* NEWS, configure, configure.in: sudo 1.8.6p3 [97fef3d9ed65] 2012-09-17 Todd C. Miller * doc/fixman.sh: Don't use embedded newline when matching, use \n. This got expanded at some point. Bug #573 [6652f834b8f5] * plugins/sudoers/sudoreplay.c: Fall back on lstat(2) if d_type in struct dirent is DT_UNKNOWN. Not all file systems support d_type. Bug #572 [8b861c62945f] * plugins/sudoers/sudoreplay.c: Avoid calling fclose(NULL) in the error path when we cannot open an I/O log file. [9401d5c4bb05] 2012-09-16 Todd C. Miller * NEWS, configure, configure.in: Sudo 1.8.6p2 [6e32496280f2] * src/exec.c: When setting the signal handler for SIGTSTP to the default value in non-I/O log mode, store the old handler value for when we restore it after resume. [242628694e42] 2012-09-12 Todd C. Miller * NEWS: Mention support for SUCCESS=return in /etc/nsswitch.conf [ef1f35aa0863] * NEWS, configure, configure.in: sudo 1.8.6p1 [73a5e1f004b3] 2012-09-11 Todd C. Miller * plugins/sudoers/env.c: Avoid setting LOGNAME, USER and USERNAME variables twice when set_logname is enabled. [0de4f5fbd1d4] * plugins/sudoers/env.c: Fix duplicate detection in sudo_putenv(), do not prune out the variable we just set when overwriting an existing instance. Fixes bug #570 [854ee714c831] * plugins/sudoers/env.c: Add some debuggging [a25cd3305823] 2012-09-04 Todd C. Miller * plugins/sudoers/sudo_nss.c: Disable word wrap in list mode when stdout is a pipe to make "sudo -l | grep ..." more useful. Adapted from a diff by Daniel Kopecek. [65ade04511fd] * common/lbuf.c: Print a trailing newline in lbuf_print() when there is not enough space to do word wrapping and the lbuf does not end with a newline. [c0200e19cd09] * plugins/sudoers/sudo_nss.c, plugins/sudoers/sudoers.c: Add support for [SUCCESS=return] in nsswitch.conf; from Daniel Kopecek [5c480316e3ce] * MANIFEST: Add sssd.c [9cadd014ef97] 2012-09-01 Todd C. Miller * plugins/sudoers/po/da.mo, plugins/sudoers/po/fi.mo, plugins/sudoers/po/hr.mo, plugins/sudoers/po/sl.mo, plugins/sudoers/po/uk.mo, src/po/fi.mo, src/po/hr.mo, src/po/it.mo, src/po/ru.mo, src/po/sl.mo, src/po/uk.mo, src/po/vi.mo: regen .po files [62423d4d143d] * MANIFEST, plugins/sudoers/po/vi.mo: Add Vietnamese sudoers translation from translationproject.org [33666a605525] * NEWS: mention PIE [05032e5304c6] * MANIFEST, plugins/sudoers/po/vi.po: Add Vietnamese sudoers translation from translationproject.org [015c2204bae2] 2012-08-29 Todd C. Miller * Makefile.in, compat/Makefile.in, mkdep.pl: Add missing signame dependency [e493bfb01929] * src/exec.c, src/ttyname.c: Silence compiler warnings. [1c5374b66d9b] * MANIFEST, compat/Makefile.in, compat/sig2str.c, compat/strsigname.c, config.h.in, configure, configure.in, include/missing.h, mkdep.pl, src/exec.c, src/exec_pty.c: Replace strsigname() with sig2str(), emulating it as needed. [1e348cca1fa6] * config.h.in, configure, configure.in, src/utmp.c: Use fseeko() for legacy utmp handling if available. [b4bbd8d2c0e9] 2012-08-28 Todd C. Miller * compat/strsigname.c, config.h.in, configure, configure.in: Detect sys_sigabbrev[] and use it in place of sys_signame[] if present. For some reason glibc does not declare sys_sigabbrev so we must add an extern definition of our own. [b38f3fbd7078] * compat/strsignal.c, compat/strsigname.c: Handle NULL entries in sys_siglist and sys_signame. [a388959d9654] * compat/mksiglist.c, compat/mksiglist.h, compat/mksigname.c, compat/mksigname.h, compat/strsignal.c, compat/strsigname.c: Convert my_sys_sig{list,name} -> sudo_sys_sig{list,name} [711e41aba59a] 2012-08-27 Todd C. Miller * NEWS: sync [5a2522488754] * src/exec.c: Pass on SIGTSTP to the command if it was sent by a user process (not the kernel or the terminal) when we are not I/O logging and set the default SIGTSTP handler when we re-send the signal to ourself, restoring our handler after we resume. [4259c47e31c0] * src/exec.c: Shells typically change their process group when they start up so that they can implement job control. Most well-behaved shells change the pgrp back to its original value before suspending so we must not try to restore in that case, lest we race with the child upon resume, potentially stopping sudo with SIGTTOU while the command continues to run. Some shells, such as pdksh, just suspend the shell by sending SIGSTOP to themselves without restoring the pgrp. In this case we need to change the pgrp back for them. Should fix bug #568 [6ac6751ffd17] 2012-08-26 Todd C. Miller * MANIFEST, compat/Makefile.in, compat/mksigname.c, compat/mksigname.h, compat/strsignal.c, compat/strsigname.c, config.h.in, configure, configure.in, include/missing.h, mkdep.pl, src/exec.c, src/exec_pty.c: Use strsigname() to print signal names in the debug output. If the system has no strsigname(), use our own. [0735f18906b9] 2012-08-23 Todd C. Miller * plugins/sudoers/regress/testsudoers/test5.inc, plugins/sudoers/regress/testsudoers/test5.sh: Remove generated file and change path for temporary include file. [4e9fa830c6b5] * plugins/sudoers/Makefile.in: When running regress tests, list pass/fail rate for each dir (testsudoers and visudo) instead of the total. Also prevent the result files from clobbering each other by keeping them in the relevant directories. [6aac53baff7d] * plugins/sudoers/gram.c, plugins/sudoers/gram.y, plugins/sudoers/toke.c, plugins/sudoers/toke.l: Don't print an error message in yyerror() if open_sudoers() fails, we've already printed an error message. Also restore the check for sudoers_warnings in yyerror(). [aa6036df5fb2] * plugins/sudoers/gram.c, plugins/sudoers/gram.y, plugins/sudoers/toke.c, plugins/sudoers/toke.h, plugins/sudoers/toke.l: Avoid printing the >>> parse error <<< message for testsudoers when the -t flag is specified. [76f3433c8992] 2012-08-22 Todd C. Miller * plugins/sudoers/parse.c: Fix NULL deref when an entry has no Runas_Entry [4b14983ff6e7] * plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po, plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po, plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po, src/po/ja.mo, src/po/ja.po, src/po/pl.mo, src/po/pl.po, src/po/zh_CN.mo, src/po/zh_CN.po: sync with translationproject.org [440e9c9b37de] * NEWS: sync [3142ba2dce60] * plugins/sudoers/check.c: Correct the check_user() comment header. [73da30308fff] * plugins/sudoers/auth/sudo_auth.c: Change a log_fatal() into log_error() when no auth methods are configured. The caller already checks the return value. [05f5c39793a7] * plugins/sudoers/logging.c: Add missing debug_return [3a76bb7c2fe7] 2012-08-21 Todd C. Miller * doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in, doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.mdoc.in, doc/sudoers.cat, doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in, doc/sudoers.ldap.mdoc.in, doc/sudoers.man.in, doc/sudoers.mdoc.in: Make the capitalization consistent for .Ss and .Sx [5c5735ee4b2f] * doc/Makefile.in, doc/fixman.sh, doc/fixmdoc.sh, doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in: Add COMMAND EXECUTION section that describes how sudo runs the command, the extra sudo processes and signal handling. [dff2d88e984e] 2012-08-18 Todd C. Miller * Makefile.in: Happy Easter [4b9d697c6b83] 2012-08-17 Todd C. Miller * compat/Makefile.in: Don't echo the awk command when building siglist.in [21daa72921e6] * doc/fixman.sh, doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in, doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in: Cosmetic changes. [19259528e9ad] * doc/Makefile.in: The HISTORY, LICENSE and CONTRIBUTORS files are not longer generated. [ea6ac9e981e6] * MANIFEST, plugins/sudoers/po/da.po, plugins/sudoers/po/fi.po, plugins/sudoers/po/hr.po, plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po, plugins/sudoers/po/sl.po, plugins/sudoers/po/uk.po, src/po/de.mo, src/po/de.po, src/po/fi.po, src/po/hr.po, src/po/it.po, src/po/ru.po, src/po/sl.po, src/po/uk.po, src/po/vi.po: Sync with translationproject.org and add Italian sudoers translation. [9276740aea59] 2012-08-16 Todd C. Miller * doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in: Expand description of fqdn to talk about systems where the hosts file is searched before DNS. [4ee812ca6116] 2012-08-15 Todd C. Miller * doc/Makefile.in: For cat pages there is nothing to make unless DEVEL is set. [fab4a5b68708] * configure, configure.in, doc/Makefile.in: Always use mandoc to format cat pages and remove now-extraneous nroff configure tests. [5747f4ed5762] * pp: sync polypkg from git [89ddf6ea3e3f] * plugins/sudoers/sudoers.c: Use AI_FQDN instead of AI_CANONNAME if available since "canonical" is not always the same as "fully qualified". [7c1d9c098386] 2012-08-14 Todd C. Miller * doc/sudoers.mdoc.in: Fix some typos. Describe error messages not related to policy permissions. [f5ebf9030d85] * plugins/sudoers/defaults.c, plugins/sudoers/defaults.h, plugins/sudoers/visudo.c: Add new check_defaults() function to check (but not update) the Defaults entries. Visudo can now use this instead of update_defaults to check all the defaults regardless instead of just the global Defaults entries. [3fa879ce1b65] 2012-08-13 Todd C. Miller * doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in: Document sudoers log format. [08998a7061ab] * NEWS: Update for sudo 1.8.5p3 [6e102a5d4e8d] * src/load_plugins.c: Add missing check for I/O plugin API version when checking for the presence of I/O plugin hooks. [ef05c7eeaf81] * src/hooks.c: Can't call debug code in the process_hooks_xxx functions() since ctime() may look up the timezone via the TZ environment variable. [2179fb26bd8e] 2012-08-10 Todd C. Miller * src/exec_common.c, src/sesh.c, src/utmp.c: Include signal.h before sudo_exec.h since it uses sigset_t * in the fork_pty prototype. [94fc0d859600] * doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in, doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in, doc/visudo.cat, doc/visudo.man.in, doc/visudo.mdoc.in: Remove OPTIONS section; options now go inside DESCRIPTION [a619fc58a746] * plugins/sudoers/po/sudoers.pot, src/po/sudo.pot: regen [44719d80bc06] * MANIFEST, NEWS, plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po, plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po, plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po, plugins/sudoers/po/hr.mo, plugins/sudoers/po/hr.po, plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po, plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po, plugins/sudoers/po/sl.mo, plugins/sudoers/po/sl.po, plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po, plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po, src/po/da.mo, src/po/da.po, src/po/hr.mo, src/po/hr.po, src/po/sl.mo, src/po/sl.po, src/po/vi.mo, src/po/vi.po: Sync with translationproject.org and add new Slovenian translation. [34b4b966bbac] * common/alloc.c, plugins/sudoers/check.c, plugins/sudoers/env.c, plugins/sudoers/linux_audit.c, plugins/sudoers/sudoers.c, plugins/sudoers/testsudoers.c: Reduce the number of "internal error, foo overflow" messages that need to be translated. [93ffa2b3d53f] * NEWS: Mention HP-UX reboot fix. [1e39b5aa32ac] * INSTALL, NEWS, common/sudo_debug.c, configure, configure.in, doc/CONTRIBUTORS, include/sudo_debug.h, mkdep.pl, pathnames.h.in, plugins/sudoers/Makefile.in, plugins/sudoers/sssd.c, plugins/sudoers/sudo_nss.c, plugins/sudoers/sudoers.c: Support for using SSSD (http://fedorahosted.org/sssd/) as a sudoers data source. From Daniel Kopecek and Pavel Brezina. [3f85e95d6928] 2012-08-09 Todd C. Miller * common/sudo_conf.c, src/load_plugins.c: If sudo.conf contains an I/O plugin but no policy plugin, use sudoers for the policy plugin. If a policy plugin is specified without an I/O plugin, only the policy plugin will be loaded. [ea192df2439d] * doc/Makefile.in, doc/sudoers.man.in: Do not modify the .Os section when building the .man.in file from .mdoc.in. [a9f9628e147f] * doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in: Add a note about wildcards matching multiple words and include an example. Also mention that for sudoedit, a wildcard in command line args does not match a slash. [fcb9fbac14e0] 2012-08-07 Todd C. Miller * src/exec_pty.c, src/sudo_exec.h: Fix a comment, update a variable name in a prototype; all cosmetic. [e89f10cbd6e1] * plugins/sudoers/iolog.c: Cast 2nd argument of lseek() to off_t if it is a constant for systems with 64-bit off_t but without a proper lseek() prototype. [d8779da135d0] * compat/getline.c, plugins/sudoers/check.c, plugins/sudoers/env.c, plugins/sudoers/gram.c, plugins/sudoers/gram.y, plugins/sudoers/visudo.c: Fix some warnings from clang checker-267 [1e44ef7860b5] * plugins/sample/sample_plugin.c: Fix memory leak found by clang checker-267 [f8a43617fdfb] 2012-08-06 Todd C. Miller * src/exec.c, src/exec_pty.c, src/sudo.h, src/sudo_exec.h: If we receive a signal from the command we executed, do not forward it back to the command. This fixes a problem with BSD-derived versions of the reboot command which send SIGTERM to all other processes, including the sudo process. Sudo would then deliver SIGTERM to reboot which would die before calling the reboot() system call, effectively leaving the system in single user mode. [4ffab9ab9e98] 2012-08-03 Todd C. Miller * doc/fixman.sh, doc/fixmdoc.sh: Remove section about Solaris 10 on other systems. Add missing sudoers.man.in bit to fixman.sh. [176559199ba7] 2012-08-02 Todd C. Miller * doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in: Expand section on Solaris privileges. [3a1bfa2f1743] * NEWS: Expand a bit on the Solaris priv set changes. [bffb78b4a520] * plugins/sudoers/gram.c, plugins/sudoers/gram.y, plugins/sudoers/parse.c, plugins/sudoers/parse.h, plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c: The second argument to init_parser() is now bool. [fb727a4fb651] * plugins/sudoers/gram.c, plugins/sudoers/gram.y: Fix printing of parse error message to stderr. [dea6b420b84f] * plugins/sudoers/check.c, plugins/sudoers/defaults.c, plugins/sudoers/match.c, plugins/sudoers/parse.c, plugins/sudoers/parse.h, plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h, plugins/sudoers/testsudoers.c: If a command matches using an empty Runas_List (i.e. Runas_List is present but empty) and the -u option was not specified, set runas_pw to user_pw instead of using runas_default. This is intended to be used in conjunction with the Solaris Privilege Set support for rules that grant privileges without changing the user. [e84a081f3c11] * doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in, plugins/sudoers/gram.c, plugins/sudoers/gram.h, plugins/sudoers/gram.y, plugins/sudoers/match.c, plugins/sudoers/parse.c, plugins/sudoers/sudoers_version.h: Add support for parsing an empty Runas_List, which only allows the command to be run as the invoking user. This can be used in conjunction with the Solaris Privilege Set support to grant privileges without changing the user. [dc34373792fc] 2012-08-01 Todd C. Miller * doc/fixman.sh: Fix HP-UX, just use ".TH name section" like the vendor manuals. [559738237c92] * plugins/sudoers/toke.c, plugins/sudoers/toke.l: Fix compilation on Solaris [2d310302207c] * .hgignore, MANIFEST, doc/Makefile.in, doc/fixman.sh, doc/fixmdoc.sh, doc/sudo.man.sh, doc/sudo.mdoc.sh, doc/sudoers.man.sh, doc/sudoers.mdoc.sh: Generate a sed script file when munging *.mdoc or *.man instead of passing sed expressions on the command line. Older seds do not support \n in a replacement so generate and run a sed script instead. [0bcce3f1ca18] * doc/Makefile.in, doc/sudo.man.in, doc/sudo_plugin.man.in, doc/sudoers.ldap.man.in, doc/sudoers.man.in, doc/sudoreplay.man.in, doc/visudo.man.in: Use "Sudo VERSION" as the 4th arg to .TH instead of just "VERSION" [fe0f10b63776] 2012-07-31 Todd C. Miller * src/exec.c: When checking whether a signal is user-generated, compare si_code against SI_USER instead of <= 0 since on HP-UX, terminal-related signals get a code of 0. [4e9021243343] * src/sudo.c: SuSE Enterprise Linux uses RLIMIT_NPROC and _SC_CHILD_MAX interchangably. This causes problems when setting RLIMIT_NPROC to RLIM_INFINITY due to a bug in bash where bash tries to honor the value of _SC_CHILD_MAX but treats a value of -1 as an error, and uses a default value of 32 instead. Previously, we just checked RLIMIT_NPROC and, if it was unlimited, restored the previous value of RLIMIT_NPROC. However, that makes it impossible to set nproc to unlimited. We now only restore the nproc resource limit if sysconf(_SC_CHILD_MAX) is negative. In most cases, pam_limits will set RLIMIT_NPROC for us. [cb71cc8d0b08] 2012-07-30 Todd C. Miller * plugins/sudoers/ldap.c: Active Directory apparently requires that tenths of a second be present in a date so append .0 to the "now" value in the time filter. Also remove space for the global AND from TIMEFILTER_LENGTH since it was not being used consistently. Buffers of TIMEFILTER_LENGTH now need to account for the terminating NUL byte. [d28619ff6e45] * plugins/sudoers/toke.c, plugins/sudoers/toke.l: Fix SELinux build [cc0d1f4e851b] 2012-07-29 Todd C. Miller * MANIFEST: Remove pod versinons of HISTORY, CONTRIBUTORS and LICENSE as they were not being kept in sync. [fc3ad1847cb1] * doc/HISTORY, doc/Makefile.in, doc/contributors.pod, doc/history.pod, doc/license.pod: Remove pod versinons of HISTORY, CONTRIBUTORS and LICENSE as they were not being kept in sync. [950363dffe3a] 2012-07-27 Todd C. Miller * plugins/sudoers/logging.c: Fix printing of the permission denied message to standard error when a user is not allowed to run a command. This got broken by the recent logging changes. [b7af63da3ca1] * plugins/sudoers/sudoers_version.h: Bump grammar version for Solaris privs. [2a2baf024477] * doc/schema.ActiveDirectory: Fix errors introduced when sudoNotBefore, sudoNotAfter and sudoOrder were added. From David Hicks. [3fc432a8edb4] 2012-07-26 Todd C. Miller * plugins/sudoers/Makefile.in: Remove lex.yy.c when building toke.c [72bb9e62b289] * doc/Makefile.in: Fix building docs in a build dir. [7a6f435af022] * doc/sudo.man.pl, doc/sudo.pod, doc/sudo_plugin.pod, doc/sudoers.ldap.pod, doc/sudoers.man.pl, doc/sudoers.pod, doc/sudoreplay.pod, doc/visudo.pod: Remove pod versions of the manual; we now use mdoc. [5c967d2dd5db] * MANIFEST, doc/Makefile.in, doc/sudo.man.sh, doc/sudo.mdoc.sh, doc/sudoers.man.sh, doc/sudoers.mdoc.sh: Add post-processing scripts to strip out login class, BSD auth, SELinux and privilege set bits when they are not supported. [d0d51f72f597] * NEWS, configure.in, doc/CONTRIBUTORS, doc/Makefile.in, doc/contributors.pod, doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.man.pl, doc/sudoers.mdoc.in, doc/sudoers.pod, plugins/sudoers/def_data.c, plugins/sudoers/def_data.h, plugins/sudoers/def_data.in, plugins/sudoers/gram.c, plugins/sudoers/gram.h, plugins/sudoers/gram.y, plugins/sudoers/parse.c, plugins/sudoers/parse.h, plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h, plugins/sudoers/testsudoers.c, plugins/sudoers/toke.c, plugins/sudoers/toke.l, src/sudo.c, src/sudo.h: Merge in Solaris privilege support by Darren Moffat and John Zolnowsky [3aa0a64f2f5c] 2012-07-25 Todd C. Miller * doc/contributors.pod: Sync with CONTRIBUTORS file [9a0852306ad9] * doc/sudo.man.in, doc/sudo_plugin.man.in, doc/sudoers.ldap.man.in, doc/sudoers.man.in, doc/sudoreplay.man.in: Regen .man.in files with my private mandoc. [dc3c9fc449eb] * doc/Makefile.in: add MANDOC variable [35527e66afc5] 2012-07-20 Todd C. Miller * doc/sudo.man.in, doc/sudo_plugin.man.in, doc/sudoers.ldap.man.in, doc/sudoers.man.in, doc/sudoreplay.man.in, doc/visudo.man.in: Regen .man.in files with hacked mandoc to avoid issues with historic nroff. [d45cfa7d665f] 2012-07-19 Todd C. Miller * doc/sudo.mdoc.in, doc/sudoers.mdoc.in: Fix groff warnings. [111d522ca807] * doc/Makefile.in: Fix dependencies for .man.in files. [aefeffe1af2b] * .hgignore: Add doc/*.mdoc to ignore file [1e4de6ef2ad8] * INSTALL, MANIFEST, NEWS, configure, configure.in, doc/Makefile.in, doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in, doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.mdoc.in, doc/sudoers.cat, doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in, doc/sudoers.ldap.mdoc.in, doc/sudoers.man.in, doc/sudoers.mdoc.in, doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in, doc/visudo.cat, doc/visudo.man.in, doc/visudo.mdoc.in: Build .man.in and .cat files from .mdoc.in files. Add new --with-man and --with-mdoc configure options. [c963fd7e8f80] 2012-07-18 Todd C. Miller * doc/sudo.mdoc.in, doc/sudo_plugin.mdoc.in, doc/sudoers.ldap.mdoc.in, doc/sudoers.mdoc.in, doc/sudoreplay.mdoc.in, doc/visudo.mdoc.in: Sudo manuals formatted in mdoc, to replace the pod versions. [e6dca4030451] * doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod, doc/sudoers.cat, doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in, doc/sudoers.ldap.pod, doc/sudoers.man.in, doc/sudoers.pod, doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/sudoreplay.pod, doc/visudo.cat, doc/visudo.man.in, doc/visudo.pod: More minor costmetic fixes. [a7287a68385a] 2012-07-12 Todd C. Miller * doc/sudo.cat, doc/sudo.man.in, doc/sudo.pod: Minor cosmetic fixes. [9c48bdaf3946] 2012-07-11 Todd C. Miller * plugins/sudoers/logging.c, plugins/sudoers/po/sudoers.pot: Use "a password is required" instead of "password required" when the -n flag is used and we need to read a password. [a3c30fc41648] 2012-07-10 Todd C. Miller * NEWS: Mention logging changes. [8238fd6e02e8] * plugins/sudoers/po/sudoers.pot: regen [e2cf634ba63b] * doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.pod: Document that other mail_* flags have precedence over mail_badpass. [9f4cc9188f40] * plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/check.c, plugins/sudoers/logging.c, plugins/sudoers/logging.h, plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h: Move log_denial() calls and logic to log_failure(). Move authentication failure logging to log_auth_failure(). Both of these call audit_failure() for us. This subtly changes logging for commands that are denied by sudoers but where the user failed to enter the correct password. Previously, these would be logged as "N incorrect password attempts" but now are logged as "command not allowed". Fixes bug #563 [cad35f0b3ad7] 2012-07-06 Todd C. Miller * common/aix.c: Do not set a resource limit to zero when we are unable to fetch a value from /etc/security/limits. [62bfb0a7895e] 2012-07-05 Todd C. Miller * sudo.pp: Add "Provides: sudo" to debian sudo-ldap package [beb8afa0beb2] 2012-07-02 Todd C. Miller * configure, configure.in, zlib/Makefile.in: Define NO_VIZ for zlib when gcc doesn't support symbol visibility attributes. [9fdcbf526386] * configure, configure.in: Use the autoconf cache when checking for symbol export control support. [03c2cce8711f] * INSTALL, common/Makefile.in, compat/Makefile.in, configure, configure.in, mkpkg, plugins/sample/Makefile.in, plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in, plugins/system_group/Makefile.in, src/Makefile.in: Add configure check for building PIE executables instead of doing it in mkpkg. [02b5b78ef258] * sudo.pp: MacOS pp backend doesn't like modes longer than 4 characters. [01b49022bf01] 2012-07-01 Todd C. Miller * configure, configure.in: Add -Wc,-fstack-protector to LT_LDFLAGS instead of adding -fstack-protector to LDFLAGS so it doesn't get stripped out. Libtool will strip -fstack-protector from the linker flags and we always link with libtool. [0a0a0250ac2b] 2012-06-29 Todd C. Miller * doc/sudo.cat, doc/sudo.man.in, doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudoers.cat, doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in, doc/sudoers.man.in, doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/visudo.cat, doc/visudo.man.in: Regen for sudo 1.8.6 [1657ee28b496] * NEWS, doc/sudoers.ldap.pod: Document improved Tivoli Directory Server support. [fb411edf4687] * config.h.in, configure, configure.in, plugins/sudoers/ldap.c: Add support for ldaps using Tivoli LDAP libraries. Add ldap.conf option to specify Tivoli key db password. Allow TLS ciphers to be configured for Tivoli. [737e17c91e60] 2012-06-28 Todd C. Miller * plugins/sudoers/ldap.c: Tivoli Directory Server 6.3 libs always return a (bogus) error when setting LDAP_OPT_CONNECT_TIMEOUT. [504406637c38] * NEWS: Update [687a755604e8] * plugins/sudoers/ldap.c: Treat LDAP_OPT_CONNECT_TIMEOUT (Tivoli Directory Server 6.3) the same as LDAP_OPT_CONNECT_TIMEOUT (OpenSSH). Don't make failure to a set an ldap option fatal. [17cf93ae3304] 2012-06-27 Todd C. Miller * plugins/sudoers/sudoers.c: Zero pointers in sudo_user struct after freeing, just in case. [8eff1f80b943] * plugins/sudoers/sudoers.c: Free user_gids in close function if it has not already been freed. [cbce28877f37] * plugins/sudoers/pwutil.c, plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h: Defer group ID to name resolution until we actually need it. [463e75b81e89] * src/sudo.c: It is safe to read in sudo.conf before calling user_info(). [3290b6434e3c] * plugins/sudoers/env.c, plugins/sudoers/ldap.c: Use MAX_UID_T_LEN + 1 for uid/gid buffers, not MAX_UID_T_LEN to prevent potential truncation. Bug #562. [29d9fc4e0c4e] 2012-06-25 Todd C. Miller * sudo.pp: If installing with installp, error out if there is already an instance of the rpm package installed. [ec24c6faba22] * mkpkg: Add --disable-nls for AIX [192ac2f7d65e] 2012-06-22 Todd C. Miller * sudo.pp: Debian sudo-ldap packages should now depend on libldap-2.4-2, not libldap2. [cbcec71e6b58] 2012-06-21 Todd C. Miller * sudo.pp: Add Homepage and Bugs to debian control file. [0f19d7d14e66] 2012-06-20 Todd C. Miller * mkpkg: fix typo when setting aix_freeware [2fd6feb50195] * common/Makefile.in, compat/Makefile.in, configure, configure.in, doc/Makefile.in, include/Makefile.in, plugins/sample/Makefile.in, plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in, plugins/system_group/Makefile.in, src/Makefile.in, zlib/Makefile.in: Don't run regress tests or sudoers sanity check (using the newly- built visudo) when cross compiling. Bug #560 [0c4e3f68b2f5] * MANIFEST, configure, configure.in, plugins/sample/Makefile.in, plugins/sample/sample_plugin.exp, plugins/sample/sample_plugin.map, plugins/sample/sample_plugin.sym, plugins/sample_group/Makefile.in, plugins/sample_group/sample_group.exp, plugins/sample_group/sample_group.map, plugins/sample_group/sample_group.sym, plugins/sudoers/Makefile.in, plugins/sudoers/sudoers.exp, plugins/sudoers/sudoers.map, plugins/sudoers/sudoers.sym, plugins/system_group/Makefile.in, plugins/system_group/system_group.exp, plugins/system_group/system_group.map, plugins/system_group/system_group.sym: Rename foo.sym -> foo.exp Remove foo.map from the repo and generate it on demand Use a loader option file for HP-UX ld to explicitly export symbols [2402ff5302ab] * src/Makefile.in: Remove extraneous backslash [8ca054de138c] * plugins/sudoers/regress/check_symbols/check_symbols.c: Don't check for errorx as an exported symbols as it is now a macro. Check for user_in_group() instead. [7b02c8ecd3ea] 2012-06-19 Todd C. Miller * configure, configure.in: Adjust ld map file support to use an anonymous scope to match the updated .map files. [49be44282d9e] 2012-06-18 Todd C. Miller * config.h.in, configure, configure.in, include/gettext.h: Older versions of Solaris lack ngettext() [028af10dfa5f] * configure, configure.in: Move the check for -static-libgcc until after AC_LANG_WERROR has been called and use AX_CHECK_COMPILE_FLAG(). [a7b09120e7ff] * include/gettext.h: Sudo defines HAVE_SETLOCALE not HAVE_LOCALE_H [3aa2780d4a4e] * include/error.h, include/sudo_debug.h: Fix gcc 2.x variant macro support. [8e71c2370997] * plugins/sudoers/logging.c, plugins/sudoers/sudoreplay.c: Fix compilation on gcc 2.95 and other compilers that only allow variable declarations at the beginning of a block. [9d80c802bb46] * configure, configure.in, plugins/sudoers/Makefile.in: Link check_symbols with SUDO_LIBS to make sure we link with the requisite libraries to successfully dlopen sudoers.so. This is needed on HP-UX where a program dlopen()ing a shared object that uses pthreads must also be linked with pthreads (and HP-UX LDAP uses pthreads). [b8961cd82337] * plugins/sudoers/regress/check_symbols/check_symbols.c: Add check for exported local symbols. This will cause a "make check" failure on systems where we don't support symbol hiding. [8aa549389bb1] * configure, configure.in: Additional ${foo} -> $(foo) Makefile tweaks. [046bbde18f52] * plugins/sample/sample_plugin.map, plugins/sample_group/sample_group.map, plugins/sudoers/sudoers.map, plugins/system_group/system_group.map: No need to provide a name for the scope in the map file since we don't use the it for versioning. [5ed4b997560d] 2012-06-17 Todd C. Miller * MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/regress/check_symbols/check_symbols.c: Add regress test for symbol visibility. [9adddd4e0518] 2012-06-15 Todd C. Miller * NEWS, configure, configure.in: sudo 1.8.6 [57008a7afb77] * configure, configure.in, include/missing.h: Add support for controlling symbol visibility using the HP and Solaris C compilers. [46d5b468979e] * plugins/sudoers/iolog.c, plugins/sudoers/iolog_path.c, plugins/sudoers/regress/iolog_path/check_iolog_path.c, plugins/sudoers/sudoers.h: Use the expanded io log dir when updating the sequence number. Includes a workaround for older versions of sudo where the sequence number was stored in the unexpanded io log dir. [210797dab9a8] 2012-06-14 Todd C. Miller * src/parse_args.c: Simplify "sudo -s" argv rewriting. [7be143dae7c5] * MANIFEST, configure, configure.in, plugins/sample/Makefile.in, plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in, plugins/system_group/Makefile.in, src/Makefile.in, src/sudo_noexec.map: Don't use a map file for sudo_noexec.so since Solaris ld doesn't allow '*' in the global section. The libtool export flag is now added to LT_LDFLAGS instead of commenting/uncommenting lines. [38fc37a66b04] 2012-06-13 Todd C. Miller * config.h.in, configure, configure.in, include/missing.h: The visibility attribute was actually added in gcc 3.3.x, not 4.0. Just assume that if -fvisibility=hidden works that the attribute is usable. [d3904d6faf14] * plugins/sudoers/check.c, plugins/sudoers/iolog.c, plugins/sudoers/iolog_path.c, plugins/sudoers/ldap.c, plugins/sudoers/match.c, plugins/sudoers/pwutil.c, plugins/sudoers/set_perms.c, plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h, plugins/sudoers/sudoers.map, plugins/sudoers/sudoers.sym, plugins/sudoers/testsudoers.c, plugins/system_group/system_group.c: Export group cache from sudoers.so for system_group.so to use. [16695d207fc5] * MANIFEST, configure, configure.in, include/missing.h, plugins/sample/Makefile.in, plugins/sample/sample_plugin.map, plugins/sample_group/Makefile.in, plugins/sample_group/sample_group.map, plugins/sudoers/Makefile.in, plugins/sudoers/iolog.c, plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.map, plugins/system_group/Makefile.in, plugins/system_group/system_group.map, src/sudo_noexec.c, src/sudo_noexec.map: Use gcc's visibility attribute to specify when symbols are visible or hidden, if available. If not available, use an ELF version script if it is supported. If all else fails, fall back to using libtool's -export-symbols. [64e889921727] 2012-06-12 Todd C. Miller * sudo.pp: Add mode for installed locale files but leave the directories with default mode and owner. [142237dbb31f] 2012-06-11 Todd C. Miller * mkpkg, sudo.pp: Install AIX packages under /opt/freeware with links in /usr/bin and /usr/sbin. This matches the layout of the sudo package from AIX freeware. [0b79d47bbe01] * Makefile.in, configure, configure.in, plugins/sample/Makefile.in, plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in, plugins/system_group/Makefile.in, src/Makefile.in, sudo.pp: Install shared objects with mode 0644 except on HP-UX which needs the executable bit set. [ae416af0ba6c] * Makefile.in, doc/Makefile.in, include/Makefile.in, plugins/sudoers/Makefile.in, src/Makefile.in: Make installed file modes consistent with the file modes in the sudo package. [307386373289] 2012-06-08 Todd C. Miller * doc/sudoers.pod: Add "%:" prefix when talking about QAS non-Unix group support. [7cb25f6861f8] * pp, sudo.pp: Fix packaging of symbolic links on HP-UX when the link source already exists in the filesystem. [c9bb48031596] * mkpkg: Only specify prefix if we are overriding the default value. Fixes the man dir (/usr/local/man vs. /usr/local/share/man). [65351b6c1697] * sudo.pp: Fix setting of sudoedit_man variable. [9beed9ae5bba] * doc/Makefile.in: Echo the command when linking the sudoedit manual. [6c83b5657b55] 2012-06-07 Todd C. Miller * mkpkg, sudo.pp: Build .deb packages with selinux support. [3fd9cb1b4526] 2012-06-04 Todd C. Miller * sudo.pp: Don't list paths for unstripped binaries in the lintial overrides. [4c8e16f1773b] * pp: Add support for Installed-Size header in control file, required by newer debian versions. [e97d76234bee] * pp: Fix extended description in .deb files. [d35e27ace146] * sudo.pp: Add Depends, Replaces and Conflicts headers for .deb packages. [76eb6c4b3278] 2012-06-01 Todd C. Miller * plugins/sudoers/sudo_nss.c: If there are no privs to print, write the message to the lbuf instead of printing it directly. [ecd56226abb7] 2012-05-31 Todd C. Miller * sudo.pp: Set -e in %pos and %preun for debian to quiet a lintian warning. [8bb908514df9] * doc/Makefile.in, src/Makefile.in, sudo.pp: Install sudoedit and the sudoedit manual as symbolic links, not hard links and package them as such. [f317ff3cf3e7] * sudo.pp: Make sudo binary permissions 755 instead of 111 Add lintian overrides file for .deb files. [991cd7d7f0e1] * configure, configure.in, doc/Makefile.in, mkpkg: Replace out of date MAN_POSTINSTALL with MANCOMPRESS and MANCOMPRESSEXT which can be used to compress the installed manual pages. Compress the man pages for .deb files to appease lintian. [4e34083b41d2] * sudo.pp: Debian fixes: * fix modes to be more in line with what Debian expects * add section * install LICENSE as copyright and ChangeLog as changelog * create stub changelog.debian [7f6c5647f588] * pp: Fix find command to properly skip files in the DEBIAN dir when building md5sums. [8918bde941fa] * pp, sudo.pp: Use a debian-compliant package maintainer field. [fc51a94170eb] 2012-05-30 Todd C. Miller * plugins/sudoers/sudoreplay.c: No need to loop over atomic_writev(), it guarantees to write all data or return an error. Fix handling of stdout/stderr that contains "\r\n" and handle a "\r\n" pair that spans a buffer. [8aaf02d90c45] 2012-05-29 Todd C. Miller * NEWS: Update for sudo 1.8.5p2 [d369d4d40a19] * plugins/sudoers/sudoreplay.c: Instead of doing extra write()s when replaying stdout, build up a vector for writev() instead. This results in far fewer system calls. [303d866c025c] 2012-05-27 Todd C. Miller * src/env_hooks.c, src/sudo.h, src/tgetpass.c: Provide unhooked version of getenv() and use it when looking up DISPLAY and SUDO_ASKPASS in the environment. [04dbdccf4a14] 2012-05-25 Todd C. Miller * plugins/sudoers/sudoreplay.c: When replaying a log of stdout or stderr, do newline to carriage return + linefeed conversion. We cannot have termios do this for us since we've disabled output postprocessing (POST) when setting raw mode. [61352a7d996f] 2012-05-24 Todd C. Miller * configure, configure.in: When checking for -fstack-protector, treat warnings as fatal errors. [4124cd12d511] 2012-05-22 Todd C. Miller * configure, configure.in: Fix test for -z relro [548bdb6f5c4a] * MANIFEST: Add m4/ax_check_compile_flag.m4 and m4/ax_check_link_flag.m4 [ed063264a2a1] * INSTALL, aclocal.m4, configure, configure.in, m4/ax_check_compile_flag.m4, m4/ax_check_link_flag.m4: Build with -fstack-protector and link with -zrelo where supported. Added --disable-hardening option to disable hardening options. [0b6c1a1ceb03] 2012-05-21 Todd C. Miller * plugins/sudoers/Makefile.in, plugins/sudoers/regress/testsudoers/test1.sh, plugins/sudoers/regress/testsudoers/test2.sh, plugins/sudoers/regress/testsudoers/test3.sh, plugins/sudoers/regress/testsudoers/test4.out.ok, plugins/sudoers/regress/testsudoers/test4.sh, plugins/sudoers/regress/testsudoers/test5.inc, plugins/sudoers/regress/testsudoers/test5.out.ok, plugins/sudoers/regress/testsudoers/test5.sh, plugins/sudoers/testsudoers.c: Add tests for sudoers mode, owner and group checks. [a7607443aba0] * plugins/sudoers/set_perms.c, plugins/sudoers/sudoers.c: If sudoers_mode is group-readable but the actual sudoers file is not, open the file as uid 0, not uid 1. This fixes a problem when sudoers has a more restrictive mode than what sudo expects to find. In older versions, sudo would silently chmod the file to add the group-readable bit. [c056b6003e6f] * INSTALL, common/secure_path.c, config.h.in, configure, configure.in: No longer throw an error if sudoers is a symbolic link. Deprecated the --with-stow option as that is now (effectively) the default. [8ce783e54886] 2012-05-18 Todd C. Miller * plugins/sudoers/Makefile.in, plugins/sudoers/regress/testsudoers/test2.inc, plugins/sudoers/regress/testsudoers/test2.out.ok, plugins/sudoers/regress/testsudoers/test2.sh, plugins/sudoers/regress/testsudoers/test3.d/root, plugins/sudoers/regress/testsudoers/test3.out.ok, plugins/sudoers/regress/testsudoers/test3.sh: Add basic tests for #include and #includedir [b303e4218951] * plugins/sudoers/testsudoers.c: Add -U sudoers_uid option to testsudoers. [3f8ed13501ba] 2012-05-17 Todd C. Miller * NEWS, configure, configure.in: Update for 1.8.5p1 [c33c49bf5b4b] * plugins/sudoers/toke.c, plugins/sudoers/toke.l: Fix #includedir; from Mike Frysinger [d4833d4e39a0] * plugins/sudoers/check.c: Don't prompt for a password if the user is in the exempt group, is root, or is running the command as themselves even if the -k option was specified. This makes "sudo -k command" consistent with the behavior one would get if the user ran "sudo -k" immediately before running the command. [632b3961df00] 2012-05-15 Todd C. Miller * INSTALL: Fix capitalization [7258aa977caf] * mkpkg: Build PIE executable on Mac OS X 10.5 and above. [2a5c7ef92182] 2012-05-14 Todd C. Miller * NEWS: Update for sudo 1.8.4p5 [21164f508b68] * plugins/sudoers/match_addr.c: Add missing break between AF_INET and AF_INET6 in addr_matches_if_netmask() [672a4793931a] * plugins/sudoers/mon_systrace.c: Move systrace monitor code to the attic [d6faf4754e9c] 2012-05-11 Todd C. Miller * src/exec.c: The pointer to the siginfo_t struct in a signal handler may be NULL. [41a4ee934b53] 2012-05-10 Todd C. Miller * plugins/sudoers/pwutil.c: Fix an alignment problem on NetBSD systems with a 64-bit time_t and strict alignment. Based on a patch from Martin Husemann. [1e5ba3c18f17] * include/missing.h: Add offsetof macro for those without it. [e44cb51d2587] * MANIFEST: add system_group plugin [6169793b510c] 2012-05-09 Todd C. Miller * compat/dlopen.c: Implement RTLD_NEXT and fix RTLD_DEFAULT for HP-UX. [85bd03bc5d94] 2012-05-08 Todd C. Miller * NEWS: Mention system_group plugin [05393dd4bdb8] * Makefile.in, plugins/sudoers/Makefile.in, plugins/system_group/Makefile.in: update depends [6feb0b824fc4] * plugins/system_group/system_group.c: Only call gr_delref() when use sudo's password caching functions. [1103442e21fa] * plugins/sample_group/Makefile.in, plugins/system_group/Makefile.in: Add missing dependency on libreplace.la [05bfd9d4657f] * compat/dlopen.c: Emulate RTLD_DEFAULT and RTLD_SELF w/ shl_findsym() using NULL and PROG_HANDLE. [2382d0693acc] * Makefile.in, configure, configure.in, plugins/system_group/Makefile.in, plugins/system_group/system_group.c, plugins/system_group/system_group.sym: Add group plugin that does lookups by name using the system group database. [2ddbb604112f] * plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po, src/po/pl.mo, src/po/pl.po: sync with translationproject.org [4ef05df4226d] 2012-05-03 Todd C. Miller * plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po, plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po, plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po, plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po, plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po, src/po/de.mo, src/po/de.po, src/po/eo.mo, src/po/eo.po, src/po/fi.mo, src/po/fi.po, src/po/ja.mo, src/po/ja.po, src/po/ru.mo, src/po/ru.po, src/po/sr.mo, src/po/sr.po, src/po/uk.mo, src/po/uk.po, src/po/vi.mo, src/po/vi.po, src/po/zh_CN.mo, src/po/zh_CN.po: sync with translationproject.org [115c3f828fc5] 2012-05-01 Todd C. Miller * sudo.pp: Add mode for docdir and use '-' (default) for localedir mode. Fixes a problem on Linux when building in a directory with the setgid bit set. [582279c8bcb1] 2012-04-30 Todd C. Miller * pp: Match CentOS 6.0 [1e99ef210f98] 2012-04-24 Todd C. Miller * NEWS: Update with recent changes [c5fc220ba696] * pp: Fix version check on AIX [d272e39112f4] * plugins/sudoers/po/sudoers.pot, src/po/sudo.pot: regen [72b23509465a] * plugins/sudoers/ldap.c: Need to call ldapssl_clientauth_init() for start_tls on Mozilla LDAP SDK. [87b685e70b9a] * plugins/sudoers/ldap.c: Fix printing of invalid uri [645aa53acdde] * plugins/sudoers/auth/pam.c: Pass PAM_SILENT when deleting creds to remove an annoying warning message on Solaris. [1dd0301ef293] 2012-04-23 Todd C. Miller * src/utmp.c: Fix the setutxent and endutxent compatibility defines (this time correctly) when only setutent and endutent are available. [d136d2867db9] * plugins/sudoers/ldap.c: sudo_ldap_set_options_global() should not take an LDAP handle as an argument since the options affect the global settings. [1dc39b9d20f2] * mkpkg: Debian sudo has not been built with --with-exempt=sudo since 1.6.8. [c7716291a856] * doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod, plugins/sudoers/auth/pam.c, src/exec.c, src/exec_pty.c, src/sudo.c, src/sudo.h: Call the policy's init_session() function before we fork the child. That way, the session is created and destroyed in the same process, which is needed by some modules, such as pam_mount. [ece552ba002e] * doc/TROUBLESHOOTING: Add entry for SSL LDAP errors on Mozilla SDKs when the cert dir is not specified. [bd293e100b28] * plugins/sudoers/auth/pam.c: Delete creds after closing the PAM session. [5158d726d6a5] * plugins/sudoers/ldap.c: Provide a more useful error message if using a Mozilla-style LDAP SDK and you forgot to specify TLS_CERT in ldap.conf. [7cb78feb899c] * src/exec_pty.c: Add missing initialization of a sigaction structure when I/O logging. Fixes a potential problem when suspending the command. [f4480f2ba816] * plugins/sudoers/ldap.c: Split global and per-connection LDAP options into separate arrays. Set global LDAP options before calling ldap_initialize() or ldap_init(). After we have an LDAP handle, set the per-connection options. Fixes a problem with OpenLDAP using the nss crypto backend; bug #342 [265c9d2dc12b] * plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po, plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po, plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po, plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po, plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po, src/po/de.mo, src/po/de.po, src/po/hr.mo, src/po/hr.po, src/po/vi.mo, src/po/vi.po, src/po/zh_CN.mo, src/po/zh_CN.po: sync with translationproject.org [6d7fe44be21e] 2012-04-21 Todd C. Miller * src/sudo.c, src/sudo.h: Move struct passwd pointer into struct command details. [d6fb1eff2065] 2012-04-20 Todd C. Miller * pp: Sync with upstream for Mac OS X (and other) fixes. [c2f4998d01b0] * mkpkg: Only built Mac intel universal binary on an intel machine. [0009e0b7e5a8] * src/Makefile.in: Do not pass libtool the -static-libtool-libs option when building sudo and sesh. Otherwise, libtool may prefer a static version of an installed library over a dynamic one when linking. [6fbac9adc885] 2012-04-19 Todd C. Miller * MANIFEST, NEWS, doc/CONTRIBUTORS, plugins/sudoers/po/hr.mo, plugins/sudoers/po/hr.po, src/po/de.mo, src/po/de.po: Add German translation for sudo Add Croatian translation for sudoers [fa4da1a6530c] * plugins/sudoers/iolog.c: typo fix in comment [abd721d1288e] 2012-04-16 Todd C. Miller * NEWS: Update with recent changes [6fa11e8448b9] * Makefile.in, plugins/sudoers/po/sudoers.pot, src/po/sudo.pot: Sort xgettext output by file name. [f650841810f0] * doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/sudoreplay.pod: Clarify what "sudoreplay -l" displays and mention that it is sorted. [84031c117bd6] * config.h.in, configure, configure.in, src/ttyname.c: Use AC_HEADER_MAJOR to determine where major/minor are defined. [3c949650a223] * config.h.in, configure, configure.in, src/ttyname.c: Include sys/mkdev.h if present instead of sys/sysmacros.h for minor(). This is needed on Solaris (at least) where the makedev macros in sysmacros.h are obsolete and library functions should be used instead. [343928acf81e] * mkpkg: When building on Mac OS X, only set SDK_FLAGS if specified osversion doesn't match host. [d84c6efac872] 2012-04-15 Todd C. Miller * src/ttyname.c: Add back buf and tty variables for _ttyname() case that were inadvertantly removed. [a4a820b22a44] 2012-04-13 Todd C. Miller * plugins/sudoers/po/sudoers.pot: regen [5446b12c1250] * configure, configure.in: Remove b8 from version number. [5adc4dcec061] * src/ttyname.c: remove some XXX [187579a5f593] * src/ttyname.c: When looking for a device match, do a breadth-first search instead of depth-first. We already special case /dev/pts/ so chances are good that if it is not a pseudo-tty it is in the base of /dev/. Also avoid a stat(2) when possible if struct dirent has d_type. [0183f8a1b278] * doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod, src/sudo.c, src/sudo.h: Pass pid, ppid, sid, pgid and tcpgid to plugin in user_info list. [f0574d878491] * src/po/eo.mo, src/po/es.mo, src/po/es.po, src/po/fi.mo, src/po/ja.mo, src/po/pl.mo, src/po/ru.mo, src/po/uk.mo, src/po/vi.mo: sync with translationproject.org [4527ea78fbd5] * MANIFEST, NEWS, doc/CONTRIBUTORS, src/po/gl.mo, src/po/gl.po, src/po/hr.mo, src/po/hr.po: New Croatian and Galician translations from translationproject.org [ad4bd924b4de] * src/ttyname.c: Add depth-first traversal of /dev/ for the /proc case when not /dev/pts/N [499bd3456774] * config.h.in, configure, configure.in, plugins/sudoers/sudoreplay.c: If struct dirent has d_type, use it to avoid an extra stat(). [741dabbe4bcd] * plugins/sudoers/sudoreplay.c: Sort output of "sudoreplay -l" [c0615795bd4b] 2012-04-12 Todd C. Miller * plugins/sudoers/sudoreplay.c: Fix duplicate free introduced in last rev [efdaabe69d75] 2012-04-11 Todd C. Miller * plugins/sudoers/auth/pam.c: Instead of treating ^C from tgetpass() specially, always return AUTH_INTR if tgetpass() returned NULL. Treat PAM_AUTHINFO_UNAVAIL like PAM_AUTH_ERR which Mac OS X returns this when there is no tty. [a3b17298d4d0] * config.h.in, configure, configure.in, src/ttyname.c: Rototill code to determine the tty. For Linux, we now look up the tty device in /proc/pid/stat instead of trying to open /proc/pid/fd/[0-2]. The sudo_ttyname_dev() function maps the given device number to a string. On BSD, we can use devname(). On Solaris, _ttyname_dev() does what we want. TODO: write /dev/ traversal code for the generic sudo_ttyname_dev(). [6b22be4d09f0] 2012-04-10 Todd C. Miller * src/ttyname.c: Define PRNODEV for those w/o it. [f17290e64559] * config.h.in, configure, configure.in, src/ttyname.c: Check for SVR4-style struct psinfo.pr_ttydev and use that to determine the tty if std{in,out,err} are not ttys. [76ad33a91f4b] * src/ttyname.c: Better support for SVR4-style /proc entries where we can't use ttyname() on the /proc/pid/fd/[0-2] entries. We can, however, attempt to map the device number back to the correct pseudo-tty slave device. [4f9f48cc79eb] * src/ttyname.c: When trying to determine the tty name, check parent's stderr in addition to its stdin and stdout. [604644056c7d] * src/exec_pty.c: Treat a tty read failure like EOF as it usually means the pty has gone away. Handle write() on the tty returning EIO. [16957f4a706f] * src/exec.c, src/exec_pty.c: Linux select() may return ENOMEM if there is a kernel resource shortage. Older Solaris select() may return EIO instead of EBADF when the tty goes away. If we get an unhandled select() failure, kill the child and exit cleanly. [d93940a311ab] * src/ttyname.c: Open /proc/pid/fd/[0-2] in non-blocking mode just in case we might block in open. [a9f809d09d52] 2012-04-09 Todd C. Miller * plugins/sudoers/set_perms.c: Fix restoration of AIX permissions. [30c717115988] * src/parse_args.c: Allow the -k flag to be used along with the -i and -s flags. [0653b17c97f1] * plugins/sudoers/sudoreplay.c: Plug memory leak in parse_logfile() in the error path. [9cce86fa833b] * plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po, src/po/da.mo, src/po/da.po, src/po/eo.po, src/po/es.po, src/po/fi.po, src/po/it.mo, src/po/it.po, src/po/ja.po, src/po/pl.po, src/po/ru.po, src/po/uk.po, src/po/vi.po, src/po/zh_CN.mo, src/po/zh_CN.po: sync with translationproject.org [14af43d0b170] 2012-04-08 Todd C. Miller * compat/regress/glob/globtest.c, config.h.in, configure, configure.in, plugins/sudoers/match.c: Do not use GLOB_BRACE or GLOB_TILDE flags to glob()--we want the glob() and fnmatch() results to be consistent. [4226750d73c2] 2012-04-06 Todd C. Miller * MANIFEST, common/Makefile.in, common/ttysize.c, src/Makefile.in, src/ttysize.c: Move ttysize.c to common so sudoreplay can use it. [b4a0aa514cd4] * plugins/sudoers/sudoreplay.c: If I/O log file includes rows + cols, warn if the user's tty is not big enough. [b980ef89efff] * plugins/sudoers/sudoreplay.c: Fix printing of TSID in "sudoreplay -l" [4221e3e108b4] * common/sudo_debug.c, include/sudo_debug.h, plugins/sudoers/logging.c, plugins/sudoers/visudo.c, src/exec.c, src/exec_pty.c: Log the process id in the debug file output. Since we don't want to keep calling getpid(), stash the value at init time and when we fork(). [2782d30c024d] * src/exec_pty.c: Ignore SIGTTIN and SIGTTOU in main sudo process when I/O logging. It is better to receive EIO from read()/write() than to be suspended when we don't expect it. Fixes a problem when our terminal is revoked which can happen when, e.g. our sshd is killed unceremoniously. Also, only change the value of "alive" from true to false, never from false to true. It is possible for us to receive notification of the child having stopped after it is already dead. This does not mean it has risen from the grave. [26c9fe8ce0f9] * src/exec_pty.c: Distinguish between signals we received from the parent vs. those delivered explicitly to the monitor process in debugging info. [40716cb180e5] 2012-04-05 Todd C. Miller * plugins/sudoers/check.c: In Solaris 11, /dev/pts under the "dev" filesystem, not "devices". Update tty_is_devpts() to match so we can determine when the tty has been reused. [2689665df027] * common/sudo_debug.c, include/error.h, include/sudo_debug.h: Always pass __func__, __FILE__ and __LINE__ in sudo_debug_printf() and use a new flag, SUDO_DEBUG_FILENO to specify when to use it. This allows consumers of sudo_debug_printf() to log that data without having to specify it manually. [7c94c4879208] * src/exec_pty.c: Make this compile after last change. [ee09034f3266] * src/exec_pty.c: Don't try to restore the terminal if we are not the foreground process. Otherwise, we may be stopped by SIGTTOU when we try to update the terminal settings when cleaning up. [c48b24335456] * src/exec.c: If select() return EBADF in the main event loop, one of the ttys must have gone away so perform any I/O we can and close the bad fds. [3bc8678c03ce] * common/sudo_debug.c, include/error.h, include/sudo_debug.h, plugins/sudoers/toke.c, plugins/sudoers/toke.h, plugins/sudoers/toke.l: Log warning() at SUDO_DEBUG_WARN not SUDO_DEBUG_ERROR. Log the function, file and line number in the debug log for warning() and error(). [894cd131f11d] 2012-04-04 Todd C. Miller * common/sudo_debug.c, include/error.h, include/sudo_debug.h, src/conversation.c: Add SUDO_DEBUG_ERRNO flag to debug functions so we can log errno. Use this flag when wrapping error() and warning() so the debug output includes the error string. [1e2c67adaf1f] 2012-03-30 Todd C. Miller * NEWS: Update for sudo 1.8.5 [7d2b62b823fe] * plugins/sudoers/po/sudoers.pot: regen [718ad9de92cd] * doc/CONTRIBUTORS: sync [f48013aea641] * plugins/sudoers/pwutil.c: Use ecalloc() [fabd23c1f271] * src/exec_pty.c: Don't need zero_bytes() after ecalloc() [1a9d95cd10ef] * config.h.in, configure, configure.in, src/sudo_noexec.c: Add execvpe(), exect(), posix_spawn() and posix_spawnp() wrappers to sudo_noexec.c. [cbaa1d4b0f8a] * src/utmp.c: Fix compat setutxent and endutxent macros for systems with setutent() but not setutxent(). From Gustavo Zacarias [d7ce622fc5f2] 2012-03-29 Todd C. Miller * configure.in: Add ignore_result definition to AH_BOTTOM [8d4096838a98] * common/sudo_debug.c, config.h.in, plugins/sample/sample_plugin.c, plugins/sudoers/iolog.c, plugins/sudoers/toke.c, plugins/sudoers/toke.l, plugins/sudoers/visudo.c, src/env_hooks.c, src/exec.c, src/exec_pty.c, src/tgetpass.c: Fix compiler warnings on some platforms and provide a better method of defeating gcc's warn_unused_result attribute. [9a8f804fcc75] * configure, configure.in: Fix building the builtin zlib from a build dir. When a zlib dir was specified, prepend its include path instead of appending so we get the right zlib headers. [5f61d591b186] * doc/LICENSE, zlib/adler32.c, zlib/crc32.c, zlib/crc32.h, zlib/deflate.c, zlib/deflate.h, zlib/gzguts.h, zlib/gzlib.c, zlib/gzread.c, zlib/gzwrite.c, zlib/infback.c, zlib/inffixed.h, zlib/inflate.c, zlib/inftrees.c, zlib/trees.c, zlib/zconf.h.in, zlib/zlib.h, zlib/zutil.c, zlib/zutil.h: Update zlib to version 1.2.6 [173c4bc4d4fc] 2012-03-28 Todd C. Miller * include/missing.h: g/c __unused which is no longer used [7ef3f23edcd6] * src/env_hooks.c: Fix compilation if RTLD_NEXT is not defined. [d5605f468b71] * src/po/sr.mo, src/po/sr.po: sync with translationproject.org [27d559f7985d] * doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudoers.cat, doc/sudoers.man.in: regen [f9f63ce478b6] * plugins/sudoers/po/sudoers.pot, src/po/sudo.pot: regen [59035d82d15a] * Makefile.in: Ignore Project-Id-Version when comparing pot files. [22feb9ede46b] * plugins/sudoers/bsm_audit.c: Use error() instead of log_fatal() [54130bda4b50] * plugins/sudoers/env.c: Fix signedness of didvar in env_update_didvar() [77048a80b3e4] * plugins/sudoers/iolog.c: Quiet a compiler warning on some platforms. [8fdcaece0400] * compat/fnmatch.c: cast ctype(3) function/macro arguments from char to unsigned char to avoid potential negative subscripting. [bdcf7eef21ef] * common/setgroups.c: Quiet a warning on systems where the gids array in setgroups() is not prototyped as being const, even though it really is. [fdd758c6302d] * src/env_hooks.c: Quiet a compiler warning on systems where the argument to putenv(3) is const. [51bae2193b53] * plugins/sudoers/sudoreplay.c: Undo an incorrect int -> bool conversion. [b9a4ce320f14] * MANIFEST, NEWS, plugins/sudoers/po/sv.mo, plugins/sudoers/po/sv.po, src/po/sv.mo, src/po/sv.po: Add Swedish sudo and sudoers translations from translationproject.org [f7ce1de9073f] * plugins/sudoers/env.c: No need to preserve ODMDIR on AIX now that we always read /etc/environment. [4aa04b2f0125] 2012-03-27 Todd C. Miller * doc/sudoers.pod, plugins/sudoers/env.c: When initializing the environment for env_reset, start out with the contents of /etc/environment on AIX and login.conf on BSD. [5717bdc321e2] * doc/TROUBLESHOOTING, src/sudo.c: If we are not running with an effective uid of 0, try to give the user enough information to debug the problem. [fa4894896d8a] * plugins/sudoers/getdate.c, plugins/sudoers/gram.c: Quiet a clang-analyzer false positive. [c4c0c1b9c8b0] * src/tgetpass.c: If there is nothing to read from the askpass program, set errno to EINTR. This makes the cancel button behave like the user entered ^C at the password prompt when PAM is used. [594302cb9caf] * src/sudo.h, src/tgetpass.c: Fetch the value of "askpass" from the sudo conf struct. [4593ee8f1bd3] * common/sudo_conf.c: Fix matching of "Path askpass" and "Path noexec" [4df28d62afb9] 2012-03-26 Todd C. Miller * plugins/sudoers/visudo.c: Quiet a clang-analyzer dead store warning. [dd90bf385a3f] * plugins/sudoers/sudoers.c: If the "timestampowner" user cannot be resolved, use ROOT_UID instead of exiting with a fatal error. [8d62aae99715] * plugins/sudoers/auth/bsdauth.c, plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/pam.c, plugins/sudoers/auth/sia.c, plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/bsm_audit.c, plugins/sudoers/check.c, plugins/sudoers/env.c, plugins/sudoers/iolog.c, plugins/sudoers/logging.c, plugins/sudoers/logging.h, plugins/sudoers/parse.c, plugins/sudoers/set_perms.c, plugins/sudoers/sudoers.c: Remove the NO_EXIT flag to log_error() and add a log_fatal() function that exits and is marked no_return. Fixes false positives from static analyzers and is easier for humans to read too. [a0fe785c2a3d] 2012-03-24 Todd C. Miller * plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po, src/po/eo.mo, src/po/eo.po: sync with translationproject.org [df5e8777de13] 2012-03-20 Todd C. Miller * src/po/da.mo, src/po/da.po: sync with translationproject.org [629d99548b78] * plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po: sync with translationproject.org [9d122a2860d6] 2012-03-19 Todd C. Miller * src/po/it.mo, src/po/it.po: sync with translationproject.org [6397593b15cf] * common/sudo_conf.c, plugins/sudoers/alias.c, plugins/sudoers/defaults.c, plugins/sudoers/env.c, plugins/sudoers/gram.c, plugins/sudoers/gram.y, plugins/sudoers/interfaces.c, plugins/sudoers/ldap.c, plugins/sudoers/sudoers.c, plugins/sudoers/sudoreplay.c, plugins/sudoers/visudo.c, src/exec.c, src/exec_pty.c, src/hooks.c, src/load_plugins.c: Use ecalloc() when allocating structs. [8b5888868db2] * common/alloc.c, include/alloc.h: Add ecalloc() and commented out recalloc(). Use inline strnlen() instead of strlen() in estrndup(). [7fb9aa46c1e0] 2012-03-18 Todd C. Miller * plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po, plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po, plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po, plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po, plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po, src/po/fi.mo, src/po/fi.po, src/po/ja.mo, src/po/ja.po, src/po/pl.mo, src/po/pl.po, src/po/ru.mo, src/po/ru.po, src/po/uk.mo, src/po/uk.po, src/po/vi.mo, src/po/vi.po, src/po/zh_CN.mo, src/po/zh_CN.po: sync with translationproject.org [45a032c37334] 2012-03-16 Todd C. Miller * plugins/sudoers/set_perms.c: Remove unused label [2660bb0c1313] * doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod: Document what changed in each plugin API revision [59b30a6fc4d1] * plugins/sudoers/set_perms.c: Remove bogus optimization that could lead to a double free of the group list. [b0bfbd2a83a8] 2012-03-15 Todd C. Miller * doc/TROUBLESHOOTING: Expand AIX /etc/security/privcmds entry. [9f3f072e034e] * NEWS: Update for sudo 1.8.5 [086049011f25] * common/sudo_conf.c, doc/sample.sudo.conf, doc/sudo.cat, doc/sudo.man.in, doc/sudo.pod, doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod, doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.pod, include/sudo_conf.h, include/sudo_plugin.h, src/load_plugins.c, src/sudo.c, src/sudo_plugin_int.h: Rename plugin "args" to "options" [f25624951bd2] * doc/CONTRIBUTORS: Add Lithuanian and Vietnamese translators [2b4c075b69e3] * Makefile.in: Ignore comments when comparing new and old pot files. [f872999347b3] * src/Makefile.in: regen [c8193b1b11c7] * doc/sudo_plugin.cat, doc/sudo_plugin.man.in: regen [15e3c17e8a3a] * doc/sudo_plugin.pod, include/sudo_plugin.h, plugins/sudoers/auth/pam.c, plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/auth/sudo_auth.h, plugins/sudoers/env.c, plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h, src/hooks.c, src/sudo.c, src/sudo.h: Pass a pointer to user_env in to the init_session policy plugin function so session setup can modify the user environment as needed. For PAM authentication, merge the PAM environment with the user environment at init_session time. We no longer need to swap in the user_env for environ during session init, nor do we need to disable the env hooks at init_session time. [3f5277b359d8] * plugins/sample/sample_plugin.c: Add explicit NULL entries for init_session, register_hooks and deregister_hooks with appropriate comments. [727a57978b40] * compat/pw_dup.c: Quiet a gcc "used uninitialized in this function" false positive. [f14b68379ce9] * plugins/sudoers/toke.c, plugins/sudoers/toke.l: We should always call warning() with a format string or a string literal. In this case, the argument (path) is not user-controlled. [e9ef51224024] 2012-03-14 Todd C. Miller * src/selinux.c: Include sudo_exec.h for the sudo_execve() prototype. [769e58065edc] * config.h.in, configure, configure.in: Add check for pam_getenvlist() [36bde3f26c60] * common/sudo_conf.c: Set args to NULL in default plugin info struct when there is no Plugin line in sudo.conf. [93ec67708f01] * plugins/sudoers/po/sudoers.pot, src/po/sudo.pot: regen [a9287677795c] * doc/sudo.cat, doc/sudo.man.in, doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudoers.cat, doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in, doc/sudoers.man.in, doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/visudo.cat, doc/visudo.man.in: regen [a242769d7962] * configure, configure.in: Bump version to 1.8.5 [e8618f0c2505] * doc/sudo_plugin.pod: Document hooks API [e6ad07d27958] 2012-03-13 Todd C. Miller * sudo.pp: Make sudoersdir relative to PKG_INSTALL_ROOT for Solaris. [fd72340042d3] * include/sudo_plugin.h: Use sudo_hook_fn_t in struct sudo_hook. [938f93112d6e] * doc/TROUBLESHOOTING: If cross compiling, --host must include the OS in the tuple. E.g. --host powerpc-unknown-linux [b8c010070c1e] 2012-03-12 Todd C. Miller * plugins/sudoers/parse.c: Fix bogus int -> bool conversion; tags can have a value of -1. [e63d6434a303] * plugins/sudoers/env.c: Add env_should_keep() and env_should_delete() wrapper functions to simplify things a bit and hide the fact that matches_env_check() is not bool. [7a03d7a12b50] * sudo.pp: Fix application of debian-specific sudoers mods when building packages as non-root. [34bf4c52c425] * plugins/sudoers/env.c: matches_env_check() returns int, not boolean [0ad915b8d5cb] * src/sudo_edit.c: Fix compilation when seteuid() is not available. [8a722f998000] * src/ttyname.c: Simply move the free of ki_proc outside the realloc() loop. [217b786da760] * src/ttyname.c: Bring back the erealloc() for the ENOMEM loop and just zero the pointer after we free it. [29a016e45127] * src/ttyname.c: Don't try to erealloc() a potentially freed pointer; Mateusz Guzik [266e08844065] 2012-03-10 Todd C. Miller * plugins/sudoers/set_perms.c: Use normal error path if unable to set sudoers gid. [01c816918c99] * plugins/sudoers/set_perms.c: Make this work again on systems w/o seteuid(). [2e67f7421e97] 2012-03-09 Todd C. Miller * plugins/sudoers/set_perms.c: Fix compilation if no seteuid/setreuid/setresuid available. [d0b3c1f88eb4] * plugins/sudoers/set_perms.c: Better error messages, and added debugging throughout. Fixed seteuid() version of set_perms()/restore_perms(). Fixed logic bug in AIX version of restore_perms(). Added checks to avoid changing uid/gid when we don't have to. Never set gid/uid state to -1, use the old value instead. [29188d469b5c] * src/exec_pty.c, src/ttyname.c: Fix format string warning on Solaris with gcc 3.4.3. [d1eeb6e1dd0f] * src/sudo.c: Always declare environ now that we swap it around unilaterally. [aaa3e92e7d0d] * src/Makefile.in: Honor LDFLAGS when linking sesh; from Vita Cizek [498b41438f6e] * src/sesh.c: Include alloc.h for estrdup() prototype; from Vita Cizek [93203655a320] 2012-03-08 Todd C. Miller * plugins/sudoers/sudoers.c: Don't read /etc/environment on Linux when using PAM, PAM should set the environment variables as needed via pam_env. [b1ef62cb2d40] * INSTALL: Fix editor goof. [0c3dd3bb8b57] * src/hooks.c, src/sudo.c, src/sudo.h: Disable environment hooks after we get user_env back to make sure a plugin can't to modify user_env after we "own" it. This is kind of a hack but we don't want the init_session plugin function to modify user_env. [8e6d119452a5] * src/hooks.c, src/sudo.c: Add support for deregistering hooks. If an I/O log plugin fails to initialize, deregister its hooks (if any). [ac00c93900c5] 2012-03-07 Todd C. Miller * plugins/sudoers/sudoers.c, src/sudo.c: Move LOGIN_PATH and LOGIN_SETENV handling to plugin now that we hook setenv. [e75469dd9908] * MANIFEST, aclocal.m4, common/sudo_debug.c, compat/Makefile.in, compat/setenv.c, compat/unsetenv.c, config.h.in, configure, configure.in, include/sudo_debug.h, include/sudo_plugin.h, mkdep.pl, plugins/sudoers/auth/aix_auth.c, plugins/sudoers/env.c, plugins/sudoers/ldap.c, plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h, src/Makefile.in, src/env_hooks.c, src/hooks.c, src/load_plugins.c, src/sudo.c, src/sudo.h, src/sudo_plugin_int.h: Initial cut at a hooks implementation. The plugin can register hooks for getenv, putenv, setenv and unsetenv. This makes it possible for the plugin to trap changes to the environment made by authentication methods such as PAM or BSD auth so that such changes are reflected in the environment passed back to sudo for execve(). [61cffa06f863] 2012-03-05 Todd C. Miller * MANIFEST, src/po/vi.mo, src/po/vi.po: Add Vietnamese sudo translation from translationproject.org [96df426790d5] 2012-03-02 Todd C. Miller * doc/sample.sudo.conf, doc/sudo.pod, doc/sudo_plugin.pod, doc/sudoers.pod: List sudo_noexec.so not noexec.so in the sample sudo.conf [53844e190ec5] * common/sudo_conf.c, doc/sample.sudo.conf, doc/sudo.pod, doc/sudo_plugin.pod, doc/sudoers.pod, include/sudo_conf.h, include/sudo_plugin.h, plugins/sample/sample_plugin.c, plugins/sudoers/iolog.c, plugins/sudoers/sudoers.c, plugins/sudoers/toke.l, src/load_plugins.c, src/sudo.c, src/sudo_plugin_int.h: Add support for plugin args at the end of a Plugin line in sudo.conf. Bump the minor number accordingly and update the documentation. A plugin must check the sudo front end's version before using the plugin_args parameter since it is only supported for API version 1.2 and higher. [587f1f819536] 2012-03-01 Todd C. Miller * plugins/sudoers/Makefile.in: update depends [6d2da44e11e5] * MANIFEST: secure_path.c is in common, not compat [619c4a663dde] * configure, configure.in: Add check for variadic macro support in cpp. [756854caf675] 2012-02-29 Todd C. Miller * common/secure_path.c, common/sudo_conf.c, include/secure_path.h, plugins/sudoers/gram.c, plugins/sudoers/gram.y, plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h, plugins/sudoers/toke.c, plugins/sudoers/toke.l: Add type param to sudo_secure_path() and add sudo_secure_file() and sudo_secure_dir() wrappers which get by #includedir in sudoers. [2ec2d3d8df04] 2012-02-28 Todd C. Miller * doc/visudo.pod, plugins/sudoers/visudo.c: Check the owner and mode in -c (check) mode unless the -f option is specified. Previously, the owner and mode were checked on the main sudoers file when the -s (strict) option was given, but this was not documented. [b2d6ee1e547a] * config.h.in, configure, configure.in, src/ttyname.c: Prefer KERN_PROC2 over KERN_PROC. Fixes compilation on some versions of OpenBSD versions that have KERN_PROC2 but not KERN_PROC. [159f6a50456a] 2012-02-27 Todd C. Miller * doc/CONTRIBUTORS: Add Eric Lakin for patch in bug #538 [490c29c234c6] * src/exec_pty.c: Fix typo in safe_close() made while converting to debug framework that prevented it from actually closing anything. [a66422a62afd] * src/exec_pty.c: Add some more debugging. [b5667947dda9] * common/Makefile.in, compat/Makefile.in, doc/Makefile.in, include/Makefile.in: We need sysconfdir in compat/Makfile to get the proper sudo.conf path. Add standard prefix and foodir expansion in all Makefiles to avoid this problem in the future. [62b6ce4ecae9] 2012-02-25 Todd C. Miller * MANIFEST, plugins/sudoers/po/lt.mo, plugins/sudoers/po/lt.po: New Lithuanian sudoers translation from translationproject.org [10436b649035] * plugins/sudoers/po/ja.po: Update from translationproject.org [acb8db5f8ef1] 2012-02-24 Todd C. Miller * plugins/sudoers/ldap.c: When adding gids to the LDAP filter, only add the primary gid once. This is consistent with the space computation/allocation. From Eric Lakin [35d9d99c92c6] * doc/TROUBLESHOOTING: Add entry for AIX enhanced RBAC config. [5e10b6f8def7] * mkpkg: Target Mac OS X 10.5 when building packages. [06fce9bbebee] 2012-02-22 Todd C. Miller * MANIFEST, common/Makefile.in, common/secure_path.c, common/sudo_conf.c, include/secure_path.h, plugins/sudoers/Makefile.in, plugins/sudoers/sudoers.c: Relax the user/group/mode checks on sudoers files. As long as the file is owned by the right user, not world-writable and not writable by a group other than the one specified at configure time (gid 0 by default), the file is considered OK. Note that visudo will still set the mode to the value specified at configure time. [241174babfcc] 2012-02-21 Todd C. Miller * plugins/sudoers/set_perms.c: Add AIX-specific version of permission setting code to make sure that the saved uid gets restored properly. [9a6f5d22c301] * config.h.in, configure, configure.in, src/exec_common.c: Check for LD_PRELOAD variants in configure instead of checkign cpp symbols. In disable_execute(), compute the length of the new envp and allocate it once instead of reallocating on demand. Also append old value of LD_PRELOAD (if any) to the new value. [680266346917] * plugins/sudoers/def_data.c, plugins/sudoers/def_data.in: Fix the description of noexec. [6a6d142f3c80] * plugins/sudoers/defaults.c, plugins/sudoers/defaults.h: The "op" parameter to set_default() must be int, not bool since it is set to '+' or '-' for list add and subtract. [8da5b137bea2] * sudo.pp: Make sure sudoers is writable before calling ed script. [95352ab6336b] 2012-02-17 Todd C. Miller * doc/CONTRIBUTORS, doc/contributors.pod: Update contributors. Now includes translators and authors of compat code. [4fb5b616b50a] 2012-02-16 Todd C. Miller * src/po/sudo.pot: regen [2c86e2c328fe] * pp, sudo.pp: Build flat packages, not package bundles, on Mac OS X. [57bda3cd5520] 2012-02-10 Todd C. Miller * sudo.pp: Move macos section to be with the other OS-specific sections. [51423bb2973a] * plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po, plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po: Sync with translationproject.org [8ce41cbb8da0] * configure, configure.in: Don't permanently add -D_FORTIFY_SOURCE=2 to CPPFLAGS [fa979aa6fe7d] * sudo.pp: Add Mac OS X support, printing the latest chunk of the NEWS file and the license text in the installer. [ffeab72387c0] * sudo.pp: Add explicit file modes that match those used by "make install" [7eb37242c920] * pp: Sync with upstream for Mac OS X fixes. [97cba179041e] * plugins/sudoers/Makefile.in, src/Makefile.in: Got back to using "install-sh -M" for files installed as non- readable by owner. This fixes "make install" as non-root for package building. [967804ee77d6] 2012-02-09 Todd C. Miller * plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po, plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po, plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po, plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po, plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po: Sync with translationproject.org [0e53db12039a] * Makefile.in, doc/Makefile.in, include/Makefile.in, plugins/sample/Makefile.in, plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in, src/Makefile.in: Use -m not -M for install-sh for everything except setuid. Install locale .mo files mode 0444, not 0644. If timedir parent doesn't exist, use default dir mode, not 0700. [8b6f64c92090] 2012-02-07 Todd C. Miller * pp: Re-sync with upstream; no longer need a local patch. [97a2c7be5e59] * mkpkg: Add support for building Mac OS X packages. [94d49ac223a4] * pp: Sync with upstream [1c97654fc841] * src/Makefile.in: No longer need to define _PATH_SUDO_CONF here. [2560905b7482] * src/exec_common.c: Fix noexec for Mac OS X. [b7a744bca2c0] 2012-02-06 Todd C. Miller * common/Makefile.in: Move _PATH_SUDO_CONF override to common to match sudo_debug.c [f0788972a63a] * plugins/sudoers/set_perms.c: More complete fix for LDR_PRELOAD on AIX. The addition of set_perm(PERM_ROOT) before calling the nss open functions (needed to avoid a GNU TLS bug) also broke LDR_PRELOAD. Setting the effective and then real uid to 0 for PERM_ROOT works around the issue. [5888eda051af] * plugins/sudoers/po/sudoers.pot, src/po/sudo.pot: regen [997fe403e219] * src/sudo.c: Set real uid to root before calling sudo_edit() or run_command() so that the monitor process is owned by root and not by the user. Otherwise, on AIX at least, the monitor process shows up in ps as belonging to the user (and can be killed by the user). [d4772d7d2fc5] * plugins/sudoers/set_perms.c: For PERM_ROOT when using setreuid(), only set the euid to 0 prior to the call to setuid(0) if the current euid is non-zero. This effectively restores the state of things prior to rev 7bfeb629fccb. Fixes a problem on AIX where LDR_PRELOAD was not being honored for the command being executed. [b9b40325b4dc] * MANIFEST, compat/pw_dup.c, config.h.in, configure, configure.in, include/missing.h, src/sudo.c: Make a copy of the struct passwd in exec_setup() to make sure nothing in the policy init modifies it. [b721261c921f] 2012-02-05 Todd C. Miller * doc/sudoers.pod: update copyright [f9d229d1f65e] * common/sudo_debug.c, include/sudo_debug.h: g/c now-unused debug subsystems [8f21726e698f] * doc/sudo.pod, doc/sudoers.pod: Enumerate the debug subsystems used by sudo and sudoers. [ac4f84293d14] 2012-02-03 Todd C. Miller * NEWS, common/sudo_conf.c, doc/sample.sudo.conf, doc/sudo.pod, include/sudo_conf.h, src/sudo.c: Normally, sudo disables core dumps while it is running. This behavior can now be modified at run time with a line in sudo.conf like "Set disable_coredumps false" [ad14e0508b0d] * NEWS: Mention Spanish translation [600f3205bd6e] * common/sudo_debug.c: Make sure we don't try to fall back to using the conversation function for debugging in the main sudo process if we are unable to open the debug file. [ffa329aa908c] * MANIFEST, src/po/es.mo, src/po/es.po: Add sudo Spanish translation from translationproject.org [c1906654e740] 2012-02-02 Todd C. Miller * plugins/sudoers/iolog.c: Better debug subsystem usage [1a31f115743c] * src/sudo.c: Remove duplicate function prototypes [ae04b00532eb] 2012-02-01 Todd C. Miller * configure, configure.in: Error out if user specified --with-pam but we can't find the headers or library. Also throw an error if the headers are present but the library is not and vice versa. [d6bf3e3d0aae] 2012-01-31 Todd C. Miller * plugins/sudoers/sudoers.c: Fix the sudoers permission check when the expected sudoers mode is owner-writable. [8b0b7e770a22] 2012-01-30 Todd C. Miller * configure, configure.in: Verify that we can link executables built with -D_FORTIFY_SOURCE before using it. [7578215d1a95] * src/exec_common.c: Fix potential off-by-one when making a copy of the environment for LD_PRELOAD insertion. Fixes bug #534 [cc699cd551b6] * configure, configure.in: Add rudimentary check for _FORTIFY_SOURCE support by checking for __sprintf_chk, one of the functions used by gcc to support it. [a992673d2ef8] * compat/stdbool.h, config.h.in, configure, configure.in: Use AC_HEADER_STDBOOL instead of checking for stdbool.h ourselves. [8ba1370884b3] 2012-01-29 Todd C. Miller * plugins/sudoers/po/sudoers.pot, src/po/sudo.pot: regen [1e0b38397705] 2012-01-25 Todd C. Miller * src/exec.c, src/sudo.c: The change in 818e82ecbbfc that caused to exit when the monitor dies created a race condition between the monitor exiting and the status being read. All we really want to do is make sure that select() notifies us that there is a status change when the monitor dies unexpectedly so shutdown the socketpair connected to the monitor for writing when it dies. That way we can still read the status that is pending on the socket and select() on Linux will tell us that the fd is ready. [7fb5b30ea48d] * MANIFEST, src/Makefile.in, src/exec.c, src/exec_common.c, src/exec_pty.c, src/selinux.c, src/sesh.c, src/sudo.c, src/sudo.h, src/sudo_exec.h: Refactor disable_execute() and my_execve() into exec_common.c for use by sesh.c. This fixes NOEXEC when SELinux is used. Instead of disabling exec in exec_setup(), disable it immediately before executing the command. Adapted from a diff by Arno Schuring. [ec4d8b53db6b] 2012-01-20 Todd C. Miller * aclocal.m4, configure, configure.in: Add custom version of AC_CHECK_LIB that uses the extra libs in the cache value name. With this we no longer need to rely on a modified version of autoconf. [1c3b1d482d6c] 2012-01-19 Todd C. Miller * configure, configure.in: Better handling of network functions that need -lsocket -lnsl [cc386342ec2b] * src/sudo.c: When setting up the execution environment, set groups before gid/egid like sudo 1.7 did. [928e1c5fa6c1] * configure, configure.in: Remove "WARNING: unable to find foo() trying -lsocket -lnsl" [84b23cdf138f] * plugins/sudoers/sudoers.c: For "sudo -g" prepend the specified group ID to the beginning of the groups list. This matches BSD convention where the effective gid is the first entry in the group list. This is required on newer FreeBSD where the effective gid is not tracked separately and thus setgroups() changes the egid if this convention is not followed. Fixes bug #532 [782d6909108b] 2012-01-17 Todd C. Miller * configure, configure.in: Fix sh warning; use "test" instead of "[" [c6ee3407f65e] * src/exec.c: When not logging I/O, use a signal handler that only forwards SIGINT, SIGQUIT and SIGHUP when they are user-generated signals. Fixes a race in the non-I/O logging path where the command may receive two keyboard-generated signals; one from the kernel and one from the sudo process. [9638684e786a] * src/exec.c: Back out change that put the command in its own pgrp when not logging I/O. It causes problems with pipelines. [4fc9c6e1e770] 2012-01-16 Todd C. Miller * compat/Makefile.in, configure, configure.in: Only run compat regress tests on compat objects we actually build. Fixes "make check" in the compat dir for systems that don't implement character classes in fnmatch() or glob(). Bug #531 [a7addc305e83] 2012-01-14 Todd C. Miller * plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po: Update po files from translationproject.org [5ea066af1356] 2012-01-13 Todd C. Miller * sudo.pp: Include parent directories in case they don't already exist. This fixes a directory permissions problem with the AIX package when the /usr/local directories don't already exist. [a14f783dc827] * pp: sync with git version [2f79d0543661] * common/Makefile.in, plugins/sudoers/Makefile.in, src/Makefile.in: regen dependencies [24c92ca6c64d] * MANIFEST, src/Makefile.in, src/sudo.c, src/sudo.h, src/ttyname.c: Move tty name lookup code to its own file. [58faf072cbf4] 2012-01-12 Todd C. Miller * NEWS: Update with latest sudo 1.8.4 changes. [a4ffe4f42528] * config.h.in, configure, configure.in: Remove obsolete template for HAVE_TIMESPEC [75709007c906] * src/sudo.c: Add a check for devname() returning a fully-qualified pathname. None of the devname() implementations do this today but you never know when this might change. [16813ace38f9] 2012-01-11 Todd C. Miller * plugins/sudoers/visudo.c: For "visudo -c" also list include files that were checked when everything is OK. [ad6f85b35c9c] * src/sudo.c: The device name returned by devname() does not include the /dev/ prefix so we need to add it ourselves. [b55285abb7ed] * src/sudo.c: Add debug warning if KERN_PROC sysctl fails or devname() can't resolve the tty device to a name. [b5a23916ba3a] * common/sudo_debug.c: The result of writev() is never checked so just cast to NULL. [4be4e9b58d5b] * plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po, plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po, plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po, plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po: Update Esperanto, Finnish, Polish and Ukrainian translations from translationproject.org. [bb91bc6ad7e9] 2012-01-10 Todd C. Miller * config.h.in, configure, configure.in, src/sudo.c: Add support for determining tty via sysctl on other BSD variants. [fd15f63f719a] * configure, configure.in: Only check for struct kinfo_proc.ki_tdev on systems that support sysctl. [109b3f07a39d] * src/sudo.c: For FreeBSD, try the KERN_PROC_PID sysctl() first, falling back on ttyname() of std{in,out,err}. [95969b70bd68] 2012-01-09 Todd C. Miller * config.h.in, configure, configure.in, src/sudo.c: On newer FreeBSD we can get the parent's tty name via sysctl(). [3207290501ee] * plugins/sudoers/testsudoers.c: Include locale.h [a602cd0b8c2d] * src/sudo.c: Silence a gcc warning. [8c6d0e3cd534] * plugins/sudoers/bsm_audit.c: Need to include gettext.h and sudo_debug.h; from John Hein [447912aa7300] * plugins/sudoers/iolog.c: Initialize the debug framework from the I/O plugin too. [ce1bf44d96d2] 2012-01-08 Todd C. Miller * plugins/sudoers/testsudoers.c: Enable debugging via sudo.conf. [d85669c749d0] 2012-01-07 Todd C. Miller * plugins/sudoers/visudo.c: Use SUDO_DEBUG_ALIAS for alias checking functions. [fb84af30dc76] * configure, configure.in: More complete test for getaddrinfo() that doesn't rely on the network libraries already being added to LIBS. [cbaf2369f4f0] 2012-01-06 Todd C. Miller * common/aix.c: Add debug support. [def1bdf24485] * configure, configure.in: Need -lsocket -lnsl for getaddrinfo(3) on Solaris at least. [a2ea1c2eac61] * compat/getaddrinfo.c: Include errno.h and missing.h [7d15e17cc2f2] * .hgignore: ignore doc/varsub [417f9fc3231b] * configure.in, doc/visudo.pod, plugins/sudoers/Makefile.in, plugins/sudoers/gram.y, plugins/sudoers/match.c, plugins/sudoers/parse.c, plugins/sudoers/testsudoers.c, src/exec.c, src/parse_args.c, src/sudo.c, src/sudo.h: Update copyright year. [5d0ffc7dd567] * NEWS: Update for sudo 1.8.4 [841e3eff9844] * plugins/sudoers/po/sudoers.pot, src/po/sudo.pot: regen pot files [c509cb45b66a] * plugins/sudoers/sudoreplay.c: Enable debugging via sudo.conf. [5087aaee8484] * plugins/sudoers/visudo.c: Enable debugging via sudo.conf. [04b067c16ed3] * plugins/sudoers/visudo.c: Allow "visudo -c" to work when we only have read-only access to the sudoers include files. [d8c6713fe5c1] * doc/sudo.pod, doc/visudo.pod: Mention the CONTRIBUTORS file, not HISTORY in AUTHOR section. Add HISTORY section in sudo that points to HISTORY file. [d1f1bcb051c5] * doc/sudo.pod, doc/sudo_plugin.pod: Document Debug setting in sudo.conf and debug_flags in plugin. [acfc505aa4a9] 2012-01-05 Todd C. Miller * plugins/sudoers/match.c: Do not include GLOB_MARK in the flags we pass to glob(3). Fixes a bug where a pattern like "/usr/*" include /usr/bin/ in the results, which would be incorrectly be interpreted as if the sudoers file had specified a directory. From Vitezslav Cizek. [0cdb6252188c] * INSTALL, config.h.in, configure, configure.in, plugins/sudoers/auth/kerb5.c: Add --enable-kerb5-instance configure option to allow people using Kerberos V authentication to use a custom instance. Adapted from a diff by Michael E Burr. [e83af8bb7aa7] * doc/sudo.pod, src/parse_args.c, src/sudo.c, src/sudo.h: Remove -D debug_level option. [cbcd05094347] * doc/LICENSE: Update copyright year. [9f43dd7aa852] 2012-01-04 Todd C. Miller * plugins/sudoers/parse.c, plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c: parse_error is now bool, not int [5ea7fb6fda38] * plugins/sudoers/gram.c, plugins/sudoers/gram.y, plugins/sudoers/parse.c: Print a more sensible error if yyparse() returns non-zero but yyerror() was not called. [d44ec88f1183] * plugins/sudoers/Makefile.in, plugins/sudoers/getdate.c, plugins/sudoers/gram.c: Replace y.tab.c with the correct filename in #line directives. [3c84fcb7e959] 2012-01-03 Todd C. Miller * src/sudo.c: When trying to determine the tty, fall back on /proc/ppid/fd/{0,1,2} if the main process's fds 0-2 are not hooked up to a tty. Adapted from a diff by Zdenek Behan. [b9dfce12af85] * src/exec.c: When not logging I/O, put command in its own pgrp and make that the controlling pgrp if the command is in the foreground. Fixes a race in the non-I/O logging path where the command may receive two keyboard-generated signals; one from the kernel and one from the sudo process. [d0e263ce496c] 2011-12-20 Todd C. Miller * src/sudo_edit.c: Quiet a bogus gcc warning. [2009669e0608] * src/parse_args.c, src/sudo.h: Fix warnings related to sudo.conf accessors. [08ddc29ba50b] * common/sudo_conf.c, include/sudo_conf.h: Separate sudo.conf parsing from plugin loading and move the parse functions into the common lib so that visudo, etc. can use them. [f1fc659a8079] * MANIFEST, common/Makefile.in, src/Makefile.in, src/load_plugins.c, src/parse_args.c, src/sudo.c, src/sudo_plugin_int.h: Separate sudo.conf parsing from plugin loading and move the parse functions into the common lib so that visudo, etc. can use them. [e1f2cf6bd57a] * doc/sudoers.pod, plugins/sudoers/def_data.c, plugins/sudoers/def_data.h, plugins/sudoers/def_data.in, plugins/sudoers/sudoers.c, src/sudo.c: Remove support for noexec_file in sudoers and the plugin API [3e2fd58879b5] * plugins/sudoers/sudoers.c: Don't dump interfaces if there are none. [9081bb4d3e9e] * plugins/sudoers/def_data.c, plugins/sudoers/def_data.in: Add missing %s printf escape to the group_plugin, iolog_dir and iolog_file descriptions. [7db03f2b737e] 2011-12-18 Todd C. Miller * plugins/sudoers/def_data.c, plugins/sudoers/def_data.in, src/exec.c: Fix typo in visiblepw description; from Joel Pickett [2fb4b26d5c2c] 2011-12-08 Todd C. Miller * MANIFEST, configure, configure.in, mkdep.pl, plugins/sudoers/Makefile.in, plugins/sudoers/env.c, plugins/sudoers/login_class.c, plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h, src/sudo.c: When running a login shell with a login_class specified, use LOGIN_SETENV instead of rolling our own login.conf setenv support since FreeBSD's login.conf has more than just setenv capabilities. This requires us to swap the plugin-provided envp for the global environ before calling setusercontext() and then stash the resulting environ pointer back into the command details, which is kind of a hack. [ad4f1190143b] * plugins/sudoers/Makefile.in: If srcdir is "." just use the basename of the yacc/lex file when generating the C version. This matches the generated files currently in the repo. [0b11c3df87a8] * doc/Makefile.in, plugins/sudoers/Makefile.in: Clean up the DEVEL noise [9de2afe457fd] * src/exec.c: Handle different Unix domain socket (actually socketpair) semantics in BSD vs. Linux. In BSD if one end of the socketpair goes away select() returns the fd as readable and the read will fail with ECONNRESET. This doesn't appear to happen on Linux so if we notice that the monitor process has died when I/O logging is enabled, behave like the command has exited. This means we log the wait status of the monitor, not the command, but there is nothing else we can do at that point. This should only be an issue if SIGKILL is sent to the monitor process. [818e82ecbbfc] * src/exec_pty.c: Catch common signals in the monitor process so they get passed to the command. Fixes a problem when the entire login session is killed when ssh is disconnected or the terminal window is closed. Previously, the monitor would exit and plugin's close method would not be called. [0e4658263138] * INSTALL, configure, configure.in: Mention how to configure pam_hpsec on HP-UX to play nicely with sudo. [a7294cd8ce98] 2011-12-07 Todd C. Miller * plugins/sudoers/ldap.c: Escape values in the search expression as per RFC 4515. [c2adbc5db92b] * doc/Makefile.in, include/Makefile.in, plugins/sample/Makefile.in, plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in, src/Makefile.in: No need for install target to depend explicitly on install-dirs, the install-foo targets all depend on it. [62a36ed98279] 2011-12-05 Todd C. Miller * .hgignore: ignore src/sesh [463d492f6782] * MANIFEST, common/Makefile.in, configure, configure.in, mkdep.pl, plugins/sample/Makefile.in, plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in, plugins/sudoers/env.c, plugins/sudoers/login_class.c, plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h, src/Makefile.in: Add support for setenv entries in login.conf. We can't use LOGIN_SETENV since the plugin sets up the envp the command is executed with. Also regen the Makefile.in files while here. Fixes bug #527 [088d507926e2] 2011-12-02 Todd C. Miller * MANIFEST, aclocal.m4, compat/getaddrinfo.c, compat/getaddrinfo.h, config.h.in, configure, configure.in, plugins/sudoers/sudoers.c, src/net_ifs.c: Add getaddrinfo() for those without it, written by Russ Allbery [4cf9ac831222] * doc/Makefile.in: Restore PACKAGE_TARNAME, it is used in docdir [9d65e893edb1] * MANIFEST, compat/stdbool.h: SunPro C Compiler also has a _Bool builtin. Also add stdbool.h to the MANIFEST [e67700dc5621] * common/atobool.c, common/term.c, src/exec.c: Remove duplicate return statements. [48a20d5215fd] * plugins/sudoers/auth/bsdauth.c: Remove inaccurate comment [e7f0265cf657] * plugins/sudoers/auth/bsdauth.c, plugins/sudoers/sudoers.c: Fetch the login class for the user we authenticate specifically when using BSD authentication. That user may have a different login class than what we will use to run the command. When setting the login class for the command, use the target user's struct passwd, not the invoking user's. Fixes bug 526 [21bf0af892f7] * compat/Makefile.in, configure, configure.in, doc/Makefile.in, plugins/sudoers/Makefile.in: Replace @DEV@ prefix with DEVEL variable so we can do "make DEVEL=1" [8ee6e0891f27] * plugins/sudoers/regress/iolog_path/check_iolog_path.c, plugins/sudoers/regress/logging/check_wrap.c, plugins/sudoers/regress/parser/check_addr.c, plugins/sudoers/regress/parser/check_fill.c: Fix "make check" fallout from the sudo_conv changes in sudo_debug. [b0aaa63c9081] * common/fileops.c, common/sudo_debug.c, configure, configure.in, include/fileops.h, plugins/sample/Makefile.in, plugins/sample/sample_plugin.c, plugins/sample_group/Makefile.in, plugins/sample_group/sample_group.c, plugins/sudoers/alias.c, plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/check.c, plugins/sudoers/defaults.c, plugins/sudoers/defaults.h, plugins/sudoers/env.c, plugins/sudoers/find_path.c, plugins/sudoers/goodpath.c, plugins/sudoers/gram.c, plugins/sudoers/gram.y, plugins/sudoers/group_plugin.c, plugins/sudoers/iolog.c, plugins/sudoers/iolog_path.c, plugins/sudoers/ldap.c, plugins/sudoers/match.c, plugins/sudoers/match_addr.c, plugins/sudoers/parse.c, plugins/sudoers/parse.h, plugins/sudoers/pwutil.c, plugins/sudoers/sudo_nss.c, plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h, plugins/sudoers/testsudoers.c, plugins/sudoers/toke.c, plugins/sudoers/toke.h, plugins/sudoers/toke.l, plugins/sudoers/toke_util.c, plugins/sudoers/visudo.c, src/exec.c, src/exec_pty.c, src/load_plugins.c, src/sudo.c, src/sudo.h, src/sudo_exec.h, src/sudo_plugin_int.h, src/utmp.c: Use stdbool.h instead of rolling our own TRUE/FALSE macros. [dcb0bbc42fc9] 2011-12-01 Todd C. Miller * compat/stdbool.h, config.h.in, configure, configure.in: Add stdbool.h for systems without it. [18bd9dda1dcd] * aclocal.m4, config.h.in, configure, configure.in: No longer need SUDO_CHECK_TYPE and SUDO_TYPE_* now that the default includes have unistd.h in them. Add check for socklen_t for upcoming getaddrinfo compat. [d705465bef69] * common/fileops.c, compat/nanosleep.c, config.h.in, configure, configure.in, plugins/sudoers/interfaces.c, plugins/sudoers/interfaces.h, plugins/sudoers/match_addr.c, plugins/sudoers/sudoreplay.c, src/net_ifs.c: Use HAVE_STRUCT_TIMESPEC and HAVE_STRUCT_IN6_ADDR instead of HAVE_TIMESPEC and HAVE_IN6_ADDR respectively. [fa187c9bd2be] * src/sudo_noexec.c: No longer need to include time.h here as missing.h does not use time_t. [fa3a089bf5b1] 2011-11-30 Todd C. Miller * plugins/sudoers/visudo.c: Fix mode on sudoers as needed when the -f option is not specified. [7a1c40b0dc03] * MANIFEST, src/po/sr.mo, src/po/sr.po: Add Serbian translation for sudo from translationproject.org [9a0c25e25cba] * common/sudo_debug.c, plugins/sudoers/sudoers.c, src/load_plugins.c, src/parse_args.c: No longer pass debug_file to plugin, plugins must now use CONV_DEBUG_MSG [810cda1abb0b] * mkpkg: Build PIE executables for newer Debian and Ubuntu [1c5f25f8904a] * common/sudo_debug.c: Include time.h for ctime() prototype. [10090cf3bca1] 2011-11-29 Todd C. Miller * common/sudo_debug.c, include/sudo_debug.h, src/exec.c, src/exec_pty.c: Do not close error pipe or debug fd via closefrom() as we need them to report an exec error should one occur. [732f6587fafa] * doc/sudoers.ldap.pod: Document that a sudoUser may now be a group ID. [2fef46b9d3d3] * plugins/sudoers/ldap.c: Add support for permitting access by group ID in addition to group name. [b9450fdf1f69] * plugins/sudoers/ldap.c: Older Netscape LDAP SDKs don't prototype ldapssl_set_strength() [d62a1e7cff4f] * compat/fnmatch.c, compat/fnmatch.h, doc/LICENSE: Replace UCB fnmatch.c with a non-recursive version written by William A. Rowe Jr. [354d3384adb8] * plugins/sudoers/auth/pam.c: Fix typo, return_debug vs. debug_return [1b522efcbb0d] 2011-11-23 Todd C. Miller * plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po: Update Japanese sudoers translation from translationproject.org [ec0f2beaad36] * doc/sudoers.pod: Make the env_reset descriptions consistent. [41c056f02688] 2011-11-22 Todd C. Miller * configure, configure.in: Do multiple expansion when expanding paths to the noexec file, sesh and the plugin directory. Adapted from a diff by Mike Frysinger [d7e16c876c66] * common/Makefile.in: regen [9d729e09c186] 2011-11-21 Todd C. Miller * .hgignore: Add ignore file; from Mike Frysinger [1fa8d52425f8] * mkdep.pl: no longer save old Makefile.in to .old [378dd2395545] * plugins/sudoers/Makefile.in, src/Makefile.in: regen [769faf517720] * config.guess, config.sub, configure, ltmain.sh, m4/libtool.m4, m4/ltoptions.m4, m4/ltversion.m4: Update to libtool 2.4.2 [9dac78d84b4f] 2011-11-18 Todd C. Miller * plugins/sudoers/sudoers_version.h: Bump grammar version for #include and #includedir relative path support. [82a4f7cd8f71] 2011-11-17 Todd C. Miller * doc/sudoers.pod, plugins/sudoers/toke.c, plugins/sudoers/toke.l: Add support for relative paths in #include and #includedir [4d6e3bd0c24f] * plugins/sudoers/Makefile.in: Fix install-plugin when shared objects are unsupported or disabled. [cbdd770a7a1b] * plugins/sudoers/goodpath.c: Don't write to sbp if it is NULL [fc438f8e8570] 2011-11-16 Todd C. Miller * Makefile.in: Remove all sudo/sudoers .mo files on uninstall If LINGUAS is set, only install matching .mo files [c1dc30ab4ebc] 2011-11-13 Todd C. Miller * plugins/sudoers/group_plugin.c, plugins/sudoers/plugin_error.c, plugins/sudoers/sudoers.c, src/conversation.c: Fix non-dynamic (no dlopen) sudo build. [b0bd3fa925a3] * configure, configure.in: Don't error out if the user specified --disable-shared [cf035dd1e5cc] * common/sudo_debug.c, plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c, src/conversation.c: Use SUDO_CONV_DEBUG_MSG in the plugin instead of writing directly to the debug file. [640c62f83251] * plugins/sudoers/find_path.c, plugins/sudoers/goodpath.c, plugins/sudoers/sudoers.h: Make sudo_goodpath() return value bolean [fea2d59a6e55] * INSTALL, MANIFEST, configure, configure.in, mkdep.pl, plugins/sudoers/Makefile.in, plugins/sudoers/auth/securid.c: Remove obsolete securid auth method. [4e54f860214b] * plugins/sudoers/auth/afs.c, plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/dce.c, plugins/sudoers/auth/fwtk.c, plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/pam.c, plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/rfc1938.c, plugins/sudoers/auth/secureware.c, plugins/sudoers/auth/securid5.c, plugins/sudoers/auth/sia.c, plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/auth/sudo_auth.h: Prefix authentication functions with a "sudo_" prefix to avoid namespace problems. [581d74063ea1] * INSTALL, MANIFEST, config.h.in, configure, configure.in, doc/TROUBLESHOOTING, mkdep.pl, plugins/sudoers/Makefile.in, plugins/sudoers/auth/kerb4.c, plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/auth/sudo_auth.h, plugins/sudoers/env.c: Remove the old Kerberos IV support [2e4b4a44209d] 2011-11-12 Todd C. Miller * plugins/sudoers/check.c: Don't print garbage at the end of the custom lecture. [44bb788fafaa] * plugins/sudoers/toke.c, plugins/sudoers/toke.l: Add lexer tracing as debug@parser [d850f3f9d414] * plugins/sudoers/alias.c, plugins/sudoers/defaults.c, plugins/sudoers/defaults.h, plugins/sudoers/gram.c, plugins/sudoers/match.c, plugins/sudoers/parse.c, plugins/sudoers/regress/parser/check_fill.c, plugins/sudoers/testsudoers.c, plugins/sudoers/toke.c, plugins/sudoers/toke.l, plugins/sudoers/toke_util.c, plugins/sudoers/visudo.c: Revert 003bdb078a15. We need to #include not "gram.h" and and not "def_data.h" when generating the parser in a build dir. [7da701def753] 2011-11-08 Todd C. Miller * mkdep.pl, plugins/sudoers/Makefile.in: Better devdir support in mkdep.pl [7dcec57bd155] * plugins/sudoers/Makefile.in: Add devdir before srcdir in include path and fix up dependecies accordingly. [6e9958eca485] * plugins/sudoers/alias.c, plugins/sudoers/defaults.c, plugins/sudoers/defaults.h, plugins/sudoers/match.c, plugins/sudoers/parse.c, plugins/sudoers/testsudoers.c, plugins/sudoers/toke.c, plugins/sudoers/toke.l, plugins/sudoers/toke_util.c, plugins/sudoers/visudo.c: #include "gram.h" not and "def_data.h" and not . [003bdb078a15] * sudo.pp: Mark libexec files as optional. If we build without shared object support, libexec is not used. [4bffcf482219] * src/load_plugins.c: Change Debug sudo.conf setting to take a program name as the first argument. In the future, this will allow visudo and sudoreplay to use their own Debug entries. [cfb8f7e4867c] * src/sudo.c: fix sudo_debug_printf priority [dcb67e965609] * plugins/sudoers/sudoers.c: add missing debug_return_int [d88ec450c592] 2011-11-07 Todd C. Miller * common/sudo_debug.c, include/error.h, include/sudo_debug.h, plugins/sudoers/logging.c, src/exec.c, src/exec_pty.c: Fold SUDO_DEBUG_PROGERR and SUDO_DEBUG_SYSERR into SUDO_DEBUG_ERROR [dcee8efc294f] * doc/UPGRADE: Add missing word in HOME security note. [fd844fdcc1ac] * plugins/sudoers/testsudoers.c: Prevent "testsudoers -d username" from trying to malloc(0). [839126e56e8c] 2011-11-06 Todd C. Miller * plugins/sudoers/regress/sudoers/test10.in, plugins/sudoers/regress/sudoers/test10.out.ok, plugins/sudoers/regress/sudoers/test10.toke.ok, plugins/sudoers/regress/sudoers/test10.toke.out.ok, plugins/sudoers/regress/sudoers/test11.in, plugins/sudoers/regress/sudoers/test11.out.ok, plugins/sudoers/regress/sudoers/test11.toke.ok, plugins/sudoers/regress/sudoers/test11.toke.out.ok, plugins/sudoers/regress/sudoers/test12.in, plugins/sudoers/regress/sudoers/test12.out.ok, plugins/sudoers/regress/sudoers/test12.toke.ok, plugins/sudoers/regress/sudoers/test13.in, plugins/sudoers/regress/sudoers/test13.out.ok, plugins/sudoers/regress/sudoers/test13.toke.ok, plugins/sudoers/regress/sudoers/test9.in, plugins/sudoers/regress/sudoers/test9.out.ok, plugins/sudoers/regress/sudoers/test9.toke.ok, plugins/sudoers/regress/sudoers/test9.toke.out.ok: Tests for empty sudoers (should parse OK) and syntax errors within a line (should report correct line number) both with and without the trailing newline. [d57c879c4718] * plugins/sudoers/regress/sudoers/test4.out.ok, plugins/sudoers/regress/sudoers/test5.out.ok, plugins/sudoers/regress/sudoers/test7.out.ok, plugins/sudoers/regress/sudoers/test8.out.ok, plugins/sudoers/testsudoers.c: Print line number when there is a parser error. [5444ef6ac6dc] 2011-11-05 Todd C. Miller * plugins/sudoers/gram.c, plugins/sudoers/gram.y, plugins/sudoers/toke.c, plugins/sudoers/toke.l: Keep track of the last token returned. On error, if the last token was COMMENT, decrement sudolineno since the error most likely occurred on the preceding line. Previously we always uses sudolineno-1 which will give the wrong line number for errors within a line. [d661a03a64da] 2011-11-03 Todd C. Miller * NEWS: update with sudo 1.8.3p1 info [0f79ff31f602] * plugins/sudoers/sudoers.c: Fix crash when "sudo -g group -i" is run. Fixes bug 521 [a3087ae337c4] 2011-10-26 Todd C. Miller * plugins/sudoers/visudo.c: Make alias_remove_recursive() return TRUE/FALSE as its callers expect and remove two unused arguments. Fixes bug 519. [2ee3b2882844] * plugins/sudoers/regress/visudo/test1.out.ok, plugins/sudoers/regress/visudo/test1.sh: Add regress test for bugzilla 519 [48000ebedf97] * plugins/sudoers/regress/iolog_path/check_iolog_path.c, plugins/sudoers/regress/logging/check_wrap.c, plugins/sudoers/regress/parser/check_addr.c, plugins/sudoers/regress/parser/check_fill.c: Disable warning/error wrapping in regress tests. [373c589ba561] 2011-10-25 Todd C. Miller * Makefile.in: Do compile-po as part of sync-po so that the .mo files get rebuild automatically when we sync with translationproject.org [83f3cbfc2f33] * plugins/sudoers/Makefile.in: check_addr needs to link with the network libraries on Solaris [322bd70e316e] * plugins/sudoers/match.c: When matching a RunasAlias for a runas group, pass the alias in as the group_list, not the user_list. From Daniel Kopecek. [766545edf141] * plugins/sudoers/check.c, plugins/sudoers/sudoers.c: We need to init the auth system regardless of whether we need a password since we will be closing the PAM session in the monitor process. Fixes a crash in the monitor on Solaris; bugzilla #518 [e82809f86fb3] 2011-10-24 Todd C. Miller * src/exec.c: Get rid of done: label. If the child exits we still need to close the pty, update utmp and restore the SELinux tty context. [cc127bf48405] 2011-10-22 Todd C. Miller * common/Makefile.in, common/atobool.c, common/fileops.c, common/fmt_string.c, common/lbuf.c, common/list.c, common/setgroups.c, common/term.c, plugins/sudoers/Makefile.in, plugins/sudoers/alias.c, plugins/sudoers/audit.c, plugins/sudoers/auth/afs.c, plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/bsdauth.c, plugins/sudoers/auth/dce.c, plugins/sudoers/auth/fwtk.c, plugins/sudoers/auth/kerb4.c, plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/pam.c, plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/rfc1938.c, plugins/sudoers/auth/secureware.c, plugins/sudoers/auth/securid.c, plugins/sudoers/auth/securid5.c, plugins/sudoers/auth/sia.c, plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/boottime.c, plugins/sudoers/bsm_audit.c, plugins/sudoers/check.c, plugins/sudoers/defaults.c, plugins/sudoers/env.c, plugins/sudoers/find_path.c, plugins/sudoers/getspwuid.c, plugins/sudoers/goodpath.c, plugins/sudoers/gram.c, plugins/sudoers/gram.y, plugins/sudoers/group_plugin.c, plugins/sudoers/interfaces.c, plugins/sudoers/iolog.c, plugins/sudoers/iolog_path.c, plugins/sudoers/ldap.c, plugins/sudoers/linux_audit.c, plugins/sudoers/logging.c, plugins/sudoers/logwrap.c, plugins/sudoers/match.c, plugins/sudoers/match_addr.c, plugins/sudoers/parse.c, plugins/sudoers/pwutil.c, plugins/sudoers/redblack.c, plugins/sudoers/set_perms.c, plugins/sudoers/sudo_nss.c, plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h, plugins/sudoers/toke.c, plugins/sudoers/toke.h, plugins/sudoers/toke.l, plugins/sudoers/toke_util.c, src/Makefile.in, src/conversation.c, src/exec.c, src/exec_pty.c, src/get_pty.c, src/load_plugins.c, src/net_ifs.c, src/parse_args.c, src/selinux.c, src/sudo.c, src/sudo.h, src/sudo_edit.c, src/tgetpass.c, src/ttysize.c, src/utmp.c: Add debug_decl/debug_return (almost) everywhere. Remove old sudo_debug() and convert users to sudo_debug_printf(). [8f3bbf907b67] * common/alloc.c, include/error.h, plugins/sudoers/plugin_error.c, plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c, src/error.c: Wrap error/errorx and warning/warningx functions with debug statements. Disable wrapping for standalone sudoers programs as well as memory allocation functions (to avoid infinite recursion). [562ed7b5ae8d] * README, config.h.in, configure, configure.in: Add checks for __func__ and __FUNCTION__ and mention that we now require a cpp that supports variadic macros. [314cfe4c5d23] * MANIFEST, common/Makefile.in, common/sudo_debug.c, include/sudo_debug.h, include/sudo_plugin.h, src/conversation.c, src/load_plugins.c, src/parse_args.c, src/sudo.c, src/sudo_plugin_int.h: New debug framework for sudo and plugins using /etc/sudo.conf that also supports function call tracing. [cded741e9f10] 2011-10-21 Todd C. Miller * plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po: Update Japanese sudoers translation from translationproject.org [c24725775e32] 2011-10-12 Todd C. Miller * configure, configure.in: Override and ignore the --disable-static option. Sudo already runs libtool with -tag=disable-static where applicable and we need non- PIC objects to build the executables. [aff1227b853a] 2011-10-10 Todd C. Miller * NEWS: Add sudoedit fix [74655c7ccad1] * plugins/sudoers/po/sudoers.pot: regen pot files [28d89a831ed3] * plugins/sudoers/env.c: Ignore set_logname (which is now the default) for sudoedit since we want the LOGNAME, USER and USERNAME environment variables to refer to the calling user since that is who the editor runs as. This allows the editor to find the user's startup files. Fixes bugzilla #515 [6c5dddf5ff05] * plugins/sudoers/pwutil.c: Instead of trying to grow the buffer in make_grlist_item(), simply increase the total length, free the old buffer and allocate a new one. This is less error prone and saves us from having to adjust all the pointers in the buffer. This code path is only taken when there are groups longer than the length of the user field in struct utmp or utmpx, which should be quite rare. [5587dc8cffaf] * src/po/it.mo: Add Italian translation for sudo from translationproject.org [1b3dd886e7e3] * MANIFEST, NEWS, plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po, src/po/ja.mo, src/po/ja.po: Japanese translation for sudo and sudoers from translationproject.org [c06dd866be6e] 2011-10-07 Todd C. Miller * plugins/sudoers/Makefile.in: sudoreplay depends on timestr.lo too; from Mike Frysinger [b9e73214b2f1] 2011-10-04 Todd C. Miller * plugins/sudoers/po/sudoers.pot: Regen sudoers pot file. [019588bafdb3] * NEWS: Update with latest sudo 1.8.3 news [6868042a88e9] * plugins/sudoers/sudoers.c: It appears that LDAP or NSS may modify the euid so we need to be root for the open(). We restore the old perms at the end of sudoers_policy_open(). [2da67a5497ef] * plugins/sudoers/set_perms.c: Better warning message on setuid() failure for the setreuid() version of set_perms(). [07abcfe7bd9a] 2011-09-27 Todd C. Miller * plugins/sudoers/check.c: Delref auth_pw at the end of check_user() instead of getting a ref twice. [cb665f55e6a5] * plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/check.c: Make sudo_auth_{init,cleanup} return TRUE on success and check for sudo_auth_init() return value in check_user(). [92631c919356] * plugins/sudoers/auth/sudo_auth.c: Do not return without restoring permissions. [59ef40b6696a] * plugins/sudoers/po/sudoers.pot, src/po/sudo.pot: regen pot files [9f320a340b7c] * plugins/sudoers/auth/API, plugins/sudoers/auth/bsdauth.c, plugins/sudoers/auth/fwtk.c, plugins/sudoers/auth/kerb4.c, plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/pam.c, plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/secureware.c, plugins/sudoers/auth/securid.c, plugins/sudoers/auth/securid5.c, plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/auth/sudo_auth.h, plugins/sudoers/check.c, plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h: Modify the authentication API such that the init and cleanup functions are always called, regardless of whether or not we are going to verify a password. This is needed for proper PAM session support. [19a53f3fb596] * compat/Makefile.in, mkdep.pl, plugins/sudoers/Makefile.in: Add missing dependency for getspwuid.lo and regen other depends. [f7f70eae819a] * plugins/sudoers/auth/pam.c, plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/auth/sudo_auth.h, plugins/sudoers/sudoers.c: Fix a PAM_USER mismatch in session open/close. We update PAM_USER to the target user immediately before setting resource limits, which is after the monitor process has forked (so it has the old value). Also, if the user did not authenticate, there is no pamh in the monitor so we need to init pam here too. This means we end up calling pam_start() twice, which should be fixed, but at least the session is always properly closed now. [fbc063a2a872] * src/utmp.c: Add check for old being NULL in utmp_setid(); from Steven McDonald [e87126442f2e] 2011-09-25 Todd C. Miller * plugins/sudoers/pwutil.c, plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h: If the invoking user cannot be resolved by uid fake the struct passwd and store it in the cache so we can delref it on exit. [a27e2f8b9f5e] 2011-09-24 Todd C. Miller * plugins/sudoers/sudoers.c: Don't error out if the group plugin cannot be loaded, just warn. [0fbfcd381e33] 2011-09-23 Todd C. Miller * plugins/sudoers/sudoers.c: Quiet a false positive found by several static analysis tools. These tools don't know that log_error() does not return (it longjmps to error_jmp which returns to the sudo front-end). [33d0469df21b] 2011-09-22 Todd C. Miller * MANIFEST, plugins/sudoers/po/da.mo, plugins/sudoers/po/eo.mo, plugins/sudoers/po/fi.mo, plugins/sudoers/po/pl.mo, plugins/sudoers/po/uk.mo, plugins/sudoers/po/zh_CN.mo, src/po/it.po: Add Italian translation for sudo from translationproject.org Regen .mo files [c3c888a82be6] 2011-09-21 Todd C. Miller * doc/TROUBLESHOOTING: Update to current reality and add bit about ssh auth [184a1e7c2eeb] * plugins/sudoers/gram.c, plugins/sudoers/gram.y: Make "verbose" static; fixes a namespace clash with pam_ssh_agent_auth (and it doesn't need to be extern these days). [cc38d2eb2f4c] * config.h.in, configure, configure.in, src/get_pty.c: FreeBSD has libutil.h not util.h [dab4c94b6d4f] * configure, configure.in: Define _BSD_SOURCE on FreeBSD, OpenBSD and DragonflyBSD [41c362f0a92a] 2011-09-20 Todd C. Miller * plugins/sudoers/po/da.po, plugins/sudoers/po/eo.po, plugins/sudoers/po/fi.po, plugins/sudoers/po/pl.po, plugins/sudoers/po/uk.po, plugins/sudoers/po/zh_CN.po: Update po files from translationproject.org [1e99e147c7fa] 2011-09-16 Todd C. Miller * doc/sudoers.ldap.pod, plugins/sudoers/ldap.c: Add support for DEREF in ldap.conf. [3c1937a98547] * Makefile.in: install target should depend on ChangeLog too, not just install-doc [1a7c83941175] * doc/sudoers.pod: Only iolog_file (not iolog_dir) supports mktemp-style suffixes. [0eca47d60a2c] * NEWS: Sync with 1.8 branch for sudo 1.8.2 and 1.8.3 changes. [0501415cc5ff] * doc/UPGRADE: Document group lookup change and possible side effects. [585743e1ebf7] * configure, configure.in: Fix some square brackets in case statements that needed to be doubled up. While here, use $OSMAJOR when it makes sense. [8973343f4696] * plugins/sudoers/pwutil.c: Fix a crash in make_grlist_item() on 64-bit machines with strict alignment. [c89508c73c46] * plugins/sudoers/defaults.c, plugins/sudoers/defaults.h: Remove list_options() function that is no longer used now that "sudo -L" is gone. [fcc6a776c135] * configure, configure.in: Error message if user tries --with-CC [ec5b478f813a] * configure, configure.in: Check for -libmldap too when looking for ldap libs, which is the Tivoli Directory Server client library. [bb3007a97206] 2011-09-09 Todd C. Miller * plugins/sudoers/parse.c: Honor NOPASSWD tag for denied commands too. [8dd92656db92] 2011-09-08 Todd C. Miller * INSTALL, configure, configure.in: Remove --with-CC option; it doesn't work correctly now that we use libtool. Users can get the same effect by setting the CC environment variable when running configure. [ec22bd1a55e0] 2011-08-31 Todd C. Miller * config.h.in, configure, configure.in, plugins/sudoers/visudo.c, src/sudo_edit.c: Assume all modern systems support fstat(2). [6a5a8985f6a0] 2011-08-30 Todd C. Miller * compat/regress/glob/globtest.c, config.h.in, configure, configure.in, include/missing.h, plugins/sudoers/sudoers.h, src/sudo.h, src/sudo_noexec.c: Add configure test for missing errno declaration and only declare it ourselves if it is missing. [456e76c809a2] * plugins/sudoers/alias.c: Include errno.h before sudo.h to avoid conflicting with the system definition of errno. [d0b97e392512] 2011-08-29 Todd C. Miller * plugins/sudoers/regress/parser/check_addr.c: Only print individual check status when there is a failure. [2ac704c91441] * plugins/sudoers/regress/iolog_path/check_iolog_path.c, plugins/sudoers/regress/logging/check_wrap.c, plugins/sudoers/regress/parser/check_addr.c: Add calls to setprogname() for test programs. [a8d9b420e826] * configure, configure.in: Add -Wall and -Werror after all tests so they don't cause failures. [2661188ff3fa] * plugins/sudoers/Makefile.in: Actually run check_addr in the check target [0b2778bc86bf] * MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/match.c, plugins/sudoers/match_addr.c, plugins/sudoers/regress/parser/check_addr.c, plugins/sudoers/regress/parser/check_addr.in: Split out address matching into its own file and add regression tests for it. [12b9a2bf8dba] 2011-08-27 Todd C. Miller * plugins/sudoers/match.c: When matching an address with a netmask in sudoers, AND the mask and addr before checking against the local addresses. [9747bb6d7b1c] 2011-08-26 Todd C. Miller * plugins/sudoers/match.c: Fix netmask matching. [a3c8f8cc1464] * plugins/sudoers/visudo.c: Don't assume all editors support the +linenumber command line argument, use a whitelist of known good editors. [21d43a91fd10] 2011-08-23 Todd C. Miller * plugins/sudoers/set_perms.c, plugins/sudoers/visudo.c, src/exec.c, src/exec_pty.c, src/sudo.c: Silence compiler warnings on Solaris with gcc 3.4.3 [da620bae6fdb] * mkpkg: Fix building on RHEL 3 [f3227fb2a252] * INSTALL, configure, configure.in: Add --enable-werror configure option. [fec2cdb95543] * common/setgroups.c: setgroups() proto lives in grp.h on RHEL4, perhaps others. [de91c0de5a98] * configure, configure.in: Use PAM by default on AIX 6 and higher. [e16493208e5f] 2011-08-22 Todd C. Miller * MANIFEST, plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po, src/po/eo.mo, src/po/eo.po: Add new Esperanto translation from translationproject.org [0d9a59e04c64] 2011-08-19 Todd C. Miller * plugins/sudoers/iolog_path.c: Quiet an innocuous valgrind warning. [0582b6027161] 2011-08-18 Todd C. Miller * plugins/sudoers/iolog_path.c, plugins/sudoers/regress/iolog_path/data: Fix expansion of strftime() escapes in log_dir and add a regress test that exhibited the problem. [a5c7c1c4c589] * plugins/sudoers/Makefile.in: Fix "make check" return value. [33b58e175230] 2011-08-17 Todd C. Miller * plugins/sudoers/po/sudoers.pot, src/po/sudo.pot: Regen pot files [063841aac19b] * Makefile.in: Fix logic inversion in pot file up to date check. [f6a8ca8654df] 2011-08-15 Todd C. Miller * configure, configure.in: Add caching for gettext() checks. [01b7200f6105] * configure, configure.in: Better handling of libintl header and library mismatch. [9a49b1d4db69] 2011-08-13 Todd C. Miller * plugins/sudoers/sudoers.c: Also check sudoers gid if sudoers is group writable. [23ef96ca0d33] 2011-08-12 Todd C. Miller * configure, configure.in: If dlopen is present but libtool doesn't find it, error out since it probably means that libtool doesn't support the system. [a9da0a5f7941] * mkpkg: configure args on the command line should override builtin defaults. Disable NLS for non-Linux/Solaris unless explicitly enabled. [b2fb05614504] * plugins/sudoers/auth/aix_auth.c: Fix loop that calls authenticate(). If there was an error message from authenticate(), display it. [063a0c4f0b9a] 2011-08-11 Todd C. Miller * m4/libtool.m4, m4/ltversion.m4: Update to autoconf 2.68 and libtool 2.4 [5a912a6eb67b] * config.guess, config.sub, configure, configure.in, ltmain.sh: Update to autoconf 2.68 and libtool 2.4 [931ab56aecf6] * doc/sudoers.pod: Fix typo; OPT should be OTP [e97bd2e46544] * plugins/sudoers/Makefile.in: Rename libsudoers convenience library to libparsesudoers to avoid libtool confusion. [2a89a613f537] 2011-08-10 Todd C. Miller * MANIFEST, plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po: Add Danish sudoers translation from translationproject.org [27b96e85eb13] * plugins/sudoers/sudoers.c, plugins/sudoers/testsudoers.c: Add dedicated callback function for runas_default sudoers setting that only sets runas_pw if no runas user or group was specified by the user. [b8382d8eea34] 2011-08-09 Todd C. Miller * plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po, plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po, plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po, src/po/ru.mo, src/po/ru.po: Update Finish, Polish, Russian and Ukrainian translations from translationproject.org. [f9339aff664e] * plugins/sudoers/defaults.h, plugins/sudoers/sudoers.c, plugins/sudoers/testsudoers.c: Go back to using a callback for runas_default to keep runas_pw in sync. This is needed to make per-entry runas_default settings work with LDAP-based sudoers. Instead of declaring it a callback in def_data.in, sudo and testsudoers poke sudo_defs_table[] which is a bit naughty, but avoids requiring stub functions in visudo and the tests. [9aaefb908415] 2011-08-05 Todd C. Miller * Makefile.in: Add check for out of date message catalogs when doing "make dist". [e45a29b612f4] 2011-08-02 Todd C. Miller * configure: regen [d6f9ad26774a] * configure.in: Make sure compiler supports static-libgcc before using it. [b01bd9566e50] 2011-08-01 Todd C. Miller * src/Makefile.in: Link libsudo_noexec.la with LDLDFLAGS for -static-libgcc [c99c7ab3edef] 2011-07-30 Todd C. Miller * MANIFEST, plugins/sudoers/po/fi.mo, plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po, plugins/sudoers/po/uk.mo, plugins/sudoers/po/zh_CN.mo, src/po/ru.mo, src/po/ru.po, src/po/zh_CN.mo: Add new Russian sudo translation from translationproject.org and rebuild the other translation files. [e20015459056] 2011-07-29 Todd C. Miller * plugins/sudoers/po/fi.po, plugins/sudoers/po/pl.po: Update Finish and Polish translations from translationproject.org [4e3dbba4a1de] * plugins/sudoers/sudoers.c, src/parse_args.c, src/sudo.c: Go back to escaping the command args for "sudo -i" and "sudo -s" before calling the plugin. Otherwise, spaces in the command args are not treated properly. The sudoers plugin will unescape non- spaces to make matching easier. [dfa2c4636f33] 2011-07-28 Todd C. Miller * plugins/sudoers/check.c, plugins/sudoers/group_plugin.c, plugins/sudoers/ldap.c, plugins/sudoers/parse.c, plugins/sudoers/set_perms.c, plugins/sudoers/toke.c, plugins/sudoers/toke.l: Fix some potential problems found by the clang static analyzer, none serious. [ff64aa74aae6] * plugins/sudoers/po/uk.po, plugins/sudoers/po/zh_CN.po, src/po/zh_CN.po: Updated Ukranian and Chinese (simplified) po files from translationproject.org [ec792becb48e] 2011-07-27 Todd C. Miller * plugins/sudoers/po/pl.po: Updated Polish translation from translationproject.org [a3af53cb649c] * plugins/sudoers/po/sudoers.pot, src/po/sudo.pot: Rebuild pot files [c650524c0f0a] * plugins/sudoers/audit.c, plugins/sudoers/sudoers.c: Don't try to audit failure if the runas user does not exist. We don't have the user's command at this point so there is nothing to audit. Add a NULL check in audit_success() and audit_failure() just to be on the safe side. [2a0007c2022f] * mkpkg: Add -g to CFLAG for PIE builds. [32a0a9693c9c] 2011-07-25 Todd C. Miller * plugins/sudoers/pwutil.c, plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h, src/sudo.c: Remove fallback to per-group lookup when matching groups in sudoers. The sudo front-end will now use getgrouplist() to get the user's list of groups if getgroups() fails or returns zero groups so we always have a list of the user's groups. For systems with mbr_check_membership() which support more that NGROUPS_MAX groups (Mac OS X), skip the call to getgroups() and use getgrouplist() so we get all the groups. [51b3ed8c600b] 2011-07-22 Todd C. Miller * common/setgroups.c: Fix setgroups() fallback code on EINVAL. [2b6faecd56a4] * plugins/sudoers/set_perms.c: Fix two PERM_INITIAL cases that were still using user_gids. [9680bab0acc6] * MANIFEST: Add Polish sudo message catalog [8bb40c3ba576] * plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h: user_group is no longer used, remove it [9acede0fe6c5] 2011-07-20 Todd C. Miller * MANIFEST, plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po: Add Polish translation from translationproject.org [afac5c638573] * MANIFEST, common/Makefile.in, common/setgroups.c, plugins/sudoers/set_perms.c, plugins/sudoers/sudoers.h, src/sudo.c, src/sudo.h, src/sudo_edit.c: Add a wrapper for setgroups() that trims off extra groups and retries if setgroups() fails. Also add some missing addrefs for PERM_USER and PERM_FULL_USER. [224dfd8aae5c] * MANIFEST, compat/Makefile.in, compat/getgrouplist.c, config.h.in, configure, configure.in, include/missing.h, mkdep.pl, plugins/sudoers/ldap.c, plugins/sudoers/pwutil.c, plugins/sudoers/set_perms.c, plugins/sudoers/sudo_nss.c, plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h, src/sudo.c: Instead of keeping separate groups and gids arrays, create struct group_info and use it to store both, along with a count for each. Cache group info on a per-user basis using getgrouplist() to get the groups. We no longer need special to special case the user or list user for user_in_group() and thus no longer need to reset the groups list when listing another user. [0ad849a8b2d5] * src/preload.c: Don't rely on NULL since we don't include a header for it. [b40937f1890c] 2011-07-19 Todd C. Miller * doc/sudoers.pod: Fix typo [c1035360e169] 2011-07-18 Todd C. Miller * plugins/sudoers/sudoers.c: Do not shadow global sudo_mode with a local variable in set_cmnd() [0c72969503ad] 2011-07-17 Todd C. Miller * plugins/sudoers/sudoers.c: bash 2.x doesd not support the -l flag and exits with an error if it is specified so use --login instead. This causes an error with bash 1.x (which uses -login instead) but this version is hopefully less used than 2.x. [5c4c296e30e6] * src/po/pl.mo, src/po/pl.po: Add Polish translation from translationproject.org [48592dd6edcf] 2011-07-13 Todd C. Miller * plugins/sudoers/set_perms.c: Make error strings translatable. [414c5c484768] * mkpkg: Only run configure with --with-pam-login for RHEL 5 and above. [6c16e4de4026] * sudo.pp: Fix typo in summary [9ac618c9a749] 2011-07-11 Todd C. Miller * plugins/sudoers/logwrap.c: Add missing logwrap.c [c12a413ecc1d] * MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/logging.c, plugins/sudoers/logging.h, plugins/sudoers/regress/logging/check_wrap.c, plugins/sudoers/regress/logging/check_wrap.in, plugins/sudoers/regress/logging/check_wrap.out.ok: Split out log file word wrap code into its own file and add unit tests. Fixes an off-by one in the word wrap when the log line length matches loglinelen. [52ed277f6690] 2011-07-05 Todd C. Miller * mkpkg: For SuSE, only use /usr/lib64 as libexec if generating 64-bit binaries. [645ab903cf77] * src/load_plugins.c, src/sudo.c: Fix build error when --without-noexec configure option is used. [b994f7b0d8b4] * configure, configure.in: Disable noexec for AIX < 5. LDR_PRELOAD is only available in AIX 5.3 and above. [c2a6f9b472f3] 2011-07-01 Todd C. Miller * plugins/sudoers/ldap.c, plugins/sudoers/pwutil.c, plugins/sudoers/set_perms.c, plugins/sudoers/sudo_nss.c, plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h: Resolve the list of gids passed in from the sudo frontend (the result of getgroups()) to names and store both the group names and ids in the sudo_user struct. When matching groups in the sudoers file, match based on the names in the groups list first and only do a gid-based match when we absolutely have to. By matching on the group name (as it is listed in sudoers) instead of id (which we would have to resolve) we save a lot of group lookups for sudoers files with a lot of groups in them. [8dc19353f148] 2011-06-26 Todd C. Miller * plugins/sudoers/sudoers.c: Workaround for "sudo -i command" and newer versions of bash which don't go into login mode when -c is specified unless -l is too. [9393762b80f3] 2011-06-23 Todd C. Miller * plugins/sudoers/logging.c: Rewrite logfile word wrapping code to be more straight-forward and actually wrap at the correct place. [f712a0c90f55] 2011-06-22 Todd C. Miller * doc/CONTRIBUTORS, doc/contributors.pod, plugins/sudoers/sudoers.c: Set use_pty=true in command details when use_pty is set in sudoers. From Ludwig Nussel [8d95a163dfc1] 2011-06-20 Todd C. Miller * plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po, src/po/zh_CN.mo, src/po/zh_CN.po: Sync Chinese (simplified) PO files from translationproject.org [acce8eb7be18] 2011-06-18 Todd C. Miller * MANIFEST, plugins/sudoers/po/eu.mo, plugins/sudoers/po/fi.mo, plugins/sudoers/po/uk.mo, src/po/da.mo, src/po/da.po, src/po/eu.mo: Add Danish translation from translationproject.org and add missing Basque mo files. [0c22bb21b9c4] * Makefile.in, configure, configure.in: No longer need to specify LINGUAS in configure, "make install-nls" now just installs all the .mo files it finds. [fcd45cf04885] 2011-06-17 Todd C. Miller * MANIFEST, doc/CONTRIBUTORS, doc/Makefile.in, doc/contributors.pod: Build CONTRIBUTORS from newly-added contributors.pod [8b192f2720f4] * doc/CONTRIBUTORS: Rework the wording in the leading paragraph [312044145cdd] 2011-06-14 Todd C. Miller * MANIFEST, doc/CONTRIBUTORS: Add a CONTRIBUTORS file with the names of folks who have contributed code or patches to sudo since I started maintaining it (plus the original authors). [b8bdd8b59528] 2011-06-13 Todd C. Miller * plugins/sudoers/env.c: Preserve SHELL variable for "sudo -s". Otherwise we can end up with a situation where the SHELL variable and the actual shell being run do not match. [b8b3974aee3e] 2011-06-10 Todd C. Miller * configure, configure.in: Only enable Solaris project support when setproject() is present in libproject. [49ad7857ab89] * sudo.pp: Explicitly set mode and owner of /etc/sudoers instead of relying on "cp -p" to work in the postinstall script. On AIX 6.1 at least the postinstall script runs before the final file permissions are set. [e41ffc0212b2] 2011-06-09 Todd C. Miller * doc/sudo.pod, doc/sudoers.pod: Refer the user to the "Command Environment" section in description of sudo's -i option. [263cc3be7eef] * doc/sudo.pod: Fix typo [35dfac450f4d] 2011-06-08 Todd C. Miller * mkdep.pl: If there is no old dependency for an object file, use the MANIFEST to find its source. [d15e3b9899f9] * compat/Makefile.in: Remove dependency for getgrouplist.lo as we don't ship that source file. [312a6d5fe6b0] 2011-06-07 Todd C. Miller * plugins/sudoers/getdate.c, plugins/sudoers/getdate.y: Do not declare yyparse() static as the actual function generated by yacc is extern. [9017b79dcf55] 2011-06-06 Todd C. Miller * Makefile.in: Remove locale files in "make uninstall" [201ff261ecbe] * configure.in, plugins/sudoers/po/eu.po, plugins/sudoers/po/fi.po, plugins/sudoers/po/uk.po, src/po/eu.po: Add Basque translation and sync Finish and Ukranian translations. [66d2c78c8a13] * configure, configure.in: FreeBSD no longer needs the main sudo binary to link with -lpam now that plug-ins are loaded with RTLD_GLOBAL. [96c710df2457] * plugins/sudoers/group_plugin.c, src/load_plugins.c: Load plugins with RTLD_GLOBAL instead of RTLD_LOCAL. This fixes problems with pam modules not having access to symbols provided by libpam on some platforms. Affects FreeBSD and SLES 10 at least. [0d016983ec84] * Makefile.in: Move xgettext invocation out of update-po target into update-pot [19a73c6d017c] 2011-06-04 Todd C. Miller * plugins/sudoers/po/sudoers.pot, src/po/sudo.pot: Regenerate .pot files for 1.8.2rc2 [c3037f591dd8] * Makefile.in, common/Makefile.in, compat/Makefile.in, doc/Makefile.in, include/Makefile.in, plugins/sample/Makefile.in, plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in, src/Makefile.in, zlib/Makefile.in: Move nls targets to the top level Makefile so the paths in the pot file are saner [65b9285cd8d9] * src/po/fi.mo: Add compiled version of sudo Finish translation [8f2405384ea3] * MANIFEST, plugins/sudoers/po/fi.mo, plugins/sudoers/po/uk.mo: Update MANIFEST with .po and .mo files Rebuild sudoers fi and uk .mo files [a165e70fa9ec] * configure, configure.in, plugins/sudoers/po/fi.po: Add Finish translation from translationproject.org [4466f8a96ceb] 2011-06-03 Todd C. Miller * doc/sudoers.pod: The group named by exempt_group should not have a % prefix. [df084d6b32c8] 2011-06-01 Todd C. Miller * doc/sudoers.pod: Fix typo; "Defaults group_plugin" not "Defaults sudo_plugin" [5113699a3f8b] 2011-05-31 Todd C. Miller * src/exec.c, src/exec_pty.c: Fix compressed io log corruption in background mode by using _exit() instead of exit() to avoid flushing buffers twice. Improved background mode support. When not allocating a pty, the command is run in its own process group. This prevents write access to the tty. When running in a pty, stdin is not hooked up and we never read from /dev/tty, which results in similar behavior. [87c15149894c] * compat/Makefile.in, mkdep.pl, plugins/sudoers/Makefile.in: Clean up regress files Generate proper dependencies for regress objs in compat [88bfc728c1e7] * plugins/sudoers/Makefile.in: Add missing dependency for check_fill.o. [0bd6362e3e17] 2011-05-29 Todd C. Miller * INSTALL, configure, configure.in: Add support for --enable-nls[=location] [b90db44a050f] 2011-05-28 Todd C. Miller * plugins/sudoers/linux_audit.c: Include gettext.h [7f909a6e48cb] * plugins/sudoers/ldap.c, plugins/sudoers/parse.c: Quiet gcc warnings. [b41a6cdca583] * configure, configure.in: Don't install .mo files if gettext was not found. [1397b34cc165] 2011-05-27 Todd C. Miller * src/exec.c: Always allocate a pty when running a command in the background but call setsid() after forking to make sure we don't end up with a controlling tty. [b6454ba172e8] * plugins/sudoers/iolog.c: Add missing space between command name and the first command line argument. [fe217f0a36d4] * plugins/sudoers/sudoreplay.c: Quiet a compiler warning on some platforms. [de9f2849f236] * plugins/sudoers/po/README, src/po/README: README file that directs people to translationproject.org [30c0fc323281] * plugins/sudoers/po/uk.po, src/po/fi.po: Sync translations with TP [1d7d64559cba] * Makefile.in: Add 'sync-po' target to top-level Makefile to rsync the po files from translationproject.org. [20508211aaa3] * plugins/sudoers/Makefile.in: install nls files from install target [5fc07b6cab38] * Makefile.in, plugins/sudoers/Makefile.in, src/Makefile.in, sudo.pp: Include .mo files in sudo binary packags. [278d4821a916] * configure, configure.in, plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po, src/po/zh_CN.mo, src/po/zh_CN.po: Add simplified chinese translation [2b33ffc755b9] 2011-05-26 Todd C. Miller * configure, configure.in, plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po, src/po/uk.mo, src/po/uk.po: Add ukranian translation [2d8102688e93] * compat/Makefile.in: refer to siglist.c, not ./siglist.c since not all makes will treat foo and ./foo the same. [6639d293ffba] * plugins/sudoers/sudoers.c: Set def_preserve_groups before searching for the command when the -P flag is specified. [0edc7942f875] * Makefile.in, compat/Makefile.in, mkdep.pl, plugins/sudoers/Makefile.in: Add dependency for siglist.lo in compat. This is a generated file so "make depend" needs to depend on it. [28d0932f8b50] * compat/Makefile.in: More dependency fixes. [aad0d05cd020] * compat/Makefile.in: Fix a few dependencies. [eb21aa35a032] * plugins/sudoers/Makefile.in, src/Makefile.in: Place compiled mo files in the src dir, not the build dir. When installing compiled mo files, display a status message. [e15634c29cd3] 2011-05-25 Todd C. Miller * doc/sudoers.ldap.pod, plugins/sudoers/ldap.c: Tivoli Directory Server requires that seconds be present in a timestamp, even though RFC 4517 states that they are optional. [55fe23dd4ef9] * plugins/sudoers/sudo_nss.h: Add missing bit of copyright [d2eba3c364ca] * doc/visudo.pod: Mention cycle detection warnings [a76bef15ab67] * plugins/sudoers/visudo.c: When checking aliases, also check the contents of the alias in case there are problems with an alias that is referenced inside another. Replace the self reference check with real alias cycle detection. [a66c904cf53b] * plugins/sudoers/alias.c: Set errno to ELOOP in alias_find() if there is a cycle. Set errno to ENOENT in alias_find() and alias_remove() if the entry could not be found. [b4f0b89e433c] * plugins/sudoers/visudo.c: Increment alias_seqno before calls to alias_remove_recursive() to avoid false positives with the alias loop detection. Fixes spurious warnings about unused aliases when they are nested. [a344483b8193] * MANIFEST: add mkdep.pl [86b7ed33eab2] * plugins/sudoers/Makefile.in: Add dependency on convenience libs to binaries [cd3078b3c997] * Makefile.in: mkdep.pl only works when run from the src dir [f35a5e47c944] * Makefile.in, common/Makefile.in, compat/Makefile.in, mkdep.pl, plugins/sample/Makefile.in, plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in, src/Makefile.in, zlib/Makefile.in: Auto-generate Makefile dependencies with a perl script. [a3e4afcd7975] 2011-05-23 Todd C. Miller * plugins/sudoers/match.c: If the user specifies a runas group via sudo's -g option that matches the runas user's group in the passwd database and that group is not denied in the Runas_Spec, allow it. Thus, if user root's gid in /etc/passwd is 0, then "sudo -u root -g root id" is allow even if no groups are present in the Runas_Spec. [e3f9732dc564] 2011-05-22 Todd C. Miller * plugins/sudoers/Makefile.in, src/Makefile.in: Add dependencies on gettext.h [a3a9dc51f78b] * plugins/sudoers/Makefile.in, src/Makefile.in: Fix install-nls target with HP-UX sh when gettext is not present. [0c6b9655cd41] 2011-05-20 Todd C. Miller * plugins/sudoers/Makefile.in, plugins/sudoers/po/sudoers.pot, src/Makefile.in, src/po/sudo.pot: regenerate .pot files for lbuf changes [918ded125a0b] * configure, configure.in: Add missing "checking" message for gettext when using the cache. [9c21187ad1d2] * common/lbuf.c, include/lbuf.h, plugins/sudoers/ldap.c, plugins/sudoers/parse.c, plugins/sudoers/sudo_nss.c, src/parse_args.c: Add primitive format string support to the lbuf code to make translations simpler. [ee71c7ef5299] * MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/po/sudoers.pot, src/Makefile.in, src/po/sudo.pot: Add message catalog template files for sudo and the sudoers module. [f3f8acb1f014] * MANIFEST, common/aix.c, common/alloc.c, compat/strsignal.c, config.h.in, configure.in, doc/Makefile.in, include/gettext.h, plugins/sudoers/iolog.c, plugins/sudoers/plugin_error.c, plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h, plugins/sudoers/sudoreplay.c, plugins/sudoers/visudo.c, src/error.c, src/net_ifs.c, src/sesh.c, src/sudo.c, src/sudo.h: Add gettext.h convenience header. This is similar to but distinct from the one included with the gettext package. [930a0591f73c] 2011-05-19 Todd C. Miller * configure, configure.in: Add checks for nroff -c and -Tascii flags [19ca990b3149] * configure, configure.in: Add check for HP bundled C Compiler (which cannot create shared libs) [517716a7072d] * plugins/sudoers/sudoreplay.c: Fix C format warnings. [6514326013fa] * include/error.h: Add __printflike [e1749a30a406] * plugins/sudoers/ldap.c, plugins/sudoers/parse.c, plugins/sudoers/sudo_nss.c, plugins/sudoers/sudoreplay.c, plugins/sudoers/visudo.c, src/parse_args.c: Translate help / usage strings. [ee1cc9b1a8bd] * plugins/sudoers/Makefile.in, src/Makefile.in: Set --msgid-bugs-address to the bugzilla url [5a0aa250ca21] * Makefile.in, common/Makefile.in, compat/Makefile.in, configure, configure.in, doc/Makefile.in, include/Makefile.in, plugins/sample/Makefile.in, plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in, src/Makefile.in, zlib/Makefile.in: Add scaffolding to update .po files and install .mo files. [f05f4eed1fe1] * doc/license.pod: update copyright year [fa0c62523875] * INSTALL, README: No need to include version number at the top of these files. [9f2981325351] 2011-05-18 Todd C. Miller * plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/env.c, plugins/sudoers/find_path.c, plugins/sudoers/group_plugin.c, plugins/sudoers/sudoers.c, plugins/sudoers/sudoreplay.c, plugins/sudoers/visudo.c: Minor warning/error cleanup [9236dc85aeab] * config.h.in, configure.in: Emulate ngettext for the non-nls case [13571d63fa36] * plugins/sudoers/ldap.c: Do not mark untranslatable strings for translation [735f5d4413fe] * plugins/sudoers/check.c: Use ROOT_UID not 0. [09a268db8da4] * plugins/sudoers/check.c, plugins/sudoers/iolog.c, plugins/sudoers/logging.c, src/exec.c, src/exec_pty.c, src/load_plugins.c, src/sudo.c, src/sudo_edit.c: Minor warning/error message cleanup [3c7b1a7939b5] * plugins/sudoers/auth/fwtk.c, plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/iolog.c, plugins/sudoers/ldap.c, plugins/sudoers/logging.c, plugins/sudoers/mon_systrace.c, plugins/sudoers/sudoreplay.c, plugins/sudoers/visudo.c, src/exec.c, src/exec_pty.c, src/net_ifs.c, src/selinux.c: cannot -> "unable to" in warning/error messages [31c3897649e9] * plugins/sudoers/check.c, plugins/sudoers/mon_systrace.c, plugins/sudoers/set_perms.c, plugins/sudoers/sudo_nss.c, plugins/sudoers/sudoers.c, plugins/sudoers/visudo.c, src/exec_pty.c, src/sudo.c, src/utmp.c: can't -> "unable to" in warning/error messages [127b75f15291] * configure, configure.in: FreeBSD needs the main sudo executable to link with -lpam when loading dynaic pam modules for some reason. [944522cc9bef] 2011-05-17 Todd C. Miller * plugins/sudoers/ldap.c, src/exec.c, src/exec_pty.c, src/sudo.c: We don't want to translate debugging messages. [56a1a365815a] * configure, configure.in, plugins/sudoers/Makefile.in, plugins/sudoers/iolog.c, plugins/sudoers/plugin_error.c, plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h, plugins/sudoers/sudoreplay.c, plugins/sudoers/visudo.c, src/Makefile.in, src/sesh.c, src/sudo.c: Add calls to bindtextdomain() and textdomain() Currently there are two domains, one for the sudo front-end and one for the sudoers plugin and its associated utilities. [0426138f789e] * configure, configure.in: Fix caching of libc gettext check. [942142d2c43a] * plugins/sudoers/def_data.c, plugins/sudoers/defaults.c, plugins/sudoers/mkdefaults: Mark defaults descriptions for translation [5b27f018e6cf] * NEWS: Update for sudo 1.8.1p2 [747c4dee2ca7] 2011-05-16 Todd C. Miller * plugins/sudoers/toke.c, plugins/sudoers/toke.l: Quiet compiler warning when SELinux is enabled. [1fbf77dda240] * plugins/sudoers/plugin_error.c, plugins/sudoers/sudoreplay.c, src/error.c, src/net_ifs.c, src/sesh.c: Add missing includes of libintl.h. [bc1d66316082] * plugins/sudoers/auth/pam.c: Fix gettext marker. [a5cf4ed66c66] * common/aix.c, common/alloc.c, compat/strsignal.c, plugins/sudoers/auth/pam.c, plugins/sudoers/sudoers.h, src/sudo.h: Include libint.h where needed. [2b0e5a663c7b] * plugins/sudoers/alias.c, plugins/sudoers/auth/bsdauth.c, plugins/sudoers/auth/fwtk.c, plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/pam.c, plugins/sudoers/auth/rfc1938.c, plugins/sudoers/auth/securid.c, plugins/sudoers/auth/securid5.c, plugins/sudoers/auth/sia.c, plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/bsm_audit.c, plugins/sudoers/check.c, plugins/sudoers/defaults.c, plugins/sudoers/env.c, plugins/sudoers/find_path.c, plugins/sudoers/gram.c, plugins/sudoers/gram.y, plugins/sudoers/group_plugin.c, plugins/sudoers/interfaces.c, plugins/sudoers/iolog.c, plugins/sudoers/iolog_path.c, plugins/sudoers/ldap.c, plugins/sudoers/linux_audit.c, plugins/sudoers/logging.c, plugins/sudoers/parse.c, plugins/sudoers/plugin_error.c, plugins/sudoers/pwutil.c, plugins/sudoers/set_perms.c, plugins/sudoers/sudo_nss.c, plugins/sudoers/sudoers.c, plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c, plugins/sudoers/toke.c, plugins/sudoers/toke.l, plugins/sudoers/toke_util.c, plugins/sudoers/visudo.c: Prepare sudoers module messages for translation. [7212ae1909c5] * plugins/sudoers/sudoers.c: Only check gid of sudoers file if it is group-readable. [50e3bc0cb242] * plugins/sudoers/auth/aix_auth.c: For AIX, keep calling authenticate() until reenter reaches 0. [e240815b74b1] 2011-05-09 Todd C. Miller * configure, configure.in: Cache the status of the initial gettext() check. [32751ebe1704] * INSTALL, configure, configure.in: Add --disable-nls flag and improve checks for gettext. [c7e6b17052de] * configure, configure.in: When building with gcc on HP-UX, use -march=1.1 to produce portable binaries on a pa-risc2 host. Previously, the +Dportable option was used for the HP-UX C compiler but gcc always produced native binaries. [8f4c749324d7] 2011-05-06 Todd C. Miller * common/aix.c, common/alloc.c, compat/strsignal.c, src/error.c, src/exec.c, src/exec_pty.c, src/load_plugins.c, src/net_ifs.c, src/parse_args.c, src/selinux.c, src/sesh.c, src/sudo.c, src/sudo_edit.c, src/tgetpass.c, src/utmp.c: Prepare sudo front end messages for translation. [2fc2fabceccb] 2011-05-04 Todd C. Miller * config.h.in, configure, configure.in, plugins/sudoers/auth/pam.c: Add initial scaffolding to support localization via gettext() [7d47b59fcf95] * compat/fnmatch.h, compat/glob.h: Don't let the fnmatch/glob macros expand the function prototype. [a9014aa0288e] 2011-05-03 Todd C. Miller * compat/fnmatch.c, compat/fnmatch.h, compat/glob.c, compat/glob.h: Resolve namespace collisions on HP-UX ia64 and possibly others by adding a rpl_ prefix to our fnmatch and glob replacements and #defining rpl_foo to foo in the header files. [caa9b690a15d] 2011-04-29 Todd C. Miller * plugins/sudoers/toke.c, plugins/sudoers/toke.l: Split ALL, ROLE and TYPE into their own actions. Since you can only have #ifdefs inside of braces, ROLE and TYPE use a naughty goto in the non-SELinux case. This is safe because the actions are in one big switch() statement. [7473fc2cfa2c] * plugins/sudoers/toke.c, plugins/sudoers/toke.l: Fix regexp for matching a CIDR-style IPv4 netmask. From Marc Espie. [9be3480c2865] 2011-04-27 Todd C. Miller * doc/UPGRADE, doc/sudoers.pod: askpass moved from sudoers to sudo.conf in sudo 1.8.0 [b2c2956cec4e] * doc/sudoers.pod: Remove obsolete warning about runas_default and ordering. Move syslog facility and priority lists into the section where the relevant options are described. [e57b8dc3f779] 2011-04-26 Todd C. Miller * plugins/sudoers/auth/sia.c: Fix SIA support; we no longer have access to the real argc and argv so allocate space for a fake one and use the argv passed to the plugin with "sudo" for argv[0]. [1c0552772ad2] 2011-04-23 Todd C. Miller * src/net_ifs.c: Remove useless realloc when trying to get the buffer size right. [792225380a62] * plugins/sudoers/set_perms.c: Be explicit when setting euid to 0 before call to setreuid(0, 0) [7bfeb629fccb] 2011-04-18 Todd C. Miller * configure, configure.in: Need to do checks for krb5_verify_user, krb5_init_secure_context and krb5_get_init_creds_opt_alloc regardless of whether or not krb5-config is present. [9d1b98ece1d3] 2011-04-15 Todd C. Miller * plugins/sudoers/set_perms.c: Work around weird AIX saved uid semantics on setuid() and setreuid(). On AIX, setuid() will only set the saved uid if the euid is already 0. [069fc08150ca] 2011-04-14 Todd C. Miller * sudo.pp: update copyright year [1c42d579ba6e] * plugins/sudoers/toke.c, plugins/sudoers/toke.l: Treat a missing includedir like an empty one and do not return an error. [92f71d8cbfd4] 2011-04-12 Todd C. Miller * pp: Fix ARCH setting in cross-compile Solaris packages. [b0de281cc889] * sudo.pp: Fix aix version setting. [98437dbfb085] * plugins/sudoers/ldap.c: Remove extraneous parens in LDAP filter when sudoers_search_filter is enabled that causes a search error. From Matthew Thomas. [1d75bf1fc8d9] 2011-04-11 Todd C. Miller * plugins/sudoers/regress/iolog_path/check_iolog_path.c: Correct sizeof() to fix test failure. [fd2f7c0c0572] * plugins/sudoers/Makefile.in: "install" target should depend on "install-dirs". Fixes "make -j" problem and closes bz #487. From Chris Coleman. [083902d38edb] 2011-04-07 Todd C. Miller * config.h.in: Add HAVE_RFC1938_SKEYCHALLENGE [a94cb33758a8] 2011-04-06 Todd C. Miller * NEWS: Mention plugin loading and libgcc changes [e11b30b5026a] * src/load_plugins.c, src/sudo.c, src/sudo_plugin_int.h: Load plugins after parsing arguments and potentially printing the version. That way, an error loading or initializing a plugin doesn't break "sudo -h" or "sudo -V". [1b76f2b096a2] * Makefile.in: When using a sub-shell to invoke the sub-make, exec make instead of running it inside the shell to avoid an extra process. [fd2c04a71fbf] * compat/regress/fnmatch/fnm_test.in, compat/regress/glob/globtest.c: Stop testing unspecified behavior in fnmatch Make glob test more portable [229803093725] * compat/Makefile.in: No need to add current dir to include path and having it breaks the test programs that expect to get the system glob.h and fnmatch.h [68085f624be4] * INSTALL, configure, configure.in: Fix and document --with-plugindir; partially from Diego Elio Petteno [07edc52ea89e] * compat/Makefile.in, compat/regress/fnmatch/fnm_test.c, compat/regress/fnmatch/fnm_test.in, compat/regress/glob/globtest.c, compat/regress/glob/globtest.in: Fix fnmatch and glob tests to not use hard-coded flag values in the input file. Link test programs with libreplace so we get our replacement verions as needed. [c2cca448f660] * Makefile.in: If make in a subdir fails, fail the target in the upper level Makefile too. Adapted from a patch from Diego Elio Petteno [76fc9a0d96fd] * configure, configure.in, plugins/sudoers/auth/rfc1938.c: Add check for NetBSD-style 4-argument skeychallenge() as Gentoo also has this. Adapted from a patch from Diego Elio Petteno [a97279a59b93] * plugins/sudoers/Makefile.in: Make SUDOERS_LDFLAGS reference $(LDFLAGS) instead of using @LDFLAGS@ directly. [47b884029b3b] * configure, configure.in: Fix warnings when -without-skey, --without-opie, --without-kerb4, --without-kerb5 or --without-SecurID were specified. [71ad150f4d24] * MANIFEST: Add plugins/sudoers/sudoers_version.h [7423966de440] * configure, configure.in, plugins/sample/Makefile.in, plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in: Back out the --with-libpath addition to SUDOERS_LDFLAGS since that now include LDFLAGS in the sudoers Makefile.in. Add missing settng of @LDFLAGS@ in plugin Makefile.in files. [b835826f889c] 2011-04-05 Todd C. Miller * NEWS: Mention %#gid support in User_List and Runas_List [5a983dff017a] * plugins/sudoers/sudoers.c, plugins/sudoers/sudoers_version.h, plugins/sudoers/visudo.c: Keep track of sudoers grammar version and report it in the -V output. [52901a3c0296] * plugins/sudoers/sudo_nss.h: Add multiple inclusion guard [50853aed046e] * configure, configure.in, plugins/sample/Makefile.in, plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in: The --with-libpath option now adds to SUDOERS_LDFLAGS as well as LDFLAGS. Remove old -static hack for HP-UX < 9. Add LTLDFLAGS and set it to -Wc,-static-libgcc if not using GNU ld so we don't have a dependency on the shared libgcc in sudoers.so. [66ad8bc5e32d] * doc/sudoers.pod: Fix typo; from Petr Uzel [f9a7afd80892] 2011-04-01 Todd C. Miller * plugins/sudoers/testsudoers.c: In dump-only mode, use "root" as the default username instead of "nobody" as the latter may not be available on all systems. [0c48e6414337] 2011-03-31 Todd C. Miller * plugins/sudoers/testsudoers.c: Remove NewArgv/NewArgc, they are no longer needed. [16e18f734c7e] * plugins/sudoers/testsudoers.c: Fix setting of user_args [aa29e0d0a54a] * plugins/sudoers/toke.c, plugins/sudoers/toke.l: Add '!' token to lex tracing [5227ad266235] * plugins/sudoers/regress/testsudoers/test1.sh: Use group bin in test, not wheel as most systems have the bin group but the same is no longer true of wheel. [718802b3b45e] * plugins/sudoers/toke.c, plugins/sudoers/toke.l: Avoid using pre or post increment in a parameter to a ctype(3) function as it might be a macro that causes the increment to happen more than once. [78e281152c3a] 2011-03-30 Todd C. Miller * sudo.pp: Strip off the beta or release candidate version when building AIX packages. [28fe31668559] * configure, configure.in: We need to include OSDEFS in CFLAGS when doing the utmp/utmpx structure checks for glibc which only has __e_termination visible when _GNU_SOURCE is *not* defined. [59ae1698911f] * common/aix.c: getuserattr(user, ...) will fall back to the "default" entry automatically, there's no need to check "default" manually. [3c7a47a61fdb] 2011-03-29 Todd C. Miller * doc/UPGRADE: Document parser changes. [ec415503308d] * Makefile.in, common/Makefile.in, compat/Makefile.in, doc/Makefile.in, include/Makefile.in, plugins/sample/Makefile.in, plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in, src/Makefile.in, zlib/Makefile.in: If there is an existing sudoers file, only install if it passes a syntax check. [37427c73e8cb] * plugins/sudoers/regress/sudoers/test6.out.ok, plugins/sudoers/testsudoers.c: Add runasgroup support to testsudoers [047ea5571f33] * plugins/sudoers/Makefile.in: For "make check", keep going even if a test fails. [ce6a0a73c372] * plugins/sudoers/testsudoers.c: More useful exit codes: * 0 - parsed OK and command matched. * 1 - parse error * 2 - command not matched * 3 - command denied [1d2ce1361903] * doc/sudoers.pod: Document %#gid, and %:#nonunix_gid syntax. [492d4f9696c4] * plugins/sudoers/pwutil.c: Add support to user_in_group() for treating group names that begin with a '#' as gids. [20240c94a134] * config.h.in, configure, configure.in, src/utmp.c: Add explicit check for struct utmpx.ut_exit.e_termination and struct utmpx.ut_exit.__e_termination. HP-UX uses the latter. Only update ut_exit if we detect one or the other. [b4e8cab777e6] 2011-03-28 Todd C. Miller * plugins/sudoers/toke.c: Add back missing #include of config.h [9ab3897a1b2e] * plugins/sudoers/iolog_path.c, plugins/sudoers/regress/iolog_path/data: Avoid a NULL deref on unrecognized escapes. Collapse %% -> % like strftime() does. [93395762cdcd] * aclocal.m4: Quote first argument to AC_DEFUN(); from Elan Ruusamae [97f53ad31d77] 2011-03-27 Todd C. Miller * MANIFEST: add new sudoers tests [476af91b3da3] * plugins/sudoers/regress/sudoers/test8.in, plugins/sudoers/regress/sudoers/test8.out.ok, plugins/sudoers/regress/sudoers/test8.toke.ok: Add test for a newline in the middle of a string when no line continuation character is used. [de2394bc86ab] * plugins/sudoers/toke.c, plugins/sudoers/toke.l: Use bitwise AND instead of modulus to check for length being odd. A newline in the middle of a string is an error unless a line continuation character is used. [bdb1d762a1d5] * plugins/sudoers/gram.c, plugins/sudoers/gram.y, plugins/sudoers/toke.c, plugins/sudoers/toke.l: Move lexer globals initialization into init_lexer. [1ce62211aadb] * plugins/sudoers/toke.c, plugins/sudoers/toke.l: Fix a potential crash when a non-regular file is present in an includedir. Fixes bz #452 [1586760c3525] * pp: On some Linux systems, "uname -p" contains detailed processor info so check "uname -m" first and then "uname -p" if needed. Recognize PLD Linux. [b8535cb9012e] 2011-03-25 Todd C. Miller * plugins/sudoers/redblack.c: Don't need all sudoers.h here. [8c0929f42dab] * src/sudo.c: Print sudo version early, in case policy plugin init fails. [47cddc4358bc] 2011-03-24 Todd C. Miller * plugins/sudoers/regress/sudoers/test4.toke.ok: Update to match change in input. [4a3af8e68790] * plugins/sudoers/toke.c, plugins/sudoers/toke.l: Make an empty group or netgroup a syntax error. [66f51ddc2ff6] * plugins/sudoers/regress/sudoers/test7.in, plugins/sudoers/regress/sudoers/test7.out.ok, plugins/sudoers/regress/sudoers/test7.toke.ok: An empty group or netgroup should be a syntax error. [bd5bf1e2edce] * plugins/sudoers/regress/sudoers/test6.in, plugins/sudoers/regress/sudoers/test6.out.ok, plugins/sudoers/regress/sudoers/test6.toke.ok: Check that uids work in per-user and per-runas Defaults Check that uids and gids work in a Command_Spec [c5e848e6082b] * plugins/sudoers/regress/sudoers/test5.in, plugins/sudoers/regress/sudoers/test5.out.ok, plugins/sudoers/regress/sudoers/test5.toke.ok: Test empty string in User_Alias and Command_Spec [3a084d777e03] * plugins/sudoers/toke.c, plugins/sudoers/toke.l: Allow a group ID in the User_Spec. [bc2859eb71dc] 2011-03-23 Todd C. Miller * plugins/sudoers/toke.c, plugins/sudoers/toke.l: Return an error for the empty string when a word is expected. Allow an ID for per-user or per-runas Defaults. [915c259b00ff] * plugins/sudoers/testsudoers.c: Fix printing "User_Alias FOO = ALL" [ba58c3d548b3] 2011-03-22 Todd C. Miller * src/parse_args.c: Better error message about invalid -C argument [c9a8d15bbf5d] * NEWS: fix typo [cdcfbafed013] * doc/sudoers.pod: Fix placement of equal size ('=') in user specification summary. [5ad7178b230d] 2011-03-21 Todd C. Miller * MANIFEST: update to match sudoers regress [e04db0648717] * plugins/sudoers/toke.c, plugins/sudoers/toke.l: Restore ability to define TRACELEXER and have trace output go to stderr. [d9531e4d1b20] * plugins/sudoers/toke.c, plugins/sudoers/toke.l: Restore old behavior of setting sawspace = TRUE for command line args when a line continuation character is hit to avoid causing problems for existing sudoers files. [fd930ad25550] * plugins/sudoers/regress/sudoers/test4.in, plugins/sudoers/regress/sudoers/test4.out.ok, plugins/sudoers/regress/sudoers/test4.toke.ok: Add test for line continuation and aliases [29ab538ca6bb] * plugins/sudoers/Makefile.in: Make test output line up nicely for parse vs. toke [257ef82c1434] * plugins/sudoers/Makefile.in, plugins/sudoers/regress/sudoers/test1.in, plugins/sudoers/regress/sudoers/test1.out.ok, plugins/sudoers/regress/sudoers/test1.toke.ok, plugins/sudoers/regress/sudoers/test2.in, plugins/sudoers/regress/sudoers/test2.out.ok, plugins/sudoers/regress/sudoers/test2.toke.ok, plugins/sudoers/regress/sudoers/test3.in, plugins/sudoers/regress/sudoers/test3.out.ok, plugins/sudoers/regress/sudoers/test3.toke.ok, plugins/sudoers/regress/testsudoers/test1.ok, plugins/sudoers/regress/testsudoers/test1.out.ok, plugins/sudoers/regress/testsudoers/test1.sh, plugins/sudoers/regress/testsudoers/test2.out, plugins/sudoers/regress/testsudoers/test2.sh, plugins/sudoers/regress/testsudoers/test3.ok, plugins/sudoers/regress/testsudoers/test3.sh, plugins/sudoers/regress/visudo/test1.ok, plugins/sudoers/regress/visudo/test1.sh: Move parser tests to sudoers directory and test the tokenizer output too. [44f529b3cdb6] * plugins/sudoers/toke.c, plugins/sudoers/toke.l: If we match a rule anchored to the beginning of a line after parsing a line continuation character, return an ERROR token. It would be nicer to use REJECT instead but that substantially slows down the lexer. [355478293f8c] * plugins/sudoers/gram.c, plugins/sudoers/gram.y, plugins/sudoers/toke.c, plugins/sudoers/toke.h, plugins/sudoers/toke.l: Move LEXTRACE macro to toke.h so we can use it in yyerror(). [72ee7a06d3ca] 2011-03-20 Todd C. Miller * plugins/sudoers/testsudoers.c, plugins/sudoers/toke.c, plugins/sudoers/toke.l: Make lex tracing settable at run-time in testsudoers via the -t flag. Trace output goes to stderr. Will be used by regress tests to check lexer. [93bd53c413c8] * plugins/sudoers/toke.c, plugins/sudoers/toke.l: Allow whitespace after the modifier in a Defaults entry. E.g. "Defaults: username set_home" [9dfcf8dd8a3a] 2011-03-18 Todd C. Miller * mkpkg: Don't set CC when cross-compiling. [4b95b0c04e1c] * NEWS: Credit Matthew Thomas for the sudoers_search_filter changes. [a65998ab09f7] * MANIFEST: Add the .sym files to the MANIFEST [f599225cc861] * NEWS: Update for sudo 1.8.1 beta [71021e854c49] * doc/sudo_plugin.pod, plugins/sudoers/sudoers.c, src/parse_args.c: user_shell -> run_shell to avoid confusion with the user's SHELL variable. [dc0ac6dafc21] * src/exec_pty.c: Save the controlling tty process group before suspending in pty mode. Previously, we assumed that the child pgrp == child pid (which is usually, but not always, the case). [10b2883b7875] * doc/sudoers.ldap.pod, plugins/sudoers/ldap.c: Add support for sudoers_search_filter setting in ldap.conf. This can be used to restrict the set of records returned by the LDAP query. [b0f1b721d102] 2011-03-17 Todd C. Miller * configure, configure.in: Remove the hack to disable -g in CFLAGS unless --with-devel [89822cf84ef4] * doc/sudoers.pod: The '@' character does not normally need to be quoted. [7823f5ed829a] * plugins/sudoers/toke.c, plugins/sudoers/toke.l: We normaly transition from GOTDEFS to STARTDEFS on whitespace, but if that whitespace is followed by a comma, we want to treat it as part of a list and not transition. [1ca6943e1824] * plugins/sudoers/regress/testsudoers/test3.ok, plugins/sudoers/regress/testsudoers/test3.sh: Add check for whitespace when a User_List is used for a per-user Defaults entry. [91f75e6dd19a] * plugins/sudoers/regress/testsudoers/test2.out, plugins/sudoers/regress/testsudoers/test2.sh: Expand quoted name checks to cover recent fixes. [ce4f76bca146] * plugins/sudoers/toke.c, plugins/sudoers/toke.l: Fix parsing of double-quoted names in Defaultd and Aliases which was broken in 601d97ea8792. [424b0d6c1dc4] * plugins/sudoers/Makefile.in: toke_util.c lives in $(srcdir) not $(devdir) [94866bebee83] 2011-03-16 Todd C. Miller * configure, configure.in: Change trunk version to 1.8.x to distinguish from real 1.8.0. [a9781e61d064] * NEWS, doc/UPGRADE: Document major changes in 1.8.1 and add upgrade notes. [f2cf51b0d9ce] * plugins/sudoers/match.c: Be careful not to deref user_stat if it is NULL. This cannot currently happen in sudo but might in other programs using the parser. [06a2334dd674] * mkpkg: configure will not add -O2 to CFLAGS if it is already defined to add -O2 to the CFLAGS we pass in when PIE is being used. [1ce6481ece59] * doc/sudoers.pod: Warn about the dangers of log_input and mention iolog_file and iolog_dir in the log_input and log_output descriptions. [ae854ffb0768] * pp: sync with git version [a993e39ce3cb] * doc/sudoers.pod: It seems that h comes after i [0f621109220d] * doc/sudoers.pod: Move log_input and log_output to their proper, sorted, location. Document set_utmp and utmp_runas. [273b234b9c34] * src/exec.c: Save the controlling tty process group before suspending so we can restore it when we resume. Fixes job control problems on Linux caused by the previous attemp to fix resuming a shell when I/O logging not enabled. [f03a660315ee] * common/lbuf.c: Fix printing of the remainder after a newline. Fixes "sudo -l" output corruption that could occur in some cases. [25d83fb501fc] 2011-03-15 Todd C. Miller * config.h.in, configure, configure.in, src/exec_pty.c, src/sudo_exec.h, src/utmp.c: Add support for ut_exit [b574c13f1bba] * doc/sudo_plugin.pod, plugins/sudoers/def_data.c, plugins/sudoers/def_data.h, plugins/sudoers/def_data.in, plugins/sudoers/defaults.c, plugins/sudoers/sudoers.c, src/exec.c, src/exec_pty.c, src/sudo.c, src/sudo.h, src/sudo_exec.h, src/utmp.c: Add support for controlling whether utmp is updated and which user is listed in the entry. [44a81632133f] * plugins/sudoers/def_data.h, plugins/sudoers/defaults.h, plugins/sudoers/ldap.c, plugins/sudoers/mkdefaults, plugins/sudoers/parse.c: Fix typo; tupple vs. tuple [697744acb710] * src/utmp.c: For legacy utmp, strip the /dev/ prefix before trying to determine slot since the ttys file does not include the /dev/ prefix. [7ad5b81ff90c] * aclocal.m4, configure, configure.in, pathnames.h.in: Add check for _PATH_UTMP [21e638029bfd] 2011-03-14 Todd C. Miller * plugins/sudoers/regress/iolog_path/check_iolog_path.c: Adapt check_iolog_path to sessid changes [728b5fe2be6f] * config.h.in, configure, configure.in, src/Makefile.in, src/exec_pty.c, src/sudo_exec.h, src/utmp.c: Redo utmp handling. If no getutent()/getutxent() is available, assume a ttyslot-based utmp. If getttyent() is available, use that directly instead of ttyslot() so we don't have to do the stdin dup2 dance. [18aa455cd140] 2011-03-11 Todd C. Miller * MANIFEST, src/Makefile.in, src/exec_pty.c, src/sudo_exec.h, src/utmp.c: Move utmp handling into utmp.c [f6eae6c8e012] * common/aix.c, common/alloc.c, common/fileops.c, common/fmt_string.c, common/lbuf.c, common/list.c, compat/isblank.c, compat/memrchr.c, compat/mksiglist.c, compat/nanosleep.c, compat/snprintf.c, compat/strlcat.c, compat/strlcpy.c, compat/strsignal.c, compat/utimes.c, doc/sudo.pod, doc/visudo.pod, include/sudo_plugin.h, plugins/sample/sample_plugin.c, plugins/sample_group/getgrent.c, plugins/sample_group/plugin_test.c, plugins/sudoers/alias.c, plugins/sudoers/auth/afs.c, plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/bsdauth.c, plugins/sudoers/auth/dce.c, plugins/sudoers/auth/fwtk.c, plugins/sudoers/auth/kerb4.c, plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/pam.c, plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/rfc1938.c, plugins/sudoers/auth/secureware.c, plugins/sudoers/auth/securid.c, plugins/sudoers/auth/securid5.c, plugins/sudoers/auth/sia.c, plugins/sudoers/boottime.c, plugins/sudoers/bsm_audit.c, plugins/sudoers/env.c, plugins/sudoers/find_path.c, plugins/sudoers/goodpath.c, plugins/sudoers/logging.c, plugins/sudoers/parse.c, plugins/sudoers/parse.h, plugins/sudoers/redblack.c, plugins/sudoers/set_perms.c, plugins/sudoers/timestr.c, plugins/sudoers/tsgetgrpw.c, plugins/sudoers/visudo.c, src/exec.c, src/exec_pty.c, src/get_pty.c, src/parse_args.c, src/sudo.c, src/sudo.h, src/sudo_edit.c, src/sudo_exec.h, src/sudo_noexec.c, src/sudo_plugin_int.h, src/tgetpass.c: Update copyright years. [16aa39f9060a] * doc/sudo_plugin.pod, plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h, src/parse_args.c: Add "user_shell" boolean as a way to indicate to the plugin that the -s flag was given. [fb1ef0897b32] * plugins/sudoers/iolog_path.c, plugins/sudoers/logging.c, plugins/sudoers/sudoers.h: Move sessid out of sudo_user. [ba298ddb57f4] * plugins/sudoers/iolog.c, plugins/sudoers/iolog_path.c, plugins/sudoers/logging.c, plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h: Log the TSID even if it is not a simple session ID. [d7cc1b9c513c] * doc/sample.sudo.conf, doc/sudo.pod, doc/sudoers.pod: Document noexec in sample.sudo.conf and add back noexec_file section in sudoers with a note that it is deprecated. [4a6e961e494d] * plugins/sudoers/set_perms.c: Fix running commands as non-root on systems where setreuid() changes the saved uid based on the effective uid we are changing to. [df0769b71b34] 2011-03-10 Todd C. Miller * plugins/sudoers/defaults.c, src/load_plugins.c, src/sudo.c, src/sudo.h: Move noexec path into sudo.conf now that sudo itself handles noexec. Currently can be configured in sudoers too but is now undocumented and will be removed in a future release. [6fa8befdc110] * doc/sudo.pod, doc/sudoers.pod: Document "Path noexec ..." in sudo.conf. No longer document noexec_file in sudoers, it will be removed in a future release. [24eee3a0b3e5] * plugins/sudoers/env.c, plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h, src/sudo.c, src/sudo.h: Move noexec handling to sudo front-end where it is documented as being. [3ed4f10d7052] * config.h.in, configure, configure.in, plugins/sudoers/sudoers.c, src/exec.c, src/exec_pty.c, src/sudo.c, src/sudo.h, src/sudo_edit.c, src/sudo_exec.h: Add support for disabling exec via solaris privileges. Includes preparation for moving noexec support out of sudoers and into front end as documented. [dec843ed553e] * plugins/sample/Makefile.in, plugins/sample/sample_plugin.sym, plugins/sample_group/Makefile.in, plugins/sample_group/sample_group.sym, plugins/sudoers/Makefile.in, plugins/sudoers/sudoers.sym: Only export the symbols corresponding to the plugin structs. [8d8d03b0ca54] * configure, configure.in, plugins/sample/Makefile.in, plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in: Install plugins manually instead of using libtool. This works around a problem on AIX where libtool will install a .a file containing the .so file instead of the .so file itself. [796971cfbddb] * Makefile.in: Move check into its own rule since some versions of make will run both targets as the default rule. [34d759979176] * configure, ltmain.sh, m4/libtool.m4, m4/ltoptions.m4, m4/ltversion.m4, m4/lt~obsolete.m4: Update to libtool 2.2.10 [34c130de6af7] 2011-03-09 Todd C. Miller * src/exec.c: In handle_signals(), restart the read() on EINTR to make sure we keep up with the signal pipe. Don't return -1 on EAGAIN, it just means we have emptied the pipe. [d5b9c8eb9000] * compat/mktemp.c: Reorder functions to quiet a compiler warning. [c9e9a23729f0] * mkpkg: Use the Sun Studio C compiler on Solaris if possible [11a86e27891e] 2011-03-08 Todd C. Miller * mkpkg: Fix default setting of osversion variable. [52e49ca1cedd] * doc/sudo_plugin.pod: Make two login_class entris consistent. [18ff1fa94a91] * config.h.in, configure, configure.in, src/exec.c, src/exec_pty.c, src/sudo_exec.h: Add support for adding a utmp entry when allocating a new pty. Requires the BSD login(3) or SYSV/POSIX getutent()/getutxent(). Currently only creates a new entry if the existing tty has a utmp entry. [32db72b81d80] * plugins/sudoers/boottime.c: Avoid pulling in headers we don't need on Linux For getutx?id(), call setutx?ent() first and always call endutx?ent(). [5dad21e1ee1b] * configure, configure.in: Add some more libs to SUDOERS_LIBS instead of relying on them to be pulled in by SUDO_LIBS. [18a7c21c09a7] * plugins/sudoers/sudoers.c: Fix return value of "sudo -l command" when command is not allowed, broken in [c7097ea22111]. The default return value is now TRUE and a bad: label is used when permission is denied. Also fixed missing permissions restoration on certain errors. On error()/errorx(), the password and group files are now closed before returning. [4f2d0e869ae5] 2011-03-07 Todd C. Miller * plugins/sudoers/set_perms.c, plugins/sudoers/sudoers.c: Fix passing of login class back to sudo front end. [6f70a784ce48] * mkpkg: Add --osversion flag to specify OS instead of running "pp --probeonly" [a8efdccb7bc1] * sudo.pp: Fix expr usage w/ GNU expr [48895599ee63] 2011-03-06 Todd C. Miller * plugins/sudoers/sudoers.c: Fix exit value for validate and list mode. [c7097ea22111] * plugins/sudoers/sudoers.c: Fix non-interactive mode with sudoers plugin. [172f29597bd2] 2011-03-05 Todd C. Miller * doc/sudoreplay.pod: sudoreplay can now find IDs other than %{seq} and display the session. [fc3dd3be67e9] 2011-03-04 Todd C. Miller * plugins/sudoers/sudoreplay.c: Add support for replaying sessions when iolog_file is set to something other than %{seq}. [ca3131243874] * plugins/sudoers/visudo.c: If we are killed by a signal, display the name of the signal that got us. [994bb76a990e] * configure, configure.in: Move libs used for authentication from SUDO_LIBS to SUDOERS_LIBS where they belong. [40f94b936fa4] * configure.in: Fix bug in skey/opie check that could cause a shell warning. [83c043072be5] * plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c: No longer need sudo_getepw() stubs. [bbee15c36912] 2011-03-03 Todd C. Miller * plugins/sudoers/sudo_nss.c: Fix exit value of "sudo -l command" in sudoers module. [a6541867521b] 2011-03-02 Todd C. Miller * compat/regress/glob/globtest.c: Use fgets() not fgetln() for portability. [df1bb67fb168] * sudo.pp: Don't use the beta or release candidate version as the rpm release. [d661ef78021a] 2011-02-25 Todd C. Miller * configure, configure.in: version 1.8.0 [f6530d56f6ae] [SUDO_1_8_0] * NEWS: update sudo 1.8 section [f2ee2cf95d18] 2011-02-23 Todd C. Miller * plugins/sudoers/regress/testsudoers/test2.sh: fix test description [cd5730fa9f09] * plugins/sudoers/regress/testsudoers/test2.out, plugins/sudoers/regress/testsudoers/test2.sh, plugins/sudoers/regress/visudo/test2.out, plugins/sudoers/regress/visudo/test2.sh: convert test2 to use testsudoers [b5ec3f0b69f1] * include/sudo_plugin.h, src/sudo_plugin_int.h: Move struct generic_plugin to sudo_plugin_int.h [6f7bc629329c] * plugins/sudoers/gram.c, plugins/sudoers/gram.y, plugins/sudoers/parse.c, plugins/sudoers/parse.h, plugins/sudoers/set_perms.c, plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h: Allow sudoers file name, mode, uid and gid to be specified in the settings list. The sudo front end does not currently set these but may in the future. [22f38a0fda2a] 2011-02-21 Todd C. Miller * configure, configure.in, doc/sudo.cat, doc/sudo.man.in, doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudoers.cat, doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in, doc/sudoers.man.in, doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/visudo.cat, doc/visudo.man.in: 1.8.0rc1 [5d4588b9c057] * doc/sudo.pod, doc/sudoreplay.pod, doc/visudo.pod, plugins/sudoers/sudoreplay.c, plugins/sudoers/visudo.c, src/parse_args.c, src/sudo.h: add help text to sudo, visudo and sudoreplay for the -h option [52e7378d8476] 2011-02-19 Todd C. Miller * compat/snprintf.c: avoid using "howmany" for a parameter name since it is a select- related macro [a14d565401a1] * doc/sudoers.pod: mention group_plugin when describing nonunix_group [e0d1d0034b17] * doc/sudo_plugin.pod: Add missing period at end of sentence [6744d7e9056d] * Makefile.in, doc/Makefile.in, include/Makefile.in, plugins/sample/Makefile.in, plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in, src/Makefile.in: add localstatedir; closes bug 471 [7aefcab85088] * config.h.in, configure, configure.in, plugins/sudoers/sudoreplay.c, src/exec.c, src/exec_pty.c: The howmany macro lives in sys/sysmacros.h on SVR5 systems Closes Bug 470 [927ed6740f32] * configure.in: add missing AH_TEMPLATE for ENV_RESET [16300010c986] * src/exec.c: SVR5 systems return non-zero for success on socketpair(), check for -1 instead. Closes Bug 469 [4d276494bf8e] 2011-02-16 Todd C. Miller * configure, configure.in: 1.8.0b5 [d611cd5d73d3] * doc/sudo.cat, doc/sudo.man.in, doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudoers.cat, doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in, doc/sudoers.man.in, doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/visudo.cat, doc/visudo.man.in: regen [85e96eeaed82] * doc/sudo.pod: Document that a sudo.conf file with no Pligin lines uses the default sudoers plugins. [88bd52da977f] * src/load_plugins.c: If sudo.conf contains no Plugin lines, use the default sudoers policy and I/O plugins. [fd8f4cb811ab] 2011-02-14 Todd C. Miller * plugins/sudoers/sudo_nss.c: Avoid printing empty "Runas and Command-specific defaults for user" line. [2dd330fe4f8b] * common/lbuf.c: Truncate the buffer at buf.len before printing in the non-wordwrap case. [901e9833f80d] * common/lbuf.c: Remove extra newline when the tty width is very small or unavailable [245c05506c0e] 2011-02-11 Todd C. Miller * plugins/sudoers/alias.c: Remove unneeded variable. [2c086d30b796] 2011-02-09 Todd C. Miller * configure, configure.in: Prefer getutxid over getutid [3f3322e9c93e] * plugins/sudoers/boottime.c: Include utmp.h / utmpx.h before missing.h as apparently including it afterwards causes a compilation problem on GNU Hurd. [a528029ae962] 2011-02-07 Todd C. Miller * plugins/sudoers/sudoreplay.c, plugins/sudoers/toke_util.c: #include "foo.h", not for local includes. [f65ec693998e] * src/parse_args.c: remove bogus XXX [9136c17d53ce] * compat/mksiglist.c: Fix typo [1a3bb7b455c9] * compat/glob.c, plugins/sudoers/ldap.c, plugins/sudoers/logging.c, plugins/sudoers/match.c: return foo not return(foo) [5c9e0647359a] 2011-02-06 Todd C. Miller * src/exec.c: Remove duplicate FD_SET of signal_pipe[0] [3096527d2215] 2011-02-05 Todd C. Miller * compat/mksiglist.c: Use "missing.h" not in generated code. [d8e09cffbe09] 2011-02-04 Todd C. Miller * aclocal.m4, configure: fix --with-iologdir=no [a89699cb5f5f] * aclocal.m4, configure: fix typo that broke --with-iologdir [91b54eb22403] 2011-02-03 Todd C. Miller * configure, configure.in, doc/sudo.cat, doc/sudo.man.in, doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudoers.cat, doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in, doc/sudoers.man.in, doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/visudo.cat, doc/visudo.man.in: Bump version to 1.8.0b4 [e2b7f2cdc02e] * NEWS: sync [decf5a0a8a33] * doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.pod: Attempt to clarify how users and groups interact in Runas_Specs [e6fb3a2dbd77] * plugins/sudoers/regress/visudo/test2.out, plugins/sudoers/regress/visudo/test2.sh: Add test for quoted group that contains escaped double quotes [44596c48c629] * src/exec.c, src/exec_pty.c: Pass SIGUSR1/SIGUSR2 through to the child. [c3108a827b01] * src/exec_pty.c, src/sudo_exec.h: Use special values SIGCONT_FG and SIGCONT_BG instead of SIGUSR1 and SIGUSR2 to indicate whether the child should be continued in the foreground or background. [35ca47cc6785] * src/exec.c: Use pid_t not int and check the return value of kill() [36ae7d37d7f9] 2011-02-02 Todd C. Miller * src/exec_pty.c: Remove obsolete comment [baebef4919f6] * src/exec.c: In non-pty mode before continuing the child, make it the foreground pgrp if possible. Fixes resuming a shell. [fef5b1d02ddb] * src/exec_pty.c: If we get a signal other than SIGCHLD in the monitor, pass it directly to the child. [b3ecb28163a0] * src/exec.c, src/exec_pty.c, src/sudo.h: Save signal state before changing handlers and restore before we execute the command. [faf7475dc4bf] 2011-02-01 Todd C. Miller * plugins/sudoers/iolog.c: Use a char array to map a number to a base36 digit. [257576c51f8b] * doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in, doc/sudoers.ldap.pod: Be clear about what versions of sudo support new LDAP attributes. Fix up some formatting of attribute names. Minor other tweaks. [39f65df71f65] 2011-01-31 Todd C. Miller * plugins/sudoers/toke.c, plugins/sudoers/toke.l: match quoted strings the same way whether in a Defaults line or as a user/group/netgroup name. Fixes escaped double quotes in quoted user/group/netgroup names. [601d97ea8792] * plugins/sudoers/Makefile.in: 'make check' depends on visudo and testsudoers [127c5a24df8f] * plugins/sudoers/sudoers2ldif: Add sudoOrder attribute to each entry Parse LOG_{INPUT,OUTPUT} tags [9029163a58c3] 2011-01-30 Todd C. Miller * doc/UPGRADE: Mention LDAP attribute compatibility status. [2c3595aaec63] 2011-01-28 Todd C. Miller * README.LDAP: Mention phpQLAdmin [9304c9064fbe] * INSTALL, NEWS, config.h.in, configure, configure.in, doc/sudoers.man.in, doc/sudoers.pod, plugins/sudoers/defaults.c: Add --disable-env-reset configure option. [8a753aa13a46] * doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.pod: Document that sudoers_locale also affects logging and email. [998d6ac11277] * NEWS, config.h.in, configure, configure.in, plugins/sudoers/logging.c: Do logging and email sending in the locale specified by the "sudoers_locale" setting ("C" by default). Email send by sudo includes MIME headers when the sudoers locale is not "C". [cb7e55408400] 2011-01-27 Todd C. Miller * plugins/sudoers/check.c: Fix indentation [65ae7e92b9e4] 2011-01-25 Todd C. Miller * NEWS, src/parse_args.c, src/sudo.c: Perform command escaping for "sudo -s" and "sudo -i" after validating sudoers so the sudoers entries don't need to have all the backslashes. [4e168c103f4b] 2011-01-24 Todd C. Miller * plugins/sudoers/logging.c: Prepend "list " to the command logged when "sudo -l command" is used to make it clear that the command was listed, not run. [f392a6056cd6] * plugins/sudoers/parse.c: cosmetic change [7c0951dbc2dd] * common/aix.c, common/alloc.c, common/fileops.c, common/fmt_string.c, common/list.c, common/term.c, compat/fnmatch.c, compat/getcwd.c, compat/glob.c, compat/isblank.c, compat/memrchr.c, compat/mktemp.c, compat/nanosleep.c, compat/regress/glob/globtest.c, compat/snprintf.c, compat/strlcat.c, compat/strlcpy.c, compat/strsignal.c, compat/utimes.c, plugins/sample/sample_plugin.c, plugins/sample_group/getgrent.c, plugins/sample_group/plugin_test.c, plugins/sudoers/alias.c, plugins/sudoers/auth/afs.c, plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/bsdauth.c, plugins/sudoers/auth/dce.c, plugins/sudoers/auth/fwtk.c, plugins/sudoers/auth/kerb4.c, plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/pam.c, plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/rfc1938.c, plugins/sudoers/auth/secureware.c, plugins/sudoers/auth/securid.c, plugins/sudoers/auth/securid5.c, plugins/sudoers/auth/sia.c, plugins/sudoers/bsm_audit.c, plugins/sudoers/check.c, plugins/sudoers/defaults.c, plugins/sudoers/find_path.c, plugins/sudoers/goodpath.c, plugins/sudoers/gram.c, plugins/sudoers/gram.y, plugins/sudoers/iolog.c, plugins/sudoers/ldap.c, plugins/sudoers/match.c, plugins/sudoers/mon_systrace.c, plugins/sudoers/parse.c, plugins/sudoers/pwutil.c, plugins/sudoers/redblack.c, plugins/sudoers/set_perms.c, plugins/sudoers/sudo_nss.c, plugins/sudoers/sudoers.c, plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c, plugins/sudoers/timestr.c, plugins/sudoers/toke.c, plugins/sudoers/toke.l, plugins/sudoers/toke_util.c, plugins/sudoers/tsgetgrpw.c, plugins/sudoers/visudo.c, src/exec_pty.c, src/get_pty.c, src/load_plugins.c, src/parse_args.c, src/sudo_noexec.c, src/tgetpass.c: standardize on "return foo;" rather than "return(foo);" or "return (foo);" [32d76c5aaf8c] * plugins/sudoers/sudoers.c: Do not reject sudoers file just because it is root-writable. [0febc579185b] 2011-01-21 Todd C. Miller * NEWS: sync [1ab03f8278ff] * plugins/sudoers/sudo_nss.c: For "sudo -U user -l" if user is not authorized on the host, say so. [289afe6dd15c] * plugins/sudoers/ldap.c: In sudo_ldap_lookup(), always do the initial sudoers check as the invoking user. If we are listing another user's privs we will do a separate lookup using list_pw later. [e52bc15de76d] 2011-01-20 Todd C. Miller * MANIFEST: add parser fill tests [4f65140d3515] * compat/regress/glob/globtest.c, compat/regress/glob/globtest.in: Don't test features not supported by the bundled glob() [8ec7ace11949] * Makefile.in, aclocal.m4, common/Makefile.in, common/term.c, compat/Makefile.in, configure.in, doc/LICENSE, doc/Makefile.in, doc/sudo_plugin.man.in, doc/sudo_plugin.pod, doc/sudoers.ldap.man.in, doc/sudoers.ldap.pod, doc/sudoers.man.in, doc/sudoers.pod, include/Makefile.in, plugins/sample/Makefile.in, plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in, plugins/sudoers/check.c, plugins/sudoers/defaults.c, plugins/sudoers/gram.c, plugins/sudoers/gram.y, plugins/sudoers/iolog.c, plugins/sudoers/iolog_path.c, plugins/sudoers/ldap.c, plugins/sudoers/match.c, plugins/sudoers/pwutil.c, plugins/sudoers/sudo_nss.c, plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h, plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c, plugins/sudoers/toke.c, plugins/sudoers/toke.l, plugins/sudoers/toke_util.c, src/Makefile.in, zlib/Makefile.in: Update copyright year to 2011 [ac1b45cb1809] * plugins/sudoers/sudo_nss.c: When listing, use separate lbufs for the defaults and the privileges and only print something if the number of privileges is non-zero. Fixes extraneous Defaults output for "sudo -U unauthorized_user -l". [d0854d39f8ef] * plugins/sudoers/ldap.c: Stash pointer to user group vector in LDAP handle and only reuse the query if it has not changed. We always allocate a new buffer when we reset the group vector so a simple pointer check is sufficient. [88861d4eba69] * plugins/sudoers/sudo_nss.c: Check initgroups() return value. [3bdaf58408a7] * plugins/sudoers/Makefile.in, plugins/sudoers/regress/parser/check_fill.c: Add tests for the fill functions in toke_util.c [bca587ab4956] 2011-01-19 Todd C. Miller * plugins/sudoers/regress/iolog_path/check_iolog_path.c: fix copyright year [e2038cdaf055] * NEWS: sync [56ca5d5eaebe] 2011-01-18 Todd C. Miller * common/term.c: Clear, don't set, OPOST in c_oflag as was intended in 506ad5ae9b4e. [b91f266624ec] 2011-01-14 Todd C. Miller * mkpkg, sudo.pp: Add Requires line for audit-libs >= 1.4 for RHEL5+ [6c02f976171b] * pp: sync with git version [d301c32d5865] 2011-01-13 Todd C. Miller * doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.pod: fix typo [39353f92976f] 2011-01-12 Todd C. Miller * NEWS: Update for sudo 1.7.4p5 [b444da76901f] * doc/schema.OpenLDAP, doc/schema.iPlanet: Add sudoNotBefore and sudoNotAfter attributes as optional attributes to the sudoRole object class. From Andreas Mueller [dacfad7e7a95] 2011-01-11 Todd C. Miller * NEWS: Mention "sudo -g group" password check fix. [1eb8fb14e53b] * plugins/sudoers/sudoers.c: Fix "sudo -g" support in the sudoers module. [07d1b0ce530e] * plugins/sudoers/check.c: If the user is running sudo as himself but as a different group we need to prompt for a password. [caf1fcc9a117] 2011-01-10 Todd C. Miller * NEWS, config.h.in, configure, configure.in, doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in, doc/sudoers.ldap.pod, plugins/sudoers/ldap.c: Add support for TIMEOUT in ldap.conf, mapping to the OpenLDAP LDAP_OPT_TIMEOUT. There is no corresponding option for mozilla- derived LDAP SDKs but we can pass the timeout parameter to ldap_search_ext_s() or ldap_search_st() when possible. [5537049991f7] * doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in: regen [5b361c3c4324] * NEWS, doc/sudoers.ldap.pod, plugins/sudoers/ldap.c: Add NETWORK_TIMEOUT as an alias for BIND_TIMELIMIT for compatibility with OpenLDAP ldap.conf files. [e97843bd16fb] * plugins/sudoers/pwutil.c: If user has no supplementary groups, fall back on checking the group file expliticly. [5223ad4eb690] 2011-01-08 Todd C. Miller * plugins/sudoers/toke.h, plugins/sudoers/toke_util.c: constify [6e132a4cca61] * plugins/sudoers/toke.c, plugins/sudoers/toke.h, plugins/sudoers/toke.l: Move fill macro to toke.h [623d430798cf] * MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/toke.c, plugins/sudoers/toke.h, plugins/sudoers/toke.l, plugins/sudoers/toke_util.c: Split tokenizer utility functions out into toke_util.c [89a97bd51618] * plugins/sudoers/gram.c, plugins/sudoers/gram.y, plugins/sudoers/toke.c, plugins/sudoers/toke.l: ANSIfy [ca0eba1dfaa9] 2011-01-07 Todd C. Miller * MANIFEST: sync [a43f94064bb3] * plugins/sudoers/Makefile.in: Add visudo tests to check target [8c82fb4ed40f] * compat/Makefile.in, compat/regress/fnmatch/fnm_test.c, compat/regress/fnmatch/fnm_test.in, compat/regress/glob/files, compat/regress/glob/globtest.c, compat/regress/glob/globtest.in: Add my regress tests for fnmatch() and glob() from OpenBSD. [6e8c1f211723] * plugins/sudoers/regress/testsudoers/test1.sh, plugins/sudoers/regress/visudo/test1.ok, plugins/sudoers/regress/visudo/test1.sh: Add regress test for command tags using visudo -c [18b0ef207c0f] * plugins/sudoers/Makefile.in, plugins/sudoers/regress/testsudoers/test1.ok, plugins/sudoers/regress/testsudoers/test1.sh: Add support for regress tests using testsudoers [1fa94bd2671b] * plugins/sudoers/testsudoers.c: Need to set user_name explicitly due to internal changes made when converting sudoers to a plugin. [1fa54e86a364] 2011-01-06 Todd C. Miller * MANIFEST, Makefile.in, common/Makefile.in, compat/Makefile.in, doc/Makefile.in, include/Makefile.in, plugins/sample/Makefile.in, plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in, plugins/sudoers/regress/iolog_path/check_iolog_path.c, plugins/sudoers/regress/iolog_path/data, src/Makefile.in, zlib/Makefile.in: Add regression tests for iolog_path() [afa4b416e559] * Makefile.in, common/Makefile.in, compat/Makefile.in, doc/Makefile.in, include/Makefile.in, plugins/sample/Makefile.in, plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in, src/Makefile.in, zlib/Makefile.in: Add support for "make Makefile" to regenerate Makefile from Makefile.in [98bd2dda3294] * plugins/sudoers/iolog_path.c: Quiest a bogus compiler warning. [5ff932a7ad67] 2011-01-05 Todd C. Miller * plugins/sudoers/iolog_path.c: Protect call to setlocale() with HAVE_SETLOCALE [2c29ee3ccc81] 2011-01-04 Todd C. Miller * MANIFEST: mkstemps.c was renamed mktemp.c [ae299c3b1827] * NEWS: Update from 1.7 branch [20817d79717b] * Makefile.in: Use "mv -f" when regenerating ChangeLog [c163635206c6] * plugins/sudoers/match.c: Fix NULL dereference with "sudo -g group" when the sudoers rule has no runas user or group listed. Fixes RedHat bug Bug 667103. [41a6a1243d9e] 2011-01-03 Todd C. Miller * doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod: Correct the default sudo.conf example [4e791698cad1] 2010-12-31 Todd C. Miller * plugins/sudoers/iolog_path.c: Reset slashp if we allocate a new buffer for strftime() [e491daa4203b] * plugins/sudoers/iolog_path.c, plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h: Add extra out parameter to expand_iolog_path() to allow the caller to split the path into dir and file components if needed. [88346bc5ae39] 2010-12-30 Todd C. Miller * plugins/sudoers/iolog.c: mkdir_iopath() returns size_t now that it uses strlcpy() and not snprintf() [3c4c64d265eb] * plugins/sudoers/iolog.c, plugins/sudoers/iolog_path.c: Trim leading slashes from iolog_file and trailing slashes from iolog_dir [a803b51f8948] * doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod, plugins/sudoers/iolog.c, plugins/sudoers/iolog_path.c, plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h: Pass a single I/O log file name in command_details instead of separate dir + file parameters. [d672a3e46e80] * plugins/sudoers/sudoreplay.c: change an error() to errorx() [8013dcfdd69d] * plugins/sudoers/iolog.c: Add missing cwd line to I/O log info file that got dropped when iolog_deserialize_info() was added [7cf84f208423] 2010-12-29 Todd C. Miller * plugins/sudoers/iolog.c: Avoid relying on globals filled in by the sudoers policy module for the sudoers I/O log module. The I/O log open function now pulls the bits it needs out of user_info and command_info. [c02f6951b0cc] * plugins/sudoers/iolog.c, plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h: If no iolog file is specified by the policy plugin, use io_nextid() to determine the next file in the sequence. [faa1130b1020] 2010-12-28 Todd C. Miller * doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod: Document iolog_compress in command_info [58895c7d12f5] * plugins/sudoers/iolog.c, plugins/sudoers/sudoers.c: Add support for the iolog_compress variable in command_info. [36f13a2fd1c1] * plugins/sudoers/iolog.c, plugins/sudoers/sudoers.c: Add sigsetjmp() calls to all plugin entry points just to be safe. [3fa482355bc4] * src/sudo.c, src/sudo.h: Don't need iolog variables in struct command_details, they are for the I/O log plugins to handle. [5111579ffd9d] 2010-12-27 Todd C. Miller * doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.pod: Document use of mkdtemp() for iolog path teplates [5db6101408a9] * doc/sudo.cat, doc/sudo.man.in, doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudoers.cat, doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in, doc/sudoers.man.in, doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/visudo.cat, doc/visudo.man.in: regen [1ee11fd6d4eb] * doc/sudo_plugin.pod, doc/sudoers.pod: Document iolog_file and supported escape sequences for sudoers. Clarify that iolog_file can contain directories. [da611dedcbdb] * compat/Makefile.in, configure, configure.in: Fix building of mkstemps/mkdtemp replacements. [793a5e303122] * compat/mkstemps.c, compat/mktemp.c, config.h.in, configure, configure.in, include/missing.h: Provide mkdtemp() for systems without it. [b0527dfa965c] * plugins/sudoers/iolog_path.c: Fix typo [277f6c514cba] * plugins/sudoers/iolog.c: Only use mkdtemp() if the path ends in at least 6 Xs since otherwise glibc mkdtemp() returns EINVAL. [2e7323b05579] * plugins/sudoers/Makefile.in, plugins/sudoers/def_data.c, plugins/sudoers/def_data.h, plugins/sudoers/def_data.in, plugins/sudoers/defaults.c, plugins/sudoers/iolog.c, plugins/sudoers/iolog_path.c, plugins/sudoers/plugin_error.c, plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h: Allow sudoers to specify the iolog file in addition to the iolog dir. Add escape sequence support to iolog file and dir: sequence number, user, group, runas_user, runas_group, hostname and command in addition to any escape sequence recognized by strftime(3). [75cd32ee0435] * plugins/sudoers/iolog.c: Add missing sigsetjmp() call in I/O plugin open function. Fixes a crash when the I/O plugin calls error(), errorx() or log_error(). [1a6718bd817d] 2010-12-21 Todd C. Miller * doc/sudo_plugin.pod, plugins/sudoers/iolog.c, plugins/sudoers/sudoers.c: Give the policy module fine-grained control over what the I/O plugin logs. [d29784fd2a66] * common/term.c: Clear OPOST from c_oflag like we used to. Fixes screen-based editors such as vi. [506ad5ae9b4e] * doc/sudoers.pod: Clarify umask option description. From Reuben Thomas. [1294ac84222b] 2010-12-20 Todd C. Miller * doc/sudoers.ldap.pod, plugins/sudoers/ldap.c: Pick last match in LDAP sudoers too [fbfd8e85703b] * doc/sudo_plugin.pod: Document iolog_file, iolog_dir and use_pty [26120a59c20e] * plugins/sample/sample_plugin.c, plugins/sudoers/iolog.c, plugins/sudoers/sudoers.c: Adapt plugins to version I/O logging ABI 1.1 [880dd64bc1e8] * src/exec.c, src/sudo.h: Add use_pty command_info flag for policies to indicate that a pty should be allocated even if no I/O logging is performed. [e7b167f8a6e5] * src/sudo.c: Add remaining plugin convenience functions [ffeaf96da031] * include/sudo_plugin.h, src/sudo.c, src/sudo.h, src/sudo_plugin_int.h: Change I/O log API to pass in command info to the I/O log open function. Add iolog_file and iolog_dir parameters to command info. This allows the policy plugin to specify the I/O log pathname. Add convenience functions for calling plugin functions that handle ABI backwards compatibility. [9b81dce76ce5] * compat/dlopen.c: Remove useless cast [7cecce969739] 2010-12-17 Todd C. Miller * configure, configure.in: Bump version to 1.8.0b3 [1dc9f040aae0] 2010-12-13 Todd C. Miller * configure.in: Remove extraneous newline [71c94551eea5] 2010-12-10 Todd C. Miller * doc/sudoers.pod, plugins/sudoers/def_data.c, plugins/sudoers/def_data.h, plugins/sudoers/def_data.in, plugins/sudoers/defaults.c, plugins/sudoers/iolog.c: Make I/O log dir configurable. [99b576667a38] * aclocal.m4, configure, configure.in, doc/sudoers.pod: Rename io_logdir to iolog_dir [0731662acc8d] 2010-12-07 Todd C. Miller * pp: Add missing '*' that prevented the generic ELF case from matching. [be77ca26bfb2] * pp: If file(1) can't identify the ELF binary type, try readelf(1). [38a18d32a9e3] 2010-11-30 Todd C. Miller * plugins/sudoers/auth/kerb4.c, plugins/sudoers/check.c, plugins/sudoers/env.c, plugins/sudoers/pwutil.c, plugins/sudoers/sudoers.c, src/sudo.c: Use %u to print uid/gid, not %lu and adjust casts to match. [03c43b8749cf] * doc/sudoers.ldap.pod: Clarify ordering of entries and attributes. [924e2a6bb603] * doc/sudoers.ldap.pod: Fix typo and editing goof. [79dc7ccd85a8] * doc/schema.ActiveDirectory, doc/schema.OpenLDAP, doc/schema.iPlanet, doc/sudoers.ldap.pod: Merge in ordered LDAP entry support from Andreas Mueller. [ea5885989bad] * plugins/sudoers/ldap.c: Make sure we don't dereference a NULL handle. [1a9f9ee15371] 2010-11-24 Todd C. Miller * pp: Add support for RHEL 6 file modes that include a trailing dot on files with an SELinux security context [dc09be959547] 2010-11-23 Todd C. Miller * src/sudo.c: exec_setup() does not need to setuid(0), the Ubuntu issue was in the sudoers module. [d6dd99fc6062] * plugins/sudoers/sudoers.c: create_admin_success_flag() should use restore_perms() rather than set_perms() to restore the uid. [eba7a91c1f57] * src/sudo.c: In exec_setup() call setuid(0) to make certain the subsequent uid and gid changes will succeed. Fixes a problem on Ubuntu. [c5d32abf0645] * src/sudo_edit.c: Error out if we cannot change to root's uid so we catch the failure early. [7a2e7f8f2c80] 2010-11-22 Todd C. Miller * doc/sudoers.pod: fix typo; from Michael T Hunter [a574a9d0db5b] * plugins/sudoers/match.c: In sudoedit mode, assume command line arguments are paths and pass FNM_PATHNAME to fnmatch(). [ce0abff8ce9f] 2010-11-20 Todd C. Miller * configure, configure.in: Add workaround for an error in sys/types.h on HP-UX 11.23 when large file support is enabled. Defining _XOPEN_SOURCE_EXTENDED avoids the broken bits of the header file. [e337217f097a] * aclocal.m4: Fix SUDO_MAILDIR usage of AC_LANG_PROGRAM [fbbcee28961f] * sudo.pp: For Tru64, strip off beta version. [eeccd762df5e] * MANIFEST, plugins/sudoers/testsudoers.c, plugins/sudoers/tsgetgrpw.c, plugins/sudoers/tsgetgrpw.h: Avoid conflicts with system definitions in grp.h and pwd.h [b219ffe1da09] * zlib/gzguts.h: Include stdio.h after zlib.h, not before. We need the large file defines to come first. [21d6df39790f] 2010-11-19 Todd C. Miller * doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in: regen [3ff8750d0aac] * Makefile.in: Don't clean ChangeLog [ab0d30d289d4] * plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c: Add prototype for cleanup() [75626fd3769a] 2010-11-18 Todd C. Miller * plugins/sudoers/group_plugin.c: Avoid deferencing group_plugin if it is NULL in group_plugin_query(). This should not happen. [4f2933c8da7e] * plugins/sudoers/group_plugin.c: group plugin init function return TRUE when successful [198024477030] 2010-11-17 Todd C. Miller * plugins/sudoers/ldap.c: Enlarge the array of entry wrappers int blocks of 100 entries to save on allocation time. From Andreas Mueller [375c916bb03b] * plugins/sudoers/ldap.c: Add back call to sudo_ldap_timefilter() in sudo_ldap_build_pass2() that was mistakenly dropped. [1555f5bc132d] 2010-11-16 Todd C. Miller * doc/TROUBLESHOOTING: Mention that sudo needs "ar" to build. [65582ace2d09] * configure, configure.in: Fail with a more useful error if "ar" is not found. [d1cb83719c17] 2010-11-14 Todd C. Miller * plugins/sudoers/ldap.c: Merge in ordered LDAP entry support from Andreas Mueller and add local changes from the 1.7 branch. [bca29e461618] 2010-11-12 Todd C. Miller * doc/schema.ActiveDirectory, doc/schema.OpenLDAP, doc/schema.iPlanet, doc/sudoers.ldap.pod, plugins/sudoers/ldap.c: Add timed entry support from Andreas Mueller. [e18d1df46a8d] * plugins/sudoers/group_plugin.c: Don't try to unload if group_plugin is NULL. Don't call dlclose() if group_handle is NULL [de2273da37d5] * plugins/sudoers/sudoers.h: It is now plugin_cleanup(), not cleanup() [da62a4e1a78c] * plugins/sudoers/logging.c, plugins/sudoers/sudoers.c: Call plugin_cleanup(), not cleanup() [e800ad8b33ad] 2010-11-11 Todd C. Miller * plugins/sudoers/ldap.c: Use efree() not free() and remove malloc.h include since we never directly call malloc() or free(). [107fffd134bb] 2010-11-09 Todd C. Miller * sudo.pp: set PSTAMP for Solaris and move the backend-specific bits to their own %if [xxx] %endif blocks in %set. [a94ebe8920c1] * pp: sync with git repo [75ff509696b4] * configure, configure.in: Only substitute file zlib files when using the builtin zlib [6c8145b2deb4] * common/Makefile.in, compat/Makefile.in, plugins/sample/Makefile.in, plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in, src/Makefile.in, zlib/Makefile.in: Give up on using VPATH to find sources as it is implemented inconsistenly in different versions of make. [60517c69aaee] * plugins/sudoers/Makefile.in, plugins/sudoers/getdate.c, plugins/sudoers/gram.c, plugins/sudoers/toke.c: Include config.h before any other includes to make sure we get the right value for _FILE_OFFSET_BITS. [8fb007ca832e] * MANIFEST: Add zlib [04a3e23dfaa9] * zlib/Makefile.in: Add missing targets [40e45a177168] * src/Makefile.in: g/c unused $(GENERATED) [c8758068c1bc] 2010-11-08 Todd C. Miller * plugins/sudoers/group_plugin.c: Zero out group_plugin on unload just to be safe. [0b10f4d101ca] * plugins/sudoers/group_plugin.c: Unload group plugin if its init function fails. [6552cdac4b7c] * src/sudo.c: Only chdir to cwd if it is different from the current cwd or there is a new root (chroot). [b8203e875e84] * configure, configure.in, doc/sudo.cat, doc/sudo.man.in, doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in, doc/visudo.cat, doc/visudo.man.in: Bump version to 1.8.0b2 [6dadeb75a878] 2010-10-28 Todd C. Miller * INSTALL: Better --enable-zlib description [e0da54fa59a6] * mkpkg: Use system zlib on Linux Let configure decide on Solaris For all others, use builtin zlib [3d52eddb523c] * zlib/zconf.h.in: Add large file support. [bec01215270d] * config.h.in: Add large file support. [244e95b034ec] * Makefile.in, configure, configure.in, doc/LICENSE, doc/license.pod, zlib/Makefile.in, zlib/adler32.c, zlib/compress.c, zlib/crc32.c, zlib/crc32.h, zlib/deflate.c, zlib/deflate.h, zlib/gzclose.c, zlib/gzguts.h, zlib/gzlib.c, zlib/gzread.c, zlib/gzwrite.c, zlib/infback.c, zlib/inffast.c, zlib/inffast.h, zlib/inffixed.h, zlib/inflate.c, zlib/inflate.h, zlib/inftrees.c, zlib/inftrees.h, zlib/trees.c, zlib/trees.h, zlib/uncompr.c, zlib/zconf.h.in, zlib/zlib.h, zlib/zutil.c, zlib/zutil.h: Add local copy of zlib for systems that lack it. [7542ca465c5a] 2010-10-15 Todd C. Miller * src/exec.c: If perform_io() fails, kill the child before exiting so it doesn't complain about connection reset. We can get an I/O error if, for example, and we get EIO reading from stdin. [e59a05fa729f] 2010-10-12 Todd C. Miller * plugins/sudoers/sudoers.c, src/sudo.c: Fix complilation on systems with set_auth_parameters() Sprinkle volatile to quiet warnings from gcc 2.8.0 [a34c2b924ba7] * compat/dlfcn.h, compat/dlopen.c: Avoid potential namespace issues with dlopen() emulation. [aedfababd6ca] * MANIFEST: sync [6afb97e6d308] * plugins/sudoers/interfaces.c: Use INADDR_NONE instead of casting -1 to in_addr_t (which may not exist). [ddfca5af1a36] * Makefile.in: Mark ChangeLog as PHONY Don't overwrite ChangeLog if we can't run hg [e9d04bfa4505] * configure, configure.in: HP-UX 10.20 libc has an incompatible getline [2e7bc202e78d] * plugins/sudoers/visudo.c: Quiet an HP-UX compiler warning. [55b9d587ac8c] * configure, configure.in: Check for vi even with --with-editor specified; the sample plugin needs it. [94dfc3643f76] 2010-10-11 Todd C. Miller * compat/dlopen.c: Fix remaining syntax errors. [9d729b5b577e] * src/Makefile.in: sudo binary depends on the libtool-generated libs [9e6148406adb] * plugins/sudoers/group_plugin.c, src/load_plugins.c: Use HAVE_DLOPEN instead of HAVE_DLFCN_H when determining whether to include the local or system dlfcn.h [68cfe4c1089b] * pp: Don't use run_as_superuser=false on HP-UX [532242370b09] * src/net_ifs.c: Use memset() instead of zero_bytes() since we don't include sudoers.h [a187c18c2472] * plugins/sudoers/interfaces.c: Fix pasto; AF_INET not AF_INET6 [2d2e9d7dc6f9] * compat/dlopen.c: Actually call shl_load() [ed8153b8a3cd] * pp: Update from git repo. Debian: version numbers now compliant with policy section 5.6.12 HP-UX: minimal changes needed to work on HP-UX 10.20 [ecf2692bceeb] * configure, configure.in: Fix dlopen() detection for systems where dlopen() is in a separate library. [fa6b175582b6] * plugins/sudoers/auth/pam.c: If pam_acct_mgmt() returns PAM_AUTH_ERR print a (hopefully) more useful message and return AUTH_FATAL so sudo does not keep trying to validate the user. [1be8857e5291] * src/preload.c: sudo_preload_table is an array [b7704e72a9da] * compat/dlopen.c: Quiet a compiler warning and fix sudo_preload_table external definition. [8234987664cc] * compat/dlfcn.h: Fix multiple inclusion guard in dlfcn.h and fix dlerror() prototype. [8bab6a4053cc] * plugins/sudoers/group_plugin.c: Make this compile correctly when no dlopen is available. [57643879bd2b] 2010-10-07 Todd C. Miller * plugins/sudoers/check.c: Having a timestamp file defined is no longer indicative of tty tickets being enabled. Check def_tty_tickets directly. [efcc11ad157f] * src/exec_pty.c, src/sudo.h, src/ttysize.c: Fix TCGETWINSZ compat. [da3a8b17cf7a] 2010-10-02 Todd C. Miller * src/exec_pty.c, src/ttysize.c: Prefer newer TIOCGWINSZ ioctl to old TIOCGSIZE [926492dd10a6] 2010-10-01 Todd C. Miller * plugins/sudoers/sudoers.c, src/sudo.c: Move set_project() from sudoers module into sudo proper. [beabafac03b4] * configure, configure.in: Fix typo and regenerate [4a3caf4234f3] * plugins/sudoers/ldap.c: When iterating over returned LDAP entries, keep looking at remaining matches even if we have a positive match. This catches negative matches that may exist in other entries and more closely match the sudoers file behavior. [f47db6e609b0] * pp: Add support for multiple package instances on Solaris. [7f2a8b942545] * src/exec.c: Add missing signal_pipe[0] to fdsr for the non-pty case. [79d01e11b19c] * mkpkg: Add --with-project for Solaris [ffa4c2bb93f7] * README: Need ar and ranlib too [5c2f679172ef] 2010-09-27 Todd C. Miller * plugins/sudoers/env.c: Preserve ODMDIR environment variable by default on AIX. [bd47cb1e804f] 2010-09-26 Todd C. Miller * Makefile.in, compat/Makefile.in, compat/dlfcn.h, compat/dlopen.c, config.h.in, configure, configure.in, plugins/sample/Makefile.in, plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in, plugins/sudoers/group_plugin.c, plugins/sudoers/plugin_error.c, plugins/sudoers/sudoers.c, src/Makefile.in, src/load_plugins.c, src/preload.c: Add dlopen() emulation for systems without it. For HP-UX 10, emulate using shl_load(). For others, link sudoers plugin statically and use a lookup table to emulate dlsym(). [e92edfb3c642] 2010-09-24 Todd C. Miller * compat/fnmatch.c, compat/glob.c, compat/mksiglist.c, compat/nanosleep.c, compat/utimes.c: When including compat headers, use the compat dir as part of the path so we are sure to get the correct header. [6c2a45da6af5] 2010-09-21 Todd C. Miller * plugins/sudoers/linux_audit.c: Ignore ECONNREFUSED from audit_log_user_command() which will occur if auditd is not running. [d314fe4c8d03] 2010-09-17 Todd C. Miller * pp: Sync with git version [1c0357744222] 2010-09-16 Todd C. Miller * common/fileops.c, plugins/sudoers/defaults.c: Cast isblank argument to unsigned char. [c822dbb3ca54] 2010-09-14 Todd C. Miller * INSTALL, config.h.in, configure, configure.in, doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.pod, plugins/sudoers/defaults.c: Implement --with-umask-override configure flag. [863e3047df22] * plugins/sudoers/env.c: Take MODE_LOGIN_SHELL into account when initially setting reset_home instead of special-casing it later. [5d6b16480fd6] * plugins/sudoers/sudoers.c: In login mode, make a copy of the runas user's pw_shell for NewArgv[0] because 1) we modify it and 2) it will runas_pw gets freed before exec. [1d1ccb568dfa] * plugins/sudoers/env.c: Reset HOME for "sudo -i" even if HOME was listed in env_keep. [c1c1c65a2d63] * src/sudo.c: Use SIG_SETMASK when resetting signal mask instead of SIG_UNBLOCK. [7443454e5f88] * src/sudo.c: Reset signal mask at sudo startup time; we need to be able to rely on normal signal delivery to control the child process. [95800163ff94] 2010-09-13 Todd C. Miller * install-sh: Use sed instead of expr to split a flag from its argument. Fixes a problem with expr interpreting its arguments as a flag when they start with a dash. [736065e14301] * common/lbuf.c: Do not need sys/time.h after all [91f6f668ccda] * common/lbuf.c: Include sys/time.h for utimes() and struct timeval. No longer need ioctl.h or termios.h [2d75273d3213] * compat/snprintf.c: Quiet bogus compiler warnings. [fe252e1968f5] * include/missing.h: Declare innetgr() for HP-UX which is missing a declaration. Declare domainname() for HP-UX and Solaris which are missing a declaration. [b37c50751138] * plugins/sudoers/bsm_audit.c: Use __sun for consistency with the rest of the sources. [6b086b61ccb6] * plugins/sudoers/group_plugin.c: Quiet a bogus compiler warning. [ebc069842c4a] * plugins/sudoers/pwutil.c: Don't try to delref a NULL group. [f6ff0838be21] * common/alloc.c, common/lbuf.c: Include memory.h on systems that need it. [4e676da81c6f] 2010-09-11 Todd C. Miller * src/exec.c: Quiet gcc warnings on glibc systems that use warn_unused_result for write(2). [0532da0b7cf7] * doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.pod: sudo_plugin is in section 8; from Ted Percival [b4506a0de87e] * plugins/sudoers/Makefile.in: testsudoers depends on libsudoers.la, not sudoreplay [cdb1cc3bf06a] 2010-09-10 Todd C. Miller * src/exec.c: Read as many signals on the signal pipe as we can before returning. [b181671da047] * src/exec.c, src/exec_pty.c, src/sudo_exec.h: Instead of using a array to store received signals, open a pipe and have the signal handler write the signal number to one end and select() on the other end. This makes it possible to handle signals similar to I/O without race conditions. [ee84d65c16b6] 2010-09-09 Todd C. Miller * doc/visudo.pod, plugins/sudoers/visudo.c: Make "visudo -c -f -" check the standard input. [195a3d2a9a26] * doc/sudoers.pod: set_home and always_set_home have an effect if HOME is present in the env_keep list. [159d0b9dc5c8] * plugins/sudoers/env.c: Make -H flag work when HOME is listed in env_keep. Also makes "set_home" and "always_set_home" override override HOME in env_keep. [a3e5b966193f] 2010-09-08 Todd C. Miller * plugins/sudoers/Makefile.in, plugins/sudoers/interfaces.c, plugins/sudoers/interfaces.h, plugins/sudoers/match.c, plugins/sudoers/sudoers.c, plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c, src/net_ifs.c: Convert sudoers plugin to use interface list passed in settings. [87d9b5f4f586] * doc/sudo_plugin.pod, src/Makefile.in, src/net_ifs.c, src/parse_args.c, src/sudo.h: Query local network interfaces in the main sudo driver and pass to the plugin as "network_addrs" in the settings list. [7f35bcfe77a7] * plugins/sudoers/bsm_audit.c: Solaris BSM audit return EINVAL when auditing is not enabled, whereas OpenBSM returns ENOSYS. [411b980ec58b] 2010-09-07 Todd C. Miller * compat/fnmatch.c: missing.h should come before most local includes [53921a7b8b5b] * plugins/sudoers/sudoreplay.c: missing.h should come before most local includes [e9abb0db1aac] * plugins/sudoers/sudoers.h: Make local includes consistent; use double quotes for local includes except for generated ones where we use angle brackets. [09de4faa9547] * plugins/sudoers/sudoers.c: Always fill in NewArgv for audit code. [7c3aca60519f] * plugins/sudoers/toke.c, plugins/sudoers/toke.l: Add missing LOG_INPUT/LOG_OUTPUT support in the lexer. [007cf6560f92] * common/alloc.c, common/atobool.c, common/fileops.c, common/fmt_string.c, common/lbuf.c, common/list.c, common/term.c, common/zero_bytes.c, compat/closefrom.c, compat/fnmatch.c, compat/getcwd.c, compat/getgrouplist.c, compat/getline.c, compat/getprogname.c, compat/glob.c, compat/isblank.c, compat/memrchr.c, compat/mksiglist.c, compat/mkstemps.c, compat/nanosleep.c, compat/setenv.c, compat/snprintf.c, compat/strlcat.c, compat/strlcpy.c, compat/strsignal.c, compat/unsetenv.c, compat/utimes.c, include/compat.h, plugins/sample/sample_plugin.c, plugins/sample_group/getgrent.c, plugins/sample_group/plugin_test.c, plugins/sample_group/sample_group.c, plugins/sudoers/audit.c, plugins/sudoers/auth/afs.c, plugins/sudoers/boottime.c, plugins/sudoers/getdate.c, plugins/sudoers/getdate.y, plugins/sudoers/linux_audit.c, plugins/sudoers/match.c, plugins/sudoers/plugin_error.c, plugins/sudoers/sudoreplay.c, plugins/sudoers/timestr.c, src/error.c, src/sesh.c, src/sudo.h, src/sudo_noexec.c, src/ttysize.c: Make local includes consistent; use double quotes for local includes except for generated ones where we use angle brackets. Also g/c unused compat.h. [e57070dc8f04] 2010-09-06 Todd C. Miller * plugins/sudoers/match.c: When matching the runas user and runas group (-u and -g command line options), keep track of runas group and runas user matches separately. Only return a positive match if we have a match for both runas user and runas group (if specified). [815219e04cc8] 2010-09-04 Todd C. Miller * doc/sudoers.ldap.pod, plugins/sudoers/ldap.c: Add support for multiple URI lines by joining the contents and passing the result to ldap_initialize. [a47cae3b72e8] * plugins/sudoers/ldap.c, plugins/sudoers/parse.c: Do not return -1 on error from the display functions; the caller expects a return value >= 0. [101456a7dd00] * plugins/sudoers/sudoers.c: Do not set both MODE_EDIT and MODE_RUN [8faa36694d54] 2010-09-03 Todd C. Miller * include/missing.h: Move includes to the top of the file. [a51436798e8c] 2010-08-30 Todd C. Miller * plugins/sudoers/Makefile.in: Add missing definition of timedir [458a749c2c5e] * compat/fnmatch.c, compat/getprogname.c, compat/isblank.c, compat/mksiglist.c, compat/strsignal.c, plugins/sudoers/plugin_error.c, src/error.c, src/sudo_noexec.c: Add #include of sys/types.h for .c files that include missing.h to be sure that size_t and ssize_t are defined. [08e3132dbf4f] * plugins/sudoers/Makefile.in: Install sudoers file from the build dir not hte src dir. [ca89e962dbf4] 2010-08-26 Todd C. Miller * plugins/sudoers/set_perms.c: If runas_pw changes, reset the stashed runas aux group vector. Otherwise, if runas_default is set in a per-command Defaults statement, the command runs with root's aux group vector (i.e. the one that was used when locating the command). [24f9107cedd2] * plugins/sudoers/Makefile.in: Add target to generate sudoers file Remove generated sudoers file as part of distclean [fb7422e90f03] 2010-08-24 Todd C. Miller * src/exec.c: When not logging I/O install a handler for SIGCONT and deliver it to the command upon resume. Fixes bugzilla #431 [495dce52a5aa] 2010-08-21 Todd C. Miller * plugins/sudoers/sudoers.h: g/c unused auth_pw extern definition [40eb7477ba17] * plugins/sudoers/check.c, plugins/sudoers/sudoers.c: Move get_auth() into check.c where it is actually used. [e31db0ce3a61] 2010-08-20 Todd C. Miller * common/lbuf.c: Convert a remaining puts() and putchar() to use the output function. [d69e363a506b] * plugins/sudoers/plugin_error.c: Plug memory leak [68895469ea8d] 2010-08-18 Todd C. Miller * plugins/sudoers/env.c: Set dupcheck to TRUE when setting new HOME value if !env_reset but always_set_home is true. Prevents a duplicate HOME in the environment (old value plus the new one) introduced in f421f8827340. [9ca19183794f] * configure, configure.in, plugins/sudoers/sudoers, plugins/sudoers/sudoers.in: Substitute sysconfdir in the installed sudoers file to get the correct path for sudoers.d. [86072b6cd55d] 2010-08-17 Todd C. Miller * src/get_pty.c: Fix typo that prevented compilation on Irix; Friedrich Haubensak [b48be51b65fc] 2010-08-16 Todd C. Miller * MANIFEST, common/Makefile.in, common/aix.c, common/alloc.c, common/atobool.c, common/fileops.c, common/fmt_string.c, common/lbuf.c, common/list.c, common/term.c, common/zero_bytes.c, compat/Makefile.in, compat/closefrom.c, compat/fnmatch.c, compat/getcwd.c, compat/getgrouplist.c, compat/getline.c, compat/getprogname.c, compat/glob.c, compat/isblank.c, compat/memrchr.c, compat/mksiglist.c, compat/mkstemps.c, compat/nanosleep.c, compat/setenv.c, compat/snprintf.c, compat/strlcat.c, compat/strlcpy.c, compat/strsignal.c, compat/unsetenv.c, compat/utimes.c, include/compat.h, include/missing.h, plugins/sample/sample_plugin.c, plugins/sample_group/getgrent.c, plugins/sample_group/sample_group.c, plugins/sudoers/Makefile.in, plugins/sudoers/audit.c, plugins/sudoers/boottime.c, plugins/sudoers/getdate.c, plugins/sudoers/getdate.y, plugins/sudoers/linux_audit.c, plugins/sudoers/plugin_error.c, plugins/sudoers/sudoers.h, plugins/sudoers/sudoreplay.c, plugins/sudoers/timestr.c, src/Makefile.in, src/error.c, src/sesh.c, src/sudo.h, src/sudo_noexec.c, src/ttysize.c: Merge compat.h and missing.h into missing.h [572909ae9716] 2010-08-14 Todd C. Miller * plugins/sudoers/auth/pam.c: If the user hits ^C while a password is being read, error out before reading any further passwords in the pam conversation function. Otherwise, if multiple PAM auth methods are required, the user will have to hit ^C for each one. [23782631748c] 2010-08-12 Todd C. Miller * plugins/sudoers/check.c: Update comment [a5296cb3a20a] * doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod: Document sudo_conv_t function and sudo_printf_t return values. [745c0017814c] * src/conversation.c: Make _sudo_printf return the number of characters printed on success like printf(3). [8eeefe8d7e77] 2010-08-10 Todd C. Miller