#include "version.h"
#ifndef lint
-__unused __unused static const char rcsid[] = "$Sudo: sudo.c,v 1.369.2.38 2008/03/05 19:34:49 millert Exp $";
+__unused __unused static const char rcsid[] = "$Sudo: sudo.c,v 1.369.2.39 2008/04/10 17:56:05 millert Exp $";
#endif /* lint */
/*
/* Local sudoers file overrides LDAP if we have a match. */
v = sudoers_lookup(pwflag);
- if (ISSET(v, VALIDATE_OK))
+ if (validated == VALIDATE_ERROR || ISSET(v, VALIDATE_OK))
validated = v;
}
#else
user_host = user_shost = "localhost";
else {
user_host = estrdup(thost);
- if ((p = strchr(user_host, '.'))) {
- *p = '\0';
- user_shost = estrdup(user_host);
- *p = '.';
+ if (def_fqdn) {
+ /* Defer call to set_fqdn() until log_error() is safe. */
+ user_shost = user_host;
} else {
user_shost = user_host;
}
if (nohostname)
log_error(USE_ERRNO|MSG_ONLY, "can't get hostname");
- /* We don't query FQDN yet, it might get disabled later. Querying is done
- * when host matching is executed and def_fqdn still true */
-
set_runaspw(*user_runas); /* may call log_error() */
if (*user_runas[0] == '#' && runas_pw->pw_name && runas_pw->pw_name[0])
*user_runas = estrdup(runas_pw->pw_name);
return(TRUE);
}
+/*
+ * Get passwd entry for the user we are going to run commands as.
+ * By default, this is "root". Updates runas_pw as a side effect.
+ */
+int
+set_runaspw(user)
+ char *user;
+{
+ if (runas_pw != NULL) {
+ if (user_runas != &def_runas_default)
+ return(TRUE); /* don't override -u option */
+ efree(runas_pw);
+ }
+ if (*user == '#') {
+ runas_pw = sudo_getpwuid(atoi(user + 1));
+ if (runas_pw == NULL) {
+ runas_pw = emalloc(sizeof(struct passwd));
+ (void) memset((VOID *)runas_pw, 0, sizeof(struct passwd));
+ runas_pw->pw_uid = atoi(user + 1);
+ }
+ } else {
+ runas_pw = sudo_getpwnam(user);
+ if (runas_pw == NULL)
+ log_error(NO_MAIL|MSG_ONLY, "no passwd entry for %s!", user);
+ }
+ return(TRUE);
+}
+
/*
* Get passwd entry for the user we are going to authenticate as.
* By default, this is the user invoking sudo. In the most common