above. Bug #737

via the Makefile like other consumers of _PATH_SUDO_CONF. Bug #735

AIX which can have different name <-> ID mappings depending
on whether the database is local, LDA...

f[0-9] for the rpm distro name provided by pp. Since the version
numbers of Fedora and RHEL are ...

as well as arg_len and arg_size after freeing sudoerslval.command.args.

event structures. Quiets a memory leak warnings from address
sanitizer and valgrind.

plugin. Almost identical to what sudo.c uses. Currenly only the
environment strings are collect...

list when freeing them.

a call to gc_exit.

exit to appease address sanitizer's leak detector (and valgrind's
leak checker). We can't free t...

password which needs to be freed after checking (and clearing) it.

a NULL poiner so there's no need to check before calling it. Add
missing initialization of sss_s...

Previously we fell through to the default case which just logged a
debug message and returned so ...

documents.

happen if the front-end calls iolog_open with argc == 0 but actually
runs a command.

restore it properly. Previously we were setting the registry to
unrestricted instead of actually...

higher one. For example, for "pcomm@debug,all@warn" the "all@warn"
should not set pcomm to "warn...

in sudoers.

and sudoedit will try to create a file with the null string. If
path is empty, open the cwd inst...

support O_DIRECTORY so simplify the definition of DIR_OPEN_FLAGS a
bit.

flags. Previously, flags were only set and never cleared even if
the boolean value was false. T...

for a similar purpose.

checks manually where possible. This also allows us to remove the
#ifdef __linux__ bits since we...

details from the log_input and log_output descriptions to it.

talking about the sudoers file.

pread64() on that platform.

lots of concatenation.

whitespace between a '!' and the name in a sudoOption.

whitespace between a '!' and the name in a sudoOption.

for systems without O_NOFOLLOW.

instead of once per netgroup_base.

Fixes "sudo -l -h other_host" for LDAP and sssd.

sudo_edit_open_nonwritable() since if not, the openat() will fail
with ENOTDIR anyway.

path and refuses to follow symlinks in writable directories.
This is a better fix for CVE-2015-56...

checksummed.

already present.

value of NULL).

into a preload_dso() function. Also avoid allocating a new copy
of the environment array if the ...

Document that I/O logs are in gzip format by default.

strip out any whitespace on either side of the operator.

execution.

netgroup pass unless sudo_ldap_check_non_unix_group() returns true.
This was preventing the mail_...

regardless of whether or not there was an actual match. Otherwise,
warning mail may be sent whic...

lexer.

yyleng. Old flex uses int for yyleng so we need to use a cast to
avoid a sign compare warning.

there are duplicates only keep the first instance.

Bug #727

systems with _FORTIFY_SOURCE support we'll get an error due to the
lack of optimization flags. B...

the test program.

rpath settings to allow the stack protector lib to be found. Avoid
using existing CFLAGS since w...

may be missing the ssp library even though the compiler supports it.

since ENOTDIR can be a legitimate errno. This avoids a bogus
"directory is writable" error in th...