# include <project.h>
# include <sys/task.h>
#endif
+#ifdef HAVE_SELINUX
+# include <selinux/selinux.h>
+#endif
#include "sudo.h"
#include "interfaces.h"
#include "version.h"
#ifndef lint
-__unused __unused static const char rcsid[] = "$Sudo: sudo.c,v 1.369.2.34 2007/12/13 14:12:49 millert Exp $";
+__unused __unused static const char rcsid[] = "$Sudo: sudo.c,v 1.369.2.38 2008/03/05 19:34:49 millert Exp $";
#endif /* lint */
/*
validated = sudo_ldap_check(pwflag);
/* Skip reading /etc/sudoers if LDAP told us to */
- if (def_ignore_local_sudoers); /* skips */
- else if (ISSET(validated, VALIDATE_OK) && !printmatches); /* skips */
- else if (ISSET(validated, VALIDATE_OK) && printmatches)
- {
- check_sudoers(); /* check mode/owner on _PATH_SUDOERS */
+ if (!def_ignore_local_sudoers) {
+ int v;
- /* User is found in LDAP and we want a list of all sudo commands the
- * user can do, so consult sudoers but throw away result.
- */
- sudoers_lookup(pwflag);
- }
- else
-#endif
- {
check_sudoers(); /* check mode/owner on _PATH_SUDOERS */
- /* Validate the user but don't search for pseudo-commands. */
- validated = sudoers_lookup(pwflag);
+ /* Local sudoers file overrides LDAP if we have a match. */
+ v = sudoers_lookup(pwflag);
+ if (ISSET(v, VALIDATE_OK))
+ validated = v;
}
+#else
+ check_sudoers(); /* check mode/owner on _PATH_SUDOERS */
+
+ /* Validate the user but don't search for pseudo-commands. */
+ validated = sudoers_lookup(pwflag);
+#endif
if (safe_cmnd == NULL)
safe_cmnd = estrdup(user_cmnd);
#ifndef PROFILING
if (ISSET(sudo_mode, MODE_BACKGROUND) && fork() > 0)
exit(0);
- else
+ else {
+#ifdef HAVE_SELINUX
+ if (is_selinux_enabled() > 0 && user_role != NULL)
+ selinux_exec(user_role, user_type, NewArgv, environ,
+ ISSET(sudo_mode, MODE_LOGIN_SHELL));
+#endif
execve(safe_cmnd, NewArgv, environ);
+ }
#else
exit(0);
#endif /* PROFILING */
case 'E':
SET(rval, MODE_PRESERVE_ENV);
break;
+#ifdef HAVE_SELINUX
+ case 'r':
+ /* Must have an associated SELinux role. */
+ if (NewArgv[1] == NULL)
+ usage(1);
+
+ user_role = NewArgv[1];
+
+ NewArgc--;
+ NewArgv++;
+ break;
+ case 't':
+ /* Must have an associated SELinux type. */
+ if (NewArgv[1] == NULL)
+ usage(1);
+
+ user_type = NewArgv[1];
+
+ NewArgc--;
+ NewArgv++;
+ break;
+#endif
case '-':
NewArgc--;
NewArgv++;
initial_setup()
{
int miss[3], devnull = -1;
-#if defined(RLIMIT_CORE) && !defined(SUDO_DEVEL)
+#if defined(__linux__) || (defined(RLIMIT_CORE) && !defined(SUDO_DEVEL))
struct rlimit rl;
+#endif
+#if defined(__linux__)
+ /*
+ * Unlimit the number of processes since Linux's setuid() will
+ * apply resource limits when changing uid and return EAGAIN if
+ * nproc would be violated by the uid switch.
+ */
+ rl.rlim_cur = rl.rlim_max = RLIM_INFINITY;
+ if (setrlimit(RLIMIT_NPROC, &rl)) {
+ if (getrlimit(RLIMIT_NPROC, &rl) == 0) {
+ rl.rlim_cur = rl.rlim_max;
+ (void)setrlimit(RLIMIT_NPROC, &rl);
+ }
+ }
+#endif /* __linux__ */
+#if defined(RLIMIT_CORE) && !defined(SUDO_DEVEL)
/*
* Turn off core dumps.
*/
#endif
#ifdef HAVE_LOGIN_CAP_H
" [-c class|-]",
+#endif
+#ifdef HAVE_SELINUX
+ " [-r role]",
#endif
" [-p prompt]",
+#ifdef HAVE_SELINUX
+ " [-t type]",
+#endif
" [-u username|#uid]",
" [VAR=value]",
" {-i | -s | <command>}",