diff options
| author | Todd C. Miller <millert@cvs.openbsd.org> | 1999-11-18 16:39:36 +0000 |
|---|---|---|
| committer | Todd C. Miller <millert@cvs.openbsd.org> | 1999-11-18 16:39:36 +0000 |
| commit | b3d56189a39a2197267eddb14e6a43263ba017c1 (patch) | |
| tree | 9f60fdbb803576715505a3a7862deb9a9670eb1f /gnu | |
| parent | a136910fdeca0f774ebd9ce6d7676e75276cc8e0 (diff) | |
remove old GPL'd sudo
Diffstat (limited to 'gnu')
29 files changed, 0 insertions, 9305 deletions
diff --git a/gnu/usr.bin/sudo/sudo/Makefile b/gnu/usr.bin/sudo/sudo/Makefile deleted file mode 100644 index 225a0c64da1..00000000000 --- a/gnu/usr.bin/sudo/sudo/Makefile +++ /dev/null @@ -1,41 +0,0 @@ -# $OpenBSD: Makefile,v 1.6 1999/03/29 20:29:00 millert Exp $ - -PROG= sudo -MAN= sudo.8 sudoers.5 -CFLAGS+=-I${.CURDIR} -I. -SRCS= check.c find_path.c getspwuid.c goodpath.c interfaces.c logging.c parse.c sudo.c sudo_setenv.c tgetpass.c sudo.tab.c lex.yy.c alloc.c -CLEANFILES+=sudo.tab.c sudo.tab.h lex.yy.c - -LDADD= -lcompat -DPADD= ${LIBCOMPAT} - -.include <bsd.own.mk> # For SKEY, KERBEROS and KERBEROS5 - -.if (${SKEY} == "yes") -CFLAGS+=-DHAVE_SKEY -LDADD+= -lskey -DPADD+= ${LIBSKEY} -.endif - -.if (${KERBEROS5} == "yes") -CFLAGS+= -DHAVE_KERB5 -I${DESTDIR}/usr/include/kerberosIV -LDADD+= -lkrb5 -lcrypto -DPADD+= ${LIBKRB5} ${LIBCRYPTO} -.elif (${KERBEROS} == "yes") -CFLAGS+= -DHAVE_KERB4 -I${DESTDIR}/usr/include/kerberosIV -LDADD+= -lkrb -ldes -DPADD+= ${LIBKRB} ${LIBDES} -.endif - -BINOWN= root -BINMODE=4111 -BINDIR?=/usr/bin - -.include <bsd.prog.mk> - -lex.yy.c: parse.lex - rm -f lex.yy.c - $(LEX) ${.CURDIR}/parse.lex - -sudo.tab.c sudo.tab.h: parse.yacc - $(YACC) -b sudo -d ${.CURDIR}/parse.yacc diff --git a/gnu/usr.bin/sudo/sudo/alloc.c b/gnu/usr.bin/sudo/sudo/alloc.c deleted file mode 100644 index 09de3570caf..00000000000 --- a/gnu/usr.bin/sudo/sudo/alloc.c +++ /dev/null @@ -1,119 +0,0 @@ -/* $OpenBSD: alloc.c,v 1.1 1999/03/29 20:29:01 millert Exp $ */ - -/* - * CU sudo version 1.5.9 - * Copyright (c) 1999 Todd C. Miller <Todd.Miller@courtesan.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 1, or (at your option) - * any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - * - * Please send bugs, changes, problems to sudo-bugs@courtesan.com - * - ******************************************************************* - * - * This module contains memory allocation routines used by sudo. - * - * Todd C. Miller <Todd.Miller@courtesan.com> Fri Jun 3 18:32:19 MDT 1994 - */ - -#include "config.h" - -#include <stdio.h> -#ifdef STDC_HEADERS -#include <stdlib.h> -#endif /* STDC_HEADERS */ -#ifdef HAVE_STRING_H -#include <string.h> -#endif /* HAVE_STRING_H */ -#ifdef HAVE_STRINGS_H -#include <strings.h> -#endif /* HAVE_STRINGS_H */ -#if defined(HAVE_MALLOC_H) && !defined(STDC_HEADERS) -#include <malloc.h> -#endif /* HAVE_MALLOC_H && !STDC_HEADERS */ - -#include "compat.h" - -#ifndef STDC_HEADERS -#ifndef __GNUC__ / *gcc has its own malloc */ -extern VOID *malloc __P((size_t)); -#endif /* __GNUC__ */ -extern char *strdup __P((const char *)); -#endif /* !STDC_HEADERS */ - -extern char **Argv; /* from sudo.c */ - -#ifndef lint -static const char rcsid[] = "$Sudo: alloc.c,v 1.2 1999/03/29 04:05:05 millert Exp $"; -#endif /* lint */ - - -/********************************************************************** - * - * emalloc() - * - * emalloc() calls the system malloc(3) and exits with an error if - * malloc(3) fails. - */ - -VOID *emalloc(size) - size_t size; -{ - VOID *ret; - - if ((ret = malloc(size)) == NULL) { - (void) fprintf(stderr, "%s: cannot allocate memory!\n", Argv[0]); - exit(1); - } - return(ret); -} - -/********************************************************************** - * - * erealloc() - * - * erealloc() calls the system realloc(3) and exits with an error if - * realloc(3) fails. - */ - -VOID *erealloc(ptr, size) - VOID *ptr; - size_t size; -{ - - if ((ptr = ptr ? realloc(ptr, size) : malloc(size)) == NULL) { - (void) fprintf(stderr, "%s: cannot allocate memory!\n", Argv[0]); - exit(1); - } - return(ptr); -} - -/********************************************************************** - * - * estrdup() - * - * estrdup() calls the system strdup(3) and exits with an error if - * strdup(3) fails. NOTE: unlike strdup(3), estrdup(NULL) is legal. - */ - -char *estrdup(str) - char *str; -{ - - if (str != NULL && (str = (char *)strdup(str)) == NULL) { - (void) fprintf(stderr, "%s: cannot allocate memory!\n", Argv[0]); - exit(1); - } - return(str); -} diff --git a/gnu/usr.bin/sudo/sudo/check.c b/gnu/usr.bin/sudo/sudo/check.c deleted file mode 100644 index 85cb409976e..00000000000 --- a/gnu/usr.bin/sudo/sudo/check.c +++ /dev/null @@ -1,1297 +0,0 @@ -/* $OpenBSD: check.c,v 1.15 1999/03/29 20:29:02 millert Exp $ */ - -/* - * CU sudo version 1.5.9 (based on Root Group sudo version 1.1) - * Copyright (c) 1994,1996,1998,1999 Todd C. Miller <Todd.Miller@courtesan.com> - * - * This software comes with no waranty whatsoever, use at your own risk. - * - * Please send bugs, changes, problems to sudo-bugs@courtesan.com - * - */ - -/* - * sudo version 1.1 allows users to execute commands as root - * Copyright (C) 1991 The Root Group, Inc. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 1, or (at your option) - * any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - * - ******************************************************************* - * - * check.c - * - * check_user() only returns if the user's timestamp file - * is current or if they enter a correct password. - * - * Jeff Nieusma Thu Mar 21 22:39:07 MST 1991 - */ - -#include "config.h" - -#include <stdio.h> -#ifdef STDC_HEADERS -#include <stdlib.h> -#endif /* STDC_HEADERS */ -#ifdef HAVE_UNISTD_H -#include <unistd.h> -#endif /* HAVE_UNISTD_H */ -#ifdef HAVE_STRING_H -#include <string.h> -#endif /* HAVE_STRING_H */ -#ifdef HAVE_STRINGS_H -#include <strings.h> -#endif /* HAVE_STRINGS_H */ -#include <fcntl.h> -#include <time.h> -#include <sys/param.h> -#include <sys/types.h> -#include <sys/stat.h> -#include <sys/file.h> -#include <netinet/in.h> -#include <pwd.h> -#include <grp.h> -#ifdef HAVE_KERB4 -# include <krb.h> -#endif /* HAVE_KERB4 */ -#ifdef HAVE_KERB5 -# include <krb5.h> -#endif /* HAVE_KERB5 */ -#ifdef HAVE_PAM -# include <security/pam_appl.h> -#endif /* HAVE_PAM */ -#ifdef HAVE_AFS -# include <afs/stds.h> -# include <afs/kautils.h> -#endif /* HAVE_AFS */ -#ifdef HAVE_SECURID -# include <sdi_athd.h> -# include <sdconf.h> -# include <sdacmvls.h> -#endif /* HAVE_SECURID */ -#ifdef HAVE_SKEY -# include <skey.h> -#endif /* HAVE_SKEY */ -#ifdef HAVE_OPIE -# include <opie.h> -#endif /* HAVE_OPIE */ -#ifdef HAVE_AUTHSRV -# include <firewall.h> -#endif -#ifdef HAVE_UTIME -# ifdef HAVE_UTIME_H -# include <utime.h> -# endif /* HAVE_UTIME_H */ -#else -# include "emul/utime.h" -#endif /* HAVE_UTIME */ - -#include "sudo.h" -#include "insults.h" -#include "version.h" - -#ifndef lint -static const char rcsid[] = "$Sudo: check.c,v 1.174 1999/03/29 04:05:05 millert Exp $"; -#endif /* lint */ - -/* - * Prototypes for local functions - */ -static int check_timestamp __P((void)); -static void check_passwd __P((void)); -static int touch __P((char *)); -static void update_timestamp __P((void)); -static void reminder __P((void)); -static char *expand_prompt __P((char *, char *, char *)); -#ifdef HAVE_KERB4 -static int sudo_krb_validate_user __P((struct passwd *, char *)); -#endif /* HAVE_KERB4 */ -#ifdef HAVE_KERB5 -static int sudo_krb5_validate_user __P((struct passwd *, char *)); -static int verify_krb_v5_tgt __P((krb5_ccache)); -#endif /* HAVE_KERB5 */ -#ifdef HAVE_PAM -static void pam_attempt_auth __P((void)); -static int pam_auth __P((char *, char *)); -static int PAM_conv __P((int, - PAM_CONST struct pam_message **, - struct pam_response **, void *)); -#endif /* HAVE_PAM */ -#ifdef HAVE_SKEY -static char *sudo_skeyprompt __P((struct skey *, char *)); -#endif /* HAVE_SKEY */ -#ifdef HAVE_OPIE -static char *sudo_opieprompt __P((struct opie *, char *)); -#endif /* HAVE_OPIE */ -int user_is_exempt __P((void)); - -/* - * Globals - */ -static int timedir_is_good; -static char timestampfile[MAXPATHLEN]; -#ifdef HAVE_SECURID -union config_record configure; -#endif /* HAVE_SECURID */ -#ifdef HAVE_SKEY -struct skey skey; -#endif -#ifdef HAVE_OPIE -struct opie opie; -#endif -#ifdef HAVE_KERB5 -extern krb5_context sudo_context; -extern char *realm; -extern int xrealm; -#endif /* HAVE_KERB5 */ - - - -/******************************************************************** - * - * check_user() - * - * This function only returns if the user can successfully - * verify who s/he is. - */ - -void check_user() -{ - register int rtn; - mode_t oldmask; - - if (user_is_exempt()) /* some users don't need to enter a passwd */ - return; - - oldmask = umask(077); /* make sure the timestamp files are private */ - - rtn = check_timestamp(); - if (rtn && user_uid) { /* if timestamp is not current... */ -#ifndef NO_MESSAGE - if (rtn == 2) - reminder(); /* do the reminder if ticket file is new */ -#endif /* NO_MESSAGE */ - - /* expand any escapes in the prompt */ - prompt = expand_prompt(prompt, user_name, shost); - -#ifdef HAVE_SIA - sia_attempt_auth(); -#elif HAVE_PAM - pam_attempt_auth(); -#else /* !HAVE_SIA && !HAVE_PAM */ - check_passwd(); -#endif /* HAVE_SIA */ - } - - update_timestamp(); - (void) umask(oldmask); /* want a real umask to exec() the command */ - -} - - - -/******************************************************************** - * - * user_is_exempt() - * - * this function checks the user is exempt from supplying a password. - */ - -int user_is_exempt() -{ -#ifdef EXEMPTGROUP - struct group *grp; - char **gr_mem; - - if ((grp = getgrnam(EXEMPTGROUP)) == NULL) - return(FALSE); - - if (getgid() == grp->gr_gid) - return(TRUE); - - for (gr_mem = grp->gr_mem; *gr_mem; gr_mem++) { - if (strcmp(user_name, *gr_mem) == 0) - return(TRUE); - } - - return(FALSE); -#else - return(FALSE); -#endif -} - - - -/******************************************************************** - * - * check_timestamp() - * - * this function checks the timestamp file. If it is within - * TIMEOUT minutes, no password will be required - */ - -static int check_timestamp() -{ - register char *p; - struct stat statbuf; - register int timestamp_is_old = -1; - time_t now; - -#ifdef USE_TTY_TICKETS - if (p = strrchr(tty, '/')) - p++; - else - p = tty; - - if (sizeof(_PATH_SUDO_TIMEDIR) + strlen(user_name) + strlen(p) + 2 > - sizeof(timestampfile)) { - (void) fprintf(stderr, "%s: path too long: %s/%s:%s\n", Argv[0], - _PATH_SUDO_TIMEDIR, user_name, p); - exit(1); - } - (void) sprintf(timestampfile, "%s/%s:%s", _PATH_SUDO_TIMEDIR, user_name, p); -#else - if (sizeof(_PATH_SUDO_TIMEDIR) + strlen(user_name) + 1 > - sizeof(timestampfile)) { - (void) fprintf(stderr, "%s: path too long: %s/%s\n", Argv[0], - _PATH_SUDO_TIMEDIR, user_name); - exit(1); - } - (void) sprintf(timestampfile, "%s/%s", _PATH_SUDO_TIMEDIR, user_name); -#endif /* USE_TTY_TICKETS */ - - timedir_is_good = 1; /* now there's an assumption for ya... */ - - /* become root */ - set_perms(PERM_ROOT, 0); - - /* - * walk through the path one directory at a time - */ - for (p = timestampfile + 1; (p = strchr(p, '/')); *p++ = '/') { - *p = '\0'; - if (stat(timestampfile, &statbuf) < 0) { - if (strcmp(timestampfile, _PATH_SUDO_TIMEDIR)) - (void) fprintf(stderr, "Cannot stat() %s\n", timestampfile); - timedir_is_good = 0; - *p = '/'; - break; - } - } - - /* - * if all the directories are stat()able - */ - if (timedir_is_good) { - /* - * last component in _PATH_SUDO_TIMEDIR must be owned by root - * and mode 0700 or we ignore the timestamps in it. - */ - if (statbuf.st_uid != 0 || (statbuf.st_mode & 0000077)) { - timedir_is_good = 0; - timestamp_is_old = 2; - log_error(BAD_STAMPDIR); - inform_user(BAD_STAMPDIR); - } else if (stat(timestampfile, &statbuf)) { - /* timestamp file does not exist? */ - timestamp_is_old = 2; /* return (2) */ - } else { - /* check the time against the timestamp file */ - now = time((time_t *) NULL); - if (TIMEOUT && now - statbuf.st_mtime < 60 * TIMEOUT) { - /* check for bogus time on the stampfile */ - if (statbuf.st_mtime > now + 60 * TIMEOUT * 2) { - timestamp_is_old = 2; /* bogus time value */ - log_error(BAD_STAMPFILE); - inform_user(BAD_STAMPFILE); - remove_timestamp(); - } else { - timestamp_is_old = 0; /* time value is reasonable */ - } - } else { - timestamp_is_old = 1; /* else make 'em enter password */ - } - } - } - /* - * there was a problem stat()ing a directory - */ - else { - timestamp_is_old = 2; /* user has to enter password + reminder */ - /* make the TIMEDIR directory */ - if (mkdir(_PATH_SUDO_TIMEDIR, S_IRWXU)) { - perror("check_timestamp: mkdir"); - timedir_is_good = 0; - } else { - timedir_is_good = 1; /* _PATH_SUDO_TIMEDIR now exists */ - } - } - - /* relinquish root */ - set_perms(PERM_USER, 0); - - return (timestamp_is_old); -} - - - -/******************************************************************** - * - * touch() - * - * This function updates the access and modify times on a file - * via utime(2). - */ - -static int touch(file) - char *file; -{ -#if defined(HAVE_UTIME) && !defined(HAVE_UTIME_NULL) -#ifdef HAVE_UTIME_POSIX -#define UTP (&ut) - struct utimbuf ut; - - ut.actime = ut.modtime = time(NULL); -#else -#define UTP (ut) - /* old BSD <= 4.3 has no struct utimbuf */ - time_t ut[2]; - - ut[0] = ut[1] = time(NULL); -#endif /* HAVE_UTIME_POSIX */ -#else -#define UTP NULL -#endif /* HAVE_UTIME && !HAVE_UTIME_NULL */ - - return(utime(file, UTP)); -} -#undef UTP - - - -/******************************************************************** - * - * update_timestamp() - * - * This function changes the timestamp to "now" - */ - -static void update_timestamp() -{ - if (timedir_is_good) { - /* become root */ - set_perms(PERM_ROOT, 0); - - if (touch(timestampfile) < 0) { - int fd = open(timestampfile, O_WRONLY | O_CREAT | O_TRUNC, 0600); - - if (fd < 0) - perror("update_timestamp: open"); - else - close(fd); - } - - /* relinquish root */ - set_perms(PERM_USER, 0); - } -} - - - -/******************************************************************** - * - * remove_timestamp() - * - * This function removes the timestamp ticket file - */ - -void remove_timestamp() -{ -#ifdef USE_TTY_TICKETS - char *p; - - if (p = strrchr(tty, '/')) - p++; - else - p = tty; - - if (sizeof(_PATH_SUDO_TIMEDIR) + strlen(user_name) + strlen(p) + 2 > - sizeof(timestampfile)) { - (void) fprintf(stderr, "%s: path too long: %s/%s:%s\n", Argv[0], - _PATH_SUDO_TIMEDIR, user_name, p); - exit(1); - } - (void) sprintf(timestampfile, "%s/%s:%s", _PATH_SUDO_TIMEDIR, user_name, p); -#else - if (sizeof(_PATH_SUDO_TIMEDIR) + strlen(user_name) + 1 > - sizeof(timestampfile)) { - (void) fprintf(stderr, "%s: path too long: %s/%s\n", Argv[0], - _PATH_SUDO_TIMEDIR, user_name); - exit(1); - } - (void) sprintf(timestampfile, "%s/%s", _PATH_SUDO_TIMEDIR, user_name); -#endif /* USE_TTY_TICKETS */ - - /* become root */ - set_perms(PERM_ROOT, 0); - - /* remove the ticket file */ - (void) unlink(timestampfile); - - /* relinquish root */ - set_perms(PERM_USER, 0); -} - - - -/******************************************************************** - * - * check_passwd() - * - * This function grabs the user's password and checks with the password - * in /etc/passwd (or uses other specified authentication method). - */ - -#ifdef HAVE_SECURID -static void check_passwd() -{ - struct SD_CLIENT sd_dat, *sd; /* SecurID data block */ - register int counter = TRIES_FOR_PASSWORD; - - (void) memset((VOID *)&sd_dat, 0, sizeof(sd_dat)); - sd = &sd_dat; - - /* Initialize SecurID. */ - set_perms(PERM_ROOT, 0); - creadcfg(); - if (sd_init(sd) != 0) { - (void) fprintf(stderr, "%s: Cannot contact SecurID server\n", Argv[0]); - exit(1); - } - - /* - * you get TRIES_FOR_PASSWORD times to guess your password - */ - while (counter > 0) { - if (sd_auth(sd) == ACM_OK) { - set_perms(PERM_USER, 0); - return; - } - - --counter; /* otherwise, try again */ - pass_warn(stderr); - } - set_perms(PERM_USER, 0); - - if (counter > 0) { - log_error(PASSWORD_NOT_CORRECT); - inform_user(PASSWORD_NOT_CORRECT); - } else { - log_error(PASSWORDS_NOT_CORRECT); - inform_user(PASSWORDS_NOT_CORRECT); - } - - exit(1); -} -#else /* !HAVE_SECURID */ -#ifdef HAVE_AUTHSRV -static void check_passwd() -{ - char *pass; /* this is what gets entered */ - Cfg *confp; - - char cbuf[128]; - char ubuf[128], buf[128]; - register int counter = TRIES_FOR_PASSWORD; - - if ((confp = cfg_read("sudo")) == (Cfg *)-1) { - fprintf(stderr, "Cannot read config.\n"); - exit(1); - } - - /* Initialize Auth Client */ - auth_open(confp); - - /* get welcome message from auth server */ - if (auth_recv(buf, sizeof(buf))) { - sprintf(buf, "Lost connection to server"); - fprintf(stderr, "%s\n", buf); - exit(1); - } - - if (strncmp(buf, "Authsrv ready", 13)) { - fprintf(stderr, "Auth server error %s\n", buf); - auth_close(); - exit(1); - } - - /* - * you get TRIES_FOR_PASSWORD times to guess your password - */ - while (counter > 0) { - - sprintf(cbuf,"authorize %s sudo",user_name); - - auth_send(cbuf); - auth_recv(cbuf,sizeof(cbuf)); - - if (!strncmp(cbuf, "challenge ", 10)) { - sprintf(buf, "Challenge \"%s\": ", &cbuf[10]); - pass = GETPASS(buf, PASSWORD_TIMEOUT * 60); - } else if (!strncmp(cbuf, "password", 8)) { - pass = GETPASS(buf, PASSWORD_TIMEOUT * 60); - } else { - fprintf(stderr, "Server sent %s\n", cbuf); - auth_close(); - exit(1); - } - - sprintf(cbuf, "response '%s'", pass); - auth_send(cbuf); - auth_recv(cbuf, sizeof(cbuf)); - - if (!strncmp(cbuf, "ok", 2)) { - /* Success */ - /*inform_user(cbuf);*/ - set_perms(PERM_USER, 0); - auth_close(); - return; - } else { - fprintf(stderr, "Server returned %s\n", cbuf); - } - pass_warn(stderr); - --counter; /* otherwise, try again */ - } - - set_perms(PERM_USER, 0); - - auth_close(); - - if (counter > 0) { - log_error(PASSWORD_NOT_CORRECT); - inform_user(PASSWORD_NOT_CORRECT); - } else { - log_error(PASSWORDS_NOT_CORRECT); - inform_user(PASSWORDS_NOT_CORRECT); - } - exit(1); -} -#else /* !HAVE_AUTHSRV */ - -static void check_passwd() -{ - char *pass; /* this is what gets entered */ - int counter = TRIES_FOR_PASSWORD; -#if defined(HAVE_KERB4) && defined(USE_GETPASS) - char kpass[_PASSWD_LEN + 1]; -#endif /* HAVE_KERB4 && USE_GETPASS */ -#ifdef HAVE_AUTHENTICATE - char *message; - int reenter; -#endif /* HAVE_AUTHENTICATE */ - -#ifdef HAVE_SKEY - (void) memset((VOID *)&skey, 0, sizeof(skey)); -#endif /* HAVE_SKEY */ -#ifdef HAVE_OPIE - (void) memset((VOID *)&opie, 0, sizeof(opie)); -#endif /* HAVE_OPIE */ - - /* - * you get TRIES_FOR_PASSWORD times to guess your password - */ - while (counter > 0) { - -#ifdef HAVE_AUTHENTICATE - /* use AIX authenticate() function */ - pass = GETPASS(buf, PASSWORD_TIMEOUT * 60); - reenter = 1; - if (authenticate(user_name, pass, &reenter, &message) == 0) - return; /* valid password */ -#else /* HAVE_AUTHENTICATE */ -# ifdef HAVE_SKEY - /* rewrite the prompt if using s/key since the challenge can change */ - set_perms(PERM_ROOT, 0); - prompt = sudo_skeyprompt(&skey, prompt); - set_perms(PERM_USER, 0); -# endif /* HAVE_SKEY */ -# ifdef HAVE_OPIE - /* rewrite the prompt if using OPIE since the challenge can change */ - set_perms(PERM_ROOT, 0); - prompt = sudo_opieprompt(&opie, prompt); - set_perms(PERM_USER, 0); -# endif /* HAVE_OPIE */ - - /* get a password from the user */ -# if defined(HAVE_KERB4) && defined(USE_GETPASS) - (void) des_read_pw_string(kpass, sizeof(kpass) - 1, prompt, 0); - pass = kpass; -# else - pass = (char *) GETPASS(prompt, PASSWORD_TIMEOUT * 60); -# endif /* HAVE_KERB4 */ - -# ifdef HAVE_SKEY - /* Only check s/key db if the user exists there */ - if (skey.keyfile) { - set_perms(PERM_ROOT, 0); - if (skeyverify(&skey, pass) == 0) { - set_perms(PERM_USER, 0); - return; /* if the key is correct return() */ - } - set_perms(PERM_USER, 0); - } -# endif /* HAVE_SKEY */ -# ifdef HAVE_OPIE - /* Only check OPIE db if the user exists there */ - if (opie.opie_flags) { - set_perms(PERM_ROOT, 0); - if (opieverify(&opie, pass) == 0) { - set_perms(PERM_USER, 0); - return; /* if the key is correct return() */ - } - set_perms(PERM_USER, 0); - } -# endif /* HAVE_OPIE */ -# if !defined(OTP_ONLY) || (!defined(HAVE_SKEY) && !defined(HAVE_OPIE)) - /* - * If we use shadow passwords with a different crypt(3) - * check that here, else use standard crypt(3). - */ -# ifdef HAVE_GETAUTHUID - if (!strcmp(user_passwd, (char *) crypt16(pass, user_passwd))) - return; /* if the passwd is correct return() */ -# endif /* HAVE_GETAUTHUID */ - -# ifdef HAVE_GETPRPWNAM - if (check_secureware(pass)) - return; /* if the passwd is correct return() */ -# endif /* HAVE_HAVE_GETPRPWNAM */ - - /* Normal UN*X password check */ - if (!strcmp(user_passwd, (char *) crypt(pass, user_passwd))) - return; /* if the passwd is correct return() */ - -# ifdef HAVE_KERB4 - if (user_uid && sudo_krb_validate_user(user_pw_ent, pass) == 0) - return; -# endif /* HAVE_KERB4 */ - -# ifdef HAVE_KERB5 - if (sudo_krb5_validate_user(user_pw_ent, pass) == 0) - return; -# endif /* HAVE_KERB5 */ - -# ifdef HAVE_AFS - if (ka_UserAuthenticateGeneral(KA_USERAUTH_VERSION, - user_name, /* name */ - NULL, /* instance */ - NULL, /* realm */ - pass, /* password */ - 0, /* lifetime */ - 0, 0, /* spare */ - NULL) == 0) /* reason */ - return; -# endif /* HAVE_AFS */ -# ifdef HAVE_DCE - /* - * consult the DCE registry for password validation - * note that dce_pwent trashes pass upon return... - */ - if (dce_pwent(user_name, pass)) - return; -# endif /* HAVE_DCE */ -# endif /* !OTP_ONLY || (!HAVE_SKEY && !HAVE_OPIE) */ -#endif /* HAVE_AUTHENTICATE */ - - /* Exit loop on nil password, but give it a chance to match first. */ - if (!pass || *pass == '\0') { - if (counter == TRIES_FOR_PASSWORD) - exit(1); - else - break; - } - - --counter; /* otherwise, try again */ - pass_warn(stderr); - } - - if (counter > 0) { - log_error(PASSWORD_NOT_CORRECT); - inform_user(PASSWORD_NOT_CORRECT); - } else { - log_error(PASSWORDS_NOT_CORRECT); - inform_user(PASSWORDS_NOT_CORRECT); - } - - exit(1); -} -#endif /* HAVE_AUTHSRV */ -#endif /* HAVE_SECURID */ - - -#ifdef HAVE_KERB4 -/******************************************************************** - * - * sudo_krb_validate_user() - * - * Validate a user via kerberos. - */ -static int sudo_krb_validate_user(pw, pass) - struct passwd *pw; - char *pass; -{ - char realm[REALM_SZ]; - char tkfile[sizeof(_PATH_SUDO_TIMEDIR) + 4 + MAX_UID_T_LEN]; - int k_errno; - - /* Get the local realm, or retrun failure (no krb.conf) */ - if (krb_get_lrealm(realm, 1) != KSUCCESS) - return(-1); - - /* - * Set the ticket file to be in sudo sudo timedir so we don't - * wipe out other kerberos tickets. - */ - (void) sprintf(tkfile, "%s/tkt%ld", _PATH_SUDO_TIMEDIR, - (long) pw->pw_uid); - (void) krb_set_tkt_string(tkfile); - - /* - * Update the ticket if password is ok. Kerb4 expects - * the ruid and euid to be the same here so we setuid to root. - */ - set_perms(PERM_ROOT, 0); - k_errno = krb_get_pw_in_tkt(pw->pw_name, "", realm, "krbtgt", realm, - DEFAULT_TKT_LIFE, pass); - - /* - * If we authenticated, destroy the ticket now that we are done with it. - * If not, warn on a "real" error. - */ - if (k_errno == INTK_OK) - dest_tkt(); - else if (k_errno != INTK_BADPW && k_errno != KDC_PR_UNKNOWN) - (void) fprintf(stderr, "Warning: Kerberos error: %s\n", - krb_err_txt[k_errno]); - - /* done with rootly stuff */ - set_perms(PERM_USER, 0); - - return(!(k_errno == INTK_OK)); -} -#endif /* HAVE_KERB4 */ - - -#ifdef HAVE_KERB5 -/******************************************************************** - * - * sudo_krb5_validate_user() - * - * Validate a user via Kerberos 5. We may lose a bit of memory, but it's - * OK since we're a short lived program. I'd rather do that than contort - * the code to handle the cleanup. - */ -static int sudo_krb5_validate_user(pw, pass) - struct passwd *pw; - char *pass; -{ - krb5_error_code retval; - krb5_principal princ; - krb5_creds creds; - krb5_ccache ccache; - char cache_name[64]; - char *princ_name; - krb5_get_init_creds_opt opts; - - /* Initialize */ - if (!sudo_context) - return -1; - krb5_get_init_creds_opt_init(&opts); - - princ_name = emalloc(strlen(pw->pw_name) + strlen(realm) + 2); - - sprintf(princ_name, "%s@%s", pw->pw_name, realm); - if (retval = krb5_parse_name(sudo_context, princ_name, &princ)) - return retval; - - /* Set the ticket file to be in /tmp so we don't need to change perms. */ - (void) sprintf(cache_name, "FILE:/tmp/sudocc_%ld", getpid()); - if (retval = krb5_cc_resolve(sudo_context, cache_name, &ccache)) - return retval; - - if (retval = krb5_get_init_creds_password(sudo_context, &creds, princ, - pass, krb5_prompter_posix, NULL, - 0, NULL, &opts)) - return retval; - - /* Stash the TGT so we can verify it. */ - if (retval = krb5_cc_initialize(sudo_context, ccache, princ)) - return retval; - if (retval = krb5_cc_store_cred(sudo_context, ccache, &creds)) { - (void) krb5_cc_destroy(sudo_context, ccache); - return retval; - } - - retval = verify_krb_v5_tgt(ccache); - (void) krb5_cc_destroy(sudo_context, ccache); - return (retval == -1); -} - - -/* - * This routine with some modification is from the MIT V5B6 appl/bsd/login.c - * - * Verify the Kerberos ticket-granting ticket just retrieved for the - * user. If the Kerberos server doesn't respond, assume the user is - * trying to fake us out (since we DID just get a TGT from what is - * supposedly our KDC). If the host/<host> service is unknown (i.e., - * the local keytab doesn't have it), let her in. - * - * Returns 1 for confirmation, -1 for failure, 0 for uncertainty. - */ -static int verify_krb_v5_tgt(ccache) - krb5_ccache ccache; -{ - char phost[BUFSIZ]; - krb5_error_code retval; - krb5_principal princ; - krb5_keyblock * keyblock = 0; - krb5_data packet; - krb5_auth_context auth_context = NULL; - - packet.data = 0; - - /* - * Get the server principal for the local host. - * (Use defaults of "host" and canonicalized local name.) - */ - if (krb5_sname_to_principal(sudo_context, NULL, NULL, - KRB5_NT_SRV_HST, &princ)) - return -1; - - /* Extract the name directly. */ - strncpy(phost, krb5_princ_component(c, princ, 1)->data, BUFSIZ); - phost[BUFSIZ - 1] = '\0'; - - /* - * Do we have host/<host> keys? - * (use default keytab, kvno IGNORE_VNO to get the first match, - * and enctype is currently ignored anyhow.) - */ - if (retval = krb5_kt_read_service_key(sudo_context, NULL, princ, 0, - ENCTYPE_DES_CBC_MD5, &keyblock)) { - /* Keytab or service key does not exist */ - if (xrealm) - retval = -1; - else - retval = 0; - goto cleanup; - } - if (keyblock) - krb5_free_keyblock(sudo_context, keyblock); - - /* Talk to the kdc and construct the ticket. */ - retval = krb5_mk_req(sudo_context, &auth_context, 0, "host", phost, - NULL, ccache, &packet); - if (auth_context) { - krb5_auth_con_free(sudo_context, auth_context); - auth_context = NULL; /* setup for rd_req */ - } - if (retval) { - retval = -1; - goto cleanup; - } - - /* Try to use the ticket. */ - retval = krb5_rd_req(sudo_context, &auth_context, &packet, princ, - NULL, NULL, NULL); - if (retval) { - retval = -1; - } else { - retval = 1; - } - -cleanup: - if (packet.data) - krb5_free_data_contents(sudo_context, &packet); - krb5_free_principal(sudo_context, princ); - return retval; - -} -#endif /* HAVE_KERB5 */ - - -#ifdef HAVE_PAM -/******************************************************************** - * pam_attempt_auth() - * - * Try to authenticate the user using Pluggable Authentication - * Modules (PAM). Added 9/11/98 by Gary J. Calvin - * Reworked for stock PAM by Amos Elberg and Todd Miller - */ -static char *PAM_username; -static char *PAM_password; - -static int PAM_conv(num_msg, msg, resp, appdata_ptr) - int num_msg; - PAM_CONST struct pam_message **msg; - struct pam_response **resp; - void *appdata_ptr; -{ - int replies = 0; - struct pam_response *reply = NULL; - - if ((reply = malloc(sizeof(struct pam_response) * num_msg)) == NULL) - return(PAM_CONV_ERR); - - for (replies = 0; replies < num_msg; replies++) { - switch (msg[replies]->msg_style) { - case PAM_PROMPT_ECHO_ON: - reply[replies].resp_retcode = PAM_SUCCESS; - reply[replies].resp = estrdup(PAM_username); - /* PAM frees resp */ - break; - case PAM_PROMPT_ECHO_OFF: - reply[replies].resp_retcode = PAM_SUCCESS; - reply[replies].resp = estrdup(PAM_password); - /* PAM frees resp */ - break; - case PAM_TEXT_INFO: - /* fall through */ - case PAM_ERROR_MSG: - /* ignore it... */ - reply[replies].resp_retcode = PAM_SUCCESS; - reply[replies].resp = NULL; - break; - default: - /* Must be an error of some sort... */ - free(reply); - return(PAM_CONV_ERR); - } - } - if (reply) - *resp = reply; - - return(PAM_SUCCESS); -} - -static int pam_auth(user, password) - char *user; - char *password; -{ - struct pam_conv PAM_conversation; - pam_handle_t *pamh; - - /* Initialize our variables for PAM */ - PAM_conversation.conv = PAM_conv; - PAM_conversation.appdata_ptr = NULL; - PAM_password = password; - PAM_username = user; - - /* - * Setting PAM_SILENT stops generation of error messages to syslog - * to enable debugging on Red Hat Linux set: - * /etc/pam.d/sudo: - * auth required /lib/security/pam_pwdb.so shadow nullok audit - * _OR_ change PAM_SILENT to 0 to force detailed reporting (logging) - */ - if (pam_start("sudo", user, &PAM_conversation, &pamh) != PAM_SUCCESS || - pam_authenticate(pamh, PAM_SILENT) != PAM_SUCCESS) { - pam_end(pamh, 0); - return(0); - } - - /* User authenticated successfully */ - pam_end(pamh, PAM_SUCCESS); - - return(1); -} - -static void pam_attempt_auth() -{ - int i = TRIES_FOR_PASSWORD; - - set_perms(PERM_ROOT, 0); - while (i > 0) { - char *pamPass = (char *) GETPASS(prompt, PASSWORD_TIMEOUT * 60); - - if (pam_auth(user_name, pamPass)) { - set_perms(PERM_USER, 0); - return; - } - --i; - pass_warn(stderr); - } - set_perms(PERM_USER, 0); - - if (i == 0) { - log_error(PASSWORD_NOT_CORRECT); - inform_user(PASSWORD_NOT_CORRECT); - } else { - log_error(PASSWORDS_NOT_CORRECT); - inform_user(PASSWORDS_NOT_CORRECT); - } - exit(1); -} -#endif /* HAVE_PAM */ - -#ifdef HAVE_SKEY -/******************************************************************** - * - * sudo_skeyprompt() - * - * This function rewrites and return the prompt based the - * s/key challenge * and fills in the user's skey structure. - */ - -static char *sudo_skeyprompt(user_skey, p) - struct skey *user_skey; - char *p; -{ - char challenge[256]; - int rval; - static char *orig_prompt = NULL, *new_prompt = NULL; - static int op_len, np_size; - - /* save the original prompt */ - if (orig_prompt == NULL) { - orig_prompt = p; - op_len = strlen(p); - - /* ignore trailing colon */ - if (p[op_len - 1] == ':') - op_len--; - } - - /* close old stream */ - if (user_skey->keyfile) - (void) fclose(user_skey->keyfile); - - /* get the skey part of the prompt */ - if ((rval = skeychallenge(user_skey, user_name, challenge)) != 0) { -#ifdef OTP_ONLY - (void) fprintf(stderr, - "%s: You do not exist in the s/key database.\n", - Argv[0]); - exit(1); -#else - /* return the original prompt if we cannot get s/key info */ - return(orig_prompt); -#endif /* OTP_ONLY */ - } - - /* get space for new prompt with embedded s/key challenge */ - if (new_prompt == NULL) { - /* allocate space for new prompt */ - np_size = op_len + strlen(challenge) + 7; - new_prompt = (char *) emalloc(np_size); - } else { - /* already have space allocated, is it enough? */ - if (np_size < op_len + strlen(challenge) + 7) { - np_size = op_len + strlen(challenge) + 7; - new_prompt = (char *) erealloc(new_prompt, np_size); - } - } - - /* embed the s/key challenge into the new password prompt */ -#ifdef LONG_OTP_PROMPT - (void) sprintf(new_prompt, "%s\n%s", challenge, orig_prompt); -#else - (void) sprintf(new_prompt, "%.*s [ %s ]:", op_len, orig_prompt, challenge); -#endif /* LONG_OTP_PROMPT */ - - return(new_prompt); -} -#endif /* HAVE_SKEY */ - - -#ifdef HAVE_OPIE -/******************************************************************** - * - * sudo_opieprompt() - * - * This function rewrites and return the prompt based the - * OPIE challenge * and fills in the user's opie structure. - */ - -static char *sudo_opieprompt(user_opie, p) - struct opie *user_opie; - char *p; -{ - char challenge[OPIE_CHALLENGE_MAX]; - int rval; - static char *orig_prompt = NULL, *new_prompt = NULL; - static int op_len, np_size; - - /* save the original prompt */ - if (orig_prompt == NULL) { - orig_prompt = p; - op_len = strlen(p); - - /* ignore trailing colon */ - if (p[op_len - 1] == ':') - op_len--; - } - - /* get the opie part of the prompt */ - if ((rval = opiechallenge(user_opie, user_name, challenge)) != 0) { -#ifdef OTP_ONLY - (void) fprintf(stderr, - "%s: You do not exist in the opie database.\n", - Argv[0]); - exit(1); -#else - /* return the original prompt if we cannot get opie info */ - return(orig_prompt); -#endif /* OTP_ONLY */ - } - - /* get space for new prompt with embedded opie challenge */ - if (new_prompt == NULL) { - /* allocate space for new prompt */ - np_size = op_len + strlen(challenge) + 7; - new_prompt = (char *) emalloc(np_size); - } else { - /* already have space allocated, is it enough? */ - if (np_size < op_len + strlen(challenge) + 7) { - np_size = op_len + strlen(challenge) + 7; - new_prompt = (char *) erealloc(new_prompt, np_size); - } - } - - /* embed the s/key challenge into the new password prompt */ -#ifdef LONG_OTP_PROMPT - (void) sprintf(new_prompt, "%s\n%s", challenge, orig_prompt); -#else - (void) sprintf(new_prompt, "%.*s [ %s ]:", op_len, orig_prompt, challenge); -#endif /* LONG_OTP_PROMPT */ - - return(new_prompt); -} -#endif /* HAVE_OPIE */ - - -#ifndef NO_MESSAGE -/******************************************************************** - * - * reminder() - * - * this function just prints the the reminder message - */ - -static void reminder() -{ -#ifdef SHORT_MESSAGE - (void) fprintf(stderr, "\n%s\n%s\n\n%s\n%s\n\n", -#else - (void) fprintf(stderr, "\n%s%s%s\n%s\n%s\n%s\n\n%s\n%s\n\n%s\n%s\n\n", - " CU Sudo version ", version, ", based on Root Group sudo version 1.1.", - " sudo version 1.1 is Copyright (C) 1991 The Root Group, Inc.", - " sudo comes with ABSOLUTELY NO WARRANTY. This is free software,", - " and you are welcome to redistribute it under certain conditions.", -#endif - "We trust you have received the usual lecture from the local System", - "Administrator. It usually boils down to these two things:", - " #1) Respect the privacy of others.", - " #2) Think before you type." - ); -} -#endif /* NO_MESSAGE */ - - -/******************************************************************** - * - * pass_warn() - * - * warn the user that the password was incorrect - * (and insult them if insults are configured). - */ - -void pass_warn(fp) - FILE *fp; -{ - -#ifdef USE_INSULTS - (void) fprintf(fp, "%s\n", INSULT); -#else - (void) fprintf(fp, "%s\n", INCORRECT_PASSWORD); -#endif /* USE_INSULTS */ -} - -/******************************************************************** - * - * expand_prompt() - * - * expand %h and %u in the prompt and pass back the dynamically - * allocated result. Returns the same string if no escapes. - */ - -static char *expand_prompt(old_prompt, user, host) - char *old_prompt; - char *user; - char *host; -{ - size_t len; - int subst; - char *p, *np, *new_prompt, lastchar; - - /* How much space do we need to malloc for the prompt? */ - subst = 0; - for (p = old_prompt, len = strlen(old_prompt), lastchar = '\0'; *p; p++) { - if (lastchar == '%') { - if (*p == 'h') { - len += strlen(shost) - 2; - subst = 1; - } else if (*p == 'u') { - len += strlen(user_name) - 2; - subst = 1; - } - } - - if (lastchar == '%' && *p == '%') { - lastchar = '\0'; - len--; - } else - lastchar = *p; - } - - if (subst) { - new_prompt = (char *) emalloc(len + 1); - for (p = prompt, np = new_prompt; *p; p++) { - if (lastchar == '%' && (*p == 'h' || *p == 'u' || *p == '%')) { - /* substiture user/host name */ - if (*p == 'h') { - np--; - strcpy(np, shost); - np += strlen(shost); - } else if (*p == 'u') { - np--; - strcpy(np, user_name); - np += strlen(user_name); - } - } else - *np++ = *p; - - if (lastchar == '%' && *p == '%') - lastchar = '\0'; - else - lastchar = *p; - } - *np = '\0'; - } else - new_prompt = prompt; - - return(new_prompt); -} diff --git a/gnu/usr.bin/sudo/sudo/compat.h b/gnu/usr.bin/sudo/sudo/compat.h deleted file mode 100644 index 7cf12f202c1..00000000000 --- a/gnu/usr.bin/sudo/sudo/compat.h +++ /dev/null @@ -1,155 +0,0 @@ -/* $OpenBSD: compat.h,v 1.9 1999/03/29 20:29:02 millert Exp $ */ - -/* - * CU sudo version 1.5.9 - * Copyright (c) 1996, 1998, 1999 Todd C. Miller <Todd.Miller@courtesan.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 1, or (at your option) - * any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - * - * Please send bugs, changes, problems to sudo-bugs@courtesan.com - * - * $Sudo: compat.h,v 1.46 1999/03/29 04:05:06 millert Exp $ - */ - -#ifndef _SUDO_COMPAT_H -#define _SUDO_COMPAT_H - -/* - * Macros that may be missing on some Operating Systems - */ - -/* Deal with ansi stuff reasonably. */ -#ifndef __P -# if defined (__cplusplus) || defined (__STDC__) -# define __P(args) args -# else -# define __P(args) () -# endif -#endif /* __P */ - -/* - * Some systems (ie ISC V/386) do not define MAXPATHLEN even in param.h - */ -#ifndef MAXPATHLEN -# define MAXPATHLEN 1024 -#endif - -/* - * Some systems do not define MAXHOSTNAMELEN. - */ -#ifndef MAXHOSTNAMELEN -# define MAXHOSTNAMELEN 64 -#endif - -/* - * 4.2BSD lacks FD_* macros (we only use FD_SET and FD_ZERO) - */ -#ifndef FD_SETSIZE -#define FD_SET(fd, fds) ((fds) -> fds_bits[0] |= (1 << (fd))) -#define FD_ZERO(fds) ((fds) -> fds_bits[0] = 0) -#endif /* !FD_SETSIZE */ - -/* - * Posix versions for those without... - */ -#ifndef _S_IFMT -# define _S_IFMT S_IFMT -#endif /* _S_IFMT */ -#ifndef _S_IFREG -# define _S_IFREG S_IFREG -#endif /* _S_IFREG */ -#ifndef _S_IFDIR -# define _S_IFDIR S_IFDIR -#endif /* _S_IFDIR */ -#ifndef S_ISREG -# define S_ISREG(m) (((m) & _S_IFMT) == _S_IFREG) -#endif /* S_ISREG */ -#ifndef S_ISDIR -# define S_ISDIR(m) (((m) & _S_IFMT) == _S_IFDIR) -#endif /* S_ISDIR */ - -/* - * Some OS's may not have this. - */ -#ifndef S_IRWXU -# define S_IRWXU 0000700 /* rwx for owner */ -#endif /* S_IRWXU */ - -/* - * Some OS's may not have this. - */ -#ifndef howmany -#define howmany(x, y) (((x) + ((y) - 1)) / (y)) -#endif - -/* - * We need to know how long the longest password may be. - * For alternate password schemes we need longer passwords. - * This is a bit, ummm, gross but necesary. - */ -#if defined(HAVE_KERB4) || defined(HAVE_AFS) || defined(HAVE_DCE) || defined(HAVE_SKEY) || defined(HAVE_OPIE) -# undef _PASSWD_LEN -# define _PASSWD_LEN 256 -#else -# ifdef HAVE_GETPRPWNAM -# undef _PASSWD_LEN -# define _PASSWD_LEN AUTH_MAX_PASSWD_LENGTH -# else -# ifndef _PASSWD_LEN -# ifdef PASS_MAX -# define _PASSWD_LEN PASS_MAX -# else -# if (SHADOW_TYPE != SPW_NONE) -# define _PASSWD_LEN 24 -# else -# define _PASSWD_LEN 8 -# endif /* SHADOW_TYPE != SPW_NONE */ -# endif /* PASS_MAX */ -# endif /* !_PASSWD_LEN */ -# endif /* HAVE_GETPRPWNAM */ -#endif /* HAVE_KERB4 || HAVE_AFS || HAVE_DCE || HAVE_SKEY || HAVE_OPIE */ - -/* - * Some OS's lack these - */ -#ifndef UID_NO_CHANGE -# define UID_NO_CHANGE ((uid_t) -1) -#endif /* UID_NO_CHANGE */ -#ifndef GID_NO_CHANGE -# define GID_NO_CHANGE ((gid_t) -1) -#endif /* GID_NO_CHANGE */ - -/* - * Emulate seteuid() for AIX via setuidx() -- needed for some versions of AIX - */ -#ifdef _AIX -# include <sys/id.h> -# define seteuid(_EUID) (setuidx(ID_EFFECTIVE|ID_REAL, _EUID)) -# undef HAVE_SETEUID -# define HAVE_SETEUID 1 -#endif /* _AIX */ - -/* - * Emulate seteuid() for HP-UX via setresuid(2) and seteuid(2) for others. - */ -#ifndef HAVE_SETEUID -# ifdef __hpux -# define seteuid(_EUID) (setresuid(UID_NO_CHANGE, _EUID, UID_NO_CHANGE)) -# else -# define seteuid(_EUID) (setreuid(UID_NO_CHANGE, _EUID)) -# endif /* __hpux */ -#endif /* HAVE_SETEUID */ - -#endif /* _SUDO_COMPAT_H */ diff --git a/gnu/usr.bin/sudo/sudo/config.h b/gnu/usr.bin/sudo/sudo/config.h deleted file mode 100644 index 42a53679e07..00000000000 --- a/gnu/usr.bin/sudo/sudo/config.h +++ /dev/null @@ -1,452 +0,0 @@ -/* $OpenBSD: config.h,v 1.9 1999/03/29 20:29:02 millert Exp $ */ - -/* config.h. Generated automatically by configure. */ -/* - * CU sudo version 1.5.9 - * Copyright (c) 1996, 1998, 1999 Todd C. Miller <Todd.Miller@courtesan.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 1, or (at your option) - * any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - * - * Please send bugs, changes, problems to sudo-bugs@courtesan.com - * - * $Sudo: config.h.in,v 1.117 1999/03/29 04:05:06 millert Exp $ - */ - -/* - * config.h -- You shouldn't edit this by hand unless you are - * NOT using configure. - */ - -#ifndef _SUDO_CONFIG_H -#define _SUDO_CONFIG_H - -/* New ANSI-style OS defs. */ -#if defined(hpux) && !defined(__hpux) -# define __hpux 1 -#endif /* hpux */ - -#if defined(convex) && !defined(__convex__) -# define __convex__ 1 -#endif /* convex */ - -/* Define if on AIX 3. - System headers sometimes define this. - We just want to avoid a redefinition error message. */ -#ifndef _ALL_SOURCE -/* #undef _ALL_SOURCE */ -#endif - -/* Define if on ConvexOs. - System headers sometimes define this. - We just want to avoid a redefinition error message. */ -#ifndef _CONVEX_SOURCE -/* #undef _CONVEX_SOURCE */ -#endif - -/* Define if needed to get POSIX functionality. - System headers sometimes define this. - We just want to avoid a redefinition error message. */ -#ifndef _POSIX_SOURCE -/* #undef _POSIX_SOURCE */ -#endif - -/* Define to `int' if <sys/types.h> doesn't define. */ -/* #undef uid_t */ - -/* Define to `int' if <sys/types.h> doesn't define. */ -/* #undef gid_t */ - -/* Define to `int' if <sys/types.h> doesn't define. */ -/* #undef mode_t */ - -/* Define to `unsigned' if <sys/types.h> doesn't define. */ -/* #undef size_t */ - -/* Define to `int' if <sys/types.h> doesn't define. */ -/* #undef ssize_t */ - -/* Define to `int' if <sys/types.h> doesn't define. */ -/* #undef dev_t */ - -/* Define to `unsigned int' if <sys/types.h> doesn't define. */ -/* #undef ino_t */ - -/* Define to be nil if C compiler doesn't support "const." */ -/* #undef const */ - -/* Solaris doesn't use const qualifiers in PAM. */ -#ifdef sun -#define PAM_CONST -#else -#define PAM_CONST const -#endif - -/* Define as the return type of signal handlers (int or void). */ -#define RETSIGTYPE void - -/* Define if you have the ANSI C header files. */ -#define STDC_HEADERS 1 - -/* Define if you want to use the system getpass(). */ -/* #undef USE_GETPASS */ - -/* Define if you want to use execv() instead of execvp(). */ -/* #undef USE_EXECV */ - -/* Define if you a different ticket file for each tty. */ -/* #undef USE_TTY_TICKETS */ - -/* Define if you want to insult the user for entering an incorrect password. */ -#define USE_INSULTS 1 - -/* Define if you want the insults from the "classic" version sudo. */ -#define CLASSIC_INSULTS 1 - -/* Define if you want 2001-like insults. */ -/* #undef HAL_INSULTS */ - -/* Define if you want insults from the "Goon Show" */ -/* #undef GOONS_INSULTS */ - -/* Define if you want insults culled from the twisted minds of CSOps. */ -#define CSOPS_INSULTS 1 - -/* Define to override the user's path with a builtin one. */ -/* #undef SECURE_PATH */ - -/* Define if you use S/Key. */ -/* #undef HAVE_SKEY */ - -/* Define if you use NRL OPIE. */ -/* #undef HAVE_OPIE */ - -/* Define if you want a two line OTP (skey/opie) prompt. */ -/* #undef LONG_OTP_PROMPT */ - -/* Define if you want to validate users via OTP (skey/opie) only. */ -/* #undef OTP_ONLY */ - -/* Define if you use SecurID. */ -/* #undef HAVE_SECURID */ - -/* Define if you use AIX general authentication. */ -/* #undef HAVE_AUTHENTICATE */ - -/* Define if you use Kerberos. */ -/* #undef HAVE_KERB4 */ - -/* Define if you use Kerberos. */ -/* #undef HAVE_KERB5 */ - -/* Define if you use SIA. */ -/* #undef HAVE_SIA */ - -/* Define if you use PAM. */ -/* #undef HAVE_PAM */ - -/* Define if you use AFS. */ -/* #undef HAVE_AFS */ - -/* Define if you use OSF DCE. */ -/* #undef HAVE_DCE */ - -/* Define if you have POSIX signals. */ -#define HAVE_SIGACTION 1 -#ifdef HAVE_SIGACTION -# define POSIX_SIGNALS -#endif /* HAVE_SIGACTION */ - -/* Define if you have tzset(3). */ -#define HAVE_TZSET 1 - -/* Define if you have getcwd(3). */ -#define HAVE_GETCWD 1 - -/* Define if you have strdup(3). */ -#define HAVE_STRDUP 1 - -/* Define if you have fnmatch(3). */ -#define HAVE_FNMATCH 1 - -/* Define if you have lsearch(3). */ -#define HAVE_LSEARCH 1 - -/* Define if you have strchr(3). */ -#define HAVE_STRCHR 1 -#if !defined(HAVE_STRCHR) && !defined(strchr) -# define strchr index -#endif - -/* Define if you have strrchr(3). */ -#define HAVE_STRRCHR 1 -#if !defined(HAVE_STRRCHR) && !defined(strrchr) -# define strrchr rindex -#endif - -/* Define if you have memcpy(3). */ -#define HAVE_MEMCPY 1 -#if !defined(HAVE_MEMCPY) && !defined(memcpy) -# define memcpy(D, S, L) (bcopy(S, D, L)) -#endif - -/* Define if you have memset(3). */ -#define HAVE_MEMSET 1 -#if !defined(HAVE_MEMSET) && !defined(memset) -# define memset(S, X, N) (bzero(S, N)) -#endif - -/* Define if you have sysconf(3c). */ -#define HAVE_SYSCONF 1 - -/* Define if you have putenv(3). */ -/* #undef HAVE_PUTENV */ - -/* Define if you have setenv(3). */ -#define HAVE_SETENV 1 - -/* Define if you have strcasecmp(3). */ -#define HAVE_STRCASECMP 1 - -/* Define if you have tcgetattr(3). */ -#define HAVE_TCGETATTR 1 - -/* Define if you have innetgr(3). */ -#define HAVE_INNETGR 1 - -/* Define if you have getdomainname(2). */ -#define HAVE_GETDOMAINNAME 1 - -/* Define if you have utime(2). */ -#define HAVE_UTIME 1 - -/* Define if you have a POSIX utime() (uses struct utimbuf) */ -#define HAVE_UTIME_POSIX 1 - -/* Define if utime(file, NULL) sets timestamp to current */ -#define HAVE_UTIME_NULL 1 - -/* Define if you have bigcrypt(3). */ -/* #undef HAVE_BIGCRYPT */ - -/* Define if you have set_auth_parameters(3). */ -/* #undef HAVE_SET_AUTH_PARAMETERS */ - -/* Define if you have initprivs(3). */ -/* #undef HAVE_INITPRIVS */ - -/* Define if you have dispcrypt(3). */ -/* #undef HAVE_DISPCRYPT */ - -/* Define if you have getspnam(3). [SVR4-style shadow passwords] */ -/* #undef HAVE_GETSPNAM */ - -/* Define if you have getprpwnam(3). [SecureWare-style shadow passwords] */ -/* #undef HAVE_GETPRPWNAM */ - -/* Define if you have iscomsec(3). [HP-UX >= 10.x check for shadow enabled] */ -/* #undef HAVE_ISCOMSEC */ - -/* Define if you have getspwuid(3). [HP-UX <= 9.X shadow passwords] */ -/* #undef HAVE_GETSPWUID */ - -/* Define if you have getpwanam(3). [SunOS 4.x shadow passwords] */ -/* #undef HAVE_GETPWANAM */ - -/* Define if you have issecure(3). [SunOS 4.x check for shadow enabled] */ -/* #undef HAVE_ISSECURE */ - -/* Define if you have getauthuid(3). [ULTRIX 4.x shadow passwords] */ -/* #undef HAVE_GETAUTHUID */ - -/* Define if you have seteuid(3). */ -#define HAVE_SETEUID 1 - -/* Define if you have waitpid(2). */ -#define HAVE_WAITPID 1 - -/* Define if you have wait3(2). */ -/* #undef HAVE_WAIT3 */ - -/* Define if you have the <malloc.h> header file. */ -/* #undef HAVE_MALLOC_H */ - -/* Define if you have the <alloca.h> header file. */ -/* #undef HAVE_ALLOCA_H */ - -/* Define if you have the <paths.h> header file. */ -#define HAVE_PATHS_H 1 - -/* Define if you have the <string.h> header file. */ -#define HAVE_STRING_H 1 - -/* Define if you have the <strings.h> header file but no <string.h>. */ -#ifndef HAVE_STRING_H -#define HAVE_STRINGS_H 1 -#endif /* !HAVE_STRING_H */ - -/* Define your flavor of dir entry header file. */ -#define HAVE_DIRENT_H 1 -/* #undef HAVE_SYS_NDIR_H */ -/* #undef HAVE_SYS_DIR_H */ -/* #undef HAVE_NDIR_H */ - -/* Define if you have the <utime.h> header file. */ -#define HAVE_UTIME_H 1 - -/* Define if you have the <unistd.h> header file. */ -#define HAVE_UNISTD_H 1 - -/* Define if you have the <fnmatch.h> header file. */ -#define HAVE_FNMATCH_H 1 - -/* Define if you have the <netgroup.h> header file. */ -#define HAVE_NETGROUP_H 1 - -/* Define if you have the <termio.h> header file. */ -/* #undef HAVE_TERMIO_H */ - -/* Define if you have the <termios.h> header file and tcgetattr(3). */ -#ifdef HAVE_TCGETATTR -#define HAVE_TERMIOS_H 1 -#endif /* HAVE_TCGETATTR */ - -/* Define if you have the <sys/sockio.h> header file. */ -#define HAVE_SYS_SOCKIO_H 1 - -/* Define if you have the <sys/bsdtypes.h> header file. */ -/* #undef HAVE_SYS_BSDTYPES_H */ - -/* Define if you have the <sys/select.h> header file. */ -#define HAVE_SYS_SELECT_H 1 - -/* Define if your struct sockadr has an sa_len field. */ -#define HAVE_SA_LEN 1 - -/* Define to void if your C compiler fully groks void, else char */ -#define VOID void - -/* Define to the max length of a uid_t in string context (excluding the NUL) */ -#define MAX_UID_T_LEN 10 - -/* Define if your syslog(3) does not guarantee the message will be logged */ -/* and syslog(3) returns non-zero to denote failure */ -/* #undef BROKEN_SYSLOG */ - -/* The umask that the root-run prog should use */ -#define SUDO_UMASK 0022 - -/* Define if you want the hostname to be entered into the log file */ -/* #undef HOST_IN_LOG */ - -/* Define if you want the log file line to be wrapped */ -#define WRAP_LOG 1 - -/* Define to be the number of minutes before sudo asks for passwd again. */ -#define TIMEOUT 5 - -/* Define to be the passwd prompt timeout (in minutes). */ -#define PASSWORD_TIMEOUT 5 - -/* Define to be the number of tries the user gets to enter the passwd. */ -#define TRIES_FOR_PASSWORD 3 - -/* Define to be the user sudo should run commands as by default. */ -#define RUNAS_DEFAULT "root" - -/* Define if you want to require fully qualified hosts in sudoers. */ -/* #undef FQDN */ - -/* If defined, users in this group need not enter a passwd (ie "sudo"). */ -/* #undef EXEMPTGROUP */ - -/* Define to the path of the editor visudo should use. */ -#define EDITOR _PATH_VI - -/* Define if root should not be allowed to use sudo. */ -/* #undef NO_ROOT_SUDO */ - -/* Define to be the user that gets sudo mail. */ -#define ALERTMAIL "root" - -/* Define to be the subject of the mail sent to ALERTMAIL by sudo. */ -#define MAILSUBJECT "*** SECURITY information for %h ***" - -/* Define to be the message given for a bad password. */ -#define INCORRECT_PASSWORD "Sorry, try again." - -/* Define to be the password prompt. */ -#define PASSPROMPT "Password:" - -/* Define if you want visudo to honor EDITOR and VISUAL env variables. */ -#define ENV_EDITOR 1 - -/* Define to SLOG_SYSLOG, SLOG_FILE, or SLOG_BOTH */ -#define LOGGING SLOG_SYSLOG - -/* Define to be the syslog facility to use. */ -#define LOGFAC LOG_AUTHPRIV - -/* Define to be the max chars per log line (for line wrapping). */ -#define MAXLOGFILELEN 80 - -/* Define if you want to ignore '.' and '' in $PATH */ -/* #undef IGNORE_DOT_PATH */ - -/* Define if you want "command not allowed" instead of "command not found" */ -#define DONT_LEAK_PATH_INFO 1 - -/* Define SHORT_MESSAGE for a short lecture or NO_MESSAGE for none. */ -#define SHORT_MESSAGE 1 -/* #undef NO_MESSAGE */ - -/* Define SEND_MAIL_WHEN_NO_USER to send mail when user not in sudoers file */ -#define SEND_MAIL_WHEN_NO_USER 1 - -/* Define SEND_MAIL_WHEN_NOT_OK to send mail when not allowed to run command */ -/* #undef SEND_MAIL_WHEN_NOT_OK */ - -/* Define if you want sudo to start a shell if given no arguments. */ -/* #undef SHELL_IF_NO_ARGS */ - -/* Define if you want sudo to set $HOME in shell mode. */ -/* #undef SHELL_SETS_HOME */ - -/* Define if the code in interfaces.c does not compile for you. */ -/* #undef STUB_LOAD_INTERFACES */ - -/********** You probably don't want to modify anything below here ***********/ - -/* - * Emulate a subset of waitpid() if we don't have it. - */ -#ifdef HAVE_WAITPID -# define sudo_waitpid(p, s, o) waitpid(p, s, o) -#else -# ifdef HAVE_WAIT3 -# define sudo_waitpid(p, s, o) wait3(s, o, NULL) -# endif -#endif - -#ifdef USE_EXECV -# define EXEC execv -#else -# define EXEC execvp -#endif /* USE_EXECV */ - -#ifdef __svr4__ -# define BSD_COMP -#endif /* __svr4__ */ - -#endif /* _SUDO_CONFIG_H */ diff --git a/gnu/usr.bin/sudo/sudo/find_path.c b/gnu/usr.bin/sudo/sudo/find_path.c deleted file mode 100644 index 4769065fa58..00000000000 --- a/gnu/usr.bin/sudo/sudo/find_path.c +++ /dev/null @@ -1,175 +0,0 @@ -/* $OpenBSD: find_path.c,v 1.10 1999/03/29 20:29:02 millert Exp $ */ - -/* - * CU sudo version 1.5.9 - * Copyright (c) 1996, 1998, 1999 Todd C. Miller <Todd.Miller@courtesan.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 1, or (at your option) - * any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - * - * Please send bugs, changes, problems to sudo-bugs@courtesan.com - * - ******************************************************************* - * - * This module contains the find_path() function that returns - * TRUE if the command was found and FALSE if not. - * If find_path() returns TRUE, the copyin paramters command and - * ocommand contain the resolved and unresolved pathnames respectively. - * NOTE: if "." or "" exists in PATH it will be searched last. - * - * Todd C. Miller <Todd.Miller@courtesan.com> Sat Mar 25 21:50:36 MST 1995 - */ - -#include "config.h" - -#include <stdio.h> -#ifdef STDC_HEADERS -#include <stdlib.h> -#endif /* STDC_HEADERS */ -#ifdef HAVE_UNISTD_H -#include <unistd.h> -#endif /* HAVE_UNISTD_H */ -#ifdef HAVE_STRING_H -#include <string.h> -#endif /* HAVE_STRING_H */ -#ifdef HAVE_STRINGS_H -#include <strings.h> -#endif /* HAVE_STRINGS_H */ -#include <errno.h> -#include <sys/types.h> -#include <sys/param.h> -#include <sys/stat.h> -#include <netinet/in.h> -#include "sudo.h" - -#ifndef STDC_HEADERS -extern char *getenv __P((const char *)); -extern char *strcpy __P((char *, const char *)); -extern int fprintf __P((FILE *, const char *, ...)); -extern ssize_t readlink __P((const char *, VOID *, size_t)); -extern int stat __P((const char *, struct stat *)); -extern int lstat __P((const char *, struct stat *)); -#endif /* !STDC_HEADERS */ - -#ifndef _S_IFMT -#define _S_IFMT S_IFMT -#endif /* _S_IFMT */ -#ifndef _S_IFLNK -#define _S_IFLNK S_IFLNK -#endif /* _S_IFLNK */ - -#ifndef lint -static const char rcsid[] = "$Sudo: find_path.c,v 1.85 1999/03/29 04:05:08 millert Exp $"; -#endif /* lint */ - -/******************************************************************* - * - * find_path() - * - * this function finds the full pathname for a command and - * stores it in a statically allocated array, filling in a pointer - * to the array. Returns FOUND if the command was found, NOT_FOUND - * if it was not found, or NOT_FOUND_DOT if it would have been found - * but it is in '.' and IGNORE_DOT_PATH is in effect. - */ - -int find_path(infile, outfile) - char *infile; /* file to find */ - char **outfile; /* result parameter */ -{ - static char command[MAXPATHLEN]; /* qualified filename */ - register char *n; /* for traversing path */ - char *path = NULL; /* contents of PATH env var */ - char *origpath; /* so we can free path later */ - char *result = NULL; /* result of path/file lookup */ - int checkdot = 0; /* check current dir? */ - - command[0] = '\0'; - - if (strlen(infile) >= MAXPATHLEN) { - errno = ENAMETOOLONG; - (void) fprintf(stderr, "%s: path too long: %s\n", Argv[0], infile); - exit(1); - } - - /* - * If we were given a fully qualified or relative path - * there is no need to look at PATH. - */ - if (strchr(infile, '/')) { - (void) strcpy(command, infile); - if (sudo_goodpath(command)) { - *outfile = command; - return(FOUND); - } else - return(NOT_FOUND); - } - - /* - * grab PATH out of environment and make a local copy - */ - if ((path = getenv("PATH")) == NULL) - return(NOT_FOUND); - - path = estrdup(path); - origpath = path; - - /* XXX use strtok() */ - do { - if ((n = strchr(path, ':'))) - *n = '\0'; - - /* - * search current dir last if it is in PATH This will miss sneaky - * things like using './' or './/' - */ - if (*path == '\0' || (*path == '.' && *(path + 1) == '\0')) { - checkdot = 1; - path = n + 1; - continue; - } - - /* - * resolve the path and exit the loop if found - */ - if (strlen(path) + strlen(infile) + 1 >= MAXPATHLEN) { - (void) fprintf(stderr, "%s: path too long: %s\n", Argv[0], infile); - exit(1); - } - (void) sprintf(command, "%s/%s", path, infile); - if ((result = sudo_goodpath(command))) - break; - - path = n + 1; - - } while (n); - (void) free(origpath); - - /* - * Check current dir if dot was in the PATH - */ - if (!result && checkdot) { - result = sudo_goodpath(infile); -#ifdef IGNORE_DOT_PATH - if (result) - return(NOT_FOUND_DOT); -#endif /* IGNORE_DOT_PATH */ - } - - if (result) { - *outfile = result; - return(FOUND); - } else - return(NOT_FOUND); -} diff --git a/gnu/usr.bin/sudo/sudo/getspwuid.c b/gnu/usr.bin/sudo/sudo/getspwuid.c deleted file mode 100644 index 7ed7cd944f1..00000000000 --- a/gnu/usr.bin/sudo/sudo/getspwuid.c +++ /dev/null @@ -1,230 +0,0 @@ -/* $OpenBSD: getspwuid.c,v 1.10 1999/03/29 20:29:03 millert Exp $ */ - -/* - * CU sudo version 1.5.9 - * Copyright (c) 1996, 1998, 1999 Todd C. Miller <Todd.Miller@courtesan.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 1, or (at your option) - * any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - * - * Please send bugs, changes, problems to sudo-bugs@courtesan.com - * - ******************************************************************* - * - * This module contains sudo_getpwuid(), a function that - * Makes a dynamic copy of the struct passwd returned by - * getpwuid() and substitutes the shadow password if - * necesary. - * - * Todd C. Miller Mon Nov 20 13:53:06 MST 1995 - */ - -#include "config.h" - -#include <stdio.h> -#ifdef STDC_HEADERS -#include <stdlib.h> -#endif /* STDC_HEADERS */ -#ifdef HAVE_STRING_H -#include <string.h> -#endif /* HAVE_STRING_H */ -#ifdef HAVE_UNISTD_H -#include <unistd.h> -#endif /* HAVE_UNISTD_H */ -#include <sys/types.h> -#include <sys/stat.h> -#include <sys/param.h> -#include <netinet/in.h> -#include <pwd.h> -#ifdef HAVE_GETSPNAM -# include <shadow.h> -#endif /* HAVE_GETSPNAM */ -#ifdef HAVE_GETPRPWNAM -# ifdef __hpux -# include <hpsecurity.h> -# else -# include <sys/security.h> -# endif /* __hpux */ -# include <prot.h> -#endif /* HAVE_GETPRPWNAM */ -#ifdef HAVE_GETPWANAM -# include <sys/label.h> -# include <sys/audit.h> -# include <pwdadj.h> -#endif /* HAVE_GETPWANAM */ -#ifdef HAVE_GETAUTHUID -# include <auth.h> -#endif /* HAVE_GETAUTHUID */ - -#include "sudo.h" - -#ifndef lint -static const char rcsid[] = "$Sudo: getspwuid.c,v 1.45 1999/03/29 04:05:08 millert Exp $"; -#endif /* lint */ - -#ifndef STDC_HEADERS -extern char *getenv __P((const char *)); -#endif /* !STDC_HEADERS */ - -/* - * Global variables (yuck) - */ -#if defined(HAVE_GETPRPWNAM) && defined(__alpha) -int crypt_type = INT_MAX; -#endif /* HAVE_GETPRPWNAM && __alpha */ - - -/* - * Local functions not visible outside getspwuid.c - */ -static char *sudo_getshell __P((struct passwd *)); -static char *sudo_getepw __P((struct passwd *)); - - - -/********************************************************************** - * - * sudo_getshell() - * - * This function returns the user's shell based on either the - * SHELL evariable or the passwd(5) entry (in that order). - */ - -static char *sudo_getshell(pw) - struct passwd *pw; -{ - char *pw_shell; - - if ((pw_shell = getenv("SHELL")) == NULL) - pw_shell = pw -> pw_shell; - -#ifdef _PATH_BSHELL - /* empty string "" means bourne shell */ - if (*pw_shell == '\0') - pw_shell = _PATH_BSHELL; -#endif /* _PATH_BSHELL */ - - return(pw_shell); -} - - -/********************************************************************** - * - * sudo_getepw() - * - * This function returns the encrypted password for the user described - * by pw. If there is a shadow password it is returned, else the - * normal UN*X password is returned instead. - */ - -static char *sudo_getepw(pw) - struct passwd *pw; -{ - - /* if there is a function to check for shadow enabled, use it... */ -#ifdef HAVE_ISCOMSEC - if (!iscomsec()) - return(pw->pw_passwd); -#endif /* HAVE_ISCOMSEC */ -#ifdef HAVE_ISSECURE - if (!issecure()) - return(pw->pw_passwd); -#endif /* HAVE_ISSECURE */ - -#ifdef HAVE_GETPRPWNAM - { - struct pr_passwd *spw; - - spw = getprpwnam(pw->pw_name); - if (spw != NULL && spw->ufld.fd_encrypt != NULL) { -# ifdef __alpha - crypt_type = spw -> ufld.fd_oldcrypt; -# endif /* __alpha */ - return(spw -> ufld.fd_encrypt); - } - } -#endif /* HAVE_GETPRPWNAM */ -#ifdef HAVE_GETSPNAM - { - struct spwd *spw; - - if ((spw = getspnam(pw -> pw_name)) && spw -> sp_pwdp) - return(spw -> sp_pwdp); - } -#endif /* HAVE_GETSPNAM */ -#ifdef HAVE_GETSPWUID - { - struct s_passwd *spw; - - if ((spw = getspwuid(pw -> pw_uid)) && spw -> pw_passwd) - return(spw -> pw_passwd); - } -#endif /* HAVE_GETSPWUID */ -#ifdef HAVE_GETPWANAM - { - struct passwd_adjunct *spw; - - if ((spw = getpwanam(pw -> pw_name)) && spw -> pwa_passwd) - return(spw -> pwa_passwd); - } -#endif /* HAVE_GETPWANAM */ -#ifdef HAVE_GETAUTHUID - { - AUTHORIZATION *spw; - - if ((spw = getauthuid(pw -> pw_uid)) && spw -> a_password) - return(spw -> a_password); - } -#endif /* HAVE_GETAUTHUID */ - - /* Fall back on normal passwd */ - return(pw->pw_passwd); -} - - -/********************************************************************** - * - * sudo_getpwuid() - * - * This function dynamically allocates space for a struct password - * and the constituent parts that we care about. If shadow passwords - * are in use, it substitutes the shadow password for pw_passwd. - */ - -struct passwd *sudo_getpwuid(uid) - uid_t uid; -{ - struct passwd *pw, *local_pw; - - if ((pw = getpwuid(uid)) == NULL) - return(NULL); - - /* allocate space for a local copy of pw */ - local_pw = (struct passwd *) emalloc(sizeof(struct passwd)); - - /* - * Copy the struct passwd and the interesting strings... - */ - (void) memcpy(local_pw, pw, sizeof(struct passwd)); - local_pw->pw_name = estrdup(pw->pw_name); - local_pw->pw_dir = estrdup(pw->pw_dir); - - /* pw_shell is a special case since we overide with $SHELL */ - local_pw->pw_shell = estrdup(sudo_getshell(pw)); - - /* pw_passwd gets a shadow password if applicable */ - local_pw->pw_passwd = estrdup(sudo_getepw(pw)); - - return(local_pw); -} diff --git a/gnu/usr.bin/sudo/sudo/goodpath.c b/gnu/usr.bin/sudo/sudo/goodpath.c deleted file mode 100644 index ce914d6e10d..00000000000 --- a/gnu/usr.bin/sudo/sudo/goodpath.c +++ /dev/null @@ -1,100 +0,0 @@ -/* $OpenBSD: goodpath.c,v 1.9 1999/03/29 20:29:03 millert Exp $ */ - -/* - * CU sudo version 1.5.9 - * Copyright (c) 1996, 1998, 1999 Todd C. Miller <Todd.Miller@courtesan.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 1, or (at your option) - * any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - * - * Please send bugs, changes, problems to sudo-bugs@courtesan.com - * - ******************************************************************* - * - * This module contains sudo_goodpath(3) - * - * sudo_goodpath(3) takes a path to check and returns its argument - * if the path is stat(2)'able, a regular file, and executable by - * root. The string's size should be <= MAXPATHLEN. - * - * Todd C. Miller <Todd.Miller@courtesan.com> Sat Mar 25 21:58:17 MST 1995 - */ - -#include "config.h" - -#include <stdio.h> -#ifdef HAVE_UNISTD_H -#include <unistd.h> -#endif /* HAVE_UNISTD_H */ -#ifdef HAVE_STRING_H -#include <string.h> -#endif /* HAVE_STRING_H */ -#ifdef HAVE_STRINGS_H -#include <strings.h> -#endif /* HAVE_STRINGS_H */ -#include <errno.h> -#include <sys/types.h> -#include <sys/stat.h> -#include <sys/param.h> -#include <netinet/in.h> - -#include "sudo.h" - -#ifndef STDC_HEADERS -extern int stat __P((const char *, struct stat *)); -#endif /* !STDC_HEADERS */ - -#ifndef lint -static const char rcsid[] = "$Sudo: goodpath.c,v 1.31 1999/03/29 04:05:08 millert Exp $"; -#endif /* lint */ - -/****************************************************************** - * - * sudo_goodpath() - * - * this function takes a path and makes sure it describes a a file - * that is a normal file and executable by root. - */ - -char * sudo_goodpath(path) - const char * path; -{ - struct stat statbuf; /* for stat(2) */ - int err; /* if stat(2) got an error */ - - /* check for brain damage */ - if (path == NULL || path[0] == '\0') - return(NULL); - - /* we need to be root for the stat */ - set_perms(PERM_ROOT, 0); - - err = stat(path, &statbuf); - - /* discard root perms */ - set_perms(PERM_USER, 0); - - /* stat(3) failed */ - if (err) - return(NULL); - - /* make sure path describes an executable regular file */ - if (S_ISREG(statbuf.st_mode) && (statbuf.st_mode & 0000111)) { - return((char *)path); - } else { - /* file is not executable/regular */ - errno = EACCES; - return(NULL); - } -} diff --git a/gnu/usr.bin/sudo/sudo/ins_2001.h b/gnu/usr.bin/sudo/sudo/ins_2001.h deleted file mode 100644 index 9ece577ae47..00000000000 --- a/gnu/usr.bin/sudo/sudo/ins_2001.h +++ /dev/null @@ -1,42 +0,0 @@ -/* $OpenBSD: ins_2001.h,v 1.9 1999/03/29 20:29:03 millert Exp $ */ - -/* - * CU sudo version 1.5.9 - * Copyright (c) 1996, 1998, 1999 Todd C. Miller <Todd.Miller@courtesan.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 1, or (at your option) - * any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - * - * Please send bugs, changes, problems to sudo-bugs@courtesan.com - * - * $Sudo: ins_2001.h,v 1.25 1999/03/29 04:05:09 millert Exp $ - */ - -#ifndef _SUDO_INS_2001_H -#define _SUDO_INS_2001_H - - /* - * HAL insults (paraphrased) from 2001. - */ - - "Just what do you think you're doing Dave?", - "It can only be attributed to human error.", - "That's something I cannot allow to happen.", - "My mind is going. I can feel it.", - "Sorry about this, I know it's a bit silly.", - "Take a stress pill and think things over.", - "This mission is too important for me to allow you to jeopardize it.", - "I feel much better now.", - -#endif /* _SUDO_INS_2001_H */ diff --git a/gnu/usr.bin/sudo/sudo/ins_classic.h b/gnu/usr.bin/sudo/sudo/ins_classic.h deleted file mode 100644 index 03334947d2f..00000000000 --- a/gnu/usr.bin/sudo/sudo/ins_classic.h +++ /dev/null @@ -1,42 +0,0 @@ -/* $OpenBSD: ins_classic.h,v 1.9 1999/03/29 20:29:03 millert Exp $ */ - -/* - * CU sudo version 1.5.9 - * Copyright (c) 1996, 1998, 1999 Todd C. Miller <Todd.Miller@courtesan.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 1, or (at your option) - * any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - * - * Please send bugs, changes, problems to sudo-bugs@courtesan.com - * - * $Sudo: ins_classic.h,v 1.25 1999/03/29 04:05:09 millert Exp $ - */ - -#ifndef _SUDO_INS_CLASSIC_H -#define _SUDO_INS_CLASSIC_H - - /* - * Insults from the original sudo(8). - */ - - "Wrong! You cheating scum!", - "No soap, honkie-lips.", - "Where did you learn to type?", - "Are you on drugs?", - "My pet ferret can type better than you!", - "You type like i drive.", - "Do you think like you type?", - "Your mind just hasn't been the same since the electro-shock, has it?", - -#endif /* _SUDO_INS_CLASSIC_H */ diff --git a/gnu/usr.bin/sudo/sudo/ins_csops.h b/gnu/usr.bin/sudo/sudo/ins_csops.h deleted file mode 100644 index 884fd6a1ce7..00000000000 --- a/gnu/usr.bin/sudo/sudo/ins_csops.h +++ /dev/null @@ -1,43 +0,0 @@ -/* $OpenBSD: ins_csops.h,v 1.9 1999/03/29 20:29:04 millert Exp $ */ - -/* - * CU sudo version 1.5.9 - * Copyright (c) 1996, 1998, 1999 Todd C. Miller <Todd.Miller@courtesan.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 1, or (at your option) - * any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - * - * Please send bugs, changes, problems to sudo-bugs@courtesan.com - * - * $Sudo: ins_csops.h,v 1.24 1999/03/29 04:05:09 millert Exp $ - */ - -#ifndef _SUDO_INS_CSOPS_H -#define _SUDO_INS_CSOPS_H - - /* - * CSOps insults (may be site dependent). - */ - - "Maybe if you used more than just two fingers...", - "BOB says: You seem to have forgotten your passwd, enter another!", - "stty: unknown mode: doofus", - "I can't hear you -- I'm using the scrambler.", - "The more you drive -- the dumber you get.", - "Listen, burrito brains, I don't have time to listen to this trash.", - "I've seen penguins that can type better than that.", - "Have you considered trying to match wits with a rutabaga?", - "You speak an infinite deal of nothing", - -#endif /* _SUDO_INS_CSOPS_H */ diff --git a/gnu/usr.bin/sudo/sudo/ins_goons.h b/gnu/usr.bin/sudo/sudo/ins_goons.h deleted file mode 100644 index 99149956050..00000000000 --- a/gnu/usr.bin/sudo/sudo/ins_goons.h +++ /dev/null @@ -1,57 +0,0 @@ -/* $OpenBSD: ins_goons.h,v 1.9 1999/03/29 20:29:04 millert Exp $ */ - -/* - * CU sudo version 1.5.9 - * Copyright (c) 1996, 1998, 1999 Todd C. Miller <Todd.Miller@courtesan.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 1, or (at your option) - * any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - * - * Please send bugs, changes, problems to sudo-bugs@courtesan.com - * - * $Sudo: ins_goons.h,v 1.25 1999/03/29 04:05:09 millert Exp $ - */ - -#ifndef _SUDO_INS_GOONS_H -#define _SUDO_INS_GOONS_H - - /* - * Insults from the "Goon Show." - */ - - "You silly, twisted boy you.", - "He has fallen in the water!", - "We'll all be murdered in our beds!", - "You can't come in. Our tiger has got flu", - "I don't wish to know that.", - "What, what, what, what, what, what, what, what, what, what?", - "You can't get the wood, you know.", - "You'll starve!", - "... and it used to be so popular...", - "Pauses for audience applause, not a sausage", - "Hold it up to the light --- not a brain in sight!", - "Have a gorilla...", - "There must be cure for it!", - "There's a lot of it about, you know.", - "You do that again and see what happens...", - "Ying Tong Iddle I Po", - "Harm can come to a young lad like that!", - "And with that remarks folks, the case of the Crown vs yourself was proven.", - "Speak English you fool --- there are no subtitles in this scene.", - "You gotta go owwwww!", - "I have been called worse.", - "It's only your word against mine.", - "I think ... err ... I think ... I think I'll go home", - -#endif /* _SUDO_INS_GOONS_H */ diff --git a/gnu/usr.bin/sudo/sudo/insults.h b/gnu/usr.bin/sudo/sudo/insults.h deleted file mode 100644 index a7085c32d0b..00000000000 --- a/gnu/usr.bin/sudo/sudo/insults.h +++ /dev/null @@ -1,69 +0,0 @@ -/* $OpenBSD: insults.h,v 1.9 1999/03/29 20:29:04 millert Exp $ */ - -/* - * CU sudo version 1.5.9 - * Copyright (c) 1994,1996,1998,1999 Todd C. Miller <Todd.Miller@courtesan.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 1, or (at your option) - * any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - * - * Please send bugs, changes, problems to sudo-bugs@courtesan.com - * - * $Sudo: insults.h,v 1.39 1999/03/29 04:05:09 millert Exp $ - */ - -#ifndef _SUDO_INSULTS_H -#define _SUDO_INSULTS_H - -#ifdef USE_INSULTS - -/* - * Use one or more set of insults as determined by configure - */ - -char *insults[] = { - -# ifdef HAL_INSULTS -# include "ins_2001.h" -# endif - -# ifdef GOONS_INSULTS -# include "ins_goons.h" -# endif - -# ifdef CLASSIC_INSULTS -# include "ins_classic.h" -# endif - -# ifdef CSOPS_INSULTS -# include "ins_csops.h" -# endif - - (char *) 0 - -}; - -/* - * How may I insult you? Let me count the ways... - */ -#define NOFINSULTS (sizeof(insults) / sizeof(insults[0]) - 1) - -/* - * return a pseudo-random insult. - */ -#define INSULT (insults[time(NULL) % NOFINSULTS]) - -#endif /* USE_INSULTS */ - -#endif /* _SUDO_INSULTS_H */ diff --git a/gnu/usr.bin/sudo/sudo/interfaces.c b/gnu/usr.bin/sudo/sudo/interfaces.c deleted file mode 100644 index 91f89716872..00000000000 --- a/gnu/usr.bin/sudo/sudo/interfaces.c +++ /dev/null @@ -1,256 +0,0 @@ -/* $OpenBSD: interfaces.c,v 1.11 1999/03/29 20:29:04 millert Exp $ */ - -/* - * CU sudo version 1.5.9 - * Copyright (c) 1996, 1998, 1999 Todd C. Miller <Todd.Miller@courtesan.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 1, or (at your option) - * any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - * - * Please send bugs, changes, problems to sudo-bugs@courtesan.com - * - ******************************************************************* - * - * This module contains load_interfaces() a function that - * fills the interfaces global with a list of active ip - * addresses and their associated netmasks. - * - * Todd C. Miller Mon May 1 20:48:43 MDT 1995 - */ - -#include "config.h" - -#include <stdio.h> -#ifdef STDC_HEADERS -#include <stdlib.h> -#endif /* STDC_HEADERS */ -#ifdef HAVE_UNISTD_H -#include <unistd.h> -#endif /* HAVE_UNISTD_H */ -#ifdef HAVE_STRING_H -#include <string.h> -#endif /* HAVE_STRING_H */ -#ifdef HAVE_STRINGS_H -#include <strings.h> -#endif /* HAVE_STRINGS_H */ -#include <netdb.h> -#include <errno.h> -#include <sys/types.h> -#include <sys/socket.h> -#include <sys/param.h> -#include <sys/time.h> -#include <sys/ioctl.h> -#if defined(HAVE_SYS_SOCKIO_H) && !defined(SIOCGIFCONF) -#include <sys/sockio.h> -#endif -#ifdef _ISC -#include <sys/stream.h> -#include <sys/sioctl.h> -#include <sys/stropts.h> -#include <net/errno.h> -#define STRSET(cmd, param, len) {strioctl.ic_cmd=(cmd);\ - strioctl.ic_dp=(param);\ - strioctl.ic_timout=0;\ - strioctl.ic_len=(len);} -#endif /* _ISC */ -#ifdef _MIPS -#include <net/soioctl.h> -#endif /* _MIPS */ -#include <netinet/in.h> -#include <arpa/inet.h> -#include <net/if.h> - -#include "sudo.h" -#include "version.h" - -#ifndef lint -static const char rcsid[] = "$Sudo: interfaces.c,v 1.52 1999/03/29 04:05:09 millert Exp $"; -#endif /* lint */ - -/* - * Globals - */ -struct interface *interfaces; -int num_interfaces = 0; -extern int Argc; -extern char **Argv; - - -#if defined(SIOCGIFCONF) && !defined(STUB_LOAD_INTERFACES) -/********************************************************************** - * - * load_interfaces() - * - * This function sets the interfaces global variable - * and sets the constituent ip addrs and netmasks. - */ - -void load_interfaces() -{ - struct ifconf *ifconf; - struct ifreq *ifr, ifr_tmp; - struct sockaddr_in *sin; - int sock, n, i; - size_t len = sizeof(struct ifconf) + BUFSIZ; - char *previfname = "", *ifconf_buf = NULL; -#ifdef _ISC - struct strioctl strioctl; -#endif /* _ISC */ - - sock = socket(AF_INET, SOCK_DGRAM, 0); - if (sock < 0) { - perror("socket"); - exit(1); - } - - /* - * get interface configuration or return (leaving interfaces NULL) - */ - for (;;) { - ifconf_buf = erealloc(ifconf_buf, len); - ifconf = (struct ifconf *) ifconf_buf; - ifconf->ifc_len = len - sizeof(struct ifconf); - ifconf->ifc_buf = (caddr_t) (ifconf_buf + sizeof(struct ifconf)); - - /* networking may not be installed in kernel */ -#ifdef _ISC - STRSET(SIOCGIFCONF, (caddr_t) ifconf, len); - if (ioctl(sock, I_STR, (caddr_t) &strioctl) < 0) { -#else - if (ioctl(sock, SIOCGIFCONF, (caddr_t) ifconf) < 0) { -#endif /* _ISC */ - (void) free(ifconf_buf); - (void) close(sock); - return; - } - - /* break out of loop if we have a big enough buffer */ - if (ifconf->ifc_len + sizeof(struct ifreq) < len) - break; - len += BUFSIZ; - } - - /* - * get the maximum number of interfaces that *could* exist. - */ - n = ifconf->ifc_len / sizeof(struct ifreq); - - /* - * allocate space for interfaces array - */ - interfaces = (struct interface *) emalloc(sizeof(struct interface) * n); - - /* - * for each interface, store the ip address and netmask - */ - for (i = 0; i < ifconf->ifc_len; ) { - /* get a pointer to the current interface */ - ifr = (struct ifreq *) &ifconf->ifc_buf[i]; - - /* set i to the subscript of the next interface */ - i += sizeof(struct ifreq); -#ifdef HAVE_SA_LEN - if (ifr->ifr_addr.sa_len > sizeof(ifr->ifr_addr)) - i += ifr->ifr_addr.sa_len - sizeof(struct sockaddr); -#endif /* HAVE_SA_LEN */ - - /* skip duplicates and interfaces with NULL addresses */ - sin = (struct sockaddr_in *) &ifr->ifr_addr; - if (sin->sin_addr.s_addr == 0 || - strncmp(previfname, ifr->ifr_name, sizeof(ifr->ifr_name) - 1) == 0) - continue; - - /* skip non-ip things */ - if (ifr->ifr_addr.sa_family != AF_INET) - continue; - - /* - * make sure the interface is up, skip if not. - */ -#ifdef SIOCGIFFLAGS - memset(&ifr_tmp, 0, sizeof(ifr_tmp)); - strncpy(ifr_tmp.ifr_name, ifr->ifr_name, sizeof(ifr_tmp.ifr_name) - 1); - if (ioctl(sock, SIOCGIFFLAGS, (caddr_t) &ifr_tmp) < 0) -#endif - ifr_tmp = *ifr; - - /* skip interfaces marked "down" and "loopback" */ - if (!(ifr_tmp.ifr_flags & IFF_UP) || (ifr_tmp.ifr_flags & IFF_LOOPBACK)) - continue; - - /* store the ip address */ - sin = (struct sockaddr_in *) &ifr->ifr_addr; - interfaces[num_interfaces].addr.s_addr = sin->sin_addr.s_addr; - - /* stash the name of the interface we saved */ - previfname = ifr->ifr_name; - - /* get the netmask */ - (void) memset(&ifr_tmp, 0, sizeof(ifr_tmp)); - strncpy(ifr_tmp.ifr_name, ifr->ifr_name, sizeof(ifr_tmp.ifr_name) - 1); -#ifdef SIOCGIFNETMASK -#ifdef _ISC - STRSET(SIOCGIFNETMASK, (caddr_t) &ifr_tmp, sizeof(ifr_tmp)); - if (ioctl(sock, I_STR, (caddr_t) &strioctl) == 0) { -#else - if (ioctl(sock, SIOCGIFNETMASK, (caddr_t) &ifr_tmp) == 0) { -#endif /* _ISC */ - sin = (struct sockaddr_in *) &ifr_tmp.ifr_addr; - - /* store the netmask */ - interfaces[num_interfaces].netmask.s_addr = sin->sin_addr.s_addr; - } else { -#else - { -#endif /* SIOCGIFNETMASK */ - if (IN_CLASSC(interfaces[num_interfaces].addr.s_addr)) - interfaces[num_interfaces].netmask.s_addr = htonl(IN_CLASSC_NET); - else if (IN_CLASSB(interfaces[num_interfaces].addr.s_addr)) - interfaces[num_interfaces].netmask.s_addr = htonl(IN_CLASSB_NET); - else - interfaces[num_interfaces].netmask.s_addr = htonl(IN_CLASSA_NET); - } - - /* only now can we be sure it was a good/interesting interface */ - num_interfaces++; - } - - /* if there were bogus entries, realloc the array */ - if (n != num_interfaces) { - /* it is unlikely that num_interfaces will be 0 but who knows... */ - if (num_interfaces != 0) - interfaces = (struct interface *) erealloc(interfaces, - sizeof(struct interface) * num_interfaces); - else - (void) free(interfaces); - } - (void) free(ifconf_buf); - (void) close(sock); -} - -#else /* !SIOCGIFCONF || STUB_LOAD_INTERFACES */ - -/********************************************************************** - * - * load_interfaces() - * - * Stub function for those without SIOCGIFCONF - */ - -void load_interfaces() -{ - return; -} - -#endif /* SIOCGIFCONF && !STUB_LOAD_INTERFACES */ diff --git a/gnu/usr.bin/sudo/sudo/logging.c b/gnu/usr.bin/sudo/sudo/logging.c deleted file mode 100644 index 918abab8618..00000000000 --- a/gnu/usr.bin/sudo/sudo/logging.c +++ /dev/null @@ -1,752 +0,0 @@ -/* $OpenBSD: logging.c,v 1.10 1999/03/29 20:29:04 millert Exp $ */ - -/* - * CU sudo version 1.5.9 (based on Root Group sudo version 1.1) - * Copyright (c) 1994,1996,1998,1999 Todd C. Miller <Todd.Miller@courtesan.com> - * - * This software comes with no waranty whatsoever, use at your own risk. - * - * Please send bugs, changes, problems to sudo-bugs@courtesan.com - * - */ - -/* - * sudo version 1.1 allows users to execute commands as root - * Copyright (C) 1991 The Root Group, Inc. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 1, or (at your option) - * any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - * - **************************************************************** - * - * logging.c - * - * this file supports the general logging facilities - * if you want to change any error messages, this is probably - * the place to be... - * - * Jeff Nieusma Thu Mar 21 23:39:04 MST 1991 - */ - -#include "config.h" - -#include <stdio.h> -#ifdef STDC_HEADERS -#include <stdlib.h> -#endif /* STDC_HEADERS */ -#ifdef HAVE_UNISTD_H -#include <unistd.h> -#endif /* HAVE_UNISTD_H */ -#ifdef HAVE_STRING_H -#include <string.h> -#endif /* HAVE_STRING_H */ -#ifdef HAVE_STRINGS_H -#include <strings.h> -#endif /* HAVE_STRINGS_H */ -#include <pwd.h> -#include <signal.h> -#include <time.h> -#include <errno.h> -#include <sys/types.h> -#include <sys/param.h> -#include <sys/stat.h> -#include <sys/wait.h> -#include <netinet/in.h> - -#include "sudo.h" - -#ifndef lint -static const char rcsid[] = "$Sudo: logging.c,v 1.112 1999/03/29 04:05:10 millert Exp $"; -#endif /* lint */ - -/* - * Prototypes for local functions - */ -static void send_mail __P((void)); -static RETSIGTYPE reapchild __P((int)); -static int appropriate __P((int)); -#ifdef BROKEN_SYSLOG -static void syslog_wrapper __P((int, char *, char *, char *)); -#endif /* BROKEN_SYSLOG */ - -/* - * Globals - */ -static char *logline; -extern int errorlineno; - -#ifdef BROKEN_SYSLOG -#define MAXSYSLOGTRIES 16 /* num of retries for broken syslogs */ -#define SYSLOG(a,b,c,d) syslog_wrapper(a,b,c,d) - -/**************************************************************** - * - * syslog_wrapper() - * - * This function logs via syslog w/ a priority and 3 strings args. - * It really shouldn't be necesary but some syslog()'s don't - * guarantee that the syslog() operation will succeed! - */ - -static void syslog_wrapper(pri, fmt, arg1, arg2) - int pri; - char *fmt; - char *arg1; - char *arg2; -{ - int i; - - for (i = 0; i < MAXSYSLOGTRIES; i++) - if (syslog(pri, fmt, arg1, arg2) == 0) - break; -} -#else -#define SYSLOG(a,b,c,d) syslog(a,b,c,d) -#endif /* BROKEN_SYSLOG */ - - - -/********************************************************************** - * - * log_error() - * - * This function attempts to deliver mail to ALERTMAIL and either - * syslogs the error or writes it to the log file - */ - -void log_error(code) - int code; -{ - char *p; - int count, header_length; - time_t now; -#if (LOGGING & SLOG_FILE) - mode_t oldmask; - FILE *fp; -#endif /* LOGGING & SLOG_FILE */ -#if (LOGGING & SLOG_SYSLOG) - int pri = Syslog_priority_NO; /* syslog priority, assume the worst */ - char *tmp, save; -#endif /* LOGGING & SLOG_SYSLOG */ - - /* - * length of syslog-like header info used for mail and file logs - * is len("DDD MM HH:MM:SS : username : ") with an additional - * len("HOST=hostname : ") if HOST_IN_LOG is defined. - */ - header_length = 21 + strlen(user_name); -#ifdef HOST_IN_LOG - header_length += 8 + strlen(shost); -#endif - - /* - * Allocate enough memory for logline so we won't overflow it - */ - count = header_length + 136 + 2 * MAXPATHLEN + strlen(tty) + strlen(cwd) + - strlen(runas_user); - if (cmnd_args) - count += strlen(cmnd_args); - logline = (char *) emalloc(count); - - /* - * we will skip this stuff when using syslog(3) but it is - * necesary for mail and file logs. - */ - now = time((time_t) 0); - p = ctime(&now) + 4; -#ifdef HOST_IN_LOG - (void) sprintf(logline, "%15.15s : %s : HOST=%s : ", p, user_name, shost); -#else - (void) sprintf(logline, "%15.15s : %s : ", p, user_name); -#endif - - /* - * we need a pointer to the end of logline for cheap appends. - */ - p = logline + header_length; - - switch (code) { - - case ALL_SYSTEMS_GO: - (void) sprintf(p, "TTY=%s ; PWD=%s ; USER=%s ; COMMAND=", - tty, cwd, runas_user); -#if (LOGGING & SLOG_SYSLOG) - pri = Syslog_priority_OK; -#endif /* LOGGING & SLOG_SYSLOG */ - break; - - case VALIDATE_NO_USER: - (void) sprintf(p, - "user NOT in sudoers ; TTY=%s ; PWD=%s ; USER=%s ; COMMAND=", - tty, cwd, runas_user); - break; - - case VALIDATE_NOT_OK: - (void) sprintf(p, - "command not allowed ; TTY=%s ; PWD=%s ; USER=%s ; COMMAND=", - tty, cwd, runas_user); - break; - - case VALIDATE_ERROR: - (void) sprintf(p, "error in %s, line %d ; TTY=%s ; PWD=%s ; USER=%s. ", - _PATH_SUDO_SUDOERS, errorlineno, tty, cwd, runas_user); - break; - - case GLOBAL_NO_PW_ENT: - (void) sprintf(p, - "There is no passwd entry for uid %ld (TTY=%s). ", - (long) user_uid, tty); - break; - - case PASSWORD_NOT_CORRECT: - (void) sprintf(p, - "password incorrect ; TTY=%s ; PWD=%s ; USER=%s ; COMMAND=", - tty, cwd, runas_user); - break; - - case PASSWORDS_NOT_CORRECT: - (void) sprintf(p, - "%d incorrect passwords ; TTY=%s ; PWD=%s ; USER=%s ; COMMAND=", - TRIES_FOR_PASSWORD, tty, cwd, runas_user); - break; - - case GLOBAL_NO_HOSTNAME: - strcat(p, "This machine does not have a hostname "); - break; - - case NO_SUDOERS_FILE: - switch (errno) { - case ENOENT: - (void) sprintf(p, "There is no %s file. ", - _PATH_SUDO_SUDOERS); - break; - case EACCES: - (void) sprintf(p, "Can't read %s. ", _PATH_SUDO_SUDOERS); - break; - default: - (void) sprintf(p, "There is a problem opening %s ", - _PATH_SUDO_SUDOERS); - break; - } - break; - - case GLOBAL_HOST_UNREGISTERED: - (void) sprintf(p, "gethostbyname() cannot find host %s ", host); - break; - - case SUDOERS_NOT_FILE: - (void) sprintf(p, "%s is not a regular file ", _PATH_SUDO_SUDOERS); - break; - - case SUDOERS_WRONG_OWNER: - (void) sprintf(p, "%s is not owned by uid %d and gid %d ", - _PATH_SUDO_SUDOERS, SUDOERS_UID, SUDOERS_GID); - break; - - case SUDOERS_WRONG_MODE: - (void) sprintf(p, "%s is not mode %o ", _PATH_SUDO_SUDOERS, - SUDOERS_MODE); - break; - - case SPOOF_ATTEMPT: - (void) sprintf(p, - "probable spoofing attempt; TTY=%s ; PWD=%s ; USER=%s ; COMMAND=", - tty, cwd, runas_user); - break; - - case BAD_STAMPDIR: - (void) sprintf(p, - "%s owned by non-root or not mode 0700; TTY=%s ; PWD=%s ; USER=%s ; COMMAND=", - _PATH_SUDO_TIMEDIR, tty, cwd, runas_user); - break; - - case BAD_STAMPFILE: - (void) sprintf(p, - "preposterous stampfile date; TTY=%s ; PWD=%s ; USER=%s ; COMMAND=", - tty, cwd, runas_user); - break; - - case BAD_ALLOCATION: - (void) sprintf(p, - "allocation failure; TTY=%s ; PWD=%s ; USER=%s ; COMMAND=", - tty, cwd, runas_user); - break; - -#ifdef HAVE_KERB5 - case GLOBAL_KRB5_INIT_ERR: - (void) sprintf(p, "Could not initialize Kerberos V"); - break; -#endif /* HAVE_KERB5 */ - - default: - strcat(p, "found a weird error : "); - break; - } - - - /* - * If this is a parse error or if the error is from load_globals() - * don't put argv in the message. - */ - if (code != VALIDATE_ERROR && !(code & GLOBAL_PROBLEM)) { - - /* stuff the command into the logline */ - p = logline + strlen(logline); - strcpy(p, cmnd); - - /* add a trailing space */ - p += strlen(cmnd); - *p++ = ' '; - *p = '\0'; - - /* cat on command args if they exist */ - if (cmnd_args) { - (void) strcpy(p, cmnd_args); - p += strlen(cmnd_args); - *p++ = ' '; - *p = '\0'; - } - } - -#if (LOGGING & SLOG_SYSLOG) -#ifdef Syslog_facility - openlog(Syslog_ident, Syslog_options, Syslog_facility); -#else - openlog(Syslog_ident, Syslog_options); -#endif /* Syslog_facility */ - - /* - * Log the full line, breaking into multiple syslog(3) calls if necesary - */ - p = &logline[header_length]; /* skip past the date, host, and user */ - for (count = 0; count < strlen(logline) / MAXSYSLOGLEN + 1; count++) { - if (strlen(p) > MAXSYSLOGLEN) { - /* - * Break up the line into what will fit on one syslog(3) line - * Try to break on a word boundary if possible. - */ - for (tmp = p + MAXSYSLOGLEN; tmp > p && *tmp != ' '; tmp--) - ; - if (tmp <= p) - tmp = p + MAXSYSLOGLEN; - - /* NULL terminate line, but save the char to restore later */ - save = *tmp; - *tmp = '\0'; - - if (count == 0) - SYSLOG(pri, "%8.8s : %s", user_name, p); - else - SYSLOG(pri, "%8.8s : (command continued) %s", user_name, p); - - *tmp = save; /* restore saved character */ - - /* eliminate leading whitespace */ - for (p=tmp; *p != ' '; p++) - ; - } else { - if (count == 0) - SYSLOG(pri, "%8.8s : %s", user_name, p); - else - SYSLOG(pri, "%8.8s : (command continued) %s", user_name, p); - } - } - closelog(); -#endif /* LOGGING & SLOG_SYSLOG */ -#if (LOGGING & SLOG_FILE) - - /* become root */ - set_perms(PERM_ROOT, 0); - - oldmask = umask(077); - fp = fopen(_PATH_SUDO_LOGFILE, "a"); - (void) umask(oldmask); - if (fp == NULL) { - (void) sprintf(logline, "Can\'t open log file: %s", _PATH_SUDO_LOGFILE); - send_mail(); - } else { - char *beg, *oldend, *end; - int maxlen = MAXLOGFILELEN; - -#ifndef WRAP_LOG - (void) fprintf(fp, "%s\n", logline); -#else - /* - * Print out logline with word wrap - */ - beg = end = logline; - while (beg) { - oldend = end; - end = strchr(oldend, ' '); - - if (maxlen > 0 && end) { - *end = '\0'; - if (strlen(beg) > maxlen) { - /* too far, need to back up & print the line */ - - if (beg == (char *)logline) - maxlen -= 4; /* don't indent first line */ - - *end = ' '; - if (oldend != beg) { - /* rewind & print */ - end = oldend-1; - while (*end == ' ') - --end; - *(++end) = '\0'; - (void) fprintf(fp, "%s\n ", beg); - *end = ' '; - } else { - (void) fprintf(fp, "%s\n ", beg); - } - - /* reset beg to point to the start of the new substring */ - beg = end; - while (*beg == ' ') - ++beg; - } else { - /* we still have room */ - *end = ' '; - } - - /* remove leading whitespace */ - while (*end == ' ') - ++end; - } else { - /* final line */ - (void) fprintf(fp, "%s\n", beg); - beg = NULL; /* exit condition */ - } - } -#endif - - (void) fclose(fp); - } - - /* relinquish root */ - set_perms(PERM_USER, 0); -#endif /* LOGGING & SLOG_FILE */ - - /* send mail if appropriate */ - if (appropriate(code)) - send_mail(); -} - - - -#ifdef _PATH_SENDMAIL -/********************************************************************** - * - * send_mail() - * - * This function attempts to mail to ALERTMAIL about the sudo error - * - */ - -static char *mail_argv[] = { "sendmail", "-t", (char *) NULL }; - -static void send_mail() -{ - char *mailer = _PATH_SENDMAIL; - char *subject = MAILSUBJECT; - int fd[2]; - char *p; -#ifdef POSIX_SIGNALS - struct sigaction action; - - (void) memset((VOID *)&action, 0, sizeof(action)); -#endif /* POSIX_SIGNALS */ - - /* catch children as they die */ -#ifdef POSIX_SIGNALS - action.sa_handler = reapchild; - (void) sigaction(SIGCHLD, &action, NULL); -#else - (void) signal(SIGCHLD, reapchild); -#endif /* POSIX_SIGNALS */ - - if (fork()) - return; - - /* - * we don't want any security problems ... - */ - set_perms(PERM_FULL_USER, 0); - -#ifdef POSIX_SIGNALS - action.sa_handler = SIG_IGN; - (void) sigaction(SIGHUP, &action, NULL); - (void) sigaction(SIGINT, &action, NULL); - (void) sigaction(SIGQUIT, &action, NULL); -#else - (void) signal(SIGHUP, SIG_IGN); - (void) signal(SIGINT, SIG_IGN); - (void) signal(SIGQUIT, SIG_IGN); -#endif /* POSIX_SIGNALS */ - - if (pipe(fd)) { - perror("send_mail: pipe"); - exit(1); - } - (void) dup2(fd[0], 0); - (void) dup2(fd[1], 1); - (void) close(fd[0]); - (void) close(fd[1]); - - if (!fork()) { /* child */ - (void) close(1); - EXEC(mailer, mail_argv); - - /* this should not happen */ - perror(mailer); - exit(1); - } else { /* parent */ - (void) close(0); - - /* feed the data to sendmail */ - /* XXX - do we need to fdopen this fd #1 to a new stream??? */ - (void) fprintf(stdout, "To: %s\nSubject: ", ALERTMAIL); - p = subject; - while (*p) { - /* expand %h -> hostname in subject */ - if (*p == '%' && *(p+1) == 'h') { - (void) fputs(host, stdout); - p++; - } else - (void) fputc(*p, stdout); - p++; - } - (void) fprintf(stdout, "\n\n%s : %s\n\n", host, logline); - fclose(stdout); - - exit(0); - } -} -#else -static void send_mail() -{ - /* no mailer defined */ - return; -} -#endif /* _PATH_SENDMAIL */ - - - -/**************************************************************** - * - * reapchild() - * - * This function gets rid of all the ugly zombies - */ - -static RETSIGTYPE reapchild(sig) - int sig; -{ - int pid, status, save_errno = errno; - -#ifdef sudo_waitpid - do { - pid = sudo_waitpid(-1, &status, WNOHANG); - } while (pid == -1); -#else - (void) wait(NULL); -#endif -#ifndef POSIX_SIGNALS - (void) signal(SIGCHLD, reapchild); -#endif /* POSIX_SIGNALS */ - errno = save_errno; -} - - - -/********************************************************************** - * - * inform_user () - * - * This function lets the user know what is happening - * when an error occurs - */ - -void inform_user(code) - int code; -{ - switch (code) { - case VALIDATE_NO_USER: - (void) fprintf(stderr, - "%s is not in the sudoers file. This incident will be reported.\n\n", - user_name); - break; - - case VALIDATE_NOT_OK: - (void) fprintf(stderr, - "Sorry, user %s is not allowed to execute \"%s", - user_name, cmnd); - - /* print command args if they exist */ - if (cmnd_args) { - fputc(' ', stderr); - fputs(cmnd_args, stderr); - } - - (void) fprintf(stderr, "\" as %s on %s.\n\n", runas_user, host); - break; - - case VALIDATE_ERROR: - (void) fprintf(stderr, - "Sorry, there is a fatal error in the sudoers file.\n\n"); - break; - - case GLOBAL_NO_PW_ENT: - (void) fprintf(stderr, - "Intruder Alert! You don't exist in the passwd file\n\n"); - break; - - case GLOBAL_NO_SPW_ENT: - (void) fprintf(stderr, - "Intruder Alert! You don't exist in the shadow passwd file\n\n"); - break; - - case GLOBAL_NO_HOSTNAME: - (void) fprintf(stderr, - "This machine does not have a hostname\n\n"); - break; - - case GLOBAL_HOST_UNREGISTERED: - (void) fprintf(stderr, - "This machine is not available via gethostbyname()\n\n"); - break; - - case PASSWORD_NOT_CORRECT: - (void) fprintf(stderr, "Password not entered correctly\n\n"); - break; - - case PASSWORDS_NOT_CORRECT: - (void) fprintf(stderr, "Password not entered correctly after %d tries\n\n", - TRIES_FOR_PASSWORD); - break; - - case NO_SUDOERS_FILE: - switch (errno) { - case ENOENT: - (void) fprintf(stderr, "There is no %s file.\n", - _PATH_SUDO_SUDOERS); - break; - default: - (void) fprintf(stderr, "Can't read %s: ", - _PATH_SUDO_SUDOERS); - perror(""); - break; - } - break; - - case SUDOERS_NOT_FILE: - (void) fprintf(stderr, - "%s is not a regular file!\n", _PATH_SUDO_SUDOERS); - break; - - case SUDOERS_WRONG_OWNER: - (void) fprintf(stderr, "%s is not owned by uid %d and gid %d!\n", - _PATH_SUDO_SUDOERS, SUDOERS_UID, SUDOERS_GID); - break; - - case SUDOERS_WRONG_MODE: - (void) fprintf(stderr, "%s must be mode %o!\n", _PATH_SUDO_SUDOERS, - SUDOERS_MODE); - break; - - case SPOOF_ATTEMPT: - (void) fprintf(stderr, - "%s is not the same command that was validated, disallowing.\n", - cmnd); - break; - - case BAD_STAMPDIR: - (void) fprintf(stderr, - "Timestamp directory has wrong permissions, ignoring.\n"); - break; - - case BAD_STAMPFILE: - (void) fprintf(stderr, - "Your timestamp file has a preposterous date, ignoring.\n"); - break; - - case BAD_ALLOCATION: - (void) fprintf(stderr, - "Resource allocation failure.\n"); - break; - - default: - (void) fprintf(stderr, - "Something weird happened.\n\n"); - break; - } -} - - - -/**************************************************************** - * - * appropriate() - * - * This function determines whether to send mail or not... - */ - -static int appropriate(code) - int code; -{ - - switch (code) { - - /* - * these will NOT send mail - */ - case VALIDATE_OK: - case VALIDATE_OK_NOPASS: - case PASSWORD_NOT_CORRECT: - case PASSWORDS_NOT_CORRECT: -/* case ALL_SYSTEMS_GO: this is the same as OK */ - return (0); - break; - - case VALIDATE_NO_USER: -#ifdef SEND_MAIL_WHEN_NO_USER - return (1); -#else - return (0); -#endif - break; - - case VALIDATE_NOT_OK: -#ifdef SEND_MAIL_WHEN_NOT_OK - return (1); -#else - return (0); -#endif - break; - - /* - * these WILL send mail - */ - case VALIDATE_ERROR: - case NO_SUDOERS_FILE: - case SPOOF_ATTEMPT: - case BAD_STAMPDIR: - case BAD_STAMPFILE: - case BAD_ALLOCATION: - default: - return (1); - break; - - } -} diff --git a/gnu/usr.bin/sudo/sudo/parse.c b/gnu/usr.bin/sudo/sudo/parse.c deleted file mode 100644 index 50046f9c138..00000000000 --- a/gnu/usr.bin/sudo/sudo/parse.c +++ /dev/null @@ -1,443 +0,0 @@ -/* $OpenBSD: parse.c,v 1.12 1999/03/30 17:26:21 millert Exp $ */ - -/* - * CU sudo version 1.5.9 - * Copyright (c) 1996, 1998, 1999 Todd C. Miller <Todd.Miller@courtesan.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 1, or (at your option) - * any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - * - * Please send bugs, changes, problems to sudo-bugs@courtesan.com - * - ******************************************************************* - * - * parse.c -- sudo parser frontend and comparison routines. - * - * Chris Jepeway <jepeway@cs.utk.edu> - */ - -#include "config.h" - -#include <stdio.h> -#ifdef STDC_HEADERS -# include <stdlib.h> -#endif /* STDC_HEADERS */ -#ifdef HAVE_UNISTD_H -# include <unistd.h> -#endif /* HAVE_UNISTD_H */ -#ifdef HAVE_STRING_H -# include <string.h> -#endif /* HAVE_STRING_H */ -#ifdef HAVE_STRINGS_H -# include <strings.h> -#endif /* HAVE_STRINGS_H */ -#if defined(HAVE_FNMATCH) && defined(HAVE_FNMATCH_H) -# include <fnmatch.h> -#else -# ifndef HAVE_FNMATCH -# include "emul/fnmatch.h" -# endif /* HAVE_FNMATCH */ -#endif /* HAVE_FNMATCH_H */ -#ifdef HAVE_NETGROUP_H -# include <netgroup.h> -#endif /* HAVE_NETGROUP_H */ -#include <ctype.h> -#include <pwd.h> -#include <grp.h> -#include <sys/param.h> -#include <sys/types.h> -#include <netinet/in.h> -#include <arpa/inet.h> -#include <netdb.h> -#include <sys/stat.h> -#if HAVE_DIRENT_H -# include <dirent.h> -# define NAMLEN(dirent) strlen((dirent)->d_name) -#else -# define dirent direct -# define NAMLEN(dirent) (dirent)->d_namlen -# if HAVE_SYS_NDIR_H -# include <sys/ndir.h> -# endif -# if HAVE_SYS_DIR_H -# include <sys/dir.h> -# endif -# if HAVE_NDIR_H -# include <ndir.h> -# endif -#endif - -#include "sudo.h" - -#ifndef lint -static const char rcsid[] = "$Sudo: parse.c,v 1.103 1999/03/30 17:17:53 millert Exp $"; -#endif /* lint */ - -/* - * Globals - */ -int parse_error = FALSE; -extern FILE *yyin, *yyout; -extern int printmatches; - -/* - * Prototypes - */ -static int has_meta __P((char *)); - void init_parser __P((void)); - -/* - * This routine is called from the sudo.c module and tries to validate - * the user, host and command triplet. - */ -int validate(check_cmnd) - int check_cmnd; -{ - int return_code; - - /* become sudoers file owner */ - set_perms(PERM_SUDOERS, 0); - - /* we opened _PATH_SUDO_SUDOERS in check_sudoers() so just rewind it */ - rewind(sudoers_fp); - yyin = sudoers_fp; - yyout = stdout; - - /* - * Allocate space for data structures in the parser. - */ - init_parser(); - - /* - * Need to be root while stat'ing things in the parser. - */ - set_perms(PERM_ROOT, 0); - return_code = yyparse(); - - /* - * Don't need to keep this open... - */ - (void) fclose(sudoers_fp); - sudoers_fp = NULL; - - /* relinquish extra privs */ - set_perms(PERM_USER, 0); - - if (return_code || parse_error) - return(VALIDATE_ERROR); - - /* - * Nothing on the top of the stack => user doesn't appear in sudoers. - * Allow anyone to try the psuedo commands "list" and "validate". - */ - if (top == 0) { - if (check_cmnd == TRUE) - return(VALIDATE_NO_USER); - else - return(VALIDATE_NOT_OK); - } - - /* - * Only check the actual command if the check_cmnd - * flag is set. It is not set for the "validate" - * and "list" pseudo-commands. Always check the - * host and user. - */ - if (check_cmnd == FALSE) - while (top) { - if (host_matches == TRUE) { - /* user may always do validate or list on allowed hosts */ - if (no_passwd == TRUE) - return(VALIDATE_OK_NOPASS); - else - return(VALIDATE_OK); - } - top--; - } - else - while (top) { - if (host_matches == TRUE) { - if (runas_matches == TRUE) { - if (cmnd_matches == TRUE) { - /* - * User was granted access to cmnd on host. - * If no passwd required return as such. - */ - if (no_passwd == TRUE) - return(VALIDATE_OK_NOPASS); - else - return(VALIDATE_OK); - } else if (cmnd_matches == FALSE) { - /* User was explicitly denied acces to cmnd on host. */ - return(VALIDATE_NOT_OK); - } - } - } - top--; - } - - /* - * we popped everything off the stack => - * user was mentioned, but not explicitly - * granted nor denied access => say no - */ - return(VALIDATE_NOT_OK); -} - - - -/* - * If path doesn't end in /, return TRUE iff cmnd & path name the same inode; - * otherwise, return TRUE if cmnd names one of the inodes in path. - */ -int command_matches(cmnd, user_args, path, sudoers_args) - char *cmnd; - char *user_args; - char *path; - char *sudoers_args; -{ - int plen; - struct stat pst; - DIR *dirp; - struct dirent *dent; - char buf[MAXPATHLEN]; - static char *c; - - /* don't bother with pseudo commands like "validate" */ - if (strchr(cmnd, '/') == NULL) - return(FALSE); - - plen = strlen(path); - - /* only need to stat cmnd once since it never changes */ - if (cmnd_st.st_dev == 0) { - if (stat(cmnd, &cmnd_st) < 0) - return(FALSE); - if ((c = strrchr(cmnd, '/')) == NULL) - c = cmnd; - else - c++; - } - - /* - * If the pathname has meta characters in it use fnmatch(3) - * to do the matching - */ - if (has_meta(path)) { - /* - * Return true if fnmatch(3) succeeds and there are no args - * (in sudoers or command) or if the args match; - * else return false. - */ - if (fnmatch(path, cmnd, FNM_PATHNAME)) - return(FALSE); - if (!sudoers_args) - return(TRUE); - else if (!user_args && sudoers_args && !strcmp("\"\"", sudoers_args)) - return(TRUE); - else if (sudoers_args) - return((fnmatch(sudoers_args, user_args ? user_args : "", 0) == 0)); - else - return(FALSE); - } else { - if (path[plen - 1] != '/') { - char *p; - - /* Only proceed if the basenames of cmnd and path are the same */ - if ((p = strrchr(path, '/')) == NULL) - p = path; - else - p++; - if (strcmp(c, p)) - return(FALSE); - - if (stat(path, &pst) < 0) - return(FALSE); - - /* - * Return true if inode/device matches and there are no args - * (in sudoers or command) or if the args match; - * else return false. - */ - if (cmnd_st.st_dev != pst.st_dev || cmnd_st.st_ino != pst.st_ino) - return(FALSE); - if (!sudoers_args) - return(TRUE); - else if (!user_args && sudoers_args && !strcmp("\"\"", sudoers_args)) - return(TRUE); - else if (sudoers_args) - return((fnmatch(sudoers_args, user_args ? user_args : "", 0) == 0)); - else - return(FALSE); - } - - /* - * Grot through path's directory entries, looking for cmnd. - */ - dirp = opendir(path); - if (dirp == NULL) - return(FALSE); - - while ((dent = readdir(dirp)) != NULL) { - /* ignore paths > MAXPATHLEN (XXX - log) */ - if (plen + NAMLEN(dent) >= sizeof(buf)) - continue; - strcpy(buf, path); - strcat(buf, dent->d_name); - - /* only stat if basenames are not the same */ - if (strcmp(c, dent->d_name)) - continue; - if (stat(buf, &pst) < 0) - continue; - if (cmnd_st.st_dev == pst.st_dev && cmnd_st.st_ino == pst.st_ino) - break; - } - - closedir(dirp); - return(dent != NULL); - } -} - - - -/* - * Returns TRUE if "n" is one of our ip addresses or if - * "n" is a network that we are on, else returns FALSE. - */ -int addr_matches(n) - char *n; -{ - int i; - char *m; - struct in_addr addr, mask; - - /* If there's an explicate netmask, use it. */ - if ((m = strchr(n, '/'))) { - *m++ = '\0'; - mask.s_addr = inet_addr(m); - addr.s_addr = inet_addr(n); - *(m - 1) = '/'; - - for (i = 0; i < num_interfaces; i++) - if ((interfaces[i].addr.s_addr & mask.s_addr) == addr.s_addr) - return(TRUE); - } else { - addr.s_addr = inet_addr(n); - - for (i = 0; i < num_interfaces; i++) - if (interfaces[i].addr.s_addr == addr.s_addr || - (interfaces[i].addr.s_addr & interfaces[i].netmask.s_addr) - == addr.s_addr) - return(TRUE); - } - - return(FALSE); -} - - - -/* - * Returns TRUE if the given user belongs to the named group, - * else returns FALSE. - */ -int usergr_matches(group, user) - char *group; - char *user; -{ - struct group *grp; - struct passwd *pw; - char **cur; - - /* make sure we have a valid usergroup, sudo style */ - if (*group++ != '%') - return(FALSE); - - if ((grp = getgrnam(group)) == NULL) - return(FALSE); - - /* - * Check against user's real gid as well as group's user list - */ - if ((pw = getpwnam(user)) == NULL) - return(FALSE); - - if (grp->gr_gid == pw->pw_gid) - return(TRUE); - - for (cur=grp->gr_mem; *cur; cur++) { - if (strcmp(*cur, user) == 0) - return(TRUE); - } - - return(FALSE); -} - - - -/* - * Returns TRUE if "host" and "user" belong to the netgroup "netgr", - * else return FALSE. Either of "host" or "user" may be NULL - * in which case that argument is not checked... - */ -int netgr_matches(netgr, host, user) - char *netgr; - char *host; - char *user; -{ -#ifdef HAVE_GETDOMAINNAME - static char *domain = (char *) -1; -#else - static char *domain = NULL; -#endif /* HAVE_GETDOMAINNAME */ - - /* make sure we have a valid netgroup, sudo style */ - if (*netgr++ != '+') - return(FALSE); - -#ifdef HAVE_GETDOMAINNAME - /* get the domain name (if any) */ - if (domain == (char *) -1) { - domain = (char *) emalloc(MAXHOSTNAMELEN); - if (getdomainname(domain, MAXHOSTNAMELEN) != 0 || *domain == '\0') { - (void) free(domain); - domain = NULL; - } - } -#endif /* HAVE_GETDOMAINNAME */ - -#ifdef HAVE_INNETGR - return(innetgr(netgr, host, user, domain)); -#else - return(FALSE); -#endif /* HAVE_INNETGR */ -} - - - -/* - * Returns TRUE if "s" has shell meta characters in it, - * else returns FALSE. - */ -static int has_meta(s) - char *s; -{ - register char *t; - - for (t = s; *t; t++) { - if (*t == '\\' || *t == '?' || *t == '*' || *t == '[' || *t == ']') - return(TRUE); - } - return(FALSE); -} diff --git a/gnu/usr.bin/sudo/sudo/parse.lex b/gnu/usr.bin/sudo/sudo/parse.lex deleted file mode 100644 index d247beb7e07..00000000000 --- a/gnu/usr.bin/sudo/sudo/parse.lex +++ /dev/null @@ -1,356 +0,0 @@ -%{ -/* $OpenBSD: parse.lex,v 1.10 1999/03/29 20:29:05 millert Exp $ */ - -/* - * CU sudo version 1.5.9 - * Copyright (c) 1996, 1998, 1999 Todd C. Miller <Todd.Miller@courtesan.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 1, or (at your option) - * any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - * - * Please send bugs, changes, problems to sudo-bugs@courtesan.com - * - ******************************************************************* - * - * parse.lex -- lexigraphical analyzer for sudo. - * - * Chris Jepeway <jepeway@cs.utk.edu> - */ - -#include "config.h" - -#ifdef STDC_HEADERS -#include <stdlib.h> -#endif /* STDC_HEADERS */ -#ifdef HAVE_UNISTD_H -#include <unistd.h> -#endif /* HAVE_UNISTD_H */ -#ifdef HAVE_STRING_H -#include <string.h> -#endif /* HAVE_STRING_H */ -#if defined(HAVE_MALLOC_H) && !defined(STDC_HEADERS) -#include <malloc.h> -#endif /* HAVE_MALLOC_H && !STDC_HEADERS */ -#include <ctype.h> -#include <sys/types.h> -#include <sys/param.h> -#include <netinet/in.h> -#include "sudo.h" -#include "sudo.tab.h" - -#ifndef lint -static const char rcsid[] = "$Sudo: parse.lex,v 1.88 1999/03/29 04:05:10 millert Exp $"; -#endif /* lint */ - -#undef yywrap /* guard against a yywrap macro */ - -extern YYSTYPE yylval; -extern int clearaliases; -int sudolineno = 1; -static int sawspace = 0; -static int arg_len = 0; -static int arg_size = 0; - -static void fill __P((char *, int)); -static void fill_cmnd __P((char *, int)); -static void fill_args __P((char *, int, int)); -extern void reset_aliases __P((void)); -extern void yyerror __P((char *)); - -/* realloc() to size + COMMANDARGINC to make room for command args */ -#define COMMANDARGINC 64 - -#ifdef TRACELEXER -#define LEXTRACE(msg) fputs(msg, stderr) -#else -#define LEXTRACE(msg) -#endif -%} - -OCTET [[:digit:]]{1,3} -DOTTEDQUAD {OCTET}(\.{OCTET}){3} -WORD [[:alnum:]_-]+ - -%e 4000 -%p 6000 -%k 3500 - -%s GOTCMND -%s GOTRUNAS - -%% -[ \t]+ { /* throw away space/tabs */ - sawspace = TRUE; /* but remember for fill_args */ - } - -\\[ \t]*\n { - sawspace = TRUE; /* remember for fill_args */ - ++sudolineno; - LEXTRACE("\n\t"); - } /* throw away EOL after \ */ - -<GOTCMND>\\[:\,=\\ \t] { - LEXTRACE("QUOTEDCHAR "); - fill_args(yytext + 1, 1, sawspace); - sawspace = FALSE; - } - -<GOTCMND>[:\,=\n] { - BEGIN INITIAL; - unput(*yytext); - return(COMMAND); - } /* end of command line args */ - -\n { - ++sudolineno; - LEXTRACE("\n"); - return(COMMENT); - } /* return newline */ - -<INITIAL>#.*\n { - ++sudolineno; - LEXTRACE("\n"); - return(COMMENT); - } /* return comments */ - -<GOTCMND>[^\\:, \t\n]+ { - LEXTRACE("ARG "); - fill_args(yytext, yyleng, sawspace); - sawspace = FALSE; - } /* a command line arg */ - -\, { - LEXTRACE(", "); - return(','); - } /* return ',' */ - -\! { - return('!'); /* return '!' */ - } - -= { - LEXTRACE("= "); - return('='); - } /* return '=' */ - -: { - LEXTRACE(": "); - return(':'); - } /* return ':' */ - -\. { - return('.'); - } - -NOPASSWD[[:blank:]]*: { - /* cmnd does not require passwd for this user */ - LEXTRACE("NOPASSWD "); - return(NOPASSWD); - } - -\+{WORD} { - /* netgroup */ - fill(yytext, yyleng); - return(NETGROUP); - } - -\%{WORD} { - /* UN*X group */ - fill(yytext, yyleng); - return(USERGROUP); - } - -{DOTTEDQUAD}(\/{DOTTEDQUAD})? { - fill(yytext, yyleng); - LEXTRACE("NTWKADDR "); - return(NTWKADDR); - } - -[[:alpha:]][[:alnum:]_-]*(\.{WORD})+ { - fill(yytext, yyleng); - LEXTRACE("FQHOST "); - return(FQHOST); - } - -<INITIAL>\( { - BEGIN GOTRUNAS; - LEXTRACE("RUNAS "); - return (RUNAS); - } - -<GOTRUNAS>[[:upper:]][[:upper:][:digit:]_]* { - /* Runas_Alias that user can run command as or ALL */ - fill(yytext, yyleng); - if (strcmp(yytext, "ALL") == 0) { - LEXTRACE("ALL "); - return(ALL); - } else { - LEXTRACE("ALIAS "); - return(ALIAS); - } - } - -<GOTRUNAS>#?{WORD} { - /* username/uid that user can run command as */ - fill(yytext, yyleng); - LEXTRACE("NAME "); - return(NAME); - } - -<GOTRUNAS>\) BEGIN INITIAL; - - -\/[^\,:=\\ \t\n#]+ { - /* directories can't have args... */ - if (yytext[yyleng - 1] == '/') { - LEXTRACE("COMMAND "); - fill_cmnd(yytext, yyleng); - return(COMMAND); - } else { - BEGIN GOTCMND; - LEXTRACE("COMMAND "); - fill_cmnd(yytext, yyleng); - } - } /* a pathname */ - -[[:upper:]][[:upper:][:digit:]_]* { - fill(yytext, yyleng); - if (strcmp(yytext, "ALL") == 0) { - LEXTRACE("ALL "); - return(ALL); - } - LEXTRACE("ALIAS "); - return(ALIAS); - } - -[[:alnum:]][[:alnum:]_-]* { - fill(yytext, yyleng); - if (strcmp(yytext, "Host_Alias") == 0) { - LEXTRACE("HOSTALIAS "); - return(HOSTALIAS); - } - if (strcmp(yytext, "Cmnd_Alias") == 0) { - LEXTRACE("CMNDALIAS "); - return(CMNDALIAS); - } - if (strcmp(yytext, "User_Alias") == 0) { - LEXTRACE("USERALIAS "); - return(USERALIAS); - } - if (strcmp(yytext, "Runas_Alias") == 0) { - LEXTRACE("RUNASALIAS "); - return(RUNASALIAS); - } - - /* NAME is what RFC1034 calls a label */ - LEXTRACE("NAME "); - return(NAME); - } - -. { - return(ERROR); - } /* parse error */ - -%% -static void fill(s, len) - char *s; - int len; -{ - yylval.string = (char *) malloc(len + 1); - if (yylval.string == NULL) - yyerror("unable to allocate memory"); - - /* copy the string and NULL-terminate it */ - (void) strncpy(yylval.string, s, len); - yylval.string[len] = '\0'; -} - - -static void fill_cmnd(s, len) - char *s; - int len; -{ - arg_len = arg_size = 0; - - yylval.command.cmnd = (char *) malloc(len + 1); - if (yylval.command.cmnd == NULL) - yyerror("unable to allocate memory"); - - /* copy the string and NULL-terminate it */ - (void) strncpy(yylval.command.cmnd, s, len); - yylval.command.cmnd[len] = '\0'; - - yylval.command.args = NULL; -} - - -static void fill_args(s, len, addspace) - char *s; - int len; - int addspace; -{ - int new_len; - char *p; - - /* - * If first arg, malloc() some room, else if we don't - * have enough space realloc() some more. - */ - if (yylval.command.args == NULL) { - addspace = 0; - new_len = len; - - while (new_len >= (arg_size += COMMANDARGINC)) - ; - - yylval.command.args = (char *) malloc(arg_size); - if (yylval.command.args == NULL) - yyerror("unable to allocate memory"); - } else { - new_len = arg_len + len + addspace; - - if (new_len >= arg_size) { - /* Allocate more space than we need for subsequent args */ - while (new_len >= (arg_size += COMMANDARGINC)) - ; - - if ((p = (char *) realloc(yylval.command.args, arg_size)) == NULL) { - (void) free(yylval.command.args); - yyerror("unable to allocate memory"); - } else - yylval.command.args = p; - } - } - - /* Efficiently append the arg (with a leading space if needed). */ - p = yylval.command.args + arg_len; - if (addspace) - *p++ = ' '; - (void) strcpy(p, s); - arg_len = new_len; -} - - -int yywrap() -{ -#ifdef YY_NEW_FILE - YY_NEW_FILE; -#endif /* YY_NEW_FILE */ - - /* don't reset the aliases if called by testsudoers */ - if (clearaliases) - reset_aliases(); - - return(TRUE); -} diff --git a/gnu/usr.bin/sudo/sudo/parse.yacc b/gnu/usr.bin/sudo/sudo/parse.yacc deleted file mode 100644 index 4131e01a973..00000000000 --- a/gnu/usr.bin/sudo/sudo/parse.yacc +++ /dev/null @@ -1,985 +0,0 @@ -%{ -/* $OpenBSD: parse.yacc,v 1.15 1999/03/30 17:26:21 millert Exp $ */ - -/* - * CU sudo version 1.5.9 - * Copyright (c) 1996, 1998, 1999 Todd C. Miller <Todd.Miller@courtesan.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 1, or (at your option) - * any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - * - * Please send bugs, changes, problems to sudo-bugs@courtesan.com - * - ******************************************************************* - * - * parse.yacc -- yacc parser and alias manipulation routines for sudo. - * - * Chris Jepeway <jepeway@cs.utk.edu> - */ - -#include "config.h" -#include <stdio.h> -#ifdef STDC_HEADERS -#include <stdlib.h> -#endif /* STDC_HEADERS */ -#ifdef HAVE_UNISTD_H -#include <unistd.h> -#endif /* HAVE_UNISTD_H */ -#include <pwd.h> -#include <sys/types.h> -#include <sys/param.h> -#include <netinet/in.h> -#ifdef HAVE_STRING_H -#include <string.h> -#endif /* HAVE_STRING_H */ -#if defined(HAVE_MALLOC_H) && !defined(STDC_HEADERS) -#include <malloc.h> -#endif /* HAVE_MALLOC_H && !STDC_HEADERS */ -#if defined(YYBISON) && defined(HAVE_ALLOCA_H) && !defined(__GNUC__) -#include <alloca.h> -#endif /* YYBISON && HAVE_ALLOCA_H && !__GNUC__ */ -#ifdef HAVE_LSEARCH -#include <search.h> -#endif /* HAVE_LSEARCH */ - -#include "sudo.h" - -#ifndef HAVE_LSEARCH -#include "emul/search.h" -#endif /* HAVE_LSEARCH */ - -#ifndef HAVE_STRCASECMP -#define strcasecmp(a,b) strcmp(a,b) -#endif /* !HAVE_STRCASECMP */ - -#ifndef lint -static const char rcsid[] = "$Sudo: parse.yacc,v 1.135 1999/03/30 17:17:53 millert Exp $"; -#endif /* lint */ - -/* - * Globals - */ -extern int sudolineno, parse_error; -int errorlineno = -1; -int clearaliases = 1; -int printmatches = FALSE; - -/* - * Alias types - */ -#define HOST_ALIAS 1 -#define CMND_ALIAS 2 -#define USER_ALIAS 3 -#define RUNAS_ALIAS 4 - -/* - * The matching stack, initial space allocated in init_parser(). - */ -struct matchstack *match; -int top = 0, stacksize = 0; - -#define push \ - { \ - if (top >= stacksize) { \ - while ((stacksize += STACKINCREMENT) < top); \ - match = (struct matchstack *) erealloc(match, sizeof(struct matchstack) * stacksize); \ - } \ - match[top].user = -1; \ - match[top].cmnd = -1; \ - match[top].host = -1; \ - match[top].runas = -1; \ - match[top].nopass = -1; \ - top++; \ - } - -#define pop \ - { \ - if (top == 0) \ - yyerror("matching stack underflow"); \ - else \ - top--; \ - } - -/* - * The stack for printmatches. A list of allowed commands for the user. - */ -static struct command_match *cm_list = NULL; -static size_t cm_list_len = 0, cm_list_size = 0; - -/* - * List of Cmnd_Aliases and expansions for `sudo -l' - */ -static int in_alias = FALSE; -static size_t ga_list_len = 0, ga_list_size = 0; -static struct generic_alias *ga_list = NULL; - -/* - * Protoypes - */ -extern int command_matches __P((char *, char *, char *, char *)); -extern int addr_matches __P((char *)); -extern int netgr_matches __P((char *, char *, char *)); -extern int usergr_matches __P((char *, char *)); -static int find_alias __P((char *, int)); -static int add_alias __P((char *, int)); -static int more_aliases __P((void)); -static void append __P((char *, char **, size_t *, size_t *, int)); -static void expand_ga_list __P((void)); -static void expand_match_list __P((void)); - void init_parser __P((void)); - void yyerror __P((char *)); - -void yyerror(s) - char *s; -{ - /* save the line the first error occured on */ - if (errorlineno == -1) - errorlineno = sudolineno ? sudolineno - 1 : 0; -#ifndef TRACELEXER - (void) fprintf(stderr, ">>> sudoers file: %s, line %d <<<\n", s, - sudolineno ? sudolineno - 1 : 0); -#else - (void) fprintf(stderr, "<*> "); -#endif - parse_error = TRUE; -} -%} - -%union { - char *string; - int BOOLEAN; - struct sudo_command command; - int tok; -} - - -%start file /* special start symbol */ -%token <string> ALIAS /* an UPPERCASE alias name */ -%token <string> NTWKADDR /* w.x.y.z */ -%token <string> FQHOST /* foo.bar.com */ -%token <string> NETGROUP /* a netgroup (+NAME) */ -%token <string> USERGROUP /* a usergroup (%NAME) */ -%token <string> NAME /* a mixed-case name */ -%token <tok> RUNAS /* a mixed-case runas name */ -%token <tok> NOPASSWD /* no passwd req for command*/ -%token <command> COMMAND /* an absolute pathname */ -%token <tok> COMMENT /* comment and/or carriage return */ -%token <tok> ALL /* ALL keyword */ -%token <tok> HOSTALIAS /* Host_Alias keyword */ -%token <tok> CMNDALIAS /* Cmnd_Alias keyword */ -%token <tok> USERALIAS /* User_Alias keyword */ -%token <tok> RUNASALIAS /* Runas_Alias keyword */ -%token <tok> ':' '=' ',' '!' '.' /* union member tokens */ -%token <tok> ERROR - -%type <BOOLEAN> cmnd -%type <BOOLEAN> opcmnd -%type <BOOLEAN> runasspec -%type <BOOLEAN> runaslist -%type <BOOLEAN> runasuser -%type <BOOLEAN> nopasswd - -%% - -file : entry - | file entry - ; - -entry : COMMENT - { ; } - | error COMMENT - { yyerrok; } - | { push; } user privileges { - while (top && user_matches != TRUE) { - pop; - } - } - | USERALIAS useraliases - { ; } - | HOSTALIAS hostaliases - { ; } - | CMNDALIAS cmndaliases - { ; } - | RUNASALIAS runasaliases - { ; } - ; - - -privileges : privilege - | privileges ':' privilege - ; - -privilege : hostspec '=' cmndspeclist { - if (user_matches == TRUE) { - push; - user_matches = TRUE; - } else { - no_passwd = -1; - runas_matches = -1; - } - } - ; - -hostspec : ALL { - host_matches = TRUE; - } - | NTWKADDR { - if (addr_matches($1)) - host_matches = TRUE; - (void) free($1); - } - | NETGROUP { - if (netgr_matches($1, host, NULL)) - host_matches = TRUE; - (void) free($1); - } - | NAME { - if (strcasecmp(shost, $1) == 0) - host_matches = TRUE; - (void) free($1); - } - | FQHOST { - if (strcasecmp(host, $1) == 0) - host_matches = TRUE; - (void) free($1); - } - | ALIAS { - /* could be an all-caps hostname */ - if (find_alias($1, HOST_ALIAS) == TRUE || - strcasecmp(shost, $1) == 0) - host_matches = TRUE; - (void) free($1); - } - ; - -cmndspeclist : cmndspec - | cmndspeclist ',' cmndspec - ; - -cmndspec : { /* Push a new entry onto the stack if needed */ - if (user_matches == TRUE && host_matches == TRUE && - cmnd_matches != -1 && runas_matches == TRUE) { - push; - user_matches = TRUE; - host_matches = TRUE; - } else { - cmnd_matches = -1; - runas_matches = -1; - no_passwd = -1; - } - } runasspec nopasswd opcmnd { - if ($2 > 0) - runas_matches = TRUE; - if ($3 == TRUE) - no_passwd = TRUE; - if (($2 == -1 || $4 == -1) && printmatches == TRUE) { - cm_list[cm_list_len].runas_len = 0; - cm_list[cm_list_len].cmnd_len = 0; - cm_list[cm_list_len].nopasswd = FALSE; - } - } - ; - -opcmnd : cmnd { ; } - | '!' { - if (printmatches == TRUE && host_matches == TRUE && - user_matches == TRUE) { - append("!", &cm_list[cm_list_len].cmnd, - &cm_list[cm_list_len].cmnd_len, - &cm_list[cm_list_len].cmnd_size, 0); - push; - user_matches = TRUE; - host_matches = TRUE; - } else { - push; - } - } opcmnd { - int cmnd_matched = cmnd_matches; - pop; - if (cmnd_matched == TRUE) - cmnd_matches = FALSE; - else if (cmnd_matched == FALSE) - cmnd_matches = TRUE; - $$ = cmnd_matches; - } - ; - -runasspec : /* empty */ { - $$ = (strcmp(RUNAS_DEFAULT, runas_user) == 0); - } - | RUNAS runaslist { - $$ = $2; - } - ; - -runaslist : runasuser { - $$ = $1; - } - | runaslist ',' runasuser { - $$ = $1 + $3; - } - ; - - -runasuser : NAME { - $$ = (strcmp($1, runas_user) == 0); - if (printmatches == TRUE && in_alias == TRUE) - append($1, &ga_list[ga_list_len-1].entries, - &ga_list[ga_list_len-1].entries_len, - &ga_list[ga_list_len-1].entries_size, ','); - if (printmatches == TRUE && host_matches == TRUE && - user_matches == TRUE) - append($1, &cm_list[cm_list_len].runas, - &cm_list[cm_list_len].runas_len, - &cm_list[cm_list_len].runas_size, ':'); - (void) free($1); - } - | USERGROUP { - $$ = usergr_matches($1, runas_user); - if (printmatches == TRUE && in_alias == TRUE) - append($1, &ga_list[ga_list_len-1].entries, - &ga_list[ga_list_len-1].entries_len, - &ga_list[ga_list_len-1].entries_size, ','); - if (printmatches == TRUE && host_matches == TRUE && - user_matches == TRUE) { - append("%", &cm_list[cm_list_len].runas, - &cm_list[cm_list_len].runas_len, - &cm_list[cm_list_len].runas_size, ':'); - append($1, &cm_list[cm_list_len].runas, - &cm_list[cm_list_len].runas_len, - &cm_list[cm_list_len].runas_size, 0); - } - (void) free($1); - } - | NETGROUP { - $$ = netgr_matches($1, NULL, runas_user); - if (printmatches == TRUE && in_alias == TRUE) - append($1, &ga_list[ga_list_len-1].entries, - &ga_list[ga_list_len-1].entries_len, - &ga_list[ga_list_len-1].entries_size, ','); - if (printmatches == TRUE && host_matches == TRUE && - user_matches == TRUE) { - append("+", &cm_list[cm_list_len].runas, - &cm_list[cm_list_len].runas_len, - &cm_list[cm_list_len].runas_size, ':'); - append($1, &cm_list[cm_list_len].runas, - &cm_list[cm_list_len].runas_len, - &cm_list[cm_list_len].runas_size, 0); - } - (void) free($1); - } - | ALIAS { - /* could be an all-caps username */ - if (find_alias($1, RUNAS_ALIAS) == TRUE || - strcmp($1, runas_user) == 0) - $$ = TRUE; - else - $$ = FALSE; - if (printmatches == TRUE && in_alias == TRUE) - append($1, &ga_list[ga_list_len-1].entries, - &ga_list[ga_list_len-1].entries_len, - &ga_list[ga_list_len-1].entries_size, ','); - if (printmatches == TRUE && host_matches == TRUE && - user_matches == TRUE) - append($1, &cm_list[cm_list_len].runas, - &cm_list[cm_list_len].runas_len, - &cm_list[cm_list_len].runas_size, ':'); - (void) free($1); - } - | ALL { - $$ = TRUE; - if (printmatches == TRUE && in_alias == TRUE) - append("ALL", &ga_list[ga_list_len-1].entries, - &ga_list[ga_list_len-1].entries_len, - &ga_list[ga_list_len-1].entries_size, ','); - if (printmatches == TRUE && host_matches == TRUE && - user_matches == TRUE) - append("ALL", &cm_list[cm_list_len].runas, - &cm_list[cm_list_len].runas_len, - &cm_list[cm_list_len].runas_size, ':'); - } - ; - -nopasswd : /* empty */ { - $$ = FALSE; - } - | NOPASSWD { - $$ = TRUE; - if (printmatches == TRUE && host_matches == TRUE && - user_matches == TRUE) - cm_list[cm_list_len].nopasswd = TRUE; - } - ; - -cmnd : ALL { - if (printmatches == TRUE && in_alias == TRUE) { - append("ALL", &ga_list[ga_list_len-1].entries, - &ga_list[ga_list_len-1].entries_len, - &ga_list[ga_list_len-1].entries_size, ','); - } - if (printmatches == TRUE && host_matches == TRUE && - user_matches == TRUE) { - append("ALL", &cm_list[cm_list_len].cmnd, - &cm_list[cm_list_len].cmnd_len, - &cm_list[cm_list_len].cmnd_size, 0); - expand_match_list(); - } - - cmnd_matches = TRUE; - $$ = TRUE; - } - | ALIAS { - if (printmatches == TRUE && in_alias == TRUE) { - append($1, &ga_list[ga_list_len-1].entries, - &ga_list[ga_list_len-1].entries_len, - &ga_list[ga_list_len-1].entries_size, ','); - } - if (printmatches == TRUE && host_matches == TRUE && - user_matches == TRUE) { - append($1, &cm_list[cm_list_len].cmnd, - &cm_list[cm_list_len].cmnd_len, - &cm_list[cm_list_len].cmnd_size, 0); - expand_match_list(); - } - if (find_alias($1, CMND_ALIAS) == TRUE) { - cmnd_matches = TRUE; - $$ = TRUE; - } - (void) free($1); - } - | COMMAND { - if (printmatches == TRUE && in_alias == TRUE) { - append($1.cmnd, &ga_list[ga_list_len-1].entries, - &ga_list[ga_list_len-1].entries_len, - &ga_list[ga_list_len-1].entries_size, ','); - if ($1.args) - append($1.args, &ga_list[ga_list_len-1].entries, - &ga_list[ga_list_len-1].entries_len, - &ga_list[ga_list_len-1].entries_size, ' '); - } - if (printmatches == TRUE && host_matches == TRUE && - user_matches == TRUE) { - append($1.cmnd, &cm_list[cm_list_len].cmnd, - &cm_list[cm_list_len].cmnd_len, - &cm_list[cm_list_len].cmnd_size, 0); - if ($1.args) - append($1.args, &cm_list[cm_list_len].cmnd, - &cm_list[cm_list_len].cmnd_len, - &cm_list[cm_list_len].cmnd_size, ' '); - expand_match_list(); - } - - /* if NewArgc > 1 pass ptr to 1st arg, else NULL */ - if (command_matches(cmnd, (NewArgc > 1) ? - cmnd_args : NULL, $1.cmnd, $1.args)) { - cmnd_matches = TRUE; - $$ = TRUE; - } - - (void) free($1.cmnd); - if ($1.args) - (void) free($1.args); - } - ; - -hostaliases : hostalias - | hostaliases ':' hostalias - ; - -hostalias : ALIAS { push; } '=' hostlist { - if (host_matches == TRUE && - add_alias($1, HOST_ALIAS) == FALSE) - YYERROR; - pop; - } - ; - -hostlist : hostspec - | hostlist ',' hostspec - ; - -cmndaliases : cmndalias - | cmndaliases ':' cmndalias - ; - -cmndalias : ALIAS { - push; - if (printmatches == TRUE) { - in_alias = TRUE; - /* Allocate space for ga_list if necesary. */ - expand_ga_list(); - ga_list[ga_list_len-1].alias = estrdup($1); - } - } '=' cmndlist { - if (cmnd_matches == TRUE && - add_alias($1, CMND_ALIAS) == FALSE) - YYERROR; - pop; - (void) free($1); - - if (printmatches == TRUE) - in_alias = FALSE; - } - ; - -cmndlist : cmnd - { ; } - | cmndlist ',' cmnd - ; - -runasaliases : runasalias - | runasaliases ':' runasalias - ; - -runasalias : ALIAS { - push; - if (printmatches == TRUE) { - in_alias = TRUE; - /* Allocate space for ga_list if necesary. */ - expand_ga_list(); - ga_list[ga_list_len-1].alias = estrdup($1); - } - } '=' runaslist { - if ($4 > 0 && add_alias($1, RUNAS_ALIAS) == FALSE) - YYERROR; - pop; - (void) free($1); - - if (printmatches == TRUE) - in_alias = FALSE; - } - ; - -useraliases : useralias - | useraliases ':' useralias - ; - -useralias : ALIAS { push; } '=' userlist { - if (user_matches == TRUE && - add_alias($1, USER_ALIAS) == FALSE) - YYERROR; - pop; - (void) free($1); - } - ; - -userlist : user - { ; } - | userlist ',' user - ; - -user : NAME { - if (strcmp($1, user_name) == 0) - user_matches = TRUE; - (void) free($1); - } - | USERGROUP { - if (usergr_matches($1, user_name)) - user_matches = TRUE; - (void) free($1); - } - | NETGROUP { - if (netgr_matches($1, NULL, user_name)) - user_matches = TRUE; - (void) free($1); - } - | ALIAS { - /* could be an all-caps username */ - if (find_alias($1, USER_ALIAS) == TRUE || - strcmp($1, user_name) == 0) - user_matches = TRUE; - (void) free($1); - } - | ALL { - user_matches = TRUE; - } - ; - -%% - - -typedef struct { - int type; - char name[BUFSIZ]; -} aliasinfo; - -#define MOREALIASES (32) -aliasinfo *aliases = NULL; -size_t naliases = 0; -size_t nslots = 0; - - -/********************************************************************** - * - * aliascmp() - * - * This function compares two aliasinfo structures. - */ - -static int aliascmp(a1, a2) - const VOID *a1, *a2; -{ - int r; - aliasinfo *ai1, *ai2; - - ai1 = (aliasinfo *) a1; - ai2 = (aliasinfo *) a2; - r = strcmp(ai1->name, ai2->name); - if (r == 0) - r = ai1->type - ai2->type; - - return(r); -} - - -/********************************************************************** - * - * genaliascmp() - * - * This function compares two generic_alias structures. - */ - -static int genaliascmp(entry, key) - const VOID *entry, *key; -{ - struct generic_alias *ga1 = (struct generic_alias *) key; - struct generic_alias *ga2 = (struct generic_alias *) entry; - - return(strcmp(ga1->alias, ga2->alias)); -} - - -/********************************************************************** - * - * add_alias() - * - * This function adds the named alias of the specified type to the - * aliases list. - */ - -static int add_alias(alias, type) - char *alias; - int type; -{ - aliasinfo ai, *aip; - char s[512]; - int ok; - - ok = FALSE; /* assume failure */ - ai.type = type; - (void) strcpy(ai.name, alias); - if (lfind((VOID *)&ai, (VOID *)aliases, &naliases, sizeof(ai), - aliascmp) != NULL) { - (void) sprintf(s, "Alias `%.*s' already defined", (int) sizeof(s) - 25, - alias); - yyerror(s); - } else { - if (naliases >= nslots && !more_aliases()) { - (void) sprintf(s, "Out of memory defining alias `%.*s'", - (int) sizeof(s) - 32, alias); - yyerror(s); - } - - aip = (aliasinfo *) lsearch((VOID *)&ai, (VOID *)aliases, - &naliases, sizeof(ai), aliascmp); - - if (aip != NULL) { - ok = TRUE; - } else { - (void) sprintf(s, "Aliases corrupted defining alias `%.*s'", - (int) sizeof(s) - 36, alias); - yyerror(s); - } - } - - return(ok); -} - - -/********************************************************************** - * - * find_alias() - * - * This function searches for the named alias of the specified type. - */ - -static int find_alias(alias, type) - char *alias; - int type; -{ - aliasinfo ai; - - (void) strcpy(ai.name, alias); - ai.type = type; - - return(lfind((VOID *)&ai, (VOID *)aliases, &naliases, - sizeof(ai), aliascmp) != NULL); -} - - -/********************************************************************** - * - * more_aliases() - * - * This function allocates more space for the aliases list. - */ - -static int more_aliases() -{ - nslots += MOREALIASES; - if (nslots == MOREALIASES) - aliases = (aliasinfo *) malloc(nslots * sizeof(aliasinfo)); - else - aliases = (aliasinfo *) realloc(aliases, nslots * sizeof(aliasinfo)); - - return(aliases != NULL); -} - - -/********************************************************************** - * - * dumpaliases() - * - * This function lists the contents of the aliases list. - */ - -void dumpaliases() -{ - size_t n; - - for (n = 0; n < naliases; n++) { - switch (aliases[n].type) { - case HOST_ALIAS: - (void) puts("HOST_ALIAS"); - break; - - case CMND_ALIAS: - (void) puts("CMND_ALIAS"); - break; - - case USER_ALIAS: - (void) puts("USER_ALIAS"); - break; - - case RUNAS_ALIAS: - (void) puts("RUNAS_ALIAS"); - break; - } - (void) printf("\t%s\n", aliases[n].name); - } -} - - -/********************************************************************** - * - * list_matches() - * - * This function lists the contents of cm_list and ga_list for - * `sudo -l'. - */ - -void list_matches() -{ - int i; - char *p; - struct generic_alias *ga, key; - - (void) puts("You may run the following commands on this host:"); - for (i = 0; i < cm_list_len; i++) { - - /* Print the runas list. */ - (void) fputs(" ", stdout); - if (cm_list[i].runas) { - (void) putchar('('); - p = strtok(cm_list[i].runas, ":"); - do { - if (p != cm_list[i].runas) - (void) fputs(", ", stdout); - - key.alias = p; - if ((ga = (struct generic_alias *) lfind((VOID *) &key, - (VOID *) &ga_list[0], &ga_list_len, sizeof(key), genaliascmp))) - (void) fputs(ga->entries, stdout); - else - (void) fputs(p, stdout); - } while ((p = strtok(NULL, ":"))); - (void) fputs(") ", stdout); - } else { - (void) fputs("(root) ", stdout); - } - - /* Is a password required? */ - if (cm_list[i].nopasswd == TRUE) - (void) fputs("NOPASSWD: ", stdout); - - /* Print the actual command or expanded Cmnd_Alias. */ - key.alias = cm_list[i].cmnd; - if ((ga = (struct generic_alias *) lfind((VOID *) &key, - (VOID *) &ga_list[0], &ga_list_len, sizeof(key), genaliascmp))) - (void) puts(ga->entries); - else - (void) puts(cm_list[i].cmnd); - } - - /* Be nice and free up space now that we are done. */ - for (i = 0; i < ga_list_len; i++) { - (void) free(ga_list[i].alias); - (void) free(ga_list[i].entries); - } - (void) free(ga_list); - ga_list = NULL; - - for (i = 0; i < cm_list_len; i++) { - (void) free(cm_list[i].runas); - (void) free(cm_list[i].cmnd); - } - (void) free(cm_list); - cm_list = NULL; - cm_list_len = 0; - cm_list_size = 0; -} - - -/********************************************************************** - * - * append() - * - * This function appends a source string to the destination prefixing - * a separator if one is given. - */ - -static void append(src, dstp, dst_len, dst_size, separator) - char *src, **dstp; - size_t *dst_len, *dst_size; - int separator; -{ - /* Only add the separator if *dstp is non-NULL. */ - size_t src_len = strlen(src) + ((separator && *dstp) ? 1 : 0); - char *dst = *dstp; - - /* Assumes dst will be NULL if not set. */ - if (dst == NULL) { - dst = (char *) emalloc(BUFSIZ); - *dst_size = BUFSIZ; - *dst_len = 0; - *dstp = dst; - } - - /* Allocate more space if necesary. */ - if (*dst_size <= *dst_len + src_len) { - while (*dst_size <= *dst_len + src_len) - *dst_size += BUFSIZ; - - dst = (char *) erealloc(dst, *dst_size); - *dstp = dst; - } - - /* Copy src -> dst adding a separator char if appropriate and adjust len. */ - dst += *dst_len; - if (separator && *dst_len) - *dst++ = (char) separator; - (void) strcpy(dst, src); - *dst_len += src_len; -} - - -/********************************************************************** - * - * reset_aliases() - * - * This function frees up space used by the aliases list and resets - * the associated counters. - */ - -void reset_aliases() -{ - if (aliases) { - (void) free(aliases); - aliases = NULL; - } - naliases = nslots = 0; -} - - -/********************************************************************** - * - * expand_ga_list() - * - * This function increments ga_list_len, allocating more space as necesary. - */ - -static void expand_ga_list() -{ - if (++ga_list_len >= ga_list_size) { - while ((ga_list_size += STACKINCREMENT) < ga_list_len) - ; - ga_list = (struct generic_alias *) - erealloc(ga_list, sizeof(struct generic_alias) * ga_list_size); - } - - ga_list[ga_list_len - 1].entries = NULL; -} - - -/********************************************************************** - * - * expand_match_list() - * - * This function increments cm_list_len, allocating more space as necesary. - */ - -static void expand_match_list() -{ - if (++cm_list_len >= cm_list_size) { - while ((cm_list_size += STACKINCREMENT) < cm_list_len) - ; - if (cm_list == NULL) - cm_list_len = 0; /* start at 0 since it is a subscript */ - cm_list = (struct command_match *) - erealloc(cm_list, sizeof(struct command_match) * cm_list_size); - } - - cm_list[cm_list_len].runas = cm_list[cm_list_len].cmnd = NULL; - cm_list[cm_list_len].nopasswd = FALSE; -} - - -/********************************************************************** - * - * init_parser() - * - * This function frees up spaced used by a previous parse and - * allocates new space for various data structures. - */ - -void init_parser() -{ - /* Free up old data structures if we run the parser more than once. */ - if (match) { - (void) free(match); - match = NULL; - top = 0; - parse_error = FALSE; - errorlineno = -1; - sudolineno = 1; - } - - /* Allocate space for the matching stack. */ - stacksize = STACKINCREMENT; - match = (struct matchstack *) emalloc(sizeof(struct matchstack) * stacksize); - - /* Allocate space for the match list (for `sudo -l'). */ - if (printmatches == TRUE) - expand_match_list(); -} diff --git a/gnu/usr.bin/sudo/sudo/pathnames.h b/gnu/usr.bin/sudo/sudo/pathnames.h deleted file mode 100644 index 4b8b739c6a2..00000000000 --- a/gnu/usr.bin/sudo/sudo/pathnames.h +++ /dev/null @@ -1,93 +0,0 @@ -/* $OpenBSD: pathnames.h,v 1.9 1999/03/29 20:29:05 millert Exp $ */ - -/* pathnames.h. Generated automatically by configure. */ -/* - * CU sudo version 1.5.9 - * Copyright (c) 1996, 1998, 1999 Todd C. Miller <Todd.Miller@courtesan.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 1, or (at your option) - * any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - * - * Please send bugs, changes, problems to sudo-bugs@courtesan.com - * - * $Sudo: pathnames.h.in,v 1.38 1999/03/29 04:05:11 millert Exp $ - */ - -/* - * Pathnames to programs and files used by sudo. - */ - -#ifdef HAVE_PATHS_H -#include <paths.h> -#endif /* HAVE_PATHS_H */ - -#ifndef _PATH_DEV -#define _PATH_DEV "/dev/" -#endif /* _PATH_DEV */ - -#ifndef _PATH_TTY -#define _PATH_TTY "/dev/tty" -#endif /* _PATH_TTY */ - -/* - * NOTE: _PATH_SUDO_SUDOERS is usually overriden by the Makefile. - */ -#ifndef _PATH_SUDO_SUDOERS -#define _PATH_SUDO_SUDOERS "/etc/sudoers" -#endif /* _PATH_SUDO_SUDOERS */ - -/* - * NOTE: _PATH_SUDO_STMP is usually overriden by the Makefile. - * _PATH_SUDO_STMP *MUST* be on the same partition - * as _PATH_SUDO_SUDOERS! - */ -#ifndef _PATH_SUDO_STMP -#define _PATH_SUDO_STMP "/etc/stmp" -#endif /* _PATH_SUDO_STMP */ - -/* - * The following paths are controlled via the configure script. - */ - -/* - * Where to put the timestamp files. Defaults to /var/run/sudo if - * /var/run exists, else /tmp/.odus. - */ -#ifndef _PATH_SUDO_TIMEDIR -#define _PATH_SUDO_TIMEDIR "/var/run/sudo" -#endif /* _PATH_SUDO_TIMEDIR */ - -/* - * Where to put the sudo log file when logging to a file. Defaults to - * /var/log/sudo.log if /var/log exists, else /var/adm/sudo.log. - */ -#ifndef _PATH_SUDO_LOGFILE -#define _PATH_SUDO_LOGFILE "/var/log/sudo.log" -#endif /* _PATH_SUDO_LOGFILE */ - -#ifndef _PATH_SENDMAIL -#define _PATH_SENDMAIL "/usr/sbin/sendmail" -#endif /* _PATH_SENDMAIL */ - -#ifndef _PATH_VI -#define _PATH_VI "/usr/bin/vi" -#endif /* _PATH_VI */ - -#ifndef _PATH_MV -#define _PATH_MV "/bin/mv" -#endif /* _PATH_MV */ - -#ifndef _PATH_BSHELL -#define _PATH_BSHELL "/bin/sh" -#endif /* _PATH_BSHELL */ diff --git a/gnu/usr.bin/sudo/sudo/sudo.8 b/gnu/usr.bin/sudo/sudo/sudo.8 deleted file mode 100644 index 19600ce1825..00000000000 --- a/gnu/usr.bin/sudo/sudo/sudo.8 +++ /dev/null @@ -1,423 +0,0 @@ -.rn '' }` -''' $OpenBSD: sudo.8,v 1.11 1999/03/29 20:29:06 millert Exp $ -''' -.de Sh -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp -.if t .sp .5v -.if n .sp -.. -.de Ip -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb -.ft CW -.nf -.ne \\$1 -.. -.de Ve -.ft R - -.fi -.. -''' -''' -''' Set up \*(-- to give an unbreakable dash; -''' string Tr holds user defined translation string. -''' Bell System Logo is used as a dummy character. -''' -.tr \(*W-|\(bv\*(Tr -.ie n \{\ -.ds -- \(*W- -.ds PI pi -.if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -.if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -.ds L" "" -.ds R" "" -''' \*(M", \*(S", \*(N" and \*(T" are the equivalent of -''' \*(L" and \*(R", except that they are used on ".xx" lines, -''' such as .IP and .SH, which do another additional levels of -''' double-quote interpretation -.ds M" """ -.ds S" """ -.ds N" """"" -.ds T" """"" -.ds L' ' -.ds R' ' -.ds M' ' -.ds S' ' -.ds N' ' -.ds T' ' -'br\} -.el\{\ -.ds -- \(em\| -.tr \*(Tr -.ds L" `` -.ds R" '' -.ds M" `` -.ds S" '' -.ds N" `` -.ds T" '' -.ds L' ` -.ds R' ' -.ds M' ` -.ds S' ' -.ds N' ` -.ds T' ' -.ds PI \(*p -'br\} -.\" If the F register is turned on, we'll generate -.\" index entries out stderr for the following things: -.\" TH Title -.\" SH Header -.\" Sh Subsection -.\" Ip Item -.\" X<> Xref (embedded -.\" Of course, you have to process the output yourself -.\" in some meaninful fashion. -.if \nF \{ -.de IX -.tm Index:\\$1\t\\n%\t"\\$2" -.. -.nr % 0 -.rr F -.\} -.TH sudo 8 "1.5.9" "17/Feb/99" "MAINTENANCE COMMANDS" -.UC -.if n .hy 0 -.if n .na -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.de CQ \" put $1 in typewriter font -.ft CW -'if n "\c -'if t \\&\\$1\c -'if n \\&\\$1\c -'if n \&" -\\&\\$2 \\$3 \\$4 \\$5 \\$6 \\$7 -'.ft R -.. -.\" @(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2 -. \" AM - accent mark definitions -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds ? ? -. ds ! ! -. ds / -. ds q -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds ? \s-2c\h'-\w'c'u*7/10'\u\h'\*(#H'\zi\d\s+2\h'\w'c'u*8/10' -. ds ! \s-2\(or\s+2\h'-\w'\(or'u'\v'-.8m'.\v'.8m' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -. ds q o\h'-\w'o'u*8/10'\s-4\v'.4m'\z\(*i\v'-.4m'\s+4\h'\w'o'u*8/10' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds v \\k:\h'-(\\n(.wu*9/10-\*(#H)'\v'-\*(#V'\*(#[\s-4v\s0\v'\*(#V'\h'|\\n:u'\*(#] -.ds _ \\k:\h'-(\\n(.wu*9/10-\*(#H+(\*(#F*2/3))'\v'-.4m'\z\(hy\v'.4m'\h'|\\n:u' -.ds . \\k:\h'-(\\n(.wu*8/10)'\v'\*(#V*4/10'\z.\v'-\*(#V*4/10'\h'|\\n:u' -.ds 3 \*(#[\v'.2m'\s-2\&3\s0\v'-.2m'\*(#] -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -.ds oe o\h'-(\w'o'u*4/10)'e -.ds Oe O\h'-(\w'O'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds v \h'-1'\o'\(aa\(ga' -. ds _ \h'-1'^ -. ds . \h'-1'. -. ds 3 3 -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -. ds oe oe -. ds Oe OE -.\} -.rm #[ #] #H #V #F C -.SH "NAME" -sudo \- execute a command as the superuser -.SH "SYNOPSIS" -\fBsudo\fR \fB\-V\fR | \fB\-h\fR | \fB\-l\fR | \fB\-v\fR | \fB\-k\fR | \fB\-s\fR | \fB\-H\fR | -[ \fB\-b\fR ] | [ \fB\-r\fR realm ] | [ \fB\-p\fR prompt ] [ \fB\-u\fR username/#uid] \fIcommand\fR -.SH "DESCRIPTION" -\fBsudo\fR allows a permitted user to execute a \fIcommand\fR -as the superuser (real and effective uid and gid are set -to \f(CW0\fR and root's group as set in the passwd file respectively). -.PP -\fBsudo\fR determines who is an authorized user by consulting the -file \fI/etc/sudoers\fR. By giving \fBsudo\fR the \f(CW-v\fR flag a user -can update the time stamp without running a \fIcommand.\fR -The password prompt itself will also time out if the user's password is -not entered with N minutes (again, this is defined at installation -time and defaults to 5 minutes). -.PP -If an unauthorized user executes \fBsudo\fR, mail will be sent from the -user to the local authorities (defined at installation time). -.PP -\fBsudo\fR was designed to log via the 4.3 BSD \fIsyslog\fR\|(3) facility but -can log to a file instead if so desired (or to both syslog and a file). -.SH "OPTIONS" -\fBsudo\fR accepts the following command line options: -.Ip "-V" 4 -The \f(CW-V\fR (\fIversion\fR) option causes \fBsudo\fR to print the -version number and exit. -.Ip "-l" 4 -The \f(CW-l\fR (\fIlist\fR) option will list out the allowed and -forbidden commands for the user on the current host. -.Ip "-h" 4 -The \f(CW-h\fR (\fIhelp\fR) option causes \fBsudo\fR to print the version -of \fBsudo\fR and a usage message before exiting. -.Ip "-v" 4 -If given the \f(CW-v\fR (\fIvalidate\fR) option, \fBsudo\fR will update the -user's timestamp file, prompting for the user's password if necessary. -This extends the \fBsudo\fR timeout to for another N minutes -(where N is defined at installation time and defaults to 5 -minutes) but does not run a command. -.Ip "-k" 4 -The \f(CW-k\fR (\fIkill\fR) option to \fBsudo\fR removes the user's timestamp -file, thus requiring the user's password the next time \fBsudo\fR is run. -This option does not require a password and was added to -allow a user to revoke \fBsudo\fR permissions from a .logout file. -.Ip "-b" 4 -The \f(CW-b\fR (\fIbackground\fR) option tells \fBsudo\fR to run the given -command in the background. Note that if you use the \f(CW-b\fR -option you cannot use shell job control to manipulate the command. -.Ip "-r" 4 -The \f(CW-r\fR (\fIrealm\fR) option is only available if \fBsudo\fR was configured -with \fBKerberos\fR version 5 support. It allows the user to specify a -\fBKerberos\fR realm other than the system default to use when authenticating -the user via \fBKerberos\fR. -.Ip "-p" 4 -The \f(CW-p\fR (\fIprompt\fR) option allows you to override the default -password prompt and use a custom one. If the password prompt -contains the \f(CW%u\fR escape, \f(CW%u\fR will be replaced by the user's -login name. Similarly, \f(CW%h\fR will be replaced by the local -hostname. -.Ip "-u" 4 -The \f(CW-u\fR (\fIuser\fR) option causes sudo to run the specified command -as a user other than \fIroot\fR. To specify a \fIuid\fR instead of a -\fIusername\fR, use \*(L"#uid\*(R". -.Ip "-s" 4 -The \f(CW-s\fR (\fIshell\fR) option runs the shell specified by the \fI\s-1SHELL\s0\fR -environment variable if it is set or the shell as specified -in \fIpasswd\fR\|(5). -.Ip "-H" 4 -The \f(CW-H\fR (\fI\s-1HOME\s0\fR) option sets the \fI\s-1HOME\s0\fR environment variable -to the homedir of the target user (root by default) as specified -in \fIpasswd\fR\|(5). -.Ip "--" 4 -The \f(CW--\fR flag indicates that \fBsudo\fR should stop processing command -line arguments. It is most useful in conjunction with the \f(CW-s\fR flag. -.SH "RETURN VALUES" -\fBsudo\fR quits with an exit value of 1 if there is a -configuration/permission problem or if \fBsudo\fR cannot execute the -given command. In the latter case the error string is printed to -stderr via \fIperror\fR\|(3). If \fBsudo\fR cannot \fIstat\fR\|(2) one or more entries -in the user's PATH the error is printed on stderr via \fIperror\fR\|(3). -(If the directory does not exist or if it is not really a directory, -the entry is ignored and no error is printed.) This should not -happen under normal circumstances. The most common reason for -\fIstat\fR\|(3) to return \*(L"permission denied\*(R" is if you are running an -automounter and one of the directories in your PATH is on a machine -that is currently unreachable. -.SH "SECURITY NOTES" -\fBsudo\fR tries to be safe when executing external commands. Variables -that control how dynamic loading and binding is done can be used -to subvert the program that \fBsudo\fR runs. To combat this the -\f(CWLD_*\fR, \f(CW_RLD_*\fR, \f(CWSHLIB_PATH\fR (HP\-UX only), and \f(CWLIBPATH\fR (AIX -only) environment variables are removed from the environment passed -on to all commands executed. \fBsudo\fR will also remove the \f(CWIFS\fR, -\f(CWENV\fR, \f(CWBASH_ENV\fR, \f(CWKRB_CONF\fR and \f(CWKRB5_CONFIG\fR variables as -they too can pose a threat. -.PP -To prevent command spoofing, \fBsudo\fR checks "." and "" (both denoting -current directory) last when searching for a command in the user's -PATH (if one or both are in the PATH). Note, however, that the -actual PATH environment variable is \fInot\fR modified and is passed -unchanged to the program that \fBsudo\fR executes. -.PP -For security reasons, if your OS supports shared libraries, \fBsudo\fR -should always be statically linked unless the dynamic loader disables -user-defined library search paths for setuid programs. (Most modern -dynamic loaders do this.) -.PP -\fBsudo\fR will check the ownership of its timestamp directory -(\fI/var/run/sudo\fR or \fI/tmp/.odus\fR by default) and ignore the -directory's contents if it is not owned by root and only read, -writable, and executable by root. On systems that allow users to -give files away to root (via chown), if the timestamp directory is -located in a directory writable by anyone (ie: \fI/tmp\fR), it is -possible for a user to create the timestamp directory before \fBsudo\fR -is run. However, because \fBsudo\fR checks the ownership and mode of -the directory, the only damage that can be done is to \*(L"hide\*(R" files -by putting them in the timestamp dir. This is unlikely to happen -since once the timestamp dir is owned by root and inaccessible by -any other user the user placing files there would be unable to get -them back out. To get around this issue you can use a directory -that is not world-writable for the timestamps (\fI/var/adm/sudo\fR for -instance). -.PP -\f(CWsudo\fR will not honor timestamp files set far in the future. -Timestamp files with a date greater than current_time + 2 * \f(CWTIMEOUT\fR -will be ignored and sudo complain about a \*(L"preposterous stampfile -date\*(R". This is done to keep a user from creating his/her own -timestamp file with a bogus date. -.SH "FILES" -.PP -.Vb 1 -\& /etc/sudoers file of authorized users. -.Ve -.SH "ENVIRONMENT VARIABLES" -.PP -.Vb 12 -\& PATH Set to a sane value if SECURE_PATH is set -\& SHELL Used to determine shell to run with -s option -\& USER Set to the target user (root unless the -u option -\& is specified) -\& HOME In -s mode, set to homedir of root (or runas user) -\& if built with the SHELL_SETS_HOME option -\& SUDO_PROMPT Replaces the default password prompt -\& SUDO_COMMAND Set to the command run by sudo -\& SUDO_USER Set to the login of the user who invoked sudo -\& SUDO_UID Set to the uid of the user who invoked sudo -\& SUDO_GID Set to the gid of the user who invoked sudo -\& SUDO_PS1 If set, PS1 will be set to its value -.Ve -.SH "AUTHORS" -Many people have worked on \fBsudo\fR over the years, this -version consists of code written primarily by: -.PP -.Vb 4 -\& Jeff Nieusma -\& David Hieb -\& Todd Miller -\& Chris Jepeway -.Ve -See the HISTORY file in the \fBsudo\fR distribution for more details. -.PP -Please send all bugs, comments, and changes to sudo-bugs@courtesan.com. -.SH "DISCLAIMER" -This program is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. -.PP -You should have received a copy of the GNU General Public License along -with this program; if not, write to the Free Software Foundation, Inc., -675 Mass Ave, Cambridge, MA 02139, USA. -.SH "CAVEATS" -There is no easy way to prevent a user from gaining a root shell if -that user has access to commands allowing shell escapes. -.PP -If users have sudo ALL there is nothing to prevent them from creating -their own program that gives them a root shell regardless of any \*(L'!\*(R' -elements in the user specification. -.PP -Running shell scripts via \fBsudo\fR can expose the same kernel bugs -that make setuid shell scripts unsafe on some operating systems. -.SH "SEE ALSO" -\fIsudoers\fR\|(5), \fIvisudo\fR\|(8), \fIsu\fR\|(1). - -.rn }` '' -.IX Title "sudo 8" -.IX Name "sudo - execute a command as the superuser" - -.IX Header "NAME" - -.IX Header "SYNOPSIS" - -.IX Header "DESCRIPTION" - -.IX Header "OPTIONS" - -.IX Item "-V" - -.IX Item "-l" - -.IX Item "-h" - -.IX Item "-v" - -.IX Item "-k" - -.IX Item "-b" - -.IX Item "-r" - -.IX Item "-p" - -.IX Item "-u" - -.IX Item "-s" - -.IX Item "-H" - -.IX Item "--" - -.IX Header "RETURN VALUES" - -.IX Header "SECURITY NOTES" - -.IX Header "FILES" - -.IX Header "ENVIRONMENT VARIABLES" - -.IX Header "AUTHORS" - -.IX Header "DISCLAIMER" - -.IX Header "CAVEATS" - -.IX Header "SEE ALSO" - diff --git a/gnu/usr.bin/sudo/sudo/sudo.c b/gnu/usr.bin/sudo/sudo/sudo.c deleted file mode 100644 index 2edf4d00310..00000000000 --- a/gnu/usr.bin/sudo/sudo/sudo.c +++ /dev/null @@ -1,1129 +0,0 @@ -/* $OpenBSD: sudo.c,v 1.14 1999/03/30 06:25:25 millert Exp $ */ - -/* - * CU sudo version 1.5.9 (based on Root Group sudo version 1.1) - * Copyright (c) 1994,1996,1998,1999 Todd C. Miller <Todd.Miller@courtesan.com> - * - * This software comes with no waranty whatsoever, use at your own risk. - * - * Please send bugs, changes, problems to sudo-bugs@courtesan.com - * - */ - -/* - * sudo version 1.1 allows users to execute commands as root - * Copyright (C) 1991 The Root Group, Inc. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 1, or (at your option) - * any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - * - ************************************************************************** - * - * sudo.c - * - * This is the main() routine for sudo - * - * sudo is a program to allow users to execute commands - * as root. The commands are defined in a global network- - * wide file and can be distributed. - * - * sudo has been hacked far and wide. Too many people to - * know about. It's about time to come up with a secure - * version that will work well in a network. - * - * This most recent version is done by: - * - * Jeff Nieusma <nieusma@rootgroup.com> - * Dave Hieb <davehieb@rootgroup.com> - * - * However, due to the fact that both of the above are no longer - * working at Root Group, I am maintaining the "CU version" of - * sudo. - * Todd Miller <Todd.Miller@courtesan.com> - */ - -#define MAIN - -#include "config.h" - -#include <stdio.h> -#ifdef STDC_HEADERS -#include <stdlib.h> -#endif /* STDC_HEADERS */ -#ifdef HAVE_UNISTD_H -#include <unistd.h> -#endif /* HAVE_UNISTD_H */ -#ifdef HAVE_STRING_H -#include <string.h> -#endif /* HAVE_STRING_H */ -#ifdef HAVE_STRINGS_H -#include <strings.h> -#endif /* HAVE_STRINGS_H */ -#include <pwd.h> -#include <errno.h> -#include <fcntl.h> -#include <sys/types.h> -#include <sys/stat.h> -#include <sys/param.h> -#include <netinet/in.h> -#include <netdb.h> -#ifdef HAVE_DCE -#include <pthread.h> -#endif /* HAVE_DCE */ -#ifdef HAVE_KERB5 -#include <krb5.h> -#endif /* HAVE_KERB5 */ - -#include "sudo.h" -#include "version.h" - -#ifndef STDC_HEADERS -extern char *getenv __P((char *)); -#endif /* STDC_HEADERS */ - -#ifndef lint -static const char rcsid[] = "$Sudo: sudo.c,v 1.223 1999/03/30 06:01:46 millert Exp $"; -#endif /* lint */ - - -/* - * Local type declarations - */ -struct env_table { - char *name; - int len; -}; - - -/* - * Prototypes - */ -static int parse_args __P((void)); -static void usage __P((int)); -static void usage_excl __P((int)); -static void load_globals __P((int)); -static int check_sudoers __P((void)); -static int load_cmnd __P((int)); -static void add_env __P((int)); -static void clean_env __P((char **, struct env_table *)); -extern int user_is_exempt __P((void)); -extern struct passwd *sudo_getpwuid __P((uid_t)); -extern void list_matches __P((void)); - -/* - * Globals - */ -int Argc; -char **Argv; -int NewArgc = 0; -char **NewArgv = NULL; -struct passwd *user_pw_ent; -char *runas_user = RUNAS_DEFAULT; -char *cmnd = NULL; -char *cmnd_args = NULL; -char *tty = "unknown"; -char *prompt; -char host[MAXHOSTNAMELEN]; -char *shost; -char cwd[MAXPATHLEN]; -FILE *sudoers_fp = NULL; -struct stat cmnd_st; -static char *runas_homedir = NULL; -extern struct interface *interfaces; -extern int num_interfaces; -extern int printmatches; -int arg_prompt = 0; /* was -p used? */ -#ifdef HAVE_KERB5 -krb5_context sudo_context = NULL; -char *realm = NULL; -int xrealm = 0; -#endif /* HAVE_KERB5 */ - -/* - * Table of "bad" envariables to remove and len for strncmp() - */ -struct env_table badenv_table[] = { - { "IFS=", 4 }, - { "LD_", 3 }, - { "_RLD", 4 }, -#ifdef __hpux - { "SHLIB_PATH=", 11 }, -#endif /* __hpux */ -#ifdef _AIX - { "LIBPATH=", 8 }, -#endif /* _AIX */ -#ifdef HAVE_KERB4 - { "KRB_CONF", 8 }, -#endif /* HAVE_KERB4 */ -#ifdef HAVE_KERB5 - { "KRB5_CONFIG", 11 }, -#endif /* HAVE_KERB5 */ - { "ENV=", 4 }, - { "BASH_ENV=", 9 }, - { (char *) NULL, 0 } -}; - - -/******************************************************************** - * - * main() - * - * the driving force behind sudo... - */ - -int main(argc, argv) - int argc; - char **argv; -{ - int rtn, serrno; - int cmnd_status = FOUND; - int sudo_mode = MODE_RUN; - extern char ** environ; - -#if defined(HAVE_GETPRPWNAM) && defined(HAVE_SET_AUTH_PARAMETERS) - (void) set_auth_parameters(argc, argv); -# ifdef HAVE_INITPRIVS - initprivs(); -# endif -#endif /* HAVE_GETPRPWNAM && HAVE_SET_AUTH_PARAMETERS */ - - Argv = argv; - Argc = argc; - - if (geteuid() != 0) { - (void) fprintf(stderr, "Sorry, %s must be setuid root.\n", Argv[0]); - exit(1); - } - - /* - * Close all file descriptors to make sure we have a nice - * clean slate from which to work. - */ -#ifdef HAVE_SYSCONF - for (rtn = sysconf(_SC_OPEN_MAX) - 1; rtn > 2; rtn--) - (void) close(rtn); -#else - for (rtn = getdtablesize() - 1; rtn > 2; rtn--) - (void) close(rtn); -#endif /* HAVE_SYSCONF */ - - /* - * set the prompt based on $SUDO_PROMPT (can be overridden by `-p') - */ - if ((prompt = getenv("SUDO_PROMPT")) == NULL) - prompt = PASSPROMPT; - - /* - * parse our arguments - */ - sudo_mode = parse_args(); - - switch (sudo_mode) { - case MODE_VERSION: - case MODE_HELP: - (void) printf("CU Sudo version %s\n", version); - if (sudo_mode == MODE_VERSION) - exit(0); - else - usage(0); - break; - case MODE_VALIDATE: - cmnd = "validate"; - break; - case MODE_KILL: - cmnd = "kill"; - break; - case MODE_LIST: - cmnd = "list"; - printmatches = 1; - break; - } - - /* must have a command to run unless got -s */ - if (cmnd == NULL && NewArgc == 0 && !(sudo_mode & MODE_SHELL)) - usage(1); - - clean_env(environ, badenv_table); - - load_globals(sudo_mode); /* load global variables used throughout sudo */ - - /* - * If we got the '-s' option (run shell) we need to redo NewArgv - * and NewArgc. This can only be done after load_globals(). - */ - if ((sudo_mode & MODE_SHELL)) { - char **dst, **src = NewArgv; - - NewArgv = (char **) emalloc (sizeof(char *) * (++NewArgc + 1)); - - /* add the shell as argv[0] */ - if (user_shell && *user_shell) { - NewArgv[0] = user_shell; - } else { - (void) fprintf(stderr, "%s: Unable to determine shell.", Argv[0]); - exit(1); - } - - /* copy the args from Argv */ - for (dst = NewArgv + 1; (*dst = *src) != NULL; ++src, ++dst) - ; - } - - rtn = check_sudoers(); /* check mode/owner on _PATH_SUDO_SUDOERS */ - if (rtn != ALL_SYSTEMS_GO) { - serrno = errno; - log_error(rtn); - set_perms(PERM_FULL_USER, sudo_mode); - errno = serrno; - inform_user(rtn); - exit(1); - } - -#ifdef SECURE_PATH - /* replace the PATH envariable with a secure one */ - if (!user_is_exempt() && sudo_setenv("PATH", SECURE_PATH)) { - (void) fprintf(stderr, "%s: cannot allocate memory!\n", Argv[0]); - exit(1); - } -#endif /* SECURE_PATH */ - - if ((sudo_mode & MODE_RUN)) { - cmnd_status = load_cmnd(sudo_mode); /* load the cmnd global variable */ - } else if (sudo_mode == MODE_KILL) { - remove_timestamp(); /* remove the timestamp ticket file */ - exit(0); - } - - add_env(!(sudo_mode & MODE_SHELL)); /* add in SUDO_* envariables */ - - /* validate the user but don't search for pseudo-commands */ - rtn = validate((sudo_mode != MODE_VALIDATE && sudo_mode != MODE_LIST)); - - switch (rtn) { - - case VALIDATE_OK: - check_user(); - /* fallthrough */ - - case VALIDATE_OK_NOPASS: - /* finally tell the user if the command did not exist */ - if (cmnd_status == NOT_FOUND_DOT) { - (void) fprintf(stderr, "%s: ignoring `%s' found in '.'\nUse `sudo ./%s' if this is the `%s' you wish to run.\n", Argv[0], cmnd, cmnd, cmnd); - exit(1); - } else if (cmnd_status == NOT_FOUND) { - (void) fprintf(stderr, "%s: %s: command not found\n", Argv[0], - cmnd); - exit(1); - } - - log_error(ALL_SYSTEMS_GO); - if (sudo_mode == MODE_VALIDATE) - exit(0); - else if (sudo_mode == MODE_LIST) { - list_matches(); - exit(0); - } - - /* become specified user or root */ - set_perms(PERM_RUNAS, sudo_mode); - - /* set $HOME for `sudo -H' */ - if ((sudo_mode & MODE_RESET_HOME) && runas_homedir) - (void) sudo_setenv("HOME", runas_homedir); - -#ifndef PROFILING - if ((sudo_mode & MODE_BACKGROUND) && fork() > 0) { - exit(0); - } else { - /* - * Make sure we are not being spoofed. The stat should - * be cheap enough to make this almost bulletproof. - */ - if (cmnd_st.st_dev) { - struct stat st; - - if (stat(cmnd, &st) < 0) { - (void) fprintf(stderr, "%s: unable to stat %s: ", - Argv[0], cmnd); - perror(""); - exit(1); - } - - if (st.st_dev != cmnd_st.st_dev || - st.st_ino != cmnd_st.st_ino) { - /* log and send mail, then bitch */ - log_error(SPOOF_ATTEMPT); - inform_user(SPOOF_ATTEMPT); - exit(1); - } - } - EXEC(cmnd, NewArgv); /* run the command */ - } -#else - exit(0); -#endif /* PROFILING */ - /* - * If we got here then the exec() failed... - */ - (void) fprintf(stderr, "%s: ", Argv[0]); - perror(cmnd); - exit(-1); - break; - - case VALIDATE_NOT_OK: - check_user(); - -#ifndef DONT_LEAK_PATH_INFO - log_error(rtn); - if (cmnd_status == NOT_FOUND_DOT) - (void) fprintf(stderr, "%s: ignoring `%s' found in '.'\nUse `sudo ./%s' if this is the `%s' you wish to run.\n", Argv[0], cmnd, cmnd, cmnd); - else if (cmnd_status == NOT_FOUND) - (void) fprintf(stderr, "%s: %s: command not found\n", Argv[0], - cmnd); - else - inform_user(rtn); - exit(1); - break; -#endif /* DONT_LEAK_PATH_INFO */ - - default: - log_error(rtn); - inform_user(rtn); - exit(1); - break; - } -} - - - -/********************************************************************** - * - * load_globals() - * - * This function primes these important global variables: - * user_pw_ent, host, cwd, interfaces. - */ - -static void load_globals(sudo_mode) - int sudo_mode; -{ - char *p; -#ifdef FQDN - struct hostent *h_ent; -#endif /* FQDN */ -#ifdef HAVE_KERB5 - krb5_error_code retval; - char *lrealm; -#endif /* HAVE_KERB5 */ - -#ifdef HOST_IN_LOG - /* - * Logging routines may use shost so set to a dummy value for now. - */ - shost = strcpy(host, "localhost"); -#endif - - /* - * Get a local copy of the user's struct passwd with the shadow password - * if necesary. It is assumed that euid is 0 at this point so we - * can read the shadow passwd file if necesary. - */ - if ((user_pw_ent = sudo_getpwuid(getuid())) == NULL) { - /* need to make a fake user_pw_ent */ - struct passwd pw; - char pw_name[MAX_UID_T_LEN + 1]; - - /* fill in uid and name fields with the uid */ - pw.pw_uid = getuid(); - (void) sprintf(pw_name, "%ld", (long) pw.pw_uid); - pw.pw_name = pw_name; - user_pw_ent = &pw; - - /* complain, log, and die */ - log_error(GLOBAL_NO_PW_ENT); - inform_user(GLOBAL_NO_PW_ENT); - exit(1); - } - -#ifdef HAVE_KERB5 - if (retval = krb5_init_context(&sudo_context)) { - log_error(GLOBAL_KRB5_INIT_ERR); - inform_user(GLOBAL_KRB5_INIT_ERR); - exit(1); - } - krb5_init_ets(sudo_context); - - if (retval = krb5_get_default_realm(sudo_context, &lrealm)) { - log_error(GLOBAL_KRB5_INIT_ERR); - inform_user(GLOBAL_KRB5_INIT_ERR); - exit(1); - } - - if (realm) { - if (strcmp(realm, lrealm) != 0) - xrealm = 1; /* User supplied realm is not the system default */ - free(lrealm); - } else - realm = lrealm; - - if (!arg_prompt) { - p = emalloc(strlen(user_name) + strlen(realm) + 17); - sprintf(p, "Password for %s@%s: ", user_name, realm); - prompt = p; - } -#endif /* HAVE_KERB5 */ - - /* Set euid == user and ruid == root */ - set_perms(PERM_ROOT, sudo_mode); - set_perms(PERM_USER, sudo_mode); - -#ifdef HAVE_TZSET - (void) tzset(); /* set the timezone if applicable */ -#endif /* HAVE_TZSET */ - - /* - * Need to get tty early since it's used for logging - */ - if ((p = (char *) ttyname(0)) || (p = (char *) ttyname(1))) { - if (strncmp(p, _PATH_DEV, sizeof(_PATH_DEV) - 1) == 0) - p += sizeof(_PATH_DEV) - 1; - tty = estrdup(p); - } - -#ifdef SUDO_UMASK - (void) umask((mode_t)SUDO_UMASK); -#endif /* SUDO_UMASK */ - -#ifdef NO_ROOT_SUDO - if (user_uid == 0) { - (void) fprintf(stderr, - "You are already root, you don't need to use sudo.\n"); - exit(1); - } -#endif - - /* - * so we know where we are... (do as user) - */ - if (!getcwd(cwd, sizeof(cwd))) { - /* try as root... */ - set_perms(PERM_ROOT, sudo_mode); - if (!getcwd(cwd, sizeof(cwd))) { - (void) fprintf(stderr, "%s: Can't get working directory!\n", - Argv[0]); - (void) strcpy(cwd, "unknown"); - } - set_perms(PERM_USER, sudo_mode); - } - - /* - * load the host global variable from gethostname() and use - * gethostbyname() if we want to be sure it is fully qualified. - */ - if ((gethostname(host, sizeof(host)))) { - strcpy(host, "localhost"); - log_error(GLOBAL_NO_HOSTNAME); - inform_user(GLOBAL_NO_HOSTNAME); - exit(2); - } -#ifdef FQDN - if ((h_ent = gethostbyname(host)) == NULL) - log_error(GLOBAL_HOST_UNREGISTERED); - else - strcpy(host, h_ent -> h_name); -#endif /* FQDN */ - - /* - * "host" is the (possibly fully-qualified) hostname and - * "shost" is the unqualified form of the hostname. - */ - if ((p = strchr(host, '.'))) { - *p = '\0'; - shost = estrdup(host); - *p = '.'; - } else { - shost = &host[0]; - } - - /* - * load a list of ip addresses and netmasks into - * the interfaces array. - */ - load_interfaces(); -} - - - -/********************************************************************** - * - * parse_args() - * - * this function parses the arguments to sudo - */ - -static int parse_args() -{ - int ret = MODE_RUN; /* what mode is suod to be run in? */ - int excl = 0; /* exclusive arg, no others allowed */ - - NewArgv = Argv + 1; - NewArgc = Argc - 1; - -#ifdef SHELL_IF_NO_ARGS - if (Argc < 2) { /* no options and no command */ - ret |= MODE_SHELL; - return(ret); - } -#else - if (Argc < 2) /* no options and no command */ - usage(1); -#endif /* SHELL_IF_NO_ARGS */ - - while (NewArgc > 0 && NewArgv[0][0] == '-') { - if (NewArgv[0][1] != '\0' && NewArgv[0][2] != '\0') { - (void) fprintf(stderr, "%s: Please use single character options\n", - Argv[0]); - usage(1); - } - - switch (NewArgv[0][1]) { -#ifdef HAVE_KERB5 - case 'r': - /* must have an associated realm */ - if (NewArgv[1] == NULL) - usage(1); - - realm = NewArgv[1]; - - /* shift Argv over and adjust Argc */ - NewArgc--; - NewArgv++; - break; -#endif /* HAVE_KERB5 */ - case 'p': - /* must have an associated prompt */ - if (NewArgv[1] == NULL) - usage(1); - - prompt = NewArgv[1]; - arg_prompt = 1; - - /* shift Argv over and adjust Argc */ - NewArgc--; - NewArgv++; - break; - case 'u': - /* must have an associated runas user */ - if (NewArgv[1] == NULL) - usage(1); - - runas_user = NewArgv[1]; - - /* shift Argv over and adjust Argc */ - NewArgc--; - NewArgv++; - break; - case 'b': - ret |= MODE_BACKGROUND; - break; - case 'v': - ret = MODE_VALIDATE; - if (excl && excl != 'v') - usage_excl(1); - excl = 'v'; - break; - case 'k': - ret = MODE_KILL; - if (excl && excl != 'k') - usage_excl(1); - excl = 'k'; - break; - case 'l': - ret = MODE_LIST; - if (excl && excl != 'l') - usage_excl(1); - excl = 'l'; - break; - case 'V': - ret = MODE_VERSION; - if (excl && excl != 'V') - usage_excl(1); - excl = 'V'; - break; - case 'h': - ret = MODE_HELP; - if (excl && excl != 'h') - usage_excl(1); - excl = 'h'; - break; - case 's': - ret |= MODE_SHELL; -#ifdef SHELL_SETS_HOME - ret |= MODE_RESET_HOME; -#endif /* SHELL_SETS_HOME */ - break; - case 'H': - ret |= MODE_RESET_HOME; - break; - case '-': - NewArgc--; - NewArgv++; -#ifdef SHELL_IF_NO_ARGS - if (ret == MODE_RUN) - ret |= MODE_SHELL; -#endif /* SHELL_IF_NO_ARGS */ - return(ret); - case '\0': - (void) fprintf(stderr, "%s: '-' requires an argument\n", - Argv[0]); - usage(1); - default: - (void) fprintf(stderr, "%s: Illegal option %s\n", Argv[0], - NewArgv[0]); - usage(1); - } - NewArgc--; - NewArgv++; - } - - if (NewArgc > 0 && (ret == MODE_VALIDATE || ret == MODE_KILL || - ret == MODE_LIST)) - usage(1); - - return(ret); -} - - - -/********************************************************************** - * - * usage_excl() - * - * Tell which options are mutually exclusive and exit - */ - -static void usage_excl(exit_val) - int exit_val; -{ - (void) fprintf(stderr, "Only one of the -v, -k, -l, -V and -h options may be used\n"); - usage(exit_val); -} - -/********************************************************************** - * - * usage() - * - * this function just gives you instructions and exits - */ - -static void usage(exit_val) - int exit_val; -{ - (void) fprintf(stderr, - "usage: %s -V | -h | -l | -v | -k | -H | [-b] [-p prompt] ", - Argv[0]); -#ifdef HAVE_KERB5 - (void) fprintf(stderr, "[-r realm] "); -#endif /* HAVE_KERB5 */ - (void) fprintf(stderr, "[-u username/#uid] -s | <command>\n"); - exit(exit_val); -} - - - -/********************************************************************** - * - * add_env() - * - * this function adds sudo-specific variables into the environment - */ - -static void add_env(contiguous) - int contiguous; -{ - char idstr[MAX_UID_T_LEN + 1]; - size_t size; - char *buf; - - /* add the SUDO_COMMAND envariable (cmnd + args) */ - size = strlen(cmnd) + 1; - if (NewArgc > 1) { - char *to, **from; - - if (contiguous) { - size += (size_t) (NewArgv[NewArgc-1] - NewArgv[1]) + - strlen(NewArgv[NewArgc-1]) + 1; - } else { - for (from = &NewArgv[1]; *from; from++) - size += strlen(*from) + 1; - } - - buf = (char *) emalloc(size); - - /* - * Copy the command and it's arguments info buf - */ - (void) strcpy(buf, cmnd); - to = buf + strlen(cmnd); - for (from = &NewArgv[1]; *from; from++) { - *to++ = ' '; - (void) strcpy(to, *from); - to += strlen(*from); - } - } else { - buf = cmnd; - } - if (sudo_setenv("SUDO_COMMAND", buf)) { - (void) fprintf(stderr, "%s: cannot allocate memory!\n", Argv[0]); - exit(1); - } - if (NewArgc > 1) - (void) free(buf); - - /* grab a pointer to the flat arg string from the environment */ - if (NewArgc > 1 && (cmnd_args = getenv("SUDO_COMMAND"))) { - if ((cmnd_args = strchr(cmnd_args, ' '))) - cmnd_args++; - else - cmnd_args = NULL; - } - - /* add the SUDO_USER envariable */ - if (sudo_setenv("SUDO_USER", user_name)) { - (void) fprintf(stderr, "%s: cannot allocate memory!\n", Argv[0]); - exit(1); - } - - /* add the SUDO_UID envariable */ - (void) sprintf(idstr, "%ld", (long) user_uid); - if (sudo_setenv("SUDO_UID", idstr)) { - (void) fprintf(stderr, "%s: cannot allocate memory!\n", Argv[0]); - exit(1); - } - - /* add the SUDO_GID envariable */ - (void) sprintf(idstr, "%ld", (long) user_gid); - if (sudo_setenv("SUDO_GID", idstr)) { - (void) fprintf(stderr, "%s: cannot allocate memory!\n", Argv[0]); - exit(1); - } - - /* set PS1 if SUDO_PS1 is set */ - if ((buf = getenv("SUDO_PS1"))) - if (sudo_setenv("PS1", buf)) { - (void) fprintf(stderr, "%s: cannot allocate memory!\n", Argv[0]); - exit(1); - } -} - - - -/********************************************************************** - * - * load_cmnd() - * - * This function sets the cmnd global variable - * Returns 1 on success, 0 on failure. - */ - -static int load_cmnd(sudo_mode) - int sudo_mode; -{ - int retval; - - if (strlen(NewArgv[0]) >= MAXPATHLEN) { - errno = ENAMETOOLONG; - (void) fprintf(stderr, "%s: %s: Pathname too long\n", Argv[0], - NewArgv[0]); - exit(1); - } - - /* - * Resolve the path - */ - if ((retval = find_path(NewArgv[0], &cmnd)) != FOUND) - cmnd = NewArgv[0]; - return(retval); -} - - - -/********************************************************************** - * - * check_sudoers() - * - * This function check to see that the sudoers file is owned by - * uid SUDOERS_UID, gid SUDOERS_GID and is mode SUDOERS_MODE. - */ - -static int check_sudoers() -{ - struct stat statbuf; - int rootstat, i; - char c; - int rtn = ALL_SYSTEMS_GO; - - /* - * Fix the mode and group on sudoers file from old default. - * Only works if filesystem is readable/writable by root. - */ - set_perms(PERM_ROOT, 0); - if ((rootstat = lstat(_PATH_SUDO_SUDOERS, &statbuf)) == 0 && - SUDOERS_UID == statbuf.st_uid && SUDOERS_MODE != 0400 && - (statbuf.st_mode & 0007777) == 0400) { - - if (chmod(_PATH_SUDO_SUDOERS, SUDOERS_MODE) == 0) { - (void) fprintf(stderr, "%s: fixed mode on %s\n", - Argv[0], _PATH_SUDO_SUDOERS); - if (statbuf.st_gid != SUDOERS_GID) { - if (!chown(_PATH_SUDO_SUDOERS,GID_NO_CHANGE,SUDOERS_GID)) { - (void) fprintf(stderr, "%s: set group on %s\n", - Argv[0], _PATH_SUDO_SUDOERS); - statbuf.st_gid = SUDOERS_GID; - } else { - (void) fprintf(stderr,"%s: Unable to set group on %s: ", - Argv[0], _PATH_SUDO_SUDOERS); - perror(""); - } - } - } else { - (void) fprintf(stderr, "%s: Unable to fix mode on %s: ", - Argv[0], _PATH_SUDO_SUDOERS); - perror(""); - } - } - - /* - * Sanity checks on sudoers file. Must be done as sudoers - * file owner. We already did a stat as root, so use that - * data if we can't stat as sudoers file owner. - */ - set_perms(PERM_SUDOERS, 0); - - if (rootstat != 0 && lstat(_PATH_SUDO_SUDOERS, &statbuf) != 0) - rtn = NO_SUDOERS_FILE; - else if (!S_ISREG(statbuf.st_mode)) - rtn = SUDOERS_NOT_FILE; - else if ((statbuf.st_mode & 0007777) != SUDOERS_MODE) - rtn = SUDOERS_WRONG_MODE; - else if (statbuf.st_uid != SUDOERS_UID || statbuf.st_gid != SUDOERS_GID) - rtn = SUDOERS_WRONG_OWNER; - else { - /* Solaris sometimes returns EAGAIN so try 10 times */ - for (i = 0; i < 10 ; i++) { - errno = 0; - if ((sudoers_fp = fopen(_PATH_SUDO_SUDOERS, "r")) == NULL || - fread(&c, sizeof(c), 1, sudoers_fp) != 1) { - sudoers_fp = NULL; - if (errno != EAGAIN && errno != EWOULDBLOCK) - break; - } else - break; - sleep(1); - } - if (sudoers_fp == NULL) { - fprintf(stderr, "%s: cannot open %s: ", Argv[0], _PATH_SUDO_SUDOERS); - perror(""); - rtn = NO_SUDOERS_FILE; - } - } - - set_perms(PERM_ROOT, 0); - set_perms(PERM_USER, 0); - - return(rtn); -} - - - -/********************************************************************** - * - * set_perms() - * - * this function sets real and effective uids and gids based on perm. - */ - -void set_perms(perm, sudo_mode) - int perm; - int sudo_mode; -{ - struct passwd *pw; - - switch (perm) { - case PERM_ROOT: - if (setuid(0)) { - perror("setuid(0)"); - exit(1); - } - break; - - case PERM_USER: - (void) setgid(user_gid); - - if (seteuid(user_uid)) { - perror("seteuid(user_uid)"); - exit(1); - } - break; - - case PERM_FULL_USER: - if (setuid(0)) { - perror("setuid(0)"); - exit(1); - } - - (void) setgid(user_gid); - - if (setuid(user_uid)) { - perror("setuid(user_uid)"); - exit(1); - } - - break; - case PERM_RUNAS: - if (setuid(0)) { - perror("setuid(0)"); - exit(1); - } - - /* XXX - add group/gid support */ - if (*runas_user == '#') { - if (setuid(atoi(runas_user + 1))) { - (void) fprintf(stderr, - "%s: cannot set uid to %s: ", - Argv[0], runas_user); - perror(""); - exit(1); - } - } else { - if (!(pw = getpwnam(runas_user))) { - (void) fprintf(stderr, - "%s: no passwd entry for %s!\n", - Argv[0], runas_user); - exit(1); - } - - /* Set $USER to match target user */ - if (sudo_setenv("USER", pw->pw_name)) { - (void) fprintf(stderr, - "%s: cannot allocate memory!\n", - Argv[0]); - exit(1); - } - - if (setgid(pw->pw_gid)) { - (void) fprintf(stderr, - "%s: cannot set gid to %d: ", - Argv[0], pw->pw_gid); - perror(""); - exit(1); - } - - /* - * Initialize group vector only if are - * going to run as a non-root user. - */ - if (strcmp(runas_user, "root") != 0 && - initgroups(runas_user, pw->pw_gid) - == -1) { - (void) fprintf(stderr, - "%s: cannot set group vector ", - Argv[0]); - perror(""); - exit(1); - } - - if (setuid(pw->pw_uid)) { - (void) fprintf(stderr, - "%s: cannot set uid to %d: ", - Argv[0], pw->pw_uid); - perror(""); - exit(1); - } - if (sudo_mode & MODE_RESET_HOME) - runas_homedir = pw->pw_dir; - } - - break; - case PERM_SUDOERS: - if (setuid(0)) { - perror("setuid(0)"); - exit(1); - } - - if (setgid(SUDOERS_GID)) { - perror("setgid(SUDOERS_GID)"); - exit(1); - } - - /* - * If SUDOERS_UID == 0 and SUDOERS_MODE - * is group readable we use a non-zero - * uid in order to avoid NFS lossage. - * Using uid 1 is a bit bogus but should - * work on all OS's. - */ - if (SUDOERS_UID == 0) { - if ((SUDOERS_MODE & 040) && seteuid(1)) { - perror("seteuid(1)"); - exit(1); - } - } else { - if (seteuid(SUDOERS_UID)) { - perror("seteuid(SUDOERS_UID)"); - exit(1); - } - } - - break; - } -} - - - -/********************************************************************** - * - * clean_env() - * - * This function removes things from the environment that match the - * entries in badenv_table. It would be nice to add in the SUDO_* - * variables here as well but cmnd has not been defined at this point. - */ - -static void clean_env(envp, badenv_table) - char **envp; - struct env_table *badenv_table; -{ - struct env_table *bad; - char **cur; - - /* - * Remove any envars that match entries in badenv_table - */ - for (cur = envp; *cur; cur++) { - for (bad = badenv_table; bad -> name; bad++) { - if (strncmp(*cur, bad -> name, bad -> len) == 0) { - /* got a match so remove it */ - char **move; - - for (move = cur; *move; move++) - *move = *(move + 1); - - cur--; - - break; - } - } - } -} diff --git a/gnu/usr.bin/sudo/sudo/sudo.h b/gnu/usr.bin/sudo/sudo/sudo.h deleted file mode 100644 index ea04d9e5a36..00000000000 --- a/gnu/usr.bin/sudo/sudo/sudo.h +++ /dev/null @@ -1,286 +0,0 @@ -/* $OpenBSD: sudo.h,v 1.9 1999/03/29 20:29:06 millert Exp $ */ - -/* - * CU sudo version 1.5.9 (based on Root Group sudo version 1.1) - * Copyright (c) 1994,1996,1998,1999 Todd C. Miller <Todd.Miller@courtesan.com> - * - * This software comes with no waranty whatsoever, use at your own risk. - * - * Please send bugs, changes, problems to sudo-bugs@courtesan.com - * - */ - -/* - * sudo version 1.1 allows users to execute commands as root - * Copyright (C) 1991 The Root Group, Inc. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 1, or (at your option) - * any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - * - * $Sudo: sudo.h,v 1.140 1999/03/29 04:05:12 millert Exp $ - */ - -#ifndef _SUDO_SUDO_H -#define _SUDO_SUDO_H - -#include <pathnames.h> -#include "compat.h" - -/* - * IP address and netmask pairs for checking against local interfaces. - */ -struct interface { - struct in_addr addr; - struct in_addr netmask; -}; - -/* - * Data structure used in parsing sudoers; - * top of stack values are the ones that - * apply when parsing is done & can be - * accessed by *_matches macros - */ -#define STACKINCREMENT (32) -struct matchstack { - int user; - int cmnd; - int host; - int runas; - int nopass; -}; - -/* - * Data structure describing a command in the - * sudoers file. - */ -struct sudo_command { - char *cmnd; - char *args; -}; - - -extern struct matchstack *match; -extern int top; - -#define user_matches (match[top-1].user) -#define cmnd_matches (match[top-1].cmnd) -#define host_matches (match[top-1].host) -#define runas_matches (match[top-1].runas) -#define no_passwd (match[top-1].nopass) - -/* - * Structure containing command matches if "sudo -l" is used. - */ -struct command_match { - char *runas; - size_t runas_len; - size_t runas_size; - char *cmnd; - size_t cmnd_len; - size_t cmnd_size; - int nopasswd; -}; - -/* - * Structure containing Cmnd_Alias's if "sudo -l" is used. - */ -struct generic_alias { - char *alias; - char *entries; - size_t entries_size; - size_t entries_len; -}; - -/* - * Maximum number of characters to log per entry. The syslogger - * will log this much, after that, it truncates the log line. - * We need this here to make sure that we continue with another - * syslog(3) call if the internal buffer is moe than 1023 characters. - */ -#ifndef MAXSYSLOGLEN -# define MAXSYSLOGLEN 960 -#endif - -/* - * syslog(3) parameters - */ - -#define SLOG_SYSLOG 0x01 -#define SLOG_FILE 0x02 -#define SLOG_BOTH 0x03 - -#if (LOGGING & SLOG_SYSLOG) -# include <syslog.h> -# ifndef Syslog_ident -# define Syslog_ident "sudo" -# endif -# ifndef Syslog_options -# define Syslog_options 0 -# endif -# if !defined(Syslog_facility) && defined(LOG_NFACILITIES) -# define Syslog_facility LOGFAC -# endif -# ifndef Syslog_priority_OK -# define Syslog_priority_OK LOG_NOTICE -# endif -# ifndef Syslog_priority_NO -# define Syslog_priority_NO LOG_ALERT -# endif -#endif /* LOGGING & SLOG_SYSLOG */ - -#define VALIDATE_OK 0x00 -#define VALIDATE_NO_USER 0x01 -#define VALIDATE_NOT_OK 0x02 -#define VALIDATE_OK_NOPASS 0x03 -#define VALIDATE_ERROR -1 - -/* - * the arguments passed to log_error() are ANDed with GLOBAL_PROBLEM - * If the result is TRUE, the argv is NOT logged with the error message - */ -#define GLOBAL_PROBLEM 0x20 -#define ALL_SYSTEMS_GO 0x00 -#define GLOBAL_NO_PW_ENT ( 0x01 | GLOBAL_PROBLEM ) -#define GLOBAL_NO_SPW_ENT ( 0x02 | GLOBAL_PROBLEM ) -#define GLOBAL_NO_HOSTNAME ( 0x03 | GLOBAL_PROBLEM ) -#define GLOBAL_HOST_UNREGISTERED ( 0x04 | GLOBAL_PROBLEM ) -#define PASSWORD_NOT_CORRECT 0x05 -#define PASSWORDS_NOT_CORRECT 0x06 -#define NO_SUDOERS_FILE ( 0x07 | GLOBAL_PROBLEM ) -#define BAD_SUDOERS_FILE ( 0x08 | GLOBAL_PROBLEM ) -#define SUDOERS_WRONG_OWNER ( 0x09 | GLOBAL_PROBLEM ) -#define SUDOERS_WRONG_MODE ( 0x0A | GLOBAL_PROBLEM ) -#define SUDOERS_NOT_FILE ( 0x0B | GLOBAL_PROBLEM ) -#define SPOOF_ATTEMPT 0x0D -#define BAD_STAMPDIR 0x0E -#define BAD_STAMPFILE 0x0F -#define BAD_ALLOCATION 0x10 -#ifdef HAVE_KERB5 -#define GLOBAL_KRB5_INIT_ERR ( 0x11 | GLOBAL_PROBLEM ) -#endif /* HAVE_KERB5 */ - -/* - * Boolean values - */ -#undef TRUE -#define TRUE 1 -#undef FALSE -#define FALSE 0 - -/* - * find_path()/load_cmnd() return values - */ -#define FOUND 1 -#define NOT_FOUND 0 -#define NOT_FOUND_DOT -1 - -/* - * Various modes sudo can be in (based on arguments) in octal - */ -#define MODE_RUN 00001 -#define MODE_VALIDATE 00002 -#define MODE_KILL 00004 -#define MODE_VERSION 00010 -#define MODE_HELP 00020 -#define MODE_LIST 00040 -#define MODE_BACKGROUND 00100 -#define MODE_SHELL 00200 -#define MODE_RESET_HOME 00400 - -/* - * Used with set_perms() - */ -#define PERM_ROOT 0x00 -#define PERM_USER 0x01 -#define PERM_FULL_USER 0x02 -#define PERM_SUDOERS 0x03 -#define PERM_RUNAS 0x04 - -/* - * Shortcuts for user_pw_ent - */ -#define user_name (user_pw_ent -> pw_name) -#define user_passwd (user_pw_ent -> pw_passwd) -#define user_uid (user_pw_ent -> pw_uid) -#define user_gid (user_pw_ent -> pw_gid) -#define user_shell (user_pw_ent -> pw_shell) -#define user_dir (user_pw_ent -> pw_dir) - -/* - * Use either tgetpass() or system getpass() - */ -#ifdef USE_GETPASS -#define GETPASS(p, t) getpass(p) -#else -#define GETPASS(p, t) tgetpass(p, t) -#endif - -/* - * Function prototypes - */ -#define YY_DECL int yylex __P((void)) - -#ifndef HAVE_GETCWD -char *getcwd __P((char *, size_t size)); -#endif -#if !defined(HAVE_PUTENV) && !defined(HAVE_SETENV) -int putenv __P((const char *)); -#endif -char *sudo_goodpath __P((const char *)); -int sudo_setenv __P((char *, char *)); -char *tgetpass __P((char *, int)); -int find_path __P((char *, char **)); -void log_error __P((int)); -void inform_user __P((int)); -void check_user __P((void)); -int validate __P((int)); -void set_perms __P((int, int)); -void remove_timestamp __P((void)); -void load_interfaces __P((void)); -int check_secureware __P((char *)); -void sia_attempt_auth __P((void)); -int yyparse __P((void)); -void pass_warn __P((FILE *)); -VOID *emalloc __P((size_t)); -VOID *erealloc __P((VOID *, size_t)); -VOID *estrdup __P((char *)); -YY_DECL; - - -/* - * Most of these variables are declared in main() so they don't need - * to be extern'ed here if this is main... - */ -#ifndef MAIN -extern char host[]; -extern char *shost; -extern char cwd[]; -extern struct interface *interfaces; -extern int num_interfaces; -extern struct passwd *user_pw_ent; -extern char *runas_user; -extern char *tty; -extern char *cmnd; -extern char *cmnd_args; -extern char *prompt; -extern struct stat cmnd_st; -extern int Argc; -extern char **Argv; -extern int NewArgc; -extern char **NewArgv; -extern FILE *sudoers_fp; -#endif -extern int errno; - -#endif /* _SUDO_SUDO_H */ diff --git a/gnu/usr.bin/sudo/sudo/sudo_setenv.c b/gnu/usr.bin/sudo/sudo/sudo_setenv.c deleted file mode 100644 index 22680412df3..00000000000 --- a/gnu/usr.bin/sudo/sudo/sudo_setenv.c +++ /dev/null @@ -1,96 +0,0 @@ -/* $OpenBSD: sudo_setenv.c,v 1.9 1999/03/29 20:29:07 millert Exp $ */ - -/* - * CU sudo version 1.5.9 - * Copyright (c) 1996, 1998, 1999 Todd C. Miller <Todd.Miller@courtesan.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 1, or (at your option) - * any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - * - * Please send bugs, changes, problems to sudo-bugs@courtesan.com - * - ******************************************************************* - * - * This module contains sudo_setenv(). - * sudo_setenv(3) adds a string of the form "var=val" to the environment. - * - * Todd C. Miller <Todd.Miller@courtesan.com> Fri Jun 3 18:32:19 MDT 1994 - */ - -#include "config.h" - -#include <stdio.h> -#ifdef STDC_HEADERS -#include <stdlib.h> -#endif /* STDC_HEADERS */ -#if defined(HAVE_MALLOC_H) && !defined(STDC_HEADERS) -#include <malloc.h> -#endif /* HAVE_MALLOC_H && !STDC_HEADERS */ -#ifdef HAVE_UNISTD_H -#include <unistd.h> -#endif /* HAVE_UNISTD_H */ -#include <sys/types.h> -#include <sys/param.h> -#include <netinet/in.h> - -#include "sudo.h" - -#ifndef STDC_HEADERS -#ifdef HAVE_PUTENV -extern int putenv __P((const char *)); -#endif /* HAVE_PUTENV */ -#ifdef HAVE_SETENV -extern int setenv __P((char *, char *, int)); -#endif /* HAVE_SETENV */ -#endif /* !STDC_HEADERS */ - -#ifndef lint -static const char rcsid[] = "$Sudo: sudo_setenv.c,v 1.35 1999/03/29 04:05:13 millert Exp $"; -#endif /* lint */ - - -/********************************************************************** - * - * sudo_setenv() - * - * sudo_setenv() adds a string of the form "var=val" to the environment. - * If it is unable to expand the current environent it returns -1, - * else it returns 0. - */ - -int sudo_setenv(var, val) - char *var; - char *val; -{ - -#ifdef HAVE_SETENV - return(setenv(var, val, 1)); -#else - char *envstring, *tmp; - - envstring = tmp = (char *) malloc(strlen(var) + strlen(val) + 2); - if (envstring == NULL) - return(-1); - - while ((*tmp++ = *var++)) - ; - - *(tmp-1) = '='; - - while ((*tmp++ = *val++)) - ; - - return(putenv(envstring)); -#endif /* HAVE_SETENV */ -} diff --git a/gnu/usr.bin/sudo/sudo/sudoers.5 b/gnu/usr.bin/sudo/sudo/sudoers.5 deleted file mode 100644 index 911879e3c7b..00000000000 --- a/gnu/usr.bin/sudo/sudo/sudoers.5 +++ /dev/null @@ -1,503 +0,0 @@ -.rn '' }` -''' $OpenBSD: sudoers.5,v 1.11 1999/09/23 04:11:59 alex Exp $ -''' -.de Sh -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp -.if t .sp .5v -.if n .sp -.. -.de Ip -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb -.ft CW -.nf -.ne \\$1 -.. -.de Ve -.ft R - -.fi -.. -''' -''' -''' Set up \*(-- to give an unbreakable dash; -''' string Tr holds user defined translation string. -''' Bell System Logo is used as a dummy character. -''' -.tr \(*W-|\(bv\*(Tr -.ie n \{\ -.ds -- \(*W- -.ds PI pi -.if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -.if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -.ds L" "" -.ds R" "" -''' \*(M", \*(S", \*(N" and \*(T" are the equivalent of -''' \*(L" and \*(R", except that they are used on ".xx" lines, -''' such as .IP and .SH, which do another additional levels of -''' double-quote interpretation -.ds M" """ -.ds S" """ -.ds N" """"" -.ds T" """"" -.ds L' ' -.ds R' ' -.ds M' ' -.ds S' ' -.ds N' ' -.ds T' ' -'br\} -.el\{\ -.ds -- \(em\| -.tr \*(Tr -.ds L" `` -.ds R" '' -.ds M" `` -.ds S" '' -.ds N" `` -.ds T" '' -.ds L' ` -.ds R' ' -.ds M' ` -.ds S' ' -.ds N' ` -.ds T' ' -.ds PI \(*p -'br\} -.\" If the F register is turned on, we'll generate -.\" index entries out stderr for the following things: -.\" TH Title -.\" SH Header -.\" Sh Subsection -.\" Ip Item -.\" X<> Xref (embedded -.\" Of course, you have to process the output yourself -.\" in some meaninful fashion. -.if \nF \{ -.de IX -.tm Index:\\$1\t\\n%\t"\\$2" -.. -.nr % 0 -.rr F -.\} -.TH sudoers 5 "1.5.9" "17/Jan/99" "FILE FORMATS" -.UC -.if n .hy 0 -.if n .na -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.de CQ \" put $1 in typewriter font -.ft CW -'if n "\c -'if t \\&\\$1\c -'if n \\&\\$1\c -'if n \&" -\\&\\$2 \\$3 \\$4 \\$5 \\$6 \\$7 -'.ft R -.. -.\" @(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2 -. \" AM - accent mark definitions -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds ? ? -. ds ! ! -. ds / -. ds q -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds ? \s-2c\h'-\w'c'u*7/10'\u\h'\*(#H'\zi\d\s+2\h'\w'c'u*8/10' -. ds ! \s-2\(or\s+2\h'-\w'\(or'u'\v'-.8m'.\v'.8m' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -. ds q o\h'-\w'o'u*8/10'\s-4\v'.4m'\z\(*i\v'-.4m'\s+4\h'\w'o'u*8/10' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds v \\k:\h'-(\\n(.wu*9/10-\*(#H)'\v'-\*(#V'\*(#[\s-4v\s0\v'\*(#V'\h'|\\n:u'\*(#] -.ds _ \\k:\h'-(\\n(.wu*9/10-\*(#H+(\*(#F*2/3))'\v'-.4m'\z\(hy\v'.4m'\h'|\\n:u' -.ds . \\k:\h'-(\\n(.wu*8/10)'\v'\*(#V*4/10'\z.\v'-\*(#V*4/10'\h'|\\n:u' -.ds 3 \*(#[\v'.2m'\s-2\&3\s0\v'-.2m'\*(#] -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -.ds oe o\h'-(\w'o'u*4/10)'e -.ds Oe O\h'-(\w'O'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds v \h'-1'\o'\(aa\(ga' -. ds _ \h'-1'^ -. ds . \h'-1'. -. ds 3 3 -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -. ds oe oe -. ds Oe OE -.\} -.rm #[ #] #H #V #F C -.SH "NAME" -sudoers \- list of which users may execute what as root -.SH "DESCRIPTION" -The \fIsudoers\fR file is composed of an optional host alias section, -an optional command alias section and the user specification section. -All command or host aliases need to start with their respective keywords -(ie: Host_Alias, User_Alias, Runas_Alias or Cmnd_Alias). -If there are multiple occurrences of a user, the union of the entries -will be used. -.Sh "user specification format:" -.PP -.Vb 1 -\& user access_group [: access_group] ... -.Ve -.Vb 10 -\& access_group ::= host_type = [(runas_list)] [NOPASSWD:] [op]cmnd_type -\& [,[(user_list)] [NOPASSWD:] [op]cmnd_type] ... -\& host_type ::= a lower-case hostname, netgroup, ip address, -\& network number, network number/netmask, -\& or host alias. -\& runas_list ::= comma-separated list of users, groups, -\& netgroups or Runas_Aliases the user may run -\& commands as (default is root). -\& cmnd_type ::= a command OR a command alias. -\& op ::= the logical "!" NOT operator. -.Ve -.Sh "host alias section format:" -.PP -.Vb 1 -\& Host_Alias HOSTALIAS = host-list -.Ve -.Vb 4 -\& Host_Alias ::= a keyword. -\& HOSTALIAS ::= an upper-case alias name. -\& host-list ::= a comma separated list of hosts, netgroups, -\& ip addresses, networks. -.Ve -.Sh "user alias section format:" -.PP -.Vb 1 -\& User_Alias USERALIAS = user-list -.Ve -.Vb 3 -\& User_Alias ::= a keyword. -\& USERALIAS ::= an upper-case alias name. -\& user-list ::= a comma separated list of users, groups, netgroups. -.Ve -.Sh "runas alias section format:" -.PP -.Vb 1 -\& Runas_Alias RUNASALIAS = runas-list -.Ve -.Vb 3 -\& Runas_Alias ::= a keyword. -\& RUNASALIAS ::= an upper-case alias name. -\& runas-list ::= a comma separated list of users, groups, netgroups. -.Ve -.Sh "command alias section format:" -.PP -.Vb 1 -\& Cmnd_Alias CMNDALIAS = cmnd-list -.Ve -.Vb 3 -\& Cmnd_Alias ::= a keyword. -\& CMNDALIAS ::= an upper-case alias name. -\& cmnd-list ::= a comma separated list commands. -.Ve -.Sh "command specification:" -.PP -.Vb 1 -\& path arg1 arg2 .. argn = command -.Ve -.Vb 2 -\& path ::= a fully qualified pathname. -\& arg[1..n] ::= optional command line arguments. -.Ve -.Sh "wildcards (aka meta characters):" -\fBsudo\fR allows shell-style \fIwildcards\fR along with command arguments -in the \fIsudoers\fR file. Wildcard matching is done via the \fB\s-1POSIX\s0\fR -\f(CWfnmatch(3)\fR routine. -.Ip "\f(CW*\fR" 8 -Matches any set of zero or more characters. -.Ip "\f(CW?\fR" 8 -Matches any single character. -.Ip "\f(CW[...]\fR" 8 -Matches any character in the specified range. -.Ip "\f(CW[!...]\fR" 8 -Matches any character \fBnot\fR in the specified range. -.Ip "\f(CW\ex\fR" 8 -For any character \*(L"x\*(R", evaluates to \*(L"x\*(R". This is used to -escape special characters such as: \*(L"*\*(R", \*(L"?\*(R", \*(L"[\*(R", and \*(L"}\*(R". -.Sh "exceptions to wildcard rules:" -The following exceptions apply to the above rules: -.Ip "\f(CW""\fR" 8 -If the empty string \f(CW""\fR is the only command line argument in the -\fIsudoers\fR entry it means that command may take \fBno\fR arguments. -.Sh "other special characters and reserved words:" -Text after a pound sign (\fB#\fR) is considered a comment. -Words that begin with a percent sign (\fB%\fR) are assumed to -be \s-1UN\s0*X groups (%staff refers to users in the group \fIstaff\fR). -Words that begin with a plus sign (\fB+\fR) are assumed to -be netgroups (\fB+cshosts\fR refers to the netgroup \fIcshosts\fR). -Long lines can be newline escaped with the backslash \fB\e\fR character. -The reserved word \fB\s-1NOPASSWD\s0\fR indicates that a user need not -enter a password for the command listed in that entry. -.PP -The reserved alias \fI\s-1ALL\s0\fR can be used for both {Host,User,Cmnd}_Alias. -\fB\s-1DO\s0 \s-1NOT\s0\fR define an alias of \fI\s-1ALL\s0\fR, it will \fB\s-1NOT\s0\fR be used. -Note that \fI\s-1ALL\s0\fR implies the entire universe of hosts/users/commands. -You can subtract elements from the universe by using the syntax: - user host=\s-1ALL\s0,!\s-1ALIAS1\s0,!/etc/halt... -Note that the \*(L"!\*(R" notation only works in a user's command list. You -may not use it to subtract elements in a User_Alias, Host_Alias, -Cmnd_Alias or user list. -.PP -Commands may have optional command line arguments. If they do, -then the arguments in the \fIsudoers\fR file must exactly match those -on the command line. It is also possible to have a command's -arguments span multiple lines as long as the line continuance -character \*(L"\e\*(R" is used. The following characters must be escaped -with a \*(L"\e\*(R" if used in command arguments: \*(L",\*(R", \*(L":\*(R", \*(L"=\*(R", \*(L"\e\*(R". -.SH "EXAMPLES" -.PP -.Vb 7 -\& # Host alias specification -\& Host_Alias HUB=houdini:\e -\& REMOTE=merlin,kodiakthorn,spirit -\& Host_Alias SERVERS=houdini,merlin,kodiakthorn,spirit -\& Host_Alias CUNETS=128.138.0.0/255.255.0.0 -\& Host_Alias CSNETS=128.138.243.0,128.138.204.0,\e -\& 128.138.205.192 -.Ve -.Vb 3 -\& # User alias specification -\& User_Alias FULLTIME=millert,dowdy,mikef -\& User_Alias PARTTIME=juola,mccreary,tor -.Ve -.Vb 2 -\& # Runas alias specification -\& Runas_Alias OP=root,operator -.Ve -.Vb 6 -\& # Command alias specification -\& Cmnd_Alias LPCS=/usr/etc/lpc,/usr/ucb/lprm -\& Cmnd_Alias SHELLS=/bin/sh,/bin/csh,/bin/tcsh,/bin/ksh -\& Cmnd_Alias SU=/bin/su -\& Cmnd_Alias MISC=/bin/rm,/bin/cat:\e -\& SHUTDOWN=/etc/halt,/etc/shutdown -.Ve -.Vb 14 -\& # User specification -\& FULLTIME ALL=(ALL) NOPASSWD: ALL -\& %wheel ALL=ALL -\& PARTTIME ALL=ALL,!SHELLS,!SU -\& +interns +openlabs=ALL,!SHELLS,!SU -\& britt REMOTE=SHUTDOWN:ALL=LPCS -\& jimbo CUNETS=/bin/su ?*,!/bin/su *root* -\& nieusma SERVERS=SHUTDOWN,/etc/reboot:\e -\& HUB=ALL,!SHELLS -\& jill houdini=/etc/shutdown -[hr] now,MISC -\& markm HUB=ALL,!MISC,!/etc/shutdown,!/etc/halt -\& davehieb merlin=(OP) ALL:SERVERS=/etc/halt:\e -\& kodiakthorn=NOPASSWD: ALL -\& steve CSNETS=(operator) /usr/op_commands/ -.Ve -.Sh "Host Alias specifications:" -The are four \fIhost aliases\fR. The first actually contains -two \fIaliases\fR. It sets \f(CWHUB\fR to be \f(CWhoudini\fR and \f(CWREMOTE\fR -to the three machines \f(CWmerlin\fR, \f(CWkodiakthorn\fR and \f(CWspirit\fR. -Similarly, \f(CWSERVERS\fR is set to the machines \f(CWhoudini\fR, \f(CWmerlin\fR, -\f(CWkodiakthorn\fR and \f(CWspirit\fR. The \f(CWCSNETS\fR alias will match -any host on the 128.138.243.0, 128.138.204.0, or 128.138.205.192 -nets. The \f(CWCUNETS\fR alias will match any host on the 128.138.0.0 -(class B) network. Note that these are \fBnetwork\fR addresses, not ip -addresses. Unless an explicate netmask is given, the local \fInetmask\fR -is used to determine whether or not the current host belongs to a network. -.Sh "User Alias specifications:" -The two \fIuser aliases\fR simply groups the \f(CWFULLTIME\fR and -\f(CWPARTTIME\fR folks into two separate aliases. -.Sh "Command alias specifications:" -Command aliases are lists of commands with or without associated -command line arguments. The entries above should be self-explanatory. -.Sh "User specifications:" -.Ip "\s-1FULLTIME\s0" 16 -Full-time sysadmins in the \f(CWFULLTIME\fR alias may run any -command on any host as any user without a password. -.Ip "%wheel" 16 -Any user in the \s-1UN\s0*X group \f(CWwheel\fR may run any -command on any host. -.Ip "\s-1PARTTIME\s0" 16 -Part-time sysadmins in the \f(CWPARTTIME\fR alias may run any -command except those in the \f(CWSHELLS\fR and \f(CWSU\fR aliases -on any host. -.Ip "+interns" 16 -Any user in the netgroup \f(CWinterns\fR may run any -command except those in the \f(CWSHELLS\fR and \f(CWSU\fR aliases -on any host that is in the \f(CWopenlabs\fR netgroup. -.Ip "britt" 16 -The user \f(CWbritt\fR may run commands in the \f(CWSHUTDOWN\fR alias -on the \f(CWREMOTE\fR machines and commands in the \f(CWLPCS\fR alias -on any machine. -.Ip "jimbo" 16 -The user \f(CWjimbo\fR may \f(CWsu\fR to any user save root on the -machines on \f(CWCUNETS\fR (which is explicitly listed as a class -B network). -.Ip "nieusma" 16 -The user \f(CWnieusma\fR may run commands in the \f(CWSHUTDOWN\fR alias -as well as \fI/etc/reboot\fR on the \f(CWSERVER\fR machines and -any command except those in the \f(CWSHELLS\fR alias on the \f(CWHUB\fR -machines. -.Ip "jill" 16 -The user \f(CWjill\fR may run \f(CW/etc/shutdown -h now\fR or -\f(CW/etc/shutdown -r now\fR as well as the commands in the -\f(CWMISC\fR alias on houdini. -.Ip "markm" 16 -The user \f(CWmarkm\fR may run any command on the \f(CWHUB\fR machines -except \fI/etc/shutdown\fR, \fI/etc/halt\fR, and commands listed -in the \f(CWMISC\fR alias. -.Ip "davehieb" 16 -The user \f(CWdavehieb\fR may run any command on \f(CWmerlin\fR as any -user in the Runas_Alias \s-1OP\s0 (ie: root or operator). He may -also run \fI/etc/halt\fR on the \f(CWSERVERS\fR and any command -on \f(CWkodiakthorn\fR (no password required on \f(CWkodiakthorn\fR). -.Ip "steve" 16 -The user \f(CWsteve\fR may run any command in the \fI/usr/op_commands/\fR -directory as user \f(CWoperator\fR on the machines on \f(CWCSNETS\fR. -.SH "CAVEATS" -The \fIsudoers\fR file should \fBalways\fR be edited by the \fBvisudo\fR -command which locks the file and does grammatical checking. It is -imperative that the \fIsudoers\fR be free of syntax errors since sudo -will not run with a syntactically incorrect \fIsudoers\fR file. -.SH "FILES" -.PP -.Vb 2 -\& /etc/sudoers file of authorized users. -\& /etc/netgroup list of network groups. -.Ve -.SH "SEE ALSO" -\fIsudo\fR\|(8), \fIvisudo\fR\|(8), \fIsu\fR\|(1), \fIfnmatch\fR\|(3). - -.rn }` '' -.IX Title "sudoers 5" -.IX Name "sudoers - list of which users may execute what as root" - -.IX Header "NAME" - -.IX Header "DESCRIPTION" - -.IX Subsection "user specification format:" - -.IX Subsection "host alias section format:" - -.IX Subsection "user alias section format:" - -.IX Subsection "runas alias section format:" - -.IX Subsection "command alias section format:" - -.IX Subsection "command specification:" - -.IX Subsection "wildcards (aka meta characters):" - -.IX Item "\f(CW*\fR" - -.IX Item "\f(CW?\fR" - -.IX Item "\f(CW[...]\fR" - -.IX Item "\f(CW[!...]\fR" - -.IX Item "\f(CW\ex\fR" - -.IX Subsection "exceptions to wildcard rules:" - -.IX Item "\f(CW""\fR" - -.IX Subsection "other special characters and reserved words:" - -.IX Header "EXAMPLES" - -.IX Subsection "Host Alias specifications:" - -.IX Subsection "User Alias specifications:" - -.IX Subsection "Command alias specifications:" - -.IX Subsection "User specifications:" - -.IX Item "\s-1FULLTIME\s0" - -.IX Item "%wheel" - -.IX Item "\s-1PARTTIME\s0" - -.IX Item "+interns" - -.IX Item "britt" - -.IX Item "jimbo" - -.IX Item "nieusma" - -.IX Item "jill" - -.IX Item "markm" - -.IX Item "davehieb" - -.IX Item "steve" - -.IX Header "CAVEATS" - -.IX Header "FILES" - -.IX Header "SEE ALSO" - diff --git a/gnu/usr.bin/sudo/sudo/tgetpass.c b/gnu/usr.bin/sudo/sudo/tgetpass.c deleted file mode 100644 index e33b2f63da7..00000000000 --- a/gnu/usr.bin/sudo/sudo/tgetpass.c +++ /dev/null @@ -1,266 +0,0 @@ -/* $OpenBSD: tgetpass.c,v 1.14 1999/03/29 20:29:07 millert Exp $ */ - -/* - * CU sudo version 1.5.9 - * Copyright (c) 1996, 1998, 1999 Todd C. Miller <Todd.Miller@courtesan.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 1, or (at your option) - * any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - * - * Please send bugs, changes, problems to sudo-bugs@courtesan.com - * - ******************************************************************* - * - * This module contains tgetpass(), getpass(3) with a timeout. - * It should work on any OS that supports sgtty (4BSD), termio (SYSV), - * or termios (POSIX) line disciplines. - * - * Todd C. Miller Sun Jun 5 17:22:31 MDT 1994 - */ - -#include "config.h" - -#include <stdio.h> -#ifdef STDC_HEADERS -#include <stdlib.h> -#endif /* STDC_HEADERS */ -#ifdef HAVE_UNISTD_H -#include <unistd.h> -#endif /* HAVE_UNISTD_H */ -#ifdef HAVE_STRING_H -#include <string.h> -#endif /* HAVE_STRING_H */ -#ifdef HAVE_STRINGS_H -#include <strings.h> -#endif /* HAVE_STRINGS_H */ -#include <limits.h> -#include <pwd.h> -#include <sys/param.h> -#include <sys/types.h> -#ifdef HAVE_SYS_BSDTYPES_H -#include <sys/bsdtypes.h> -#endif /* HAVE_SYS_BSDTYPES_H */ -#ifdef HAVE_SYS_SELECT_H -#include <sys/select.h> -#endif /* HAVE_SYS_SELECT_H */ -#include <sys/time.h> -#include <errno.h> -#include <signal.h> -#include <fcntl.h> -#ifdef HAVE_TERMIOS_H -#include <termios.h> -#else -#ifdef HAVE_TERMIO_H -#include <termio.h> -#else -#include <sgtty.h> -#include <sys/ioctl.h> -#endif /* HAVE_TERMIO_H */ -#endif /* HAVE_TERMIOS_H */ -#ifdef HAVE_GETPRPWNAM -# ifdef __hpux -# include <hpsecurity.h> -# else -# include <sys/security.h> -# endif /* __hpux */ -# include <prot.h> /* for AUTH_MAX_PASSWD_LENGTH */ -#endif /* HAVE_GETPRPWNAM */ - -#include <pathnames.h> -#include "compat.h" - -#ifndef TCSASOFT -#define TCSASOFT 0 -#endif /* TCSASOFT */ - -#ifndef lint -static const char rcsid[] = "$Sudo: tgetpass.c,v 1.76 1999/03/29 04:05:13 millert Exp $"; -#endif /* lint */ - - -/****************************************************************** - * - * tgetpass() - * - * this function prints a prompt and gets a password from /dev/tty - * or stdin. Echo is turned off (if possible) during password entry - * and input will time out based on the value of timeout. - */ - -char * tgetpass(prompt, timeout) - const char *prompt; - int timeout; -{ -#ifdef HAVE_TERMIOS_H - struct termios term; -#else -#ifdef HAVE_TERMIO_H - struct termio term; -#else - struct sgttyb ttyb; -#endif /* HAVE_TERMIO_H */ -#endif /* HAVE_TERMIOS_H */ -#ifdef POSIX_SIGNALS - sigset_t oldmask; - sigset_t mask; -#else - int oldmask; -#endif /* POSIX_SIGNALS */ - int n, echo; - FILE *input, *output; - static char buf[_PASSWD_LEN + 1]; - fd_set *readfds; - struct timeval tv; - - /* - * mask out SIGINT and SIGTSTP, should probably just catch and deal. - */ -#ifdef POSIX_SIGNALS - (void) sigemptyset(&mask); - (void) sigaddset(&mask, SIGINT); - (void) sigaddset(&mask, SIGTSTP); - (void) sigprocmask(SIG_BLOCK, &mask, &oldmask); -#else - oldmask = sigblock(sigmask(SIGINT)|sigmask(SIGTSTP)); -#endif - - /* - * open /dev/tty for reading/writing if possible or use - * stdin and stderr instead. - */ - if ((input = fopen(_PATH_TTY, "r+")) == NULL) { - input = stdin; - output = stderr; - } else { - output = input; - setbuf(output, NULL); - } - - /* print the prompt */ - if (prompt) - fputs(prompt, output); - - /* rewind if necesary */ - if (input == output) { - (void) fflush(output); - (void) rewind(output); - } - - /* - * turn off echo - */ -#ifdef HAVE_TERMIOS_H - (void) tcgetattr(fileno(input), &term); - if ((echo = (term.c_lflag & ECHO))) { - term.c_lflag &= ~ECHO; - (void) tcsetattr(fileno(input), TCSAFLUSH|TCSASOFT, &term); - } -#else -#ifdef HAVE_TERMIO_H - (void) ioctl(fileno(input), TCGETA, &term); - if ((echo = (term.c_lflag & ECHO))) { - term.c_lflag &= ~ECHO; - (void) ioctl(fileno(input), TCSETA, &term); - } -#else - (void) ioctl(fileno(input), TIOCGETP, &ttyb); - if ((echo = (ttyb.sg_flags & ECHO))) { - ttyb.sg_flags &= ~ECHO; - (void) ioctl(fileno(input), TIOCSETP, &ttyb); - } -#endif /* HAVE_TERMIO_H */ -#endif /* HAVE_TERMIOS_H */ - - /* - * Timeout of <= 0 means no timeout - */ - if (timeout > 0) { - /* setup for select(2) */ - n = howmany(fileno(input) + 1, NFDBITS) * sizeof(fd_mask); - if ((readfds = (fd_set *) malloc(n)) == NULL) { - (void) fprintf(stderr, "Cannot allocate memory: "); - perror(""); - return(NULL); - } - (void) memset((VOID *)readfds, 0, n); - FD_SET(fileno(input), readfds); - - /* set timeout for select */ - tv.tv_sec = timeout; - tv.tv_usec = 0; - - /* - * get password or return empty string if nothing to read by timeout - */ - buf[0] = '\0'; - while ((n = select(fileno(input) + 1, readfds, 0, 0, &tv)) == -1 && - errno == EINTR) - ; - if (n != 0 && fgets(buf, sizeof(buf), input)) { - n = strlen(buf); - if (buf[n - 1] == '\n') - buf[n - 1] = '\0'; - } - (void) free(readfds); - } else { - buf[0] = '\0'; - if (fgets(buf, sizeof(buf), input)) { - n = strlen(buf); - if (buf[n - 1] == '\n') - buf[n - 1] = '\0'; - } - } - - /* turn on echo */ -#ifdef HAVE_TERMIOS_H - if (echo) { - term.c_lflag |= ECHO; - (void) tcsetattr(fileno(input), TCSAFLUSH|TCSASOFT, &term); - } -#else -#ifdef HAVE_TERMIO_H - if (echo) { - term.c_lflag |= ECHO; - (void) ioctl(fileno(input), TCSETA, &term); - } -#else - if (echo) { - ttyb.sg_flags |= ECHO; - (void) ioctl(fileno(input), TIOCSETP, &ttyb); - } -#endif /* HAVE_TERMIO_H */ -#endif /* HAVE_TERMIOS_H */ - - /* rewind if necesary */ - if (input == output) { - (void) fflush(output); - (void) rewind(output); - } - - /* print a newline since echo is turned off */ - (void) fputc('\n', output); - - /* restore old signal mask */ -#ifdef POSIX_SIGNALS - (void) sigprocmask(SIG_SETMASK, &oldmask, NULL); -#else - (void) sigsetmask(oldmask); -#endif - - /* close /dev/tty if that's what we opened */ - if (input != stdin) - (void) fclose(input); - - return(buf); -} diff --git a/gnu/usr.bin/sudo/sudo/version.h b/gnu/usr.bin/sudo/sudo/version.h deleted file mode 100644 index 260cd1f7a3e..00000000000 --- a/gnu/usr.bin/sudo/sudo/version.h +++ /dev/null @@ -1,31 +0,0 @@ -/* $OpenBSD: version.h,v 1.11 1999/03/29 20:29:07 millert Exp $ */ - -/* - * CU sudo version 1.5.9 - * Copyright (c) 1996, 1998, 1999 Todd C. Miller <Todd.Miller@courtesan.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 1, or (at your option) - * any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - * - * Please send bugs, changes, problems to sudo-bugs@courtesan.com - * - * $Sudo: version.h,v 1.51 1999/03/29 04:05:14 millert Exp $ - */ - -#ifndef _SUDO_VERSION_H -#define _SUDO_VERSION_H - -static const char version[] = "1.5.9"; - -#endif /* _SUDO_VERSION_H */ diff --git a/gnu/usr.bin/sudo/visudo/Makefile b/gnu/usr.bin/sudo/visudo/Makefile deleted file mode 100644 index b0f774af0f0..00000000000 --- a/gnu/usr.bin/sudo/visudo/Makefile +++ /dev/null @@ -1,24 +0,0 @@ -# $OpenBSD: Makefile,v 1.3 1999/03/29 20:29:08 millert Exp $ - -PROG= visudo -MAN= visudo.8 -CFLAGS+=-I${.CURDIR}/../sudo -I. -SRCS= sudo.tab.c lex.yy.c visudo.c alloc.c -CLEANFILES+=sudo.tab.c sudo.tab.h lex.yy.c -.PATH: ${.CURDIR}/../sudo - -LDADD= -lcompat -DPADD= ${LIBCOMPAT} - -BINOWN= root -BINMODE=111 -BINDIR?=/usr/sbin - -.include <bsd.prog.mk> - -lex.yy.c: ${.CURDIR}/../sudo/parse.lex - rm -f lex.yy.c - $(LEX) ${.CURDIR}/../sudo/parse.lex - -sudo.tab.c sudo.tab.h: ${.CURDIR}/../sudo/parse.yacc - $(YACC) -b sudo -d ${.CURDIR}/../sudo/parse.yacc diff --git a/gnu/usr.bin/sudo/visudo/visudo.8 b/gnu/usr.bin/sudo/visudo/visudo.8 deleted file mode 100644 index 7443749bef6..00000000000 --- a/gnu/usr.bin/sudo/visudo/visudo.8 +++ /dev/null @@ -1,311 +0,0 @@ -.rn '' }` -''' $OpenBSD: visudo.8,v 1.10 1999/03/29 20:29:08 millert Exp $ -''' -.de Sh -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. -.de Sp -.if t .sp .5v -.if n .sp -.. -.de Ip -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. -.de Vb -.ft CW -.nf -.ne \\$1 -.. -.de Ve -.ft R - -.fi -.. -''' -''' -''' Set up \*(-- to give an unbreakable dash; -''' string Tr holds user defined translation string. -''' Bell System Logo is used as a dummy character. -''' -.tr \(*W-|\(bv\*(Tr -.ie n \{\ -.ds -- \(*W- -.ds PI pi -.if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -.if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -.ds L" "" -.ds R" "" -''' \*(M", \*(S", \*(N" and \*(T" are the equivalent of -''' \*(L" and \*(R", except that they are used on ".xx" lines, -''' such as .IP and .SH, which do another additional levels of -''' double-quote interpretation -.ds M" """ -.ds S" """ -.ds N" """"" -.ds T" """"" -.ds L' ' -.ds R' ' -.ds M' ' -.ds S' ' -.ds N' ' -.ds T' ' -'br\} -.el\{\ -.ds -- \(em\| -.tr \*(Tr -.ds L" `` -.ds R" '' -.ds M" `` -.ds S" '' -.ds N" `` -.ds T" '' -.ds L' ` -.ds R' ' -.ds M' ` -.ds S' ' -.ds N' ` -.ds T' ' -.ds PI \(*p -'br\} -.\" If the F register is turned on, we'll generate -.\" index entries out stderr for the following things: -.\" TH Title -.\" SH Header -.\" Sh Subsection -.\" Ip Item -.\" X<> Xref (embedded -.\" Of course, you have to process the output yourself -.\" in some meaninful fashion. -.if \nF \{ -.de IX -.tm Index:\\$1\t\\n%\t"\\$2" -.. -.nr % 0 -.rr F -.\} -.TH visudo 8 "1.5.9" "17/Jan/99" "MAINTENANCE COMMANDS" -.UC -.if n .hy 0 -.if n .na -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' -.de CQ \" put $1 in typewriter font -.ft CW -'if n "\c -'if t \\&\\$1\c -'if n \\&\\$1\c -'if n \&" -\\&\\$2 \\$3 \\$4 \\$5 \\$6 \\$7 -'.ft R -.. -.\" @(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2 -. \" AM - accent mark definitions -.bd B 3 -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds ? ? -. ds ! ! -. ds / -. ds q -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds ? \s-2c\h'-\w'c'u*7/10'\u\h'\*(#H'\zi\d\s+2\h'\w'c'u*8/10' -. ds ! \s-2\(or\s+2\h'-\w'\(or'u'\v'-.8m'.\v'.8m' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -. ds q o\h'-\w'o'u*8/10'\s-4\v'.4m'\z\(*i\v'-.4m'\s+4\h'\w'o'u*8/10' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds v \\k:\h'-(\\n(.wu*9/10-\*(#H)'\v'-\*(#V'\*(#[\s-4v\s0\v'\*(#V'\h'|\\n:u'\*(#] -.ds _ \\k:\h'-(\\n(.wu*9/10-\*(#H+(\*(#F*2/3))'\v'-.4m'\z\(hy\v'.4m'\h'|\\n:u' -.ds . \\k:\h'-(\\n(.wu*8/10)'\v'\*(#V*4/10'\z.\v'-\*(#V*4/10'\h'|\\n:u' -.ds 3 \*(#[\v'.2m'\s-2\&3\s0\v'-.2m'\*(#] -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -.ds oe o\h'-(\w'o'u*4/10)'e -.ds Oe O\h'-(\w'O'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds v \h'-1'\o'\(aa\(ga' -. ds _ \h'-1'^ -. ds . \h'-1'. -. ds 3 3 -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -. ds oe oe -. ds Oe OE -.\} -.rm #[ #] #H #V #F C -.SH "NAME" -visudo \- edit the sudoers file -.SH "SYNOPSIS" -\fBvisudo\fR [ \fB\-V\fR ] -.SH "DESCRIPTION" -\fBvisudo\fR edits the \fIsudoers\fR file in a safe fashion, analogous to -\fIvipw\fR\|(8). \fBvisudo\fR locks the \fIsudoers\fR file against multiple -simultaneous edits, provides basic sanity checks, and checks -for parse errors. If the \fIsudoers\fR file is currently being -edited you will receive a message to try again later. In the -default configuration, the \fIvi\fR\|(1) editor is used, but there is -a compile time option to allow use of whatever editor the -environment variables \f(CWEDITOR\fR or \f(CWVISUAL\fR are set to. -.PP -\fBvisudo\fR parses the \fIsudoers\fR file after the edit and will -not save the changes if there is a syntax error. Upon finding -an error, a message will be printed stating the line \fInumber\fR\|(s) -that the error occurred on and the user will receive the -\*(L"What now?\*(R" prompt. At this point the user may enter \*(L"e\*(R" -to re-edit the \fIsudoers\fR file, enter \*(L"x\*(R" to exit without -saving the changes, or \*(L"Q\*(R" to quit and save changes. The -\*(L"Q\*(R" option should be used with extreme care because if \fBvisudo\fR -believes there to be a parse error, so will \fBsudo\fR and no one -will be able to execute \fBsudo\fR again until the error is fixed. -Any other command at this prompt will print a short help message. -When editing the \fIsudoers\fR file after a parse error has been -detected the cursor will be placed on the line where the error -occurred (if the editor supports this feature). -.SH "OPTIONS" -\fBvisudo\fR accepts the following command line option: -.Ip "-V" 4 -The \f(CW-V\fR (version) option causes \fBvisudo\fR to print the version number -and exit. -.SH "ERRORS" -.Ip "sudoers file busy, try again later." 4 -Either someone is currently editing the \fIsudoers\fR file -or there is a stale sudoers lock file (/etc/stmp by default) -that you need to delete. -.Ip "/etc/stmp: Permission denied" 4 -You didn't run \fBvisudo\fR as root. -.Ip "Can't find you in the passwd database" 4 -Your userid does not appear in the passwd file. -.SH "FILES" -.Sp -.Vb 2 -\& /etc/sudoers file of authorized users. -\& /etc/stmp lock file for visudo. -.Ve -.SH "ENVIRONMENT VARIABLES" -The following are used only if \fBvisudo\fR was compiled with the -\fIENV_EDITOR\fR option: -.Sp -.Vb 2 -\& EDITOR Used by visudo as the editor to use. -\& VISUAL Used by visudo if EDITOR is not set. -.Ve -.SH "AUTHOR" -Many people have worked on \fIsudo\fR over the years, this version of -\fBvisudo\fR was written by: -.Sp -.Vb 1 -\& Todd Miller <Todd.Miller@courtesan.com> -.Ve -See the HISTORY file in the sudo distribution for more details. -.Sp -Please send all bugs, comments, and changes to sudo-bugs@courtesan.com. -.SH "DISCLAIMER" -This program is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. -.Sp -You should have received a copy of the GNU General Public License along -with this program; if not, write to the Free Software Foundation, Inc., -675 Mass Ave, Cambridge, MA 02139, USA. -.SH "CAVEATS" -Due to the syntax of the \fIsudoers\fR file, there is no way -for \fBvisudo\fR to tell the difference between a mistyped -{Host,User,Cmnd}_Alias and a user or host name. -.Sp -There is no easy way to prevent a user from gaining a root shell if -the editor used by \fBvisudo\fR allows shell escapes. -.SH "BUGS" -The \fI\-V\fR flag gives the version of the \fIsudo\fR package rather than -the individual \fBvisudo\fR program. -.SH "SEE ALSO" -\fIsudo\fR\|(8), \fIvipw\fR\|(8). - -.rn }` '' -.IX Title "visudo 8" -.IX Name "visudo - edit the sudoers file" - -.IX Header "NAME" - -.IX Header "SYNOPSIS" - -.IX Header "DESCRIPTION" - -.IX Header "OPTIONS" - -.IX Item "-V" - -.IX Header "ERRORS" - -.IX Item "sudoers file busy, try again later." - -.IX Item "/etc/stmp: Permission denied" - -.IX Item "Can't find you in the passwd database" - -.IX Header "FILES" - -.IX Header "ENVIRONMENT VARIABLES" - -.IX Header "AUTHOR" - -.IX Header "DISCLAIMER" - -.IX Header "CAVEATS" - -.IX Header "BUGS" - -.IX Header "SEE ALSO" - diff --git a/gnu/usr.bin/sudo/visudo/visudo.c b/gnu/usr.bin/sudo/visudo/visudo.c deleted file mode 100644 index e6a54cf064d..00000000000 --- a/gnu/usr.bin/sudo/visudo/visudo.c +++ /dev/null @@ -1,529 +0,0 @@ -/* $OpenBSD: visudo.c,v 1.11 1999/03/29 20:29:08 millert Exp $ */ - -/* - * CU sudo version 1.5.9 - * Copyright (c) 1996, 1998, 1999 Todd C. Miller <Todd.Miller@courtesan.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 1, or (at your option) - * any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - * - * Please send bugs, changes, problems to sudo-bugs@courtesan.com - * - ******************************************************************* - * - * visudo.c -- locks the sudoers file for safe editing and check - * for parse errors. - * - * Todd C. Miller <Todd.Miller@courtesan.com> Sat Mar 25 21:50:36 MST 1995 - */ - -#include "config.h" - -#include <stdio.h> -#ifdef STDC_HEADERS -#include <stdlib.h> -#endif /* STDC_HEADERS */ -#ifdef HAVE_UNISTD_H -#include <unistd.h> -#endif /* HAVE_UNISTD_H */ -#ifdef HAVE_STRING_H -#include <string.h> -#endif /* HAVE_STRING_H */ -#ifdef HAVE_STRINGS_H -#include <strings.h> -#endif /* HAVE_STRINGS_H */ -#if defined(HAVE_MALLOC_H) && !defined(STDC_HEADERS) -#include <malloc.h> -#endif /* HAVE_MALLOC_H && !STDC_HEADERS */ -#include <ctype.h> -#include <pwd.h> -#include <signal.h> -#include <errno.h> -#include <fcntl.h> -#include <sys/types.h> -#include <sys/param.h> -#include <sys/stat.h> -#include <sys/file.h> -#include <netinet/in.h> - -#include "sudo.h" -#include "version.h" - -#ifndef STDC_HEADERS -#ifndef __GNUC__ /* gcc has its own malloc */ -extern char *malloc __P((size_t)); -#endif /* __GNUC__ */ -extern char *getenv __P((const char *)); -extern int stat __P((const char *, struct stat *)); -#endif /* !STDC_HEADERS */ - -#if defined(POSIX_SIGNALS) && !defined(SA_RESETHAND) -#define SA_RESETHAND 0 -#endif /* POSIX_SIGNALS && !SA_RESETHAND */ - -#ifndef lint -static const char rcsid[] = "$Sudo: visudo.c,v 1.100 1999/03/29 04:05:14 millert Exp $"; -#endif /* lint */ - -/* - * Function prototypes - */ -static void usage __P((void)); -static char whatnow __P((void)); -static void whatnow_help __P((void)); -static RETSIGTYPE Exit __P((int)); -static void setup_signals __P((void)); -int command_matches __P((char *, char *, char *, char *)); -int addr_matches __P((char *)); -int netgr_matches __P((char *, char *, char *)); -int usergr_matches __P((char *, char *)); -void init_parser __P((void)); - - -/* - * External globals - */ -extern FILE *yyin, *yyout; -extern int errorlineno, sudolineno; - - -/* - * Globals - */ -char **Argv; -char **NewArgv = NULL; -int NewArgc = 0; -char *sudoers = _PATH_SUDO_SUDOERS; -char *stmp = _PATH_SUDO_STMP; -int parse_error = FALSE; -char *runas_user = RUNAS_DEFAULT; - -/* - * For the parsing routines - */ -char host[] = ""; -char *shost = ""; -char *cmnd = ""; -char *cmnd_args = NULL; -struct passwd *user_pw_ent; - - -/******************************************************************** - * - * main() - * - * where it all begins... - */ - -int main(argc, argv) - int argc; - char **argv; -{ - char buf[MAXPATHLEN*2]; /* buffer used for copying files */ - char * Editor = EDITOR; /* editor to use (default is EDITOR */ - int sudoers_fd; /* sudoers file descriptor */ - int stmp_fd; /* stmp file descriptor */ - int n; /* length parameter */ - - (void) setbuf(stderr, (char *)NULL); /* unbuffered stderr */ - - /* - * Parse command line options - */ - Argv = argv; - - /* - * If passesd -V then print version, else print usage - * if any other option... - */ - if (argc == 2) { - if (!strcmp(Argv[1], "-V")) { - (void) printf("visudo version %s\n", version); - exit(0); - } else { - usage(); - } - } else if (argc != 1) { - usage(); - } - - /* user_pw_ent needs to point to something... */ - if ((user_pw_ent = getpwuid(getuid())) == NULL) { - (void) fprintf(stderr, "%s: Can't find you in the passwd database: ", - Argv[0]); - perror(stmp); - exit(1); - } - -#ifdef ENV_EDITOR - /* - * If we are allowing EDITOR and VISUAL envariables set Editor - * base on whichever exists... - */ - if (!(Editor = getenv("EDITOR"))) - if (!(Editor = getenv("VISUAL"))) - Editor = EDITOR; -#endif /* ENV_EDITOR */ - - /* - * Copy sudoers file to stmp - */ - stmp_fd = open(stmp, O_WRONLY | O_CREAT | O_EXCL, 0600); - if (stmp_fd < 0) { - if (errno == EEXIST) { - (void) fprintf(stderr, "%s: sudoers file busy, try again later.\n", - Argv[0]); - exit(1); - } - (void) fprintf(stderr, "%s: ", Argv[0]); - perror(stmp); - Exit(-1); - } - - /* install signal handler to clean up stmp */ - setup_signals(); - - sudoers_fd = open(sudoers, O_RDONLY); - if (sudoers_fd < 0 && errno != ENOENT) { - (void) fprintf(stderr, "%s: ", Argv[0]); - perror(sudoers); - Exit(-1); - } - - /* - * Copy the data - */ - if (sudoers_fd >= 0) { - while ((n = read(sudoers_fd, buf, sizeof(buf))) > 0) - if (write(stmp_fd, buf, n) != n) { - (void) fprintf(stderr, "%s: Write failed: ", Argv[0]); - perror(""); - Exit(-1); - } - - (void) close(sudoers_fd); - } - (void) close(stmp_fd); - - /* - * Edit the temp file and parse it (for sanity checking) - */ - do { - /* - * Build up a buffer to execute - */ - if (strlen(Editor) + strlen(stmp) + 30 > sizeof(buf)) { - (void) fprintf(stderr, "%s: Buffer too short (line %d).\n", - Argv[0], __LINE__); - Exit(-1); - } - if (parse_error == TRUE) - (void) sprintf(buf, "%s +%d %s", Editor, errorlineno, stmp); - else - (void) sprintf(buf, "%s %s", Editor, stmp); - - /* do the edit -- some SYSV editors return 256 instead of 0 */ - n = system(buf); - if (n == 0 || n == 256) { - struct stat statbuf; /* for sanity checking */ - - /* make sure stmp exists */ - if (stat(stmp, &statbuf) < 0) { - (void) fprintf(stderr, - "%s: Can't stat temporary file (%s), %s unchanged.\n", - Argv[0], stmp, sudoers); - Exit(-1); - } - - /* check for zero length file */ - if (statbuf.st_size == 0) { - (void) fprintf(stderr, - "%s: Zero length temporary file (%s), %s unchanged.\n", - Argv[0], stmp, sudoers); - Exit(-1); - } - - /* - * passed sanity checks so reopen stmp file and check - * for parse errors. - */ - yyout = stdout; - if (parse_error) - yyin = freopen(stmp, "r", yyin); - else - yyin = fopen(stmp, "r"); - if (yyin == NULL) { - (void) fprintf(stderr, - "%s: Can't re-open temporary file (%s), %s unchanged.\n", - Argv[0], stmp, sudoers); - Exit(-1); - } - - /* clean slate for each parse */ - init_parser(); - - /* parse the sudoers file */ - if (yyparse() && parse_error != TRUE) { - (void) fprintf(stderr, - "%s: Failed to parse temporary file (%s), unknown error.\n", - Argv[0], stmp); - parse_error = TRUE; - } - } else { - (void) fprintf(stderr, "%s: Editor (%s) failed, %s unchanged.\n", - Argv[0], Editor, sudoers); - Exit(-1); - } - - /* - * Prompt the user for what to do now - */ - if (parse_error == TRUE) { - switch (whatnow()) { - case 'q' : parse_error = FALSE; /* ignore parse error */ - break; - case 'x' : Exit(0); - break; - } - } - } while (parse_error == TRUE); - - /* - * Change mode and ownership of temp file so when - * we move it to sudoers things are kosher. - */ - if (chown(stmp, SUDOERS_UID, SUDOERS_GID)) { - (void) fprintf(stderr, - "%s: Unable to set (uid, gid) of %s to (%d, %d): ", - Argv[0], stmp, SUDOERS_UID, SUDOERS_GID); - perror(""); - Exit(-1); - } - if (chmod(stmp, SUDOERS_MODE)) { - (void) fprintf(stderr, - "%s: Unable to change mode of %s to %o: ", - Argv[0], stmp, SUDOERS_MODE); - perror(""); - Exit(-1); - } - - /* - * Now that we have a sane stmp file (parse ok) it needs to be - * rename(2)'d to sudoers. If the rename(2) fails we try using - * mv(1) in case stmp and sudoers are on different filesystems. - */ - if (rename(stmp, sudoers)) { - if (errno == EXDEV) { - char *tmpbuf; - - (void) fprintf(stderr, - "%s: %s and %s not on the same filesystem, using mv to rename.\n", - Argv[0], stmp, sudoers); - - /* Allocate just enough space for tmpbuf */ - n = sizeof(char) * (strlen(_PATH_MV) + strlen(stmp) + - strlen(sudoers) + 4); - if ((tmpbuf = (char *) malloc(n)) == NULL) { - (void) fprintf(stderr, - "%s: Cannot alocate memory, %s unchanged: ", - Argv[0], sudoers); - perror(""); - Exit(-1); - } - - /* Build up command and execute it */ - (void) sprintf(tmpbuf, "%s %s %s", _PATH_MV, stmp, sudoers); - if (system(tmpbuf)) { - (void) fprintf(stderr, - "%s: Command failed: '%s', %s unchanged.\n", - Argv[0], tmpbuf, sudoers); - Exit(-1); - } - (void) free(tmpbuf); - } else { - (void) fprintf(stderr, "%s: Error renaming %s, %s unchanged: ", - Argv[0], stmp, sudoers); - perror(""); - Exit(-1); - } - } - - return(0); -} - - -/******************************************************************** - * - * dummy *_matches routines - * - * These exist to allow us to use the same parser as sudo(8). - */ - -int command_matches(cmnd, user_args, path, sudoers_args) - char *cmnd; - char *user_args; - char *path; - char *sudoers_args; -{ - return(TRUE); -} - - -int addr_matches(n) - char *n; -{ - return(TRUE); -} - -int usergr_matches(g, u) - char *g, *u; -{ - return(TRUE); -} - - -int netgr_matches(n, h, u) - char *n, *h, *u; -{ - return(TRUE); -} - - -/******************************************************************** - * - * usage() - * - * Prints a help message and exits w/ exit value of 1. - */ - -static void usage() -{ - (void) fprintf(stderr, "usage: %s [-V]\n", Argv[0]); - Exit(-1); -} - - -/******************************************************************** - * - * Exit() - * - * Unlinks the sudoers temp file (if it exists) and exits. - * Used in place of a normal exit() and as a signal handler. - * A positive parameter is considered to be a signal and is reported. - */ - -static RETSIGTYPE Exit(sig) - int sig; -{ - (void) unlink(stmp); - - if (sig > 0) - (void) fprintf(stderr, "%s exiting, caught signal %d.\n", Argv[0], sig); - - exit(-sig); -} - - -/******************************************************************** - * - * whatnow() - * - * Assuming a parse error occurred, prompt the user for what they want - * to do now. Returns first letter of their choice (always lowercase). - */ - -static char whatnow() -{ - char choice; - int ok; - - do { - ok = FALSE; - (void) fputs("What now? ", stdout); - if ((choice = getchar()) != '\n') - while (getchar() != '\n') - ; - - if (choice == 'e' || choice == 'x' || choice == 'Q') - ok = TRUE; - - /* help message if they gavce us garbage */ - if (!ok) - whatnow_help(); - - } while (!ok); - - return(choice); -} - - -/******************************************************************** - * - * whatnow_help() - * - * Print out a help message for whatnow(). - */ - -static void whatnow_help() -{ - (void) printf("Options are:\n"); - (void) printf(" (e)dit sudoers file again\n"); - (void) printf(" e(x)it without saving changes to sudoers file\n"); - (void) printf(" (Q)uit and save changes to sudoers file (DANGER!)\n\n"); -} - - -/******************************************************************** - * - * setup_signals() - * - * Install signal handlers for visudo. - */ - -static void setup_signals() -{ -#ifdef POSIX_SIGNALS - struct sigaction action; /* posix signal structure */ -#endif /* POSIX_SIGNALS */ - - /* - * Setup signal handlers - */ -#ifdef POSIX_SIGNALS - (void) memset((VOID *)&action, 0, sizeof(action)); - action.sa_handler = Exit; - action.sa_flags = SA_RESETHAND; - (void) sigaction(SIGILL, &action, NULL); - (void) sigaction(SIGTRAP, &action, NULL); - (void) sigaction(SIGBUS, &action, NULL); - (void) sigaction(SIGSEGV, &action, NULL); - (void) sigaction(SIGTERM, &action, NULL); - - action.sa_handler = SIG_IGN; - action.sa_flags = 0; - (void) sigaction(SIGHUP, &action, NULL); - (void) sigaction(SIGINT, &action, NULL); - (void) sigaction(SIGQUIT, &action, NULL); -#else - (void) signal(SIGILL, Exit); - (void) signal(SIGTRAP, Exit); - (void) signal(SIGBUS, Exit); - (void) signal(SIGSEGV, Exit); - (void) signal(SIGTERM, Exit); - - (void) signal(SIGHUP, SIG_IGN); - (void) signal(SIGINT, SIG_IGN); - (void) signal(SIGQUIT, SIG_IGN); -#endif /* POSIX_SIGNALS */ -} |