Ecosyste.ms: OpenCollective
An open API service for software projects hosted on Open Collective.
Sudo Project
Provide privileged access management for the masses.
Collective -
Host: opensource -
https://opencollective.com/sudo-project
- Website: https://www.sudo.ws
- Code: https://github.com/sudo-project
We only want to pass the execution environment back for commands
that are accepted or rejected.
A...
If logging via syslog, do the openlog() at config time instead.
We still lock the log file prior ...
Since lockf() uses the files's current offset, we need to seek to
the start of the file to unlock...
github.com/sudo-project/sudo - 1b930b585d8e07de334a0130227c9a420057568f authored over 4 years ago by Todd C. Miller <[email protected]>
github.com/sudo-project/sudo - 4b4db9694a348de67617522f669efc0c29e67a1e authored over 4 years ago by Todd C. Miller <[email protected]>
github.com/sudo-project/sudo - 4d1454ebaba1f5d513169f32facaa3e255ccd3ed authored over 4 years ago by Todd C. Miller <[email protected]>
github.com/sudo-project/sudo - 95dce8cbe6da74f466847f51be5f02fccc228204 authored over 4 years ago by Robert Manner <[email protected]>
This only happens when sudo unloads the last python plugin.
The reason doing so is because there...
github.com/sudo-project/sudo - 3be61db35cff9baee6e997f993acdf4aa3e11e4f authored over 4 years ago by Robert Manner <[email protected]>
We do not use structsequence any more.
github.com/sudo-project/sudo - 06b1f58e9f57f65abee692b6672258faaebead16 authored over 4 years ago by Robert Manner <[email protected]>github.com/sudo-project/sudo - 8a9218d161c207efbb637518a311c15e6ecd16aa authored over 4 years ago by Robert Manner <[email protected]>
Previously, a config reload would refresh the listener address list
but the changes had no effect...
Adds a missing #ifdef HAVE_OPENSSL and reorders code to avoid the
need for a static init_tls_serv...
Note that depending on the system, the default syslog buffer
may not be large enough to store all...
github.com/sudo-project/sudo - 5781a6a4cf118dc174180bf6a4187ebef2b999c6 authored over 4 years ago by Todd C. Miller <[email protected]>
github.com/sudo-project/sudo - 8ef5b734c4a50e329ba393980008abb6ae090d6b authored over 4 years ago by Todd C. Miller <[email protected]>
We need to re-initialize the TLS server context.
Also fix a memory leak of the TLS parameters on ...
The I/O logging plugin is passed the environment the command will
run with, not the user's origin...
This is better than cluttering up the code with #ifdefs for obsolete
systems.
github.com/sudo-project/sudo - e7bd19bd1e6de439891a7f2383445e4b0aa5cf78 authored over 4 years ago by Todd C. Miller <[email protected]>
github.com/sudo-project/sudo - d2314acae854bd127d531c399d0faf3e0534341c authored over 4 years ago by Todd C. Miller <[email protected]>
fromisoformat is only supported from python >=3.7
github.com/sudo-project/sudo - 8395a20a20ff1ff68f46770812b4bccc08c8cfce authored over 4 years ago by Robert Manner <[email protected]>github.com/sudo-project/sudo - b2ae79c2beff5bd40e8bbedba4a7c10d055ddb61 authored over 4 years ago by Robert Manner <[email protected]>
even if the arguments are not used (eg. when there is no "close" call
in the plugin).
It was no...
github.com/sudo-project/sudo - a71828b385f3f9beece24aedd0cec584bbb876fc authored over 4 years ago by Robert Manner <[email protected]>
The python_plugin_api_rc_call function already decrements the
refcount of py_args.
Python avoids...
The error is always stored in plugin_ctx, but it is only set into errstr
if the API version is e...
github.com/sudo-project/sudo - 23af39b0058aadd296d350cef24a3b0354f8aef2 authored over 4 years ago by Robert Manner <[email protected]>
github.com/sudo-project/sudo - d1f94c857c61958c6dd47215a9ce74c4eb1a13a9 authored over 4 years ago by Robert Manner <[email protected]>
Same as sudo.PluginError exception, have a sudo.PluginReject exception
as well. Added common bas...
github.com/sudo-project/sudo - 80b3d86d6eeed6119e7716099b2f19d18054d346 authored over 4 years ago by Robert Manner <[email protected]>
github.com/sudo-project/sudo - 9fa6500d6a63f77cb67ea21e8ca8207fc49edce8 authored over 4 years ago by Robert Manner <[email protected]>
Tests did not catch the issue where errstr was not set correctly, but
its pointer contained the ...
github.com/sudo-project/sudo - 43e256e34f85aa6032c741278a676a80fbe8cff9 authored over 4 years ago by Robert Manner <[email protected]>
There's no need for four copies of sudo_debug_parse_flags().
github.com/sudo-project/sudo - 0e4c3c47d112faf59bf189f560d217c500706462 authored over 4 years ago by Todd C. Miller <[email protected]>Currently only env_check, env_delete, env_keep and log_servers are lists.
github.com/sudo-project/sudo - 9e2e79b6fa3ca210cfda610667d70861f06b165d authored over 4 years ago by Todd C. Miller <[email protected]>Also fix a few typos.
github.com/sudo-project/sudo - 009788afae4f70d692001b2ecfdcaf20652e3024 authored over 4 years ago by Todd C. Miller <[email protected]>We need a close function to be able to to free memory allocated for
errstr. Unlike the other plu...
Also add a missing sudo_debug_enter() after debug registration.
github.com/sudo-project/sudo - 55b61b989f6daee1226660db745a43deeb361af5 authored over 4 years ago by Todd C. Miller <[email protected]>This still breaks log filename incorrectly but is a step in the
right direction.
Instead, pass the repo path to either hg or log2cl.pl
github.com/sudo-project/sudo - c2f3f60583a1c276f8ac6e01d14b5ffb7e0bcc13 authored over 4 years ago by Todd C. Miller <[email protected]>github.com/sudo-project/sudo - 2781ec030bd3f9fd6a8d56c19d3cfe4b73f2376c authored over 4 years ago by Robert Manner <[email protected]>
The scriptdir contained a path relative to where the target was started.
The scripts are called ...
to simplify code a bit.
github.com/sudo-project/sudo - 62524416eb091a0d8b96b14ce12b470bac74e36a authored over 4 years ago by Robert Manner <[email protected]>github.com/sudo-project/sudo - ecdaaffd572469bb01312d5e0b6f435f89bad437 authored over 4 years ago by Robert Manner <[email protected]>
github.com/sudo-project/sudo - bd465b30876def6eae6398b77b48d5d0472f7f95 authored over 4 years ago by Robert Manner <[email protected]>
The main problem was that string array objects were constructed
differently:
- if constructed by...
github.com/sudo-project/sudo - 8f79d5c1c7f94da471d719dc2c59e45d70b58cb8 authored over 4 years ago by Robert Manner <[email protected]>
github.com/sudo-project/sudo - 67ab6fd5d6dc3b33640e3553b1679c0327197a92 authored over 4 years ago by Robert Manner <[email protected]>
It is a bit more code, but it is more "pythonic" and easier to debug
as the enum values also kno...
The intented behaviour was that those get skipped, but the PyList_GetItem
sets the interpreter i...
Unfortunately the test did not catch this mistake, because it only
searches that "Python policy ...
For the audit plugin.
Ensure we do not fail if plugin_ctx->py_instance is NULL (because
plugin i...
so they can start from clean state. (My problem was optional argument
tests has destroyed the ca...
github.com/sudo-project/sudo - 45d2638571bb2470a5082778f8beef8f215dde12 authored over 4 years ago by Robert Manner <[email protected]>
github.com/sudo-project/sudo - 9c4f076f858be0301354d2cc57358dcc4e844f85 authored over 4 years ago by Robert Manner <[email protected]>
Plugins can raise a sudo.PluginError exception to add context message
for the failure.
The call...
github.com/sudo-project/sudo - 3dd5f37af7fc12ef5b97aeb0019299e6efac07ad authored over 4 years ago by Robert Manner <[email protected]>github.com/sudo-project/sudo - cbf60cff5d43c084fe7308bfd53d30e676ff8ba3 authored over 4 years ago by Robert Manner <[email protected]>
github.com/sudo-project/sudo - bbbcb393344c52e2b8df22c3b335ab7c47222883 authored over 4 years ago by Robert Manner <[email protected]>
github.com/sudo-project/sudo - 52d067b01f68d29101d996ca74bc058440045b15 authored over 4 years ago by Robert Manner <[email protected]>
github.com/sudo-project/sudo - 1a1cb54975d245216ae1e163e1115d51aff92b46 authored over 4 years ago by Robert Manner <[email protected]>
to avoid warning of debug python build.
github.com/sudo-project/sudo - 4110800c146e111b87d1071c36a094b9c59f5f66 authored over 4 years ago by Robert Manner <[email protected]>github.com/sudo-project/sudo - ac61b5655d5b0437e3dec29c823ab4591db204e3 authored over 4 years ago by Todd C. Miller <[email protected]>
This splits the usage printing out into display_usage().
github.com/sudo-project/sudo - c5afbf00fc60c754d3c8ce729f77183ebc8b92fe authored over 4 years ago by Todd C. Miller <[email protected]>github.com/sudo-project/sudo - c92f39ed3d6e63714e1623c13fc55aa5c642253f authored over 4 years ago by Todd C. Miller <[email protected]>
github.com/sudo-project/sudo - d25ce46c56d352d6194955b874928bf3a2d2a4cb authored over 4 years ago by Todd C. Miller <[email protected]>
github.com/sudo-project/sudo - a75992897c4a1077ed8aa624a78cac696dbc429d authored over 4 years ago by Todd C. Miller <[email protected]>
Fixes coverity CID 207992
github.com/sudo-project/sudo - 630fc9b17b992febef796b497817c81f3266cd04 authored over 4 years ago by Todd C. Miller <[email protected]>github.com/sudo-project/sudo - 9d5f066180ef95aac2467b8ef0e577fa4adecaec authored over 4 years ago by Todd C. Miller <[email protected]>
github.com/sudo-project/sudo - 589adfee2d9c0de0b6d2f91f73abc7f8800d2ced authored over 4 years ago by Todd C. Miller <[email protected]>
github.com/sudo-project/sudo - 2fe127d1089bd1702f83af5aaca79a3f535b728d authored over 4 years ago by Todd C. Miller <[email protected]>
github.com/sudo-project/sudo - aa1ca9c9ba54167f75f7bf2997f081de45838c03 authored over 4 years ago by Todd C. Miller <[email protected]>
github.com/sudo-project/sudo - 7d5734a317e4eded3ad9b445e0139ae7464c15c5 authored over 4 years ago by Todd C. Miller <[email protected]>
The only outlier is the policy plugin which is not part of a list
since there can only be a singl...
github.com/sudo-project/sudo - ce21233fbe18dde0d89ad95411445212b7bb33eb authored over 4 years ago by Todd C. Miller <[email protected]>
The basic idea is that the approval plugin adds an additional
layer of policy. There can be mult...
o whitespace cleanup
o show_version doesn't have an errstr argument
o document runas_user and ...
github.com/sudo-project/sudo - 404b28c4d0c195a32dcf533ce03da3fcc3e1c55c authored over 4 years ago by Todd C. Miller <[email protected]>
github.com/sudo-project/sudo - ea377e432b2e79eb036250e917fa62a0f3cb5840 authored over 4 years ago by Todd C. Miller <[email protected]>
Otherwise, the audit plugin has to look up the runas name and group
by user or group ID.
This effectively disables pwfeedback when the -S or -A options are used.
github.com/sudo-project/sudo - d219c6463542d0f534f8d2bc90e70d26d57a526c authored over 4 years ago by Todd C. Miller <[email protected]>github.com/sudo-project/sudo - 0ca2d1427b26b3fa9c83e17b0e759a5b0d830cdd authored over 4 years ago by Laszlo Orban <[email protected]>
github.com/sudo-project/sudo - cec6b1708a086079997bb52eada45b75d02c9114 authored over 4 years ago by Todd C. Miller <[email protected]>
github.com/sudo-project/sudo - b35cc96f0edd6b94cc453d150c33dc85b945fe41 authored over 4 years ago by Todd C. Miller <[email protected]>
This makes it possible for a plugin to change the event base
to a local one and then reset it bac...
We should already have displayed a more useful error message.
Otherwise, we can get two "error in...
Otherwise, the command could be run before the TLS handshake completes.
github.com/sudo-project/sudo - b9bea255926730828c6233fd9855aadfcb48a5b6 authored over 4 years ago by Todd C. Miller <[email protected]>github.com/sudo-project/sudo - 1e5562df9391cc3599ff6498d87b5ad016b908ba authored over 4 years ago by Laszlo Orban <[email protected]>
github.com/sudo-project/sudo - 790f8bb629866a6da74f05e7fa3c0cdd3c978cdf authored over 4 years ago by Todd C. Miller <[email protected]>
That way we can distinguish between different error types.
github.com/sudo-project/sudo - 1b7dc82fee8766218770bd1dc1f14ff55fe3077b authored over 4 years ago by Todd C. Miller <[email protected]>github.com/sudo-project/sudo - bf85ea2bf717c0d7486e496b4311ef704e75436b authored over 4 years ago by Todd C. Miller <[email protected]>
github.com/sudo-project/sudo - a88a05c1eb88c2a958ef9f2e26a43c33cc71ca92 authored over 4 years ago by Todd C. Miller <[email protected]>
The audit_failure() function now stores the failure string.
This will allow an audit plugin to lo...
This can be used to implement logging-only plugins.
The plugin functions now take an errstr argum...
To be used by the upcoming JSON audit module.
github.com/sudo-project/sudo - 88f9f2ba9a55b3654c829bee69c6dcd7b5feef4d authored over 4 years ago by Todd C. Miller <[email protected]>github.com/sudo-project/sudo - dc45c4d4ea09452003e772d03e8d7a26975a05e9 authored over 4 years ago by Todd C. Miller <[email protected]>
We create type 4, variant 1 uuids (random).
github.com/sudo-project/sudo - ed294b828360aa47d400a4c77c132cddb71c334f authored over 4 years ago by Todd C. Miller <[email protected]>github.com/sudo-project/sudo - df2e3f7c7f6bfa78b6ca0cf8322dcad9b5b96e40 authored over 4 years ago by Todd C. Miller <[email protected]>
In getln() if the user enters ^U (erase line) and the write(2) fails,
the remaining buffer size i...
The resolve_host() function returns 0 on success, not bool.
github.com/sudo-project/sudo - 604945f93e6e59941aa02d241e528185c60982a3 authored over 4 years ago by Todd C. Miller <[email protected]>github.com/sudo-project/sudo - 0fcb6471609969b5911db0b2917ced16c913676f authored over 4 years ago by Todd C. Miller <[email protected]>