From 98decbe90438de26497d15e69e991172fc28266b Mon Sep 17 00:00:00 2001 From: Bdale Garbee Date: Wed, 14 May 2008 12:04:04 -0600 Subject: [PATCH] Imported Upstream version 1.6.9p9 --- CHANGES | 13 ++ Makefile.in | 6 +- acsite.m4 | 2 +- auth/pam.c | 37 +++- config.h.in | 7 + configure | 587 ++++++++++++++++++++++++++++++++++++++++++++++++- configure.in | 12 +- def_data.c | 4 + def_data.h | 50 +++-- def_data.in | 3 + glob.c | 16 +- interfaces.c | 4 +- ldap.c | 20 +- logging.c | 7 +- memrchr.c | 4 +- parse.yacc | 10 +- set_perms.c | 113 ++++++++-- sudo.c | 5 +- sudo.cat | 44 ++-- sudo.h | 6 +- sudo.man.in | 10 +- sudo.pod | 8 +- sudo.tab.c | 457 +++++++++++++++++++------------------- sudoers | 2 + sudoers.cat | 394 ++++++++++++++++----------------- sudoers.man.in | 14 +- sudoers.pod | 13 +- version.h | 4 +- 28 files changed, 1299 insertions(+), 553 deletions(-) diff --git a/CHANGES b/CHANGES index a3797a3..ad8e0bd 100644 --- a/CHANGES +++ b/CHANGES @@ -1993,3 +1993,16 @@ Sudo 1.6.9p7 released. user specified. Sudo 1.6.9p8 released. + +630) The ALL command in sudoers now implies SETENV permissions. + +631) The command search is now performed using the target user's + auxiliary group vector too. + +632) When determining if the PAM prompt is the default "Password: ", + compare the localized version if possible. + +633) Added passprompt_override flag to sudoers to cause sudo's prompt + to be used in all cases. Also set when the -p flag is used. + +Sudo 1.6.9p9 released. diff --git a/Makefile.in b/Makefile.in index caa2fc5..16da662 100644 --- a/Makefile.in +++ b/Makefile.in @@ -20,7 +20,7 @@ # # @configure_input@ # -# $Sudo: Makefile.in,v 1.246.2.18 2007/11/02 19:15:16 millert Exp $ +# $Sudo: Makefile.in,v 1.246.2.20 2007/12/03 10:34:32 millert Exp $ # #### Start of system configuration section. #### @@ -43,7 +43,7 @@ INSTALL = $(SHELL) $(srcdir)/install-sh -c # Libraries LIBS = @LIBS@ NET_LIBS = @NET_LIBS@ -SUDO_LIBS = @SUDO_LIBS@ @AFS_LIBS@ $(LIBS) $(NET_LIBS) +SUDO_LIBS = @SUDO_LIBS@ @AFS_LIBS@ @GETGROUPS_LIB@ $(LIBS) $(NET_LIBS) # C preprocessor flags CPPFLAGS = -I. -I$(srcdir) @CPPFLAGS@ @@ -131,7 +131,7 @@ TESTOBJS = interfaces.o testsudoers.o $(PARSEOBJS) LIBOBJS = @LIBOBJS@ @ALLOCA@ -VERSION = 1.6.9p8 +VERSION = 1.6.9p9 DISTFILES = $(SRCS) $(HDRS) BUGS CHANGES HISTORY INSTALL INSTALL.configure \ LICENSE Makefile.in PORTING README README.LDAP \ diff --git a/acsite.m4 b/acsite.m4 index bcd97bf..15f37c1 100644 --- a/acsite.m4 +++ b/acsite.m4 @@ -1142,7 +1142,7 @@ if test -n "$_LT_AC_TAGVAR(hardcode_libdir_flag_spec, $1)" || \ test -n "$_LT_AC_TAGVAR(runpath_var, $1)" || \ test "X$_LT_AC_TAGVAR(hardcode_automatic, $1)" = "Xyes" ; then - # We can hardcode non-existant directories. + # We can hardcode non-existent directories. if test "$_LT_AC_TAGVAR(hardcode_direct, $1)" != no && # If the only mechanism to avoid hardcoding is shlibpath_var, we # have to relink, otherwise we might link with an installed library diff --git a/auth/pam.c b/auth/pam.c index 20dd825..f602478 100644 --- a/auth/pam.c +++ b/auth/pam.c @@ -52,6 +52,15 @@ # include #endif +#ifdef HAVE_DGETTEXT +# include +# if defined(__LINUX_PAM__) +# define PAM_TEXT_DOMAIN "Linux-PAM" +# elif defined(__sun__) +# define PAM_TEXT_DOMAIN "SUNW_OST_SYSOSPAM" +# endif +#endif + #include "sudo.h" #include "sudo_auth.h" @@ -63,7 +72,7 @@ #endif #ifndef lint -__unused static const char rcsid[] = "$Sudo: pam.c,v 1.43.2.7 2007/10/09 00:06:06 millert Exp $"; +__unused static const char rcsid[] = "$Sudo: pam.c,v 1.43.2.9 2007/12/02 17:13:52 millert Exp $"; #endif /* lint */ static int sudo_conv __P((int, PAM_CONST struct pam_message **, @@ -239,27 +248,41 @@ sudo_conv(num_msg, msg, response, appdata_ptr) { struct pam_response *pr; PAM_CONST struct pam_message *pm; - const char *p = def_prompt; + const char *prompt; char *pass; - int n, flags; + int n, flags, std_prompt; extern int nil_pw; if ((*response = malloc(num_msg * sizeof(struct pam_response))) == NULL) return(PAM_CONV_ERR); zero_bytes(*response, num_msg * sizeof(struct pam_response)); + /* Is the sudo prompt standard? (If so, we'l just use PAM's) */ + std_prompt = strncmp(def_prompt, "Password:", 9) == 0 && + (def_prompt[9] == '\0' || + (def_prompt[9] == ' ' && def_prompt[10] == '\0')); + for (pr = *response, pm = *msg, n = num_msg; n--; pr++, pm++) { flags = tgetpass_flags; switch (pm->msg_style) { case PAM_PROMPT_ECHO_ON: SET(flags, TGP_ECHO); case PAM_PROMPT_ECHO_OFF: + prompt = def_prompt; /* Only override PAM prompt if it matches /^Password: ?/ */ - if (strncmp(pm->msg, "Password:", 9) || (pm->msg[9] != '\0' - && (pm->msg[9] != ' ' || pm->msg[10] != '\0'))) - p = pm->msg; +#if defined(PAM_TEXT_DOMAIN) && defined(HAVE_DGETTEXT) + if (!def_passprompt_override && (std_prompt || + (strcmp(pm->msg, dgettext(PAM_TEXT_DOMAIN, "Password: ")) && + strcmp(pm->msg, dgettext(PAM_TEXT_DOMAIN, "Password:"))))) + prompt = pm->msg; +#else + if (!def_passprompt_override && (std_prompt || + strncmp(pm->msg, "Password:", 9) || (pm->msg[9] != '\0' + && (pm->msg[9] != ' ' || pm->msg[10] != '\0')))) + prompt = pm->msg; +#endif /* Read the password. */ - pass = tgetpass(p, def_passwd_timeout * 60, flags); + pass = tgetpass(prompt, def_passwd_timeout * 60, flags); if (pass == NULL) { /* We got ^C instead of a password; abort quickly. */ nil_pw = 1; diff --git a/config.h.in b/config.h.in index a800420..2cf853d 100644 --- a/config.h.in +++ b/config.h.in @@ -81,6 +81,9 @@ /* Define to 1 if your `DIR' contains dd_fd. */ #undef HAVE_DD_FD +/* Define to 1 if you have the `dgettext' function. */ +#undef HAVE_DGETTEXT + /* Define to 1 if you have the header file, and it defines `DIR'. */ #undef HAVE_DIRENT_H @@ -615,6 +618,10 @@ /* Define to `int' if doesn't define. */ #undef uid_t +/* Define to the type of elements in the array set by `getgroups'. + Usually this is either `int' or `gid_t'. */ +#undef GETGROUPS_T + /* Define to empty if the keyword `volatile' does not work. Warning: valid code using `volatile' can become incorrect without. Disable with care. */ #undef volatile diff --git a/configure b/configure index 14fc1ed..dd7fab2 100755 --- a/configure +++ b/configure @@ -809,6 +809,7 @@ SUDO_OBJS SUDO_LIBS NET_LIBS AFS_LIBS +GETGROUPS_LIB OSDEFS AUTH_OBJS MANTYPE @@ -2069,6 +2070,7 @@ echo "$as_me: Configuring Sudo version 1.6.9" >&6;} + timeout=5 @@ -6083,7 +6085,7 @@ ia64-*-hpux*) ;; *-*-irix6*) # Find out which ABI we are using. - echo '#line 6086 "configure"' > conftest.$ac_ext + echo '#line 6088 "configure"' > conftest.$ac_ext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? @@ -7627,11 +7629,11 @@ else -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:7630: $lt_compile\"" >&5) + (eval echo "\"\$as_me:7632: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:7634: \$? = $ac_status" >&5 + echo "$as_me:7636: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -7917,11 +7919,11 @@ else -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:7920: $lt_compile\"" >&5) + (eval echo "\"\$as_me:7922: $lt_compile\"" >&5) (eval "$lt_compile" 2>conftest.err) ac_status=$? cat conftest.err >&5 - echo "$as_me:7924: \$? = $ac_status" >&5 + echo "$as_me:7926: \$? = $ac_status" >&5 if (exit $ac_status) && test -s "$ac_outfile"; then # The compiler can only warn and ignore the option if not recognized # So say no if there are warnings other than the usual output. @@ -8021,11 +8023,11 @@ else -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's:$: $lt_compiler_flag:'` - (eval echo "\"\$as_me:8024: $lt_compile\"" >&5) + (eval echo "\"\$as_me:8026: $lt_compile\"" >&5) (eval "$lt_compile" 2>out/conftest.err) ac_status=$? cat out/conftest.err >&5 - echo "$as_me:8028: \$? = $ac_status" >&5 + echo "$as_me:8030: \$? = $ac_status" >&5 if (exit $ac_status) && test -s out/conftest2.$ac_objext then # The compiler can only warn and ignore the option if not recognized @@ -9734,7 +9736,7 @@ if test -n "$hardcode_libdir_flag_spec" || \ test -n "$runpath_var" || \ test "X$hardcode_automatic" = "Xyes" ; then - # We can hardcode non-existant directories. + # We can hardcode non-existent directories. if test "$hardcode_direct" != no && # If the only mechanism to avoid hardcoding is shlibpath_var, we # have to relink, otherwise we might link with an installed library @@ -10366,7 +10368,7 @@ else lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 lt_status=$lt_dlunknown cat > conftest.$ac_ext < conftest.$ac_ext <&5 +echo $ECHO_N "checking type of array argument to getgroups... $ECHO_C" >&6; } +if test "${ac_cv_type_getgroups+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + if test "$cross_compiling" = yes; then + ac_cv_type_getgroups=cross +else + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +/* Thanks to Mike Rendell for this test. */ +$ac_includes_default +#define NGID 256 +#undef MAX +#define MAX(x, y) ((x) > (y) ? (x) : (y)) + +int +main () +{ + gid_t gidset[NGID]; + int i, n; + union { gid_t gval; long int lval; } val; + + val.lval = -1; + for (i = 0; i < NGID; i++) + gidset[i] = val.gval; + n = getgroups (sizeof (gidset) / MAX (sizeof (int), sizeof (gid_t)) - 1, + gidset); + /* Exit non-zero if getgroups seems to require an array of ints. This + happens when gid_t is short int but getgroups modifies an array + of ints. */ + return n > 0 && gidset[n] != val.gval; +} +_ACEOF +rm -f conftest$ac_exeext +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && { ac_try='./conftest$ac_exeext' + { (case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_try") 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_cv_type_getgroups=gid_t +else + echo "$as_me: program exited with status $ac_status" >&5 +echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +( exit $ac_status ) +ac_cv_type_getgroups=int +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext +fi + + +if test $ac_cv_type_getgroups = cross; then + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "getgroups.*int.*gid_t" >/dev/null 2>&1; then + ac_cv_type_getgroups=gid_t +else + ac_cv_type_getgroups=int +fi +rm -f conftest* + +fi +fi +{ echo "$as_me:$LINENO: result: $ac_cv_type_getgroups" >&5 +echo "${ECHO_T}$ac_cv_type_getgroups" >&6; } + +cat >>confdefs.h <<_ACEOF +#define GETGROUPS_T $ac_cv_type_getgroups +_ACEOF + + +{ echo "$as_me:$LINENO: checking for size_t" >&5 +echo $ECHO_N "checking for size_t... $ECHO_C" >&6; } +if test "${ac_cv_type_size_t+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +$ac_includes_default +typedef size_t ac__type_new_; +int +main () +{ +if ((ac__type_new_ *) 0) + return 0; +if (sizeof (ac__type_new_)) + return 0; + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext +if { (ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_compile") 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then + ac_cv_type_size_t=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_cv_type_size_t=no +fi + +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +{ echo "$as_me:$LINENO: result: $ac_cv_type_size_t" >&5 +echo "${ECHO_T}$ac_cv_type_size_t" >&6; } +if test $ac_cv_type_size_t = yes; then + : +else + +cat >>confdefs.h <<_ACEOF +#define size_t unsigned int +_ACEOF + +fi + +{ echo "$as_me:$LINENO: checking for getgroups" >&5 +echo $ECHO_N "checking for getgroups... $ECHO_C" >&6; } +if test "${ac_cv_func_getgroups+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +/* Define getgroups to an innocuous variant, in case declares getgroups. + For example, HP-UX 11i declares gettimeofday. */ +#define getgroups innocuous_getgroups + +/* System header to define __stub macros and hopefully few prototypes, + which can conflict with char getgroups (); below. + Prefer to if __STDC__ is defined, since + exists even on freestanding compilers. */ + +#ifdef __STDC__ +# include +#else +# include +#endif + +#undef getgroups + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char getgroups (); +/* The GNU C library defines this for functions which it implements + to always fail with ENOSYS. Some functions are actually named + something starting with __ and the normal name is an alias. */ +#if defined __stub_getgroups || defined __stub___getgroups +choke me +#endif + +int +main () +{ +return getgroups (); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then + ac_cv_func_getgroups=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_cv_func_getgroups=no +fi + +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ + conftest$ac_exeext conftest.$ac_ext +fi +{ echo "$as_me:$LINENO: result: $ac_cv_func_getgroups" >&5 +echo "${ECHO_T}$ac_cv_func_getgroups" >&6; } + + +# If we don't yet have getgroups, see if it's in -lbsd. +# This is reported to be necessary on an ITOS 3000WS running SEIUX 3.1. +ac_save_LIBS=$LIBS +if test $ac_cv_func_getgroups = no; then + { echo "$as_me:$LINENO: checking for getgroups in -lbsd" >&5 +echo $ECHO_N "checking for getgroups in -lbsd... $ECHO_C" >&6; } +if test "${ac_cv_lib_bsd_getgroups+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lbsd $LIBS" +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char getgroups (); +int +main () +{ +return getgroups (); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then + ac_cv_lib_bsd_getgroups=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_cv_lib_bsd_getgroups=no +fi + +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ echo "$as_me:$LINENO: result: $ac_cv_lib_bsd_getgroups" >&5 +echo "${ECHO_T}$ac_cv_lib_bsd_getgroups" >&6; } +if test $ac_cv_lib_bsd_getgroups = yes; then + GETGROUPS_LIB=-lbsd +fi + +fi + +# Run the program to test the functionality of the system-supplied +# getgroups function only if there is such a function. +if test $ac_cv_func_getgroups = yes; then + { echo "$as_me:$LINENO: checking for working getgroups" >&5 +echo $ECHO_N "checking for working getgroups... $ECHO_C" >&6; } +if test "${ac_cv_func_getgroups_works+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + if test "$cross_compiling" = yes; then + ac_cv_func_getgroups_works=no +else + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +$ac_includes_default +int +main () +{ +/* On Ultrix 4.3, getgroups (0, 0) always fails. */ + return getgroups (0, 0) == -1; + ; + return 0; +} +_ACEOF +rm -f conftest$ac_exeext +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && { ac_try='./conftest$ac_exeext' + { (case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_try") 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_cv_func_getgroups_works=yes +else + echo "$as_me: program exited with status $ac_status" >&5 +echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +( exit $ac_status ) +ac_cv_func_getgroups_works=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext +fi + + + +fi +{ echo "$as_me:$LINENO: result: $ac_cv_func_getgroups_works" >&5 +echo "${ECHO_T}$ac_cv_func_getgroups_works" >&6; } + if test $ac_cv_func_getgroups_works = yes; then + +cat >>confdefs.h <<\_ACEOF +#define HAVE_GETGROUPS 1 +_ACEOF + + fi +fi +LIBS=$ac_save_LIBS + @@ -19242,6 +19634,174 @@ else echo "${ECHO_T}yes" >&6; } fi + case $host in + *-*-linux*|*-*-solaris*) + +for ac_func in dgettext +do +as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` +{ echo "$as_me:$LINENO: checking for $ac_func" >&5 +echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } +if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +/* Define $ac_func to an innocuous variant, in case declares $ac_func. + For example, HP-UX 11i declares gettimeofday. */ +#define $ac_func innocuous_$ac_func + +/* System header to define __stub macros and hopefully few prototypes, + which can conflict with char $ac_func (); below. + Prefer to if __STDC__ is defined, since + exists even on freestanding compilers. */ + +#ifdef __STDC__ +# include +#else +# include +#endif + +#undef $ac_func + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char $ac_func (); +/* The GNU C library defines this for functions which it implements + to always fail with ENOSYS. Some functions are actually named + something starting with __ and the normal name is an alias. */ +#if defined __stub_$ac_func || defined __stub___$ac_func +choke me +#endif + +int +main () +{ +return $ac_func (); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then + eval "$as_ac_var=yes" +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + eval "$as_ac_var=no" +fi + +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ + conftest$ac_exeext conftest.$ac_ext +fi +ac_res=`eval echo '${'$as_ac_var'}'` + { echo "$as_me:$LINENO: result: $ac_res" >&5 +echo "${ECHO_T}$ac_res" >&6; } +if test `eval echo '${'$as_ac_var'}'` = yes; then + cat >>confdefs.h <<_ACEOF +#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +else + { echo "$as_me:$LINENO: checking for dgettext in -lintl" >&5 +echo $ECHO_N "checking for dgettext in -lintl... $ECHO_C" >&6; } +if test "${ac_cv_lib_intl_dgettext+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lintl $LIBS" +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char dgettext (); +int +main () +{ +return dgettext (); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 + (eval "$ac_link") 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && + $as_test_x conftest$ac_exeext; then + ac_cv_lib_intl_dgettext=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_cv_lib_intl_dgettext=no +fi + +rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ echo "$as_me:$LINENO: result: $ac_cv_lib_intl_dgettext" >&5 +echo "${ECHO_T}$ac_cv_lib_intl_dgettext" >&6; } +if test $ac_cv_lib_intl_dgettext = yes; then + LIBS="${LIBS} -lintl" + cat >>confdefs.h <<\_ACEOF +#define HAVE_DGETTEXT 1 +_ACEOF + +fi + +fi +done + + ;; + esac fi fi @@ -22723,6 +23283,7 @@ SUDO_OBJS!$SUDO_OBJS$ac_delim SUDO_LIBS!$SUDO_LIBS$ac_delim NET_LIBS!$NET_LIBS$ac_delim AFS_LIBS!$AFS_LIBS$ac_delim +GETGROUPS_LIB!$GETGROUPS_LIB$ac_delim OSDEFS!$OSDEFS$ac_delim AUTH_OBJS!$AUTH_OBJS$ac_delim MANTYPE!$MANTYPE$ac_delim @@ -22772,7 +23333,6 @@ OBJEXT!$OBJEXT$ac_delim CPP!$CPP$ac_delim build!$build$ac_delim build_cpu!$build_cpu$ac_delim -build_vendor!$build_vendor$ac_delim _ACEOF if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 97; then @@ -22814,6 +23374,7 @@ _ACEOF ac_delim='%!_!# ' for ac_last_try in false false false false false :; do cat >conf$$subs.sed <<_ACEOF +build_vendor!$build_vendor$ac_delim build_os!$build_os$ac_delim host!$host$ac_delim host_cpu!$host_cpu$ac_delim @@ -22842,7 +23403,7 @@ KRB5CONFIG!$KRB5CONFIG$ac_delim LTLIBOBJS!$LTLIBOBJS$ac_delim _ACEOF - if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 26; then + if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 27; then break elif $ac_last_try; then { { echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5 @@ -23446,6 +24007,8 @@ fi + + diff --git a/configure.in b/configure.in index 196f8a0..b87a863 100644 --- a/configure.in +++ b/configure.in @@ -1,6 +1,6 @@ dnl dnl Process this file with GNU autoconf to produce a configure script. -dnl $Sudo: configure.in,v 1.413.2.27 2007/10/24 16:43:25 millert Exp $ +dnl $Sudo: configure.in,v 1.413.2.30 2007/12/02 00:35:20 millert Exp $ dnl dnl Copyright (c) 1994-1996,1998-2007 Todd C. Miller dnl @@ -24,6 +24,7 @@ AC_SUBST(LIBS) AC_SUBST(SUDO_LIBS) AC_SUBST(NET_LIBS) AC_SUBST(AFS_LIBS) +AC_SUBST(GETGROUPS_LIB) AC_SUBST(OSDEFS) AC_SUBST(AUTH_OBJS) AC_SUBST(MANTYPE) @@ -1677,6 +1678,7 @@ esac dnl dnl Function checks dnl +AC_FUNC_GETGROUPS AC_CHECK_FUNCS(strchr strrchr memchr memcpy memset sysconf tzset \ strftime setrlimit initgroups getgroups fstat gettimeofday \ setlocale getaddrinfo) @@ -1833,6 +1835,13 @@ if test ${with_pam-"no"} != "no"; then AC_MSG_WARN([Ignoring unknown argument to --enable-pam-session: $enableval]) ;; esac], AC_MSG_RESULT(yes)) + case $host in + *-*-linux*|*-*-solaris*) + AC_CHECK_FUNCS(dgettext, [], + [AC_CHECK_LIB(intl, dgettext, [LIBS="${LIBS} -lintl"] + [AC_DEFINE(HAVE_DGETTEXT)])]) + ;; + esac fi fi @@ -2395,6 +2404,7 @@ AH_TEMPLATE(HAVE_BSD_AUTH_H, [Define to 1 if you use BSD authentication.]) AH_TEMPLATE(HAVE_DCE, [Define to 1 if you use OSF DCE.]) AH_TEMPLATE(HAVE_DD_FD, [Define to 1 if your `DIR' contains dd_fd.]) AH_TEMPLATE(HAVE_DIRFD, [Define to 1 if you have the `dirfd' function or macro.]) +AH_TEMPLATE(HAVE_DGETTEXT, [Define to 1 if you have the `dgettext' function.]) AH_TEMPLATE(HAVE_DISPCRYPT, [Define to 1 if you have the `dispcrypt' function.]) AH_TEMPLATE(HAVE_EXTENDED_GLOB, [Define to 1 if your glob.h defines the GLOB_BRACE and GLOB_TILDE flags.]) AH_TEMPLATE(HAVE_FCNTL_CLOSEM, [Define to 1 if your system has the F_CLOSEM fcntl.]) diff --git a/def_data.c b/def_data.c index b1bf17a..944a55c 100644 --- a/def_data.c +++ b/def_data.c @@ -210,6 +210,10 @@ struct sudo_defs_types sudo_defs_table[] = { "passprompt", T_STR, "Default password prompt: %s", NULL, + }, { + "passprompt_override", T_FLAG, + "If set, passprompt will override system prompt in all cases.", + NULL, }, { "runas_default", T_STR, "Default user to run commands as: %s", diff --git a/def_data.h b/def_data.h index 1cb00ff..13d81bf 100644 --- a/def_data.h +++ b/def_data.h @@ -92,30 +92,32 @@ #define I_EXEMPT_GROUP 45 #define def_passprompt (sudo_defs_table[46].sd_un.str) #define I_PASSPROMPT 46 -#define def_runas_default (sudo_defs_table[47].sd_un.str) -#define I_RUNAS_DEFAULT 47 -#define def_editor (sudo_defs_table[48].sd_un.str) -#define I_EDITOR 48 -#define def_listpw (sudo_defs_table[49].sd_un.tuple) -#define I_LISTPW 49 -#define def_verifypw (sudo_defs_table[50].sd_un.tuple) -#define I_VERIFYPW 50 -#define def_noexec (sudo_defs_table[51].sd_un.flag) -#define I_NOEXEC 51 -#define def_noexec_file (sudo_defs_table[52].sd_un.str) -#define I_NOEXEC_FILE 52 -#define def_ignore_local_sudoers (sudo_defs_table[53].sd_un.flag) -#define I_IGNORE_LOCAL_SUDOERS 53 -#define def_setenv (sudo_defs_table[54].sd_un.flag) -#define I_SETENV 54 -#define def_env_reset (sudo_defs_table[55].sd_un.flag) -#define I_ENV_RESET 55 -#define def_env_check (sudo_defs_table[56].sd_un.list) -#define I_ENV_CHECK 56 -#define def_env_delete (sudo_defs_table[57].sd_un.list) -#define I_ENV_DELETE 57 -#define def_env_keep (sudo_defs_table[58].sd_un.list) -#define I_ENV_KEEP 58 +#define def_passprompt_override (sudo_defs_table[47].sd_un.flag) +#define I_PASSPROMPT_OVERRIDE 47 +#define def_runas_default (sudo_defs_table[48].sd_un.str) +#define I_RUNAS_DEFAULT 48 +#define def_editor (sudo_defs_table[49].sd_un.str) +#define I_EDITOR 49 +#define def_listpw (sudo_defs_table[50].sd_un.tuple) +#define I_LISTPW 50 +#define def_verifypw (sudo_defs_table[51].sd_un.tuple) +#define I_VERIFYPW 51 +#define def_noexec (sudo_defs_table[52].sd_un.flag) +#define I_NOEXEC 52 +#define def_noexec_file (sudo_defs_table[53].sd_un.str) +#define I_NOEXEC_FILE 53 +#define def_ignore_local_sudoers (sudo_defs_table[54].sd_un.flag) +#define I_IGNORE_LOCAL_SUDOERS 54 +#define def_setenv (sudo_defs_table[55].sd_un.flag) +#define I_SETENV 55 +#define def_env_reset (sudo_defs_table[56].sd_un.flag) +#define I_ENV_RESET 56 +#define def_env_check (sudo_defs_table[57].sd_un.list) +#define I_ENV_CHECK 57 +#define def_env_delete (sudo_defs_table[58].sd_un.list) +#define I_ENV_DELETE 58 +#define def_env_keep (sudo_defs_table[59].sd_un.list) +#define I_ENV_KEEP 59 enum def_tupple { never, diff --git a/def_data.in b/def_data.in index 09500d4..47370b8 100644 --- a/def_data.in +++ b/def_data.in @@ -149,6 +149,9 @@ exempt_group passprompt T_STR "Default password prompt: %s" +passprompt_override + T_FLAG + "If set, passprompt will override system prompt in all cases." runas_default T_STR "Default user to run commands as: %s" diff --git a/glob.c b/glob.c index 3c32e05..5319c13 100644 --- a/glob.c +++ b/glob.c @@ -125,7 +125,7 @@ #define M_MASK 0xffff #define M_ASCII 0x00ff -typedef u_short Char; +typedef unsigned short Char; #else @@ -151,7 +151,7 @@ typedef char Char; static int compare __P((const void *, const void *)); -static int g_Ctoc __P((const Char *, char *, u_int)); +static int g_Ctoc __P((const Char *, char *, unsigned int)); static int g_lstat __P((Char *, struct stat *, glob_t *)); static DIR *g_opendir __P((Char *, glob_t *)); static Char *g_strchr __P((Char *, int)); @@ -178,11 +178,11 @@ glob(pattern, flags, errfunc, pglob) int flags, (*errfunc) __P((const char *, int)); glob_t *pglob; { - const u_char *patnext; + const unsigned char *patnext; int c; Char *bufnext, *bufend, patbuf[PATH_MAX]; - patnext = (u_char *) pattern; + patnext = (unsigned char *) pattern; if (!(flags & GLOB_APPEND)) { pglob->gl_pathc = 0; pglob->gl_pathv = NULL; @@ -627,14 +627,14 @@ glob3(pathbuf, pathbuf_last, pathend, pathend_last, pattern, pattern_last, /* Search directory for matching names. */ while ((dp = readdir(dirp))) { - u_char *sc; + unsigned char *sc; Char *dc; /* Initial DOT must be matched literally. */ if (dp->d_name[0] == DOT && *pattern != DOT) continue; dc = pathend; - sc = (u_char *) dp->d_name; + sc = (unsigned char *) dp->d_name; while (dc < pathend_last && (*dc++ = *sc++) != EOS) continue; if (dc >= pathend_last) { @@ -678,7 +678,7 @@ globextend(path, pglob) { char **pathv; int i; - u_int newsize, len; + unsigned int newsize, len; char *copy; const Char *p; @@ -845,7 +845,7 @@ static int g_Ctoc(str, buf, len) const Char *str; char *buf; - u_int len; + unsigned int len; { while (len--) { diff --git a/interfaces.c b/interfaces.c index f03acc0..87abfaa 100644 --- a/interfaces.c +++ b/interfaces.c @@ -19,7 +19,7 @@ */ /* - * Supress a warning w/ gcc on Digital UN*X. + * Suppress a warning w/ gcc on Digital UN*X. * The system headers should really do this.... */ #if defined(__osf__) && !defined(__cplusplus) @@ -89,7 +89,7 @@ struct rtentry; #include "interfaces.h" #ifndef lint -__unused static const char rcsid[] = "$Sudo: interfaces.c,v 1.72.2.7 2007/10/24 16:43:26 millert Exp $"; +__unused static const char rcsid[] = "$Sudo: interfaces.c,v 1.72.2.8 2007/11/27 17:06:53 millert Exp $"; #endif /* lint */ diff --git a/ldap.c b/ldap.c index fb7e9f2..14d046c 100644 --- a/ldap.c +++ b/ldap.c @@ -65,7 +65,7 @@ #include "parse.h" #ifndef lint -__unused static const char rcsid[] = "$Sudo: ldap.c,v 1.11.2.16 2007/09/04 14:58:46 millert Exp $"; +__unused static const char rcsid[] = "$Sudo: ldap.c,v 1.11.2.20 2007/11/27 17:06:54 millert Exp $"; #endif /* lint */ #ifndef LINE_MAX @@ -163,7 +163,7 @@ sudo_ldap_check_host(ld, entry) /* walk through values */ for (p = v; p && *p && !ret; p++) { /* match any or address or netgroup or hostname */ - if (!strcasecmp(*p, "ALL") || addr_matches(*p) || + if (!strcmp(*p, "ALL") || addr_matches(*p) || netgr_matches(*p, user_host, user_shost, NULL) || !hostname_matches(user_shost, user_host, *p)) ret = TRUE; @@ -257,9 +257,10 @@ sudo_ldap_check_runas(ld, entry) * Walk through search results and return TRUE if we have a command match. */ int -sudo_ldap_check_command(ld, entry) +sudo_ldap_check_command(ld, entry, setenv_implied) LDAP *ld; LDAPMessage *entry; + int *setenv_implied; { char *allowed_cmnd, *allowed_args, **v = NULL, **p = NULL; int foundbang, ret = FALSE; @@ -272,8 +273,10 @@ sudo_ldap_check_command(ld, entry) /* get_first_entry */ for (p = v; p && *p && ret >= 0; p++) { /* Match against ALL ? */ - if (!strcasecmp(*p, "ALL")) { + if (!strcmp(*p, "ALL")) { ret = TRUE; + if (setenv_implied != NULL) + *setenv_implied = TRUE; DPRINTF(("ldap sudoCommand '%s' ... MATCH!", *p), 2); continue; } @@ -666,7 +669,7 @@ char * /* paste values together */ for (p = v; p && *p; p++) { if (p != v && sep != NULL) - ncat(&b, &sz, sep); /* append seperator */ + ncat(&b, &sz, sep); /* append separator */ ncat(&b, &sz, *p); /* append value */ } @@ -919,6 +922,7 @@ sudo_ldap_check(pwflag) LDAPMessage *entry = NULL, *result = NULL; /* used for searches */ char *filt; /* used to parse attributes */ int rc, ret = FALSE, do_netgr; /* temp/final return values */ + int setenv_implied; int ldap_user_matches = FALSE, ldap_host_matches = FALSE; /* flags */ /* Open a connection to the LDAP server. */ @@ -942,7 +946,7 @@ sudo_ldap_check(pwflag) * user netgroups. Then we take the netgroups returned and * try to match them against the username. */ - + setenv_implied = FALSE; for (do_netgr = 0; !ret && do_netgr < 2; do_netgr++) { filt = do_netgr ? estrdup("sudoUser=+*") : sudo_ldap_build_pass1(); DPRINTF(("ldap search '%s'", filt), 1); @@ -968,13 +972,15 @@ sudo_ldap_check(pwflag) /* add matches for listing later */ sudo_ldap_add_match(ld, entry, pwflag) && /* verify command match */ - sudo_ldap_check_command(ld, entry) && + sudo_ldap_check_command(ld, entry, &setenv_implied) && /* verify runas match */ sudo_ldap_check_runas(ld, entry) ) { /* We have a match! */ DPRINTF(("Perfect Matched!"), 1); /* pick up any options */ + if (setenv_implied) + def_setenv = TRUE; sudo_ldap_parse_options(ld, entry); /* make sure we don't reenter loop */ ret = VALIDATE_OK; diff --git a/logging.c b/logging.c index f6f5b14..b03a402 100644 --- a/logging.c +++ b/logging.c @@ -60,7 +60,7 @@ #include "sudo.h" #ifndef lint -__unused static const char rcsid[] = "$Sudo: logging.c,v 1.168.2.12 2007/08/08 20:07:45 millert Exp $"; +__unused static const char rcsid[] = "$Sudo: logging.c,v 1.168.2.13 2007/11/25 13:07:38 millert Exp $"; #endif /* lint */ static void do_syslog __P((int, char *)); @@ -370,9 +370,8 @@ log_error(flags, fmt, va_alist) va_start(ap); #endif - /* Become root if we are not already to avoid user control */ - if (geteuid() != 0) - set_perms(PERM_ROOT); + /* Become root if we are not already to avoid user interference */ + set_perms(PERM_ROOT); /* Expand printf-style format + args. */ evasprintf(&message, fmt, ap); diff --git a/memrchr.c b/memrchr.c index 9a5cfd0..7d0554d 100644 --- a/memrchr.c +++ b/memrchr.c @@ -19,7 +19,7 @@ #include #ifndef lint -__unused static const char rcsid[] = "$Sudo: memrchr.c,v 1.1.2.2 2007/06/19 21:00:35 millert Exp $"; +__unused static const char rcsid[] = "$Sudo: memrchr.c,v 1.1.2.3 2007/11/27 17:06:54 millert Exp $"; #endif /* lint */ #include @@ -27,7 +27,7 @@ __unused static const char rcsid[] = "$Sudo: memrchr.c,v 1.1.2.2 2007/06/19 21:0 /* * Reverse memchr() - * Find the last occurence of 'c' in the buffer 's' of size 'n'. + * Find the last occurrence of 'c' in the buffer 's' of size 'n'. */ VOID * memrchr(s, c, n) diff --git a/parse.yacc b/parse.yacc index 7684fb8..4137d81 100644 --- a/parse.yacc +++ b/parse.yacc @@ -69,7 +69,7 @@ #endif /* HAVE_LSEARCH */ #ifndef lint -__unused static const char rcsid[] = "$Sudo: parse.yacc,v 1.204.2.8 2007/11/02 19:09:01 millert Exp $"; +__unused static const char rcsid[] = "$Sudo: parse.yacc,v 1.204.2.9 2007/11/21 18:15:49 millert Exp $"; #endif /* lint */ /* @@ -104,6 +104,9 @@ int used_runas = FALSE; (_var) = NOMATCH; \ } while (0) +#define SETENV_RESET \ + if (setenv_ok == IMPLIED) setenv_ok = def_setenv ? TRUE : UNSPEC + /* * The matching stack, initial space allocated in init_parser(). */ @@ -440,7 +443,7 @@ cmndspeclist : cmndspec | cmndspeclist ',' cmndspec ; -cmndspec : runasspec cmndtag opcmnd { +cmndspec : { SETENV_RESET; } runasspec cmndtag opcmnd { /* * Push the entry onto the stack if it is worth * saving and reset cmnd_matches for next cmnd. @@ -692,6 +695,9 @@ cmnd : ALL { expand_match_list(); } } + /* sudo "ALL" implies the SETENV tag */ + if (setenv_ok == UNSPEC) + setenv_ok = IMPLIED; efree(safe_cmnd); safe_cmnd = NULL; diff --git a/set_perms.c b/set_perms.c index 532964f..77c68e9 100644 --- a/set_perms.c +++ b/set_perms.c @@ -57,7 +57,7 @@ #include "sudo.h" #ifndef lint -__unused static const char rcsid[] = "$Sudo: set_perms.c,v 1.30.2.4 2007/07/06 14:16:22 millert Exp $"; +__unused static const char rcsid[] = "$Sudo: set_perms.c,v 1.30.2.7 2007/11/27 23:41:23 millert Exp $"; #endif /* lint */ #ifdef __TANDEM @@ -70,6 +70,10 @@ __unused static const char rcsid[] = "$Sudo: set_perms.c,v 1.30.2.4 2007/07/06 1 * Prototypes */ static void runas_setup __P((void)); +static void runas_setgroups __P((void)); +static void restore_groups __P((void)); + +static int current_perm = -1; #ifdef HAVE_SETRESUID /* @@ -82,11 +86,16 @@ void set_perms(perm) int perm; { + if (perm == current_perm) + return; + switch (perm) { case PERM_ROOT: if (setresuid(ROOT_UID, ROOT_UID, ROOT_UID)) errx(1, "setresuid(ROOT_UID, ROOT_UID, ROOT_UID) failed, your operating system may have a broken setresuid() function\nTry running configure with --disable-setresuid"); (void) setresgid(-1, user_gid, -1); + if (current_perm == PERM_RUNAS) + restore_groups(); break; case PERM_USER: @@ -103,6 +112,7 @@ set_perms(perm) break; case PERM_RUNAS: + runas_setgroups(); (void) setresgid(-1, runas_pw->pw_gid, -1); if (setresuid(-1, runas_pw->pw_uid, -1)) err(1, "unable to change to runas uid"); @@ -142,6 +152,8 @@ set_perms(perm) err(1, "setresuid(ROOT_UID, timestamp_uid, ROOT_UID)"); break; } + + current_perm = perm; } #else @@ -157,6 +169,9 @@ void set_perms(perm) int perm; { + if (perm == current_perm) + return; + switch (perm) { case PERM_ROOT: if (setreuid(-1, ROOT_UID)) @@ -164,6 +179,8 @@ set_perms(perm) if (setuid(ROOT_UID)) err(1, "setuid(ROOT_UID)"); (void) setregid(-1, user_gid); + if (current_perm == PERM_RUNAS) + restore_groups(); break; case PERM_USER: @@ -180,6 +197,7 @@ set_perms(perm) break; case PERM_RUNAS: + runas_setgroups(); (void) setregid(-1, runas_pw->pw_gid); if (setreuid(-1, runas_pw->pw_uid)) err(1, "unable to change to runas uid"); @@ -218,6 +236,8 @@ set_perms(perm) err(1, "setreuid(ROOT_UID, timestamp_uid)"); break; } + + current_perm = perm; } # else /* !HAVE_SETRESUID && !HAVE_SETREUID */ @@ -231,6 +251,9 @@ void set_perms(perm) int perm; { + if (perm == current_perm) + return; + /* * Since we only have setuid() and seteuid() and semantics * for these calls differ on various systems, we set @@ -245,6 +268,8 @@ set_perms(perm) case PERM_ROOT: /* uid set above */ (void) setegid(user_gid); + if (current_perm == PERM_RUNAS) + restore_groups(); break; case PERM_USER: @@ -261,6 +286,7 @@ set_perms(perm) break; case PERM_RUNAS: + runas_setgroups(); (void) setegid(runas_pw->pw_gid); if (seteuid(runas_pw->pw_uid)) err(1, "unable to change to runas uid"); @@ -297,6 +323,8 @@ set_perms(perm) err(1, "seteuid(timestamp_uid)"); break; } + + current_perm = perm; } # else /* !HAVE_SETRESUID && !HAVE_SETREUID && !HAVE_SETEUID */ @@ -310,11 +338,15 @@ void set_perms(perm) int perm; { + if (perm == current_perm) + return; switch (perm) { case PERM_ROOT: if (setuid(ROOT_UID)) err(1, "setuid(ROOT_UID)"); + if (current_perm == PERM_RUNAS) + restore_groups(); break; case PERM_FULL_USER: @@ -336,11 +368,65 @@ set_perms(perm) /* Unsupported since we can't set euid. */ break; } + + current_perm = perm; } # endif /* HAVE_SETEUID */ # endif /* HAVE_SETREUID */ #endif /* HAVE_SETRESUID */ +#ifdef HAVE_INITGROUPS +static void +runas_setgroups() +{ + static int ngroups = -1; + static GETGROUPS_T *groups; + struct passwd *pw; + + if (def_preserve_groups) + return; + + /* + * Use stashed copy of runas groups if available, else initgroups and stash. + */ + if (ngroups == -1) { + pw = runas_pw ? runas_pw : sudo_user.pw; + if (initgroups(pw->pw_name, pw->pw_gid) < 0) + log_error(USE_ERRNO|MSG_ONLY, "can't set runas group vector"); + if ((ngroups = getgroups(0, NULL)) < 0) + log_error(USE_ERRNO|MSG_ONLY, "can't get runas ngroups"); + groups = emalloc2(ngroups, sizeof(GETGROUPS_T)); + if (getgroups(ngroups, groups) < 0) + log_error(USE_ERRNO|MSG_ONLY, "can't get runas group vector"); + } else { + if (setgroups(ngroups, groups) < 0) + log_error(USE_ERRNO|MSG_ONLY, "can't set runas group vector"); + } +} + +static void +restore_groups() +{ + if (setgroups(user_ngroups, user_groups) < 0) + log_error(USE_ERRNO|MSG_ONLY, "can't reset user group vector"); +} + +#else + +static void +runas_setgroups() +{ + /* STUB */ +} + +static void +restore_groups() +{ + /* STUB */ +} + +#endif /* HAVE_INITGROUPS */ + static void runas_setup() { @@ -357,10 +443,7 @@ runas_setup() #ifdef HAVE_LOGIN_CAP_H if (def_use_loginclass) { /* - * We don't have setusercontext() set the user since we - * may only want to set the effective uid. Depending on - * sudoers and/or command line arguments we may not want - * setusercontext() to call initgroups(). + * We only use setusercontext() set the nice value and rlimits. */ flags = LOGIN_SETRESOURCES|LOGIN_SETPRIORITY; if (!def_preserve_groups) @@ -373,19 +456,13 @@ runas_setup() else warn("unable to set user context"); } - } else -#endif /* HAVE_LOGIN_CAP_H */ - { - if (setgid(runas_pw->pw_gid)) - warn("cannot set gid to runas gid"); -#ifdef HAVE_INITGROUPS - /* - * Initialize group vector unless asked not to. - */ - if (!def_preserve_groups && - initgroups(*user_runas, runas_pw->pw_gid) < 0) - warn("cannot set group vector"); -#endif /* HAVE_INITGROUPS */ } +#endif /* HAVE_LOGIN_CAP_H */ + if (setgid(runas_pw->pw_gid)) + warn("cannot set gid to runas gid"); + /* + * Initialize group vector unless asked not to. + */ + runas_setgroups(); } } diff --git a/sudo.c b/sudo.c index 4e201d1..d98d8c8 100644 --- a/sudo.c +++ b/sudo.c @@ -102,7 +102,7 @@ #include "version.h" #ifndef lint -__unused __unused static const char rcsid[] = "$Sudo: sudo.c,v 1.369.2.31 2007/09/13 23:06:51 millert Exp $"; +__unused __unused static const char rcsid[] = "$Sudo: sudo.c,v 1.369.2.33 2007/12/02 17:13:52 millert Exp $"; #endif /* lint */ /* @@ -596,7 +596,7 @@ init_vars(sudo_mode, envp) #ifdef HAVE_GETGROUPS if ((user_ngroups = getgroups(0, NULL)) > 0) { - user_groups = emalloc2(user_ngroups, MAX(sizeof(gid_t), sizeof(int))); + user_groups = emalloc2(user_ngroups, sizeof(GETGROUPS_T)); if (getgroups(user_ngroups, user_groups) < 0) log_error(USE_ERRNO|MSG_ONLY, "can't get group vector"); } else @@ -740,6 +740,7 @@ parse_args(argc, argv) usage(1); user_prompt = NewArgv[1]; + def_passprompt_override = TRUE; NewArgc--; NewArgv++; diff --git a/sudo.cat b/sudo.cat index 036f360..b49f5d3 100644 --- a/sudo.cat +++ b/sudo.cat @@ -61,7 +61,7 @@ DDEESSCCRRIIPPTTIIOONN -1.6.9p8 November 2, 2007 1 +1.6.9p8 December 3, 2007 1 @@ -127,7 +127,7 @@ OOPPTTIIOONNSS -1.6.9p8 November 2, 2007 2 +1.6.9p8 December 3, 2007 2 @@ -193,7 +193,7 @@ SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) -1.6.9p8 November 2, 2007 3 +1.6.9p8 December 3, 2007 3 @@ -259,7 +259,7 @@ SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) -1.6.9p8 November 2, 2007 4 +1.6.9p8 December 3, 2007 4 @@ -281,9 +281,10 @@ SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) passed on the command line are subject to the same restrictions as normal environment variables with one important exception. If the _s_e_t_e_n_v option is set in _s_u_d_o_­ - _e_r_s or the command to be run has the SETENV tag set the - user may set variables that would overwise be forbidden. - See _s_u_d_o_e_r_s(4) for more information. + _e_r_s, the command to be run has the SETENV tag set or the + command matched is ALL, the user may set variables that + would overwise be forbidden. See _s_u_d_o_e_r_s(4) for more + information. RREETTUURRNN VVAALLUUEESS Upon successful execution of a program, the return value @@ -321,11 +322,10 @@ SSEECCUURRIITTYY NNOOTTEESS cess. In this case, _e_n_v___c_h_e_c_k and _e_n_v___d_e_l_e_t_e behave like a blacklist. Since it is not possible to blacklist all potentially dangerous environment variables, use of the - default _e_n_v___r_e_s_e_t behavior is encouraged. -1.6.9p8 November 2, 2007 5 +1.6.9p8 December 3, 2007 5 @@ -334,6 +334,8 @@ SSEECCUURRIITTYY NNOOTTEESS SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) + default _e_n_v___r_e_s_e_t behavior is encouraged. + In all cases, environment variables with a value beginning with () are removed as they could be interpreted as bbaasshh functions. The list of environment variables that ssuuddoo @@ -386,12 +388,10 @@ SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) Please note that ssuuddoo will normally only log the command it explicitly runs. If a user runs a command such as sudo su or sudo sh, subsequent commands run from that shell - will _n_o_t be logged, nor will ssuuddoo's access control affect - them. The same is true for commands that offer shell -1.6.9p8 November 2, 2007 6 +1.6.9p8 December 3, 2007 6 @@ -400,6 +400,8 @@ SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) + will _n_o_t be logged, nor will ssuuddoo's access control affect + them. The same is true for commands that offer shell escapes (including most editors). Because of this, care must be taken when giving users access to commands via ssuuddoo to verify that the command does not inadvertently @@ -452,12 +454,10 @@ EEXXAAMMPPLLEESS Note: the following examples assume suitable _s_u_d_o_e_r_s(4) entries. - To get a file listing of an unreadable directory: - -1.6.9p8 November 2, 2007 7 +1.6.9p8 December 3, 2007 7 @@ -466,6 +466,8 @@ EEXXAAMMPPLLEESS SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) + To get a file listing of an unreadable directory: + $ sudo ls /usr/local/protected To list the home directory of user yazza on a machine @@ -518,12 +520,10 @@ CCAAVVEEAATTSS $ sudo cd /usr/local/protected since when the command exits the parent process (your - shell) will still be the same. Please see the EXAMPLES - section for more information. -1.6.9p8 November 2, 2007 8 +1.6.9p8 December 3, 2007 8 @@ -532,6 +532,9 @@ CCAAVVEEAATTSS SUDO(1m) MAINTENANCE COMMANDS SUDO(1m) + shell) will still be the same. Please see the EXAMPLES + section for more information. + If users have sudo ALL there is nothing to prevent them from creating their own program that gives them a root shell regardless of any '!' elements in the user specifi­ @@ -586,9 +589,6 @@ DDIISSCCLLAAIIMMEERR - - - -1.6.9p8 November 2, 2007 9 +1.6.9p8 December 3, 2007 9 diff --git a/sudo.h b/sudo.h index 35fbd16..665deb6 100644 --- a/sudo.h +++ b/sudo.h @@ -17,7 +17,7 @@ * Agency (DARPA) and Air Force Research Laboratory, Air Force * Materiel Command, USAF, under agreement number F39502-99-1-0512. * - * $Sudo: sudo.h,v 1.209.2.11 2007/09/13 23:06:51 millert Exp $ + * $Sudo: sudo.h,v 1.209.2.13 2007/11/27 23:41:23 millert Exp $ */ #ifndef _SUDO_SUDO_H @@ -51,7 +51,7 @@ struct sudo_user { char *cmnd_safe; char *class_name; int ngroups; - gid_t *groups; + GETGROUPS_T *groups; struct list_member *env_vars; }; @@ -78,6 +78,8 @@ struct sudo_user { #define TRUE 1 #undef FALSE #define FALSE 0 +#undef IMPLIED +#define IMPLIED 2 #undef NOMATCH #define NOMATCH -1 #undef UNSPEC diff --git a/sudo.man.in b/sudo.man.in index 48c9b16..5738bbb 100644 --- a/sudo.man.in +++ b/sudo.man.in @@ -18,7 +18,7 @@ .\" Agency (DARPA) and Air Force Research Laboratory, Air Force .\" Materiel Command, USAF, under agreement number F39502-99-1-0512. .\" -.\" $Sudo: sudo.man.in,v 1.29.2.15 2007/11/02 19:15:16 millert Exp $ +.\" $Sudo: sudo.man.in,v 1.29.2.16 2007/12/03 10:27:12 millert Exp $ .\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.32 .\" .\" Standard preamble: @@ -150,7 +150,7 @@ .\" ======================================================================== .\" .IX Title "SUDO @mansectsu@" -.TH SUDO @mansectsu@ "November 2, 2007" "1.6.9p8" "MAINTENANCE COMMANDS" +.TH SUDO @mansectsu@ "December 3, 2007" "1.6.9p8" "MAINTENANCE COMMANDS" .SH "NAME" sudo, sudoedit \- execute a command as another user .SH "SYNOPSIS" @@ -395,9 +395,9 @@ on the command line in the form of \fB\s-1VAR\s0\fR=\fIvalue\fR, e.g. \&\fB\s-1LD_LIBRARY_PATH\s0\fR=\fI/usr/local/pkg/lib\fR. Variables passed on the command line are subject to the same restrictions as normal environment variables with one important exception. If the \fIsetenv\fR option -is set in \fIsudoers\fR or the command to be run has the \f(CW\*(C`SETENV\*(C'\fR tag -set the user may set variables that would overwise be forbidden. -See \fIsudoers\fR\|(@mansectform@) for more information. +is set in \fIsudoers\fR, the command to be run has the \f(CW\*(C`SETENV\*(C'\fR tag +set or the command matched is \f(CW\*(C`ALL\*(C'\fR, the user may set variables +that would overwise be forbidden. See \fIsudoers\fR\|(@mansectform@) for more information. .SH "RETURN VALUES" .IX Header "RETURN VALUES" Upon successful execution of a program, the return value from \fBsudo\fR diff --git a/sudo.pod b/sudo.pod index 694ae36..8f06797 100644 --- a/sudo.pod +++ b/sudo.pod @@ -19,7 +19,7 @@ Sponsored in part by the Defense Advanced Research Projects Agency (DARPA) and Air Force Research Laboratory, Air Force Materiel Command, USAF, under agreement number F39502-99-1-0512. -$Sudo: sudo.pod,v 1.70.2.18 2007/08/13 16:23:31 millert Exp $ +$Sudo: sudo.pod,v 1.70.2.19 2007/11/21 19:26:10 millert Exp $ =pod =head1 NAME @@ -301,9 +301,9 @@ on the command line in the form of B=I, e.g. B=I. Variables passed on the command line are subject to the same restrictions as normal environment variables with one important exception. If the I option -is set in I or the command to be run has the C tag -set the user may set variables that would overwise be forbidden. -See L for more information. +is set in I, the command to be run has the C tag +set or the command matched is C, the user may set variables +that would overwise be forbidden. See L for more information. =head1 RETURN VALUES diff --git a/sudo.tab.c b/sudo.tab.c index 1d4b9b7..efb314f 100644 --- a/sudo.tab.c +++ b/sudo.tab.c @@ -87,7 +87,7 @@ static char yyrcsid[] #endif /* HAVE_LSEARCH */ #ifndef lint -__unused static const char rcsid[] = "$Sudo: sudo.tab.c,v 1.76.2.7 2007/11/02 19:09:22 millert Exp $"; +__unused static const char rcsid[] = "$Sudo: sudo.tab.c,v 1.76.2.8 2007/11/21 18:15:49 millert Exp $"; #endif /* lint */ /* @@ -122,6 +122,9 @@ int used_runas = FALSE; (_var) = NOMATCH; \ } while (0) +#define SETENV_RESET \ + if (setenv_ok == IMPLIED) setenv_ok = def_setenv ? TRUE : UNSPEC + /* * The matching stack, initial space allocated in init_parser(). */ @@ -234,7 +237,7 @@ yyerror(s) } parse_error = TRUE; } -#line 221 "parse.yacc" +#line 224 "parse.yacc" #ifndef YYSTYPE_DEFINED #define YYSTYPE_DEFINED typedef union { @@ -244,7 +247,7 @@ typedef union { int tok; } YYSTYPE; #endif /* YYSTYPE_DEFINED */ -#line 248 "sudo.tab.c" +#line 251 "sudo.tab.c" #define COMMAND 257 #define ALIAS 258 #define DEFVAR 259 @@ -280,13 +283,13 @@ short yylhs[] = 0, 0, 7, 7, 9, 7, 7, 7, 7, 7, 7, 15, 16, 18, 16, 19, 16, 21, 16, 17, 17, 22, 22, 22, 22, 22, 10, 10, 23, 25, - 25, 2, 2, 2, 2, 2, 24, 24, 26, 29, - 30, 29, 27, 27, 5, 5, 4, 31, 4, 3, - 3, 3, 3, 3, 28, 28, 28, 28, 28, 28, - 28, 1, 1, 1, 12, 12, 33, 32, 20, 20, - 13, 13, 35, 34, 36, 36, 14, 14, 38, 37, - 11, 11, 40, 39, 8, 8, 41, 41, 6, 6, - 6, 6, 6, + 25, 2, 2, 2, 2, 2, 24, 24, 28, 26, + 30, 31, 30, 27, 27, 5, 5, 4, 32, 4, + 3, 3, 3, 3, 3, 29, 29, 29, 29, 29, + 29, 29, 1, 1, 1, 12, 12, 34, 33, 20, + 20, 13, 13, 36, 35, 37, 37, 14, 14, 39, + 38, 11, 11, 41, 40, 8, 8, 42, 42, 6, + 6, 6, 6, 6, }; #if defined(__cplusplus) || defined(__STDC__) const short yylen[] = @@ -297,13 +300,13 @@ short yylen[] = 1, 2, 1, 2, 0, 3, 2, 2, 2, 2, 1, 2, 1, 0, 3, 0, 3, 0, 3, 1, 3, 1, 2, 3, 3, 3, 1, 3, 3, 1, - 2, 1, 1, 1, 1, 1, 1, 3, 3, 1, - 0, 3, 0, 2, 1, 3, 1, 0, 3, 1, - 1, 1, 1, 1, 0, 2, 2, 2, 2, 2, - 2, 1, 1, 1, 1, 3, 0, 4, 1, 3, - 1, 3, 0, 4, 1, 3, 1, 3, 0, 4, - 1, 3, 0, 4, 1, 3, 1, 2, 1, 1, - 1, 1, 1, + 2, 1, 1, 1, 1, 1, 1, 3, 0, 4, + 1, 0, 3, 0, 2, 1, 3, 1, 0, 3, + 1, 1, 1, 1, 1, 0, 2, 2, 2, 2, + 2, 2, 1, 1, 1, 1, 3, 0, 4, 1, + 3, 1, 3, 0, 4, 1, 3, 1, 3, 0, + 4, 1, 3, 0, 4, 1, 3, 1, 2, 1, + 1, 1, 1, 1, }; #if defined(__cplusplus) || defined(__STDC__) const short yydefred[] = @@ -312,19 +315,19 @@ short yydefred[] = #endif { 0, 0, 13, 18, 14, 16, 3, 0, 0, 0, 0, - 0, 1, 0, 11, 0, 4, 0, 0, 0, 67, - 0, 65, 73, 0, 71, 83, 0, 81, 79, 0, - 77, 2, 92, 91, 90, 89, 93, 0, 87, 0, - 85, 0, 0, 12, 0, 36, 33, 34, 35, 32, - 0, 30, 0, 69, 0, 53, 52, 51, 50, 54, - 48, 47, 45, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 88, 0, 0, 0, 27, 0, 0, 0, - 23, 0, 31, 0, 0, 0, 0, 66, 0, 72, - 0, 82, 0, 78, 86, 0, 0, 24, 25, 26, - 21, 70, 49, 46, 0, 64, 63, 62, 41, 40, - 75, 0, 0, 0, 28, 0, 0, 37, 55, 0, - 0, 0, 0, 0, 42, 76, 38, 56, 57, 58, - 59, 60, 61, 39, + 0, 1, 0, 11, 0, 4, 0, 0, 0, 68, + 0, 66, 74, 0, 72, 84, 0, 82, 80, 0, + 78, 2, 93, 92, 91, 90, 94, 0, 88, 0, + 86, 0, 0, 12, 0, 36, 33, 34, 35, 32, + 0, 30, 0, 70, 0, 54, 53, 52, 51, 55, + 49, 48, 46, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 89, 0, 0, 0, 27, 0, 0, 0, + 23, 0, 31, 0, 0, 0, 0, 67, 0, 73, + 0, 83, 0, 79, 87, 0, 39, 24, 25, 26, + 21, 71, 50, 47, 0, 65, 64, 63, 42, 41, + 76, 0, 0, 0, 28, 0, 37, 0, 0, 0, + 39, 0, 56, 43, 77, 38, 0, 0, 57, 58, + 59, 60, 61, 62, 40, }; #if defined(__cplusplus) || defined(__STDC__) const short yydgoto[] = @@ -334,30 +337,30 @@ short yydgoto[] = { 11, 110, 52, 62, 63, 64, 39, 12, 40, 13, 75, 27, 21, 24, 30, 14, 15, 44, 18, 19, 76, - 17, 45, 77, 117, 54, 118, 119, 124, 111, 120, - 85, 22, 65, 25, 67, 112, 31, 71, 28, 69, - 41, + 17, 45, 77, 116, 54, 117, 123, 118, 128, 111, + 119, 85, 22, 65, 25, 67, 112, 31, 71, 28, + 69, 41, }; #if defined(__cplusplus) || defined(__STDC__) const short yysindex[] = #else short yysindex[] = #endif - { -229, - -256, 0, 0, 0, 0, 0, -237, -234, -226, -225, - -229, 0, 62, 0, -33, 0, 88, 62, 114, 0, - -15, 0, 0, -12, 0, 0, -5, 0, 0, -4, + { -223, + -256, 0, 0, 0, 0, 0, -237, -234, -231, -226, + -223, 0, 62, 0, -33, 0, 88, 62, 114, 0, + -22, 0, 0, -21, 0, 0, -19, 0, 0, -18, 0, 0, 0, 0, 0, 0, 0, -244, 0, -28, - 0, -36, -204, 0, 14, 0, 0, 0, 0, 0, - -219, 0, 19, 0, 20, 0, 0, 0, 0, 0, - 0, 0, 0, 21, 5, -237, 6, -234, 7, -226, - 8, -225, 0, 62, 12, -21, 0, -192, -191, -187, - 0, -33, 0, 88, -201, 114, 88, 0, 276, 0, - 62, 0, 114, 0, 0, 88, -189, 0, 0, 0, - 0, 0, 0, 0, 19, 0, 0, 0, 0, 0, - 0, 33, 20, 21, 0, 114, 36, 0, 0, -247, - 276, 21, -189, -29, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0,}; + 0, -36, -221, 0, 3, 0, 0, 0, 0, 0, + -212, 0, 6, 0, 14, 0, 0, 0, 0, 0, + 0, 0, 0, 16, 7, -237, 8, -234, 9, -231, + 10, -226, 0, 62, 18, -32, 0, -202, -199, -191, + 0, -33, 0, 88, -196, 114, 88, 0, 276, 0, + 62, 0, 114, 0, 0, 88, 0, 0, 0, 0, + 0, 0, 0, 0, 6, 0, 0, 0, 0, 0, + 0, 30, 14, 16, 0, 33, 0, -188, -247, 276, + 0, 114, 0, 0, 0, 0, 16, -29, 0, 0, + 0, 0, 0, 0, 0,}; #if defined(__cplusplus) || defined(__STDC__) const short yyrindex[] = #else @@ -373,22 +376,22 @@ short yyrindex[] = 0, 0, 0, -3, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 300, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, -20, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 26, 0, 0, 0, 0, 0, - 0, 52, 78, 104, 0, 0, 130, 0, 0, 0, - 0, 274, -20, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0,}; + 0, 52, 78, 104, 0, 130, 0, -20, 0, 0, + 0, 0, 0, 0, 0, 0, 274, 0, 0, 0, + 0, 0, 0, 0, 0,}; #if defined(__cplusplus) || defined(__STDC__) const short yygindex[] = #else short yygindex[] = #endif { 0, - -39, 31, -2, 2, -87, 48, 76, -16, 0, 0, - 0, 0, 0, 0, 0, 0, 9, 0, 0, -14, - 0, 0, -7, 0, 10, -31, 0, 0, -109, 0, - 0, 24, 0, 25, 0, 0, 27, 0, 28, 0, - 22, + -38, 31, -2, 2, -87, 48, 76, -16, 0, 0, + 0, 0, 0, 0, 0, 0, 11, 0, 0, -14, + 0, 0, -7, 0, 12, -31, 0, 0, 0, -105, + 0, 0, 25, 0, 24, 0, 0, 22, 0, 27, + 0, 28, }; #define YYTABLESIZE 580 #if defined(__cplusplus) || defined(__STDC__) @@ -398,44 +401,44 @@ short yytable[] = #endif { 43, 22, 55, 53, 109, 51, 114, 79, 19, 80, 106, - 107, 126, 43, 33, 134, 74, 34, 35, 36, 16, - 20, 15, 84, 23, 78, 68, 1, 108, 122, 17, - 37, 26, 29, 22, 2, 3, 4, 5, 46, 97, - 47, 48, 66, 49, 22, 68, 6, 7, 8, 9, - 10, 74, 70, 72, 81, 50, 56, 82, 68, 57, - 58, 59, 84, 74, 86, 87, 89, 91, 93, 96, - 98, 99, 105, 60, 113, 100, 121, 84, 116, 123, - 125, 83, 103, 68, 74, 73, 32, 104, 115, 88, - 101, 127, 90, 102, 38, 95, 0, 92, 94, 0, - 0, 0, 0, 80, 0, 0, 0, 0, 0, 74, - 84, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 107, 84, 44, 33, 125, 74, 34, 35, 36, 16, + 20, 15, 135, 23, 78, 69, 26, 108, 97, 17, + 37, 29, 1, 22, 127, 66, 68, 81, 70, 72, + 2, 3, 4, 5, 22, 46, 82, 47, 48, 84, + 49, 75, 6, 7, 8, 9, 10, 74, 69, 86, + 98, 56, 50, 99, 57, 58, 59, 87, 89, 91, + 93, 100, 105, 120, 113, 96, 121, 85, 60, 122, + 124, 83, 103, 69, 75, 73, 32, 104, 115, 126, + 88, 90, 101, 94, 38, 102, 92, 0, 0, 0, + 0, 95, 0, 81, 0, 0, 0, 0, 0, 75, + 85, 0, 0, 0, 0, 0, 0, 0, 0, 0, 51, 0, 0, 0, 0, 0, 0, 0, 0, 29, - 0, 0, 0, 0, 0, 84, 80, 0, 0, 0, + 0, 0, 0, 0, 0, 85, 81, 0, 0, 0, 0, 0, 0, 0, 0, 0, 61, 0, 0, 0, 0, 0, 0, 0, 0, 8, 0, 0, 0, 0, - 0, 80, 29, 0, 0, 0, 0, 0, 0, 0, + 0, 81, 29, 0, 0, 0, 0, 0, 0, 0, 0, 0, 5, 0, 0, 0, 0, 0, 0, 0, 9, 0, 0, 0, 0, 0, 0, 29, 8, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 7, 0, 0, 0, 0, 0, 0, 0, 9, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 42, 0, 106, 107, 46, - 0, 47, 48, 19, 49, 10, 43, 43, 7, 128, - 129, 130, 131, 132, 133, 108, 50, 15, 43, 43, - 43, 43, 43, 43, 43, 17, 22, 0, 22, 0, + 0, 47, 48, 19, 49, 10, 44, 44, 7, 129, + 130, 131, 132, 133, 134, 108, 50, 15, 44, 44, + 44, 44, 44, 44, 44, 17, 22, 0, 22, 0, 20, 22, 22, 22, 22, 22, 22, 22, 10, 0, 0, 0, 0, 0, 0, 22, 22, 22, 22, 22, - 22, 68, 0, 68, 0, 0, 68, 68, 68, 68, - 68, 68, 68, 20, 0, 0, 0, 0, 0, 6, - 68, 68, 68, 68, 68, 68, 44, 74, 109, 74, - 0, 0, 74, 74, 74, 74, 74, 74, 74, 33, - 0, 0, 34, 35, 36, 0, 74, 74, 74, 74, - 74, 74, 6, 84, 0, 84, 37, 0, 84, 84, - 84, 84, 84, 84, 84, 46, 0, 47, 48, 0, - 49, 0, 84, 84, 84, 84, 84, 84, 0, 80, - 0, 80, 50, 0, 80, 80, 80, 80, 80, 80, - 80, 56, 0, 0, 57, 58, 59, 0, 80, 80, - 80, 80, 80, 80, 0, 29, 0, 29, 60, 0, + 22, 69, 0, 69, 0, 0, 69, 69, 69, 69, + 69, 69, 69, 20, 0, 0, 0, 0, 0, 6, + 69, 69, 69, 69, 69, 69, 45, 75, 109, 75, + 0, 0, 75, 75, 75, 75, 75, 75, 75, 33, + 0, 0, 34, 35, 36, 0, 75, 75, 75, 75, + 75, 75, 6, 85, 0, 85, 37, 0, 85, 85, + 85, 85, 85, 85, 85, 46, 0, 47, 48, 0, + 49, 0, 85, 85, 85, 85, 85, 85, 0, 81, + 0, 81, 50, 0, 81, 81, 81, 81, 81, 81, + 81, 56, 0, 0, 57, 58, 59, 0, 81, 81, + 81, 81, 81, 81, 0, 29, 0, 29, 60, 0, 29, 29, 29, 29, 29, 29, 29, 5, 0, 0, 5, 5, 5, 0, 29, 29, 29, 29, 29, 29, 0, 8, 0, 8, 5, 0, 8, 8, 8, 8, @@ -450,8 +453,8 @@ short yytable[] = 10, 10, 10, 0, 0, 0, 0, 0, 0, 0, 10, 10, 10, 10, 10, 10, 20, 0, 20, 0, 0, 20, 20, 20, 20, 20, 20, 20, 0, 0, - 44, 44, 106, 107, 0, 20, 20, 20, 20, 20, - 20, 0, 44, 44, 44, 44, 44, 44, 44, 0, + 45, 45, 106, 107, 0, 20, 20, 20, 20, 20, + 20, 0, 45, 45, 45, 45, 45, 45, 45, 0, 108, 0, 0, 0, 0, 6, 0, 6, 0, 0, 6, 6, 6, 6, 6, 6, 6, 0, 0, 0, 0, 0, 0, 0, 6, 6, 6, 6, 6, 6, @@ -463,16 +466,16 @@ short yycheck[] = #endif { 33, 0, 18, 17, 33, 33, 93, 43, 33, 45, 257, - 258, 121, 33, 258, 124, 44, 261, 262, 263, 276, - 258, 33, 44, 258, 61, 0, 256, 275, 116, 33, - 275, 258, 258, 33, 264, 265, 266, 267, 258, 61, - 260, 261, 58, 263, 44, 58, 276, 277, 278, 279, - 280, 0, 58, 58, 259, 275, 258, 44, 33, 261, - 262, 263, 44, 44, 44, 61, 61, 61, 61, 58, - 263, 263, 87, 275, 91, 263, 44, 0, 268, 44, - 120, 51, 85, 58, 33, 38, 11, 86, 96, 66, - 82, 123, 68, 84, 33, 74, -1, 70, 72, -1, - -1, -1, -1, 0, -1, -1, -1, -1, -1, 58, + 258, 44, 33, 258, 120, 44, 261, 262, 263, 276, + 258, 33, 128, 258, 61, 0, 258, 275, 61, 33, + 275, 258, 256, 33, 122, 58, 58, 259, 58, 58, + 264, 265, 266, 267, 44, 258, 44, 260, 261, 44, + 263, 0, 276, 277, 278, 279, 280, 44, 33, 44, + 263, 258, 275, 263, 261, 262, 263, 61, 61, 61, + 61, 263, 87, 44, 91, 58, 44, 0, 275, 268, + 119, 51, 85, 58, 33, 38, 11, 86, 96, 121, + 66, 68, 82, 72, 33, 84, 70, -1, -1, -1, + -1, 74, -1, 0, -1, -1, -1, -1, -1, 58, 33, -1, -1, -1, -1, -1, -1, -1, -1, -1, 33, -1, -1, -1, -1, -1, -1, -1, -1, 0, -1, -1, -1, -1, -1, 58, 33, -1, -1, -1, @@ -589,17 +592,18 @@ char *yyrule[] = "host : ALIAS", "cmndspeclist : cmndspec", "cmndspeclist : cmndspeclist ',' cmndspec", -"cmndspec : runasspec cmndtag opcmnd", -"opcmnd : cmnd", "$$5 :", -"opcmnd : '!' $$5 cmnd", +"cmndspec : $$5 runasspec cmndtag opcmnd", +"opcmnd : cmnd", +"$$6 :", +"opcmnd : '!' $$6 cmnd", "runasspec :", "runasspec : RUNAS runaslist", "runaslist : oprunasuser", "runaslist : runaslist ',' oprunasuser", "oprunasuser : runasuser", -"$$6 :", -"oprunasuser : '!' $$6 runasuser", +"$$7 :", +"oprunasuser : '!' $$7 runasuser", "runasuser : WORD", "runasuser : USERGROUP", "runasuser : NETGROUP", @@ -617,24 +621,24 @@ char *yyrule[] = "cmnd : COMMAND", "hostaliases : hostalias", "hostaliases : hostaliases ':' hostalias", -"$$7 :", -"hostalias : ALIAS $$7 '=' hostlist", +"$$8 :", +"hostalias : ALIAS $$8 '=' hostlist", "hostlist : ophost", "hostlist : hostlist ',' ophost", "cmndaliases : cmndalias", "cmndaliases : cmndaliases ':' cmndalias", -"$$8 :", -"cmndalias : ALIAS $$8 '=' cmndlist", +"$$9 :", +"cmndalias : ALIAS $$9 '=' cmndlist", "cmndlist : opcmnd", "cmndlist : cmndlist ',' opcmnd", "runasaliases : runasalias", "runasaliases : runasaliases ':' runasalias", -"$$9 :", -"runasalias : ALIAS $$9 '=' runaslist", +"$$10 :", +"runasalias : ALIAS $$10 '=' runaslist", "useraliases : useralias", "useraliases : useraliases ':' useralias", -"$$10 :", -"useralias : ALIAS $$10 '=' userlist", +"$$11 :", +"useralias : ALIAS $$11 '=' userlist", "userlist : opuser", "userlist : userlist ',' opuser", "opuser : user", @@ -671,7 +675,7 @@ short *yyss; short *yysslim; YYSTYPE *yyvs; int yystacksize; -#line 905 "parse.yacc" +#line 911 "parse.yacc" #define MOREALIASES (32) aliasinfo *aliases = NULL; @@ -1027,7 +1031,7 @@ init_parser() if (printmatches == TRUE) expand_match_list(); } -#line 979 "sudo.tab.c" +#line 983 "sudo.tab.c" /* allocate initial stack or double stack size, up to YYMAXDEPTH */ #if defined(__cplusplus) || defined(__STDC__) static int yygrowstack(void) @@ -1230,85 +1234,85 @@ yyreduce: switch (yyn) { case 3: -#line 277 "parse.yacc" +#line 280 "parse.yacc" { ; } break; case 4: -#line 279 "parse.yacc" +#line 282 "parse.yacc" { yyerrok; } break; case 5: -#line 280 "parse.yacc" +#line 283 "parse.yacc" { push; } break; case 6: -#line 280 "parse.yacc" +#line 283 "parse.yacc" { while (top && user_matches != TRUE) pop; } break; case 7: -#line 285 "parse.yacc" +#line 288 "parse.yacc" { ; } break; case 8: -#line 287 "parse.yacc" +#line 290 "parse.yacc" { ; } break; case 9: -#line 289 "parse.yacc" +#line 292 "parse.yacc" { ; } break; case 10: -#line 291 "parse.yacc" +#line 294 "parse.yacc" { ; } break; case 11: -#line 293 "parse.yacc" +#line 296 "parse.yacc" { ; } break; case 13: -#line 299 "parse.yacc" +#line 302 "parse.yacc" { defaults_matches = TRUE; } break; case 14: -#line 302 "parse.yacc" +#line 305 "parse.yacc" { push; } break; case 15: -#line 302 "parse.yacc" +#line 305 "parse.yacc" { defaults_matches = user_matches; pop; } break; case 16: -#line 306 "parse.yacc" +#line 309 "parse.yacc" { push; } break; case 17: -#line 306 "parse.yacc" +#line 309 "parse.yacc" { defaults_matches = yyvsp[0].BOOLEAN == TRUE; pop; } break; case 18: -#line 310 "parse.yacc" +#line 313 "parse.yacc" { push; } break; case 19: -#line 310 "parse.yacc" +#line 313 "parse.yacc" { defaults_matches = host_matches; pop; } break; case 22: -#line 320 "parse.yacc" +#line 323 "parse.yacc" { if (defaults_matches == TRUE && !set_default(yyvsp[0].string, NULL, TRUE)) { @@ -1319,7 +1323,7 @@ case 22: } break; case 23: -#line 328 "parse.yacc" +#line 331 "parse.yacc" { if (defaults_matches == TRUE && !set_default(yyvsp[0].string, NULL, FALSE)) { @@ -1330,7 +1334,7 @@ case 23: } break; case 24: -#line 336 "parse.yacc" +#line 339 "parse.yacc" { if (defaults_matches == TRUE && !set_default(yyvsp[-2].string, yyvsp[0].string, TRUE)) { @@ -1342,7 +1346,7 @@ case 24: } break; case 25: -#line 345 "parse.yacc" +#line 348 "parse.yacc" { if (defaults_matches == TRUE && !set_default(yyvsp[-2].string, yyvsp[0].string, '+')) { @@ -1354,7 +1358,7 @@ case 25: } break; case 26: -#line 354 "parse.yacc" +#line 357 "parse.yacc" { if (defaults_matches == TRUE && !set_default(yyvsp[-2].string, yyvsp[0].string, '-')) { @@ -1366,7 +1370,7 @@ case 26: } break; case 29: -#line 369 "parse.yacc" +#line 372 "parse.yacc" { /* * We already did a push if necessary in @@ -1381,25 +1385,25 @@ case 29: } break; case 30: -#line 383 "parse.yacc" +#line 386 "parse.yacc" { SETMATCH(host_matches, yyvsp[0].BOOLEAN); } break; case 31: -#line 386 "parse.yacc" +#line 389 "parse.yacc" { SETNMATCH(host_matches, yyvsp[0].BOOLEAN); } break; case 32: -#line 391 "parse.yacc" +#line 394 "parse.yacc" { yyval.BOOLEAN = TRUE; } break; case 33: -#line 394 "parse.yacc" +#line 397 "parse.yacc" { if (addr_matches(yyvsp[0].string)) yyval.BOOLEAN = TRUE; @@ -1409,7 +1413,7 @@ case 33: } break; case 34: -#line 401 "parse.yacc" +#line 404 "parse.yacc" { if (netgr_matches(yyvsp[0].string, user_host, user_shost, NULL)) yyval.BOOLEAN = TRUE; @@ -1419,7 +1423,7 @@ case 34: } break; case 35: -#line 408 "parse.yacc" +#line 411 "parse.yacc" { if (hostname_matches(user_shost, user_host, yyvsp[0].string) == 0) yyval.BOOLEAN = TRUE; @@ -1429,7 +1433,7 @@ case 35: } break; case 36: -#line 415 "parse.yacc" +#line 418 "parse.yacc" { aliasinfo *aip = find_alias(yyvsp[0].string, HOST_ALIAS); @@ -1454,7 +1458,11 @@ case 36: } break; case 39: -#line 443 "parse.yacc" +#line 446 "parse.yacc" +{ SETENV_RESET; } +break; +case 40: +#line 446 "parse.yacc" { /* * Push the entry onto the stack if it is worth @@ -1483,14 +1491,14 @@ case 39: cmnd_matches = UNSPEC; } break; -case 40: -#line 472 "parse.yacc" +case 41: +#line 475 "parse.yacc" { SETMATCH(cmnd_matches, yyvsp[0].BOOLEAN); } break; -case 41: -#line 475 "parse.yacc" +case 42: +#line 478 "parse.yacc" { if (printmatches == TRUE) { if (in_alias == TRUE) @@ -1501,14 +1509,14 @@ case 41: } } break; -case 42: -#line 483 "parse.yacc" +case 43: +#line 486 "parse.yacc" { SETNMATCH(cmnd_matches, yyvsp[0].BOOLEAN); } break; -case 43: -#line 488 "parse.yacc" +case 44: +#line 491 "parse.yacc" { if (printmatches == TRUE && host_matches == TRUE && user_matches == TRUE) { @@ -1534,18 +1542,18 @@ case 43: } } break; -case 44: -#line 512 "parse.yacc" +case 45: +#line 515 "parse.yacc" { runas_matches = yyvsp[0].BOOLEAN; } break; -case 45: -#line 517 "parse.yacc" +case 46: +#line 520 "parse.yacc" { ; } break; -case 46: -#line 518 "parse.yacc" +case 47: +#line 521 "parse.yacc" { /* Later entries override earlier ones. */ if (yyvsp[0].BOOLEAN != NOMATCH) @@ -1554,12 +1562,12 @@ case 46: yyval.BOOLEAN = yyvsp[-2].BOOLEAN; } break; -case 47: -#line 527 "parse.yacc" +case 48: +#line 530 "parse.yacc" { ; } break; -case 48: -#line 528 "parse.yacc" +case 49: +#line 531 "parse.yacc" { if (printmatches == TRUE) { if (in_alias == TRUE) @@ -1570,15 +1578,15 @@ case 48: } } break; -case 49: -#line 536 "parse.yacc" +case 50: +#line 539 "parse.yacc" { /* Set $$ to the negation of runasuser */ yyval.BOOLEAN = (yyvsp[0].BOOLEAN == NOMATCH ? NOMATCH : ! yyvsp[0].BOOLEAN); } break; -case 50: -#line 542 "parse.yacc" +case 51: +#line 545 "parse.yacc" { if (printmatches == TRUE) { if (in_alias == TRUE) @@ -1595,8 +1603,8 @@ case 50: used_runas = TRUE; } break; -case 51: -#line 557 "parse.yacc" +case 52: +#line 560 "parse.yacc" { if (printmatches == TRUE) { if (in_alias == TRUE) @@ -1613,8 +1621,8 @@ case 51: used_runas = TRUE; } break; -case 52: -#line 572 "parse.yacc" +case 53: +#line 575 "parse.yacc" { if (printmatches == TRUE) { if (in_alias == TRUE) @@ -1631,8 +1639,8 @@ case 52: used_runas = TRUE; } break; -case 53: -#line 587 "parse.yacc" +case 54: +#line 590 "parse.yacc" { aliasinfo *aip = find_alias(yyvsp[0].string, RUNAS_ALIAS); @@ -1664,8 +1672,8 @@ case 53: used_runas = TRUE; } break; -case 54: -#line 617 "parse.yacc" +case 55: +#line 620 "parse.yacc" { if (printmatches == TRUE) { if (in_alias == TRUE) @@ -1677,8 +1685,8 @@ case 54: yyval.BOOLEAN = TRUE; } break; -case 55: -#line 629 "parse.yacc" +case 56: +#line 632 "parse.yacc" { /* Inherit {NO,}{PASSWD,EXEC,SETENV} status. */ if (printmatches == TRUE && host_matches == TRUE && @@ -1698,8 +1706,8 @@ case 55: } } break; -case 56: -#line 647 "parse.yacc" +case 57: +#line 650 "parse.yacc" { no_passwd = TRUE; if (printmatches == TRUE && host_matches == TRUE && @@ -1707,8 +1715,8 @@ case 56: cm_list[cm_list_len].nopasswd = TRUE; } break; -case 57: -#line 653 "parse.yacc" +case 58: +#line 656 "parse.yacc" { no_passwd = FALSE; if (printmatches == TRUE && host_matches == TRUE && @@ -1716,8 +1724,8 @@ case 57: cm_list[cm_list_len].nopasswd = FALSE; } break; -case 58: -#line 659 "parse.yacc" +case 59: +#line 662 "parse.yacc" { no_execve = TRUE; if (printmatches == TRUE && host_matches == TRUE && @@ -1725,8 +1733,8 @@ case 58: cm_list[cm_list_len].noexecve = TRUE; } break; -case 59: -#line 665 "parse.yacc" +case 60: +#line 668 "parse.yacc" { no_execve = FALSE; if (printmatches == TRUE && host_matches == TRUE && @@ -1734,8 +1742,8 @@ case 59: cm_list[cm_list_len].noexecve = FALSE; } break; -case 60: -#line 671 "parse.yacc" +case 61: +#line 674 "parse.yacc" { setenv_ok = TRUE; if (printmatches == TRUE && host_matches == TRUE && @@ -1743,8 +1751,8 @@ case 60: cm_list[cm_list_len].setenv = TRUE; } break; -case 61: -#line 677 "parse.yacc" +case 62: +#line 680 "parse.yacc" { setenv_ok = FALSE; if (printmatches == TRUE && host_matches == TRUE && @@ -1752,8 +1760,8 @@ case 61: cm_list[cm_list_len].setenv = FALSE; } break; -case 62: -#line 685 "parse.yacc" +case 63: +#line 688 "parse.yacc" { if (printmatches == TRUE) { if (in_alias == TRUE) @@ -1764,14 +1772,17 @@ case 62: expand_match_list(); } } + /* sudo "ALL" implies the SETENV tag */ + if (setenv_ok == UNSPEC) + setenv_ok = IMPLIED; efree(safe_cmnd); safe_cmnd = NULL; yyval.BOOLEAN = TRUE; } break; -case 63: -#line 700 "parse.yacc" +case 64: +#line 706 "parse.yacc" { aliasinfo *aip; @@ -1802,8 +1813,8 @@ case 63: efree(yyvsp[0].string); } break; -case 64: -#line 729 "parse.yacc" +case 65: +#line 735 "parse.yacc" { if (printmatches == TRUE) { if (in_alias == TRUE) { @@ -1829,12 +1840,12 @@ case 64: efree(yyvsp[0].command.args); } break; -case 67: -#line 759 "parse.yacc" +case 68: +#line 765 "parse.yacc" { push; } break; -case 68: -#line 759 "parse.yacc" +case 69: +#line 765 "parse.yacc" { if ((MATCHED(host_matches) || pedantic) && !add_alias(yyvsp[-3].string, HOST_ALIAS, host_matches)) { @@ -1844,8 +1855,8 @@ case 68: pop; } break; -case 73: -#line 777 "parse.yacc" +case 74: +#line 783 "parse.yacc" { push; if (printmatches == TRUE) { @@ -1857,8 +1868,8 @@ case 73: } } break; -case 74: -#line 786 "parse.yacc" +case 75: +#line 792 "parse.yacc" { if ((MATCHED(cmnd_matches) || pedantic) && !add_alias(yyvsp[-3].string, CMND_ALIAS, cmnd_matches)) { @@ -1872,12 +1883,12 @@ case 74: in_alias = FALSE; } break; -case 75: -#line 800 "parse.yacc" +case 76: +#line 806 "parse.yacc" { ; } break; -case 79: -#line 808 "parse.yacc" +case 80: +#line 814 "parse.yacc" { if (printmatches == TRUE) { in_alias = TRUE; @@ -1888,8 +1899,8 @@ case 79: } } break; -case 80: -#line 816 "parse.yacc" +case 81: +#line 822 "parse.yacc" { if ((yyvsp[0].BOOLEAN != NOMATCH || pedantic) && !add_alias(yyvsp[-3].string, RUNAS_ALIAS, yyvsp[0].BOOLEAN)) { @@ -1902,12 +1913,12 @@ case 80: in_alias = FALSE; } break; -case 83: -#line 833 "parse.yacc" +case 84: +#line 839 "parse.yacc" { push; } break; -case 84: -#line 833 "parse.yacc" +case 85: +#line 839 "parse.yacc" { if ((MATCHED(user_matches) || pedantic) && !add_alias(yyvsp[-3].string, USER_ALIAS, user_matches)) { @@ -1918,20 +1929,20 @@ case 84: efree(yyvsp[-3].string); } break; -case 87: -#line 848 "parse.yacc" +case 88: +#line 854 "parse.yacc" { SETMATCH(user_matches, yyvsp[0].BOOLEAN); } break; -case 88: -#line 851 "parse.yacc" +case 89: +#line 857 "parse.yacc" { SETNMATCH(user_matches, yyvsp[0].BOOLEAN); } break; -case 89: -#line 856 "parse.yacc" +case 90: +#line 862 "parse.yacc" { if (userpw_matches(yyvsp[0].string, user_name, sudo_user.pw)) yyval.BOOLEAN = TRUE; @@ -1940,8 +1951,8 @@ case 89: efree(yyvsp[0].string); } break; -case 90: -#line 863 "parse.yacc" +case 91: +#line 869 "parse.yacc" { if (usergr_matches(yyvsp[0].string, user_name, sudo_user.pw)) yyval.BOOLEAN = TRUE; @@ -1950,8 +1961,8 @@ case 90: efree(yyvsp[0].string); } break; -case 91: -#line 870 "parse.yacc" +case 92: +#line 876 "parse.yacc" { if (netgr_matches(yyvsp[0].string, NULL, NULL, user_name)) yyval.BOOLEAN = TRUE; @@ -1960,8 +1971,8 @@ case 91: efree(yyvsp[0].string); } break; -case 92: -#line 877 "parse.yacc" +case 93: +#line 883 "parse.yacc" { aliasinfo *aip = find_alias(yyvsp[0].string, USER_ALIAS); @@ -1985,13 +1996,13 @@ case 92: efree(yyvsp[0].string); } break; -case 93: -#line 899 "parse.yacc" +case 94: +#line 905 "parse.yacc" { yyval.BOOLEAN = TRUE; } break; -#line 1943 "sudo.tab.c" +#line 1954 "sudo.tab.c" } yyssp -= yym; yystate = *yyssp; diff --git a/sudoers b/sudoers index bb42f2b..31755f6 100644 --- a/sudoers +++ b/sudoers @@ -1,6 +1,8 @@ # sudoers file. # # This file MUST be edited with the 'visudo' command as root. +# Failure to use 'visudo' may result in syntax or file permission errors +# that prevent sudo from running. # # See the sudoers man page for the details on how to write a sudoers file. # diff --git a/sudoers.cat b/sudoers.cat index 044b2aa..867f1f8 100644 --- a/sudoers.cat +++ b/sudoers.cat @@ -61,7 +61,7 @@ DDEESSCCRRIIPPTTIIOONN -1.6.9p8 November 2, 2007 1 +1.6.9p8 December 3, 2007 1 @@ -127,7 +127,7 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) -1.6.9p8 November 2, 2007 2 +1.6.9p8 December 3, 2007 2 @@ -193,7 +193,7 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) -1.6.9p8 November 2, 2007 3 +1.6.9p8 December 3, 2007 3 @@ -259,7 +259,7 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) -1.6.9p8 November 2, 2007 4 +1.6.9p8 December 3, 2007 4 @@ -325,7 +325,7 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) -1.6.9p8 November 2, 2007 5 +1.6.9p8 December 3, 2007 5 @@ -391,7 +391,7 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) -1.6.9p8 November 2, 2007 6 +1.6.9p8 December 3, 2007 6 @@ -400,6 +400,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + If the command matched is AALLLL, the SETENV tag is implied + for that command; this default may be overridden by use of + the UNSETENV tag. + WWiillddccaarrddss ssuuddoo allows shell-style _w_i_l_d_c_a_r_d_s (aka meta or glob char­ @@ -450,14 +454,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) causes a match to succeed. It can be used wherever one might otherwise use a Cmnd_Alias, User_Alias, Runas_Alias, or Host_Alias. You should not try to define your own - _a_l_i_a_s called AALLLL as the built-in alias will be used in - preference to your own. Please note that using AALLLL can be - dangerous since in a command context, it allows the user - to run aannyy command on the system. -1.6.9p8 November 2, 2007 7 +1.6.9p8 December 3, 2007 7 @@ -466,6 +466,11 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + _a_l_i_a_s called AALLLL as the built-in alias will be used in + preference to your own. Please note that using AALLLL can be + dangerous since in a command context, it allows the user + to run aannyy command on the system. + An exclamation point ('!') can be used as a logical _n_o_t operator both in an _a_l_i_a_s and in front of a Cmnd. This allows one to exclude certain values. Note, however, that @@ -515,15 +520,10 @@ SSUUDDOOEERRSS OOPPTTIIOONNSS separated list of editors in the editor variable. vviissuuddoo will then only use the EDITOR or VISUAL if they match a value - specified in editor. This flag is _o_f_f by - default. - env_reset If set, ssuuddoo will reset the environment to - only contain the LOGNAME, SHELL, USER, - -1.6.9p8 November 2, 2007 8 +1.6.9p8 December 3, 2007 8 @@ -532,6 +532,11 @@ SSUUDDOOEERRSS OOPPTTIIOONNSS SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + specified in editor. This flag is _o_f_f by + default. + + env_reset If set, ssuuddoo will reset the environment to + only contain the LOGNAME, SHELL, USER, USERNAME and the SUDO_* variables. Any variables in the caller's environment that match the env_keep and env_check lists are @@ -581,15 +586,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) files so that only LDAP is used. This thwarts the efforts of rogue operators who would attempt to add roles to - @sysconfdir@/sudoers. When this option is - present, @sysconfdir@/sudoers does not - even need to exist. Since this option - tells ssuuddoo how to behave when no specific - LDAP entries have been matched, this -1.6.9p8 November 2, 2007 9 +1.6.9p8 December 3, 2007 9 @@ -598,6 +598,11 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + @sysconfdir@/sudoers. When this option is + present, @sysconfdir@/sudoers does not + even need to exist. Since this option + tells ssuuddoo how to behave when no specific + LDAP entries have been matched, this sudoOption is only meaningful for the cn=defaults section. This flag is _o_f_f by default. @@ -647,15 +652,10 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) user if the invoking user is not in the _s_u_d_o_e_r_s file. This flag is _o_n by default. - noexec If set, all commands run via ssuuddoo will - behave as if the NOEXEC tag has been set, - unless overridden by a EXEC tag. See the - description of _N_O_E_X_E_C _a_n_d _E_X_E_C below as - well as the "PREVENTING SHELL ESCAPES" -1.6.9p8 November 2, 2007 10 +1.6.9p8 December 3, 2007 10 @@ -664,6 +664,11 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + noexec If set, all commands run via ssuuddoo will + behave as if the NOEXEC tag has been set, + unless overridden by a EXEC tag. See the + description of _N_O_E_X_E_C _a_n_d _E_X_E_C below as + well as the "PREVENTING SHELL ESCAPES" section at the end of this manual. This flag is _o_f_f by default. @@ -679,6 +684,15 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) they are not allowed to run it, which can be confusing. This flag is _o_n by default. + passprompt_override + The password prompt specified by + _p_a_s_s_p_r_o_m_p_t will normally only be used if + the passwod prompt provided by systems + such as PAM matches the string "Pass­ + word:". If _p_a_s_s_p_r_o_m_p_t___o_v_e_r_r_i_d_e is set, + _p_a_s_s_p_r_o_m_p_t will always be used. This flag + is _o_f_f by default. + preserve_groups By default ssuuddoo will initialize the group vector to the list of groups the target user is in. When _p_r_e_s_e_r_v_e___g_r_o_u_p_s is set, @@ -704,6 +718,18 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) Note, however, that turning off _r_o_o_t___s_u_d_o will also prevent root and from running ssuuddooeeddiitt. Disabling _r_o_o_t___s_u_d_o provides no + + + +1.6.9p8 December 3, 2007 11 + + + + + +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + + real additional security; it exists purely for historical reasons. This flag is _o_n by default. @@ -719,17 +745,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) password of the invoking user. This flag is _o_f_f by default. - - -1.6.9p8 November 2, 2007 11 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - set_home If set and ssuuddoo is invoked with the --ss flag the HOME environment variable will be set to the home directory of the target @@ -769,6 +784,18 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) (the shell is determined by the SHELL environment variable if it is set, falling back on the shell listed in the invoking + + + +1.6.9p8 December 3, 2007 12 + + + + + +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + + user's /etc/passwd entry if not). This flag is _o_f_f by default. @@ -784,18 +811,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) run setuid. This option is only effective on systems with either the _s_e_t_r_e_u_i_d_(_) or _s_e_t_r_e_s_u_i_d_(_) function. This flag is _o_f_f by - - - -1.6.9p8 November 2, 2007 12 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - default. targetpw If set, ssuuddoo will prompt for the password @@ -835,6 +850,18 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) file log. The default is 80 (use 0 or negate the option to disable word wrap). + + + +1.6.9p8 December 3, 2007 13 + + + + + +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + + passwd_timeout Number of minutes before the ssuuddoo password prompt times out. The default is 5; set this to 0 for no password timeout. @@ -850,18 +877,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) tamps via sudo -v and sudo -k respec­ tively. - - - -1.6.9p8 November 2, 2007 13 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - umask Umask to use when running the command. Negate this option or set it to 0777 to preserve the user's umask. The default is @@ -902,6 +917,17 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) variable. The following percent (`%') escapes are supported: + + +1.6.9p8 December 3, 2007 14 + + + + + +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + + %H expanded to the local hostname includ­ ing the domain name (on if the machine's hostname is fully qualified @@ -917,17 +943,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) %u expanded to the invoking user's login name - - -1.6.9p8 November 2, 2007 14 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - %% two consecutive % characters are col­ lapsed into a single % character @@ -968,6 +983,17 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) never Never lecture the user. + + +1.6.9p8 December 3, 2007 15 + + + + + +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + + once Only lecture the user the first time they run ssuuddoo. @@ -982,18 +1008,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) standard lecture if the named file exists. By default, ssuuddoo uses a built-in lecture. - - - -1.6.9p8 November 2, 2007 15 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - listpw This option controls when a password will be required when a user runs ssuuddoo with the --ll flag. It has the following possible values: @@ -1035,6 +1049,17 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) quotes (") to protect against ssuuddoo interpret­ ing the @ sign. Defaults to root. + + +1.6.9p8 December 3, 2007 16 + + + + + +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + + syslog Syslog facility if syslog is being used for logging (negate to disable syslog logging). Defaults to local2. @@ -1048,18 +1073,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) flag set to avoid entering a password. always The user must always enter a password - - - -1.6.9p8 November 2, 2007 16 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - to use the --vv flag. any At least one of the user's _s_u_d_o_e_r_s @@ -1101,6 +1114,18 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) be a double-quoted, space-separated list or a single value without double-quotes. The list can be replaced, added to, + + + +1.6.9p8 December 3, 2007 17 + + + + + +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + + deleted from, or disabled by using the =, +=, -=, and ! operators respectively. The default list of environment variables to @@ -1114,18 +1139,6 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) the user's environment when the _e_n_v___r_e_s_e_t option is in effect. This allows fine- grained control over the environment - - - -1.6.9p8 November 2, 2007 17 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - ssuuddoo-spawned processes will receive. The argument may be a double-quoted, space- separated list or a single value without @@ -1166,6 +1179,19 @@ EEXXAAMMPPLLEESS User_Alias PARTTIMERS = bostley, jwfox, crawl User_Alias WEBMASTERS = will, wendy, wim + + + + +1.6.9p8 December 3, 2007 18 + + + + + +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + + # Runas alias specification Runas_Alias OP = root, operator Runas_Alias DB = oracle, sybase @@ -1180,18 +1206,6 @@ EEXXAAMMPPLLEESS Host_Alias SERVERS = master, mail, www, ns Host_Alias CDROM = orion, perseus, hercules - - - -1.6.9p8 November 2, 2007 18 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - # Cmnd alias specification Cmnd_Alias DUMPS = /usr/bin/mt, /usr/sbin/dump, /usr/sbin/rdump,\ /usr/sbin/restore, /usr/sbin/rrestore @@ -1233,30 +1247,30 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) root ALL = (ALL) ALL %wheel ALL = (ALL) ALL - We let rroooott and any user in group wwhheeeell run any command on - any host as any user. - FULLTIMERS ALL = NOPASSWD: ALL - Full time sysadmins (mmiilllleerrtt, mmiikkeeff, and ddoowwddyy) may run - any command on any host without authenticating themselves. +1.6.9p8 December 3, 2007 19 - PARTTIMERS ALL = ALL - Part time sysadmins (bboossttlleeyy, jjwwffooxx, and ccrraawwll) may run - any command on any host but they must authenticate them­ - selves first (since the entry lacks the NOPASSWD tag). -1.6.9p8 November 2, 2007 19 +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + We let rroooott and any user in group wwhheeeell run any command on + any host as any user. + FULLTIMERS ALL = NOPASSWD: ALL + Full time sysadmins (mmiilllleerrtt, mmiikkeeff, and ddoowwddyy) may run + any command on any host without authenticating themselves. -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + PARTTIMERS ALL = ALL + Part time sysadmins (bboossttlleeyy, jjwwffooxx, and ccrraawwll) may run + any command on any host but they must authenticate them­ + selves first (since the entry lacks the NOPASSWD tag). jack CSNETS = ALL @@ -1299,31 +1313,30 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) jim +biglab = ALL - The user jjiimm may run any command on machines in the _b_i_g_l_a_b - netgroup. ssuuddoo knows that "biglab" is a netgroup due to - the '+' prefix. - - +secretaries ALL = PRINTING, /usr/bin/adduser, /usr/bin/rmuser - Users in the sseeccrreettaarriieess netgroup need to help manage the - printers as well as add and remove users, so they are - allowed to run those commands on all machines. - fred ALL = (DB) NOPASSWD: ALL +1.6.9p8 December 3, 2007 20 - The user ffrreedd can run commands as any user in the _D_B -1.6.9p8 November 2, 2007 20 +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + The user jjiimm may run any command on machines in the _b_i_g_l_a_b + netgroup. ssuuddoo knows that "biglab" is a netgroup due to + the '+' prefix. + +secretaries ALL = PRINTING, /usr/bin/adduser, /usr/bin/rmuser -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + Users in the sseeccrreettaarriieess netgroup need to help manage the + printers as well as add and remove users, so they are + allowed to run those commands on all machines. + fred ALL = (DB) NOPASSWD: ALL + The user ffrreedd can run commands as any user in the _D_B Runas_Alias (oorraaccllee or ssyybbaassee) without giving a password. john ALPHA = /usr/bin/su [!-]*, !/usr/bin/su *root* @@ -1365,33 +1378,33 @@ SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) Any user may mount or unmount a CD-ROM on the machines in the CDROM Host_Alias (orion, perseus, hercules) without entering a password. This is a bit tedious for users to - type, so it is a prime candidate for encapsulating in a - shell script. -SSEECCUURRIITTYY NNOOTTEESS - It is generally not effective to "subtract" commands from - ALL using the '!' operator. A user can trivially circum­ - vent this by copying the desired command to a different - name and then executing that. For example: - bill ALL = ALL, !SU, !SHELLS - Doesn't really prevent bbiillll from running the commands - listed in _S_U or _S_H_E_L_L_S since he can simply copy those +1.6.9p8 December 3, 2007 21 -1.6.9p8 November 2, 2007 21 +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + type, so it is a prime candidate for encapsulating in a + shell script. -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) +SSEECCUURRIITTYY NNOOTTEESS + It is generally not effective to "subtract" commands from + ALL using the '!' operator. A user can trivially circum­ + vent this by copying the desired command to a different + name and then executing that. For example: + bill ALL = ALL, !SU, !SHELLS - commands to a different name, or use a shell escape from - an editor or other program. Therefore, these kind of + Doesn't really prevent bbiillll from running the commands + listed in _S_U or _S_H_E_L_L_S since he can simply copy those com­ + mands to a different name, or use a shell escape from an + editor or other program. Therefore, these kind of restrictions should be considered advisory at best (and reinforced by policy). @@ -1432,6 +1445,17 @@ PPRREEVVEENNTTIINNGG SSHHEELLLL EESSCCAAPPEESS sudo -V | grep "dummy exec" + + +1.6.9p8 December 3, 2007 22 + + + + + +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + + If the resulting output contains a line that begins with: @@ -1444,18 +1468,6 @@ PPRREEVVEENNTTIINNGG SSHHEELLLL EESSCCAAPPEESS _n_o_e_x_e_c will work at compile-time. _n_o_e_x_e_c should work on SunOS, Solaris, *BSD, Linux, IRIX, Tru64 UNIX, MacOS X, and HP-UX 11.x. It is known nnoott - - - -1.6.9p8 November 2, 2007 22 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - to work on AIX and UnixWare. _n_o_e_x_e_c is expected to work on most operating systems that support the LD_PRELOAD environment variable. Check your @@ -1498,6 +1510,18 @@ CCAAVVEEAATTSS When using netgroups of machines (as opposed to users), if you store fully qualified hostnames in the netgroup (as is usually the case), you either need to have the machine's + + + +1.6.9p8 December 3, 2007 23 + + + + + +SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) + + hostname be fully qualified as returned by the hostname command or use the _f_q_d_n option in _s_u_d_o_e_r_s. @@ -1511,17 +1535,6 @@ SSUUPPPPOORRTT man/listinfo/sudo-users to subscribe or search the archives. - - -1.6.9p8 November 2, 2007 23 - - - - - -SUDOERS(4) MAINTENANCE COMMANDS SUDOERS(4) - - DDIISSCCLLAAIIMMEERR ssuuddoo is provided ``AS IS'' and any express or implied war­ ranties, including, but not limited to, the implied war­ @@ -1566,19 +1579,6 @@ DDIISSCCLLAAIIMMEERR - - - - - - - - - - - - - -1.6.9p8 November 2, 2007 24 +1.6.9p8 December 3, 2007 24 diff --git a/sudoers.man.in b/sudoers.man.in index 7d7f733..7f41f30 100644 --- a/sudoers.man.in +++ b/sudoers.man.in @@ -18,7 +18,7 @@ .\" Agency (DARPA) and Air Force Research Laboratory, Air Force .\" Materiel Command, USAF, under agreement number F39502-99-1-0512. .\" -.\" $Sudo: sudoers.man.in,v 1.45.2.17 2007/11/02 19:15:16 millert Exp $ +.\" $Sudo: sudoers.man.in,v 1.45.2.18 2007/12/03 10:27:12 millert Exp $ .\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.32 .\" .\" Standard preamble: @@ -150,7 +150,7 @@ .\" ======================================================================== .\" .IX Title "SUDOERS @mansectform@" -.TH SUDOERS @mansectform@ "November 2, 2007" "1.6.9p8" "MAINTENANCE COMMANDS" +.TH SUDOERS @mansectform@ "December 3, 2007" "1.6.9p8" "MAINTENANCE COMMANDS" .SH "NAME" sudoers \- list of which users may execute what .SH "DESCRIPTION" @@ -522,7 +522,9 @@ basis. Note that if \f(CW\*(C`SETENV\*(C'\fR has been set for a command, any environment variables set on the command line way are not subject to the restrictions imposed by \fIenv_check\fR, \fIenv_delete\fR, or \&\fIenv_keep\fR. As such, only trusted users should be allowed to set -variables in this manner. +variables in this manner. If the command matched is \fB\s-1ALL\s0\fR, the +\&\f(CW\*(C`SETENV\*(C'\fR tag is implied for that command; this default may +be overridden by use of the \f(CW\*(C`UNSETENV\*(C'\fR tag. .Sh "Wildcards" .IX Subsection "Wildcards" \&\fBsudo\fR allows shell-style \fIwildcards\fR (aka meta or glob characters) @@ -731,6 +733,12 @@ to. The disadvantage is that if the executable is simply not in the user's \f(CW\*(C`PATH\*(C'\fR, \fBsudo\fR will tell the user that they are not allowed to run it, which can be confusing. This flag is \fI@path_info@\fR by default. +.IP "passprompt_override" 16 +.IX Item "passprompt_override" +The password prompt specified by \fIpassprompt\fR will normally only +be used if the passwod prompt provided by systems such as \s-1PAM\s0 matches +the string \*(L"Password:\*(R". If \fIpassprompt_override\fR is set, \fIpassprompt\fR +will always be used. This flag is \fIoff\fR by default. .IP "preserve_groups" 16 .IX Item "preserve_groups" By default \fBsudo\fR will initialize the group vector to the list of diff --git a/sudoers.pod b/sudoers.pod index f40d2a1..d8af57f 100644 --- a/sudoers.pod +++ b/sudoers.pod @@ -19,7 +19,7 @@ Sponsored in part by the Defense Advanced Research Projects Agency (DARPA) and Air Force Research Laboratory, Air Force Materiel Command, USAF, under agreement number F39502-99-1-0512. -$Sudo: sudoers.pod,v 1.95.2.20 2007/08/27 19:52:28 millert Exp $ +$Sudo: sudoers.pod,v 1.95.2.22 2007/12/02 17:13:52 millert Exp $ =pod =head1 NAME @@ -336,7 +336,9 @@ basis. Note that if C has been set for a command, any environment variables set on the command line way are not subject to the restrictions imposed by I, I, or I. As such, only trusted users should be allowed to set -variables in this manner. +variables in this manner. If the command matched is B, the +C tag is implied for that command; this default may +be overridden by use of the C tag. =head2 Wildcards @@ -577,6 +579,13 @@ the user's C, B will tell the user that they are not allowed to run it, which can be confusing. This flag is I<@path_info@> by default. +=item passprompt_override + +The password prompt specified by I will normally only +be used if the passwod prompt provided by systems such as PAM matches +the string "Password:". If I is set, I +will always be used. This flag is I by default. + =item preserve_groups By default B will initialize the group vector to the list of diff --git a/version.h b/version.h index 4a95e86..c02a6d9 100644 --- a/version.h +++ b/version.h @@ -17,12 +17,12 @@ * Agency (DARPA) and Air Force Research Laboratory, Air Force * Materiel Command, USAF, under agreement number F39502-99-1-0512. * - * $Sudo: version.h,v 1.66.2.11 2007/11/02 19:15:16 millert Exp $ + * $Sudo: version.h,v 1.66.2.12 2007/12/03 10:34:32 millert Exp $ */ #ifndef _SUDO_VERSION_H #define _SUDO_VERSION_H -static const char version[] = "1.6.9p8"; +static const char version[] = "1.6.9p9"; #endif /* _SUDO_VERSION_H */ -- 2.30.2