2 * Copyright (c) 1996, 1998-2000, 2004, 2007-2009
3 * Todd C. Miller <Todd.Miller@courtesan.com>
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 * $Sudo: parse.h,v 1.49 2009/05/25 12:02:41 millert Exp $
33 * A command with args. XXX - merge into struct member.
41 * Tags associated with a command.
42 * Possible valus: TRUE, FALSE, UNSPEC.
45 __signed char nopasswd;
52 * SELinux-specific container struct.
53 * Currently just contains a role and type.
61 * The parses sudoers file is stored as a collection of linked lists,
62 * modelled after the yacc grammar.
64 * Other than the alias struct, which is stored in a red-black tree,
65 * the data structure used is basically a doubly-linked tail queue without
66 * a separate head struct--the first entry acts as the head where the prev
67 * pointer does double duty as the tail pointer. This makes it possible
68 * to trivally append sub-lists. In addition, the prev pointer is always
69 * valid (even if it points to itself). Unlike a circle queue, the next
70 * pointer of the last entry is NULL and does not point back to the head.
72 * Note that each list struct must contain a "prev" and "next" pointer as
73 * the first two members of the struct (in that order).
77 * Tail queue list head structure.
86 * Structure describing a user specification and list thereof.
89 struct userspec *prev, *next;
90 struct member_list users; /* list of users */
91 struct privilege_list privileges; /* list of privileges */
95 * Structure describing a privilege specification.
98 struct privilege *prev, *next;
99 struct member_list hostlist; /* list of hosts */
100 struct cmndspec_list cmndlist; /* list of Cmnd_Specs */
104 * Structure describing a linked list of Cmnd_Specs.
107 struct cmndspec *prev, *next;
108 struct member_list runasuserlist; /* list of runas users */
109 struct member_list runasgrouplist; /* list of runas groups */
110 struct member *cmnd; /* command to allow/deny */
111 struct cmndtag tags; /* tag specificaion */
113 char *role, *type; /* SELinux role and type */
118 * Generic structure to hold users, hosts, commands.
121 struct member *prev, *next;
122 char *name; /* member name */
123 short type; /* type (see gram.h) */
124 short negated; /* negated via '!'? */
127 struct runascontainer {
128 struct member *runasusers;
129 struct member *runasgroups;
133 * Generic structure to hold {User,Host,Runas,Cmnd}_Alias
134 * Aliases are stored in a red-black tree, sorted by name and type.
137 char *name; /* alias name */
138 unsigned short type; /* {USER,HOST,RUNAS,CMND}ALIAS */
139 unsigned short seqno; /* sequence number */
140 struct member_list members; /* list of alias members */
144 * Structure describing a Defaults entry and a list thereof.
147 struct defaults *prev, *next;
148 char *var; /* variable name */
149 char *val; /* variable value */
150 struct member_list binding; /* user/host/runas binding */
151 int type; /* DEFAULTS{,_USER,_RUNAS,_HOST} */
152 int op; /* TRUE, FALSE, '+', '-' */
156 * Parsed sudoers info.
158 extern struct userspec_list userspecs;
159 extern struct defaults_list defaults;
162 * Alias sequence number to avoid loops.
164 extern unsigned int alias_seqno;
169 char *alias_add __P((char *, int, struct member *));
170 int addr_matches __P((char *));
171 int cmnd_matches __P((struct member *));
172 int cmndlist_matches __P((struct member_list *));
173 int command_matches __P((char *, char *));
174 int hostlist_matches __P((struct member_list *));
175 int hostname_matches __P((char *, char *, char *));
176 int netgr_matches __P((char *, char *, char *, char *));
177 int no_aliases __P((void));
178 int runaslist_matches __P((struct member_list *, struct member_list *));
179 int userlist_matches __P((struct passwd *, struct member_list *));
180 int usergr_matches __P((char *, char *, struct passwd *));
181 int userpw_matches __P((char *, char *, struct passwd *));
182 int group_matches __P((char *, struct group *));
183 struct alias *alias_find __P((char *, int));
184 struct alias *alias_remove __P((char *, int));
185 void alias_free __P((void *));
186 void alias_apply __P((int (*)(void *, void *), void *));
187 void init_aliases __P((void));
188 void init_lexer __P((void));
189 void init_parser __P((char *, int));
190 int alias_compare __P((const void *, const void *));
192 #endif /* _SUDO_PARSE_H */