From Todd.Miller at courtesan.com Fri May 8 13:07:10 2009 From: Todd.Miller at courtesan.com (Todd.Miller at courtesan.com) Date: Fri, 8 May 2009 13:07:10 -0400 (EDT) Subject: [sudo-cvs] CVS commit: sudo Message-ID: <200905081707.n48H7ASl013872@core.courtesan.com> Module Name: sudo Committed By: millert Date: Fri May 8 17:07:10 UTC 2009 Modified Files: sudo: pwutil.c Log Message: Only cache by the method we fetched for pwd and grp lookups. Previously we cached both by namd and id but this can cause problems for entries that share the same id. Also add more info in the error message in case the insert fails (which should now be impossible). To generate a diff of this commit: cvs rdiff -u -r1.21 -r1.22 sudo/pwutil.c From Todd.Miller at courtesan.com Fri May 8 16:19:20 2009 From: Todd.Miller at courtesan.com (Todd.Miller at courtesan.com) Date: Fri, 8 May 2009 16:19:20 -0400 (EDT) Subject: [sudo-cvs] CVS commit: sudo Message-ID: <200905082019.n48KJKYv009143@core.courtesan.com> Module Name: sudo Committed By: millert Date: Fri May 8 20:19:20 UTC 2009 Modified Files: sudo: fileops.c Log Message: When unlocking a file with fcntl, use F_SETLK, not F_SETLKW. To generate a diff of this commit: cvs rdiff -u -r1.17 -r1.18 sudo/fileops.c From Todd.Miller at courtesan.com Sat May 9 21:00:24 2009 From: Todd.Miller at courtesan.com (Todd.Miller at courtesan.com) Date: Sat, 9 May 2009 21:00:24 -0400 (EDT) Subject: [sudo-cvs] CVS commit: sudo Message-ID: <200905100100.n4A10O9X014590@core.courtesan.com> Module Name: sudo Committed By: millert Date: Sun May 10 01:00:23 UTC 2009 Modified Files: sudo: sudo.c Log Message: Fix -g mode, broken by rev 1.503 which had the side effect of setting the runas user to root unilaterally. To generate a diff of this commit: cvs rdiff -u -r1.511 -r1.512 sudo/sudo.c From Todd.Miller at courtesan.com Sun May 10 07:33:45 2009 From: Todd.Miller at courtesan.com (Todd.Miller at courtesan.com) Date: Sun, 10 May 2009 07:33:45 -0400 (EDT) Subject: [sudo-cvs] CVS commit: sudo Message-ID: <200905101133.n4ABXjWd031295@core.courtesan.com> Module Name: sudo Committed By: millert Date: Sun May 10 11:33:45 UTC 2009 Modified Files: sudo: parse.c Log Message: In -l mode, if the user is only allowed to run as a group, display the user's name, not root's before the allowed group. To generate a diff of this commit: cvs rdiff -u -r1.240 -r1.241 sudo/parse.c From Todd.Miller at courtesan.com Sun May 10 07:52:13 2009 From: Todd.Miller at courtesan.com (Todd.Miller at courtesan.com) Date: Sun, 10 May 2009 07:52:13 -0400 (EDT) Subject: [sudo-cvs] CVS commit: sudo Message-ID: <200905101152.n4ABqDFi003447@core.courtesan.com> Module Name: sudo Committed By: millert Date: Sun May 10 11:52:13 UTC 2009 Modified Files: sudo: logging.c set_perms.c sudo.h testsudoers.c Log Message: Add option for set_perm to not exit on failure and use this in the logging routines. To generate a diff of this commit: cvs rdiff -u -r1.203 -r1.204 sudo/logging.c cvs rdiff -u -r1.44 -r1.45 sudo/set_perms.c cvs rdiff -u -r1.271 -r1.272 sudo/sudo.h cvs rdiff -u -r1.129 -r1.130 sudo/testsudoers.c From Todd.Miller at courtesan.com Sun May 10 07:59:53 2009 From: Todd.Miller at courtesan.com (Todd.Miller at courtesan.com) Date: Sun, 10 May 2009 07:59:53 -0400 (EDT) Subject: [sudo-cvs] CVS commit: sudo Message-ID: <200905101159.n4ABxrGc009749@core.courtesan.com> Module Name: sudo Committed By: millert Date: Sun May 10 11:59:53 UTC 2009 Modified Files: sudo: sudo.c Log Message: Must call audit_success before we change uids. To generate a diff of this commit: cvs rdiff -u -r1.512 -r1.513 sudo/sudo.c From Todd.Miller at courtesan.com Mon May 11 12:47:10 2009 From: Todd.Miller at courtesan.com (Todd.Miller at courtesan.com) Date: Mon, 11 May 2009 12:47:10 -0400 (EDT) Subject: [sudo-cvs] CVS commit: sudo Message-ID: <200905111647.n4BGlAXg019319@core.courtesan.com> Module Name: sudo Committed By: millert Date: Mon May 11 16:47:10 UTC 2009 Modified Files: sudo: match.c Log Message: Don't allow the user to specify the default runas user if their sudoers entry only allows them to run as a group. To generate a diff of this commit: cvs rdiff -u -r1.42 -r1.43 sudo/match.c From Todd.Miller at courtesan.com Sun May 17 16:22:25 2009 From: Todd.Miller at courtesan.com (Todd.Miller at courtesan.com) Date: Sun, 17 May 2009 16:22:25 -0400 (EDT) Subject: [sudo-cvs] CVS commit: sudo Message-ID: <200905172022.n4HKMPvb015249@core.courtesan.com> Module Name: sudo Committed By: millert Date: Sun May 17 20:22:25 UTC 2009 Modified Files: sudo: toke.c toke.l Log Message: Allow user/group to be double quoted in the case of non-Unix groups which contain spaces. To generate a diff of this commit: cvs rdiff -u -r1.33 -r1.34 sudo/toke.c cvs rdiff -u -r1.33 -r1.34 sudo/toke.l From Todd.Miller at courtesan.com Sun May 17 16:52:15 2009 From: Todd.Miller at courtesan.com (Todd.Miller at courtesan.com) Date: Sun, 17 May 2009 16:52:15 -0400 (EDT) Subject: [sudo-cvs] CVS commit: sudo Message-ID: <200905172052.n4HKqFiW003309@core.courtesan.com> Module Name: sudo Committed By: millert Date: Sun May 17 20:52:15 UTC 2009 Modified Files: sudo: toke.c toke.l Log Message: Accept %:foo as a non-Unix group To generate a diff of this commit: cvs rdiff -u -r1.34 -r1.35 sudo/toke.c cvs rdiff -u -r1.34 -r1.35 sudo/toke.l From Todd.Miller at courtesan.com Sun May 17 18:19:38 2009 From: Todd.Miller at courtesan.com (Todd.Miller at courtesan.com) Date: Sun, 17 May 2009 18:19:38 -0400 (EDT) Subject: [sudo-cvs] CVS commit: sudo Message-ID: <200905172219.n4HMJcnb000900@core.courtesan.com> Module Name: sudo Committed By: millert Date: Sun May 17 22:19:38 UTC 2009 Modified Files: sudo: LICENSE Makefile.in config.h.in match.c sudo.c Added Files: sudo: nonunix.h vasgroups.c Log Message: Initial bits of non-unix group support using Quest Authentication Services To generate a diff of this commit: cvs rdiff -u -r1.27 -r1.28 sudo/LICENSE cvs rdiff -u -r1.335 -r1.336 sudo/Makefile.in cvs rdiff -u -r1.244 -r1.245 sudo/config.h.in cvs rdiff -u -r1.43 -r1.44 sudo/match.c cvs rdiff -u -r0 -r1.1 sudo/nonunix.h cvs rdiff -u -r0 -r1.1 sudo/vasgroups.c cvs rdiff -u -r1.513 -r1.514 sudo/sudo.c From Todd.Miller at courtesan.com Mon May 18 06:33:33 2009 From: Todd.Miller at courtesan.com (Todd.Miller at courtesan.com) Date: Mon, 18 May 2009 06:33:33 -0400 (EDT) Subject: [sudo-cvs] CVS commit: sudo Message-ID: <200905181033.n4IAXXld029384@core.courtesan.com> Module Name: sudo Committed By: millert Date: Mon May 18 10:33:33 UTC 2009 Modified Files: sudo: set_perms.c Log Message: Remove group setting code in setusercontext case, we will do it ourselves later on in runas_setup. Set the gid after initgroups/setgroups is called, since on Mac OS X it seems to change the egid. To generate a diff of this commit: cvs rdiff -u -r1.45 -r1.46 sudo/set_perms.c From Todd.Miller at courtesan.com Tue May 19 17:24:06 2009 From: Todd.Miller at courtesan.com (Todd.Miller at courtesan.com) Date: Tue, 19 May 2009 17:24:06 -0400 (EDT) Subject: [sudo-cvs] CVS commit: sudo Message-ID: <200905192124.n4JLO6j5009276@core.courtesan.com> Module Name: sudo Committed By: millert Date: Tue May 19 21:24:06 UTC 2009 Modified Files: sudo: Makefile.in config.h.in configure configure.in sudo.c visudo.c Removed Files: sudo: version.h Log Message: Replace version.h with PACKAGE_VERSION set via AC_INIT in configure. To generate a diff of this commit: cvs rdiff -u -r1.336 -r1.337 sudo/Makefile.in cvs rdiff -u -r1.245 -r1.246 sudo/config.h.in cvs rdiff -u -r1.283 -r1.284 sudo/configure cvs rdiff -u -r1.546 -r1.547 sudo/configure.in cvs rdiff -u -r1.514 -r1.515 sudo/sudo.c cvs rdiff -u -r1.73 -r0 sudo/version.h cvs rdiff -u -r1.232 -r1.233 sudo/visudo.c From Todd.Miller at courtesan.com Fri May 22 06:37:29 2009 From: Todd.Miller at courtesan.com (Todd.Miller at courtesan.com) Date: Fri, 22 May 2009 06:37:29 -0400 (EDT) Subject: [sudo-cvs] CVS commit: sudo Message-ID: <200905221037.n4MAbT2v011624@core.courtesan.com> Module Name: sudo Committed By: millert Date: Fri May 22 10:37:29 UTC 2009 Modified Files: sudo: set_perms.c Log Message: Handle getgroups() returning 0. Also add missing check for HAVE_GETGROUPS. To generate a diff of this commit: cvs rdiff -u -r1.46 -r1.47 sudo/set_perms.c From Todd.Miller at courtesan.com Sun May 24 08:33:01 2009 From: Todd.Miller at courtesan.com (Todd.Miller at courtesan.com) Date: Sun, 24 May 2009 08:33:01 -0400 (EDT) Subject: [sudo-cvs] CVS commit: sudo Message-ID: <200905241233.n4OCX0pm029232@core.courtesan.com> Module Name: sudo Committed By: millert Date: Sun May 24 12:33:00 UTC 2009 Modified Files: sudo: interfaces.c lbuf.c Log Message: Minor fixes for Minix-3 To generate a diff of this commit: cvs rdiff -u -r1.85 -r1.86 sudo/interfaces.c cvs rdiff -u -r1.7 -r1.8 sudo/lbuf.c From Todd.Miller at courtesan.com Mon May 25 08:02:42 2009 From: Todd.Miller at courtesan.com (Todd.Miller at courtesan.com) Date: Mon, 25 May 2009 08:02:42 -0400 (EDT) Subject: [sudo-cvs] CVS commit: sudo Message-ID: <200905251202.n4PC2gP2011908@core.courtesan.com> Module Name: sudo Committed By: millert Date: Mon May 25 12:02:42 UTC 2009 Modified Files: sudo: LICENSE Makefile.in aclocal.m4 alias.c check.c env.c fileops.c glob.c gram.y interfaces.c lbuf.c ldap.c logging.c logging.h match.c parse.c parse.h pathnames.h.in pwutil.c set_perms.c sudo.c sudo.h sudo.pod sudo_nss.c sudo_nss.h sudo_usage.h.in sudoers.ldap.pod sudoers.pod testsudoers.c tgetpass.c toke.l visudo.c sudo/auth: aix_auth.c pam.c sudo_auth.c sudo_auth.h Log Message: Update copyright years. To generate a diff of this commit: cvs rdiff -u -r1.28 -r1.29 sudo/LICENSE cvs rdiff -u -r1.337 -r1.338 sudo/Makefile.in cvs rdiff -u -r1.100 -r1.101 sudo/aclocal.m4 cvs rdiff -u -r1.17 -r1.18 sudo/alias.c cvs rdiff -u -r1.246 -r1.247 sudo/check.c cvs rdiff -u -r1.103 -r1.104 sudo/env.c cvs rdiff -u -r1.18 -r1.19 sudo/fileops.c cvs rdiff -u -r1.12 -r1.13 sudo/glob.c cvs rdiff -u -r1.12 -r1.13 sudo/sudoers.ldap.pod cvs rdiff -u -r1.35 -r1.36 sudo/gram.y cvs rdiff -u -r1.35 -r1.36 sudo/toke.l cvs rdiff -u -r1.86 -r1.87 sudo/interfaces.c cvs rdiff -u -r1.8 -r1.9 sudo/lbuf.c cvs rdiff -u -r1.106 -r1.107 sudo/ldap.c cvs rdiff -u -r1.204 -r1.205 sudo/logging.c cvs rdiff -u -r1.14 -r1.15 sudo/logging.h cvs rdiff -u -r1.44 -r1.45 sudo/match.c cvs rdiff -u -r1.241 -r1.242 sudo/parse.c cvs rdiff -u -r1.48 -r1.49 sudo/parse.h cvs rdiff -u -r1.64 -r1.65 sudo/pathnames.h.in cvs rdiff -u -r1.22 -r1.23 sudo/pwutil.c cvs rdiff -u -r1.47 -r1.48 sudo/set_perms.c cvs rdiff -u -r1.515 -r1.516 sudo/sudo.c cvs rdiff -u -r1.272 -r1.273 sudo/sudo.h cvs rdiff -u -r1.122 -r1.123 sudo/sudo.pod cvs rdiff -u -r1.7 -r1.8 sudo/sudo_nss.c cvs rdiff -u -r1.6 -r1.7 sudo/sudo_nss.h cvs rdiff -u -r1.9 -r1.10 sudo/sudo_usage.h.in cvs rdiff -u -r1.168 -r1.169 sudo/sudoers.pod cvs rdiff -u -r1.130 -r1.131 sudo/testsudoers.c cvs rdiff -u -r1.130 -r1.131 sudo/tgetpass.c cvs rdiff -u -r1.233 -r1.234 sudo/visudo.c cvs rdiff -u -r1.26 -r1.27 sudo/auth/aix_auth.c cvs rdiff -u -r1.67 -r1.68 sudo/auth/pam.c cvs rdiff -u -r1.39 -r1.40 sudo/auth/sudo_auth.c cvs rdiff -u -r1.28 -r1.29 sudo/auth/sudo_auth.h From Todd.Miller at courtesan.com Tue May 26 20:46:51 2009 From: Todd.Miller at courtesan.com (Todd.Miller at courtesan.com) Date: Tue, 26 May 2009 20:46:51 -0400 (EDT) Subject: [sudo-cvs] CVS commit: sudo Message-ID: <200905270046.n4R0kpLE029614@core.courtesan.com> Module Name: sudo Committed By: millert Date: Wed May 27 00:46:51 UTC 2009 Modified Files: sudo: toke.l Log Message: Add support for escaped hex chars in names, e.g. \x20 for space. To generate a diff of this commit: cvs rdiff -u -r1.36 -r1.37 sudo/toke.l From Todd.Miller at courtesan.com Tue May 26 20:47:18 2009 From: Todd.Miller at courtesan.com (Todd.Miller at courtesan.com) Date: Tue, 26 May 2009 20:47:18 -0400 (EDT) Subject: [sudo-cvs] CVS commit: sudo Message-ID: <200905270047.n4R0lIx4001551@core.courtesan.com> Module Name: sudo Committed By: millert Date: Wed May 27 00:47:18 UTC 2009 Modified Files: sudo: toke.c Log Message: regen To generate a diff of this commit: cvs rdiff -u -r1.35 -r1.36 sudo/toke.c From Todd.Miller at courtesan.com Tue May 26 20:49:07 2009 From: Todd.Miller at courtesan.com (Todd.Miller at courtesan.com) Date: Tue, 26 May 2009 20:49:07 -0400 (EDT) Subject: [sudo-cvs] CVS commit: sudo Message-ID: <200905270049.n4R0n70E031658@core.courtesan.com> Module Name: sudo Committed By: millert Date: Wed May 27 00:49:07 UTC 2009 Modified Files: sudo: configure configure.in match.c sudo.c vasgroups.c Log Message: Update non-Unix group support from Quest, as reworked by me. To generate a diff of this commit: cvs rdiff -u -r1.284 -r1.285 sudo/configure cvs rdiff -u -r1.547 -r1.548 sudo/configure.in cvs rdiff -u -r1.45 -r1.46 sudo/match.c cvs rdiff -u -r1.516 -r1.517 sudo/sudo.c cvs rdiff -u -r1.1 -r1.2 sudo/vasgroups.c From Todd.Miller at courtesan.com Fri May 29 09:40:52 2009 From: Todd.Miller at courtesan.com (Todd.Miller at courtesan.com) Date: Fri, 29 May 2009 09:40:52 -0400 (EDT) Subject: [sudo-cvs] CVS commit: sudo Message-ID: <200905291340.n4TDeqaI022137@core.courtesan.com> Module Name: sudo Committed By: millert Date: Fri May 29 13:40:52 UTC 2009 Modified Files: sudo: Makefile.in Log Message: Add non-Unix group .o to COMMON_OBJS and substitute in path to flex. To generate a diff of this commit: cvs rdiff -u -r1.338 -r1.339 sudo/Makefile.in From Todd.Miller at courtesan.com Fri May 29 09:43:12 2009 From: Todd.Miller at courtesan.com (Todd.Miller at courtesan.com) Date: Fri, 29 May 2009 09:43:12 -0400 (EDT) Subject: [sudo-cvs] CVS commit: sudo Message-ID: <200905291343.n4TDhCx0009558@core.courtesan.com> Module Name: sudo Committed By: millert Date: Fri May 29 13:43:12 UTC 2009 Modified Files: sudo: ldap.c sudoers.ldap.pod Log Message: For netscape-derived LDAP SDKs the cert and key paths may be a directory or a file. However, version 5.0 of the SDK only seems to support using a directory. If ldapssl_clientauth_init fails and the cert or key paths look like they could be files, strip off the last path element and try again. To generate a diff of this commit: cvs rdiff -u -r1.107 -r1.108 sudo/ldap.c cvs rdiff -u -r1.13 -r1.14 sudo/sudoers.ldap.pod