/src/sudo/plugins/sudoers/policy.c
Line | Count | Source |
1 | | /* |
2 | | * SPDX-License-Identifier: ISC |
3 | | * |
4 | | * Copyright (c) 2010-2024 Todd C. Miller <Todd.Miller@sudo.ws> |
5 | | * |
6 | | * Permission to use, copy, modify, and distribute this software for any |
7 | | * purpose with or without fee is hereby granted, provided that the above |
8 | | * copyright notice and this permission notice appear in all copies. |
9 | | * |
10 | | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES |
11 | | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF |
12 | | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR |
13 | | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES |
14 | | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN |
15 | | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF |
16 | | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
17 | | */ |
18 | | |
19 | | #include <config.h> |
20 | | |
21 | | #include <sys/types.h> |
22 | | #include <sys/stat.h> |
23 | | #include <netinet/in.h> |
24 | | #include <stdio.h> |
25 | | #include <stdlib.h> |
26 | | #include <string.h> |
27 | | #include <unistd.h> |
28 | | #include <errno.h> |
29 | | #include <fcntl.h> |
30 | | #include <grp.h> |
31 | | #include <pwd.h> |
32 | | |
33 | | #include <sudoers.h> |
34 | | #include <sudoers_version.h> |
35 | | #include <timestamp.h> |
36 | | #include <interfaces.h> |
37 | | #include "auth/sudo_auth.h" |
38 | | |
39 | | static char **command_info; |
40 | | |
41 | | /* |
42 | | * Command execution args to be filled in: argv, envp and command info. |
43 | | */ |
44 | | struct sudoers_exec_args { |
45 | | char ***argv; |
46 | | char ***envp; |
47 | | char ***info; |
48 | | }; |
49 | | |
50 | | static unsigned int sudo_version; |
51 | | static const char *interfaces_string; |
52 | | sudo_conv_t sudo_conv; |
53 | | sudo_printf_t sudo_printf; |
54 | | struct sudo_plugin_event * (*plugin_event_alloc)(void); |
55 | | static const char *path_sudoers = _PATH_SUDOERS; |
56 | | static bool session_opened; |
57 | | |
58 | | extern sudo_dso_public struct policy_plugin sudoers_policy; |
59 | | |
60 | | static int |
61 | | parse_bool(const char *line, int varlen, unsigned int *flags, unsigned int fval) |
62 | 10.2k | { |
63 | 10.2k | debug_decl(parse_bool, SUDOERS_DEBUG_PLUGIN); |
64 | | |
65 | 10.2k | switch (sudo_strtobool(line + varlen + 1)) { |
66 | 6.19k | case true: |
67 | 6.19k | SET(*flags, fval); |
68 | 6.19k | debug_return_int(true); |
69 | 3.86k | case false: |
70 | 3.86k | CLR(*flags, fval); |
71 | 3.86k | debug_return_int(false); |
72 | 234 | default: |
73 | 234 | sudo_warnx(U_("invalid %.*s set by sudo front-end"), |
74 | 234 | varlen, line); |
75 | 234 | debug_return_int(-1); |
76 | 10.2k | } |
77 | 10.2k | } |
78 | | |
79 | 14.0k | #define RUN_VALID_FLAGS (MODE_ASKPASS|MODE_PRESERVE_ENV|MODE_RESET_HOME|MODE_IMPLIED_SHELL|MODE_LOGIN_SHELL|MODE_NONINTERACTIVE|MODE_IGNORE_TICKET|MODE_UPDATE_TICKET|MODE_PRESERVE_GROUPS|MODE_SHELL|MODE_RUN|MODE_POLICY_INTERCEPTED) |
80 | 788 | #define EDIT_VALID_FLAGS (MODE_ASKPASS|MODE_NONINTERACTIVE|MODE_IGNORE_TICKET|MODE_UPDATE_TICKET|MODE_EDIT) |
81 | 12.0k | #define LIST_VALID_FLAGS (MODE_ASKPASS|MODE_NONINTERACTIVE|MODE_IGNORE_TICKET|MODE_UPDATE_TICKET|MODE_LIST|MODE_CHECK) |
82 | 4.00k | #define VALIDATE_VALID_FLAGS (MODE_ASKPASS|MODE_NONINTERACTIVE|MODE_IGNORE_TICKET|MODE_UPDATE_TICKET|MODE_VALIDATE) |
83 | 4.00k | #define INVALIDATE_VALID_FLAGS (MODE_ASKPASS|MODE_NONINTERACTIVE|MODE_IGNORE_TICKET|MODE_UPDATE_TICKET|MODE_INVALIDATE) |
84 | | |
85 | | /* |
86 | | * Deserialize args, settings and user_info arrays. |
87 | | * Fills in struct sudoers_user_context and other common sudoers state. |
88 | | */ |
89 | | unsigned int |
90 | | sudoers_policy_deserialize_info(struct sudoers_context *ctx, void *v, |
91 | | struct defaults_list *defaults) |
92 | 25.4k | { |
93 | 25.4k | const char *p, *errstr, *groups = NULL; |
94 | 25.4k | struct sudoers_open_info *info = v; |
95 | 25.4k | unsigned int flags = MODE_UPDATE_TICKET; |
96 | 25.4k | const char *host = NULL; |
97 | 25.4k | const char *remhost = NULL; |
98 | 25.4k | unsigned char uuid[16]; |
99 | 25.4k | char * const *cur; |
100 | 25.4k | debug_decl(sudoers_policy_deserialize_info, SUDOERS_DEBUG_PLUGIN); |
101 | | |
102 | 25.4k | #define MATCHES(s, v) \ |
103 | 36.6M | (strncmp((s), (v), sizeof(v) - 1) == 0) |
104 | | |
105 | 35.5k | #define INVALID(v) do { \ |
106 | 35.5k | sudo_warnx(U_("invalid %.*s set by sudo front-end"), \ |
107 | 35.5k | (int)(sizeof(v) - 2), (v)); \ |
108 | 35.5k | } while (0) |
109 | | |
110 | 96.7k | #define CHECK(s, v) do { \ |
111 | 96.7k | if ((s)[sizeof(v) - 1] == '\0') { \ |
112 | 219 | INVALID(v); \ |
113 | 219 | goto bad; \ |
114 | 219 | } \ |
115 | 96.7k | } while (0) |
116 | | |
117 | | /* Parse sudo.conf plugin args. */ |
118 | 25.4k | if (info->plugin_args != NULL) { |
119 | 56.5k | for (cur = info->plugin_args; *cur != NULL; cur++) { |
120 | 55.6k | if (MATCHES(*cur, "error_recovery=")) { |
121 | 35.5k | int val = sudo_strtobool(*cur + sizeof("error_recovery=") - 1); |
122 | 35.5k | if (val == -1) { |
123 | 35.2k | INVALID("error_recovery="); /* Not a fatal error. */ |
124 | 35.2k | } else { |
125 | 231 | ctx->parser_conf.recovery = val; |
126 | 231 | } |
127 | 35.5k | continue; |
128 | 35.5k | } |
129 | 20.1k | if (MATCHES(*cur, "ignore_perms=")) { |
130 | 0 | int val = sudo_strtobool(*cur + sizeof("ignore_perms=") - 1); |
131 | 0 | if (val == -1) { |
132 | 0 | INVALID("ignore_perms="); /* Not a fatal error. */ |
133 | 0 | } else { |
134 | 0 | ctx->parser_conf.ignore_perms = val; |
135 | 0 | } |
136 | 0 | continue; |
137 | 0 | } |
138 | 20.1k | if (MATCHES(*cur, "sudoers_file=")) { |
139 | 18.5k | CHECK(*cur, "sudoers_file="); |
140 | 18.5k | path_sudoers = *cur + sizeof("sudoers_file=") - 1; |
141 | 18.5k | continue; |
142 | 18.5k | } |
143 | 1.59k | if (MATCHES(*cur, "sudoers_uid=")) { |
144 | 273 | p = *cur + sizeof("sudoers_uid=") - 1; |
145 | 273 | ctx->parser_conf.sudoers_uid = (uid_t)sudo_strtoid(p, &errstr); |
146 | 273 | if (errstr != NULL) { |
147 | 23 | sudo_warnx(U_("%s: %s"), *cur, U_(errstr)); |
148 | 23 | goto bad; |
149 | 23 | } |
150 | 250 | continue; |
151 | 273 | } |
152 | 1.32k | if (MATCHES(*cur, "sudoers_gid=")) { |
153 | 249 | p = *cur + sizeof("sudoers_gid=") - 1; |
154 | 249 | ctx->parser_conf.sudoers_gid = (gid_t)sudo_strtoid(p, &errstr); |
155 | 249 | if (errstr != NULL) { |
156 | 33 | sudo_warnx(U_("%s: %s"), *cur, U_(errstr)); |
157 | 33 | goto bad; |
158 | 33 | } |
159 | 216 | continue; |
160 | 249 | } |
161 | 1.07k | if (MATCHES(*cur, "sudoers_mode=")) { |
162 | 258 | p = *cur + sizeof("sudoers_mode=") - 1; |
163 | 258 | ctx->parser_conf.sudoers_mode = sudo_strtomode(p, &errstr); |
164 | 258 | if (errstr != NULL) { |
165 | 18 | sudo_warnx(U_("%s: %s"), *cur, U_(errstr)); |
166 | 18 | goto bad; |
167 | 18 | } |
168 | 240 | continue; |
169 | 258 | } |
170 | 815 | if (MATCHES(*cur, "ldap_conf=")) { |
171 | 566 | CHECK(*cur, "ldap_conf="); |
172 | 447 | ctx->settings.ldap_conf = *cur + sizeof("ldap_conf=") - 1; |
173 | 447 | continue; |
174 | 566 | } |
175 | 249 | if (MATCHES(*cur, "ldap_secret=")) { |
176 | 249 | CHECK(*cur, "ldap_secret="); |
177 | 233 | ctx->settings.ldap_secret = *cur + sizeof("ldap_secret=") - 1; |
178 | 233 | continue; |
179 | 249 | } |
180 | 249 | } |
181 | 1.09k | } |
182 | 25.2k | ctx->parser_conf.sudoers_path = path_sudoers; |
183 | | |
184 | | /* Parse command line settings. */ |
185 | 25.2k | ctx->settings.flags = 0; |
186 | 25.2k | ctx->user.closefrom = -1; |
187 | 25.2k | ctx->sudoedit_nfiles = 0; |
188 | 25.2k | ctx->mode = 0; |
189 | 1.42M | for (cur = info->settings; *cur != NULL; cur++) { |
190 | 1.39M | if (MATCHES(*cur, "closefrom=")) { |
191 | 1.06k | p = *cur + sizeof("closefrom=") - 1; |
192 | 1.06k | ctx->user.closefrom = (int)sudo_strtonum(p, 3, INT_MAX, &errstr); |
193 | 1.06k | if (ctx->user.closefrom == 0) { |
194 | 2 | sudo_warnx(U_("%s: %s"), *cur, U_(errstr)); |
195 | 2 | goto bad; |
196 | 2 | } |
197 | 1.06k | continue; |
198 | 1.06k | } |
199 | 1.39M | if (MATCHES(*cur, "cmnd_chroot=")) { |
200 | 301 | CHECK(*cur, "cmnd_chroot="); |
201 | 300 | ctx->runas.chroot = *cur + sizeof("cmnd_chroot=") - 1; |
202 | 300 | if (strlen(ctx->runas.chroot) >= PATH_MAX) { |
203 | 3 | sudo_warnx(U_("path name for \"%s\" too long"), "cmnd_chroot"); |
204 | 3 | goto bad; |
205 | 3 | } |
206 | 297 | continue; |
207 | 300 | } |
208 | 1.39M | if (MATCHES(*cur, "cmnd_cwd=")) { |
209 | 259 | CHECK(*cur, "cmnd_cwd="); |
210 | 257 | ctx->runas.cwd = *cur + sizeof("cmnd_cwd=") - 1; |
211 | 257 | if (strlen(ctx->runas.cwd) >= PATH_MAX) { |
212 | 7 | sudo_warnx(U_("path name for \"%s\" too long"), "cmnd_cwd"); |
213 | 7 | goto bad; |
214 | 7 | } |
215 | 250 | continue; |
216 | 257 | } |
217 | 1.39M | if (MATCHES(*cur, "runas_user=")) { |
218 | 947 | CHECK(*cur, "runas_user="); |
219 | 946 | ctx->runas.user = *cur + sizeof("runas_user=") - 1; |
220 | 946 | SET(ctx->settings.flags, RUNAS_USER_SPECIFIED); |
221 | 946 | continue; |
222 | 947 | } |
223 | 1.39M | if (MATCHES(*cur, "runas_group=")) { |
224 | 818 | CHECK(*cur, "runas_group="); |
225 | 817 | ctx->runas.group = *cur + sizeof("runas_group=") - 1; |
226 | 817 | SET(ctx->settings.flags, RUNAS_GROUP_SPECIFIED); |
227 | 817 | continue; |
228 | 818 | } |
229 | 1.39M | if (MATCHES(*cur, "prompt=")) { |
230 | | /* Allow empty prompt. */ |
231 | 17.9k | ctx->user.prompt = *cur + sizeof("prompt=") - 1; |
232 | 17.9k | if (!append_default("passprompt_override", NULL, true, NULL, defaults)) |
233 | 0 | goto oom; |
234 | 17.9k | continue; |
235 | 17.9k | } |
236 | 1.37M | if (MATCHES(*cur, "set_home=")) { |
237 | 561 | if (parse_bool(*cur, sizeof("set_home") - 1, &flags, |
238 | 561 | MODE_RESET_HOME) == -1) |
239 | 3 | goto bad; |
240 | 558 | continue; |
241 | 561 | } |
242 | 1.37M | if (MATCHES(*cur, "preserve_environment=")) { |
243 | 431 | if (parse_bool(*cur, sizeof("preserve_environment") - 1, &flags, |
244 | 431 | MODE_PRESERVE_ENV) == -1) |
245 | 1 | goto bad; |
246 | 430 | continue; |
247 | 431 | } |
248 | 1.37M | if (MATCHES(*cur, "run_shell=")) { |
249 | 1.85k | if (parse_bool(*cur, sizeof("run_shell") -1, &flags, |
250 | 1.85k | MODE_SHELL) == -1) |
251 | 2 | goto bad; |
252 | 1.84k | continue; |
253 | 1.85k | } |
254 | 1.37M | if (MATCHES(*cur, "login_shell=")) { |
255 | 973 | if (parse_bool(*cur, sizeof("login_shell") - 1, &flags, |
256 | 973 | MODE_LOGIN_SHELL) == -1) |
257 | 1 | goto bad; |
258 | 972 | continue; |
259 | 973 | } |
260 | 1.37M | if (MATCHES(*cur, "implied_shell=")) { |
261 | 521 | if (parse_bool(*cur, sizeof("implied_shell") - 1, &flags, |
262 | 521 | MODE_IMPLIED_SHELL) == -1) |
263 | 1 | goto bad; |
264 | 520 | continue; |
265 | 521 | } |
266 | 1.37M | if (MATCHES(*cur, "preserve_groups=")) { |
267 | 513 | if (parse_bool(*cur, sizeof("preserve_groups") - 1, &flags, |
268 | 513 | MODE_PRESERVE_GROUPS) == -1) |
269 | 1 | goto bad; |
270 | 512 | continue; |
271 | 513 | } |
272 | 1.37M | if (MATCHES(*cur, "ignore_ticket=")) { |
273 | 212 | if (parse_bool(*cur, sizeof("ignore_ticket") -1, &flags, |
274 | 212 | MODE_IGNORE_TICKET) == -1) |
275 | 1 | goto bad; |
276 | 211 | continue; |
277 | 212 | } |
278 | 1.37M | if (MATCHES(*cur, "update_ticket=")) { |
279 | 502 | if (parse_bool(*cur, sizeof("update_ticket") -1, &flags, |
280 | 502 | MODE_UPDATE_TICKET) == -1) |
281 | 1 | goto bad; |
282 | 501 | continue; |
283 | 502 | } |
284 | 1.37M | if (MATCHES(*cur, "noninteractive=")) { |
285 | 212 | if (parse_bool(*cur, sizeof("noninteractive") - 1, &flags, |
286 | 212 | MODE_NONINTERACTIVE) == -1) |
287 | 1 | goto bad; |
288 | 211 | continue; |
289 | 212 | } |
290 | 1.37M | if (MATCHES(*cur, "sudoedit=")) { |
291 | 1.91k | if (parse_bool(*cur, sizeof("sudoedit") - 1, &flags, |
292 | 1.91k | MODE_EDIT) == -1) |
293 | 10 | goto bad; |
294 | 1.90k | continue; |
295 | 1.91k | } |
296 | 1.36M | if (MATCHES(*cur, "login_class=")) { |
297 | 400 | CHECK(*cur, "login_class="); |
298 | 399 | ctx->runas.class = *cur + sizeof("login_class=") - 1; |
299 | 399 | if (!append_default("use_loginclass", NULL, true, NULL, defaults)) |
300 | 0 | goto oom; |
301 | 399 | continue; |
302 | 399 | } |
303 | 1.36M | if (MATCHES(*cur, "intercept_ptrace=")) { |
304 | 250 | if (parse_bool(*cur, sizeof("intercept_ptrace") - 1, &ctx->settings.flags, |
305 | 250 | HAVE_INTERCEPT_PTRACE) == -1) |
306 | 1 | goto bad; |
307 | 249 | continue; |
308 | 250 | } |
309 | 1.36M | if (MATCHES(*cur, "intercept_setid=")) { |
310 | 232 | if (parse_bool(*cur, sizeof("intercept_setid") - 1, &ctx->settings.flags, |
311 | 232 | CAN_INTERCEPT_SETID) == -1) |
312 | 1 | goto bad; |
313 | 231 | continue; |
314 | 232 | } |
315 | 1.36M | if (MATCHES(*cur, "selinux_role=")) { |
316 | 218 | CHECK(*cur, "selinux_role="); |
317 | 217 | free(ctx->runas.role); |
318 | 217 | ctx->runas.role = strdup(*cur + sizeof("selinux_role=") - 1); |
319 | 217 | if (ctx->runas.role == NULL) |
320 | 0 | goto oom; |
321 | 217 | continue; |
322 | 217 | } |
323 | 1.36M | if (MATCHES(*cur, "selinux_type=")) { |
324 | 233 | CHECK(*cur, "selinux_type="); |
325 | 232 | free(ctx->runas.type); |
326 | 232 | ctx->runas.type = strdup(*cur + sizeof("selinux_type=") - 1); |
327 | 232 | if (ctx->runas.type == NULL) |
328 | 0 | goto oom; |
329 | 232 | continue; |
330 | 232 | } |
331 | | #ifdef HAVE_BSD_AUTH_H |
332 | | if (MATCHES(*cur, "bsdauth_type=")) { |
333 | | CHECK(*cur, "bsdauth_type="); |
334 | | p = *cur + sizeof("bsdauth_type=") - 1; |
335 | | bsdauth_set_style(p); |
336 | | continue; |
337 | | } |
338 | | #endif /* HAVE_BSD_AUTH_H */ |
339 | 1.36M | if (MATCHES(*cur, "network_addrs=")) { |
340 | 511 | interfaces_string = *cur + sizeof("network_addrs=") - 1; |
341 | 511 | if (!set_interfaces(interfaces_string)) { |
342 | 0 | sudo_warn("%s", U_("unable to parse network address list")); |
343 | 0 | goto bad; |
344 | 0 | } |
345 | 511 | continue; |
346 | 511 | } |
347 | 1.36M | if (MATCHES(*cur, "max_groups=")) { |
348 | 253 | int max_groups; |
349 | 253 | p = *cur + sizeof("max_groups=") - 1; |
350 | 253 | max_groups = (int)sudo_strtonum(p, 1, 1024, &errstr); |
351 | 253 | if (max_groups == 0) { |
352 | 5 | sudo_warnx(U_("%s: %s"), *cur, U_(errstr)); |
353 | 5 | goto bad; |
354 | 5 | } |
355 | 248 | sudo_pwutil_set_max_groups(max_groups); |
356 | 248 | continue; |
357 | 253 | } |
358 | 1.36M | if (MATCHES(*cur, "remote_host=")) { |
359 | 1.68k | CHECK(*cur, "remote_host="); |
360 | 1.68k | remhost = *cur + sizeof("remote_host=") - 1; |
361 | 1.68k | continue; |
362 | 1.68k | } |
363 | 1.36M | if (MATCHES(*cur, "timeout=")) { |
364 | 1.44k | p = *cur + sizeof("timeout=") - 1; |
365 | 1.44k | ctx->user.timeout = parse_timeout(p); |
366 | 1.44k | if (ctx->user.timeout == -1) { |
367 | 184 | if (errno == ERANGE) |
368 | 162 | sudo_warnx(U_("%s: %s"), p, U_("timeout value too large")); |
369 | 22 | else |
370 | 22 | sudo_warnx(U_("%s: %s"), p, U_("invalid timeout value")); |
371 | 184 | goto bad; |
372 | 184 | } |
373 | 1.26k | continue; |
374 | 1.44k | } |
375 | 1.36M | if (MATCHES(*cur, "askpass=")) { |
376 | 2.12k | if (parse_bool(*cur, sizeof("askpass") - 1, &flags, |
377 | 2.12k | MODE_ASKPASS) == -1) |
378 | 210 | goto bad; |
379 | 1.91k | continue; |
380 | 2.12k | } |
381 | | #ifdef ENABLE_SUDO_PLUGIN_API |
382 | | if (MATCHES(*cur, "plugin_dir=")) { |
383 | | CHECK(*cur, "plugin_dir="); |
384 | | ctx->settings.plugin_dir = *cur + sizeof("plugin_dir=") - 1; |
385 | | continue; |
386 | | } |
387 | | #endif |
388 | 1.36M | } |
389 | | /* Ignore ticket trumps update. */ |
390 | 24.8k | if (ISSET(flags, MODE_IGNORE_TICKET)) |
391 | 23 | CLR(flags, MODE_UPDATE_TICKET); |
392 | | |
393 | 24.8k | ctx->user.gid = (gid_t)-1; |
394 | 24.8k | ctx->user.uid = (gid_t)-1; |
395 | 24.8k | ctx->user.umask = (mode_t)-1; |
396 | 24.8k | ctx->user.ttydev = NODEV; |
397 | 162k | for (cur = info->user_info; *cur != NULL; cur++) { |
398 | 138k | if (MATCHES(*cur, "user=")) { |
399 | 28.3k | CHECK(*cur, "user="); |
400 | 28.3k | free(ctx->user.name); |
401 | 28.3k | if ((ctx->user.name = strdup(*cur + sizeof("user=") - 1)) == NULL) |
402 | 0 | goto oom; |
403 | 28.3k | continue; |
404 | 28.3k | } |
405 | 110k | if (MATCHES(*cur, "euid=")) { |
406 | 0 | p = *cur + sizeof("euid=") - 1; |
407 | 0 | ctx->user.euid = (uid_t) sudo_strtoid(p, &errstr); |
408 | 0 | if (errstr != NULL) { |
409 | 0 | sudo_warnx(U_("%s: %s"), *cur, U_(errstr)); |
410 | 0 | goto bad; |
411 | 0 | } |
412 | 0 | continue; |
413 | 0 | } |
414 | 110k | if (MATCHES(*cur, "uid=")) { |
415 | 29.2k | p = *cur + sizeof("uid=") - 1; |
416 | 29.2k | ctx->user.uid = (uid_t) sudo_strtoid(p, &errstr); |
417 | 29.2k | if (errstr != NULL) { |
418 | 45 | sudo_warnx(U_("%s: %s"), *cur, U_(errstr)); |
419 | 45 | goto bad; |
420 | 45 | } |
421 | 29.2k | continue; |
422 | 29.2k | } |
423 | 81.0k | if (MATCHES(*cur, "egid=")) { |
424 | 0 | p = *cur + sizeof("egid=") - 1; |
425 | 0 | ctx->user.egid = (gid_t) sudo_strtoid(p, &errstr); |
426 | 0 | if (errstr != NULL) { |
427 | 0 | sudo_warnx(U_("%s: %s"), *cur, U_(errstr)); |
428 | 0 | goto bad; |
429 | 0 | } |
430 | 0 | continue; |
431 | 0 | } |
432 | 81.0k | if (MATCHES(*cur, "gid=")) { |
433 | 33.7k | p = *cur + sizeof("gid=") - 1; |
434 | 33.7k | ctx->user.gid = (gid_t) sudo_strtoid(p, &errstr); |
435 | 33.7k | if (errstr != NULL) { |
436 | 83 | sudo_warnx(U_("%s: %s"), *cur, U_(errstr)); |
437 | 83 | goto bad; |
438 | 83 | } |
439 | 33.7k | continue; |
440 | 33.7k | } |
441 | 47.2k | if (MATCHES(*cur, "groups=")) { |
442 | 1.27k | CHECK(*cur, "groups="); |
443 | 1.26k | groups = *cur + sizeof("groups=") - 1; |
444 | 1.26k | continue; |
445 | 1.27k | } |
446 | 45.9k | if (MATCHES(*cur, "cwd=")) { |
447 | 1.50k | CHECK(*cur, "cwd="); |
448 | 1.49k | free(ctx->user.cwd); |
449 | 1.49k | if ((ctx->user.cwd = strdup(*cur + sizeof("cwd=") - 1)) == NULL) |
450 | 0 | goto oom; |
451 | 1.49k | continue; |
452 | 1.49k | } |
453 | 44.4k | if (MATCHES(*cur, "tty=")) { |
454 | 981 | CHECK(*cur, "tty="); |
455 | 973 | free(ctx->user.ttypath); |
456 | 973 | if ((ctx->user.ttypath = strdup(*cur + sizeof("tty=") - 1)) == NULL) |
457 | 0 | goto oom; |
458 | 973 | ctx->user.tty = ctx->user.ttypath; |
459 | 973 | if (strncmp(ctx->user.tty, _PATH_DEV, sizeof(_PATH_DEV) - 1) == 0) |
460 | 260 | ctx->user.tty += sizeof(_PATH_DEV) - 1; |
461 | 973 | continue; |
462 | 973 | } |
463 | 43.4k | if (MATCHES(*cur, "ttydev=")) { |
464 | 0 | long long llval; |
465 | | |
466 | | /* |
467 | | * dev_t can be signed or unsigned. The front-end formats it |
468 | | * as long long (signed). We allow the full range of values |
469 | | * which should work with either signed or unsigned dev_t. |
470 | | */ |
471 | 0 | p = *cur + sizeof("ttydev=") - 1; |
472 | 0 | llval = sudo_strtonum(p, LLONG_MIN, LLONG_MAX, &errstr); |
473 | 0 | if (errstr != NULL) { |
474 | | /* Front end bug? Not a fatal error. */ |
475 | 0 | INVALID("ttydev="); |
476 | 0 | continue; |
477 | 0 | } |
478 | 0 | ctx->user.ttydev = (dev_t)llval; |
479 | 0 | continue; |
480 | 0 | } |
481 | 43.4k | if (MATCHES(*cur, "host=")) { |
482 | 40.4k | CHECK(*cur, "host="); |
483 | 40.4k | host = *cur + sizeof("host=") - 1; |
484 | 40.4k | continue; |
485 | 40.4k | } |
486 | 3.03k | if (MATCHES(*cur, "lines=")) { |
487 | 468 | p = *cur + sizeof("lines=") - 1; |
488 | 468 | ctx->user.lines = (int)sudo_strtonum(p, 1, INT_MAX, &errstr); |
489 | 468 | if (ctx->user.lines == 0) { |
490 | 9 | sudo_warnx(U_("%s: %s"), *cur, U_(errstr)); |
491 | 9 | goto bad; |
492 | 9 | } |
493 | 459 | continue; |
494 | 468 | } |
495 | 2.57k | if (MATCHES(*cur, "cols=")) { |
496 | 669 | p = *cur + sizeof("cols=") - 1; |
497 | 669 | ctx->user.cols = (int)sudo_strtonum(p, 1, INT_MAX, &errstr); |
498 | 669 | if (ctx->user.cols == 0) { |
499 | 35 | sudo_warnx(U_("%s: %s"), *cur, U_(errstr)); |
500 | 35 | goto bad; |
501 | 35 | } |
502 | 634 | continue; |
503 | 669 | } |
504 | 1.90k | if (MATCHES(*cur, "pid=")) { |
505 | 0 | p = *cur + sizeof("pid=") - 1; |
506 | 0 | ctx->user.pid = (pid_t) sudo_strtoid(p, &errstr); |
507 | 0 | if (errstr != NULL) { |
508 | 0 | sudo_warnx(U_("%s: %s"), *cur, U_(errstr)); |
509 | 0 | goto bad; |
510 | 0 | } |
511 | 0 | continue; |
512 | 0 | } |
513 | 1.90k | if (MATCHES(*cur, "ppid=")) { |
514 | 0 | p = *cur + sizeof("ppid=") - 1; |
515 | 0 | ctx->user.ppid = (pid_t) sudo_strtoid(p, &errstr); |
516 | 0 | if (errstr != NULL) { |
517 | 0 | sudo_warnx(U_("%s: %s"), *cur, U_(errstr)); |
518 | 0 | goto bad; |
519 | 0 | } |
520 | 0 | continue; |
521 | 0 | } |
522 | 1.90k | if (MATCHES(*cur, "sid=")) { |
523 | 540 | p = *cur + sizeof("sid=") - 1; |
524 | 540 | ctx->user.sid = (pid_t) sudo_strtoid(p, &errstr); |
525 | 540 | if (errstr != NULL) { |
526 | 15 | sudo_warnx(U_("%s: %s"), *cur, U_(errstr)); |
527 | 15 | goto bad; |
528 | 15 | } |
529 | 525 | continue; |
530 | 540 | } |
531 | 1.36k | if (MATCHES(*cur, "tcpgid=")) { |
532 | 0 | p = *cur + sizeof("tcpgid=") - 1; |
533 | 0 | ctx->user.tcpgid = (pid_t) sudo_strtoid(p, &errstr); |
534 | 0 | if (errstr != NULL) { |
535 | 0 | sudo_warnx(U_("%s: %s"), *cur, U_(errstr)); |
536 | 0 | goto bad; |
537 | 0 | } |
538 | 0 | continue; |
539 | 0 | } |
540 | 1.36k | if (MATCHES(*cur, "umask=")) { |
541 | 956 | p = *cur + sizeof("umask=") - 1; |
542 | 956 | ctx->user.umask = sudo_strtomode(p, &errstr); |
543 | 956 | if (errstr != NULL) { |
544 | 174 | sudo_warnx(U_("%s: %s"), *cur, U_(errstr)); |
545 | 174 | goto bad; |
546 | 174 | } |
547 | 782 | continue; |
548 | 956 | } |
549 | 1.36k | } |
550 | | |
551 | | /* User name, user-ID, group-ID and host name must be specified. */ |
552 | 24.3k | if (ctx->user.name == NULL) { |
553 | 4.01k | sudo_warnx("%s", U_("user name not set by sudo front-end")); |
554 | 4.01k | goto bad; |
555 | 4.01k | } |
556 | 20.3k | if (ctx->user.uid == (uid_t)-1) { |
557 | 10 | sudo_warnx("%s", U_("user-ID not set by sudo front-end")); |
558 | 10 | goto bad; |
559 | 10 | } |
560 | 20.3k | if (ctx->user.gid == (gid_t)-1) { |
561 | 56 | sudo_warnx("%s", U_("group-ID not set by sudo front-end")); |
562 | 56 | goto bad; |
563 | 56 | } |
564 | 20.3k | if (host == NULL) { |
565 | 6 | sudo_warnx("%s", U_("host name not set by sudo front-end")); |
566 | 6 | goto bad; |
567 | 6 | } |
568 | | |
569 | 20.2k | if (!sudoers_sethost(ctx, host, remhost)) { |
570 | | /* sudoers_sethost() will print a warning on error. */ |
571 | 0 | goto bad; |
572 | 0 | } |
573 | 20.2k | if (ctx->user.tty == NULL) { |
574 | 19.7k | if ((ctx->user.tty = strdup("unknown")) == NULL) |
575 | 0 | goto oom; |
576 | | /* ctx->user.ttypath remains NULL */ |
577 | 19.7k | } |
578 | | |
579 | 20.2k | ctx->user.pw = sudo_getpwnam(ctx->user.name); |
580 | 20.2k | if (ctx->user.pw != NULL && groups != NULL) { |
581 | | /* sudo_parse_gids() will print a warning on error. */ |
582 | 1.08k | GETGROUPS_T *gids; |
583 | 1.08k | int ngids = sudo_parse_gids(groups, &ctx->user.gid, &gids); |
584 | 1.08k | if (ngids == -1) |
585 | 42 | goto bad; |
586 | | |
587 | | /* sudo_set_gidlist will adopt gids[] */ |
588 | 1.04k | if (sudo_set_gidlist(ctx->user.pw, ngids, gids, NULL, ENTRY_TYPE_FRONTEND) == -1) { |
589 | 0 | free(gids); |
590 | 0 | goto bad; |
591 | 0 | } |
592 | 1.04k | } |
593 | | |
594 | | /* ttydev is only set in user_info[] for API 1.22 and above. */ |
595 | 20.2k | if (ctx->user.ttydev == NODEV && ctx->user.ttypath != NULL) { |
596 | 503 | struct stat sb; |
597 | 503 | if (stat(ctx->user.ttypath, &sb) == 0) |
598 | 141 | ctx->user.ttydev = sb.st_rdev; |
599 | 362 | else |
600 | 362 | sudo_warn("%s", ctx->user.ttypath); |
601 | 503 | } |
602 | | |
603 | | /* umask is only set in user_info[] for API 1.10 and above. */ |
604 | 20.2k | if (ctx->user.umask == (mode_t)-1) { |
605 | 20.0k | ctx->user.umask = umask(0); |
606 | 20.0k | umask(ctx->user.umask); |
607 | 20.0k | } |
608 | | |
609 | | /* Always reset the environment for a login shell. */ |
610 | 20.2k | if (ISSET(flags, MODE_LOGIN_SHELL)) |
611 | 432 | def_env_reset = true; |
612 | | |
613 | | /* Some systems support fexecve() which we use for digest matches. */ |
614 | 20.2k | ctx->runas.execfd = -1; |
615 | | |
616 | | /* Create a UUID to store in the event log. */ |
617 | 20.2k | sudo_uuid_create(uuid); |
618 | 20.2k | if (sudo_uuid_to_string(uuid, ctx->uuid_str, sizeof(ctx->uuid_str)) == NULL) { |
619 | 0 | sudo_warnx("%s", U_("unable to generate UUID")); |
620 | 0 | goto bad; |
621 | 0 | } |
622 | | |
623 | | /* |
624 | | * Set intercept defaults based on flags set above. |
625 | | * We pass -1 as the operator to indicate it is set by the front end. |
626 | | */ |
627 | 20.2k | if (ISSET(ctx->settings.flags, HAVE_INTERCEPT_PTRACE)) { |
628 | 42 | if (!append_default("intercept_type", "trace", -1, NULL, defaults)) |
629 | 0 | goto oom; |
630 | 42 | } |
631 | 20.2k | if (ISSET(ctx->settings.flags, CAN_INTERCEPT_SETID)) { |
632 | 61 | if (!append_default("intercept_allow_setid", NULL, -1, NULL, defaults)) |
633 | 0 | goto oom; |
634 | 61 | } |
635 | | |
636 | | #ifdef NO_ROOT_MAILER |
637 | | eventlog_set_mailuser(ctx->user.uid, ctx->user.gid); |
638 | | #endif |
639 | | |
640 | | /* Dump settings and user info (XXX - plugin args) */ |
641 | 1.02M | for (cur = info->settings; *cur != NULL; cur++) |
642 | 1.00M | sudo_debug_printf(SUDO_DEBUG_INFO, "settings: %s", *cur); |
643 | 157k | for (cur = info->user_info; *cur != NULL; cur++) |
644 | 136k | sudo_debug_printf(SUDO_DEBUG_INFO, "user_info: %s", *cur); |
645 | | |
646 | 20.2k | #undef MATCHES |
647 | 20.2k | #undef INVALID |
648 | 20.2k | #undef CHECK |
649 | 20.2k | debug_return_uint(flags); |
650 | | |
651 | 0 | oom: |
652 | 0 | sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory")); |
653 | 5.21k | bad: |
654 | 5.21k | debug_return_uint(MODE_ERROR); |
655 | 5.21k | } |
656 | | |
657 | | /* |
658 | | * Store the execution environment and other front-end settings. |
659 | | * Builds up the command_info list and sets argv and envp. |
660 | | * Consumes iolog_path if not NULL. |
661 | | * Returns true on success, else false. |
662 | | */ |
663 | | bool |
664 | | sudoers_policy_store_result(struct sudoers_context *ctx, bool accepted, |
665 | | char *argv[], char *envp[], mode_t cmnd_umask, char *iolog_path, void *v) |
666 | 13.4k | { |
667 | 13.4k | struct sudoers_exec_args *exec_args = v; |
668 | 13.4k | unsigned int info_len = 0; |
669 | 13.4k | debug_decl(sudoers_policy_store_result, SUDOERS_DEBUG_PLUGIN); |
670 | | |
671 | 13.4k | if (exec_args == NULL) |
672 | 0 | debug_return_bool(true); /* nothing to do */ |
673 | | |
674 | | /* Free old data, if any. */ |
675 | 13.4k | if (command_info != NULL) { |
676 | 5.71k | char **cur; |
677 | 5.71k | sudoers_gc_remove(GC_VECTOR, command_info); |
678 | 200k | for (cur = command_info; *cur != NULL; cur++) |
679 | 195k | free(*cur); |
680 | 5.71k | free(command_info); |
681 | 5.71k | } |
682 | | |
683 | | /* Increase the length of command_info as needed, it is *not* checked. */ |
684 | 13.4k | command_info = calloc(74, sizeof(char *)); |
685 | 13.4k | if (command_info == NULL) |
686 | 0 | goto oom; |
687 | | |
688 | 13.4k | if (ctx->runas.cmnd != NULL) { |
689 | 12.8k | command_info[info_len] = sudo_new_key_val("command", ctx->runas.cmnd); |
690 | 12.8k | if (command_info[info_len++] == NULL) |
691 | 0 | goto oom; |
692 | 12.8k | } |
693 | 13.4k | if (def_log_subcmds) { |
694 | 0 | if ((command_info[info_len++] = strdup("log_subcmds=true")) == NULL) |
695 | 0 | goto oom; |
696 | 0 | } |
697 | 13.4k | if (iolog_enabled) { |
698 | 13.4k | if (iolog_path) |
699 | 2.63k | command_info[info_len++] = iolog_path; /* now owned */ |
700 | 13.4k | if (def_log_stdin) { |
701 | 13.4k | if ((command_info[info_len++] = strdup("iolog_stdin=true")) == NULL) |
702 | 0 | goto oom; |
703 | 13.4k | } |
704 | 13.4k | if (def_log_stdout) { |
705 | 13.4k | if ((command_info[info_len++] = strdup("iolog_stdout=true")) == NULL) |
706 | 0 | goto oom; |
707 | 13.4k | } |
708 | 13.4k | if (def_log_stderr) { |
709 | 13.4k | if ((command_info[info_len++] = strdup("iolog_stderr=true")) == NULL) |
710 | 0 | goto oom; |
711 | 13.4k | } |
712 | 13.4k | if (def_log_ttyin) { |
713 | 13.4k | if ((command_info[info_len++] = strdup("iolog_ttyin=true")) == NULL) |
714 | 0 | goto oom; |
715 | 13.4k | } |
716 | 13.4k | if (def_log_ttyout) { |
717 | 13.4k | if ((command_info[info_len++] = strdup("iolog_ttyout=true")) == NULL) |
718 | 0 | goto oom; |
719 | 13.4k | } |
720 | 13.4k | if (def_compress_io) { |
721 | 13.4k | if ((command_info[info_len++] = strdup("iolog_compress=true")) == NULL) |
722 | 0 | goto oom; |
723 | 13.4k | } |
724 | 13.4k | if (def_iolog_flush) { |
725 | 13.4k | if ((command_info[info_len++] = strdup("iolog_flush=true")) == NULL) |
726 | 0 | goto oom; |
727 | 13.4k | } |
728 | 13.4k | if ((command_info[info_len++] = sudo_new_key_val("log_passwords", |
729 | 13.4k | def_log_passwords ? "true" : "false")) == NULL) |
730 | 0 | goto oom; |
731 | 13.4k | if (!SLIST_EMPTY(&def_passprompt_regex)) { |
732 | 13.4k | char *passprompt_regex = |
733 | 13.4k | serialize_list("passprompt_regex", &def_passprompt_regex); |
734 | 13.4k | if (passprompt_regex == NULL) |
735 | 0 | goto oom; |
736 | 13.4k | command_info[info_len++] = passprompt_regex; |
737 | 13.4k | } |
738 | 13.4k | if (def_maxseq != NULL) { |
739 | 13.4k | if ((command_info[info_len++] = sudo_new_key_val("maxseq", def_maxseq)) == NULL) |
740 | 0 | goto oom; |
741 | 13.4k | } |
742 | 13.4k | } |
743 | 13.4k | if (ISSET(ctx->mode, MODE_EDIT)) { |
744 | 579 | if ((command_info[info_len++] = strdup("sudoedit=true")) == NULL) |
745 | 0 | goto oom; |
746 | 579 | if (ctx->sudoedit_nfiles > 0) { |
747 | 160 | if (asprintf(&command_info[info_len++], "sudoedit_nfiles=%d", |
748 | 160 | ctx->sudoedit_nfiles) == -1) |
749 | 0 | goto oom; |
750 | 160 | } |
751 | 579 | if (!def_sudoedit_checkdir) { |
752 | 579 | if ((command_info[info_len++] = strdup("sudoedit_checkdir=false")) == NULL) |
753 | 0 | goto oom; |
754 | 579 | } |
755 | 579 | if (def_sudoedit_follow) { |
756 | 579 | if ((command_info[info_len++] = strdup("sudoedit_follow=true")) == NULL) |
757 | 0 | goto oom; |
758 | 579 | } |
759 | 579 | } |
760 | 13.4k | if (def_runcwd && strcmp(def_runcwd, "*") != 0) { |
761 | | /* Set cwd to explicit value (sudoers or user-specified). */ |
762 | 13.4k | if (!expand_tilde(&def_runcwd, ctx->runas.pw->pw_name)) { |
763 | 0 | sudo_warnx(U_("invalid working directory: %s"), def_runcwd); |
764 | 0 | goto bad; |
765 | 0 | } |
766 | 13.4k | if ((command_info[info_len++] = sudo_new_key_val("cwd", def_runcwd)) == NULL) |
767 | 0 | goto oom; |
768 | 13.4k | } else if (ISSET(ctx->mode, MODE_LOGIN_SHELL)) { |
769 | | /* Set cwd to run user's homedir. */ |
770 | 0 | if ((command_info[info_len++] = sudo_new_key_val("cwd", ctx->runas.pw->pw_dir)) == NULL) |
771 | 0 | goto oom; |
772 | 0 | if ((command_info[info_len++] = strdup("cwd_optional=true")) == NULL) |
773 | 0 | goto oom; |
774 | 0 | } |
775 | 13.4k | if ((command_info[info_len++] = sudo_new_key_val("runas_user", ctx->runas.pw->pw_name)) == NULL) |
776 | 0 | goto oom; |
777 | 13.4k | if (ctx->runas.gr != NULL) { |
778 | 326 | if ((command_info[info_len++] = sudo_new_key_val("runas_group", ctx->runas.gr->gr_name)) == NULL) |
779 | 0 | goto oom; |
780 | 326 | } |
781 | 13.4k | if (def_stay_setuid) { |
782 | 0 | if (asprintf(&command_info[info_len++], "runas_uid=%u", |
783 | 0 | (unsigned int)ctx->user.uid) == -1) |
784 | 0 | goto oom; |
785 | 0 | if (asprintf(&command_info[info_len++], "runas_gid=%u", |
786 | 0 | (unsigned int)ctx->user.gid) == -1) |
787 | 0 | goto oom; |
788 | 0 | if (asprintf(&command_info[info_len++], "runas_euid=%u", |
789 | 0 | (unsigned int)ctx->runas.pw->pw_uid) == -1) |
790 | 0 | goto oom; |
791 | 0 | if (asprintf(&command_info[info_len++], "runas_egid=%u", |
792 | 0 | ctx->runas.gr ? (unsigned int)ctx->runas.gr->gr_gid : |
793 | 0 | (unsigned int)ctx->runas.pw->pw_gid) == -1) |
794 | 0 | goto oom; |
795 | 13.4k | } else { |
796 | 13.4k | if (asprintf(&command_info[info_len++], "runas_uid=%u", |
797 | 13.4k | (unsigned int)ctx->runas.pw->pw_uid) == -1) |
798 | 0 | goto oom; |
799 | 13.4k | if (asprintf(&command_info[info_len++], "runas_gid=%u", |
800 | 13.4k | ctx->runas.gr ? (unsigned int)ctx->runas.gr->gr_gid : |
801 | 13.4k | (unsigned int)ctx->runas.pw->pw_gid) == -1) |
802 | 0 | goto oom; |
803 | 13.4k | } |
804 | 13.4k | if (def_preserve_groups) { |
805 | 39 | if ((command_info[info_len++] = strdup("preserve_groups=true")) == NULL) |
806 | 0 | goto oom; |
807 | 13.3k | } else { |
808 | 13.3k | int i, len; |
809 | 13.3k | gid_t egid; |
810 | 13.3k | size_t glsize; |
811 | 13.3k | char *cp, *gid_list; |
812 | 13.3k | struct gid_list *gidlist; |
813 | | |
814 | | /* Only use results from a group db query, not the front end. */ |
815 | 13.3k | gidlist = sudo_get_gidlist(ctx->runas.pw, ENTRY_TYPE_QUERIED); |
816 | | |
817 | | /* We reserve an extra spot in the list for the effective gid. */ |
818 | 13.3k | glsize = sizeof("runas_groups=") - 1 + |
819 | 13.3k | (((size_t)gidlist->ngids + 1) * (STRLEN_MAX_UNSIGNED(gid_t) + 1)); |
820 | 13.3k | gid_list = malloc(glsize); |
821 | 13.3k | if (gid_list == NULL) { |
822 | 0 | sudo_gidlist_delref(gidlist); |
823 | 0 | goto oom; |
824 | 0 | } |
825 | 13.3k | memcpy(gid_list, "runas_groups=", sizeof("runas_groups=") - 1); |
826 | 13.3k | cp = gid_list + sizeof("runas_groups=") - 1; |
827 | 13.3k | glsize -= (size_t)(cp - gid_list); |
828 | | |
829 | | /* On BSD systems the effective gid is the first group in the list. */ |
830 | 13.3k | egid = ctx->runas.gr ? (unsigned int)ctx->runas.gr->gr_gid : |
831 | 13.3k | (unsigned int)ctx->runas.pw->pw_gid; |
832 | 13.3k | len = snprintf(cp, glsize, "%u", (unsigned int)egid); |
833 | 13.3k | if (len < 0 || (size_t)len >= glsize) { |
834 | 0 | sudo_warnx(U_("internal error, %s overflow"), __func__); |
835 | 0 | free(gid_list); |
836 | 0 | sudo_gidlist_delref(gidlist); |
837 | 0 | goto bad; |
838 | 0 | } |
839 | 13.3k | cp += len; |
840 | 13.3k | glsize -= (size_t)len; |
841 | 26.7k | for (i = 0; i < gidlist->ngids; i++) { |
842 | 13.3k | if (gidlist->gids[i] != egid) { |
843 | 326 | len = snprintf(cp, glsize, ",%u", |
844 | 326 | (unsigned int)gidlist->gids[i]); |
845 | 326 | if (len < 0 || (size_t)len >= glsize) { |
846 | 0 | sudo_warnx(U_("internal error, %s overflow"), __func__); |
847 | 0 | free(gid_list); |
848 | 0 | sudo_gidlist_delref(gidlist); |
849 | 0 | goto bad; |
850 | 0 | } |
851 | 326 | cp += len; |
852 | 326 | glsize -= (size_t)len; |
853 | 326 | } |
854 | 13.3k | } |
855 | 13.3k | command_info[info_len++] = gid_list; |
856 | 13.3k | sudo_gidlist_delref(gidlist); |
857 | 13.3k | } |
858 | 13.4k | if (def_closefrom >= 0) { |
859 | 13.4k | if (asprintf(&command_info[info_len++], "closefrom=%d", def_closefrom) == -1) |
860 | 0 | goto oom; |
861 | 13.4k | } |
862 | 13.4k | if (def_ignore_iolog_errors) { |
863 | 13.4k | if ((command_info[info_len++] = strdup("ignore_iolog_errors=true")) == NULL) |
864 | 0 | goto oom; |
865 | 13.4k | } |
866 | 13.4k | if (def_intercept) { |
867 | 0 | if ((command_info[info_len++] = strdup("intercept=true")) == NULL) |
868 | 0 | goto oom; |
869 | 0 | } |
870 | 13.4k | if (def_intercept_type == trace) { |
871 | 12 | if ((command_info[info_len++] = strdup("use_ptrace=true")) == NULL) |
872 | 0 | goto oom; |
873 | 12 | } |
874 | 13.4k | if (def_intercept_verify) { |
875 | 13.4k | if ((command_info[info_len++] = strdup("intercept_verify=true")) == NULL) |
876 | 0 | goto oom; |
877 | 13.4k | } |
878 | 13.4k | if (def_noexec) { |
879 | 13.4k | if ((command_info[info_len++] = strdup("noexec=true")) == NULL) |
880 | 0 | goto oom; |
881 | 13.4k | } |
882 | 13.4k | if (def_exec_background) { |
883 | 13.4k | if ((command_info[info_len++] = strdup("exec_background=true")) == NULL) |
884 | 0 | goto oom; |
885 | 13.4k | } |
886 | 13.4k | if (def_set_utmp) { |
887 | 13.4k | if ((command_info[info_len++] = strdup("set_utmp=true")) == NULL) |
888 | 0 | goto oom; |
889 | 13.4k | } |
890 | 13.4k | if (def_use_pty) { |
891 | 13.4k | if ((command_info[info_len++] = strdup("use_pty=true")) == NULL) |
892 | 0 | goto oom; |
893 | 13.4k | } |
894 | 13.4k | if (def_utmp_runas) { |
895 | 13.4k | if ((command_info[info_len++] = sudo_new_key_val("utmp_user", ctx->runas.pw->pw_name)) == NULL) |
896 | 0 | goto oom; |
897 | 13.4k | } |
898 | 13.4k | if (def_iolog_mode != (S_IRUSR|S_IWUSR)) { |
899 | 13.4k | if (asprintf(&command_info[info_len++], "iolog_mode=0%o", (unsigned int)def_iolog_mode) == -1) |
900 | 0 | goto oom; |
901 | 13.4k | } |
902 | 13.4k | if (def_iolog_user != NULL) { |
903 | 0 | if ((command_info[info_len++] = sudo_new_key_val("iolog_user", def_iolog_user)) == NULL) |
904 | 0 | goto oom; |
905 | 0 | } |
906 | 13.4k | if (def_iolog_group != NULL) { |
907 | 0 | if ((command_info[info_len++] = sudo_new_key_val("iolog_group", def_iolog_group)) == NULL) |
908 | 0 | goto oom; |
909 | 0 | } |
910 | 13.4k | if (!SLIST_EMPTY(&def_log_servers)) { |
911 | 9.53k | char *log_servers = serialize_list("log_servers", &def_log_servers); |
912 | 9.53k | if (log_servers == NULL) |
913 | 0 | goto oom; |
914 | 9.53k | command_info[info_len++] = log_servers; |
915 | | |
916 | 9.53k | if (asprintf(&command_info[info_len++], "log_server_timeout=%u", def_log_server_timeout) == -1) |
917 | 0 | goto oom; |
918 | 9.53k | } |
919 | | |
920 | 13.4k | if ((command_info[info_len++] = sudo_new_key_val("log_server_keepalive", |
921 | 13.4k | def_log_server_keepalive ? "true" : "false")) == NULL) |
922 | 0 | goto oom; |
923 | | |
924 | 13.4k | if ((command_info[info_len++] = sudo_new_key_val("log_server_verify", |
925 | 13.4k | def_log_server_verify ? "true" : "false")) == NULL) |
926 | 0 | goto oom; |
927 | | |
928 | 13.4k | if (def_log_server_cabundle != NULL) { |
929 | 9.53k | if ((command_info[info_len++] = sudo_new_key_val("log_server_cabundle", def_log_server_cabundle)) == NULL) |
930 | 0 | goto oom; |
931 | 9.53k | } |
932 | 13.4k | if (def_log_server_peer_cert != NULL) { |
933 | 9.53k | if ((command_info[info_len++] = sudo_new_key_val("log_server_peer_cert", def_log_server_peer_cert)) == NULL) |
934 | 0 | goto oom; |
935 | 9.53k | } |
936 | 13.4k | if (def_log_server_peer_key != NULL) { |
937 | 9.53k | if ((command_info[info_len++] = sudo_new_key_val("log_server_peer_key", def_log_server_peer_key)) == NULL) |
938 | 0 | goto oom; |
939 | 9.53k | } |
940 | | |
941 | 13.4k | if (def_command_timeout > 0 || ctx->user.timeout > 0) { |
942 | 427 | int timeout = ctx->user.timeout; |
943 | 427 | if (timeout == 0 || (def_command_timeout > 0 && def_command_timeout < timeout)) |
944 | 0 | timeout = def_command_timeout; |
945 | 427 | if (asprintf(&command_info[info_len++], "timeout=%u", timeout) == -1) |
946 | 0 | goto oom; |
947 | 427 | } |
948 | 13.4k | if (def_runchroot != NULL && strcmp(def_runchroot, "*") != 0) { |
949 | 13.4k | if (!expand_tilde(&def_runchroot, ctx->runas.pw->pw_name)) { |
950 | 0 | sudo_warnx(U_("invalid chroot directory: %s"), def_runchroot); |
951 | 0 | goto bad; |
952 | 0 | } |
953 | 13.4k | if ((command_info[info_len++] = sudo_new_key_val("chroot", def_runchroot)) == NULL) |
954 | 0 | goto oom; |
955 | 13.4k | } |
956 | 13.4k | if (cmnd_umask != ACCESSPERMS) { |
957 | 5.26k | if (asprintf(&command_info[info_len++], "umask=0%o", (unsigned int)cmnd_umask) == -1) |
958 | 0 | goto oom; |
959 | 5.26k | } |
960 | 13.4k | if (sudoers_override_umask()) { |
961 | 13.4k | if ((command_info[info_len++] = strdup("umask_override=true")) == NULL) |
962 | 0 | goto oom; |
963 | 13.4k | } |
964 | 13.4k | if (ctx->runas.execfd != -1) { |
965 | 0 | if (sudo_version < SUDO_API_MKVERSION(1, 9)) { |
966 | | /* execfd only supported by plugin API 1.9 and higher */ |
967 | 0 | close(ctx->runas.execfd); |
968 | 0 | ctx->runas.execfd = -1; |
969 | 0 | } else { |
970 | 0 | if (asprintf(&command_info[info_len++], "execfd=%d", ctx->runas.execfd) == -1) |
971 | 0 | goto oom; |
972 | 0 | } |
973 | 0 | } |
974 | 13.4k | if (def_rlimit_as != NULL) { |
975 | 0 | if ((command_info[info_len++] = sudo_new_key_val("rlimit_as", def_rlimit_as)) == NULL) |
976 | 0 | goto oom; |
977 | 0 | } |
978 | 13.4k | if (def_rlimit_core != NULL) { |
979 | 13.4k | if ((command_info[info_len++] = sudo_new_key_val("rlimit_core", def_rlimit_core)) == NULL) |
980 | 0 | goto oom; |
981 | 13.4k | } |
982 | 13.4k | if (def_rlimit_cpu != NULL) { |
983 | 0 | if ((command_info[info_len++] = sudo_new_key_val("rlimit_cpu", def_rlimit_cpu)) == NULL) |
984 | 0 | goto oom; |
985 | 0 | } |
986 | 13.4k | if (def_rlimit_data != NULL) { |
987 | 0 | if ((command_info[info_len++] = sudo_new_key_val("rlimit_data", def_rlimit_data)) == NULL) |
988 | 0 | goto oom; |
989 | 0 | } |
990 | 13.4k | if (def_rlimit_fsize != NULL) { |
991 | 0 | if ((command_info[info_len++] = sudo_new_key_val("rlimit_fsize", def_rlimit_fsize)) == NULL) |
992 | 0 | goto oom; |
993 | 0 | } |
994 | 13.4k | if (def_rlimit_locks != NULL) { |
995 | 0 | if ((command_info[info_len++] = sudo_new_key_val("rlimit_locks", def_rlimit_locks)) == NULL) |
996 | 0 | goto oom; |
997 | 0 | } |
998 | 13.4k | if (def_rlimit_memlock != NULL) { |
999 | 0 | if ((command_info[info_len++] = sudo_new_key_val("rlimit_memlock", def_rlimit_memlock)) == NULL) |
1000 | 0 | goto oom; |
1001 | 0 | } |
1002 | 13.4k | if (def_rlimit_nofile != NULL) { |
1003 | 0 | if ((command_info[info_len++] = sudo_new_key_val("rlimit_nofile", def_rlimit_nofile)) == NULL) |
1004 | 0 | goto oom; |
1005 | 0 | } |
1006 | 13.4k | if (def_rlimit_nproc != NULL) { |
1007 | 0 | if ((command_info[info_len++] = sudo_new_key_val("rlimit_nproc", def_rlimit_nproc)) == NULL) |
1008 | 0 | goto oom; |
1009 | 0 | } |
1010 | 13.4k | if (def_rlimit_rss != NULL) { |
1011 | 0 | if ((command_info[info_len++] = sudo_new_key_val("rlimit_rss", def_rlimit_rss)) == NULL) |
1012 | 0 | goto oom; |
1013 | 0 | } |
1014 | 13.4k | if (def_rlimit_stack != NULL) { |
1015 | 0 | if ((command_info[info_len++] = sudo_new_key_val("rlimit_stack", def_rlimit_stack)) == NULL) |
1016 | 0 | goto oom; |
1017 | 0 | } |
1018 | 13.4k | if (ctx->source != NULL) { |
1019 | 0 | command_info[info_len] = sudo_new_key_val("source", ctx->source); |
1020 | 0 | if (command_info[info_len++] == NULL) |
1021 | 0 | goto oom; |
1022 | 0 | } |
1023 | | #ifdef HAVE_LOGIN_CAP_H |
1024 | | if (def_use_loginclass) { |
1025 | | if ((command_info[info_len++] = sudo_new_key_val("login_class", ctx->runas.class)) == NULL) |
1026 | | goto oom; |
1027 | | } |
1028 | | #endif /* HAVE_LOGIN_CAP_H */ |
1029 | 13.4k | if (def_selinux && ctx->runas.role != NULL) { |
1030 | 0 | if ((command_info[info_len++] = sudo_new_key_val("selinux_role", ctx->runas.role)) == NULL) |
1031 | 0 | goto oom; |
1032 | 0 | } |
1033 | 13.4k | if (def_selinux && ctx->runas.type != NULL) { |
1034 | 0 | if ((command_info[info_len++] = sudo_new_key_val("selinux_type", ctx->runas.type)) == NULL) |
1035 | 0 | goto oom; |
1036 | 0 | } |
1037 | 13.4k | if (ctx->runas.apparmor_profile != NULL) { |
1038 | 0 | if ((command_info[info_len++] = sudo_new_key_val("apparmor_profile", ctx->runas.apparmor_profile)) == NULL) |
1039 | 0 | goto oom; |
1040 | 0 | } |
1041 | 13.4k | if (ctx->runas.privs != NULL) { |
1042 | 0 | if ((command_info[info_len++] = sudo_new_key_val("runas_privs", ctx->runas.privs)) == NULL) |
1043 | 0 | goto oom; |
1044 | 0 | } |
1045 | 13.4k | if (ctx->runas.limitprivs != NULL) { |
1046 | 0 | if ((command_info[info_len++] = sudo_new_key_val("runas_limitprivs", ctx->runas.limitprivs)) == NULL) |
1047 | 0 | goto oom; |
1048 | 0 | } |
1049 | | |
1050 | | /* Set command start time (monotonic) for the first accepted command. */ |
1051 | 13.4k | if (accepted && !ISSET(ctx->mode, MODE_POLICY_INTERCEPTED)) { |
1052 | 5.30k | if (sudo_gettime_awake(&ctx->start_time) == -1) { |
1053 | 0 | sudo_warn("%s", U_("unable to get time of day")); |
1054 | 0 | goto bad; |
1055 | 0 | } |
1056 | 5.30k | } |
1057 | | |
1058 | | /* Fill in exec environment info. */ |
1059 | 13.4k | *(exec_args->argv) = argv; |
1060 | 13.4k | *(exec_args->envp) = envp; |
1061 | 13.4k | *(exec_args->info) = command_info; |
1062 | | |
1063 | | /* Free command_info on exit. */ |
1064 | 13.4k | sudoers_gc_add(GC_VECTOR, command_info); |
1065 | | |
1066 | 13.4k | debug_return_bool(true); |
1067 | | |
1068 | 0 | oom: |
1069 | 0 | sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory")); |
1070 | 0 | bad: |
1071 | 0 | free(audit_msg); |
1072 | 0 | audit_msg = NULL; |
1073 | 0 | while (info_len) |
1074 | 0 | free(command_info[--info_len]); |
1075 | 0 | free(command_info); |
1076 | 0 | command_info = NULL; |
1077 | 0 | debug_return_bool(false); |
1078 | 0 | } |
1079 | | |
1080 | | bool |
1081 | | sudoers_tty_present(struct sudoers_context *ctx) |
1082 | 0 | { |
1083 | 0 | debug_decl(sudoers_tty_present, SUDOERS_DEBUG_PLUGIN); |
1084 | | |
1085 | 0 | if (ctx->user.tcpgid == 0 && ctx->user.ttypath == NULL) { |
1086 | | /* No job control or terminal, check /dev/tty. */ |
1087 | 0 | int fd = open(_PATH_TTY, O_RDWR); |
1088 | 0 | if (fd == -1) |
1089 | 0 | debug_return_bool(false); |
1090 | 0 | close(fd); |
1091 | 0 | } |
1092 | 0 | debug_return_bool(true); |
1093 | 0 | } |
1094 | | |
1095 | | static int |
1096 | | sudoers_policy_open(unsigned int version, sudo_conv_t conversation, |
1097 | | sudo_printf_t plugin_printf, char * const settings[], |
1098 | | char * const user_info[], char * const envp[], char * const args[], |
1099 | | const char **errstr) |
1100 | 25.4k | { |
1101 | 25.4k | struct sudo_conf_debug_file_list debug_files = TAILQ_HEAD_INITIALIZER(debug_files); |
1102 | 25.4k | struct sudoers_open_info info; |
1103 | 25.4k | const char *cp, *plugin_path = NULL; |
1104 | 25.4k | char * const *cur; |
1105 | 25.4k | int ret; |
1106 | 25.4k | debug_decl(sudoers_policy_open, SUDOERS_DEBUG_PLUGIN); |
1107 | | |
1108 | 25.4k | sudo_version = version; |
1109 | 25.4k | sudo_conv = conversation; |
1110 | 25.4k | sudo_printf = plugin_printf; |
1111 | 25.4k | if (sudoers_policy.event_alloc != NULL) |
1112 | 0 | plugin_event_alloc = sudoers_policy.event_alloc; |
1113 | | |
1114 | | /* Plugin args are only specified for API version 1.2 and higher. */ |
1115 | 25.4k | if (sudo_version < SUDO_API_MKVERSION(1, 2)) |
1116 | 0 | args = NULL; |
1117 | | |
1118 | | /* Initialize the debug subsystem. */ |
1119 | 1.50M | for (cur = settings; (cp = *cur) != NULL; cur++) { |
1120 | 1.48M | if (strncmp(cp, "debug_flags=", sizeof("debug_flags=") - 1) == 0) { |
1121 | 282 | cp += sizeof("debug_flags=") - 1; |
1122 | 282 | if (!sudoers_debug_parse_flags(&debug_files, cp)) |
1123 | 0 | debug_return_int(-1); |
1124 | 282 | continue; |
1125 | 282 | } |
1126 | 1.48M | if (strncmp(cp, "plugin_path=", sizeof("plugin_path=") - 1) == 0) { |
1127 | 288 | plugin_path = cp + sizeof("plugin_path=") - 1; |
1128 | 288 | continue; |
1129 | 288 | } |
1130 | 1.48M | } |
1131 | 25.4k | if (!sudoers_debug_register(plugin_path, &debug_files)) |
1132 | 0 | debug_return_int(-1); |
1133 | | |
1134 | | /* Call the sudoers init function. */ |
1135 | 25.4k | info.settings = settings; |
1136 | 25.4k | info.user_info = user_info; |
1137 | 25.4k | info.plugin_args = args; |
1138 | 25.4k | ret = sudoers_init(&info, log_parse_error, envp); |
1139 | | |
1140 | | /* The audit functions set audit_msg on failure. */ |
1141 | 25.4k | if (ret != 1 && audit_msg != NULL) { |
1142 | 0 | if (sudo_version >= SUDO_API_MKVERSION(1, 15)) |
1143 | 0 | *errstr = audit_msg; |
1144 | 0 | } |
1145 | | |
1146 | 25.4k | debug_return_int(ret); |
1147 | 25.4k | } |
1148 | | |
1149 | | static void |
1150 | | sudoers_policy_close(int exit_status, int error_code) |
1151 | 25.4k | { |
1152 | 25.4k | const struct sudoers_context *ctx = sudoers_get_context(); |
1153 | 25.4k | debug_decl(sudoers_policy_close, SUDOERS_DEBUG_PLUGIN); |
1154 | | |
1155 | 25.4k | if (session_opened) { |
1156 | | /* Close the session we opened in sudoers_policy_init_session(). */ |
1157 | 20.9k | (void)sudo_auth_end_session(); |
1158 | | |
1159 | 20.9k | if (error_code) { |
1160 | 0 | errno = error_code; |
1161 | 0 | sudo_warn(U_("unable to execute %s"), ctx->runas.cmnd); |
1162 | 20.9k | } else { |
1163 | 20.9k | log_exit_status(ctx, exit_status); |
1164 | 20.9k | } |
1165 | 20.9k | } |
1166 | | |
1167 | | /* Deregister the callback for sudo_fatal()/sudo_fatalx(). */ |
1168 | 25.4k | sudo_fatal_callback_deregister(sudoers_cleanup); |
1169 | | |
1170 | | /* Free sudoers sources, ctx->user.and passwd/group caches. */ |
1171 | 25.4k | sudoers_cleanup(); |
1172 | | |
1173 | | /* command_info was freed by the g/c code. */ |
1174 | 25.4k | command_info = NULL; |
1175 | | |
1176 | | /* Free error message passed back to front-end, if any. */ |
1177 | 25.4k | free(audit_msg); |
1178 | 25.4k | audit_msg = NULL; |
1179 | | |
1180 | | /* sudoers_debug_deregister() calls sudo_debug_exit() for us. */ |
1181 | 25.4k | sudoers_debug_deregister(); |
1182 | 25.4k | } |
1183 | | |
1184 | | /* |
1185 | | * The init_session function is called before executing the command |
1186 | | * and before uid/gid changes occur. |
1187 | | * Returns 1 on success, 0 on failure and -1 on error. |
1188 | | */ |
1189 | | static int |
1190 | | sudoers_policy_init_session(struct passwd *pwd, char **user_env[], |
1191 | | const char **errstr) |
1192 | 8.00k | { |
1193 | 8.00k | const struct sudoers_context *ctx = sudoers_get_context(); |
1194 | 8.00k | int ret; |
1195 | 8.00k | debug_decl(sudoers_policy_init_session, SUDOERS_DEBUG_PLUGIN); |
1196 | | |
1197 | | /* user_env is only specified for API version 1.2 and higher. */ |
1198 | 8.00k | if (sudo_version < SUDO_API_MKVERSION(1, 2)) |
1199 | 0 | user_env = NULL; |
1200 | | |
1201 | 8.00k | ret = sudo_auth_begin_session(ctx, pwd, user_env); |
1202 | | |
1203 | 8.00k | if (ret == 1) { |
1204 | 8.00k | session_opened = true; |
1205 | 8.00k | } else if (audit_msg != NULL) { |
1206 | | /* The audit functions set audit_msg on failure. */ |
1207 | 0 | if (sudo_version >= SUDO_API_MKVERSION(1, 15)) |
1208 | 0 | *errstr = audit_msg; |
1209 | 0 | } |
1210 | 8.00k | debug_return_int(ret); |
1211 | 8.00k | } |
1212 | | |
1213 | | static int |
1214 | | sudoers_policy_check(int argc, char * const argv[], char *env_add[], |
1215 | | char **command_infop[], char **argv_out[], char **user_env_out[], |
1216 | | const char **errstr) |
1217 | 14.0k | { |
1218 | 14.0k | const struct sudoers_context *ctx = sudoers_get_context(); |
1219 | 14.0k | unsigned int valid_flags = RUN_VALID_FLAGS; |
1220 | 14.0k | unsigned int flags = MODE_RUN; |
1221 | 14.0k | struct sudoers_exec_args exec_args; |
1222 | 14.0k | int ret; |
1223 | 14.0k | debug_decl(sudoers_policy_check, SUDOERS_DEBUG_PLUGIN); |
1224 | | |
1225 | 14.0k | if (ISSET(ctx->mode, MODE_EDIT)) { |
1226 | 788 | valid_flags = EDIT_VALID_FLAGS; |
1227 | 788 | flags = 0; |
1228 | 788 | } |
1229 | 14.0k | if (!sudoers_set_mode(flags, valid_flags)) { |
1230 | 126 | sudo_warnx(U_("%s: invalid mode flags from sudo front end: 0x%x"), |
1231 | 126 | __func__, ctx->mode); |
1232 | 126 | debug_return_int(-1); |
1233 | 126 | } |
1234 | | |
1235 | 13.8k | exec_args.argv = argv_out; |
1236 | 13.8k | exec_args.envp = user_env_out; |
1237 | 13.8k | exec_args.info = command_infop; |
1238 | | |
1239 | 13.8k | ret = sudoers_check_cmnd(argc, argv, env_add, &exec_args); |
1240 | | #ifndef NO_LEAKS |
1241 | | if (ret == true && sudo_version >= SUDO_API_MKVERSION(1, 3)) { |
1242 | | /* Unset close function if we don't need it to avoid extra process. */ |
1243 | | if (!iolog_enabled && !def_use_pty && !def_log_exit_status && |
1244 | | SLIST_EMPTY(&def_log_servers) && !sudo_auth_needs_end_session()) |
1245 | | sudoers_policy.close = NULL; |
1246 | | } |
1247 | | #endif |
1248 | | |
1249 | | /* The audit functions set audit_msg on failure. */ |
1250 | 13.8k | if (ret != 1 && audit_msg != NULL) { |
1251 | 0 | if (sudo_version >= SUDO_API_MKVERSION(1, 15)) |
1252 | 0 | *errstr = audit_msg; |
1253 | 0 | } |
1254 | 13.8k | debug_return_int(ret); |
1255 | 13.8k | } |
1256 | | |
1257 | | static int |
1258 | | sudoers_policy_validate(const char **errstr) |
1259 | 4.00k | { |
1260 | 4.00k | const struct sudoers_context *ctx = sudoers_get_context(); |
1261 | 4.00k | int ret; |
1262 | 4.00k | debug_decl(sudoers_policy_validate, SUDOERS_DEBUG_PLUGIN); |
1263 | | |
1264 | 4.00k | if (!sudoers_set_mode(MODE_VALIDATE, VALIDATE_VALID_FLAGS)) { |
1265 | 586 | sudo_warnx(U_("%s: invalid mode flags from sudo front end: 0x%x"), |
1266 | 586 | __func__, ctx->mode); |
1267 | 586 | debug_return_int(-1); |
1268 | 586 | } |
1269 | | |
1270 | 3.41k | ret = sudoers_validate_user(); |
1271 | | |
1272 | | /* The audit functions set audit_msg on failure. */ |
1273 | 3.41k | if (ret != 1 && audit_msg != NULL) { |
1274 | 0 | if (sudo_version >= SUDO_API_MKVERSION(1, 15)) |
1275 | 0 | *errstr = audit_msg; |
1276 | 0 | } |
1277 | 3.41k | debug_return_int(ret); |
1278 | 3.41k | } |
1279 | | |
1280 | | static void |
1281 | | sudoers_policy_invalidate(int unlinkit) |
1282 | 4.00k | { |
1283 | 4.00k | const struct sudoers_context *ctx = sudoers_get_context(); |
1284 | 4.00k | debug_decl(sudoers_policy_invalidate, SUDOERS_DEBUG_PLUGIN); |
1285 | | |
1286 | 4.00k | if (!sudoers_set_mode(MODE_INVALIDATE, INVALIDATE_VALID_FLAGS)) { |
1287 | 586 | sudo_warnx(U_("%s: invalid mode flags from sudo front end: 0x%x"), |
1288 | 586 | __func__, ctx->mode); |
1289 | 3.41k | } else { |
1290 | 3.41k | timestamp_remove(ctx, unlinkit); |
1291 | 3.41k | } |
1292 | | |
1293 | 4.00k | debug_return; |
1294 | 4.00k | } |
1295 | | |
1296 | | static int |
1297 | | sudoers_policy_list(int argc, char * const argv[], int verbose, |
1298 | | const char *list_user, const char **errstr) |
1299 | 12.0k | { |
1300 | 12.0k | const struct sudoers_context *ctx = sudoers_get_context(); |
1301 | 12.0k | int ret; |
1302 | 12.0k | debug_decl(sudoers_policy_list, SUDOERS_DEBUG_PLUGIN); |
1303 | | |
1304 | 12.0k | if (!sudoers_set_mode(argc ? MODE_CHECK : MODE_LIST, LIST_VALID_FLAGS)) { |
1305 | 1.75k | sudo_warnx(U_("%s: invalid mode flags from sudo front end: 0x%x"), |
1306 | 1.75k | __func__, ctx->mode); |
1307 | 1.75k | debug_return_int(-1); |
1308 | 1.75k | } |
1309 | | |
1310 | 10.2k | ret = sudoers_list(argc, argv, list_user, verbose); |
1311 | | |
1312 | | /* The audit functions set audit_msg on failure. */ |
1313 | 10.2k | if (ret != 1 && audit_msg != NULL) { |
1314 | 0 | if (sudo_version >= SUDO_API_MKVERSION(1, 15)) |
1315 | 0 | *errstr = audit_msg; |
1316 | 0 | } |
1317 | 10.2k | debug_return_int(ret); |
1318 | 10.2k | } |
1319 | | |
1320 | | static int |
1321 | | sudoers_policy_version(int verbose) |
1322 | 2.00k | { |
1323 | | #ifdef HAVE_LDAP |
1324 | | const struct sudoers_context *ctx = sudoers_get_context(); |
1325 | | #endif |
1326 | 2.00k | debug_decl(sudoers_policy_version, SUDOERS_DEBUG_PLUGIN); |
1327 | | |
1328 | 2.00k | sudo_printf(SUDO_CONV_INFO_MSG, _("Sudoers policy plugin version %s\n"), |
1329 | 2.00k | PACKAGE_VERSION); |
1330 | 2.00k | sudo_printf(SUDO_CONV_INFO_MSG, _("Sudoers file grammar version %d\n"), |
1331 | 2.00k | SUDOERS_GRAMMAR_VERSION); |
1332 | | |
1333 | 2.00k | if (verbose) { |
1334 | 2.00k | sudo_printf(SUDO_CONV_INFO_MSG, _("\nSudoers path: %s\n"), path_sudoers); |
1335 | | #ifdef HAVE_LDAP |
1336 | | # ifdef _PATH_NSSWITCH_CONF |
1337 | | sudo_printf(SUDO_CONV_INFO_MSG, _("nsswitch path: %s\n"), _PATH_NSSWITCH_CONF); |
1338 | | # endif |
1339 | | if (ctx->settings.ldap_conf != NULL) |
1340 | | sudo_printf(SUDO_CONV_INFO_MSG, _("ldap.conf path: %s\n"), ctx->settings.ldap_conf); |
1341 | | if (ctx->settings.ldap_secret != NULL) |
1342 | | sudo_printf(SUDO_CONV_INFO_MSG, _("ldap.secret path: %s\n"), ctx->settings.ldap_secret); |
1343 | | #endif |
1344 | 2.00k | dump_auth_methods(); |
1345 | 2.00k | dump_defaults(); |
1346 | 2.00k | sudo_printf(SUDO_CONV_INFO_MSG, "\n"); |
1347 | 2.00k | if (interfaces_string != NULL) { |
1348 | 2.00k | dump_interfaces(interfaces_string); |
1349 | 2.00k | sudo_printf(SUDO_CONV_INFO_MSG, "\n"); |
1350 | 2.00k | } |
1351 | 2.00k | } |
1352 | 2.00k | debug_return_int(true); |
1353 | 2.00k | } |
1354 | | |
1355 | | static struct sudo_hook sudoers_hooks[] = { |
1356 | | { SUDO_HOOK_VERSION, SUDO_HOOK_SETENV, (sudo_hook_fn_t)sudoers_hook_setenv, NULL }, |
1357 | | { SUDO_HOOK_VERSION, SUDO_HOOK_UNSETENV, (sudo_hook_fn_t)sudoers_hook_unsetenv, NULL }, |
1358 | | { SUDO_HOOK_VERSION, SUDO_HOOK_GETENV, (sudo_hook_fn_t)sudoers_hook_getenv, NULL }, |
1359 | | { SUDO_HOOK_VERSION, SUDO_HOOK_PUTENV, (sudo_hook_fn_t)sudoers_hook_putenv, NULL }, |
1360 | | { 0, 0, NULL, NULL } |
1361 | | }; |
1362 | | |
1363 | | /* |
1364 | | * Register environment function hooks. |
1365 | | * Note that we have not registered sudoers with the debug subsystem yet. |
1366 | | */ |
1367 | | static void |
1368 | | sudoers_policy_register_hooks(int version, int (*register_hook)(struct sudo_hook *hook)) |
1369 | 7.47k | { |
1370 | 7.47k | struct sudo_hook *hook; |
1371 | | |
1372 | 37.3k | for (hook = sudoers_hooks; hook->hook_fn != NULL; hook++) { |
1373 | 29.9k | if (register_hook(hook) != 0) { |
1374 | 0 | sudo_warn_nodebug( |
1375 | 0 | U_("unable to register hook of type %d (version %d.%d)"), |
1376 | 0 | hook->hook_type, SUDO_API_VERSION_GET_MAJOR(hook->hook_version), |
1377 | 0 | SUDO_API_VERSION_GET_MINOR(hook->hook_version)); |
1378 | 0 | } |
1379 | 29.9k | } |
1380 | 7.47k | } |
1381 | | |
1382 | | /* |
1383 | | * De-register environment function hooks. |
1384 | | */ |
1385 | | static void |
1386 | | sudoers_policy_deregister_hooks(int version, int (*deregister_hook)(struct sudo_hook *hook)) |
1387 | 7.47k | { |
1388 | 7.47k | struct sudo_hook *hook; |
1389 | | |
1390 | 37.3k | for (hook = sudoers_hooks; hook->hook_fn != NULL; hook++) { |
1391 | 29.9k | if (deregister_hook(hook) != 0) { |
1392 | 0 | sudo_warn_nodebug( |
1393 | 0 | U_("unable to deregister hook of type %d (version %d.%d)"), |
1394 | 0 | hook->hook_type, SUDO_API_VERSION_GET_MAJOR(hook->hook_version), |
1395 | 0 | SUDO_API_VERSION_GET_MINOR(hook->hook_version)); |
1396 | 0 | } |
1397 | 29.9k | } |
1398 | 7.47k | } |
1399 | | |
1400 | | sudo_dso_public struct policy_plugin sudoers_policy = { |
1401 | | SUDO_POLICY_PLUGIN, |
1402 | | SUDO_API_VERSION, |
1403 | | sudoers_policy_open, |
1404 | | sudoers_policy_close, |
1405 | | sudoers_policy_version, |
1406 | | sudoers_policy_check, |
1407 | | sudoers_policy_list, |
1408 | | sudoers_policy_validate, |
1409 | | sudoers_policy_invalidate, |
1410 | | sudoers_policy_init_session, |
1411 | | sudoers_policy_register_hooks, |
1412 | | sudoers_policy_deregister_hooks, |
1413 | | NULL /* event_alloc() filled in by sudo */ |
1414 | | }; |