2 /*static char yysccsid[] = "from: @(#)yaccpar 1.9 (Berkeley) 02/21/93";*/
5 __attribute__ ((unused))
6 #endif /* __GNUC__ >= 2 */
7 = "$OpenBSD: skeleton.c,v 1.28 2007/09/03 21:14:58 deraadt Exp $";
15 #define yyclearin (yychar=(YYEMPTY))
16 #define yyerrok (yyerrflag=0)
17 #define YYRECOVERING() (yyerrflag!=0)
21 * Copyright (c) 1996, 1998-2004, 2007
22 * Todd C. Miller <Todd.Miller@courtesan.com>
24 * Permission to use, copy, modify, and distribute this software for any
25 * purpose with or without fee is hereby granted, provided that the above
26 * copyright notice and this permission notice appear in all copies.
28 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
29 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
30 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
31 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
32 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
33 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
34 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
35 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
36 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
38 * Sponsored in part by the Defense Advanced Research Projects
39 * Agency (DARPA) and Air Force Research Laboratory, Air Force
40 * Materiel Command, USAF, under agreement number F39502-99-1-0512.
44 * XXX - the whole opFOO naming thing is somewhat bogus.
46 * XXX - the way things are stored for printmatches is stupid,
47 * they should be stored as elements in an array and then
48 * list_matches() can format things the way it wants.
53 #include <sys/types.h>
54 #include <sys/param.h>
63 #endif /* STDC_HEADERS */
67 # ifdef HAVE_STRINGS_H
70 #endif /* HAVE_STRING_H */
73 #endif /* HAVE_UNISTD_H */
75 #if defined(YYBISON) && defined(HAVE_ALLOCA_H) && !defined(__GNUC__)
77 #endif /* YYBISON && HAVE_ALLOCA_H && !__GNUC__ */
80 #endif /* HAVE_LSEARCH */
86 #include "emul/search.h"
87 #endif /* HAVE_LSEARCH */
90 __unused static const char rcsid[] = "$Sudo: sudo.tab.c,v 1.76.2.7 2007/11/02 19:09:22 millert Exp $";
96 extern int sudolineno, parse_error;
98 int clearaliases = TRUE;
99 int printmatches = FALSE;
100 int pedantic = FALSE;
103 int used_runas = FALSE;
111 #define RUNAS_ALIAS 4
113 #define SETMATCH(_var, _val) do { \
114 if ((_var) == UNSPEC || (_val) != NOMATCH) \
118 #define SETNMATCH(_var, _val) do { \
119 if ((_val) != NOMATCH) \
121 else if ((_var) == UNSPEC) \
126 * The matching stack, initial space allocated in init_parser().
128 struct matchstack *match;
129 int top = 0, stacksize = 0;
133 if (top >= stacksize) { \
134 while ((stacksize += STACKINCREMENT) < top); \
135 match = (struct matchstack *) erealloc3(match, stacksize, sizeof(struct matchstack)); \
137 match[top].user = UNSPEC; \
138 match[top].cmnd = UNSPEC; \
139 match[top].host = UNSPEC; \
140 match[top].runas = UNSPEC; \
141 match[top].nopass = def_authenticate ? UNSPEC : TRUE; \
142 match[top].noexec = def_noexec ? TRUE : UNSPEC; \
143 match[top].setenv = def_setenv ? TRUE : UNSPEC; \
149 if (top >= stacksize) { \
150 while ((stacksize += STACKINCREMENT) < top); \
151 match = (struct matchstack *) erealloc3(match, stacksize, sizeof(struct matchstack)); \
153 match[top].user = match[top-1].user; \
154 match[top].cmnd = match[top-1].cmnd; \
155 match[top].host = match[top-1].host; \
156 match[top].runas = match[top-1].runas; \
157 match[top].nopass = match[top-1].nopass; \
158 match[top].noexec = match[top-1].noexec; \
159 match[top].setenv = match[top-1].setenv; \
166 yyerror("matching stack underflow"); \
173 * For testing if foo_matches variable was set to TRUE or FALSE
175 #define MATCHED(_v) ((_v) >= 0)
178 * Shortcuts for append()
180 #define append_cmnd(s, p) append(s, &cm_list[cm_list_len].cmnd, \
181 &cm_list[cm_list_len].cmnd_len, &cm_list[cm_list_len].cmnd_size, p)
183 #define append_runas(s, p) append(s, &cm_list[cm_list_len].runas, \
184 &cm_list[cm_list_len].runas_len, &cm_list[cm_list_len].runas_size, p)
186 #define append_entries(s, p) append(s, &ga_list[ga_list_len-1].entries, \
187 &ga_list[ga_list_len-1].entries_len, \
188 &ga_list[ga_list_len-1].entries_size, p)
191 * The stack for printmatches. A list of allowed commands for the user.
193 static struct command_match *cm_list = NULL;
194 static size_t cm_list_len = 0, cm_list_size = 0;
197 * List of Cmnd_Aliases and expansions for `sudo -l'
199 static int in_alias = FALSE;
200 static size_t ga_list_len = 0, ga_list_size = 0;
201 static struct generic_alias *ga_list = NULL;
204 * Does this Defaults list pertain to this user?
206 static int defaults_matches = FALSE;
211 static int add_alias __P((char *, int, int));
212 static void append __P((char *, char **, size_t *, size_t *, char *));
213 static void expand_ga_list __P((void));
214 static void expand_match_list __P((void));
215 static aliasinfo *find_alias __P((char *, int));
216 static void more_aliases __P((void));
217 void init_parser __P((void));
218 void yyerror __P((char *));
224 /* Save the line the first error occurred on. */
225 if (errorlineno == -1)
226 errorlineno = sudolineno ? sudolineno - 1 : 0;
229 (void) fprintf(stderr, ">>> sudoers file: %s, line %d <<<\n", s,
230 sudolineno ? sudolineno - 1 : 0);
232 (void) fprintf(stderr, "<*> ");
237 #line 221 "parse.yacc"
238 #ifndef YYSTYPE_DEFINED
239 #define YYSTYPE_DEFINED
243 struct sudo_command command;
246 #endif /* YYSTYPE_DEFINED */
247 #line 248 "sudo.tab.c"
253 #define USERGROUP 262
256 #define DEFAULTS_HOST 265
257 #define DEFAULTS_USER 266
258 #define DEFAULTS_RUNAS 267
268 #define HOSTALIAS 277
269 #define CMNDALIAS 278
270 #define USERALIAS 279
271 #define RUNASALIAS 280
273 #define YYERRCODE 256
274 #if defined(__cplusplus) || defined(__STDC__)
275 const short yylhs[] =
280 0, 0, 7, 7, 9, 7, 7, 7, 7, 7,
281 7, 15, 16, 18, 16, 19, 16, 21, 16, 17,
282 17, 22, 22, 22, 22, 22, 10, 10, 23, 25,
283 25, 2, 2, 2, 2, 2, 24, 24, 26, 29,
284 30, 29, 27, 27, 5, 5, 4, 31, 4, 3,
285 3, 3, 3, 3, 28, 28, 28, 28, 28, 28,
286 28, 1, 1, 1, 12, 12, 33, 32, 20, 20,
287 13, 13, 35, 34, 36, 36, 14, 14, 38, 37,
288 11, 11, 40, 39, 8, 8, 41, 41, 6, 6,
291 #if defined(__cplusplus) || defined(__STDC__)
292 const short yylen[] =
297 1, 2, 1, 2, 0, 3, 2, 2, 2, 2,
298 1, 2, 1, 0, 3, 0, 3, 0, 3, 1,
299 3, 1, 2, 3, 3, 3, 1, 3, 3, 1,
300 2, 1, 1, 1, 1, 1, 1, 3, 3, 1,
301 0, 3, 0, 2, 1, 3, 1, 0, 3, 1,
302 1, 1, 1, 1, 0, 2, 2, 2, 2, 2,
303 2, 1, 1, 1, 1, 3, 0, 4, 1, 3,
304 1, 3, 0, 4, 1, 3, 1, 3, 0, 4,
305 1, 3, 0, 4, 1, 3, 1, 2, 1, 1,
308 #if defined(__cplusplus) || defined(__STDC__)
309 const short yydefred[] =
314 0, 13, 18, 14, 16, 3, 0, 0, 0, 0,
315 0, 1, 0, 11, 0, 4, 0, 0, 0, 67,
316 0, 65, 73, 0, 71, 83, 0, 81, 79, 0,
317 77, 2, 92, 91, 90, 89, 93, 0, 87, 0,
318 85, 0, 0, 12, 0, 36, 33, 34, 35, 32,
319 0, 30, 0, 69, 0, 53, 52, 51, 50, 54,
320 48, 47, 45, 0, 0, 0, 0, 0, 0, 0,
321 0, 0, 88, 0, 0, 0, 27, 0, 0, 0,
322 23, 0, 31, 0, 0, 0, 0, 66, 0, 72,
323 0, 82, 0, 78, 86, 0, 0, 24, 25, 26,
324 21, 70, 49, 46, 0, 64, 63, 62, 41, 40,
325 75, 0, 0, 0, 28, 0, 0, 37, 55, 0,
326 0, 0, 0, 0, 42, 76, 38, 56, 57, 58,
329 #if defined(__cplusplus) || defined(__STDC__)
330 const short yydgoto[] =
335 110, 52, 62, 63, 64, 39, 12, 40, 13, 75,
336 27, 21, 24, 30, 14, 15, 44, 18, 19, 76,
337 17, 45, 77, 117, 54, 118, 119, 124, 111, 120,
338 85, 22, 65, 25, 67, 112, 31, 71, 28, 69,
341 #if defined(__cplusplus) || defined(__STDC__)
342 const short yysindex[] =
347 -256, 0, 0, 0, 0, 0, -237, -234, -226, -225,
348 -229, 0, 62, 0, -33, 0, 88, 62, 114, 0,
349 -15, 0, 0, -12, 0, 0, -5, 0, 0, -4,
350 0, 0, 0, 0, 0, 0, 0, -244, 0, -28,
351 0, -36, -204, 0, 14, 0, 0, 0, 0, 0,
352 -219, 0, 19, 0, 20, 0, 0, 0, 0, 0,
353 0, 0, 0, 21, 5, -237, 6, -234, 7, -226,
354 8, -225, 0, 62, 12, -21, 0, -192, -191, -187,
355 0, -33, 0, 88, -201, 114, 88, 0, 276, 0,
356 62, 0, 114, 0, 0, 88, -189, 0, 0, 0,
357 0, 0, 0, 0, 19, 0, 0, 0, 0, 0,
358 0, 33, 20, 21, 0, 114, 36, 0, 0, -247,
359 276, 21, -189, -29, 0, 0, 0, 0, 0, 0,
361 #if defined(__cplusplus) || defined(__STDC__)
362 const short yyrindex[] =
367 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
368 140, 0, 0, 0, 0, 0, 0, 0, 0, 0,
369 156, 0, 0, 181, 0, 0, 206, 0, 0, 236,
370 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
371 0, 1, 0, 0, 261, 0, 0, 0, 0, 0,
372 0, 0, -25, 0, -11, 0, 0, 0, 0, 0,
373 0, 0, 0, -3, 0, 0, 0, 0, 0, 0,
374 0, 0, 0, 0, 300, 0, 0, 0, 0, 0,
375 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
376 0, 0, 0, 0, 0, 0, -20, 0, 0, 0,
377 0, 0, 0, 0, 26, 0, 0, 0, 0, 0,
378 0, 52, 78, 104, 0, 0, 130, 0, 0, 0,
379 0, 274, -20, 0, 0, 0, 0, 0, 0, 0,
381 #if defined(__cplusplus) || defined(__STDC__)
382 const short yygindex[] =
387 -39, 31, -2, 2, -87, 48, 76, -16, 0, 0,
388 0, 0, 0, 0, 0, 0, 9, 0, 0, -14,
389 0, 0, -7, 0, 10, -31, 0, 0, -109, 0,
390 0, 24, 0, 25, 0, 0, 27, 0, 28, 0,
393 #define YYTABLESIZE 580
394 #if defined(__cplusplus) || defined(__STDC__)
395 const short yytable[] =
400 22, 55, 53, 109, 51, 114, 79, 19, 80, 106,
401 107, 126, 43, 33, 134, 74, 34, 35, 36, 16,
402 20, 15, 84, 23, 78, 68, 1, 108, 122, 17,
403 37, 26, 29, 22, 2, 3, 4, 5, 46, 97,
404 47, 48, 66, 49, 22, 68, 6, 7, 8, 9,
405 10, 74, 70, 72, 81, 50, 56, 82, 68, 57,
406 58, 59, 84, 74, 86, 87, 89, 91, 93, 96,
407 98, 99, 105, 60, 113, 100, 121, 84, 116, 123,
408 125, 83, 103, 68, 74, 73, 32, 104, 115, 88,
409 101, 127, 90, 102, 38, 95, 0, 92, 94, 0,
410 0, 0, 0, 80, 0, 0, 0, 0, 0, 74,
411 84, 0, 0, 0, 0, 0, 0, 0, 0, 0,
412 51, 0, 0, 0, 0, 0, 0, 0, 0, 29,
413 0, 0, 0, 0, 0, 84, 80, 0, 0, 0,
414 0, 0, 0, 0, 0, 0, 61, 0, 0, 0,
415 0, 0, 0, 0, 0, 8, 0, 0, 0, 0,
416 0, 80, 29, 0, 0, 0, 0, 0, 0, 0,
417 0, 0, 5, 0, 0, 0, 0, 0, 0, 0,
418 9, 0, 0, 0, 0, 0, 0, 29, 8, 0,
419 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
420 0, 0, 0, 0, 0, 7, 0, 0, 0, 0,
421 0, 0, 0, 9, 0, 0, 0, 0, 0, 0,
422 0, 0, 0, 0, 0, 42, 0, 106, 107, 46,
423 0, 47, 48, 19, 49, 10, 43, 43, 7, 128,
424 129, 130, 131, 132, 133, 108, 50, 15, 43, 43,
425 43, 43, 43, 43, 43, 17, 22, 0, 22, 0,
426 20, 22, 22, 22, 22, 22, 22, 22, 10, 0,
427 0, 0, 0, 0, 0, 22, 22, 22, 22, 22,
428 22, 68, 0, 68, 0, 0, 68, 68, 68, 68,
429 68, 68, 68, 20, 0, 0, 0, 0, 0, 6,
430 68, 68, 68, 68, 68, 68, 44, 74, 109, 74,
431 0, 0, 74, 74, 74, 74, 74, 74, 74, 33,
432 0, 0, 34, 35, 36, 0, 74, 74, 74, 74,
433 74, 74, 6, 84, 0, 84, 37, 0, 84, 84,
434 84, 84, 84, 84, 84, 46, 0, 47, 48, 0,
435 49, 0, 84, 84, 84, 84, 84, 84, 0, 80,
436 0, 80, 50, 0, 80, 80, 80, 80, 80, 80,
437 80, 56, 0, 0, 57, 58, 59, 0, 80, 80,
438 80, 80, 80, 80, 0, 29, 0, 29, 60, 0,
439 29, 29, 29, 29, 29, 29, 29, 5, 0, 0,
440 5, 5, 5, 0, 29, 29, 29, 29, 29, 29,
441 0, 8, 0, 8, 5, 0, 8, 8, 8, 8,
442 8, 8, 8, 0, 0, 0, 0, 0, 0, 0,
443 8, 8, 8, 8, 8, 8, 9, 0, 9, 0,
444 0, 9, 9, 9, 9, 9, 9, 9, 0, 0,
445 0, 0, 0, 0, 0, 9, 9, 9, 9, 9,
446 9, 7, 0, 7, 0, 0, 7, 7, 7, 7,
447 7, 7, 7, 0, 0, 0, 0, 0, 0, 0,
448 7, 7, 7, 7, 7, 7, 0, 0, 0, 0,
449 0, 10, 0, 10, 0, 0, 10, 10, 10, 10,
450 10, 10, 10, 0, 0, 0, 0, 0, 0, 0,
451 10, 10, 10, 10, 10, 10, 20, 0, 20, 0,
452 0, 20, 20, 20, 20, 20, 20, 20, 0, 0,
453 44, 44, 106, 107, 0, 20, 20, 20, 20, 20,
454 20, 0, 44, 44, 44, 44, 44, 44, 44, 0,
455 108, 0, 0, 0, 0, 6, 0, 6, 0, 0,
456 6, 6, 6, 6, 6, 6, 6, 0, 0, 0,
457 0, 0, 0, 0, 6, 6, 6, 6, 6, 6,
459 #if defined(__cplusplus) || defined(__STDC__)
460 const short yycheck[] =
465 0, 18, 17, 33, 33, 93, 43, 33, 45, 257,
466 258, 121, 33, 258, 124, 44, 261, 262, 263, 276,
467 258, 33, 44, 258, 61, 0, 256, 275, 116, 33,
468 275, 258, 258, 33, 264, 265, 266, 267, 258, 61,
469 260, 261, 58, 263, 44, 58, 276, 277, 278, 279,
470 280, 0, 58, 58, 259, 275, 258, 44, 33, 261,
471 262, 263, 44, 44, 44, 61, 61, 61, 61, 58,
472 263, 263, 87, 275, 91, 263, 44, 0, 268, 44,
473 120, 51, 85, 58, 33, 38, 11, 86, 96, 66,
474 82, 123, 68, 84, 33, 74, -1, 70, 72, -1,
475 -1, -1, -1, 0, -1, -1, -1, -1, -1, 58,
476 33, -1, -1, -1, -1, -1, -1, -1, -1, -1,
477 33, -1, -1, -1, -1, -1, -1, -1, -1, 0,
478 -1, -1, -1, -1, -1, 58, 33, -1, -1, -1,
479 -1, -1, -1, -1, -1, -1, 33, -1, -1, -1,
480 -1, -1, -1, -1, -1, 0, -1, -1, -1, -1,
481 -1, 58, 33, -1, -1, -1, -1, -1, -1, -1,
482 -1, -1, 33, -1, -1, -1, -1, -1, -1, -1,
483 0, -1, -1, -1, -1, -1, -1, 58, 33, -1,
484 -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
485 -1, -1, -1, -1, -1, 0, -1, -1, -1, -1,
486 -1, -1, -1, 33, -1, -1, -1, -1, -1, -1,
487 -1, -1, -1, -1, -1, 259, -1, 257, 258, 258,
488 -1, 260, 261, 259, 263, 0, 257, 258, 33, 269,
489 270, 271, 272, 273, 274, 275, 275, 259, 269, 270,
490 271, 272, 273, 274, 275, 259, 256, -1, 258, -1,
491 0, 261, 262, 263, 264, 265, 266, 267, 33, -1,
492 -1, -1, -1, -1, -1, 275, 276, 277, 278, 279,
493 280, 256, -1, 258, -1, -1, 261, 262, 263, 264,
494 265, 266, 267, 33, -1, -1, -1, -1, -1, 0,
495 275, 276, 277, 278, 279, 280, 33, 256, 33, 258,
496 -1, -1, 261, 262, 263, 264, 265, 266, 267, 258,
497 -1, -1, 261, 262, 263, -1, 275, 276, 277, 278,
498 279, 280, 33, 256, -1, 258, 275, -1, 261, 262,
499 263, 264, 265, 266, 267, 258, -1, 260, 261, -1,
500 263, -1, 275, 276, 277, 278, 279, 280, -1, 256,
501 -1, 258, 275, -1, 261, 262, 263, 264, 265, 266,
502 267, 258, -1, -1, 261, 262, 263, -1, 275, 276,
503 277, 278, 279, 280, -1, 256, -1, 258, 275, -1,
504 261, 262, 263, 264, 265, 266, 267, 258, -1, -1,
505 261, 262, 263, -1, 275, 276, 277, 278, 279, 280,
506 -1, 256, -1, 258, 275, -1, 261, 262, 263, 264,
507 265, 266, 267, -1, -1, -1, -1, -1, -1, -1,
508 275, 276, 277, 278, 279, 280, 256, -1, 258, -1,
509 -1, 261, 262, 263, 264, 265, 266, 267, -1, -1,
510 -1, -1, -1, -1, -1, 275, 276, 277, 278, 279,
511 280, 256, -1, 258, -1, -1, 261, 262, 263, 264,
512 265, 266, 267, -1, -1, -1, -1, -1, -1, -1,
513 275, 276, 277, 278, 279, 280, -1, -1, -1, -1,
514 -1, 256, -1, 258, -1, -1, 261, 262, 263, 264,
515 265, 266, 267, -1, -1, -1, -1, -1, -1, -1,
516 275, 276, 277, 278, 279, 280, 256, -1, 258, -1,
517 -1, 261, 262, 263, 264, 265, 266, 267, -1, -1,
518 257, 258, 257, 258, -1, 275, 276, 277, 278, 279,
519 280, -1, 269, 270, 271, 272, 273, 274, 275, -1,
520 275, -1, -1, -1, -1, 256, -1, 258, -1, -1,
521 261, 262, 263, 264, 265, 266, 267, -1, -1, -1,
522 -1, -1, -1, -1, 275, 276, 277, 278, 279, 280,
528 #define YYMAXTOKEN 281
530 #if defined(__cplusplus) || defined(__STDC__)
531 const char * const yyname[] =
536 "end-of-file",0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
537 "'!'",0,0,0,0,0,0,0,0,0,"'+'","','","'-'",0,0,0,0,0,0,0,0,0,0,0,0,"':'",0,0,
538 "'='",0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
539 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
540 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
541 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
542 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
543 "COMMAND","ALIAS","DEFVAR","NTWKADDR","NETGROUP","USERGROUP","WORD","DEFAULTS",
544 "DEFAULTS_HOST","DEFAULTS_USER","DEFAULTS_RUNAS","RUNAS","NOPASSWD","PASSWD",
545 "NOEXEC","EXEC","SETENV","NOSETENV","ALL","COMMENT","HOSTALIAS","CMNDALIAS",
546 "USERALIAS","RUNASALIAS","ERROR",
548 #if defined(__cplusplus) || defined(__STDC__)
549 const char * const yyrule[] =
557 "entry : error COMMENT",
559 "entry : $$1 userlist privileges",
560 "entry : USERALIAS useraliases",
561 "entry : HOSTALIAS hostaliases",
562 "entry : CMNDALIAS cmndaliases",
563 "entry : RUNASALIAS runasaliases",
564 "entry : defaults_line",
565 "defaults_line : defaults_type defaults_list",
566 "defaults_type : DEFAULTS",
568 "defaults_type : DEFAULTS_USER $$2 userlist",
570 "defaults_type : DEFAULTS_RUNAS $$3 runaslist",
572 "defaults_type : DEFAULTS_HOST $$4 hostlist",
573 "defaults_list : defaults_entry",
574 "defaults_list : defaults_entry ',' defaults_list",
575 "defaults_entry : DEFVAR",
576 "defaults_entry : '!' DEFVAR",
577 "defaults_entry : DEFVAR '=' WORD",
578 "defaults_entry : DEFVAR '+' WORD",
579 "defaults_entry : DEFVAR '-' WORD",
580 "privileges : privilege",
581 "privileges : privileges ':' privilege",
582 "privilege : hostlist '=' cmndspeclist",
590 "cmndspeclist : cmndspec",
591 "cmndspeclist : cmndspeclist ',' cmndspec",
592 "cmndspec : runasspec cmndtag opcmnd",
595 "opcmnd : '!' $$5 cmnd",
597 "runasspec : RUNAS runaslist",
598 "runaslist : oprunasuser",
599 "runaslist : runaslist ',' oprunasuser",
600 "oprunasuser : runasuser",
602 "oprunasuser : '!' $$6 runasuser",
604 "runasuser : USERGROUP",
605 "runasuser : NETGROUP",
609 "cmndtag : cmndtag NOPASSWD",
610 "cmndtag : cmndtag PASSWD",
611 "cmndtag : cmndtag NOEXEC",
612 "cmndtag : cmndtag EXEC",
613 "cmndtag : cmndtag SETENV",
614 "cmndtag : cmndtag NOSETENV",
618 "hostaliases : hostalias",
619 "hostaliases : hostaliases ':' hostalias",
621 "hostalias : ALIAS $$7 '=' hostlist",
623 "hostlist : hostlist ',' ophost",
624 "cmndaliases : cmndalias",
625 "cmndaliases : cmndaliases ':' cmndalias",
627 "cmndalias : ALIAS $$8 '=' cmndlist",
629 "cmndlist : cmndlist ',' opcmnd",
630 "runasaliases : runasalias",
631 "runasaliases : runasaliases ':' runasalias",
633 "runasalias : ALIAS $$9 '=' runaslist",
634 "useraliases : useralias",
635 "useraliases : useraliases ':' useralias",
637 "useralias : ALIAS $$10 '=' userlist",
639 "userlist : userlist ',' opuser",
651 #define YYMAXDEPTH YYSTACKSIZE
654 #define YYSTACKSIZE YYMAXDEPTH
656 #define YYSTACKSIZE 10000
657 #define YYMAXDEPTH 10000
660 #define YYINITSTACKSIZE 200
674 #line 905 "parse.yacc"
676 #define MOREALIASES (32)
677 aliasinfo *aliases = NULL;
683 * Compare two aliasinfo structures, strcmp() style.
684 * Note that we do *not* compare their values.
691 aliasinfo *ai1, *ai2;
693 ai1 = (aliasinfo *) a1;
694 ai2 = (aliasinfo *) a2;
695 if ((r = strcmp(ai1->name, ai2->name)) == 0)
696 r = ai1->type - ai2->type;
702 * Compare two generic_alias structures, strcmp() style.
705 genaliascmp(entry, key)
706 const VOID *entry, *key;
709 struct generic_alias *ga1, *ga2;
711 ga1 = (struct generic_alias *) key;
712 ga2 = (struct generic_alias *) entry;
713 if ((r = strcmp(ga1->alias, ga2->alias)) == 0)
714 r = ga1->type - ga2->type;
721 * Adds the named alias of the specified type to the aliases list.
724 add_alias(alias, type, val)
733 if (naliases >= nslots)
738 ai.name = estrdup(alias);
739 onaliases = naliases;
741 aip = (aliasinfo *) lsearch((VOID *)&ai, (VOID *)aliases, &naliases,
742 sizeof(ai), aliascmp);
744 (void) snprintf(s, sizeof(s), "Aliases corrupted defining alias `%s'",
749 if (onaliases == naliases) {
750 (void) snprintf(s, sizeof(s), "Alias `%s' already defined", alias);
759 * Searches for the named alias of the specified type.
762 find_alias(alias, type)
771 return((aliasinfo *) lfind((VOID *)&ai, (VOID *)aliases, &naliases,
772 sizeof(ai), aliascmp));
776 * Allocates more space for the aliases list.
782 nslots += MOREALIASES;
783 aliases = (aliasinfo *) erealloc3(aliases, nslots, sizeof(aliasinfo));
787 * Lists the contents of the aliases list.
794 for (n = 0; n < naliases; n++) {
795 if (aliases[n].val == -1)
798 switch (aliases[n].type) {
800 (void) puts("HOST_ALIAS");
804 (void) puts("CMND_ALIAS");
808 (void) puts("USER_ALIAS");
812 (void) puts("RUNAS_ALIAS");
815 (void) printf("\t%s: %d\n", aliases[n].name, aliases[n].val);
820 * Lists the contents of cm_list and ga_list for `sudo -l'.
827 struct generic_alias *ga, key;
829 (void) printf("User %s may run the following commands on this host:\n",
831 for (count = 0; count < cm_list_len; count++) {
833 /* Print the runas list. */
834 (void) fputs(" ", stdout);
835 if (cm_list[count].runas) {
837 p = strtok(cm_list[count].runas, ", ");
839 if (p != cm_list[count].runas)
840 (void) fputs(", ", stdout);
843 key.type = RUNAS_ALIAS;
844 if ((ga = (struct generic_alias *) lfind((VOID *) &key,
845 (VOID *) &ga_list[0], &ga_list_len, sizeof(key), genaliascmp)))
846 (void) fputs(ga->entries, stdout);
848 (void) fputs(p, stdout);
849 } while ((p = strtok(NULL, ", ")));
850 (void) fputs(") ", stdout);
852 (void) printf("(%s) ", def_runas_default);
855 /* Is execve(2) disabled? */
856 if (cm_list[count].noexecve == TRUE && !def_noexec)
857 (void) fputs("NOEXEC: ", stdout);
858 else if (cm_list[count].noexecve == FALSE && def_noexec)
859 (void) fputs("EXEC: ", stdout);
861 /* Is a password required? */
862 if (cm_list[count].nopasswd == TRUE && def_authenticate)
863 (void) fputs("NOPASSWD: ", stdout);
864 else if (cm_list[count].nopasswd == FALSE && !def_authenticate)
865 (void) fputs("PASSWD: ", stdout);
867 /* Is setenv enabled? */
868 if (cm_list[count].setenv == TRUE && !def_setenv)
869 (void) fputs("SETENV: ", stdout);
870 else if (cm_list[count].setenv == FALSE && def_setenv)
871 (void) fputs("NOSETENV: ", stdout);
873 /* Print the actual command or expanded Cmnd_Alias. */
874 key.alias = cm_list[count].cmnd;
875 key.type = CMND_ALIAS;
876 if ((ga = (struct generic_alias *) lfind((VOID *) &key,
877 (VOID *) &ga_list[0], &ga_list_len, sizeof(key), genaliascmp)))
878 (void) puts(ga->entries);
880 (void) puts(cm_list[count].cmnd);
883 /* Be nice and free up space now that we are done. */
884 for (count = 0; count < ga_list_len; count++) {
885 efree(ga_list[count].alias);
886 efree(ga_list[count].entries);
891 for (count = 0; count < cm_list_len; count++) {
892 efree(cm_list[count].runas);
893 efree(cm_list[count].cmnd);
902 * Appends a source string to the destination, optionally prefixing a separator.
905 append(src, dstp, dst_len, dst_size, separator)
907 size_t *dst_len, *dst_size;
910 size_t src_len = strlen(src);
914 * Only add the separator if there is something to separate from.
915 * If the last char is a '!', don't apply the separator (XXX).
917 if (separator && dst && dst[*dst_len - 1] != '!')
918 src_len += strlen(separator);
922 /* Assumes dst will be NULL if not set. */
924 dst = (char *) emalloc(BUFSIZ);
931 /* Allocate more space if necessary. */
932 if (*dst_size <= *dst_len + src_len) {
933 while (*dst_size <= *dst_len + src_len)
936 dst = (char *) erealloc(dst, *dst_size);
940 /* Copy src -> dst adding a separator if appropriate and adjust len. */
942 (void) strlcat(dst, separator, *dst_size);
943 (void) strlcat(dst, src, *dst_size);
948 * Frees up space used by the aliases list and resets the associated counters.
956 for (n = 0; n < naliases; n++)
957 efree(aliases[n].name);
961 naliases = nslots = 0;
965 * Increments ga_list_len, allocating more space as necessary.
971 if (++ga_list_len >= ga_list_size) {
972 while ((ga_list_size += STACKINCREMENT) < ga_list_len)
974 ga_list = (struct generic_alias *)
975 erealloc3(ga_list, ga_list_size, sizeof(struct generic_alias));
978 ga_list[ga_list_len - 1].entries = NULL;
982 * Increments cm_list_len, allocating more space as necessary.
988 if (++cm_list_len >= cm_list_size) {
989 while ((cm_list_size += STACKINCREMENT) < cm_list_len)
992 cm_list_len = 0; /* start at 0 since it is a subscript */
993 cm_list = (struct command_match *)
994 erealloc3(cm_list, cm_list_size, sizeof(struct command_match));
997 cm_list[cm_list_len].runas = cm_list[cm_list_len].cmnd = NULL;
998 cm_list[cm_list_len].nopasswd = FALSE;
999 cm_list[cm_list_len].noexecve = FALSE;
1000 cm_list[cm_list_len].setenv = FALSE;
1004 * Frees up spaced used by a previous parser run and allocates new space
1005 * for various data structures.
1011 /* Free up old data structures if we run the parser more than once. */
1016 parse_error = FALSE;
1022 /* Allocate space for the matching stack. */
1023 stacksize = STACKINCREMENT;
1024 match = (struct matchstack *) emalloc2(stacksize, sizeof(struct matchstack));
1026 /* Allocate space for the match list (for `sudo -l'). */
1027 if (printmatches == TRUE)
1028 expand_match_list();
1030 #line 979 "sudo.tab.c"
1031 /* allocate initial stack or double stack size, up to YYMAXDEPTH */
1032 #if defined(__cplusplus) || defined(__STDC__)
1033 static int yygrowstack(void)
1035 static int yygrowstack()
1042 if ((newsize = yystacksize) == 0)
1043 newsize = YYINITSTACKSIZE;
1044 else if (newsize >= YYMAXDEPTH)
1046 else if ((newsize *= 2) > YYMAXDEPTH)
1047 newsize = YYMAXDEPTH;
1050 #define YY_SIZE_MAX SIZE_MAX
1052 #define YY_SIZE_MAX 0xffffffffU
1054 if (newsize && YY_SIZE_MAX / newsize < sizeof *newss)
1056 newss = yyss ? (short *)realloc(yyss, newsize * sizeof *newss) :
1057 (short *)malloc(newsize * sizeof *newss); /* overflow check above */
1062 if (newsize && YY_SIZE_MAX / newsize < sizeof *newvs)
1064 newvs = yyvs ? (YYSTYPE *)realloc(yyvs, newsize * sizeof *newvs) :
1065 (YYSTYPE *)malloc(newsize * sizeof *newvs); /* overflow check above */
1070 yystacksize = newsize;
1071 yysslim = yyss + newsize - 1;
1078 yyss = yyssp = NULL;
1079 yyvs = yyvsp = NULL;
1084 #define YYABORT goto yyabort
1085 #define YYREJECT goto yyabort
1086 #define YYACCEPT goto yyaccept
1087 #define YYERROR goto yyerrlab
1089 #if defined(__cplusplus) || defined(__STDC__)
1095 int yym, yyn, yystate;
1097 #if defined(__cplusplus) || defined(__STDC__)
1099 #else /* !(defined(__cplusplus) || defined(__STDC__)) */
1101 #endif /* !(defined(__cplusplus) || defined(__STDC__)) */
1103 if ((yys = getenv("YYDEBUG")))
1106 if (yyn >= '0' && yyn <= '9')
1107 yydebug = yyn - '0';
1109 #endif /* YYDEBUG */
1115 if (yyss == NULL && yygrowstack()) goto yyoverflow;
1118 *yyssp = yystate = 0;
1121 if ((yyn = yydefred[yystate]) != 0) goto yyreduce;
1124 if ((yychar = yylex()) < 0) yychar = 0;
1129 if (yychar <= YYMAXTOKEN) yys = yyname[yychar];
1130 if (!yys) yys = "illegal-symbol";
1131 printf("%sdebug: state %d, reading %d (%s)\n",
1132 YYPREFIX, yystate, yychar, yys);
1136 if ((yyn = yysindex[yystate]) && (yyn += yychar) >= 0 &&
1137 yyn <= YYTABLESIZE && yycheck[yyn] == yychar)
1141 printf("%sdebug: state %d, shifting to state %d\n",
1142 YYPREFIX, yystate, yytable[yyn]);
1144 if (yyssp >= yysslim && yygrowstack())
1148 *++yyssp = yystate = yytable[yyn];
1151 if (yyerrflag > 0) --yyerrflag;
1154 if ((yyn = yyrindex[yystate]) && (yyn += yychar) >= 0 &&
1155 yyn <= YYTABLESIZE && yycheck[yyn] == yychar)
1160 if (yyerrflag) goto yyinrecovery;
1161 #if defined(lint) || defined(__GNUC__)
1165 yyerror("syntax error");
1166 #if defined(lint) || defined(__GNUC__)
1177 if ((yyn = yysindex[*yyssp]) && (yyn += YYERRCODE) >= 0 &&
1178 yyn <= YYTABLESIZE && yycheck[yyn] == YYERRCODE)
1182 printf("%sdebug: state %d, error recovery shifting\
1183 to state %d\n", YYPREFIX, *yyssp, yytable[yyn]);
1185 if (yyssp >= yysslim && yygrowstack())
1189 *++yyssp = yystate = yytable[yyn];
1197 printf("%sdebug: error recovery discarding state %d\n",
1200 if (yyssp <= yyss) goto yyabort;
1208 if (yychar == 0) goto yyabort;
1213 if (yychar <= YYMAXTOKEN) yys = yyname[yychar];
1214 if (!yys) yys = "illegal-symbol";
1215 printf("%sdebug: state %d, error recovery discards token %d (%s)\n",
1216 YYPREFIX, yystate, yychar, yys);
1225 printf("%sdebug: state %d, reducing by rule %d (%s)\n",
1226 YYPREFIX, yystate, yyn, yyrule[yyn]);
1229 yyval = yyvsp[1-yym];
1233 #line 277 "parse.yacc"
1237 #line 279 "parse.yacc"
1241 #line 280 "parse.yacc"
1245 #line 280 "parse.yacc"
1247 while (top && user_matches != TRUE)
1252 #line 285 "parse.yacc"
1256 #line 287 "parse.yacc"
1260 #line 289 "parse.yacc"
1264 #line 291 "parse.yacc"
1268 #line 293 "parse.yacc"
1272 #line 299 "parse.yacc"
1274 defaults_matches = TRUE;
1278 #line 302 "parse.yacc"
1282 #line 302 "parse.yacc"
1284 defaults_matches = user_matches;
1289 #line 306 "parse.yacc"
1293 #line 306 "parse.yacc"
1295 defaults_matches = yyvsp[0].BOOLEAN == TRUE;
1300 #line 310 "parse.yacc"
1304 #line 310 "parse.yacc"
1306 defaults_matches = host_matches;
1311 #line 320 "parse.yacc"
1313 if (defaults_matches == TRUE &&
1314 !set_default(yyvsp[0].string, NULL, TRUE)) {
1318 efree(yyvsp[0].string);
1322 #line 328 "parse.yacc"
1324 if (defaults_matches == TRUE &&
1325 !set_default(yyvsp[0].string, NULL, FALSE)) {
1329 efree(yyvsp[0].string);
1333 #line 336 "parse.yacc"
1335 if (defaults_matches == TRUE &&
1336 !set_default(yyvsp[-2].string, yyvsp[0].string, TRUE)) {
1340 efree(yyvsp[-2].string);
1341 efree(yyvsp[0].string);
1345 #line 345 "parse.yacc"
1347 if (defaults_matches == TRUE &&
1348 !set_default(yyvsp[-2].string, yyvsp[0].string, '+')) {
1352 efree(yyvsp[-2].string);
1353 efree(yyvsp[0].string);
1357 #line 354 "parse.yacc"
1359 if (defaults_matches == TRUE &&
1360 !set_default(yyvsp[-2].string, yyvsp[0].string, '-')) {
1364 efree(yyvsp[-2].string);
1365 efree(yyvsp[0].string);
1369 #line 369 "parse.yacc"
1372 * We already did a push if necessary in
1373 * cmndspec so just reset some values so
1374 * the next 'privilege' gets a clean slate.
1376 host_matches = UNSPEC;
1377 runas_matches = UNSPEC;
1378 no_passwd = def_authenticate ? UNSPEC : TRUE;
1379 no_execve = def_noexec ? TRUE : UNSPEC;
1380 setenv_ok = def_setenv ? TRUE : UNSPEC;
1384 #line 383 "parse.yacc"
1386 SETMATCH(host_matches, yyvsp[0].BOOLEAN);
1390 #line 386 "parse.yacc"
1392 SETNMATCH(host_matches, yyvsp[0].BOOLEAN);
1396 #line 391 "parse.yacc"
1398 yyval.BOOLEAN = TRUE;
1402 #line 394 "parse.yacc"
1404 if (addr_matches(yyvsp[0].string))
1405 yyval.BOOLEAN = TRUE;
1407 yyval.BOOLEAN = NOMATCH;
1408 efree(yyvsp[0].string);
1412 #line 401 "parse.yacc"
1414 if (netgr_matches(yyvsp[0].string, user_host, user_shost, NULL))
1415 yyval.BOOLEAN = TRUE;
1417 yyval.BOOLEAN = NOMATCH;
1418 efree(yyvsp[0].string);
1422 #line 408 "parse.yacc"
1424 if (hostname_matches(user_shost, user_host, yyvsp[0].string) == 0)
1425 yyval.BOOLEAN = TRUE;
1427 yyval.BOOLEAN = NOMATCH;
1428 efree(yyvsp[0].string);
1432 #line 415 "parse.yacc"
1434 aliasinfo *aip = find_alias(yyvsp[0].string, HOST_ALIAS);
1436 /* could be an all-caps hostname */
1438 yyval.BOOLEAN = aip->val;
1439 else if (strcasecmp(user_shost, yyvsp[0].string) == 0)
1440 yyval.BOOLEAN = TRUE;
1443 (void) fprintf(stderr,
1444 "%s: undeclared Host_Alias `%s' referenced near line %d\n",
1445 (pedantic == 1) ? "Warning" : "Error", yyvsp[0].string, sudolineno);
1451 yyval.BOOLEAN = NOMATCH;
1453 efree(yyvsp[0].string);
1457 #line 443 "parse.yacc"
1460 * Push the entry onto the stack if it is worth
1461 * saving and reset cmnd_matches for next cmnd.
1463 * We need to save at least one entry on
1464 * the stack so sudoers_lookup() can tell that
1465 * the user was listed in sudoers. Also, we
1466 * need to be able to tell whether or not a
1467 * user was listed for this specific host.
1469 * If keepall is set and the user matches then
1470 * we need to keep entries around too...
1472 if (MATCHED(user_matches) &&
1473 MATCHED(host_matches) &&
1474 MATCHED(cmnd_matches) &&
1475 MATCHED(runas_matches))
1477 else if (MATCHED(user_matches) && (top == 1 ||
1478 (top == 2 && MATCHED(host_matches) &&
1479 !MATCHED(match[0].host))))
1481 else if (user_matches == TRUE && keepall)
1483 cmnd_matches = UNSPEC;
1487 #line 472 "parse.yacc"
1489 SETMATCH(cmnd_matches, yyvsp[0].BOOLEAN);
1493 #line 475 "parse.yacc"
1495 if (printmatches == TRUE) {
1496 if (in_alias == TRUE)
1497 append_entries("!", ", ");
1498 else if (host_matches == TRUE &&
1499 user_matches == TRUE)
1500 append_cmnd("!", NULL);
1505 #line 483 "parse.yacc"
1507 SETNMATCH(cmnd_matches, yyvsp[0].BOOLEAN);
1511 #line 488 "parse.yacc"
1513 if (printmatches == TRUE && host_matches == TRUE &&
1514 user_matches == TRUE) {
1515 if (runas_matches == UNSPEC) {
1516 cm_list[cm_list_len].runas_len = 0;
1518 /* Inherit runas data. */
1519 cm_list[cm_list_len].runas =
1520 estrdup(cm_list[cm_list_len-1].runas);
1521 cm_list[cm_list_len].runas_len =
1522 cm_list[cm_list_len-1].runas_len;
1523 cm_list[cm_list_len].runas_size =
1524 cm_list[cm_list_len-1].runas_size;
1528 * If this is the first entry in a command list
1529 * then check against default runas user.
1531 if (runas_matches == UNSPEC) {
1532 runas_matches = userpw_matches(def_runas_default,
1533 *user_runas, runas_pw) ? TRUE : NOMATCH;
1538 #line 512 "parse.yacc"
1540 runas_matches = yyvsp[0].BOOLEAN;
1544 #line 517 "parse.yacc"
1548 #line 518 "parse.yacc"
1550 /* Later entries override earlier ones. */
1551 if (yyvsp[0].BOOLEAN != NOMATCH)
1552 yyval.BOOLEAN = yyvsp[0].BOOLEAN;
1554 yyval.BOOLEAN = yyvsp[-2].BOOLEAN;
1558 #line 527 "parse.yacc"
1562 #line 528 "parse.yacc"
1564 if (printmatches == TRUE) {
1565 if (in_alias == TRUE)
1566 append_entries("!", ", ");
1567 else if (host_matches == TRUE &&
1568 user_matches == TRUE)
1569 append_runas("!", ", ");
1574 #line 536 "parse.yacc"
1576 /* Set $$ to the negation of runasuser */
1577 yyval.BOOLEAN = (yyvsp[0].BOOLEAN == NOMATCH ? NOMATCH : ! yyvsp[0].BOOLEAN);
1581 #line 542 "parse.yacc"
1583 if (printmatches == TRUE) {
1584 if (in_alias == TRUE)
1585 append_entries(yyvsp[0].string, ", ");
1586 else if (host_matches == TRUE &&
1587 user_matches == TRUE)
1588 append_runas(yyvsp[0].string, ", ");
1590 if (userpw_matches(yyvsp[0].string, *user_runas, runas_pw))
1591 yyval.BOOLEAN = TRUE;
1593 yyval.BOOLEAN = NOMATCH;
1594 efree(yyvsp[0].string);
1599 #line 557 "parse.yacc"
1601 if (printmatches == TRUE) {
1602 if (in_alias == TRUE)
1603 append_entries(yyvsp[0].string, ", ");
1604 else if (host_matches == TRUE &&
1605 user_matches == TRUE)
1606 append_runas(yyvsp[0].string, ", ");
1608 if (usergr_matches(yyvsp[0].string, *user_runas, runas_pw))
1609 yyval.BOOLEAN = TRUE;
1611 yyval.BOOLEAN = NOMATCH;
1612 efree(yyvsp[0].string);
1617 #line 572 "parse.yacc"
1619 if (printmatches == TRUE) {
1620 if (in_alias == TRUE)
1621 append_entries(yyvsp[0].string, ", ");
1622 else if (host_matches == TRUE &&
1623 user_matches == TRUE)
1624 append_runas(yyvsp[0].string, ", ");
1626 if (netgr_matches(yyvsp[0].string, NULL, NULL, *user_runas))
1627 yyval.BOOLEAN = TRUE;
1629 yyval.BOOLEAN = NOMATCH;
1630 efree(yyvsp[0].string);
1635 #line 587 "parse.yacc"
1637 aliasinfo *aip = find_alias(yyvsp[0].string, RUNAS_ALIAS);
1639 if (printmatches == TRUE) {
1640 if (in_alias == TRUE)
1641 append_entries(yyvsp[0].string, ", ");
1642 else if (host_matches == TRUE &&
1643 user_matches == TRUE)
1644 append_runas(yyvsp[0].string, ", ");
1646 /* could be an all-caps username */
1648 yyval.BOOLEAN = aip->val;
1649 else if (strcmp(yyvsp[0].string, *user_runas) == 0)
1650 yyval.BOOLEAN = TRUE;
1653 (void) fprintf(stderr,
1654 "%s: undeclared Runas_Alias `%s' referenced near line %d\n",
1655 (pedantic == 1) ? "Warning" : "Error", yyvsp[0].string, sudolineno);
1661 yyval.BOOLEAN = NOMATCH;
1663 efree(yyvsp[0].string);
1668 #line 617 "parse.yacc"
1670 if (printmatches == TRUE) {
1671 if (in_alias == TRUE)
1672 append_entries("ALL", ", ");
1673 else if (host_matches == TRUE &&
1674 user_matches == TRUE)
1675 append_runas("ALL", ", ");
1677 yyval.BOOLEAN = TRUE;
1681 #line 629 "parse.yacc"
1683 /* Inherit {NO,}{PASSWD,EXEC,SETENV} status. */
1684 if (printmatches == TRUE && host_matches == TRUE &&
1685 user_matches == TRUE) {
1686 if (no_passwd == TRUE)
1687 cm_list[cm_list_len].nopasswd = TRUE;
1689 cm_list[cm_list_len].nopasswd = FALSE;
1690 if (no_execve == TRUE)
1691 cm_list[cm_list_len].noexecve = TRUE;
1693 cm_list[cm_list_len].noexecve = FALSE;
1694 if (setenv_ok == TRUE)
1695 cm_list[cm_list_len].setenv = TRUE;
1697 cm_list[cm_list_len].setenv = FALSE;
1702 #line 647 "parse.yacc"
1705 if (printmatches == TRUE && host_matches == TRUE &&
1706 user_matches == TRUE)
1707 cm_list[cm_list_len].nopasswd = TRUE;
1711 #line 653 "parse.yacc"
1714 if (printmatches == TRUE && host_matches == TRUE &&
1715 user_matches == TRUE)
1716 cm_list[cm_list_len].nopasswd = FALSE;
1720 #line 659 "parse.yacc"
1723 if (printmatches == TRUE && host_matches == TRUE &&
1724 user_matches == TRUE)
1725 cm_list[cm_list_len].noexecve = TRUE;
1729 #line 665 "parse.yacc"
1732 if (printmatches == TRUE && host_matches == TRUE &&
1733 user_matches == TRUE)
1734 cm_list[cm_list_len].noexecve = FALSE;
1738 #line 671 "parse.yacc"
1741 if (printmatches == TRUE && host_matches == TRUE &&
1742 user_matches == TRUE)
1743 cm_list[cm_list_len].setenv = TRUE;
1747 #line 677 "parse.yacc"
1750 if (printmatches == TRUE && host_matches == TRUE &&
1751 user_matches == TRUE)
1752 cm_list[cm_list_len].setenv = FALSE;
1756 #line 685 "parse.yacc"
1758 if (printmatches == TRUE) {
1759 if (in_alias == TRUE)
1760 append_entries("ALL", ", ");
1761 else if (host_matches == TRUE &&
1762 user_matches == TRUE) {
1763 append_cmnd("ALL", NULL);
1764 expand_match_list();
1770 yyval.BOOLEAN = TRUE;
1774 #line 700 "parse.yacc"
1778 if (printmatches == TRUE) {
1779 if (in_alias == TRUE)
1780 append_entries(yyvsp[0].string, ", ");
1781 else if (host_matches == TRUE &&
1782 user_matches == TRUE) {
1783 append_cmnd(yyvsp[0].string, NULL);
1784 expand_match_list();
1788 if ((aip = find_alias(yyvsp[0].string, CMND_ALIAS)))
1789 yyval.BOOLEAN = aip->val;
1792 (void) fprintf(stderr,
1793 "%s: undeclared Cmnd_Alias `%s' referenced near line %d\n",
1794 (pedantic == 1) ? "Warning" : "Error", yyvsp[0].string, sudolineno);
1800 yyval.BOOLEAN = NOMATCH;
1802 efree(yyvsp[0].string);
1806 #line 729 "parse.yacc"
1808 if (printmatches == TRUE) {
1809 if (in_alias == TRUE) {
1810 append_entries(yyvsp[0].command.cmnd, ", ");
1811 if (yyvsp[0].command.args)
1812 append_entries(yyvsp[0].command.args, " ");
1814 if (host_matches == TRUE &&
1815 user_matches == TRUE) {
1816 append_cmnd(yyvsp[0].command.cmnd, NULL);
1817 if (yyvsp[0].command.args)
1818 append_cmnd(yyvsp[0].command.args, " ");
1819 expand_match_list();
1823 if (command_matches(yyvsp[0].command.cmnd, yyvsp[0].command.args))
1824 yyval.BOOLEAN = TRUE;
1826 yyval.BOOLEAN = NOMATCH;
1828 efree(yyvsp[0].command.cmnd);
1829 efree(yyvsp[0].command.args);
1833 #line 759 "parse.yacc"
1837 #line 759 "parse.yacc"
1839 if ((MATCHED(host_matches) || pedantic) &&
1840 !add_alias(yyvsp[-3].string, HOST_ALIAS, host_matches)) {
1848 #line 777 "parse.yacc"
1851 if (printmatches == TRUE) {
1853 /* Allocate space for ga_list if necessary. */
1855 ga_list[ga_list_len-1].type = CMND_ALIAS;
1856 ga_list[ga_list_len-1].alias = estrdup(yyvsp[0].string);
1861 #line 786 "parse.yacc"
1863 if ((MATCHED(cmnd_matches) || pedantic) &&
1864 !add_alias(yyvsp[-3].string, CMND_ALIAS, cmnd_matches)) {
1869 efree(yyvsp[-3].string);
1871 if (printmatches == TRUE)
1876 #line 800 "parse.yacc"
1880 #line 808 "parse.yacc"
1882 if (printmatches == TRUE) {
1884 /* Allocate space for ga_list if necessary. */
1886 ga_list[ga_list_len-1].type = RUNAS_ALIAS;
1887 ga_list[ga_list_len-1].alias = estrdup(yyvsp[0].string);
1892 #line 816 "parse.yacc"
1894 if ((yyvsp[0].BOOLEAN != NOMATCH || pedantic) &&
1895 !add_alias(yyvsp[-3].string, RUNAS_ALIAS, yyvsp[0].BOOLEAN)) {
1899 efree(yyvsp[-3].string);
1901 if (printmatches == TRUE)
1906 #line 833 "parse.yacc"
1910 #line 833 "parse.yacc"
1912 if ((MATCHED(user_matches) || pedantic) &&
1913 !add_alias(yyvsp[-3].string, USER_ALIAS, user_matches)) {
1918 efree(yyvsp[-3].string);
1922 #line 848 "parse.yacc"
1924 SETMATCH(user_matches, yyvsp[0].BOOLEAN);
1928 #line 851 "parse.yacc"
1930 SETNMATCH(user_matches, yyvsp[0].BOOLEAN);
1934 #line 856 "parse.yacc"
1936 if (userpw_matches(yyvsp[0].string, user_name, sudo_user.pw))
1937 yyval.BOOLEAN = TRUE;
1939 yyval.BOOLEAN = NOMATCH;
1940 efree(yyvsp[0].string);
1944 #line 863 "parse.yacc"
1946 if (usergr_matches(yyvsp[0].string, user_name, sudo_user.pw))
1947 yyval.BOOLEAN = TRUE;
1949 yyval.BOOLEAN = NOMATCH;
1950 efree(yyvsp[0].string);
1954 #line 870 "parse.yacc"
1956 if (netgr_matches(yyvsp[0].string, NULL, NULL, user_name))
1957 yyval.BOOLEAN = TRUE;
1959 yyval.BOOLEAN = NOMATCH;
1960 efree(yyvsp[0].string);
1964 #line 877 "parse.yacc"
1966 aliasinfo *aip = find_alias(yyvsp[0].string, USER_ALIAS);
1968 /* could be an all-caps username */
1970 yyval.BOOLEAN = aip->val;
1971 else if (strcmp(yyvsp[0].string, user_name) == 0)
1972 yyval.BOOLEAN = TRUE;
1975 (void) fprintf(stderr,
1976 "%s: undeclared User_Alias `%s' referenced near line %d\n",
1977 (pedantic == 1) ? "Warning" : "Error", yyvsp[0].string, sudolineno);
1983 yyval.BOOLEAN = NOMATCH;
1985 efree(yyvsp[0].string);
1989 #line 899 "parse.yacc"
1991 yyval.BOOLEAN = TRUE;
1994 #line 1943 "sudo.tab.c"
2000 if (yystate == 0 && yym == 0)
2004 printf("%sdebug: after reduction, shifting from state 0 to\
2005 state %d\n", YYPREFIX, YYFINAL);
2012 if ((yychar = yylex()) < 0) yychar = 0;
2017 if (yychar <= YYMAXTOKEN) yys = yyname[yychar];
2018 if (!yys) yys = "illegal-symbol";
2019 printf("%sdebug: state %d, reading %d (%s)\n",
2020 YYPREFIX, YYFINAL, yychar, yys);
2024 if (yychar == 0) goto yyaccept;
2027 if ((yyn = yygindex[yym]) && (yyn += yystate) >= 0 &&
2028 yyn <= YYTABLESIZE && yycheck[yyn] == yystate)
2029 yystate = yytable[yyn];
2031 yystate = yydgoto[yym];
2034 printf("%sdebug: after reduction, shifting from state %d \
2035 to state %d\n", YYPREFIX, *yyssp, yystate);
2037 if (yyssp >= yysslim && yygrowstack())
2045 yyerror("yacc stack overflow");
2051 yyss = yyssp = NULL;
2052 yyvs = yyvsp = NULL;
2060 yyss = yyssp = NULL;
2061 yyvs = yyvsp = NULL;