2 /*static char yysccsid[] = "from: @(#)yaccpar 1.9 (Berkeley) 02/21/93";*/
5 __attribute__ ((unused))
6 #endif /* __GNUC__ >= 2 */
7 = "$OpenBSD: skeleton.c,v 1.29 2008/07/08 15:06:50 otto Exp $";
16 #define yyclearin (yychar=(YYEMPTY))
17 #define yyerrok (yyerrflag=0)
18 #define YYRECOVERING() (yyerrflag!=0)
22 * Copyright (c) 1996, 1998-2005, 2007-2008
23 * Todd C. Miller <Todd.Miller@courtesan.com>
25 * Permission to use, copy, modify, and distribute this software for any
26 * purpose with or without fee is hereby granted, provided that the above
27 * copyright notice and this permission notice appear in all copies.
29 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
30 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
31 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
32 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
33 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
34 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
35 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
36 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
37 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
39 * Sponsored in part by the Defense Advanced Research Projects
40 * Agency (DARPA) and Air Force Research Laboratory, Air Force
41 * Materiel Command, USAF, under agreement number F39502-99-1-0512.
46 #include <sys/types.h>
47 #include <sys/param.h>
56 #endif /* STDC_HEADERS */
60 # ifdef HAVE_STRINGS_H
63 #endif /* HAVE_STRING_H */
66 #endif /* HAVE_UNISTD_H */
67 #if defined(YYBISON) && defined(HAVE_ALLOCA_H) && !defined(__GNUC__)
69 #endif /* YYBISON && HAVE_ALLOCA_H && !__GNUC__ */
76 * We must define SIZE_MAX for yacc's skeleton.c.
77 * If there is no SIZE_MAX or SIZE_T_MAX we have to assume that size_t
78 * could be signed (as it is on SunOS 4.x).
82 # define SIZE_MAX SIZE_T_MAX
84 # define SIZE_MAX INT_MAX
85 # endif /* SIZE_T_MAX */
91 extern int sudolineno;
97 char *errorfile = NULL;
99 struct defaults_list defaults;
100 struct userspec_list userspecs;
105 static void add_defaults __P((int, struct member *, struct defaults *));
106 static void add_userspec __P((struct member *, struct privilege *));
107 static struct defaults *new_default __P((char *, char *, int));
108 static struct member *new_member __P((char *, int));
109 void yyerror __P((const char *));
115 /* Save the line the first error occurred on. */
116 if (errorlineno == -1) {
117 errorlineno = sudolineno ? sudolineno - 1 : 0;
118 errorfile = estrdup(sudoers);
120 if (verbose && s != NULL) {
122 (void) fprintf(stderr, ">>> %s: %s near line %d <<<\n", sudoers, s,
123 sudolineno ? sudolineno - 1 : 0);
125 (void) fprintf(stderr, "<*> ");
131 #ifndef YYSTYPE_DEFINED
132 #define YYSTYPE_DEFINED
134 struct cmndspec *cmndspec;
135 struct defaults *defaults;
136 struct member *member;
137 struct runascontainer *runas;
138 struct privilege *privilege;
139 struct sudo_command command;
141 struct selinux_info seinfo;
145 #endif /* YYSTYPE_DEFINED */
152 #define USERGROUP 262
155 #define DEFAULTS_HOST 265
156 #define DEFAULTS_USER 266
157 #define DEFAULTS_RUNAS 267
158 #define DEFAULTS_CMND 268
167 #define HOSTALIAS 277
168 #define CMNDALIAS 278
169 #define USERALIAS 279
170 #define RUNASALIAS 280
174 #define YYERRCODE 256
175 #if defined(__cplusplus) || defined(__STDC__)
176 const short yylhs[] =
181 0, 0, 25, 25, 26, 26, 26, 26, 26, 26,
182 26, 26, 26, 26, 26, 26, 4, 4, 3, 3,
183 3, 3, 3, 20, 20, 19, 10, 10, 8, 8,
184 8, 8, 8, 2, 2, 1, 6, 6, 23, 24,
185 22, 22, 22, 22, 22, 17, 17, 18, 18, 18,
186 21, 21, 21, 21, 21, 21, 21, 5, 5, 5,
187 28, 28, 31, 9, 9, 29, 29, 32, 7, 7,
188 30, 30, 33, 27, 27, 34, 13, 13, 11, 11,
189 12, 12, 12, 12, 12, 16, 16, 14, 14, 15,
192 #if defined(__cplusplus) || defined(__STDC__)
193 const short yylen[] =
198 0, 1, 1, 2, 1, 2, 2, 2, 2, 2,
199 2, 2, 3, 3, 3, 3, 1, 3, 1, 2,
200 3, 3, 3, 1, 3, 3, 1, 2, 1, 1,
201 1, 1, 1, 1, 3, 4, 1, 2, 3, 3,
202 0, 1, 1, 2, 2, 0, 3, 1, 3, 2,
203 0, 2, 2, 2, 2, 2, 2, 1, 1, 1,
204 1, 3, 3, 1, 3, 1, 3, 3, 1, 3,
205 1, 3, 3, 1, 3, 3, 1, 3, 1, 2,
206 1, 1, 1, 1, 1, 1, 3, 1, 2, 1,
209 #if defined(__cplusplus) || defined(__STDC__)
210 const short yydefred[] =
215 0, 81, 83, 84, 85, 0, 0, 0, 0, 0,
216 82, 5, 0, 0, 0, 0, 0, 0, 77, 79,
217 0, 0, 3, 6, 0, 0, 17, 0, 29, 32,
218 31, 33, 30, 0, 27, 0, 64, 0, 0, 60,
219 59, 58, 0, 37, 69, 0, 0, 0, 61, 0,
220 0, 66, 0, 0, 74, 0, 0, 71, 80, 0,
221 0, 24, 0, 4, 0, 0, 0, 20, 0, 28,
222 0, 0, 0, 0, 38, 0, 0, 0, 0, 0,
223 0, 0, 0, 0, 0, 78, 0, 0, 21, 22,
224 23, 18, 65, 70, 0, 62, 0, 67, 0, 75,
225 0, 72, 0, 34, 0, 0, 25, 0, 0, 0,
226 0, 0, 0, 51, 0, 0, 90, 92, 91, 0,
227 86, 88, 0, 0, 47, 35, 0, 0, 0, 44,
228 45, 89, 0, 0, 40, 39, 52, 53, 54, 55,
231 #if defined(__cplusplus) || defined(__STDC__)
232 const short yydgoto[] =
237 104, 105, 27, 28, 44, 45, 46, 35, 61, 37,
238 19, 20, 21, 121, 122, 123, 106, 110, 62, 63,
239 129, 114, 115, 116, 22, 23, 54, 48, 51, 57,
242 #if defined(__cplusplus) || defined(__STDC__)
243 const short yysindex[] =
248 -266, 0, 0, 0, 0, -9, 463, 510, 510, -2,
249 0, 0, -243, -218, -215, -211, -225, 0, 0, 0,
250 -28, 405, 0, 0, -36, -210, 0, 4, 0, 0,
251 0, 0, 0, -231, 0, -33, 0, -25, -25, 0,
252 0, 0, -240, 0, 0, -21, -6, -1, 0, 2,
253 6, 0, 7, 8, 0, 9, 11, 0, 0, 510,
254 -22, 0, 13, 0, -203, -201, -198, 0, -9, 0,
255 463, 4, 4, 4, 0, -2, 4, 463, -243, -2,
256 -218, 510, -215, 510, -211, 0, 27, 463, 0, 0,
257 0, 0, 0, 0, 28, 0, 30, 0, 31, 0,
258 31, 0, 141, 0, 32, -262, 0, -27, -16, 36,
259 27, 18, 19, 0, -200, -202, 0, 0, 0, -217,
260 0, 0, 39, -27, 0, 0, -177, -175, 250, 0,
261 0, 0, -27, 39, 0, 0, 0, 0, 0, 0,
263 #if defined(__cplusplus) || defined(__STDC__)
264 const short yyrindex[] =
269 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
270 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
271 0, 91, 0, 0, 1, 0, 0, 156, 0, 0,
272 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
273 0, 0, 0, 0, 0, 0, 0, 181, 0, 0,
274 206, 0, 0, 237, 0, 0, 274, 0, 0, 0,
275 0, 0, 300, 0, 0, 0, 0, 0, 0, 0,
276 0, 326, 352, 378, 0, 0, 430, 0, 0, 0,
277 0, 0, 0, 0, 0, 0, -29, 0, 0, 0,
278 0, 0, 0, 0, 26, 0, 52, 0, 78, 0,
279 104, 0, 0, 0, 130, 442, 0, 0, 51, 0,
280 -29, 0, 0, 0, 461, 485, 0, 0, 0, 0,
281 0, 0, 53, 0, 0, 0, 0, 0, 0, 0,
282 0, 0, 0, 54, 0, 0, 0, 0, 0, 0,
284 #if defined(__cplusplus) || defined(__STDC__)
285 const short yygindex[] =
290 -18, 0, 29, 15, 56, -73, 16, 63, -5, 34,
291 40, 84, 5, -31, -17, -15, 0, 0, 24, 0,
292 0, 0, -10, -8, 0, 92, 0, 0, 0, 0,
295 #define YYTABLESIZE 785
296 #if defined(__cplusplus) || defined(__STDC__)
297 const short yytable[] =
302 19, 36, 94, 46, 34, 120, 66, 26, 67, 24,
303 71, 26, 38, 39, 47, 60, 40, 41, 60, 112,
304 113, 71, 76, 26, 65, 63, 29, 60, 30, 31,
305 43, 32, 2, 19, 42, 3, 4, 5, 87, 50,
306 117, 124, 53, 33, 19, 118, 56, 69, 68, 11,
307 72, 68, 73, 74, 78, 143, 79, 119, 63, 89,
308 77, 90, 80, 81, 91, 83, 103, 82, 85, 84,
309 88, 71, 95, 76, 60, 111, 125, 76, 127, 128,
310 113, 112, 133, 63, 68, 135, 99, 136, 101, 1,
311 2, 48, 126, 50, 49, 97, 70, 92, 75, 86,
312 59, 144, 132, 73, 93, 131, 130, 109, 134, 68,
313 76, 107, 0, 64, 0, 96, 0, 102, 98, 0,
314 0, 0, 0, 100, 0, 0, 0, 0, 0, 26,
315 0, 0, 0, 0, 0, 76, 73, 0, 0, 0,
316 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
317 0, 0, 0, 0, 0, 12, 0, 0, 0, 0,
318 0, 73, 26, 0, 0, 0, 0, 0, 0, 0,
319 0, 0, 0, 17, 0, 0, 0, 0, 0, 0,
320 9, 0, 0, 0, 0, 0, 0, 26, 12, 0,
321 0, 0, 0, 0, 0, 0, 0, 0, 108, 0,
322 0, 0, 0, 0, 0, 10, 0, 0, 0, 0,
323 0, 0, 0, 9, 0, 0, 0, 0, 0, 0,
324 0, 0, 0, 0, 0, 25, 0, 46, 46, 29,
325 117, 30, 31, 25, 32, 118, 8, 25, 10, 46,
326 46, 46, 46, 46, 46, 46, 33, 119, 0, 25,
327 0, 0, 46, 46, 40, 41, 19, 0, 19, 0,
328 0, 19, 19, 19, 19, 19, 19, 19, 19, 8,
329 0, 0, 42, 11, 0, 19, 19, 19, 19, 19,
330 19, 63, 43, 63, 0, 0, 63, 63, 63, 63,
331 63, 63, 63, 63, 0, 0, 0, 0, 0, 7,
332 63, 63, 63, 63, 63, 63, 11, 68, 0, 68,
333 0, 0, 68, 68, 68, 68, 68, 68, 68, 68,
334 0, 0, 0, 0, 0, 15, 68, 68, 68, 68,
335 68, 68, 7, 76, 0, 76, 0, 0, 76, 76,
336 76, 76, 76, 76, 76, 76, 0, 0, 0, 0,
337 0, 13, 76, 76, 76, 76, 76, 76, 15, 73,
338 0, 73, 0, 0, 73, 73, 73, 73, 73, 73,
339 73, 73, 0, 0, 0, 0, 0, 14, 73, 73,
340 73, 73, 73, 73, 13, 26, 0, 26, 0, 0,
341 26, 26, 26, 26, 26, 26, 26, 26, 2, 0,
342 0, 3, 4, 5, 26, 26, 26, 26, 26, 26,
343 14, 12, 0, 12, 0, 11, 12, 12, 12, 12,
344 12, 12, 12, 12, 0, 0, 0, 0, 0, 16,
345 12, 12, 12, 12, 12, 12, 9, 17, 9, 0,
346 0, 9, 9, 9, 9, 9, 9, 9, 9, 0,
347 0, 0, 0, 0, 0, 9, 9, 9, 9, 9,
348 9, 10, 16, 10, 0, 0, 10, 10, 10, 10,
349 10, 10, 10, 10, 41, 0, 0, 0, 0, 0,
350 10, 10, 10, 10, 10, 10, 0, 0, 0, 0,
351 0, 0, 8, 42, 8, 34, 0, 8, 8, 8,
352 8, 8, 8, 8, 8, 0, 40, 41, 0, 0,
353 0, 8, 8, 8, 8, 8, 8, 43, 137, 138,
354 139, 140, 141, 142, 42, 0, 0, 0, 0, 11,
355 0, 11, 0, 0, 11, 11, 11, 11, 11, 11,
356 11, 11, 17, 0, 0, 0, 0, 0, 11, 11,
357 11, 11, 11, 11, 0, 7, 0, 7, 0, 0,
358 7, 7, 7, 7, 7, 7, 7, 7, 0, 0,
359 0, 0, 0, 0, 7, 7, 7, 7, 7, 7,
360 0, 15, 0, 15, 0, 0, 15, 15, 15, 15,
361 15, 15, 15, 15, 0, 0, 0, 0, 0, 0,
362 15, 15, 15, 15, 15, 15, 0, 13, 0, 13,
363 0, 0, 13, 13, 13, 13, 13, 13, 13, 13,
364 0, 0, 0, 0, 0, 0, 13, 13, 13, 13,
365 13, 13, 0, 14, 0, 14, 0, 0, 14, 14,
366 14, 14, 14, 14, 14, 14, 0, 0, 0, 0,
367 0, 0, 14, 14, 14, 14, 14, 14, 0, 0,
368 1, 0, 2, 0, 0, 3, 4, 5, 6, 7,
369 8, 9, 10, 0, 0, 0, 0, 0, 0, 11,
370 12, 13, 14, 15, 16, 16, 0, 16, 0, 0,
371 16, 16, 16, 16, 16, 16, 16, 16, 41, 41,
372 0, 0, 0, 0, 16, 16, 16, 16, 16, 16,
373 41, 41, 41, 41, 41, 41, 41, 42, 42, 0,
374 29, 0, 30, 31, 0, 32, 0, 0, 0, 42,
375 42, 42, 42, 42, 42, 42, 0, 33, 0, 0,
376 0, 43, 43, 0, 0, 0, 0, 0, 0, 0,
377 0, 0, 0, 43, 43, 43, 43, 43, 43, 43,
378 0, 0, 0, 0, 0, 0, 0, 2, 0, 0,
379 3, 4, 5, 0, 0, 0, 0, 0, 0, 0,
382 #if defined(__cplusplus) || defined(__STDC__)
383 const short yycheck[] =
388 0, 7, 76, 33, 33, 33, 43, 33, 45, 276,
389 44, 33, 8, 9, 258, 44, 257, 258, 44, 282,
390 283, 44, 44, 33, 61, 0, 258, 44, 260, 261,
391 33, 263, 258, 33, 275, 261, 262, 263, 61, 258,
392 258, 58, 258, 275, 44, 263, 258, 44, 259, 275,
393 36, 0, 38, 39, 61, 129, 58, 275, 33, 263,
394 46, 263, 61, 58, 263, 58, 40, 61, 58, 61,
395 58, 44, 78, 44, 44, 44, 41, 0, 61, 61,
396 283, 282, 44, 58, 33, 263, 82, 263, 84, 0,
397 0, 41, 111, 41, 41, 80, 34, 69, 43, 60,
398 17, 133, 120, 0, 71, 116, 115, 103, 124, 58,
399 33, 88, -1, 22, -1, 79, -1, 85, 81, -1,
400 -1, -1, -1, 83, -1, -1, -1, -1, -1, 0,
401 -1, -1, -1, -1, -1, 58, 33, -1, -1, -1,
402 -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
403 -1, -1, -1, -1, -1, 0, -1, -1, -1, -1,
404 -1, 58, 33, -1, -1, -1, -1, -1, -1, -1,
405 -1, -1, -1, 33, -1, -1, -1, -1, -1, -1,
406 0, -1, -1, -1, -1, -1, -1, 58, 33, -1,
407 -1, -1, -1, -1, -1, -1, -1, -1, 58, -1,
408 -1, -1, -1, -1, -1, 0, -1, -1, -1, -1,
409 -1, -1, -1, 33, -1, -1, -1, -1, -1, -1,
410 -1, -1, -1, -1, -1, 259, -1, 257, 258, 258,
411 258, 260, 261, 259, 263, 263, 0, 259, 33, 269,
412 270, 271, 272, 273, 274, 275, 275, 275, -1, 259,
413 -1, -1, 282, 283, 257, 258, 256, -1, 258, -1,
414 -1, 261, 262, 263, 264, 265, 266, 267, 268, 33,
415 -1, -1, 275, 0, -1, 275, 276, 277, 278, 279,
416 280, 256, 33, 258, -1, -1, 261, 262, 263, 264,
417 265, 266, 267, 268, -1, -1, -1, -1, -1, 0,
418 275, 276, 277, 278, 279, 280, 33, 256, -1, 258,
419 -1, -1, 261, 262, 263, 264, 265, 266, 267, 268,
420 -1, -1, -1, -1, -1, 0, 275, 276, 277, 278,
421 279, 280, 33, 256, -1, 258, -1, -1, 261, 262,
422 263, 264, 265, 266, 267, 268, -1, -1, -1, -1,
423 -1, 0, 275, 276, 277, 278, 279, 280, 33, 256,
424 -1, 258, -1, -1, 261, 262, 263, 264, 265, 266,
425 267, 268, -1, -1, -1, -1, -1, 0, 275, 276,
426 277, 278, 279, 280, 33, 256, -1, 258, -1, -1,
427 261, 262, 263, 264, 265, 266, 267, 268, 258, -1,
428 -1, 261, 262, 263, 275, 276, 277, 278, 279, 280,
429 33, 256, -1, 258, -1, 275, 261, 262, 263, 264,
430 265, 266, 267, 268, -1, -1, -1, -1, -1, 0,
431 275, 276, 277, 278, 279, 280, 256, 33, 258, -1,
432 -1, 261, 262, 263, 264, 265, 266, 267, 268, -1,
433 -1, -1, -1, -1, -1, 275, 276, 277, 278, 279,
434 280, 256, 33, 258, -1, -1, 261, 262, 263, 264,
435 265, 266, 267, 268, 33, -1, -1, -1, -1, -1,
436 275, 276, 277, 278, 279, 280, -1, -1, -1, -1,
437 -1, -1, 256, 33, 258, 33, -1, 261, 262, 263,
438 264, 265, 266, 267, 268, -1, 257, 258, -1, -1,
439 -1, 275, 276, 277, 278, 279, 280, 33, 269, 270,
440 271, 272, 273, 274, 275, -1, -1, -1, -1, 256,
441 -1, 258, -1, -1, 261, 262, 263, 264, 265, 266,
442 267, 268, 33, -1, -1, -1, -1, -1, 275, 276,
443 277, 278, 279, 280, -1, 256, -1, 258, -1, -1,
444 261, 262, 263, 264, 265, 266, 267, 268, -1, -1,
445 -1, -1, -1, -1, 275, 276, 277, 278, 279, 280,
446 -1, 256, -1, 258, -1, -1, 261, 262, 263, 264,
447 265, 266, 267, 268, -1, -1, -1, -1, -1, -1,
448 275, 276, 277, 278, 279, 280, -1, 256, -1, 258,
449 -1, -1, 261, 262, 263, 264, 265, 266, 267, 268,
450 -1, -1, -1, -1, -1, -1, 275, 276, 277, 278,
451 279, 280, -1, 256, -1, 258, -1, -1, 261, 262,
452 263, 264, 265, 266, 267, 268, -1, -1, -1, -1,
453 -1, -1, 275, 276, 277, 278, 279, 280, -1, -1,
454 256, -1, 258, -1, -1, 261, 262, 263, 264, 265,
455 266, 267, 268, -1, -1, -1, -1, -1, -1, 275,
456 276, 277, 278, 279, 280, 256, -1, 258, -1, -1,
457 261, 262, 263, 264, 265, 266, 267, 268, 257, 258,
458 -1, -1, -1, -1, 275, 276, 277, 278, 279, 280,
459 269, 270, 271, 272, 273, 274, 275, 257, 258, -1,
460 258, -1, 260, 261, -1, 263, -1, -1, -1, 269,
461 270, 271, 272, 273, 274, 275, -1, 275, -1, -1,
462 -1, 257, 258, -1, -1, -1, -1, -1, -1, -1,
463 -1, -1, -1, 269, 270, 271, 272, 273, 274, 275,
464 -1, -1, -1, -1, -1, -1, -1, 258, -1, -1,
465 261, 262, 263, -1, -1, -1, -1, -1, -1, -1,
472 #define YYMAXTOKEN 283
474 #if defined(__cplusplus) || defined(__STDC__)
475 const char * const yyname[] =
480 "end-of-file",0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
481 "'!'",0,0,0,0,0,0,"'('","')'",0,"'+'","','","'-'",0,0,0,0,0,0,0,0,0,0,0,0,"':'",
482 0,0,"'='",0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
483 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
484 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
485 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
486 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
487 "COMMAND","ALIAS","DEFVAR","NTWKADDR","NETGROUP","USERGROUP","WORD","DEFAULTS",
488 "DEFAULTS_HOST","DEFAULTS_USER","DEFAULTS_RUNAS","DEFAULTS_CMND","NOPASSWD",
489 "PASSWD","NOEXEC","EXEC","SETENV","NOSETENV","ALL","COMMENT","HOSTALIAS",
490 "CMNDALIAS","USERALIAS","RUNASALIAS","ERROR","TYPE","ROLE",
492 #if defined(__cplusplus) || defined(__STDC__)
493 const char * const yyrule[] =
503 "entry : error COMMENT",
504 "entry : userlist privileges",
505 "entry : USERALIAS useraliases",
506 "entry : HOSTALIAS hostaliases",
507 "entry : CMNDALIAS cmndaliases",
508 "entry : RUNASALIAS runasaliases",
509 "entry : DEFAULTS defaults_list",
510 "entry : DEFAULTS_USER userlist defaults_list",
511 "entry : DEFAULTS_RUNAS userlist defaults_list",
512 "entry : DEFAULTS_HOST hostlist defaults_list",
513 "entry : DEFAULTS_CMND cmndlist defaults_list",
514 "defaults_list : defaults_entry",
515 "defaults_list : defaults_list ',' defaults_entry",
516 "defaults_entry : DEFVAR",
517 "defaults_entry : '!' DEFVAR",
518 "defaults_entry : DEFVAR '=' WORD",
519 "defaults_entry : DEFVAR '+' WORD",
520 "defaults_entry : DEFVAR '-' WORD",
521 "privileges : privilege",
522 "privileges : privileges ':' privilege",
523 "privilege : hostlist '=' cmndspeclist",
531 "cmndspeclist : cmndspec",
532 "cmndspeclist : cmndspeclist ',' cmndspec",
533 "cmndspec : runasspec selinux cmndtag opcmnd",
536 "rolespec : ROLE '=' WORD",
537 "typespec : TYPE '=' WORD",
539 "selinux : rolespec",
540 "selinux : typespec",
541 "selinux : rolespec typespec",
542 "selinux : typespec rolespec",
544 "runasspec : '(' runaslist ')'",
545 "runaslist : userlist",
546 "runaslist : userlist ':' grouplist",
547 "runaslist : ':' grouplist",
549 "cmndtag : cmndtag NOPASSWD",
550 "cmndtag : cmndtag PASSWD",
551 "cmndtag : cmndtag NOEXEC",
552 "cmndtag : cmndtag EXEC",
553 "cmndtag : cmndtag SETENV",
554 "cmndtag : cmndtag NOSETENV",
558 "hostaliases : hostalias",
559 "hostaliases : hostaliases ':' hostalias",
560 "hostalias : ALIAS '=' hostlist",
562 "hostlist : hostlist ',' ophost",
563 "cmndaliases : cmndalias",
564 "cmndaliases : cmndaliases ':' cmndalias",
565 "cmndalias : ALIAS '=' cmndlist",
567 "cmndlist : cmndlist ',' opcmnd",
568 "runasaliases : runasalias",
569 "runasaliases : runasaliases ':' runasalias",
570 "runasalias : ALIAS '=' userlist",
571 "useraliases : useralias",
572 "useraliases : useraliases ':' useralias",
573 "useralias : ALIAS '=' userlist",
575 "userlist : userlist ',' opuser",
583 "grouplist : opgroup",
584 "grouplist : grouplist ',' opgroup",
586 "opgroup : '!' group",
594 #define YYMAXDEPTH YYSTACKSIZE
597 #define YYSTACKSIZE YYMAXDEPTH
599 #define YYSTACKSIZE 10000
600 #define YYMAXDEPTH 10000
603 #define YYINITSTACKSIZE 200
618 static struct defaults *
619 new_default(var, val, op)
626 d = emalloc(sizeof(struct defaults));
629 tq_init(&d->binding);
638 static struct member *
639 new_member(name, type)
645 m = emalloc(sizeof(struct member));
655 * Add a list of defaults structures to the defaults list.
656 * The binding, if non-NULL, specifies a list of hosts, users, or
657 * runas users the entries apply to (specified by the type).
660 add_defaults(type, bmem, defs)
663 struct defaults *defs;
666 struct member_list binding;
669 * We can only call list2tq once on bmem as it will zero
670 * out the prev pointer when it consumes bmem.
672 list2tq(&binding, bmem);
675 * Set type and binding (who it applies to) for new entries.
677 for (d = defs; d != NULL; d = d->next) {
679 d->binding = binding;
681 tq_append(&defaults, defs);
685 * Allocate a new struct userspec, populate it, and insert it at the
686 * and of the userspecs list.
689 add_userspec(members, privs)
690 struct member *members;
691 struct privilege *privs;
695 u = emalloc(sizeof(*u));
696 list2tq(&u->users, members);
697 list2tq(&u->privileges, privs);
700 tq_append(&userspecs, u);
704 * Free up space used by data structures from a previous parser run and sets
705 * the current sudoers file to path.
708 init_parser(path, quiet)
713 struct member *m, *binding;
715 struct privilege *priv;
717 struct sudo_command *c;
719 while ((us = tq_pop(&userspecs)) != NULL) {
720 while ((m = tq_pop(&us->users)) != NULL) {
724 while ((priv = tq_pop(&us->privileges)) != NULL) {
725 struct member *runasuser = NULL, *runasgroup = NULL;
727 char *role = NULL, *type = NULL;
728 #endif /* HAVE_SELINUX */
730 while ((m = tq_pop(&priv->hostlist)) != NULL) {
734 while ((cs = tq_pop(&priv->cmndlist)) != NULL) {
736 /* Only free the first instance of a role/type. */
737 if (cs->role != role) {
741 if (cs->type != type) {
745 #endif /* HAVE_SELINUX */
746 if (tq_last(&cs->runasuserlist) != runasuser) {
747 runasuser = tq_last(&cs->runasuserlist);
748 while ((m = tq_pop(&cs->runasuserlist)) != NULL) {
753 if (tq_last(&cs->runasgrouplist) != runasgroup) {
754 runasgroup = tq_last(&cs->runasgrouplist);
755 while ((m = tq_pop(&cs->runasgrouplist)) != NULL) {
760 if (cs->cmnd->type == COMMAND) {
761 c = (struct sudo_command *) cs->cmnd->name;
765 efree(cs->cmnd->name);
776 while ((d = tq_pop(&defaults)) != NULL) {
777 if (tq_last(&d->binding) != binding) {
778 binding = tq_last(&d->binding);
779 while ((m = tq_pop(&d->binding)) != NULL) {
780 if (m->type == COMMAND) {
781 c = (struct sudo_command *) m->name;
800 sudoers = path ? estrdup(path) : NULL;
809 /* allocate initial stack or double stack size, up to YYMAXDEPTH */
810 #if defined(__cplusplus) || defined(__STDC__)
811 static int yygrowstack(void)
813 static int yygrowstack()
820 if ((newsize = yystacksize) == 0)
821 newsize = YYINITSTACKSIZE;
822 else if (newsize >= YYMAXDEPTH)
824 else if ((newsize *= 2) > YYMAXDEPTH)
825 newsize = YYMAXDEPTH;
828 #define YY_SIZE_MAX SIZE_MAX
830 #define YY_SIZE_MAX 0x7fffffff
832 if (newsize && YY_SIZE_MAX / newsize < sizeof *newss)
834 newss = yyss ? (short *)realloc(yyss, newsize * sizeof *newss) :
835 (short *)malloc(newsize * sizeof *newss); /* overflow check above */
840 if (newsize && YY_SIZE_MAX / newsize < sizeof *newvs)
842 newvs = yyvs ? (YYSTYPE *)realloc(yyvs, newsize * sizeof *newvs) :
843 (YYSTYPE *)malloc(newsize * sizeof *newvs); /* overflow check above */
848 yystacksize = newsize;
849 yysslim = yyss + newsize - 1;
862 #define YYABORT goto yyabort
863 #define YYREJECT goto yyabort
864 #define YYACCEPT goto yyaccept
865 #define YYERROR goto yyerrlab
867 #if defined(__cplusplus) || defined(__STDC__)
873 int yym, yyn, yystate;
875 #if defined(__cplusplus) || defined(__STDC__)
877 #else /* !(defined(__cplusplus) || defined(__STDC__)) */
879 #endif /* !(defined(__cplusplus) || defined(__STDC__)) */
881 if ((yys = getenv("YYDEBUG")))
884 if (yyn >= '0' && yyn <= '9')
893 if (yyss == NULL && yygrowstack()) goto yyoverflow;
896 *yyssp = yystate = 0;
899 if ((yyn = yydefred[yystate]) != 0) goto yyreduce;
902 if ((yychar = yylex()) < 0) yychar = 0;
907 if (yychar <= YYMAXTOKEN) yys = yyname[yychar];
908 if (!yys) yys = "illegal-symbol";
909 printf("%sdebug: state %d, reading %d (%s)\n",
910 YYPREFIX, yystate, yychar, yys);
914 if ((yyn = yysindex[yystate]) && (yyn += yychar) >= 0 &&
915 yyn <= YYTABLESIZE && yycheck[yyn] == yychar)
919 printf("%sdebug: state %d, shifting to state %d\n",
920 YYPREFIX, yystate, yytable[yyn]);
922 if (yyssp >= yysslim && yygrowstack())
926 *++yyssp = yystate = yytable[yyn];
929 if (yyerrflag > 0) --yyerrflag;
932 if ((yyn = yyrindex[yystate]) && (yyn += yychar) >= 0 &&
933 yyn <= YYTABLESIZE && yycheck[yyn] == yychar)
938 if (yyerrflag) goto yyinrecovery;
939 #if defined(lint) || defined(__GNUC__)
943 yyerror("syntax error");
944 #if defined(lint) || defined(__GNUC__)
955 if ((yyn = yysindex[*yyssp]) && (yyn += YYERRCODE) >= 0 &&
956 yyn <= YYTABLESIZE && yycheck[yyn] == YYERRCODE)
960 printf("%sdebug: state %d, error recovery shifting\
961 to state %d\n", YYPREFIX, *yyssp, yytable[yyn]);
963 if (yyssp >= yysslim && yygrowstack())
967 *++yyssp = yystate = yytable[yyn];
975 printf("%sdebug: error recovery discarding state %d\n",
978 if (yyssp <= yyss) goto yyabort;
986 if (yychar == 0) goto yyabort;
991 if (yychar <= YYMAXTOKEN) yys = yyname[yychar];
992 if (!yys) yys = "illegal-symbol";
993 printf("%sdebug: state %d, error recovery discards token %d (%s)\n",
994 YYPREFIX, yystate, yychar, yys);
1003 printf("%sdebug: state %d, reducing by rule %d (%s)\n",
1004 YYPREFIX, yystate, yyn, yyrule[yyn]);
1008 yyval = yyvsp[1-yym];
1010 memset(&yyval, 0, sizeof yyval);
1032 add_userspec(yyvsp[-1].member, yyvsp[0].privilege);
1062 add_defaults(DEFAULTS, NULL, yyvsp[0].defaults);
1068 add_defaults(DEFAULTS_USER, yyvsp[-1].member, yyvsp[0].defaults);
1074 add_defaults(DEFAULTS_RUNAS, yyvsp[-1].member, yyvsp[0].defaults);
1080 add_defaults(DEFAULTS_HOST, yyvsp[-1].member, yyvsp[0].defaults);
1086 add_defaults(DEFAULTS_CMND, yyvsp[-1].member, yyvsp[0].defaults);
1092 list_append(yyvsp[-2].defaults, yyvsp[0].defaults);
1093 yyval.defaults = yyvsp[-2].defaults;
1099 yyval.defaults = new_default(yyvsp[0].string, NULL, TRUE);
1105 yyval.defaults = new_default(yyvsp[0].string, NULL, FALSE);
1111 yyval.defaults = new_default(yyvsp[-2].string, yyvsp[0].string, TRUE);
1117 yyval.defaults = new_default(yyvsp[-2].string, yyvsp[0].string, '+');
1123 yyval.defaults = new_default(yyvsp[-2].string, yyvsp[0].string, '-');
1129 list_append(yyvsp[-2].privilege, yyvsp[0].privilege);
1130 yyval.privilege = yyvsp[-2].privilege;
1136 struct privilege *p = emalloc(sizeof(*p));
1137 list2tq(&p->hostlist, yyvsp[-2].member);
1138 list2tq(&p->cmndlist, yyvsp[0].cmndspec);
1141 yyval.privilege = p;
1147 yyval.member = yyvsp[0].member;
1148 yyval.member->negated = FALSE;
1154 yyval.member = yyvsp[0].member;
1155 yyval.member->negated = TRUE;
1161 yyval.member = new_member(yyvsp[0].string, ALIAS);
1167 yyval.member = new_member(NULL, ALL);
1173 yyval.member = new_member(yyvsp[0].string, NETGROUP);
1179 yyval.member = new_member(yyvsp[0].string, NTWKADDR);
1185 yyval.member = new_member(yyvsp[0].string, WORD);
1191 list_append(yyvsp[-2].cmndspec, yyvsp[0].cmndspec);
1193 /* propagate role and type */
1194 if (yyvsp[0].cmndspec->role == NULL)
1195 yyvsp[0].cmndspec->role = yyvsp[0].cmndspec->prev->role;
1196 if (yyvsp[0].cmndspec->type == NULL)
1197 yyvsp[0].cmndspec->type = yyvsp[0].cmndspec->prev->type;
1198 #endif /* HAVE_SELINUX */
1199 /* propagate tags and runas list */
1200 if (yyvsp[0].cmndspec->tags.nopasswd == UNSPEC)
1201 yyvsp[0].cmndspec->tags.nopasswd = yyvsp[0].cmndspec->prev->tags.nopasswd;
1202 if (yyvsp[0].cmndspec->tags.noexec == UNSPEC)
1203 yyvsp[0].cmndspec->tags.noexec = yyvsp[0].cmndspec->prev->tags.noexec;
1204 if (yyvsp[0].cmndspec->tags.setenv == UNSPEC &&
1205 yyvsp[0].cmndspec->prev->tags.setenv != IMPLIED)
1206 yyvsp[0].cmndspec->tags.setenv = yyvsp[0].cmndspec->prev->tags.setenv;
1207 if ((tq_empty(&yyvsp[0].cmndspec->runasuserlist) &&
1208 tq_empty(&yyvsp[0].cmndspec->runasgrouplist)) &&
1209 (!tq_empty(&yyvsp[0].cmndspec->prev->runasuserlist) ||
1210 !tq_empty(&yyvsp[0].cmndspec->prev->runasgrouplist))) {
1211 yyvsp[0].cmndspec->runasuserlist = yyvsp[0].cmndspec->prev->runasuserlist;
1212 yyvsp[0].cmndspec->runasgrouplist = yyvsp[0].cmndspec->prev->runasgrouplist;
1214 yyval.cmndspec = yyvsp[-2].cmndspec;
1220 struct cmndspec *cs = emalloc(sizeof(*cs));
1221 if (yyvsp[-3].runas != NULL) {
1222 list2tq(&cs->runasuserlist, yyvsp[-3].runas->runasusers);
1223 list2tq(&cs->runasgrouplist, yyvsp[-3].runas->runasgroups);
1224 efree(yyvsp[-3].runas);
1226 tq_init(&cs->runasuserlist);
1227 tq_init(&cs->runasgrouplist);
1230 cs->role = yyvsp[-2].seinfo.role;
1231 cs->type = yyvsp[-2].seinfo.type;
1233 cs->tags = yyvsp[-1].tag;
1234 cs->cmnd = yyvsp[0].member;
1237 /* sudo "ALL" implies the SETENV tag */
1238 if (cs->cmnd->type == ALL && !cs->cmnd->negated &&
1239 cs->tags.setenv == UNSPEC)
1240 cs->tags.setenv = IMPLIED;
1241 yyval.cmndspec = cs;
1247 yyval.member = yyvsp[0].member;
1248 yyval.member->negated = FALSE;
1254 yyval.member = yyvsp[0].member;
1255 yyval.member->negated = TRUE;
1261 yyval.string = yyvsp[0].string;
1267 yyval.string = yyvsp[0].string;
1273 yyval.seinfo.role = NULL;
1274 yyval.seinfo.type = NULL;
1280 yyval.seinfo.role = yyvsp[0].string;
1281 yyval.seinfo.type = NULL;
1287 yyval.seinfo.type = yyvsp[0].string;
1288 yyval.seinfo.role = NULL;
1294 yyval.seinfo.role = yyvsp[-1].string;
1295 yyval.seinfo.type = yyvsp[0].string;
1301 yyval.seinfo.type = yyvsp[-1].string;
1302 yyval.seinfo.role = yyvsp[0].string;
1314 yyval.runas = yyvsp[-1].runas;
1320 yyval.runas = emalloc(sizeof(struct runascontainer));
1321 yyval.runas->runasusers = yyvsp[0].member;
1322 yyval.runas->runasgroups = NULL;
1328 yyval.runas = emalloc(sizeof(struct runascontainer));
1329 yyval.runas->runasusers = yyvsp[-2].member;
1330 yyval.runas->runasgroups = yyvsp[0].member;
1336 yyval.runas = emalloc(sizeof(struct runascontainer));
1337 yyval.runas->runasusers = NULL;
1338 yyval.runas->runasgroups = yyvsp[0].member;
1344 yyval.tag.nopasswd = yyval.tag.noexec = yyval.tag.setenv = UNSPEC;
1350 yyval.tag.nopasswd = TRUE;
1356 yyval.tag.nopasswd = FALSE;
1362 yyval.tag.noexec = TRUE;
1368 yyval.tag.noexec = FALSE;
1374 yyval.tag.setenv = TRUE;
1380 yyval.tag.setenv = FALSE;
1386 yyval.member = new_member(NULL, ALL);
1392 yyval.member = new_member(yyvsp[0].string, ALIAS);
1398 struct sudo_command *c = emalloc(sizeof(*c));
1399 c->cmnd = yyvsp[0].command.cmnd;
1400 c->args = yyvsp[0].command.args;
1401 yyval.member = new_member((char *)c, COMMAND);
1408 if ((s = alias_add(yyvsp[-2].string, HOSTALIAS, yyvsp[0].member)) != NULL) {
1417 list_append(yyvsp[-2].member, yyvsp[0].member);
1418 yyval.member = yyvsp[-2].member;
1425 if ((s = alias_add(yyvsp[-2].string, CMNDALIAS, yyvsp[0].member)) != NULL) {
1434 list_append(yyvsp[-2].member, yyvsp[0].member);
1435 yyval.member = yyvsp[-2].member;
1442 if ((s = alias_add(yyvsp[-2].string, RUNASALIAS, yyvsp[0].member)) != NULL) {
1452 if ((s = alias_add(yyvsp[-2].string, USERALIAS, yyvsp[0].member)) != NULL) {
1461 list_append(yyvsp[-2].member, yyvsp[0].member);
1462 yyval.member = yyvsp[-2].member;
1468 yyval.member = yyvsp[0].member;
1469 yyval.member->negated = FALSE;
1475 yyval.member = yyvsp[0].member;
1476 yyval.member->negated = TRUE;
1482 yyval.member = new_member(yyvsp[0].string, ALIAS);
1488 yyval.member = new_member(NULL, ALL);
1494 yyval.member = new_member(yyvsp[0].string, NETGROUP);
1500 yyval.member = new_member(yyvsp[0].string, USERGROUP);
1506 yyval.member = new_member(yyvsp[0].string, WORD);
1512 list_append(yyvsp[-2].member, yyvsp[0].member);
1513 yyval.member = yyvsp[-2].member;
1519 yyval.member = yyvsp[0].member;
1520 yyval.member->negated = FALSE;
1526 yyval.member = yyvsp[0].member;
1527 yyval.member->negated = TRUE;
1533 yyval.member = new_member(yyvsp[0].string, ALIAS);
1539 yyval.member = new_member(NULL, ALL);
1545 yyval.member = new_member(yyvsp[0].string, WORD);
1548 #line 1501 "y.tab.c"
1554 if (yystate == 0 && yym == 0)
1558 printf("%sdebug: after reduction, shifting from state 0 to\
1559 state %d\n", YYPREFIX, YYFINAL);
1566 if ((yychar = yylex()) < 0) yychar = 0;
1571 if (yychar <= YYMAXTOKEN) yys = yyname[yychar];
1572 if (!yys) yys = "illegal-symbol";
1573 printf("%sdebug: state %d, reading %d (%s)\n",
1574 YYPREFIX, YYFINAL, yychar, yys);
1578 if (yychar == 0) goto yyaccept;
1581 if ((yyn = yygindex[yym]) && (yyn += yystate) >= 0 &&
1582 yyn <= YYTABLESIZE && yycheck[yyn] == yystate)
1583 yystate = yytable[yyn];
1585 yystate = yydgoto[yym];
1588 printf("%sdebug: after reduction, shifting from state %d \
1589 to state %d\n", YYPREFIX, *yyssp, yystate);
1591 if (yyssp >= yysslim && yygrowstack())
1599 yyerror("yacc stack overflow");
1605 yyss = yyssp = NULL;
1606 yyvs = yyvsp = NULL;
1614 yyss = yyssp = NULL;
1615 yyvs = yyvsp = NULL;