- upgrade to the latest upstream release
- add selinux support
This commit is contained in:
parent
eb965f4152
commit
6dfc39bc61
@ -1,2 +1,2 @@
|
|||||||
sudo-1.6.9p4.tar.gz
|
|
||||||
sudo-1.6.8p12-sudoers
|
sudo-1.6.8p12-sudoers
|
||||||
|
sudo-1.6.9p12.tar.gz
|
||||||
|
2
sources
2
sources
@ -1,2 +1,2 @@
|
|||||||
5439d24b48db69d2b6b42e97b47fdfd6 sudo-1.6.9p4.tar.gz
|
|
||||||
3dad7cdd28925f9bdf387510961f8e9f sudo-1.6.8p12-sudoers
|
3dad7cdd28925f9bdf387510961f8e9f sudo-1.6.8p12-sudoers
|
||||||
|
a5795c292e5c64dd9f7bcba8c1c712c9 sudo-1.6.9p12.tar.gz
|
||||||
|
12
sudo-1.6.9p12-noPam.patch
Normal file
12
sudo-1.6.9p12-noPam.patch
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
diff -up sudo-1.6.9p12/configure.in.noPam sudo-1.6.9p12/configure.in
|
||||||
|
--- sudo-1.6.9p12/configure.in.noPam 2008-02-05 13:52:07.000000000 +0100
|
||||||
|
+++ sudo-1.6.9p12/configure.in 2008-02-05 13:52:25.000000000 +0100
|
||||||
|
@@ -1842,7 +1842,7 @@ if test ${with_pam-"no"} != "no"; then
|
||||||
|
yes) AC_MSG_RESULT(yes)
|
||||||
|
;;
|
||||||
|
no) AC_MSG_RESULT(no)
|
||||||
|
- AC_DEFINE(NO_PAM_SESSION)
|
||||||
|
+ AC_DEFINE([NO_PAM_SESSION], [], [PAM session support disabled])
|
||||||
|
;;
|
||||||
|
*) AC_MSG_RESULT(no)
|
||||||
|
AC_MSG_WARN([Ignoring unknown argument to --enable-pam-session: $enableval])
|
672
sudo-1.6.9p12-selinux.patch
Normal file
672
sudo-1.6.9p12-selinux.patch
Normal file
@ -0,0 +1,672 @@
|
|||||||
|
diff -up /dev/null sudo-1.6.9p12/sesh.c
|
||||||
|
--- /dev/null 2008-02-05 17:16:01.642928004 +0100
|
||||||
|
+++ sudo-1.6.9p12/sesh.c 2008-02-06 13:06:50.000000000 +0100
|
||||||
|
@@ -0,0 +1,46 @@
|
||||||
|
+#include <stdio.h>
|
||||||
|
+#include <unistd.h>
|
||||||
|
+#include <limits.h>
|
||||||
|
+#include <sys/types.h>
|
||||||
|
+#include <sys/wait.h>
|
||||||
|
+#include <errno.h>
|
||||||
|
+
|
||||||
|
+main (int argc, char **argv) {
|
||||||
|
+ char buf[PATH_MAX];
|
||||||
|
+ pid_t pid;
|
||||||
|
+ if ( argc < 2 ) {
|
||||||
|
+ fprintf(stderr,"%s: Requires at least one argument\n", argv[0]);
|
||||||
|
+ exit(-1);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if ((pid = fork()) < 0) {
|
||||||
|
+ snprintf(buf, sizeof(buf), "%s: Couldn't fork",argv[0]);
|
||||||
|
+ perror(buf);
|
||||||
|
+ exit(-1);
|
||||||
|
+ } else if (pid > 0) {
|
||||||
|
+ /* Parent */
|
||||||
|
+ int status;
|
||||||
|
+ int ret;
|
||||||
|
+
|
||||||
|
+ do {
|
||||||
|
+ if ((ret = waitpid(pid, &status, 0)) < 0 && errno == EINTR)
|
||||||
|
+ continue;
|
||||||
|
+ else if (ret < 0) {
|
||||||
|
+ perror("waitpid failed");
|
||||||
|
+ exit(1);
|
||||||
|
+ }
|
||||||
|
+ } while (0);
|
||||||
|
+
|
||||||
|
+ if (WIFEXITED(status))
|
||||||
|
+ exit(WEXITSTATUS(status));
|
||||||
|
+ else
|
||||||
|
+ exit(1);
|
||||||
|
+ } else {
|
||||||
|
+ /* Child */
|
||||||
|
+ execv(argv[1], &argv[1]);
|
||||||
|
+
|
||||||
|
+ snprintf(buf, sizeof(buf), "%s: Error execing %s", argv[0], argv[1]);
|
||||||
|
+ perror(buf);
|
||||||
|
+ exit(-1);
|
||||||
|
+ }
|
||||||
|
+}
|
||||||
|
diff -up sudo-1.6.9p12/configure.in.selinux sudo-1.6.9p12/configure.in
|
||||||
|
--- sudo-1.6.9p12/configure.in.selinux 2008-02-06 12:45:07.000000000 +0100
|
||||||
|
+++ sudo-1.6.9p12/configure.in 2008-02-06 13:06:50.000000000 +0100
|
||||||
|
@@ -102,7 +102,7 @@ dnl
|
||||||
|
dnl Initial values for Makefile variables listed above
|
||||||
|
dnl May be overridden by environment variables..
|
||||||
|
dnl
|
||||||
|
-PROGS="sudo visudo"
|
||||||
|
+PROGS="sudo visudo sesh"
|
||||||
|
: ${MANTYPE='man'}
|
||||||
|
: ${mansrcdir='.'}
|
||||||
|
: ${SUDOERS_MODE='0440'}
|
||||||
|
diff -up /dev/null sudo-1.6.9p12/selinux.c
|
||||||
|
--- /dev/null 2008-02-05 17:16:01.642928004 +0100
|
||||||
|
+++ sudo-1.6.9p12/selinux.c 2008-02-06 13:06:50.000000000 +0100
|
||||||
|
@@ -0,0 +1,425 @@
|
||||||
|
+/*
|
||||||
|
+ * Copyright (c) 2008 Dan Walsh <dwalsh@redhat.com>
|
||||||
|
+ *
|
||||||
|
+ * Borrowed heavily from newrole source code
|
||||||
|
+ * Authors:
|
||||||
|
+ * Anthony Colatrella
|
||||||
|
+ * Tim Fraser
|
||||||
|
+ * Steve Grubb <sgrubb@redhat.com>
|
||||||
|
+ * Darrel Goeddel <DGoeddel@trustedcs.com>
|
||||||
|
+ * Michael Thompson <mcthomps@us.ibm.com>
|
||||||
|
+ * Dan Walsh <dwalsh@redhat.com>
|
||||||
|
+ *
|
||||||
|
+ * Permission to use, copy, modify, and distribute this software for any
|
||||||
|
+ * purpose with or without fee is hereby granted, provided that the above
|
||||||
|
+ * copyright notice and this permission notice appear in all copies.
|
||||||
|
+ *
|
||||||
|
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
||||||
|
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
||||||
|
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
|
||||||
|
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
||||||
|
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
||||||
|
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
||||||
|
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||||
|
+ *
|
||||||
|
+ */
|
||||||
|
+#ifdef WITH_SELINUX
|
||||||
|
+#include <config.h>
|
||||||
|
+#include <sys/types.h>
|
||||||
|
+#include <stdio.h>
|
||||||
|
+#ifdef STDC_HEADERS
|
||||||
|
+# include <stdlib.h>
|
||||||
|
+# include <stddef.h>
|
||||||
|
+#else
|
||||||
|
+# ifdef HAVE_STDLIB_H
|
||||||
|
+# include <stdlib.h>
|
||||||
|
+# endif
|
||||||
|
+#endif /* STDC_HEADERS */
|
||||||
|
+#ifdef HAVE_STRING_H
|
||||||
|
+# if defined(HAVE_MEMORY_H) && !defined(STDC_HEADERS)
|
||||||
|
+# include <memory.h>
|
||||||
|
+# endif
|
||||||
|
+# include <string.h>
|
||||||
|
+#else
|
||||||
|
+# ifdef HAVE_STRINGS_H
|
||||||
|
+# include <strings.h>
|
||||||
|
+# endif
|
||||||
|
+#endif /* HAVE_STRING_H */
|
||||||
|
+#ifdef HAVE_UNISTD_H
|
||||||
|
+# include <unistd.h>
|
||||||
|
+#endif /* HAVE_UNISTD_H */
|
||||||
|
+#include <errno.h>
|
||||||
|
+#include <fcntl.h>
|
||||||
|
+#include <signal.h>
|
||||||
|
+
|
||||||
|
+#ifdef WITH_AUDIT
|
||||||
|
+#include <libaudit.h>
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
+#include "sudo.h"
|
||||||
|
+
|
||||||
|
+#include <sys/wait.h>
|
||||||
|
+
|
||||||
|
+#ifdef USE_AUDIT
|
||||||
|
+#include <libaudit.h>
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
+#include <selinux/flask.h> /* for SECCLASS_CHR_FILE */
|
||||||
|
+#include <selinux/selinux.h> /* for is_selinux_enabled() */
|
||||||
|
+#include <selinux/context.h> /* for context-mangling functions */
|
||||||
|
+#include <selinux/get_default_type.h>
|
||||||
|
+#include <selinux/get_context_list.h>
|
||||||
|
+
|
||||||
|
+/**
|
||||||
|
+ * This function attempts to revert the relabeling done to the tty.
|
||||||
|
+ * fd - referencing the opened ttyn
|
||||||
|
+ * ttyn - name of tty to restore
|
||||||
|
+ * tty_context - original context of the tty
|
||||||
|
+ * new_tty_context - context tty was relabeled to
|
||||||
|
+ *
|
||||||
|
+ * Returns zero on success, non-zero otherwise
|
||||||
|
+ */
|
||||||
|
+static int restore_tty_label(int fd, const char *ttyn,
|
||||||
|
+ security_context_t tty_context,
|
||||||
|
+ security_context_t new_tty_context)
|
||||||
|
+{
|
||||||
|
+ int rc = 0;
|
||||||
|
+ security_context_t chk_tty_context = NULL;
|
||||||
|
+
|
||||||
|
+ if (!ttyn)
|
||||||
|
+ goto skip_relabel;
|
||||||
|
+
|
||||||
|
+ if (!new_tty_context)
|
||||||
|
+ goto skip_relabel;
|
||||||
|
+
|
||||||
|
+ /* Verify that the tty still has the context set by newrole. */
|
||||||
|
+ if ((rc = fgetfilecon(fd, &chk_tty_context)) < 0) {
|
||||||
|
+ fprintf(stderr, "Could not fgetfilecon %s.\n", ttyn);
|
||||||
|
+ goto skip_relabel;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if ((rc = strcmp(chk_tty_context, new_tty_context))) {
|
||||||
|
+ fprintf(stderr, "%s changed labels.\n", ttyn);
|
||||||
|
+ goto skip_relabel;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if ((rc = fsetfilecon(fd, tty_context)) < 0)
|
||||||
|
+ fprintf(stderr,
|
||||||
|
+ "Warning! Could not restore context for %s\n", ttyn);
|
||||||
|
+ skip_relabel:
|
||||||
|
+ freecon(chk_tty_context);
|
||||||
|
+ return rc;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+/**
|
||||||
|
+ * This function attempts to relabel the tty. If this function fails, then
|
||||||
|
+ * the fd is closed, the contexts are free'd and -1 is returned. On success,
|
||||||
|
+ * a valid fd is returned and tty_context and new_tty_context are set.
|
||||||
|
+ *
|
||||||
|
+ * This function will not fail if it can not relabel the tty when selinux is
|
||||||
|
+ * in permissive mode.
|
||||||
|
+ */
|
||||||
|
+static int relabel_tty(const char *ttyn, security_context_t new_context,
|
||||||
|
+ security_context_t * tty_context,
|
||||||
|
+ security_context_t * new_tty_context)
|
||||||
|
+{
|
||||||
|
+ int fd;
|
||||||
|
+ int enforcing = security_getenforce();
|
||||||
|
+ security_context_t tty_con = NULL;
|
||||||
|
+ security_context_t new_tty_con = NULL;
|
||||||
|
+
|
||||||
|
+ if (!ttyn)
|
||||||
|
+ return 0;
|
||||||
|
+
|
||||||
|
+ if (enforcing < 0) {
|
||||||
|
+ fprintf(stderr, "Could not determine enforcing mode.\n");
|
||||||
|
+ return -1;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ /* Re-open TTY descriptor */
|
||||||
|
+ fd = open(ttyn, O_RDWR | O_NONBLOCK);
|
||||||
|
+ if (fd < 0) {
|
||||||
|
+ fprintf(stderr, "Error! Could not open %s.\n", ttyn);
|
||||||
|
+ return fd;
|
||||||
|
+ }
|
||||||
|
+ fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) & ~O_NONBLOCK);
|
||||||
|
+
|
||||||
|
+ if (fgetfilecon(fd, &tty_con) < 0) {
|
||||||
|
+ fprintf(stderr, "%s! Could not get current context "
|
||||||
|
+ "for %s, not relabeling tty.\n",
|
||||||
|
+ enforcing ? "Error" : "Warning", ttyn);
|
||||||
|
+ if (enforcing)
|
||||||
|
+ goto close_fd;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (tty_con &&
|
||||||
|
+ (security_compute_relabel(new_context, tty_con,
|
||||||
|
+ SECCLASS_CHR_FILE, &new_tty_con) < 0)) {
|
||||||
|
+ fprintf(stderr, "%s! Could not get new context for %s, "
|
||||||
|
+ "not relabeling tty.\n",
|
||||||
|
+ enforcing ? "Error" : "Warning", ttyn);
|
||||||
|
+ if (enforcing)
|
||||||
|
+ goto close_fd;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (new_tty_con)
|
||||||
|
+ if (fsetfilecon(fd, new_tty_con) < 0) {
|
||||||
|
+ fprintf(stderr,
|
||||||
|
+ "%s! Could not set new context for %s\n",
|
||||||
|
+ enforcing ? "Error" : "Warning", ttyn);
|
||||||
|
+ freecon(new_tty_con);
|
||||||
|
+ new_tty_con = NULL;
|
||||||
|
+ if (enforcing)
|
||||||
|
+ goto close_fd;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ *tty_context = tty_con;
|
||||||
|
+ *new_tty_context = new_tty_con;
|
||||||
|
+ return fd;
|
||||||
|
+
|
||||||
|
+ close_fd:
|
||||||
|
+ freecon(tty_con);
|
||||||
|
+ close(fd);
|
||||||
|
+ return -1;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+security_context_t get_exec_context(security_context_t old_context, char *role_s, char *type_s) {
|
||||||
|
+
|
||||||
|
+ /* our target security ID ("sid") */
|
||||||
|
+ security_context_t new_context=NULL;
|
||||||
|
+
|
||||||
|
+ /* manipulatable form of context_s */
|
||||||
|
+ context_t context;
|
||||||
|
+
|
||||||
|
+ if( !role_s ) {
|
||||||
|
+ fprintf(stderr,"You must specify a role.\n");
|
||||||
|
+ return NULL;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+
|
||||||
|
+ /*
|
||||||
|
+ * Get the SID and context of the caller, and extract
|
||||||
|
+ * the username from the context. Don't rely on the Linux
|
||||||
|
+ * uid information - it isn't trustworthy.
|
||||||
|
+ */
|
||||||
|
+
|
||||||
|
+ /*
|
||||||
|
+ * Create a context structure so that we extract and modify
|
||||||
|
+ * components easily.
|
||||||
|
+ */
|
||||||
|
+ context=context_new(old_context);
|
||||||
|
+
|
||||||
|
+ /*
|
||||||
|
+ *
|
||||||
|
+ * Step 3: Construct a new SID based on our old SID and the
|
||||||
|
+ * arguments specified on the command line.
|
||||||
|
+ *
|
||||||
|
+ */
|
||||||
|
+
|
||||||
|
+ /* The first step in constructing a new SID for the new shell we *
|
||||||
|
+ * plan to exec is to take our old context in `context' as a *
|
||||||
|
+ * starting point, and modify it according to the options the user *
|
||||||
|
+ * specified on the command line. */
|
||||||
|
+
|
||||||
|
+ /* If the user specified a new role on the command line (if `role_s' *
|
||||||
|
+ * is set), then replace the old role in `context' with this new role. */
|
||||||
|
+ if( !type_s ) {
|
||||||
|
+ if( get_default_type(role_s,&type_s) )
|
||||||
|
+ {
|
||||||
|
+ fprintf(stderr,"Couldn't get default type.\n");
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if( context_role_set(context,role_s)) {
|
||||||
|
+ fprintf(stderr,"failed to set new role %s\n",role_s);
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ /* If the user specified a new type on the command line (if `type_s' *
|
||||||
|
+ * is set), then replace the old type in `context' with this new type. */
|
||||||
|
+ if( type_s ) {
|
||||||
|
+ if( context_type_set(context,type_s)) {
|
||||||
|
+ fprintf(stderr,"failed to set new type %s\n",type_s);
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+ } /* if user specified new type */
|
||||||
|
+
|
||||||
|
+ /* The second step in creating the new SID is to convert our modified *
|
||||||
|
+ * `context' structure back to a context string and then to a SID. */
|
||||||
|
+
|
||||||
|
+ /* Make `context_s' point to a string version of the new `context'. */
|
||||||
|
+ if( !(new_context=strdup(context_str(context)))) {
|
||||||
|
+ fprintf(stderr,"failed to convert new context to string\n" );
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (security_check_context(new_context) < 0) {
|
||||||
|
+ fprintf(stderr, "%s is not a valid context\n", new_context);
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+#ifdef DEBUG
|
||||||
|
+ printf("Your new context is %s\n",new_context);
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
+ context_free(context);
|
||||||
|
+ return new_context;
|
||||||
|
+
|
||||||
|
+ err:
|
||||||
|
+ context_free(context);
|
||||||
|
+ freecon(new_context);
|
||||||
|
+ return NULL;
|
||||||
|
+
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+void selinux_exec(char *role_s, char *type_s, char *safe_cmd, int NewArgc, char **NewArgv, char **environ){
|
||||||
|
+ pid_t childPid = 0;
|
||||||
|
+ int ttyfd = -1;
|
||||||
|
+ /* our original securiy ID ("old_context") */
|
||||||
|
+ security_context_t old_context=NULL;
|
||||||
|
+
|
||||||
|
+ /* security context to change to while running command*/
|
||||||
|
+ security_context_t new_tty_context=NULL;
|
||||||
|
+ /* current security context of tty */
|
||||||
|
+ security_context_t tty_context=NULL;
|
||||||
|
+
|
||||||
|
+ char *ttyn = NULL; /* tty path */
|
||||||
|
+
|
||||||
|
+ /* our target security ID ("sid") */
|
||||||
|
+ security_context_t new_context=NULL;
|
||||||
|
+ /* Put the caller's SID into `old_context'. */
|
||||||
|
+ if (getprevcon(&old_context)) {
|
||||||
|
+ fprintf(stderr,"failed to get old_context.\n");
|
||||||
|
+ exit(-1);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+#ifdef DEBUG
|
||||||
|
+ printf( "Your old context was %s\n", old_context );
|
||||||
|
+#endif
|
||||||
|
+ new_context=get_exec_context(old_context, role_s,type_s);
|
||||||
|
+ if (! new_context) {
|
||||||
|
+ fprintf(stderr, "Could not set exec context to %s.\n", new_context);
|
||||||
|
+ exit(-1);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ ttyn = ttyname(STDIN_FILENO);
|
||||||
|
+ if (!ttyn || *ttyn == '\0') {
|
||||||
|
+ fprintf(stderr,
|
||||||
|
+ "Warning! Could not retrieve tty information.\n");
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ ttyfd = relabel_tty(ttyn, new_context, &tty_context, &new_tty_context);
|
||||||
|
+ if (ttyfd < 0) {
|
||||||
|
+ fprintf(stderr, "Could not setup tty context for %s.\n", new_context);
|
||||||
|
+ exit(-1);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+#ifdef DEBUG
|
||||||
|
+ printf("Your old tty context is %s\n",tty_context);
|
||||||
|
+ printf("Your new tty context is %s\n",new_tty_context);
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
+
|
||||||
|
+ childPid = fork();
|
||||||
|
+ if (childPid < 0) {
|
||||||
|
+ /* fork failed, no child to worry about */
|
||||||
|
+ int errsv = errno;
|
||||||
|
+ fprintf(stderr, "newrole: failure forking: %s",
|
||||||
|
+ strerror(errsv));
|
||||||
|
+ if (restore_tty_label(ttyfd, ttyn, tty_context, new_tty_context))
|
||||||
|
+ fprintf(stderr, "Unable to restore tty label...\n");
|
||||||
|
+ if (close(ttyfd))
|
||||||
|
+ fprintf(stderr, "Failed to close tty properly\n");
|
||||||
|
+ goto err;
|
||||||
|
+ } else if (childPid) {
|
||||||
|
+ /* PARENT
|
||||||
|
+ * It doesn't make senes to exit early on errors at this point,
|
||||||
|
+ * since we are doing cleanup which needs to be done.
|
||||||
|
+ * We can exit with a bad rc though
|
||||||
|
+ */
|
||||||
|
+ pid_t pid;
|
||||||
|
+ int exit_code = 0;
|
||||||
|
+ int status;
|
||||||
|
+
|
||||||
|
+ do {
|
||||||
|
+ pid = wait(&status);
|
||||||
|
+ } while (pid < 0 && errno == EINTR);
|
||||||
|
+
|
||||||
|
+ /* Preserve child exit status, unless there is another error. */
|
||||||
|
+ if (WIFEXITED(status))
|
||||||
|
+ exit_code = WEXITSTATUS(status);
|
||||||
|
+
|
||||||
|
+ if (restore_tty_label(ttyfd, ttyn, tty_context, new_tty_context)) {
|
||||||
|
+ fprintf(stderr, "Unable to restore tty label...\n");
|
||||||
|
+ exit_code = -1;
|
||||||
|
+ }
|
||||||
|
+ freecon(tty_context);
|
||||||
|
+ freecon(new_tty_context);
|
||||||
|
+ if (close(ttyfd)) {
|
||||||
|
+ fprintf(stderr, "Failed to close tty properly\n");
|
||||||
|
+ exit_code = -1;
|
||||||
|
+ }
|
||||||
|
+ exit(exit_code);
|
||||||
|
+ }
|
||||||
|
+ /* CHILD */
|
||||||
|
+ /* Close the tty and reopen descriptors 0 through 2 */
|
||||||
|
+ if (ttyn) {
|
||||||
|
+ if (close(ttyfd) || close(0) || close(1) || close(2)) {
|
||||||
|
+ fprintf(stderr, "Could not close descriptors.\n");
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+ ttyfd = open(ttyn, O_RDONLY | O_NONBLOCK);
|
||||||
|
+ if (ttyfd != 0)
|
||||||
|
+ goto err;
|
||||||
|
+ fcntl(ttyfd, F_SETFL, fcntl(ttyfd, F_GETFL, 0) & ~O_NONBLOCK);
|
||||||
|
+ ttyfd = open(ttyn, O_RDWR | O_NONBLOCK);
|
||||||
|
+ if (ttyfd != 1)
|
||||||
|
+ goto err;
|
||||||
|
+ fcntl(ttyfd, F_SETFL, fcntl(ttyfd, F_GETFL, 0) & ~O_NONBLOCK);
|
||||||
|
+ ttyfd = open(ttyn, O_RDWR | O_NONBLOCK);
|
||||||
|
+ if (ttyfd != 2)
|
||||||
|
+ goto err;
|
||||||
|
+ fcntl(ttyfd, F_SETFL, fcntl(ttyfd, F_GETFL, 0) & ~O_NONBLOCK);
|
||||||
|
+ }
|
||||||
|
+ if (setexeccon(new_context)) {
|
||||||
|
+ fprintf(stderr, "Could not set exec context to %s.\n",
|
||||||
|
+ new_context);
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+#ifdef USE_AUDIT
|
||||||
|
+ if (send_audit_message(1, old_context, new_context, ttyn))
|
||||||
|
+ goto err;
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
+ {
|
||||||
|
+ /*
|
||||||
|
+ SELinux will only not transition properly with the following
|
||||||
|
+ code. Basically if the user chooses to use a different security
|
||||||
|
+ context. We need to start the selinux shell, before executing
|
||||||
|
+ the command. This way the process transition will happen
|
||||||
|
+ correctly. For example if they user wants to run rpm from
|
||||||
|
+ sysadm_r. Sudo will exec the /usr/sbin/sesh followed by the
|
||||||
|
+ specified command.*/
|
||||||
|
+ char **dst, **src = NewArgv+1;
|
||||||
|
+ NewArgv = (char **) emalloc2((++NewArgc + 1), sizeof(char *));
|
||||||
|
+ NewArgv[0] = estrdup("/usr/sbin/sesh");
|
||||||
|
+ NewArgv[1] = safe_cmd;
|
||||||
|
+ safe_cmd = estrdup("/usr/sbin/sesh");
|
||||||
|
+ /* copy the args from Argv */
|
||||||
|
+ for (dst = NewArgv + 2; (*dst = *src) != NULL; ++src, ++dst)
|
||||||
|
+ ;
|
||||||
|
+ }
|
||||||
|
+ freecon(old_context);
|
||||||
|
+ freecon(new_context);
|
||||||
|
+
|
||||||
|
+ execve(safe_cmd, NewArgv, environ); /* run the command */
|
||||||
|
+
|
||||||
|
+ perror("failed to exec shell\n");
|
||||||
|
+ err:
|
||||||
|
+ freecon(old_context);
|
||||||
|
+ freecon(new_context);
|
||||||
|
+ exit(-1);
|
||||||
|
+}
|
||||||
|
+#endif /* WITH_SELINUX */
|
||||||
|
diff -up sudo-1.6.9p12/Makefile.in.selinux sudo-1.6.9p12/Makefile.in
|
||||||
|
--- sudo-1.6.9p12/Makefile.in.selinux 2008-02-06 12:45:07.000000000 +0100
|
||||||
|
+++ sudo-1.6.9p12/Makefile.in 2008-02-06 13:08:50.000000000 +0100
|
||||||
|
@@ -43,7 +43,8 @@ INSTALL = $(SHELL) $(srcdir)/install-sh
|
||||||
|
# Libraries
|
||||||
|
LIBS = @LIBS@
|
||||||
|
NET_LIBS = @NET_LIBS@
|
||||||
|
-SUDO_LIBS = @SUDO_LIBS@ @AFS_LIBS@ @GETGROUPS_LIB@ $(LIBS) $(NET_LIBS)
|
||||||
|
+SELINUX_LIBS = -lselinux
|
||||||
|
+SUDO_LIBS = @SUDO_LIBS@ @AFS_LIBS@ @GETGROUPS_LIB@ $(LIBS) $(NET_LIBS) $(SELINUX_LIBS)
|
||||||
|
|
||||||
|
# C preprocessor flags
|
||||||
|
CPPFLAGS = -I. -I$(srcdir) @CPPFLAGS@
|
||||||
|
@@ -91,7 +92,7 @@ sudoers_gid = @SUDOERS_GID@
|
||||||
|
sudoers_mode = @SUDOERS_MODE@
|
||||||
|
|
||||||
|
# Pass in paths and uid/gid + OS dependent defined
|
||||||
|
-DEFS = @OSDEFS@ -D_PATH_SUDOERS=\"$(sudoersdir)/sudoers\" -D_PATH_SUDOERS_TMP=\"$(sudoersdir)/sudoers.tmp\" -DSUDOERS_UID=$(sudoers_uid) -DSUDOERS_GID=$(sudoers_gid) -DSUDOERS_MODE=$(sudoers_mode)
|
||||||
|
+DEFS = @OSDEFS@ -D_PATH_SUDOERS=\"$(sudoersdir)/sudoers\" -D_PATH_SUDOERS_TMP=\"$(sudoersdir)/sudoers.tmp\" -DSUDOERS_UID=$(sudoers_uid) -DSUDOERS_GID=$(sudoers_gid) -DSUDOERS_MODE=$(sudoers_mode) -DWITH_SELINUX
|
||||||
|
|
||||||
|
#### End of system configuration section. ####
|
||||||
|
|
||||||
|
@@ -105,7 +106,7 @@ SRCS = alloc.c alloca.c check.c closefro
|
||||||
|
logging.c memrchr.c mkstemp.c parse.c parse.lex parse.yacc set_perms.c \
|
||||||
|
sigaction.c snprintf.c strcasecmp.c strerror.c strlcat.c strlcpy.c \
|
||||||
|
sudo.c sudo_noexec.c sudo.tab.c sudo_edit.c testsudoers.c tgetpass.c \
|
||||||
|
- utimes.c visudo.c zero_bytes.c $(AUTH_SRCS)
|
||||||
|
+ utimes.c visudo.c zero_bytes.c $(AUTH_SRCS) selinux.c sesh.c
|
||||||
|
|
||||||
|
AUTH_SRCS = auth/afs.c auth/aix_auth.c auth/bsdauth.c auth/dce.c auth/fwtk.c \
|
||||||
|
auth/kerb4.c auth/kerb5.c auth/pam.c auth/passwd.c auth/rfc1938.c \
|
||||||
|
@@ -124,11 +125,13 @@ AUDIT_OBJS = audit_help.o
|
||||||
|
PARSEOBJS = sudo.tab.o lex.yy.o alloc.o defaults.o
|
||||||
|
|
||||||
|
SUDOBJS = check.o env.o getspwuid.o gettime.o goodpath.o fileops.o find_path.o \
|
||||||
|
- interfaces.o logging.o parse.o set_perms.o sudo.o sudo_edit.o \
|
||||||
|
+ interfaces.o logging.o parse.o set_perms.o sudo.o selinux.o sudo_edit.o \
|
||||||
|
tgetpass.o zero_bytes.o @SUDO_OBJS@ $(AUTH_OBJS) $(PARSEOBJS) $(AUDIT_OBJS)
|
||||||
|
|
||||||
|
VISUDOBJS = visudo.o fileops.o gettime.o goodpath.o find_path.o $(PARSEOBJS)
|
||||||
|
|
||||||
|
+SESH_OBJS = sesh.o
|
||||||
|
+
|
||||||
|
TESTOBJS = interfaces.o testsudoers.o $(PARSEOBJS)
|
||||||
|
|
||||||
|
LIBOBJS = @LIBOBJS@ @ALLOCA@
|
||||||
|
@@ -149,7 +152,7 @@ DISTFILES = $(SRCS) $(HDRS) BUGS CHANGES
|
||||||
|
BINFILES= BUGS CHANGES HISTORY LICENSE README TROUBLESHOOTING \
|
||||||
|
UPGRADE install-sh mkinstalldirs sample.syslog.conf sample.sudoers \
|
||||||
|
sudo sudo.cat sudo.man sudo.pod sudoers sudoers.cat sudoers.man \
|
||||||
|
- sudoers.pod visudo visudo.cat visudo.man visudo.pod
|
||||||
|
+ sudoers.pod visudo visudo.cat visudo.man visudo.pod sesh
|
||||||
|
|
||||||
|
BINSPECIAL= INSTALL.binary Makefile.binary libtool
|
||||||
|
|
||||||
|
@@ -181,6 +184,9 @@ sudo: $(SUDOBJS) $(LIBOBJS)
|
||||||
|
visudo: $(VISUDOBJS) $(LIBOBJS)
|
||||||
|
$(CC) -o $@ $(VISUDOBJS) $(LIBOBJS) $(LDFLAGS) $(LIBS) $(NET_LIBS)
|
||||||
|
|
||||||
|
+sesh: $(SESH_OBJS)
|
||||||
|
+ $(CC) -o $@ $(SESH_OBJS) $(LDFLAGS) $(LIBS)
|
||||||
|
+
|
||||||
|
testsudoers: $(TESTOBJS) $(LIBOBJS)
|
||||||
|
$(CC) -o $@ $(TESTOBJS) $(LIBOBJS) $(LDFLAGS) $(LIBS) $(NET_LIBS)
|
||||||
|
|
||||||
|
@@ -222,6 +228,7 @@ logging.o: logging.c $(SUDODEP)
|
||||||
|
set_perms.o: set_perms.c $(SUDODEP)
|
||||||
|
tgetpass.o: tgetpass.c $(SUDODEP)
|
||||||
|
visudo.o: visudo.c $(SUDODEP) version.h
|
||||||
|
+sesh.o: sesh.c
|
||||||
|
sudo.o: sudo.c $(SUDODEP) interfaces.h version.h
|
||||||
|
interfaces.o: interfaces.c $(SUDODEP) interfaces.h
|
||||||
|
testsudoers.o: testsudoers.c $(SUDODEP) parse.h interfaces.h
|
||||||
|
@@ -320,6 +327,7 @@ install-binaries: $(PROGS)
|
||||||
|
ln $(DESTDIR)$(sudodir)/sudo $(DESTDIR)$(sudodir)/sudoedit
|
||||||
|
|
||||||
|
$(INSTALL) -O $(install_uid) -G $(install_gid) -M 0111 -s visudo $(DESTDIR)$(visudodir)/visudo
|
||||||
|
+ $(INSTALL) -O $(install_uid) -G $(install_gid) -M 0111 -s sesh $(DESTDIR)$(visudodir)/sesh
|
||||||
|
|
||||||
|
install-noexec: sudo_noexec.la
|
||||||
|
$(LIBTOOL) --mode=install $(INSTALL) sudo_noexec.la $(DESTDIR)$(noexecdir)
|
||||||
|
diff -up sudo-1.6.9p12/sudo.c.selinux sudo-1.6.9p12/sudo.c
|
||||||
|
--- sudo-1.6.9p12/sudo.c.selinux 2008-02-06 12:45:07.000000000 +0100
|
||||||
|
+++ sudo-1.6.9p12/sudo.c 2008-02-06 13:06:50.000000000 +0100
|
||||||
|
@@ -101,6 +101,14 @@
|
||||||
|
#include <libaudit.h>
|
||||||
|
#endif
|
||||||
|
|
||||||
|
+#ifdef WITH_SELINUX
|
||||||
|
+#include <selinux/selinux.h>
|
||||||
|
+static char *role_s = NULL; /* role spec'd by user in argv[] */
|
||||||
|
+static char *type_s = NULL; /* type spec'd by user in argv[] */
|
||||||
|
+extern void selinux_exec(char *role_s, char *type_s, char *safe_cmnd, int NewArgc, char **NewArgv, char **environ);
|
||||||
|
+
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
#include "sudo.h"
|
||||||
|
#include "interfaces.h"
|
||||||
|
#include "version.h"
|
||||||
|
@@ -487,6 +495,12 @@ main(argc, argv, envp)
|
||||||
|
if (ISSET(sudo_mode, MODE_BACKGROUND) && fork() > 0)
|
||||||
|
exit(0);
|
||||||
|
else {
|
||||||
|
+#ifdef WITH_SELINUX
|
||||||
|
+ if( is_selinux_enabled() >0 && role_s) {
|
||||||
|
+ selinux_exec(role_s, type_s, safe_cmnd, NewArgc, NewArgv, environ); /* run the command */
|
||||||
|
+ exit(-1);
|
||||||
|
+ }
|
||||||
|
+#endif
|
||||||
|
execve(safe_cmnd, NewArgv, environ);
|
||||||
|
}
|
||||||
|
#else
|
||||||
|
@@ -817,6 +831,30 @@ parse_args(argc, argv)
|
||||||
|
NewArgv++;
|
||||||
|
break;
|
||||||
|
#endif
|
||||||
|
+#ifdef WITH_SELINUX
|
||||||
|
+ case 'r':
|
||||||
|
+ /* Must have an associated SELinux role. */
|
||||||
|
+ if (NewArgv[1] == NULL)
|
||||||
|
+ usage(1);
|
||||||
|
+
|
||||||
|
+ role_s = NewArgv[1];
|
||||||
|
+
|
||||||
|
+ /* Shift Argv over and adjust Argc. */
|
||||||
|
+ NewArgc--;
|
||||||
|
+ NewArgv++;
|
||||||
|
+ break;
|
||||||
|
+ case 't':
|
||||||
|
+ /* Must have an associated SELinux type. */
|
||||||
|
+ if (NewArgv[1] == NULL)
|
||||||
|
+ usage(1);
|
||||||
|
+
|
||||||
|
+ type_s = NewArgv[1];
|
||||||
|
+
|
||||||
|
+ /* Shift Argv over and adjust Argc. */
|
||||||
|
+ NewArgc--;
|
||||||
|
+ NewArgv++;
|
||||||
|
+ break;
|
||||||
|
+#endif
|
||||||
|
#ifdef HAVE_LOGIN_CAP_H
|
||||||
|
case 'c':
|
||||||
|
/* Must have an associated login class. */
|
||||||
|
@@ -1318,6 +1356,9 @@ usage(exit_val)
|
||||||
|
#ifdef HAVE_BSD_AUTH_H
|
||||||
|
" [-a auth_type]",
|
||||||
|
#endif
|
||||||
|
+#ifdef WITH_SELINUX
|
||||||
|
+ " [-r role] [-t type] ",
|
||||||
|
+#endif
|
||||||
|
#ifdef HAVE_LOGIN_CAP_H
|
||||||
|
" [-c class|-]",
|
||||||
|
#endif
|
||||||
|
diff -up sudo-1.6.9p12/sudo.man.in.selinux sudo-1.6.9p12/sudo.man.in
|
||||||
|
--- sudo-1.6.9p12/sudo.man.in.selinux 2008-01-14 13:22:57.000000000 +0100
|
||||||
|
+++ sudo-1.6.9p12/sudo.man.in 2008-02-06 13:06:50.000000000 +0100
|
||||||
|
@@ -159,6 +159,7 @@ sudo, sudoedit \- execute a command as a
|
||||||
|
.PP
|
||||||
|
\&\fBsudo\fR [\fB\-bEHPS\fR] [\fB\-a\fR\ \fIauth_type\fR]
|
||||||
|
[\fB\-c\fR\ \fIclass\fR|\fI\-\fR] [\fB\-p\fR\ \fIprompt\fR] [\fB\-u\fR\ \fIusername\fR|\fI#uid\fR]
|
||||||
|
+[\fB\-r\fR \fIrole\fR ] [\fB\-t\fR \fItype\fR ]
|
||||||
|
[\fB\s-1VAR\s0\fR=\fIvalue\fR] {\fB\-i\fR\ |\ \fB\-s\fR\ |\ \fIcommand\fR}
|
||||||
|
.PP
|
||||||
|
\&\fBsudoedit\fR [\fB\-S\fR] [\fB\-a\fR\ \fIauth_type\fR] [\fB\-c\fR\ \fIclass\fR|\fI\-\fR]
|
||||||
|
@@ -323,6 +324,16 @@ preserve the invoking user's group vecto
|
||||||
|
\&\fBsudo\fR will initialize the group vector to the list of groups the
|
||||||
|
target user is in. The real and effective group IDs, however, are
|
||||||
|
still set to match the target user.
|
||||||
|
+.IP "\-r" 4
|
||||||
|
+.IX Item "-r"
|
||||||
|
+The \fB\-r\fR (\fRrole\fR) option causes the new (SELinux) security context to have the role specified by
|
||||||
|
+\fIROLE\fR.
|
||||||
|
+.IP "\-t" 4
|
||||||
|
+.IX Item "-t"
|
||||||
|
+The \fB\-t\fR (\fRtype\fR) option causes the new (SELinux) security context to have the have the type (domain)
|
||||||
|
+specified by
|
||||||
|
+\fITYPE\fR.
|
||||||
|
+If no type is specified, the default type is derived from the specified role.
|
||||||
|
.IP "\-p" 4
|
||||||
|
.IX Item "-p"
|
||||||
|
The \fB\-p\fR (\fIprompt\fR) option allows you to override the default
|
@ -1,6 +1,6 @@
|
|||||||
diff -up sudo-1.6.9p4/set_perms.c.audit sudo-1.6.9p4/set_perms.c
|
diff -up sudo-1.6.9p12/set_perms.c.audit sudo-1.6.9p12/set_perms.c
|
||||||
--- sudo-1.6.9p4/set_perms.c.audit 2007-07-06 16:16:22.000000000 +0200
|
--- sudo-1.6.9p12/set_perms.c.audit 2007-11-28 00:41:23.000000000 +0100
|
||||||
+++ sudo-1.6.9p4/set_perms.c 2008-01-07 19:52:41.000000000 +0100
|
+++ sudo-1.6.9p12/set_perms.c 2008-02-05 14:09:29.000000000 +0100
|
||||||
@@ -53,6 +53,10 @@
|
@@ -53,6 +53,10 @@
|
||||||
#ifdef HAVE_LOGIN_CAP_H
|
#ifdef HAVE_LOGIN_CAP_H
|
||||||
# include <login_cap.h>
|
# include <login_cap.h>
|
||||||
@ -12,61 +12,10 @@ diff -up sudo-1.6.9p4/set_perms.c.audit sudo-1.6.9p4/set_perms.c
|
|||||||
|
|
||||||
#include "sudo.h"
|
#include "sudo.h"
|
||||||
|
|
||||||
@@ -101,22 +105,55 @@ set_perms(perm)
|
@@ -119,13 +123,46 @@ set_perms(perm)
|
||||||
if (setresuid(user_uid, user_uid, user_uid))
|
|
||||||
err(1, "setresuid(user_uid, user_uid, user_uid)");
|
|
||||||
break;
|
|
||||||
-
|
|
||||||
+
|
|
||||||
+ case PERM_FULL_RUNAS:
|
|
||||||
+#if defined(WITH_AUDIT) && defined(HAVE_LIBCAP)
|
|
||||||
+ { /* BEGIN CAP BLOCK */
|
|
||||||
+ cap_t new_caps;
|
|
||||||
+ cap_value_t cap_list[] = { CAP_AUDIT_WRITE };
|
|
||||||
+
|
|
||||||
+ if (runas_pw->pw_uid != ROOT_UID) {
|
|
||||||
+ new_caps = cap_init ();
|
|
||||||
+ if (!new_caps)
|
|
||||||
+ err(1, "Error initing capabilities, aborting.\n");
|
|
||||||
+
|
|
||||||
+ if(cap_set_flag(new_caps, CAP_PERMITTED, 1, cap_list, CAP_SET) ||
|
|
||||||
+ cap_set_flag(new_caps, CAP_EFFECTIVE, 1, cap_list, CAP_SET)) {
|
|
||||||
+ err(1, "Error setting capabilities, aborting\n");
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0))
|
|
||||||
+ err(1, "Error setting KEEPCAPS, aborting\n");
|
|
||||||
+ }
|
|
||||||
+#endif
|
|
||||||
+ /* headed for exec(), assume euid == ROOT_UID */
|
|
||||||
+ runas_setup ();
|
|
||||||
+ if (setresuid(def_stay_setuid ?
|
|
||||||
+ user_uid : runas_pw->pw_uid,
|
|
||||||
+ runas_pw->pw_uid, runas_pw->pw_uid))
|
|
||||||
+ err(1, "unable to change to runas uid");
|
|
||||||
+
|
|
||||||
+#if defined(WITH_AUDIT) && defined(HAVE_LIBCAP)
|
|
||||||
+ if (runas_pw->pw_uid != ROOT_UID) {
|
|
||||||
+ if (prctl(PR_SET_KEEPCAPS, 0, 0, 0, 0) < 0)
|
|
||||||
+ err(1, "Error resetting KEEPCAPS, aborting\n");
|
|
||||||
+
|
|
||||||
+ if (cap_set_proc(new_caps))
|
|
||||||
+ err(1, "Error dropping capabilities, aborting\n");
|
|
||||||
+
|
|
||||||
+ if (cap_free (new_caps))
|
|
||||||
+ err(1, "Error freeing caps\n");
|
|
||||||
+ }
|
|
||||||
+ } /* END CAP BLOCK */
|
|
||||||
+#endif
|
|
||||||
+ break;
|
|
||||||
+
|
|
||||||
case PERM_RUNAS:
|
|
||||||
(void) setresgid(-1, runas_pw->pw_gid, -1);
|
|
||||||
if (setresuid(-1, runas_pw->pw_uid, -1))
|
|
||||||
err(1, "unable to change to runas uid");
|
|
||||||
break;
|
break;
|
||||||
|
|
||||||
- case PERM_FULL_RUNAS:
|
case PERM_FULL_RUNAS:
|
||||||
- /* headed for exec(), assume euid == ROOT_UID */
|
- /* headed for exec(), assume euid == ROOT_UID */
|
||||||
- runas_setup();
|
- runas_setup();
|
||||||
- if (setresuid(def_stay_setuid ?
|
- if (setresuid(def_stay_setuid ?
|
||||||
@ -74,13 +23,52 @@ diff -up sudo-1.6.9p4/set_perms.c.audit sudo-1.6.9p4/set_perms.c
|
|||||||
- runas_pw->pw_uid, runas_pw->pw_uid))
|
- runas_pw->pw_uid, runas_pw->pw_uid))
|
||||||
- err(1, "unable to change to runas uid");
|
- err(1, "unable to change to runas uid");
|
||||||
- break;
|
- break;
|
||||||
-
|
+#if defined(WITH_AUDIT) && defined(HAVE_LIBCAP)
|
||||||
|
+ { /* BEGIN CAP BLOCK */
|
||||||
|
+ cap_t new_caps;
|
||||||
|
+ cap_value_t cap_list[] = { CAP_AUDIT_WRITE };
|
||||||
|
+
|
||||||
|
+ if (runas_pw->pw_uid != ROOT_UID) {
|
||||||
|
+ new_caps = cap_init ();
|
||||||
|
+ if (!new_caps)
|
||||||
|
+ err(1, "Error initing capabilities, aborting.\n");
|
||||||
|
+
|
||||||
|
+ if(cap_set_flag(new_caps, CAP_PERMITTED, 1, cap_list, CAP_SET) ||
|
||||||
|
+ cap_set_flag(new_caps, CAP_EFFECTIVE, 1, cap_list, CAP_SET)) {
|
||||||
|
+ err(1, "Error setting capabilities, aborting\n");
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0))
|
||||||
|
+ err(1, "Error setting KEEPCAPS, aborting\n");
|
||||||
|
+ }
|
||||||
|
+#endif
|
||||||
|
+ /* headed for exec(), assume euid == ROOT_UID */
|
||||||
|
+ runas_setup ();
|
||||||
|
+ if (setresuid(def_stay_setuid ?
|
||||||
|
+ user_uid : runas_pw->pw_uid,
|
||||||
|
+ runas_pw->pw_uid, runas_pw->pw_uid))
|
||||||
|
+ err(1, "unable to change to runas uid");
|
||||||
|
+
|
||||||
|
+#if defined(WITH_AUDIT) && defined(HAVE_LIBCAP)
|
||||||
|
+ if (runas_pw->pw_uid != ROOT_UID) {
|
||||||
|
+ if (prctl(PR_SET_KEEPCAPS, 0, 0, 0, 0) < 0)
|
||||||
|
+ err(1, "Error resetting KEEPCAPS, aborting\n");
|
||||||
|
+
|
||||||
|
+ if (cap_set_proc(new_caps))
|
||||||
|
+ err(1, "Error dropping capabilities, aborting\n");
|
||||||
|
+
|
||||||
|
+ if (cap_free (new_caps))
|
||||||
|
+ err(1, "Error freeing caps\n");
|
||||||
|
+ }
|
||||||
|
+ } /* END CAP BLOCK */
|
||||||
|
+#endif
|
||||||
|
+ break;
|
||||||
|
|
||||||
case PERM_SUDOERS:
|
case PERM_SUDOERS:
|
||||||
/* assume euid == ROOT_UID, ruid == user */
|
/* assume euid == ROOT_UID, ruid == user */
|
||||||
if (setresgid(-1, SUDOERS_GID, -1))
|
diff -up sudo-1.6.9p12/sudo.c.audit sudo-1.6.9p12/sudo.c
|
||||||
diff -up sudo-1.6.9p4/sudo.c.audit sudo-1.6.9p4/sudo.c
|
--- sudo-1.6.9p12/sudo.c.audit 2008-02-05 13:57:21.000000000 +0100
|
||||||
--- sudo-1.6.9p4/sudo.c.audit 2008-01-07 19:52:41.000000000 +0100
|
+++ sudo-1.6.9p12/sudo.c 2008-02-05 13:57:21.000000000 +0100
|
||||||
+++ sudo-1.6.9p4/sudo.c 2008-01-07 19:52:41.000000000 +0100
|
|
||||||
@@ -97,6 +97,10 @@
|
@@ -97,6 +97,10 @@
|
||||||
# include <sys/task.h>
|
# include <sys/task.h>
|
||||||
#endif
|
#endif
|
||||||
@ -220,10 +208,10 @@ diff -up sudo-1.6.9p4/sudo.c.audit sudo-1.6.9p4/sudo.c
|
|||||||
warn("unable to execute %s", safe_cmnd);
|
warn("unable to execute %s", safe_cmnd);
|
||||||
exit(127);
|
exit(127);
|
||||||
} else if (ISSET(validated, FLAG_NO_USER) || (validated & FLAG_NO_HOST)) {
|
} else if (ISSET(validated, FLAG_NO_USER) || (validated & FLAG_NO_HOST)) {
|
||||||
diff -up sudo-1.6.9p4/configure.in.audit sudo-1.6.9p4/configure.in
|
diff -up sudo-1.6.9p12/configure.in.audit sudo-1.6.9p12/configure.in
|
||||||
--- sudo-1.6.9p4/configure.in.audit 2008-01-07 19:52:41.000000000 +0100
|
--- sudo-1.6.9p12/configure.in.audit 2008-02-05 13:57:21.000000000 +0100
|
||||||
+++ sudo-1.6.9p4/configure.in 2008-01-07 19:52:41.000000000 +0100
|
+++ sudo-1.6.9p12/configure.in 2008-02-05 13:57:21.000000000 +0100
|
||||||
@@ -150,6 +150,10 @@ dnl
|
@@ -154,6 +154,10 @@ dnl
|
||||||
dnl Options for --with
|
dnl Options for --with
|
||||||
dnl
|
dnl
|
||||||
|
|
||||||
@ -234,7 +222,7 @@ diff -up sudo-1.6.9p4/configure.in.audit sudo-1.6.9p4/configure.in
|
|||||||
AC_ARG_WITH(CC, [ --with-CC C compiler to use],
|
AC_ARG_WITH(CC, [ --with-CC C compiler to use],
|
||||||
[case $with_CC in
|
[case $with_CC in
|
||||||
yes) AC_MSG_ERROR(["must give --with-CC an argument."])
|
yes) AC_MSG_ERROR(["must give --with-CC an argument."])
|
||||||
@@ -1579,6 +1583,25 @@ dnl
|
@@ -1588,6 +1592,25 @@ dnl
|
||||||
: ${mansectsu='8'}
|
: ${mansectsu='8'}
|
||||||
: ${mansectform='5'}
|
: ${mansectform='5'}
|
||||||
|
|
||||||
@ -260,9 +248,9 @@ diff -up sudo-1.6.9p4/configure.in.audit sudo-1.6.9p4/configure.in
|
|||||||
dnl
|
dnl
|
||||||
dnl Add in any libpaths or libraries specified via configure
|
dnl Add in any libpaths or libraries specified via configure
|
||||||
dnl
|
dnl
|
||||||
diff -up /dev/null sudo-1.6.9p4/audit_help.c
|
diff -up /dev/null sudo-1.6.9p12/audit_help.c
|
||||||
--- /dev/null 2008-01-04 00:33:16.572612675 +0100
|
--- /dev/null 2008-02-05 11:01:55.583821645 +0100
|
||||||
+++ sudo-1.6.9p4/audit_help.c 2008-01-07 19:55:40.000000000 +0100
|
+++ sudo-1.6.9p12/audit_help.c 2008-02-05 13:57:21.000000000 +0100
|
||||||
@@ -0,0 +1,88 @@
|
@@ -0,0 +1,88 @@
|
||||||
+/*
|
+/*
|
||||||
+ * Audit helper functions used throughout sudo
|
+ * Audit helper functions used throughout sudo
|
||||||
@ -352,10 +340,10 @@ diff -up /dev/null sudo-1.6.9p4/audit_help.c
|
|||||||
+#endif /* WITH_AUDIT */
|
+#endif /* WITH_AUDIT */
|
||||||
+
|
+
|
||||||
+
|
+
|
||||||
diff -up sudo-1.6.9p4/Makefile.in.audit sudo-1.6.9p4/Makefile.in
|
diff -up sudo-1.6.9p12/Makefile.in.audit sudo-1.6.9p12/Makefile.in
|
||||||
--- sudo-1.6.9p4/Makefile.in.audit 2007-08-15 16:16:57.000000000 +0200
|
--- sudo-1.6.9p12/Makefile.in.audit 2008-01-14 13:22:57.000000000 +0100
|
||||||
+++ sudo-1.6.9p4/Makefile.in 2008-01-07 19:52:41.000000000 +0100
|
+++ sudo-1.6.9p12/Makefile.in 2008-02-05 13:57:21.000000000 +0100
|
||||||
@@ -118,11 +118,13 @@ HDRS = compat.h def_data.h defaults.h in
|
@@ -119,11 +119,13 @@ HDRS = compat.h def_data.h defaults.h in
|
||||||
|
|
||||||
AUTH_OBJS = sudo_auth.o @AUTH_OBJS@
|
AUTH_OBJS = sudo_auth.o @AUTH_OBJS@
|
||||||
|
|
||||||
@ -370,7 +358,7 @@ diff -up sudo-1.6.9p4/Makefile.in.audit sudo-1.6.9p4/Makefile.in
|
|||||||
|
|
||||||
VISUDOBJS = visudo.o fileops.o gettime.o goodpath.o find_path.o $(PARSEOBJS)
|
VISUDOBJS = visudo.o fileops.o gettime.o goodpath.o find_path.o $(PARSEOBJS)
|
||||||
|
|
||||||
@@ -273,6 +275,9 @@ securid5.o: $(authdir)/securid5.c $(AUTH
|
@@ -274,6 +276,9 @@ securid5.o: $(authdir)/securid5.c $(AUTH
|
||||||
sia.o: $(authdir)/sia.c $(AUTHDEP)
|
sia.o: $(authdir)/sia.c $(AUTHDEP)
|
||||||
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(authdir)/sia.c
|
$(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(OPTIONS) $(authdir)/sia.c
|
||||||
|
|
||||||
@ -380,9 +368,9 @@ diff -up sudo-1.6.9p4/Makefile.in.audit sudo-1.6.9p4/Makefile.in
|
|||||||
sudo.man.in: $(srcdir)/sudo.pod
|
sudo.man.in: $(srcdir)/sudo.pod
|
||||||
@rm -f $(srcdir)/$@
|
@rm -f $(srcdir)/$@
|
||||||
( cd $(srcdir); mansectsu=`echo @MANSECTSU@|tr A-Z a-z`; mansectform=`echo @MANSECTFORM@|tr A-Z a-z`; sed -n -e 1d -e '/^=pod/q' -e 's/^/.\\" /p' sudo.pod > $@; pod2man --quotes=none --date="`date '+%B %e, %Y'`" --section=$$mansectsu --release=$(VERSION) --center="MAINTENANCE COMMANDS" sudo.pod | sed -e "s/(5)/($$mansectform)/" -e "s/(8)/($$mansectsu)/" >> $@ )
|
( cd $(srcdir); mansectsu=`echo @MANSECTSU@|tr A-Z a-z`; mansectform=`echo @MANSECTFORM@|tr A-Z a-z`; sed -n -e 1d -e '/^=pod/q' -e 's/^/.\\" /p' sudo.pod > $@; pod2man --quotes=none --date="`date '+%B %e, %Y'`" --section=$$mansectsu --release=$(VERSION) --center="MAINTENANCE COMMANDS" sudo.pod | sed -e "s/(5)/($$mansectform)/" -e "s/(8)/($$mansectsu)/" >> $@ )
|
||||||
diff -up sudo-1.6.9p4/sudo.h.audit sudo-1.6.9p4/sudo.h
|
diff -up sudo-1.6.9p12/sudo.h.audit sudo-1.6.9p12/sudo.h
|
||||||
--- sudo-1.6.9p4/sudo.h.audit 2008-01-07 19:52:41.000000000 +0100
|
--- sudo-1.6.9p12/sudo.h.audit 2008-02-05 13:57:21.000000000 +0100
|
||||||
+++ sudo-1.6.9p4/sudo.h 2008-01-07 19:52:41.000000000 +0100
|
+++ sudo-1.6.9p12/sudo.h 2008-02-05 13:57:21.000000000 +0100
|
||||||
@@ -23,6 +23,8 @@
|
@@ -23,6 +23,8 @@
|
||||||
#ifndef _SUDO_SUDO_H
|
#ifndef _SUDO_SUDO_H
|
||||||
#define _SUDO_SUDO_H
|
#define _SUDO_SUDO_H
|
||||||
@ -392,7 +380,7 @@ diff -up sudo-1.6.9p4/sudo.h.audit sudo-1.6.9p4/sudo.h
|
|||||||
#include <pathnames.h>
|
#include <pathnames.h>
|
||||||
#include <limits.h>
|
#include <limits.h>
|
||||||
#include "compat.h"
|
#include "compat.h"
|
||||||
@@ -274,4 +276,10 @@ extern int sudo_mode;
|
@@ -278,4 +280,10 @@ extern int sudo_mode;
|
||||||
extern int errno;
|
extern int errno;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
@ -1,41 +0,0 @@
|
|||||||
diff -up sudo-1.6.9p4/acsite.m4.autotoolsRecursion sudo-1.6.9p4/acsite.m4
|
|
||||||
--- sudo-1.6.9p4/acsite.m4.autotoolsRecursion 2007-08-27 12:33:37.000000000 +0400
|
|
||||||
+++ sudo-1.6.9p4/acsite.m4 2007-08-27 12:33:52.000000000 +0400
|
|
||||||
@@ -6319,19 +6319,32 @@ m4_define([lt_join],
|
|
||||||
])
|
|
||||||
|
|
||||||
|
|
||||||
+# lt_car(LIST)
|
|
||||||
+# lt_cdr(LIST)
|
|
||||||
+# ------------
|
|
||||||
+# Manipulate m4 lists.
|
|
||||||
+# These macros are necessary as long as will still need to support
|
|
||||||
+# Autoconf-2.59 which quotes differently.
|
|
||||||
+m4_define([lt_car], [[$1]])
|
|
||||||
+m4_define([lt_cdr],
|
|
||||||
+[m4_if([$#], 0, [m4_fatal([$0: cannot be called without arguments])],
|
|
||||||
+ [$#], 1, [],
|
|
||||||
+ [m4_dquote(m4_shift($@))])])
|
|
||||||
+
|
|
||||||
+
|
|
||||||
# lt_combine(SEP, PREFIX-LIST, INFIX, SUFFIX1, [SUFFIX2...])
|
|
||||||
# ----------------------------------------------------------
|
|
||||||
# Produce a SEP delimited list of all paired combinations of elements of
|
|
||||||
# PREFIX-LIST with SUFFIX1 through SUFFIXn. Each element of the list
|
|
||||||
# has the form PREFIXmINFIXSUFFIXn.
|
|
||||||
m4_define([lt_combine],
|
|
||||||
-[m4_if([$2], [[]], [],
|
|
||||||
- [lt_join(m4_quote(m4_default([$1], [, ])),
|
|
||||||
- _$0([$1], m4_car($2)[$3], m4_shiftn(3, $@)),
|
|
||||||
- $0([$1], m4_cdr($2), m4_shiftn(2, $@)))])])
|
|
||||||
+[m4_if([$2], [], [],
|
|
||||||
+ [lt_join(m4_quote(m4_default([$1], [[, ]])),
|
|
||||||
+ _$0([$1], lt_car($2)[$3], m4_shiftn(3, $@)),
|
|
||||||
+ $0([$1], lt_cdr($2), m4_shiftn(2, $@)))])])
|
|
||||||
m4_define([_lt_combine],
|
|
||||||
[m4_if([$3], [], [],
|
|
||||||
- [lt_join(m4_quote(m4_default([$1], [, ])),
|
|
||||||
+ [lt_join(m4_quote(m4_default([$1], [[, ]])),
|
|
||||||
[$2$3],
|
|
||||||
$0([$1], [$2], m4_shiftn(3, $@)))])[]dnl
|
|
||||||
])
|
|
@ -1,12 +0,0 @@
|
|||||||
diff -up sudo-1.6.9p4/configure.in.getprpwnam sudo-1.6.9p4/configure.in
|
|
||||||
--- sudo-1.6.9p4/configure.in.getprpwnam 2007-08-27 13:24:54.000000000 +0400
|
|
||||||
+++ sudo-1.6.9p4/configure.in 2007-08-27 13:25:48.000000000 +0400
|
|
||||||
@@ -1975,7 +1975,7 @@ if test "$CHECKSHADOW" = "true"; then
|
|
||||||
AC_CHECK_FUNCS(getspnam, [CHECKSHADOW="false"], [AC_CHECK_LIB(gen, getspnam, AC_DEFINE(HAVE_GETSPNAM) [SUDO_LIBS="${SUDO_LIBS} -lgen"; LIBS="${LIBS} -lgen"])])
|
|
||||||
fi
|
|
||||||
if test "$CHECKSHADOW" = "true"; then
|
|
||||||
- AC_CHECK_FUNC(getprpwnam, [AC_DEFINE(HAVE_GETPRPWNAM) [CHECKSHADOW="false"; SECUREWARE=1], AC_CHECK_LIB(sec, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) [CHECKSHADOW="false"; SECUREWARE=1; SUDO_LIBS="${SUDO_LIBS} -lsec"; LIBS="${LIBS} -lsec"], AC_CHECK_LIB(security, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) [CHECKSHADOW="false"; SECUREWARE=1; SUDO_LIBS="${SUDO_LIBS} -lsecurity"; LIBS="${LIBS} -lsecurity"], AC_CHECK_LIB(prot, getprpwnam, AC_DEFINE(HAVE_GETPRPWNAM) [CHECKSHADOW="false"; SECUREWARE=1; SUDO_LIBS="${SUDO_LIBS} -lprot"; LIBS="${LIBS} -lprot"])))])
|
|
||||||
+ AC_CHECK_FUNC(getprpwnam, [AC_DEFINE(HAVE_GETPRPWNAM) CHECKSHADOW="false"; SECUREWARE=1], [AC_CHECK_LIB(sec, getprpwnam, [AC_DEFINE(HAVE_GETPRPWNAM) CHECKSHADOW="false"; SECUREWARE=1; SUDO_LIBS="${SUDO_LIBS} -lsec"; LIBS="${LIBS} -lsec"], [AC_CHECK_LIB(security, getprpwnam, [AC_DEFINE(HAVE_GETPRPWNAM) CHECKSHADOW="false"; SECUREWARE=1; SUDO_LIBS="${SUDO_LIBS} -lsecurity"; LIBS="${LIBS} -lsecurity"], [AC_CHECK_LIB(prot, getprpwnam, [AC_DEFINE(HAVE_GETPRPWNAM) CHECKSHADOW="false"; SECUREWARE=1; SUDO_LIBS="${SUDO_LIBS} -lprot"; LIBS="${LIBS} -lprot"])])])])
|
|
||||||
fi
|
|
||||||
if test -n "$SECUREWARE"; then
|
|
||||||
AC_CHECK_FUNCS(bigcrypt set_auth_parameters initprivs)
|
|
20
sudo.spec
20
sudo.spec
@ -1,7 +1,7 @@
|
|||||||
Summary: Allows restricted root access for specified users
|
Summary: Allows restricted root access for specified users
|
||||||
Name: sudo
|
Name: sudo
|
||||||
Version: 1.6.9p4
|
Version: 1.6.9p12
|
||||||
Release: 6%{?dist}
|
Release: 1%{?dist}
|
||||||
License: BSD
|
License: BSD
|
||||||
Group: Applications/System
|
Group: Applications/System
|
||||||
URL: http://www.courtesan.com/sudo/
|
URL: http://www.courtesan.com/sudo/
|
||||||
@ -24,9 +24,9 @@ Patch1: sudo-1.6.7p5-strip.patch
|
|||||||
Patch2: sudo-1.6.9p4-login.patch
|
Patch2: sudo-1.6.9p4-login.patch
|
||||||
# the rest, see changelog
|
# the rest, see changelog
|
||||||
Patch3: sudo-1.6.9p4-getgrouplist.patch
|
Patch3: sudo-1.6.9p4-getgrouplist.patch
|
||||||
Patch4: sudo-1.6.9p4-autotoolsRecursion.patch
|
Patch4: sudo-1.6.9p12-noPam.patch
|
||||||
Patch5: sudo-1.6.9p4-getprpwnam.patch
|
Patch5: sudo-1.6.9p4-audit.patch
|
||||||
Patch6: sudo-1.6.9p4-audit.patch
|
Patch6: sudo-1.6.9p12-selinux.patch
|
||||||
|
|
||||||
%description
|
%description
|
||||||
Sudo (superuser do) allows a system administrator to give certain
|
Sudo (superuser do) allows a system administrator to give certain
|
||||||
@ -44,9 +44,9 @@ on many different machines.
|
|||||||
%patch1 -p1 -b .strip
|
%patch1 -p1 -b .strip
|
||||||
%patch2 -p1 -b .login
|
%patch2 -p1 -b .login
|
||||||
%patch3 -p1 -b .getgrouplist
|
%patch3 -p1 -b .getgrouplist
|
||||||
%patch4 -p1 -b .autotoolsRecursion
|
%patch4 -p1 -b .noPam
|
||||||
%patch5 -p1 -b .getprpwnam
|
%patch5 -p1 -b .audit
|
||||||
%patch6 -p1 -b .audit
|
%patch6 -p1 -b .selinux
|
||||||
|
|
||||||
autoreconf
|
autoreconf
|
||||||
|
|
||||||
@ -128,6 +128,10 @@ rm -rf $RPM_BUILD_ROOT
|
|||||||
/bin/chmod 0440 /etc/sudoers || :
|
/bin/chmod 0440 /etc/sudoers || :
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Feb 06 2008 Peter Vrabec <pvrabec@redhat.com> 1.6.9p12-1
|
||||||
|
- upgrade to the latest upstream release
|
||||||
|
- add selinux support
|
||||||
|
|
||||||
* Mon Feb 02 2008 Dennis Gilmore <dennis@ausil.us> 1.6.9p4-6
|
* Mon Feb 02 2008 Dennis Gilmore <dennis@ausil.us> 1.6.9p4-6
|
||||||
- sparc64 needs to be in the -fPIE list with s390
|
- sparc64 needs to be in the -fPIE list with s390
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user