Ecosyste.ms: OpenCollective
An open API service for software projects hosted on Open Collective.
github.com/sudo-project/sudo
Utility to execute a command as another user
https://github.com/sudo-project/sudo
a014a2abd49f1540efc4d7b4e2bc2057903a8456 authored about 8 years ago by Todd C. Miller <[email protected]>
16551031f9bd234a879badea84d994d87b758483 authored about 8 years ago by Todd C. Miller <[email protected]>
without O_NOFOLLOW, it must be done relative to dfd. Previously
the lstat() would always fail, p...
sudo_edit_open() whether the path to be opened is symlink before
opening it. This is racey but w...
Remove unused variables when O_NOFOLLOW is not present.
26635751180689744cb90010d0922774e486f119 authored about 8 years ago by Todd C. Miller <[email protected]>from check_defaults() to validate the defaults value. In visudo,
suppress warnings from update_d...
default_binding_matches(). We can now use default_type_matches()
in check_defaults().
first parse of sudoers.
e0ac76647301a21df6047f8ea931e4396dd29469 authored about 8 years ago by Todd C. Miller <[email protected]>up locale changes. The init_defaults() function will now re-init
the sudoers locale.
to restore the user's locale since warnings are displayed in the
user's locale anyway.
user's locale afterward. Also set the warn/fatal locale helper
function so warning messages duri...
6ba2769ba821f2deb0c3016f758e60aeee8a091c authored about 8 years ago by Todd C. Miller <[email protected]>
so warning messages during sudoers loading are displayed in the
user's own locale.
visudo and testsudoers.
b5c2ca2fe55b04e9c5bd8eb26a53c2056c73f249 authored about 8 years ago by Todd C. Miller <[email protected]>its name. Otherwise, it won't take effect until sudoers lookup time.
30f7ecca10c0f36cea91c58f30d4db2f22a754d9 authored about 8 years ago by Todd C. Miller <[email protected]>set multiple times.
684161618d0e510ff4001c0a3723a03fe3405cc2 authored about 8 years ago by Todd C. Miller <[email protected]>1349bb760b7bfa17baf9dccbb14b56fdea0e98af authored about 8 years ago by Todd C. Miller <[email protected]>
variable is set in sudoers. This avoids running an early callback
more than once. For example, ...
not modified.
5e9173df7a33927f8c6ad93f631bead709c7f6be authored over 8 years ago by Todd C. Miller <[email protected]>08e369572efe0743c8c4ff731ba8690098f1a809 authored over 8 years ago by Todd C. Miller <[email protected]>
7218dbe54201f6eb87972e44470be8880d835532 authored over 8 years ago by Todd C. Miller <[email protected]>
d92a396da5aac221fa8bdd9abc8ed3b45cc55181 authored over 8 years ago by Todd C. Miller <[email protected]>
36b18c6e6461ad136b34124b13fe48acc1c1792e authored over 8 years ago by Todd C. Miller <[email protected]>
of a char *.
9b42640ef50e0bd5c532ce6230c949510679e6fc authored over 8 years ago by Todd C. Miller <[email protected]>influence how other defaults are parsed. Currently, runas_default
and sudoers_locale are process...
eae8bc9d56542c87a546eb2ee1e536ff643d42eb authored over 8 years ago by Todd C. Miller <[email protected]>
73b0ac4bc13af0072c67a6264725c55983e223ea authored over 8 years ago by Todd C. Miller <[email protected]>
in fill_args(). Bug #752
88ba54f478f4dd03fa99362ebd66c4c2ffd9cd67 authored over 8 years ago by Todd C. Miller <[email protected]>on them.
0f816c44017107d4b1f7d2e29c4587eeb4d82b35 authored over 8 years ago by Todd C. Miller <[email protected]>is set.
6f5b8cf757958ad013db348649774f21ae62c509 authored over 8 years ago by Todd C. Miller <[email protected]>unlink a shared library that is in use.
144e3bb53f21ae17cd231c5fe2b1ee7c335fd0ad authored over 8 years ago by Todd C. Miller <[email protected]>19c80f8aee73d1ffc00091d7fda206f48e429dd9 authored over 8 years ago by Todd C. Miller <[email protected]>
otherwise sudo will not treat it as a fatal error.
026b403f27906ef8669098610701dec42132e10a authored over 8 years ago by Todd C. Miller <[email protected]>Previously the sudoers locale was used when evaluating sudoers
but not during the inital parse. ...
5a176e8509d2b623b4ea685319a0468965fb5ad2 authored over 8 years ago by Todd C. Miller <[email protected]>
if we don't need to.
c56d52ea621d856e23a1474bafa11c15c2ef1952 authored over 8 years ago by Todd C. Miller <[email protected]>cbd2cf290bc7630f875f211a94172ae65cc4f9a3 authored over 8 years ago by Todd C. Miller <[email protected]>
static.
81e33e1f562ff6a8ab1c7fa921cad3290c705088 authored over 8 years ago by Todd C. Miller <[email protected]>_XOPEN_SOURCE_EXTENDED is defined. Only define _XOPEN_SOURCE_EXTENDED
if we can still compile ne...
empty.
9c7680e01664a2c36266a0d54d862c0fee0dca92 authored over 8 years ago by Todd C. Miller <[email protected]>returned an error.
66ab525f1e91e3721752c6d81912ec8cdad7647d authored over 8 years ago by Todd C. Miller <[email protected]>f683cbd582df4ed15a4d10fa56218e480be90016 authored over 8 years ago by Todd C. Miller <[email protected]>
ff2cd3cf277dce96c94f9778947697d72ef909b5 authored over 8 years ago by Todd C. Miller <[email protected]>
c4118f66f412d68c3b2d314ac30da64e4597b413 authored over 8 years ago by Todd C. Miller <[email protected]>
policy_init_session(). Bug #749
ed9b457eb2c80dd8d94c4efd8e8fb174a2de1b86 authored over 8 years ago by Todd C. Miller <[email protected]>arguments after the plugin path.
f98b481af2e1f8bf2245fb50b308a0ba7bef18d0 authored over 8 years ago by Todd C. Miller <[email protected]>3a85a8892f982cc47cf44ece71a2f7e7d7550905 authored over 8 years ago by Todd C. Miller <[email protected]>
6c7eb07e0edeb939f37ef940813b0677d0f24043 authored over 8 years ago by Todd C. Miller <[email protected]>
72f18cff9a358850d92e87c385d555015a2aa787 authored over 8 years ago by Todd C. Miller <[email protected]>
5348d32ab611e70e33eac3d4c0b3ec6bbcaf2e1e authored over 8 years ago by Todd C. Miller <[email protected]>
ea23932af0e8f86df86d651bdeaecd8bceb15904 authored over 8 years ago by Todd C. Miller <[email protected]>
d9e14bc659c6a923350dede96e814c3a40fa9cba authored over 8 years ago by Todd C. Miller <[email protected]>
63a242889254fa98704ac03fb6a647c1d7c32e1c authored over 8 years ago by Todd C. Miller <[email protected]>
user_cmnd first if it is fully-qualified. This avoids a lot of
needless stat(2) calls and avoids...
74c2dc78066c08cd07cb15e66207b57abc74092a authored over 8 years ago by Todd C. Miller <[email protected]>
ce28b15ecad4105b20faff51fcb3e8df0b17ac5f authored over 8 years ago by Todd C. Miller <[email protected]>
an exec error. We don't want to overwrite the error status but we
do need to indicate that the c...
1ec4d9918d5d28f5d36ce37406d76287fcedee19 authored over 8 years ago by Todd C. Miller <[email protected]>
12ab5b810813fd705a0c2b079cde201928ca54a1 authored over 8 years ago by Todd C. Miller <[email protected]>
bd8e3b5fb92482ced9c29c3a61d303003b5db46d authored over 8 years ago by Todd C. Miller <[email protected]>
in /etc/security/limits. When 64-bit resource limits are supported
we can use the default value ...
734b43c6b0745987c3fb5da7106ac6aaa3aff70a authored over 8 years ago by Todd C. Miller <[email protected]>
3169259821002f22016ac04dec78638301e9e8ae authored over 8 years ago by Todd C. Miller <[email protected]>
c6a21bd53d10ad8f5ec33d7cec815b6999ef46af authored over 8 years ago by Todd C. Miller <[email protected]>
instead of the system hostname.
9b027676c081e3769dbe7fb0966c3222ca3a91ab authored over 8 years ago by Todd C. Miller <[email protected]>Only check username as part of the netgroup when netgroup_tuple is
enabled.
a71cac91f2448168772d0627231006770e335b46 authored over 8 years ago by Todd C. Miller <[email protected]>
in sudo. The rules may contain mixed sudoUser specification so we have to
check not only for netg...
NULL or the user pressed ^C.
a24f4b8248510a30d7811906227dd0111b1c47fe authored over 8 years ago by Todd C. Miller <[email protected]>7a35bab8c8a08e42ff8f5d3b5befe2cdc67a35b2 authored over 8 years ago by Todd C. Miller <[email protected]>
Caught by regress checks.
fc517ba9f890e8671e5d4cdda4134c9cffd64d8b authored over 8 years ago by Todd C. Miller <[email protected]>From Daniel Kopecek.
6c3c03ea26ed7ef1e426eaa84fcc66b42daea430 authored over 8 years ago by Todd C. Miller <[email protected]>Also fix the section for ldap.conf cross-references.
638acc28cf24f3aab52f282a3e953e1284173109 authored over 8 years ago by Todd C. Miller <[email protected]>Add missing word "order" in a sentence describing sudoOrder.
77331392e05d4877b05ae051290df38ac8b5793d authored over 8 years ago by Todd C. Miller <[email protected]>for the LDAP backend. Adapted from sudo-1.8.6p3-sssdrulenames.patch
461a419d046a582d17563318e26b4221a872f5f1 authored over 8 years ago by Todd C. Miller <[email protected]>next reboot. Adapted from a RedHat patch.
c6b41b1657c29b138f3719ae5582dfffb5f4bdf8 authored over 8 years ago by Todd C. Miller <[email protected]>77179d69ded45006d8d5373025d35421f1348169 authored over 8 years ago by Todd C. Miller <[email protected]>
explicitly zero. Fixes a failure on glibc.
53ebf69af3a75d2338307a6c1df2e849bd209d8d authored over 8 years ago by Todd C. Miller <[email protected]>e93b4aa68135f8b4c3d6ce1e1c4aba5d8c4b6e28 authored over 8 years ago by Todd C. Miller <[email protected]>
db2c732931f8c03f996020f75fa893413f822b9c authored over 8 years ago by Todd C. Miller <[email protected]>
4d36fbec2ffe39199573671bb0f0abff659a9670 authored over 8 years ago by Todd C. Miller <[email protected]>
63dbb74250daf3d704624ab172c39abbc16f487a authored over 8 years ago by Todd C. Miller <[email protected]>
apparently happen on systems using Solaris-derived PAM. Other
errors from pam_open_session() are...
Reading from the pipe can block too if the other end is not closed.
356e74e1dbd9871287bd0dfb4a99efc02a82ed7d authored over 8 years ago by Todd C. Miller <[email protected]>e3514817df8561a5a93327144fcae0b50b9ecd31 authored over 8 years ago by Todd C. Miller <[email protected]>
it is legal to escape a forward slash, it is not required.
58ffab1dfa221123b95862496a550e1564899369 authored over 8 years ago by Todd C. Miller <[email protected]>domain on Solaris.
ab861b92d267e4f078b6d4d4794c8ac077262a7b authored over 8 years ago by Todd C. Miller <[email protected]>ccece8c01da15b954d6643299886d91a44ab24e2 authored over 8 years ago by Todd C. Miller <[email protected]>
mode. We now do two passes, one with SUDO_EVLOOP_NONBLOCK and
another that could block if stdin ...
223b251c19b509b1e36b84d24f910e42564ca037 authored over 8 years ago by Todd C. Miller <[email protected]>
so the event loop will exit after a single run through. Otherwise,
we may hang at exit on non-BS...
d8cfe6211336f1e8adad967167724e839c63f023 authored over 8 years ago by Todd C. Miller <[email protected]>
for this because that corresponds to the value for atomic pipe
writes. The actual pipe buffer is...
fb247aa76a43635c6ef8456e134ec9e6036cbc5b authored over 8 years ago by Todd C. Miller <[email protected]>
time, only when the user suspends sudo. Fixes a problem where all
buffers might not get flushed ...
is NULL, which can happen on the error path.
eb4510597bed7344f39bed2c37b02b11df33e7c1 authored over 8 years ago by Todd C. Miller <[email protected]>succeed if there is already a controlling tty.
a2e541aef8f39eb746e3e5ed605f42a8481ca87f authored over 8 years ago by Todd C. Miller <[email protected]>first open like a physical terminal. By definition, if you have a
controlling tty, the first ope...
4e6b6fd0fa508672ef0d7f4ba2aebe31046762a6 authored over 8 years ago by Todd C. Miller <[email protected]>
3161c05a04c12944e7f7408e6681f6fc4e773845 authored over 8 years ago by Todd C. Miller <[email protected]>