Ecosyste.ms: OpenCollective
An open API service for software projects hosted on Open Collective.
github.com/sudo-project/sudo
Utility to execute a command as another user
https://github.com/sudo-project/sudo
This setting is an argument to the sudoers plugin, similar to how
sudoers_file, sudoers_mode, sud...
360c2647602be09913ca8d0bf4f1f54df5870d9c authored about 4 years ago by Todd C. Miller <[email protected]>
For compound privilege specs, don't throw away the entire thing if
we have a syntax error, only t...
A valid line in sudoers must end in a newline or EOF.
Previously, it was possible (though not doc...
The ERROR token is now only used for errors detected by the lexer
and for which we've already pri...
A syntax error on the last line of a sudoers file with no trailing
newline is now recoverable.
94eb14c2147e94ead34acc9ce8283c340348f0c5 authored about 4 years ago by Todd C. Miller <[email protected]>
9c258de89ea545e3b0f4b59bf9ec56a0634a0de8 authored about 4 years ago by Todd C. Miller <[email protected]>
31d41853b674ebbd11e34c1558d2603e986d331d authored about 4 years ago by Todd C. Miller <[email protected]>
This way we get consistent 4-digit version numbers even for macOS
verions like 10.3 or 11.0 where...
cb2eb8ea9486c1897f8877a46b82606c39a53026 authored about 4 years ago by Todd C. Miller <[email protected]>
"sw_vers -productName" now returns "macOS", not "Mac OS X"
d12f7ccf252482c56bde5a3def847f2c2c356fda authored about 4 years ago by Todd C. Miller <[email protected]>a940a2c78ec58871e51be99f1c9c7dca1e5a96c6 authored about 4 years ago by Todd C. Miller <[email protected]>
961a4afe67c04c86d700695b188809cd984152b2 authored about 4 years ago by Todd C. Miller <[email protected]>
Otherwise, we can include the wrong file when doing an out-of-source
build when configured using ...
Now that sudo_dso_public is defined in config.h we don't need sudo_compat.h
before including the ...
985af422d2c4e806d9130a8e2f12b52c2253a3bb authored about 4 years ago by Todd C. Miller <[email protected]>
076d0376db676d7463945c890e96067fecae792a authored about 4 years ago by Todd C. Miller <[email protected]>
4b0783b0b4414ef0585ab84ef4ad58611f9447cb authored about 4 years ago by Todd C. Miller <[email protected]>
4193f548269ae729b78d72a7b57c13c571e9f9c6 authored about 4 years ago by Todd C. Miller <[email protected]>
71a879d905ed810179d306b81fcc5ae7b6211df3 authored about 4 years ago by Todd C. Miller <[email protected]>
ce97ca28db2bc09b07d555895bceafac4b8418b3 authored about 4 years ago by Todd C. Miller <[email protected]>
memset_s() (and all of Annex K) is likely to be removed from the
a future version of the standard.
This results in better error messages when there is a parse error
8a97150f563edae61e95b8ab2a187ad6aad8c1cc authored about 4 years ago by Todd C. Miller <[email protected]>Use ntuples instead of tuple_last
Strip leading and trailing double quotes using a single gsub()
...
fa5d44b8b5ed13f759c63f78efe1efc9c564ea1b authored about 4 years ago by Todd C. Miller <[email protected]>
Also fixes a false positive from the clang analyzer.
63dadad9df9d1c1d436319dce2f04115ab0301ac authored about 4 years ago by Todd C. Miller <[email protected]>We now parse the entire line before reading the include file. This
is less surprising behavior a...
3235e4353c95256be41c9d9d4af9d413aced5e5d authored about 4 years ago by Todd C. Miller <[email protected]>
We currently just discard the line with the error.
7c342e586219ee03ad12291adec7b38a9a92edb0 authored about 4 years ago by Todd C. Miller <[email protected]>91cc68d7fdeaac9e31b6fec319389bdee6d7c9d3 authored about 4 years ago by Todd C. Miller <[email protected]>
a8bfeba581aea5ba3faf9fd97bbe3c57e6251034 authored about 4 years ago by Todd C. Miller <[email protected]>
03816d020b2b629c69dddfdca4cf8fd869fe108b authored about 4 years ago by Todd C. Miller <[email protected]>
99f43f8a00171582d4e47e98eb93148e38a56545 authored about 4 years ago by Todd C. Miller <[email protected]>
Older systems may still have libssl1.0.0, not libssl1.1.
c90539015f345590c2d7156f5b58e956811e08ff authored about 4 years ago by Todd C. Miller <[email protected]>2a58b19f9622ea0c50909cff1f6dd2e9137df3b4 authored about 4 years ago by Todd C. Miller <[email protected]>
We use this even if the compiler has symbol visibility support so
we will notice mismatches betwe...
There is nothing dynamic in this file.
38e28dcbf508580f08c9a0eed423bac7bff4ef88 authored about 4 years ago by Todd C. Miller <[email protected]>This fixes building the python plugin on systems where the compiler
doesn't support symbol hiding...
974f833e175732fe83dd43c4129e83b21427cbe4 authored about 4 years ago by Todd C. Miller <[email protected]>
838255bb80b337e0abb51a2fcdf67994220b5168 authored about 4 years ago by Todd C. Miller <[email protected]>
c87a47735d57824a4cce6679b47d3e20406b4a63 authored about 4 years ago by Todd C. Miller <[email protected]>
03ad96e44580182effdb9b896938b6871bfbd8f1 authored about 4 years ago by Todd C. Miller <[email protected]>
20fd3b63636e52248c5da79e1d538bac845b5547 authored about 4 years ago by Todd C. Miller <[email protected]>
feebbd6d24e6b68a2ac064b760b5b7661eee6eeb authored about 4 years ago by Todd C. Miller <[email protected]>
6ee98cf453772e13a037ee4d8f812fe6f28460e6 authored about 4 years ago by Todd C. Miller <[email protected]>
054939c1ed8160f97cd21dbec2afebeedeab6e68 authored over 4 years ago by kuberlog <[email protected]>
bcf96c153f0e8139fe6c3798a9c5e8634fd2425b authored over 4 years ago by Todd C. Miller <[email protected]>
In this case, just use the full openssl libs to get the sha2 functions.
bd24a322cca90e000e372d3f98f69553f6f1d755 authored over 4 years ago by Todd C. Miller <[email protected]>10f8bb6398073075e9ea2e86d97c23b327ab22e2 authored over 4 years ago by Todd C. Miller <[email protected]>
6a9ed1998bb4cc67bf5262c3dbd8fa06cdcf143f authored over 4 years ago by Todd C. Miller <[email protected]>
This fixes the missing HAVE_GSSAPI_GSSAPI_H define in config.h.in.
TODO: replace shadow_funcs var...
We will need them if there is an error parsing sudoers and leaving
them unset can result in NULL ...
1e4ce8525a71dfd45f57002d5c91fa4fbf37a7ff authored over 4 years ago by Todd C. Miller <[email protected]>
b9ad3704d7eb49c3290cf097eed534a10922b173 authored over 4 years ago by Todd C. Miller <[email protected]>
d6bc75e1e05129b273da5a64495eeab1fa65615f authored over 4 years ago by Todd C. Miller <[email protected]>
3175049e4568efc82ea003b1b1a6a240818b2cc0 authored over 4 years ago by Todd C. Miller <[email protected]>
When sudoers is loaded as a policy plugin, it will be loaded
automatically as an audit plugin. L...
e9a39c149a23ef286fb978a8134ada221e3c0352 authored over 4 years ago by Todd C. Miller <[email protected]>
660738139bf5a717f6e783328a7ae0578653d0cd authored over 4 years ago by Todd C. Miller <[email protected]>
hppa64 and ia64 use PIC by default
9ef09595f9a7ec0683e50538e42a3abfc03cbb4c authored over 4 years ago by Todd C. Miller <[email protected]>We support linking against static openssl libs too.
4cadd549513ef35d4d740e941576294f4491d13d authored over 4 years ago by Todd C. Miller <[email protected]>RedHat dropped the word "server" from the release name in redhat-release
which results in the awk...
820d6ae207a0df8b85acf8f684cccfde72016445 authored over 4 years ago by Todd C. Miller <[email protected]>
These don't translate well and look odd in many fonts.
df49897bd0e2c2995b4d494e7bec7ca4ed52f276 authored over 4 years ago by Todd C. Miller <[email protected]>95ba6645d2b18f30f29803a9a054e3f8e289aa08 authored over 4 years ago by Todd C. Miller <[email protected]>
1cec928d17f1e23a9776225bbbf97b82cb218cf2 authored over 4 years ago by Todd C. Miller <[email protected]>
Note that clang 10 has support for -Wimplicit-fallthrough in C code
but doesn't recognize lint-st...
23b1ee2f45d9809201c3aae0dfda11359bd7acbb authored over 4 years ago by Todd C. Miller <[email protected]>
f2dce25ac1ed7223729a25d8439dcfe0959967fc authored over 4 years ago by Todd C. Miller <[email protected]>
802058b362ceea854030e23957bc01ecec11330b authored over 4 years ago by Todd C. Miller <[email protected]>
e6d6e9ba05b2ccf02372a88278de5532c33f787b authored over 4 years ago by Todd C. Miller <[email protected]>
65edf6344d2ce4b6460f1b8a6379ffb5a15be81d authored over 4 years ago by Todd C. Miller <[email protected]>
d4739533fd055a59b1a68094e59ade2f635bdf21 authored over 4 years ago by Todd C. Miller <[email protected]>
88393fc96fba1341cda9b6c8e8cb0bbb54430751 authored over 4 years ago by Todd C. Miller <[email protected]>
ce76c9fe8ad181edde62b17834abfed0dd050128 authored over 4 years ago by Todd C. Miller <[email protected]>
This led to a regression when the iolog_file setting ends in six or
more X's or when the I/O logs...
8bb5aedacf3b68f926b27c7d13aeb33d366da880 authored over 4 years ago by Todd C. Miller <[email protected]>
f093cb2e5220c5ca7f2d6b04483af214016b72c5 authored over 4 years ago by Todd C. Miller <[email protected]>
4a3aff156f5264c8f89c84e36da14a71a63d877f authored over 4 years ago by Todd C. Miller <[email protected]>
This is a regression introduced in sudo 1.9.0.
bee9950593dbad21da78d562c86036793a6bfdf6 authored over 4 years ago by Todd C. Miller <[email protected]>ddd3b0eced019b15fc930e0760825af2d40d723a authored over 4 years ago by Todd C. Miller <[email protected]>
7f96e4537c4583025f9f0fdf9624b54c221d59da authored over 4 years ago by Todd C. Miller <[email protected]>
d003da33dd7199c41c01e5157e2c534b669f248e authored over 4 years ago by Todd C. Miller <[email protected]>
Also add new Romanian translation
47b2df64cf7d4c347f6a3bffb8cacec2122b6bd0 authored over 4 years ago by Todd C. Miller <[email protected]>852d8c7953e63933c85cc92b36b27618cb6545c3 authored over 4 years ago by Todd C. Miller <[email protected]>
3e12b99eedd6a0312cf580246ec8ac6d925e14e2 authored over 4 years ago by Todd C. Miller <[email protected]>
The /opt/csw version, if it exists, may be a 32-bit version which
we can't link with. Also handl...
This can happen on systems with a gcc packages that was built on
and older versions of the OS whe...
Otherwise we may get other flags used to build python that conflict
with what sudo uses.
No longer prefer the Solaris Studio C compiler over gcc, it causes
issues with the Python plugin.
8da1f31954569db15ebf2033b90326dcbd01b60b authored over 4 years ago by Todd C. Miller <[email protected]>
3f4de69497e02f06e4814984af74479d1a3c0e59 authored over 4 years ago by Todd C. Miller <[email protected]>
d4e92164f539922355acaa43c56c05943495dd93 authored over 4 years ago by Todd C. Miller <[email protected]>
This is only used when logging events from plugins other than sudoers,
such as an approval plugin...
Use BSM audit on Illumos, which lacks Solaris audit.
15d93a1ca7939dbc775d4c1abd9fde66de3cca7b authored over 4 years ago by Todd C. Miller <[email protected]>In sudoers_policy_close() only warn about being unable to run the
command if we actually opened t...
If a policy or approval plugin denies the command, command_details
will not have been filled out.
The file name in struct userspec was not set for the LDAP and SSSD
backends. There is no actual ...
b40551dc32907f6c20f468f6ca6d6fb91bd1d44a authored over 4 years ago by Todd C. Miller <[email protected]>