src - OpenBSD base system

Age	Commit message (Collapse)	Author
2015-09-19	doas doesn't need any files to be passed in. closefrom STDERR+1. ok benno	Ted Unangst

2015-09-03	replace permfail calls with errc. the permfail calls had been retained for	Ted Unangst
	clarity and/or future use, but if people send me diffs fixing it, it's not worth fighting for. from Martin Natano
2015-09-01	increment the line number after the line continuation; ok tedu	Mike Belopuhov

2015-09-01	only need to restrict exec path if the rule specifies a command.	Ted Unangst
	add a hint about path restrictions to man page. ok deraadt espie
2015-08-28	Document an example that lets root run unrestricted doas commands as	Reyk Floeter
	root ("permit nopass keepenv root as root"), matching the old behaviour from OpenBSD's sudoers file ("root ALL=(ALL) SETENV: ALL"). OK sthen@
2015-08-27	add a type of "auth-doas" to the perm check to allow login.conf fiddling	Ted Unangst
	originally proposed by halex
2015-08-22	Add cwd context to syslog entry.	Doug Hogan
	input + ok tedu@, ok benno@
2015-08-20	Show program name for permission failure messages.	Rafael Zalamena
	ok espie@, tedu@.
2015-08-13	and now we can unify the code. okay tedu@	Marc Espie
	err() suggestion by Martijn van Duren
2015-08-12	more explicit warnings. Okay tedu@	Marc Espie

2015-08-03	remove an extra getuid call, reported by Martijn van Duren	Ted Unangst

2015-07-30	make gid parsing look like uid parsing. from Martijn van Duren	Ted Unangst
	ack deraadt
2015-07-30	Fix usage examples.	Vadim Zhukov
	From Theo Buehler on misc@, thanks! okay jmc@, deraadt@.
2015-07-29	refine a comment	Ted Unangst

2015-07-28	wrap some exceedingly long lines	Theo de Raadt

2015-07-28	Rename some variables and add few comments in keepenv handling code.	Vadim Zhukov
	Makes the code more readable. okay tedu@
2015-07-28	Fix keepenv handling. Initially reported by Ze Loff on misc@.	Vadim Zhukov
	tedu@ agrees.
2015-07-27	default permitted target is all users, not root.	Ted Unangst

2015-07-27	some improvements from michael reed;	Jason McIntyre

2015-07-27	Add -n to usage. As noticed by Theo Buehler.	Marc Espie

2015-07-26	small clarifications	Ted Unangst

2015-07-26	checkconfig doesn't return anymore, noted by zhuk	Ted Unangst

2015-07-26	nflag (as in sudo, force non-interactive mode)	Marc Espie
	as discussed with ted@
2015-07-26	Oops, CVS mismerged changes, resulting in compilable and mostly working,	Vadim Zhukov
	but somewhat wrong code. Well, the CVS mismerged but I just missed.
2015-07-26	tweak config checking slightly	Ted Unangst

2015-07-26	Stop exiting on cmdline overflow: it's used only for logging, so aborting	Vadim Zhukov
	the whole process is stupid, and actually breaks things. Noticed and analyzed by as well as input from nigel@. Okay tedu@, espie@ and (if I understood correctly) hall@
2015-07-26	Implement command matching without execution. This just extends	Vadim Zhukov
	functionality of the -C flag, so we are not introducing more garbage. Input and okay from jmc@ (documentation) and tedu@ (everything).
2015-07-24	Further improve syntax error reporting in doas:	Vadim Zhukov
	- teach parser to recover after error, allowing to report many errors instead of the first one only; - fix remaining error printouts without exact position. Some ideas were taken from diff sent by dlg@ earlier, thanks! okay tedu@, dlg@
2015-07-23	tweak previous;	Jason McIntyre

2015-07-22	Implement quoting support in doas.conf. Now you can pass environment	Vadim Zhukov
	variables and arguments with almost any values. As a bonus, doas will now point to exact place where syntax error occured most of times; there is some room for improvement, though. okay tedu@
2015-07-22	Small tweaks:	Vadim Zhukov
	- whitespace on empty line; - use getuid() consistently. okay tedu@
2015-07-22	tweak previous; ok zhuk	Jason McIntyre

2015-07-22	one whitespace out of place	Theo de Raadt

2015-07-21	options w/o args go first in SYNOPSIS, and add -C to usage();	Jason McIntyre

2015-07-21	oops, previous commit regarding cases should have just been for parse.y.	Ted Unangst
	then a commit that says: add a -C option to check config files without running. ok halex then this commit: use setresuid to be explicit. suggested by deraadt
2015-07-21	cases should line up with switch, from Dimitris Papastamos	Ted Unangst

2015-07-21	Add argument matching support to doas.	Vadim Zhukov
	Input and generic support from many. Final okay from tedu@.
2015-07-20	SHELL is out, from Michael Reed	Ted Unangst

2015-07-20	whitespace;	Jason McIntyre

2015-07-20	sf points out sudo doesn't allow SHELL in children	Ted Unangst

2015-07-20	check that badlisted env has = after the name	Ted Unangst

2015-07-20	rescope and rename some variables to reduce pressure on the alphabet	Ted Unangst

2015-07-20	introduce a minimal badset ($ENV) for environment stripping so that	Ted Unangst
	root shells read the right .kshrc
2015-07-19	wrap long lines and kill some whitespace	Sebastian Benoit

2015-07-19	In the config file allow line continuations with backslashes.	Sebastian Benoit
	Document this, and comments and environment variables. ok tedu@
2015-07-19	whitespace;	Jason McIntyre

2015-07-19	spell out complete path to config file, okay tedu@	Marc Espie

2015-07-19	sudo emulation: if execvpe fails with ENOENT, print "command not found"	Ted Unangst
	requested by krw
2015-07-18	rearrange variable decls a little	Ted Unangst

2015-07-18	Add RCS ID.	Brian Callahan
	ok deraadt@