The Signals enum was added in Python 3.5. If it is not present we
need to iterate over the dicti...

When converting sudo options from a dictionary to a tuple we need
to track the current index into...

For rpm and deb we include the file directly and mark it volatile.
For all others we copy it in t...

Also intialize with_python to false.

This makes it possible to update the Debug settings in sudo.conf and
have them take effect on rel...

Otherwise, only the debug framework gets the actual error and the
user won't see the problem.

Also store the host + port string and use it in error messages.

Also package the run directory in the sudo_logsrvd PolyPkg file.

Otherwise we may get a spurious test failure.

This gives more reproducible error messages for the tests.

Dictionary order is not stable in Python < 3.6 so we need to sort
by key to have consistent resul...

Fixes missing header dependencies for the sudoers and python plugins.

Fixes the warning in the log:
iolog_write_info_file_json: unable to fchown 0:0 /var/log/...: Bad...

It is possible for the cwd and/or tty to be missing. If we send a
NULL pointer to the server whe...

Debian bug #571621

We have to limit the length of SUDO_COMMAND to avoid getting E2BIG
from execve(2) for very long a...

If pam_setcred() fails when opening the PAM session, we don't want
to call it with PAM_DELETE_CRE...

This is used for PAM authentication to make sure pam_end() is called
via sudo_auth_cleanup() when...

Otherwise we may get a spurious test failure.

If cwd_optional is set to true, a failure to set the cwd will be a
warning, not an error, and the...

This approximates what I want the sudo coding style to look like.
Only deviations from webkit sty...

We currently have no good way to distinguish between an error
executing the command and an error ...

On Solaris, pid_t may be typedef'd as a long but the actual range
is 32 bits at most.

These are all ISC licensed but it is still best to have them
all listed in one place.

This will be used by sudoreplay if it exists to get more information
about the command being repl...

The JSON version includes more information than the original "log"
file in the I/O log dir.

We can use a single stack for nested objects and arrays.
There is also no need to track the curre...

Dummy out verify_server_cert() if it is not present to allow building
on older OpenSSL versions. ...

We shouldn't rely on it to be implicitly included via OpenSSL headers.

Linux containers don't allow RLIMIT_CORE to be set back to RLIM_INFINITY
if we set the limit to z...

Now used by sudo_ev_init() to avoid bogus events.

It is less error-prone to use functions with a return value that
indicates when truncation ocurred.

Allows python plugin tests to success on versions other than 3.7.

Some people find using Cmd_Alias more natural.

Explicitly passing the event base removes the need to set a default base.

Instead, check io_operations.open for NULL which is the case for
"sudo -V". Also move the early ...

If the ModulePath is relative, assume it is under
"/usr/local/libexec/sudo/python" or wherever t...

If "ClassName" is not specified, load the one and only sudo.Plugin from
the module (if so), othe...

so python log system can be used with sudo logsystem.
Loggers use it by default (the handler is ...

These can be used to optionally disable building sudo_logsrvd and
support for remote I/O logging ...

For approval plugins show_version is not optional.

Before it only displayed the plugin version, now it also displays
which python plugin is loaded ...

- plugin->show_version is not marked NULL any more.
- if verbose, it also displays which python ...