This lets us fix an inappropriate cast in sudo_intercept_common.c.

It is not possible to end up in intercept_write when CD_USE_PTRACE
is set.

On some systems, Nagle's algorithm was delaying receipt of the data,
causing commands with interc...

Also check for EAGAIN/EINTR when reading the message size.
Fixes a problem seen on AIX where recv...

These are not actually errors but can help gain insight into what
is going on and, in the case of...

The getgrouplist() groups array on macOS is int * instead of gid_t *.

This was missed in the previous conversion.

That way we don't need to pass event_alloc around to the log client
functions.

For the read callback, disable reader when the buffer is full.
For the write callback, disable wr...

This matches the actual prctl() call we use.

Improve Tag_Spec EBNF documentation

We shouldn't get EINTR in practice since we set SA_RESTART when
registering signal handlers but i...

exec_ptrace: fix missing sudo_pt_regs on aarch64

AArch64 already had an existing "user_pt_regs" struct and didn't need a
struct alias before the ...

Add missing colon in Tag_Spec documentation

Fix typo in sudoers comment

Fix a typo in the sudoers comment about `maxseq` param.

Introduced by 906eb19ece47023c659b4b3db...

This converts the arithmetic shifts to logical shifts.

Signed-off-by: 10054172 <[email protected]>

We can use a void * for the fd_set arrays and just add a cast when
using the FD_SET macros.

The read and write events do not set SUDO_EV_PERSIST so we need to
explicitly re-enable the event...

This is consistent with how we handle EAGAIN for read(2).

Also advise the user to use a unique prefix to avoid name space
collisions with installed Python ...

Instead of a configure check, we use endian.h (or a fallback).

This eliminates the need for a few casts and is consistent with how
create_listener() is written.

This is leftover from when ptrace_read_string() allocated its own memory.

Traditional vfork(2) semantics make it unsafe for use for more than
just vfork(2) + execve(2).

Unlike the parser fuzzer, this includes sample certs and keys.
This test would have detected the ...

A value that starts with a '/' should be treated as a path.

This makes the code easier to read and quiets a cppcheck false positive.

The manual had the correct section in the text but was installed
in the wrong directory.

Previously, in intercept mode, if the log server is unreachable the
message would be printed for ...

This should reduce the amount of time the child has to wait for
the parent to use PTRACE_SEIZE to...

This also means we can log system(3) with log_subcmds.

Also add riscv the little endian list.

See https://www.ibm.com/support/pages/apar/IJ11845

Converting fractional minutes to nanoseconds could overflow a 32-bit
integer, use long long instead.

Add AppArmor support to sudo

The replacement execve() function was passing the global environ
to exec_wrapper() instead of the...

There should have been a minor version bump for sudo 1.9.8 when
intercept was originally implemen...

But only reset intercept_allow_setid if the user didn't explicitly set it.

This prevents the packages from being created as foo.el.arch.rpm
since we were assuming that the ...

It is not possible to change the syscall return value on MIPS
so we cannot support full intercept...

sudoers now supports an APPARMOR_PROFILE option, which can be specified
as e.g.

alice ...

- Document the AppArmor userspec option in the sudoers man pages.
- Add information about the --...

Install libapparmor-dev on Debian- and Ubuntu-based Docker images so
that they can build sudo wi...

Define a new sudo setting, `apparmor_profile`, that can be used to pass
in an AppArmor profile t...

Add a new build flag, --with-apparmor, that builds sudo with AppArmor
support. Modify the build ...

Otherwise, we won't get the wait status of a suspended command
that is not being traced.

We now include all the dependent libraries when linking.
Fixes a linking problem on CentOS Stream 9.

Use strlen(), not sizeof(), on "problem parsing sudoers" since it
is a tranlated string and not a...

Use this in test_ptrace.c to be able to suspend just like sudo does.

When ptracing a process, we receive the signal-delivery-stop signal
before the group-stop signal....

Certificates generated with a CA that doesn't set the key usage
extension will fail to validate i...

That way we get reasonable error messages for missing files, etc.

Unlike BIO_new_fp(), BIO_new_file() takes an fopen-style mode string.