#include "version.h"
#ifndef lint
-__unused __unused static const char rcsid[] = "$Sudo: sudo.c,v 1.369.2.38 2008/03/05 19:34:49 millert Exp $";
+__unused __unused static const char rcsid[] = "$Sudo: sudo.c,v 1.369.2.41 2008/06/21 19:04:07 millert Exp $";
#endif /* lint */
/*
extern struct passwd *sudo_getpwnam __P((const char *));
extern struct passwd *sudo_getpwuid __P((uid_t));
extern struct passwd *sudo_pwdup __P((const struct passwd *));
+extern void runas_resetgroups __P((void));
/*
* Globals
#ifdef HAVE_BSD_AUTH_H
char *login_style;
#endif /* HAVE_BSD_AUTH_H */
-sigaction_t saved_sa_int, saved_sa_quit, saved_sa_tstp, saved_sa_chld;
+sigaction_t saved_sa_int, saved_sa_quit, saved_sa_tstp;
int
(void) sigaction(SIGINT, &sa, &saved_sa_int);
(void) sigaction(SIGQUIT, &sa, &saved_sa_quit);
(void) sigaction(SIGTSTP, &sa, &saved_sa_tstp);
- sa.sa_handler = reapchild;
- (void) sigaction(SIGCHLD, &sa, &saved_sa_chld);
/*
* Turn off core dumps and close open files.
/* Local sudoers file overrides LDAP if we have a match. */
v = sudoers_lookup(pwflag);
- if (ISSET(v, VALIDATE_OK))
+ if (validated == VALIDATE_ERROR || ISSET(v, VALIDATE_OK))
validated = v;
}
#else
(void) sigaction(SIGINT, &saved_sa_int, NULL);
(void) sigaction(SIGQUIT, &saved_sa_quit, NULL);
(void) sigaction(SIGTSTP, &saved_sa_tstp, NULL);
- (void) sigaction(SIGCHLD, &saved_sa_chld, NULL);
#ifndef PROFILING
if (ISSET(sudo_mode, MODE_BACKGROUND) && fork() > 0)
user_host = user_shost = "localhost";
else {
user_host = estrdup(thost);
- if ((p = strchr(user_host, '.'))) {
- *p = '\0';
- user_shost = estrdup(user_host);
- *p = '.';
+ if (def_fqdn) {
+ /* Defer call to set_fqdn() until log_error() is safe. */
+ user_shost = user_host;
} else {
user_shost = user_host;
}
if (nohostname)
log_error(USE_ERRNO|MSG_ONLY, "can't get hostname");
- /* We don't query FQDN yet, it might get disabled later. Querying is done
- * when host matching is executed and def_fqdn still true */
-
set_runaspw(*user_runas); /* may call log_error() */
if (*user_runas[0] == '#' && runas_pw->pw_name && runas_pw->pw_name[0])
*user_runas = estrdup(runas_pw->pw_name);
warnx("you may not specify environment variables in edit mode");
usage(1);
}
-
+ if (ISSET(rval, MODE_PRESERVE_ENV) && ISSET(rval, MODE_LOGIN_SHELL)) {
+ warnx("you may not specify both the `-i' and `-E' options");
+ usage(1);
+ }
if (user_runas != NULL && !ISSET(rval, (MODE_EDIT|MODE_RUN))) {
if (excl != '\0')
warnx("the `-u' and '-%c' options may not be used together", excl);
if (runas_pw == NULL)
log_error(NO_MAIL|MSG_ONLY, "no passwd entry for %s!", user);
}
+ runas_resetgroups();
return(TRUE);
}