Skip to content

Commit 2c102c6

Browse files
committed
merge sudo 1.9.3 from tip
--HG-- branch : 1.9
2 parents fce3c02 + d442813 commit 2c102c6

File tree

386 files changed

+24057
-18210
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

386 files changed

+24057
-18210
lines changed

.gitignore

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@
22
**/*.i
33
**/*.l[ao]
44
**/*.lai
5+
**/*.map
56
**/*.mo
67
**/*.o
78
**/*.plog

.hgignore

Lines changed: 6 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@
22
\.i$
33
\.l[ao]$
44
\.lai$
5+
\.map$
56
\.mo$
67
\.o$
78
\.plog$
@@ -19,16 +20,16 @@ Makefile$
1920
^build$
2021

2122
^ChangeLog$
22-
^PVS-Studio.cfg$
23-
^uncrustify.files$
23+
^PVS-Studio\.cfg$
24+
^uncrustify\.files$
2425
^doc/.*\.man$
2526
^doc/.*\.mdoc$
2627
^doc/fixman\.sed$
2728

2829
^examples/sudo\.conf$
2930

30-
^init.d/.*.sh$
31-
^init.d/sudo.conf$
31+
^init\.d/.*\.sh$
32+
^init\.d/sudo\.conf$
3233

3334
^pathnames\.h$
3435
^src/sudo$
@@ -51,7 +52,7 @@ Makefile$
5152
^plugins/sudoers/(cvtsudoers|sudoers|sudoreplay|testsudoers|tsdump|visudo|prologue|check_[a-z0-9_]+)$
5253
^plugins/sudoers/.*\.(out|toke|err|json|ldif|sudo|ldif2sudo)$
5354
^plugins/sudoers/regress/iolog_plugin/iolog$
54-
^plugins/sudoers/regress/testsudoers/test3.d/root$
55+
^plugins/sudoers/regress/testsudoers/test3\.d/root$
5556

5657
^plugins/python/__pycache__
5758
^plugins/python/regress/__pycache__

MANIFEST

Lines changed: 15 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -138,9 +138,11 @@ lib/util/dup3.c
138138
lib/util/event.c
139139
lib/util/event_poll.c
140140
lib/util/event_select.c
141+
lib/util/explicit_bzero.c
141142
lib/util/fatal.c
142143
lib/util/fchmodat.c
143144
lib/util/fnmatch.c
145+
lib/util/freezero.c
144146
lib/util/fstatat.c
145147
lib/util/getaddrinfo.c
146148
lib/util/getcwd.c
@@ -163,7 +165,6 @@ lib/util/locking.c
163165
lib/util/logfac.c
164166
lib/util/logpri.c
165167
lib/util/memrchr.c
166-
lib/util/memset_s.c
167168
lib/util/mkdir_parents.c
168169
lib/util/mksiglist.c
169170
lib/util/mksiglist.h
@@ -331,6 +332,7 @@ plugins/python/python_baseplugin.c
331332
plugins/python/python_convmessage.c
332333
plugins/python/python_importblocker.c
333334
plugins/python/python_loghandler.c
335+
plugins/python/python_plugin.exp
334336
plugins/python/python_plugin_approval.c
335337
plugins/python/python_plugin_approval_multi.inc
336338
plugins/python/python_plugin_audit.c
@@ -469,6 +471,7 @@ plugins/sudoers/digestname.c
469471
plugins/sudoers/editor.c
470472
plugins/sudoers/env.c
471473
plugins/sudoers/env_pattern.c
474+
plugins/sudoers/exptilde.c
472475
plugins/sudoers/file.c
473476
plugins/sudoers/filedigest.c
474477
plugins/sudoers/find_path.c
@@ -666,6 +669,7 @@ plugins/sudoers/regress/cvtsudoers/test9.out.ok
666669
plugins/sudoers/regress/cvtsudoers/test9.sh
667670
plugins/sudoers/regress/env_match/check_env_pattern.c
668671
plugins/sudoers/regress/env_match/data
672+
plugins/sudoers/regress/exptilde/check_exptilde.c
669673
plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c
670674
plugins/sudoers/regress/logging/check_wrap.c
671675
plugins/sudoers/regress/logging/check_wrap.in
@@ -772,6 +776,13 @@ plugins/sudoers/regress/sudoers/test23.ldif2sudo.ok
772776
plugins/sudoers/regress/sudoers/test23.out.ok
773777
plugins/sudoers/regress/sudoers/test23.sudo.ok
774778
plugins/sudoers/regress/sudoers/test23.toke.ok
779+
plugins/sudoers/regress/sudoers/test24.in
780+
plugins/sudoers/regress/sudoers/test24.json.ok
781+
plugins/sudoers/regress/sudoers/test24.ldif.ok
782+
plugins/sudoers/regress/sudoers/test24.ldif2sudo.ok
783+
plugins/sudoers/regress/sudoers/test24.out.ok
784+
plugins/sudoers/regress/sudoers/test24.sudo.ok
785+
plugins/sudoers/regress/sudoers/test24.toke.ok
775786
plugins/sudoers/regress/sudoers/test3.in
776787
plugins/sudoers/regress/sudoers/test3.json.ok
777788
plugins/sudoers/regress/sudoers/test3.ldif.ok
@@ -816,6 +827,8 @@ plugins/sudoers/regress/testsudoers/test10.out.ok
816827
plugins/sudoers/regress/testsudoers/test10.sh
817828
plugins/sudoers/regress/testsudoers/test11.out.ok
818829
plugins/sudoers/regress/testsudoers/test11.sh
830+
plugins/sudoers/regress/testsudoers/test12.out.ok
831+
plugins/sudoers/regress/testsudoers/test12.sh
819832
plugins/sudoers/regress/testsudoers/test2.inc
820833
plugins/sudoers/regress/testsudoers/test2.out.ok
821834
plugins/sudoers/regress/testsudoers/test2.sh
@@ -968,6 +981,7 @@ scripts/mkdep.pl
968981
scripts/mkinstalldirs
969982
scripts/mkpkg
970983
scripts/pp
984+
scripts/unanon
971985
src/Makefile.in
972986
src/conversation.c
973987
src/copy_file.c

Makefile.in

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -56,7 +56,7 @@ shlib_mode = @SHLIB_MODE@
5656
# Version of python detected by configure (major.minor)
5757
python_version = @PYTHON_VERSION@
5858

59-
SUBDIRS = lib/util @ZLIB_SRC@ lib/iolog @LOGSRV@ @LOGSRVD@ \
59+
SUBDIRS = lib/util @ZLIB_SRC@ lib/iolog @LOGSRV_SRC@ @LOGSRVD_SRC@ \
6060
plugins/audit_json plugins/group_file plugins/sample_approval \
6161
plugins/sudoers plugins/system_group @PYTHON_PLUGIN_SRC@ src \
6262
include doc examples
@@ -101,7 +101,7 @@ SPLINT_OPTS = -D__restrict= -checks
101101

102102
# Default PVS-studio options when run from the top-level Makefile
103103
PVS_CFG = $(top_builddir)/PVS-Studio.cfg
104-
PVS_IGNORE = 'V707,V011,V002,V536'
104+
PVS_IGNORE = 'V707,V011,V002,V536,V568'
105105
PVS_LOG_OPTS = -a 'GA:1,2' -e -t errorfile -d $(PVS_IGNORE)
106106

107107
all: config.status

NEWS

Lines changed: 62 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,65 @@
1+
What's new in Sudo 1.9.3
2+
3+
* sudoedit will now prompt the user before overwriting an existing
4+
file with one that is zero-length after editing. Bug #922.
5+
6+
* Fixed building the Python plugin on systems with a compiler that
7+
doesn't support symbol hiding.
8+
9+
* Sudo now uses a linker script to hide symbols even when the
10+
compiler has native symbol hiding support. This should make is
11+
easier to detect omissions in the symbol exports file, regardless
12+
of the platform.
13+
14+
* Fixed the libssl dependency in Debian packages for older releases
15+
that use libssl1.0.0.
16+
17+
* Sudo and visudo now provide more detailed messages when a syntax
18+
error is detected in sudoers. The offending line and token are
19+
now displayed. If the parser was generated by GNU bison,
20+
additional information about what token was expected is also
21+
displayed. Bug #841.
22+
23+
* Sudoers rules must now end in either a newline or the end-of-file.
24+
Previously, it was possible to have multiple rules on a single
25+
line, separated by white space. The use of an end-of-line
26+
terminator makes it possible to display accurate error messages.
27+
28+
* Sudo no longer refuses to run if a syntax error in the sudoers
29+
file is encountered. The entry with the syntax error will be
30+
discarded and sudo will continue to parse the file. This makes
31+
recovery from a syntax error less painful on systems where sudo
32+
is the primary method of superuser access. The historic behavior
33+
can be restored by add "error_recovery=false" to the sudoers
34+
plugin's optional arguments in sudo.conf. Bug #618.
35+
36+
* Fixed the sample_approval plugin's symbol exports file for systems
37+
where the compiler doesn't support symbol hiding.
38+
39+
* Fixed a regression introduced in sudo 1.9.1 where arguments to
40+
the "sudoers_policy" plugin in sudo.conf were not being applied.
41+
The sudoers file is now parsed by the "sudoers_audit" plugin,
42+
which is loaded implicitly when "sudoers_policy" is listed in
43+
sudo.conf. Starting with sudo 1.9.3, if there are plugin arguments
44+
for "sudoers_policy" but "sudoers_audit" is not listed, those
45+
arguments will be applied to "sudoers_audit" instead.
46+
47+
* The user's resource limits are now passed to sudo plugins in
48+
the user_info[] list. A plugin cannot determine the limits
49+
itself because sudo changes the limits while it runs to prevent
50+
resource starvation.
51+
52+
* It is now possible to set the working directory or change the
53+
root directory on a per-command basis using the CWD and CHROOT
54+
options. There are also new Defaults settings, runchroot and
55+
runcwd, that can be used to set the working directory or root
56+
directory on a more global basis.
57+
58+
* New -D (--chdir) and -R (--chroot) command line options can be
59+
used to set the working directory or root directory if the sudoers
60+
file allows it. This functionality is not enabled by default
61+
and must be explicitly enabled in the sudoers file.
62+
163
What's new in Sudo 1.9.2
264

365
* Fixed package builds on RedHat Enterprise Linux 8.

config.h.in

Lines changed: 39 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -88,6 +88,9 @@
8888
/* Define to 1 to enable BSM audit support. */
8989
#undef HAVE_BSM_AUDIT
9090

91+
/* Define to 1 if you have the `bzero' function. */
92+
#undef HAVE_BZERO
93+
9194
/* Define to 1 if you have the `cfmakeraw' function. */
9295
#undef HAVE_CFMAKERAW
9396

@@ -97,6 +100,9 @@
97100
/* Define to 1 if you have the `closefrom' function. */
98101
#undef HAVE_CLOSEFROM
99102

103+
/* Define to 1 if you have the `crypt' function. */
104+
#undef HAVE_CRYPT
105+
100106
/* Define to 1 if you use OSF DCE. */
101107
#undef HAVE_DCE
102108

@@ -255,9 +261,18 @@
255261
/* Define to 1 if you have the `execvpe' function. */
256262
#undef HAVE_EXECVPE
257263

264+
/* Define to 1 if you have the `explicit_bzero' function. */
265+
#undef HAVE_EXPLICIT_BZERO
266+
267+
/* Define to 1 if you have the `explicit_memset' function. */
268+
#undef HAVE_EXPLICIT_MEMSET
269+
258270
/* Define to 1 if you have the `faccessat' function. */
259271
#undef HAVE_FACCESSAT
260272

273+
/* Define to 1 if the compiler supports the fallthrough attribute. */
274+
#undef HAVE_FALLTHROUGH_ATTRIBUTE
275+
261276
/* Define to 1 if you have the `fchmodat' function. */
262277
#undef HAVE_FCHMODAT
263278

@@ -273,6 +288,9 @@
273288
/* Define to 1 if you have the `freeifaddrs' function. */
274289
#undef HAVE_FREEIFADDRS
275290

291+
/* Define to 1 if you have the `freezero' function. */
292+
#undef HAVE_FREEZERO
293+
276294
/* Define to 1 if you have the `fseeko' function. */
277295
#undef HAVE_FSEEKO
278296

@@ -532,6 +550,9 @@
532550
/* Define to 1 if you have the `memrchr' function. */
533551
#undef HAVE_MEMRCHR
534552

553+
/* Define to 1 if you have the `memset_explicit' function. */
554+
#undef HAVE_MEMSET_EXPLICIT
555+
535556
/* Define to 1 if you have the `memset_s' function. */
536557
#undef HAVE_MEMSET_S
537558

@@ -722,6 +743,9 @@
722743
/* Define to 1 if you have the `sig2str' function. */
723744
#undef HAVE_SIG2STR
724745

746+
/* Define to 1 if you have the `sigabbrev_np' function. */
747+
#undef HAVE_SIGABBREV_NP
748+
725749
/* Define to 1 if you use S/Key. */
726750
#undef HAVE_SKEY
727751

@@ -1038,8 +1062,8 @@
10381062
/* Define to 1 if you want sudo to free up memory before exiting. */
10391063
#undef NO_LEAKS
10401064

1041-
/* Define to 1 if you don't want users to get the lecture the first time they use
1042-
sudo. */
1065+
/* Define to 1 if you don't want users to get the lecture the first time they
1066+
use sudo. */
10431067
#undef NO_LECTURE
10441068

10451069
/* Define to 1 if you don't want to use sudo's PAM session support. */
@@ -1260,9 +1284,6 @@
12601284
/* Define to empty if `const' does not conform to ANSI C. */
12611285
#undef const
12621286

1263-
/* Define to `int' if <sys/types.h> does not define. */
1264-
#undef errno_t
1265-
12661287
/* Define to `int' if <sys/types.h> doesn't define. */
12671288
#undef gid_t
12681289

@@ -1281,9 +1302,6 @@
12811302
/* Define to an OS-specific initialization function or `os_init_common'. */
12821303
#undef os_init
12831304

1284-
/* Define to `size_t' if <sys/types.h> does not define. */
1285-
#undef rsize_t
1286-
12871305
/* Define to `int' if <signal.h> does not define. */
12881306
#undef sig_atomic_t
12891307

@@ -1312,6 +1330,19 @@
13121330
code using `volatile' can become incorrect without. Disable with care. */
13131331
#undef volatile
13141332

1333+
/* Symbol visibility controls */
1334+
#ifdef HAVE_DSO_VISIBILITY
1335+
# if defined(__GNUC__)
1336+
# define sudo_dso_public __attribute__((__visibility__("default")))
1337+
# elif defined(__SUNPRO_C)
1338+
# define sudo_dso_public __global
1339+
# else
1340+
# define sudo_dso_public __declspec(dllexport)
1341+
# endif
1342+
#else
1343+
# define sudo_dso_public
1344+
#endif
1345+
13151346
/* BSD compatibility on some SVR4 systems. */
13161347
#ifdef __svr4__
13171348
# define BSD_COMP

0 commit comments

Comments
 (0)