summaryrefslogtreecommitdiff
path: root/usr.bin/doas
AgeCommit message (Expand)Author
2017-01-14add a geteuid check to make sure we're root before plowing into setauth.Ted Unangst
2017-01-02envlist and arglist are both string lists; simplifyTed Unangst
2016-12-29it has been six months and two days... remove keepenv { obsolete } syntaxTed Unangst
2016-12-05Be more explicit about the "args" syntax.Ingo Schwarze
2016-11-10missing semicolon at end of rule. yacc doesn't seem to mind, though.Ted Unangst
2016-10-05Add back the call to yyparse() that was accidentally dropped in theTheo Buehler
2016-10-05move yyparse decl next to yyfpTed Unangst
2016-10-05as a result of the env rework, arraylen() is only used in parse.y.Ted Unangst
2016-09-15use static in the right places to seperate modules betterTheo de Raadt
2016-09-04-L means no commandTed Unangst
2016-09-04don't allow combining nopass and persist in a single ruleTed Unangst
2016-09-03the sudo timeout was 5 minutes i believe, so we'll match that.Ted Unangst
2016-09-02clarify that -L will exit without running a command.Ted Unangst
2016-09-02add support for the verified auth ioctls using 'persist' rules.Ted Unangst
2016-09-01unconst these parameters; i won't be changing bsd auth today.Ted Unangst
2016-09-01move the authentication code to a functionTed Unangst
2016-07-18The string with path to shell could be taken directly from struct passwd.Vadim Zhukov
2016-07-12add "recvfd" to doas(1) for use with skey.Sebastien Marie
2016-07-10rename variable for consistencyTed Unangst
2016-06-27minor tweaks; ok teduJason McIntyre
2016-06-27somehow nopass snuck onto the :wheel example. i think it's better without.Ted Unangst
2016-06-27revise environment handling.Ted Unangst
2016-06-24move a space to the correct spotTed Unangst
2016-06-19Move the RB_ code from doas.h to env.c, and limit the environment interface to aMartijn van Duren
2016-06-16the environment handling code was showing its age. just because environTed Unangst
2016-06-11don't use specified twice in a sentence, noticed by jmcTed Unangst
2016-06-11clarify some wordingTed Unangst
2016-06-11specify that default is deny if no rule matchesTed Unangst
2016-06-11expand contractionsTed Unangst
2016-06-11tighten up some wordingTed Unangst
2016-06-07revert recent changes to allow setenv. everybody now has an idea aboutTed Unangst
2016-06-07merge setenv feature into keepenv. less grammar, more better.Ted Unangst
2016-06-05spelling fix;Jason McIntyre
2016-06-05add a doas.conf setenv directive that allows setting environmentDamien Miller
2016-04-28set progname to doas so users can't create bizarro fake logsTed Unangst
2016-04-27adjust yyerror() to precede with "progname: " the error message stringGleydson Soares
2016-02-15Do a carriage return before password prompt.martijn
2016-02-07require a tty for the password.Ted Unangst
2016-01-24make sure of cleaning rbuf with explicit_bzero(3)Gleydson Soares
2016-01-02tweak previous;Jason McIntyre
2016-01-01doas.conf lives in /etc. from Amit KulkarniTed Unangst
2015-12-08semarie noticed that auth failures don't set errno. just print a genericTed Unangst
2015-12-08Support -a <auth_style> in doas(1). Allows specifying a non-default authStuart Henderson
2015-12-04espie reminds me that EOF can happen for errors as well, so check for thatTed Unangst
2015-12-03use the more direct auth interfaces so we can provide a custom passwordTed Unangst
2015-11-27after reading a too long line, restart at the beginning of the buffer soTed Unangst
2015-10-24setusercontext() may still need "getpw" pledge rights; unbreaks doas on ypMiod Vallat
2015-10-22copying of the environment can be done later, as the user runningTed Unangst
2015-10-22pledge in doas. startup pledge "stdio rpath getpw proc exec id". 4Theo de Raadt
2015-09-19doas doesn't need any files to be passed in. closefrom STDERR+1. ok bennoTed Unangst