Ecosyste.ms: OpenCollective

An open API service for software projects hosted on Open Collective.

Sudo Project

Provide privileged access management for the masses.
Collective - Host: opensource - https://opencollective.com/sudo-project - Website: https://www.sudo.ws - Code: https://github.com/sudo-project

Add cvtsudoers command line option to suppress certain parts of the

security policy. Can be used to suppress displaying of Defaults
entries, aliases or privileges.

github.com/sudo-project/sudo - 8a237eb07d5b761ba0d9ddd15837c7a48ea56875 authored over 6 years ago by Todd C. Miller <[email protected]>
Silence a false positive from the clang static analyzer.

github.com/sudo-project/sudo - af6e1cd7c6be3bd5a831b57d3eec258f51f5042d authored over 6 years ago by Todd C. Miller <[email protected]>
Silence a false positive from the clang static analyzer.

github.com/sudo-project/sudo - 821e8a07da9cd1bfd125fe0daa55739fa58a7e16 authored over 6 years ago by Todd C. Miller <[email protected]>
Fix memory leak on error path.

github.com/sudo-project/sudo - fbed17e1a47a7779eeab107c391948ba0f480c4f authored over 6 years ago by Todd C. Miller <[email protected]>
regen

github.com/sudo-project/sudo - e9512df6b6936fb7f0e57d356a27f9d0acdbad12 authored over 6 years ago by Todd C. Miller <[email protected]>
Move cvtsudoers string functions into cvtsudoers.c

github.com/sudo-project/sudo - bbd3e558b14002583d9cc4d27145fe08ef96bcde authored over 6 years ago by Todd C. Miller <[email protected]>
regen

github.com/sudo-project/sudo - 9ab5dc5f76574b020c015f929f6a3b37bb7f2499 authored over 6 years ago by Todd C. Miller <[email protected]>
Initial support filtering by user, group and host in cvtsudoers.

Currently forces alias expansion when a filter is applied and the
entire matching user or host li...

github.com/sudo-project/sudo - ff79de85924a3afdb91e0d308ed2bba8fac47dc3 authored over 6 years ago by Todd C. Miller <[email protected]>
Add free_default() to free a struct defaults pointer so we have a

single place where we free the defaults. A pointer to the previous
Default's binding may be pass...

github.com/sudo-project/sudo - bc5e2d06a7a39e8bed61b57285a8e2af35d25448 authored over 6 years ago by Todd C. Miller <[email protected]>
Decrease bullet width to 1n.

github.com/sudo-project/sudo - b6c53ac84657356370abc4a5cc6241db0e51c9b6 authored over 6 years ago by Todd C. Miller <[email protected]>
Add aix_setauthdb() before the initial getpwuid() call.

github.com/sudo-project/sudo - b06e046835f44ba32163b3e96879e291d1dc0e50 authored over 6 years ago by Todd C. Miller <[email protected]>
fix compilation on Solaris

github.com/sudo-project/sudo - 910f2889486e819fbffebe2a270492936cd28dd7 authored over 6 years ago by Todd C. Miller <[email protected]>
Make "sudoreplay -m 0" skip the pauses entirely.

github.com/sudo-project/sudo - 1cb5ab8b9c3213157bf3f67cbbcec57115376a57 authored over 6 years ago by Todd C. Miller <[email protected]>
Document that a negative value for -m will elmininate the pauses.

github.com/sudo-project/sudo - 0ffd23945ff16853e38b6892c8de30b234948d3c authored over 6 years ago by Todd C. Miller <[email protected]>
Update copyright date, remove unneeded include and add a few comments.

github.com/sudo-project/sudo - 24f8e62e7522cf1204964f836e3c7c269e7b34ae authored over 6 years ago by Todd C. Miller <[email protected]>
Use fmtsudoers functions in testsudoers.

github.com/sudo-project/sudo - e6c0d80fa8a255105dea6a94dd4db33cdb13680f authored over 6 years ago by Todd C. Miller <[email protected]>
Add test for empty runas user list.

github.com/sudo-project/sudo - 81a373677ab77361b7d00541da27404527e7870d authored over 6 years ago by Todd C. Miller <[email protected]>
Don't print an empty user list as ALL.

github.com/sudo-project/sudo - 3e7db4828430670ccd76b547a5e8b58c564d0c67 authored over 6 years ago by Todd C. Miller <[email protected]>
In sudoers_format_userspecs make the separator optional and silence

a printf format warning.

github.com/sudo-project/sudo - bb31544fcc0940c392ef1eff1a700650fd9b666f authored over 6 years ago by Todd C. Miller <[email protected]>
Use correct defines when checking for sysctl kinfo_proc support.

github.com/sudo-project/sudo - f984de1ba991dcafafd7926f894fdb7cd8d1f062 authored over 6 years ago by Todd C. Miller <[email protected]>
Fix crash when converting sudoers entry with a runas list that is

present but empty.

github.com/sudo-project/sudo - bdbd102c9c0f3fb2c0af9f2eeef2abe78390b551 authored over 6 years ago by Todd C. Miller <[email protected]>
Less confusing sysctl checks for kinfo_proc.

github.com/sudo-project/sudo - 217e0a9b4baad9915f3ed583887d5f07edbb4d5e authored over 6 years ago by Todd C. Miller <[email protected]>
Add case_insensitive_group and case_insensitive_user sudoers options,

which are enabled by default.

github.com/sudo-project/sudo - e26ef96a65f045673a100be8cb36a6b0ccbe205b authored over 6 years ago by Todd C. Miller <[email protected]>
Kill dead store found by clang-analyzer.

github.com/sudo-project/sudo - 6014b4075cff2af32bfd0c35a1f85fa42469123b authored over 6 years ago by Todd C. Miller <[email protected]>
Initial support for adding comments that will be emitted when

sudoers is formatted. Currently adds a comment for the source
sudoRole when converting from ldif...

github.com/sudo-project/sudo - 5c36f9dec31c54f1ebc35ef5dcdd473736947205 authored over 6 years ago by Todd C. Miller <[email protected]>
Special case comment lines in lbufs.

github.com/sudo-project/sudo - 670d8e6d77ce327cfbf1f53cc8764652b4cc47d0 authored over 6 years ago by Todd C. Miller <[email protected]>
Handle escaped commas when skipping over the cn.

github.com/sudo-project/sudo - 843213d3de5bb423493d8ee637880b1b9fa8acc3 authored over 6 years ago by Todd C. Miller <[email protected]>
When formatting as sudoers, flush the lbuf after each userspec.

github.com/sudo-project/sudo - c9b70940cf82cf7a547458966e5c47dd9c9cd679 authored over 6 years ago by Todd C. Miller <[email protected]>
Add tests for round-tripping sudoers -> ldif -> sudoers

github.com/sudo-project/sudo - 4874068070485419d695a5ac6a81cf2a41c7367e authored over 6 years ago by Todd C. Miller <[email protected]>
Add missing sudoOrder support to parse_ldif().

github.com/sudo-project/sudo - 72dd971ee185aec631b94df1f2449b1a43b77184 authored over 6 years ago by Todd C. Miller <[email protected]>
Add missing support for converting LOG_INPUT/LOG_OUTPUT tags and

expand support for NOMAIL tags.

github.com/sudo-project/sudo - 8c7f3e791ca2ba86cef977b17a9943509ae49c77 authored over 6 years ago by Todd C. Miller <[email protected]>
Don't emit an empty sudoRole for global defaults if there are none.

github.com/sudo-project/sudo - 44fc165e7c01bdab1c03fd95d08d13a190c78f75 authored over 6 years ago by Todd C. Miller <[email protected]>
Avoid changing the order of non-negated hosts and commands.

We still put negated hosts/commands at the end of the list.

github.com/sudo-project/sudo - e96398cac27336f941a3bbb705e3dd6029ed0011 authored over 6 years ago by Todd C. Miller <[email protected]>
Handle parsing boolean options that have no explicit value.

github.com/sudo-project/sudo - e750bae75d819ff6b54e7f5949c3857654a1178d authored over 6 years ago by Todd C. Miller <[email protected]>
Refactor the code that actually converts the role to sudoers format

into role_to_sudoers() now that it is more involved than just calling
sudo_ldap_role_to_priv().

github.com/sudo-project/sudo - 9af4447c3d9aae823724ca4a7707210188812c89 authored over 6 years ago by Todd C. Miller <[email protected]>
When merging two privileges, use the runas lists of the previous

privilege when possible. Otherwise, the generated sudoers line
will include a runas list for com...

github.com/sudo-project/sudo - 9b20bb1493d6749d05d43097e77d7b5e65d3cd42 authored over 6 years ago by Todd C. Miller <[email protected]>
Use a case-insensitive comparison when matching user and group names

in sudoers with the passwd or group database. This can be necessary
when users and groups are st...

github.com/sudo-project/sudo - fff4acc1f700267511735ec78aeb7960d345bfae authored over 6 years ago by Todd C. Miller <[email protected]>
Fix clean target for *.sudo regress files

github.com/sudo-project/sudo - 88bc4ba86522705558d49dea49541e8b89f82ca1 authored over 6 years ago by Todd C. Miller <[email protected]>
ignore more binaries

github.com/sudo-project/sudo - 0804cda64e3b8ec4af579c70dc36f943094f3324 authored over 6 years ago by Todd C. Miller <[email protected]>
Fix use of uninitialized variable (conf) if sudoers_debug_register()

happens to fail.

github.com/sudo-project/sudo - 8275ab873f8174d55b83eeebadf7e0dcac733fce authored over 6 years ago by Todd C. Miller <[email protected]>
Split conversion code out of parse_ldif() and into ldif_to_sudoers().

github.com/sudo-project/sudo - 73b5f961eeda7a5563ffa143e8442b5302a8c0a3 authored over 6 years ago by Todd C. Miller <[email protected]>
Quiet a clang analyzer warning.

github.com/sudo-project/sudo - 8da213c8be74e23e9e6c008c2ff27e0a0c653668 authored over 6 years ago by Todd C. Miller <[email protected]>
rename ldap_common.c -> ldap_util.c

github.com/sudo-project/sudo - 120bb6de7f6b2f319aab3f20220822f17aa02268 authored over 6 years ago by Todd C. Miller <[email protected]>
When converting from ldif to sudoers, sudoRole objects with the

same user if possible. If both user and host are the same, merge
into a single privilege. This ...

github.com/sudo-project/sudo - 3a2ae844ecb10fea81e5979627959a5d28d93f83 authored over 6 years ago by Todd C. Miller <[email protected]>
plug memory leaks

github.com/sudo-project/sudo - 56bdde13392c8574f615285be70ea648ae456e83 authored over 6 years ago by Todd C. Miller <[email protected]>
Restore line to set MODE_PRESERVE_ENV in flags when the -E command

line option is used. The caller doesn't check MODE_PRESERVE_ENV
these days but parse_args uses i...

github.com/sudo-project/sudo - 4b29e0bd707b1da7570804beb2d5dc6abe0f51e5 authored over 6 years ago by Todd C. Miller <[email protected]>
Add missing close parenthesis in "Including other files from within

sudoers" section. Bug #824

github.com/sudo-project/sudo - 12affcd5ef0dcea29d09169402ee0cb07c9a86a2 authored over 6 years ago by Todd C. Miller <[email protected]>
When converting from LDAP to sudoers, put negated hosts and commands

at the end of the list. Since LDAP doesn't guarantee attribute order
we need to make sure negate...

github.com/sudo-project/sudo - 7919b9ad2e145034cafacb364f28d5d228b52f2c authored over 6 years ago by Todd C. Miller <[email protected]>
We may need the hostname to resolve %h escapes in include files.

github.com/sudo-project/sudo - 6f097eb023b0632d8fc7b30320d5a30126b90a1d authored over 6 years ago by Todd C. Miller <[email protected]>
Setting a sudoOrder start point of 0 will disable creation of

sudoOrder attributes in the resulting LDIF output.

github.com/sudo-project/sudo - b3a0c3272b59d744a1313772bafd2c2c5b44680e authored over 6 years ago by Todd C. Miller <[email protected]>
Don't need to fill in struct sudo_user since we don't do matching.

github.com/sudo-project/sudo - 111d79b53c0469eb5a436c53072c4ea19d13efd1 authored over 6 years ago by Todd C. Miller <[email protected]>
Add support for setting default options in a config file. In

addition to expand_aliases, input_format and output_format, both
the initial sudoOrder and the in...

github.com/sudo-project/sudo - 5999cfb906762f386cb500ea196a1a7db6029081 authored over 6 years ago by Todd C. Miller <[email protected]>
cvtsudoers can now read LDIF

github.com/sudo-project/sudo - fc82a16655e566277678d2530e85f6bdf2d63b83 authored over 6 years ago by Todd C. Miller <[email protected]>
Fix a typo.

github.com/sudo-project/sudo - bb062332479255d8618666f6daeefc2f6a187512 authored over 6 years ago by Todd C. Miller <[email protected]>
Deal with user_name not being set in cvtsudoers.

github.com/sudo-project/sudo - 19502307aacffca11321edc48fea64a9b8e61f7f authored over 6 years ago by Todd C. Miller <[email protected]>
Initial support for parsing sudoers LDIF files in cvtsudoers.

This makes it possible to convert from LDAP sudoers to a traditional
sudoers file. Semantic diff...

github.com/sudo-project/sudo - ceea24b96554951c21b1241c6ec74eb61d5cc28d authored over 6 years ago by Todd C. Miller <[email protected]>
Fix LDIF conversion of commands with an associated digest.

github.com/sudo-project/sudo - 8b22ed783786bb6e53f0d20b2dc36f1a8486342c authored over 6 years ago by Todd C. Miller <[email protected]>
In array_to_member_list() use the correct type for netgroups and

user groups.

github.com/sudo-project/sudo - 91f97d2f23843f73a868b9b691fc1c9e2eaa27b8 authored over 6 years ago by Todd C. Miller <[email protected]>
Prepend digest to command if present.

Fix printing of group IDs and non-unix groups.

github.com/sudo-project/sudo - 337ace6441c066ff2a9785a1b0df1666077cf5fd authored over 6 years ago by Todd C. Miller <[email protected]>
Fix gcc false positive for uninitialized variable

github.com/sudo-project/sudo - c13557b6cb0355754086b5cb45c6aed31860df7a authored over 6 years ago by Todd C. Miller <[email protected]>
Update Polypkg to the latest version from git.

github.com/sudo-project/sudo - 03f94d62f97d5efefb1507380564a6b21d4c9dad authored over 6 years ago by Todd C. Miller <[email protected]>
Use setpassent() and setgroupent() on systems that support it to

keep the passwd and group database open. Sudo does a lot of passwd
and group lookups so it can b...

github.com/sudo-project/sudo - faa5baac9b0a228ece99969812aebe8d44f584b2 authored over 6 years ago by Todd C. Miller <[email protected]>
Add option to cvtsudoers to expand aliases in the output.

github.com/sudo-project/sudo - 4f9296928c998f322078b8599ce671ff00c623ff authored over 6 years ago by Todd C. Miller <[email protected]>
Fix conversion of "ALL" in the JSON output format, which was being

printed as an alias.

github.com/sudo-project/sudo - 3f204c5eb8b93e46c54a1bd3a2e8cb396b219db4 authored over 6 years ago by Todd C. Miller <[email protected]>
Clarify that --with-rundir and --with-vardir take sudo-specific directory,

e.g. /var/run/sudo and not just /var/run. Bug #823

github.com/sudo-project/sudo - e48cbfc10c995abf713ffb64bf31a907f97f9921 authored over 6 years ago by Todd C. Miller <[email protected]>
In pty_cleanup() we need to call sudo_term_restore() even if no I/O

plugins are present as long as /dev/tty exists. Fixes the use_pty
case with no I/O plugins.

github.com/sudo-project/sudo - d5d170252a1065a6b10c3e8d0a7df1aee13a33df authored over 6 years ago by Todd C. Miller <[email protected]>
Add sudo_ev_dispatch(), a wrapper for ev_loop() with no flags.

Similar the dispatch function in libevent.

github.com/sudo-project/sudo - 42fe0409f61ac4fd862a4756fa9b630d5e67553b authored over 6 years ago by Todd C. Miller <[email protected]>
Use /run in preference to /var/run if it exists.

Bug #822

github.com/sudo-project/sudo - 525c6a3d94e7eca5859ffa18771f3f4d4a435a24 authored over 6 years ago by Todd C. Miller <[email protected]>
mention common sudoers formatting changes

github.com/sudo-project/sudo - 59086e9c8ac715f2051c11105dd2a15474d75922 authored over 6 years ago by Todd C. Miller <[email protected]>
Move LDAP configuration bits into ldap_conf.c

github.com/sudo-project/sudo - 43a3a23fedca0c449444b66a71879e7b2a666a80 authored over 6 years ago by Todd C. Miller <[email protected]>
No longer need to include stddef.h

github.com/sudo-project/sudo - 0c08de88cd56d8d54a2e567e0b1b6888980aa822 authored over 6 years ago by Todd C. Miller <[email protected]>
Remove dead store, found by cppcheck.

github.com/sudo-project/sudo - e2213dc1e36b53ebddab9c809eacd0e7305bfae9 authored over 6 years ago by Todd C. Miller <[email protected]>
simplify iterator

github.com/sudo-project/sudo - 34820c6b15e0fc64d1e2fdd49a88cf99f404d487 authored over 6 years ago by Todd C. Miller <[email protected]>
Silence a false positive from cppcheck.

github.com/sudo-project/sudo - 6e2a2670601337c78f10a82a9108433528711409 authored over 6 years ago by Todd C. Miller <[email protected]>
Cast version to int when printing. Avoids a cppcheck warning.

github.com/sudo-project/sudo - d0d413d07765bb0a4efc3b452f83904904f7248c authored over 6 years ago by Todd C. Miller <[email protected]>
Use an iterator instead of fragile pointer arithmetic to iterate

over value arrays in sudo_ldap_role_to_priv().

github.com/sudo-project/sudo - 4459ee42ed8beb0fad9d8aa407bfceb48d834ea4 authored over 6 years ago by Todd C. Miller <[email protected]>
Move sudoers formatting code into fmtsudoers.

github.com/sudo-project/sudo - 64e99328e3fc2e5a913c236f9e6398334c92ed01 authored over 6 years ago by Todd C. Miller <[email protected]>
Clean up some XXX in parse.c

github.com/sudo-project/sudo - dda1d6cef7b7608399eb68bb0f23add82087eac2 authored over 6 years ago by Todd C. Miller <[email protected]>
Rename sudo_file_append_default() -> sudo_lbuf_append_default() and

use it for ldap and sssd too.

github.com/sudo-project/sudo - 2522229e86353d96a964fca654d248e27cee618e authored over 6 years ago by Todd C. Miller <[email protected]>
Move common bits of ldap to sudoers conversion into ldap_common.c

and use it in sssd.c.

github.com/sudo-project/sudo - 3226f7e28b7000d3c9d32346a1265a562ca7fc1e authored over 6 years ago by Todd C. Miller <[email protected]>
Convert ldap results into a sudoers userspec so we can use the "sudo

-l" output functions in parse.c.

github.com/sudo-project/sudo - 4e2402a8e4a5401b8551742074e2cb3e14803fd2 authored over 6 years ago by Todd C. Miller <[email protected]>
Don't mark sudoers.dist volatile, it only gets used on systems that

don't have the concept of volatile files.

github.com/sudo-project/sudo - 787717755b359c8905cc0c0763890dffe4f7fac4 authored over 6 years ago by Todd C. Miller <[email protected]>
Refactor member freeing code into free_member().

Refactor userspec freeing code into free_userspec().

github.com/sudo-project/sudo - 5cca4b6906f3da866cf46d696386a1c76435a657 authored over 6 years ago by Todd C. Miller <[email protected]>
Fix compilation with glibc where stdout is not constant.

github.com/sudo-project/sudo - 9d49592f1459fc899633dba9d613f49f47fbcbc4 authored over 6 years ago by Todd C. Miller <[email protected]>
For "sudo -l", if a word includes spaces, print it in double quotes.

Also escape spaces in the command path. This matches the sudoers
quoting rules.

github.com/sudo-project/sudo - 57e7b4b49e0742161eae9beab2f407629d2dba41 authored over 6 years ago by Todd C. Miller <[email protected]>
Display sudoNotBefore and sudoNotAfter in "sudo -l"

github.com/sudo-project/sudo - 3189de5bb9af76d1877dbb0a632dc6f60e32a040 authored over 6 years ago by Todd C. Miller <[email protected]>
For "sudo -l", if a word includes spaces, print it in double quotes.

Also escape spaces in the command path. This matches the sudoers
quoting rules.

github.com/sudo-project/sudo - 105ced47b8bbf6f0184abb8438501df1cfb38550 authored over 6 years ago by Todd C. Miller <[email protected]>
Add back printing of negation operator ('!') when printing a word

with spaces in it.

github.com/sudo-project/sudo - 40c200af1834a09ff461346814f32cfee11a2c89 authored over 6 years ago by Todd C. Miller <[email protected]>
Use visudo to validate "cvtsudoers -f sudoers" output.

github.com/sudo-project/sudo - 1aca11c7889dd222a0a207022a2e81b0805e929f authored over 6 years ago by Todd C. Miller <[email protected]>
Remove syslog_goodpri and syslog_badpri without a value that causes

visudo to report an error.

github.com/sudo-project/sudo - f31ba6c22f2a0c970ce2ae54fa97705d66859dc4 authored over 6 years ago by Todd C. Miller <[email protected]>
When outputting sudoers, if a word includes spaces, print it in

double quotes. Also escape spaces in the command path.

github.com/sudo-project/sudo - 61b6ae64de194c496be08c5ba3570ab1cdeca890 authored over 6 years ago by Todd C. Miller <[email protected]>
Add sudoers output format to cvtsudoers. In the future this may

be used with filters to emit a partial sudoers file instead of a
full one.

github.com/sudo-project/sudo - 3354cbd0211269dec1b82fa208cbc15d1841b87e authored over 6 years ago by Todd C. Miller <[email protected]>
When printing a member name, quote sudoers special characters unless

it is a UID/GID, in which case we print the '#' unquoted.

github.com/sudo-project/sudo - df08d0d8f464e5f94601c6c7980570cd340a910b authored over 6 years ago by Todd C. Miller <[email protected]>
Move SUDOERS_QUOTED define to parse.h

github.com/sudo-project/sudo - f4ce2b25fc6cf465272908683bf8a425aaebb11e authored over 6 years ago by Todd C. Miller <[email protected]>
Remove extraneous break statement and fix some whitespace.

github.com/sudo-project/sudo - 07d9cec271dda2d671412efa52f65a1a93114198 authored over 6 years ago by Todd C. Miller <[email protected]>
The max timeout for kernel time stamps is 60 minutes, not 3600 minutes.

github.com/sudo-project/sudo - 5de49b2d6b6fdbfc49649e303d0dc5a5256db355 authored over 6 years ago by Todd C. Miller <[email protected]>
Check the return value of sudoers_debug_register().

Coverity CID 182574

github.com/sudo-project/sudo - 5e9e641b3d2a93c213747e05bc9a4c1f7bd822f0 authored over 6 years ago by Todd C. Miller <[email protected]>
Fix memory leak, su->count is now 0 when it is unused, not 1.

Covertity CID 182573

github.com/sudo-project/sudo - f3ef0f50910e01057326b076eedc2541f2f86093 authored over 6 years ago by Todd C. Miller <[email protected]>
Quiet a clang analyzer false positive.

github.com/sudo-project/sudo - 7766278031ef3ce6b6bf06ec22256dda2f74fff6 authored over 6 years ago by Todd C. Miller <[email protected]>
Quote special characters when creating the cn as per RFC2253

github.com/sudo-project/sudo - b374effcb447af1ee08df9b76f332e7758236462 authored over 6 years ago by Todd C. Miller <[email protected]>