2 /*static char yysccsid[] = "from: @(#)yaccpar 1.9 (Berkeley) 02/21/93";*/
5 __attribute__ ((unused))
6 #endif /* __GNUC__ >= 2 */
7 = "$OpenBSD: skeleton.c,v 1.29 2008/07/08 15:06:50 otto Exp $";
16 #define yyclearin (yychar=(YYEMPTY))
17 #define yyerrok (yyerrflag=0)
18 #define YYRECOVERING() (yyerrflag!=0)
22 * Copyright (c) 1996, 1998-2005, 2007-2008
23 * Todd C. Miller <Todd.Miller@courtesan.com>
25 * Permission to use, copy, modify, and distribute this software for any
26 * purpose with or without fee is hereby granted, provided that the above
27 * copyright notice and this permission notice appear in all copies.
29 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
30 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
31 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
32 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
33 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
34 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
35 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
36 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
37 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
39 * Sponsored in part by the Defense Advanced Research Projects
40 * Agency (DARPA) and Air Force Research Laboratory, Air Force
41 * Materiel Command, USAF, under agreement number F39502-99-1-0512.
46 #include <sys/types.h>
47 #include <sys/param.h>
56 #endif /* STDC_HEADERS */
60 # ifdef HAVE_STRINGS_H
63 #endif /* HAVE_STRING_H */
66 #endif /* HAVE_UNISTD_H */
67 #if defined(YYBISON) && defined(HAVE_ALLOCA_H) && !defined(__GNUC__)
69 #endif /* YYBISON && HAVE_ALLOCA_H && !__GNUC__ */
76 __unused static const char rcsid[] = "$Sudo: gram.c,v 1.35 2009/04/18 23:25:08 millert Exp $";
80 * We must define SIZE_MAX for yacc's skeleton.c.
81 * If there is no SIZE_MAX or SIZE_T_MAX we have to assume that size_t
82 * could be signed (as it is on SunOS 4.x).
86 # define SIZE_MAX SIZE_T_MAX
88 # define SIZE_MAX INT_MAX
89 # endif /* SIZE_T_MAX */
95 extern int sudolineno;
100 int errorlineno = -1;
101 char *errorfile = NULL;
103 struct defaults_list defaults;
104 struct userspec_list userspecs;
109 static void add_defaults __P((int, struct member *, struct defaults *));
110 static void add_userspec __P((struct member *, struct privilege *));
111 static struct defaults *new_default __P((char *, char *, int));
112 static struct member *new_member __P((char *, int));
113 void yyerror __P((const char *));
119 /* Save the line the first error occurred on. */
120 if (errorlineno == -1) {
121 errorlineno = sudolineno ? sudolineno - 1 : 0;
122 errorfile = estrdup(sudoers);
124 if (verbose && s != NULL) {
126 (void) fprintf(stderr, ">>> %s: %s near line %d <<<\n", sudoers, s,
127 sudolineno ? sudolineno - 1 : 0);
129 (void) fprintf(stderr, "<*> ");
135 #ifndef YYSTYPE_DEFINED
136 #define YYSTYPE_DEFINED
138 struct cmndspec *cmndspec;
139 struct defaults *defaults;
140 struct member *member;
141 struct runascontainer *runas;
142 struct privilege *privilege;
143 struct sudo_command command;
145 struct selinux_info seinfo;
149 #endif /* YYSTYPE_DEFINED */
156 #define USERGROUP 262
159 #define DEFAULTS_HOST 265
160 #define DEFAULTS_USER 266
161 #define DEFAULTS_RUNAS 267
162 #define DEFAULTS_CMND 268
171 #define HOSTALIAS 277
172 #define CMNDALIAS 278
173 #define USERALIAS 279
174 #define RUNASALIAS 280
178 #define YYERRCODE 256
179 #if defined(__cplusplus) || defined(__STDC__)
180 const short yylhs[] =
185 0, 0, 25, 25, 26, 26, 26, 26, 26, 26,
186 26, 26, 26, 26, 26, 26, 4, 4, 3, 3,
187 3, 3, 3, 20, 20, 19, 10, 10, 8, 8,
188 8, 8, 8, 2, 2, 1, 6, 6, 23, 24,
189 22, 22, 22, 22, 22, 17, 17, 18, 18, 18,
190 21, 21, 21, 21, 21, 21, 21, 5, 5, 5,
191 28, 28, 31, 9, 9, 29, 29, 32, 7, 7,
192 30, 30, 33, 27, 27, 34, 13, 13, 11, 11,
193 12, 12, 12, 12, 12, 16, 16, 14, 14, 15,
196 #if defined(__cplusplus) || defined(__STDC__)
197 const short yylen[] =
202 0, 1, 1, 2, 1, 2, 2, 2, 2, 2,
203 2, 2, 3, 3, 3, 3, 1, 3, 1, 2,
204 3, 3, 3, 1, 3, 3, 1, 2, 1, 1,
205 1, 1, 1, 1, 3, 4, 1, 2, 3, 3,
206 0, 1, 1, 2, 2, 0, 3, 1, 3, 2,
207 0, 2, 2, 2, 2, 2, 2, 1, 1, 1,
208 1, 3, 3, 1, 3, 1, 3, 3, 1, 3,
209 1, 3, 3, 1, 3, 3, 1, 3, 1, 2,
210 1, 1, 1, 1, 1, 1, 3, 1, 2, 1,
213 #if defined(__cplusplus) || defined(__STDC__)
214 const short yydefred[] =
219 0, 81, 83, 84, 85, 0, 0, 0, 0, 0,
220 82, 5, 0, 0, 0, 0, 0, 0, 77, 79,
221 0, 0, 3, 6, 0, 0, 17, 0, 29, 32,
222 31, 33, 30, 0, 27, 0, 64, 0, 0, 60,
223 59, 58, 0, 37, 69, 0, 0, 0, 61, 0,
224 0, 66, 0, 0, 74, 0, 0, 71, 80, 0,
225 0, 24, 0, 4, 0, 0, 0, 20, 0, 28,
226 0, 0, 0, 0, 38, 0, 0, 0, 0, 0,
227 0, 0, 0, 0, 0, 78, 0, 0, 21, 22,
228 23, 18, 65, 70, 0, 62, 0, 67, 0, 75,
229 0, 72, 0, 34, 0, 0, 25, 0, 0, 0,
230 0, 0, 0, 51, 0, 0, 90, 92, 91, 0,
231 86, 88, 0, 0, 47, 35, 0, 0, 0, 44,
232 45, 89, 0, 0, 40, 39, 52, 53, 54, 55,
235 #if defined(__cplusplus) || defined(__STDC__)
236 const short yydgoto[] =
241 104, 105, 27, 28, 44, 45, 46, 35, 61, 37,
242 19, 20, 21, 121, 122, 123, 106, 110, 62, 63,
243 129, 114, 115, 116, 22, 23, 54, 48, 51, 57,
246 #if defined(__cplusplus) || defined(__STDC__)
247 const short yysindex[] =
252 -266, 0, 0, 0, 0, -9, 463, 510, 510, -2,
253 0, 0, -243, -218, -215, -211, -225, 0, 0, 0,
254 -28, 405, 0, 0, -36, -210, 0, 4, 0, 0,
255 0, 0, 0, -231, 0, -33, 0, -25, -25, 0,
256 0, 0, -240, 0, 0, -21, -6, -1, 0, 2,
257 6, 0, 7, 8, 0, 9, 11, 0, 0, 510,
258 -22, 0, 13, 0, -203, -201, -198, 0, -9, 0,
259 463, 4, 4, 4, 0, -2, 4, 463, -243, -2,
260 -218, 510, -215, 510, -211, 0, 27, 463, 0, 0,
261 0, 0, 0, 0, 28, 0, 30, 0, 31, 0,
262 31, 0, 141, 0, 32, -262, 0, -27, -16, 36,
263 27, 18, 19, 0, -200, -202, 0, 0, 0, -217,
264 0, 0, 39, -27, 0, 0, -177, -175, 250, 0,
265 0, 0, -27, 39, 0, 0, 0, 0, 0, 0,
267 #if defined(__cplusplus) || defined(__STDC__)
268 const short yyrindex[] =
273 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
274 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
275 0, 91, 0, 0, 1, 0, 0, 156, 0, 0,
276 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
277 0, 0, 0, 0, 0, 0, 0, 181, 0, 0,
278 206, 0, 0, 237, 0, 0, 274, 0, 0, 0,
279 0, 0, 300, 0, 0, 0, 0, 0, 0, 0,
280 0, 326, 352, 378, 0, 0, 430, 0, 0, 0,
281 0, 0, 0, 0, 0, 0, -29, 0, 0, 0,
282 0, 0, 0, 0, 26, 0, 52, 0, 78, 0,
283 104, 0, 0, 0, 130, 442, 0, 0, 51, 0,
284 -29, 0, 0, 0, 461, 485, 0, 0, 0, 0,
285 0, 0, 53, 0, 0, 0, 0, 0, 0, 0,
286 0, 0, 0, 54, 0, 0, 0, 0, 0, 0,
288 #if defined(__cplusplus) || defined(__STDC__)
289 const short yygindex[] =
294 -18, 0, 29, 15, 56, -73, 16, 63, -5, 34,
295 40, 84, 5, -31, -17, -15, 0, 0, 24, 0,
296 0, 0, -10, -8, 0, 92, 0, 0, 0, 0,
299 #define YYTABLESIZE 785
300 #if defined(__cplusplus) || defined(__STDC__)
301 const short yytable[] =
306 19, 36, 94, 46, 34, 120, 66, 26, 67, 24,
307 71, 26, 38, 39, 47, 60, 40, 41, 60, 112,
308 113, 71, 76, 26, 65, 63, 29, 60, 30, 31,
309 43, 32, 2, 19, 42, 3, 4, 5, 87, 50,
310 117, 124, 53, 33, 19, 118, 56, 69, 68, 11,
311 72, 68, 73, 74, 78, 143, 79, 119, 63, 89,
312 77, 90, 80, 81, 91, 83, 103, 82, 85, 84,
313 88, 71, 95, 76, 60, 111, 125, 76, 127, 128,
314 113, 112, 133, 63, 68, 135, 99, 136, 101, 1,
315 2, 48, 126, 50, 49, 97, 70, 92, 75, 86,
316 59, 144, 132, 73, 93, 131, 130, 109, 134, 68,
317 76, 107, 0, 64, 0, 96, 0, 102, 98, 0,
318 0, 0, 0, 100, 0, 0, 0, 0, 0, 26,
319 0, 0, 0, 0, 0, 76, 73, 0, 0, 0,
320 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
321 0, 0, 0, 0, 0, 12, 0, 0, 0, 0,
322 0, 73, 26, 0, 0, 0, 0, 0, 0, 0,
323 0, 0, 0, 17, 0, 0, 0, 0, 0, 0,
324 9, 0, 0, 0, 0, 0, 0, 26, 12, 0,
325 0, 0, 0, 0, 0, 0, 0, 0, 108, 0,
326 0, 0, 0, 0, 0, 10, 0, 0, 0, 0,
327 0, 0, 0, 9, 0, 0, 0, 0, 0, 0,
328 0, 0, 0, 0, 0, 25, 0, 46, 46, 29,
329 117, 30, 31, 25, 32, 118, 8, 25, 10, 46,
330 46, 46, 46, 46, 46, 46, 33, 119, 0, 25,
331 0, 0, 46, 46, 40, 41, 19, 0, 19, 0,
332 0, 19, 19, 19, 19, 19, 19, 19, 19, 8,
333 0, 0, 42, 11, 0, 19, 19, 19, 19, 19,
334 19, 63, 43, 63, 0, 0, 63, 63, 63, 63,
335 63, 63, 63, 63, 0, 0, 0, 0, 0, 7,
336 63, 63, 63, 63, 63, 63, 11, 68, 0, 68,
337 0, 0, 68, 68, 68, 68, 68, 68, 68, 68,
338 0, 0, 0, 0, 0, 15, 68, 68, 68, 68,
339 68, 68, 7, 76, 0, 76, 0, 0, 76, 76,
340 76, 76, 76, 76, 76, 76, 0, 0, 0, 0,
341 0, 13, 76, 76, 76, 76, 76, 76, 15, 73,
342 0, 73, 0, 0, 73, 73, 73, 73, 73, 73,
343 73, 73, 0, 0, 0, 0, 0, 14, 73, 73,
344 73, 73, 73, 73, 13, 26, 0, 26, 0, 0,
345 26, 26, 26, 26, 26, 26, 26, 26, 2, 0,
346 0, 3, 4, 5, 26, 26, 26, 26, 26, 26,
347 14, 12, 0, 12, 0, 11, 12, 12, 12, 12,
348 12, 12, 12, 12, 0, 0, 0, 0, 0, 16,
349 12, 12, 12, 12, 12, 12, 9, 17, 9, 0,
350 0, 9, 9, 9, 9, 9, 9, 9, 9, 0,
351 0, 0, 0, 0, 0, 9, 9, 9, 9, 9,
352 9, 10, 16, 10, 0, 0, 10, 10, 10, 10,
353 10, 10, 10, 10, 41, 0, 0, 0, 0, 0,
354 10, 10, 10, 10, 10, 10, 0, 0, 0, 0,
355 0, 0, 8, 42, 8, 34, 0, 8, 8, 8,
356 8, 8, 8, 8, 8, 0, 40, 41, 0, 0,
357 0, 8, 8, 8, 8, 8, 8, 43, 137, 138,
358 139, 140, 141, 142, 42, 0, 0, 0, 0, 11,
359 0, 11, 0, 0, 11, 11, 11, 11, 11, 11,
360 11, 11, 17, 0, 0, 0, 0, 0, 11, 11,
361 11, 11, 11, 11, 0, 7, 0, 7, 0, 0,
362 7, 7, 7, 7, 7, 7, 7, 7, 0, 0,
363 0, 0, 0, 0, 7, 7, 7, 7, 7, 7,
364 0, 15, 0, 15, 0, 0, 15, 15, 15, 15,
365 15, 15, 15, 15, 0, 0, 0, 0, 0, 0,
366 15, 15, 15, 15, 15, 15, 0, 13, 0, 13,
367 0, 0, 13, 13, 13, 13, 13, 13, 13, 13,
368 0, 0, 0, 0, 0, 0, 13, 13, 13, 13,
369 13, 13, 0, 14, 0, 14, 0, 0, 14, 14,
370 14, 14, 14, 14, 14, 14, 0, 0, 0, 0,
371 0, 0, 14, 14, 14, 14, 14, 14, 0, 0,
372 1, 0, 2, 0, 0, 3, 4, 5, 6, 7,
373 8, 9, 10, 0, 0, 0, 0, 0, 0, 11,
374 12, 13, 14, 15, 16, 16, 0, 16, 0, 0,
375 16, 16, 16, 16, 16, 16, 16, 16, 41, 41,
376 0, 0, 0, 0, 16, 16, 16, 16, 16, 16,
377 41, 41, 41, 41, 41, 41, 41, 42, 42, 0,
378 29, 0, 30, 31, 0, 32, 0, 0, 0, 42,
379 42, 42, 42, 42, 42, 42, 0, 33, 0, 0,
380 0, 43, 43, 0, 0, 0, 0, 0, 0, 0,
381 0, 0, 0, 43, 43, 43, 43, 43, 43, 43,
382 0, 0, 0, 0, 0, 0, 0, 2, 0, 0,
383 3, 4, 5, 0, 0, 0, 0, 0, 0, 0,
386 #if defined(__cplusplus) || defined(__STDC__)
387 const short yycheck[] =
392 0, 7, 76, 33, 33, 33, 43, 33, 45, 276,
393 44, 33, 8, 9, 258, 44, 257, 258, 44, 282,
394 283, 44, 44, 33, 61, 0, 258, 44, 260, 261,
395 33, 263, 258, 33, 275, 261, 262, 263, 61, 258,
396 258, 58, 258, 275, 44, 263, 258, 44, 259, 275,
397 36, 0, 38, 39, 61, 129, 58, 275, 33, 263,
398 46, 263, 61, 58, 263, 58, 40, 61, 58, 61,
399 58, 44, 78, 44, 44, 44, 41, 0, 61, 61,
400 283, 282, 44, 58, 33, 263, 82, 263, 84, 0,
401 0, 41, 111, 41, 41, 80, 34, 69, 43, 60,
402 17, 133, 120, 0, 71, 116, 115, 103, 124, 58,
403 33, 88, -1, 22, -1, 79, -1, 85, 81, -1,
404 -1, -1, -1, 83, -1, -1, -1, -1, -1, 0,
405 -1, -1, -1, -1, -1, 58, 33, -1, -1, -1,
406 -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
407 -1, -1, -1, -1, -1, 0, -1, -1, -1, -1,
408 -1, 58, 33, -1, -1, -1, -1, -1, -1, -1,
409 -1, -1, -1, 33, -1, -1, -1, -1, -1, -1,
410 0, -1, -1, -1, -1, -1, -1, 58, 33, -1,
411 -1, -1, -1, -1, -1, -1, -1, -1, 58, -1,
412 -1, -1, -1, -1, -1, 0, -1, -1, -1, -1,
413 -1, -1, -1, 33, -1, -1, -1, -1, -1, -1,
414 -1, -1, -1, -1, -1, 259, -1, 257, 258, 258,
415 258, 260, 261, 259, 263, 263, 0, 259, 33, 269,
416 270, 271, 272, 273, 274, 275, 275, 275, -1, 259,
417 -1, -1, 282, 283, 257, 258, 256, -1, 258, -1,
418 -1, 261, 262, 263, 264, 265, 266, 267, 268, 33,
419 -1, -1, 275, 0, -1, 275, 276, 277, 278, 279,
420 280, 256, 33, 258, -1, -1, 261, 262, 263, 264,
421 265, 266, 267, 268, -1, -1, -1, -1, -1, 0,
422 275, 276, 277, 278, 279, 280, 33, 256, -1, 258,
423 -1, -1, 261, 262, 263, 264, 265, 266, 267, 268,
424 -1, -1, -1, -1, -1, 0, 275, 276, 277, 278,
425 279, 280, 33, 256, -1, 258, -1, -1, 261, 262,
426 263, 264, 265, 266, 267, 268, -1, -1, -1, -1,
427 -1, 0, 275, 276, 277, 278, 279, 280, 33, 256,
428 -1, 258, -1, -1, 261, 262, 263, 264, 265, 266,
429 267, 268, -1, -1, -1, -1, -1, 0, 275, 276,
430 277, 278, 279, 280, 33, 256, -1, 258, -1, -1,
431 261, 262, 263, 264, 265, 266, 267, 268, 258, -1,
432 -1, 261, 262, 263, 275, 276, 277, 278, 279, 280,
433 33, 256, -1, 258, -1, 275, 261, 262, 263, 264,
434 265, 266, 267, 268, -1, -1, -1, -1, -1, 0,
435 275, 276, 277, 278, 279, 280, 256, 33, 258, -1,
436 -1, 261, 262, 263, 264, 265, 266, 267, 268, -1,
437 -1, -1, -1, -1, -1, 275, 276, 277, 278, 279,
438 280, 256, 33, 258, -1, -1, 261, 262, 263, 264,
439 265, 266, 267, 268, 33, -1, -1, -1, -1, -1,
440 275, 276, 277, 278, 279, 280, -1, -1, -1, -1,
441 -1, -1, 256, 33, 258, 33, -1, 261, 262, 263,
442 264, 265, 266, 267, 268, -1, 257, 258, -1, -1,
443 -1, 275, 276, 277, 278, 279, 280, 33, 269, 270,
444 271, 272, 273, 274, 275, -1, -1, -1, -1, 256,
445 -1, 258, -1, -1, 261, 262, 263, 264, 265, 266,
446 267, 268, 33, -1, -1, -1, -1, -1, 275, 276,
447 277, 278, 279, 280, -1, 256, -1, 258, -1, -1,
448 261, 262, 263, 264, 265, 266, 267, 268, -1, -1,
449 -1, -1, -1, -1, 275, 276, 277, 278, 279, 280,
450 -1, 256, -1, 258, -1, -1, 261, 262, 263, 264,
451 265, 266, 267, 268, -1, -1, -1, -1, -1, -1,
452 275, 276, 277, 278, 279, 280, -1, 256, -1, 258,
453 -1, -1, 261, 262, 263, 264, 265, 266, 267, 268,
454 -1, -1, -1, -1, -1, -1, 275, 276, 277, 278,
455 279, 280, -1, 256, -1, 258, -1, -1, 261, 262,
456 263, 264, 265, 266, 267, 268, -1, -1, -1, -1,
457 -1, -1, 275, 276, 277, 278, 279, 280, -1, -1,
458 256, -1, 258, -1, -1, 261, 262, 263, 264, 265,
459 266, 267, 268, -1, -1, -1, -1, -1, -1, 275,
460 276, 277, 278, 279, 280, 256, -1, 258, -1, -1,
461 261, 262, 263, 264, 265, 266, 267, 268, 257, 258,
462 -1, -1, -1, -1, 275, 276, 277, 278, 279, 280,
463 269, 270, 271, 272, 273, 274, 275, 257, 258, -1,
464 258, -1, 260, 261, -1, 263, -1, -1, -1, 269,
465 270, 271, 272, 273, 274, 275, -1, 275, -1, -1,
466 -1, 257, 258, -1, -1, -1, -1, -1, -1, -1,
467 -1, -1, -1, 269, 270, 271, 272, 273, 274, 275,
468 -1, -1, -1, -1, -1, -1, -1, 258, -1, -1,
469 261, 262, 263, -1, -1, -1, -1, -1, -1, -1,
476 #define YYMAXTOKEN 283
478 #if defined(__cplusplus) || defined(__STDC__)
479 const char * const yyname[] =
484 "end-of-file",0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
485 "'!'",0,0,0,0,0,0,"'('","')'",0,"'+'","','","'-'",0,0,0,0,0,0,0,0,0,0,0,0,"':'",
486 0,0,"'='",0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
487 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
488 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
489 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
490 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
491 "COMMAND","ALIAS","DEFVAR","NTWKADDR","NETGROUP","USERGROUP","WORD","DEFAULTS",
492 "DEFAULTS_HOST","DEFAULTS_USER","DEFAULTS_RUNAS","DEFAULTS_CMND","NOPASSWD",
493 "PASSWD","NOEXEC","EXEC","SETENV","NOSETENV","ALL","COMMENT","HOSTALIAS",
494 "CMNDALIAS","USERALIAS","RUNASALIAS","ERROR","TYPE","ROLE",
496 #if defined(__cplusplus) || defined(__STDC__)
497 const char * const yyrule[] =
507 "entry : error COMMENT",
508 "entry : userlist privileges",
509 "entry : USERALIAS useraliases",
510 "entry : HOSTALIAS hostaliases",
511 "entry : CMNDALIAS cmndaliases",
512 "entry : RUNASALIAS runasaliases",
513 "entry : DEFAULTS defaults_list",
514 "entry : DEFAULTS_USER userlist defaults_list",
515 "entry : DEFAULTS_RUNAS userlist defaults_list",
516 "entry : DEFAULTS_HOST hostlist defaults_list",
517 "entry : DEFAULTS_CMND cmndlist defaults_list",
518 "defaults_list : defaults_entry",
519 "defaults_list : defaults_list ',' defaults_entry",
520 "defaults_entry : DEFVAR",
521 "defaults_entry : '!' DEFVAR",
522 "defaults_entry : DEFVAR '=' WORD",
523 "defaults_entry : DEFVAR '+' WORD",
524 "defaults_entry : DEFVAR '-' WORD",
525 "privileges : privilege",
526 "privileges : privileges ':' privilege",
527 "privilege : hostlist '=' cmndspeclist",
535 "cmndspeclist : cmndspec",
536 "cmndspeclist : cmndspeclist ',' cmndspec",
537 "cmndspec : runasspec selinux cmndtag opcmnd",
540 "rolespec : ROLE '=' WORD",
541 "typespec : TYPE '=' WORD",
543 "selinux : rolespec",
544 "selinux : typespec",
545 "selinux : rolespec typespec",
546 "selinux : typespec rolespec",
548 "runasspec : '(' runaslist ')'",
549 "runaslist : userlist",
550 "runaslist : userlist ':' grouplist",
551 "runaslist : ':' grouplist",
553 "cmndtag : cmndtag NOPASSWD",
554 "cmndtag : cmndtag PASSWD",
555 "cmndtag : cmndtag NOEXEC",
556 "cmndtag : cmndtag EXEC",
557 "cmndtag : cmndtag SETENV",
558 "cmndtag : cmndtag NOSETENV",
562 "hostaliases : hostalias",
563 "hostaliases : hostaliases ':' hostalias",
564 "hostalias : ALIAS '=' hostlist",
566 "hostlist : hostlist ',' ophost",
567 "cmndaliases : cmndalias",
568 "cmndaliases : cmndaliases ':' cmndalias",
569 "cmndalias : ALIAS '=' cmndlist",
571 "cmndlist : cmndlist ',' opcmnd",
572 "runasaliases : runasalias",
573 "runasaliases : runasaliases ':' runasalias",
574 "runasalias : ALIAS '=' userlist",
575 "useraliases : useralias",
576 "useraliases : useraliases ':' useralias",
577 "useralias : ALIAS '=' userlist",
579 "userlist : userlist ',' opuser",
587 "grouplist : opgroup",
588 "grouplist : grouplist ',' opgroup",
590 "opgroup : '!' group",
598 #define YYMAXDEPTH YYSTACKSIZE
601 #define YYSTACKSIZE YYMAXDEPTH
603 #define YYSTACKSIZE 10000
604 #define YYMAXDEPTH 10000
607 #define YYINITSTACKSIZE 200
622 static struct defaults *
623 new_default(var, val, op)
630 d = emalloc(sizeof(struct defaults));
633 tq_init(&d->binding);
642 static struct member *
643 new_member(name, type)
649 m = emalloc(sizeof(struct member));
659 * Add a list of defaults structures to the defaults list.
660 * The binding, if non-NULL, specifies a list of hosts, users, or
661 * runas users the entries apply to (specified by the type).
664 add_defaults(type, bmem, defs)
667 struct defaults *defs;
670 struct member_list binding;
673 * We can only call list2tq once on bmem as it will zero
674 * out the prev pointer when it consumes bmem.
676 list2tq(&binding, bmem);
679 * Set type and binding (who it applies to) for new entries.
681 for (d = defs; d != NULL; d = d->next) {
683 d->binding = binding;
685 tq_append(&defaults, defs);
689 * Allocate a new struct userspec, populate it, and insert it at the
690 * and of the userspecs list.
693 add_userspec(members, privs)
694 struct member *members;
695 struct privilege *privs;
699 u = emalloc(sizeof(*u));
700 list2tq(&u->users, members);
701 list2tq(&u->privileges, privs);
704 tq_append(&userspecs, u);
708 * Free up space used by data structures from a previous parser run and sets
709 * the current sudoers file to path.
712 init_parser(path, quiet)
717 struct member *m, *binding;
719 struct privilege *priv;
721 struct sudo_command *c;
723 while ((us = tq_pop(&userspecs)) != NULL) {
724 while ((m = tq_pop(&us->users)) != NULL) {
728 while ((priv = tq_pop(&us->privileges)) != NULL) {
729 struct member *runasuser = NULL, *runasgroup = NULL;
731 char *role = NULL, *type = NULL;
732 #endif /* HAVE_SELINUX */
734 while ((m = tq_pop(&priv->hostlist)) != NULL) {
738 while ((cs = tq_pop(&priv->cmndlist)) != NULL) {
740 /* Only free the first instance of a role/type. */
741 if (cs->role != role) {
745 if (cs->type != type) {
749 #endif /* HAVE_SELINUX */
750 if (tq_last(&cs->runasuserlist) != runasuser) {
751 runasuser = tq_last(&cs->runasuserlist);
752 while ((m = tq_pop(&cs->runasuserlist)) != NULL) {
757 if (tq_last(&cs->runasgrouplist) != runasgroup) {
758 runasgroup = tq_last(&cs->runasgrouplist);
759 while ((m = tq_pop(&cs->runasgrouplist)) != NULL) {
764 if (cs->cmnd->type == COMMAND) {
765 c = (struct sudo_command *) cs->cmnd->name;
769 efree(cs->cmnd->name);
780 while ((d = tq_pop(&defaults)) != NULL) {
781 if (tq_last(&d->binding) != binding) {
782 binding = tq_last(&d->binding);
783 while ((m = tq_pop(&d->binding)) != NULL) {
784 if (m->type == COMMAND) {
785 c = (struct sudo_command *) m->name;
804 sudoers = path ? estrdup(path) : NULL;
813 /* allocate initial stack or double stack size, up to YYMAXDEPTH */
814 #if defined(__cplusplus) || defined(__STDC__)
815 static int yygrowstack(void)
817 static int yygrowstack()
824 if ((newsize = yystacksize) == 0)
825 newsize = YYINITSTACKSIZE;
826 else if (newsize >= YYMAXDEPTH)
828 else if ((newsize *= 2) > YYMAXDEPTH)
829 newsize = YYMAXDEPTH;
832 #define YY_SIZE_MAX SIZE_MAX
834 #define YY_SIZE_MAX 0x7fffffff
836 if (newsize && YY_SIZE_MAX / newsize < sizeof *newss)
838 newss = yyss ? (short *)realloc(yyss, newsize * sizeof *newss) :
839 (short *)malloc(newsize * sizeof *newss); /* overflow check above */
844 if (newsize && YY_SIZE_MAX / newsize < sizeof *newvs)
846 newvs = yyvs ? (YYSTYPE *)realloc(yyvs, newsize * sizeof *newvs) :
847 (YYSTYPE *)malloc(newsize * sizeof *newvs); /* overflow check above */
852 yystacksize = newsize;
853 yysslim = yyss + newsize - 1;
866 #define YYABORT goto yyabort
867 #define YYREJECT goto yyabort
868 #define YYACCEPT goto yyaccept
869 #define YYERROR goto yyerrlab
871 #if defined(__cplusplus) || defined(__STDC__)
877 int yym, yyn, yystate;
879 #if defined(__cplusplus) || defined(__STDC__)
881 #else /* !(defined(__cplusplus) || defined(__STDC__)) */
883 #endif /* !(defined(__cplusplus) || defined(__STDC__)) */
885 if ((yys = getenv("YYDEBUG")))
888 if (yyn >= '0' && yyn <= '9')
897 if (yyss == NULL && yygrowstack()) goto yyoverflow;
900 *yyssp = yystate = 0;
903 if ((yyn = yydefred[yystate]) != 0) goto yyreduce;
906 if ((yychar = yylex()) < 0) yychar = 0;
911 if (yychar <= YYMAXTOKEN) yys = yyname[yychar];
912 if (!yys) yys = "illegal-symbol";
913 printf("%sdebug: state %d, reading %d (%s)\n",
914 YYPREFIX, yystate, yychar, yys);
918 if ((yyn = yysindex[yystate]) && (yyn += yychar) >= 0 &&
919 yyn <= YYTABLESIZE && yycheck[yyn] == yychar)
923 printf("%sdebug: state %d, shifting to state %d\n",
924 YYPREFIX, yystate, yytable[yyn]);
926 if (yyssp >= yysslim && yygrowstack())
930 *++yyssp = yystate = yytable[yyn];
933 if (yyerrflag > 0) --yyerrflag;
936 if ((yyn = yyrindex[yystate]) && (yyn += yychar) >= 0 &&
937 yyn <= YYTABLESIZE && yycheck[yyn] == yychar)
942 if (yyerrflag) goto yyinrecovery;
943 #if defined(lint) || defined(__GNUC__)
947 yyerror("syntax error");
948 #if defined(lint) || defined(__GNUC__)
959 if ((yyn = yysindex[*yyssp]) && (yyn += YYERRCODE) >= 0 &&
960 yyn <= YYTABLESIZE && yycheck[yyn] == YYERRCODE)
964 printf("%sdebug: state %d, error recovery shifting\
965 to state %d\n", YYPREFIX, *yyssp, yytable[yyn]);
967 if (yyssp >= yysslim && yygrowstack())
971 *++yyssp = yystate = yytable[yyn];
979 printf("%sdebug: error recovery discarding state %d\n",
982 if (yyssp <= yyss) goto yyabort;
990 if (yychar == 0) goto yyabort;
995 if (yychar <= YYMAXTOKEN) yys = yyname[yychar];
996 if (!yys) yys = "illegal-symbol";
997 printf("%sdebug: state %d, error recovery discards token %d (%s)\n",
998 YYPREFIX, yystate, yychar, yys);
1007 printf("%sdebug: state %d, reducing by rule %d (%s)\n",
1008 YYPREFIX, yystate, yyn, yyrule[yyn]);
1012 yyval = yyvsp[1-yym];
1014 memset(&yyval, 0, sizeof yyval);
1036 add_userspec(yyvsp[-1].member, yyvsp[0].privilege);
1066 add_defaults(DEFAULTS, NULL, yyvsp[0].defaults);
1072 add_defaults(DEFAULTS_USER, yyvsp[-1].member, yyvsp[0].defaults);
1078 add_defaults(DEFAULTS_RUNAS, yyvsp[-1].member, yyvsp[0].defaults);
1084 add_defaults(DEFAULTS_HOST, yyvsp[-1].member, yyvsp[0].defaults);
1090 add_defaults(DEFAULTS_CMND, yyvsp[-1].member, yyvsp[0].defaults);
1096 list_append(yyvsp[-2].defaults, yyvsp[0].defaults);
1097 yyval.defaults = yyvsp[-2].defaults;
1103 yyval.defaults = new_default(yyvsp[0].string, NULL, TRUE);
1109 yyval.defaults = new_default(yyvsp[0].string, NULL, FALSE);
1115 yyval.defaults = new_default(yyvsp[-2].string, yyvsp[0].string, TRUE);
1121 yyval.defaults = new_default(yyvsp[-2].string, yyvsp[0].string, '+');
1127 yyval.defaults = new_default(yyvsp[-2].string, yyvsp[0].string, '-');
1133 list_append(yyvsp[-2].privilege, yyvsp[0].privilege);
1134 yyval.privilege = yyvsp[-2].privilege;
1140 struct privilege *p = emalloc(sizeof(*p));
1141 list2tq(&p->hostlist, yyvsp[-2].member);
1142 list2tq(&p->cmndlist, yyvsp[0].cmndspec);
1145 yyval.privilege = p;
1151 yyval.member = yyvsp[0].member;
1152 yyval.member->negated = FALSE;
1158 yyval.member = yyvsp[0].member;
1159 yyval.member->negated = TRUE;
1165 yyval.member = new_member(yyvsp[0].string, ALIAS);
1171 yyval.member = new_member(NULL, ALL);
1177 yyval.member = new_member(yyvsp[0].string, NETGROUP);
1183 yyval.member = new_member(yyvsp[0].string, NTWKADDR);
1189 yyval.member = new_member(yyvsp[0].string, WORD);
1195 list_append(yyvsp[-2].cmndspec, yyvsp[0].cmndspec);
1197 /* propagate role and type */
1198 if (yyvsp[0].cmndspec->role == NULL)
1199 yyvsp[0].cmndspec->role = yyvsp[0].cmndspec->prev->role;
1200 if (yyvsp[0].cmndspec->type == NULL)
1201 yyvsp[0].cmndspec->type = yyvsp[0].cmndspec->prev->type;
1202 #endif /* HAVE_SELINUX */
1203 /* propagate tags and runas list */
1204 if (yyvsp[0].cmndspec->tags.nopasswd == UNSPEC)
1205 yyvsp[0].cmndspec->tags.nopasswd = yyvsp[0].cmndspec->prev->tags.nopasswd;
1206 if (yyvsp[0].cmndspec->tags.noexec == UNSPEC)
1207 yyvsp[0].cmndspec->tags.noexec = yyvsp[0].cmndspec->prev->tags.noexec;
1208 if (yyvsp[0].cmndspec->tags.setenv == UNSPEC &&
1209 yyvsp[0].cmndspec->prev->tags.setenv != IMPLIED)
1210 yyvsp[0].cmndspec->tags.setenv = yyvsp[0].cmndspec->prev->tags.setenv;
1211 if ((tq_empty(&yyvsp[0].cmndspec->runasuserlist) &&
1212 tq_empty(&yyvsp[0].cmndspec->runasgrouplist)) &&
1213 (!tq_empty(&yyvsp[0].cmndspec->prev->runasuserlist) ||
1214 !tq_empty(&yyvsp[0].cmndspec->prev->runasgrouplist))) {
1215 yyvsp[0].cmndspec->runasuserlist = yyvsp[0].cmndspec->prev->runasuserlist;
1216 yyvsp[0].cmndspec->runasgrouplist = yyvsp[0].cmndspec->prev->runasgrouplist;
1218 yyval.cmndspec = yyvsp[-2].cmndspec;
1224 struct cmndspec *cs = emalloc(sizeof(*cs));
1225 if (yyvsp[-3].runas != NULL) {
1226 list2tq(&cs->runasuserlist, yyvsp[-3].runas->runasusers);
1227 list2tq(&cs->runasgrouplist, yyvsp[-3].runas->runasgroups);
1228 efree(yyvsp[-3].runas);
1230 tq_init(&cs->runasuserlist);
1231 tq_init(&cs->runasgrouplist);
1234 cs->role = yyvsp[-2].seinfo.role;
1235 cs->type = yyvsp[-2].seinfo.type;
1237 cs->tags = yyvsp[-1].tag;
1238 cs->cmnd = yyvsp[0].member;
1241 /* sudo "ALL" implies the SETENV tag */
1242 if (cs->cmnd->type == ALL && !cs->cmnd->negated &&
1243 cs->tags.setenv == UNSPEC)
1244 cs->tags.setenv = IMPLIED;
1245 yyval.cmndspec = cs;
1251 yyval.member = yyvsp[0].member;
1252 yyval.member->negated = FALSE;
1258 yyval.member = yyvsp[0].member;
1259 yyval.member->negated = TRUE;
1265 yyval.string = yyvsp[0].string;
1271 yyval.string = yyvsp[0].string;
1277 yyval.seinfo.role = NULL;
1278 yyval.seinfo.type = NULL;
1284 yyval.seinfo.role = yyvsp[0].string;
1285 yyval.seinfo.type = NULL;
1291 yyval.seinfo.type = yyvsp[0].string;
1292 yyval.seinfo.role = NULL;
1298 yyval.seinfo.role = yyvsp[-1].string;
1299 yyval.seinfo.type = yyvsp[0].string;
1305 yyval.seinfo.type = yyvsp[-1].string;
1306 yyval.seinfo.role = yyvsp[0].string;
1318 yyval.runas = yyvsp[-1].runas;
1324 yyval.runas = emalloc(sizeof(struct runascontainer));
1325 yyval.runas->runasusers = yyvsp[0].member;
1326 yyval.runas->runasgroups = NULL;
1332 yyval.runas = emalloc(sizeof(struct runascontainer));
1333 yyval.runas->runasusers = yyvsp[-2].member;
1334 yyval.runas->runasgroups = yyvsp[0].member;
1340 yyval.runas = emalloc(sizeof(struct runascontainer));
1341 yyval.runas->runasusers = NULL;
1342 yyval.runas->runasgroups = yyvsp[0].member;
1348 yyval.tag.nopasswd = yyval.tag.noexec = yyval.tag.setenv = UNSPEC;
1354 yyval.tag.nopasswd = TRUE;
1360 yyval.tag.nopasswd = FALSE;
1366 yyval.tag.noexec = TRUE;
1372 yyval.tag.noexec = FALSE;
1378 yyval.tag.setenv = TRUE;
1384 yyval.tag.setenv = FALSE;
1390 yyval.member = new_member(NULL, ALL);
1396 yyval.member = new_member(yyvsp[0].string, ALIAS);
1402 struct sudo_command *c = emalloc(sizeof(*c));
1403 c->cmnd = yyvsp[0].command.cmnd;
1404 c->args = yyvsp[0].command.args;
1405 yyval.member = new_member((char *)c, COMMAND);
1412 if ((s = alias_add(yyvsp[-2].string, HOSTALIAS, yyvsp[0].member)) != NULL) {
1421 list_append(yyvsp[-2].member, yyvsp[0].member);
1422 yyval.member = yyvsp[-2].member;
1429 if ((s = alias_add(yyvsp[-2].string, CMNDALIAS, yyvsp[0].member)) != NULL) {
1438 list_append(yyvsp[-2].member, yyvsp[0].member);
1439 yyval.member = yyvsp[-2].member;
1446 if ((s = alias_add(yyvsp[-2].string, RUNASALIAS, yyvsp[0].member)) != NULL) {
1456 if ((s = alias_add(yyvsp[-2].string, USERALIAS, yyvsp[0].member)) != NULL) {
1465 list_append(yyvsp[-2].member, yyvsp[0].member);
1466 yyval.member = yyvsp[-2].member;
1472 yyval.member = yyvsp[0].member;
1473 yyval.member->negated = FALSE;
1479 yyval.member = yyvsp[0].member;
1480 yyval.member->negated = TRUE;
1486 yyval.member = new_member(yyvsp[0].string, ALIAS);
1492 yyval.member = new_member(NULL, ALL);
1498 yyval.member = new_member(yyvsp[0].string, NETGROUP);
1504 yyval.member = new_member(yyvsp[0].string, USERGROUP);
1510 yyval.member = new_member(yyvsp[0].string, WORD);
1516 list_append(yyvsp[-2].member, yyvsp[0].member);
1517 yyval.member = yyvsp[-2].member;
1523 yyval.member = yyvsp[0].member;
1524 yyval.member->negated = FALSE;
1530 yyval.member = yyvsp[0].member;
1531 yyval.member->negated = TRUE;
1537 yyval.member = new_member(yyvsp[0].string, ALIAS);
1543 yyval.member = new_member(NULL, ALL);
1549 yyval.member = new_member(yyvsp[0].string, WORD);
1552 #line 1501 "y.tab.c"
1558 if (yystate == 0 && yym == 0)
1562 printf("%sdebug: after reduction, shifting from state 0 to\
1563 state %d\n", YYPREFIX, YYFINAL);
1570 if ((yychar = yylex()) < 0) yychar = 0;
1575 if (yychar <= YYMAXTOKEN) yys = yyname[yychar];
1576 if (!yys) yys = "illegal-symbol";
1577 printf("%sdebug: state %d, reading %d (%s)\n",
1578 YYPREFIX, YYFINAL, yychar, yys);
1582 if (yychar == 0) goto yyaccept;
1585 if ((yyn = yygindex[yym]) && (yyn += yystate) >= 0 &&
1586 yyn <= YYTABLESIZE && yycheck[yyn] == yystate)
1587 yystate = yytable[yyn];
1589 yystate = yydgoto[yym];
1592 printf("%sdebug: after reduction, shifting from state %d \
1593 to state %d\n", YYPREFIX, *yyssp, yystate);
1595 if (yyssp >= yysslim && yygrowstack())
1603 yyerror("yacc stack overflow");
1609 yyss = yyssp = NULL;
1610 yyvs = yyvsp = NULL;
1618 yyss = yyssp = NULL;
1619 yyvs = yyvsp = NULL;