From: Bdale Garbee Date: Thu, 15 May 2008 06:45:29 +0000 (-0600) Subject: Merge branch 'upstream' X-Git-Tag: debian/1.6.9p17-1~11 X-Git-Url: https://git.gag.com/?a=commitdiff_plain;h=fb7645a1633a5422a294859f07981dc7f4b9c4e3;p=debian%2Fsudo Merge branch 'upstream' Conflicts: CHANGES Makefile.in config.sub configure configure.in env.c ldap.c sample.sudoers sudo.c sudo.cat sudo.man.in sudo.pod sudoers.cat sudoers.man.in sudoers.pod version.h visudo.cat visudo.man.in --- fb7645a1633a5422a294859f07981dc7f4b9c4e3 diff --cc sample.sudoers index 0cac2c1,0682301..29d88c9 --- a/sample.sudoers +++ b/sample.sudoers @@@ -35,16 -35,16 +35,16 @@@ Host_Alias CDROM = orion, perseus, herc # Cmnd alias specification ## Cmnd_Alias DUMPS = /usr/sbin/dump, /usr/sbin/rdump, /usr/sbin/restore, \ - /usr/sbin/rrestore, /usr/bin/mt -Cmnd_Alias KILL = /usr/bin/kill + /usr/sbin/rrestore, /bin/mt +Cmnd_Alias KILL = /bin/kill Cmnd_Alias PRINTING = /usr/sbin/lpc, /usr/bin/lprm - Cmnd_Alias SHUTDOWN = /sbin/shutdown - Cmnd_Alias HALT = /sbin/halt - Cmnd_Alias REBOOT = /sbin/reboot - Cmnd_Alias SHELLS = /sbin/sh, /bin/sh, /bin/csh, /usr/bin/ksh, \ - /usr/bin/tcsh, /usr/bin/rsh, \ - /usr/bin/zsh - Cmnd_Alias SU = /bin/su + Cmnd_Alias SHUTDOWN = /usr/sbin/shutdown + Cmnd_Alias HALT = /usr/sbin/halt + Cmnd_Alias REBOOT = /usr/sbin/reboot + Cmnd_Alias SHELLS = /sbin/sh, /usr/bin/sh, /usr/bin/csh, /usr/bin/ksh, \ + /usr/local/bin/tcsh, /usr/bin/rsh, \ + /usr/local/bin/zsh + Cmnd_Alias SU = /usr/bin/su Cmnd_Alias VIPW = /usr/sbin/vipw, /usr/bin/passwd, /usr/bin/chsh, \ /usr/bin/chfn diff --cc sudo.c index 372727a,aec3acf..f051d5a --- a/sudo.c +++ b/sudo.c @@@ -532,12 -531,17 +532,11 @@@ init_vars(sudo_mode, envp user_host = user_shost = "localhost"; else { user_host = estrdup(thost); - if ((p = strchr(user_host, '.'))) { - *p = '\0'; - user_shost = estrdup(user_host); - *p = '.'; + if (def_fqdn) { + /* Defer call to set_fqdn() until log_error() is safe. */ + user_shost = user_host; } else { - if ((p = strchr(user_host, '.'))) { - *p = '\0'; - user_shost = estrdup(user_host); - *p = '.'; - } else { - user_shost = user_host; - } + user_shost = user_host; } } @@@ -1216,9 -1217,8 +1212,37 @@@ set_fqdn( } else { user_shost = user_host; } + sudo_user.host_fqdn_queried = TRUE; +} + ++/* ++ * Get passwd entry for the user we are going to run commands as. ++ * By default, this is "root". Updates runas_pw as a side effect. ++ */ ++int ++set_runaspw(user) ++ char *user; ++{ ++ if (runas_pw != NULL) { ++ if (user_runas != &def_runas_default) ++ return(TRUE); /* don't override -u option */ ++ efree(runas_pw); ++ } ++ if (*user == '#') { ++ runas_pw = sudo_getpwuid(atoi(user + 1)); ++ if (runas_pw == NULL) { ++ runas_pw = emalloc(sizeof(struct passwd)); ++ (void) memset((VOID *)runas_pw, 0, sizeof(struct passwd)); ++ runas_pw->pw_uid = atoi(user + 1); ++ } ++ } else { ++ runas_pw = sudo_getpwnam(user); ++ if (runas_pw == NULL) ++ log_error(NO_MAIL|MSG_ONLY, "no passwd entry for %s!", user); ++ } ++ return(TRUE); + } + /* * Get passwd entry for the user we are going to run commands as. * By default, this is "root". Updates runas_pw as a side effect. diff --cc sudo.cat index c86ab45,c75e94b..1bb8ece --- a/sudo.cat +++ b/sudo.cat @@@ -61,7 -61,7 +61,11 @@@ DDEESSCCRRIIPPTTIIOON ++<<<<<<< HEAD:sudo.cat +1.6.9p15 March 23, 2008 1 ++======= + 1.6.9p16 May 8, 2008 1 ++>>>>>>> 17fe41bae8a65fb88683c9795414556ed9b636e9:sudo.cat @@@ -127,7 -127,7 +131,11 @@@ OOPPTTIIOONNS ++<<<<<<< HEAD:sudo.cat +1.6.9p15 March 23, 2008 2 ++======= + 1.6.9p16 May 8, 2008 2 ++>>>>>>> 17fe41bae8a65fb88683c9795414556ed9b636e9:sudo.cat @@@ -193,7 -193,7 +201,11 @@@ SUDO(1m) MAINTENANCE COMM ++<<<<<<< HEAD:sudo.cat +1.6.9p15 March 23, 2008 3 ++======= + 1.6.9p16 May 8, 2008 3 ++>>>>>>> 17fe41bae8a65fb88683c9795414556ed9b636e9:sudo.cat @@@ -259,7 -259,7 +271,11 @@@ SUDO(1m) MAINTENANCE COMM ++<<<<<<< HEAD:sudo.cat +1.6.9p15 March 23, 2008 4 ++======= + 1.6.9p16 May 8, 2008 4 ++>>>>>>> 17fe41bae8a65fb88683c9795414556ed9b636e9:sudo.cat @@@ -325,7 -325,7 +341,11 @@@ SSEECCUURRIITTYY NNOOTTEES ++<<<<<<< HEAD:sudo.cat +1.6.9p15 March 23, 2008 5 ++======= + 1.6.9p16 May 8, 2008 5 ++>>>>>>> 17fe41bae8a65fb88683c9795414556ed9b636e9:sudo.cat @@@ -391,7 -391,7 +411,11 @@@ SUDO(1m) MAINTENANCE COMM ++<<<<<<< HEAD:sudo.cat +1.6.9p15 March 23, 2008 6 ++======= + 1.6.9p16 May 8, 2008 6 ++>>>>>>> 17fe41bae8a65fb88683c9795414556ed9b636e9:sudo.cat @@@ -457,7 -457,7 +481,11 @@@ FFIILLEES ++<<<<<<< HEAD:sudo.cat +1.6.9p15 March 23, 2008 7 ++======= + 1.6.9p16 May 8, 2008 7 ++>>>>>>> 17fe41bae8a65fb88683c9795414556ed9b636e9:sudo.cat @@@ -523,7 -523,7 +551,11 @@@ CCAAVVEEAATTS ++<<<<<<< HEAD:sudo.cat +1.6.9p15 March 23, 2008 8 ++======= + 1.6.9p16 May 8, 2008 8 ++>>>>>>> 17fe41bae8a65fb88683c9795414556ed9b636e9:sudo.cat @@@ -589,6 -589,6 +621,10 @@@ DDIISSCCLLAAIIMMEER ++<<<<<<< HEAD:sudo.cat +1.6.9p15 March 23, 2008 9 ++======= + 1.6.9p16 May 8, 2008 9 ++>>>>>>> 17fe41bae8a65fb88683c9795414556ed9b636e9:sudo.cat diff --cc sudoers.man.in index 0093c0f,1bb168a..023bd46 --- a/sudoers.man.in +++ b/sudoers.man.in @@@ -1027,36 -1021,32 +1027,83 @@@ The default value is \fIany\fR .IP "logfile" 12 .IX Item "logfile" Path to the \fBsudo\fR log file (not the syslog log file). Setting a path +turns on logging to a file; negating this option turns it off. +By default, \fBsudo\fR logs via syslog. +.IP "mailerflags" 12 +.IX Item "mailerflags" +Flags to use when invoking mailer. Defaults to \fB\-t\fR. +.IP "mailerpath" 12 +.IX Item "mailerpath" +Path to mail program used to send warning mail. +Defaults to the path to sendmail found at configure time. +.IP "mailto" 12 +.IX Item "mailto" +Address to send warning and error mail to. The address should +be enclosed in double quotes (\f(CW\*(C`"\*(C'\fR) to protect against \fBsudo\fR +interpreting the \f(CW\*(C`@\*(C'\fR sign. Defaults to \f(CW\*(C`@mailto@\*(C'\fR. +.IP "exempt_group" 12 +.IX Item "exempt_group" +Users in this group are exempt from password and \s-1PATH\s0 requirements. +On Debian systems, this is set to the group 'sudo' by default. +.IP "syslog" 12 +.IX Item "syslog" +Syslog facility if syslog is being used for logging (negate to +disable syslog logging). Defaults to \f(CW\*(C`@logfac@\*(C'\fR. +.IP "verifypw" 12 +.IX Item "verifypw" +This option controls when a password will be required when a user runs +\&\fBsudo\fR with the \fB\-v\fR flag. It has the following possible values: +.RS 12 +.IP "all" 8 +.IX Item "all" +All the user's \fIsudoers\fR entries for the current host must have ++the \f(CW\*(C`NOPASSWD\*(C'\fR flag set to avoid entering a password. ++.IP "always" 8 ++.IX Item "always" ++The user must always enter a password to use the \fB\-l\fR flag. ++.IP "any" 8 ++.IX Item "any" ++At least one of the user's \fIsudoers\fR entries for the current host ++must have the \f(CW\*(C`NOPASSWD\*(C'\fR flag set to avoid entering a password. ++.IP "never" 8 ++.IX Item "never" ++The user need never enter a password to use the \fB\-l\fR flag. ++.RE ++.RS 12 ++.Sp ++If no value is specified, a value of \fIany\fR is implied. ++Negating the option results in a value of \fInever\fR being used. ++The default value is \fIany\fR. ++.RE ++.IP "logfile" 12 ++.IX Item "logfile" ++Path to the \fBsudo\fR log file (not the syslog log file). Setting a path + turns on logging to a file; negating this option turns it off. + By default, \fBsudo\fR logs via syslog. + .IP "mailerflags" 12 + .IX Item "mailerflags" + Flags to use when invoking mailer. Defaults to \fB\-t\fR. + .IP "mailerpath" 12 + .IX Item "mailerpath" + Path to mail program used to send warning mail. + Defaults to the path to sendmail found at configure time. + .IP "mailto" 12 + .IX Item "mailto" + Address to send warning and error mail to. The address should + be enclosed in double quotes (\f(CW\*(C`"\*(C'\fR) to protect against \fBsudo\fR + interpreting the \f(CW\*(C`@\*(C'\fR sign. Defaults to \f(CW\*(C`@mailto@\*(C'\fR. + .IP "syslog" 12 + .IX Item "syslog" + Syslog facility if syslog is being used for logging (negate to + disable syslog logging). Defaults to \f(CW\*(C`@logfac@\*(C'\fR. + .IP "verifypw" 12 + .IX Item "verifypw" + This option controls when a password will be required when a user runs + \&\fBsudo\fR with the \fB\-v\fR flag. It has the following possible values: + .RS 12 + .IP "all" 8 + .IX Item "all" + All the user's \fIsudoers\fR entries for the current host must have the \f(CW\*(C`NOPASSWD\*(C'\fR flag set to avoid entering a password. .IP "always" 8 .IX Item "always" diff --cc sudoers.pod index e132b21,f65db6b..5f25ce3 --- a/sudoers.pod +++ b/sudoers.pod @@@ -437,12 -437,12 +437,36 @@@ B =over 16 --=item always_set_home ++=item mail_badpass --If set, B will set the C environment variable to the home --directory of the target user (which is root unless the B<-u> option is used). --This effectively means that the B<-H> flag is always implied. --This flag is I by default. ++Send mail to the I user if the user running B does not ++enter the correct password. This flag is I by default. ++ ++=item mail_no_host ++ ++If set, mail will be sent to the I user if the invoking ++user exists in the I file, but is not allowed to run ++commands on the current host. This flag is I<@mail_no_host@> by default. ++ ++=item mail_no_perms ++ ++If set, mail will be sent to the I user if the invoking ++user is allowed to use B but the command they are trying is not ++listed in their I file entry or is explicitly denied. ++This flag is I<@mail_no_perms@> by default. ++ ++=item mail_no_user ++ ++If set, mail will be sent to the I user if the invoking ++user is not in the I file. This flag is I<@mail_no_user@> ++by default. ++ ++=item noexec ++ ++If set, all commands run via B will behave as if the C ++tag has been set, unless overridden by a C tag. See the ++description of I below as well as the L section at the end of this manual. This flag is I by default. =item authenticate @@@ -1063,17 -1057,11 +1084,20 @@@ important. In general, you should stru the C, C, and C specifications come first, followed by any C lines, and finally the C and user specifications. The basic rule of thumb - is that you cannot reference an Alias that has not already been defined. + is you cannot reference an Alias that has not already been defined. + + Below are example I entries. Admittedly, some of + these are a bit contrived. First, we define our I: +Below are example I entries. Admittedly, some of +these are a bit contrived. First, we allow a few environment +variables to pass and then define our I: + + # Run X applications through sudo; HOME is used to find .Xauthority file + # Note that some programs may use HOME for other purposes too and + # this may lead to privilege escalation! + Defaults env_keep = "DISPLAY HOME" + # User alias specification User_Alias FULLTIMERS = millert, mikef, dowdy User_Alias PARTTIMERS = bostley, jwfox, crawl