/config.h \
+ $(incdir)/missing.h $(incdir)/sudo_debug.h \
+ $(incdir)/secure_path.h
+ $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/secure_path.c
setgroups.lo: $(srcdir)/setgroups.c $(top_builddir)/config.h \
$(incdir)/missing.h $(incdir)/sudo_debug.h
$(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/setgroups.c
$(top_srcdir)/compat/stdbool.h $(incdir)/missing.h \
$(incdir)/alloc.h $(incdir)/error.h $(incdir)/fileops.h \
$(top_builddir)/pathnames.h $(incdir)/sudo_plugin.h \
- $(incdir)/sudo_conf.h $(incdir)/list.h $(incdir)/sudo_debug.h
+ $(incdir)/sudo_conf.h $(incdir)/list.h $(incdir)/sudo_debug.h \
+ $(incdir)/secure_path.h $(incdir)/gettext.h
$(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/sudo_conf.c
sudo_debug.lo: $(srcdir)/sudo_debug.c $(top_builddir)/config.h \
$(top_srcdir)/compat/stdbool.h $(incdir)/missing.h \
term.lo: $(srcdir)/term.c $(top_builddir)/config.h $(incdir)/missing.h \
$(incdir)/sudo_debug.h
$(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/term.c
+ttysize.lo: $(srcdir)/ttysize.c $(top_builddir)/config.h $(incdir)/missing.h \
+ $(incdir)/sudo_debug.h
+ $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/ttysize.c
zero_bytes.lo: $(srcdir)/zero_bytes.c $(top_builddir)/config.h \
$(incdir)/missing.h
$(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/zero_bytes.c
return ptr;
}
+/*
+ * ecalloc() allocates nmemb * size bytes and exits with an error
+ * if overflow would occur or if the system malloc(3) fails.
+ * On success, the allocated space is zero-filled.
+ */
+void *
+ecalloc(size_t nmemb, size_t size)
+{
+ void *ptr;
+
+ if (nmemb == 0 || size == 0)
+ errorx2(1, _("internal error, tried to ecalloc(0)"));
+ if (nmemb != 1) {
+ if (nmemb > SIZE_MAX / size)
+ errorx2(1, _("internal error, ecalloc() overflow"));
+ size *= nmemb;
+ }
+ if ((ptr = malloc(size)) == NULL)
+ errorx2(1, _("unable to allocate memory"));
+ memset(ptr, 0, size);
+ return ptr;
+}
+
/*
* erealloc() calls the system realloc(3) and exits with an error if
* realloc(3) fails. You can call erealloc() with a NULL pointer even
return ptr;
}
+#ifdef notyet
+/*
+ * erecalloc() realloc(3)s nmemb * msize bytes and exits with an error
+ * if overflow would occur or if the system malloc(3)/realloc(3) fails.
+ * On success, the new space is zero-filled. You can call ereallocz()
+ * with a NULL pointer even if the system realloc(3) does not support this.
+ */
+void *
+erecalloc(void *ptr, size_t onmemb, size_t nmemb, size_t msize)
+{
+ size_t size;
+
+ if (nmemb == 0 || msize == 0)
+ errorx2(1, _("internal error, tried to erealloc3(0)"));
+ if (nmemb > SIZE_MAX / msize)
+ errorx2(1, _("internal error, erealloc3() overflow"));
+
+ size = nmemb * msize;
+ ptr = ptr ? realloc(ptr, size) : malloc(size);
+ if (ptr == NULL)
+ errorx2(1, _("unable to allocate memory"));
+ if (nmemb > onmemb) {
+ size = (nmemb - onmemb) * msize;
+ memset((char *)ptr + (onmemb * msize), 0, size);
+ }
+ return ptr;
+}
+#endif
+
/*
* estrdup() is like strdup(3) except that it exits with an error if
* malloc(3) fails. NOTE: unlike strdup(3), estrdup(NULL) is legal.
estrndup(const char *src, size_t maxlen)
{
char *dst = NULL;
- size_t len;
+ size_t len = 0;
if (src != NULL) {
- len = strlen(src);
- if (len > maxlen)
- len = maxlen;
+ while (maxlen != 0 && src[len] != '\0') {
+ len++;
+ maxlen--;
+ }
dst = (char *) emalloc(len + 1);
(void) memcpy(dst, src, len);
dst[len] = '\0';
--- /dev/null
+/*
+ * Copyright (c) 2012 Todd C. Miller <Todd.Miller@courtesan.com>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/param.h>
+#include <stdio.h>
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#ifdef HAVE_UNISTD_H
+# include <unistd.h>
+#endif /* HAVE_UNISTD_H */
+#include <errno.h>
+
+#include "missing.h"
+#include "sudo_debug.h"
+#include "secure_path.h"
+
+/*
+ * Verify that path is the right type and not writable by other users.
+ */
+int
+sudo_secure_path(const char *path, int type, uid_t uid, gid_t gid, struct stat *sbp)
+{
+ struct stat sb;
+ int rval = SUDO_PATH_MISSING;
+ debug_decl(sudo_secure_path, SUDO_DEBUG_UTIL)
+
+ if (path != NULL && stat_sudoers(path, &sb) == 0) {
+ if ((sb.st_mode & _S_IFMT) != type) {
+ rval = SUDO_PATH_BAD_TYPE;
+ } else if (uid != (uid_t)-1 && sb.st_uid != uid) {
+ rval = SUDO_PATH_WRONG_OWNER;
+ } else if (sb.st_mode & S_IWOTH) {
+ rval = SUDO_PATH_WORLD_WRITABLE;
+ } else if (ISSET(sb.st_mode, S_IWGRP) &&
+ (gid == (gid_t)-1 || sb.st_gid != gid)) {
+ rval = SUDO_PATH_GROUP_WRITABLE;
+ } else {
+ rval = SUDO_PATH_SECURE;
+ }
+ if (sbp)
+ (void) memcpy(sbp, &sb, sizeof(struct stat));
+ }
+
+ debug_return_int(rval);
+}
+
+/*
+ * Verify that path is a regular file and not writable by other users.
+ */
+int
+sudo_secure_file(const char *path, uid_t uid, gid_t gid, struct stat *sbp)
+{
+ return sudo_secure_path(path, _S_IFREG, uid, gid, sbp);
+}
+
+/*
+ * Verify that path is a directory and not writable by other users.
+ */
+int
+sudo_secure_dir(const char *path, uid_t uid, gid_t gid, struct stat *sbp)
+{
+ return sudo_secure_path(path, _S_IFDIR, uid, gid, sbp);
+}
int maxgids, rval;
debug_decl(sudo_setgroups, SUDO_DEBUG_UTIL)
- rval = setgroups(ngids, gids);
+ rval = setgroups(ngids, (GETGROUPS_T *)gids);
if (rval == -1 && errno == EINVAL) {
/* Too many groups, try again with fewer. */
#if defined(HAVE_SYSCONF) && defined(_SC_NGROUPS_MAX)
#endif
maxgids = NGROUPS_MAX;
if (ngids > maxgids)
- rval = setgroups(maxgids, gids);
+ rval = setgroups(maxgids, (GETGROUPS_T *)gids);
}
debug_return_int(rval);
}
# include <unistd.h>
#endif /* HAVE_UNISTD_H */
#include <ctype.h>
+#include <errno.h>
#define SUDO_ERROR_WRAP 0
#include "sudo_plugin.h"
#include "sudo_conf.h"
#include "sudo_debug.h"
+#include "secure_path.h"
+#include "gettext.h"
+
+#ifdef __TANDEM
+# define ROOT_UID 65535
+#else
+# define ROOT_UID 0
+#endif
#ifndef _PATH_SUDO_ASKPASS
# define _PATH_SUDO_ASKPASS NULL
NULL,
{
#define SUDO_CONF_ASKPASS_IDX 0
- { "askpass", sizeof("askpass"), _PATH_SUDO_ASKPASS },
+ { "askpass", sizeof("askpass") - 1, _PATH_SUDO_ASKPASS },
#ifdef _PATH_SUDO_NOEXEC
#define SUDO_CONF_NOEXEC_IDX 1
- { "noexec", sizeof("noexec"), _PATH_SUDO_NOEXEC },
+ { "noexec", sizeof("noexec") - 1, _PATH_SUDO_NOEXEC },
#endif
{ NULL }
}
set_plugin(const char *entry)
{
struct plugin_info *info;
- const char *name, *path;
- size_t namelen;
+ const char *name, *path, *cp, *ep;
+ char **options = NULL;
+ size_t namelen, pathlen;
+ unsigned int nopts;
/* Parse Plugin line */
name = entry;
namelen = (size_t)(path - name);
while (isblank((unsigned char)*path))
path++;
+ if ((cp = strpbrk(path, " \t")) != NULL) {
+ /* Convert any options to an array. */
+ pathlen = (size_t)(cp - path);
+ while (isblank((unsigned char)*cp))
+ cp++;
+ /* Count number of options and allocate array. */
+ for (ep = cp, nopts = 1; (ep = strpbrk(ep, " \t")) != NULL; nopts++) {
+ while (isblank((unsigned char)*ep))
+ ep++;
+ }
+ options = emalloc2(nopts + 1, sizeof(*options));
+ /* Fill in options array, there is at least one element. */
+ for (nopts = 0; (ep = strpbrk(cp, " \t")) != NULL; ) {
+ options[nopts++] = estrndup(cp, (size_t)(ep - cp));
+ while (isblank((unsigned char)*ep))
+ ep++;
+ cp = ep;
+ }
+ options[nopts++] = estrdup(cp);
+ options[nopts] = NULL;
+ } else {
+ /* No extra options. */
+ pathlen = strlen(path);
+ }
- info = emalloc(sizeof(*info));
+ info = ecalloc(1, sizeof(*info));
info->symbol_name = estrndup(name, namelen);
- info->path = estrdup(path);
+ info->path = estrndup(path, pathlen);
+ info->options = options;
info->prev = info;
- info->next = NULL;
+ /* info->next = NULL; */
tq_append(&sudo_conf_data.plugins, info);
return true;
}
/*
- * Reads in /etc/sudo.conf
- * Returns a list of plugins.
+ * Reads in /etc/sudo.conf and populates sudo_conf_data.
*/
void
sudo_conf_read(void)
{
struct sudo_conf_table *cur;
struct plugin_info *info;
+ struct stat sb;
FILE *fp;
char *cp;
- if ((fp = fopen(_PATH_SUDO_CONF, "r")) == NULL)
+ switch (sudo_secure_file(_PATH_SUDO_CONF, ROOT_UID, -1, &sb)) {
+ case SUDO_PATH_SECURE:
+ break;
+ case SUDO_PATH_MISSING:
+ /* Root should always be able to read sudo.conf. */
+ if (errno != ENOENT && geteuid() == ROOT_UID)
+ warning(_("unable to stat %s"), _PATH_SUDO_CONF);
+ goto done;
+ case SUDO_PATH_BAD_TYPE:
+ warningx(_("%s is not a regular file"), _PATH_SUDO_CONF);
+ goto done;
+ case SUDO_PATH_WRONG_OWNER:
+ warningx(_("%s is owned by uid %u, should be %u"),
+ _PATH_SUDO_CONF, (unsigned int) sb.st_uid, ROOT_UID);
+ goto done;
+ case SUDO_PATH_WORLD_WRITABLE:
+ warningx(_("%s is world writable"), _PATH_SUDO_CONF);
+ goto done;
+ case SUDO_PATH_GROUP_WRITABLE:
+ warningx(_("%s is group writable"), _PATH_SUDO_CONF);
+ goto done;
+ default:
+ /* NOTREACHED */
+ goto done;
+ }
+
+ if ((fp = fopen(_PATH_SUDO_CONF, "r")) == NULL) {
+ if (errno != ENOENT && geteuid() == ROOT_UID)
+ warning(_("unable to open %s"), _PATH_SUDO_CONF);
goto done;
+ }
while ((cp = sudo_parseln(fp)) != NULL) {
/* Skip blank or comment lines */
done:
if (tq_empty(&sudo_conf_data.plugins)) {
/* Default policy plugin */
- info = emalloc(sizeof(*info));
+ info = ecalloc(1, sizeof(*info));
info->symbol_name = "sudoers_policy";
info->path = SUDOERS_PLUGIN;
+ /* info->options = NULL; */
info->prev = info;
- info->next = NULL;
+ /* info->next = NULL; */
tq_append(&sudo_conf_data.plugins, info);
/* Default I/O plugin */
- info = emalloc(sizeof(*info));
+ info = ecalloc(1, sizeof(*info));
info->symbol_name = "sudoers_io";
info->path = SUDOERS_PLUGIN;
+ /* info->options = NULL; */
info->prev = info;
- info->next = NULL;
+ /* info->next = NULL; */
tq_append(&sudo_conf_data.plugins, info);
}
}
"rbtree",
"perms",
"plugin",
+ "hooks",
NULL
};
static int sudo_debug_settings[NUM_SUBSYSTEMS];
static int sudo_debug_fd = -1;
static int sudo_debug_mode;
+static char sudo_debug_pidstr[(((sizeof(int) * 8) + 2) / 3) + 3];
+static size_t sudo_debug_pidlen;
extern sudo_conv_t sudo_conv;
}
efree(buf);
+ (void)snprintf(sudo_debug_pidstr, sizeof(sudo_debug_pidstr), "[%d] ",
+ (int)getpid());
+ sudo_debug_pidlen = strlen(sudo_debug_pidstr);
+
return 1;
}
+pid_t
+sudo_debug_fork(void)
+{
+ pid_t pid;
+
+ if ((pid = fork()) == 0) {
+ (void)snprintf(sudo_debug_pidstr, sizeof(sudo_debug_pidstr), "[%d] ",
+ (int)getpid());
+ sudo_debug_pidlen = strlen(sudo_debug_pidstr);
+ }
+
+ return pid;
+}
+
void
sudo_debug_enter(const char *func, const char *file, int line,
int subsys)
{
- sudo_debug_printf2(subsys | SUDO_DEBUG_TRACE, "-> %s @ %s:%d", func,
- file, line);
+ sudo_debug_printf2(NULL, NULL, 0, subsys | SUDO_DEBUG_TRACE,
+ "-> %s @ %s:%d", func, file, line);
}
void sudo_debug_exit(const char *func, const char *file, int line,
int subsys)
{
- sudo_debug_printf2(subsys | SUDO_DEBUG_TRACE, "<- %s @ %s:%d", func,
- file, line);
+ sudo_debug_printf2(NULL, NULL, 0, subsys | SUDO_DEBUG_TRACE,
+ "<- %s @ %s:%d", func, file, line);
}
void sudo_debug_exit_int(const char *func, const char *file, int line,
int subsys, int rval)
{
- sudo_debug_printf2(subsys | SUDO_DEBUG_TRACE, "<- %s @ %s:%d := %d", func,
- file, line, rval);
+ sudo_debug_printf2(NULL, NULL, 0, subsys | SUDO_DEBUG_TRACE,
+ "<- %s @ %s:%d := %d", func, file, line, rval);
}
void sudo_debug_exit_long(const char *func, const char *file, int line,
int subsys, long rval)
{
- sudo_debug_printf2(subsys | SUDO_DEBUG_TRACE, "<- %s @ %s:%d := %ld", func,
- file, line, rval);
+ sudo_debug_printf2(NULL, NULL, 0, subsys | SUDO_DEBUG_TRACE,
+ "<- %s @ %s:%d := %ld", func, file, line, rval);
}
void sudo_debug_exit_size_t(const char *func, const char *file, int line,
int subsys, size_t rval)
{
/* XXX - should use %zu but our snprintf.c doesn't support it */
- sudo_debug_printf2(subsys | SUDO_DEBUG_TRACE, "<- %s @ %s:%d := %lu", func,
- file, line, (unsigned long)rval);
+ sudo_debug_printf2(NULL, NULL, 0, subsys | SUDO_DEBUG_TRACE,
+ "<- %s @ %s:%d := %lu", func, file, line, (unsigned long)rval);
}
/* We use int, not bool, here for functions that return -1 on error. */
int subsys, int rval)
{
if (rval == true || rval == false) {
- sudo_debug_printf2(subsys | SUDO_DEBUG_TRACE, "<- %s @ %s:%d := %s",
- func, file, line, rval ? "true" : "false");
+ sudo_debug_printf2(NULL, NULL, 0, subsys | SUDO_DEBUG_TRACE,
+ "<- %s @ %s:%d := %s", func, file, line, rval ? "true" : "false");
} else {
- sudo_debug_printf2(subsys | SUDO_DEBUG_TRACE, "<- %s @ %s:%d := %d",
- func, file, line, rval);
+ sudo_debug_printf2(NULL, NULL, 0, subsys | SUDO_DEBUG_TRACE,
+ "<- %s @ %s:%d := %d", func, file, line, rval);
}
}
void sudo_debug_exit_str(const char *func, const char *file, int line,
int subsys, const char *rval)
{
- sudo_debug_printf2(subsys | SUDO_DEBUG_TRACE, "<- %s @ %s:%d := %s", func,
- file, line, rval ? rval : "(null)");
+ sudo_debug_printf2(NULL, NULL, 0, subsys | SUDO_DEBUG_TRACE,
+ "<- %s @ %s:%d := %s", func, file, line, rval ? rval : "(null)");
}
void sudo_debug_exit_str_masked(const char *func, const char *file, int line,
static const char stars[] = "********************************************************************************";
int len = rval ? strlen(rval) : sizeof("(null)") - 1;
- sudo_debug_printf2(subsys | SUDO_DEBUG_TRACE, "<- %s @ %s:%d := %.*s", func,
- file, line, len, rval ? stars : "(null)");
+ sudo_debug_printf2(NULL, NULL, 0, subsys | SUDO_DEBUG_TRACE,
+ "<- %s @ %s:%d := %.*s", func, file, line, len, rval ? stars : "(null)");
}
void sudo_debug_exit_ptr(const char *func, const char *file, int line,
int subsys, const void *rval)
{
- sudo_debug_printf2(subsys | SUDO_DEBUG_TRACE, "<- %s @ %s:%d := %p", func,
- file, line, rval);
+ sudo_debug_printf2(NULL, NULL, 0, subsys | SUDO_DEBUG_TRACE,
+ "<- %s @ %s:%d := %p", func, file, line, rval);
}
-void
-sudo_debug_write(const char *str, int len)
+static void
+sudo_debug_write_conv(const char *func, const char *file, int lineno,
+ const char *str, int len, int errno_val)
+{
+ struct sudo_conv_message msg;
+ struct sudo_conv_reply repl;
+ char *buf = NULL;
+
+ /* Call conversation function */
+ if (sudo_conv != NULL) {
+ /* Remove the newline at the end if appending extra info. */
+ if (str[len - 1] == '\n')
+ len--;
+
+ if (func != NULL && file != NULL && lineno != 0) {
+ if (errno_val) {
+ easprintf(&buf, "%.*s: %s @ %s() %s:%d", len, str,
+ strerror(errno_val), func, file, lineno);
+ } else {
+ easprintf(&buf, "%.*s @ %s() %s:%d", len, str,
+ func, file, lineno);
+ }
+ str = buf;
+ } else if (errno_val) {
+ easprintf(&buf, "%.*s: %s", len, str, strerror(errno_val));
+ str = buf;
+ }
+ memset(&msg, 0, sizeof(msg));
+ memset(&repl, 0, sizeof(repl));
+ msg.msg_type = SUDO_CONV_DEBUG_MSG;
+ msg.msg = str;
+ sudo_conv(1, &msg, &repl);
+ if (buf != NULL)
+ efree(buf);
+ }
+}
+
+static void
+sudo_debug_write_file(const char *func, const char *file, int lineno,
+ const char *str, int len, int errno_val)
{
- char *timestr;
+ char *timestr, numbuf[(((sizeof(int) * 8) + 2) / 3) + 2];
time_t now;
- struct iovec iov[5];
+ struct iovec iov[12];
int iovcnt = 4;
+ bool need_newline = false;
+
+ /* Prepend program name and pid with a trailing space. */
+ iov[1].iov_base = (char *)getprogname();
+ iov[1].iov_len = strlen(iov[1].iov_base);
+ iov[2].iov_base = sudo_debug_pidstr;
+ iov[2].iov_len = sudo_debug_pidlen;
+
+ /* Add string along with newline if it doesn't have one. */
+ iov[3].iov_base = (char *)str;
+ iov[3].iov_len = len;
+ if (str[len - 1] != '\n')
+ need_newline = true;
+
+ /* Append error string if errno is specified. */
+ if (errno_val) {
+ iov[iovcnt].iov_base = ": ";
+ iov[iovcnt].iov_len = 2;
+ iovcnt++;
+ iov[iovcnt].iov_base = strerror(errno_val);
+ iov[iovcnt].iov_len = strlen(iov[iovcnt].iov_base);
+ iovcnt++;
+
+ /* Move newline to the end. */
+ if (!need_newline) {
+ need_newline = true;
+ iov[3].iov_len--;
+ }
+ }
+ /* If function, file and lineno are specified, append them. */
+ if (func != NULL && file != NULL && lineno != 0) {
+ iov[iovcnt].iov_base = " @ ";
+ iov[iovcnt].iov_len = 3;
+ iovcnt++;
+
+ iov[iovcnt].iov_base = (char *)func;
+ iov[iovcnt].iov_len = strlen(func);
+ iovcnt++;
+
+ iov[iovcnt].iov_base = "() ";
+ iov[iovcnt].iov_len = 3;
+ iovcnt++;
+
+ iov[iovcnt].iov_base = (char *)file;
+ iov[iovcnt].iov_len = strlen(file);
+ iovcnt++;
+
+ (void)snprintf(numbuf, sizeof(numbuf), ":%d", lineno);
+ iov[iovcnt].iov_base = numbuf;
+ iov[iovcnt].iov_len = strlen(numbuf);
+ iovcnt++;
+
+ /* Move newline to the end. */
+ if (!need_newline) {
+ need_newline = true;
+ iov[3].iov_len--;
+ }
+ }
+
+ /* Append newline as needed. */
+ if (need_newline) {
+ /* force newline */
+ iov[iovcnt].iov_base = "\n";
+ iov[iovcnt].iov_len = 1;
+ iovcnt++;
+ }
+
+ /* Do timestamp last due to ctime's static buffer. */
+ now = time(NULL);
+ timestr = ctime(&now) + 4;
+ timestr[15] = ' '; /* replace year with a space */
+ timestr[16] = '\0';
+ iov[0].iov_base = timestr;
+ iov[0].iov_len = 16;
+
+ /* Write message in a single syscall */
+ ignore_result(writev(sudo_debug_fd, iov, iovcnt));
+}
+
+void
+sudo_debug_write2(const char *func, const char *file, int lineno,
+ const char *str, int len, int errno_val)
+{
if (len <= 0)
return;
switch (sudo_debug_mode) {
case SUDO_DEBUG_MODE_CONV:
- /* Call conversation function */
- if (sudo_conv != NULL) {
- struct sudo_conv_message msg;
- struct sudo_conv_reply repl;
-
- memset(&msg, 0, sizeof(msg));
- memset(&repl, 0, sizeof(repl));
- msg.msg_type = SUDO_CONV_DEBUG_MSG;
- msg.msg = str;
- sudo_conv(1, &msg, &repl);
- }
+ sudo_debug_write_conv(func, file, lineno, str, len, errno_val);
break;
case SUDO_DEBUG_MODE_FILE:
- /* Prepend program name with trailing space. */
- iov[1].iov_base = (char *)getprogname();
- iov[1].iov_len = strlen(iov[1].iov_base);
- iov[2].iov_base = " ";
- iov[2].iov_len = 1;
-
- /* Add string along with newline if it doesn't have one. */
- iov[3].iov_base = (char *)str;
- iov[3].iov_len = len;
- if (str[len - 1] != '\n') {
- /* force newline */
- iov[4].iov_base = "\n";
- iov[4].iov_len = 1;
- iovcnt++;
- }
-
- /* Do timestamp last due to ctime's static buffer. */
- now = time(NULL);
- timestr = ctime(&now) + 4;
- timestr[15] = ' '; /* replace year with a space */
- timestr[16] = '\0';
- iov[0].iov_base = timestr;
- iov[0].iov_len = 16;
-
- /* Write message in a single syscall */
- (void) writev(sudo_debug_fd, iov, iovcnt);
+ sudo_debug_write_file(func, file, lineno, str, len, errno_val);
break;
}
}
+/* XXX - turn into a macro */
void
-sudo_debug_printf2(int level, const char *fmt, ...)
+sudo_debug_write(const char *str, int len, int errno_val)
{
- int buflen, pri, subsys;
+ sudo_debug_write2(NULL, NULL, 0, str, len, errno_val);
+}
+
+void
+sudo_debug_printf2(const char *func, const char *file, int lineno, int level,
+ const char *fmt, ...)
+{
+ int buflen, pri, subsys, saved_errno = errno;
va_list ap;
char *buf;
subsys = SUDO_DEBUG_SUBSYS(level);
/* Make sure we want debug info at this level. */
- if (subsys >= NUM_SUBSYSTEMS || sudo_debug_settings[subsys] < pri)
- return;
-
- va_start(ap, fmt);
- buflen = vasprintf(&buf, fmt, ap);
- va_end(ap);
- if (buflen != -1) {
- sudo_debug_write(buf, buflen);
- free(buf);
+ if (subsys < NUM_SUBSYSTEMS && sudo_debug_settings[subsys] >= pri) {
+ va_start(ap, fmt);
+ buflen = vasprintf(&buf, fmt, ap);
+ va_end(ap);
+ if (buflen != -1) {
+ int errcode = ISSET(level, SUDO_DEBUG_ERRNO) ? saved_errno : 0;
+ if (ISSET(level, SUDO_DEBUG_LINENO))
+ sudo_debug_write2(func, file, lineno, buf, buflen, errcode);
+ else
+ sudo_debug_write2(NULL, NULL, 0, buf, buflen, errcode);
+ free(buf);
+ }
}
+
+ errno = saved_errno;
}
void
*cp = '\0';
- sudo_debug_write(buf, buflen);
+ sudo_debug_write(buf, buflen, 0);
free(buf);
}
--- /dev/null
+/*
+ * Copyright (c) 2010 Todd C. Miller <Todd.Miller@courtesan.com>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <sys/ioctl.h>
+#include <stdio.h>
+#ifdef STDC_HEADERS
+# include <stdlib.h>
+# include <stddef.h>
+#else
+# ifdef HAVE_STDLIB_H
+# include <stdlib.h>
+# endif
+#endif /* STDC_HEADERS */
+#ifdef HAVE_UNISTD_H
+# include <unistd.h>
+#endif /* HAVE_UNISTD_H */
+#include <termios.h>
+
+#include "missing.h"
+#include "sudo_debug.h"
+
+/* Compatibility with older tty systems. */
+#if !defined(TIOCGWINSZ) && defined(TIOCGSIZE)
+# define TIOCGWINSZ TIOCGSIZE
+# define winsize ttysize
+# define ws_col ts_cols
+# define ws_row ts_lines
+#endif
+
+#ifdef TIOCGWINSZ
+static int
+get_ttysize_ioctl(int *rowp, int *colp)
+{
+ struct winsize wsize;
+ debug_decl(get_ttysize_ioctl, SUDO_DEBUG_EXEC)
+
+ if (ioctl(STDERR_FILENO, TIOCGWINSZ, &wsize) == 0 &&
+ wsize.ws_row != 0 && wsize.ws_col != 0) {
+ *rowp = wsize.ws_row;
+ *colp = wsize.ws_col;
+ debug_return_int(0);
+ }
+ debug_return_int(-1);
+}
+#else
+static int
+get_ttysize_ioctl(int *rowp, int *colp)
+{
+ return -1;
+}
+#endif /* TIOCGWINSZ */
+
+void
+get_ttysize(int *rowp, int *colp)
+{
+ debug_decl(fork_cmnd, SUDO_DEBUG_EXEC)
+
+ if (get_ttysize_ioctl(rowp, colp) == -1) {
+ char *p;
+
+ /* Fall back on $LINES and $COLUMNS. */
+ if ((p = getenv("LINES")) == NULL || (*rowp = atoi(p)) <= 0)
+ *rowp = 24;
+ if ((p = getenv("COLUMNS")) == NULL || (*colp = atoi(p)) <= 0)
+ *colp = 80;
+ }
+
+ debug_return;
+}
nanosleep.lo: $(srcdir)/nanosleep.c $(top_builddir)/config.h \
$(top_srcdir)/compat/timespec.h $(incdir)/missing.h
$(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/nanosleep.c
-setenv.lo: $(srcdir)/setenv.c $(top_builddir)/config.h $(incdir)/missing.h
- $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/setenv.c
+pw_dup.lo: $(srcdir)/pw_dup.c $(top_builddir)/config.h
+ $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/pw_dup.c
siglist.lo: siglist.c $(top_builddir)/config.h $(incdir)/missing.h
$(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(DEFS) siglist.c
snprintf.lo: $(srcdir)/snprintf.c $(top_builddir)/config.h $(incdir)/missing.h
strsignal.lo: $(srcdir)/strsignal.c $(top_builddir)/config.h \
$(incdir)/missing.h $(incdir)/gettext.h
$(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/strsignal.c
-unsetenv.lo: $(srcdir)/unsetenv.c $(top_builddir)/config.h $(incdir)/missing.h
- $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/unsetenv.c
utimes.lo: $(srcdir)/utimes.c $(top_builddir)/config.h \
$(top_srcdir)/compat/utime.h $(incdir)/missing.h
$(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/utimes.c
shl_t handle = vhandle;
void *value = NULL;
- (void)shl_findsym(&handle, symbol, TYPE_UNDEFINED, &value);
+ /*
+ * Note that the behavior of of RTLD_NEXT and RTLD_SELF
+ * differs from most implementations when called from
+ * a shared library.
+ */
+ if (vhandle == RTLD_NEXT) {
+ /* Iterate over all shared libs looking for symbol. */
+ struct shl_descriptor *desc;
+ int idx = 0;
+ while (shl_get(idx++, &desc) == 0) {
+ if (shl_findsym(&desc->handle, symbol, TYPE_UNDEFINED, &value) == 0)
+ break;
+ }
+ } else {
+ if (vhandle == RTLD_DEFAULT)
+ handle = NULL;
+ else if (vhandle == RTLD_SELF)
+ handle = PROG_HANDLE;
+ (void)shl_findsym(&handle, symbol, TYPE_UNDEFINED, &value);
+ }
return value;
}
{
struct sudo_preload_table *sym;
- for (sym = sudo_preload_table; sym->name != NULL; sym++) {
- if (strcmp(symbol, sym->name) == 0)
- return sym->address;
+ if (symbol != RTLD_NEXT && symbol != RTLD_DEFAULT && symbol != RTLD_SELF) {
+ for (sym = sudo_preload_table; sym->name != NULL; sym++) {
+ if (strcmp(symbol, sym->name) == 0)
+ return sym->address;
+ }
}
return NULL;
}
/* XXX: handle locale/MBCS comparison, advance by MBCS char width */
if ((**string >= *startch) && (**string <= **pattern))
result = 0;
- else if (nocase && (isupper(**string) || isupper(*startch)
- || isupper(**pattern))
- && (tolower(**string) >= tolower(*startch))
- && (tolower(**string) <= tolower(**pattern)))
+ else if (nocase && (isupper((unsigned char)**string) ||
+ isupper((unsigned char)*startch) ||
+ isupper((unsigned char)**pattern))
+ && (tolower((unsigned char)**string) >= tolower((unsigned char)*startch))
+ && (tolower((unsigned char)**string) <= tolower((unsigned char)**pattern)))
result = 0;
++*pattern;
/* XXX: handle locale/MBCS comparison, advance by MBCS char width */
if ((**string == **pattern))
result = 0;
- else if (nocase && (isupper(**string) || isupper(**pattern))
- && (tolower(**string) == tolower(**pattern)))
+ else if (nocase && (isupper((unsigned char)**string) ||
+ isupper((unsigned char)**pattern))
+ && (tolower((unsigned char)**string) == tolower((unsigned char)**pattern)))
result = 0;
++*pattern;
/* XXX: handle locale/MBCS comparison, advance by the MBCS char width */
if (**string == **pattern)
result = 0;
- else if (nocase && (isupper(**string) || isupper(**pattern))
- && (tolower(**string) == tolower(**pattern)))
+ else if (nocase && (isupper((unsigned char)**string) || isupper((unsigned char)**pattern))
+ && (tolower((unsigned char)**string) == tolower((unsigned char)**pattern)))
result = 0;
/* Refuse to advance over trailing slash or nulls
struct passwd *
pw_dup(const struct passwd *pw)
{
- char *cp;
- size_t nsize, psize, gsize, dsize, ssize, total;
+ size_t nsize = 0, psize = 0, gsize = 0, dsize = 0, ssize = 0, total;
#ifdef HAVE_LOGIN_CAP_H
- size_t csize;
+ size_t csize;
#endif
- struct passwd *newpw;
+ struct passwd *newpw;
+ char *cp;
/* Allocate in one big chunk for easy freeing */
total = sizeof(struct passwd);
PW_SIZE(pw_shell, ssize);
if ((cp = malloc(total)) == NULL)
- return (NULL);
+ return NULL;
newpw = (struct passwd *)cp;
/*
#ifdef HAVE_STRINGS_H
# include <strings.h>
#endif /* HAVE_STRINGS_H */
-#ifdef HAVE_EXTENDED_GLOB
+#ifdef HAVE_GLOB
# include <glob.h>
#else
# include "compat/glob.h"
+++ /dev/null
-/*
- * Copyright (c) 2010 Todd C. Miller <Todd.Miller@courtesan.com>
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-#include <config.h>
-
-#include <sys/types.h>
-
-#include <stdio.h>
-#ifdef STDC_HEADERS
-# include <stdlib.h>
-# include <stddef.h>
-#else
-# ifdef HAVE_STDLIB_H
-# include <stdlib.h>
-# endif
-#endif /* STDC_HEADERS */
-#ifdef HAVE_STRING_H
-# include <string.h>
-#endif /* HAVE_STRING_H */
-#ifdef HAVE_STRINGS_H
-# include <strings.h>
-#endif /* HAVE_STRINGS_H */
-#if defined(HAVE_MALLOC_H) && !defined(STDC_HEADERS)
-# include <malloc.h>
-#endif /* HAVE_MALLOC_H && !STDC_HEADERS */
-#include <errno.h>
-
-#include "missing.h"
-
-int
-setenv(const char *var, const char *val, int overwrite)
-{
- char *envstr, *dst;
- const char *src;
- size_t esize;
-
- if (!var || *var == '\0') {
- errno = EINVAL;
- return -1;
- }
-
- /*
- * POSIX says a var name with '=' is an error but BSD
- * just ignores the '=' and anything after it.
- */
- for (src = var; *src != '\0' && *src != '='; src++)
- ;
- esize = (size_t)(src - var) + 2;
- if (val) {
- esize += strlen(val); /* glibc treats a NULL val as "" */
- }
-
- /* Allocate and fill in envstr. */
- if ((envstr = malloc(esize)) == NULL)
- return -1;
- for (src = var, dst = envstr; *src != '\0' && *src != '=';)
- *dst++ = *src++;
- *dst++ = '=';
- if (val) {
- for (src = val; *src != '\0';)
- *dst++ = *src++;
- }
- *dst = '\0';
-
- if (!overwrite && getenv(var) != NULL) {
- free(envstr);
- return 0;
- }
- return putenv(envstr);
-}
+++ /dev/null
-/*
- * Copyright (c) 2010 Todd C. Miller <Todd.Miller@courtesan.com>
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-#include <config.h>
-
-#include <sys/types.h>
-
-#include <stdio.h>
-#ifdef STDC_HEADERS
-# include <stdlib.h>
-# include <stddef.h>
-#else
-# ifdef HAVE_STDLIB_H
-# include <stdlib.h>
-# endif
-#endif /* STDC_HEADERS */
-#ifdef HAVE_STRING_H
-# include <string.h>
-#endif /* HAVE_STRING_H */
-#ifdef HAVE_STRINGS_H
-# include <strings.h>
-#endif /* HAVE_STRINGS_H */
-#include <errno.h>
-
-#include "missing.h"
-
-extern char **environ; /* global environment */
-
-#ifdef UNSETENV_VOID
-void
-#else
-int
-#endif
-unsetenv(const char *var)
-{
- char **ep = environ;
- size_t len;
-
- if (var == NULL || *var == '\0' || strchr(var, '=') != NULL) {
- errno = EINVAL;
-#ifdef UNSETENV_VOID
- return;
-#else
- return -1;
-#endif
- }
-
- len = strlen(var);
- while (*ep != NULL) {
- if (strncmp(var, *ep, len) == 0 && (*ep)[len] == '=') {
- /* Found it; shift remainder + NULL over by one. */
- char **cur = ep;
- while ((*cur = *(cur + 1)) != NULL)
- cur++;
- /* Keep going, could be multiple instances of the var. */
- } else {
- ep++;
- }
- }
-#ifndef UNSETENV_VOID
- return 0;
-#endif
-}
/* Define to 1 if you have the `dlopen' function. */
#undef HAVE_DLOPEN
-/* Define to 1 if your glob.h defines the GLOB_BRACE and GLOB_TILDE flags. */
-#undef HAVE_EXTENDED_GLOB
-
/* Define to 1 if your system has the F_CLOSEM fcntl. */
#undef HAVE_FCNTL_CLOSEM
/* Define to 1 if you use PAM authentication. */
#undef HAVE_PAM
+/* Define to 1 if you have the `pam_getenvlist' function. */
+#undef HAVE_PAM_GETENVLIST
+
/* Define to 1 if you use a specific PAM session for sudo -i. */
#undef HAVE_PAM_LOGIN
/* Define to 1 if you have the `priv_set' function. */
#undef HAVE_PRIV_SET
+/* Define to 1 if you have the <procfs.h> header file. */
+#undef HAVE_PROCFS_H
+
/* Define to 1 if you have the <project.h> header file. */
#undef HAVE_PROJECT_H
/* Define to 1 if you have the `snprintf' function. */
#undef HAVE_SNPRINTF
+/* Define to 1 if you have the <spawn.h> header file. */
+#undef HAVE_SPAWN_H
+
/* Define to 1 if stdbool.h conforms to C99. */
#undef HAVE_STDBOOL_H
/* Define to 1 if you have the `strsignal' function. */
#undef HAVE_STRSIGNAL
+/* Define to 1 if `d_type' is a member of `struct dirent'. */
+#undef HAVE_STRUCT_DIRENT_D_TYPE
+
/* Define to 1 if the system has the type `struct in6_addr'. */
#undef HAVE_STRUCT_IN6_ADDR
/* Define to 1 if `p_tdev' is a member of `struct kinfo_proc'. */
#undef HAVE_STRUCT_KINFO_PROC_P_TDEV
+/* Define to 1 if `pr_ttydev' is a member of `struct psinfo'. */
+#undef HAVE_STRUCT_PSINFO_PR_TTYDEV
+
/* Define if your struct sockadr has an sa_len field. */
#undef HAVE_STRUCT_SOCKADDR_SA_LEN
*/
#undef HAVE_SYS_NDIR_H
+/* Define to 1 if you have the <sys/procfs.h> header file. */
+#undef HAVE_SYS_PROCFS_H
+
/* Define to 1 if you have the <sys/select.h> header file. */
#undef HAVE_SYS_SELECT_H
/* Define to 1 if you have the `_innetgr' function. */
#undef HAVE__INNETGR
+/* Define to 1 if you have the `_ttyname_dev' function. */
+#undef HAVE__TTYNAME_DEV
+
/* Define to 1 if the compiler supports the C99 __func__ variable. */
#undef HAVE___FUNC__
/* The user or email address that sudo mail is sent to. */
#undef MAILTO
+/* Define to 1 if `major', `minor', and `makedev' are declared in <mkdev.h>.
+ */
+#undef MAJOR_IN_MKDEV
+
+/* Define to 1 if `major', `minor', and `makedev' are declared in
+ <sysmacros.h>. */
+#undef MAJOR_IN_SYSMACROS
+
/* The max number of chars per log file line (for line wrapping). */
#undef MAXLOGFILELEN
/* The syslog priority sudo will use for successful attempts. */
#undef PRI_SUCCESS
+/* Define to const if the `putenv' takes a const argument. */
+#undef PUTENV_CONST
+
+/* The default value of preloaded objects (if any). */
+#undef RTLD_PRELOAD_DEFAULT
+
+/* The delimiter to use when defining multiple preloaded objects. */
+#undef RTLD_PRELOAD_DELIM
+
+/* An extra environment variable that is required to enable preloading (if
+ any). */
+#undef RTLD_PRELOAD_ENABLE_VAR
+
+/* The environment variable that controls preloading of dynamic objects. */
+#undef RTLD_PRELOAD_VAR
+
/* The user sudo should run commands as by default. */
#undef RUNAS_DEFAULT
# endif /* HAVE_ST_MTIMESPEC */
#endif /* HAVE_ST_MTIM */
+#ifdef __GNUC__
+# define ignore_result(x) do { \
+ __typeof__(x) y = (x); \
+ (void)y; \
+} while(0)
+#else
+# define ignore_result(x) (void)(x)
+#endif
+
/* GNU stow needs /etc/sudoers to be a symlink. */
#ifdef USE_STOW
# define stat_sudoers stat
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.68 for sudo 1.8.4p4.
+# Generated by GNU Autoconf 2.68 for sudo 1.8.5.
#
# Report bugs to <http://www.sudo.ws/bugs/>.
#
# Identity of this package.
PACKAGE_NAME='sudo'
PACKAGE_TARNAME='sudo'
-PACKAGE_VERSION='1.8.4p4'
-PACKAGE_STRING='sudo 1.8.4p4'
+PACKAGE_VERSION='1.8.5'
+PACKAGE_STRING='sudo 1.8.5'
PACKAGE_BUGREPORT='http://www.sudo.ws/bugs/'
PACKAGE_URL=''
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures sudo 1.8.4p4 to adapt to many kinds of systems.
+\`configure' configures sudo 1.8.5 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of sudo 1.8.4p4:";;
+ short | recursive ) echo "Configuration of sudo 1.8.5:";;
esac
cat <<\_ACEOF
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-sudo configure 1.8.4p4
+sudo configure 1.8.5
generated by GNU Autoconf 2.68
Copyright (C) 2010 Free Software Foundation, Inc.
} # ac_fn_c_check_header_mongrel
+# ac_fn_c_check_member LINENO AGGR MEMBER VAR INCLUDES
+# ----------------------------------------------------
+# Tries to find if the field MEMBER exists in type AGGR, after including
+# INCLUDES, setting cache variable VAR accordingly.
+ac_fn_c_check_member ()
+{
+ as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2.$3" >&5
+$as_echo_n "checking for $2.$3... " >&6; }
+if eval \${$4+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+$5
+int
+main ()
+{
+static $2 ac_aggr;
+if (ac_aggr.$3)
+return 0;
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+ eval "$4=yes"
+else
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+$5
+int
+main ()
+{
+static $2 ac_aggr;
+if (sizeof ac_aggr.$3)
+return 0;
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+ eval "$4=yes"
+else
+ eval "$4=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+eval ac_res=\$$4
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+ eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+
+} # ac_fn_c_check_member
+
# ac_fn_c_compute_int LINENO EXPR VAR INCLUDES
# --------------------------------------------
# Tries to find the compile-time value of EXPR in a program that includes
} # ac_fn_c_compute_int
-# ac_fn_c_check_member LINENO AGGR MEMBER VAR INCLUDES
-# ----------------------------------------------------
-# Tries to find if the field MEMBER exists in type AGGR, after including
-# INCLUDES, setting cache variable VAR accordingly.
-ac_fn_c_check_member ()
-{
- as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2.$3" >&5
-$as_echo_n "checking for $2.$3... " >&6; }
-if eval \${$4+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-$5
-int
-main ()
-{
-static $2 ac_aggr;
-if (ac_aggr.$3)
-return 0;
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
- eval "$4=yes"
-else
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-$5
-int
-main ()
-{
-static $2 ac_aggr;
-if (sizeof ac_aggr.$3)
-return 0;
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
- eval "$4=yes"
-else
- eval "$4=no"
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-eval ac_res=\$$4
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
-$as_echo "$ac_res" >&6; }
- eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
-
-} # ac_fn_c_check_member
-
# ac_fn_c_check_decl LINENO SYMBOL VAR INCLUDES
# ---------------------------------------------
# Tests whether SYMBOL is declared in INCLUDES, setting cache variable VAR
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by sudo $as_me 1.8.4p4, which was
+It was created by sudo $as_me 1.8.5, which was
generated by GNU Autoconf 2.68. Invocation command line was
$ $0 $@
shadow_libs_optional=
CONFIGURE_ARGS="$@"
+RTLD_PRELOAD_VAR="LD_PRELOAD"
+RTLD_PRELOAD_ENABLE_VAR=
+RTLD_PRELOAD_DELIM=":"
+RTLD_PRELOAD_DEFAULT=
+
case "$host" in
*-*-sunos4*)
+ # LD_PRELOAD is space-delimited
+ RTLD_PRELOAD_DELIM=" "
+
# getcwd(3) opens a pipe to getpwd(1)!?!
BROKEN_GETCWD=1
shadow_funcs="getpwanam issecure"
;;
*-*-solaris2*)
+ # LD_PRELOAD is space-delimited
+ RTLD_PRELOAD_DELIM=" "
+
# To get the crypt(3) prototype (so we pass -Wall)
OSDEFS="${OSDEFS} -D__EXTENSIONS__"
# AFS support needs -lucb
# LDR_PRELOAD is only supported in AIX 5.3 and later
if test $OSMAJOR -lt 5; then
with_noexec=no
+ else
+ RTLD_PRELOAD_VAR="LDR_PRELOAD"
fi
# AIX-specific functions
fi
rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+ # ":DEFAULT" must be appended to _RLD_LIST
+ RTLD_PRELOAD_VAR="_RLD_LIST"
+ RTLD_PRELOAD_DEFAULT="DEFAULT"
: ${mansectsu='8'}
: ${mansectform='4'}
;;
fi
fi
+ # ":DEFAULT" must be appended to _RLD_LIST
+ RTLD_PRELOAD_VAR="_RLD_LIST"
+ RTLD_PRELOAD_DEFAULT="DEFAULT"
: ${mansectsu='1m'}
: ${mansectform='4'}
;;
CHECKSHADOW="false"
test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
: ${with_logincap='yes'}
+ RTLD_PRELOAD_VAR="DYLD_INSERT_LIBRARIES"
+ RTLD_PRELOAD_ENABLE_VAR="DYLD_FORCE_FLAT_NAMESPACE"
;;
*-*-nextstep*)
# lockf() on is broken on the NeXT -- use flock instead
ac_cv_func_lockf=no
ac_cv_func_flock=yes
+ RTLD_PRELOAD_VAR="DYLD_INSERT_LIBRARIES"
+ RTLD_PRELOAD_ENABLE_VAR="DYLD_FORCE_FLAT_NAMESPACE"
;;
*-*-*sysv4*)
: ${mansectsu='1m'}
;;
esac
+if test -n "$with_noexec"; then
+ cat >>confdefs.h <<EOF
+#define RTLD_PRELOAD_VAR "$RTLD_PRELOAD_VAR"
+EOF
+
+ cat >>confdefs.h <<EOF
+#define RTLD_PRELOAD_DELIM "$RTLD_PRELOAD_DELIM"
+EOF
+
+ if test -n "$RTLD_PRELOAD_DEFAULT"; then
+ cat >>confdefs.h <<EOF
+#define RTLD_PRELOAD_DEFAULT "$RTLD_PRELOAD_DEFAULT"
+EOF
+
+ fi
+ if test -n "$RTLD_PRELOAD_ENABLE_VAR"; then
+ cat >>confdefs.h <<EOF
+#define RTLD_PRELOAD_ENABLE_VAR "$RTLD_PRELOAD_ENABLE_VAR"
+EOF
+
+ fi
+fi
+
AUTH_REG=${AUTH_REG# }
AUTH_EXCL=${AUTH_EXCL# }
if test -n "$AUTH_EXCL"; then
fi
-for ac_header in malloc.h paths.h utime.h netgroup.h utmpx.h sys/sockio.h sys/bsdtypes.h sys/select.h sys/stropts.h sys/sysmacros.h
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether sys/types.h defines makedev" >&5
+$as_echo_n "checking whether sys/types.h defines makedev... " >&6; }
+if ${ac_cv_header_sys_types_h_makedev+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+#include <sys/types.h>
+int
+main ()
+{
+return makedev(0, 0);
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+ ac_cv_header_sys_types_h_makedev=yes
+else
+ ac_cv_header_sys_types_h_makedev=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_sys_types_h_makedev" >&5
+$as_echo "$ac_cv_header_sys_types_h_makedev" >&6; }
+
+if test $ac_cv_header_sys_types_h_makedev = no; then
+ac_fn_c_check_header_mongrel "$LINENO" "sys/mkdev.h" "ac_cv_header_sys_mkdev_h" "$ac_includes_default"
+if test "x$ac_cv_header_sys_mkdev_h" = xyes; then :
+
+$as_echo "#define MAJOR_IN_MKDEV 1" >>confdefs.h
+
+fi
+
+
+
+ if test $ac_cv_header_sys_mkdev_h = no; then
+ ac_fn_c_check_header_mongrel "$LINENO" "sys/sysmacros.h" "ac_cv_header_sys_sysmacros_h" "$ac_includes_default"
+if test "x$ac_cv_header_sys_sysmacros_h" = xyes; then :
+
+$as_echo "#define MAJOR_IN_SYSMACROS 1" >>confdefs.h
+
+fi
+
+
+ fi
+fi
+
+for ac_header in malloc.h netgroup.h paths.h spawn.h utime.h utmpx.h sys/sockio.h sys/bsdtypes.h sys/select.h sys/stropts.h sys/sysmacros.h
+do :
+ as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
+ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default"
+if eval test \"x\$"$as_ac_Header"\" = x"yes"; then :
+ cat >>confdefs.h <<_ACEOF
+#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+
+done
+
+for ac_header in procfs.h sys/procfs.h
do :
as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default"
if eval test \"x\$"$as_ac_Header"\" = x"yes"; then :
cat >>confdefs.h <<_ACEOF
#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1
+_ACEOF
+ ac_fn_c_check_member "$LINENO" "struct psinfo" "pr_ttydev" "ac_cv_member_struct_psinfo_pr_ttydev" "$ac_includes_default
+#ifdef HAVE_PROCFS_H
+#include <procfs.h>
+#endif
+#ifdef HAVE_SYS_PROCFS_H
+#include <sys/procfs.h>
+#endif
+
+"
+if test "x$ac_cv_member_struct_psinfo_pr_ttydev" = xyes; then :
+
+cat >>confdefs.h <<_ACEOF
+#define HAVE_STRUCT_PSINFO_PR_TTYDEV 1
+_ACEOF
+
+for ac_func in _ttyname_dev
+do :
+ ac_fn_c_check_func "$LINENO" "_ttyname_dev" "ac_cv_func__ttyname_dev"
+if test "x$ac_cv_func__ttyname_dev" = xyes; then :
+ cat >>confdefs.h <<_ACEOF
+#define HAVE__TTYNAME_DEV 1
_ACEOF
+fi
+done
+
+fi
+
+break
fi
done
fi
LIBS=$ac_save_LIBS
-for ac_func in strrchr sysconf tzset strftime \
+for ac_func in glob strrchr sysconf tzset strftime setenv \
regcomp setlocale nl_langinfo mbr_check_membership \
setrlimit64
do :
fi
+fi
+done
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether putenv takes a const argument" >&5
+$as_echo_n "checking whether putenv takes a const argument... " >&6; }
+if ${sudo_cv_func_putenv_const+:} false; then :
+ $as_echo_n "(cached) " >&6
else
- case " $LIBOBJS " in
- *" unsetenv.$ac_objext "* ) ;;
- *) LIBOBJS="$LIBOBJS unsetenv.$ac_objext"
- ;;
-esac
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+$ac_includes_default
+int putenv(const char *string) {return 0;}
+int
+main ()
+{
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+ sudo_cv_func_putenv_const=yes
+else
+ sudo_cv_func_putenv_const=no
fi
-done
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $sudo_cv_func_putenv_const" >&5
+$as_echo "$sudo_cv_func_putenv_const" >&6; }
+ if test $sudo_cv_func_putenv_const = yes; then
+
+$as_echo "#define PUTENV_CONST const" >>confdefs.h
+
+ else
+ $as_echo "#define PUTENV_CONST /**/" >>confdefs.h
+
+ fi
if test -z "$SKIP_SETRESUID"; then
for ac_func in setresuid
fi
-for ac_func in glob
-do :
- ac_fn_c_check_func "$LINENO" "glob" "ac_cv_func_glob"
-if test "x$ac_cv_func_glob" = xyes; then :
- cat >>confdefs.h <<_ACEOF
-#define HAVE_GLOB 1
-_ACEOF
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for GLOB_BRACE and GLOB_TILDE in glob.h" >&5
-$as_echo_n "checking for GLOB_BRACE and GLOB_TILDE in glob.h... " >&6; }
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-#include <glob.h>
-int
-main ()
-{
-int i = GLOB_BRACE | GLOB_TILDE; (void)i;
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
- $as_echo "#define HAVE_EXTENDED_GLOB 1" >>confdefs.h
-
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-else
- case " $LIBOBJS " in
- *" glob.$ac_objext "* ) ;;
- *) LIBOBJS="$LIBOBJS glob.$ac_objext"
- ;;
-esac
-
- COMPAT_TEST_PROGS="${COMPAT_TEST_PROGS}${COMPAT_TEST_PROGS+ }globtest"
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-else
- case " $LIBOBJS " in
- *" glob.$ac_objext "* ) ;;
- *) LIBOBJS="$LIBOBJS glob.$ac_objext"
- ;;
-esac
-
- COMPAT_TEST_PROGS="${COMPAT_TEST_PROGS}${COMPAT_TEST_PROGS+ }globtest"
-
-fi
-done
-
for ac_func in lockf flock
do :
as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
fi
-ac_fn_c_check_func "$LINENO" "setenv" "ac_cv_func_setenv"
-if test "x$ac_cv_func_setenv" = xyes; then :
- $as_echo "#define HAVE_SETENV 1" >>confdefs.h
-
-else
- case " $LIBOBJS " in
- *" setenv.$ac_objext "* ) ;;
- *) LIBOBJS="$LIBOBJS setenv.$ac_objext"
- ;;
-esac
-
-fi
-
for ac_func in nanosleep
do :
fi
rm -f core conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
+ac_fn_c_check_member "$LINENO" "struct dirent" "d_type" "ac_cv_member_struct_dirent_d_type" "
+$ac_includes_default
+#include <$ac_header_dirent>
+
+"
+if test "x$ac_cv_member_struct_dirent_d_type" = xyes; then :
+
+cat >>confdefs.h <<_ACEOF
+#define HAVE_STRUCT_DIRENT_D_TYPE 1
+_ACEOF
+
+
+fi
+
if test -n "$NEED_SNPRINTF"; then
case " $LIBOBJS " in
*" snprintf.$ac_objext "* ) ;;
*)
$as_echo "#define HAVE_ZLIB_H 1" >>confdefs.h
- CPPFLAGS="${CPPFLAGS} -I${enable_zlib}/include"
+ CPPFLAGS="-I${enable_zlib}/include ${CPPFLAGS}"
if test X"$with_rpath" = X"yes"; then
case "$host" in
if test X"$enable_zlib" = X"builtin"; then
$as_echo "#define HAVE_ZLIB_H 1" >>confdefs.h
- CPPFLAGS="${CPPFLAGS}"' -I$(top_srcdir)/zlib'
+ CPPFLAGS='-I$(top_builddir)/zlib -I$(top_srcdir)/zlib '"${CPPFLAGS}"
ZLIB="${ZLIB}"' $(top_builddir)/zlib/libz.la'
ZLIB_SRC=zlib
ac_config_headers="$ac_config_headers zlib/zconf.h"
fi
if test "$with_pam" = "yes"; then
+ # Older PAM implementations lack pam_getenvlist
+ OLIBS="$LIBS"
+ LIBS="$LIBS -lpam $lt_cv_dlopen_libs"
+ for ac_func in pam_getenvlist
+do :
+ ac_fn_c_check_func "$LINENO" "pam_getenvlist" "ac_cv_func_pam_getenvlist"
+if test "x$ac_cv_func_pam_getenvlist" = xyes; then :
+ cat >>confdefs.h <<_ACEOF
+#define HAVE_PAM_GETENVLIST 1
+_ACEOF
+
+fi
+done
+
+ LIBS="$OLIBS"
+
# We already link with -ldl if needed (see LIBDL below)
SUDOERS_LIBS="${SUDOERS_LIBS} -lpam"
$as_echo "#define HAVE_PAM 1" >>confdefs.h
test "$docdir" = '${datarootdir}/doc/${PACKAGE_TARNAME}' && docdir='$(datarootdir)/doc/$(PACKAGE_TARNAME)'
test "$sysconfdir" = '${prefix}/etc' -a X"$with_stow" != X"yes" && sysconfdir='/etc'
-ac_config_files="$ac_config_files Makefile common/Makefile compat/Makefile doc/Makefile include/Makefile src/sudo_usage.h src/Makefile plugins/sample/Makefile plugins/sample_group/Makefile plugins/sudoers/Makefile plugins/sudoers/sudoers"
+ac_config_files="$ac_config_files Makefile common/Makefile compat/Makefile doc/Makefile include/Makefile src/sudo_usage.h src/Makefile plugins/sample/Makefile plugins/sample_group/Makefile plugins/system_group/Makefile plugins/sudoers/Makefile plugins/sudoers/sudoers"
cat >confcache <<\_ACEOF
# This file is a shell script that caches the results of configure
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by sudo $as_me 1.8.4p4, which was
+This file was extended by sudo $as_me 1.8.5, which was
generated by GNU Autoconf 2.68. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-sudo config.status 1.8.4p4
+sudo config.status 1.8.5
configured by $0, generated by GNU Autoconf 2.68,
with options \\"\$ac_cs_config\\"
"src/Makefile") CONFIG_FILES="$CONFIG_FILES src/Makefile" ;;
"plugins/sample/Makefile") CONFIG_FILES="$CONFIG_FILES plugins/sample/Makefile" ;;
"plugins/sample_group/Makefile") CONFIG_FILES="$CONFIG_FILES plugins/sample_group/Makefile" ;;
+ "plugins/system_group/Makefile") CONFIG_FILES="$CONFIG_FILES plugins/system_group/Makefile" ;;
"plugins/sudoers/Makefile") CONFIG_FILES="$CONFIG_FILES plugins/sudoers/Makefile" ;;
"plugins/sudoers/sudoers") CONFIG_FILES="$CONFIG_FILES plugins/sudoers/sudoers" ;;
+
+
+
dnl
dnl Copyright (c) 1994-1996,1998-2012 Todd C. Miller <Todd.Miller@courtesan.com>
dnl
-AC_INIT([sudo], [1.8.4p4], [http://www.sudo.ws/bugs/], [sudo])
+AC_INIT([sudo], [1.8.5], [http://www.sudo.ws/bugs/], [sudo])
AC_CONFIG_HEADER([config.h pathnames.h])
dnl
dnl Note: this must come after AC_INIT
shadow_libs_optional=
CONFIGURE_ARGS="$@"
+dnl
+dnl LD_PRELOAD equivalents
+dnl
+RTLD_PRELOAD_VAR="LD_PRELOAD"
+RTLD_PRELOAD_ENABLE_VAR=
+RTLD_PRELOAD_DELIM=":"
+RTLD_PRELOAD_DEFAULT=
+
dnl
dnl libc replacement functions live in compat
dnl
case "$host" in
*-*-sunos4*)
+ # LD_PRELOAD is space-delimited
+ RTLD_PRELOAD_DELIM=" "
+
# getcwd(3) opens a pipe to getpwd(1)!?!
BROKEN_GETCWD=1
shadow_funcs="getpwanam issecure"
;;
*-*-solaris2*)
+ # LD_PRELOAD is space-delimited
+ RTLD_PRELOAD_DELIM=" "
+
# To get the crypt(3) prototype (so we pass -Wall)
OSDEFS="${OSDEFS} -D__EXTENSIONS__"
# AFS support needs -lucb
# LDR_PRELOAD is only supported in AIX 5.3 and later
if test $OSMAJOR -lt 5; then
with_noexec=no
+ else
+ RTLD_PRELOAD_VAR="LDR_PRELOAD"
fi
# AIX-specific functions
]], [[exit(0);]])], [AC_MSG_RESULT(no)], [AC_MSG_RESULT([yes, fixing locally])
sed 's:<acl.h>:<sys/acl.h>:g' < /usr/include/prot.h > prot.h
])
+ # ":DEFAULT" must be appended to _RLD_LIST
+ RTLD_PRELOAD_VAR="_RLD_LIST"
+ RTLD_PRELOAD_DEFAULT="DEFAULT"
: ${mansectsu='8'}
: ${mansectform='4'}
;;
if test "$OSMAJOR" -le 4; then
AC_CHECK_LIB(sun, getpwnam, [LIBS="${LIBS} -lsun"])
fi
+ # ":DEFAULT" must be appended to _RLD_LIST
+ RTLD_PRELOAD_VAR="_RLD_LIST"
+ RTLD_PRELOAD_DEFAULT="DEFAULT"
: ${mansectsu='1m'}
: ${mansectform='4'}
;;
CHECKSHADOW="false"
test -z "$with_pam" && AUTH_EXCL_DEF="PAM"
: ${with_logincap='yes'}
+ RTLD_PRELOAD_VAR="DYLD_INSERT_LIBRARIES"
+ RTLD_PRELOAD_ENABLE_VAR="DYLD_FORCE_FLAT_NAMESPACE"
;;
*-*-nextstep*)
# lockf() on is broken on the NeXT -- use flock instead
ac_cv_func_lockf=no
ac_cv_func_flock=yes
+ RTLD_PRELOAD_VAR="DYLD_INSERT_LIBRARIES"
+ RTLD_PRELOAD_ENABLE_VAR="DYLD_FORCE_FLAT_NAMESPACE"
;;
*-*-*sysv4*)
: ${mansectsu='1m'}
;;
esac
+dnl
+dnl Library preloading to support NOEXEC
+dnl
+if test -n "$with_noexec"; then
+ SUDO_DEFINE_UNQUOTED(RTLD_PRELOAD_VAR, "$RTLD_PRELOAD_VAR")
+ SUDO_DEFINE_UNQUOTED(RTLD_PRELOAD_DELIM, "$RTLD_PRELOAD_DELIM")
+ if test -n "$RTLD_PRELOAD_DEFAULT"; then
+ SUDO_DEFINE_UNQUOTED(RTLD_PRELOAD_DEFAULT, "$RTLD_PRELOAD_DEFAULT")
+ fi
+ if test -n "$RTLD_PRELOAD_ENABLE_VAR"; then
+ SUDO_DEFINE_UNQUOTED(RTLD_PRELOAD_ENABLE_VAR, "$RTLD_PRELOAD_ENABLE_VAR")
+ fi
+fi
+
dnl
dnl Check for mixing mutually exclusive and regular auth methods
dnl
AC_HEADER_DIRENT
AC_HEADER_TIME
AC_HEADER_STDBOOL
-AC_CHECK_HEADERS(malloc.h paths.h utime.h netgroup.h utmpx.h sys/sockio.h sys/bsdtypes.h sys/select.h sys/stropts.h sys/sysmacros.h)
+AC_HEADER_MAJOR
+AC_CHECK_HEADERS(malloc.h netgroup.h paths.h spawn.h utime.h utmpx.h sys/sockio.h sys/bsdtypes.h sys/select.h sys/stropts.h sys/sysmacros.h)
+AC_CHECK_HEADERS([procfs.h] [sys/procfs.h], [AC_CHECK_MEMBERS(struct psinfo.pr_ttydev, [AC_CHECK_FUNCS(_ttyname_dev)], [], [AC_INCLUDES_DEFAULT
+#ifdef HAVE_PROCFS_H
+#include <procfs.h>
+#endif
+#ifdef HAVE_SYS_PROCFS_H
+#include <sys/procfs.h>
+#endif
+])]
+break)
dnl
dnl Check for large file support. HP-UX 11.23 has a broken sys/type.h
dnl when large files support is enabled so work around it.
dnl Function checks
dnl
AC_FUNC_GETGROUPS
-AC_CHECK_FUNCS(strrchr sysconf tzset strftime \
+AC_CHECK_FUNCS(glob strrchr sysconf tzset strftime setenv \
regcomp setlocale nl_langinfo mbr_check_membership \
setrlimit64)
AC_REPLACE_FUNCS(getgrouplist)
])
])
])
-AC_CHECK_FUNCS(unsetenv, [SUDO_FUNC_UNSETENV_VOID], [AC_LIBOBJ(unsetenv)])
+AC_CHECK_FUNCS(unsetenv, [SUDO_FUNC_UNSETENV_VOID], [])
+SUDO_FUNC_PUTENV_CONST
if test -z "$SKIP_SETRESUID"; then
AC_CHECK_FUNCS(setresuid, [
SKIP_SETREUID=yes
if test -z "$BROKEN_GETCWD"; then
AC_REPLACE_FUNCS(getcwd)
fi
-AC_CHECK_FUNCS(glob, [AC_MSG_CHECKING(for GLOB_BRACE and GLOB_TILDE in glob.h)
-AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include <glob.h>]], [[int i = GLOB_BRACE | GLOB_TILDE; (void)i;]])], [AC_DEFINE(HAVE_EXTENDED_GLOB)
- AC_MSG_RESULT(yes)], [AC_LIBOBJ(glob)
- COMPAT_TEST_PROGS="${COMPAT_TEST_PROGS}${COMPAT_TEST_PROGS+ }globtest"
- AC_MSG_RESULT(no)])], [AC_LIBOBJ(glob)]
- COMPAT_TEST_PROGS="${COMPAT_TEST_PROGS}${COMPAT_TEST_PROGS+ }globtest"
- )
AC_CHECK_FUNCS(lockf flock, [break])
AC_CHECK_FUNCS(innetgr _innetgr, [AC_CHECK_FUNCS(getdomainname) [break]])
AC_CHECK_FUNCS(utimes, [AC_CHECK_FUNCS(futimes futimesat, [break])], [AC_CHECK_FUNCS(futime) AC_LIBOBJ(utimes)])
COMPAT_TEST_PROGS="${COMPAT_TEST_PROGS}${COMPAT_TEST_PROGS+ }fnm_test"
])
SUDO_FUNC_ISBLANK
-AC_REPLACE_FUNCS(memrchr pw_dup strlcpy strlcat setenv)
+AC_REPLACE_FUNCS(memrchr pw_dup strlcpy strlcat)
AC_CHECK_FUNCS(nanosleep, [], [
# On Solaris, nanosleep is in librt
AC_CHECK_LIB(rt, nanosleep, [REPLAY_LIBS="${REPLAY_LIBS} -lrt"], [AC_LIBOBJ(nanosleep)])
AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <sys/types.h>
#include <$ac_header_dirent>]], [[DIR *d; (void)dirfd(d);]])], [AC_DEFINE(HAVE_DIRFD)], [AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <sys/types.h>
#include <$ac_header_dirent>]], [[DIR d; memset(&d, 0, sizeof(d)); return(d.dd_fd);]])], [AC_DEFINE(HAVE_DD_FD)], [])])
+AC_CHECK_MEMBERS([struct dirent.d_type], [], [], [
+AC_INCLUDES_DEFAULT
+#include <$ac_header_dirent>
+])
dnl
dnl If NEED_SNPRINTF is set, add snprintf.c to LIBOBJS
dnl (it contains snprintf, vsnprintf, asprintf, and vasprintf)
dnl
dnl Deferred zlib option processing.
dnl By default we use the system zlib if it is present.
+dnl If a directory was specified for zlib (or we are use sudo's version),
+dnl prepend the include dir to make sure we get the right zlib header.
dnl
case "$enable_zlib" in
yes)
;;
*)
AC_DEFINE(HAVE_ZLIB_H)
- CPPFLAGS="${CPPFLAGS} -I${enable_zlib}/include"
+ CPPFLAGS="-I${enable_zlib}/include ${CPPFLAGS}"
SUDO_APPEND_LIBPATH(ZLIB, [$enable_zlib/lib])
ZLIB="${ZLIB} -lz"
;;
esac
if test X"$enable_zlib" = X"builtin"; then
AC_DEFINE(HAVE_ZLIB_H)
- CPPFLAGS="${CPPFLAGS}"' -I$(top_srcdir)/zlib'
+ CPPFLAGS='-I$(top_builddir)/zlib -I$(top_srcdir)/zlib '"${CPPFLAGS}"
ZLIB="${ZLIB}"' $(top_builddir)/zlib/libz.la'
ZLIB_SRC=zlib
AC_CONFIG_HEADER([zlib/zconf.h])
fi
if test "$with_pam" = "yes"; then
+ # Older PAM implementations lack pam_getenvlist
+ OLIBS="$LIBS"
+ LIBS="$LIBS -lpam $lt_cv_dlopen_libs"
+ AC_CHECK_FUNCS(pam_getenvlist)
+ LIBS="$OLIBS"
+
# We already link with -ldl if needed (see LIBDL below)
SUDOERS_LIBS="${SUDOERS_LIBS} -lpam"
AC_DEFINE(HAVE_PAM)
dnl Substitute into the Makefile and man pages
dnl
dnl AC_CONFIG_FILES([doc/sudo.man doc/visudo.man doc/sudoers.man doc/sudoers.ldap.man doc/sudoreplay.man src/Makefile src/sudo_usage.h])
-AC_CONFIG_FILES([Makefile common/Makefile compat/Makefile doc/Makefile include/Makefile src/sudo_usage.h src/Makefile plugins/sample/Makefile plugins/sample_group/Makefile plugins/sudoers/Makefile plugins/sudoers/sudoers])
+AC_CONFIG_FILES([Makefile common/Makefile compat/Makefile doc/Makefile include/Makefile src/sudo_usage.h src/Makefile plugins/sample/Makefile plugins/sample_group/Makefile plugins/system_group/Makefile plugins/sudoers/Makefile plugins/sudoers/sudoers])
AC_OUTPUT
dnl
AH_TEMPLATE(HAVE_DIRFD, [Define to 1 if you have the `dirfd' function or macro.])
AH_TEMPLATE(HAVE_DISPCRYPT, [Define to 1 if you have the `dispcrypt' function.])
AH_TEMPLATE(HAVE_DLOPEN, [Define to 1 if you have the `dlopen' function.])
-AH_TEMPLATE(HAVE_EXTENDED_GLOB, [Define to 1 if your glob.h defines the GLOB_BRACE and GLOB_TILDE flags.])
AH_TEMPLATE(HAVE_FCNTL_CLOSEM, [Define to 1 if your system has the F_CLOSEM fcntl.])
AH_TEMPLATE(HAVE_FNMATCH, [Define to 1 if you have the `fnmatch' function.])
AH_TEMPLATE(HAVE_FWTK, [Define to 1 if you use the FWTK authsrv daemon.])
AH_TEMPLATE(HAVE_STRUCT_UTMPX_UT_EXIT, [Define to 1 if `ut_exit' is a member of `struct utmpx'.])
AH_TEMPLATE(HAVE___FUNC__, [Define to 1 if the compiler supports the C99 __func__ variable.])
AH_TEMPLATE(SUDO_KRB5_INSTANCE, [An instance string to append to the username (separated by a slash) for Kerberos V authentication])
+AH_TEMPLATE(RTLD_PRELOAD_VAR, [The environment variable that controls preloading of dynamic objects.])
+AH_TEMPLATE(RTLD_PRELOAD_ENABLE_VAR, [An extra environment variable that is required to enable preloading (if any).])
+AH_TEMPLATE(RTLD_PRELOAD_DELIM, [The delimiter to use when defining multiple preloaded objects.])
+AH_TEMPLATE(RTLD_PRELOAD_DEFAULT, [The default value of preloaded objects (if any).])
dnl
dnl Bits to copy verbatim into config.h.in
# endif /* HAVE_ST_MTIMESPEC */
#endif /* HAVE_ST_MTIM */
+#ifdef __GNUC__
+# define ignore_result(x) do { \
+ __typeof__(x) y = (x); \
+ (void)y; \
+} while(0)
+#else
+# define ignore_result(x) (void)(x)
+#endif
+
/* GNU stow needs /etc/sudoers to be a symlink. */
#ifdef USE_STOW
# define stat_sudoers stat
Deven T. Corzine
Frank Cusack
Theo de Raadt
+ Francisco Dieguez
David Dill
Theo Van Dinter
Jeff Earickson
Alek O. Komarnitsky
Daniel Kopecek
Yuri Kozlov
+ Jakob Kramer
Paul Kranenburg
David Krause
+ Tomislav Krznar
+ Eric Lakin
Case Larsen
Dmitry V. Levin
Kendall Libby
Tom McLaughlin
Jeff Makey
Michael D. Marchionna
+ Algimantas Margevicius
Paul Markham
Emin Martinian
Pavel Maryanov
Peter A. Nikitser
Miroslav Nikolic
Ludwig Nussel
+ Daniel Nylander
Eric Paquet
Chantal Paradis
Ted Percival
Diego Elio Petteno
Joel Pickett
Alex Plotnick
+ Tran Ngoc Quan
Gudleik Rasch
Matt Richards
Guido van Rossum
Timm Wetzel
Marco van Wieringen
David Wood
-
+ Gustavo Zacarias
The embedded copy of zlib bears the following license:
- Copyright (C) 1995-2010 Jean-loup Gailly and Mark Adler
+ Copyright (C) 1995-2012 Jean-loup Gailly and Mark Adler
This software is provided 'as-is', without any express or implied
warranty. In no event will the authors be held liable for any damages
you may need to install the SUNWbtool package. On other systems
"ar" may be included in the GNU binutils package.
-Q) Sudo compiles but when I run it I get "Sorry, sudo must be setuid root."
- and sudo quits.
-A) Sudo must be setuid root to do its work. You need to do something like
+Q) Sudo compiles and installs OK but when I try to run it I get:
+ /usr/local/bin/sudo must be owned by uid 0 and have the setuid bit set
+A) Sudo must be setuid root to do its work. Either /usr/local/bin/sudo
+ is not owned by uid 0 or the setuid bit is not set. This should have
+ been done for you by "make install" but you can fix it manually by
+ running the following as root:
+ # chown root /usr/local/bin/sudo; chmod 4111 /usr/local/bin/sudo
+
+Q) Sudo compiles and installs OK but when I try to run it I get:
+ effective uid is not 0, is /usr/local/bin/sudo on a file system with the
+ 'nosuid' option set or an NFS file system without root privileges?
+A) The owner and permissions on the sudo binary appear to be OK but when
+ sudo ran, the setuid bit did not have an effect. There are two common
+ causes for this. The first is that the file system the sudo binary
+ is located on is mounted with the 'nosuid' mount option, which disables
+ setuid binaries. The other is that sudo is installed on an NFS-mounted
+ file system that is exported without root privileges. By default, NFS
+ file systems are exported with uid 0 mapped to a non-privileged uid
+ (usually -2).
+
+You need to do something like
`chmod 4111 /usr/local/bin/sudo'. Also, the file system sudo resides
on must *not* be mounted (or exported) with the nosuid option or sudo
will not be able to work. Another possibility is you may have '.' in
Alternately, if you do not mind your password being echoed to the
screen, you can use the "visiblepw" sudoers option to allow this.
+Q) When I try to use SSL-enabled LDAP with sudo I get an error:
+ unable to initialize SSL cert and key db: security library: bad database.
+ you must set TLS_CERT in /etc/ldap.conf to use SSL
+A) On systems that use a Mozilla-derived LDAP SDK there must be a
+ certificate database in place to use SSL-encrypted LDAP connections.
+ This file is usually /var/ldap/cert8.db or /etc/ldap/cert8.db.
+ The actual number after "cert" will vary, depending on the version
+ of the LDAP SDK that is being used. If you do not have a certificate
+ database you can either copy one from a mozilla-derived browser, such
+ as firefox, or create one using the "certutil" command. You can run
+ "certutil" as follows and press the <return> (or <enter>) key at the
+ password prompt:
+ # certutil -N -d /var/ldap
+ Enter a password which will be used to encrypt your keys.
+ The password should be at least 8 characters long,
+ and should contain at least one non-alphabetic character.
+
+ Enter new password: <return>
+ Re-enter password: <return>
+
Q) When I run sudo on AIX I get the following error:
setuidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, ROOT_UID): Operation not permitted.
A) AIX's Enhanced RBAC is preventing sudo from running. To fix
/usr/local/bin/sudo:
accessauths = ALLOW_ALL
- innateprivs = PV_DAC_UID,PV_DAC_GID
+ innateprivs = PV_DAC_GID,PV_DAC_O,PV_DAC_R,PV_DAC_UID,PV_DAC_W,PV_DAC_X,PV_FS_CHOWN,PV_PROC_ENV,PV_PROC_PRIO,PV_PROC_RAC
secflags = FSF_EPS
+Q) When I run configure I get the following error:
+ dlopen present but libtool doesn't appear to support your platform.
+A) Libtool doesn't know how to support dynamic linking on the operating
+ system you are building for. If you are cross-compiling, you need to
+ specify the operating system, not just the CPU type. For example:
+ --host powerpc-unknown-linux
+ instead of just:
+ --host powerpc
+
Q) How do you pronounce `sudo'?
A) The official pronunciation is soo-doo (for su "do"). However, an
alternate pronunciation, a homophone of "pseudo", is also common.
# Sample /etc/sudo.conf file
#
# Format:
-# Plugin plugin_name plugin_path
+# Plugin plugin_name plugin_path plugin_options ...
# Path askpass /path/to/askpass
-# Path noexec /path/to/noexec.so
+# Path noexec /path/to/sudo_noexec.so
# Debug sudo /var/log/sudo_debug all@warn
# Set disable_coredump true
#
# The plugin_path is relative to ${prefix}/libexec unless fully qualified.
# The plugin_name corresponds to a global symbol in the plugin
# that contains the plugin interface structure.
+# The plugin_options are optional.
#
# The sudoers plugin is used by default if no Plugin lines are present.
Plugin sudoers_policy sudoers.so
# Default /etc/sudo.conf file
#
# Format:
- # Plugin plugin_name plugin_path
+ # Plugin plugin_name plugin_path plugin_options ...
# Path askpass /path/to/askpass
- # Path noexec /path/to/noexec.so
+ # Path noexec /path/to/sudo_noexec.so
# Debug sudo /var/log/sudo_debug all@warn
# Set disable_coredump true
#
# fully qualified.
# The plugin_name corresponds to a global symbol in the plugin
# that contains the plugin interface structure.
+ # The plugin_options are optional.
#
Plugin policy_plugin sudoers.so
Plugin io_plugin sudoers.so
io_plugin in the plugin shared object. The _\bp_\ba_\bt_\bh may be fully qualified
or relative. If not fully qualified it is relative to the
_\b/_\bu_\bs_\br_\b/_\bl_\bo_\bc_\ba_\bl_\b/_\bl_\bi_\bb_\be_\bx_\be_\bc directory. Any additional parameters after the _\bp_\ba_\bt_\bh
- are ignored. Lines that don't begin with Plugin or Path are silently
- ignored
+ are passed as arguments to the plugin's _\bo_\bp_\be_\bn function. Lines that
+ don't begin with Plugin, Path, Debug or Set are silently ignored.
For more information, see the _\bs_\bu_\bd_\bo_\b__\bp_\bl_\bu_\bg_\bi_\bn(1m) manual.
-1.8.4 February 5, 2012 SUDO(1m)
+1.8.5 March 15, 2012 SUDO(1m)
.\" ========================================================================
.\"
.IX Title "SUDO @mansectsu@"
-.TH SUDO @mansectsu@ "February 5, 2012" "1.8.4" "MAINTENANCE COMMANDS"
+.TH SUDO @mansectsu@ "March 15, 2012" "1.8.5" "MAINTENANCE COMMANDS"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
\& # Default @sysconfdir@/sudo.conf file
\& #
\& # Format:
-\& # Plugin plugin_name plugin_path
+\& # Plugin plugin_name plugin_path plugin_options ...
\& # Path askpass /path/to/askpass
-\& # Path noexec /path/to/noexec.so
+\& # Path noexec /path/to/sudo_noexec.so
\& # Debug sudo /var/log/sudo_debug all@warn
\& # Set disable_coredump true
\& #
\& # fully qualified.
\& # The plugin_name corresponds to a global symbol in the plugin
\& # that contains the plugin interface structure.
+\& # The plugin_options are optional.
\& #
\& Plugin policy_plugin sudoers.so
\& Plugin io_plugin sudoers.so
or \f(CW\*(C`struct io_plugin\*(C'\fR in the plugin shared object. The \fIpath\fR
may be fully qualified or relative. If not fully qualified it is
relative to the \fI@prefix@/libexec\fR directory. Any additional
-parameters after the \fIpath\fR are ignored. Lines that don't begin
-with \f(CW\*(C`Plugin\*(C'\fR or \f(CW\*(C`Path\*(C'\fR are silently ignored
+parameters after the \fIpath\fR are passed as arguments to the plugin's
+\&\fIopen\fR function. Lines that don't begin with \f(CW\*(C`Plugin\*(C'\fR, \f(CW\*(C`Path\*(C'\fR,
+\&\f(CW\*(C`Debug\*(C'\fR or \f(CW\*(C`Set\*(C'\fR are silently ignored.
.PP
For more information, see the \fIsudo_plugin\fR\|(@mansectsu@) manual.
.SH "PATHS"
# Default @sysconfdir@/sudo.conf file
#
# Format:
- # Plugin plugin_name plugin_path
+ # Plugin plugin_name plugin_path plugin_options ...
# Path askpass /path/to/askpass
- # Path noexec /path/to/noexec.so
+ # Path noexec /path/to/sudo_noexec.so
# Debug sudo /var/log/sudo_debug all@warn
# Set disable_coredump true
#
# fully qualified.
# The plugin_name corresponds to a global symbol in the plugin
# that contains the plugin interface structure.
+ # The plugin_options are optional.
#
Plugin policy_plugin sudoers.so
Plugin io_plugin sudoers.so
or C<struct io_plugin> in the plugin shared object. The I<path>
may be fully qualified or relative. If not fully qualified it is
relative to the F<@prefix@/libexec> directory. Any additional
-parameters after the I<path> are ignored. Lines that don't begin
-with C<Plugin> or C<Path> are silently ignored
+parameters after the I<path> are passed as arguments to the plugin's
+I<open> function. Lines that don't begin with C<Plugin>, C<Path>,
+C<Debug> or C<Set> are silently ignored.
For more information, see the L<sudo_plugin(8)> manual.
io_plugin in the plugin shared object. The _\bp_\ba_\bt_\bh may be fully qualified
or relative. If not fully qualified it is relative to the
_\b/_\bu_\bs_\br_\b/_\bl_\bo_\bc_\ba_\bl_\b/_\bl_\bi_\bb_\be_\bx_\be_\bc directory. Any additional parameters after the _\bp_\ba_\bt_\bh
- are ignored. Lines that don't begin with Plugin or Path are silently
- ignored.
+ are passed as options to the plugin's _\bo_\bp_\be_\bn function. Lines that don't
+ begin with Plugin, Path, Debug or Set are silently ignored.
The same shared object may contain multiple plugins, each with a
different symbol name. The shared object file must be owned by uid 0
# Default /etc/sudo.conf file
#
# Format:
- # Plugin plugin_name plugin_path
+ # Plugin plugin_name plugin_path plugin_options ...
# Path askpass /path/to/askpass
+ # Path noexec /path/to/sudo_noexec.so
+ # Debug sudo /var/log/sudo_debug all@warn
+ # Set disable_coredump true
#
# The plugin_path is relative to /usr/local/libexec unless
# fully qualified.
# The plugin_name corresponds to a global symbol in the plugin
# that contains the plugin interface structure.
+ # The plugin_options are optional.
#
Plugin sudoers_policy sudoers.so
Plugin sudoers_io sudoers.so
unsigned int version; /* always SUDO_API_VERSION */
int (*open)(unsigned int version, sudo_conv_t conversation,
sudo_printf_t plugin_printf, char * const settings[],
- char * const user_info[], char * const user_env[]);
+ char * const user_info[], char * const user_env[],
+ char * const plugin_options[]);
void (*close)(int exit_status, int error);
int (*show_version)(int verbose);
int (*check_policy)(int argc, char * const argv[],
const char *list_user);
int (*validate)(void);
void (*invalidate)(int remove);
- int (*init_session)(struct passwd *pwd);
+ int (*init_session)(struct passwd *pwd, char **user_env[]);
+ void (*register_hooks)(int version,
+ int (*register_hook)(struct sudo_hook *hook));
+ void (*deregister_hooks)(int version,
+ int (*deregister_hook)(struct sudo_hook *hook));
};
The policy_plugin struct has the following fields:
open
int (*open)(unsigned int version, sudo_conv_t conversation,
sudo_printf_t plugin_printf, char * const settings[],
- char * const user_info[], char * const user_env[]);
+ char * const user_info[], char * const user_env[],
+ char * const plugin_options[]);
Returns 1 on success, 0 on failure, -1 if a general error occurred,
or -2 if there was a usage error. In the latter case, s\bsu\bud\bdo\bo will
equal sign ('=') since the _\bn_\ba_\bm_\be field will never include one
itself but the _\bv_\ba_\bl_\bu_\be might.
+ pid=int
+ The process ID of the running s\bsu\bud\bdo\bo process. Only available
+ starting with API version 1.2
+
+ ppid=int
+ The parent process ID of the running s\bsu\bud\bdo\bo process. Only
+ available starting with API version 1.2
+
+ sid=int
+ The session ID of the running s\bsu\bud\bdo\bo process or 0 if s\bsu\bud\bdo\bo is
+ not part of a POSIX job control session. Only available
+ starting with API version 1.2
+
+ pgid=int
+ The ID of the process group that the running s\bsu\bud\bdo\bo process
+ belongs to. Only available starting with API version 1.2
+
+ tcpgid=int
+ The ID of the forground process group associated with the
+ terminal device associcated with the s\bsu\bud\bdo\bo process or -1 if
+ there is no terminal present. Only available starting with
+ API version 1.2
+
user=string
The name of the user invoking s\bsu\bud\bdo\bo.
+ euid=uid_t
+ The effective user ID of the user invoking s\bsu\bud\bdo\bo.
+
uid=uid_t
The real user ID of the user invoking s\bsu\bud\bdo\bo.
+ egid=gid_t
+ The effective group ID of the user invoking s\bsu\bud\bdo\bo.
+
gid=gid_t
The real group ID of the user invoking s\bsu\bud\bdo\bo.
equal sign ('=') since the _\bn_\ba_\bm_\be field will never include one
itself but the _\bv_\ba_\bl_\bu_\be might.
+ plugin_options
+ Any (non-comment) strings immediately after the plugin path are
+ treated as arguments to the plugin. These arguments are split
+ on a white space boundary and are passed to the plugin in the
+ form of a NULL-terminated array of strings. If no arguments
+ were specified, _\bp_\bl_\bu_\bg_\bi_\bn_\b__\bo_\bp_\bt_\bi_\bo_\bn_\bs will be the NULL pointer.
+
+ NOTE: the _\bp_\bl_\bu_\bg_\bi_\bn_\b__\bo_\bp_\bt_\bi_\bo_\bn_\bs parameter is only available starting
+ with API version 1.2. A plugin m\bmu\bus\bst\bt check the API version
+ specified by the s\bsu\bud\bdo\bo front end before using _\bp_\bl_\bu_\bg_\bi_\bn_\b__\bo_\bp_\bt_\bi_\bo_\bn_\bs.
+ Failure to do so may result in a crash.
+
close
void (*close)(int exit_status, int error);
support credential caching.
init_session
- int (*init_session)(struct passwd *pwd);
+ int (*init_session)(struct passwd *pwd, char **user_envp[);
- The init_session function is called when s\bsu\bud\bdo\bo sets up the execution
- environment for the command, immediately before the contents of the
- _\bc_\bo_\bm_\bm_\ba_\bn_\bd_\b__\bi_\bn_\bf_\bo list are applied (before the uid changes). This can
- be used to do session setup that is not supported by _\bc_\bo_\bm_\bm_\ba_\bn_\bd_\b__\bi_\bn_\bf_\bo,
- such as opening the PAM session.
+ The init_session function is called before s\bsu\bud\bdo\bo sets up the
+ execution environment for the command. It is run in the parent
+ s\bsu\bud\bdo\bo process and before any uid or gid changes. This can be used
+ to perform session setup that is not supported by _\bc_\bo_\bm_\bm_\ba_\bn_\bd_\b__\bi_\bn_\bf_\bo,
+ such as opening the PAM session. The close function can be used to
+ tear down the session that was opened by init_session.
The _\bp_\bw_\bd argument points to a passwd struct for the user the command
will be run as if the uid the command will run as was found in the
password database, otherwise it will be NULL.
+ The _\bu_\bs_\be_\br_\b__\be_\bn_\bv argument points to the environment the command will
+ run in, in the form of a NULL-terminated vector of "name=value"
+ strings. This is the same string passed back to the front end via
+ the Policy Plugin's _\bu_\bs_\be_\br_\b__\be_\bn_\bv_\b__\bo_\bu_\bt parameter. If the init_session
+ function needs to modify the user environment, it should update the
+ pointer stored in _\bu_\bs_\be_\br_\b__\be_\bn_\bv. The expected use case is to merge the
+ contents of the PAM environment (if any) with the contents of
+ _\bu_\bs_\be_\br_\b__\be_\bn_\bv. NOTE: the _\bu_\bs_\be_\br_\b__\be_\bn_\bv parameter is only available starting
+ with API version 1.2. A plugin m\bmu\bus\bst\bt check the API version
+ specified by the s\bsu\bud\bdo\bo front end before using _\bu_\bs_\be_\br_\b__\be_\bn_\bv. Failure to
+ do so may result in a crash.
+
Returns 1 on success, 0 on failure and -1 on error. On error, the
plugin may optionally call the conversation or plugin_printf
function with SUDO_CONF_ERROR_MSG to present additional error
information to the user.
- _\bV_\be_\br_\bs_\bi_\bo_\bn _\bm_\ba_\bc_\br_\bo_\bs
+ register_hooks
+ void (*register_hooks)(int version,
+ int (*register_hook)(struct sudo_hook *hook));
+
+ The register_hooks function is called by the sudo front end to
+ register any hooks the plugin needs. If the plugin does not
+ support hooks, register_hooks should be set to the NULL pointer.
+
+ The _\bv_\be_\br_\bs_\bi_\bo_\bn argument describes the version of the hooks API
+ supported by the s\bsu\bud\bdo\bo front end.
+
+ The register_hook function should be used to register any supported
+ hooks the plugin needs. It returns 0 on success, 1 if the hook
+ type is not supported and -1 if the major version in struct hook
+ does not match the front end's major hook API version.
+ See the "Hook Function API" section below for more information
+ about hooks.
+
+ NOTE: the register_hooks function is only available starting with
+ API version 1.2. If the s\bsu\bud\bdo\bo front end doesn't support API version
+ 1.2 or higher, register_hooks will not be called.
+
+ deregister_hooks
+ void (*deregister_hooks)(int version,
+ int (*deregister_hook)(struct sudo_hook *hook));
+
+ The deregister_hooks function is called by the sudo front end to
+ deregister any hooks the plugin has registered. If the plugin does
+ not support hooks, deregister_hooks should be set to the NULL
+ pointer.
+
+ The _\bv_\be_\br_\bs_\bi_\bo_\bn argument describes the version of the hooks API
+ supported by the s\bsu\bud\bdo\bo front end.
+
+ The deregister_hook function should be used to deregister any hooks
+ that were put in place by the register_hook function. If the
+ plugin tries to deregister a hook that the front end does not
+ support, deregister_hook will return an error.
+
+ See the "Hook Function API" section below for more information
+ about hooks.
+
+ NOTE: the deregister_hooks function is only available starting with
+ API version 1.2. If the s\bsu\bud\bdo\bo front end doesn't support API version
+ 1.2 or higher, deregister_hooks will not be called.
+
+ _\bP_\bo_\bl_\bi_\bc_\by _\bP_\bl_\bu_\bg_\bi_\bn _\bV_\be_\br_\bs_\bi_\bo_\bn _\bM_\ba_\bc_\br_\bo_\bs
+
+ /* Plugin API version major/minor. */
+ #define SUDO_API_VERSION_MAJOR 1
+ #define SUDO_API_VERSION_MINOR 2
+ #define SUDO_API_MKVERSION(x, y) ((x << 16) | y)
+ #define SUDO_API_VERSION SUDO_API_MKVERSION(SUDO_API_VERSION_MAJOR,\
+ SUDO_API_VERSION_MINOR)
+
+ /* Getters and setters for API version */
#define SUDO_API_VERSION_GET_MAJOR(v) ((v) >> 16)
#define SUDO_API_VERSION_GET_MINOR(v) ((v) & 0xffff)
#define SUDO_API_VERSION_SET_MAJOR(vp, n) do { \
*(vp) = (*(vp) & 0xffff0000) | (n); \
} while(0)
- #define SUDO_API_VERSION_MAJOR 1
- #define SUDO_API_VERSION_MINOR 0
- #define SUDO_API_VERSION ((SUDO_API_VERSION_MAJOR << 16) | \
- SUDO_API_VERSION_MINOR)
-
I\bI/\b/O\bO P\bPl\blu\bug\bgi\bin\bn A\bAP\bPI\bI
struct io_plugin {
#define SUDO_IO_PLUGIN 2
int (*open)(unsigned int version, sudo_conv_t conversation
sudo_printf_t plugin_printf, char * const settings[],
char * const user_info[], int argc, char * const argv[],
- char * const user_env[]);
+ char * const user_env[], char * const plugin_options[]);
void (*close)(int exit_status, int error); /* wait status or error */
int (*show_version)(int verbose);
int (*log_ttyin)(const char *buf, unsigned int len);
int (*log_stdin)(const char *buf, unsigned int len);
int (*log_stdout)(const char *buf, unsigned int len);
int (*log_stderr)(const char *buf, unsigned int len);
+ void (*register_hooks)(int version,
+ int (*register_hook)(struct sudo_hook *hook));
+ void (*deregister_hooks)(int version,
+ int (*deregister_hook)(struct sudo_hook *hook));
};
When an I/O plugin is loaded, s\bsu\bud\bdo\bo runs the command in a pseudo-tty.
int (*open)(unsigned int version, sudo_conv_t conversation
sudo_printf_t plugin_printf, char * const settings[],
char * const user_info[], int argc, char * const argv[],
- char * const user_env[]);
+ char * const user_env[], char * const plugin_options[]);
The _\bo_\bp_\be_\bn function is run before the _\bl_\bo_\bg_\b__\bi_\bn_\bp_\bu_\bt, _\bl_\bo_\bg_\b__\bo_\bu_\bt_\bp_\bu_\bt or
_\bs_\bh_\bo_\bw_\b__\bv_\be_\br_\bs_\bi_\bo_\bn functions are called. It is only called if the
equal sign ('=') since the _\bn_\ba_\bm_\be field will never include one
itself but the _\bv_\ba_\bl_\bu_\be might.
+ plugin_options
+ Any (non-comment) strings immediately after the plugin path are
+ treated as arguments to the plugin. These arguments are split
+ on a white space boundary and are passed to the plugin in the
+ form of a NULL-terminated array of strings. If no arguments
+ were specified, _\bp_\bl_\bu_\bg_\bi_\bn_\b__\bo_\bp_\bt_\bi_\bo_\bn_\bs will be the NULL pointer.
+
+ NOTE: the _\bp_\bl_\bu_\bg_\bi_\bn_\b__\bo_\bp_\bt_\bi_\bo_\bn_\bs parameter is only available starting
+ with API version 1.2. A plugin m\bmu\bus\bst\bt check the API version
+ specified by the s\bsu\bud\bdo\bo front end before using _\bp_\bl_\bu_\bg_\bi_\bn_\b__\bo_\bp_\bt_\bi_\bo_\bn_\bs.
+ Failure to do so may result in a crash.
+
close
void (*close)(int exit_status, int error);
len The length of _\bb_\bu_\bf in bytes.
- _\bV_\be_\br_\bs_\bi_\bo_\bn _\bm_\ba_\bc_\br_\bo_\bs
+ register_hooks
+ See the "Policy Plugin API" section for a description of
+ register_hooks.
+
+ deregister_hooks
+ See the "Policy Plugin API" section for a description of
+ deregister_hooks.
+
+ _\bI_\b/_\bO _\bP_\bl_\bu_\bg_\bi_\bn _\bV_\be_\br_\bs_\bi_\bo_\bn _\bM_\ba_\bc_\br_\bo_\bs
Same as for the "Policy Plugin API".
+ H\bHo\boo\bok\bk F\bFu\bun\bnc\bct\bti\bio\bon\bn A\bAP\bPI\bI
+ Beginning with plugin API version 1.2, it is possible to install hooks
+ for certain functions called by the s\bsu\bud\bdo\bo front end.
+
+ Currently, the only supported hooks relate to the handling of
+ environment variables. Hooks can be used to intercept attempts to get,
+ set, or remove environment variables so that these changes can be
+ reflected in the version of the environment that is used to execute a
+ command. A future version of the API will support hooking internal
+ s\bsu\bud\bdo\bo front end functions as well.
+
+ _\bH_\bo_\bo_\bk _\bs_\bt_\br_\bu_\bc_\bt_\bu_\br_\be
+
+ Hooks in s\bsu\bud\bdo\bo are described by the following structure:
+
+ typedef int (*sudo_hook_fn_t)();
+
+ struct sudo_hook {
+ int hook_version;
+ int hook_type;
+ sudo_hook_fn_t hook_fn;
+ void *closure;
+ };
+
+ The sudo_hook structure has the following fields:
+
+ hook_version
+ The hook_version field should be set to SUDO_HOOK_VERSION.
+
+ hook_type
+ The hook_type field may be one of the following supported hook
+ types:
+
+ SUDO_HOOK_SETENV
+ The C library setenv() function. Any registered hooks will run
+ before the C library implementation. The hook_fn field should
+ be a function that matches the following typedef:
+
+ typedef int (*sudo_hook_fn_setenv_t)(const char *name,
+ const char *value, int overwrite, void *closure);
+
+ If the registered hook does not match the typedef the results
+ are unspecified.
+
+ SUDO_HOOK_UNSETENV
+ The C library unsetenv() function. Any registered hooks will
+ run before the C library implementation. The hook_fn field
+ should be a function that matches the following typedef:
+
+ typedef int (*sudo_hook_fn_unsetenv_t)(const char *name,
+ void *closure);
+
+ SUDO_HOOK_GETENV
+ The C library getenv() function. Any registered hooks will run
+ before the C library implementation. The hook_fn field should
+ be a function that matches the following typedef:
+
+ typedef int (*sudo_hook_fn_getenv_t)(const char *name,
+ char **value, void *closure);
+
+ If the registered hook does not match the typedef the results
+ are unspecified.
+
+ SUDO_HOOK_PUTENV
+ The C library putenv() function. Any registered hooks will run
+ before the C library implementation. The hook_fn field should
+ be a function that matches the following typedef:
+
+ typedef int (*sudo_hook_fn_putenv_t)(char *string,
+ void *closure);
+
+ If the registered hook does not match the typedef the results
+ are unspecified.
+
+ hook_fn
+ sudo_hook_fn_t hook_fn;
+
+ The hook_fn field should be set to the plugin's hook
+ implementation. The actual function arguments will vary depending
+ on the hook_type (see hook_type above). In all cases, the closure
+ field of struct sudo_hook is passed as the last function parameter.
+ This can be used to pass arbitrary data to the plugin's hook
+ implementation.
+
+ The function return value may be one of the following:
+
+ SUDO_HOOK_RET_ERROR
+ The hook function encountered an error.
+
+ SUDO_HOOK_RET_NEXT
+ The hook completed without error, go on to the next hook
+ (including the native implementation if applicable). For
+ example, a getenv hook might return SUDO_HOOK_RET_NEXT if the
+ specified variable was not found in the private copy of the
+ environment.
+
+ SUDO_HOOK_RET_STOP
+ The hook completed without error, stop processing hooks for
+ this invocation. This can be used to replace the native
+ implementation. For example, a setenv hook that operates on a
+ private copy of the environment but leaves environ unchanged.
+
+ Note that it is very easy to create an infinite loop when hooking C
+ library functions. For example, a getenv hook that calls the snprintf
+ function may create a loop if the snprintf implementation calls getenv
+ to check the locale. To prevent this, you may wish to use a static
+ variable in the hook function to guard against nested calls. E.g.
+
+ static int in_progress = 0; /* avoid recursion */
+ if (in_progress)
+ return SUDO_HOOK_RET_NEXT;
+ in_progress = 1;
+ ...
+ in_progress = 0;
+ return SUDO_HOOK_RET_STOP;
+
+ _\bH_\bo_\bo_\bk _\bA_\bP_\bI _\bV_\be_\br_\bs_\bi_\bo_\bn _\bM_\ba_\bc_\br_\bo_\bs
+
+ /* Hook API version major/minor */
+ #define SUDO_HOOK_VERSION_MAJOR 1
+ #define SUDO_HOOK_VERSION_MINOR 0
+ #define SUDO_HOOK_MKVERSION(x, y) ((x << 16) | y)
+ #define SUDO_HOOK_VERSION SUDO_HOOK_MKVERSION(SUDO_HOOK_VERSION_MAJOR,\
+ SUDO_HOOK_VERSION_MINOR)
+
+ /* Getters and setters for hook API version */
+ #define SUDO_HOOK_VERSION_GET_MAJOR(v) ((v) >> 16)
+ #define SUDO_HOOK_VERSION_GET_MINOR(v) ((v) & 0xffff)
+ #define SUDO_HOOK_VERSION_SET_MAJOR(vp, n) do { \
+ *(vp) = (*(vp) & 0x0000ffff) | ((n) << 16); \
+ } while(0)
+ #define SUDO_HOOK_VERSION_SET_MINOR(vp, n) do { \
+ *(vp) = (*(vp) & 0xffff0000) | (n); \
+ } while(0)
+
C\bCo\bon\bnv\bve\ber\brs\bsa\bat\bti\bio\bon\bn A\bAP\bPI\bI
If the plugin needs to interact with the user, it may do so via the
conversation function. A plugin should not attempt to read directly
pwd The password database entry for _\bu_\bs_\be_\br, if any. If _\bu_\bs_\be_\br is not
present in the password database, _\bp_\bw_\bd will be NULL.
- _\bV_\be_\br_\bs_\bi_\bo_\bn _\bM_\ba_\bc_\br_\bo_\bs
+ _\bG_\br_\bo_\bu_\bp _\bA_\bP_\bI _\bV_\be_\br_\bs_\bi_\bo_\bn _\bM_\ba_\bc_\br_\bo_\bs
/* Sudoers group plugin version major/minor */
#define GROUP_API_VERSION_MAJOR 1
*(vp) = (*(vp) & 0xffff0000) | (n); \
} while(0)
+P\bPL\bLU\bUG\bGI\bIN\bN A\bAP\bPI\bI C\bCH\bHA\bAN\bNG\bGE\bEL\bLO\bOG\bG
+ The following revisions have been made to the Sudo Plugin API.
+
+ Version 1.0
+ Initial API version.
+
+ Version 1.1
+ The I/O logging plugin's open function was modified to take the
+ command_info list as an argument.
+
+ Version 1.2
+ The Policy and I/O logging plugins' open functions are now passed a
+ list of plugin options if any are specified in _\b/_\be_\bt_\bc_\b/_\bs_\bu_\bd_\bo_\b._\bc_\bo_\bn_\bf.
+
+ A simple hooks API has been introduced to allow plugins to hook in
+ to the system's environment handling functions.
+
+ The init_session Policy plugin function is now passed a pointer to
+ the user environment which can be updated as needed. This can be
+ used to merge in environment variables stored in the PAM handle
+ before a command is run.
+
S\bSE\bEE\bE A\bAL\bLS\bSO\bO
_\bs_\bu_\bd_\bo_\be_\br_\bs(4), _\bs_\bu_\bd_\bo(1m)
-1.8.4 January 6, 2012 SUDO_PLUGIN(1m)
+1.8.5 April 23, 2012 SUDO_PLUGIN(1m)
.\" ========================================================================
.\"
.IX Title "SUDO_PLUGIN @mansectsu@"
-.TH SUDO_PLUGIN @mansectsu@ "January 6, 2012" "1.8.4" "MAINTENANCE COMMANDS"
+.TH SUDO_PLUGIN @mansectsu@ "April 23, 2012" "1.8.5" "MAINTENANCE COMMANDS"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
or \f(CW\*(C`struct io_plugin\*(C'\fR in the plugin shared object. The \fIpath\fR
may be fully qualified or relative. If not fully qualified it is
relative to the \fI@prefix@/libexec\fR directory. Any additional
-parameters after the \fIpath\fR are ignored. Lines that don't begin
-with \f(CW\*(C`Plugin\*(C'\fR or \f(CW\*(C`Path\*(C'\fR are silently ignored.
+parameters after the \fIpath\fR are passed as options to the plugin's
+\&\fIopen\fR function. Lines that don't begin with \f(CW\*(C`Plugin\*(C'\fR, \f(CW\*(C`Path\*(C'\fR,
+\&\f(CW\*(C`Debug\*(C'\fR or \f(CW\*(C`Set\*(C'\fR are silently ignored.
.PP
The same shared object may contain multiple plugins, each with a
different symbol name. The shared object file must be owned by uid
\& # Default @sysconfdir@/sudo.conf file
\& #
\& # Format:
-\& # Plugin plugin_name plugin_path
+\& # Plugin plugin_name plugin_path plugin_options ...
\& # Path askpass /path/to/askpass
+\& # Path noexec /path/to/sudo_noexec.so
+\& # Debug sudo /var/log/sudo_debug all@warn
+\& # Set disable_coredump true
\& #
\& # The plugin_path is relative to @prefix@/libexec unless
\& # fully qualified.
\& # The plugin_name corresponds to a global symbol in the plugin
\& # that contains the plugin interface structure.
+\& # The plugin_options are optional.
\& #
\& Plugin sudoers_policy sudoers.so
\& Plugin sudoers_io sudoers.so
\& unsigned int version; /* always SUDO_API_VERSION */
\& int (*open)(unsigned int version, sudo_conv_t conversation,
\& sudo_printf_t plugin_printf, char * const settings[],
-\& char * const user_info[], char * const user_env[]);
+\& char * const user_info[], char * const user_env[],
+\& char * const plugin_options[]);
\& void (*close)(int exit_status, int error);
\& int (*show_version)(int verbose);
\& int (*check_policy)(int argc, char * const argv[],
\& const char *list_user);
\& int (*validate)(void);
\& void (*invalidate)(int remove);
-\& int (*init_session)(struct passwd *pwd);
+\& int (*init_session)(struct passwd *pwd, char **user_env[]);
+\& void (*register_hooks)(int version,
+\& int (*register_hook)(struct sudo_hook *hook));
+\& void (*deregister_hooks)(int version,
+\& int (*deregister_hook)(struct sudo_hook *hook));
\& };
.Ve
.PP
built against.
.IP "open" 4
.IX Item "open"
-.Vb 3
+.Vb 4
\& int (*open)(unsigned int version, sudo_conv_t conversation,
\& sudo_printf_t plugin_printf, char * const settings[],
-\& char * const user_info[], char * const user_env[]);
+\& char * const user_info[], char * const user_env[],
+\& char * const plugin_options[]);
.Ve
.Sp
Returns 1 on success, 0 on failure, \-1 if a general error occurred,
equal sign ('=') since the \fIname\fR field will never include one
itself but the \fIvalue\fR might.
.RS 4
+.IP "pid=int" 4
+.IX Item "pid=int"
+The process \s-1ID\s0 of the running \fBsudo\fR process.
+Only available starting with \s-1API\s0 version 1.2
+.IP "ppid=int" 4
+.IX Item "ppid=int"
+The parent process \s-1ID\s0 of the running \fBsudo\fR process.
+Only available starting with \s-1API\s0 version 1.2
+.IP "sid=int" 4
+.IX Item "sid=int"
+The session \s-1ID\s0 of the running \fBsudo\fR process or 0 if \fBsudo\fR is
+not part of a \s-1POSIX\s0 job control session.
+Only available starting with \s-1API\s0 version 1.2
+.IP "pgid=int" 4
+.IX Item "pgid=int"
+The \s-1ID\s0 of the process group that the running \fBsudo\fR process belongs
+to.
+Only available starting with \s-1API\s0 version 1.2
+.IP "tcpgid=int" 4
+.IX Item "tcpgid=int"
+The \s-1ID\s0 of the forground process group associated with the terminal
+device associcated with the \fBsudo\fR process or \-1 if there is no
+terminal present.
+Only available starting with \s-1API\s0 version 1.2
.IP "user=string" 4
.IX Item "user=string"
The name of the user invoking \fBsudo\fR.
+.IP "euid=uid_t" 4
+.IX Item "euid=uid_t"
+The effective user \s-1ID\s0 of the user invoking \fBsudo\fR.
.IP "uid=uid_t" 4
.IX Item "uid=uid_t"
The real user \s-1ID\s0 of the user invoking \fBsudo\fR.
+.IP "egid=gid_t" 4
+.IX Item "egid=gid_t"
+The effective group \s-1ID\s0 of the user invoking \fBsudo\fR.
.IP "gid=gid_t" 4
.IX Item "gid=gid_t"
The real group \s-1ID\s0 of the user invoking \fBsudo\fR.
When parsing \fIuser_env\fR, the plugin should split on the \fBfirst\fR
equal sign ('=') since the \fIname\fR field will never include one
itself but the \fIvalue\fR might.
+.IP "plugin_options" 4
+.IX Item "plugin_options"
+Any (non-comment) strings immediately after the plugin path are
+treated as arguments to the plugin. These arguments are split on
+a white space boundary and are passed to the plugin in the form of
+a \f(CW\*(C`NULL\*(C'\fR\-terminated array of strings. If no arguments were
+specified, \fIplugin_options\fR will be the \s-1NULL\s0 pointer.
+.Sp
+\&\s-1NOTE:\s0 the \fIplugin_options\fR parameter is only available starting with
+\&\s-1API\s0 version 1.2. A plugin \fBmust\fR check the \s-1API\s0 version specified
+by the \fBsudo\fR front end before using \fIplugin_options\fR. Failure to
+do so may result in a crash.
.RE
.RS 4
.RE
.IP "init_session" 4
.IX Item "init_session"
.Vb 1
-\& int (*init_session)(struct passwd *pwd);
+\& int (*init_session)(struct passwd *pwd, char **user_envp[);
.Ve
.Sp
-The \f(CW\*(C`init_session\*(C'\fR function is called when \fBsudo\fR sets up the
-execution environment for the command, immediately before the
-contents of the \fIcommand_info\fR list are applied (before the uid
-changes). This can be used to do session setup that is not supported
-by \fIcommand_info\fR, such as opening the \s-1PAM\s0 session.
+The \f(CW\*(C`init_session\*(C'\fR function is called before \fBsudo\fR sets up the
+execution environment for the command. It is run in the parent
+\&\fBsudo\fR process and before any uid or gid changes. This can be used
+to perform session setup that is not supported by \fIcommand_info\fR,
+such as opening the \s-1PAM\s0 session. The \f(CW\*(C`close\*(C'\fR function can be
+used to tear down the session that was opened by \f(CW\*(C`init_session\*(C'\fR.
.Sp
The \fIpwd\fR argument points to a passwd struct for the user the
command will be run as if the uid the command will run as was found
in the password database, otherwise it will be \s-1NULL\s0.
.Sp
+The \fIuser_env\fR argument points to the environment the command will
+run in, in the form of a \f(CW\*(C`NULL\*(C'\fR\-terminated vector of \*(L"name=value\*(R"
+strings. This is the same string passed back to the front end via
+the Policy Plugin's \fIuser_env_out\fR parameter. If the \f(CW\*(C`init_session\*(C'\fR
+function needs to modify the user environment, it should update the
+pointer stored in \fIuser_env\fR. The expected use case is to merge
+the contents of the \s-1PAM\s0 environment (if any) with the contents of
+\&\fIuser_env\fR. \s-1NOTE:\s0 the \fIuser_env\fR parameter is only available
+starting with \s-1API\s0 version 1.2. A plugin \fBmust\fR check the \s-1API\s0
+version specified by the \fBsudo\fR front end before using \fIuser_env\fR.
+Failure to do so may result in a crash.
+.Sp
Returns 1 on success, 0 on failure and \-1 on error.
On error, the plugin may optionally call the conversation or plugin_printf
function with \f(CW\*(C`SUDO_CONF_ERROR_MSG\*(C'\fR to present additional
error information to the user.
+.IP "register_hooks" 4
+.IX Item "register_hooks"
+.Vb 2
+\& void (*register_hooks)(int version,
+\& int (*register_hook)(struct sudo_hook *hook));
+.Ve
+.Sp
+The \f(CW\*(C`register_hooks\*(C'\fR function is called by the sudo front end to
+register any hooks the plugin needs. If the plugin does not support
+hooks, \f(CW\*(C`register_hooks\*(C'\fR should be set to the \s-1NULL\s0 pointer.
+.Sp
+The \fIversion\fR argument describes the version of the hooks \s-1API\s0
+supported by the \fBsudo\fR front end.
+.Sp
+The \f(CW\*(C`register_hook\*(C'\fR function should be used to register any supported
+hooks the plugin needs. It returns 0 on success, 1 if the hook
+type is not supported and \-1 if the major version in \f(CW\*(C`struct hook\*(C'\fR
+does not match the front end's major hook \s-1API\s0 version.
+.Sp
+See the \*(L"Hook Function \s-1API\s0\*(R" section below for more information
+about hooks.
+.Sp
+\&\s-1NOTE:\s0 the \f(CW\*(C`register_hooks\*(C'\fR function is only available starting
+with \s-1API\s0 version 1.2. If the \fBsudo\fR front end doesn't support \s-1API\s0
+version 1.2 or higher, \f(CW\*(C`register_hooks\*(C'\fR will not be called.
+.IP "deregister_hooks" 4
+.IX Item "deregister_hooks"
+.Vb 2
+\& void (*deregister_hooks)(int version,
+\& int (*deregister_hook)(struct sudo_hook *hook));
+.Ve
+.Sp
+The \f(CW\*(C`deregister_hooks\*(C'\fR function is called by the sudo front end
+to deregister any hooks the plugin has registered. If the plugin
+does not support hooks, \f(CW\*(C`deregister_hooks\*(C'\fR should be set to the
+\&\s-1NULL\s0 pointer.
+.Sp
+The \fIversion\fR argument describes the version of the hooks \s-1API\s0
+supported by the \fBsudo\fR front end.
+.Sp
+The \f(CW\*(C`deregister_hook\*(C'\fR function should be used to deregister any
+hooks that were put in place by the \f(CW\*(C`register_hook\*(C'\fR function. If
+the plugin tries to deregister a hook that the front end does not
+support, \f(CW\*(C`deregister_hook\*(C'\fR will return an error.
+.Sp
+See the \*(L"Hook Function \s-1API\s0\*(R" section below for more information
+about hooks.
+.Sp
+\&\s-1NOTE:\s0 the \f(CW\*(C`deregister_hooks\*(C'\fR function is only available starting
+with \s-1API\s0 version 1.2. If the \fBsudo\fR front end doesn't support \s-1API\s0
+version 1.2 or higher, \f(CW\*(C`deregister_hooks\*(C'\fR will not be called.
.PP
-\fIVersion macros\fR
-.IX Subsection "Version macros"
+\fIPolicy Plugin Version Macros\fR
+.IX Subsection "Policy Plugin Version Macros"
.PP
-.Vb 8
+.Vb 6
+\& /* Plugin API version major/minor. */
+\& #define SUDO_API_VERSION_MAJOR 1
+\& #define SUDO_API_VERSION_MINOR 2
+\& #define SUDO_API_MKVERSION(x, y) ((x << 16) | y)
+\& #define SUDO_API_VERSION SUDO_API_MKVERSION(SUDO_API_VERSION_MAJOR,\e
+\& SUDO_API_VERSION_MINOR)
+\&
+\& /* Getters and setters for API version */
\& #define SUDO_API_VERSION_GET_MAJOR(v) ((v) >> 16)
\& #define SUDO_API_VERSION_GET_MINOR(v) ((v) & 0xffff)
\& #define SUDO_API_VERSION_SET_MAJOR(vp, n) do { \e
\& #define SUDO_VERSION_SET_MINOR(vp, n) do { \e
\& *(vp) = (*(vp) & 0xffff0000) | (n); \e
\& } while(0)
-\&
-\& #define SUDO_API_VERSION_MAJOR 1
-\& #define SUDO_API_VERSION_MINOR 0
-\& #define SUDO_API_VERSION ((SUDO_API_VERSION_MAJOR << 16) | \e
-\& SUDO_API_VERSION_MINOR)
.Ve
.SS "I/O Plugin \s-1API\s0"
.IX Subsection "I/O Plugin API"
\& int (*open)(unsigned int version, sudo_conv_t conversation
\& sudo_printf_t plugin_printf, char * const settings[],
\& char * const user_info[], int argc, char * const argv[],
-\& char * const user_env[]);
+\& char * const user_env[], char * const plugin_options[]);
\& void (*close)(int exit_status, int error); /* wait status or error */
\& int (*show_version)(int verbose);
\& int (*log_ttyin)(const char *buf, unsigned int len);
\& int (*log_stdin)(const char *buf, unsigned int len);
\& int (*log_stdout)(const char *buf, unsigned int len);
\& int (*log_stderr)(const char *buf, unsigned int len);
+\& void (*register_hooks)(int version,
+\& int (*register_hook)(struct sudo_hook *hook));
+\& void (*deregister_hooks)(int version,
+\& int (*deregister_hook)(struct sudo_hook *hook));
\& };
.Ve
.PP
\& int (*open)(unsigned int version, sudo_conv_t conversation
\& sudo_printf_t plugin_printf, char * const settings[],
\& char * const user_info[], int argc, char * const argv[],
-\& char * const user_env[]);
+\& char * const user_env[], char * const plugin_options[]);
.Ve
.Sp
The \fIopen\fR function is run before the \fIlog_input\fR, \fIlog_output\fR
When parsing \fIuser_env\fR, the plugin should split on the \fBfirst\fR
equal sign ('=') since the \fIname\fR field will never include one
itself but the \fIvalue\fR might.
+.IP "plugin_options" 4
+.IX Item "plugin_options"
+Any (non-comment) strings immediately after the plugin path are
+treated as arguments to the plugin. These arguments are split on
+a white space boundary and are passed to the plugin in the form of
+a \f(CW\*(C`NULL\*(C'\fR\-terminated array of strings. If no arguments were
+specified, \fIplugin_options\fR will be the \s-1NULL\s0 pointer.
+.Sp
+\&\s-1NOTE:\s0 the \fIplugin_options\fR parameter is only available starting with
+\&\s-1API\s0 version 1.2. A plugin \fBmust\fR check the \s-1API\s0 version specified
+by the \fBsudo\fR front end before using \fIplugin_options\fR. Failure to
+do so may result in a crash.
.RE
.RS 4
.RE
.RE
.RS 4
.RE
+.IP "register_hooks" 4
+.IX Item "register_hooks"
+See the \*(L"Policy Plugin \s-1API\s0\*(R" section for a description of
+\&\f(CW\*(C`register_hooks\*(C'\fR.
+.IP "deregister_hooks" 4
+.IX Item "deregister_hooks"
+See the \*(L"Policy Plugin \s-1API\s0\*(R" section for a description of
+\&\f(CW\*(C`deregister_hooks\*(C'\fR.
.PP
-\fIVersion macros\fR
-.IX Subsection "Version macros"
+\fII/O Plugin Version Macros\fR
+.IX Subsection "I/O Plugin Version Macros"
.PP
Same as for the \*(L"Policy Plugin \s-1API\s0\*(R".
+.SS "Hook Function \s-1API\s0"
+.IX Subsection "Hook Function API"
+Beginning with plugin \s-1API\s0 version 1.2, it is possible to install
+hooks for certain functions called by the \fBsudo\fR front end.
+.PP
+Currently, the only supported hooks relate to the handling of
+environment variables. Hooks can be used to intercept attempts to
+get, set, or remove environment variables so that these changes can
+be reflected in the version of the environment that is used to
+execute a command. A future version of the \s-1API\s0 will support
+hooking internal \fBsudo\fR front end functions as well.
+.PP
+\fIHook structure\fR
+.IX Subsection "Hook structure"
+.PP
+Hooks in \fBsudo\fR are described by the following structure:
+.PP
+.Vb 1
+\& typedef int (*sudo_hook_fn_t)();
+\&
+\& struct sudo_hook {
+\& int hook_version;
+\& int hook_type;
+\& sudo_hook_fn_t hook_fn;
+\& void *closure;
+\& };
+.Ve
+.PP
+The \f(CW\*(C`sudo_hook\*(C'\fR structure has the following fields:
+.IP "hook_version" 4
+.IX Item "hook_version"
+The \f(CW\*(C`hook_version\*(C'\fR field should be set to \s-1SUDO_HOOK_VERSION\s0.
+.IP "hook_type" 4
+.IX Item "hook_type"
+The \f(CW\*(C`hook_type\*(C'\fR field may be one of the following supported hook types:
+.RS 4
+.IP "\s-1SUDO_HOOK_SETENV\s0" 4
+.IX Item "SUDO_HOOK_SETENV"
+The C library \f(CW\*(C`setenv()\*(C'\fR function. Any registered hooks will run
+before the C library implementation. The \f(CW\*(C`hook_fn\*(C'\fR field should
+be a function that matches the following typedef:
+.Sp
+.Vb 2
+\& typedef int (*sudo_hook_fn_setenv_t)(const char *name,
+\& const char *value, int overwrite, void *closure);
+.Ve
+.Sp
+If the registered hook does not match the typedef the results are
+unspecified.
+.IP "\s-1SUDO_HOOK_UNSETENV\s0" 4
+.IX Item "SUDO_HOOK_UNSETENV"
+The C library \f(CW\*(C`unsetenv()\*(C'\fR function. Any registered hooks will run
+before the C library implementation. The \f(CW\*(C`hook_fn\*(C'\fR field should
+be a function that matches the following typedef:
+.Sp
+.Vb 2
+\& typedef int (*sudo_hook_fn_unsetenv_t)(const char *name,
+\& void *closure);
+.Ve
+.IP "\s-1SUDO_HOOK_GETENV\s0" 4
+.IX Item "SUDO_HOOK_GETENV"
+The C library \f(CW\*(C`getenv()\*(C'\fR function. Any registered hooks will run
+before the C library implementation. The \f(CW\*(C`hook_fn\*(C'\fR field should
+be a function that matches the following typedef:
+.Sp
+.Vb 2
+\& typedef int (*sudo_hook_fn_getenv_t)(const char *name,
+\& char **value, void *closure);
+.Ve
+.Sp
+If the registered hook does not match the typedef the results are
+unspecified.
+.IP "\s-1SUDO_HOOK_PUTENV\s0" 4
+.IX Item "SUDO_HOOK_PUTENV"
+The C library \f(CW\*(C`putenv()\*(C'\fR function. Any registered hooks will run
+before the C library implementation. The \f(CW\*(C`hook_fn\*(C'\fR field should
+be a function that matches the following typedef:
+.Sp
+.Vb 2
+\& typedef int (*sudo_hook_fn_putenv_t)(char *string,
+\& void *closure);
+.Ve
+.Sp
+If the registered hook does not match the typedef the results are
+unspecified.
+.RE
+.RS 4
+.RE
+.IP "hook_fn" 4
+.IX Item "hook_fn"
+.Vb 1
+\& sudo_hook_fn_t hook_fn;
+.Ve
+.Sp
+The \f(CW\*(C`hook_fn\*(C'\fR field should be set to the plugin's hook implementation.
+The actual function arguments will vary depending on the \f(CW\*(C`hook_type\*(C'\fR
+(see \f(CW\*(C`hook_type\*(C'\fR above). In all cases, the \f(CW\*(C`closure\*(C'\fR field of
+\&\f(CW\*(C`struct sudo_hook\*(C'\fR is passed as the last function parameter. This
+can be used to pass arbitrary data to the plugin's hook implementation.
+.Sp
+The function return value may be one of the following:
+.RS 4
+.IP "\s-1SUDO_HOOK_RET_ERROR\s0" 4
+.IX Item "SUDO_HOOK_RET_ERROR"
+The hook function encountered an error.
+.IP "\s-1SUDO_HOOK_RET_NEXT\s0" 4
+.IX Item "SUDO_HOOK_RET_NEXT"
+The hook completed without error, go on to the next hook (including
+the native implementation if applicable). For example, a \f(CW\*(C`getenv\*(C'\fR
+hook might return \f(CW\*(C`SUDO_HOOK_RET_NEXT\*(C'\fR if the specified variable
+was not found in the private copy of the environment.
+.IP "\s-1SUDO_HOOK_RET_STOP\s0" 4
+.IX Item "SUDO_HOOK_RET_STOP"
+The hook completed without error, stop processing hooks for this
+invocation. This can be used to replace the native implementation.
+For example, a \f(CW\*(C`setenv\*(C'\fR hook that operates on a private copy of
+the environment but leaves \f(CW\*(C`environ\*(C'\fR unchanged.
+.RE
+.RS 4
+.RE
+.PP
+Note that it is very easy to create an infinite loop when hooking
+C library functions. For example, a \f(CW\*(C`getenv\*(C'\fR hook that calls the
+\&\f(CW\*(C`snprintf\*(C'\fR function may create a loop if the \f(CW\*(C`snprintf\*(C'\fR implementation
+calls \f(CW\*(C`getenv\*(C'\fR to check the locale. To prevent this, you may wish
+to use a static variable in the hook function to guard against
+nested calls. E.g.
+.PP
+.Vb 7
+\& static int in_progress = 0; /* avoid recursion */
+\& if (in_progress)
+\& return SUDO_HOOK_RET_NEXT;
+\& in_progress = 1;
+\& ...
+\& in_progress = 0;
+\& return SUDO_HOOK_RET_STOP;
+.Ve
+.PP
+\fIHook \s-1API\s0 Version Macros\fR
+.IX Subsection "Hook API Version Macros"
+.PP
+.Vb 6
+\& /* Hook API version major/minor */
+\& #define SUDO_HOOK_VERSION_MAJOR 1
+\& #define SUDO_HOOK_VERSION_MINOR 0
+\& #define SUDO_HOOK_MKVERSION(x, y) ((x << 16) | y)
+\& #define SUDO_HOOK_VERSION SUDO_HOOK_MKVERSION(SUDO_HOOK_VERSION_MAJOR,\e
+\& SUDO_HOOK_VERSION_MINOR)
+\&
+\& /* Getters and setters for hook API version */
+\& #define SUDO_HOOK_VERSION_GET_MAJOR(v) ((v) >> 16)
+\& #define SUDO_HOOK_VERSION_GET_MINOR(v) ((v) & 0xffff)
+\& #define SUDO_HOOK_VERSION_SET_MAJOR(vp, n) do { \e
+\& *(vp) = (*(vp) & 0x0000ffff) | ((n) << 16); \e
+\& } while(0)
+\& #define SUDO_HOOK_VERSION_SET_MINOR(vp, n) do { \e
+\& *(vp) = (*(vp) & 0xffff0000) | (n); \e
+\& } while(0)
+.Ve
.SS "Conversation \s-1API\s0"
.IX Subsection "Conversation API"
If the plugin needs to interact with the user, it may do so via the
.RS 4
.RE
.PP
-\fIVersion Macros\fR
-.IX Subsection "Version Macros"
+\fIGroup \s-1API\s0 Version Macros\fR
+.IX Subsection "Group API Version Macros"
.PP
.Vb 5
\& /* Sudoers group plugin version major/minor */
\& *(vp) = (*(vp) & 0xffff0000) | (n); \e
\& } while(0)
.Ve
+.SH "PLUGIN API CHANGELOG"
+.IX Header "PLUGIN API CHANGELOG"
+The following revisions have been made to the Sudo Plugin \s-1API\s0.
+.IP "Version 1.0" 4
+.IX Item "Version 1.0"
+Initial \s-1API\s0 version.
+.IP "Version 1.1" 4
+.IX Item "Version 1.1"
+The I/O logging plugin's \f(CW\*(C`open\*(C'\fR function was modified to take the
+\&\f(CW\*(C`command_info\*(C'\fR list as an argument.
+.IP "Version 1.2" 4
+.IX Item "Version 1.2"
+The Policy and I/O logging plugins' \f(CW\*(C`open\*(C'\fR functions are now passed
+a list of plugin options if any are specified in \fI@sysconfdir@/sudo.conf\fR.
+.Sp
+A simple hooks \s-1API\s0 has been introduced to allow plugins to hook in to the
+system's environment handling functions.
+.Sp
+The \f(CW\*(C`init_session\*(C'\fR Policy plugin function is now passed a pointer
+to the user environment which can be updated as needed. This can
+be used to merge in environment variables stored in the \s-1PAM\s0 handle
+before a command is run.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fIsudoers\fR\|(@mansectform@), \fIsudo\fR\|(@mansectsu@)
or C<struct io_plugin> in the plugin shared object. The I<path>
may be fully qualified or relative. If not fully qualified it is
relative to the F<@prefix@/libexec> directory. Any additional
-parameters after the I<path> are ignored. Lines that don't begin
-with C<Plugin> or C<Path> are silently ignored.
+parameters after the I<path> are passed as options to the plugin's
+I<open> function. Lines that don't begin with C<Plugin>, C<Path>,
+C<Debug> or C<Set> are silently ignored.
The same shared object may contain multiple plugins, each with a
different symbol name. The shared object file must be owned by uid
# Default @sysconfdir@/sudo.conf file
#
# Format:
- # Plugin plugin_name plugin_path
+ # Plugin plugin_name plugin_path plugin_options ...
# Path askpass /path/to/askpass
+ # Path noexec /path/to/sudo_noexec.so
+ # Debug sudo /var/log/sudo_debug all@warn
+ # Set disable_coredump true
#
# The plugin_path is relative to @prefix@/libexec unless
# fully qualified.
# The plugin_name corresponds to a global symbol in the plugin
# that contains the plugin interface structure.
+ # The plugin_options are optional.
#
Plugin sudoers_policy sudoers.so
Plugin sudoers_io sudoers.so
unsigned int type; /* always SUDO_POLICY_PLUGIN */
unsigned int version; /* always SUDO_API_VERSION */
int (*open)(unsigned int version, sudo_conv_t conversation,
- sudo_printf_t plugin_printf, char * const settings[],
- char * const user_info[], char * const user_env[]);
+ sudo_printf_t plugin_printf, char * const settings[],
+ char * const user_info[], char * const user_env[],
+ char * const plugin_options[]);
void (*close)(int exit_status, int error);
int (*show_version)(int verbose);
int (*check_policy)(int argc, char * const argv[],
const char *list_user);
int (*validate)(void);
void (*invalidate)(int remove);
- int (*init_session)(struct passwd *pwd);
+ int (*init_session)(struct passwd *pwd, char **user_env[]);
+ void (*register_hooks)(int version,
+ int (*register_hook)(struct sudo_hook *hook));
+ void (*deregister_hooks)(int version,
+ int (*deregister_hook)(struct sudo_hook *hook));
};
The policy_plugin struct has the following fields:
int (*open)(unsigned int version, sudo_conv_t conversation,
sudo_printf_t plugin_printf, char * const settings[],
- char * const user_info[], char * const user_env[]);
+ char * const user_info[], char * const user_env[],
+ char * const plugin_options[]);
Returns 1 on success, 0 on failure, -1 if a general error occurred,
or -2 if there was a usage error. In the latter case, B<sudo> will
=over 4
+=item pid=int
+
+The process ID of the running B<sudo> process.
+Only available starting with API version 1.2
+
+=item ppid=int
+
+The parent process ID of the running B<sudo> process.
+Only available starting with API version 1.2
+
+=item sid=int
+
+The session ID of the running B<sudo> process or 0 if B<sudo> is
+not part of a POSIX job control session.
+Only available starting with API version 1.2
+
+=item pgid=int
+
+The ID of the process group that the running B<sudo> process belongs
+to.
+Only available starting with API version 1.2
+
+=item tcpgid=int
+
+The ID of the forground process group associated with the terminal
+device associcated with the B<sudo> process or -1 if there is no
+terminal present.
+Only available starting with API version 1.2
+
=item user=string
The name of the user invoking B<sudo>.
+=item euid=uid_t
+
+The effective user ID of the user invoking B<sudo>.
+
=item uid=uid_t
The real user ID of the user invoking B<sudo>.
+=item egid=gid_t
+
+The effective group ID of the user invoking B<sudo>.
+
=item gid=gid_t
The real group ID of the user invoking B<sudo>.
equal sign ('=') since the I<name> field will never include one
itself but the I<value> might.
+=item plugin_options
+
+Any (non-comment) strings immediately after the plugin path are
+treated as arguments to the plugin. These arguments are split on
+a white space boundary and are passed to the plugin in the form of
+a C<NULL>-terminated array of strings. If no arguments were
+specified, I<plugin_options> will be the NULL pointer.
+
+NOTE: the I<plugin_options> parameter is only available starting with
+API version 1.2. A plugin B<must> check the API version specified
+by the B<sudo> front end before using I<plugin_options>. Failure to
+do so may result in a crash.
+
=back
=item close
=item init_session
- int (*init_session)(struct passwd *pwd);
+ int (*init_session)(struct passwd *pwd, char **user_envp[);
-The C<init_session> function is called when B<sudo> sets up the
-execution environment for the command, immediately before the
-contents of the I<command_info> list are applied (before the uid
-changes). This can be used to do session setup that is not supported
-by I<command_info>, such as opening the PAM session.
+The C<init_session> function is called before B<sudo> sets up the
+execution environment for the command. It is run in the parent
+B<sudo> process and before any uid or gid changes. This can be used
+to perform session setup that is not supported by I<command_info>,
+such as opening the PAM session. The C<close> function can be
+used to tear down the session that was opened by C<init_session>.
The I<pwd> argument points to a passwd struct for the user the
command will be run as if the uid the command will run as was found
in the password database, otherwise it will be NULL.
+The I<user_env> argument points to the environment the command will
+run in, in the form of a C<NULL>-terminated vector of "name=value"
+strings. This is the same string passed back to the front end via
+the Policy Plugin's I<user_env_out> parameter. If the C<init_session>
+function needs to modify the user environment, it should update the
+pointer stored in I<user_env>. The expected use case is to merge
+the contents of the PAM environment (if any) with the contents of
+I<user_env>. NOTE: the I<user_env> parameter is only available
+starting with API version 1.2. A plugin B<must> check the API
+version specified by the B<sudo> front end before using I<user_env>.
+Failure to do so may result in a crash.
+
Returns 1 on success, 0 on failure and -1 on error.
On error, the plugin may optionally call the conversation or plugin_printf
function with C<SUDO_CONF_ERROR_MSG> to present additional
error information to the user.
+=item register_hooks
+
+ void (*register_hooks)(int version,
+ int (*register_hook)(struct sudo_hook *hook));
+
+The C<register_hooks> function is called by the sudo front end to
+register any hooks the plugin needs. If the plugin does not support
+hooks, C<register_hooks> should be set to the NULL pointer.
+
+The I<version> argument describes the version of the hooks API
+supported by the B<sudo> front end.
+
+The C<register_hook> function should be used to register any supported
+hooks the plugin needs. It returns 0 on success, 1 if the hook
+type is not supported and -1 if the major version in C<struct hook>
+does not match the front end's major hook API version.
+
+See the L<Hook Function API> section below for more information
+about hooks.
+
+NOTE: the C<register_hooks> function is only available starting
+with API version 1.2. If the B<sudo> front end doesn't support API
+version 1.2 or higher, C<register_hooks> will not be called.
+
+=item deregister_hooks
+
+ void (*deregister_hooks)(int version,
+ int (*deregister_hook)(struct sudo_hook *hook));
+
+The C<deregister_hooks> function is called by the sudo front end
+to deregister any hooks the plugin has registered. If the plugin
+does not support hooks, C<deregister_hooks> should be set to the
+NULL pointer.
+
+The I<version> argument describes the version of the hooks API
+supported by the B<sudo> front end.
+
+The C<deregister_hook> function should be used to deregister any
+hooks that were put in place by the C<register_hook> function. If
+the plugin tries to deregister a hook that the front end does not
+support, C<deregister_hook> will return an error.
+
+See the L<Hook Function API> section below for more information
+about hooks.
+
+NOTE: the C<deregister_hooks> function is only available starting
+with API version 1.2. If the B<sudo> front end doesn't support API
+version 1.2 or higher, C<deregister_hooks> will not be called.
+
=back
-=head3 Version macros
+=head3 Policy Plugin Version Macros
+ /* Plugin API version major/minor. */
+ #define SUDO_API_VERSION_MAJOR 1
+ #define SUDO_API_VERSION_MINOR 2
+ #define SUDO_API_MKVERSION(x, y) ((x << 16) | y)
+ #define SUDO_API_VERSION SUDO_API_MKVERSION(SUDO_API_VERSION_MAJOR,\
+ SUDO_API_VERSION_MINOR)
+
+ /* Getters and setters for API version */
#define SUDO_API_VERSION_GET_MAJOR(v) ((v) >> 16)
#define SUDO_API_VERSION_GET_MINOR(v) ((v) & 0xffff)
#define SUDO_API_VERSION_SET_MAJOR(vp, n) do { \
*(vp) = (*(vp) & 0xffff0000) | (n); \
} while(0)
- #define SUDO_API_VERSION_MAJOR 1
- #define SUDO_API_VERSION_MINOR 0
- #define SUDO_API_VERSION ((SUDO_API_VERSION_MAJOR << 16) | \
- SUDO_API_VERSION_MINOR)
-
=head2 I/O Plugin API
struct io_plugin {
int (*open)(unsigned int version, sudo_conv_t conversation
sudo_printf_t plugin_printf, char * const settings[],
char * const user_info[], int argc, char * const argv[],
- char * const user_env[]);
+ char * const user_env[], char * const plugin_options[]);
void (*close)(int exit_status, int error); /* wait status or error */
int (*show_version)(int verbose);
int (*log_ttyin)(const char *buf, unsigned int len);
int (*log_stdin)(const char *buf, unsigned int len);
int (*log_stdout)(const char *buf, unsigned int len);
int (*log_stderr)(const char *buf, unsigned int len);
+ void (*register_hooks)(int version,
+ int (*register_hook)(struct sudo_hook *hook));
+ void (*deregister_hooks)(int version,
+ int (*deregister_hook)(struct sudo_hook *hook));
};
When an I/O plugin is loaded, B<sudo> runs the command in a pseudo-tty.
int (*open)(unsigned int version, sudo_conv_t conversation
sudo_printf_t plugin_printf, char * const settings[],
char * const user_info[], int argc, char * const argv[],
- char * const user_env[]);
+ char * const user_env[], char * const plugin_options[]);
The I<open> function is run before the I<log_input>, I<log_output>
or I<show_version> functions are called. It is only called if the
equal sign ('=') since the I<name> field will never include one
itself but the I<value> might.
+=item plugin_options
+
+Any (non-comment) strings immediately after the plugin path are
+treated as arguments to the plugin. These arguments are split on
+a white space boundary and are passed to the plugin in the form of
+a C<NULL>-terminated array of strings. If no arguments were
+specified, I<plugin_options> will be the NULL pointer.
+
+NOTE: the I<plugin_options> parameter is only available starting with
+API version 1.2. A plugin B<must> check the API version specified
+by the B<sudo> front end before using I<plugin_options>. Failure to
+do so may result in a crash.
+
=back
=item close
=back
+=item register_hooks
+
+See the L<Policy Plugin API> section for a description of
+C<register_hooks>.
+
+=item deregister_hooks
+
+See the L<Policy Plugin API> section for a description of
+C<deregister_hooks>.
+
=back
-=head3 Version macros
+=head3 I/O Plugin Version Macros
Same as for the L<Policy Plugin API>.
+=head2 Hook Function API
+
+Beginning with plugin API version 1.2, it is possible to install
+hooks for certain functions called by the B<sudo> front end.
+
+Currently, the only supported hooks relate to the handling of
+environment variables. Hooks can be used to intercept attempts to
+get, set, or remove environment variables so that these changes can
+be reflected in the version of the environment that is used to
+execute a command. A future version of the API will support
+hooking internal B<sudo> front end functions as well.
+
+=head3 Hook structure
+
+Hooks in B<sudo> are described by the following structure:
+
+ typedef int (*sudo_hook_fn_t)();
+
+ struct sudo_hook {
+ int hook_version;
+ int hook_type;
+ sudo_hook_fn_t hook_fn;
+ void *closure;
+ };
+
+The C<sudo_hook> structure has the following fields:
+
+=over 4
+
+=item hook_version
+
+The C<hook_version> field should be set to SUDO_HOOK_VERSION.
+
+=item hook_type
+
+The C<hook_type> field may be one of the following supported hook types:
+
+=over 4
+
+=item SUDO_HOOK_SETENV
+
+The C library C<setenv()> function. Any registered hooks will run
+before the C library implementation. The C<hook_fn> field should
+be a function that matches the following typedef:
+
+ typedef int (*sudo_hook_fn_setenv_t)(const char *name,
+ const char *value, int overwrite, void *closure);
+
+If the registered hook does not match the typedef the results are
+unspecified.
+
+=item SUDO_HOOK_UNSETENV
+
+The C library C<unsetenv()> function. Any registered hooks will run
+before the C library implementation. The C<hook_fn> field should
+be a function that matches the following typedef:
+
+ typedef int (*sudo_hook_fn_unsetenv_t)(const char *name,
+ void *closure);
+
+=item SUDO_HOOK_GETENV
+
+The C library C<getenv()> function. Any registered hooks will run
+before the C library implementation. The C<hook_fn> field should
+be a function that matches the following typedef:
+
+ typedef int (*sudo_hook_fn_getenv_t)(const char *name,
+ char **value, void *closure);
+
+If the registered hook does not match the typedef the results are
+unspecified.
+
+=item SUDO_HOOK_PUTENV
+
+The C library C<putenv()> function. Any registered hooks will run
+before the C library implementation. The C<hook_fn> field should
+be a function that matches the following typedef:
+
+ typedef int (*sudo_hook_fn_putenv_t)(char *string,
+ void *closure);
+
+If the registered hook does not match the typedef the results are
+unspecified.
+
+=back
+
+=item hook_fn
+
+ sudo_hook_fn_t hook_fn;
+
+The C<hook_fn> field should be set to the plugin's hook implementation.
+The actual function arguments will vary depending on the C<hook_type>
+(see C<hook_type> above). In all cases, the C<closure> field of
+C<struct sudo_hook> is passed as the last function parameter. This
+can be used to pass arbitrary data to the plugin's hook implementation.
+
+The function return value may be one of the following:
+
+=over 4
+
+=item SUDO_HOOK_RET_ERROR
+
+The hook function encountered an error.
+
+=item SUDO_HOOK_RET_NEXT
+
+The hook completed without error, go on to the next hook (including
+the native implementation if applicable). For example, a C<getenv>
+hook might return C<SUDO_HOOK_RET_NEXT> if the specified variable
+was not found in the private copy of the environment.
+
+=item SUDO_HOOK_RET_STOP
+
+The hook completed without error, stop processing hooks for this
+invocation. This can be used to replace the native implementation.
+For example, a C<setenv> hook that operates on a private copy of
+the environment but leaves C<environ> unchanged.
+
+=back
+
+=back
+
+Note that it is very easy to create an infinite loop when hooking
+C library functions. For example, a C<getenv> hook that calls the
+C<snprintf> function may create a loop if the C<snprintf> implementation
+calls C<getenv> to check the locale. To prevent this, you may wish
+to use a static variable in the hook function to guard against
+nested calls. E.g.
+
+ static int in_progress = 0; /* avoid recursion */
+ if (in_progress)
+ return SUDO_HOOK_RET_NEXT;
+ in_progress = 1;
+ ...
+ in_progress = 0;
+ return SUDO_HOOK_RET_STOP;
+
+=head3 Hook API Version Macros
+
+ /* Hook API version major/minor */
+ #define SUDO_HOOK_VERSION_MAJOR 1
+ #define SUDO_HOOK_VERSION_MINOR 0
+ #define SUDO_HOOK_MKVERSION(x, y) ((x << 16) | y)
+ #define SUDO_HOOK_VERSION SUDO_HOOK_MKVERSION(SUDO_HOOK_VERSION_MAJOR,\
+ SUDO_HOOK_VERSION_MINOR)
+
+ /* Getters and setters for hook API version */
+ #define SUDO_HOOK_VERSION_GET_MAJOR(v) ((v) >> 16)
+ #define SUDO_HOOK_VERSION_GET_MINOR(v) ((v) & 0xffff)
+ #define SUDO_HOOK_VERSION_SET_MAJOR(vp, n) do { \
+ *(vp) = (*(vp) & 0x0000ffff) | ((n) << 16); \
+ } while(0)
+ #define SUDO_HOOK_VERSION_SET_MINOR(vp, n) do { \
+ *(vp) = (*(vp) & 0xffff0000) | (n); \
+ } while(0)
+
=head2 Conversation API
If the plugin needs to interact with the user, it may do so via the
=back
-=head3 Version Macros
+=head3 Group API Version Macros
/* Sudoers group plugin version major/minor */
#define GROUP_API_VERSION_MAJOR 1
*(vp) = (*(vp) & 0xffff0000) | (n); \
} while(0)
+=head1 PLUGIN API CHANGELOG
+
+The following revisions have been made to the Sudo Plugin API.
+
+=over 4
+
+=item Version 1.0
+
+Initial API version.
+
+=item Version 1.1
+
+The I/O logging plugin's C<open> function was modified to take the
+C<command_info> list as an argument.
+
+=item Version 1.2
+
+The Policy and I/O logging plugins' C<open> functions are now passed
+a list of plugin options if any are specified in F<@sysconfdir@/sudo.conf>.
+
+A simple hooks API has been introduced to allow plugins to hook in to the
+system's environment handling functions.
+
+The C<init_session> Policy plugin function is now passed a pointer
+to the user environment which can be updated as needed. This can
+be used to merge in environment variables stored in the PAM handle
+before a command is run.
+
+=back
+
+
=head1 SEE ALSO
L<sudoers(5)>, L<sudo(8)>
distinct ways _\bs_\bu_\bd_\bo_\be_\br_\bs can deal with environment variables.
By default, the _\be_\bn_\bv_\b__\br_\be_\bs_\be_\bt option is enabled. This causes commands to
- be executed with a minimal environment containing the TERM, PATH, HOME,
- MAIL, SHELL, LOGNAME, USER, USERNAME and SUDO_* variables in addition
- to variables from the invoking process permitted by the _\be_\bn_\bv_\b__\bc_\bh_\be_\bc_\bk and
- _\be_\bn_\bv_\b__\bk_\be_\be_\bp options. This is effectively a whitelist for environment
- variables.
+ be executed with a new, minimal environment. On AIX (and Linux systems
+ without PAM), the environment is initialized with the contents of the
+ _\b/_\be_\bt_\bc_\b/_\be_\bn_\bv_\bi_\br_\bo_\bn_\bm_\be_\bn_\bt file. On BSD systems, if the _\bu_\bs_\be_\b__\bl_\bo_\bg_\bi_\bn_\bc_\bl_\ba_\bs_\bs option is
+ enabled, the environment is initialized based on the _\bp_\ba_\bt_\bh and _\bs_\be_\bt_\be_\bn_\bv
+ settings in _\b/_\be_\bt_\bc_\b/_\bl_\bo_\bg_\bi_\bn_\b._\bc_\bo_\bn_\bf. The new environment contains the TERM,
+ PATH, HOME, MAIL, SHELL, LOGNAME, USER, USERNAME and SUDO_* variables
+ in addition to variables from the invoking process permitted by the
+ _\be_\bn_\bv_\b__\bc_\bh_\be_\bc_\bk and _\be_\bn_\bv_\b__\bk_\be_\be_\bp options. This is effectively a whitelist for
+ environment variables.
If, however, the _\be_\bn_\bv_\b__\br_\be_\bs_\be_\bt option is disabled, any variables not
explicitly denied by the _\be_\bn_\bv_\b__\bc_\bh_\be_\bc_\bk and _\be_\bn_\bv_\b__\bd_\be_\bl_\be_\bt_\be options are inherited
_\bs_\bu_\bd_\bo_\be_\br_\bs will initialize the environment regardless of the value of
_\be_\bn_\bv_\b__\br_\be_\bs_\be_\bt. The _\bD_\bI_\bS_\bP_\bL_\bA_\bY, _\bP_\bA_\bT_\bH and _\bT_\bE_\bR_\bM variables remain unchanged;
_\bH_\bO_\bM_\bE, _\bM_\bA_\bI_\bL, _\bS_\bH_\bE_\bL_\bL, _\bU_\bS_\bE_\bR, and _\bL_\bO_\bG_\bN_\bA_\bM_\bE are set based on the target user.
- On Linux and AIX systems the contents of _\b/_\be_\bt_\bc_\b/_\be_\bn_\bv_\bi_\br_\bo_\bn_\bm_\be_\bn_\bt are also
- included. All other environment variables are removed.
+ On AIX (and Linux systems without PAM), the contents of
+ _\b/_\be_\bt_\bc_\b/_\be_\bn_\bv_\bi_\br_\bo_\bn_\bm_\be_\bn_\bt are also included. On BSD systems, if the
+ _\bu_\bs_\be_\b__\bl_\bo_\bg_\bi_\bn_\bc_\bl_\ba_\bs_\bs option is enabled, the _\bp_\ba_\bt_\bh and _\bs_\be_\bt_\be_\bn_\bv variables in
+ _\b/_\be_\bt_\bc_\b/_\bl_\bo_\bg_\bi_\bn_\b._\bc_\bo_\bn_\bf are also applied. All other environment variables are
+ removed.
- Lastly, if the _\be_\bn_\bv_\b__\bf_\bi_\bl_\be option is defined, any variables present in
- that file will be set to their specified values.
+ Finally, if the _\be_\bn_\bv_\b__\bf_\bi_\bl_\be option is defined, any variables present in
+ that file will be set to their specified values as long as they would
+ not conflict with an existing environment variable.
S\bSU\bUD\bDO\bOE\bER\bRS\bS F\bFI\bIL\bLE\bE F\bFO\bOR\bRM\bMA\bAT\bT
The _\bs_\bu_\bd_\bo_\be_\br_\bs file is composed of two types of entries: aliases
below). For instance, the QAS AD plugin supports the following
formats:
- +\bo Group in the same domain: "Group Name"
+ o Group in the same domain: "Group Name"
- +\bo Group in any domain: "Group Name@FULLY.QUALIFIED.DOMAIN"
+ o Group in any domain: "Group Name@FULLY.QUALIFIED.DOMAIN"
- +\bo Group SID: "S-1-2-34-5678901234-5678901234-5678901234-567"
+ o Group SID: "S-1-2-34-5678901234-5678901234-5678901234-567"
Note that quotes around group names are optional. Unquoted strings
must use a backslash (\) to escape spaces and special characters. See
aaron shanty = NOEXEC: /usr/bin/more, /usr/bin/vi
- See the "PREVENTING SHELL ESCAPES" section below for more details on
+ See the "Preventing Shell Escapes" section below for more details on
how NOEXEC works and whether or not it will work on your system.
_\bS_\bE_\bT_\bE_\bN_\bV _\ba_\bn_\bd _\bN_\bO_\bS_\bE_\bT_\bE_\bN_\bV
noexec If set, all commands run via s\bsu\bud\bdo\bo will behave as if the
NOEXEC tag has been set, unless overridden by a EXEC
tag. See the description of _\bN_\bO_\bE_\bX_\bE_\bC _\ba_\bn_\bd _\bE_\bX_\bE_\bC below as
- well as the "PREVENTING SHELL ESCAPES" section at the
+ well as the "Preventing Shell Escapes" section at the
end of this manual. This flag is _\bo_\bf_\bf by default.
path_info Normally, s\bsu\bud\bdo\bo will tell the user when a command could
variables to keep is displayed when s\bsu\bud\bdo\bo is run by root
with the _\b-_\bV option.
+S\bSU\bUD\bDO\bO.\b.C\bCO\bON\bNF\bF
+ The _\b/_\be_\bt_\bc_\b/_\bs_\bu_\bd_\bo_\b._\bc_\bo_\bn_\bf file determines which plugins the s\bsu\bud\bdo\bo front end
+ will load. If no _\b/_\be_\bt_\bc_\b/_\bs_\bu_\bd_\bo_\b._\bc_\bo_\bn_\bf file is present, or it contains no
+ Plugin lines, s\bsu\bud\bdo\bo will use the _\bs_\bu_\bd_\bo_\be_\br_\bs security policy and I/O
+ logging, which corresponds to the following _\b/_\be_\bt_\bc_\b/_\bs_\bu_\bd_\bo_\b._\bc_\bo_\bn_\bf file.
+
+ #
+ # Default /etc/sudo.conf file
+ #
+ # Format:
+ # Plugin plugin_name plugin_path plugin_options ...
+ # Path askpass /path/to/askpass
+ # Path noexec /path/to/sudo_noexec.so
+ # Debug sudo /var/log/sudo_debug all@warn
+ # Set disable_coredump true
+ #
+ # The plugin_path is relative to /usr/local/libexec unless
+ # fully qualified.
+ # The plugin_name corresponds to a global symbol in the plugin
+ # that contains the plugin interface structure.
+ # The plugin_options are optional.
+ #
+ Plugin policy_plugin sudoers.so
+ Plugin io_plugin sudoers.so
+
+ P\bPL\bLU\bUG\bGI\bIN\bN O\bOP\bPT\bTI\bIO\bON\bNS\bS
+ Starting with s\bsu\bud\bdo\bo 1.8.5 it is possible to pass options to the _\bs_\bu_\bd_\bo_\be_\br_\bs
+ plugin. Options may be listed after the path to the plugin (i.e. after
+ _\bs_\bu_\bd_\bo_\be_\br_\bs_\b._\bs_\bo); multiple options should be space-separated. For example:
+
+ Plugin sudoers_policy sudoers.so sudoers_file=/etc/sudoers sudoers_uid=0 sudoers_gid=0 sudoers_mode=0440
+
+ The following plugin options are supported:
+
+ sudoers_file=pathname
+ The _\bs_\bu_\bd_\bo_\be_\br_\bs_\b__\bf_\bi_\bl_\be option can be used to override the default
+ path to the _\bs_\bu_\bd_\bo_\be_\br_\bs file.
+
+ sudoers_uid=uid
+ The _\bs_\bu_\bd_\bo_\be_\br_\bs_\b__\bu_\bi_\bd option can be used to override the default
+ owner of the sudoers file. It should be specified as a
+ numeric user ID.
+
+ sudoers_gid=gid
+ The _\bs_\bu_\bd_\bo_\be_\br_\bs_\b__\bg_\bi_\bd option can be used to override the default
+ group of the sudoers file. It should be specified as a
+ numeric group ID.
+
+ sudoers_mode=mode
+ The _\bs_\bu_\bd_\bo_\be_\br_\bs_\b__\bm_\bo_\bd_\be option can be used to override the default
+ file mode for the sudoers file. It should be specified as an
+ octal value.
+
+ D\bDE\bEB\bBU\bUG\bG F\bFL\bLA\bAG\bGS\bS
+ Versions 1.8.4 and higher of the _\bs_\bu_\bd_\bo_\be_\br_\bs plugin supports a debugging
+ framework that can help track down what the plugin is doing internally
+ if there is a problem. This can be configured in the _\b/_\be_\bt_\bc_\b/_\bs_\bu_\bd_\bo_\b._\bc_\bo_\bn_\bf
+ file as described in _\bs_\bu_\bd_\bo(1m).
+
+ The _\bs_\bu_\bd_\bo_\be_\br_\bs plugin uses the same debug flag format as s\bsu\bud\bdo\bo itself:
+ _\bs_\bu_\bb_\bs_\by_\bs_\bt_\be_\bm@_\bp_\br_\bi_\bo_\br_\bi_\bt_\by.
+
+ The priorities used by _\bs_\bu_\bd_\bo_\be_\br_\bs, in order of decreasing severity, are:
+ _\bc_\br_\bi_\bt, _\be_\br_\br, _\bw_\ba_\br_\bn, _\bn_\bo_\bt_\bi_\bc_\be, _\bd_\bi_\ba_\bg, _\bi_\bn_\bf_\bo, _\bt_\br_\ba_\bc_\be and _\bd_\be_\bb_\bu_\bg. Each priority,
+ when specified, also includes all priorities higher than it. For
+ example, a priority of _\bn_\bo_\bt_\bi_\bc_\be would include debug messages logged at
+ _\bn_\bo_\bt_\bi_\bc_\be and higher.
+
+ The following subsystems are used by _\bs_\bu_\bd_\bo_\be_\br_\bs:
+
+ _\ba_\bl_\bi_\ba_\bs User_Alias, Runas_Alias, Host_Alias and Cmnd_Alias processing
+
+ _\ba_\bl_\bl matches every subsystem
+
+ _\ba_\bu_\bd_\bi_\bt BSM and Linux audit code
+
+ _\ba_\bu_\bt_\bh user authentication
+
+ _\bd_\be_\bf_\ba_\bu_\bl_\bt_\bs _\bs_\bu_\bd_\bo_\be_\br_\bs _\bD_\be_\bf_\ba_\bu_\bl_\bt_\bs settings
+
+ _\be_\bn_\bv environment handling
+
+ _\bl_\bd_\ba_\bp LDAP-based sudoers
+
+ _\bl_\bo_\bg_\bg_\bi_\bn_\bg logging support
+
+ _\bm_\ba_\bt_\bc_\bh matching of users, groups, hosts and netgroups in _\bs_\bu_\bd_\bo_\be_\br_\bs
+
+ _\bn_\be_\bt_\bi_\bf network interface handling
+
+ _\bn_\bs_\bs network service switch handling in _\bs_\bu_\bd_\bo_\be_\br_\bs
+
+ _\bp_\ba_\br_\bs_\be_\br _\bs_\bu_\bd_\bo_\be_\br_\bs file parsing
+
+ _\bp_\be_\br_\bm_\bs permission setting
+
+ _\bp_\bl_\bu_\bg_\bi_\bn The equivalent of _\bm_\ba_\bi_\bn for the plugin.
+
+ _\bp_\bt_\by pseudo-tty related code
+
+ _\br_\bb_\bt_\br_\be_\be redblack tree internals
+
+ _\bu_\bt_\bi_\bl utility functions
+
F\bFI\bIL\bLE\bES\bS
+ _\b/_\be_\bt_\bc_\b/_\bs_\bu_\bd_\bo_\b._\bc_\bo_\bn_\bf Sudo front end configuration
+
_\b/_\be_\bt_\bc_\b/_\bs_\bu_\bd_\bo_\be_\br_\bs List of who can run what
_\b/_\be_\bt_\bc_\b/_\bg_\br_\bo_\bu_\bp Local groups file
_\b/_\bv_\ba_\br_\b/_\ba_\bd_\bm_\b/_\bs_\bu_\bd_\bo Directory containing time stamps for the
_\bs_\bu_\bd_\bo_\be_\br_\bs security policy
- _\b/_\be_\bt_\bc_\b/_\be_\bn_\bv_\bi_\br_\bo_\bn_\bm_\be_\bn_\bt Initial environment for -\b-i\bi mode on Linux and
- AIX
+ _\b/_\be_\bt_\bc_\b/_\be_\bn_\bv_\bi_\br_\bo_\bn_\bm_\be_\bn_\bt Initial environment for -\b-i\bi mode on AIX and
+ Linux systems
E\bEX\bXA\bAM\bMP\bPL\bLE\bES\bS
Below are example _\bs_\bu_\bd_\bo_\be_\br_\bs entries. Admittedly, some of these are a bit
encapsulating in a shell script.
S\bSE\bEC\bCU\bUR\bRI\bIT\bTY\bY N\bNO\bOT\bTE\bES\bS
+ L\bLi\bim\bmi\bit\bta\bat\bti\bio\bon\bns\bs o\bof\bf t\bth\bhe\be '\b'!\b!'\b' o\bop\bpe\ber\bra\bat\bto\bor\br
It is generally not effective to "subtract" commands from ALL using the
'!' operator. A user can trivially circumvent this by copying the
desired command to a different name and then executing that. For
kind of restrictions should be considered advisory at best (and
reinforced by policy).
- Furthermore, if the _\bf_\ba_\bs_\bt_\b__\bg_\bl_\bo_\bb option is in use, it is not possible to
- reliably negate commands where the path name includes globbing (aka
- wildcard) characters. This is because the C library's _\bf_\bn_\bm_\ba_\bt_\bc_\bh(3)
- function cannot resolve relative paths. While this is typically only
- an inconvenience for rules that grant privileges, it can result in a
- security issue for rules that subtract or revoke privileges.
+ In general, if a user has sudo ALL there is nothing to prevent them
+ from creating their own program that gives them a root shell (or making
+ their own copy of a shell) regardless of any '!' elements in the user
+ specification.
+
+ S\bSe\bec\bcu\bur\bri\bit\bty\by i\bim\bmp\bpl\bli\bic\bca\bat\bti\bio\bon\bns\bs o\bof\bf _\bf_\ba_\bs_\bt_\b__\bg_\bl_\bo_\bb
+ If the _\bf_\ba_\bs_\bt_\b__\bg_\bl_\bo_\bb option is in use, it is not possible to reliably
+ negate commands where the path name includes globbing (aka wildcard)
+ characters. This is because the C library's _\bf_\bn_\bm_\ba_\bt_\bc_\bh(3) function cannot
+ resolve relative paths. While this is typically only an inconvenience
+ for rules that grant privileges, it can result in a security issue for
+ rules that subtract or revoke privileges.
For example, given the following _\bs_\bu_\bd_\bo_\be_\br_\bs entry:
User j\bjo\boh\bhn\bn can still run /usr/bin/passwd root if _\bf_\ba_\bs_\bt_\b__\bg_\bl_\bo_\bb is enabled by
changing to _\b/_\bu_\bs_\br_\b/_\bb_\bi_\bn and running ./passwd root instead.
-P\bPR\bRE\bEV\bVE\bEN\bNT\bTI\bIN\bNG\bG S\bSH\bHE\bEL\bLL\bL E\bES\bSC\bCA\bAP\bPE\bES\bS
+ P\bPr\bre\bev\bve\ben\bnt\bti\bin\bng\bg S\bSh\bhe\bel\bll\bl E\bEs\bsc\bca\bap\bpe\bes\bs
Once s\bsu\bud\bdo\bo executes a program, that program is free to do whatever it
pleases, including run other programs. This can be a security issue
since it is not uncommon for a program to allow shell escapes, which
privilege escalation. In the specific case of an editor, a safer
approach is to give the user permission to run s\bsu\bud\bdo\boe\bed\bdi\bit\bt.
-D\bDE\bEB\bBU\bUG\bG F\bFL\bLA\bAG\bGS\bS
- Versions 1.8.4 and higher of the _\bs_\bu_\bd_\bo_\be_\br_\bs plugin supports a debugging
- framework that can help track down what the plugin is doing internally
- if there is a problem. This can be configured in the _\b/_\be_\bt_\bc_\b/_\bs_\bu_\bd_\bo_\b._\bc_\bo_\bn_\bf
- file as described in _\bs_\bu_\bd_\bo(1m).
-
- The _\bs_\bu_\bd_\bo_\be_\br_\bs plugin uses the same debug flag format as s\bsu\bud\bdo\bo itself:
- _\bs_\bu_\bb_\bs_\by_\bs_\bt_\be_\bm@_\bp_\br_\bi_\bo_\br_\bi_\bt_\by.
-
- The priorities used by _\bs_\bu_\bd_\bo_\be_\br_\bs, in order of decreasing severity, are:
- _\bc_\br_\bi_\bt, _\be_\br_\br, _\bw_\ba_\br_\bn, _\bn_\bo_\bt_\bi_\bc_\be, _\bd_\bi_\ba_\bg, _\bi_\bn_\bf_\bo, _\bt_\br_\ba_\bc_\be and _\bd_\be_\bb_\bu_\bg. Each priority,
- when specified, also includes all priorities higher than it. For
- example, a priority of _\bn_\bo_\bt_\bi_\bc_\be would include debug messages logged at
- _\bn_\bo_\bt_\bi_\bc_\be and higher.
-
- The following subsystems are used by _\bs_\bu_\bd_\bo_\be_\br_\bs:
-
- _\ba_\bl_\bi_\ba_\bs User_Alias, Runas_Alias, Host_Alias and Cmnd_Alias processing
-
- _\ba_\bl_\bl matches every subsystem
-
- _\ba_\bu_\bd_\bi_\bt BSM and Linux audit code
-
- _\ba_\bu_\bt_\bh user authentication
-
- _\bd_\be_\bf_\ba_\bu_\bl_\bt_\bs _\bs_\bu_\bd_\bo_\be_\br_\bs _\bD_\be_\bf_\ba_\bu_\bl_\bt_\bs settings
-
- _\be_\bn_\bv environment handling
-
- _\bl_\bd_\ba_\bp LDAP-based sudoers
-
- _\bl_\bo_\bg_\bg_\bi_\bn_\bg logging support
-
- _\bm_\ba_\bt_\bc_\bh matching of users, groups, hosts and netgroups in _\bs_\bu_\bd_\bo_\be_\br_\bs
-
- _\bn_\be_\bt_\bi_\bf network interface handling
-
- _\bn_\bs_\bs network service switch handling in _\bs_\bu_\bd_\bo_\be_\br_\bs
-
- _\bp_\ba_\br_\bs_\be_\br _\bs_\bu_\bd_\bo_\be_\br_\bs file parsing
-
- _\bp_\be_\br_\bm_\bs permission setting
-
- _\bp_\bl_\bu_\bg_\bi_\bn The equivalent of _\bm_\ba_\bi_\bn for the plugin.
-
- _\bp_\bt_\by pseudo-tty related code
-
- _\br_\bb_\bt_\br_\be_\be redblack tree internals
-
- _\bu_\bt_\bi_\bl utility functions
-
-S\bSE\bEC\bCU\bUR\bRI\bIT\bTY\bY N\bNO\bOT\bTE\bES\bS
+ T\bTi\bim\bme\be s\bst\bta\bam\bmp\bp f\bfi\bil\ble\be c\bch\bhe\bec\bck\bks\bs
_\bs_\bu_\bd_\bo_\be_\br_\bs will check the ownership of its time stamp directory
(_\b/_\bv_\ba_\br_\b/_\ba_\bd_\bm_\b/_\bs_\bu_\bd_\bo by default) and ignore the directory's contents if it is
not owned by root or if it is writable by a user other than root. On
Administrators should not rely on this feature as it is not universally
available.
- If users have sudo ALL there is nothing to prevent them from creating
- their own program that gives them a root shell (or making their own
- copy of a shell) regardless of any '!' elements in the user
- specification.
-
S\bSE\bEE\bE A\bAL\bLS\bSO\bO
_\br_\bs_\bh(1), _\bs_\bu(1), _\bf_\bn_\bm_\ba_\bt_\bc_\bh(3), _\bg_\bl_\bo_\bb(3), _\bm_\bk_\bt_\be_\bm_\bp(3), _\bs_\bt_\br_\bf_\bt_\bi_\bm_\be(3),
_\bs_\bu_\bd_\bo_\be_\br_\bs_\b._\bl_\bd_\ba_\bp(4), _\bs_\bu_\bd_\bo_\b__\bp_\bl_\bu_\bg_\bi_\bn(1m), _\bs_\bu_\bd_\bo(1m), _\bv_\bi_\bs_\bu_\bd_\bo(1m)
-1.8.4 February 5, 2012 SUDOERS(4)
+1.8.5 March 28, 2012 SUDOERS(4)
Using LDAP for _\bs_\bu_\bd_\bo_\be_\br_\bs has several benefits:
- +\bo s\bsu\bud\bdo\bo no longer needs to read _\bs_\bu_\bd_\bo_\be_\br_\bs in its entirety. When LDAP is
+ o s\bsu\bud\bdo\bo no longer needs to read _\bs_\bu_\bd_\bo_\be_\br_\bs in its entirety. When LDAP is
used, there are only two or three LDAP queries per invocation.
This makes it especially fast and particularly usable in LDAP
environments.
- +\bo s\bsu\bud\bdo\bo no longer exits if there is a typo in _\bs_\bu_\bd_\bo_\be_\br_\bs. It is not
+ o s\bsu\bud\bdo\bo no longer exits if there is a typo in _\bs_\bu_\bd_\bo_\be_\br_\bs. It is not
possible to load LDAP data into the server that does not conform to
the sudoers schema, so proper syntax is guaranteed. It is still
possible to have typos in a user or host name, but this will not
prevent s\bsu\bud\bdo\bo from running.
- +\bo It is possible to specify per-entry options that override the
+ o It is possible to specify per-entry options that override the
global default options. _\b/_\be_\bt_\bc_\b/_\bs_\bu_\bd_\bo_\be_\br_\bs only supports default options
and limited options associated with user/host/commands/aliases.
The syntax is complicated and can be difficult for users to
understand. Placing the options directly in the entry is more
natural.
- +\bo The v\bvi\bis\bsu\bud\bdo\bo program is no longer needed. v\bvi\bis\bsu\bud\bdo\bo provides locking
+ o The v\bvi\bis\bsu\bud\bdo\bo program is no longer needed. v\bvi\bis\bsu\bud\bdo\bo provides locking
and syntax checking of the _\b/_\be_\bt_\bc_\b/_\bs_\bu_\bd_\bo_\be_\br_\bs file. Since LDAP updates
are atomic, locking is no longer necessary. Because syntax is
checked when the data is inserted into LDAP, there is no need for a
-1.8.4 January 6, 2012 SUDOERS.LDAP(4)
+1.8.5 March 14, 2012 SUDOERS.LDAP(4)
.\" ========================================================================
.\"
.IX Title "SUDOERS.LDAP @mansectform@"
-.TH SUDOERS.LDAP @mansectform@ "January 6, 2012" "1.8.4" "MAINTENANCE COMMANDS"
+.TH SUDOERS.LDAP @mansectform@ "March 14, 2012" "1.8.5" "MAINTENANCE COMMANDS"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.\" ========================================================================
.\"
.IX Title "SUDOERS @mansectform@"
-.TH SUDOERS @mansectform@ "February 5, 2012" "1.8.4" "MAINTENANCE COMMANDS"
+.TH SUDOERS @mansectform@ "March 28, 2012" "1.8.5" "MAINTENANCE COMMANDS"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
distinct ways \fIsudoers\fR can deal with environment variables.
.PP
By default, the \fIenv_reset\fR option is enabled. This causes commands
-to be executed with a minimal environment containing the \f(CW\*(C`TERM\*(C'\fR,
-\&\f(CW\*(C`PATH\*(C'\fR, \f(CW\*(C`HOME\*(C'\fR, \f(CW\*(C`MAIL\*(C'\fR, \f(CW\*(C`SHELL\*(C'\fR, \f(CW\*(C`LOGNAME\*(C'\fR, \f(CW\*(C`USER\*(C'\fR, \f(CW\*(C`USERNAME\*(C'\fR
-and \f(CW\*(C`SUDO_*\*(C'\fR variables in addition to variables from the
-invoking process permitted by the \fIenv_check\fR and \fIenv_keep\fR
-options. This is effectively a whitelist for environment variables.
+to be executed with a new, minimal environment. On \s-1AIX\s0 (and Linux
+systems without \s-1PAM\s0), the environment is initialized with the
+contents of the \fI/etc/environment\fR file. On \s-1BSD\s0 systems, if the
+\&\fIuse_loginclass\fR option is enabled, the environment is initialized
+based on the \fIpath\fR and \fIsetenv\fR settings in \fI/etc/login.conf\fR.
+The new environment contains the \f(CW\*(C`TERM\*(C'\fR, \f(CW\*(C`PATH\*(C'\fR, \f(CW\*(C`HOME\*(C'\fR, \f(CW\*(C`MAIL\*(C'\fR,
+\&\f(CW\*(C`SHELL\*(C'\fR, \f(CW\*(C`LOGNAME\*(C'\fR, \f(CW\*(C`USER\*(C'\fR, \f(CW\*(C`USERNAME\*(C'\fR and \f(CW\*(C`SUDO_*\*(C'\fR variables
+in addition to variables from the invoking process permitted by the
+\&\fIenv_check\fR and \fIenv_keep\fR options. This is effectively a whitelist
+for environment variables.
.PP
If, however, the \fIenv_reset\fR option is disabled, any variables not
explicitly denied by the \fIenv_check\fR and \fIenv_delete\fR options are
specified, \fIsudoers\fR will initialize the environment regardless
of the value of \fIenv_reset\fR. The \fI\s-1DISPLAY\s0\fR, \fI\s-1PATH\s0\fR and \fI\s-1TERM\s0\fR
variables remain unchanged; \fI\s-1HOME\s0\fR, \fI\s-1MAIL\s0\fR, \fI\s-1SHELL\s0\fR, \fI\s-1USER\s0\fR,
-and \fI\s-1LOGNAME\s0\fR are set based on the target user. On Linux and \s-1AIX\s0
-systems the contents of \fI/etc/environment\fR are also included. All
-other environment variables are removed.
-.PP
-Lastly, if the \fIenv_file\fR option is defined, any variables present
-in that file will be set to their specified values.
+and \fI\s-1LOGNAME\s0\fR are set based on the target user. On \s-1AIX\s0 (and Linux
+systems without \s-1PAM\s0), the contents of \fI/etc/environment\fR are also
+included. On \s-1BSD\s0 systems, if the \fIuse_loginclass\fR option is
+enabled, the \fIpath\fR and \fIsetenv\fR variables in \fI/etc/login.conf\fR
+are also applied. All other environment variables are removed.
+.PP
+Finally, if the \fIenv_file\fR option is defined, any variables present
+in that file will be set to their specified values as long as they
+would not conflict with an existing environment variable.
.SH "SUDOERS FILE FORMAT"
.IX Header "SUDOERS FILE FORMAT"
The \fIsudoers\fR file is composed of two types of entries: aliases
\& aaron shanty = NOEXEC: /usr/bin/more, /usr/bin/vi
.Ve
.PP
-See the \*(L"\s-1PREVENTING\s0 \s-1SHELL\s0 \s-1ESCAPES\s0\*(R" section below for more details
+See the \*(L"Preventing Shell Escapes\*(R" section below for more details
on how \f(CW\*(C`NOEXEC\*(C'\fR works and whether or not it will work on your system.
.PP
\fI\s-1SETENV\s0 and \s-1NOSETENV\s0\fR
.IX Item "noexec"
If set, all commands run via \fBsudo\fR will behave as if the \f(CW\*(C`NOEXEC\*(C'\fR
tag has been set, unless overridden by a \f(CW\*(C`EXEC\*(C'\fR tag. See the
-description of \fI\s-1NOEXEC\s0 and \s-1EXEC\s0\fR below as well as the \*(L"\s-1PREVENTING\s0 \s-1SHELL\s0
-\&\s-1ESCAPES\s0\*(R" section at the end of this manual. This flag is \fIoff\fR by default.
+description of \fI\s-1NOEXEC\s0 and \s-1EXEC\s0\fR below as well as the \*(L"Preventing Shell
+Escapes\*(R" section at the end of this manual. This flag is \fIoff\fR by default.
.IP "path_info" 16
.IX Item "path_info"
Normally, \fBsudo\fR will tell the user when a command could not be
to, deleted from, or disabled by using the \f(CW\*(C`=\*(C'\fR, \f(CW\*(C`+=\*(C'\fR, \f(CW\*(C`\-=\*(C'\fR, and
\&\f(CW\*(C`!\*(C'\fR operators respectively. The default list of variables to keep
is displayed when \fBsudo\fR is run by root with the \fI\-V\fR option.
+.SH "SUDO.CONF"
+.IX Header "SUDO.CONF"
+The \fI@sysconfdir@/sudo.conf\fR file determines which plugins the
+\&\fBsudo\fR front end will load. If no \fI@sysconfdir@/sudo.conf\fR file
+is present, or it contains no \f(CW\*(C`Plugin\*(C'\fR lines, \fBsudo\fR will use the
+\&\fIsudoers\fR security policy and I/O logging, which corresponds to
+the following \fI@sysconfdir@/sudo.conf\fR file.
+.PP
+.Vb 10
+\& #
+\& # Default @sysconfdir@/sudo.conf file
+\& #
+\& # Format:
+\& # Plugin plugin_name plugin_path plugin_options ...
+\& # Path askpass /path/to/askpass
+\& # Path noexec /path/to/sudo_noexec.so
+\& # Debug sudo /var/log/sudo_debug all@warn
+\& # Set disable_coredump true
+\& #
+\& # The plugin_path is relative to @prefix@/libexec unless
+\& # fully qualified.
+\& # The plugin_name corresponds to a global symbol in the plugin
+\& # that contains the plugin interface structure.
+\& # The plugin_options are optional.
+\& #
+\& Plugin policy_plugin sudoers.so
+\& Plugin io_plugin sudoers.so
+.Ve
+.SS "\s-1PLUGIN\s0 \s-1OPTIONS\s0"
+.IX Subsection "PLUGIN OPTIONS"
+Starting with \fBsudo\fR 1.8.5 it is possible to pass options to the
+\&\fIsudoers\fR plugin. Options may be listed after the path to the
+plugin (i.e. after \fIsudoers.so\fR); multiple options should be
+space-separated. For example:
+.PP
+.Vb 1
+\& Plugin sudoers_policy sudoers.so sudoers_file=/etc/sudoers sudoers_uid=0 sudoers_gid=0 sudoers_mode=0440
+.Ve
+.PP
+The following plugin options are supported:
+.IP "sudoers_file=pathname" 10
+.IX Item "sudoers_file=pathname"
+The \fIsudoers_file\fR option can be used to override the default path
+to the \fIsudoers\fR file.
+.IP "sudoers_uid=uid" 10
+.IX Item "sudoers_uid=uid"
+The \fIsudoers_uid\fR option can be used to override the default owner
+of the sudoers file. It should be specified as a numeric user \s-1ID\s0.
+.IP "sudoers_gid=gid" 10
+.IX Item "sudoers_gid=gid"
+The \fIsudoers_gid\fR option can be used to override the default group
+of the sudoers file. It should be specified as a numeric group \s-1ID\s0.
+.IP "sudoers_mode=mode" 10
+.IX Item "sudoers_mode=mode"
+The \fIsudoers_mode\fR option can be used to override the default file
+mode for the sudoers file. It should be specified as an octal value.
+.SS "\s-1DEBUG\s0 \s-1FLAGS\s0"
+.IX Subsection "DEBUG FLAGS"
+Versions 1.8.4 and higher of the \fIsudoers\fR plugin supports a
+debugging framework that can help track down what the plugin is
+doing internally if there is a problem. This can be configured in
+the \fI@sysconfdir@/sudo.conf\fR file as described in \fIsudo\fR\|(@mansectsu@).
+.PP
+The \fIsudoers\fR plugin uses the same debug flag format as \fBsudo\fR
+itself: \fIsubsystem\fR@\fIpriority\fR.
+.PP
+The priorities used by \fIsudoers\fR, in order of decreasing severity,
+are: \fIcrit\fR, \fIerr\fR, \fIwarn\fR, \fInotice\fR, \fIdiag\fR, \fIinfo\fR, \fItrace\fR
+and \fIdebug\fR. Each priority, when specified, also includes all
+priorities higher than it. For example, a priority of \fInotice\fR
+would include debug messages logged at \fInotice\fR and higher.
+.PP
+The following subsystems are used by \fIsudoers\fR:
+.IP "\fIalias\fR" 10
+.IX Item "alias"
+\&\f(CW\*(C`User_Alias\*(C'\fR, \f(CW\*(C`Runas_Alias\*(C'\fR, \f(CW\*(C`Host_Alias\*(C'\fR and \f(CW\*(C`Cmnd_Alias\*(C'\fR processing
+.IP "\fIall\fR" 10
+.IX Item "all"
+matches every subsystem
+.IP "\fIaudit\fR" 10
+.IX Item "audit"
+\&\s-1BSM\s0 and Linux audit code
+.IP "\fIauth\fR" 10
+.IX Item "auth"
+user authentication
+.IP "\fIdefaults\fR" 10
+.IX Item "defaults"
+\&\fIsudoers\fR \fIDefaults\fR settings
+.IP "\fIenv\fR" 10
+.IX Item "env"
+environment handling
+.IP "\fIldap\fR" 10
+.IX Item "ldap"
+LDAP-based sudoers
+.IP "\fIlogging\fR" 10
+.IX Item "logging"
+logging support
+.IP "\fImatch\fR" 10
+.IX Item "match"
+matching of users, groups, hosts and netgroups in \fIsudoers\fR
+.IP "\fInetif\fR" 10
+.IX Item "netif"
+network interface handling
+.IP "\fInss\fR" 10
+.IX Item "nss"
+network service switch handling in \fIsudoers\fR
+.IP "\fIparser\fR" 10
+.IX Item "parser"
+\&\fIsudoers\fR file parsing
+.IP "\fIperms\fR" 10
+.IX Item "perms"
+permission setting
+.IP "\fIplugin\fR" 10
+.IX Item "plugin"
+The equivalent of \fImain\fR for the plugin.
+.IP "\fIpty\fR" 10
+.IX Item "pty"
+pseudo-tty related code
+.IP "\fIrbtree\fR" 10
+.IX Item "rbtree"
+redblack tree internals
+.IP "\fIutil\fR" 10
+.IX Item "util"
+utility functions
.SH "FILES"
.IX Header "FILES"
+.ie n .IP "\fI@sysconfdir@/sudo.conf\fR" 24
+.el .IP "\fI@sysconfdir@/sudo.conf\fR" 24
+.IX Item "@sysconfdir@/sudo.conf"
+Sudo front end configuration
.ie n .IP "\fI@sysconfdir@/sudoers\fR" 24
.el .IP "\fI@sysconfdir@/sudoers\fR" 24
.IX Item "@sysconfdir@/sudoers"
Directory containing time stamps for the \fIsudoers\fR security policy
.IP "\fI/etc/environment\fR" 24
.IX Item "/etc/environment"
-Initial environment for \fB\-i\fR mode on Linux and \s-1AIX\s0
+Initial environment for \fB\-i\fR mode on \s-1AIX\s0 and Linux systems
.SH "EXAMPLES"
.IX Header "EXAMPLES"
Below are example \fIsudoers\fR entries. Admittedly, some of
for encapsulating in a shell script.
.SH "SECURITY NOTES"
.IX Header "SECURITY NOTES"
+.SS "Limitations of the '!' operator"
+.IX Subsection "Limitations of the '!' operator"
It is generally not effective to \*(L"subtract\*(R" commands from \f(CW\*(C`ALL\*(C'\fR
using the '!' operator. A user can trivially circumvent this
by copying the desired command to a different name and then
program. Therefore, these kind of restrictions should be considered
advisory at best (and reinforced by policy).
.PP
-Furthermore, if the \fIfast_glob\fR option is in use, it is not possible
+In general, if a user has sudo \f(CW\*(C`ALL\*(C'\fR there is nothing to prevent
+them from creating their own program that gives them a root shell
+(or making their own copy of a shell) regardless of any '!' elements
+in the user specification.
+.SS "Security implications of \fIfast_glob\fP"
+.IX Subsection "Security implications of fast_glob"
+If the \fIfast_glob\fR option is in use, it is not possible
to reliably negate commands where the path name includes globbing
(aka wildcard) characters. This is because the C library's
\&\fIfnmatch\fR\|(3) function cannot resolve relative paths. While this
.PP
User \fBjohn\fR can still run \f(CW\*(C`/usr/bin/passwd root\*(C'\fR if \fIfast_glob\fR is
enabled by changing to \fI/usr/bin\fR and running \f(CW\*(C`./passwd root\*(C'\fR instead.
-.SH "PREVENTING SHELL ESCAPES"
-.IX Header "PREVENTING SHELL ESCAPES"
+.SS "Preventing Shell Escapes"
+.IX Subsection "Preventing Shell Escapes"
Once \fBsudo\fR executes a program, that program is free to do whatever
it pleases, including run other programs. This can be a security
issue since it is not uncommon for a program to allow shell escapes,
to unintended privilege escalation. In the specific case of an
editor, a safer approach is to give the user permission to run
\&\fBsudoedit\fR.
-.SH "DEBUG FLAGS"
-.IX Header "DEBUG FLAGS"
-Versions 1.8.4 and higher of the \fIsudoers\fR plugin supports a
-debugging framework that can help track down what the plugin is
-doing internally if there is a problem. This can be configured in
-the \fI@sysconfdir@/sudo.conf\fR file as described in \fIsudo\fR\|(@mansectsu@).
-.PP
-The \fIsudoers\fR plugin uses the same debug flag format as \fBsudo\fR
-itself: \fIsubsystem\fR@\fIpriority\fR.
-.PP
-The priorities used by \fIsudoers\fR, in order of decreasing severity,
-are: \fIcrit\fR, \fIerr\fR, \fIwarn\fR, \fInotice\fR, \fIdiag\fR, \fIinfo\fR, \fItrace\fR
-and \fIdebug\fR. Each priority, when specified, also includes all
-priorities higher than it. For example, a priority of \fInotice\fR
-would include debug messages logged at \fInotice\fR and higher.
-.PP
-The following subsystems are used by \fIsudoers\fR:
-.IP "\fIalias\fR" 10
-.IX Item "alias"
-\&\f(CW\*(C`User_Alias\*(C'\fR, \f(CW\*(C`Runas_Alias\*(C'\fR, \f(CW\*(C`Host_Alias\*(C'\fR and \f(CW\*(C`Cmnd_Alias\*(C'\fR processing
-.IP "\fIall\fR" 10
-.IX Item "all"
-matches every subsystem
-.IP "\fIaudit\fR" 10
-.IX Item "audit"
-\&\s-1BSM\s0 and Linux audit code
-.IP "\fIauth\fR" 10
-.IX Item "auth"
-user authentication
-.IP "\fIdefaults\fR" 10
-.IX Item "defaults"
-\&\fIsudoers\fR \fIDefaults\fR settings
-.IP "\fIenv\fR" 10
-.IX Item "env"
-environment handling
-.IP "\fIldap\fR" 10
-.IX Item "ldap"
-LDAP-based sudoers
-.IP "\fIlogging\fR" 10
-.IX Item "logging"
-logging support
-.IP "\fImatch\fR" 10
-.IX Item "match"
-matching of users, groups, hosts and netgroups in \fIsudoers\fR
-.IP "\fInetif\fR" 10
-.IX Item "netif"
-network interface handling
-.IP "\fInss\fR" 10
-.IX Item "nss"
-network service switch handling in \fIsudoers\fR
-.IP "\fIparser\fR" 10
-.IX Item "parser"
-\&\fIsudoers\fR file parsing
-.IP "\fIperms\fR" 10
-.IX Item "perms"
-permission setting
-.IP "\fIplugin\fR" 10
-.IX Item "plugin"
-The equivalent of \fImain\fR for the plugin.
-.IP "\fIpty\fR" 10
-.IX Item "pty"
-pseudo-tty related code
-.IP "\fIrbtree\fR" 10
-.IX Item "rbtree"
-redblack tree internals
-.IP "\fIutil\fR" 10
-.IX Item "util"
-utility functions
-.SH "SECURITY NOTES"
-.IX Header "SECURITY NOTES"
+.SS "Time stamp file checks"
+.IX Subsection "Time stamp file checks"
\&\fIsudoers\fR will check the ownership of its time stamp directory
(\fI@timedir@\fR by default) and ignore the directory's contents if
it is not owned by root or if it is writable by a user other than
created (such as Mac \s-1OS\s0 X), \fIsudoers\fR is able to determine when a
tty-based time stamp file is stale and will ignore it. Administrators
should not rely on this feature as it is not universally available.
-.PP
-If users have sudo \f(CW\*(C`ALL\*(C'\fR there is nothing to prevent them from
-creating their own program that gives them a root shell (or making
-their own copy of a shell) regardless of any '!' elements in the
-user specification.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fIrsh\fR\|(1), \fIsu\fR\|(1), \fIfnmatch\fR\|(3), \fIglob\fR\|(3), \fImktemp\fR\|(3), \fIstrftime\fR\|(3),
distinct ways I<sudoers> can deal with environment variables.
By default, the I<env_reset> option is enabled. This causes commands
-to be executed with a minimal environment containing the C<TERM>,
-C<PATH>, C<HOME>, C<MAIL>, C<SHELL>, C<LOGNAME>, C<USER>, C<USERNAME>
-and C<SUDO_*> variables in addition to variables from the
-invoking process permitted by the I<env_check> and I<env_keep>
-options. This is effectively a whitelist for environment variables.
+to be executed with a new, minimal environment. On AIX (and Linux
+systems without PAM), the environment is initialized with the
+contents of the F</etc/environment> file. On BSD systems, if the
+I<use_loginclass> option is enabled, the environment is initialized
+based on the I<path> and I<setenv> settings in F</etc/login.conf>.
+The new environment contains the C<TERM>, C<PATH>, C<HOME>, C<MAIL>,
+C<SHELL>, C<LOGNAME>, C<USER>, C<USERNAME> and C<SUDO_*> variables
+in addition to variables from the invoking process permitted by the
+I<env_check> and I<env_keep> options. This is effectively a whitelist
+for environment variables.
If, however, the I<env_reset> option is disabled, any variables not
explicitly denied by the I<env_check> and I<env_delete> options are
specified, I<sudoers> will initialize the environment regardless
of the value of I<env_reset>. The I<DISPLAY>, I<PATH> and I<TERM>
variables remain unchanged; I<HOME>, I<MAIL>, I<SHELL>, I<USER>,
-and I<LOGNAME> are set based on the target user. On Linux and AIX
-systems the contents of F</etc/environment> are also included. All
-other environment variables are removed.
+and I<LOGNAME> are set based on the target user. On AIX (and Linux
+systems without PAM), the contents of F</etc/environment> are also
+included. On BSD systems, if the I<use_loginclass> option is
+enabled, the I<path> and I<setenv> variables in F</etc/login.conf>
+are also applied. All other environment variables are removed.
-Lastly, if the I<env_file> option is defined, any variables present
-in that file will be set to their specified values.
+Finally, if the I<env_file> option is defined, any variables present
+in that file will be set to their specified values as long as they
+would not conflict with an existing environment variable.
=head1 SUDOERS FILE FORMAT
aaron shanty = NOEXEC: /usr/bin/more, /usr/bin/vi
-See the L<PREVENTING SHELL ESCAPES> section below for more details
+See the L<Preventing Shell Escapes> section below for more details
on how C<NOEXEC> works and whether or not it will work on your system.
=head3 SETENV and NOSETENV
If set, all commands run via B<sudo> will behave as if the C<NOEXEC>
tag has been set, unless overridden by a C<EXEC> tag. See the
-description of I<NOEXEC and EXEC> below as well as the L<PREVENTING SHELL
-ESCAPES> section at the end of this manual. This flag is I<off> by default.
+description of I<NOEXEC and EXEC> below as well as the L<Preventing Shell
+Escapes> section at the end of this manual. This flag is I<off> by default.
=item path_info
=back
+=head1 SUDO.CONF
+
+The F<@sysconfdir@/sudo.conf> file determines which plugins the
+B<sudo> front end will load. If no F<@sysconfdir@/sudo.conf> file
+is present, or it contains no C<Plugin> lines, B<sudo> will use the
+I<sudoers> security policy and I/O logging, which corresponds to
+the following F<@sysconfdir@/sudo.conf> file.
+
+ #
+ # Default @sysconfdir@/sudo.conf file
+ #
+ # Format:
+ # Plugin plugin_name plugin_path plugin_options ...
+ # Path askpass /path/to/askpass
+ # Path noexec /path/to/sudo_noexec.so
+ # Debug sudo /var/log/sudo_debug all@warn
+ # Set disable_coredump true
+ #
+ # The plugin_path is relative to @prefix@/libexec unless
+ # fully qualified.
+ # The plugin_name corresponds to a global symbol in the plugin
+ # that contains the plugin interface structure.
+ # The plugin_options are optional.
+ #
+ Plugin policy_plugin sudoers.so
+ Plugin io_plugin sudoers.so
+
+=head2 PLUGIN OPTIONS
+
+Starting with B<sudo> 1.8.5 it is possible to pass options to the
+I<sudoers> plugin. Options may be listed after the path to the
+plugin (i.e. after F<sudoers.so>); multiple options should be
+space-separated. For example:
+
+ Plugin sudoers_policy sudoers.so sudoers_file=/etc/sudoers sudoers_uid=0 sudoers_gid=0 sudoers_mode=0440
+
+The following plugin options are supported:
+
+=over 10
+
+=item sudoers_file=pathname
+
+The I<sudoers_file> option can be used to override the default path
+to the I<sudoers> file.
+
+=item sudoers_uid=uid
+
+The I<sudoers_uid> option can be used to override the default owner
+of the sudoers file. It should be specified as a numeric user ID.
+
+=item sudoers_gid=gid
+
+The I<sudoers_gid> option can be used to override the default group
+of the sudoers file. It should be specified as a numeric group ID.
+
+=item sudoers_mode=mode
+
+The I<sudoers_mode> option can be used to override the default file
+mode for the sudoers file. It should be specified as an octal value.
+
+=back
+
+=head2 DEBUG FLAGS
+
+Versions 1.8.4 and higher of the I<sudoers> plugin supports a
+debugging framework that can help track down what the plugin is
+doing internally if there is a problem. This can be configured in
+the F<@sysconfdir@/sudo.conf> file as described in L<sudo(8)>.
+
+The I<sudoers> plugin uses the same debug flag format as B<sudo>
+itself: I<subsystem>@I<priority>.
+
+The priorities used by I<sudoers>, in order of decreasing severity,
+are: I<crit>, I<err>, I<warn>, I<notice>, I<diag>, I<info>, I<trace>
+and I<debug>. Each priority, when specified, also includes all
+priorities higher than it. For example, a priority of I<notice>
+would include debug messages logged at I<notice> and higher.
+
+The following subsystems are used by I<sudoers>:
+
+=over 10
+
+=item I<alias>
+
+C<User_Alias>, C<Runas_Alias>, C<Host_Alias> and C<Cmnd_Alias> processing
+
+=item I<all>
+
+matches every subsystem
+
+=item I<audit>
+
+BSM and Linux audit code
+
+=item I<auth>
+
+user authentication
+
+=item I<defaults>
+
+I<sudoers> I<Defaults> settings
+
+=item I<env>
+
+environment handling
+
+=item I<ldap>
+
+LDAP-based sudoers
+
+=item I<logging>
+
+logging support
+
+=item I<match>
+
+matching of users, groups, hosts and netgroups in I<sudoers>
+
+=item I<netif>
+
+network interface handling
+
+=item I<nss>
+
+network service switch handling in I<sudoers>
+
+=item I<parser>
+
+I<sudoers> file parsing
+
+=item I<perms>
+
+permission setting
+
+=item I<plugin>
+
+The equivalent of I<main> for the plugin.
+
+=item I<pty>
+
+pseudo-tty related code
+
+=item I<rbtree>
+
+redblack tree internals
+
+=item I<util>
+
+utility functions
+
+=back
+
=head1 FILES
=over 24
+=item F<@sysconfdir@/sudo.conf>
+
+Sudo front end configuration
+
=item F<@sysconfdir@/sudoers>
List of who can run what
=item F</etc/environment>
-Initial environment for B<-i> mode on Linux and AIX
+Initial environment for B<-i> mode on AIX and Linux systems
=back
=head1 SECURITY NOTES
+=head2 Limitations of the '!' operator
+
It is generally not effective to "subtract" commands from C<ALL>
using the '!' operator. A user can trivially circumvent this
by copying the desired command to a different name and then
program. Therefore, these kind of restrictions should be considered
advisory at best (and reinforced by policy).
-Furthermore, if the I<fast_glob> option is in use, it is not possible
+In general, if a user has sudo C<ALL> there is nothing to prevent
+them from creating their own program that gives them a root shell
+(or making their own copy of a shell) regardless of any '!' elements
+in the user specification.
+
+=head2 Security implications of I<fast_glob>
+
+If the I<fast_glob> option is in use, it is not possible
to reliably negate commands where the path name includes globbing
(aka wildcard) characters. This is because the C library's
L<fnmatch(3)> function cannot resolve relative paths. While this
User B<john> can still run C</usr/bin/passwd root> if I<fast_glob> is
enabled by changing to F</usr/bin> and running C<./passwd root> instead.
-=head1 PREVENTING SHELL ESCAPES
+=head2 Preventing Shell Escapes
Once B<sudo> executes a program, that program is free to do whatever
it pleases, including run other programs. This can be a security
editor, a safer approach is to give the user permission to run
B<sudoedit>.
-=head1 DEBUG FLAGS
-
-Versions 1.8.4 and higher of the I<sudoers> plugin supports a
-debugging framework that can help track down what the plugin is
-doing internally if there is a problem. This can be configured in
-the F<@sysconfdir@/sudo.conf> file as described in L<sudo(8)>.
-
-The I<sudoers> plugin uses the same debug flag format as B<sudo>
-itself: I<subsystem>@I<priority>.
-
-The priorities used by I<sudoers>, in order of decreasing severity,
-are: I<crit>, I<err>, I<warn>, I<notice>, I<diag>, I<info>, I<trace>
-and I<debug>. Each priority, when specified, also includes all
-priorities higher than it. For example, a priority of I<notice>
-would include debug messages logged at I<notice> and higher.
-
-The following subsystems are used by I<sudoers>:
-
-=over 10
-
-=item I<alias>
-
-C<User_Alias>, C<Runas_Alias>, C<Host_Alias> and C<Cmnd_Alias> processing
-
-=item I<all>
-
-matches every subsystem
-
-=item I<audit>
-
-BSM and Linux audit code
-
-=item I<auth>
-
-user authentication
-
-=item I<defaults>
-
-I<sudoers> I<Defaults> settings
-
-=item I<env>
-
-environment handling
-
-=item I<ldap>
-
-LDAP-based sudoers
-
-=item I<logging>
-
-logging support
-
-=item I<match>
-
-matching of users, groups, hosts and netgroups in I<sudoers>
-
-=item I<netif>
-
-network interface handling
-
-=item I<nss>
-
-network service switch handling in I<sudoers>
-
-=item I<parser>
-
-I<sudoers> file parsing
-
-=item I<perms>
-
-permission setting
-
-=item I<plugin>
-
-The equivalent of I<main> for the plugin.
-
-=item I<pty>
-
-pseudo-tty related code
-
-=item I<rbtree>
-
-redblack tree internals
-
-=item I<util>
-
-utility functions
-
-=back
-
-=head1 SECURITY NOTES
+=head2 Time stamp file checks
I<sudoers> will check the ownership of its time stamp directory
(F<@timedir@> by default) and ignore the directory's contents if
tty-based time stamp file is stale and will ignore it. Administrators
should not rely on this feature as it is not universally available.
-If users have sudo C<ALL> there is nothing to prevent them from
-creating their own program that gives them a root shell (or making
-their own copy of a shell) regardless of any '!' elements in the
-user specification.
-
=head1 SEE ALSO
L<rsh(1)>, L<su(1)>, L<fnmatch(3)>, L<glob(3)>, L<mktemp(3)>, L<strftime(3)>,
-l [_\bs_\be_\ba_\br_\bc_\bh _\be_\bx_\bp_\br_\be_\bs_\bs_\bi_\bo_\bn]
Enable "list mode". In this mode, s\bsu\bud\bdo\bor\bre\bep\bpl\bla\bay\by will list
- available session IDs. If a _\bs_\be_\ba_\br_\bc_\bh _\be_\bx_\bp_\br_\be_\bs_\bs_\bi_\bo_\bn is
- specified, it will be used to restrict the IDs that are
- displayed. An expression is composed of the following
- predicates:
+ available sessions in a format similar to the s\bsu\bud\bdo\bo log file
+ format, sorted by file name (or sequence number). If a
+ _\bs_\be_\ba_\br_\bc_\bh _\be_\bx_\bp_\br_\be_\bs_\bs_\bi_\bo_\bn is specified, it will be used to restrict
+ the IDs that are displayed. An expression is composed of
+ the following predicates:
command _\bc_\bo_\bm_\bm_\ba_\bn_\bd _\bp_\ba_\bt_\bt_\be_\br_\bn
Evaluates to true if the command run matches
-1.8.4 January 6, 2012 SUDOREPLAY(1m)
+1.8.5 April 16, 2012 SUDOREPLAY(1m)
.\" ========================================================================
.\"
.IX Title "SUDOREPLAY @mansectsu@"
-.TH SUDOREPLAY @mansectsu@ "January 6, 2012" "1.8.4" "MAINTENANCE COMMANDS"
+.TH SUDOREPLAY @mansectsu@ "April 16, 2012" "1.8.5" "MAINTENANCE COMMANDS"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.IP "\-l [\fIsearch expression\fR]" 12
.IX Item "-l [search expression]"
Enable \*(L"list mode\*(R". In this mode, \fBsudoreplay\fR will list available
-session IDs. If a \fIsearch expression\fR is specified, it will be
-used to restrict the IDs that are displayed. An expression is
-composed of the following predicates:
+sessions in a format similar to the \fBsudo\fR log file format, sorted
+by file name (or sequence number). If a \fIsearch expression\fR is
+specified, it will be used to restrict the IDs that are displayed.
+An expression is composed of the following predicates:
.RS 12
.IP "command \fIcommand pattern\fR" 8
.IX Item "command command pattern"
=item -l [I<search expression>]
Enable "list mode". In this mode, B<sudoreplay> will list available
-session IDs. If a I<search expression> is specified, it will be
-used to restrict the IDs that are displayed. An expression is
-composed of the following predicates:
+sessions in a format similar to the B<sudo> log file format, sorted
+by file name (or sequence number). If a I<search expression> is
+specified, it will be used to restrict the IDs that are displayed.
+An expression is composed of the following predicates:
=over 8
-1.8.4 March 12, 2012 VISUDO(1m)
+1.8.5 March 14, 2012 VISUDO(1m)
.\" ========================================================================
.\"
.IX Title "VISUDO @mansectsu@"
-.TH VISUDO @mansectsu@ "March 12, 2012" "1.8.4" "MAINTENANCE COMMANDS"
+.TH VISUDO @mansectsu@ "March 14, 2012" "1.8.5" "MAINTENANCE COMMANDS"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
int easprintf(char **, const char *, ...) __printflike(2, 3);
int evasprintf(char **, const char *, va_list) __printflike(2, 0);
void efree(void *);
+void *ecalloc(size_t, size_t);
void *emalloc(size_t);
void *emalloc2(size_t, size_t);
void *erealloc(void *, size_t);
void *erealloc3(void *, size_t, size_t);
+void *erecalloc(void *, size_t, size_t, size_t);
char *estrdup(const char *);
char *estrndup(const char *, size_t);
#else /* SUDO_ERROR_WRAP */
# if defined(__GNUC__) && __GNUC__ == 2
# define error(rval, fmt...) do { \
- sudo_debug_printf2(SUDO_DEBUG_ERROR|sudo_debug_subsys, (fmt)); \
+ sudo_debug_printf2(__func__, __FILE__, __LINE__, \
+ SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO|sudo_debug_subsys, \
+ (fmt)); \
error2((rval), (fmt)); \
} while (0)
# define errorx(rval, fmt...) do { \
- sudo_debug_printf2(SUDO_DEBUG_ERROR|sudo_debug_subsys, (fmt)); \
+ sudo_debug_printf2(__func__, __FILE__, __LINE__, \
+ SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|sudo_debug_subsys, (fmt)); \
errorx2((rval), (fmt)); \
} while (0)
# define warning(fmt...) do { \
- sudo_debug_printf2(SUDO_DEBUG_ERROR|sudo_debug_subsys, (fmt)); \
+ sudo_debug_printf2(__func__, __FILE__, __LINE__, \
+ SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO|sudo_debug_subsys, \
+ (fmt)); \
warning2((fmt)); \
} while (0)
# define warningx(fmt...) do { \
- sudo_debug_printf2(SUDO_DEBUG_ERROR|sudo_debug_subsys, (fmt)); \
+ sudo_debug_printf2(__func__, __FILE__, __LINE__, \
+ SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|sudo_debug_subsys, (fmt)); \
warningx2((fmt)); \
} while (0)
# else
# define error(rval, ...) do { \
- sudo_debug_printf2(SUDO_DEBUG_ERROR|sudo_debug_subsys, __VA_ARGS__); \
+ sudo_debug_printf2(__func__, __FILE__, __LINE__, \
+ SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO|sudo_debug_subsys, \
+ __VA_ARGS__); \
error2((rval), __VA_ARGS__); \
} while (0)
# define errorx(rval, ...) do { \
- sudo_debug_printf2(SUDO_DEBUG_ERROR|sudo_debug_subsys, __VA_ARGS__); \
+ sudo_debug_printf2(__func__, __FILE__, __LINE__, \
+ SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|sudo_debug_subsys, __VA_ARGS__); \
errorx2((rval), __VA_ARGS__); \
} while (0)
# define warning(...) do { \
- sudo_debug_printf2(SUDO_DEBUG_ERROR|sudo_debug_subsys, __VA_ARGS__); \
+ sudo_debug_printf2(__func__, __FILE__, __LINE__, \
+ SUDO_DEBUG_WARN|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO|sudo_debug_subsys, \
+ __VA_ARGS__); \
warning2(__VA_ARGS__); \
} while (0)
# define warningx(...) do { \
- sudo_debug_printf2(SUDO_DEBUG_ERROR|sudo_debug_subsys, __VA_ARGS__); \
+ sudo_debug_printf2(__func__, __FILE__, __LINE__, \
+ SUDO_DEBUG_WARN|SUDO_DEBUG_LINENO|sudo_debug_subsys, __VA_ARGS__); \
warningx2(__VA_ARGS__); \
} while (0)
# endif /* __GNUC__ == 2 */
# define __attribute__(x)
#endif
-/* For silencing gcc warnings about rcsids */
-#ifndef __unused
-# if defined(__GNUC__) && (__GNUC__ > 2 || __GNUC__ == 2 && __GNUC_MINOR__ > 7)
-# define __unused __attribute__((__unused__))
-# else
-# define __unused
-# endif
-#endif
-
/* For catching format string mismatches */
#ifndef __printflike
# if defined(__GNUC__) && (__GNUC__ > 2 || __GNUC__ == 2 && __GNUC_MINOR__ >= 7)
# define MAX(a,b) (((a)>(b))?(a):(b))
#endif
+/*
+ * Older systems may be missing stddef.h and/or offsetof macro
+ */
+#ifndef offsetof
+# ifdef __offsetof
+# define offsetof(type, field) __offsetof(type, field)
+# else
+# define offsetof(type, field) ((size_t)(&((type *)0)->field))
+# endif
+#endif
+
/*
* Simple isblank() macro and function for systems without it.
*/
--- /dev/null
+/*
+ * Copyright (c) 2012 Todd C. Miller <Todd.Miller@courtesan.com>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#ifndef _SUDO_SECURE_PATH_H
+#define _SUDO_SECURE_PATH_H
+
+#define SUDO_PATH_SECURE 0
+#define SUDO_PATH_MISSING -1
+#define SUDO_PATH_BAD_TYPE -2
+#define SUDO_PATH_WRONG_OWNER -3
+#define SUDO_PATH_WORLD_WRITABLE -4
+#define SUDO_PATH_GROUP_WRITABLE -5
+
+int sudo_secure_dir(const char *path, uid_t uid, gid_t gid, struct stat *sbp);
+int sudo_secure_file(const char *path, uid_t uid, gid_t gid, struct stat *sbp);
+int sudo_secure_path(const char *path, int type, uid_t uid, gid_t gid, struct stat *sbp);
+
+#endif /* _SUDO_SECURE_PATH_H */
struct plugin_info *next; /* required */
const char *path;
const char *symbol_name;
+ char * const * options;
};
TQ_DECLARE(plugin_info)
/*
* The priority and subsystem are encoded in a single 32-bit value.
- * The lower 4 bits are the priority and the top 28 bits are the subsystem.
+ * The lower 4 bits are the priority and the top 26 bits are the subsystem.
* This allows for 16 priorities and a very large number of subsystems.
+ * Bit 5 is used as a flag to specify whether to log the errno value.
+ * Bit 6 specifies whether to log the function, file and line number data.
*/
/*
* This includes subsystems in the sudoers plugin.
* Note: order must match sudo_debug_subsystems[]
*/
-#define SUDO_DEBUG_MAIN (1<<4) /* sudo main() */
-#define SUDO_DEBUG_ARGS (2<<4) /* command line argument processing */
-#define SUDO_DEBUG_EXEC (3<<4) /* command execution */
-#define SUDO_DEBUG_PTY (4<<4) /* pseudo-tty */
-#define SUDO_DEBUG_UTMP (5<<4) /* utmp file ops */
-#define SUDO_DEBUG_CONV (6<<4) /* user conversation */
-#define SUDO_DEBUG_PCOMM (7<<4) /* plugin communications */
-#define SUDO_DEBUG_UTIL (8<<4) /* utility functions */
-#define SUDO_DEBUG_NETIF (9<<4) /* network interface functions */
-#define SUDO_DEBUG_AUDIT (10<<4) /* audit */
-#define SUDO_DEBUG_EDIT (11<<4) /* sudoedit */
-#define SUDO_DEBUG_SELINUX (12<<4) /* selinux */
-#define SUDO_DEBUG_LDAP (13<<4) /* sudoers LDAP */
-#define SUDO_DEBUG_MATCH (14<<4) /* sudoers matching */
-#define SUDO_DEBUG_PARSER (15<<4) /* sudoers parser */
-#define SUDO_DEBUG_ALIAS (16<<4) /* sudoers alias functions */
-#define SUDO_DEBUG_DEFAULTS (17<<4) /* sudoers defaults settings */
-#define SUDO_DEBUG_AUTH (18<<4) /* authentication functions */
-#define SUDO_DEBUG_ENV (19<<4) /* environment handling */
-#define SUDO_DEBUG_LOGGING (20<<4) /* logging functions */
-#define SUDO_DEBUG_NSS (21<<4) /* network service switch */
-#define SUDO_DEBUG_RBTREE (22<<4) /* red-black tree functions */
-#define SUDO_DEBUG_PERMS (23<<4) /* uid/gid swapping functions */
-#define SUDO_DEBUG_PLUGIN (24<<4) /* main plugin functions */
+#define SUDO_DEBUG_MAIN ( 1<<6) /* sudo main() */
+#define SUDO_DEBUG_ARGS ( 2<<6) /* command line argument processing */
+#define SUDO_DEBUG_EXEC ( 3<<6) /* command execution */
+#define SUDO_DEBUG_PTY ( 4<<6) /* pseudo-tty */
+#define SUDO_DEBUG_UTMP ( 5<<6) /* utmp file ops */
+#define SUDO_DEBUG_CONV ( 6<<6) /* user conversation */
+#define SUDO_DEBUG_PCOMM ( 7<<6) /* plugin communications */
+#define SUDO_DEBUG_UTIL ( 8<<6) /* utility functions */
+#define SUDO_DEBUG_NETIF ( 9<<6) /* network interface functions */
+#define SUDO_DEBUG_AUDIT (10<<6) /* audit */
+#define SUDO_DEBUG_EDIT (11<<6) /* sudoedit */
+#define SUDO_DEBUG_SELINUX (12<<6) /* selinux */
+#define SUDO_DEBUG_LDAP (13<<6) /* sudoers LDAP */
+#define SUDO_DEBUG_MATCH (14<<6) /* sudoers matching */
+#define SUDO_DEBUG_PARSER (15<<6) /* sudoers parser */
+#define SUDO_DEBUG_ALIAS (16<<6) /* sudoers alias functions */
+#define SUDO_DEBUG_DEFAULTS (17<<6) /* sudoers defaults settings */
+#define SUDO_DEBUG_AUTH (18<<6) /* authentication functions */
+#define SUDO_DEBUG_ENV (19<<6) /* environment handling */
+#define SUDO_DEBUG_LOGGING (20<<6) /* logging functions */
+#define SUDO_DEBUG_NSS (21<<6) /* network service switch */
+#define SUDO_DEBUG_RBTREE (22<<6) /* red-black tree functions */
+#define SUDO_DEBUG_PERMS (23<<6) /* uid/gid swapping functions */
+#define SUDO_DEBUG_PLUGIN (24<<6) /* main plugin functions */
+#define SUDO_DEBUG_HOOKS (25<<6) /* hook functions */
#define SUDO_DEBUG_ALL 0xfff0 /* all subsystems */
+/* Flag to include string version of errno in debug info. */
+#define SUDO_DEBUG_ERRNO (1<<4)
+
+/* Flag to include function, file and line number in debug info. */
+#define SUDO_DEBUG_LINENO (1<<5)
+
/* Extract priority and convert to an index. */
#define SUDO_DEBUG_PRI(n) (((n) & 0xf) - 1)
/* Extract subsystem and convert to an index. */
-#define SUDO_DEBUG_SUBSYS(n) (((n) >> 4) - 1)
+#define SUDO_DEBUG_SUBSYS(n) (((n) >> 6) - 1)
/*
* Wrapper for sudo_debug_enter() that declares __func__ as needed
*/
#if defined(__GNUC__) && __GNUC__ == 2
# define sudo_debug_printf(pri, fmt...) \
- sudo_debug_printf2((pri)|sudo_debug_subsys, (fmt))
+ sudo_debug_printf2(__func__, __FILE__, __LINE__, (pri)|sudo_debug_subsys, \
+ (fmt))
#else
# define sudo_debug_printf(pri, ...) \
- sudo_debug_printf2((pri)|sudo_debug_subsys, __VA_ARGS__)
+ sudo_debug_printf2(__func__, __FILE__, __LINE__, (pri)|sudo_debug_subsys, \
+ __VA_ARGS__)
#endif
#define sudo_debug_execve(pri, path, argv, envp) \
void sudo_debug_exit_ptr(const char *func, const char *file, int line, int subsys, const void *rval);
int sudo_debug_fd_set(int fd);
int sudo_debug_init(const char *debugfile, const char *settings);
-void sudo_debug_printf2(int level, const char *format, ...) __printflike(2, 3);
-void sudo_debug_write(const char *str, int len);
+void sudo_debug_printf2(const char *func, const char *file, int line, int level, const char *format, ...) __printflike(5, 6);
+void sudo_debug_write(const char *str, int len, int errno_val);
+void sudo_debug_write2(const char *func, const char *file, int line, const char *str, int len, int errno_val);
+pid_t sudo_debug_fork(void);
#endif /* _SUDO_DEBUG_H */
/*
- * Copyright (c) 2009-2011 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 2009-2012 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
/* API version major/minor */
#define SUDO_API_VERSION_MAJOR 1
-#define SUDO_API_VERSION_MINOR 1
+#define SUDO_API_VERSION_MINOR 2
#define SUDO_API_MKVERSION(x, y) ((x << 16) | y)
#define SUDO_API_VERSION SUDO_API_MKVERSION(SUDO_API_VERSION_MAJOR, SUDO_API_VERSION_MINOR)
#define SUDO_API_VERSION_SET_MAJOR(vp, n) do { \
*(vp) = (*(vp) & 0x0000ffff) | ((n) << 16); \
} while(0)
-#define SUDO_VERSION_SET_MINOR(vp, n) do { \
+#define SUDO_API_VERSION_SET_MINOR(vp, n) do { \
*(vp) = (*(vp) & 0xffff0000) | (n); \
} while(0)
struct sudo_conv_reply replies[]);
typedef int (*sudo_printf_t)(int msg_type, const char *fmt, ...);
+/*
+ * Hooks allow a plugin to hook into specific sudo and/or libc functions.
+ */
+
+/* Hook functions typedefs. */
+typedef int (*sudo_hook_fn_t)();
+typedef int (*sudo_hook_fn_setenv_t)(const char *name, const char *value, int overwrite, void *closure);
+typedef int (*sudo_hook_fn_putenv_t)(char *string, void *closure);
+typedef int (*sudo_hook_fn_getenv_t)(const char *name, char **value, void *closure);
+typedef int (*sudo_hook_fn_unsetenv_t)(const char *name, void *closure);
+
+/* Hook structure definition. */
+struct sudo_hook {
+ int hook_version;
+ int hook_type;
+ sudo_hook_fn_t hook_fn;
+ void *closure;
+};
+
+/* Hook API version major/minor */
+#define SUDO_HOOK_VERSION_MAJOR 1
+#define SUDO_HOOK_VERSION_MINOR 0
+#define SUDO_HOOK_MKVERSION(x, y) ((x << 16) | y)
+#define SUDO_HOOK_VERSION SUDO_HOOK_MKVERSION(SUDO_HOOK_VERSION_MAJOR, SUDO_HOOK_VERSION_MINOR)
+
+/* Getters and setters for hook API version */
+#define SUDO_HOOK_VERSION_GET_MAJOR(v) ((v) >> 16)
+#define SUDO_HOOK_VERSION_GET_MINOR(v) ((v) & 0xffff)
+#define SUDO_HOOK_VERSION_SET_MAJOR(vp, n) do { \
+ *(vp) = (*(vp) & 0x0000ffff) | ((n) << 16); \
+} while(0)
+#define SUDO_HOOK_VERSION_SET_MINOR(vp, n) do { \
+ *(vp) = (*(vp) & 0xffff0000) | (n); \
+} while(0)
+
+/*
+ * Hook function return values.
+ */
+#define SUDO_HOOK_RET_ERROR -1 /* error */
+#define SUDO_HOOK_RET_NEXT 0 /* go to the next hook in the list */
+#define SUDO_HOOK_RET_STOP 1 /* stop hook processing for this type */
+
+/*
+ * Hooks for setenv/unsetenv/putenv/getenv.
+ * This allows the plugin to be notified when a PAM module modifies
+ * the environment so it can update the copy of the environment that
+ * is passed to execve().
+ */
+#define SUDO_HOOK_SETENV 1
+#define SUDO_HOOK_UNSETENV 2
+#define SUDO_HOOK_PUTENV 3
+#define SUDO_HOOK_GETENV 4
+
/* Policy plugin type and defines */
struct passwd;
struct policy_plugin {
unsigned int version; /* always SUDO_API_VERSION */
int (*open)(unsigned int version, sudo_conv_t conversation,
sudo_printf_t sudo_printf, char * const settings[],
- char * const user_info[], char * const user_env[]);
+ char * const user_info[], char * const user_env[],
+ char * const plugin_plugins[]);
void (*close)(int exit_status, int error); /* wait status or error */
int (*show_version)(int verbose);
int (*check_policy)(int argc, char * const argv[],
const char *list_user);
int (*validate)(void);
void (*invalidate)(int remove);
- int (*init_session)(struct passwd *pwd);
+ int (*init_session)(struct passwd *pwd, char **user_env_out[]);
+ void (*register_hooks)(int version, int (*register_hook)(struct sudo_hook *hook));
+ void (*deregister_hooks)(int version, int (*deregister_hook)(struct sudo_hook *hook));
};
/* I/O plugin type and defines */
int (*open)(unsigned int version, sudo_conv_t conversation,
sudo_printf_t sudo_printf, char * const settings[],
char * const user_info[], char * const command_info[],
- int argc, char * const argv[], char * const user_env[]);
+ int argc, char * const argv[], char * const user_env[],
+ char * const plugin_plugins[]);
void (*close)(int exit_status, int error); /* wait status or error */
int (*show_version)(int verbose);
int (*log_ttyin)(const char *buf, unsigned int len);
int (*log_stdin)(const char *buf, unsigned int len);
int (*log_stdout)(const char *buf, unsigned int len);
int (*log_stderr)(const char *buf, unsigned int len);
+ void (*register_hooks)(int version, int (*register_hook)(struct sudo_hook *hook));
+ void (*deregister_hooks)(int version, int (*deregister_hook)(struct sudo_hook *hook));
};
/* Sudoers group plugin version major/minor */
$makefile =~ s:\@SUDOERS_OBJS\@:bsm_audit.lo linux_audit.lo ldap.lo plugin_error.lo:;
# XXX - fill in AUTH_OBJS from contents of the auth dir instead
$makefile =~ s:\@AUTH_OBJS\@:afs.lo aix_auth.lo bsdauth.lo dce.lo fwtk.lo getspwuid.lo kerb5.lo pam.lo passwd.lo rfc1938.lo secureware.lo securid5.lo sia.lo:;
- $makefile =~ s:\@LTLIBOBJS\@:closefrom.lo dlopen.lo fnmatch.lo getcwd.lo getgrouplist.lo getline.lo getprogname.lo glob.lo isblank.lo memrchr.lo mksiglist.lo mktemp.lo nanosleep.lo setenv.lo siglist.lo snprintf.lo strlcat.lo strlcpy.lo strsignal.lo unsetenv.lo utimes.lo globtest.o fnm_test.o:;
+ $makefile =~ s:\@LTLIBOBJS\@:closefrom.lo dlopen.lo fnmatch.lo getcwd.lo getgrouplist.lo getline.lo getprogname.lo glob.lo isblank.lo memrchr.lo mksiglist.lo mktemp.lo nanosleep.lo pw_dup.lo siglist.lo snprintf.lo strlcat.lo strlcpy.lo strsignal.lo utimes.lo globtest.o fnm_test.o:;
# Parse OBJS lines
my %objs;
fi
configure_opts="--prefix=/usr
--with-all-insults
- --with-exempt=sudo
--with-pam
--enable-zlib=system
--with-fqdn
$configure_opts"
;;
macos*)
- # Build universal binaries (intel-only) targetting Mac OS X 10.5
- ARCH_FLAGS="-arch i386 -arch x86_64"
- SDK_FLAGS="-isysroot /Developer/SDKs/MacOSX10.5.sdk -mmacosx-version-min=10.5"
+ case "$osversion" in
+ *i386|*x86_64)
+ # Build intel-only universal binaries
+ ARCH_FLAGS="-arch i386 -arch x86_64"
+ ;;
+ esac
+ if test "${osversion}" != "`$top_srcdir/pp --probe`"; then
+ sdkvers=`echo "${osversion}" | sed 's/^macos\([0-9][0-9]\)\([0-9]*\)-.*$/\1.\2/'`
+ SDK_FLAGS="-isysroot /Developer/SDKs/MacOSX${sdkvers}.sdk -mmacosx-version-min=${sdkvers}"
+ fi
export CFLAGS="-O2 -g $ARCH_FLAGS $SDK_FLAGS"
export LDFLAGS="$ARCH_FLAGS $SDK_FLAGS"
+ if [ $osrelease -ge 105 ]; then
+ CFLAGS="$CFLAGS $F_PIE"
+ LDFLAGS="$LDFLAGS -Wl,-pie"
+ fi
# Note, must indent with tabs, not spaces due to IFS trickery
configure_opts="--prefix=$prefix
--with-pam
static int
policy_open(unsigned int version, sudo_conv_t conversation,
sudo_printf_t sudo_printf, char * const settings[],
- char * const user_info[], char * const user_env[])
+ char * const user_info[], char * const user_env[], char * const args[])
{
char * const *ui;
struct passwd *pw;
io_open(unsigned int version, sudo_conv_t conversation,
sudo_printf_t sudo_printf, char * const settings[],
char * const user_info[], char * const command_info[],
- int argc, char * const argv[], char * const user_env[])
+ int argc, char * const argv[], char * const user_env[], char * const args[])
{
int fd;
char path[PATH_MAX];
static int
io_log_input(const char *buf, unsigned int len)
{
- fwrite(buf, len, 1, input);
+ ignore_result(fwrite(buf, len, 1, input));
return true;
}
static int
io_log_output(const char *buf, unsigned int len)
{
- fwrite(buf, len, 1, output);
+ ignore_result(fwrite(buf, len, 1, output));
return true;
}
policy_check,
policy_list,
NULL, /* validate */
- NULL /* invalidate */
+ NULL, /* invalidate */
+ NULL, /* init_session */
+ NULL, /* register_hooks */
+ NULL /* deregister_hooks */
};
/*
INSTALL = $(SHELL) $(top_srcdir)/install-sh -c
# Libraries
-LIBS = $(LIBOBJDIR)/libreplace.la
+LT_LIBS = $(LIBOBJDIR)libreplace.la
+LIBS = $(LT_LIBS)
# C preprocessor flags
CPPFLAGS = -I$(incdir) -I$(top_builddir) -I$(top_srcdir) @CPPFLAGS@
.c.lo:
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $<
-sample_group.la: $(OBJS)
+sample_group.la: $(OBJS) $(LT_LIBS)
$(LIBTOOL) --mode=link $(CC) $(LDFLAGS) $(LTLDFLAGS) -o $@ $(OBJS) $(LIBS) -module -export-symbols $(srcdir)/sample_group.sym -avoid-version -rpath $(plugindir)
pre-install:
$(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h $(incdir)/gettext.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(authdir)/bsdauth.c
bsm_audit.lo: $(srcdir)/bsm_audit.c $(top_builddir)/config.h \
- $(incdir)/gettext.h $(incdir)/sudo_debug.h $(srcdir)/bsm_audit.h
+ $(incdir)/gettext.h $(incdir)/error.h $(incdir)/sudo_debug.h \
+ $(srcdir)/bsm_audit.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/bsm_audit.c
check.lo: $(srcdir)/check.c $(top_builddir)/config.h $(srcdir)/sudoers.h \
$(top_srcdir)/compat/stdbool.h $(top_builddir)/pathnames.h \
$(srcdir)/defaults.h $(devdir)/def_data.h $(srcdir)/logging.h \
$(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h \
$(incdir)/sudo_debug.h $(incdir)/gettext.h $(srcdir)/interfaces.h \
- $(srcdir)/sudoers_version.h $(srcdir)/auth/sudo_auth.h
+ $(srcdir)/sudoers_version.h $(srcdir)/auth/sudo_auth.h \
+ $(incdir)/secure_path.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/sudoers.c
sudoreplay.o: $(srcdir)/sudoreplay.c $(top_builddir)/config.h \
$(top_srcdir)/compat/timespec.h $(top_srcdir)/compat/stdbool.h \
$(srcdir)/defaults.h $(devdir)/def_data.h $(srcdir)/logging.h \
$(srcdir)/sudo_nss.h $(incdir)/sudo_plugin.h $(incdir)/sudo_debug.h \
$(incdir)/gettext.h $(srcdir)/parse.h $(srcdir)/toke.h \
- $(devdir)/gram.h $(incdir)/lbuf.h
+ $(devdir)/gram.h $(incdir)/lbuf.h $(incdir)/secure_path.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(devdir)/toke.c
toke_util.lo: $(srcdir)/toke_util.c $(top_builddir)/config.h \
$(srcdir)/sudoers.h $(top_srcdir)/compat/stdbool.h \
struct alias *a;
debug_decl(alias_add, SUDO_DEBUG_ALIAS)
- a = emalloc(sizeof(*a));
+ a = ecalloc(1, sizeof(*a));
a->name = name;
a->type = type;
- a->seqno = 0;
+ /* a->seqno = 0; */
list2tq(&a->members, members);
if (rbinsert(aliases, a)) {
snprintf(errbuf, sizeof(errbuf), _("Alias `%s' already defined"), name);
debug_decl(sudo_aix_cleanup, SUDO_DEBUG_AUTH)
/* Unset AUTHSTATE as it may not be correct for the runas user. */
- unsetenv("AUTHSTATE");
+ sudo_unsetenv("AUTHSTATE");
debug_return_int(AUTH_SUCCESS);
}
else
state.lc = login_getclass(pw->pw_uid ? LOGIN_DEFCLASS : LOGIN_DEFROOTCLASS);
if (state.lc == NULL) {
- log_error(USE_ERRNO|NO_EXIT|NO_MAIL,
+ log_error(USE_ERRNO|NO_MAIL,
_("unable to get login class for user %s"), pw->pw_name);
debug_return_int(AUTH_FATAL);
}
if ((state.as = auth_open()) == NULL) {
- log_error(USE_ERRNO|NO_EXIT|NO_MAIL,
+ log_error(USE_ERRNO|NO_MAIL,
_("unable to begin bsd authentication"));
login_close(state.lc);
debug_return_int(AUTH_FATAL);
/* XXX - maybe sanity check the auth style earlier? */
login_style = login_getstyle(state.lc, login_style, "auth-sudo");
if (login_style == NULL) {
- log_error(NO_EXIT|NO_MAIL, _("invalid authentication type"));
+ log_error(NO_MAIL, _("invalid authentication type"));
auth_close(state.as);
login_close(state.lc);
debug_return_int(AUTH_FATAL);
if (auth_setitem(state.as, AUTHV_STYLE, login_style) < 0 ||
auth_setitem(state.as, AUTHV_NAME, pw->pw_name) < 0 ||
auth_setitem(state.as, AUTHV_CLASS, login_class) < 0) {
- log_error(NO_EXIT|NO_MAIL, _("unable to setup authentication"));
+ log_error(NO_MAIL, _("unable to setup authentication"));
auth_close(state.as);
login_close(state.lc);
debug_return_int(AUTH_FATAL);
debug_return_int(AUTH_INTR);
if ((s = auth_getvalue(as, "errormsg")) != NULL)
- log_error(NO_EXIT|NO_MAIL, "%s", s);
+ log_error(NO_MAIL, "%s", s);
debug_return_int(AUTH_FAILURE);
}
* API does not currently provide this unless the auth is standalone.
*/
if ((error = krb5_unparse_name(sudo_context, princ, &pname))) {
- log_error(NO_EXIT|NO_MAIL,
+ log_error(NO_MAIL,
_("%s: unable to unparse princ ('%s'): %s"), auth->name,
pw->pw_name, error_message(error));
debug_return_int(AUTH_FAILURE);
error = krb5_parse_name(sudo_context, pname, &(sudo_krb5_data.princ));
if (error) {
- log_error(NO_EXIT|NO_MAIL,
+ log_error(NO_MAIL,
_("%s: unable to parse '%s': %s"), auth->name, pname,
error_message(error));
goto done;
(long) getpid());
if ((error = krb5_cc_resolve(sudo_context, cache_name,
&(sudo_krb5_data.ccache)))) {
- log_error(NO_EXIT|NO_MAIL,
+ log_error(NO_MAIL,
_("%s: unable to resolve ccache: %s"), auth->name,
error_message(error));
goto done;
/* Set default flags based on the local config file. */
error = krb5_get_init_creds_opt_alloc(sudo_context, &opts);
if (error) {
- log_error(NO_EXIT|NO_MAIL,
+ log_error(NO_MAIL,
_("%s: unable to allocate options: %s"), auth->name,
error_message(error));
goto done;
NULL, 0, NULL, opts))) {
/* Don't print error if just a bad password */
if (error != KRB5KRB_AP_ERR_BAD_INTEGRITY)
- log_error(NO_EXIT|NO_MAIL,
+ log_error(NO_MAIL,
_("%s: unable to get credentials: %s"), auth->name,
error_message(error));
goto done;
/* Store cred in cred cache. */
if ((error = krb5_cc_initialize(sudo_context, ccache, princ))) {
- log_error(NO_EXIT|NO_MAIL,
+ log_error(NO_MAIL,
_("%s: unable to initialize ccache: %s"), auth->name,
error_message(error));
} else if ((error = krb5_cc_store_cred(sudo_context, ccache, creds))) {
- log_error(NO_EXIT|NO_MAIL,
+ log_error(NO_MAIL,
_("%s: unable to store cred in ccache: %s"), auth->name,
error_message(error));
}
*/
if ((error = krb5_sname_to_principal(sudo_context, NULL, NULL,
KRB5_NT_SRV_HST, &server))) {
- log_error(NO_EXIT|NO_MAIL,
+ log_error(NO_MAIL,
_("%s: unable to get host principal: %s"), auth_name,
error_message(error));
debug_return_int(-1);
NULL, &vopt);
krb5_free_principal(sudo_context, server);
if (error)
- log_error(NO_EXIT|NO_MAIL,
+ log_error(NO_MAIL,
_("%s: Cannot verify TGT! Possible attack!: %s"),
auth_name, error_message(error));
debug_return_int(error);
static int converse(int, PAM_CONST struct pam_message **,
struct pam_response **, void *);
static char *def_prompt = "Password:";
-static int gotintr;
+static int getpass_error;
#ifndef PAM_DATA_SILENT
#define PAM_DATA_SILENT 0
#endif
pam_status = pam_start("sudo", pw->pw_name, &pam_conv, &pamh);
if (pam_status != PAM_SUCCESS) {
- log_error(USE_ERRNO|NO_EXIT|NO_MAIL, _("unable to initialize PAM"));
+ log_error(USE_ERRNO|NO_MAIL, _("unable to initialize PAM"));
debug_return_int(AUTH_FATAL);
}
case PAM_SUCCESS:
debug_return_int(AUTH_SUCCESS);
case PAM_AUTH_ERR:
- log_error(NO_EXIT|NO_MAIL, _("account validation failure, "
+ log_error(NO_MAIL, _("account validation failure, "
"is your account locked?"));
debug_return_int(AUTH_FATAL);
case PAM_NEW_AUTHTOK_REQD:
- log_error(NO_EXIT|NO_MAIL, _("Account or password is "
+ log_error(NO_MAIL, _("Account or password is "
"expired, reset your password and try again"));
*pam_status = pam_chauthtok(pamh,
PAM_CHANGE_EXPIRED_AUTHTOK);
if (*pam_status == PAM_SUCCESS)
debug_return_int(AUTH_SUCCESS);
if ((s = pam_strerror(pamh, *pam_status)))
- log_error(NO_EXIT|NO_MAIL, _("pam_chauthtok: %s"), s);
+ log_error(NO_MAIL, _("pam_chauthtok: %s"), s);
debug_return_int(AUTH_FAILURE);
case PAM_AUTHTOK_EXPIRED:
- log_error(NO_EXIT|NO_MAIL,
+ log_error(NO_MAIL,
_("Password expired, contact your system administrator"));
debug_return_int(AUTH_FATAL);
case PAM_ACCT_EXPIRED:
- log_error(NO_EXIT|NO_MAIL,
+ log_error(NO_MAIL,
_("Account expired or PAM config lacks an \"account\" "
"section for sudo, contact your system administrator"));
debug_return_int(AUTH_FATAL);
}
/* FALLTHROUGH */
case PAM_AUTH_ERR:
- if (gotintr) {
+ case PAM_AUTHINFO_UNAVAIL:
+ if (getpass_error) {
/* error or ^C from tgetpass() */
debug_return_int(AUTH_INTR);
}
+ /* FALLTHROUGH */
case PAM_MAXTRIES:
case PAM_PERM_DENIED:
debug_return_int(AUTH_FAILURE);
default:
if ((s = pam_strerror(pamh, *pam_status)))
- log_error(NO_EXIT|NO_MAIL, _("pam_authenticate: %s"), s);
+ log_error(NO_MAIL, _("pam_authenticate: %s"), s);
debug_return_int(AUTH_FATAL);
}
}
}
int
-sudo_pam_begin_session(struct passwd *pw, sudo_auth *auth)
+sudo_pam_begin_session(struct passwd *pw, char **user_envp[], sudo_auth *auth)
{
int status = PAM_SUCCESS;
debug_decl(sudo_pam_begin_session, SUDO_DEBUG_AUTH)
*/
(void) pam_setcred(pamh, PAM_ESTABLISH_CRED);
+#ifdef HAVE_PAM_GETENVLIST
+ /*
+ * Update environment based on what is stored in pamh.
+ * If no authentication is done we will only have environment
+ * variables if pam_env is called via session.
+ */
+ if (user_envp != NULL) {
+ char **pam_envp = pam_getenvlist(pamh);
+ if (pam_envp != NULL) {
+ /* Merge pam env with user env but do not overwrite. */
+ env_init(*user_envp);
+ env_merge(pam_envp, false);
+ *user_envp = env_get();
+ env_init(NULL);
+ efree(pam_envp);
+ /* XXX - we leak any duplicates that were in pam_envp */
+ }
+ }
+#endif /* HAVE_PAM_GETENVLIST */
+
#ifndef NO_PAM_SESSION
status = pam_open_session(pamh, 0);
if (status != PAM_SUCCESS) {
debug_decl(sudo_pam_end_session, SUDO_DEBUG_AUTH)
if (pamh != NULL) {
-#ifndef NO_PAM_SESSION
/*
* Update PAM_USER to reference the user we are running the command
- * as to match the call to pam_open_session().
+ * as, as opposed to the user we authenticated as.
+ * XXX - still needed now that session init is in parent?
*/
(void) pam_set_item(pamh, PAM_USER, pw->pw_name);
+#ifndef NO_PAM_SESSION
(void) pam_close_session(pamh, PAM_SILENT);
#endif
+ (void) pam_setcred(pamh, PAM_DELETE_CRED | PAM_SILENT);
status = pam_end(pamh, PAM_SUCCESS | PAM_DATA_SILENT);
pamh = NULL;
}
const char *prompt;
char *pass;
int n, type, std_prompt;
+ int ret = PAM_AUTH_ERR;
debug_decl(converse, SUDO_DEBUG_AUTH)
if ((*response = malloc(num_msg * sizeof(struct pam_response))) == NULL)
switch (pm->msg_style) {
case PAM_PROMPT_ECHO_ON:
type = SUDO_CONV_PROMPT_ECHO_ON;
+ /* FALLTHROUGH */
case PAM_PROMPT_ECHO_OFF:
prompt = def_prompt;
/* Error out if the last password read was interrupted. */
- if (gotintr)
- goto err;
+ if (getpass_error)
+ goto done;
/* Is the sudo prompt standard? (If so, we'l just use PAM's) */
std_prompt = strncmp(def_prompt, "Password:", 9) == 0 &&
/* Read the password unless interrupted. */
pass = auth_getpass(prompt, def_passwd_timeout * 60, type);
if (pass == NULL) {
- /* We got ^C instead of a password; abort quickly. */
- if (errno == EINTR)
- gotintr = 1;
-#if defined(__darwin__) || defined(__APPLE__)
+ /* Error (or ^C) reading password, don't try again. */
+ getpass_error = 1;
+#if (defined(__darwin__) || defined(__APPLE__)) && !defined(OPENPAM_VERSION)
pass = "";
#else
- goto err;
+ goto done;
#endif
}
pr->resp = estrdup(pass);
}
break;
default:
- goto err;
+ ret = PAM_CONV_ERR;
+ goto done;
}
}
+ ret = PAM_SUCCESS;
- debug_return_int(PAM_SUCCESS);
-
-err:
- /* Zero and free allocated memory and return an error. */
- for (pr = *response, n = num_msg; n--; pr++) {
- if (pr->resp != NULL) {
- zero_bytes(pr->resp, strlen(pr->resp));
- free(pr->resp);
- pr->resp = NULL;
+done:
+ if (ret != PAM_SUCCESS) {
+ /* Zero and free allocated memory and return an error. */
+ for (pr = *response, n = num_msg; n--; pr++) {
+ if (pr->resp != NULL) {
+ zero_bytes(pr->resp, strlen(pr->resp));
+ free(pr->resp);
+ pr->resp = NULL;
+ }
}
+ zero_bytes(*response, num_msg * sizeof(struct pam_response));
+ free(*response);
+ *response = NULL;
}
- zero_bytes(*response, num_msg * sizeof(struct pam_response));
- free(*response);
- *response = NULL;
- debug_return_int(gotintr ? PAM_AUTH_ERR : PAM_CONV_ERR);
+ debug_return_int(ret);
}
if (sia_ses_init(&siah, sudo_argc, sudo_argv, NULL, pw->pw_name, user_ttypath, 1, NULL) != SIASUCCESS) {
- log_error(USE_ERRNO|NO_EXIT|NO_MAIL,
+ log_error(USE_ERRNO|NO_MAIL,
_("unable to initialize SIA session"));
debug_return_int(AUTH_FATAL);
}
standalone = IS_STANDALONE(&auth_switch[0]);
if (standalone && auth_switch[1].name != NULL) {
audit_failure(NewArgv, "invalid authentication methods");
- log_error(0, _("Invalid authentication methods compiled into sudo! "
+ log_fatal(0, _("Invalid authentication methods compiled into sudo! "
"You may mix standalone and non-standalone authentication."));
debug_return_int(-1);
}
/* XXX - check FLAG_DISABLED too */
if (auth_switch[0].name == NULL) {
audit_failure(NewArgv, "no authentication methods");
- log_error(0,
+ log_fatal(0,
_("There are no authentication methods compiled into sudo! "
"If you want to turn off authentication, use the "
"--disable-authentication configure option."));
flags = 0;
else
flags = NO_MAIL;
- log_error(flags, ngettext("%d incorrect password attempt",
+ log_fatal(flags, ngettext("%d incorrect password attempt",
"%d incorrect password attempts",
def_passwd_tries - counter), def_passwd_tries - counter);
}
}
int
-sudo_auth_begin_session(struct passwd *pw)
+sudo_auth_begin_session(struct passwd *pw, char **user_env[])
{
sudo_auth *auth;
int status;
for (auth = auth_switch; auth->name; auth++) {
if (auth->begin_session && !IS_DISABLED(auth)) {
- status = (auth->begin_session)(pw, auth);
+ status = (auth->begin_session)(pw, user_env, auth);
if (status == AUTH_FATAL) {
/* XXX log */
audit_failure(NewArgv, "authentication failure");
int (*setup)(struct passwd *pw, char **prompt, struct sudo_auth *auth);
int (*verify)(struct passwd *pw, char *p, struct sudo_auth *auth);
int (*cleanup)(struct passwd *pw, struct sudo_auth *auth);
- int (*begin_session)(struct passwd *pw, struct sudo_auth *auth);
+ int (*begin_session)(struct passwd *pw, char **user_env[], struct sudo_auth *auth);
int (*end_session)(struct passwd *pw, struct sudo_auth *auth);
} sudo_auth;
int sudo_pam_init(struct passwd *pw, sudo_auth *auth);
int sudo_pam_verify(struct passwd *pw, char *prompt, sudo_auth *auth);
int sudo_pam_cleanup(struct passwd *pw, sudo_auth *auth);
-int sudo_pam_begin_session(struct passwd *pw, sudo_auth *auth);
+int sudo_pam_begin_session(struct passwd *pw, char **user_env[], sudo_auth *auth);
int sudo_pam_end_session(struct passwd *pw, sudo_auth *auth);
int sudo_securid_init(struct passwd *pw, sudo_auth *auth);
int sudo_securid_setup(struct passwd *pw, char **prompt, sudo_auth *auth);
#include <unistd.h>
#include "gettext.h"
+#include "error.h"
#include "sudo_debug.h"
#include "bsm_audit.h"
# define AUDIT_NOT_CONFIGURED ENOSYS
#endif
-void log_error(int flags, const char *fmt, ...) __attribute__((__noreturn__));
-
static int
audit_sudo_selected(int sf)
{
if (getaudit_addr(&ainfo_addr, sizeof(ainfo_addr)) < 0) {
if (errno == ENOSYS) {
if (getaudit(&ainfo) < 0)
- log_error(0, _("getaudit: failed"));
+ error(1, _("getaudit: failed"));
mask = &ainfo.ai_mask;
} else
- log_error(0, _("getaudit: failed"));
+ error(1, _("getaudit: failed"));
} else
mask = &ainfo_addr.ai_mask;
sorf = (sf == 0) ? AU_PRS_SUCCESS : AU_PRS_FAILURE;
if (auditon(A_GETCOND, (caddr_t)&au_cond, sizeof(long)) < 0) {
if (errno == AUDIT_NOT_CONFIGURED)
return;
- log_error(0, _("Could not determine audit condition"));
+ error(1, _("Could not determine audit condition"));
}
if (au_cond == AUC_NOAUDIT)
debug_return;
if (!audit_sudo_selected(0))
debug_return;
if (getauid(&auid) < 0)
- log_error(0, _("getauid failed"));
+ error(1, _("getauid failed"));
if ((aufd = au_open()) == -1)
- log_error(0, _("au_open: failed"));
+ error(1, _("au_open: failed"));
if (getaudit_addr(&ainfo_addr, sizeof(ainfo_addr)) == 0) {
tok = au_to_subject_ex(auid, geteuid(), getegid(), getuid(),
getuid(), pid, pid, &ainfo_addr.ai_termid);
* NB: We should probably watch out for ERANGE here.
*/
if (getaudit(&ainfo) < 0)
- log_error(0, _("getaudit: failed"));
+ error(1, _("getaudit: failed"));
tok = au_to_subject(auid, geteuid(), getegid(), getuid(),
getuid(), pid, pid, &ainfo.ai_termid);
} else
- log_error(0, _("getaudit: failed"));
+ error(1, _("getaudit: failed"));
if (tok == NULL)
- log_error(0, _("au_to_subject: failed"));
+ error(1, _("au_to_subject: failed"));
au_write(aufd, tok);
tok = au_to_exec_args(exec_args);
if (tok == NULL)
- log_error(0, _("au_to_exec_args: failed"));
+ error(1, _("au_to_exec_args: failed"));
au_write(aufd, tok);
tok = au_to_return32(0, 0);
if (tok == NULL)
- log_error(0, _("au_to_return32: failed"));
+ error(1, _("au_to_return32: failed"));
au_write(aufd, tok);
if (au_close(aufd, 1, AUE_sudo) == -1)
- log_error(0, _("unable to commit audit record"));
+ error(1, _("unable to commit audit record"));
debug_return;
}
if (auditon(A_GETCOND, &au_cond, sizeof(long)) < 0) {
if (errno == AUDIT_NOT_CONFIGURED)
debug_return;
- log_error(0, _("Could not determine audit condition"));
+ error(1, _("Could not determine audit condition"));
}
if (au_cond == AUC_NOAUDIT)
debug_return;
if (!audit_sudo_selected(1))
debug_return;
if (getauid(&auid) < 0)
- log_error(0, _("getauid: failed"));
+ error(1, _("getauid: failed"));
if ((aufd = au_open()) == -1)
- log_error(0, _("au_open: failed"));
+ error(1, _("au_open: failed"));
if (getaudit_addr(&ainfo_addr, sizeof(ainfo_addr)) == 0) {
tok = au_to_subject_ex(auid, geteuid(), getegid(), getuid(),
getuid(), pid, pid, &ainfo_addr.ai_termid);
} else if (errno == ENOSYS) {
if (getaudit(&ainfo) < 0)
- log_error(0, _("getaudit: failed"));
+ error(1, _("getaudit: failed"));
tok = au_to_subject(auid, geteuid(), getegid(), getuid(),
getuid(), pid, pid, &ainfo.ai_termid);
} else
- log_error(0, _("getaudit: failed"));
+ error(1, _("getaudit: failed"));
if (tok == NULL)
- log_error(0, _("au_to_subject: failed"));
+ error(1, _("au_to_subject: failed"));
au_write(aufd, tok);
tok = au_to_exec_args(exec_args);
if (tok == NULL)
- log_error(0, _("au_to_exec_args: failed"));
+ error(1, _("au_to_exec_args: failed"));
au_write(aufd, tok);
(void) vsnprintf(text, sizeof(text), fmt, ap);
tok = au_to_text(text);
if (tok == NULL)
- log_error(0, _("au_to_text: failed"));
+ error(1, _("au_to_text: failed"));
au_write(aufd, tok);
tok = au_to_return32(EPERM, 1);
if (tok == NULL)
- log_error(0, _("au_to_return32: failed"));
+ error(1, _("au_to_return32: failed"));
au_write(aufd, tok);
if (au_close(aufd, 1, AUE_sudo) == -1)
- log_error(0, _("unable to commit audit record"));
+ error(1, _("unable to commit audit record"));
debug_return;
}
*/
int fd = open(timestampfile, O_WRONLY|O_CREAT, 0600);
if (fd == -1)
- log_error(NO_EXIT|USE_ERRNO, _("unable to open %s"), timestampfile);
+ log_error(USE_ERRNO, _("unable to open %s"), timestampfile);
else {
lock_file(fd, SUDO_LOCK);
if (write(fd, &tty_info, sizeof(tty_info)) != sizeof(tty_info)) {
- log_error(NO_EXIT|USE_ERRNO, _("unable to write to %s"),
+ log_error(USE_ERRNO, _("unable to write to %s"),
timestampfile);
}
close(fd);
} else {
if (touch(-1, timestampdir, NULL) == -1) {
if (mkdir(timestampdir, 0700) == -1) {
- log_error(NO_EXIT|USE_ERRNO, _("unable to mkdir %s"),
+ log_error(USE_ERRNO, _("unable to mkdir %s"),
timestampdir);
}
}
debug_return_int(len);
bad:
- log_error(0, _("timestamp path too long: %s"), *timestampfile);
+ log_fatal(0, _("timestamp path too long: %s"), *timestampfile);
debug_return_int(-1);
}
*/
if (lstat(dirparent, &sb) == 0) {
if (!S_ISDIR(sb.st_mode))
- log_error(NO_EXIT, _("%s exists but is not a directory (0%o)"),
+ log_error(0, _("%s exists but is not a directory (0%o)"),
dirparent, (unsigned int) sb.st_mode);
else if (sb.st_uid != timestamp_uid)
- log_error(NO_EXIT, _("%s owned by uid %u, should be uid %u"),
+ log_error(0, _("%s owned by uid %u, should be uid %u"),
dirparent, (unsigned int) sb.st_uid,
(unsigned int) timestamp_uid);
else if ((sb.st_mode & 0000022))
- log_error(NO_EXIT,
+ log_error(0,
_("%s writable by non-owner (0%o), should be mode 0700"),
dirparent, (unsigned int) sb.st_mode);
else {
status = TS_MISSING;
}
} else if (errno != ENOENT) {
- log_error(NO_EXIT|USE_ERRNO, _("unable to stat %s"), dirparent);
+ log_error(USE_ERRNO, _("unable to stat %s"), dirparent);
} else {
/* No dirparent, try to make one. */
if (ISSET(flags, TS_MAKE_DIRS)) {
if (mkdir(dirparent, S_IRWXU))
- log_error(NO_EXIT|USE_ERRNO, _("unable to mkdir %s"),
+ log_error(USE_ERRNO, _("unable to mkdir %s"),
dirparent);
else
status = TS_MISSING;
if (unlink(timestampdir) == 0)
status = TS_MISSING;
} else
- log_error(NO_EXIT, _("%s exists but is not a directory (0%o)"),
+ log_error(0, _("%s exists but is not a directory (0%o)"),
timestampdir, (unsigned int) sb.st_mode);
} else if (sb.st_uid != timestamp_uid)
- log_error(NO_EXIT, _("%s owned by uid %u, should be uid %u"),
+ log_error(0, _("%s owned by uid %u, should be uid %u"),
timestampdir, (unsigned int) sb.st_uid,
(unsigned int) timestamp_uid);
else if ((sb.st_mode & 0000022))
- log_error(NO_EXIT,
+ log_error(0,
_("%s writable by non-owner (0%o), should be mode 0700"),
timestampdir, (unsigned int) sb.st_mode);
else {
status = TS_OLD; /* do date check later */
}
} else if (errno != ENOENT) {
- log_error(NO_EXIT|USE_ERRNO, _("unable to stat %s"), timestampdir);
+ log_error(USE_ERRNO, _("unable to stat %s"), timestampdir);
} else
status = TS_MISSING;
if (status == TS_MISSING && timestampfile && ISSET(flags, TS_MAKE_DIRS)) {
if (mkdir(timestampdir, S_IRWXU) == -1) {
status = TS_ERROR;
- log_error(NO_EXIT|USE_ERRNO, _("unable to mkdir %s"), timestampdir);
+ log_error(USE_ERRNO, _("unable to mkdir %s"), timestampdir);
}
}
if (lstat(timestampfile, &sb) == 0) {
if (!S_ISREG(sb.st_mode)) {
status = TS_ERROR;
- log_error(NO_EXIT, _("%s exists but is not a regular file (0%o)"),
+ log_error(0, _("%s exists but is not a regular file (0%o)"),
timestampfile, (unsigned int) sb.st_mode);
} else {
/* If bad uid or file mode, complain and kill the bogus file. */
if (sb.st_uid != timestamp_uid) {
- log_error(NO_EXIT,
+ log_error(0,
_("%s owned by uid %u, should be uid %u"),
timestampfile, (unsigned int) sb.st_uid,
(unsigned int) timestamp_uid);
(void) unlink(timestampfile);
} else if ((sb.st_mode & 0000022)) {
- log_error(NO_EXIT,
+ log_error(0,
_("%s writable by non-owner (0%o), should be mode 0600"),
timestampfile, (unsigned int) sb.st_mode);
(void) unlink(timestampfile);
}
}
} else if (errno != ENOENT) {
- log_error(NO_EXIT|USE_ERRNO, _("unable to stat %s"), timestampfile);
+ log_error(USE_ERRNO, _("unable to stat %s"), timestampfile);
status = TS_ERROR;
}
}
*/
if (mtime.tv_sec > now + 60 * def_timestamp_timeout * 2) {
time_t tv_sec = (time_t)mtime.tv_sec;
- log_error(NO_EXIT,
+ log_error(0,
_("timestamp too far in the future: %20.20s"),
4 + ctime(&tv_sec));
if (timestampfile)
else
status = rmdir(timestampdir);
if (status == -1 && errno != ENOENT) {
- log_error(NO_EXIT,
+ log_error(0,
_("unable to remove %s (%s), will reset to the epoch"),
path, strerror(errno));
remove = false;
}
/*
- * Returns true if tty lives on a devpts or /devices filesystem, else false.
- * Unlike most filesystems, the ctime of devpts nodes is not updated when
- * the device node is written to, only when the inode's status changes,
+ * Returns true if tty lives on a devpts, /dev or /devices filesystem, else
+ * false. Unlike most filesystems, the ctime of devpts nodes is not updated
+ * when the device node is written to, only when the inode's status changes,
* typically via the chmod, chown, link, rename, or utimes system calls.
* Since the ctime is "stable" in this case, we can stash it the tty ticket
* file and use it to determine whether the tty ticket file is stale.
debug_decl(tty_is_devpts, SUDO_DEBUG_PTY)
if (statvfs(tty, &sfs) == 0) {
- if (strcmp(sfs.f_fstr, "devices") == 0)
+ if (strcmp(sfs.f_fstr, "dev") == 0 || strcmp(sfs.f_fstr, "devices") == 0)
retval = true;
}
#else
if (def_rootpw) {
if ((pw = sudo_getpwuid(ROOT_UID)) == NULL)
- log_error(0, _("unknown uid: %u"), ROOT_UID);
+ log_fatal(0, _("unknown uid: %u"), ROOT_UID);
} else if (def_runaspw) {
if ((pw = sudo_getpwnam(def_runas_default)) == NULL)
- log_error(0, _("unknown user: %s"), def_runas_default);
+ log_fatal(0, _("unknown user: %s"), def_runas_default);
} else if (def_targetpw) {
if (runas_pw->pw_name == NULL)
- log_error(NO_MAIL|MSG_ONLY, _("unknown uid: %u"),
+ log_fatal(NO_MAIL|MSG_ONLY, _("unknown uid: %u"),
(unsigned int) runas_pw->pw_uid);
pw_addref(runas_pw);
pw = runas_pw;
/* Add new node to the head of the list. */
if (op == add) {
- cur = emalloc(sizeof(struct list_member));
- cur->value = emalloc(len + 1);
- (void) memcpy(cur->value, val, len);
- cur->value[len] = '\0';
+ cur = ecalloc(1, sizeof(struct list_member));
+ cur->value = estrndup(val, len);
cur->next = def->sd_un.list;
def->sd_un.list = cur;
}
#ifdef HAVE_UNISTD_H
# include <unistd.h>
#endif /* HAVE_UNISTD_H */
+#ifdef HAVE_LOGIN_CAP_H
+# include <login_cap.h>
+# ifndef LOGIN_SETENV
+# define LOGIN_SETENV 0
+# endif
+#endif /* HAVE_LOGIN_CAP_H */
#include <ctype.h>
#include <errno.h>
#include <pwd.h>
#define KEPT_MAX 0xff00
struct environment {
+ char * const *old_envp; /* pointer the environment we passed back */
char **envp; /* pointer to the new environment */
size_t env_size; /* size of new_environ in char **'s */
size_t env_len; /* number of slots used, not counting NULL */
};
-/*
- * Prototypes
- */
-static void sudo_setenv(const char *, const char *, int);
-static void sudo_putenv(char *, int, int);
-
/*
* Copy of the sudo-managed environment.
*/
"TZ",
"XAUTHORITY",
"XAUTHORIZATION",
-#ifdef _AIX
- "ODMDIR",
-#endif
NULL
};
size_t len;
debug_decl(env_init, SUDO_DEBUG_ENV)
- for (ep = envp; *ep != NULL; ep++)
- continue;
- len = (size_t)(ep - envp);
+ if (envp == NULL) {
+ /* Reset to initial state but keep a pointer to what we allocated. */
+ envp = env.envp;
+ memset(&env, 0, sizeof(env));
+ env.old_envp = envp;
+ } else {
+ /* Make private copy of envp. */
+ for (ep = envp; *ep != NULL; ep++)
+ continue;
+ len = (size_t)(ep - envp);
- env.env_len = len;
- env.env_size = len + 1 + 128;
- env.envp = emalloc2(env.env_size, sizeof(char *));
+ env.env_len = len;
+ env.env_size = len + 1 + 128;
+ env.envp = emalloc2(env.env_size, sizeof(char *));
#ifdef ENV_DEBUG
- memset(env.envp, 0, env.env_size * sizeof(char *));
+ memset(env.envp, 0, env.env_size * sizeof(char *));
#endif
- memcpy(env.envp, envp, len * sizeof(char *));
- env.envp[len] = '\0';
+ memcpy(env.envp, envp, len * sizeof(char *));
+ env.envp[len] = '\0';
+
+ /* Free the old envp we allocated, if any. */
+ if (env.old_envp != NULL)
+ efree((void *)env.old_envp);
+ }
debug_return;
}
+/*
+ * Getter for private copy of the environment.
+ */
char **
env_get(void)
{
return env.envp;
}
-/*
- * Similar to setenv(3) but operates on sudo's private copy of the environment
- * (not environ) and it always overwrites. The dupcheck param determines
- * whether we need to verify that the variable is not already set.
- */
-static void
-sudo_setenv(const char *var, const char *val, int dupcheck)
-{
- char *estring;
- size_t esize;
- debug_decl(sudo_setenv, SUDO_DEBUG_ENV)
-
- esize = strlen(var) + 1 + strlen(val) + 1;
- estring = emalloc(esize);
-
- /* Build environment string and insert it. */
- if (strlcpy(estring, var, esize) >= esize ||
- strlcat(estring, "=", esize) >= esize ||
- strlcat(estring, val, esize) >= esize) {
-
- errorx(1, _("internal error, sudo_setenv() overflow"));
- }
- sudo_putenv(estring, dupcheck, true);
-
- debug_return;
-}
-
/*
* Similar to putenv(3) but operates on sudo's private copy of the
* environment (not environ) and it always overwrites. The dupcheck param
* determines whether we need to verify that the variable is not already set.
* Will only overwrite an existing variable if overwrite is set.
+ * Does not include warnings or debugging to avoid recursive calls.
*/
-static void
-sudo_putenv(char *str, int dupcheck, int overwrite)
+static int
+sudo_putenv_nodebug(char *str, bool dupcheck, bool overwrite)
{
char **ep;
size_t len;
bool found = false;
- debug_decl(sudo_putenv, SUDO_DEBUG_ENV)
/* Make sure there is room for the new entry plus a NULL. */
if (env.env_len + 2 > env.env_size) {
- env.env_size += 128;
- env.envp = erealloc3(env.envp, env.env_size, sizeof(char *));
+ char **nenvp;
+ size_t nsize = env.env_size + 128;
+ nenvp = env.envp ? realloc(env.envp, nsize * sizeof(char *)) :
+ malloc(nsize * sizeof(char *));
+ if (nenvp == NULL) {
+ errno = ENOMEM;
+ return -1;
+ }
+ env.envp = nenvp;
+ env.env_size = nsize;
#ifdef ENV_DEBUG
memset(env.envp + env.env_len, 0,
(env.env_size - env.env_len) * sizeof(char *));
}
#ifdef ENV_DEBUG
- if (env.envp[env.env_len] != NULL)
- errorx(1, _("sudo_putenv: corrupted envp, length mismatch"));
+ if (env.envp[env.env_len] != NULL) {
+ errno = EINVAL;
+ return -1;
+ }
#endif
if (dupcheck) {
*ep++ = str;
*ep = NULL;
}
+ return 0;
+}
+
+/*
+ * Similar to putenv(3) but operates on sudo's private copy of the
+ * environment (not environ) and it always overwrites. The dupcheck param
+ * determines whether we need to verify that the variable is not already set.
+ * Will only overwrite an existing variable if overwrite is set.
+ */
+static int
+sudo_putenv(char *str, bool dupcheck, bool overwrite)
+{
+ int rval;
+ debug_decl(sudo_putenv, SUDO_DEBUG_ENV)
+
+ rval = sudo_putenv_nodebug(str, dupcheck, overwrite);
+ if (rval == -1) {
+#ifdef ENV_DEBUG
+ if (env.envp[env.env_len] != NULL)
+ errorx(1, _("sudo_putenv: corrupted envp, length mismatch"));
+#endif
+ errorx(1, _("unable to allocate memory"));
+ }
+ debug_return_int(rval);
+}
+
+/*
+ * Similar to setenv(3) but operates on a private copy of the environment.
+ * The dupcheck param determines whether we need to verify that the variable
+ * is not already set.
+ */
+static int
+sudo_setenv2(const char *var, const char *val, bool dupcheck, bool overwrite)
+{
+ char *estring;
+ size_t esize;
+ debug_decl(sudo_setenv2, SUDO_DEBUG_ENV)
+
+ esize = strlen(var) + 1 + strlen(val) + 1;
+ estring = emalloc(esize);
+
+ /* Build environment string and insert it. */
+ if (strlcpy(estring, var, esize) >= esize ||
+ strlcat(estring, "=", esize) >= esize ||
+ strlcat(estring, val, esize) >= esize) {
+
+ errorx(1, _("internal error, sudo_setenv2() overflow"));
+ }
+ debug_return_int(sudo_putenv(estring, dupcheck, overwrite));
+}
+
+/*
+ * Similar to setenv(3) but operates on a private copy of the environment.
+ * Does not include warnings or debugging to avoid recursive calls.
+ */
+static int
+sudo_setenv_nodebug(const char *var, const char *val, int overwrite)
+{
+ char *estring;
+ size_t esize;
+
+ esize = strlen(var) + 1 + strlen(val) + 1;
+ if ((estring = malloc(esize)) == NULL) {
+ errno = ENOMEM;
+ return -1;
+ }
+
+ /* Build environment string and insert it. */
+ if (strlcpy(estring, var, esize) >= esize ||
+ strlcat(estring, "=", esize) >= esize ||
+ strlcat(estring, val, esize) >= esize) {
+
+ errno = EINVAL;
+ return -1;
+ }
+ return sudo_putenv_nodebug(estring, true, overwrite);
+}
+
+/*
+ * Similar to setenv(3) but operates on a private copy of the environment.
+ */
+int
+sudo_setenv(const char *var, const char *val, int overwrite)
+{
+ int rval;
+ debug_decl(sudo_setenv, SUDO_DEBUG_ENV)
+
+ rval = sudo_setenv_nodebug(var, val, overwrite);
+ if (rval == -1) {
+ if (errno == EINVAL)
+ errorx(1, _("internal error, sudo_setenv() overflow"));
+ errorx(1, _("unable to allocate memory"));
+ }
+ debug_return_int(rval);
+}
+
+/*
+ * Similar to unsetenv(3) but operates on a private copy of the environment.
+ * Does not include warnings or debugging to avoid recursive calls.
+ */
+static int
+sudo_unsetenv_nodebug(const char *var)
+{
+ char **ep = env.envp;
+ size_t len;
+
+ if (ep == NULL || var == NULL || *var == '\0' || strchr(var, '=') != NULL) {
+ errno = EINVAL;
+ return -1;
+ }
+
+ len = strlen(var);
+ while (*ep != NULL) {
+ if (strncmp(var, *ep, len) == 0 && (*ep)[len] == '=') {
+ /* Found it; shift remainder + NULL over by one. */
+ char **cur = ep;
+ while ((*cur = *(cur + 1)) != NULL)
+ cur++;
+ /* Keep going, could be multiple instances of the var. */
+ } else {
+ ep++;
+ }
+ }
+ return 0;
+}
+
+/*
+ * Similar to unsetenv(3) but operates on a private copy of the environment.
+ */
+int
+sudo_unsetenv(const char *name)
+{
+ int rval;
+ debug_decl(sudo_unsetenv, SUDO_DEBUG_ENV)
+
+ rval = sudo_unsetenv_nodebug(name);
+
+ debug_return_int(rval);
+}
+
+/*
+ * Similar to getenv(3) but operates on a private copy of the environment.
+ * Does not include warnings or debugging to avoid recursive calls.
+ */
+static char *
+sudo_getenv_nodebug(const char *name)
+{
+ char **ep, *val = NULL;
+ size_t namelen = 0;
+
+ if (env.env_len != 0) {
+ /* For BSD compatibility, treat '=' in name like end of string. */
+ while (name[namelen] != '\0' && name[namelen] != '=')
+ namelen++;
+ for (ep = env.envp; *ep != NULL; ep++) {
+ if (strncmp(*ep, name, namelen) == 0 && (*ep)[namelen] == '=') {
+ val = *ep + namelen + 1;
+ break;
+ }
+ }
+ }
+ return val;
+}
+
+/*
+ * Similar to getenv(3) but operates on a private copy of the environment.
+ */
+char *
+sudo_getenv(const char *name)
+{
+ char *val;
+ debug_decl(sudo_getenv, SUDO_DEBUG_ENV)
+
+ val = sudo_getenv_nodebug(name);
+
+ debug_return_str(val);
+}
+
+/*
+ * Merge another environment with our private copy.
+ */
+void
+env_merge(char * const envp[], bool overwrite)
+{
+ char * const *ep;
+ debug_decl(env_merge, SUDO_DEBUG_ENV)
+
+ for (ep = envp; *ep != NULL; ep++)
+ sudo_putenv(*ep, true, overwrite);
+
debug_return;
}
struct list_member *cur;
size_t len;
bool iswild, keepit = false;
+ debug_decl(matches_env_keep, SUDO_DEBUG_ENV)
/* Preserve SHELL variable for "sudo -s". */
- if (ISSET(sudo_mode, MODE_SHELL) && strncmp(var, "SHELL=", 6) == 0)
- return true;
+ if (ISSET(sudo_mode, MODE_SHELL) && strncmp(var, "SHELL=", 6) == 0) {
+ keepit = true;
+ goto done;
+ }
for (cur = def_env_keep; cur; cur = cur->next) {
len = strlen(cur->value);
break;
}
}
- return keepit;
+done:
+ debug_return_bool(keepit);
+}
+
+/*
+ * Look up var in the env_delete and env_check.
+ * Returns true if we should delete the variable, else false.
+ */
+static bool
+env_should_delete(const char *var)
+{
+ int delete_it;
+ debug_decl(env_should_delete, SUDO_DEBUG_ENV);
+
+ delete_it = matches_env_delete(var);
+ if (!delete_it)
+ delete_it = matches_env_check(var) == false;
+ debug_return_bool(delete_it);
+}
+
+/*
+ * Lookup var in the env_check and env_keep lists.
+ * Returns true if the variable is allowed else false.
+ */
+static bool
+env_should_keep(const char *var)
+{
+ int keepit;
+ debug_decl(env_should_keep, SUDO_DEBUG_ENV)
+
+ keepit = matches_env_check(var);
+ if (keepit == -1)
+ keepit = matches_env_keep(var);
+
+ debug_return_bool(keepit == true);
+}
+
+static void
+env_update_didvar(const char *ep, unsigned int *didvar)
+{
+ switch (*ep) {
+ case 'H':
+ if (strncmp(ep, "HOME=", 5) == 0)
+ SET(*didvar, DID_HOME);
+ break;
+ case 'L':
+ if (strncmp(ep, "LOGNAME=", 8) == 0)
+ SET(*didvar, DID_LOGNAME);
+ break;
+ case 'M':
+ if (strncmp(ep, "MAIL=", 5) == 0)
+ SET(*didvar, DID_MAIL);
+ break;
+ case 'P':
+ if (strncmp(ep, "PATH=", 5) == 0)
+ SET(*didvar, DID_PATH);
+ break;
+ case 'S':
+ if (strncmp(ep, "SHELL=", 6) == 0)
+ SET(*didvar, DID_SHELL);
+ break;
+ case 'T':
+ if (strncmp(ep, "TERM=", 5) == 0)
+ SET(*didvar, DID_TERM);
+ break;
+ case 'U':
+ if (strncmp(ep, "USER=", 5) == 0)
+ SET(*didvar, DID_USER);
+ if (strncmp(ep, "USERNAME=", 5) == 0)
+ SET(*didvar, DID_USERNAME);
+ break;
+ }
}
/*
env.envp = emalloc2(env.env_size, sizeof(char *));
#ifdef ENV_DEBUG
memset(env.envp, 0, env.env_size * sizeof(char *));
+#else
+ env.envp[0] = NULL;
#endif
/* Reset HOME based on target user if configured to. */
}
if (def_env_reset || ISSET(sudo_mode, MODE_LOGIN_SHELL)) {
+ /*
+ * If starting with a fresh environment, initialize it based on
+ * /etc/environment or login.conf. For "sudo -i" we want those
+ * variables to override the invoking user's environment, so we
+ * defer reading them until later.
+ */
+ if (!ISSET(sudo_mode, MODE_LOGIN_SHELL)) {
+#ifdef HAVE_LOGIN_CAP_H
+ /* Insert login class environment variables. */
+ if (login_class) {
+ login_cap_t *lc = login_getclass(login_class);
+ if (lc != NULL) {
+ setusercontext(lc, runas_pw, runas_pw->pw_uid,
+ LOGIN_SETPATH|LOGIN_SETENV);
+ login_close(lc);
+ }
+ }
+#endif /* HAVE_LOGIN_CAP_H */
+#if defined(_AIX) || (defined(__linux__) && !defined(HAVE_PAM))
+ /* Insert system-wide environment variables. */
+ read_env_file(_PATH_ENVIRONMENT, true);
+#endif
+ for (ep = env.envp; *ep; ep++)
+ env_update_didvar(*ep, &didvar);
+ }
+
/* Pull in vars we want to keep from the old environment. */
for (ep = old_envp; *ep; ep++) {
- int keepit;
+ bool keepit;
/* Skip variables with values beginning with () (bash functions) */
if ((cp = strchr(*ep, '=')) != NULL) {
}
/*
- * First check certain variables for '%' and '/' characters.
- * If no match there, check the keep list.
- * If nothing matched, we remove it from the environment.
+ * Look up the variable in the env_check and env_keep lists.
*/
- keepit = matches_env_check(*ep);
- if (keepit == -1)
- keepit = matches_env_keep(*ep);
+ keepit = env_should_keep(*ep);
- /* For SUDO_PS1 -> PS1 conversion. */
+ /*
+ * Do SUDO_PS1 -> PS1 conversion.
+ * This must happen *after* env_should_keep() is called.
+ */
if (strncmp(*ep, "SUDO_PS1=", 8) == 0)
ps1 = *ep + 5;
if (keepit) {
/* Preserve variable. */
- switch (**ep) {
- case 'H':
- if (strncmp(*ep, "HOME=", 5) == 0)
- SET(didvar, DID_HOME);
- break;
- case 'L':
- if (strncmp(*ep, "LOGNAME=", 8) == 0)
- SET(didvar, DID_LOGNAME);
- break;
- case 'M':
- if (strncmp(*ep, "MAIL=", 5) == 0)
- SET(didvar, DID_MAIL);
- break;
- case 'P':
- if (strncmp(*ep, "PATH=", 5) == 0)
- SET(didvar, DID_PATH);
- break;
- case 'S':
- if (strncmp(*ep, "SHELL=", 6) == 0)
- SET(didvar, DID_SHELL);
- break;
- case 'T':
- if (strncmp(*ep, "TERM=", 5) == 0)
- SET(didvar, DID_TERM);
- break;
- case 'U':
- if (strncmp(*ep, "USER=", 5) == 0)
- SET(didvar, DID_USER);
- if (strncmp(*ep, "USERNAME=", 5) == 0)
- SET(didvar, DID_USERNAME);
- break;
- }
sudo_putenv(*ep, false, false);
+ env_update_didvar(*ep, &didvar);
}
}
didvar |= didvar << 8; /* convert DID_* to KEPT_* */
* on sudoers options).
*/
if (ISSET(sudo_mode, MODE_LOGIN_SHELL)) {
- sudo_setenv("SHELL", runas_pw->pw_shell, ISSET(didvar, DID_SHELL));
- sudo_setenv("LOGNAME", runas_pw->pw_name,
- ISSET(didvar, DID_LOGNAME));
- sudo_setenv("USER", runas_pw->pw_name, ISSET(didvar, DID_USER));
- sudo_setenv("USERNAME", runas_pw->pw_name,
- ISSET(didvar, DID_USERNAME));
+ sudo_setenv2("SHELL", runas_pw->pw_shell,
+ ISSET(didvar, DID_SHELL), true);
+ sudo_setenv2("LOGNAME", runas_pw->pw_name,
+ ISSET(didvar, DID_LOGNAME), true);
+ sudo_setenv2("USER", runas_pw->pw_name,
+ ISSET(didvar, DID_USER), true);
+ sudo_setenv2("USERNAME", runas_pw->pw_name,
+ ISSET(didvar, DID_USERNAME), true);
} else {
if (!ISSET(didvar, DID_SHELL))
- sudo_setenv("SHELL", sudo_user.pw->pw_shell, false);
+ sudo_setenv2("SHELL", sudo_user.pw->pw_shell, false, true);
if (!ISSET(didvar, DID_LOGNAME))
- sudo_setenv("LOGNAME", user_name, false);
+ sudo_setenv2("LOGNAME", user_name, false, true);
if (!ISSET(didvar, DID_USER))
- sudo_setenv("USER", user_name, false);
+ sudo_setenv2("USER", user_name, false, true);
if (!ISSET(didvar, DID_USERNAME))
- sudo_setenv("USERNAME", user_name, false);
+ sudo_setenv2("USERNAME", user_name, false, true);
}
/* If we didn't keep HOME, reset it based on target user. */
* env_check.
*/
for (ep = old_envp; *ep; ep++) {
- bool okvar;
-
/* Skip variables with values beginning with () (bash functions) */
if ((cp = strchr(*ep, '=')) != NULL) {
if (strncmp(cp, "=() ", 3) == 0)
continue;
}
- /*
- * First check variables against the blacklist in env_delete.
- * If no match there check for '%' and '/' characters.
- */
- okvar = matches_env_delete(*ep) != true;
- if (okvar)
- okvar = matches_env_check(*ep) != false;
-
- if (okvar) {
+ /* Add variable unless it matches a black list. */
+ if (!env_should_delete(*ep)) {
if (strncmp(*ep, "SUDO_PS1=", 9) == 0)
ps1 = *ep + 5;
else if (strncmp(*ep, "PATH=", 5) == 0)
}
/* Replace the PATH envariable with a secure one? */
if (def_secure_path && !user_is_exempt()) {
- sudo_setenv("PATH", def_secure_path, true);
+ sudo_setenv2("PATH", def_secure_path, true, true);
SET(didvar, DID_PATH);
}
*/
if (def_set_logname && !ISSET(sudo_mode, MODE_LOGIN_SHELL|MODE_EDIT)) {
if (!ISSET(didvar, KEPT_LOGNAME))
- sudo_setenv("LOGNAME", runas_pw->pw_name, true);
+ sudo_setenv2("LOGNAME", runas_pw->pw_name, true, true);
if (!ISSET(didvar, KEPT_USER))
- sudo_setenv("USER", runas_pw->pw_name, true);
+ sudo_setenv2("USER", runas_pw->pw_name, true, true);
if (!ISSET(didvar, KEPT_USERNAME))
- sudo_setenv("USERNAME", runas_pw->pw_name, true);
+ sudo_setenv2("USERNAME", runas_pw->pw_name, true, true);
}
/* Set $HOME to target user if not preserving user's value. */
if (reset_home)
- sudo_setenv("HOME", runas_pw->pw_dir, true);
+ sudo_setenv2("HOME", runas_pw->pw_dir, true, true);
/* Provide default values for $TERM and $PATH if they are not set. */
if (!ISSET(didvar, DID_TERM))
sudo_putenv("TERM=unknown", false, false);
if (!ISSET(didvar, DID_PATH))
- sudo_setenv("PATH", _PATH_STDPATH, false);
+ sudo_setenv2("PATH", _PATH_STDPATH, false, true);
/* Set PS1 if SUDO_PS1 is set. */
if (ps1 != NULL)
/* Add the SUDO_COMMAND envariable (cmnd + args). */
if (user_args) {
easprintf(&cp, "%s %s", user_cmnd, user_args);
- sudo_setenv("SUDO_COMMAND", cp, true);
+ sudo_setenv2("SUDO_COMMAND", cp, true, true);
efree(cp);
} else {
- sudo_setenv("SUDO_COMMAND", user_cmnd, true);
+ sudo_setenv2("SUDO_COMMAND", user_cmnd, true, true);
}
/* Add the SUDO_USER, SUDO_UID, SUDO_GID environment variables. */
- sudo_setenv("SUDO_USER", user_name, true);
+ sudo_setenv2("SUDO_USER", user_name, true, true);
snprintf(idbuf, sizeof(idbuf), "%u", (unsigned int) user_uid);
- sudo_setenv("SUDO_UID", idbuf, true);
+ sudo_setenv2("SUDO_UID", idbuf, true, true);
snprintf(idbuf, sizeof(idbuf), "%u", (unsigned int) user_gid);
- sudo_setenv("SUDO_GID", idbuf, true);
+ sudo_setenv2("SUDO_GID", idbuf, true, true);
/* Free old environment. */
efree(old_envp);
/*
* Validate the list of environment variables passed in on the command
* line against env_delete, env_check, and env_keep.
- * Calls log_error() if any specified variables are not allowed.
+ * Calls log_fatal() if any specified variables are not allowed.
*/
void
validate_env_vars(char * const env_vars[])
char * const *ep;
char *eq, *bad = NULL;
size_t len, blen = 0, bsize = 0;
- int okvar;
+ bool okvar;
if (env_vars == NULL)
return;
strncmp(*ep, "PATH=", 5) == 0) {
okvar = false;
} else if (def_env_reset) {
- okvar = matches_env_check(*ep);
- if (okvar == -1)
- okvar = matches_env_keep(*ep);
+ okvar = env_should_keep(*ep);
} else {
- okvar = matches_env_delete(*ep) == false;
- if (okvar == false)
- okvar = matches_env_check(*ep) != false;
+ okvar = !env_should_delete(*ep);
}
if (okvar == false) {
/* Not allowed, add to error string, allocating as needed. */
}
if (bad != NULL) {
bad[blen - 2] = '\0'; /* remove trailing ", " */
- log_error(NO_MAIL,
+ log_fatal(NO_MAIL,
_("sorry, you are not allowed to set the following environment variables: %s"), bad);
/* NOTREACHED */
efree(bad);
/* Fill in the "env_delete" list. */
for (p = initial_badenv_table; *p; p++) {
- cur = emalloc(sizeof(struct list_member));
+ cur = ecalloc(1, sizeof(struct list_member));
cur->value = estrdup(*p);
cur->next = def_env_delete;
def_env_delete = cur;
/* Fill in the "env_check" list. */
for (p = initial_checkenv_table; *p; p++) {
- cur = emalloc(sizeof(struct list_member));
+ cur = ecalloc(1, sizeof(struct list_member));
cur->value = estrdup(*p);
cur->next = def_env_check;
def_env_check = cur;
/* Fill in the "env_keep" list. */
for (p = initial_keepenv_table; *p; p++) {
- cur = emalloc(sizeof(struct list_member));
+ cur = ecalloc(1, sizeof(struct list_member));
cur->value = estrdup(*p);
cur->next = def_env_keep;
def_env_keep = cur;
}
}
+
+int
+sudoers_hook_getenv(const char *name, char **value, void *closure)
+{
+ static bool in_progress = false; /* avoid recursion */
+
+ if (in_progress || env.envp == NULL)
+ return SUDO_HOOK_RET_NEXT;
+
+ in_progress = true;
+ *value = sudo_getenv_nodebug(name);
+ in_progress = false;
+ return SUDO_HOOK_RET_STOP;
+}
+
+int
+sudoers_hook_putenv(char *string, void *closure)
+{
+ static bool in_progress = false; /* avoid recursion */
+
+ if (in_progress || env.envp == NULL)
+ return SUDO_HOOK_RET_NEXT;
+
+ in_progress = true;
+ sudo_putenv_nodebug(string, true, true);
+ in_progress = false;
+ return SUDO_HOOK_RET_STOP;
+}
+
+int
+sudoers_hook_setenv(const char *name, const char *value, int overwrite, void *closure)
+{
+ static bool in_progress = false; /* avoid recursion */
+
+ if (in_progress || env.envp == NULL)
+ return SUDO_HOOK_RET_NEXT;
+
+ in_progress = true;
+ sudo_setenv_nodebug(name, value, overwrite);
+ in_progress = false;
+ return SUDO_HOOK_RET_STOP;
+}
+
+int
+sudoers_hook_unsetenv(const char *name, void *closure)
+{
+ static bool in_progress = false; /* avoid recursion */
+
+ if (in_progress || env.envp == NULL)
+ return SUDO_HOOK_RET_NEXT;
+
+ in_progress = true;
+ sudo_unsetenv_nodebug(name);
+ in_progress = false;
+ return SUDO_HOOK_RET_STOP;
+}
#else
#define YY_SIZE_MAX 0x7fffffff
#endif
- if (newsize && YY_SIZE_MAX / newsize < sizeof *newss)
+ if (!newsize || YY_SIZE_MAX / newsize < sizeof *newss)
goto bail;
newss = yyss ? (short *)realloc(yyss, newsize * sizeof *newss) :
(short *)malloc(newsize * sizeof *newss); /* overflow check above */
goto bail;
yyss = newss;
yyssp = newss + i;
- if (newsize && YY_SIZE_MAX / newsize < sizeof *newvs)
+ if (!newsize || YY_SIZE_MAX / newsize < sizeof *newvs)
goto bail;
newvs = yyvs ? (YYSTYPE *)realloc(yyvs, newsize * sizeof *newvs) :
(YYSTYPE *)malloc(newsize * sizeof *newvs); /* overflow check above */
#define YYPREFIX "yy"
#line 2 "gram.y"
/*
- * Copyright (c) 1996, 1998-2005, 2007-2011
+ * Copyright (c) 1996, 1998-2005, 2007-2012
* Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
extern int sudolineno;
extern int last_token;
extern char *sudoers;
-static bool verbose = false;
+bool sudoers_warnings = true;
bool parse_error = false;
int errorlineno = -1;
char *errorfile = NULL;
}
if (trace_print != NULL) {
LEXTRACE("<*> ");
- } else if (verbose && s != NULL) {
+ } else if (sudoers_warnings && s != NULL) {
warningx(_(">>> %s: %s near line %d <<<"), sudoers, s, sudolineno);
}
parse_error = true;
struct defaults *d;
debug_decl(new_default, SUDO_DEBUG_PARSER)
- d = emalloc(sizeof(struct defaults));
+ d = ecalloc(1, sizeof(struct defaults));
d->var = var;
d->val = val;
tq_init(&d->binding);
- d->type = 0;
+ /* d->type = 0; */
d->op = op;
d->prev = d;
- d->next = NULL;
+ /* d->next = NULL; */
debug_return_ptr(d);
}
struct member *m;
debug_decl(new_member, SUDO_DEBUG_PARSER)
- m = emalloc(sizeof(struct member));
+ m = ecalloc(1, sizeof(struct member));
m->name = name;
m->type = type;
m->prev = m;
- m->next = NULL;
+ /* m->next = NULL; */
debug_return_ptr(m);
}
struct userspec *u;
debug_decl(add_userspec, SUDO_DEBUG_PARSER)
- u = emalloc(sizeof(*u));
+ u = ecalloc(1, sizeof(*u));
list2tq(&u->users, members);
list2tq(&u->privileges, privs);
u->prev = u;
- u->next = NULL;
+ /* u->next = NULL; */
tq_append(&userspecs, u);
debug_return;
parse_error = false;
errorlineno = -1;
errorfile = sudoers;
- verbose = !quiet;
+ sudoers_warnings = !quiet;
debug_return;
}
#else
#define YY_SIZE_MAX 0x7fffffff
#endif
- if (newsize && YY_SIZE_MAX / newsize < sizeof *newss)
+ if (!newsize || YY_SIZE_MAX / newsize < sizeof *newss)
goto bail;
newss = yyss ? (short *)realloc(yyss, newsize * sizeof *newss) :
(short *)malloc(newsize * sizeof *newss); /* overflow check above */
goto bail;
yyss = newss;
yyssp = newss + i;
- if (newsize && YY_SIZE_MAX / newsize < sizeof *newvs)
+ if (!newsize || YY_SIZE_MAX / newsize < sizeof *newvs)
goto bail;
newvs = yyvs ? (YYSTYPE *)realloc(yyvs, newsize * sizeof *newvs) :
(YYSTYPE *)malloc(newsize * sizeof *newvs); /* overflow check above */
case 26:
#line 269 "gram.y"
{
- struct privilege *p = emalloc(sizeof(*p));
+ struct privilege *p = ecalloc(1, sizeof(*p));
list2tq(&p->hostlist, yyvsp[-2].member);
list2tq(&p->cmndlist, yyvsp[0].cmndspec);
p->prev = p;
- p->next = NULL;
+ /* p->next = NULL; */
yyval.privilege = p;
}
break;
case 36:
#line 339 "gram.y"
{
- struct cmndspec *cs = emalloc(sizeof(*cs));
+ struct cmndspec *cs = ecalloc(1, sizeof(*cs));
if (yyvsp[-3].runas != NULL) {
list2tq(&cs->runasuserlist, yyvsp[-3].runas->runasusers);
list2tq(&cs->runasgrouplist, yyvsp[-3].runas->runasgroups);
case 48:
#line 415 "gram.y"
{
- yyval.runas = emalloc(sizeof(struct runascontainer));
+ yyval.runas = ecalloc(1, sizeof(struct runascontainer));
yyval.runas->runasusers = yyvsp[0].member;
- yyval.runas->runasgroups = NULL;
+ /* $$->runasgroups = NULL; */
}
break;
case 49:
#line 420 "gram.y"
{
- yyval.runas = emalloc(sizeof(struct runascontainer));
+ yyval.runas = ecalloc(1, sizeof(struct runascontainer));
yyval.runas->runasusers = yyvsp[-2].member;
yyval.runas->runasgroups = yyvsp[0].member;
}
case 50:
#line 425 "gram.y"
{
- yyval.runas = emalloc(sizeof(struct runascontainer));
- yyval.runas->runasusers = NULL;
+ yyval.runas = ecalloc(1, sizeof(struct runascontainer));
+ /* $$->runasusers = NULL; */
yyval.runas->runasgroups = yyvsp[0].member;
}
break;
case 64:
#line 474 "gram.y"
{
- struct sudo_command *c = emalloc(sizeof(*c));
+ struct sudo_command *c = ecalloc(1, sizeof(*c));
c->cmnd = yyvsp[0].command.cmnd;
c->args = yyvsp[0].command.args;
yyval.member = new_member((char *)c, COMMAND);
extern int sudolineno;
extern int last_token;
extern char *sudoers;
-static bool verbose = false;
+bool sudoers_warnings = true;
bool parse_error = false;
int errorlineno = -1;
char *errorfile = NULL;
}
if (trace_print != NULL) {
LEXTRACE("<*> ");
- } else if (verbose && s != NULL) {
+ } else if (sudoers_warnings && s != NULL) {
warningx(_(">>> %s: %s near line %d <<<"), sudoers, s, sudolineno);
}
parse_error = true;
;
privilege : hostlist '=' cmndspeclist {
- struct privilege *p = emalloc(sizeof(*p));
+ struct privilege *p = ecalloc(1, sizeof(*p));
list2tq(&p->hostlist, $1);
list2tq(&p->cmndlist, $3);
p->prev = p;
- p->next = NULL;
+ /* p->next = NULL; */
$$ = p;
}
;
;
cmndspec : runasspec selinux cmndtag opcmnd {
- struct cmndspec *cs = emalloc(sizeof(*cs));
+ struct cmndspec *cs = ecalloc(1, sizeof(*cs));
if ($1 != NULL) {
list2tq(&cs->runasuserlist, $1->runasusers);
list2tq(&cs->runasgrouplist, $1->runasgroups);
;
runaslist : userlist {
- $$ = emalloc(sizeof(struct runascontainer));
+ $$ = ecalloc(1, sizeof(struct runascontainer));
$$->runasusers = $1;
- $$->runasgroups = NULL;
+ /* $$->runasgroups = NULL; */
}
| userlist ':' grouplist {
- $$ = emalloc(sizeof(struct runascontainer));
+ $$ = ecalloc(1, sizeof(struct runascontainer));
$$->runasusers = $1;
$$->runasgroups = $3;
}
| ':' grouplist {
- $$ = emalloc(sizeof(struct runascontainer));
- $$->runasusers = NULL;
+ $$ = ecalloc(1, sizeof(struct runascontainer));
+ /* $$->runasusers = NULL; */
$$->runasgroups = $2;
}
;
$$ = new_member($1, ALIAS);
}
| COMMAND {
- struct sudo_command *c = emalloc(sizeof(*c));
+ struct sudo_command *c = ecalloc(1, sizeof(*c));
c->cmnd = $1.cmnd;
c->args = $1.args;
$$ = new_member((char *)c, COMMAND);
struct defaults *d;
debug_decl(new_default, SUDO_DEBUG_PARSER)
- d = emalloc(sizeof(struct defaults));
+ d = ecalloc(1, sizeof(struct defaults));
d->var = var;
d->val = val;
tq_init(&d->binding);
- d->type = 0;
+ /* d->type = 0; */
d->op = op;
d->prev = d;
- d->next = NULL;
+ /* d->next = NULL; */
debug_return_ptr(d);
}
struct member *m;
debug_decl(new_member, SUDO_DEBUG_PARSER)
- m = emalloc(sizeof(struct member));
+ m = ecalloc(1, sizeof(struct member));
m->name = name;
m->type = type;
m->prev = m;
- m->next = NULL;
+ /* m->next = NULL; */
debug_return_ptr(m);
}
struct userspec *u;
debug_decl(add_userspec, SUDO_DEBUG_PARSER)
- u = emalloc(sizeof(*u));
+ u = ecalloc(1, sizeof(*u));
list2tq(&u->users, members);
list2tq(&u->privileges, privs);
u->prev = u;
- u->next = NULL;
+ /* u->next = NULL; */
tq_append(&userspecs, u);
debug_return;
parse_error = false;
errorlineno = -1;
errorfile = sudoers;
- verbose = !quiet;
+ sudoers_warnings = !quiet;
debug_return;
}
*mask++ = '\0';
/* Parse addr and store in list. */
- ifp = emalloc(sizeof(*ifp));
+ ifp = ecalloc(1, sizeof(*ifp));
if (strchr(addr, ':')) {
/* IPv6 */
#ifdef HAVE_STRUCT_IN6_ADDR
*slash = '\0';
if (stat(path, &sb) != 0) {
if (mkdir(path, S_IRWXU) != 0)
- log_error(USE_ERRNO, _("unable to mkdir %s"), path);
+ log_fatal(USE_ERRNO, _("unable to mkdir %s"), path);
} else if (!S_ISDIR(sb.st_mode)) {
- log_error(0, _("%s: %s"), path, strerror(ENOTDIR));
+ log_fatal(0, _("%s: %s"), path, strerror(ENOTDIR));
}
*slash = '/';
}
mkdir_parents(iolog_dir);
if (stat(iolog_dir, &sb) != 0) {
if (mkdir(iolog_dir, S_IRWXU) != 0)
- log_error(USE_ERRNO, _("unable to mkdir %s"), iolog_dir);
+ log_fatal(USE_ERRNO, _("unable to mkdir %s"), iolog_dir);
} else if (!S_ISDIR(sb.st_mode)) {
- log_error(0, _("%s exists but is not a directory (0%o)"),
+ log_fatal(0, _("%s exists but is not a directory (0%o)"),
iolog_dir, (unsigned int) sb.st_mode);
}
len = snprintf(pathbuf, sizeof(pathbuf), "%s/seq", iolog_dir);
if (len <= 0 || len >= sizeof(pathbuf)) {
errno = ENAMETOOLONG;
- log_error(USE_ERRNO, "%s/seq", pathbuf);
+ log_fatal(USE_ERRNO, "%s/seq", pathbuf);
}
fd = open(pathbuf, O_RDWR|O_CREAT, S_IRUSR|S_IWUSR);
if (fd == -1)
- log_error(USE_ERRNO, _("unable to open %s"), pathbuf);
+ log_fatal(USE_ERRNO, _("unable to open %s"), pathbuf);
lock_file(fd, SUDO_LOCK);
/* Read seq number (base 36). */
nread = read(fd, buf, sizeof(buf));
if (nread != 0) {
if (nread == -1)
- log_error(USE_ERRNO, _("unable to read %s"), pathbuf);
+ log_fatal(USE_ERRNO, _("unable to read %s"), pathbuf);
id = strtoul(buf, &ep, 36);
if (buf == ep || id >= SESSID_MAX)
- log_error(0, _("invalid sequence number %s"), pathbuf);
+ log_fatal(0, _("invalid sequence number %s"), pathbuf);
}
id++;
}
buf[6] = '\n';
- /* Stash id logging purposes */
+ /* Stash id for logging purposes. */
memcpy(sessid, buf, 6);
sessid[6] = '\0';
/* Rewind and overwrite old seq file. */
if (lseek(fd, 0, SEEK_SET) == (off_t)-1 || write(fd, buf, 7) != 7)
- log_error(USE_ERRNO, _("unable to write to %s"), pathbuf);
+ log_fatal(USE_ERRNO, _("unable to write to %s"), pathbuf);
close(fd);
debug_return;
len = strlcpy(pathbuf, iolog_path, pathsize);
if (len >= pathsize) {
errno = ENAMETOOLONG;
- log_error(USE_ERRNO, "%s", iolog_path);
+ log_fatal(USE_ERRNO, "%s", iolog_path);
}
/*
mkdir_parents(pathbuf);
if (len >= 6 && strcmp(&pathbuf[len - 6], "XXXXXX") == 0) {
if (mkdtemp(pathbuf) == NULL)
- log_error(USE_ERRNO, _("unable to create %s"), pathbuf);
+ log_fatal(USE_ERRNO, _("unable to create %s"), pathbuf);
} else {
if (mkdir(pathbuf, S_IRWXU) != 0)
- log_error(USE_ERRNO, _("unable to create %s"), pathbuf);
+ log_fatal(USE_ERRNO, _("unable to create %s"), pathbuf);
}
debug_return_size_t(len);
sudoers_io_open(unsigned int version, sudo_conv_t conversation,
sudo_printf_t plugin_printf, char * const settings[],
char * const user_info[], char * const command_info[],
- int argc, char * const argv[], char * const user_env[])
+ int argc, char * const argv[], char * const user_env[], char * const args[])
{
struct iolog_details details;
char pathbuf[PATH_MAX], sessid[7];
debug_return_bool(true);
if (sigsetjmp(error_jmp, 1)) {
- /* called via error(), errorx() or log_error() */
+ /* called via error(), errorx() or log_fatal() */
rval = -1;
goto done;
}
*/
io_logfile = open_io_fd(pathbuf, len, "/log", false);
if (io_logfile == NULL)
- log_error(USE_ERRNO, _("unable to create %s"), pathbuf);
+ log_fatal(USE_ERRNO, _("unable to create %s"), pathbuf);
io_fds[IOFD_TIMING].v = open_io_fd(pathbuf, len, "/timing",
iolog_compress);
if (io_fds[IOFD_TIMING].v == NULL)
- log_error(USE_ERRNO, _("unable to create %s"), pathbuf);
+ log_fatal(USE_ERRNO, _("unable to create %s"), pathbuf);
if (details.iolog_ttyin) {
io_fds[IOFD_TTYIN].v = open_io_fd(pathbuf, len, "/ttyin",
iolog_compress);
if (io_fds[IOFD_TTYIN].v == NULL)
- log_error(USE_ERRNO, _("unable to create %s"), pathbuf);
+ log_fatal(USE_ERRNO, _("unable to create %s"), pathbuf);
} else {
sudoers_io.log_ttyin = NULL;
}
io_fds[IOFD_STDIN].v = open_io_fd(pathbuf, len, "/stdin",
iolog_compress);
if (io_fds[IOFD_STDIN].v == NULL)
- log_error(USE_ERRNO, _("unable to create %s"), pathbuf);
+ log_fatal(USE_ERRNO, _("unable to create %s"), pathbuf);
} else {
sudoers_io.log_stdin = NULL;
}
io_fds[IOFD_TTYOUT].v = open_io_fd(pathbuf, len, "/ttyout",
iolog_compress);
if (io_fds[IOFD_TTYOUT].v == NULL)
- log_error(USE_ERRNO, _("unable to create %s"), pathbuf);
+ log_fatal(USE_ERRNO, _("unable to create %s"), pathbuf);
} else {
sudoers_io.log_ttyout = NULL;
}
io_fds[IOFD_STDOUT].v = open_io_fd(pathbuf, len, "/stdout",
iolog_compress);
if (io_fds[IOFD_STDOUT].v == NULL)
- log_error(USE_ERRNO, _("unable to create %s"), pathbuf);
+ log_fatal(USE_ERRNO, _("unable to create %s"), pathbuf);
} else {
sudoers_io.log_stdout = NULL;
}
io_fds[IOFD_STDERR].v = open_io_fd(pathbuf, len, "/stderr",
iolog_compress);
if (io_fds[IOFD_STDERR].v == NULL)
- log_error(USE_ERRNO, _("unable to create %s"), pathbuf);
+ log_fatal(USE_ERRNO, _("unable to create %s"), pathbuf);
} else {
sudoers_io.log_stderr = NULL;
}
debug_decl(sudoers_io_close, SUDO_DEBUG_PLUGIN)
if (sigsetjmp(error_jmp, 1)) {
- /* called via error(), errorx() or log_error() */
+ /* called via error(), errorx() or log_fatal() */
debug_return;
}
debug_decl(sudoers_io_version, SUDO_DEBUG_PLUGIN)
if (sigsetjmp(error_jmp, 1)) {
- /* called via error(), errorx() or log_error() */
+ /* called via error(), errorx() or log_fatal() */
debug_return_bool(-1);
}
gettimeofday(&now, NULL);
if (sigsetjmp(error_jmp, 1)) {
- /* called via error(), errorx() or log_error() */
+ /* called via error(), errorx() or log_fatal() */
debug_return_bool(-1);
}
#ifdef HAVE_ZLIB_H
if (iolog_compress)
- gzwrite(io_fds[idx].g, buf, len);
+ ignore_result(gzwrite(io_fds[idx].g, (const voidp)buf, len));
else
#endif
- fwrite(buf, 1, len, io_fds[idx].f);
+ ignore_result(fwrite(buf, 1, len, io_fds[idx].f));
delay.tv_sec = now.tv_sec;
delay.tv_usec = now.tv_usec;
timevalsub(&delay, &last_time);
#define CONF_LIST_STR 4
#define CONF_DEREF_VAL 5
+#define SUDO_LDAP_CLEAR 0
#define SUDO_LDAP_SSL 1
#define SUDO_LDAP_STARTTLS 2
struct ldap_config_table {
const char *conf_str; /* config file string */
- short type; /* CONF_BOOL, CONF_INT, CONF_STR */
- short connected; /* connection-specific value? */
+ int type; /* CONF_BOOL, CONF_INT, CONF_STR */
int opt_val; /* LDAP_OPT_* (or -1 for sudo internal) */
void *valp; /* pointer into ldap_conf */
};
char *krb5_ccname;
} ldap_conf;
-static struct ldap_config_table ldap_conf_table[] = {
- { "sudoers_debug", CONF_INT, false, -1, &ldap_conf.debug },
- { "host", CONF_STR, false, -1, &ldap_conf.host },
- { "port", CONF_INT, false, -1, &ldap_conf.port },
- { "ssl", CONF_STR, false, -1, &ldap_conf.ssl },
- { "sslpath", CONF_STR, false, -1, &ldap_conf.tls_certfile },
- { "uri", CONF_LIST_STR, false, -1, &ldap_conf.uri },
+static struct ldap_config_table ldap_conf_global[] = {
+ { "sudoers_debug", CONF_INT, -1, &ldap_conf.debug },
+ { "host", CONF_STR, -1, &ldap_conf.host },
+ { "port", CONF_INT, -1, &ldap_conf.port },
+ { "ssl", CONF_STR, -1, &ldap_conf.ssl },
+ { "sslpath", CONF_STR, -1, &ldap_conf.tls_certfile },
+ { "uri", CONF_LIST_STR, -1, &ldap_conf.uri },
#ifdef LDAP_OPT_DEBUG_LEVEL
- { "debug", CONF_INT, false, LDAP_OPT_DEBUG_LEVEL, &ldap_conf.ldap_debug },
-#endif
-#ifdef LDAP_OPT_PROTOCOL_VERSION
- { "ldap_version", CONF_INT, true, LDAP_OPT_PROTOCOL_VERSION,
- &ldap_conf.version },
+ { "debug", CONF_INT, LDAP_OPT_DEBUG_LEVEL, &ldap_conf.ldap_debug },
#endif
#ifdef LDAP_OPT_X_TLS_REQUIRE_CERT
- { "tls_checkpeer", CONF_BOOL, false, LDAP_OPT_X_TLS_REQUIRE_CERT,
+ { "tls_checkpeer", CONF_BOOL, LDAP_OPT_X_TLS_REQUIRE_CERT,
&ldap_conf.tls_checkpeer },
#else
- { "tls_checkpeer", CONF_BOOL, false, -1, &ldap_conf.tls_checkpeer },
+ { "tls_checkpeer", CONF_BOOL, -1, &ldap_conf.tls_checkpeer },
#endif
#ifdef LDAP_OPT_X_TLS_CACERTFILE
- { "tls_cacertfile", CONF_STR, false, LDAP_OPT_X_TLS_CACERTFILE,
+ { "tls_cacertfile", CONF_STR, LDAP_OPT_X_TLS_CACERTFILE,
&ldap_conf.tls_cacertfile },
- { "tls_cacert", CONF_STR, false, LDAP_OPT_X_TLS_CACERTFILE,
+ { "tls_cacert", CONF_STR, LDAP_OPT_X_TLS_CACERTFILE,
&ldap_conf.tls_cacertfile },
#endif
#ifdef LDAP_OPT_X_TLS_CACERTDIR
- { "tls_cacertdir", CONF_STR, false, LDAP_OPT_X_TLS_CACERTDIR,
+ { "tls_cacertdir", CONF_STR, LDAP_OPT_X_TLS_CACERTDIR,
&ldap_conf.tls_cacertdir },
#endif
#ifdef LDAP_OPT_X_TLS_RANDOM_FILE
- { "tls_randfile", CONF_STR, false, LDAP_OPT_X_TLS_RANDOM_FILE,
+ { "tls_randfile", CONF_STR, LDAP_OPT_X_TLS_RANDOM_FILE,
&ldap_conf.tls_random_file },
#endif
#ifdef LDAP_OPT_X_TLS_CIPHER_SUITE
- { "tls_ciphers", CONF_STR, false, LDAP_OPT_X_TLS_CIPHER_SUITE,
+ { "tls_ciphers", CONF_STR, LDAP_OPT_X_TLS_CIPHER_SUITE,
&ldap_conf.tls_cipher_suite },
#endif
#ifdef LDAP_OPT_X_TLS_CERTFILE
- { "tls_cert", CONF_STR, false, LDAP_OPT_X_TLS_CERTFILE,
+ { "tls_cert", CONF_STR, LDAP_OPT_X_TLS_CERTFILE,
&ldap_conf.tls_certfile },
#else
- { "tls_cert", CONF_STR, false, -1, &ldap_conf.tls_certfile },
+ { "tls_cert", CONF_STR, -1, &ldap_conf.tls_certfile },
#endif
#ifdef LDAP_OPT_X_TLS_KEYFILE
- { "tls_key", CONF_STR, false, LDAP_OPT_X_TLS_KEYFILE,
+ { "tls_key", CONF_STR, LDAP_OPT_X_TLS_KEYFILE,
&ldap_conf.tls_keyfile },
#else
- { "tls_key", CONF_STR, false, -1, &ldap_conf.tls_keyfile },
+ { "tls_key", CONF_STR, -1, &ldap_conf.tls_keyfile },
+#endif
+ { "binddn", CONF_STR, -1, &ldap_conf.binddn },
+ { "bindpw", CONF_STR, -1, &ldap_conf.bindpw },
+ { "rootbinddn", CONF_STR, -1, &ldap_conf.rootbinddn },
+ { "sudoers_base", CONF_LIST_STR, -1, &ldap_conf.base },
+ { "sudoers_timed", CONF_BOOL, -1, &ldap_conf.timed },
+ { "sudoers_search_filter", CONF_STR, -1, &ldap_conf.search_filter },
+#ifdef HAVE_LDAP_SASL_INTERACTIVE_BIND_S
+ { "use_sasl", CONF_BOOL, -1, &ldap_conf.use_sasl },
+ { "sasl_auth_id", CONF_STR, -1, &ldap_conf.sasl_auth_id },
+ { "rootuse_sasl", CONF_BOOL, -1, &ldap_conf.rootuse_sasl },
+ { "rootsasl_auth_id", CONF_STR, -1, &ldap_conf.rootsasl_auth_id },
+ { "krb5_ccname", CONF_STR, -1, &ldap_conf.krb5_ccname },
+#endif /* HAVE_LDAP_SASL_INTERACTIVE_BIND_S */
+ { NULL }
+};
+
+static struct ldap_config_table ldap_conf_conn[] = {
+#ifdef LDAP_OPT_PROTOCOL_VERSION
+ { "ldap_version", CONF_INT, LDAP_OPT_PROTOCOL_VERSION,
+ &ldap_conf.version },
#endif
#ifdef LDAP_OPT_NETWORK_TIMEOUT
- { "bind_timelimit", CONF_INT, true, -1 /* needs timeval, set manually */,
+ { "bind_timelimit", CONF_INT, -1 /* needs timeval, set manually */,
&ldap_conf.bind_timelimit },
- { "network_timeout", CONF_INT, true, -1 /* needs timeval, set manually */,
+ { "network_timeout", CONF_INT, -1 /* needs timeval, set manually */,
&ldap_conf.bind_timelimit },
#elif defined(LDAP_X_OPT_CONNECT_TIMEOUT)
- { "bind_timelimit", CONF_INT, true, LDAP_X_OPT_CONNECT_TIMEOUT,
+ { "bind_timelimit", CONF_INT, LDAP_X_OPT_CONNECT_TIMEOUT,
&ldap_conf.bind_timelimit },
- { "network_timeout", CONF_INT, true, LDAP_X_OPT_CONNECT_TIMEOUT,
+ { "network_timeout", CONF_INT, LDAP_X_OPT_CONNECT_TIMEOUT,
&ldap_conf.bind_timelimit },
#endif
- { "timelimit", CONF_INT, true, LDAP_OPT_TIMELIMIT, &ldap_conf.timelimit },
+ { "timelimit", CONF_INT, LDAP_OPT_TIMELIMIT, &ldap_conf.timelimit },
#ifdef LDAP_OPT_TIMEOUT
- { "timeout", CONF_INT, true, -1 /* needs timeval, set manually */,
+ { "timeout", CONF_INT, -1 /* needs timeval, set manually */,
&ldap_conf.timeout },
#endif
#ifdef LDAP_OPT_DEREF
- { "deref", CONF_DEREF_VAL, true, LDAP_OPT_DEREF, &ldap_conf.deref },
+ { "deref", CONF_DEREF_VAL, LDAP_OPT_DEREF, &ldap_conf.deref },
#endif
- { "binddn", CONF_STR, false, -1, &ldap_conf.binddn },
- { "bindpw", CONF_STR, false, -1, &ldap_conf.bindpw },
- { "rootbinddn", CONF_STR, false, -1, &ldap_conf.rootbinddn },
- { "sudoers_base", CONF_LIST_STR, false, -1, &ldap_conf.base },
- { "sudoers_timed", CONF_BOOL, false, -1, &ldap_conf.timed },
- { "sudoers_search_filter", CONF_STR, false, -1, &ldap_conf.search_filter },
-#ifdef HAVE_LDAP_SASL_INTERACTIVE_BIND_S
- { "use_sasl", CONF_BOOL, false, -1, &ldap_conf.use_sasl },
- { "sasl_auth_id", CONF_STR, false, -1, &ldap_conf.sasl_auth_id },
- { "rootuse_sasl", CONF_BOOL, false, -1, &ldap_conf.rootuse_sasl },
- { "rootsasl_auth_id", CONF_STR, false, -1, &ldap_conf.rootsasl_auth_id },
-# ifdef LDAP_OPT_X_SASL_SECPROPS
- { "sasl_secprops", CONF_STR, true, LDAP_OPT_X_SASL_SECPROPS,
+#ifdef LDAP_OPT_X_SASL_SECPROPS
+ { "sasl_secprops", CONF_STR, LDAP_OPT_X_SASL_SECPROPS,
&ldap_conf.sasl_secprops },
-# endif
- { "krb5_ccname", CONF_STR, false, -1, &ldap_conf.krb5_ccname },
-#endif /* HAVE_LDAP_SASL_INTERACTIVE_BIND_S */
+#endif
{ NULL }
};
}
}
if (hostbuf[0] == '\0') {
- warningx(_("invalid uri: %s"), uri_list);
+ warningx(_("invalid uri: %s"), uri_list->val);
goto done;
}
debug_decl(sudo_ldap_init, SUDO_DEBUG_LDAP)
#ifdef HAVE_LDAPSSL_INIT
- if (ldap_conf.ssl_mode == SUDO_LDAP_SSL) {
+ if (ldap_conf.ssl_mode != SUDO_LDAP_CLEAR) {
+ const int defsecure = ldap_conf.ssl_mode == SUDO_LDAP_SSL;
DPRINTF(("ldapssl_clientauth_init(%s, %s)",
ldap_conf.tls_certfile ? ldap_conf.tls_certfile : "NULL",
ldap_conf.tls_keyfile ? ldap_conf.tls_keyfile : "NULL"), 2);
rc = ldapssl_clientauth_init(ldap_conf.tls_certfile, NULL,
ldap_conf.tls_keyfile != NULL, ldap_conf.tls_keyfile, NULL);
/*
- * Mozilla-derived SDKs have a bug starting with version 5.0
- * where the path can no longer be a file name and must be a dir.
+ * Starting with version 5.0, Mozilla-derived LDAP SDKs require
+ * the cert and key paths to be a directory, not a file.
+ * If the user specified a file and it fails, try the parent dir.
*/
if (rc != LDAP_SUCCESS) {
- char *cp;
- if (ldap_conf.tls_certfile) {
- cp = strrchr(ldap_conf.tls_certfile, '/');
- if (cp != NULL && strncmp(cp + 1, "cert", 4) == 0)
+ bool retry = false;
+ if (ldap_conf.tls_certfile != NULL) {
+ char *cp = strrchr(ldap_conf.tls_certfile, '/');
+ if (cp != NULL && strncmp(cp + 1, "cert", 4) == 0) {
*cp = '\0';
+ retry = true;
+ }
}
- if (ldap_conf.tls_keyfile) {
- cp = strrchr(ldap_conf.tls_keyfile, '/');
- if (cp != NULL && strncmp(cp + 1, "key", 3) == 0)
+ if (ldap_conf.tls_keyfile != NULL) {
+ char *cp = strrchr(ldap_conf.tls_keyfile, '/');
+ if (cp != NULL && strncmp(cp + 1, "key", 3) == 0) {
*cp = '\0';
+ retry = true;
+ }
}
- DPRINTF(("ldapssl_clientauth_init(%s, %s)",
- ldap_conf.tls_certfile ? ldap_conf.tls_certfile : "NULL",
- ldap_conf.tls_keyfile ? ldap_conf.tls_keyfile : "NULL"), 2);
- rc = ldapssl_clientauth_init(ldap_conf.tls_certfile, NULL,
- ldap_conf.tls_keyfile != NULL, ldap_conf.tls_keyfile, NULL);
- if (rc != LDAP_SUCCESS) {
- warningx(_("unable to initialize SSL cert and key db: %s"),
- ldapssl_err2string(rc));
- goto done;
+ if (retry) {
+ DPRINTF(("ldapssl_clientauth_init(%s, %s)",
+ ldap_conf.tls_certfile ? ldap_conf.tls_certfile : "NULL",
+ ldap_conf.tls_keyfile ? ldap_conf.tls_keyfile : "NULL"), 2);
+ rc = ldapssl_clientauth_init(ldap_conf.tls_certfile, NULL,
+ ldap_conf.tls_keyfile != NULL, ldap_conf.tls_keyfile, NULL);
}
}
+ if (rc != LDAP_SUCCESS) {
+ warningx(_("unable to initialize SSL cert and key db: %s"),
+ ldapssl_err2string(rc));
+ if (ldap_conf.tls_certfile == NULL)
+ warningx(_("you must set TLS_CERT in %s to use SSL"),
+ _PATH_LDAP_CONF);
+ goto done;
+ }
- DPRINTF(("ldapssl_init(%s, %d, 1)", host, port), 2);
- if ((ld = ldapssl_init(host, port, 1)) != NULL)
+ DPRINTF(("ldapssl_init(%s, %d, %d)", host, port, defsecure), 2);
+ if ((ld = ldapssl_init(host, port, defsecure)) != NULL)
rc = LDAP_SUCCESS;
} else
#endif
debug_return;
}
+/*
+ * Look up keyword in config tables.
+ * Returns true if found, else false.
+ */
+static bool
+sudo_ldap_parse_keyword(const char *keyword, const char *value,
+ struct ldap_config_table *table)
+{
+ struct ldap_config_table *cur;
+ debug_decl(sudo_ldap_parse_keyword, SUDO_DEBUG_LDAP)
+
+ /* Look up keyword in config tables */
+ for (cur = table; cur->conf_str != NULL; cur++) {
+ if (strcasecmp(keyword, cur->conf_str) == 0) {
+ switch (cur->type) {
+ case CONF_DEREF_VAL:
+ if (strcasecmp(value, "searching") == 0)
+ *(int *)(cur->valp) = LDAP_DEREF_SEARCHING;
+ else if (strcasecmp(value, "finding") == 0)
+ *(int *)(cur->valp) = LDAP_DEREF_FINDING;
+ else if (strcasecmp(value, "always") == 0)
+ *(int *)(cur->valp) = LDAP_DEREF_ALWAYS;
+ else
+ *(int *)(cur->valp) = LDAP_DEREF_NEVER;
+ break;
+ case CONF_BOOL:
+ *(int *)(cur->valp) = atobool(value) == true;
+ break;
+ case CONF_INT:
+ *(int *)(cur->valp) = atoi(value);
+ break;
+ case CONF_STR:
+ efree(*(char **)(cur->valp));
+ *(char **)(cur->valp) = estrdup(value);
+ break;
+ case CONF_LIST_STR:
+ {
+ struct ldap_config_list_str **p;
+ size_t len = strlen(value);
+
+ if (len > 0) {
+ p = (struct ldap_config_list_str **)cur->valp;
+ while (*p != NULL)
+ p = &(*p)->next;
+ *p = emalloc(sizeof(struct ldap_config_list_str) + len);
+ memcpy((*p)->val, value, len + 1);
+ (*p)->next = NULL;
+ }
+ }
+ break;
+ }
+ debug_return_bool(true);
+ }
+ }
+ debug_return_bool(false);
+}
+
static bool
sudo_ldap_read_config(void)
{
FILE *fp;
char *cp, *keyword, *value;
- struct ldap_config_table *cur;
debug_decl(sudo_ldap_read_config, SUDO_DEBUG_LDAP)
/* defaults */
cp++;
value = cp;
- /* Look up keyword in config table. */
- for (cur = ldap_conf_table; cur->conf_str != NULL; cur++) {
- if (strcasecmp(keyword, cur->conf_str) == 0) {
- switch (cur->type) {
- case CONF_DEREF_VAL:
- if (strcasecmp(value, "searching") == 0)
- *(int *)(cur->valp) = LDAP_DEREF_SEARCHING;
- else if (strcasecmp(value, "finding") == 0)
- *(int *)(cur->valp) = LDAP_DEREF_FINDING;
- else if (strcasecmp(value, "always") == 0)
- *(int *)(cur->valp) = LDAP_DEREF_ALWAYS;
- else
- *(int *)(cur->valp) = LDAP_DEREF_NEVER;
- break;
- case CONF_BOOL:
- *(int *)(cur->valp) = atobool(value) == true;
- break;
- case CONF_INT:
- *(int *)(cur->valp) = atoi(value);
- break;
- case CONF_STR:
- efree(*(char **)(cur->valp));
- *(char **)(cur->valp) = estrdup(value);
- break;
- case CONF_LIST_STR:
- {
- struct ldap_config_list_str **p;
- size_t len = strlen(value);
-
- if (len > 0) {
- p = (struct ldap_config_list_str **)cur->valp;
- while (*p != NULL)
- p = &(*p)->next;
- *p = emalloc(sizeof(struct ldap_config_list_str) + len);
- memcpy((*p)->val, value, len + 1);
- (*p)->next = NULL;
- }
- }
- break;
- }
- break;
- }
- }
+ /* Look up keyword in config tables */
+ if (!sudo_ldap_parse_keyword(keyword, value, ldap_conf_global))
+ sudo_ldap_parse_keyword(keyword, value, ldap_conf_conn);
}
fclose(fp);
}
#endif /* HAVE_LDAP_SASL_INTERACTIVE_BIND_S */
+
/*
- * Set LDAP options based on the config table.
+ * Set LDAP options from the specified options table
*/
static int
-sudo_ldap_set_options(LDAP *ld)
+sudo_ldap_set_options_table(LDAP *ld, struct ldap_config_table *table)
{
struct ldap_config_table *cur;
- int rc;
- debug_decl(sudo_ldap_set_options, SUDO_DEBUG_LDAP)
-
- /* Set ber options */
-#ifdef LBER_OPT_DEBUG_LEVEL
- if (ldap_conf.ldap_debug)
- ber_set_option(NULL, LBER_OPT_DEBUG_LEVEL, &ldap_conf.ldap_debug);
-#endif
-
- /* Set simple LDAP options */
- for (cur = ldap_conf_table; cur->conf_str != NULL; cur++) {
- LDAP *conn;
- int ival;
- char *sval;
+ int ival, rc;
+ char *sval;
+ debug_decl(sudo_ldap_set_options_table, SUDO_DEBUG_LDAP)
+ for (cur = table; cur->conf_str != NULL; cur++) {
if (cur->opt_val == -1)
continue;
- conn = cur->connected ? ld : NULL;
switch (cur->type) {
case CONF_BOOL:
case CONF_INT:
ival = *(int *)(cur->valp);
if (ival >= 0) {
- rc = ldap_set_option(conn, cur->opt_val, &ival);
+ rc = ldap_set_option(ld, cur->opt_val, &ival);
if (rc != LDAP_OPT_SUCCESS) {
warningx("ldap_set_option: %s -> %d: %s",
cur->conf_str, ival, ldap_err2string(rc));
case CONF_STR:
sval = *(char **)(cur->valp);
if (sval != NULL) {
- rc = ldap_set_option(conn, cur->opt_val, sval);
+ rc = ldap_set_option(ld, cur->opt_val, sval);
if (rc != LDAP_OPT_SUCCESS) {
warningx("ldap_set_option: %s -> %s: %s",
cur->conf_str, sval, ldap_err2string(rc));
break;
}
}
+ debug_return_int(0);
+}
+
+/*
+ * Set LDAP options based on the global config table.
+ */
+static int
+sudo_ldap_set_options_global(void)
+{
+ int rc;
+ debug_decl(sudo_ldap_set_options_global, SUDO_DEBUG_LDAP)
+
+ /* Set ber options */
+#ifdef LBER_OPT_DEBUG_LEVEL
+ if (ldap_conf.ldap_debug)
+ ber_set_option(NULL, LBER_OPT_DEBUG_LEVEL, &ldap_conf.ldap_debug);
+#endif
+
+ /* Parse global LDAP options table. */
+ rc = sudo_ldap_set_options_table(NULL, ldap_conf_global);
+ if (rc == -1)
+ debug_return_int(-1);
+ debug_return_int(0);
+}
+
+/*
+ * Set LDAP options based on the per-connection config table.
+ */
+static int
+sudo_ldap_set_options_conn(LDAP *ld)
+{
+ int rc;
+ debug_decl(sudo_ldap_set_options_conn, SUDO_DEBUG_LDAP)
+
+ /* Parse per-connection LDAP options table. */
+ rc = sudo_ldap_set_options_table(ld, ldap_conf_conn);
+ if (rc == -1)
+ debug_return_int(-1);
#ifdef LDAP_OPT_TIMEOUT
/* Convert timeout to a timeval */
struct ldap_result *result;
debug_decl(sudo_ldap_result_alloc, SUDO_DEBUG_LDAP)
- result = emalloc(sizeof(*result));
- result->searches = NULL;
- result->nentries = 0;
- result->entries = NULL;
- result->allocated_entries = 0;
- result->user_matches = false;
- result->host_matches = false;
- debug_return_ptr(result);
+ debug_return_ptr(ecalloc(1, sizeof(*result)));
}
/*
struct ldap_search_list *s, *news;
debug_decl(sudo_ldap_result_add_search, SUDO_DEBUG_LDAP)
- news = emalloc(sizeof(struct ldap_search_list));
- news->next = NULL;
+ news = ecalloc(1, sizeof(struct ldap_search_list));
news->ldap = ldap;
news->searchresult = searchresult;
+ /* news->next = NULL; */
/* Add entry to the end of the chain (XXX - tailq instead?). */
if (lres->searches) {
DPRINTF(("gss_krb5_ccache_name() failed: %d", status), 1);
}
# else
- setenv("KRB5CCNAME", ldap_conf.krb5_ccname, true);
+ sudo_setenv("KRB5CCNAME", ldap_conf.krb5_ccname, true);
# endif
}
rc = ldap_sasl_interactive_bind_s(ld, ldap_conf.binddn, "GSSAPI",
DPRINTF(("gss_krb5_ccache_name() failed: %d", status), 1);
# else
if (old_ccname != NULL)
- setenv("KRB5CCNAME", old_ccname, true);
+ sudo_setenv("KRB5CCNAME", old_ccname, true);
else
- unsetenv("KRB5CCNAME");
+ sudo_unsetenv("KRB5CCNAME");
# endif
}
if (rc != LDAP_SUCCESS) {
debug_return_int(-1);
/* Prevent reading of user ldaprc and system defaults. */
- if (getenv("LDAPNOINIT") == NULL) {
+ if (sudo_getenv("LDAPNOINIT") == NULL) {
ldapnoinit = true;
- setenv("LDAPNOINIT", "1", true);
+ sudo_setenv("LDAPNOINIT", "1", true);
}
+ /* Set global LDAP options */
+ if (sudo_ldap_set_options_global() < 0)
+ debug_return_int(-1);
+
/* Connect to LDAP server */
#ifdef HAVE_LDAP_INITIALIZE
if (ldap_conf.uri != NULL) {
DPRINTF(("ldap_initialize(ld, %s)", buf), 2);
rc = ldap_initialize(&ld, buf);
efree(buf);
+ if (rc != LDAP_SUCCESS)
+ warningx(_("unable to initialize LDAP: %s"), ldap_err2string(rc));
} else
#endif
rc = sudo_ldap_init(&ld, ldap_conf.host, ldap_conf.port);
- if (rc != LDAP_SUCCESS) {
- warningx(_("unable to initialize LDAP: %s"), ldap_err2string(rc));
+ if (rc != LDAP_SUCCESS)
debug_return_int(-1);
- }
-
- if (ldapnoinit)
- unsetenv("LDAPNOINIT");
- /* Set LDAP options */
- if (sudo_ldap_set_options(ld) < 0)
+ /* Set LDAP per-connection options */
+ if (sudo_ldap_set_options_conn(ld) < 0)
debug_return_int(-1);
+ if (ldapnoinit)
+ sudo_unsetenv("LDAPNOINIT");
+
if (ldap_conf.ssl_mode == SUDO_LDAP_STARTTLS) {
#if defined(HAVE_LDAP_START_TLS_S)
rc = ldap_start_tls_s(ld, NULL, NULL);
debug_return_int(-1);
/* Create a handle container. */
- handle = emalloc(sizeof(struct sudo_ldap_handle));
+ handle = ecalloc(1, sizeof(struct sudo_ldap_handle));
handle->ld = ld;
- handle->result = NULL;
- handle->username = NULL;
- handle->grlist = NULL;
+ /* handle->result = NULL; */
+ /* handle->username = NULL; */
+ /* handle->grlist = NULL; */
nss->handle = handle;
debug_return_int(0);
debug_return;
}
-void
-log_error(int flags, const char *fmt, ...)
+/*
+ * Perform logging for log_error()/log_fatal()
+ */
+static void
+vlog_error(int flags, const char *fmt, va_list ap)
{
int serrno = errno;
char *logline, *message;
- va_list ap;
- debug_decl(log_error, SUDO_DEBUG_LOGGING)
+ debug_decl(vlog_error, SUDO_DEBUG_LOGGING)
/* Expand printf-style format + args. */
- va_start(ap, fmt);
evasprintf(&message, fmt, ap);
- va_end(ap);
/* Become root if we are not already to avoid user interference */
set_perms(PERM_ROOT|PERM_NOEXIT);
restore_perms();
- if (!ISSET(flags, NO_EXIT)) {
- plugin_cleanup(0);
- siglongjmp(error_jmp, 1);
- }
debug_return;
}
+void
+log_error(int flags, const char *fmt, ...)
+{
+ va_list ap;
+ debug_decl(log_error, SUDO_DEBUG_LOGGING)
+
+ /* Log the error. */
+ va_start(ap, fmt);
+ vlog_error(flags, fmt, ap);
+ va_end(ap);
+
+ debug_return;
+}
+
+void
+log_fatal(int flags, const char *fmt, ...)
+{
+ va_list ap;
+ debug_decl(log_error, SUDO_DEBUG_LOGGING)
+
+ /* Log the error. */
+ va_start(ap, fmt);
+ vlog_error(flags, fmt, ap);
+ va_end(ap);
+
+ /* Exit the plugin. */
+ plugin_cleanup(0);
+ sudo_debug_exit(__func__, __FILE__, __LINE__, sudo_debug_subsys);
+ siglongjmp(error_jmp, 1);
+}
+
#define MAX_MAILFLAGS 63
/*
debug_return;
/* Fork and return, child will daemonize. */
- switch (pid = fork()) {
+ switch (pid = sudo_debug_fork()) {
case -1:
/* Error. */
error(1, _("unable to fork"));
_exit(1);
}
- switch (pid = fork()) {
+ switch (pid = sudo_debug_fork()) {
case -1:
/* Error. */
mysyslog(LOG_ERR, _("unable to fork: %m"));
#define SLOG_FILE 0x02
#define SLOG_BOTH 0x03
-/* Flags for log_error() */
+/* Flags for log_error()/log_fatal() */
#define MSG_ONLY 0x01
#define USE_ERRNO 0x02
#define NO_MAIL 0x04
-#define NO_EXIT 0x08
-#define NO_STDERR 0x10
+#define NO_STDERR 0x08
/*
* Maximum number of characters to log per entry. The syslogger
void log_allowed(int);
void log_denial(int, int);
void log_error(int flags, const char *fmt, ...) __printflike(2, 3);
+void log_fatal(int flags, const char *fmt, ...) __printflike(2, 3) __attribute__((__noreturn__));
void reapchild(int);
void writeln_wrap(FILE *fp, char *line, size_t len, size_t maxlen);
#ifdef HAVE_FNMATCH
# include <fnmatch.h>
#endif /* HAVE_FNMATCH */
-#ifdef HAVE_EXTENDED_GLOB
+#ifdef HAVE_GLOB
# include <glob.h>
-#endif /* HAVE_EXTENDED_GLOB */
+#endif /* HAVE_GLOB */
#ifdef HAVE_NETGROUP_H
# include <netgroup.h>
#endif /* HAVE_NETGROUP_H */
#ifndef HAVE_FNMATCH
# include "compat/fnmatch.h"
#endif /* HAVE_FNMATCH */
-#ifndef HAVE_EXTENDED_GLOB
+#ifndef HAVE_GLOB
# include "compat/glob.h"
-#endif /* HAVE_EXTENDED_GLOB */
+#endif /* HAVE_GLOB */
static struct member_list empty;
* c) there are args in sudoers and on command line and they match
* else return false.
*/
-#define GLOB_FLAGS (GLOB_NOSORT | GLOB_BRACE | GLOB_TILDE)
- if (glob(sudoers_cmnd, GLOB_FLAGS, NULL, &gl) != 0 || gl.gl_pathc == 0) {
+ if (glob(sudoers_cmnd, GLOB_NOSORT, NULL, &gl) != 0 || gl.gl_pathc == 0) {
globfree(&gl);
debug_return_bool(false);
}
for (ifp = interfaces; ifp != NULL; ifp = ifp->next) {
if (ifp->family != family)
continue;
- switch(family) {
+ switch (family) {
case AF_INET:
if (ifp->addr.ip4.s_addr == addr.ip4.s_addr ||
(ifp->addr.ip4.s_addr & ifp->netmask.ip4.s_addr)
}
if (j == sizeof(addr.ip6.s6_addr))
debug_return_bool(true);
+ break;
#endif /* HAVE_STRUCT_IN6_ADDR */
}
}
for (ifp = interfaces; ifp != NULL; ifp = ifp->next) {
if (ifp->family != family)
continue;
- switch(family) {
+ switch (family) {
case AF_INET:
if ((ifp->addr.ip4.s_addr & mask.ip4.s_addr) == addr.ip4.s_addr)
debug_return_bool(true);
+ break;
#ifdef HAVE_STRUCT_IN6_ADDR
case AF_INET6:
for (j = 0; j < sizeof(addr.ip6.s6_addr); j++) {
}
if (j == sizeof(addr.ip6.s6_addr))
debug_return_bool(true);
+ break;
#endif /* HAVE_STRUCT_IN6_ADDR */
}
}
yyin = nss->handle;
if (yyparse() != 0 || parse_error) {
if (errorlineno != -1) {
- log_error(NO_EXIT, _("parse error in %s near line %d"),
+ log_error(0, _("parse error in %s near line %d"),
errorfile, errorlineno);
} else {
- log_error(NO_EXIT, _("parse error in %s"), errorfile);
+ log_error(0, _("parse error in %s"), errorfile);
}
debug_return_int(-1);
}
#
msgid ""
msgstr ""
-"Project-Id-Version: sudoers 1.8.4rc1\n"
+"Project-Id-Version: sudoers 1.8.5rc1\n"
"Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n"
-"POT-Creation-Date: 2012-02-06 15:48-0500\n"
-"PO-Revision-Date: 2012-02-08 23:06+0100\n"
+"POT-Creation-Date: 2012-04-13 16:21-0400\n"
+"PO-Revision-Date: 2012-04-18 23:06+0100\n"
"Last-Translator: Joe Hansen <joedalton2@yahoo.dk>\n"
"Language-Team: Danish <dansk@dansk-gruppen.dk>\n"
"Language: da\n"
msgid "Alias `%s' already defined"
msgstr "Alias »%s« er allerede defineret"
-#: plugins/sudoers/bsm_audit.c:61 plugins/sudoers/bsm_audit.c:64
-#: plugins/sudoers/bsm_audit.c:113 plugins/sudoers/bsm_audit.c:117
-#: plugins/sudoers/bsm_audit.c:169 plugins/sudoers/bsm_audit.c:173
+#: plugins/sudoers/bsm_audit.c:60 plugins/sudoers/bsm_audit.c:63
+#: plugins/sudoers/bsm_audit.c:112 plugins/sudoers/bsm_audit.c:116
+#: plugins/sudoers/bsm_audit.c:168 plugins/sudoers/bsm_audit.c:172
+#, c-format
msgid "getaudit: failed"
msgstr "getaudit: fejlede"
-#: plugins/sudoers/bsm_audit.c:91 plugins/sudoers/bsm_audit.c:154
+#: plugins/sudoers/bsm_audit.c:90 plugins/sudoers/bsm_audit.c:153
+#, c-format
msgid "Could not determine audit condition"
msgstr "Kunne ikke bestemme overvågningsbetingelse"
-#: plugins/sudoers/bsm_audit.c:102
+#: plugins/sudoers/bsm_audit.c:101
+#, c-format
msgid "getauid failed"
msgstr "getauid fejlede"
-#: plugins/sudoers/bsm_audit.c:104 plugins/sudoers/bsm_audit.c:163
+#: plugins/sudoers/bsm_audit.c:103 plugins/sudoers/bsm_audit.c:162
+#, c-format
msgid "au_open: failed"
msgstr "au_open: fejlede"
-#: plugins/sudoers/bsm_audit.c:119 plugins/sudoers/bsm_audit.c:175
+#: plugins/sudoers/bsm_audit.c:118 plugins/sudoers/bsm_audit.c:174
+#, c-format
msgid "au_to_subject: failed"
msgstr "au_to_subject: fejlede"
-#: plugins/sudoers/bsm_audit.c:123 plugins/sudoers/bsm_audit.c:179
+#: plugins/sudoers/bsm_audit.c:122 plugins/sudoers/bsm_audit.c:178
+#, c-format
msgid "au_to_exec_args: failed"
msgstr "au_to_exec_args: fejlede"
-#: plugins/sudoers/bsm_audit.c:127 plugins/sudoers/bsm_audit.c:188
+#: plugins/sudoers/bsm_audit.c:126 plugins/sudoers/bsm_audit.c:187
+#, c-format
msgid "au_to_return32: failed"
msgstr "au_to_return32: fejlede"
-#: plugins/sudoers/bsm_audit.c:130 plugins/sudoers/bsm_audit.c:191
+#: plugins/sudoers/bsm_audit.c:129 plugins/sudoers/bsm_audit.c:190
+#, c-format
msgid "unable to commit audit record"
msgstr "kan ikke indsende overvågningspost"
-#: plugins/sudoers/bsm_audit.c:161
+#: plugins/sudoers/bsm_audit.c:160
+#, c-format
msgid "getauid: failed"
msgstr "getauid: fejlede"
-#: plugins/sudoers/bsm_audit.c:184
+#: plugins/sudoers/bsm_audit.c:183
+#, c-format
msgid "au_to_text: failed"
msgstr "au_to_text: fejlede"
msgstr "beklager men en adgangskode er krævet for at køre %s"
#: plugins/sudoers/check.c:249 plugins/sudoers/iolog.c:172
-#: plugins/sudoers/sudoers.c:992 plugins/sudoers/sudoreplay.c:348
-#: plugins/sudoers/sudoreplay.c:357 plugins/sudoers/sudoreplay.c:703
-#: plugins/sudoers/sudoreplay.c:797 plugins/sudoers/visudo.c:790
+#: plugins/sudoers/sudoers.c:979 plugins/sudoers/sudoreplay.c:353
+#: plugins/sudoers/sudoreplay.c:709 plugins/sudoers/sudoreplay.c:866
+#: plugins/sudoers/visudo.c:815
#, c-format
msgid "unable to open %s"
msgstr "kan ikke åbne %s"
msgstr "%s er skrivbar for ikkeejer (0%o), bør være tilstand 0700"
#: plugins/sudoers/check.c:501 plugins/sudoers/check.c:545
-#: plugins/sudoers/check.c:613 plugins/sudoers/sudoers.c:978
-#: plugins/sudoers/visudo.c:320 plugins/sudoers/visudo.c:582
+#: plugins/sudoers/check.c:613 plugins/sudoers/sudoers.c:998
+#: plugins/sudoers/visudo.c:319 plugins/sudoers/visudo.c:581
#, c-format
msgid "unable to stat %s"
msgstr "kan ikke stat %s"
msgstr "kan ikke nulstille %s til epoken"
#: plugins/sudoers/check.c:752 plugins/sudoers/check.c:758
-#: plugins/sudoers/sudoers.c:829 plugins/sudoers/sudoers.c:833
+#: plugins/sudoers/sudoers.c:856 plugins/sudoers/sudoers.c:860
#, c-format
msgid "unknown uid: %u"
msgstr "ukendt uid: %u"
-#: plugins/sudoers/check.c:755 plugins/sudoers/sudoers.c:770
-#: plugins/sudoers/sudoers.c:1108 plugins/sudoers/testsudoers.c:218
+#: plugins/sudoers/check.c:755 plugins/sudoers/sudoers.c:797
+#: plugins/sudoers/sudoers.c:1115 plugins/sudoers/testsudoers.c:218
#: plugins/sudoers/testsudoers.c:362
#, c-format
msgid "unknown user: %s"
msgid "When to require a password for 'verify' pseudocommand: %s"
msgstr "Hvornår der skal kræves en adgangskode for »verify« pseudokommando: %s"
-# engelsk fejl mangler \" til sidst
#: plugins/sudoers/def_data.c:243
-msgid "Preload the dummy exec functions contained in \"_PATH_SUDO_NOEXEC"
-msgstr "Præindlæs attrap-udførelsesfunktioner indeholdt i »_PATH_SUDO_NOEXEC«"
+msgid "Preload the dummy exec functions contained in the sudo_noexec library"
+msgstr "Præindlæs attrap-udførelsesfunktioner indeholdt i biblioteket sudo_noexec"
#: plugins/sudoers/def_data.c:247
msgid "If LDAP directory is up, do we ignore local sudoers file"
msgid "option `%s' does not take a value"
msgstr "indstilling »%s« kan ikke modtage en værdi"
-#: plugins/sudoers/env.c:258
-#, c-format
-msgid "internal error, sudo_setenv() overflow"
-msgstr "intern fejl, sudo_setenv()-overløb"
-
-#: plugins/sudoers/env.c:291
+#: plugins/sudoers/env.c:339
#, c-format
msgid "sudo_putenv: corrupted envp, length mismatch"
msgstr "sudo_putenv: ødelagt envp, forskellig længde"
-#: plugins/sudoers/env.c:710
+#: plugins/sudoers/env.c:341 plugins/sudoers/env.c:411 toke.l:682 toke.l:812
+#: toke.l:870 toke.l:966 plugins/sudoers/toke_util.c:113
+#: plugins/sudoers/toke_util.c:167 plugins/sudoers/toke_util.c:207
+#, c-format
+msgid "unable to allocate memory"
+msgstr "kan ikke allokere hukommelse"
+
+#: plugins/sudoers/env.c:366
+#, c-format
+msgid "internal error, sudo_setenv2() overflow"
+msgstr "intern fejl, sudo_setenv2()-overløb"
+
+#: plugins/sudoers/env.c:410
+#, c-format
+msgid "internal error, sudo_setenv() overflow"
+msgstr "intern fejl, sudo_setenv()-overløb"
+
+#: plugins/sudoers/env.c:955
#, c-format
msgid "sorry, you are not allowed to set the following environment variables: %s"
msgstr "beklager, du har ikke tilladelse til at angive de følgende miljøvariabler: %s"
#: plugins/sudoers/find_path.c:69 plugins/sudoers/find_path.c:108
-#: plugins/sudoers/find_path.c:123 plugins/sudoers/iolog.c:125
-#: plugins/sudoers/sudoers.c:923 toke.l:668 toke.l:823
+#: plugins/sudoers/find_path.c:123 plugins/sudoers/iolog.c:125 toke.l:678
+#: toke.l:866 plugins/sudoers/sudoers.c:950
#, c-format
msgid "%s: %s"
msgstr "%s: %s"
msgid "Local IP address and netmask pairs:\n"
msgstr "Lokal IP-adresse og netmaskepar:\n"
-#: plugins/sudoers/iolog.c:179 plugins/sudoers/sudoers.c:999
+#: plugins/sudoers/iolog.c:179 plugins/sudoers/sudoers.c:986
#, c-format
msgid "unable to read %s"
msgstr "kan ikke læse %s"
msgid "unable to create %s"
msgstr "kan ikke oprette %s"
-#: plugins/sudoers/iolog_path.c:256 plugins/sudoers/sudoers.c:362
+#: plugins/sudoers/iolog_path.c:256 plugins/sudoers/sudoers.c:373
#, c-format
msgid "unable to set locale to \"%s\", using \"C\""
msgstr "kan ikke angive sprog til »%s«, bruger »C«"
msgid "unable to build time filter"
msgstr "kan ikke bygge tidsfilter"
-#: plugins/sudoers/ldap.c:1185
+#: plugins/sudoers/ldap.c:1187
#, c-format
msgid "sudo_ldap_build_pass1 allocation mismatch"
msgstr "sudo_ldap_build_pass1 forskellige allokeringer"
-#: plugins/sudoers/ldap.c:1705
+#: plugins/sudoers/ldap.c:1707
#, c-format
msgid ""
"\n"
"\n"
"LDAP-rolle: %s\n"
-#: plugins/sudoers/ldap.c:1707
+#: plugins/sudoers/ldap.c:1709
#, c-format
msgid ""
"\n"
"\n"
"LDAP-rolle: UKENDT\n"
-#: plugins/sudoers/ldap.c:1754
+#: plugins/sudoers/ldap.c:1756
#, c-format
msgid " Order: %s\n"
msgstr " Rækkefølge: %s\n"
-#: plugins/sudoers/ldap.c:1762
+#: plugins/sudoers/ldap.c:1764
#, c-format
msgid " Commands:\n"
msgstr " Kommandoer:\n"
-#: plugins/sudoers/ldap.c:2161
+#: plugins/sudoers/ldap.c:2156
#, c-format
msgid "unable to initialize LDAP: %s"
msgstr "kan ikke initialisere LDAP: %s"
-#: plugins/sudoers/ldap.c:2192
+#: plugins/sudoers/ldap.c:2187
#, c-format
msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
msgstr "start_tls angivet men LDAP libs understøtter ikke ldap_start_tls_s() eller ldap_start_tls_s_np()"
-#: plugins/sudoers/ldap.c:2428
+#: plugins/sudoers/ldap.c:2423
#, c-format
msgid "invalid sudoOrder attribute: %s"
msgstr "ugyldig sudoOrder-attribut: %s"
+#: toke.l:805
+msgid "too many levels of includes"
+msgstr "for mange niveauer af includes (inkluderinger)"
+
+#: toke.l:829 plugins/sudoers/sudoers.c:1004
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "%s er ejet af uid %u, bør være %u"
+
+#: toke.l:836 plugins/sudoers/sudoers.c:1008
+#, c-format
+msgid "%s is world writable"
+msgstr "%s er skrivbar for alle"
+
+#: toke.l:841 plugins/sudoers/sudoers.c:1011
+#, c-format
+msgid "%s is owned by gid %u, should be %u"
+msgstr "%s er eget af gid %u, bør være %u"
+
#: plugins/sudoers/linux_audit.c:57
#, c-format
msgid "unable to open audit system"
msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
msgstr "Beklager. Bruger %s har ikke tilladelse til at køre »%s%s%s« som %s%s%s på %s.\n"
-#: plugins/sudoers/logging.c:420
+#: plugins/sudoers/logging.c:447
#, c-format
msgid "unable to fork"
msgstr "kan ikke forgrene"
-#: plugins/sudoers/logging.c:427 plugins/sudoers/logging.c:489
+#: plugins/sudoers/logging.c:454 plugins/sudoers/logging.c:516
#, c-format
msgid "unable to fork: %m"
msgstr "kan ikke forgrene: %m"
-#: plugins/sudoers/logging.c:479
+#: plugins/sudoers/logging.c:506
#, c-format
msgid "unable to open pipe: %m"
msgstr "kan ikke åbne datakanal: %m"
-#: plugins/sudoers/logging.c:504
+#: plugins/sudoers/logging.c:531
#, c-format
msgid "unable to dup stdin: %m"
msgstr "kan ikke dup stdin: %m"
-#: plugins/sudoers/logging.c:540
+#: plugins/sudoers/logging.c:567
#, c-format
msgid "unable to execute %s: %m"
msgstr "kan ikke køre %s: %m"
-#: plugins/sudoers/logging.c:755
+#: plugins/sudoers/logging.c:782
#, c-format
msgid "internal error: insufficient space for log line"
msgstr "intern fejl: utilstrækkelig plads for loglinje"
msgid "unable to cache user %s, already exists"
msgstr "kan ikke cache bruger %s, findes allerede"
-#: plugins/sudoers/pwutil.c:655
+#: plugins/sudoers/pwutil.c:653
#, c-format
msgid "unable to cache gid %u (%s), already exists"
msgstr "kan ikke cache gid %u (%s), findes allerede"
-#: plugins/sudoers/pwutil.c:663
+#: plugins/sudoers/pwutil.c:661
#, c-format
msgid "unable to cache gid %u, already exists"
msgstr "kan ikke cache gid %u, findes allerede"
-#: plugins/sudoers/pwutil.c:693 plugins/sudoers/pwutil.c:702
+#: plugins/sudoers/pwutil.c:691 plugins/sudoers/pwutil.c:700
#, c-format
msgid "unable to cache group %s, already exists"
msgstr "kan ikke cache gruppe %s, findes allerede"
-#: plugins/sudoers/set_perms.c:114 plugins/sudoers/set_perms.c:365
-#: plugins/sudoers/set_perms.c:601 plugins/sudoers/set_perms.c:837
+#: plugins/sudoers/set_perms.c:122 plugins/sudoers/set_perms.c:436
+#: plugins/sudoers/set_perms.c:828 plugins/sudoers/set_perms.c:1114
+#: plugins/sudoers/set_perms.c:1396
msgid "perm stack overflow"
msgstr "permanent stakoverløb"
-#: plugins/sudoers/set_perms.c:122 plugins/sudoers/set_perms.c:373
-#: plugins/sudoers/set_perms.c:609 plugins/sudoers/set_perms.c:845
+#: plugins/sudoers/set_perms.c:130 plugins/sudoers/set_perms.c:444
+#: plugins/sudoers/set_perms.c:836 plugins/sudoers/set_perms.c:1122
+#: plugins/sudoers/set_perms.c:1404
msgid "perm stack underflow"
msgstr "permanent stakunderløb"
-#: plugins/sudoers/set_perms.c:228 plugins/sudoers/set_perms.c:466
-#: plugins/sudoers/set_perms.c:706
+#: plugins/sudoers/set_perms.c:270 plugins/sudoers/set_perms.c:580
+#: plugins/sudoers/set_perms.c:957 plugins/sudoers/set_perms.c:1243
msgid "unable to change to runas gid"
msgstr "kan ikke ændre til kør som gid"
-#: plugins/sudoers/set_perms.c:236 plugins/sudoers/set_perms.c:473
-#: plugins/sudoers/set_perms.c:713
+#: plugins/sudoers/set_perms.c:282 plugins/sudoers/set_perms.c:592
+#: plugins/sudoers/set_perms.c:967 plugins/sudoers/set_perms.c:1253
msgid "unable to change to runas uid"
msgstr "kan ikke ændre til kør som uid"
-#: plugins/sudoers/set_perms.c:250 plugins/sudoers/set_perms.c:486
-#: plugins/sudoers/set_perms.c:726
-#, c-format
+#: plugins/sudoers/set_perms.c:300 plugins/sudoers/set_perms.c:610
+#: plugins/sudoers/set_perms.c:983 plugins/sudoers/set_perms.c:1269
msgid "unable to change to sudoers gid"
msgstr "kan ikke ændre til sudoers gid"
-#: plugins/sudoers/set_perms.c:291 plugins/sudoers/set_perms.c:524
-#: plugins/sudoers/set_perms.c:764 plugins/sudoers/set_perms.c:906
+#: plugins/sudoers/set_perms.c:353 plugins/sudoers/set_perms.c:681
+#: plugins/sudoers/set_perms.c:1029 plugins/sudoers/set_perms.c:1315
+#: plugins/sudoers/set_perms.c:1474
msgid "too many processes"
msgstr "for mange processer"
-#: plugins/sudoers/set_perms.c:970
+#: plugins/sudoers/set_perms.c:1542
msgid "unable to set runas group vector"
msgstr "kan ikke angive kør som gruppevektor"
msgid "User %s is not allowed to run sudo on %s.\n"
msgstr "Bruger %s har ikke tilladelse til at køre sudo på %s.\n"
-#: plugins/sudoers/sudoers.c:201 plugins/sudoers/sudoers.c:232
-#: plugins/sudoers/sudoers.c:931
+#: plugins/sudoers/sudoers.c:208 plugins/sudoers/sudoers.c:239
+#: plugins/sudoers/sudoers.c:958
msgid "problem with defaults entries"
msgstr "problem med standardpunkter"
-#: plugins/sudoers/sudoers.c:205
+#: plugins/sudoers/sudoers.c:212
#, c-format
msgid "no valid sudoers sources found, quitting"
msgstr "ingen gyldige sudoerskilder fundet, afslutter"
-#: plugins/sudoers/sudoers.c:257
+#: plugins/sudoers/sudoers.c:264
#, c-format
msgid "unable to execute %s: %s"
msgstr "kan ikke udføre %s: %s"
-#: plugins/sudoers/sudoers.c:311
+#: plugins/sudoers/sudoers.c:322
#, c-format
msgid "sudoers specifies that root is not allowed to sudo"
msgstr "sudoers angiver at administrator (root) ikke har tilladelse til sudo"
-#: plugins/sudoers/sudoers.c:318
+#: plugins/sudoers/sudoers.c:329
#, c-format
msgid "you are not permitted to use the -C option"
msgstr "du har ikke tilladelse til at bruge tilvalget -C"
-#: plugins/sudoers/sudoers.c:408
+#: plugins/sudoers/sudoers.c:422
#, c-format
msgid "timestamp owner (%s): No such user"
msgstr "tidsstempelejer (%s): Ingen sådan bruger"
-#: plugins/sudoers/sudoers.c:424
+#: plugins/sudoers/sudoers.c:438
msgid "no tty"
msgstr "ingen tty"
-#: plugins/sudoers/sudoers.c:425
+#: plugins/sudoers/sudoers.c:439
#, c-format
msgid "sorry, you must have a tty to run sudo"
msgstr "beklager, du skal bruge en tty for at køre sudo"
-#: plugins/sudoers/sudoers.c:464
+#: plugins/sudoers/sudoers.c:478
msgid "No user or host"
msgstr "Ingen bruger eller vært"
-#: plugins/sudoers/sudoers.c:478 plugins/sudoers/sudoers.c:499
-#: plugins/sudoers/sudoers.c:500 plugins/sudoers/sudoers.c:1509
-#: plugins/sudoers/sudoers.c:1510
+#: plugins/sudoers/sudoers.c:492 plugins/sudoers/sudoers.c:513
+#: plugins/sudoers/sudoers.c:514 plugins/sudoers/sudoers.c:1522
+#: plugins/sudoers/sudoers.c:1523
#, c-format
msgid "%s: command not found"
msgstr "%s: Kommando ikke fundet"
-#: plugins/sudoers/sudoers.c:480 plugins/sudoers/sudoers.c:496
+#: plugins/sudoers/sudoers.c:494 plugins/sudoers/sudoers.c:510
#, c-format
msgid ""
"ignoring `%s' found in '.'\n"
"ignorerer »%s« fundet i ».«\n"
"Brug »sudo ./%s« hvis dette er »%s«, du ønsker at køre."
-#: plugins/sudoers/sudoers.c:485
+#: plugins/sudoers/sudoers.c:499
msgid "validation failure"
msgstr "valideringsfejl"
-#: plugins/sudoers/sudoers.c:495
+#: plugins/sudoers/sudoers.c:509
msgid "command in current directory"
msgstr "kommando i aktuel mappe"
-#: plugins/sudoers/sudoers.c:507
+#: plugins/sudoers/sudoers.c:521
#, c-format
msgid "sorry, you are not allowed to preserve the environment"
msgstr "beklager men du har ikke tilladelse til at bevare miljøet"
-#: plugins/sudoers/sudoers.c:657 plugins/sudoers/sudoers.c:664
+#: plugins/sudoers/sudoers.c:681 plugins/sudoers/sudoers.c:688
#, c-format
msgid "internal error, runas_groups overflow"
msgstr "intern fejl, runas_groups-overløb"
-#: plugins/sudoers/sudoers.c:914
+#: plugins/sudoers/sudoers.c:941
#, c-format
msgid "internal error, set_cmnd() overflow"
msgstr "intern fejl, set_cmnd()-overløb"
-#: plugins/sudoers/sudoers.c:957
-#, c-format
-msgid "fixed mode on %s"
-msgstr "fast tilstand på %s"
-
-#: plugins/sudoers/sudoers.c:961
-#, c-format
-msgid "set group on %s"
-msgstr "angiv gruppe på %s"
-
-#: plugins/sudoers/sudoers.c:964
-#, c-format
-msgid "unable to set group on %s"
-msgstr "kan ikke angive gruppe på %s"
-
-#: plugins/sudoers/sudoers.c:967
-#, c-format
-msgid "unable to fix mode on %s"
-msgstr "kan ikke rette tilstand på %s"
-
-#: plugins/sudoers/sudoers.c:980
+#: plugins/sudoers/sudoers.c:1001
#, c-format
msgid "%s is not a regular file"
msgstr "%s er ikke en regulær fil"
-#: plugins/sudoers/sudoers.c:982
-#, c-format
-msgid "%s is mode 0%o, should be 0%o"
-msgstr "%s er tilstand 0%o, bør være 0%o"
-
-#: plugins/sudoers/sudoers.c:986
-#, c-format
-msgid "%s is owned by uid %u, should be %u"
-msgstr "%s er ejet af uid %u, bør være %u"
-
-#: plugins/sudoers/sudoers.c:989
-#, c-format
-msgid "%s is owned by gid %u, should be %u"
-msgstr "%s er eget af gid %u, bør være %u"
-
#: plugins/sudoers/sudoers.c:1038
#, c-format
msgid "only root can use `-c %s'"
msgstr "kun administrator (root) kan bruge »-c %s«"
-#: plugins/sudoers/sudoers.c:1049
+#: plugins/sudoers/sudoers.c:1055 plugins/sudoers/sudoers.c:1057
#, c-format
msgid "unknown login class: %s"
msgstr "ukendt logindklasse: %s"
-#: plugins/sudoers/sudoers.c:1077
+#: plugins/sudoers/sudoers.c:1084
#, c-format
msgid "unable to resolve host %s"
msgstr "kan ikke slå vært %s op"
-#: plugins/sudoers/sudoers.c:1129 plugins/sudoers/testsudoers.c:380
+#: plugins/sudoers/sudoers.c:1136 plugins/sudoers/testsudoers.c:380
#, c-format
msgid "unknown group: %s"
msgstr "ukendt gruppe: %s"
-#: plugins/sudoers/sudoers.c:1178
+#: plugins/sudoers/sudoers.c:1185
#, c-format
msgid "Sudoers policy plugin version %s\n"
msgstr "Udvidelsesmodulversion %s for sudoerspolitik\n"
-#: plugins/sudoers/sudoers.c:1180
+#: plugins/sudoers/sudoers.c:1187
#, c-format
msgid "Sudoers file grammar version %d\n"
msgstr "Grammatikversion %d for sudoersfil\n"
-#: plugins/sudoers/sudoers.c:1184
+#: plugins/sudoers/sudoers.c:1191
#, c-format
msgid ""
"\n"
"\n"
"Sudoers-sti: %s\n"
-#: plugins/sudoers/sudoers.c:1187
+#: plugins/sudoers/sudoers.c:1194
#, c-format
msgid "nsswitch path: %s\n"
msgstr "nsswitch-sti: %s\n"
-#: plugins/sudoers/sudoers.c:1189
+#: plugins/sudoers/sudoers.c:1196
#, c-format
msgid "ldap.conf path: %s\n"
msgstr "ldap.conf-sti: %s\n"
-#: plugins/sudoers/sudoers.c:1190
+#: plugins/sudoers/sudoers.c:1197
#, c-format
msgid "ldap.secret path: %s\n"
msgstr "ldap.secret-sti: %s\n"
-#: plugins/sudoers/sudoreplay.c:286
+#: plugins/sudoers/sudoreplay.c:291
#, c-format
msgid "invalid filter option: %s"
msgstr "ugyldigt filtertilvalg: %s"
-#: plugins/sudoers/sudoreplay.c:299
+#: plugins/sudoers/sudoreplay.c:304
#, c-format
msgid "invalid max wait: %s"
msgstr "ugyldig maks ventetid: %s"
-#: plugins/sudoers/sudoreplay.c:305
+#: plugins/sudoers/sudoreplay.c:310
#, c-format
msgid "invalid speed factor: %s"
msgstr "ugyldig hastighedsfaktor: %s"
-#: plugins/sudoers/sudoreplay.c:308 plugins/sudoers/visudo.c:187
+#: plugins/sudoers/sudoreplay.c:313 plugins/sudoers/visudo.c:187
#, c-format
msgid "%s version %s\n"
msgstr "%s version %s\n"
-#: plugins/sudoers/sudoreplay.c:333
+#: plugins/sudoers/sudoreplay.c:338
#, c-format
msgid "%s/%.2s/%.2s/%.2s/timing: %s"
msgstr "%s/%.2s/%.2s/%.2s/timing: %s"
-#: plugins/sudoers/sudoreplay.c:339
+#: plugins/sudoers/sudoreplay.c:344
#, c-format
msgid "%s/%s/timing: %s"
msgstr "%s/%s/timing: %s"
-#: plugins/sudoers/sudoreplay.c:364
+#: plugins/sudoers/sudoreplay.c:362
+#, c-format
+msgid "Replaying sudo session: %s\n"
+msgstr "Genafspiller sudosession: %s\n"
+
+#: plugins/sudoers/sudoreplay.c:368
#, c-format
-msgid "invalid log file %s"
-msgstr "ugyldig logfil %s"
+msgid "Warning: your terminal is too small to properly replay the log.\n"
+msgstr "Advarsel: Din terminal er for lille til korrekt at afspille loggen.\n"
-#: plugins/sudoers/sudoreplay.c:366
+#: plugins/sudoers/sudoreplay.c:369
#, c-format
-msgid "Replaying sudo session: %s"
-msgstr "Genafspiller sudosession: %s"
+msgid "Log geometry is %d x %d, your terminal's geometry is %d x %d."
+msgstr "Loggeometri er %d x %d, din terminals geometri er %d x %d."
-#: plugins/sudoers/sudoreplay.c:392
+#: plugins/sudoers/sudoreplay.c:399
#, c-format
msgid "unable to set tty to raw mode"
msgstr "kan ikke angive tty til rå (raw) tilstand"
-#: plugins/sudoers/sudoreplay.c:406
+#: plugins/sudoers/sudoreplay.c:412
#, c-format
msgid "invalid timing file line: %s"
msgstr "ugyldig timingfillinje: %s"
-#: plugins/sudoers/sudoreplay.c:448
+#: plugins/sudoers/sudoreplay.c:454
#, c-format
msgid "writing to standard output"
msgstr "skriver til standarduddata"
-#: plugins/sudoers/sudoreplay.c:480
+#: plugins/sudoers/sudoreplay.c:486
#, c-format
msgid "nanosleep: tv_sec %ld, tv_nsec %ld"
msgstr "nanosleep: tv_sec %ld, tv_nsec %ld"
-#: plugins/sudoers/sudoreplay.c:529 plugins/sudoers/sudoreplay.c:554
+#: plugins/sudoers/sudoreplay.c:535 plugins/sudoers/sudoreplay.c:560
#, c-format
msgid "ambiguous expression \"%s\""
msgstr "tvetydigt udtryk »%s«"
-#: plugins/sudoers/sudoreplay.c:571
+#: plugins/sudoers/sudoreplay.c:577
#, c-format
msgid "too many parenthesized expressions, max %d"
msgstr "for mange udtryk i parentes, maks %d"
-#: plugins/sudoers/sudoreplay.c:582
+#: plugins/sudoers/sudoreplay.c:588
#, c-format
msgid "unmatched ')' in expression"
msgstr "manglende »)« i udtryk"
-#: plugins/sudoers/sudoreplay.c:588
+#: plugins/sudoers/sudoreplay.c:594
#, c-format
msgid "unknown search term \"%s\""
msgstr "ukendt søgeterm »%s«"
-#: plugins/sudoers/sudoreplay.c:602
+#: plugins/sudoers/sudoreplay.c:608
#, c-format
msgid "%s requires an argument"
msgstr "%s kræver et argument"
-#: plugins/sudoers/sudoreplay.c:606
+#: plugins/sudoers/sudoreplay.c:612
#, c-format
msgid "invalid regular expression: %s"
msgstr "ugyldigt regulært udtryk: %s"
-#: plugins/sudoers/sudoreplay.c:612
+#: plugins/sudoers/sudoreplay.c:618
#, c-format
msgid "could not parse date \"%s\""
msgstr "kunne ikke fortolke dato »%s«"
-#: plugins/sudoers/sudoreplay.c:625
+#: plugins/sudoers/sudoreplay.c:631
#, c-format
msgid "unmatched '(' in expression"
msgstr "mangler »(« i udtryk"
-#: plugins/sudoers/sudoreplay.c:627
+#: plugins/sudoers/sudoreplay.c:633
#, c-format
msgid "illegal trailing \"or\""
msgstr "ugyldig kæde »or« (eller)"
-#: plugins/sudoers/sudoreplay.c:629
+#: plugins/sudoers/sudoreplay.c:635
#, c-format
msgid "illegal trailing \"!\""
msgstr "ugyldig kæde »!«"
-#: plugins/sudoers/sudoreplay.c:851
+#: plugins/sudoers/sudoreplay.c:942
#, c-format
msgid "invalid regex: %s"
msgstr "ugyldigt regulært udtryk: %s"
-#: plugins/sudoers/sudoreplay.c:976
+#: plugins/sudoers/sudoreplay.c:1066
#, c-format
msgid "usage: %s [-h] [-d directory] [-m max_wait] [-s speed_factor] ID\n"
msgstr "brug: %s [-h] [-d mappe] [-m maks_ventetid] [-s hastighedsfaktor] ID\n"
-#: plugins/sudoers/sudoreplay.c:979
+#: plugins/sudoers/sudoreplay.c:1069
#, c-format
msgid "usage: %s [-h] [-d directory] -l [search expression]\n"
msgstr "brug: %s [-h] [-d mappe] -l [søgeudtryk]\n"
-#: plugins/sudoers/sudoreplay.c:988
+#: plugins/sudoers/sudoreplay.c:1078
#, c-format
msgid ""
"%s - replay sudo session logs\n"
"%s - genafspil sudosessionslogge\n"
"\n"
-#: plugins/sudoers/sudoreplay.c:990
+#: plugins/sudoers/sudoreplay.c:1080
msgid ""
"\n"
"Options:\n"
"\n"
"Kommando ikke matchet"
-#: toke.l:672 toke.l:802 toke.l:827 toke.l:923 plugins/sudoers/toke_util.c:113
-#: plugins/sudoers/toke_util.c:167 plugins/sudoers/toke_util.c:207
-msgid "unable to allocate memory"
-msgstr "kan ikke allokere hukommelse"
-
-#: toke.l:795
-msgid "too many levels of includes"
-msgstr "for mange niveauer af includes (inkluderinger)"
-
#: plugins/sudoers/toke_util.c:218
msgid "fill_args: buffer overflow"
msgstr "fill_args: overløb for mellemlager"
msgid "%s grammar version %d\n"
msgstr "%s grammatikversion %d\n"
-#: plugins/sudoers/visudo.c:221 plugins/sudoers/auth/rfc1938.c:104
+#: plugins/sudoers/visudo.c:220 plugins/sudoers/auth/rfc1938.c:104
#, c-format
msgid "you do not exist in the %s database"
msgstr "du findes ikke i %s-databasen"
-#: plugins/sudoers/visudo.c:253 plugins/sudoers/visudo.c:539
+#: plugins/sudoers/visudo.c:252 plugins/sudoers/visudo.c:538
#, c-format
msgid "press return to edit %s: "
msgstr "tryk retur for at redigere %s: "
-#: plugins/sudoers/visudo.c:336 plugins/sudoers/visudo.c:342
+#: plugins/sudoers/visudo.c:335 plugins/sudoers/visudo.c:341
#, c-format
msgid "write error"
msgstr "skrivefejl"
-#: plugins/sudoers/visudo.c:424
+#: plugins/sudoers/visudo.c:423
#, c-format
msgid "unable to stat temporary file (%s), %s unchanged"
msgstr "kan ikke stat midlertidig fil (%s), %s unchanged"
-#: plugins/sudoers/visudo.c:429
+#: plugins/sudoers/visudo.c:428
#, c-format
msgid "zero length temporary file (%s), %s unchanged"
msgstr "midlertidig fil med nullængde (%s), %s uændret"
-#: plugins/sudoers/visudo.c:435
+#: plugins/sudoers/visudo.c:434
#, c-format
msgid "editor (%s) failed, %s unchanged"
msgstr "redigeringsprogram (%s) fejlede, %s uændret"
-#: plugins/sudoers/visudo.c:458
+#: plugins/sudoers/visudo.c:457
#, c-format
msgid "%s unchanged"
msgstr "%s uændret"
-#: plugins/sudoers/visudo.c:484
+#: plugins/sudoers/visudo.c:483
#, c-format
msgid "unable to re-open temporary file (%s), %s unchanged."
msgstr "kan ikke genåbne midlertidig fil (%s), %s uændrede."
-#: plugins/sudoers/visudo.c:494
+#: plugins/sudoers/visudo.c:493
#, c-format
msgid "unabled to parse temporary file (%s), unknown error"
msgstr "kan ikke fortolke midlertidig fil (%s), ukendt fejl"
-#: plugins/sudoers/visudo.c:532
+#: plugins/sudoers/visudo.c:531
#, c-format
msgid "internal error, unable to find %s in list!"
msgstr "intern fejl, kan ikke finde %s på listen!"
-#: plugins/sudoers/visudo.c:584 plugins/sudoers/visudo.c:593
+#: plugins/sudoers/visudo.c:583 plugins/sudoers/visudo.c:592
#, c-format
msgid "unable to set (uid, gid) of %s to (%u, %u)"
msgstr "kan ikke angive (uid, gid) af %s til (%u, %u)"
-#: plugins/sudoers/visudo.c:588 plugins/sudoers/visudo.c:598
+#: plugins/sudoers/visudo.c:587 plugins/sudoers/visudo.c:597
#, c-format
msgid "unable to change mode of %s to 0%o"
msgstr "kan ikke ændre tilstand på %s til 0%o"
-#: plugins/sudoers/visudo.c:615
+#: plugins/sudoers/visudo.c:614
#, c-format
msgid "%s and %s not on the same file system, using mv to rename"
msgstr "%s og %s er ikke på det samme filsystem, bruger mv til at omdøbe"
-#: plugins/sudoers/visudo.c:629
+#: plugins/sudoers/visudo.c:628
#, c-format
msgid "command failed: '%s %s %s', %s unchanged"
msgstr "kommando fejlede: »%s %s %s«, %s uændret"
-#: plugins/sudoers/visudo.c:639
+#: plugins/sudoers/visudo.c:638
#, c-format
msgid "error renaming %s, %s unchanged"
msgstr "fejl under omdøbing af %s, %s uændret"
-#: plugins/sudoers/visudo.c:702
+#: plugins/sudoers/visudo.c:701
msgid "What now? "
msgstr "Hvad nu? "
-#: plugins/sudoers/visudo.c:716
+#: plugins/sudoers/visudo.c:715
msgid ""
"Options are:\n"
" (e)dit sudoers file again\n"
" afslut(x) uden at gemme ændringer til sudoersfil\n"
" afslut(Q) og gem ændringer til sudoersfil (FARLIGT!)\n"
-#: plugins/sudoers/visudo.c:757
+#: plugins/sudoers/visudo.c:756
#, c-format
msgid "unable to execute %s"
msgstr "kan ikke udføre %s"
-#: plugins/sudoers/visudo.c:764
+#: plugins/sudoers/visudo.c:763
#, c-format
msgid "unable to run %s"
msgstr "kan ikke køre %s"
+#: plugins/sudoers/visudo.c:789
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr "%s: forkert ejer (uid, gid) bør være (%u, %u)\n"
+
#: plugins/sudoers/visudo.c:796
#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr "%s: ugyldige rettigheder, bør være tilstand 0%o\n"
+
+#: plugins/sudoers/visudo.c:821
+#, c-format
msgid "failed to parse %s file, unknown error"
msgstr "kunne ikke fortolke %s-fil, ukendt fejl"
-#: plugins/sudoers/visudo.c:808
+#: plugins/sudoers/visudo.c:834
#, c-format
msgid "parse error in %s near line %d\n"
msgstr "fortolkningsfejl i %s nær linje %d\n"
-#: plugins/sudoers/visudo.c:811
+#: plugins/sudoers/visudo.c:837
#, c-format
msgid "parse error in %s\n"
msgstr "fortolkningsfejl i %s\n"
-#: plugins/sudoers/visudo.c:814 plugins/sudoers/visudo.c:816
+#: plugins/sudoers/visudo.c:844 plugins/sudoers/visudo.c:849
#, c-format
msgid "%s: parsed OK\n"
msgstr "%s: fortolket o.k.\n"
-#: plugins/sudoers/visudo.c:826
-#, c-format
-msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
-msgstr "%s: forkert ejer (uid, gid) bør være (%u, %u)\n"
-
-#: plugins/sudoers/visudo.c:833
-#, c-format
-msgid "%s: bad permissions, should be mode 0%o\n"
-msgstr "%s: ugyldige rettigheder, bør være tilstand 0%o\n"
-
-#: plugins/sudoers/visudo.c:880
+#: plugins/sudoers/visudo.c:896
#, c-format
msgid "%s busy, try again later"
msgstr "%s travl, forsøg igen senere"
-#: plugins/sudoers/visudo.c:924
+#: plugins/sudoers/visudo.c:940
#, c-format
msgid "specified editor (%s) doesn't exist"
msgstr "angivet redigeringsprogram (%s) findes ikke"
-#: plugins/sudoers/visudo.c:947
+#: plugins/sudoers/visudo.c:963
#, c-format
msgid "unable to stat editor (%s)"
msgstr "kan ikke stat redigeringsprogram (%s)"
-#: plugins/sudoers/visudo.c:995
+#: plugins/sudoers/visudo.c:1011
#, c-format
msgid "no editor found (editor path = %s)"
msgstr "intet redigeringsprogram fundet (sti for redigeringsprogram = %s)"
-#: plugins/sudoers/visudo.c:1089
+#: plugins/sudoers/visudo.c:1105
#, c-format
msgid "Error: cycle in %s_Alias `%s'"
msgstr "Fejl: Cyklus i %s_Alias »%s«"
-#: plugins/sudoers/visudo.c:1090
+#: plugins/sudoers/visudo.c:1106
#, c-format
msgid "Warning: cycle in %s_Alias `%s'"
msgstr "Advarsel: Cyklus i %s_Alias »%s«"
-#: plugins/sudoers/visudo.c:1093
+#: plugins/sudoers/visudo.c:1109
#, c-format
msgid "Error: %s_Alias `%s' referenced but not defined"
msgstr "Fejl: %s_Alias »%s« refereret men ikke defineret"
-#: plugins/sudoers/visudo.c:1094
+#: plugins/sudoers/visudo.c:1110
#, c-format
msgid "Warning: %s_Alias `%s' referenced but not defined"
msgstr "Advarsel: %s_Alias »%s« refereret men ikke defineret"
-#: plugins/sudoers/visudo.c:1229
+#: plugins/sudoers/visudo.c:1245
#, c-format
msgid "%s: unused %s_Alias %s"
msgstr "%s: ubrugt %s_Alias %s"
-#: plugins/sudoers/visudo.c:1286
+#: plugins/sudoers/visudo.c:1301
#, c-format
msgid ""
"%s - safely edit the sudoers file\n"
"%s - rediger sikkert sudoersfilen\n"
"\n"
-#: plugins/sudoers/visudo.c:1288
+#: plugins/sudoers/visudo.c:1303
msgid ""
"\n"
"Options:\n"
msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
msgstr "Konto udløbet eller PAM-konfiguration mangler et »kontoafsnit« for sudo. Kontakt din systemadministrator"
-#: plugins/sudoers/auth/pam.c:178
+#: plugins/sudoers/auth/pam.c:180
#, c-format
msgid "pam_authenticate: %s"
msgstr "pam_authenticate: %s"
-#: plugins/sudoers/auth/pam.c:306
+#: plugins/sudoers/auth/pam.c:330
msgid "Password: "
msgstr "Adgangskode: "
-#: plugins/sudoers/auth/pam.c:307
+#: plugins/sudoers/auth/pam.c:331
msgid "Password:"
msgstr "Adgangskode:"
msgid "Authentication methods:"
msgstr "Godkendelsesmetoder:"
+#~ msgid "invalid log file %s"
+#~ msgstr "ugyldig logfil %s"
+
+#~ msgid "fixed mode on %s"
+#~ msgstr "fast tilstand på %s"
+
+#~ msgid "set group on %s"
+#~ msgstr "angiv gruppe på %s"
+
+#~ msgid "unable to set group on %s"
+#~ msgstr "kan ikke angive gruppe på %s"
+
+#~ msgid "unable to fix mode on %s"
+#~ msgstr "kan ikke rette tilstand på %s"
+
+#~ msgid "%s is mode 0%o, should be 0%o"
+#~ msgstr "%s er tilstand 0%o, bør være 0%o"
+
#~ msgid "File containing dummy exec functions: %s"
#~ msgstr "Fil der indeholder attrap-udførelsesfunktioner: %s"
#
msgid ""
msgstr ""
-"Project-Id-Version: sudoers 1.8.4rc1\n"
+"Project-Id-Version: sudoers 1.8.5rc3\n"
"Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n"
-"POT-Creation-Date: 2012-02-06 15:48-0500\n"
-"PO-Revision-Date: 2012-02-09 20:56-0500\n"
+"POT-Creation-Date: 2012-04-24 13:41-0400\n"
+"PO-Revision-Date: 2012-04-29 19:01-0400\n"
"Last-Translator: Keith Bowes <zooplah@gmail.com>\n"
"Language-Team: Esperanto <translation-team-eo@lists.sourceforge.net>\n"
"Language: eo\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+#: gram.y:110
+#, c-format
+msgid ">>> %s: %s near line %d <<<"
+msgstr ">>> %s: %s apud linio %d <<<"
+
#: plugins/sudoers/alias.c:125
#, c-format
msgid "Alias `%s' already defined"
msgstr "Kromnomo '%s' jam ekzistas"
-#: plugins/sudoers/bsm_audit.c:61 plugins/sudoers/bsm_audit.c:64
-#: plugins/sudoers/bsm_audit.c:113 plugins/sudoers/bsm_audit.c:117
-#: plugins/sudoers/bsm_audit.c:169 plugins/sudoers/bsm_audit.c:173
+#: plugins/sudoers/auth/bsdauth.c:78
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr "ne eblas akiri ensalutan klason por uzanto %s"
+
+#: plugins/sudoers/auth/bsdauth.c:84
+msgid "unable to begin bsd authentication"
+msgstr "ne eblas komenci bsd-konstatadn"
+
+#: plugins/sudoers/auth/bsdauth.c:92
+msgid "invalid authentication type"
+msgstr "nevalida konstata tipo"
+
+#: plugins/sudoers/auth/bsdauth.c:101
+msgid "unable to setup authentication"
+msgstr "ne eblas starigi konstatadon"
+
+#: plugins/sudoers/auth/fwtk.c:60
+#, c-format
+msgid "unable to read fwtk config"
+msgstr "ne eblas legi fwtk-agordon"
+
+#: plugins/sudoers/auth/fwtk.c:65
+#, c-format
+msgid "unable to connect to authentication server"
+msgstr "ne eblas konektiĝi al konstatanta servilo"
+
+#: plugins/sudoers/auth/fwtk.c:71 plugins/sudoers/auth/fwtk.c:95
+#: plugins/sudoers/auth/fwtk.c:128
+#, c-format
+msgid "lost connection to authentication server"
+msgstr "konekto al konstatanta servilo perdita"
+
+#: plugins/sudoers/auth/fwtk.c:75
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+"eraro de konstatanta servilo:\n"
+"%s"
+
+#: plugins/sudoers/auth/kerb5.c:117
+#, c-format
+msgid "%s: unable to unparse princ ('%s'): %s"
+msgstr "%s ne eblas analizi princ-on ('%s'): %s"
+
+#: plugins/sudoers/auth/kerb5.c:160
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr "%s: ne eblas analizi: '%s': %s"
+
+#: plugins/sudoers/auth/kerb5.c:170
+#, c-format
+msgid "%s: unable to resolve ccache: %s"
+msgstr "%s: ne eblas trovi ccache-on: %s"
+
+#: plugins/sudoers/auth/kerb5.c:218
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr "%s: ne eblas generi elektojn: %s"
+
+#: plugins/sudoers/auth/kerb5.c:234
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr "%s: ne eblas akiri atestilojn: %s"
+
+#: plugins/sudoers/auth/kerb5.c:247
+#, c-format
+msgid "%s: unable to initialize ccache: %s"
+msgstr "%s: ne eblas iniciati ccache-on: %s"
+
+#: plugins/sudoers/auth/kerb5.c:251
+#, c-format
+msgid "%s: unable to store cred in ccache: %s"
+msgstr "%s: ne eblas konservi atestilon en ccache: %s"
+
+#: plugins/sudoers/auth/kerb5.c:316
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr "%s: ne eblas atingi ĉefgastiganto: %s"
+
+#: plugins/sudoers/auth/kerb5.c:331
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr "%s: Ne eblas konstati TGT-on! Ebla atako!: %s"
+
+#: plugins/sudoers/auth/pam.c:100
+msgid "unable to initialize PAM"
+msgstr "ne eblas iniciati PAM-on"
+
+#: plugins/sudoers/auth/pam.c:144
+msgid "account validation failure, is your account locked?"
+msgstr "malsukceso ĉe konta validigo, ĉu via konto estas ŝlosita?"
+
+#: plugins/sudoers/auth/pam.c:148
+msgid "Account or password is expired, reset your password and try again"
+msgstr "Konto aŭ pasvorto eksvalidiĝis, restarigu vian pasvorton kaj reprovu"
+
+#: plugins/sudoers/auth/pam.c:155
+#, c-format
+msgid "pam_chauthtok: %s"
+msgstr "pam_chauthtok: %s"
+
+#: plugins/sudoers/auth/pam.c:159
+msgid "Password expired, contact your system administrator"
+msgstr "Pasvorto eksvalidiĝis, kontaktu vian sistemestron"
+
+#: plugins/sudoers/auth/pam.c:163
+msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
+msgstr "Konto eksvalidiĝis aŭ PAM-agordon malhavas sekcion \"account\" por sudo, kontaktu vian sistemestron"
+
+#: plugins/sudoers/auth/pam.c:180
+#, c-format
+msgid "pam_authenticate: %s"
+msgstr "pam_authenticate: %s"
+
+#: plugins/sudoers/auth/pam.c:332
+msgid "Password: "
+msgstr "Pasvorto: "
+
+#: plugins/sudoers/auth/pam.c:333
+msgid "Password:"
+msgstr "Pasvorto:"
+
+#: plugins/sudoers/auth/rfc1938.c:104 plugins/sudoers/visudo.c:220
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr "vi ne ekzistas en la datumbazo %s"
+
+#: plugins/sudoers/auth/securid5.c:81
+#, c-format
+msgid "failed to initialise the ACE API library"
+msgstr "malsukcesis iniciati la bibliotekon de la API ACE"
+
+#: plugins/sudoers/auth/securid5.c:107
+#, c-format
+msgid "unable to contact the SecurID server"
+msgstr "ne eblas kontakti la servilon de SecurID"
+
+#: plugins/sudoers/auth/securid5.c:116
+#, c-format
+msgid "User ID locked for SecurID Authentication"
+msgstr "Uzanto identigilo ŝlosita pro konstatado en SecurID"
+
+#: plugins/sudoers/auth/securid5.c:120 plugins/sudoers/auth/securid5.c:171
+#, c-format
+msgid "invalid username length for SecurID"
+msgstr "nevalida salutnoma longo por SecurID"
+
+#: plugins/sudoers/auth/securid5.c:124 plugins/sudoers/auth/securid5.c:176
+#, c-format
+msgid "invalid Authentication Handle for SecurID"
+msgstr "nevalida konstatilo por SecurID"
+
+#: plugins/sudoers/auth/securid5.c:128
+#, c-format
+msgid "SecurID communication failed"
+msgstr "Komunikiĝo kun SecurID malsukcesis"
+
+#: plugins/sudoers/auth/securid5.c:132 plugins/sudoers/auth/securid5.c:215
+#, c-format
+msgid "unknown SecurID error"
+msgstr "nekonata SecurID-eraro"
+
+#: plugins/sudoers/auth/securid5.c:166
+#, c-format
+msgid "invalid passcode length for SecurID"
+msgstr "nevalida paskoda longo por SecurID"
+
+#: plugins/sudoers/auth/sia.c:109
+msgid "unable to initialize SIA session"
+msgstr "ne eblas iniciati SIA-seascon"
+
+#: plugins/sudoers/auth/sudo_auth.c:117
+msgid "Invalid authentication methods compiled into sudo! You may mix standalone and non-standalone authentication."
+msgstr "Nevalidaj konstatantaj metodoj muntitaj en sudo! Vi rajtas miksi dependan kaj sendependan konstatadon."
+
+#: plugins/sudoers/auth/sudo_auth.c:199
+msgid "There are no authentication methods compiled into sudo! If you want to turn off authentication, use the --disable-authentication configure option."
+msgstr "Ekzistas neniaj konstatantaj metodoj muntitaj en sudo! Se vi volas malŝalti konstatadon, uzu la munta parametro --disable-authentication."
+
+#: plugins/sudoers/auth/sudo_auth.c:271
+#, c-format
+msgid "%d incorrect password attempt"
+msgid_plural "%d incorrect password attempts"
+msgstr[0] "%d malĝusta pasvorta provo"
+msgstr[1] "%d malĝustaj pasvortaj provoj"
+
+#: plugins/sudoers/auth/sudo_auth.c:374
+msgid "Authentication methods:"
+msgstr "Konstatantaj metodoj:"
+
+#: plugins/sudoers/bsm_audit.c:60 plugins/sudoers/bsm_audit.c:63
+#: plugins/sudoers/bsm_audit.c:112 plugins/sudoers/bsm_audit.c:116
+#: plugins/sudoers/bsm_audit.c:168 plugins/sudoers/bsm_audit.c:172
+#, c-format
msgid "getaudit: failed"
msgstr "getaudit: malsukcesis"
-#: plugins/sudoers/bsm_audit.c:91 plugins/sudoers/bsm_audit.c:154
+#: plugins/sudoers/bsm_audit.c:90 plugins/sudoers/bsm_audit.c:153
+#, c-format
msgid "Could not determine audit condition"
msgstr "Ne eblis determini revizian kondiĉon"
-#: plugins/sudoers/bsm_audit.c:102
+#: plugins/sudoers/bsm_audit.c:101
+#, c-format
msgid "getauid failed"
msgstr "getauid: malsukcesis"
-#: plugins/sudoers/bsm_audit.c:104 plugins/sudoers/bsm_audit.c:163
+#: plugins/sudoers/bsm_audit.c:103 plugins/sudoers/bsm_audit.c:162
+#, c-format
msgid "au_open: failed"
msgstr "au_open: malsukcesis"
-#: plugins/sudoers/bsm_audit.c:119 plugins/sudoers/bsm_audit.c:175
+#: plugins/sudoers/bsm_audit.c:118 plugins/sudoers/bsm_audit.c:174
+#, c-format
msgid "au_to_subject: failed"
msgstr "au_to_subject: malsukcesis"
-#: plugins/sudoers/bsm_audit.c:123 plugins/sudoers/bsm_audit.c:179
+#: plugins/sudoers/bsm_audit.c:122 plugins/sudoers/bsm_audit.c:178
+#, c-format
msgid "au_to_exec_args: failed"
msgstr "au_to_exec_args: malsukcesis"
-#: plugins/sudoers/bsm_audit.c:127 plugins/sudoers/bsm_audit.c:188
+#: plugins/sudoers/bsm_audit.c:126 plugins/sudoers/bsm_audit.c:187
+#, c-format
msgid "au_to_return32: failed"
msgstr "getaudit: malsukcesis"
-#: plugins/sudoers/bsm_audit.c:130 plugins/sudoers/bsm_audit.c:191
+#: plugins/sudoers/bsm_audit.c:129 plugins/sudoers/bsm_audit.c:190
+#, c-format
msgid "unable to commit audit record"
msgstr "ne eblis konservi revizian rekordon"
-#: plugins/sudoers/bsm_audit.c:161
+#: plugins/sudoers/bsm_audit.c:160
+#, c-format
msgid "getauid: failed"
msgstr "getauid: malsukcesis"
-#: plugins/sudoers/bsm_audit.c:184
+#: plugins/sudoers/bsm_audit.c:183
+#, c-format
msgid "au_to_text: failed"
msgstr "au_to_text: malsukcesis"
msgstr "bedaŭri pasvorto estas bezonata por plenumi: %s"
#: plugins/sudoers/check.c:249 plugins/sudoers/iolog.c:172
-#: plugins/sudoers/sudoers.c:992 plugins/sudoers/sudoreplay.c:348
-#: plugins/sudoers/sudoreplay.c:357 plugins/sudoers/sudoreplay.c:703
-#: plugins/sudoers/sudoreplay.c:797 plugins/sudoers/visudo.c:790
+#: plugins/sudoers/sudoers.c:979 plugins/sudoers/sudoreplay.c:353
+#: plugins/sudoers/sudoreplay.c:709 plugins/sudoers/sudoreplay.c:866
+#: plugins/sudoers/visudo.c:815
#, c-format
msgid "unable to open %s"
msgstr "ne eblas malfermi: %s"
msgstr "%s skribebla de ne-estro (0%o), devas esti reĝimo 0700"
#: plugins/sudoers/check.c:501 plugins/sudoers/check.c:545
-#: plugins/sudoers/check.c:613 plugins/sudoers/sudoers.c:978
-#: plugins/sudoers/visudo.c:320 plugins/sudoers/visudo.c:582
+#: plugins/sudoers/check.c:613 plugins/sudoers/sudoers.c:998
+#: plugins/sudoers/visudo.c:319 plugins/sudoers/visudo.c:581
#, c-format
msgid "unable to stat %s"
msgstr "ne eblas stat-i: %s"
msgstr "ne eblas restarigi al la epoko: %s"
#: plugins/sudoers/check.c:752 plugins/sudoers/check.c:758
-#: plugins/sudoers/sudoers.c:829 plugins/sudoers/sudoers.c:833
+#: plugins/sudoers/sudoers.c:856 plugins/sudoers/sudoers.c:860
#, c-format
msgid "unknown uid: %u"
msgstr "nekonata uid: %u"
-#: plugins/sudoers/check.c:755 plugins/sudoers/sudoers.c:770
-#: plugins/sudoers/sudoers.c:1108 plugins/sudoers/testsudoers.c:218
+#: plugins/sudoers/check.c:755 plugins/sudoers/sudoers.c:797
+#: plugins/sudoers/sudoers.c:1115 plugins/sudoers/testsudoers.c:218
#: plugins/sudoers/testsudoers.c:362
#, c-format
msgid "unknown user: %s"
msgstr "Kiam postuli pasvorton por la pseŭdokamando 'verify': %s"
#: plugins/sudoers/def_data.c:243
-msgid "Preload the dummy exec functions contained in \"_PATH_SUDO_NOEXEC"
-msgstr "Anstaŭŝargi la falsan exec-funkciojn enhavatajn en \"_PATH_SUDO_NOEXEC"
+msgid "Preload the dummy exec functions contained in the sudo_noexec library"
+msgstr "Anstaŭŝargi la falsan exec-funkciojn enhavatajn en la biblioteko sudo_noexec"
#: plugins/sudoers/def_data.c:247
msgid "If LDAP directory is up, do we ignore local sudoers file"
msgid "option `%s' does not take a value"
msgstr "parametro '%s' ne povas havi valoron"
-#: plugins/sudoers/env.c:258
-#, c-format
-msgid "internal error, sudo_setenv() overflow"
-msgstr "ena eraro, superfluo en sudo_setenv()"
-
-#: plugins/sudoers/env.c:291
+#: plugins/sudoers/env.c:339
#, c-format
msgid "sudo_putenv: corrupted envp, length mismatch"
msgstr "sudo_putenv: medio tro granda"
-#: plugins/sudoers/env.c:710
+#: plugins/sudoers/env.c:341 plugins/sudoers/env.c:411
+#: plugins/sudoers/toke_util.c:113 plugins/sudoers/toke_util.c:167
+#: plugins/sudoers/toke_util.c:207 toke.l:682 toke.l:812 toke.l:870 toke.l:966
+#, c-format
+msgid "unable to allocate memory"
+msgstr "ne eblas generi memoron"
+
+#: plugins/sudoers/env.c:366
+#, c-format
+msgid "internal error, sudo_setenv2() overflow"
+msgstr "ena eraro, superfluo en sudo_setenv2()"
+
+#: plugins/sudoers/env.c:410
+#, c-format
+msgid "internal error, sudo_setenv() overflow"
+msgstr "ena eraro, superfluo en sudo_setenv()"
+
+#: plugins/sudoers/env.c:955
#, c-format
msgid "sorry, you are not allowed to set the following environment variables: %s"
msgstr "bedaŭre vi ne estas permesata valorizi la jenajn medivariablojn: %s"
#: plugins/sudoers/find_path.c:69 plugins/sudoers/find_path.c:108
#: plugins/sudoers/find_path.c:123 plugins/sudoers/iolog.c:125
-#: plugins/sudoers/sudoers.c:923 toke.l:668 toke.l:823
+#: plugins/sudoers/sudoers.c:950 toke.l:678 toke.l:866
#, c-format
msgid "%s: %s"
msgstr "%s: %s"
-#: gram.y:110
-#, c-format
-msgid ">>> %s: %s near line %d <<<"
-msgstr ">>> %s: %s apud linio %d <<<"
-
#: plugins/sudoers/group_plugin.c:91
#, c-format
msgid "%s%s: %s"
msgid "Local IP address and netmask pairs:\n"
msgstr "Loka IP-adresa kaj retmaska paroj:\n"
-#: plugins/sudoers/iolog.c:179 plugins/sudoers/sudoers.c:999
+#: plugins/sudoers/iolog.c:179 plugins/sudoers/sudoers.c:986
#, c-format
msgid "unable to read %s"
msgstr "ne eblas legi %s"
msgid "unable to create %s"
msgstr "ne eblas krei: %s"
-#: plugins/sudoers/iolog_path.c:256 plugins/sudoers/sudoers.c:362
+#: plugins/sudoers/iolog_path.c:256 plugins/sudoers/sudoers.c:373
#, c-format
msgid "unable to set locale to \"%s\", using \"C\""
msgstr "ne eblas elekti lokaĵaron \"%s\", uzanta lokaĵaron \"C\""
-#: plugins/sudoers/ldap.c:374
+#: plugins/sudoers/ldap.c:378
#, c-format
msgid "sudo_ldap_conf_add_ports: port too large"
msgstr "sudo_ldap_conf_add_ports: pordo tro granda"
-#: plugins/sudoers/ldap.c:397
+#: plugins/sudoers/ldap.c:401
#, c-format
msgid "sudo_ldap_conf_add_ports: out of space expanding hostbuf"
msgstr "sudo_ldap_conf_add_ports: eluzis spacon etendanta la bufron"
-#: plugins/sudoers/ldap.c:427
+#: plugins/sudoers/ldap.c:431
#, c-format
msgid "unsupported LDAP uri type: %s"
msgstr "nekonata retadresa tipo de LDAP: %s"
-#: plugins/sudoers/ldap.c:456
+#: plugins/sudoers/ldap.c:460
#, c-format
msgid "invalid uri: %s"
msgstr "nevalida retadreso: %s"
-#: plugins/sudoers/ldap.c:462
+#: plugins/sudoers/ldap.c:466
#, c-format
msgid "unable to mix ldap and ldaps URIs"
msgstr "ne eblas miksi sekurajn kaj nesekurajn retadresojn de LDAP"
-#: plugins/sudoers/ldap.c:466
+#: plugins/sudoers/ldap.c:470
#, c-format
msgid "unable to mix ldaps and starttls"
msgstr "ne eblas miksi protokolojn ldaps kaj starttls"
-#: plugins/sudoers/ldap.c:485
+#: plugins/sudoers/ldap.c:489
#, c-format
msgid "sudo_ldap_parse_uri: out of space building hostbuf"
msgstr "sudo_ldap_parse_uri: eluzis spacon muntanta la bufron"
-#: plugins/sudoers/ldap.c:550
+#: plugins/sudoers/ldap.c:563
#, c-format
msgid "unable to initialize SSL cert and key db: %s"
msgstr "ne eblas iniciati SSL-asertilon kaj ŝlosilan datumbazon: %s"
-#: plugins/sudoers/ldap.c:958
+#: plugins/sudoers/ldap.c:566
+#, c-format
+msgid "you must set TLS_CERT in %s to use SSL"
+msgstr "TLS_CERT devas havi valoron en %s antaŭ ol SSL uzeblos"
+
+#: plugins/sudoers/ldap.c:973
#, c-format
msgid "unable to get GMT time"
msgstr "ne eblas atingi GMT-tempon"
-#: plugins/sudoers/ldap.c:964
+#: plugins/sudoers/ldap.c:979
#, c-format
msgid "unable to format timestamp"
msgstr "ne eblas aranĝi tempostampon"
-#: plugins/sudoers/ldap.c:972
+#: plugins/sudoers/ldap.c:987
#, c-format
msgid "unable to build time filter"
msgstr "ne eblas munti tempan filtrilon"
-#: plugins/sudoers/ldap.c:1185
+#: plugins/sudoers/ldap.c:1202
#, c-format
msgid "sudo_ldap_build_pass1 allocation mismatch"
msgstr "sudo_ldap_build_pass1: genra malkongruaĵo"
-#: plugins/sudoers/ldap.c:1705
+#: plugins/sudoers/ldap.c:1738
#, c-format
msgid ""
"\n"
"\n"
"LDAP-rolo: %s\n"
-#: plugins/sudoers/ldap.c:1707
+#: plugins/sudoers/ldap.c:1740
#, c-format
msgid ""
"\n"
"\n"
"LDAP-rolo: NEKONATA\n"
-#: plugins/sudoers/ldap.c:1754
+#: plugins/sudoers/ldap.c:1787
#, c-format
msgid " Order: %s\n"
msgstr " Ordo: %s\n"
-#: plugins/sudoers/ldap.c:1762
+#: plugins/sudoers/ldap.c:1795
#, c-format
msgid " Commands:\n"
msgstr " Komandoj:\n"
-#: plugins/sudoers/ldap.c:2161
+#: plugins/sudoers/ldap.c:2216
#, c-format
msgid "unable to initialize LDAP: %s"
msgstr "ne eblas iniciati LDAP-on: %s"
-#: plugins/sudoers/ldap.c:2192
+#: plugins/sudoers/ldap.c:2250
#, c-format
msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
msgstr "start_tls specifita sed LDAP-bibliotekoj ne havas la funkciojn ldap_start_tls_s() kaj ldap_start_tls_s_np()"
-#: plugins/sudoers/ldap.c:2428
+#: plugins/sudoers/ldap.c:2486
#, c-format
msgid "invalid sudoOrder attribute: %s"
msgstr "nevalida atributo de sudoOrdo: %s"
msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
msgstr "Bedaŭre uzanto %s ne rajtas plenumigi '%s%s%s'-on kiel %s%s%s en %s.\n"
-#: plugins/sudoers/logging.c:420
+#: plugins/sudoers/logging.c:447
#, c-format
msgid "unable to fork"
msgstr "ne eblas forki"
-#: plugins/sudoers/logging.c:427 plugins/sudoers/logging.c:489
+#: plugins/sudoers/logging.c:454 plugins/sudoers/logging.c:516
#, c-format
msgid "unable to fork: %m"
msgstr "ne eblas forki: %m"
-#: plugins/sudoers/logging.c:479
+#: plugins/sudoers/logging.c:506
#, c-format
msgid "unable to open pipe: %m"
msgstr "ne eblas malfermi tubon: %m"
-#: plugins/sudoers/logging.c:504
+#: plugins/sudoers/logging.c:531
#, c-format
msgid "unable to dup stdin: %m"
msgstr "ne eblas kopii enigon: %m"
-#: plugins/sudoers/logging.c:540
+#: plugins/sudoers/logging.c:567
#, c-format
msgid "unable to execute %s: %m"
msgstr "ne eblas plenumigi %s-on: %m"
-#: plugins/sudoers/logging.c:755
+#: plugins/sudoers/logging.c:782
#, c-format
msgid "internal error: insufficient space for log line"
msgstr "ena eraro: nesufiĉa spaco por protokola linio"
msgid "unable to cache user %s, already exists"
msgstr "ne eblas konservi uzanton %s, jam ekzistas"
-#: plugins/sudoers/pwutil.c:655
+#: plugins/sudoers/pwutil.c:653
#, c-format
msgid "unable to cache gid %u (%s), already exists"
msgstr "ne eblas konservi gid-on %u (%s), jam ekzistas"
-#: plugins/sudoers/pwutil.c:663
+#: plugins/sudoers/pwutil.c:661
#, c-format
msgid "unable to cache gid %u, already exists"
msgstr "ne eblas konservi gid-on %u, jam ekzistas"
-#: plugins/sudoers/pwutil.c:693 plugins/sudoers/pwutil.c:702
+#: plugins/sudoers/pwutil.c:691 plugins/sudoers/pwutil.c:700
#, c-format
msgid "unable to cache group %s, already exists"
msgstr "ne eblas konservi grupon %s, jam ekzistas"
-#: plugins/sudoers/set_perms.c:114 plugins/sudoers/set_perms.c:365
-#: plugins/sudoers/set_perms.c:601 plugins/sudoers/set_perms.c:837
+#: plugins/sudoers/set_perms.c:122 plugins/sudoers/set_perms.c:436
+#: plugins/sudoers/set_perms.c:828 plugins/sudoers/set_perms.c:1114
+#: plugins/sudoers/set_perms.c:1396
msgid "perm stack overflow"
msgstr "permeso-staka superfluo"
-#: plugins/sudoers/set_perms.c:122 plugins/sudoers/set_perms.c:373
-#: plugins/sudoers/set_perms.c:609 plugins/sudoers/set_perms.c:845
+#: plugins/sudoers/set_perms.c:130 plugins/sudoers/set_perms.c:444
+#: plugins/sudoers/set_perms.c:836 plugins/sudoers/set_perms.c:1122
+#: plugins/sudoers/set_perms.c:1404
msgid "perm stack underflow"
msgstr "permeso-staka subfluo"
-#: plugins/sudoers/set_perms.c:228 plugins/sudoers/set_perms.c:466
-#: plugins/sudoers/set_perms.c:706
+#: plugins/sudoers/set_perms.c:270 plugins/sudoers/set_perms.c:580
+#: plugins/sudoers/set_perms.c:957 plugins/sudoers/set_perms.c:1243
msgid "unable to change to runas gid"
msgstr "ne eblas ŝanĝi al plenumigkiela gid"
-#: plugins/sudoers/set_perms.c:236 plugins/sudoers/set_perms.c:473
-#: plugins/sudoers/set_perms.c:713
+#: plugins/sudoers/set_perms.c:282 plugins/sudoers/set_perms.c:592
+#: plugins/sudoers/set_perms.c:967 plugins/sudoers/set_perms.c:1253
msgid "unable to change to runas uid"
msgstr "ne eblas ŝanĝi al plenumigkiela uid"
-#: plugins/sudoers/set_perms.c:250 plugins/sudoers/set_perms.c:486
-#: plugins/sudoers/set_perms.c:726
-#, c-format
+#: plugins/sudoers/set_perms.c:300 plugins/sudoers/set_perms.c:610
+#: plugins/sudoers/set_perms.c:983 plugins/sudoers/set_perms.c:1269
msgid "unable to change to sudoers gid"
msgstr "ne eblas ŝanĝi al gid de sudo-redaktantoj"
-#: plugins/sudoers/set_perms.c:291 plugins/sudoers/set_perms.c:524
-#: plugins/sudoers/set_perms.c:764 plugins/sudoers/set_perms.c:906
+#: plugins/sudoers/set_perms.c:353 plugins/sudoers/set_perms.c:681
+#: plugins/sudoers/set_perms.c:1029 plugins/sudoers/set_perms.c:1315
+#: plugins/sudoers/set_perms.c:1474
msgid "too many processes"
msgstr "tro da procezoj"
-#: plugins/sudoers/set_perms.c:970
+#: plugins/sudoers/set_perms.c:1542
msgid "unable to set runas group vector"
msgstr "ne eblas elekti vektoron de plenumigkiela grupo"
msgid "User %s is not allowed to run sudo on %s.\n"
msgstr "Uzanto %s ne rajtas plenumigi sudo-on en %s.\n"
-#: plugins/sudoers/sudoers.c:201 plugins/sudoers/sudoers.c:232
-#: plugins/sudoers/sudoers.c:931
+#: plugins/sudoers/sudoers.c:208 plugins/sudoers/sudoers.c:239
+#: plugins/sudoers/sudoers.c:958
msgid "problem with defaults entries"
msgstr "problemoj kun aŭtomataj eroj"
-#: plugins/sudoers/sudoers.c:205
+#: plugins/sudoers/sudoers.c:212
#, c-format
msgid "no valid sudoers sources found, quitting"
msgstr "ne validaj fontotekstoj de sudoers trovita, ĉesiganta"
-#: plugins/sudoers/sudoers.c:257
+#: plugins/sudoers/sudoers.c:264
#, c-format
msgid "unable to execute %s: %s"
msgstr "ne eblas plenumigi %s-on: %s"
-#: plugins/sudoers/sudoers.c:311
+#: plugins/sudoers/sudoers.c:322
#, c-format
msgid "sudoers specifies that root is not allowed to sudo"
msgstr "sudoers specifas, ke ĉefuzanto ne rajtas sudo-i"
-#: plugins/sudoers/sudoers.c:318
+#: plugins/sudoers/sudoers.c:329
#, c-format
msgid "you are not permitted to use the -C option"
msgstr "vi ne rajtas uzi la parametron -C"
-#: plugins/sudoers/sudoers.c:408
+#: plugins/sudoers/sudoers.c:422
#, c-format
msgid "timestamp owner (%s): No such user"
msgstr "posedanto de tempindiko estas %s -- sed tiu uzanto ne ekzistas"
-#: plugins/sudoers/sudoers.c:424
+#: plugins/sudoers/sudoers.c:438
msgid "no tty"
msgstr "neniu tty"
-#: plugins/sudoers/sudoers.c:425
+#: plugins/sudoers/sudoers.c:439
#, c-format
msgid "sorry, you must have a tty to run sudo"
msgstr "bedaŭre vi devas havi tty-on por plenumigi sudo-on"
-#: plugins/sudoers/sudoers.c:464
+#: plugins/sudoers/sudoers.c:478
msgid "No user or host"
msgstr "Neniu uzanto aŭ gastiganto"
-#: plugins/sudoers/sudoers.c:478 plugins/sudoers/sudoers.c:499
-#: plugins/sudoers/sudoers.c:500 plugins/sudoers/sudoers.c:1509
-#: plugins/sudoers/sudoers.c:1510
+#: plugins/sudoers/sudoers.c:492 plugins/sudoers/sudoers.c:513
+#: plugins/sudoers/sudoers.c:514 plugins/sudoers/sudoers.c:1522
+#: plugins/sudoers/sudoers.c:1523
#, c-format
msgid "%s: command not found"
msgstr "%s: komando ne trovita"
-#: plugins/sudoers/sudoers.c:480 plugins/sudoers/sudoers.c:496
+#: plugins/sudoers/sudoers.c:494 plugins/sudoers/sudoers.c:510
#, c-format
msgid ""
"ignoring `%s' found in '.'\n"
"Ignoranta '%s'-on trovita en '.'\n"
"Uzu 'sudo ./%s'-on se tio estas la '%s', kiun vi volas plenumigi."
-#: plugins/sudoers/sudoers.c:485
+#: plugins/sudoers/sudoers.c:499
msgid "validation failure"
msgstr "validiga malsukceso"
-#: plugins/sudoers/sudoers.c:495
+#: plugins/sudoers/sudoers.c:509
msgid "command in current directory"
msgstr "komando en nuna dosierujo"
-#: plugins/sudoers/sudoers.c:507
+#: plugins/sudoers/sudoers.c:521
#, c-format
msgid "sorry, you are not allowed to preserve the environment"
msgstr "bedaŭre vi ne rajtas konservi la medion"
-#: plugins/sudoers/sudoers.c:657 plugins/sudoers/sudoers.c:664
+#: plugins/sudoers/sudoers.c:681 plugins/sudoers/sudoers.c:688
#, c-format
msgid "internal error, runas_groups overflow"
msgstr "ena eraro, runas_groups superfluo"
-#: plugins/sudoers/sudoers.c:914
+#: plugins/sudoers/sudoers.c:941
#, c-format
msgid "internal error, set_cmnd() overflow"
msgstr "ena eraro, superfluo en set_cmnd()"
-#: plugins/sudoers/sudoers.c:957
-#, c-format
-msgid "fixed mode on %s"
-msgstr "fiksita reĝimo en %s"
-
-#: plugins/sudoers/sudoers.c:961
-#, c-format
-msgid "set group on %s"
-msgstr "elekti grupon en %s"
-
-#: plugins/sudoers/sudoers.c:964
-#, c-format
-msgid "unable to set group on %s"
-msgstr "ne eblas elekti grupon en %s"
-
-#: plugins/sudoers/sudoers.c:967
-#, c-format
-msgid "unable to fix mode on %s"
-msgstr "ne eblas fiksi reĝimon en %s"
-
-#: plugins/sudoers/sudoers.c:980
+#: plugins/sudoers/sudoers.c:1001
#, c-format
msgid "%s is not a regular file"
msgstr "%s ne estas normala dosiero"
-#: plugins/sudoers/sudoers.c:982
-#, c-format
-msgid "%s is mode 0%o, should be 0%o"
-msgstr "%s estas reĝimo 0%o, devas esti 0%o"
-
-#: plugins/sudoers/sudoers.c:986
+#: plugins/sudoers/sudoers.c:1004 toke.l:829
#, c-format
msgid "%s is owned by uid %u, should be %u"
msgstr "%s estas estrita de uid %u, devas esti %u"
-#: plugins/sudoers/sudoers.c:989
+#: plugins/sudoers/sudoers.c:1008 toke.l:836
+#, c-format
+msgid "%s is world writable"
+msgstr "%s estas skribebla de ĉiuj"
+
+#: plugins/sudoers/sudoers.c:1011 toke.l:841
#, c-format
msgid "%s is owned by gid %u, should be %u"
msgstr "%s estas estrita de gid %u, devas esti %u"
msgid "only root can use `-c %s'"
msgstr "nur ĉefuzanto rajtas uzi '-c %s'"
-#: plugins/sudoers/sudoers.c:1049
+#: plugins/sudoers/sudoers.c:1055 plugins/sudoers/sudoers.c:1057
#, c-format
msgid "unknown login class: %s"
msgstr "nekonata ensaluta klaso: %s"
-#: plugins/sudoers/sudoers.c:1077
+#: plugins/sudoers/sudoers.c:1084
#, c-format
msgid "unable to resolve host %s"
msgstr "ne eblas trovi gastiganton %s"
-#: plugins/sudoers/sudoers.c:1129 plugins/sudoers/testsudoers.c:380
+#: plugins/sudoers/sudoers.c:1136 plugins/sudoers/testsudoers.c:380
#, c-format
msgid "unknown group: %s"
msgstr "nekonata grupo: %s"
-#: plugins/sudoers/sudoers.c:1178
+#: plugins/sudoers/sudoers.c:1185
#, c-format
msgid "Sudoers policy plugin version %s\n"
msgstr "Eldono %s de la konduta kromprogramo\n"
-#: plugins/sudoers/sudoers.c:1180
+#: plugins/sudoers/sudoers.c:1187
#, c-format
msgid "Sudoers file grammar version %d\n"
msgstr "Eldono %d de la gramatikilo de sudoers\n"
-#: plugins/sudoers/sudoers.c:1184
+#: plugins/sudoers/sudoers.c:1191
#, c-format
msgid ""
"\n"
"\n"
"Pado de sudoers: %s\n"
-#: plugins/sudoers/sudoers.c:1187
+#: plugins/sudoers/sudoers.c:1194
#, c-format
msgid "nsswitch path: %s\n"
msgstr "pado de nsswitch: %s\n"
-#: plugins/sudoers/sudoers.c:1189
+#: plugins/sudoers/sudoers.c:1196
#, c-format
msgid "ldap.conf path: %s\n"
msgstr "pado de ldap.conf: %s\n"
-#: plugins/sudoers/sudoers.c:1190
+#: plugins/sudoers/sudoers.c:1197
#, c-format
msgid "ldap.secret path: %s\n"
msgstr "pado de ldap.secret: %s\n"
-#: plugins/sudoers/sudoreplay.c:286
+#: plugins/sudoers/sudoreplay.c:291
#, c-format
msgid "invalid filter option: %s"
msgstr "nevalida filtrila elekto: %s"
-#: plugins/sudoers/sudoreplay.c:299
+#: plugins/sudoers/sudoreplay.c:304
#, c-format
msgid "invalid max wait: %s"
msgstr "nevalida maksimuma atendo: %s"
-#: plugins/sudoers/sudoreplay.c:305
+#: plugins/sudoers/sudoreplay.c:310
#, c-format
msgid "invalid speed factor: %s"
msgstr "nevalida rapida faktoro: %s"
-#: plugins/sudoers/sudoreplay.c:308 plugins/sudoers/visudo.c:187
+#: plugins/sudoers/sudoreplay.c:313 plugins/sudoers/visudo.c:187
#, c-format
msgid "%s version %s\n"
msgstr "%s eldono %s\n"
-#: plugins/sudoers/sudoreplay.c:333
+#: plugins/sudoers/sudoreplay.c:338
#, c-format
msgid "%s/%.2s/%.2s/%.2s/timing: %s"
msgstr "%s/%.2s/%.2s/%.2s tempo-registrado: %s"
-#: plugins/sudoers/sudoreplay.c:339
+#: plugins/sudoers/sudoreplay.c:344
#, c-format
msgid "%s/%s/timing: %s"
msgstr "%s/%s/tempo-registrado: %s"
-#: plugins/sudoers/sudoreplay.c:364
+#: plugins/sudoers/sudoreplay.c:362
#, c-format
-msgid "invalid log file %s"
-msgstr "nevalida protokolo %s"
+msgid "Replaying sudo session: %s\n"
+msgstr "Refaranta sudo-seancon: %s\n"
-#: plugins/sudoers/sudoreplay.c:366
+#: plugins/sudoers/sudoreplay.c:368
#, c-format
-msgid "Replaying sudo session: %s"
-msgstr "Refaranta sudo-seancon: %s"
+msgid "Warning: your terminal is too small to properly replay the log.\n"
+msgstr "Averto: via terminalo estas tro malgranda por konvene reskribi la protokolon.\n"
-#: plugins/sudoers/sudoreplay.c:392
+#: plugins/sudoers/sudoreplay.c:369
+#, c-format
+msgid "Log geometry is %d x %d, your terminal's geometry is %d x %d."
+msgstr "Protokola grando estas %dx%d, sed via terminala grando estas %dx%d."
+
+#: plugins/sudoers/sudoreplay.c:399
#, c-format
msgid "unable to set tty to raw mode"
msgstr "ne eblas elekti tty-on en nudan reĝimon"
-#: plugins/sudoers/sudoreplay.c:406
+#: plugins/sudoers/sudoreplay.c:412
#, c-format
msgid "invalid timing file line: %s"
msgstr "nevalida linio en la tempo-registran dosieron: %s"
-#: plugins/sudoers/sudoreplay.c:448
+#: plugins/sudoers/sudoreplay.c:454
#, c-format
msgid "writing to standard output"
msgstr "skribanta al eligo"
-#: plugins/sudoers/sudoreplay.c:480
+#: plugins/sudoers/sudoreplay.c:486
#, c-format
msgid "nanosleep: tv_sec %ld, tv_nsec %ld"
msgstr "nanosleep: tv_sec %ld, tv_nsec %ld"
-#: plugins/sudoers/sudoreplay.c:529 plugins/sudoers/sudoreplay.c:554
+#: plugins/sudoers/sudoreplay.c:535 plugins/sudoers/sudoreplay.c:560
#, c-format
msgid "ambiguous expression \"%s\""
msgstr "ambigua esprimo \"%s\""
-#: plugins/sudoers/sudoreplay.c:571
+#: plugins/sudoers/sudoreplay.c:577
#, c-format
msgid "too many parenthesized expressions, max %d"
msgstr "tro da esprimoj en krampoj; maksimumo estas %d"
-#: plugins/sudoers/sudoreplay.c:582
+#: plugins/sudoers/sudoreplay.c:588
#, c-format
msgid "unmatched ')' in expression"
msgstr "esprimo kun ')' sen samnivela '('"
-#: plugins/sudoers/sudoreplay.c:588
+#: plugins/sudoers/sudoreplay.c:594
#, c-format
msgid "unknown search term \"%s\""
msgstr "nekonata serĉaĵo \"%s\""
-#: plugins/sudoers/sudoreplay.c:602
+#: plugins/sudoers/sudoreplay.c:608
#, c-format
msgid "%s requires an argument"
msgstr "%s bezonas parametron"
-#: plugins/sudoers/sudoreplay.c:606
+#: plugins/sudoers/sudoreplay.c:612
#, c-format
msgid "invalid regular expression: %s"
msgstr "nevalida regulesprimo: %s"
-#: plugins/sudoers/sudoreplay.c:612
+#: plugins/sudoers/sudoreplay.c:618
#, c-format
msgid "could not parse date \"%s\""
msgstr "ne eblis analizi daton \"%s\""
-#: plugins/sudoers/sudoreplay.c:625
+#: plugins/sudoers/sudoreplay.c:631
#, c-format
msgid "unmatched '(' in expression"
msgstr "esprimo kun '(' sen samnivela ')'"
-#: plugins/sudoers/sudoreplay.c:627
+#: plugins/sudoers/sudoreplay.c:633
#, c-format
msgid "illegal trailing \"or\""
msgstr "nevalida posta \"or\""
-#: plugins/sudoers/sudoreplay.c:629
+#: plugins/sudoers/sudoreplay.c:635
#, c-format
msgid "illegal trailing \"!\""
msgstr "nevalida posta \"!\""
-#: plugins/sudoers/sudoreplay.c:851
+#: plugins/sudoers/sudoreplay.c:942
#, c-format
msgid "invalid regex: %s"
msgstr "nevalida regulesprimo: %s"
-#: plugins/sudoers/sudoreplay.c:976
+#: plugins/sudoers/sudoreplay.c:1066
#, c-format
msgid "usage: %s [-h] [-d directory] [-m max_wait] [-s speed_factor] ID\n"
msgstr "uzado: %s [-h] [-d dosierujo] [-m maksimuma_atendo] [-s rapida_faktoro] identigilo\n"
-#: plugins/sudoers/sudoreplay.c:979
+#: plugins/sudoers/sudoreplay.c:1069
#, c-format
msgid "usage: %s [-h] [-d directory] -l [search expression]\n"
msgstr "uzado: %s [-h] [-d dosierujo] -l [serĉaĵo]\n"
-#: plugins/sudoers/sudoreplay.c:988
+#: plugins/sudoers/sudoreplay.c:1078
#, c-format
msgid ""
"%s - replay sudo session logs\n"
"%s - refari sudo-seancajn protokolojn\n"
"\n"
-#: plugins/sudoers/sudoreplay.c:990
+#: plugins/sudoers/sudoreplay.c:1080
msgid ""
"\n"
"Options:\n"
"\n"
"Komando sen egalo"
-#: toke.l:672 toke.l:802 toke.l:827 toke.l:923 plugins/sudoers/toke_util.c:113
-#: plugins/sudoers/toke_util.c:167 plugins/sudoers/toke_util.c:207
-msgid "unable to allocate memory"
-msgstr "ne eblas generi memoron"
-
-#: toke.l:795
-msgid "too many levels of includes"
-msgstr "tro da niveloj de inkluzivaĵoj"
-
#: plugins/sudoers/toke_util.c:218
msgid "fill_args: buffer overflow"
msgstr "fill_args: bufra superfluo"
msgid "%s grammar version %d\n"
msgstr "%s gramatika eldono %d\n"
-#: plugins/sudoers/visudo.c:221 plugins/sudoers/auth/rfc1938.c:104
-#, c-format
-msgid "you do not exist in the %s database"
-msgstr "vi ne ekzistas en la datumbazo %s"
-
-#: plugins/sudoers/visudo.c:253 plugins/sudoers/visudo.c:539
+#: plugins/sudoers/visudo.c:252 plugins/sudoers/visudo.c:538
#, c-format
msgid "press return to edit %s: "
msgstr "premu enen-klavon por redakti %s-on: "
-#: plugins/sudoers/visudo.c:336 plugins/sudoers/visudo.c:342
+#: plugins/sudoers/visudo.c:335 plugins/sudoers/visudo.c:341
#, c-format
msgid "write error"
msgstr "skriba eraro"
-#: plugins/sudoers/visudo.c:424
+#: plugins/sudoers/visudo.c:423
#, c-format
msgid "unable to stat temporary file (%s), %s unchanged"
msgstr "ne eblas stat-i provizoron dosieron (%s), %s neŝanĝita"
-#: plugins/sudoers/visudo.c:429
+#: plugins/sudoers/visudo.c:428
#, c-format
msgid "zero length temporary file (%s), %s unchanged"
msgstr "nul-longa provizora dosiero (%s), %s neŝanĝita"
-#: plugins/sudoers/visudo.c:435
+#: plugins/sudoers/visudo.c:434
#, c-format
msgid "editor (%s) failed, %s unchanged"
msgstr "redaktilo (%s) malsukcesis, %s neŝanĝita"
-#: plugins/sudoers/visudo.c:458
+#: plugins/sudoers/visudo.c:457
#, c-format
msgid "%s unchanged"
msgstr "%s neŝanĝita"
-#: plugins/sudoers/visudo.c:484
+#: plugins/sudoers/visudo.c:483
#, c-format
msgid "unable to re-open temporary file (%s), %s unchanged."
msgstr "ne eblas remalfermi provizoran dosieron (%s), %s neŝanĝita."
-#: plugins/sudoers/visudo.c:494
+#: plugins/sudoers/visudo.c:493
#, c-format
msgid "unabled to parse temporary file (%s), unknown error"
msgstr "ne eblas analizi provizoran dosieron (%s), nekonata eraro"
-#: plugins/sudoers/visudo.c:532
+#: plugins/sudoers/visudo.c:531
#, c-format
msgid "internal error, unable to find %s in list!"
msgstr "ena eraro, ne eblas trovi '%s'-on en listo!"
-#: plugins/sudoers/visudo.c:584 plugins/sudoers/visudo.c:593
+#: plugins/sudoers/visudo.c:583 plugins/sudoers/visudo.c:592
#, c-format
msgid "unable to set (uid, gid) of %s to (%u, %u)"
msgstr "ne eblas ŝanĝi (uid, gid) de %s al (%u, %u)"
-#: plugins/sudoers/visudo.c:588 plugins/sudoers/visudo.c:598
+#: plugins/sudoers/visudo.c:587 plugins/sudoers/visudo.c:597
#, c-format
msgid "unable to change mode of %s to 0%o"
msgstr "ne eblas ŝanĝi reĝimon de %s al 0%o"
-#: plugins/sudoers/visudo.c:615
+#: plugins/sudoers/visudo.c:614
#, c-format
msgid "%s and %s not on the same file system, using mv to rename"
msgstr "%s kaj %s ne estas la sama dosiersistemo, uzanta mv-on por alinomi"
-#: plugins/sudoers/visudo.c:629
+#: plugins/sudoers/visudo.c:628
#, c-format
msgid "command failed: '%s %s %s', %s unchanged"
msgstr "komando malsukcesis: '%s %s %s', %s neŝanĝita"
-#: plugins/sudoers/visudo.c:639
+#: plugins/sudoers/visudo.c:638
#, c-format
msgid "error renaming %s, %s unchanged"
msgstr "eraro dum alinomi %s-on; %s neŝanĝita"
-#: plugins/sudoers/visudo.c:702
+#: plugins/sudoers/visudo.c:701
msgid "What now? "
msgstr "Kion nun? "
-#: plugins/sudoers/visudo.c:716
+#: plugins/sudoers/visudo.c:715
msgid ""
"Options are:\n"
" (e)dit sudoers file again\n"
" x) eliri sen konservi ŝanĝojn al sudoers-dosiero\n"
" q) Eliri kaj konservi ŝanĝojn al sudoers-dosiero (DANĜERA!)\n"
-#: plugins/sudoers/visudo.c:757
+#: plugins/sudoers/visudo.c:756
#, c-format
msgid "unable to execute %s"
msgstr "ne eblas plenumigi: %s"
-#: plugins/sudoers/visudo.c:764
+#: plugins/sudoers/visudo.c:763
#, c-format
msgid "unable to run %s"
msgstr "ne eblas plenumigi: %s"
+#: plugins/sudoers/visudo.c:789
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr "%s: malĝusta estro (uid, gid) devas esti (%u, %u)\n"
+
#: plugins/sudoers/visudo.c:796
#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr "%s: misaj permesoj, devas esti reĝimo 0%o\n"
+
+#: plugins/sudoers/visudo.c:821
+#, c-format
msgid "failed to parse %s file, unknown error"
msgstr "malsukcesis analizi dosieron %s, nekonata eraro"
-#: plugins/sudoers/visudo.c:808
+#: plugins/sudoers/visudo.c:834
#, c-format
msgid "parse error in %s near line %d\n"
msgstr "analiza eraro en %s proksime al linio %d\n"
-#: plugins/sudoers/visudo.c:811
+#: plugins/sudoers/visudo.c:837
#, c-format
msgid "parse error in %s\n"
msgstr "analiza eraro en %s\n"
-#: plugins/sudoers/visudo.c:814 plugins/sudoers/visudo.c:816
+#: plugins/sudoers/visudo.c:844 plugins/sudoers/visudo.c:849
#, c-format
msgid "%s: parsed OK\n"
msgstr "%s: analizita senerare\n"
-#: plugins/sudoers/visudo.c:826
-#, c-format
-msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
-msgstr "%s: malĝusta estro (uid, gid) devas esti (%u, %u)\n"
-
-#: plugins/sudoers/visudo.c:833
-#, c-format
-msgid "%s: bad permissions, should be mode 0%o\n"
-msgstr "%s: misaj permesoj, devas esti reĝimo 0%o\n"
-
-#: plugins/sudoers/visudo.c:880
+#: plugins/sudoers/visudo.c:896
#, c-format
msgid "%s busy, try again later"
msgstr "%s okupata, reprovu pli malfrue"
-#: plugins/sudoers/visudo.c:924
+#: plugins/sudoers/visudo.c:940
#, c-format
msgid "specified editor (%s) doesn't exist"
msgstr "specifita tekstoredaktilo (%s) ne ekzistas"
-#: plugins/sudoers/visudo.c:947
+#: plugins/sudoers/visudo.c:963
#, c-format
msgid "unable to stat editor (%s)"
msgstr "ne eblas stat-i tekstoredaktilon (%s)"
-#: plugins/sudoers/visudo.c:995
+#: plugins/sudoers/visudo.c:1011
#, c-format
msgid "no editor found (editor path = %s)"
msgstr "neniu tekstoredaktilo trovita (pado = %s)"
-#: plugins/sudoers/visudo.c:1089
+#: plugins/sudoers/visudo.c:1105
#, c-format
msgid "Error: cycle in %s_Alias `%s'"
msgstr "Eraro: ciklo en %s_Alias '%s'"
-#: plugins/sudoers/visudo.c:1090
+#: plugins/sudoers/visudo.c:1106
#, c-format
msgid "Warning: cycle in %s_Alias `%s'"
msgstr "Averto: ciklo en %s_Alias '%s'"
-#: plugins/sudoers/visudo.c:1093
+#: plugins/sudoers/visudo.c:1109
#, c-format
msgid "Error: %s_Alias `%s' referenced but not defined"
msgstr "Eraro: %s_Alias '%s' referinta sed ne difinita"
-#: plugins/sudoers/visudo.c:1094
+#: plugins/sudoers/visudo.c:1110
#, c-format
msgid "Warning: %s_Alias `%s' referenced but not defined"
msgstr "Averto: %s_Alias '%s' referinta sed ne difinita"
-#: plugins/sudoers/visudo.c:1229
+#: plugins/sudoers/visudo.c:1245
#, c-format
msgid "%s: unused %s_Alias %s"
msgstr "%s neuzata %s_Alias %s"
-#: plugins/sudoers/visudo.c:1286
+#: plugins/sudoers/visudo.c:1301
#, c-format
msgid ""
"%s - safely edit the sudoers file\n"
"%s - sekure redakti la dosieron sudoers\n"
"\n"
-#: plugins/sudoers/visudo.c:1288
+#: plugins/sudoers/visudo.c:1303
msgid ""
"\n"
"Options:\n"
" -s malsevera kontrolado de sintakso\n"
" -V montri eldonon kaj eliri"
-#: plugins/sudoers/auth/bsdauth.c:78
-#, c-format
-msgid "unable to get login class for user %s"
-msgstr "ne eblas akiri ensalutan klason por uzanto %s"
-
-#: plugins/sudoers/auth/bsdauth.c:84
-msgid "unable to begin bsd authentication"
-msgstr "ne eblas komenci bsd-konstatadn"
-
-#: plugins/sudoers/auth/bsdauth.c:92
-msgid "invalid authentication type"
-msgstr "nevalida konstata tipo"
-
-#: plugins/sudoers/auth/bsdauth.c:101
-msgid "unable to setup authentication"
-msgstr "ne eblas starigi konstatadon"
-
-#: plugins/sudoers/auth/fwtk.c:60
-#, c-format
-msgid "unable to read fwtk config"
-msgstr "ne eblas legi fwtk-agordon"
-
-#: plugins/sudoers/auth/fwtk.c:65
-#, c-format
-msgid "unable to connect to authentication server"
-msgstr "ne eblas konektiĝi al konstatanta servilo"
-
-#: plugins/sudoers/auth/fwtk.c:71 plugins/sudoers/auth/fwtk.c:95
-#: plugins/sudoers/auth/fwtk.c:128
-#, c-format
-msgid "lost connection to authentication server"
-msgstr "konekto al konstatanta servilo perdita"
-
-#: plugins/sudoers/auth/fwtk.c:75
-#, c-format
-msgid ""
-"authentication server error:\n"
-"%s"
-msgstr ""
-"eraro de konstatanta servilo:\n"
-"%s"
-
-#: plugins/sudoers/auth/kerb5.c:117
-#, c-format
-msgid "%s: unable to unparse princ ('%s'): %s"
-msgstr "%s ne eblas analizi princ-on ('%s'): %s"
-
-#: plugins/sudoers/auth/kerb5.c:160
-#, c-format
-msgid "%s: unable to parse '%s': %s"
-msgstr "%s: ne eblas analizi: '%s': %s"
-
-#: plugins/sudoers/auth/kerb5.c:170
-#, c-format
-msgid "%s: unable to resolve ccache: %s"
-msgstr "%s: ne eblas trovi ccache-on: %s"
-
-#: plugins/sudoers/auth/kerb5.c:218
-#, c-format
-msgid "%s: unable to allocate options: %s"
-msgstr "%s: ne eblas generi elektojn: %s"
-
-#: plugins/sudoers/auth/kerb5.c:234
-#, c-format
-msgid "%s: unable to get credentials: %s"
-msgstr "%s: ne eblas akiri atestilojn: %s"
-
-#: plugins/sudoers/auth/kerb5.c:247
-#, c-format
-msgid "%s: unable to initialize ccache: %s"
-msgstr "%s: ne eblas iniciati ccache-on: %s"
-
-#: plugins/sudoers/auth/kerb5.c:251
-#, c-format
-msgid "%s: unable to store cred in ccache: %s"
-msgstr "%s: ne eblas konservi atestilon en ccache: %s"
-
-#: plugins/sudoers/auth/kerb5.c:316
-#, c-format
-msgid "%s: unable to get host principal: %s"
-msgstr "%s: ne eblas atingi ĉefgastiganto: %s"
-
-#: plugins/sudoers/auth/kerb5.c:331
-#, c-format
-msgid "%s: Cannot verify TGT! Possible attack!: %s"
-msgstr "%s: Ne eblas konstati TGT-on! Ebla atako!: %s"
-
-#: plugins/sudoers/auth/pam.c:100
-msgid "unable to initialize PAM"
-msgstr "ne eblas iniciati PAM-on"
-
-#: plugins/sudoers/auth/pam.c:144
-msgid "account validation failure, is your account locked?"
-msgstr "malsukceso ĉe konta validigo, ĉu via konto estas ŝlosita?"
-
-#: plugins/sudoers/auth/pam.c:148
-msgid "Account or password is expired, reset your password and try again"
-msgstr "Konto aŭ pasvorto eksvalidiĝis, restarigu vian pasvorton kaj reprovu"
-
-#: plugins/sudoers/auth/pam.c:155
-#, c-format
-msgid "pam_chauthtok: %s"
-msgstr "pam_chauthtok: %s"
-
-#: plugins/sudoers/auth/pam.c:159
-msgid "Password expired, contact your system administrator"
-msgstr "Pasvorto eksvalidiĝis, kontaktu vian sistemestron"
-
-#: plugins/sudoers/auth/pam.c:163
-msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
-msgstr "Konto eksvalidiĝis aŭ PAM-agordon malhavas sekcion \"account\" por sudo, kontaktu vian sistemestron"
-
-#: plugins/sudoers/auth/pam.c:178
-#, c-format
-msgid "pam_authenticate: %s"
-msgstr "pam_authenticate: %s"
-
-#: plugins/sudoers/auth/pam.c:306
-msgid "Password: "
-msgstr "Pasvorto: "
-
-#: plugins/sudoers/auth/pam.c:307
-msgid "Password:"
-msgstr "Pasvorto:"
-
-#: plugins/sudoers/auth/securid5.c:81
-#, c-format
-msgid "failed to initialise the ACE API library"
-msgstr "malsukcesis iniciati la bibliotekon de la API ACE"
-
-#: plugins/sudoers/auth/securid5.c:107
-#, c-format
-msgid "unable to contact the SecurID server"
-msgstr "ne eblas kontakti la servilon de SecurID"
-
-#: plugins/sudoers/auth/securid5.c:116
-#, c-format
-msgid "User ID locked for SecurID Authentication"
-msgstr "Uzanto identigilo ŝlosita pro konstatado en SecurID"
-
-#: plugins/sudoers/auth/securid5.c:120 plugins/sudoers/auth/securid5.c:171
-#, c-format
-msgid "invalid username length for SecurID"
-msgstr "nevalida salutnoma longo por SecurID"
-
-#: plugins/sudoers/auth/securid5.c:124 plugins/sudoers/auth/securid5.c:176
-#, c-format
-msgid "invalid Authentication Handle for SecurID"
-msgstr "nevalida konstatilo por SecurID"
-
-#: plugins/sudoers/auth/securid5.c:128
-#, c-format
-msgid "SecurID communication failed"
-msgstr "Komunikiĝo kun SecurID malsukcesis"
-
-#: plugins/sudoers/auth/securid5.c:132 plugins/sudoers/auth/securid5.c:215
-#, c-format
-msgid "unknown SecurID error"
-msgstr "nekonata SecurID-eraro"
+#: toke.l:805
+msgid "too many levels of includes"
+msgstr "tro da niveloj de inkluzivaĵoj"
-#: plugins/sudoers/auth/securid5.c:166
-#, c-format
-msgid "invalid passcode length for SecurID"
-msgstr "nevalida paskoda longo por SecurID"
+#~ msgid "invalid log file %s"
+#~ msgstr "nevalida protokolo %s"
-#: plugins/sudoers/auth/sia.c:109
-msgid "unable to initialize SIA session"
-msgstr "ne eblas iniciati SIA-seascon"
+#~ msgid "fixed mode on %s"
+#~ msgstr "fiksita reĝimo en %s"
-#: plugins/sudoers/auth/sudo_auth.c:117
-msgid "Invalid authentication methods compiled into sudo! You may mix standalone and non-standalone authentication."
-msgstr "Nevalidaj konstatantaj metodoj muntitaj en sudo! Vi rajtas miksi dependan kaj sendependan konstatadon."
+#~ msgid "set group on %s"
+#~ msgstr "elekti grupon en %s"
-#: plugins/sudoers/auth/sudo_auth.c:199
-msgid "There are no authentication methods compiled into sudo! If you want to turn off authentication, use the --disable-authentication configure option."
-msgstr "Ekzistas neniaj konstatantaj metodoj muntitaj en sudo! Se vi volas malŝalti konstatadon, uzu la munta parametro --disable-authentication."
+#~ msgid "unable to set group on %s"
+#~ msgstr "ne eblas elekti grupon en %s"
-#: plugins/sudoers/auth/sudo_auth.c:271
-#, c-format
-msgid "%d incorrect password attempt"
-msgid_plural "%d incorrect password attempts"
-msgstr[0] "%d malĝusta pasvorta provo"
-msgstr[1] "%d malĝustaj pasvortaj provoj"
+#~ msgid "unable to fix mode on %s"
+#~ msgstr "ne eblas fiksi reĝimon en %s"
-#: plugins/sudoers/auth/sudo_auth.c:374
-msgid "Authentication methods:"
-msgstr "Konstatantaj metodoj:"
+#~ msgid "%s is mode 0%o, should be 0%o"
+#~ msgstr "%s estas reĝimo 0%o, devas esti 0%o"
#
msgid ""
msgstr ""
-"Project-Id-Version: sudoers 1.8.4rc1\n"
+"Project-Id-Version: sudoers 1.8.5rc3\n"
"Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n"
-"POT-Creation-Date: 2012-02-06 15:48-0500\n"
-"PO-Revision-Date: 2012-02-08 10:09+0200\n"
+"POT-Creation-Date: 2012-04-24 13:41-0400\n"
+"PO-Revision-Date: 2012-04-29 10:05+0200\n"
"Last-Translator: Jorma Karvonen <karvonen.jorma@gmail.com>\n"
"Language-Team: Finnish <translation-team-fi@lists.sourceforge.net>\n"
"Language: fi\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=n != 1;\n"
+#: gram.y:110
+#, c-format
+msgid ">>> %s: %s near line %d <<<"
+msgstr ">>> %s: %s lähellä riviä %d <<<"
+
#: plugins/sudoers/alias.c:125
#, c-format
msgid "Alias `%s' already defined"
msgstr "Alias ”%s” on jo määritelty"
-#: plugins/sudoers/bsm_audit.c:61 plugins/sudoers/bsm_audit.c:64
-#: plugins/sudoers/bsm_audit.c:113 plugins/sudoers/bsm_audit.c:117
-#: plugins/sudoers/bsm_audit.c:169 plugins/sudoers/bsm_audit.c:173
+#: plugins/sudoers/auth/bsdauth.c:78
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr "ei kyetä saamaan kirjautumisluokkaa käyttäjälle %s"
+
+#: plugins/sudoers/auth/bsdauth.c:84
+msgid "unable to begin bsd authentication"
+msgstr "ei kyetä aloittamaan bsd-todentamista"
+
+#: plugins/sudoers/auth/bsdauth.c:92
+msgid "invalid authentication type"
+msgstr "virheellinen todennustyyppi"
+
+#: plugins/sudoers/auth/bsdauth.c:101
+msgid "unable to setup authentication"
+msgstr "ei kyetä asettamaan todentamista"
+
+#: plugins/sudoers/auth/fwtk.c:60
+#, c-format
+msgid "unable to read fwtk config"
+msgstr "ei kyetä lukemaan fwtk config -asetusta"
+
+#: plugins/sudoers/auth/fwtk.c:65
+#, c-format
+msgid "unable to connect to authentication server"
+msgstr "ei kyetä yhdistämään todentamispalvelimelle"
+
+#: plugins/sudoers/auth/fwtk.c:71 plugins/sudoers/auth/fwtk.c:95
+#: plugins/sudoers/auth/fwtk.c:128
+#, c-format
+msgid "lost connection to authentication server"
+msgstr "kadotettiin yhteys todentamispalvelimelle"
+
+#: plugins/sudoers/auth/fwtk.c:75
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+"todentamispalvelinvirhe:\n"
+"%s"
+
+# Sana princ viittaa krb5_principal -määrittelyyn
+#: plugins/sudoers/auth/kerb5.c:117
+#, c-format
+msgid "%s: unable to unparse princ ('%s'): %s"
+msgstr "%s: ei kyetä poistamaan valtuutetun (’%s’) jäsentämistä: %s"
+
+# Ensimmäinen parametri on auth name
+#: plugins/sudoers/auth/kerb5.c:160
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr "%s: ei kyetä jäsentämään todentamisnimeä ’%s’: %s"
+
+#: plugins/sudoers/auth/kerb5.c:170
+#, c-format
+msgid "%s: unable to resolve ccache: %s"
+msgstr "%s: ei kyetä ratkaisemaan ccache-välimuistia: %s"
+
+#: plugins/sudoers/auth/kerb5.c:218
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr "%s: ei kyetä varaamaan valitsimia: %s"
+
+#: plugins/sudoers/auth/kerb5.c:234
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr "%s: ei kyetä hakemaan valtuustietoja: %s"
+
+#: plugins/sudoers/auth/kerb5.c:247
+#, c-format
+msgid "%s: unable to initialize ccache: %s"
+msgstr "%s: ei kyetä alustamaan ccache-välimuistia: %s"
+
+#: plugins/sudoers/auth/kerb5.c:251
+#, c-format
+msgid "%s: unable to store cred in ccache: %s"
+msgstr "%s: ei kyetä tallentamaan valtuustietoja ccache-välimuistiin: %s"
+
+#: plugins/sudoers/auth/kerb5.c:316
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr "%s: ei kyetä hakemaan tietokoneen valtuutettua: %s"
+
+#: plugins/sudoers/auth/kerb5.c:331
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr "%s: Ei voida todentaa TGT-lippua! Mahdollinen hyökkäys!: %s"
+
+#: plugins/sudoers/auth/pam.c:100
+msgid "unable to initialize PAM"
+msgstr "ei kyetä alustamaan PAM:ia"
+
+#: plugins/sudoers/auth/pam.c:144
+msgid "account validation failure, is your account locked?"
+msgstr "tilikelpuutushäiriö, onko tilisi lukittu?"
+
+#: plugins/sudoers/auth/pam.c:148
+msgid "Account or password is expired, reset your password and try again"
+msgstr "Tili tai salasana on vanhentunut, nollaa salasanasi tai yritä uudelleen"
+
+#: plugins/sudoers/auth/pam.c:155
+#, c-format
+msgid "pam_chauthtok: %s"
+msgstr "pam_chauthtok: %s"
+
+#: plugins/sudoers/auth/pam.c:159
+msgid "Password expired, contact your system administrator"
+msgstr "Salasana vanhentunut, ota yhteyttä järjestelmän ylläpitäjään"
+
+#: plugins/sudoers/auth/pam.c:163
+msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
+msgstr "Tili vanhentunut tai PAM-asetuksista puuttuu ”account”-lohko sudo-komennolle, ota yhteyttä järjestelmän ylläpitäjään"
+
+#: plugins/sudoers/auth/pam.c:180
+#, c-format
+msgid "pam_authenticate: %s"
+msgstr "pam_authenticate: %s"
+
+#: plugins/sudoers/auth/pam.c:332
+msgid "Password: "
+msgstr "Salasana: "
+
+#: plugins/sudoers/auth/pam.c:333
+msgid "Password:"
+msgstr "Salasana:"
+
+#: plugins/sudoers/auth/rfc1938.c:104 plugins/sudoers/visudo.c:220
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr "ei ole olemassa %s-tietokannassa"
+
+#: plugins/sudoers/auth/securid5.c:81
+#, c-format
+msgid "failed to initialise the ACE API library"
+msgstr "epäonnistui ACE API -kirjaston alustamisessa"
+
+#: plugins/sudoers/auth/securid5.c:107
+#, c-format
+msgid "unable to contact the SecurID server"
+msgstr "ei kyetä ottamaan yhteyttä SecurID-palvelimeen"
+
+#: plugins/sudoers/auth/securid5.c:116
+#, c-format
+msgid "User ID locked for SecurID Authentication"
+msgstr "Käyttäjätunniste lukittu SecurID-todennukselle"
+
+#: plugins/sudoers/auth/securid5.c:120 plugins/sudoers/auth/securid5.c:171
+#, c-format
+msgid "invalid username length for SecurID"
+msgstr "virheellinen käyttäjänimipituus kohteelle SecurID"
+
+#: plugins/sudoers/auth/securid5.c:124 plugins/sudoers/auth/securid5.c:176
+#, c-format
+msgid "invalid Authentication Handle for SecurID"
+msgstr "virheellinen todentamiskäsittelijä kohteelle SecurID"
+
+#: plugins/sudoers/auth/securid5.c:128
+#, c-format
+msgid "SecurID communication failed"
+msgstr "SecurID-viestintä epäonnistui"
+
+#: plugins/sudoers/auth/securid5.c:132 plugins/sudoers/auth/securid5.c:215
+#, c-format
+msgid "unknown SecurID error"
+msgstr "tuntematon SecurID-virhe"
+
+#: plugins/sudoers/auth/securid5.c:166
+#, c-format
+msgid "invalid passcode length for SecurID"
+msgstr "virheellinen salasanakoodipituus kohteelle SecurID"
+
+#: plugins/sudoers/auth/sia.c:109
+msgid "unable to initialize SIA session"
+msgstr "ei kyetä alustamaan SIA-istuntoa"
+
+#: plugins/sudoers/auth/sudo_auth.c:117
+msgid "Invalid authentication methods compiled into sudo! You may mix standalone and non-standalone authentication."
+msgstr "Virheellisiä todennusmenetelmiä käännetty sudo-ohjelmaan! Yksittäisiä ja ei-yksittäisiä todennuksia on ehkä sekoitettu keskenään."
+
+#: plugins/sudoers/auth/sudo_auth.c:199
+msgid "There are no authentication methods compiled into sudo! If you want to turn off authentication, use the --disable-authentication configure option."
+msgstr "Sudo-ohjelmaan ei ole käännetty todentamismenelmiä! Jos haluat kääntää pois todentamisen, käytä asetusvalitsinta --disable-authentication."
+
+#: plugins/sudoers/auth/sudo_auth.c:271
+#, c-format
+msgid "%d incorrect password attempt"
+msgid_plural "%d incorrect password attempts"
+msgstr[0] "%d väärä salasana yritetty"
+msgstr[1] "%d väärää salasanaa yritetty"
+
+#: plugins/sudoers/auth/sudo_auth.c:374
+msgid "Authentication methods:"
+msgstr "Todennusmenetelmät:"
+
+#: plugins/sudoers/bsm_audit.c:60 plugins/sudoers/bsm_audit.c:63
+#: plugins/sudoers/bsm_audit.c:112 plugins/sudoers/bsm_audit.c:116
+#: plugins/sudoers/bsm_audit.c:168 plugins/sudoers/bsm_audit.c:172
+#, c-format
msgid "getaudit: failed"
msgstr "getaudit: epäonnistui"
-#: plugins/sudoers/bsm_audit.c:91 plugins/sudoers/bsm_audit.c:154
+#: plugins/sudoers/bsm_audit.c:90 plugins/sudoers/bsm_audit.c:153
+#, c-format
msgid "Could not determine audit condition"
msgstr "Ei voitu määritellä audit-ehtoa"
-#: plugins/sudoers/bsm_audit.c:102
+#: plugins/sudoers/bsm_audit.c:101
+#, c-format
msgid "getauid failed"
msgstr "getauid epäonnistui"
-#: plugins/sudoers/bsm_audit.c:104 plugins/sudoers/bsm_audit.c:163
+#: plugins/sudoers/bsm_audit.c:103 plugins/sudoers/bsm_audit.c:162
+#, c-format
msgid "au_open: failed"
msgstr "au_open: epäonnistui"
-#: plugins/sudoers/bsm_audit.c:119 plugins/sudoers/bsm_audit.c:175
+#: plugins/sudoers/bsm_audit.c:118 plugins/sudoers/bsm_audit.c:174
+#, c-format
msgid "au_to_subject: failed"
msgstr "au_to_subject: epäonnistui"
-#: plugins/sudoers/bsm_audit.c:123 plugins/sudoers/bsm_audit.c:179
+#: plugins/sudoers/bsm_audit.c:122 plugins/sudoers/bsm_audit.c:178
+#, c-format
msgid "au_to_exec_args: failed"
msgstr "au_to_exec_args: epäonnistui"
-#: plugins/sudoers/bsm_audit.c:127 plugins/sudoers/bsm_audit.c:188
+#: plugins/sudoers/bsm_audit.c:126 plugins/sudoers/bsm_audit.c:187
+#, c-format
msgid "au_to_return32: failed"
msgstr "au_to_return32: epäonnistui"
-#: plugins/sudoers/bsm_audit.c:130 plugins/sudoers/bsm_audit.c:191
+#: plugins/sudoers/bsm_audit.c:129 plugins/sudoers/bsm_audit.c:190
+#, c-format
msgid "unable to commit audit record"
msgstr "ei kyetä suorittamaan commit-toimintoa audit-tietueelle"
-#: plugins/sudoers/bsm_audit.c:161
+#: plugins/sudoers/bsm_audit.c:160
+#, c-format
msgid "getauid: failed"
msgstr "getauid: epäonnistui"
-#: plugins/sudoers/bsm_audit.c:184
+#: plugins/sudoers/bsm_audit.c:183
+#, c-format
msgid "au_to_text: failed"
msgstr "au_to_text: epäonnistui"
# Avaamisen kohde voi olla timestamp file, sudoers file tai pathbuf
#: plugins/sudoers/check.c:249 plugins/sudoers/iolog.c:172
-#: plugins/sudoers/sudoers.c:992 plugins/sudoers/sudoreplay.c:348
-#: plugins/sudoers/sudoreplay.c:357 plugins/sudoers/sudoreplay.c:703
-#: plugins/sudoers/sudoreplay.c:797 plugins/sudoers/visudo.c:790
+#: plugins/sudoers/sudoers.c:979 plugins/sudoers/sudoreplay.c:353
+#: plugins/sudoers/sudoreplay.c:709 plugins/sudoers/sudoreplay.c:866
+#: plugins/sudoers/visudo.c:815
#, c-format
msgid "unable to open %s"
msgstr "ei kyetä avaamaan kohdetta %s"
msgstr "%s on kirjoitettava ei-omistajalle (0%o), pitäisi olla tila 0700"
#: plugins/sudoers/check.c:501 plugins/sudoers/check.c:545
-#: plugins/sudoers/check.c:613 plugins/sudoers/sudoers.c:978
-#: plugins/sudoers/visudo.c:320 plugins/sudoers/visudo.c:582
+#: plugins/sudoers/check.c:613 plugins/sudoers/sudoers.c:998
+#: plugins/sudoers/visudo.c:319 plugins/sudoers/visudo.c:581
#, c-format
msgid "unable to stat %s"
msgstr "ei kyetä kutsumaan funktiota stat %s"
msgstr "ei kyetä nollaamaan %s ajaksi"
#: plugins/sudoers/check.c:752 plugins/sudoers/check.c:758
-#: plugins/sudoers/sudoers.c:829 plugins/sudoers/sudoers.c:833
+#: plugins/sudoers/sudoers.c:856 plugins/sudoers/sudoers.c:860
#, c-format
msgid "unknown uid: %u"
msgstr "tuntematon uid-käyttäjätunniste: %u"
-#: plugins/sudoers/check.c:755 plugins/sudoers/sudoers.c:770
-#: plugins/sudoers/sudoers.c:1108 plugins/sudoers/testsudoers.c:218
+#: plugins/sudoers/check.c:755 plugins/sudoers/sudoers.c:797
+#: plugins/sudoers/sudoers.c:1115 plugins/sudoers/testsudoers.c:218
#: plugins/sudoers/testsudoers.c:362
#, c-format
msgid "unknown user: %s"
msgid "When to require a password for 'verify' pseudocommand: %s"
msgstr "Kun vaaditaan salasana ’verify’-näennäiskomennolle: %s"
-# Jostain syystä pariton lainausmerkki
#: plugins/sudoers/def_data.c:243
-msgid "Preload the dummy exec functions contained in \"_PATH_SUDO_NOEXEC"
-msgstr "Esilataa vale-exec-funktiot, jotka sisältyvät kohteeseen ”_PATH_SUDO_NOEXEC"
+msgid "Preload the dummy exec functions contained in the sudo_noexec library"
+msgstr "Esilataa vale-exec-funktiot, jotka sisältyvät sudo_noexec-kirjastoon"
#: plugins/sudoers/def_data.c:247
msgid "If LDAP directory is up, do we ignore local sudoers file"
msgid "option `%s' does not take a value"
msgstr "valitsin ”%s” ei ota arvoa"
-#: plugins/sudoers/env.c:258
-#, c-format
-msgid "internal error, sudo_setenv() overflow"
-msgstr "sisäinen virhe, sudo_setenv()-ylivuoto"
-
-#: plugins/sudoers/env.c:291
+#: plugins/sudoers/env.c:339
#, c-format
msgid "sudo_putenv: corrupted envp, length mismatch"
msgstr "sudo_putenv: rikkoutunut envp, pituus ei täsmää"
-#: plugins/sudoers/env.c:710
+#: plugins/sudoers/env.c:341 plugins/sudoers/env.c:411
+#: plugins/sudoers/toke_util.c:113 plugins/sudoers/toke_util.c:167
+#: plugins/sudoers/toke_util.c:207 toke.l:682 toke.l:812 toke.l:870 toke.l:966
+#, c-format
+msgid "unable to allocate memory"
+msgstr "ei kyetä varaamaan muistia"
+
+#: plugins/sudoers/env.c:366
+#, c-format
+msgid "internal error, sudo_setenv2() overflow"
+msgstr "sisäinen virhe, sudo_setenv2()-ylivuoto"
+
+#: plugins/sudoers/env.c:410
+#, c-format
+msgid "internal error, sudo_setenv() overflow"
+msgstr "sisäinen virhe, sudo_setenv()-ylivuoto"
+
+#: plugins/sudoers/env.c:955
#, c-format
msgid "sorry, you are not allowed to set the following environment variables: %s"
msgstr "seuraavia ympäristömuuttujia ei ole lupa asettaa: %s"
#: plugins/sudoers/find_path.c:69 plugins/sudoers/find_path.c:108
#: plugins/sudoers/find_path.c:123 plugins/sudoers/iolog.c:125
-#: plugins/sudoers/sudoers.c:923 toke.l:668 toke.l:823
+#: plugins/sudoers/sudoers.c:950 toke.l:678 toke.l:866
#, c-format
msgid "%s: %s"
msgstr "%s: %s"
-#: gram.y:110
-#, c-format
-msgid ">>> %s: %s near line %d <<<"
-msgstr ">>> %s: %s lähellä riviä %d <<<"
-
#: plugins/sudoers/group_plugin.c:91
#, c-format
msgid "%s%s: %s"
msgstr "Paikallinen ip-osoite ja verkkopeiteparit:\n"
# Parametrinä on sudoers-tiedosto tai pathbuf
-#: plugins/sudoers/iolog.c:179 plugins/sudoers/sudoers.c:999
+#: plugins/sudoers/iolog.c:179 plugins/sudoers/sudoers.c:986
#, c-format
msgid "unable to read %s"
msgstr "ei kyetä lukemaan kohdetta %s"
msgid "unable to create %s"
msgstr "ei kyetä luomaan hakemistopolkua %s"
-#: plugins/sudoers/iolog_path.c:256 plugins/sudoers/sudoers.c:362
+#: plugins/sudoers/iolog_path.c:256 plugins/sudoers/sudoers.c:373
#, c-format
msgid "unable to set locale to \"%s\", using \"C\""
msgstr "ei kyetä asettamaan locale-asetukseksi ”%s”, käytetään ”C”"
-#: plugins/sudoers/ldap.c:374
+#: plugins/sudoers/ldap.c:378
#, c-format
msgid "sudo_ldap_conf_add_ports: port too large"
msgstr "sudo_ldap_conf_add_ports: portti on liian suuri"
-#: plugins/sudoers/ldap.c:397
+#: plugins/sudoers/ldap.c:401
#, c-format
msgid "sudo_ldap_conf_add_ports: out of space expanding hostbuf"
msgstr "sudo_ldap_conf_add_ports: hostbuf-puskuritila loppui"
# URL on verkko-osoite, loogisesti URI on verkkoresurssi(osoite)
-#: plugins/sudoers/ldap.c:427
+#: plugins/sudoers/ldap.c:431
#, c-format
msgid "unsupported LDAP uri type: %s"
msgstr "tukematon LDAP-verkkoresurssin tunnustyyppi: %s"
-#: plugins/sudoers/ldap.c:456
+#: plugins/sudoers/ldap.c:460
#, c-format
msgid "invalid uri: %s"
msgstr "virheellinen verkkoresurssin tunnus: %s"
-#: plugins/sudoers/ldap.c:462
+#: plugins/sudoers/ldap.c:466
#, c-format
msgid "unable to mix ldap and ldaps URIs"
msgstr "ei kyetä sekottamaan ldap:n ja ldap-kohteiden verkkoresurssitunnuksia"
-#: plugins/sudoers/ldap.c:466
+#: plugins/sudoers/ldap.c:470
#, c-format
msgid "unable to mix ldaps and starttls"
msgstr "ei kyetä sekoittamaan ldap- ja starttl-kohteita"
-#: plugins/sudoers/ldap.c:485
+#: plugins/sudoers/ldap.c:489
#, c-format
msgid "sudo_ldap_parse_uri: out of space building hostbuf"
msgstr "sudo_ldap_parse_uri: hostbuf-puskuritila loppui"
-#: plugins/sudoers/ldap.c:550
+#: plugins/sudoers/ldap.c:563
#, c-format
msgid "unable to initialize SSL cert and key db: %s"
msgstr "ei kyetä alustamaan SSL-varmenne- ja -avaintietokantaa: %s"
-#: plugins/sudoers/ldap.c:958
+#: plugins/sudoers/ldap.c:566
+#, c-format
+msgid "you must set TLS_CERT in %s to use SSL"
+msgstr "kohteessa %s TLS_CERT on asetettava käyttämään SSL:ää"
+
+#: plugins/sudoers/ldap.c:973
#, c-format
msgid "unable to get GMT time"
msgstr "ei kyetä saamaan GMT-aikaa"
-#: plugins/sudoers/ldap.c:964
+#: plugins/sudoers/ldap.c:979
#, c-format
msgid "unable to format timestamp"
msgstr "ei kyetä muotoilemaan aikaleimaa"
-#: plugins/sudoers/ldap.c:972
+#: plugins/sudoers/ldap.c:987
#, c-format
msgid "unable to build time filter"
msgstr "ei kyetä rakentamaan aikasuodatinta"
-#: plugins/sudoers/ldap.c:1185
+#: plugins/sudoers/ldap.c:1202
#, c-format
msgid "sudo_ldap_build_pass1 allocation mismatch"
msgstr "sudo_ldap_build_pass1-varaustäsmäämättömyys"
-#: plugins/sudoers/ldap.c:1705
+#: plugins/sudoers/ldap.c:1738
#, c-format
msgid ""
"\n"
"\n"
"LDAP-rooli: %s\n"
-#: plugins/sudoers/ldap.c:1707
+#: plugins/sudoers/ldap.c:1740
#, c-format
msgid ""
"\n"
"\n"
"LDAP-rooli: TUNTEMATON\n"
-#: plugins/sudoers/ldap.c:1754
+#: plugins/sudoers/ldap.c:1787
#, c-format
msgid " Order: %s\n"
msgstr " Järjestys: %s\n"
-#: plugins/sudoers/ldap.c:1762
+#: plugins/sudoers/ldap.c:1795
#, c-format
msgid " Commands:\n"
msgstr " Komennot:\n"
-#: plugins/sudoers/ldap.c:2161
+#: plugins/sudoers/ldap.c:2216
#, c-format
msgid "unable to initialize LDAP: %s"
msgstr "ei kyetä alustamaan kohdetta LDAP: %s"
-#: plugins/sudoers/ldap.c:2192
+#: plugins/sudoers/ldap.c:2250
#, c-format
msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
msgstr "start_tls määritelty mutta LDAP-kirjastot ei tue funktiota ldap_start_tls_s() tai funktiota ldap_start_tls_s_np()"
-#: plugins/sudoers/ldap.c:2428
+#: plugins/sudoers/ldap.c:2486
#, c-format
msgid "invalid sudoOrder attribute: %s"
msgstr "virheellinen sudoOrder-attribuutti: %s"
msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
msgstr "Käyttäjän %s ei sallita suorittaa ’%s%s%s’ käyttäjänä %s%s%s tietokoneella %s.\n"
-#: plugins/sudoers/logging.c:420
+#: plugins/sudoers/logging.c:447
#, c-format
msgid "unable to fork"
msgstr "ei kyetä kutsumaan fork-funktiota"
-#: plugins/sudoers/logging.c:427 plugins/sudoers/logging.c:489
+#: plugins/sudoers/logging.c:454 plugins/sudoers/logging.c:516
#, c-format
msgid "unable to fork: %m"
msgstr "ei kyetä kutsumaan fork-funktiota: %m"
-#: plugins/sudoers/logging.c:479
+#: plugins/sudoers/logging.c:506
#, c-format
msgid "unable to open pipe: %m"
msgstr "ei kyetä avaamaan putkea: %m"
-#: plugins/sudoers/logging.c:504
+#: plugins/sudoers/logging.c:531
#, c-format
msgid "unable to dup stdin: %m"
msgstr "ei kyetä kutsumaan funktiota dup vakiosyötteellä: %m"
-#: plugins/sudoers/logging.c:540
+#: plugins/sudoers/logging.c:567
#, c-format
msgid "unable to execute %s: %m"
msgstr "ei kyetä suorittamaan %s: %m"
-#: plugins/sudoers/logging.c:755
+#: plugins/sudoers/logging.c:782
#, c-format
msgid "internal error: insufficient space for log line"
msgstr "sisäinen virhe: riittämättömästi tilaa lokiriville"
msgid "unable to cache user %s, already exists"
msgstr "ei kyetä laittamaan välimuistiin käyttäjää %s, on jo siellä"
-#: plugins/sudoers/pwutil.c:655
+#: plugins/sudoers/pwutil.c:653
#, c-format
msgid "unable to cache gid %u (%s), already exists"
msgstr "ei kyetä laittamaan välimuistiin gid %u (%s) -ryhmää, on jo siellä"
-#: plugins/sudoers/pwutil.c:663
+#: plugins/sudoers/pwutil.c:661
#, c-format
msgid "unable to cache gid %u, already exists"
msgstr "ei kyetä laittamaan välimuistiin gid %u -ryhmää, on jo siellä"
-#: plugins/sudoers/pwutil.c:693 plugins/sudoers/pwutil.c:702
+#: plugins/sudoers/pwutil.c:691 plugins/sudoers/pwutil.c:700
#, c-format
msgid "unable to cache group %s, already exists"
msgstr "ei kyetä laittamaan välimuistiin ryhmää %s, on jo siellä"
-#: plugins/sudoers/set_perms.c:114 plugins/sudoers/set_perms.c:365
-#: plugins/sudoers/set_perms.c:601 plugins/sudoers/set_perms.c:837
+#: plugins/sudoers/set_perms.c:122 plugins/sudoers/set_perms.c:436
+#: plugins/sudoers/set_perms.c:828 plugins/sudoers/set_perms.c:1114
+#: plugins/sudoers/set_perms.c:1396
msgid "perm stack overflow"
msgstr "käyttöoikeuspinoylivuoto"
-#: plugins/sudoers/set_perms.c:122 plugins/sudoers/set_perms.c:373
-#: plugins/sudoers/set_perms.c:609 plugins/sudoers/set_perms.c:845
+#: plugins/sudoers/set_perms.c:130 plugins/sudoers/set_perms.c:444
+#: plugins/sudoers/set_perms.c:836 plugins/sudoers/set_perms.c:1122
+#: plugins/sudoers/set_perms.c:1404
msgid "perm stack underflow"
msgstr "käyttöoikeuspinovajaus"
-#: plugins/sudoers/set_perms.c:228 plugins/sudoers/set_perms.c:466
-#: plugins/sudoers/set_perms.c:706
+#: plugins/sudoers/set_perms.c:270 plugins/sudoers/set_perms.c:580
+#: plugins/sudoers/set_perms.c:957 plugins/sudoers/set_perms.c:1243
msgid "unable to change to runas gid"
msgstr "ei kyetä vaihtamaan runas gid -tunnisteeksi"
-#: plugins/sudoers/set_perms.c:236 plugins/sudoers/set_perms.c:473
-#: plugins/sudoers/set_perms.c:713
+#: plugins/sudoers/set_perms.c:282 plugins/sudoers/set_perms.c:592
+#: plugins/sudoers/set_perms.c:967 plugins/sudoers/set_perms.c:1253
msgid "unable to change to runas uid"
msgstr "ei kyetä vaihtamaan runas gid -tunnisteeksi"
-#: plugins/sudoers/set_perms.c:250 plugins/sudoers/set_perms.c:486
-#: plugins/sudoers/set_perms.c:726
-#, c-format
+#: plugins/sudoers/set_perms.c:300 plugins/sudoers/set_perms.c:610
+#: plugins/sudoers/set_perms.c:983 plugins/sudoers/set_perms.c:1269
msgid "unable to change to sudoers gid"
msgstr "ei kyetä vaihtamaan sudoers gid-tunnisteeksi"
-#: plugins/sudoers/set_perms.c:291 plugins/sudoers/set_perms.c:524
-#: plugins/sudoers/set_perms.c:764 plugins/sudoers/set_perms.c:906
+#: plugins/sudoers/set_perms.c:353 plugins/sudoers/set_perms.c:681
+#: plugins/sudoers/set_perms.c:1029 plugins/sudoers/set_perms.c:1315
+#: plugins/sudoers/set_perms.c:1474
msgid "too many processes"
msgstr "liian monta prosessia"
-#: plugins/sudoers/set_perms.c:970
+#: plugins/sudoers/set_perms.c:1542
msgid "unable to set runas group vector"
msgstr "ei kyetä asettaan runas-ryhmävektoria"
msgid "User %s is not allowed to run sudo on %s.\n"
msgstr "Käyttäjä %s ei saa suorittaa komentoa sudo tietokoneella %s.\n"
-#: plugins/sudoers/sudoers.c:201 plugins/sudoers/sudoers.c:232
-#: plugins/sudoers/sudoers.c:931
+#: plugins/sudoers/sudoers.c:208 plugins/sudoers/sudoers.c:239
+#: plugins/sudoers/sudoers.c:958
msgid "problem with defaults entries"
msgstr "oletusrivien pulma"
-#: plugins/sudoers/sudoers.c:205
+#: plugins/sudoers/sudoers.c:212
#, c-format
msgid "no valid sudoers sources found, quitting"
msgstr "ei löytynyt kelvollisia sudoers-lähteitä, poistutaan"
-#: plugins/sudoers/sudoers.c:257
+#: plugins/sudoers/sudoers.c:264
#, c-format
msgid "unable to execute %s: %s"
msgstr "ei kyetä suorittamaan komentoa %s: %s"
-#: plugins/sudoers/sudoers.c:311
+#: plugins/sudoers/sudoers.c:322
#, c-format
msgid "sudoers specifies that root is not allowed to sudo"
msgstr "sudoers määrittelee, että root ei saa suorittaa sudo-komentoa"
-#: plugins/sudoers/sudoers.c:318
+#: plugins/sudoers/sudoers.c:329
#, c-format
msgid "you are not permitted to use the -C option"
msgstr "ei käyttöoikeuksia valitsimelle -C"
-#: plugins/sudoers/sudoers.c:408
+#: plugins/sudoers/sudoers.c:422
#, c-format
msgid "timestamp owner (%s): No such user"
msgstr "aikaleimaomistaja (%s): Tuntematon käyttäjä"
-#: plugins/sudoers/sudoers.c:424
+#: plugins/sudoers/sudoers.c:438
msgid "no tty"
msgstr "ei tty:tä"
-#: plugins/sudoers/sudoers.c:425
+#: plugins/sudoers/sudoers.c:439
#, c-format
msgid "sorry, you must have a tty to run sudo"
msgstr "sudo-komennon suorittamiseksi on oltava tty"
-#: plugins/sudoers/sudoers.c:464
+#: plugins/sudoers/sudoers.c:478
msgid "No user or host"
msgstr "Ei käyttäjä eikä tietokone"
-#: plugins/sudoers/sudoers.c:478 plugins/sudoers/sudoers.c:499
-#: plugins/sudoers/sudoers.c:500 plugins/sudoers/sudoers.c:1509
-#: plugins/sudoers/sudoers.c:1510
+#: plugins/sudoers/sudoers.c:492 plugins/sudoers/sudoers.c:513
+#: plugins/sudoers/sudoers.c:514 plugins/sudoers/sudoers.c:1522
+#: plugins/sudoers/sudoers.c:1523
#, c-format
msgid "%s: command not found"
msgstr "%s: komentoa ei löytynyt"
-#: plugins/sudoers/sudoers.c:480 plugins/sudoers/sudoers.c:496
+#: plugins/sudoers/sudoers.c:494 plugins/sudoers/sudoers.c:510
#, c-format
msgid ""
"ignoring `%s' found in '.'\n"
"ohitetaan komento ”%s”, joka löytyi kohteesta ’.’\n"
"Käytä ”sudo ./%s”, jos tämä on ”%s”-komento, joka halutaan suorittaa."
-#: plugins/sudoers/sudoers.c:485
+#: plugins/sudoers/sudoers.c:499
msgid "validation failure"
msgstr "kelpuutushäiriö"
-#: plugins/sudoers/sudoers.c:495
+#: plugins/sudoers/sudoers.c:509
msgid "command in current directory"
msgstr "komento nykyisessä hakemistossa"
-#: plugins/sudoers/sudoers.c:507
+#: plugins/sudoers/sudoers.c:521
#, c-format
msgid "sorry, you are not allowed to preserve the environment"
msgstr "ympäristöä ei ole lupa säilyttää"
-#: plugins/sudoers/sudoers.c:657 plugins/sudoers/sudoers.c:664
+#: plugins/sudoers/sudoers.c:681 plugins/sudoers/sudoers.c:688
#, c-format
msgid "internal error, runas_groups overflow"
msgstr "sisäinen virhe, runas_groups-ylivuoto"
-#: plugins/sudoers/sudoers.c:914
+#: plugins/sudoers/sudoers.c:941
#, c-format
msgid "internal error, set_cmnd() overflow"
msgstr "sisäinen virhe, set_cmnd()-ylivuoto"
-# Parametri on sudoers file
-#: plugins/sudoers/sudoers.c:957
-#, c-format
-msgid "fixed mode on %s"
-msgstr "korjattu tila tiedostossa %s"
-
-# Parametri on suoders file
-#: plugins/sudoers/sudoers.c:961
-#, c-format
-msgid "set group on %s"
-msgstr "aseta ryhmä tiedostossa %s"
-
-# Parametri on sudoers file
-#: plugins/sudoers/sudoers.c:964
-#, c-format
-msgid "unable to set group on %s"
-msgstr "ei kyetä asettamaan ryhmää tiedostossa %s"
-
-#: plugins/sudoers/sudoers.c:967
-#, c-format
-msgid "unable to fix mode on %s"
-msgstr "ei kyetä korjaamaan tilaa tiedostossa %s"
-
-#: plugins/sudoers/sudoers.c:980
+#: plugins/sudoers/sudoers.c:1001
#, c-format
msgid "%s is not a regular file"
msgstr "%s ei ole tavallinen tiedosto"
-#: plugins/sudoers/sudoers.c:982
-#, c-format
-msgid "%s is mode 0%o, should be 0%o"
-msgstr "%s on tila 0%o, pitäisi olla 0%o"
-
-#: plugins/sudoers/sudoers.c:986
+#: plugins/sudoers/sudoers.c:1004 toke.l:829
#, c-format
msgid "%s is owned by uid %u, should be %u"
msgstr "%s on uid %u -käyttäjän omistama, pitäisi olla %u"
-#: plugins/sudoers/sudoers.c:989
+#: plugins/sudoers/sudoers.c:1008 toke.l:836
+#, c-format
+msgid "%s is world writable"
+msgstr "%s on yleiskirjoitettava"
+
+#: plugins/sudoers/sudoers.c:1011 toke.l:841
#, c-format
msgid "%s is owned by gid %u, should be %u"
msgstr "%s on gid %u -ryhmän omistama, pitäisi olla %u"
msgid "only root can use `-c %s'"
msgstr "vain root-käyttäjä voi käyttää valitsinta ”-c %s”"
-#: plugins/sudoers/sudoers.c:1049
+#: plugins/sudoers/sudoers.c:1055 plugins/sudoers/sudoers.c:1057
#, c-format
msgid "unknown login class: %s"
msgstr "tuntematon kirjautumisluokka: %s"
-#: plugins/sudoers/sudoers.c:1077
+#: plugins/sudoers/sudoers.c:1084
#, c-format
msgid "unable to resolve host %s"
msgstr "ei kyetä ratkaisemaan tietokonetta %s"
-#: plugins/sudoers/sudoers.c:1129 plugins/sudoers/testsudoers.c:380
+#: plugins/sudoers/sudoers.c:1136 plugins/sudoers/testsudoers.c:380
#, c-format
msgid "unknown group: %s"
msgstr "tuntematon ryhmä: %s"
-#: plugins/sudoers/sudoers.c:1178
+#: plugins/sudoers/sudoers.c:1185
#, c-format
msgid "Sudoers policy plugin version %s\n"
msgstr "Sudoers-menettelytapalisäosaversio %s\n"
-#: plugins/sudoers/sudoers.c:1180
+#: plugins/sudoers/sudoers.c:1187
#, c-format
msgid "Sudoers file grammar version %d\n"
msgstr "Sudoers-tiedostokielioppiversio %d\n"
-#: plugins/sudoers/sudoers.c:1184
+#: plugins/sudoers/sudoers.c:1191
#, c-format
msgid ""
"\n"
"\n"
"Sudoers-polku: %s\n"
-#: plugins/sudoers/sudoers.c:1187
+#: plugins/sudoers/sudoers.c:1194
#, c-format
msgid "nsswitch path: %s\n"
msgstr "nsswitch-polku: %s\n"
-#: plugins/sudoers/sudoers.c:1189
+#: plugins/sudoers/sudoers.c:1196
#, c-format
msgid "ldap.conf path: %s\n"
msgstr "ldap.conf-polku: %s\n"
-#: plugins/sudoers/sudoers.c:1190
+#: plugins/sudoers/sudoers.c:1197
#, c-format
msgid "ldap.secret path: %s\n"
msgstr "ldap.secret-polku: %s\n"
-#: plugins/sudoers/sudoreplay.c:286
+#: plugins/sudoers/sudoreplay.c:291
#, c-format
msgid "invalid filter option: %s"
msgstr "virheellinen suodatinvalitsin: %s"
-#: plugins/sudoers/sudoreplay.c:299
+#: plugins/sudoers/sudoreplay.c:304
#, c-format
msgid "invalid max wait: %s"
msgstr "virheellinen enimmäisodotusaika: %s"
-#: plugins/sudoers/sudoreplay.c:305
+#: plugins/sudoers/sudoreplay.c:310
#, c-format
msgid "invalid speed factor: %s"
msgstr "virheellinen nopeustekijä: %s"
-#: plugins/sudoers/sudoreplay.c:308 plugins/sudoers/visudo.c:187
+#: plugins/sudoers/sudoreplay.c:313 plugins/sudoers/visudo.c:187
#, c-format
msgid "%s version %s\n"
msgstr "%s versio %s\n"
-#: plugins/sudoers/sudoreplay.c:333
+#: plugins/sudoers/sudoreplay.c:338
#, c-format
msgid "%s/%.2s/%.2s/%.2s/timing: %s"
msgstr "%s/%.2s/%.2s/%.2s/ajoitus: %s"
-#: plugins/sudoers/sudoreplay.c:339
+#: plugins/sudoers/sudoreplay.c:344
#, c-format
msgid "%s/%s/timing: %s"
msgstr "%s/%s/ajoitus: %s"
-#: plugins/sudoers/sudoreplay.c:364
+#: plugins/sudoers/sudoreplay.c:362
#, c-format
-msgid "invalid log file %s"
-msgstr "virheellinen lokitiedosto %s"
+msgid "Replaying sudo session: %s\n"
+msgstr "Toistetaan sudo-istunto: %s\n"
-#: plugins/sudoers/sudoreplay.c:366
+#: plugins/sudoers/sudoreplay.c:368
#, c-format
-msgid "Replaying sudo session: %s"
-msgstr "Toistetaan sudo-istunto: %s"
+msgid "Warning: your terminal is too small to properly replay the log.\n"
+msgstr "Varoitus: pääteikkunasi on liian pieni tämän lokin toistamiseksi oikein.\n"
-#: plugins/sudoers/sudoreplay.c:392
+#: plugins/sudoers/sudoreplay.c:369
+#, c-format
+msgid "Log geometry is %d x %d, your terminal's geometry is %d x %d."
+msgstr "Lokigeometria on %d x %d, pääteikkunasi geometria on %d x %d."
+
+#: plugins/sudoers/sudoreplay.c:399
#, c-format
msgid "unable to set tty to raw mode"
msgstr "ei kyetä asettamaa tty:ta raakatilaan"
-#: plugins/sudoers/sudoreplay.c:406
+#: plugins/sudoers/sudoreplay.c:412
#, c-format
msgid "invalid timing file line: %s"
msgstr "virheellinen ajoitustiedostorivi: %s"
-#: plugins/sudoers/sudoreplay.c:448
+#: plugins/sudoers/sudoreplay.c:454
#, c-format
msgid "writing to standard output"
msgstr "kirjoitetaan vakiotulosteeseen"
-#: plugins/sudoers/sudoreplay.c:480
+#: plugins/sudoers/sudoreplay.c:486
#, c-format
msgid "nanosleep: tv_sec %ld, tv_nsec %ld"
msgstr "nanosleep: tv_sec %ld, tv_nsec %ld"
-#: plugins/sudoers/sudoreplay.c:529 plugins/sudoers/sudoreplay.c:554
+#: plugins/sudoers/sudoreplay.c:535 plugins/sudoers/sudoreplay.c:560
#, c-format
msgid "ambiguous expression \"%s\""
msgstr "monimerkityksellinen lauseke ”%s”"
-#: plugins/sudoers/sudoreplay.c:571
+#: plugins/sudoers/sudoreplay.c:577
#, c-format
msgid "too many parenthesized expressions, max %d"
msgstr "liian monta sulkumerkillistä lauseketta, enintään %d"
-#: plugins/sudoers/sudoreplay.c:582
+#: plugins/sudoers/sudoreplay.c:588
#, c-format
msgid "unmatched ')' in expression"
msgstr "täsmäämätön ’)’ lausekkeessa"
-#: plugins/sudoers/sudoreplay.c:588
+#: plugins/sudoers/sudoreplay.c:594
#, c-format
msgid "unknown search term \"%s\""
msgstr "tuntematon hakutermi ”%s”"
-#: plugins/sudoers/sudoreplay.c:602
+#: plugins/sudoers/sudoreplay.c:608
#, c-format
msgid "%s requires an argument"
msgstr "%s vaatii argumentin"
-#: plugins/sudoers/sudoreplay.c:606
+#: plugins/sudoers/sudoreplay.c:612
#, c-format
msgid "invalid regular expression: %s"
msgstr "virheellinen säännöllinen lauseke: %s"
-#: plugins/sudoers/sudoreplay.c:612
+#: plugins/sudoers/sudoreplay.c:618
#, c-format
msgid "could not parse date \"%s\""
msgstr "ei voitu jäsentää päivämäärää ”%s”"
-#: plugins/sudoers/sudoreplay.c:625
+#: plugins/sudoers/sudoreplay.c:631
#, c-format
msgid "unmatched '(' in expression"
msgstr "täsmäämätön ’(’ lausekkeessa"
-#: plugins/sudoers/sudoreplay.c:627
+#: plugins/sudoers/sudoreplay.c:633
#, c-format
msgid "illegal trailing \"or\""
msgstr "virheellinen jäljessä oleva ”or”"
-#: plugins/sudoers/sudoreplay.c:629
+#: plugins/sudoers/sudoreplay.c:635
#, c-format
msgid "illegal trailing \"!\""
msgstr "virheellinen jäljessä oleva ”!”"
-#: plugins/sudoers/sudoreplay.c:851
+#: plugins/sudoers/sudoreplay.c:942
#, c-format
msgid "invalid regex: %s"
msgstr "virheellinen säännöllinen lauseke: %s"
-#: plugins/sudoers/sudoreplay.c:976
+#: plugins/sudoers/sudoreplay.c:1066
#, c-format
msgid "usage: %s [-h] [-d directory] [-m max_wait] [-s speed_factor] ID\n"
msgstr "käyttö: %s [-h] [-d hakemisto] [-m enimmäisodotusaika] [-s nopeustekijä] ID-tunniste\n"
-#: plugins/sudoers/sudoreplay.c:979
+#: plugins/sudoers/sudoreplay.c:1069
#, c-format
msgid "usage: %s [-h] [-d directory] -l [search expression]\n"
msgstr "käyttö: %s [-h] [-d hakemisto] -l [hakulauseke]\n"
-#: plugins/sudoers/sudoreplay.c:988
+#: plugins/sudoers/sudoreplay.c:1078
#, c-format
msgid ""
"%s - replay sudo session logs\n"
"%s - toista sudo-istuntolokit\n"
"\n"
-#: plugins/sudoers/sudoreplay.c:990
+#: plugins/sudoers/sudoreplay.c:1080
msgid ""
"\n"
"Options:\n"
"\n"
"Täsmäämätön komento"
-#: toke.l:672 toke.l:802 toke.l:827 toke.l:923 plugins/sudoers/toke_util.c:113
-#: plugins/sudoers/toke_util.c:167 plugins/sudoers/toke_util.c:207
-msgid "unable to allocate memory"
-msgstr "ei kyetä varaamaan muistia"
-
-#: toke.l:795
-msgid "too many levels of includes"
-msgstr "liian monta include-tasoa"
-
#: plugins/sudoers/toke_util.c:218
msgid "fill_args: buffer overflow"
msgstr "fill_args: puskuriylivuoto"
msgid "%s grammar version %d\n"
msgstr "%s kielioppiversio %d\n"
-#: plugins/sudoers/visudo.c:221 plugins/sudoers/auth/rfc1938.c:104
-#, c-format
-msgid "you do not exist in the %s database"
-msgstr "ei ole olemassa %s-tietokannassa"
-
-#: plugins/sudoers/visudo.c:253 plugins/sudoers/visudo.c:539
+#: plugins/sudoers/visudo.c:252 plugins/sudoers/visudo.c:538
#, c-format
msgid "press return to edit %s: "
msgstr "muokkaa %s painamalla enter-painiketta: "
-#: plugins/sudoers/visudo.c:336 plugins/sudoers/visudo.c:342
+#: plugins/sudoers/visudo.c:335 plugins/sudoers/visudo.c:341
#, c-format
msgid "write error"
msgstr "kirjoitusvirhe"
-#: plugins/sudoers/visudo.c:424
+#: plugins/sudoers/visudo.c:423
#, c-format
msgid "unable to stat temporary file (%s), %s unchanged"
msgstr "ei kyetä kutsumaan stat-funktiota tilapäiselle tiedostolle (%s), %s ennallaan"
-#: plugins/sudoers/visudo.c:429
+#: plugins/sudoers/visudo.c:428
#, c-format
msgid "zero length temporary file (%s), %s unchanged"
msgstr "nollapituinen tilapäinen tiedosto (%s), %s ennallaan"
-#: plugins/sudoers/visudo.c:435
+#: plugins/sudoers/visudo.c:434
#, c-format
msgid "editor (%s) failed, %s unchanged"
msgstr "editori (%s) epäonnistui, %s ennallaan"
-#: plugins/sudoers/visudo.c:458
+#: plugins/sudoers/visudo.c:457
#, c-format
msgid "%s unchanged"
msgstr "%s ennallaan"
-#: plugins/sudoers/visudo.c:484
+#: plugins/sudoers/visudo.c:483
#, c-format
msgid "unable to re-open temporary file (%s), %s unchanged."
msgstr "ei kyetä avaamaan uudelleen tilapäistä tiedostoa (%s), %s ennallaan."
-#: plugins/sudoers/visudo.c:494
+#: plugins/sudoers/visudo.c:493
#, c-format
msgid "unabled to parse temporary file (%s), unknown error"
msgstr "ei kyetä jäsentämään tilapäistä tiedostoa (%s), tuntematon virhe"
-#: plugins/sudoers/visudo.c:532
+#: plugins/sudoers/visudo.c:531
#, c-format
msgid "internal error, unable to find %s in list!"
msgstr "sisäinen virhe, ei kyetä löytämään %s luettelosta!"
-#: plugins/sudoers/visudo.c:584 plugins/sudoers/visudo.c:593
+#: plugins/sudoers/visudo.c:583 plugins/sudoers/visudo.c:592
#, c-format
msgid "unable to set (uid, gid) of %s to (%u, %u)"
msgstr "ei kyetä asettamaan kohdetta %s (uid, gid) arvoihin (%u, %u)"
-#: plugins/sudoers/visudo.c:588 plugins/sudoers/visudo.c:598
+#: plugins/sudoers/visudo.c:587 plugins/sudoers/visudo.c:597
#, c-format
msgid "unable to change mode of %s to 0%o"
msgstr "ei kyetä muuttamaan %s-tilaa arvoon 0%o"
-#: plugins/sudoers/visudo.c:615
+#: plugins/sudoers/visudo.c:614
#, c-format
msgid "%s and %s not on the same file system, using mv to rename"
msgstr "%s ja %s eivät ole samassa tiedostojärjestelmässä, käytetään komentoa mv uudelleennimeämiseen"
-#: plugins/sudoers/visudo.c:629
+#: plugins/sudoers/visudo.c:628
#, c-format
msgid "command failed: '%s %s %s', %s unchanged"
msgstr "komento epäonnistui: ’%s %s %s’, %s ennallaan"
-#: plugins/sudoers/visudo.c:639
+#: plugins/sudoers/visudo.c:638
#, c-format
msgid "error renaming %s, %s unchanged"
msgstr "virhe nimettäessä %s uudelleen, %s ennallaan"
-#: plugins/sudoers/visudo.c:702
+#: plugins/sudoers/visudo.c:701
msgid "What now? "
msgstr "Mitä nyt?"
-#: plugins/sudoers/visudo.c:716
+#: plugins/sudoers/visudo.c:715
msgid ""
"Options are:\n"
" (e)dit sudoers file again\n"
" (Q) poistu ja tallenna muutokset sudoers-tiedostoon (VAARA!)\n"
# Parametri on path, mutta saattaa sisältää suoritettavan ohjelman
-#: plugins/sudoers/visudo.c:757
+#: plugins/sudoers/visudo.c:756
#, c-format
msgid "unable to execute %s"
msgstr "ei kyetä suorittamaan kohdetta %s"
# Parametri on path, mutta saattaa sisältää suoritettavan ohjelman
-#: plugins/sudoers/visudo.c:764
+#: plugins/sudoers/visudo.c:763
#, c-format
msgid "unable to run %s"
msgstr "ei kyetä suorittamaan kohdetta %s"
+#: plugins/sudoers/visudo.c:789
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr "%s: väärä omistaja (uid, gid), pitäisi olla (%u, %u)\n"
+
#: plugins/sudoers/visudo.c:796
#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr "%s: väärät käyttöoikeudet, pitäisi olla tila 0%o\n"
+
+#: plugins/sudoers/visudo.c:821
+#, c-format
msgid "failed to parse %s file, unknown error"
msgstr "tiedoston %s jäsentäminen epäonnistui, tuntematon virhe"
-#: plugins/sudoers/visudo.c:808
+#: plugins/sudoers/visudo.c:834
#, c-format
msgid "parse error in %s near line %d\n"
msgstr "jäsentämisvirhe tiedostossa %s lähellä riviä %d\n"
-#: plugins/sudoers/visudo.c:811
+#: plugins/sudoers/visudo.c:837
#, c-format
msgid "parse error in %s\n"
msgstr "jäsentämisvirhe tiedostossa %s\n"
-#: plugins/sudoers/visudo.c:814 plugins/sudoers/visudo.c:816
+#: plugins/sudoers/visudo.c:844 plugins/sudoers/visudo.c:849
#, c-format
msgid "%s: parsed OK\n"
msgstr "%s: jäsentäminen valmis\n"
-#: plugins/sudoers/visudo.c:826
-#, c-format
-msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
-msgstr "%s: väärä omistaja (uid, gid), pitäisi olla (%u, %u)\n"
-
-#: plugins/sudoers/visudo.c:833
-#, c-format
-msgid "%s: bad permissions, should be mode 0%o\n"
-msgstr "%s: väärät käyttöoikeudet, pitäisi olla tila 0%o\n"
-
-#: plugins/sudoers/visudo.c:880
+#: plugins/sudoers/visudo.c:896
#, c-format
msgid "%s busy, try again later"
msgstr "%s varattu, yritä myöhemmin uudelleen"
-#: plugins/sudoers/visudo.c:924
+#: plugins/sudoers/visudo.c:940
#, c-format
msgid "specified editor (%s) doesn't exist"
msgstr "määritelty editori (%s) ei ole olemassa"
-#: plugins/sudoers/visudo.c:947
+#: plugins/sudoers/visudo.c:963
#, c-format
msgid "unable to stat editor (%s)"
msgstr "ei kyetä kutsumaan funktiota stat editori (%s)"
-#: plugins/sudoers/visudo.c:995
+#: plugins/sudoers/visudo.c:1011
#, c-format
msgid "no editor found (editor path = %s)"
msgstr "editoria ei löytynyt (editoripolku = %s)"
-#: plugins/sudoers/visudo.c:1089
+#: plugins/sudoers/visudo.c:1105
#, c-format
msgid "Error: cycle in %s_Alias `%s'"
msgstr "Virhe: jakso kohteessa %s_Alias ”%s”"
-#: plugins/sudoers/visudo.c:1090
+#: plugins/sudoers/visudo.c:1106
#, c-format
msgid "Warning: cycle in %s_Alias `%s'"
msgstr "Varoitus: jakso kohteessa %s_Alias ”%s”"
-#: plugins/sudoers/visudo.c:1093
+#: plugins/sudoers/visudo.c:1109
#, c-format
msgid "Error: %s_Alias `%s' referenced but not defined"
msgstr "Virhe: %s_Alias ”%s” uudelleenviitattu, mutta ei määritelty"
-#: plugins/sudoers/visudo.c:1094
+#: plugins/sudoers/visudo.c:1110
#, c-format
msgid "Warning: %s_Alias `%s' referenced but not defined"
msgstr "Varoitus: %s_Alias ”%s” uudelleenviitattu, mutta ei määritelty"
-#: plugins/sudoers/visudo.c:1229
+#: plugins/sudoers/visudo.c:1245
#, c-format
msgid "%s: unused %s_Alias %s"
msgstr "%s: käyttämätön %s_Alias %s"
-#: plugins/sudoers/visudo.c:1286
+#: plugins/sudoers/visudo.c:1301
#, c-format
msgid ""
"%s - safely edit the sudoers file\n"
"%s - muokkaa sudoers-tiedostoa turvallisesti\n"
"\n"
-#: plugins/sudoers/visudo.c:1288
+#: plugins/sudoers/visudo.c:1303
msgid ""
"\n"
"Options:\n"
" -s tiukka syntaksitarkistus\n"
" -V näytä versiotiedot ja poistu"
-#: plugins/sudoers/auth/bsdauth.c:78
-#, c-format
-msgid "unable to get login class for user %s"
-msgstr "ei kyetä saamaan kirjautumisluokkaa käyttäjälle %s"
-
-#: plugins/sudoers/auth/bsdauth.c:84
-msgid "unable to begin bsd authentication"
-msgstr "ei kyetä aloittamaan bsd-todentamista"
-
-#: plugins/sudoers/auth/bsdauth.c:92
-msgid "invalid authentication type"
-msgstr "virheellinen todennustyyppi"
-
-#: plugins/sudoers/auth/bsdauth.c:101
-msgid "unable to setup authentication"
-msgstr "ei kyetä asettamaan todentamista"
-
-#: plugins/sudoers/auth/fwtk.c:60
-#, c-format
-msgid "unable to read fwtk config"
-msgstr "ei kyetä lukemaan fwtk config -asetusta"
-
-#: plugins/sudoers/auth/fwtk.c:65
-#, c-format
-msgid "unable to connect to authentication server"
-msgstr "ei kyetä yhdistämään todentamispalvelimelle"
-
-#: plugins/sudoers/auth/fwtk.c:71 plugins/sudoers/auth/fwtk.c:95
-#: plugins/sudoers/auth/fwtk.c:128
-#, c-format
-msgid "lost connection to authentication server"
-msgstr "kadotettiin yhteys todentamispalvelimelle"
-
-#: plugins/sudoers/auth/fwtk.c:75
-#, c-format
-msgid ""
-"authentication server error:\n"
-"%s"
-msgstr ""
-"todentamispalvelinvirhe:\n"
-"%s"
-
-# Sana princ viittaa krb5_principal -määrittelyyn
-#: plugins/sudoers/auth/kerb5.c:117
-#, c-format
-msgid "%s: unable to unparse princ ('%s'): %s"
-msgstr "%s: ei kyetä poistamaan valtuutetun (’%s’) jäsentämistä: %s"
-
-# Ensimmäinen parametri on auth name
-#: plugins/sudoers/auth/kerb5.c:160
-#, c-format
-msgid "%s: unable to parse '%s': %s"
-msgstr "%s: ei kyetä jäsentämään todentamisnimeä ’%s’: %s"
-
-#: plugins/sudoers/auth/kerb5.c:170
-#, c-format
-msgid "%s: unable to resolve ccache: %s"
-msgstr "%s: ei kyetä ratkaisemaan ccache-välimuistia: %s"
-
-#: plugins/sudoers/auth/kerb5.c:218
-#, c-format
-msgid "%s: unable to allocate options: %s"
-msgstr "%s: ei kyetä varaamaan valitsimia: %s"
-
-#: plugins/sudoers/auth/kerb5.c:234
-#, c-format
-msgid "%s: unable to get credentials: %s"
-msgstr "%s: ei kyetä hakemaan valtuustietoja: %s"
-
-#: plugins/sudoers/auth/kerb5.c:247
-#, c-format
-msgid "%s: unable to initialize ccache: %s"
-msgstr "%s: ei kyetä alustamaan ccache-välimuistia: %s"
-
-#: plugins/sudoers/auth/kerb5.c:251
-#, c-format
-msgid "%s: unable to store cred in ccache: %s"
-msgstr "%s: ei kyetä tallentamaan valtuustietoja ccache-välimuistiin: %s"
-
-#: plugins/sudoers/auth/kerb5.c:316
-#, c-format
-msgid "%s: unable to get host principal: %s"
-msgstr "%s: ei kyetä hakemaan tietokoneen valtuutettua: %s"
-
-#: plugins/sudoers/auth/kerb5.c:331
-#, c-format
-msgid "%s: Cannot verify TGT! Possible attack!: %s"
-msgstr "%s: Ei voida todentaa TGT-lippua! Mahdollinen hyökkäys!: %s"
-
-#: plugins/sudoers/auth/pam.c:100
-msgid "unable to initialize PAM"
-msgstr "ei kyetä alustamaan PAM:ia"
-
-#: plugins/sudoers/auth/pam.c:144
-msgid "account validation failure, is your account locked?"
-msgstr "tilikelpuutushäiriö, onko tilisi lukittu?"
-
-#: plugins/sudoers/auth/pam.c:148
-msgid "Account or password is expired, reset your password and try again"
-msgstr "Tili tai salasana on vanhentunut, nollaa salasanasi tai yritä uudelleen"
-
-#: plugins/sudoers/auth/pam.c:155
-#, c-format
-msgid "pam_chauthtok: %s"
-msgstr "pam_chauthtok: %s"
-
-#: plugins/sudoers/auth/pam.c:159
-msgid "Password expired, contact your system administrator"
-msgstr "Salasana vanhentunut, ota yhteyttä järjestelmän ylläpitäjään"
-
-#: plugins/sudoers/auth/pam.c:163
-msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
-msgstr "Tili vanhentunut tai PAM-asetuksista puuttuu ”account”-lohko sudo-komennolle, ota yhteyttä järjestelmän ylläpitäjään"
-
-#: plugins/sudoers/auth/pam.c:178
-#, c-format
-msgid "pam_authenticate: %s"
-msgstr "pam_authenticate: %s"
-
-#: plugins/sudoers/auth/pam.c:306
-msgid "Password: "
-msgstr "Salasana: "
-
-#: plugins/sudoers/auth/pam.c:307
-msgid "Password:"
-msgstr "Salasana:"
-
-#: plugins/sudoers/auth/securid5.c:81
-#, c-format
-msgid "failed to initialise the ACE API library"
-msgstr "epäonnistui ACE API -kirjaston alustamisessa"
-
-#: plugins/sudoers/auth/securid5.c:107
-#, c-format
-msgid "unable to contact the SecurID server"
-msgstr "ei kyetä ottamaan yhteyttä SecurID-palvelimeen"
-
-#: plugins/sudoers/auth/securid5.c:116
-#, c-format
-msgid "User ID locked for SecurID Authentication"
-msgstr "Käyttäjätunniste lukittu SecurID-todennukselle"
-
-#: plugins/sudoers/auth/securid5.c:120 plugins/sudoers/auth/securid5.c:171
-#, c-format
-msgid "invalid username length for SecurID"
-msgstr "virheellinen käyttäjänimipituus kohteelle SecurID"
-
-#: plugins/sudoers/auth/securid5.c:124 plugins/sudoers/auth/securid5.c:176
-#, c-format
-msgid "invalid Authentication Handle for SecurID"
-msgstr "virheellinen todentamiskäsittelijä kohteelle SecurID"
-
-#: plugins/sudoers/auth/securid5.c:128
-#, c-format
-msgid "SecurID communication failed"
-msgstr "SecurID-viestintä epäonnistui"
-
-#: plugins/sudoers/auth/securid5.c:132 plugins/sudoers/auth/securid5.c:215
-#, c-format
-msgid "unknown SecurID error"
-msgstr "tuntematon SecurID-virhe"
+#: toke.l:805
+msgid "too many levels of includes"
+msgstr "liian monta include-tasoa"
-#: plugins/sudoers/auth/securid5.c:166
-#, c-format
-msgid "invalid passcode length for SecurID"
-msgstr "virheellinen salasanakoodipituus kohteelle SecurID"
+#~ msgid "invalid log file %s"
+#~ msgstr "virheellinen lokitiedosto %s"
-#: plugins/sudoers/auth/sia.c:109
-msgid "unable to initialize SIA session"
-msgstr "ei kyetä alustamaan SIA-istuntoa"
+# Parametri on sudoers file
+#~ msgid "fixed mode on %s"
+#~ msgstr "korjattu tila tiedostossa %s"
-#: plugins/sudoers/auth/sudo_auth.c:117
-msgid "Invalid authentication methods compiled into sudo! You may mix standalone and non-standalone authentication."
-msgstr "Virheellisiä todennusmenetelmiä käännetty sudo-ohjelmaan! Yksittäisiä ja ei-yksittäisiä todennuksia on ehkä sekoitettu keskenään."
+# Parametri on suoders file
+#~ msgid "set group on %s"
+#~ msgstr "aseta ryhmä tiedostossa %s"
-#: plugins/sudoers/auth/sudo_auth.c:199
-msgid "There are no authentication methods compiled into sudo! If you want to turn off authentication, use the --disable-authentication configure option."
-msgstr "Sudo-ohjelmaan ei ole käännetty todentamismenelmiä! Jos haluat kääntää pois todentamisen, käytä asetusvalitsinta --disable-authentication."
+# Parametri on sudoers file
+#~ msgid "unable to set group on %s"
+#~ msgstr "ei kyetä asettamaan ryhmää tiedostossa %s"
-#: plugins/sudoers/auth/sudo_auth.c:271
-#, c-format
-msgid "%d incorrect password attempt"
-msgid_plural "%d incorrect password attempts"
-msgstr[0] "%d väärä salasana yritetty"
-msgstr[1] "%d väärää salasanaa yritetty"
+#~ msgid "unable to fix mode on %s"
+#~ msgstr "ei kyetä korjaamaan tilaa tiedostossa %s"
-#: plugins/sudoers/auth/sudo_auth.c:374
-msgid "Authentication methods:"
-msgstr "Todennusmenetelmät:"
+#~ msgid "%s is mode 0%o, should be 0%o"
+#~ msgstr "%s on tila 0%o, pitäisi olla 0%o"
#~ msgid "File containing dummy exec functions: %s"
#~ msgstr "Tiedosto, joka sisältää vale-exec-funktioita: %s"
--- /dev/null
+# Translation of sudoers to Croatian.
+# This file is put in the public domain.
+# Tomislav Krznar <tomislav.krznar@gmail.com>, 2012.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: sudoers 1.8.5rc1\n"
+"Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n"
+"POT-Creation-Date: 2012-04-13 16:21-0400\n"
+"PO-Revision-Date: 2012-04-18 01:56+0200\n"
+"Last-Translator: Tomislav Krznar <tomislav.krznar@gmail.com>\n"
+"Language-Team: Croatian <lokalizacija@linux.hr>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2)\n"
+
+#: plugins/sudoers/alias.c:125
+#, c-format
+msgid "Alias `%s' already defined"
+msgstr "Alias „%s” je već definiran"
+
+#: plugins/sudoers/bsm_audit.c:60 plugins/sudoers/bsm_audit.c:63
+#: plugins/sudoers/bsm_audit.c:112 plugins/sudoers/bsm_audit.c:116
+#: plugins/sudoers/bsm_audit.c:168 plugins/sudoers/bsm_audit.c:172
+#, c-format
+msgid "getaudit: failed"
+msgstr "getaudit: nije uspio"
+
+#: plugins/sudoers/bsm_audit.c:90 plugins/sudoers/bsm_audit.c:153
+#, c-format
+msgid "Could not determine audit condition"
+msgstr "Ne mogu odrediti uvjet revizije"
+
+#: plugins/sudoers/bsm_audit.c:101
+#, c-format
+msgid "getauid failed"
+msgstr "getauid nije uspio"
+
+#: plugins/sudoers/bsm_audit.c:103 plugins/sudoers/bsm_audit.c:162
+#, c-format
+msgid "au_open: failed"
+msgstr "au_open: nije uspio"
+
+#: plugins/sudoers/bsm_audit.c:118 plugins/sudoers/bsm_audit.c:174
+#, c-format
+msgid "au_to_subject: failed"
+msgstr "au_to_subject: nije uspio"
+
+#: plugins/sudoers/bsm_audit.c:122 plugins/sudoers/bsm_audit.c:178
+#, c-format
+msgid "au_to_exec_args: failed"
+msgstr "au_to_exec_args: nije uspio"
+
+#: plugins/sudoers/bsm_audit.c:126 plugins/sudoers/bsm_audit.c:187
+#, c-format
+msgid "au_to_return32: failed"
+msgstr "au_to_return32: nije uspio"
+
+#: plugins/sudoers/bsm_audit.c:129 plugins/sudoers/bsm_audit.c:190
+#, c-format
+msgid "unable to commit audit record"
+msgstr "ne mogu poslati zapis revizije"
+
+#: plugins/sudoers/bsm_audit.c:160
+#, c-format
+msgid "getauid: failed"
+msgstr "getauid: nije uspio"
+
+#: plugins/sudoers/bsm_audit.c:183
+#, c-format
+msgid "au_to_text: failed"
+msgstr "au_to_text: nije uspio"
+
+#: plugins/sudoers/check.c:158
+#, c-format
+msgid "sorry, a password is required to run %s"
+msgstr "žao mi je, potrebna je lozinka za pokretanje %s"
+
+#: plugins/sudoers/check.c:249 plugins/sudoers/iolog.c:172
+#: plugins/sudoers/sudoers.c:979 plugins/sudoers/sudoreplay.c:353
+#: plugins/sudoers/sudoreplay.c:709 plugins/sudoers/sudoreplay.c:866
+#: plugins/sudoers/visudo.c:815
+#, c-format
+msgid "unable to open %s"
+msgstr "ne mogu otvoriti %s"
+
+#: plugins/sudoers/check.c:253 plugins/sudoers/iolog.c:202
+#, c-format
+msgid "unable to write to %s"
+msgstr "ne mogu pisati u %s"
+
+#: plugins/sudoers/check.c:261 plugins/sudoers/check.c:506
+#: plugins/sudoers/check.c:556 plugins/sudoers/iolog.c:123
+#: plugins/sudoers/iolog.c:156
+#, c-format
+msgid "unable to mkdir %s"
+msgstr "ne mogu napraviti direktorij %s"
+
+#: plugins/sudoers/check.c:396
+#, c-format
+msgid "internal error, expand_prompt() overflow"
+msgstr "interna greška, expand_prompt() preljev"
+
+#: plugins/sudoers/check.c:456
+#, c-format
+msgid "timestamp path too long: %s"
+msgstr "putanja vremenske oznake predugačka: %s"
+
+#: plugins/sudoers/check.c:485 plugins/sudoers/check.c:529
+#: plugins/sudoers/iolog.c:158
+#, c-format
+msgid "%s exists but is not a directory (0%o)"
+msgstr "%s postoji, ali nije direktorij (0%o)"
+
+#: plugins/sudoers/check.c:488 plugins/sudoers/check.c:532
+#: plugins/sudoers/check.c:577
+#, c-format
+msgid "%s owned by uid %u, should be uid %u"
+msgstr "vlasnik %s je uid %u, treba biti uid %u"
+
+#: plugins/sudoers/check.c:493 plugins/sudoers/check.c:537
+#, c-format
+msgid "%s writable by non-owner (0%o), should be mode 0700"
+msgstr "nevlasnici imaju dozvolu za pisanje u %s (0%o), treba biti mod 0700"
+
+#: plugins/sudoers/check.c:501 plugins/sudoers/check.c:545
+#: plugins/sudoers/check.c:613 plugins/sudoers/sudoers.c:998
+#: plugins/sudoers/visudo.c:319 plugins/sudoers/visudo.c:581
+#, c-format
+msgid "unable to stat %s"
+msgstr "ne mogu izvršiti stat %s"
+
+#: plugins/sudoers/check.c:571
+#, c-format
+msgid "%s exists but is not a regular file (0%o)"
+msgstr "%s postoji, ali nije obična datoteka (0%o)"
+
+#: plugins/sudoers/check.c:583
+#, c-format
+msgid "%s writable by non-owner (0%o), should be mode 0600"
+msgstr "nevlasnici imaju dozvolu za pisanje u %s (0%o), treba biti mod 0600"
+
+#: plugins/sudoers/check.c:637
+#, c-format
+msgid "timestamp too far in the future: %20.20s"
+msgstr "vremenska oznaka predaleko u budućnosti: %20.20s"
+
+#: plugins/sudoers/check.c:684
+#, c-format
+msgid "unable to remove %s (%s), will reset to the epoch"
+msgstr "ne mogu ukloniti %s (%s), vratit ću na početnu epohu"
+
+#: plugins/sudoers/check.c:692
+#, c-format
+msgid "unable to reset %s to the epoch"
+msgstr "ne mogu vratiti %s na početnu epohu"
+
+#: plugins/sudoers/check.c:752 plugins/sudoers/check.c:758
+#: plugins/sudoers/sudoers.c:856 plugins/sudoers/sudoers.c:860
+#, c-format
+msgid "unknown uid: %u"
+msgstr "nepoznat uid: %u"
+
+#: plugins/sudoers/check.c:755 plugins/sudoers/sudoers.c:797
+#: plugins/sudoers/sudoers.c:1115 plugins/sudoers/testsudoers.c:218
+#: plugins/sudoers/testsudoers.c:362
+#, c-format
+msgid "unknown user: %s"
+msgstr "nepoznat korisnik: %s"
+
+#: plugins/sudoers/def_data.c:27
+#, c-format
+msgid "Syslog facility if syslog is being used for logging: %s"
+msgstr "Syslog jedinica ako se koristi syslog za zapisivanje dnevnika: %s"
+
+#: plugins/sudoers/def_data.c:31
+#, c-format
+msgid "Syslog priority to use when user authenticates successfully: %s"
+msgstr "Syslog prioritet koji se koristi pri uspješnoj autentifikaciji korisnika: %s"
+
+#: plugins/sudoers/def_data.c:35
+#, c-format
+msgid "Syslog priority to use when user authenticates unsuccessfully: %s"
+msgstr "Syslog prioritet koji se koristi pri neuspješnoj autentifikaciji korisnika: %s"
+
+#: plugins/sudoers/def_data.c:39
+msgid "Put OTP prompt on its own line"
+msgstr "Postavi OTP upit u vlastiti redak"
+
+#: plugins/sudoers/def_data.c:43
+msgid "Ignore '.' in $PATH"
+msgstr "Zanemari „.” u $PATH"
+
+#: plugins/sudoers/def_data.c:47
+msgid "Always send mail when sudo is run"
+msgstr "Uvijek pošalji poštu kad se pokrene sudo"
+
+#: plugins/sudoers/def_data.c:51
+msgid "Send mail if user authentication fails"
+msgstr "Pošalji poštu ako autentifikacija korisnika nije uspjela"
+
+#: plugins/sudoers/def_data.c:55
+msgid "Send mail if the user is not in sudoers"
+msgstr "Pošalji poštu ako korisnik nije u sudoers"
+
+#: plugins/sudoers/def_data.c:59
+msgid "Send mail if the user is not in sudoers for this host"
+msgstr "Pošalji poštu ako korisnik nije u sudoers na ovom računalu"
+
+#: plugins/sudoers/def_data.c:63
+msgid "Send mail if the user is not allowed to run a command"
+msgstr "Pošalji poštu ako korisnik nema dozvolu za pokretanje naredbe"
+
+#: plugins/sudoers/def_data.c:67
+msgid "Use a separate timestamp for each user/tty combo"
+msgstr "Koristi posebnu vremensku oznaku za svaku kombinaciju korisnik/terminal"
+
+#: plugins/sudoers/def_data.c:71
+msgid "Lecture user the first time they run sudo"
+msgstr "Održi lekciju korisniku kad prvi put pokrene sudo"
+
+#: plugins/sudoers/def_data.c:75
+#, c-format
+msgid "File containing the sudo lecture: %s"
+msgstr "Datoteka koja sadrži sudo lekciju: %s"
+
+#: plugins/sudoers/def_data.c:79
+msgid "Require users to authenticate by default"
+msgstr "Uobičajeno traži autentifikaciju korisnika"
+
+#: plugins/sudoers/def_data.c:83
+msgid "Root may run sudo"
+msgstr "Root može pokrenuti sudo"
+
+#: plugins/sudoers/def_data.c:87
+msgid "Log the hostname in the (non-syslog) log file"
+msgstr "Zapiši ime računala u (ne-syslog) dnevničku datoteku"
+
+#: plugins/sudoers/def_data.c:91
+msgid "Log the year in the (non-syslog) log file"
+msgstr "Zapiši godinu u (ne-syslog) dnevničku datoteku"
+
+#: plugins/sudoers/def_data.c:95
+msgid "If sudo is invoked with no arguments, start a shell"
+msgstr "Ako se sudo pozove bez argumenata, pokreni ljusku"
+
+#: plugins/sudoers/def_data.c:99
+msgid "Set $HOME to the target user when starting a shell with -s"
+msgstr "Postavi $HOME na početni direktorij odredišnog korisnika pri pokretanju ljuske sa -s"
+
+#: plugins/sudoers/def_data.c:103
+msgid "Always set $HOME to the target user's home directory"
+msgstr "Uvijek postavi $HOME na početni direktorij odredišnog korisnika"
+
+#: plugins/sudoers/def_data.c:107
+msgid "Allow some information gathering to give useful error messages"
+msgstr "Dozvoli prikupljanje nekih informacija za ispis korisnih poruka grešaka"
+
+#: plugins/sudoers/def_data.c:111
+msgid "Require fully-qualified hostnames in the sudoers file"
+msgstr "Traži potpuno kvalificirana imena računala u datoteci sudoers"
+
+#: plugins/sudoers/def_data.c:115
+msgid "Insult the user when they enter an incorrect password"
+msgstr "Uvrijedi korisnika kad upiše netočnu lozinku"
+
+#: plugins/sudoers/def_data.c:119
+msgid "Only allow the user to run sudo if they have a tty"
+msgstr "Dozvoli korisniku pokretanje sudo samo ako ima tty"
+
+#: plugins/sudoers/def_data.c:123
+msgid "Visudo will honor the EDITOR environment variable"
+msgstr "Visudo će poštivati varijablu okoline EDITOR"
+
+#: plugins/sudoers/def_data.c:127
+msgid "Prompt for root's password, not the users's"
+msgstr "Zatraži lozinku administratora umjesto korisnika"
+
+#: plugins/sudoers/def_data.c:131
+msgid "Prompt for the runas_default user's password, not the users's"
+msgstr "Zatraži lozinku runas_default korisnika umjesto trenutnog"
+
+#: plugins/sudoers/def_data.c:135
+msgid "Prompt for the target user's password, not the users's"
+msgstr "Zatraži lozinku odredišnog korisnika umjesto trenutnog"
+
+#: plugins/sudoers/def_data.c:139
+msgid "Apply defaults in the target user's login class if there is one"
+msgstr "Primijeni zadane postavke u razredu prijave odredišnog korisnika ako postoje"
+
+#: plugins/sudoers/def_data.c:143
+msgid "Set the LOGNAME and USER environment variables"
+msgstr "Postavi varijable okoline LOGNAME i USER"
+
+#: plugins/sudoers/def_data.c:147
+msgid "Only set the effective uid to the target user, not the real uid"
+msgstr "Postavi samo efektivni uid na onaj odredišnog korisnika umjesto stvarnog uid-a"
+
+#: plugins/sudoers/def_data.c:151
+msgid "Don't initialize the group vector to that of the target user"
+msgstr "Ne inicijaliziraj grupni vektor u onaj odredišnog korisnika"
+
+#: plugins/sudoers/def_data.c:155
+#, c-format
+msgid "Length at which to wrap log file lines (0 for no wrap): %d"
+msgstr "Duljina prelamanja redaka dnevničke datoteke (0 isključuje): %d"
+
+#: plugins/sudoers/def_data.c:159
+#, c-format
+msgid "Authentication timestamp timeout: %.1f minutes"
+msgstr "Istek vremenske oznake autentifikacije: %.1f minuta"
+
+#: plugins/sudoers/def_data.c:163
+#, c-format
+msgid "Password prompt timeout: %.1f minutes"
+msgstr "Istek traženja lozinke: %.1f minuta"
+
+#: plugins/sudoers/def_data.c:167
+#, c-format
+msgid "Number of tries to enter a password: %d"
+msgstr "Broj pokušaja unosa lozinke: %d"
+
+#: plugins/sudoers/def_data.c:171
+#, c-format
+msgid "Umask to use or 0777 to use user's: 0%o"
+msgstr "Umask za korištenje ili 0777 za korisničku: 0%o"
+
+#: plugins/sudoers/def_data.c:175
+#, c-format
+msgid "Path to log file: %s"
+msgstr "Putanja do dnevničke datoteke: %s"
+
+#: plugins/sudoers/def_data.c:179
+#, c-format
+msgid "Path to mail program: %s"
+msgstr "Putanja do programa pošte: %s"
+
+#: plugins/sudoers/def_data.c:183
+#, c-format
+msgid "Flags for mail program: %s"
+msgstr "Zastavice za program pošte: %s"
+
+#: plugins/sudoers/def_data.c:187
+#, c-format
+msgid "Address to send mail to: %s"
+msgstr "Adresa na koju se šalje pošta: %s"
+
+#: plugins/sudoers/def_data.c:191
+#, c-format
+msgid "Address to send mail from: %s"
+msgstr "Adresa s koje se šalje pošta: %s"
+
+#: plugins/sudoers/def_data.c:195
+#, c-format
+msgid "Subject line for mail messages: %s"
+msgstr "Predmet poruka pošte: %s"
+
+#: plugins/sudoers/def_data.c:199
+#, c-format
+msgid "Incorrect password message: %s"
+msgstr "Neispravna poruka lozinke: %s"
+
+#: plugins/sudoers/def_data.c:203
+#, c-format
+msgid "Path to authentication timestamp dir: %s"
+msgstr "Putanja do direktorija vremenske oznake autentifikacije: %s"
+
+#: plugins/sudoers/def_data.c:207
+#, c-format
+msgid "Owner of the authentication timestamp dir: %s"
+msgstr "Vlasnik direktorija vremenske oznake autentifikacije: %s"
+
+#: plugins/sudoers/def_data.c:211
+#, c-format
+msgid "Users in this group are exempt from password and PATH requirements: %s"
+msgstr "Korisnici u ovoj grupi su izuzeti od traženja lozinke i PATH zahtjeva: %s"
+
+#: plugins/sudoers/def_data.c:215
+#, c-format
+msgid "Default password prompt: %s"
+msgstr "Uobičajeno traženje lozinke: %s"
+
+#: plugins/sudoers/def_data.c:219
+msgid "If set, passprompt will override system prompt in all cases."
+msgstr "Ako je postavljen, passprompt će zaobići sustavski u svim slučajevima."
+
+#: plugins/sudoers/def_data.c:223
+#, c-format
+msgid "Default user to run commands as: %s"
+msgstr "Zadani korisnik za pokretanje naredbi: %s"
+
+#: plugins/sudoers/def_data.c:227
+#, c-format
+msgid "Value to override user's $PATH with: %s"
+msgstr "Vrijednost za zaobilaženje korisničke $PATH: %s"
+
+#: plugins/sudoers/def_data.c:231
+#, c-format
+msgid "Path to the editor for use by visudo: %s"
+msgstr "Putanja do uređivača koji će koristiti visudo: %s"
+
+#: plugins/sudoers/def_data.c:235
+#, c-format
+msgid "When to require a password for 'list' pseudocommand: %s"
+msgstr "Kada tražiti lozinku za pseudonaredbu „list”: %s"
+
+#: plugins/sudoers/def_data.c:239
+#, c-format
+msgid "When to require a password for 'verify' pseudocommand: %s"
+msgstr "Kada tražiti lozinku za pseudonaredbu „verify”: %s"
+
+#: plugins/sudoers/def_data.c:243
+msgid "Preload the dummy exec functions contained in the sudo_noexec library"
+msgstr "Prethodno učitaj prividne izvršne funkcije sadržane u biblioteci sudo_noexec"
+
+#: plugins/sudoers/def_data.c:247
+msgid "If LDAP directory is up, do we ignore local sudoers file"
+msgstr "Ako je LDAP direktorij aktivan, zanemaruje li se lokalna datoteka sudoers"
+
+#: plugins/sudoers/def_data.c:251
+#, c-format
+msgid "File descriptors >= %d will be closed before executing a command"
+msgstr "Opisnici datoteka >= %d će se zatvoriti prije izvršavanja naredbe"
+
+#: plugins/sudoers/def_data.c:255
+msgid "If set, users may override the value of `closefrom' with the -C option"
+msgstr "Ako je postavljen, korisnici mogu zaobići vrijednost „closeform” opcijom -C"
+
+#: plugins/sudoers/def_data.c:259
+msgid "Allow users to set arbitrary environment variables"
+msgstr "Dozvoli korisnicima postavljanje proizvoljnih varijabli okoline"
+
+#: plugins/sudoers/def_data.c:263
+msgid "Reset the environment to a default set of variables"
+msgstr "Vrati okolinu u početni zadani skup varijabli"
+
+#: plugins/sudoers/def_data.c:267
+msgid "Environment variables to check for sanity:"
+msgstr "Varijable okoline čija će se ispravnost provjeriti:"
+
+#: plugins/sudoers/def_data.c:271
+msgid "Environment variables to remove:"
+msgstr "Varijable okoline za uklanjanje:"
+
+#: plugins/sudoers/def_data.c:275
+msgid "Environment variables to preserve:"
+msgstr "Varijable okoline za očuvanje:"
+
+#: plugins/sudoers/def_data.c:279
+#, c-format
+msgid "SELinux role to use in the new security context: %s"
+msgstr "SELinux uloga za korištenje u novom sigurnosnom kontekstu: %s"
+
+#: plugins/sudoers/def_data.c:283
+#, c-format
+msgid "SELinux type to use in the new security context: %s"
+msgstr "SELinux vrsta za korištenje u novom sigurnosnom kontekstu: %s"
+
+#: plugins/sudoers/def_data.c:287
+#, c-format
+msgid "Path to the sudo-specific environment file: %s"
+msgstr "Putanja do datoteke okoline karakteristične za sudo: %s"
+
+#: plugins/sudoers/def_data.c:291
+#, c-format
+msgid "Locale to use while parsing sudoers: %s"
+msgstr "Lokal za korištenje pri obradi sudoers: %s"
+
+#: plugins/sudoers/def_data.c:295
+msgid "Allow sudo to prompt for a password even if it would be visible"
+msgstr "Dozvoli da sudo traži lozinku čak i ako će biti vidljiva"
+
+#: plugins/sudoers/def_data.c:299
+msgid "Provide visual feedback at the password prompt when there is user input"
+msgstr "Prikaži vizualne povratne informacije pri traženju lozinke kad postoji korisnički unos"
+
+#: plugins/sudoers/def_data.c:303
+msgid "Use faster globbing that is less accurate but does not access the filesystem"
+msgstr "Koristi bržu usporedbu uzoraka koja je nepreciznija, ali ne pristupa datotečnom sustavu"
+
+#: plugins/sudoers/def_data.c:307
+msgid "The umask specified in sudoers will override the user's, even if it is more permissive"
+msgstr "Umask naveden u sudoers će zaobići korisnički, čak i ako dozvoljava više"
+
+#: plugins/sudoers/def_data.c:311
+msgid "Log user's input for the command being run"
+msgstr "Zapiši korisnički unos za pokrenute naredbe"
+
+#: plugins/sudoers/def_data.c:315
+msgid "Log the output of the command being run"
+msgstr "Zapiši izlaz pokrenute naredbe"
+
+#: plugins/sudoers/def_data.c:319
+msgid "Compress I/O logs using zlib"
+msgstr "Komprimiraj U/I zapise korištenjem zlib"
+
+#: plugins/sudoers/def_data.c:323
+msgid "Always run commands in a pseudo-tty"
+msgstr "Uvijek pokreni naredbe u pseudoterminalu"
+
+#: plugins/sudoers/def_data.c:327
+#, c-format
+msgid "Plugin for non-Unix group support: %s"
+msgstr "Priključak za podršku za ne-Unix grupe: %s"
+
+#: plugins/sudoers/def_data.c:331
+#, c-format
+msgid "Directory in which to store input/output logs: %s"
+msgstr "Direktorij za spremanje ulazno/izlaznih dnevnika: %s"
+
+#: plugins/sudoers/def_data.c:335
+#, c-format
+msgid "File in which to store the input/output log: %s"
+msgstr "Datoteka za spremanje ulazno/izlaznog dnevnika: %s"
+
+#: plugins/sudoers/def_data.c:339
+msgid "Add an entry to the utmp/utmpx file when allocating a pty"
+msgstr "Dodaj stavku u utmp/utmpx datoteku pri alokaciji pseudoterminala"
+
+#: plugins/sudoers/def_data.c:343
+msgid "Set the user in utmp to the runas user, not the invoking user"
+msgstr "Postavi korisnika u utmp u „pokreni kao” korisnika umjesto pozivatelja"
+
+#: plugins/sudoers/defaults.c:208
+#, c-format
+msgid "unknown defaults entry `%s'"
+msgstr "nepoznata stavka zadanih vrijednosti „%s”"
+
+#: plugins/sudoers/defaults.c:216 plugins/sudoers/defaults.c:226
+#: plugins/sudoers/defaults.c:246 plugins/sudoers/defaults.c:259
+#: plugins/sudoers/defaults.c:272 plugins/sudoers/defaults.c:285
+#: plugins/sudoers/defaults.c:298 plugins/sudoers/defaults.c:318
+#: plugins/sudoers/defaults.c:328
+#, c-format
+msgid "value `%s' is invalid for option `%s'"
+msgstr "vrijednost „%s” nije ispravna za opciju „%s”"
+
+#: plugins/sudoers/defaults.c:219 plugins/sudoers/defaults.c:229
+#: plugins/sudoers/defaults.c:237 plugins/sudoers/defaults.c:254
+#: plugins/sudoers/defaults.c:267 plugins/sudoers/defaults.c:280
+#: plugins/sudoers/defaults.c:293 plugins/sudoers/defaults.c:313
+#: plugins/sudoers/defaults.c:324
+#, c-format
+msgid "no value specified for `%s'"
+msgstr "nije navedena vrijednost za „%s”"
+
+#: plugins/sudoers/defaults.c:242
+#, c-format
+msgid "values for `%s' must start with a '/'"
+msgstr "vrijednost za „%s” mora početi s „/”"
+
+#: plugins/sudoers/defaults.c:304
+#, c-format
+msgid "option `%s' does not take a value"
+msgstr "opcija „%s” ne prihvaća vrijednost"
+
+#: plugins/sudoers/env.c:339
+#, c-format
+msgid "sudo_putenv: corrupted envp, length mismatch"
+msgstr "sudo_putenv: oštećen envp, duljina ne odgovara"
+
+#: plugins/sudoers/env.c:341 plugins/sudoers/env.c:411 toke.l:682 toke.l:812
+#: toke.l:870 toke.l:966 plugins/sudoers/toke_util.c:113
+#: plugins/sudoers/toke_util.c:167 plugins/sudoers/toke_util.c:207
+#, c-format
+msgid "unable to allocate memory"
+msgstr "ne mogu alocirati memoriju"
+
+#: plugins/sudoers/env.c:366
+#, c-format
+msgid "internal error, sudo_setenv2() overflow"
+msgstr "interna greška, sudo_setenv2() preljev"
+
+#: plugins/sudoers/env.c:410
+#, c-format
+msgid "internal error, sudo_setenv() overflow"
+msgstr "interna greška, sudo_setenv() preljev"
+
+#: plugins/sudoers/env.c:955
+#, c-format
+msgid "sorry, you are not allowed to set the following environment variables: %s"
+msgstr "žao mi je, nemate dozvolu za postavljanje sljedećih varijabli okoline: %s"
+
+#: plugins/sudoers/find_path.c:69 plugins/sudoers/find_path.c:108
+#: plugins/sudoers/find_path.c:123 plugins/sudoers/iolog.c:125 toke.l:678
+#: toke.l:866 plugins/sudoers/sudoers.c:950
+#, c-format
+msgid "%s: %s"
+msgstr "%s: %s"
+
+#: gram.y:110
+#, c-format
+msgid ">>> %s: %s near line %d <<<"
+msgstr ">>> %s: %s kod retka %d <<<"
+
+#: plugins/sudoers/group_plugin.c:91
+#, c-format
+msgid "%s%s: %s"
+msgstr "%s%s: %s"
+
+#: plugins/sudoers/group_plugin.c:103
+#, c-format
+msgid "%s must be owned by uid %d"
+msgstr "vlasnik %s mora biti uid %d"
+
+#: plugins/sudoers/group_plugin.c:107
+#, c-format
+msgid "%s must only be writable by owner"
+msgstr "samo vlasnik smije imati dozvole za pisanje %s"
+
+#: plugins/sudoers/group_plugin.c:114
+#, c-format
+msgid "unable to dlopen %s: %s"
+msgstr "ne mogu izvršiti dlopen %s: %s"
+
+#: plugins/sudoers/group_plugin.c:119
+#, c-format
+msgid "unable to find symbol \"group_plugin\" in %s"
+msgstr "ne mogu pronaći simbol „group_plugin” u %s"
+
+#: plugins/sudoers/group_plugin.c:124
+#, c-format
+msgid "%s: incompatible group plugin major version %d, expected %d"
+msgstr "%s: nekompatibilna glavna inačica grupnog priključka %d, očekujem %d"
+
+#: plugins/sudoers/interfaces.c:112
+msgid "Local IP address and netmask pairs:\n"
+msgstr "Parovi lokalnih IP adresa i mrežnih maski:\n"
+
+#: plugins/sudoers/iolog.c:179 plugins/sudoers/sudoers.c:986
+#, c-format
+msgid "unable to read %s"
+msgstr "ne mogu čitati %s"
+
+#: plugins/sudoers/iolog.c:182
+#, c-format
+msgid "invalid sequence number %s"
+msgstr "neispravan broj niza %s"
+
+#: plugins/sudoers/iolog.c:231 plugins/sudoers/iolog.c:234
+#: plugins/sudoers/iolog.c:499 plugins/sudoers/iolog.c:504
+#: plugins/sudoers/iolog.c:510 plugins/sudoers/iolog.c:518
+#: plugins/sudoers/iolog.c:526 plugins/sudoers/iolog.c:534
+#: plugins/sudoers/iolog.c:542
+#, c-format
+msgid "unable to create %s"
+msgstr "ne mogu napraviti %s"
+
+#: plugins/sudoers/iolog_path.c:256 plugins/sudoers/sudoers.c:373
+#, c-format
+msgid "unable to set locale to \"%s\", using \"C\""
+msgstr "ne mogu postaviti lokal u „%s”, koristim „C”"
+
+#: plugins/sudoers/ldap.c:374
+#, c-format
+msgid "sudo_ldap_conf_add_ports: port too large"
+msgstr "sudo_ldap_conf_add_ports: port je prevelik"
+
+#: plugins/sudoers/ldap.c:397
+#, c-format
+msgid "sudo_ldap_conf_add_ports: out of space expanding hostbuf"
+msgstr "sudo_ldap_conf_add_ports: nema dovoljno prostora za proširenje međuspremnika računala"
+
+#: plugins/sudoers/ldap.c:427
+#, c-format
+msgid "unsupported LDAP uri type: %s"
+msgstr "nepodržana vrsta LDAP uri-ja: %s"
+
+#: plugins/sudoers/ldap.c:456
+#, c-format
+msgid "invalid uri: %s"
+msgstr "neispravan uri: %s"
+
+#: plugins/sudoers/ldap.c:462
+#, c-format
+msgid "unable to mix ldap and ldaps URIs"
+msgstr "ne mogu miješati ldap i ldaps URI-je"
+
+#: plugins/sudoers/ldap.c:466
+#, c-format
+msgid "unable to mix ldaps and starttls"
+msgstr "ne mogu miješati ldaps i starttls"
+
+#: plugins/sudoers/ldap.c:485
+#, c-format
+msgid "sudo_ldap_parse_uri: out of space building hostbuf"
+msgstr "sudo_ldap_parse_uri: nema dovoljno prostora za izgradnju međuspremnika računala"
+
+#: plugins/sudoers/ldap.c:550
+#, c-format
+msgid "unable to initialize SSL cert and key db: %s"
+msgstr "ne mogu inicijalizirati SSL certifikat i bazu podataka ključeva: %s"
+
+#: plugins/sudoers/ldap.c:958
+#, c-format
+msgid "unable to get GMT time"
+msgstr "ne mogu dohvatiti GMT vrijeme"
+
+#: plugins/sudoers/ldap.c:964
+#, c-format
+msgid "unable to format timestamp"
+msgstr "ne mogu oblikovati vremensku oznaku"
+
+#: plugins/sudoers/ldap.c:972
+#, c-format
+msgid "unable to build time filter"
+msgstr "ne mogu izgraditi filtar vremena"
+
+#: plugins/sudoers/ldap.c:1187
+#, c-format
+msgid "sudo_ldap_build_pass1 allocation mismatch"
+msgstr "neodgovarajuća sudo_ldap_build_pass1 alokacija"
+
+#: plugins/sudoers/ldap.c:1707
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: %s\n"
+msgstr ""
+"\n"
+"LDAP uloga: %s\n"
+
+#: plugins/sudoers/ldap.c:1709
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: UNKNOWN\n"
+msgstr ""
+"\n"
+"LDAP uloga: NEPOZNATA\n"
+
+#: plugins/sudoers/ldap.c:1756
+#, c-format
+msgid " Order: %s\n"
+msgstr " Redoslijed: %s\n"
+
+#: plugins/sudoers/ldap.c:1764
+#, c-format
+msgid " Commands:\n"
+msgstr " Naredbe:\n"
+
+#: plugins/sudoers/ldap.c:2156
+#, c-format
+msgid "unable to initialize LDAP: %s"
+msgstr "ne mogu inicijalizirati LDAP: %s"
+
+#: plugins/sudoers/ldap.c:2187
+#, c-format
+msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
+msgstr "naveden je start_tls, ali LDAP biblioteke ne podržavaju ldap_start_tls_s() ili ldap_start_tls_s_np()"
+
+#: plugins/sudoers/ldap.c:2423
+#, c-format
+msgid "invalid sudoOrder attribute: %s"
+msgstr "neispravno sudoOrder svojstvo: %s"
+
+#: toke.l:805
+msgid "too many levels of includes"
+msgstr "previše razina uključivanja"
+
+#: toke.l:829 plugins/sudoers/sudoers.c:1004
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "vlasnik %s je uid %u, treba biti %u"
+
+#: toke.l:836 plugins/sudoers/sudoers.c:1008
+#, c-format
+msgid "%s is world writable"
+msgstr "%s ima dozvole za pisanje svih korisnika"
+
+#: toke.l:841 plugins/sudoers/sudoers.c:1011
+#, c-format
+msgid "%s is owned by gid %u, should be %u"
+msgstr "vlasnik %s je gid %u, treba biti %u"
+
+#: plugins/sudoers/linux_audit.c:57
+#, c-format
+msgid "unable to open audit system"
+msgstr "ne mogu otvoriti sustav revizije"
+
+#: plugins/sudoers/linux_audit.c:82
+#, c-format
+msgid "internal error, linux_audit_command() overflow"
+msgstr "interna greška, linux_audit_command() preljev"
+
+#: plugins/sudoers/linux_audit.c:91
+#, c-format
+msgid "unable to send audit message"
+msgstr "ne mogu poslati poruku revizije"
+
+#: plugins/sudoers/logging.c:198
+#, c-format
+msgid "unable to open log file: %s: %s"
+msgstr "ne mogu otvoriti dnevičku datoteku: %s: %s"
+
+#: plugins/sudoers/logging.c:201
+#, c-format
+msgid "unable to lock log file: %s: %s"
+msgstr "ne mogu zaključati dnevničku datoteku: %s: %s"
+
+#: plugins/sudoers/logging.c:256
+msgid "user NOT in sudoers"
+msgstr "korisnik NIJE u sudoers"
+
+#: plugins/sudoers/logging.c:258
+msgid "user NOT authorized on host"
+msgstr "korisnik NIJE ovlašten na računalu"
+
+#: plugins/sudoers/logging.c:260
+msgid "command not allowed"
+msgstr "naredba nije dozvoljena"
+
+#: plugins/sudoers/logging.c:270
+#, c-format
+msgid "%s is not in the sudoers file. This incident will be reported.\n"
+msgstr "%s nije u datoteci sudoers. Ovaj će incident biti prijavljen.\n"
+
+#: plugins/sudoers/logging.c:273
+#, c-format
+msgid "%s is not allowed to run sudo on %s. This incident will be reported.\n"
+msgstr "Korisniku %s nije dozvoljeno pokrenuti sudo na %s. Ovaj će incident biti prijavljen.\n"
+
+#: plugins/sudoers/logging.c:277
+#, c-format
+msgid "Sorry, user %s may not run sudo on %s.\n"
+msgstr "Žao mi je, korisnik %s ne može pokrenuti sudo na %s.\n"
+
+#: plugins/sudoers/logging.c:280
+#, c-format
+msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
+msgstr "Žao mi je, korisniku %s nije dozvoljeno izvršiti „%s%s%s” kao %s%s%s na %s.\n"
+
+#: plugins/sudoers/logging.c:447
+#, c-format
+msgid "unable to fork"
+msgstr "ne mogu razdvojiti"
+
+#: plugins/sudoers/logging.c:454 plugins/sudoers/logging.c:516
+#, c-format
+msgid "unable to fork: %m"
+msgstr "ne mogu razdvojiti: %m"
+
+#: plugins/sudoers/logging.c:506
+#, c-format
+msgid "unable to open pipe: %m"
+msgstr "ne mogu otvoriti cjevovod: %m"
+
+#: plugins/sudoers/logging.c:531
+#, c-format
+msgid "unable to dup stdin: %m"
+msgstr "ne mogu izvršiti dup stdin: %m"
+
+#: plugins/sudoers/logging.c:567
+#, c-format
+msgid "unable to execute %s: %m"
+msgstr "ne mogu izvršiti %s: %m"
+
+#: plugins/sudoers/logging.c:782
+#, c-format
+msgid "internal error: insufficient space for log line"
+msgstr "interna greška: nema dovoljno prostora za redak dnevnika"
+
+#: plugins/sudoers/parse.c:123
+#, c-format
+msgid "parse error in %s near line %d"
+msgstr "greška analize u %s kod retka %d"
+
+#: plugins/sudoers/parse.c:126
+#, c-format
+msgid "parse error in %s"
+msgstr "greška analize u %s"
+
+#: plugins/sudoers/parse.c:389
+#, c-format
+msgid ""
+"\n"
+"Sudoers entry:\n"
+msgstr ""
+"\n"
+"Sudoers stavka:\n"
+
+#: plugins/sudoers/parse.c:391
+#, c-format
+msgid " RunAsUsers: "
+msgstr " PokreniKaoKorisnici: "
+
+#: plugins/sudoers/parse.c:406
+#, c-format
+msgid " RunAsGroups: "
+msgstr " PokreniKaoGrupe: "
+
+#: plugins/sudoers/parse.c:415
+#, c-format
+msgid ""
+" Commands:\n"
+"\t"
+msgstr ""
+" Naredbe:\n"
+"\t"
+
+#: plugins/sudoers/plugin_error.c:100 plugins/sudoers/plugin_error.c:105
+msgid ": "
+msgstr ": "
+
+#: plugins/sudoers/pwutil.c:260
+#, c-format
+msgid "unable to cache uid %u (%s), already exists"
+msgstr "ne mogu staviti uid %u (%s) u spremnik, već postoji"
+
+#: plugins/sudoers/pwutil.c:268
+#, c-format
+msgid "unable to cache uid %u, already exists"
+msgstr "ne mogu staviti uid %u u spremnik, već postoji"
+
+#: plugins/sudoers/pwutil.c:305 plugins/sudoers/pwutil.c:314
+#, c-format
+msgid "unable to cache user %s, already exists"
+msgstr "ne mogu staviti korisnika %s u spremnik, već postoji"
+
+#: plugins/sudoers/pwutil.c:653
+#, c-format
+msgid "unable to cache gid %u (%s), already exists"
+msgstr "ne mogu staviti gid %u (%s) u spremnik, već postoji"
+
+#: plugins/sudoers/pwutil.c:661
+#, c-format
+msgid "unable to cache gid %u, already exists"
+msgstr "ne mogu staviti gid %u u spremnik, već postoji"
+
+#: plugins/sudoers/pwutil.c:691 plugins/sudoers/pwutil.c:700
+#, c-format
+msgid "unable to cache group %s, already exists"
+msgstr "ne mogu staviti grupu %s u spremnik, već postoji"
+
+#: plugins/sudoers/set_perms.c:122 plugins/sudoers/set_perms.c:436
+#: plugins/sudoers/set_perms.c:828 plugins/sudoers/set_perms.c:1114
+#: plugins/sudoers/set_perms.c:1396
+msgid "perm stack overflow"
+msgstr "preljev trajnog stoga"
+
+#: plugins/sudoers/set_perms.c:130 plugins/sudoers/set_perms.c:444
+#: plugins/sudoers/set_perms.c:836 plugins/sudoers/set_perms.c:1122
+#: plugins/sudoers/set_perms.c:1404
+msgid "perm stack underflow"
+msgstr "podljev trajnog stoga"
+
+#: plugins/sudoers/set_perms.c:270 plugins/sudoers/set_perms.c:580
+#: plugins/sudoers/set_perms.c:957 plugins/sudoers/set_perms.c:1243
+msgid "unable to change to runas gid"
+msgstr "ne mogu promijeniti u „pokreni kao” gid"
+
+#: plugins/sudoers/set_perms.c:282 plugins/sudoers/set_perms.c:592
+#: plugins/sudoers/set_perms.c:967 plugins/sudoers/set_perms.c:1253
+msgid "unable to change to runas uid"
+msgstr "ne mogu promijeniti u „pokreni kao” uid"
+
+#: plugins/sudoers/set_perms.c:300 plugins/sudoers/set_perms.c:610
+#: plugins/sudoers/set_perms.c:983 plugins/sudoers/set_perms.c:1269
+msgid "unable to change to sudoers gid"
+msgstr "ne mogu promijeniti u sudoers gid"
+
+#: plugins/sudoers/set_perms.c:353 plugins/sudoers/set_perms.c:681
+#: plugins/sudoers/set_perms.c:1029 plugins/sudoers/set_perms.c:1315
+#: plugins/sudoers/set_perms.c:1474
+msgid "too many processes"
+msgstr "previše procesa"
+
+#: plugins/sudoers/set_perms.c:1542
+msgid "unable to set runas group vector"
+msgstr "ne mogu postaviti „pokreni kao” grupni vektor"
+
+#: plugins/sudoers/sudo_nss.c:243
+#, c-format
+msgid "Matching Defaults entries for %s on this host:\n"
+msgstr "Spajam stavke zadanih vrijednosti za %s na ovom računalu:\n"
+
+#: plugins/sudoers/sudo_nss.c:256
+#, c-format
+msgid "Runas and Command-specific defaults for %s:\n"
+msgstr "Zadane vrijednosti „pokreni kao” i specifične za naredbe za %s:\n"
+
+#: plugins/sudoers/sudo_nss.c:269
+#, c-format
+msgid "User %s may run the following commands on this host:\n"
+msgstr "Korisnik %s može pokrenuti sljedeće naredbe na ovom računalu:\n"
+
+#: plugins/sudoers/sudo_nss.c:279
+#, c-format
+msgid "User %s is not allowed to run sudo on %s.\n"
+msgstr "Korisniku %s nije dozvoljeno pokrenuti sudo na %s.\n"
+
+#: plugins/sudoers/sudoers.c:208 plugins/sudoers/sudoers.c:239
+#: plugins/sudoers/sudoers.c:958
+msgid "problem with defaults entries"
+msgstr "problem sa stavkama zadanih vrijednosti"
+
+#: plugins/sudoers/sudoers.c:212
+#, c-format
+msgid "no valid sudoers sources found, quitting"
+msgstr "nisu pronađeni ispravni sudoers izvori, izlazim"
+
+#: plugins/sudoers/sudoers.c:264
+#, c-format
+msgid "unable to execute %s: %s"
+msgstr "ne mogu izvršiti %s: %s"
+
+#: plugins/sudoers/sudoers.c:322
+#, c-format
+msgid "sudoers specifies that root is not allowed to sudo"
+msgstr "sudoers navodi da root ne može koristiti sudo"
+
+#: plugins/sudoers/sudoers.c:329
+#, c-format
+msgid "you are not permitted to use the -C option"
+msgstr "nemate dozvolu za korištenje opcije -C"
+
+#: plugins/sudoers/sudoers.c:422
+#, c-format
+msgid "timestamp owner (%s): No such user"
+msgstr "vlasnik vremenske oznake (%s): Nema takvog korisnika"
+
+#: plugins/sudoers/sudoers.c:438
+msgid "no tty"
+msgstr "nema terminala"
+
+#: plugins/sudoers/sudoers.c:439
+#, c-format
+msgid "sorry, you must have a tty to run sudo"
+msgstr "žao mi je, morate imati terminal za pokretanje sudo"
+
+#: plugins/sudoers/sudoers.c:478
+msgid "No user or host"
+msgstr "Nema korisnika ili računala"
+
+#: plugins/sudoers/sudoers.c:492 plugins/sudoers/sudoers.c:513
+#: plugins/sudoers/sudoers.c:514 plugins/sudoers/sudoers.c:1522
+#: plugins/sudoers/sudoers.c:1523
+#, c-format
+msgid "%s: command not found"
+msgstr "%s: naredba nije pronađena"
+
+#: plugins/sudoers/sudoers.c:494 plugins/sudoers/sudoers.c:510
+#, c-format
+msgid ""
+"ignoring `%s' found in '.'\n"
+"Use `sudo ./%s' if this is the `%s' you wish to run."
+msgstr ""
+"zanemarujem „%s” pronađen u „.”\n"
+"Koristite „sudo ./%s” ako je ovo „%s” koji želite pokrenuti."
+
+#: plugins/sudoers/sudoers.c:499
+msgid "validation failure"
+msgstr "provjera nije uspjela"
+
+#: plugins/sudoers/sudoers.c:509
+msgid "command in current directory"
+msgstr "naredba u trenutnom direktoriju"
+
+#: plugins/sudoers/sudoers.c:521
+#, c-format
+msgid "sorry, you are not allowed to preserve the environment"
+msgstr "žao mi je, nemate dozvolu za očuvanje okoline"
+
+#: plugins/sudoers/sudoers.c:681 plugins/sudoers/sudoers.c:688
+#, c-format
+msgid "internal error, runas_groups overflow"
+msgstr "interna greška, runas_groups preljev"
+
+#: plugins/sudoers/sudoers.c:941
+#, c-format
+msgid "internal error, set_cmnd() overflow"
+msgstr "interna greška, set_cmnd() preljev"
+
+#: plugins/sudoers/sudoers.c:1001
+#, c-format
+msgid "%s is not a regular file"
+msgstr "%s nije obična datoteka"
+
+#: plugins/sudoers/sudoers.c:1038
+#, c-format
+msgid "only root can use `-c %s'"
+msgstr "samo root smije koristiti „-c %s”"
+
+#: plugins/sudoers/sudoers.c:1055 plugins/sudoers/sudoers.c:1057
+#, c-format
+msgid "unknown login class: %s"
+msgstr "nepoznat razred prijave: %s"
+
+#: plugins/sudoers/sudoers.c:1084
+#, c-format
+msgid "unable to resolve host %s"
+msgstr "ne mogu pronaći računalo %s"
+
+#: plugins/sudoers/sudoers.c:1136 plugins/sudoers/testsudoers.c:380
+#, c-format
+msgid "unknown group: %s"
+msgstr "nepoznata grupa: %s"
+
+#: plugins/sudoers/sudoers.c:1185
+#, c-format
+msgid "Sudoers policy plugin version %s\n"
+msgstr "Inačica sudoers priključka police %s\n"
+
+#: plugins/sudoers/sudoers.c:1187
+#, c-format
+msgid "Sudoers file grammar version %d\n"
+msgstr "Inačica sudoers gramatike datoteke %d\n"
+
+#: plugins/sudoers/sudoers.c:1191
+#, c-format
+msgid ""
+"\n"
+"Sudoers path: %s\n"
+msgstr ""
+"\n"
+"Sudoers putanja: %s\n"
+
+#: plugins/sudoers/sudoers.c:1194
+#, c-format
+msgid "nsswitch path: %s\n"
+msgstr "nsswitch putanja: %s\n"
+
+#: plugins/sudoers/sudoers.c:1196
+#, c-format
+msgid "ldap.conf path: %s\n"
+msgstr "ldap.conf putanja: %s\n"
+
+#: plugins/sudoers/sudoers.c:1197
+#, c-format
+msgid "ldap.secret path: %s\n"
+msgstr "ldap.secret putanja: %s\n"
+
+#: plugins/sudoers/sudoreplay.c:291
+#, c-format
+msgid "invalid filter option: %s"
+msgstr "neispravna opcija filtra: %s"
+
+#: plugins/sudoers/sudoreplay.c:304
+#, c-format
+msgid "invalid max wait: %s"
+msgstr "neispravno najveće čekanje: %s"
+
+#: plugins/sudoers/sudoreplay.c:310
+#, c-format
+msgid "invalid speed factor: %s"
+msgstr "neispravni faktor brzine: %s"
+
+#: plugins/sudoers/sudoreplay.c:313 plugins/sudoers/visudo.c:187
+#, c-format
+msgid "%s version %s\n"
+msgstr "%s inačica %s\n"
+
+#: plugins/sudoers/sudoreplay.c:338
+#, c-format
+msgid "%s/%.2s/%.2s/%.2s/timing: %s"
+msgstr "%s/%.2s/%.2s/%.2s/vrijeme: %s"
+
+#: plugins/sudoers/sudoreplay.c:344
+#, c-format
+msgid "%s/%s/timing: %s"
+msgstr "%s/%s/vrijeme: %s"
+
+#: plugins/sudoers/sudoreplay.c:362
+#, c-format
+msgid "Replaying sudo session: %s\n"
+msgstr "Prikazujem sudo sjednicu: %s\n"
+
+#: plugins/sudoers/sudoreplay.c:368
+#, c-format
+msgid "Warning: your terminal is too small to properly replay the log.\n"
+msgstr "Upozorenje: vaš terminal je premalen za ispravno prikazivanje dnevnika.\n"
+
+#: plugins/sudoers/sudoreplay.c:369
+#, c-format
+msgid "Log geometry is %d x %d, your terminal's geometry is %d x %d."
+msgstr "Veličina dnevnika je %d x %d, a veličina vašeg terminala %d x %d."
+
+#: plugins/sudoers/sudoreplay.c:399
+#, c-format
+msgid "unable to set tty to raw mode"
+msgstr "ne mogu postaviti terminal u sirovi način"
+
+#: plugins/sudoers/sudoreplay.c:412
+#, c-format
+msgid "invalid timing file line: %s"
+msgstr "neispravan redak datoteke mjerenja vremena: %s"
+
+#: plugins/sudoers/sudoreplay.c:454
+#, c-format
+msgid "writing to standard output"
+msgstr "ispisujem na standardni izlaz"
+
+#: plugins/sudoers/sudoreplay.c:486
+#, c-format
+msgid "nanosleep: tv_sec %ld, tv_nsec %ld"
+msgstr "nanosleep: tv_sec %ld, tv_nsec %ld"
+
+#: plugins/sudoers/sudoreplay.c:535 plugins/sudoers/sudoreplay.c:560
+#, c-format
+msgid "ambiguous expression \"%s\""
+msgstr "višeznačni izraz „%s”"
+
+#: plugins/sudoers/sudoreplay.c:577
+#, c-format
+msgid "too many parenthesized expressions, max %d"
+msgstr "previše izraza u zagradama, najviše %d"
+
+#: plugins/sudoers/sudoreplay.c:588
+#, c-format
+msgid "unmatched ')' in expression"
+msgstr "nesparena „)” u izrazu"
+
+#: plugins/sudoers/sudoreplay.c:594
+#, c-format
+msgid "unknown search term \"%s\""
+msgstr "nepoznat pojam pretrage „%s”"
+
+#: plugins/sudoers/sudoreplay.c:608
+#, c-format
+msgid "%s requires an argument"
+msgstr "%s zahtijeva argument"
+
+#: plugins/sudoers/sudoreplay.c:612
+#, c-format
+msgid "invalid regular expression: %s"
+msgstr "neispravan regularni izraz: %s"
+
+#: plugins/sudoers/sudoreplay.c:618
+#, c-format
+msgid "could not parse date \"%s\""
+msgstr "ne mogu analizirati datum „%s”"
+
+#: plugins/sudoers/sudoreplay.c:631
+#, c-format
+msgid "unmatched '(' in expression"
+msgstr "nesparena „(” u izrazu"
+
+#: plugins/sudoers/sudoreplay.c:633
+#, c-format
+msgid "illegal trailing \"or\""
+msgstr "nedozvoljeni „or” na kraju"
+
+#: plugins/sudoers/sudoreplay.c:635
+#, c-format
+msgid "illegal trailing \"!\""
+msgstr "nedozvoljeni „!” na kraju"
+
+#: plugins/sudoers/sudoreplay.c:942
+#, c-format
+msgid "invalid regex: %s"
+msgstr "neispravni regularni izraz: %s"
+
+#: plugins/sudoers/sudoreplay.c:1066
+#, c-format
+msgid "usage: %s [-h] [-d directory] [-m max_wait] [-s speed_factor] ID\n"
+msgstr "uporaba: %s [-h] [-d direktorij] [-m max_čekanje] [-s faktor_brzine] ID\n"
+
+#: plugins/sudoers/sudoreplay.c:1069
+#, c-format
+msgid "usage: %s [-h] [-d directory] -l [search expression]\n"
+msgstr "uporaba: %s [-h] [-d direktorij] -l [izraz pretrage]\n"
+
+#: plugins/sudoers/sudoreplay.c:1078
+#, c-format
+msgid ""
+"%s - replay sudo session logs\n"
+"\n"
+msgstr ""
+"%s - prikaži dnevnike sudo sjednica\n"
+"\n"
+
+#: plugins/sudoers/sudoreplay.c:1080
+msgid ""
+"\n"
+"Options:\n"
+" -d directory specify directory for session logs\n"
+" -f filter specify which I/O type to display\n"
+" -h display help message and exit\n"
+" -l [expression] list available session IDs that match expression\n"
+" -m max_wait max number of seconds to wait between events\n"
+" -s speed_factor speed up or slow down output\n"
+" -V display version information and exit"
+msgstr ""
+"\n"
+"Opcije:\n"
+" -d direktorij navedi direktorij za dnevnike sjednica\n"
+" -f filtar navedi U/I vrste za prikaz\n"
+" -h prikaži poruku pomoći i izađi\n"
+" -l [izraz] prikaži dostupne identifikatore sjednica koje\n"
+" odgovaraju izrazu\n"
+" -m max_čekanje najveći broj sekundi za čekanje između događaja\n"
+" -s faktor_brzine ubrzaj ili uspori ispis\n"
+" -V prikaži informacije o inačici i izađi"
+
+#: plugins/sudoers/testsudoers.c:246
+#, c-format
+msgid "internal error, init_vars() overflow"
+msgstr "interna greška, init_vars() preljev"
+
+#: plugins/sudoers/testsudoers.c:331
+msgid "\thost unmatched"
+msgstr "\tračunalo nije pronađeno"
+
+#: plugins/sudoers/testsudoers.c:334
+msgid ""
+"\n"
+"Command allowed"
+msgstr ""
+"\n"
+"Naredba dozvoljena"
+
+#: plugins/sudoers/testsudoers.c:335
+msgid ""
+"\n"
+"Command denied"
+msgstr ""
+"\n"
+"Naredba zabranjena"
+
+#: plugins/sudoers/testsudoers.c:335
+msgid ""
+"\n"
+"Command unmatched"
+msgstr ""
+"\n"
+"Naredba nije pronađena"
+
+#: plugins/sudoers/toke_util.c:218
+msgid "fill_args: buffer overflow"
+msgstr "fill_args: preljev međuspremnika"
+
+#: plugins/sudoers/visudo.c:188
+#, c-format
+msgid "%s grammar version %d\n"
+msgstr "%s inačica gramatike %d\n"
+
+#: plugins/sudoers/visudo.c:220 plugins/sudoers/auth/rfc1938.c:104
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr "niste navedeni u %s bazi podataka"
+
+#: plugins/sudoers/visudo.c:252 plugins/sudoers/visudo.c:538
+#, c-format
+msgid "press return to edit %s: "
+msgstr "pritisnite return za uređivanje %s: "
+
+#: plugins/sudoers/visudo.c:335 plugins/sudoers/visudo.c:341
+#, c-format
+msgid "write error"
+msgstr "greška pisanja"
+
+#: plugins/sudoers/visudo.c:423
+#, c-format
+msgid "unable to stat temporary file (%s), %s unchanged"
+msgstr "na mogu izvršiti stat privremene datoteke (%s), %s nepromijenjen"
+
+#: plugins/sudoers/visudo.c:428
+#, c-format
+msgid "zero length temporary file (%s), %s unchanged"
+msgstr "privremena datoteka duljine nula (%s), %s nepromijenjen"
+
+#: plugins/sudoers/visudo.c:434
+#, c-format
+msgid "editor (%s) failed, %s unchanged"
+msgstr "uređivač (%s) nije uspio, %s nepromijenjen"
+
+#: plugins/sudoers/visudo.c:457
+#, c-format
+msgid "%s unchanged"
+msgstr "%s nepromijenjen"
+
+#: plugins/sudoers/visudo.c:483
+#, c-format
+msgid "unable to re-open temporary file (%s), %s unchanged."
+msgstr "ne mogu ponovo otvoriti privremenu datoteku (%s), %s nepromijenjen."
+
+#: plugins/sudoers/visudo.c:493
+#, c-format
+msgid "unabled to parse temporary file (%s), unknown error"
+msgstr "ne mogu analizirati privremenu datoteku (%s), nepoznata greška"
+
+#: plugins/sudoers/visudo.c:531
+#, c-format
+msgid "internal error, unable to find %s in list!"
+msgstr "interna greška, ne mogu pronaći %s na popisu!"
+
+#: plugins/sudoers/visudo.c:583 plugins/sudoers/visudo.c:592
+#, c-format
+msgid "unable to set (uid, gid) of %s to (%u, %u)"
+msgstr "na mogu postaviti (uid, gid) od %s na (%u, %u)"
+
+#: plugins/sudoers/visudo.c:587 plugins/sudoers/visudo.c:597
+#, c-format
+msgid "unable to change mode of %s to 0%o"
+msgstr "ne mogu promijeniti mod od %s u 0%o"
+
+#: plugins/sudoers/visudo.c:614
+#, c-format
+msgid "%s and %s not on the same file system, using mv to rename"
+msgstr "%s i %s nisu na istom datotečnom sustavu, koristim mv za preimenovanje"
+
+#: plugins/sudoers/visudo.c:628
+#, c-format
+msgid "command failed: '%s %s %s', %s unchanged"
+msgstr "naredba nije uspjela: „%s %s %s”, %s nepromijenjen"
+
+#: plugins/sudoers/visudo.c:638
+#, c-format
+msgid "error renaming %s, %s unchanged"
+msgstr "greška preimenovanja %s, %s nepromijenjen"
+
+#: plugins/sudoers/visudo.c:701
+msgid "What now? "
+msgstr "Što sada? "
+
+#: plugins/sudoers/visudo.c:715
+msgid ""
+"Options are:\n"
+" (e)dit sudoers file again\n"
+" e(x)it without saving changes to sudoers file\n"
+" (Q)uit and save changes to sudoers file (DANGER!)\n"
+msgstr ""
+"Opcije su:\n"
+" (e) ponovo uredi datoteku sudoers\n"
+" (x) izađi bez spremanja promjena u datoteku sudoers\n"
+" (Q) izađi i spremi promjene u datoteku sudoers (OPASNO!)\n"
+
+#: plugins/sudoers/visudo.c:756
+#, c-format
+msgid "unable to execute %s"
+msgstr "ne mogu izvršiti %s"
+
+#: plugins/sudoers/visudo.c:763
+#, c-format
+msgid "unable to run %s"
+msgstr "ne mogu pokrenuti %s"
+
+#: plugins/sudoers/visudo.c:789
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr "%s: krivi vlasnički (uid, gid), treba biti (%u, %u)\n"
+
+#: plugins/sudoers/visudo.c:796
+#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr "%s: neispravne dozvole, treba biti mod 0%o\n"
+
+#: plugins/sudoers/visudo.c:821
+#, c-format
+msgid "failed to parse %s file, unknown error"
+msgstr "nisam uspio analizirati %s datoteku, nepoznata greška"
+
+#: plugins/sudoers/visudo.c:834
+#, c-format
+msgid "parse error in %s near line %d\n"
+msgstr "greška analize u %s kod retka %d\n"
+
+#: plugins/sudoers/visudo.c:837
+#, c-format
+msgid "parse error in %s\n"
+msgstr "greška analize u %s\n"
+
+#: plugins/sudoers/visudo.c:844 plugins/sudoers/visudo.c:849
+#, c-format
+msgid "%s: parsed OK\n"
+msgstr "%s: analiza u redu\n"
+
+#: plugins/sudoers/visudo.c:896
+#, c-format
+msgid "%s busy, try again later"
+msgstr "%s je zauzet, pokušajte ponovo kasnije"
+
+#: plugins/sudoers/visudo.c:940
+#, c-format
+msgid "specified editor (%s) doesn't exist"
+msgstr "navedeni uređivač (%s) ne postoji"
+
+#: plugins/sudoers/visudo.c:963
+#, c-format
+msgid "unable to stat editor (%s)"
+msgstr "ne mogu odrediti stanje uređivača (%s)"
+
+#: plugins/sudoers/visudo.c:1011
+#, c-format
+msgid "no editor found (editor path = %s)"
+msgstr "nije pronađen uređivač (putanja uređivača = %s)"
+
+#: plugins/sudoers/visudo.c:1105
+#, c-format
+msgid "Error: cycle in %s_Alias `%s'"
+msgstr "Greška: petlja u %s_Alias „%s”"
+
+#: plugins/sudoers/visudo.c:1106
+#, c-format
+msgid "Warning: cycle in %s_Alias `%s'"
+msgstr "Upozorenje: petlja u %s_Alias „%s”"
+
+#: plugins/sudoers/visudo.c:1109
+#, c-format
+msgid "Error: %s_Alias `%s' referenced but not defined"
+msgstr "Greška: %s_Alias „%s” je referenciran, ali nije definiran"
+
+#: plugins/sudoers/visudo.c:1110
+#, c-format
+msgid "Warning: %s_Alias `%s' referenced but not defined"
+msgstr "Upozorenje: %s_Alias „%s” je referenciran, ali nije definiran"
+
+#: plugins/sudoers/visudo.c:1245
+#, c-format
+msgid "%s: unused %s_Alias %s"
+msgstr "%s: nekorišteni %s_Alias %s"
+
+#: plugins/sudoers/visudo.c:1301
+#, c-format
+msgid ""
+"%s - safely edit the sudoers file\n"
+"\n"
+msgstr ""
+"%s - sigurno uređivanje datoteke sudoers\n"
+"\n"
+
+#: plugins/sudoers/visudo.c:1303
+msgid ""
+"\n"
+"Options:\n"
+" -c check-only mode\n"
+" -f sudoers specify sudoers file location\n"
+" -h display help message and exit\n"
+" -q less verbose (quiet) syntax error messages\n"
+" -s strict syntax checking\n"
+" -V display version information and exit"
+msgstr ""
+"\n"
+"Opcije:\n"
+" -c način samo za provjeravanje\n"
+" -f sudoers navedi položaj datoteke sudoers\n"
+" -h prikaži poruku pomoći i izađi\n"
+" -q manje opširne (tihe) poruke sintaksnih grešaka\n"
+" -s strogo provjeravanje sintakse\n"
+" -V prikaži informacije o inačici i izađi"
+
+#: plugins/sudoers/auth/bsdauth.c:78
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr "ne mogu dobiti razred prijave korisnika %s"
+
+#: plugins/sudoers/auth/bsdauth.c:84
+msgid "unable to begin bsd authentication"
+msgstr "ne mogu započeti bsd autentifikaciju"
+
+#: plugins/sudoers/auth/bsdauth.c:92
+msgid "invalid authentication type"
+msgstr "neispravna vrsta autentifikacije"
+
+#: plugins/sudoers/auth/bsdauth.c:101
+msgid "unable to setup authentication"
+msgstr "ne mogu postaviti autentifikaciju"
+
+#: plugins/sudoers/auth/fwtk.c:60
+#, c-format
+msgid "unable to read fwtk config"
+msgstr "ne mogu čitati fwtk konfiguraciju"
+
+#: plugins/sudoers/auth/fwtk.c:65
+#, c-format
+msgid "unable to connect to authentication server"
+msgstr "ne mogu se spojiti na autentifikacijski poslužitelj"
+
+#: plugins/sudoers/auth/fwtk.c:71 plugins/sudoers/auth/fwtk.c:95
+#: plugins/sudoers/auth/fwtk.c:128
+#, c-format
+msgid "lost connection to authentication server"
+msgstr "izgubljena veza na autentifikacijski poslužitelj"
+
+#: plugins/sudoers/auth/fwtk.c:75
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+"greška autentifikacijskog poslužitelja:\n"
+"%s"
+
+#: plugins/sudoers/auth/kerb5.c:117
+#, c-format
+msgid "%s: unable to unparse princ ('%s'): %s"
+msgstr "%s: ne mogu ukloniti analizu upravitelja („%s”): %s"
+
+#: plugins/sudoers/auth/kerb5.c:160
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr "%s: ne mogu analizirati „%s”: %s"
+
+#: plugins/sudoers/auth/kerb5.c:170
+#, c-format
+msgid "%s: unable to resolve ccache: %s"
+msgstr "%s: ne mogu pronaći ccache: %s"
+
+#: plugins/sudoers/auth/kerb5.c:218
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr "%s: ne mogu alocirati opcije: %s"
+
+#: plugins/sudoers/auth/kerb5.c:234
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr "%s: ne mogu dobiti vjerodajnice: %s"
+
+#: plugins/sudoers/auth/kerb5.c:247
+#, c-format
+msgid "%s: unable to initialize ccache: %s"
+msgstr "%s: ne mogu inicijalizirati ccache: %s"
+
+#: plugins/sudoers/auth/kerb5.c:251
+#, c-format
+msgid "%s: unable to store cred in ccache: %s"
+msgstr "%s: ne mogu spremiti vjerodajnicu u ccache: %s"
+
+#: plugins/sudoers/auth/kerb5.c:316
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr "%s: ne mogu dobiti upravitelja računala: %s"
+
+#: plugins/sudoers/auth/kerb5.c:331
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr "%s: Ne mogu provjeriti TGT! Moguć napad!: %s"
+
+#: plugins/sudoers/auth/pam.c:100
+msgid "unable to initialize PAM"
+msgstr "ne mogu inicijalizirati PAM"
+
+#: plugins/sudoers/auth/pam.c:144
+msgid "account validation failure, is your account locked?"
+msgstr "potvrđivanje računa nije uspjelo, je li vaš račun zaključan?"
+
+#: plugins/sudoers/auth/pam.c:148
+msgid "Account or password is expired, reset your password and try again"
+msgstr "Račun ili lozinka su istekli, vratite izvornu lozinku i pokušajte ponovo"
+
+#: plugins/sudoers/auth/pam.c:155
+#, c-format
+msgid "pam_chauthtok: %s"
+msgstr "pam_chauthtok: %s"
+
+#: plugins/sudoers/auth/pam.c:159
+msgid "Password expired, contact your system administrator"
+msgstr "Lozinka je istekla, javite vašem administratoru sustava"
+
+#: plugins/sudoers/auth/pam.c:163
+msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
+msgstr "Račun je istekao ili PAM konfiguracija nema odjeljak „account” za sudo, javite vašem administratoru sustava"
+
+#: plugins/sudoers/auth/pam.c:180
+#, c-format
+msgid "pam_authenticate: %s"
+msgstr "pam_authenticate: %s"
+
+#: plugins/sudoers/auth/pam.c:330
+msgid "Password: "
+msgstr "Lozinka: "
+
+#: plugins/sudoers/auth/pam.c:331
+msgid "Password:"
+msgstr "Lozinka:"
+
+#: plugins/sudoers/auth/securid5.c:81
+#, c-format
+msgid "failed to initialise the ACE API library"
+msgstr "nisam uspio inicijalizirati ACE API biblioteku"
+
+#: plugins/sudoers/auth/securid5.c:107
+#, c-format
+msgid "unable to contact the SecurID server"
+msgstr "ne mogu uspostaviti vezu s SecurID poslužiteljem"
+
+#: plugins/sudoers/auth/securid5.c:116
+#, c-format
+msgid "User ID locked for SecurID Authentication"
+msgstr "Korisnički ID zaključan za SecurID autentifikaciju"
+
+#: plugins/sudoers/auth/securid5.c:120 plugins/sudoers/auth/securid5.c:171
+#, c-format
+msgid "invalid username length for SecurID"
+msgstr "neispravna duljina korisničkog imena za SecurID"
+
+#: plugins/sudoers/auth/securid5.c:124 plugins/sudoers/auth/securid5.c:176
+#, c-format
+msgid "invalid Authentication Handle for SecurID"
+msgstr "neispravni postupak autentifikacije za SecurID"
+
+#: plugins/sudoers/auth/securid5.c:128
+#, c-format
+msgid "SecurID communication failed"
+msgstr "SecurID komunikacija nije uspjela"
+
+#: plugins/sudoers/auth/securid5.c:132 plugins/sudoers/auth/securid5.c:215
+#, c-format
+msgid "unknown SecurID error"
+msgstr "nepoznata SecurID greška"
+
+#: plugins/sudoers/auth/securid5.c:166
+#, c-format
+msgid "invalid passcode length for SecurID"
+msgstr "neispravna duljina lozinke za SecurID"
+
+#: plugins/sudoers/auth/sia.c:109
+msgid "unable to initialize SIA session"
+msgstr "ne mogu inicijalizirati SIA sjednicu"
+
+#: plugins/sudoers/auth/sudo_auth.c:117
+msgid "Invalid authentication methods compiled into sudo! You may mix standalone and non-standalone authentication."
+msgstr "Neispravne autentifikacijske metode kompajlirane u sudo! Možete miješati samostalne i nesamostalne autentifikacije."
+
+#: plugins/sudoers/auth/sudo_auth.c:199
+msgid "There are no authentication methods compiled into sudo! If you want to turn off authentication, use the --disable-authentication configure option."
+msgstr "Nema autentifikacijskih metoda kompajliranih u sudo! Ako želite isključiti autentifikaciju, koristite konfiguracijsku opciju --disable-authentication."
+
+#: plugins/sudoers/auth/sudo_auth.c:271
+#, c-format
+msgid "%d incorrect password attempt"
+msgid_plural "%d incorrect password attempts"
+msgstr[0] "%d netočan pokušaj unosa lozinke"
+msgstr[1] "%d netočna pokušaja unosa lozinke"
+msgstr[2] "%d netočnih pokušaja unosa lozinke"
+
+#: plugins/sudoers/auth/sudo_auth.c:374
+msgid "Authentication methods:"
+msgstr "Metode autentifikacije:"
# Japanese messages for sudoers
# This file is put in the public domain.
# Yasuaki Taniguchi <yasuakit@gmail.com>, 2011.
-#
+# Takeshi Hamasaki <hmatrjp@users.sourceforge.jp>, 2012.
msgid ""
msgstr ""
-"Project-Id-Version: sudoers 1.8.3rc1\n"
+"Project-Id-Version: sudoers 1.8.5rc3\n"
"Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n"
-"POT-Creation-Date: 2011-09-16 16:52-0400\n"
-"PO-Revision-Date: 2011-11-23 09:39+0900\n"
-"Last-Translator: Yasuaki Taniguchi <yasuakit@gmail.com>\n"
+"POT-Creation-Date: 2012-04-24 13:41-0400\n"
+"PO-Revision-Date: 2012-04-30 16:10+0900\n"
+"Last-Translator: Takeshi Hamasaki <hmatrjp@users.sourceforge.jp>\n"
"Language-Team: Japanese <translation-team-ja@lists.sourceforge.net>\n"
"Language: ja\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=1; plural=0;\n"
+"X-Poedit-Basepath: /factory/ja-po/sudoers/sudo-1.8.5rc3\n"
-#: plugins/sudoers/alias.c:122
+#: gram.y:110
+#, c-format
+msgid ">>> %s: %s near line %d <<<"
+msgstr ">>> %s: %s (%d行付近) <<<"
+
+#: plugins/sudoers/alias.c:125
#, c-format
msgid "Alias `%s' already defined"
msgstr "別名 `%s' はすでに定義されています"
-#: plugins/sudoers/bsm_audit.c:58 plugins/sudoers/bsm_audit.c:61
-#: plugins/sudoers/bsm_audit.c:109 plugins/sudoers/bsm_audit.c:113
-#: plugins/sudoers/bsm_audit.c:163 plugins/sudoers/bsm_audit.c:167
+#: plugins/sudoers/auth/bsdauth.c:78
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr "ユーザー%s のログインクラスを得ることができません"
+
+#: plugins/sudoers/auth/bsdauth.c:84
+msgid "unable to begin bsd authentication"
+msgstr "BSD 認証を開始できません"
+
+#: plugins/sudoers/auth/bsdauth.c:92
+msgid "invalid authentication type"
+msgstr "無効な認証タイプです"
+
+#: plugins/sudoers/auth/bsdauth.c:101
+msgid "unable to setup authentication"
+msgstr "認証をセットアップできません"
+
+#: plugins/sudoers/auth/fwtk.c:60
+#, c-format
+msgid "unable to read fwtk config"
+msgstr "fwtk 設定を読み込めません"
+
+#: plugins/sudoers/auth/fwtk.c:65
+#, c-format
+msgid "unable to connect to authentication server"
+msgstr "認証サーバーに接続できません"
+
+#: plugins/sudoers/auth/fwtk.c:71 plugins/sudoers/auth/fwtk.c:95
+#: plugins/sudoers/auth/fwtk.c:128
+#, c-format
+msgid "lost connection to authentication server"
+msgstr "認証サーバーへの接続が失われました"
+
+#: plugins/sudoers/auth/fwtk.c:75
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+"認証サーバーエラーです:\n"
+"%s"
+
+#: plugins/sudoers/auth/kerb5.c:117
+#, c-format
+msgid "%s: unable to unparse princ ('%s'): %s"
+msgstr "%s: princ ('%s') を符号化できません: %s"
+
+#: plugins/sudoers/auth/kerb5.c:160
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr "%s: '%s' を構文解析できません: %s"
+
+#: plugins/sudoers/auth/kerb5.c:170
+#, c-format
+msgid "%s: unable to resolve ccache: %s"
+msgstr "%s: 資格情報キャッシュ (ccache) を解決できません: %s"
+
+#: plugins/sudoers/auth/kerb5.c:218
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr "%s: オプションを設定できません: %s"
+
+#: plugins/sudoers/auth/kerb5.c:234
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr "%s: 資格情報を取得できません: %s"
+
+#: plugins/sudoers/auth/kerb5.c:247
+#, c-format
+msgid "%s: unable to initialize ccache: %s"
+msgstr "%s: 資格情報キャッシュ (ccache) を初期化できません: %s"
+
+#: plugins/sudoers/auth/kerb5.c:251
+#, c-format
+msgid "%s: unable to store cred in ccache: %s"
+msgstr "%s: 資格情報を資格情報キャッシュ (ccache) 内に保存できません: %s"
+
+#: plugins/sudoers/auth/kerb5.c:316
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr "%s: ホストプリンシパルを取得できません: %s"
+
+#: plugins/sudoers/auth/kerb5.c:331
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr "%s: TGT を検証できません! おそらく攻撃です!: %s"
+
+#: plugins/sudoers/auth/pam.c:100
+msgid "unable to initialize PAM"
+msgstr "PAM を初期化できません"
+
+#: plugins/sudoers/auth/pam.c:144
+msgid "account validation failure, is your account locked?"
+msgstr "アカウントの有効性検証に失敗しました。あなたのアカウントはロックされていませんか?"
+
+#: plugins/sudoers/auth/pam.c:148
+msgid "Account or password is expired, reset your password and try again"
+msgstr "アカウントまたはパスワードが期限切れです。パスワードをリセットして再試行してください"
+
+#: plugins/sudoers/auth/pam.c:155
+#, c-format
+msgid "pam_chauthtok: %s"
+msgstr "pam_chauthtok: %s"
+
+#: plugins/sudoers/auth/pam.c:159
+msgid "Password expired, contact your system administrator"
+msgstr "パスワードが期限切れです。システム管理者に連絡してください"
+
+#: plugins/sudoers/auth/pam.c:163
+msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
+msgstr "アカウントの期限切れ、または sudo 用の PAM 設定に \"account\" セクションがありません。システム管理者に連絡してください"
+
+#: plugins/sudoers/auth/pam.c:180
+#, c-format
+msgid "pam_authenticate: %s"
+msgstr "pam_authenticate: %s"
+
+#: plugins/sudoers/auth/pam.c:332
+msgid "Password: "
+msgstr "パスワード: "
+
+#: plugins/sudoers/auth/pam.c:333
+msgid "Password:"
+msgstr "パスワード:"
+
+#: plugins/sudoers/auth/rfc1938.c:104 plugins/sudoers/visudo.c:220
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr "あなたは %s データベース内に存在しません"
+
+#: plugins/sudoers/auth/securid5.c:81
+#, c-format
+msgid "failed to initialise the ACE API library"
+msgstr "ACE API ライブラリの初期化に失敗しました"
+
+#: plugins/sudoers/auth/securid5.c:107
+#, c-format
+msgid "unable to contact the SecurID server"
+msgstr "SecurID サーバーに接続できません"
+
+#: plugins/sudoers/auth/securid5.c:116
+#, c-format
+msgid "User ID locked for SecurID Authentication"
+msgstr "SecurID 認証のユーザーIDがロックされています"
+
+#: plugins/sudoers/auth/securid5.c:120 plugins/sudoers/auth/securid5.c:171
+#, c-format
+msgid "invalid username length for SecurID"
+msgstr "SecurID 用のユーザー名の長さが無効です"
+
+#: plugins/sudoers/auth/securid5.c:124 plugins/sudoers/auth/securid5.c:176
+#, c-format
+msgid "invalid Authentication Handle for SecurID"
+msgstr "SecurID 用の認証ハンドルが無効です"
+
+#: plugins/sudoers/auth/securid5.c:128
+#, c-format
+msgid "SecurID communication failed"
+msgstr "SecurID 通信に失敗しました"
+
+#: plugins/sudoers/auth/securid5.c:132 plugins/sudoers/auth/securid5.c:215
+#, c-format
+msgid "unknown SecurID error"
+msgstr "不明な SecurID エラーです"
+
+#: plugins/sudoers/auth/securid5.c:166
+#, c-format
+msgid "invalid passcode length for SecurID"
+msgstr "SecurID 用のパスコード長が無効です"
+
+#: plugins/sudoers/auth/sia.c:109
+msgid "unable to initialize SIA session"
+msgstr "SIA セッションを初期化できません"
+
+#: plugins/sudoers/auth/sudo_auth.c:117
+msgid "Invalid authentication methods compiled into sudo! You may mix standalone and non-standalone authentication."
+msgstr "無効な認証方法が sudo のコンパイル時に組み込まれています! スタンドアローンと非スタンドアローン認証を組み合わせているようです。"
+
+#: plugins/sudoers/auth/sudo_auth.c:199
+msgid "There are no authentication methods compiled into sudo! If you want to turn off authentication, use the --disable-authentication configure option."
+msgstr "認証方法が sudo のコンパイル時に組み込まれていません! 認証を無効にする場合には、configure オプションで --disable-authentication を指定してください。"
+
+#: plugins/sudoers/auth/sudo_auth.c:271
+#, c-format
+msgid "%d incorrect password attempt"
+msgid_plural "%d incorrect password attempts"
+msgstr[0] "%d 回パスワード試行を間違えました"
+
+#: plugins/sudoers/auth/sudo_auth.c:374
+msgid "Authentication methods:"
+msgstr "認証方法:"
+
+#: plugins/sudoers/bsm_audit.c:60 plugins/sudoers/bsm_audit.c:63
+#: plugins/sudoers/bsm_audit.c:112 plugins/sudoers/bsm_audit.c:116
+#: plugins/sudoers/bsm_audit.c:168 plugins/sudoers/bsm_audit.c:172
+#, c-format
msgid "getaudit: failed"
msgstr "getaudit: 失敗しました"
-#: plugins/sudoers/bsm_audit.c:87 plugins/sudoers/bsm_audit.c:148
+#: plugins/sudoers/bsm_audit.c:90 plugins/sudoers/bsm_audit.c:153
+#, c-format
msgid "Could not determine audit condition"
msgstr "監査条件を決定できませんでした"
-#: plugins/sudoers/bsm_audit.c:98
+#: plugins/sudoers/bsm_audit.c:101
+#, c-format
msgid "getauid failed"
msgstr "getauid に失敗しました"
-#: plugins/sudoers/bsm_audit.c:100 plugins/sudoers/bsm_audit.c:157
+#: plugins/sudoers/bsm_audit.c:103 plugins/sudoers/bsm_audit.c:162
+#, c-format
msgid "au_open: failed"
msgstr "au_open: 失敗しました"
-#: plugins/sudoers/bsm_audit.c:115 plugins/sudoers/bsm_audit.c:169
+#: plugins/sudoers/bsm_audit.c:118 plugins/sudoers/bsm_audit.c:174
+#, c-format
msgid "au_to_subject: failed"
msgstr "au_to_subject: 失敗しました"
-#: plugins/sudoers/bsm_audit.c:119 plugins/sudoers/bsm_audit.c:173
+#: plugins/sudoers/bsm_audit.c:122 plugins/sudoers/bsm_audit.c:178
+#, c-format
msgid "au_to_exec_args: failed"
msgstr "au_to_exec_args: 失敗しました"
-#: plugins/sudoers/bsm_audit.c:123 plugins/sudoers/bsm_audit.c:182
+#: plugins/sudoers/bsm_audit.c:126 plugins/sudoers/bsm_audit.c:187
+#, c-format
msgid "au_to_return32: failed"
msgstr "au_to_return32: 失敗しました"
-#: plugins/sudoers/bsm_audit.c:126 plugins/sudoers/bsm_audit.c:185
+#: plugins/sudoers/bsm_audit.c:129 plugins/sudoers/bsm_audit.c:190
+#, c-format
msgid "unable to commit audit record"
msgstr "監査レコードをコミットできません"
-#: plugins/sudoers/bsm_audit.c:155
+#: plugins/sudoers/bsm_audit.c:160
+#, c-format
msgid "getauid: failed"
msgstr "getauid: 失敗しました"
-#: plugins/sudoers/bsm_audit.c:178
+#: plugins/sudoers/bsm_audit.c:183
+#, c-format
msgid "au_to_text: failed"
msgstr "au_to_text: 失敗しました"
-#: plugins/sudoers/check.c:141
+#: plugins/sudoers/check.c:158
#, c-format
msgid "sorry, a password is required to run %s"
msgstr "%s を実行するにはパスワードが必要です。すみません"
-#: plugins/sudoers/check.c:225 plugins/sudoers/iolog.c:169
-#: plugins/sudoers/sudoers.c:971 plugins/sudoers/sudoreplay.c:325
-#: plugins/sudoers/sudoreplay.c:334 plugins/sudoers/sudoreplay.c:675
-#: plugins/sudoers/sudoreplay.c:767 plugins/sudoers/visudo.c:744
+#: plugins/sudoers/check.c:249 plugins/sudoers/iolog.c:172
+#: plugins/sudoers/sudoers.c:979 plugins/sudoers/sudoreplay.c:353
+#: plugins/sudoers/sudoreplay.c:709 plugins/sudoers/sudoreplay.c:866
+#: plugins/sudoers/visudo.c:815
#, c-format
msgid "unable to open %s"
msgstr "%s を開けません"
-#: plugins/sudoers/check.c:229 plugins/sudoers/iolog.c:199
+#: plugins/sudoers/check.c:253 plugins/sudoers/iolog.c:202
#, c-format
msgid "unable to write to %s"
msgstr "%s へ書き込むことができません"
-#: plugins/sudoers/check.c:237 plugins/sudoers/check.c:475
-#: plugins/sudoers/check.c:525 plugins/sudoers/iolog.c:122
-#: plugins/sudoers/iolog.c:153
+#: plugins/sudoers/check.c:261 plugins/sudoers/check.c:506
+#: plugins/sudoers/check.c:556 plugins/sudoers/iolog.c:123
+#: plugins/sudoers/iolog.c:156
#, c-format
msgid "unable to mkdir %s"
msgstr "ディレクトリ %s を作成できません"
-#: plugins/sudoers/check.c:370
+#: plugins/sudoers/check.c:396
#, c-format
msgid "internal error, expand_prompt() overflow"
msgstr "内部エラー、expand_prompt() がオーバーフローしました"
-#: plugins/sudoers/check.c:426
+#: plugins/sudoers/check.c:456
#, c-format
msgid "timestamp path too long: %s"
msgstr "タイムスタンプ用パスが長すぎます: %s"
-#: plugins/sudoers/check.c:454 plugins/sudoers/check.c:498
-#: plugins/sudoers/iolog.c:155
+#: plugins/sudoers/check.c:485 plugins/sudoers/check.c:529
+#: plugins/sudoers/iolog.c:158
#, c-format
msgid "%s exists but is not a directory (0%o)"
-msgstr "%s ã\81\8cå\98å\9c¨ã\81\97ã\81¾ã\81\99ã\81\8cã\83\87ã\82£ã\83¬ã\82¯ã\83\88ã\83ªã\83¼ã\81§ã\81¯ã\81\82ã\82\8aã\81¾ã\81\9bã\82\93 (0%o)"
+msgstr "%s が存在しますがディレクトリではありません (0%o)"
-#: plugins/sudoers/check.c:457 plugins/sudoers/check.c:501
-#: plugins/sudoers/check.c:546
+#: plugins/sudoers/check.c:488 plugins/sudoers/check.c:532
+#: plugins/sudoers/check.c:577
#, c-format
msgid "%s owned by uid %u, should be uid %u"
msgstr "%s はユーザーID (uid) %u によって所有されています。これはユーザーID %u であるべきです"
-#: plugins/sudoers/check.c:462 plugins/sudoers/check.c:506
+#: plugins/sudoers/check.c:493 plugins/sudoers/check.c:537
#, c-format
msgid "%s writable by non-owner (0%o), should be mode 0700"
msgstr "%s は所有者以外でも書き込み可能 (0%o) です。アクセス権限のモードは 0700 であるべきです"
-#: plugins/sudoers/check.c:470 plugins/sudoers/check.c:514
-#: plugins/sudoers/check.c:582 plugins/sudoers/sudoers.c:957
-#: plugins/sudoers/visudo.c:304 plugins/sudoers/visudo.c:544
+#: plugins/sudoers/check.c:501 plugins/sudoers/check.c:545
+#: plugins/sudoers/check.c:613 plugins/sudoers/sudoers.c:998
+#: plugins/sudoers/visudo.c:319 plugins/sudoers/visudo.c:581
#, c-format
msgid "unable to stat %s"
msgstr "%s の状態取得 (stat) ができません"
-#: plugins/sudoers/check.c:540
+#: plugins/sudoers/check.c:571
#, c-format
msgid "%s exists but is not a regular file (0%o)"
msgstr "%s が存在しますが通常ファイル (0%o) ではありません"
-#: plugins/sudoers/check.c:552
+#: plugins/sudoers/check.c:583
#, c-format
msgid "%s writable by non-owner (0%o), should be mode 0600"
msgstr "%s は所有者以外でも書き込み可能 (0%o) です。アクセス権限のモードは 0600 であるべきです"
-#: plugins/sudoers/check.c:606
+#: plugins/sudoers/check.c:637
#, c-format
msgid "timestamp too far in the future: %20.20s"
msgstr "タイムスタンプが遠すぎる将来になっています: %20.20s"
-#: plugins/sudoers/check.c:652
+#: plugins/sudoers/check.c:684
#, c-format
msgid "unable to remove %s (%s), will reset to the epoch"
msgstr "%s (%s) を削除できません。エポックにリセットします"
-#: plugins/sudoers/check.c:660
+#: plugins/sudoers/check.c:692
#, c-format
msgid "unable to reset %s to the epoch"
msgstr "%s をエポックにリセットできません"
-#: plugins/sudoers/check.c:714 plugins/sudoers/check.c:720
+#: plugins/sudoers/check.c:752 plugins/sudoers/check.c:758
+#: plugins/sudoers/sudoers.c:856 plugins/sudoers/sudoers.c:860
#, c-format
msgid "unknown uid: %u"
msgstr "不明なユーザーID (uid) です: %u"
-#: plugins/sudoers/check.c:717 plugins/sudoers/sudoers.c:748
-#: plugins/sudoers/sudoers.c:814 plugins/sudoers/sudoers.c:815
-#: plugins/sudoers/sudoers.c:1088 plugins/sudoers/testsudoers.c:202
-#: plugins/sudoers/testsudoers.c:337
+#: plugins/sudoers/check.c:755 plugins/sudoers/sudoers.c:797
+#: plugins/sudoers/sudoers.c:1115 plugins/sudoers/testsudoers.c:218
+#: plugins/sudoers/testsudoers.c:362
#, c-format
msgid "unknown user: %s"
msgstr "不明なユーザーです: %s"
#: plugins/sudoers/def_data.c:99
msgid "Set $HOME to the target user when starting a shell with -s"
-msgstr "ã\82·ã\82§ã\83«ã\82\92 -s ã\81§é\96\8bå§\8bã\81\97ã\81\9fæ\99\82ã\81« $HOME ã\82\92å¤\89æ\9b´å¾\8cã\81®ã\83¦ã\83¼ã\82¶ã\83¼ã\81®ã\83\9bã\83¼ã\83 ã\83\87ã\82£ã\83¬ã\82¯ã\83\88ã\83ªã\83¼ã\81«è¨å®\9aã\81\97ã\81¾ã\81\99"
+msgstr "シェルを -s で開始した時に $HOME を変更後のユーザーのホームディレクトリに設定します"
#: plugins/sudoers/def_data.c:103
msgid "Always set $HOME to the target user's home directory"
-msgstr "$HOME ã\82\92常ã\81«å¤\89æ\9b´å¾\8cã\81®ã\83¦ã\83¼ã\82¶ã\83¼ã\81®ã\83\9bã\83¼ã\83 ã\83\87ã\82£ã\83¬ã\82¯ã\83\88ã\83ªã\83¼ã\81«è¨å®\9aã\81\97ã\81¾ã\81\99"
+msgstr "$HOME を常に変更後のユーザーのホームディレクトリに設定します"
#: plugins/sudoers/def_data.c:107
msgid "Allow some information gathering to give useful error messages"
#: plugins/sudoers/def_data.c:203
#, c-format
msgid "Path to authentication timestamp dir: %s"
-msgstr "èª\8d証ã\82¿ã\82¤ã\83 ã\82¹ã\82¿ã\83³ã\83\97ã\83\87ã\82£ã\83¬ã\82¯ã\83\88ã\83ªã\83¼ã\81®ã\83\91ã\82¹: %s"
+msgstr "認証タイムスタンプディレクトリのパス: %s"
#: plugins/sudoers/def_data.c:207
#, c-format
msgid "Owner of the authentication timestamp dir: %s"
-msgstr "èª\8d証ã\82¿ã\82¤ã\83 ã\82¹ã\82¿ã\83³ã\83\97ã\83\87ã\82£ã\83¬ã\82¯ã\83\88ã\83ªã\83¼ã\81®æ\89\80æ\9c\89è\80\85: %s"
+msgstr "認証タイムスタンプディレクトリの所有者: %s"
#: plugins/sudoers/def_data.c:211
#, c-format
msgstr "'verify' 疑似コマンドを使用するためにパスワードを要求される時: %s"
#: plugins/sudoers/def_data.c:243
-msgid "Preload the dummy exec functions contained in 'noexec_file'"
-msgstr "'noexec_file' にある偽の exec 関数群を事前ロードします"
-
-#: plugins/sudoers/def_data.c:247
-#, c-format
-msgid "File containing dummy exec functions: %s"
-msgstr "偽の exec 関数が含まれるファイル: %s"
+msgid "Preload the dummy exec functions contained in the sudo_noexec library"
+msgstr "sudo_noexec ライブラリに含まれるダミーの exec 関数群を事前ロードします"
# do はたぶん強調の do
-#: plugins/sudoers/def_data.c:251
+#: plugins/sudoers/def_data.c:247
msgid "If LDAP directory is up, do we ignore local sudoers file"
-msgstr "LDAP ã\83\87ã\82£ã\83¬ã\82¯ã\83\88ã\83ªã\83¼ã\81\8cå®\9fè¡\8cä¸ã\81®å ´å\90\88ã\80\81ã\83ã\83¼ã\82«ã\83«ã\81® sudoers ã\83\95ã\82¡ã\82¤ã\83«ã\82\92ç\84¡è¦\96ã\81\97ã\81¾ã\81\99"
+msgstr "LDAP ディレクトリが実行中の場合、ローカルの sudoers ファイルを無視します"
-#: plugins/sudoers/def_data.c:255
+#: plugins/sudoers/def_data.c:251
#, c-format
msgid "File descriptors >= %d will be closed before executing a command"
msgstr "%d 以上の値をもつファイル記述子をコマンド実行前に閉じます"
-#: plugins/sudoers/def_data.c:259
+#: plugins/sudoers/def_data.c:255
msgid "If set, users may override the value of `closefrom' with the -C option"
msgstr "設定した場合、ユーザーが `closefrom' の値を -C オプションで上書きするかもしれません"
-#: plugins/sudoers/def_data.c:263
+#: plugins/sudoers/def_data.c:259
msgid "Allow users to set arbitrary environment variables"
msgstr "ユーザーが任意の環境変数を設定することを許可します"
-#: plugins/sudoers/def_data.c:267
+#: plugins/sudoers/def_data.c:263
msgid "Reset the environment to a default set of variables"
msgstr "環境変数の集合をデフォルトに設定します"
-#: plugins/sudoers/def_data.c:271
+#: plugins/sudoers/def_data.c:267
msgid "Environment variables to check for sanity:"
msgstr "正当性の確認を行う環境変数:"
-#: plugins/sudoers/def_data.c:275
+#: plugins/sudoers/def_data.c:271
msgid "Environment variables to remove:"
msgstr "削除する環境変数:"
-#: plugins/sudoers/def_data.c:279
+#: plugins/sudoers/def_data.c:275
msgid "Environment variables to preserve:"
msgstr "保護する環境変数:"
-#: plugins/sudoers/def_data.c:283
+#: plugins/sudoers/def_data.c:279
#, c-format
msgid "SELinux role to use in the new security context: %s"
msgstr "新しいセキュリティコンテキスト内で使用する SELinux の役割: %s"
-#: plugins/sudoers/def_data.c:287
+#: plugins/sudoers/def_data.c:283
#, c-format
msgid "SELinux type to use in the new security context: %s"
msgstr "新しいセキュリティコンテキスト内で使用する SELinux のタイプ: %s"
-#: plugins/sudoers/def_data.c:291
+#: plugins/sudoers/def_data.c:287
#, c-format
msgid "Path to the sudo-specific environment file: %s"
msgstr "sudo 固有の環境ファイルのパス: %s"
-#: plugins/sudoers/def_data.c:295
+#: plugins/sudoers/def_data.c:291
#, c-format
msgid "Locale to use while parsing sudoers: %s"
msgstr "sudoers を構文解析する時に使用するロケール: %s"
-#: plugins/sudoers/def_data.c:299
-msgid "Allow sudo to prompt for a password even if it would be visisble"
-msgstr "ã\83\91ã\82¹ã\83¯ã\83¼ã\83\89ã\81\8c表示ã\81\95ã\82\8cã\82\8b状態であっても sudo がパスワード入力を要求することを許可します"
+#: plugins/sudoers/def_data.c:295
+msgid "Allow sudo to prompt for a password even if it would be visible"
+msgstr "ã\83\91ã\82¹ã\83¯ã\83¼ã\83\89ã\81\8c表示ã\81\95ã\82\8cã\81¦ã\81\97ã\81¾ã\81\86状態であっても sudo がパスワード入力を要求することを許可します"
-#: plugins/sudoers/def_data.c:303
+#: plugins/sudoers/def_data.c:299
msgid "Provide visual feedback at the password prompt when there is user input"
msgstr "パスワード入力要求でユーザーの入力があった時に、視覚的なフィードバックを提供します"
-#: plugins/sudoers/def_data.c:307
+#: plugins/sudoers/def_data.c:303
msgid "Use faster globbing that is less accurate but does not access the filesystem"
msgstr "ファイルシステムにアクセスしないがより正確では無い、素早い一致確認処理を行います"
-#: plugins/sudoers/def_data.c:311
+#: plugins/sudoers/def_data.c:307
msgid "The umask specified in sudoers will override the user's, even if it is more permissive"
msgstr "sudoers で指定した umask 値でユーザーの umask 値を上書きします (ユーザーの umask 値より緩い場合でも)"
-#: plugins/sudoers/def_data.c:315
+#: plugins/sudoers/def_data.c:311
msgid "Log user's input for the command being run"
msgstr "コマンドを実行した時のユーザー入力をログに記録します"
-#: plugins/sudoers/def_data.c:319
+#: plugins/sudoers/def_data.c:315
msgid "Log the output of the command being run"
msgstr "コマンドを実行した時の出力をログに記録します"
-#: plugins/sudoers/def_data.c:323
+#: plugins/sudoers/def_data.c:319
msgid "Compress I/O logs using zlib"
msgstr "I/O ログを zlib を使用して圧縮します"
-#: plugins/sudoers/def_data.c:327
+#: plugins/sudoers/def_data.c:323
msgid "Always run commands in a pseudo-tty"
msgstr "常に疑似 tty 内でコマンドを実行します"
+#: plugins/sudoers/def_data.c:327
+#, c-format
+msgid "Plugin for non-Unix group support: %s"
+msgstr "UNIX 以外のグループをサポートするためのプラグインです:%s"
+
#: plugins/sudoers/def_data.c:331
-msgid "Plugin for non-Unix group support"
-msgstr "UNIX 以外のグループをサポートするためのプラグインです"
+#, c-format
+msgid "Directory in which to store input/output logs: %s"
+msgstr "入出力 (I/O) ログを保存するディレクトリです:%s"
#: plugins/sudoers/def_data.c:335
-msgid "Directory in which to store input/output logs"
-msgstr "入出力 (I/O) ログを保存するディレクトリーです"
+#, c-format
+msgid "File in which to store the input/output log: %s"
+msgstr "入出力 (I/O) ログを保存するファイルです:%s"
#: plugins/sudoers/def_data.c:339
-msgid "File in which to store the input/output log"
-msgstr "入出力 (I/O) ログを保存するファイルです"
-
-#: plugins/sudoers/def_data.c:343
msgid "Add an entry to the utmp/utmpx file when allocating a pty"
msgstr "pty を割り当てた時に utmp/utmpx ファイルに記録を加えます"
-#: plugins/sudoers/def_data.c:347
+#: plugins/sudoers/def_data.c:343
msgid "Set the user in utmp to the runas user, not the invoking user"
msgstr "utmp に記録するユーザーを、実行したユーザーではなく、変更後のユーザーにします"
-#: plugins/sudoers/defaults.c:205
+#: plugins/sudoers/defaults.c:208
#, c-format
msgid "unknown defaults entry `%s'"
msgstr "不明なデフォルト項目 `%s' です"
-#: plugins/sudoers/defaults.c:213 plugins/sudoers/defaults.c:223
-#: plugins/sudoers/defaults.c:243 plugins/sudoers/defaults.c:256
-#: plugins/sudoers/defaults.c:269 plugins/sudoers/defaults.c:282
-#: plugins/sudoers/defaults.c:295 plugins/sudoers/defaults.c:315
-#: plugins/sudoers/defaults.c:325
+#: plugins/sudoers/defaults.c:216 plugins/sudoers/defaults.c:226
+#: plugins/sudoers/defaults.c:246 plugins/sudoers/defaults.c:259
+#: plugins/sudoers/defaults.c:272 plugins/sudoers/defaults.c:285
+#: plugins/sudoers/defaults.c:298 plugins/sudoers/defaults.c:318
+#: plugins/sudoers/defaults.c:328
#, c-format
msgid "value `%s' is invalid for option `%s'"
msgstr "オプション `%2$s' の値 `%1$s' は無効です"
-#: plugins/sudoers/defaults.c:216 plugins/sudoers/defaults.c:226
-#: plugins/sudoers/defaults.c:234 plugins/sudoers/defaults.c:251
-#: plugins/sudoers/defaults.c:264 plugins/sudoers/defaults.c:277
-#: plugins/sudoers/defaults.c:290 plugins/sudoers/defaults.c:310
-#: plugins/sudoers/defaults.c:321
+#: plugins/sudoers/defaults.c:219 plugins/sudoers/defaults.c:229
+#: plugins/sudoers/defaults.c:237 plugins/sudoers/defaults.c:254
+#: plugins/sudoers/defaults.c:267 plugins/sudoers/defaults.c:280
+#: plugins/sudoers/defaults.c:293 plugins/sudoers/defaults.c:313
+#: plugins/sudoers/defaults.c:324
#, c-format
msgid "no value specified for `%s'"
msgstr "`%s' に値が指定されていません"
-#: plugins/sudoers/defaults.c:239
+#: plugins/sudoers/defaults.c:242
#, c-format
msgid "values for `%s' must start with a '/'"
msgstr "`%s' の値は '/' で開始しなければいけません"
-#: plugins/sudoers/defaults.c:301
+#: plugins/sudoers/defaults.c:304
#, c-format
msgid "option `%s' does not take a value"
msgstr "オプション `%s' は値をとりません"
-#: plugins/sudoers/env.c:259
-#, c-format
-msgid "internal error, sudo_setenv() overflow"
-msgstr "内部エラー、 sudo_setenv() がオーバーフローしました"
-
-#: plugins/sudoers/env.c:289
+#: plugins/sudoers/env.c:339
#, c-format
msgid "sudo_putenv: corrupted envp, length mismatch"
msgstr "sudo_putenv: envp が破損しています。長さが合いません"
-#: plugins/sudoers/env.c:698
+#: plugins/sudoers/env.c:341 plugins/sudoers/env.c:411
+#: plugins/sudoers/toke_util.c:113 plugins/sudoers/toke_util.c:167
+#: plugins/sudoers/toke_util.c:207 toke.l:682 toke.l:812 toke.l:870 toke.l:966
+#, c-format
+msgid "unable to allocate memory"
+msgstr "メモリ割り当てを行えませんでした"
+
+#: plugins/sudoers/env.c:366
+#, c-format
+msgid "internal error, sudo_setenv2() overflow"
+msgstr "内部エラー、 sudo_setenv2() がオーバーフローしました"
+
+#: plugins/sudoers/env.c:410
+#, c-format
+msgid "internal error, sudo_setenv() overflow"
+msgstr "内部エラー、 sudo_setenv() がオーバーフローしました"
+
+#: plugins/sudoers/env.c:955
#, c-format
msgid "sorry, you are not allowed to set the following environment variables: %s"
msgstr "すみませんが、あなたは次の環境変数を設定することを許可されていません: %s"
-#: plugins/sudoers/find_path.c:68 plugins/sudoers/find_path.c:107
-#: plugins/sudoers/find_path.c:122 plugins/sudoers/iolog.c:124
-#: plugins/sudoers/sudoers.c:903 toke.l:663 toke.l:814
+#: plugins/sudoers/find_path.c:69 plugins/sudoers/find_path.c:108
+#: plugins/sudoers/find_path.c:123 plugins/sudoers/iolog.c:125
+#: plugins/sudoers/sudoers.c:950 toke.l:678 toke.l:866
#, c-format
msgid "%s: %s"
msgstr "%s: %s"
-#: gram.y:103
-#, c-format
-msgid ">>> %s: %s near line %d <<<"
-msgstr ">>> %s: %s (%d行付近) <<<"
-
-#: plugins/sudoers/group_plugin.c:90
+#: plugins/sudoers/group_plugin.c:91
#, c-format
msgid "%s%s: %s"
msgstr "%s%s: %s"
-#: plugins/sudoers/group_plugin.c:102
+#: plugins/sudoers/group_plugin.c:103
#, c-format
msgid "%s must be owned by uid %d"
msgstr "%s の所有者は uid %d でなければいけません"
-#: plugins/sudoers/group_plugin.c:106
+#: plugins/sudoers/group_plugin.c:107
#, c-format
msgid "%s must only be writable by owner"
msgstr "%s は所有者のみ書き込み可能でなければいけません"
-#: plugins/sudoers/group_plugin.c:113
+#: plugins/sudoers/group_plugin.c:114
#, c-format
msgid "unable to dlopen %s: %s"
msgstr "dlopen %s を行うことができません: %s"
-#: plugins/sudoers/group_plugin.c:118
+#: plugins/sudoers/group_plugin.c:119
#, c-format
msgid "unable to find symbol \"group_plugin\" in %s"
msgstr "%s 内にシンボル \"group_plugin\" がありません"
-#: plugins/sudoers/group_plugin.c:123
+#: plugins/sudoers/group_plugin.c:124
#, c-format
msgid "%s: incompatible group plugin major version %d, expected %d"
msgstr "%s: 互換性のないグループプラグインメジャーバージョン %d です。予期されるのは %d です"
-#: plugins/sudoers/interfaces.c:109
+#: plugins/sudoers/interfaces.c:112
msgid "Local IP address and netmask pairs:\n"
msgstr "ローカル IP アドレスとネットマスクの組:\n"
-#: plugins/sudoers/iolog.c:176 plugins/sudoers/sudoers.c:978
+#: plugins/sudoers/iolog.c:179 plugins/sudoers/sudoers.c:986
#, c-format
msgid "unable to read %s"
msgstr "%s を読み込めません"
-#: plugins/sudoers/iolog.c:179
+#: plugins/sudoers/iolog.c:182
#, c-format
msgid "invalid sequence number %s"
msgstr "無効な順序番号です: %s"
-#: plugins/sudoers/iolog.c:225 plugins/sudoers/iolog.c:228
-#: plugins/sudoers/iolog.c:478 plugins/sudoers/iolog.c:483
-#: plugins/sudoers/iolog.c:489 plugins/sudoers/iolog.c:497
-#: plugins/sudoers/iolog.c:505 plugins/sudoers/iolog.c:513
-#: plugins/sudoers/iolog.c:521
+#: plugins/sudoers/iolog.c:231 plugins/sudoers/iolog.c:234
+#: plugins/sudoers/iolog.c:499 plugins/sudoers/iolog.c:504
+#: plugins/sudoers/iolog.c:510 plugins/sudoers/iolog.c:518
+#: plugins/sudoers/iolog.c:526 plugins/sudoers/iolog.c:534
+#: plugins/sudoers/iolog.c:542
#, c-format
msgid "unable to create %s"
msgstr "%s を作成できません"
-#: plugins/sudoers/iolog_path.c:247 plugins/sudoers/sudoers.c:357
+#: plugins/sudoers/iolog_path.c:256 plugins/sudoers/sudoers.c:373
#, c-format
msgid "unable to set locale to \"%s\", using \"C\""
msgstr "ロケールを \"%s\" に設定できません。 \"C\" を使用します"
-#: plugins/sudoers/ldap.c:368
+#: plugins/sudoers/ldap.c:378
#, c-format
msgid "sudo_ldap_conf_add_ports: port too large"
msgstr "sudo_ldap_conf_add_ports: ポートが大きすぎます"
-#: plugins/sudoers/ldap.c:391
+#: plugins/sudoers/ldap.c:401
#, c-format
msgid "sudo_ldap_conf_add_ports: out of space expanding hostbuf"
msgstr "sudo_ldap_conf_add_ports: hostbuf を拡張中にメモリ空間が不足しました"
-#: plugins/sudoers/ldap.c:420
+#: plugins/sudoers/ldap.c:431
#, c-format
msgid "unsupported LDAP uri type: %s"
msgstr "サポートされてない LDAP URI タイプです: %s"
-#: plugins/sudoers/ldap.c:449
+#: plugins/sudoers/ldap.c:460
#, c-format
msgid "invalid uri: %s"
msgstr "無効な URI です: %s"
-#: plugins/sudoers/ldap.c:455
+#: plugins/sudoers/ldap.c:466
#, c-format
msgid "unable to mix ldap and ldaps URIs"
msgstr "ldap と ldaps の URI を混ぜて使用できません"
-#: plugins/sudoers/ldap.c:459
+#: plugins/sudoers/ldap.c:470
#, c-format
msgid "unable to mix ldaps and starttls"
msgstr "ldaps と starttls を混ぜて使用できません"
-#: plugins/sudoers/ldap.c:478
+#: plugins/sudoers/ldap.c:489
#, c-format
msgid "sudo_ldap_parse_uri: out of space building hostbuf"
msgstr "sudo_ldap_parse_uri: hostbuf を構築中にメモリ空間が不足しました"
-#: plugins/sudoers/ldap.c:541
+#: plugins/sudoers/ldap.c:563
#, c-format
msgid "unable to initialize SSL cert and key db: %s"
msgstr "SSL 証明書と鍵データベースを初期化できません: %s"
-#: plugins/sudoers/ldap.c:937
+#: plugins/sudoers/ldap.c:566
+#, c-format
+msgid "you must set TLS_CERT in %s to use SSL"
+msgstr "SSL を使用するためには %s の中の TLS_CERT を設定する必要があります"
+
+#: plugins/sudoers/ldap.c:973
#, c-format
msgid "unable to get GMT time"
msgstr "GMT 時刻を取得できません"
-#: plugins/sudoers/ldap.c:943
+#: plugins/sudoers/ldap.c:979
#, c-format
msgid "unable to format timestamp"
msgstr "タイムスタンプを書式整形できません"
-#: plugins/sudoers/ldap.c:951
+#: plugins/sudoers/ldap.c:987
#, c-format
msgid "unable to build time filter"
msgstr "時刻フィルターを構築できません"
-#: plugins/sudoers/ldap.c:1052
+#: plugins/sudoers/ldap.c:1202
#, c-format
msgid "sudo_ldap_build_pass1 allocation mismatch"
msgstr "sudo_ldap_build_pass1 配置が一致しません"
-#: plugins/sudoers/ldap.c:1562
+#: plugins/sudoers/ldap.c:1738
#, c-format
msgid ""
"\n"
"\n"
"LDAP 役割: %s\n"
-#: plugins/sudoers/ldap.c:1564
+#: plugins/sudoers/ldap.c:1740
#, c-format
msgid ""
"\n"
"\n"
"LDAP 役割: 不明\n"
-#: plugins/sudoers/ldap.c:1611
+#: plugins/sudoers/ldap.c:1787
#, c-format
msgid " Order: %s\n"
msgstr " Order: %s\n"
-#: plugins/sudoers/ldap.c:1619
+#: plugins/sudoers/ldap.c:1795
#, c-format
msgid " Commands:\n"
msgstr " コマンド:\n"
-#: plugins/sudoers/ldap.c:2006
+#: plugins/sudoers/ldap.c:2216
#, c-format
msgid "unable to initialize LDAP: %s"
msgstr "LDAP を初期化できません: %s"
-#: plugins/sudoers/ldap.c:2037
+#: plugins/sudoers/ldap.c:2250
#, c-format
msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
msgstr "start_tls が指定されていますが、LDAP ライブラリが ldap_start_tls_s() または ldap_start_tls_s_np() をサポートしていません"
-#: plugins/sudoers/ldap.c:2268
+#: plugins/sudoers/ldap.c:2486
#, c-format
msgid "invalid sudoOrder attribute: %s"
msgstr "無効な sudoOrder 属性です: %s"
-#: plugins/sudoers/linux_audit.c:55
+#: plugins/sudoers/linux_audit.c:57
#, c-format
msgid "unable to open audit system"
msgstr "監査システムを開くことができません"
-#: plugins/sudoers/linux_audit.c:79
+#: plugins/sudoers/linux_audit.c:82
#, c-format
msgid "internal error, linux_audit_command() overflow"
msgstr "内部エラー、linux_audit_command() がオーバーフローしました"
-#: plugins/sudoers/linux_audit.c:88
+#: plugins/sudoers/linux_audit.c:91
#, c-format
msgid "unable to send audit message"
msgstr "監査メッセージを送ることができません"
-#: plugins/sudoers/logging.c:192
+#: plugins/sudoers/logging.c:198
#, c-format
msgid "unable to open log file: %s: %s"
msgstr "ログファイルを開けません: %s: %s"
-#: plugins/sudoers/logging.c:195
+#: plugins/sudoers/logging.c:201
#, c-format
msgid "unable to lock log file: %s: %s"
msgstr "ログファイルをロックできません: %s: %s"
-#: plugins/sudoers/logging.c:249
+#: plugins/sudoers/logging.c:256
msgid "user NOT in sudoers"
msgstr "ユーザーが sudoers 内にありません"
-#: plugins/sudoers/logging.c:251
+#: plugins/sudoers/logging.c:258
msgid "user NOT authorized on host"
msgstr "ホスト上でユーザーが認証されていません"
-#: plugins/sudoers/logging.c:253
+#: plugins/sudoers/logging.c:260
msgid "command not allowed"
msgstr "コマンドが許可されていません"
-#: plugins/sudoers/logging.c:263
+#: plugins/sudoers/logging.c:270
#, c-format
msgid "%s is not in the sudoers file. This incident will be reported.\n"
msgstr "%s は sudoers ファイル内にありません。この事象は記録・報告されます。\n"
-#: plugins/sudoers/logging.c:266
+#: plugins/sudoers/logging.c:273
#, c-format
msgid "%s is not allowed to run sudo on %s. This incident will be reported.\n"
msgstr "%s は %s 上で sudo を実行することを許可されていません。この事象は記録・報告されます。\n"
-#: plugins/sudoers/logging.c:270
+#: plugins/sudoers/logging.c:277
#, c-format
msgid "Sorry, user %s may not run sudo on %s.\n"
msgstr "ユーザー %s は %s 上で sudo を実行できません。すみません。\n"
-#: plugins/sudoers/logging.c:273
+#: plugins/sudoers/logging.c:280
#, c-format
msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
msgstr "ユーザー %s は'%s%s%s' を %s%s%s として %s 上で実行することは許可されていません。すみません。\n"
-#: plugins/sudoers/logging.c:408
+#: plugins/sudoers/logging.c:447
#, c-format
msgid "unable to fork"
msgstr "fork できません"
-#: plugins/sudoers/logging.c:415 plugins/sudoers/logging.c:472
+#: plugins/sudoers/logging.c:454 plugins/sudoers/logging.c:516
#, c-format
msgid "unable to fork: %m"
msgstr "fork できません: %m"
-#: plugins/sudoers/logging.c:465
+#: plugins/sudoers/logging.c:506
#, c-format
msgid "unable to open pipe: %m"
msgstr "パイプを開けません: %m"
-#: plugins/sudoers/logging.c:484
+#: plugins/sudoers/logging.c:531
#, c-format
msgid "unable to dup stdin: %m"
msgstr "標準入力を複製できません: %m"
-#: plugins/sudoers/logging.c:518
+#: plugins/sudoers/logging.c:567
#, c-format
msgid "unable to execute %s: %m"
msgstr "%s を実行できません: %m"
-#: plugins/sudoers/logging.c:728
+#: plugins/sudoers/logging.c:782
#, c-format
msgid "internal error: insufficient space for log line"
msgstr "内部エラー: ログの行に十分な空間がありません"
-#: plugins/sudoers/parse.c:115
+#: plugins/sudoers/parse.c:123
#, c-format
msgid "parse error in %s near line %d"
msgstr "%s 内 %d 行付近で構文解析エラーが発生しました"
-#: plugins/sudoers/parse.c:371
+#: plugins/sudoers/parse.c:126
+#, c-format
+msgid "parse error in %s"
+msgstr "%s 内で構文解析エラーが発生しました"
+
+#: plugins/sudoers/parse.c:389
#, c-format
msgid ""
"\n"
"\n"
"sudoers 項目:\n"
-#: plugins/sudoers/parse.c:373
+#: plugins/sudoers/parse.c:391
#, c-format
msgid " RunAsUsers: "
msgstr " RunAsUsers: "
-#: plugins/sudoers/parse.c:388
+#: plugins/sudoers/parse.c:406
#, c-format
msgid " RunAsGroups: "
msgstr " RunAsGroups: "
-#: plugins/sudoers/parse.c:397
+#: plugins/sudoers/parse.c:415
#, c-format
msgid ""
" Commands:\n"
msgid ": "
msgstr ": "
-#: plugins/sudoers/pwutil.c:251
+#: plugins/sudoers/pwutil.c:260
#, c-format
msgid "unable to cache uid %u (%s), already exists"
msgstr "ユーザーID %u (%s) をキャッシュできません。すでに存在します"
-#: plugins/sudoers/pwutil.c:259
+#: plugins/sudoers/pwutil.c:268
#, c-format
msgid "unable to cache uid %u, already exists"
msgstr "ユーザーID %u をキャッシュできません。すでに存在します"
-#: plugins/sudoers/pwutil.c:295 plugins/sudoers/pwutil.c:304
+#: plugins/sudoers/pwutil.c:305 plugins/sudoers/pwutil.c:314
#, c-format
msgid "unable to cache user %s, already exists"
msgstr "ユーザー %s をキャッシュできません。すでに存在します"
-#: plugins/sudoers/pwutil.c:607
+#: plugins/sudoers/pwutil.c:653
#, c-format
msgid "unable to cache gid %u (%s), already exists"
msgstr "グループID %u (%s) をキャッシュできません。すでに存在します"
-#: plugins/sudoers/pwutil.c:615
+#: plugins/sudoers/pwutil.c:661
#, c-format
msgid "unable to cache gid %u, already exists"
msgstr "グループID %u をキャッシュできません。すでに存在します"
-#: plugins/sudoers/pwutil.c:644 plugins/sudoers/pwutil.c:653
+#: plugins/sudoers/pwutil.c:691 plugins/sudoers/pwutil.c:700
#, c-format
msgid "unable to cache group %s, already exists"
msgstr "グループ %s をキャッシュできません。すでに存在します"
-#: plugins/sudoers/set_perms.c:109 plugins/sudoers/set_perms.c:358
-#: plugins/sudoers/set_perms.c:590 plugins/sudoers/set_perms.c:824
+#: plugins/sudoers/set_perms.c:122 plugins/sudoers/set_perms.c:436
+#: plugins/sudoers/set_perms.c:828 plugins/sudoers/set_perms.c:1114
+#: plugins/sudoers/set_perms.c:1396
msgid "perm stack overflow"
msgstr "perm スタックがオーバーフローしました"
-#: plugins/sudoers/set_perms.c:117 plugins/sudoers/set_perms.c:366
-#: plugins/sudoers/set_perms.c:598 plugins/sudoers/set_perms.c:832
+#: plugins/sudoers/set_perms.c:130 plugins/sudoers/set_perms.c:444
+#: plugins/sudoers/set_perms.c:836 plugins/sudoers/set_perms.c:1122
+#: plugins/sudoers/set_perms.c:1404
msgid "perm stack underflow"
msgstr "perm スタックがアンダーフローしました"
-#: plugins/sudoers/set_perms.c:223 plugins/sudoers/set_perms.c:458
-#: plugins/sudoers/set_perms.c:695
+#: plugins/sudoers/set_perms.c:270 plugins/sudoers/set_perms.c:580
+#: plugins/sudoers/set_perms.c:957 plugins/sudoers/set_perms.c:1243
msgid "unable to change to runas gid"
msgstr "実行するためのグループIDに変更できません"
-#: plugins/sudoers/set_perms.c:231 plugins/sudoers/set_perms.c:465
-#: plugins/sudoers/set_perms.c:702
+#: plugins/sudoers/set_perms.c:282 plugins/sudoers/set_perms.c:592
+#: plugins/sudoers/set_perms.c:967 plugins/sudoers/set_perms.c:1253
msgid "unable to change to runas uid"
msgstr "実行するためのユーザーIDに変更できません"
-#: plugins/sudoers/set_perms.c:245 plugins/sudoers/set_perms.c:478
-#: plugins/sudoers/set_perms.c:715
-#, c-format
+#: plugins/sudoers/set_perms.c:300 plugins/sudoers/set_perms.c:610
+#: plugins/sudoers/set_perms.c:983 plugins/sudoers/set_perms.c:1269
msgid "unable to change to sudoers gid"
msgstr "sudoers のグループIDへ変更できません"
-#: plugins/sudoers/set_perms.c:286 plugins/sudoers/set_perms.c:516
-#: plugins/sudoers/set_perms.c:753 plugins/sudoers/set_perms.c:893
+#: plugins/sudoers/set_perms.c:353 plugins/sudoers/set_perms.c:681
+#: plugins/sudoers/set_perms.c:1029 plugins/sudoers/set_perms.c:1315
+#: plugins/sudoers/set_perms.c:1474
msgid "too many processes"
msgstr "プロセスが多すぎます"
-#: plugins/sudoers/set_perms.c:955
+#: plugins/sudoers/set_perms.c:1542
msgid "unable to set runas group vector"
msgstr "グループベクトルを実行するためのものに変更できません"
-#: plugins/sudoers/sudo_nss.c:238
+#: plugins/sudoers/sudo_nss.c:243
#, c-format
msgid "Matching Defaults entries for %s on this host:\n"
msgstr "このホスト上でユーザー %s に一致したデフォルト項目:\n"
-#: plugins/sudoers/sudo_nss.c:251
+#: plugins/sudoers/sudo_nss.c:256
#, c-format
msgid "Runas and Command-specific defaults for %s:\n"
msgstr "ユーザー %s 用の Runas およびコマンド特有のデフォルト:\n"
-#: plugins/sudoers/sudo_nss.c:264
+#: plugins/sudoers/sudo_nss.c:269
#, c-format
msgid "User %s may run the following commands on this host:\n"
msgstr "ユーザー %s は次のコマンドをこのホスト上で実行できます:\n"
-#: plugins/sudoers/sudo_nss.c:274
+#: plugins/sudoers/sudo_nss.c:279
#, c-format
msgid "User %s is not allowed to run sudo on %s.\n"
msgstr "ユーザー %s は %s 上で sudo を実行することを許可されていません。\n"
-#: plugins/sudoers/sudoers.c:199 plugins/sudoers/sudoers.c:234
-#: plugins/sudoers/sudoers.c:911
+#: plugins/sudoers/sudoers.c:208 plugins/sudoers/sudoers.c:239
+#: plugins/sudoers/sudoers.c:958
msgid "problem with defaults entries"
msgstr "デフォルト項目で問題が発生しました"
-#: plugins/sudoers/sudoers.c:203
+#: plugins/sudoers/sudoers.c:212
#, c-format
msgid "no valid sudoers sources found, quitting"
msgstr "有効な sudoers のソースが見つかりません。終了します"
-#: plugins/sudoers/sudoers.c:257
+#: plugins/sudoers/sudoers.c:264
#, c-format
msgid "unable to execute %s: %s"
msgstr "%s を実行できません: %s"
-#: plugins/sudoers/sudoers.c:306
+#: plugins/sudoers/sudoers.c:322
#, c-format
msgid "sudoers specifies that root is not allowed to sudo"
msgstr "sudoers の指定により root が sudo を使用することは禁止されています"
-#: plugins/sudoers/sudoers.c:313
+#: plugins/sudoers/sudoers.c:329
#, c-format
msgid "you are not permitted to use the -C option"
msgstr "-C オプションを使用することは許可されていません"
-#: plugins/sudoers/sudoers.c:403
+#: plugins/sudoers/sudoers.c:422
#, c-format
msgid "timestamp owner (%s): No such user"
msgstr "タイムスタンプの所有者 (%s): そのようなユーザーはありません"
-#: plugins/sudoers/sudoers.c:419
+#: plugins/sudoers/sudoers.c:438
msgid "no tty"
msgstr "tty がありません"
-#: plugins/sudoers/sudoers.c:420
+#: plugins/sudoers/sudoers.c:439
#, c-format
msgid "sorry, you must have a tty to run sudo"
msgstr "sudo を実行するには tty がなければいけません。すみません"
-#: plugins/sudoers/sudoers.c:463
+#: plugins/sudoers/sudoers.c:478
msgid "No user or host"
msgstr "ユーザーまたはホストがありません"
-#: plugins/sudoers/sudoers.c:477 plugins/sudoers/sudoers.c:498
-#: plugins/sudoers/sudoers.c:499 plugins/sudoers/sudoers.c:1465
-#: plugins/sudoers/sudoers.c:1466
+#: plugins/sudoers/sudoers.c:492 plugins/sudoers/sudoers.c:513
+#: plugins/sudoers/sudoers.c:514 plugins/sudoers/sudoers.c:1522
+#: plugins/sudoers/sudoers.c:1523
#, c-format
msgid "%s: command not found"
msgstr "%s: コマンドが見つかりません"
-#: plugins/sudoers/sudoers.c:479 plugins/sudoers/sudoers.c:495
+#: plugins/sudoers/sudoers.c:494 plugins/sudoers/sudoers.c:510
#, c-format
msgid ""
"ignoring `%s' found in '.'\n"
"'.' 内で見つかった `%1$s' を無視します\n"
"この `%3$s' を実行したい場合は `sudo ./%2$s' を使用してください。"
-#: plugins/sudoers/sudoers.c:484
+#: plugins/sudoers/sudoers.c:499
msgid "validation failure"
msgstr "検証に失敗しました"
-#: plugins/sudoers/sudoers.c:494
+#: plugins/sudoers/sudoers.c:509
msgid "command in current directory"
-msgstr "ã\82³ã\83\9eã\83³ã\83\89ã\81\8cã\82«ã\83¬ã\83³ã\83\88ã\83\87ã\82£ã\83¬ã\82¯ã\83\88ã\83ªã\83¼ã\81«ã\81\82ã\82\8aã\81¾ã\81\99"
+msgstr "コマンドがカレントディレクトリにあります"
-#: plugins/sudoers/sudoers.c:506
+#: plugins/sudoers/sudoers.c:521
#, c-format
msgid "sorry, you are not allowed to preserve the environment"
msgstr "あなたは環境変数を保護することを許可されていません。すみません"
-#: plugins/sudoers/sudoers.c:894
-#, c-format
-msgid "internal error, set_cmnd() overflow"
-msgstr "内部エラー、set_cmnd() がオーバーフローしました"
-
-#: plugins/sudoers/sudoers.c:936
-#, c-format
-msgid "fixed mode on %s"
-msgstr "%s のアクセス権限のモードを修正しました"
-
-#: plugins/sudoers/sudoers.c:940
+#: plugins/sudoers/sudoers.c:681 plugins/sudoers/sudoers.c:688
#, c-format
-msgid "set group on %s"
-msgstr "%s のグループを設定しました"
+msgid "internal error, runas_groups overflow"
+msgstr "内部エラー、runas_groups がオーバーフローしました"
-#: plugins/sudoers/sudoers.c:943
+#: plugins/sudoers/sudoers.c:941
#, c-format
-msgid "unable to set group on %s"
-msgstr "%s のグループを設定できません"
-
-#: plugins/sudoers/sudoers.c:946
-#, c-format
-msgid "unable to fix mode on %s"
-msgstr "%s のアクセス権限のモードを修正できません"
+msgid "internal error, set_cmnd() overflow"
+msgstr "内部エラー、set_cmnd() がオーバーフローしました"
-#: plugins/sudoers/sudoers.c:959
+#: plugins/sudoers/sudoers.c:1001
#, c-format
msgid "%s is not a regular file"
msgstr "%s は通常ファイルではありません"
-#: plugins/sudoers/sudoers.c:961
-#, c-format
-msgid "%s is mode 0%o, should be 0%o"
-msgstr "%s のアクセス権限のモードは 0%o です。これは 0%o であるべきです"
-
-#: plugins/sudoers/sudoers.c:965
+#: plugins/sudoers/sudoers.c:1004 toke.l:829
#, c-format
msgid "%s is owned by uid %u, should be %u"
msgstr "%s はユーザーID %u によって所有されています。これは %u であるべきです"
-#: plugins/sudoers/sudoers.c:968
+#: plugins/sudoers/sudoers.c:1008 toke.l:836
+#, c-format
+msgid "%s is world writable"
+msgstr "%s は誰でも書き込み可能です"
+
+#: plugins/sudoers/sudoers.c:1011 toke.l:841
#, c-format
msgid "%s is owned by gid %u, should be %u"
msgstr "%s のグループIDは %u になっています。これは %u であるべきです"
-#: plugins/sudoers/sudoers.c:1012
+#: plugins/sudoers/sudoers.c:1038
#, c-format
msgid "only root can use `-c %s'"
msgstr "root のみ `-c %s' を使用できます"
-#: plugins/sudoers/sudoers.c:1022
+#: plugins/sudoers/sudoers.c:1055 plugins/sudoers/sudoers.c:1057
#, c-format
msgid "unknown login class: %s"
msgstr "不明なログインクラスです: %s"
-#: plugins/sudoers/sudoers.c:1056
+#: plugins/sudoers/sudoers.c:1084
#, c-format
msgid "unable to resolve host %s"
msgstr "ホスト %s の名前解決ができません"
-#: plugins/sudoers/sudoers.c:1106 plugins/sudoers/testsudoers.c:351
+#: plugins/sudoers/sudoers.c:1136 plugins/sudoers/testsudoers.c:380
#, c-format
msgid "unknown group: %s"
msgstr "不明なグループです: %s"
-#: plugins/sudoers/sudoers.c:1150
+#: plugins/sudoers/sudoers.c:1185
#, c-format
msgid "Sudoers policy plugin version %s\n"
msgstr "sudoers ポリシープラグイン バージョン %s\n"
-#: plugins/sudoers/sudoers.c:1152
+#: plugins/sudoers/sudoers.c:1187
#, c-format
msgid "Sudoers file grammar version %d\n"
msgstr "sudoers ファイル文法バージョン %d\n"
-#: plugins/sudoers/sudoers.c:1156
+#: plugins/sudoers/sudoers.c:1191
#, c-format
msgid ""
"\n"
"\n"
"sudoers のパス: %s\n"
-#: plugins/sudoers/sudoers.c:1159
+#: plugins/sudoers/sudoers.c:1194
#, c-format
msgid "nsswitch path: %s\n"
msgstr "nsswitch のパス: %s\n"
-#: plugins/sudoers/sudoers.c:1161
+#: plugins/sudoers/sudoers.c:1196
#, c-format
msgid "ldap.conf path: %s\n"
msgstr "ldap.conf のパス: %s\n"
-#: plugins/sudoers/sudoers.c:1162
+#: plugins/sudoers/sudoers.c:1197
#, c-format
msgid "ldap.secret path: %s\n"
msgstr "ldap.secret のパス: %s\n"
-#: plugins/sudoers/sudoreplay.c:265
+#: plugins/sudoers/sudoreplay.c:291
#, c-format
msgid "invalid filter option: %s"
msgstr "無効なフィルターオプションです: %s"
-#: plugins/sudoers/sudoreplay.c:278
+#: plugins/sudoers/sudoreplay.c:304
#, c-format
msgid "invalid max wait: %s"
msgstr "無効な最大待機時間です: %s"
-#: plugins/sudoers/sudoreplay.c:284
+#: plugins/sudoers/sudoreplay.c:310
#, c-format
msgid "invalid speed factor: %s"
msgstr "無効な speed_factor の値です: %s"
-#: plugins/sudoers/sudoreplay.c:287 plugins/sudoers/visudo.c:174
+#: plugins/sudoers/sudoreplay.c:313 plugins/sudoers/visudo.c:187
#, c-format
msgid "%s version %s\n"
msgstr "%s バージョン %s\n"
-#: plugins/sudoers/sudoreplay.c:310
+#: plugins/sudoers/sudoreplay.c:338
#, c-format
msgid "%s/%.2s/%.2s/%.2s/timing: %s"
msgstr "%s/%.2s/%.2s/%.2s/タイミング: %s"
-#: plugins/sudoers/sudoreplay.c:316
+#: plugins/sudoers/sudoreplay.c:344
#, c-format
msgid "%s/%s/timing: %s"
msgstr "%s/%s/タイミング: %s"
-#: plugins/sudoers/sudoreplay.c:341
+#: plugins/sudoers/sudoreplay.c:362
#, c-format
-msgid "invalid log file %s"
-msgstr "ã\83ã\82°ã\83\95ã\82¡ã\82¤ã\83« %s ã\81¯ç\84¡å\8a¹ã\81§ã\81\99"
+msgid "Replaying sudo session: %s\n"
+msgstr "ã\83ªã\83\97ã\83¬ã\82¤ã\81\99ã\82\8b sudo ã\82»ã\83\83ã\82·ã\83§ã\83³: %s\n"
-#: plugins/sudoers/sudoreplay.c:343
+#: plugins/sudoers/sudoreplay.c:368
#, c-format
-msgid "Replaying sudo session: %s"
-msgstr "リプレイする sudo セッション: %s"
+msgid "Warning: your terminal is too small to properly replay the log.\n"
+msgstr "警告: ログをきちんとリプレイするには端末が小さすぎます。\n"
#: plugins/sudoers/sudoreplay.c:369
#, c-format
+msgid "Log geometry is %d x %d, your terminal's geometry is %d x %d."
+msgstr "ログの大きさは %d x %d で、端末の大きさは %d x %d です。"
+
+#: plugins/sudoers/sudoreplay.c:399
+#, c-format
msgid "unable to set tty to raw mode"
msgstr "tty を raw モードに設定できません"
-#: plugins/sudoers/sudoreplay.c:383
+#: plugins/sudoers/sudoreplay.c:412
#, c-format
msgid "invalid timing file line: %s"
msgstr "無効なタイミングファイルの行です: %s"
-#: plugins/sudoers/sudoreplay.c:425
+#: plugins/sudoers/sudoreplay.c:454
#, c-format
msgid "writing to standard output"
msgstr "標準出力に書き込んでいます"
-#: plugins/sudoers/sudoreplay.c:455
+#: plugins/sudoers/sudoreplay.c:486
#, c-format
msgid "nanosleep: tv_sec %ld, tv_nsec %ld"
msgstr "nanosleep: tv_sec %ld, tv_nsec %ld"
-#: plugins/sudoers/sudoreplay.c:503 plugins/sudoers/sudoreplay.c:528
+#: plugins/sudoers/sudoreplay.c:535 plugins/sudoers/sudoreplay.c:560
#, c-format
msgid "ambiguous expression \"%s\""
msgstr "曖昧な式 \"%s です\""
-#: plugins/sudoers/sudoreplay.c:545
+#: plugins/sudoers/sudoreplay.c:577
#, c-format
msgid "too many parenthesized expressions, max %d"
msgstr "式内の小括弧のくくりが多すぎます。最大は %d です。"
-#: plugins/sudoers/sudoreplay.c:556
+#: plugins/sudoers/sudoreplay.c:588
#, c-format
msgid "unmatched ')' in expression"
msgstr "式内で ')' が不一致です"
-#: plugins/sudoers/sudoreplay.c:562
+#: plugins/sudoers/sudoreplay.c:594
#, c-format
msgid "unknown search term \"%s\""
msgstr "不明な検索語 \"%s\" です"
-#: plugins/sudoers/sudoreplay.c:576
+#: plugins/sudoers/sudoreplay.c:608
#, c-format
msgid "%s requires an argument"
msgstr "%s は引数が必要です"
-#: plugins/sudoers/sudoreplay.c:580
+#: plugins/sudoers/sudoreplay.c:612
#, c-format
msgid "invalid regular expression: %s"
msgstr "無効な正規表現です: %s"
-#: plugins/sudoers/sudoreplay.c:586
+#: plugins/sudoers/sudoreplay.c:618
#, c-format
msgid "could not parse date \"%s\""
msgstr "日付 \"%s\" を構文解析できませんでした"
-#: plugins/sudoers/sudoreplay.c:599
+#: plugins/sudoers/sudoreplay.c:631
#, c-format
msgid "unmatched '(' in expression"
msgstr "式内で '(' が不一致です"
-#: plugins/sudoers/sudoreplay.c:601
+#: plugins/sudoers/sudoreplay.c:633
#, c-format
msgid "illegal trailing \"or\""
msgstr "末尾に \"or\" を配置できません"
-#: plugins/sudoers/sudoreplay.c:603
+#: plugins/sudoers/sudoreplay.c:635
#, c-format
msgid "illegal trailing \"!\""
msgstr "末尾に \"!\" を配置できません"
-#: plugins/sudoers/sudoreplay.c:819
+#: plugins/sudoers/sudoreplay.c:942
#, c-format
msgid "invalid regex: %s"
msgstr "無効な正規表現です: %s"
-#: plugins/sudoers/sudoreplay.c:941
+#: plugins/sudoers/sudoreplay.c:1066
#, c-format
msgid "usage: %s [-h] [-d directory] [-m max_wait] [-s speed_factor] ID\n"
msgstr "使用法: %s [-h] [-d directory] [-m max_wait] [-s speed_factor] ID\n"
-#: plugins/sudoers/sudoreplay.c:944
+#: plugins/sudoers/sudoreplay.c:1069
#, c-format
msgid "usage: %s [-h] [-d directory] -l [search expression]\n"
msgstr "使用法: %s [-h] [-d directory] -l [search expression]\n"
-#: plugins/sudoers/sudoreplay.c:953
+#: plugins/sudoers/sudoreplay.c:1078
#, c-format
msgid ""
"%s - replay sudo session logs\n"
"%s - sudo セッションログをリプレイします\n"
"\n"
-#: plugins/sudoers/sudoreplay.c:955
+#: plugins/sudoers/sudoreplay.c:1080
msgid ""
"\n"
"Options:\n"
msgstr ""
"\n"
"オプション:\n"
-" -d directory ã\82»ã\83\83ã\82·ã\83§ã\83³ã\83ã\82°ã\81®ã\83\87ã\82£ã\83¬ã\82¯ã\83\88ã\83ªã\83¼ã\82\92æ\8c\87å®\9aã\81\99ã\82\8b\n"
+" -d directory セッションログのディレクトリを指定する\n"
" -f filter 表示する I/O タイプを指定する\n"
" -h ヘルプメッセージを表示して終了する\n"
" -l [expression] expression に一致する使用可能なセッションID\n"
" -s speed_factor 出力速度を速くする、または遅くする\n"
" -V バージョン情報を表示して終了する"
-#: plugins/sudoers/testsudoers.c:230
+#: plugins/sudoers/testsudoers.c:246
#, c-format
msgid "internal error, init_vars() overflow"
msgstr "内部エラー、init_vars() がオーバーフローしました"
-#: plugins/sudoers/testsudoers.c:309
+#: plugins/sudoers/testsudoers.c:331
msgid "\thost unmatched"
msgstr "\tホストが一致しません"
-#: plugins/sudoers/testsudoers.c:312
+#: plugins/sudoers/testsudoers.c:334
msgid ""
"\n"
"Command allowed"
"\n"
"コマンドが許可されました"
-#: plugins/sudoers/testsudoers.c:313
+#: plugins/sudoers/testsudoers.c:335
msgid ""
"\n"
"Command denied"
"\n"
"コマンドが拒否されました"
-#: plugins/sudoers/testsudoers.c:313
+#: plugins/sudoers/testsudoers.c:335
msgid ""
"\n"
"Command unmatched"
"\n"
"コマンドが一致しませんでした"
-#: toke.l:667 toke.l:793 toke.l:818 toke.l:904 plugins/sudoers/toke_util.c:111
-#: plugins/sudoers/toke_util.c:163 plugins/sudoers/toke_util.c:202
-msgid "unable to allocate memory"
-msgstr "メモリ割り当てを行えませんでした"
-
-#: toke.l:786
-msgid "too many levels of includes"
-msgstr "インクルードの階層が大きすぎます"
-
-#: plugins/sudoers/toke_util.c:213
+#: plugins/sudoers/toke_util.c:218
msgid "fill_args: buffer overflow"
msgstr "fill_args: バッファオーバーフローが発生しました"
-#: plugins/sudoers/visudo.c:175
+#: plugins/sudoers/visudo.c:188
#, c-format
msgid "%s grammar version %d\n"
msgstr "%s 文法バージョン %d\n"
-#: plugins/sudoers/visudo.c:208 plugins/sudoers/auth/rfc1938.c:103
-#, c-format
-msgid "you do not exist in the %s database"
-msgstr "あなたは %s データベース内に存在しません"
-
-#: plugins/sudoers/visudo.c:238 plugins/sudoers/visudo.c:518
+#: plugins/sudoers/visudo.c:252 plugins/sudoers/visudo.c:538
#, c-format
msgid "press return to edit %s: "
msgstr "%s を編集するためにリターンを押してください: "
-#: plugins/sudoers/visudo.c:320 plugins/sudoers/visudo.c:326
+#: plugins/sudoers/visudo.c:335 plugins/sudoers/visudo.c:341
#, c-format
msgid "write error"
msgstr "書き込みエラーです"
-#: plugins/sudoers/visudo.c:408
+#: plugins/sudoers/visudo.c:423
#, c-format
msgid "unable to stat temporary file (%s), %s unchanged"
msgstr "一時ファイル (%s) の状態取得 (stat) ができません。%s は変更されません"
-#: plugins/sudoers/visudo.c:413
+#: plugins/sudoers/visudo.c:428
#, c-format
msgid "zero length temporary file (%s), %s unchanged"
msgstr "一時ファイル (%s) の大きさが 0 です。%s は変更されません"
-#: plugins/sudoers/visudo.c:419
+#: plugins/sudoers/visudo.c:434
#, c-format
msgid "editor (%s) failed, %s unchanged"
msgstr "エディター (%s) が異常終了しました。%s は変更されません"
-#: plugins/sudoers/visudo.c:442
+#: plugins/sudoers/visudo.c:457
#, c-format
msgid "%s unchanged"
msgstr "%s は変更されません"
-#: plugins/sudoers/visudo.c:466
+#: plugins/sudoers/visudo.c:483
#, c-format
msgid "unable to re-open temporary file (%s), %s unchanged."
msgstr "一時ファイル (%s) を再度開くことができません。%s は変更されません。"
-#: plugins/sudoers/visudo.c:476
+#: plugins/sudoers/visudo.c:493
#, c-format
msgid "unabled to parse temporary file (%s), unknown error"
msgstr "一時ファイル (%s) の構文解析ができません。不明なエラーです"
-#: plugins/sudoers/visudo.c:511
+#: plugins/sudoers/visudo.c:531
#, c-format
msgid "internal error, unable to find %s in list!"
msgstr "内部エラー、リスト内に %s が見つかりません!"
-#: plugins/sudoers/visudo.c:546 plugins/sudoers/visudo.c:555
+#: plugins/sudoers/visudo.c:583 plugins/sudoers/visudo.c:592
#, c-format
msgid "unable to set (uid, gid) of %s to (%u, %u)"
msgstr "%s の (ユーザーID, グループID) を (%u, %u) に設定できません"
-#: plugins/sudoers/visudo.c:550 plugins/sudoers/visudo.c:560
+#: plugins/sudoers/visudo.c:587 plugins/sudoers/visudo.c:597
#, c-format
msgid "unable to change mode of %s to 0%o"
msgstr "%s のアクセス権限のモードを 0%o に変更できません"
-#: plugins/sudoers/visudo.c:577
+#: plugins/sudoers/visudo.c:614
#, c-format
msgid "%s and %s not on the same file system, using mv to rename"
msgstr "%s と %s は同じファイルシステム上にありません。名前を変更するために mv を使用しています"
-#: plugins/sudoers/visudo.c:591
+#: plugins/sudoers/visudo.c:628
#, c-format
msgid "command failed: '%s %s %s', %s unchanged"
msgstr "コマンドの失敗です: '%s %s %s'。%s は変更されません"
-#: plugins/sudoers/visudo.c:601
+#: plugins/sudoers/visudo.c:638
#, c-format
msgid "error renaming %s, %s unchanged"
msgstr "%s の名前変更に失敗しました。%s は変更されません"
-#: plugins/sudoers/visudo.c:661
+#: plugins/sudoers/visudo.c:701
msgid "What now? "
msgstr "次は何でしょうか? "
-#: plugins/sudoers/visudo.c:675
+#: plugins/sudoers/visudo.c:715
msgid ""
"Options are:\n"
" (e)dit sudoers file again\n"
" x -- sudoers ファイルへの変更を保存せずに終了します\n"
" Q -- sudoers ファイルへの変更を保存して終了します (*危険です!*)\n"
-#: plugins/sudoers/visudo.c:712
+#: plugins/sudoers/visudo.c:756
#, c-format
msgid "unable to execute %s"
msgstr "%s を実行できません"
-#: plugins/sudoers/visudo.c:719
+#: plugins/sudoers/visudo.c:763
#, c-format
msgid "unable to run %s"
msgstr "%s を実行できません"
-#: plugins/sudoers/visudo.c:750
+#: plugins/sudoers/visudo.c:789
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr "%s: 所有権に誤りがあります。(ユーザーID, グループID) は (%u, %u) であるべきです\n"
+
+#: plugins/sudoers/visudo.c:796
+#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr "%s: アクセス権限に誤りがあります。モードは 0%o であるべきです\n"
+
+#: plugins/sudoers/visudo.c:821
#, c-format
msgid "failed to parse %s file, unknown error"
msgstr "%s ファイルの構文解析に失敗しました。不明なエラーです"
-#: plugins/sudoers/visudo.c:762
+#: plugins/sudoers/visudo.c:834
#, c-format
msgid "parse error in %s near line %d\n"
msgstr "%s 内 %d 行付近で構文解析エラーが発生しました\n"
-#: plugins/sudoers/visudo.c:765
+#: plugins/sudoers/visudo.c:837
#, c-format
msgid "parse error in %s\n"
msgstr "%s 内で構文解析エラーが発生しました\n"
-#: plugins/sudoers/visudo.c:767
+#: plugins/sudoers/visudo.c:844 plugins/sudoers/visudo.c:849
#, c-format
msgid "%s: parsed OK\n"
msgstr "%s: 正しく構文解析されました\n"
-#: plugins/sudoers/visudo.c:776
-#, c-format
-msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
-msgstr "%s: 所有権に誤りがあります。(ユーザーID, グループID) は (%u, %u) であるべきです\n"
-
-#: plugins/sudoers/visudo.c:783
-#, c-format
-msgid "%s: bad permissions, should be mode 0%o\n"
-msgstr "%s: アクセス権限に誤りがあります。モードは 0%o であるべきです\n"
-
-#: plugins/sudoers/visudo.c:822
+#: plugins/sudoers/visudo.c:896
#, c-format
msgid "%s busy, try again later"
msgstr "%s がビジー状態です。後で再試行してください"
-#: plugins/sudoers/visudo.c:865
+#: plugins/sudoers/visudo.c:940
#, c-format
msgid "specified editor (%s) doesn't exist"
msgstr "指定したエディター (%s) が存在しません"
-#: plugins/sudoers/visudo.c:888
+#: plugins/sudoers/visudo.c:963
#, c-format
msgid "unable to stat editor (%s)"
msgstr "エディター (%s) の状態取得 (stat) ができません"
-#: plugins/sudoers/visudo.c:936
+#: plugins/sudoers/visudo.c:1011
#, c-format
msgid "no editor found (editor path = %s)"
msgstr "エディターが見つかりません (エディターのパス = %s)"
-#: plugins/sudoers/visudo.c:1025
+#: plugins/sudoers/visudo.c:1105
#, c-format
msgid "Error: cycle in %s_Alias `%s'"
msgstr "エラー: %s_Alias `%s' 内に循環があります"
-#: plugins/sudoers/visudo.c:1026
+#: plugins/sudoers/visudo.c:1106
#, c-format
msgid "Warning: cycle in %s_Alias `%s'"
msgstr "警告: %s_Alias `%s' 内に循環があります"
-#: plugins/sudoers/visudo.c:1029
+#: plugins/sudoers/visudo.c:1109
#, c-format
msgid "Error: %s_Alias `%s' referenced but not defined"
msgstr "エラー: %s_Alias `%s' は参照されていますが定義されていません"
-#: plugins/sudoers/visudo.c:1030
+#: plugins/sudoers/visudo.c:1110
#, c-format
msgid "Warning: %s_Alias `%s' referenced but not defined"
msgstr "警告: %s_Alias `%s' は参照されていますが定義されていません"
-#: plugins/sudoers/visudo.c:1167
+#: plugins/sudoers/visudo.c:1245
#, c-format
msgid "%s: unused %s_Alias %s"
msgstr "%s: %s_Alias %s は使用されていません"
-#: plugins/sudoers/visudo.c:1224
+#: plugins/sudoers/visudo.c:1301
#, c-format
msgid ""
"%s - safely edit the sudoers file\n"
"%s - sudoers ファイルを安全に編集する\n"
"\n"
-#: plugins/sudoers/visudo.c:1226
+#: plugins/sudoers/visudo.c:1303
msgid ""
"\n"
"Options:\n"
" -s 厳密な文法検査を行う\n"
" -V バージョン情報を表示して終了する"
-#: plugins/sudoers/auth/bsdauth.c:64
-msgid "unable to begin bsd authentication"
-msgstr "BSD 認証を開始できません"
-
-#: plugins/sudoers/auth/bsdauth.c:71
-msgid "invalid authentication type"
-msgstr "無効な認証タイプです"
-
-#: plugins/sudoers/auth/bsdauth.c:79
-msgid "unable to setup authentication"
-msgstr "認証をセットアップできません"
-
-#: plugins/sudoers/auth/fwtk.c:59
-#, c-format
-msgid "unable to read fwtk config"
-msgstr "fwtk 設定を読み込めません"
-
-#: plugins/sudoers/auth/fwtk.c:64
-#, c-format
-msgid "unable to connect to authentication server"
-msgstr "認証サーバーに接続できません"
-
-#: plugins/sudoers/auth/fwtk.c:70 plugins/sudoers/auth/fwtk.c:93
-#: plugins/sudoers/auth/fwtk.c:126
-#, c-format
-msgid "lost connection to authentication server"
-msgstr "認証サーバーへの接続が失われました"
-
-#: plugins/sudoers/auth/fwtk.c:74
-#, c-format
-msgid ""
-"authentication server error:\n"
-"%s"
-msgstr ""
-"認証サーバーエラーです:\n"
-"%s"
-
-#: plugins/sudoers/auth/kerb5.c:114
-#, c-format
-msgid "%s: unable to parse '%s': %s"
-msgstr "%s: '%s' を構文解析できません: %s"
-
-#: plugins/sudoers/auth/kerb5.c:127
-#, c-format
-msgid "%s: unable to unparse princ ('%s'): %s"
-msgstr "%s: princ ('%s') を符号化できません: %s"
-
-#: plugins/sudoers/auth/kerb5.c:144
-#, c-format
-msgid "%s: unable to resolve ccache: %s"
-msgstr "%s: 資格情報キャッシュ (ccache) を解決できません: %s"
-
-#: plugins/sudoers/auth/kerb5.c:188
-#, c-format
-msgid "%s: unable to allocate options: %s"
-msgstr "%s: オプションを設定できません: %s"
-
-#: plugins/sudoers/auth/kerb5.c:204
-#, c-format
-msgid "%s: unable to get credentials: %s"
-msgstr "%s: 資格情報を取得できません: %s"
-
-#: plugins/sudoers/auth/kerb5.c:217
-#, c-format
-msgid "%s: unable to initialize ccache: %s"
-msgstr "%s: 資格情報キャッシュ (ccache) を初期化できません: %s"
-
-#: plugins/sudoers/auth/kerb5.c:221
-#, c-format
-msgid "%s: unable to store cred in ccache: %s"
-msgstr "%s: 資格情報を資格情報キャッシュ (ccache) 内に保存できません: %s"
-
-#: plugins/sudoers/auth/kerb5.c:284
-#, c-format
-msgid "%s: unable to get host principal: %s"
-msgstr "%s: ホストプリンシパルを取得できません: %s"
-
-#: plugins/sudoers/auth/kerb5.c:299
-#, c-format
-msgid "%s: Cannot verify TGT! Possible attack!: %s"
-msgstr "%s: TGT を検証できません! おそらく攻撃です!: %s"
-
-#: plugins/sudoers/auth/pam.c:99
-msgid "unable to initialize PAM"
-msgstr "PAM を初期化できません"
-
-#: plugins/sudoers/auth/pam.c:142
-msgid "account validation failure, is your account locked?"
-msgstr "アカウントの有効性検証に失敗しました。あなたのアカウントはロックされていませんか?"
-
-#: plugins/sudoers/auth/pam.c:146
-msgid "Account or password is expired, reset your password and try again"
-msgstr "アカウントまたはパスワードが期限切れです。パスワードをリセットして再試行してください"
-
-#: plugins/sudoers/auth/pam.c:153
-#, c-format
-msgid "pam_chauthtok: %s"
-msgstr "pam_chauthtok: %s"
-
-#: plugins/sudoers/auth/pam.c:157
-msgid "Password expired, contact your system administrator"
-msgstr "パスワードが期限切れです。システム管理者に連絡してください"
-
-#: plugins/sudoers/auth/pam.c:161
-msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
-msgstr "アカウントの期限切れ、または sudo 用の PAM 設定に \"account\" セクションがありません。システム管理者に連絡してください"
-
-#: plugins/sudoers/auth/pam.c:176
-#, c-format
-msgid "pam_authenticate: %s"
-msgstr "pam_authenticate: %s"
-
-#: plugins/sudoers/auth/pam.c:296
-msgid "Password: "
-msgstr "パスワード: "
-
-#: plugins/sudoers/auth/pam.c:297
-msgid "Password:"
-msgstr "パスワード:"
-
-#: plugins/sudoers/auth/securid.c:82 plugins/sudoers/auth/securid5.c:106
-#, c-format
-msgid "unable to contact the SecurID server"
-msgstr "SecurID サーバーに接続できません"
-
-#: plugins/sudoers/auth/securid5.c:81
-#, c-format
-msgid "failed to initialise the ACE API library"
-msgstr "ACE API ライブラリの初期化に失敗しました"
-
-#: plugins/sudoers/auth/securid5.c:115
-#, c-format
-msgid "User ID locked for SecurID Authentication"
-msgstr "SecurID 認証のユーザーIDがロックされています"
-
-#: plugins/sudoers/auth/securid5.c:119 plugins/sudoers/auth/securid5.c:169
-#, c-format
-msgid "invalid username length for SecurID"
-msgstr "SecurID 用のユーザー名の長さが無効です"
-
-#: plugins/sudoers/auth/securid5.c:123 plugins/sudoers/auth/securid5.c:174
-#, c-format
-msgid "invalid Authentication Handle for SecurID"
-msgstr "SecurID 用の認証ハンドルが無効です"
-
-#: plugins/sudoers/auth/securid5.c:127
-#, c-format
-msgid "SecurID communication failed"
-msgstr "SecurID 通信に失敗しました"
+#: toke.l:805
+msgid "too many levels of includes"
+msgstr "インクルードの階層が大きすぎます"
-#: plugins/sudoers/auth/securid5.c:131 plugins/sudoers/auth/securid5.c:213
-#, c-format
-msgid "unknown SecurID error"
-msgstr "不明な SecurID エラーです"
+#~ msgid "invalid log file %s"
+#~ msgstr "ログファイル %s は無効です"
-#: plugins/sudoers/auth/securid5.c:164
-#, c-format
-msgid "invalid passcode length for SecurID"
-msgstr "SecurID 用のパスコード長が無効です"
+#~ msgid "fixed mode on %s"
+#~ msgstr "%s のアクセス権限のモードを修正しました"
-#: plugins/sudoers/auth/sia.c:106
-msgid "unable to initialize SIA session"
-msgstr "SIA セッションを初期化できません"
+#~ msgid "set group on %s"
+#~ msgstr "%s のグループを設定しました"
-#: plugins/sudoers/auth/sudo_auth.c:124
-msgid "There are no authentication methods compiled into sudo! If you want to turn off authentication, use the --disable-authentication configure option."
-msgstr "認証方法が sudo のコンパイル時に組み込まれていません! 認証を無効にする場合には、configure オプションで --disable-authentication を指定してください。"
+#~ msgid "unable to set group on %s"
+#~ msgstr "%s のグループを設定できません"
-#: plugins/sudoers/auth/sudo_auth.c:134
-msgid "Invalid authentication methods compiled into sudo! You may mix standalone and non-standalone authentication."
-msgstr "無効な認証方法が sudo のコンパイル時に組み込まれています! スタンドアローンと非スタンドアローン認証を組み合わせているようです。"
+#~ msgid "unable to fix mode on %s"
+#~ msgstr "%s のアクセス権限のモードを修正できません"
-#: plugins/sudoers/auth/sudo_auth.c:243
-#, c-format
-msgid "%d incorrect password attempt"
-msgid_plural "%d incorrect password attempts"
-msgstr[0] "%d 回パスワード試行を間違えました"
+#~ msgid "%s is mode 0%o, should be 0%o"
+#~ msgstr "%s のアクセス権限のモードは 0%o です。これは 0%o であるべきです"
-#: plugins/sudoers/auth/sudo_auth.c:335
-msgid "Authentication methods:"
-msgstr "認証方法:"
+#~ msgid "File containing dummy exec functions: %s"
+#~ msgstr "偽の exec 関数が含まれるファイル: %s"
--- /dev/null
+# SOME DESCRIPTIVE TITLE.
+# This file is put in the public domain.
+# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
+# Algimantas Margevičius <margevicius.algimantas@gmail.com>, 2012.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: sudoers 1.8.4rc1\n"
+"Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n"
+"POT-Creation-Date: 2012-02-06 15:48-0500\n"
+"PO-Revision-Date: 2012-02-25 11:56+0200\n"
+"Last-Translator: Algimantas Margevičius <margevicius.algimantas@gmail.com>\n"
+"Language-Team: Lithuanian <komp_lt@konferencijos.lt>\n"
+"Language: lt\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && (n%100<10 || n%100>=20) ? 1 : 2)\n"
+
+#: plugins/sudoers/alias.c:125
+#, c-format
+msgid "Alias `%s' already defined"
+msgstr ""
+
+#: plugins/sudoers/bsm_audit.c:61 plugins/sudoers/bsm_audit.c:64
+#: plugins/sudoers/bsm_audit.c:113 plugins/sudoers/bsm_audit.c:117
+#: plugins/sudoers/bsm_audit.c:169 plugins/sudoers/bsm_audit.c:173
+msgid "getaudit: failed"
+msgstr ""
+
+#: plugins/sudoers/bsm_audit.c:91 plugins/sudoers/bsm_audit.c:154
+msgid "Could not determine audit condition"
+msgstr ""
+
+#: plugins/sudoers/bsm_audit.c:102
+msgid "getauid failed"
+msgstr ""
+
+#: plugins/sudoers/bsm_audit.c:104 plugins/sudoers/bsm_audit.c:163
+msgid "au_open: failed"
+msgstr ""
+
+#: plugins/sudoers/bsm_audit.c:119 plugins/sudoers/bsm_audit.c:175
+msgid "au_to_subject: failed"
+msgstr ""
+
+#: plugins/sudoers/bsm_audit.c:123 plugins/sudoers/bsm_audit.c:179
+msgid "au_to_exec_args: failed"
+msgstr ""
+
+#: plugins/sudoers/bsm_audit.c:127 plugins/sudoers/bsm_audit.c:188
+msgid "au_to_return32: failed"
+msgstr ""
+
+#: plugins/sudoers/bsm_audit.c:130 plugins/sudoers/bsm_audit.c:191
+msgid "unable to commit audit record"
+msgstr ""
+
+#: plugins/sudoers/bsm_audit.c:161
+msgid "getauid: failed"
+msgstr ""
+
+#: plugins/sudoers/bsm_audit.c:184
+msgid "au_to_text: failed"
+msgstr ""
+
+#: plugins/sudoers/check.c:158
+#, c-format
+msgid "sorry, a password is required to run %s"
+msgstr ""
+
+#: plugins/sudoers/check.c:249 plugins/sudoers/iolog.c:172
+#: plugins/sudoers/sudoers.c:992 plugins/sudoers/sudoreplay.c:348
+#: plugins/sudoers/sudoreplay.c:357 plugins/sudoers/sudoreplay.c:703
+#: plugins/sudoers/sudoreplay.c:797 plugins/sudoers/visudo.c:790
+#, c-format
+msgid "unable to open %s"
+msgstr ""
+
+#: plugins/sudoers/check.c:253 plugins/sudoers/iolog.c:202
+#, c-format
+msgid "unable to write to %s"
+msgstr ""
+
+#: plugins/sudoers/check.c:261 plugins/sudoers/check.c:506
+#: plugins/sudoers/check.c:556 plugins/sudoers/iolog.c:123
+#: plugins/sudoers/iolog.c:156
+#, c-format
+msgid "unable to mkdir %s"
+msgstr ""
+
+#: plugins/sudoers/check.c:396
+#, c-format
+msgid "internal error, expand_prompt() overflow"
+msgstr ""
+
+#: plugins/sudoers/check.c:456
+#, c-format
+msgid "timestamp path too long: %s"
+msgstr ""
+
+#: plugins/sudoers/check.c:485 plugins/sudoers/check.c:529
+#: plugins/sudoers/iolog.c:158
+#, c-format
+msgid "%s exists but is not a directory (0%o)"
+msgstr ""
+
+#: plugins/sudoers/check.c:488 plugins/sudoers/check.c:532
+#: plugins/sudoers/check.c:577
+#, c-format
+msgid "%s owned by uid %u, should be uid %u"
+msgstr ""
+
+#: plugins/sudoers/check.c:493 plugins/sudoers/check.c:537
+#, c-format
+msgid "%s writable by non-owner (0%o), should be mode 0700"
+msgstr ""
+
+#: plugins/sudoers/check.c:501 plugins/sudoers/check.c:545
+#: plugins/sudoers/check.c:613 plugins/sudoers/sudoers.c:978
+#: plugins/sudoers/visudo.c:320 plugins/sudoers/visudo.c:582
+#, c-format
+msgid "unable to stat %s"
+msgstr ""
+
+#: plugins/sudoers/check.c:571
+#, c-format
+msgid "%s exists but is not a regular file (0%o)"
+msgstr ""
+
+#: plugins/sudoers/check.c:583
+#, c-format
+msgid "%s writable by non-owner (0%o), should be mode 0600"
+msgstr ""
+
+#: plugins/sudoers/check.c:637
+#, c-format
+msgid "timestamp too far in the future: %20.20s"
+msgstr ""
+
+#: plugins/sudoers/check.c:684
+#, c-format
+msgid "unable to remove %s (%s), will reset to the epoch"
+msgstr ""
+
+#: plugins/sudoers/check.c:692
+#, c-format
+msgid "unable to reset %s to the epoch"
+msgstr ""
+
+#: plugins/sudoers/check.c:752 plugins/sudoers/check.c:758
+#: plugins/sudoers/sudoers.c:829 plugins/sudoers/sudoers.c:833
+#, c-format
+msgid "unknown uid: %u"
+msgstr ""
+
+#: plugins/sudoers/check.c:755 plugins/sudoers/sudoers.c:770
+#: plugins/sudoers/sudoers.c:1108 plugins/sudoers/testsudoers.c:218
+#: plugins/sudoers/testsudoers.c:362
+#, c-format
+msgid "unknown user: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:27
+#, c-format
+msgid "Syslog facility if syslog is being used for logging: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:31
+#, c-format
+msgid "Syslog priority to use when user authenticates successfully: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:35
+#, c-format
+msgid "Syslog priority to use when user authenticates unsuccessfully: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:39
+msgid "Put OTP prompt on its own line"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:43
+msgid "Ignore '.' in $PATH"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:47
+msgid "Always send mail when sudo is run"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:51
+msgid "Send mail if user authentication fails"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:55
+msgid "Send mail if the user is not in sudoers"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:59
+msgid "Send mail if the user is not in sudoers for this host"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:63
+msgid "Send mail if the user is not allowed to run a command"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:67
+msgid "Use a separate timestamp for each user/tty combo"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:71
+msgid "Lecture user the first time they run sudo"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:75
+#, c-format
+msgid "File containing the sudo lecture: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:79
+msgid "Require users to authenticate by default"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:83
+msgid "Root may run sudo"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:87
+msgid "Log the hostname in the (non-syslog) log file"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:91
+msgid "Log the year in the (non-syslog) log file"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:95
+msgid "If sudo is invoked with no arguments, start a shell"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:99
+msgid "Set $HOME to the target user when starting a shell with -s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:103
+msgid "Always set $HOME to the target user's home directory"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:107
+msgid "Allow some information gathering to give useful error messages"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:111
+msgid "Require fully-qualified hostnames in the sudoers file"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:115
+msgid "Insult the user when they enter an incorrect password"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:119
+msgid "Only allow the user to run sudo if they have a tty"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:123
+msgid "Visudo will honor the EDITOR environment variable"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:127
+msgid "Prompt for root's password, not the users's"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:131
+msgid "Prompt for the runas_default user's password, not the users's"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:135
+msgid "Prompt for the target user's password, not the users's"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:139
+msgid "Apply defaults in the target user's login class if there is one"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:143
+msgid "Set the LOGNAME and USER environment variables"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:147
+msgid "Only set the effective uid to the target user, not the real uid"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:151
+msgid "Don't initialize the group vector to that of the target user"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:155
+#, c-format
+msgid "Length at which to wrap log file lines (0 for no wrap): %d"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:159
+#, c-format
+msgid "Authentication timestamp timeout: %.1f minutes"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:163
+#, c-format
+msgid "Password prompt timeout: %.1f minutes"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:167
+#, c-format
+msgid "Number of tries to enter a password: %d"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:171
+#, c-format
+msgid "Umask to use or 0777 to use user's: 0%o"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:175
+#, c-format
+msgid "Path to log file: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:179
+#, c-format
+msgid "Path to mail program: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:183
+#, c-format
+msgid "Flags for mail program: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:187
+#, c-format
+msgid "Address to send mail to: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:191
+#, c-format
+msgid "Address to send mail from: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:195
+#, c-format
+msgid "Subject line for mail messages: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:199
+#, c-format
+msgid "Incorrect password message: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:203
+#, c-format
+msgid "Path to authentication timestamp dir: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:207
+#, c-format
+msgid "Owner of the authentication timestamp dir: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:211
+#, c-format
+msgid "Users in this group are exempt from password and PATH requirements: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:215
+#, c-format
+msgid "Default password prompt: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:219
+msgid "If set, passprompt will override system prompt in all cases."
+msgstr ""
+
+#: plugins/sudoers/def_data.c:223
+#, c-format
+msgid "Default user to run commands as: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:227
+#, c-format
+msgid "Value to override user's $PATH with: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:231
+#, c-format
+msgid "Path to the editor for use by visudo: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:235
+#, c-format
+msgid "When to require a password for 'list' pseudocommand: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:239
+#, c-format
+msgid "When to require a password for 'verify' pseudocommand: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:243
+msgid "Preload the dummy exec functions contained in \"_PATH_SUDO_NOEXEC"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:247
+msgid "If LDAP directory is up, do we ignore local sudoers file"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:251
+#, c-format
+msgid "File descriptors >= %d will be closed before executing a command"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:255
+msgid "If set, users may override the value of `closefrom' with the -C option"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:259
+msgid "Allow users to set arbitrary environment variables"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:263
+msgid "Reset the environment to a default set of variables"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:267
+msgid "Environment variables to check for sanity:"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:271
+msgid "Environment variables to remove:"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:275
+msgid "Environment variables to preserve:"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:279
+#, c-format
+msgid "SELinux role to use in the new security context: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:283
+#, c-format
+msgid "SELinux type to use in the new security context: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:287
+#, c-format
+msgid "Path to the sudo-specific environment file: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:291
+#, c-format
+msgid "Locale to use while parsing sudoers: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:295
+msgid "Allow sudo to prompt for a password even if it would be visible"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:299
+msgid "Provide visual feedback at the password prompt when there is user input"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:303
+msgid "Use faster globbing that is less accurate but does not access the filesystem"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:307
+msgid "The umask specified in sudoers will override the user's, even if it is more permissive"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:311
+msgid "Log user's input for the command being run"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:315
+msgid "Log the output of the command being run"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:319
+msgid "Compress I/O logs using zlib"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:323
+msgid "Always run commands in a pseudo-tty"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:327
+#, c-format
+msgid "Plugin for non-Unix group support: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:331
+#, c-format
+msgid "Directory in which to store input/output logs: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:335
+#, c-format
+msgid "File in which to store the input/output log: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:339
+msgid "Add an entry to the utmp/utmpx file when allocating a pty"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:343
+msgid "Set the user in utmp to the runas user, not the invoking user"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:208
+#, c-format
+msgid "unknown defaults entry `%s'"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:216 plugins/sudoers/defaults.c:226
+#: plugins/sudoers/defaults.c:246 plugins/sudoers/defaults.c:259
+#: plugins/sudoers/defaults.c:272 plugins/sudoers/defaults.c:285
+#: plugins/sudoers/defaults.c:298 plugins/sudoers/defaults.c:318
+#: plugins/sudoers/defaults.c:328
+#, c-format
+msgid "value `%s' is invalid for option `%s'"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:219 plugins/sudoers/defaults.c:229
+#: plugins/sudoers/defaults.c:237 plugins/sudoers/defaults.c:254
+#: plugins/sudoers/defaults.c:267 plugins/sudoers/defaults.c:280
+#: plugins/sudoers/defaults.c:293 plugins/sudoers/defaults.c:313
+#: plugins/sudoers/defaults.c:324
+#, c-format
+msgid "no value specified for `%s'"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:242
+#, c-format
+msgid "values for `%s' must start with a '/'"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:304
+#, c-format
+msgid "option `%s' does not take a value"
+msgstr ""
+
+#: plugins/sudoers/env.c:258
+#, c-format
+msgid "internal error, sudo_setenv() overflow"
+msgstr ""
+
+#: plugins/sudoers/env.c:291
+#, c-format
+msgid "sudo_putenv: corrupted envp, length mismatch"
+msgstr ""
+
+#: plugins/sudoers/env.c:710
+#, c-format
+msgid "sorry, you are not allowed to set the following environment variables: %s"
+msgstr ""
+
+#: plugins/sudoers/find_path.c:69 plugins/sudoers/find_path.c:108
+#: plugins/sudoers/find_path.c:123 plugins/sudoers/iolog.c:125
+#: plugins/sudoers/sudoers.c:923 toke.l:668 toke.l:823
+#, c-format
+msgid "%s: %s"
+msgstr "%s: %s"
+
+#: gram.y:110
+#, c-format
+msgid ">>> %s: %s near line %d <<<"
+msgstr ""
+
+#: plugins/sudoers/group_plugin.c:91
+#, c-format
+msgid "%s%s: %s"
+msgstr "%s%s: %s"
+
+#: plugins/sudoers/group_plugin.c:103
+#, c-format
+msgid "%s must be owned by uid %d"
+msgstr "%s turi priklausyti uid %d"
+
+#: plugins/sudoers/group_plugin.c:107
+#, c-format
+msgid "%s must only be writable by owner"
+msgstr "%s turi būti įrašomas tik savininkui"
+
+#: plugins/sudoers/group_plugin.c:114
+#, c-format
+msgid "unable to dlopen %s: %s"
+msgstr ""
+
+#: plugins/sudoers/group_plugin.c:119
+#, c-format
+msgid "unable to find symbol \"group_plugin\" in %s"
+msgstr ""
+
+#: plugins/sudoers/group_plugin.c:124
+#, c-format
+msgid "%s: incompatible group plugin major version %d, expected %d"
+msgstr ""
+
+#: plugins/sudoers/interfaces.c:112
+msgid "Local IP address and netmask pairs:\n"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:179 plugins/sudoers/sudoers.c:999
+#, c-format
+msgid "unable to read %s"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:182
+#, c-format
+msgid "invalid sequence number %s"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:231 plugins/sudoers/iolog.c:234
+#: plugins/sudoers/iolog.c:499 plugins/sudoers/iolog.c:504
+#: plugins/sudoers/iolog.c:510 plugins/sudoers/iolog.c:518
+#: plugins/sudoers/iolog.c:526 plugins/sudoers/iolog.c:534
+#: plugins/sudoers/iolog.c:542
+#, c-format
+msgid "unable to create %s"
+msgstr ""
+
+#: plugins/sudoers/iolog_path.c:256 plugins/sudoers/sudoers.c:362
+#, c-format
+msgid "unable to set locale to \"%s\", using \"C\""
+msgstr ""
+
+#: plugins/sudoers/ldap.c:374
+#, c-format
+msgid "sudo_ldap_conf_add_ports: port too large"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:397
+#, c-format
+msgid "sudo_ldap_conf_add_ports: out of space expanding hostbuf"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:427
+#, c-format
+msgid "unsupported LDAP uri type: %s"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:456
+#, c-format
+msgid "invalid uri: %s"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:462
+#, c-format
+msgid "unable to mix ldap and ldaps URIs"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:466
+#, c-format
+msgid "unable to mix ldaps and starttls"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:485
+#, c-format
+msgid "sudo_ldap_parse_uri: out of space building hostbuf"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:550
+#, c-format
+msgid "unable to initialize SSL cert and key db: %s"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:958
+#, c-format
+msgid "unable to get GMT time"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:964
+#, c-format
+msgid "unable to format timestamp"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:972
+#, c-format
+msgid "unable to build time filter"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:1185
+#, c-format
+msgid "sudo_ldap_build_pass1 allocation mismatch"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:1705
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: %s\n"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:1707
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: UNKNOWN\n"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:1754
+#, c-format
+msgid " Order: %s\n"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:1762
+#, c-format
+msgid " Commands:\n"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:2161
+#, c-format
+msgid "unable to initialize LDAP: %s"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:2192
+#, c-format
+msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:2428
+#, c-format
+msgid "invalid sudoOrder attribute: %s"
+msgstr ""
+
+#: plugins/sudoers/linux_audit.c:57
+#, c-format
+msgid "unable to open audit system"
+msgstr ""
+
+#: plugins/sudoers/linux_audit.c:82
+#, c-format
+msgid "internal error, linux_audit_command() overflow"
+msgstr ""
+
+#: plugins/sudoers/linux_audit.c:91
+#, c-format
+msgid "unable to send audit message"
+msgstr ""
+
+#: plugins/sudoers/logging.c:198
+#, c-format
+msgid "unable to open log file: %s: %s"
+msgstr ""
+
+#: plugins/sudoers/logging.c:201
+#, c-format
+msgid "unable to lock log file: %s: %s"
+msgstr ""
+
+#: plugins/sudoers/logging.c:256
+msgid "user NOT in sudoers"
+msgstr ""
+
+#: plugins/sudoers/logging.c:258
+msgid "user NOT authorized on host"
+msgstr ""
+
+#: plugins/sudoers/logging.c:260
+msgid "command not allowed"
+msgstr ""
+
+#: plugins/sudoers/logging.c:270
+#, c-format
+msgid "%s is not in the sudoers file. This incident will be reported.\n"
+msgstr "%s nėra „sudoers“ faile. Apie šį įvykį bus pranešta.\n"
+
+#: plugins/sudoers/logging.c:273
+#, c-format
+msgid "%s is not allowed to run sudo on %s. This incident will be reported.\n"
+msgstr "%s neleidžiama vykdyti „sudo“ kompiuteryje %s. Apie šį įvykį bus pranešta.\n"
+
+#: plugins/sudoers/logging.c:277
+#, c-format
+msgid "Sorry, user %s may not run sudo on %s.\n"
+msgstr "Deja, naudotojas %s negali vykdyti „sudo“ kompiuteryje %s.\n"
+
+#: plugins/sudoers/logging.c:280
+#, c-format
+msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
+msgstr "Deja, naudotojui %s neleidžiama vykdyti „%s%s%s“ kaip %s%s%s kompiuteryje %s.\n"
+
+#: plugins/sudoers/logging.c:420
+#, c-format
+msgid "unable to fork"
+msgstr ""
+
+#: plugins/sudoers/logging.c:427 plugins/sudoers/logging.c:489
+#, c-format
+msgid "unable to fork: %m"
+msgstr ""
+
+#: plugins/sudoers/logging.c:479
+#, c-format
+msgid "unable to open pipe: %m"
+msgstr ""
+
+#: plugins/sudoers/logging.c:504
+#, c-format
+msgid "unable to dup stdin: %m"
+msgstr ""
+
+#: plugins/sudoers/logging.c:540
+#, c-format
+msgid "unable to execute %s: %m"
+msgstr ""
+
+#: plugins/sudoers/logging.c:755
+#, c-format
+msgid "internal error: insufficient space for log line"
+msgstr ""
+
+#: plugins/sudoers/parse.c:123
+#, c-format
+msgid "parse error in %s near line %d"
+msgstr ""
+
+#: plugins/sudoers/parse.c:126
+#, c-format
+msgid "parse error in %s"
+msgstr ""
+
+#: plugins/sudoers/parse.c:389
+#, c-format
+msgid ""
+"\n"
+"Sudoers entry:\n"
+msgstr ""
+
+#: plugins/sudoers/parse.c:391
+#, c-format
+msgid " RunAsUsers: "
+msgstr ""
+
+#: plugins/sudoers/parse.c:406
+#, c-format
+msgid " RunAsGroups: "
+msgstr ""
+
+#: plugins/sudoers/parse.c:415
+#, c-format
+msgid ""
+" Commands:\n"
+"\t"
+msgstr ""
+
+#: plugins/sudoers/plugin_error.c:100 plugins/sudoers/plugin_error.c:105
+msgid ": "
+msgstr ": "
+
+#: plugins/sudoers/pwutil.c:260
+#, c-format
+msgid "unable to cache uid %u (%s), already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:268
+#, c-format
+msgid "unable to cache uid %u, already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:305 plugins/sudoers/pwutil.c:314
+#, c-format
+msgid "unable to cache user %s, already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:655
+#, c-format
+msgid "unable to cache gid %u (%s), already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:663
+#, c-format
+msgid "unable to cache gid %u, already exists"
+msgstr ""
+
+#: plugins/sudoers/pwutil.c:693 plugins/sudoers/pwutil.c:702
+#, c-format
+msgid "unable to cache group %s, already exists"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:114 plugins/sudoers/set_perms.c:365
+#: plugins/sudoers/set_perms.c:601 plugins/sudoers/set_perms.c:837
+msgid "perm stack overflow"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:122 plugins/sudoers/set_perms.c:373
+#: plugins/sudoers/set_perms.c:609 plugins/sudoers/set_perms.c:845
+msgid "perm stack underflow"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:228 plugins/sudoers/set_perms.c:466
+#: plugins/sudoers/set_perms.c:706
+msgid "unable to change to runas gid"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:236 plugins/sudoers/set_perms.c:473
+#: plugins/sudoers/set_perms.c:713
+msgid "unable to change to runas uid"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:250 plugins/sudoers/set_perms.c:486
+#: plugins/sudoers/set_perms.c:726
+#, c-format
+msgid "unable to change to sudoers gid"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:291 plugins/sudoers/set_perms.c:524
+#: plugins/sudoers/set_perms.c:764 plugins/sudoers/set_perms.c:906
+msgid "too many processes"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:970
+msgid "unable to set runas group vector"
+msgstr ""
+
+#: plugins/sudoers/sudo_nss.c:243
+#, c-format
+msgid "Matching Defaults entries for %s on this host:\n"
+msgstr ""
+
+#: plugins/sudoers/sudo_nss.c:256
+#, c-format
+msgid "Runas and Command-specific defaults for %s:\n"
+msgstr ""
+
+#: plugins/sudoers/sudo_nss.c:269
+#, c-format
+msgid "User %s may run the following commands on this host:\n"
+msgstr ""
+
+#: plugins/sudoers/sudo_nss.c:279
+#, c-format
+msgid "User %s is not allowed to run sudo on %s.\n"
+msgstr "Naudotojui %s neleidžiama vykdyti „sudo“ kompiuteryje %s.\n"
+
+#: plugins/sudoers/sudoers.c:201 plugins/sudoers/sudoers.c:232
+#: plugins/sudoers/sudoers.c:931
+msgid "problem with defaults entries"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:205
+#, c-format
+msgid "no valid sudoers sources found, quitting"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:257
+#, c-format
+msgid "unable to execute %s: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:311
+#, c-format
+msgid "sudoers specifies that root is not allowed to sudo"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:318
+#, c-format
+msgid "you are not permitted to use the -C option"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:408
+#, c-format
+msgid "timestamp owner (%s): No such user"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:424
+msgid "no tty"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:425
+#, c-format
+msgid "sorry, you must have a tty to run sudo"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:464
+msgid "No user or host"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:478 plugins/sudoers/sudoers.c:499
+#: plugins/sudoers/sudoers.c:500 plugins/sudoers/sudoers.c:1509
+#: plugins/sudoers/sudoers.c:1510
+#, c-format
+msgid "%s: command not found"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:480 plugins/sudoers/sudoers.c:496
+#, c-format
+msgid ""
+"ignoring `%s' found in '.'\n"
+"Use `sudo ./%s' if this is the `%s' you wish to run."
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:485
+msgid "validation failure"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:495
+msgid "command in current directory"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:507
+#, c-format
+msgid "sorry, you are not allowed to preserve the environment"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:657 plugins/sudoers/sudoers.c:664
+#, c-format
+msgid "internal error, runas_groups overflow"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:914
+#, c-format
+msgid "internal error, set_cmnd() overflow"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:957
+#, c-format
+msgid "fixed mode on %s"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:961
+#, c-format
+msgid "set group on %s"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:964
+#, c-format
+msgid "unable to set group on %s"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:967
+#, c-format
+msgid "unable to fix mode on %s"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:980
+#, c-format
+msgid "%s is not a regular file"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:982
+#, c-format
+msgid "%s is mode 0%o, should be 0%o"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:986
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "%s priklauso uid %u, nors turėtų %u"
+
+#: plugins/sudoers/sudoers.c:989
+#, c-format
+msgid "%s is owned by gid %u, should be %u"
+msgstr "%s priklauso gid %u, nors turėtų %u"
+
+#: plugins/sudoers/sudoers.c:1038
+#, c-format
+msgid "only root can use `-c %s'"
+msgstr "„-c %s“ gali naudoti tik „root“ naudotojas"
+
+#: plugins/sudoers/sudoers.c:1049
+#, c-format
+msgid "unknown login class: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:1077
+#, c-format
+msgid "unable to resolve host %s"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:1129 plugins/sudoers/testsudoers.c:380
+#, c-format
+msgid "unknown group: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:1178
+#, c-format
+msgid "Sudoers policy plugin version %s\n"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:1180
+#, c-format
+msgid "Sudoers file grammar version %d\n"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:1184
+#, c-format
+msgid ""
+"\n"
+"Sudoers path: %s\n"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:1187
+#, c-format
+msgid "nsswitch path: %s\n"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:1189
+#, c-format
+msgid "ldap.conf path: %s\n"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:1190
+#, c-format
+msgid "ldap.secret path: %s\n"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:286
+#, c-format
+msgid "invalid filter option: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:299
+#, c-format
+msgid "invalid max wait: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:305
+#, c-format
+msgid "invalid speed factor: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:308 plugins/sudoers/visudo.c:187
+#, c-format
+msgid "%s version %s\n"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:333
+#, c-format
+msgid "%s/%.2s/%.2s/%.2s/timing: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:339
+#, c-format
+msgid "%s/%s/timing: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:364
+#, c-format
+msgid "invalid log file %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:366
+#, c-format
+msgid "Replaying sudo session: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:392
+#, c-format
+msgid "unable to set tty to raw mode"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:406
+#, c-format
+msgid "invalid timing file line: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:448
+#, c-format
+msgid "writing to standard output"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:480
+#, c-format
+msgid "nanosleep: tv_sec %ld, tv_nsec %ld"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:529 plugins/sudoers/sudoreplay.c:554
+#, c-format
+msgid "ambiguous expression \"%s\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:571
+#, c-format
+msgid "too many parenthesized expressions, max %d"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:582
+#, c-format
+msgid "unmatched ')' in expression"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:588
+#, c-format
+msgid "unknown search term \"%s\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:602
+#, c-format
+msgid "%s requires an argument"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:606
+#, c-format
+msgid "invalid regular expression: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:612
+#, c-format
+msgid "could not parse date \"%s\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:625
+#, c-format
+msgid "unmatched '(' in expression"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:627
+#, c-format
+msgid "illegal trailing \"or\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:629
+#, c-format
+msgid "illegal trailing \"!\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:851
+#, c-format
+msgid "invalid regex: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:976
+#, c-format
+msgid "usage: %s [-h] [-d directory] [-m max_wait] [-s speed_factor] ID\n"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:979
+#, c-format
+msgid "usage: %s [-h] [-d directory] -l [search expression]\n"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:988
+#, c-format
+msgid ""
+"%s - replay sudo session logs\n"
+"\n"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:990
+msgid ""
+"\n"
+"Options:\n"
+" -d directory specify directory for session logs\n"
+" -f filter specify which I/O type to display\n"
+" -h display help message and exit\n"
+" -l [expression] list available session IDs that match expression\n"
+" -m max_wait max number of seconds to wait between events\n"
+" -s speed_factor speed up or slow down output\n"
+" -V display version information and exit"
+msgstr ""
+
+#: plugins/sudoers/testsudoers.c:246
+#, c-format
+msgid "internal error, init_vars() overflow"
+msgstr ""
+
+#: plugins/sudoers/testsudoers.c:331
+msgid "\thost unmatched"
+msgstr ""
+
+#: plugins/sudoers/testsudoers.c:334
+msgid ""
+"\n"
+"Command allowed"
+msgstr ""
+
+#: plugins/sudoers/testsudoers.c:335
+msgid ""
+"\n"
+"Command denied"
+msgstr ""
+
+#: plugins/sudoers/testsudoers.c:335
+msgid ""
+"\n"
+"Command unmatched"
+msgstr ""
+
+#: toke.l:672 toke.l:802 toke.l:827 toke.l:923 plugins/sudoers/toke_util.c:113
+#: plugins/sudoers/toke_util.c:167 plugins/sudoers/toke_util.c:207
+msgid "unable to allocate memory"
+msgstr ""
+
+#: toke.l:795
+msgid "too many levels of includes"
+msgstr ""
+
+#: plugins/sudoers/toke_util.c:218
+msgid "fill_args: buffer overflow"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:188
+#, c-format
+msgid "%s grammar version %d\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:221 plugins/sudoers/auth/rfc1938.c:104
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:253 plugins/sudoers/visudo.c:539
+#, c-format
+msgid "press return to edit %s: "
+msgstr ""
+
+#: plugins/sudoers/visudo.c:336 plugins/sudoers/visudo.c:342
+#, c-format
+msgid "write error"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:424
+#, c-format
+msgid "unable to stat temporary file (%s), %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:429
+#, c-format
+msgid "zero length temporary file (%s), %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:435
+#, c-format
+msgid "editor (%s) failed, %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:458
+#, c-format
+msgid "%s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:484
+#, c-format
+msgid "unable to re-open temporary file (%s), %s unchanged."
+msgstr ""
+
+#: plugins/sudoers/visudo.c:494
+#, c-format
+msgid "unabled to parse temporary file (%s), unknown error"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:532
+#, c-format
+msgid "internal error, unable to find %s in list!"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:584 plugins/sudoers/visudo.c:593
+#, c-format
+msgid "unable to set (uid, gid) of %s to (%u, %u)"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:588 plugins/sudoers/visudo.c:598
+#, c-format
+msgid "unable to change mode of %s to 0%o"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:615
+#, c-format
+msgid "%s and %s not on the same file system, using mv to rename"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:629
+#, c-format
+msgid "command failed: '%s %s %s', %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:639
+#, c-format
+msgid "error renaming %s, %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:702
+msgid "What now? "
+msgstr ""
+
+#: plugins/sudoers/visudo.c:716
+msgid ""
+"Options are:\n"
+" (e)dit sudoers file again\n"
+" e(x)it without saving changes to sudoers file\n"
+" (Q)uit and save changes to sudoers file (DANGER!)\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:757
+#, c-format
+msgid "unable to execute %s"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:764
+#, c-format
+msgid "unable to run %s"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:796
+#, c-format
+msgid "failed to parse %s file, unknown error"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:808
+#, c-format
+msgid "parse error in %s near line %d\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:811
+#, c-format
+msgid "parse error in %s\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:814 plugins/sudoers/visudo.c:816
+#, c-format
+msgid "%s: parsed OK\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:826
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:833
+#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:880
+#, c-format
+msgid "%s busy, try again later"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:924
+#, c-format
+msgid "specified editor (%s) doesn't exist"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:947
+#, c-format
+msgid "unable to stat editor (%s)"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:995
+#, c-format
+msgid "no editor found (editor path = %s)"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1089
+#, c-format
+msgid "Error: cycle in %s_Alias `%s'"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1090
+#, c-format
+msgid "Warning: cycle in %s_Alias `%s'"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1093
+#, c-format
+msgid "Error: %s_Alias `%s' referenced but not defined"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1094
+#, c-format
+msgid "Warning: %s_Alias `%s' referenced but not defined"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1229
+#, c-format
+msgid "%s: unused %s_Alias %s"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1286
+#, c-format
+msgid ""
+"%s - safely edit the sudoers file\n"
+"\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1288
+msgid ""
+"\n"
+"Options:\n"
+" -c check-only mode\n"
+" -f sudoers specify sudoers file location\n"
+" -h display help message and exit\n"
+" -q less verbose (quiet) syntax error messages\n"
+" -s strict syntax checking\n"
+" -V display version information and exit"
+msgstr ""
+
+#: plugins/sudoers/auth/bsdauth.c:78
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr ""
+
+#: plugins/sudoers/auth/bsdauth.c:84
+msgid "unable to begin bsd authentication"
+msgstr ""
+
+#: plugins/sudoers/auth/bsdauth.c:92
+msgid "invalid authentication type"
+msgstr ""
+
+#: plugins/sudoers/auth/bsdauth.c:101
+msgid "unable to setup authentication"
+msgstr ""
+
+#: plugins/sudoers/auth/fwtk.c:60
+#, c-format
+msgid "unable to read fwtk config"
+msgstr ""
+
+#: plugins/sudoers/auth/fwtk.c:65
+#, c-format
+msgid "unable to connect to authentication server"
+msgstr ""
+
+#: plugins/sudoers/auth/fwtk.c:71 plugins/sudoers/auth/fwtk.c:95
+#: plugins/sudoers/auth/fwtk.c:128
+#, c-format
+msgid "lost connection to authentication server"
+msgstr ""
+
+#: plugins/sudoers/auth/fwtk.c:75
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:117
+#, c-format
+msgid "%s: unable to unparse princ ('%s'): %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:160
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:170
+#, c-format
+msgid "%s: unable to resolve ccache: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:218
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:234
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:247
+#, c-format
+msgid "%s: unable to initialize ccache: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:251
+#, c-format
+msgid "%s: unable to store cred in ccache: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:316
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:331
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:100
+msgid "unable to initialize PAM"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:144
+msgid "account validation failure, is your account locked?"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:148
+msgid "Account or password is expired, reset your password and try again"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:155
+#, c-format
+msgid "pam_chauthtok: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:159
+msgid "Password expired, contact your system administrator"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:163
+msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:178
+#, c-format
+msgid "pam_authenticate: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:306
+msgid "Password: "
+msgstr "Slaptažodis: "
+
+#: plugins/sudoers/auth/pam.c:307
+msgid "Password:"
+msgstr "Slaptažodis:"
+
+#: plugins/sudoers/auth/securid5.c:81
+#, c-format
+msgid "failed to initialise the ACE API library"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:107
+#, c-format
+msgid "unable to contact the SecurID server"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:116
+#, c-format
+msgid "User ID locked for SecurID Authentication"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:120 plugins/sudoers/auth/securid5.c:171
+#, c-format
+msgid "invalid username length for SecurID"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:124 plugins/sudoers/auth/securid5.c:176
+#, c-format
+msgid "invalid Authentication Handle for SecurID"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:128
+#, c-format
+msgid "SecurID communication failed"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:132 plugins/sudoers/auth/securid5.c:215
+#, c-format
+msgid "unknown SecurID error"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:166
+#, c-format
+msgid "invalid passcode length for SecurID"
+msgstr ""
+
+#: plugins/sudoers/auth/sia.c:109
+msgid "unable to initialize SIA session"
+msgstr ""
+
+#: plugins/sudoers/auth/sudo_auth.c:117
+msgid "Invalid authentication methods compiled into sudo! You may mix standalone and non-standalone authentication."
+msgstr ""
+
+#: plugins/sudoers/auth/sudo_auth.c:199
+msgid "There are no authentication methods compiled into sudo! If you want to turn off authentication, use the --disable-authentication configure option."
+msgstr ""
+
+#: plugins/sudoers/auth/sudo_auth.c:271
+#, c-format
+msgid "%d incorrect password attempt"
+msgid_plural "%d incorrect password attempts"
+msgstr[0] ""
+msgstr[1] ""
+
+#: plugins/sudoers/auth/sudo_auth.c:374
+msgid "Authentication methods:"
+msgstr ""
#
msgid ""
msgstr ""
-"Project-Id-Version: sudoers 1.8.4rc1\n"
+"Project-Id-Version: sudoers 1.8.5rc3\n"
"Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n"
-"POT-Creation-Date: 2012-02-06 15:48-0500\n"
-"PO-Revision-Date: 2012-02-08 18:07+0100\n"
+"POT-Creation-Date: 2012-04-24 13:41-0400\n"
+"PO-Revision-Date: 2012-05-06 21:40+0200\n"
"Last-Translator: Jakub Bogusz <qboosh@pld-linux.org>\n"
"Language-Team: Polish <translation-team-pl@lists.sourceforge.net>\n"
"Language: pl\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=3; plural=(n==1 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n"
+#: gram.y:110
+#, c-format
+msgid ">>> %s: %s near line %d <<<"
+msgstr ">>> %s: %s w okolicy linii %d <<<"
+
#: plugins/sudoers/alias.c:125
#, c-format
msgid "Alias `%s' already defined"
msgstr "Alias `%s' jest już zdefiniowany"
-#: plugins/sudoers/bsm_audit.c:61 plugins/sudoers/bsm_audit.c:64
-#: plugins/sudoers/bsm_audit.c:113 plugins/sudoers/bsm_audit.c:117
-#: plugins/sudoers/bsm_audit.c:169 plugins/sudoers/bsm_audit.c:173
+#: plugins/sudoers/auth/bsdauth.c:78
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr "nie udało się uzyskać klasy logowania dla użytkownika %s"
+
+#: plugins/sudoers/auth/bsdauth.c:84
+msgid "unable to begin bsd authentication"
+msgstr "nie udało się rozpocząć uwierzytelnienia BSD"
+
+#: plugins/sudoers/auth/bsdauth.c:92
+msgid "invalid authentication type"
+msgstr "błędny rodzaj uwierzytelnienia"
+
+#: plugins/sudoers/auth/bsdauth.c:101
+msgid "unable to setup authentication"
+msgstr "nie udało się ustawić parametrów uwierzytelnienia"
+
+#: plugins/sudoers/auth/fwtk.c:60
+#, c-format
+msgid "unable to read fwtk config"
+msgstr "nie udało się odczytać konfiguracji fwtk"
+
+#: plugins/sudoers/auth/fwtk.c:65
+#, c-format
+msgid "unable to connect to authentication server"
+msgstr "nie udało się połączyć z serwerem uwierzytelniającym"
+
+#: plugins/sudoers/auth/fwtk.c:71 plugins/sudoers/auth/fwtk.c:95
+#: plugins/sudoers/auth/fwtk.c:128
+#, c-format
+msgid "lost connection to authentication server"
+msgstr "utracono połączenie z serwerem uwierzytelniającym"
+
+#: plugins/sudoers/auth/fwtk.c:75
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+"błąd serwera uwierzytelniającego:\n"
+"%s"
+
+#: plugins/sudoers/auth/kerb5.c:117
+#, c-format
+msgid "%s: unable to unparse princ ('%s'): %s"
+msgstr "%s: nie udało się złożyć princ ('%s'): %s"
+
+#: plugins/sudoers/auth/kerb5.c:160
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr "%s: nie udało się przeanalizować '%s': %s"
+
+#: plugins/sudoers/auth/kerb5.c:170
+#, c-format
+msgid "%s: unable to resolve ccache: %s"
+msgstr "%s: nie udało się rozwiązać ccache: %s"
+
+#: plugins/sudoers/auth/kerb5.c:218
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr "%s: nie udało się przydzielić opcji: %s"
+
+#: plugins/sudoers/auth/kerb5.c:234
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr "%s: nie udało się pobrać danych uwierzytelniających: %s"
+
+#: plugins/sudoers/auth/kerb5.c:247
+#, c-format
+msgid "%s: unable to initialize ccache: %s"
+msgstr "%s: nie udało się zainicjować ccache: %s"
+
+#: plugins/sudoers/auth/kerb5.c:251
+#, c-format
+msgid "%s: unable to store cred in ccache: %s"
+msgstr "%s: nie udało się zapisać danych uwierzytelniających w ccache: %s"
+
+#: plugins/sudoers/auth/kerb5.c:316
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr "%s: nie udało się pobrać głównego hosta: %s"
+
+#: plugins/sudoers/auth/kerb5.c:331
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr "%s: Nie można zweryfikować TGT! Możliwy atak!: %s"
+
+#: plugins/sudoers/auth/pam.c:100
+msgid "unable to initialize PAM"
+msgstr "nie udało się zainicjować PAM"
+
+#: plugins/sudoers/auth/pam.c:144
+msgid "account validation failure, is your account locked?"
+msgstr "błąd kontroli poprawności konta - konto zablokowane?"
+
+#: plugins/sudoers/auth/pam.c:148
+msgid "Account or password is expired, reset your password and try again"
+msgstr "Konto lub hasło wygasło, należy ustawić ponownie hasło i spróbować jeszcze raz"
+
+#: plugins/sudoers/auth/pam.c:155
+#, c-format
+msgid "pam_chauthtok: %s"
+msgstr "pam_chauthtok: %s"
+
+#: plugins/sudoers/auth/pam.c:159
+msgid "Password expired, contact your system administrator"
+msgstr "Hasło wygasło, proszę skontaktować się z administratorem systemu"
+
+#: plugins/sudoers/auth/pam.c:163
+msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
+msgstr "Konto wygasło lub w konfiguracji PAM brak sekcji \"account\" dla sudo, proszę skontaktować się z administratorem systemu"
+
+#: plugins/sudoers/auth/pam.c:180
+#, c-format
+msgid "pam_authenticate: %s"
+msgstr "pam_authenticate: %s"
+
+#: plugins/sudoers/auth/pam.c:332
+msgid "Password: "
+msgstr "Hasło: "
+
+#: plugins/sudoers/auth/pam.c:333
+msgid "Password:"
+msgstr "Hasło:"
+
+#: plugins/sudoers/auth/rfc1938.c:104 plugins/sudoers/visudo.c:220
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr "nie istniejesz w bazie danych %s"
+
+#: plugins/sudoers/auth/securid5.c:81
+#, c-format
+msgid "failed to initialise the ACE API library"
+msgstr "nie udało się zainicjować biblioteki ACE API"
+
+#: plugins/sudoers/auth/securid5.c:107
+#, c-format
+msgid "unable to contact the SecurID server"
+msgstr "nie udało się połączyć z serwerem SecurID"
+
+#: plugins/sudoers/auth/securid5.c:116
+#, c-format
+msgid "User ID locked for SecurID Authentication"
+msgstr "ID użytkownika zablokowany dla uwierzytelnienia SecurID"
+
+#: plugins/sudoers/auth/securid5.c:120 plugins/sudoers/auth/securid5.c:171
+#, c-format
+msgid "invalid username length for SecurID"
+msgstr "błędna długość nazwy użytkownika dla SecurID"
+
+#: plugins/sudoers/auth/securid5.c:124 plugins/sudoers/auth/securid5.c:176
+#, c-format
+msgid "invalid Authentication Handle for SecurID"
+msgstr "błędny uchwyt uwierzytelnienia dla SecurID"
+
+#: plugins/sudoers/auth/securid5.c:128
+#, c-format
+msgid "SecurID communication failed"
+msgstr "błąd komunikacji SecurID"
+
+#: plugins/sudoers/auth/securid5.c:132 plugins/sudoers/auth/securid5.c:215
+#, c-format
+msgid "unknown SecurID error"
+msgstr "nieznany błąd SecurID"
+
+#: plugins/sudoers/auth/securid5.c:166
+#, c-format
+msgid "invalid passcode length for SecurID"
+msgstr "błędna długość hasła dla SecurID"
+
+#: plugins/sudoers/auth/sia.c:109
+msgid "unable to initialize SIA session"
+msgstr "nie udało się zainicjować sesji SIA"
+
+#: plugins/sudoers/auth/sudo_auth.c:117
+msgid "Invalid authentication methods compiled into sudo! You may mix standalone and non-standalone authentication."
+msgstr "W sudo wkompilowano błędne metody uwierzytelniania! Można mieszać samodzielne i niesamodzielne sposoby uwierzytelniania."
+
+#: plugins/sudoers/auth/sudo_auth.c:199
+msgid "There are no authentication methods compiled into sudo! If you want to turn off authentication, use the --disable-authentication configure option."
+msgstr "W sudo nie wkompilowano żadnych metod uwierzytelniania! Aby wyłączyć uwierzytelnianie, proszę użyć opcji konfiguracyjnej --disable-authentication."
+
+#: plugins/sudoers/auth/sudo_auth.c:271
+#, c-format
+msgid "%d incorrect password attempt"
+msgid_plural "%d incorrect password attempts"
+msgstr[0] "%d błędna próba wprowadzenia hasła"
+msgstr[1] "%d błędne próby wprowadzenia hasła"
+msgstr[2] "%d błędnych prób wprowadzenia hasła"
+
+#: plugins/sudoers/auth/sudo_auth.c:374
+msgid "Authentication methods:"
+msgstr "Metody uwierzytelniania:"
+
+#: plugins/sudoers/bsm_audit.c:60 plugins/sudoers/bsm_audit.c:63
+#: plugins/sudoers/bsm_audit.c:112 plugins/sudoers/bsm_audit.c:116
+#: plugins/sudoers/bsm_audit.c:168 plugins/sudoers/bsm_audit.c:172
+#, c-format
msgid "getaudit: failed"
msgstr "getaudit: niepowodzenie"
-#: plugins/sudoers/bsm_audit.c:91 plugins/sudoers/bsm_audit.c:154
+#: plugins/sudoers/bsm_audit.c:90 plugins/sudoers/bsm_audit.c:153
+#, c-format
msgid "Could not determine audit condition"
msgstr "Nie udało się określić warunku audytowego"
-#: plugins/sudoers/bsm_audit.c:102
+#: plugins/sudoers/bsm_audit.c:101
+#, c-format
msgid "getauid failed"
msgstr "getauid nie powiodło się"
-#: plugins/sudoers/bsm_audit.c:104 plugins/sudoers/bsm_audit.c:163
+#: plugins/sudoers/bsm_audit.c:103 plugins/sudoers/bsm_audit.c:162
+#, c-format
msgid "au_open: failed"
msgstr "au_open: niepowodzenie"
-#: plugins/sudoers/bsm_audit.c:119 plugins/sudoers/bsm_audit.c:175
+#: plugins/sudoers/bsm_audit.c:118 plugins/sudoers/bsm_audit.c:174
+#, c-format
msgid "au_to_subject: failed"
msgstr "au_to_subject: niepowodzenie"
-#: plugins/sudoers/bsm_audit.c:123 plugins/sudoers/bsm_audit.c:179
+#: plugins/sudoers/bsm_audit.c:122 plugins/sudoers/bsm_audit.c:178
+#, c-format
msgid "au_to_exec_args: failed"
msgstr "au_to_exec_args: niepowodzenie"
-#: plugins/sudoers/bsm_audit.c:127 plugins/sudoers/bsm_audit.c:188
+#: plugins/sudoers/bsm_audit.c:126 plugins/sudoers/bsm_audit.c:187
+#, c-format
msgid "au_to_return32: failed"
msgstr "au_to_return32: niepowodzenie"
-#: plugins/sudoers/bsm_audit.c:130 plugins/sudoers/bsm_audit.c:191
+#: plugins/sudoers/bsm_audit.c:129 plugins/sudoers/bsm_audit.c:190
+#, c-format
msgid "unable to commit audit record"
msgstr "nie udało się zatwierdzić rekordu audytowego"
-#: plugins/sudoers/bsm_audit.c:161
+#: plugins/sudoers/bsm_audit.c:160
+#, c-format
msgid "getauid: failed"
msgstr "getauid: niepowodzenie"
-#: plugins/sudoers/bsm_audit.c:184
+#: plugins/sudoers/bsm_audit.c:183
+#, c-format
msgid "au_to_text: failed"
msgstr "au_to_text: niepowodzenie"
msgstr "niestety do uruchomienia %s wymagane jest hasło"
#: plugins/sudoers/check.c:249 plugins/sudoers/iolog.c:172
-#: plugins/sudoers/sudoers.c:992 plugins/sudoers/sudoreplay.c:348
-#: plugins/sudoers/sudoreplay.c:357 plugins/sudoers/sudoreplay.c:703
-#: plugins/sudoers/sudoreplay.c:797 plugins/sudoers/visudo.c:790
+#: plugins/sudoers/sudoers.c:979 plugins/sudoers/sudoreplay.c:353
+#: plugins/sudoers/sudoreplay.c:709 plugins/sudoers/sudoreplay.c:866
+#: plugins/sudoers/visudo.c:815
#, c-format
msgid "unable to open %s"
msgstr "nie udało się otworzyć %s"
msgstr "%s zapisywalny nie tylko dla właściciela (uprawnienia 0%o, powinny być 0700)"
#: plugins/sudoers/check.c:501 plugins/sudoers/check.c:545
-#: plugins/sudoers/check.c:613 plugins/sudoers/sudoers.c:978
-#: plugins/sudoers/visudo.c:320 plugins/sudoers/visudo.c:582
+#: plugins/sudoers/check.c:613 plugins/sudoers/sudoers.c:998
+#: plugins/sudoers/visudo.c:319 plugins/sudoers/visudo.c:581
#, c-format
msgid "unable to stat %s"
msgstr "nie udało się wykonać stat na %s"
msgstr "nie udało się zresetować %s do epoch"
#: plugins/sudoers/check.c:752 plugins/sudoers/check.c:758
-#: plugins/sudoers/sudoers.c:829 plugins/sudoers/sudoers.c:833
+#: plugins/sudoers/sudoers.c:856 plugins/sudoers/sudoers.c:860
#, c-format
msgid "unknown uid: %u"
msgstr "nieznany uid: %u"
-#: plugins/sudoers/check.c:755 plugins/sudoers/sudoers.c:770
-#: plugins/sudoers/sudoers.c:1108 plugins/sudoers/testsudoers.c:218
+#: plugins/sudoers/check.c:755 plugins/sudoers/sudoers.c:797
+#: plugins/sudoers/sudoers.c:1115 plugins/sudoers/testsudoers.c:218
#: plugins/sudoers/testsudoers.c:362
#, c-format
msgid "unknown user: %s"
msgstr "Kiedy ma być wymagane hasło dla pseudopolecenia 'verify': %s"
#: plugins/sudoers/def_data.c:243
-msgid "Preload the dummy exec functions contained in \"_PATH_SUDO_NOEXEC"
-msgstr "Wczytanie pustych funkcji exec zawartych w \"_PATH_SUDO_NOEXEC"
+msgid "Preload the dummy exec functions contained in the sudo_noexec library"
+msgstr "Wczytanie pustych funkcji exec zawartych w bibliotece sudo_noexec"
#: plugins/sudoers/def_data.c:247
msgid "If LDAP directory is up, do we ignore local sudoers file"
msgid "option `%s' does not take a value"
msgstr "opcja `%s' nie przyjmuje wartości"
-#: plugins/sudoers/env.c:258
-#, c-format
-msgid "internal error, sudo_setenv() overflow"
-msgstr "błąd wewnętrzny, przepełnienie sudo_setenv()"
-
-#: plugins/sudoers/env.c:291
+#: plugins/sudoers/env.c:339
#, c-format
msgid "sudo_putenv: corrupted envp, length mismatch"
msgstr "sudo_putenv: uszkodzone envp, niezgodność długości"
-#: plugins/sudoers/env.c:710
+#: plugins/sudoers/env.c:341 plugins/sudoers/env.c:411
+#: plugins/sudoers/toke_util.c:113 plugins/sudoers/toke_util.c:167
+#: plugins/sudoers/toke_util.c:207 toke.l:682 toke.l:812 toke.l:870 toke.l:966
+#, c-format
+msgid "unable to allocate memory"
+msgstr "nie udało się przydzielić pamięci"
+
+#: plugins/sudoers/env.c:366
+#, c-format
+msgid "internal error, sudo_setenv2() overflow"
+msgstr "błąd wewnętrzny, przepełnienie sudo_setenv2()"
+
+#: plugins/sudoers/env.c:410
+#, c-format
+msgid "internal error, sudo_setenv() overflow"
+msgstr "błąd wewnętrzny, przepełnienie sudo_setenv()"
+
+#: plugins/sudoers/env.c:955
#, c-format
msgid "sorry, you are not allowed to set the following environment variables: %s"
msgstr "niestety nie jest dozwolone ustawianie następujących zmiennych środowiskowych: %s"
#: plugins/sudoers/find_path.c:69 plugins/sudoers/find_path.c:108
#: plugins/sudoers/find_path.c:123 plugins/sudoers/iolog.c:125
-#: plugins/sudoers/sudoers.c:923 toke.l:668 toke.l:823
+#: plugins/sudoers/sudoers.c:950 toke.l:678 toke.l:866
#, c-format
msgid "%s: %s"
msgstr "%s: %s"
-#: gram.y:110
-#, c-format
-msgid ">>> %s: %s near line %d <<<"
-msgstr ">>> %s: %s w okolicy linii %d <<<"
-
#: plugins/sudoers/group_plugin.c:91
#, c-format
msgid "%s%s: %s"
msgid "Local IP address and netmask pairs:\n"
msgstr "Pary lokalnych adresów IP i masek:\n"
-#: plugins/sudoers/iolog.c:179 plugins/sudoers/sudoers.c:999
+#: plugins/sudoers/iolog.c:179 plugins/sudoers/sudoers.c:986
#, c-format
msgid "unable to read %s"
msgstr "nie udało się odczytać %s"
msgid "unable to create %s"
msgstr "nie udało się utworzyć %s"
-#: plugins/sudoers/iolog_path.c:256 plugins/sudoers/sudoers.c:362
+#: plugins/sudoers/iolog_path.c:256 plugins/sudoers/sudoers.c:373
#, c-format
msgid "unable to set locale to \"%s\", using \"C\""
msgstr "nie udało się ustawić lokalizacji na \"%s\", użyto \"C\""
-#: plugins/sudoers/ldap.c:374
+#: plugins/sudoers/ldap.c:378
#, c-format
msgid "sudo_ldap_conf_add_ports: port too large"
msgstr "sudo_ldap_conf_add_ports: port zbyt duży"
-#: plugins/sudoers/ldap.c:397
+#: plugins/sudoers/ldap.c:401
#, c-format
msgid "sudo_ldap_conf_add_ports: out of space expanding hostbuf"
msgstr "sudo_ldap_conf_add_ports: brak miejsca podczas rozszerzania hostbuf"
-#: plugins/sudoers/ldap.c:427
+#: plugins/sudoers/ldap.c:431
#, c-format
msgid "unsupported LDAP uri type: %s"
msgstr "nieobsługiwany rodzaj URI LDAP: %s"
-#: plugins/sudoers/ldap.c:456
+#: plugins/sudoers/ldap.c:460
#, c-format
msgid "invalid uri: %s"
msgstr "błędny URI: %s"
-#: plugins/sudoers/ldap.c:462
+#: plugins/sudoers/ldap.c:466
#, c-format
msgid "unable to mix ldap and ldaps URIs"
msgstr "nie można mieszać URI ldap i ldaps"
-#: plugins/sudoers/ldap.c:466
+#: plugins/sudoers/ldap.c:470
#, c-format
msgid "unable to mix ldaps and starttls"
msgstr "nie można mieszać ldaps i starttls"
-#: plugins/sudoers/ldap.c:485
+#: plugins/sudoers/ldap.c:489
#, c-format
msgid "sudo_ldap_parse_uri: out of space building hostbuf"
msgstr "sudo_ldap_parse_uri: brak miejsca podczas konstruowania hostbuf"
-#: plugins/sudoers/ldap.c:550
+#: plugins/sudoers/ldap.c:563
#, c-format
msgid "unable to initialize SSL cert and key db: %s"
msgstr "nie udało się zainicjować bazy certyfikatów i kluczy SSL: %s"
-#: plugins/sudoers/ldap.c:958
+#: plugins/sudoers/ldap.c:566
+#, c-format
+msgid "you must set TLS_CERT in %s to use SSL"
+msgstr "aby używać SSL, trzeba ustawić TLS_CERT w %s"
+
+#: plugins/sudoers/ldap.c:973
#, c-format
msgid "unable to get GMT time"
msgstr "nie udało się pobrać czasu GMT"
-#: plugins/sudoers/ldap.c:964
+#: plugins/sudoers/ldap.c:979
#, c-format
msgid "unable to format timestamp"
msgstr "nie udało się sformatować znacznika czasu"
-#: plugins/sudoers/ldap.c:972
+#: plugins/sudoers/ldap.c:987
#, c-format
msgid "unable to build time filter"
msgstr "nie udało się stworzyć filtra czasu"
-#: plugins/sudoers/ldap.c:1185
+#: plugins/sudoers/ldap.c:1202
#, c-format
msgid "sudo_ldap_build_pass1 allocation mismatch"
msgstr "niezgodność przydzielenia sudo_ldap_build_pass1"
-#: plugins/sudoers/ldap.c:1705
+#: plugins/sudoers/ldap.c:1738
#, c-format
msgid ""
"\n"
"\n"
"Rola LDAP: %s\n"
-#: plugins/sudoers/ldap.c:1707
+#: plugins/sudoers/ldap.c:1740
#, c-format
msgid ""
"\n"
"\n"
"Rola LDAP: NIEZNANA\n"
-#: plugins/sudoers/ldap.c:1754
+#: plugins/sudoers/ldap.c:1787
#, c-format
msgid " Order: %s\n"
msgstr " Porządek: %s\n"
-#: plugins/sudoers/ldap.c:1762
+#: plugins/sudoers/ldap.c:1795
#, c-format
msgid " Commands:\n"
msgstr " Polecenia:\n"
-#: plugins/sudoers/ldap.c:2161
+#: plugins/sudoers/ldap.c:2216
#, c-format
msgid "unable to initialize LDAP: %s"
msgstr "nie udało się zainicjować LDAP: %s"
-#: plugins/sudoers/ldap.c:2192
+#: plugins/sudoers/ldap.c:2250
#, c-format
msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
msgstr "wybrano start_tls, ale biblioteki LDAP nie obsługują ldap_start_tls_s() ani ldap_start_tls_s_np()"
-#: plugins/sudoers/ldap.c:2428
+#: plugins/sudoers/ldap.c:2486
#, c-format
msgid "invalid sudoOrder attribute: %s"
msgstr "błędny atrybut sudoOrder: %s"
msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
msgstr "Niestety użytkownik %s nie ma uprawnień do uruchamiania '%s%s%s' jako %s%s%s na %s.\n"
-#: plugins/sudoers/logging.c:420
+#: plugins/sudoers/logging.c:447
#, c-format
msgid "unable to fork"
msgstr "nie udało się wykonać fork"
-#: plugins/sudoers/logging.c:427 plugins/sudoers/logging.c:489
+#: plugins/sudoers/logging.c:454 plugins/sudoers/logging.c:516
#, c-format
msgid "unable to fork: %m"
msgstr "nie udało się wykonać fork: %m"
-#: plugins/sudoers/logging.c:479
+#: plugins/sudoers/logging.c:506
#, c-format
msgid "unable to open pipe: %m"
msgstr "nie udało się otworzyć potoku: %m"
-#: plugins/sudoers/logging.c:504
+#: plugins/sudoers/logging.c:531
#, c-format
msgid "unable to dup stdin: %m"
msgstr "nie udało się wykonać dup na stdin: %m"
-#: plugins/sudoers/logging.c:540
+#: plugins/sudoers/logging.c:567
#, c-format
msgid "unable to execute %s: %m"
msgstr "nie udało się wywołać %s: %m"
-#: plugins/sudoers/logging.c:755
+#: plugins/sudoers/logging.c:782
#, c-format
msgid "internal error: insufficient space for log line"
msgstr "błąd wewnętrzny: za mało miejsca na linię logu"
msgid "unable to cache user %s, already exists"
msgstr "nie udało się zapamiętać użytkownika %s, już istnieje"
-#: plugins/sudoers/pwutil.c:655
+#: plugins/sudoers/pwutil.c:653
#, c-format
msgid "unable to cache gid %u (%s), already exists"
msgstr "nie udało się zapamiętać gid-a %u (%s), już istnieje"
-#: plugins/sudoers/pwutil.c:663
+#: plugins/sudoers/pwutil.c:661
#, c-format
msgid "unable to cache gid %u, already exists"
msgstr "nie udało się zapamiętać gid-a %u, już istnieje"
-#: plugins/sudoers/pwutil.c:693 plugins/sudoers/pwutil.c:702
+#: plugins/sudoers/pwutil.c:691 plugins/sudoers/pwutil.c:700
#, c-format
msgid "unable to cache group %s, already exists"
msgstr "nie udało się zapamiętać grupy %s, już istnieje"
-#: plugins/sudoers/set_perms.c:114 plugins/sudoers/set_perms.c:365
-#: plugins/sudoers/set_perms.c:601 plugins/sudoers/set_perms.c:837
+#: plugins/sudoers/set_perms.c:122 plugins/sudoers/set_perms.c:436
+#: plugins/sudoers/set_perms.c:828 plugins/sudoers/set_perms.c:1114
+#: plugins/sudoers/set_perms.c:1396
msgid "perm stack overflow"
msgstr "przepełnienie stosu uprawnień"
-#: plugins/sudoers/set_perms.c:122 plugins/sudoers/set_perms.c:373
-#: plugins/sudoers/set_perms.c:609 plugins/sudoers/set_perms.c:845
+#: plugins/sudoers/set_perms.c:130 plugins/sudoers/set_perms.c:444
+#: plugins/sudoers/set_perms.c:836 plugins/sudoers/set_perms.c:1122
+#: plugins/sudoers/set_perms.c:1404
msgid "perm stack underflow"
msgstr "niedopełnienie stosu uprawnień"
-#: plugins/sudoers/set_perms.c:228 plugins/sudoers/set_perms.c:466
-#: plugins/sudoers/set_perms.c:706
+#: plugins/sudoers/set_perms.c:270 plugins/sudoers/set_perms.c:580
+#: plugins/sudoers/set_perms.c:957 plugins/sudoers/set_perms.c:1243
msgid "unable to change to runas gid"
msgstr "nie udało się zmienić na docelowy gid"
-#: plugins/sudoers/set_perms.c:236 plugins/sudoers/set_perms.c:473
-#: plugins/sudoers/set_perms.c:713
+#: plugins/sudoers/set_perms.c:282 plugins/sudoers/set_perms.c:592
+#: plugins/sudoers/set_perms.c:967 plugins/sudoers/set_perms.c:1253
msgid "unable to change to runas uid"
msgstr "nie udało się zmienić na docelowy uid"
-#: plugins/sudoers/set_perms.c:250 plugins/sudoers/set_perms.c:486
-#: plugins/sudoers/set_perms.c:726
-#, c-format
+#: plugins/sudoers/set_perms.c:300 plugins/sudoers/set_perms.c:610
+#: plugins/sudoers/set_perms.c:983 plugins/sudoers/set_perms.c:1269
msgid "unable to change to sudoers gid"
msgstr "nie udało się zmienić na gid sudoers"
-#: plugins/sudoers/set_perms.c:291 plugins/sudoers/set_perms.c:524
-#: plugins/sudoers/set_perms.c:764 plugins/sudoers/set_perms.c:906
+#: plugins/sudoers/set_perms.c:353 plugins/sudoers/set_perms.c:681
+#: plugins/sudoers/set_perms.c:1029 plugins/sudoers/set_perms.c:1315
+#: plugins/sudoers/set_perms.c:1474
msgid "too many processes"
msgstr "zbyt dużo procesów"
-#: plugins/sudoers/set_perms.c:970
+#: plugins/sudoers/set_perms.c:1542
msgid "unable to set runas group vector"
msgstr "nie udało się ustawić wektora grup docelowych"
msgid "User %s is not allowed to run sudo on %s.\n"
msgstr "Użytkownik %s nie ma uprawnień do uruchamiania sudo na %s.\n"
-#: plugins/sudoers/sudoers.c:201 plugins/sudoers/sudoers.c:232
-#: plugins/sudoers/sudoers.c:931
+#: plugins/sudoers/sudoers.c:208 plugins/sudoers/sudoers.c:239
+#: plugins/sudoers/sudoers.c:958
msgid "problem with defaults entries"
msgstr "problem z wpisami domyślnymi"
-#: plugins/sudoers/sudoers.c:205
+#: plugins/sudoers/sudoers.c:212
#, c-format
msgid "no valid sudoers sources found, quitting"
msgstr "nie znaleziono poprawnych źródeł sudoers, zakończenie"
-#: plugins/sudoers/sudoers.c:257
+#: plugins/sudoers/sudoers.c:264
#, c-format
msgid "unable to execute %s: %s"
msgstr "nie udało się wywołać %s: %s"
-#: plugins/sudoers/sudoers.c:311
+#: plugins/sudoers/sudoers.c:322
#, c-format
msgid "sudoers specifies that root is not allowed to sudo"
msgstr "wg sudoers root nie ma prawa używać sudo"
-#: plugins/sudoers/sudoers.c:318
+#: plugins/sudoers/sudoers.c:329
#, c-format
msgid "you are not permitted to use the -C option"
msgstr "brak uprawnień do używania opcji -C"
-#: plugins/sudoers/sudoers.c:408
+#: plugins/sudoers/sudoers.c:422
#, c-format
msgid "timestamp owner (%s): No such user"
msgstr "właściciel znacznika czasu (%s): nie ma takiego użytkownika"
-#: plugins/sudoers/sudoers.c:424
+#: plugins/sudoers/sudoers.c:438
msgid "no tty"
msgstr "brak tty"
-#: plugins/sudoers/sudoers.c:425
+#: plugins/sudoers/sudoers.c:439
#, c-format
msgid "sorry, you must have a tty to run sudo"
msgstr "niestety do uruchomienia sudo konieczny jest tty"
-#: plugins/sudoers/sudoers.c:464
+#: plugins/sudoers/sudoers.c:478
msgid "No user or host"
msgstr "Brak użytkownika lub hosta"
-#: plugins/sudoers/sudoers.c:478 plugins/sudoers/sudoers.c:499
-#: plugins/sudoers/sudoers.c:500 plugins/sudoers/sudoers.c:1509
-#: plugins/sudoers/sudoers.c:1510
+#: plugins/sudoers/sudoers.c:492 plugins/sudoers/sudoers.c:513
+#: plugins/sudoers/sudoers.c:514 plugins/sudoers/sudoers.c:1522
+#: plugins/sudoers/sudoers.c:1523
#, c-format
msgid "%s: command not found"
msgstr "%s: nie znaleziono polecenia"
-#: plugins/sudoers/sudoers.c:480 plugins/sudoers/sudoers.c:496
+#: plugins/sudoers/sudoers.c:494 plugins/sudoers/sudoers.c:510
#, c-format
msgid ""
"ignoring `%s' found in '.'\n"
"zignorowano plik `%s' znaleziony w '.'\n"
"Proszę użyć `sudo ./%s', jeśli to `%s' ma być uruchomiony."
-#: plugins/sudoers/sudoers.c:485
+#: plugins/sudoers/sudoers.c:499
msgid "validation failure"
msgstr "błąd kontroli poprawności"
-#: plugins/sudoers/sudoers.c:495
+#: plugins/sudoers/sudoers.c:509
msgid "command in current directory"
msgstr "polecenie w bieżącym katalogu"
-#: plugins/sudoers/sudoers.c:507
+#: plugins/sudoers/sudoers.c:521
#, c-format
msgid "sorry, you are not allowed to preserve the environment"
msgstr "niestety brak uprawnień do zachowania środowiska"
-#: plugins/sudoers/sudoers.c:657 plugins/sudoers/sudoers.c:664
+#: plugins/sudoers/sudoers.c:681 plugins/sudoers/sudoers.c:688
#, c-format
msgid "internal error, runas_groups overflow"
msgstr "błąd wewnętrzny, przepełnienie runas_groups"
-#: plugins/sudoers/sudoers.c:914
+#: plugins/sudoers/sudoers.c:941
#, c-format
msgid "internal error, set_cmnd() overflow"
msgstr "błąd wewnętrzny, przepełnienie set_cmnd()"
-#: plugins/sudoers/sudoers.c:957
-#, c-format
-msgid "fixed mode on %s"
-msgstr "poprawiono uprawnienia %s"
-
-#: plugins/sudoers/sudoers.c:961
-#, c-format
-msgid "set group on %s"
-msgstr "ustawiono grupę %s"
-
-#: plugins/sudoers/sudoers.c:964
-#, c-format
-msgid "unable to set group on %s"
-msgstr "nie udało się ustawić grupy %s"
-
-#: plugins/sudoers/sudoers.c:967
-#, c-format
-msgid "unable to fix mode on %s"
-msgstr "nie udało się poprawić uprawnień %s"
-
-#: plugins/sudoers/sudoers.c:980
+#: plugins/sudoers/sudoers.c:1001
#, c-format
msgid "%s is not a regular file"
msgstr "%s nie jest zwykłym plikiem"
-#: plugins/sudoers/sudoers.c:982
-#, c-format
-msgid "%s is mode 0%o, should be 0%o"
-msgstr "%s ma uprawnienia 0%o, powinny być 0%o"
-
-#: plugins/sudoers/sudoers.c:986
+#: plugins/sudoers/sudoers.c:1004 toke.l:829
#, c-format
msgid "%s is owned by uid %u, should be %u"
msgstr "właścicielem %s jest uid %u, powinien być %u"
-#: plugins/sudoers/sudoers.c:989
+#: plugins/sudoers/sudoers.c:1008 toke.l:836
+#, c-format
+msgid "%s is world writable"
+msgstr "%s jest zapisywalny dla świata"
+
+#: plugins/sudoers/sudoers.c:1011 toke.l:841
#, c-format
msgid "%s is owned by gid %u, should be %u"
msgstr "właścicielem %s jest gid %u, powinien być %u"
msgid "only root can use `-c %s'"
msgstr "tylko root może używać `-c %s'"
-#: plugins/sudoers/sudoers.c:1049
+#: plugins/sudoers/sudoers.c:1055 plugins/sudoers/sudoers.c:1057
#, c-format
msgid "unknown login class: %s"
msgstr "nieznana klasa logowania: %s"
-#: plugins/sudoers/sudoers.c:1077
+#: plugins/sudoers/sudoers.c:1084
#, c-format
msgid "unable to resolve host %s"
msgstr "nie udało się rozwiązać nazwy hosta %s"
-#: plugins/sudoers/sudoers.c:1129 plugins/sudoers/testsudoers.c:380
+#: plugins/sudoers/sudoers.c:1136 plugins/sudoers/testsudoers.c:380
#, c-format
msgid "unknown group: %s"
msgstr "nieznana grupa: %s"
-#: plugins/sudoers/sudoers.c:1178
+#: plugins/sudoers/sudoers.c:1185
#, c-format
msgid "Sudoers policy plugin version %s\n"
msgstr "Wersja wtyczki polityki sudoers %s\n"
-#: plugins/sudoers/sudoers.c:1180
+#: plugins/sudoers/sudoers.c:1187
#, c-format
msgid "Sudoers file grammar version %d\n"
msgstr "Wersja gramatyki pliku sudoers %d\n"
-#: plugins/sudoers/sudoers.c:1184
+#: plugins/sudoers/sudoers.c:1191
#, c-format
msgid ""
"\n"
"\n"
"Ścieżka do sudoers: %s\n"
-#: plugins/sudoers/sudoers.c:1187
+#: plugins/sudoers/sudoers.c:1194
#, c-format
msgid "nsswitch path: %s\n"
msgstr "ścieżka do nsswitch: %s\n"
-#: plugins/sudoers/sudoers.c:1189
+#: plugins/sudoers/sudoers.c:1196
#, c-format
msgid "ldap.conf path: %s\n"
msgstr "ścieżka do ldap.conf: %s\n"
-#: plugins/sudoers/sudoers.c:1190
+#: plugins/sudoers/sudoers.c:1197
#, c-format
msgid "ldap.secret path: %s\n"
msgstr "ścieżka do ldap.secret: %s\n"
-#: plugins/sudoers/sudoreplay.c:286
+#: plugins/sudoers/sudoreplay.c:291
#, c-format
msgid "invalid filter option: %s"
msgstr "błędna opcja filtra: %s"
-#: plugins/sudoers/sudoreplay.c:299
+#: plugins/sudoers/sudoreplay.c:304
#, c-format
msgid "invalid max wait: %s"
msgstr "błędny maksymalny czas oczekiwania: %s"
-#: plugins/sudoers/sudoreplay.c:305
+#: plugins/sudoers/sudoreplay.c:310
#, c-format
msgid "invalid speed factor: %s"
msgstr "błędny współczynnik szybkości: %s"
-#: plugins/sudoers/sudoreplay.c:308 plugins/sudoers/visudo.c:187
+#: plugins/sudoers/sudoreplay.c:313 plugins/sudoers/visudo.c:187
#, c-format
msgid "%s version %s\n"
msgstr "%s wersja %s\n"
-#: plugins/sudoers/sudoreplay.c:333
+#: plugins/sudoers/sudoreplay.c:338
#, c-format
msgid "%s/%.2s/%.2s/%.2s/timing: %s"
msgstr "%s/%.2s/%.2s/%.2s/czas: %s"
-#: plugins/sudoers/sudoreplay.c:339
+#: plugins/sudoers/sudoreplay.c:344
#, c-format
msgid "%s/%s/timing: %s"
msgstr "%s/%s/czas: %s"
-#: plugins/sudoers/sudoreplay.c:364
+#: plugins/sudoers/sudoreplay.c:362
#, c-format
-msgid "invalid log file %s"
-msgstr "błędny plik logu %s"
+msgid "Replaying sudo session: %s\n"
+msgstr "Odtwarzanie sesji sudo: %s\n"
-#: plugins/sudoers/sudoreplay.c:366
+#: plugins/sudoers/sudoreplay.c:368
#, c-format
-msgid "Replaying sudo session: %s"
-msgstr "Odtwarzanie sesji sudo: %s"
+msgid "Warning: your terminal is too small to properly replay the log.\n"
+msgstr "Uwaga: ten terminal jest za mały, aby właściwie odtworzyć log.\n"
-#: plugins/sudoers/sudoreplay.c:392
+#: plugins/sudoers/sudoreplay.c:369
+#, c-format
+msgid "Log geometry is %d x %d, your terminal's geometry is %d x %d."
+msgstr "Geometria logu to %d x %d, geometria terminala to %d x %d."
+
+#: plugins/sudoers/sudoreplay.c:399
#, c-format
msgid "unable to set tty to raw mode"
msgstr "nie udało się przestawić tty w tryb surowy"
-#: plugins/sudoers/sudoreplay.c:406
+#: plugins/sudoers/sudoreplay.c:412
#, c-format
msgid "invalid timing file line: %s"
msgstr "błędna linia pliku czasu: %s"
-#: plugins/sudoers/sudoreplay.c:448
+#: plugins/sudoers/sudoreplay.c:454
#, c-format
msgid "writing to standard output"
msgstr "zapis na standardowe wyjście"
-#: plugins/sudoers/sudoreplay.c:480
+#: plugins/sudoers/sudoreplay.c:486
#, c-format
msgid "nanosleep: tv_sec %ld, tv_nsec %ld"
msgstr "nanospeep: tv_sec %ld, tv_nsec %ld"
-#: plugins/sudoers/sudoreplay.c:529 plugins/sudoers/sudoreplay.c:554
+#: plugins/sudoers/sudoreplay.c:535 plugins/sudoers/sudoreplay.c:560
#, c-format
msgid "ambiguous expression \"%s\""
msgstr "niejednoznaczne wyrażenie \"%s\""
-#: plugins/sudoers/sudoreplay.c:571
+#: plugins/sudoers/sudoreplay.c:577
#, c-format
msgid "too many parenthesized expressions, max %d"
msgstr "zbyt dużo zagnieżdżonych wyrażeń w nawiasach, maksimum to %d"
-#: plugins/sudoers/sudoreplay.c:582
+#: plugins/sudoers/sudoreplay.c:588
#, c-format
msgid "unmatched ')' in expression"
msgstr "niesparowany ')' w wyrażeniu"
-#: plugins/sudoers/sudoreplay.c:588
+#: plugins/sudoers/sudoreplay.c:594
#, c-format
msgid "unknown search term \"%s\""
msgstr "nieznany warunek wyszukiwania \"%s\""
-#: plugins/sudoers/sudoreplay.c:602
+#: plugins/sudoers/sudoreplay.c:608
#, c-format
msgid "%s requires an argument"
msgstr "%s wymaga argumentu"
-#: plugins/sudoers/sudoreplay.c:606
+#: plugins/sudoers/sudoreplay.c:612
#, c-format
msgid "invalid regular expression: %s"
msgstr "błędne wyrażenie regularne: %s"
-#: plugins/sudoers/sudoreplay.c:612
+#: plugins/sudoers/sudoreplay.c:618
#, c-format
msgid "could not parse date \"%s\""
msgstr "nie udało się przeanalizować daty \"%s\""
-#: plugins/sudoers/sudoreplay.c:625
+#: plugins/sudoers/sudoreplay.c:631
#, c-format
msgid "unmatched '(' in expression"
msgstr "niesparowany '(' w wyrażeniu"
-#: plugins/sudoers/sudoreplay.c:627
+#: plugins/sudoers/sudoreplay.c:633
#, c-format
msgid "illegal trailing \"or\""
msgstr "niedozwolone kończące \"or\""
-#: plugins/sudoers/sudoreplay.c:629
+#: plugins/sudoers/sudoreplay.c:635
#, c-format
msgid "illegal trailing \"!\""
msgstr "niedozwolony kończący \"!\""
-#: plugins/sudoers/sudoreplay.c:851
+#: plugins/sudoers/sudoreplay.c:942
#, c-format
msgid "invalid regex: %s"
msgstr "błędne wyrażenie regularne: %s"
-#: plugins/sudoers/sudoreplay.c:976
+#: plugins/sudoers/sudoreplay.c:1066
#, c-format
msgid "usage: %s [-h] [-d directory] [-m max_wait] [-s speed_factor] ID\n"
msgstr "Składnia: %s [-h] [-d katalog] [-m maks_oczek] [-s wsp_szybkości] ID\n"
-#: plugins/sudoers/sudoreplay.c:979
+#: plugins/sudoers/sudoreplay.c:1069
#, c-format
msgid "usage: %s [-h] [-d directory] -l [search expression]\n"
msgstr "Składnia: %s [-h] [-d katalog] -k [wyrażenie wyszukiwania]\n"
-#: plugins/sudoers/sudoreplay.c:988
+#: plugins/sudoers/sudoreplay.c:1078
#, c-format
msgid ""
"%s - replay sudo session logs\n"
"%s - odtwarzanie logów sesji sudo\n"
"\n"
-#: plugins/sudoers/sudoreplay.c:990
+#: plugins/sudoers/sudoreplay.c:1080
msgid ""
"\n"
"Options:\n"
"\n"
"Polecenie nie znalezione"
-#: toke.l:672 toke.l:802 toke.l:827 toke.l:923 plugins/sudoers/toke_util.c:113
-#: plugins/sudoers/toke_util.c:167 plugins/sudoers/toke_util.c:207
-msgid "unable to allocate memory"
-msgstr "nie udało się przydzielić pamięci"
-
-#: toke.l:795
-msgid "too many levels of includes"
-msgstr "za dużo poziomów include"
-
#: plugins/sudoers/toke_util.c:218
msgid "fill_args: buffer overflow"
msgstr "fill_args: przepełnienie bufora"
msgid "%s grammar version %d\n"
msgstr "%s, wersja gramatyki %d\n"
-#: plugins/sudoers/visudo.c:221 plugins/sudoers/auth/rfc1938.c:104
-#, c-format
-msgid "you do not exist in the %s database"
-msgstr "nie istniejesz w bazie danych %s"
-
-#: plugins/sudoers/visudo.c:253 plugins/sudoers/visudo.c:539
+#: plugins/sudoers/visudo.c:252 plugins/sudoers/visudo.c:538
#, c-format
msgid "press return to edit %s: "
msgstr "wciśnięcie return przejdzie do edycji %s: "
-#: plugins/sudoers/visudo.c:336 plugins/sudoers/visudo.c:342
+#: plugins/sudoers/visudo.c:335 plugins/sudoers/visudo.c:341
#, c-format
msgid "write error"
msgstr "błąd zapisu"
-#: plugins/sudoers/visudo.c:424
+#: plugins/sudoers/visudo.c:423
#, c-format
msgid "unable to stat temporary file (%s), %s unchanged"
msgstr "nie udało się wykonać stat na pliku tymczasowym (%s), %s nie zmieniony"
-#: plugins/sudoers/visudo.c:429
+#: plugins/sudoers/visudo.c:428
#, c-format
msgid "zero length temporary file (%s), %s unchanged"
msgstr "plik tymczasowy (%s) zerowej długości, %s nie zmieniony"
-#: plugins/sudoers/visudo.c:435
+#: plugins/sudoers/visudo.c:434
#, c-format
msgid "editor (%s) failed, %s unchanged"
msgstr "błąd edytora (%s), %s nie zmieniony"
-#: plugins/sudoers/visudo.c:458
+#: plugins/sudoers/visudo.c:457
#, c-format
msgid "%s unchanged"
msgstr "%s nie zmieniony"
-#: plugins/sudoers/visudo.c:484
+#: plugins/sudoers/visudo.c:483
#, c-format
msgid "unable to re-open temporary file (%s), %s unchanged."
msgstr "nie udało się ponownie otworzyć pliku tymczasowego (%s), %s nie zmieniony."
-#: plugins/sudoers/visudo.c:494
+#: plugins/sudoers/visudo.c:493
#, c-format
msgid "unabled to parse temporary file (%s), unknown error"
msgstr "nie udało się przeanalizować pliku tymczasowego (%s), nieznany błąd"
-#: plugins/sudoers/visudo.c:532
+#: plugins/sudoers/visudo.c:531
#, c-format
msgid "internal error, unable to find %s in list!"
msgstr "błąd wewnętrzny, nie znaleziono %s na liście!"
-#: plugins/sudoers/visudo.c:584 plugins/sudoers/visudo.c:593
+#: plugins/sudoers/visudo.c:583 plugins/sudoers/visudo.c:592
#, c-format
msgid "unable to set (uid, gid) of %s to (%u, %u)"
msgstr "nie udało się ustawić (uid, gid) %s na (%u, %u)"
-#: plugins/sudoers/visudo.c:588 plugins/sudoers/visudo.c:598
+#: plugins/sudoers/visudo.c:587 plugins/sudoers/visudo.c:597
#, c-format
msgid "unable to change mode of %s to 0%o"
msgstr "nie udało się zmienić uprawnień %s na 0%o"
-#: plugins/sudoers/visudo.c:615
+#: plugins/sudoers/visudo.c:614
#, c-format
msgid "%s and %s not on the same file system, using mv to rename"
msgstr "%s i %s nie są na tym samym systemie plików, użycie mv do zmiany nazwy"
-#: plugins/sudoers/visudo.c:629
+#: plugins/sudoers/visudo.c:628
#, c-format
msgid "command failed: '%s %s %s', %s unchanged"
msgstr "polecenie nie powiodło się: '%s %s %s', %s nie zmieniony"
-#: plugins/sudoers/visudo.c:639
+#: plugins/sudoers/visudo.c:638
#, c-format
msgid "error renaming %s, %s unchanged"
msgstr "błąd podczas zmiany nazwy %s, %s nie zmieniony"
-#: plugins/sudoers/visudo.c:702
+#: plugins/sudoers/visudo.c:701
msgid "What now? "
msgstr "Co teraz? "
-#: plugins/sudoers/visudo.c:716
+#: plugins/sudoers/visudo.c:715
msgid ""
"Options are:\n"
" (e)dit sudoers file again\n"
" (x) wyjście bez zapisu zmian do pliku sudoers\n"
" (Q) wyjście i zapisanie zmian w pliku sudoers (NIEBEZPIECZNE!)\n"
-#: plugins/sudoers/visudo.c:757
+#: plugins/sudoers/visudo.c:756
#, c-format
msgid "unable to execute %s"
msgstr "nie udało się wywołać %s"
-#: plugins/sudoers/visudo.c:764
+#: plugins/sudoers/visudo.c:763
#, c-format
msgid "unable to run %s"
msgstr "nie udało się uruchomić %s"
+#: plugins/sudoers/visudo.c:789
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr "%s: błędny właściciel, (uid, gid) powinny wynosić (%u, %u)\n"
+
#: plugins/sudoers/visudo.c:796
#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr "%s: błędne uprawnienia, powinny być 0%o\n"
+
+#: plugins/sudoers/visudo.c:821
+#, c-format
msgid "failed to parse %s file, unknown error"
msgstr "nie udało się przeanalizować pliku %s, nieznany błąd"
-#: plugins/sudoers/visudo.c:808
+#: plugins/sudoers/visudo.c:834
#, c-format
msgid "parse error in %s near line %d\n"
msgstr "błąd składni w %s w okolicy linii %d\n"
-#: plugins/sudoers/visudo.c:811
+#: plugins/sudoers/visudo.c:837
#, c-format
msgid "parse error in %s\n"
msgstr "błąd składni w %s\n"
-#: plugins/sudoers/visudo.c:814 plugins/sudoers/visudo.c:816
+#: plugins/sudoers/visudo.c:844 plugins/sudoers/visudo.c:849
#, c-format
msgid "%s: parsed OK\n"
msgstr "%s: składnia poprawna\n"
-#: plugins/sudoers/visudo.c:826
-#, c-format
-msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
-msgstr "%s: błędny właściciel, (uid, gid) powinny wynosić (%u, %u)\n"
-
-#: plugins/sudoers/visudo.c:833
-#, c-format
-msgid "%s: bad permissions, should be mode 0%o\n"
-msgstr "%s: błędne uprawnienia, powinny być 0%o\n"
-
-#: plugins/sudoers/visudo.c:880
+#: plugins/sudoers/visudo.c:896
#, c-format
msgid "%s busy, try again later"
msgstr "%s zajęty, proszę spróbować później"
-#: plugins/sudoers/visudo.c:924
+#: plugins/sudoers/visudo.c:940
#, c-format
msgid "specified editor (%s) doesn't exist"
msgstr "podany edytor (%s) nie istnieje"
-#: plugins/sudoers/visudo.c:947
+#: plugins/sudoers/visudo.c:963
#, c-format
msgid "unable to stat editor (%s)"
msgstr "nie udało się wykonać stat na edytorze (%s)"
-#: plugins/sudoers/visudo.c:995
+#: plugins/sudoers/visudo.c:1011
#, c-format
msgid "no editor found (editor path = %s)"
msgstr "nie znaleziono edytora (ścieżka = %s)"
-#: plugins/sudoers/visudo.c:1089
+#: plugins/sudoers/visudo.c:1105
#, c-format
msgid "Error: cycle in %s_Alias `%s'"
msgstr "Błąd: cykl w %s_Alias `%s'"
-#: plugins/sudoers/visudo.c:1090
+#: plugins/sudoers/visudo.c:1106
#, c-format
msgid "Warning: cycle in %s_Alias `%s'"
msgstr "Uwaga: cykl w %s_Alias `%s'"
-#: plugins/sudoers/visudo.c:1093
+#: plugins/sudoers/visudo.c:1109
#, c-format
msgid "Error: %s_Alias `%s' referenced but not defined"
msgstr "Błąd: %s_Alias `%s' użyty, ale nie zdefiniowany"
-#: plugins/sudoers/visudo.c:1094
+#: plugins/sudoers/visudo.c:1110
#, c-format
msgid "Warning: %s_Alias `%s' referenced but not defined"
msgstr "Uwaga: %s_Alias `%s' użyty, ale nie zdefiniowany"
-#: plugins/sudoers/visudo.c:1229
+#: plugins/sudoers/visudo.c:1245
#, c-format
msgid "%s: unused %s_Alias %s"
msgstr "%s: nie użyty %s_Alias %s"
-#: plugins/sudoers/visudo.c:1286
+#: plugins/sudoers/visudo.c:1301
#, c-format
msgid ""
"%s - safely edit the sudoers file\n"
"%s - bezpieczna edycja pliku sudoers\n"
"\n"
-#: plugins/sudoers/visudo.c:1288
+#: plugins/sudoers/visudo.c:1303
msgid ""
"\n"
"Options:\n"
" -s ścisłe sprawdzanie składni\n"
" -V wyświetlenie informacji o wersji i zakończenie"
-#: plugins/sudoers/auth/bsdauth.c:78
-#, c-format
-msgid "unable to get login class for user %s"
-msgstr "nie udało się uzyskać klasy logowania dla użytkownika %s"
-
-#: plugins/sudoers/auth/bsdauth.c:84
-msgid "unable to begin bsd authentication"
-msgstr "nie udało się rozpocząć uwierzytelnienia BSD"
-
-#: plugins/sudoers/auth/bsdauth.c:92
-msgid "invalid authentication type"
-msgstr "błędny rodzaj uwierzytelnienia"
-
-#: plugins/sudoers/auth/bsdauth.c:101
-msgid "unable to setup authentication"
-msgstr "nie udało się ustawić parametrów uwierzytelnienia"
-
-#: plugins/sudoers/auth/fwtk.c:60
-#, c-format
-msgid "unable to read fwtk config"
-msgstr "nie udało się odczytać konfiguracji fwtk"
-
-#: plugins/sudoers/auth/fwtk.c:65
-#, c-format
-msgid "unable to connect to authentication server"
-msgstr "nie udało się połączyć z serwerem uwierzytelniającym"
-
-#: plugins/sudoers/auth/fwtk.c:71 plugins/sudoers/auth/fwtk.c:95
-#: plugins/sudoers/auth/fwtk.c:128
-#, c-format
-msgid "lost connection to authentication server"
-msgstr "utracono połączenie z serwerem uwierzytelniającym"
-
-#: plugins/sudoers/auth/fwtk.c:75
-#, c-format
-msgid ""
-"authentication server error:\n"
-"%s"
-msgstr ""
-"błąd serwera uwierzytelniającego:\n"
-"%s"
-
-#: plugins/sudoers/auth/kerb5.c:117
-#, c-format
-msgid "%s: unable to unparse princ ('%s'): %s"
-msgstr "%s: nie udało się złożyć princ ('%s'): %s"
-
-#: plugins/sudoers/auth/kerb5.c:160
-#, c-format
-msgid "%s: unable to parse '%s': %s"
-msgstr "%s: nie udało się przeanalizować '%s': %s"
-
-#: plugins/sudoers/auth/kerb5.c:170
-#, c-format
-msgid "%s: unable to resolve ccache: %s"
-msgstr "%s: nie udało się rozwiązać ccache: %s"
-
-#: plugins/sudoers/auth/kerb5.c:218
-#, c-format
-msgid "%s: unable to allocate options: %s"
-msgstr "%s: nie udało się przydzielić opcji: %s"
-
-#: plugins/sudoers/auth/kerb5.c:234
-#, c-format
-msgid "%s: unable to get credentials: %s"
-msgstr "%s: nie udało się pobrać danych uwierzytelniających: %s"
-
-#: plugins/sudoers/auth/kerb5.c:247
-#, c-format
-msgid "%s: unable to initialize ccache: %s"
-msgstr "%s: nie udało się zainicjować ccache: %s"
-
-#: plugins/sudoers/auth/kerb5.c:251
-#, c-format
-msgid "%s: unable to store cred in ccache: %s"
-msgstr "%s: nie udało się zapisać danych uwierzytelniających w ccache: %s"
-
-#: plugins/sudoers/auth/kerb5.c:316
-#, c-format
-msgid "%s: unable to get host principal: %s"
-msgstr "%s: nie udało się pobrać głównego hosta: %s"
-
-#: plugins/sudoers/auth/kerb5.c:331
-#, c-format
-msgid "%s: Cannot verify TGT! Possible attack!: %s"
-msgstr "%s: Nie można zweryfikować TGT! Możliwy atak!: %s"
-
-#: plugins/sudoers/auth/pam.c:100
-msgid "unable to initialize PAM"
-msgstr "nie udało się zainicjować PAM"
-
-#: plugins/sudoers/auth/pam.c:144
-msgid "account validation failure, is your account locked?"
-msgstr "błąd kontroli poprawności konta - konto zablokowane?"
-
-#: plugins/sudoers/auth/pam.c:148
-msgid "Account or password is expired, reset your password and try again"
-msgstr "Konto lub hasło wygasło, należy ustawić ponownie hasło i spróbować jeszcze raz"
-
-#: plugins/sudoers/auth/pam.c:155
-#, c-format
-msgid "pam_chauthtok: %s"
-msgstr "pam_chauthtok: %s"
-
-#: plugins/sudoers/auth/pam.c:159
-msgid "Password expired, contact your system administrator"
-msgstr "Hasło wygasło, proszę skontaktować się z administratorem systemu"
-
-#: plugins/sudoers/auth/pam.c:163
-msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
-msgstr "Konto wygasło lub w konfiguracji PAM brak sekcji \"account\" dla sudo, proszę skontaktować się z administratorem systemu"
-
-#: plugins/sudoers/auth/pam.c:178
-#, c-format
-msgid "pam_authenticate: %s"
-msgstr "pam_authenticate: %s"
-
-#: plugins/sudoers/auth/pam.c:306
-msgid "Password: "
-msgstr "Hasło: "
-
-#: plugins/sudoers/auth/pam.c:307
-msgid "Password:"
-msgstr "Hasło:"
-
-#: plugins/sudoers/auth/securid5.c:81
-#, c-format
-msgid "failed to initialise the ACE API library"
-msgstr "nie udało się zainicjować biblioteki ACE API"
-
-#: plugins/sudoers/auth/securid5.c:107
-#, c-format
-msgid "unable to contact the SecurID server"
-msgstr "nie udało się połączyć z serwerem SecurID"
-
-#: plugins/sudoers/auth/securid5.c:116
-#, c-format
-msgid "User ID locked for SecurID Authentication"
-msgstr "ID użytkownika zablokowany dla uwierzytelnienia SecurID"
-
-#: plugins/sudoers/auth/securid5.c:120 plugins/sudoers/auth/securid5.c:171
-#, c-format
-msgid "invalid username length for SecurID"
-msgstr "błędna długość nazwy użytkownika dla SecurID"
-
-#: plugins/sudoers/auth/securid5.c:124 plugins/sudoers/auth/securid5.c:176
-#, c-format
-msgid "invalid Authentication Handle for SecurID"
-msgstr "błędny uchwyt uwierzytelnienia dla SecurID"
-
-#: plugins/sudoers/auth/securid5.c:128
-#, c-format
-msgid "SecurID communication failed"
-msgstr "błąd komunikacji SecurID"
-
-#: plugins/sudoers/auth/securid5.c:132 plugins/sudoers/auth/securid5.c:215
-#, c-format
-msgid "unknown SecurID error"
-msgstr "nieznany błąd SecurID"
-
-#: plugins/sudoers/auth/securid5.c:166
-#, c-format
-msgid "invalid passcode length for SecurID"
-msgstr "błędna długość hasła dla SecurID"
-
-#: plugins/sudoers/auth/sia.c:109
-msgid "unable to initialize SIA session"
-msgstr "nie udało się zainicjować sesji SIA"
-
-#: plugins/sudoers/auth/sudo_auth.c:117
-msgid "Invalid authentication methods compiled into sudo! You may mix standalone and non-standalone authentication."
-msgstr "W sudo wkompilowano błędne metody uwierzytelniania! Można mieszać samodzielne i niesamodzielne sposoby uwierzytelniania."
-
-#: plugins/sudoers/auth/sudo_auth.c:199
-msgid "There are no authentication methods compiled into sudo! If you want to turn off authentication, use the --disable-authentication configure option."
-msgstr "W sudo nie wkompilowano żadnych metod uwierzytelniania! Aby wyłączyć uwierzytelnianie, proszę użyć opcji konfiguracyjnej --disable-authentication."
-
-#: plugins/sudoers/auth/sudo_auth.c:271
-#, c-format
-msgid "%d incorrect password attempt"
-msgid_plural "%d incorrect password attempts"
-msgstr[0] "%d błędna próba wprowadzenia hasła"
-msgstr[1] "%d błędne próby wprowadzenia hasła"
-msgstr[2] "%d błędnych prób wprowadzenia hasła"
-
-#: plugins/sudoers/auth/sudo_auth.c:374
-msgid "Authentication methods:"
-msgstr "Metody uwierzytelniania:"
+#: toke.l:805
+msgid "too many levels of includes"
+msgstr "za dużo poziomów include"
#, fuzzy
msgid ""
msgstr ""
-"Project-Id-Version: sudo 1.8.4\n"
+"Project-Id-Version: sudo 1.8.5\n"
"Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n"
-"POT-Creation-Date: 2012-02-06 15:48-0500\n"
+"POT-Creation-Date: 2012-04-24 13:41-0400\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=INTEGER; plural=EXPRESSION;\n"
+#: gram.y:110
+#, c-format
+msgid ">>> %s: %s near line %d <<<"
+msgstr ""
+
#: plugins/sudoers/alias.c:125
#, c-format
msgid "Alias `%s' already defined"
msgstr ""
-#: plugins/sudoers/bsm_audit.c:61 plugins/sudoers/bsm_audit.c:64
-#: plugins/sudoers/bsm_audit.c:113 plugins/sudoers/bsm_audit.c:117
-#: plugins/sudoers/bsm_audit.c:169 plugins/sudoers/bsm_audit.c:173
+#: plugins/sudoers/auth/bsdauth.c:78
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr ""
+
+#: plugins/sudoers/auth/bsdauth.c:84
+msgid "unable to begin bsd authentication"
+msgstr ""
+
+#: plugins/sudoers/auth/bsdauth.c:92
+msgid "invalid authentication type"
+msgstr ""
+
+#: plugins/sudoers/auth/bsdauth.c:101
+msgid "unable to setup authentication"
+msgstr ""
+
+#: plugins/sudoers/auth/fwtk.c:60
+#, c-format
+msgid "unable to read fwtk config"
+msgstr ""
+
+#: plugins/sudoers/auth/fwtk.c:65
+#, c-format
+msgid "unable to connect to authentication server"
+msgstr ""
+
+#: plugins/sudoers/auth/fwtk.c:71 plugins/sudoers/auth/fwtk.c:95
+#: plugins/sudoers/auth/fwtk.c:128
+#, c-format
+msgid "lost connection to authentication server"
+msgstr ""
+
+#: plugins/sudoers/auth/fwtk.c:75
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:117
+#, c-format
+msgid "%s: unable to unparse princ ('%s'): %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:160
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:170
+#, c-format
+msgid "%s: unable to resolve ccache: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:218
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:234
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:247
+#, c-format
+msgid "%s: unable to initialize ccache: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:251
+#, c-format
+msgid "%s: unable to store cred in ccache: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:316
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:331
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:100
+msgid "unable to initialize PAM"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:144
+msgid "account validation failure, is your account locked?"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:148
+msgid "Account or password is expired, reset your password and try again"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:155
+#, c-format
+msgid "pam_chauthtok: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:159
+msgid "Password expired, contact your system administrator"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:163
+msgid ""
+"Account expired or PAM config lacks an \"account\" section for sudo, contact "
+"your system administrator"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:180
+#, c-format
+msgid "pam_authenticate: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:332
+msgid "Password: "
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:333
+msgid "Password:"
+msgstr ""
+
+#: plugins/sudoers/auth/rfc1938.c:104 plugins/sudoers/visudo.c:220
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:81
+#, c-format
+msgid "failed to initialise the ACE API library"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:107
+#, c-format
+msgid "unable to contact the SecurID server"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:116
+#, c-format
+msgid "User ID locked for SecurID Authentication"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:120 plugins/sudoers/auth/securid5.c:171
+#, c-format
+msgid "invalid username length for SecurID"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:124 plugins/sudoers/auth/securid5.c:176
+#, c-format
+msgid "invalid Authentication Handle for SecurID"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:128
+#, c-format
+msgid "SecurID communication failed"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:132 plugins/sudoers/auth/securid5.c:215
+#, c-format
+msgid "unknown SecurID error"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:166
+#, c-format
+msgid "invalid passcode length for SecurID"
+msgstr ""
+
+#: plugins/sudoers/auth/sia.c:109
+msgid "unable to initialize SIA session"
+msgstr ""
+
+#: plugins/sudoers/auth/sudo_auth.c:117
+msgid ""
+"Invalid authentication methods compiled into sudo! You may mix standalone "
+"and non-standalone authentication."
+msgstr ""
+
+#: plugins/sudoers/auth/sudo_auth.c:199
+msgid ""
+"There are no authentication methods compiled into sudo! If you want to turn "
+"off authentication, use the --disable-authentication configure option."
+msgstr ""
+
+#: plugins/sudoers/auth/sudo_auth.c:271
+#, c-format
+msgid "%d incorrect password attempt"
+msgid_plural "%d incorrect password attempts"
+msgstr[0] ""
+msgstr[1] ""
+
+#: plugins/sudoers/auth/sudo_auth.c:374
+msgid "Authentication methods:"
+msgstr ""
+
+#: plugins/sudoers/bsm_audit.c:60 plugins/sudoers/bsm_audit.c:63
+#: plugins/sudoers/bsm_audit.c:112 plugins/sudoers/bsm_audit.c:116
+#: plugins/sudoers/bsm_audit.c:168 plugins/sudoers/bsm_audit.c:172
+#, c-format
msgid "getaudit: failed"
msgstr ""
-#: plugins/sudoers/bsm_audit.c:91 plugins/sudoers/bsm_audit.c:154
+#: plugins/sudoers/bsm_audit.c:90 plugins/sudoers/bsm_audit.c:153
+#, c-format
msgid "Could not determine audit condition"
msgstr ""
-#: plugins/sudoers/bsm_audit.c:102
+#: plugins/sudoers/bsm_audit.c:101
+#, c-format
msgid "getauid failed"
msgstr ""
-#: plugins/sudoers/bsm_audit.c:104 plugins/sudoers/bsm_audit.c:163
+#: plugins/sudoers/bsm_audit.c:103 plugins/sudoers/bsm_audit.c:162
+#, c-format
msgid "au_open: failed"
msgstr ""
-#: plugins/sudoers/bsm_audit.c:119 plugins/sudoers/bsm_audit.c:175
+#: plugins/sudoers/bsm_audit.c:118 plugins/sudoers/bsm_audit.c:174
+#, c-format
msgid "au_to_subject: failed"
msgstr ""
-#: plugins/sudoers/bsm_audit.c:123 plugins/sudoers/bsm_audit.c:179
+#: plugins/sudoers/bsm_audit.c:122 plugins/sudoers/bsm_audit.c:178
+#, c-format
msgid "au_to_exec_args: failed"
msgstr ""
-#: plugins/sudoers/bsm_audit.c:127 plugins/sudoers/bsm_audit.c:188
+#: plugins/sudoers/bsm_audit.c:126 plugins/sudoers/bsm_audit.c:187
+#, c-format
msgid "au_to_return32: failed"
msgstr ""
-#: plugins/sudoers/bsm_audit.c:130 plugins/sudoers/bsm_audit.c:191
+#: plugins/sudoers/bsm_audit.c:129 plugins/sudoers/bsm_audit.c:190
+#, c-format
msgid "unable to commit audit record"
msgstr ""
-#: plugins/sudoers/bsm_audit.c:161
+#: plugins/sudoers/bsm_audit.c:160
+#, c-format
msgid "getauid: failed"
msgstr ""
-#: plugins/sudoers/bsm_audit.c:184
+#: plugins/sudoers/bsm_audit.c:183
+#, c-format
msgid "au_to_text: failed"
msgstr ""
msgstr ""
#: plugins/sudoers/check.c:249 plugins/sudoers/iolog.c:172
-#: plugins/sudoers/sudoers.c:992 plugins/sudoers/sudoreplay.c:348
-#: plugins/sudoers/sudoreplay.c:357 plugins/sudoers/sudoreplay.c:703
-#: plugins/sudoers/sudoreplay.c:797 plugins/sudoers/visudo.c:790
+#: plugins/sudoers/sudoers.c:979 plugins/sudoers/sudoreplay.c:353
+#: plugins/sudoers/sudoreplay.c:709 plugins/sudoers/sudoreplay.c:866
+#: plugins/sudoers/visudo.c:815
#, c-format
msgid "unable to open %s"
msgstr ""
msgstr ""
#: plugins/sudoers/check.c:501 plugins/sudoers/check.c:545
-#: plugins/sudoers/check.c:613 plugins/sudoers/sudoers.c:978
-#: plugins/sudoers/visudo.c:320 plugins/sudoers/visudo.c:582
+#: plugins/sudoers/check.c:613 plugins/sudoers/sudoers.c:998
+#: plugins/sudoers/visudo.c:319 plugins/sudoers/visudo.c:581
#, c-format
msgid "unable to stat %s"
msgstr ""
msgstr ""
#: plugins/sudoers/check.c:752 plugins/sudoers/check.c:758
-#: plugins/sudoers/sudoers.c:829 plugins/sudoers/sudoers.c:833
+#: plugins/sudoers/sudoers.c:856 plugins/sudoers/sudoers.c:860
#, c-format
msgid "unknown uid: %u"
msgstr ""
-#: plugins/sudoers/check.c:755 plugins/sudoers/sudoers.c:770
-#: plugins/sudoers/sudoers.c:1108 plugins/sudoers/testsudoers.c:218
+#: plugins/sudoers/check.c:755 plugins/sudoers/sudoers.c:797
+#: plugins/sudoers/sudoers.c:1115 plugins/sudoers/testsudoers.c:218
#: plugins/sudoers/testsudoers.c:362
#, c-format
msgid "unknown user: %s"
msgstr ""
#: plugins/sudoers/def_data.c:243
-msgid "Preload the dummy exec functions contained in \"_PATH_SUDO_NOEXEC"
+msgid "Preload the dummy exec functions contained in the sudo_noexec library"
msgstr ""
#: plugins/sudoers/def_data.c:247
msgid "option `%s' does not take a value"
msgstr ""
-#: plugins/sudoers/env.c:258
+#: plugins/sudoers/env.c:339
#, c-format
-msgid "internal error, sudo_setenv() overflow"
+msgid "sudo_putenv: corrupted envp, length mismatch"
msgstr ""
-#: plugins/sudoers/env.c:291
+#: plugins/sudoers/env.c:341 plugins/sudoers/env.c:411
+#: plugins/sudoers/toke_util.c:113 plugins/sudoers/toke_util.c:167
+#: plugins/sudoers/toke_util.c:207 toke.l:682 toke.l:812 toke.l:870 toke.l:966
#, c-format
-msgid "sudo_putenv: corrupted envp, length mismatch"
+msgid "unable to allocate memory"
+msgstr ""
+
+#: plugins/sudoers/env.c:366
+#, c-format
+msgid "internal error, sudo_setenv2() overflow"
+msgstr ""
+
+#: plugins/sudoers/env.c:410
+#, c-format
+msgid "internal error, sudo_setenv() overflow"
msgstr ""
-#: plugins/sudoers/env.c:710
+#: plugins/sudoers/env.c:955
#, c-format
msgid ""
"sorry, you are not allowed to set the following environment variables: %s"
#: plugins/sudoers/find_path.c:69 plugins/sudoers/find_path.c:108
#: plugins/sudoers/find_path.c:123 plugins/sudoers/iolog.c:125
-#: plugins/sudoers/sudoers.c:923 toke.l:668 toke.l:823
+#: plugins/sudoers/sudoers.c:950 toke.l:678 toke.l:866
#, c-format
msgid "%s: %s"
msgstr ""
-#: gram.y:110
-#, c-format
-msgid ">>> %s: %s near line %d <<<"
-msgstr ""
-
#: plugins/sudoers/group_plugin.c:91
#, c-format
msgid "%s%s: %s"
msgid "Local IP address and netmask pairs:\n"
msgstr ""
-#: plugins/sudoers/iolog.c:179 plugins/sudoers/sudoers.c:999
+#: plugins/sudoers/iolog.c:179 plugins/sudoers/sudoers.c:986
#, c-format
msgid "unable to read %s"
msgstr ""
msgid "unable to create %s"
msgstr ""
-#: plugins/sudoers/iolog_path.c:256 plugins/sudoers/sudoers.c:362
+#: plugins/sudoers/iolog_path.c:256 plugins/sudoers/sudoers.c:373
#, c-format
msgid "unable to set locale to \"%s\", using \"C\""
msgstr ""
-#: plugins/sudoers/ldap.c:374
+#: plugins/sudoers/ldap.c:378
#, c-format
msgid "sudo_ldap_conf_add_ports: port too large"
msgstr ""
-#: plugins/sudoers/ldap.c:397
+#: plugins/sudoers/ldap.c:401
#, c-format
msgid "sudo_ldap_conf_add_ports: out of space expanding hostbuf"
msgstr ""
-#: plugins/sudoers/ldap.c:427
+#: plugins/sudoers/ldap.c:431
#, c-format
msgid "unsupported LDAP uri type: %s"
msgstr ""
-#: plugins/sudoers/ldap.c:456
+#: plugins/sudoers/ldap.c:460
#, c-format
msgid "invalid uri: %s"
msgstr ""
-#: plugins/sudoers/ldap.c:462
+#: plugins/sudoers/ldap.c:466
#, c-format
msgid "unable to mix ldap and ldaps URIs"
msgstr ""
-#: plugins/sudoers/ldap.c:466
+#: plugins/sudoers/ldap.c:470
#, c-format
msgid "unable to mix ldaps and starttls"
msgstr ""
-#: plugins/sudoers/ldap.c:485
+#: plugins/sudoers/ldap.c:489
#, c-format
msgid "sudo_ldap_parse_uri: out of space building hostbuf"
msgstr ""
-#: plugins/sudoers/ldap.c:550
+#: plugins/sudoers/ldap.c:563
#, c-format
msgid "unable to initialize SSL cert and key db: %s"
msgstr ""
-#: plugins/sudoers/ldap.c:958
+#: plugins/sudoers/ldap.c:566
+#, c-format
+msgid "you must set TLS_CERT in %s to use SSL"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:973
#, c-format
msgid "unable to get GMT time"
msgstr ""
-#: plugins/sudoers/ldap.c:964
+#: plugins/sudoers/ldap.c:979
#, c-format
msgid "unable to format timestamp"
msgstr ""
-#: plugins/sudoers/ldap.c:972
+#: plugins/sudoers/ldap.c:987
#, c-format
msgid "unable to build time filter"
msgstr ""
-#: plugins/sudoers/ldap.c:1185
+#: plugins/sudoers/ldap.c:1202
#, c-format
msgid "sudo_ldap_build_pass1 allocation mismatch"
msgstr ""
-#: plugins/sudoers/ldap.c:1705
+#: plugins/sudoers/ldap.c:1738
#, c-format
msgid ""
"\n"
"LDAP Role: %s\n"
msgstr ""
-#: plugins/sudoers/ldap.c:1707
+#: plugins/sudoers/ldap.c:1740
#, c-format
msgid ""
"\n"
"LDAP Role: UNKNOWN\n"
msgstr ""
-#: plugins/sudoers/ldap.c:1754
+#: plugins/sudoers/ldap.c:1787
#, c-format
msgid " Order: %s\n"
msgstr ""
-#: plugins/sudoers/ldap.c:1762
+#: plugins/sudoers/ldap.c:1795
#, c-format
msgid " Commands:\n"
msgstr ""
-#: plugins/sudoers/ldap.c:2161
+#: plugins/sudoers/ldap.c:2216
#, c-format
msgid "unable to initialize LDAP: %s"
msgstr ""
-#: plugins/sudoers/ldap.c:2192
+#: plugins/sudoers/ldap.c:2250
#, c-format
msgid ""
"start_tls specified but LDAP libs do not support ldap_start_tls_s() or "
"ldap_start_tls_s_np()"
msgstr ""
-#: plugins/sudoers/ldap.c:2428
+#: plugins/sudoers/ldap.c:2486
#, c-format
msgid "invalid sudoOrder attribute: %s"
msgstr ""
msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
msgstr ""
-#: plugins/sudoers/logging.c:420
+#: plugins/sudoers/logging.c:447
#, c-format
msgid "unable to fork"
msgstr ""
-#: plugins/sudoers/logging.c:427 plugins/sudoers/logging.c:489
+#: plugins/sudoers/logging.c:454 plugins/sudoers/logging.c:516
#, c-format
msgid "unable to fork: %m"
msgstr ""
-#: plugins/sudoers/logging.c:479
+#: plugins/sudoers/logging.c:506
#, c-format
msgid "unable to open pipe: %m"
msgstr ""
-#: plugins/sudoers/logging.c:504
+#: plugins/sudoers/logging.c:531
#, c-format
msgid "unable to dup stdin: %m"
msgstr ""
-#: plugins/sudoers/logging.c:540
+#: plugins/sudoers/logging.c:567
#, c-format
msgid "unable to execute %s: %m"
msgstr ""
-#: plugins/sudoers/logging.c:755
+#: plugins/sudoers/logging.c:782
#, c-format
msgid "internal error: insufficient space for log line"
msgstr ""
msgid "unable to cache user %s, already exists"
msgstr ""
-#: plugins/sudoers/pwutil.c:655
+#: plugins/sudoers/pwutil.c:653
#, c-format
msgid "unable to cache gid %u (%s), already exists"
msgstr ""
-#: plugins/sudoers/pwutil.c:663
+#: plugins/sudoers/pwutil.c:661
#, c-format
msgid "unable to cache gid %u, already exists"
msgstr ""
-#: plugins/sudoers/pwutil.c:693 plugins/sudoers/pwutil.c:702
+#: plugins/sudoers/pwutil.c:691 plugins/sudoers/pwutil.c:700
#, c-format
msgid "unable to cache group %s, already exists"
msgstr ""
-#: plugins/sudoers/set_perms.c:114 plugins/sudoers/set_perms.c:365
-#: plugins/sudoers/set_perms.c:601 plugins/sudoers/set_perms.c:837
+#: plugins/sudoers/set_perms.c:122 plugins/sudoers/set_perms.c:436
+#: plugins/sudoers/set_perms.c:828 plugins/sudoers/set_perms.c:1114
+#: plugins/sudoers/set_perms.c:1396
msgid "perm stack overflow"
msgstr ""
-#: plugins/sudoers/set_perms.c:122 plugins/sudoers/set_perms.c:373
-#: plugins/sudoers/set_perms.c:609 plugins/sudoers/set_perms.c:845
+#: plugins/sudoers/set_perms.c:130 plugins/sudoers/set_perms.c:444
+#: plugins/sudoers/set_perms.c:836 plugins/sudoers/set_perms.c:1122
+#: plugins/sudoers/set_perms.c:1404
msgid "perm stack underflow"
msgstr ""
-#: plugins/sudoers/set_perms.c:228 plugins/sudoers/set_perms.c:466
-#: plugins/sudoers/set_perms.c:706
+#: plugins/sudoers/set_perms.c:270 plugins/sudoers/set_perms.c:580
+#: plugins/sudoers/set_perms.c:957 plugins/sudoers/set_perms.c:1243
msgid "unable to change to runas gid"
msgstr ""
-#: plugins/sudoers/set_perms.c:236 plugins/sudoers/set_perms.c:473
-#: plugins/sudoers/set_perms.c:713
+#: plugins/sudoers/set_perms.c:282 plugins/sudoers/set_perms.c:592
+#: plugins/sudoers/set_perms.c:967 plugins/sudoers/set_perms.c:1253
msgid "unable to change to runas uid"
msgstr ""
-#: plugins/sudoers/set_perms.c:250 plugins/sudoers/set_perms.c:486
-#: plugins/sudoers/set_perms.c:726
-#, c-format
+#: plugins/sudoers/set_perms.c:300 plugins/sudoers/set_perms.c:610
+#: plugins/sudoers/set_perms.c:983 plugins/sudoers/set_perms.c:1269
msgid "unable to change to sudoers gid"
msgstr ""
-#: plugins/sudoers/set_perms.c:291 plugins/sudoers/set_perms.c:524
-#: plugins/sudoers/set_perms.c:764 plugins/sudoers/set_perms.c:906
+#: plugins/sudoers/set_perms.c:353 plugins/sudoers/set_perms.c:681
+#: plugins/sudoers/set_perms.c:1029 plugins/sudoers/set_perms.c:1315
+#: plugins/sudoers/set_perms.c:1474
msgid "too many processes"
msgstr ""
-#: plugins/sudoers/set_perms.c:970
+#: plugins/sudoers/set_perms.c:1542
msgid "unable to set runas group vector"
msgstr ""
msgid "User %s is not allowed to run sudo on %s.\n"
msgstr ""
-#: plugins/sudoers/sudoers.c:201 plugins/sudoers/sudoers.c:232
-#: plugins/sudoers/sudoers.c:931
+#: plugins/sudoers/sudoers.c:208 plugins/sudoers/sudoers.c:239
+#: plugins/sudoers/sudoers.c:958
msgid "problem with defaults entries"
msgstr ""
-#: plugins/sudoers/sudoers.c:205
+#: plugins/sudoers/sudoers.c:212
#, c-format
msgid "no valid sudoers sources found, quitting"
msgstr ""
-#: plugins/sudoers/sudoers.c:257
+#: plugins/sudoers/sudoers.c:264
#, c-format
msgid "unable to execute %s: %s"
msgstr ""
-#: plugins/sudoers/sudoers.c:311
+#: plugins/sudoers/sudoers.c:322
#, c-format
msgid "sudoers specifies that root is not allowed to sudo"
msgstr ""
-#: plugins/sudoers/sudoers.c:318
+#: plugins/sudoers/sudoers.c:329
#, c-format
msgid "you are not permitted to use the -C option"
msgstr ""
-#: plugins/sudoers/sudoers.c:408
+#: plugins/sudoers/sudoers.c:422
#, c-format
msgid "timestamp owner (%s): No such user"
msgstr ""
-#: plugins/sudoers/sudoers.c:424
+#: plugins/sudoers/sudoers.c:438
msgid "no tty"
msgstr ""
-#: plugins/sudoers/sudoers.c:425
+#: plugins/sudoers/sudoers.c:439
#, c-format
msgid "sorry, you must have a tty to run sudo"
msgstr ""
-#: plugins/sudoers/sudoers.c:464
+#: plugins/sudoers/sudoers.c:478
msgid "No user or host"
msgstr ""
-#: plugins/sudoers/sudoers.c:478 plugins/sudoers/sudoers.c:499
-#: plugins/sudoers/sudoers.c:500 plugins/sudoers/sudoers.c:1509
-#: plugins/sudoers/sudoers.c:1510
+#: plugins/sudoers/sudoers.c:492 plugins/sudoers/sudoers.c:513
+#: plugins/sudoers/sudoers.c:514 plugins/sudoers/sudoers.c:1522
+#: plugins/sudoers/sudoers.c:1523
#, c-format
msgid "%s: command not found"
msgstr ""
-#: plugins/sudoers/sudoers.c:480 plugins/sudoers/sudoers.c:496
+#: plugins/sudoers/sudoers.c:494 plugins/sudoers/sudoers.c:510
#, c-format
msgid ""
"ignoring `%s' found in '.'\n"
"Use `sudo ./%s' if this is the `%s' you wish to run."
msgstr ""
-#: plugins/sudoers/sudoers.c:485
+#: plugins/sudoers/sudoers.c:499
msgid "validation failure"
msgstr ""
-#: plugins/sudoers/sudoers.c:495
+#: plugins/sudoers/sudoers.c:509
msgid "command in current directory"
msgstr ""
-#: plugins/sudoers/sudoers.c:507
+#: plugins/sudoers/sudoers.c:521
#, c-format
msgid "sorry, you are not allowed to preserve the environment"
msgstr ""
-#: plugins/sudoers/sudoers.c:657 plugins/sudoers/sudoers.c:664
+#: plugins/sudoers/sudoers.c:681 plugins/sudoers/sudoers.c:688
#, c-format
msgid "internal error, runas_groups overflow"
msgstr ""
-#: plugins/sudoers/sudoers.c:914
+#: plugins/sudoers/sudoers.c:941
#, c-format
msgid "internal error, set_cmnd() overflow"
msgstr ""
-#: plugins/sudoers/sudoers.c:957
-#, c-format
-msgid "fixed mode on %s"
-msgstr ""
-
-#: plugins/sudoers/sudoers.c:961
-#, c-format
-msgid "set group on %s"
-msgstr ""
-
-#: plugins/sudoers/sudoers.c:964
-#, c-format
-msgid "unable to set group on %s"
-msgstr ""
-
-#: plugins/sudoers/sudoers.c:967
-#, c-format
-msgid "unable to fix mode on %s"
-msgstr ""
-
-#: plugins/sudoers/sudoers.c:980
+#: plugins/sudoers/sudoers.c:1001
#, c-format
msgid "%s is not a regular file"
msgstr ""
-#: plugins/sudoers/sudoers.c:982
+#: plugins/sudoers/sudoers.c:1004 toke.l:829
#, c-format
-msgid "%s is mode 0%o, should be 0%o"
+msgid "%s is owned by uid %u, should be %u"
msgstr ""
-#: plugins/sudoers/sudoers.c:986
+#: plugins/sudoers/sudoers.c:1008 toke.l:836
#, c-format
-msgid "%s is owned by uid %u, should be %u"
+msgid "%s is world writable"
msgstr ""
-#: plugins/sudoers/sudoers.c:989
+#: plugins/sudoers/sudoers.c:1011 toke.l:841
#, c-format
msgid "%s is owned by gid %u, should be %u"
msgstr ""
msgid "only root can use `-c %s'"
msgstr ""
-#: plugins/sudoers/sudoers.c:1049
+#: plugins/sudoers/sudoers.c:1055 plugins/sudoers/sudoers.c:1057
#, c-format
msgid "unknown login class: %s"
msgstr ""
-#: plugins/sudoers/sudoers.c:1077
+#: plugins/sudoers/sudoers.c:1084
#, c-format
msgid "unable to resolve host %s"
msgstr ""
-#: plugins/sudoers/sudoers.c:1129 plugins/sudoers/testsudoers.c:380
+#: plugins/sudoers/sudoers.c:1136 plugins/sudoers/testsudoers.c:380
#, c-format
msgid "unknown group: %s"
msgstr ""
-#: plugins/sudoers/sudoers.c:1178
+#: plugins/sudoers/sudoers.c:1185
#, c-format
msgid "Sudoers policy plugin version %s\n"
msgstr ""
-#: plugins/sudoers/sudoers.c:1180
+#: plugins/sudoers/sudoers.c:1187
#, c-format
msgid "Sudoers file grammar version %d\n"
msgstr ""
-#: plugins/sudoers/sudoers.c:1184
+#: plugins/sudoers/sudoers.c:1191
#, c-format
msgid ""
"\n"
"Sudoers path: %s\n"
msgstr ""
-#: plugins/sudoers/sudoers.c:1187
+#: plugins/sudoers/sudoers.c:1194
#, c-format
msgid "nsswitch path: %s\n"
msgstr ""
-#: plugins/sudoers/sudoers.c:1189
+#: plugins/sudoers/sudoers.c:1196
#, c-format
msgid "ldap.conf path: %s\n"
msgstr ""
-#: plugins/sudoers/sudoers.c:1190
+#: plugins/sudoers/sudoers.c:1197
#, c-format
msgid "ldap.secret path: %s\n"
msgstr ""
-#: plugins/sudoers/sudoreplay.c:286
+#: plugins/sudoers/sudoreplay.c:291
#, c-format
msgid "invalid filter option: %s"
msgstr ""
-#: plugins/sudoers/sudoreplay.c:299
+#: plugins/sudoers/sudoreplay.c:304
#, c-format
msgid "invalid max wait: %s"
msgstr ""
-#: plugins/sudoers/sudoreplay.c:305
+#: plugins/sudoers/sudoreplay.c:310
#, c-format
msgid "invalid speed factor: %s"
msgstr ""
-#: plugins/sudoers/sudoreplay.c:308 plugins/sudoers/visudo.c:187
+#: plugins/sudoers/sudoreplay.c:313 plugins/sudoers/visudo.c:187
#, c-format
msgid "%s version %s\n"
msgstr ""
-#: plugins/sudoers/sudoreplay.c:333
+#: plugins/sudoers/sudoreplay.c:338
#, c-format
msgid "%s/%.2s/%.2s/%.2s/timing: %s"
msgstr ""
-#: plugins/sudoers/sudoreplay.c:339
+#: plugins/sudoers/sudoreplay.c:344
#, c-format
msgid "%s/%s/timing: %s"
msgstr ""
-#: plugins/sudoers/sudoreplay.c:364
+#: plugins/sudoers/sudoreplay.c:362
#, c-format
-msgid "invalid log file %s"
+msgid "Replaying sudo session: %s\n"
msgstr ""
-#: plugins/sudoers/sudoreplay.c:366
+#: plugins/sudoers/sudoreplay.c:368
#, c-format
-msgid "Replaying sudo session: %s"
+msgid "Warning: your terminal is too small to properly replay the log.\n"
msgstr ""
-#: plugins/sudoers/sudoreplay.c:392
+#: plugins/sudoers/sudoreplay.c:369
+#, c-format
+msgid "Log geometry is %d x %d, your terminal's geometry is %d x %d."
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:399
#, c-format
msgid "unable to set tty to raw mode"
msgstr ""
-#: plugins/sudoers/sudoreplay.c:406
+#: plugins/sudoers/sudoreplay.c:412
#, c-format
msgid "invalid timing file line: %s"
msgstr ""
-#: plugins/sudoers/sudoreplay.c:448
+#: plugins/sudoers/sudoreplay.c:454
#, c-format
msgid "writing to standard output"
msgstr ""
-#: plugins/sudoers/sudoreplay.c:480
+#: plugins/sudoers/sudoreplay.c:486
#, c-format
msgid "nanosleep: tv_sec %ld, tv_nsec %ld"
msgstr ""
-#: plugins/sudoers/sudoreplay.c:529 plugins/sudoers/sudoreplay.c:554
+#: plugins/sudoers/sudoreplay.c:535 plugins/sudoers/sudoreplay.c:560
#, c-format
msgid "ambiguous expression \"%s\""
msgstr ""
-#: plugins/sudoers/sudoreplay.c:571
+#: plugins/sudoers/sudoreplay.c:577
#, c-format
msgid "too many parenthesized expressions, max %d"
msgstr ""
-#: plugins/sudoers/sudoreplay.c:582
+#: plugins/sudoers/sudoreplay.c:588
#, c-format
msgid "unmatched ')' in expression"
msgstr ""
-#: plugins/sudoers/sudoreplay.c:588
+#: plugins/sudoers/sudoreplay.c:594
#, c-format
msgid "unknown search term \"%s\""
msgstr ""
-#: plugins/sudoers/sudoreplay.c:602
+#: plugins/sudoers/sudoreplay.c:608
#, c-format
msgid "%s requires an argument"
msgstr ""
-#: plugins/sudoers/sudoreplay.c:606
+#: plugins/sudoers/sudoreplay.c:612
#, c-format
msgid "invalid regular expression: %s"
msgstr ""
-#: plugins/sudoers/sudoreplay.c:612
+#: plugins/sudoers/sudoreplay.c:618
#, c-format
msgid "could not parse date \"%s\""
msgstr ""
-#: plugins/sudoers/sudoreplay.c:625
+#: plugins/sudoers/sudoreplay.c:631
#, c-format
msgid "unmatched '(' in expression"
msgstr ""
-#: plugins/sudoers/sudoreplay.c:627
+#: plugins/sudoers/sudoreplay.c:633
#, c-format
msgid "illegal trailing \"or\""
msgstr ""
-#: plugins/sudoers/sudoreplay.c:629
+#: plugins/sudoers/sudoreplay.c:635
#, c-format
msgid "illegal trailing \"!\""
msgstr ""
-#: plugins/sudoers/sudoreplay.c:851
+#: plugins/sudoers/sudoreplay.c:942
#, c-format
msgid "invalid regex: %s"
msgstr ""
-#: plugins/sudoers/sudoreplay.c:976
+#: plugins/sudoers/sudoreplay.c:1066
#, c-format
msgid "usage: %s [-h] [-d directory] [-m max_wait] [-s speed_factor] ID\n"
msgstr ""
-#: plugins/sudoers/sudoreplay.c:979
+#: plugins/sudoers/sudoreplay.c:1069
#, c-format
msgid "usage: %s [-h] [-d directory] -l [search expression]\n"
msgstr ""
-#: plugins/sudoers/sudoreplay.c:988
+#: plugins/sudoers/sudoreplay.c:1078
#, c-format
msgid ""
"%s - replay sudo session logs\n"
"\n"
msgstr ""
-#: plugins/sudoers/sudoreplay.c:990
+#: plugins/sudoers/sudoreplay.c:1080
msgid ""
"\n"
"Options:\n"
"Command unmatched"
msgstr ""
-#: toke.l:672 toke.l:802 toke.l:827 toke.l:923 plugins/sudoers/toke_util.c:113
-#: plugins/sudoers/toke_util.c:167 plugins/sudoers/toke_util.c:207
-msgid "unable to allocate memory"
-msgstr ""
-
-#: toke.l:795
-msgid "too many levels of includes"
-msgstr ""
-
#: plugins/sudoers/toke_util.c:218
msgid "fill_args: buffer overflow"
msgstr ""
msgid "%s grammar version %d\n"
msgstr ""
-#: plugins/sudoers/visudo.c:221 plugins/sudoers/auth/rfc1938.c:104
-#, c-format
-msgid "you do not exist in the %s database"
-msgstr ""
-
-#: plugins/sudoers/visudo.c:253 plugins/sudoers/visudo.c:539
+#: plugins/sudoers/visudo.c:252 plugins/sudoers/visudo.c:538
#, c-format
msgid "press return to edit %s: "
msgstr ""
-#: plugins/sudoers/visudo.c:336 plugins/sudoers/visudo.c:342
+#: plugins/sudoers/visudo.c:335 plugins/sudoers/visudo.c:341
#, c-format
msgid "write error"
msgstr ""
-#: plugins/sudoers/visudo.c:424
+#: plugins/sudoers/visudo.c:423
#, c-format
msgid "unable to stat temporary file (%s), %s unchanged"
msgstr ""
-#: plugins/sudoers/visudo.c:429
+#: plugins/sudoers/visudo.c:428
#, c-format
msgid "zero length temporary file (%s), %s unchanged"
msgstr ""
-#: plugins/sudoers/visudo.c:435
+#: plugins/sudoers/visudo.c:434
#, c-format
msgid "editor (%s) failed, %s unchanged"
msgstr ""
-#: plugins/sudoers/visudo.c:458
+#: plugins/sudoers/visudo.c:457
#, c-format
msgid "%s unchanged"
msgstr ""
-#: plugins/sudoers/visudo.c:484
+#: plugins/sudoers/visudo.c:483
#, c-format
msgid "unable to re-open temporary file (%s), %s unchanged."
msgstr ""
-#: plugins/sudoers/visudo.c:494
+#: plugins/sudoers/visudo.c:493
#, c-format
msgid "unabled to parse temporary file (%s), unknown error"
msgstr ""
-#: plugins/sudoers/visudo.c:532
+#: plugins/sudoers/visudo.c:531
#, c-format
msgid "internal error, unable to find %s in list!"
msgstr ""
-#: plugins/sudoers/visudo.c:584 plugins/sudoers/visudo.c:593
+#: plugins/sudoers/visudo.c:583 plugins/sudoers/visudo.c:592
#, c-format
msgid "unable to set (uid, gid) of %s to (%u, %u)"
msgstr ""
-#: plugins/sudoers/visudo.c:588 plugins/sudoers/visudo.c:598
+#: plugins/sudoers/visudo.c:587 plugins/sudoers/visudo.c:597
#, c-format
msgid "unable to change mode of %s to 0%o"
msgstr ""
-#: plugins/sudoers/visudo.c:615
+#: plugins/sudoers/visudo.c:614
#, c-format
msgid "%s and %s not on the same file system, using mv to rename"
msgstr ""
-#: plugins/sudoers/visudo.c:629
+#: plugins/sudoers/visudo.c:628
#, c-format
msgid "command failed: '%s %s %s', %s unchanged"
msgstr ""
-#: plugins/sudoers/visudo.c:639
+#: plugins/sudoers/visudo.c:638
#, c-format
msgid "error renaming %s, %s unchanged"
msgstr ""
-#: plugins/sudoers/visudo.c:702
+#: plugins/sudoers/visudo.c:701
msgid "What now? "
msgstr ""
-#: plugins/sudoers/visudo.c:716
+#: plugins/sudoers/visudo.c:715
msgid ""
"Options are:\n"
" (e)dit sudoers file again\n"
" (Q)uit and save changes to sudoers file (DANGER!)\n"
msgstr ""
-#: plugins/sudoers/visudo.c:757
+#: plugins/sudoers/visudo.c:756
#, c-format
msgid "unable to execute %s"
msgstr ""
-#: plugins/sudoers/visudo.c:764
+#: plugins/sudoers/visudo.c:763
#, c-format
msgid "unable to run %s"
msgstr ""
-#: plugins/sudoers/visudo.c:796
+#: plugins/sudoers/visudo.c:789
#, c-format
-msgid "failed to parse %s file, unknown error"
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
msgstr ""
-#: plugins/sudoers/visudo.c:808
+#: plugins/sudoers/visudo.c:796
#, c-format
-msgid "parse error in %s near line %d\n"
+msgid "%s: bad permissions, should be mode 0%o\n"
msgstr ""
-#: plugins/sudoers/visudo.c:811
+#: plugins/sudoers/visudo.c:821
#, c-format
-msgid "parse error in %s\n"
+msgid "failed to parse %s file, unknown error"
msgstr ""
-#: plugins/sudoers/visudo.c:814 plugins/sudoers/visudo.c:816
+#: plugins/sudoers/visudo.c:834
#, c-format
-msgid "%s: parsed OK\n"
+msgid "parse error in %s near line %d\n"
msgstr ""
-#: plugins/sudoers/visudo.c:826
+#: plugins/sudoers/visudo.c:837
#, c-format
-msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgid "parse error in %s\n"
msgstr ""
-#: plugins/sudoers/visudo.c:833
+#: plugins/sudoers/visudo.c:844 plugins/sudoers/visudo.c:849
#, c-format
-msgid "%s: bad permissions, should be mode 0%o\n"
+msgid "%s: parsed OK\n"
msgstr ""
-#: plugins/sudoers/visudo.c:880
+#: plugins/sudoers/visudo.c:896
#, c-format
msgid "%s busy, try again later"
msgstr ""
-#: plugins/sudoers/visudo.c:924
+#: plugins/sudoers/visudo.c:940
#, c-format
msgid "specified editor (%s) doesn't exist"
msgstr ""
-#: plugins/sudoers/visudo.c:947
+#: plugins/sudoers/visudo.c:963
#, c-format
msgid "unable to stat editor (%s)"
msgstr ""
-#: plugins/sudoers/visudo.c:995
+#: plugins/sudoers/visudo.c:1011
#, c-format
msgid "no editor found (editor path = %s)"
msgstr ""
-#: plugins/sudoers/visudo.c:1089
+#: plugins/sudoers/visudo.c:1105
#, c-format
msgid "Error: cycle in %s_Alias `%s'"
msgstr ""
-#: plugins/sudoers/visudo.c:1090
+#: plugins/sudoers/visudo.c:1106
#, c-format
msgid "Warning: cycle in %s_Alias `%s'"
msgstr ""
-#: plugins/sudoers/visudo.c:1093
+#: plugins/sudoers/visudo.c:1109
#, c-format
msgid "Error: %s_Alias `%s' referenced but not defined"
msgstr ""
-#: plugins/sudoers/visudo.c:1094
+#: plugins/sudoers/visudo.c:1110
#, c-format
msgid "Warning: %s_Alias `%s' referenced but not defined"
msgstr ""
-#: plugins/sudoers/visudo.c:1229
+#: plugins/sudoers/visudo.c:1245
#, c-format
msgid "%s: unused %s_Alias %s"
msgstr ""
-#: plugins/sudoers/visudo.c:1286
+#: plugins/sudoers/visudo.c:1301
#, c-format
msgid ""
"%s - safely edit the sudoers file\n"
"\n"
msgstr ""
-#: plugins/sudoers/visudo.c:1288
+#: plugins/sudoers/visudo.c:1303
msgid ""
"\n"
"Options:\n"
" -V display version information and exit"
msgstr ""
-#: plugins/sudoers/auth/bsdauth.c:78
-#, c-format
-msgid "unable to get login class for user %s"
-msgstr ""
-
-#: plugins/sudoers/auth/bsdauth.c:84
-msgid "unable to begin bsd authentication"
-msgstr ""
-
-#: plugins/sudoers/auth/bsdauth.c:92
-msgid "invalid authentication type"
-msgstr ""
-
-#: plugins/sudoers/auth/bsdauth.c:101
-msgid "unable to setup authentication"
-msgstr ""
-
-#: plugins/sudoers/auth/fwtk.c:60
-#, c-format
-msgid "unable to read fwtk config"
-msgstr ""
-
-#: plugins/sudoers/auth/fwtk.c:65
-#, c-format
-msgid "unable to connect to authentication server"
-msgstr ""
-
-#: plugins/sudoers/auth/fwtk.c:71 plugins/sudoers/auth/fwtk.c:95
-#: plugins/sudoers/auth/fwtk.c:128
-#, c-format
-msgid "lost connection to authentication server"
-msgstr ""
-
-#: plugins/sudoers/auth/fwtk.c:75
-#, c-format
-msgid ""
-"authentication server error:\n"
-"%s"
-msgstr ""
-
-#: plugins/sudoers/auth/kerb5.c:117
-#, c-format
-msgid "%s: unable to unparse princ ('%s'): %s"
-msgstr ""
-
-#: plugins/sudoers/auth/kerb5.c:160
-#, c-format
-msgid "%s: unable to parse '%s': %s"
-msgstr ""
-
-#: plugins/sudoers/auth/kerb5.c:170
-#, c-format
-msgid "%s: unable to resolve ccache: %s"
-msgstr ""
-
-#: plugins/sudoers/auth/kerb5.c:218
-#, c-format
-msgid "%s: unable to allocate options: %s"
-msgstr ""
-
-#: plugins/sudoers/auth/kerb5.c:234
-#, c-format
-msgid "%s: unable to get credentials: %s"
-msgstr ""
-
-#: plugins/sudoers/auth/kerb5.c:247
-#, c-format
-msgid "%s: unable to initialize ccache: %s"
-msgstr ""
-
-#: plugins/sudoers/auth/kerb5.c:251
-#, c-format
-msgid "%s: unable to store cred in ccache: %s"
-msgstr ""
-
-#: plugins/sudoers/auth/kerb5.c:316
-#, c-format
-msgid "%s: unable to get host principal: %s"
-msgstr ""
-
-#: plugins/sudoers/auth/kerb5.c:331
-#, c-format
-msgid "%s: Cannot verify TGT! Possible attack!: %s"
-msgstr ""
-
-#: plugins/sudoers/auth/pam.c:100
-msgid "unable to initialize PAM"
-msgstr ""
-
-#: plugins/sudoers/auth/pam.c:144
-msgid "account validation failure, is your account locked?"
-msgstr ""
-
-#: plugins/sudoers/auth/pam.c:148
-msgid "Account or password is expired, reset your password and try again"
-msgstr ""
-
-#: plugins/sudoers/auth/pam.c:155
-#, c-format
-msgid "pam_chauthtok: %s"
-msgstr ""
-
-#: plugins/sudoers/auth/pam.c:159
-msgid "Password expired, contact your system administrator"
-msgstr ""
-
-#: plugins/sudoers/auth/pam.c:163
-msgid ""
-"Account expired or PAM config lacks an \"account\" section for sudo, contact "
-"your system administrator"
-msgstr ""
-
-#: plugins/sudoers/auth/pam.c:178
-#, c-format
-msgid "pam_authenticate: %s"
-msgstr ""
-
-#: plugins/sudoers/auth/pam.c:306
-msgid "Password: "
-msgstr ""
-
-#: plugins/sudoers/auth/pam.c:307
-msgid "Password:"
-msgstr ""
-
-#: plugins/sudoers/auth/securid5.c:81
-#, c-format
-msgid "failed to initialise the ACE API library"
-msgstr ""
-
-#: plugins/sudoers/auth/securid5.c:107
-#, c-format
-msgid "unable to contact the SecurID server"
-msgstr ""
-
-#: plugins/sudoers/auth/securid5.c:116
-#, c-format
-msgid "User ID locked for SecurID Authentication"
-msgstr ""
-
-#: plugins/sudoers/auth/securid5.c:120 plugins/sudoers/auth/securid5.c:171
-#, c-format
-msgid "invalid username length for SecurID"
-msgstr ""
-
-#: plugins/sudoers/auth/securid5.c:124 plugins/sudoers/auth/securid5.c:176
-#, c-format
-msgid "invalid Authentication Handle for SecurID"
-msgstr ""
-
-#: plugins/sudoers/auth/securid5.c:128
-#, c-format
-msgid "SecurID communication failed"
-msgstr ""
-
-#: plugins/sudoers/auth/securid5.c:132 plugins/sudoers/auth/securid5.c:215
-#, c-format
-msgid "unknown SecurID error"
-msgstr ""
-
-#: plugins/sudoers/auth/securid5.c:166
-#, c-format
-msgid "invalid passcode length for SecurID"
-msgstr ""
-
-#: plugins/sudoers/auth/sia.c:109
-msgid "unable to initialize SIA session"
-msgstr ""
-
-#: plugins/sudoers/auth/sudo_auth.c:117
-msgid ""
-"Invalid authentication methods compiled into sudo! You may mix standalone "
-"and non-standalone authentication."
-msgstr ""
-
-#: plugins/sudoers/auth/sudo_auth.c:199
-msgid ""
-"There are no authentication methods compiled into sudo! If you want to turn "
-"off authentication, use the --disable-authentication configure option."
-msgstr ""
-
-#: plugins/sudoers/auth/sudo_auth.c:271
-#, c-format
-msgid "%d incorrect password attempt"
-msgid_plural "%d incorrect password attempts"
-msgstr[0] ""
-msgstr[1] ""
-
-#: plugins/sudoers/auth/sudo_auth.c:374
-msgid "Authentication methods:"
+#: toke.l:805
+msgid "too many levels of includes"
msgstr ""
--- /dev/null
+# Swedish translation for sudoers.
+# Copyright (C) 2012 Free Software Foundation, Inc.
+# This file is put in the public domain.
+# Daniel Nylander <po@danielnylander.se>, 2012.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: sudoers 1.8.5-b1\n"
+"Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n"
+"POT-Creation-Date: 2012-03-14 14:20-0400\n"
+"PO-Revision-Date: 2012-03-24 12:18+0100\n"
+"Last-Translator: Daniel Nylander <po@danielnylander.se>\n"
+"Language-Team: Swedish <tp-sv@listor.tp-sv.se>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+
+#: plugins/sudoers/alias.c:125
+#, c-format
+msgid "Alias `%s' already defined"
+msgstr "Aliaset \"%s\" är redan definierad"
+
+#: plugins/sudoers/bsm_audit.c:61 plugins/sudoers/bsm_audit.c:64
+#: plugins/sudoers/bsm_audit.c:113 plugins/sudoers/bsm_audit.c:117
+#: plugins/sudoers/bsm_audit.c:169 plugins/sudoers/bsm_audit.c:173
+msgid "getaudit: failed"
+msgstr "getaudit: misslyckades"
+
+#: plugins/sudoers/bsm_audit.c:91 plugins/sudoers/bsm_audit.c:154
+msgid "Could not determine audit condition"
+msgstr ""
+
+#: plugins/sudoers/bsm_audit.c:102
+msgid "getauid failed"
+msgstr "getauid misslyckades"
+
+#: plugins/sudoers/bsm_audit.c:104 plugins/sudoers/bsm_audit.c:163
+msgid "au_open: failed"
+msgstr "au_open: misslyckades"
+
+#: plugins/sudoers/bsm_audit.c:119 plugins/sudoers/bsm_audit.c:175
+msgid "au_to_subject: failed"
+msgstr "au_to_subject: misslyckades"
+
+#: plugins/sudoers/bsm_audit.c:123 plugins/sudoers/bsm_audit.c:179
+msgid "au_to_exec_args: failed"
+msgstr "au_to_exec_args: misslyckades"
+
+#: plugins/sudoers/bsm_audit.c:127 plugins/sudoers/bsm_audit.c:188
+msgid "au_to_return32: failed"
+msgstr "au_to_return32: misslyckades"
+
+#: plugins/sudoers/bsm_audit.c:130 plugins/sudoers/bsm_audit.c:191
+msgid "unable to commit audit record"
+msgstr ""
+
+#: plugins/sudoers/bsm_audit.c:161
+msgid "getauid: failed"
+msgstr "getauid: misslyckades"
+
+#: plugins/sudoers/bsm_audit.c:184
+msgid "au_to_text: failed"
+msgstr "au_to_text: misslyckades"
+
+#: plugins/sudoers/check.c:158
+#, c-format
+msgid "sorry, a password is required to run %s"
+msgstr "tyvärr, ett lösenord krävs för att köra %s"
+
+#: plugins/sudoers/check.c:249 plugins/sudoers/iolog.c:172
+#: plugins/sudoers/sudoers.c:970 plugins/sudoers/sudoreplay.c:348
+#: plugins/sudoers/sudoreplay.c:357 plugins/sudoers/sudoreplay.c:703
+#: plugins/sudoers/sudoreplay.c:797 plugins/sudoers/visudo.c:816
+#, c-format
+msgid "unable to open %s"
+msgstr "kunde inte öppna %s"
+
+#: plugins/sudoers/check.c:253 plugins/sudoers/iolog.c:202
+#, c-format
+msgid "unable to write to %s"
+msgstr "kunde inte skriva till %s"
+
+#: plugins/sudoers/check.c:261 plugins/sudoers/check.c:506
+#: plugins/sudoers/check.c:556 plugins/sudoers/iolog.c:123
+#: plugins/sudoers/iolog.c:156
+#, c-format
+msgid "unable to mkdir %s"
+msgstr "kunde inte skapa katalogen %s"
+
+#: plugins/sudoers/check.c:396
+#, c-format
+msgid "internal error, expand_prompt() overflow"
+msgstr "internt fel, stackspill i expand_prompt()"
+
+#: plugins/sudoers/check.c:456
+#, c-format
+msgid "timestamp path too long: %s"
+msgstr ""
+
+#: plugins/sudoers/check.c:485 plugins/sudoers/check.c:529
+#: plugins/sudoers/iolog.c:158
+#, c-format
+msgid "%s exists but is not a directory (0%o)"
+msgstr "%s finns men är inte en katalog (0%o)"
+
+#: plugins/sudoers/check.c:488 plugins/sudoers/check.c:532
+#: plugins/sudoers/check.c:577
+#, c-format
+msgid "%s owned by uid %u, should be uid %u"
+msgstr "%s ägs av uid %u, ska vara uid %u"
+
+#: plugins/sudoers/check.c:493 plugins/sudoers/check.c:537
+#, c-format
+msgid "%s writable by non-owner (0%o), should be mode 0700"
+msgstr ""
+
+#: plugins/sudoers/check.c:501 plugins/sudoers/check.c:545
+#: plugins/sudoers/check.c:613 plugins/sudoers/sudoers.c:989
+#: plugins/sudoers/visudo.c:320 plugins/sudoers/visudo.c:582
+#, c-format
+msgid "unable to stat %s"
+msgstr "kunde inte ta status på %s"
+
+#: plugins/sudoers/check.c:571
+#, c-format
+msgid "%s exists but is not a regular file (0%o)"
+msgstr "%s finns men är inte en vanlig fil (0%o)"
+
+#: plugins/sudoers/check.c:583
+#, c-format
+msgid "%s writable by non-owner (0%o), should be mode 0600"
+msgstr ""
+
+#: plugins/sudoers/check.c:637
+#, c-format
+msgid "timestamp too far in the future: %20.20s"
+msgstr "tidsstämpeln är för långt in i framtiden: %20.20s"
+
+#: plugins/sudoers/check.c:684
+#, c-format
+msgid "unable to remove %s (%s), will reset to the epoch"
+msgstr ""
+
+#: plugins/sudoers/check.c:692
+#, c-format
+msgid "unable to reset %s to the epoch"
+msgstr ""
+
+#: plugins/sudoers/check.c:752 plugins/sudoers/check.c:758
+#: plugins/sudoers/sudoers.c:847 plugins/sudoers/sudoers.c:851
+#, c-format
+msgid "unknown uid: %u"
+msgstr "okänt uid: %u"
+
+#: plugins/sudoers/check.c:755 plugins/sudoers/sudoers.c:788
+#: plugins/sudoers/sudoers.c:1109 plugins/sudoers/testsudoers.c:218
+#: plugins/sudoers/testsudoers.c:362
+#, c-format
+msgid "unknown user: %s"
+msgstr "okänd användare: %s"
+
+#: plugins/sudoers/def_data.c:27
+#, c-format
+msgid "Syslog facility if syslog is being used for logging: %s"
+msgstr "Syslog-facilitet om syslog används för loggning: %s"
+
+#: plugins/sudoers/def_data.c:31
+#, c-format
+msgid "Syslog priority to use when user authenticates successfully: %s"
+msgstr "Syslog-prioritet att använda när användaren lyckas med autentisering: %s"
+
+#: plugins/sudoers/def_data.c:35
+#, c-format
+msgid "Syslog priority to use when user authenticates unsuccessfully: %s"
+msgstr "Syslog-prioritet att använda när användaren misslyckas med autentisering: %s"
+
+#: plugins/sudoers/def_data.c:39
+msgid "Put OTP prompt on its own line"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:43
+msgid "Ignore '.' in $PATH"
+msgstr "Ignorera \".\" i $PATH"
+
+#: plugins/sudoers/def_data.c:47
+msgid "Always send mail when sudo is run"
+msgstr "Skicka alltid e-post när sudo körs"
+
+#: plugins/sudoers/def_data.c:51
+msgid "Send mail if user authentication fails"
+msgstr "Skicka e-post om användarens autentisering misslyckas"
+
+#: plugins/sudoers/def_data.c:55
+msgid "Send mail if the user is not in sudoers"
+msgstr "Skicka e-post om användaren inte finns med i sudoers"
+
+#: plugins/sudoers/def_data.c:59
+msgid "Send mail if the user is not in sudoers for this host"
+msgstr "Skicka e-post om användaren inte finns med i sudoers för denna värddator"
+
+#: plugins/sudoers/def_data.c:63
+msgid "Send mail if the user is not allowed to run a command"
+msgstr "Skicka e-post om användaren inte tillåts att köra ett kommando"
+
+#: plugins/sudoers/def_data.c:67
+msgid "Use a separate timestamp for each user/tty combo"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:71
+msgid "Lecture user the first time they run sudo"
+msgstr "Lär upp användaren första gången de kör sudo"
+
+#: plugins/sudoers/def_data.c:75
+#, c-format
+msgid "File containing the sudo lecture: %s"
+msgstr "Fil som innehåller sudo-upplärning: %s"
+
+#: plugins/sudoers/def_data.c:79
+msgid "Require users to authenticate by default"
+msgstr "Kräv att användare autentiseras som standard"
+
+#: plugins/sudoers/def_data.c:83
+msgid "Root may run sudo"
+msgstr "Root får köra sudo"
+
+#: plugins/sudoers/def_data.c:87
+msgid "Log the hostname in the (non-syslog) log file"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:91
+msgid "Log the year in the (non-syslog) log file"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:95
+msgid "If sudo is invoked with no arguments, start a shell"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:99
+msgid "Set $HOME to the target user when starting a shell with -s"
+msgstr "Ställ in $HOME till målanvändaren när ett skal startas med -s"
+
+#: plugins/sudoers/def_data.c:103
+msgid "Always set $HOME to the target user's home directory"
+msgstr "Ställ alltid in $HOME till målanvändarens hemkatalog"
+
+#: plugins/sudoers/def_data.c:107
+msgid "Allow some information gathering to give useful error messages"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:111
+msgid "Require fully-qualified hostnames in the sudoers file"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:115
+msgid "Insult the user when they enter an incorrect password"
+msgstr "Förolämpa användaren när de anger ett felaktigt lösenord"
+
+#: plugins/sudoers/def_data.c:119
+msgid "Only allow the user to run sudo if they have a tty"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:123
+msgid "Visudo will honor the EDITOR environment variable"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:127
+msgid "Prompt for root's password, not the users's"
+msgstr "Fråga efter root-lösenordet, inte användarens"
+
+#: plugins/sudoers/def_data.c:131
+msgid "Prompt for the runas_default user's password, not the users's"
+msgstr "Fråga efter runas_default-användarens lösenord, inte användarens"
+
+#: plugins/sudoers/def_data.c:135
+msgid "Prompt for the target user's password, not the users's"
+msgstr "Fråga efter målanvändarens lösenord, inte användarens"
+
+#: plugins/sudoers/def_data.c:139
+msgid "Apply defaults in the target user's login class if there is one"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:143
+msgid "Set the LOGNAME and USER environment variables"
+msgstr "Ställ in miljövariablerna LOGNAME och USER"
+
+#: plugins/sudoers/def_data.c:147
+msgid "Only set the effective uid to the target user, not the real uid"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:151
+msgid "Don't initialize the group vector to that of the target user"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:155
+#, c-format
+msgid "Length at which to wrap log file lines (0 for no wrap): %d"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:159
+#, c-format
+msgid "Authentication timestamp timeout: %.1f minutes"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:163
+#, c-format
+msgid "Password prompt timeout: %.1f minutes"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:167
+#, c-format
+msgid "Number of tries to enter a password: %d"
+msgstr "Antal försök att ange ett lösenord: %d"
+
+#: plugins/sudoers/def_data.c:171
+#, c-format
+msgid "Umask to use or 0777 to use user's: 0%o"
+msgstr "Umask att använda eller 0777 för att använda användarens: 0%o"
+
+#: plugins/sudoers/def_data.c:175
+#, c-format
+msgid "Path to log file: %s"
+msgstr "Sökväg till loggfil: %s"
+
+#: plugins/sudoers/def_data.c:179
+#, c-format
+msgid "Path to mail program: %s"
+msgstr "Sökväg till e-postprogram: %s"
+
+#: plugins/sudoers/def_data.c:183
+#, c-format
+msgid "Flags for mail program: %s"
+msgstr "Flaggor för e-postprogram: %s"
+
+#: plugins/sudoers/def_data.c:187
+#, c-format
+msgid "Address to send mail to: %s"
+msgstr "Adress att skicka e-post till: %s"
+
+#: plugins/sudoers/def_data.c:191
+#, c-format
+msgid "Address to send mail from: %s"
+msgstr "Adress att skicka e-post från: %s"
+
+#: plugins/sudoers/def_data.c:195
+#, c-format
+msgid "Subject line for mail messages: %s"
+msgstr "Ämnesrad för e-postmeddelanden: %s"
+
+#: plugins/sudoers/def_data.c:199
+#, c-format
+msgid "Incorrect password message: %s"
+msgstr "Meddelande vid felaktigt lösenord: %s"
+
+#: plugins/sudoers/def_data.c:203
+#, c-format
+msgid "Path to authentication timestamp dir: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:207
+#, c-format
+msgid "Owner of the authentication timestamp dir: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:211
+#, c-format
+msgid "Users in this group are exempt from password and PATH requirements: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:215
+#, c-format
+msgid "Default password prompt: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:219
+msgid "If set, passprompt will override system prompt in all cases."
+msgstr ""
+
+#: plugins/sudoers/def_data.c:223
+#, c-format
+msgid "Default user to run commands as: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:227
+#, c-format
+msgid "Value to override user's $PATH with: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:231
+#, c-format
+msgid "Path to the editor for use by visudo: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:235
+#, c-format
+msgid "When to require a password for 'list' pseudocommand: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:239
+#, c-format
+msgid "When to require a password for 'verify' pseudocommand: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:243
+msgid "Preload the dummy exec functions contained in the sudo_noexec library"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:247
+msgid "If LDAP directory is up, do we ignore local sudoers file"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:251
+#, c-format
+msgid "File descriptors >= %d will be closed before executing a command"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:255
+msgid "If set, users may override the value of `closefrom' with the -C option"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:259
+msgid "Allow users to set arbitrary environment variables"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:263
+msgid "Reset the environment to a default set of variables"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:267
+msgid "Environment variables to check for sanity:"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:271
+msgid "Environment variables to remove:"
+msgstr "Miljövariabler att ta bort:"
+
+#: plugins/sudoers/def_data.c:275
+msgid "Environment variables to preserve:"
+msgstr "Miljövariabler att behålla:"
+
+#: plugins/sudoers/def_data.c:279
+#, c-format
+msgid "SELinux role to use in the new security context: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:283
+#, c-format
+msgid "SELinux type to use in the new security context: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:287
+#, c-format
+msgid "Path to the sudo-specific environment file: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:291
+#, c-format
+msgid "Locale to use while parsing sudoers: %s"
+msgstr "Lokalanpassning att använda vid tolkning av sudoers: %s"
+
+#: plugins/sudoers/def_data.c:295
+msgid "Allow sudo to prompt for a password even if it would be visible"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:299
+msgid "Provide visual feedback at the password prompt when there is user input"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:303
+msgid "Use faster globbing that is less accurate but does not access the filesystem"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:307
+msgid "The umask specified in sudoers will override the user's, even if it is more permissive"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:311
+msgid "Log user's input for the command being run"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:315
+msgid "Log the output of the command being run"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:319
+msgid "Compress I/O logs using zlib"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:323
+msgid "Always run commands in a pseudo-tty"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:327
+#, c-format
+msgid "Plugin for non-Unix group support: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:331
+#, c-format
+msgid "Directory in which to store input/output logs: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:335
+#, c-format
+msgid "File in which to store the input/output log: %s"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:339
+msgid "Add an entry to the utmp/utmpx file when allocating a pty"
+msgstr ""
+
+#: plugins/sudoers/def_data.c:343
+msgid "Set the user in utmp to the runas user, not the invoking user"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:208
+#, c-format
+msgid "unknown defaults entry `%s'"
+msgstr ""
+
+#: plugins/sudoers/defaults.c:216 plugins/sudoers/defaults.c:226
+#: plugins/sudoers/defaults.c:246 plugins/sudoers/defaults.c:259
+#: plugins/sudoers/defaults.c:272 plugins/sudoers/defaults.c:285
+#: plugins/sudoers/defaults.c:298 plugins/sudoers/defaults.c:318
+#: plugins/sudoers/defaults.c:328
+#, c-format
+msgid "value `%s' is invalid for option `%s'"
+msgstr "värdet \"%s\" är ogiltigt för flaggan \"%s\""
+
+#: plugins/sudoers/defaults.c:219 plugins/sudoers/defaults.c:229
+#: plugins/sudoers/defaults.c:237 plugins/sudoers/defaults.c:254
+#: plugins/sudoers/defaults.c:267 plugins/sudoers/defaults.c:280
+#: plugins/sudoers/defaults.c:293 plugins/sudoers/defaults.c:313
+#: plugins/sudoers/defaults.c:324
+#, c-format
+msgid "no value specified for `%s'"
+msgstr "inget värde angivet för \"%s\""
+
+#: plugins/sudoers/defaults.c:242
+#, c-format
+msgid "values for `%s' must start with a '/'"
+msgstr "värden för \"%s\" måste börja med ett \"/\""
+
+#: plugins/sudoers/defaults.c:304
+#, c-format
+msgid "option `%s' does not take a value"
+msgstr "flaggan \"%s\" tar inte emot något värde"
+
+#: plugins/sudoers/env.c:329
+#, c-format
+msgid "sudo_putenv: corrupted envp, length mismatch"
+msgstr ""
+
+#: plugins/sudoers/env.c:331 plugins/sudoers/env.c:401 toke.l:680 toke.l:810
+#: toke.l:868 toke.l:964 plugins/sudoers/toke_util.c:113
+#: plugins/sudoers/toke_util.c:167 plugins/sudoers/toke_util.c:207
+#, c-format
+msgid "unable to allocate memory"
+msgstr "kunde inte allokera minne"
+
+#: plugins/sudoers/env.c:356
+#, c-format
+msgid "internal error, sudo_setenv2() overflow"
+msgstr "internt fel, stackspill i sudo_setenv2()"
+
+#: plugins/sudoers/env.c:400
+#, c-format
+msgid "internal error, sudo_setenv() overflow"
+msgstr "internt fel, stackspill i sudo_setenv()"
+
+#: plugins/sudoers/env.c:896
+#, c-format
+msgid "sorry, you are not allowed to set the following environment variables: %s"
+msgstr ""
+
+#: plugins/sudoers/find_path.c:69 plugins/sudoers/find_path.c:108
+#: plugins/sudoers/find_path.c:123 plugins/sudoers/iolog.c:125 toke.l:676
+#: toke.l:864 plugins/sudoers/sudoers.c:941
+#, c-format
+msgid "%s: %s"
+msgstr "%s: %s"
+
+#: gram.y:110
+#, c-format
+msgid ">>> %s: %s near line %d <<<"
+msgstr ">>> %s: %s nära rad %d <<<"
+
+#: plugins/sudoers/group_plugin.c:91
+#, c-format
+msgid "%s%s: %s"
+msgstr "%s%s: %s"
+
+#: plugins/sudoers/group_plugin.c:103
+#, c-format
+msgid "%s must be owned by uid %d"
+msgstr "%s måste ägas av uid %d"
+
+#: plugins/sudoers/group_plugin.c:107
+#, c-format
+msgid "%s must only be writable by owner"
+msgstr "%s får endast vara skrivbar av ägaren"
+
+#: plugins/sudoers/group_plugin.c:114
+#, c-format
+msgid "unable to dlopen %s: %s"
+msgstr "kunde inte köra dlopen %s: %s"
+
+#: plugins/sudoers/group_plugin.c:119
+#, c-format
+msgid "unable to find symbol \"group_plugin\" in %s"
+msgstr "kunde inte hitta symbolen \"group_plugin\" i %s"
+
+#: plugins/sudoers/group_plugin.c:124
+#, c-format
+msgid "%s: incompatible group plugin major version %d, expected %d"
+msgstr ""
+
+#: plugins/sudoers/interfaces.c:112
+msgid "Local IP address and netmask pairs:\n"
+msgstr ""
+
+#: plugins/sudoers/iolog.c:179 plugins/sudoers/sudoers.c:977
+#, c-format
+msgid "unable to read %s"
+msgstr "kunde inte läsa %s"
+
+#: plugins/sudoers/iolog.c:182
+#, c-format
+msgid "invalid sequence number %s"
+msgstr "ogiltigt sekvensnummer %s"
+
+#: plugins/sudoers/iolog.c:231 plugins/sudoers/iolog.c:234
+#: plugins/sudoers/iolog.c:499 plugins/sudoers/iolog.c:504
+#: plugins/sudoers/iolog.c:510 plugins/sudoers/iolog.c:518
+#: plugins/sudoers/iolog.c:526 plugins/sudoers/iolog.c:534
+#: plugins/sudoers/iolog.c:542
+#, c-format
+msgid "unable to create %s"
+msgstr "kunde inte skapa %s"
+
+#: plugins/sudoers/iolog_path.c:256 plugins/sudoers/sudoers.c:367
+#, c-format
+msgid "unable to set locale to \"%s\", using \"C\""
+msgstr "kunde inte ställa in lokalanpassning till \"%s\", använder \"C\""
+
+#: plugins/sudoers/ldap.c:374
+#, c-format
+msgid "sudo_ldap_conf_add_ports: port too large"
+msgstr "sudo_ldap_conf_add_ports: port är för stor"
+
+#: plugins/sudoers/ldap.c:397
+#, c-format
+msgid "sudo_ldap_conf_add_ports: out of space expanding hostbuf"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:427
+#, c-format
+msgid "unsupported LDAP uri type: %s"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:456
+#, c-format
+msgid "invalid uri: %s"
+msgstr "ogiltig uri: %s"
+
+#: plugins/sudoers/ldap.c:462
+#, c-format
+msgid "unable to mix ldap and ldaps URIs"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:466
+#, c-format
+msgid "unable to mix ldaps and starttls"
+msgstr "kunde inte blanda ldaps och starttls"
+
+#: plugins/sudoers/ldap.c:485
+#, c-format
+msgid "sudo_ldap_parse_uri: out of space building hostbuf"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:550
+#, c-format
+msgid "unable to initialize SSL cert and key db: %s"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:958
+#, c-format
+msgid "unable to get GMT time"
+msgstr "kunde inte få GMT-tid"
+
+#: plugins/sudoers/ldap.c:964
+#, c-format
+msgid "unable to format timestamp"
+msgstr "kunde inte formatera tidsstämpel"
+
+#: plugins/sudoers/ldap.c:972
+#, c-format
+msgid "unable to build time filter"
+msgstr "kunde inte bygga tidsfilter"
+
+#: plugins/sudoers/ldap.c:1187
+#, c-format
+msgid "sudo_ldap_build_pass1 allocation mismatch"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:1707
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: %s\n"
+msgstr ""
+"\n"
+"LDAP-roll: %s\n"
+
+#: plugins/sudoers/ldap.c:1709
+#, c-format
+msgid ""
+"\n"
+"LDAP Role: UNKNOWN\n"
+msgstr ""
+"\n"
+"LDAP-roll: OKÄND\n"
+
+#: plugins/sudoers/ldap.c:1756
+#, c-format
+msgid " Order: %s\n"
+msgstr " Ordning: %s\n"
+
+#: plugins/sudoers/ldap.c:1764
+#, c-format
+msgid " Commands:\n"
+msgstr " Kommandon:\n"
+
+#: plugins/sudoers/ldap.c:2163
+#, c-format
+msgid "unable to initialize LDAP: %s"
+msgstr "kunde inte initiera LDAP: %s"
+
+#: plugins/sudoers/ldap.c:2194
+#, c-format
+msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
+msgstr ""
+
+#: plugins/sudoers/ldap.c:2430
+#, c-format
+msgid "invalid sudoOrder attribute: %s"
+msgstr ""
+
+#: toke.l:803
+msgid "too many levels of includes"
+msgstr ""
+
+#: toke.l:827 plugins/sudoers/sudoers.c:995
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "%s ägs av uid %u, ska vara %u"
+
+#: toke.l:834 plugins/sudoers/sudoers.c:999
+#, c-format
+msgid "%s is world writable"
+msgstr "%s är skrivbar för alla"
+
+#: toke.l:839 plugins/sudoers/sudoers.c:1002
+#, c-format
+msgid "%s is owned by gid %u, should be %u"
+msgstr "%s ägs av gid %u, ska vara %u"
+
+#: plugins/sudoers/linux_audit.c:57
+#, c-format
+msgid "unable to open audit system"
+msgstr ""
+
+#: plugins/sudoers/linux_audit.c:82
+#, c-format
+msgid "internal error, linux_audit_command() overflow"
+msgstr "internt fel, stackspill i linux_audit_command()"
+
+#: plugins/sudoers/linux_audit.c:91
+#, c-format
+msgid "unable to send audit message"
+msgstr ""
+
+#: plugins/sudoers/logging.c:198
+#, c-format
+msgid "unable to open log file: %s: %s"
+msgstr "kunde inte öppna loggfil: %s: %s"
+
+#: plugins/sudoers/logging.c:201
+#, c-format
+msgid "unable to lock log file: %s: %s"
+msgstr "kunde inte låsa loggfil: %s: %s"
+
+#: plugins/sudoers/logging.c:256
+msgid "user NOT in sudoers"
+msgstr "användare finns INTE i sudoers"
+
+#: plugins/sudoers/logging.c:258
+msgid "user NOT authorized on host"
+msgstr "användaren är INTE auktoriserad på värddatorn"
+
+#: plugins/sudoers/logging.c:260
+msgid "command not allowed"
+msgstr "kommandot tillåts inte"
+
+#: plugins/sudoers/logging.c:270
+#, c-format
+msgid "%s is not in the sudoers file. This incident will be reported.\n"
+msgstr "%s finns inte i filen sudoers. Denna incident kommer att rapporteras.\n"
+
+#: plugins/sudoers/logging.c:273
+#, c-format
+msgid "%s is not allowed to run sudo on %s. This incident will be reported.\n"
+msgstr "%s tillåts inte att köra sudo på %s. Denna incident kommer att rapporteras.\n"
+
+#: plugins/sudoers/logging.c:277
+#, c-format
+msgid "Sorry, user %s may not run sudo on %s.\n"
+msgstr "Tyvärr, användaren %s får inte köra sudo på %s.\n"
+
+#: plugins/sudoers/logging.c:280
+#, c-format
+msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
+msgstr "Tyvärr, användaren %s tillåts inte att köra \"%s%s%s\" som %s%s%s på %s.\n"
+
+#: plugins/sudoers/logging.c:420
+#, c-format
+msgid "unable to fork"
+msgstr "kunde inte grena process"
+
+#: plugins/sudoers/logging.c:427 plugins/sudoers/logging.c:489
+#, c-format
+msgid "unable to fork: %m"
+msgstr "kunde inte grena process: %m"
+
+#: plugins/sudoers/logging.c:479
+#, c-format
+msgid "unable to open pipe: %m"
+msgstr "kunde inte öppna rör: %m"
+
+#: plugins/sudoers/logging.c:504
+#, c-format
+msgid "unable to dup stdin: %m"
+msgstr ""
+
+#: plugins/sudoers/logging.c:540
+#, c-format
+msgid "unable to execute %s: %m"
+msgstr "kunde inte köra %s: %m"
+
+#: plugins/sudoers/logging.c:755
+#, c-format
+msgid "internal error: insufficient space for log line"
+msgstr "internt fel: otillräckligt utrymme för loggrad"
+
+#: plugins/sudoers/parse.c:123
+#, c-format
+msgid "parse error in %s near line %d"
+msgstr "tolkningsfel i %s nära rad %d"
+
+#: plugins/sudoers/parse.c:126
+#, c-format
+msgid "parse error in %s"
+msgstr "tolkningsfel i %s"
+
+#: plugins/sudoers/parse.c:389
+#, c-format
+msgid ""
+"\n"
+"Sudoers entry:\n"
+msgstr ""
+
+#: plugins/sudoers/parse.c:391
+#, c-format
+msgid " RunAsUsers: "
+msgstr ""
+
+#: plugins/sudoers/parse.c:406
+#, c-format
+msgid " RunAsGroups: "
+msgstr ""
+
+#: plugins/sudoers/parse.c:415
+#, c-format
+msgid ""
+" Commands:\n"
+"\t"
+msgstr ""
+" Kommandon:\n"
+"\t"
+
+#: plugins/sudoers/plugin_error.c:100 plugins/sudoers/plugin_error.c:105
+msgid ": "
+msgstr ": "
+
+#: plugins/sudoers/pwutil.c:260
+#, c-format
+msgid "unable to cache uid %u (%s), already exists"
+msgstr "kunde inte mellanlagra uid %u (%s), finns redan"
+
+#: plugins/sudoers/pwutil.c:268
+#, c-format
+msgid "unable to cache uid %u, already exists"
+msgstr "kunde inte mellanlagra uid %u, finns redan"
+
+#: plugins/sudoers/pwutil.c:305 plugins/sudoers/pwutil.c:314
+#, c-format
+msgid "unable to cache user %s, already exists"
+msgstr "kunde inte mellanlagra användaren %s, finns redan"
+
+#: plugins/sudoers/pwutil.c:655
+#, c-format
+msgid "unable to cache gid %u (%s), already exists"
+msgstr "kunde inte mellanlagra gid %u (%s), finns redan"
+
+#: plugins/sudoers/pwutil.c:663
+#, c-format
+msgid "unable to cache gid %u, already exists"
+msgstr "kunde inte mellanlagra gid %u, finns redan"
+
+#: plugins/sudoers/pwutil.c:693 plugins/sudoers/pwutil.c:702
+#, c-format
+msgid "unable to cache group %s, already exists"
+msgstr "kunde inte mellanlagra gruppen %s, finns redan"
+
+#: plugins/sudoers/set_perms.c:122 plugins/sudoers/set_perms.c:439
+#: plugins/sudoers/set_perms.c:806 plugins/sudoers/set_perms.c:1095
+#: plugins/sudoers/set_perms.c:1380
+msgid "perm stack overflow"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:130 plugins/sudoers/set_perms.c:447
+#: plugins/sudoers/set_perms.c:814 plugins/sudoers/set_perms.c:1103
+#: plugins/sudoers/set_perms.c:1388
+msgid "perm stack underflow"
+msgstr ""
+
+#: plugins/sudoers/set_perms.c:272 plugins/sudoers/set_perms.c:585
+#: plugins/sudoers/set_perms.c:937 plugins/sudoers/set_perms.c:1226
+msgid "unable to change to runas gid"
+msgstr "kunde inte ändra till runas gid"
+
+#: plugins/sudoers/set_perms.c:284 plugins/sudoers/set_perms.c:597
+#: plugins/sudoers/set_perms.c:947 plugins/sudoers/set_perms.c:1236
+msgid "unable to change to runas uid"
+msgstr "kunde inte ändra till runas uid"
+
+#: plugins/sudoers/set_perms.c:302 plugins/sudoers/set_perms.c:615
+#: plugins/sudoers/set_perms.c:963 plugins/sudoers/set_perms.c:1252
+msgid "unable to change to sudoers gid"
+msgstr "kunde inte ändra till sudoers gid"
+
+#: plugins/sudoers/set_perms.c:356 plugins/sudoers/set_perms.c:687
+#: plugins/sudoers/set_perms.c:1010 plugins/sudoers/set_perms.c:1299
+#: plugins/sudoers/set_perms.c:1461
+msgid "too many processes"
+msgstr "för många processer"
+
+#: plugins/sudoers/set_perms.c:1529
+msgid "unable to set runas group vector"
+msgstr ""
+
+#: plugins/sudoers/sudo_nss.c:243
+#, c-format
+msgid "Matching Defaults entries for %s on this host:\n"
+msgstr ""
+
+#: plugins/sudoers/sudo_nss.c:256
+#, c-format
+msgid "Runas and Command-specific defaults for %s:\n"
+msgstr ""
+
+#: plugins/sudoers/sudo_nss.c:269
+#, c-format
+msgid "User %s may run the following commands on this host:\n"
+msgstr "Användaren %s får köra följande kommandon på denna värddator:\n"
+
+#: plugins/sudoers/sudo_nss.c:279
+#, c-format
+msgid "User %s is not allowed to run sudo on %s.\n"
+msgstr "Användaren %s tillåts inte att köra sudo på %s.\n"
+
+#: plugins/sudoers/sudoers.c:206 plugins/sudoers/sudoers.c:237
+#: plugins/sudoers/sudoers.c:949
+msgid "problem with defaults entries"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:210
+#, c-format
+msgid "no valid sudoers sources found, quitting"
+msgstr "inga giltiga sudoers-källor hittades, avslutar"
+
+#: plugins/sudoers/sudoers.c:262
+#, c-format
+msgid "unable to execute %s: %s"
+msgstr "kunde inte köra %s: %s"
+
+#: plugins/sudoers/sudoers.c:316
+#, c-format
+msgid "sudoers specifies that root is not allowed to sudo"
+msgstr "sudoers anger att root inte tillåts att använda sudo"
+
+#: plugins/sudoers/sudoers.c:323
+#, c-format
+msgid "you are not permitted to use the -C option"
+msgstr "du tillåts inte att använda flaggan -C"
+
+#: plugins/sudoers/sudoers.c:413
+#, c-format
+msgid "timestamp owner (%s): No such user"
+msgstr "tidsstämpelägare (%s): Det finns ingen sådan användare"
+
+#: plugins/sudoers/sudoers.c:429
+msgid "no tty"
+msgstr "ingen tty"
+
+#: plugins/sudoers/sudoers.c:430
+#, c-format
+msgid "sorry, you must have a tty to run sudo"
+msgstr "tyvärr, du måste ha en tty för att köra sudo"
+
+#: plugins/sudoers/sudoers.c:469
+msgid "No user or host"
+msgstr "Ingen användare eller värddator"
+
+#: plugins/sudoers/sudoers.c:483 plugins/sudoers/sudoers.c:504
+#: plugins/sudoers/sudoers.c:505 plugins/sudoers/sudoers.c:1516
+#: plugins/sudoers/sudoers.c:1517
+#, c-format
+msgid "%s: command not found"
+msgstr "%s: kommandot hittades inte"
+
+#: plugins/sudoers/sudoers.c:485 plugins/sudoers/sudoers.c:501
+#, c-format
+msgid ""
+"ignoring `%s' found in '.'\n"
+"Use `sudo ./%s' if this is the `%s' you wish to run."
+msgstr ""
+"ignorerar \"%s\" som hittades i \".\"\n"
+"Använd \"sudo ./%s\" om detta är den \"%s\" som du vill köra."
+
+#: plugins/sudoers/sudoers.c:490
+msgid "validation failure"
+msgstr "valideringsfel"
+
+#: plugins/sudoers/sudoers.c:500
+msgid "command in current directory"
+msgstr "kommando i aktuell katalog"
+
+#: plugins/sudoers/sudoers.c:512
+#, c-format
+msgid "sorry, you are not allowed to preserve the environment"
+msgstr "tyvärr, du tillåts inte att behålla miljövariabler"
+
+#: plugins/sudoers/sudoers.c:672 plugins/sudoers/sudoers.c:679
+#, c-format
+msgid "internal error, runas_groups overflow"
+msgstr "internt fel, stackspill i runas_groups"
+
+#: plugins/sudoers/sudoers.c:932
+#, c-format
+msgid "internal error, set_cmnd() overflow"
+msgstr "internt fel, stackspill i set_cmnd()"
+
+#: plugins/sudoers/sudoers.c:992
+#, c-format
+msgid "%s is not a regular file"
+msgstr "%s är inte en vanlig fil"
+
+#: plugins/sudoers/sudoers.c:1039
+#, c-format
+msgid "only root can use `-c %s'"
+msgstr "endast root kan använda \"-c %s\""
+
+#: plugins/sudoers/sudoers.c:1050
+#, c-format
+msgid "unknown login class: %s"
+msgstr "okänd inloggningsklass: %s"
+
+#: plugins/sudoers/sudoers.c:1078
+#, c-format
+msgid "unable to resolve host %s"
+msgstr "kunde inte slå upp värddatorn %s"
+
+#: plugins/sudoers/sudoers.c:1130 plugins/sudoers/testsudoers.c:380
+#, c-format
+msgid "unknown group: %s"
+msgstr "okänd grupp: %s"
+
+#: plugins/sudoers/sudoers.c:1179
+#, c-format
+msgid "Sudoers policy plugin version %s\n"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:1181
+#, c-format
+msgid "Sudoers file grammar version %d\n"
+msgstr ""
+
+#: plugins/sudoers/sudoers.c:1185
+#, c-format
+msgid ""
+"\n"
+"Sudoers path: %s\n"
+msgstr ""
+"\n"
+"Sökväg till sudoers: %s\n"
+
+#: plugins/sudoers/sudoers.c:1188
+#, c-format
+msgid "nsswitch path: %s\n"
+msgstr "Sökväg till nsswitch: %s\n"
+
+#: plugins/sudoers/sudoers.c:1190
+#, c-format
+msgid "ldap.conf path: %s\n"
+msgstr "Sökväg till ldap.conf: %s\n"
+
+#: plugins/sudoers/sudoers.c:1191
+#, c-format
+msgid "ldap.secret path: %s\n"
+msgstr "Sökväg till ldap.secret: %s\n"
+
+#: plugins/sudoers/sudoreplay.c:286
+#, c-format
+msgid "invalid filter option: %s"
+msgstr "ogiltig filterflagga: %s"
+
+#: plugins/sudoers/sudoreplay.c:299
+#, c-format
+msgid "invalid max wait: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:305
+#, c-format
+msgid "invalid speed factor: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:308 plugins/sudoers/visudo.c:187
+#, c-format
+msgid "%s version %s\n"
+msgstr "%s version %s\n"
+
+#: plugins/sudoers/sudoreplay.c:333
+#, c-format
+msgid "%s/%.2s/%.2s/%.2s/timing: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:339
+#, c-format
+msgid "%s/%s/timing: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:364
+#, c-format
+msgid "invalid log file %s"
+msgstr "ogiltig loggfil %s"
+
+#: plugins/sudoers/sudoreplay.c:366
+#, c-format
+msgid "Replaying sudo session: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:392
+#, c-format
+msgid "unable to set tty to raw mode"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:406
+#, c-format
+msgid "invalid timing file line: %s"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:448
+#, c-format
+msgid "writing to standard output"
+msgstr "skriver till standard ut"
+
+#: plugins/sudoers/sudoreplay.c:480
+#, c-format
+msgid "nanosleep: tv_sec %ld, tv_nsec %ld"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:529 plugins/sudoers/sudoreplay.c:554
+#, c-format
+msgid "ambiguous expression \"%s\""
+msgstr "tvetydigt uttryck \"%s\""
+
+#: plugins/sudoers/sudoreplay.c:571
+#, c-format
+msgid "too many parenthesized expressions, max %d"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:582
+#, c-format
+msgid "unmatched ')' in expression"
+msgstr "omatchat \")\" i uttryck"
+
+#: plugins/sudoers/sudoreplay.c:588
+#, c-format
+msgid "unknown search term \"%s\""
+msgstr "okänt sökvillkor \"%s\""
+
+#: plugins/sudoers/sudoreplay.c:602
+#, c-format
+msgid "%s requires an argument"
+msgstr "%s kräver ett argument"
+
+#: plugins/sudoers/sudoreplay.c:606
+#, c-format
+msgid "invalid regular expression: %s"
+msgstr "ogiltigt reguljärt uttryck: %s"
+
+#: plugins/sudoers/sudoreplay.c:612
+#, c-format
+msgid "could not parse date \"%s\""
+msgstr "kunde inte tolka datumet \"%s\""
+
+#: plugins/sudoers/sudoreplay.c:625
+#, c-format
+msgid "unmatched '(' in expression"
+msgstr "omatchat \"(\" i uttryck"
+
+#: plugins/sudoers/sudoreplay.c:627
+#, c-format
+msgid "illegal trailing \"or\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:629
+#, c-format
+msgid "illegal trailing \"!\""
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:851
+#, c-format
+msgid "invalid regex: %s"
+msgstr "ogiltigt reguljärt uttryck: %s"
+
+#: plugins/sudoers/sudoreplay.c:976
+#, c-format
+msgid "usage: %s [-h] [-d directory] [-m max_wait] [-s speed_factor] ID\n"
+msgstr ""
+
+#: plugins/sudoers/sudoreplay.c:979
+#, c-format
+msgid "usage: %s [-h] [-d directory] -l [search expression]\n"
+msgstr "användning: %s [-h] [-d katalog] -l [sökuttryck]\n"
+
+#: plugins/sudoers/sudoreplay.c:988
+#, c-format
+msgid ""
+"%s - replay sudo session logs\n"
+"\n"
+msgstr ""
+"%s - spela upp loggar från sudo-session\n"
+"\n"
+
+#: plugins/sudoers/sudoreplay.c:990
+msgid ""
+"\n"
+"Options:\n"
+" -d directory specify directory for session logs\n"
+" -f filter specify which I/O type to display\n"
+" -h display help message and exit\n"
+" -l [expression] list available session IDs that match expression\n"
+" -m max_wait max number of seconds to wait between events\n"
+" -s speed_factor speed up or slow down output\n"
+" -V display version information and exit"
+msgstr ""
+
+#: plugins/sudoers/testsudoers.c:246
+#, c-format
+msgid "internal error, init_vars() overflow"
+msgstr "internt fel, stackspill i init_vars()"
+
+#: plugins/sudoers/testsudoers.c:331
+msgid "\thost unmatched"
+msgstr ""
+
+#: plugins/sudoers/testsudoers.c:334
+msgid ""
+"\n"
+"Command allowed"
+msgstr ""
+"\n"
+"Kommandot tillåts"
+
+#: plugins/sudoers/testsudoers.c:335
+msgid ""
+"\n"
+"Command denied"
+msgstr ""
+"\n"
+"Kommandot nekades"
+
+#: plugins/sudoers/testsudoers.c:335
+msgid ""
+"\n"
+"Command unmatched"
+msgstr ""
+
+#: plugins/sudoers/toke_util.c:218
+msgid "fill_args: buffer overflow"
+msgstr "fill_args: buffertöverflöde"
+
+#: plugins/sudoers/visudo.c:188
+#, c-format
+msgid "%s grammar version %d\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:221 plugins/sudoers/auth/rfc1938.c:104
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr "du finns inte i %s-databasen"
+
+#: plugins/sudoers/visudo.c:253 plugins/sudoers/visudo.c:539
+#, c-format
+msgid "press return to edit %s: "
+msgstr "tryck på return för att redigera %s: "
+
+#: plugins/sudoers/visudo.c:336 plugins/sudoers/visudo.c:342
+#, c-format
+msgid "write error"
+msgstr "skrivfel"
+
+#: plugins/sudoers/visudo.c:424
+#, c-format
+msgid "unable to stat temporary file (%s), %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:429
+#, c-format
+msgid "zero length temporary file (%s), %s unchanged"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:435
+#, c-format
+msgid "editor (%s) failed, %s unchanged"
+msgstr "redigeraren (%s) misslyckades, %s är oförändrad"
+
+#: plugins/sudoers/visudo.c:458
+#, c-format
+msgid "%s unchanged"
+msgstr "%s oförändrad"
+
+#: plugins/sudoers/visudo.c:484
+#, c-format
+msgid "unable to re-open temporary file (%s), %s unchanged."
+msgstr "kunde inte återöppna temporärfilen (%s), %s är oförändrad."
+
+#: plugins/sudoers/visudo.c:494
+#, c-format
+msgid "unabled to parse temporary file (%s), unknown error"
+msgstr "kunde inte tolka temporärfilen (%s), okänt fel"
+
+#: plugins/sudoers/visudo.c:532
+#, c-format
+msgid "internal error, unable to find %s in list!"
+msgstr "internt fel, kunde inte hitta %s i listan!"
+
+#: plugins/sudoers/visudo.c:584 plugins/sudoers/visudo.c:593
+#, c-format
+msgid "unable to set (uid, gid) of %s to (%u, %u)"
+msgstr "kunde inte ställa in (uid, gid) för %s till (%u, %u)"
+
+#: plugins/sudoers/visudo.c:588 plugins/sudoers/visudo.c:598
+#, c-format
+msgid "unable to change mode of %s to 0%o"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:615
+#, c-format
+msgid "%s and %s not on the same file system, using mv to rename"
+msgstr "%s och %s finns inte på samma filsystem, använder mv för att byta namn"
+
+#: plugins/sudoers/visudo.c:629
+#, c-format
+msgid "command failed: '%s %s %s', %s unchanged"
+msgstr "kommandot misslyckades: \"%s %s %s\", %s är oförändrad"
+
+#: plugins/sudoers/visudo.c:639
+#, c-format
+msgid "error renaming %s, %s unchanged"
+msgstr "fel vid namnbyte för %s, %s är oförändrad"
+
+#: plugins/sudoers/visudo.c:702
+msgid "What now? "
+msgstr "Nu då? "
+
+#: plugins/sudoers/visudo.c:716
+msgid ""
+"Options are:\n"
+" (e)dit sudoers file again\n"
+" e(x)it without saving changes to sudoers file\n"
+" (Q)uit and save changes to sudoers file (DANGER!)\n"
+msgstr ""
+"Alternativen är:\n"
+" r(e)digera sudoers-filen igen\n"
+" avsluta (x) utan att spara ändringar i sudoers-filen\n"
+" Avsluta (Q) och spara ändringar i sudoers-filen (FARLIGT!)\n"
+
+#: plugins/sudoers/visudo.c:757
+#, c-format
+msgid "unable to execute %s"
+msgstr "kunde inte köra %s"
+
+#: plugins/sudoers/visudo.c:764
+#, c-format
+msgid "unable to run %s"
+msgstr "kunde inte köra %s"
+
+#: plugins/sudoers/visudo.c:790
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr "%s: felaktig ägare (uid, gid) ska vara (%u, %u)\n"
+
+#: plugins/sudoers/visudo.c:797
+#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:822
+#, c-format
+msgid "failed to parse %s file, unknown error"
+msgstr "misslyckades med att tolka %s-filen, okänt fel"
+
+#: plugins/sudoers/visudo.c:835
+#, c-format
+msgid "parse error in %s near line %d\n"
+msgstr "tolkningsfel i %s nära rad %d\n"
+
+#: plugins/sudoers/visudo.c:838
+#, c-format
+msgid "parse error in %s\n"
+msgstr "tolkningsfel i %s\n"
+
+#: plugins/sudoers/visudo.c:845 plugins/sudoers/visudo.c:850
+#, c-format
+msgid "%s: parsed OK\n"
+msgstr "%s: tolkad OK\n"
+
+#: plugins/sudoers/visudo.c:897
+#, c-format
+msgid "%s busy, try again later"
+msgstr "%s är upptagen, försök igen senare"
+
+#: plugins/sudoers/visudo.c:941
+#, c-format
+msgid "specified editor (%s) doesn't exist"
+msgstr "angiven redigerare (%s) finns inte"
+
+#: plugins/sudoers/visudo.c:964
+#, c-format
+msgid "unable to stat editor (%s)"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1012
+#, c-format
+msgid "no editor found (editor path = %s)"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1106
+#, c-format
+msgid "Error: cycle in %s_Alias `%s'"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1107
+#, c-format
+msgid "Warning: cycle in %s_Alias `%s'"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1110
+#, c-format
+msgid "Error: %s_Alias `%s' referenced but not defined"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1111
+#, c-format
+msgid "Warning: %s_Alias `%s' referenced but not defined"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1246
+#, c-format
+msgid "%s: unused %s_Alias %s"
+msgstr ""
+
+#: plugins/sudoers/visudo.c:1303
+#, c-format
+msgid ""
+"%s - safely edit the sudoers file\n"
+"\n"
+msgstr ""
+"%s - redigera sudoers-filen på ett säkert sätt\n"
+"\n"
+
+#: plugins/sudoers/visudo.c:1305
+msgid ""
+"\n"
+"Options:\n"
+" -c check-only mode\n"
+" -f sudoers specify sudoers file location\n"
+" -h display help message and exit\n"
+" -q less verbose (quiet) syntax error messages\n"
+" -s strict syntax checking\n"
+" -V display version information and exit"
+msgstr ""
+
+#: plugins/sudoers/auth/bsdauth.c:78
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr "kunde inte få inloggningsklass för användaren %s"
+
+#: plugins/sudoers/auth/bsdauth.c:84
+msgid "unable to begin bsd authentication"
+msgstr ""
+
+#: plugins/sudoers/auth/bsdauth.c:92
+msgid "invalid authentication type"
+msgstr "ogiltig autentiseringstyp"
+
+#: plugins/sudoers/auth/bsdauth.c:101
+msgid "unable to setup authentication"
+msgstr "kunde inte konfigurera autentiseringen"
+
+#: plugins/sudoers/auth/fwtk.c:60
+#, c-format
+msgid "unable to read fwtk config"
+msgstr ""
+
+#: plugins/sudoers/auth/fwtk.c:65
+#, c-format
+msgid "unable to connect to authentication server"
+msgstr "kunde inte ansluta till autentiseringsservern"
+
+#: plugins/sudoers/auth/fwtk.c:71 plugins/sudoers/auth/fwtk.c:95
+#: plugins/sudoers/auth/fwtk.c:128
+#, c-format
+msgid "lost connection to authentication server"
+msgstr "förlorade kontakten med autentiseringsservern"
+
+#: plugins/sudoers/auth/fwtk.c:75
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+"fel i autentiseringsservern:\n"
+"%s"
+
+#: plugins/sudoers/auth/kerb5.c:117
+#, c-format
+msgid "%s: unable to unparse princ ('%s'): %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:160
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr "%s: kunde inte tolka \"%s\": %s"
+
+#: plugins/sudoers/auth/kerb5.c:170
+#, c-format
+msgid "%s: unable to resolve ccache: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:218
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr "%s: kunde inte allokera flaggor: %s"
+
+#: plugins/sudoers/auth/kerb5.c:234
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:247
+#, c-format
+msgid "%s: unable to initialize ccache: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:251
+#, c-format
+msgid "%s: unable to store cred in ccache: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:316
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/kerb5.c:331
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:100
+msgid "unable to initialize PAM"
+msgstr "kunde inte initiera PAM"
+
+#: plugins/sudoers/auth/pam.c:144
+msgid "account validation failure, is your account locked?"
+msgstr "kontovalidering misslyckades. Är ditt konto låst?"
+
+#: plugins/sudoers/auth/pam.c:148
+msgid "Account or password is expired, reset your password and try again"
+msgstr "Kontot eller lösenordet har gått ut. Återställ ditt lösenord och försök igen"
+
+#: plugins/sudoers/auth/pam.c:155
+#, c-format
+msgid "pam_chauthtok: %s"
+msgstr "pam_chauthtok: %s"
+
+#: plugins/sudoers/auth/pam.c:159
+msgid "Password expired, contact your system administrator"
+msgstr "Lösenordet har gått ut. Kontakta din systemadministratör"
+
+#: plugins/sudoers/auth/pam.c:163
+msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
+msgstr ""
+
+#: plugins/sudoers/auth/pam.c:178
+#, c-format
+msgid "pam_authenticate: %s"
+msgstr "pam_authenticate: %s"
+
+#: plugins/sudoers/auth/pam.c:306
+msgid "Password: "
+msgstr "Lösenord: "
+
+#: plugins/sudoers/auth/pam.c:307
+msgid "Password:"
+msgstr "Lösenord:"
+
+#: plugins/sudoers/auth/securid5.c:81
+#, c-format
+msgid "failed to initialise the ACE API library"
+msgstr "misslyckades med att initiera ACE API-biblioteket"
+
+#: plugins/sudoers/auth/securid5.c:107
+#, c-format
+msgid "unable to contact the SecurID server"
+msgstr "kunde inte kontakta SecurID-servern"
+
+#: plugins/sudoers/auth/securid5.c:116
+#, c-format
+msgid "User ID locked for SecurID Authentication"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:120 plugins/sudoers/auth/securid5.c:171
+#, c-format
+msgid "invalid username length for SecurID"
+msgstr "ogiltig användarnamnslängd för SecurID"
+
+#: plugins/sudoers/auth/securid5.c:124 plugins/sudoers/auth/securid5.c:176
+#, c-format
+msgid "invalid Authentication Handle for SecurID"
+msgstr ""
+
+#: plugins/sudoers/auth/securid5.c:128
+#, c-format
+msgid "SecurID communication failed"
+msgstr "SecurID-kommunikation misslyckades"
+
+#: plugins/sudoers/auth/securid5.c:132 plugins/sudoers/auth/securid5.c:215
+#, c-format
+msgid "unknown SecurID error"
+msgstr "okänt SecurID-fel"
+
+#: plugins/sudoers/auth/securid5.c:166
+#, c-format
+msgid "invalid passcode length for SecurID"
+msgstr "ogiltig lösenordslängd för SecurID"
+
+#: plugins/sudoers/auth/sia.c:109
+msgid "unable to initialize SIA session"
+msgstr "kunde inte initiera SIA-session"
+
+#: plugins/sudoers/auth/sudo_auth.c:117
+msgid "Invalid authentication methods compiled into sudo! You may mix standalone and non-standalone authentication."
+msgstr ""
+
+#: plugins/sudoers/auth/sudo_auth.c:199
+msgid "There are no authentication methods compiled into sudo! If you want to turn off authentication, use the --disable-authentication configure option."
+msgstr "Det finns inga autentiseringsmetoder inbyggda i sudo! Om du vill aktivera autentisering, använd konfigurationsflaggan --disable-authentication."
+
+#: plugins/sudoers/auth/sudo_auth.c:271
+#, c-format
+msgid "%d incorrect password attempt"
+msgid_plural "%d incorrect password attempts"
+msgstr[0] "%d felaktigt lösenordsförsök"
+msgstr[1] "%d felaktiga lösenordsförsök"
+
+#: plugins/sudoers/auth/sudo_auth.c:374
+msgid "Authentication methods:"
+msgstr "Autentiseringsmetoder:"
# Yuri Chornoivan <yurchor@ukr.net>, 2011, 2012.
msgid ""
msgstr ""
-"Project-Id-Version: sudoers 1.8.4rc1\n"
+"Project-Id-Version: sudoers 1.8.5rc3\n"
"Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n"
-"POT-Creation-Date: 2012-02-06 15:48-0500\n"
-"PO-Revision-Date: 2012-02-07 23:11+0200\n"
+"POT-Creation-Date: 2012-04-24 13:41-0400\n"
+"PO-Revision-Date: 2012-04-29 12:00+0300\n"
"Last-Translator: Yuri Chornoivan <yurchor@ukr.net>\n"
"Language-Team: Ukrainian <translation-team-uk@lists.sourceforge.net>\n"
-"Language: \n"
+"Language: uk\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=4; plural=n==1 ? 3 : n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2;\n"
-"X-Generator: Lokalize 1.2\n"
+"X-Generator: Lokalize 1.5\n"
+
+#: gram.y:110
+#, c-format
+msgid ">>> %s: %s near line %d <<<"
+msgstr ">>> %s: %s поблизу рядка %d <<<"
#: plugins/sudoers/alias.c:125
#, c-format
msgid "Alias `%s' already defined"
msgstr "Замінник «%s» вже визначено"
-#: plugins/sudoers/bsm_audit.c:61 plugins/sudoers/bsm_audit.c:64
-#: plugins/sudoers/bsm_audit.c:113 plugins/sudoers/bsm_audit.c:117
-#: plugins/sudoers/bsm_audit.c:169 plugins/sudoers/bsm_audit.c:173
+#: plugins/sudoers/auth/bsdauth.c:78
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr "не вдалося отримати клас входу до системи для користувача %s"
+
+#: plugins/sudoers/auth/bsdauth.c:84
+msgid "unable to begin bsd authentication"
+msgstr "не вдалося розпочати розпізнавання за BSD"
+
+#: plugins/sudoers/auth/bsdauth.c:92
+msgid "invalid authentication type"
+msgstr "некоректний тип розпізнавання"
+
+#: plugins/sudoers/auth/bsdauth.c:101
+msgid "unable to setup authentication"
+msgstr "не вдалося налаштувати розпізнавання"
+
+#: plugins/sudoers/auth/fwtk.c:60
+#, c-format
+msgid "unable to read fwtk config"
+msgstr "не вдалося прочитати налаштування fwtk"
+
+#: plugins/sudoers/auth/fwtk.c:65
+#, c-format
+msgid "unable to connect to authentication server"
+msgstr "не вдалося встановити з’єднання з сервером розпізнавання"
+
+#: plugins/sudoers/auth/fwtk.c:71 plugins/sudoers/auth/fwtk.c:95
+#: plugins/sudoers/auth/fwtk.c:128
+#, c-format
+msgid "lost connection to authentication server"
+msgstr "втрачено зв’язок з сервером розпізнавання"
+
+#: plugins/sudoers/auth/fwtk.c:75
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+"помилка сервера розпізнавання:\n"
+"%s"
+
+#: plugins/sudoers/auth/kerb5.c:117
+#, c-format
+msgid "%s: unable to unparse princ ('%s'): %s"
+msgstr "%s: не вдалося зібрати princ ('%s'): %s"
+
+#: plugins/sudoers/auth/kerb5.c:160
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr "%s: не вдалося обробити «%s»: %s"
+
+#: plugins/sudoers/auth/kerb5.c:170
+#, c-format
+msgid "%s: unable to resolve ccache: %s"
+msgstr "%s: не вдалося визначити ccache: %s"
+
+#: plugins/sudoers/auth/kerb5.c:218
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr "%s: не вдалося розмістити параметри: %s"
+
+#: plugins/sudoers/auth/kerb5.c:234
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr "%s: не вдалося отримати реєстраційні дані: %s"
+
+#: plugins/sudoers/auth/kerb5.c:247
+#, c-format
+msgid "%s: unable to initialize ccache: %s"
+msgstr "%s: не вдалося ініціалізувати ccache: %s"
+
+#: plugins/sudoers/auth/kerb5.c:251
+#, c-format
+msgid "%s: unable to store cred in ccache: %s"
+msgstr "%s: не вдалося зберегти реєстраційні дані у ccache: %s"
+
+#: plugins/sudoers/auth/kerb5.c:316
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr "%s: не вдалося отримати реєстраційний запис вузла: %s"
+
+#: plugins/sudoers/auth/kerb5.c:331
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr "%s: спроба перевірки TGT зазнала невдачі! Ймовірно, вас атаковано: %s"
+
+#: plugins/sudoers/auth/pam.c:100
+msgid "unable to initialize PAM"
+msgstr "не вдалося ініціалізувати PAM"
+
+#: plugins/sudoers/auth/pam.c:144
+msgid "account validation failure, is your account locked?"
+msgstr "помилка під час спроби перевірки облікового запису. Ваш обліковий запис заблоковано?"
+
+#: plugins/sudoers/auth/pam.c:148
+msgid "Account or password is expired, reset your password and try again"
+msgstr "Строк дії облікового запису або пароля збіг, визначте новий пароль і повторіть спробу"
+
+#: plugins/sudoers/auth/pam.c:155
+#, c-format
+msgid "pam_chauthtok: %s"
+msgstr "pam_chauthtok: %s"
+
+#: plugins/sudoers/auth/pam.c:159
+msgid "Password expired, contact your system administrator"
+msgstr "Строк дії пароля збіг, зверніться до адміністратора вашої системи щодо поновлення пароля"
+
+#: plugins/sudoers/auth/pam.c:163
+msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
+msgstr "Строк дії облікового запису збіг або у файлі налаштувань PAM немає розділу \"account\" для sudo. Повідомте про це адміністратора вашої системи."
+
+#: plugins/sudoers/auth/pam.c:180
+#, c-format
+msgid "pam_authenticate: %s"
+msgstr "pam_authenticate: %s"
+
+#: plugins/sudoers/auth/pam.c:332
+msgid "Password: "
+msgstr "Пароль: "
+
+#: plugins/sudoers/auth/pam.c:333
+msgid "Password:"
+msgstr "Пароль:"
+
+#: plugins/sudoers/auth/rfc1938.c:104 plugins/sudoers/visudo.c:220
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr "вас немає у базі даних %s"
+
+#: plugins/sudoers/auth/securid5.c:81
+#, c-format
+msgid "failed to initialise the ACE API library"
+msgstr "не вдалося ініціалізувати бібліотеку програмного інтерфейсу до ACE"
+
+#: plugins/sudoers/auth/securid5.c:107
+#, c-format
+msgid "unable to contact the SecurID server"
+msgstr "не вдалося встановити зв’язок з сервером SecurID"
+
+#: plugins/sudoers/auth/securid5.c:116
+#, c-format
+msgid "User ID locked for SecurID Authentication"
+msgstr "Ідентифікатор користувача заблоковано для розпізнавання SecurID"
+
+#: plugins/sudoers/auth/securid5.c:120 plugins/sudoers/auth/securid5.c:171
+#, c-format
+msgid "invalid username length for SecurID"
+msgstr "некоректна довжина імені користувача для SecurID"
+
+#: plugins/sudoers/auth/securid5.c:124 plugins/sudoers/auth/securid5.c:176
+#, c-format
+msgid "invalid Authentication Handle for SecurID"
+msgstr "некоректний дескриптор розпізнавання для SecurID"
+
+#: plugins/sudoers/auth/securid5.c:128
+#, c-format
+msgid "SecurID communication failed"
+msgstr "спроба обміну даними з SecurID зазнала невдачі"
+
+#: plugins/sudoers/auth/securid5.c:132 plugins/sudoers/auth/securid5.c:215
+#, c-format
+msgid "unknown SecurID error"
+msgstr "невідома помилка SecurID"
+
+#: plugins/sudoers/auth/securid5.c:166
+#, c-format
+msgid "invalid passcode length for SecurID"
+msgstr "некоректна довжина коду пароля для SecurID"
+
+#: plugins/sudoers/auth/sia.c:109
+msgid "unable to initialize SIA session"
+msgstr "не вдалося ініціалізувати сеанс SIA"
+
+#: plugins/sudoers/auth/sudo_auth.c:117
+msgid "Invalid authentication methods compiled into sudo! You may mix standalone and non-standalone authentication."
+msgstr "sudo зібрано з підтримкою некоректних способів розпізнавання! Можливе змішування власних і зовнішніх способів розпізнавання."
+
+#: plugins/sudoers/auth/sudo_auth.c:199
+msgid "There are no authentication methods compiled into sudo! If you want to turn off authentication, use the --disable-authentication configure option."
+msgstr "sudo зібрано без можливостей з взаємодії з інструментами розпізнавання! Якщо ви хочете вимкнути розпізнавання, скористайтеся параметром налаштування --disable-authentication."
+
+#: plugins/sudoers/auth/sudo_auth.c:271
+#, c-format
+msgid "%d incorrect password attempt"
+msgid_plural "%d incorrect password attempts"
+msgstr[0] "%d невдала спроба введення пароля"
+msgstr[1] "%d невдалих спроби введення пароля"
+msgstr[2] "%d невдалих спроб введення пароля"
+msgstr[3] "одна невдала спроба введення пароля"
+
+#: plugins/sudoers/auth/sudo_auth.c:374
+msgid "Authentication methods:"
+msgstr "Способи розпізнавання:"
+
+#: plugins/sudoers/bsm_audit.c:60 plugins/sudoers/bsm_audit.c:63
+#: plugins/sudoers/bsm_audit.c:112 plugins/sudoers/bsm_audit.c:116
+#: plugins/sudoers/bsm_audit.c:168 plugins/sudoers/bsm_audit.c:172
+#, c-format
msgid "getaudit: failed"
msgstr "getaudit: помилка"
-#: plugins/sudoers/bsm_audit.c:91 plugins/sudoers/bsm_audit.c:154
+#: plugins/sudoers/bsm_audit.c:90 plugins/sudoers/bsm_audit.c:153
+#, c-format
msgid "Could not determine audit condition"
msgstr "Не вдалося визначити умови аудита"
-#: plugins/sudoers/bsm_audit.c:102
+#: plugins/sudoers/bsm_audit.c:101
+#, c-format
msgid "getauid failed"
msgstr "помилка getauid"
-#: plugins/sudoers/bsm_audit.c:104 plugins/sudoers/bsm_audit.c:163
+#: plugins/sudoers/bsm_audit.c:103 plugins/sudoers/bsm_audit.c:162
+#, c-format
msgid "au_open: failed"
msgstr "au_open: помилка"
-#: plugins/sudoers/bsm_audit.c:119 plugins/sudoers/bsm_audit.c:175
+#: plugins/sudoers/bsm_audit.c:118 plugins/sudoers/bsm_audit.c:174
+#, c-format
msgid "au_to_subject: failed"
msgstr "au_to_subject: помилка"
-#: plugins/sudoers/bsm_audit.c:123 plugins/sudoers/bsm_audit.c:179
+#: plugins/sudoers/bsm_audit.c:122 plugins/sudoers/bsm_audit.c:178
+#, c-format
msgid "au_to_exec_args: failed"
msgstr "au_to_exec_args: помилка"
-#: plugins/sudoers/bsm_audit.c:127 plugins/sudoers/bsm_audit.c:188
+#: plugins/sudoers/bsm_audit.c:126 plugins/sudoers/bsm_audit.c:187
+#, c-format
msgid "au_to_return32: failed"
msgstr "au_to_return32: помилка"
-#: plugins/sudoers/bsm_audit.c:130 plugins/sudoers/bsm_audit.c:191
+#: plugins/sudoers/bsm_audit.c:129 plugins/sudoers/bsm_audit.c:190
+#, c-format
msgid "unable to commit audit record"
msgstr "не вдалося надіслати запис аудита"
-#: plugins/sudoers/bsm_audit.c:161
+#: plugins/sudoers/bsm_audit.c:160
+#, c-format
msgid "getauid: failed"
msgstr "getauid: помилка"
-#: plugins/sudoers/bsm_audit.c:184
+#: plugins/sudoers/bsm_audit.c:183
+#, c-format
msgid "au_to_text: failed"
msgstr "au_to_text: помилка"
msgstr "вибачте, для виконання %s слід вказати пароль"
#: plugins/sudoers/check.c:249 plugins/sudoers/iolog.c:172
-#: plugins/sudoers/sudoers.c:992 plugins/sudoers/sudoreplay.c:348
-#: plugins/sudoers/sudoreplay.c:357 plugins/sudoers/sudoreplay.c:703
-#: plugins/sudoers/sudoreplay.c:797 plugins/sudoers/visudo.c:790
+#: plugins/sudoers/sudoers.c:979 plugins/sudoers/sudoreplay.c:353
+#: plugins/sudoers/sudoreplay.c:709 plugins/sudoers/sudoreplay.c:866
+#: plugins/sudoers/visudo.c:815
#, c-format
msgid "unable to open %s"
msgstr "не вдалося відкрити %s"
msgstr "%s доступний до запису невласником (0%o), має бути встановлено режим 0700"
#: plugins/sudoers/check.c:501 plugins/sudoers/check.c:545
-#: plugins/sudoers/check.c:613 plugins/sudoers/sudoers.c:978
-#: plugins/sudoers/visudo.c:320 plugins/sudoers/visudo.c:582
+#: plugins/sudoers/check.c:613 plugins/sudoers/sudoers.c:998
+#: plugins/sudoers/visudo.c:319 plugins/sudoers/visudo.c:581
#, c-format
msgid "unable to stat %s"
msgstr "не вдалося виконати stat для %s"
msgstr "не вдалося встановити для %s час епохи"
#: plugins/sudoers/check.c:752 plugins/sudoers/check.c:758
-#: plugins/sudoers/sudoers.c:829 plugins/sudoers/sudoers.c:833
+#: plugins/sudoers/sudoers.c:856 plugins/sudoers/sudoers.c:860
#, c-format
msgid "unknown uid: %u"
msgstr "невідоме значення uid: %u"
-#: plugins/sudoers/check.c:755 plugins/sudoers/sudoers.c:770
-#: plugins/sudoers/sudoers.c:1108 plugins/sudoers/testsudoers.c:218
+#: plugins/sudoers/check.c:755 plugins/sudoers/sudoers.c:797
+#: plugins/sudoers/sudoers.c:1115 plugins/sudoers/testsudoers.c:218
#: plugins/sudoers/testsudoers.c:362
#, c-format
msgid "unknown user: %s"
msgstr "Умови запиту пароля для псевдокоманди «verify»: %s"
#: plugins/sudoers/def_data.c:243
-msgid "Preload the dummy exec functions contained in \"_PATH_SUDO_NOEXEC"
-msgstr "Попередньо завантажувати фіктивні функції виконання з «_PATH_SUDO_NOEXEC"
+msgid "Preload the dummy exec functions contained in the sudo_noexec library"
+msgstr "Попередньо завантажувати фіктивні функції виконання з бібліотеки sudo_noexec"
#: plugins/sudoers/def_data.c:247
msgid "If LDAP directory is up, do we ignore local sudoers file"
msgid "option `%s' does not take a value"
msgstr "параметру «%s» не потрібно передавати значення"
-#: plugins/sudoers/env.c:258
-#, c-format
-msgid "internal error, sudo_setenv() overflow"
-msgstr "внутрішня помилка, переповнення sudo_setenv()"
-
-#: plugins/sudoers/env.c:291
+#: plugins/sudoers/env.c:339
#, c-format
msgid "sudo_putenv: corrupted envp, length mismatch"
msgstr "sudo_putenv: помилкове значення envp, невідповідність довжин"
-#: plugins/sudoers/env.c:710
+#: plugins/sudoers/env.c:341 plugins/sudoers/env.c:411
+#: plugins/sudoers/toke_util.c:113 plugins/sudoers/toke_util.c:167
+#: plugins/sudoers/toke_util.c:207 toke.l:682 toke.l:812 toke.l:870 toke.l:966
+#, c-format
+msgid "unable to allocate memory"
+msgstr "не вдалося отримати потрібний об’єм пам’яті"
+
+#: plugins/sudoers/env.c:366
+#, c-format
+msgid "internal error, sudo_setenv2() overflow"
+msgstr "внутрішня помилка, переповнення sudo_setenv2()"
+
+#: plugins/sudoers/env.c:410
+#, c-format
+msgid "internal error, sudo_setenv() overflow"
+msgstr "внутрішня помилка, переповнення sudo_setenv()"
+
+#: plugins/sudoers/env.c:955
#, c-format
msgid "sorry, you are not allowed to set the following environment variables: %s"
msgstr "вибачте, вам не дозволено встановлювати такі змінні середовища: %s"
#: plugins/sudoers/find_path.c:69 plugins/sudoers/find_path.c:108
#: plugins/sudoers/find_path.c:123 plugins/sudoers/iolog.c:125
-#: plugins/sudoers/sudoers.c:923 toke.l:668 toke.l:823
+#: plugins/sudoers/sudoers.c:950 toke.l:678 toke.l:866
#, c-format
msgid "%s: %s"
msgstr "%s: %s"
-#: gram.y:110
-#, c-format
-msgid ">>> %s: %s near line %d <<<"
-msgstr ">>> %s: %s поблизу рядка %d <<<"
-
#: plugins/sudoers/group_plugin.c:91
#, c-format
msgid "%s%s: %s"
msgid "Local IP address and netmask pairs:\n"
msgstr "Пари локальних IP-адрес і масок мережі:\n"
-#: plugins/sudoers/iolog.c:179 plugins/sudoers/sudoers.c:999
+#: plugins/sudoers/iolog.c:179 plugins/sudoers/sudoers.c:986
#, c-format
msgid "unable to read %s"
msgstr "не вдалося прочитати %s"
msgid "unable to create %s"
msgstr "не вдалося створити %s"
-#: plugins/sudoers/iolog_path.c:256 plugins/sudoers/sudoers.c:362
+#: plugins/sudoers/iolog_path.c:256 plugins/sudoers/sudoers.c:373
#, c-format
msgid "unable to set locale to \"%s\", using \"C\""
msgstr "не вдалося встановити локаль у значення «%s», використовуємо локаль «C»"
-#: plugins/sudoers/ldap.c:374
+#: plugins/sudoers/ldap.c:378
#, c-format
msgid "sudo_ldap_conf_add_ports: port too large"
msgstr "sudo_ldap_conf_add_ports: занадто великий номер порту"
-#: plugins/sudoers/ldap.c:397
+#: plugins/sudoers/ldap.c:401
#, c-format
msgid "sudo_ldap_conf_add_ports: out of space expanding hostbuf"
msgstr "sudo_ldap_conf_add_ports: вихід за межі розширеного буфера вузла"
-#: plugins/sudoers/ldap.c:427
+#: plugins/sudoers/ldap.c:431
#, c-format
msgid "unsupported LDAP uri type: %s"
msgstr "непідтримуваний тип адреси LDAP: %s"
-#: plugins/sudoers/ldap.c:456
+#: plugins/sudoers/ldap.c:460
#, c-format
msgid "invalid uri: %s"
msgstr "некоректна адреса: %s"
-#: plugins/sudoers/ldap.c:462
+#: plugins/sudoers/ldap.c:466
#, c-format
msgid "unable to mix ldap and ldaps URIs"
msgstr "не можна використовувати суміш з адрес ldap і ldaps"
-#: plugins/sudoers/ldap.c:466
+#: plugins/sudoers/ldap.c:470
#, c-format
msgid "unable to mix ldaps and starttls"
msgstr "не можна використовувати суміш з ldaps і starttls"
-#: plugins/sudoers/ldap.c:485
+#: plugins/sudoers/ldap.c:489
#, c-format
msgid "sudo_ldap_parse_uri: out of space building hostbuf"
msgstr "sudo_ldap_parse_uri: вихід за межі пам’яті під час побудови буфера вузла"
-#: plugins/sudoers/ldap.c:550
+#: plugins/sudoers/ldap.c:563
#, c-format
msgid "unable to initialize SSL cert and key db: %s"
msgstr "не вдалося ініціалізувати базу даних сертифікатів і ключів SSL: %s"
-#: plugins/sudoers/ldap.c:958
+#: plugins/sudoers/ldap.c:566
+#, c-format
+msgid "you must set TLS_CERT in %s to use SSL"
+msgstr "щоб скористатися SSL, вам слід встановити для TLS_CERT значення %s"
+
+#: plugins/sudoers/ldap.c:973
#, c-format
msgid "unable to get GMT time"
msgstr "не вдалося отримати гринвіцький час"
-#: plugins/sudoers/ldap.c:964
+#: plugins/sudoers/ldap.c:979
#, c-format
msgid "unable to format timestamp"
msgstr "не вдалося виконати форматування часового штампа"
-#: plugins/sudoers/ldap.c:972
+#: plugins/sudoers/ldap.c:987
#, c-format
msgid "unable to build time filter"
msgstr "не вдалося побудувати фільтр часу"
-#: plugins/sudoers/ldap.c:1185
+#: plugins/sudoers/ldap.c:1202
#, c-format
msgid "sudo_ldap_build_pass1 allocation mismatch"
msgstr "sudo_ldap_build_pass1: невідповідність розміщення"
-#: plugins/sudoers/ldap.c:1705
+#: plugins/sudoers/ldap.c:1738
#, c-format
msgid ""
"\n"
"\n"
"Роль LDAP: %s\n"
-#: plugins/sudoers/ldap.c:1707
+#: plugins/sudoers/ldap.c:1740
#, c-format
msgid ""
"\n"
"\n"
"Роль у LDAP: НЕВІДОМА\n"
-#: plugins/sudoers/ldap.c:1754
+#: plugins/sudoers/ldap.c:1787
#, c-format
msgid " Order: %s\n"
msgstr " Порядок: %s\n"
-#: plugins/sudoers/ldap.c:1762
+#: plugins/sudoers/ldap.c:1795
#, c-format
msgid " Commands:\n"
msgstr " Команди:\n"
-#: plugins/sudoers/ldap.c:2161
+#: plugins/sudoers/ldap.c:2216
#, c-format
msgid "unable to initialize LDAP: %s"
msgstr "не вдалося ініціалізувати LDAP: %s"
-#: plugins/sudoers/ldap.c:2192
+#: plugins/sudoers/ldap.c:2250
#, c-format
msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
msgstr "start_tls вказано, але у бібліотеках LDAP не передбачено підтримки ldap_start_tls_s() або ldap_start_tls_s_np()"
-#: plugins/sudoers/ldap.c:2428
+#: plugins/sudoers/ldap.c:2486
#, c-format
msgid "invalid sudoOrder attribute: %s"
msgstr "некоректний атрибут sudoOrder: %s"
msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
msgstr "Вибачте, користувач %s не має права виконувати «%s%s%s» від імені %s%s%s на %s.\n"
-#: plugins/sudoers/logging.c:420
+#: plugins/sudoers/logging.c:447
#, c-format
msgid "unable to fork"
msgstr "не вдалося створити відгалуження"
-#: plugins/sudoers/logging.c:427 plugins/sudoers/logging.c:489
+#: plugins/sudoers/logging.c:454 plugins/sudoers/logging.c:516
#, c-format
msgid "unable to fork: %m"
msgstr "не вдалося створити відгалуження: %m"
-#: plugins/sudoers/logging.c:479
+#: plugins/sudoers/logging.c:506
#, c-format
msgid "unable to open pipe: %m"
msgstr "не вдалося відкрити канал: %m"
-#: plugins/sudoers/logging.c:504
+#: plugins/sudoers/logging.c:531
#, c-format
msgid "unable to dup stdin: %m"
msgstr "не вдалося здублювати stdin: %m"
-#: plugins/sudoers/logging.c:540
+#: plugins/sudoers/logging.c:567
#, c-format
msgid "unable to execute %s: %m"
msgstr "не вдалося виконати %s: %m"
-#: plugins/sudoers/logging.c:755
+#: plugins/sudoers/logging.c:782
#, c-format
msgid "internal error: insufficient space for log line"
msgstr "внутрішня помилка: недостатньо місця для рядка журналу"
msgid "unable to cache user %s, already exists"
msgstr "не вдалося кешувати користувача %s, запис вже існує"
-#: plugins/sudoers/pwutil.c:655
+#: plugins/sudoers/pwutil.c:653
#, c-format
msgid "unable to cache gid %u (%s), already exists"
msgstr "не вдалося кешувати gid %u (%s), запис вже існує"
-#: plugins/sudoers/pwutil.c:663
+#: plugins/sudoers/pwutil.c:661
#, c-format
msgid "unable to cache gid %u, already exists"
msgstr "не вдалося кешувати gid %u, запис вже існує"
-#: plugins/sudoers/pwutil.c:693 plugins/sudoers/pwutil.c:702
+#: plugins/sudoers/pwutil.c:691 plugins/sudoers/pwutil.c:700
#, c-format
msgid "unable to cache group %s, already exists"
msgstr "не вдалося кешувати групу %s, запис вже існує"
-#: plugins/sudoers/set_perms.c:114 plugins/sudoers/set_perms.c:365
-#: plugins/sudoers/set_perms.c:601 plugins/sudoers/set_perms.c:837
+#: plugins/sudoers/set_perms.c:122 plugins/sudoers/set_perms.c:436
+#: plugins/sudoers/set_perms.c:828 plugins/sudoers/set_perms.c:1114
+#: plugins/sudoers/set_perms.c:1396
msgid "perm stack overflow"
msgstr "переповнення стека доступу"
-#: plugins/sudoers/set_perms.c:122 plugins/sudoers/set_perms.c:373
-#: plugins/sudoers/set_perms.c:609 plugins/sudoers/set_perms.c:845
+#: plugins/sudoers/set_perms.c:130 plugins/sudoers/set_perms.c:444
+#: plugins/sudoers/set_perms.c:836 plugins/sudoers/set_perms.c:1122
+#: plugins/sudoers/set_perms.c:1404
msgid "perm stack underflow"
msgstr "вичерпання стека доступу"
-#: plugins/sudoers/set_perms.c:228 plugins/sudoers/set_perms.c:466
-#: plugins/sudoers/set_perms.c:706
+#: plugins/sudoers/set_perms.c:270 plugins/sudoers/set_perms.c:580
+#: plugins/sudoers/set_perms.c:957 plugins/sudoers/set_perms.c:1243
msgid "unable to change to runas gid"
msgstr "не вдалося змінити gid на runas"
-#: plugins/sudoers/set_perms.c:236 plugins/sudoers/set_perms.c:473
-#: plugins/sudoers/set_perms.c:713
+#: plugins/sudoers/set_perms.c:282 plugins/sudoers/set_perms.c:592
+#: plugins/sudoers/set_perms.c:967 plugins/sudoers/set_perms.c:1253
msgid "unable to change to runas uid"
msgstr "не вдалося змінити uid на runas"
-#: plugins/sudoers/set_perms.c:250 plugins/sudoers/set_perms.c:486
-#: plugins/sudoers/set_perms.c:726
-#, c-format
+#: plugins/sudoers/set_perms.c:300 plugins/sudoers/set_perms.c:610
+#: plugins/sudoers/set_perms.c:983 plugins/sudoers/set_perms.c:1269
msgid "unable to change to sudoers gid"
msgstr "не вдалося змінити gid на sudoers"
-#: plugins/sudoers/set_perms.c:291 plugins/sudoers/set_perms.c:524
-#: plugins/sudoers/set_perms.c:764 plugins/sudoers/set_perms.c:906
+#: plugins/sudoers/set_perms.c:353 plugins/sudoers/set_perms.c:681
+#: plugins/sudoers/set_perms.c:1029 plugins/sudoers/set_perms.c:1315
+#: plugins/sudoers/set_perms.c:1474
msgid "too many processes"
msgstr "забагато процесів"
-#: plugins/sudoers/set_perms.c:970
+#: plugins/sudoers/set_perms.c:1542
msgid "unable to set runas group vector"
msgstr "не вдалося встановити вектор групи виконання"
msgid "User %s is not allowed to run sudo on %s.\n"
msgstr "Користувач %s не має права виконувати sudo на %s.\n"
-#: plugins/sudoers/sudoers.c:201 plugins/sudoers/sudoers.c:232
-#: plugins/sudoers/sudoers.c:931
+#: plugins/sudoers/sudoers.c:208 plugins/sudoers/sudoers.c:239
+#: plugins/sudoers/sudoers.c:958
msgid "problem with defaults entries"
msgstr "проблема з типовими записами"
-#: plugins/sudoers/sudoers.c:205
+#: plugins/sudoers/sudoers.c:212
#, c-format
msgid "no valid sudoers sources found, quitting"
msgstr "не знайдено коректних джерел даних sudoers, завершення роботи"
-#: plugins/sudoers/sudoers.c:257
+#: plugins/sudoers/sudoers.c:264
#, c-format
msgid "unable to execute %s: %s"
msgstr "не вдалося виконати %s: %s"
-#: plugins/sudoers/sudoers.c:311
+#: plugins/sudoers/sudoers.c:322
#, c-format
msgid "sudoers specifies that root is not allowed to sudo"
msgstr "sudoers вказує, що sudo не можна користуватися для виконання команд від root"
-#: plugins/sudoers/sudoers.c:318
+#: plugins/sudoers/sudoers.c:329
#, c-format
msgid "you are not permitted to use the -C option"
msgstr "вам не дозволено використовувати параметр -C"
-#: plugins/sudoers/sudoers.c:408
+#: plugins/sudoers/sudoers.c:422
#, c-format
msgid "timestamp owner (%s): No such user"
msgstr "власник часового штампа (%s): не знайдено користувача з таким іменем"
-#: plugins/sudoers/sudoers.c:424
+#: plugins/sudoers/sudoers.c:438
msgid "no tty"
msgstr "немає tty"
-#: plugins/sudoers/sudoers.c:425
+#: plugins/sudoers/sudoers.c:439
#, c-format
msgid "sorry, you must have a tty to run sudo"
msgstr "вибачте, для виконання sudo вашому користувачеві потрібен tty"
-#: plugins/sudoers/sudoers.c:464
+#: plugins/sudoers/sudoers.c:478
msgid "No user or host"
msgstr "Немає користувача або вузла"
-#: plugins/sudoers/sudoers.c:478 plugins/sudoers/sudoers.c:499
-#: plugins/sudoers/sudoers.c:500 plugins/sudoers/sudoers.c:1509
-#: plugins/sudoers/sudoers.c:1510
+#: plugins/sudoers/sudoers.c:492 plugins/sudoers/sudoers.c:513
+#: plugins/sudoers/sudoers.c:514 plugins/sudoers/sudoers.c:1522
+#: plugins/sudoers/sudoers.c:1523
#, c-format
msgid "%s: command not found"
msgstr "%s: команду не знайдено"
-#: plugins/sudoers/sudoers.c:480 plugins/sudoers/sudoers.c:496
+#: plugins/sudoers/sudoers.c:494 plugins/sudoers/sudoers.c:510
#, c-format
msgid ""
"ignoring `%s' found in '.'\n"
"пропущено «%s» знайдений у «.»\n"
"Скористайтеся командою «sudo ./%s», якщо вам потрібно виконати саме «%s»."
-#: plugins/sudoers/sudoers.c:485
+#: plugins/sudoers/sudoers.c:499
msgid "validation failure"
msgstr "помилка під час спроби перевірки"
-#: plugins/sudoers/sudoers.c:495
+#: plugins/sudoers/sudoers.c:509
msgid "command in current directory"
msgstr "команда у поточному каталозі"
-#: plugins/sudoers/sudoers.c:507
+#: plugins/sudoers/sudoers.c:521
#, c-format
msgid "sorry, you are not allowed to preserve the environment"
msgstr "вибачте, вам не дозволено зберігати середовище"
-#: plugins/sudoers/sudoers.c:657 plugins/sudoers/sudoers.c:664
+#: plugins/sudoers/sudoers.c:681 plugins/sudoers/sudoers.c:688
#, c-format
msgid "internal error, runas_groups overflow"
msgstr "внутрішня помилка, переповнення runas_groups"
-#: plugins/sudoers/sudoers.c:914
+#: plugins/sudoers/sudoers.c:941
#, c-format
msgid "internal error, set_cmnd() overflow"
msgstr "внутрішня помилка, переповнення set_cmnd()"
-#: plugins/sudoers/sudoers.c:957
-#, c-format
-msgid "fixed mode on %s"
-msgstr "виправлено режим на %s"
-
-#: plugins/sudoers/sudoers.c:961
-#, c-format
-msgid "set group on %s"
-msgstr "встановлено групу у %s"
-
-#: plugins/sudoers/sudoers.c:964
-#, c-format
-msgid "unable to set group on %s"
-msgstr "не вдалося встановити групу на %s"
-
-#: plugins/sudoers/sudoers.c:967
-#, c-format
-msgid "unable to fix mode on %s"
-msgstr "не вдалося виправити режим на %s"
-
-#: plugins/sudoers/sudoers.c:980
+#: plugins/sudoers/sudoers.c:1001
#, c-format
msgid "%s is not a regular file"
msgstr "%s не є звичайним файлом"
-#: plugins/sudoers/sudoers.c:982
-#, c-format
-msgid "%s is mode 0%o, should be 0%o"
-msgstr "%s має режим доступу 0%o, має бути 0%o"
-
-#: plugins/sudoers/sudoers.c:986
+#: plugins/sudoers/sudoers.c:1004 toke.l:829
#, c-format
msgid "%s is owned by uid %u, should be %u"
msgstr "%s належить uid %u, має належати %u"
-#: plugins/sudoers/sudoers.c:989
+#: plugins/sudoers/sudoers.c:1008 toke.l:836
+#, c-format
+msgid "%s is world writable"
+msgstr "Запис до «%s» можливий для довільного користувача"
+
+#: plugins/sudoers/sudoers.c:1011 toke.l:841
#, c-format
msgid "%s is owned by gid %u, should be %u"
msgstr "%s належить gid %u, має належати %u"
msgid "only root can use `-c %s'"
msgstr "використовувати «-c %s» може лише root"
-#: plugins/sudoers/sudoers.c:1049
+#: plugins/sudoers/sudoers.c:1055 plugins/sudoers/sudoers.c:1057
#, c-format
msgid "unknown login class: %s"
msgstr "невідомий клас входу: %s"
-#: plugins/sudoers/sudoers.c:1077
+#: plugins/sudoers/sudoers.c:1084
#, c-format
msgid "unable to resolve host %s"
msgstr "не вдалося визначити адресу вузла %s"
-#: plugins/sudoers/sudoers.c:1129 plugins/sudoers/testsudoers.c:380
+#: plugins/sudoers/sudoers.c:1136 plugins/sudoers/testsudoers.c:380
#, c-format
msgid "unknown group: %s"
msgstr "невідома група: %s"
-#: plugins/sudoers/sudoers.c:1178
+#: plugins/sudoers/sudoers.c:1185
#, c-format
msgid "Sudoers policy plugin version %s\n"
msgstr "Додаток правил sudoers версії %s\n"
-#: plugins/sudoers/sudoers.c:1180
+#: plugins/sudoers/sudoers.c:1187
#, c-format
msgid "Sudoers file grammar version %d\n"
msgstr "Граматична перевірка файла sudoers версії %d\n"
-#: plugins/sudoers/sudoers.c:1184
+#: plugins/sudoers/sudoers.c:1191
#, c-format
msgid ""
"\n"
"\n"
"Шлях до sudoers: %s\n"
-#: plugins/sudoers/sudoers.c:1187
+#: plugins/sudoers/sudoers.c:1194
#, c-format
msgid "nsswitch path: %s\n"
msgstr "Шлях до nsswitch: %s\n"
-#: plugins/sudoers/sudoers.c:1189
+#: plugins/sudoers/sudoers.c:1196
#, c-format
msgid "ldap.conf path: %s\n"
msgstr "Шлях до ldap.conf: %s\n"
-#: plugins/sudoers/sudoers.c:1190
+#: plugins/sudoers/sudoers.c:1197
#, c-format
msgid "ldap.secret path: %s\n"
msgstr "Шлях до ldap.secret: %s\n"
-#: plugins/sudoers/sudoreplay.c:286
+#: plugins/sudoers/sudoreplay.c:291
#, c-format
msgid "invalid filter option: %s"
msgstr "некоректний параметр фільтрування: %s"
-#: plugins/sudoers/sudoreplay.c:299
+#: plugins/sudoers/sudoreplay.c:304
#, c-format
msgid "invalid max wait: %s"
msgstr "некоректне значення макс. очікування: %s"
-#: plugins/sudoers/sudoreplay.c:305
+#: plugins/sudoers/sudoreplay.c:310
#, c-format
msgid "invalid speed factor: %s"
msgstr "некоректний коефіцієнт швидкості: %s"
-#: plugins/sudoers/sudoreplay.c:308 plugins/sudoers/visudo.c:187
+#: plugins/sudoers/sudoreplay.c:313 plugins/sudoers/visudo.c:187
#, c-format
msgid "%s version %s\n"
msgstr "%s, версія %s\n"
-#: plugins/sudoers/sudoreplay.c:333
+#: plugins/sudoers/sudoreplay.c:338
#, c-format
msgid "%s/%.2s/%.2s/%.2s/timing: %s"
msgstr "%s/%.2s/%.2s/%.2s/timing: %s"
-#: plugins/sudoers/sudoreplay.c:339
+#: plugins/sudoers/sudoreplay.c:344
#, c-format
msgid "%s/%s/timing: %s"
msgstr "%s/%s/timing: %s"
-#: plugins/sudoers/sudoreplay.c:364
+#: plugins/sudoers/sudoreplay.c:362
#, c-format
-msgid "invalid log file %s"
-msgstr "некоÑ\80екÑ\82ний Ñ\84айл жÑ\83Ñ\80налÑ\83 %s"
+msgid "Replaying sudo session: %s\n"
+msgstr "Ð\92Ñ\96дÑ\82воÑ\80еннÑ\8f Ñ\81еанÑ\81Ñ\83 sudo: %s\n"
-#: plugins/sudoers/sudoreplay.c:366
+#: plugins/sudoers/sudoreplay.c:368
#, c-format
-msgid "Replaying sudo session: %s"
-msgstr "Ð\92Ñ\96дÑ\82воÑ\80еннÑ\8f Ñ\81еанÑ\81Ñ\83 sudo: %s"
+msgid "Warning: your terminal is too small to properly replay the log.\n"
+msgstr "Ð\9fопеÑ\80едженнÑ\8f: Ñ\80озмÑ\96Ñ\80и ваÑ\88ого Ñ\82еÑ\80мÑ\96нала Ñ\94 замалими длÑ\8f належного показÑ\83 жÑ\83Ñ\80налÑ\83.\n"
-#: plugins/sudoers/sudoreplay.c:392
+#: plugins/sudoers/sudoreplay.c:369
+#, c-format
+msgid "Log geometry is %d x %d, your terminal's geometry is %d x %d."
+msgstr "Встановлено формат журналу %d x %d, тоді як формат термінала — %d x %d."
+
+#: plugins/sudoers/sudoreplay.c:399
#, c-format
msgid "unable to set tty to raw mode"
msgstr "не вдалося перевести tty у режим без обробки даних"
-#: plugins/sudoers/sudoreplay.c:406
+#: plugins/sudoers/sudoreplay.c:412
#, c-format
msgid "invalid timing file line: %s"
msgstr "некоректний рядок у файлі timing: %s"
-#: plugins/sudoers/sudoreplay.c:448
+#: plugins/sudoers/sudoreplay.c:454
#, c-format
msgid "writing to standard output"
msgstr "запис до стандартного виводу даних"
-#: plugins/sudoers/sudoreplay.c:480
+#: plugins/sudoers/sudoreplay.c:486
#, c-format
msgid "nanosleep: tv_sec %ld, tv_nsec %ld"
msgstr "nanosleep: tv_sec %ld, tv_nsec %ld"
-#: plugins/sudoers/sudoreplay.c:529 plugins/sudoers/sudoreplay.c:554
+#: plugins/sudoers/sudoreplay.c:535 plugins/sudoers/sudoreplay.c:560
#, c-format
msgid "ambiguous expression \"%s\""
msgstr "неоднозначний вираз «%s»"
-#: plugins/sudoers/sudoreplay.c:571
+#: plugins/sudoers/sudoreplay.c:577
#, c-format
msgid "too many parenthesized expressions, max %d"
msgstr "забагато виразів у дужках, максимальна можлива кількість — %d"
-#: plugins/sudoers/sudoreplay.c:582
+#: plugins/sudoers/sudoreplay.c:588
#, c-format
msgid "unmatched ')' in expression"
msgstr "зайва дужка, «)», у виразі"
-#: plugins/sudoers/sudoreplay.c:588
+#: plugins/sudoers/sudoreplay.c:594
#, c-format
msgid "unknown search term \"%s\""
msgstr "невідомий ключ пошуку «%s»"
-#: plugins/sudoers/sudoreplay.c:602
+#: plugins/sudoers/sudoreplay.c:608
#, c-format
msgid "%s requires an argument"
msgstr "%s потребує визначення аргументу"
-#: plugins/sudoers/sudoreplay.c:606
+#: plugins/sudoers/sudoreplay.c:612
#, c-format
msgid "invalid regular expression: %s"
msgstr "некоректний формальний вираз: %s"
-#: plugins/sudoers/sudoreplay.c:612
+#: plugins/sudoers/sudoreplay.c:618
#, c-format
msgid "could not parse date \"%s\""
msgstr "не вдалося обробити дату «%s»"
-#: plugins/sudoers/sudoreplay.c:625
+#: plugins/sudoers/sudoreplay.c:631
#, c-format
msgid "unmatched '(' in expression"
msgstr "зайва дужка, «(», у виразі"
-#: plugins/sudoers/sudoreplay.c:627
+#: plugins/sudoers/sudoreplay.c:633
#, c-format
msgid "illegal trailing \"or\""
msgstr "помилкове завершальне «or»"
-#: plugins/sudoers/sudoreplay.c:629
+#: plugins/sudoers/sudoreplay.c:635
#, c-format
msgid "illegal trailing \"!\""
msgstr "помилкове завершальне «!»"
-#: plugins/sudoers/sudoreplay.c:851
+#: plugins/sudoers/sudoreplay.c:942
#, c-format
msgid "invalid regex: %s"
msgstr "некоректний формальний вираз: %s"
-#: plugins/sudoers/sudoreplay.c:976
+#: plugins/sudoers/sudoreplay.c:1066
#, c-format
msgid "usage: %s [-h] [-d directory] [-m max_wait] [-s speed_factor] ID\n"
msgstr "використання: %s [-h] [-d каталог] [-m макс_очік] [-s коеф_швидкості] ідентифікатор\n"
-#: plugins/sudoers/sudoreplay.c:979
+#: plugins/sudoers/sudoreplay.c:1069
#, c-format
msgid "usage: %s [-h] [-d directory] -l [search expression]\n"
msgstr "використання: %s [-h] [-d каталог] -l [вираз для пошуку]\n"
-#: plugins/sudoers/sudoreplay.c:988
+#: plugins/sudoers/sudoreplay.c:1078
#, c-format
msgid ""
"%s - replay sudo session logs\n"
"%s — відтворення журналів сеансів sudo\n"
"\n"
-#: plugins/sudoers/sudoreplay.c:990
+#: plugins/sudoers/sudoreplay.c:1080
msgid ""
"\n"
"Options:\n"
"\n"
"Не знайдено відповідника команди"
-#: toke.l:672 toke.l:802 toke.l:827 toke.l:923 plugins/sudoers/toke_util.c:113
-#: plugins/sudoers/toke_util.c:167 plugins/sudoers/toke_util.c:207
-msgid "unable to allocate memory"
-msgstr "не вдалося отримати потрібний об’єм пам’яті"
-
-#: toke.l:795
-msgid "too many levels of includes"
-msgstr "занадто високий рівень вкладеності"
-
#: plugins/sudoers/toke_util.c:218
msgid "fill_args: buffer overflow"
msgstr "fill_args: переповнення буфера"
msgid "%s grammar version %d\n"
msgstr "Граматична перевірка %s, версія %d\n"
-#: plugins/sudoers/visudo.c:221 plugins/sudoers/auth/rfc1938.c:104
-#, c-format
-msgid "you do not exist in the %s database"
-msgstr "вас немає у базі даних %s"
-
-#: plugins/sudoers/visudo.c:253 plugins/sudoers/visudo.c:539
+#: plugins/sudoers/visudo.c:252 plugins/sudoers/visudo.c:538
#, c-format
msgid "press return to edit %s: "
msgstr "натисніть Enter для редагування %s: "
-#: plugins/sudoers/visudo.c:336 plugins/sudoers/visudo.c:342
+#: plugins/sudoers/visudo.c:335 plugins/sudoers/visudo.c:341
#, c-format
msgid "write error"
msgstr "помилка запису"
-#: plugins/sudoers/visudo.c:424
+#: plugins/sudoers/visudo.c:423
#, c-format
msgid "unable to stat temporary file (%s), %s unchanged"
msgstr "не вдалося обробити stat файл тимчасових даних (%s), %s не змінено"
-#: plugins/sudoers/visudo.c:429
+#: plugins/sudoers/visudo.c:428
#, c-format
msgid "zero length temporary file (%s), %s unchanged"
msgstr "файл тимчасових даних має нульовий об’єм (%s), %s не змінено"
-#: plugins/sudoers/visudo.c:435
+#: plugins/sudoers/visudo.c:434
#, c-format
msgid "editor (%s) failed, %s unchanged"
msgstr "помилка редактора (%s), %s не змінено"
-#: plugins/sudoers/visudo.c:458
+#: plugins/sudoers/visudo.c:457
#, c-format
msgid "%s unchanged"
msgstr "%s не змінено"
-#: plugins/sudoers/visudo.c:484
+#: plugins/sudoers/visudo.c:483
#, c-format
msgid "unable to re-open temporary file (%s), %s unchanged."
msgstr "не вдалося повторно відкрити файл тимчасових даних (%s), %s не змінено."
-#: plugins/sudoers/visudo.c:494
+#: plugins/sudoers/visudo.c:493
#, c-format
msgid "unabled to parse temporary file (%s), unknown error"
msgstr "не вдалося обробити файл тимчасових даних (%s), невідома помилка"
-#: plugins/sudoers/visudo.c:532
+#: plugins/sudoers/visudo.c:531
#, c-format
msgid "internal error, unable to find %s in list!"
msgstr "внутрішня помилка, не вдалося знайти %s у списку!"
-#: plugins/sudoers/visudo.c:584 plugins/sudoers/visudo.c:593
+#: plugins/sudoers/visudo.c:583 plugins/sudoers/visudo.c:592
#, c-format
msgid "unable to set (uid, gid) of %s to (%u, %u)"
msgstr "не вдалося встановити (uid, gid) %s у значення (%u, %u)"
-#: plugins/sudoers/visudo.c:588 plugins/sudoers/visudo.c:598
+#: plugins/sudoers/visudo.c:587 plugins/sudoers/visudo.c:597
#, c-format
msgid "unable to change mode of %s to 0%o"
msgstr "не вдалося змінити режим доступу до %s на значення 0%o"
-#: plugins/sudoers/visudo.c:615
+#: plugins/sudoers/visudo.c:614
#, c-format
msgid "%s and %s not on the same file system, using mv to rename"
msgstr "%s і %s не перебувають у одній файловій системі, використовуємо mv для перейменування"
-#: plugins/sudoers/visudo.c:629
+#: plugins/sudoers/visudo.c:628
#, c-format
msgid "command failed: '%s %s %s', %s unchanged"
msgstr "помилка команди: «%s %s %s», %s не змінено"
-#: plugins/sudoers/visudo.c:639
+#: plugins/sudoers/visudo.c:638
#, c-format
msgid "error renaming %s, %s unchanged"
msgstr "помилка перейменування %s, %s не змінено"
-#: plugins/sudoers/visudo.c:702
+#: plugins/sudoers/visudo.c:701
msgid "What now? "
msgstr "А зараз що? "
-#: plugins/sudoers/visudo.c:716
+#: plugins/sudoers/visudo.c:715
msgid ""
"Options are:\n"
" (e)dit sudoers file again\n"
" (x) — вийти без внесення змін до файла sudoers\n"
" (Q) — вийти зі збереженням файла sudoers (НЕБЕЗПЕЧНО!)\n"
-#: plugins/sudoers/visudo.c:757
+#: plugins/sudoers/visudo.c:756
#, c-format
msgid "unable to execute %s"
msgstr "не вдалося виконати %s"
-#: plugins/sudoers/visudo.c:764
+#: plugins/sudoers/visudo.c:763
#, c-format
msgid "unable to run %s"
msgstr "не вдалося виконати %s"
+#: plugins/sudoers/visudo.c:789
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr "%s: помилковий власник (uid, gid), має бути (%u, %u)\n"
+
#: plugins/sudoers/visudo.c:796
#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr "%s: помилкові права доступу, режим доступу має бути 0%o\n"
+
+#: plugins/sudoers/visudo.c:821
+#, c-format
msgid "failed to parse %s file, unknown error"
msgstr "не вдалося обробити файл %s, невідома помилка"
-#: plugins/sudoers/visudo.c:808
+#: plugins/sudoers/visudo.c:834
#, c-format
msgid "parse error in %s near line %d\n"
msgstr "помилка обробки у %s поблизу рядка %d\n"
-#: plugins/sudoers/visudo.c:811
+#: plugins/sudoers/visudo.c:837
#, c-format
msgid "parse error in %s\n"
msgstr "помилка обробки у %s\n"
-#: plugins/sudoers/visudo.c:814 plugins/sudoers/visudo.c:816
+#: plugins/sudoers/visudo.c:844 plugins/sudoers/visudo.c:849
#, c-format
msgid "%s: parsed OK\n"
msgstr "%s: вдала обробка\n"
-#: plugins/sudoers/visudo.c:826
-#, c-format
-msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
-msgstr "%s: помилковий власник (uid, gid), має бути (%u, %u)\n"
-
-#: plugins/sudoers/visudo.c:833
-#, c-format
-msgid "%s: bad permissions, should be mode 0%o\n"
-msgstr "%s: помилкові права доступу, режим доступу має бути 0%o\n"
-
-#: plugins/sudoers/visudo.c:880
+#: plugins/sudoers/visudo.c:896
#, c-format
msgid "%s busy, try again later"
msgstr "%s зайнято, повторіть спробу пізніше"
-#: plugins/sudoers/visudo.c:924
+#: plugins/sudoers/visudo.c:940
#, c-format
msgid "specified editor (%s) doesn't exist"
msgstr "вказаного редактора (%s) не існує"
-#: plugins/sudoers/visudo.c:947
+#: plugins/sudoers/visudo.c:963
#, c-format
msgid "unable to stat editor (%s)"
msgstr "не вдалося виконати stat для редактора (%s)"
-#: plugins/sudoers/visudo.c:995
+#: plugins/sudoers/visudo.c:1011
#, c-format
msgid "no editor found (editor path = %s)"
msgstr "не знайдено жодного редактора (шлях до редактора = %s)"
-#: plugins/sudoers/visudo.c:1089
+#: plugins/sudoers/visudo.c:1105
#, c-format
msgid "Error: cycle in %s_Alias `%s'"
msgstr "Помилка: цикл у %s_Alias «%s»"
-#: plugins/sudoers/visudo.c:1090
+#: plugins/sudoers/visudo.c:1106
#, c-format
msgid "Warning: cycle in %s_Alias `%s'"
msgstr "Попередження: цикл у %s_Alias «%s»"
-#: plugins/sudoers/visudo.c:1093
+#: plugins/sudoers/visudo.c:1109
#, c-format
msgid "Error: %s_Alias `%s' referenced but not defined"
msgstr "Помилка: виявлено посилання %s_Alias «%s», яке не визначено"
-#: plugins/sudoers/visudo.c:1094
+#: plugins/sudoers/visudo.c:1110
#, c-format
msgid "Warning: %s_Alias `%s' referenced but not defined"
msgstr "Попередження: виявлено посилання %s_Alias «%s», яке не визначено"
-#: plugins/sudoers/visudo.c:1229
+#: plugins/sudoers/visudo.c:1245
#, c-format
msgid "%s: unused %s_Alias %s"
msgstr "%s: невикористаний %s_Alias %s"
-#: plugins/sudoers/visudo.c:1286
+#: plugins/sudoers/visudo.c:1301
#, c-format
msgid ""
"%s - safely edit the sudoers file\n"
"%s — безпечне редагування файла sudoers\n"
"\n"
-#: plugins/sudoers/visudo.c:1288
+#: plugins/sudoers/visudo.c:1303
msgid ""
"\n"
"Options:\n"
" -s строга перевірка синтаксису\n"
" -V показати дані щодо версії і завершити роботу"
-#: plugins/sudoers/auth/bsdauth.c:78
-#, c-format
-msgid "unable to get login class for user %s"
-msgstr "не вдалося отримати клас входу до системи для користувача %s"
-
-#: plugins/sudoers/auth/bsdauth.c:84
-msgid "unable to begin bsd authentication"
-msgstr "не вдалося розпочати розпізнавання за BSD"
-
-#: plugins/sudoers/auth/bsdauth.c:92
-msgid "invalid authentication type"
-msgstr "некоректний тип розпізнавання"
-
-#: plugins/sudoers/auth/bsdauth.c:101
-msgid "unable to setup authentication"
-msgstr "не вдалося налаштувати розпізнавання"
-
-#: plugins/sudoers/auth/fwtk.c:60
-#, c-format
-msgid "unable to read fwtk config"
-msgstr "не вдалося прочитати налаштування fwtk"
-
-#: plugins/sudoers/auth/fwtk.c:65
-#, c-format
-msgid "unable to connect to authentication server"
-msgstr "не вдалося встановити з’єднання з сервером розпізнавання"
-
-#: plugins/sudoers/auth/fwtk.c:71 plugins/sudoers/auth/fwtk.c:95
-#: plugins/sudoers/auth/fwtk.c:128
-#, c-format
-msgid "lost connection to authentication server"
-msgstr "втрачено зв’язок з сервером розпізнавання"
-
-#: plugins/sudoers/auth/fwtk.c:75
-#, c-format
-msgid ""
-"authentication server error:\n"
-"%s"
-msgstr ""
-"помилка сервера розпізнавання:\n"
-"%s"
-
-#: plugins/sudoers/auth/kerb5.c:117
-#, c-format
-msgid "%s: unable to unparse princ ('%s'): %s"
-msgstr "%s: не вдалося зібрати princ ('%s'): %s"
-
-#: plugins/sudoers/auth/kerb5.c:160
-#, c-format
-msgid "%s: unable to parse '%s': %s"
-msgstr "%s: не вдалося обробити «%s»: %s"
-
-#: plugins/sudoers/auth/kerb5.c:170
-#, c-format
-msgid "%s: unable to resolve ccache: %s"
-msgstr "%s: не вдалося визначити ccache: %s"
-
-#: plugins/sudoers/auth/kerb5.c:218
-#, c-format
-msgid "%s: unable to allocate options: %s"
-msgstr "%s: не вдалося розмістити параметри: %s"
-
-#: plugins/sudoers/auth/kerb5.c:234
-#, c-format
-msgid "%s: unable to get credentials: %s"
-msgstr "%s: не вдалося отримати реєстраційні дані: %s"
-
-#: plugins/sudoers/auth/kerb5.c:247
-#, c-format
-msgid "%s: unable to initialize ccache: %s"
-msgstr "%s: не вдалося ініціалізувати ccache: %s"
-
-#: plugins/sudoers/auth/kerb5.c:251
-#, c-format
-msgid "%s: unable to store cred in ccache: %s"
-msgstr "%s: не вдалося зберегти реєстраційні дані у ccache: %s"
-
-#: plugins/sudoers/auth/kerb5.c:316
-#, c-format
-msgid "%s: unable to get host principal: %s"
-msgstr "%s: не вдалося отримати реєстраційний запис вузла: %s"
-
-#: plugins/sudoers/auth/kerb5.c:331
-#, c-format
-msgid "%s: Cannot verify TGT! Possible attack!: %s"
-msgstr "%s: спроба перевірки TGT зазнала невдачі! Ймовірно, вас атаковано: %s"
-
-#: plugins/sudoers/auth/pam.c:100
-msgid "unable to initialize PAM"
-msgstr "не вдалося ініціалізувати PAM"
-
-#: plugins/sudoers/auth/pam.c:144
-msgid "account validation failure, is your account locked?"
-msgstr "помилка під час спроби перевірки облікового запису. Ваш обліковий запис заблоковано?"
-
-#: plugins/sudoers/auth/pam.c:148
-msgid "Account or password is expired, reset your password and try again"
-msgstr "Строк дії облікового запису або пароля збіг, визначте новий пароль і повторіть спробу"
-
-#: plugins/sudoers/auth/pam.c:155
-#, c-format
-msgid "pam_chauthtok: %s"
-msgstr "pam_chauthtok: %s"
-
-#: plugins/sudoers/auth/pam.c:159
-msgid "Password expired, contact your system administrator"
-msgstr "Строк дії пароля збіг, зверніться до адміністратора вашої системи щодо поновлення пароля"
-
-#: plugins/sudoers/auth/pam.c:163
-msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
-msgstr "Строк дії облікового запису збіг або у файлі налаштувань PAM немає розділу \"account\" для sudo. Повідомте про це адміністратора вашої системи."
-
-#: plugins/sudoers/auth/pam.c:178
-#, c-format
-msgid "pam_authenticate: %s"
-msgstr "pam_authenticate: %s"
-
-#: plugins/sudoers/auth/pam.c:306
-msgid "Password: "
-msgstr "Пароль: "
-
-#: plugins/sudoers/auth/pam.c:307
-msgid "Password:"
-msgstr "Пароль:"
-
-#: plugins/sudoers/auth/securid5.c:81
-#, c-format
-msgid "failed to initialise the ACE API library"
-msgstr "не вдалося ініціалізувати бібліотеку програмного інтерфейсу до ACE"
-
-#: plugins/sudoers/auth/securid5.c:107
-#, c-format
-msgid "unable to contact the SecurID server"
-msgstr "не вдалося встановити зв’язок з сервером SecurID"
-
-#: plugins/sudoers/auth/securid5.c:116
-#, c-format
-msgid "User ID locked for SecurID Authentication"
-msgstr "Ідентифікатор користувача заблоковано для розпізнавання SecurID"
-
-#: plugins/sudoers/auth/securid5.c:120 plugins/sudoers/auth/securid5.c:171
-#, c-format
-msgid "invalid username length for SecurID"
-msgstr "некоректна довжина імені користувача для SecurID"
-
-#: plugins/sudoers/auth/securid5.c:124 plugins/sudoers/auth/securid5.c:176
-#, c-format
-msgid "invalid Authentication Handle for SecurID"
-msgstr "некоректний дескриптор розпізнавання для SecurID"
-
-#: plugins/sudoers/auth/securid5.c:128
-#, c-format
-msgid "SecurID communication failed"
-msgstr "спроба обміну даними з SecurID зазнала невдачі"
-
-#: plugins/sudoers/auth/securid5.c:132 plugins/sudoers/auth/securid5.c:215
-#, c-format
-msgid "unknown SecurID error"
-msgstr "невідома помилка SecurID"
+#: toke.l:805
+msgid "too many levels of includes"
+msgstr "занадто високий рівень вкладеності"
-#: plugins/sudoers/auth/securid5.c:166
-#, c-format
-msgid "invalid passcode length for SecurID"
-msgstr "некоректна довжина коду пароля для SecurID"
+#~ msgid "invalid log file %s"
+#~ msgstr "некоректний файл журналу %s"
-#: plugins/sudoers/auth/sia.c:109
-msgid "unable to initialize SIA session"
-msgstr "не вдалося ініціалізувати сеанс SIA"
+#~ msgid "fixed mode on %s"
+#~ msgstr "виправлено режим на %s"
-#: plugins/sudoers/auth/sudo_auth.c:117
-msgid "Invalid authentication methods compiled into sudo! You may mix standalone and non-standalone authentication."
-msgstr "sudo зібрано з підтримкою некоректних способів розпізнавання! Можливе змішування власних і зовнішніх способів розпізнавання."
+#~ msgid "set group on %s"
+#~ msgstr "встановлено групу у %s"
-#: plugins/sudoers/auth/sudo_auth.c:199
-msgid "There are no authentication methods compiled into sudo! If you want to turn off authentication, use the --disable-authentication configure option."
-msgstr "sudo зібрано без можливостей з взаємодії з інструментами розпізнавання! Якщо ви хочете вимкнути розпізнавання, скористайтеся параметром налаштування --disable-authentication."
+#~ msgid "unable to set group on %s"
+#~ msgstr "не вдалося встановити групу на %s"
-#: plugins/sudoers/auth/sudo_auth.c:271
-#, c-format
-msgid "%d incorrect password attempt"
-msgid_plural "%d incorrect password attempts"
-msgstr[0] "%d невдала спроба введення пароля"
-msgstr[1] "%d невдалих спроби введення пароля"
-msgstr[2] "%d невдалих спроб введення пароля"
-msgstr[3] "одна невдала спроба введення пароля"
+#~ msgid "unable to fix mode on %s"
+#~ msgstr "не вдалося виправити режим на %s"
-#: plugins/sudoers/auth/sudo_auth.c:374
-msgid "Authentication methods:"
-msgstr "Способи розпізнавання:"
+#~ msgid "%s is mode 0%o, should be 0%o"
+#~ msgstr "%s має режим доступу 0%o, має бути 0%o"
#~ msgid "File containing dummy exec functions: %s"
#~ msgstr "Файл, що містить фіктивні функції виконання: %s"
# Chinese simplified translation for sudoers.
# This file is put in the public domain.
-# Wylmer Wang <wantinghard@gmail.com>, 2011.
+# Wylmer Wang <wantinghard@gmail.com>, 2011, 2012.
#
msgid ""
msgstr ""
-"Project-Id-Version: sudoers 1.8.4rc1\n"
+"Project-Id-Version: sudoers 1.8.5rc3\n"
"Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n"
-"POT-Creation-Date: 2012-02-06 15:48-0500\n"
-"PO-Revision-Date: 2012-02-10 10:01+0800\n"
+"POT-Creation-Date: 2012-04-24 13:41-0400\n"
+"PO-Revision-Date: 2012-04-29 17:01+0800\n"
"Last-Translator: Wylmer Wang <wantinghard@gmail.com>\n"
"Language-Team: Chinese (simplified) <i18n-zh@googlegroups.com>\n"
-"Language: \n"
+"Language: zh_CN\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=utf-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=1; plural=0;\n"
+#: gram.y:110
+#, c-format
+msgid ">>> %s: %s near line %d <<<"
+msgstr ">>> %s:%s 在行 %d 附近<<<"
+
#: plugins/sudoers/alias.c:125
#, c-format
msgid "Alias `%s' already defined"
msgstr "别名“%s”已定义"
-#: plugins/sudoers/bsm_audit.c:61 plugins/sudoers/bsm_audit.c:64
-#: plugins/sudoers/bsm_audit.c:113 plugins/sudoers/bsm_audit.c:117
-#: plugins/sudoers/bsm_audit.c:169 plugins/sudoers/bsm_audit.c:173
+#: plugins/sudoers/auth/bsdauth.c:78
+#, c-format
+msgid "unable to get login class for user %s"
+msgstr "无法获取用户 %s 的登录类别(login class)"
+
+#: plugins/sudoers/auth/bsdauth.c:84
+msgid "unable to begin bsd authentication"
+msgstr "无法开始 bsd 认证"
+
+#: plugins/sudoers/auth/bsdauth.c:92
+msgid "invalid authentication type"
+msgstr "无效的认证类型"
+
+#: plugins/sudoers/auth/bsdauth.c:101
+msgid "unable to setup authentication"
+msgstr "无法设置认证"
+
+#: plugins/sudoers/auth/fwtk.c:60
+#, c-format
+msgid "unable to read fwtk config"
+msgstr "无法读取 fwtk 配置"
+
+#: plugins/sudoers/auth/fwtk.c:65
+#, c-format
+msgid "unable to connect to authentication server"
+msgstr "无法连接到认证服务器"
+
+#: plugins/sudoers/auth/fwtk.c:71 plugins/sudoers/auth/fwtk.c:95
+#: plugins/sudoers/auth/fwtk.c:128
+#, c-format
+msgid "lost connection to authentication server"
+msgstr "丢失了到认证服务器的连接"
+
+#: plugins/sudoers/auth/fwtk.c:75
+#, c-format
+msgid ""
+"authentication server error:\n"
+"%s"
+msgstr ""
+"认证服务器错误:\n"
+"%s"
+
+#: plugins/sudoers/auth/kerb5.c:117
+#, c-format
+msgid "%s: unable to unparse princ ('%s'): %s"
+msgstr "%s:无法解析 princ(“%s”):%s"
+
+#: plugins/sudoers/auth/kerb5.c:160
+#, c-format
+msgid "%s: unable to parse '%s': %s"
+msgstr "%s:无法解析“%s”:%s"
+
+#: plugins/sudoers/auth/kerb5.c:170
+#, c-format
+msgid "%s: unable to resolve ccache: %s"
+msgstr "%s:无法解析 ccache:%s"
+
+#: plugins/sudoers/auth/kerb5.c:218
+#, c-format
+msgid "%s: unable to allocate options: %s"
+msgstr "%s:无法分配选项:%s"
+
+#: plugins/sudoers/auth/kerb5.c:234
+#, c-format
+msgid "%s: unable to get credentials: %s"
+msgstr "%s:无法获取凭据:%s"
+
+#: plugins/sudoers/auth/kerb5.c:247
+#, c-format
+msgid "%s: unable to initialize ccache: %s"
+msgstr "%s:无法初始化 ccache:%s"
+
+#: plugins/sudoers/auth/kerb5.c:251
+#, c-format
+msgid "%s: unable to store cred in ccache: %s"
+msgstr "%s:无法在 ccache 中储存凭据:%s"
+
+#: plugins/sudoers/auth/kerb5.c:316
+#, c-format
+msgid "%s: unable to get host principal: %s"
+msgstr "%s:无法获取主机主体(principal):%s"
+
+#: plugins/sudoers/auth/kerb5.c:331
+#, c-format
+msgid "%s: Cannot verify TGT! Possible attack!: %s"
+msgstr "%s:无法验证目标!可能遭到了攻击!:%s"
+
+#: plugins/sudoers/auth/pam.c:100
+msgid "unable to initialize PAM"
+msgstr "无法初始化 PAM"
+
+#: plugins/sudoers/auth/pam.c:144
+msgid "account validation failure, is your account locked?"
+msgstr "账户验证失败,您的账户是不是上锁了?"
+
+#: plugins/sudoers/auth/pam.c:148
+msgid "Account or password is expired, reset your password and try again"
+msgstr "账户或密码过期,重置您的密码并重试"
+
+#: plugins/sudoers/auth/pam.c:155
+#, c-format
+msgid "pam_chauthtok: %s"
+msgstr "pam_chauthtok:%s"
+
+#: plugins/sudoers/auth/pam.c:159
+msgid "Password expired, contact your system administrator"
+msgstr "密码过期,联系您的系统管理员"
+
+#: plugins/sudoers/auth/pam.c:163
+msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
+msgstr "账户过期,或 PAM 配置缺少 sudo 使用的“account”节,联系您的系统管理员"
+
+#: plugins/sudoers/auth/pam.c:180
+#, c-format
+msgid "pam_authenticate: %s"
+msgstr "pam_authenticate:%s"
+
+#: plugins/sudoers/auth/pam.c:332
+msgid "Password: "
+msgstr "密码:"
+
+#: plugins/sudoers/auth/pam.c:333
+msgid "Password:"
+msgstr "密码:"
+
+#: plugins/sudoers/auth/rfc1938.c:104 plugins/sudoers/visudo.c:220
+#, c-format
+msgid "you do not exist in the %s database"
+msgstr "%s 数据库中没有您"
+
+#: plugins/sudoers/auth/securid5.c:81
+#, c-format
+msgid "failed to initialise the ACE API library"
+msgstr "初始化 ACE API 库失败"
+
+#: plugins/sudoers/auth/securid5.c:107
+#, c-format
+msgid "unable to contact the SecurID server"
+msgstr "无法联络 SecurID 服务器"
+
+#: plugins/sudoers/auth/securid5.c:116
+#, c-format
+msgid "User ID locked for SecurID Authentication"
+msgstr "为进行 SecurID 认证,已锁定用户 ID"
+
+#: plugins/sudoers/auth/securid5.c:120 plugins/sudoers/auth/securid5.c:171
+#, c-format
+msgid "invalid username length for SecurID"
+msgstr "SecurID 的用户名长度无效"
+
+#: plugins/sudoers/auth/securid5.c:124 plugins/sudoers/auth/securid5.c:176
+#, c-format
+msgid "invalid Authentication Handle for SecurID"
+msgstr "SecurID 的认证句柄无效"
+
+#: plugins/sudoers/auth/securid5.c:128
+#, c-format
+msgid "SecurID communication failed"
+msgstr "SecurID 通讯失败"
+
+#: plugins/sudoers/auth/securid5.c:132 plugins/sudoers/auth/securid5.c:215
+#, c-format
+msgid "unknown SecurID error"
+msgstr "未知的 SecurID 错误"
+
+#: plugins/sudoers/auth/securid5.c:166
+#, c-format
+msgid "invalid passcode length for SecurID"
+msgstr "无效的 SecurID 密码长度"
+
+#: plugins/sudoers/auth/sia.c:109
+msgid "unable to initialize SIA session"
+msgstr "无法初始化 SIA 会话"
+
+#: plugins/sudoers/auth/sudo_auth.c:117
+msgid "Invalid authentication methods compiled into sudo! You may mix standalone and non-standalone authentication."
+msgstr "编译进 sudo 的认证方法无效!您可能混用了独立和非独立认证。"
+
+#: plugins/sudoers/auth/sudo_auth.c:199
+msgid "There are no authentication methods compiled into sudo! If you want to turn off authentication, use the --disable-authentication configure option."
+msgstr "sudo 编译时没有加入任何认证方法!如果您想关闭认证,使用 --disable-authentication 配置选项。"
+
+#: plugins/sudoers/auth/sudo_auth.c:271
+#, c-format
+msgid "%d incorrect password attempt"
+msgid_plural "%d incorrect password attempts"
+msgstr[0] "%d 次错误密码尝试"
+
+#: plugins/sudoers/auth/sudo_auth.c:374
+msgid "Authentication methods:"
+msgstr "认证方法:"
+
+#: plugins/sudoers/bsm_audit.c:60 plugins/sudoers/bsm_audit.c:63
+#: plugins/sudoers/bsm_audit.c:112 plugins/sudoers/bsm_audit.c:116
+#: plugins/sudoers/bsm_audit.c:168 plugins/sudoers/bsm_audit.c:172
+#, c-format
msgid "getaudit: failed"
msgstr "getaudit:失败"
-#: plugins/sudoers/bsm_audit.c:91 plugins/sudoers/bsm_audit.c:154
+#: plugins/sudoers/bsm_audit.c:90 plugins/sudoers/bsm_audit.c:153
+#, c-format
msgid "Could not determine audit condition"
msgstr "无法确定审核条件"
-#: plugins/sudoers/bsm_audit.c:102
+#: plugins/sudoers/bsm_audit.c:101
+#, c-format
msgid "getauid failed"
msgstr "getauid 失败"
-#: plugins/sudoers/bsm_audit.c:104 plugins/sudoers/bsm_audit.c:163
+#: plugins/sudoers/bsm_audit.c:103 plugins/sudoers/bsm_audit.c:162
+#, c-format
msgid "au_open: failed"
msgstr "au_open:失败"
-#: plugins/sudoers/bsm_audit.c:119 plugins/sudoers/bsm_audit.c:175
+#: plugins/sudoers/bsm_audit.c:118 plugins/sudoers/bsm_audit.c:174
+#, c-format
msgid "au_to_subject: failed"
msgstr "au_to_subject:失败"
-#: plugins/sudoers/bsm_audit.c:123 plugins/sudoers/bsm_audit.c:179
+#: plugins/sudoers/bsm_audit.c:122 plugins/sudoers/bsm_audit.c:178
+#, c-format
msgid "au_to_exec_args: failed"
msgstr "au_to_exec_args:失败"
-#: plugins/sudoers/bsm_audit.c:127 plugins/sudoers/bsm_audit.c:188
+#: plugins/sudoers/bsm_audit.c:126 plugins/sudoers/bsm_audit.c:187
+#, c-format
msgid "au_to_return32: failed"
msgstr "au_to_return32:失败"
-#: plugins/sudoers/bsm_audit.c:130 plugins/sudoers/bsm_audit.c:191
+#: plugins/sudoers/bsm_audit.c:129 plugins/sudoers/bsm_audit.c:190
+#, c-format
msgid "unable to commit audit record"
msgstr "无法提交审核记录"
-#: plugins/sudoers/bsm_audit.c:161
+#: plugins/sudoers/bsm_audit.c:160
+#, c-format
msgid "getauid: failed"
msgstr "getauid:失败"
-#: plugins/sudoers/bsm_audit.c:184
+#: plugins/sudoers/bsm_audit.c:183
+#, c-format
msgid "au_to_text: failed"
msgstr "au_to_text:失败"
msgstr "抱歉,执行 %s 需要密码"
#: plugins/sudoers/check.c:249 plugins/sudoers/iolog.c:172
-#: plugins/sudoers/sudoers.c:992 plugins/sudoers/sudoreplay.c:348
-#: plugins/sudoers/sudoreplay.c:357 plugins/sudoers/sudoreplay.c:703
-#: plugins/sudoers/sudoreplay.c:797 plugins/sudoers/visudo.c:790
+#: plugins/sudoers/sudoers.c:979 plugins/sudoers/sudoreplay.c:353
+#: plugins/sudoers/sudoreplay.c:709 plugins/sudoers/sudoreplay.c:866
+#: plugins/sudoers/visudo.c:815
#, c-format
msgid "unable to open %s"
msgstr "无法打开 %s"
msgstr "%s 对非所有者可写(0%o),模式应该为 0700"
#: plugins/sudoers/check.c:501 plugins/sudoers/check.c:545
-#: plugins/sudoers/check.c:613 plugins/sudoers/sudoers.c:978
-#: plugins/sudoers/visudo.c:320 plugins/sudoers/visudo.c:582
+#: plugins/sudoers/check.c:613 plugins/sudoers/sudoers.c:998
+#: plugins/sudoers/visudo.c:319 plugins/sudoers/visudo.c:581
#, c-format
msgid "unable to stat %s"
msgstr "无法 stat %s"
msgstr "无法将 %s 重设为戳记"
#: plugins/sudoers/check.c:752 plugins/sudoers/check.c:758
-#: plugins/sudoers/sudoers.c:829 plugins/sudoers/sudoers.c:833
+#: plugins/sudoers/sudoers.c:856 plugins/sudoers/sudoers.c:860
#, c-format
msgid "unknown uid: %u"
msgstr "未知的用户 ID:%u"
-#: plugins/sudoers/check.c:755 plugins/sudoers/sudoers.c:770
-#: plugins/sudoers/sudoers.c:1108 plugins/sudoers/testsudoers.c:218
+#: plugins/sudoers/check.c:755 plugins/sudoers/sudoers.c:797
+#: plugins/sudoers/sudoers.c:1115 plugins/sudoers/testsudoers.c:218
#: plugins/sudoers/testsudoers.c:362
#, c-format
msgid "unknown user: %s"
msgstr "要求 sudoers 文件中包含完全限定的主机名"
#: plugins/sudoers/def_data.c:115
-#, fuzzy
msgid "Insult the user when they enter an incorrect password"
-msgstr "在用户输入错误密码时对其警告"
+msgstr "在用户输入错误密码时对他们进行(玩笑式的)嘲讽"
#: plugins/sudoers/def_data.c:119
msgid "Only allow the user to run sudo if they have a tty"
msgstr "何时为“verify”伪命令请求密码:%s"
#: plugins/sudoers/def_data.c:243
-msgid "Preload the dummy exec functions contained in \"_PATH_SUDO_NOEXEC"
-msgstr "预加载“_PATH_SUDO_NOEXEC”中包含的哑 exec 函数"
+msgid "Preload the dummy exec functions contained in the sudo_noexec library"
+msgstr "预加载“sudo_noexec”库中包含的哑 exec 函数"
#: plugins/sudoers/def_data.c:247
msgid "If LDAP directory is up, do we ignore local sudoers file"
msgid "option `%s' does not take a value"
msgstr "“%s”选项不带值"
-#: plugins/sudoers/env.c:258
-#, c-format
-msgid "internal error, sudo_setenv() overflow"
-msgstr "内部错误,sudo_setenv()溢出"
-
-#: plugins/sudoers/env.c:291
+#: plugins/sudoers/env.c:339
#, c-format
msgid "sudo_putenv: corrupted envp, length mismatch"
msgstr "sudo_putenv:envp 损坏,长度不符"
-#: plugins/sudoers/env.c:710
+#: plugins/sudoers/env.c:341 plugins/sudoers/env.c:411
+#: plugins/sudoers/toke_util.c:113 plugins/sudoers/toke_util.c:167
+#: plugins/sudoers/toke_util.c:207 toke.l:682 toke.l:812 toke.l:870 toke.l:966
+#, c-format
+msgid "unable to allocate memory"
+msgstr "无法分配内存"
+
+#: plugins/sudoers/env.c:366
+#, c-format
+msgid "internal error, sudo_setenv2() overflow"
+msgstr "内部错误,sudo_setenv2() 溢出"
+
+#: plugins/sudoers/env.c:410
+#, c-format
+msgid "internal error, sudo_setenv() overflow"
+msgstr "内部错误,sudo_setenv()溢出"
+
+#: plugins/sudoers/env.c:955
#, c-format
msgid "sorry, you are not allowed to set the following environment variables: %s"
msgstr "对不起,您无权设置以下环境变量:%s"
#: plugins/sudoers/find_path.c:69 plugins/sudoers/find_path.c:108
#: plugins/sudoers/find_path.c:123 plugins/sudoers/iolog.c:125
-#: plugins/sudoers/sudoers.c:923 toke.l:668 toke.l:823
+#: plugins/sudoers/sudoers.c:950 toke.l:678 toke.l:866
#, c-format
msgid "%s: %s"
msgstr "%s:%s"
-#: gram.y:110
-#, c-format
-msgid ">>> %s: %s near line %d <<<"
-msgstr ">>> %s:%s 在行 %d 附近<<<"
-
#: plugins/sudoers/group_plugin.c:91
#, c-format
msgid "%s%s: %s"
msgid "Local IP address and netmask pairs:\n"
msgstr "本地 IP 地址和网络掩码对:\n"
-#: plugins/sudoers/iolog.c:179 plugins/sudoers/sudoers.c:999
+#: plugins/sudoers/iolog.c:179 plugins/sudoers/sudoers.c:986
#, c-format
msgid "unable to read %s"
msgstr "无法读取 %s"
msgid "unable to create %s"
msgstr "无法创建 %s"
-#: plugins/sudoers/iolog_path.c:256 plugins/sudoers/sudoers.c:362
+#: plugins/sudoers/iolog_path.c:256 plugins/sudoers/sudoers.c:373
#, c-format
msgid "unable to set locale to \"%s\", using \"C\""
msgstr "无法将区域设置为“%s”,将使用“C”"
-#: plugins/sudoers/ldap.c:374
+#: plugins/sudoers/ldap.c:378
#, c-format
msgid "sudo_ldap_conf_add_ports: port too large"
msgstr "sudo_ldap_conf_add_ports:端口太大"
-#: plugins/sudoers/ldap.c:397
+#: plugins/sudoers/ldap.c:401
#, c-format
msgid "sudo_ldap_conf_add_ports: out of space expanding hostbuf"
msgstr "sudo_ldap_conf_add_ports:扩展主机缓存时空间不足"
-#: plugins/sudoers/ldap.c:427
+#: plugins/sudoers/ldap.c:431
#, c-format
msgid "unsupported LDAP uri type: %s"
msgstr "不支持的 LDAP URI 类型:%s"
-#: plugins/sudoers/ldap.c:456
+#: plugins/sudoers/ldap.c:460
#, c-format
msgid "invalid uri: %s"
msgstr "无效的 URI:%s"
-#: plugins/sudoers/ldap.c:462
+#: plugins/sudoers/ldap.c:466
#, c-format
msgid "unable to mix ldap and ldaps URIs"
msgstr "无法混合 ldap 和 ldaps URI"
-#: plugins/sudoers/ldap.c:466
+#: plugins/sudoers/ldap.c:470
#, c-format
msgid "unable to mix ldaps and starttls"
msgstr "无法混合 ldaps 和 starttls"
-#: plugins/sudoers/ldap.c:485
+#: plugins/sudoers/ldap.c:489
#, c-format
msgid "sudo_ldap_parse_uri: out of space building hostbuf"
msgstr "sudo_ldap_parse_uri:构建主机缓存时空间不足"
-#: plugins/sudoers/ldap.c:550
+#: plugins/sudoers/ldap.c:563
#, c-format
msgid "unable to initialize SSL cert and key db: %s"
msgstr "无法初始化 SSL 证书和密钥数据库:%s"
-#: plugins/sudoers/ldap.c:958
+#: plugins/sudoers/ldap.c:566
+#, c-format
+msgid "you must set TLS_CERT in %s to use SSL"
+msgstr "要使用 SSL,您必须在 %s 中设置 TLS_CERT"
+
+#: plugins/sudoers/ldap.c:973
#, c-format
msgid "unable to get GMT time"
msgstr "无法获取 GMT 时间"
-#: plugins/sudoers/ldap.c:964
+#: plugins/sudoers/ldap.c:979
#, c-format
msgid "unable to format timestamp"
msgstr "无法格式化时间戳"
-#: plugins/sudoers/ldap.c:972
+#: plugins/sudoers/ldap.c:987
#, c-format
msgid "unable to build time filter"
msgstr "无法构建时间过滤器"
-#: plugins/sudoers/ldap.c:1185
+#: plugins/sudoers/ldap.c:1202
#, c-format
msgid "sudo_ldap_build_pass1 allocation mismatch"
msgstr "sudo_ldap_build_pass1 分配不匹配"
-#: plugins/sudoers/ldap.c:1705
+#: plugins/sudoers/ldap.c:1738
#, c-format
msgid ""
"\n"
"\n"
"LDAP 角色:%s\n"
-#: plugins/sudoers/ldap.c:1707
+#: plugins/sudoers/ldap.c:1740
#, c-format
msgid ""
"\n"
"\n"
"LDAP 角色:未知\n"
-#: plugins/sudoers/ldap.c:1754
+#: plugins/sudoers/ldap.c:1787
#, c-format
msgid " Order: %s\n"
msgstr " 顺序:%s\n"
-#: plugins/sudoers/ldap.c:1762
+#: plugins/sudoers/ldap.c:1795
#, c-format
msgid " Commands:\n"
msgstr " 命令:\n"
-#: plugins/sudoers/ldap.c:2161
+#: plugins/sudoers/ldap.c:2216
#, c-format
msgid "unable to initialize LDAP: %s"
msgstr "无法初始化 LDAP:%s"
-#: plugins/sudoers/ldap.c:2192
+#: plugins/sudoers/ldap.c:2250
#, c-format
msgid "start_tls specified but LDAP libs do not support ldap_start_tls_s() or ldap_start_tls_s_np()"
msgstr "指定了 start_tls,但 LDAP 库不支持 ldap_start_tls_s() 或 ldap_start_tls_s_np()"
-#: plugins/sudoers/ldap.c:2428
+#: plugins/sudoers/ldap.c:2486
#, c-format
msgid "invalid sudoOrder attribute: %s"
msgstr "无效的 sudoOrder 属性:%s"
msgid "Sorry, user %s is not allowed to execute '%s%s%s' as %s%s%s on %s.\n"
msgstr "对不起,用户 %1$s 无权以 %5$s%6$s%7$s 的身份在 %8$s 上执行 %2$s%3$s%4$s。\n"
-#: plugins/sudoers/logging.c:420
+#: plugins/sudoers/logging.c:447
#, c-format
msgid "unable to fork"
msgstr "无法执行 fork"
-#: plugins/sudoers/logging.c:427 plugins/sudoers/logging.c:489
+#: plugins/sudoers/logging.c:454 plugins/sudoers/logging.c:516
#, c-format
msgid "unable to fork: %m"
msgstr "无法执行 fork:%m"
-#: plugins/sudoers/logging.c:479
+#: plugins/sudoers/logging.c:506
#, c-format
msgid "unable to open pipe: %m"
msgstr "无法打开管道:%m"
-#: plugins/sudoers/logging.c:504
+#: plugins/sudoers/logging.c:531
#, c-format
msgid "unable to dup stdin: %m"
msgstr "无法 dup stdin:%m"
-#: plugins/sudoers/logging.c:540
+#: plugins/sudoers/logging.c:567
#, c-format
msgid "unable to execute %s: %m"
msgstr "无法执行 %s:%m"
-#: plugins/sudoers/logging.c:755
+#: plugins/sudoers/logging.c:782
#, c-format
msgid "internal error: insufficient space for log line"
msgstr "内部错误:没有足够的空间存放日志行"
msgid "unable to cache user %s, already exists"
msgstr "无法缓存用户 %s,已存在"
-#: plugins/sudoers/pwutil.c:655
+#: plugins/sudoers/pwutil.c:653
#, c-format
msgid "unable to cache gid %u (%s), already exists"
msgstr "无法缓存组 ID %u(%s),已存在"
-#: plugins/sudoers/pwutil.c:663
+#: plugins/sudoers/pwutil.c:661
#, c-format
msgid "unable to cache gid %u, already exists"
msgstr "无法缓存组 ID %u,已存在"
-#: plugins/sudoers/pwutil.c:693 plugins/sudoers/pwutil.c:702
+#: plugins/sudoers/pwutil.c:691 plugins/sudoers/pwutil.c:700
#, c-format
msgid "unable to cache group %s, already exists"
msgstr "无法缓存组 %s,已存在"
-#: plugins/sudoers/set_perms.c:114 plugins/sudoers/set_perms.c:365
-#: plugins/sudoers/set_perms.c:601 plugins/sudoers/set_perms.c:837
-#, fuzzy
+#: plugins/sudoers/set_perms.c:122 plugins/sudoers/set_perms.c:436
+#: plugins/sudoers/set_perms.c:828 plugins/sudoers/set_perms.c:1114
+#: plugins/sudoers/set_perms.c:1396
msgid "perm stack overflow"
-msgstr "perm 堆栈上溢"
+msgstr "权限堆栈上溢"
-#: plugins/sudoers/set_perms.c:122 plugins/sudoers/set_perms.c:373
-#: plugins/sudoers/set_perms.c:609 plugins/sudoers/set_perms.c:845
-#, fuzzy
+#: plugins/sudoers/set_perms.c:130 plugins/sudoers/set_perms.c:444
+#: plugins/sudoers/set_perms.c:836 plugins/sudoers/set_perms.c:1122
+#: plugins/sudoers/set_perms.c:1404
msgid "perm stack underflow"
-msgstr "perm 堆栈下溢"
+msgstr "权限堆栈下溢"
-#: plugins/sudoers/set_perms.c:228 plugins/sudoers/set_perms.c:466
-#: plugins/sudoers/set_perms.c:706
+#: plugins/sudoers/set_perms.c:270 plugins/sudoers/set_perms.c:580
+#: plugins/sudoers/set_perms.c:957 plugins/sudoers/set_perms.c:1243
msgid "unable to change to runas gid"
msgstr "无法切换为 runas 组 ID"
-#: plugins/sudoers/set_perms.c:236 plugins/sudoers/set_perms.c:473
-#: plugins/sudoers/set_perms.c:713
+#: plugins/sudoers/set_perms.c:282 plugins/sudoers/set_perms.c:592
+#: plugins/sudoers/set_perms.c:967 plugins/sudoers/set_perms.c:1253
msgid "unable to change to runas uid"
msgstr "无法切换为 runas 用户 ID"
-#: plugins/sudoers/set_perms.c:250 plugins/sudoers/set_perms.c:486
-#: plugins/sudoers/set_perms.c:726
-#, c-format
+#: plugins/sudoers/set_perms.c:300 plugins/sudoers/set_perms.c:610
+#: plugins/sudoers/set_perms.c:983 plugins/sudoers/set_perms.c:1269
msgid "unable to change to sudoers gid"
msgstr "无法切换为 sudoers 组 ID"
-#: plugins/sudoers/set_perms.c:291 plugins/sudoers/set_perms.c:524
-#: plugins/sudoers/set_perms.c:764 plugins/sudoers/set_perms.c:906
+#: plugins/sudoers/set_perms.c:353 plugins/sudoers/set_perms.c:681
+#: plugins/sudoers/set_perms.c:1029 plugins/sudoers/set_perms.c:1315
+#: plugins/sudoers/set_perms.c:1474
msgid "too many processes"
msgstr "进程过多"
-#: plugins/sudoers/set_perms.c:970
+#: plugins/sudoers/set_perms.c:1542
msgid "unable to set runas group vector"
msgstr "无法设置 runas 组向量"
msgid "User %s is not allowed to run sudo on %s.\n"
msgstr "用户 %s 无权在 %s 上运行 sudo。\n"
-#: plugins/sudoers/sudoers.c:201 plugins/sudoers/sudoers.c:232
-#: plugins/sudoers/sudoers.c:931
+#: plugins/sudoers/sudoers.c:208 plugins/sudoers/sudoers.c:239
+#: plugins/sudoers/sudoers.c:958
msgid "problem with defaults entries"
msgstr "默认条目有问题"
-#: plugins/sudoers/sudoers.c:205
+#: plugins/sudoers/sudoers.c:212
#, c-format
msgid "no valid sudoers sources found, quitting"
msgstr "没有找到有效的 sudoers 资源,退出"
-#: plugins/sudoers/sudoers.c:257
+#: plugins/sudoers/sudoers.c:264
#, c-format
msgid "unable to execute %s: %s"
msgstr "无法执行 %s:%s"
-#: plugins/sudoers/sudoers.c:311
+#: plugins/sudoers/sudoers.c:322
#, c-format
msgid "sudoers specifies that root is not allowed to sudo"
msgstr "sudoers 指定 root 不允许执行 sudo"
-#: plugins/sudoers/sudoers.c:318
+#: plugins/sudoers/sudoers.c:329
#, c-format
msgid "you are not permitted to use the -C option"
msgstr "您无权使用 -C 选项"
-#: plugins/sudoers/sudoers.c:408
+#: plugins/sudoers/sudoers.c:422
#, c-format
msgid "timestamp owner (%s): No such user"
msgstr "时间戳所有者(%s):无此用户"
-#: plugins/sudoers/sudoers.c:424
+#: plugins/sudoers/sudoers.c:438
msgid "no tty"
msgstr "无终端"
-#: plugins/sudoers/sudoers.c:425
+#: plugins/sudoers/sudoers.c:439
#, c-format
msgid "sorry, you must have a tty to run sudo"
msgstr "抱歉,您必须拥有一个终端来执行 sudo"
-#: plugins/sudoers/sudoers.c:464
+#: plugins/sudoers/sudoers.c:478
msgid "No user or host"
msgstr "无用户或主机"
-#: plugins/sudoers/sudoers.c:478 plugins/sudoers/sudoers.c:499
-#: plugins/sudoers/sudoers.c:500 plugins/sudoers/sudoers.c:1509
-#: plugins/sudoers/sudoers.c:1510
+#: plugins/sudoers/sudoers.c:492 plugins/sudoers/sudoers.c:513
+#: plugins/sudoers/sudoers.c:514 plugins/sudoers/sudoers.c:1522
+#: plugins/sudoers/sudoers.c:1523
#, c-format
msgid "%s: command not found"
msgstr "%s:找不到命令"
-#: plugins/sudoers/sudoers.c:480 plugins/sudoers/sudoers.c:496
+#: plugins/sudoers/sudoers.c:494 plugins/sudoers/sudoers.c:510
#, c-format
msgid ""
"ignoring `%s' found in '.'\n"
"忽略在“.”中找到的“%s”\n"
"请使用“sudo ./%s”,如果这是您想运行的“%s”。"
-#: plugins/sudoers/sudoers.c:485
+#: plugins/sudoers/sudoers.c:499
msgid "validation failure"
msgstr "校验失败"
-#: plugins/sudoers/sudoers.c:495
+#: plugins/sudoers/sudoers.c:509
msgid "command in current directory"
msgstr "当前目录中的命令"
-#: plugins/sudoers/sudoers.c:507
+#: plugins/sudoers/sudoers.c:521
#, c-format
msgid "sorry, you are not allowed to preserve the environment"
msgstr "抱歉,您无权保留环境"
-#: plugins/sudoers/sudoers.c:657 plugins/sudoers/sudoers.c:664
+#: plugins/sudoers/sudoers.c:681 plugins/sudoers/sudoers.c:688
#, c-format
msgid "internal error, runas_groups overflow"
msgstr "内部错误,runas_groups 溢出"
-#: plugins/sudoers/sudoers.c:914
+#: plugins/sudoers/sudoers.c:941
#, c-format
msgid "internal error, set_cmnd() overflow"
msgstr "内部错误:set_cmnd() 溢出"
-#: plugins/sudoers/sudoers.c:957
-#, fuzzy, c-format
-msgid "fixed mode on %s"
-msgstr "对 %s 修正了模式"
-
-#: plugins/sudoers/sudoers.c:961
-#, c-format
-msgid "set group on %s"
-msgstr "对 %s 设置组"
-
-#: plugins/sudoers/sudoers.c:964
-#, c-format
-msgid "unable to set group on %s"
-msgstr "无法对 %s 设置组"
-
-#: plugins/sudoers/sudoers.c:967
-#, c-format
-msgid "unable to fix mode on %s"
-msgstr "无法对 %s 修正模式"
-
-#: plugins/sudoers/sudoers.c:980
+#: plugins/sudoers/sudoers.c:1001
#, c-format
msgid "%s is not a regular file"
msgstr "%s 不是常规文件"
-#: plugins/sudoers/sudoers.c:982
-#, c-format
-msgid "%s is mode 0%o, should be 0%o"
-msgstr "%s 的模式为 0%o,应为 0%o"
-
-#: plugins/sudoers/sudoers.c:986
+#: plugins/sudoers/sudoers.c:1004 toke.l:829
#, c-format
msgid "%s is owned by uid %u, should be %u"
msgstr "%s 属于用户 ID %u,应为 %u"
-#: plugins/sudoers/sudoers.c:989
+#: plugins/sudoers/sudoers.c:1008 toke.l:836
+#, c-format
+msgid "%s is world writable"
+msgstr "%s 可被任何人写"
+
+#: plugins/sudoers/sudoers.c:1011 toke.l:841
#, c-format
msgid "%s is owned by gid %u, should be %u"
msgstr "%s 属于组 ID %u,应为 %u"
msgid "only root can use `-c %s'"
msgstr "只有 root 才能使用“-c %s”"
-#: plugins/sudoers/sudoers.c:1049
+#: plugins/sudoers/sudoers.c:1055 plugins/sudoers/sudoers.c:1057
#, c-format
msgid "unknown login class: %s"
msgstr "未知的登录类别:%s"
-#: plugins/sudoers/sudoers.c:1077
+#: plugins/sudoers/sudoers.c:1084
#, c-format
msgid "unable to resolve host %s"
msgstr "无法解析主机:%s"
-#: plugins/sudoers/sudoers.c:1129 plugins/sudoers/testsudoers.c:380
+#: plugins/sudoers/sudoers.c:1136 plugins/sudoers/testsudoers.c:380
#, c-format
msgid "unknown group: %s"
msgstr "未知组:%s"
-#: plugins/sudoers/sudoers.c:1178
+#: plugins/sudoers/sudoers.c:1185
#, c-format
msgid "Sudoers policy plugin version %s\n"
msgstr "Sudoers 策略插件版本 %s\n"
-#: plugins/sudoers/sudoers.c:1180
+#: plugins/sudoers/sudoers.c:1187
#, c-format
msgid "Sudoers file grammar version %d\n"
msgstr "Sudoers 文件语法版本 %d\n"
-#: plugins/sudoers/sudoers.c:1184
+#: plugins/sudoers/sudoers.c:1191
#, c-format
msgid ""
"\n"
"\n"
"Sudoers 路径:%s\n"
-#: plugins/sudoers/sudoers.c:1187
+#: plugins/sudoers/sudoers.c:1194
#, c-format
msgid "nsswitch path: %s\n"
msgstr "nsswitch 路径:%s\n"
-#: plugins/sudoers/sudoers.c:1189
+#: plugins/sudoers/sudoers.c:1196
#, c-format
msgid "ldap.conf path: %s\n"
msgstr "ldap.conf 路径:%s\n"
-#: plugins/sudoers/sudoers.c:1190
+#: plugins/sudoers/sudoers.c:1197
#, c-format
msgid "ldap.secret path: %s\n"
msgstr "ldap.secret 路径:%s\n"
-#: plugins/sudoers/sudoreplay.c:286
+#: plugins/sudoers/sudoreplay.c:291
#, c-format
msgid "invalid filter option: %s"
msgstr "无效的过滤器选项:%s"
-#: plugins/sudoers/sudoreplay.c:299
+#: plugins/sudoers/sudoreplay.c:304
#, c-format
msgid "invalid max wait: %s"
msgstr "无效的最大等待:%s"
-#: plugins/sudoers/sudoreplay.c:305
+#: plugins/sudoers/sudoreplay.c:310
#, c-format
msgid "invalid speed factor: %s"
msgstr "无法的速度系数:%s"
-#: plugins/sudoers/sudoreplay.c:308 plugins/sudoers/visudo.c:187
+#: plugins/sudoers/sudoreplay.c:313 plugins/sudoers/visudo.c:187
#, c-format
msgid "%s version %s\n"
msgstr "%s 版本 %s\n"
-#: plugins/sudoers/sudoreplay.c:333
-#, fuzzy, c-format
+#: plugins/sudoers/sudoreplay.c:338
+#, c-format
msgid "%s/%.2s/%.2s/%.2s/timing: %s"
msgstr "%s/%.2s/%.2s/%.2s/时序:%s"
-#: plugins/sudoers/sudoreplay.c:339
-#, fuzzy, c-format
+#: plugins/sudoers/sudoreplay.c:344
+#, c-format
msgid "%s/%s/timing: %s"
msgstr "%s/%s/时序:%s"
-#: plugins/sudoers/sudoreplay.c:364
+#: plugins/sudoers/sudoreplay.c:362
#, c-format
-msgid "invalid log file %s"
-msgstr "无效的日志文件 %s"
+msgid "Replaying sudo session: %s\n"
+msgstr "回放 sudo 会话:%s\n"
-#: plugins/sudoers/sudoreplay.c:366
+#: plugins/sudoers/sudoreplay.c:368
#, c-format
-msgid "Replaying sudo session: %s"
-msgstr "回放 sudo 会话:%s"
+msgid "Warning: your terminal is too small to properly replay the log.\n"
+msgstr "警告:您的终端尺寸太小,不能正常地回放日志。\n"
-#: plugins/sudoers/sudoreplay.c:392
+#: plugins/sudoers/sudoreplay.c:369
+#, c-format
+msgid "Log geometry is %d x %d, your terminal's geometry is %d x %d."
+msgstr "日志的几何尺寸为 %dx%d,您终端的几何尺寸为 %dx%d。"
+
+#: plugins/sudoers/sudoreplay.c:399
#, c-format
msgid "unable to set tty to raw mode"
msgstr "无法将终端设为原始模式"
-#: plugins/sudoers/sudoreplay.c:406
-#, fuzzy, c-format
+#: plugins/sudoers/sudoreplay.c:412
+#, c-format
msgid "invalid timing file line: %s"
msgstr "无效的时序文件行:%s"
-#: plugins/sudoers/sudoreplay.c:448
+#: plugins/sudoers/sudoreplay.c:454
#, c-format
msgid "writing to standard output"
msgstr "写入标准输出"
-#: plugins/sudoers/sudoreplay.c:480
+#: plugins/sudoers/sudoreplay.c:486
#, c-format
msgid "nanosleep: tv_sec %ld, tv_nsec %ld"
msgstr "nanosleep:tv_sec %ld,tv_nsec %ld"
-#: plugins/sudoers/sudoreplay.c:529 plugins/sudoers/sudoreplay.c:554
+#: plugins/sudoers/sudoreplay.c:535 plugins/sudoers/sudoreplay.c:560
#, c-format
msgid "ambiguous expression \"%s\""
msgstr "有歧义的表达式“%s”"
-#: plugins/sudoers/sudoreplay.c:571
+#: plugins/sudoers/sudoreplay.c:577
#, c-format
msgid "too many parenthesized expressions, max %d"
msgstr "括号表达式过多,最多 %d"
-#: plugins/sudoers/sudoreplay.c:582
+#: plugins/sudoers/sudoreplay.c:588
#, c-format
msgid "unmatched ')' in expression"
msgstr "表达式中的“)”不匹配"
-#: plugins/sudoers/sudoreplay.c:588
+#: plugins/sudoers/sudoreplay.c:594
#, c-format
msgid "unknown search term \"%s\""
msgstr "未知的搜索词“%s”"
-#: plugins/sudoers/sudoreplay.c:602
+#: plugins/sudoers/sudoreplay.c:608
#, c-format
msgid "%s requires an argument"
msgstr "%s 需要参数"
-#: plugins/sudoers/sudoreplay.c:606
+#: plugins/sudoers/sudoreplay.c:612
#, c-format
msgid "invalid regular expression: %s"
msgstr "无效的正则表达式:%s"
-#: plugins/sudoers/sudoreplay.c:612
+#: plugins/sudoers/sudoreplay.c:618
#, c-format
msgid "could not parse date \"%s\""
msgstr "无法解析日期“%s”"
-#: plugins/sudoers/sudoreplay.c:625
+#: plugins/sudoers/sudoreplay.c:631
#, c-format
msgid "unmatched '(' in expression"
msgstr "表达式中的“(”不匹配"
-#: plugins/sudoers/sudoreplay.c:627
+#: plugins/sudoers/sudoreplay.c:633
#, c-format
msgid "illegal trailing \"or\""
msgstr "非法的结尾字符“or”"
-#: plugins/sudoers/sudoreplay.c:629
+#: plugins/sudoers/sudoreplay.c:635
#, c-format
msgid "illegal trailing \"!\""
msgstr "非法的结尾字符“!”"
-#: plugins/sudoers/sudoreplay.c:851
+#: plugins/sudoers/sudoreplay.c:942
#, c-format
msgid "invalid regex: %s"
msgstr "无效的正则表达式:%s"
-#: plugins/sudoers/sudoreplay.c:976
+#: plugins/sudoers/sudoreplay.c:1066
#, c-format
msgid "usage: %s [-h] [-d directory] [-m max_wait] [-s speed_factor] ID\n"
msgstr "用法:%s [-h] [-d 目录] [-m 最长等待] [-s 速度系数] ID\n"
-#: plugins/sudoers/sudoreplay.c:979
+#: plugins/sudoers/sudoreplay.c:1069
#, c-format
msgid "usage: %s [-h] [-d directory] -l [search expression]\n"
msgstr "用法:%s [-h] [-d 目录] -l [搜索表达式]\n"
-#: plugins/sudoers/sudoreplay.c:988
+#: plugins/sudoers/sudoreplay.c:1078
#, c-format
msgid ""
"%s - replay sudo session logs\n"
"%s - 回放 sudo 会话记录\n"
"\n"
-#: plugins/sudoers/sudoreplay.c:990
+#: plugins/sudoers/sudoreplay.c:1080
msgid ""
"\n"
"Options:\n"
"\n"
"命令不匹配"
-#: toke.l:672 toke.l:802 toke.l:827 toke.l:923 plugins/sudoers/toke_util.c:113
-#: plugins/sudoers/toke_util.c:167 plugins/sudoers/toke_util.c:207
-msgid "unable to allocate memory"
-msgstr "无法分配内存"
-
-#: toke.l:795
-msgid "too many levels of includes"
-msgstr "include 嵌套层数过多"
-
#: plugins/sudoers/toke_util.c:218
msgid "fill_args: buffer overflow"
msgstr "fill_args:缓存溢出"
msgid "%s grammar version %d\n"
msgstr "%s 语法版本 %d\n"
-#: plugins/sudoers/visudo.c:221 plugins/sudoers/auth/rfc1938.c:104
-#, c-format
-msgid "you do not exist in the %s database"
-msgstr "%s 数据库中没有您"
-
-#: plugins/sudoers/visudo.c:253 plugins/sudoers/visudo.c:539
+#: plugins/sudoers/visudo.c:252 plugins/sudoers/visudo.c:538
#, c-format
msgid "press return to edit %s: "
msgstr "按回车键编辑 %s:"
-#: plugins/sudoers/visudo.c:336 plugins/sudoers/visudo.c:342
+#: plugins/sudoers/visudo.c:335 plugins/sudoers/visudo.c:341
#, c-format
msgid "write error"
msgstr "写错误"
-#: plugins/sudoers/visudo.c:424
+#: plugins/sudoers/visudo.c:423
#, c-format
msgid "unable to stat temporary file (%s), %s unchanged"
msgstr "无法 stat 临时文件(%s),%s 未更改"
-#: plugins/sudoers/visudo.c:429
+#: plugins/sudoers/visudo.c:428
#, c-format
msgid "zero length temporary file (%s), %s unchanged"
msgstr "零长度的临时文件(%s),%s 未更改"
-#: plugins/sudoers/visudo.c:435
+#: plugins/sudoers/visudo.c:434
#, c-format
msgid "editor (%s) failed, %s unchanged"
msgstr "编辑器(%s)失败,%s 未更改"
-#: plugins/sudoers/visudo.c:458
+#: plugins/sudoers/visudo.c:457
#, c-format
msgid "%s unchanged"
msgstr "%s 未更改"
-#: plugins/sudoers/visudo.c:484
+#: plugins/sudoers/visudo.c:483
#, c-format
msgid "unable to re-open temporary file (%s), %s unchanged."
msgstr "无法重新打开临时文件(%s),%s 未更改"
-#: plugins/sudoers/visudo.c:494
+#: plugins/sudoers/visudo.c:493
#, c-format
msgid "unabled to parse temporary file (%s), unknown error"
msgstr "无法解析临时文件(%s),未知错误"
-#: plugins/sudoers/visudo.c:532
+#: plugins/sudoers/visudo.c:531
#, c-format
msgid "internal error, unable to find %s in list!"
msgstr "内部错误,在列表中找不到 %s!"
-#: plugins/sudoers/visudo.c:584 plugins/sudoers/visudo.c:593
+#: plugins/sudoers/visudo.c:583 plugins/sudoers/visudo.c:592
#, c-format
msgid "unable to set (uid, gid) of %s to (%u, %u)"
msgstr "无法将 %s 的 (uid, gid) 设为 (%u, %u)"
-#: plugins/sudoers/visudo.c:588 plugins/sudoers/visudo.c:598
+#: plugins/sudoers/visudo.c:587 plugins/sudoers/visudo.c:597
#, c-format
msgid "unable to change mode of %s to 0%o"
msgstr "无法将 %s 的模式更改为 0%o"
-#: plugins/sudoers/visudo.c:615
+#: plugins/sudoers/visudo.c:614
#, c-format
msgid "%s and %s not on the same file system, using mv to rename"
msgstr "%s 和 %s 不在同一个文件系统,使用 mv 进行重命名"
-#: plugins/sudoers/visudo.c:629
+#: plugins/sudoers/visudo.c:628
#, c-format
msgid "command failed: '%s %s %s', %s unchanged"
msgstr "命令失败:“%s %s %s”,%s 未更改"
-#: plugins/sudoers/visudo.c:639
+#: plugins/sudoers/visudo.c:638
#, c-format
msgid "error renaming %s, %s unchanged"
msgstr "重命名 %s 出错,%s 未更改"
-#: plugins/sudoers/visudo.c:702
+#: plugins/sudoers/visudo.c:701
msgid "What now? "
msgstr "现在做什么?"
-#: plugins/sudoers/visudo.c:716
+#: plugins/sudoers/visudo.c:715
msgid ""
"Options are:\n"
" (e)dit sudoers file again\n"
" 退出,不保存对 sudoers 文件的更改(x)\n"
" 退出并将更改保存到 sudoers 文件(危险!)(Q)\n"
-#: plugins/sudoers/visudo.c:757
+#: plugins/sudoers/visudo.c:756
#, c-format
msgid "unable to execute %s"
msgstr "无法执行 %s"
-#: plugins/sudoers/visudo.c:764
+#: plugins/sudoers/visudo.c:763
#, c-format
msgid "unable to run %s"
msgstr "无法运行 %s"
+#: plugins/sudoers/visudo.c:789
+#, c-format
+msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
+msgstr "%s:错误的所有者(uid, gid),应为 (%u, %u)\n"
+
#: plugins/sudoers/visudo.c:796
#, c-format
+msgid "%s: bad permissions, should be mode 0%o\n"
+msgstr "%s:权限不正确,模式应该是 0%o\n"
+
+#: plugins/sudoers/visudo.c:821
+#, c-format
msgid "failed to parse %s file, unknown error"
msgstr "解析 %s 文件失败,未知错误"
-#: plugins/sudoers/visudo.c:808
+#: plugins/sudoers/visudo.c:834
#, c-format
msgid "parse error in %s near line %d\n"
msgstr "%s 中第 %d 行附近出现解析错误\n"
-#: plugins/sudoers/visudo.c:811
+#: plugins/sudoers/visudo.c:837
#, c-format
msgid "parse error in %s\n"
msgstr "%s 中出现解析错误\n"
-#: plugins/sudoers/visudo.c:814 plugins/sudoers/visudo.c:816
+#: plugins/sudoers/visudo.c:844 plugins/sudoers/visudo.c:849
#, c-format
msgid "%s: parsed OK\n"
msgstr "%s:解析正确\n"
-#: plugins/sudoers/visudo.c:826
-#, c-format
-msgid "%s: wrong owner (uid, gid) should be (%u, %u)\n"
-msgstr "%s:错误的所有者(uid, gid),应为 (%u, %u)\n"
-
-#: plugins/sudoers/visudo.c:833
-#, c-format
-msgid "%s: bad permissions, should be mode 0%o\n"
-msgstr "%s:权限不正确,模式应该是 0%o\n"
-
-#: plugins/sudoers/visudo.c:880
+#: plugins/sudoers/visudo.c:896
#, c-format
msgid "%s busy, try again later"
msgstr "%s 忙,请稍后重试"
-#: plugins/sudoers/visudo.c:924
+#: plugins/sudoers/visudo.c:940
#, c-format
msgid "specified editor (%s) doesn't exist"
msgstr "指定的编辑器(%s)不存在"
-#: plugins/sudoers/visudo.c:947
+#: plugins/sudoers/visudo.c:963
#, c-format
msgid "unable to stat editor (%s)"
msgstr "无法 stat 编辑器(%s)"
-#: plugins/sudoers/visudo.c:995
+#: plugins/sudoers/visudo.c:1011
#, c-format
msgid "no editor found (editor path = %s)"
msgstr "未找到编辑器(编辑器路径 = %s)"
-#: plugins/sudoers/visudo.c:1089
+#: plugins/sudoers/visudo.c:1105
#, c-format
msgid "Error: cycle in %s_Alias `%s'"
msgstr "错误:在 %s_Alias “%s”中循环"
-#: plugins/sudoers/visudo.c:1090
+#: plugins/sudoers/visudo.c:1106
#, c-format
msgid "Warning: cycle in %s_Alias `%s'"
msgstr "警告:在 %s_Alias “%s”中循环"
-#: plugins/sudoers/visudo.c:1093
-#, fuzzy, c-format
+#: plugins/sudoers/visudo.c:1109
+#, c-format
msgid "Error: %s_Alias `%s' referenced but not defined"
msgstr "错误:引用了 %s_Alias “%s”但尚未定义"
-#: plugins/sudoers/visudo.c:1094
-#, fuzzy, c-format
+#: plugins/sudoers/visudo.c:1110
+#, c-format
msgid "Warning: %s_Alias `%s' referenced but not defined"
msgstr "警告:引用了 %s_Alias “%s”但尚未定义"
-#: plugins/sudoers/visudo.c:1229
+#: plugins/sudoers/visudo.c:1245
#, c-format
msgid "%s: unused %s_Alias %s"
msgstr "%s:未使用的 %s_Alias %s"
-#: plugins/sudoers/visudo.c:1286
+#: plugins/sudoers/visudo.c:1301
#, c-format
msgid ""
"%s - safely edit the sudoers file\n"
"%s - 安全地编辑 sudoers 文件\n"
"\n"
-#: plugins/sudoers/visudo.c:1288
+#: plugins/sudoers/visudo.c:1303
msgid ""
"\n"
"Options:\n"
" -s 严格语法检查\n"
" -V 显示版本信息并退出"
-#: plugins/sudoers/auth/bsdauth.c:78
-#, fuzzy, c-format
-msgid "unable to get login class for user %s"
-msgstr "无法打开日志文件:%s:%s"
-
-#: plugins/sudoers/auth/bsdauth.c:84
-msgid "unable to begin bsd authentication"
-msgstr "无法开始 bsd 认证"
-
-#: plugins/sudoers/auth/bsdauth.c:92
-msgid "invalid authentication type"
-msgstr "无效的认证类型"
-
-#: plugins/sudoers/auth/bsdauth.c:101
-msgid "unable to setup authentication"
-msgstr "无法设置认证"
-
-#: plugins/sudoers/auth/fwtk.c:60
-#, c-format
-msgid "unable to read fwtk config"
-msgstr "无法读取 fwtk 配置"
-
-#: plugins/sudoers/auth/fwtk.c:65
-#, c-format
-msgid "unable to connect to authentication server"
-msgstr "无法连接到认证服务器"
-
-#: plugins/sudoers/auth/fwtk.c:71 plugins/sudoers/auth/fwtk.c:95
-#: plugins/sudoers/auth/fwtk.c:128
-#, c-format
-msgid "lost connection to authentication server"
-msgstr "丢失了到认证服务器的连接"
-
-#: plugins/sudoers/auth/fwtk.c:75
-#, c-format
-msgid ""
-"authentication server error:\n"
-"%s"
-msgstr ""
-"认证服务器错误:\n"
-"%s"
-
-#: plugins/sudoers/auth/kerb5.c:117
-#, c-format
-msgid "%s: unable to unparse princ ('%s'): %s"
-msgstr "%s:无法解析 princ(“%s”):%s"
-
-#: plugins/sudoers/auth/kerb5.c:160
-#, c-format
-msgid "%s: unable to parse '%s': %s"
-msgstr "%s:无法解析“%s”:%s"
-
-#: plugins/sudoers/auth/kerb5.c:170
-#, c-format
-msgid "%s: unable to resolve ccache: %s"
-msgstr "%s:无法解析 ccache:%s"
-
-#: plugins/sudoers/auth/kerb5.c:218
-#, c-format
-msgid "%s: unable to allocate options: %s"
-msgstr "%s:无法分配选项:%s"
-
-#: plugins/sudoers/auth/kerb5.c:234
-#, c-format
-msgid "%s: unable to get credentials: %s"
-msgstr "%s:无法获取凭据:%s"
-
-#: plugins/sudoers/auth/kerb5.c:247
-#, c-format
-msgid "%s: unable to initialize ccache: %s"
-msgstr "%s:无法初始化 ccache:%s"
-
-#: plugins/sudoers/auth/kerb5.c:251
-#, fuzzy, c-format
-msgid "%s: unable to store cred in ccache: %s"
-msgstr "%s:无法储存 ccache 中的凭据"
-
-#: plugins/sudoers/auth/kerb5.c:316
-#, c-format
-msgid "%s: unable to get host principal: %s"
-msgstr ""
-
-#: plugins/sudoers/auth/kerb5.c:331
-#, c-format
-msgid "%s: Cannot verify TGT! Possible attack!: %s"
-msgstr "%s:无法验证目标!可能遭到了攻击!:%s"
-
-#: plugins/sudoers/auth/pam.c:100
-msgid "unable to initialize PAM"
-msgstr "无法初始化 PAM"
-
-#: plugins/sudoers/auth/pam.c:144
-msgid "account validation failure, is your account locked?"
-msgstr "账户验证失败,您的账户是不是上锁了?"
-
-#: plugins/sudoers/auth/pam.c:148
-msgid "Account or password is expired, reset your password and try again"
-msgstr "账户或密码过期,重置您的密码并重试"
-
-#: plugins/sudoers/auth/pam.c:155
-#, c-format
-msgid "pam_chauthtok: %s"
-msgstr "pam_chauthtok:%s"
-
-#: plugins/sudoers/auth/pam.c:159
-msgid "Password expired, contact your system administrator"
-msgstr "密码过期,联系您的系统管理员"
-
-#: plugins/sudoers/auth/pam.c:163
-msgid "Account expired or PAM config lacks an \"account\" section for sudo, contact your system administrator"
-msgstr "账户过期,或 PAM 配置缺少 sudo 使用的“account”节,联系您的系统管理员"
-
-#: plugins/sudoers/auth/pam.c:178
-#, c-format
-msgid "pam_authenticate: %s"
-msgstr "pam_authenticate:%s"
-
-#: plugins/sudoers/auth/pam.c:306
-msgid "Password: "
-msgstr "密码:"
-
-#: plugins/sudoers/auth/pam.c:307
-msgid "Password:"
-msgstr "密码:"
-
-#: plugins/sudoers/auth/securid5.c:81
-#, c-format
-msgid "failed to initialise the ACE API library"
-msgstr "初始化 ACE API 库失败"
-
-#: plugins/sudoers/auth/securid5.c:107
-#, c-format
-msgid "unable to contact the SecurID server"
-msgstr "无法联络 SecurID 服务器"
-
-#: plugins/sudoers/auth/securid5.c:116
-#, c-format
-msgid "User ID locked for SecurID Authentication"
-msgstr "为进行 SecurID 认证,已锁定用户 ID"
-
-#: plugins/sudoers/auth/securid5.c:120 plugins/sudoers/auth/securid5.c:171
-#, c-format
-msgid "invalid username length for SecurID"
-msgstr "SecurID 的用户名长度无效"
-
-#: plugins/sudoers/auth/securid5.c:124 plugins/sudoers/auth/securid5.c:176
-#, fuzzy, c-format
-msgid "invalid Authentication Handle for SecurID"
-msgstr "SecurID 的认证句柄无效"
-
-#: plugins/sudoers/auth/securid5.c:128
-#, c-format
-msgid "SecurID communication failed"
-msgstr "SecurID 通讯失败"
-
-#: plugins/sudoers/auth/securid5.c:132 plugins/sudoers/auth/securid5.c:215
-#, c-format
-msgid "unknown SecurID error"
-msgstr "未知的 SecurID 错误"
-
-#: plugins/sudoers/auth/securid5.c:166
-#, c-format
-msgid "invalid passcode length for SecurID"
-msgstr "无效的 SecurID 密码长度"
+#: toke.l:805
+msgid "too many levels of includes"
+msgstr "include 嵌套层数过多"
-#: plugins/sudoers/auth/sia.c:109
-msgid "unable to initialize SIA session"
-msgstr "无法初始化 SIA 会话"
+#~ msgid "invalid log file %s"
+#~ msgstr "无效的日志文件 %s"
-#: plugins/sudoers/auth/sudo_auth.c:117
#, fuzzy
-msgid "Invalid authentication methods compiled into sudo! You may mix standalone and non-standalone authentication."
-msgstr "编译进 sudo 的认证方法无效!您可能混用了独立和非独立认证。"
+#~ msgid "fixed mode on %s"
+#~ msgstr "对 %s 修正了模式"
-#: plugins/sudoers/auth/sudo_auth.c:199
-msgid "There are no authentication methods compiled into sudo! If you want to turn off authentication, use the --disable-authentication configure option."
-msgstr "sudo 编译时没有加入任何认证方法!如果您想关闭认证,使用 --disable-authentication 配置选项。"
+#~ msgid "set group on %s"
+#~ msgstr "对 %s 设置组"
-#: plugins/sudoers/auth/sudo_auth.c:271
-#, c-format
-msgid "%d incorrect password attempt"
-msgid_plural "%d incorrect password attempts"
-msgstr[0] "%d 次错误密码尝试"
+#~ msgid "unable to set group on %s"
+#~ msgstr "无法对 %s 设置组"
-#: plugins/sudoers/auth/sudo_auth.c:374
-msgid "Authentication methods:"
-msgstr "认证方法:"
+#~ msgid "unable to fix mode on %s"
+#~ msgstr "无法对 %s 修正模式"
+
+#~ msgid "%s is mode 0%o, should be 0%o"
+#~ msgstr "%s 的模式为 0%o,应为 0%o"
#~ msgid "File containing dummy exec functions: %s"
#~ msgstr "含有哑 exec 函数的文件:%s"
#define cmp_grnam cmp_pwnam
-#define ptr_to_item(p) ((struct cache_item *)((char *)(p) - sizeof(struct cache_item)))
+#define ptr_to_item(p) ((struct cache_item *)((char *)p - offsetof(struct cache_item_##p, p)))
+/*
+ * Generic cache element.
+ */
struct cache_item {
unsigned int refcnt;
/* key */
} d;
};
+/*
+ * Container structs to simpify size and offset calculations and guarantee
+ * proper aligment of struct passwd, group and group_list.
+ */
+struct cache_item_pw {
+ struct cache_item cache;
+ struct passwd pw;
+};
+
+struct cache_item_gr {
+ struct cache_item cache;
+ struct group gr;
+};
+
+struct cache_item_grlist {
+ struct cache_item cache;
+ struct group_list grlist;
+ /* actually bigger */
+};
+
/*
* Compare by uid.
*/
* Dynamically allocate space for a struct item plus the key and data
* elements. If name is non-NULL it is used as the key, else the
* uid is the key. Fills in datum from struct password.
- *
- * We would like to fill in the encrypted password too but the
- * call to the shadow function could overwrite the pw buffer (NIS).
*/
static struct cache_item *
make_pwitem(const struct passwd *pw, const char *name)
char *cp;
const char *pw_shell;
size_t nsize, psize, csize, gsize, dsize, ssize, total;
- struct cache_item *item;
+ struct cache_item_pw *pwitem;
struct passwd *newpw;
debug_decl(make_pwitem, SUDO_DEBUG_NSS)
/* Allocate in one big chunk for easy freeing. */
nsize = psize = csize = gsize = dsize = ssize = 0;
- total = sizeof(struct cache_item) + sizeof(struct passwd);
+ total = sizeof(*pwitem);
FIELD_SIZE(pw, pw_name, nsize);
FIELD_SIZE(pw, pw_passwd, psize);
#ifdef HAVE_LOGIN_CAP_H
total += strlen(name) + 1;
/* Allocate space for struct item, struct passwd and the strings. */
- item = emalloc(total);
- cp = (char *) item + sizeof(struct cache_item);
+ pwitem = ecalloc(1, total);
+ newpw = &pwitem->pw;
/*
* Copy in passwd contents and make strings relative to space
- * at the end of the buffer.
+ * at the end of the struct.
*/
- newpw = (struct passwd *) cp;
- memcpy(newpw, pw, sizeof(struct passwd));
- cp += sizeof(struct passwd);
+ memcpy(newpw, pw, sizeof(*pw));
+ cp = (char *)(pwitem + 1);
FIELD_COPY(pw, newpw, pw_name, nsize);
FIELD_COPY(pw, newpw, pw_passwd, psize);
#ifdef HAVE_LOGIN_CAP_H
/* Set key and datum. */
if (name != NULL) {
memcpy(cp, name, strlen(name) + 1);
- item->k.name = cp;
+ pwitem->cache.k.name = cp;
} else {
- item->k.uid = pw->pw_uid;
+ pwitem->cache.k.uid = pw->pw_uid;
}
- item->d.pw = newpw;
- item->refcnt = 1;
+ pwitem->cache.d.pw = newpw;
+ pwitem->cache.refcnt = 1;
- debug_return_ptr(item);
+ debug_return_ptr(&pwitem->cache);
}
void
/*
* Get a password entry by uid and allocate space for it.
- * Fills in pw_passwd from shadow file if necessary.
*/
struct passwd *
sudo_getpwuid(uid_t uid)
errorx(1, _("unable to cache uid %u (%s), already exists"),
(unsigned int) uid, item->d.pw->pw_name);
} else {
- item = emalloc(sizeof(*item));
+ item = ecalloc(1, sizeof(*item));
item->refcnt = 1;
item->k.uid = uid;
- item->d.pw = NULL;
+ /* item->d.pw = NULL; */
if (rbinsert(pwcache_byuid, item) != NULL)
errorx(1, _("unable to cache uid %u, already exists"),
(unsigned int) uid);
/*
* Get a password entry by name and allocate space for it.
- * Fills in pw_passwd from shadow file if necessary.
*/
struct passwd *
sudo_getpwnam(const char *name)
errorx(1, _("unable to cache user %s, already exists"), name);
} else {
len = strlen(name) + 1;
- item = emalloc(sizeof(*item) + len);
+ item = ecalloc(1, sizeof(*item) + len);
item->refcnt = 1;
item->k.name = (char *) item + sizeof(*item);
memcpy(item->k.name, name, len);
- item->d.pw = NULL;
+ /* item->d.pw = NULL; */
if (rbinsert(pwcache_byname, item) != NULL)
errorx(1, _("unable to cache user %s, already exists"), name);
}
struct passwd *
sudo_fakepwnamid(const char *user, uid_t uid, gid_t gid)
{
- struct cache_item *item;
+ struct cache_item_pw *pwitem;
struct passwd *pw;
struct rbnode *node;
size_t len, namelen;
debug_decl(sudo_fakepwnam, SUDO_DEBUG_NSS)
namelen = strlen(user);
- len = sizeof(*item) + sizeof(*pw) + namelen + 1 /* pw_name */ +
+ len = sizeof(*pwitem) + namelen + 1 /* pw_name */ +
sizeof("*") /* pw_passwd */ + sizeof("") /* pw_gecos */ +
sizeof("/") /* pw_dir */ + sizeof(_PATH_BSHELL);
for (i = 0; i < 2; i++) {
- item = emalloc(len);
- zero_bytes(item, sizeof(*item) + sizeof(*pw));
- pw = (struct passwd *) ((char *)item + sizeof(*item));
+ pwitem = ecalloc(1, len);
+ pw = &pwitem->pw;
pw->pw_uid = uid;
pw->pw_gid = gid;
- pw->pw_name = (char *)pw + sizeof(struct passwd);
+ pw->pw_name = (char *)(pwitem + 1);
memcpy(pw->pw_name, user, namelen + 1);
pw->pw_passwd = pw->pw_name + namelen + 1;
memcpy(pw->pw_passwd, "*", 2);
pw->pw_shell = pw->pw_dir + 2;
memcpy(pw->pw_shell, _PATH_BSHELL, sizeof(_PATH_BSHELL));
- item->refcnt = 1;
- item->d.pw = pw;
+ pwitem->cache.refcnt = 1;
+ pwitem->cache.d.pw = pw;
if (i == 0) {
/* Store by uid, overwriting cached version. */
- item->k.uid = pw->pw_uid;
- if ((node = rbinsert(pwcache_byuid, item)) != NULL) {
+ pwitem->cache.k.uid = pw->pw_uid;
+ if ((node = rbinsert(pwcache_byuid, &pwitem->cache)) != NULL) {
pw_delref_item(node->data);
- node->data = item;
+ node->data = &pwitem->cache;
}
} else {
/* Store by name, overwriting cached version. */
- item->k.name = pw->pw_name;
- if ((node = rbinsert(pwcache_byname, item)) != NULL) {
+ pwitem->cache.k.name = pw->pw_name;
+ if ((node = rbinsert(pwcache_byname, &pwitem->cache)) != NULL) {
pw_delref_item(node->data);
- node->data = item;
+ node->data = &pwitem->cache;
}
}
}
- item->refcnt++;
+ pwitem->cache.refcnt++;
debug_return_ptr(pw);
}
{
char *cp;
size_t nsize, psize, nmem, total, len;
- struct cache_item *item;
+ struct cache_item_gr *gritem;
struct group *newgr;
debug_decl(make_gritem, SUDO_DEBUG_NSS)
/* Allocate in one big chunk for easy freeing. */
nsize = psize = nmem = 0;
- total = sizeof(struct cache_item) + sizeof(struct group);
+ total = sizeof(*gritem);
FIELD_SIZE(gr, gr_name, nsize);
FIELD_SIZE(gr, gr_passwd, psize);
if (gr->gr_mem) {
if (name != NULL)
total += strlen(name) + 1;
- item = emalloc(total);
- cp = (char *) item + sizeof(struct cache_item);
+ gritem = ecalloc(1, total);
/*
* Copy in group contents and make strings relative to space
* at the end of the buffer. Note that gr_mem must come
* immediately after struct group to guarantee proper alignment.
*/
- newgr = (struct group *)cp;
- memcpy(newgr, gr, sizeof(struct group));
- cp += sizeof(struct group);
+ newgr = &gritem->gr;
+ memcpy(newgr, gr, sizeof(*gr));
+ cp = (char *)(gritem + 1);
if (gr->gr_mem) {
newgr->gr_mem = (char **)cp;
cp += sizeof(char *) * nmem;
/* Set key and datum. */
if (name != NULL) {
memcpy(cp, name, strlen(name) + 1);
- item->k.name = cp;
+ gritem->cache.k.name = cp;
} else {
- item->k.gid = gr->gr_gid;
+ gritem->cache.k.gid = gr->gr_gid;
}
- item->d.gr = newgr;
- item->refcnt = 1;
+ gritem->cache.d.gr = newgr;
+ gritem->cache.refcnt = 1;
- debug_return_ptr(item);
+ debug_return_ptr(&gritem->cache);
}
#ifdef HAVE_UTMPX_H
{
char *cp;
size_t i, nsize, ngroups, total, len;
- struct cache_item *item;
+ struct cache_item_grlist *grlitem;
struct group_list *grlist;
struct group *grp;
debug_decl(make_grlist_item, SUDO_DEBUG_NSS)
/* Allocate in one big chunk for easy freeing. */
nsize = strlen(user) + 1;
- total = sizeof(struct cache_item) + sizeof(struct group_list) + nsize;
+ total = sizeof(*grlitem) + nsize;
total += sizeof(char *) * ngids;
total += sizeof(gid_t *) * ngids;
total += GROUPNAME_LEN * ngids;
again:
- item = emalloc(total);
- cp = (char *) item + sizeof(struct cache_item);
+ grlitem = ecalloc(1, total);
/*
* Copy in group list and make pointers relative to space
* at the end of the buffer. Note that the groups array must come
* immediately after struct group to guarantee proper alignment.
*/
- grlist = (struct group_list *)cp;
- zero_bytes(grlist, sizeof(struct group_list));
- cp += sizeof(struct group_list);
+ grlist = &grlitem->grlist;
+ cp = (char *)(grlitem + 1);
grlist->groups = (char **)cp;
cp += sizeof(char *) * ngids;
grlist->gids = (gid_t *)cp;
/* Set key and datum. */
memcpy(cp, user, nsize);
- item->k.name = cp;
- item->d.grlist = grlist;
- item->refcnt = 1;
+ grlitem->cache.k.name = cp;
+ grlitem->cache.d.grlist = grlist;
+ grlitem->cache.refcnt = 1;
cp += nsize;
/*
for (i = 0; i < ngids; i++) {
if ((grp = sudo_getgrgid(gids[i])) != NULL) {
len = strlen(grp->gr_name) + 1;
- if (cp - (char *)item + len > total) {
+ if (cp - (char *)grlitem + len > total) {
total += len + GROUPNAME_LEN;
- efree(item);
+ efree(grlitem);
gr_delref(grp);
goto again;
}
aix_restoreauthdb();
#endif
- debug_return_ptr(item);
+ debug_return_ptr(&grlitem->cache);
}
void
errorx(1, _("unable to cache gid %u (%s), already exists"),
(unsigned int) gid, key.d.gr->gr_name);
} else {
- item = emalloc(sizeof(*item));
+ item = ecalloc(1, sizeof(*item));
item->refcnt = 1;
item->k.gid = gid;
- item->d.gr = NULL;
+ /* item->d.gr = NULL; */
if (rbinsert(grcache_bygid, item) != NULL)
errorx(1, _("unable to cache gid %u, already exists"),
(unsigned int) gid);
errorx(1, _("unable to cache group %s, already exists"), name);
} else {
len = strlen(name) + 1;
- item = emalloc(sizeof(*item) + len);
+ item = ecalloc(1, sizeof(*item) + len);
item->refcnt = 1;
item->k.name = (char *) item + sizeof(*item);
memcpy(item->k.name, name, len);
- item->d.gr = NULL;
+ /* item->d.gr = NULL; */
if (rbinsert(grcache_byname, item) != NULL)
errorx(1, _("unable to cache group %s, already exists"), name);
}
struct group *
sudo_fakegrnam(const char *group)
{
- struct cache_item *item;
+ struct cache_item_gr *gritem;
struct group *gr;
struct rbnode *node;
size_t len, namelen;
debug_decl(sudo_fakegrnam, SUDO_DEBUG_NSS)
namelen = strlen(group);
- len = sizeof(*item) + sizeof(*gr) + namelen + 1;
+ len = sizeof(*gritem) + namelen + 1;
for (i = 0; i < 2; i++) {
- item = emalloc(len);
- zero_bytes(item, sizeof(*item) + sizeof(*gr));
- gr = (struct group *) ((char *)item + sizeof(*item));
+ gritem = ecalloc(1, len);
+ gr = &gritem->gr;
gr->gr_gid = (gid_t) atoi(group + 1);
- gr->gr_name = (char *)gr + sizeof(struct group);
+ gr->gr_name = (char *)(gritem + 1);
memcpy(gr->gr_name, group, namelen + 1);
- item->refcnt = 1;
- item->d.gr = gr;
+ gritem->cache.refcnt = 1;
+ gritem->cache.d.gr = gr;
if (i == 0) {
/* Store by gid, overwriting cached version. */
- item->k.gid = gr->gr_gid;
- if ((node = rbinsert(grcache_bygid, item)) != NULL) {
+ gritem->cache.k.gid = gr->gr_gid;
+ if ((node = rbinsert(grcache_bygid, &gritem->cache)) != NULL) {
gr_delref_item(node->data);
- node->data = item;
+ node->data = &gritem->cache;
}
} else {
/* Store by name, overwriting cached version. */
- item->k.name = gr->gr_name;
- if ((node = rbinsert(grcache_byname, item)) != NULL) {
+ gritem->cache.k.name = gr->gr_name;
+ if ((node = rbinsert(grcache_byname, &gritem->cache)) != NULL) {
gr_delref_item(node->data);
- node->data = item;
+ node->data = &gritem->cache;
}
}
}
- item->refcnt++;
+ gritem->cache.refcnt++;
debug_return_ptr(gr);
}
} else {
/* Should not happen. */
len = strlen(pw->pw_name) + 1;
- item = emalloc(sizeof(*item) + len);
+ item = ecalloc(1, sizeof(*item) + len);
item->refcnt = 1;
item->k.name = (char *) item + sizeof(*item);
memcpy(item->k.name, pw->pw_name, len);
- item->d.grlist = NULL;
+ /* item->d.grlist = NULL; */
if (rbinsert(grlist_cache, item) != NULL)
errorx(1, "unable to cache group list for %s, already exists",
pw->pw_name);
#ifdef HAVE_UNISTD_H
# include <unistd.h>
#endif /* HAVE_UNISTD_H */
+#ifdef _AIX
+# include <sys/id.h>
+#endif
#include <pwd.h>
#include <errno.h>
#include <grp.h>
/*
* Prototypes
*/
+#if defined(HAVE_SETRESUID) || defined(HAVE_SETREUID) || defined(HAVE_SETEUID)
static struct group_list *runas_setgroups(void);
+#endif
/*
* We keep track of the current permisstions and use a stack to restore
struct perm_state {
uid_t ruid;
uid_t euid;
-#ifdef HAVE_SETRESUID
+#if defined(HAVE_SETRESUID) || defined(ID_SAVED)
uid_t suid;
#endif
gid_t rgid;
gid_t egid;
-#ifdef HAVE_SETRESUID
+#if defined(HAVE_SETRESUID) || defined(ID_SAVED)
gid_t sgid;
#endif
struct group_list *grlist;
debug_return;
}
-#ifdef HAVE_SETRESUID
+#if defined(HAVE_SETRESUID)
+
+#define UID_CHANGED (state->ruid != ostate->ruid || state->euid != ostate->euid || state->suid != ostate->suid)
+#define GID_CHANGED (state->rgid != ostate->rgid || state->egid != ostate->egid || state->sgid != ostate->sgid)
/*
* Set real and effective and saved uids and gids based on perm.
set_perms(int perm)
{
struct perm_state *state, *ostate = NULL;
- const char *errstr;
+ char errbuf[1024];
int noexit;
debug_decl(set_perms, SUDO_DEBUG_PERMS)
CLR(perm, PERM_MASK);
if (perm_stack_depth == PERM_STACK_MAX) {
- errstr = _("perm stack overflow");
+ strlcpy(errbuf, _("perm stack overflow"), sizeof(errbuf));
errno = EINVAL;
goto bad;
}
state = &perm_stack[perm_stack_depth];
if (perm != PERM_INITIAL) {
if (perm_stack_depth == 0) {
- errstr = _("perm stack underflow");
+ strlcpy(errbuf, _("perm stack underflow"), sizeof(errbuf));
errno = EINVAL;
goto bad;
}
ostate = &perm_stack[perm_stack_depth - 1];
- if (memcmp(state, ostate, sizeof(*state)) == 0)
- goto done;
}
switch (perm) {
/* Stash initial state */
#ifdef HAVE_GETRESUID
if (getresuid(&state->ruid, &state->euid, &state->suid)) {
- errstr = "getresuid";
+ strlcpy(errbuf, "PERM_INITIAL: getresuid", sizeof(errbuf));
goto bad;
}
if (getresgid(&state->rgid, &state->egid, &state->sgid)) {
- errstr = "getresgid";
+ strlcpy(errbuf, "PERM_INITIAL: getresgid", sizeof(errbuf));
goto bad;
}
#else
#endif
state->grlist = user_group_list;
grlist_addref(state->grlist);
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_INITIAL: "
+ "ruid: %d, euid: %d, suid: %d, rgid: %d, egid: %d, sgid: %d",
+ __func__, (int)state->ruid, (int)state->euid, (int)state->suid,
+ (int)state->rgid, (int)state->egid, (int)state->sgid);
break;
case PERM_ROOT:
state->ruid = ROOT_UID;
state->euid = ROOT_UID;
state->suid = ROOT_UID;
- if (setresuid(ID(ruid), ID(euid), ID(suid))) {
- errstr = "setresuid(ROOT_UID, ROOT_UID, ROOT_UID)";
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_ROOT: uid: "
+ "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+ (int)ostate->ruid, (int)ostate->euid, (int)ostate->suid,
+ (int)state->ruid, (int)state->euid, (int)state->suid);
+ if (UID_CHANGED && setresuid(ID(ruid), ID(euid), ID(suid))) {
+ snprintf(errbuf, sizeof(errbuf),
+ "PERM_ROOT: setresuid(%d, %d, %d)",
+ ID(ruid), ID(euid), ID(suid));
goto bad;
}
- state->rgid = -1;
- state->egid = -1;
- state->sgid = -1;
+ state->rgid = ostate->rgid;
+ state->egid = ostate->egid;
+ state->sgid = ostate->sgid;
state->grlist = ostate->grlist;
grlist_addref(state->grlist);
break;
case PERM_USER:
- state->rgid = -1;
+ state->rgid = ostate->rgid;
state->egid = user_gid;
- state->sgid = -1;
- if (setresgid(-1, ID(egid), -1)) {
- errstr = "setresgid(-1, user_gid, -1)";
+ state->sgid = ostate->sgid;
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_USER: gid: "
+ "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+ (int)ostate->rgid, (int)ostate->egid, (int)ostate->sgid,
+ (int)state->rgid, (int)state->egid, (int)state->sgid);
+ if (GID_CHANGED && setresgid(ID(rgid), ID(egid), ID(sgid))) {
+ snprintf(errbuf, sizeof(errbuf), "PERM_USER: setresgid(%d, %d, %d)",
+ ID(rgid), ID(egid), ID(sgid));
goto bad;
}
state->grlist = user_group_list;
grlist_addref(state->grlist);
if (state->grlist != ostate->grlist) {
if (sudo_setgroups(state->grlist->ngids, state->grlist->gids)) {
- errstr = "setgroups()";
+ strlcpy(errbuf, "PERM_USER: setgroups", sizeof(errbuf));
goto bad;
}
}
state->ruid = user_uid;
state->euid = user_uid;
state->suid = ROOT_UID;
- if (setresuid(ID(ruid), ID(euid), ID(suid))) {
- errstr = "setresuid(user_uid, user_uid, ROOT_UID)";
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_USER: uid: "
+ "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+ (int)ostate->ruid, (int)ostate->euid, (int)ostate->suid,
+ (int)state->ruid, (int)state->euid, (int)state->suid);
+ if (UID_CHANGED && setresuid(ID(ruid), ID(euid), ID(suid))) {
+ snprintf(errbuf, sizeof(errbuf), "PERM_USER: setresuid(%d, %d, %d)",
+ ID(ruid), ID(euid), ID(suid));
goto bad;
}
break;
state->rgid = user_gid;
state->egid = user_gid;
state->sgid = user_gid;
- if (setresgid(ID(rgid), ID(egid), ID(sgid))) {
- errstr = "setresgid(user_gid, user_gid, user_gid)";
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_FULL_USER: gid: "
+ "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+ (int)ostate->rgid, (int)ostate->egid, (int)ostate->sgid,
+ (int)state->rgid, (int)state->egid, (int)state->sgid);
+ if (GID_CHANGED && setresgid(ID(rgid), ID(egid), ID(sgid))) {
+ snprintf(errbuf, sizeof(errbuf),
+ "PERM_FULL_USER: setresgid(%d, %d, %d)",
+ ID(rgid), ID(egid), ID(sgid));
goto bad;
}
state->grlist = user_group_list;
grlist_addref(state->grlist);
if (state->grlist != ostate->grlist) {
if (sudo_setgroups(state->grlist->ngids, state->grlist->gids)) {
- errstr = "setgroups()";
+ strlcpy(errbuf, "PERM_FULL_USER: setgroups", sizeof(errbuf));
goto bad;
}
}
state->ruid = user_uid;
state->euid = user_uid;
state->suid = user_uid;
- if (setresuid(ID(ruid), ID(euid), ID(suid))) {
- errstr = "setresuid(user_uid, user_uid, user_uid)";
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_FULL_USER: uid: "
+ "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+ (int)ostate->ruid, (int)ostate->euid, (int)ostate->suid,
+ (int)state->ruid, (int)state->euid, (int)state->suid);
+ if (UID_CHANGED && setresuid(ID(ruid), ID(euid), ID(suid))) {
+ snprintf(errbuf, sizeof(errbuf),
+ "PERM_FULL_USER: setresuid(%d, %d, %d)",
+ ID(ruid), ID(euid), ID(suid));
goto bad;
}
break;
case PERM_RUNAS:
- state->rgid = -1;
+ state->rgid = ostate->rgid;
state->egid = runas_gr ? runas_gr->gr_gid : runas_pw->pw_gid;
- state->sgid = -1;
- if (setresgid(-1, ID(egid), -1)) {
- errstr = _("unable to change to runas gid");
+ state->sgid = ostate->sgid;
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_RUNAS: gid: "
+ "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+ (int)ostate->rgid, (int)ostate->egid, (int)ostate->sgid,
+ (int)state->rgid, (int)state->egid, (int)state->sgid);
+ if (GID_CHANGED && setresgid(ID(rgid), ID(egid), ID(sgid))) {
+ strlcpy(errbuf, _("unable to change to runas gid"), sizeof(errbuf));
goto bad;
}
state->grlist = runas_setgroups();
- state->ruid = -1;
+ state->ruid = ostate->ruid;
state->euid = runas_pw ? runas_pw->pw_uid : user_uid;
- state->suid = -1;
- if (setresuid(-1, ID(euid), -1)) {
- errstr = _("unable to change to runas uid");
+ state->suid = ostate->suid;
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_RUNAS: uid: "
+ "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+ (int)ostate->ruid, (int)ostate->euid, (int)ostate->suid,
+ (int)state->ruid, (int)state->euid, (int)state->suid);
+ if (UID_CHANGED && setresuid(ID(ruid), ID(euid), ID(suid))) {
+ strlcpy(errbuf, _("unable to change to runas uid"), sizeof(errbuf));
goto bad;
}
break;
grlist_addref(state->grlist);
/* assumes euid == ROOT_UID, ruid == user */
- state->rgid = -1;
+ state->rgid = ostate->rgid;
state->egid = sudoers_gid;
- state->sgid = -1;
- if (setresgid(-1, ID(egid), -1))
- error(1, _("unable to change to sudoers gid"));
+ state->sgid = ostate->sgid;
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_SUDOERS: gid: "
+ "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+ (int)ostate->rgid, (int)ostate->egid, (int)ostate->sgid,
+ (int)state->rgid, (int)state->egid, (int)state->sgid);
+ if (GID_CHANGED && setresgid(ID(rgid), ID(egid), ID(sgid))) {
+ strlcpy(errbuf, _("unable to change to sudoers gid"), sizeof(errbuf));
+ goto bad;
+ }
state->ruid = ROOT_UID;
/*
else
state->euid = sudoers_uid;
state->suid = ROOT_UID;
- if (setresuid(ID(ruid), ID(euid), ID(suid))) {
- errstr = "setresuid(ROOT_UID, SUDOERS_UID, ROOT_UID)";
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_SUDOERS: uid: "
+ "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+ (int)ostate->ruid, (int)ostate->euid, (int)ostate->suid,
+ (int)state->ruid, (int)state->euid, (int)state->suid);
+ if (UID_CHANGED && setresuid(ID(ruid), ID(euid), ID(suid))) {
+ snprintf(errbuf, sizeof(errbuf),
+ "PERM_SUDOERS: setresuid(%d, %d, %d)",
+ ID(ruid), ID(euid), ID(suid));
goto bad;
}
break;
case PERM_TIMESTAMP:
state->grlist = ostate->grlist;
grlist_addref(state->grlist);
- state->rgid = -1;
- state->egid = -1;
- state->sgid = -1;
+ state->rgid = ostate->rgid;
+ state->egid = ostate->egid;
+ state->sgid = ostate->sgid;
state->ruid = ROOT_UID;
state->euid = timestamp_uid;
state->suid = ROOT_UID;
- if (setresuid(ID(ruid), ID(euid), ID(suid))) {
- errstr = "setresuid(ROOT_UID, timestamp_uid, ROOT_UID)";
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_TIMESTAMP: uid: "
+ "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+ (int)ostate->ruid, (int)ostate->euid, (int)ostate->suid,
+ (int)state->ruid, (int)state->euid, (int)state->suid);
+ if (UID_CHANGED && setresuid(ID(ruid), ID(euid), ID(suid))) {
+ snprintf(errbuf, sizeof(errbuf),
+ "PERM_TIMESTAMP: setresuid(%d, %d, %d)",
+ ID(ruid), ID(euid), ID(suid));
goto bad;
}
break;
}
-done:
perm_stack_depth++;
debug_return_bool(1);
bad:
- /* XXX - better warnings inline */
- warningx("%s: %s", errstr,
+ warningx("%s: %s", errbuf,
errno == EAGAIN ? _("too many processes") : strerror(errno));
if (noexit)
debug_return_bool(0);
ostate = &perm_stack[perm_stack_depth - 2];
perm_stack_depth--;
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: uid: [%d, %d, %d] -> [%d, %d, %d]",
+ __func__, (int)state->ruid, (int)state->euid, (int)state->suid,
+ (int)ostate->ruid, (int)ostate->euid, (int)ostate->suid);
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: gid: [%d, %d, %d] -> [%d, %d, %d]",
+ __func__, (int)state->rgid, (int)state->egid, (int)state->sgid,
+ (int)ostate->rgid, (int)ostate->egid, (int)ostate->sgid);
+
/* XXX - more cases here where euid != ruid */
- if (OID(euid) == ROOT_UID && state->euid != ROOT_UID) {
+ if (OID(euid) == ROOT_UID) {
if (setresuid(-1, ROOT_UID, -1)) {
warning("setresuid() [%d, %d, %d] -> [%d, %d, %d]",
(int)state->ruid, (int)state->euid, (int)state->suid,
exit(1);
}
-#else
-# ifdef HAVE_SETREUID
+#elif defined(_AIX) && defined(ID_SAVED)
+
+#define UID_CHANGED (state->ruid != ostate->ruid || state->euid != ostate->euid || state->suid != ostate->suid)
+#define GID_CHANGED (state->rgid != ostate->rgid || state->egid != ostate->egid || state->sgid != ostate->sgid)
/*
- * Set real and effective uids and gids based on perm.
- * We always retain a real or effective uid of ROOT_UID unless
- * we are headed for an exec().
+ * Set real and effective and saved uids and gids based on perm.
+ * We always retain a saved uid of 0 unless we are headed for an exec().
+ * We only flip the effective gid since it only changes for PERM_SUDOERS.
+ * This version of set_perms() works fine with the "stay_setuid" option.
+ */
+int
+set_perms(int perm)
+{
+ struct perm_state *state, *ostate = NULL;
+ char errbuf[1024];
+ int noexit;
+ debug_decl(set_perms, SUDO_DEBUG_PERMS)
+
+ noexit = ISSET(perm, PERM_NOEXIT);
+ CLR(perm, PERM_MASK);
+
+ if (perm_stack_depth == PERM_STACK_MAX) {
+ strlcpy(errbuf, _("perm stack overflow"), sizeof(errbuf));
+ errno = EINVAL;
+ goto bad;
+ }
+
+ state = &perm_stack[perm_stack_depth];
+ if (perm != PERM_INITIAL) {
+ if (perm_stack_depth == 0) {
+ strlcpy(errbuf, _("perm stack underflow"), sizeof(errbuf));
+ errno = EINVAL;
+ goto bad;
+ }
+ ostate = &perm_stack[perm_stack_depth - 1];
+ }
+
+ switch (perm) {
+ case PERM_INITIAL:
+ /* Stash initial state */
+ state->ruid = getuidx(ID_REAL);
+ state->euid = getuidx(ID_EFFECTIVE);
+ state->suid = getuidx(ID_SAVED);
+ state->rgid = getgidx(ID_REAL);
+ state->egid = getgidx(ID_EFFECTIVE);
+ state->sgid = getgidx(ID_SAVED);
+ state->grlist = user_group_list;
+ grlist_addref(state->grlist);
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_INITIAL: "
+ "ruid: %d, euid: %d, suid: %d, rgid: %d, egid: %d, sgid: %d",
+ __func__, (unsigned int)state->ruid, (unsigned int)state->euid,
+ (unsigned int)state->suid, (unsigned int)state->rgid,
+ (unsigned int)state->egid, (unsigned int)state->sgid);
+ break;
+
+ case PERM_ROOT:
+ state->ruid = ROOT_UID;
+ state->euid = ROOT_UID;
+ state->suid = ROOT_UID;
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_ROOT: uid: "
+ "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+ (int)ostate->ruid, (int)ostate->euid, (int)ostate->suid,
+ (int)state->ruid, (int)state->euid, (int)state->suid);
+ if (UID_CHANGED && setuidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, ROOT_UID)) {
+ snprintf(errbuf, sizeof(errbuf),
+ "PERM_ROOT: setuidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, %d)",
+ ROOT_UID);
+ goto bad;
+ }
+ state->rgid = ostate->rgid;
+ state->egid = ostate->egid;
+ state->sgid = ostate->sgid;
+ state->grlist = ostate->grlist;
+ grlist_addref(state->grlist);
+ break;
+
+ case PERM_USER:
+ state->rgid = ostate->rgid;
+ state->egid = user_gid;
+ state->sgid = ostate->sgid;
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_USER: gid: "
+ "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+ (int)ostate->rgid, (int)ostate->egid, (int)ostate->sgid,
+ (int)state->rgid, (int)state->egid, (int)state->sgid);
+ if (GID_CHANGED && setgidx(ID_EFFECTIVE, user_gid)) {
+ snprintf(errbuf, sizeof(errbuf),
+ "PERM_USER: setgidx(ID_EFFECTIVE, %d)", user_gid);
+ goto bad;
+ }
+ state->grlist = user_group_list;
+ grlist_addref(state->grlist);
+ if (state->grlist != ostate->grlist) {
+ if (sudo_setgroups(state->grlist->ngids, state->grlist->gids)) {
+ strlcpy(errbuf, "PERM_USER: setgroups", sizeof(errbuf));
+ goto bad;
+ }
+ }
+ state->ruid = user_uid;
+ state->euid = user_uid;
+ state->suid = ROOT_UID;
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_USER: uid: "
+ "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+ (int)ostate->ruid, (int)ostate->euid, (int)ostate->suid,
+ (int)state->ruid, (int)state->euid, (int)state->suid);
+ if (ostate->euid != ROOT_UID || ostate->suid != ROOT_UID) {
+ if (setuidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, ROOT_UID)) {
+ snprintf(errbuf, sizeof(errbuf),
+ "PERM_USER: setuidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, %d)",
+ ROOT_UID);
+ goto bad;
+ }
+ }
+ if (setuidx(ID_EFFECTIVE|ID_REAL, user_uid)) {
+ snprintf(errbuf, sizeof(errbuf),
+ "PERM_USER: setuidx(ID_EFFECTIVE|ID_REAL, %d)", user_uid);
+ goto bad;
+ }
+ break;
+
+ case PERM_FULL_USER:
+ /* headed for exec() */
+ state->rgid = user_gid;
+ state->egid = user_gid;
+ state->sgid = user_gid;
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_FULL_USER: gid: "
+ "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+ (int)ostate->rgid, (int)ostate->egid, (int)ostate->sgid,
+ (int)state->rgid, (int)state->egid, (int)state->sgid);
+ if (GID_CHANGED && setgidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, user_gid)) {
+ snprintf(errbuf, sizeof(errbuf),
+ "PERM_FULL_USER: setgidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, %d)",
+ user_gid);
+ goto bad;
+ }
+ state->grlist = user_group_list;
+ grlist_addref(state->grlist);
+ if (state->grlist != ostate->grlist) {
+ if (sudo_setgroups(state->grlist->ngids, state->grlist->gids)) {
+ strlcpy(errbuf, "PERM_FULL_USER: setgroups", sizeof(errbuf));
+ goto bad;
+ }
+ }
+ state->ruid = user_uid;
+ state->euid = user_uid;
+ state->suid = user_uid;
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_FULL_USER: uid: "
+ "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+ (int)ostate->ruid, (int)ostate->euid, (int)ostate->suid,
+ (int)state->ruid, (int)state->euid, (int)state->suid);
+ if (UID_CHANGED && setuidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, user_uid)) {
+ snprintf(errbuf, sizeof(errbuf),
+ "PERM_FULL_USER: setuidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, %d)",
+ user_uid);
+ goto bad;
+ }
+ break;
+
+ case PERM_RUNAS:
+ state->rgid = ostate->rgid;
+ state->egid = runas_gr ? runas_gr->gr_gid : runas_pw->pw_gid;
+ state->sgid = ostate->sgid;
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_RUNAS: gid: "
+ "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+ (int)ostate->rgid, (int)ostate->egid, (int)ostate->sgid,
+ (int)state->rgid, (int)state->egid, (int)state->sgid);
+ if (GID_CHANGED && setgidx(ID_EFFECTIVE, state->egid)) {
+ strlcpy(errbuf, _("unable to change to runas gid"), sizeof(errbuf));
+ goto bad;
+ }
+ state->grlist = runas_setgroups();
+ state->ruid = ostate->ruid;
+ state->euid = runas_pw ? runas_pw->pw_uid : user_uid;
+ state->suid = ostate->suid;
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_RUNAS: uid: "
+ "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+ (int)ostate->ruid, (int)ostate->euid, (int)ostate->suid,
+ (int)state->ruid, (int)state->euid, (int)state->suid);
+ if (UID_CHANGED && setuidx(ID_EFFECTIVE, state->euid)) {
+ strlcpy(errbuf, _("unable to change to runas uid"), sizeof(errbuf));
+ goto bad;
+ }
+ break;
+
+ case PERM_SUDOERS:
+ state->grlist = ostate->grlist;
+ grlist_addref(state->grlist);
+
+ /* assume euid == ROOT_UID, ruid == user */
+ state->rgid = ostate->rgid;
+ state->egid = sudoers_gid;
+ state->sgid = ostate->sgid;
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_SUDOERS: gid: "
+ "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+ (int)ostate->rgid, (int)ostate->egid, (int)ostate->sgid,
+ (int)state->rgid, (int)state->egid, (int)state->sgid);
+ if (GID_CHANGED && setgidx(ID_EFFECTIVE, sudoers_gid)) {
+ strlcpy(errbuf, _("unable to change to sudoers gid"), sizeof(errbuf));
+ goto bad;
+ }
+
+ state->ruid = ROOT_UID;
+ /*
+ * If sudoers_uid == ROOT_UID and sudoers_mode is group readable
+ * we use a non-zero uid in order to avoid NFS lossage.
+ * Using uid 1 is a bit bogus but should work on all OS's.
+ */
+ if (sudoers_uid == ROOT_UID && (sudoers_mode & 040))
+ state->euid = 1;
+ else
+ state->euid = sudoers_uid;
+ state->suid = ROOT_UID;
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_SUDOERS: uid: "
+ "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+ (int)ostate->ruid, (int)ostate->euid, (int)ostate->suid,
+ (int)state->ruid, (int)state->euid, (int)state->suid);
+ if (UID_CHANGED) {
+ if (ostate->ruid != ROOT_UID || ostate->suid != ROOT_UID) {
+ if (setuidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, ROOT_UID)) {
+ snprintf(errbuf, sizeof(errbuf),
+ "PERM_SUDOERS: setuidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, %d)",
+ ROOT_UID);
+ goto bad;
+ }
+ }
+ if (setuidx(ID_EFFECTIVE, state->euid)) {
+ snprintf(errbuf, sizeof(errbuf),
+ "PERM_SUDOERS: setuidx(ID_EFFECTIVE, %d)", sudoers_uid);
+ goto bad;
+ }
+ }
+ break;
+
+ case PERM_TIMESTAMP:
+ state->grlist = ostate->grlist;
+ grlist_addref(state->grlist);
+ state->rgid = ostate->rgid;
+ state->egid = ostate->egid;
+ state->sgid = ostate->sgid;
+ state->ruid = ROOT_UID;
+ state->euid = timestamp_uid;
+ state->suid = ROOT_UID;
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_TIMESTAMP: uid: "
+ "[%d, %d, %d] -> [%d, %d, %d]", __func__,
+ (int)ostate->ruid, (int)ostate->euid, (int)ostate->suid,
+ (int)state->ruid, (int)state->euid, (int)state->suid);
+ if (UID_CHANGED) {
+ if (ostate->ruid != ROOT_UID || ostate->suid != ROOT_UID) {
+ if (setuidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, ROOT_UID)) {
+ snprintf(errbuf, sizeof(errbuf),
+ "PERM_TIMESTAMP: setuidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, %d)",
+ ROOT_UID);
+ goto bad;
+ }
+ }
+ if (setuidx(ID_EFFECTIVE, timestamp_uid)) {
+ snprintf(errbuf, sizeof(errbuf),
+ "PERM_TIMESTAMP: setuidx(ID_EFFECTIVE, %d)", timestamp_uid);
+ goto bad;
+ }
+ }
+ break;
+ }
+
+ perm_stack_depth++;
+ debug_return_bool(1);
+bad:
+ warningx("%s: %s", errbuf,
+ errno == EAGAIN ? _("too many processes") : strerror(errno));
+ if (noexit)
+ debug_return_bool(0);
+ exit(1);
+}
+
+void
+restore_perms(void)
+{
+ struct perm_state *state, *ostate;
+ debug_decl(restore_perms, SUDO_DEBUG_PERMS)
+
+ if (perm_stack_depth < 2)
+ debug_return;
+
+ state = &perm_stack[perm_stack_depth - 1];
+ ostate = &perm_stack[perm_stack_depth - 2];
+ perm_stack_depth--;
+
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: uid: [%d, %d, %d] -> [%d, %d, %d]",
+ __func__, (int)state->ruid, (int)state->euid, (int)state->suid,
+ (int)ostate->ruid, (int)ostate->euid, (int)ostate->suid);
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: gid: [%d, %d, %d] -> [%d, %d, %d]",
+ __func__, (int)state->rgid, (int)state->egid, (int)state->sgid,
+ (int)ostate->rgid, (int)ostate->egid, (int)ostate->sgid);
+
+ if (OID(ruid) != -1 || OID(euid) != -1 || OID(suid) != -1) {
+ if (OID(euid) == ROOT_UID) {
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: setuidx(ID_EFFECTIVE, %d)",
+ __func__, ROOT_UID);
+ if (setuidx(ID_EFFECTIVE, ROOT_UID)) {
+ warning("setuidx(ID_EFFECTIVE) [%d, %d, %d] -> [%d, %d, %d]",
+ (int)state->ruid, (int)state->euid, (int)state->suid,
+ -1, ROOT_UID, -1);
+ goto bad;
+ }
+ }
+ if (OID(ruid) == OID(euid) && OID(euid) == OID(suid)) {
+ sudo_debug_printf(SUDO_DEBUG_INFO,
+ "%s: setuidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, %d)",
+ __func__, OID(ruid));
+ if (setuidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, OID(ruid))) {
+ warning("setuidx(ID_EFFECTIVE|ID_REAL|ID_SAVED) [%d, %d, %d] -> [%d, %d, %d]",
+ (int)state->ruid, (int)state->euid, (int)state->suid,
+ (int)OID(ruid), (int)OID(euid), (int)OID(suid));
+ goto bad;
+ }
+ } else if (OID(ruid) == -1 && OID(suid) == -1) {
+ /* May have already changed euid to ROOT_UID above. */
+ if (OID(euid) != ROOT_UID) {
+ sudo_debug_printf(SUDO_DEBUG_INFO,
+ "%s: setuidx(ID_EFFECTIVE, %d)", __func__, OID(euid));
+ if (setuidx(ID_EFFECTIVE, OID(euid))) {
+ warning("setuidx(ID_EFFECTIVE) [%d, %d, %d] -> [%d, %d, %d]",
+ (int)state->ruid, (int)state->euid, (int)state->suid,
+ (int)OID(ruid), (int)OID(euid), (int)OID(suid));
+ goto bad;
+ }
+ }
+ } else if (OID(suid) == -1) {
+ /* Cannot set the real uid alone. */
+ sudo_debug_printf(SUDO_DEBUG_INFO,
+ "%s: setuidx(ID_REAL|ID_EFFECTIVE, %d)", __func__, OID(ruid));
+ if (setuidx(ID_REAL|ID_EFFECTIVE, OID(ruid))) {
+ warning("setuidx(ID_REAL|ID_EFFECTIVE) [%d, %d, %d] -> [%d, %d, %d]",
+ (int)state->ruid, (int)state->euid, (int)state->suid,
+ (int)OID(ruid), (int)OID(euid), (int)OID(suid));
+ goto bad;
+ }
+ /* Restore the effective euid if it doesn't match the ruid. */
+ if (OID(euid) != OID(ruid)) {
+ sudo_debug_printf(SUDO_DEBUG_INFO,
+ "%s: setuidx(ID_EFFECTIVE, %d)", __func__, ostate->euid);
+ if (setuidx(ID_EFFECTIVE, ostate->euid)) {
+ warning("setuidx(ID_EFFECTIVE, %d)", ostate->euid);
+ goto bad;
+ }
+ }
+ }
+ }
+ if (OID(rgid) != -1 || OID(egid) != -1 || OID(sgid) != -1) {
+ if (OID(rgid) == OID(egid) && OID(egid) == OID(sgid)) {
+ sudo_debug_printf(SUDO_DEBUG_INFO,
+ "%s: setgidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, %d)",
+ __func__, OID(rgid));
+ if (setgidx(ID_EFFECTIVE|ID_REAL|ID_SAVED, OID(rgid))) {
+ warning("setgidx(ID_EFFECTIVE|ID_REAL|ID_SAVED) [%d, %d, %d] -> [%d, %d, %d]",
+ (int)state->rgid, (int)state->egid, (int)state->sgid,
+ (int)OID(rgid), (int)OID(egid), (int)OID(sgid));
+ goto bad;
+ }
+ } else if (OID(rgid) == -1 && OID(sgid) == -1) {
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: setgidx(ID_EFFECTIVE, %d)",
+ __func__, OID(egid));
+ if (setgidx(ID_EFFECTIVE, OID(egid))) {
+ warning("setgidx(ID_EFFECTIVE) [%d, %d, %d] -> [%d, %d, %d]",
+ (int)state->rgid, (int)state->egid, (int)state->sgid,
+ (int)OID(rgid), (int)OID(egid), (int)OID(sgid));
+ goto bad;
+ }
+ } else if (OID(sgid) == -1) {
+ sudo_debug_printf(SUDO_DEBUG_INFO,
+ "%s: setgidx(ID_EFFECTIVE|ID_REAL, %d)", __func__, OID(rgid));
+ if (setgidx(ID_REAL|ID_EFFECTIVE, OID(rgid))) {
+ warning("setgidx(ID_REAL|ID_EFFECTIVE) [%d, %d, %d] -> [%d, %d, %d]",
+ (int)state->rgid, (int)state->egid, (int)state->sgid,
+ (int)OID(rgid), (int)OID(egid), (int)OID(sgid));
+ goto bad;
+ }
+ }
+ }
+ if (state->grlist != ostate->grlist) {
+ if (sudo_setgroups(ostate->grlist->ngids, ostate->grlist->gids)) {
+ warning("setgroups()");
+ goto bad;
+ }
+ }
+ grlist_delref(state->grlist);
+ debug_return;
+
+bad:
+ exit(1);
+}
+
+#elif defined(HAVE_SETREUID)
+
+#define UID_CHANGED (state->ruid != ostate->ruid || state->euid != ostate->euid)
+#define GID_CHANGED (state->rgid != ostate->rgid || state->egid != ostate->egid)
+
+/*
+ * Set real and effective and saved uids and gids based on perm.
+ * We always retain a saved uid of 0 unless we are headed for an exec().
+ * We only flip the effective gid since it only changes for PERM_SUDOERS.
* This version of set_perms() works fine with the "stay_setuid" option.
*/
int
set_perms(int perm)
{
struct perm_state *state, *ostate = NULL;
- const char *errstr;
+ char errbuf[1024];
int noexit;
debug_decl(set_perms, SUDO_DEBUG_PERMS)
CLR(perm, PERM_MASK);
if (perm_stack_depth == PERM_STACK_MAX) {
- errstr = _("perm stack overflow");
+ strlcpy(errbuf, _("perm stack overflow"), sizeof(errbuf));
errno = EINVAL;
goto bad;
}
state = &perm_stack[perm_stack_depth];
if (perm != PERM_INITIAL) {
if (perm_stack_depth == 0) {
- errstr = _("perm stack underflow");
+ strlcpy(errbuf, _("perm stack underflow"), sizeof(errbuf));
errno = EINVAL;
goto bad;
}
ostate = &perm_stack[perm_stack_depth - 1];
- if (memcmp(state, ostate, sizeof(*state)) == 0)
- goto done;
}
switch (perm) {
state->egid = getegid();
state->grlist = user_group_list;
grlist_addref(state->grlist);
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_INITIAL: "
+ "ruid: %d, euid: %d, rgid: %d, egid: %d", __func__,
+ (int)state->ruid, (int)state->euid,
+ (int)state->rgid, (int)state->egid);
break;
case PERM_ROOT:
+ state->ruid = ROOT_UID;
+ state->euid = ROOT_UID;
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_ROOT: uid: "
+ "[%d, %d] -> [%d, %d]", __func__, (int)ostate->ruid,
+ (int)ostate->euid, (int)state->ruid, (int)state->euid);
/*
* setreuid(0, 0) may fail on some systems if euid is not already 0.
*/
if (ostate->euid != ROOT_UID) {
if (setreuid(-1, ROOT_UID)) {
- errstr = "setreuid(-1, ROOT_UID)";
+ snprintf(errbuf, sizeof(errbuf),
+ "PERM_ROOT: setreuid(-1, %d)", PERM_ROOT);
goto bad;
}
}
- state->euid = ROOT_UID;
- if (setreuid(ID(ruid), -1)) {
- errstr = "setreuid(ROOT_UID, -1)";
- goto bad;
+ if (ostate->ruid != ROOT_UID) {
+ if (setreuid(ROOT_UID, -1)) {
+ snprintf(errbuf, sizeof(errbuf),
+ "PERM_ROOT: setreuid(%d, -1)", ROOT_UID);
+ goto bad;
+ }
}
- state->ruid = ROOT_UID;
- state->rgid = -1;
- state->egid = -1;
+ state->rgid = ostate->rgid;
+ state->egid = ostate->rgid;
state->grlist = ostate->grlist;
grlist_addref(state->grlist);
break;
case PERM_USER:
- state->rgid = -1;
+ state->rgid = ostate->rgid;
state->egid = user_gid;
- if (setregid(-1, ID(egid))) {
- errstr = "setregid(-1, user_gid)";
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_USER: gid: "
+ "[%d, %d] -> [%d, %d]", __func__, (int)ostate->rgid,
+ (int)ostate->egid, (int)state->rgid, (int)state->egid);
+ if (GID_CHANGED && setregid(ID(rgid), ID(egid))) {
+ snprintf(errbuf, sizeof(errbuf),
+ "PERM_USER: setregid(%d, %d)", ID(rgid), ID(egid));
goto bad;
}
state->grlist = user_group_list;
grlist_addref(state->grlist);
if (state->grlist != ostate->grlist) {
if (sudo_setgroups(state->grlist->ngids, state->grlist->gids)) {
- errstr = "setgroups()";
+ strlcpy(errbuf, "PERM_USER: setgroups", sizeof(errbuf));
goto bad;
}
}
state->ruid = ROOT_UID;
state->euid = user_uid;
- if (setreuid(ID(ruid), ID(euid))) {
- errstr = "setreuid(ROOT_UID, user_uid)";
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_USER: uid: "
+ "[%d, %d] -> [%d, %d]", __func__, (int)ostate->ruid,
+ (int)ostate->euid, (int)state->ruid, (int)state->euid);
+ if (UID_CHANGED && setreuid(ID(ruid), ID(euid))) {
+ snprintf(errbuf, sizeof(errbuf),
+ "PERM_USER: setreuid(%d, %d)", ID(ruid), ID(euid));
goto bad;
}
break;
/* headed for exec() */
state->rgid = user_gid;
state->egid = user_gid;
- if (setregid(ID(rgid), ID(egid))) {
- errstr = "setregid(user_gid, user_gid)";
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_FULL_USER: gid: "
+ "[%d, %d] -> [%d, %d]", __func__, (int)ostate->rgid,
+ (int)ostate->egid, (int)state->rgid, (int)state->egid);
+ if (GID_CHANGED && setregid(ID(rgid), ID(egid))) {
+ snprintf(errbuf, sizeof(errbuf),
+ "PERM_FULL_USER: setregid(%d, %d)", ID(rgid), ID(egid));
goto bad;
}
state->grlist = user_group_list;
grlist_addref(state->grlist);
if (state->grlist != ostate->grlist) {
if (sudo_setgroups(state->grlist->ngids, state->grlist->gids)) {
- errstr = "setgroups()";
+ strlcpy(errbuf, "PERM_FULL_USER: setgroups", sizeof(errbuf));
goto bad;
}
}
state->ruid = user_uid;
state->euid = user_uid;
- if (setreuid(ID(ruid), ID(euid))) {
- errstr = "setreuid(user_uid, user_uid)";
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_FULL_USER: uid: "
+ "[%d, %d] -> [%d, %d]", __func__, (int)ostate->ruid,
+ (int)ostate->euid, (int)state->ruid, (int)state->euid);
+ if (UID_CHANGED && setreuid(ID(ruid), ID(euid))) {
+ snprintf(errbuf, sizeof(errbuf),
+ "PERM_FULL_USER: setreuid(%d, %d)", ID(ruid), ID(euid));
goto bad;
}
break;
case PERM_RUNAS:
- state->rgid = -1;
+ state->rgid = ostate->rgid;
state->egid = runas_gr ? runas_gr->gr_gid : runas_pw->pw_gid;
- if (setregid(ID(rgid), ID(egid))) {
- errstr = _("unable to change to runas gid");
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_RUNAS: gid: "
+ "[%d, %d] -> [%d, %d]", __func__, (int)ostate->rgid,
+ (int)ostate->egid, (int)state->rgid, (int)state->egid);
+ if (GID_CHANGED && setregid(ID(rgid), ID(egid))) {
+ strlcpy(errbuf, _("unable to change to runas gid"), sizeof(errbuf));
goto bad;
}
state->grlist = runas_setgroups();
state->ruid = ROOT_UID;
state->euid = runas_pw ? runas_pw->pw_uid : user_uid;
- if (setreuid(ID(ruid), ID(euid))) {
- errstr = _("unable to change to runas uid");
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_RUNAS: uid: "
+ "[%d, %d] -> [%d, %d]", __func__, (int)ostate->ruid,
+ (int)ostate->euid, (int)state->ruid, (int)state->euid);
+ if (UID_CHANGED && setreuid(ID(ruid), ID(euid))) {
+ strlcpy(errbuf, _("unable to change to runas uid"), sizeof(errbuf));
goto bad;
}
break;
grlist_addref(state->grlist);
/* assume euid == ROOT_UID, ruid == user */
- state->rgid = -1;
+ state->rgid = ostate->rgid;
state->egid = sudoers_gid;
- if (setregid(-1, ID(egid)))
- error(1, _("unable to change to sudoers gid"));
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_SUDOERS: gid: "
+ "[%d, %d] -> [%d, %d]", __func__, (int)ostate->rgid,
+ (int)ostate->egid, (int)state->rgid, (int)state->egid);
+ if (GID_CHANGED && setregid(ID(rgid), ID(egid))) {
+ strlcpy(errbuf, _("unable to change to sudoers gid"), sizeof(errbuf));
+ goto bad;
+ }
state->ruid = ROOT_UID;
/*
state->euid = 1;
else
state->euid = sudoers_uid;
- if (setreuid(ID(ruid), ID(euid))) {
- errstr = "setreuid(ROOT_UID, SUDOERS_UID)";
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_SUDOERS: uid: "
+ "[%d, %d] -> [%d, %d]", __func__, (int)ostate->ruid,
+ (int)ostate->euid, (int)state->ruid, (int)state->euid);
+ if (UID_CHANGED && setreuid(ID(ruid), ID(euid))) {
+ snprintf(errbuf, sizeof(errbuf),
+ "PERM_SUDOERS: setreuid(%d, %d)", ID(ruid), ID(euid));
goto bad;
}
break;
case PERM_TIMESTAMP:
state->grlist = ostate->grlist;
grlist_addref(state->grlist);
- state->rgid = -1;
- state->egid = -1;
+ state->rgid = ostate->rgid;
+ state->egid = ostate->egid;
state->ruid = ROOT_UID;
state->euid = timestamp_uid;
- if (setreuid(ID(ruid), ID(euid))) {
- errstr = "setreuid(ROOT_UID, timestamp_uid)";
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_TIMESTAMP: uid: "
+ "[%d, %d] -> [%d, %d]", __func__, (int)ostate->ruid,
+ (int)ostate->euid, (int)state->ruid, (int)state->euid);
+ if (UID_CHANGED && setreuid(ID(ruid), ID(euid))) {
+ snprintf(errbuf, sizeof(errbuf),
+ "PERM_TIMESTAMP: setreuid(%d, %d)", ID(ruid), ID(euid));
goto bad;
}
break;
}
-done:
perm_stack_depth++;
debug_return_bool(1);
bad:
- /* XXX - better warnings inline */
- warningx("%s: %s", errstr,
+ warningx("%s: %s", errbuf,
errno == EAGAIN ? _("too many processes") : strerror(errno));
if (noexit)
debug_return_bool(0);
ostate = &perm_stack[perm_stack_depth - 2];
perm_stack_depth--;
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: uid: [%d, %d] -> [%d, %d]",
+ __func__, (int)state->ruid, (int)state->euid,
+ (int)ostate->ruid, (int)ostate->euid);
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: gid: [%d, %d] -> [%d, %d]",
+ __func__, (int)state->rgid, (int)state->egid,
+ (int)ostate->rgid, (int)ostate->egid);
+
/*
* When changing euid to ROOT_UID, setreuid() may fail even if
* the ruid is ROOT_UID so call setuid() first.
exit(1);
}
-# else /* !HAVE_SETRESUID && !HAVE_SETREUID */
-# ifdef HAVE_SETEUID
+#elif defined(HAVE_SETEUID)
+
+#define GID_CHANGED (state->rgid != ostate->rgid || state->egid != ostate->egid)
/*
* Set real and effective uids and gids based on perm.
set_perms(int perm)
{
struct perm_state *state, *ostate = NULL;
- const char *errstr;
+ char errbuf[1024];
int noexit;
debug_decl(set_perms, SUDO_DEBUG_PERMS)
CLR(perm, PERM_MASK);
if (perm_stack_depth == PERM_STACK_MAX) {
- errstr = _("perm stack overflow");
+ strlcpy(errbuf, _("perm stack overflow"), sizeof(errbuf));
errno = EINVAL;
goto bad;
}
state = &perm_stack[perm_stack_depth];
if (perm != PERM_INITIAL) {
if (perm_stack_depth == 0) {
- errstr = _("perm stack underflow");
+ strlcpy(errbuf, _("perm stack underflow"), sizeof(errbuf));
errno = EINVAL;
goto bad;
}
ostate = &perm_stack[perm_stack_depth - 1];
- if (memcmp(state, ostate, sizeof(*state)) == 0)
- goto done;
}
/*
* real and effective uids to ROOT_UID initially to be safe.
*/
if (perm != PERM_INITIAL) {
- if (seteuid(ROOT_UID)) {
- errstr = "seteuid(ROOT_UID)";
+ if (ostate->euid != ROOT_UID && seteuid(ROOT_UID)) {
+ snprintf(errbuf, sizeof(errbuf), "set_perms: seteuid(%d)", ROOT_UID);
goto bad;
}
- if (setuid(ROOT_UID)) {
- errstr = "setuid(ROOT_UID)";
+ if (ostate->ruid != ROOT_UID && setuid(ROOT_UID)) {
+ snprintf(errbuf, sizeof(errbuf), "set_perms: setuid(%d)", ROOT_UID);
goto bad;
}
}
state->egid = getegid();
state->grlist = user_group_list;
grlist_addref(state->grlist);
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_INITIAL: "
+ "ruid: %d, euid: %d, rgid: %d, egid: %d", __func__,
+ (int)state->ruid, (int)state->euid,
+ (int)state->rgid, (int)state->egid);
break;
case PERM_ROOT:
/* We already set ruid/euid above. */
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_ROOT: uid: "
+ "[%d, %d] -> [%d, %d]", __func__, (int)ostate->ruid,
+ (int)ostate->euid, ROOT_UID, ROOT_UID);
state->ruid = ROOT_UID;
state->euid = ROOT_UID;
- state->rgid = -1;
- state->egid = -1;
+ state->rgid = ostate->rgid;
+ state->egid = ostate->egid;
state->grlist = ostate->grlist;
grlist_addref(state->grlist);
break;
case PERM_USER:
state->egid = user_gid;
- if (setegid(ID(egid))) {
- errstr = "setegid(user_gid)";
+ state->rgid = ostate->rgid;
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_USER: gid: "
+ "[%d, %d] -> [%d, %d]", __func__, (int)ostate->rgid,
+ (int)ostate->egid, (int)state->rgid, (int)state->egid);
+ if (GID_CHANGED && setegid(user_gid)) {
+ snprintf(errbuf, sizeof(errbuf),
+ "PERM_USER: setegid(%d)", user_gid);
goto bad;
}
state->grlist = user_group_list;
grlist_addref(state->grlist);
if (state->grlist != ostate->grlist) {
if (sudo_setgroups(state->grlist->ngids, state->grlist->gids)) {
- errstr = "setgroups()";
+ strlcpy(errbuf, "PERM_USER: setgroups", sizeof(errbuf));
goto bad;
}
}
- state->rgid = -1;
state->ruid = ROOT_UID;
state->euid = user_uid;
- if (seteuid(ID(euid))) {
- errstr = "seteuid(user_uid)";
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_USER: uid: "
+ "[%d, %d] -> [%d, %d]", __func__, (int)ostate->ruid,
+ (int)ostate->euid, (int)state->ruid, (int)state->euid);
+ if (seteuid(user_uid)) {
+ snprintf(errbuf, sizeof(errbuf),
+ "PERM_USER: seteuid(%d)", user_uid);
goto bad;
}
break;
/* headed for exec() */
state->rgid = user_gid;
state->egid = user_gid;
- if (setgid(user_gid)) {
- errstr = "setgid(user_gid)";
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_FULL_USER: gid: "
+ "[%d, %d] -> [%d, %d]", __func__, (int)ostate->rgid,
+ (int)ostate->egid, (int)state->rgid, (int)state->egid);
+ if (GID_CHANGED && setgid(user_gid)) {
+ snprintf(errbuf, sizeof(errbuf),
+ "PERM_FULL_USER: setgid(%d)", user_gid);
goto bad;
}
state->grlist = user_group_list;
grlist_addref(state->grlist);
if (state->grlist != ostate->grlist) {
if (sudo_setgroups(state->grlist->ngids, state->grlist->gids)) {
- errstr = "setgroups()";
+ strlcpy(errbuf, "PERM_FULL_USER: setgroups", sizeof(errbuf));
goto bad;
}
}
state->ruid = user_uid;
state->euid = user_uid;
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_FULL_USER: uid: "
+ "[%d, %d] -> [%d, %d]", __func__, (int)ostate->ruid,
+ (int)ostate->euid, (int)state->ruid, (int)state->euid);
if (setuid(user_uid)) {
- errstr = "setuid(user_uid)";
+ snprintf(errbuf, sizeof(errbuf),
+ "PERM_FULL_USER: setuid(%d)", user_uid);
goto bad;
}
break;
case PERM_RUNAS:
- state->rgid = -1;
+ state->rgid = ostate->rgid;
state->egid = runas_gr ? runas_gr->gr_gid : runas_pw->pw_gid;
- if (setegid(ID(egid))) {
- errstr = _("unable to change to runas gid");
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_RUNAS: gid: "
+ "[%d, %d] -> [%d, %d]", __func__, (int)ostate->rgid,
+ (int)ostate->egid, (int)state->rgid, (int)state->egid);
+ if (GID_CHANGED && setegid(state->egid)) {
+ strlcpy(errbuf, _("unable to change to runas gid"), sizeof(errbuf));
goto bad;
}
state->grlist = runas_setgroups();
- state->ruid = -1;
+ state->ruid = ostate->ruid;
state->euid = runas_pw ? runas_pw->pw_uid : user_uid;
- if (seteuid(ID(euid))) {
- errstr = _("unable to change to runas uid");
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_RUNAS: uid: "
+ "[%d, %d] -> [%d, %d]", __func__, (int)ostate->ruid,
+ (int)ostate->euid, (int)state->ruid, (int)state->euid);
+ if (seteuid(state->euid)) {
+ strlcpy(errbuf, _("unable to change to runas uid"), sizeof(errbuf));
goto bad;
}
break;
grlist_addref(state->grlist);
/* assume euid == ROOT_UID, ruid == user */
- state->rgid = -1;
+ state->rgid = ostate->rgid;
state->egid = sudoers_gid;
- if (setegid(ID(egid)))
- error(1, _("unable to change to sudoers gid"));
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_SUDOERS: gid: "
+ "[%d, %d] -> [%d, %d]", __func__, (int)ostate->rgid,
+ (int)ostate->egid, (int)state->rgid, (int)state->egid);
+ if (GID_CHANGED && setegid(sudoers_gid)) {
+ strlcpy(errbuf, _("unable to change to sudoers gid"), sizeof(errbuf));
+ goto bad;
+ }
state->ruid = ROOT_UID;
/*
state->euid = 1;
else
state->euid = sudoers_uid;
- if (seteuid(ID(euid))) {
- errstr = "seteuid(SUDOERS_UID)";
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_SUDOERS: uid: "
+ "[%d, %d] -> [%d, %d]", __func__, (int)ostate->ruid,
+ (int)ostate->euid, (int)state->ruid, (int)state->euid);
+ if (seteuid(state->euid)) {
+ snprintf(errbuf, sizeof(errbuf),
+ "PERM_SUDOERS: seteuid(%d)", state->euid);
goto bad;
}
break;
case PERM_TIMESTAMP:
state->grlist = ostate->grlist;
grlist_addref(state->grlist);
- state->rgid = -1;
- state->egid = -1;
+ state->rgid = ostate->rgid;
+ state->egid = ostate->egid;
state->ruid = ROOT_UID;
state->euid = timestamp_uid;
- if (seteuid(ID(euid))) {
- errstr = "seteuid(timestamp_uid)";
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_TIMESTAMP: uid: "
+ "[%d, %d] -> [%d, %d]", __func__, (int)ostate->ruid,
+ (int)ostate->euid, (int)state->ruid, (int)state->euid);
+ if (seteuid(timestamp_uid)) {
+ snprintf(errbuf, sizeof(errbuf),
+ "PERM_TIMESTAMP: seteuid(%d)", timestamp_uid);
goto bad;
}
break;
}
-done:
perm_stack_depth++;
debug_return_bool(1);
bad:
- /* XXX - better warnings inline */
- warningx("%s: %s", errstr,
+ warningx("%s: %s", errbuf,
errno == EAGAIN ? _("too many processes") : strerror(errno));
if (noexit)
debug_return_bool(0);
ostate = &perm_stack[perm_stack_depth - 2];
perm_stack_depth--;
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: uid: [%d, %d] -> [%d, %d]",
+ __func__, (int)state->ruid, (int)state->euid,
+ (int)ostate->ruid, (int)ostate->euid);
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: gid: [%d, %d] -> [%d, %d]",
+ __func__, (int)state->rgid, (int)state->egid,
+ (int)ostate->rgid, (int)ostate->egid);
+
/*
* Since we only have setuid() and seteuid() and semantics
* for these calls differ on various systems, we set
* real and effective uids to ROOT_UID initially to be safe.
*/
if (seteuid(ROOT_UID)) {
- errstr = "seteuid(ROOT_UID)";
+ warningx("seteuid() [%d] -> [%d]", (int)state->euid, ROOT_UID);
goto bad;
}
if (setuid(ROOT_UID)) {
- errstr = "setuid(ROOT_UID)";
+ warningx("setuid() [%d, %d] -> [%d, %d]", (int)state->ruid, ROOT_UID,
+ ROOT_UID, ROOT_UID);
goto bad;
}
- if (setegid(OID(egid))) {
- warning("setegid(%d)", (int)OID(egid));
+ if (OID(egid) != -1 && setegid(ostate->egid)) {
+ warning("setegid(%d)", (int)ostate->egid);
goto bad;
}
if (state->grlist != ostate->grlist) {
goto bad;
}
}
- if (seteuid(OID(euid))) {
- warning("seteuid(%d)", (int)OID(euid));
+ if (OID(euid) != -1 && seteuid(ostate->euid)) {
+ warning("seteuid(%d)", ostate->euid);
goto bad;
}
grlist_delref(state->grlist);
exit(1);
}
-# else /* !HAVE_SETRESUID && !HAVE_SETREUID && !HAVE_SETEUID */
+#else /* !HAVE_SETRESUID && !HAVE_SETREUID && !HAVE_SETEUID */
/*
* Set uids and gids based on perm via setuid() and setgid().
set_perms(int perm)
{
struct perm_state *state, *ostate = NULL;
- const char *errstr;
+ char errbuf[1024];
int noexit;
debug_decl(set_perms, SUDO_DEBUG_PERMS)
CLR(perm, PERM_MASK);
if (perm_stack_depth == PERM_STACK_MAX) {
- errstr = _("perm stack overflow");
+ strlcpy(errbuf, _("perm stack overflow"), sizeof(errbuf));
errno = EINVAL;
goto bad;
}
state = &perm_stack[perm_stack_depth];
if (perm != PERM_INITIAL) {
if (perm_stack_depth == 0) {
- errstr = _("perm stack underflow");
+ strlcpy(errbuf, _("perm stack underflow"), sizeof(errbuf));
errno = EINVAL;
goto bad;
}
ostate = &perm_stack[perm_stack_depth - 1];
- if (memcmp(state, ostate, sizeof(*state)) == 0)
- goto done;
}
switch (perm) {
case PERM_INITIAL:
/* Stash initial state */
- state->ruid = getuid();
+ state->ruid = geteuid() == ROOT_UID ? ROOT_UID : getuid();
state->rgid = getgid();
state->grlist = user_group_list;
grlist_addref(state->grlist);
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_INITIAL: "
+ "ruid: %d, rgid: %d", __func__, (int)state->ruid, (int)state->rgid);
break;
case PERM_ROOT:
state->ruid = ROOT_UID;
- state->rgid = -1;
+ state->rgid = ostate->rgid;
state->grlist = ostate->grlist;
grlist_addref(state->grlist);
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_ROOT: uid: "
+ "[%d] -> [%d]", __func__, (int)ostate->ruid, (int)state->ruid);
if (setuid(ROOT_UID)) {
- errstr = "setuid(ROOT_UID)";
+ snprintf(errbuf, sizeof(errbuf), "PERM_ROOT: setuid(%d)", ROOT_UID);
goto bad;
}
break;
case PERM_FULL_USER:
state->rgid = user_gid;
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_ROOT: gid: "
+ "[%d] -> [%d]", __func__, (int)ostate->rgid, (int)state->rgid);
(void) setgid(user_gid);
state->grlist = user_group_list;
grlist_addref(state->grlist);
if (state->grlist != ostate->grlist) {
if (sudo_setgroups(state->grlist->ngids, state->grlist->gids)) {
- errstr = "setgroups()";
+ strlcpy(errbuf, "PERM_FULL_USER: setgroups", sizeof(errbuf));
goto bad;
}
}
state->ruid = user_uid;
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: PERM_ROOT: uid: "
+ "[%d] -> [%d]", __func__, (int)ostate->ruid, (int)state->ruid);
if (setuid(user_uid)) {
- errstr = "setuid(user_uid)";
+ snprintf(errbuf, sizeof(errbuf),
+ "PERM_FULL_USER: setuid(%d)", user_uid);
goto bad;
}
break;
case PERM_RUNAS:
case PERM_TIMESTAMP:
/* Unsupported since we can't set euid. */
+ state->ruid = ostate->ruid;
+ state->rgid = ostate->rgid;
+ state->grlist = ostate->grlist;
+ grlist_addref(state->grlist);
break;
}
-done:
perm_stack_depth++;
debug_return_bool(1);
bad:
- /* XXX - better warnings inline */
- warningx("%s: %s", errstr,
+ warningx("%s: %s", errbuf,
errno == EAGAIN ? _("too many processes") : strerror(errno));
if (noexit)
debug_return_bool(0);
ostate = &perm_stack[perm_stack_depth - 2];
perm_stack_depth--;
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: uid: [%d] -> [%d]",
+ __func__, (int)state->ruid, (int)ostate->ruid);
+ sudo_debug_printf(SUDO_DEBUG_INFO, "%s: gid: [%d] -> [%d]",
+ __func__, (int)state->rgid, (int)ostate->rgid);
+
if (OID(rgid) != -1 && setgid(ostate->rgid)) {
warning("setgid(%d)", (int)ostate->rgid);
goto bad;
bad:
exit(1);
}
-# endif /* HAVE_SETEUID */
-# endif /* HAVE_SETREUID */
-#endif /* HAVE_SETRESUID */
+#endif /* HAVE_SETRESUID || HAVE_SETREUID || HAVE_SETEUID */
+#if defined(HAVE_SETRESUID) || defined(HAVE_SETREUID) || defined(HAVE_SETEUID)
static struct group_list *
runas_setgroups(void)
{
aix_restoreauthdb();
#endif
if (sudo_setgroups(grlist->ngids, grlist->gids) < 0)
- log_error(USE_ERRNO|MSG_ONLY, _("unable to set runas group vector"));
+ log_fatal(USE_ERRNO|MSG_ONLY, _("unable to set runas group vector"));
debug_return_ptr(grlist);
}
+#endif /* HAVE_SETRESUID || HAVE_SETREUID || HAVE_SETEUID */
# ifndef LOGIN_DEFROOTCLASS
# define LOGIN_DEFROOTCLASS "daemon"
# endif
+# ifndef LOGIN_SETENV
+# define LOGIN_SETENV 0
+# endif
#endif
#ifdef HAVE_SELINUX
# include <selinux/selinux.h>
#include "interfaces.h"
#include "sudoers_version.h"
#include "auth/sudo_auth.h"
+#include "secure_path.h"
/*
* Prototypes
static void set_runasgr(const char *);
static int cb_runas_default(const char *);
static int sudoers_policy_version(int verbose);
-static int deserialize_info(char * const settings[], char * const user_info[]);
+static int deserialize_info(char * const args[], char * const settings[],
+ char * const user_info[]);
static char *find_editor(int nfiles, char **files, char ***argv_out);
static void create_admin_success_flag(void);
/*
* Globals
*/
-const char *sudoers_file = _PATH_SUDOERS;
-mode_t sudoers_mode = SUDOERS_MODE;
-uid_t sudoers_uid = SUDOERS_UID;
-gid_t sudoers_gid = SUDOERS_GID;
struct sudo_user sudo_user;
struct passwd *list_pw;
struct interface *interfaces;
sudo_printf_t sudo_printf;
int sudo_mode;
+static int sudo_version;
static char *prev_user;
static char *runas_user;
static char *runas_group;
static int
sudoers_policy_open(unsigned int version, sudo_conv_t conversation,
sudo_printf_t plugin_printf, char * const settings[],
- char * const user_info[], char * const envp[])
+ char * const user_info[], char * const envp[], char * const args[])
{
volatile int sources = 0;
sigaction_t sa;
struct sudo_nss *nss;
debug_decl(sudoers_policy_open, SUDO_DEBUG_PLUGIN)
+ sudo_version = version;
if (!sudo_conv)
sudo_conv = conversation;
if (!sudo_printf)
sudo_printf = plugin_printf;
+ /* Plugin args are only specified for API version 1.2 and higher. */
+ if (sudo_version < SUDO_API_MKVERSION(1, 2))
+ args = NULL;
+
if (sigsetjmp(error_jmp, 1)) {
- /* called via error(), errorx() or log_error() */
+ /* called via error(), errorx() or log_fatal() */
rewind_perms();
debug_return_bool(-1);
}
/* Setup defaults data structures. */
init_defaults();
- /* Parse settings and user_info */
- sudo_mode = deserialize_info(settings, user_info);
+ /* Parse args, settings and user_info */
+ sudo_mode = deserialize_info(args, settings, user_info);
init_vars(envp); /* XXX - move this later? */
if (nss->open(nss) == 0 && nss->parse(nss) == 0) {
sources++;
if (nss->setdefs(nss) != 0)
- log_error(NO_STDERR|NO_EXIT, _("problem with defaults entries"));
+ log_error(NO_STDERR, _("problem with defaults entries"));
}
}
if (sources == 0) {
set_runaspw(runas_user ? runas_user : def_runas_default);
if (!update_defaults(SETDEF_RUNAS))
- log_error(NO_STDERR|NO_EXIT, _("problem with defaults entries"));
+ log_error(NO_STDERR, _("problem with defaults entries"));
if (def_fqdn)
set_fqdn(); /* deferred until after sudoers is parsed */
debug_decl(sudoers_policy_close, SUDO_DEBUG_PLUGIN)
if (sigsetjmp(error_jmp, 1)) {
- /* called via error(), errorx() or log_error() */
+ /* called via error(), errorx() or log_fatal() */
debug_return;
}
* and before uid/gid changes occur.
*/
static int
-sudoers_policy_init_session(struct passwd *pwd)
+sudoers_policy_init_session(struct passwd *pwd, char **user_env[])
{
debug_decl(sudoers_policy_init, SUDO_DEBUG_PLUGIN)
+ /* user_env is only specified for API version 1.2 and higher. */
+ if (sudo_version < SUDO_API_MKVERSION(1, 2))
+ user_env = NULL;
+
if (sigsetjmp(error_jmp, 1)) {
- /* called via error(), errorx() or log_error() */
+ /* called via error(), errorx() or log_fatal() */
return -1;
}
- debug_return_bool(sudo_auth_begin_session(pwd));
+ debug_return_bool(sudo_auth_begin_session(pwd, user_env));
}
static int
debug_decl(sudoers_policy_main, SUDO_DEBUG_PLUGIN)
if (sigsetjmp(error_jmp, 1)) {
- /* error recovery via error(), errorx() or log_error() */
+ /* error recovery via error(), errorx() or log_fatal() */
rval = -1;
goto done;
}
pw = sudo_getpwuid(atoi(def_timestampowner + 1));
else
pw = sudo_getpwnam(def_timestampowner);
- if (!pw)
+ if (pw != NULL) {
+ timestamp_uid = pw->pw_uid;
+ pw_delref(pw);
+ } else {
log_error(0, _("timestamp owner (%s): No such user"),
def_timestampowner);
- timestamp_uid = pw->pw_uid;
- pw_delref(pw);
+ timestamp_uid = ROOT_UID;
+ }
}
/* If no command line args and "shell_noargs" is not set, error out. */
NewArgv[1] = "--login";
}
-#if defined(__linux__) || defined(_AIX)
+#if defined(_AIX) || (defined(__linux__) && !defined(HAVE_PAM))
/* Insert system-wide environment variables. */
read_env_file(_PATH_ENVIRONMENT, true);
#endif
+#ifdef HAVE_LOGIN_CAP_H
+ /* Set environment based on login class. */
+ if (login_class) {
+ login_cap_t *lc = login_getclass(login_class);
+ if (lc != NULL) {
+ setusercontext(lc, runas_pw, runas_pw->pw_uid, LOGIN_SETPATH|LOGIN_SETENV);
+ login_close(lc);
+ }
+ }
+#endif /* HAVE_LOGIN_CAP_H */
}
/* Insert system-wide environment variables. */
*command_infop = command_info;
*argv_out = edit_argv ? edit_argv : NewArgv;
- *user_env_out = env_get(); /* our private copy */
+
+ /* Get private version of the environment and zero out stashed copy. */
+ *user_env_out = env_get();
+ env_init(NULL);
goto done;
if (sudo_mode == MODE_KILL || sudo_mode == MODE_INVALIDATE)
errorx(1, _("unknown uid: %u"), (unsigned int) user_uid);
- /* Need to make a fake struct passwd for the call to log_error(). */
+ /* Need to make a fake struct passwd for the call to log_fatal(). */
sudo_user.pw = sudo_fakepwnamid(user_name, user_uid, user_gid);
- log_error(0, _("unknown uid: %u"), (unsigned int) user_uid);
+ log_fatal(0, _("unknown uid: %u"), (unsigned int) user_uid);
/* NOTREACHED */
}
/* Set runas callback. */
sudo_defs_table[I_RUNAS_DEFAULT].callback = cb_runas_default;
- /* It is now safe to use log_error() and set_perms() */
+ /* It is now safe to use log_fatal() and set_perms() */
debug_return;
}
/* Resolve the path and return. */
rval = FOUND;
- user_stat = emalloc(sizeof(struct stat));
+ user_stat = ecalloc(1, sizeof(struct stat));
/* Default value for cmnd, overridden below. */
if (user_cmnd == NULL)
user_base = user_cmnd;
if (!update_defaults(SETDEF_CMND))
- log_error(NO_STDERR|NO_EXIT, _("problem with defaults entries"));
+ log_error(NO_STDERR, _("problem with defaults entries"));
debug_return_int(rval);
}
FILE *
open_sudoers(const char *sudoers, bool doedit, bool *keepopen)
{
- struct stat statbuf;
+ struct stat sb;
FILE *fp = NULL;
- int rootstat;
debug_decl(open_sudoers, SUDO_DEBUG_PLUGIN)
- /*
- * Fix the mode and group on sudoers file from old default.
- * Only works if file system is readable/writable by root.
- */
- if ((rootstat = stat_sudoers(sudoers, &statbuf)) == 0 &&
- sudoers_uid == statbuf.st_uid && sudoers_mode != 0400 &&
- (statbuf.st_mode & 0007777) == 0400) {
-
- if (chmod(sudoers, sudoers_mode) == 0) {
- warningx(_("fixed mode on %s"), sudoers);
- SET(statbuf.st_mode, sudoers_mode);
- if (statbuf.st_gid != sudoers_gid) {
- if (chown(sudoers, (uid_t) -1, sudoers_gid) == 0) {
- warningx(_("set group on %s"), sudoers);
- statbuf.st_gid = sudoers_gid;
- } else
- warning(_("unable to set group on %s"), sudoers);
- }
- } else
- warning(_("unable to fix mode on %s"), sudoers);
- }
-
- /*
- * Sanity checks on sudoers file. Must be done as sudoers
- * file owner. We already did a stat as root, so use that
- * data if we can't stat as sudoers file owner.
- */
set_perms(PERM_SUDOERS);
- if (rootstat != 0 && stat_sudoers(sudoers, &statbuf) != 0)
- log_error(USE_ERRNO|NO_EXIT, _("unable to stat %s"), sudoers);
- else if (!S_ISREG(statbuf.st_mode))
- log_error(NO_EXIT, _("%s is not a regular file"), sudoers);
- else if ((statbuf.st_mode & 07577) != (sudoers_mode & 07577))
- log_error(NO_EXIT, _("%s is mode 0%o, should be 0%o"), sudoers,
- (unsigned int) (statbuf.st_mode & 07777),
- (unsigned int) sudoers_mode);
- else if (statbuf.st_uid != sudoers_uid)
- log_error(NO_EXIT, _("%s is owned by uid %u, should be %u"), sudoers,
- (unsigned int) statbuf.st_uid, (unsigned int) sudoers_uid);
- else if (statbuf.st_gid != sudoers_gid && ISSET(statbuf.st_mode, S_IRGRP|S_IWGRP))
- log_error(NO_EXIT, _("%s is owned by gid %u, should be %u"), sudoers,
- (unsigned int) statbuf.st_gid, (unsigned int) sudoers_gid);
- else if ((fp = fopen(sudoers, "r")) == NULL)
- log_error(USE_ERRNO|NO_EXIT, _("unable to open %s"), sudoers);
- else {
- /*
- * Make sure we can actually read sudoers so we can present the
- * user with a reasonable error message (unlike the lexer).
- */
- if (statbuf.st_size != 0 && fgetc(fp) == EOF) {
- log_error(USE_ERRNO|NO_EXIT, _("unable to read %s"), sudoers);
- fclose(fp);
- fp = NULL;
- }
- }
-
- if (fp != NULL) {
- rewind(fp);
- (void) fcntl(fileno(fp), F_SETFD, 1);
+ switch (sudo_secure_file(sudoers, sudoers_uid, sudoers_gid, &sb)) {
+ case SUDO_PATH_SECURE:
+ if ((fp = fopen(sudoers, "r")) == NULL) {
+ log_error(USE_ERRNO, _("unable to open %s"), sudoers);
+ } else {
+ /*
+ * Make sure we can actually read sudoers so we can present the
+ * user with a reasonable error message (unlike the lexer).
+ */
+ if (sb.st_size != 0 && fgetc(fp) == EOF) {
+ log_error(USE_ERRNO, _("unable to read %s"),
+ sudoers);
+ fclose(fp);
+ fp = NULL;
+ } else {
+ /* Rewind fp and set close on exec flag. */
+ rewind(fp);
+ (void) fcntl(fileno(fp), F_SETFD, 1);
+ }
+ }
+ break;
+ case SUDO_PATH_MISSING:
+ log_error(USE_ERRNO, _("unable to stat %s"), sudoers);
+ break;
+ case SUDO_PATH_BAD_TYPE:
+ log_error(0, _("%s is not a regular file"), sudoers);
+ break;
+ case SUDO_PATH_WRONG_OWNER:
+ log_error(0, _("%s is owned by uid %u, should be %u"),
+ sudoers, (unsigned int) sb.st_uid, (unsigned int) sudoers_uid);
+ break;
+ case SUDO_PATH_WORLD_WRITABLE:
+ log_error(0, _("%s is world writable"), sudoers);
+ break;
+ case SUDO_PATH_GROUP_WRITABLE:
+ log_error(0, _("%s is owned by gid %u, should be %u"),
+ sudoers, (unsigned int) sb.st_gid, (unsigned int) sudoers_gid);
+ break;
+ default:
+ /* NOTREACHED */
+ break;
}
restore_perms(); /* change back to root */
+
debug_return_ptr(fp);
}
static void
set_loginclass(struct passwd *pw)
{
- int errflags;
+ const int errflags = NO_MAIL|MSG_ONLY;
login_cap_t *lc;
debug_decl(set_loginclass, SUDO_DEBUG_PLUGIN)
if (!def_use_loginclass)
debug_return;
- /*
- * Don't make it a fatal error if the user didn't specify the login
- * class themselves. We do this because if login.conf gets
- * corrupted we want the admin to be able to use sudo to fix it.
- */
- if (login_class)
- errflags = NO_MAIL|MSG_ONLY;
- else
- errflags = NO_MAIL|MSG_ONLY|NO_EXIT;
-
if (login_class && strcmp(login_class, "-") != 0) {
if (user_uid != 0 &&
strcmp(runas_user ? runas_user : def_runas_default, "root") != 0)
/* Make sure specified login class is valid. */
lc = login_getclass(login_class);
if (!lc || !lc->lc_class || strcmp(lc->lc_class, login_class) != 0) {
- log_error(errflags, _("unknown login class: %s"), login_class);
+ /*
+ * Don't make it a fatal error if the user didn't specify the login
+ * class themselves. We do this because if login.conf gets
+ * corrupted we want the admin to be able to use sudo to fix it.
+ */
+ if (login_class)
+ log_fatal(errflags, _("unknown login class: %s"), login_class);
+ else
+ log_error(errflags, _("unknown login class: %s"), login_class);
def_use_loginclass = false;
}
login_close(lc);
hint.ai_family = PF_UNSPEC;
hint.ai_flags = AI_CANONNAME;
if (getaddrinfo(user_host, NULL, &hint, &res0) != 0) {
- log_error(MSG_ONLY|NO_EXIT,
- _("unable to resolve host %s"), user_host);
+ log_error(MSG_ONLY, _("unable to resolve host %s"), user_host);
} else {
if (user_shost != user_host)
efree(user_shost);
runas_pw = sudo_fakepwnam(user, runas_gr ? runas_gr->gr_gid : 0);
} else {
if ((runas_pw = sudo_getpwnam(user)) == NULL)
- log_error(NO_MAIL|MSG_ONLY, _("unknown user: %s"), user);
+ log_fatal(NO_MAIL|MSG_ONLY, _("unknown user: %s"), user);
}
debug_return;
}
runas_gr = sudo_fakegrnam(group);
} else {
if ((runas_gr = sudo_getgrnam(group)) == NULL)
- log_error(NO_MAIL|MSG_ONLY, _("unknown group: %s"), group);
+ log_fatal(NO_MAIL|MSG_ONLY, _("unknown group: %s"), group);
}
debug_return;
}
debug_decl(sudoers_policy_version, SUDO_DEBUG_PLUGIN)
if (sigsetjmp(error_jmp, 1)) {
- /* error recovery via error(), errorx() or log_error() */
+ /* error recovery via error(), errorx() or log_fatal() */
debug_return_bool(-1);
}
}
static int
-deserialize_info(char * const settings[], char * const user_info[])
+deserialize_info(char * const args[], char * const settings[], char * const user_info[])
{
char * const *cur;
const char *p, *groups = NULL;
#define MATCHES(s, v) (strncmp(s, v, sizeof(v) - 1) == 0)
+ /* Parse sudo.conf plugin args. */
+ if (args != NULL) {
+ for (cur = args; *cur != NULL; cur++) {
+ if (MATCHES(*cur, "sudoers_file=")) {
+ sudoers_file = *cur + sizeof("sudoers_file=") - 1;
+ continue;
+ }
+ if (MATCHES(*cur, "sudoers_uid=")) {
+ sudoers_uid = (uid_t) atoi(*cur + sizeof("sudoers_uid=") - 1);
+ continue;
+ }
+ if (MATCHES(*cur, "sudoers_gid=")) {
+ sudoers_gid = (gid_t) atoi(*cur + sizeof("sudoers_gid=") - 1);
+ continue;
+ }
+ if (MATCHES(*cur, "sudoers_mode=")) {
+ sudoers_mode = (mode_t) strtol(*cur + sizeof("sudoers_mode=") - 1,
+ NULL, 8);
+ continue;
+ }
+ }
+ }
+
/* Parse command line settings. */
user_closefrom = -1;
for (cur = settings; *cur != NULL; cur++) {
set_interfaces(interfaces_string);
continue;
}
- if (MATCHES(*cur, "sudoers_file=")) {
- sudoers_file = *cur + sizeof("sudoers_file=") - 1;
- continue;
- }
- if (MATCHES(*cur, "sudoers_uid=")) {
- sudoers_uid = (uid_t) atoi(*cur + sizeof("sudoers_uid=") - 1);
- continue;
- }
- if (MATCHES(*cur, "sudoers_gid=")) {
- sudoers_gid = (gid_t) atoi(*cur + sizeof("sudoers_gid=") - 1);
- continue;
- }
- if (MATCHES(*cur, "sudoers_mode=")) {
- sudoers_mode = (mode_t) strtol(*cur + sizeof("sudoers_mode=") - 1,
- NULL, 8);
- continue;
- }
}
for (cur = user_info; *cur != NULL; cur++) {
}
#endif /* USE_ADMIN_FLAG */
+static void
+sudoers_policy_register_hooks(int version, int (*register_hook)(struct sudo_hook *hook))
+{
+ struct sudo_hook hook;
+
+ memset(&hook, 0, sizeof(hook));
+ hook.hook_version = SUDO_HOOK_VERSION;
+
+ hook.hook_type = SUDO_HOOK_SETENV;
+ hook.hook_fn = sudoers_hook_setenv;
+ register_hook(&hook);
+
+ hook.hook_type = SUDO_HOOK_UNSETENV;
+ hook.hook_fn = sudoers_hook_unsetenv;
+ register_hook(&hook);
+
+ hook.hook_type = SUDO_HOOK_GETENV;
+ hook.hook_fn = sudoers_hook_getenv;
+ register_hook(&hook);
+
+ hook.hook_type = SUDO_HOOK_PUTENV;
+ hook.hook_fn = sudoers_hook_putenv;
+ register_hook(&hook);
+}
+
struct policy_plugin sudoers_policy = {
SUDO_POLICY_PLUGIN,
SUDO_API_VERSION,
sudoers_policy_list,
sudoers_policy_validate,
sudoers_policy_invalidate,
- sudoers_policy_init_session
+ sudoers_policy_init_session,
+ sudoers_policy_register_hooks
};
bool user_is_exempt(void);
/* sudo_auth.c */
-int verify_user(struct passwd *, char *);
-int sudo_auth_begin_session(struct passwd *);
-int sudo_auth_end_session(struct passwd *);
+int verify_user(struct passwd *pw, char *prompt);
+int sudo_auth_begin_session(struct passwd *pw, char **user_env[]);
+int sudo_auth_end_session(struct passwd *pw);
int sudo_auth_init(struct passwd *pw);
int sudo_auth_cleanup(struct passwd *pw);
/* toke.l */
YY_DECL;
+extern const char *sudoers_file;
+extern mode_t sudoers_mode;
+extern uid_t sudoers_uid;
+extern gid_t sudoers_gid;
/* defaults.c */
void dump_defaults(void);
/* env.c */
char **env_get(void);
+void env_merge(char * const envp[], bool overwrite);
void env_init(char * const envp[]);
void init_envtables(void);
void insert_env_vars(char * const envp[]);
void read_env_file(const char *, int);
void rebuild_env(void);
void validate_env_vars(char * const envp[]);
+int sudo_setenv(const char *var, const char *val, int overwrite);
+int sudo_unsetenv(const char *var);
+char *sudo_getenv(const char *name);
+int sudoers_hook_getenv(const char *name, char **value, void *closure);
+int sudoers_hook_putenv(char *string, void *closure);
+int sudoers_hook_setenv(const char *name, const char *value, int overwrite, void *closure);
+int sudoers_hook_unsetenv(const char *name, void *closure);
/* fmt_string.c */
char *fmt_string(const char *, const char *);
#ifndef _SUDO_MAIN
extern struct sudo_user sudo_user;
extern struct passwd *list_pw;
-extern const char *sudoers_file;
-extern mode_t sudoers_mode;
-extern uid_t sudoers_uid;
-extern gid_t sudoers_gid;
extern int long_list;
extern int sudo_mode;
extern uid_t timestamp_uid;
char *tty;
char *cmd;
time_t tstamp;
+ int rows;
+ int cols;
};
/*
extern char *get_timestr(time_t, int);
extern int term_raw(int, int);
extern int term_restore(int, int);
-extern void zero_bytes(volatile void *, size_t);
+extern void get_ttysize(int *rowp, int *colp);
void cleanup(int);
static int list_sessions(int, char **, const char *, const char *, const char *);
static void usage(int);
static int open_io_fd(char *pathbuf, int len, const char *suffix, union io_fd *fdp);
static int parse_timing(const char *buf, const char *decimal, int *idx, double *seconds, size_t *nbytes);
+static struct log_info *parse_logfile(char *logfile);
+static void free_log_info(struct log_info *li);
#ifdef HAVE_REGCOMP
# define REGEX_T regex_t
(s)[5] == '/' && \
isalnum((unsigned char)(s)[6]) && isalnum((unsigned char)(s)[7]) && \
(s)[8] == '/' && (s)[9] == 'l' && (s)[10] == 'o' && (s)[11] == 'g' && \
- (s)[9] == '\0')
+ (s)[12] == '\0')
int
main(int argc, char *argv[])
{
- int ch, idx, plen, nready, exitcode = 0, interactive = 0, listonly = 0;
+ int ch, idx, plen, nready, exitcode = 0, rows = 0, cols = 0;
+ bool interactive = false, listonly = false;
const char *id, *user = NULL, *pattern = NULL, *tty = NULL, *decimal = ".";
char path[PATH_MAX], buf[LINE_MAX], *cp, *ep;
double seconds, to_wait, speed = 1.0, max_wait = 0;
- FILE *lfile;
fd_set *fdsw;
sigaction_t sa;
size_t len, nbytes, nread, off;
ssize_t nwritten;
+ struct log_info *li;
debug_decl(main, SUDO_DEBUG_MAIN)
#if defined(SUDO_DEVEL) && defined(__OpenBSD__)
help();
/* NOTREACHED */
case 'l':
- listonly = 1;
+ listonly = true;
break;
case 'm':
errno = 0;
}
}
- /* Read log file. */
+ /* Parse log file. */
path[plen] = '\0';
strlcat(path, "/log", sizeof(path));
- lfile = fopen(path, "r");
- if (lfile == NULL)
- error(1, _("unable to open %s"), path);
- cp = NULL;
- len = 0;
- /* Pull out command (third line). */
- if (getline(&cp, &len, lfile) == -1 ||
- getline(&cp, &len, lfile) == -1 ||
- getline(&cp, &len, lfile) == -1) {
- errorx(1, _("invalid log file %s"), path);
+ if ((li = parse_logfile(path)) == NULL)
+ exit(1);
+ printf(_("Replaying sudo session: %s\n"), li->cmd);
+
+ /* Make sure the terminal is large enough. */
+ get_ttysize(&rows, &cols);
+ if (li->rows != 0 && li->cols != 0) {
+ if (li->rows > rows) {
+ printf(_("Warning: your terminal is too small to properly replay the log.\n"));
+ printf(_("Log geometry is %d x %d, your terminal's geometry is %d x %d."), li->rows, li->cols, rows, cols);
+ }
}
- printf(_("Replaying sudo session: %s"), cp);
- free(cp);
- fclose(lfile);
+
+ /* Done with parsed log file. */
+ free_log_info(li);
+ li = NULL;
fflush(stdout);
- zero_bytes(&sa, sizeof(sa));
+ memset(&sa, 0, sizeof(sa));
sigemptyset(&sa.sa_mask);
sa.sa_flags = SA_RESETHAND;
sa.sa_handler = cleanup;
if (!term_raw(STDIN_FILENO, 1))
error(1, _("unable to set tty to raw mode"));
}
- fdsw = (fd_set *)emalloc2(howmany(STDOUT_FILENO + 1, NFDBITS),
- sizeof(fd_mask));
+ fdsw = ecalloc(howmany(STDOUT_FILENO + 1, NFDBITS), sizeof(fd_mask));
/*
* Timing file consists of line of the format: "%f %d\n"
}
/* Allocate new search node */
- newsn = emalloc(sizeof(*newsn));
- newsn->next = NULL;
+ newsn = ecalloc(1, sizeof(*newsn));
newsn->type = type;
newsn->or = or;
newsn->negated = not;
+ /* newsn->next = NULL; */
if (type == ST_EXPR) {
av += parse_expr(&newsn->u.expr, av + 1);
} else {
match_expr(struct search_node *head, struct log_info *log)
{
struct search_node *sn;
- bool matched = true, rc;
+ bool matched = true;
+ int rc;
debug_decl(match_expr, SUDO_DEBUG_UTIL)
for (sn = head; sn; sn = sn->next) {
debug_return_bool(matched);
}
-static int
-list_session(char *logfile, REGEX_T *re, const char *user, const char *tty)
+static struct log_info *
+parse_logfile(char *logfile)
{
FILE *fp;
- char *buf = NULL, *cmd = NULL, *cwd = NULL, idbuf[7], *idstr, *cp;
- struct log_info li;
+ char *buf = NULL, *cp, *ep;
size_t bufsize = 0, cwdsize = 0, cmdsize = 0;
- int rval = -1;
+ struct log_info *li = NULL;
debug_decl(list_session, SUDO_DEBUG_UTIL)
fp = fopen(logfile, "r");
if (fp == NULL) {
warning(_("unable to open %s"), logfile);
- goto done;
+ goto bad;
}
/*
* 2) cwd
* 3) command with args
*/
+ li = ecalloc(1, sizeof(*li));
if (getline(&buf, &bufsize, fp) == -1 ||
- getline(&cwd, &cwdsize, fp) == -1 ||
- getline(&cmd, &cmdsize, fp) == -1) {
- goto done;
+ getline(&li->cwd, &cwdsize, fp) == -1 ||
+ getline(&li->cmd, &cmdsize, fp) == -1) {
+ goto bad;
}
- /* crack the log line: timestamp:user:runas_user:runas_group:tty */
+ /* Strip the newline from the cwd and command. */
+ li->cwd[strcspn(li->cwd, "\n")] = '\0';
+ li->cmd[strcspn(li->cmd, "\n")] = '\0';
+
+ /*
+ * Crack the log line (rows and cols not present in old versions).
+ * timestamp:user:runas_user:runas_group:tty:rows:cols
+ */
buf[strcspn(buf, "\n")] = '\0';
- if ((li.tstamp = atoi(buf)) == 0)
- goto done;
- if ((cp = strchr(buf, ':')) == NULL)
- goto done;
- *cp++ = '\0';
- li.user = cp;
+ /* timestamp */
+ if ((ep = strchr(buf, ':')) == NULL)
+ goto bad;
+ if ((li->tstamp = atoi(buf)) == 0)
+ goto bad;
- if ((cp = strchr(cp, ':')) == NULL)
- goto done;
- *cp++ = '\0';
- li.runas_user = cp;
+ /* user */
+ cp = ep + 1;
+ if ((ep = strchr(cp, ':')) == NULL)
+ goto bad;
+ li->user = estrndup(cp, (size_t)(ep - cp));
- if ((cp = strchr(cp, ':')) == NULL)
- goto done;
- *cp++ = '\0';
- li.runas_group = cp;
+ /* runas user */
+ cp = ep + 1;
+ if ((ep = strchr(cp, ':')) == NULL)
+ goto bad;
+ li->runas_user = estrndup(cp, (size_t)(ep - cp));
- if ((cp = strchr(cp, ':')) == NULL)
- goto done;
- *cp++ = '\0';
- li.tty = cp;
+ /* runas group */
+ cp = ep + 1;
+ if ((ep = strchr(cp, ':')) == NULL)
+ goto bad;
+ if (cp != ep)
+ li->runas_group = estrndup(cp, (size_t)(ep - cp));
+
+ /* tty, followed by optional rows + columns */
+ cp = ep + 1;
+ if ((ep = strchr(cp, ':')) == NULL) {
+ li->tty = estrdup(cp);
+ } else {
+ li->tty = estrndup(cp, (size_t)(ep - cp));
+ cp = ep + 1;
+ li->rows = atoi(cp);
+ if ((ep = strchr(cp, ':')) != NULL) {
+ cp = ep + 1;
+ li->cols = atoi(cp);
+ }
+ }
+ fclose(fp);
+ efree(buf);
+ debug_return_ptr(li);
+
+bad:
+ fclose(fp);
+ efree(buf);
+ free_log_info(li);
+ debug_return_ptr(NULL);
+}
- cwd[strcspn(cwd, "\n")] = '\0';
- li.cwd = cwd;
+static void
+free_log_info(struct log_info *li)
+{
+ if (li != NULL) {
+ efree(li->cwd);
+ efree(li->user);
+ efree(li->runas_user);
+ efree(li->runas_group);
+ efree(li->tty);
+ efree(li->cmd);
+ efree(li);
+ }
+}
- cmd[strcspn(cmd, "\n")] = '\0';
- li.cmd = cmd;
+static int
+list_session(char *logfile, REGEX_T *re, const char *user, const char *tty)
+{
+ char idbuf[7], *idstr, *cp;
+ struct log_info *li;
+ int rval = -1;
+ debug_decl(list_session, SUDO_DEBUG_UTIL)
+
+ if ((li = parse_logfile(logfile)) == NULL)
+ goto done;
/* Match on search expression if there is one. */
- if (search_expr && !match_expr(search_expr, &li))
+ if (search_expr && !match_expr(search_expr, li))
goto done;
/* Convert from /var/log/sudo-sessions/00/00/01/log to 000001 */
cp = logfile + strlen(session_dir) + 1;
if (IS_IDLOG(cp)) {
- idbuf[0] = cp[7];
- idbuf[1] = cp[6];
- idbuf[2] = cp[4];
- idbuf[3] = cp[3];
- idbuf[4] = cp[1];
- idbuf[5] = cp[0];
+ idbuf[0] = cp[0];
+ idbuf[1] = cp[1];
+ idbuf[2] = cp[3];
+ idbuf[3] = cp[4];
+ idbuf[4] = cp[6];
+ idbuf[5] = cp[7];
idbuf[6] = '\0';
idstr = idbuf;
} else {
cp[strlen(cp) - 4] = '\0';
idstr = cp;
}
+ /* XXX - print rows + cols? */
printf("%s : %s : TTY=%s ; CWD=%s ; USER=%s ; ",
- get_timestr(li.tstamp, 1), li.user, li.tty, li.cwd, li.runas_user);
- if (*li.runas_group)
- printf("GROUP=%s ; ", li.runas_group);
- printf("TSID=%s ; COMMAND=%s\n", idstr, li.cmd);
+ get_timestr(li->tstamp, 1), li->user, li->tty, li->cwd, li->runas_user);
+ if (li->runas_group)
+ printf("GROUP=%s ; ", li->runas_group);
+ printf("TSID=%s ; COMMAND=%s\n", idstr, li->cmd);
rval = 0;
done:
- fclose(fp);
+ free_log_info(li);
debug_return_int(rval);
}
+static int
+session_compare(const void *v1, const void *v2)
+{
+ const char *s1 = *(const char **)v1;
+ const char *s2 = *(const char **)v2;
+ return strcmp(s1, s2);
+}
+
/* XXX - always returns 0, calls error() on failure */
static int
find_sessions(const char *dir, REGEX_T *re, const char *user, const char *tty)
DIR *d;
struct dirent *dp;
struct stat sb;
- size_t sdlen;
- int len;
- char pathbuf[PATH_MAX];
+ size_t sdlen, sessions_len = 0, sessions_size = 36*36;
+ int i, len;
+ char pathbuf[PATH_MAX], **sessions = NULL;
debug_decl(find_sessions, SUDO_DEBUG_UTIL)
d = opendir(dir);
}
pathbuf[sdlen++] = '/';
pathbuf[sdlen] = '\0';
+
+ /* Store potential session dirs for sorting. */
+ sessions = emalloc2(sessions_size, sizeof(char *));
while ((dp = readdir(d)) != NULL) {
/* Skip "." and ".." */
if (dp->d_name[0] == '.' && (dp->d_name[1] == '\0' ||
(dp->d_name[1] == '.' && dp->d_name[2] == '\0')))
continue;
+#ifdef HAVE_STRUCT_DIRENT_D_TYPE
+ if (dp->d_type != DT_DIR)
+ continue;
+#endif
+ /* Add name to session list. */
+ if (sessions_len + 1 > sessions_size) {
+ sessions_size <<= 1;
+ sessions = erealloc3(sessions, sessions_size, sizeof(char *));
+ }
+ sessions[sessions_len++] = estrdup(dp->d_name);
+ }
+ closedir(d);
+
+ /* Sort and list the sessions. */
+ qsort(sessions, sessions_len, sizeof(char *), session_compare);
+ for (i = 0; i < sessions_len; i++) {
len = snprintf(&pathbuf[sdlen], sizeof(pathbuf) - sdlen,
- "%s/log", dp->d_name);
+ "%s/log", sessions[i]);
if (len <= 0 || len >= sizeof(pathbuf) - sdlen) {
errno = ENAMETOOLONG;
- error(1, "%s/%s/log", dir, dp->d_name);
+ error(1, "%s/%s/log", dir, sessions[i]);
}
+ efree(sessions[i]);
/* Check for dir with a log file. */
if (lstat(pathbuf, &sb) == 0 && S_ISREG(sb.st_mode)) {
} else {
/* Strip off "/log" and recurse if a dir. */
pathbuf[sdlen + len - 4] = '\0';
+#ifndef HAVE_STRUCT_DIRENT_D_TYPE
if (lstat(pathbuf, &sb) == 0 && S_ISDIR(sb.st_mode))
+#endif
find_sessions(pathbuf, re, user, tty);
}
}
- closedir(d);
+ efree(sessions);
debug_return_int(0);
}
ssize_t n;
debug_decl(check_input, SUDO_DEBUG_UTIL)
- fdsr = (fd_set *)emalloc2(howmany(ttyfd + 1, NFDBITS), sizeof(fd_mask));
-
+ fdsr = ecalloc(howmany(ttyfd + 1, NFDBITS), sizeof(fd_mask));
for (;;) {
FD_SET(ttyfd, fdsr);
tv.tv_sec = 0;
/* A lexical scanner generated by flex */
/* Scanner skeleton version:
- * $Header: /home/cvs/openbsd/src/usr.bin/lex/flex.skl,v 1.11 2010/08/04 18:24:50 millert Exp $
+ * $Header: /cvs/src/usr.bin/lex/flex.skl,v 1.11 2010/08/04 18:24:50 millert Exp $
*/
#define FLEX_SCANNER
#define INITIAL 0
#line 2 "toke.l"
/*
- * Copyright (c) 1996, 1998-2005, 2007-2011
+ * Copyright (c) 1996, 1998-2005, 2007-2012
* Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
#include "toke.h"
#include <gram.h>
#include "lbuf.h"
+#include "secure_path.h"
extern YYSTYPE yylval;
extern bool parse_error;
+extern bool sudoers_warnings;
int sudolineno;
int last_token;
char *sudoers;
+/* Default sudoers path, mode and owner (may be set via sudo.conf) */
+const char *sudoers_file = _PATH_SUDOERS;
+mode_t sudoers_mode = SUDOERS_MODE;
+uid_t sudoers_uid = SUDOERS_UID;
+gid_t sudoers_gid = SUDOERS_GID;
+
static bool continued, sawspace;
static int prev_state;
return (n); \
} while (0)
+#define ECHO ignore_result(fwrite(yytext, yyleng, 1, yyout))
+
#define push_include(_p) (_push_include((_p), false))
#define push_includedir(_p) (_push_include((_p), true))
#define YY_NO_INPUT 1
#define INSTR 5
-#line 1515 "lex.yy.c"
+#line 1525 "lex.yy.c"
/* Macros after this point can all be overridden by user definitions in
* section 1.
register char *yy_cp, *yy_bp;
register int yy_act;
-#line 123 "toke.l"
+#line 133 "toke.l"
-#line 1671 "lex.yy.c"
+#line 1681 "lex.yy.c"
if ( yy_init )
{
case 1:
YY_RULE_SETUP
-#line 124 "toke.l"
+#line 134 "toke.l"
{
LEXTRACE(", ");
LEXRETURN(',');
YY_BREAK
case 2:
YY_RULE_SETUP
-#line 129 "toke.l"
+#line 139 "toke.l"
BEGIN STARTDEFS;
YY_BREAK
case 3:
YY_RULE_SETUP
-#line 131 "toke.l"
+#line 141 "toke.l"
{
BEGIN INDEFS;
LEXTRACE("DEFVAR ");
case 4:
YY_RULE_SETUP
-#line 140 "toke.l"
+#line 150 "toke.l"
{
BEGIN STARTDEFS;
LEXTRACE(", ");
YY_BREAK
case 5:
YY_RULE_SETUP
-#line 146 "toke.l"
+#line 156 "toke.l"
{
LEXTRACE("= ");
LEXRETURN('=');
YY_BREAK
case 6:
YY_RULE_SETUP
-#line 151 "toke.l"
+#line 161 "toke.l"
{
LEXTRACE("+= ");
LEXRETURN('+');
YY_BREAK
case 7:
YY_RULE_SETUP
-#line 156 "toke.l"
+#line 166 "toke.l"
{
LEXTRACE("-= ");
LEXRETURN('-');
YY_BREAK
case 8:
YY_RULE_SETUP
-#line 161 "toke.l"
+#line 171 "toke.l"
{
LEXTRACE("BEGINSTR ");
yylval.string = NULL;
YY_BREAK
case 9:
YY_RULE_SETUP
-#line 168 "toke.l"
+#line 178 "toke.l"
{
LEXTRACE("WORD(2) ");
if (!fill(yytext, yyleng))
case 10:
YY_RULE_SETUP
-#line 177 "toke.l"
+#line 187 "toke.l"
{
/* Line continuation char followed by newline. */
sudolineno++;
YY_BREAK
case 11:
YY_RULE_SETUP
-#line 183 "toke.l"
+#line 193 "toke.l"
{
LEXTRACE("ENDSTR ");
BEGIN prev_state;
YY_BREAK
case 12:
YY_RULE_SETUP
-#line 215 "toke.l"
+#line 225 "toke.l"
{
LEXTRACE("BACKSLASH ");
if (!append(yytext, yyleng))
YY_BREAK
case 13:
YY_RULE_SETUP
-#line 221 "toke.l"
+#line 231 "toke.l"
{
LEXTRACE("STRBODY ");
if (!append(yytext, yyleng))
case 14:
YY_RULE_SETUP
-#line 229 "toke.l"
+#line 239 "toke.l"
{
/* quoted fnmatch glob char, pass verbatim */
LEXTRACE("QUOTEDCHAR ");
YY_BREAK
case 15:
YY_RULE_SETUP
-#line 237 "toke.l"
+#line 247 "toke.l"
{
/* quoted sudoers special char, strip backslash */
LEXTRACE("QUOTEDCHAR ");
YY_BREAK
case 16:
YY_RULE_SETUP
-#line 245 "toke.l"
+#line 255 "toke.l"
{
BEGIN INITIAL;
yyless(0);
YY_BREAK
case 17:
YY_RULE_SETUP
-#line 251 "toke.l"
+#line 261 "toke.l"
{
LEXTRACE("ARG ");
if (!fill_args(yytext, yyleng, sawspace))
case 18:
YY_RULE_SETUP
-#line 259 "toke.l"
+#line 269 "toke.l"
{
char *path;
YY_BREAK
case 19:
YY_RULE_SETUP
-#line 277 "toke.l"
+#line 287 "toke.l"
{
char *path;
YY_BREAK
case 20:
YY_RULE_SETUP
-#line 298 "toke.l"
+#line 308 "toke.l"
{
char deftype;
int n;
YY_BREAK
case 21:
YY_RULE_SETUP
-#line 338 "toke.l"
+#line 348 "toke.l"
{
int n;
YY_BREAK
case 22:
YY_RULE_SETUP
-#line 364 "toke.l"
+#line 374 "toke.l"
{
/* cmnd does not require passwd for this user */
LEXTRACE("NOPASSWD ");
YY_BREAK
case 23:
YY_RULE_SETUP
-#line 370 "toke.l"
+#line 380 "toke.l"
{
/* cmnd requires passwd for this user */
LEXTRACE("PASSWD ");
YY_BREAK
case 24:
YY_RULE_SETUP
-#line 376 "toke.l"
+#line 386 "toke.l"
{
LEXTRACE("NOEXEC ");
LEXRETURN(NOEXEC);
YY_BREAK
case 25:
YY_RULE_SETUP
-#line 381 "toke.l"
+#line 391 "toke.l"
{
LEXTRACE("EXEC ");
LEXRETURN(EXEC);
YY_BREAK
case 26:
YY_RULE_SETUP
-#line 386 "toke.l"
+#line 396 "toke.l"
{
LEXTRACE("SETENV ");
LEXRETURN(SETENV);
YY_BREAK
case 27:
YY_RULE_SETUP
-#line 391 "toke.l"
+#line 401 "toke.l"
{
LEXTRACE("NOSETENV ");
LEXRETURN(NOSETENV);
YY_BREAK
case 28:
YY_RULE_SETUP
-#line 396 "toke.l"
+#line 406 "toke.l"
{
LEXTRACE("LOG_OUTPUT ");
LEXRETURN(LOG_OUTPUT);
YY_BREAK
case 29:
YY_RULE_SETUP
-#line 401 "toke.l"
+#line 411 "toke.l"
{
LEXTRACE("NOLOG_OUTPUT ");
LEXRETURN(NOLOG_OUTPUT);
YY_BREAK
case 30:
YY_RULE_SETUP
-#line 406 "toke.l"
+#line 416 "toke.l"
{
LEXTRACE("LOG_INPUT ");
LEXRETURN(LOG_INPUT);
YY_BREAK
case 31:
YY_RULE_SETUP
-#line 411 "toke.l"
+#line 421 "toke.l"
{
LEXTRACE("NOLOG_INPUT ");
LEXRETURN(NOLOG_INPUT);
YY_BREAK
case 32:
YY_RULE_SETUP
-#line 416 "toke.l"
+#line 426 "toke.l"
{
/* empty group or netgroup */
LEXTRACE("ERROR ");
YY_BREAK
case 33:
YY_RULE_SETUP
-#line 422 "toke.l"
+#line 432 "toke.l"
{
/* netgroup */
if (!fill(yytext, yyleng))
YY_BREAK
case 34:
YY_RULE_SETUP
-#line 430 "toke.l"
+#line 440 "toke.l"
{
/* group */
if (!fill(yytext, yyleng))
YY_BREAK
case 35:
YY_RULE_SETUP
-#line 438 "toke.l"
+#line 448 "toke.l"
{
if (!fill(yytext, yyleng))
yyterminate();
YY_BREAK
case 36:
YY_RULE_SETUP
-#line 445 "toke.l"
+#line 455 "toke.l"
{
if (!fill(yytext, yyleng))
yyterminate();
YY_BREAK
case 37:
YY_RULE_SETUP
-#line 452 "toke.l"
+#line 462 "toke.l"
{
if (!ipv6_valid(yytext)) {
LEXTRACE("ERROR ");
YY_BREAK
case 38:
YY_RULE_SETUP
-#line 463 "toke.l"
+#line 473 "toke.l"
{
if (!ipv6_valid(yytext)) {
LEXTRACE("ERROR ");
YY_BREAK
case 39:
YY_RULE_SETUP
-#line 474 "toke.l"
+#line 484 "toke.l"
{
LEXTRACE("ALL ");
LEXRETURN(ALL);
YY_BREAK
case 40:
YY_RULE_SETUP
-#line 480 "toke.l"
+#line 490 "toke.l"
{
#ifdef HAVE_SELINUX
LEXTRACE("ROLE ");
YY_BREAK
case 41:
YY_RULE_SETUP
-#line 489 "toke.l"
+#line 499 "toke.l"
{
#ifdef HAVE_SELINUX
LEXTRACE("TYPE ");
YY_BREAK
case 42:
YY_RULE_SETUP
-#line 498 "toke.l"
+#line 508 "toke.l"
{
#ifndef HAVE_SELINUX
got_alias:
YY_BREAK
case 43:
YY_RULE_SETUP
-#line 508 "toke.l"
+#line 518 "toke.l"
{
/* no command args allowed for Defaults!/path */
if (!fill_cmnd(yytext, yyleng))
YY_BREAK
case 44:
YY_RULE_SETUP
-#line 516 "toke.l"
+#line 526 "toke.l"
{
BEGIN GOTCMND;
LEXTRACE("COMMAND ");
YY_BREAK
case 45:
YY_RULE_SETUP
-#line 523 "toke.l"
+#line 533 "toke.l"
{
/* directories can't have args... */
if (yytext[yyleng - 1] == '/') {
YY_BREAK
case 46:
YY_RULE_SETUP
-#line 538 "toke.l"
+#line 548 "toke.l"
{
LEXTRACE("BEGINSTR ");
yylval.string = NULL;
YY_BREAK
case 47:
YY_RULE_SETUP
-#line 545 "toke.l"
+#line 555 "toke.l"
{
/* a word */
if (!fill(yytext, yyleng))
YY_BREAK
case 48:
YY_RULE_SETUP
-#line 553 "toke.l"
+#line 563 "toke.l"
{
LEXTRACE("( ");
LEXRETURN('(');
YY_BREAK
case 49:
YY_RULE_SETUP
-#line 558 "toke.l"
+#line 568 "toke.l"
{
LEXTRACE(") ");
LEXRETURN(')');
YY_BREAK
case 50:
YY_RULE_SETUP
-#line 563 "toke.l"
+#line 573 "toke.l"
{
LEXTRACE(", ");
LEXRETURN(',');
YY_BREAK
case 51:
YY_RULE_SETUP
-#line 568 "toke.l"
+#line 578 "toke.l"
{
LEXTRACE("= ");
LEXRETURN('=');
YY_BREAK
case 52:
YY_RULE_SETUP
-#line 573 "toke.l"
+#line 583 "toke.l"
{
LEXTRACE(": ");
LEXRETURN(':');
YY_BREAK
case 53:
YY_RULE_SETUP
-#line 578 "toke.l"
+#line 588 "toke.l"
{
if (yyleng & 1) {
LEXTRACE("!");
YY_BREAK
case 54:
YY_RULE_SETUP
-#line 585 "toke.l"
+#line 595 "toke.l"
{
if (YY_START == INSTR) {
LEXTRACE("ERROR ");
YY_BREAK
case 55:
YY_RULE_SETUP
-#line 597 "toke.l"
+#line 607 "toke.l"
{ /* throw away space/tabs */
sawspace = true; /* but remember for fill_args */
}
YY_BREAK
case 56:
YY_RULE_SETUP
-#line 601 "toke.l"
+#line 611 "toke.l"
{
sawspace = true; /* remember for fill_args */
sudolineno++;
YY_BREAK
case 57:
YY_RULE_SETUP
-#line 607 "toke.l"
+#line 617 "toke.l"
{
BEGIN INITIAL;
sudolineno++;
YY_BREAK
case 58:
YY_RULE_SETUP
-#line 615 "toke.l"
+#line 625 "toke.l"
{
LEXTRACE("ERROR ");
LEXRETURN(ERROR);
case YY_STATE_EOF(STARTDEFS):
case YY_STATE_EOF(INDEFS):
case YY_STATE_EOF(INSTR):
-#line 620 "toke.l"
+#line 630 "toke.l"
{
if (YY_START != INITIAL) {
BEGIN INITIAL;
YY_BREAK
case 59:
YY_RULE_SETUP
-#line 630 "toke.l"
+#line 640 "toke.l"
ECHO;
YY_BREAK
-#line 2447 "lex.yy.c"
+#line 2457 "lex.yy.c"
case YY_END_OF_BUFFER:
{
return 0;
}
#endif
-#line 630 "toke.l"
+#line 640 "toke.l"
struct path_list {
char *path;
}
}
if (isdir) {
+ struct stat sb;
+ switch (sudo_secure_dir(path, sudoers_uid, sudoers_gid, &sb)) {
+ case SUDO_PATH_MISSING:
+ debug_return_bool(false);
+ case SUDO_PATH_BAD_TYPE:
+ errno = ENOTDIR;
+ if (sudoers_warnings) {
+ warning("%s", path);
+ }
+ debug_return_bool(false);
+ case SUDO_PATH_WRONG_OWNER:
+ if (sudoers_warnings) {
+ warningx(_("%s is owned by uid %u, should be %u"),
+ path, (unsigned int) sb.st_uid,
+ (unsigned int) sudoers_uid);
+ }
+ debug_return_bool(false);
+ case SUDO_PATH_WORLD_WRITABLE:
+ if (sudoers_warnings) {
+ warningx(_("%s is world writable"), path);
+ }
+ debug_return_bool(false);
+ case SUDO_PATH_GROUP_WRITABLE:
+ if (sudoers_warnings) {
+ warningx(_("%s is owned by gid %u, should be %u"),
+ path, (unsigned int) sb.st_gid,
+ (unsigned int) sudoers_gid);
+ }
+ debug_return_bool(false);
+ default:
+ /* NOTREACHED */
+ debug_return_bool(false);
+ }
if (!(path = switch_dir(&istack[idepth], path))) {
/* switch_dir() called yyerror() for us */
debug_return_bool(false);
/* XXX - assumes a final newline */
if (strchr(msg, '\n') != NULL)
{
- sudo_debug_printf2(SUDO_DEBUG_PARSER|SUDO_DEBUG_DEBUG, "%s:%d %s",
- sudoers, sudolineno, lbuf.buf);
+ sudo_debug_printf2(NULL, NULL, 0, SUDO_DEBUG_PARSER|SUDO_DEBUG_DEBUG,
+ "%s:%d %s", sudoers, sudolineno, lbuf.buf);
lbuf.len = 0;
}
return 0;
/* realloc() to size + COMMANDARGINC to make room for command args */
#define COMMANDARGINC 64
-/*
- * XXX - want to use debug file for lexer tracing, e.g.
- * sudo_debug_printf2(SUDO_DEBUG_PARSER|SUDO_DEBUG_DEBUG, "%s", msg);
- * but need to add buffering so that it is line oriented.
- */
#define LEXTRACE(msg) do { \
if (trace_print != NULL) \
(*trace_print)(msg); \
%{
/*
- * Copyright (c) 1996, 1998-2005, 2007-2011
+ * Copyright (c) 1996, 1998-2005, 2007-2012
* Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
#include "toke.h"
#include <gram.h>
#include "lbuf.h"
+#include "secure_path.h"
extern YYSTYPE yylval;
extern bool parse_error;
+extern bool sudoers_warnings;
int sudolineno;
int last_token;
char *sudoers;
+/* Default sudoers path, mode and owner (may be set via sudo.conf) */
+const char *sudoers_file = _PATH_SUDOERS;
+mode_t sudoers_mode = SUDOERS_MODE;
+uid_t sudoers_uid = SUDOERS_UID;
+gid_t sudoers_gid = SUDOERS_GID;
+
static bool continued, sawspace;
static int prev_state;
return (n); \
} while (0)
+#define ECHO ignore_result(fwrite(yytext, yyleng, 1, yyout))
+
#define push_include(_p) (_push_include((_p), false))
#define push_includedir(_p) (_push_include((_p), true))
%}
}
}
if (isdir) {
+ struct stat sb;
+ switch (sudo_secure_dir(path, sudoers_uid, sudoers_gid, &sb)) {
+ case SUDO_PATH_MISSING:
+ debug_return_bool(false);
+ case SUDO_PATH_BAD_TYPE:
+ errno = ENOTDIR;
+ if (sudoers_warnings) {
+ warning("%s", path);
+ }
+ debug_return_bool(false);
+ case SUDO_PATH_WRONG_OWNER:
+ if (sudoers_warnings) {
+ warningx(_("%s is owned by uid %u, should be %u"),
+ path, (unsigned int) sb.st_uid,
+ (unsigned int) sudoers_uid);
+ }
+ debug_return_bool(false);
+ case SUDO_PATH_WORLD_WRITABLE:
+ if (sudoers_warnings) {
+ warningx(_("%s is world writable"), path);
+ }
+ debug_return_bool(false);
+ case SUDO_PATH_GROUP_WRITABLE:
+ if (sudoers_warnings) {
+ warningx(_("%s is owned by gid %u, should be %u"),
+ path, (unsigned int) sb.st_gid,
+ (unsigned int) sudoers_gid);
+ }
+ debug_return_bool(false);
+ default:
+ /* NOTREACHED */
+ debug_return_bool(false);
+ }
if (!(path = switch_dir(&istack[idepth], path))) {
/* switch_dir() called yyerror() for us */
debug_return_bool(false);
/* XXX - assumes a final newline */
if (strchr(msg, '\n') != NULL)
{
- sudo_debug_printf2(SUDO_DEBUG_PARSER|SUDO_DEBUG_DEBUG, "%s:%d %s",
- sudoers, sudolineno, lbuf.buf);
+ sudo_debug_printf2(NULL, NULL, 0, SUDO_DEBUG_PARSER|SUDO_DEBUG_DEBUG,
+ "%s:%d %s", sudoers, sudolineno, lbuf.buf);
lbuf.len = 0;
}
return 0;
usage(1);
}
}
- argc -= optind;
- argv += optind;
- if (argc)
+ /* There should be no other command line arguments. */
+ if (argc - optind != 0)
usage(1);
sudo_setpwent();
(void) unlink(sp->tpath);
if (!oldperms && fstat(sp->fd, &sb) != -1) {
if (sb.st_uid != SUDOERS_UID || sb.st_gid != SUDOERS_GID)
- (void) chown(sp->path, SUDOERS_UID, SUDOERS_GID);
+ ignore_result(chown(sp->path, SUDOERS_UID, SUDOERS_GID));
if ((sb.st_mode & 0777) != SUDOERS_MODE)
- (void) chmod(sp->path, SUDOERS_MODE);
+ ignore_result(chmod(sp->path, SUDOERS_MODE));
}
rval = true;
goto done;
pid_t pid, rv;
debug_decl(run_command, SUDO_DEBUG_UTIL)
- switch (pid = fork()) {
+ switch (pid = sudo_debug_fork()) {
case -1:
error(1, _("unable to execute %s"), path);
break; /* NOTREACHED */
break;
}
if (entry == NULL) {
- entry = emalloc(sizeof(*entry));
+ entry = ecalloc(1, sizeof(*entry));
entry->path = estrdup(path);
- entry->modified = 0;
+ /* entry->modified = 0; */
entry->prev = entry;
- entry->next = NULL;
+ /* entry->next = NULL; */
entry->fd = open(entry->path, open_flags, SUDOERS_MODE);
- entry->tpath = NULL;
+ /* entry->tpath = NULL; */
entry->doedit = doedit;
if (entry->fd == -1) {
warning("%s", entry->path);
#define emsg " exiting due to signal: "
myname = getprogname();
signame = strsignal(signo);
- if (write(STDERR_FILENO, myname, strlen(myname)) == -1 ||
- write(STDERR_FILENO, emsg, sizeof(emsg) - 1) == -1 ||
- write(STDERR_FILENO, signame, strlen(signame)) == -1 ||
- write(STDERR_FILENO, "\n", 1) == -1)
- /* shut up glibc */;
+ ignore_result(write(STDERR_FILENO, myname, strlen(myname)));
+ ignore_result(write(STDERR_FILENO, emsg, sizeof(emsg) - 1));
+ ignore_result(write(STDERR_FILENO, signame, strlen(signame)));
+ ignore_result(write(STDERR_FILENO, "\n", 1));
_exit(signo);
}
--- /dev/null
+#
+# Copyright (c) 2011-2012 Todd C. Miller <Todd.Miller@courtesan.com>
+#
+# Permission to use, copy, modify, and distribute this software for any
+# purpose with or without fee is hereby granted, provided that the above
+# copyright notice and this permission notice appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# @configure_input@
+#
+
+#### Start of system configuration section. ####
+
+srcdir = @srcdir@
+devdir = @devdir@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+incdir = $(top_srcdir)/include
+
+# Compiler & tools to use
+CC = @CC@
+LIBTOOL = @LIBTOOL@ @LT_STATIC@
+
+# Our install program supports extra flags...
+INSTALL = $(SHELL) $(top_srcdir)/install-sh -c
+
+# Libraries
+LT_LIBS = $(LIBOBJDIR)libreplace.la
+LIBS = $(LT_LIBS)
+
+# C preprocessor flags
+CPPFLAGS = -I$(incdir) -I$(top_builddir) -I$(top_srcdir) @CPPFLAGS@
+
+# Usually -O and/or -g
+CFLAGS = @CFLAGS@
+
+# Flags to pass to the link stage
+LDFLAGS = @LDFLAGS@
+LTLDFLAGS = @LTLDFLAGS@
+
+# Where to install things...
+prefix = @prefix@
+exec_prefix = @exec_prefix@
+bindir = @bindir@
+sbindir = @sbindir@
+sysconfdir = @sysconfdir@
+libexecdir = @libexecdir@
+datarootdir = @datarootdir@
+localstatedir = @localstatedir@
+plugindir = @PLUGINDIR@
+soext = @SOEXT@
+
+# OS dependent defines
+DEFS = @OSDEFS@
+
+#### End of system configuration section. ####
+
+SHELL = @SHELL@
+
+OBJS = system_group.lo
+
+LIBOBJDIR = $(top_builddir)/@ac_config_libobj_dir@/
+
+VERSION = @PACKAGE_VERSION@
+
+all: system_group.la
+
+Makefile: $(srcdir)/Makefile.in
+ (cd $(top_builddir) && ./config.status --file plugins/system_group/Makefile)
+
+.SUFFIXES: .o .c .h .lo
+
+.c.lo:
+ $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $<
+
+system_group.la: $(OBJS) $(LT_LIBS)
+ $(LIBTOOL) --mode=link $(CC) $(LDFLAGS) $(LTLDFLAGS) -o $@ $(OBJS) $(LIBS) -module -export-symbols $(srcdir)/system_group.sym -avoid-version -rpath $(plugindir)
+
+pre-install:
+
+install: install-plugin
+
+install-dirs:
+ $(SHELL) $(top_srcdir)/mkinstalldirs $(DESTDIR)$(plugindir)
+
+install-binaries:
+
+install-includes:
+
+install-doc:
+
+install-plugin: install-dirs system_group.la
+ $(INSTALL) -b~ -m 0755 .libs/system_group$(soext) $(DESTDIR)$(plugindir)
+
+uninstall:
+ -rm -f $(DESTDIR)$(plugindir)/system_group$(soext)
+
+check:
+
+clean:
+ -$(LIBTOOL) --mode=clean rm -f *.lo *.o *.la *.a stamp-* core *.core core.*
+
+mostlyclean: clean
+
+distclean: clean
+ -rm -rf Makefile .libs
+
+clobber: distclean
+
+realclean: distclean
+ rm -f TAGS tags
+
+cleandir: realclean
+
+# Autogenerated dependencies, do not modify
+system_group.lo: $(srcdir)/system_group.c $(top_builddir)/config.h \
+ $(top_srcdir)/compat/stdbool.h $(top_srcdir)/compat/dlfcn.h \
+ $(incdir)/sudo_plugin.h $(incdir)/missing.h
+ $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/system_group.c
--- /dev/null
+/*
+ * Copyright (c) 2010, 2012 Todd C. Miller <Todd.Miller@courtesan.com>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <sys/param.h>
+#include <sys/stat.h>
+
+#include <stdio.h>
+#ifdef STDC_HEADERS
+# include <stdlib.h>
+# include <stddef.h>
+#else
+# ifdef HAVE_STDLIB_H
+# include <stdlib.h>
+# endif
+#endif /* STDC_HEADERS */
+#ifdef HAVE_STDBOOL_H
+# include <stdbool.h>
+#else
+# include "compat/stdbool.h"
+#endif /* HAVE_STDBOOL_H */
+#ifdef HAVE_STRING_H
+# if defined(HAVE_MEMORY_H) && !defined(STDC_HEADERS)
+# include <memory.h>
+# endif
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#ifdef HAVE_UNISTD_H
+# include <unistd.h>
+#endif /* HAVE_UNISTD_H */
+#ifdef HAVE_DLOPEN
+# include <dlfcn.h>
+#else
+# include "compat/dlfcn.h"
+#endif
+#include <ctype.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <limits.h>
+#include <grp.h>
+#include <pwd.h>
+
+#include "sudo_plugin.h"
+#include "missing.h"
+
+#ifndef RTLD_DEFAULT
+# define RTLD_DEFAULT NULL
+#endif
+
+/*
+ * Sudoers group plugin that does group name-based lookups using the system
+ * group database functions, similar to how sudo behaved prior to 1.7.3.
+ * This can be used on systems where lookups by group ID are problematic.
+ */
+
+static sudo_printf_t sudo_log;
+
+typedef struct group * (*sysgroup_getgrnam_t)(const char *);
+typedef struct group * (*sysgroup_getgrgid_t)(gid_t);
+typedef void (*sysgroup_gr_delref_t)(struct group *);
+
+static sysgroup_getgrnam_t sysgroup_getgrnam;
+static sysgroup_getgrgid_t sysgroup_getgrgid;
+static sysgroup_gr_delref_t sysgroup_gr_delref;
+static bool need_setent;
+
+static int
+sysgroup_init(int version, sudo_printf_t sudo_printf, char *const argv[])
+{
+ void *handle;
+
+ sudo_log = sudo_printf;
+
+ if (GROUP_API_VERSION_GET_MAJOR(version) != GROUP_API_VERSION_MAJOR) {
+ sudo_log(SUDO_CONV_ERROR_MSG,
+ "sysgroup_group: incompatible major version %d, expected %d\n",
+ GROUP_API_VERSION_GET_MAJOR(version),
+ GROUP_API_VERSION_MAJOR);
+ return -1;
+ }
+
+ /* Share group cache with sudo if possible. */
+ handle = dlsym(RTLD_DEFAULT, "sudo_getgrnam");
+ if (handle != NULL) {
+ sysgroup_getgrnam = (sysgroup_getgrnam_t)handle;
+ } else {
+ sysgroup_getgrnam = (sysgroup_getgrnam_t)getgrnam;
+ need_setent = true;
+ }
+
+ handle = dlsym(RTLD_DEFAULT, "sudo_getgrgid");
+ if (handle != NULL) {
+ sysgroup_getgrgid = (sysgroup_getgrgid_t)handle;
+ } else {
+ sysgroup_getgrgid = (sysgroup_getgrgid_t)getgrgid;
+ need_setent = true;
+ }
+
+ handle = dlsym(RTLD_DEFAULT, "gr_delref");
+ if (handle != NULL)
+ sysgroup_gr_delref = (sysgroup_gr_delref_t)handle;
+
+ if (need_setent)
+ setgrent();
+
+ return true;
+}
+
+static void
+sysgroup_cleanup(void)
+{
+ if (need_setent)
+ endgrent();
+}
+
+/*
+ * Returns true if "user" is a member of "group", else false.
+ */
+static int
+sysgroup_query(const char *user, const char *group, const struct passwd *pwd)
+{
+ char **member, *ep = '\0';
+ struct group *grp;
+
+ grp = sysgroup_getgrnam(group);
+ if (grp == NULL && group[0] == '#' && group[1] != '\0') {
+ long lval = strtol(group + 1, &ep, 10);
+ if (*ep == '\0') {
+ if ((lval != LONG_MAX && lval != LONG_MIN) || errno != ERANGE)
+ grp = sysgroup_getgrgid((gid_t)lval);
+ }
+ }
+ if (grp != NULL) {
+ for (member = grp->gr_mem; *member != NULL; member++) {
+ if (strcasecmp(user, *member) == 0) {
+ if (sysgroup_gr_delref)
+ sysgroup_gr_delref(grp);
+ return true;
+ }
+ }
+ if (sysgroup_gr_delref)
+ sysgroup_gr_delref(grp);
+ }
+
+ return false;
+}
+
+struct sudoers_group_plugin group_plugin = {
+ GROUP_API_VERSION,
+ sysgroup_init,
+ sysgroup_cleanup,
+ sysgroup_query
+};
--- /dev/null
+group_plugin
#!/bin/sh
# Copyright 2012 Quest Software, Inc. ALL RIGHTS RESERVED
-pp_revision="341"
+pp_revision="355"
# Copyright 2012 Quest Software, Inc. ALL RIGHTS RESERVED.
#
# Redistribution and use in source and binary forms, with or without
pp_aix_version_fix () {
typeset v
- v=`echo $1 | tr -c -d '[0-9].\012'`
+ v=`echo $1 | sed 's/[-+]/./' | tr -c -d '[0-9].\012' | awk -F"." '{ printf "%d.%d.%d.%.4s\n", $1, $2, $3, $4 }' | sed 's/[.]*$//g'`
if test x"$v" != x"$1"; then
pp_warn "stripped version '$1' to '$v'"
fi
set -- $cmd
cmd_cmd="$1"; shift
- cmd_arg="$*";
+ cmd_arg="${pp_aix_mkssys_cmd_args:-$*}";
case "$stop_signal" in
HUP) stop_signal=1;;
stop_signal=$stop_signal
force_signal=9
srcgroup="$pp_aix_mkssys_group"
+instances_allowed=${pp_aix_mkssys_instances_allowed:--Q}
lssrc -s \$svc > /dev/null 2>&1
if [ \$? -eq 0 ]; then
rmsys -s \$svc > /dev/null 2>&1
fi
-mkssys -s \$svc -u \$uid -p "\$cmd_cmd" \${cmd_arg:+-a "\$cmd_arg"} -S -n \$stop_signal -f 9 ${pp_aix_mkssys_args} \${srcgroup:+-G \$srcgroup}
+mkssys -s \$svc -u \$uid -p "\$cmd_cmd" \${cmd_arg:+-a "\$cmd_arg"} -S -n \$stop_signal -f 9 ${pp_aix_mkssys_args} \${srcgroup:+-G \$srcgroup} \$instances_allowed
.
#-- add code to start the service on reboot
bosboot=N; pp_contains_any "$pp_aix_bosboot" $cmp && bosboot=b
echo $pp_aix_bff_name.$ex \
- ${pp_aix_version:-`pp_aix_version_fix "$version"`} \
+ `[ $pp_aix_version ] && pp_aix_version_fix $pp_aix_version || pp_aix_version_fix "$version"` \
1 $bosboot $content \
$pp_aix_lang "$summary $briefex"
echo "["
}
pp_backend_aix_names () {
- echo "$name.${pp_aix_version:-`pp_aix_version_fix "$version"`}.bff"
+ echo "$name.`[ $pp_aix_version ] && pp_aix_version_fix $pp_aix_version || pp_aix_version_fix "$version"`.bff"
}
pp_backend_aix_install_script () {
esac
}
pp_backend_aix_function () {
- case $1 in
+ case "$1" in
pp_mkgroup) cat <<'.';;
/usr/sbin/lsgroup "$1" >/dev/null &&
return 0
:
}
pp_backend_sd_function () {
- case $1 in
+ case "$1" in
pp_mkgroup) cat <<'.';;
/usr/sbin/groupmod "$1" 2>/dev/null ||
/usr/sbin/groupadd "$1"
esac
}
pp_backend_solaris_function() {
- case $1 in
+ case "$1" in
pp_mkgroup) cat<<'.';;
/usr/sbin/groupmod "$1" 2>/dev/null && return 0
/usr/sbin/groupadd "$1"
chmod 755 $out
}
pp_backend_deb_function() {
- case $1 in
+ case "$1" in
pp_mkgroup) cat<<'.';;
/usr/sbin/groupmod "$1" 2>/dev/null && return 0
/usr/sbin/groupadd "$1"
return $rc
}
- case $1 in
+ case "$1" in
start_msg) echo "Starting $svcs";;
stop_msg) echo "Stopping $svcs";;
start) pp_start;;
kill -0 "$pid" 2>/dev/null
fi
}
- case $1 in
+ case "$1" in
start_msg) echo "Starting the $svc service";;
stop_msg) echo "Stopping the $svc service";;
start)
pp_rpm_distro=`awk '
/^Red Hat Enterprise Linux/ { print "rhel" $7; exit; }
/^CentOS release/ { print "centos" $3; exit; }
+ /^CentOS Linux release/ { print "centos" $4; exit; }
/^Red Hat Linux release/ { print "rh" $5; exit; }
' /etc/redhat-release`
elif test -f /etc/SuSE-release; then
chmod 755 $out
}
pp_backend_rpm_function () {
- case $1 in
+ case "$1" in
pp_mkgroup) cat<<'.';;
/usr/sbin/groupadd -f -r "$1"
.
Examples found in /System/Library/LaunchDaemons/
See manual page launchd.plist(5) for details:
- { Label: "com.quest.vintela.foo", # required
+ { Label: "com.quest.rc.foo", # required
Program: "/sbin/program",
ProgramArguments: [ "/sbin/program", "arg1", "arg2" ], # required
RunAtLoad: true,
undef %users;
undef %groups;
# parse the cpio file
- while (read(STDIN, my $header, 76)) {
- die "bad magic" unless $header =~ m/^070707/;
- my $namesize = oct(substr($header, 59, 6));
- my $filesize = oct(substr($header, 65, 11));
- read(STDIN, my $name, $namesize);
- # update uid, gid and mode
+ my $hdrlen = 76;
+ while (read(STDIN, my $header, $hdrlen)) {
+ my ($name, $namesize, $filesize);
+ my $filepad = 0;
+ if ($header =~ m/^07070[12]/) {
+ # SVR4 ASCII format, convert to ODC
+ if ($hdrlen == 76) {
+ # Read in rest of header and update header len for SVR4
+ read(STDIN, $header, 110 - 76, 76);
+ $hdrlen = 110;
+ }
+ my $ino = hex(substr($header, 6, 8)) & 0x3ffff;
+ my $mode = hex(substr($header, 14, 8)) & 0x3ffff;
+ my $uid = hex(substr($header, 22, 8)) & 0x3ffff;
+ my $gid = hex(substr($header, 30, 8)) & 0x3ffff;
+ my $nlink = hex(substr($header, 38, 8)) & 0x3ffff;
+ my $mtime = hex(substr($header, 46, 8)) & 0xffffffff;
+ $filesize = hex(substr($header, 54, 8)) & 0xffffffff;
+ my $dev_maj = hex(substr($header, 62, 8));
+ my $dev_min = hex(substr($header, 70, 8));
+ my $dev = &makedev($dev_maj, $dev_min) & 0x3ffff;
+ my $rdev_maj = hex(substr($header, 78, 8));
+ my $rdev_min = hex(substr($header, 86, 8));
+ my $rdev = &makedev($rdev_maj, $rdev_min) & 0x3ffff;
+ $namesize = hex(substr($header, 94, 8)) & 0x3ffff;
+ read(STDIN, $name, $namesize);
+ # Header + name is padded to a multiple of 4 bytes
+ my $namepad = (($hdrlen + $namesize + 3) & 0xfffffffc) - ($hdrlen + $namesize);
+ read(STDIN, my $padding, $namepad) if ($namepad);
+ # File data is padded to be a multiple of 4 bytes
+ $filepad = (($filesize + 3) & 0xfffffffc) - $filesize;
+
+ my $new_header = sprintf("070707%06o%06o%06o%06o%06o%06o%06o%011o%06o%011o", $dev, $ino, $mode, $uid, $gid, $nlink, $rdev, $mtime, $namesize, $filesize);
+ $header = $new_header;
+ } elsif ($header =~ m/^070707/) {
+ # POSIX Portable ASCII Format
+ $namesize = oct(substr($header, 59, 6));
+ $filesize = oct(substr($header, 65, 11));
+ read(STDIN, $name, $namesize);
+ } else {
+ die "bad magic";
+ }
+ # update uid, gid and mode (already in octal)
substr($header, 24, 6) = $uid{$name} if exists $uid{$name};
substr($header, 30, 6) = $gid{$name} if exists $gid{$name};
substr($header, 18, 6) = $mode{$name} if exists $mode{$name};
print($header, $name);
# check for trailer at EOF
- last if $filesize == 0 && $name eq "TRAILER!!!\0";
+ last if $filesize == 0 && $name =~ /^TRAILER!!!\0/;
# copy-through the file data
while ($filesize > 0) {
my $seg = 8192;
print $data;
$filesize -= $seg;
}
+ # If file data is padded, skip it
+ read(STDIN, my $padding, $filepad) if ($filepad);
}
# pass through any padding at the end (blocksize-dependent)
for (;;) {
print $data;
}
exit(0);
+
+ sub makedev {
+ (((($_[0] & 0xff)) << 24) | ($_[1] & 0xffffff));
+ }
__DATA__
.
# Append to the script the %files data
}
pp_backend_macos_bundle () {
- typeset pkgdir Contents Resources lprojdir
+ typeset pkgdir Contents Resources lprojdir svc
typeset Info_plist Description_plist
typeset bundle_vendor bundle_version size cmp filelists
cp -R ${pp_macos_pkg_license} $Resources/License.$sfx
fi
+ # Add services (may modify %files)
+ for svc in $pp_services .; do
+ test . = "$svc" && continue
+ pp_macos_add_service $svc
+ done
+
# Find file lists (%files.* includes ignore files)
for cmp in $pp_components; do
test -f $pp_wrkdir/%files.$cmp && filelists="$filelists${filelists:+ }$pp_wrkdir/%files.$cmp"
echo "requires=$pp_macos_requires" >> $Resources/uninstall
fi
+ . $pp_wrkdir/%fixup
+
# Create the bill-of-materials (Archive.bom)
cat $filelists | pp_macos_files_bom | sort |
pp_macos_bom_fix_parents > $pp_wrkdir/tmp.bomls
}
pp_backend_macos_flat () {
- typeset pkgdir bundledir Resources lprojdir
+ typeset pkgdir bundledir Resources lprojdir svc
typeset Info_plist Description_plist
typeset bundle_vendor bundle_version size numfiles cmp filelists
mkdir $pkgdir $bundledir $Resources $lprojdir ||
pp_error "Can't make package temporary directories"
+ # Add services (may modify %files)
+ for svc in $pp_services .; do
+ test . = "$svc" && continue
+ pp_macos_add_service $svc
+ done
+
# Find file lists (%files.* includes ignore files)
for cmp in $pp_components; do
test -f $pp_wrkdir/%files.$cmp && filelists="$filelists${filelists:+ }$pp_wrkdir/%files.$cmp"
</pkg-info>
.
+ . $pp_wrkdir/%fixup
+
# Create the bill-of-materials (Bom)
cat $filelists | pp_macos_files_bom | sort |
pp_macos_bom_fix_parents > $pp_wrkdir/tmp.bomls
test -d $pp_wrkdir/bom_stage && $pp_macos_sudo rm -rf $pp_wrkdir/bom_stage
# Create the flat package with xar (like pkgutil --flatten does)
- (cd $pkgdir && /usr/bin/xar --distribution --no-compress Scripts --no-compress Payload -jcf "../$name-$version.pkg" *)
+ # Note that --distribution is only supported by Mac OS X 10.6 and above
+ xar_flags="--compression=bzip2 --no-compress Scripts --no-compress Payload"
+ case $mac_version in
+ "10.5"*) ;;
+ *) xar_flags="$xar_flags --distribution";;
+ esac
+ (cd $pkgdir && /usr/bin/xar $xar_flags -cf "../$name-$version.pkg" *)
}
pp_backend_macos_cleanup () {
}
pp_backend_macos_init_svc_vars () {
- :
+ pp_macos_start_services_after_install=false
+ pp_macos_service_name=
+ pp_macos_default_service_id_prefix="com.quest.rc."
+ pp_macos_service_id=
+ pp_macos_service_user=
+ pp_macos_service_group=
+ pp_macos_service_initgroups=
+ pp_macos_service_umask=
+ pp_macos_service_cwd=
+ pp_macos_service_nice=
+ pp_macos_svc_plist_file=
+}
+
+pp_macos_launchd_plist () {
+ typeset svc svc_id
+
+ svc="$1"
+ svc_id="$2"
+
+ set -- $cmd
+
+ if [ -n "$pp_macos_svc_plist_file" ]; then
+ echo "## Launchd plist file already defined at $pp_macos_svc_plist_file"
+ return
+ fi
+
+ echo "## Generating the launchd plist file for $svc"
+ pp_macos_svc_plist_file="$pp_wrkdir/$svc.plist"
+ cat <<-. > $pp_macos_svc_plist_file
+ <?xml version="1.0" encoding="UTF-8"?>
+ <!DOCTYPE plist PUBLIC -//Apple Computer//DTD PLIST 1.0//EN
+ http://www.apple.com/DTDs/PropertyList-1.0.dtd >
+ <plist version="1.0">
+ <dict>
+ <key>Label</key>
+ <string>$svc_id</string>
+ <key>ProgramArguments</key>
+ <array>
+.
+ while test $# != 0; do
+ printf " <string>$1</string>\n" >> $pp_macos_svc_plist_file
+ shift
+ done
+ cat <<-. >> $pp_macos_svc_plist_file
+ </array>
+ <key>KeepAlive</key>
+ <true/>
+.
+ if test -n "$pp_macos_service_user"; then
+ printf " <key>UserName</key>\n" >> $pp_macos_svc_plist_file
+ printf " <string>$pp_macos_service_user</string>\n" >> $pp_macos_svc_plist_file
+ fi
+ if test -n "$pp_macos_service_group"; then
+ printf " <key>GroupName</key>\n" >> $pp_macos_svc_plist_file
+ printf " <string>$pp_macos_service_group</string>\n" >> $pp_macos_svc_plist_file
+ fi
+ if test -n "$pp_macos_service_initgroups"; then
+ printf " <key>InitGroups</key>\n" >> $pp_macos_svc_plist_file
+ printf " <string>$pp_macos_service_initgroups</string>\n" >> $pp_macos_svc_plist_file
+ fi
+ if test -n "$pp_macos_service_umask"; then
+ printf " <key>Umask</key>\n" >> $pp_macos_svc_plist_file
+ printf " <string>$pp_macos_service_umask</string>\n" >> $pp_macos_svc_plist_file
+ fi
+ if test -n "$pp_macos_service_cwd"; then
+ printf " <key>WorkingDirectory</key>\n" >> $pp_macos_svc_plist_file
+ printf " <string>$pp_macos_service_cwd</string>\n" >> $pp_macos_svc_plist_file
+ fi
+ if test -n "$pp_macos_service_nice"; then
+ printf " <key>Nice</key>\n" >> $pp_macos_svc_plist_file
+ printf " <string>$pp_macos_service_nice</string>\n" >> $pp_macos_svc_plist_file
+ fi
+ cat <<-. >> $pp_macos_svc_plist_file
+ </dict>
+ </plist>
+.
+}
+
+pp_macos_add_service () {
+ typeset svc svc_id plist_file plist_dir
+
+ pp_load_service_vars "$1"
+ svc=${pp_macos_service_name:-$1}
+ svc_id=${pp_macos_service_id:-$pp_macos_default_service_id_prefix$svc}
+
+ #-- create a plist file for svc
+ pp_macos_launchd_plist "$svc" "$svc_id"
+
+ #-- copy the plist file into place and add to %files
+ plist_dir="/Library/LaunchDaemons"
+ plist_file="$plist_dir/$svc_id.plist"
+ mkdir -p "$pp_destdir/$plist_dir"
+ cp "$pp_macos_svc_plist_file" "$pp_destdir/$plist_file"
+ pp_add_file_if_missing "$plist_file"
+
+ #-- add code to start the service on install
+ ${pp_macos_start_services_after_install} && <<-. >> $pp_wrkdir/%post.$svc
+ # start service '$svc' automatically after install
+ launchctl load "$plist_file"
+.
}
pp_backend_macos_probe () {
echo "osx" # XXX non-really sure what they do.. it should be "macos"
}
pp_backend_macos_function () {
- case $1 in
+ case "$1" in
_pp_macos_search_unused) cat<<'.';;
# Find an unused value in the given path
# args: path attribute minid [maxid]
PROGS = @PROGS@
-OBJS = conversation.o error.o exec.o exec_common.o exec_pty.o get_pty.o \
- net_ifs.o load_plugins.o parse_args.o sudo.o sudo_edit.o tgetpass.o \
- ttyname.o ttysize.o utmp.o @SUDO_OBJS@
+OBJS = conversation.o env_hooks.o error.o exec.o exec_common.o exec_pty.o \
+ get_pty.o hooks.o net_ifs.o load_plugins.o parse_args.o sudo.o \
+ sudo_edit.o tgetpass.o ttyname.o utmp.o @SUDO_OBJS@
LIBOBJDIR = $(top_builddir)/@ac_config_libobj_dir@/
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $<
sudo: $(OBJS) $(LT_LIBS)
- $(LIBTOOL) --mode=link $(CC) -o $@ $(OBJS) $(LDFLAGS) $(LIBS) -static-libtool-libs
+ $(LIBTOOL) --mode=link $(CC) -o $@ $(OBJS) $(LDFLAGS) $(LIBS)
libsudo_noexec.la: sudo_noexec.lo
$(LIBTOOL) --mode=link $(CC) $(LDFLAGS) $(LTLDFLAGS) -o $@ sudo_noexec.lo -avoid-version -rpath $(noexecdir)
sesh: sesh.o error.o exec_common.o @LIBINTL@ $(LT_LIBS)
- $(LIBTOOL) --mode=link $(CC) -o $@ sesh.o error.o exec_common.o $(LDFLAGS) @LIBINTL@ $(LIBS) -static-libtool-libs
+ $(LIBTOOL) --mode=link $(CC) -o $@ sesh.o error.o exec_common.o $(LDFLAGS) @LIBINTL@ $(LIBS)
pre-install:
$(incdir)/sudo_debug.h $(incdir)/gettext.h \
$(incdir)/sudo_plugin.h $(srcdir)/sudo_plugin_int.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/conversation.c
+env_hooks.o: $(srcdir)/env_hooks.c $(top_builddir)/config.h \
+ $(top_srcdir)/compat/dlfcn.h $(srcdir)/sudo.h \
+ $(top_builddir)/pathnames.h $(top_srcdir)/compat/stdbool.h \
+ $(incdir)/missing.h $(incdir)/alloc.h $(incdir)/error.h \
+ $(incdir)/fileops.h $(incdir)/list.h $(incdir)/sudo_conf.h \
+ $(incdir)/list.h $(incdir)/sudo_debug.h $(incdir)/gettext.h \
+ $(incdir)/sudo_plugin.h
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/env_hooks.c
error.o: $(srcdir)/error.c $(top_builddir)/config.h $(incdir)/missing.h \
$(incdir)/error.h $(incdir)/gettext.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/error.c
$(incdir)/fileops.h $(incdir)/list.h $(incdir)/sudo_conf.h \
$(incdir)/list.h $(incdir)/sudo_debug.h $(incdir)/gettext.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/get_pty.c
+hooks.o: $(srcdir)/hooks.c $(top_builddir)/config.h $(srcdir)/sudo.h \
+ $(top_builddir)/pathnames.h $(top_srcdir)/compat/stdbool.h \
+ $(incdir)/missing.h $(incdir)/alloc.h $(incdir)/error.h \
+ $(incdir)/fileops.h $(incdir)/list.h $(incdir)/sudo_conf.h \
+ $(incdir)/list.h $(incdir)/sudo_debug.h $(incdir)/gettext.h \
+ $(incdir)/sudo_plugin.h $(srcdir)/sudo_plugin_int.h \
+ $(incdir)/sudo_debug.h
+ $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/hooks.c
load_plugins.o: $(srcdir)/load_plugins.c $(top_builddir)/config.h \
$(top_srcdir)/compat/dlfcn.h $(srcdir)/sudo.h \
$(top_builddir)/pathnames.h $(top_srcdir)/compat/stdbool.h \
$(top_builddir)/pathnames.h $(top_srcdir)/compat/stdbool.h \
$(incdir)/missing.h $(incdir)/alloc.h $(incdir)/error.h \
$(incdir)/fileops.h $(incdir)/list.h $(incdir)/sudo_conf.h \
- $(incdir)/list.h $(incdir)/sudo_debug.h $(incdir)/gettext.h
+ $(incdir)/list.h $(incdir)/sudo_debug.h $(incdir)/gettext.h \
+ $(srcdir)/sudo_exec.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/selinux.c
sesh.o: $(srcdir)/sesh.c $(top_builddir)/config.h \
- $(top_srcdir)/compat/stdbool.h $(incdir)/missing.h $(incdir)/gettext.h \
- $(incdir)/error.h $(incdir)/sudo_conf.h $(incdir)/list.h \
- $(incdir)/sudo_debug.h $(srcdir)/sudo_exec.h $(incdir)/sudo_plugin.h
+ $(top_srcdir)/compat/stdbool.h $(incdir)/missing.h $(incdir)/alloc.h \
+ $(incdir)/error.h $(incdir)/gettext.h $(incdir)/sudo_conf.h \
+ $(incdir)/list.h $(incdir)/sudo_debug.h $(srcdir)/sudo_exec.h \
+ $(incdir)/sudo_plugin.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/sesh.c
sudo.o: $(srcdir)/sudo.c $(top_builddir)/config.h $(srcdir)/sudo.h \
$(top_builddir)/pathnames.h $(top_srcdir)/compat/stdbool.h \
$(incdir)/fileops.h $(incdir)/list.h $(incdir)/sudo_conf.h \
$(incdir)/list.h $(incdir)/sudo_debug.h $(incdir)/gettext.h
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/ttyname.c
-ttysize.o: $(srcdir)/ttysize.c $(top_builddir)/config.h $(incdir)/missing.h \
- $(incdir)/sudo_debug.h
- $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/ttysize.c
utmp.o: $(srcdir)/utmp.c $(top_builddir)/config.h $(srcdir)/sudo.h \
$(top_builddir)/pathnames.h $(top_srcdir)/compat/stdbool.h \
$(incdir)/missing.h $(incdir)/alloc.h $(incdir)/error.h \
break;
case SUDO_CONV_DEBUG_MSG:
if (msg->msg)
- sudo_debug_write(msg->msg, strlen(msg->msg));
+ sudo_debug_write(msg->msg, strlen(msg->msg), 0);
break;
default:
goto err;
--- /dev/null
+/*
+ * Copyright (c) 2010, 2012 Todd C. Miller <Todd.Miller@courtesan.com>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+
+#include <stdio.h>
+#ifdef STDC_HEADERS
+# include <stdlib.h>
+# include <stddef.h>
+#else
+# ifdef HAVE_STDLIB_H
+# include <stdlib.h>
+# endif
+#endif /* STDC_HEADERS */
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#if defined(HAVE_MALLOC_H) && !defined(STDC_HEADERS)
+# include <malloc.h>
+#endif /* HAVE_MALLOC_H && !STDC_HEADERS */
+#include <errno.h>
+#ifdef HAVE_DLOPEN
+# include <dlfcn.h>
+#else
+# include "compat/dlfcn.h"
+#endif
+
+#include "sudo.h"
+#include "sudo_plugin.h"
+
+extern char **environ; /* global environment pointer */
+static char **priv_environ; /* private environment pointer */
+
+static char *
+rpl_getenv(const char *name)
+{
+ char **ep, *val = NULL;
+ size_t namelen = 0;
+
+ /* For BSD compatibility, treat '=' in name like end of string. */
+ while (name[namelen] != '\0' && name[namelen] != '=')
+ namelen++;
+ for (ep = environ; *ep != NULL; ep++) {
+ if (strncmp(*ep, name, namelen) == 0 && (*ep)[namelen] == '=') {
+ val = *ep + namelen + 1;
+ break;
+ }
+ }
+ return val;
+}
+
+typedef char * (*sudo_fn_getenv_t)(const char *);
+
+char *
+getenv(const char *name)
+{
+ char *val = NULL;
+
+ switch (process_hooks_getenv(name, &val)) {
+ case SUDO_HOOK_RET_STOP:
+ return val;
+ case SUDO_HOOK_RET_ERROR:
+ return NULL;
+ default: {
+#if defined(HAVE_DLOPEN) && defined(RTLD_NEXT)
+ sudo_fn_getenv_t fn;
+
+ fn = (sudo_fn_getenv_t)dlsym(RTLD_NEXT, "getenv");
+ if (fn != NULL)
+ return fn(name);
+#endif /* HAVE_DLOPEN && RTLD_NEXT */
+ return rpl_getenv(name);
+ }
+ }
+}
+
+static int
+rpl_putenv(PUTENV_CONST char *string)
+{
+ char **ep;
+ size_t len;
+ bool found = false;
+
+ /* Look for existing entry. */
+ len = (strchr(string, '=') - string) + 1;
+ for (ep = environ; *ep != NULL; ep++) {
+ if (strncmp(string, *ep, len) == 0) {
+ *ep = (char *)string;
+ found = true;
+ break;
+ }
+ }
+ /* Prune out duplicate variables. */
+ if (found) {
+ while (*ep != NULL) {
+ if (strncmp(string, *ep, len) == 0) {
+ char **cur = ep;
+ while ((*cur = *(cur + 1)) != NULL)
+ cur++;
+ } else {
+ ep++;
+ }
+ }
+ }
+
+ /* Append at the end if not already found. */
+ if (!found) {
+ size_t env_len = (size_t)(ep - environ);
+ char **envp = erealloc3(priv_environ, env_len + 2, sizeof(char *));
+ if (environ != priv_environ)
+ memcpy(envp, environ, env_len * sizeof(char *));
+ envp[env_len++] = (char *)string;
+ envp[env_len] = NULL;
+ priv_environ = environ = envp;
+ }
+ return 0;
+}
+
+typedef int (*sudo_fn_putenv_t)(PUTENV_CONST char *);
+
+int
+putenv(PUTENV_CONST char *string)
+{
+ switch (process_hooks_putenv((char *)string)) {
+ case SUDO_HOOK_RET_STOP:
+ return 0;
+ case SUDO_HOOK_RET_ERROR:
+ return -1;
+ default: {
+#if defined(HAVE_DLOPEN) && defined(RTLD_NEXT)
+ sudo_fn_putenv_t fn;
+
+ fn = (sudo_fn_putenv_t)dlsym(RTLD_NEXT, "putenv");
+ if (fn != NULL)
+ return fn(string);
+#endif /* HAVE_DLOPEN && RTLD_NEXT */
+ return rpl_putenv(string);
+ }
+ }
+}
+
+static int
+rpl_setenv(const char *var, const char *val, int overwrite)
+{
+ char *envstr, *dst;
+ const char *src;
+ size_t esize;
+
+ if (!var || *var == '\0') {
+ errno = EINVAL;
+ return -1;
+ }
+
+ /*
+ * POSIX says a var name with '=' is an error but BSD
+ * just ignores the '=' and anything after it.
+ */
+ for (src = var; *src != '\0' && *src != '='; src++)
+ ;
+ esize = (size_t)(src - var) + 2;
+ if (val) {
+ esize += strlen(val); /* glibc treats a NULL val as "" */
+ }
+
+ /* Allocate and fill in envstr. */
+ if ((envstr = malloc(esize)) == NULL)
+ return -1;
+ for (src = var, dst = envstr; *src != '\0' && *src != '=';)
+ *dst++ = *src++;
+ *dst++ = '=';
+ if (val) {
+ for (src = val; *src != '\0';)
+ *dst++ = *src++;
+ }
+ *dst = '\0';
+
+ if (!overwrite && getenv(var) != NULL) {
+ free(envstr);
+ return 0;
+ }
+ return rpl_putenv(envstr);
+}
+
+typedef int (*sudo_fn_setenv_t)(const char *, const char *, int);
+
+int
+setenv(const char *var, const char *val, int overwrite)
+{
+ switch (process_hooks_setenv(var, val, overwrite)) {
+ case SUDO_HOOK_RET_STOP:
+ return 0;
+ case SUDO_HOOK_RET_ERROR:
+ return -1;
+ default: {
+#if defined(HAVE_SETENV) && defined(HAVE_DLOPEN) && defined(RTLD_NEXT)
+ sudo_fn_setenv_t fn;
+
+ fn = (sudo_fn_setenv_t)dlsym(RTLD_NEXT, "setenv");
+ if (fn != NULL)
+ return fn(var, val, overwrite);
+#endif /* HAVE_SETENV && HAVE_DLOPEN && RTLD_NEXT */
+ return rpl_setenv(var, val, overwrite);
+ }
+ }
+}
+
+#ifdef UNSETENV_VOID
+static void
+#else
+int
+#endif
+rpl_unsetenv(const char *var)
+{
+ char **ep = environ;
+ size_t len;
+
+ if (var == NULL || *var == '\0' || strchr(var, '=') != NULL) {
+ errno = EINVAL;
+#ifdef UNSETENV_VOID
+ return;
+#else
+ return -1;
+#endif
+ }
+
+ len = strlen(var);
+ while (*ep != NULL) {
+ if (strncmp(var, *ep, len) == 0 && (*ep)[len] == '=') {
+ /* Found it; shift remainder + NULL over by one. */
+ char **cur = ep;
+ while ((*cur = *(cur + 1)) != NULL)
+ cur++;
+ /* Keep going, could be multiple instances of the var. */
+ } else {
+ ep++;
+ }
+ }
+#ifndef UNSETENV_VOID
+ return 0;
+#endif
+}
+
+#ifdef UNSETENV_VOID
+typedef void (*sudo_fn_unsetenv_t)(const char *);
+#else
+typedef int (*sudo_fn_unsetenv_t)(const char *);
+#endif
+
+#ifdef UNSETENV_VOID
+void
+unsetenv(const char *var)
+{
+ switch (process_hooks_unsetenv(var)) {
+ case SUDO_HOOK_RET_STOP:
+ return 0;
+ case SUDO_HOOK_RET_ERROR:
+ return -1;
+ default: {
+#if defined(HAVE_UNSETENV) && defined(HAVE_DLOPEN) && defined(RTLD_NEXT)
+ sudo_fn_unsetenv_t fn;
+
+ fn = (sudo_fn_unsetenv_t)dlsym(RTLD_NEXT, "unsetenv");
+ if (fn != NULL)
+ fn(var);
+ else
+#endif /* HAVE_UNSETENV && HAVE_DLOPEN && RTLD_NEXT */
+ rpl_unsetenv(var);
+ }
+ }
+}
+#else
+int
+unsetenv(const char *var)
+{
+ switch (process_hooks_unsetenv(var)) {
+ case SUDO_HOOK_RET_STOP:
+ return 0;
+ case SUDO_HOOK_RET_ERROR:
+ return -1;
+ default: {
+#if defined(HAVE_UNSETENV) && defined(HAVE_DLOPEN) && defined(RTLD_NEXT)
+ sudo_fn_unsetenv_t fn;
+
+ fn = (sudo_fn_unsetenv_t)dlsym(RTLD_NEXT, "unsetenv");
+ if (fn != NULL)
+ return fn(var);
+#endif /* HAVE_UNSETENV && HAVE_DLOPEN && RTLD_NEXT */
+ return rpl_unsetenv(var);
+ }
+ }
+}
+#endif /* UNSETENV_VOID */
sa.sa_handler = handler;
sigaction(SIGCONT, &sa, NULL);
- child = fork();
+ /*
+ * The policy plugin's session init must be run before we fork
+ * or certain pam modules won't be able to track their state.
+ */
+ if (policy_init_session(details) != true)
+ errorx(1, _("policy plugin failed session initialization"));
+
+ child = sudo_debug_fork();
switch (child) {
case -1:
error(1, _("unable to fork"));
/* If running in background mode, fork and exit. */
if (ISSET(details->flags, CD_BACKGROUND)) {
- switch (fork()) {
+ switch (sudo_debug_fork()) {
case -1:
cstat->type = CMD_ERRNO;
cstat->val = errno;
* In the event loop we pass input from user tty to master
* and pass output from master to stdout and IO plugin.
*/
- fdsr = (fd_set *)emalloc2(howmany(maxfd + 1, NFDBITS), sizeof(fd_mask));
- fdsw = (fd_set *)emalloc2(howmany(maxfd + 1, NFDBITS), sizeof(fd_mask));
+ fdsr = emalloc2(howmany(maxfd + 1, NFDBITS), sizeof(fd_mask));
+ fdsw = emalloc2(howmany(maxfd + 1, NFDBITS), sizeof(fd_mask));
for (;;) {
- zero_bytes(fdsw, howmany(maxfd + 1, NFDBITS) * sizeof(fd_mask));
- zero_bytes(fdsr, howmany(maxfd + 1, NFDBITS) * sizeof(fd_mask));
+ memset(fdsw, 0, howmany(maxfd + 1, NFDBITS) * sizeof(fd_mask));
+ memset(fdsr, 0, howmany(maxfd + 1, NFDBITS) * sizeof(fd_mask));
FD_SET(signal_pipe[0], fdsr);
FD_SET(sv[0], fdsr);
nready = select(maxfd + 1, fdsr, fdsw, NULL, NULL);
sudo_debug_printf(SUDO_DEBUG_DEBUG, "select returns %d", nready);
if (nready == -1) {
- if (errno == EINTR)
+ if (errno == EINTR || errno == ENOMEM)
continue;
- error(1, _("select failed"));
+ if (errno == EBADF || errno == EIO) {
+ /* One of the ttys must have gone away. */
+ goto do_tty_io;
+ }
+ warning(_("select failed"));
+ sudo_debug_printf(SUDO_DEBUG_ERROR,
+ "select failure, terminating child");
+ schedule_signal(SIGKILL);
+ forward_signals(sv[0]);
+ break;
}
if (FD_ISSET(sv[0], fdsw)) {
forward_signals(sv[0]);
break;
}
}
-
+do_tty_io:
if (perform_io(fdsr, fdsw, cstat) != 0) {
/* I/O error, kill child if still alive and finish. */
sudo_debug_printf(SUDO_DEBUG_ERROR, "I/O error, terminating child");
sudo_debug_printf(SUDO_DEBUG_DIAG, "forwarding signal %d to child", signo);
- sigfwd = emalloc(sizeof(*sigfwd));
+ sigfwd = ecalloc(1, sizeof(*sigfwd));
sigfwd->prev = sigfwd;
- sigfwd->next = NULL;
+ /* sigfwd->next = NULL; */
sigfwd->signo = signo;
tq_append(&sigfwd_list, sigfwd);
* The pipe is non-blocking, if we overflow the kernel's pipe
* buffer we drop the signal. This is not a problem in practice.
*/
- if (write(signal_pipe[1], &signo, sizeof(signo)) == -1)
- /* shut up glibc */;
+ ignore_result(write(signal_pipe[1], &signo, sizeof(signo)));
}
#ifdef SA_SIGINFO
unsigned char signo = (unsigned char)s;
/* Only forward user-generated signals. */
- if (info->si_code <= 0) {
+ if (info == NULL || info->si_code <= 0) {
/*
* The pipe is non-blocking, if we overflow the kernel's pipe
* buffer we drop the signal. This is not a problem in practice.
*/
- if (write(signal_pipe[1], &signo, sizeof(signo)) == -1)
- /* shut up glibc */;
+ ignore_result(write(signal_pipe[1], &signo, sizeof(signo)));
}
}
#endif /* SA_SIGINFO */
disable_execute(char *const envp[])
{
#ifdef _PATH_SUDO_NOEXEC
- char * const *ev;
- char *preload, **nenvp;
- int env_len = 0, env_size = 128;
+ char *preload, **nenvp = NULL;
+ int env_len, env_size;
+ int preload_idx = -1;
+# ifdef RTLD_PRELOAD_ENABLE_VAR
+ bool enabled = false;
+# endif
#endif /* _PATH_SUDO_NOEXEC */
debug_decl(disable_execute, SUDO_DEBUG_UTIL)
#endif /* HAVE_PRIV_SET */
#ifdef _PATH_SUDO_NOEXEC
- nenvp = emalloc2(env_size, sizeof(char *));
-
/*
* Preload a noexec file. For a list of LD_PRELOAD-alikes, see
* http://www.fortran-2000.com/ArnaudRecipes/sharedlib.html
* XXX - need to support 32-bit and 64-bit variants
*/
-# if defined(__darwin__) || defined(__APPLE__)
- nenvp[env_len++] = "DYLD_FORCE_FLAT_NAMESPACE=";
- preload = fmt_string("DYLD_INSERT_LIBRARIES", sudo_conf_noexec_path());
-# elif defined(__osf__) || defined(__sgi)
- easprintf(&preload, "_RLD_LIST=%s:DEFAULT", sudo_conf_noexec_path());
-# elif defined(_AIX)
- preload = fmt_string("LDR_PRELOAD", sudo_conf_noexec_path());
-# else
- preload = fmt_string("LD_PRELOAD", sudo_conf_noexec_path());
-# endif
- if (preload == NULL)
- errorx(1, _("unable to allocate memory"));
- nenvp[env_len++] = preload;
- for (ev = envp; *ev != NULL; ev++) {
- /*
- * Prune out existing preloaded libraries.
- * XXX - should append to new value instead.
- */
-# if defined(__darwin__) || defined(__APPLE__)
- if (strncmp(*ev, "DYLD_INSERT_LIBRARIES=", sizeof("DYLD_INSERT_LIBRARIES=") - 1) == 0)
- continue;
- if (strncmp(*ev, "DYLD_FORCE_FLAT_NAMESPACE=", sizeof("DYLD_INSERT_LIBRARIES=") - 1) == 0)
+ /* Count entries in envp, looking for LD_PRELOAD as we go. */
+ for (env_len = 0; envp[env_len] != NULL; env_len++) {
+ if (strncmp(envp[env_len], RTLD_PRELOAD_VAR "=", sizeof(RTLD_PRELOAD_VAR)) == 0) {
+ preload_idx = env_len;
continue;
-# elif defined(__osf__) || defined(__sgi)
- if (strncmp(*ev, "_RLD_LIST=", sizeof("_RLD_LIST=") - 1) == 0)
- continue;
-# elif defined(_AIX)
- if (strncmp(*ev, "LDR_PRELOAD=", sizeof("LDR_PRELOAD=") - 1) == 0)
- continue;
-# else
- if (strncmp(*ev, "LD_PRELOAD=", sizeof("LD_PRELOAD=") - 1) == 0)
+ }
+#ifdef RTLD_PRELOAD_ENABLE_VAR
+ if (strncmp(envp[env_len], RTLD_PRELOAD_ENABLE_VAR "=", sizeof(RTLD_PRELOAD_ENABLE_VAR)) == 0) {
+ enabled = true;
continue;
-# endif
- /* Need at least 2 slots for current element and a NULL. */
- if (env_len + 2 > env_size) {
- env_size += 128;
- nenvp = erealloc3(nenvp, env_size, sizeof(char *));
}
- nenvp[env_len++] = *ev;
+#endif
}
+
+ /* Make a new copy of envp as needed. */
+ env_size = env_len + 1 + (preload_idx == -1);
+#ifdef RTLD_PRELOAD_ENABLE_VAR
+ if (!enabled)
+ env_size++;
+#endif
+ nenvp = emalloc2(env_size, sizeof(*envp));
+ memcpy(nenvp, envp, env_len * sizeof(*envp));
nenvp[env_len] = NULL;
+
+ /* Prepend our LD_PRELOAD to existing value or add new entry at the end. */
+ if (preload_idx == -1) {
+# ifdef RTLD_PRELOAD_DEFAULT
+ easprintf(&preload, "%s=%s%s%s", RTLD_PRELOAD_VAR, sudo_conf_noexec_path(), RTLD_PRELOAD_DELIM, RTLD_PRELOAD_DEFAULT);
+# else
+ preload = fmt_string(RTLD_PRELOAD_VAR, sudo_conf_noexec_path());
+# endif
+ if (preload == NULL)
+ errorx(1, _("unable to allocate memory"));
+ nenvp[env_len++] = preload;
+ nenvp[env_len] = NULL;
+ } else {
+ easprintf(&preload, "%s=%s%s%s", RTLD_PRELOAD_VAR, sudo_conf_noexec_path(), RTLD_PRELOAD_DELIM, nenvp[preload_idx]);
+ nenvp[preload_idx] = preload;
+ }
+# ifdef RTLD_PRELOAD_ENABLE_VAR
+ if (!enabled) {
+ nenvp[env_len++] = RTLD_PRELOAD_ENABLE_VAR "=";
+ nenvp[env_len] = NULL;
+ }
+# endif
+
+ /* Install new env pointer. */
envp = nenvp;
#endif /* _PATH_SUDO_NOEXEC */
static void exec_pty(struct command_details *detail, int *errfd);
static void sigwinch(int s);
static void sync_ttysize(int src, int dst);
-static void deliver_signal(pid_t pid, int signo);
+static void deliver_signal(pid_t pid, int signo, bool from_parent);
static int safe_close(int fd);
+static void check_foreground(void);
/*
* Cleanup hook for error()/errorx()
{
debug_decl(cleanup, SUDO_DEBUG_EXEC);
- if (!tq_empty(&io_plugins))
- term_restore(io_fds[SFD_USERTTY], 0);
+ if (!tq_empty(&io_plugins) && io_fds[SFD_USERTTY] != -1) {
+ check_foreground();
+ if (foreground)
+ term_restore(io_fds[SFD_USERTTY], 0);
+ }
#ifdef HAVE_SELINUX
selinux_restore_tty();
#endif
}
/* Suspend self and continue child when we resume. */
+ zero_bytes(&sa, sizeof(sa));
+ sigemptyset(&sa.sa_mask);
+ sa.sa_flags = SA_INTERRUPT; /* do not restart syscalls */
sa.sa_handler = SIG_DFL;
sigaction(signo, &sa, &osa);
sudo_debug_printf(SUDO_DEBUG_INFO, "kill parent %d", signo);
struct io_buffer *iob;
debug_decl(io_buf_new, SUDO_DEBUG_EXEC);
- iob = emalloc(sizeof(*iob));
- zero_bytes(iob, sizeof(*iob));
+ iob = ecalloc(1, sizeof(*iob));
iob->rfd = rfd;
iob->wfd = wfd;
iob->action = action;
} while (n == -1 && errno == EINTR);
switch (n) {
case -1:
- if (errno == EAGAIN)
- break;
- if (errno != ENXIO && errno != EBADF) {
+ if (errno != EAGAIN) {
+ /* treat read error as fatal and close the fd */
sudo_debug_printf(SUDO_DEBUG_ERROR,
"error reading fd %d: %s", iob->rfd,
strerror(errno));
- errors++;
- break;
+ safe_close(iob->rfd);
+ iob->rfd = -1;
}
- /* FALLTHROUGH */
+ break;
case 0:
/* got EOF or pty has gone away */
+ sudo_debug_printf(SUDO_DEBUG_INFO,
+ "read EOF from fd %d", iob->rfd);
safe_close(iob->rfd);
iob->rfd = -1;
break;
default:
+ sudo_debug_printf(SUDO_DEBUG_INFO,
+ "read %d bytes from fd %d", n, iob->rfd);
if (!iob->action(iob->buf + iob->len, n))
terminate_child(child, true);
iob->len += n;
iob->len - iob->off);
} while (n == -1 && errno == EINTR);
if (n == -1) {
- if (errno == EPIPE || errno == ENXIO || errno == EBADF) {
+ if (errno == EPIPE || errno == ENXIO || errno == EIO || errno == EBADF) {
+ sudo_debug_printf(SUDO_DEBUG_INFO,
+ "unable to write %d bytes to fd %d",
+ iob->len - iob->off, iob->wfd);
/* other end of pipe closed or pty revoked */
if (iob->rfd != -1) {
safe_close(iob->rfd);
"error writing fd %d: %s", iob->wfd, strerror(errno));
}
} else {
+ sudo_debug_printf(SUDO_DEBUG_INFO,
+ "wrote %d bytes to fd %d", n, iob->wfd);
iob->off += n;
}
}
*/
memset(io_pipe, 0, sizeof(io_pipe));
if (io_fds[SFD_STDIN] == -1 || !isatty(STDIN_FILENO)) {
+ sudo_debug_printf(SUDO_DEBUG_INFO, "stdin not a tty, creating a pipe");
pipeline = true;
if (pipe(io_pipe[STDIN_FILENO]) != 0)
error(1, _("unable to create pipe"));
io_fds[SFD_STDIN] = io_pipe[STDIN_FILENO][0];
}
if (io_fds[SFD_STDOUT] == -1 || !isatty(STDOUT_FILENO)) {
+ sudo_debug_printf(SUDO_DEBUG_INFO, "stdout not a tty, creating a pipe");
pipeline = true;
if (pipe(io_pipe[STDOUT_FILENO]) != 0)
error(1, _("unable to create pipe"));
io_fds[SFD_STDOUT] = io_pipe[STDOUT_FILENO][1];
}
if (io_fds[SFD_STDERR] == -1 || !isatty(STDERR_FILENO)) {
+ sudo_debug_printf(SUDO_DEBUG_INFO, "stderr not a tty, creating a pipe");
if (pipe(io_pipe[STDERR_FILENO]) != 0)
error(1, _("unable to create pipe"));
iobufs = io_buf_new(io_pipe[STDERR_FILENO][0], STDERR_FILENO,
sa.sa_handler = handler;
sigaction(SIGTSTP, &sa, NULL);
+ /* We don't want to receive SIGTTIN/SIGTTOU, getting EIO is preferable. */
+ sa.sa_handler = SIG_IGN;
+ sigaction(SIGTTIN, &sa, NULL);
+ sigaction(SIGTTOU, &sa, NULL);
+
if (foreground) {
/* Copy terminal attrs from user tty -> pty slave. */
if (term_copy(io_fds[SFD_USERTTY], io_fds[SFD_SLAVE])) {
}
}
- child = fork();
+ /*
+ * The policy plugin's session init must be run before we fork
+ * or certain pam modules won't be able to track their state.
+ */
+ if (policy_init_session(details) != true)
+ errorx(1, _("policy plugin failed session initialization"));
+
+ child = sudo_debug_fork();
switch (child) {
case -1:
error(1, _("unable to fork"));
flush_output();
if (io_fds[SFD_USERTTY] != -1) {
- do {
- n = term_restore(io_fds[SFD_USERTTY], 0);
- } while (!n && errno == EINTR);
+ check_foreground();
+ if (foreground) {
+ do {
+ n = term_restore(io_fds[SFD_USERTTY], 0);
+ } while (!n && errno == EINTR);
+ }
}
/* If child was signalled, write the reason to stdout like the shell. */
io_fds[SFD_USERTTY] : STDOUT_FILENO;
if (write(n, reason, strlen(reason)) != -1) {
if (WCOREDUMP(cstat->val)) {
- if (write(n, " (core dumped)", 14) == -1)
- /* shut up glibc */;
+ ignore_result(write(n, " (core dumped)", 14));
}
- if (write(n, "\n", 1) == -1)
- /* shut up glibc */;
+ ignore_result(write(n, "\n", 1));
}
}
}
}
static void
-deliver_signal(pid_t pid, int signo)
+deliver_signal(pid_t pid, int signo, bool from_parent)
{
int status;
debug_decl(deliver_signal, SUDO_DEBUG_EXEC);
/* Handle signal from parent. */
- sudo_debug_printf(SUDO_DEBUG_INFO, "received signal %d from parent", signo);
+ sudo_debug_printf(SUDO_DEBUG_INFO, "received signal %d%s", signo,
+ from_parent ? " from parent" : "");
switch (signo) {
case SIGALRM:
terminate_child(pid, true);
/* Start command and wait for it to stop or exit */
if (pipe(errpipe) == -1)
error(1, _("unable to create pipe"));
- child = fork();
+ child = sudo_debug_fork();
if (child == -1) {
warning(_("unable to fork"));
goto bad;
exec_pty(details, &errpipe[1]);
cstat.type = CMD_ERRNO;
cstat.val = errno;
- if (write(errpipe[1], &cstat, sizeof(cstat)) == -1)
- /* shut up glibc */;
+ ignore_result(write(errpipe[1], &cstat, sizeof(cstat)));
_exit(1);
}
close(errpipe[1]);
/* Wait for errno on pipe, signal on backchannel or for SIGCHLD */
maxfd = MAX(MAX(errpipe[0], signal_pipe[0]), backchannel);
- fdsr = (fd_set *)emalloc2(howmany(maxfd + 1, NFDBITS), sizeof(fd_mask));
- zero_bytes(fdsr, howmany(maxfd + 1, NFDBITS) * sizeof(fd_mask));
- zero_bytes(&cstat, sizeof(cstat));
+ fdsr = ecalloc(howmany(maxfd + 1, NFDBITS), sizeof(fd_mask));
+ memset(&cstat, 0, sizeof(cstat));
tv.tv_sec = 0;
tv.tv_usec = 0;
for (;;) {
if (n <= 0) {
if (n == 0)
goto done;
- if (errno == EINTR)
+ if (errno == EINTR || errno == ENOMEM)
continue;
- error(1, _("select failed"));
+ warning("monitor: %s", _("select failed"));
+ break;
}
if (FD_ISSET(signal_pipe[0], fdsr)) {
* Handle SIGCHLD specially and deliver other signals
* directly to the child.
*/
- if (signo == SIGCHLD)
- alive = handle_sigchld(backchannel, &cstat);
- else
- deliver_signal(child, signo);
+ if (signo == SIGCHLD) {
+ if (!handle_sigchld(backchannel, &cstat))
+ alive = false;
+ } else {
+ deliver_signal(child, signo, false);
+ }
continue;
}
if (errpipe[0] != -1 && FD_ISSET(errpipe[0], fdsr)) {
cstmp.type);
continue;
}
- deliver_signal(child, cstmp.val);
+ deliver_signal(child, cstmp.val, true);
}
}
if (maxfd == -1)
debug_return;
- fdsr = (fd_set *)emalloc2(howmany(maxfd + 1, NFDBITS), sizeof(fd_mask));
- fdsw = (fd_set *)emalloc2(howmany(maxfd + 1, NFDBITS), sizeof(fd_mask));
+ fdsr = emalloc2(howmany(maxfd + 1, NFDBITS), sizeof(fd_mask));
+ fdsw = emalloc2(howmany(maxfd + 1, NFDBITS), sizeof(fd_mask));
for (;;) {
- zero_bytes(fdsw, howmany(maxfd + 1, NFDBITS) * sizeof(fd_mask));
- zero_bytes(fdsr, howmany(maxfd + 1, NFDBITS) * sizeof(fd_mask));
+ memset(fdsw, 0, howmany(maxfd + 1, NFDBITS) * sizeof(fd_mask));
+ memset(fdsr, 0, howmany(maxfd + 1, NFDBITS) * sizeof(fd_mask));
nwriters = 0;
for (iob = iobufs; iob; iob = iob->next) {
if (nready <= 0) {
if (nready == 0)
break; /* all I/O flushed */
- if (errno == EINTR)
+ if (errno == EINTR || errno == ENOMEM)
continue;
- error(1, _("select failed"));
+ warning(_("select failed"));
}
- if (perform_io(fdsr, fdsw, NULL) != 0)
+ if (perform_io(fdsr, fdsw, NULL) != 0 || nready == -1)
break;
}
efree(fdsr);
/* Avoid closing /dev/tty or std{in,out,err}. */
if (fd < 3 || fd == io_fds[SFD_USERTTY]) {
errno = EINVAL;
- return -1;
+ debug_return_int(-1);
}
debug_return_int(close(fd));
}
--- /dev/null
+/*
+ * Copyright (c) 2012 Todd C. Miller <Todd.Miller@courtesan.com>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <stdio.h>
+#ifdef STDC_HEADERS
+# include <stdlib.h>
+# include <stddef.h>
+#else
+# ifdef HAVE_STDLIB_H
+# include <stdlib.h>
+# endif
+#endif /* STDC_HEADERS */
+#ifdef HAVE_STRING_H
+# include <string.h>
+#endif /* HAVE_STRING_H */
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif /* HAVE_STRINGS_H */
+#ifdef HAVE_UNISTD_H
+# include <unistd.h>
+#endif /* HAVE_UNISTD_H */
+
+#include "sudo.h"
+#include "sudo_plugin.h"
+#include "sudo_plugin_int.h"
+#include "sudo_debug.h"
+
+/* Singly linked hook list. */
+struct sudo_hook_list {
+ struct sudo_hook_list *next;
+ union {
+ sudo_hook_fn_t generic_fn;
+ sudo_hook_fn_setenv_t setenv_fn;
+ sudo_hook_fn_unsetenv_t unsetenv_fn;
+ sudo_hook_fn_getenv_t getenv_fn;
+ sudo_hook_fn_putenv_t putenv_fn;
+ } u;
+ void *closure;
+};
+
+/* Each hook type gets own hook list. */
+static struct sudo_hook_list *sudo_hook_setenv_list;
+static struct sudo_hook_list *sudo_hook_unsetenv_list;
+static struct sudo_hook_list *sudo_hook_getenv_list;
+static struct sudo_hook_list *sudo_hook_putenv_list;
+
+int
+process_hooks_setenv(const char *name, const char *value, int overwrite)
+{
+ struct sudo_hook_list *hook;
+ int rc = SUDO_HOOK_RET_NEXT;
+ debug_decl(process_hooks_setenv, SUDO_DEBUG_HOOKS)
+
+ /* First process the hooks. */
+ for (hook = sudo_hook_setenv_list; hook != NULL; hook = hook->next) {
+ rc = hook->u.setenv_fn(name, value, overwrite, hook->closure);
+ switch (rc) {
+ case SUDO_HOOK_RET_NEXT:
+ break;
+ case SUDO_HOOK_RET_ERROR:
+ case SUDO_HOOK_RET_STOP:
+ goto done;
+ default:
+ warningx("invalid setenv hook return value: %d", rc);
+ break;
+ }
+ }
+done:
+ debug_return_int(rc);
+}
+
+int
+process_hooks_putenv(char *string)
+{
+ struct sudo_hook_list *hook;
+ int rc = SUDO_HOOK_RET_NEXT;
+ debug_decl(process_hooks_putenv, SUDO_DEBUG_HOOKS)
+
+ /* First process the hooks. */
+ for (hook = sudo_hook_putenv_list; hook != NULL; hook = hook->next) {
+ rc = hook->u.putenv_fn(string, hook->closure);
+ switch (rc) {
+ case SUDO_HOOK_RET_NEXT:
+ break;
+ case SUDO_HOOK_RET_ERROR:
+ case SUDO_HOOK_RET_STOP:
+ goto done;
+ default:
+ warningx("invalid putenv hook return value: %d", rc);
+ break;
+ }
+ }
+done:
+ debug_return_int(rc);
+}
+
+int
+process_hooks_getenv(const char *name, char **value)
+{
+ struct sudo_hook_list *hook;
+ char *val = NULL;
+ int rc = SUDO_HOOK_RET_NEXT;
+ debug_decl(process_hooks_getenv, SUDO_DEBUG_HOOKS)
+
+ /* First process the hooks. */
+ for (hook = sudo_hook_getenv_list; hook != NULL; hook = hook->next) {
+ rc = hook->u.getenv_fn(name, &val, hook->closure);
+ switch (rc) {
+ case SUDO_HOOK_RET_NEXT:
+ break;
+ case SUDO_HOOK_RET_ERROR:
+ case SUDO_HOOK_RET_STOP:
+ goto done;
+ default:
+ warningx("invalid getenv hook return value: %d", rc);
+ break;
+ }
+ }
+done:
+ if (val != NULL)
+ *value = val;
+ debug_return_int(rc);
+}
+
+int
+process_hooks_unsetenv(const char *name)
+{
+ struct sudo_hook_list *hook;
+ int rc = SUDO_HOOK_RET_NEXT;
+ debug_decl(process_hooks_unsetenv, SUDO_DEBUG_HOOKS)
+
+ /* First process the hooks. */
+ for (hook = sudo_hook_unsetenv_list; hook != NULL; hook = hook->next) {
+ rc = hook->u.unsetenv_fn(name, hook->closure);
+ switch (rc) {
+ case SUDO_HOOK_RET_NEXT:
+ break;
+ case SUDO_HOOK_RET_ERROR:
+ case SUDO_HOOK_RET_STOP:
+ goto done;
+ default:
+ warningx("invalid unsetenv hook return value: %d", rc);
+ break;
+ }
+ }
+done:
+ debug_return_int(rc);
+}
+
+/* Hook registration internals. */
+static void
+register_hook_internal(struct sudo_hook_list **head,
+ int (*hook_fn)(), void *closure)
+{
+ struct sudo_hook_list *hook;
+ debug_decl(register_hook_internal, SUDO_DEBUG_HOOKS)
+
+ hook = ecalloc(1, sizeof(*hook));
+ hook->u.generic_fn = hook_fn;
+ hook->closure = closure;
+ hook->next = *head;
+ *head = hook;
+
+ debug_return;
+}
+
+/* Register the specified hook. */
+int
+register_hook(struct sudo_hook *hook)
+{
+ int rval = 0;
+ debug_decl(register_hook, SUDO_DEBUG_HOOKS)
+
+ if (SUDO_HOOK_VERSION_GET_MAJOR(hook->hook_version) != SUDO_HOOK_VERSION_MAJOR) {
+ /* Major versions must match. */
+ rval = -1;
+ } else {
+ switch (hook->hook_type) {
+ case SUDO_HOOK_GETENV:
+ register_hook_internal(&sudo_hook_getenv_list, hook->hook_fn,
+ hook->closure);
+ break;
+ case SUDO_HOOK_PUTENV:
+ register_hook_internal(&sudo_hook_putenv_list, hook->hook_fn,
+ hook->closure);
+ break;
+ case SUDO_HOOK_SETENV:
+ register_hook_internal(&sudo_hook_setenv_list, hook->hook_fn,
+ hook->closure);
+ break;
+ case SUDO_HOOK_UNSETENV:
+ register_hook_internal(&sudo_hook_unsetenv_list, hook->hook_fn,
+ hook->closure);
+ break;
+ default:
+ /* XXX - use define for unknown value */
+ rval = 1;
+ break;
+ }
+ }
+
+ debug_return_int(rval);
+}
+
+/* Hook deregistration internals. */
+static void
+deregister_hook_internal(struct sudo_hook_list **head,
+ int (*hook_fn)(), void *closure)
+{
+ struct sudo_hook_list *hook, *prev = NULL;
+ debug_decl(deregister_hook_internal, SUDO_DEBUG_HOOKS)
+
+ for (hook = *head, prev = NULL; hook != NULL; prev = hook, hook = hook->next) {
+ if (hook->u.generic_fn == hook_fn && hook->closure == closure) {
+ /* Remove from list and free. */
+ if (prev == NULL)
+ *head = hook->next;
+ else
+ prev->next = hook->next;
+ efree(hook);
+ break;
+ }
+ }
+
+ debug_return;
+}
+
+/* Deregister the specified hook. */
+int
+deregister_hook(struct sudo_hook *hook)
+{
+ int rval = 0;
+ debug_decl(deregister_hook, SUDO_DEBUG_HOOKS)
+
+ if (SUDO_HOOK_VERSION_GET_MAJOR(hook->hook_version) != SUDO_HOOK_VERSION_MAJOR) {
+ /* Major versions must match. */
+ rval = -1;
+ } else {
+ switch (hook->hook_type) {
+ case SUDO_HOOK_GETENV:
+ deregister_hook_internal(&sudo_hook_getenv_list, hook->hook_fn,
+ hook->closure);
+ break;
+ case SUDO_HOOK_PUTENV:
+ deregister_hook_internal(&sudo_hook_putenv_list, hook->hook_fn,
+ hook->closure);
+ break;
+ case SUDO_HOOK_SETENV:
+ deregister_hook_internal(&sudo_hook_setenv_list, hook->hook_fn,
+ hook->closure);
+ break;
+ case SUDO_HOOK_UNSETENV:
+ deregister_hook_internal(&sudo_hook_unsetenv_list, hook->hook_fn,
+ hook->closure);
+ break;
+ default:
+ /* XXX - use define for unknown value */
+ rval = 1;
+ break;
+ }
+ }
+
+ debug_return_int(rval);
+}
}
policy_plugin->handle = handle;
policy_plugin->name = info->symbol_name;
+ policy_plugin->options = info->options;
policy_plugin->u.generic = plugin;
} else if (plugin->type == SUDO_IO_PLUGIN) {
- container = emalloc(sizeof(*container));
+ container = ecalloc(1, sizeof(*container));
container->prev = container;
- container->next = NULL;
+ /* container->next = NULL; */
container->handle = handle;
container->name = info->symbol_name;
+ container->options = info->options;
container->u.generic = plugin;
tq_append(io_plugins, container);
}
goto done;
}
+ /* Install hooks (XXX - later). */
+ if (policy_plugin->u.policy->version >= SUDO_API_MKVERSION(1, 2)) {
+ if (policy_plugin->u.policy->register_hooks != NULL)
+ policy_plugin->u.policy->register_hooks(SUDO_HOOK_VERSION, register_hook);
+ tq_foreach_fwd(io_plugins, container) {
+ if (container->u.io->register_hooks != NULL)
+ container->u.io->register_hooks(SUDO_HOOK_VERSION, register_hook);
+ }
+ }
+
rval = true;
done:
if (!mode) {
/* Defer -k mode setting until we know whether it is a flag or not */
if (sudo_settings[ARG_IGNORE_TICKET].value != NULL) {
- if (argc == 0) {
+ if (argc == 0 && !(flags & (MODE_SHELL|MODE_LOGIN_SHELL))) {
mode = MODE_INVALIDATE; /* -k by itself */
sudo_settings[ARG_IGNORE_TICKET].value = NULL;
valid_flags = 0;
# Danish translation of sudo.
# This file is put in the public domain.
-# Joe Hansen <joedalton2@yahoo.dk>, 2011.
+# Joe Hansen <joedalton2@yahoo.dk>, 2011, 2012.
#
# audit -> overvågning
# overflow -> overløb
#
-# projekt bruger konsekvent små bogstaver, og så i starten af sætninger, så dette er også
-# valgt på dansk uanset at der er : som efterfølgende normalt ville have stort
-# begyndelsesbogstav på dansk.
+# projekt bruger konsekvent små bogstaver, og så i starten af sætninger, så
+# dette er også valgt på dansk uanset at der er : som efterfølgende normalt
+# ville have stort begyndelsesbogstav på dansk.
#
msgid ""
msgstr ""
-"Project-Id-Version: sudo 1.8.2rc2\n"
+"Project-Id-Version: sudo 1.8.5-b4\n"
"Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n"
-"POT-Creation-Date: 2011-06-04 18:27-0400\n"
-"PO-Revision-Date: 2011-06-12 23:06+0100\n"
+"POT-Creation-Date: 2012-03-28 14:06-0400\n"
+"PO-Revision-Date: 2012-04-08 23:06+0100\n"
"Last-Translator: Joe Hansen <joedalton2@yahoo.dk>\n"
"Language-Team: Danish <dansk@dansk-gruppen.dk>\n"
"Language: da\n"
msgid ": "
msgstr ": "
-#: src/exec.c:125 src/exec_pty.c:573 src/exec_pty.c:880 src/tgetpass.c:224
+#: src/exec.c:105 src/exec_pty.c:616 src/exec_pty.c:948 src/tgetpass.c:221
#, c-format
msgid "unable to fork"
msgstr "kunne ikke forgrene"
-#: src/exec.c:246
+#: src/exec.c:252
#, c-format
msgid "unable to create sockets"
msgstr "kunne ikke oprette sokler"
-#: src/exec.c:253 src/exec_pty.c:526 src/exec_pty.c:534 src/exec_pty.c:541
-#: src/exec_pty.c:826 src/exec_pty.c:877 src/tgetpass.c:221
+#: src/exec.c:259 src/exec_pty.c:567 src/exec_pty.c:576 src/exec_pty.c:584
+#: src/exec_pty.c:883 src/exec_pty.c:945 src/tgetpass.c:218
#, c-format
msgid "unable to create pipe"
msgstr "kunne ikke oprette datakanal (pipe)"
-#: src/exec.c:319 src/exec_pty.c:944 src/exec_pty.c:1077
+#: src/exec.c:340 src/exec_pty.c:1011 src/exec_pty.c:1146
#, c-format
msgid "select failed"
msgstr "select fejlede"
-#: src/exec.c:387
+#: src/exec.c:425
#, c-format
msgid "unable to restore tty label"
msgstr "kunne ikke gendanne tty-etiket"
-#: src/exec_pty.c:136
+#: src/exec_common.c:69
+#, c-format
+msgid "unable to remove PRIV_PROC_EXEC from PRIV_LIMIT"
+msgstr "kan ikke fjerne PRIV_PROC_EXEC fra PRIV_LIMIT"
+
+#: src/exec_common.c:111 src/parse_args.c:432 src/sudo.c:447 src/sudo.c:467
+#: src/sudo.c:474 src/sudo.c:485 src/sudo.c:871 common/alloc.c:85
+#: common/alloc.c:105 common/alloc.c:127 common/alloc.c:146 common/alloc.c:168
+#: common/alloc.c:192 common/alloc.c:256 common/alloc.c:270
+#, c-format
+msgid "unable to allocate memory"
+msgstr "kunne ikke allokere hukommelse"
+
+#: src/exec_pty.c:140
#, c-format
msgid "unable to allocate pty"
msgstr "kunne ikke allokere pty"
-#: src/exec_pty.c:566
+#: src/exec_pty.c:609
#, c-format
msgid "unable to set terminal to raw mode"
msgstr "kunne ikke angive terminal til tilstanden rå (raw)"
-#: src/exec_pty.c:858
+#: src/exec_pty.c:926
#, c-format
msgid "unable to set controlling tty"
msgstr "kunne ikke angive kontrollerende tty"
-#: src/exec_pty.c:952
+#: src/exec_pty.c:1019
#, c-format
msgid "error reading from signal pipe"
msgstr "fejl under læsning fra signaldatakanal"
-#: src/exec_pty.c:971
+#: src/exec_pty.c:1038
#, c-format
msgid "error reading from pipe"
msgstr "fejl ved læsning fra datakanal"
-#: src/exec_pty.c:987
+#: src/exec_pty.c:1054
#, c-format
msgid "error reading from socketpair"
msgstr "fejl ved læsning fra socketpair"
-#: src/exec_pty.c:991
+#: src/exec_pty.c:1058
#, c-format
msgid "unexpected reply type on backchannel: %d"
msgstr "uventet svartype på bagkanal (backchannel): %d"
-#: src/load_plugins.c:154
+#: src/load_plugins.c:79
#, c-format
msgid "%s: %s"
msgstr "%s: %s"
-#: src/load_plugins.c:160
+#: src/load_plugins.c:85
#, c-format
msgid "%s%s: %s"
msgstr "%s%s: %s"
-#: src/load_plugins.c:170
+#: src/load_plugins.c:95
#, c-format
msgid "%s must be owned by uid %d"
msgstr "%s skal være ejet af uid %d"
# engelsk fejl be dobbelt?
-#: src/load_plugins.c:174
+#: src/load_plugins.c:99
#, c-format
msgid "%s must be only be writable by owner"
msgstr "%s må kun være skrivbar for ejeren"
-#: src/load_plugins.c:181
+#: src/load_plugins.c:106
#, c-format
msgid "unable to dlopen %s: %s"
msgstr "kunne ikke dlopen %s: %s"
-#: src/load_plugins.c:186
+#: src/load_plugins.c:111
#, c-format
msgid "%s: unable to find symbol %s"
msgstr "%s: kunne ikke finde symbol %s"
-#: src/load_plugins.c:192
+#: src/load_plugins.c:117
#, c-format
msgid "%s: unknown policy type %d"
msgstr "%s: ukendt politiktype %d"
-#: src/load_plugins.c:196
+#: src/load_plugins.c:121
#, c-format
msgid "%s: incompatible policy major version %d, expected %d"
msgstr "%s: inkompatibel politik hovedversion %d, forventede %d"
-#: src/load_plugins.c:203
+#: src/load_plugins.c:128
#, c-format
msgid "%s: only a single policy plugin may be loaded"
msgstr "%s: kun et udvidelsesmodul for én politik må være indlæst"
-#: src/load_plugins.c:221
+#: src/load_plugins.c:148
#, c-format
msgid "%s: at least one policy plugin must be specified"
msgstr "%s: mindst et udvidelsesmodul for politik skal være angivet"
-#: src/load_plugins.c:226
+#: src/load_plugins.c:153
#, c-format
msgid "policy plugin %s does not include a check_policy method"
msgstr "politikudvidelsesmodulet %s inkluderer ikke en metode for check_policy"
-#: src/net_ifs.c:155 src/net_ifs.c:164 src/net_ifs.c:176 src/net_ifs.c:185
-#: src/net_ifs.c:295 src/net_ifs.c:319
+#: src/net_ifs.c:157 src/net_ifs.c:166 src/net_ifs.c:178 src/net_ifs.c:187
+#: src/net_ifs.c:298 src/net_ifs.c:322
#, c-format
msgid "load_interfaces: overflow detected"
msgstr "load_interfaces: overløb detekteret"
-#: src/net_ifs.c:224
+#: src/net_ifs.c:227
#, c-format
msgid "unable to open socket"
msgstr "kunne ikke åbne sokkel"
-#: src/parse_args.c:180
+#: src/parse_args.c:187
#, c-format
msgid "the argument to -C must be a number greater than or equal to 3"
msgstr "argumentet for -C skal være et tal større end eller lig 3"
-#: src/parse_args.c:192
-#, c-format
-msgid "the argument to -D must be between 1 and 9 inclusive"
-msgstr "argumentet for -D skal være mellem 1 og 9; begge tal inkluderet"
-
-#: src/parse_args.c:273
+#: src/parse_args.c:276
#, c-format
msgid "unknown user: %s"
msgstr "ukendt bruger: %s"
-#: src/parse_args.c:332
+#: src/parse_args.c:335
#, c-format
msgid "you may not specify both the `-i' and `-s' options"
msgstr "du kan ikke samtidig angive tilvalgene »-i« og »-s«"
-#: src/parse_args.c:336
+#: src/parse_args.c:339
#, c-format
msgid "you may not specify both the `-i' and `-E' options"
msgstr "du kan ikke samtidig angive tilvalgende »-i« og »-E«"
-#: src/parse_args.c:346
+#: src/parse_args.c:349
#, c-format
msgid "the `-E' option is not valid in edit mode"
msgstr "tilvalget »-E« er ikke gyldigt i redigeringstilstand"
-#: src/parse_args.c:348
+#: src/parse_args.c:351
#, c-format
msgid "you may not specify environment variables in edit mode"
msgstr "du må ikke angive miljøvariabler i redigeringstilstand"
-#: src/parse_args.c:356
+#: src/parse_args.c:359
#, c-format
msgid "the `-U' option may only be used with the `-l' option"
msgstr "tilvalget »-U« må kun bruges med tilvalget »-l«"
-#: src/parse_args.c:360
+#: src/parse_args.c:363
#, c-format
msgid "the `-A' and `-S' options may not be used together"
msgstr "tilvalgene »-A« og »-S« må ikke bruges sammen"
-#: src/parse_args.c:418 src/sudo.c:398 src/sudo.c:418 src/sudo.c:426
-#: src/sudo.c:436 common/alloc.c:85 common/alloc.c:105 common/alloc.c:123
-#: common/alloc.c:145 common/alloc.c:203 common/alloc.c:217
-#, c-format
-msgid "unable to allocate memory"
-msgstr "kunne ikke allokere hukommelse"
-
-#: src/parse_args.c:431
+#: src/parse_args.c:445
#, c-format
msgid "sudoedit is not supported on this platform"
msgstr "sudoedit er ikke understøttet på denne platform"
-#: src/parse_args.c:502
+#: src/parse_args.c:518
#, c-format
msgid "Only one of the -e, -h, -i, -K, -l, -s, -v or -V options may be specified"
msgstr "Kun et af tilvalgene -e, -h, -i, -K, -l, -s, -v eller -V må angives"
-#: src/parse_args.c:515
+#: src/parse_args.c:532
#, c-format
msgid ""
"%s - edit files as another user\n"
"%s - rediger filer som en anden bruger\n"
"\n"
-#: src/parse_args.c:517
+#: src/parse_args.c:534
#, c-format
msgid ""
"%s - execute a command as another user\n"
"%s - udfør en kommando som en anden bruger\n"
"\n"
-#: src/parse_args.c:522
+#: src/parse_args.c:539
#, c-format
msgid ""
"\n"
"\n"
"Tilvalg:\n"
-#: src/parse_args.c:525
+#: src/parse_args.c:542
msgid "use helper program for password prompting\n"
msgstr "brug hjælpeprogram for indhentelse af adgangskode\n"
-#: src/parse_args.c:528
+#: src/parse_args.c:545
msgid "use specified BSD authentication type\n"
msgstr "brug angivet BSD-godkendelsestype\n"
-#: src/parse_args.c:530
+#: src/parse_args.c:547
msgid "run command in the background\n"
msgstr "kør kommando i baggrunden\n"
-#: src/parse_args.c:532
+#: src/parse_args.c:549
msgid "close all file descriptors >= fd\n"
msgstr "luk alle filbeskrivelser >= fd\n"
-#: src/parse_args.c:535
+#: src/parse_args.c:552
msgid "run command with specified login class\n"
msgstr "kør kommando med angivet logindklasse\n"
-#: src/parse_args.c:538
+#: src/parse_args.c:555
msgid "preserve user environment when executing command\n"
msgstr "bevar brugermiljø når kommando udføres\n"
-#: src/parse_args.c:540
+#: src/parse_args.c:557
msgid "edit files instead of running a command\n"
msgstr "rediger filer i stedet for at køre en kommando\n"
-#: src/parse_args.c:542
+#: src/parse_args.c:559
msgid "execute command as the specified group\n"
msgstr "udfør kommando som den angivne gruppe\n"
-#: src/parse_args.c:544
+#: src/parse_args.c:561
msgid "set HOME variable to target user's home dir.\n"
msgstr "angiv HOME-variabel til målbrugers hjemmemappe.\n"
-#: src/parse_args.c:546
+#: src/parse_args.c:563
msgid "display help message and exit\n"
msgstr "vis hjælpetekst og afslut\n"
-#: src/parse_args.c:548
+#: src/parse_args.c:565
msgid "run a login shell as target user\n"
msgstr "kør en logindskal som målbruger\n"
-#: src/parse_args.c:550
+#: src/parse_args.c:567
msgid "remove timestamp file completely\n"
msgstr "fjern tidsstempelfil fuldstændig\n"
-#: src/parse_args.c:552
+#: src/parse_args.c:569
msgid "invalidate timestamp file\n"
msgstr "ugyldiggør tidsstempelfil\n"
-#: src/parse_args.c:554
+#: src/parse_args.c:571
msgid "list user's available commands\n"
msgstr "vis brugers tilgængelige kommandoer\n"
-#: src/parse_args.c:556
+#: src/parse_args.c:573
msgid "non-interactive mode, will not prompt user\n"
msgstr "ikkeinteraktiv tilstand, vil ikke spørge bruger\n"
-#: src/parse_args.c:558
+#: src/parse_args.c:575
msgid "preserve group vector instead of setting to target's\n"
msgstr "bevar gruppevektor i stedet for at sætte til målets\n"
-#: src/parse_args.c:560
+#: src/parse_args.c:577
msgid "use specified password prompt\n"
msgstr "brug angivet logind for adgangskode\n"
-#: src/parse_args.c:563 src/parse_args.c:571
+#: src/parse_args.c:580 src/parse_args.c:588
msgid "create SELinux security context with specified role\n"
msgstr "opret SELinux-sikkerhedskontekt med angivet rolle\n"
-#: src/parse_args.c:566
+#: src/parse_args.c:583
msgid "read password from standard input\n"
msgstr "læs adgangskode fra standardinddata\n"
-#: src/parse_args.c:568
+#: src/parse_args.c:585
msgid "run a shell as target user\n"
msgstr "kør en skal som målbruger\n"
-#: src/parse_args.c:574
+#: src/parse_args.c:591
msgid "when listing, list specified user's privileges\n"
msgstr "når der listes, så list angivne brugers privilegier\n"
-#: src/parse_args.c:576
+#: src/parse_args.c:593
msgid "run command (or edit file) as specified user\n"
msgstr "kør kommando (eller rediger fil) som angivet bruger\n"
-#: src/parse_args.c:578
+#: src/parse_args.c:595
msgid "display version information and exit\n"
msgstr "vis versionsinformation og afslut\n"
-#: src/parse_args.c:580
+#: src/parse_args.c:597
msgid "update user's timestamp without running a command\n"
msgstr "opdater brugers tidsstempel uden at køre en kommando\n"
-#: src/parse_args.c:582
+#: src/parse_args.c:599
msgid "stop processing command line arguments\n"
msgstr "stop behandling af parametre for kommandolinjen\n"
-#: src/selinux.c:75
+#: src/selinux.c:77
#, c-format
msgid "unable to open audit system"
msgstr "kunne ikke åbne overvågningssystem"
msgid "unable to send audit message"
msgstr "kunne ikke sende overvågningsbesked"
-#: src/selinux.c:112
+#: src/selinux.c:113
#, c-format
msgid "unable to fgetfilecon %s"
msgstr "kunne ikke fgetfilecon %s"
-#: src/selinux.c:117
+#: src/selinux.c:118
#, c-format
msgid "%s changed labels"
msgstr "%s ændrede etiketter"
-#: src/selinux.c:122
+#: src/selinux.c:123
#, c-format
msgid "unable to restore context for %s"
msgstr "kan ikke gendanne kontekst for %s"
-#: src/selinux.c:161
+#: src/selinux.c:163
#, c-format
msgid "unable to open %s, not relabeling tty"
msgstr "kan ikke åbne %s, giver ikke ny etiket til tty"
-#: src/selinux.c:170
+#: src/selinux.c:172
#, c-format
msgid "unable to get current tty context, not relabeling tty"
msgstr "kan ikke indhente aktuel tty-kontekst, giver ikke ny etiket til tty"
-#: src/selinux.c:177
+#: src/selinux.c:179
#, c-format
msgid "unable to get new tty context, not relabeling tty"
msgstr "kan ikke indhente ny tty-kontekst, giver ikke nyt etiket til tty"
-#: src/selinux.c:184
+#: src/selinux.c:186
#, c-format
msgid "unable to set new tty context"
msgstr "kan ikke angive ny tty-kontekst"
-#: src/selinux.c:194 src/selinux.c:207 src/sudo.c:330
+#: src/selinux.c:196 src/selinux.c:209 src/sudo.c:333 common/sudo_conf.c:328
#, c-format
msgid "unable to open %s"
msgstr "kan ikke åbne %s"
-#: src/selinux.c:249
+#: src/selinux.c:252
#, c-format
msgid "you must specify a role for type %s"
msgstr "du skal angive en rolle for type %s"
-#: src/selinux.c:255
+#: src/selinux.c:258
#, c-format
msgid "unable to get default type for role %s"
msgstr "kan ikke indhente standardtype for rolle %s"
-#: src/selinux.c:273
+#: src/selinux.c:276
#, c-format
msgid "failed to set new role %s"
msgstr "kunne ikke angive ny rolle %s"
-#: src/selinux.c:277
+#: src/selinux.c:280
#, c-format
msgid "failed to set new type %s"
msgstr "kunne ikke angive ny type %s"
-#: src/selinux.c:286
+#: src/selinux.c:289
#, c-format
msgid "%s is not a valid context"
msgstr "%s er ikke en gyldig kontekst"
-#: src/selinux.c:320
+#: src/selinux.c:324
#, c-format
msgid "failed to get old_context"
msgstr "kunne ikke indhente gammel_kontekst (old_context)"
-#: src/selinux.c:326
+#: src/selinux.c:330
#, c-format
msgid "unable to determine enforcing mode."
msgstr "kunne ikke bestemme tilstanden gennemtving (enforcing)."
-#: src/selinux.c:338
+#: src/selinux.c:342
#, c-format
msgid "unable to setup tty context for %s"
msgstr "kunne ikke opsætte tty-kontekst for %s"
-#: src/selinux.c:367
+#: src/selinux.c:373
#, c-format
msgid "unable to set exec context to %s"
msgstr "kunne ikke angive kørselskontekt til %s"
# engelsk: mangler vist lidt info her tast eller nøgle. mon ikke det er nøgle
-#: src/selinux.c:374
+#: src/selinux.c:380
#, c-format
msgid "unable to set key creation context to %s"
msgstr "kunne ikke angive nøgleoprettelseskontekst til %s"
-#: src/sesh.c:48
+#: src/sesh.c:70
+#, c-format
msgid "requires at least one argument"
msgstr "kræver mindst et argument"
-#: src/sesh.c:64
+#: src/sesh.c:91
#, c-format
msgid "unable to execute %s"
msgstr "kan ikke køre %s"
-#: src/sudo.c:192
-#, c-format
-msgid "must be setuid root"
-msgstr "skal være setuid root"
-
-#: src/sudo.c:210
+#: src/sudo.c:213
#, c-format
msgid "Sudo version %s\n"
msgstr "Sudo version %s\n"
-#: src/sudo.c:212
+#: src/sudo.c:215
#, c-format
msgid "Configure options: %s\n"
msgstr "Konfigurationsindstillinger: %s\n"
-#: src/sudo.c:217
+#: src/sudo.c:220
#, c-format
msgid "fatal error, unable to load plugins"
msgstr "fatal fejl, kan ikke indlæse udvidelsesmoduler"
-#: src/sudo.c:225
+#: src/sudo.c:228
#, c-format
msgid "unable to initialize policy plugin"
msgstr "kan ikke initialisere udvidelsesmodul for politik"
-#: src/sudo.c:280
+#: src/sudo.c:283
#, c-format
msgid "error initializing I/O plugin %s"
msgstr "fejl under initialisering af I/O-udvidelsesmodulet %s"
-#: src/sudo.c:307
+#: src/sudo.c:308
#, c-format
msgid "unexpected sudo mode 0x%x"
msgstr "uventet sudo-tilstand 0x%x"
-#: src/sudo.c:356
+#: src/sudo.c:402
#, c-format
msgid "unable to get group vector"
msgstr "kan ikke indhente gruppevektor"
-#: src/sudo.c:394
+#: src/sudo.c:443
#, c-format
msgid "unknown uid %u: who are you?"
msgstr "ukendt uid %u: hvem er du?"
-#: src/sudo.c:734
+#: src/sudo.c:735
+#, c-format
+msgid "%s must be owned by uid %d and have the setuid bit set"
+msgstr "%s skal være ejet af uid %d og have setuid bit angivet"
+
+#: src/sudo.c:738
+#, c-format
+msgid "effective uid is not %d, is %s on a file system with the 'nosuid' option set or an NFS file system without root privileges?"
+msgstr "effektiv uid er ikke %d, er %s på et filsystem med indstillingen »nosuid« angivet eller et NFS-filsytsem uden administratorprivilegier (root)?"
+
+#: src/sudo.c:744
+#, c-format
+msgid "effective uid is not %d, is sudo installed setuid root?"
+msgstr "effektiv uid er ikke %d, er sudo installeret setuid root?"
+
+#: src/sudo.c:813
#, c-format
msgid "resource control limit has been reached"
msgstr "grænse for ressourcekontrol er nået"
-#: src/sudo.c:737
+#: src/sudo.c:816
#, c-format
msgid "user \"%s\" is not a member of project \"%s\""
msgstr "bruger »%s« er ikke medlem af projektet »%s«"
-#: src/sudo.c:741
+#: src/sudo.c:820
#, c-format
msgid "the invoking task is final"
msgstr "start af opgave er færdig"
-#: src/sudo.c:744
+#: src/sudo.c:823
#, c-format
msgid "could not join project \"%s\""
msgstr "kunne ikke slutte til projekt »%s«"
-#: src/sudo.c:749
+#: src/sudo.c:828
#, c-format
msgid "no resource pool accepting default bindings exists for project \"%s\""
msgstr "ingen ressourcekø som accepterer standardbindinger findes for projekt »%s«"
-#: src/sudo.c:753
+#: src/sudo.c:832
#, c-format
msgid "specified resource pool does not exist for project \"%s\""
msgstr "angivet ressourcekø findes ikke for projekt »%s«"
-#: src/sudo.c:757
+#: src/sudo.c:836
#, c-format
msgid "could not bind to default resource pool for project \"%s\""
msgstr "kunne ikke binde til standardressourcekø for projekt »%s«"
-#: src/sudo.c:763
+#: src/sudo.c:842
#, c-format
msgid "setproject failed for project \"%s\""
msgstr "setproject fejlede for projekt »%s«"
-#: src/sudo.c:765
+#: src/sudo.c:844
#, c-format
msgid "warning, resource control assignment failed for project \"%s\""
msgstr "advarsel, ressourcekontroltildeling fejlede for projekt »%s«"
-#: src/sudo.c:791
-#, c-format
-msgid "unable to remove PRIV_PROC_EXEC from PRIV_LIMIT"
-msgstr "kan ikke fjerne PRIV_PROC_EXEC fra PRIV_LIMIT"
-
-#: src/sudo.c:895
+#: src/sudo.c:909
#, c-format
msgid "unknown login class %s"
msgstr "ukendt logindklasse %s"
-#: src/sudo.c:902 src/sudo.c:905
+#: src/sudo.c:923 src/sudo.c:926
#, c-format
msgid "unable to set user context"
msgstr "kan ikke angive brugerkontekst"
-#: src/sudo.c:916
+#: src/sudo.c:938
+#, c-format
+msgid "unable to set supplementary group IDs"
+msgstr "kunne ikke angive supplerende gruppe-id'er"
+
+#: src/sudo.c:945
#, c-format
msgid "unable to set effective gid to runas gid %u"
msgstr "kan ikke angive effektiv gid til runas gid %u"
-#: src/sudo.c:921
+#: src/sudo.c:951
#, c-format
msgid "unable to set gid to runas gid %u"
msgstr "kunne ikke angive gid til runas gid %u"
-#: src/sudo.c:929 src/sudo.c:935
-#, c-format
-msgid "unable to set supplementary group IDs"
-msgstr "kunne ikke angive supplerende gruppe-id'er"
-
-#: src/sudo.c:943
+#: src/sudo.c:958
#, c-format
msgid "unable to set process priority"
msgstr "kunne ikke angive procesprioritet"
-#: src/sudo.c:951
+#: src/sudo.c:966
#, c-format
msgid "unable to change root to %s"
msgstr "kunne ikke ændre administrator (root) til %s"
-#: src/sudo.c:961 src/sudo.c:967 src/sudo.c:973
+#: src/sudo.c:973 src/sudo.c:979 src/sudo.c:985
#, c-format
msgid "unable to change to runas uid (%u, %u)"
msgstr "kunne ikke ændre til runas uid (%u, %u)"
-#: src/sudo.c:987
+#: src/sudo.c:999
#, c-format
msgid "unable to change directory to %s"
msgstr "kunne ikke ændre mappe til %s"
-#: src/sudo.c:1078
+#: src/sudo.c:1072
#, c-format
msgid "unexpected child termination condition: %d"
msgstr "uventet underbetingelse for terminering: %d"
-#: src/sudo.c:1118
+#: src/sudo.c:1133
#, c-format
msgid "policy plugin %s does not support listing privileges"
msgstr "politikudvidelsesmodul %s understøter ikke listning af privilegier"
-#: src/sudo.c:1129
+#: src/sudo.c:1145
#, c-format
msgid "policy plugin %s does not support the -v option"
msgstr "politikudvidelsesmodul %s understøtter ikke tilvalget -v"
-#: src/sudo.c:1140
+#: src/sudo.c:1157
#, c-format
msgid "policy plugin %s does not support the -k/-K options"
msgstr "politikudvidelsesmodul %s understøtter ikke tilvalget -k/-K"
-#: src/sudo_edit.c:108
+#: src/sudo_edit.c:111
#, c-format
msgid "unable to change uid to root (%u)"
msgstr "kunne ikke ændre uid til root (%u)"
-#: src/sudo_edit.c:140
+#: src/sudo_edit.c:143
#, c-format
msgid "plugin error: missing file list for sudoedit"
msgstr "fejl i udvidelsesmodul: mangler filliste for sudoedit"
-#: src/sudo_edit.c:172 src/sudo_edit.c:280
+#: src/sudo_edit.c:171 src/sudo_edit.c:271
#, c-format
msgid "%s: not a regular file"
msgstr "%s: ikke en regulær fil"
-#: src/sudo_edit.c:206 src/sudo_edit.c:316
+#: src/sudo_edit.c:205 src/sudo_edit.c:307
#, c-format
msgid "%s: short write"
msgstr "%s: kort skrivning"
-#: src/sudo_edit.c:281
+#: src/sudo_edit.c:272
#, c-format
msgid "%s left unmodified"
msgstr "%s tilbage uændrede"
-#: src/sudo_edit.c:294
+#: src/sudo_edit.c:285
#, c-format
msgid "%s unchanged"
msgstr "%s uændrede"
-#: src/sudo_edit.c:306 src/sudo_edit.c:327
+#: src/sudo_edit.c:297 src/sudo_edit.c:318
#, c-format
msgid "unable to write to %s"
msgstr "kan ikke skrive til %s"
-#: src/sudo_edit.c:307 src/sudo_edit.c:325 src/sudo_edit.c:328
+#: src/sudo_edit.c:298 src/sudo_edit.c:316 src/sudo_edit.c:319
#, c-format
msgid "contents of edit session left in %s"
msgstr "indhold fra redigeringssession tilbage i %s"
-#: src/sudo_edit.c:324
+#: src/sudo_edit.c:315
#, c-format
msgid "unable to read temporary file"
msgstr "kan ikke læse midlertidig fil"
-#: src/tgetpass.c:95
+#: src/tgetpass.c:90
#, c-format
msgid "no tty present and no askpass program specified"
msgstr "ingen tty til stede og intet askpass-program angivet"
-#: src/tgetpass.c:104
+#: src/tgetpass.c:99
#, c-format
msgid "no askpass program specified, try setting SUDO_ASKPASS"
msgstr "intet askpass-program angivet, forsøg at angive SUDO_ASKPASS"
-#: src/tgetpass.c:234
+#: src/tgetpass.c:231
#, c-format
msgid "unable to set gid to %u"
msgstr "kan ikke angive gid til %u"
-#: src/tgetpass.c:238
+#: src/tgetpass.c:235
#, c-format
msgid "unable to set uid to %u"
msgstr "kan ikke angive uid til %u"
-#: src/tgetpass.c:243
+#: src/tgetpass.c:240
#, c-format
msgid "unable to run %s"
msgstr "kan ikke køre %s"
-#: src/utmp.c:263
+#: src/utmp.c:278
#, c-format
msgid "unable to save stdin"
msgstr "kan ikke gemme til stdin"
-#: src/utmp.c:265
+#: src/utmp.c:280
#, c-format
msgid "unable to dup2 stdin"
msgstr "kan ikke dup2 stdin"
-#: src/utmp.c:268
+#: src/utmp.c:283
#, c-format
msgid "unable to restore stdin"
msgstr "kan ikke gendanne stdin"
-#: common/aix.c:144
+#: common/aix.c:149
#, c-format
msgid "unable to open userdb"
msgstr "kan ikke åbne userdb"
-#: common/aix.c:147
+#: common/aix.c:152
#, c-format
msgid "unable to switch to registry \"%s\" for %s"
msgstr "kan ikke skifte til register »%s« for %s"
-#: common/aix.c:161
+#: common/aix.c:169
#, c-format
msgid "unable to restore registry"
msgstr "kan ikke gendanne register"
#: common/alloc.c:82
-#, c-format
msgid "internal error, tried to emalloc(0)"
msgstr "intern fejl, forsøgte at emalloc(0)"
#: common/alloc.c:99
-#, c-format
msgid "internal error, tried to emalloc2(0)"
msgstr "intern fejl, forsøgte at emalloc2(0)"
#: common/alloc.c:101
-#, c-format
msgid "internal error, emalloc2() overflow"
msgstr "intern fejl, emalloc2()-overløb"
-#: common/alloc.c:119
-#, c-format
+#: common/alloc.c:120
+msgid "internal error, tried to ecalloc(0)"
+msgstr "intern fejl, forsøgte at ecalloc(0)"
+
+#: common/alloc.c:123
+msgid "internal error, ecalloc() overflow"
+msgstr "intern fejl, ecalloc()-overløb"
+
+#: common/alloc.c:142
msgid "internal error, tried to erealloc(0)"
msgstr "intern fejl, forsøgte at erealloc(0)"
-#: common/alloc.c:138
-#, c-format
+#: common/alloc.c:161 common/alloc.c:185
msgid "internal error, tried to erealloc3(0)"
msgstr "intern fejl, forsøgte at erealloc3(0)"
-#: common/alloc.c:140
-#, c-format
+#: common/alloc.c:163 common/alloc.c:187
msgid "internal error, erealloc3() overflow"
msgstr "intern fejl, erealloc3()-overløb"
+#: common/sudo_conf.c:306
+#, c-format
+msgid "unable to stat %s"
+msgstr "kan ikke køre stat %s"
+
+#: common/sudo_conf.c:309
+#, c-format
+msgid "%s is not a regular file"
+msgstr "%s er ikke en regulær fil"
+
+#: common/sudo_conf.c:312
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "%s er ejet af uid %u, burde være %u"
+
+#: common/sudo_conf.c:316
+#, c-format
+msgid "%s is world writable"
+msgstr "%s er skrivbar for alle"
+
+#: common/sudo_conf.c:319
+#, c-format
+msgid "%s is group writable"
+msgstr "%s er skrivbar for gruppe"
+
#: compat/strsignal.c:47
msgid "Unknown signal"
msgstr "ukendt signal"
+
+#~ msgid "must be setuid root"
+#~ msgstr "skal være setuid root"
+
+#~ msgid "the argument to -D must be between 1 and 9 inclusive"
+#~ msgstr "argumentet for -D skal være mellem 1 og 9; begge tal inkluderet"
--- /dev/null
+# German translation for sudo.
+# This file is distributed under the same license as the sudo package.
+# Mario Blättermann <mario.blaettermann@gmail.com>, 2012.
+# Jakob Kramer <jakob.kramer@gmx.de>, 2012.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: sudo 1.8.5rc3\n"
+"Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n"
+"POT-Creation-Date: 2012-04-24 13:41-0400\n"
+"PO-Revision-Date: 2012-04-29 14:32+0200\n"
+"Last-Translator: Jakob Kramer <jakob.kramer@gmx.de>\n"
+"Language-Team: German <translation-team-de@lists.sourceforge.net>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=utf-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+"X-Poedit-Language: German\n"
+"X-Poedit-Country: GERMANY\n"
+
+#: common/aix.c:149
+#, c-format
+msgid "unable to open userdb"
+msgstr "Nutzerdatenbank konnte nicht geöffnet werden"
+
+#: common/aix.c:152
+#, c-format
+msgid "unable to switch to registry \"%s\" for %s"
+msgstr "Es konnte nicht zur Registrierungsdatenbank »%s« von %s gewechselt werden"
+
+#: common/aix.c:169
+#, c-format
+msgid "unable to restore registry"
+msgstr "Registrierungsdatenbank konnte nicht wiederhergestellt werden"
+
+#: common/alloc.c:82
+msgid "internal error, tried to emalloc(0)"
+msgstr "Interner Fehler: Es wurde versucht, emalloc(0) auszuführen"
+
+#: common/alloc.c:85 common/alloc.c:105 common/alloc.c:127 common/alloc.c:146
+#: common/alloc.c:168 common/alloc.c:192 common/alloc.c:256 common/alloc.c:270
+#: src/exec_common.c:111 src/parse_args.c:432 src/sudo.c:456 src/sudo.c:482
+#: src/sudo.c:489 src/sudo.c:500 src/sudo.c:737
+#, c-format
+msgid "unable to allocate memory"
+msgstr "Speicher konnte nicht zugewiesen werden"
+
+#: common/alloc.c:99
+msgid "internal error, tried to emalloc2(0)"
+msgstr "Interner Fehler: Es wurde versucht, emalloc2(0) auszuführen"
+
+#: common/alloc.c:101
+msgid "internal error, emalloc2() overflow"
+msgstr "Interner Fehler: Überlauf bei emalloc2()"
+
+#: common/alloc.c:120
+msgid "internal error, tried to ecalloc(0)"
+msgstr "Interner Fehler: Es wurde versucht, ecalloc(0) auszuführen"
+
+#: common/alloc.c:123
+msgid "internal error, ecalloc() overflow"
+msgstr "Interner Fehler: Überlauf bei ecalloc()"
+
+#: common/alloc.c:142
+msgid "internal error, tried to erealloc(0)"
+msgstr "Interner Fehler: Es wurde versucht, erealloc(0) auszuführen"
+
+#: common/alloc.c:161 common/alloc.c:185
+msgid "internal error, tried to erealloc3(0)"
+msgstr "Interner Fehler: Es wurde versucht, erealloc3(0) auszuführen"
+
+#: common/alloc.c:163 common/alloc.c:187
+msgid "internal error, erealloc3() overflow"
+msgstr "Interner Fehler, Überlauf bei erealloc3()"
+
+#: common/sudo_conf.c:306
+#, c-format
+msgid "unable to stat %s"
+msgstr "stat konnte nicht auf %s angewandt werden"
+
+#: common/sudo_conf.c:309
+#, c-format
+msgid "%s is not a regular file"
+msgstr "%s ist keine reguläre Datei"
+
+#: common/sudo_conf.c:312
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "%s gehört Benutzer mit UID %u, sollte allerdings %u gehören"
+
+#: common/sudo_conf.c:316
+#, c-format
+msgid "%s is world writable"
+msgstr "%s kann von allen verändert werden"
+
+#: common/sudo_conf.c:319
+#, c-format
+msgid "%s is group writable"
+msgstr "%s kann von der Gruppe verändert werden"
+
+#: common/sudo_conf.c:328 src/selinux.c:196 src/selinux.c:209 src/sudo.c:331
+#, c-format
+msgid "unable to open %s"
+msgstr "%s konnte nicht geöffnet werden"
+
+#: compat/strsignal.c:47
+msgid "Unknown signal"
+msgstr "Unbekanntes Signal"
+
+#: src/error.c:82 src/error.c:86
+msgid ": "
+msgstr ": "
+
+#: src/exec.c:107 src/exec_pty.c:628
+#, c-format
+msgid "policy plugin failed session initialization"
+msgstr "Regelwerks-Plugin konnte Sitzung nicht initialisieren"
+
+#: src/exec.c:112 src/exec_pty.c:633 src/exec_pty.c:967 src/tgetpass.c:221
+#, c-format
+msgid "unable to fork"
+msgstr "Es konnte nicht geforkt werden"
+
+#: src/exec.c:259
+#, c-format
+msgid "unable to create sockets"
+msgstr "Sockets konnten nicht hergestellt werden"
+
+#: src/exec.c:266 src/exec_pty.c:572 src/exec_pty.c:581 src/exec_pty.c:589
+#: src/exec_pty.c:902 src/exec_pty.c:964 src/tgetpass.c:218
+#, c-format
+msgid "unable to create pipe"
+msgstr "Weiterleitung konnte nicht erstellt werden"
+
+#: src/exec.c:351 src/exec_pty.c:1029 src/exec_pty.c:1167
+#, c-format
+msgid "select failed"
+msgstr "»select« schlug fehl"
+
+#: src/exec.c:441
+#, c-format
+msgid "unable to restore tty label"
+msgstr "TTY-Kennzeichnung konnte nicht wiederhergestellt werden"
+
+#: src/exec_common.c:69
+#, c-format
+msgid "unable to remove PRIV_PROC_EXEC from PRIV_LIMIT"
+msgstr "PRIV_PROC_EXEC konnte nicht von PRIV_LIMIT entfernt werden"
+
+#: src/exec_pty.c:144
+#, c-format
+msgid "unable to allocate pty"
+msgstr "PTY konnte nicht vergeben werden"
+
+#: src/exec_pty.c:619
+#, c-format
+msgid "unable to set terminal to raw mode"
+msgstr "Terminal konnte nicht in den Rohmodus gesetzt werden"
+
+#: src/exec_pty.c:945
+#, c-format
+msgid "unable to set controlling tty"
+msgstr "Kontrollierendes TTY konnte nicht gesetzt werden"
+
+#: src/exec_pty.c:1038
+#, c-format
+msgid "error reading from signal pipe"
+msgstr "Fehler beim Lesen der Signal-Pipe"
+
+#: src/exec_pty.c:1059
+#, c-format
+msgid "error reading from pipe"
+msgstr "Fehler beim Lesen der Pipe"
+
+#: src/exec_pty.c:1075
+#, c-format
+msgid "error reading from socketpair"
+msgstr "Fehler beim Lesen des Socket-Paars"
+
+#: src/exec_pty.c:1079
+#, c-format
+msgid "unexpected reply type on backchannel: %d"
+msgstr "Unerwarteter Antworttyp auf Rückmeldungskanal: %d"
+
+#: src/load_plugins.c:79
+#, c-format
+msgid "%s: %s"
+msgstr "%s: %s"
+
+#: src/load_plugins.c:85
+#, c-format
+msgid "%s%s: %s"
+msgstr "%s%s: %s"
+
+#: src/load_plugins.c:95
+#, c-format
+msgid "%s must be owned by uid %d"
+msgstr "%s muss Benutzer mit UID %d gehören"
+
+#: src/load_plugins.c:99
+#, c-format
+msgid "%s must be only be writable by owner"
+msgstr "%s darf nur vom Besitzer beschreibbar sein"
+
+#: src/load_plugins.c:106
+#, c-format
+msgid "unable to dlopen %s: %s"
+msgstr "dlopen konnte nicht auf %s ausgeführt werden: %s"
+
+#: src/load_plugins.c:111
+#, c-format
+msgid "%s: unable to find symbol %s"
+msgstr "%s: Symbol %s konnte nicht gefunden werden"
+
+#: src/load_plugins.c:117
+#, c-format
+msgid "%s: unknown policy type %d"
+msgstr "%s: Unbekannter Regelwerktyp %d"
+
+#: src/load_plugins.c:121
+#, c-format
+msgid "%s: incompatible policy major version %d, expected %d"
+msgstr "%s: Inkompatible Hauptversion %d des Regelwerks, %d erwartet"
+
+#: src/load_plugins.c:128
+#, c-format
+msgid "%s: only a single policy plugin may be loaded"
+msgstr "%s: Nur ein einziges Regelwerks-Plugin kann geladen werden"
+
+#: src/load_plugins.c:148
+#, c-format
+msgid "%s: at least one policy plugin must be specified"
+msgstr "%s: Mindestens ein Regelwerks-Plugin muss festgelegt werden"
+
+#: src/load_plugins.c:153
+#, c-format
+msgid "policy plugin %s does not include a check_policy method"
+msgstr "Das Regelwerks-Plugin %s enthält keine check_policy-Methode"
+
+#: src/net_ifs.c:157 src/net_ifs.c:166 src/net_ifs.c:178 src/net_ifs.c:187
+#: src/net_ifs.c:298 src/net_ifs.c:322
+#, c-format
+msgid "load_interfaces: overflow detected"
+msgstr "load_interfaces: Überlauf entdeckt"
+
+#: src/net_ifs.c:227
+#, c-format
+msgid "unable to open socket"
+msgstr "Socket konnte nicht geöffnet werden"
+
+#: src/parse_args.c:187
+#, c-format
+msgid "the argument to -C must be a number greater than or equal to 3"
+msgstr "Das Argument für -C muss eine Zahl größergleich 3 sein"
+
+#: src/parse_args.c:276
+#, c-format
+msgid "unknown user: %s"
+msgstr "Unbekannter Benutzer: %s"
+
+#: src/parse_args.c:335
+#, c-format
+msgid "you may not specify both the `-i' and `-s' options"
+msgstr "Die Optionen »-i« und »-s« können nicht gemeinsam benutzt werden"
+
+#: src/parse_args.c:339
+#, c-format
+msgid "you may not specify both the `-i' and `-E' options"
+msgstr "Die Optionen »-i« und »-E« können nicht gemeinsam benutzt werden"
+
+#: src/parse_args.c:349
+#, c-format
+msgid "the `-E' option is not valid in edit mode"
+msgstr "Die Option »-E« ist im Bearbeiten-Modus ungültig"
+
+#: src/parse_args.c:351
+#, c-format
+msgid "you may not specify environment variables in edit mode"
+msgstr "Im Bearbeiten-Modus können keine Umgebungsvariablen gesetzt werden"
+
+#: src/parse_args.c:359
+#, c-format
+msgid "the `-U' option may only be used with the `-l' option"
+msgstr "Die »-U«-Option kann nur zusammen mit »-l« benutzt werden"
+
+#: src/parse_args.c:363
+#, c-format
+msgid "the `-A' and `-S' options may not be used together"
+msgstr "Die Optionen »-A« und »-S« können nicht gemeinsam benutzt werden"
+
+#: src/parse_args.c:445
+#, c-format
+msgid "sudoedit is not supported on this platform"
+msgstr "sudoedit ist auf dieser Plattform nicht verfügbar"
+
+#: src/parse_args.c:518
+#, c-format
+msgid "Only one of the -e, -h, -i, -K, -l, -s, -v or -V options may be specified"
+msgstr "Nur eine der Optionen -e, -h, -i, -K, -l, -s, -v oder -V darf angegeben werden"
+
+#: src/parse_args.c:532
+#, c-format
+msgid ""
+"%s - edit files as another user\n"
+"\n"
+msgstr ""
+"%s - Dateien als anderer Benutzer verändern\n"
+"\n"
+
+#: src/parse_args.c:534
+#, c-format
+msgid ""
+"%s - execute a command as another user\n"
+"\n"
+msgstr ""
+"%s - Einen Befehl als anderer Benutzer ausführen\n"
+"\n"
+
+#: src/parse_args.c:539
+#, c-format
+msgid ""
+"\n"
+"Options:\n"
+msgstr ""
+"\n"
+"Optionen:\n"
+
+#: src/parse_args.c:542
+msgid "use helper program for password prompting\n"
+msgstr "Hilfsprogramm zum Eingeben des Passworts verwenden\n"
+
+#: src/parse_args.c:545
+msgid "use specified BSD authentication type\n"
+msgstr "Angegebenen BSD-Legitimierungstypen verwenden\n"
+
+#: src/parse_args.c:547
+msgid "run command in the background\n"
+msgstr "Befehl im Hintergrund ausführen\n"
+
+#: src/parse_args.c:549
+msgid "close all file descriptors >= fd\n"
+msgstr "Alle Dateideskriptoren >= fd schließen\n"
+
+#: src/parse_args.c:552
+msgid "run command with specified login class\n"
+msgstr "Befehl unter angegebener Login-Klasse ausführen\n"
+
+#: src/parse_args.c:555
+msgid "preserve user environment when executing command\n"
+msgstr "Benutzerumgebung beim Starten des Befehls beibehalten\n"
+
+#: src/parse_args.c:557
+msgid "edit files instead of running a command\n"
+msgstr "Dateien bearbeiten statt einen Befehl ausführen\n"
+
+#: src/parse_args.c:559
+msgid "execute command as the specified group\n"
+msgstr "Befehl unter angegebener Gruppe ausführen\n"
+
+#: src/parse_args.c:561
+msgid "set HOME variable to target user's home dir.\n"
+msgstr "HOME-Variable als Home-Ordner des Zielnutzers setzen.\n"
+
+#: src/parse_args.c:563
+msgid "display help message and exit\n"
+msgstr "Hilfe ausgeben und beenden\n"
+
+#: src/parse_args.c:565
+msgid "run a login shell as target user\n"
+msgstr "Eine Anmeldeshell als Zielnutzer starten\n"
+
+#: src/parse_args.c:567
+msgid "remove timestamp file completely\n"
+msgstr "Zeitstempeldateien komplett entfernen\n"
+
+#: src/parse_args.c:569
+msgid "invalidate timestamp file\n"
+msgstr "Zeitstempeldatei ungültig machen\n"
+
+#: src/parse_args.c:571
+msgid "list user's available commands\n"
+msgstr "Für den Benutzer verfügbare Befehle auflisten\n"
+
+#: src/parse_args.c:573
+msgid "non-interactive mode, will not prompt user\n"
+msgstr "Nicht-interaktiver Modus, der Benutzer wird zu nichts aufgefordert werden\n"
+
+#: src/parse_args.c:575
+msgid "preserve group vector instead of setting to target's\n"
+msgstr "Gruppen-Vektor beibehalten, statt zu dem des Zielnutzers zu setzen\n"
+
+#: src/parse_args.c:577
+msgid "use specified password prompt\n"
+msgstr "Angegebenen Passwort-Prompt benutzen\n"
+
+#: src/parse_args.c:580 src/parse_args.c:588
+msgid "create SELinux security context with specified role\n"
+msgstr "SELinux-Sicherheitskontext mit angegebener Funktion erstellen\n"
+
+#: src/parse_args.c:583
+msgid "read password from standard input\n"
+msgstr "Passwort von der Standardeingabe lesen\n"
+
+#: src/parse_args.c:585
+msgid "run a shell as target user\n"
+msgstr "Eine Shell als Zielnutzer ausführen\n"
+
+#: src/parse_args.c:591
+msgid "when listing, list specified user's privileges\n"
+msgstr "Wenn aufgelistet wird, Berechtigungen des angegebenen Benutzers auflisten\n"
+
+#: src/parse_args.c:593
+msgid "run command (or edit file) as specified user\n"
+msgstr "Befehl oder Datei als angegebener Benutzer ausführen bzw. ändern\n"
+
+#: src/parse_args.c:595
+msgid "display version information and exit\n"
+msgstr "Versionsinformation anzeigen und beenden\n"
+
+#: src/parse_args.c:597
+msgid "update user's timestamp without running a command\n"
+msgstr "Den Zeitstempel des Benutzers erneuern, ohne einen Befehl auszuführen\n"
+
+#: src/parse_args.c:599
+msgid "stop processing command line arguments\n"
+msgstr "Aufhören, die Befehlszeilenargumente zu verarbeiten\n"
+
+#: src/selinux.c:77
+#, c-format
+msgid "unable to open audit system"
+msgstr "Das Audit-System konnte nicht geöffnet werden"
+
+#: src/selinux.c:85
+#, c-format
+msgid "unable to send audit message"
+msgstr "Die Audit-Nachricht konnte nicht verschickt werden"
+
+#: src/selinux.c:113
+#, c-format
+msgid "unable to fgetfilecon %s"
+msgstr "»fgetfilecon« konnte nicht auf %s angewendet werden"
+
+#: src/selinux.c:118
+#, c-format
+msgid "%s changed labels"
+msgstr "%s änderte die Kennzeichnung"
+
+#: src/selinux.c:123
+#, c-format
+msgid "unable to restore context for %s"
+msgstr "Der Kontext für %s konnte nicht wiederhergestellt werden"
+
+#: src/selinux.c:163
+#, c-format
+msgid "unable to open %s, not relabeling tty"
+msgstr "%s konnte nicht geöffnet werden, TTY wird nicht neu gekennzeichnet"
+
+#: src/selinux.c:172
+#, c-format
+msgid "unable to get current tty context, not relabeling tty"
+msgstr ""
+"Aktueller TTY-Kontext konnte nicht festgestellt werden, TTY wird nicht neu\n"
+"gekennzeichnet."
+
+#: src/selinux.c:179
+#, c-format
+msgid "unable to get new tty context, not relabeling tty"
+msgstr ""
+"Neuer TTY-Kontext konnte nicht festgestellt werden, TTY wird nicht neu\n"
+"gekennzeichnet."
+
+#: src/selinux.c:186
+#, c-format
+msgid "unable to set new tty context"
+msgstr "Neuer TTY-Kontext konnte nicht festgestellt werden"
+
+#: src/selinux.c:252
+#, c-format
+msgid "you must specify a role for type %s"
+msgstr "Für den Typen %s muss eine Funktion angegeben werden"
+
+#: src/selinux.c:258
+#, c-format
+msgid "unable to get default type for role %s"
+msgstr "Standardtyp für Funktion %s konnte nicht ermittelt werden"
+
+#: src/selinux.c:276
+#, c-format
+msgid "failed to set new role %s"
+msgstr "Neue Funktion %s konnte nicht festgelegt werden"
+
+#: src/selinux.c:280
+#, c-format
+msgid "failed to set new type %s"
+msgstr "Neuer Typ %s konnte nicht festgelegt werden"
+
+#: src/selinux.c:289
+#, c-format
+msgid "%s is not a valid context"
+msgstr "%s ist kein gültiger Kontext"
+
+#: src/selinux.c:324
+#, c-format
+msgid "failed to get old_context"
+msgstr "»old_context« konnte nicht wiedergeholt werden"
+
+#: src/selinux.c:330
+#, c-format
+msgid "unable to determine enforcing mode."
+msgstr ""
+
+#: src/selinux.c:342
+#, c-format
+msgid "unable to setup tty context for %s"
+msgstr "TTY-Kontext konnte für %s nicht aufgesetzt werden"
+
+#: src/selinux.c:373
+#, c-format
+msgid "unable to set exec context to %s"
+msgstr "Ausführungskontext konnte nicht auf »%s« gesetzt werden"
+
+#: src/selinux.c:380
+#, c-format
+msgid "unable to set key creation context to %s"
+msgstr ""
+
+#: src/sesh.c:70
+#, c-format
+msgid "requires at least one argument"
+msgstr "Benötigt mindestens ein Argument"
+
+#: src/sesh.c:91
+#, c-format
+msgid "unable to execute %s"
+msgstr "%s konnte nicht ausgeführt werden"
+
+#: src/sudo.c:211
+#, c-format
+msgid "Sudo version %s\n"
+msgstr "Sudo-Version %s\n"
+
+#: src/sudo.c:213
+#, c-format
+msgid "Configure options: %s\n"
+msgstr "Optionen für »configure«: %s\n"
+
+#: src/sudo.c:218
+#, c-format
+msgid "fatal error, unable to load plugins"
+msgstr "Schwerwiegender Fehler, Plugins konnten nicht geladen werden"
+
+#: src/sudo.c:226
+#, c-format
+msgid "unable to initialize policy plugin"
+msgstr "Regelwerks-Plugin konnte nicht initialisiert werden"
+
+#: src/sudo.c:281
+#, c-format
+msgid "error initializing I/O plugin %s"
+msgstr "E/A-Plugin %s konnte nicht initialisiert werden"
+
+#: src/sudo.c:306
+#, c-format
+msgid "unexpected sudo mode 0x%x"
+msgstr "Unerwarteter Sudo-Modus 0x%x"
+
+#: src/sudo.c:400
+#, c-format
+msgid "unable to get group vector"
+msgstr ""
+
+#: src/sudo.c:452
+#, c-format
+msgid "unknown uid %u: who are you?"
+msgstr "Unbekannte UID %u: Wer sind Sie?"
+
+#: src/sudo.c:760
+#, c-format
+msgid "%s must be owned by uid %d and have the setuid bit set"
+msgstr "%s muss dem Benutzer mit UID %d gehören und das »setuid«-Bit gesetzt haben"
+
+#: src/sudo.c:763
+#, c-format
+msgid "effective uid is not %d, is %s on a file system with the 'nosuid' option set or an NFS file system without root privileges?"
+msgstr "Effektive UID ist nicht %d. Liegt %s auf einem Dateisystem mit gesetzter »nosuid«-Option oder auf einem NFS-Dateisystem ohne Root-Rechte?"
+
+#: src/sudo.c:769
+#, c-format
+msgid "effective uid is not %d, is sudo installed setuid root?"
+msgstr "Effektive UID ist nicht %d. Wurde sudo mit »setuid root« installiert?"
+
+#: src/sudo.c:838
+#, c-format
+msgid "resource control limit has been reached"
+msgstr ""
+
+#: src/sudo.c:841
+#, c-format
+msgid "user \"%s\" is not a member of project \"%s\""
+msgstr "Benutzer »%s« ist kein Mitglied des Projekts »%s«"
+
+#: src/sudo.c:845
+#, c-format
+msgid "the invoking task is final"
+msgstr ""
+
+#: src/sudo.c:848
+#, c-format
+msgid "could not join project \"%s\""
+msgstr "Projekt »%s« konnte nicht beigetreten werden"
+
+#: src/sudo.c:853
+#, c-format
+msgid "no resource pool accepting default bindings exists for project \"%s\""
+msgstr ""
+
+#: src/sudo.c:857
+#, c-format
+msgid "specified resource pool does not exist for project \"%s\""
+msgstr "Den angegebenen Ressourcen-Pool gibt es für das Projekt »%s« nicht"
+
+#: src/sudo.c:861
+#, c-format
+msgid "could not bind to default resource pool for project \"%s\""
+msgstr "Es konnte nicht zum Standard-Ressourcen-Pool für Projekt »%s« verbunden werden."
+
+#: src/sudo.c:867
+#, c-format
+msgid "setproject failed for project \"%s\""
+msgstr "»setproject« schlug für Projekt »%s« fehl"
+
+#: src/sudo.c:869
+#, c-format
+msgid "warning, resource control assignment failed for project \"%s\""
+msgstr ""
+
+#: src/sudo.c:917
+#, c-format
+msgid "unknown login class %s"
+msgstr "Unbekannte Anmeldungsklasse %s"
+
+#: src/sudo.c:931 src/sudo.c:934
+#, c-format
+msgid "unable to set user context"
+msgstr "Nutzerkontext konnte nicht gesetzt werden"
+
+#: src/sudo.c:946
+#, c-format
+msgid "unable to set supplementary group IDs"
+msgstr "Zusätzliche Gruppenkennungen konnten nicht gesetzt werden"
+
+#: src/sudo.c:953
+#, c-format
+msgid "unable to set effective gid to runas gid %u"
+msgstr "Effektive GID konnte nicht zu »runas«-GID %u gesetzt werden"
+
+#: src/sudo.c:959
+#, c-format
+msgid "unable to set gid to runas gid %u"
+msgstr "GID konnte nicht zu »runas«-GID %u gesetzt werden"
+
+#: src/sudo.c:966
+#, c-format
+msgid "unable to set process priority"
+msgstr "Prozesspriorität konnte nicht gesetzt werden"
+
+#: src/sudo.c:974
+#, c-format
+msgid "unable to change root to %s"
+msgstr "Wurzelordner konnte nicht zu %s geändert werden"
+
+#: src/sudo.c:981 src/sudo.c:987 src/sudo.c:993
+#, c-format
+msgid "unable to change to runas uid (%u, %u)"
+msgstr "Es konnte nicht zu »runas«-GID gewechselt werden (%u, %u)"
+
+#: src/sudo.c:1007
+#, c-format
+msgid "unable to change directory to %s"
+msgstr "In Ordner »%s« konnte nicht gewechselt werden"
+
+#: src/sudo.c:1079
+#, c-format
+msgid "unexpected child termination condition: %d"
+msgstr "Unerwartete Abbruchsbedingung eines Unterprozesses: %d"
+
+#: src/sudo.c:1140
+#, c-format
+msgid "policy plugin %s does not support listing privileges"
+msgstr "Regelwerks-Plugin %s unterstützt das Auflisten von Privilegien nicht"
+
+#: src/sudo.c:1152
+#, c-format
+msgid "policy plugin %s does not support the -v option"
+msgstr "Regelwerks-Plugin %s unterstützt die Option -v nicht"
+
+#: src/sudo.c:1164
+#, c-format
+msgid "policy plugin %s does not support the -k/-K options"
+msgstr "Regelwerks-Plugin %s unterstützt die Optionen -k und -K nicht"
+
+#: src/sudo_edit.c:111
+#, c-format
+msgid "unable to change uid to root (%u)"
+msgstr "UID konnte nicht zu Root (%u) geändert werden"
+
+#: src/sudo_edit.c:143
+#, c-format
+msgid "plugin error: missing file list for sudoedit"
+msgstr "Plugin-Fehler: Fehlende Dateiliste für sudoedit"
+
+#: src/sudo_edit.c:171 src/sudo_edit.c:271
+#, c-format
+msgid "%s: not a regular file"
+msgstr "%s: Keine reguläre Datei"
+
+#: src/sudo_edit.c:205 src/sudo_edit.c:307
+#, c-format
+msgid "%s: short write"
+msgstr "%s: Zu kurzer Schreibvorgang"
+
+#: src/sudo_edit.c:272
+#, c-format
+msgid "%s left unmodified"
+msgstr "%s blieb unverändert"
+
+#: src/sudo_edit.c:285
+#, c-format
+msgid "%s unchanged"
+msgstr "%s unverändert"
+
+#: src/sudo_edit.c:297 src/sudo_edit.c:318
+#, c-format
+msgid "unable to write to %s"
+msgstr "%s konnte nicht beschrieben werden"
+
+#: src/sudo_edit.c:298 src/sudo_edit.c:316 src/sudo_edit.c:319
+#, c-format
+msgid "contents of edit session left in %s"
+msgstr "Bearbeitungssitzung wurden in %s gelassen"
+
+#: src/sudo_edit.c:315
+#, c-format
+msgid "unable to read temporary file"
+msgstr "Temporäre Datei konnte nicht gelesen werden"
+
+#: src/tgetpass.c:90
+#, c-format
+msgid "no tty present and no askpass program specified"
+msgstr "Kein TTY vorhanden und kein »askpass«-Programm angegeben"
+
+#: src/tgetpass.c:99
+#, c-format
+msgid "no askpass program specified, try setting SUDO_ASKPASS"
+msgstr "Kein »askpass«-Programm angegeben, es wird versucht, SUDO_ASKPASS zu setzen"
+
+#: src/tgetpass.c:231
+#, c-format
+msgid "unable to set gid to %u"
+msgstr "GID konnte nicht als %u festgelegt werden"
+
+#: src/tgetpass.c:235
+#, c-format
+msgid "unable to set uid to %u"
+msgstr "UID konnte nicht als %u festgelegt werden"
+
+#: src/tgetpass.c:240
+#, c-format
+msgid "unable to run %s"
+msgstr "%s konnte nicht ausgeführt werden"
+
+#: src/utmp.c:278
+#, c-format
+msgid "unable to save stdin"
+msgstr "Standardeingabe konnte nicht gespeichert werden"
+
+#: src/utmp.c:280
+#, c-format
+msgid "unable to dup2 stdin"
+msgstr "dup2 konnte nicht auf die Standardeingabe angewandt werden"
+
+#: src/utmp.c:283
+#, c-format
+msgid "unable to restore stdin"
+msgstr "Standardeingabe konnte nicht wiederhergestellt werden"
# Esperanto translations for sudo package.
# This file is put in the public domain.
-# Keith Bowes <zooplah@gmail.com>, 2011.
+# Keith Bowes <zooplah@gmail.com>, 2012.
#
msgid ""
msgstr ""
-"Project-Id-Version: sudo 1.8.2-rc9\n"
+"Project-Id-Version: sudo 1.8.5rc3\n"
"Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n"
-"POT-Creation-Date: 2011-08-05 13:34-0400\n"
-"PO-Revision-Date: 2011-08-21 18:59-0400\n"
+"POT-Creation-Date: 2012-04-24 13:41-0400\n"
+"PO-Revision-Date: 2012-04-29 18:56-0400\n"
"Last-Translator: Keith Bowes <zooplah@gmail.com>\n"
"Language-Team: Esperanto <translation-team-eo@lists.sourceforge.net>\n"
"Language: eo\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+#: common/aix.c:149
+#, c-format
+msgid "unable to open userdb"
+msgstr "ne eblas malfermi la uzanto-datumbazon"
+
+#: common/aix.c:152
+#, c-format
+msgid "unable to switch to registry \"%s\" for %s"
+msgstr "ne eblas ŝanĝiĝi al registrejo \"%s\" por %s"
+
+#: common/aix.c:169
+#, c-format
+msgid "unable to restore registry"
+msgstr "ne eblas restarigi registrejon"
+
+#: common/alloc.c:82
+msgid "internal error, tried to emalloc(0)"
+msgstr "ena eraro, provis je emalloc(0)"
+
+#: common/alloc.c:85 common/alloc.c:105 common/alloc.c:127 common/alloc.c:146
+#: common/alloc.c:168 common/alloc.c:192 common/alloc.c:256 common/alloc.c:270
+#: src/exec_common.c:111 src/parse_args.c:432 src/sudo.c:456 src/sudo.c:482
+#: src/sudo.c:489 src/sudo.c:500 src/sudo.c:737
+#, c-format
+msgid "unable to allocate memory"
+msgstr "ne eblas generi memoron"
+
+#: common/alloc.c:99
+msgid "internal error, tried to emalloc2(0)"
+msgstr "ena eraro, provis je emalloc2(0)"
+
+#: common/alloc.c:101
+msgid "internal error, emalloc2() overflow"
+msgstr "ena eraro, emalloc2() superfluo"
+
+#: common/alloc.c:120
+msgid "internal error, tried to ecalloc(0)"
+msgstr "ena eraro, provis je ecalloc(0)"
+
+#: common/alloc.c:123
+msgid "internal error, ecalloc() overflow"
+msgstr "ena eraro, ecalloc() superfluo"
+
+#: common/alloc.c:142
+msgid "internal error, tried to erealloc(0)"
+msgstr "ena eraro, provis je erealloc(0)"
+
+#: common/alloc.c:161 common/alloc.c:185
+msgid "internal error, tried to erealloc3(0)"
+msgstr "ena eraro, provis je erealloc3(0)"
+
+#: common/alloc.c:163 common/alloc.c:187
+msgid "internal error, erealloc3() overflow"
+msgstr "ena eraro, erealloc3() superfluo"
+
+#: common/sudo_conf.c:306
+#, c-format
+msgid "unable to stat %s"
+msgstr "ne eblas trovi je %s"
+
+#: common/sudo_conf.c:309
+#, c-format
+msgid "%s is not a regular file"
+msgstr "%s estas ne regula dosiero"
+
+#: common/sudo_conf.c:312
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "%s estas estrata de uid %u, devas esti %u"
+
+#: common/sudo_conf.c:316
+#, c-format
+msgid "%s is world writable"
+msgstr "%s estas skribebla de ĉiuj"
+
+#: common/sudo_conf.c:319
+#, c-format
+msgid "%s is group writable"
+msgstr "%s estas skribebla de la tuta grupo"
+
+#: common/sudo_conf.c:328 src/selinux.c:196 src/selinux.c:209 src/sudo.c:331
+#, c-format
+msgid "unable to open %s"
+msgstr "ne eblas malfermi %s"
+
+#: compat/strsignal.c:47
+msgid "Unknown signal"
+msgstr "Nekonata signalo"
+
#: src/error.c:82 src/error.c:86
msgid ": "
msgstr ": "
-#: src/exec.c:125 src/exec_pty.c:573 src/exec_pty.c:880 src/tgetpass.c:224
+#: src/exec.c:107 src/exec_pty.c:628
+#, c-format
+msgid "policy plugin failed session initialization"
+msgstr "konduta kromprogramo fiaskis dum seanca komenciĝo"
+
+#: src/exec.c:112 src/exec_pty.c:633 src/exec_pty.c:967 src/tgetpass.c:221
#, c-format
msgid "unable to fork"
msgstr "ne eblas forki"
-#: src/exec.c:246
+#: src/exec.c:259
#, c-format
msgid "unable to create sockets"
msgstr "ne eblas krei konektingojn"
-#: src/exec.c:253 src/exec_pty.c:526 src/exec_pty.c:534 src/exec_pty.c:541
-#: src/exec_pty.c:826 src/exec_pty.c:877 src/tgetpass.c:221
+#: src/exec.c:266 src/exec_pty.c:572 src/exec_pty.c:581 src/exec_pty.c:589
+#: src/exec_pty.c:902 src/exec_pty.c:964 src/tgetpass.c:218
#, c-format
msgid "unable to create pipe"
msgstr "ne eblas krei tubon"
-#: src/exec.c:319 src/exec_pty.c:944 src/exec_pty.c:1077
+#: src/exec.c:351 src/exec_pty.c:1029 src/exec_pty.c:1167
#, c-format
msgid "select failed"
msgstr "elekto malsukcesis"
-#: src/exec.c:387
+#: src/exec.c:441
#, c-format
msgid "unable to restore tty label"
msgstr "ne eblis reatingi tty-etikedon"
-#: src/exec_pty.c:136
+#: src/exec_common.c:69
+#, c-format
+msgid "unable to remove PRIV_PROC_EXEC from PRIV_LIMIT"
+msgstr "ne eblas forigi PRIV_PROC_EXEC-on de PRIV_LIMIT"
+
+#: src/exec_pty.c:144
#, c-format
msgid "unable to allocate pty"
msgstr "ne eblis generi pty-on"
-#: src/exec_pty.c:566
+#: src/exec_pty.c:619
#, c-format
msgid "unable to set terminal to raw mode"
msgstr "ne eblas elekti nudan reĝimon ĉe la terminalo"
-#: src/exec_pty.c:858
+#: src/exec_pty.c:945
#, c-format
msgid "unable to set controlling tty"
msgstr "ne eblas elekti la regan tty-on"
-#: src/exec_pty.c:952
+#: src/exec_pty.c:1038
#, c-format
msgid "error reading from signal pipe"
msgstr "eraro dum legi la signalan tubon"
-#: src/exec_pty.c:971
+#: src/exec_pty.c:1059
#, c-format
msgid "error reading from pipe"
msgstr "eraro dum legi el tubo"
-#: src/exec_pty.c:987
+#: src/exec_pty.c:1075
#, c-format
msgid "error reading from socketpair"
msgstr "eraro dum legi la konektingan paron"
-#: src/exec_pty.c:991
+#: src/exec_pty.c:1079
#, c-format
msgid "unexpected reply type on backchannel: %d"
msgstr "neatendita respondotipo ĉe la postkanalo: %d"
-#: src/load_plugins.c:158
+#: src/load_plugins.c:79
#, c-format
msgid "%s: %s"
msgstr "%s: %s"
-#: src/load_plugins.c:164
+#: src/load_plugins.c:85
#, c-format
msgid "%s%s: %s"
msgstr "%s%s: %s"
-#: src/load_plugins.c:174
+#: src/load_plugins.c:95
#, c-format
msgid "%s must be owned by uid %d"
msgstr "%s devas esti estrita de uid %d"
-#: src/load_plugins.c:178
+#: src/load_plugins.c:99
#, c-format
msgid "%s must be only be writable by owner"
msgstr "%s estas skribebla nur de estro"
-#: src/load_plugins.c:185
+#: src/load_plugins.c:106
#, c-format
msgid "unable to dlopen %s: %s"
msgstr "malebla: dlopen %s: %s"
-#: src/load_plugins.c:190
+#: src/load_plugins.c:111
#, c-format
msgid "%s: unable to find symbol %s"
msgstr "%s: ne eblas trovi simbolon %s"
-#: src/load_plugins.c:196
+#: src/load_plugins.c:117
#, c-format
msgid "%s: unknown policy type %d"
msgstr "%s: nekonata konduta tipo %d"
-#: src/load_plugins.c:200
+#: src/load_plugins.c:121
#, c-format
msgid "%s: incompatible policy major version %d, expected %d"
msgstr "%s: malkongrua konduto, ĉefa eldono %d, atendita %d"
-#: src/load_plugins.c:207
+#: src/load_plugins.c:128
#, c-format
msgid "%s: only a single policy plugin may be loaded"
msgstr "%s: nur unu konduta kromprogramo eblas ŝargiĝi"
-#: src/load_plugins.c:225
+#: src/load_plugins.c:148
#, c-format
msgid "%s: at least one policy plugin must be specified"
msgstr "%s: almenaŭ unu konduku devas esti specifita"
-#: src/load_plugins.c:230
+#: src/load_plugins.c:153
#, c-format
msgid "policy plugin %s does not include a check_policy method"
msgstr "konduta kromprogramo %s ne inkluzivas la metodon check_policy"
-#: src/net_ifs.c:155 src/net_ifs.c:164 src/net_ifs.c:176 src/net_ifs.c:185
-#: src/net_ifs.c:295 src/net_ifs.c:319
+#: src/net_ifs.c:157 src/net_ifs.c:166 src/net_ifs.c:178 src/net_ifs.c:187
+#: src/net_ifs.c:298 src/net_ifs.c:322
#, c-format
msgid "load_interfaces: overflow detected"
msgstr "load_interfaces: superfluo malkovrita"
-#: src/net_ifs.c:224
+#: src/net_ifs.c:227
#, c-format
msgid "unable to open socket"
msgstr "ne eblas malfermi konektingon"
-#: src/parse_args.c:180
+#: src/parse_args.c:187
#, c-format
msgid "the argument to -C must be a number greater than or equal to 3"
msgstr "la parametro de -C devas esti nombron almenaŭ 3"
-#: src/parse_args.c:192
-#, c-format
-msgid "the argument to -D must be between 1 and 9 inclusive"
-msgstr "la argumento de -D devas esti de 1 ĝis 9"
-
-#: src/parse_args.c:273
+#: src/parse_args.c:276
#, c-format
msgid "unknown user: %s"
msgstr "nekonata uzanto: %s"
-#: src/parse_args.c:332
+#: src/parse_args.c:335
#, c-format
msgid "you may not specify both the `-i' and `-s' options"
msgstr "vi ne rajtas specifi kaj '-i' kaj '-s'"
-#: src/parse_args.c:336
+#: src/parse_args.c:339
#, c-format
msgid "you may not specify both the `-i' and `-E' options"
msgstr "vi ne rajtas specifi kaj '-i' kaj '-E'"
-#: src/parse_args.c:346
+#: src/parse_args.c:349
#, c-format
msgid "the `-E' option is not valid in edit mode"
msgstr "la parametro '-E' ne validas en redakta reĝimo"
-#: src/parse_args.c:348
+#: src/parse_args.c:351
#, c-format
msgid "you may not specify environment variables in edit mode"
msgstr "vi ne rajtas specifi medivariablojn en redakta reĝimo"
-#: src/parse_args.c:356
+#: src/parse_args.c:359
#, c-format
msgid "the `-U' option may only be used with the `-l' option"
msgstr "la parametro '-U' ne validas kun '-l'"
-#: src/parse_args.c:360
+#: src/parse_args.c:363
#, c-format
msgid "the `-A' and `-S' options may not be used together"
msgstr "'-A' kaj '-S' ne eblas uziĝi kune"
-#: src/parse_args.c:429 src/sudo.c:435 src/sudo.c:455 src/sudo.c:463
-#: src/sudo.c:473 common/alloc.c:85 common/alloc.c:105 common/alloc.c:123
-#: common/alloc.c:145 common/alloc.c:203 common/alloc.c:217
-#, c-format
-msgid "unable to allocate memory"
-msgstr "ne eblas generi memoron"
-
-#: src/parse_args.c:442
+#: src/parse_args.c:445
#, c-format
msgid "sudoedit is not supported on this platform"
msgstr "sudoedit ne estas havebla en ĉi tiu platformon"
-#: src/parse_args.c:513
+#: src/parse_args.c:518
#, c-format
msgid "Only one of the -e, -h, -i, -K, -l, -s, -v or -V options may be specified"
msgstr "Vi rajtas specifi nur unu el -e, -h, -i, -K, -l, -s, -v aŭ -V"
-#: src/parse_args.c:526
+#: src/parse_args.c:532
#, c-format
msgid ""
"%s - edit files as another user\n"
"%s - redakti dosierojn kiel alia uzanto\n"
"\n"
-#: src/parse_args.c:528
+#: src/parse_args.c:534
#, c-format
msgid ""
"%s - execute a command as another user\n"
"%s - plenumigi komandon kiel alia uzanto\n"
"\n"
-#: src/parse_args.c:533
+#: src/parse_args.c:539
#, c-format
msgid ""
"\n"
"\n"
"Parametroj:\n"
-#: src/parse_args.c:536
+#: src/parse_args.c:542
msgid "use helper program for password prompting\n"
msgstr "uzi helpoprogrogramon por pasvortilo\n"
-#: src/parse_args.c:539
+#: src/parse_args.c:545
msgid "use specified BSD authentication type\n"
msgstr "uzi specifitan BSD-konstatan tipon\n"
-#: src/parse_args.c:541
+#: src/parse_args.c:547
msgid "run command in the background\n"
msgstr "plenumigi komandon fone\n"
-#: src/parse_args.c:543
+#: src/parse_args.c:549
msgid "close all file descriptors >= fd\n"
msgstr "fermi ĉiujn dosierpriskribilojn >= fd\n"
-#: src/parse_args.c:546
+#: src/parse_args.c:552
msgid "run command with specified login class\n"
msgstr "plenumigi komandon per specifitan ensalutan klason\n"
-#: src/parse_args.c:549
+#: src/parse_args.c:555
msgid "preserve user environment when executing command\n"
msgstr "konservi uzanto-medivariablojn dum plenumigi komandon\n"
-#: src/parse_args.c:551
+#: src/parse_args.c:557
msgid "edit files instead of running a command\n"
msgstr "redakti dosierojn anstataŭ plenumigi komandon\n"
-#: src/parse_args.c:553
+#: src/parse_args.c:559
msgid "execute command as the specified group\n"
msgstr "plenumigi komandon kiel la specifitan grupon\n"
-#: src/parse_args.c:555
+#: src/parse_args.c:561
msgid "set HOME variable to target user's home dir.\n"
msgstr "valorizi medivariablon HOME je la hejma dosierujo de la cela uzanto.\n"
-#: src/parse_args.c:557
+#: src/parse_args.c:563
msgid "display help message and exit\n"
msgstr "elmontri helpan mesaĝon kaj eliri\n"
-#: src/parse_args.c:559
+#: src/parse_args.c:565
msgid "run a login shell as target user\n"
msgstr "plenumigi ensalutan ŝelon kiel celan uzanton\n"
-#: src/parse_args.c:561
+#: src/parse_args.c:567
msgid "remove timestamp file completely\n"
msgstr "tute forigi tempo-indikilan dosieron\n"
-#: src/parse_args.c:563
+#: src/parse_args.c:569
msgid "invalidate timestamp file\n"
msgstr "eksvalidigi tempo-indikilan dosieron\n"
-#: src/parse_args.c:565
+#: src/parse_args.c:571
msgid "list user's available commands\n"
msgstr "listigi disponeblajn komandojn de uzanto\n"
-#: src/parse_args.c:567
+#: src/parse_args.c:573
msgid "non-interactive mode, will not prompt user\n"
msgstr "neinteraga reĝimo, ne demandos uzanton\n"
-#: src/parse_args.c:569
+#: src/parse_args.c:575
msgid "preserve group vector instead of setting to target's\n"
msgstr "konservi grupan vektoron anstataŭ elekti celan vektoron\n"
-#: src/parse_args.c:571
+#: src/parse_args.c:577
msgid "use specified password prompt\n"
msgstr "uzi specifitan pasvortilon\n"
-#: src/parse_args.c:574 src/parse_args.c:582
+#: src/parse_args.c:580 src/parse_args.c:588
msgid "create SELinux security context with specified role\n"
msgstr "krei SELinux-sekurecan kuntekstan kun specifita rolo\n"
-#: src/parse_args.c:577
+#: src/parse_args.c:583
msgid "read password from standard input\n"
msgstr "legi pasvorton el norma enigo\n"
-#: src/parse_args.c:579
+#: src/parse_args.c:585
msgid "run a shell as target user\n"
msgstr "plenumigi ŝelon kiel cela uzanto\n"
-#: src/parse_args.c:585
+#: src/parse_args.c:591
msgid "when listing, list specified user's privileges\n"
msgstr "dum listigo, listigi privilegiojn de specifita uzanto\n"
-#: src/parse_args.c:587
+#: src/parse_args.c:593
msgid "run command (or edit file) as specified user\n"
msgstr "plenumigi komandon (aŭ redakti dosieron) kiel specifita uzanto\n"
-#: src/parse_args.c:589
+#: src/parse_args.c:595
msgid "display version information and exit\n"
msgstr "elmontri eldonan informon kaj eliri\n"
-#: src/parse_args.c:591
+#: src/parse_args.c:597
msgid "update user's timestamp without running a command\n"
msgstr "ĝisdatigi la tempo-indikilon de la uzanto, sed ne plenumigi komandon\n"
-#: src/parse_args.c:593
+#: src/parse_args.c:599
msgid "stop processing command line arguments\n"
msgstr "ĉesigi procedi komandliniajn parametrojn\n"
-#: src/selinux.c:75
+#: src/selinux.c:77
#, c-format
msgid "unable to open audit system"
msgstr "ne eblas malfermi aŭdan sistemon"
msgid "unable to send audit message"
msgstr "ne eblas sendi aŭdan mesaĝon"
-#: src/selinux.c:112
+#: src/selinux.c:113
#, c-format
msgid "unable to fgetfilecon %s"
msgstr "ne eblas voki fgetfilecon %s"
-#: src/selinux.c:117
+#: src/selinux.c:118
#, c-format
msgid "%s changed labels"
msgstr "%s ŝanĝis etikedojn"
-#: src/selinux.c:122
+#: src/selinux.c:123
#, c-format
msgid "unable to restore context for %s"
msgstr "ne eblas restarigi kuntekston por %s"
-#: src/selinux.c:161
+#: src/selinux.c:163
#, c-format
msgid "unable to open %s, not relabeling tty"
msgstr "ne eblas malfermi %s, ne remarkanta tty-on"
-#: src/selinux.c:170
+#: src/selinux.c:172
#, c-format
msgid "unable to get current tty context, not relabeling tty"
msgstr "ne eblas akiri aktualan tty-kuntekston, ne remarkanta"
-#: src/selinux.c:177
+#: src/selinux.c:179
#, c-format
msgid "unable to get new tty context, not relabeling tty"
msgstr "ne eblas akiri novan tty-kuntekston, ne remarkanta"
-#: src/selinux.c:184
+#: src/selinux.c:186
#, c-format
msgid "unable to set new tty context"
msgstr "ne eblas elekti novan tty-kuntekston"
-#: src/selinux.c:194 src/selinux.c:207 src/sudo.c:323
-#, c-format
-msgid "unable to open %s"
-msgstr "ne eblas malfermi %s"
-
-#: src/selinux.c:249
+#: src/selinux.c:252
#, c-format
msgid "you must specify a role for type %s"
msgstr "vi devas specifi rolon por tipon %s"
-#: src/selinux.c:255
+#: src/selinux.c:258
#, c-format
msgid "unable to get default type for role %s"
msgstr "ne eblas akiri aŭtomatan tipon por rolo %s"
-#: src/selinux.c:273
+#: src/selinux.c:276
#, c-format
msgid "failed to set new role %s"
msgstr "malsukcesis elekti novan rolon %s"
-#: src/selinux.c:277
+#: src/selinux.c:280
#, c-format
msgid "failed to set new type %s"
msgstr "malsukcesis elekti novan tipon %s"
-#: src/selinux.c:286
+#: src/selinux.c:289
#, c-format
msgid "%s is not a valid context"
msgstr "%s ne estas valida kunteksto"
-#: src/selinux.c:320
+#: src/selinux.c:324
#, c-format
msgid "failed to get old_context"
msgstr "malsukcesis je old_context"
-#: src/selinux.c:326
+#: src/selinux.c:330
#, c-format
msgid "unable to determine enforcing mode."
msgstr "ne povas determini eldevigan reĝimon."
-#: src/selinux.c:338
+#: src/selinux.c:342
#, c-format
msgid "unable to setup tty context for %s"
msgstr "ne eblas agordi tty-kuntekston por %s"
-#: src/selinux.c:367
+#: src/selinux.c:373
#, c-format
msgid "unable to set exec context to %s"
msgstr "ne eblas elekti exec-kuntekston al %s"
-#: src/selinux.c:374
+#: src/selinux.c:380
#, c-format
msgid "unable to set key creation context to %s"
msgstr "ne eblas elekti ŝlosilkrean kuntekston al %s"
-#: src/sesh.c:48
+#: src/sesh.c:70
+#, c-format
msgid "requires at least one argument"
msgstr "postulas almenaŭ unu parametron"
-#: src/sesh.c:64
+#: src/sesh.c:91
#, c-format
msgid "unable to execute %s"
msgstr "ne eblas plenumigi: %s"
-#: src/sudo.c:191
-#, c-format
-msgid "must be setuid root"
-msgstr "devas esti ĉefuzanto setuid"
-
-#: src/sudo.c:209
+#: src/sudo.c:211
#, c-format
msgid "Sudo version %s\n"
msgstr "Sudo: eldono %s\n"
-#: src/sudo.c:211
+#: src/sudo.c:213
#, c-format
msgid "Configure options: %s\n"
msgstr "Muntaj parametroj: %s\n"
-#: src/sudo.c:216
+#: src/sudo.c:218
#, c-format
msgid "fatal error, unable to load plugins"
msgstr "ĉesiga eraro: ne eblas ŝargi kromprogramojn"
-#: src/sudo.c:224
+#: src/sudo.c:226
#, c-format
msgid "unable to initialize policy plugin"
msgstr "ne eblas komenci konduktan kromprogramon"
-#: src/sudo.c:279
+#: src/sudo.c:281
#, c-format
msgid "error initializing I/O plugin %s"
msgstr "eraro dum komenci eneligan kromprogramon %s"
-#: src/sudo.c:300
+#: src/sudo.c:306
#, c-format
msgid "unexpected sudo mode 0x%x"
msgstr "neatendita sudo-reĝimon 0x%x"
-#: src/sudo.c:389
+#: src/sudo.c:400
#, c-format
msgid "unable to get group vector"
msgstr "ne eblas elekti grupan vektoron"
-#: src/sudo.c:431
+#: src/sudo.c:452
#, c-format
msgid "unknown uid %u: who are you?"
msgstr "nekonata uid %u: kiu vi estas?"
-#: src/sudo.c:773
+#: src/sudo.c:760
+#, c-format
+msgid "%s must be owned by uid %d and have the setuid bit set"
+msgstr "%s devas esti estrita de uid %d kaj la setuid-bito devas esti elektita"
+
+#: src/sudo.c:763
+#, c-format
+msgid "effective uid is not %d, is %s on a file system with the 'nosuid' option set or an NFS file system without root privileges?"
+msgstr "efektiva uid ne estas %d; ĉu %s estas en dosiersistemo kun la elekto 'nosuid' aŭ reta dosiersistemo sen ĉefuzanto-privilegioj?"
+
+#: src/sudo.c:769
+#, c-format
+msgid "effective uid is not %d, is sudo installed setuid root?"
+msgstr "efektiva uid ne estas %d; ĉu sudo estas instalita kiel setuid-radiko?"
+
+#: src/sudo.c:838
#, c-format
msgid "resource control limit has been reached"
msgstr "rimedo-rega limigo estis atingita"
-#: src/sudo.c:776
+#: src/sudo.c:841
#, c-format
msgid "user \"%s\" is not a member of project \"%s\""
msgstr "uzanto \"%s\" ne estas ano de projekto \"%s\""
-#: src/sudo.c:780
+#: src/sudo.c:845
#, c-format
msgid "the invoking task is final"
msgstr "la voka tasko estas nenuligebla"
-#: src/sudo.c:783
+#: src/sudo.c:848
#, c-format
msgid "could not join project \"%s\""
msgstr "ne eblis aliĝi al projekto \"%s\""
-#: src/sudo.c:788
+#: src/sudo.c:853
#, c-format
msgid "no resource pool accepting default bindings exists for project \"%s\""
msgstr "neniu rimedujo akceptanta aŭtomatajn bindaĵojn ekzistas por projekto \"%s\""
-#: src/sudo.c:792
+#: src/sudo.c:857
#, c-format
msgid "specified resource pool does not exist for project \"%s\""
msgstr "specifita rimedujo ne ekzistas por projekto \"%s\""
-#: src/sudo.c:796
+#: src/sudo.c:861
#, c-format
msgid "could not bind to default resource pool for project \"%s\""
msgstr "ne eblis bindi al aprioran rimedujo por projekto \"%s\""
-#: src/sudo.c:802
+#: src/sudo.c:867
#, c-format
msgid "setproject failed for project \"%s\""
msgstr "setproject malsukcesis por projekto \"%s\""
-#: src/sudo.c:804
+#: src/sudo.c:869
#, c-format
msgid "warning, resource control assignment failed for project \"%s\""
msgstr "averto, rimedo-rega asigno malsukcesis por projekto \"%s\""
-#: src/sudo.c:832
-#, c-format
-msgid "unable to remove PRIV_PROC_EXEC from PRIV_LIMIT"
-msgstr "ne eblas forigi PRIV_PROC_EXEC-on de PRIV_LIMIT"
-
-#: src/sudo.c:938
+#: src/sudo.c:917
#, c-format
msgid "unknown login class %s"
msgstr "nekonata ensaluta klaso %s"
-#: src/sudo.c:945 src/sudo.c:948
+#: src/sudo.c:931 src/sudo.c:934
#, c-format
msgid "unable to set user context"
msgstr "ne eblas elekti uzanto-kuntekston"
-#: src/sudo.c:959
+#: src/sudo.c:946
+#, c-format
+msgid "unable to set supplementary group IDs"
+msgstr "ne eblas elekti suplementajn grupajn identigilojn"
+
+#: src/sudo.c:953
#, c-format
msgid "unable to set effective gid to runas gid %u"
msgstr "ne eblas elekti efikan gid-on al plenumigkiela gid %u"
-#: src/sudo.c:964
+#: src/sudo.c:959
#, c-format
msgid "unable to set gid to runas gid %u"
msgstr "ne eblas elekti gid-on kiel plenumigkielan gid-on %u"
-#: src/sudo.c:971
-#, c-format
-msgid "unable to set supplementary group IDs"
-msgstr "ne eblas elekti suplementajn grupajn identigilojn"
-
-#: src/sudo.c:979
+#: src/sudo.c:966
#, c-format
msgid "unable to set process priority"
msgstr "ne eblas elekti procezan prioritaton"
-#: src/sudo.c:987
+#: src/sudo.c:974
#, c-format
msgid "unable to change root to %s"
msgstr "ne eblas ŝanĝi ĉefuzanton al %s"
-#: src/sudo.c:997 src/sudo.c:1003 src/sudo.c:1009
+#: src/sudo.c:981 src/sudo.c:987 src/sudo.c:993
#, c-format
msgid "unable to change to runas uid (%u, %u)"
msgstr "ne eblas ŝanĝi al plenumigkiela uid (%u, %u)"
-#: src/sudo.c:1023
+#: src/sudo.c:1007
#, c-format
msgid "unable to change directory to %s"
msgstr "ne eblas ŝanĝi dosierujon al %s"
-#: src/sudo.c:1090
+#: src/sudo.c:1079
#, c-format
msgid "unexpected child termination condition: %d"
msgstr "neatendita ido ekzekutiĝis laŭ la kondiĉo: %d"
-#: src/sudo.c:1130
+#: src/sudo.c:1140
#, c-format
msgid "policy plugin %s does not support listing privileges"
msgstr "konduta kromprogramo %s ne komprenas listigon de privilegioj"
-#: src/sudo.c:1141
+#: src/sudo.c:1152
#, c-format
msgid "policy plugin %s does not support the -v option"
msgstr "konduta kromprogramo %s ne komprenas la parametron -v"
-#: src/sudo.c:1152
+#: src/sudo.c:1164
#, c-format
msgid "policy plugin %s does not support the -k/-K options"
msgstr "konduta kromprogramo %s ne komprenas la parametrojn -k kaj -K"
-#: src/sudo_edit.c:108
+#: src/sudo_edit.c:111
#, c-format
msgid "unable to change uid to root (%u)"
msgstr "ne eblas ŝanĝi uid-on al ĉefuzanto (%u)"
-#: src/sudo_edit.c:140
+#: src/sudo_edit.c:143
#, c-format
msgid "plugin error: missing file list for sudoedit"
msgstr "kromprograma eraro: malhavas dosieran liston por sudoedit"
-#: src/sudo_edit.c:172 src/sudo_edit.c:280
+#: src/sudo_edit.c:171 src/sudo_edit.c:271
#, c-format
msgid "%s: not a regular file"
msgstr "%s: ne regula dosiero"
-#: src/sudo_edit.c:206 src/sudo_edit.c:316
+#: src/sudo_edit.c:205 src/sudo_edit.c:307
#, c-format
msgid "%s: short write"
msgstr "%s: mallonga skribado"
-#: src/sudo_edit.c:281
+#: src/sudo_edit.c:272
#, c-format
msgid "%s left unmodified"
msgstr "%s restas ne modifita"
-#: src/sudo_edit.c:294
+#: src/sudo_edit.c:285
#, c-format
msgid "%s unchanged"
msgstr "%s ne ŝanĝita"
-#: src/sudo_edit.c:306 src/sudo_edit.c:327
+#: src/sudo_edit.c:297 src/sudo_edit.c:318
#, c-format
msgid "unable to write to %s"
msgstr "ne eblas skribi al %s"
-#: src/sudo_edit.c:307 src/sudo_edit.c:325 src/sudo_edit.c:328
+#: src/sudo_edit.c:298 src/sudo_edit.c:316 src/sudo_edit.c:319
#, c-format
msgid "contents of edit session left in %s"
msgstr "enhavo de redakta seanco restas en %s"
-#: src/sudo_edit.c:324
+#: src/sudo_edit.c:315
#, c-format
msgid "unable to read temporary file"
msgstr "ne eblas legi provizoran dosieron"
-#: src/tgetpass.c:95
+#: src/tgetpass.c:90
#, c-format
msgid "no tty present and no askpass program specified"
msgstr "neniu tty ĉeestas kaj neniu pasvorto-programo specifita"
-#: src/tgetpass.c:104
+#: src/tgetpass.c:99
#, c-format
msgid "no askpass program specified, try setting SUDO_ASKPASS"
msgstr "neniu pasvorto-programo specifita, provi valorizi SUDO_ASKPASS-on"
-#: src/tgetpass.c:234
+#: src/tgetpass.c:231
#, c-format
msgid "unable to set gid to %u"
msgstr "ne eblas elekti gid-on al %u"
-#: src/tgetpass.c:238
+#: src/tgetpass.c:235
#, c-format
msgid "unable to set uid to %u"
msgstr "ne eblas elekti uid-on al %u"
-#: src/tgetpass.c:243
+#: src/tgetpass.c:240
#, c-format
msgid "unable to run %s"
msgstr "ne eblas plenumigi: %s"
-#: src/utmp.c:263
+#: src/utmp.c:278
#, c-format
msgid "unable to save stdin"
msgstr "ne eblas konservi enigon"
-#: src/utmp.c:265
+#: src/utmp.c:280
#, c-format
msgid "unable to dup2 stdin"
msgstr "ne eblas kopii al enigo"
-#: src/utmp.c:268
+#: src/utmp.c:283
#, c-format
msgid "unable to restore stdin"
msgstr "ne eblas restarigi enigon"
-#: common/aix.c:144
-#, c-format
-msgid "unable to open userdb"
-msgstr "ne eblas malfermi la uzanto-datumbazon"
-
-#: common/aix.c:147
-#, c-format
-msgid "unable to switch to registry \"%s\" for %s"
-msgstr "ne eblas ŝanĝiĝi al registrejo \"%s\" por %s"
-
-#: common/aix.c:161
-#, c-format
-msgid "unable to restore registry"
-msgstr "ne eblas restarigi registrejon"
-
-#: common/alloc.c:82
-#, c-format
-msgid "internal error, tried to emalloc(0)"
-msgstr "ena eraro, provis je emalloc(0)"
-
-#: common/alloc.c:99
-#, c-format
-msgid "internal error, tried to emalloc2(0)"
-msgstr "ena eraro, provis je emalloc2(0)"
-
-#: common/alloc.c:101
-#, c-format
-msgid "internal error, emalloc2() overflow"
-msgstr "ena eraro, emalloc2() superfluo"
-
-#: common/alloc.c:119
-#, c-format
-msgid "internal error, tried to erealloc(0)"
-msgstr "ena eraro, provis je erealloc(0)"
-
-#: common/alloc.c:138
-#, c-format
-msgid "internal error, tried to erealloc3(0)"
-msgstr "ena eraro, provis je erealloc3(0)"
-
-#: common/alloc.c:140
-#, c-format
-msgid "internal error, erealloc3() overflow"
-msgstr "ena eraro, erealloc3() superfluo"
-
-#: compat/strsignal.c:47
-msgid "Unknown signal"
-msgstr "Nekonata signalo"
+#~ msgid "must be setuid root"
+#~ msgstr "devas esti ĉefuzanto setuid"
# traducción al español de sudo.
# This file is distributed under the same license as the sudo package.
#
-# Abel Send
ón <abelnicolas1976@gmail.com>, 2012.
+# Abel Send
on <abelnicolas1976@gmail.com>, 2012.
msgid ""
msgstr ""
-"Project-Id-Version: sudo 1.8.4b1\n"
+"Project-Id-Version: sudo 1.8.5-b4\n"
"Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n"
-"POT-Creation-Date: 2012-01-06 15:10-0500\n"
-"PO-Revision-Date: 2012-02-03 00:09-0300\n"
-"Last-Translator: Abel Send
ón <abelnicolas1976@gmail.com>\n"
+"POT-Creation-Date: 2012-03-28 14:06-0400\n"
+"PO-Revision-Date: 2012-04-10 16:19-0300\n"
+"Last-Translator: Abel Send
on <abelnicolas1976@gmail.com>\n"
"Language-Team: Spanish <es@li.org>\n"
"Language: \n"
"MIME-Version: 1.0\n"
msgid ": "
msgstr ": "
-#: src/exec.c:133 src/exec_pty.c:604 src/exec_pty.c:936 src/tgetpass.c:227
+#: src/exec.c:105 src/exec_pty.c:616 src/exec_pty.c:948 src/tgetpass.c:221
#, c-format
msgid "unable to fork"
msgstr "no se puede bifurcar"
-#: src/exec.c:299
+#: src/exec.c:252
#, c-format
msgid "unable to create sockets"
msgstr "no se puede crear sockets"
-#: src/exec.c:306 src/exec_pty.c:557 src/exec_pty.c:565 src/exec_pty.c:572
-#: src/exec_pty.c:871 src/exec_pty.c:933 src/tgetpass.c:224
+#: src/exec.c:259 src/exec_pty.c:567 src/exec_pty.c:576 src/exec_pty.c:584
+#: src/exec_pty.c:883 src/exec_pty.c:945 src/tgetpass.c:218
#, c-format
msgid "unable to create pipe"
msgstr "no se puede crear tubería"
-#: src/exec.c:373 src/exec_pty.c:1000 src/exec_pty.c:1135
+#: src/exec.c:340 src/exec_pty.c:1011 src/exec_pty.c:1146
#, c-format
msgid "select failed"
msgstr "selección fallida"
-#: src/exec.c:458
+#: src/exec.c:425
#, c-format
msgid "unable to restore tty label"
msgstr "no se puede restaurar la etiqueta tty"
+#: src/exec_common.c:69
+#, c-format
+msgid "unable to remove PRIV_PROC_EXEC from PRIV_LIMIT"
+msgstr "no se puede remover PRIV_PROC_EXEC desde PRIV_LIMIT"
+
+#: src/exec_common.c:111 src/parse_args.c:432 src/sudo.c:447 src/sudo.c:467
+#: src/sudo.c:474 src/sudo.c:485 src/sudo.c:871 common/alloc.c:85
+#: common/alloc.c:105 common/alloc.c:127 common/alloc.c:146 common/alloc.c:168
+#: common/alloc.c:192 common/alloc.c:256 common/alloc.c:270
+#, c-format
+msgid "unable to allocate memory"
+msgstr "no se puede de asignar memoria"
+
#: src/exec_pty.c:140
#, c-format
msgid "unable to allocate pty"
msgstr "no se puede asignar pty"
-#: src/exec_pty.c:597
+#: src/exec_pty.c:609
#, c-format
msgid "unable to set terminal to raw mode"
msgstr "no se puede establecer la terminal en modo directo"
-#: src/exec_pty.c:914
+#: src/exec_pty.c:926
#, c-format
msgid "unable to set controlling tty"
msgstr "no se puede establecer el controlador tty"
-#: src/exec_pty.c:1008
+#: src/exec_pty.c:1019
#, c-format
msgid "error reading from signal pipe"
msgstr "error al leer desde la tubería de la señal"
-#: src/exec_pty.c:1027
+#: src/exec_pty.c:1038
#, c-format
msgid "error reading from pipe"
msgstr "error al leer de la tubería"
-#: src/exec_pty.c:1043
+#: src/exec_pty.c:1054
#, c-format
msgid "error reading from socketpair"
msgstr "error leyendo de socketpair"
-#: src/exec_pty.c:1047
+#: src/exec_pty.c:1058
#, c-format
msgid "unexpected reply type on backchannel: %d"
msgstr "tipo de respuesta inesperada en canales alternos %d"
msgid "%s: only a single policy plugin may be loaded"
msgstr "%s: se puede cargar sólo una política de plugin"
-#: src/load_plugins.c:146
+#: src/load_plugins.c:148
#, c-format
msgid "%s: at least one policy plugin must be specified"
msgstr "%s: debe ser especificada al menos una política de plugin"
-#: src/load_plugins.c:151
+#: src/load_plugins.c:153
#, c-format
msgid "policy plugin %s does not include a check_policy method"
msgstr "la política del plugin %s no incluye un método check_policy"
msgid "the `-A' and `-S' options may not be used together"
msgstr "las opciones '-A' y '-S' no se pueden utilizar conjuntamente"
-#: src/parse_args.c:432 src/sudo.c:482 src/sudo.c:502 src/sudo.c:509
-#: src/sudo.c:519 common/alloc.c:85 common/alloc.c:105 common/alloc.c:123
-#: common/alloc.c:145 common/alloc.c:203 common/alloc.c:217
-#, c-format
-msgid "unable to allocate memory"
-msgstr "no se puede de asignar memoria"
-
#: src/parse_args.c:445
#, c-format
msgid "sudoedit is not supported on this platform"
-msgstr "sudoedit no está soportada en ésta plataforma"
+msgstr "sudoedit no está soportado en ésta plataforma"
#: src/parse_args.c:518
#, c-format
msgid "stop processing command line arguments\n"
msgstr "detiene el proceso de argumentos de la línea de comandos\n"
-#: src/selinux.c:76
+#: src/selinux.c:77
#, c-format
msgid "unable to open audit system"
msgstr "no se puede de abrir el sistema de auditoría"
-#: src/selinux.c:84
+#: src/selinux.c:85
#, c-format
msgid "unable to send audit message"
msgstr "no se puede enviar mensaje de auditoría"
-#: src/selinux.c:112
+#: src/selinux.c:113
#, c-format
msgid "unable to fgetfilecon %s"
msgstr "no se puede fgetfilecon %s"
-#: src/selinux.c:117
+#: src/selinux.c:118
#, c-format
msgid "%s changed labels"
msgstr "%s etiquetas cambiadas"
-#: src/selinux.c:122
+#: src/selinux.c:123
#, c-format
msgid "unable to restore context for %s"
msgstr "no se puede restaurar el contexto para %s"
-#: src/selinux.c:162
+#: src/selinux.c:163
#, c-format
msgid "unable to open %s, not relabeling tty"
msgstr "no se puede abrir %s, no volver a etiquetar tty"
-#: src/selinux.c:171
+#: src/selinux.c:172
#, c-format
msgid "unable to get current tty context, not relabeling tty"
msgstr "no se puede obtener el actual contexto tty, no volver a etiquetar tty"
-#: src/selinux.c:178
+#: src/selinux.c:179
#, c-format
msgid "unable to get new tty context, not relabeling tty"
msgstr "no se puede obtener el nuevo contexto tty, no volver a etiquetar tty"
-#: src/selinux.c:185
+#: src/selinux.c:186
#, c-format
msgid "unable to set new tty context"
msgstr "no se puede establecer nuevo contexto tty"
-#: src/selinux.c:195 src/selinux.c:208 src/sudo.c:335
+#: src/selinux.c:196 src/selinux.c:209 src/sudo.c:333 common/sudo_conf.c:328
#, c-format
msgid "unable to open %s"
msgstr "no se pudo abrir %s"
-#: src/selinux.c:251
+#: src/selinux.c:252
#, c-format
msgid "you must specify a role for type %s"
msgstr "se debe especificar una regla por tipo %s"
-#: src/selinux.c:257
+#: src/selinux.c:258
#, c-format
msgid "unable to get default type for role %s"
msgstr "no se puede obtener el tipo de regla predeterminada %s"
-#: src/selinux.c:275
+#: src/selinux.c:276
#, c-format
msgid "failed to set new role %s"
msgstr "falló al establecer nueva regla %s"
-#: src/selinux.c:279
+#: src/selinux.c:280
#, c-format
msgid "failed to set new type %s"
msgstr "falló al establecer nuevo tipo %s"
-#: src/selinux.c:288
+#: src/selinux.c:289
#, c-format
msgid "%s is not a valid context"
msgstr "%s no es un contexto válido"
-#: src/selinux.c:323
+#: src/selinux.c:324
#, c-format
msgid "failed to get old_context"
msgstr "falló al obtener old_context"
-#: src/selinux.c:329
+#: src/selinux.c:330
#, c-format
msgid "unable to determine enforcing mode."
msgstr "no se puede determinar el método de forzado"
-#: src/selinux.c:341
+#: src/selinux.c:342
#, c-format
msgid "unable to setup tty context for %s"
msgstr "no se puede establecer el contexto tty para %s"
-#: src/selinux.c:371
+#: src/selinux.c:373
#, c-format
msgid "unable to set exec context to %s"
msgstr "no se puede establecer el contexto de ejecución a %s"
-#: src/selinux.c:378
+#: src/selinux.c:380
#, c-format
msgid "unable to set key creation context to %s"
msgstr "no se puede establecer la clave de creación de contexto a %s"
-#: src/sesh.c:48
+#: src/sesh.c:70
+#, c-format
msgid "requires at least one argument"
msgstr "requiere al menos un argumento"
-#: src/sesh.c:64
+#: src/sesh.c:91
#, c-format
msgid "unable to execute %s"
msgstr "no se puede ejecutar %s"
-#: src/sudo.c:198
-#, c-format
-msgid "must be setuid root"
-msgstr "debe ser setuid root"
-
-#: src/sudo.c:219
+#: src/sudo.c:213
#, c-format
msgid "Sudo version %s\n"
msgstr "Sudo versión %s\n"
-#: src/sudo.c:221
+#: src/sudo.c:215
#, c-format
msgid "Configure options: %s\n"
msgstr "Opciones de configuración: %s\n"
-#: src/sudo.c:226
+#: src/sudo.c:220
#, c-format
msgid "fatal error, unable to load plugins"
msgstr "error fatal, no se puede cargar los plugins"
-#: src/sudo.c:234
+#: src/sudo.c:228
#, c-format
msgid "unable to initialize policy plugin"
msgstr "no se puede inicializar la política de plugin"
-#: src/sudo.c:289
+#: src/sudo.c:283
#, c-format
msgid "error initializing I/O plugin %s"
msgstr "error al inicializar los plugins de E/S %s"
-#: src/sudo.c:310
+#: src/sudo.c:308
#, c-format
msgid "unexpected sudo mode 0x%x"
msgstr "inesperado modo sudo 0x%x"
-#: src/sudo.c:404
+#: src/sudo.c:402
#, c-format
msgid "unable to get group vector"
msgstr "no se puede obtener el vector de grupo"
-#: src/sudo.c:478
+#: src/sudo.c:443
#, c-format
msgid "unknown uid %u: who are you?"
msgstr "uid desconocido %u: quién es usted?"
-#: src/sudo.c:818
+#: src/sudo.c:735
+#, c-format
+msgid "%s must be owned by uid %d and have the setuid bit set"
+msgstr "%s debe ser propiedad del uid %d y tener el bit setuid establecido"
+
+#: src/sudo.c:738
+#, c-format
+msgid "effective uid is not %d, is %s on a file system with the 'nosuid' option set or an NFS file system without root privileges?"
+msgstr "el uid no es %d, es %s en un sistema de archivos con la opción 'nosuid' establecida o un sistema de archivos NFS sin privilegios de root?"
+
+#: src/sudo.c:744
+#, c-format
+msgid "effective uid is not %d, is sudo installed setuid root?"
+msgstr "el uid efectivo no es %d, sudo está instalado con setuid root?"
+
+#: src/sudo.c:813
#, c-format
msgid "resource control limit has been reached"
msgstr "el límite de control de recursos ha sido alcanzado"
-#: src/sudo.c:821
+#: src/sudo.c:816
#, c-format
msgid "user \"%s\" is not a member of project \"%s\""
msgstr "el usuario \"%s\" no es miembro del proyecto \"%s\""
-#: src/sudo.c:825
+#: src/sudo.c:820
#, c-format
msgid "the invoking task is final"
msgstr "la tarea que invoca es definitiva"
-#: src/sudo.c:828
+#: src/sudo.c:823
#, c-format
msgid "could not join project \"%s\""
msgstr "no podría unirse al proyecto \"%s\""
-#: src/sudo.c:833
+#: src/sudo.c:828
#, c-format
msgid "no resource pool accepting default bindings exists for project \"%s\""
msgstr "no hay fondo de recursos aceptando las asignaciones existentes para el proyecto \"%s\""
-#: src/sudo.c:837
+#: src/sudo.c:832
#, c-format
msgid "specified resource pool does not exist for project \"%s\""
msgstr "el fondo de recursos especificado no existe para el proyecto \"%s\""
-#: src/sudo.c:841
+#: src/sudo.c:836
#, c-format
msgid "could not bind to default resource pool for project \"%s\""
msgstr "no se podría enlazar al fondo de recursos predeterminado para el proyecto \"%s\" "
-#: src/sudo.c:847
+#: src/sudo.c:842
#, c-format
msgid "setproject failed for project \"%s\""
msgstr "configuración del proyecto fallida \"%s\" "
-#: src/sudo.c:849
+#: src/sudo.c:844
#, c-format
msgid "warning, resource control assignment failed for project \"%s\""
msgstr "aviso, el control de asignación de recursos falló para el proyecto \"%s\""
-#: src/sudo.c:879
-#, c-format
-msgid "unable to remove PRIV_PROC_EXEC from PRIV_LIMIT"
-msgstr "no se puede remover PRIV_PROC_EXEC desde PRIV_LIMIT"
-
-#: src/sudo.c:988
+#: src/sudo.c:909
#, c-format
msgid "unknown login class %s"
msgstr "clase de inicio de sesión desconocida %s"
-#: src/sudo.c:1004 src/sudo.c:1007
+#: src/sudo.c:923 src/sudo.c:926
#, c-format
msgid "unable to set user context"
msgstr "no se puede establecer el contexto del usuario"
-#: src/sudo.c:1022
+#: src/sudo.c:938
+#, c-format
+msgid "unable to set supplementary group IDs"
+msgstr "no se puede establecer el grupo suplementario de IDs"
+
+#: src/sudo.c:945
#, c-format
msgid "unable to set effective gid to runas gid %u"
msgstr "no se puede establecer el gid efectivo para ejecutar como gid %u"
-#: src/sudo.c:1028
+#: src/sudo.c:951
#, c-format
msgid "unable to set gid to runas gid %u"
msgstr "no se puede establecer el gid para ejecutar como gid %u"
-#: src/sudo.c:1036
-#, c-format
-msgid "unable to set supplementary group IDs"
-msgstr "no se puede establecer el grupo suplementario de IDs"
-
-#: src/sudo.c:1044
+#: src/sudo.c:958
#, c-format
msgid "unable to set process priority"
msgstr "no se puede establecer la prioridad de proceso"
-#: src/sudo.c:1052
+#: src/sudo.c:966
#, c-format
msgid "unable to change root to %s"
msgstr "no se puede cambiar de root a %s"
-#: src/sudo.c:1062 src/sudo.c:1068 src/sudo.c:1074
+#: src/sudo.c:973 src/sudo.c:979 src/sudo.c:985
#, c-format
msgid "unable to change to runas uid (%u, %u)"
msgstr "no se puede cambiar a runas uid (%u, %u)"
-#: src/sudo.c:1088
+#: src/sudo.c:999
#, c-format
msgid "unable to change directory to %s"
msgstr "no se puede cambiar al directorio %s"
-#: src/sudo.c:1158
+#: src/sudo.c:1072
#, c-format
msgid "unexpected child termination condition: %d"
msgstr "inesperada terminación de condición hija: %d"
-#: src/sudo.c:1204
+#: src/sudo.c:1133
#, c-format
msgid "policy plugin %s does not support listing privileges"
msgstr "la política del plugin %s no soporta listado de privilegios"
-#: src/sudo.c:1216
+#: src/sudo.c:1145
#, c-format
msgid "policy plugin %s does not support the -v option"
msgstr "la política del plugin %s no soporta la opción -v"
-#: src/sudo.c:1228
+#: src/sudo.c:1157
#, c-format
msgid "policy plugin %s does not support the -k/-K options"
msgstr "la política del plugin %s no soporta las opciones -k/-K"
msgid "unable to read temporary file"
msgstr "no se puede leer el archivo temporal"
-#: src/tgetpass.c:96
+#: src/tgetpass.c:90
#, c-format
msgid "no tty present and no askpass program specified"
msgstr "sin tty presente y no hay programa askpass especificado"
-#: src/tgetpass.c:105
+#: src/tgetpass.c:99
#, c-format
msgid "no askpass program specified, try setting SUDO_ASKPASS"
msgstr "no hay programa askpass especificado, intente establecer SUDO_ASKPASS"
-#: src/tgetpass.c:237
+#: src/tgetpass.c:231
#, c-format
msgid "unable to set gid to %u"
msgstr "no se puede establecer el gid a %u"
-#: src/tgetpass.c:241
+#: src/tgetpass.c:235
#, c-format
msgid "unable to set uid to %u"
msgstr "no se puede establecer el uid a %u"
-#: src/tgetpass.c:246
+#: src/tgetpass.c:240
#, c-format
msgid "unable to run %s"
msgstr "no se puede ejecutar %s"
msgid "unable to restore stdin"
msgstr "no se puede restaurar stdin"
-#: common/aix.c:144
+#: common/aix.c:149
#, c-format
msgid "unable to open userdb"
msgstr "no se puede abrir userdb"
-#: common/aix.c:147
+#: common/aix.c:152
#, c-format
msgid "unable to switch to registry \"%s\" for %s"
msgstr "no se puede cambiar al registro \"%s\" para %s"
-#: common/aix.c:161
+#: common/aix.c:169
#, c-format
msgid "unable to restore registry"
msgstr "no se puede restaurar el registro"
msgid "internal error, emalloc2() overflow"
msgstr "error interno: desbordamiento en emalloc2()"
-#: common/alloc.c:119
+#: common/alloc.c:120
+msgid "internal error, tried to ecalloc(0)"
+msgstr "error interno: trató ecalloc(0)"
+
+#: common/alloc.c:123
+msgid "internal error, ecalloc() overflow"
+msgstr "error interno: desbordamiento en ealloc()"
+
+#: common/alloc.c:142
msgid "internal error, tried to erealloc(0)"
msgstr "error interno: trató erealloc(0)"
-#: common/alloc.c:138
+#: common/alloc.c:161 common/alloc.c:185
msgid "internal error, tried to erealloc3(0)"
msgstr "error interno: trató erealloc3(0)"
-#: common/alloc.c:140
+#: common/alloc.c:163 common/alloc.c:187
msgid "internal error, erealloc3() overflow"
msgstr "error interno: desbordamiento de erealloc3()"
+#: common/sudo_conf.c:306
+#, c-format
+msgid "unable to stat %s"
+msgstr "no se puede stat en %s"
+
+#: common/sudo_conf.c:309
+#, c-format
+msgid "%s is not a regular file"
+msgstr "%s no es un archivo regular"
+
+#: common/sudo_conf.c:312
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "%s es adueñado por uid %u, sería %u"
+
+#: common/sudo_conf.c:316
+#, c-format
+msgid "%s is world writable"
+msgstr "%s es escribible por todos"
+
+#: common/sudo_conf.c:319
+#, c-format
+msgid "%s is group writable"
+msgstr "%s es escribible por el grupo"
+
#: compat/strsignal.c:47
msgid "Unknown signal"
msgstr "Señal desconocida"
+#~ msgid "must be setuid root"
+#~ msgstr "debe ser setuid root"
+
#~ msgid "the argument to -D must be between 1 and 9 inclusive"
#~ msgstr "el argumento -D debe estar entre 1 y 9 inclusive"
# Finnish messages for sudo.
# This file is put in the public domain.
-# Copyright © 2011 Free Software Foundation, Inc.
+# Copyright © 2011, 2012 Free Software Foundation, Inc.
# This file is distributed under the same license as the sudo package.
-# Jorma Karvonen <karvonen.jorma@gmail.com>, 2011.
+# Jorma Karvonen <karvonen.jorma@gmail.com>, 2011-2012.
#
msgid ""
msgstr ""
-"Project-Id-Version: sudo 1.8.2-rc1\n"
+"Project-Id-Version: sudo 1.8.5rc3\n"
"Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n"
-"POT-Creation-Date: 2011-05-20 15:33-0400\n"
-"PO-Revision-Date: 2011-05-27 10:30+0200\n"
+"POT-Creation-Date: 2012-04-24 13:41-0400\n"
+"PO-Revision-Date: 2012-04-29 11:02+0200\n"
"Last-Translator: Jorma Karvonen <karvonen.jorma@gmail.com>\n"
"Language-Team: Finnish <translation-team-fi@lists.sourceforge.net>\n"
"Language: fi\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=n != 1;\n"
-#: ../../trunk/src/error.c:82 ../../trunk/src/error.c:86
+#: common/aix.c:149
+#, c-format
+msgid "unable to open userdb"
+msgstr "ei kyetä avaamaan userdb-käyttäjätietokantaa"
+
+#: common/aix.c:152
+#, c-format
+msgid "unable to switch to registry \"%s\" for %s"
+msgstr "ei kyetä vaihtamaan registeriä ”%s” käyttäjälle %s"
+
+#: common/aix.c:169
+#, c-format
+msgid "unable to restore registry"
+msgstr "ei kyetä palauttamaan rekisteriä"
+
+#: common/alloc.c:82
+msgid "internal error, tried to emalloc(0)"
+msgstr "sisäinen virhe, yritettiin suorittaa emalloc(0)"
+
+#: common/alloc.c:85 common/alloc.c:105 common/alloc.c:127 common/alloc.c:146
+#: common/alloc.c:168 common/alloc.c:192 common/alloc.c:256 common/alloc.c:270
+#: src/exec_common.c:111 src/parse_args.c:432 src/sudo.c:456 src/sudo.c:482
+#: src/sudo.c:489 src/sudo.c:500 src/sudo.c:737
+#, c-format
+msgid "unable to allocate memory"
+msgstr "ei kyetä varaamaan muistia"
+
+#: common/alloc.c:99
+msgid "internal error, tried to emalloc2(0)"
+msgstr "sisäinen virhe, yritettiin suorittaa emalloc2(0)"
+
+#: common/alloc.c:101
+msgid "internal error, emalloc2() overflow"
+msgstr "sisäinen virhe, emalloc2() -ylivuoto"
+
+#: common/alloc.c:120
+msgid "internal error, tried to ecalloc(0)"
+msgstr "sisäinen virhe, yritettiin suorittaa ecalloc(0)"
+
+#: common/alloc.c:123
+msgid "internal error, ecalloc() overflow"
+msgstr "sisäinen virhe, ecalloc() -ylivuoto"
+
+#: common/alloc.c:142
+msgid "internal error, tried to erealloc(0)"
+msgstr "sisäinen virhe, yritettiin suorittaa erealloc(0)"
+
+#: common/alloc.c:161 common/alloc.c:185
+msgid "internal error, tried to erealloc3(0)"
+msgstr "sisäinen virhe, yritettiin suorittaa erealloc3(0)"
+
+#: common/alloc.c:163 common/alloc.c:187
+msgid "internal error, erealloc3() overflow"
+msgstr "sisäinen virhe, erealloc3() -ylivuoto"
+
+#: common/sudo_conf.c:306
+#, c-format
+msgid "unable to stat %s"
+msgstr "ei kyetä suorittamaan käskyä stat %s"
+
+#: common/sudo_conf.c:309
+#, c-format
+msgid "%s is not a regular file"
+msgstr "%s ei ole tavallinen tiedosto"
+
+# ensimmäinen parametri on path
+#: common/sudo_conf.c:312
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "polun %s omistaja on %u, pitäisi olla %u"
+
+#: common/sudo_conf.c:316
+#, c-format
+msgid "%s is world writable"
+msgstr "%s on yleiskirjoitettava"
+
+#: common/sudo_conf.c:319
+#, c-format
+msgid "%s is group writable"
+msgstr "%s on ryhmäkirjoitettava"
+
+#: common/sudo_conf.c:328 src/selinux.c:196 src/selinux.c:209 src/sudo.c:331
+#, c-format
+msgid "unable to open %s"
+msgstr "ei kyetä avaamaan kohdetta %s"
+
+#: compat/strsignal.c:47
+msgid "Unknown signal"
+msgstr "Tuntematon signaali"
+
+#: src/error.c:82 src/error.c:86
msgid ": "
msgstr ": "
-#: ../../trunk/src/exec.c:125 ../../trunk/src/exec_pty.c:569
-#: ../../trunk/src/exec_pty.c:876 ../../trunk/src/tgetpass.c:224
+#: src/exec.c:107 src/exec_pty.c:628
+#, c-format
+msgid "policy plugin failed session initialization"
+msgstr "Menettelytapalisäosa epäonnistui istunnon alustamisessa"
+
+#: src/exec.c:112 src/exec_pty.c:633 src/exec_pty.c:967 src/tgetpass.c:221
#, c-format
msgid "unable to fork"
msgstr "ei kyetä kutsumaan fork-kutsua"
-#: ../../trunk/src/exec.c:247
+#: src/exec.c:259
#, c-format
msgid "unable to create sockets"
msgstr "ei kyetä luomaan pistokkeita"
-#: ../../trunk/src/exec.c:254 ../../trunk/src/exec_pty.c:522
-#: ../../trunk/src/exec_pty.c:530 ../../trunk/src/exec_pty.c:537
-#: ../../trunk/src/exec_pty.c:822 ../../trunk/src/exec_pty.c:873
-#: ../../trunk/src/tgetpass.c:221
+#: src/exec.c:266 src/exec_pty.c:572 src/exec_pty.c:581 src/exec_pty.c:589
+#: src/exec_pty.c:902 src/exec_pty.c:964 src/tgetpass.c:218
#, c-format
msgid "unable to create pipe"
msgstr "ei kyetä luomaan putkea"
-#: ../../trunk/src/exec.c:320 ../../trunk/src/exec_pty.c:940
-#: ../../trunk/src/exec_pty.c:1073
+#: src/exec.c:351 src/exec_pty.c:1029 src/exec_pty.c:1167
#, c-format
msgid "select failed"
msgstr "select-funktio epäonnistui"
-#: ../../trunk/src/exec.c:388
+#: src/exec.c:441
#, c-format
msgid "unable to restore tty label"
msgstr "ei kyetä palauttamaan tty-nimiötä"
-#: ../../trunk/src/exec_pty.c:136
+# Solaris privileges, remove PRIV_PROC_EXEC post-execve.
+#: src/exec_common.c:69
+#, c-format
+msgid "unable to remove PRIV_PROC_EXEC from PRIV_LIMIT"
+msgstr "ei kyetä poistamaan PRIV_PROC_EXEC kohteesta PRIV_LIMIT"
+
+#: src/exec_pty.c:144
#, c-format
msgid "unable to allocate pty"
msgstr "ei kyetä varaamaan pty:tä"
-#: ../../trunk/src/exec_pty.c:562
+#: src/exec_pty.c:619
#, c-format
msgid "unable to set terminal to raw mode"
msgstr "ei kyetä asettamaan päätettä raakatilaan"
# Istunnolla voi olla ohjaava tty. Istunnon yksi prosessiryhmä voi olla edustaprosessiryhmä ja toimia siten ohjaavana tty:nä, joka vastaanottaa tty-syötteen ja -signaalit.
-#: ../../trunk/src/exec_pty.c:854
+#: src/exec_pty.c:945
#, c-format
msgid "unable to set controlling tty"
msgstr "ei kyetä asettamaan ohjaavaa tty:tä"
-#: ../../trunk/src/exec_pty.c:948
+#: src/exec_pty.c:1038
#, c-format
msgid "error reading from signal pipe"
msgstr "virhe luettaessa signaaliputkesta"
-#: ../../trunk/src/exec_pty.c:967
+#: src/exec_pty.c:1059
#, c-format
msgid "error reading from pipe"
msgstr "virhe luettaessa putkesta"
-#: ../../trunk/src/exec_pty.c:983
+#: src/exec_pty.c:1075
#, c-format
msgid "error reading from socketpair"
msgstr "virhe luettaessa pistokeparista"
-#: ../../trunk/src/exec_pty.c:987
+#: src/exec_pty.c:1079
#, c-format
msgid "unexpected reply type on backchannel: %d"
msgstr "odottamaton vastaustyyppi paluukanavalla: %d"
-#: ../../trunk/src/load_plugins.c:154
+#: src/load_plugins.c:79
#, c-format
msgid "%s: %s"
msgstr "%s: %s"
-#: ../../trunk/src/load_plugins.c:160
+#: src/load_plugins.c:85
#, c-format
msgid "%s%s: %s"
msgstr "%s%s: %s"
# ensimmäinen parametri on path
-#: ../../trunk/src/load_plugins.c:170
+#: src/load_plugins.c:95
#, c-format
msgid "%s must be owned by uid %d"
msgstr "polun %s omistajan on oltava uid %d"
# parametri on path
-#: ../../trunk/src/load_plugins.c:174
+#: src/load_plugins.c:99
#, c-format
msgid "%s must be only be writable by owner"
msgstr "polun %s on oltava vain omistajan kirjoitettava"
-#: ../../trunk/src/load_plugins.c:181
+#: src/load_plugins.c:106
#, c-format
msgid "unable to dlopen %s: %s"
msgstr "lisäosan avaaminen epäonnistui funktiolla dlopen %s: %s"
-#: ../../trunk/src/load_plugins.c:186
+#: src/load_plugins.c:111
#, c-format
msgid "%s: unable to find symbol %s"
msgstr "%s: ei kyetä löytämään symbolia %s"
-#: ../../trunk/src/load_plugins.c:192
+#: src/load_plugins.c:117
#, c-format
msgid "%s: unknown policy type %d"
msgstr "%s: tuntematon menettelytapatyyppi %d"
-#: ../../trunk/src/load_plugins.c:196
+#: src/load_plugins.c:121
#, c-format
msgid "%s: incompatible policy major version %d, expected %d"
msgstr "%s: yhteensopimaton menettelytavan major-versio %d, odotettiin %d"
-#: ../../trunk/src/load_plugins.c:203
+#: src/load_plugins.c:128
#, c-format
msgid "%s: only a single policy plugin may be loaded"
msgstr "%s: vain yksi menettelytapalisäosa voidaan ladata"
-#: ../../trunk/src/load_plugins.c:221
+#: src/load_plugins.c:148
#, c-format
msgid "%s: at least one policy plugin must be specified"
msgstr "%s: vähintään yksi menettelytapalisäosa on määriteltävä"
-#: ../../trunk/src/load_plugins.c:226
+#: src/load_plugins.c:153
#, c-format
msgid "policy plugin %s does not include a check_policy method"
msgstr "menettelytapalisäosa %s ei sisällä check_policy-metodia"
-#: ../../trunk/src/net_ifs.c:155 ../../trunk/src/net_ifs.c:164
-#: ../../trunk/src/net_ifs.c:176 ../../trunk/src/net_ifs.c:185
-#: ../../trunk/src/net_ifs.c:295 ../../trunk/src/net_ifs.c:319
+#: src/net_ifs.c:157 src/net_ifs.c:166 src/net_ifs.c:178 src/net_ifs.c:187
+#: src/net_ifs.c:298 src/net_ifs.c:322
#, c-format
msgid "load_interfaces: overflow detected"
msgstr "load_interfaces: ylivuoto havaittu"
-#: ../../trunk/src/net_ifs.c:224
+#: src/net_ifs.c:227
#, c-format
msgid "unable to open socket"
msgstr "ei kyetä avaamaan pistoketta"
-#: ../../trunk/src/parse_args.c:180
+#: src/parse_args.c:187
#, c-format
msgid "the argument to -C must be a number greater than or equal to 3"
msgstr "valitsimen -C argumentin on oltava vähintään 3"
-#: ../../trunk/src/parse_args.c:192
-#, c-format
-msgid "the argument to -D must be between 1 and 9 inclusive"
-msgstr "valitsimen -D argumentin on oltava alueella 1 - 9"
-
-#: ../../trunk/src/parse_args.c:273
+#: src/parse_args.c:276
#, c-format
msgid "unknown user: %s"
msgstr "tuntematon käyttäjä: %s"
-#: ../../trunk/src/parse_args.c:332
+#: src/parse_args.c:335
#, c-format
msgid "you may not specify both the `-i' and `-s' options"
msgstr "et voi määritellä sekä valitsinta ”-i” että valitsinta ”-s”"
-#: ../../trunk/src/parse_args.c:336
+#: src/parse_args.c:339
#, c-format
msgid "you may not specify both the `-i' and `-E' options"
msgstr "et voi määritellä sekä valitsinta ”-i” että valitsinta ”-E”"
-#: ../../trunk/src/parse_args.c:346
+#: src/parse_args.c:349
#, c-format
msgid "the `-E' option is not valid in edit mode"
msgstr "valitsin ”-E” ei ole kelvollinen muokkaustilassa"
-#: ../../trunk/src/parse_args.c:348
+#: src/parse_args.c:351
#, c-format
msgid "you may not specify environment variables in edit mode"
msgstr "ei voi määritellä ympäristömuuttujia muokkaustilassa"
-#: ../../trunk/src/parse_args.c:356
+#: src/parse_args.c:359
#, c-format
msgid "the `-U' option may only be used with the `-l' option"
msgstr "valitsinta ”-U” voidaan käyttää vain valitsimen ”-l” kanssa"
-#: ../../trunk/src/parse_args.c:360
+#: src/parse_args.c:363
#, c-format
msgid "the `-A' and `-S' options may not be used together"
msgstr "valitsimia ”-A” ja ”-S” ei voi käyttää yhdessä"
-#: ../../trunk/src/parse_args.c:418 ../../trunk/src/sudo.c:398
-#: ../../trunk/src/sudo.c:418 ../../trunk/src/sudo.c:426
-#: ../../trunk/src/sudo.c:436 ../../trunk/common/alloc.c:85
-#: ../../trunk/common/alloc.c:105 ../../trunk/common/alloc.c:123
-#: ../../trunk/common/alloc.c:145 ../../trunk/common/alloc.c:203
-#: ../../trunk/common/alloc.c:217
-#, c-format
-msgid "unable to allocate memory"
-msgstr "ei kyetä varaamaan muistia"
-
-#: ../../trunk/src/parse_args.c:431
+#: src/parse_args.c:445
#, c-format
msgid "sudoedit is not supported on this platform"
msgstr "sudoedit ei ole tuettu tällä alustalla"
-#: ../../trunk/src/parse_args.c:502
+#: src/parse_args.c:518
#, c-format
msgid "Only one of the -e, -h, -i, -K, -l, -s, -v or -V options may be specified"
msgstr "Vain yksi valitsimista -e, -h, -i, -K, -l, -s, -v tai -V voidaan määritellä"
-#: ../../trunk/src/parse_args.c:515
+#: src/parse_args.c:532
#, c-format
msgid ""
"%s - edit files as another user\n"
"%s - muokkaa tiedostoja toisena käyttäjänä\n"
"\n"
-#: ../../trunk/src/parse_args.c:517
+#: src/parse_args.c:534
#, c-format
msgid ""
"%s - execute a command as another user\n"
"%s - suorita komentoja toisena käyttäjänä\n"
"\n"
-#: ../../trunk/src/parse_args.c:522
+#: src/parse_args.c:539
#, c-format
msgid ""
"\n"
"\n"
"Valitsimet:\n"
-#: ../../trunk/src/parse_args.c:525
+#: src/parse_args.c:542
msgid "use helper program for password prompting\n"
msgstr "käytä apuohjelmaa salasanakyselyyn\n"
-#: ../../trunk/src/parse_args.c:528
+#: src/parse_args.c:545
msgid "use specified BSD authentication type\n"
msgstr "käytä määriteltyä BSD-todennustyyppiä\n"
-#: ../../trunk/src/parse_args.c:530
+#: src/parse_args.c:547
msgid "run command in the background\n"
msgstr "suorita komento taustalla\n"
-#: ../../trunk/src/parse_args.c:532
+#: src/parse_args.c:549
msgid "close all file descriptors >= fd\n"
msgstr "sulje kaikki tiedostokuvaajat >= fd\n"
-#: ../../trunk/src/parse_args.c:535
+#: src/parse_args.c:552
msgid "run command with specified login class\n"
msgstr "suorita komento määritellyllä kirjautumisluokalla\n"
-#: ../../trunk/src/parse_args.c:538
+#: src/parse_args.c:555
msgid "preserve user environment when executing command\n"
msgstr "säilytä käyttäjäympäristö komentoa suoritettaessa\n"
-#: ../../trunk/src/parse_args.c:540
+#: src/parse_args.c:557
msgid "edit files instead of running a command\n"
msgstr "muokkaa tiedostoja komennon suorittamisen sijasta\n"
# tämä viittaa runas_group-määritelyyn
-#: ../../trunk/src/parse_args.c:542
+#: src/parse_args.c:559
msgid "execute command as the specified group\n"
msgstr "suorita komento määriteltynä ryhmänä\n"
-#: ../../trunk/src/parse_args.c:544
+#: src/parse_args.c:561
msgid "set HOME variable to target user's home dir.\n"
msgstr "aseta HOME-muuttuja osoittamaan kohdekäyttäjän kotihakemistoon.\n"
-#: ../../trunk/src/parse_args.c:546
+#: src/parse_args.c:563
msgid "display help message and exit\n"
msgstr "näytä opasteviesti ja poistu\n"
-#: ../../trunk/src/parse_args.c:548
+#: src/parse_args.c:565
msgid "run a login shell as target user\n"
msgstr "suorita kirjautumiskomentoikkuna kohdekäyttäjänä\n"
-#: ../../trunk/src/parse_args.c:550
+#: src/parse_args.c:567
msgid "remove timestamp file completely\n"
msgstr "poista aikaleimatiedosto kokonaan\n"
-#: ../../trunk/src/parse_args.c:552
+#: src/parse_args.c:569
msgid "invalidate timestamp file\n"
msgstr "mitätöi aikaleimatiedosto\n"
-#: ../../trunk/src/parse_args.c:554
+#: src/parse_args.c:571
msgid "list user's available commands\n"
msgstr "luettele käyttäjän käytettävissä olevat komennot\n"
-#: ../../trunk/src/parse_args.c:556
+#: src/parse_args.c:573
msgid "non-interactive mode, will not prompt user\n"
msgstr "ei-interaktiivinen tila, ei kysy käyttäjältä\n"
-#: ../../trunk/src/parse_args.c:558
+#: src/parse_args.c:575
msgid "preserve group vector instead of setting to target's\n"
msgstr "säilytä ryhmävektori kohteen vektorin asettamisen sijasta\n"
-#: ../../trunk/src/parse_args.c:560
+#: src/parse_args.c:577
msgid "use specified password prompt\n"
msgstr "käytä määriteltyä salasanakehotetta\n"
-#: ../../trunk/src/parse_args.c:563 ../../trunk/src/parse_args.c:571
+#: src/parse_args.c:580 src/parse_args.c:588
msgid "create SELinux security context with specified role\n"
msgstr "luo SELinux-turva-asiayhteys määritellyllä roolilla\n"
-#: ../../trunk/src/parse_args.c:566
+#: src/parse_args.c:583
msgid "read password from standard input\n"
msgstr "lue salasana vakiosyötteestä\n"
-#: ../../trunk/src/parse_args.c:568
+#: src/parse_args.c:585
msgid "run a shell as target user\n"
msgstr "suorita komentotulkki kohdekäyttäjänä\n"
-#: ../../trunk/src/parse_args.c:574
+#: src/parse_args.c:591
msgid "when listing, list specified user's privileges\n"
msgstr "luetteloitaessa luettele määritellyn käyttäjän käyttöoikeudet\n"
-#: ../../trunk/src/parse_args.c:576
+#: src/parse_args.c:593
msgid "run command (or edit file) as specified user\n"
msgstr "suorita komento (tai muokkaa tiedostoa) määriteltynä käyttäjänä\n"
-#: ../../trunk/src/parse_args.c:578
+#: src/parse_args.c:595
msgid "display version information and exit\n"
msgstr "näytä versiotiedot ja poistu\n"
-#: ../../trunk/src/parse_args.c:580
+#: src/parse_args.c:597
msgid "update user's timestamp without running a command\n"
msgstr "päivitä käyttäjän aikaleima suorittamatta komentoa\n"
-#: ../../trunk/src/parse_args.c:582
+#: src/parse_args.c:599
msgid "stop processing command line arguments\n"
msgstr "lopeta komentoriviargumenttien käsittely\n"
-#: ../../trunk/src/selinux.c:75
+#: src/selinux.c:77
#, c-format
msgid "unable to open audit system"
msgstr "ei kyetä avaamaan audit-järjestelmää"
-#: ../../trunk/src/selinux.c:85
+#: src/selinux.c:85
#, c-format
msgid "unable to send audit message"
msgstr "ei kyetä lähettämään audit-viestiä"
-#: ../../trunk/src/selinux.c:112
+#: src/selinux.c:113
#, c-format
msgid "unable to fgetfilecon %s"
msgstr "ei kyetä kutsumaan funktiota fgetfilecon %s"
-#: ../../trunk/src/selinux.c:117
+#: src/selinux.c:118
#, c-format
msgid "%s changed labels"
msgstr "%s muutti nimiöitä"
-#: ../../trunk/src/selinux.c:122
+#: src/selinux.c:123
#, c-format
msgid "unable to restore context for %s"
msgstr "ei kyetä palauttamaan asiayhteyttä kohteelle %s"
-#: ../../trunk/src/selinux.c:161
+#: src/selinux.c:163
#, c-format
msgid "unable to open %s, not relabeling tty"
msgstr "ei kyetä avaamaan kohdetta %s, ei nimiöidä uudelleen tty:tä"
-#: ../../trunk/src/selinux.c:170
+#: src/selinux.c:172
#, c-format
msgid "unable to get current tty context, not relabeling tty"
msgstr "ei kyetä hakemaan nykyistä tty-asiayhteyttä, ei nimiöidä uudelleen tty:tä"
-#: ../../trunk/src/selinux.c:177
+#: src/selinux.c:179
#, c-format
msgid "unable to get new tty context, not relabeling tty"
msgstr "ei kyetä hakemaan uutta tty-asiayhteyttä, ei nimiöidä uudelleen tty:tä"
-#: ../../trunk/src/selinux.c:184
+#: src/selinux.c:186
#, c-format
msgid "unable to set new tty context"
msgstr "ei kyetä asettamaan uutta tty-asiayhteyttä"
-#: ../../trunk/src/selinux.c:194 ../../trunk/src/selinux.c:207
-#: ../../trunk/src/sudo.c:330
-#, c-format
-msgid "unable to open %s"
-msgstr "ei kyetä avaamaan kohdetta %s"
-
-#: ../../trunk/src/selinux.c:249
+#: src/selinux.c:252
#, c-format
msgid "you must specify a role for type %s"
msgstr "tyypille %s on määriteltävä rooli"
-#: ../../trunk/src/selinux.c:255
+#: src/selinux.c:258
#, c-format
msgid "unable to get default type for role %s"
msgstr "roolille %s ei kyetä hakemaan oletustyyppiä"
-#: ../../trunk/src/selinux.c:273
+#: src/selinux.c:276
#, c-format
msgid "failed to set new role %s"
msgstr "uuden roolin %s asettaminen epäonnistui"
-#: ../../trunk/src/selinux.c:277
+#: src/selinux.c:280
#, c-format
msgid "failed to set new type %s"
msgstr "uuden tyypin %s asettaminen epäonnistui"
-#: ../../trunk/src/selinux.c:286
+#: src/selinux.c:289
#, c-format
msgid "%s is not a valid context"
msgstr "%s ei ole kelvollinen asiayhteys"
-#: ../../trunk/src/selinux.c:320
+#: src/selinux.c:324
#, c-format
msgid "failed to get old_context"
msgstr "kohteen old_context hakeminen epäonnistui"
-#: ../../trunk/src/selinux.c:326
+#: src/selinux.c:330
#, c-format
msgid "unable to determine enforcing mode."
msgstr "ei kyetä määrittelemään vahvistustilaa."
-#: ../../trunk/src/selinux.c:338
+#: src/selinux.c:342
#, c-format
msgid "unable to setup tty context for %s"
msgstr "ei kyetä asettamaan tty-asiayhteydeksi %s"
-#: ../../trunk/src/selinux.c:367
+#: src/selinux.c:373
#, c-format
msgid "unable to set exec context to %s"
msgstr "ei kyetä asettamaan suoritusasiayhteydeksi %s"
-#: ../../trunk/src/selinux.c:374
+#: src/selinux.c:380
#, c-format
msgid "unable to set key creation context to %s"
msgstr "ei kyetä asettamaan avaimenluontiasiayhteydeksi %s"
-#: ../../trunk/src/sesh.c:48
+#: src/sesh.c:70
+#, c-format
msgid "requires at least one argument"
msgstr "vaatii vähintään yhden argumentin"
-#: ../../trunk/src/sesh.c:64
+#: src/sesh.c:91
#, c-format
msgid "unable to execute %s"
msgstr "ei kyetä suorittamaan kohdetta %s"
-#: ../../trunk/src/sudo.c:192
-#, c-format
-msgid "must be setuid root"
-msgstr "on oltava setuid root"
-
-#: ../../trunk/src/sudo.c:210
+#: src/sudo.c:211
#, c-format
msgid "Sudo version %s\n"
msgstr "Sudo-versio %s\n"
-#: ../../trunk/src/sudo.c:212
+#: src/sudo.c:213
#, c-format
msgid "Configure options: %s\n"
msgstr "Asetusvalitsimet: %s\n"
-#: ../../trunk/src/sudo.c:217
+#: src/sudo.c:218
#, c-format
msgid "fatal error, unable to load plugins"
msgstr "kohtalokas virhe, ei kyetä lataamaan lisäosia"
-#: ../../trunk/src/sudo.c:225
+#: src/sudo.c:226
#, c-format
msgid "unable to initialize policy plugin"
msgstr "ei kyetä alustamaan menettelytapalisäosaa"
-#: ../../trunk/src/sudo.c:280
+#: src/sudo.c:281
#, c-format
msgid "error initializing I/O plugin %s"
msgstr "virhe alustettaessa siirräntälisäosaa %s"
-#: ../../trunk/src/sudo.c:307
+#: src/sudo.c:306
#, c-format
msgid "unexpected sudo mode 0x%x"
msgstr "odottamaton sudo-tila 0x%x"
-#: ../../trunk/src/sudo.c:356
+#: src/sudo.c:400
#, c-format
msgid "unable to get group vector"
msgstr "ei kyetä hakemaan ryhmävektoria"
-#: ../../trunk/src/sudo.c:394
+#: src/sudo.c:452
#, c-format
msgid "unknown uid %u: who are you?"
msgstr "tuntematon uid-käyttäjätunniste %u: kuka olet?"
-#: ../../trunk/src/sudo.c:734
+# ensimmäinen parametri on path
+#: src/sudo.c:760
+#, c-format
+msgid "%s must be owned by uid %d and have the setuid bit set"
+msgstr "polun %s omistajan on oltava uid %d ja setuid-bitin on oltava asetettu"
+
+#: src/sudo.c:763
+#, c-format
+msgid "effective uid is not %d, is %s on a file system with the 'nosuid' option set or an NFS file system without root privileges?"
+msgstr "todellinen käyttäjätunniste ei ole %d, onko %s asetettu tiedostojärjestelmässä, jossa on ’nosuid’-valitsin vai onko tämä NFS-tiedostojärjestelmä ilman root-käyttäjäoikeuksia?"
+
+#: src/sudo.c:769
+#, c-format
+msgid "effective uid is not %d, is sudo installed setuid root?"
+msgstr "todellinen käyttäjätunniste ei ole %d, onko sudo asennettu setuid root -käyttöoikeuksilla?"
+
+#: src/sudo.c:838
#, c-format
msgid "resource control limit has been reached"
msgstr "resurssivalvontaraja saavutettu"
-#: ../../trunk/src/sudo.c:737
+#: src/sudo.c:841
#, c-format
msgid "user \"%s\" is not a member of project \"%s\""
msgstr "käyttäjä ”%s” ei ole hankkeen ”%s” jäsen"
-#: ../../trunk/src/sudo.c:741
+#: src/sudo.c:845
#, c-format
msgid "the invoking task is final"
msgstr "kutsuttu tehtävä on final-tyyppinen"
-#: ../../trunk/src/sudo.c:744
+#: src/sudo.c:848
#, c-format
msgid "could not join project \"%s\""
msgstr "ei voitu liittyä hankkeeseen ”%s”"
-#: ../../trunk/src/sudo.c:749
+#: src/sudo.c:853
#, c-format
msgid "no resource pool accepting default bindings exists for project \"%s\""
msgstr "hankkeelle ”%s” ei ole oletusyhteydet hyväksyvää resurssivarantoa"
-#: ../../trunk/src/sudo.c:753
+#: src/sudo.c:857
#, c-format
msgid "specified resource pool does not exist for project \"%s\""
msgstr "hankkeelle ”%s” ei ole määriteltyä resurssivarantoa"
-#: ../../trunk/src/sudo.c:757
+#: src/sudo.c:861
#, c-format
msgid "could not bind to default resource pool for project \"%s\""
msgstr "hankkeelle ”%s” ei voitu sitoa oletusresurssivarantoa"
-#: ../../trunk/src/sudo.c:763
+#: src/sudo.c:867
#, c-format
msgid "setproject failed for project \"%s\""
msgstr "setproject hankkeelle ”%s” epäonnistui"
-#: ../../trunk/src/sudo.c:765
+#: src/sudo.c:869
#, c-format
msgid "warning, resource control assignment failed for project \"%s\""
msgstr "varoitus, hankkeen ”%s” resurssiohjausosoitus epäonnistui"
-# Solaris privileges, remove PRIV_PROC_EXEC post-execve.
-#: ../../trunk/src/sudo.c:791
-#, c-format
-msgid "unable to remove PRIV_PROC_EXEC from PRIV_LIMIT"
-msgstr "ei kyetä poistamaan PRIV_PROC_EXEC kohteesta PRIV_LIMIT"
-
-#: ../../trunk/src/sudo.c:895
+#: src/sudo.c:917
#, c-format
msgid "unknown login class %s"
msgstr "tuntematon kirjautumisluokka %s"
-#: ../../trunk/src/sudo.c:902 ../../trunk/src/sudo.c:905
+#: src/sudo.c:931 src/sudo.c:934
#, c-format
msgid "unable to set user context"
msgstr "ei kyetä asettamaan käyttäjäasiayhteyttä"
+#: src/sudo.c:946
+#, c-format
+msgid "unable to set supplementary group IDs"
+msgstr "ei kyetä asettamaan lisäryhmätunnisteita"
+
# tämän ymmärrän niin, että käyttäjärjestelmäydin luo tiedoston ja antaa tälle tavallaan tilapäisen effective gid-tunnisteen, joka vaihdetaan suorittamisen yhteydessä prosessin omistajan suoritettavaksi ryhmätunnisteeksi.
-#: ../../trunk/src/sudo.c:916
+#: src/sudo.c:953
#, c-format
msgid "unable to set effective gid to runas gid %u"
msgstr "ei kyetä asettamaan voimassaolevaa gid-ryhmätunnistetta suoritettavaksi gid-ryhmätunnisteeksi %u"
-#: ../../trunk/src/sudo.c:921
+#: src/sudo.c:959
#, c-format
msgid "unable to set gid to runas gid %u"
msgstr "ei kyetä asettamaan gid-ryhmätunnistetta suoritettavaksi gid-ryhmätunnisteeksi %u"
-#: ../../trunk/src/sudo.c:929 ../../trunk/src/sudo.c:935
-#, c-format
-msgid "unable to set supplementary group IDs"
-msgstr "ei kyetä asettamaan lisäryhmätunnisteita"
-
-#: ../../trunk/src/sudo.c:943
+#: src/sudo.c:966
#, c-format
msgid "unable to set process priority"
msgstr "ei kyetä asettamaan prosessiprioriteettia"
-#: ../../trunk/src/sudo.c:951
+#: src/sudo.c:974
#, c-format
msgid "unable to change root to %s"
msgstr "ei kyetä vaihtamaan root-käyttäjää käyttäjäksi %s"
-#: ../../trunk/src/sudo.c:961 ../../trunk/src/sudo.c:967
-#: ../../trunk/src/sudo.c:973
+#: src/sudo.c:981 src/sudo.c:987 src/sudo.c:993
#, c-format
msgid "unable to change to runas uid (%u, %u)"
msgstr "ei kyetä vaihtamaan suoritettavaksi uid-käyttäjätunnisteeksi (%u, %u)"
# parametrina on CWD- eli Change Working Directory- komennolla palautettava hakemisto
-#: ../../trunk/src/sudo.c:987
+#: src/sudo.c:1007
#, c-format
msgid "unable to change directory to %s"
msgstr "ei kyetä vaihtamaan hakemistoksi %s"
-#: ../../trunk/src/sudo.c:1078
+#: src/sudo.c:1079
#, c-format
msgid "unexpected child termination condition: %d"
msgstr "lapsiprosessin odottamaton päättymisehto: %d"
-#: ../../trunk/src/sudo.c:1118
+#: src/sudo.c:1140
#, c-format
msgid "policy plugin %s does not support listing privileges"
msgstr "menettelytapalisäosa %s ei tue luettelointikäyttöoikeuksia"
-#: ../../trunk/src/sudo.c:1129
+#: src/sudo.c:1152
#, c-format
msgid "policy plugin %s does not support the -v option"
msgstr "menettelytapalisäosa %s ei tue valitsinta -v"
-#: ../../trunk/src/sudo.c:1140
+#: src/sudo.c:1164
#, c-format
msgid "policy plugin %s does not support the -k/-K options"
msgstr "menettelytapalisäosa %s ei tue valitsimia -k/-K"
-#: ../../trunk/src/sudo_edit.c:108
+#: src/sudo_edit.c:111
#, c-format
msgid "unable to change uid to root (%u)"
msgstr "ei kyetä vaihtamaan uid-käyttäjätunnistetta root-tunnisteeksi (%u)"
-#: ../../trunk/src/sudo_edit.c:140
+#: src/sudo_edit.c:143
#, c-format
msgid "plugin error: missing file list for sudoedit"
msgstr "lisäosavirhe: puuttuu sudoedit-tiedostoluettelo"
-#: ../../trunk/src/sudo_edit.c:172 ../../trunk/src/sudo_edit.c:280
+#: src/sudo_edit.c:171 src/sudo_edit.c:271
#, c-format
msgid "%s: not a regular file"
msgstr "%s: ei ole tavallinen tiedosto"
-#: ../../trunk/src/sudo_edit.c:206 ../../trunk/src/sudo_edit.c:316
+#: src/sudo_edit.c:205 src/sudo_edit.c:307
#, c-format
msgid "%s: short write"
msgstr "%s: lyhyt kirjoitus"
-#: ../../trunk/src/sudo_edit.c:281
+#: src/sudo_edit.c:272
#, c-format
msgid "%s left unmodified"
msgstr "%s jätetty muokkaamattomaksi"
-#: ../../trunk/src/sudo_edit.c:294
+#: src/sudo_edit.c:285
#, c-format
msgid "%s unchanged"
msgstr "%s muuttamaton"
-#: ../../trunk/src/sudo_edit.c:306 ../../trunk/src/sudo_edit.c:327
+#: src/sudo_edit.c:297 src/sudo_edit.c:318
#, c-format
msgid "unable to write to %s"
msgstr "ei kyetä kirjoittamaan kohteeseen %s"
-#: ../../trunk/src/sudo_edit.c:307 ../../trunk/src/sudo_edit.c:325
-#: ../../trunk/src/sudo_edit.c:328
+#: src/sudo_edit.c:298 src/sudo_edit.c:316 src/sudo_edit.c:319
#, c-format
msgid "contents of edit session left in %s"
msgstr "muokkausistunnon sisältö jätetty kohteessa %s"
-#: ../../trunk/src/sudo_edit.c:324
+#: src/sudo_edit.c:315
#, c-format
msgid "unable to read temporary file"
msgstr "ei kyetä lukemaan tilapäistä tiedostoa"
-#: ../../trunk/src/tgetpass.c:95
+#: src/tgetpass.c:90
#, c-format
msgid "no tty present and no askpass program specified"
msgstr "ei tty:tä käytettävissä eikä salasanan kyselyohjelmaa määriteltynä"
-#: ../../trunk/src/tgetpass.c:104
+#: src/tgetpass.c:99
#, c-format
msgid "no askpass program specified, try setting SUDO_ASKPASS"
msgstr "salasanan kyselyohjelma ei ole määritelty, yritä asettaa SUDO_ASKPASS"
-#: ../../trunk/src/tgetpass.c:234
+#: src/tgetpass.c:231
#, c-format
msgid "unable to set gid to %u"
msgstr "ei kyetä asettamaan gid-ryhmätunnisteeksi %u"
-#: ../../trunk/src/tgetpass.c:238
+#: src/tgetpass.c:235
#, c-format
msgid "unable to set uid to %u"
msgstr "ei kyetä asettamaan uid-käyttäjätunnisteeksi %u"
-#: ../../trunk/src/tgetpass.c:243
+#: src/tgetpass.c:240
#, c-format
msgid "unable to run %s"
msgstr "ei kyetä suorittamaan salasanakyselyä %s"
-#: ../../trunk/src/utmp.c:263
+#: src/utmp.c:278
#, c-format
msgid "unable to save stdin"
msgstr "ei kyetä tallentamaan vakiosyötettä"
-#: ../../trunk/src/utmp.c:265
+#: src/utmp.c:280
#, c-format
msgid "unable to dup2 stdin"
msgstr "ei kyetä kutsumaan funktiota dup2 vakiosyötteellä"
-#: ../../trunk/src/utmp.c:268
+#: src/utmp.c:283
#, c-format
msgid "unable to restore stdin"
msgstr "ei kyetä palauttamaan vakiosyötettä"
-#: ../../trunk/common/aix.c:144
-#, c-format
-msgid "unable to open userdb"
-msgstr "ei kyetä avaamaan userdb-käyttäjätietokantaa"
+#~ msgid "must be setuid root"
+#~ msgstr "on oltava setuid root"
-#: ../../trunk/common/aix.c:147
-#, c-format
-msgid "unable to switch to registry \"%s\" for %s"
-msgstr "ei kyetä vaihtamaan registeriä ”%s” käyttäjälle %s"
-
-#: ../../trunk/common/aix.c:161
-#, c-format
-msgid "unable to restore registry"
-msgstr "ei kyetä palauttamaan rekisteriä"
-
-#: ../../trunk/common/alloc.c:82
-#, c-format
-msgid "internal error, tried to emalloc(0)"
-msgstr "sisäinen virhe, yritettiin suorittaa emalloc(0)"
-
-#: ../../trunk/common/alloc.c:99
-#, c-format
-msgid "internal error, tried to emalloc2(0)"
-msgstr "sisäinen virhe, yritettiin suorittaa emalloc2(0)"
-
-#: ../../trunk/common/alloc.c:101
-#, c-format
-msgid "internal error, emalloc2() overflow"
-msgstr "sisäinen virhe, emalloc2() -ylivuoto"
-
-#: ../../trunk/common/alloc.c:119
-#, c-format
-msgid "internal error, tried to erealloc(0)"
-msgstr "sisäinen virhe, yritettiin suorittaa erealloc(0)"
-
-#: ../../trunk/common/alloc.c:138
-#, c-format
-msgid "internal error, tried to erealloc3(0)"
-msgstr "sisäinen virhe, yritettiin suorittaa erealloc3(0)"
-
-#: ../../trunk/common/alloc.c:140
-#, c-format
-msgid "internal error, erealloc3() overflow"
-msgstr "sisäinen virhe, erealloc3() -ylivuoto"
-
-#: ../../trunk/compat/strsignal.c:47
-msgid "Unknown signal"
-msgstr "Tuntematon signaali"
+#~ msgid "the argument to -D must be between 1 and 9 inclusive"
+#~ msgstr "valitsimen -D argumentin on oltava alueella 1 - 9"
--- /dev/null
+# Galician translations for sudo package.
+# This file is put in the public domain.
+# Fran Dieguez <frandieguez@gnome.org>, 2012.
+# Francisco Diéguez <frandieguez@ubuntu.com>, 2012.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: sudo 1.8.4b1\n"
+"Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n"
+"POT-Creation-Date: 2012-01-06 15:10-0500\n"
+"PO-Revision-Date: 2012-02-07 22:35+0100\n"
+"Last-Translator: Francisco Diéguez <frandieguez@ubuntu.com>\n"
+"Language-Team: Galician <proxecto@trasno.net>\n"
+"Language: gl_ES\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n!=1);\n"
+
+#: src/error.c:82 src/error.c:86
+msgid ": "
+msgstr ": "
+
+#: src/exec.c:133 src/exec_pty.c:604 src/exec_pty.c:936 src/tgetpass.c:227
+#, c-format
+msgid "unable to fork"
+msgstr "non se pode bifurcar"
+
+#: src/exec.c:299
+#, c-format
+msgid "unable to create sockets"
+msgstr "non foi posíbel crear sockets"
+
+#: src/exec.c:306 src/exec_pty.c:557 src/exec_pty.c:565 src/exec_pty.c:572
+#: src/exec_pty.c:871 src/exec_pty.c:933 src/tgetpass.c:224
+#, c-format
+msgid "unable to create pipe"
+msgstr "non foi psosíbel crear tubería"
+
+#: src/exec.c:373 src/exec_pty.c:1000 src/exec_pty.c:1135
+#, c-format
+msgid "select failed"
+msgstr "selección fallada"
+
+#: src/exec.c:458
+#, c-format
+msgid "unable to restore tty label"
+msgstr "non foi posíbel restaurar a etiqueta tty"
+
+#: src/exec_pty.c:140
+#, c-format
+msgid "unable to allocate pty"
+msgstr "non foi posíbel asignar pty"
+
+#: src/exec_pty.c:597
+#, c-format
+msgid "unable to set terminal to raw mode"
+msgstr "non foi posíbel estabelcer a terminal en modo directo"
+
+#: src/exec_pty.c:914
+#, c-format
+msgid "unable to set controlling tty"
+msgstr "non foi posíebl estabelecer o controlador tty"
+
+#: src/exec_pty.c:1008
+#, c-format
+msgid "error reading from signal pipe"
+msgstr "produciuse un erro ao ler desde a tubería do sinal"
+
+#: src/exec_pty.c:1027
+#, c-format
+msgid "error reading from pipe"
+msgstr "produciuse un erro ao ler da tubería"
+
+#: src/exec_pty.c:1043
+#, c-format
+msgid "error reading from socketpair"
+msgstr "produciuse un erro ao ler de socketpair"
+
+#: src/exec_pty.c:1047
+#, c-format
+msgid "unexpected reply type on backchannel: %d"
+msgstr "tipo de resposta inesperada en canles alternos %d"
+
+#: src/load_plugins.c:79
+#, c-format
+msgid "%s: %s"
+msgstr "%s: %s"
+
+#: src/load_plugins.c:85
+#, c-format
+msgid "%s%s: %s"
+msgstr "%s%s: %s"
+
+#: src/load_plugins.c:95
+#, c-format
+msgid "%s must be owned by uid %d"
+msgstr "%s debe ser propiedade do uid %d"
+
+#: src/load_plugins.c:99
+#, c-format
+msgid "%s must be only be writable by owner"
+msgstr "%s só debe ter permisos de escritura polo propietario"
+
+#: src/load_plugins.c:106
+#, c-format
+msgid "unable to dlopen %s: %s"
+msgstr "non foi posíbel dlopen %s: %s"
+
+#: src/load_plugins.c:111
+#, c-format
+msgid "%s: unable to find symbol %s"
+msgstr "%s: non é posíbel atopar o símbolo %s"
+
+#: src/load_plugins.c:117
+#, c-format
+msgid "%s: unknown policy type %d"
+msgstr "%s: tipo de política descoñecida %d"
+
+#: src/load_plugins.c:121
+#, c-format
+msgid "%s: incompatible policy major version %d, expected %d"
+msgstr "%s: versión maiór %d da política incompatíbel, agardábase %d"
+
+#: src/load_plugins.c:128
+#, c-format
+msgid "%s: only a single policy plugin may be loaded"
+msgstr "%s: só se pode cargar unha política de engadido"
+
+#: src/load_plugins.c:146
+#, c-format
+msgid "%s: at least one policy plugin must be specified"
+msgstr "%s: debe ser especificada cando menos unha política de engadido"
+
+#: src/load_plugins.c:151
+#, c-format
+msgid "policy plugin %s does not include a check_policy method"
+msgstr "a política do engadido %s non inclúe un método check_policy"
+
+#: src/net_ifs.c:157 src/net_ifs.c:166 src/net_ifs.c:178 src/net_ifs.c:187
+#: src/net_ifs.c:298 src/net_ifs.c:322
+#, c-format
+msgid "load_interfaces: overflow detected"
+msgstr "load_interfaces: desbordamento detectado"
+
+#: src/net_ifs.c:227
+#, c-format
+msgid "unable to open socket"
+msgstr "non foi posíbel abrir o socket"
+
+#: src/parse_args.c:187
+#, c-format
+msgid "the argument to -C must be a number greater than or equal to 3"
+msgstr "o agumento -C debe ser un número maior ou igual a 3"
+
+#: src/parse_args.c:276
+#, c-format
+msgid "unknown user: %s"
+msgstr "usuario descoñecido: %s"
+
+#: src/parse_args.c:335
+#, c-format
+msgid "you may not specify both the `-i' and `-s' options"
+msgstr "non se deben especificar as opcións «-i» e «-s» simultáneamente"
+
+#: src/parse_args.c:339
+#, c-format
+msgid "you may not specify both the `-i' and `-E' options"
+msgstr "non se deben especificar as opcións «-i» e «-E» simultáneamente"
+
+#: src/parse_args.c:349
+#, c-format
+msgid "the `-E' option is not valid in edit mode"
+msgstr "a opción «-E» non é válida no modo edición"
+
+#: src/parse_args.c:351
+#, c-format
+msgid "you may not specify environment variables in edit mode"
+msgstr "non se deben especificar variábeis de contorno no modo edición"
+
+#: src/parse_args.c:359
+#, c-format
+msgid "the `-U' option may only be used with the `-l' option"
+msgstr "a opción «-U» só se pode usar coa opción «-l»"
+
+#: src/parse_args.c:363
+#, c-format
+msgid "the `-A' and `-S' options may not be used together"
+msgstr "as opcións «-A» e «-S» non se poden empregar conxuntamente"
+
+#: src/parse_args.c:432 src/sudo.c:482 src/sudo.c:502 src/sudo.c:509
+#: src/sudo.c:519 common/alloc.c:85 common/alloc.c:105 common/alloc.c:123
+#: common/alloc.c:145 common/alloc.c:203 common/alloc.c:217
+#, c-format
+msgid "unable to allocate memory"
+msgstr "non foi posíbel asignar memoria"
+
+#: src/parse_args.c:445
+#, c-format
+msgid "sudoedit is not supported on this platform"
+msgstr "sudoedit non se admite nesta plataforma"
+
+#: src/parse_args.c:518
+#, c-format
+msgid "Only one of the -e, -h, -i, -K, -l, -s, -v or -V options may be specified"
+msgstr "Só pode especificar unha das opcións -e, -h, -i, -K, -l, -s, -v ou -V"
+
+#: src/parse_args.c:532
+#, c-format
+msgid ""
+"%s - edit files as another user\n"
+"\n"
+msgstr ""
+"%s - edita ficheiros como outro usuario\n"
+"\n"
+
+#: src/parse_args.c:534
+#, c-format
+msgid ""
+"%s - execute a command as another user\n"
+"\n"
+msgstr ""
+"%s - executa unha orde como outro usuario\n"
+"\n"
+
+#: src/parse_args.c:539
+#, c-format
+msgid ""
+"\n"
+"Options:\n"
+msgstr ""
+"\n"
+"Opcións:\n"
+
+#: src/parse_args.c:542
+msgid "use helper program for password prompting\n"
+msgstr "usar o programa de axuda para a solicitude de contrasinal\n"
+
+#: src/parse_args.c:545
+msgid "use specified BSD authentication type\n"
+msgstr "usar tipo de autenticación especificado en BSD\n"
+
+#: src/parse_args.c:547
+msgid "run command in the background\n"
+msgstr "executa unha orde en segundo plano\n"
+
+#: src/parse_args.c:549
+msgid "close all file descriptors >= fd\n"
+msgstr "pecha todos os descriptores de ficheiro >= td\n"
+
+#: src/parse_args.c:552
+msgid "run command with specified login class\n"
+msgstr "executa unha orde coa clase especificada de inicio de sesión\n"
+
+#: src/parse_args.c:555
+msgid "preserve user environment when executing command\n"
+msgstr "preserva o contorno de usuario ao executar unha orde\n"
+
+#: src/parse_args.c:557
+msgid "edit files instead of running a command\n"
+msgstr "edita ficheiros no lugar de executar unha orde\n"
+
+#: src/parse_args.c:559
+msgid "execute command as the specified group\n"
+msgstr "executa unha orde como o grupo especificado\n"
+
+#: src/parse_args.c:561
+msgid "set HOME variable to target user's home dir.\n"
+msgstr "asigna a variábel HOME ao cartafol de inicio do usuario\n"
+
+#: src/parse_args.c:563
+msgid "display help message and exit\n"
+msgstr "mostra esta mensaxe de axuda e sae\n"
+
+#: src/parse_args.c:565
+msgid "run a login shell as target user\n"
+msgstr "executa un intérprete de ordes como un determinado usuario\n"
+
+#: src/parse_args.c:567
+msgid "remove timestamp file completely\n"
+msgstr "remove un ficheiro de marca completamente\n"
+
+#: src/parse_args.c:569
+msgid "invalidate timestamp file\n"
+msgstr "ficheiro de marca non válido\n"
+
+#: src/parse_args.c:571
+msgid "list user's available commands\n"
+msgstr "lista de ordes do usuario dispoñíbeis\n"
+
+#: src/parse_args.c:573
+msgid "non-interactive mode, will not prompt user\n"
+msgstr "modo non interactivo, non se preguntará ao usuario\n"
+
+#: src/parse_args.c:575
+msgid "preserve group vector instead of setting to target's\n"
+msgstr "preserva o vector de grupos no lugar de estabelecelo ao obxectivo\n"
+
+#: src/parse_args.c:577
+msgid "use specified password prompt\n"
+msgstr "usa o contrasinal especificado\n"
+
+#: src/parse_args.c:580 src/parse_args.c:588
+msgid "create SELinux security context with specified role\n"
+msgstr "crea un contexto de seguranza SELinux coa regra especificada\n"
+
+#: src/parse_args.c:583
+msgid "read password from standard input\n"
+msgstr "lee o contrasinal desde a entrada estándar\n"
+
+#: src/parse_args.c:585
+msgid "run a shell as target user\n"
+msgstr "executa un intérprete de ordes como un determinado usuario\n"
+
+#: src/parse_args.c:591
+msgid "when listing, list specified user's privileges\n"
+msgstr "cando está na lista, mostra os privilexios do usuario especificado\n"
+
+#: src/parse_args.c:593
+msgid "run command (or edit file) as specified user\n"
+msgstr "executa unha orde (ou edita un ficheiro) como un usuario específico\n"
+
+#: src/parse_args.c:595
+msgid "display version information and exit\n"
+msgstr "mostra a información da versión e sae\n"
+
+#: src/parse_args.c:597
+msgid "update user's timestamp without running a command\n"
+msgstr "actualiza a marca do usuario sen executar unha orde\n"
+
+#: src/parse_args.c:599
+msgid "stop processing command line arguments\n"
+msgstr "deten o proceso de argumentos da liña de ordes\n"
+
+#: src/selinux.c:76
+#, c-format
+msgid "unable to open audit system"
+msgstr "non foi posíbel abrir o sistema de auditoría"
+
+#: src/selinux.c:84
+#, c-format
+msgid "unable to send audit message"
+msgstr "non foi posíbel enviar a mensaxe de auditoría"
+
+#: src/selinux.c:112
+#, c-format
+msgid "unable to fgetfilecon %s"
+msgstr "non foi posíbel executar fgetfilecon %s"
+
+#: src/selinux.c:117
+#, c-format
+msgid "%s changed labels"
+msgstr "%s etiquetas cambiadas"
+
+#: src/selinux.c:122
+#, c-format
+msgid "unable to restore context for %s"
+msgstr "non foi posíbel restaurar o contexto para %s"
+
+#: src/selinux.c:162
+#, c-format
+msgid "unable to open %s, not relabeling tty"
+msgstr "non foi posíbel abrir %s, non volver a etiquetar tty"
+
+#: src/selinux.c:171
+#, c-format
+msgid "unable to get current tty context, not relabeling tty"
+msgstr "non se pode obter o contexto actual de tty, non volver a etiquetar tty"
+
+#: src/selinux.c:178
+#, c-format
+msgid "unable to get new tty context, not relabeling tty"
+msgstr "non foi posíbel obter o novo contexto tty, non volver a etiquetar tty"
+
+#: src/selinux.c:185
+#, c-format
+msgid "unable to set new tty context"
+msgstr "non foi posíbel estabelecer o novo contexto tty"
+
+#: src/selinux.c:195 src/selinux.c:208 src/sudo.c:335
+#, c-format
+msgid "unable to open %s"
+msgstr "non foi posíbel abrir %s"
+
+#: src/selinux.c:251
+#, c-format
+msgid "you must specify a role for type %s"
+msgstr "débese especificar unha regra por tipo %s"
+
+#: src/selinux.c:257
+#, c-format
+msgid "unable to get default type for role %s"
+msgstr "non foi posíbel obter o tipo de regra predeterminada %s"
+
+#: src/selinux.c:275
+#, c-format
+msgid "failed to set new role %s"
+msgstr "produciouse un fallo ao estabelecer a nova regra %s"
+
+#: src/selinux.c:279
+#, c-format
+msgid "failed to set new type %s"
+msgstr "produciuse un fallo ao estabelecer o novo tipo %s"
+
+#: src/selinux.c:288
+#, c-format
+msgid "%s is not a valid context"
+msgstr "%s non é un contexto válido"
+
+#: src/selinux.c:323
+#, c-format
+msgid "failed to get old_context"
+msgstr "produciuse un fallo ao obter old_context"
+
+#: src/selinux.c:329
+#, c-format
+msgid "unable to determine enforcing mode."
+msgstr "non foi posíbel determinar o método de forzado"
+
+#: src/selinux.c:341
+#, c-format
+msgid "unable to setup tty context for %s"
+msgstr "non foi posíbel estabelecer o contexto tty para %s"
+
+#: src/selinux.c:371
+#, c-format
+msgid "unable to set exec context to %s"
+msgstr "non foi posíbel o contexto de execución a %s"
+
+#: src/selinux.c:378
+#, c-format
+msgid "unable to set key creation context to %s"
+msgstr "non foi posíbel estabelecer a chave de creación de contexto a %s"
+
+#: src/sesh.c:48
+msgid "requires at least one argument"
+msgstr "require cando menos un argumento"
+
+#: src/sesh.c:64
+#, c-format
+msgid "unable to execute %s"
+msgstr "non se pode executar %s"
+
+#: src/sudo.c:198
+#, c-format
+msgid "must be setuid root"
+msgstr "debe ser setuid root"
+
+#: src/sudo.c:219
+#, c-format
+msgid "Sudo version %s\n"
+msgstr "Sudo versión %s\n"
+
+#: src/sudo.c:221
+#, c-format
+msgid "Configure options: %s\n"
+msgstr "Opcións de configuración: %s\n"
+
+#: src/sudo.c:226
+#, c-format
+msgid "fatal error, unable to load plugins"
+msgstr "erro fatal, non foi posíbel cargar os engadidos"
+
+#: src/sudo.c:234
+#, c-format
+msgid "unable to initialize policy plugin"
+msgstr "non foi posíbel inicializar a normativa do engadido"
+
+#: src/sudo.c:289
+#, c-format
+msgid "error initializing I/O plugin %s"
+msgstr "erro ao inicializar os engadidos de E/S %s"
+
+#: src/sudo.c:310
+#, c-format
+msgid "unexpected sudo mode 0x%x"
+msgstr "modo sudo 0x%x non agardado"
+
+#: src/sudo.c:404
+#, c-format
+msgid "unable to get group vector"
+msgstr "non é posíbel obter o vector de grupo"
+
+#: src/sudo.c:478
+#, c-format
+msgid "unknown uid %u: who are you?"
+msgstr "uid descoñecido %u: quen é vostede?"
+
+#: src/sudo.c:818
+#, c-format
+msgid "resource control limit has been reached"
+msgstr "o límite de control de recursos foi alcanzado"
+
+#: src/sudo.c:821
+#, c-format
+msgid "user \"%s\" is not a member of project \"%s\""
+msgstr "o usuario «%s» non é membro do grupo «%s»"
+
+#: src/sudo.c:825
+#, c-format
+msgid "the invoking task is final"
+msgstr "a tarefa que invoca é definitiva"
+
+#: src/sudo.c:828
+#, c-format
+msgid "could not join project \"%s\""
+msgstr "non podería unirse ao proxecto «%s»"
+
+#: src/sudo.c:833
+#, c-format
+msgid "no resource pool accepting default bindings exists for project \"%s\""
+msgstr "non hai fondo de recursos aceptando as asignacións existentes par ao proxecto «%s»"
+
+#: src/sudo.c:837
+#, c-format
+msgid "specified resource pool does not exist for project \"%s\""
+msgstr "o fondo de recursos especificado non existe para o proxecto «%s»"
+
+#: src/sudo.c:841
+#, c-format
+msgid "could not bind to default resource pool for project \"%s\""
+msgstr "non se podería ligar ao fondo de recursos predeterminado para o proxecto «%s»"
+
+#: src/sudo.c:847
+#, c-format
+msgid "setproject failed for project \"%s\""
+msgstr "configuración do proxecto fallada «%s»"
+
+#: src/sudo.c:849
+#, c-format
+msgid "warning, resource control assignment failed for project \"%s\""
+msgstr "aviso, o control de asignación de recuros fallou para o proxecto «%s»"
+
+#: src/sudo.c:879
+#, c-format
+msgid "unable to remove PRIV_PROC_EXEC from PRIV_LIMIT"
+msgstr "non foi posíbel eliminar PRIV_PROC_EXEC desde PRIV_LIMIT"
+
+#: src/sudo.c:988
+#, c-format
+msgid "unknown login class %s"
+msgstr "clase de inicio de sesión descoñecida %s"
+
+#: src/sudo.c:1004 src/sudo.c:1007
+#, c-format
+msgid "unable to set user context"
+msgstr "non foi posíbel estabelecer o contexto do usuario"
+
+#: src/sudo.c:1022
+#, c-format
+msgid "unable to set effective gid to runas gid %u"
+msgstr "non foi posíbel estabelcer o gid efectivo para executar como gid %u"
+
+#: src/sudo.c:1028
+#, c-format
+msgid "unable to set gid to runas gid %u"
+msgstr "non foi posíbel estabelcer o gid para executar como gid %u"
+
+#: src/sudo.c:1036
+#, c-format
+msgid "unable to set supplementary group IDs"
+msgstr "non foi posíbel estabelecer o grupo suplementario de IDs"
+
+#: src/sudo.c:1044
+#, c-format
+msgid "unable to set process priority"
+msgstr "non foi posíbel estabelecer a prioridade de proceso"
+
+#: src/sudo.c:1052
+#, c-format
+msgid "unable to change root to %s"
+msgstr "non foi posíbel cambiar de root a %s"
+
+#: src/sudo.c:1062 src/sudo.c:1068 src/sudo.c:1074
+#, c-format
+msgid "unable to change to runas uid (%u, %u)"
+msgstr "non foi posíbel cambiar as runas uid (%u, %u)"
+
+#: src/sudo.c:1088
+#, c-format
+msgid "unable to change directory to %s"
+msgstr "non foi posíbel cambiar ao cartafol %s"
+
+#: src/sudo.c:1158
+#, c-format
+msgid "unexpected child termination condition: %d"
+msgstr "terminación de condición filla non agardada: %d"
+
+#: src/sudo.c:1204
+#, c-format
+msgid "policy plugin %s does not support listing privileges"
+msgstr "a política do engadido %s non admite o listado de privilexios"
+
+#: src/sudo.c:1216
+#, c-format
+msgid "policy plugin %s does not support the -v option"
+msgstr "a política do engadido %s non admite a opción -v"
+
+#: src/sudo.c:1228
+#, c-format
+msgid "policy plugin %s does not support the -k/-K options"
+msgstr "a normativa do engadido %s non admite as opcións -k/-K"
+
+#: src/sudo_edit.c:111
+#, c-format
+msgid "unable to change uid to root (%u)"
+msgstr "non foi posíbel cambiar uid a root (%u)"
+
+#: src/sudo_edit.c:143
+#, c-format
+msgid "plugin error: missing file list for sudoedit"
+msgstr "erro do engadido: falta a lista de ficheiros para sudoedit"
+
+#: src/sudo_edit.c:171 src/sudo_edit.c:271
+#, c-format
+msgid "%s: not a regular file"
+msgstr "%s: non é un ficheiro regular"
+
+#: src/sudo_edit.c:205 src/sudo_edit.c:307
+#, c-format
+msgid "%s: short write"
+msgstr "%s: escritura curta"
+
+#: src/sudo_edit.c:272
+#, c-format
+msgid "%s left unmodified"
+msgstr "%s sen modificar"
+
+#: src/sudo_edit.c:285
+#, c-format
+msgid "%s unchanged"
+msgstr "%s sen cambios"
+
+#: src/sudo_edit.c:297 src/sudo_edit.c:318
+#, c-format
+msgid "unable to write to %s"
+msgstr "non foi posíbel escribir en %s"
+
+#: src/sudo_edit.c:298 src/sudo_edit.c:316 src/sudo_edit.c:319
+#, c-format
+msgid "contents of edit session left in %s"
+msgstr "os contidos de edición de sesión déixanse en %s"
+
+#: src/sudo_edit.c:315
+#, c-format
+msgid "unable to read temporary file"
+msgstr "non é posíbel ler o ficheiro temporal"
+
+#: src/tgetpass.c:96
+#, c-format
+msgid "no tty present and no askpass program specified"
+msgstr "sen tty presente e non se especificou un programa askpass"
+
+#: src/tgetpass.c:105
+#, c-format
+msgid "no askpass program specified, try setting SUDO_ASKPASS"
+msgstr "non hai programa askpass especificado, tente estabelecer SUDO_ASKPASS"
+
+#: src/tgetpass.c:237
+#, c-format
+msgid "unable to set gid to %u"
+msgstr "non foi posíbel estabelecer o gid a %u"
+
+#: src/tgetpass.c:241
+#, c-format
+msgid "unable to set uid to %u"
+msgstr "non foi posíbel estabelecer o uid a %u"
+
+#: src/tgetpass.c:246
+#, c-format
+msgid "unable to run %s"
+msgstr "non foi posíbel executar %s"
+
+#: src/utmp.c:278
+#, c-format
+msgid "unable to save stdin"
+msgstr "non foi posíbel gardar stdin"
+
+#: src/utmp.c:280
+#, c-format
+msgid "unable to dup2 stdin"
+msgstr "non foi posíbel facer dup2 stdin"
+
+#: src/utmp.c:283
+#, c-format
+msgid "unable to restore stdin"
+msgstr "non foi posíbel restaurar stdin"
+
+#: common/aix.c:144
+#, c-format
+msgid "unable to open userdb"
+msgstr "non foi posíbel abrir userdb"
+
+#: common/aix.c:147
+#, c-format
+msgid "unable to switch to registry \"%s\" for %s"
+msgstr "non foi posíbel cambiar ao rexistro «%s» para %s"
+
+#: common/aix.c:161
+#, c-format
+msgid "unable to restore registry"
+msgstr "non foi posíbel restaurar o rexistro"
+
+#: common/alloc.c:82
+msgid "internal error, tried to emalloc(0)"
+msgstr "erro interno: tentou emalloc(0)"
+
+#: common/alloc.c:99
+msgid "internal error, tried to emalloc2(0)"
+msgstr "erro interno: tentou emalloc2(0)"
+
+#: common/alloc.c:101
+msgid "internal error, emalloc2() overflow"
+msgstr "erro interno: desbordamento en emalloc2(0)"
+
+#: common/alloc.c:119
+msgid "internal error, tried to erealloc(0)"
+msgstr "erro interno: tentou erealloc(0)"
+
+#: common/alloc.c:138
+msgid "internal error, tried to erealloc3(0)"
+msgstr "erro interno: tentou erealloc3(0)"
+
+#: common/alloc.c:140
+msgid "internal error, erealloc3() overflow"
+msgstr "erro interno: desbordamento de erealloc3(0)"
+
+#: compat/strsignal.c:47
+msgid "Unknown signal"
+msgstr "Sinal descoñecido"
--- /dev/null
+# Translation of sudo to Croatian.
+# This file is put in the public domain.
+# Tomislav Krznar <tomislav.krznar@gmail.com>, 2012.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: sudo 1.8.5rc1\n"
+"Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n"
+"POT-Creation-Date: 2012-03-28 14:06-0400\n"
+"PO-Revision-Date: 2012-04-17 22:01+0200\n"
+"Last-Translator: Tomislav Krznar <tomislav.krznar@gmail.com>\n"
+"Language-Team: Croatian <lokalizacija@linux.hr>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2)\n"
+
+#: src/error.c:82 src/error.c:86
+msgid ": "
+msgstr ": "
+
+#: src/exec.c:105 src/exec_pty.c:616 src/exec_pty.c:948 src/tgetpass.c:221
+#, c-format
+msgid "unable to fork"
+msgstr "ne mogu razdvojiti"
+
+#: src/exec.c:252
+#, c-format
+msgid "unable to create sockets"
+msgstr "ne mogu napraviti utičnice"
+
+#: src/exec.c:259 src/exec_pty.c:567 src/exec_pty.c:576 src/exec_pty.c:584
+#: src/exec_pty.c:883 src/exec_pty.c:945 src/tgetpass.c:218
+#, c-format
+msgid "unable to create pipe"
+msgstr "ne mogu napraviti cjevovod"
+
+#: src/exec.c:340 src/exec_pty.c:1011 src/exec_pty.c:1146
+#, c-format
+msgid "select failed"
+msgstr "odabir nije uspio"
+
+#: src/exec.c:425
+#, c-format
+msgid "unable to restore tty label"
+msgstr "ne mogu vratiti tty oznaku"
+
+#: src/exec_common.c:69
+#, c-format
+msgid "unable to remove PRIV_PROC_EXEC from PRIV_LIMIT"
+msgstr "ne mogu ukloniti PRIV_PROC_EXEC iz PRIV_LIMIT"
+
+#: src/exec_common.c:111 src/parse_args.c:432 src/sudo.c:447 src/sudo.c:467
+#: src/sudo.c:474 src/sudo.c:485 src/sudo.c:871 common/alloc.c:85
+#: common/alloc.c:105 common/alloc.c:127 common/alloc.c:146 common/alloc.c:168
+#: common/alloc.c:192 common/alloc.c:256 common/alloc.c:270
+#, c-format
+msgid "unable to allocate memory"
+msgstr "ne mogu alocirati memoriju"
+
+#: src/exec_pty.c:140
+#, c-format
+msgid "unable to allocate pty"
+msgstr "ne mogu alocirati pty"
+
+#: src/exec_pty.c:609
+#, c-format
+msgid "unable to set terminal to raw mode"
+msgstr "ne mogu postaviti terminal u sirovi način"
+
+#: src/exec_pty.c:926
+#, c-format
+msgid "unable to set controlling tty"
+msgstr "ne mogu postaviti kontrolni tty"
+
+#: src/exec_pty.c:1019
+#, c-format
+msgid "error reading from signal pipe"
+msgstr "greška čitanja iz cjevovoda signala"
+
+#: src/exec_pty.c:1038
+#, c-format
+msgid "error reading from pipe"
+msgstr "greška čitanja iz cjevovoda"
+
+#: src/exec_pty.c:1054
+#, c-format
+msgid "error reading from socketpair"
+msgstr "greška čitanja iz para utičnica"
+
+#: src/exec_pty.c:1058
+#, c-format
+msgid "unexpected reply type on backchannel: %d"
+msgstr "neočekivana vrsta odgovora na povratnom kanalu: %d"
+
+#: src/load_plugins.c:79
+#, c-format
+msgid "%s: %s"
+msgstr "%s: %s"
+
+#: src/load_plugins.c:85
+#, c-format
+msgid "%s%s: %s"
+msgstr "%s%s: %s"
+
+#: src/load_plugins.c:95
+#, c-format
+msgid "%s must be owned by uid %d"
+msgstr "vlasnik %s mora biti uid %d"
+
+#: src/load_plugins.c:99
+#, c-format
+msgid "%s must be only be writable by owner"
+msgstr "samo vlasnik smije imati dozvole za pisanje %s"
+
+#: src/load_plugins.c:106
+#, c-format
+msgid "unable to dlopen %s: %s"
+msgstr "ne mogu izvršiti dlopen %s: %s"
+
+#: src/load_plugins.c:111
+#, c-format
+msgid "%s: unable to find symbol %s"
+msgstr "%s: ne mogu pronaći simbol %s"
+
+#: src/load_plugins.c:117
+#, c-format
+msgid "%s: unknown policy type %d"
+msgstr "%s: nepoznata vrsta police %d"
+
+#: src/load_plugins.c:121
+#, c-format
+msgid "%s: incompatible policy major version %d, expected %d"
+msgstr "%s: nekompatibilna glavna inačica police %d, očekujem %d"
+
+#: src/load_plugins.c:128
+#, c-format
+msgid "%s: only a single policy plugin may be loaded"
+msgstr "%s: može se učitati samo jedan priključak police"
+
+#: src/load_plugins.c:148
+#, c-format
+msgid "%s: at least one policy plugin must be specified"
+msgstr "%s: mora biti naveden barem jedan priključak police"
+
+#: src/load_plugins.c:153
+#, c-format
+msgid "policy plugin %s does not include a check_policy method"
+msgstr "priključak police %s ne uključuje metodu check_policy"
+
+#: src/net_ifs.c:157 src/net_ifs.c:166 src/net_ifs.c:178 src/net_ifs.c:187
+#: src/net_ifs.c:298 src/net_ifs.c:322
+#, c-format
+msgid "load_interfaces: overflow detected"
+msgstr "load_interfaces: otkriven preljev"
+
+#: src/net_ifs.c:227
+#, c-format
+msgid "unable to open socket"
+msgstr "ne mogu otvoriti utičnicu"
+
+#: src/parse_args.c:187
+#, c-format
+msgid "the argument to -C must be a number greater than or equal to 3"
+msgstr "argument za -C mora biti broj veći ili jednak 3"
+
+#: src/parse_args.c:276
+#, c-format
+msgid "unknown user: %s"
+msgstr "nepoznat korisnik: %s"
+
+#: src/parse_args.c:335
+#, c-format
+msgid "you may not specify both the `-i' and `-s' options"
+msgstr "ne možete navesti opcije „-i” i „-s” zajedno"
+
+#: src/parse_args.c:339
+#, c-format
+msgid "you may not specify both the `-i' and `-E' options"
+msgstr "ne možete navesti opcije „-i” i „-E” zajedno"
+
+#: src/parse_args.c:349
+#, c-format
+msgid "the `-E' option is not valid in edit mode"
+msgstr "opcija „-E” nije ispravna u načinu uređivanja"
+
+#: src/parse_args.c:351
+#, c-format
+msgid "you may not specify environment variables in edit mode"
+msgstr "ne možete navesti varijable okoline u načinu uređivanja"
+
+#: src/parse_args.c:359
+#, c-format
+msgid "the `-U' option may only be used with the `-l' option"
+msgstr "opciju „-U” možete koristiti samo uz opciju „-l”"
+
+#: src/parse_args.c:363
+#, c-format
+msgid "the `-A' and `-S' options may not be used together"
+msgstr "ne možete koristiti opcije „-A” i „-S” zajedno"
+
+#: src/parse_args.c:445
+#, c-format
+msgid "sudoedit is not supported on this platform"
+msgstr "sudoedit nije podržan na ovoj platformi"
+
+#: src/parse_args.c:518
+#, c-format
+msgid "Only one of the -e, -h, -i, -K, -l, -s, -v or -V options may be specified"
+msgstr "Smijete navesti samo jednu od opcija -e, -h, -i, -K, -l, -s, -v i -V "
+
+#: src/parse_args.c:532
+#, c-format
+msgid ""
+"%s - edit files as another user\n"
+"\n"
+msgstr ""
+"%s - uredi datoteke kao drugi korisnik\n"
+"\n"
+
+#: src/parse_args.c:534
+#, c-format
+msgid ""
+"%s - execute a command as another user\n"
+"\n"
+msgstr ""
+"%s - izvrši naredbu kao drugi korisnik\n"
+"\n"
+
+#: src/parse_args.c:539
+#, c-format
+msgid ""
+"\n"
+"Options:\n"
+msgstr ""
+"\n"
+"Opcije:\n"
+
+#: src/parse_args.c:542
+msgid "use helper program for password prompting\n"
+msgstr "koristi pomoćni program za traženje lozinke\n"
+
+#: src/parse_args.c:545
+msgid "use specified BSD authentication type\n"
+msgstr "koristi navedenu vrstu BSD autentifikacije\n"
+
+#: src/parse_args.c:547
+msgid "run command in the background\n"
+msgstr "pokreni naredbu u pozadini\n"
+
+#: src/parse_args.c:549
+msgid "close all file descriptors >= fd\n"
+msgstr "zatvori sve opisnike datoteka >= fd\n"
+
+#: src/parse_args.c:552
+msgid "run command with specified login class\n"
+msgstr "pokreni naredbu s navedenim razredom prijave\n"
+
+#: src/parse_args.c:555
+msgid "preserve user environment when executing command\n"
+msgstr "očuvaj korisničku okolinu pri izvršavanju naredbe\n"
+
+#: src/parse_args.c:557
+msgid "edit files instead of running a command\n"
+msgstr "uredi datoteke umjesto pokretanja naredbe\n"
+
+#: src/parse_args.c:559
+msgid "execute command as the specified group\n"
+msgstr "izvrši naredbu kao navedena grupa\n"
+
+#: src/parse_args.c:561
+msgid "set HOME variable to target user's home dir.\n"
+msgstr "postavi HOME varijablu na početni direktorij odredišnog korisnika.\n"
+
+#: src/parse_args.c:563
+msgid "display help message and exit\n"
+msgstr "prikaži ovu pomoć i izađi\n"
+
+#: src/parse_args.c:565
+msgid "run a login shell as target user\n"
+msgstr "pokreni ljusku prijave kao odredišni korisnik\n"
+
+#: src/parse_args.c:567
+msgid "remove timestamp file completely\n"
+msgstr "potpuno ukloni datoteku vremenskih oznaka\n"
+
+#: src/parse_args.c:569
+msgid "invalidate timestamp file\n"
+msgstr "učini datoteku vremenskih oznaka nevažećom\n"
+
+#: src/parse_args.c:571
+msgid "list user's available commands\n"
+msgstr "ispiši dostupne korisničke naredbe\n"
+
+#: src/parse_args.c:573
+msgid "non-interactive mode, will not prompt user\n"
+msgstr "neinteraktivni način, neće ispitivati korisnika\n"
+
+#: src/parse_args.c:575
+msgid "preserve group vector instead of setting to target's\n"
+msgstr "očuvaj grupni vektor umjesto postavljanja na odredišni\n"
+
+#: src/parse_args.c:577
+msgid "use specified password prompt\n"
+msgstr "koristi navedeno traženje lozinke\n"
+
+#: src/parse_args.c:580 src/parse_args.c:588
+msgid "create SELinux security context with specified role\n"
+msgstr "stvori SELinux sigurnosni kontekst s navedenom ulogom\n"
+
+#: src/parse_args.c:583
+msgid "read password from standard input\n"
+msgstr "čitaj lozinku sa standardnog ulaza\n"
+
+#: src/parse_args.c:585
+msgid "run a shell as target user\n"
+msgstr "pokreni ljusku kao odredišni korisnik\n"
+
+#: src/parse_args.c:591
+msgid "when listing, list specified user's privileges\n"
+msgstr "pri ispisu, ispiši navedene korisničke ovlasti\n"
+
+#: src/parse_args.c:593
+msgid "run command (or edit file) as specified user\n"
+msgstr "pokreni naredbu (ili uredi datoteku) kao navedeni korisnik\n"
+
+#: src/parse_args.c:595
+msgid "display version information and exit\n"
+msgstr "prikaži informacije o inačici i izađi\n"
+
+#: src/parse_args.c:597
+msgid "update user's timestamp without running a command\n"
+msgstr "ažuriraj korisničku vremensku oznaku bez pokretanja naredbe\n"
+
+#: src/parse_args.c:599
+msgid "stop processing command line arguments\n"
+msgstr "zaustavi obradu argumenata naredbenog retka\n"
+
+#: src/selinux.c:77
+#, c-format
+msgid "unable to open audit system"
+msgstr "ne mogu otvoriti sustav revizije"
+
+#: src/selinux.c:85
+#, c-format
+msgid "unable to send audit message"
+msgstr "ne mogu poslati poruku revizije"
+
+#: src/selinux.c:113
+#, c-format
+msgid "unable to fgetfilecon %s"
+msgstr "ne mogu izvršiti fgetfilecon %s"
+
+#: src/selinux.c:118
+#, c-format
+msgid "%s changed labels"
+msgstr "%s je promijenio oznake"
+
+#: src/selinux.c:123
+#, c-format
+msgid "unable to restore context for %s"
+msgstr "ne mogu vratiti kontekst za %s"
+
+#: src/selinux.c:163
+#, c-format
+msgid "unable to open %s, not relabeling tty"
+msgstr "ne mogu otvoriti %s, ne mijenjam oznaku tty"
+
+#: src/selinux.c:172
+#, c-format
+msgid "unable to get current tty context, not relabeling tty"
+msgstr "ne mogu dohvatiti trenutni tty kontekst, ne mijenjam oznaku tty"
+
+#: src/selinux.c:179
+#, c-format
+msgid "unable to get new tty context, not relabeling tty"
+msgstr "ne mogu dohvatiti novi tty kontekst, ne mijenjam oznaku tty"
+
+#: src/selinux.c:186
+#, c-format
+msgid "unable to set new tty context"
+msgstr "ne mogu postaviti novi tty kontekst"
+
+#: src/selinux.c:196 src/selinux.c:209 src/sudo.c:333 common/sudo_conf.c:328
+#, c-format
+msgid "unable to open %s"
+msgstr "ne mogu otvoriti %s"
+
+#: src/selinux.c:252
+#, c-format
+msgid "you must specify a role for type %s"
+msgstr "morate navesti ulogu za vrstu %s"
+
+#: src/selinux.c:258
+#, c-format
+msgid "unable to get default type for role %s"
+msgstr "ne mogu dohvatiti zadanu vrstu za ulogu %s"
+
+#: src/selinux.c:276
+#, c-format
+msgid "failed to set new role %s"
+msgstr "nisam uspio postaviti novu ulogu %s"
+
+#: src/selinux.c:280
+#, c-format
+msgid "failed to set new type %s"
+msgstr "nisam uspio postaviti novu vrstu %s"
+
+#: src/selinux.c:289
+#, c-format
+msgid "%s is not a valid context"
+msgstr "%s nije ispravan kontekst"
+
+#: src/selinux.c:324
+#, c-format
+msgid "failed to get old_context"
+msgstr "nisam uspio dohvatiti stari kontekst (old_context)"
+
+#: src/selinux.c:330
+#, c-format
+msgid "unable to determine enforcing mode."
+msgstr "ne mogu odrediti način provedbe."
+
+#: src/selinux.c:342
+#, c-format
+msgid "unable to setup tty context for %s"
+msgstr "ne mogu postaviti tty kontekst za %s"
+
+#: src/selinux.c:373
+#, c-format
+msgid "unable to set exec context to %s"
+msgstr "ne mogu postaviti izvršni kontekst u %s"
+
+#: src/selinux.c:380
+#, c-format
+msgid "unable to set key creation context to %s"
+msgstr "ne mogu postaviti kontekst stvaranja ključa u %s"
+
+#: src/sesh.c:70
+#, c-format
+msgid "requires at least one argument"
+msgstr "zahtijeva barem jedan argument"
+
+#: src/sesh.c:91
+#, c-format
+msgid "unable to execute %s"
+msgstr "ne mogu izvršiti %s"
+
+#: src/sudo.c:213
+#, c-format
+msgid "Sudo version %s\n"
+msgstr "Sudo inačica %s\n"
+
+#: src/sudo.c:215
+#, c-format
+msgid "Configure options: %s\n"
+msgstr "Konfiguracijske opcije: %s\n"
+
+#: src/sudo.c:220
+#, c-format
+msgid "fatal error, unable to load plugins"
+msgstr "fatalna greška, ne mogu učitati priključke"
+
+#: src/sudo.c:228
+#, c-format
+msgid "unable to initialize policy plugin"
+msgstr "ne mogu inicijalizirati priključak police"
+
+#: src/sudo.c:283
+#, c-format
+msgid "error initializing I/O plugin %s"
+msgstr "greška inicijalizacije U/I priključka %s"
+
+#: src/sudo.c:308
+#, c-format
+msgid "unexpected sudo mode 0x%x"
+msgstr "neočekivani sudo mod 0x%x"
+
+#: src/sudo.c:402
+#, c-format
+msgid "unable to get group vector"
+msgstr "ne mogu dohvatiti grupni vektor"
+
+#: src/sudo.c:443
+#, c-format
+msgid "unknown uid %u: who are you?"
+msgstr "nepoznat uid %u: tko ste vi?"
+
+#: src/sudo.c:735
+#, c-format
+msgid "%s must be owned by uid %d and have the setuid bit set"
+msgstr "vlasnik %s mora biti uid %d i mora imati postavljen setuid bit"
+
+#: src/sudo.c:738
+#, c-format
+msgid "effective uid is not %d, is %s on a file system with the 'nosuid' option set or an NFS file system without root privileges?"
+msgstr "efektivni uid nije %d, je li %s na datotečnom sustavu s postavljenom opcijom „nosuid” ili NFS datotečnom sustavu bez administratorskih ovlasti?"
+
+#: src/sudo.c:744
+#, c-format
+msgid "effective uid is not %d, is sudo installed setuid root?"
+msgstr "efektivni uid nije %d, je li sudo instaliran uz setuid root?"
+
+#: src/sudo.c:813
+#, c-format
+msgid "resource control limit has been reached"
+msgstr "dosegnuta je granica upravljanja resursima"
+
+#: src/sudo.c:816
+#, c-format
+msgid "user \"%s\" is not a member of project \"%s\""
+msgstr "korisnik „%s” nije član projekta „%s”"
+
+#: src/sudo.c:820
+#, c-format
+msgid "the invoking task is final"
+msgstr "pozivanje zadatka je konačno"
+
+#: src/sudo.c:823
+#, c-format
+msgid "could not join project \"%s\""
+msgstr "ne mogu pridružiti projektu „%s”"
+
+#: src/sudo.c:828
+#, c-format
+msgid "no resource pool accepting default bindings exists for project \"%s\""
+msgstr "ne postoji skladište resursa koje prihvaća zadane poveznice za projekt „%s”"
+
+#: src/sudo.c:832
+#, c-format
+msgid "specified resource pool does not exist for project \"%s\""
+msgstr "ne postoji navedeno skladište resursa za projekt „%s”"
+
+#: src/sudo.c:836
+#, c-format
+msgid "could not bind to default resource pool for project \"%s\""
+msgstr "ne mogu povezati na zadano skladište resursa za projekt „%s”"
+
+#: src/sudo.c:842
+#, c-format
+msgid "setproject failed for project \"%s\""
+msgstr "setproject nije uspio za projekt „%s”"
+
+#: src/sudo.c:844
+#, c-format
+msgid "warning, resource control assignment failed for project \"%s\""
+msgstr "upozorenje, zadatak upravljanja resursima nije uspio za projekt „%s”"
+
+#: src/sudo.c:909
+#, c-format
+msgid "unknown login class %s"
+msgstr "nepoznat razred prijave %s"
+
+#: src/sudo.c:923 src/sudo.c:926
+#, c-format
+msgid "unable to set user context"
+msgstr "ne mogu postaviti korisnički kontekst"
+
+#: src/sudo.c:938
+#, c-format
+msgid "unable to set supplementary group IDs"
+msgstr "ne mogu postaviti dopunske grupne identifikatore"
+
+#: src/sudo.c:945
+#, c-format
+msgid "unable to set effective gid to runas gid %u"
+msgstr "ne mogu postaviti efektivni gid u runas gid %u"
+
+#: src/sudo.c:951
+#, c-format
+msgid "unable to set gid to runas gid %u"
+msgstr "ne mogu postaviti gid u runas (pokreni kao) gid %u"
+
+#: src/sudo.c:958
+#, c-format
+msgid "unable to set process priority"
+msgstr "ne mogu postaviti prioritet procesa"
+
+#: src/sudo.c:966
+#, c-format
+msgid "unable to change root to %s"
+msgstr "ne mogu promijeniti korijen u %s"
+
+#: src/sudo.c:973 src/sudo.c:979 src/sudo.c:985
+#, c-format
+msgid "unable to change to runas uid (%u, %u)"
+msgstr "ne mogu promijeniti u runas (pokreni kao) uid (%u, %u)"
+
+#: src/sudo.c:999
+#, c-format
+msgid "unable to change directory to %s"
+msgstr "ne mogu promijeniti direktorij u %s"
+
+#: src/sudo.c:1072
+#, c-format
+msgid "unexpected child termination condition: %d"
+msgstr "neočekivani uvjet završavanja djeteta: %d"
+
+#: src/sudo.c:1133
+#, c-format
+msgid "policy plugin %s does not support listing privileges"
+msgstr "priključak police %s ne podržava ispis ovlasti"
+
+#: src/sudo.c:1145
+#, c-format
+msgid "policy plugin %s does not support the -v option"
+msgstr "priključak police %s ne podržava opciju -v"
+
+#: src/sudo.c:1157
+#, c-format
+msgid "policy plugin %s does not support the -k/-K options"
+msgstr "priključak police %s ne podržava opcije -k/-K"
+
+#: src/sudo_edit.c:111
+#, c-format
+msgid "unable to change uid to root (%u)"
+msgstr "ne mogu promijeniti uid u root (%u)"
+
+#: src/sudo_edit.c:143
+#, c-format
+msgid "plugin error: missing file list for sudoedit"
+msgstr "greška priključka: nedostaje popis datoteka za sudoedit"
+
+#: src/sudo_edit.c:171 src/sudo_edit.c:271
+#, c-format
+msgid "%s: not a regular file"
+msgstr "%s: nije obična datoteka"
+
+#: src/sudo_edit.c:205 src/sudo_edit.c:307
+#, c-format
+msgid "%s: short write"
+msgstr "%s: kratko pisanje"
+
+#: src/sudo_edit.c:272
+#, c-format
+msgid "%s left unmodified"
+msgstr "%s nepromijenjen"
+
+#: src/sudo_edit.c:285
+#, c-format
+msgid "%s unchanged"
+msgstr "%s nepromijenjen"
+
+#: src/sudo_edit.c:297 src/sudo_edit.c:318
+#, c-format
+msgid "unable to write to %s"
+msgstr "ne mogu pisati u %s"
+
+#: src/sudo_edit.c:298 src/sudo_edit.c:316 src/sudo_edit.c:319
+#, c-format
+msgid "contents of edit session left in %s"
+msgstr "sadržaj uređivanja ostavljen u %s"
+
+#: src/sudo_edit.c:315
+#, c-format
+msgid "unable to read temporary file"
+msgstr "ne mogu čitati privremenu datoteku"
+
+#: src/tgetpass.c:90
+#, c-format
+msgid "no tty present and no askpass program specified"
+msgstr "nije prisutan tty i nije naveden program za traženje lozinke"
+
+#: src/tgetpass.c:99
+#, c-format
+msgid "no askpass program specified, try setting SUDO_ASKPASS"
+msgstr "nije naveden program za traženje lozinke, pokušajte postaviti SUDO_ASKPASS"
+
+#: src/tgetpass.c:231
+#, c-format
+msgid "unable to set gid to %u"
+msgstr "ne mogu postaviti gid u %u"
+
+#: src/tgetpass.c:235
+#, c-format
+msgid "unable to set uid to %u"
+msgstr "ne mogu postaviti uid u %u"
+
+#: src/tgetpass.c:240
+#, c-format
+msgid "unable to run %s"
+msgstr "ne mogu pokrenuti %s"
+
+#: src/utmp.c:278
+#, c-format
+msgid "unable to save stdin"
+msgstr "ne mogu spremiti stdin"
+
+#: src/utmp.c:280
+#, c-format
+msgid "unable to dup2 stdin"
+msgstr "ne mogu izvršiti dup2 stdin"
+
+#: src/utmp.c:283
+#, c-format
+msgid "unable to restore stdin"
+msgstr "ne mogu vratiti stdin"
+
+#: common/aix.c:149
+#, c-format
+msgid "unable to open userdb"
+msgstr "ne mogu otvoriti korisničku bazu podataka"
+
+#: common/aix.c:152
+#, c-format
+msgid "unable to switch to registry \"%s\" for %s"
+msgstr "ne mogu promijeniti u registar „%s” za %s"
+
+#: common/aix.c:169
+#, c-format
+msgid "unable to restore registry"
+msgstr "ne mogu vratiti registar"
+
+#: common/alloc.c:82
+msgid "internal error, tried to emalloc(0)"
+msgstr "interna greška, pokušao sam emalloc(0)"
+
+#: common/alloc.c:99
+msgid "internal error, tried to emalloc2(0)"
+msgstr "interna greška, pokušao sam emalloc2(0)"
+
+#: common/alloc.c:101
+msgid "internal error, emalloc2() overflow"
+msgstr "interna greška, emalloc2() preljev"
+
+#: common/alloc.c:120
+msgid "internal error, tried to ecalloc(0)"
+msgstr "interna greška, pokušao sam ecalloc(0)"
+
+#: common/alloc.c:123
+msgid "internal error, ecalloc() overflow"
+msgstr "interna greška, ecalloc() preljev"
+
+#: common/alloc.c:142
+msgid "internal error, tried to erealloc(0)"
+msgstr "interna greška, pokušao sam erealloc(0)"
+
+#: common/alloc.c:161 common/alloc.c:185
+msgid "internal error, tried to erealloc3(0)"
+msgstr "interna greška, pokušao sam erealloc3(0)"
+
+#: common/alloc.c:163 common/alloc.c:187
+msgid "internal error, erealloc3() overflow"
+msgstr "interna greška, erealloc3() preljev"
+
+#: common/sudo_conf.c:306
+#, c-format
+msgid "unable to stat %s"
+msgstr "ne mogu izvršiti stat %s"
+
+#: common/sudo_conf.c:309
+#, c-format
+msgid "%s is not a regular file"
+msgstr "%s nije obična datoteka"
+
+#: common/sudo_conf.c:312
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "vlasnik %s je uid %u, treba biti %u"
+
+#: common/sudo_conf.c:316
+#, c-format
+msgid "%s is world writable"
+msgstr "%s ima dozvole za pisanje svih korisnika"
+
+#: common/sudo_conf.c:319
+#, c-format
+msgid "%s is group writable"
+msgstr "%s ima dozvole za pisanje svih grupa"
+
+#: compat/strsignal.c:47
+msgid "Unknown signal"
+msgstr "Nepoznat signal"
# Italian translations for sudo package
-# Copyright (c) 2011, The Free Software Foundation
+# Copyright (c) 2011, 2012 The Free Software Foundation
# This file is distributed under the same license as the sudo package.
-# Milo Casagrande <milo@casagrande.name>, 2011.
+# Milo Casagrande <milo@casagrande.name>, 2011, 2012.
#
msgid ""
msgstr ""
-"Project-Id-Version: sudo-1.8.3rc1\n"
+"Project-Id-Version: sudo-1.8.5-b4\n"
"Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n"
-"POT-Creation-Date: 2011-09-16 13:37-0400\n"
-"PO-Revision-Date: 2011-09-21 21:51+0200\n"
+"POT-Creation-Date: 2012-03-28 14:06-0400\n"
+"PO-Revision-Date: 2012-04-05 13:56+0200\n"
"Last-Translator: Milo Casagrande <milo@casagrande.name>\n"
"Language-Team: Italian <tp@lists.linux.it>\n"
"Language: it\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8-bit\n"
-"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+"Plural-Forms: nplurals=2; plural=(n!=1);\n"
#: src/error.c:82 src/error.c:86
msgid ": "
msgstr ": "
-#: src/exec.c:125 src/exec_pty.c:573 src/exec_pty.c:880 src/tgetpass.c:224
+#: src/exec.c:105 src/exec_pty.c:616 src/exec_pty.c:948 src/tgetpass.c:221
#, c-format
msgid "unable to fork"
msgstr "impossibile eseguire fork"
-#: src/exec.c:246
+#: src/exec.c:252
#, c-format
msgid "unable to create sockets"
msgstr "impossibile creare socket"
-#: src/exec.c:253 src/exec_pty.c:526 src/exec_pty.c:534 src/exec_pty.c:541
-#: src/exec_pty.c:826 src/exec_pty.c:877 src/tgetpass.c:221
+#: src/exec.c:259 src/exec_pty.c:567 src/exec_pty.c:576 src/exec_pty.c:584
+#: src/exec_pty.c:883 src/exec_pty.c:945 src/tgetpass.c:218
#, c-format
msgid "unable to create pipe"
msgstr "impossibile creare una pipe"
-#: src/exec.c:319 src/exec_pty.c:944 src/exec_pty.c:1077
+#: src/exec.c:340 src/exec_pty.c:1011 src/exec_pty.c:1146
#, c-format
msgid "select failed"
msgstr "select non riuscita"
-#: src/exec.c:387
+#: src/exec.c:425
#, c-format
msgid "unable to restore tty label"
msgstr "impossibile ripristinare l'etichetta tty"
-#: src/exec_pty.c:136
+#: src/exec_common.c:69
+#, c-format
+msgid "unable to remove PRIV_PROC_EXEC from PRIV_LIMIT"
+msgstr "impossibile rimuovere PRIV_PROC_EXEC da PRIV_LIMIT"
+
+#: src/exec_common.c:111 src/parse_args.c:432 src/sudo.c:447 src/sudo.c:467
+#: src/sudo.c:474 src/sudo.c:485 src/sudo.c:871 common/alloc.c:85
+#: common/alloc.c:105 common/alloc.c:127 common/alloc.c:146 common/alloc.c:168
+#: common/alloc.c:192 common/alloc.c:256 common/alloc.c:270
+#, c-format
+msgid "unable to allocate memory"
+msgstr "impossibile allocare la memoria"
+
+#: src/exec_pty.c:140
#, c-format
msgid "unable to allocate pty"
msgstr "impossibile allocare pty"
-#: src/exec_pty.c:566
+#: src/exec_pty.c:609
#, c-format
msgid "unable to set terminal to raw mode"
msgstr "impossibile impostare il terminale in modalità raw"
-#: src/exec_pty.c:858
+#: src/exec_pty.c:926
#, c-format
msgid "unable to set controlling tty"
msgstr "impossibile impostare il tty di controllo"
-#: src/exec_pty.c:952
+#: src/exec_pty.c:1019
#, c-format
msgid "error reading from signal pipe"
msgstr "errore nel leggere dalla pipe di segnale"
-#: src/exec_pty.c:971
+#: src/exec_pty.c:1038
#, c-format
msgid "error reading from pipe"
msgstr "errore nel leggere dalla pipe"
-#: src/exec_pty.c:987
+#: src/exec_pty.c:1054
#, c-format
msgid "error reading from socketpair"
msgstr "errore nel leggere dal socketpair"
-#: src/exec_pty.c:991
+#: src/exec_pty.c:1058
#, c-format
msgid "unexpected reply type on backchannel: %d"
msgstr "tipologia di risposta inattesa sul backchannel: %d"
-#: src/load_plugins.c:158
+#: src/load_plugins.c:79
#, c-format
msgid "%s: %s"
msgstr "%s: %s"
-#: src/load_plugins.c:164
+#: src/load_plugins.c:85
#, c-format
msgid "%s%s: %s"
msgstr "%s%s: %s"
-#: src/load_plugins.c:174
+#: src/load_plugins.c:95
#, c-format
msgid "%s must be owned by uid %d"
msgstr "%s deve essere di proprietà dello uid %d"
-#: src/load_plugins.c:178
+#: src/load_plugins.c:99
#, c-format
msgid "%s must be only be writable by owner"
msgstr "%s deve essere scrivibile solo dal proprietario"
-#: src/load_plugins.c:185
+#: src/load_plugins.c:106
#, c-format
msgid "unable to dlopen %s: %s"
msgstr "impossibile eseguire dlopen su %s: %s"
-#: src/load_plugins.c:190
+#: src/load_plugins.c:111
#, c-format
msgid "%s: unable to find symbol %s"
msgstr "%s: impossibile trovare il simbolo %s"
-#: src/load_plugins.c:196
+#: src/load_plugins.c:117
#, c-format
msgid "%s: unknown policy type %d"
msgstr "%s: politica di tipo %d sconosciuta"
-#: src/load_plugins.c:200
+#: src/load_plugins.c:121
#, c-format
msgid "%s: incompatible policy major version %d, expected %d"
msgstr "%s: numero principale di versione %d non compatibile, atteso %d"
-#: src/load_plugins.c:207
+#: src/load_plugins.c:128
#, c-format
msgid "%s: only a single policy plugin may be loaded"
msgstr "%s: solo un plugin di politica può essere caricato"
-#: src/load_plugins.c:225
+#: src/load_plugins.c:148
#, c-format
msgid "%s: at least one policy plugin must be specified"
msgstr "%s: almeno un plugin di politica deve essere specificato"
-#: src/load_plugins.c:230
+#: src/load_plugins.c:153
#, c-format
msgid "policy plugin %s does not include a check_policy method"
msgstr "il plugin di politica %s non include un metodo check_policy"
-#: src/net_ifs.c:155 src/net_ifs.c:164 src/net_ifs.c:176 src/net_ifs.c:185
-#: src/net_ifs.c:295 src/net_ifs.c:319
+#: src/net_ifs.c:157 src/net_ifs.c:166 src/net_ifs.c:178 src/net_ifs.c:187
+#: src/net_ifs.c:298 src/net_ifs.c:322
#, c-format
msgid "load_interfaces: overflow detected"
msgstr "load_interfaces: rilevato overflow"
-#: src/net_ifs.c:224
+#: src/net_ifs.c:227
#, c-format
msgid "unable to open socket"
msgstr "impossibile aprire socket"
-#: src/parse_args.c:180
+#: src/parse_args.c:187
#, c-format
msgid "the argument to -C must be a number greater than or equal to 3"
msgstr "l'argomento di -C deve essere un numero maggiore o uguale a 3"
-#: src/parse_args.c:192
-#, c-format
-msgid "the argument to -D must be between 1 and 9 inclusive"
-msgstr "l'argomento di -D deve essere tra 1 e 9 compresi"
-
-#: src/parse_args.c:273
+#: src/parse_args.c:276
#, c-format
msgid "unknown user: %s"
msgstr "utente sconosciuto: %s"
-#: src/parse_args.c:332
+#: src/parse_args.c:335
#, c-format
msgid "you may not specify both the `-i' and `-s' options"
msgstr "non è possibile specificare entrambe le opzioni \"-i\" e \"-s\""
-#: src/parse_args.c:336
+#: src/parse_args.c:339
#, c-format
msgid "you may not specify both the `-i' and `-E' options"
msgstr "non è possibile specificare entrambe le opzioni \"-i\" ed \"-E\""
-#: src/parse_args.c:346
+#: src/parse_args.c:349
#, c-format
msgid "the `-E' option is not valid in edit mode"
msgstr "l'opzione \"-E\" non è valida in modalità di modifica"
-#: src/parse_args.c:348
+#: src/parse_args.c:351
#, c-format
msgid "you may not specify environment variables in edit mode"
msgstr "non è possibile specificare variabili d'ambiente in modalità di modifica"
-#: src/parse_args.c:356
+#: src/parse_args.c:359
#, c-format
msgid "the `-U' option may only be used with the `-l' option"
msgstr "l'opzione \"-U\" può essere usata solo con l'opzione \"-l\""
-#: src/parse_args.c:360
+#: src/parse_args.c:363
#, c-format
msgid "the `-A' and `-S' options may not be used together"
msgstr "non è possibile usare assieme le opzioni \"-A\" e \"-S\""
-#: src/parse_args.c:429 src/sudo.c:435 src/sudo.c:455 src/sudo.c:463
-#: src/sudo.c:473 common/alloc.c:85 common/alloc.c:105 common/alloc.c:123
-#: common/alloc.c:145 common/alloc.c:203 common/alloc.c:217
-#, c-format
-msgid "unable to allocate memory"
-msgstr "impossibile allocare la memoria"
-
-#: src/parse_args.c:442
+#: src/parse_args.c:445
#, c-format
msgid "sudoedit is not supported on this platform"
msgstr "sudoedit non è supportato su questa piattaforma"
-#: src/parse_args.c:513
+#: src/parse_args.c:518
#, c-format
msgid "Only one of the -e, -h, -i, -K, -l, -s, -v or -V options may be specified"
msgstr "Solo una delle opzioni -e, -h, -i, -K, -l, -s, -v o -V può essere specificata"
-#: src/parse_args.c:526
+#: src/parse_args.c:532
#, c-format
msgid ""
"%s - edit files as another user\n"
"%s - modifica file come un altro utente\n"
"\n"
-#: src/parse_args.c:528
+#: src/parse_args.c:534
#, c-format
msgid ""
"%s - execute a command as another user\n"
"%s - esegue un comando come un altro utente\n"
"\n"
-#: src/parse_args.c:533
+#: src/parse_args.c:539
#, c-format
msgid ""
"\n"
"\n"
"Opzioni:\n"
-#: src/parse_args.c:536
+#: src/parse_args.c:542
msgid "use helper program for password prompting\n"
msgstr "Utilizza un programma d'aiuto per richiedere la password\n"
-#: src/parse_args.c:539
+#: src/parse_args.c:545
msgid "use specified BSD authentication type\n"
msgstr "Utilizza la tipologia di autenticazione BSD specificata\n"
-#: src/parse_args.c:541
+#: src/parse_args.c:547
msgid "run command in the background\n"
msgstr "Esegue il comando in background\n"
-#: src/parse_args.c:543
+#: src/parse_args.c:549
msgid "close all file descriptors >= fd\n"
msgstr "Chiude tutti i descrittori di file >= fd\n"
-#: src/parse_args.c:546
+#: src/parse_args.c:552
msgid "run command with specified login class\n"
msgstr "Esegue il comando con la classe di accesso specificata\n"
-#: src/parse_args.c:549
+#: src/parse_args.c:555
msgid "preserve user environment when executing command\n"
msgstr "Mantiene l'ambiente dell'utente quando viene eseguito il comando\n"
-#: src/parse_args.c:551
+#: src/parse_args.c:557
msgid "edit files instead of running a command\n"
msgstr "Modifica i file invece di eseguire un comando\n"
-#: src/parse_args.c:553
+#: src/parse_args.c:559
msgid "execute command as the specified group\n"
msgstr "Esegue il comando come il gruppo specificato\n"
-#: src/parse_args.c:555
+#: src/parse_args.c:561
msgid "set HOME variable to target user's home dir.\n"
msgstr "Imposta la variabile HOME alla directory dell'utente finale\n"
-#: src/parse_args.c:557
+#: src/parse_args.c:563
msgid "display help message and exit\n"
msgstr "Visualizza il messaggio di aiuto ed esce\n"
-#: src/parse_args.c:559
+#: src/parse_args.c:565
msgid "run a login shell as target user\n"
msgstr "Esegue una shell di login come l'utente finale\n"
-#: src/parse_args.c:561
+#: src/parse_args.c:567
msgid "remove timestamp file completely\n"
msgstr "Rimuove completamente il file temporale\n"
-#: src/parse_args.c:563
+#: src/parse_args.c:569
msgid "invalidate timestamp file\n"
msgstr "Invalida il file temporale\n"
-#: src/parse_args.c:565
+#: src/parse_args.c:571
msgid "list user's available commands\n"
msgstr "Elenca i comandi utente disponibili\n"
-#: src/parse_args.c:567
+#: src/parse_args.c:573
msgid "non-interactive mode, will not prompt user\n"
msgstr "Modalità non interattiva, non richiede nulla all'utente\n"
-#: src/parse_args.c:569
+#: src/parse_args.c:575
msgid "preserve group vector instead of setting to target's\n"
msgstr "Mantiene il vettore di gruppo invece di impostarlo a quello dell'obiettivo\n"
-#: src/parse_args.c:571
+#: src/parse_args.c:577
msgid "use specified password prompt\n"
msgstr "Utilizza la richiesta della password specificata\n"
-#: src/parse_args.c:574 src/parse_args.c:582
+#: src/parse_args.c:580 src/parse_args.c:588
msgid "create SELinux security context with specified role\n"
msgstr "Crea il contesto di sicurezza SELinux con il ruolo specificato\n"
-#: src/parse_args.c:577
+#: src/parse_args.c:583
msgid "read password from standard input\n"
msgstr "Legge la password dallo standard input\n"
-#: src/parse_args.c:579
+#: src/parse_args.c:585
msgid "run a shell as target user\n"
msgstr "Esegue una shell come l'utente finale\n"
-#: src/parse_args.c:585
+#: src/parse_args.c:591
msgid "when listing, list specified user's privileges\n"
msgstr "Durante l'elencazione, visualizza i privilegi dell'utente specificato\n"
-#: src/parse_args.c:587
+#: src/parse_args.c:593
msgid "run command (or edit file) as specified user\n"
msgstr "Esegue un comando (o modifica un file) come l'utente specificato\n"
-#: src/parse_args.c:589
+#: src/parse_args.c:595
msgid "display version information and exit\n"
msgstr "Visualizza le informazioni sulla versione ed esce\n"
-#: src/parse_args.c:591
+#: src/parse_args.c:597
msgid "update user's timestamp without running a command\n"
msgstr "Aggiorna il timestamp dell'utente senza eseguire un comando\n"
-#: src/parse_args.c:593
+#: src/parse_args.c:599
msgid "stop processing command line arguments\n"
msgstr "Ferma l'elaborazione degli argomenti a riga di comando\n"
-#: src/selinux.c:75
+#: src/selinux.c:77
#, c-format
msgid "unable to open audit system"
msgstr "impossibile aprire il sistema di audit"
msgid "unable to send audit message"
msgstr "impossibile inviare il messaggio di audit"
-#: src/selinux.c:112
+#: src/selinux.c:113
#, c-format
msgid "unable to fgetfilecon %s"
msgstr "impossibile eseguire fgetfilecon %s"
-#: src/selinux.c:117
+#: src/selinux.c:118
#, c-format
msgid "%s changed labels"
msgstr "%s ha modificato le etichette"
-#: src/selinux.c:122
+#: src/selinux.c:123
#, c-format
msgid "unable to restore context for %s"
msgstr "impossibile ripristinare il contesto per %s"
-#: src/selinux.c:161
+#: src/selinux.c:163
#, c-format
msgid "unable to open %s, not relabeling tty"
msgstr "impossibile aprire %s, tty non viene etichettato nuovamente"
-#: src/selinux.c:170
+#: src/selinux.c:172
#, c-format
msgid "unable to get current tty context, not relabeling tty"
msgstr "impossibile ottenere il contesto tty attuale, tty non viene etichettato nuovamente"
-#: src/selinux.c:177
+#: src/selinux.c:179
#, c-format
msgid "unable to get new tty context, not relabeling tty"
msgstr "impossibile ottenere il nuovo contesto tty, tty non viene etichettato nuovamente"
-#: src/selinux.c:184
+#: src/selinux.c:186
#, c-format
msgid "unable to set new tty context"
msgstr "impossibile impostare il nuovo contesto tty"
-#: src/selinux.c:194 src/selinux.c:207 src/sudo.c:323
+#: src/selinux.c:196 src/selinux.c:209 src/sudo.c:333 common/sudo_conf.c:328
#, c-format
msgid "unable to open %s"
msgstr "impossibile aprire %s"
-#: src/selinux.c:249
+#: src/selinux.c:252
#, c-format
msgid "you must specify a role for type %s"
msgstr "è necessario specificare un ruolo per la tipologia %s"
-#: src/selinux.c:255
+#: src/selinux.c:258
#, c-format
msgid "unable to get default type for role %s"
msgstr "impossibile ottenere la tipologia predefinita per il ruolo %s"
-#: src/selinux.c:273
+#: src/selinux.c:276
#, c-format
msgid "failed to set new role %s"
msgstr "impossibile impostare il nuovo ruolo %s"
-#: src/selinux.c:277
+#: src/selinux.c:280
#, c-format
msgid "failed to set new type %s"
msgstr "impossibile impostare la nuova tipologia %s"
-#: src/selinux.c:286
+#: src/selinux.c:289
#, c-format
msgid "%s is not a valid context"
msgstr "%s non è un contesto valido"
-#: src/selinux.c:320
+#: src/selinux.c:324
#, c-format
msgid "failed to get old_context"
msgstr "recupero del vecchio contesto non riuscito"
-#: src/selinux.c:326
+#: src/selinux.c:330
#, c-format
msgid "unable to determine enforcing mode."
msgstr "impossibile determinare la modalità di rispetto."
-#: src/selinux.c:338
+#: src/selinux.c:342
#, c-format
msgid "unable to setup tty context for %s"
msgstr "impossibile impostare il contesto tty per %s"
-#: src/selinux.c:367
+#: src/selinux.c:373
#, c-format
msgid "unable to set exec context to %s"
msgstr "impossibile impostare il contesto exec a %s"
-#: src/selinux.c:374
+#: src/selinux.c:380
#, c-format
msgid "unable to set key creation context to %s"
msgstr "impossibile impostare il contesto di creazione della chiave a %s"
-#: src/sesh.c:48
+#: src/sesh.c:70
+#, c-format
msgid "requires at least one argument"
msgstr "richiede almeno un argomento"
-#: src/sesh.c:64
+#: src/sesh.c:91
#, c-format
msgid "unable to execute %s"
msgstr "impossibile eseguire %s"
-#: src/sudo.c:191
-#, c-format
-msgid "must be setuid root"
-msgstr "è necessario essere setuid root"
-
-#: src/sudo.c:209
+#: src/sudo.c:213
#, c-format
msgid "Sudo version %s\n"
msgstr "Versione di sudo: %s\n"
-#: src/sudo.c:211
+#: src/sudo.c:215
#, c-format
msgid "Configure options: %s\n"
msgstr "Opzioni di configurazione: %s\n"
-#: src/sudo.c:216
+#: src/sudo.c:220
#, c-format
msgid "fatal error, unable to load plugins"
msgstr "errore irreversibile, impossibile caricare i plugin"
-#: src/sudo.c:224
+#: src/sudo.c:228
#, c-format
msgid "unable to initialize policy plugin"
msgstr "impossibile inizializzare il plugin delle politiche"
-#: src/sudo.c:279
+#: src/sudo.c:283
#, c-format
msgid "error initializing I/O plugin %s"
msgstr "errore nell'inizializzare il plugin di I/O %s"
-#: src/sudo.c:300
+#: src/sudo.c:308
#, c-format
msgid "unexpected sudo mode 0x%x"
msgstr "modalità 0x%x di sudo non attesa"
-#: src/sudo.c:389
+#: src/sudo.c:402
#, c-format
msgid "unable to get group vector"
msgstr "impossibile ottenere il vettore di gruppo"
# (ndt) mah... andrebbe resa meglio...
-#: src/sudo.c:431
+#: src/sudo.c:443
#, c-format
msgid "unknown uid %u: who are you?"
msgstr "uid %u sconosciuto: identificarsi."
-#: src/sudo.c:773
+#: src/sudo.c:735
+#, c-format
+msgid "%s must be owned by uid %d and have the setuid bit set"
+msgstr "%s deve essere di proprietà dello uid %d e avere il bit setuid impostato"
+
+#: src/sudo.c:738
+#, c-format
+msgid "effective uid is not %d, is %s on a file system with the 'nosuid' option set or an NFS file system without root privileges?"
+msgstr "lo uid effettivo non è %d. %s si trova su un file system con l'opzione \"nosuid\" impostata o su un file system NFS senza privilegi di root?"
+
+#: src/sudo.c:744
+#, c-format
+msgid "effective uid is not %d, is sudo installed setuid root?"
+msgstr "lo uid effettivo non è %d. Il programma sudo è installato con setuid root?"
+
+#: src/sudo.c:813
#, c-format
msgid "resource control limit has been reached"
msgstr "raggiunto il limite di controllo delle risorse"
-#: src/sudo.c:776
+#: src/sudo.c:816
#, c-format
msgid "user \"%s\" is not a member of project \"%s\""
msgstr "l'utente \"%s\" non fa parte del progetto \"%s\""
-#: src/sudo.c:780
+#: src/sudo.c:820
#, c-format
msgid "the invoking task is final"
msgstr "il task chiamante è definitivo"
-#: src/sudo.c:783
+#: src/sudo.c:823
#, c-format
msgid "could not join project \"%s\""
msgstr "impossibile unirsi al progetto \"%s\""
-#: src/sudo.c:788
+#: src/sudo.c:828
#, c-format
msgid "no resource pool accepting default bindings exists for project \"%s\""
msgstr "non esiste alcun pool di risorse per il progetto \"%s\" che accetti binding predefiniti"
-#: src/sudo.c:792
+#: src/sudo.c:832
#, c-format
msgid "specified resource pool does not exist for project \"%s\""
msgstr "il pool di risorse specificato non esiste per il progetto \"%s\""
-#: src/sudo.c:796
+#: src/sudo.c:836
#, c-format
msgid "could not bind to default resource pool for project \"%s\""
msgstr "impossibile unirsi al pool di risorse predefinito per il progetto \"%s\""
-#: src/sudo.c:802
+#: src/sudo.c:842
#, c-format
msgid "setproject failed for project \"%s\""
msgstr "setproject per il progetto \"%s\" non riuscita"
-#: src/sudo.c:804
+#: src/sudo.c:844
#, c-format
msgid "warning, resource control assignment failed for project \"%s\""
msgstr "attenzione, assegnazione della risorsa di controllo per il progetto \"%s\" non riuscita"
-#: src/sudo.c:832
-#, c-format
-msgid "unable to remove PRIV_PROC_EXEC from PRIV_LIMIT"
-msgstr "impossibile rimuovere PRIV_PROC_EXEC da PRIV_LIMIT"
-
-#: src/sudo.c:938
+#: src/sudo.c:909
#, c-format
msgid "unknown login class %s"
msgstr "classe di accesso %s sconosciuta"
-#: src/sudo.c:945 src/sudo.c:948
+#: src/sudo.c:923 src/sudo.c:926
#, c-format
msgid "unable to set user context"
msgstr "impossibile impostare il contesto utente"
-#: src/sudo.c:959
+#: src/sudo.c:938
+#, c-format
+msgid "unable to set supplementary group IDs"
+msgstr "impossibile impostare ID di gruppo supplementari"
+
+#: src/sudo.c:945
#, c-format
msgid "unable to set effective gid to runas gid %u"
msgstr "impossibile impostare il gid effettivo per eseguire come %u"
-#: src/sudo.c:965
+#: src/sudo.c:951
#, c-format
msgid "unable to set gid to runas gid %u"
msgstr "impossibile impostare il gid per eseguire come gid %u"
-#: src/sudo.c:973
-#, c-format
-msgid "unable to set supplementary group IDs"
-msgstr "impossibile impostare ID di gruppo supplementari"
-
-#: src/sudo.c:981
+#: src/sudo.c:958
#, c-format
msgid "unable to set process priority"
msgstr "impossibile impostare la priorità del processo"
-#: src/sudo.c:989
+#: src/sudo.c:966
#, c-format
msgid "unable to change root to %s"
msgstr "impossibile modificare root a %s"
-#: src/sudo.c:999 src/sudo.c:1005 src/sudo.c:1011
+#: src/sudo.c:973 src/sudo.c:979 src/sudo.c:985
#, c-format
msgid "unable to change to runas uid (%u, %u)"
msgstr "impossibile passare a un diverso uid (%u, %u)"
-#: src/sudo.c:1025
+#: src/sudo.c:999
#, c-format
msgid "unable to change directory to %s"
msgstr "impossibile passare alla directory %s"
-#: src/sudo.c:1092
+#: src/sudo.c:1072
#, c-format
msgid "unexpected child termination condition: %d"
msgstr "condizione di uscita del figlio inattesa: %d"
-#: src/sudo.c:1132
+#: src/sudo.c:1133
#, c-format
msgid "policy plugin %s does not support listing privileges"
msgstr "il plugin di politica %s non supporta l'elencazione dei privilegi"
-#: src/sudo.c:1143
+#: src/sudo.c:1145
#, c-format
msgid "policy plugin %s does not support the -v option"
msgstr "il plugin di politica %s non supporta l'opzione -v"
-#: src/sudo.c:1154
+#: src/sudo.c:1157
#, c-format
msgid "policy plugin %s does not support the -k/-K options"
msgstr "il plguind di politica %s non supporta le opzioni -k/-K"
-#: src/sudo_edit.c:108
+#: src/sudo_edit.c:111
#, c-format
msgid "unable to change uid to root (%u)"
msgstr "impossibile modificare lo uid a root (%u)"
-#: src/sudo_edit.c:140
+#: src/sudo_edit.c:143
#, c-format
msgid "plugin error: missing file list for sudoedit"
msgstr "errore di plugin: elenco file mancante per sudoedit"
-#: src/sudo_edit.c:168 src/sudo_edit.c:268
+#: src/sudo_edit.c:171 src/sudo_edit.c:271
#, c-format
msgid "%s: not a regular file"
msgstr "%s: non è un file regolare"
-#: src/sudo_edit.c:202 src/sudo_edit.c:304
+#: src/sudo_edit.c:205 src/sudo_edit.c:307
#, c-format
msgid "%s: short write"
msgstr "%s: scrittura breve"
-#: src/sudo_edit.c:269
+#: src/sudo_edit.c:272
#, c-format
msgid "%s left unmodified"
msgstr "%s lasciato non modificato"
-#: src/sudo_edit.c:282
+#: src/sudo_edit.c:285
#, c-format
msgid "%s unchanged"
msgstr "%s non modificato"
-#: src/sudo_edit.c:294 src/sudo_edit.c:315
+#: src/sudo_edit.c:297 src/sudo_edit.c:318
#, c-format
msgid "unable to write to %s"
msgstr "impossibile scrivere su %s"
-#: src/sudo_edit.c:295 src/sudo_edit.c:313 src/sudo_edit.c:316
+#: src/sudo_edit.c:298 src/sudo_edit.c:316 src/sudo_edit.c:319
#, c-format
msgid "contents of edit session left in %s"
msgstr "contenuto della sessione di modifica tralasciato in %s"
-#: src/sudo_edit.c:312
+#: src/sudo_edit.c:315
#, c-format
msgid "unable to read temporary file"
msgstr "impossibile leggere il file temporaneo"
-#: src/tgetpass.c:95
+#: src/tgetpass.c:90
#, c-format
msgid "no tty present and no askpass program specified"
msgstr "nessun tty presente e nessun programma di richiesta password specificato"
-#: src/tgetpass.c:104
+#: src/tgetpass.c:99
#, c-format
msgid "no askpass program specified, try setting SUDO_ASKPASS"
msgstr "nessun programma di richiesta password specificato, impostare SUDO_ASKPASS"
-#: src/tgetpass.c:234
+#: src/tgetpass.c:231
#, c-format
msgid "unable to set gid to %u"
msgstr "impossibile impostare lo gid a %u"
-#: src/tgetpass.c:238
+#: src/tgetpass.c:235
#, c-format
msgid "unable to set uid to %u"
msgstr "impossibile impostare lo uid a %u"
-#: src/tgetpass.c:243
+#: src/tgetpass.c:240
#, c-format
msgid "unable to run %s"
msgstr "impossibile eseguire %s"
-#: src/utmp.c:263
+#: src/utmp.c:278
#, c-format
msgid "unable to save stdin"
msgstr "impossibile salvare lo stdin"
-#: src/utmp.c:265
+#: src/utmp.c:280
#, c-format
msgid "unable to dup2 stdin"
msgstr "impossibile eseguire dup2 sullo stdin"
-#: src/utmp.c:268
+#: src/utmp.c:283
#, c-format
msgid "unable to restore stdin"
msgstr "impossibile ripristinare lo stdin"
-#: common/aix.c:144
+#: common/aix.c:149
#, c-format
msgid "unable to open userdb"
msgstr "impossibile aprire lo userdb"
-#: common/aix.c:147
+#: common/aix.c:152
#, c-format
msgid "unable to switch to registry \"%s\" for %s"
msgstr "impossibile passare al registro \"%s\" per %s"
-#: common/aix.c:161
+#: common/aix.c:169
#, c-format
msgid "unable to restore registry"
msgstr "impossibile ripristinare il registro"
#: common/alloc.c:82
-#, c-format
msgid "internal error, tried to emalloc(0)"
msgstr "errore interno, tentativo di chiamare emalloc(0)"
#: common/alloc.c:99
-#, c-format
msgid "internal error, tried to emalloc2(0)"
msgstr "errore interno, tentativo di chiamare emalloc2(0)"
#: common/alloc.c:101
-#, c-format
msgid "internal error, emalloc2() overflow"
msgstr "errore interno, overflow di emalloc2()"
-#: common/alloc.c:119
-#, c-format
+#: common/alloc.c:120
+msgid "internal error, tried to ecalloc(0)"
+msgstr "errore interno, tentativo di chiamare ecalloc(0)"
+
+#: common/alloc.c:123
+msgid "internal error, ecalloc() overflow"
+msgstr "errore interno, overflow di ecalloc()"
+
+#: common/alloc.c:142
msgid "internal error, tried to erealloc(0)"
msgstr "errore interno, tentativo di chiamare erealloc(0)"
-#: common/alloc.c:138
-#, c-format
+#: common/alloc.c:161 common/alloc.c:185
msgid "internal error, tried to erealloc3(0)"
msgstr "errore interno, tentativo di chiamare erealloc3(0)"
-#: common/alloc.c:140
-#, c-format
+#: common/alloc.c:163 common/alloc.c:187
msgid "internal error, erealloc3() overflow"
msgstr "errore interno, overflow di erealloc3()"
+#: common/sudo_conf.c:306
+#, c-format
+msgid "unable to stat %s"
+msgstr "impossibile eseguire stat su %s"
+
+#: common/sudo_conf.c:309
+#, c-format
+msgid "%s is not a regular file"
+msgstr "%s non è un file regolare"
+
+#: common/sudo_conf.c:312
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "%s è di proprietà dello uid %u, dovrebbe essere di %u"
+
+#: common/sudo_conf.c:316
+#, c-format
+msgid "%s is world writable"
+msgstr "%s è scrivibile da tutti"
+
+#: common/sudo_conf.c:319
+#, c-format
+msgid "%s is group writable"
+msgstr "%s è scrivibile dal gruppo"
+
#: compat/strsignal.c:47
msgid "Unknown signal"
msgstr "Segnale sconosciuto"
+
+#~ msgid "must be setuid root"
+#~ msgstr "è necessario essere setuid root"
+
+#~ msgid "the argument to -D must be between 1 and 9 inclusive"
+#~ msgstr "l'argomento di -D deve essere tra 1 e 9 compresi"
# Japanese messages for sudo
# This file is put in the public domain.
# Yasuaki Taniguchi <yasuakit@gmail.com>, 2011.
+# Takeshi Hamasaki <hmatrjp@users.sourceforge.jp>, 2012
#
msgid ""
msgstr ""
-"Project-Id-Version: sudo 1.8.3rc1\n"
+"Project-Id-Version: sudo 1.8.5rc3\n"
"Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n"
-"POT-Creation-Date: 2011-09-16 13:37-0400\n"
-"PO-Revision-Date: 2011-10-09 22:21+0900\n"
-"Last-Translator: Yasuaki Taniguchi <yasuakit@gmail.com>\n"
+"POT-Creation-Date: 2012-04-24 13:41-0400\n"
+"PO-Revision-Date: 2012-04-30 16:14+0900\n"
+"Last-Translator: Takeshi Hamasaki <hmatrjp@users.sourceforge.jp>\n"
"Language-Team: Japanese <translation-team-ja@lists.sourceforge.net>\n"
"Language: ja\n"
"MIME-Version: 1.0\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=1; plural=0;\n"
+#: common/aix.c:149
+#, c-format
+msgid "unable to open userdb"
+msgstr "ユーザーデータベースを開くことができません"
+
+#: common/aix.c:152
+#, c-format
+msgid "unable to switch to registry \"%s\" for %s"
+msgstr "%s 用のレジストリー \"%s\" へ切り替えることができません"
+
+#: common/aix.c:169
+#, c-format
+msgid "unable to restore registry"
+msgstr "レジストリーを復元できません"
+
+#: common/alloc.c:82
+msgid "internal error, tried to emalloc(0)"
+msgstr "内部エラー、emalloc(0) を試みました"
+
+#: common/alloc.c:85 common/alloc.c:105 common/alloc.c:127 common/alloc.c:146
+#: common/alloc.c:168 common/alloc.c:192 common/alloc.c:256 common/alloc.c:270
+#: src/exec_common.c:111 src/parse_args.c:432 src/sudo.c:456 src/sudo.c:482
+#: src/sudo.c:489 src/sudo.c:500 src/sudo.c:737
+#, c-format
+msgid "unable to allocate memory"
+msgstr "メモリ割り当てを行えませんでした"
+
+#: common/alloc.c:99
+msgid "internal error, tried to emalloc2(0)"
+msgstr "内部エラー、 emalloc2(0) を試みました"
+
+#: common/alloc.c:101
+msgid "internal error, emalloc2() overflow"
+msgstr "内部エラー、 emalloc2() がオーバーフローしました"
+
+#: common/alloc.c:120
+msgid "internal error, tried to ecalloc(0)"
+msgstr "内部エラー、ecalloc(0) を試みました"
+
+#: common/alloc.c:123
+msgid "internal error, ecalloc() overflow"
+msgstr "内部エラー、 ecalloc() がオーバーフローしました"
+
+#: common/alloc.c:142
+msgid "internal error, tried to erealloc(0)"
+msgstr "内部エラー、 erealloc(0) を試みました"
+
+#: common/alloc.c:161 common/alloc.c:185
+msgid "internal error, tried to erealloc3(0)"
+msgstr "内部エラー、 erealloc3(0) を試みました"
+
+#: common/alloc.c:163 common/alloc.c:187
+msgid "internal error, erealloc3() overflow"
+msgstr "内部エラー、 erealloc3() がオーバーフローしました"
+
+#: common/sudo_conf.c:306
+#, c-format
+msgid "unable to stat %s"
+msgstr "%s の状態取得 (stat) ができません"
+
+#: common/sudo_conf.c:309
+#, c-format
+msgid "%s is not a regular file"
+msgstr "%s は通常ファイルではありません"
+
+#: common/sudo_conf.c:312
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "%s はユーザーID %u によって所有されています。これは %u であるべきです"
+
+#: common/sudo_conf.c:316
+#, c-format
+msgid "%s is world writable"
+msgstr "%s は誰でも書き込み可能です"
+
+#: common/sudo_conf.c:319
+#, c-format
+msgid "%s is group writable"
+msgstr "%s はグループのメンバーによる書き込みが可能です"
+
+#: common/sudo_conf.c:328 src/selinux.c:196 src/selinux.c:209 src/sudo.c:331
+#, c-format
+msgid "unable to open %s"
+msgstr "%s を開けません"
+
+#: compat/strsignal.c:47
+msgid "Unknown signal"
+msgstr "不明なシグナルです"
+
#: src/error.c:82 src/error.c:86
msgid ": "
msgstr ": "
-#: src/exec.c:125 src/exec_pty.c:573 src/exec_pty.c:880 src/tgetpass.c:224
+#: src/exec.c:107 src/exec_pty.c:628
+#, c-format
+msgid "policy plugin failed session initialization"
+msgstr "ポリシープラグインがセッションの初期化に失敗しました"
+
+#: src/exec.c:112 src/exec_pty.c:633 src/exec_pty.c:967 src/tgetpass.c:221
#, c-format
msgid "unable to fork"
msgstr "fork できません"
-#: src/exec.c:246
+#: src/exec.c:259
#, c-format
msgid "unable to create sockets"
msgstr "ソケットを作成できません"
-#: src/exec.c:253 src/exec_pty.c:526 src/exec_pty.c:534 src/exec_pty.c:541
-#: src/exec_pty.c:826 src/exec_pty.c:877 src/tgetpass.c:221
+#: src/exec.c:266 src/exec_pty.c:572 src/exec_pty.c:581 src/exec_pty.c:589
+#: src/exec_pty.c:902 src/exec_pty.c:964 src/tgetpass.c:218
#, c-format
msgid "unable to create pipe"
msgstr "パイプを作成できません"
-#: src/exec.c:319 src/exec_pty.c:944 src/exec_pty.c:1077
+#: src/exec.c:351 src/exec_pty.c:1029 src/exec_pty.c:1167
#, c-format
msgid "select failed"
msgstr "select に失敗しました"
-#: src/exec.c:387
+#: src/exec.c:441
#, c-format
msgid "unable to restore tty label"
msgstr "tty ラベルを復旧できません"
-#: src/exec_pty.c:136
+#: src/exec_common.c:69
+#, c-format
+msgid "unable to remove PRIV_PROC_EXEC from PRIV_LIMIT"
+msgstr "PRIV_LIMIT から PRIV_PROC_EXEC を取り除くことができません"
+
+#: src/exec_pty.c:144
#, c-format
msgid "unable to allocate pty"
msgstr "pty を割り当てられません"
-#: src/exec_pty.c:566
+#: src/exec_pty.c:619
#, c-format
msgid "unable to set terminal to raw mode"
msgstr "端末を raw モードに設定できません"
-#: src/exec_pty.c:858
+#: src/exec_pty.c:945
#, c-format
msgid "unable to set controlling tty"
msgstr "tty の制御設定ができません"
-#: src/exec_pty.c:952
+#: src/exec_pty.c:1038
#, c-format
msgid "error reading from signal pipe"
msgstr "シグナルパイプからの読み込み中にエラーが発生しました"
-#: src/exec_pty.c:971
+#: src/exec_pty.c:1059
#, c-format
msgid "error reading from pipe"
msgstr "パイプからの読み込み中にエラーが発生しました"
-#: src/exec_pty.c:987
+#: src/exec_pty.c:1075
#, c-format
msgid "error reading from socketpair"
msgstr "ソケットペアからの読み込み中にエラーが発生しました"
-#: src/exec_pty.c:991
+#: src/exec_pty.c:1079
#, c-format
msgid "unexpected reply type on backchannel: %d"
msgstr "バックチャンネルに関する予期しないリプレイタイプです: %d"
-#: src/load_plugins.c:158
+#: src/load_plugins.c:79
#, c-format
msgid "%s: %s"
msgstr "%s: %s"
-#: src/load_plugins.c:164
+#: src/load_plugins.c:85
#, c-format
msgid "%s%s: %s"
msgstr "%s%s: %s"
-#: src/load_plugins.c:174
+#: src/load_plugins.c:95
#, c-format
msgid "%s must be owned by uid %d"
msgstr "%s の所有者は uid %d でなければいけません"
-#: src/load_plugins.c:178
+#: src/load_plugins.c:99
#, c-format
msgid "%s must be only be writable by owner"
msgstr "%s は所有者のみ書き込み可能で無ければいけません"
-#: src/load_plugins.c:185
+#: src/load_plugins.c:106
#, c-format
msgid "unable to dlopen %s: %s"
msgstr "dlopen %s を行うことができません: %s"
-#: src/load_plugins.c:190
+#: src/load_plugins.c:111
#, c-format
msgid "%s: unable to find symbol %s"
msgstr "%s: シンボル %s を見つけることができません"
-#: src/load_plugins.c:196
+#: src/load_plugins.c:117
#, c-format
msgid "%s: unknown policy type %d"
msgstr "%s: 不明なポリシータイプ %d です"
-#: src/load_plugins.c:200
+#: src/load_plugins.c:121
#, c-format
msgid "%s: incompatible policy major version %d, expected %d"
msgstr "%s: 互換性の無いポリシーメジャーバージョン %d です。予期されるのは %d です"
-#: src/load_plugins.c:207
+#: src/load_plugins.c:128
#, c-format
msgid "%s: only a single policy plugin may be loaded"
msgstr "%s: 一つのポリシープラグインのみロードされているようです"
-#: src/load_plugins.c:225
+#: src/load_plugins.c:148
#, c-format
msgid "%s: at least one policy plugin must be specified"
msgstr "%s: 最低でも一つ以上のポリシープラグインを指定しなければいけません"
-#: src/load_plugins.c:230
+#: src/load_plugins.c:153
#, c-format
msgid "policy plugin %s does not include a check_policy method"
msgstr "ポリシープラグイン %s には check_policy メソッドが含まれていません"
-#: src/net_ifs.c:155 src/net_ifs.c:164 src/net_ifs.c:176 src/net_ifs.c:185
-#: src/net_ifs.c:295 src/net_ifs.c:319
+#: src/net_ifs.c:157 src/net_ifs.c:166 src/net_ifs.c:178 src/net_ifs.c:187
+#: src/net_ifs.c:298 src/net_ifs.c:322
#, c-format
msgid "load_interfaces: overflow detected"
msgstr "load_interfaces: オーバーフローが検出されました"
-#: src/net_ifs.c:224
+#: src/net_ifs.c:227
#, c-format
msgid "unable to open socket"
msgstr "ソケットを開くことができません"
-#: src/parse_args.c:180
+#: src/parse_args.c:187
#, c-format
msgid "the argument to -C must be a number greater than or equal to 3"
msgstr "-C の引数は 3 以上の数値でなければいけません"
-#: src/parse_args.c:192
-#, c-format
-msgid "the argument to -D must be between 1 and 9 inclusive"
-msgstr "-D の引数は 1 から 9 の間でなければいけません"
-
-#: src/parse_args.c:273
+#: src/parse_args.c:276
#, c-format
msgid "unknown user: %s"
msgstr "不明なユーザーです: %s"
-#: src/parse_args.c:332
+#: src/parse_args.c:335
#, c-format
msgid "you may not specify both the `-i' and `-s' options"
msgstr "`-i' と `-s' オプションを同時に指定することはできません"
-#: src/parse_args.c:336
+#: src/parse_args.c:339
#, c-format
msgid "you may not specify both the `-i' and `-E' options"
msgstr "`-i' と `-E' オプションを同時に指定することはできません"
-#: src/parse_args.c:346
+#: src/parse_args.c:349
#, c-format
msgid "the `-E' option is not valid in edit mode"
msgstr "`-E' オプションは編集モードでは無効です"
-#: src/parse_args.c:348
+#: src/parse_args.c:351
#, c-format
msgid "you may not specify environment variables in edit mode"
msgstr "編集モードでは環境変数を指定できません"
-#: src/parse_args.c:356
+#: src/parse_args.c:359
#, c-format
msgid "the `-U' option may only be used with the `-l' option"
msgstr "`-U' オプションは `-l' オプションのみと同時に指定できます"
-#: src/parse_args.c:360
+#: src/parse_args.c:363
#, c-format
msgid "the `-A' and `-S' options may not be used together"
msgstr "`-A' と `-S' オプションは同時に指定することはできません"
-#: src/parse_args.c:429 src/sudo.c:435 src/sudo.c:455 src/sudo.c:463
-#: src/sudo.c:473 common/alloc.c:85 common/alloc.c:105 common/alloc.c:123
-#: common/alloc.c:145 common/alloc.c:203 common/alloc.c:217
-#, c-format
-msgid "unable to allocate memory"
-msgstr "メモリ割り当てを行えませんでした"
-
-#: src/parse_args.c:442
+#: src/parse_args.c:445
#, c-format
msgid "sudoedit is not supported on this platform"
msgstr "sudoedit はこのプラットフォームではサポートされていません"
-#: src/parse_args.c:513
+#: src/parse_args.c:518
#, c-format
msgid "Only one of the -e, -h, -i, -K, -l, -s, -v or -V options may be specified"
msgstr "-e, -h, -i, -K, -l, -s, -v または -V のうち一つのみ指定できます"
-#: src/parse_args.c:526
+#: src/parse_args.c:532
#, c-format
msgid ""
"%s - edit files as another user\n"
"%s - 別のユーザーとしてファイルを編集します\n"
"\n"
-#: src/parse_args.c:528
+#: src/parse_args.c:534
#, c-format
msgid ""
"%s - execute a command as another user\n"
"%s - 別のユーザーとしてコマンドを実行します\n"
"\n"
-#: src/parse_args.c:533
+#: src/parse_args.c:539
#, c-format
msgid ""
"\n"
"\n"
"オプション:\n"
-#: src/parse_args.c:536
+#: src/parse_args.c:542
msgid "use helper program for password prompting\n"
msgstr "パスワード要求のために補助プログラムを使用する\n"
-#: src/parse_args.c:539
+#: src/parse_args.c:545
msgid "use specified BSD authentication type\n"
msgstr "指定した BSD 認証タイプを使用する\n"
-#: src/parse_args.c:541
+#: src/parse_args.c:547
msgid "run command in the background\n"
msgstr "コマンドをバックグラウンドで実行する\n"
-#: src/parse_args.c:543
+#: src/parse_args.c:549
msgid "close all file descriptors >= fd\n"
msgstr "fd 以上のすべてのファイル記述子を閉じる\n"
-#: src/parse_args.c:546
+#: src/parse_args.c:552
msgid "run command with specified login class\n"
msgstr "指定したログインクラスでコマンドを実行する\n"
-#: src/parse_args.c:549
+#: src/parse_args.c:555
msgid "preserve user environment when executing command\n"
msgstr "コマンドを実行する時にユーザーの環境変数を保護する\n"
-#: src/parse_args.c:551
+#: src/parse_args.c:557
msgid "edit files instead of running a command\n"
msgstr "コマンドを実行する代わりにファイルを編集する\n"
-#: src/parse_args.c:553
+#: src/parse_args.c:559
msgid "execute command as the specified group\n"
msgstr "指定したグループでコマンドを実行する\n"
-#: src/parse_args.c:555
+#: src/parse_args.c:561
msgid "set HOME variable to target user's home dir.\n"
msgstr "HOME 変数を変更先となるユーザーのホームディレクトリに設定する\n"
-#: src/parse_args.c:557
+#: src/parse_args.c:563
msgid "display help message and exit\n"
msgstr "ヘルプメッセージを表示して終了する\n"
-#: src/parse_args.c:559
+#: src/parse_args.c:565
msgid "run a login shell as target user\n"
msgstr "変更先のユーザーとしてログインシェルを実行する\n"
-#: src/parse_args.c:561
+#: src/parse_args.c:567
msgid "remove timestamp file completely\n"
msgstr "タイムスタンプファイルを完全に削除する\n"
-#: src/parse_args.c:563
+#: src/parse_args.c:569
msgid "invalidate timestamp file\n"
msgstr "タイムスタンプファイルを無効にする\n"
-#: src/parse_args.c:565
+#: src/parse_args.c:571
msgid "list user's available commands\n"
msgstr "ユーザーが使用可能なコマンドを一覧表示する\n"
-#: src/parse_args.c:567
+#: src/parse_args.c:573
msgid "non-interactive mode, will not prompt user\n"
msgstr "非対話モードで実行し、ユーザーに入力を求めない\n"
-#: src/parse_args.c:569
+#: src/parse_args.c:575
msgid "preserve group vector instead of setting to target's\n"
msgstr "グループベクトルを保護する (変更先のユーザーのものに設定しない)\n"
-#: src/parse_args.c:571
+#: src/parse_args.c:577
msgid "use specified password prompt\n"
msgstr "指定したパスワードプロンプトを使用する\n"
-#: src/parse_args.c:574 src/parse_args.c:582
+#: src/parse_args.c:580 src/parse_args.c:588
msgid "create SELinux security context with specified role\n"
msgstr "指定した役割で SELinux セキュリティーコンテキストを作成する\n"
-#: src/parse_args.c:577
+#: src/parse_args.c:583
msgid "read password from standard input\n"
msgstr "標準入力からパスワードを読み込む\n"
-#: src/parse_args.c:579
+#: src/parse_args.c:585
msgid "run a shell as target user\n"
msgstr "変更先のユーザーとしてシェルを実行する\n"
-#: src/parse_args.c:585
+#: src/parse_args.c:591
msgid "when listing, list specified user's privileges\n"
msgstr "一覧表示する時に、指定したユーザーの権限を一覧表示する\n"
-#: src/parse_args.c:587
+#: src/parse_args.c:593
msgid "run command (or edit file) as specified user\n"
msgstr "指定したユーザーでコマンドを実行する (またはファイルを編集する)\n"
-#: src/parse_args.c:589
+#: src/parse_args.c:595
msgid "display version information and exit\n"
msgstr "バージョン情報を表示して終了する\n"
-#: src/parse_args.c:591
+#: src/parse_args.c:597
msgid "update user's timestamp without running a command\n"
msgstr "コマンドを実行せずにユーザーのタイムスタンプを更新する\n"
-#: src/parse_args.c:593
+#: src/parse_args.c:599
msgid "stop processing command line arguments\n"
msgstr "コマンドライン引数の処理を終了する\n"
-#: src/selinux.c:75
+#: src/selinux.c:77
#, c-format
msgid "unable to open audit system"
msgstr "監査システムを開くことができません"
msgid "unable to send audit message"
msgstr "監査メッセージを送ることができません"
-#: src/selinux.c:112
+#: src/selinux.c:113
#, c-format
msgid "unable to fgetfilecon %s"
msgstr "fgetfilecon %s を行うことができません"
-#: src/selinux.c:117
+#: src/selinux.c:118
#, c-format
msgid "%s changed labels"
msgstr "%s はラベルを変更しました"
-#: src/selinux.c:122
+#: src/selinux.c:123
#, c-format
msgid "unable to restore context for %s"
msgstr "%s 用のコンテキストを復元することができません"
-#: src/selinux.c:161
+#: src/selinux.c:163
#, c-format
msgid "unable to open %s, not relabeling tty"
msgstr "%s を開くことができません。tty の再ラベル付けを行いません"
-#: src/selinux.c:170
+#: src/selinux.c:172
#, c-format
msgid "unable to get current tty context, not relabeling tty"
msgstr "現在の tty コンテキストを取得できません。 tty の再ラベル付けを行いません"
-#: src/selinux.c:177
+#: src/selinux.c:179
#, c-format
msgid "unable to get new tty context, not relabeling tty"
msgstr "新しい tty コンテキストを取得できません。 tty の再ラベル付けを行いません"
-#: src/selinux.c:184
+#: src/selinux.c:186
#, c-format
msgid "unable to set new tty context"
msgstr "新しい tty コンテキストを設定できません"
-#: src/selinux.c:194 src/selinux.c:207 src/sudo.c:323
-#, c-format
-msgid "unable to open %s"
-msgstr "%s を開けません"
-
-#: src/selinux.c:249
+#: src/selinux.c:252
#, c-format
msgid "you must specify a role for type %s"
msgstr "タイプ %s 用の役割を指定しなければいけません"
-#: src/selinux.c:255
+#: src/selinux.c:258
#, c-format
msgid "unable to get default type for role %s"
msgstr "役割 %s 用のデフォルトのタイプを取得できません"
-#: src/selinux.c:273
+#: src/selinux.c:276
#, c-format
msgid "failed to set new role %s"
msgstr "新しい役割 %s の設定に失敗しました"
-#: src/selinux.c:277
+#: src/selinux.c:280
#, c-format
msgid "failed to set new type %s"
msgstr "新しいタイプ %s の設定に失敗しました"
-#: src/selinux.c:286
+#: src/selinux.c:289
#, c-format
msgid "%s is not a valid context"
msgstr "%s は有効なコンテキストではありません"
-#: src/selinux.c:320
+#: src/selinux.c:324
#, c-format
msgid "failed to get old_context"
msgstr "古いコンテキスト (old_context) の取得に失敗しました"
-#: src/selinux.c:326
+#: src/selinux.c:330
#, c-format
msgid "unable to determine enforcing mode."
msgstr "強制モードを決定することができません。"
-#: src/selinux.c:338
+#: src/selinux.c:342
#, c-format
msgid "unable to setup tty context for %s"
msgstr "%s 用の tty コンテキストをセットアップできません"
-#: src/selinux.c:367
+#: src/selinux.c:373
#, c-format
msgid "unable to set exec context to %s"
msgstr "実行コンテキストを %s に設定できません"
-#: src/selinux.c:374
+#: src/selinux.c:380
#, c-format
msgid "unable to set key creation context to %s"
msgstr "キー作成コンテキストを %s へ設定できません"
-#: src/sesh.c:48
+#: src/sesh.c:70
+#, c-format
msgid "requires at least one argument"
msgstr "最低でも一つ以上おの引数が必要です"
-#: src/sesh.c:64
+#: src/sesh.c:91
#, c-format
msgid "unable to execute %s"
msgstr "%s を実行できません"
-#: src/sudo.c:191
-#, c-format
-msgid "must be setuid root"
-msgstr "setuid root されていなければいけません"
-
-#: src/sudo.c:209
+#: src/sudo.c:211
#, c-format
msgid "Sudo version %s\n"
msgstr "Sudo バージョン %s\n"
-#: src/sudo.c:211
+#: src/sudo.c:213
#, c-format
msgid "Configure options: %s\n"
msgstr "configure オプション: %s\n"
-#: src/sudo.c:216
+#: src/sudo.c:218
#, c-format
msgid "fatal error, unable to load plugins"
msgstr "致命的エラー、プラグインをロードできません"
-#: src/sudo.c:224
+#: src/sudo.c:226
#, c-format
msgid "unable to initialize policy plugin"
msgstr "ポリシープラグインを初期化できません"
-#: src/sudo.c:279
+#: src/sudo.c:281
#, c-format
msgid "error initializing I/O plugin %s"
msgstr "I/O プラグイン %s を初期化中にエラーが発生しました"
-#: src/sudo.c:300
+#: src/sudo.c:306
#, c-format
msgid "unexpected sudo mode 0x%x"
msgstr "予期しない sudo のモード 0x%x です"
-#: src/sudo.c:389
+#: src/sudo.c:400
#, c-format
msgid "unable to get group vector"
msgstr "グループベクトルを取得できません"
-#: src/sudo.c:431
+#: src/sudo.c:452
#, c-format
msgid "unknown uid %u: who are you?"
msgstr "不明なユーザーID %u です: 誰ですか?"
-#: src/sudo.c:773
+#: src/sudo.c:760
+#, c-format
+msgid "%s must be owned by uid %d and have the setuid bit set"
+msgstr "%s は所有者が uid %d である必要があり、かつ setuid が設定されている必要があります"
+
+#: src/sudo.c:763
+#, c-format
+msgid "effective uid is not %d, is %s on a file system with the 'nosuid' option set or an NFS file system without root privileges?"
+msgstr "実効 uid が %d ではありません、%s は 'nosuid' が設定されたファイルシステムにあるか、root 権限のないNFSファイルシステムにあるのでは?"
+
+#: src/sudo.c:769
+#, c-format
+msgid "effective uid is not %d, is sudo installed setuid root?"
+msgstr "実効 uid が %d ではありません、sudo は setuid root を設定してインストールされていますか?"
+
+#: src/sudo.c:838
#, c-format
msgid "resource control limit has been reached"
msgstr "資源制御の制限の最大値に達しました"
-#: src/sudo.c:776
+#: src/sudo.c:841
#, c-format
msgid "user \"%s\" is not a member of project \"%s\""
msgstr "ユーザー \"%s\" はプロジェクト \"%s\" のメンバーではありません"
-#: src/sudo.c:780
+#: src/sudo.c:845
#, c-format
msgid "the invoking task is final"
msgstr "起動しているタスクは最後 (final) です"
-#: src/sudo.c:783
+#: src/sudo.c:848
#, c-format
msgid "could not join project \"%s\""
msgstr "プロジェクト \"%s\" に参加できません"
-#: src/sudo.c:788
+#: src/sudo.c:853
#, c-format
msgid "no resource pool accepting default bindings exists for project \"%s\""
msgstr "プロジェクト \"%s\" 用にはデフォルト割り当てとして受け付けられる資源プールがありません"
-#: src/sudo.c:792
+#: src/sudo.c:857
#, c-format
msgid "specified resource pool does not exist for project \"%s\""
msgstr "プロジェクト \"%s\" 用として指定した資源プールは存在しません"
-#: src/sudo.c:796
+#: src/sudo.c:861
#, c-format
msgid "could not bind to default resource pool for project \"%s\""
msgstr "プロジェクト \"%s\" 用にデフォルト資源プールを割り当てられませんでした"
-#: src/sudo.c:802
+#: src/sudo.c:867
#, c-format
msgid "setproject failed for project \"%s\""
msgstr "プロジェクト\"%s\" への setproject に失敗しました"
-#: src/sudo.c:804
+#: src/sudo.c:869
#, c-format
msgid "warning, resource control assignment failed for project \"%s\""
msgstr "警告、プロジェクト \"%s\" への資源制御割り当てに失敗しました"
-#: src/sudo.c:832
-#, c-format
-msgid "unable to remove PRIV_PROC_EXEC from PRIV_LIMIT"
-msgstr "PRIV_LIMIT から PRIV_PROC_EXEC を取り除くことができません"
-
-#: src/sudo.c:938
+#: src/sudo.c:917
#, c-format
msgid "unknown login class %s"
msgstr "不明なログインクラス %s です"
-#: src/sudo.c:945 src/sudo.c:948
+#: src/sudo.c:931 src/sudo.c:934
#, c-format
msgid "unable to set user context"
msgstr "ユーザーコンテキストを設定できません"
-#: src/sudo.c:959
+#: src/sudo.c:946
+#, c-format
+msgid "unable to set supplementary group IDs"
+msgstr "追加のグループIDを設定できません"
+
+#: src/sudo.c:953
#, c-format
msgid "unable to set effective gid to runas gid %u"
msgstr "実行時のグループID (gid) %u を実効グループIDに設定できません"
-#: src/sudo.c:965
+#: src/sudo.c:959
#, c-format
msgid "unable to set gid to runas gid %u"
msgstr "実行時のグループID (gid) %u をグループIDに設定できません"
-#: src/sudo.c:973
-#, c-format
-msgid "unable to set supplementary group IDs"
-msgstr "追加のグループIDを設定できません"
-
-#: src/sudo.c:981
+#: src/sudo.c:966
#, c-format
msgid "unable to set process priority"
msgstr "プロセス優先度を設定できません"
-#: src/sudo.c:989
+#: src/sudo.c:974
#, c-format
msgid "unable to change root to %s"
msgstr "root を %s へ変更できません"
-#: src/sudo.c:999 src/sudo.c:1005 src/sudo.c:1011
+#: src/sudo.c:981 src/sudo.c:987 src/sudo.c:993
#, c-format
msgid "unable to change to runas uid (%u, %u)"
msgstr "実行時のユーザーID (uid) (%u, %u) へ変更できません"
-#: src/sudo.c:1025
+#: src/sudo.c:1007
#, c-format
msgid "unable to change directory to %s"
msgstr "ディレクトリーを %s に変更できません"
-#: src/sudo.c:1092
+#: src/sudo.c:1079
#, c-format
msgid "unexpected child termination condition: %d"
msgstr "予期しない子プロセスの終了コードです: %d"
-#: src/sudo.c:1132
+#: src/sudo.c:1140
#, c-format
msgid "policy plugin %s does not support listing privileges"
msgstr "ポリシープラグイン %s は権限の一覧表示をサポートしていません"
-#: src/sudo.c:1143
+#: src/sudo.c:1152
#, c-format
msgid "policy plugin %s does not support the -v option"
msgstr "ポリシープラグイン %s は -v オプションをサポートしません"
-#: src/sudo.c:1154
+#: src/sudo.c:1164
#, c-format
msgid "policy plugin %s does not support the -k/-K options"
msgstr "ポリシープラグイン %s は -k/-K オプションをサポートしません"
-#: src/sudo_edit.c:108
+#: src/sudo_edit.c:111
#, c-format
msgid "unable to change uid to root (%u)"
msgstr "ユーザーID (uid) を root (%u) に変更できません"
-#: src/sudo_edit.c:140
+#: src/sudo_edit.c:143
#, c-format
msgid "plugin error: missing file list for sudoedit"
msgstr "プラグインエラー: sudoedit 用のファイル一覧がありません"
-#: src/sudo_edit.c:168 src/sudo_edit.c:268
+#: src/sudo_edit.c:171 src/sudo_edit.c:271
#, c-format
msgid "%s: not a regular file"
msgstr "%s: 通常ファイルではありません"
-#: src/sudo_edit.c:202 src/sudo_edit.c:304
+#: src/sudo_edit.c:205 src/sudo_edit.c:307
#, c-format
msgid "%s: short write"
msgstr "%s: 短い書き込みです"
-#: src/sudo_edit.c:269
+#: src/sudo_edit.c:272
#, c-format
msgid "%s left unmodified"
msgstr "%s を修正しないままにします"
-#: src/sudo_edit.c:282
+#: src/sudo_edit.c:285
#, c-format
msgid "%s unchanged"
msgstr "%s を変更しません"
-#: src/sudo_edit.c:294 src/sudo_edit.c:315
+#: src/sudo_edit.c:297 src/sudo_edit.c:318
#, c-format
msgid "unable to write to %s"
msgstr "%s へ書き込むことができません"
-#: src/sudo_edit.c:295 src/sudo_edit.c:313 src/sudo_edit.c:316
+#: src/sudo_edit.c:298 src/sudo_edit.c:316 src/sudo_edit.c:319
#, c-format
msgid "contents of edit session left in %s"
msgstr "編集セッションの内容が %s 内に残っています"
-#: src/sudo_edit.c:312
+#: src/sudo_edit.c:315
#, c-format
msgid "unable to read temporary file"
msgstr "一時ファイルを読み込むことができません"
-#: src/tgetpass.c:95
+#: src/tgetpass.c:90
#, c-format
msgid "no tty present and no askpass program specified"
msgstr "端末 (tty) が存在せず、パスワードを尋ねる (askpass) プログラムが指定されていません"
-#: src/tgetpass.c:104
+#: src/tgetpass.c:99
#, c-format
msgid "no askpass program specified, try setting SUDO_ASKPASS"
msgstr "パスワードを尋ねる (askpass) プログラムが指定されていません。 SUDO_ASKPASS の設定を試みます"
-#: src/tgetpass.c:234
+#: src/tgetpass.c:231
#, c-format
msgid "unable to set gid to %u"
msgstr "グループIDを %u に設定できません"
-#: src/tgetpass.c:238
+#: src/tgetpass.c:235
#, c-format
msgid "unable to set uid to %u"
msgstr "ユーザーIDを %u に設定できません"
-#: src/tgetpass.c:243
+#: src/tgetpass.c:240
#, c-format
msgid "unable to run %s"
msgstr "%s を実行できません"
-#: src/utmp.c:263
+#: src/utmp.c:278
#, c-format
msgid "unable to save stdin"
msgstr "標準入力を保存できません"
-#: src/utmp.c:265
+#: src/utmp.c:280
#, c-format
msgid "unable to dup2 stdin"
msgstr "標準入力へ dup2 を実行できません"
-#: src/utmp.c:268
+#: src/utmp.c:283
#, c-format
msgid "unable to restore stdin"
msgstr "標準入力を復元できません"
-#: common/aix.c:144
-#, c-format
-msgid "unable to open userdb"
-msgstr "ユーザーデータベースを開くことができません"
-
-#: common/aix.c:147
-#, c-format
-msgid "unable to switch to registry \"%s\" for %s"
-msgstr "%s 用のレジストリー \"%s\" へ切り替えることができません"
-
-#: common/aix.c:161
-#, c-format
-msgid "unable to restore registry"
-msgstr "レジストリーを復元できません"
-
-#: common/alloc.c:82
-#, c-format
-msgid "internal error, tried to emalloc(0)"
-msgstr "内部エラー、emalloc(0) を試みました"
-
-#: common/alloc.c:99
-#, c-format
-msgid "internal error, tried to emalloc2(0)"
-msgstr "内部エラー、 emalloc2(0) を試みました"
-
-#: common/alloc.c:101
-#, c-format
-msgid "internal error, emalloc2() overflow"
-msgstr "内部エラー、 emalloc2() がオーバーフローしました"
+#~ msgid "must be setuid root"
+#~ msgstr "setuid root されていなければいけません"
-#: common/alloc.c:119
-#, c-format
-msgid "internal error, tried to erealloc(0)"
-msgstr "内部エラー、 erealloc(0) を試みました"
-
-#: common/alloc.c:138
-#, c-format
-msgid "internal error, tried to erealloc3(0)"
-msgstr "内部エラー、 erealloc3(0) を試みました"
-
-#: common/alloc.c:140
-#, c-format
-msgid "internal error, erealloc3() overflow"
-msgstr "内部エラー、 erealloc3() がオーバーフローしました"
-
-#: compat/strsignal.c:47
-msgid "Unknown signal"
-msgstr "不明なシグナルです"
+#~ msgid "the argument to -D must be between 1 and 9 inclusive"
+#~ msgstr "-D の引数は 1 から 9 の間でなければいけません"
# Polish translation for sudo.
# This file is put in the public domain.
-# Jakub Bogusz <qboosh@pld-linux.org>, 2011.
+# Jakub Bogusz <qboosh@pld-linux.org>, 2011-2012.
#
msgid ""
msgstr ""
-"Project-Id-Version: sudo 1.8.2rc2\n"
+"Project-Id-Version: sudo 1.8.5rc3\n"
"Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n"
-"POT-Creation-Date: 2011-06-04 18:27-0400\n"
-"PO-Revision-Date: 2011-07-16 13:15+0200\n"
+"POT-Creation-Date: 2012-04-24 13:41-0400\n"
+"PO-Revision-Date: 2012-05-06 21:33+0200\n"
"Last-Translator: Jakub Bogusz <qboosh@pld-linux.org>\n"
"Language-Team: Polish <translation-team-pl@lists.sourceforge.net>\n"
"Language: pl\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
+#: common/aix.c:149
+#, c-format
+msgid "unable to open userdb"
+msgstr "nie udało się otworzyć userdb"
+
+#: common/aix.c:152
+#, c-format
+msgid "unable to switch to registry \"%s\" for %s"
+msgstr "nie udało się przełączyć na rejestr \"%s\" dla %s"
+
+#: common/aix.c:169
+#, c-format
+msgid "unable to restore registry"
+msgstr "nie udało się odtworzyć rejestru"
+
+#: common/alloc.c:82
+msgid "internal error, tried to emalloc(0)"
+msgstr "błąd wewnętrzny, próbowano wykonać emalloc(0)"
+
+#: common/alloc.c:85 common/alloc.c:105 common/alloc.c:127 common/alloc.c:146
+#: common/alloc.c:168 common/alloc.c:192 common/alloc.c:256 common/alloc.c:270
+#: src/exec_common.c:111 src/parse_args.c:432 src/sudo.c:456 src/sudo.c:482
+#: src/sudo.c:489 src/sudo.c:500 src/sudo.c:737
+#, c-format
+msgid "unable to allocate memory"
+msgstr "nie udało się przydzielić pamięci"
+
+#: common/alloc.c:99
+msgid "internal error, tried to emalloc2(0)"
+msgstr "błąd wewnętrzny, próbowano wykonać emalloc2(0)"
+
+#: common/alloc.c:101
+msgid "internal error, emalloc2() overflow"
+msgstr "błąd wewnętrzny, przepełnienie emalloc2()"
+
+#: common/alloc.c:120
+msgid "internal error, tried to ecalloc(0)"
+msgstr "błąd wewnętrzny, próbowano wykonać ecalloc(0)"
+
+#: common/alloc.c:123
+msgid "internal error, ecalloc() overflow"
+msgstr "błąd wewnętrzny, przepełnienie ecalloc()"
+
+#: common/alloc.c:142
+msgid "internal error, tried to erealloc(0)"
+msgstr "błąd wewnętrzny, próbowano wykonać erealloc(0)"
+
+#: common/alloc.c:161 common/alloc.c:185
+msgid "internal error, tried to erealloc3(0)"
+msgstr "błąd wewnętrzny, próbowano wykonać erealloc3(0)"
+
+#: common/alloc.c:163 common/alloc.c:187
+msgid "internal error, erealloc3() overflow"
+msgstr "błąd wewnętrzny, przepełnienie erealloc3()"
+
+#: common/sudo_conf.c:306
+#, c-format
+msgid "unable to stat %s"
+msgstr "nie udało się wykonać stat na %s"
+
+#: common/sudo_conf.c:309
+#, c-format
+msgid "%s is not a regular file"
+msgstr "%s nie jest zwykłym plikiem"
+
+#: common/sudo_conf.c:312
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "właścicielem %s jest uid %u, powinien być %u"
+
+#: common/sudo_conf.c:316
+#, c-format
+msgid "%s is world writable"
+msgstr "%s jest zapisywalny dla świata"
+
+#: common/sudo_conf.c:319
+#, c-format
+msgid "%s is group writable"
+msgstr "%s jest zapisywalny dla grupy"
+
+#: common/sudo_conf.c:328 src/selinux.c:196 src/selinux.c:209 src/sudo.c:331
+#, c-format
+msgid "unable to open %s"
+msgstr "nie udało się otworzyć %s"
+
+#: compat/strsignal.c:47
+msgid "Unknown signal"
+msgstr "Nieznany sygnał"
+
#: src/error.c:82 src/error.c:86
msgid ": "
msgstr ": "
-#: src/exec.c:125 src/exec_pty.c:573 src/exec_pty.c:880 src/tgetpass.c:224
+#: src/exec.c:107 src/exec_pty.c:628
+#, c-format
+msgid "policy plugin failed session initialization"
+msgstr "nie udało się zainicjować sesji przez wtyczkę polityki"
+
+#: src/exec.c:112 src/exec_pty.c:633 src/exec_pty.c:967 src/tgetpass.c:221
#, c-format
msgid "unable to fork"
msgstr "nie udało się wykonać fork"
-#: src/exec.c:246
+#: src/exec.c:259
#, c-format
msgid "unable to create sockets"
msgstr "nie udało się utworzyć gniazd"
-#: src/exec.c:253 src/exec_pty.c:526 src/exec_pty.c:534 src/exec_pty.c:541
-#: src/exec_pty.c:826 src/exec_pty.c:877 src/tgetpass.c:221
+#: src/exec.c:266 src/exec_pty.c:572 src/exec_pty.c:581 src/exec_pty.c:589
+#: src/exec_pty.c:902 src/exec_pty.c:964 src/tgetpass.c:218
#, c-format
msgid "unable to create pipe"
msgstr "nie udało się utworzyć potoku"
-#: src/exec.c:319 src/exec_pty.c:944 src/exec_pty.c:1077
+#: src/exec.c:351 src/exec_pty.c:1029 src/exec_pty.c:1167
#, c-format
msgid "select failed"
msgstr "wywołanie select nie powiodło się"
-#: src/exec.c:387
+#: src/exec.c:441
#, c-format
msgid "unable to restore tty label"
msgstr "nie udało się przywrócić etykiety tty"
-#: src/exec_pty.c:136
+#: src/exec_common.c:69
+#, c-format
+msgid "unable to remove PRIV_PROC_EXEC from PRIV_LIMIT"
+msgstr "nie udało się usunąć PRIV_PROC_EXEC z PRIV_LIMIT"
+
+#: src/exec_pty.c:144
#, c-format
msgid "unable to allocate pty"
msgstr "nie udało się przydzielić pty"
-#: src/exec_pty.c:566
+#: src/exec_pty.c:619
#, c-format
msgid "unable to set terminal to raw mode"
msgstr "nie udało się przestawić terminala w tryb surowy"
-#: src/exec_pty.c:858
+#: src/exec_pty.c:945
#, c-format
msgid "unable to set controlling tty"
msgstr "nie udało się ustawić sterującego tty"
-#: src/exec_pty.c:952
+#: src/exec_pty.c:1038
#, c-format
msgid "error reading from signal pipe"
msgstr "błąd odczytu z potoku sygnałowego"
-#: src/exec_pty.c:971
+#: src/exec_pty.c:1059
#, c-format
msgid "error reading from pipe"
msgstr "błąd odczytu z potoku"
-#: src/exec_pty.c:987
+#: src/exec_pty.c:1075
#, c-format
msgid "error reading from socketpair"
msgstr "błąd odczytu z pary gniazd"
-#: src/exec_pty.c:991
+#: src/exec_pty.c:1079
#, c-format
msgid "unexpected reply type on backchannel: %d"
msgstr "nieoczekiwany typ odpowiedzi z kanału zwrotnego: %d"
-#: src/load_plugins.c:154
+#: src/load_plugins.c:79
#, c-format
msgid "%s: %s"
msgstr "%s: %s"
-#: src/load_plugins.c:160
+#: src/load_plugins.c:85
#, c-format
msgid "%s%s: %s"
msgstr "%s%s: %s"
-#: src/load_plugins.c:170
+#: src/load_plugins.c:95
#, c-format
msgid "%s must be owned by uid %d"
msgstr "właścicielem %s musi być uid %d"
-#: src/load_plugins.c:174
+#: src/load_plugins.c:99
#, c-format
msgid "%s must be only be writable by owner"
msgstr "prawo zapisu do %s może mieć tylko właściciel"
-#: src/load_plugins.c:181
+#: src/load_plugins.c:106
#, c-format
msgid "unable to dlopen %s: %s"
msgstr "nie udało się wykonać dlopen %s: %s"
-#: src/load_plugins.c:186
+#: src/load_plugins.c:111
#, c-format
msgid "%s: unable to find symbol %s"
msgstr "%s: nie udało się odnaleźć symbolu %s"
-#: src/load_plugins.c:192
+#: src/load_plugins.c:117
#, c-format
msgid "%s: unknown policy type %d"
msgstr "%s: nieznany typ polityki %d"
-#: src/load_plugins.c:196
+#: src/load_plugins.c:121
#, c-format
msgid "%s: incompatible policy major version %d, expected %d"
msgstr "%s: niezgodna główna wersja polityki %d, oczekiwano %d"
-#: src/load_plugins.c:203
+#: src/load_plugins.c:128
#, c-format
msgid "%s: only a single policy plugin may be loaded"
msgstr "%s: może być wczytana tylko jedna wtyczka polityki"
-#: src/load_plugins.c:221
+#: src/load_plugins.c:148
#, c-format
msgid "%s: at least one policy plugin must be specified"
msgstr "%s: musi być wczytana przynajmniej jedna wtyczka polityki"
-#: src/load_plugins.c:226
+#: src/load_plugins.c:153
#, c-format
msgid "policy plugin %s does not include a check_policy method"
msgstr "wtyczka polityki %s nie zawiera metody check_policy"
-#: src/net_ifs.c:155 src/net_ifs.c:164 src/net_ifs.c:176 src/net_ifs.c:185
-#: src/net_ifs.c:295 src/net_ifs.c:319
+#: src/net_ifs.c:157 src/net_ifs.c:166 src/net_ifs.c:178 src/net_ifs.c:187
+#: src/net_ifs.c:298 src/net_ifs.c:322
#, c-format
msgid "load_interfaces: overflow detected"
msgstr "load_interfaces: wykryto przepełnienie"
-#: src/net_ifs.c:224
+#: src/net_ifs.c:227
#, c-format
msgid "unable to open socket"
msgstr "nie udało się otworzyć gniazda"
-#: src/parse_args.c:180
+#: src/parse_args.c:187
#, c-format
msgid "the argument to -C must be a number greater than or equal to 3"
msgstr "argument opcji -C musi być większy lub równy 3"
-#: src/parse_args.c:192
-#, c-format
-msgid "the argument to -D must be between 1 and 9 inclusive"
-msgstr "argument opcji -D musi być z przedziału od 1 do 9 (włącznie)"
-
-#: src/parse_args.c:273
+#: src/parse_args.c:276
#, c-format
msgid "unknown user: %s"
msgstr "nieznany użytkownik: %s"
-#: src/parse_args.c:332
+#: src/parse_args.c:335
#, c-format
msgid "you may not specify both the `-i' and `-s' options"
msgstr "nie można podać jednocześnie opcji `-i' oraz `-s'"
-#: src/parse_args.c:336
+#: src/parse_args.c:339
#, c-format
msgid "you may not specify both the `-i' and `-E' options"
msgstr "nie można podać jednocześnie opcji `-i' oraz `-E'"
-#: src/parse_args.c:346
+#: src/parse_args.c:349
#, c-format
msgid "the `-E' option is not valid in edit mode"
msgstr "opcja `-E' nie jest poprawna w trybie edycji"
-#: src/parse_args.c:348
+#: src/parse_args.c:351
#, c-format
msgid "you may not specify environment variables in edit mode"
msgstr "w trybie edycji nie można przekazywać zmiennych środowiskowych"
-#: src/parse_args.c:356
+#: src/parse_args.c:359
#, c-format
msgid "the `-U' option may only be used with the `-l' option"
msgstr "opcji `-U' można używać tylko wraz z opcją `-l'"
-#: src/parse_args.c:360
+#: src/parse_args.c:363
#, c-format
msgid "the `-A' and `-S' options may not be used together"
msgstr "opcji `-A' oraz `-S' nie można używać jednocześnie"
-#: src/parse_args.c:418 src/sudo.c:398 src/sudo.c:418 src/sudo.c:426
-#: src/sudo.c:436 common/alloc.c:85 common/alloc.c:105 common/alloc.c:123
-#: common/alloc.c:145 common/alloc.c:203 common/alloc.c:217
-#, c-format
-msgid "unable to allocate memory"
-msgstr "nie udało się przydzielić pamięci"
-
-#: src/parse_args.c:431
+#: src/parse_args.c:445
#, c-format
msgid "sudoedit is not supported on this platform"
msgstr "sudoedit nie jest obsługiwane na tej platformie"
-#: src/parse_args.c:502
+#: src/parse_args.c:518
#, c-format
msgid "Only one of the -e, -h, -i, -K, -l, -s, -v or -V options may be specified"
msgstr "Można podać tylko jedną z opcji -e, -h, -i, -K, -l, -s, -v lub -V"
-#: src/parse_args.c:515
+#: src/parse_args.c:532
#, c-format
msgid ""
"%s - edit files as another user\n"
"%s - modyfikowanie plików jako inny użytkownik\n"
"\n"
-#: src/parse_args.c:517
+#: src/parse_args.c:534
#, c-format
msgid ""
"%s - execute a command as another user\n"
"%s - wykonywanie poleceń jako inny użytkownik\n"
"\n"
-#: src/parse_args.c:522
+#: src/parse_args.c:539
#, c-format
msgid ""
"\n"
"\n"
"Opcje:\n"
-#: src/parse_args.c:525
+#: src/parse_args.c:542
msgid "use helper program for password prompting\n"
msgstr "użycie programu pomocniczego do pytań o hasło\n"
-#: src/parse_args.c:528
+#: src/parse_args.c:545
msgid "use specified BSD authentication type\n"
msgstr "użycie podanego rodzaju uwierzytelnienia BSD\n"
-#: src/parse_args.c:530
+#: src/parse_args.c:547
msgid "run command in the background\n"
msgstr "uruchomienie polecenia w tle\n"
-#: src/parse_args.c:532
+#: src/parse_args.c:549
msgid "close all file descriptors >= fd\n"
msgstr "zamknięcie wszystkich deskryptorów >= fd\n"
-#: src/parse_args.c:535
+#: src/parse_args.c:552
msgid "run command with specified login class\n"
msgstr "uruchomienie polecenia z podaną klasą logowania\n"
-#: src/parse_args.c:538
+#: src/parse_args.c:555
msgid "preserve user environment when executing command\n"
msgstr "zachowanie środowiska użytkownika przy uruchamianiu polecenia\n"
-#: src/parse_args.c:540
+#: src/parse_args.c:557
msgid "edit files instead of running a command\n"
msgstr "modyfikowanie plików zamiast uruchomienia polecenia\n"
-#: src/parse_args.c:542
+#: src/parse_args.c:559
msgid "execute command as the specified group\n"
msgstr "wywołanie polecenia jako określona grupa\n"
-#: src/parse_args.c:544
+#: src/parse_args.c:561
msgid "set HOME variable to target user's home dir.\n"
msgstr "ustawienie zmiennej HOME na katalog domowy użytkownika docelowego.\n"
-#: src/parse_args.c:546
+#: src/parse_args.c:563
msgid "display help message and exit\n"
msgstr "wyświetlenie opisu i zakończenie\n"
-#: src/parse_args.c:548
+#: src/parse_args.c:565
msgid "run a login shell as target user\n"
msgstr "uruchomienie powłoki logowania jako docelowy użytkownik\n"
-#: src/parse_args.c:550
+#: src/parse_args.c:567
msgid "remove timestamp file completely\n"
msgstr "całkowite usunięcie pliku znacznika czasu\n"
-#: src/parse_args.c:552
+#: src/parse_args.c:569
msgid "invalidate timestamp file\n"
msgstr "unieważnienie pliku znacznika czasu\n"
-#: src/parse_args.c:554
+#: src/parse_args.c:571
msgid "list user's available commands\n"
msgstr "wypisanie poleceń dostępnych dla użytkownika\n"
-#: src/parse_args.c:556
+#: src/parse_args.c:573
msgid "non-interactive mode, will not prompt user\n"
msgstr "tryb nieinteraktywny, użytkownik nie będzie pytany\n"
-#: src/parse_args.c:558
+#: src/parse_args.c:575
msgid "preserve group vector instead of setting to target's\n"
msgstr "zachowanie wektora grup zamiast ustawiania docelowych\n"
-#: src/parse_args.c:560
+#: src/parse_args.c:577
msgid "use specified password prompt\n"
msgstr "użycie podanego pytania o hasło\n"
-#: src/parse_args.c:563 src/parse_args.c:571
+#: src/parse_args.c:580 src/parse_args.c:588
msgid "create SELinux security context with specified role\n"
msgstr "utworzenie kontekstu bezpieczeństwa SELinuksa z podaną rolą\n"
-#: src/parse_args.c:566
+#: src/parse_args.c:583
msgid "read password from standard input\n"
msgstr "odczyt hasła ze standardowego wejścia\n"
-#: src/parse_args.c:568
+#: src/parse_args.c:585
msgid "run a shell as target user\n"
msgstr "uruchomienie powłoki jako użytkownik docelowy\n"
-#: src/parse_args.c:574
+#: src/parse_args.c:591
msgid "when listing, list specified user's privileges\n"
msgstr "przy wypisywaniu podanie uprawnień danego użytkownika\n"
-#: src/parse_args.c:576
+#: src/parse_args.c:593
msgid "run command (or edit file) as specified user\n"
msgstr "uruchomienie polecenia (lub modyfikowanie pliku) jako podany użytkownik\n"
-#: src/parse_args.c:578
+#: src/parse_args.c:595
msgid "display version information and exit\n"
msgstr "wyświetlenie informacji o wersji i zakończenie\n"
-#: src/parse_args.c:580
+#: src/parse_args.c:597
msgid "update user's timestamp without running a command\n"
msgstr "uaktualnienie znacznika czasu użytkownika bez uruchamiania polecenia\n"
-#: src/parse_args.c:582
+#: src/parse_args.c:599
msgid "stop processing command line arguments\n"
msgstr "zakończenie przetwarzania argumentów linii poleceń\n"
-#: src/selinux.c:75
+#: src/selinux.c:77
#, c-format
msgid "unable to open audit system"
msgstr "nie udało się otworzyć systemu audytu"
msgid "unable to send audit message"
msgstr "nie udało się wysłać komunikatu audytowego"
-#: src/selinux.c:112
+#: src/selinux.c:113
#, c-format
msgid "unable to fgetfilecon %s"
msgstr "nie udało się wykonać fgetfilecon %s"
-#: src/selinux.c:117
+#: src/selinux.c:118
#, c-format
msgid "%s changed labels"
msgstr "zmienionych etykiet: %s"
-#: src/selinux.c:122
+#: src/selinux.c:123
#, c-format
msgid "unable to restore context for %s"
msgstr "nie udało się przywrócić kontekstu %s"
-#: src/selinux.c:161
+#: src/selinux.c:163
#, c-format
msgid "unable to open %s, not relabeling tty"
msgstr "nie udało się otworzyć %s, bez zmiany etykiety tty"
-#: src/selinux.c:170
+#: src/selinux.c:172
#, c-format
msgid "unable to get current tty context, not relabeling tty"
msgstr "nie udało się uzyskać bieżącego kontekstu tty, bez zmiany etykiety tty"
-#: src/selinux.c:177
+#: src/selinux.c:179
#, c-format
msgid "unable to get new tty context, not relabeling tty"
msgstr "nie udało się uzyskać nowego kontekstu tty, bez zmiany etykiety tty"
-#: src/selinux.c:184
+#: src/selinux.c:186
#, c-format
msgid "unable to set new tty context"
msgstr "nie udało się ustawić nowego kontekstu tty"
-#: src/selinux.c:194 src/selinux.c:207 src/sudo.c:330
-#, c-format
-msgid "unable to open %s"
-msgstr "nie udało się otworzyć %s"
-
-#: src/selinux.c:249
+#: src/selinux.c:252
#, c-format
msgid "you must specify a role for type %s"
msgstr "trzeba podać rolę dla typu %s"
-#: src/selinux.c:255
+#: src/selinux.c:258
#, c-format
msgid "unable to get default type for role %s"
msgstr "nie udało się uzyskać domyślnego typu dla roli %s"
-#: src/selinux.c:273
+#: src/selinux.c:276
#, c-format
msgid "failed to set new role %s"
msgstr "nie udało się ustawić nowej roli %s"
-#: src/selinux.c:277
+#: src/selinux.c:280
#, c-format
msgid "failed to set new type %s"
msgstr "nie udało się ustawić nowego typu %s"
-#: src/selinux.c:286
+#: src/selinux.c:289
#, c-format
msgid "%s is not a valid context"
msgstr "%s nie jest poprawnym kontekstem"
-#: src/selinux.c:320
+#: src/selinux.c:324
#, c-format
msgid "failed to get old_context"
msgstr "nie udało się uzyskać starego kontekstu"
-#: src/selinux.c:326
+#: src/selinux.c:330
#, c-format
msgid "unable to determine enforcing mode."
msgstr "nie udało się określić trybu wymuszenia."
-#: src/selinux.c:338
+#: src/selinux.c:342
#, c-format
msgid "unable to setup tty context for %s"
msgstr "nie udało się ustawić kontekstu tty dla %s"
-#: src/selinux.c:367
+#: src/selinux.c:373
#, c-format
msgid "unable to set exec context to %s"
msgstr "nie udało się ustawić kontekstu wykonywania na %s"
-#: src/selinux.c:374
+#: src/selinux.c:380
#, c-format
msgid "unable to set key creation context to %s"
msgstr "nie udało się ustawić kontekstu tworzenia klucza na %s"
-#: src/sesh.c:48
+#: src/sesh.c:70
+#, c-format
msgid "requires at least one argument"
msgstr "wymagany jest przynajmniej jeden argument"
-#: src/sesh.c:64
+#: src/sesh.c:91
#, c-format
msgid "unable to execute %s"
msgstr "nie udało się wykonać %s"
-#: src/sudo.c:192
-#, c-format
-msgid "must be setuid root"
-msgstr "program musi być setuid root"
-
-#: src/sudo.c:210
+#: src/sudo.c:211
#, c-format
msgid "Sudo version %s\n"
msgstr "Sudo wersja %s\n"
-#: src/sudo.c:212
+#: src/sudo.c:213
#, c-format
msgid "Configure options: %s\n"
msgstr "Opcje konfiguracji: %s\n"
-#: src/sudo.c:217
+#: src/sudo.c:218
#, c-format
msgid "fatal error, unable to load plugins"
msgstr "błąd krytyczny, nie udało się załadować wtyczek"
-#: src/sudo.c:225
+#: src/sudo.c:226
#, c-format
msgid "unable to initialize policy plugin"
msgstr "nie udało się zainicjować wtyczki polityki"
-#: src/sudo.c:280
+#: src/sudo.c:281
#, c-format
msgid "error initializing I/O plugin %s"
msgstr "błąd inicjalizacji wtyczki we/wy %s"
-#: src/sudo.c:307
+#: src/sudo.c:306
#, c-format
msgid "unexpected sudo mode 0x%x"
msgstr "nieoczekiwany tryb sudo 0x%x"
-#: src/sudo.c:356
+#: src/sudo.c:400
#, c-format
msgid "unable to get group vector"
msgstr "nie udało się uzyskać wektora grup"
-#: src/sudo.c:394
+#: src/sudo.c:452
#, c-format
msgid "unknown uid %u: who are you?"
msgstr "nieznany uid %u: kim jesteś?"
-#: src/sudo.c:734
+#: src/sudo.c:760
+#, c-format
+msgid "%s must be owned by uid %d and have the setuid bit set"
+msgstr "%s musi mieć uid %d jako właściciela oraz ustawiony bit setuid"
+
+#: src/sudo.c:763
+#, c-format
+msgid "effective uid is not %d, is %s on a file system with the 'nosuid' option set or an NFS file system without root privileges?"
+msgstr "efektywny uid nie wynosi %d, czy %s jest na systemie plików z opcją 'nosuid' albo systemie plików NFS bez uprawnień roota?"
+
+#: src/sudo.c:769
+#, c-format
+msgid "effective uid is not %d, is sudo installed setuid root?"
+msgstr "efektywny uid nie wynosi %d, czy sudo jest zainstalowane z setuid root?"
+
+#: src/sudo.c:838
#, c-format
msgid "resource control limit has been reached"
msgstr "osiągnięto limit kontroli zasobów"
-#: src/sudo.c:737
+#: src/sudo.c:841
#, c-format
msgid "user \"%s\" is not a member of project \"%s\""
msgstr "użytkownik \"%s\" nie jest członkiem projektu \"%s\""
-#: src/sudo.c:741
+#: src/sudo.c:845
#, c-format
msgid "the invoking task is final"
msgstr "zadanie uruchamiające jest ostatnim"
-#: src/sudo.c:744
+#: src/sudo.c:848
#, c-format
msgid "could not join project \"%s\""
msgstr "nie udało się dołączyć do projektu \"%s\""
-#: src/sudo.c:749
+#: src/sudo.c:853
#, c-format
msgid "no resource pool accepting default bindings exists for project \"%s\""
msgstr "nie istnieje pula zasobów akceptująca domyślne przypisania dla projektu \"%s\""
-#: src/sudo.c:753
+#: src/sudo.c:857
#, c-format
msgid "specified resource pool does not exist for project \"%s\""
msgstr "podana pula zasobów nie istnieje w projekcie \"%s\""
-#: src/sudo.c:757
+#: src/sudo.c:861
#, c-format
msgid "could not bind to default resource pool for project \"%s\""
msgstr "nie można przypisać do domyślnej puli zasobów w projekcie \"%s\""
-#: src/sudo.c:763
+#: src/sudo.c:867
#, c-format
msgid "setproject failed for project \"%s\""
msgstr "setproject dla projektu \"%s\" nie powiodło się"
-#: src/sudo.c:765
+#: src/sudo.c:869
#, c-format
msgid "warning, resource control assignment failed for project \"%s\""
msgstr "uwaga: przypisanie kontroli zasobów dla projektu \"%s\" nie powiodło się"
-#: src/sudo.c:791
-#, c-format
-msgid "unable to remove PRIV_PROC_EXEC from PRIV_LIMIT"
-msgstr "nie udało się usunąć PRIV_PROC_EXEC z PRIV_LIMIT"
-
-#: src/sudo.c:895
+#: src/sudo.c:917
#, c-format
msgid "unknown login class %s"
msgstr "nieznana klasa logowania %s"
-#: src/sudo.c:902 src/sudo.c:905
+#: src/sudo.c:931 src/sudo.c:934
#, c-format
msgid "unable to set user context"
msgstr "nie udało się ustawić kontekstu użytkownika"
-#: src/sudo.c:916
+#: src/sudo.c:946
+#, c-format
+msgid "unable to set supplementary group IDs"
+msgstr "nie udało się ustawić ID dodatkowych grup"
+
+#: src/sudo.c:953
#, c-format
msgid "unable to set effective gid to runas gid %u"
msgstr "nie udało się ustawić efektywnego gid-a w celu działania jako gid %u"
-#: src/sudo.c:921
+#: src/sudo.c:959
#, c-format
msgid "unable to set gid to runas gid %u"
msgstr "nie udało się ustawić gid-a w celu działania jako gid %u"
-#: src/sudo.c:929 src/sudo.c:935
-#, c-format
-msgid "unable to set supplementary group IDs"
-msgstr "nie udało się ustawić ID dodatkowych grup"
-
-#: src/sudo.c:943
+#: src/sudo.c:966
#, c-format
msgid "unable to set process priority"
msgstr "nie udało się ustawić priorytetu procesu"
-#: src/sudo.c:951
+#: src/sudo.c:974
#, c-format
msgid "unable to change root to %s"
msgstr "nie udało się zmienić katalogu głównego na %s"
-#: src/sudo.c:961 src/sudo.c:967 src/sudo.c:973
+#: src/sudo.c:981 src/sudo.c:987 src/sudo.c:993
#, c-format
msgid "unable to change to runas uid (%u, %u)"
msgstr "nie udało się zmienić uid-ów, aby działać jako (%u, %u)"
-#: src/sudo.c:987
+#: src/sudo.c:1007
#, c-format
msgid "unable to change directory to %s"
msgstr "nie udało się zmienić katalogu na %s"
-#: src/sudo.c:1078
+#: src/sudo.c:1079
#, c-format
msgid "unexpected child termination condition: %d"
msgstr "nieoczekiwane zakończenie procesu potomnego: %d"
-#: src/sudo.c:1118
+#: src/sudo.c:1140
#, c-format
msgid "policy plugin %s does not support listing privileges"
msgstr "wtyczka polityki %s nie obsługuje wypisywania uprawnień"
-#: src/sudo.c:1129
+#: src/sudo.c:1152
#, c-format
msgid "policy plugin %s does not support the -v option"
msgstr "wtyczka polityki %s nie obsługuje opcji -v"
-#: src/sudo.c:1140
+#: src/sudo.c:1164
#, c-format
msgid "policy plugin %s does not support the -k/-K options"
msgstr "wtyczka polityki %s nie obsługuje opcji -k/-K"
-#: src/sudo_edit.c:108
+#: src/sudo_edit.c:111
#, c-format
msgid "unable to change uid to root (%u)"
msgstr "nie udało się zmienić uid-a na roota (%u)"
-#: src/sudo_edit.c:140
+#: src/sudo_edit.c:143
#, c-format
msgid "plugin error: missing file list for sudoedit"
msgstr "błąd wtyczki: brak listy plików dla sudoedit"
-#: src/sudo_edit.c:172 src/sudo_edit.c:280
+#: src/sudo_edit.c:171 src/sudo_edit.c:271
#, c-format
msgid "%s: not a regular file"
msgstr "%s: nie jest zwykłym plikiem"
-#: src/sudo_edit.c:206 src/sudo_edit.c:316
+#: src/sudo_edit.c:205 src/sudo_edit.c:307
#, c-format
msgid "%s: short write"
msgstr "%s: skrócony zapis"
-#: src/sudo_edit.c:281
+#: src/sudo_edit.c:272
#, c-format
msgid "%s left unmodified"
msgstr "pozostawiono bez zmian: %s"
-#: src/sudo_edit.c:294
+#: src/sudo_edit.c:285
#, c-format
msgid "%s unchanged"
msgstr "nie zmieniono: %s"
-#: src/sudo_edit.c:306 src/sudo_edit.c:327
+#: src/sudo_edit.c:297 src/sudo_edit.c:318
#, c-format
msgid "unable to write to %s"
msgstr "nie udało się zapisać do %s"
-#: src/sudo_edit.c:307 src/sudo_edit.c:325 src/sudo_edit.c:328
+#: src/sudo_edit.c:298 src/sudo_edit.c:316 src/sudo_edit.c:319
#, c-format
msgid "contents of edit session left in %s"
msgstr "zawartość sesji edycji pozostawiono w %s"
-#: src/sudo_edit.c:324
+#: src/sudo_edit.c:315
#, c-format
msgid "unable to read temporary file"
msgstr "nie udało się odczytać pliku tymczasowego"
-#: src/tgetpass.c:95
+#: src/tgetpass.c:90
#, c-format
msgid "no tty present and no askpass program specified"
msgstr "brak tty i nie podano programu pytającego o hasło"
-#: src/tgetpass.c:104
+#: src/tgetpass.c:99
#, c-format
msgid "no askpass program specified, try setting SUDO_ASKPASS"
msgstr "nie podano programu pytającego o hasło, proszę spróbować ustawić SUDO_ASKPASS"
-#: src/tgetpass.c:234
+#: src/tgetpass.c:231
#, c-format
msgid "unable to set gid to %u"
msgstr "nie udało się ustawić gid-a na %u"
-#: src/tgetpass.c:238
+#: src/tgetpass.c:235
#, c-format
msgid "unable to set uid to %u"
msgstr "nie udało się ustawić uid-a na %u"
-#: src/tgetpass.c:243
+#: src/tgetpass.c:240
#, c-format
msgid "unable to run %s"
msgstr "nie udało się uruchomić %s"
-#: src/utmp.c:263
+#: src/utmp.c:278
#, c-format
msgid "unable to save stdin"
msgstr "nie udało się zapisać standardowego wejścia"
-#: src/utmp.c:265
+#: src/utmp.c:280
#, c-format
msgid "unable to dup2 stdin"
msgstr "nie udało się wykonać dup2 na standardowym wejściu"
-#: src/utmp.c:268
+#: src/utmp.c:283
#, c-format
msgid "unable to restore stdin"
msgstr "nie udało się przywrócić standardowego wejścia"
-
-#: common/aix.c:144
-#, c-format
-msgid "unable to open userdb"
-msgstr "nie udało się otworzyć userdb"
-
-#: common/aix.c:147
-#, c-format
-msgid "unable to switch to registry \"%s\" for %s"
-msgstr "nie udało się przełączyć na rejestr \"%s\" dla %s"
-
-#: common/aix.c:161
-#, c-format
-msgid "unable to restore registry"
-msgstr "nie udało się odtworzyć rejestru"
-
-#: common/alloc.c:82
-#, c-format
-msgid "internal error, tried to emalloc(0)"
-msgstr "błąd wewnętrzny, próbowano wykonać emalloc(0)"
-
-#: common/alloc.c:99
-#, c-format
-msgid "internal error, tried to emalloc2(0)"
-msgstr "błąd wewnętrzny, próbowano wykonać emalloc2(0)"
-
-#: common/alloc.c:101
-#, c-format
-msgid "internal error, emalloc2() overflow"
-msgstr "błąd wewnętrzny, przepełnienie emalloc2()"
-
-#: common/alloc.c:119
-#, c-format
-msgid "internal error, tried to erealloc(0)"
-msgstr "błąd wewnętrzny, próbowano wykonać erealloc(0)"
-
-#: common/alloc.c:138
-#, c-format
-msgid "internal error, tried to erealloc3(0)"
-msgstr "błąd wewnętrzny, próbowano wykonać erealloc3(0)"
-
-#: common/alloc.c:140
-#, c-format
-msgid "internal error, erealloc3() overflow"
-msgstr "błąd wewnętrzny, przepełnienie erealloc3()"
-
-#: compat/strsignal.c:47
-msgid "Unknown signal"
-msgstr "Nieznany sygnał"
# This file is distributed under the same license as the sudo package.
#
# Pavel Maryanov <acid@jack.kiev.ua>, 2011.
-# Yuri Kozlov <yuray@komyakino.ru>, 2011.
+# Yuri Kozlov <yuray@komyakino.ru>, 2011, 2012.
msgid ""
msgstr ""
-"Project-Id-Version: sudo 1.8.2-rc9\n"
+"Project-Id-Version: sudo 1.8.5rc3\n"
"Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n"
-"POT-Creation-Date: 2011-08-05 13:34-0400\n"
-"PO-Revision-Date: 2011-08-09 22:08+0400\n"
+"POT-Creation-Date: 2012-04-24 13:41-0400\n"
+"PO-Revision-Date: 2012-04-30 08:23+0400\n"
"Last-Translator: Yuri Kozlov <yuray@komyakino.ru>\n"
"Language-Team: Russian <gnu@mx.ru>\n"
"Language: \n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
-"X-Generator: Lokalize 1.0\n"
+"X-Generator: Lokalize 1.2\n"
"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n"
+#: common/aix.c:149
+#, c-format
+msgid "unable to open userdb"
+msgstr "не удаётся открыть userdb"
+
+#: common/aix.c:152
+#, c-format
+msgid "unable to switch to registry \"%s\" for %s"
+msgstr "не удаётся переключиться на реестр «%s» для %s"
+
+#: common/aix.c:169
+#, c-format
+msgid "unable to restore registry"
+msgstr "не удаётся восстановить реестр"
+
+#: common/alloc.c:82
+msgid "internal error, tried to emalloc(0)"
+msgstr "внутренняя ошибка, попытка выполнить emalloc(0)"
+
+#: common/alloc.c:85 common/alloc.c:105 common/alloc.c:127 common/alloc.c:146
+#: common/alloc.c:168 common/alloc.c:192 common/alloc.c:256 common/alloc.c:270
+#: src/exec_common.c:111 src/parse_args.c:432 src/sudo.c:456 src/sudo.c:482
+#: src/sudo.c:489 src/sudo.c:500 src/sudo.c:737
+#, c-format
+msgid "unable to allocate memory"
+msgstr "не удаётся выделить память"
+
+#: common/alloc.c:99
+msgid "internal error, tried to emalloc2(0)"
+msgstr "внутренняя ошибка, попытка выполнить emalloc2(0)"
+
+#: common/alloc.c:101
+msgid "internal error, emalloc2() overflow"
+msgstr "внутренняя ошибка, переполнение emalloc2()"
+
+#: common/alloc.c:120
+msgid "internal error, tried to ecalloc(0)"
+msgstr "внутренняя ошибка, попытка выполнить ecalloc(0)"
+
+#: common/alloc.c:123
+msgid "internal error, ecalloc() overflow"
+msgstr "внутренняя ошибка, переполнение ecalloc()"
+
+#: common/alloc.c:142
+msgid "internal error, tried to erealloc(0)"
+msgstr "внутренняя ошибка, попытка выполнить erealloc(0)"
+
+#: common/alloc.c:161 common/alloc.c:185
+msgid "internal error, tried to erealloc3(0)"
+msgstr "внутренняя ошибка, попытка выполнить erealloc3(0)"
+
+#: common/alloc.c:163 common/alloc.c:187
+msgid "internal error, erealloc3() overflow"
+msgstr "внутренняя ошибка, переполнение erealloc3()"
+
+#: common/sudo_conf.c:306
+#, c-format
+msgid "unable to stat %s"
+msgstr "не удалось выполнить вызов stat %s"
+
+#: common/sudo_conf.c:309
+#, c-format
+msgid "%s is not a regular file"
+msgstr "%s не является обычным файлом"
+
+#: common/sudo_conf.c:312
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "%s принадлежит пользователю с uid %u, а должен принадлежать пользователю с uid %u"
+
+#: common/sudo_conf.c:316
+#, c-format
+msgid "%s is world writable"
+msgstr "доступ на запись в %s разрешена всем"
+
+#: common/sudo_conf.c:319
+#, c-format
+msgid "%s is group writable"
+msgstr "доступ на запись в %s разрешена группе"
+
+#: common/sudo_conf.c:328 src/selinux.c:196 src/selinux.c:209 src/sudo.c:331
+#, c-format
+msgid "unable to open %s"
+msgstr "не удаётся открыть %s"
+
+#: compat/strsignal.c:47
+msgid "Unknown signal"
+msgstr "Неизвестный сигнал"
+
#: src/error.c:82 src/error.c:86
msgid ": "
msgstr ": "
-#: src/exec.c:125 src/exec_pty.c:573 src/exec_pty.c:880 src/tgetpass.c:224
+#: src/exec.c:107 src/exec_pty.c:628
+#, c-format
+msgid "policy plugin failed session initialization"
+msgstr "модулю политик не удалось инициализировать сеанс"
+
+#: src/exec.c:112 src/exec_pty.c:633 src/exec_pty.c:967 src/tgetpass.c:221
#, c-format
msgid "unable to fork"
msgstr "не удаётся создать дочерний процесс"
-#: src/exec.c:246
+#: src/exec.c:259
#, c-format
msgid "unable to create sockets"
msgstr "не удаётся создать сокеты"
-#: src/exec.c:253 src/exec_pty.c:526 src/exec_pty.c:534 src/exec_pty.c:541
-#: src/exec_pty.c:826 src/exec_pty.c:877 src/tgetpass.c:221
+#: src/exec.c:266 src/exec_pty.c:572 src/exec_pty.c:581 src/exec_pty.c:589
+#: src/exec_pty.c:902 src/exec_pty.c:964 src/tgetpass.c:218
#, c-format
msgid "unable to create pipe"
msgstr "не удаётся создать канал"
-#: src/exec.c:319 src/exec_pty.c:944 src/exec_pty.c:1077
+#: src/exec.c:351 src/exec_pty.c:1029 src/exec_pty.c:1167
#, c-format
msgid "select failed"
msgstr "ошибка select"
-#: src/exec.c:387
+#: src/exec.c:441
#, c-format
msgid "unable to restore tty label"
msgstr "не удаётся создать восстановить метку tty"
-#: src/exec_pty.c:136
+#: src/exec_common.c:69
+#, c-format
+msgid "unable to remove PRIV_PROC_EXEC from PRIV_LIMIT"
+msgstr "не удаётся удалить PRIV_PROC_EXEC из PRIV_LIMIT"
+
+#: src/exec_pty.c:144
#, c-format
msgid "unable to allocate pty"
msgstr "не удаётся выделить pty"
-#: src/exec_pty.c:566
+#: src/exec_pty.c:619
#, c-format
msgid "unable to set terminal to raw mode"
msgstr "не удаётся перевести терминал в «сырой» режим"
-#: src/exec_pty.c:858
+#: src/exec_pty.c:945
#, c-format
msgid "unable to set controlling tty"
msgstr "не удаётся установить управляющий tty"
-#: src/exec_pty.c:952
+#: src/exec_pty.c:1038
#, c-format
msgid "error reading from signal pipe"
msgstr "ошибка чтения из сигнального канала"
-#: src/exec_pty.c:971
+#: src/exec_pty.c:1059
#, c-format
msgid "error reading from pipe"
msgstr "ошибка чтения из канала"
-#: src/exec_pty.c:987
+#: src/exec_pty.c:1075
#, c-format
msgid "error reading from socketpair"
msgstr "ошибка чтения из пары сокетов"
-#: src/exec_pty.c:991
+#: src/exec_pty.c:1079
#, c-format
msgid "unexpected reply type on backchannel: %d"
msgstr "неожиданный тип ответа в резервном канале: %d"
-#: src/load_plugins.c:158
+#: src/load_plugins.c:79
#, c-format
msgid "%s: %s"
msgstr "%s: %s"
-#: src/load_plugins.c:164
+#: src/load_plugins.c:85
#, c-format
msgid "%s%s: %s"
msgstr "%s%s: %s"
-#: src/load_plugins.c:174
+#: src/load_plugins.c:95
#, c-format
msgid "%s must be owned by uid %d"
msgstr "%s должен принадлежать пользователю с uid %d"
-#: src/load_plugins.c:178
+#: src/load_plugins.c:99
#, c-format
msgid "%s must be only be writable by owner"
msgstr "%s должен быть доступен на запись только владельцу"
-#: src/load_plugins.c:185
+#: src/load_plugins.c:106
#, c-format
msgid "unable to dlopen %s: %s"
msgstr "не удаётся выполнить dlopen для %s: %s"
-#: src/load_plugins.c:190
+#: src/load_plugins.c:111
#, c-format
msgid "%s: unable to find symbol %s"
msgstr "%s: не удаётся найти символ %s"
-#: src/load_plugins.c:196
+#: src/load_plugins.c:117
#, c-format
msgid "%s: unknown policy type %d"
msgstr "%s: неизвестный тип политики %d"
-#: src/load_plugins.c:200
+#: src/load_plugins.c:121
#, c-format
msgid "%s: incompatible policy major version %d, expected %d"
msgstr "%s: несовместимая основная версия политики %d, ожидалась %d"
-#: src/load_plugins.c:207
+#: src/load_plugins.c:128
#, c-format
msgid "%s: only a single policy plugin may be loaded"
msgstr "%s: может быть загружен только один модуль политики"
-#: src/load_plugins.c:225
+#: src/load_plugins.c:148
#, c-format
msgid "%s: at least one policy plugin must be specified"
msgstr "%s: необходимо указать не менее одного модуля политики"
-#: src/load_plugins.c:230
+#: src/load_plugins.c:153
#, c-format
msgid "policy plugin %s does not include a check_policy method"
msgstr "модуль политики %s не содержит метод check_policy"
-#: src/net_ifs.c:155 src/net_ifs.c:164 src/net_ifs.c:176 src/net_ifs.c:185
-#: src/net_ifs.c:295 src/net_ifs.c:319
+#: src/net_ifs.c:157 src/net_ifs.c:166 src/net_ifs.c:178 src/net_ifs.c:187
+#: src/net_ifs.c:298 src/net_ifs.c:322
#, c-format
msgid "load_interfaces: overflow detected"
msgstr "load_interfaces: обнаружено переполнение"
-#: src/net_ifs.c:224
+#: src/net_ifs.c:227
#, c-format
msgid "unable to open socket"
msgstr "не удаётся открыть сокет"
-#: src/parse_args.c:180
+#: src/parse_args.c:187
#, c-format
msgid "the argument to -C must be a number greater than or equal to 3"
msgstr "аргумент для -C должен быть числом, которое больше или равно 3"
-#: src/parse_args.c:192
-#, c-format
-msgid "the argument to -D must be between 1 and 9 inclusive"
-msgstr "аргумент для -D должен быть в диапазоне от 1 до 9 включительно"
-
-#: src/parse_args.c:273
+#: src/parse_args.c:276
#, c-format
msgid "unknown user: %s"
msgstr "неизвестный пользователь: %s"
-#: src/parse_args.c:332
+#: src/parse_args.c:335
#, c-format
msgid "you may not specify both the `-i' and `-s' options"
msgstr "параметры «-i» и «-s» являются взаимоисключающими"
-#: src/parse_args.c:336
+#: src/parse_args.c:339
#, c-format
msgid "you may not specify both the `-i' and `-E' options"
msgstr "параметры «-i» и «-E» являются взаимоисключающими"
-#: src/parse_args.c:346
+#: src/parse_args.c:349
#, c-format
msgid "the `-E' option is not valid in edit mode"
msgstr "параметр «-E» не действует в режиме редактирования"
-#: src/parse_args.c:348
+#: src/parse_args.c:351
#, c-format
msgid "you may not specify environment variables in edit mode"
msgstr "переменные окружения нельзя определять в режиме редактирования"
-#: src/parse_args.c:356
+#: src/parse_args.c:359
#, c-format
msgid "the `-U' option may only be used with the `-l' option"
msgstr "параметр «-U» можно использовать только с параметром «-l»"
-#: src/parse_args.c:360
+#: src/parse_args.c:363
#, c-format
msgid "the `-A' and `-S' options may not be used together"
msgstr "параметры «-A» и «-S» являются взаимоисключающими"
-#: src/parse_args.c:429 src/sudo.c:435 src/sudo.c:455 src/sudo.c:463
-#: src/sudo.c:473 common/alloc.c:85 common/alloc.c:105 common/alloc.c:123
-#: common/alloc.c:145 common/alloc.c:203 common/alloc.c:217
-#, c-format
-msgid "unable to allocate memory"
-msgstr "не удаётся выделить память"
-
-#: src/parse_args.c:442
+#: src/parse_args.c:445
#, c-format
msgid "sudoedit is not supported on this platform"
msgstr "sudoedit не поддерживается на этой платформе"
-#: src/parse_args.c:513
+#: src/parse_args.c:518
#, c-format
msgid "Only one of the -e, -h, -i, -K, -l, -s, -v or -V options may be specified"
msgstr "Можно указать только параметры -e, -h, -i, -K, -l, -s, -v или -V"
-#: src/parse_args.c:526
+#: src/parse_args.c:532
#, c-format
msgid ""
"%s - edit files as another user\n"
"%s — редактирование файлов от имени другого пользователя\n"
"\n"
-#: src/parse_args.c:528
+#: src/parse_args.c:534
#, c-format
msgid ""
"%s - execute a command as another user\n"
"%s — выполнение команд от имени другого пользователя\n"
"\n"
-#: src/parse_args.c:533
+#: src/parse_args.c:539
#, c-format
msgid ""
"\n"
"\n"
"Параметры:\n"
-#: src/parse_args.c:536
+#: src/parse_args.c:542
msgid "use helper program for password prompting\n"
msgstr "использовать вспомогательную программу для ввода пароля\n"
-#: src/parse_args.c:539
+#: src/parse_args.c:545
msgid "use specified BSD authentication type\n"
msgstr "использовать указанный тип проверки подлинности BSD\n"
-#: src/parse_args.c:541
+#: src/parse_args.c:547
msgid "run command in the background\n"
msgstr "выполнить команду в фоновом режиме\n"
-#: src/parse_args.c:543
+#: src/parse_args.c:549
msgid "close all file descriptors >= fd\n"
msgstr "закрыть все дескрипторы файлов >= fd\n"
-#: src/parse_args.c:546
+#: src/parse_args.c:552
msgid "run command with specified login class\n"
msgstr "выполнить команду с указанным классом входа в систему\n"
-#: src/parse_args.c:549
+#: src/parse_args.c:555
msgid "preserve user environment when executing command\n"
msgstr "сохранить пользовательскую среду при выполнении команды\n"
-#: src/parse_args.c:551
+#: src/parse_args.c:557
msgid "edit files instead of running a command\n"
msgstr "редактировать файлы вместо выполнения команды\n"
-#: src/parse_args.c:553
+#: src/parse_args.c:559
msgid "execute command as the specified group\n"
msgstr "выполнить команду от имени указанной группы\n"
-#: src/parse_args.c:555
+#: src/parse_args.c:561
msgid "set HOME variable to target user's home dir.\n"
msgstr "установить для переменной HOME домашний каталог указанного пользователя\n"
-#: src/parse_args.c:557
+#: src/parse_args.c:563
msgid "display help message and exit\n"
msgstr "показать справку и выйти\n"
-#: src/parse_args.c:559
+#: src/parse_args.c:565
msgid "run a login shell as target user\n"
msgstr "запустить оболочку входа в систему от имени указанного пользователя\n"
-#: src/parse_args.c:561
+#: src/parse_args.c:567
msgid "remove timestamp file completely\n"
msgstr "полностью удалить файл timestamp\n"
-#: src/parse_args.c:563
+#: src/parse_args.c:569
msgid "invalidate timestamp file\n"
msgstr "объявить недействительным файл timestamp\n"
-#: src/parse_args.c:565
+#: src/parse_args.c:571
msgid "list user's available commands\n"
msgstr "вывести список команд, доступных пользователю\n"
-#: src/parse_args.c:567
+#: src/parse_args.c:573
msgid "non-interactive mode, will not prompt user\n"
msgstr "автономный режим без не вывода запросов пользователю\n"
-#: src/parse_args.c:569
+#: src/parse_args.c:575
msgid "preserve group vector instead of setting to target's\n"
msgstr "сохранить вектор группы вместо установки целевой группы\n"
-#: src/parse_args.c:571
+#: src/parse_args.c:577
msgid "use specified password prompt\n"
msgstr "использовать указанный запрос пароля\n"
-#: src/parse_args.c:574 src/parse_args.c:582
+#: src/parse_args.c:580 src/parse_args.c:588
msgid "create SELinux security context with specified role\n"
msgstr "создать контекст безопасности SELinux с указанной ролью\n"
-#: src/parse_args.c:577
+#: src/parse_args.c:583
msgid "read password from standard input\n"
msgstr "читать пароль из стандартного ввода\n"
-#: src/parse_args.c:579
+#: src/parse_args.c:585
msgid "run a shell as target user\n"
msgstr "запустить оболочку от имени указанного пользователя\n"
-#: src/parse_args.c:585
+#: src/parse_args.c:591
msgid "when listing, list specified user's privileges\n"
msgstr "при выводе списка показать привилегии пользователя\n"
-#: src/parse_args.c:587
+#: src/parse_args.c:593
msgid "run command (or edit file) as specified user\n"
msgstr "выполнить команду (или редактировать файл) от имени указанного пользователя\n"
-#: src/parse_args.c:589
+#: src/parse_args.c:595
msgid "display version information and exit\n"
msgstr "показать сведения о версии и выйти\n"
-#: src/parse_args.c:591
+#: src/parse_args.c:597
msgid "update user's timestamp without running a command\n"
msgstr "обновить временную метку пользователя без выполнения команды\n"
-#: src/parse_args.c:593
+#: src/parse_args.c:599
msgid "stop processing command line arguments\n"
msgstr "прекратить обработку аргументов командной строки\n"
-#: src/selinux.c:75
+#: src/selinux.c:77
#, c-format
msgid "unable to open audit system"
msgstr "не удаётся открыть систему аудита"
msgid "unable to send audit message"
msgstr "не удаётся отправить сообщение аудита"
-#: src/selinux.c:112
+#: src/selinux.c:113
#, c-format
msgid "unable to fgetfilecon %s"
msgstr "не удаётся выполнить fgetfilecon %s"
-#: src/selinux.c:117
+#: src/selinux.c:118
#, c-format
msgid "%s changed labels"
msgstr "изменено меток: %s"
-#: src/selinux.c:122
+#: src/selinux.c:123
#, c-format
msgid "unable to restore context for %s"
msgstr "не удаётся восстановить контекст для %s"
-#: src/selinux.c:161
+#: src/selinux.c:163
#, c-format
msgid "unable to open %s, not relabeling tty"
msgstr "не удаётся открыть %s, tty без возможности переименования"
-#: src/selinux.c:170
+#: src/selinux.c:172
#, c-format
msgid "unable to get current tty context, not relabeling tty"
msgstr "не удаётся получить контекст текущего tty, tty без возможности переименования"
-#: src/selinux.c:177
+#: src/selinux.c:179
#, c-format
msgid "unable to get new tty context, not relabeling tty"
msgstr "не удаётся получить контекст tty, tty без возможности переименования"
-#: src/selinux.c:184
+#: src/selinux.c:186
#, c-format
msgid "unable to set new tty context"
msgstr "не удаётся установить новый контекст tty"
-#: src/selinux.c:194 src/selinux.c:207 src/sudo.c:323
-#, c-format
-msgid "unable to open %s"
-msgstr "не удаётся открыть %s"
-
-#: src/selinux.c:249
+#: src/selinux.c:252
#, c-format
msgid "you must specify a role for type %s"
msgstr "необходимо указать роль для типа %s"
-#: src/selinux.c:255
+#: src/selinux.c:258
#, c-format
msgid "unable to get default type for role %s"
msgstr "не удаётся получить тип по умолчанию для роли %s"
-#: src/selinux.c:273
+#: src/selinux.c:276
#, c-format
msgid "failed to set new role %s"
msgstr "не удалось установить новую роль %s"
-#: src/selinux.c:277
+#: src/selinux.c:280
#, c-format
msgid "failed to set new type %s"
msgstr "не удалось установить новый тип %s"
-#: src/selinux.c:286
+#: src/selinux.c:289
#, c-format
msgid "%s is not a valid context"
msgstr "%s не является допустимым контекстом"
-#: src/selinux.c:320
+#: src/selinux.c:324
#, c-format
msgid "failed to get old_context"
msgstr "не удалось получить old_context"
-#: src/selinux.c:326
+#: src/selinux.c:330
#, c-format
msgid "unable to determine enforcing mode."
msgstr "не удаётся определить принудительный режим"
-#: src/selinux.c:338
+#: src/selinux.c:342
#, c-format
msgid "unable to setup tty context for %s"
msgstr "не удаётся настроить контекст tty для %s"
-#: src/selinux.c:367
+#: src/selinux.c:373
#, c-format
msgid "unable to set exec context to %s"
msgstr "не удаётся установить для контекста exec значение %s"
-#: src/selinux.c:374
+#: src/selinux.c:380
#, c-format
msgid "unable to set key creation context to %s"
msgstr "не удаётся установить для контекста создания ключа значение %s"
-#: src/sesh.c:48
+#: src/sesh.c:70
+#, c-format
msgid "requires at least one argument"
msgstr "укажите не менее одного аргумента"
-#: src/sesh.c:64
+#: src/sesh.c:91
#, c-format
msgid "unable to execute %s"
msgstr "не удаётся выполнить %s"
-#: src/sudo.c:191
-#, c-format
-msgid "must be setuid root"
-msgstr "требуется setuid пользователя root"
-
-#: src/sudo.c:209
+#: src/sudo.c:211
#, c-format
msgid "Sudo version %s\n"
msgstr "Sudo версия %s\n"
-#: src/sudo.c:211
+#: src/sudo.c:213
#, c-format
msgid "Configure options: %s\n"
msgstr "Параметры настройки: %s\n"
-#: src/sudo.c:216
+#: src/sudo.c:218
#, c-format
msgid "fatal error, unable to load plugins"
msgstr "фатальная ошибка, не удалось загрузить модули"
-#: src/sudo.c:224
+#: src/sudo.c:226
#, c-format
msgid "unable to initialize policy plugin"
msgstr "не удаётся инициализировать модуль политики"
-#: src/sudo.c:279
+#: src/sudo.c:281
#, c-format
msgid "error initializing I/O plugin %s"
msgstr "ошибка инициализации модуля ввода-вывода %s"
-#: src/sudo.c:300
+#: src/sudo.c:306
#, c-format
msgid "unexpected sudo mode 0x%x"
msgstr "неожиданный режим sudo: 0x%x"
-#: src/sudo.c:389
+#: src/sudo.c:400
#, c-format
msgid "unable to get group vector"
msgstr "не удаётся получить вектор группы"
-#: src/sudo.c:431
+#: src/sudo.c:452
#, c-format
msgid "unknown uid %u: who are you?"
msgstr "неизвестный uid %u: кто вы?"
-#: src/sudo.c:773
+#: src/sudo.c:760
+#, c-format
+msgid "%s must be owned by uid %d and have the setuid bit set"
+msgstr "%s должен принадлежать пользователю с uid %d и иметь бит setuid"
+
+#: src/sudo.c:763
+#, c-format
+msgid "effective uid is not %d, is %s on a file system with the 'nosuid' option set or an NFS file system without root privileges?"
+msgstr "эффективный uid не равен %d, возможно, %s находится в файловой системе, смонтированной с битом «nosuid» или в файловой системе NFS без прав суперпользователя?"
+
+#: src/sudo.c:769
+#, c-format
+msgid "effective uid is not %d, is sudo installed setuid root?"
+msgstr "эффективный uid не равен %d, программа sudo установлена с битом setuid и принадлежит root?"
+
+#: src/sudo.c:838
#, c-format
msgid "resource control limit has been reached"
msgstr "достигнут лимит управления ресурсами"
-#: src/sudo.c:776
+#: src/sudo.c:841
#, c-format
msgid "user \"%s\" is not a member of project \"%s\""
msgstr "пользователь «%s» не является членом проекта «%s»"
-#: src/sudo.c:780
+#: src/sudo.c:845
#, c-format
msgid "the invoking task is final"
msgstr "вызывающе задание — последнее"
-#: src/sudo.c:783
+#: src/sudo.c:848
#, c-format
msgid "could not join project \"%s\""
msgstr "не удалось присоединиться к проекту «%s»"
-#: src/sudo.c:788
+#: src/sudo.c:853
#, c-format
msgid "no resource pool accepting default bindings exists for project \"%s\""
msgstr "для проекта «%s» не существует пула ресурсов, принимающих привязки по умолчанию"
-#: src/sudo.c:792
+#: src/sudo.c:857
#, c-format
msgid "specified resource pool does not exist for project \"%s\""
msgstr "у проекта «%s» нет указанного пула ресурсов"
-#: src/sudo.c:796
+#: src/sudo.c:861
#, c-format
msgid "could not bind to default resource pool for project \"%s\""
msgstr "не удаётся подключиться к пулу ресурсов по умолчанию проекта «%s»"
-#: src/sudo.c:802
+#: src/sudo.c:867
#, c-format
msgid "setproject failed for project \"%s\""
msgstr "setproject завершилась с ошибкой для проекта «%s»"
-#: src/sudo.c:804
+#: src/sudo.c:869
#, c-format
msgid "warning, resource control assignment failed for project \"%s\""
msgstr "предупреждение: назначение контроля за ресурсами завершилось с ошибкой для проекта «%s»"
-#: src/sudo.c:832
-#, c-format
-msgid "unable to remove PRIV_PROC_EXEC from PRIV_LIMIT"
-msgstr "не удаётся удалить PRIV_PROC_EXEC из PRIV_LIMIT"
-
-#: src/sudo.c:938
+#: src/sudo.c:917
#, c-format
msgid "unknown login class %s"
msgstr "неизвестный класс входа %s"
-#: src/sudo.c:945 src/sudo.c:948
+#: src/sudo.c:931 src/sudo.c:934
#, c-format
msgid "unable to set user context"
msgstr "не удаётся назначить контекст пользователя"
-#: src/sudo.c:959
+#: src/sudo.c:946
+#, c-format
+msgid "unable to set supplementary group IDs"
+msgstr "не удаётся назначить дополнительные идентификаторы групп"
+
+#: src/sudo.c:953
#, c-format
msgid "unable to set effective gid to runas gid %u"
msgstr "не удаётся назначить эффективный gid на runas gid %u"
-#: src/sudo.c:964
+#: src/sudo.c:959
#, c-format
msgid "unable to set gid to runas gid %u"
msgstr "не удаётся назначить gid на runas gid %u"
-#: src/sudo.c:971
-#, c-format
-msgid "unable to set supplementary group IDs"
-msgstr "не удаётся назначить дополнительные идентификаторы групп"
-
-#: src/sudo.c:979
+#: src/sudo.c:966
#, c-format
msgid "unable to set process priority"
msgstr "не удаётся назначить приоритет процесса"
-#: src/sudo.c:987
+#: src/sudo.c:974
#, c-format
msgid "unable to change root to %s"
msgstr "не удаётся изменить root на %s"
-#: src/sudo.c:997 src/sudo.c:1003 src/sudo.c:1009
+#: src/sudo.c:981 src/sudo.c:987 src/sudo.c:993
#, c-format
msgid "unable to change to runas uid (%u, %u)"
msgstr "не удаётся изменить на runas uid (%u, %u)"
-#: src/sudo.c:1023
+#: src/sudo.c:1007
#, c-format
msgid "unable to change directory to %s"
msgstr "не удаётся сменить каталог на %s"
-#: src/sudo.c:1090
+#: src/sudo.c:1079
#, c-format
msgid "unexpected child termination condition: %d"
msgstr "неожиданное условие завершения потомка: %d"
-#: src/sudo.c:1130
+#: src/sudo.c:1140
#, c-format
msgid "policy plugin %s does not support listing privileges"
msgstr "модуль политики %s не поддерживает списка прав"
-#: src/sudo.c:1141
+#: src/sudo.c:1152
#, c-format
msgid "policy plugin %s does not support the -v option"
msgstr "модуль политики %s не поддерживает параметр -v"
-#: src/sudo.c:1152
+#: src/sudo.c:1164
#, c-format
msgid "policy plugin %s does not support the -k/-K options"
msgstr "модуль политики %s не поддерживает параметры -k/-K"
-#: src/sudo_edit.c:108
+#: src/sudo_edit.c:111
#, c-format
msgid "unable to change uid to root (%u)"
msgstr "Не удалось изменить uid на root (%u)"
-#: src/sudo_edit.c:140
+#: src/sudo_edit.c:143
#, c-format
msgid "plugin error: missing file list for sudoedit"
msgstr "ошибка модуля: отсутствует список файлов для sudoedit"
-#: src/sudo_edit.c:172 src/sudo_edit.c:280
+#: src/sudo_edit.c:171 src/sudo_edit.c:271
#, c-format
msgid "%s: not a regular file"
msgstr "%s: не обычный файл"
-#: src/sudo_edit.c:206 src/sudo_edit.c:316
+#: src/sudo_edit.c:205 src/sudo_edit.c:307
#, c-format
msgid "%s: short write"
msgstr "%s: неполная запись"
-#: src/sudo_edit.c:281
+#: src/sudo_edit.c:272
#, c-format
msgid "%s left unmodified"
msgstr "%s осталось неизменным"
-#: src/sudo_edit.c:294
+#: src/sudo_edit.c:285
#, c-format
msgid "%s unchanged"
msgstr "%s не изменено"
-#: src/sudo_edit.c:306 src/sudo_edit.c:327
+#: src/sudo_edit.c:297 src/sudo_edit.c:318
#, c-format
msgid "unable to write to %s"
msgstr "не удаётся записать в %s"
-#: src/sudo_edit.c:307 src/sudo_edit.c:325 src/sudo_edit.c:328
+#: src/sudo_edit.c:298 src/sudo_edit.c:316 src/sudo_edit.c:319
#, c-format
msgid "contents of edit session left in %s"
msgstr "содержимое сеанса редактирования сохранено в %s"
-#: src/sudo_edit.c:324
+#: src/sudo_edit.c:315
#, c-format
msgid "unable to read temporary file"
msgstr "не удаётся прочесть временный файл"
-#: src/tgetpass.c:95
+#: src/tgetpass.c:90
#, c-format
msgid "no tty present and no askpass program specified"
msgstr "нет tty и не указана программа askpass"
-#: src/tgetpass.c:104
+#: src/tgetpass.c:99
#, c-format
msgid "no askpass program specified, try setting SUDO_ASKPASS"
msgstr "не указана программа askpass, попробуйте задать значение в SUDO_ASKPASS"
-#: src/tgetpass.c:234
+#: src/tgetpass.c:231
#, c-format
msgid "unable to set gid to %u"
msgstr "не удаётся назначить gid равным %u"
-#: src/tgetpass.c:238
+#: src/tgetpass.c:235
#, c-format
msgid "unable to set uid to %u"
msgstr "не удаётся назначить uid равным %u"
-#: src/tgetpass.c:243
+#: src/tgetpass.c:240
#, c-format
msgid "unable to run %s"
msgstr "не удаётся выполнить %s"
-#: src/utmp.c:263
+#: src/utmp.c:278
#, c-format
msgid "unable to save stdin"
msgstr "не удаётся сохранить стандартный ввод"
-#: src/utmp.c:265
+#: src/utmp.c:280
#, c-format
msgid "unable to dup2 stdin"
msgstr "не удаётся выполнить dup2 для стандартного ввода"
-#: src/utmp.c:268
+#: src/utmp.c:283
#, c-format
msgid "unable to restore stdin"
msgstr "не удаётся восстановить стандартный ввод"
-#: common/aix.c:144
-#, c-format
-msgid "unable to open userdb"
-msgstr "не удаётся открыть userdb"
-
-#: common/aix.c:147
-#, c-format
-msgid "unable to switch to registry \"%s\" for %s"
-msgstr "не удаётся переключиться на реестр «%s» для %s"
-
-#: common/aix.c:161
-#, c-format
-msgid "unable to restore registry"
-msgstr "не удаётся восстановить реестр"
-
-#: common/alloc.c:82
-#, c-format
-msgid "internal error, tried to emalloc(0)"
-msgstr "внутренняя ошибка, попытка выполнить emalloc(0)"
-
-#: common/alloc.c:99
-#, c-format
-msgid "internal error, tried to emalloc2(0)"
-msgstr "внутренняя ошибка, попытка выполнить emalloc2(0)"
-
-#: common/alloc.c:101
-#, c-format
-msgid "internal error, emalloc2() overflow"
-msgstr "внутренняя ошибка, переполнение emalloc2()"
+#~ msgid "must be setuid root"
+#~ msgstr "требуется setuid пользователя root"
-#: common/alloc.c:119
-#, c-format
-msgid "internal error, tried to erealloc(0)"
-msgstr "внутренняя ошибка, попытка выполнить erealloc(0)"
-
-#: common/alloc.c:138
-#, c-format
-msgid "internal error, tried to erealloc3(0)"
-msgstr "внутренняя ошибка, попытка выполнить erealloc3(0)"
-
-#: common/alloc.c:140
-#, c-format
-msgid "internal error, erealloc3() overflow"
-msgstr "внутренняя ошибка, переполнение erealloc3()"
-
-#: compat/strsignal.c:47
-msgid "Unknown signal"
-msgstr "Неизвестный сигнал"
+#~ msgid "the argument to -D must be between 1 and 9 inclusive"
+#~ msgstr "аргумент для -D должен быть в диапазоне от 1 до 9 включительно"
# Language sudo-1 translations for sudo package.
# This file is put in the public domain.
-# Мирослав Николић <miroslavnikolic@rocketmail.com>, 2011.
+# Мирослав Николић <miroslavnikolic@rocketmail.com>, 2011, 2012.
msgid ""
msgstr ""
-"Project-Id-Version: sudo 1.8.3rc1\n"
+"Project-Id-Version: sudo 1.8.5rc3\n"
"Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n"
-"POT-Creation-Date: 2011-09-16 13:37-0400\n"
-"PO-Revision-Date: 2011-11-30 12:17+0200\n"
+"POT-Creation-Date: 2012-04-24 13:41-0400\n"
+"PO-Revision-Date: 2012-05-02 10:11+0200\n"
"Last-Translator: Мирослав Николић <miroslavnikolic@rocketmail.com>\n"
"Language-Team: Serbian <gnu@prevod.org>\n"
"Language: sr\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n"
-"X-Generator: Virtaal 0.6.1\n"
+
+#: common/aix.c:149
+#, c-format
+msgid "unable to open userdb"
+msgstr "не могу да отворим корисничку базу података"
+
+#: common/aix.c:152
+#, c-format
+msgid "unable to switch to registry \"%s\" for %s"
+msgstr "не могу да се пребацим на регистар „%s“ за %s"
+
+#: common/aix.c:169
+#, c-format
+msgid "unable to restore registry"
+msgstr "не могу да повратим регистар"
+
+#: common/alloc.c:82
+msgid "internal error, tried to emalloc(0)"
+msgstr "унутрашња грешка, покушах да обавим „emalloc(0)“"
+
+#: common/alloc.c:85 common/alloc.c:105 common/alloc.c:127 common/alloc.c:146
+#: common/alloc.c:168 common/alloc.c:192 common/alloc.c:256 common/alloc.c:270
+#: src/exec_common.c:111 src/parse_args.c:432 src/sudo.c:456 src/sudo.c:482
+#: src/sudo.c:489 src/sudo.c:500 src/sudo.c:737
+#, c-format
+msgid "unable to allocate memory"
+msgstr "не могу да доделим меморију"
+
+#: common/alloc.c:99
+msgid "internal error, tried to emalloc2(0)"
+msgstr "унутрашња грешка, покушах да обавим „emalloc2(0)“"
+
+#: common/alloc.c:101
+msgid "internal error, emalloc2() overflow"
+msgstr "унутрашња грешка, прекорачење функције „emalloc2()“"
+
+#: common/alloc.c:120
+msgid "internal error, tried to ecalloc(0)"
+msgstr "унутрашња грешка, покушах „ecalloc(0)“"
+
+#: common/alloc.c:123
+msgid "internal error, ecalloc() overflow"
+msgstr "унутрашња грешка, прекорачење функције „ecalloc()“"
+
+#: common/alloc.c:142
+msgid "internal error, tried to erealloc(0)"
+msgstr "унутрашња грешка, покушах да обавим „erealloc(0)“"
+
+#: common/alloc.c:161 common/alloc.c:185
+msgid "internal error, tried to erealloc3(0)"
+msgstr "унутрашња грешка, покушах да обавим „erealloc3(0)“"
+
+#: common/alloc.c:163 common/alloc.c:187
+msgid "internal error, erealloc3() overflow"
+msgstr "унутрашња грешка, прекорачење функције „erealloc3()“"
+
+#: common/sudo_conf.c:306
+#, c-format
+msgid "unable to stat %s"
+msgstr "не могу да добијем податке о „%s“"
+
+#: common/sudo_conf.c:309
+#, c-format
+msgid "%s is not a regular file"
+msgstr "„%s“ није обична датотека"
+
+#: common/sudo_conf.c:312
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "%s је у власништву уиб-а %u, а треба бити %u"
+
+#: common/sudo_conf.c:316
+#, c-format
+msgid "%s is world writable"
+msgstr "%s је светски уписив"
+
+#: common/sudo_conf.c:319
+#, c-format
+msgid "%s is group writable"
+msgstr "%s је групно уписив"
+
+#: common/sudo_conf.c:328 src/selinux.c:196 src/selinux.c:209 src/sudo.c:331
+#, c-format
+msgid "unable to open %s"
+msgstr "не могу да отворим %s"
+
+#: compat/strsignal.c:47
+msgid "Unknown signal"
+msgstr "Непознати сигнал"
#: src/error.c:82 src/error.c:86
msgid ": "
msgstr ": "
-#: src/exec.c:125 src/exec_pty.c:573 src/exec_pty.c:880 src/tgetpass.c:224
+#: src/exec.c:107 src/exec_pty.c:628
+#, c-format
+msgid "policy plugin failed session initialization"
+msgstr "није успело покретање сесије прикључка политике"
+
+#: src/exec.c:112 src/exec_pty.c:633 src/exec_pty.c:967 src/tgetpass.c:221
#, c-format
msgid "unable to fork"
msgstr "не могу да поделим"
-#: src/exec.c:246
+#: src/exec.c:259
#, c-format
msgid "unable to create sockets"
msgstr "не могу да направим утичнице"
-#: src/exec.c:253 src/exec_pty.c:526 src/exec_pty.c:534 src/exec_pty.c:541
-#: src/exec_pty.c:826 src/exec_pty.c:877 src/tgetpass.c:221
+#: src/exec.c:266 src/exec_pty.c:572 src/exec_pty.c:581 src/exec_pty.c:589
+#: src/exec_pty.c:902 src/exec_pty.c:964 src/tgetpass.c:218
#, c-format
msgid "unable to create pipe"
msgstr "не могу да направим спојку"
-#: src/exec.c:319 src/exec_pty.c:944 src/exec_pty.c:1077
+#: src/exec.c:351 src/exec_pty.c:1029 src/exec_pty.c:1167
#, c-format
msgid "select failed"
msgstr "избор није успео"
-#: src/exec.c:387
+#: src/exec.c:441
#, c-format
msgid "unable to restore tty label"
msgstr "не могу да повратим tty натпис"
-#: src/exec_pty.c:136
+#: src/exec_common.c:69
+#, c-format
+msgid "unable to remove PRIV_PROC_EXEC from PRIV_LIMIT"
+msgstr "не могу да уклоним PRIV_PROC_EXEC из PRIV_LIMIT"
+
+#: src/exec_pty.c:144
#, c-format
msgid "unable to allocate pty"
msgstr "не могу да доделим pty"
-#: src/exec_pty.c:566
+#: src/exec_pty.c:619
#, c-format
msgid "unable to set terminal to raw mode"
msgstr "не могу да подесим терминал у сирови режим"
-#: src/exec_pty.c:858
+#: src/exec_pty.c:945
#, c-format
msgid "unable to set controlling tty"
msgstr "не могу да подесим контролисање tty"
-#: src/exec_pty.c:952
+#: src/exec_pty.c:1038
#, c-format
msgid "error reading from signal pipe"
msgstr "грешка у читању из спојке сигнала"
-#: src/exec_pty.c:971
+#: src/exec_pty.c:1059
#, c-format
msgid "error reading from pipe"
msgstr "грешка у читању из спојке"
-#: src/exec_pty.c:987
+#: src/exec_pty.c:1075
#, c-format
msgid "error reading from socketpair"
msgstr "грешка у читању из пара прикључка"
-#: src/exec_pty.c:991
+#: src/exec_pty.c:1079
#, c-format
msgid "unexpected reply type on backchannel: %d"
msgstr "неочекивана врста одговора на повратном каналу: %d"
-#: src/load_plugins.c:158
+#: src/load_plugins.c:79
#, c-format
msgid "%s: %s"
msgstr "%s: %s"
-#: src/load_plugins.c:164
+#: src/load_plugins.c:85
#, c-format
msgid "%s%s: %s"
msgstr "%s%s: %s"
-#: src/load_plugins.c:174
+#: src/load_plugins.c:95
#, c-format
msgid "%s must be owned by uid %d"
msgstr "%s мора бити у власништву уида %d"
-#: src/load_plugins.c:178
+#: src/load_plugins.c:99
#, c-format
msgid "%s must be only be writable by owner"
msgstr "%s мора бити уписив само од стране власника"
-#: src/load_plugins.c:185
+#: src/load_plugins.c:106
#, c-format
msgid "unable to dlopen %s: %s"
msgstr "не могу да дл-отворим %s: %s"
-#: src/load_plugins.c:190
+#: src/load_plugins.c:111
#, c-format
msgid "%s: unable to find symbol %s"
msgstr "%s: не могу да пронађем симбол %s"
-#: src/load_plugins.c:196
+#: src/load_plugins.c:117
#, c-format
msgid "%s: unknown policy type %d"
msgstr "%s: непозната врста сигурности %d"
-#: src/load_plugins.c:200
+#: src/load_plugins.c:121
#, c-format
msgid "%s: incompatible policy major version %d, expected %d"
msgstr "%s: несагласно главно издање сигурности %d, очекивано је %d"
-#: src/load_plugins.c:207
+#: src/load_plugins.c:128
#, c-format
msgid "%s: only a single policy plugin may be loaded"
msgstr "%s: само прикључак самосталне сигурности може бити учитан"
-#: src/load_plugins.c:225
+#: src/load_plugins.c:148
#, c-format
msgid "%s: at least one policy plugin must be specified"
msgstr "%s: барем један прикључак сигурности мора бити наведен"
-#: src/load_plugins.c:230
+#: src/load_plugins.c:153
#, c-format
msgid "policy plugin %s does not include a check_policy method"
msgstr "прикључак сигурности %s не садржи метод провере_сигурности"
-#: src/net_ifs.c:155 src/net_ifs.c:164 src/net_ifs.c:176 src/net_ifs.c:185
-#: src/net_ifs.c:295 src/net_ifs.c:319
+#: src/net_ifs.c:157 src/net_ifs.c:166 src/net_ifs.c:178 src/net_ifs.c:187
+#: src/net_ifs.c:298 src/net_ifs.c:322
#, c-format
msgid "load_interfaces: overflow detected"
msgstr "учитај_сучеља: откривено је прекорачење"
-#: src/net_ifs.c:224
+#: src/net_ifs.c:227
#, c-format
msgid "unable to open socket"
msgstr "не могу да отворим утичницу"
-#: src/parse_args.c:180
+#: src/parse_args.c:187
#, c-format
msgid "the argument to -C must be a number greater than or equal to 3"
msgstr "аргумент уз -C мора бити број већи или једнак 3"
-#: src/parse_args.c:192
-#, c-format
-msgid "the argument to -D must be between 1 and 9 inclusive"
-msgstr "аргумент уз -D мора бити између 1 и 9 укључујући"
-
-#: src/parse_args.c:273
+#: src/parse_args.c:276
#, c-format
msgid "unknown user: %s"
msgstr "непознат корисник: %s"
-#: src/parse_args.c:332
+#: src/parse_args.c:335
#, c-format
msgid "you may not specify both the `-i' and `-s' options"
msgstr "не можете да наведете обе опције „-i“ и „-s“"
-#: src/parse_args.c:336
+#: src/parse_args.c:339
#, c-format
msgid "you may not specify both the `-i' and `-E' options"
msgstr "не можете да наведете обе опције „-i“ и „-E“"
-#: src/parse_args.c:346
+#: src/parse_args.c:349
#, c-format
msgid "the `-E' option is not valid in edit mode"
msgstr "опција „-E“ није исправна у режиму уређивања"
-#: src/parse_args.c:348
+#: src/parse_args.c:351
#, c-format
msgid "you may not specify environment variables in edit mode"
msgstr "не можете да одредите променљиве окружења у режиму уређивања"
-#: src/parse_args.c:356
+#: src/parse_args.c:359
#, c-format
msgid "the `-U' option may only be used with the `-l' option"
msgstr "опција „-U“ може бити коришћена само са опцијом „-l“"
-#: src/parse_args.c:360
+#: src/parse_args.c:363
#, c-format
msgid "the `-A' and `-S' options may not be used together"
msgstr "опције „-A“ и „-S“ не могу бити коришћене заједно"
-#: src/parse_args.c:429 src/sudo.c:435 src/sudo.c:455 src/sudo.c:463
-#: src/sudo.c:473 common/alloc.c:85 common/alloc.c:105 common/alloc.c:123
-#: common/alloc.c:145 common/alloc.c:203 common/alloc.c:217
-#, c-format
-msgid "unable to allocate memory"
-msgstr "не могу да доделим меморију"
-
-#: src/parse_args.c:442
+#: src/parse_args.c:445
#, c-format
msgid "sudoedit is not supported on this platform"
msgstr "„sudoedit“ није подржано на овој платформи"
-#: src/parse_args.c:513
+#: src/parse_args.c:518
#, c-format
msgid "Only one of the -e, -h, -i, -K, -l, -s, -v or -V options may be specified"
-msgstr "Само једна од опција -e, -h, -i, -K, -l, -s, -v или -V може бити наведена "
+msgstr "Само једна од опција -e, -h, -i, -K, -l, -s, -v или -V може бити наведена"
-#: src/parse_args.c:526
+#: src/parse_args.c:532
#, c-format
msgid ""
"%s - edit files as another user\n"
"%s — уредите датотеке као други корисник\n"
"\n"
-#: src/parse_args.c:528
+#: src/parse_args.c:534
#, c-format
msgid ""
"%s - execute a command as another user\n"
"%s — извршите наредбу као други корисник\n"
"\n"
-#: src/parse_args.c:533
+#: src/parse_args.c:539
#, c-format
msgid ""
"\n"
"\n"
"Опције:\n"
-#: src/parse_args.c:536
+#: src/parse_args.c:542
msgid "use helper program for password prompting\n"
msgstr "користите програм испомоћи за упит лозинке\n"
-#: src/parse_args.c:539
+#: src/parse_args.c:545
msgid "use specified BSD authentication type\n"
msgstr "користи наведену врсту БСД потврде идентитета\n"
-#: src/parse_args.c:541
+#: src/parse_args.c:547
msgid "run command in the background\n"
msgstr "покреће наредбу у позадини\n"
-#: src/parse_args.c:543
+#: src/parse_args.c:549
msgid "close all file descriptors >= fd\n"
msgstr "затвара све описнике датотеке >= fd\n"
-#: src/parse_args.c:546
+#: src/parse_args.c:552
msgid "run command with specified login class\n"
msgstr "покреће наредбу са наведеном класом пријаве\n"
-#: src/parse_args.c:549
+#: src/parse_args.c:555
msgid "preserve user environment when executing command\n"
msgstr "чува корисничко окружење приликом извршавања наредбе\n"
-#: src/parse_args.c:551
+#: src/parse_args.c:557
msgid "edit files instead of running a command\n"
msgstr "уређује датотеке уместо да изврши наредбу\n"
-#: src/parse_args.c:553
+#: src/parse_args.c:559
msgid "execute command as the specified group\n"
msgstr "извршава наредбу као наведену групу\n"
-#: src/parse_args.c:555
+#: src/parse_args.c:561
msgid "set HOME variable to target user's home dir.\n"
msgstr "подешава променљиву ЛИЧНО у циљну корисничку личну фасциклу.\n"
-#: src/parse_args.c:557
+#: src/parse_args.c:563
msgid "display help message and exit\n"
msgstr "приказује поруку помоћи и излази\n"
-#: src/parse_args.c:559
+#: src/parse_args.c:565
msgid "run a login shell as target user\n"
msgstr "покреће љуску пријаве као крајњи корисник\n"
-#: src/parse_args.c:561
+#: src/parse_args.c:567
msgid "remove timestamp file completely\n"
msgstr "потпуно уклања датотеку записа датума и времена\n"
-#: src/parse_args.c:563
+#: src/parse_args.c:569
msgid "invalidate timestamp file\n"
msgstr "чини неисправном датотеку датума и времена\n"
-#: src/parse_args.c:565
+#: src/parse_args.c:571
msgid "list user's available commands\n"
msgstr "наводи наредбе доступне кориснику\n"
-#: src/parse_args.c:567
+#: src/parse_args.c:573
msgid "non-interactive mode, will not prompt user\n"
msgstr "немеђудејствени режим, неће питати корисника\n"
-#: src/parse_args.c:569
+#: src/parse_args.c:575
msgid "preserve group vector instead of setting to target's\n"
msgstr "чува вектор групе уместо да подеси на циљеве\n"
-#: src/parse_args.c:571
+#: src/parse_args.c:577
msgid "use specified password prompt\n"
msgstr "користи наведени упит лозинке\n"
-#: src/parse_args.c:574 src/parse_args.c:582
+#: src/parse_args.c:580 src/parse_args.c:588
msgid "create SELinux security context with specified role\n"
msgstr "ствара СЕЛинукс сигурносни контекст са наведеном улогом\n"
-#: src/parse_args.c:577
+#: src/parse_args.c:583
msgid "read password from standard input\n"
msgstr "чита лозинку са стандардног улаза\n"
-#: src/parse_args.c:579
+#: src/parse_args.c:585
msgid "run a shell as target user\n"
msgstr "покреће љуску као крајњи корисник\n"
-#: src/parse_args.c:585
+#: src/parse_args.c:591
msgid "when listing, list specified user's privileges\n"
msgstr "када прави списак, исписује наведене привилегије корисника\n"
-#: src/parse_args.c:587
+#: src/parse_args.c:593
msgid "run command (or edit file) as specified user\n"
msgstr "покреће наредбу (или уређује датотеку) као наведени корисник\n"
-#: src/parse_args.c:589
+#: src/parse_args.c:595
msgid "display version information and exit\n"
msgstr "приказује податке о издању и излази\n"
-#: src/parse_args.c:591
+#: src/parse_args.c:597
msgid "update user's timestamp without running a command\n"
msgstr "освежава кориснички запис датума и времена без покретања наредбе\n"
-#: src/parse_args.c:593
+#: src/parse_args.c:599
msgid "stop processing command line arguments\n"
msgstr "зауставља обрађивање аргумената линије наредби\n"
-#: src/selinux.c:75
+#: src/selinux.c:77
#, c-format
msgid "unable to open audit system"
msgstr "не могу да отворим аудит систем"
msgid "unable to send audit message"
msgstr "не могу да пошаљем аудит поруку"
-#: src/selinux.c:112
+#: src/selinux.c:113
#, c-format
msgid "unable to fgetfilecon %s"
msgstr "не могу да добавим контекст отворене датотеке %s"
-#: src/selinux.c:117
+#: src/selinux.c:118
#, c-format
msgid "%s changed labels"
msgstr "%s измењена натписа"
-#: src/selinux.c:122
+#: src/selinux.c:123
#, c-format
msgid "unable to restore context for %s"
msgstr "не могу да повратим контекст за %s"
-#: src/selinux.c:161
+#: src/selinux.c:163
#, c-format
msgid "unable to open %s, not relabeling tty"
msgstr "не могу да отворим %s, није тту за поновно натписивање"
-#: src/selinux.c:170
+#: src/selinux.c:172
#, c-format
msgid "unable to get current tty context, not relabeling tty"
msgstr "не могу да добавим текући тту контекст, није тту за поновно натписивање"
-#: src/selinux.c:177
+#: src/selinux.c:179
#, c-format
msgid "unable to get new tty context, not relabeling tty"
msgstr "не могу да добавим нови тту контекст, није тту за поновно натписивање"
-#: src/selinux.c:184
+#: src/selinux.c:186
#, c-format
msgid "unable to set new tty context"
msgstr "не могу да подесим нови тту контекст"
-#: src/selinux.c:194 src/selinux.c:207 src/sudo.c:323
-#, c-format
-msgid "unable to open %s"
-msgstr "не могу да отворим %s"
-
-#: src/selinux.c:249
+#: src/selinux.c:252
#, c-format
msgid "you must specify a role for type %s"
msgstr "морате да наведете улогу за врсту %s"
-#: src/selinux.c:255
+#: src/selinux.c:258
#, c-format
msgid "unable to get default type for role %s"
msgstr "не могу да добавим основну врсту за улогу %s"
-#: src/selinux.c:273
+#: src/selinux.c:276
#, c-format
msgid "failed to set new role %s"
msgstr "нисам успео да подесим нову улогу %s"
-#: src/selinux.c:277
+#: src/selinux.c:280
#, c-format
msgid "failed to set new type %s"
msgstr "нисам успео да подесим нову врсту %s"
-#: src/selinux.c:286
+#: src/selinux.c:289
#, c-format
msgid "%s is not a valid context"
msgstr "%s није исправан контекст"
-#: src/selinux.c:320
+#: src/selinux.c:324
#, c-format
msgid "failed to get old_context"
msgstr "нисам успео да добавим стари_контекст"
-#: src/selinux.c:326
+#: src/selinux.c:330
#, c-format
msgid "unable to determine enforcing mode."
msgstr "не могу да одредим режим присиљавања."
-#: src/selinux.c:338
+#: src/selinux.c:342
#, c-format
msgid "unable to setup tty context for %s"
msgstr "не могу да подесим тту контекст за %s"
-#: src/selinux.c:367
+#: src/selinux.c:373
#, c-format
msgid "unable to set exec context to %s"
msgstr "не могу да подесим извршни контекст за %s"
-#: src/selinux.c:374
+#: src/selinux.c:380
#, c-format
msgid "unable to set key creation context to %s"
msgstr "не могу да подесим контекст стварања кључа за %s"
-#: src/sesh.c:48
+#: src/sesh.c:70
+#, c-format
msgid "requires at least one argument"
msgstr "захтева барем један аргумент"
-#: src/sesh.c:64
+#: src/sesh.c:91
#, c-format
msgid "unable to execute %s"
msgstr "не могу да извршим %s"
-#: src/sudo.c:191
-#, c-format
-msgid "must be setuid root"
-msgstr "морате бити сетуид администратор"
-
-#: src/sudo.c:209
+#: src/sudo.c:211
#, c-format
msgid "Sudo version %s\n"
msgstr "Судо издање %s\n"
-#: src/sudo.c:211
+#: src/sudo.c:213
#, c-format
msgid "Configure options: %s\n"
msgstr "Опције подешавања: %s\n"
-#: src/sudo.c:216
+#: src/sudo.c:218
#, c-format
msgid "fatal error, unable to load plugins"
msgstr "кобна грешка, не могу да учитам прикључке"
-#: src/sudo.c:224
+#: src/sudo.c:226
#, c-format
msgid "unable to initialize policy plugin"
msgstr "не могу да започнем прикључак сигурности"
-#: src/sudo.c:279
+#: src/sudo.c:281
#, c-format
msgid "error initializing I/O plugin %s"
msgstr "грешка приликом покретања У/И прикључка %s"
-#: src/sudo.c:300
+#: src/sudo.c:306
#, c-format
msgid "unexpected sudo mode 0x%x"
msgstr "неочекивани судо режим 0x%x"
-#: src/sudo.c:389
+#: src/sudo.c:400
#, c-format
msgid "unable to get group vector"
msgstr "не могу да добавим вектор групе"
-#: src/sudo.c:431
+#: src/sudo.c:452
#, c-format
msgid "unknown uid %u: who are you?"
msgstr "непознати уид %u: ко сте ви?"
-#: src/sudo.c:773
+#: src/sudo.c:760
+#, c-format
+msgid "%s must be owned by uid %d and have the setuid bit set"
+msgstr "%s мора бити власништвo уида %d и треба да има подешен бит „setuid“"
+
+#: src/sudo.c:763
+#, c-format
+msgid "effective uid is not %d, is %s on a file system with the 'nosuid' option set or an NFS file system without root privileges?"
+msgstr "стварни уид није %d, већ %s на систему датотека са подешеном опцијом „nosuid“ или је НФС систем датотека без администраторских привилегија?"
+
+#: src/sudo.c:769
+#, c-format
+msgid "effective uid is not %d, is sudo installed setuid root?"
+msgstr "стварни уид није %d, већ сетуид администратор инсталиран судоом?"
+
+#: src/sudo.c:838
#, c-format
msgid "resource control limit has been reached"
msgstr "ограничење контроле ресурса је достигнуто"
-#: src/sudo.c:776
+#: src/sudo.c:841
#, c-format
msgid "user \"%s\" is not a member of project \"%s\""
msgstr "корисник „%s“ није члан пројекта „%s“"
-#: src/sudo.c:780
+#: src/sudo.c:845
#, c-format
msgid "the invoking task is final"
msgstr "задатак призивања је завршни"
-#: src/sudo.c:783
+#: src/sudo.c:848
#, c-format
msgid "could not join project \"%s\""
msgstr "не могу да приступим пројекту „%s“"
-#: src/sudo.c:788
+#: src/sudo.c:853
#, c-format
msgid "no resource pool accepting default bindings exists for project \"%s\""
msgstr "не постоји депо извора који прихвата основне пречице за пројекат „%s“"
-#: src/sudo.c:792
+#: src/sudo.c:857
#, c-format
msgid "specified resource pool does not exist for project \"%s\""
msgstr "наведени депо извора не постоји за пројекат „%s“"
-#: src/sudo.c:796
+#: src/sudo.c:861
#, c-format
msgid "could not bind to default resource pool for project \"%s\""
msgstr "не могу да се повежем са основним депоом извора за пројекат „%s“"
-#: src/sudo.c:802
+#: src/sudo.c:867
#, c-format
msgid "setproject failed for project \"%s\""
msgstr "подешавање пројекта није успело за пројекат „%s“"
-#: src/sudo.c:804
+#: src/sudo.c:869
#, c-format
msgid "warning, resource control assignment failed for project \"%s\""
msgstr "упозорење, није успело додељивање контроле ресурса за пројекат „%s“"
-#: src/sudo.c:832
-#, c-format
-msgid "unable to remove PRIV_PROC_EXEC from PRIV_LIMIT"
-msgstr "не могу да уклоним PRIV_PROC_EXEC из PRIV_LIMIT"
-
-#: src/sudo.c:938
+#: src/sudo.c:917
#, c-format
msgid "unknown login class %s"
msgstr "непозната класа пријаве %s"
-#: src/sudo.c:945 src/sudo.c:948
+#: src/sudo.c:931 src/sudo.c:934
#, c-format
msgid "unable to set user context"
msgstr "не могу да подесим кориснички контекст"
-#: src/sudo.c:959
+#: src/sudo.c:946
+#, c-format
+msgid "unable to set supplementary group IDs"
+msgstr "не могу да подесим додатне ИБ-ове групе"
+
+#: src/sudo.c:953
#, c-format
msgid "unable to set effective gid to runas gid %u"
msgstr "не могу да подесим ефективан гид да се покрене_као гид %u"
-#: src/sudo.c:965
+#: src/sudo.c:959
#, c-format
msgid "unable to set gid to runas gid %u"
msgstr "не могу да подесим гид да се покрене као гид %u"
-#: src/sudo.c:973
-#, c-format
-msgid "unable to set supplementary group IDs"
-msgstr "не могу да подесим додатне ИБ-ове групе"
-
-#: src/sudo.c:981
+#: src/sudo.c:966
#, c-format
msgid "unable to set process priority"
msgstr "не могу да подесим приоритет процеса"
-#: src/sudo.c:989
+#: src/sudo.c:974
#, c-format
msgid "unable to change root to %s"
msgstr "не могу да променим администратора на %s"
-#: src/sudo.c:999 src/sudo.c:1005 src/sudo.c:1011
+#: src/sudo.c:981 src/sudo.c:987 src/sudo.c:993
#, c-format
msgid "unable to change to runas uid (%u, %u)"
msgstr "не могу да се пребацим у покрени_као уид (%u, %u)"
-#: src/sudo.c:1025
+#: src/sudo.c:1007
#, c-format
msgid "unable to change directory to %s"
msgstr "не могу да променим директоријум у %s"
-#: src/sudo.c:1092
+#: src/sudo.c:1079
#, c-format
msgid "unexpected child termination condition: %d"
msgstr "неочекивани услов завршетка потпроцеса: %d"
-#: src/sudo.c:1132
+#: src/sudo.c:1140
#, c-format
msgid "policy plugin %s does not support listing privileges"
msgstr "прикључак сигурности %s не подржава привилегије исписивања"
-#: src/sudo.c:1143
+#: src/sudo.c:1152
#, c-format
msgid "policy plugin %s does not support the -v option"
msgstr "прикључак сигурности %s не подржава опцију -v"
-#: src/sudo.c:1154
+#: src/sudo.c:1164
#, c-format
msgid "policy plugin %s does not support the -k/-K options"
msgstr "прикључак сигурности %s не подржава опције -k/-K"
-#: src/sudo_edit.c:108
+#: src/sudo_edit.c:111
#, c-format
msgid "unable to change uid to root (%u)"
msgstr "не могу да променим уид у администратора (%u)"
-#: src/sudo_edit.c:140
+#: src/sudo_edit.c:143
#, c-format
msgid "plugin error: missing file list for sudoedit"
msgstr "грешка прикључка: недостаје датотеа списка за уређивање судоа"
-#: src/sudo_edit.c:168 src/sudo_edit.c:268
+#: src/sudo_edit.c:171 src/sudo_edit.c:271
#, c-format
msgid "%s: not a regular file"
msgstr "%s: није обична датотека"
-#: src/sudo_edit.c:202 src/sudo_edit.c:304
+#: src/sudo_edit.c:205 src/sudo_edit.c:307
#, c-format
msgid "%s: short write"
msgstr "%s: кратак упис"
-#: src/sudo_edit.c:269
+#: src/sudo_edit.c:272
#, c-format
msgid "%s left unmodified"
msgstr "%s је остао неизмењен"
-#: src/sudo_edit.c:282
+#: src/sudo_edit.c:285
#, c-format
msgid "%s unchanged"
msgstr "%s је непромењен"
-#: src/sudo_edit.c:294 src/sudo_edit.c:315
+#: src/sudo_edit.c:297 src/sudo_edit.c:318
#, c-format
msgid "unable to write to %s"
msgstr "не могу да упишем у %s"
-#: src/sudo_edit.c:295 src/sudo_edit.c:313 src/sudo_edit.c:316
+#: src/sudo_edit.c:298 src/sudo_edit.c:316 src/sudo_edit.c:319
#, c-format
msgid "contents of edit session left in %s"
msgstr "садржај сесије уређивања је остао у %s"
-#: src/sudo_edit.c:312
+#: src/sudo_edit.c:315
#, c-format
msgid "unable to read temporary file"
msgstr "не могу да прочитам привремену датотеку"
-#: src/tgetpass.c:95
+#: src/tgetpass.c:90
#, c-format
msgid "no tty present and no askpass program specified"
msgstr "тту не постоји и није наведен програм за пропуштање"
-#: src/tgetpass.c:104
+#: src/tgetpass.c:99
#, c-format
msgid "no askpass program specified, try setting SUDO_ASKPASS"
msgstr "није наведен програм за пропуштање, покушајте да подесите SUDO_ASKPASS"
-#: src/tgetpass.c:234
+#: src/tgetpass.c:231
#, c-format
msgid "unable to set gid to %u"
msgstr "не могу да подесим гид у %u"
-#: src/tgetpass.c:238
+#: src/tgetpass.c:235
#, c-format
msgid "unable to set uid to %u"
msgstr "не могу да подесим уид у %u"
-#: src/tgetpass.c:243
+#: src/tgetpass.c:240
#, c-format
msgid "unable to run %s"
msgstr "не могу да покренем %s"
-#: src/utmp.c:263
+#: src/utmp.c:278
#, c-format
msgid "unable to save stdin"
msgstr "не могу да сачувам стандардни улаз"
-#: src/utmp.c:265
+#: src/utmp.c:280
#, c-format
msgid "unable to dup2 stdin"
msgstr "не могу да дуп2 стандардни улаз"
-#: src/utmp.c:268
+#: src/utmp.c:283
#, c-format
msgid "unable to restore stdin"
msgstr "не могу да повратим стандардни улаз"
-#: common/aix.c:144
-#, c-format
-msgid "unable to open userdb"
-msgstr "не могу да отворим корисничку базу података"
-
-#: common/aix.c:147
-#, c-format
-msgid "unable to switch to registry \"%s\" for %s"
-msgstr "не могу да се пребацим на регистар „%s“ за %s"
-
-#: common/aix.c:161
-#, c-format
-msgid "unable to restore registry"
-msgstr "не могу да повратим регистар"
-
-#: common/alloc.c:82
-#, c-format
-msgid "internal error, tried to emalloc(0)"
-msgstr "унутрашња грешка, покушах да обавим „emalloc(0)“"
-
-#: common/alloc.c:99
-#, c-format
-msgid "internal error, tried to emalloc2(0)"
-msgstr "унутрашња грешка, покушах да обавим „emalloc2(0)“"
-
-#: common/alloc.c:101
-#, c-format
-msgid "internal error, emalloc2() overflow"
-msgstr "унутрашња грешка, прекорачење функције „emalloc2()“"
+#~ msgid "must be setuid root"
+#~ msgstr "морате бити сетуид администратор"
-#: common/alloc.c:119
-#, c-format
-msgid "internal error, tried to erealloc(0)"
-msgstr "унутрашња грешка, покушах да обавим „erealloc(0)“"
-
-#: common/alloc.c:138
-#, c-format
-msgid "internal error, tried to erealloc3(0)"
-msgstr "унутрашња грешка, покушах да обавим „erealloc3(0)“"
-
-#: common/alloc.c:140
-#, c-format
-msgid "internal error, erealloc3() overflow"
-msgstr "унутрашња грешка, прекорачење функције „erealloc3()“"
-
-#: compat/strsignal.c:47
-msgid "Unknown signal"
-msgstr "Непознати сигнал"
+#~ msgid "the argument to -D must be between 1 and 9 inclusive"
+#~ msgstr "аргумент уз -D мора бити између 1 и 9 укључујући"
#, fuzzy
msgid ""
msgstr ""
-"Project-Id-Version: sudo 1.8.4\n"
+"Project-Id-Version: sudo 1.8.5\n"
"Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n"
-"POT-Creation-Date: 2012-02-16 17:06-0500\n"
+"POT-Creation-Date: 2012-04-24 13:41-0400\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
"Content-Type: text/plain; charset=CHARSET\n"
"Content-Transfer-Encoding: 8bit\n"
+#: common/aix.c:149
+#, c-format
+msgid "unable to open userdb"
+msgstr ""
+
+#: common/aix.c:152
+#, c-format
+msgid "unable to switch to registry \"%s\" for %s"
+msgstr ""
+
+#: common/aix.c:169
+#, c-format
+msgid "unable to restore registry"
+msgstr ""
+
+#: common/alloc.c:82
+msgid "internal error, tried to emalloc(0)"
+msgstr ""
+
+#: common/alloc.c:85 common/alloc.c:105 common/alloc.c:127 common/alloc.c:146
+#: common/alloc.c:168 common/alloc.c:192 common/alloc.c:256 common/alloc.c:270
+#: src/exec_common.c:111 src/parse_args.c:432 src/sudo.c:456 src/sudo.c:482
+#: src/sudo.c:489 src/sudo.c:500 src/sudo.c:737
+#, c-format
+msgid "unable to allocate memory"
+msgstr ""
+
+#: common/alloc.c:99
+msgid "internal error, tried to emalloc2(0)"
+msgstr ""
+
+#: common/alloc.c:101
+msgid "internal error, emalloc2() overflow"
+msgstr ""
+
+#: common/alloc.c:120
+msgid "internal error, tried to ecalloc(0)"
+msgstr ""
+
+#: common/alloc.c:123
+msgid "internal error, ecalloc() overflow"
+msgstr ""
+
+#: common/alloc.c:142
+msgid "internal error, tried to erealloc(0)"
+msgstr ""
+
+#: common/alloc.c:161 common/alloc.c:185
+msgid "internal error, tried to erealloc3(0)"
+msgstr ""
+
+#: common/alloc.c:163 common/alloc.c:187
+msgid "internal error, erealloc3() overflow"
+msgstr ""
+
+#: common/sudo_conf.c:306
+#, c-format
+msgid "unable to stat %s"
+msgstr ""
+
+#: common/sudo_conf.c:309
+#, c-format
+msgid "%s is not a regular file"
+msgstr ""
+
+#: common/sudo_conf.c:312
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr ""
+
+#: common/sudo_conf.c:316
+#, c-format
+msgid "%s is world writable"
+msgstr ""
+
+#: common/sudo_conf.c:319
+#, c-format
+msgid "%s is group writable"
+msgstr ""
+
+#: common/sudo_conf.c:328 src/selinux.c:196 src/selinux.c:209 src/sudo.c:331
+#, c-format
+msgid "unable to open %s"
+msgstr ""
+
+#: compat/strsignal.c:47
+msgid "Unknown signal"
+msgstr ""
+
#: src/error.c:82 src/error.c:86
msgid ": "
msgstr ""
-#: src/exec.c:105 src/exec_pty.c:604 src/exec_pty.c:936 src/tgetpass.c:227
+#: src/exec.c:107 src/exec_pty.c:628
+#, c-format
+msgid "policy plugin failed session initialization"
+msgstr ""
+
+#: src/exec.c:112 src/exec_pty.c:633 src/exec_pty.c:967 src/tgetpass.c:221
#, c-format
msgid "unable to fork"
msgstr ""
-#: src/exec.c:252
+#: src/exec.c:259
#, c-format
msgid "unable to create sockets"
msgstr ""
-#: src/exec.c:259 src/exec_pty.c:557 src/exec_pty.c:565 src/exec_pty.c:572
-#: src/exec_pty.c:871 src/exec_pty.c:933 src/tgetpass.c:224
+#: src/exec.c:266 src/exec_pty.c:572 src/exec_pty.c:581 src/exec_pty.c:589
+#: src/exec_pty.c:902 src/exec_pty.c:964 src/tgetpass.c:218
#, c-format
msgid "unable to create pipe"
msgstr ""
-#: src/exec.c:340 src/exec_pty.c:1000 src/exec_pty.c:1135
+#: src/exec.c:351 src/exec_pty.c:1029 src/exec_pty.c:1167
#, c-format
msgid "select failed"
msgstr ""
-#: src/exec.c:425
+#: src/exec.c:441
#, c-format
msgid "unable to restore tty label"
msgstr ""
-#: src/exec_common.c:66
+#: src/exec_common.c:69
#, c-format
msgid "unable to remove PRIV_PROC_EXEC from PRIV_LIMIT"
msgstr ""
-#: src/exec_common.c:88 src/parse_args.c:432 src/sudo.c:445 src/sudo.c:465
-#: src/sudo.c:472 src/sudo.c:483 src/sudo.c:842 common/alloc.c:85
-#: common/alloc.c:105 common/alloc.c:123 common/alloc.c:145 common/alloc.c:203
-#: common/alloc.c:217
-#, c-format
-msgid "unable to allocate memory"
-msgstr ""
-
-#: src/exec_pty.c:140
+#: src/exec_pty.c:144
#, c-format
msgid "unable to allocate pty"
msgstr ""
-#: src/exec_pty.c:597
+#: src/exec_pty.c:619
#, c-format
msgid "unable to set terminal to raw mode"
msgstr ""
-#: src/exec_pty.c:914
+#: src/exec_pty.c:945
#, c-format
msgid "unable to set controlling tty"
msgstr ""
-#: src/exec_pty.c:1008
+#: src/exec_pty.c:1038
#, c-format
msgid "error reading from signal pipe"
msgstr ""
-#: src/exec_pty.c:1027
+#: src/exec_pty.c:1059
#, c-format
msgid "error reading from pipe"
msgstr ""
-#: src/exec_pty.c:1043
+#: src/exec_pty.c:1075
#, c-format
msgid "error reading from socketpair"
msgstr ""
-#: src/exec_pty.c:1047
+#: src/exec_pty.c:1079
#, c-format
msgid "unexpected reply type on backchannel: %d"
msgstr ""
msgid "%s: only a single policy plugin may be loaded"
msgstr ""
-#: src/load_plugins.c:146
+#: src/load_plugins.c:148
#, c-format
msgid "%s: at least one policy plugin must be specified"
msgstr ""
-#: src/load_plugins.c:151
+#: src/load_plugins.c:153
#, c-format
msgid "policy plugin %s does not include a check_policy method"
msgstr ""
msgid "stop processing command line arguments\n"
msgstr ""
-#: src/selinux.c:76
+#: src/selinux.c:77
#, c-format
msgid "unable to open audit system"
msgstr ""
-#: src/selinux.c:84
+#: src/selinux.c:85
#, c-format
msgid "unable to send audit message"
msgstr ""
-#: src/selinux.c:112
+#: src/selinux.c:113
#, c-format
msgid "unable to fgetfilecon %s"
msgstr ""
-#: src/selinux.c:117
+#: src/selinux.c:118
#, c-format
msgid "%s changed labels"
msgstr ""
-#: src/selinux.c:122
+#: src/selinux.c:123
#, c-format
msgid "unable to restore context for %s"
msgstr ""
-#: src/selinux.c:162
+#: src/selinux.c:163
#, c-format
msgid "unable to open %s, not relabeling tty"
msgstr ""
-#: src/selinux.c:171
+#: src/selinux.c:172
#, c-format
msgid "unable to get current tty context, not relabeling tty"
msgstr ""
-#: src/selinux.c:178
+#: src/selinux.c:179
#, c-format
msgid "unable to get new tty context, not relabeling tty"
msgstr ""
-#: src/selinux.c:185
+#: src/selinux.c:186
#, c-format
msgid "unable to set new tty context"
msgstr ""
-#: src/selinux.c:195 src/selinux.c:208 src/sudo.c:331
-#, c-format
-msgid "unable to open %s"
-msgstr ""
-
-#: src/selinux.c:251
+#: src/selinux.c:252
#, c-format
msgid "you must specify a role for type %s"
msgstr ""
-#: src/selinux.c:257
+#: src/selinux.c:258
#, c-format
msgid "unable to get default type for role %s"
msgstr ""
-#: src/selinux.c:275
+#: src/selinux.c:276
#, c-format
msgid "failed to set new role %s"
msgstr ""
-#: src/selinux.c:279
+#: src/selinux.c:280
#, c-format
msgid "failed to set new type %s"
msgstr ""
-#: src/selinux.c:288
+#: src/selinux.c:289
#, c-format
msgid "%s is not a valid context"
msgstr ""
-#: src/selinux.c:323
+#: src/selinux.c:324
#, c-format
msgid "failed to get old_context"
msgstr ""
-#: src/selinux.c:329
+#: src/selinux.c:330
#, c-format
msgid "unable to determine enforcing mode."
msgstr ""
-#: src/selinux.c:341
+#: src/selinux.c:342
#, c-format
msgid "unable to setup tty context for %s"
msgstr ""
-#: src/selinux.c:372
+#: src/selinux.c:373
#, c-format
msgid "unable to set exec context to %s"
msgstr ""
-#: src/selinux.c:379
+#: src/selinux.c:380
#, c-format
msgid "unable to set key creation context to %s"
msgstr ""
-#: src/sesh.c:69
+#: src/sesh.c:70
#, c-format
msgid "requires at least one argument"
msgstr ""
-#: src/sesh.c:90
+#: src/sesh.c:91
#, c-format
msgid "unable to execute %s"
msgstr ""
-#: src/sudo.c:189
-#, c-format
-msgid "must be setuid root"
-msgstr ""
-
-#: src/sudo.c:212
+#: src/sudo.c:211
#, c-format
msgid "Sudo version %s\n"
msgstr ""
-#: src/sudo.c:214
+#: src/sudo.c:213
#, c-format
msgid "Configure options: %s\n"
msgstr ""
-#: src/sudo.c:219
+#: src/sudo.c:218
#, c-format
msgid "fatal error, unable to load plugins"
msgstr ""
-#: src/sudo.c:227
+#: src/sudo.c:226
#, c-format
msgid "unable to initialize policy plugin"
msgstr ""
-#: src/sudo.c:282
+#: src/sudo.c:281
#, c-format
msgid "error initializing I/O plugin %s"
msgstr ""
msgid "unable to get group vector"
msgstr ""
-#: src/sudo.c:441
+#: src/sudo.c:452
#, c-format
msgid "unknown uid %u: who are you?"
msgstr ""
-#: src/sudo.c:784
+#: src/sudo.c:760
+#, c-format
+msgid "%s must be owned by uid %d and have the setuid bit set"
+msgstr ""
+
+#: src/sudo.c:763
+#, c-format
+msgid ""
+"effective uid is not %d, is %s on a file system with the 'nosuid' option set "
+"or an NFS file system without root privileges?"
+msgstr ""
+
+#: src/sudo.c:769
+#, c-format
+msgid "effective uid is not %d, is sudo installed setuid root?"
+msgstr ""
+
+#: src/sudo.c:838
#, c-format
msgid "resource control limit has been reached"
msgstr ""
-#: src/sudo.c:787
+#: src/sudo.c:841
#, c-format
msgid "user \"%s\" is not a member of project \"%s\""
msgstr ""
-#: src/sudo.c:791
+#: src/sudo.c:845
#, c-format
msgid "the invoking task is final"
msgstr ""
-#: src/sudo.c:794
+#: src/sudo.c:848
#, c-format
msgid "could not join project \"%s\""
msgstr ""
-#: src/sudo.c:799
+#: src/sudo.c:853
#, c-format
msgid "no resource pool accepting default bindings exists for project \"%s\""
msgstr ""
-#: src/sudo.c:803
+#: src/sudo.c:857
#, c-format
msgid "specified resource pool does not exist for project \"%s\""
msgstr ""
-#: src/sudo.c:807
+#: src/sudo.c:861
#, c-format
msgid "could not bind to default resource pool for project \"%s\""
msgstr ""
-#: src/sudo.c:813
+#: src/sudo.c:867
#, c-format
msgid "setproject failed for project \"%s\""
msgstr ""
-#: src/sudo.c:815
+#: src/sudo.c:869
#, c-format
msgid "warning, resource control assignment failed for project \"%s\""
msgstr ""
-#: src/sudo.c:880
+#: src/sudo.c:917
#, c-format
msgid "unknown login class %s"
msgstr ""
-#: src/sudo.c:896 src/sudo.c:899
+#: src/sudo.c:931 src/sudo.c:934
#, c-format
msgid "unable to set user context"
msgstr ""
-#: src/sudo.c:915
+#: src/sudo.c:946
#, c-format
msgid "unable to set supplementary group IDs"
msgstr ""
-#: src/sudo.c:922
+#: src/sudo.c:953
#, c-format
msgid "unable to set effective gid to runas gid %u"
msgstr ""
-#: src/sudo.c:928
+#: src/sudo.c:959
#, c-format
msgid "unable to set gid to runas gid %u"
msgstr ""
-#: src/sudo.c:935
+#: src/sudo.c:966
#, c-format
msgid "unable to set process priority"
msgstr ""
-#: src/sudo.c:943
+#: src/sudo.c:974
#, c-format
msgid "unable to change root to %s"
msgstr ""
-#: src/sudo.c:950 src/sudo.c:956 src/sudo.c:962
+#: src/sudo.c:981 src/sudo.c:987 src/sudo.c:993
#, c-format
msgid "unable to change to runas uid (%u, %u)"
msgstr ""
-#: src/sudo.c:976
+#: src/sudo.c:1007
#, c-format
msgid "unable to change directory to %s"
msgstr ""
-#: src/sudo.c:1049
+#: src/sudo.c:1079
#, c-format
msgid "unexpected child termination condition: %d"
msgstr ""
-#: src/sudo.c:1095
+#: src/sudo.c:1140
#, c-format
msgid "policy plugin %s does not support listing privileges"
msgstr ""
-#: src/sudo.c:1107
+#: src/sudo.c:1152
#, c-format
msgid "policy plugin %s does not support the -v option"
msgstr ""
-#: src/sudo.c:1119
+#: src/sudo.c:1164
#, c-format
msgid "policy plugin %s does not support the -k/-K options"
msgstr ""
msgid "unable to read temporary file"
msgstr ""
-#: src/tgetpass.c:96
+#: src/tgetpass.c:90
#, c-format
msgid "no tty present and no askpass program specified"
msgstr ""
-#: src/tgetpass.c:105
+#: src/tgetpass.c:99
#, c-format
msgid "no askpass program specified, try setting SUDO_ASKPASS"
msgstr ""
-#: src/tgetpass.c:237
+#: src/tgetpass.c:231
#, c-format
msgid "unable to set gid to %u"
msgstr ""
-#: src/tgetpass.c:241
+#: src/tgetpass.c:235
#, c-format
msgid "unable to set uid to %u"
msgstr ""
-#: src/tgetpass.c:246
+#: src/tgetpass.c:240
#, c-format
msgid "unable to run %s"
msgstr ""
#, c-format
msgid "unable to restore stdin"
msgstr ""
-
-#: common/aix.c:149
-#, c-format
-msgid "unable to open userdb"
-msgstr ""
-
-#: common/aix.c:152
-#, c-format
-msgid "unable to switch to registry \"%s\" for %s"
-msgstr ""
-
-#: common/aix.c:169
-#, c-format
-msgid "unable to restore registry"
-msgstr ""
-
-#: common/alloc.c:82
-msgid "internal error, tried to emalloc(0)"
-msgstr ""
-
-#: common/alloc.c:99
-msgid "internal error, tried to emalloc2(0)"
-msgstr ""
-
-#: common/alloc.c:101
-msgid "internal error, emalloc2() overflow"
-msgstr ""
-
-#: common/alloc.c:119
-msgid "internal error, tried to erealloc(0)"
-msgstr ""
-
-#: common/alloc.c:138
-msgid "internal error, tried to erealloc3(0)"
-msgstr ""
-
-#: common/alloc.c:140
-msgid "internal error, erealloc3() overflow"
-msgstr ""
-
-#: compat/strsignal.c:47
-msgid "Unknown signal"
-msgstr ""
--- /dev/null
+# Swedish translation for sudo.
+# Copyright (C) 2012 Free Software Foundation, Inc.
+# This file is put in the public domain.
+# Daniel Nylander <po@danielnylander.se>, 2012.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: sudo 1.8.5-b1\n"
+"Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n"
+"POT-Creation-Date: 2012-03-14 14:20-0400\n"
+"PO-Revision-Date: 2012-03-19 12:10+0100\n"
+"Last-Translator: Daniel Nylander <po@danielnylander.se>\n"
+"Language-Team: Swedish <tp-sv@listor.tp-sv.se>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+
+#: src/error.c:82 src/error.c:86
+msgid ": "
+msgstr ": "
+
+#: src/exec.c:105 src/exec_pty.c:616 src/exec_pty.c:948 src/tgetpass.c:227
+#, c-format
+msgid "unable to fork"
+msgstr "kunde inte grena process"
+
+#: src/exec.c:252
+#, c-format
+msgid "unable to create sockets"
+msgstr "kunde inte skapa uttag"
+
+#: src/exec.c:259 src/exec_pty.c:567 src/exec_pty.c:576 src/exec_pty.c:584
+#: src/exec_pty.c:883 src/exec_pty.c:945 src/tgetpass.c:224
+#, c-format
+msgid "unable to create pipe"
+msgstr "kunde inte skapa rör"
+
+#: src/exec.c:340 src/exec_pty.c:1012 src/exec_pty.c:1147
+#, c-format
+msgid "select failed"
+msgstr ""
+
+#: src/exec.c:425
+#, c-format
+msgid "unable to restore tty label"
+msgstr ""
+
+#: src/exec_common.c:69
+#, c-format
+msgid "unable to remove PRIV_PROC_EXEC from PRIV_LIMIT"
+msgstr ""
+
+#: src/exec_common.c:111 src/parse_args.c:432 src/sudo.c:451 src/sudo.c:471
+#: src/sudo.c:478 src/sudo.c:489 src/sudo.c:848 common/alloc.c:85
+#: common/alloc.c:105 common/alloc.c:123 common/alloc.c:145 common/alloc.c:203
+#: common/alloc.c:217
+#, c-format
+msgid "unable to allocate memory"
+msgstr "kunde inte allokera minne"
+
+#: src/exec_pty.c:140
+#, c-format
+msgid "unable to allocate pty"
+msgstr "kunde inte allokera pty"
+
+#: src/exec_pty.c:609
+#, c-format
+msgid "unable to set terminal to raw mode"
+msgstr ""
+
+#: src/exec_pty.c:926
+#, c-format
+msgid "unable to set controlling tty"
+msgstr ""
+
+#: src/exec_pty.c:1020
+#, c-format
+msgid "error reading from signal pipe"
+msgstr "fel vid läsning från signalrör"
+
+#: src/exec_pty.c:1039
+#, c-format
+msgid "error reading from pipe"
+msgstr "fel vid läsning från rör"
+
+#: src/exec_pty.c:1055
+#, c-format
+msgid "error reading from socketpair"
+msgstr ""
+
+#: src/exec_pty.c:1059
+#, c-format
+msgid "unexpected reply type on backchannel: %d"
+msgstr ""
+
+#: src/load_plugins.c:79
+#, c-format
+msgid "%s: %s"
+msgstr "%s: %s"
+
+#: src/load_plugins.c:85
+#, c-format
+msgid "%s%s: %s"
+msgstr "%s%s: %s"
+
+#: src/load_plugins.c:95
+#, c-format
+msgid "%s must be owned by uid %d"
+msgstr "%s måste ägas av uid %d"
+
+#: src/load_plugins.c:99
+#, c-format
+msgid "%s must be only be writable by owner"
+msgstr "%s får endast vara skrivbar av ägaren"
+
+#: src/load_plugins.c:106
+#, c-format
+msgid "unable to dlopen %s: %s"
+msgstr "kunde inte köra dlopen %s: %s"
+
+#: src/load_plugins.c:111
+#, c-format
+msgid "%s: unable to find symbol %s"
+msgstr "%s: kunde inte hitta symbolen %s"
+
+#: src/load_plugins.c:117
+#, c-format
+msgid "%s: unknown policy type %d"
+msgstr "%s: okänd policytyp %d"
+
+#: src/load_plugins.c:121
+#, c-format
+msgid "%s: incompatible policy major version %d, expected %d"
+msgstr ""
+
+#: src/load_plugins.c:128
+#, c-format
+msgid "%s: only a single policy plugin may be loaded"
+msgstr ""
+
+#: src/load_plugins.c:148
+#, c-format
+msgid "%s: at least one policy plugin must be specified"
+msgstr "%s: minst en policyinsticksmodul måste anges"
+
+#: src/load_plugins.c:153
+#, c-format
+msgid "policy plugin %s does not include a check_policy method"
+msgstr ""
+
+#: src/net_ifs.c:157 src/net_ifs.c:166 src/net_ifs.c:178 src/net_ifs.c:187
+#: src/net_ifs.c:298 src/net_ifs.c:322
+#, c-format
+msgid "load_interfaces: overflow detected"
+msgstr "load_interfaces: stackspill upptäcktes"
+
+#: src/net_ifs.c:227
+#, c-format
+msgid "unable to open socket"
+msgstr "kunde inte öppna uttag"
+
+#: src/parse_args.c:187
+#, c-format
+msgid "the argument to -C must be a number greater than or equal to 3"
+msgstr "argumentet till -C måste vara ett tal större än eller lika med 3"
+
+#: src/parse_args.c:276
+#, c-format
+msgid "unknown user: %s"
+msgstr "okänd användare: %s"
+
+#: src/parse_args.c:335
+#, c-format
+msgid "you may not specify both the `-i' and `-s' options"
+msgstr "du får inte ange flaggorna \"-i\" och \"-s\" samtidigt"
+
+#: src/parse_args.c:339
+#, c-format
+msgid "you may not specify both the `-i' and `-E' options"
+msgstr "du får inte ange flaggorna \"-i\" och \"-E\" samtidigt"
+
+#: src/parse_args.c:349
+#, c-format
+msgid "the `-E' option is not valid in edit mode"
+msgstr "flaggan \"-E\" är inte giltig i redigeringsläget"
+
+#: src/parse_args.c:351
+#, c-format
+msgid "you may not specify environment variables in edit mode"
+msgstr "du får inte ange miljövariabler i redigeringsläget"
+
+#: src/parse_args.c:359
+#, c-format
+msgid "the `-U' option may only be used with the `-l' option"
+msgstr "the `-U' option may only be used with the `-l' option"
+
+#: src/parse_args.c:363
+#, c-format
+msgid "the `-A' and `-S' options may not be used together"
+msgstr "flaggorna \"-A\" och \"-S\" får inte användas tillsammans"
+
+#: src/parse_args.c:445
+#, c-format
+msgid "sudoedit is not supported on this platform"
+msgstr "sudoedit stöds inte på denna plattform"
+
+#: src/parse_args.c:518
+#, c-format
+msgid "Only one of the -e, -h, -i, -K, -l, -s, -v or -V options may be specified"
+msgstr "Endast en av flaggorna -e, -h, -i, -K, -l, -s, -v eller -V får anges"
+
+#: src/parse_args.c:532
+#, c-format
+msgid ""
+"%s - edit files as another user\n"
+"\n"
+msgstr ""
+"%s - redigera filer som en annan användare\n"
+"\n"
+
+#: src/parse_args.c:534
+#, c-format
+msgid ""
+"%s - execute a command as another user\n"
+"\n"
+msgstr ""
+"%s - kör ett kommando som en annan användare\n"
+"\n"
+
+#: src/parse_args.c:539
+#, c-format
+msgid ""
+"\n"
+"Options:\n"
+msgstr ""
+"\n"
+"Flaggor:\n"
+
+#: src/parse_args.c:542
+msgid "use helper program for password prompting\n"
+msgstr "använd hjälpprogram för att fråga efter lösenord\n"
+
+#: src/parse_args.c:545
+msgid "use specified BSD authentication type\n"
+msgstr "använd angiven BSD-autentiseringstyp\n"
+
+#: src/parse_args.c:547
+msgid "run command in the background\n"
+msgstr "kör kommando i bakgrunden\n"
+
+#: src/parse_args.c:549
+msgid "close all file descriptors >= fd\n"
+msgstr ""
+
+#: src/parse_args.c:552
+msgid "run command with specified login class\n"
+msgstr "kör kommando med angiven inloggningsklass\n"
+
+#: src/parse_args.c:555
+msgid "preserve user environment when executing command\n"
+msgstr "bevara användarens miljö när kommandot körs\n"
+
+#: src/parse_args.c:557
+msgid "edit files instead of running a command\n"
+msgstr "redigera filer istället för att köra ett kommando\n"
+
+#: src/parse_args.c:559
+msgid "execute command as the specified group\n"
+msgstr "kör kommando som angiven grupp\n"
+
+#: src/parse_args.c:561
+msgid "set HOME variable to target user's home dir.\n"
+msgstr "ställ in HOME-variabeln till målanvändarens hemkatalog.\n"
+
+#: src/parse_args.c:563
+msgid "display help message and exit\n"
+msgstr "visa hjälpmeddelande och avsluta\n"
+
+#: src/parse_args.c:565
+msgid "run a login shell as target user\n"
+msgstr "kör ett inloggningsskal som målanvändaren\n"
+
+#: src/parse_args.c:567
+msgid "remove timestamp file completely\n"
+msgstr "ta bort tidsstämpelfilen helt\n"
+
+#: src/parse_args.c:569
+msgid "invalidate timestamp file\n"
+msgstr ""
+
+#: src/parse_args.c:571
+msgid "list user's available commands\n"
+msgstr "lista användarens tillgängliga kommandon\n"
+
+#: src/parse_args.c:573
+msgid "non-interactive mode, will not prompt user\n"
+msgstr ""
+
+#: src/parse_args.c:575
+msgid "preserve group vector instead of setting to target's\n"
+msgstr ""
+
+#: src/parse_args.c:577
+msgid "use specified password prompt\n"
+msgstr "använd angiven lösenordsprompt\n"
+
+#: src/parse_args.c:580 src/parse_args.c:588
+msgid "create SELinux security context with specified role\n"
+msgstr "skapa SELinux-säkerhetskontext med angiven roll\n"
+
+#: src/parse_args.c:583
+msgid "read password from standard input\n"
+msgstr "läs lösenord från standard in\n"
+
+#: src/parse_args.c:585
+msgid "run a shell as target user\n"
+msgstr "kör ett skal som målanvändaren\n"
+
+#: src/parse_args.c:591
+msgid "when listing, list specified user's privileges\n"
+msgstr ""
+
+#: src/parse_args.c:593
+msgid "run command (or edit file) as specified user\n"
+msgstr "kör kommando (eller redigera fil) som angiven användare\n"
+
+#: src/parse_args.c:595
+msgid "display version information and exit\n"
+msgstr "visa versionsinformation och avsluta\n"
+
+#: src/parse_args.c:597
+msgid "update user's timestamp without running a command\n"
+msgstr "uppdatera användarens tidsstämpel utan att köra ett kommando\n"
+
+#: src/parse_args.c:599
+msgid "stop processing command line arguments\n"
+msgstr ""
+
+#: src/selinux.c:76
+#, c-format
+msgid "unable to open audit system"
+msgstr ""
+
+#: src/selinux.c:84
+#, c-format
+msgid "unable to send audit message"
+msgstr ""
+
+#: src/selinux.c:112
+#, c-format
+msgid "unable to fgetfilecon %s"
+msgstr ""
+
+#: src/selinux.c:117
+#, c-format
+msgid "%s changed labels"
+msgstr ""
+
+#: src/selinux.c:122
+#, c-format
+msgid "unable to restore context for %s"
+msgstr ""
+
+#: src/selinux.c:162
+#, c-format
+msgid "unable to open %s, not relabeling tty"
+msgstr ""
+
+#: src/selinux.c:171
+#, c-format
+msgid "unable to get current tty context, not relabeling tty"
+msgstr ""
+
+#: src/selinux.c:178
+#, c-format
+msgid "unable to get new tty context, not relabeling tty"
+msgstr ""
+
+#: src/selinux.c:185
+#, c-format
+msgid "unable to set new tty context"
+msgstr ""
+
+#: src/selinux.c:195 src/selinux.c:208 src/sudo.c:337 common/sudo_conf.c:328
+#, c-format
+msgid "unable to open %s"
+msgstr "kunde inte öppna %s"
+
+#: src/selinux.c:251
+#, c-format
+msgid "you must specify a role for type %s"
+msgstr "du måste ange en roll för typen %s"
+
+#: src/selinux.c:257
+#, c-format
+msgid "unable to get default type for role %s"
+msgstr "kunde inte få tag på standardtyp för rollen %s"
+
+#: src/selinux.c:275
+#, c-format
+msgid "failed to set new role %s"
+msgstr "misslyckades med att ställa in nya rollen %s"
+
+#: src/selinux.c:279
+#, c-format
+msgid "failed to set new type %s"
+msgstr "misslyckades med att ställa in nya typen %s"
+
+#: src/selinux.c:288
+#, c-format
+msgid "%s is not a valid context"
+msgstr "%s är inte en giltig kontext"
+
+#: src/selinux.c:323
+#, c-format
+msgid "failed to get old_context"
+msgstr "misslyckades med att få tag på old_context"
+
+#: src/selinux.c:329
+#, c-format
+msgid "unable to determine enforcing mode."
+msgstr ""
+
+#: src/selinux.c:341
+#, c-format
+msgid "unable to setup tty context for %s"
+msgstr ""
+
+#: src/selinux.c:372
+#, c-format
+msgid "unable to set exec context to %s"
+msgstr "kunde inte ställa in körkontext till %s"
+
+#: src/selinux.c:379
+#, c-format
+msgid "unable to set key creation context to %s"
+msgstr ""
+
+#: src/sesh.c:70
+#, c-format
+msgid "requires at least one argument"
+msgstr "kräver minst ett argument"
+
+#: src/sesh.c:91
+#, c-format
+msgid "unable to execute %s"
+msgstr "kunde inte köra %s"
+
+#: src/sudo.c:191
+#, c-format
+msgid "must be setuid root"
+msgstr "måste vara setuid root"
+
+#: src/sudo.c:214
+#, c-format
+msgid "Sudo version %s\n"
+msgstr "Sudo version %s\n"
+
+#: src/sudo.c:216
+#, c-format
+msgid "Configure options: %s\n"
+msgstr "Konfigurationsflaggor: %s\n"
+
+#: src/sudo.c:221
+#, c-format
+msgid "fatal error, unable to load plugins"
+msgstr "ödesdigert fel, kunde inte läsa in insticksmoduler"
+
+#: src/sudo.c:229
+#, c-format
+msgid "unable to initialize policy plugin"
+msgstr ""
+
+#: src/sudo.c:284
+#, c-format
+msgid "error initializing I/O plugin %s"
+msgstr ""
+
+#: src/sudo.c:312
+#, c-format
+msgid "unexpected sudo mode 0x%x"
+msgstr ""
+
+#: src/sudo.c:406
+#, c-format
+msgid "unable to get group vector"
+msgstr ""
+
+#: src/sudo.c:447
+#, c-format
+msgid "unknown uid %u: who are you?"
+msgstr "okänt uid %u: vem är du?"
+
+#: src/sudo.c:790
+#, c-format
+msgid "resource control limit has been reached"
+msgstr ""
+
+#: src/sudo.c:793
+#, c-format
+msgid "user \"%s\" is not a member of project \"%s\""
+msgstr "användaren \"%s\" är inte medlem av projektet \"%s\""
+
+#: src/sudo.c:797
+#, c-format
+msgid "the invoking task is final"
+msgstr ""
+
+#: src/sudo.c:800
+#, c-format
+msgid "could not join project \"%s\""
+msgstr "kunde inte gå med i projektet \"%s\""
+
+#: src/sudo.c:805
+#, c-format
+msgid "no resource pool accepting default bindings exists for project \"%s\""
+msgstr ""
+
+#: src/sudo.c:809
+#, c-format
+msgid "specified resource pool does not exist for project \"%s\""
+msgstr "angiven resurspool finns inte för projektet \"%s\""
+
+#: src/sudo.c:813
+#, c-format
+msgid "could not bind to default resource pool for project \"%s\""
+msgstr ""
+
+#: src/sudo.c:819
+#, c-format
+msgid "setproject failed for project \"%s\""
+msgstr "setproject misslyckades för projektet \"%s\""
+
+#: src/sudo.c:821
+#, c-format
+msgid "warning, resource control assignment failed for project \"%s\""
+msgstr ""
+
+#: src/sudo.c:892
+#, c-format
+msgid "unknown login class %s"
+msgstr "okänd inloggningsklass %s"
+
+#: src/sudo.c:906 src/sudo.c:909
+#, c-format
+msgid "unable to set user context"
+msgstr "kunde inte ställa in användarens kontext"
+
+#: src/sudo.c:924
+#, c-format
+msgid "unable to set supplementary group IDs"
+msgstr ""
+
+#: src/sudo.c:931
+#, c-format
+msgid "unable to set effective gid to runas gid %u"
+msgstr "kunde inte ställa in effektiv gid till runas gid %u"
+
+#: src/sudo.c:937
+#, c-format
+msgid "unable to set gid to runas gid %u"
+msgstr "kunde inte ställa in gid för runas gid %u"
+
+#: src/sudo.c:944
+#, c-format
+msgid "unable to set process priority"
+msgstr "kunde inte ställa in processprioritet"
+
+#: src/sudo.c:952
+#, c-format
+msgid "unable to change root to %s"
+msgstr "kunde inte ändra rot till %s"
+
+#: src/sudo.c:959 src/sudo.c:965 src/sudo.c:971
+#, c-format
+msgid "unable to change to runas uid (%u, %u)"
+msgstr "kunde inte ändra till runas uid (%u, %u)"
+
+#: src/sudo.c:985
+#, c-format
+msgid "unable to change directory to %s"
+msgstr "kunde inte ändra katalog till %s"
+
+#: src/sudo.c:1058
+#, c-format
+msgid "unexpected child termination condition: %d"
+msgstr ""
+
+#: src/sudo.c:1119
+#, c-format
+msgid "policy plugin %s does not support listing privileges"
+msgstr ""
+
+#: src/sudo.c:1131
+#, c-format
+msgid "policy plugin %s does not support the -v option"
+msgstr ""
+
+#: src/sudo.c:1143
+#, c-format
+msgid "policy plugin %s does not support the -k/-K options"
+msgstr ""
+
+#: src/sudo_edit.c:111
+#, c-format
+msgid "unable to change uid to root (%u)"
+msgstr "kunde inte ändra uid till root (%u)"
+
+#: src/sudo_edit.c:143
+#, c-format
+msgid "plugin error: missing file list for sudoedit"
+msgstr ""
+
+#: src/sudo_edit.c:171 src/sudo_edit.c:271
+#, c-format
+msgid "%s: not a regular file"
+msgstr "%s: inte en vanlig fil"
+
+#: src/sudo_edit.c:205 src/sudo_edit.c:307
+#, c-format
+msgid "%s: short write"
+msgstr "%s: kort skrivning"
+
+#: src/sudo_edit.c:272
+#, c-format
+msgid "%s left unmodified"
+msgstr "%s lämnad oförändrad"
+
+#: src/sudo_edit.c:285
+#, c-format
+msgid "%s unchanged"
+msgstr "%s oförändrad"
+
+#: src/sudo_edit.c:297 src/sudo_edit.c:318
+#, c-format
+msgid "unable to write to %s"
+msgstr "kunde inte skriva till %s"
+
+#: src/sudo_edit.c:298 src/sudo_edit.c:316 src/sudo_edit.c:319
+#, c-format
+msgid "contents of edit session left in %s"
+msgstr "innehåll av redigeringssession finns kvar i %s"
+
+#: src/sudo_edit.c:315
+#, c-format
+msgid "unable to read temporary file"
+msgstr "kunde inte läsa temporärfilen"
+
+#: src/tgetpass.c:96
+#, c-format
+msgid "no tty present and no askpass program specified"
+msgstr "ingen tty finns tillgänglig och inget askpass-program angivet"
+
+#: src/tgetpass.c:105
+#, c-format
+msgid "no askpass program specified, try setting SUDO_ASKPASS"
+msgstr "inget askpass-program angivet, prova att ställ in SUDO_ASKPASS"
+
+#: src/tgetpass.c:237
+#, c-format
+msgid "unable to set gid to %u"
+msgstr "kunde inte ställa in gid till %u"
+
+#: src/tgetpass.c:241
+#, c-format
+msgid "unable to set uid to %u"
+msgstr "kunde inte ställa in uid till %u"
+
+#: src/tgetpass.c:246
+#, c-format
+msgid "unable to run %s"
+msgstr "kunde inte köra %s"
+
+#: src/utmp.c:278
+#, c-format
+msgid "unable to save stdin"
+msgstr "kunde inte spara standard in"
+
+#: src/utmp.c:280
+#, c-format
+msgid "unable to dup2 stdin"
+msgstr ""
+
+#: src/utmp.c:283
+#, c-format
+msgid "unable to restore stdin"
+msgstr ""
+
+#: common/aix.c:149
+#, c-format
+msgid "unable to open userdb"
+msgstr "kunde inte öppna användardatabasen"
+
+#: common/aix.c:152
+#, c-format
+msgid "unable to switch to registry \"%s\" for %s"
+msgstr "kunde inte växla till registret \"%s\" för %s"
+
+#: common/aix.c:169
+#, c-format
+msgid "unable to restore registry"
+msgstr "kunde inte återställa registret"
+
+#: common/alloc.c:82
+msgid "internal error, tried to emalloc(0)"
+msgstr "internt fel, försökte med emalloc(0)"
+
+#: common/alloc.c:99
+msgid "internal error, tried to emalloc2(0)"
+msgstr "internt fel, försökte med emalloc2(0)"
+
+#: common/alloc.c:101
+msgid "internal error, emalloc2() overflow"
+msgstr "internt fel, stackspill i emalloc2()"
+
+#: common/alloc.c:119
+msgid "internal error, tried to erealloc(0)"
+msgstr "internt fel, försökte med erealloc(0)"
+
+#: common/alloc.c:138
+msgid "internal error, tried to erealloc3(0)"
+msgstr "internt fel, försökte med erealloc3(0)"
+
+#: common/alloc.c:140
+msgid "internal error, erealloc3() overflow"
+msgstr "internt fel, stackspill i erealloc3()"
+
+#: common/sudo_conf.c:306
+#, c-format
+msgid "unable to stat %s"
+msgstr "kunde inte ta status på %s"
+
+#: common/sudo_conf.c:309
+#, c-format
+msgid "%s is not a regular file"
+msgstr "%s är inte en vanlig fil"
+
+#: common/sudo_conf.c:312
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "%s ägs av uid %u, ska vara %u"
+
+#: common/sudo_conf.c:316
+#, c-format
+msgid "%s is world writable"
+msgstr "%s är skrivbar för alla"
+
+#: common/sudo_conf.c:319
+#, c-format
+msgid "%s is group writable"
+msgstr "%s är skrivbar för gruppen"
+
+#: compat/strsignal.c:47
+msgid "Unknown signal"
+msgstr "Okänd signal"
# Ukrainian translation for sudo.
# This file is put in the public domain.
#
-# Yuri Chornoivan <yurchor@ukr.net>, 2011.
+# Yuri Chornoivan <yurchor@ukr.net>, 2011, 2012.
msgid ""
msgstr ""
-"Project-Id-Version: sudo 1.8.2-rc1\n"
+"Project-Id-Version: sudo 1.8.5rc3\n"
"Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n"
-"POT-Creation-Date: 2011-05-20 15:33-0400\n"
-"PO-Revision-Date: 2011-05-25 20:07+0300\n"
+"POT-Creation-Date: 2012-04-24 13:41-0400\n"
+"PO-Revision-Date: 2012-04-29 12:02+0300\n"
"Last-Translator: Yuri Chornoivan <yurchor@ukr.net>\n"
"Language-Team: Ukrainian <translation-team-uk@lists.sourceforge.net>\n"
-"Language: \n"
+"Language: uk\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
-"X-Generator: Lokalize 1.2\n"
+"X-Generator: Lokalize 1.5\n"
"Plural-Forms: nplurals=1; plural=0;\n"
-#: ../../trunk/src/error.c:82 ../../trunk/src/error.c:86
+#: common/aix.c:149
+#, c-format
+msgid "unable to open userdb"
+msgstr "не вдалося відкрити userdb"
+
+#: common/aix.c:152
+#, c-format
+msgid "unable to switch to registry \"%s\" for %s"
+msgstr "не вдалося перемкнутися на регістр «%s» для %s"
+
+#: common/aix.c:169
+#, c-format
+msgid "unable to restore registry"
+msgstr "не вдалося відновити регістр"
+
+#: common/alloc.c:82
+msgid "internal error, tried to emalloc(0)"
+msgstr "внутрішня помилка, спроба виконання emalloc(0)"
+
+#: common/alloc.c:85 common/alloc.c:105 common/alloc.c:127 common/alloc.c:146
+#: common/alloc.c:168 common/alloc.c:192 common/alloc.c:256 common/alloc.c:270
+#: src/exec_common.c:111 src/parse_args.c:432 src/sudo.c:456 src/sudo.c:482
+#: src/sudo.c:489 src/sudo.c:500 src/sudo.c:737
+#, c-format
+msgid "unable to allocate memory"
+msgstr "не вдалося отримати потрібний об’єм пам’яті"
+
+#: common/alloc.c:99
+msgid "internal error, tried to emalloc2(0)"
+msgstr "внутрішня помилка, спроба виконання emalloc2(0)"
+
+#: common/alloc.c:101
+msgid "internal error, emalloc2() overflow"
+msgstr "внутрішня помилка, переповнення emalloc2()"
+
+#: common/alloc.c:120
+msgid "internal error, tried to ecalloc(0)"
+msgstr "внутрішня помилка, спроба виконання ecalloc(0)"
+
+#: common/alloc.c:123
+msgid "internal error, ecalloc() overflow"
+msgstr "внутрішня помилка, переповнення ecalloc()"
+
+#: common/alloc.c:142
+msgid "internal error, tried to erealloc(0)"
+msgstr "внутрішня помилка, спроба виконання erealloc(0)"
+
+#: common/alloc.c:161 common/alloc.c:185
+msgid "internal error, tried to erealloc3(0)"
+msgstr "внутрішня помилка, спроба виконання erealloc3(0)"
+
+#: common/alloc.c:163 common/alloc.c:187
+msgid "internal error, erealloc3() overflow"
+msgstr "внутрішня помилка, переповнення erealloc3()"
+
+#: common/sudo_conf.c:306
+#, c-format
+msgid "unable to stat %s"
+msgstr "не вдалося виконати stat для %s"
+
+#: common/sudo_conf.c:309
+#, c-format
+msgid "%s is not a regular file"
+msgstr "%s не є звичайним файлом"
+
+#: common/sudo_conf.c:312
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "%s належить uid %u, має належати %u"
+
+#: common/sudo_conf.c:316
+#, c-format
+msgid "%s is world writable"
+msgstr "Запис до «%s» можливий для довільного користувача"
+
+#: common/sudo_conf.c:319
+#, c-format
+msgid "%s is group writable"
+msgstr "Запис до «%s» може здійснювати будь-який користувач з групи"
+
+#: common/sudo_conf.c:328 src/selinux.c:196 src/selinux.c:209 src/sudo.c:331
+#, c-format
+msgid "unable to open %s"
+msgstr "не вдалося відкрити %s"
+
+#: compat/strsignal.c:47
+msgid "Unknown signal"
+msgstr "Невідомий сигнал"
+
+#: src/error.c:82 src/error.c:86
msgid ": "
msgstr ": "
-#: ../../trunk/src/exec.c:125 ../../trunk/src/exec_pty.c:569
-#: ../../trunk/src/exec_pty.c:876 ../../trunk/src/tgetpass.c:224
+#: src/exec.c:107 src/exec_pty.c:628
+#, c-format
+msgid "policy plugin failed session initialization"
+msgstr "не вдалося виконати ініціалізацію сеансу через додаток правил"
+
+#: src/exec.c:112 src/exec_pty.c:633 src/exec_pty.c:967 src/tgetpass.c:221
#, c-format
msgid "unable to fork"
msgstr "не вдалося створити відгалуження"
-#: ../../trunk/src/exec.c:247
+#: src/exec.c:259
#, c-format
msgid "unable to create sockets"
msgstr "не вдалося створити сокети"
-#: ../../trunk/src/exec.c:254 ../../trunk/src/exec_pty.c:522
-#: ../../trunk/src/exec_pty.c:530 ../../trunk/src/exec_pty.c:537
-#: ../../trunk/src/exec_pty.c:822 ../../trunk/src/exec_pty.c:873
-#: ../../trunk/src/tgetpass.c:221
+#: src/exec.c:266 src/exec_pty.c:572 src/exec_pty.c:581 src/exec_pty.c:589
+#: src/exec_pty.c:902 src/exec_pty.c:964 src/tgetpass.c:218
#, c-format
msgid "unable to create pipe"
msgstr "не вдалося створити канал"
-#: ../../trunk/src/exec.c:320 ../../trunk/src/exec_pty.c:940
-#: ../../trunk/src/exec_pty.c:1073
+#: src/exec.c:351 src/exec_pty.c:1029 src/exec_pty.c:1167
#, c-format
msgid "select failed"
msgstr "спроба виконати select зазнала невдачі"
-#: ../../trunk/src/exec.c:388
+#: src/exec.c:441
#, c-format
msgid "unable to restore tty label"
msgstr "не вдалося відновити позначку tty"
-#: ../../trunk/src/exec_pty.c:136
+#: src/exec_common.c:69
+#, c-format
+msgid "unable to remove PRIV_PROC_EXEC from PRIV_LIMIT"
+msgstr "не вдалося вилучити PRIV_PROC_EXEC з PRIV_LIMIT"
+
+#: src/exec_pty.c:144
#, c-format
msgid "unable to allocate pty"
msgstr "не вдалося розмістити pty"
-#: ../../trunk/src/exec_pty.c:562
+#: src/exec_pty.c:619
#, c-format
msgid "unable to set terminal to raw mode"
msgstr "не вдалося перевести термінал у режим без обробки"
-#: ../../trunk/src/exec_pty.c:854
+#: src/exec_pty.c:945
#, c-format
msgid "unable to set controlling tty"
msgstr "не вдалося встановити tty для керування"
-#: ../../trunk/src/exec_pty.c:948
+#: src/exec_pty.c:1038
#, c-format
msgid "error reading from signal pipe"
msgstr "помилка під час спроби читання з каналу сигналів"
-#: ../../trunk/src/exec_pty.c:967
+#: src/exec_pty.c:1059
#, c-format
msgid "error reading from pipe"
msgstr "помилка під час спроби читання з каналу"
-#: ../../trunk/src/exec_pty.c:983
+#: src/exec_pty.c:1075
#, c-format
msgid "error reading from socketpair"
msgstr "помилка під час спроби читання з пари сокетів"
-#: ../../trunk/src/exec_pty.c:987
+#: src/exec_pty.c:1079
#, c-format
msgid "unexpected reply type on backchannel: %d"
msgstr "неочікуваний тип відповіді на зворотному каналі: %d"
-#: ../../trunk/src/load_plugins.c:154
+#: src/load_plugins.c:79
#, c-format
msgid "%s: %s"
msgstr "%s: %s"
-#: ../../trunk/src/load_plugins.c:160
+#: src/load_plugins.c:85
#, c-format
msgid "%s%s: %s"
msgstr "%s%s: %s"
-#: ../../trunk/src/load_plugins.c:170
+#: src/load_plugins.c:95
#, c-format
msgid "%s must be owned by uid %d"
msgstr "%s має належати користувачеві з uid %d"
-#: ../../trunk/src/load_plugins.c:174
+#: src/load_plugins.c:99
#, c-format
msgid "%s must be only be writable by owner"
msgstr "%s має бути доступним до запису лише для власника"
-#: ../../trunk/src/load_plugins.c:181
+#: src/load_plugins.c:106
#, c-format
msgid "unable to dlopen %s: %s"
msgstr "не вдалося виконати dlopen для %s: %s"
-#: ../../trunk/src/load_plugins.c:186
+#: src/load_plugins.c:111
#, c-format
msgid "%s: unable to find symbol %s"
msgstr "%s: не вдалося знайти символ %s"
-#: ../../trunk/src/load_plugins.c:192
+#: src/load_plugins.c:117
#, c-format
msgid "%s: unknown policy type %d"
msgstr "%s: невідомий тип правил %d"
-#: ../../trunk/src/load_plugins.c:196
+#: src/load_plugins.c:121
#, c-format
msgid "%s: incompatible policy major version %d, expected %d"
msgstr "%s: несумісна основна версія правил %d, мало бути — %d"
-#: ../../trunk/src/load_plugins.c:203
+#: src/load_plugins.c:128
#, c-format
msgid "%s: only a single policy plugin may be loaded"
msgstr "%s: можна завантажувати лише єдиний додаток правил"
-#: ../../trunk/src/load_plugins.c:221
+#: src/load_plugins.c:148
#, c-format
msgid "%s: at least one policy plugin must be specified"
msgstr "%s: мало бути вказано принаймні один додаток правил"
-#: ../../trunk/src/load_plugins.c:226
+#: src/load_plugins.c:153
#, c-format
msgid "policy plugin %s does not include a check_policy method"
msgstr "до додатка правил %s не включено метод check_policy"
-#: ../../trunk/src/net_ifs.c:155 ../../trunk/src/net_ifs.c:164
-#: ../../trunk/src/net_ifs.c:176 ../../trunk/src/net_ifs.c:185
-#: ../../trunk/src/net_ifs.c:295 ../../trunk/src/net_ifs.c:319
+#: src/net_ifs.c:157 src/net_ifs.c:166 src/net_ifs.c:178 src/net_ifs.c:187
+#: src/net_ifs.c:298 src/net_ifs.c:322
#, c-format
msgid "load_interfaces: overflow detected"
msgstr "load_interfaces: виявлено переповнення"
-#: ../../trunk/src/net_ifs.c:224
+#: src/net_ifs.c:227
#, c-format
msgid "unable to open socket"
msgstr "не вдалося відкрити сокет"
-#: ../../trunk/src/parse_args.c:180
+#: src/parse_args.c:187
#, c-format
msgid "the argument to -C must be a number greater than or equal to 3"
msgstr "аргументом параметра -C mмає бути число не менше за 3"
-#: ../../trunk/src/parse_args.c:192
-#, c-format
-msgid "the argument to -D must be between 1 and 9 inclusive"
-msgstr "аргументом параметра -D має бути число з діапазону від 1 до 9, включно"
-
-#: ../../trunk/src/parse_args.c:273
+#: src/parse_args.c:276
#, c-format
msgid "unknown user: %s"
msgstr "невідомий користувач: %s"
-#: ../../trunk/src/parse_args.c:332
+#: src/parse_args.c:335
#, c-format
msgid "you may not specify both the `-i' and `-s' options"
msgstr "не можна одночасно вказувати параметри «-i» і «-s»"
-#: ../../trunk/src/parse_args.c:336
+#: src/parse_args.c:339
#, c-format
msgid "you may not specify both the `-i' and `-E' options"
msgstr "не можна одночасно вказувати параметри «-i» і «-E»"
-#: ../../trunk/src/parse_args.c:346
+#: src/parse_args.c:349
#, c-format
msgid "the `-E' option is not valid in edit mode"
msgstr "не можна використовувати «-E» у режимі редагування"
-#: ../../trunk/src/parse_args.c:348
+#: src/parse_args.c:351
#, c-format
msgid "you may not specify environment variables in edit mode"
msgstr "не можна вказувати змінні середовища у режимі редагування"
-#: ../../trunk/src/parse_args.c:356
+#: src/parse_args.c:359
#, c-format
msgid "the `-U' option may only be used with the `-l' option"
msgstr "параметр «-U» можна використовувати лише разом з параметром «-l»"
-#: ../../trunk/src/parse_args.c:360
+#: src/parse_args.c:363
#, c-format
msgid "the `-A' and `-S' options may not be used together"
msgstr "параметри «-A» і «-S» не можна використовувати одночасно"
-#: ../../trunk/src/parse_args.c:418 ../../trunk/src/sudo.c:398
-#: ../../trunk/src/sudo.c:418 ../../trunk/src/sudo.c:426
-#: ../../trunk/src/sudo.c:436 ../../trunk/common/alloc.c:85
-#: ../../trunk/common/alloc.c:105 ../../trunk/common/alloc.c:123
-#: ../../trunk/common/alloc.c:145 ../../trunk/common/alloc.c:203
-#: ../../trunk/common/alloc.c:217
-#, c-format
-msgid "unable to allocate memory"
-msgstr "не вдалося отримати потрібний об’єм пам’яті"
-
-#: ../../trunk/src/parse_args.c:431
+#: src/parse_args.c:445
#, c-format
msgid "sudoedit is not supported on this platform"
msgstr "підтримки sudoedit для цієї платформи не передбачено"
-#: ../../trunk/src/parse_args.c:502
+#: src/parse_args.c:518
#, c-format
msgid "Only one of the -e, -h, -i, -K, -l, -s, -v or -V options may be specified"
msgstr "Можна використовувати лише такі параметри: -e, -h, -i, -K, -l, -s, -v та -V"
-#: ../../trunk/src/parse_args.c:515
+#: src/parse_args.c:532
#, c-format
msgid ""
"%s - edit files as another user\n"
"%s — редагувати файли від імені іншого користувача\n"
"\n"
-#: ../../trunk/src/parse_args.c:517
+#: src/parse_args.c:534
#, c-format
msgid ""
"%s - execute a command as another user\n"
"%s — виконати команду від імені іншого користувача\n"
"\n"
-#: ../../trunk/src/parse_args.c:522
+#: src/parse_args.c:539
#, c-format
msgid ""
"\n"
"\n"
"Параметри:\n"
-#: ../../trunk/src/parse_args.c:525
+#: src/parse_args.c:542
msgid "use helper program for password prompting\n"
msgstr "використовувати допоміжну програму для запитів щодо пароля\n"
-#: ../../trunk/src/parse_args.c:528
+#: src/parse_args.c:545
msgid "use specified BSD authentication type\n"
msgstr "використовувати вказаний тип розпізнавання BSD\n"
-#: ../../trunk/src/parse_args.c:530
+#: src/parse_args.c:547
msgid "run command in the background\n"
msgstr "виконати команду у фоновому режимі\n"
-#: ../../trunk/src/parse_args.c:532
+#: src/parse_args.c:549
msgid "close all file descriptors >= fd\n"
msgstr "закрити всі дескриптори файлів >= fd\n"
-#: ../../trunk/src/parse_args.c:535
+#: src/parse_args.c:552
msgid "run command with specified login class\n"
msgstr "виконати команду з вказаним класом доступу\n"
-#: ../../trunk/src/parse_args.c:538
+#: src/parse_args.c:555
msgid "preserve user environment when executing command\n"
msgstr "зберегти середовище користувача на час виконання команди\n"
-#: ../../trunk/src/parse_args.c:540
+#: src/parse_args.c:557
msgid "edit files instead of running a command\n"
msgstr "редагувати файли замість виконання команди\n"
-#: ../../trunk/src/parse_args.c:542
+#: src/parse_args.c:559
msgid "execute command as the specified group\n"
msgstr "виконати команду від імені вказаної групи користувачів\n"
-#: ../../trunk/src/parse_args.c:544
+#: src/parse_args.c:561
msgid "set HOME variable to target user's home dir.\n"
msgstr "встановити для змінної HOME значення домашнього каталогу вказаного користувача.\n"
-#: ../../trunk/src/parse_args.c:546
+#: src/parse_args.c:563
msgid "display help message and exit\n"
msgstr "показати довідкове повідомлення і завершити роботу\n"
-#: ../../trunk/src/parse_args.c:548
+#: src/parse_args.c:565
msgid "run a login shell as target user\n"
msgstr "запустити оболонку для входу до системи від імені вказаного користувача\n"
-#: ../../trunk/src/parse_args.c:550
+#: src/parse_args.c:567
msgid "remove timestamp file completely\n"
msgstr "повністю вилучити файл часового штампу\n"
-#: ../../trunk/src/parse_args.c:552
+#: src/parse_args.c:569
msgid "invalidate timestamp file\n"
msgstr "позбавити чинності файл часового штампу\n"
-#: ../../trunk/src/parse_args.c:554
+#: src/parse_args.c:571
msgid "list user's available commands\n"
msgstr "показати список доступних користувачеві команд\n"
-#: ../../trunk/src/parse_args.c:556
+#: src/parse_args.c:573
msgid "non-interactive mode, will not prompt user\n"
msgstr "неінтерактивний режим, не просити користувача відповідати на питання\n"
-#: ../../trunk/src/parse_args.c:558
+#: src/parse_args.c:575
msgid "preserve group vector instead of setting to target's\n"
msgstr "зберегти вектор групи, не встановлювати вектор вказаного користувача\n"
-#: ../../trunk/src/parse_args.c:560
+#: src/parse_args.c:577
msgid "use specified password prompt\n"
msgstr "використовувати вказаний інструмент отримання паролів\n"
-#: ../../trunk/src/parse_args.c:563 ../../trunk/src/parse_args.c:571
+#: src/parse_args.c:580 src/parse_args.c:588
msgid "create SELinux security context with specified role\n"
msgstr "створити контекст захисту SELinux з вказаною роллю\n"
-#: ../../trunk/src/parse_args.c:566
+#: src/parse_args.c:583
msgid "read password from standard input\n"
msgstr "прочитати пароль зі стандартного джерела вхідних даних\n"
-#: ../../trunk/src/parse_args.c:568
+#: src/parse_args.c:585
msgid "run a shell as target user\n"
msgstr "запустити командну оболонку від імені вказаного користувача\n"
-#: ../../trunk/src/parse_args.c:574
+#: src/parse_args.c:591
msgid "when listing, list specified user's privileges\n"
msgstr "у списку показати права доступу вказаного користувача\n"
-#: ../../trunk/src/parse_args.c:576
+#: src/parse_args.c:593
msgid "run command (or edit file) as specified user\n"
msgstr "виконати команду (або редагувати файл) від імені вказаного користувача\n"
-#: ../../trunk/src/parse_args.c:578
+#: src/parse_args.c:595
msgid "display version information and exit\n"
msgstr "показати дані щодо версії і завершити роботу\n"
-#: ../../trunk/src/parse_args.c:580
+#: src/parse_args.c:597
msgid "update user's timestamp without running a command\n"
msgstr "оновити штамп часу користувача без виконання команди\n"
-#: ../../trunk/src/parse_args.c:582
+#: src/parse_args.c:599
msgid "stop processing command line arguments\n"
msgstr "зупинити обробку аргументів командного рядка\n"
-#: ../../trunk/src/selinux.c:75
+#: src/selinux.c:77
#, c-format
msgid "unable to open audit system"
msgstr "не вдалося відкрити систему аудита"
-#: ../../trunk/src/selinux.c:85
+#: src/selinux.c:85
#, c-format
msgid "unable to send audit message"
msgstr "не вдалося надіслати повідомлення аудита"
-#: ../../trunk/src/selinux.c:112
+#: src/selinux.c:113
#, c-format
msgid "unable to fgetfilecon %s"
msgstr "не вдалося виконати fgetfilecon %s"
-#: ../../trunk/src/selinux.c:117
+#: src/selinux.c:118
#, c-format
msgid "%s changed labels"
msgstr "%s змінено позначки"
-#: ../../trunk/src/selinux.c:122
+#: src/selinux.c:123
#, c-format
msgid "unable to restore context for %s"
msgstr "не вдалося відновити контекст %s"
-#: ../../trunk/src/selinux.c:161
+#: src/selinux.c:163
#, c-format
msgid "unable to open %s, not relabeling tty"
msgstr "не вдалося відкрити %s, не змінюємо позначки tty"
-#: ../../trunk/src/selinux.c:170
+#: src/selinux.c:172
#, c-format
msgid "unable to get current tty context, not relabeling tty"
msgstr "не вдалося отримати поточний контекст tty, не змінюємо позначки tty"
-#: ../../trunk/src/selinux.c:177
+#: src/selinux.c:179
#, c-format
msgid "unable to get new tty context, not relabeling tty"
msgstr "не вдалося отримати новий контекст tty, не змінюємо позначки tty"
-#: ../../trunk/src/selinux.c:184
+#: src/selinux.c:186
#, c-format
msgid "unable to set new tty context"
msgstr "не вдалося встановити новий контекст tty"
-#: ../../trunk/src/selinux.c:194 ../../trunk/src/selinux.c:207
-#: ../../trunk/src/sudo.c:330
-#, c-format
-msgid "unable to open %s"
-msgstr "не вдалося відкрити %s"
-
-#: ../../trunk/src/selinux.c:249
+#: src/selinux.c:252
#, c-format
msgid "you must specify a role for type %s"
msgstr "вам слід вказати роль для типу %s"
-#: ../../trunk/src/selinux.c:255
+#: src/selinux.c:258
#, c-format
msgid "unable to get default type for role %s"
msgstr "не вдалося отримати типовий тип для ролі %s"
-#: ../../trunk/src/selinux.c:273
+#: src/selinux.c:276
#, c-format
msgid "failed to set new role %s"
msgstr "не вдалося встановити нову роль %s"
-#: ../../trunk/src/selinux.c:277
+#: src/selinux.c:280
#, c-format
msgid "failed to set new type %s"
msgstr "не вдалося встановити новий тип %s"
-#: ../../trunk/src/selinux.c:286
+#: src/selinux.c:289
#, c-format
msgid "%s is not a valid context"
msgstr "%s не є коректним контекстом"
-#: ../../trunk/src/selinux.c:320
+#: src/selinux.c:324
#, c-format
msgid "failed to get old_context"
msgstr "не вдалося отримати old_context"
-#: ../../trunk/src/selinux.c:326
+#: src/selinux.c:330
#, c-format
msgid "unable to determine enforcing mode."
msgstr "не вдалося визначити режим примушення."
-#: ../../trunk/src/selinux.c:338
+#: src/selinux.c:342
#, c-format
msgid "unable to setup tty context for %s"
msgstr "не вдалося налаштувати контекст tty для %s"
-#: ../../trunk/src/selinux.c:367
+#: src/selinux.c:373
#, c-format
msgid "unable to set exec context to %s"
msgstr "не вдалося встановити контекст виконання у значення %s"
-#: ../../trunk/src/selinux.c:374
+#: src/selinux.c:380
#, c-format
msgid "unable to set key creation context to %s"
msgstr "не вдалося встановити контекст ключа створення у значення %s"
-#: ../../trunk/src/sesh.c:48
+#: src/sesh.c:70
+#, c-format
msgid "requires at least one argument"
msgstr "потребує принаймні одного аргументу"
-#: ../../trunk/src/sesh.c:64
+#: src/sesh.c:91
#, c-format
msgid "unable to execute %s"
msgstr "не вдалося виконати %s"
-#: ../../trunk/src/sudo.c:192
-#, c-format
-msgid "must be setuid root"
-msgstr "має виконуватися з setuid root"
-
-#: ../../trunk/src/sudo.c:210
+#: src/sudo.c:211
#, c-format
msgid "Sudo version %s\n"
msgstr "Версія sudo %s\n"
-#: ../../trunk/src/sudo.c:212
+#: src/sudo.c:213
#, c-format
msgid "Configure options: %s\n"
msgstr "Параметри налаштування: %s\n"
-#: ../../trunk/src/sudo.c:217
+#: src/sudo.c:218
#, c-format
msgid "fatal error, unable to load plugins"
msgstr "критична помилка, не вдалося завантажити додатки"
-#: ../../trunk/src/sudo.c:225
+#: src/sudo.c:226
#, c-format
msgid "unable to initialize policy plugin"
msgstr "не вдалося ініціалізувати додаток правил"
-#: ../../trunk/src/sudo.c:280
+#: src/sudo.c:281
#, c-format
msgid "error initializing I/O plugin %s"
msgstr "помилка під час спроби ініціалізації додатка введення/виведення даних %s"
-#: ../../trunk/src/sudo.c:307
+#: src/sudo.c:306
#, c-format
msgid "unexpected sudo mode 0x%x"
msgstr "неочікуваний режим sudo 0x%x"
-#: ../../trunk/src/sudo.c:356
+#: src/sudo.c:400
#, c-format
msgid "unable to get group vector"
msgstr "не вдалося отримати вектор групи"
-#: ../../trunk/src/sudo.c:394
+#: src/sudo.c:452
#, c-format
msgid "unknown uid %u: who are you?"
msgstr "невідомий uid %u: хто ви такий?"
-#: ../../trunk/src/sudo.c:734
+#: src/sudo.c:760
+#, c-format
+msgid "%s must be owned by uid %d and have the setuid bit set"
+msgstr "%s має належати користувачеві з uid %d, крім того, має бути встановлено біт setuid"
+
+#: src/sudo.c:763
+#, c-format
+msgid "effective uid is not %d, is %s on a file system with the 'nosuid' option set or an NFS file system without root privileges?"
+msgstr "поточним uid не є %d. Можливо %s зберігається у файловій системі зі встановленим параметром «nosuid» або у файловій системі NFS без прав доступу root?"
+
+#: src/sudo.c:769
+#, c-format
+msgid "effective uid is not %d, is sudo installed setuid root?"
+msgstr "поточним uid не є %d, sudo встановлено з ідентифікатором користувача root?"
+
+#: src/sudo.c:838
#, c-format
msgid "resource control limit has been reached"
msgstr "перевищено обмеження керування ресурсами"
-#: ../../trunk/src/sudo.c:737
+#: src/sudo.c:841
#, c-format
msgid "user \"%s\" is not a member of project \"%s\""
msgstr "користувач «%s» не є учасником проекту «%s»"
-#: ../../trunk/src/sudo.c:741
+#: src/sudo.c:845
#, c-format
msgid "the invoking task is final"
msgstr "викликане завдання є завершальним"
-#: ../../trunk/src/sudo.c:744
+#: src/sudo.c:848
#, c-format
msgid "could not join project \"%s\""
msgstr "не вдалося приєднатися до проекту «%s»"
-#: ../../trunk/src/sudo.c:749
+#: src/sudo.c:853
#, c-format
msgid "no resource pool accepting default bindings exists for project \"%s\""
msgstr "для проекту «%s» не існує сховища ресурсів, яке приймає типові прив’язки"
-#: ../../trunk/src/sudo.c:753
+#: src/sudo.c:857
#, c-format
msgid "specified resource pool does not exist for project \"%s\""
msgstr "у проекті «%s» не існує вказаного сховища ресурсів"
-#: ../../trunk/src/sudo.c:757
+#: src/sudo.c:861
#, c-format
msgid "could not bind to default resource pool for project \"%s\""
msgstr "не вдалося виконати прив’язку до типового сховища ресурсів проекту «%s»"
-#: ../../trunk/src/sudo.c:763
+#: src/sudo.c:867
#, c-format
msgid "setproject failed for project \"%s\""
msgstr "помилка під час виконання setproject для проекту «%s»"
-#: ../../trunk/src/sudo.c:765
+#: src/sudo.c:869
#, c-format
msgid "warning, resource control assignment failed for project \"%s\""
msgstr "попередження, помилка призначення керування ресурсами проекту «%s»"
-#: ../../trunk/src/sudo.c:791
-#, c-format
-msgid "unable to remove PRIV_PROC_EXEC from PRIV_LIMIT"
-msgstr "не вдалося вилучити PRIV_PROC_EXEC з PRIV_LIMIT"
-
-#: ../../trunk/src/sudo.c:895
+#: src/sudo.c:917
#, c-format
msgid "unknown login class %s"
msgstr "невідомий клас входу %s"
-#: ../../trunk/src/sudo.c:902 ../../trunk/src/sudo.c:905
+#: src/sudo.c:931 src/sudo.c:934
#, c-format
msgid "unable to set user context"
msgstr "не вдалося встановити контекст користувача"
-#: ../../trunk/src/sudo.c:916
+#: src/sudo.c:946
+#, c-format
+msgid "unable to set supplementary group IDs"
+msgstr "не вдалося встановити ідентифікатори додаткових груп"
+
+#: src/sudo.c:953
#, c-format
msgid "unable to set effective gid to runas gid %u"
msgstr "не вдалося встановити ефективний ідентифікатор групи для ідентифікатора групи запуску %u"
-#: ../../trunk/src/sudo.c:921
+#: src/sudo.c:959
#, c-format
msgid "unable to set gid to runas gid %u"
msgstr "не вдалося встановити ідентифікатор групи для ідентифікатора групи запуску %u"
-#: ../../trunk/src/sudo.c:929 ../../trunk/src/sudo.c:935
-#, c-format
-msgid "unable to set supplementary group IDs"
-msgstr "не вдалося встановити ідентифікатори додаткових груп"
-
-#: ../../trunk/src/sudo.c:943
+#: src/sudo.c:966
#, c-format
msgid "unable to set process priority"
msgstr "не вдалося встановити пріоритет процесу"
-#: ../../trunk/src/sudo.c:951
+#: src/sudo.c:974
#, c-format
msgid "unable to change root to %s"
msgstr "не вдалося змінити root на %s"
-#: ../../trunk/src/sudo.c:961 ../../trunk/src/sudo.c:967
-#: ../../trunk/src/sudo.c:973
+#: src/sudo.c:981 src/sudo.c:987 src/sudo.c:993
#, c-format
msgid "unable to change to runas uid (%u, %u)"
msgstr "не вдалося змінити uid користувача, від імені якого відбувається виконання (%u, %u)"
-#: ../../trunk/src/sudo.c:987
+#: src/sudo.c:1007
#, c-format
msgid "unable to change directory to %s"
msgstr "не вдалося змінити каталог на %s"
-#: ../../trunk/src/sudo.c:1078
+#: src/sudo.c:1079
#, c-format
msgid "unexpected child termination condition: %d"
msgstr "неочікувана умова переривання дочірнього процесу: %d"
-#: ../../trunk/src/sudo.c:1118
+#: src/sudo.c:1140
#, c-format
msgid "policy plugin %s does not support listing privileges"
msgstr "у додатку правил %s не передбачено підтримки побудови списку прав доступу"
-#: ../../trunk/src/sudo.c:1129
+#: src/sudo.c:1152
#, c-format
msgid "policy plugin %s does not support the -v option"
msgstr "у додатку правил %s не передбачено підтримки параметра -v"
-#: ../../trunk/src/sudo.c:1140
+#: src/sudo.c:1164
#, c-format
msgid "policy plugin %s does not support the -k/-K options"
msgstr "у додатку правил %s не передбачено підтримки параметрів -k/-K"
-#: ../../trunk/src/sudo_edit.c:108
+#: src/sudo_edit.c:111
#, c-format
msgid "unable to change uid to root (%u)"
msgstr "не вдалося змінити значення uid на значення root (%u)"
-#: ../../trunk/src/sudo_edit.c:140
+#: src/sudo_edit.c:143
#, c-format
msgid "plugin error: missing file list for sudoedit"
msgstr "помилка додатка: не вистачає списку файлів для sudoedit"
-#: ../../trunk/src/sudo_edit.c:172 ../../trunk/src/sudo_edit.c:280
+#: src/sudo_edit.c:171 src/sudo_edit.c:271
#, c-format
msgid "%s: not a regular file"
msgstr "%s: не є звичайним файлом"
-#: ../../trunk/src/sudo_edit.c:206 ../../trunk/src/sudo_edit.c:316
+#: src/sudo_edit.c:205 src/sudo_edit.c:307
#, c-format
msgid "%s: short write"
msgstr "%s: короткий запис"
-#: ../../trunk/src/sudo_edit.c:281
+#: src/sudo_edit.c:272
#, c-format
msgid "%s left unmodified"
msgstr "%s залишено без змін"
-#: ../../trunk/src/sudo_edit.c:294
+#: src/sudo_edit.c:285
#, c-format
msgid "%s unchanged"
msgstr "%s не змінено"
-#: ../../trunk/src/sudo_edit.c:306 ../../trunk/src/sudo_edit.c:327
+#: src/sudo_edit.c:297 src/sudo_edit.c:318
#, c-format
msgid "unable to write to %s"
msgstr "не вдалося виконати запис до %s"
-#: ../../trunk/src/sudo_edit.c:307 ../../trunk/src/sudo_edit.c:325
-#: ../../trunk/src/sudo_edit.c:328
+#: src/sudo_edit.c:298 src/sudo_edit.c:316 src/sudo_edit.c:319
#, c-format
msgid "contents of edit session left in %s"
msgstr "дані сеансу редагування залишилися у %s"
-#: ../../trunk/src/sudo_edit.c:324
+#: src/sudo_edit.c:315
#, c-format
msgid "unable to read temporary file"
msgstr "не вдалося виконати читання з файла тимчасових даних"
-#: ../../trunk/src/tgetpass.c:95
+#: src/tgetpass.c:90
#, c-format
msgid "no tty present and no askpass program specified"
msgstr "не виявлено tty і не вказано програми askpass"
-#: ../../trunk/src/tgetpass.c:104
+#: src/tgetpass.c:99
#, c-format
msgid "no askpass program specified, try setting SUDO_ASKPASS"
msgstr "не вказано програми askpass, спробуйте встановити значення змінної SUDO_ASKPASS"
-#: ../../trunk/src/tgetpass.c:234
+#: src/tgetpass.c:231
#, c-format
msgid "unable to set gid to %u"
msgstr "не вдалося встановити gid у значення %u"
-#: ../../trunk/src/tgetpass.c:238
+#: src/tgetpass.c:235
#, c-format
msgid "unable to set uid to %u"
msgstr "не вдалося встановити uid у значення %u"
-#: ../../trunk/src/tgetpass.c:243
+#: src/tgetpass.c:240
#, c-format
msgid "unable to run %s"
msgstr "не вдалося виконати %s"
-#: ../../trunk/src/utmp.c:263
+#: src/utmp.c:278
#, c-format
msgid "unable to save stdin"
msgstr "не вдалося зберегти stdin"
-#: ../../trunk/src/utmp.c:265
+#: src/utmp.c:280
#, c-format
msgid "unable to dup2 stdin"
msgstr "не вдалося виконати dup2 для stdin"
-#: ../../trunk/src/utmp.c:268
+#: src/utmp.c:283
#, c-format
msgid "unable to restore stdin"
msgstr "не вдалося відновити stdin"
-#: ../../trunk/common/aix.c:144
-#, c-format
-msgid "unable to open userdb"
-msgstr "не вдалося відкрити userdb"
+#~ msgid "must be setuid root"
+#~ msgstr "має виконуватися з setuid root"
-#: ../../trunk/common/aix.c:147
-#, c-format
-msgid "unable to switch to registry \"%s\" for %s"
-msgstr "не вдалося перемкнутися на регістр «%s» для %s"
-
-#: ../../trunk/common/aix.c:161
-#, c-format
-msgid "unable to restore registry"
-msgstr "не вдалося відновити регістр"
-
-#: ../../trunk/common/alloc.c:82
-#, c-format
-msgid "internal error, tried to emalloc(0)"
-msgstr "внутрішня помилка, спроба виконання emalloc(0)"
-
-#: ../../trunk/common/alloc.c:99
-#, c-format
-msgid "internal error, tried to emalloc2(0)"
-msgstr "внутрішня помилка, спроба виконання emalloc2(0)"
-
-#: ../../trunk/common/alloc.c:101
-#, c-format
-msgid "internal error, emalloc2() overflow"
-msgstr "внутрішня помилка, переповнення emalloc2()"
-
-#: ../../trunk/common/alloc.c:119
-#, c-format
-msgid "internal error, tried to erealloc(0)"
-msgstr "внутрішня помилка, спроба виконання erealloc(0)"
-
-#: ../../trunk/common/alloc.c:138
-#, c-format
-msgid "internal error, tried to erealloc3(0)"
-msgstr "внутрішня помилка, спроба виконання erealloc3(0)"
-
-#: ../../trunk/common/alloc.c:140
-#, c-format
-msgid "internal error, erealloc3() overflow"
-msgstr "внутрішня помилка, переповнення erealloc3()"
-
-#: ../../trunk/compat/strsignal.c:47
-msgid "Unknown signal"
-msgstr "Невідомий сигнал"
+#~ msgid "the argument to -D must be between 1 and 9 inclusive"
+#~ msgstr "аргументом параметра -D має бути число з діапазону від 1 до 9, включно"
--- /dev/null
+# Vietnamese translation for sudo.
+# Copyright © 2012 Free Software Foundation, Inc.
+# This file is distributed under the same license as the sudo package.
+# Trần Ngọc Quân <vnwildman@gmail.com>, 2012.
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: sudo-1.8.5rc3\n"
+"Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n"
+"POT-Creation-Date: 2012-04-24 13:41-0400\n"
+"PO-Revision-Date: 2012-04-30 07:00+0700\n"
+"Last-Translator: Trần Ngọc Quân <vnwildman@gmail.com>\n"
+"Language-Team: Vietnamese <translation-team-vi@lists.sourceforge.net>\n"
+"Language: vi\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=1;\n"
+"X-Generator: LocFactoryEditor 1.8\n"
+"X-Poedit-Language: Vietnamese\n"
+"X-Poedit-Country: VIET NAM\n"
+"X-Poedit-SourceCharset: utf-8\n"
+
+#: common/aix.c:149
+#, c-format
+msgid "unable to open userdb"
+msgstr "không thể mở userdb"
+
+#: common/aix.c:152
+#, c-format
+msgid "unable to switch to registry \"%s\" for %s"
+msgstr "không thể chuyển đến sổ đăng ký \"%s\" cho %s"
+
+#: common/aix.c:169
+#, c-format
+msgid "unable to restore registry"
+msgstr "không thể phục hồi sổ đăng ký"
+
+#: common/alloc.c:82
+msgid "internal error, tried to emalloc(0)"
+msgstr "lỗi nội bộ, dùng thử erealloc(0)"
+
+#: common/alloc.c:85 common/alloc.c:105 common/alloc.c:127 common/alloc.c:146
+#: common/alloc.c:168 common/alloc.c:192 common/alloc.c:256 common/alloc.c:270
+#: src/exec_common.c:111 src/parse_args.c:432 src/sudo.c:456 src/sudo.c:482
+#: src/sudo.c:489 src/sudo.c:500 src/sudo.c:737
+#, c-format
+msgid "unable to allocate memory"
+msgstr "không thể cấp phát vùng nhớ"
+
+#: common/alloc.c:99
+msgid "internal error, tried to emalloc2(0)"
+msgstr "lỗi nội bộ, dùng thử erealloc2(0)"
+
+#: common/alloc.c:101
+msgid "internal error, emalloc2() overflow"
+msgstr "lỗi nội bộ, erealloc2() bị tràn"
+
+#: common/alloc.c:120
+msgid "internal error, tried to ecalloc(0)"
+msgstr "lỗi nội bộ, đã dùng thử ecalloc(0)"
+
+#: common/alloc.c:123
+msgid "internal error, ecalloc() overflow"
+msgstr "lỗi nội bộ, ecalloc() bị tràn"
+
+#: common/alloc.c:142
+msgid "internal error, tried to erealloc(0)"
+msgstr "lỗi nội bộ, dùng thử erealloc(0)"
+
+#: common/alloc.c:161 common/alloc.c:185
+msgid "internal error, tried to erealloc3(0)"
+msgstr "lỗi nội bộ, dùng thử erealloc3(0)"
+
+#: common/alloc.c:163 common/alloc.c:187
+msgid "internal error, erealloc3() overflow"
+msgstr "lỗi nội bộ, erealloc3() bị tràn"
+
+#: common/sudo_conf.c:306
+#, c-format
+msgid "unable to stat %s"
+msgstr "không thể lấy trạng thái về %s"
+
+#: common/sudo_conf.c:309
+#, c-format
+msgid "%s is not a regular file"
+msgstr "%s không phải tập tin thường"
+
+#: common/sudo_conf.c:312
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "%s được sở hữu bởi uid %u, nên là %u"
+
+#: common/sudo_conf.c:316
+#, c-format
+msgid "%s is world writable"
+msgstr "%s ai ghi cũng được"
+
+#: common/sudo_conf.c:319
+#, c-format
+msgid "%s is group writable"
+msgstr "%s là nhóm có thể ghi"
+
+#: common/sudo_conf.c:328 src/selinux.c:196 src/selinux.c:209 src/sudo.c:331
+#, c-format
+msgid "unable to open %s"
+msgstr "không mở được %s"
+
+#: compat/strsignal.c:47
+msgid "Unknown signal"
+msgstr "Không hiểu tín hiệu"
+
+#: src/error.c:82 src/error.c:86
+msgid ": "
+msgstr ": "
+
+#: src/exec.c:107 src/exec_pty.c:628
+#, c-format
+msgid "policy plugin failed session initialization"
+msgstr "phần bổ xung chính sách gặp lỗi khi khởi tạo phiên"
+
+#: src/exec.c:112 src/exec_pty.c:633 src/exec_pty.c:967 src/tgetpass.c:221
+#, c-format
+msgid "unable to fork"
+msgstr "không thể tạo tiến trình con"
+
+#: src/exec.c:259
+#, c-format
+msgid "unable to create sockets"
+msgstr "không thể tạo sockets"
+
+#: src/exec.c:266 src/exec_pty.c:572 src/exec_pty.c:581 src/exec_pty.c:589
+#: src/exec_pty.c:902 src/exec_pty.c:964 src/tgetpass.c:218
+#, c-format
+msgid "unable to create pipe"
+msgstr "không tạo được đường ống pipe"
+
+#: src/exec.c:351 src/exec_pty.c:1029 src/exec_pty.c:1167
+#, c-format
+msgid "select failed"
+msgstr "lựa chọn gặp lỗi"
+
+#: src/exec.c:441
+#, c-format
+msgid "unable to restore tty label"
+msgstr "không thể phục hồi nhãn cho tty"
+
+#: src/exec_common.c:69
+#, c-format
+msgid "unable to remove PRIV_PROC_EXEC from PRIV_LIMIT"
+msgstr "không thể xóa bỏ PRIV_PROC_EXEC từ PRIV_LIMIT"
+
+#: src/exec_pty.c:144
+#, c-format
+msgid "unable to allocate pty"
+msgstr "không thể phân bổ pty"
+
+#: src/exec_pty.c:619
+#, c-format
+msgid "unable to set terminal to raw mode"
+msgstr "không thể đặt thiết bị cuối sang chế độ raw"
+
+#: src/exec_pty.c:945
+#, c-format
+msgid "unable to set controlling tty"
+msgstr "không thể đặt điều khiển cho tty"
+
+#: src/exec_pty.c:1038
+#, c-format
+msgid "error reading from signal pipe"
+msgstr "lỗi khi đọc từ đường ống dẫn tín hiệu"
+
+#: src/exec_pty.c:1059
+#, c-format
+msgid "error reading from pipe"
+msgstr "gặp lỗi khi đọc từ một đường ống dẫn lệnh"
+
+#: src/exec_pty.c:1075
+#, c-format
+msgid "error reading from socketpair"
+msgstr "gặp lỗi khi đọc từ socketpair"
+
+#: src/exec_pty.c:1079
+#, c-format
+msgid "unexpected reply type on backchannel: %d"
+msgstr "kiểu trả về không như mong đợi từ backchannel: %d"
+
+#: src/load_plugins.c:79
+#, c-format
+msgid "%s: %s"
+msgstr "%s: %s"
+
+#: src/load_plugins.c:85
+#, c-format
+msgid "%s%s: %s"
+msgstr "%s%s: %s"
+
+#: src/load_plugins.c:95
+#, c-format
+msgid "%s must be owned by uid %d"
+msgstr "%s phải được sở hữu bởi uid %d"
+
+#: src/load_plugins.c:99
+#, c-format
+msgid "%s must be only be writable by owner"
+msgstr "%s phải là những thứ chỉ có thể ghi bởi chủ sở hữu"
+
+#: src/load_plugins.c:106
+#, c-format
+msgid "unable to dlopen %s: %s"
+msgstr "không thể dlopen %s: %s"
+
+#: src/load_plugins.c:111
+#, c-format
+msgid "%s: unable to find symbol %s"
+msgstr "%s: không thể tìm thấy liên kết tượng trưng (symbol) %s"
+
+#: src/load_plugins.c:117
+#, c-format
+msgid "%s: unknown policy type %d"
+msgstr "%s: không hiểu kiểu chính sách %d"
+
+#: src/load_plugins.c:121
+#, c-format
+msgid "%s: incompatible policy major version %d, expected %d"
+msgstr "%s: chính sách không tương thích với phiên bản %d, mong chờ %d"
+
+#: src/load_plugins.c:128
+#, c-format
+msgid "%s: only a single policy plugin may be loaded"
+msgstr "%s: chỉ có một phần bổ xung chính sách được tải lên thôi"
+
+#: src/load_plugins.c:148
+#, c-format
+msgid "%s: at least one policy plugin must be specified"
+msgstr "%s: phải xác định ít nhất một phần bổ xung chính sách"
+
+#: src/load_plugins.c:153
+#, c-format
+msgid "policy plugin %s does not include a check_policy method"
+msgstr "phần bổ xung chính sách %s không bao gồm phương thức kiểm tra chính sách"
+
+#: src/net_ifs.c:157 src/net_ifs.c:166 src/net_ifs.c:178 src/net_ifs.c:187
+#: src/net_ifs.c:298 src/net_ifs.c:322
+#, c-format
+msgid "load_interfaces: overflow detected"
+msgstr "load_interfaces: bị tràn"
+
+#: src/net_ifs.c:227
+#, c-format
+msgid "unable to open socket"
+msgstr "không mở được socket"
+
+#: src/parse_args.c:187
+#, c-format
+msgid "the argument to -C must be a number greater than or equal to 3"
+msgstr "đối số cho -C phải là một số lớn hơn hoặc bằng 3"
+
+#: src/parse_args.c:276
+#, c-format
+msgid "unknown user: %s"
+msgstr "không hiểu người dùng: %s"
+
+#: src/parse_args.c:335
+#, c-format
+msgid "you may not specify both the `-i' and `-s' options"
+msgstr "bạn không thể chỉ định cả hai tùy chọn `-i' và `-s'"
+
+#: src/parse_args.c:339
+#, c-format
+msgid "you may not specify both the `-i' and `-E' options"
+msgstr "bạn không thể chỉ định cả hai tùy chọn `-i' và `-E'"
+
+#: src/parse_args.c:349
+#, c-format
+msgid "the `-E' option is not valid in edit mode"
+msgstr "tùy chọn `-E' không hợp lệ trong chế độ chỉnh sửa"
+
+#: src/parse_args.c:351
+#, c-format
+msgid "you may not specify environment variables in edit mode"
+msgstr "bạn có lẽ không được chỉ định biến môi trường trong chế độ soạn thảo"
+
+#: src/parse_args.c:359
+#, c-format
+msgid "the `-U' option may only be used with the `-l' option"
+msgstr "tùy chọn `-U' chỉ sử dụng cùng với tùy chọn `-l'"
+
+#: src/parse_args.c:363
+#, c-format
+msgid "the `-A' and `-S' options may not be used together"
+msgstr "tùy chọn `-A' và `-S' không thể dùng cùng một lúc với nhau"
+
+#: src/parse_args.c:445
+#, c-format
+msgid "sudoedit is not supported on this platform"
+msgstr "sudoedit không được hỗ trợ trên nền tảng này"
+
+#: src/parse_args.c:518
+#, c-format
+msgid "Only one of the -e, -h, -i, -K, -l, -s, -v or -V options may be specified"
+msgstr "Chỉ có một trong số các tùy chọn -e, -h, -i, -K, -l, -s, -v hay -V được chỉ định"
+
+#: src/parse_args.c:532
+#, c-format
+msgid ""
+"%s - edit files as another user\n"
+"\n"
+msgstr ""
+"%s - sửa chữa các tập tin trên danh nghĩa người dùng khác\n"
+"\n"
+
+#: src/parse_args.c:534
+#, c-format
+msgid ""
+"%s - execute a command as another user\n"
+"\n"
+msgstr ""
+"%s - thực hiện câu lệnh với người dùng khác\n"
+"\n"
+
+#: src/parse_args.c:539
+#, c-format
+msgid ""
+"\n"
+"Options:\n"
+msgstr ""
+"\n"
+"Tùy chọn:\n"
+
+#: src/parse_args.c:542
+msgid "use helper program for password prompting\n"
+msgstr "sử dụng chương trình trợ giúp cho hỏi đáp mật khẩu\n"
+
+#: src/parse_args.c:545
+msgid "use specified BSD authentication type\n"
+msgstr "sử dụng kiểu xác thực BSD được chỉ ra\n"
+
+#: src/parse_args.c:547
+msgid "run command in the background\n"
+msgstr "chạy lệnh ở chế độ nền\n"
+
+#: src/parse_args.c:549
+msgid "close all file descriptors >= fd\n"
+msgstr "đóng tất cả các mô tả của tập tin >= fd\n"
+
+#: src/parse_args.c:552
+msgid "run command with specified login class\n"
+msgstr "chạy lệnh với một lớp đăng nhập được chỉ ra\n"
+
+#: src/parse_args.c:555
+msgid "preserve user environment when executing command\n"
+msgstr "ngăn ngừa môi trường người dùng khi thi hành lệnh\n"
+
+#: src/parse_args.c:557
+msgid "edit files instead of running a command\n"
+msgstr "chỉnh sửa các tập tin thay vì chạy lệnh\n"
+
+#: src/parse_args.c:559
+msgid "execute command as the specified group\n"
+msgstr "thực hiện câu lệnh như là nhóm được chỉ định\n"
+
+#: src/parse_args.c:561
+msgid "set HOME variable to target user's home dir.\n"
+msgstr "đặt biến HOME cho thư mục home của người dùng đích.\n"
+
+#: src/parse_args.c:563
+msgid "display help message and exit\n"
+msgstr "hiển thị trợ giúp này rồi thoát\n"
+
+#: src/parse_args.c:565
+msgid "run a login shell as target user\n"
+msgstr "chạy shell đăng nhập như là người dùng đích\n"
+
+#: src/parse_args.c:567
+msgid "remove timestamp file completely\n"
+msgstr "gỡ bỏ timestamp tập tin\n"
+
+#: src/parse_args.c:569
+msgid "invalidate timestamp file\n"
+msgstr "làm mất hiệu lực timestamp của tập tin\n"
+
+#: src/parse_args.c:571
+msgid "list user's available commands\n"
+msgstr "danh sách các câu lệnh người dùng có thể sử dụng\n"
+
+#: src/parse_args.c:573
+msgid "non-interactive mode, will not prompt user\n"
+msgstr "chế độ không tương tác, không hỏi tên tài khoản người dùng\n"
+
+#: src/parse_args.c:575
+msgid "preserve group vector instead of setting to target's\n"
+msgstr "ngăn ngừa véc tơ nhóm thay vì các cài đặt cho đích\n"
+
+#: src/parse_args.c:577
+msgid "use specified password prompt\n"
+msgstr "sử dụng nhắc nhập mật khẩu.\n"
+
+#: src/parse_args.c:580 src/parse_args.c:588
+msgid "create SELinux security context with specified role\n"
+msgstr "tạo ngữ cảnh an ninh SELinux với vai trò đã được chỉ định\n"
+
+#: src/parse_args.c:583
+msgid "read password from standard input\n"
+msgstr "đọc mật khẩu từ đầu vào tiêu chuẩn\n"
+
+#: src/parse_args.c:585
+msgid "run a shell as target user\n"
+msgstr "chạy shell như là người dùng đích\n"
+
+#: src/parse_args.c:591
+msgid "when listing, list specified user's privileges\n"
+msgstr "khi liệt kê, liệt kê các đặc quyền của người dùng\n"
+
+#: src/parse_args.c:593
+msgid "run command (or edit file) as specified user\n"
+msgstr "chạy lệnh (hay sửa chữa tập tin) trên tư cách của người dùng đã chỉ định\n"
+
+#: src/parse_args.c:595
+msgid "display version information and exit\n"
+msgstr "hiển thị thông tin phiên bản rồi thoát\n"
+
+#: src/parse_args.c:597
+msgid "update user's timestamp without running a command\n"
+msgstr "cập nhật dấu thời gian (timestamp) của người dùng mà không chạy một lệnh\n"
+
+#: src/parse_args.c:599
+msgid "stop processing command line arguments\n"
+msgstr "dừng việc xử lý đối số dòng lệnh\n"
+
+#: src/selinux.c:77
+#, c-format
+msgid "unable to open audit system"
+msgstr "không thể mở hệ thống audit"
+
+#: src/selinux.c:85
+#, c-format
+msgid "unable to send audit message"
+msgstr "không thể gửi thông tin audit"
+
+#: src/selinux.c:113
+#, c-format
+msgid "unable to fgetfilecon %s"
+msgstr "không thể fgetfilecon %s"
+
+#: src/selinux.c:118
+#, c-format
+msgid "%s changed labels"
+msgstr "%s nhãn đã thay đổi"
+
+#: src/selinux.c:123
+#, c-format
+msgid "unable to restore context for %s"
+msgstr "Không thể phục hồi ngữ cảnh cho %s"
+
+#: src/selinux.c:163
+#, c-format
+msgid "unable to open %s, not relabeling tty"
+msgstr "không thể mở %s, không phải là tty liên quan"
+
+#: src/selinux.c:172
+#, c-format
+msgid "unable to get current tty context, not relabeling tty"
+msgstr "không thể lấy ngữ cảnh tty hiện hành, không phải là tty có liên quan"
+
+#: src/selinux.c:179
+#, c-format
+msgid "unable to get new tty context, not relabeling tty"
+msgstr "không thể lấy ngữ cảnh tty mới, không phải là tty có liên quan"
+
+#: src/selinux.c:186
+#, c-format
+msgid "unable to set new tty context"
+msgstr "không thể đặt ngữ cảnh tty mới"
+
+#: src/selinux.c:252
+#, c-format
+msgid "you must specify a role for type %s"
+msgstr "bạn phải chỉ định một kiểu vai trò cho %s"
+
+#: src/selinux.c:258
+#, c-format
+msgid "unable to get default type for role %s"
+msgstr "không thể lấy kiểu mặc định cho vai trò %s"
+
+#: src/selinux.c:276
+#, c-format
+msgid "failed to set new role %s"
+msgstr "lỗi khi đặt đặt vai trò mới %s"
+
+#: src/selinux.c:280
+#, c-format
+msgid "failed to set new type %s"
+msgstr "lỗi khi đặt kiểu mới %s"
+
+#: src/selinux.c:289
+#, c-format
+msgid "%s is not a valid context"
+msgstr "%s không phải là một ngữ cảnh hợp lệ"
+
+#: src/selinux.c:324
+#, c-format
+msgid "failed to get old_context"
+msgstr "lỗi lấy ngữ cảnh cũ"
+
+#: src/selinux.c:330
+#, c-format
+msgid "unable to determine enforcing mode."
+msgstr "không thể xác định rõ chế độ ép buộc."
+
+#: src/selinux.c:342
+#, c-format
+msgid "unable to setup tty context for %s"
+msgstr "không thể cài đặt ngữ cảnh tty mới cho %s"
+
+#: src/selinux.c:373
+#, c-format
+msgid "unable to set exec context to %s"
+msgstr "không thể đặt ngữ cảnh bảo thực thi thành %s"
+
+#: src/selinux.c:380
+#, c-format
+msgid "unable to set key creation context to %s"
+msgstr "không thể đặt ngữ cảnh tạo khóa thành %s"
+
+#: src/sesh.c:70
+#, c-format
+msgid "requires at least one argument"
+msgstr "cần thiết ít nhất một đối số"
+
+#: src/sesh.c:91
+#, c-format
+msgid "unable to execute %s"
+msgstr "không thể thực thi %s"
+
+#: src/sudo.c:211
+#, c-format
+msgid "Sudo version %s\n"
+msgstr "Phiên bản sudo %s\n"
+
+#: src/sudo.c:213
+#, c-format
+msgid "Configure options: %s\n"
+msgstr "Cấu hình các tùy chọn: %s\n"
+
+#: src/sudo.c:218
+#, c-format
+msgid "fatal error, unable to load plugins"
+msgstr "lỗi nghiêm trọng, không thể tải plugins"
+
+#: src/sudo.c:226
+#, c-format
+msgid "unable to initialize policy plugin"
+msgstr "không thể khởi tạo phần bổ xung chính sách"
+
+#: src/sudo.c:281
+#, c-format
+msgid "error initializing I/O plugin %s"
+msgstr "Gặp lỗi khi nạp phần bổ sung I/O %s"
+
+#: src/sudo.c:306
+#, c-format
+msgid "unexpected sudo mode 0x%x"
+msgstr "không mong đợi chế độ sudo 0x%x"
+
+#: src/sudo.c:400
+#, c-format
+msgid "unable to get group vector"
+msgstr "không thể lấy véc tơ nhóm"
+
+#: src/sudo.c:452
+#, c-format
+msgid "unknown uid %u: who are you?"
+msgstr "không hiểu uid %u: bạn là ai?"
+
+#: src/sudo.c:760
+#, c-format
+msgid "%s must be owned by uid %d and have the setuid bit set"
+msgstr "%s phải được sở hữu bởi uid %d và bít setuid phải được đặt"
+
+#: src/sudo.c:763
+#, c-format
+msgid "effective uid is not %d, is %s on a file system with the 'nosuid' option set or an NFS file system without root privileges?"
+msgstr "uid hữu hiệu thì không là %d, %s trên hệ thống tập tin với tuỳ chọn 'nosuid' được đặt, hay một hệ thống tập tin NFS không có đặc quyền của root có phải vậy không?"
+
+#: src/sudo.c:769
+#, c-format
+msgid "effective uid is not %d, is sudo installed setuid root?"
+msgstr "uid hữu hiệu thì không là %d, chương trình sudo có được cài với setuid root không?"
+
+#: src/sudo.c:838
+#, c-format
+msgid "resource control limit has been reached"
+msgstr "giới hạn điều khiển tài nguyên đã tới hạn"
+
+#: src/sudo.c:841
+#, c-format
+msgid "user \"%s\" is not a member of project \"%s\""
+msgstr "người dùng \"%s\" không phải là thành viên của dự án \"%s\""
+
+#: src/sudo.c:845
+#, c-format
+msgid "the invoking task is final"
+msgstr "tác vụ được gọi đã kết thúc"
+
+#: src/sudo.c:848
+#, c-format
+msgid "could not join project \"%s\""
+msgstr "không thể gia nhập dự án \"%s\""
+
+#: src/sudo.c:853
+#, c-format
+msgid "no resource pool accepting default bindings exists for project \"%s\""
+msgstr "không kho tài nguyên chung nào được thừa nhận ràng buộc đã tồn tại sẵn cho dự án \"%s\""
+
+#: src/sudo.c:857
+#, c-format
+msgid "specified resource pool does not exist for project \"%s\""
+msgstr "nguồn tài nguyên chung được chỉ ra chưa tồn tại cho dự án \"%s\""
+
+#: src/sudo.c:861
+#, c-format
+msgid "could not bind to default resource pool for project \"%s\""
+msgstr "không thể buộc phần tài nguyên chung mặc định cho dự án \"%s\""
+
+#: src/sudo.c:867
+#, c-format
+msgid "setproject failed for project \"%s\""
+msgstr "đặt dự án cho dự án \"%s\" gặp lỗi"
+
+#: src/sudo.c:869
+#, c-format
+msgid "warning, resource control assignment failed for project \"%s\""
+msgstr "cảnh báo, nguồn điều khiển gán gặp lỗi cho dự án \"%s\""
+
+#: src/sudo.c:917
+#, c-format
+msgid "unknown login class %s"
+msgstr "không rõ lớp đăng nhập %s"
+
+#: src/sudo.c:931 src/sudo.c:934
+#, c-format
+msgid "unable to set user context"
+msgstr "không thể đặt ngữ cảnh người dùng"
+
+#: src/sudo.c:946
+#, c-format
+msgid "unable to set supplementary group IDs"
+msgstr "không thể đặt nhóm phụ IDs"
+
+#: src/sudo.c:953
+#, c-format
+msgid "unable to set effective gid to runas gid %u"
+msgstr "không thể đặt hiệu ứng gid chạy như là gid %u"
+
+#: src/sudo.c:959
+#, c-format
+msgid "unable to set gid to runas gid %u"
+msgstr "không thể thay đổi gid thành runas gid %u"
+
+#: src/sudo.c:966
+#, c-format
+msgid "unable to set process priority"
+msgstr "không thể đặt ưu tiên cho quá trình"
+
+#: src/sudo.c:974
+#, c-format
+msgid "unable to change root to %s"
+msgstr "không thể chuyển đổi thư mục gốc thành %s"
+
+#: src/sudo.c:981 src/sudo.c:987 src/sudo.c:993
+#, c-format
+msgid "unable to change to runas uid (%u, %u)"
+msgstr "không thể thay đổi thành runas uid (%u, %u)"
+
+#: src/sudo.c:1007
+#, c-format
+msgid "unable to change directory to %s"
+msgstr "không thể thay đổi thư mục thành %s"
+
+#: src/sudo.c:1079
+#, c-format
+msgid "unexpected child termination condition: %d"
+msgstr "biểu thức điều kiện con kết thúc không như mong đợi: %d"
+
+#: src/sudo.c:1140
+#, c-format
+msgid "policy plugin %s does not support listing privileges"
+msgstr "phần bổ xung chính sách %s không hỗ trợ liệt kê đặc quyền"
+
+#: src/sudo.c:1152
+#, c-format
+msgid "policy plugin %s does not support the -v option"
+msgstr "phần bổ xung chính sách %s không hỗ trợ tùy chọn -v"
+
+#: src/sudo.c:1164
+#, c-format
+msgid "policy plugin %s does not support the -k/-K options"
+msgstr "phần bổ xung chính sách %s không hỗ trợ tùy chọn -k/-K"
+
+#: src/sudo_edit.c:111
+#, c-format
+msgid "unable to change uid to root (%u)"
+msgstr "không thể thay đổi uid thành root (%u)"
+
+#: src/sudo_edit.c:143
+#, c-format
+msgid "plugin error: missing file list for sudoedit"
+msgstr "lỗi phần bổ xung: thiếu danh sách tập tin cho sudoedit"
+
+#: src/sudo_edit.c:171 src/sudo_edit.c:271
+#, c-format
+msgid "%s: not a regular file"
+msgstr "%s: không phải là tập tin thường"
+
+#: src/sudo_edit.c:205 src/sudo_edit.c:307
+#, c-format
+msgid "%s: short write"
+msgstr "%s: ghi ngắn"
+
+#: src/sudo_edit.c:272
+#, c-format
+msgid "%s left unmodified"
+msgstr "%s còn lại chưa thay đổi"
+
+#: src/sudo_edit.c:285
+#, c-format
+msgid "%s unchanged"
+msgstr "%s không thay đổi"
+
+#: src/sudo_edit.c:297 src/sudo_edit.c:318
+#, c-format
+msgid "unable to write to %s"
+msgstr "không thể ghi vào %s"
+
+#: src/sudo_edit.c:298 src/sudo_edit.c:316 src/sudo_edit.c:319
+#, c-format
+msgid "contents of edit session left in %s"
+msgstr "nội dung của phiên chỉnh sửa chỉ còn %s"
+
+#: src/sudo_edit.c:315
+#, c-format
+msgid "unable to read temporary file"
+msgstr "Không đọc tập tin tạm thời"
+
+#: src/tgetpass.c:90
+#, c-format
+msgid "no tty present and no askpass program specified"
+msgstr "không có tty hiện diện và không có chương trình hỏi mật khẩu nào được chỉ ra"
+
+#: src/tgetpass.c:99
+#, c-format
+msgid "no askpass program specified, try setting SUDO_ASKPASS"
+msgstr "không có chương trình hỏi mật khẩu nào được chỉ ra, hãy thử cài đặt SUDO_ASKPASS"
+
+#: src/tgetpass.c:231
+#, c-format
+msgid "unable to set gid to %u"
+msgstr "không thể đặt gid thành %u"
+
+#: src/tgetpass.c:235
+#, c-format
+msgid "unable to set uid to %u"
+msgstr "không thể đặt uid thành %u"
+
+#: src/tgetpass.c:240
+#, c-format
+msgid "unable to run %s"
+msgstr "không thể chạy %s"
+
+#: src/utmp.c:278
+#, c-format
+msgid "unable to save stdin"
+msgstr "không thể ghi lại stdin"
+
+#: src/utmp.c:280
+#, c-format
+msgid "unable to dup2 stdin"
+msgstr "không thể dup2 stdin"
+
+#: src/utmp.c:283
+#, c-format
+msgid "unable to restore stdin"
+msgstr "không thể phục hồi stdin"
+
+#~ msgid "must be setuid root"
+#~ msgstr "phải được đặt setuid của root"
# Chinese simplified translation for sudo.
# sudo 的简体中文翻译。
# This file is put in the public domain.
-# Wylmer Wang <wantinghard@gmail.com>, 2011.
+# Wylmer Wang <wantinghard@gmail.com>, 2011, 2012.
#
msgid ""
msgstr ""
-"Project-Id-Version: sudo-1.8.2-rc8\n"
+"Project-Id-Version: sudo-1.8.5rc3\n"
"Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n"
-"POT-Creation-Date: 2011-07-27 14:21-0400\n"
-"PO-Revision-Date: 2011-07-28 17:11+0800\n"
+"POT-Creation-Date: 2012-04-24 13:41-0400\n"
+"PO-Revision-Date: 2012-04-29 17:01+0800\n"
"Last-Translator: Wylmer Wang <wantinghard@gmail.com>\n"
"Language-Team: Chinese (simplified) <i18n-zh@googlegroups.com>\n"
-"Language: \n"
+"Language: zh_CN\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=utf-8\n"
"Content-Transfer-Encoding: 8bit\n"
+#: common/aix.c:149
+#, c-format
+msgid "unable to open userdb"
+msgstr "无法打开 userdb"
+
+#: common/aix.c:152
+#, c-format
+msgid "unable to switch to registry \"%s\" for %s"
+msgstr "无法为 %2$s 切换到注册表“%1$s”"
+
+#: common/aix.c:169
+#, c-format
+msgid "unable to restore registry"
+msgstr "无法恢复注册表"
+
+#: common/alloc.c:82
+msgid "internal error, tried to emalloc(0)"
+msgstr "内部错误,试图 emalloc(0)"
+
+#: common/alloc.c:85 common/alloc.c:105 common/alloc.c:127 common/alloc.c:146
+#: common/alloc.c:168 common/alloc.c:192 common/alloc.c:256 common/alloc.c:270
+#: src/exec_common.c:111 src/parse_args.c:432 src/sudo.c:456 src/sudo.c:482
+#: src/sudo.c:489 src/sudo.c:500 src/sudo.c:737
+#, c-format
+msgid "unable to allocate memory"
+msgstr "无法分配内存"
+
+#: common/alloc.c:99
+msgid "internal error, tried to emalloc2(0)"
+msgstr "内部错误,试图 emalloc2(0)"
+
+#: common/alloc.c:101
+msgid "internal error, emalloc2() overflow"
+msgstr "内部错误,emalloc2() 溢出"
+
+#: common/alloc.c:120
+msgid "internal error, tried to ecalloc(0)"
+msgstr "内部错误,试图 ecalloc(0)"
+
+#: common/alloc.c:123
+msgid "internal error, ecalloc() overflow"
+msgstr "内部错误,ecalloc() 溢出"
+
+#: common/alloc.c:142
+msgid "internal error, tried to erealloc(0)"
+msgstr "内部错误,试图 erealloc(0)"
+
+#: common/alloc.c:161 common/alloc.c:185
+msgid "internal error, tried to erealloc3(0)"
+msgstr "内部错误,试图 erealloc3(0)"
+
+#: common/alloc.c:163 common/alloc.c:187
+msgid "internal error, erealloc3() overflow"
+msgstr "内部错误,erealloc3() 错误"
+
+#: common/sudo_conf.c:306
+#, c-format
+msgid "unable to stat %s"
+msgstr "无法 stat %s"
+
+#: common/sudo_conf.c:309
+#, c-format
+msgid "%s is not a regular file"
+msgstr "%s 不是常规文件"
+
+#: common/sudo_conf.c:312
+#, c-format
+msgid "%s is owned by uid %u, should be %u"
+msgstr "%s 属于用户 ID %u,应为 %u"
+
+#: common/sudo_conf.c:316
+#, c-format
+msgid "%s is world writable"
+msgstr "%s 可被任何人写"
+
+#: common/sudo_conf.c:319
+#, c-format
+msgid "%s is group writable"
+msgstr "%s 可被用户组写"
+
+#: common/sudo_conf.c:328 src/selinux.c:196 src/selinux.c:209 src/sudo.c:331
+#, c-format
+msgid "unable to open %s"
+msgstr "打不开 %s"
+
+#: compat/strsignal.c:47
+msgid "Unknown signal"
+msgstr "未知信号"
+
#: src/error.c:82 src/error.c:86
msgid ": "
msgstr ":"
-#: src/exec.c:125 src/exec_pty.c:573 src/exec_pty.c:880 src/tgetpass.c:224
+#: src/exec.c:107 src/exec_pty.c:628
+#, c-format
+msgid "policy plugin failed session initialization"
+msgstr "策略插件会话初始化失败"
+
+#: src/exec.c:112 src/exec_pty.c:633 src/exec_pty.c:967 src/tgetpass.c:221
#, c-format
msgid "unable to fork"
msgstr "无法执行 fork"
-#: src/exec.c:246
+#: src/exec.c:259
#, c-format
msgid "unable to create sockets"
msgstr "无法创建套接字"
-#: src/exec.c:253 src/exec_pty.c:526 src/exec_pty.c:534 src/exec_pty.c:541
-#: src/exec_pty.c:826 src/exec_pty.c:877 src/tgetpass.c:221
+#: src/exec.c:266 src/exec_pty.c:572 src/exec_pty.c:581 src/exec_pty.c:589
+#: src/exec_pty.c:902 src/exec_pty.c:964 src/tgetpass.c:218
#, c-format
msgid "unable to create pipe"
msgstr "无法创建管道"
-#: src/exec.c:319 src/exec_pty.c:944 src/exec_pty.c:1077
+#: src/exec.c:351 src/exec_pty.c:1029 src/exec_pty.c:1167
#, c-format
msgid "select failed"
msgstr "select 失败"
-#: src/exec.c:387
+#: src/exec.c:441
#, c-format
msgid "unable to restore tty label"
msgstr "无法恢复终端标签"
-#: src/exec_pty.c:136
+#: src/exec_common.c:69
+#, c-format
+msgid "unable to remove PRIV_PROC_EXEC from PRIV_LIMIT"
+msgstr "无法从 PRIV_LIMIT 中移除 PRIV_PROC_EXEC"
+
+#: src/exec_pty.c:144
#, c-format
msgid "unable to allocate pty"
msgstr "无法分配伪终端"
-#: src/exec_pty.c:566
+#: src/exec_pty.c:619
#, c-format
msgid "unable to set terminal to raw mode"
msgstr "无法将终端设为原始模式"
-#: src/exec_pty.c:858
+#: src/exec_pty.c:945
#, c-format
msgid "unable to set controlling tty"
msgstr "无法设置控制终端"
-#: src/exec_pty.c:952
+#: src/exec_pty.c:1038
#, c-format
msgid "error reading from signal pipe"
msgstr "从单管道读取出错"
-#: src/exec_pty.c:971
+#: src/exec_pty.c:1059
#, c-format
msgid "error reading from pipe"
msgstr "从管道读取出错"
-#: src/exec_pty.c:987
+#: src/exec_pty.c:1075
#, c-format
msgid "error reading from socketpair"
msgstr "从套接字对读取出错"
-#: src/exec_pty.c:991
+#: src/exec_pty.c:1079
#, c-format
msgid "unexpected reply type on backchannel: %d"
msgstr "联络通道的回应类型异常:%d"
-#: src/load_plugins.c:158
+#: src/load_plugins.c:79
#, c-format
msgid "%s: %s"
msgstr "%s:%s"
-#: src/load_plugins.c:164
+#: src/load_plugins.c:85
#, c-format
msgid "%s%s: %s"
msgstr "%s%s:%s"
-#: src/load_plugins.c:174
+#: src/load_plugins.c:95
#, c-format
msgid "%s must be owned by uid %d"
msgstr "%s 必须属于用户 ID %d(的用户)"
-#: src/load_plugins.c:178
+#: src/load_plugins.c:99
#, c-format
msgid "%s must be only be writable by owner"
msgstr "%s 必须只对其所有者可写"
-#: src/load_plugins.c:185
+#: src/load_plugins.c:106
#, c-format
msgid "unable to dlopen %s: %s"
msgstr "无法 dlopen %s:%s"
-#: src/load_plugins.c:190
+#: src/load_plugins.c:111
#, c-format
msgid "%s: unable to find symbol %s"
msgstr "%s:找不到符号 %s"
-#: src/load_plugins.c:196
+#: src/load_plugins.c:117
#, c-format
msgid "%s: unknown policy type %d"
msgstr "%s:未知的策略类型 %d"
-#: src/load_plugins.c:200
+#: src/load_plugins.c:121
#, c-format
msgid "%s: incompatible policy major version %d, expected %d"
msgstr "%s:不兼容的策略主版本号 %d,应为 %d"
-#: src/load_plugins.c:207
+#: src/load_plugins.c:128
#, c-format
msgid "%s: only a single policy plugin may be loaded"
msgstr "%s:只能加载一个策略插件"
-#: src/load_plugins.c:225
+#: src/load_plugins.c:148
#, c-format
msgid "%s: at least one policy plugin must be specified"
msgstr "%s:至少要指定一个策略插件"
-#: src/load_plugins.c:230
+#: src/load_plugins.c:153
#, c-format
msgid "policy plugin %s does not include a check_policy method"
msgstr "策略插件 %s 不包含 check_policy 方法"
-#: src/net_ifs.c:155 src/net_ifs.c:164 src/net_ifs.c:176 src/net_ifs.c:185
-#: src/net_ifs.c:295 src/net_ifs.c:319
+#: src/net_ifs.c:157 src/net_ifs.c:166 src/net_ifs.c:178 src/net_ifs.c:187
+#: src/net_ifs.c:298 src/net_ifs.c:322
#, c-format
msgid "load_interfaces: overflow detected"
msgstr "load_interfaces:检测到溢出"
-#: src/net_ifs.c:224
+#: src/net_ifs.c:227
#, c-format
msgid "unable to open socket"
msgstr "无法打开套接字"
-#: src/parse_args.c:180
+#: src/parse_args.c:187
#, c-format
msgid "the argument to -C must be a number greater than or equal to 3"
msgstr "-C 选项的参数必须是一个大于等于 3 的数字"
-#: src/parse_args.c:192
-#, c-format
-msgid "the argument to -D must be between 1 and 9 inclusive"
-msgstr "-D 选项的参数必须介于 1 到 9(含 1 和 9)"
-
-#: src/parse_args.c:273
+#: src/parse_args.c:276
#, c-format
msgid "unknown user: %s"
msgstr "未知用户:%s"
-#: src/parse_args.c:332
+#: src/parse_args.c:335
#, c-format
msgid "you may not specify both the `-i' and `-s' options"
msgstr "您不能同时指定“-i”和“-s”选项"
-#: src/parse_args.c:336
+#: src/parse_args.c:339
#, c-format
msgid "you may not specify both the `-i' and `-E' options"
msgstr "您不能同时指定“-i”和“-E”选项"
-#: src/parse_args.c:346
+#: src/parse_args.c:349
#, c-format
msgid "the `-E' option is not valid in edit mode"
msgstr "“-E”选项在编辑模式中无效"
-#: src/parse_args.c:348
+#: src/parse_args.c:351
#, c-format
msgid "you may not specify environment variables in edit mode"
msgstr "在编辑模式中您不能指定环境变量"
-#: src/parse_args.c:356
+#: src/parse_args.c:359
#, c-format
msgid "the `-U' option may only be used with the `-l' option"
msgstr "“-U”选项只能与“-l”选项一起使用"
-#: src/parse_args.c:360
+#: src/parse_args.c:363
#, c-format
msgid "the `-A' and `-S' options may not be used together"
msgstr "“-A”和“-S”选项不可同时使用"
-#: src/parse_args.c:418 src/sudo.c:442 src/sudo.c:462 src/sudo.c:470
-#: src/sudo.c:480 common/alloc.c:85 common/alloc.c:105 common/alloc.c:123
-#: common/alloc.c:145 common/alloc.c:203 common/alloc.c:217
-#, c-format
-msgid "unable to allocate memory"
-msgstr "无法分配内存"
-
-#: src/parse_args.c:431
+#: src/parse_args.c:445
#, c-format
msgid "sudoedit is not supported on this platform"
msgstr "此平台不支持 sudoedit"
-#: src/parse_args.c:502
+#: src/parse_args.c:518
#, c-format
msgid "Only one of the -e, -h, -i, -K, -l, -s, -v or -V options may be specified"
msgstr "只能指定 -e、-h、-i、-K、-l、-s、-v 或 -V 选项中的一个"
-#: src/parse_args.c:515
+#: src/parse_args.c:532
#, c-format
msgid ""
"%s - edit files as another user\n"
"%s - 以其他用户身份编辑文件\n"
"\n"
-#: src/parse_args.c:517
+#: src/parse_args.c:534
#, c-format
msgid ""
"%s - execute a command as another user\n"
"%s - 以其他用户身份执行一条命令\n"
"\n"
-#: src/parse_args.c:522
+#: src/parse_args.c:539
#, c-format
msgid ""
"\n"
"\n"
"选项:\n"
-#: src/parse_args.c:525
+#: src/parse_args.c:542
msgid "use helper program for password prompting\n"
msgstr "使用助手程序进行密码提示\n"
-#: src/parse_args.c:528
+#: src/parse_args.c:545
msgid "use specified BSD authentication type\n"
msgstr "使用指定的 BSD 认证类型\n"
-#: src/parse_args.c:530
+#: src/parse_args.c:547
msgid "run command in the background\n"
msgstr "在后台运行命令\n"
-#: src/parse_args.c:532
+#: src/parse_args.c:549
msgid "close all file descriptors >= fd\n"
msgstr "关闭所有 >= fd 的文件描述符\n"
-#: src/parse_args.c:535
+#: src/parse_args.c:552
msgid "run command with specified login class\n"
msgstr "以指定的登录类别运行命令\n"
-#: src/parse_args.c:538
+#: src/parse_args.c:555
msgid "preserve user environment when executing command\n"
msgstr "在执行命令时保留用户环境\n"
-#: src/parse_args.c:540
+#: src/parse_args.c:557
msgid "edit files instead of running a command\n"
msgstr "编辑文件而非执行命令\n"
-#: src/parse_args.c:542
+#: src/parse_args.c:559
msgid "execute command as the specified group\n"
msgstr "以指定的用户组执行命令\n"
-#: src/parse_args.c:544
+#: src/parse_args.c:561
msgid "set HOME variable to target user's home dir.\n"
msgstr "将 HOME 变量设为目标用户的主目录。\n"
-#: src/parse_args.c:546
+#: src/parse_args.c:563
msgid "display help message and exit\n"
msgstr "显示帮助消息并退出\n"
-#: src/parse_args.c:548
+#: src/parse_args.c:565
msgid "run a login shell as target user\n"
msgstr "以目标用户身份运行一个登录 shell\n"
-#: src/parse_args.c:550
+#: src/parse_args.c:567
msgid "remove timestamp file completely\n"
msgstr "完全移除时间戳文件\n"
-#: src/parse_args.c:552
+#: src/parse_args.c:569
msgid "invalidate timestamp file\n"
msgstr "无效的时间戳文件\n"
-#: src/parse_args.c:554
+#: src/parse_args.c:571
msgid "list user's available commands\n"
msgstr "列出用户能执行的命令\n"
-#: src/parse_args.c:556
+#: src/parse_args.c:573
msgid "non-interactive mode, will not prompt user\n"
msgstr "非交互模式,将不提示用户\n"
-#: src/parse_args.c:558
+#: src/parse_args.c:575
msgid "preserve group vector instead of setting to target's\n"
msgstr "保留组向量,而非设置为目标的组向量\n"
-#: src/parse_args.c:560
+#: src/parse_args.c:577
msgid "use specified password prompt\n"
msgstr "使用指定的密码提示\n"
-#: src/parse_args.c:563 src/parse_args.c:571
+#: src/parse_args.c:580 src/parse_args.c:588
msgid "create SELinux security context with specified role\n"
msgstr "以指定的角色创建 SELinux 安全环境\n"
-#: src/parse_args.c:566
+#: src/parse_args.c:583
msgid "read password from standard input\n"
msgstr "从标准输入读取密码\n"
-#: src/parse_args.c:568
+#: src/parse_args.c:585
msgid "run a shell as target user\n"
msgstr "以目标用户身份运行 shell\n"
-#: src/parse_args.c:574
+#: src/parse_args.c:591
msgid "when listing, list specified user's privileges\n"
msgstr "在列表时,列出指定用户的权限\n"
-#: src/parse_args.c:576
+#: src/parse_args.c:593
msgid "run command (or edit file) as specified user\n"
msgstr "以指定用户身份运行命令(或编辑文件)\n"
-#: src/parse_args.c:578
+#: src/parse_args.c:595
msgid "display version information and exit\n"
msgstr "显示版本信息并退出\n"
-#: src/parse_args.c:580
+#: src/parse_args.c:597
msgid "update user's timestamp without running a command\n"
msgstr "更新用户的时间戳而不执行命令\n"
-#: src/parse_args.c:582
+#: src/parse_args.c:599
msgid "stop processing command line arguments\n"
msgstr "停止处理命令行参数\n"
-#: src/selinux.c:75
+#: src/selinux.c:77
#, c-format
msgid "unable to open audit system"
msgstr "无法打开审查系统"
msgid "unable to send audit message"
msgstr "无法发送审查消息"
-#: src/selinux.c:112
+#: src/selinux.c:113
#, c-format
msgid "unable to fgetfilecon %s"
msgstr "无法 fgetfilecon %s"
-#: src/selinux.c:117
+#: src/selinux.c:118
#, c-format
msgid "%s changed labels"
msgstr "%s 修改了标签"
-#: src/selinux.c:122
+#: src/selinux.c:123
#, c-format
msgid "unable to restore context for %s"
msgstr "无法恢复 %s 的环境"
-#: src/selinux.c:161
+#: src/selinux.c:163
#, c-format
msgid "unable to open %s, not relabeling tty"
msgstr "无法打开 %s,将不重新标记终端"
-#: src/selinux.c:170
+#: src/selinux.c:172
#, c-format
msgid "unable to get current tty context, not relabeling tty"
msgstr "无法获取当前终端的环境,将不重新标记终端"
-#: src/selinux.c:177
+#: src/selinux.c:179
#, c-format
msgid "unable to get new tty context, not relabeling tty"
msgstr "无法获取新终端的环境,将不重新标记终端"
-#: src/selinux.c:184
+#: src/selinux.c:186
#, c-format
msgid "unable to set new tty context"
msgstr "无法设置新终端的环境"
-#: src/selinux.c:194 src/selinux.c:207 src/sudo.c:330
-#, c-format
-msgid "unable to open %s"
-msgstr "打不开 %s"
-
-#: src/selinux.c:249
+#: src/selinux.c:252
#, c-format
msgid "you must specify a role for type %s"
msgstr "您必须为 %s 类型指定一个角色"
-#: src/selinux.c:255
+#: src/selinux.c:258
#, c-format
msgid "unable to get default type for role %s"
msgstr "无法获取 %s 角色的默认类型"
-#: src/selinux.c:273
+#: src/selinux.c:276
#, c-format
msgid "failed to set new role %s"
msgstr "设置新角色 %s 失败"
-#: src/selinux.c:277
+#: src/selinux.c:280
#, c-format
msgid "failed to set new type %s"
msgstr "设置新类型 %s 失败"
-#: src/selinux.c:286
+#: src/selinux.c:289
#, c-format
msgid "%s is not a valid context"
msgstr "%s 不是有效的环境"
-#: src/selinux.c:320
+#: src/selinux.c:324
#, c-format
msgid "failed to get old_context"
msgstr "无法获取 old_context"
-#: src/selinux.c:326
+#: src/selinux.c:330
#, c-format
msgid "unable to determine enforcing mode."
msgstr "无法确定强制模式。"
-#: src/selinux.c:338
+#: src/selinux.c:342
#, c-format
msgid "unable to setup tty context for %s"
msgstr "无法设置 %s 的终端环境"
-#: src/selinux.c:367
+#: src/selinux.c:373
#, c-format
msgid "unable to set exec context to %s"
msgstr "无法向 %s 设置 exec 环境"
-#: src/selinux.c:374
+#: src/selinux.c:380
#, c-format
msgid "unable to set key creation context to %s"
msgstr "无法向 %s 设置键创建环境"
-#: src/sesh.c:48
+#: src/sesh.c:70
+#, c-format
msgid "requires at least one argument"
msgstr "要求至少有一个参数"
-#: src/sesh.c:64
+#: src/sesh.c:91
#, c-format
msgid "unable to execute %s"
msgstr "无法执行 %s"
-#: src/sudo.c:192
-#, c-format
-msgid "must be setuid root"
-msgstr "必须为 setuid root"
-
-#: src/sudo.c:210
+#: src/sudo.c:211
#, c-format
msgid "Sudo version %s\n"
msgstr "Sudo 版本 %s\n"
-#: src/sudo.c:212
+#: src/sudo.c:213
#, c-format
msgid "Configure options: %s\n"
msgstr "当前选项:%s\n"
-#: src/sudo.c:217
+#: src/sudo.c:218
#, c-format
msgid "fatal error, unable to load plugins"
msgstr "致命错误,无法加载插件"
-#: src/sudo.c:225
+#: src/sudo.c:226
#, c-format
msgid "unable to initialize policy plugin"
msgstr "无法初始化策略插件"
-#: src/sudo.c:280
+#: src/sudo.c:281
#, c-format
msgid "error initializing I/O plugin %s"
msgstr "初始化 I/O 插件 %s 出错"
-#: src/sudo.c:307
+#: src/sudo.c:306
#, c-format
msgid "unexpected sudo mode 0x%x"
msgstr "异常的 sudo 模式 0x%x"
-#: src/sudo.c:396
+#: src/sudo.c:400
#, c-format
msgid "unable to get group vector"
msgstr "无法获取组向量"
-#: src/sudo.c:438
+#: src/sudo.c:452
#, c-format
msgid "unknown uid %u: who are you?"
msgstr "未知的用户 ID %u:您是?"
-#: src/sudo.c:780
+#: src/sudo.c:760
+#, c-format
+msgid "%s must be owned by uid %d and have the setuid bit set"
+msgstr "%s 必须属于用户 ID %d(的用户)并且设置 setuid 位"
+
+#: src/sudo.c:763
+#, c-format
+msgid "effective uid is not %d, is %s on a file system with the 'nosuid' option set or an NFS file system without root privileges?"
+msgstr "有效用户 ID 不是 %d,%s 位于一个设置了“nosuid”选项的文件系统或没有 root 权限的 NFS 文件系统中吗?"
+
+#: src/sudo.c:769
+#, c-format
+msgid "effective uid is not %d, is sudo installed setuid root?"
+msgstr "有效用户 ID 不是 %d,sudo 属于 root 并设置了 setuid 位吗?"
+
+#: src/sudo.c:838
#, c-format
msgid "resource control limit has been reached"
msgstr "达到了资源控制限制"
-#: src/sudo.c:783
+#: src/sudo.c:841
#, c-format
msgid "user \"%s\" is not a member of project \"%s\""
msgstr "用户“%s”不是项目“%s”的成员"
-#: src/sudo.c:787
-#, fuzzy, c-format
+#: src/sudo.c:845
+#, c-format
msgid "the invoking task is final"
-msgstr "调用任务是最终的"
+msgstr "调用的任务是最终的(final)"
-#: src/sudo.c:790
+#: src/sudo.c:848
#, c-format
msgid "could not join project \"%s\""
msgstr "无法加入项目“%s”"
-#: src/sudo.c:795
+#: src/sudo.c:853
#, c-format
msgid "no resource pool accepting default bindings exists for project \"%s\""
msgstr "不存在对应于项目“%s”的、接受默认绑定的资源池"
-#: src/sudo.c:799
+#: src/sudo.c:857
#, c-format
msgid "specified resource pool does not exist for project \"%s\""
msgstr "指定的对应于项目“%s”的资源池不存在"
-#: src/sudo.c:803
+#: src/sudo.c:861
#, c-format
msgid "could not bind to default resource pool for project \"%s\""
msgstr "无法为项目“%s”绑定到默认的资源池"
-#: src/sudo.c:809
+#: src/sudo.c:867
#, c-format
msgid "setproject failed for project \"%s\""
msgstr "对项目“%s”执行 setproject 失败"
-#: src/sudo.c:811
+#: src/sudo.c:869
#, c-format
msgid "warning, resource control assignment failed for project \"%s\""
msgstr "警告,对项目“%s”的资源控制分配失败"
-#: src/sudo.c:839
-#, c-format
-msgid "unable to remove PRIV_PROC_EXEC from PRIV_LIMIT"
-msgstr "无法从 PRIV_LIMIT 中移除 PRIV_PROC_EXEC"
-
-#: src/sudo.c:945
+#: src/sudo.c:917
#, c-format
msgid "unknown login class %s"
msgstr "未知的登录类别 %s"
-#: src/sudo.c:952 src/sudo.c:955
+#: src/sudo.c:931 src/sudo.c:934
#, c-format
msgid "unable to set user context"
msgstr "无法设置用户环境"
-#: src/sudo.c:966
+#: src/sudo.c:946
+#, c-format
+msgid "unable to set supplementary group IDs"
+msgstr "无法设置补充组 ID"
+
+#: src/sudo.c:953
#, c-format
msgid "unable to set effective gid to runas gid %u"
msgstr "无法设置有效组 ID 来以组 ID %u 运行"
-#: src/sudo.c:971
+#: src/sudo.c:959
#, c-format
msgid "unable to set gid to runas gid %u"
msgstr "无法设置组 ID 来以组 ID %u 运行"
-#: src/sudo.c:978
-#, c-format
-msgid "unable to set supplementary group IDs"
-msgstr "无法设置补充组 ID"
-
-#: src/sudo.c:986
+#: src/sudo.c:966
#, c-format
msgid "unable to set process priority"
msgstr "无法设置进程优先级"
-#: src/sudo.c:994
+#: src/sudo.c:974
#, c-format
msgid "unable to change root to %s"
msgstr "无法从 root 切换到 %s"
-#: src/sudo.c:1004 src/sudo.c:1010 src/sudo.c:1016
+#: src/sudo.c:981 src/sudo.c:987 src/sudo.c:993
#, c-format
msgid "unable to change to runas uid (%u, %u)"
msgstr "无法切换到以用户 ID(%u,%u)运行"
-#: src/sudo.c:1030
+#: src/sudo.c:1007
#, c-format
msgid "unable to change directory to %s"
msgstr "无法将目录切换到 %s"
-#: src/sudo.c:1121
+#: src/sudo.c:1079
#, c-format
msgid "unexpected child termination condition: %d"
msgstr "异常的子进程终止条件:%d"
-#: src/sudo.c:1161
+#: src/sudo.c:1140
#, c-format
msgid "policy plugin %s does not support listing privileges"
msgstr "策略插件 %s 不支持列出权限"
-#: src/sudo.c:1172
+#: src/sudo.c:1152
#, c-format
msgid "policy plugin %s does not support the -v option"
msgstr "策略插件 %s不支持 -v 选项"
-#: src/sudo.c:1183
+#: src/sudo.c:1164
#, c-format
msgid "policy plugin %s does not support the -k/-K options"
msgstr "策略插件 %s 不支持 -k/-K 选项"
-#: src/sudo_edit.c:108
+#: src/sudo_edit.c:111
#, c-format
msgid "unable to change uid to root (%u)"
msgstr "无法将用户 ID 切换到 root(%u)"
-#: src/sudo_edit.c:140
+#: src/sudo_edit.c:143
#, c-format
msgid "plugin error: missing file list for sudoedit"
msgstr "插件错误:缺少 sudoedit 的文件列表"
-#: src/sudo_edit.c:172 src/sudo_edit.c:280
+#: src/sudo_edit.c:171 src/sudo_edit.c:271
#, c-format
msgid "%s: not a regular file"
msgstr "%s:不是常规文件"
-#: src/sudo_edit.c:206 src/sudo_edit.c:316
-#, fuzzy, c-format
+#: src/sudo_edit.c:205 src/sudo_edit.c:307
+#, c-format
msgid "%s: short write"
-msgstr "%s:短写入"
+msgstr "%s:截短写入"
-#: src/sudo_edit.c:281
+#: src/sudo_edit.c:272
#, c-format
msgid "%s left unmodified"
msgstr "%s 并未修改"
-#: src/sudo_edit.c:294
+#: src/sudo_edit.c:285
#, c-format
msgid "%s unchanged"
msgstr "%s 已更改"
-#: src/sudo_edit.c:306 src/sudo_edit.c:327
+#: src/sudo_edit.c:297 src/sudo_edit.c:318
#, c-format
msgid "unable to write to %s"
msgstr "无法写入 %s"
-#: src/sudo_edit.c:307 src/sudo_edit.c:325 src/sudo_edit.c:328
+#: src/sudo_edit.c:298 src/sudo_edit.c:316 src/sudo_edit.c:319
#, c-format
msgid "contents of edit session left in %s"
msgstr "编辑会话的内容留在了 %s 中"
-#: src/sudo_edit.c:324
+#: src/sudo_edit.c:315
#, c-format
msgid "unable to read temporary file"
msgstr "无法读取临时文件"
-#: src/tgetpass.c:95
+#: src/tgetpass.c:90
#, c-format
msgid "no tty present and no askpass program specified"
msgstr "没有终端存在,且未指定 askpass 程序"
-#: src/tgetpass.c:104
+#: src/tgetpass.c:99
#, c-format
msgid "no askpass program specified, try setting SUDO_ASKPASS"
msgstr "没有指定 askpass 程序,尝试设置 SUDO_ASKPASS"
-#: src/tgetpass.c:234
+#: src/tgetpass.c:231
#, c-format
msgid "unable to set gid to %u"
msgstr "无法将组 ID 设为 %u"
-#: src/tgetpass.c:238
+#: src/tgetpass.c:235
#, c-format
msgid "unable to set uid to %u"
msgstr "无法将用户 ID 设为 %u"
-#: src/tgetpass.c:243
+#: src/tgetpass.c:240
#, c-format
msgid "unable to run %s"
msgstr "无法执行 %s"
-#: src/utmp.c:263
+#: src/utmp.c:278
#, c-format
msgid "unable to save stdin"
msgstr "无法保存 stdin"
-#: src/utmp.c:265
+#: src/utmp.c:280
#, c-format
msgid "unable to dup2 stdin"
msgstr "无法 dup2 stdin"
-#: src/utmp.c:268
+#: src/utmp.c:283
#, c-format
msgid "unable to restore stdin"
msgstr "无法恢复 stdin"
-#: common/aix.c:144
-#, c-format
-msgid "unable to open userdb"
-msgstr "无法打开 userdb"
-
-#: common/aix.c:147
-#, c-format
-msgid "unable to switch to registry \"%s\" for %s"
-msgstr "无法为 %2$s 切换到注册表“%1$s”"
-
-#: common/aix.c:161
-#, c-format
-msgid "unable to restore registry"
-msgstr "无法恢复注册表"
-
-#: common/alloc.c:82
-#, c-format
-msgid "internal error, tried to emalloc(0)"
-msgstr "内部错误,试图 emalloc(0)"
-
-#: common/alloc.c:99
-#, c-format
-msgid "internal error, tried to emalloc2(0)"
-msgstr "内部错误,试图 emalloc2(0)"
-
-#: common/alloc.c:101
-#, c-format
-msgid "internal error, emalloc2() overflow"
-msgstr "内部错误,emalloc2() 溢出"
-
-#: common/alloc.c:119
-#, c-format
-msgid "internal error, tried to erealloc(0)"
-msgstr "内部错误,试图 erealloc(0)"
-
-#: common/alloc.c:138
-#, c-format
-msgid "internal error, tried to erealloc3(0)"
-msgstr "内部错误,试图 erealloc3(0)"
-
-#: common/alloc.c:140
-#, c-format
-msgid "internal error, erealloc3() overflow"
-msgstr "内部错误,erealloc3() 错误"
+#~ msgid "must be setuid root"
+#~ msgstr "必须为 setuid root"
-#: compat/strsignal.c:47
-msgid "Unknown signal"
-msgstr "未知信号"
+#~ msgid "the argument to -D must be between 1 and 9 inclusive"
+#~ msgstr "-D 选项的参数必须介于 1 到 9(含 1 和 9)"
#endif
#include "sudo.h"
+#include "sudo_exec.h"
static struct selinux_state {
security_context_t old_context;
#endif
#ifdef HAVE_LOGIN_CAP_H
# include <login_cap.h>
+# ifndef LOGIN_SETENV
+# define LOGIN_SETENV 0
+# endif
#endif
#ifdef HAVE_PROJECT_H
# include <project.h>
*/
static void fix_fds(void);
static void disable_coredumps(void);
+static void sudo_check_suid(const char *path);
static char **get_user_info(struct user_details *);
static void command_info_to_details(char * const info[],
struct command_details *details);
char * const argv[], int verbose, const char *list_user);
static int policy_validate(struct plugin_container *plugin);
static void policy_invalidate(struct plugin_container *plugin, int remove);
-static int policy_init_session(struct plugin_container *plugin,
- struct passwd *pwd);
/* I/O log plugin convenience functions. */
static int iolog_open(struct plugin_container *plugin, char * const settings[],
static void iolog_close(struct plugin_container *plugin, int exit_status,
int error);
static int iolog_show_version(struct plugin_container *plugin, int verbose);
+static void iolog_unlink(struct plugin_container *plugin);
#ifdef RLIMIT_CORE
static struct rlimit corelimit;
static struct rlimit nproclimit;
#endif
-#ifdef HAVE_LOGIN_CAP_H
-extern char **environ;
-#endif
-
int
main(int argc, char *argv[], char *envp[])
{
# endif
#endif /* HAVE_GETPRPWNAM && HAVE_SET_AUTH_PARAMETERS */
- if (geteuid() != 0)
- errorx(1, _("must be setuid root"));
+ /* Make sure we are setuid root. */
+ sudo_check_suid(argv[0]);
/* Reset signal mask and make sure fds 0-2 are open. */
(void) sigemptyset(&mask);
case 1:
break;
case 0:
- /* I/O plugin asked to be disabled, remove from list. */
- tq_remove(&io_plugins, plugin);
+ /* I/O plugin asked to be disabled, remove and free. */
+ iolog_unlink(plugin);
break;
case -2:
usage(1);
plugin->name);
}
}
+ /* Setup command details and run command/edit. */
command_info_to_details(command_info, &command_details);
command_details.argv = argv_out;
command_details.envp = user_env_out;
{
char *cp, **user_info, cwd[PATH_MAX], host[MAXHOSTNAMELEN];
struct passwd *pw;
- int i = 0;
+ int fd, i = 0;
debug_decl(get_user_info, SUDO_DEBUG_UTIL)
/* XXX - bound check number of entries */
user_info = emalloc2(32, sizeof(char *));
+ ud->pid = getpid();
+ ud->ppid = getppid();
+ ud->pgid = getpgid(0);
+ ud->tcpgid = (pid_t)-1;
+ fd = open(_PATH_TTY, O_RDWR|O_NOCTTY|O_NONBLOCK, 0);
+ if (fd != -1) {
+ ud->tcpgid = tcgetpgrp(fd);
+ close(fd);
+ }
+ ud->sid = getsid(0);
+
ud->uid = getuid();
ud->euid = geteuid();
ud->gid = getgid();
}
ud->shell = estrdup(ud->shell);
+ easprintf(&user_info[++i], "pid=%d", (int)ud->pid);
+ easprintf(&user_info[++i], "ppid=%d", (int)ud->ppid);
+ easprintf(&user_info[++i], "pgid=%d", (int)ud->pgid);
+ easprintf(&user_info[++i], "tcpgid=%d", (int)ud->tcpgid);
+ easprintf(&user_info[++i], "sid=%d", (int)ud->sid);
+
easprintf(&user_info[++i], "uid=%u", (unsigned int)ud->uid);
easprintf(&user_info[++i], "euid=%u", (unsigned int)ud->euid);
easprintf(&user_info[++i], "gid=%u", (unsigned int)ud->gid);
if (!ISSET(details->flags, CD_SET_EUID))
details->euid = details->uid;
+#ifdef HAVE_SETAUTHDB
+ aix_setauthdb(IDtouser(details->euid));
+#endif
+ details->pw = getpwuid(details->euid);
+ if (details->pw != NULL && (details->pw = pw_dup(details->pw)) == NULL)
+ errorx(1, _("unable to allocate memory"));
+#ifdef HAVE_SETAUTHDB
+ aix_restoreauthdb();
+#endif
+
#ifdef HAVE_SELINUX
if (details->selinux_role != NULL && is_selinux_enabled() > 0)
SET(details->flags, CD_RBAC_ENABLED);
debug_return;
}
+static void
+sudo_check_suid(const char *path)
+{
+ struct stat sb;
+ debug_decl(sudo_check_suid, SUDO_DEBUG_PCOMM)
+
+ if (geteuid() != 0) {
+ if (strchr(path, '/') != NULL && stat(path, &sb) == 0) {
+ /* Try to determine why sudo was not running as root. */
+ if (sb.st_uid != ROOT_UID || !ISSET(sb.st_mode, S_ISUID)) {
+ errorx(1,
+ _("%s must be owned by uid %d and have the setuid bit set"),
+ path, ROOT_UID);
+ } else {
+ errorx(1, _("effective uid is not %d, is %s on a file system "
+ "with the 'nosuid' option set or an NFS file system without"
+ " root privileges?"), ROOT_UID, path);
+ }
+ } else {
+ errorx(1,
+ _("effective uid is not %d, is sudo installed setuid root?"),
+ ROOT_UID);
+ }
+ }
+ debug_return;
+}
+
/*
* Disable core dumps to avoid dropping a core with user password in it.
* We will reset this limit before executing the command.
exec_setup(struct command_details *details, const char *ptyname, int ptyfd)
{
bool rval = false;
- struct passwd *pw;
debug_decl(exec_setup, SUDO_DEBUG_EXEC)
-#ifdef HAVE_SETAUTHDB
- aix_setauthdb(IDtouser(details->euid));
-#endif
- if ((pw = getpwuid(details->euid)) != NULL && (pw = pw_dup(pw)) == NULL)
- errorx(1, _("unable to allocate memory"));
-#ifdef HAVE_SETAUTHDB
- aix_restoreauthdb();
-#endif
-
- /*
- * Call policy plugin's session init before other setup occurs.
- * The session init code is expected to print an error as needed.
- */
- if (policy_init_session(&policy_plugin, pw) != true)
- goto done;
-
#ifdef HAVE_SELINUX
if (ISSET(details->flags, CD_RBAC_ENABLED)) {
if (selinux_setup(details->selinux_role, details->selinux_type,
}
#endif
- if (pw != NULL) {
+ if (details->pw != NULL) {
#ifdef HAVE_PROJECT_H
- set_project(pw);
+ set_project(details->pw);
#endif
#ifdef HAVE_GETUSERATTR
- aix_prep_user(pw->pw_name, ptyname ? ptyname : user_details.tty);
+ aix_prep_user(details->pw->pw_name, ptyname ? ptyname : user_details.tty);
#endif
#ifdef HAVE_LOGIN_CAP_H
if (details->login_class) {
if (ISSET(sudo_mode, MODE_LOGIN_SHELL)) {
/* Set everything except user, group and login name. */
flags = LOGIN_SETALL;
- CLR(flags, LOGIN_SETGROUP|LOGIN_SETLOGIN|LOGIN_SETUSER);
+ CLR(flags, LOGIN_SETGROUP|LOGIN_SETLOGIN|LOGIN_SETUSER|LOGIN_SETENV|LOGIN_SETPATH);
CLR(details->flags, CD_SET_UMASK); /* LOGIN_UMASK instead */
- /* Swap in the plugin-supplied environment for LOGIN_SETENV */
- environ = details->envp;
} else {
flags = LOGIN_SETRESOURCES|LOGIN_SETPRIORITY;
}
- if (setusercontext(lc, pw, pw->pw_uid, flags)) {
- if (pw->pw_uid != ROOT_UID) {
+ if (setusercontext(lc, details->pw, details->pw->pw_uid, flags)) {
+ if (details->pw->pw_uid != ROOT_UID) {
warning(_("unable to set user context"));
goto done;
} else
warning(_("unable to set user context"));
}
- if (ISSET(sudo_mode, MODE_LOGIN_SHELL)) {
- /* Stash the updated environment pointer in command details */
- details->envp = environ;
- }
}
#endif /* HAVE_LOGIN_CAP_H */
}
rval = true;
done:
- efree(pw);
debug_return_bool(rval);
}
policy_open(struct plugin_container *plugin, char * const settings[],
char * const user_info[], char * const user_env[])
{
+ int rval;
debug_decl(policy_open, SUDO_DEBUG_PCOMM)
- debug_return_bool(plugin->u.policy->open(SUDO_API_VERSION,
- sudo_conversation, _sudo_printf, settings, user_info, user_env));
+
+ /*
+ * Backwards compatibility for older API versions
+ */
+ switch (plugin->u.generic->version) {
+ case SUDO_API_MKVERSION(1, 0):
+ case SUDO_API_MKVERSION(1, 1):
+ rval = plugin->u.policy_1_0->open(plugin->u.io_1_0->version,
+ sudo_conversation, _sudo_printf, settings, user_info, user_env);
+ break;
+ default:
+ rval = plugin->u.policy->open(SUDO_API_VERSION, sudo_conversation,
+ _sudo_printf, settings, user_info, user_env, plugin->options);
+ }
+
+ debug_return_bool(rval);
}
static void
debug_return;
}
-static int
-policy_init_session(struct plugin_container *plugin, struct passwd *pwd)
+int
+policy_init_session(struct command_details *details)
{
+ int rval = true;
debug_decl(policy_init_session, SUDO_DEBUG_PCOMM)
- if (plugin->u.policy->init_session)
- debug_return_bool(plugin->u.policy->init_session(pwd));
- debug_return_bool(true);
+
+ if (policy_plugin.u.policy->init_session) {
+ /*
+ * Backwards compatibility for older API versions
+ */
+ switch (policy_plugin.u.generic->version) {
+ case SUDO_API_MKVERSION(1, 0):
+ case SUDO_API_MKVERSION(1, 1):
+ rval = policy_plugin.u.policy_1_0->init_session(details->pw);
+ break;
+ default:
+ rval = policy_plugin.u.policy->init_session(details->pw,
+ &details->envp);
+ }
+ }
+ debug_return_bool(rval);
}
static int
debug_decl(iolog_open, SUDO_DEBUG_PCOMM)
/*
- * Backwards compatibility for API major 1, minor 0
+ * Backwards compatibility for older API versions
*/
switch (plugin->u.generic->version) {
case SUDO_API_MKVERSION(1, 0):
sudo_conversation, _sudo_printf, settings, user_info, argc, argv,
user_env);
break;
+ case SUDO_API_MKVERSION(1, 1):
+ rval = plugin->u.io_1_1->open(plugin->u.io_1_1->version,
+ sudo_conversation, _sudo_printf, settings, user_info,
+ command_info, argc, argv, user_env);
+ break;
default:
rval = plugin->u.io->open(SUDO_API_VERSION, sudo_conversation,
- _sudo_printf, settings, user_info, command_info, argc, argv,
- user_env);
+ _sudo_printf, settings, user_info, command_info,
+ argc, argv, user_env, plugin->options);
}
debug_return_bool(rval);
}
debug_decl(iolog_show_version, SUDO_DEBUG_PCOMM)
debug_return_bool(plugin->u.io->show_version(verbose));
}
+
+/*
+ * Remove the specified I/O logging plugin from the io_plugins list.
+ * Deregisters any hooks before unlinking, then frees the container.
+ */
+static void
+iolog_unlink(struct plugin_container *plugin)
+{
+ debug_decl(iolog_unlink, SUDO_DEBUG_PCOMM)
+
+ /* Deregister hooks, if any. */
+ if (plugin->u.io->version >= SUDO_API_MKVERSION(1, 2)) {
+ if (plugin->u.io->deregister_hooks != NULL)
+ plugin->u.io->deregister_hooks(SUDO_HOOK_VERSION,
+ deregister_hook);
+ }
+ /* Remove from io_plugins list and free. */
+ tq_remove(&io_plugins, plugin);
+ efree(plugin);
+
+ debug_return;
+}
#define TGP_NOECHO_TRY 0x10 /* turn off echo if possible */
struct user_details {
+ pid_t pid;
+ pid_t ppid;
+ pid_t pgid;
+ pid_t tcpgid;
+ pid_t sid;
uid_t uid;
uid_t euid;
uid_t gid;
int ngroups;
int closefrom;
int flags;
+ struct passwd *pw;
GETGROUPS_T *groups;
const char *command;
const char *cwd;
/* tgetpass.c */
char *tgetpass(const char *, int, int);
int tty_present(void);
-extern const char *askpass_path;
-extern const char *noexec_path;
/* zero_bytes.c */
void zero_bytes(volatile void *, size_t);
/* sudo.c */
bool exec_setup(struct command_details *details, const char *ptyname, int ptyfd);
+int policy_init_session(struct command_details *details);
int run_command(struct command_details *details);
extern const char *list_user, *runas_user, *runas_group;
extern struct user_details user_details;
void aix_restoreauthdb(void);
void aix_setauthdb(char *user);
+/* hooks.c */
+/* XXX - move to sudo_plugin_int.h? */
+struct sudo_hook;
+int register_hook(struct sudo_hook *hook);
+int deregister_hook(struct sudo_hook *hook);
+int process_hooks_getenv(const char *name, char **val);
+int process_hooks_setenv(const char *name, const char *value, int overwrite);
+int process_hooks_putenv(char *string);
+int process_hooks_unsetenv(const char *name);
+
/* interfaces.c */
int get_net_ifs(char **addrinfo);
#include <config.h>
-#if defined(HAVE_SETRESUID) || defined(HAVE_SETREUID) || defined(HAVE_SETEUID)
-
#include <sys/types.h>
#include <sys/param.h>
#include <sys/stat.h>
#include "sudo.h"
+#if defined(HAVE_SETRESUID) || defined(HAVE_SETREUID) || defined(HAVE_SETEUID)
+
static void
switch_user(uid_t euid, gid_t egid, int ngroups, GETGROUPS_T *groups)
{
#include <errno.h>
#include <stdarg.h>
+#ifdef HAVE_SPAWN_H
+#include <spawn.h>
+#endif
#include "missing.h"
fn(t1 a1, t2 a2, t3 a3) \
DUMMY_BODY
+#define DUMMY6(fn, t1, t2, t3, t4, t5, t6) \
+int \
+fn(t1 a1, t2 a2, t3 a3, t4 a4, t5 a5, t6 a6) \
+DUMMY_BODY
+
#define DUMMY_VA(fn, t1, t2) \
int \
fn(t1 a1, t2 a2, ...) \
DUMMY_VA(execlp, const char *, const char *)
DUMMY_VA(_execlp, const char *, const char *)
DUMMY_VA(__execlp, const char *, const char *)
+DUMMY3(exect, const char *, char * const *, char * const *)
+DUMMY3(_exect, const char *, char * const *, char * const *)
+DUMMY3(__exect, const char *, char * const *, char * const *)
DUMMY2(execv, const char *, char * const *)
DUMMY2(_execv, const char *, char * const *)
DUMMY2(__execv, const char *, char * const *)
DUMMY3(execve, const char *, char * const *, char * const *)
DUMMY3(_execve, const char *, char * const *, char * const *)
DUMMY3(__execve, const char *, char * const *, char * const *)
+DUMMY3(execvpe, const char *, char * const *, char * const *)
+DUMMY3(_execvpe, const char *, char * const *, char * const *)
+DUMMY3(__execvpe, const char *, char * const *, char * const *)
DUMMY3(fexecve, int , char * const *, char * const *)
DUMMY3(_fexecve, int , char * const *, char * const *)
DUMMY3(__fexecve, int , char * const *, char * const *)
+#ifdef HAVE_SPAWN_H
+DUMMY6(posix_spawn, pid_t *, const char *, const posix_spawn_file_actions_t *, const posix_spawnattr_t *, char * const *, char * const *)
+DUMMY6(_posix_spawn, pid_t *, const char *, const posix_spawn_file_actions_t *, const posix_spawnattr_t *, char * const *, char * const *)
+DUMMY6(__posix_spawn, pid_t *, const char *, const posix_spawn_file_actions_t *, const posix_spawnattr_t *, char * const *, char * const *)
+DUMMY6(posix_spawnp, pid_t *, const char *, const posix_spawn_file_actions_t *, const posix_spawnattr_t *, char * const *, char * const *)
+DUMMY6(_posix_spawnp, pid_t *, const char *, const posix_spawn_file_actions_t *, const posix_spawnattr_t *, char * const *, char * const *)
+DUMMY6(__posix_spawnp, pid_t *, const char *, const posix_spawn_file_actions_t *, const posix_spawnattr_t *, char * const *, char * const *)
+#endif /* HAVE_SPAWN_H */
/*
- * Copyright (c) 2010-2011 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 2010-2012 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
/*
* Backwards-compatible structures for API bumps.
*/
+struct policy_plugin_1_0 {
+ unsigned int type;
+ unsigned int version;
+ int (*open)(unsigned int version, sudo_conv_t conversation,
+ sudo_printf_t sudo_printf, char * const settings[],
+ char * const user_info[], char * const user_env[]);
+ void (*close)(int exit_status, int error); /* wait status or error */
+ int (*show_version)(int verbose);
+ int (*check_policy)(int argc, char * const argv[],
+ char *env_add[], char **command_info[],
+ char **argv_out[], char **user_env_out[]);
+ int (*list)(int argc, char * const argv[], int verbose,
+ const char *list_user);
+ int (*validate)(void);
+ void (*invalidate)(int remove);
+ int (*init_session)(struct passwd *pwd);
+};
struct io_plugin_1_0 {
unsigned int type;
unsigned int version;
int (*log_stdout)(const char *buf, unsigned int len);
int (*log_stderr)(const char *buf, unsigned int len);
};
+struct io_plugin_1_1 {
+ unsigned int type;
+ unsigned int version;
+ int (*open)(unsigned int version, sudo_conv_t conversation,
+ sudo_printf_t sudo_printf, char * const settings[],
+ char * const user_info[], char * const command_info[],
+ int argc, char * const argv[], char * const user_env[]);
+ void (*close)(int exit_status, int error); /* wait status or error */
+ int (*show_version)(int verbose);
+ int (*log_ttyin)(const char *buf, unsigned int len);
+ int (*log_ttyout)(const char *buf, unsigned int len);
+ int (*log_stdin)(const char *buf, unsigned int len);
+ int (*log_stdout)(const char *buf, unsigned int len);
+ int (*log_stderr)(const char *buf, unsigned int len);
+};
/*
* Sudo plugin internals.
struct plugin_container *prev; /* required */
struct plugin_container *next; /* required */
const char *name;
+ char * const *options;
void *handle;
union {
struct generic_plugin *generic;
struct policy_plugin *policy;
+ struct policy_plugin_1_0 *policy_1_0;
struct io_plugin *io;
struct io_plugin_1_0 *io_1_0;
+ struct io_plugin_1_1 *io_1_1;
} u;
};
TQ_DECLARE(plugin_container)
static char *getln(int, char *, size_t, int);
static char *sudo_askpass(const char *, const char *);
-#ifdef _PATH_SUDO_ASKPASS
-const char *askpass_path = _PATH_SUDO_ASKPASS;
-#else
-const char *askpass_path;
-#endif
-
/*
* Like getpass(3) but with timeout and echo flags.
*/
if (askpass == NULL) {
askpass = getenv("SUDO_ASKPASS");
if (askpass == NULL || *askpass == '\0')
- askpass = askpass_path;
+ askpass = sudo_conf_askpass_path();
}
/* If no tty present and we need to disable echo, try askpass. */
(void) close(pfd[0]);
(void) sigaction(SIGPIPE, &saved_sa_pipe, NULL);
+ if (pass == NULL)
+ errno = EINTR; /* make cancel button simulate ^C */
+
debug_return_str_masked(pass);
}
}
continue;
}
- if (write(fd, "*", 1) == -1)
- /* shut up glibc */;
+ ignore_result(write(fd, "*", 1));
}
*cp++ = c;
}
#include <config.h>
+/* Large files not supported by procfs.h */
+#if defined(HAVE_PROCFS_H) || defined(HAVE_SYS_PROCFS_H)
+# undef _FILE_OFFSET_BITS
+# undef _LARGE_FILES
+#endif
+
#include <sys/types.h>
#include <sys/param.h>
#include <sys/stat.h>
+#if defined(MAJOR_IN_MKDEV)
+# include <sys/mkdev.h>
+#elif defined(MAJOR_IN_SYSMACROS)
+# include <sys/sysmacros.h>
+#endif
#include <stdio.h>
#ifdef STDC_HEADERS
# include <stdlib.h>
#endif /* HAVE_UNISTD_H */
#include <errno.h>
#include <fcntl.h>
+#include <limits.h>
+#ifdef HAVE_DIRENT_H
+# include <dirent.h>
+# define NAMLEN(dirent) strlen((dirent)->d_name)
+#else
+# define dirent direct
+# define NAMLEN(dirent) (dirent)->d_namlen
+# ifdef HAVE_SYS_NDIR_H
+# include <sys/ndir.h>
+# endif
+# ifdef HAVE_SYS_DIR_H
+# include <sys/dir.h>
+# endif
+# ifdef HAVE_NDIR_H
+# include <ndir.h>
+# endif
+#endif
#if defined(HAVE_STRUCT_KINFO_PROC_P_TDEV) || defined (HAVE_STRUCT_KINFO_PROC_KP_EPROC_E_TDEV) || defined(HAVE_STRUCT_KINFO_PROC2_P_TDEV)
# include <sys/sysctl.h>
#elif defined(HAVE_STRUCT_KINFO_PROC_KI_TDEV)
# include <sys/sysctl.h>
# include <sys/user.h>
#endif
+#if defined(HAVE_PROCFS_H)
+# include <procfs.h>
+#elif defined(HAVE_SYS_PROCFS_H)
+# include <sys/procfs.h>
+#endif
#include "sudo.h"
# define sudo_kp_namelen 4
#endif
-#ifdef sudo_kp_tdev
+#if defined(sudo_kp_tdev)
+/*
+ * Like ttyname() but uses a dev_t instead of an open fd.
+ * Caller is responsible for freeing the returned string.
+ * The BSD version uses devname()
+ */
+static char *
+sudo_ttyname_dev(dev_t tdev)
+{
+ char *dev, *tty = NULL;
+ debug_decl(sudo_ttyname_dev, SUDO_DEBUG_UTIL)
+
+ /* Some versions of devname() return NULL on failure, others do not. */
+ dev = devname(tdev, S_IFCHR);
+ if (dev != NULL && *dev != '?' && *dev != '#') {
+ if (*dev != '/') {
+ /* devname() doesn't use the /dev/ prefix, add one... */
+ size_t len = sizeof(_PATH_DEV) + strlen(dev);
+ tty = emalloc(len);
+ strlcpy(tty, _PATH_DEV, len);
+ strlcat(tty, dev, len);
+ } else {
+ /* Should not happen but just in case... */
+ tty = estrdup(dev);
+ }
+ }
+ debug_return_str(tty);
+}
+#elif defined(HAVE__TTYNAME_DEV)
+extern char *_ttyname_dev(dev_t rdev, char *buffer, size_t buflen);
+
+/*
+ * Like ttyname() but uses a dev_t instead of an open fd.
+ * Caller is responsible for freeing the returned string.
+ * This version is just a wrapper around _ttyname_dev().
+ */
+static char *
+sudo_ttyname_dev(dev_t tdev)
+{
+ char buf[TTYNAME_MAX], *tty;
+ debug_decl(sudo_ttyname_dev, SUDO_DEBUG_UTIL)
+
+ tty = _ttyname_dev(tdev, buf, sizeof(buf));
+
+ debug_return_str(estrdup(tty));
+}
+#else
+/*
+ * Devices to search before doing a breadth-first scan.
+ */
+static char *search_devs[] = {
+ "/dev/console",
+ "/dev/wscons",
+ "/dev/pts/",
+ "/dev/vt/",
+ "/dev/term/",
+ "/dev/zcons/",
+ NULL
+};
+
+static char *ignore_devs[] = {
+ "/dev/fd/",
+ "/dev/stdin",
+ "/dev/stdout",
+ "/dev/stderr",
+ NULL
+};
+
+/*
+ * Do a breadth-first scan of dir looking for the specified device.
+ */
+static
+char *sudo_ttyname_scan(const char *dir, dev_t rdev, bool builtin)
+{
+ DIR *d;
+ char pathbuf[PATH_MAX], **subdirs = NULL, *devname = NULL;
+ size_t sdlen, d_len, len, num_subdirs = 0, max_subdirs = 0;
+ struct dirent *dp;
+ struct stat sb;
+ int i;
+ debug_decl(sudo_ttyname_scan, SUDO_DEBUG_UTIL)
+
+ if (dir[0] == '\0' || (d = opendir(dir)) == NULL)
+ goto done;
+
+ sdlen = strlen(dir);
+ if (dir[sdlen - 1] == '/')
+ sdlen--;
+ if (sdlen + 1 >= sizeof(pathbuf)) {
+ errno = ENAMETOOLONG;
+ warning("%.*s/", (int)sdlen, dir);
+ goto done;
+ }
+ memcpy(pathbuf, dir, sdlen);
+ pathbuf[sdlen++] = '/';
+ pathbuf[sdlen] = '\0';
+
+ while ((dp = readdir(d)) != NULL) {
+ /* Skip anything starting with "." */
+ if (dp->d_name[0] == '.')
+ continue;
+
+ d_len = NAMLEN(dp);
+ if (sdlen + d_len >= sizeof(pathbuf))
+ continue;
+ memcpy(&pathbuf[sdlen], dp->d_name, d_len + 1); /* copy NUL too */
+ d_len += sdlen;
+
+ for (i = 0; ignore_devs[i] != NULL; i++) {
+ len = strlen(ignore_devs[i]);
+ if (ignore_devs[i][len - 1] == '/')
+ len--;
+ if (d_len == len && strncmp(pathbuf, ignore_devs[i], len) == 0)
+ break;
+ }
+ if (ignore_devs[i] != NULL)
+ continue;
+ if (!builtin) {
+ /* Skip entries in search_devs; we already checked them. */
+ for (i = 0; search_devs[i] != NULL; i++) {
+ len = strlen(search_devs[i]);
+ if (search_devs[i][len - 1] == '/')
+ len--;
+ if (d_len == len && strncmp(pathbuf, search_devs[i], len) == 0)
+ break;
+ }
+ if (search_devs[i] != NULL)
+ continue;
+ }
+# if defined(HAVE_STRUCT_DIRENT_D_TYPE) && defined(DTTOIF)
+ /* Use d_type to avoid a stat() if possible. */
+ /* Convert d_type to stat-style type bits but follow links. */
+ if (dp->d_type != DT_LNK && dp->d_type != DT_CHR)
+ sb.st_mode = DTTOIF(dp->d_type);
+ else
+# endif
+ if (stat(pathbuf, &sb) == -1)
+ continue;
+ if (S_ISDIR(sb.st_mode)) {
+ if (!builtin) {
+ /* Add to list of subdirs to search. */
+ if (num_subdirs + 1 > max_subdirs) {
+ max_subdirs += 64;
+ subdirs = erealloc3(subdirs, max_subdirs, sizeof(char *));
+ }
+ subdirs[num_subdirs++] = estrdup(pathbuf);
+ }
+ continue;
+ }
+ if (S_ISCHR(sb.st_mode) && sb.st_rdev == rdev) {
+ devname = estrdup(pathbuf);
+ break;
+ }
+ }
+ closedir(d);
+
+ /* Search subdirs if we didn't find it in the root level. */
+ for (i = 0; devname == NULL && i < num_subdirs; i++)
+ devname = sudo_ttyname_scan(subdirs[i], rdev, false);
+
+done:
+ for (i = 0; i < num_subdirs; i++)
+ efree(subdirs[i]);
+ efree(subdirs);
+ debug_return_str(devname);
+}
+
+/*
+ * Like ttyname() but uses a dev_t instead of an open fd.
+ * Caller is responsible for freeing the returned string.
+ * Generic version.
+ */
+static char *
+sudo_ttyname_dev(dev_t rdev)
+{
+ struct stat sb;
+ size_t len;
+ char buf[PATH_MAX], **sd, *devname, *tty = NULL;
+ debug_decl(sudo_ttyname_dev, SUDO_DEBUG_UTIL)
+
+ /*
+ * First check search_devs.
+ */
+ for (sd = search_devs; (devname = *sd) != NULL; sd++) {
+ len = strlen(devname);
+ if (devname[len - 1] == '/') {
+ /* Special case /dev/pts */
+ if (strcmp(devname, "/dev/pts/") == 0) {
+ (void)snprintf(buf, sizeof(buf), "%spts/%u", _PATH_DEV,
+ (unsigned int)minor(rdev));
+ if (stat(buf, &sb) == 0) {
+ if (S_ISCHR(sb.st_mode) && sb.st_rdev == rdev) {
+ tty = estrdup(buf);
+ break;
+ }
+ }
+ continue;
+ }
+ /* Traverse directory */
+ tty = sudo_ttyname_scan(devname, rdev, true);
+ } else {
+ if (stat(devname, &sb) == 0) {
+ if (S_ISCHR(sb.st_mode) && sb.st_rdev == rdev) {
+ tty = estrdup(devname);
+ break;
+ }
+ }
+ }
+ }
+
+ /*
+ * Not found? Do a breadth-first traversal of /dev/.
+ */
+ if (tty == NULL)
+ tty = sudo_ttyname_scan(_PATH_DEV, rdev, false);
+
+ debug_return_str(tty);
+}
+#endif
+
+#if defined(sudo_kp_tdev)
/*
* Return a string from ttyname() containing the tty to which the process is
* attached or NULL if there is no tty associated with the process (or its
rc = sysctl(mib, sudo_kp_namelen, ki_proc, &size, NULL, 0);
} while (rc == -1 && errno == ENOMEM);
if (rc != -1) {
- char *dev = devname(ki_proc->sudo_kp_tdev, S_IFCHR);
- /* Some versions of devname() return NULL, others do not. */
- if (dev == NULL || *dev == '?' || *dev == '#') {
- sudo_debug_printf(SUDO_DEBUG_WARN,
- "unable to map device number %u to name",
- ki_proc->sudo_kp_tdev);
- } else if (*dev != '/') {
- /* devname() doesn't use the /dev/ prefix, add one... */
- size_t len = sizeof(_PATH_DEV) + strlen(dev);
- tty = emalloc(len);
- strlcpy(tty, _PATH_DEV, len);
- strlcat(tty, dev, len);
- } else {
- /* Should not happen but just in case... */
- tty = estrdup(dev);
+ if (ki_proc->sudo_kp_tdev != (dev_t)-1) {
+ tty = sudo_ttyname_dev(ki_proc->sudo_kp_tdev);
+ if (tty == NULL) {
+ sudo_debug_printf(SUDO_DEBUG_WARN,
+ "unable to map device number %u to name",
+ ki_proc->sudo_kp_tdev);
+ }
}
} else {
sudo_debug_printf(SUDO_DEBUG_WARN,
debug_return_str(tty);
}
-#else
+#elif defined(HAVE_STRUCT_PSINFO_PR_TTYDEV)
/*
* Return a string from ttyname() containing the tty to which the process is
* attached or NULL if there is no tty associated with the process (or its
- * parent). First tries std{in,out,err} then falls back to the parent's /proc
- * entry. We could try following the parent all the way to pid 1 but
- * /proc/%d/status is system-specific (text on Linux, a struct on Solaris).
+ * parent). First tries /proc/pid/psinfo, then /proc/ppid/psinfo.
+ * Falls back on ttyname of std{in,out,err} if that fails.
*/
char *
get_process_ttyname(void)
{
char path[PATH_MAX], *tty = NULL;
- pid_t ppid;
+ struct stat sb;
+ struct psinfo psinfo;
+ ssize_t nread;
int i, fd;
debug_decl(get_process_ttyname, SUDO_DEBUG_UTIL)
- if ((tty = ttyname(STDIN_FILENO)) == NULL &&
- (tty = ttyname(STDOUT_FILENO)) == NULL &&
- (tty = ttyname(STDERR_FILENO)) == NULL) {
- /* No tty for child, check the parent via /proc. */
- ppid = getppid();
- for (i = STDIN_FILENO; i < STDERR_FILENO && tty == NULL; i++) {
- snprintf(path, sizeof(path), "/proc/%d/fd/%d", (int)ppid, i);
- fd = open(path, O_RDONLY|O_NOCTTY, 0);
- if (fd != -1) {
- tty = ttyname(fd);
- close(fd);
+ /* Try to determine the tty from pr_ttydev in /proc/pid/psinfo. */
+ for (i = 0; tty == NULL && i < 2; i++) {
+ (void)snprintf(path, sizeof(path), "/proc/%u/psinfo",
+ i ? (unsigned int)getppid() : (unsigned int)getpid());
+ if ((fd = open(path, O_RDONLY, 0)) == -1)
+ continue;
+ nread = read(fd, &psinfo, sizeof(psinfo));
+ close(fd);
+ if (nread == (ssize_t)sizeof(psinfo) && psinfo.pr_ttydev != (dev_t)-1) {
+ tty = sudo_ttyname_dev(psinfo.pr_ttydev);
+ }
+ }
+
+ /* If all else fails, fall back on ttyname(). */
+ if (tty == NULL) {
+ if ((tty = ttyname(STDIN_FILENO)) != NULL ||
+ (tty = ttyname(STDOUT_FILENO)) != NULL ||
+ (tty = ttyname(STDERR_FILENO)) != NULL)
+ tty = estrdup(tty);
+ }
+
+ debug_return_str(tty);
+}
+#elif defined(__linux__)
+/*
+ * Return a string from ttyname() containing the tty to which the process is
+ * attached or NULL if there is no tty associated with the process (or its
+ * parent). First tries field 7 in /proc/pid/stat, then /proc/ppid/stat.
+ * Falls back on ttyname of std{in,out,err} if that fails.
+ */
+char *
+get_process_ttyname(void)
+{
+ char *line = NULL, *tty = NULL;
+ size_t linesize = 0;
+ ssize_t len;
+ int i;
+ debug_decl(get_process_ttyname, SUDO_DEBUG_UTIL)
+
+ /* Try to determine the tty from pr_ttydev in /proc/pid/psinfo. */
+ for (i = 0; tty == NULL && i < 2; i++) {
+ FILE *fp;
+ char path[PATH_MAX];
+ (void)snprintf(path, sizeof(path), "/proc/%u/stat",
+ i ? (unsigned int)getppid() : (unsigned int)getpid());
+ if ((fp = fopen(path, "r")) == NULL)
+ continue;
+ len = getline(&line, &linesize, fp);
+ fclose(fp);
+ if (len != -1) {
+ /* Field 7 is the tty dev (0 if no tty) */
+ char *cp = line;
+ int field = 1;
+ while (*cp != '\0') {
+ if (*cp++ == ' ') {
+ if (++field == 7) {
+ dev_t tdev = (dev_t)atoi(cp);
+ if (tdev > 0)
+ tty = sudo_ttyname_dev(tdev);
+ break;
+ }
+ }
}
}
}
+ efree(line);
+
+ /* If all else fails, fall back on ttyname(). */
+ if (tty == NULL) {
+ if ((tty = ttyname(STDIN_FILENO)) != NULL ||
+ (tty = ttyname(STDOUT_FILENO)) != NULL ||
+ (tty = ttyname(STDERR_FILENO)) != NULL)
+ tty = estrdup(tty);
+ }
+
+ debug_return_str(tty);
+}
+#else
+/*
+ * Return a string from ttyname() containing the tty to which the process is
+ * attached or NULL if there is no tty associated with the process.
+ * parent).
+ */
+char *
+get_process_ttyname(void)
+{
+ char *tty;
+ debug_decl(get_process_ttyname, SUDO_DEBUG_UTIL)
+
+ if ((tty = ttyname(STDIN_FILENO)) == NULL) {
+ if ((tty = ttyname(STDOUT_FILENO)) == NULL)
+ tty = ttyname(STDERR_FILENO);
+ }
debug_return_str(estrdup(tty));
}
-#endif /* sudo_kp_tdev */
+#endif
+++ /dev/null
-/*
- * Copyright (c) 2010 Todd C. Miller <Todd.Miller@courtesan.com>
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
- * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include <config.h>
-
-#include <sys/types.h>
-#include <sys/ioctl.h>
-#include <stdio.h>
-#ifdef STDC_HEADERS
-# include <stdlib.h>
-# include <stddef.h>
-#else
-# ifdef HAVE_STDLIB_H
-# include <stdlib.h>
-# endif
-#endif /* STDC_HEADERS */
-#ifdef HAVE_UNISTD_H
-# include <unistd.h>
-#endif /* HAVE_UNISTD_H */
-#include <termios.h>
-
-#include "missing.h"
-#include "sudo_debug.h"
-
-/* Compatibility with older tty systems. */
-#if !defined(TIOCGWINSZ) && defined(TIOCGSIZE)
-# define TIOCGWINSZ TIOCGSIZE
-# define winsize ttysize
-# define ws_col ts_cols
-# define ws_row ts_lines
-#endif
-
-#ifdef TIOCGWINSZ
-static int
-get_ttysize_ioctl(int *rowp, int *colp)
-{
- struct winsize wsize;
- debug_decl(get_ttysize_ioctl, SUDO_DEBUG_EXEC)
-
- if (ioctl(STDERR_FILENO, TIOCGWINSZ, &wsize) == 0 &&
- wsize.ws_row != 0 && wsize.ws_col != 0) {
- *rowp = wsize.ws_row;
- *colp = wsize.ws_col;
- debug_return_int(0);
- }
- debug_return_int(-1);
-}
-#else
-static int
-get_ttysize_ioctl(int *rowp, int *colp)
-{
- return -1;
-}
-#endif /* TIOCGWINSZ */
-
-void
-get_ttysize(int *rowp, int *colp)
-{
- debug_decl(fork_cmnd, SUDO_DEBUG_EXEC)
-
- if (get_ttysize_ioctl(rowp, colp) == -1) {
- char *p;
-
- /* Fall back on $LINES and $COLUMNS. */
- if ((p = getenv("LINES")) == NULL || (*rowp = atoi(p)) <= 0)
- *rowp = 24;
- if ((p = getenv("COLUMNS")) == NULL || (*colp = atoi(p)) <= 0)
- *colp = 80;
- }
-
- debug_return;
-}
#if !defined(HAVE_GETUTXID) && defined(HAVE_GETUTID)
# define getutxline(u) getutline(u)
# define pututxline(u) pututline(u)
-# define setutxent setutent(u)
-# define endutxent endutent(u)
+# define setutxent() setutent()
+# define endutxent() endutent()
#endif /* !HAVE_GETUTXID && HAVE_GETUTID */
#ifdef HAVE_GETUTXID
$libexecdir/* 0755 optional
$sudoersdir/sudoers.d/ 0750 $sudoers_uid:$sudoers_gid
$timedir/ 0700 root:
- $docdir/
+ $docdir/ 0755
$docdir/sudoers2ldif 0555 optional,ignore-others
$docdir/* 0444
- $localedir/ optional
+ $localedir/ - optional
$localedir/** 0444 optional
/etc/pam.d/* 0444 volatile,optional
%if [rpm,deb]
%post [!rpm,deb]
# Don't overwrite an existing sudoers file
+%if [solaris]
+ sudoersdir=${PKG_INSTALL_ROOT}%{sudoersdir}
+%else
sudoersdir=%{sudoersdir}
+%endif
if test ! -r $sudoersdir/sudoers; then
cp $sudoersdir/sudoers.dist $sudoersdir/sudoers
chmod %{sudoers_mode} $sudoersdir/sudoers
/* adler32.c -- compute the Adler-32 checksum of a data stream
- * Copyright (C) 1995-2007 Mark Adler
+ * Copyright (C) 1995-2011 Mark Adler
* For conditions of distribution and use, see copyright notice in zlib.h
*/
#define local static
-local uLong adler32_combine_(uLong adler1, uLong adler2, z_off64_t len2);
+local uLong adler32_combine_ OF((uLong adler1, uLong adler2, z_off64_t len2));
-#define BASE 65521UL /* largest prime smaller than 65536 */
+#define BASE 65521 /* largest prime smaller than 65536 */
#define NMAX 5552
/* NMAX is the largest n such that 255n(n+1)/2 + (n+1)(BASE-1) <= 2^32-1 */
#define DO8(buf,i) DO4(buf,i); DO4(buf,i+4);
#define DO16(buf) DO8(buf,0); DO8(buf,8);
-/* use NO_DIVIDE if your processor does not do division in hardware */
+/* use NO_DIVIDE if your processor does not do division in hardware --
+ try it both ways to see which is faster */
#ifdef NO_DIVIDE
-# define MOD(a) \
+/* note that this assumes BASE is 65521, where 65536 % 65521 == 15
+ (thank you to John Reiser for pointing this out) */
+# define CHOP(a) \
+ do { \
+ unsigned long tmp = a >> 16; \
+ a &= 0xffffUL; \
+ a += (tmp << 4) - tmp; \
+ } while (0)
+# define MOD28(a) \
do { \
- if (a >= (BASE << 16)) a -= (BASE << 16); \
- if (a >= (BASE << 15)) a -= (BASE << 15); \
- if (a >= (BASE << 14)) a -= (BASE << 14); \
- if (a >= (BASE << 13)) a -= (BASE << 13); \
- if (a >= (BASE << 12)) a -= (BASE << 12); \
- if (a >= (BASE << 11)) a -= (BASE << 11); \
- if (a >= (BASE << 10)) a -= (BASE << 10); \
- if (a >= (BASE << 9)) a -= (BASE << 9); \
- if (a >= (BASE << 8)) a -= (BASE << 8); \
- if (a >= (BASE << 7)) a -= (BASE << 7); \
- if (a >= (BASE << 6)) a -= (BASE << 6); \
- if (a >= (BASE << 5)) a -= (BASE << 5); \
- if (a >= (BASE << 4)) a -= (BASE << 4); \
- if (a >= (BASE << 3)) a -= (BASE << 3); \
- if (a >= (BASE << 2)) a -= (BASE << 2); \
- if (a >= (BASE << 1)) a -= (BASE << 1); \
+ CHOP(a); \
if (a >= BASE) a -= BASE; \
} while (0)
-# define MOD4(a) \
+# define MOD(a) \
do { \
- if (a >= (BASE << 4)) a -= (BASE << 4); \
- if (a >= (BASE << 3)) a -= (BASE << 3); \
- if (a >= (BASE << 2)) a -= (BASE << 2); \
- if (a >= (BASE << 1)) a -= (BASE << 1); \
+ CHOP(a); \
+ MOD28(a); \
+ } while (0)
+# define MOD63(a) \
+ do { /* this assumes a is not negative */ \
+ z_off64_t tmp = a >> 32; \
+ a &= 0xffffffffL; \
+ a += (tmp << 8) - (tmp << 5) + tmp; \
+ tmp = a >> 16; \
+ a &= 0xffffL; \
+ a += (tmp << 4) - tmp; \
+ tmp = a >> 16; \
+ a &= 0xffffL; \
+ a += (tmp << 4) - tmp; \
if (a >= BASE) a -= BASE; \
} while (0)
#else
# define MOD(a) a %= BASE
-# define MOD4(a) a %= BASE
+# define MOD28(a) a %= BASE
+# define MOD63(a) a %= BASE
#endif
/* ========================================================================= */
}
if (adler >= BASE)
adler -= BASE;
- MOD4(sum2); /* only added so many BASE's */
+ MOD28(sum2); /* only added so many BASE's */
return adler | (sum2 << 16);
}
unsigned long sum2;
unsigned rem;
+ /* for negative len, return invalid adler32 as a clue for debugging */
+ if (len2 < 0)
+ return 0xffffffffUL;
+
/* the derivation of this formula is left as an exercise for the reader */
- rem = (unsigned)(len2 % BASE);
+ MOD63(len2); /* assumes len2 >= 0 */
+ rem = (unsigned)len2;
sum1 = adler1 & 0xffff;
sum2 = rem * sum1;
MOD(sum2);
/* crc32.c -- compute the CRC-32 of a data stream
- * Copyright (C) 1995-2006, 2010 Mark Adler
+ * Copyright (C) 1995-2006, 2010, 2011 Mark Adler
* For conditions of distribution and use, see copyright notice in zlib.h
*
* Thanks to Rodney Brown <rbrown64@csc.com.au> for his contribution of faster
of the crc tables. Therefore, if you #define DYNAMIC_CRC_TABLE, you should
first call get_crc_table() to initialize the tables before allowing more than
one thread to use crc32().
+
+ DYNAMIC_CRC_TABLE and MAKECRCH can be #defined to write out crc32.h.
*/
#ifdef MAKECRCH
/* Definitions for doing the crc four data bytes at a time. */
#ifdef BYFOUR
+ typedef u4 crc_table_t;
# define REV(w) ((((w)>>24)&0xff)+(((w)>>8)&0xff00)+ \
(((w)&0xff00)<<8)+(((w)&0xff)<<24))
local unsigned long crc32_little OF((unsigned long,
const unsigned char FAR *, unsigned));
# define TBLS 8
#else
+ typedef unsigned long crc_table_t;
# define TBLS 1
#endif /* BYFOUR */
local unsigned long gf2_matrix_times OF((unsigned long *mat,
unsigned long vec));
local void gf2_matrix_square OF((unsigned long *square, unsigned long *mat));
-local uLong crc32_combine_(uLong crc1, uLong crc2, z_off64_t len2);
+local uLong crc32_combine_ OF((uLong crc1, uLong crc2, z_off64_t len2));
#ifdef DYNAMIC_CRC_TABLE
local volatile int crc_table_empty = 1;
-local unsigned long FAR crc_table[TBLS][256];
+local crc_table_t FAR crc_table[TBLS][256];
local void make_crc_table OF((void));
#ifdef MAKECRCH
- local void write_table OF((FILE *, const unsigned long FAR *));
+ local void write_table OF((FILE *, const crc_table_t FAR *));
#endif /* MAKECRCH */
/*
Generate tables for a byte-wise 32-bit CRC calculation on the polynomial:
*/
local void make_crc_table()
{
- unsigned long c;
+ crc_table_t c;
int n, k;
- unsigned long poly; /* polynomial exclusive-or pattern */
+ crc_table_t poly; /* polynomial exclusive-or pattern */
/* terms of polynomial defining this crc (except x^32): */
static volatile int first = 1; /* flag to limit concurrent making */
static const unsigned char p[] = {0,1,2,4,5,7,8,10,11,12,16,22,23,26};
first = 0;
/* make exclusive-or pattern from polynomial (0xedb88320UL) */
- poly = 0UL;
- for (n = 0; n < sizeof(p)/sizeof(unsigned char); n++)
- poly |= 1UL << (31 - p[n]);
+ poly = 0;
+ for (n = 0; n < (int)(sizeof(p)/sizeof(unsigned char)); n++)
+ poly |= (crc_table_t)1 << (31 - p[n]);
/* generate a crc for every 8-bit value */
for (n = 0; n < 256; n++) {
- c = (unsigned long)n;
+ c = (crc_table_t)n;
for (k = 0; k < 8; k++)
c = c & 1 ? poly ^ (c >> 1) : c >> 1;
crc_table[0][n] = c;
if (out == NULL) return;
fprintf(out, "/* crc32.h -- tables for rapid CRC calculation\n");
fprintf(out, " * Generated automatically by crc32.c\n */\n\n");
- fprintf(out, "local const unsigned long FAR ");
+ fprintf(out, "local const crc_table_t FAR ");
fprintf(out, "crc_table[TBLS][256] =\n{\n {\n");
write_table(out, crc_table[0]);
# ifdef BYFOUR
#ifdef MAKECRCH
local void write_table(out, table)
FILE *out;
- const unsigned long FAR *table;
+ const crc_table_t FAR *table;
{
int n;
for (n = 0; n < 256; n++)
- fprintf(out, "%s0x%08lxUL%s", n % 5 ? "" : " ", table[n],
+ fprintf(out, "%s0x%08lxUL%s", n % 5 ? "" : " ",
+ (unsigned long)(table[n]),
n == 255 ? "\n" : (n % 5 == 4 ? ",\n" : ", "));
}
#endif /* MAKECRCH */
if (crc_table_empty)
make_crc_table();
#endif /* DYNAMIC_CRC_TABLE */
- return (const unsigned long FAR *)crc_table;
+ return (const unsigned long FAR *)(void FAR *)crc_table;
}
/* ========================================================================= */
* Generated automatically by crc32.c
*/
-local const unsigned long FAR crc_table[TBLS][256] =
+local const crc_table_t FAR crc_table[TBLS][256] =
{
{
0x00000000UL, 0x77073096UL, 0xee0e612cUL, 0x990951baUL, 0x076dc419UL,
/* deflate.c -- compress data using the deflation algorithm
- * Copyright (C) 1995-2010 Jean-loup Gailly and Mark Adler
+ * Copyright (C) 1995-2012 Jean-loup Gailly and Mark Adler
* For conditions of distribution and use, see copyright notice in zlib.h
*/
* REFERENCES
*
* Deutsch, L.P.,"DEFLATE Compressed Data Format Specification".
- * Available in http://www.ietf.org/rfc/rfc1951.txt
+ * Available in http://tools.ietf.org/html/rfc1951
*
* A description of the Rabin and Karp algorithm is given in the book
* "Algorithms" by R. Sedgewick, Addison-Wesley, p252.
#include "deflate.h"
const char deflate_copyright[] =
- " deflate 1.2.5 Copyright 1995-2010 Jean-loup Gailly and Mark Adler ";
+ " deflate 1.2.6 Copyright 1995-2012 Jean-loup Gailly and Mark Adler ";
/*
If you use the zlib library in a product, an acknowledgment is welcome
in the documentation of your product. If for some reason you cannot
struct static_tree_desc_s {int dummy;}; /* for buggy compilers */
#endif
+/* rank Z_BLOCK between Z_NO_FLUSH and Z_PARTIAL_FLUSH */
+#define RANK(f) (((f) << 1) - ((f) > 4 ? 9 : 0))
+
/* ===========================================================================
* Update a hash value with the given input byte
* IN assertion: all calls to to UPDATE_HASH are made with consecutive
strm->msg = Z_NULL;
if (strm->zalloc == (alloc_func)0) {
+#ifdef Z_SOLO
+ return Z_STREAM_ERROR;
+#else
strm->zalloc = zcalloc;
strm->opaque = (voidpf)0;
+#endif
}
- if (strm->zfree == (free_func)0) strm->zfree = zcfree;
+ if (strm->zfree == (free_func)0)
+#ifdef Z_SOLO
+ return Z_STREAM_ERROR;
+#else
+ strm->zfree = zcfree;
+#endif
#ifdef FASTEST
if (level != 0) level = 1;
uInt dictLength;
{
deflate_state *s;
- uInt length = dictLength;
- uInt n;
- IPos hash_head = 0;
+ uInt str, n;
+ int wrap;
+ unsigned avail;
+ unsigned char *next;
- if (strm == Z_NULL || strm->state == Z_NULL || dictionary == Z_NULL ||
- strm->state->wrap == 2 ||
- (strm->state->wrap == 1 && strm->state->status != INIT_STATE))
+ if (strm == Z_NULL || strm->state == Z_NULL || dictionary == Z_NULL)
return Z_STREAM_ERROR;
-
s = strm->state;
- if (s->wrap)
- strm->adler = adler32(strm->adler, dictionary, dictLength);
+ wrap = s->wrap;
+ if (wrap == 2 || (wrap == 1 && s->status != INIT_STATE) || s->lookahead)
+ return Z_STREAM_ERROR;
- if (length < MIN_MATCH) return Z_OK;
- if (length > s->w_size) {
- length = s->w_size;
- dictionary += dictLength - length; /* use the tail of the dictionary */
+ /* when using zlib wrappers, compute Adler-32 for provided dictionary */
+ if (wrap == 1)
+ strm->adler = adler32(strm->adler, dictionary, dictLength);
+ s->wrap = 0; /* avoid computing Adler-32 in read_buf */
+
+ /* if dictionary would fill window, just replace the history */
+ if (dictLength >= s->w_size) {
+ if (wrap == 0) { /* already empty otherwise */
+ CLEAR_HASH(s);
+ s->strstart = 0;
+ s->block_start = 0L;
+ s->insert = 0;
+ }
+ dictionary += dictLength - s->w_size; /* use the tail */
+ dictLength = s->w_size;
}
- zmemcpy(s->window, dictionary, length);
- s->strstart = length;
- s->block_start = (long)length;
- /* Insert all strings in the hash table (except for the last two bytes).
- * s->lookahead stays null, so s->ins_h will be recomputed at the next
- * call of fill_window.
- */
- s->ins_h = s->window[0];
- UPDATE_HASH(s, s->ins_h, s->window[1]);
- for (n = 0; n <= length - MIN_MATCH; n++) {
- INSERT_STRING(s, n, hash_head);
+ /* insert dictionary into window and hash */
+ avail = strm->avail_in;
+ next = strm->next_in;
+ strm->avail_in = dictLength;
+ strm->next_in = (Bytef *)dictionary;
+ fill_window(s);
+ while (s->lookahead >= MIN_MATCH) {
+ str = s->strstart;
+ n = s->lookahead - (MIN_MATCH-1);
+ do {
+ UPDATE_HASH(s, s->ins_h, s->window[str + MIN_MATCH-1]);
+#ifndef FASTEST
+ s->prev[str & s->w_mask] = s->head[s->ins_h];
+#endif
+ s->head[s->ins_h] = (Pos)str;
+ str++;
+ } while (--n);
+ s->strstart = str;
+ s->lookahead = MIN_MATCH-1;
+ fill_window(s);
}
- if (hash_head) hash_head = 0; /* to make compiler happy */
+ s->strstart += s->lookahead;
+ s->block_start = (long)s->strstart;
+ s->insert = s->lookahead;
+ s->lookahead = 0;
+ s->match_length = s->prev_length = MIN_MATCH-1;
+ s->match_available = 0;
+ strm->next_in = next;
+ strm->avail_in = avail;
+ s->wrap = wrap;
return Z_OK;
}
/* ========================================================================= */
-int ZEXPORT deflateReset (strm)
+int ZEXPORT deflateResetKeep (strm)
z_streamp strm;
{
deflate_state *s;
s->last_flush = Z_NO_FLUSH;
_tr_init(s);
- lm_init(s);
return Z_OK;
}
+/* ========================================================================= */
+int ZEXPORT deflateReset (strm)
+ z_streamp strm;
+{
+ int ret;
+
+ ret = deflateResetKeep(strm);
+ if (ret == Z_OK)
+ lm_init(strm->state);
+ return ret;
+}
+
/* ========================================================================= */
int ZEXPORT deflateSetHeader (strm, head)
z_streamp strm;
return Z_OK;
}
+/* ========================================================================= */
+int ZEXPORT deflatePending (strm, pending, bits)
+ unsigned *pending;
+ int *bits;
+ z_streamp strm;
+{
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ if (pending != Z_NULL)
+ *pending = strm->state->pending;
+ if (bits != Z_NULL)
+ *bits = strm->state->bi_valid;
+ return Z_OK;
+}
+
/* ========================================================================= */
int ZEXPORT deflatePrime (strm, bits, value)
z_streamp strm;
int bits;
int value;
{
+ deflate_state *s;
+ int put;
+
if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
- strm->state->bi_valid = bits;
- strm->state->bi_buf = (ush)(value & ((1 << bits) - 1));
+ s = strm->state;
+ if ((Bytef *)(s->d_buf) < s->pending_out + ((Buf_size + 7) >> 3))
+ return Z_BUF_ERROR;
+ do {
+ put = Buf_size - s->bi_valid;
+ if (put > bits)
+ put = bits;
+ s->bi_buf |= (ush)((value & ((1 << put) - 1)) << s->bi_valid);
+ s->bi_valid += put;
+ _tr_flush_bits(s);
+ value >>= put;
+ bits -= put;
+ } while (bits);
return Z_OK;
}
local void flush_pending(strm)
z_streamp strm;
{
- unsigned len = strm->state->pending;
+ unsigned len;
+ deflate_state *s = strm->state;
+ _tr_flush_bits(s);
+ len = s->pending;
if (len > strm->avail_out) len = strm->avail_out;
if (len == 0) return;
- zmemcpy(strm->next_out, strm->state->pending_out, len);
+ zmemcpy(strm->next_out, s->pending_out, len);
strm->next_out += len;
- strm->state->pending_out += len;
+ s->pending_out += len;
strm->total_out += len;
strm->avail_out -= len;
- strm->state->pending -= len;
- if (strm->state->pending == 0) {
- strm->state->pending_out = strm->state->pending_buf;
+ s->pending -= len;
+ if (s->pending == 0) {
+ s->pending_out = s->pending_buf;
}
}
* flushes. For repeated and useless calls with Z_FINISH, we keep
* returning Z_STREAM_END instead of Z_BUF_ERROR.
*/
- } else if (strm->avail_in == 0 && flush <= old_flush &&
+ } else if (strm->avail_in == 0 && RANK(flush) <= RANK(old_flush) &&
flush != Z_FINISH) {
ERR_RETURN(strm, Z_BUF_ERROR);
}
if (s->lookahead == 0) {
s->strstart = 0;
s->block_start = 0L;
+ s->insert = 0;
}
}
}
ss = source->state;
- zmemcpy(dest, source, sizeof(z_stream));
+ zmemcpy((voidpf)dest, (voidpf)source, sizeof(z_stream));
ds = (deflate_state *) ZALLOC(dest, 1, sizeof(deflate_state));
if (ds == Z_NULL) return Z_MEM_ERROR;
dest->state = (struct internal_state FAR *) ds;
- zmemcpy(ds, ss, sizeof(deflate_state));
+ zmemcpy((voidpf)ds, (voidpf)ss, sizeof(deflate_state));
ds->strm = dest;
ds->window = (Bytef *) ZALLOC(dest, ds->w_size, 2*sizeof(Byte));
}
/* following zmemcpy do not work for 16-bit MSDOS */
zmemcpy(ds->window, ss->window, ds->w_size * 2 * sizeof(Byte));
- zmemcpy(ds->prev, ss->prev, ds->w_size * sizeof(Pos));
- zmemcpy(ds->head, ss->head, ds->hash_size * sizeof(Pos));
+ zmemcpy((voidpf)ds->prev, (voidpf)ss->prev, ds->w_size * sizeof(Pos));
+ zmemcpy((voidpf)ds->head, (voidpf)ss->head, ds->hash_size * sizeof(Pos));
zmemcpy(ds->pending_buf, ss->pending_buf, (uInt)ds->pending_buf_size);
ds->pending_out = ds->pending_buf + (ss->pending_out - ss->pending_buf);
strm->avail_in -= len;
+ zmemcpy(buf, strm->next_in, len);
if (strm->state->wrap == 1) {
- strm->adler = adler32(strm->adler, strm->next_in, len);
+ strm->adler = adler32(strm->adler, buf, len);
}
#ifdef GZIP
else if (strm->state->wrap == 2) {
- strm->adler = crc32(strm->adler, strm->next_in, len);
+ strm->adler = crc32(strm->adler, buf, len);
}
#endif
- zmemcpy(buf, strm->next_in, len);
strm->next_in += len;
strm->total_in += len;
s->strstart = 0;
s->block_start = 0L;
s->lookahead = 0;
+ s->insert = 0;
s->match_length = s->prev_length = MIN_MATCH-1;
s->match_available = 0;
s->ins_h = 0;
unsigned more; /* Amount of free space at the end of the window. */
uInt wsize = s->w_size;
+ Assert(s->lookahead < MIN_LOOKAHEAD, "already enough lookahead");
+
do {
more = (unsigned)(s->window_size -(ulg)s->lookahead -(ulg)s->strstart);
#endif
more += wsize;
}
- if (s->strm->avail_in == 0) return;
+ if (s->strm->avail_in == 0) break;
/* If there was no sliding:
* strstart <= WSIZE+MAX_DIST-1 && lookahead <= MIN_LOOKAHEAD - 1 &&
s->lookahead += n;
/* Initialize the hash value now that we have some input: */
- if (s->lookahead >= MIN_MATCH) {
- s->ins_h = s->window[s->strstart];
- UPDATE_HASH(s, s->ins_h, s->window[s->strstart+1]);
+ if (s->lookahead + s->insert >= MIN_MATCH) {
+ uInt str = s->strstart - s->insert;
+ s->ins_h = s->window[str];
+ UPDATE_HASH(s, s->ins_h, s->window[str + 1]);
#if MIN_MATCH != 3
Call UPDATE_HASH() MIN_MATCH-3 more times
#endif
+ while (s->insert) {
+ UPDATE_HASH(s, s->ins_h, s->window[str + MIN_MATCH-1]);
+#ifndef FASTEST
+ s->prev[str & s->w_mask] = s->head[s->ins_h];
+#endif
+ s->head[s->ins_h] = (Pos)str;
+ str++;
+ s->insert--;
+ if (s->lookahead + s->insert < MIN_MATCH)
+ break;
+ }
}
/* If the whole input has less than MIN_MATCH bytes, ins_h is garbage,
* but this is not important since only literal bytes will be emitted.
s->high_water += init;
}
}
+
+ Assert((ulg)s->strstart <= s->window_size - MIN_LOOKAHEAD,
+ "not enough room for search");
}
/* ===========================================================================
FLUSH_BLOCK(s, 0);
}
}
- FLUSH_BLOCK(s, flush == Z_FINISH);
- return flush == Z_FINISH ? finish_done : block_done;
+ s->insert = 0;
+ if (flush == Z_FINISH) {
+ FLUSH_BLOCK(s, 1);
+ return finish_done;
+ }
+ if ((long)s->strstart > s->block_start)
+ FLUSH_BLOCK(s, 0);
+ return block_done;
}
/* ===========================================================================
}
if (bflush) FLUSH_BLOCK(s, 0);
}
- FLUSH_BLOCK(s, flush == Z_FINISH);
- return flush == Z_FINISH ? finish_done : block_done;
+ s->insert = s->strstart < MIN_MATCH-1 ? s->strstart : MIN_MATCH-1;
+ if (flush == Z_FINISH) {
+ FLUSH_BLOCK(s, 1);
+ return finish_done;
+ }
+ if (s->last_lit)
+ FLUSH_BLOCK(s, 0);
+ return block_done;
}
#ifndef FASTEST
_tr_tally_lit(s, s->window[s->strstart-1], bflush);
s->match_available = 0;
}
- FLUSH_BLOCK(s, flush == Z_FINISH);
- return flush == Z_FINISH ? finish_done : block_done;
+ s->insert = s->strstart < MIN_MATCH-1 ? s->strstart : MIN_MATCH-1;
+ if (flush == Z_FINISH) {
+ FLUSH_BLOCK(s, 1);
+ return finish_done;
+ }
+ if (s->last_lit)
+ FLUSH_BLOCK(s, 0);
+ return block_done;
}
#endif /* FASTEST */
for (;;) {
/* Make sure that we always have enough lookahead, except
* at the end of the input file. We need MAX_MATCH bytes
- * for the longest encodable run.
+ * for the longest run, plus one for the unrolled loop.
*/
- if (s->lookahead < MAX_MATCH) {
+ if (s->lookahead <= MAX_MATCH) {
fill_window(s);
- if (s->lookahead < MAX_MATCH && flush == Z_NO_FLUSH) {
+ if (s->lookahead <= MAX_MATCH && flush == Z_NO_FLUSH) {
return need_more;
}
if (s->lookahead == 0) break; /* flush the current block */
if (s->match_length > s->lookahead)
s->match_length = s->lookahead;
}
+ Assert(scan <= s->window+(uInt)(s->window_size-1), "wild scan");
}
/* Emit match if have run of MIN_MATCH or longer, else emit literal */
}
if (bflush) FLUSH_BLOCK(s, 0);
}
- FLUSH_BLOCK(s, flush == Z_FINISH);
- return flush == Z_FINISH ? finish_done : block_done;
+ s->insert = 0;
+ if (flush == Z_FINISH) {
+ FLUSH_BLOCK(s, 1);
+ return finish_done;
+ }
+ if (s->last_lit)
+ FLUSH_BLOCK(s, 0);
+ return block_done;
}
/* ===========================================================================
s->strstart++;
if (bflush) FLUSH_BLOCK(s, 0);
}
- FLUSH_BLOCK(s, flush == Z_FINISH);
- return flush == Z_FINISH ? finish_done : block_done;
+ s->insert = 0;
+ if (flush == Z_FINISH) {
+ FLUSH_BLOCK(s, 1);
+ return finish_done;
+ }
+ if (s->last_lit)
+ FLUSH_BLOCK(s, 0);
+ return block_done;
}
/* deflate.h -- internal compression state
- * Copyright (C) 1995-2010 Jean-loup Gailly
+ * Copyright (C) 1995-2012 Jean-loup Gailly
* For conditions of distribution and use, see copyright notice in zlib.h
*/
#define MAX_BITS 15
/* All codes must not exceed MAX_BITS bits */
+#define Buf_size 16
+/* size of bit buffer in bi_buf */
+
#define INIT_STATE 42
#define EXTRA_STATE 69
#define NAME_STATE 73
int nice_match; /* Stop searching when current match exceeds this */
/* used by trees.c: */
- /* Didn't use ct_data typedef below to supress compiler warning */
+ /* Didn't use ct_data typedef below to suppress compiler warning */
struct ct_data_s dyn_ltree[HEAP_SIZE]; /* literal and length tree */
struct ct_data_s dyn_dtree[2*D_CODES+1]; /* distance tree */
struct ct_data_s bl_tree[2*BL_CODES+1]; /* Huffman tree for bit lengths */
ulg opt_len; /* bit length of current block with optimal trees */
ulg static_len; /* bit length of current block with static trees */
uInt matches; /* number of string matches in current block */
- int last_eob_len; /* bit length of EOB code for last block */
+ uInt insert; /* bytes at end of window left to insert */
#ifdef DEBUG
ulg compressed_len; /* total bit length of compressed file mod 2^32 */
int ZLIB_INTERNAL _tr_tally OF((deflate_state *s, unsigned dist, unsigned lc));
void ZLIB_INTERNAL _tr_flush_block OF((deflate_state *s, charf *buf,
ulg stored_len, int last));
+void ZLIB_INTERNAL _tr_flush_bits OF((deflate_state *s));
void ZLIB_INTERNAL _tr_align OF((deflate_state *s));
void ZLIB_INTERNAL _tr_stored_block OF((deflate_state *s, charf *buf,
ulg stored_len, int last));
/* gzguts.h -- zlib internal header definitions for gz* operations
- * Copyright (C) 2004, 2005, 2010 Mark Adler
+ * Copyright (C) 2004, 2005, 2010, 2011, 2012 Mark Adler
* For conditions of distribution and use, see copyright notice in zlib.h
*/
#endif
#include <fcntl.h>
+#ifdef __TURBOC__
+# include <io.h>
+#endif
+
#ifdef NO_DEFLATE /* for compatibility with old definition */
# define NO_GZCOMPRESS
#endif
-#ifdef _MSC_VER
-# include <io.h>
-# define vsnprintf _vsnprintf
+#if defined(STDC99) || (defined(__TURBOC__) && __TURBOC__ >= 0x550)
+# ifndef HAVE_VSNPRINTF
+# define HAVE_VSNPRINTF
+# endif
+#endif
+
+#if defined(__CYGWIN__)
+# ifndef HAVE_VSNPRINTF
+# define HAVE_VSNPRINTF
+# endif
+#endif
+
+#if defined(MSDOS) && defined(__BORLANDC__) && (BORLANDC > 0x410)
+# ifndef HAVE_VSNPRINTF
+# define HAVE_VSNPRINTF
+# endif
+#endif
+
+#ifndef HAVE_VSNPRINTF
+# ifdef MSDOS
+/* vsnprintf may exist on some MS-DOS compilers (DJGPP?),
+ but for now we just assume it doesn't. */
+# define NO_vsnprintf
+# endif
+# ifdef __TURBOC__
+# define NO_vsnprintf
+# endif
+# ifdef WIN32
+/* In Win32, vsnprintf is available as the "non-ANSI" _vsnprintf. */
+# if !defined(vsnprintf) && !defined(NO_vsnprintf)
+# if !defined(_MSC_VER) || ( defined(_MSC_VER) && _MSC_VER < 1500 )
+# include <io.h>
+# define vsnprintf _vsnprintf
+# endif
+# endif
+# endif
+# ifdef __SASC
+# define NO_vsnprintf
+# endif
+# ifdef VMS
+# define NO_vsnprintf
+# endif
+# ifdef __OS400__
+# define NO_vsnprintf
+# endif
+# ifdef __MVS__
+# define NO_vsnprintf
+# endif
#endif
#ifndef local
ZEXTERN z_off64_t ZEXPORT gzoffset64 OF((gzFile));
#endif
+/* default memLevel */
+#if MAX_MEM_LEVEL >= 8
+# define DEF_MEM_LEVEL 8
+#else
+# define DEF_MEM_LEVEL MAX_MEM_LEVEL
+#endif
+
/* default i/o buffer size -- double this for output when reading */
#define GZBUFSIZE 8192
/* internal gzip file state data structure */
typedef struct {
+ /* exposed contents for gzgetc() macro */
+ struct gzFile_s x; /* "x" for exposed */
+ /* x.have: number of bytes available at x.next */
+ /* x.next: next output data to deliver or write */
+ /* x.pos: current position in uncompressed data */
/* used for both reading and writing */
int mode; /* see gzip modes above */
int fd; /* file descriptor */
char *path; /* path or fd for error messages */
- z_off64_t pos; /* current position in uncompressed data */
unsigned size; /* buffer size, zero if not allocated yet */
unsigned want; /* requested buffer size, default is GZBUFSIZE */
unsigned char *in; /* input buffer */
unsigned char *out; /* output buffer (double-sized when reading) */
- unsigned char *next; /* next output data to deliver or write */
+ int direct; /* 0 if processing gzip, 1 if transparent */
/* just for reading */
- unsigned have; /* amount of output data unused at next */
- int eof; /* true if end of input file reached */
- z_off64_t start; /* where the gzip data started, for rewinding */
- z_off64_t raw; /* where the raw data started, for seeking */
int how; /* 0: get header, 1: copy, 2: decompress */
- int direct; /* true if last read direct, false if gzip */
+ z_off64_t start; /* where the gzip data started, for rewinding */
+ int eof; /* true if end of input file reached */
+ int past; /* true if read requested past end */
/* just for writing */
int level; /* compression level */
int strategy; /* compression strategy */
/* gzlib.c -- zlib functions common to reading and writing gzip files
- * Copyright (C) 2004, 2010 Mark Adler
+ * Copyright (C) 2004, 2010, 2011 Mark Adler
* For conditions of distribution and use, see copyright notice in zlib.h
*/
#include "gzguts.h"
+#if defined(_WIN32) && !defined(__BORLANDC__)
+# define LSEEK _lseeki64
+#else
#if defined(_LARGEFILE64_SOURCE) && _LFS64_LARGEFILE-0
# define LSEEK lseek64
#else
# define LSEEK lseek
#endif
+#endif
/* Local functions */
local void gz_reset OF((gz_statep));
local void gz_reset(state)
gz_statep state;
{
+ state->x.have = 0; /* no output data available */
if (state->mode == GZ_READ) { /* for reading ... */
- state->have = 0; /* no output data available */
state->eof = 0; /* not at end of file */
+ state->past = 0; /* have not read past end yet */
state->how = LOOK; /* look for gzip header */
- state->direct = 1; /* default for empty file */
}
state->seek = 0; /* no seek request pending */
gz_error(state, Z_OK, NULL); /* clear error */
- state->pos = 0; /* no uncompressed data yet */
+ state->x.pos = 0; /* no uncompressed data yet */
state->strm.avail_in = 0; /* no input data yet */
}
{
gz_statep state;
+ /* check input */
+ if (path == NULL)
+ return NULL;
+
/* allocate gzFile structure to return */
state = malloc(sizeof(gz_state));
if (state == NULL)
state->mode = GZ_NONE;
state->level = Z_DEFAULT_COMPRESSION;
state->strategy = Z_DEFAULT_STRATEGY;
+ state->direct = 0;
while (*mode) {
if (*mode >= '0' && *mode <= '9')
state->level = *mode - '0';
break;
case 'F':
state->strategy = Z_FIXED;
+ case 'T':
+ state->direct = 1;
default: /* could consider as an error, but just ignore */
;
}
return NULL;
}
+ /* can't force transparent read */
+ if (state->mode == GZ_READ) {
+ if (state->direct) {
+ free(state);
+ return NULL;
+ }
+ state->direct = 1; /* for empty file */
+ }
+
/* save the path name for error messages */
state->path = malloc(strlen(path) + 1);
if (state->path == NULL) {
return -1;
/* check and set requested size */
- if (size == 0)
- return -1;
+ if (size < 2)
+ size = 2; /* need two bytes to check magic header */
state->want = size;
return 0;
}
state = (gz_statep)file;
/* check that we're reading and that there's no error */
- if (state->mode != GZ_READ || state->err != Z_OK)
+ if (state->mode != GZ_READ ||
+ (state->err != Z_OK && state->err != Z_BUF_ERROR))
return -1;
/* back up and start over */
return -1;
/* check that there's no error */
- if (state->err != Z_OK)
+ if (state->err != Z_OK && state->err != Z_BUF_ERROR)
return -1;
/* can only seek from start or relative to current position */
/* normalize offset to a SEEK_CUR specification */
if (whence == SEEK_SET)
- offset -= state->pos;
+ offset -= state->x.pos;
else if (state->seek)
offset += state->skip;
state->seek = 0;
/* if within raw area while reading, just go there */
if (state->mode == GZ_READ && state->how == COPY &&
- state->pos + offset >= state->raw) {
- ret = LSEEK(state->fd, offset - state->have, SEEK_CUR);
+ state->x.pos + offset >= 0) {
+ ret = LSEEK(state->fd, offset - state->x.have, SEEK_CUR);
if (ret == -1)
return -1;
- state->have = 0;
+ state->x.have = 0;
state->eof = 0;
+ state->past = 0;
state->seek = 0;
gz_error(state, Z_OK, NULL);
state->strm.avail_in = 0;
- state->pos += offset;
- return state->pos;
+ state->x.pos += offset;
+ return state->x.pos;
}
/* calculate skip amount, rewinding if needed for back seek when reading */
if (offset < 0) {
if (state->mode != GZ_READ) /* writing -- can't go backwards */
return -1;
- offset += state->pos;
+ offset += state->x.pos;
if (offset < 0) /* before start of file! */
return -1;
if (gzrewind(file) == -1) /* rewind, then skip to offset */
/* if reading, skip what's in output buffer (one less gzgetc() check) */
if (state->mode == GZ_READ) {
- n = GT_OFF(state->have) || (z_off64_t)state->have > offset ?
- (unsigned)offset : state->have;
- state->have -= n;
- state->next += n;
- state->pos += n;
+ n = GT_OFF(state->x.have) || (z_off64_t)state->x.have > offset ?
+ (unsigned)offset : state->x.have;
+ state->x.have -= n;
+ state->x.next += n;
+ state->x.pos += n;
offset -= n;
}
state->seek = 1;
state->skip = offset;
}
- return state->pos + offset;
+ return state->x.pos + offset;
}
/* -- see zlib.h -- */
return -1;
/* return position */
- return state->pos + (state->seek ? state->skip : 0);
+ return state->x.pos + (state->seek ? state->skip : 0);
}
/* -- see zlib.h -- */
return 0;
/* return end-of-file state */
- return state->mode == GZ_READ ?
- (state->eof && state->strm.avail_in == 0 && state->have == 0) : 0;
+ return state->mode == GZ_READ ? state->past : 0;
}
/* -- see zlib.h -- */
return;
/* clear error and end-of-file */
- if (state->mode == GZ_READ)
+ if (state->mode == GZ_READ) {
state->eof = 0;
+ state->past = 0;
+ }
gz_error(state, Z_OK, NULL);
}
state->msg = NULL;
}
+ /* if fatal, set state->x.have to 0 so that the gzgetc() macro fails */
+ if (err != Z_OK && err != Z_BUF_ERROR)
+ state->x.have = 0;
+
/* set error code, and if no message, then done */
state->err = err;
if (msg == NULL)
/* gzread.c -- zlib functions for reading gzip files
- * Copyright (C) 2004, 2005, 2010 Mark Adler
+ * Copyright (C) 2004, 2005, 2010, 2011 Mark Adler
* For conditions of distribution and use, see copyright notice in zlib.h
*/
/* Local functions */
local int gz_load OF((gz_statep, unsigned char *, unsigned, unsigned *));
local int gz_avail OF((gz_statep));
-local int gz_next4 OF((gz_statep, unsigned long *));
-local int gz_head OF((gz_statep));
+local int gz_look OF((gz_statep));
local int gz_decomp OF((gz_statep));
-local int gz_make OF((gz_statep));
+local int gz_fetch OF((gz_statep));
local int gz_skip OF((gz_statep, z_off64_t));
/* Use read() to load a buffer -- return -1 on error, otherwise 0. Read from
error, 0 otherwise. Note that the eof flag is set when the end of the input
file is reached, even though there may be unused data in the buffer. Once
that data has been used, no more attempts will be made to read the file.
- gz_avail() assumes that strm->avail_in == 0. */
+ If strm->avail_in != 0, then the current data is moved to the beginning of
+ the input buffer, and then the remainder of the buffer is loaded with the
+ available data from the input file. */
local int gz_avail(state)
gz_statep state;
{
+ unsigned got;
z_streamp strm = &(state->strm);
- if (state->err != Z_OK)
+ if (state->err != Z_OK && state->err != Z_BUF_ERROR)
return -1;
if (state->eof == 0) {
- if (gz_load(state, state->in, state->size,
- (unsigned *)&(strm->avail_in)) == -1)
+ if (strm->avail_in)
+ memmove(state->in, strm->next_in, strm->avail_in);
+ if (gz_load(state, state->in + strm->avail_in,
+ state->size - strm->avail_in, &got) == -1)
return -1;
+ strm->avail_in += got;
strm->next_in = state->in;
}
return 0;
}
-/* Get next byte from input, or -1 if end or error. */
-#define NEXT() ((strm->avail_in == 0 && gz_avail(state) == -1) ? -1 : \
- (strm->avail_in == 0 ? -1 : \
- (strm->avail_in--, *(strm->next_in)++)))
-
-/* Get a four-byte little-endian integer and return 0 on success and the value
- in *ret. Otherwise -1 is returned and *ret is not modified. */
-local int gz_next4(state, ret)
- gz_statep state;
- unsigned long *ret;
-{
- int ch;
- unsigned long val;
- z_streamp strm = &(state->strm);
-
- val = NEXT();
- val += (unsigned)NEXT() << 8;
- val += (unsigned long)NEXT() << 16;
- ch = NEXT();
- if (ch == -1)
- return -1;
- val += (unsigned long)ch << 24;
- *ret = val;
- return 0;
-}
-
-/* Look for gzip header, set up for inflate or copy. state->have must be zero.
+/* Look for gzip header, set up for inflate or copy. state->x.have must be 0.
If this is the first time in, allocate required memory. state->how will be
left unchanged if there is no more input data available, will be set to COPY
if there is no gzip header and direct copying will be performed, or it will
- be set to GZIP for decompression, and the gzip header will be skipped so
- that the next available input data is the raw deflate stream. If direct
- copying, then leftover input data from the input buffer will be copied to
- the output buffer. In that case, all further file reads will be directly to
- either the output buffer or a user buffer. If decompressing, the inflate
- state and the check value will be initialized. gz_head() will return 0 on
- success or -1 on failure. Failures may include read errors or gzip header
- errors. */
-local int gz_head(state)
+ be set to GZIP for decompression. If direct copying, then leftover input
+ data from the input buffer will be copied to the output buffer. In that
+ case, all further file reads will be directly to either the output buffer or
+ a user buffer. If decompressing, the inflate state will be initialized.
+ gz_look() will return 0 on success or -1 on failure. */
+local int gz_look(state)
gz_statep state;
{
z_streamp strm = &(state->strm);
- int flags;
- unsigned len;
/* allocate read buffers and inflate memory */
if (state->size == 0) {
state->strm.opaque = Z_NULL;
state->strm.avail_in = 0;
state->strm.next_in = Z_NULL;
- if (inflateInit2(&(state->strm), -15) != Z_OK) { /* raw inflate */
+ if (inflateInit2(&(state->strm), 15 + 16) != Z_OK) { /* gunzip */
free(state->out);
free(state->in);
state->size = 0;
}
}
- /* get some data in the input buffer */
- if (strm->avail_in == 0) {
+ /* get at least the magic bytes in the input buffer */
+ if (strm->avail_in < 2) {
if (gz_avail(state) == -1)
return -1;
if (strm->avail_in == 0)
return 0;
}
- /* look for the gzip magic header bytes 31 and 139 */
- if (strm->next_in[0] == 31) {
- strm->avail_in--;
- strm->next_in++;
- if (strm->avail_in == 0 && gz_avail(state) == -1)
- return -1;
- if (strm->avail_in && strm->next_in[0] == 139) {
- /* we have a gzip header, woo hoo! */
- strm->avail_in--;
- strm->next_in++;
-
- /* skip rest of header */
- if (NEXT() != 8) { /* compression method */
- gz_error(state, Z_DATA_ERROR, "unknown compression method");
- return -1;
- }
- flags = NEXT();
- if (flags & 0xe0) { /* reserved flag bits */
- gz_error(state, Z_DATA_ERROR, "unknown header flags set");
- return -1;
- }
- NEXT(); /* modification time */
- NEXT();
- NEXT();
- NEXT();
- NEXT(); /* extra flags */
- NEXT(); /* operating system */
- if (flags & 4) { /* extra field */
- len = (unsigned)NEXT();
- len += (unsigned)NEXT() << 8;
- while (len--)
- if (NEXT() < 0)
- break;
- }
- if (flags & 8) /* file name */
- while (NEXT() > 0)
- ;
- if (flags & 16) /* comment */
- while (NEXT() > 0)
- ;
- if (flags & 2) { /* header crc */
- NEXT();
- NEXT();
- }
- /* an unexpected end of file is not checked for here -- it will be
- noticed on the first request for uncompressed data */
-
- /* set up for decompression */
- inflateReset(strm);
- strm->adler = crc32(0L, Z_NULL, 0);
- state->how = GZIP;
- state->direct = 0;
- return 0;
- }
- else {
- /* not a gzip file -- save first byte (31) and fall to raw i/o */
- state->out[0] = 31;
- state->have = 1;
- }
+ /* look for gzip magic bytes -- if there, do gzip decoding (note: there is
+ a logical dilemma here when considering the case of a partially written
+ gzip file, to wit, if a single 31 byte is written, then we cannot tell
+ whether this is a single-byte file, or just a partially written gzip
+ file -- for here we assume that if a gzip file is being written, then
+ the header will be written in a single operation, so that reading a
+ single byte is sufficient indication that it is not a gzip file) */
+ if (strm->avail_in > 1 &&
+ strm->next_in[0] == 31 && strm->next_in[1] == 139) {
+ inflateReset(strm);
+ state->how = GZIP;
+ state->direct = 0;
+ return 0;
+ }
+
+ /* no gzip header -- if we were decoding gzip before, then this is trailing
+ garbage. Ignore the trailing garbage and finish. */
+ if (state->direct == 0) {
+ strm->avail_in = 0;
+ state->eof = 1;
+ state->x.have = 0;
+ return 0;
}
- /* doing raw i/o, save start of raw data for seeking, copy any leftover
- input to output -- this assumes that the output buffer is larger than
- the input buffer, which also assures space for gzungetc() */
- state->raw = state->pos;
- state->next = state->out;
+ /* doing raw i/o, copy any leftover input to output -- this assumes that
+ the output buffer is larger than the input buffer, which also assures
+ space for gzungetc() */
+ state->x.next = state->out;
if (strm->avail_in) {
- memcpy(state->next + state->have, strm->next_in, strm->avail_in);
- state->have += strm->avail_in;
+ memcpy(state->x.next, strm->next_in, strm->avail_in);
+ state->x.have = strm->avail_in;
strm->avail_in = 0;
}
state->how = COPY;
}
/* Decompress from input to the provided next_out and avail_out in the state.
- If the end of the compressed data is reached, then verify the gzip trailer
- check value and length (modulo 2^32). state->have and state->next are set
- to point to the just decompressed data, and the crc is updated. If the
- trailer is verified, state->how is reset to LOOK to look for the next gzip
- stream or raw data, once state->have is depleted. Returns 0 on success, -1
- on failure. Failures may include invalid compressed data or a failed gzip
- trailer verification. */
+ On return, state->x.have and state->x.next point to the just decompressed
+ data. If the gzip stream completes, state->how is reset to LOOK to look for
+ the next gzip stream or raw data, once state->x.have is depleted. Returns 0
+ on success, -1 on failure. */
local int gz_decomp(state)
gz_statep state;
{
- int ret;
+ int ret = Z_OK;
unsigned had;
- unsigned long crc, len;
z_streamp strm = &(state->strm);
/* fill output buffer up to end of deflate stream */
if (strm->avail_in == 0 && gz_avail(state) == -1)
return -1;
if (strm->avail_in == 0) {
- gz_error(state, Z_DATA_ERROR, "unexpected end of file");
- return -1;
+ gz_error(state, Z_BUF_ERROR, "unexpected end of file");
+ break;
}
/* decompress and handle errors */
ret = inflate(strm, Z_NO_FLUSH);
if (ret == Z_STREAM_ERROR || ret == Z_NEED_DICT) {
gz_error(state, Z_STREAM_ERROR,
- "internal error: inflate stream corrupt");
+ "internal error: inflate stream corrupt");
return -1;
}
if (ret == Z_MEM_ERROR) {
}
if (ret == Z_DATA_ERROR) { /* deflate stream invalid */
gz_error(state, Z_DATA_ERROR,
- strm->msg == NULL ? "compressed data error" : strm->msg);
+ strm->msg == NULL ? "compressed data error" : strm->msg);
return -1;
}
} while (strm->avail_out && ret != Z_STREAM_END);
- /* update available output and crc check value */
- state->have = had - strm->avail_out;
- state->next = strm->next_out - state->have;
- strm->adler = crc32(strm->adler, state->next, state->have);
+ /* update available output */
+ state->x.have = had - strm->avail_out;
+ state->x.next = strm->next_out - state->x.have;
- /* check gzip trailer if at end of deflate stream */
- if (ret == Z_STREAM_END) {
- if (gz_next4(state, &crc) == -1 || gz_next4(state, &len) == -1) {
- gz_error(state, Z_DATA_ERROR, "unexpected end of file");
- return -1;
- }
- if (crc != strm->adler) {
- gz_error(state, Z_DATA_ERROR, "incorrect data check");
- return -1;
- }
- if (len != (strm->total_out & 0xffffffffL)) {
- gz_error(state, Z_DATA_ERROR, "incorrect length check");
- return -1;
- }
- state->how = LOOK; /* ready for next stream, once have is 0 (leave
- state->direct unchanged to remember how) */
- }
+ /* if the gzip stream completed successfully, look for another */
+ if (ret == Z_STREAM_END)
+ state->how = LOOK;
/* good decompression */
return 0;
}
-/* Make data and put in the output buffer. Assumes that state->have == 0.
+/* Fetch data and put it in the output buffer. Assumes state->x.have is 0.
Data is either copied from the input file or decompressed from the input
file depending on state->how. If state->how is LOOK, then a gzip header is
- looked for (and skipped if found) to determine wither to copy or decompress.
- Returns -1 on error, otherwise 0. gz_make() will leave state->have as COPY
- or GZIP unless the end of the input file has been reached and all data has
- been processed. */
-local int gz_make(state)
+ looked for to determine whether to copy or decompress. Returns -1 on error,
+ otherwise 0. gz_fetch() will leave state->how as COPY or GZIP unless the
+ end of the input file has been reached and all data has been processed. */
+local int gz_fetch(state)
gz_statep state;
{
z_streamp strm = &(state->strm);
- if (state->how == LOOK) { /* look for gzip header */
- if (gz_head(state) == -1)
- return -1;
- if (state->have) /* got some data from gz_head() */
+ do {
+ switch(state->how) {
+ case LOOK: /* -> LOOK, COPY (only if never GZIP), or GZIP */
+ if (gz_look(state) == -1)
+ return -1;
+ if (state->how == LOOK)
+ return 0;
+ break;
+ case COPY: /* -> COPY */
+ if (gz_load(state, state->out, state->size << 1, &(state->x.have))
+ == -1)
+ return -1;
+ state->x.next = state->out;
return 0;
- }
- if (state->how == COPY) { /* straight copy */
- if (gz_load(state, state->out, state->size << 1, &(state->have)) == -1)
- return -1;
- state->next = state->out;
- }
- else if (state->how == GZIP) { /* decompress */
- strm->avail_out = state->size << 1;
- strm->next_out = state->out;
- if (gz_decomp(state) == -1)
- return -1;
- }
+ case GZIP: /* -> GZIP or LOOK (if end of gzip stream) */
+ strm->avail_out = state->size << 1;
+ strm->next_out = state->out;
+ if (gz_decomp(state) == -1)
+ return -1;
+ }
+ } while (state->x.have == 0 && (!state->eof || strm->avail_in));
return 0;
}
/* skip over len bytes or reach end-of-file, whichever comes first */
while (len)
/* skip over whatever is in output buffer */
- if (state->have) {
- n = GT_OFF(state->have) || (z_off64_t)state->have > len ?
- (unsigned)len : state->have;
- state->have -= n;
- state->next += n;
- state->pos += n;
+ if (state->x.have) {
+ n = GT_OFF(state->x.have) || (z_off64_t)state->x.have > len ?
+ (unsigned)len : state->x.have;
+ state->x.have -= n;
+ state->x.next += n;
+ state->x.pos += n;
len -= n;
}
/* need more data to skip -- load up output buffer */
else {
/* get more output, looking for header if required */
- if (gz_make(state) == -1)
+ if (gz_fetch(state) == -1)
return -1;
}
return 0;
state = (gz_statep)file;
strm = &(state->strm);
- /* check that we're reading and that there's no error */
- if (state->mode != GZ_READ || state->err != Z_OK)
+ /* check that we're reading and that there's no (serious) error */
+ if (state->mode != GZ_READ ||
+ (state->err != Z_OK && state->err != Z_BUF_ERROR))
return -1;
/* since an int is returned, make sure len fits in one, otherwise return
with an error (this avoids the flaw in the interface) */
if ((int)len < 0) {
- gz_error(state, Z_BUF_ERROR, "requested length does not fit in int");
+ gz_error(state, Z_DATA_ERROR, "requested length does not fit in int");
return -1;
}
got = 0;
do {
/* first just try copying data from the output buffer */
- if (state->have) {
- n = state->have > len ? len : state->have;
- memcpy(buf, state->next, n);
- state->next += n;
- state->have -= n;
+ if (state->x.have) {
+ n = state->x.have > len ? len : state->x.have;
+ memcpy(buf, state->x.next, n);
+ state->x.next += n;
+ state->x.have -= n;
}
/* output buffer empty -- return if we're at the end of the input */
- else if (state->eof && strm->avail_in == 0)
+ else if (state->eof && strm->avail_in == 0) {
+ state->past = 1; /* tried to read past end */
break;
+ }
/* need output data -- for small len or new stream load up our output
buffer */
else if (state->how == LOOK || len < (state->size << 1)) {
/* get more output, looking for header if required */
- if (gz_make(state) == -1)
+ if (gz_fetch(state) == -1)
return -1;
continue; /* no progress yet -- go back to memcpy() above */
/* the copy above assures that we will leave with space in the
strm->next_out = buf;
if (gz_decomp(state) == -1)
return -1;
- n = state->have;
- state->have = 0;
+ n = state->x.have;
+ state->x.have = 0;
}
/* update progress */
len -= n;
buf = (char *)buf + n;
got += n;
- state->pos += n;
+ state->x.pos += n;
} while (len);
/* return number of bytes read into user buffer (will fit in int) */
}
/* -- see zlib.h -- */
-int ZEXPORT gzgetc(file)
+int ZEXPORT gzgetc_(file)
gzFile file;
{
int ret;
return -1;
state = (gz_statep)file;
- /* check that we're reading and that there's no error */
- if (state->mode != GZ_READ || state->err != Z_OK)
+ /* check that we're reading and that there's no (serious) error */
+ if (state->mode != GZ_READ ||
+ (state->err != Z_OK && state->err != Z_BUF_ERROR))
return -1;
/* try output buffer (no need to check for skip request) */
- if (state->have) {
- state->have--;
- state->pos++;
- return *(state->next)++;
+ if (state->x.have) {
+ state->x.have--;
+ state->x.pos++;
+ return *(state->x.next)++;
}
/* nothing there -- try gzread() */
return ret < 1 ? -1 : buf[0];
}
+#undef gzgetc
+int ZEXPORT gzgetc(file)
+gzFile file;
+{
+ return gzgetc_(file);
+}
+
/* -- see zlib.h -- */
int ZEXPORT gzungetc(c, file)
int c;
return -1;
state = (gz_statep)file;
- /* check that we're reading and that there's no error */
- if (state->mode != GZ_READ || state->err != Z_OK)
+ /* check that we're reading and that there's no (serious) error */
+ if (state->mode != GZ_READ ||
+ (state->err != Z_OK && state->err != Z_BUF_ERROR))
return -1;
/* process a skip request */
return -1;
/* if output buffer empty, put byte at end (allows more pushing) */
- if (state->have == 0) {
- state->have = 1;
- state->next = state->out + (state->size << 1) - 1;
- state->next[0] = c;
- state->pos--;
+ if (state->x.have == 0) {
+ state->x.have = 1;
+ state->x.next = state->out + (state->size << 1) - 1;
+ state->x.next[0] = c;
+ state->x.pos--;
+ state->past = 0;
return c;
}
/* if no room, give up (must have already done a gzungetc()) */
- if (state->have == (state->size << 1)) {
- gz_error(state, Z_BUF_ERROR, "out of room to push characters");
+ if (state->x.have == (state->size << 1)) {
+ gz_error(state, Z_DATA_ERROR, "out of room to push characters");
return -1;
}
/* slide output data if needed and insert byte before existing data */
- if (state->next == state->out) {
- unsigned char *src = state->out + state->have;
+ if (state->x.next == state->out) {
+ unsigned char *src = state->out + state->x.have;
unsigned char *dest = state->out + (state->size << 1);
while (src > state->out)
*--dest = *--src;
- state->next = dest;
+ state->x.next = dest;
}
- state->have++;
- state->next--;
- state->next[0] = c;
- state->pos--;
+ state->x.have++;
+ state->x.next--;
+ state->x.next[0] = c;
+ state->x.pos--;
+ state->past = 0;
return c;
}
return NULL;
state = (gz_statep)file;
- /* check that we're reading and that there's no error */
- if (state->mode != GZ_READ || state->err != Z_OK)
+ /* check that we're reading and that there's no (serious) error */
+ if (state->mode != GZ_READ ||
+ (state->err != Z_OK && state->err != Z_BUF_ERROR))
return NULL;
/* process a skip request */
left = (unsigned)len - 1;
if (left) do {
/* assure that something is in the output buffer */
- if (state->have == 0) {
- if (gz_make(state) == -1)
- return NULL; /* error */
- if (state->have == 0) { /* end of file */
- if (buf == str) /* got bupkus */
- return NULL;
- break; /* got something -- return it */
- }
+ if (state->x.have == 0 && gz_fetch(state) == -1)
+ return NULL; /* error */
+ if (state->x.have == 0) { /* end of file */
+ state->past = 1; /* read past end */
+ break; /* return what we have */
}
/* look for end-of-line in current output buffer */
- n = state->have > left ? left : state->have;
- eol = memchr(state->next, '\n', n);
+ n = state->x.have > left ? left : state->x.have;
+ eol = memchr(state->x.next, '\n', n);
if (eol != NULL)
- n = (unsigned)(eol - state->next) + 1;
+ n = (unsigned)(eol - state->x.next) + 1;
/* copy through end-of-line, or remainder if not found */
- memcpy(buf, state->next, n);
- state->have -= n;
- state->next += n;
- state->pos += n;
+ memcpy(buf, state->x.next, n);
+ state->x.have -= n;
+ state->x.next += n;
+ state->x.pos += n;
left -= n;
buf += n;
} while (left && eol == NULL);
- /* found end-of-line or out of space -- terminate string and return it */
+ /* return terminated string, or if nothing, end of file */
+ if (buf == str)
+ return NULL;
buf[0] = 0;
return str;
}
return 0;
state = (gz_statep)file;
- /* check that we're reading */
- if (state->mode != GZ_READ)
- return 0;
-
/* if the state is not known, but we can find out, then do so (this is
mainly for right after a gzopen() or gzdopen()) */
- if (state->how == LOOK && state->have == 0)
- (void)gz_head(state);
+ if (state->mode == GZ_READ && state->how == LOOK && state->x.have == 0)
+ (void)gz_look(state);
- /* return 1 if reading direct, 0 if decompressing a gzip stream */
+ /* return 1 if transparent, 0 if processing a gzip stream */
return state->direct;
}
int ZEXPORT gzclose_r(file)
gzFile file;
{
- int ret;
+ int ret, err;
gz_statep state;
/* get internal structure */
free(state->out);
free(state->in);
}
+ err = state->err == Z_BUF_ERROR ? Z_BUF_ERROR : Z_OK;
gz_error(state, Z_OK, NULL);
free(state->path);
ret = close(state->fd);
free(state);
- return ret ? Z_ERRNO : Z_OK;
+ return ret ? Z_ERRNO : err;
}
/* gzwrite.c -- zlib functions for writing gzip files
- * Copyright (C) 2004, 2005, 2010 Mark Adler
+ * Copyright (C) 2004, 2005, 2010, 2011, 2012 Mark Adler
* For conditions of distribution and use, see copyright notice in zlib.h
*/
int ret;
z_streamp strm = &(state->strm);
- /* allocate input and output buffers */
+ /* allocate input buffer */
state->in = malloc(state->want);
- state->out = malloc(state->want);
- if (state->in == NULL || state->out == NULL) {
- if (state->out != NULL)
- free(state->out);
- if (state->in != NULL)
- free(state->in);
+ if (state->in == NULL) {
gz_error(state, Z_MEM_ERROR, "out of memory");
return -1;
}
- /* allocate deflate memory, set up for gzip compression */
- strm->zalloc = Z_NULL;
- strm->zfree = Z_NULL;
- strm->opaque = Z_NULL;
- ret = deflateInit2(strm, state->level, Z_DEFLATED,
- 15 + 16, 8, state->strategy);
- if (ret != Z_OK) {
- free(state->in);
- gz_error(state, Z_MEM_ERROR, "out of memory");
- return -1;
+ /* only need output buffer and deflate state if compressing */
+ if (!state->direct) {
+ /* allocate output buffer */
+ state->out = malloc(state->want);
+ if (state->out == NULL) {
+ free(state->in);
+ gz_error(state, Z_MEM_ERROR, "out of memory");
+ return -1;
+ }
+
+ /* allocate deflate memory, set up for gzip compression */
+ strm->zalloc = Z_NULL;
+ strm->zfree = Z_NULL;
+ strm->opaque = Z_NULL;
+ ret = deflateInit2(strm, state->level, Z_DEFLATED,
+ MAX_WBITS + 16, DEF_MEM_LEVEL, state->strategy);
+ if (ret != Z_OK) {
+ free(state->out);
+ free(state->in);
+ gz_error(state, Z_MEM_ERROR, "out of memory");
+ return -1;
+ }
}
/* mark state as initialized */
state->size = state->want;
- /* initialize write buffer */
- strm->avail_out = state->size;
- strm->next_out = state->out;
- state->next = strm->next_out;
+ /* initialize write buffer if compressing */
+ if (!state->direct) {
+ strm->avail_out = state->size;
+ strm->next_out = state->out;
+ state->x.next = strm->next_out;
+ }
return 0;
}
/* Compress whatever is at avail_in and next_in and write to the output file.
Return -1 if there is an error writing to the output file, otherwise 0.
flush is assumed to be a valid deflate() flush value. If flush is Z_FINISH,
- then the deflate() state is reset to start a new gzip stream. */
+ then the deflate() state is reset to start a new gzip stream. If gz->direct
+ is true, then simply write to the output file without compressing, and
+ ignore flush. */
local int gz_comp(state, flush)
gz_statep state;
int flush;
if (state->size == 0 && gz_init(state) == -1)
return -1;
+ /* write directly if requested */
+ if (state->direct) {
+ got = write(state->fd, strm->next_in, strm->avail_in);
+ if (got < 0 || (unsigned)got != strm->avail_in) {
+ gz_error(state, Z_ERRNO, zstrerror());
+ return -1;
+ }
+ strm->avail_in = 0;
+ return 0;
+ }
+
/* run deflate() on provided input until it produces no more output */
ret = Z_OK;
do {
doing Z_FINISH then don't write until we get to Z_STREAM_END */
if (strm->avail_out == 0 || (flush != Z_NO_FLUSH &&
(flush != Z_FINISH || ret == Z_STREAM_END))) {
- have = (unsigned)(strm->next_out - state->next);
- if (have && ((got = write(state->fd, state->next, have)) < 0 ||
+ have = (unsigned)(strm->next_out - state->x.next);
+ if (have && ((got = write(state->fd, state->x.next, have)) < 0 ||
(unsigned)got != have)) {
gz_error(state, Z_ERRNO, zstrerror());
return -1;
strm->avail_out = state->size;
strm->next_out = state->out;
}
- state->next = strm->next_out;
+ state->x.next = strm->next_out;
}
/* compress */
}
strm->avail_in = n;
strm->next_in = state->in;
- state->pos += n;
+ state->x.pos += n;
if (gz_comp(state, Z_NO_FLUSH) == -1)
return -1;
len -= n;
/* since an int is returned, make sure len fits in one, otherwise return
with an error (this avoids the flaw in the interface) */
if ((int)len < 0) {
- gz_error(state, Z_BUF_ERROR, "requested length does not fit in int");
+ gz_error(state, Z_DATA_ERROR, "requested length does not fit in int");
return 0;
}
n = len;
memcpy(strm->next_in + strm->avail_in, buf, n);
strm->avail_in += n;
- state->pos += n;
+ state->x.pos += n;
buf = (char *)buf + n;
len -= n;
if (len && gz_comp(state, Z_NO_FLUSH) == -1)
/* directly compress user buffer to file */
strm->avail_in = len;
strm->next_in = (voidp)buf;
- state->pos += len;
+ state->x.pos += len;
if (gz_comp(state, Z_NO_FLUSH) == -1)
return 0;
}
if (strm->avail_in == 0)
strm->next_in = state->in;
strm->next_in[strm->avail_in++] = c;
- state->pos++;
- return c;
+ state->x.pos++;
+ return c & 0xff;
}
/* no room in buffer or not initialized, use gz_write() */
buf[0] = c;
if (gzwrite(file, buf, 1) != 1)
return -1;
- return c;
+ return c & 0xff;
}
/* -- see zlib.h -- */
return ret == 0 && len != 0 ? -1 : ret;
}
-#ifdef STDC
+#if defined(STDC) || defined(Z_HAVE_STDARG_H)
#include <stdarg.h>
/* -- see zlib.h -- */
/* update buffer and position, defer compression until needed */
strm->avail_in = (unsigned)len;
strm->next_in = state->in;
- state->pos += len;
+ state->x.pos += len;
return len;
}
-#else /* !STDC */
+#else /* !STDC && !Z_HAVE_STDARG_H */
/* -- see zlib.h -- */
int ZEXPORTVA gzprintf (file, format, a1, a2, a3, a4, a5, a6, a7, a8, a9, a10,
state = (gz_statep)file;
strm = &(state->strm);
+ /* check that can really pass pointer in ints */
+ if (sizeof(int) != sizeof(void *))
+ return 0;
+
/* check that we're writing and that there's no error */
if (state->mode != GZ_WRITE || state->err != Z_OK)
return 0;
/* update buffer and position, defer compression until needed */
strm->avail_in = (unsigned)len;
strm->next_in = state->in;
- state->pos += len;
+ state->x.pos += len;
return len;
}
int ZEXPORT gzclose_w(file)
gzFile file;
{
- int ret = 0;
+ int ret = Z_OK;
gz_statep state;
/* get internal structure */
/* check for seek request */
if (state->seek) {
state->seek = 0;
- ret += gz_zero(state, state->skip);
+ if (gz_zero(state, state->skip) == -1)
+ ret = state->err;
}
/* flush, free memory, and close file */
- ret += gz_comp(state, Z_FINISH);
- (void)deflateEnd(&(state->strm));
- free(state->out);
+ if (gz_comp(state, Z_FINISH) == -1)
+ ret = state->err;
+ if (!state->direct) {
+ (void)deflateEnd(&(state->strm));
+ free(state->out);
+ }
free(state->in);
gz_error(state, Z_OK, NULL);
free(state->path);
- ret += close(state->fd);
+ if (close(state->fd) == -1)
+ ret = Z_ERRNO;
free(state);
- return ret ? Z_ERRNO : Z_OK;
+ return ret;
+}
+
+/* used by zlibVersion() to get the vsnprintf story from the horse's mouth */
+unsigned long ZEXPORT gzflags()
+{
+ unsigned long flags = 0;
+#if defined(STDC) || defined(Z_HAVE_STDARG_H)
+# ifdef NO_vsnprintf
+ flags += 1L << 25;
+# ifdef HAS_vsprintf_void
+ flags += 1L << 26;
+# endif
+# else
+# ifdef HAS_vsnprintf_void
+ flags += 1L << 26;
+# endif
+# endif
+#else
+ flags += 1L << 24;
+# ifdef NO_snprintf
+ flags += 1L << 25;
+# ifdef HAS_sprintf_void
+ flags += 1L << 26;
+# endif
+# else
+# ifdef HAS_snprintf_void
+ flags += 1L << 26;
+# endif
+# endif
+#endif
+ return flags;
}
/* infback.c -- inflate using a call-back interface
- * Copyright (C) 1995-2009 Mark Adler
+ * Copyright (C) 1995-2011 Mark Adler
* For conditions of distribution and use, see copyright notice in zlib.h
*/
return Z_STREAM_ERROR;
strm->msg = Z_NULL; /* in case we return an error */
if (strm->zalloc == (alloc_func)0) {
+#ifdef Z_SOLO
+ return Z_STREAM_ERROR;
+#else
strm->zalloc = zcalloc;
strm->opaque = (voidpf)0;
+#endif
}
- if (strm->zfree == (free_func)0) strm->zfree = zcfree;
+ if (strm->zfree == (free_func)0)
+#ifdef Z_SOLO
+ return Z_STREAM_ERROR;
+#else
+ strm->zfree = zcfree;
+#endif
state = (struct inflate_state FAR *)ZALLOC(strm, 1,
sizeof(struct inflate_state));
if (state == Z_NULL) return Z_MEM_ERROR;
PULLBYTE();
}
if (here.val < 16) {
- NEEDBITS(here.bits);
DROPBITS(here.bits);
state->lens[state->have++] = here.val;
}
* Generated automatically by makefixed().
*/
- /* WARNING: this file should *not* be used by applications. It
- is part of the implementation of the compression library and
- is subject to change. Applications should only use zlib.h.
+ /* WARNING: this file should *not* be used by applications.
+ It is part of the implementation of this library and is
+ subject to change. Applications should only use zlib.h.
*/
static const code lenfix[512] = {
/* inflate.c -- zlib decompression
- * Copyright (C) 1995-2010 Mark Adler
+ * Copyright (C) 1995-2011 Mark Adler
* For conditions of distribution and use, see copyright notice in zlib.h
*/
local unsigned syncsearch OF((unsigned FAR *have, unsigned char FAR *buf,
unsigned len));
-int ZEXPORT inflateReset(strm)
+int ZEXPORT inflateResetKeep(strm)
z_streamp strm;
{
struct inflate_state FAR *state;
state = (struct inflate_state FAR *)strm->state;
strm->total_in = strm->total_out = state->total = 0;
strm->msg = Z_NULL;
- strm->adler = 1; /* to support ill-conceived Java test suite */
+ if (state->wrap) /* to support ill-conceived Java test suite */
+ strm->adler = state->wrap & 1;
state->mode = HEAD;
state->last = 0;
state->havedict = 0;
state->dmax = 32768U;
state->head = Z_NULL;
- state->wsize = 0;
- state->whave = 0;
- state->wnext = 0;
state->hold = 0;
state->bits = 0;
state->lencode = state->distcode = state->next = state->codes;
return Z_OK;
}
+int ZEXPORT inflateReset(strm)
+z_streamp strm;
+{
+ struct inflate_state FAR *state;
+
+ if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+ state = (struct inflate_state FAR *)strm->state;
+ state->wsize = 0;
+ state->whave = 0;
+ state->wnext = 0;
+ return inflateResetKeep(strm);
+}
+
int ZEXPORT inflateReset2(strm, windowBits)
z_streamp strm;
int windowBits;
if (strm == Z_NULL) return Z_STREAM_ERROR;
strm->msg = Z_NULL; /* in case we return an error */
if (strm->zalloc == (alloc_func)0) {
+#ifdef Z_SOLO
+ return Z_STREAM_ERROR;
+#else
strm->zalloc = zcalloc;
strm->opaque = (voidpf)0;
+#endif
}
- if (strm->zfree == (free_func)0) strm->zfree = zcfree;
+ if (strm->zfree == (free_func)0)
+#ifdef Z_SOLO
+ return Z_STREAM_ERROR;
+#else
+ strm->zfree = zcfree;
+#endif
state = (struct inflate_state FAR *)
ZALLOC(strm, 1, sizeof(struct inflate_state));
if (state == Z_NULL) return Z_MEM_ERROR;
low = 0;
for (;;) {
if ((low % 7) == 0) printf("\n ");
- printf("{%u,%u,%d}", state.lencode[low].op, state.lencode[low].bits,
- state.lencode[low].val);
+ printf("{%u,%u,%d}", (low & 127) == 99 ? 64 : state.lencode[low].op,
+ state.lencode[low].bits, state.lencode[low].val);
if (++low == size) break;
putchar(',');
}
PULLBYTE();
}
if (here.val < 16) {
- NEEDBITS(here.bits);
DROPBITS(here.bits);
state->lens[state->have++] = here.val;
}
*/
inf_leave:
RESTORE();
- if (state->wsize || (state->mode < CHECK && out != strm->avail_out))
+ if (state->wsize || (out != strm->avail_out && state->mode < BAD &&
+ (state->mode < CHECK || flush != Z_FINISH)))
if (updatewindow(strm, out)) {
state->mode = MEM;
return Z_MEM_ERROR;
{
struct inflate_state FAR *state;
unsigned long id;
+ unsigned char *next;
+ unsigned avail;
+ int ret;
/* check state */
if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
return Z_DATA_ERROR;
}
- /* copy dictionary to window */
- if (updatewindow(strm, strm->avail_out)) {
+ /* copy dictionary to window using updatewindow(), which will amend the
+ existing dictionary if appropriate */
+ next = strm->next_out;
+ avail = strm->avail_out;
+ strm->next_out = (Bytef *)dictionary + dictLength;
+ strm->avail_out = 0;
+ ret = updatewindow(strm, dictLength);
+ strm->avail_out = avail;
+ strm->next_out = next;
+ if (ret) {
state->mode = MEM;
return Z_MEM_ERROR;
}
- if (dictLength > state->wsize) {
- zmemcpy(state->window, dictionary + dictLength - state->wsize,
- state->wsize);
- state->whave = state->wsize;
- }
- else {
- zmemcpy(state->window + state->wsize - dictLength, dictionary,
- dictLength);
- state->whave = dictLength;
- }
state->havedict = 1;
Tracev((stderr, "inflate: dictionary set\n"));
return Z_OK;
}
/* copy state */
- zmemcpy(dest, source, sizeof(z_stream));
- zmemcpy(copy, state, sizeof(struct inflate_state));
+ zmemcpy((voidpf)dest, (voidpf)source, sizeof(z_stream));
+ zmemcpy((voidpf)copy, (voidpf)state, sizeof(struct inflate_state));
if (state->lencode >= state->codes &&
state->lencode <= state->codes + ENOUGH - 1) {
copy->lencode = copy->codes + (state->lencode - state->codes);
/* inftrees.c -- generate Huffman trees for efficient decoding
- * Copyright (C) 1995-2010 Mark Adler
+ * Copyright (C) 1995-2012 Mark Adler
* For conditions of distribution and use, see copyright notice in zlib.h
*/
#define MAXBITS 15
const char inflate_copyright[] =
- " inflate 1.2.5 Copyright 1995-2010 Mark Adler ";
+ " inflate 1.2.6 Copyright 1995-2012 Mark Adler ";
/*
If you use the zlib library in a product, an acknowledgment is welcome
in the documentation of your product. If for some reason you cannot
35, 43, 51, 59, 67, 83, 99, 115, 131, 163, 195, 227, 258, 0, 0};
static const unsigned short lext[31] = { /* Length codes 257..285 extra */
16, 16, 16, 16, 16, 16, 16, 16, 17, 17, 17, 17, 18, 18, 18, 18,
- 19, 19, 19, 19, 20, 20, 20, 20, 21, 21, 21, 21, 16, 73, 195};
+ 19, 19, 19, 19, 20, 20, 20, 20, 21, 21, 21, 21, 16, 203, 69};
static const unsigned short dbase[32] = { /* Distance codes 0..29 base */
1, 2, 3, 4, 5, 7, 9, 13, 17, 25, 33, 49, 65, 97, 129, 193,
257, 385, 513, 769, 1025, 1537, 2049, 3073, 4097, 6145,
}
}
- /*
- Fill in rest of table for incomplete codes. This loop is similar to the
- loop above in incrementing huff for table indices. It is assumed that
- len is equal to curr + drop, so there is no loop needed to increment
- through high index bits. When the current sub-table is filled, the loop
- drops back to the root table to fill in any remaining entries there.
- */
- here.op = (unsigned char)64; /* invalid code marker */
- here.bits = (unsigned char)(len - drop);
- here.val = (unsigned short)0;
- while (huff != 0) {
- /* when done with sub-table, drop back to root table */
- if (drop != 0 && (huff & mask) != low) {
- drop = 0;
- len = root;
- next = *table;
- here.bits = (unsigned char)len;
- }
-
- /* put invalid code marker in table */
- next[huff >> drop] = here;
-
- /* backwards increment the len-bit code huff */
- incr = 1U << (len - 1);
- while (huff & incr)
- incr >>= 1;
- if (incr != 0) {
- huff &= incr - 1;
- huff += incr;
- }
- else
- huff = 0;
+ /* fill in remaining table entry if code is incomplete (guaranteed to have
+ at most one remaining entry, since if the code is incomplete, the
+ maximum code length that was allowed to get this far is one bit) */
+ if (huff != 0) {
+ here.op = (unsigned char)64; /* invalid code marker */
+ here.bits = (unsigned char)(len - drop);
+ here.val = (unsigned short)0;
+ next[huff] = here;
}
/* set return parameters */
/* trees.c -- output deflated data using Huffman coding
- * Copyright (C) 1995-2010 Jean-loup Gailly
+ * Copyright (C) 1995-2012 Jean-loup Gailly
* detect_data_type() function provided freely by Cosmin Truta, 2006
* For conditions of distribution and use, see copyright notice in zlib.h
*/
* probability, to avoid transmitting the lengths for unused bit length codes.
*/
-#define Buf_size (8 * 2*sizeof(char))
-/* Number of bits used within bi_buf. (bi_buf might be implemented on
- * more than 16 bits on some systems.)
- */
-
/* ===========================================================================
* Local data. These are initialized only once.
*/
s->bi_buf = 0;
s->bi_valid = 0;
- s->last_eob_len = 8; /* enough lookahead for inflate */
#ifdef DEBUG
s->compressed_len = 0L;
s->bits_sent = 0L;
copy_block(s, buf, (unsigned)stored_len, 1); /* with header */
}
+/* ===========================================================================
+ * Flush the bits in the bit buffer to pending output (leaves at most 7 bits)
+ */
+void ZLIB_INTERNAL _tr_flush_bits(s)
+ deflate_state *s;
+{
+ bi_flush(s);
+}
+
/* ===========================================================================
* Send one empty static block to give enough lookahead for inflate.
* This takes 10 bits, of which 7 may remain in the bit buffer.
- * The current inflate code requires 9 bits of lookahead. If the
- * last two codes for the previous block (real code plus EOB) were coded
- * on 5 bits or less, inflate may have only 5+3 bits of lookahead to decode
- * the last real code. In this case we send two empty static blocks instead
- * of one. (There are no problems if the previous block is stored or fixed.)
- * To simplify the code, we assume the worst case of last real code encoded
- * on one bit only.
*/
void ZLIB_INTERNAL _tr_align(s)
deflate_state *s;
s->compressed_len += 10L; /* 3 for block type, 7 for EOB */
#endif
bi_flush(s);
- /* Of the 10 bits for the empty block, we have already sent
- * (10 - bi_valid) bits. The lookahead for the last real code (before
- * the EOB of the previous block) was thus at least one plus the length
- * of the EOB plus what we have just sent of the empty static block.
- */
- if (1 + s->last_eob_len + 10 - s->bi_valid < 9) {
- send_bits(s, STATIC_TREES<<1, 3);
- send_code(s, END_BLOCK, static_ltree);
-#ifdef DEBUG
- s->compressed_len += 10L;
-#endif
- bi_flush(s);
- }
- s->last_eob_len = 7;
}
/* ===========================================================================
} while (lx < s->last_lit);
send_code(s, END_BLOCK, ltree);
- s->last_eob_len = ltree[END_BLOCK].Len;
}
/* ===========================================================================
int header; /* true if block header must be written */
{
bi_windup(s); /* align on byte boundary */
- s->last_eob_len = 8; /* enough lookahead for inflate */
if (header) {
put_short(s, (ush)len);
/* zconf.h -- configuration of the zlib compression library
- * Copyright (C) 1995-2010 Jean-loup Gailly.
+ * Copyright (C) 1995-2011 Jean-loup Gailly.
* For conditions of distribution and use, see copyright notice in zlib.h
*/
#undef HAVE_VSNPRINTF
#undef HAVE_MEMCPY
#undef _FILE_OFFSET_BITS
-#undef _LARGE_FILES
+#undef _LARGE_FILES
#undef const
/*
* this permanently in zconf.h using "./configure --zprefix".
*/
#ifdef Z_PREFIX /* may be set to #if 1 by ./configure */
+# define Z_PREFIX_SET
/* all linked symbols */
# define _dist_code z__dist_code
# define adler32 z_adler32
# define adler32_combine z_adler32_combine
# define adler32_combine64 z_adler32_combine64
-# define compress z_compress
-# define compress2 z_compress2
-# define compressBound z_compressBound
+# ifndef Z_SOLO
+# define compress z_compress
+# define compress2 z_compress2
+# define compressBound z_compressBound
+# endif
# define crc32 z_crc32
# define crc32_combine z_crc32_combine
# define crc32_combine64 z_crc32_combine64
# define deflateInit2_ z_deflateInit2_
# define deflateInit_ z_deflateInit_
# define deflateParams z_deflateParams
+# define deflatePending z_deflatePending
# define deflatePrime z_deflatePrime
# define deflateReset z_deflateReset
+# define deflateResetKeep z_deflateResetKeep
# define deflateSetDictionary z_deflateSetDictionary
# define deflateSetHeader z_deflateSetHeader
# define deflateTune z_deflateTune
# define deflate_copyright z_deflate_copyright
# define get_crc_table z_get_crc_table
-# define gz_error z_gz_error
-# define gz_intmax z_gz_intmax
-# define gz_strwinerror z_gz_strwinerror
-# define gzbuffer z_gzbuffer
-# define gzclearerr z_gzclearerr
-# define gzclose z_gzclose
-# define gzclose_r z_gzclose_r
-# define gzclose_w z_gzclose_w
-# define gzdirect z_gzdirect
-# define gzdopen z_gzdopen
-# define gzeof z_gzeof
-# define gzerror z_gzerror
-# define gzflush z_gzflush
-# define gzgetc z_gzgetc
-# define gzgets z_gzgets
-# define gzoffset z_gzoffset
-# define gzoffset64 z_gzoffset64
-# define gzopen z_gzopen
-# define gzopen64 z_gzopen64
-# define gzprintf z_gzprintf
-# define gzputc z_gzputc
-# define gzputs z_gzputs
-# define gzread z_gzread
-# define gzrewind z_gzrewind
-# define gzseek z_gzseek
-# define gzseek64 z_gzseek64
-# define gzsetparams z_gzsetparams
-# define gztell z_gztell
-# define gztell64 z_gztell64
-# define gzungetc z_gzungetc
-# define gzwrite z_gzwrite
+# ifndef Z_SOLO
+# define gz_error z_gz_error
+# define gz_intmax z_gz_intmax
+# define gz_strwinerror z_gz_strwinerror
+# define gzbuffer z_gzbuffer
+# define gzclearerr z_gzclearerr
+# define gzclose z_gzclose
+# define gzclose_r z_gzclose_r
+# define gzclose_w z_gzclose_w
+# define gzdirect z_gzdirect
+# define gzdopen z_gzdopen
+# define gzeof z_gzeof
+# define gzerror z_gzerror
+# define gzflags z_gzflags
+# define gzflush z_gzflush
+# define gzgetc z_gzgetc
+# define gzgetc_ z_gzgetc_
+# define gzgets z_gzgets
+# define gzoffset z_gzoffset
+# define gzoffset64 z_gzoffset64
+# define gzopen z_gzopen
+# define gzopen64 z_gzopen64
+# define gzprintf z_gzprintf
+# define gzputc z_gzputc
+# define gzputs z_gzputs
+# define gzread z_gzread
+# define gzrewind z_gzrewind
+# define gzseek z_gzseek
+# define gzseek64 z_gzseek64
+# define gzsetparams z_gzsetparams
+# define gztell z_gztell
+# define gztell64 z_gztell64
+# define gzungetc z_gzungetc
+# define gzwrite z_gzwrite
+# endif
# define inflate z_inflate
# define inflateBack z_inflateBack
# define inflateBackEnd z_inflateBackEnd
# define inflateSync z_inflateSync
# define inflateSyncPoint z_inflateSyncPoint
# define inflateUndermine z_inflateUndermine
+# define inflateResetKeep z_inflateResetKeep
# define inflate_copyright z_inflate_copyright
# define inflate_fast z_inflate_fast
# define inflate_table z_inflate_table
-# define uncompress z_uncompress
+# ifndef Z_SOLO
+# define uncompress z_uncompress
+# endif
# define zError z_zError
-# define zcalloc z_zcalloc
-# define zcfree z_zcfree
+# ifndef Z_SOLO
+# define zcalloc z_zcalloc
+# define zcfree z_zcfree
+# endif
# define zlibCompileFlags z_zlibCompileFlags
# define zlibVersion z_zlibVersion
# define alloc_func z_alloc_func
# define charf z_charf
# define free_func z_free_func
-# define gzFile z_gzFile
-# define gz_header z_gz_header
-# define gz_headerp z_gz_headerp
+# ifndef Z_SOLO
+# define gzFile z_gzFile
+# define gz_header z_gz_header
+# define gz_headerp z_gz_headerp
+# endif
# define in_func z_in_func
# define intf z_intf
# define out_func z_out_func
# define voidpf z_voidpf
/* all zlib structs in zlib.h and zconf.h */
-# define gz_header_s z_gz_header_s
+# ifndef Z_SOLO
+# define gz_header_s z_gz_header_s
+# endif
# define internal_state z_internal_state
#endif
# endif
#endif
+#if defined(ZLIB_CONST) && !defined(z_const)
+# define z_const const
+#else
+# define z_const
+#endif
+
/* Some Mac compilers merge all .h files incorrectly: */
#if defined(__MWERKS__)||defined(applec)||defined(THINK_C)||defined(__SC__)
# define NO_DUMMY_DECL
# endif
#endif
+#ifndef Z_ARG /* function prototypes for stdarg */
+# if defined(STDC) || defined(Z_HAVE_STDARG_H)
+# define Z_ARG(args) args
+# else
+# define Z_ARG(args) ()
+# endif
+#endif
+
/* The following definitions for FAR are needed only for MSDOS mixed
* model programming (small or medium model with some far allocations).
* This was tested only with MSC; for other MSDOS compilers you may have
# define Z_HAVE_UNISTD_H
#endif
+#ifdef HAVE_STDARG_H /* may be set to #if 1 by ./configure */
+# define Z_HAVE_STDARG_H
+#endif
+
#ifdef STDC
-# include <sys/types.h> /* for off_t */
+# ifndef Z_SOLO
+# include <sys/types.h> /* for off_t */
+# endif
#endif
/* a little trick to accommodate both "#define _LARGEFILE64_SOURCE" and
# undef _LARGEFILE64_SOURCE
#endif
-#if defined(Z_HAVE_UNISTD_H) || defined(_LARGEFILE64_SOURCE)
+#if defined(_LARGEFILE64_SOURCE) && _LFS64_LARGEFILE-0
+# define Z_LARGE
+#endif
+
+#if (defined(Z_HAVE_UNISTD_H) || defined(Z_LARGE)) && !defined(Z_SOLO)
# include <unistd.h> /* for SEEK_* and off_t */
# ifdef VMS
# include <unixio.h> /* for off_t */
# endif
#endif
-#ifndef SEEK_SET
+#if !defined(SEEK_SET) && !defined(Z_SOLO)
# define SEEK_SET 0 /* Seek from beginning of file. */
# define SEEK_CUR 1 /* Seek from current position. */
# define SEEK_END 2 /* Set file pointer to EOF plus "offset" */
# define z_off_t long
#endif
-#if defined(_LARGEFILE64_SOURCE) && _LFS64_LARGEFILE-0
+#if !defined(_WIN32) && (defined(_LARGEFILE64_SOURCE) && _LFS64_LARGEFILE-0)
# define z_off64_t off64_t
#else
+# if defined(_WIN32)
+# define z_off64_t __int64
+# else
# define z_off64_t z_off_t
#endif
-
-#if defined(__OS400__)
-# define NO_vsnprintf
-#endif
-
-#if defined(__MVS__)
-# define NO_vsnprintf
#endif
/* MVS linker does not support external names larger than 8 bytes */
/* zlib.h -- interface of the 'zlib' general purpose compression library
- version 1.2.5, April 19th, 2010
+ version 1.2.6, January 29th, 2012
- Copyright (C) 1995-2010 Jean-loup Gailly and Mark Adler
+ Copyright (C) 1995-2012 Jean-loup Gailly and Mark Adler
This software is provided 'as-is', without any express or implied
warranty. In no event will the authors be held liable for any damages
The data format used by the zlib library is described by RFCs (Request for
- Comments) 1950 to 1952 in the files http://www.ietf.org/rfc/rfc1950.txt
- (zlib format), rfc1951.txt (deflate format) and rfc1952.txt (gzip format).
+ Comments) 1950 to 1952 in the files http://tools.ietf.org/html/rfc1950
+ (zlib format), rfc1951 (deflate format) and rfc1952 (gzip format).
*/
#ifndef ZLIB_H
extern "C" {
#endif
-#define ZLIB_VERSION "1.2.5"
-#define ZLIB_VERNUM 0x1250
+#define ZLIB_VERSION "1.2.6"
+#define ZLIB_VERNUM 0x1260
#define ZLIB_VER_MAJOR 1
#define ZLIB_VER_MINOR 2
-#define ZLIB_VER_REVISION 5
+#define ZLIB_VER_REVISION 6
#define ZLIB_VER_SUBREVISION 0
/*
struct internal_state;
typedef struct z_stream_s {
- Bytef *next_in; /* next input byte */
+ z_const Bytef *next_in; /* next input byte */
uInt avail_in; /* number of bytes available at next_in */
- uLong total_in; /* total nb of input bytes read so far */
+ uLong total_in; /* total number of input bytes read so far */
Bytef *next_out; /* next output byte should be put there */
uInt avail_out; /* remaining free space at next_out */
- uLong total_out; /* total nb of bytes output so far */
+ uLong total_out; /* total number of bytes output so far */
- char *msg; /* last error message, NULL if no error */
+ z_const char *msg; /* last error message, NULL if no error */
struct internal_state FAR *state; /* not visible by applications */
alloc_func zalloc; /* used to allocate the internal state */
Z_FINISH can be used immediately after deflateInit if all the compression
is to be done in a single step. In this case, avail_out must be at least the
- value returned by deflateBound (see below). If deflate does not return
- Z_STREAM_END, then it must be called again as described above.
+ value returned by deflateBound (see below). Then deflate is guaranteed to
+ return Z_STREAM_END. If not enough output space is provided, deflate will
+ not return Z_STREAM_END, and it must be called again as described above.
deflate() sets strm->adler to the adler32 checksum of all input read
so far (that is, total_in bytes).
avail_out must be large enough to hold all the uncompressed data. (The size
of the uncompressed data may have been saved by the compressor for this
purpose.) The next operation on this stream must be inflateEnd to deallocate
- the decompression state. The use of Z_FINISH is never required, but can be
- used to inform inflate that a faster approach may be used for the single
- inflate() call.
+ the decompression state. The use of Z_FINISH is not required to perform an
+ inflation in one step. However it may be used to inform inflate that a
+ faster approach can be used for the single inflate() call. Z_FINISH also
+ informs inflate to not maintain a sliding window if the stream completes,
+ which reduces inflate's memory footprint.
In this implementation, inflate() always flushes as much output as
possible to the output buffer, and always uses the faster approach on the
- first call. So the only effect of the flush parameter in this implementation
- is on the return value of inflate(), as noted below, or when it returns early
- because Z_BLOCK or Z_TREES is used.
+ first call. So the effects of the flush parameter in this implementation are
+ on the return value of inflate() as noted below, when inflate() returns early
+ when Z_BLOCK or Z_TREES is used, and when inflate() avoids the allocation of
+ memory for a sliding window when Z_FINISH is used.
If a preset dictionary is needed after this call (see inflateSetDictionary
- below), inflate sets strm->adler to the adler32 checksum of the dictionary
+ below), inflate sets strm->adler to the Adler-32 checksum of the dictionary
chosen by the compressor and returns Z_NEED_DICT; otherwise it sets
- strm->adler to the adler32 checksum of all output produced so far (that is,
+ strm->adler to the Adler-32 checksum of all output produced so far (that is,
total_out bytes) and returns Z_OK, Z_STREAM_END or an error code as described
below. At the end of the stream, inflate() checks that its computed adler32
checksum is equal to that saved by the compressor and returns Z_STREAM_END
initializing with inflateInit2(). Any information contained in the gzip
header is not retained, so applications that need that information should
instead use raw inflate, see inflateInit2() below, or inflateBack() and
- perform their own processing of the gzip header and trailer.
+ perform their own processing of the gzip header and trailer. When processing
+ gzip-wrapped deflate data, strm->adler32 is set to the CRC-32 of the output
+ producted so far. The CRC-32 is checked against the gzip trailer.
inflate() returns Z_OK if some progress has been made (more input processed
or more output produced), Z_STREAM_END if the end of the compressed data has
uInt dictLength));
/*
Initializes the compression dictionary from the given byte sequence
- without producing any compressed output. This function must be called
- immediately after deflateInit, deflateInit2 or deflateReset, before any call
- of deflate. The compressor and decompressor must use exactly the same
- dictionary (see inflateSetDictionary).
+ without producing any compressed output. When using the zlib format, this
+ function must be called immediately after deflateInit, deflateInit2 or
+ deflateReset, and before any call of deflate. When doing raw deflate, this
+ function must be called either before any call of deflate, or immediately
+ after the completion of a deflate block, i.e. after all input has been
+ consumed and all output has been delivered when using any of the flush
+ options Z_BLOCK, Z_PARTIAL_FLUSH, Z_SYNC_FLUSH, or Z_FULL_FLUSH. The
+ compressor and decompressor must use exactly the same dictionary (see
+ inflateSetDictionary).
The dictionary should consist of strings (byte sequences) that are likely
to be encountered later in the data to be compressed, with the most commonly
deflateSetDictionary returns Z_OK if success, or Z_STREAM_ERROR if a
parameter is invalid (e.g. dictionary being Z_NULL) or the stream state is
inconsistent (for example if deflate has already been called for this stream
- or if the compression method is bsort). deflateSetDictionary does not
- perform any compression: this will be done by deflate().
+ or if not at a block boundary for raw deflate). deflateSetDictionary does
+ not perform any compression: this will be done by deflate().
*/
ZEXTERN int ZEXPORT deflateCopy OF((z_streamp dest,
deflation of sourceLen bytes. It must be called after deflateInit() or
deflateInit2(), and after deflateSetHeader(), if used. This would be used
to allocate an output buffer for deflation in a single pass, and so would be
- called before deflate().
-*/
+ called before deflate(). If that first deflate() call is provided the
+ sourceLen input bytes, an output buffer allocated to the size returned by
+ deflateBound(), and the flush value Z_FINISH, then deflate() is guaranteed
+ to return Z_STREAM_END. Note that it is possible for the compressed size to
+ be larger than the value returned by deflateBound() if flush options other
+ than Z_FINISH or Z_NO_FLUSH are used.
+*/
+
+ZEXTERN int ZEXPORT deflatePending OF((z_streamp strm,
+ unsigned *pending,
+ int *bits));
+/*
+ deflatePending() returns the number of bytes and bits of output that have
+ been generated, but not yet provided in the available output. The bytes not
+ provided would be due to the available output space having being consumed.
+ The number of bits of output not provided are between 0 and 7, where they
+ await more bits to join them in order to fill out a full byte. If pending
+ or bits are Z_NULL, then those values are not set.
+
+ deflatePending returns Z_OK if success, or Z_STREAM_ERROR if the source
+ stream state was inconsistent.
+ */
ZEXTERN int ZEXPORT deflatePrime OF((z_streamp strm,
int bits,
than or equal to 16, and that many of the least significant bits of value
will be inserted in the output.
- deflatePrime returns Z_OK if success, or Z_STREAM_ERROR if the source
- stream state was inconsistent.
+ deflatePrime returns Z_OK if success, Z_BUF_ERROR if there was not enough
+ room in the internal buffer to insert the bits, or Z_STREAM_ERROR if the
+ source stream state was inconsistent.
*/
ZEXTERN int ZEXPORT deflateSetHeader OF((z_streamp strm,
if that call returned Z_NEED_DICT. The dictionary chosen by the compressor
can be determined from the adler32 value returned by that call of inflate.
The compressor and decompressor must use exactly the same dictionary (see
- deflateSetDictionary). For raw inflate, this function can be called
- immediately after inflateInit2() or inflateReset() and before any call of
- inflate() to set the dictionary. The application must insure that the
- dictionary that was used for compression is provided.
+ deflateSetDictionary). For raw inflate, this function can be called at any
+ time to set the dictionary. If the provided dictionary is smaller than the
+ window and there is already data in the window, then the provided dictionary
+ will amend what's there. The application must insure that the dictionary
+ that was used for compression is provided.
inflateSetDictionary returns Z_OK if success, Z_STREAM_ERROR if a
parameter is invalid (e.g. dictionary being Z_NULL) or the stream state is
ZEXTERN int ZEXPORT inflateSync OF((z_streamp strm));
/*
- Skips invalid compressed data until a full flush point (see above the
- description of deflate with Z_FULL_FLUSH) can be found, or until all
+ Skips invalid compressed data until a possible full flush point (see above
+ for the description of deflate with Z_FULL_FLUSH) can be found, or until all
available input is skipped. No output is provided.
- inflateSync returns Z_OK if a full flush point has been found, Z_BUF_ERROR
- if no more input was provided, Z_DATA_ERROR if no flush point has been
- found, or Z_STREAM_ERROR if the stream structure was inconsistent. In the
- success case, the application may save the current current value of total_in
- which indicates where valid compressed data was found. In the error case,
- the application may repeatedly call inflateSync, providing more input each
- time, until success or end of the input data.
+ inflateSync searches for a 00 00 FF FF pattern in the compressed data.
+ All full flush points have this pattern, but not all occurences of this
+ pattern are full flush points.
+
+ inflateSync returns Z_OK if a possible full flush point has been found,
+ Z_BUF_ERROR if no more input was provided, Z_DATA_ERROR if no flush point
+ has been found, or Z_STREAM_ERROR if the stream structure was inconsistent.
+ In the success case, the application may save the current current value of
+ total_in which indicates where valid compressed data was found. In the
+ error case, the application may repeatedly call inflateSync, providing more
+ input each time, until success or end of the input data.
*/
ZEXTERN int ZEXPORT inflateCopy OF((z_streamp dest,
See inflateBack() for the usage of these routines.
inflateBackInit will return Z_OK on success, Z_STREAM_ERROR if any of
- the paramaters are invalid, Z_MEM_ERROR if the internal state could not be
+ the parameters are invalid, Z_MEM_ERROR if the internal state could not be
allocated, or Z_VERSION_ERROR if the version of the library does not match
the version of the header file.
*/
27-31: 0 (reserved)
*/
+#ifndef Z_SOLO
/* utility functions */
uncompress returns Z_OK if success, Z_MEM_ERROR if there was not
enough memory, Z_BUF_ERROR if there was not enough room in the output
- buffer, or Z_DATA_ERROR if the input data was corrupted or incomplete.
+ buffer, or Z_DATA_ERROR if the input data was corrupted or incomplete. In
+ the case where there is not enough room, uncompress() will fill the output
+ buffer with the uncompressed data up to that point.
*/
-
/* gzip file access functions */
/*
wrapper, documented in RFC 1952, wrapped around a deflate stream.
*/
-typedef voidp gzFile; /* opaque gzip file descriptor */
+typedef struct gzFile_s *gzFile; /* semi-opaque gzip file descriptor */
/*
ZEXTERN gzFile ZEXPORT gzopen OF((const char *path, const char *mode));
a strategy: 'f' for filtered data as in "wb6f", 'h' for Huffman-only
compression as in "wb1h", 'R' for run-length encoding as in "wb1R", or 'F'
for fixed code compression as in "wb9F". (See the description of
- deflateInit2 for more information about the strategy parameter.) Also "a"
- can be used instead of "w" to request that the gzip stream that will be
- written be appended to the file. "+" will result in an error, since reading
- and writing to the same gzip file is not supported.
+ deflateInit2 for more information about the strategy parameter.) 'T' will
+ request transparent writing or appending with no compression and not using
+ the gzip format.
+
+ "a" can be used instead of "w" to request that the gzip stream that will
+ be written be appended to the file. "+" will result in an error, since
+ reading and writing to the same gzip file is not supported.
+
+ These functions, as well as gzip, will read and decode a sequence of gzip
+ streams in a file. The append function of gzopen() can be used to create
+ such a file. (Also see gzflush() for another way to do this.) When
+ appending, gzopen does not test whether the file begins with a gzip stream,
+ nor does it look for the end of the gzip streams to begin appending. gzopen
+ will simply append a gzip stream to the existing file.
gzopen can be used to read a file which is not in gzip format; in this
- case gzread will directly read from the file without decompression.
+ case gzread will directly read from the file without decompression. When
+ reading, this will be detected automatically by looking for the magic two-
+ byte gzip header.
gzopen returns NULL if the file could not be opened, if there was
insufficient memory to allocate the gzFile state, or if an invalid mode was
descriptor fd, just like fclose(fdopen(fd, mode)) closes the file descriptor
fd. If you want to keep fd open, use fd = dup(fd_keep); gz = gzdopen(fd,
mode);. The duplicated descriptor should be saved to avoid a leak, since
- gzdopen does not close fd if it fails.
+ gzdopen does not close fd if it fails. If you are using fileno() to get the
+ file descriptor from a FILE *, then you will have to use dup() to avoid
+ double-close()ing the file descriptor. Both gzclose() and fclose() will
+ close the associated file descriptor, so they need to have different file
+ descriptors.
gzdopen returns NULL if there was insufficient memory to allocate the
gzFile state, if an invalid mode was specified (an 'r', 'w', or 'a' was not
ZEXTERN int ZEXPORT gzread OF((gzFile file, voidp buf, unsigned len));
/*
Reads the given number of uncompressed bytes from the compressed file. If
- the input file was not in gzip format, gzread copies the given number of
- bytes into the buffer.
+ the input file is not in gzip format, gzread copies the given number of
+ bytes into the buffer directly from the file.
After reaching the end of a gzip stream in the input, gzread will continue
- to read, looking for another gzip stream, or failing that, reading the rest
- of the input file directly without decompression. The entire input file
- will be read if gzread is called until it returns less than the requested
- len.
+ to read, looking for another gzip stream. Any number of gzip streams may be
+ concatenated in the input file, and will all be decompressed by gzread().
+ If something other than a gzip stream is encountered after a gzip stream,
+ that remaining trailing garbage is ignored (and no error is returned).
+
+ gzread can be used to read a gzip file that is being concurrently written.
+ Upon reaching the end of the input, gzread will return with the available
+ data. If the error code returned by gzerror is Z_OK or Z_BUF_ERROR, then
+ gzclearerr can be used to clear the end of file indicator in order to permit
+ gzread to be tried again. Z_OK indicates that a gzip stream was completed
+ on the last gzread. Z_BUF_ERROR indicates that the input file ended in the
+ middle of a gzip stream. Note that gzread does not return -1 in the event
+ of an incomplete gzip stream. This error is deferred until gzclose(), which
+ will return Z_BUF_ERROR if the last gzread ended in the middle of a gzip
+ stream. Alternatively, gzerror can be used before gzclose to detect this
+ case.
gzread returns the number of uncompressed bytes actually read, less than
len for end of file, or -1 for error.
error.
*/
-ZEXTERN int ZEXPORTVA gzprintf OF((gzFile file, const char *format, ...));
+ZEXTERN int ZEXPORTVA gzprintf Z_ARG((gzFile file, const char *format, ...));
/*
Converts, formats, and writes the arguments to the compressed file under
control of the format string, as in fprintf. gzprintf returns the number of
ZEXTERN int ZEXPORT gzgetc OF((gzFile file));
/*
Reads one byte from the compressed file. gzgetc returns this byte or -1
- in case of end of file or error.
+ in case of end of file or error. This is implemented as a macro for speed.
+ As such, it does not do all of the checking the other functions do. I.e.
+ it does not check to see if file is NULL, nor whether the structure file
+ points to has been clobbered or not.
*/
ZEXTERN int ZEXPORT gzungetc OF((int c, gzFile file));
ZEXTERN int ZEXPORT gzdirect OF((gzFile file));
/*
Returns true (1) if file is being copied directly while reading, or false
- (0) if file is a gzip stream being decompressed. This state can change from
- false to true while reading the input file if the end of a gzip stream is
- reached, but is followed by data that is not another gzip stream.
+ (0) if file is a gzip stream being decompressed.
If the input file is empty, gzdirect() will return true, since the input
does not contain a gzip stream.
cause buffers to be allocated to allow reading the file to determine if it
is a gzip file. Therefore if gzbuffer() is used, it should be called before
gzdirect().
+
+ When writing, gzdirect() returns true (1) if transparent writing was
+ requested ("wT" for the gzopen() mode), or false (0) otherwise. (Note:
+ gzdirect() is not needed when writing. Transparent writing must be
+ explicitly requested, so the application already knows the answer. When
+ linking statically, using gzdirect() will include all of the zlib code for
+ gzip file reading and decompression, which may not be desired.)
*/
ZEXTERN int ZEXPORT gzclose OF((gzFile file));
must not be called more than once on the same allocation.
gzclose will return Z_STREAM_ERROR if file is not valid, Z_ERRNO on a
- file operation error, or Z_OK on success.
+ file operation error, Z_MEM_ERROR if out of memory, Z_BUF_ERROR if the
+ last read ended in the middle of a gzip stream, or Z_OK on success.
*/
ZEXTERN int ZEXPORT gzclose_r OF((gzFile file));
file that is being written concurrently.
*/
+#endif /* !Z_SOLO */
/* checksum functions */
Combine two Adler-32 checksums into one. For two sequences of bytes, seq1
and seq2 with lengths len1 and len2, Adler-32 checksums were calculated for
each, adler1 and adler2. adler32_combine() returns the Adler-32 checksum of
- seq1 and seq2 concatenated, requiring only adler1, adler2, and len2.
+ seq1 and seq2 concatenated, requiring only adler1, adler2, and len2. Note
+ that the z_off_t type (like off_t) is a signed integer. If len2 is
+ negative, the result has no meaning or utility.
*/
ZEXTERN uLong ZEXPORT crc32 OF((uLong crc, const Bytef *buf, uInt len));
const char *version,
int stream_size));
#define deflateInit(strm, level) \
- deflateInit_((strm), (level), ZLIB_VERSION, sizeof(z_stream))
+ deflateInit_((strm), (level), ZLIB_VERSION, (int)sizeof(z_stream))
#define inflateInit(strm) \
- inflateInit_((strm), ZLIB_VERSION, sizeof(z_stream))
+ inflateInit_((strm), ZLIB_VERSION, (int)sizeof(z_stream))
#define deflateInit2(strm, level, method, windowBits, memLevel, strategy) \
deflateInit2_((strm),(level),(method),(windowBits),(memLevel),\
- (strategy), ZLIB_VERSION, sizeof(z_stream))
+ (strategy), ZLIB_VERSION, (int)sizeof(z_stream))
#define inflateInit2(strm, windowBits) \
- inflateInit2_((strm), (windowBits), ZLIB_VERSION, sizeof(z_stream))
+ inflateInit2_((strm), (windowBits), ZLIB_VERSION, \
+ (int)sizeof(z_stream))
#define inflateBackInit(strm, windowBits, window) \
inflateBackInit_((strm), (windowBits), (window), \
- ZLIB_VERSION, sizeof(z_stream))
+ ZLIB_VERSION, (int)sizeof(z_stream))
+
+#ifndef Z_SOLO
+
+/* gzgetc() macro and its supporting function and exposed data structure. Note
+ * that the real internal state is much larger than the exposed structure.
+ * This abbreviated structure exposes just enough for the gzgetc() macro. The
+ * user should not mess with these exposed elements, since their names or
+ * behavior could change in the future, perhaps even capriciously. They can
+ * only be used by the gzgetc() macro. You have been warned.
+ */
+struct gzFile_s {
+ unsigned have;
+ unsigned char *next;
+ z_off64_t pos;
+};
+ZEXTERN int ZEXPORT gzgetc_ OF((gzFile file));
+#define gzgetc(g) \
+ ((g)->have ? ((g)->have--, (g)->pos++, *((g)->next)++) : gzgetc_(g))
/* provide 64-bit offset functions if _LARGEFILE64_SOURCE defined, and/or
* change the regular functions to 64 bits if _FILE_OFFSET_BITS is 64 (if
#endif
#if !defined(ZLIB_INTERNAL) && _FILE_OFFSET_BITS-0 == 64 && _LFS64_LARGEFILE-0
-# define gzopen gzopen64
-# define gzseek gzseek64
-# define gztell gztell64
-# define gzoffset gzoffset64
-# define adler32_combine adler32_combine64
-# define crc32_combine crc32_combine64
-# ifdef _LARGEFILE64_SOURCE
+# ifdef Z_PREFIX_SET
+# define z_gzopen z_gzopen64
+# define z_gzseek z_gzseek64
+# define z_gztell z_gztell64
+# define z_gzoffset z_gzoffset64
+# define z_adler32_combine z_adler32_combine64
+# define z_crc32_combine z_crc32_combine64
+# else
+# define gzopen gzopen64
+# define gzseek gzseek64
+# define gztell gztell64
+# define gzoffset gzoffset64
+# define adler32_combine adler32_combine64
+# define crc32_combine crc32_combine64
+# endif
+# ifndef _LARGEFILE64_SOURCE
ZEXTERN gzFile ZEXPORT gzopen64 OF((const char *, const char *));
ZEXTERN z_off_t ZEXPORT gzseek64 OF((gzFile, z_off_t, int));
ZEXTERN z_off_t ZEXPORT gztell64 OF((gzFile));
ZEXTERN uLong ZEXPORT crc32_combine OF((uLong, uLong, z_off_t));
#endif
+#else /* Z_SOLO */
+
+ ZEXTERN uLong ZEXPORT adler32_combine OF((uLong, uLong, z_off_t));
+ ZEXTERN uLong ZEXPORT crc32_combine OF((uLong, uLong, z_off_t));
+
+#endif /* !Z_SOLO */
+
/* hack for buggy compilers */
#if !defined(ZUTIL_H) && !defined(NO_DUMMY_DECL)
struct internal_state {int dummy;};
ZEXTERN int ZEXPORT inflateSyncPoint OF((z_streamp));
ZEXTERN const uLongf * ZEXPORT get_crc_table OF((void));
ZEXTERN int ZEXPORT inflateUndermine OF((z_streamp, int));
+ZEXTERN int ZEXPORT inflateResetKeep OF((z_streamp));
+ZEXTERN int ZEXPORT deflateResetKeep OF((z_streamp));
+#ifndef Z_SOLO
+ ZEXTERN unsigned long ZEXPORT gzflags OF((void));
+#endif
#ifdef __cplusplus
}
/* zutil.c -- target dependent utility functions for the compression library
- * Copyright (C) 1995-2005, 2010 Jean-loup Gailly.
+ * Copyright (C) 1995-2005, 2010, 2011 Jean-loup Gailly.
* For conditions of distribution and use, see copyright notice in zlib.h
*/
#ifdef FASTEST
flags += 1L << 21;
#endif
-#ifdef STDC
-# ifdef NO_vsnprintf
- flags += 1L << 25;
-# ifdef HAS_vsprintf_void
- flags += 1L << 26;
-# endif
-# else
-# ifdef HAS_vsnprintf_void
- flags += 1L << 26;
-# endif
-# endif
+#ifdef Z_SOLO
+ return flags;
#else
- flags += 1L << 24;
-# ifdef NO_snprintf
- flags += 1L << 25;
-# ifdef HAS_sprintf_void
- flags += 1L << 26;
-# endif
-# else
-# ifdef HAS_snprintf_void
- flags += 1L << 26;
-# endif
-# endif
+ return flags + gzflags();
#endif
- return flags;
}
#ifdef DEBUG
}
#endif
+#ifndef Z_SOLO
#ifdef SYS16BIT
}
#endif /* MY_ZCALLOC */
+
+#endif /* !Z_SOLO */
/* zutil.h -- internal interface and configuration of the compression library
- * Copyright (C) 1995-2010 Jean-loup Gailly.
+ * Copyright (C) 1995-2011 Jean-loup Gailly.
* For conditions of distribution and use, see copyright notice in zlib.h
*/
#include "zlib.h"
-#ifdef STDC
+#if defined(STDC) && !defined(Z_SOLO)
# if !(defined(_WIN32_WCE) && defined(_MSC_VER))
# include <stddef.h>
# endif
# include <stdlib.h>
#endif
+#ifdef Z_SOLO
+ typedef long ptrdiff_t; /* guess -- will be caught if guess is wrong */
+#endif
+
#ifndef local
# define local static
#endif
#if defined(MSDOS) || (defined(WINDOWS) && !defined(WIN32))
# define OS_CODE 0x00
-# if defined(__TURBOC__) || defined(__BORLANDC__)
-# if (__STDC__ == 1) && (defined(__LARGE__) || defined(__COMPACT__))
- /* Allow compilation with ANSI keywords only enabled */
- void _Cdecl farfree( void *block );
- void *_Cdecl farmalloc( unsigned long nbytes );
-# else
-# include <alloc.h>
+# ifndef Z_SOLO
+# if defined(__TURBOC__) || defined(__BORLANDC__)
+# if (__STDC__ == 1) && (defined(__LARGE__) || defined(__COMPACT__))
+ /* Allow compilation with ANSI keywords only enabled */
+ void _Cdecl farfree( void *block );
+ void *_Cdecl farmalloc( unsigned long nbytes );
+# else
+# include <alloc.h>
+# endif
+# else /* MSC or DJGPP */
+# include <malloc.h>
# endif
-# else /* MSC or DJGPP */
-# include <malloc.h>
# endif
#endif
#ifdef OS2
# define OS_CODE 0x06
-# ifdef M_I86
+# if defined(M_I86) && !defined(Z_SOLO)
# include <malloc.h>
# endif
#endif
#if defined(MACOS) || defined(TARGET_OS_MAC)
# define OS_CODE 0x07
-# if defined(__MWERKS__) && __dest_os != __be_os && __dest_os != __win32_os
-# include <unix.h> /* for fdopen */
-# else
-# ifndef fdopen
-# define fdopen(fd,mode) NULL /* No fdopen() */
+# ifndef Z_SOLO
+# if defined(__MWERKS__) && __dest_os != __be_os && __dest_os != __win32_os
+# include <unix.h> /* for fdopen */
+# else
+# ifndef fdopen
+# define fdopen(fd,mode) NULL /* No fdopen() */
+# endif
# endif
# endif
#endif
# endif
#endif
-#if defined(__BORLANDC__)
+#if defined(__BORLANDC__) && !defined(MSDOS)
#pragma warn -8004
#pragma warn -8008
#pragma warn -8066
#endif
/* provide prototypes for these when building zlib without LFS */
-#if !defined(_LARGEFILE64_SOURCE) || _LFS64_LARGEFILE-0 == 0
+#if !defined(_WIN32) && (!defined(_LARGEFILE64_SOURCE) || _LFS64_LARGEFILE-0 == 0)
ZEXTERN uLong ZEXPORT adler32_combine64 OF((uLong, uLong, z_off_t));
ZEXTERN uLong ZEXPORT crc32_combine64 OF((uLong, uLong, z_off_t));
#endif
/* functions */
-#if defined(STDC99) || (defined(__TURBOC__) && __TURBOC__ >= 0x550)
-# ifndef HAVE_VSNPRINTF
-# define HAVE_VSNPRINTF
-# endif
-#endif
-#if defined(__CYGWIN__)
-# ifndef HAVE_VSNPRINTF
-# define HAVE_VSNPRINTF
-# endif
-#endif
-#ifndef HAVE_VSNPRINTF
-# ifdef MSDOS
- /* vsnprintf may exist on some MS-DOS compilers (DJGPP?),
- but for now we just assume it doesn't. */
-# define NO_vsnprintf
-# endif
-# ifdef __TURBOC__
-# define NO_vsnprintf
-# endif
-# ifdef WIN32
- /* In Win32, vsnprintf is available as the "non-ANSI" _vsnprintf. */
-# if !defined(vsnprintf) && !defined(NO_vsnprintf)
-# if !defined(_MSC_VER) || ( defined(_MSC_VER) && _MSC_VER < 1500 )
-# define vsnprintf _vsnprintf
-# endif
-# endif
-# endif
-# ifdef __SASC
-# define NO_vsnprintf
-# endif
-#endif
-#ifdef VMS
-# define NO_vsnprintf
-#endif
-
-#if defined(pyr)
+#if defined(pyr) || defined(Z_SOLO)
# define NO_MEMCPY
#endif
#if defined(SMALL_MEDIUM) && !defined(_MSC_VER) && !defined(__SC__)
# define Tracecv(c,x)
#endif
-
-voidpf ZLIB_INTERNAL zcalloc OF((voidpf opaque, unsigned items,
- unsigned size));
-void ZLIB_INTERNAL zcfree OF((voidpf opaque, voidpf ptr));
+#ifndef Z_SOLO
+ voidpf ZLIB_INTERNAL zcalloc OF((voidpf opaque, unsigned items,
+ unsigned size));
+ void ZLIB_INTERNAL zcfree OF((voidpf opaque, voidpf ptr));
+#endif
#define ZALLOC(strm, items, size) \
(*((strm)->zalloc))((strm)->opaque, (items), (size))
projects / debian / sudo / commitdiff