From b27e499e8f566fc0d910e5b9de2be0a53f0b6c31 Mon Sep 17 00:00:00 2001 From: Daniel Kopecek Date: Wed, 22 Feb 2012 11:27:43 +0100 Subject: [PATCH] SSSD patch update --- sudo-1.8.3p1-sssd-support.patch | 72 ++++++++++++++++----------------- sudo.spec | 5 ++- 2 files changed, 40 insertions(+), 37 deletions(-) diff --git a/sudo-1.8.3p1-sssd-support.patch b/sudo-1.8.3p1-sssd-support.patch index ee1b68a..73af16b 100644 --- a/sudo-1.8.3p1-sssd-support.patch +++ b/sudo-1.8.3p1-sssd-support.patch @@ -48,7 +48,7 @@ diff -up sudo-1.8.3p1/plugins/sudoers/Makefile.in.sssd-support sudo-1.8.3p1/plug $(incdir)/alloc.h $(incdir)/list.h $(incdir)/fileops.h \ diff -up sudo-1.8.3p1/plugins/sudoers/sssd.c.sssd-support sudo-1.8.3p1/plugins/sudoers/sssd.c --- sudo-1.8.3p1/plugins/sudoers/sssd.c.sssd-support 2012-01-19 13:41:51.885154296 +0100 -+++ sudo-1.8.3p1/plugins/sudoers/sssd.c 2012-02-07 12:22:37.641156963 +0100 ++++ sudo-1.8.3p1/plugins/sudoers/sssd.c 2012-02-17 09:38:27.195588846 +0100 @@ -0,0 +1,1157 @@ +/* + * Copyright (c) 2003-2011 Todd C. Miller @@ -116,7 +116,7 @@ diff -up sudo-1.8.3p1/plugins/sudoers/sssd.c.sssd-support sudo-1.8.3p1/plugins/s +static int sudo_sssd_open(struct sudo_nss *nss); +static int sudo_sssd_close(struct sudo_nss *nss); +static int sudo_sssd_parse(struct sudo_nss *nss); -+static void sudo_sssd_parse_options(struct sss_rule *rule); ++static void sudo_sssd_parse_options(struct sss_sudo_rule *rule); +static int sudo_sssd_setdefs(struct sudo_nss *nss); +static int sudo_sssd_lookup(struct sudo_nss *nss, int ret, int pwflag); +static int sudo_sssd_display_cmnd(struct sudo_nss *nss, struct passwd *pw); @@ -130,11 +130,11 @@ diff -up sudo-1.8.3p1/plugins/sudoers/sssd.c.sssd-support sudo-1.8.3p1/plugins/s + struct lbuf *lbuf); + + -+static struct sss_result *sudo_sssd_result_get(struct sudo_nss *nss, ++static struct sss_sudo_result *sudo_sssd_result_get(struct sudo_nss *nss, + struct passwd *pw, + uint32_t *state); + -+static void sudo_sssd_attrcpy(struct sss_attr *dst, const struct sss_attr *src) ++static void sudo_sssd_attrcpy(struct sss_sudo_attr *dst, const struct sss_sudo_attr *src) +{ + int i; + @@ -151,7 +151,7 @@ diff -up sudo-1.8.3p1/plugins/sudoers/sssd.c.sssd-support sudo-1.8.3p1/plugins/s + return; +} + -+static void sudo_sssd_rulecpy(struct sss_rule *dst, const struct sss_rule *src) ++static void sudo_sssd_rulecpy(struct sss_sudo_rule *dst, const struct sss_sudo_rule *src) +{ + int i; + @@ -159,7 +159,7 @@ diff -up sudo-1.8.3p1/plugins/sudoers/sssd.c.sssd-support sudo-1.8.3p1/plugins/s + DPRINTF(2, "emalloc: cnt=%d", src->num_attrs); + + dst->num_attrs = src->num_attrs; -+ dst->attrs = emalloc(sizeof(struct sss_attr) * dst->num_attrs); ++ dst->attrs = emalloc(sizeof(struct sss_sudo_attr) * dst->num_attrs); + + for (i = 0; i < dst->num_attrs; ++i) { + sudo_sssd_attrcpy(dst->attrs + i, @@ -173,9 +173,9 @@ diff -up sudo-1.8.3p1/plugins/sudoers/sssd.c.sssd-support sudo-1.8.3p1/plugins/s +#define _SUDO_SSS_STATE_HOSTMATCH 0x01 +#define _SUDO_SSS_STATE_USERMATCH 0x02 + -+static struct sss_result *sudo_sssd_filter_result(struct sss_result *in_res, int (*filterp)(struct sss_rule *, void *), int act, void *filterp_arg) ++static struct sss_sudo_result *sudo_sssd_filter_result(struct sss_sudo_result *in_res, int (*filterp)(struct sss_sudo_rule *, void *), int act, void *filterp_arg) +{ -+ struct sss_result *out_res; ++ struct sss_sudo_result *out_res; + int i, l, r; + + DPRINTF(3, "in_res=%p, count=%u, act=%s", @@ -186,8 +186,8 @@ diff -up sudo-1.8.3p1/plugins/sudoers/sssd.c.sssd-support sudo-1.8.3p1/plugins/s + + DPRINTF(3, "emalloc: cnt=%d", in_res->num_rules); + -+ out_res = emalloc(sizeof(struct sss_result)); -+ out_res->rules = in_res->num_rules > 0 ? emalloc(sizeof(struct sss_rule) * in_res->num_rules) : NULL; ++ out_res = emalloc(sizeof(struct sss_sudo_result)); ++ out_res->rules = in_res->num_rules > 0 ? emalloc(sizeof(struct sss_sudo_rule) * in_res->num_rules) : NULL; + out_res->num_rules = 0; + + for (i = l = 0; i < in_res->num_rules; ++i) { @@ -207,7 +207,7 @@ diff -up sudo-1.8.3p1/plugins/sudoers/sssd.c.sssd-support sudo-1.8.3p1/plugins/s + + if (l < in_res->num_rules) { + DPRINTF(3, "reallocating result: %p (count: %u -> %u)", out_res->rules, in_res->num_rules, l); -+ out_res->rules = realloc(out_res->rules, sizeof(struct sss_rule) * l); ++ out_res->rules = realloc(out_res->rules, sizeof(struct sss_sudo_rule) * l); + } + + out_res->num_rules = l; @@ -217,7 +217,7 @@ diff -up sudo-1.8.3p1/plugins/sudoers/sssd.c.sssd-support sudo-1.8.3p1/plugins/s + +struct sudo_sssd_handle { + char *username; -+ struct sss_result *result; ++ struct sss_sudo_result *result; + struct group_list *grlist; +}; + @@ -271,8 +271,8 @@ diff -up sudo-1.8.3p1/plugins/sudoers/sssd.c.sssd-support sudo-1.8.3p1/plugins/s +{ + struct sudo_sssd_handle *handle = nss->handle; + -+ struct sss_result *sres; -+ struct sss_rule *rule; ++ struct sss_sudo_result *sres; ++ struct sss_sudo_rule *rule; + uint32_t serr; + int i; + @@ -300,7 +300,7 @@ diff -up sudo-1.8.3p1/plugins/sudoers/sssd.c.sssd-support sudo-1.8.3p1/plugins/s +} + +static int -+sudo_sssd_check_runas_user(struct sss_rule *rule) ++sudo_sssd_check_runas_user(struct sss_sudo_rule *rule) +{ + char **v_arr = NULL; + char *val; @@ -403,7 +403,7 @@ diff -up sudo-1.8.3p1/plugins/sudoers/sssd.c.sssd-support sudo-1.8.3p1/plugins/s +} + +static int -+sudo_sssd_check_runas_group(struct sss_rule *rule) ++sudo_sssd_check_runas_group(struct sss_sudo_rule *rule) +{ + char **v_arr = NULL; + char *val; @@ -447,7 +447,7 @@ diff -up sudo-1.8.3p1/plugins/sudoers/sssd.c.sssd-support sudo-1.8.3p1/plugins/s + * else FALSE. RunAs info is optional. + */ +static int -+sudo_sssd_check_runas(struct sss_rule *rule) ++sudo_sssd_check_runas(struct sss_sudo_rule *rule) +{ + int ret; + @@ -460,7 +460,7 @@ diff -up sudo-1.8.3p1/plugins/sudoers/sssd.c.sssd-support sudo-1.8.3p1/plugins/s + return ret; +} + -+static int sudo_sssd_check_host(struct sss_rule *rule) ++static int sudo_sssd_check_host(struct sss_sudo_rule *rule) +{ + char **v_arr, *val; + int ret = FALSE, i; @@ -500,7 +500,7 @@ diff -up sudo-1.8.3p1/plugins/sudoers/sssd.c.sssd-support sudo-1.8.3p1/plugins/s + return ret; +} + -+static int sudo_sssd_result_filterp(struct sss_rule *rule, void *unused) ++static int sudo_sssd_result_filterp(struct sss_sudo_rule *rule, void *unused) +{ + (void)unused; + @@ -510,12 +510,12 @@ diff -up sudo-1.8.3p1/plugins/sudoers/sssd.c.sssd-support sudo-1.8.3p1/plugins/s + return 0; +} + -+static struct sss_result *sudo_sssd_result_get(struct sudo_nss *nss, ++static struct sss_sudo_result *sudo_sssd_result_get(struct sudo_nss *nss, + struct passwd *pw, + uint32_t *state) +{ + struct sudo_sssd_handle *handle = nss->handle; -+ struct sss_result *u_sres, *f_sres; ++ struct sss_sudo_result *u_sres, *f_sres; + uint32_t serr = 0, ret; + + DPRINTF(1, "pw_name=%s", pw->pw_name); @@ -583,7 +583,7 @@ diff -up sudo-1.8.3p1/plugins/sudoers/sssd.c.sssd-support sudo-1.8.3p1/plugins/s + * Returns TRUE if found and allowed, FALSE if negated, else UNSPEC. + */ +static int -+sudo_sssd_check_bool(struct sss_rule *rule, char *option) ++sudo_sssd_check_bool(struct sss_sudo_rule *rule, char *option) +{ + char ch, *var, **v_arr = NULL; + int i, ret = UNSPEC; @@ -624,7 +624,7 @@ diff -up sudo-1.8.3p1/plugins/sudoers/sssd.c.sssd-support sudo-1.8.3p1/plugins/s + * FALSE if disallowed and UNSPEC if not matched. + */ +static int -+sudo_sssd_check_command(struct sss_rule *rule, int *setenv_implied) ++sudo_sssd_check_command(struct sss_sudo_rule *rule, int *setenv_implied) +{ + char **v_arr = NULL, *val; + char *allowed_cmnd, *allowed_args; @@ -641,7 +641,7 @@ diff -up sudo-1.8.3p1/plugins/sudoers/sssd.c.sssd-support sudo-1.8.3p1/plugins/s + DPRINTF(2, "No result."); + return ret; + default: -+ DPRINTF(2, "sss_sudo_get_values: != 0"); ++ DPRINTF(2, "sss_sudo_sudo_get_values: != 0"); + return ret; + } + @@ -692,7 +692,7 @@ diff -up sudo-1.8.3p1/plugins/sudoers/sssd.c.sssd-support sudo-1.8.3p1/plugins/s +} + +static void -+sudo_sssd_parse_options(struct sss_rule *rule) ++sudo_sssd_parse_options(struct sss_sudo_rule *rule) +{ + int i; + char op, *v, *val; @@ -748,8 +748,8 @@ diff -up sudo-1.8.3p1/plugins/sudoers/sssd.c.sssd-support sudo-1.8.3p1/plugins/s +{ + int rc, setenv_implied; + -+ struct sss_result *sres = NULL; -+ struct sss_rule *rule; ++ struct sss_sudo_result *sres = NULL; ++ struct sss_sudo_rule *rule; + uint32_t i, state = 0; + + /* Fetch list of sudoRole entries that match user and host. */ @@ -863,8 +863,8 @@ diff -up sudo-1.8.3p1/plugins/sudoers/sssd.c.sssd-support sudo-1.8.3p1/plugins/s +static int sudo_sssd_display_cmnd(struct sudo_nss *nss, struct passwd *pw) +{ + struct sudo_sssd_handle *handle = nss->handle; -+ struct sss_result *sres = NULL; -+ struct sss_rule *rule; ++ struct sss_sudo_result *sres = NULL; ++ struct sss_sudo_rule *rule; + int i, found = FALSE; + + if (handle == NULL) @@ -895,7 +895,7 @@ diff -up sudo-1.8.3p1/plugins/sudoers/sssd.c.sssd-support sudo-1.8.3p1/plugins/s + user_args ? " " : "", user_args ? user_args : ""); + + if (sres != NULL) -+ sss_sudo_free_result(sres); ++ sss_sudo_sudo_free_result(sres); + + return !found; +} @@ -905,8 +905,8 @@ diff -up sudo-1.8.3p1/plugins/sudoers/sssd.c.sssd-support sudo-1.8.3p1/plugins/s +{ + struct sudo_sssd_handle *handle = nss->handle; + -+ struct sss_rule *rule; -+ struct sss_result *sres = NULL; ++ struct sss_sudo_rule *rule; ++ struct sss_sudo_result *sres = NULL; + + uint32_t serr = 0; + @@ -964,7 +964,7 @@ diff -up sudo-1.8.3p1/plugins/sudoers/sssd.c.sssd-support sudo-1.8.3p1/plugins/s + return 0; +} + -+static int sudo_sssd_display_entry_long(struct sss_rule *rule, struct lbuf *lbuf) ++static int sudo_sssd_display_entry_long(struct sss_sudo_rule *rule, struct lbuf *lbuf) +{ + char **v_arr = NULL; + int count = 0, i; @@ -1071,7 +1071,7 @@ diff -up sudo-1.8.3p1/plugins/sudoers/sssd.c.sssd-support sudo-1.8.3p1/plugins/s + return count; +} + -+static int sudo_sssd_display_entry_short(struct sss_rule *rule, struct lbuf *lbuf) ++static int sudo_sssd_display_entry_short(struct sss_sudo_rule *rule, struct lbuf *lbuf) +{ + char **v_arr = NULL; + int count = 0, i; @@ -1182,8 +1182,8 @@ diff -up sudo-1.8.3p1/plugins/sudoers/sssd.c.sssd-support sudo-1.8.3p1/plugins/s +static int sudo_sssd_display_privs(struct sudo_nss *nss, struct passwd *pw, + struct lbuf *lbuf) +{ -+ struct sss_result *sres = NULL; -+ struct sss_rule *rule; ++ struct sss_sudo_result *sres = NULL; ++ struct sss_sudo_rule *rule; + unsigned int i, count = 0; + + DPRINTF(2, "sssd/ldap search for command list"); diff --git a/sudo.spec b/sudo.spec index 16ee6cf..9c36d16 100644 --- a/sudo.spec +++ b/sudo.spec @@ -1,7 +1,7 @@ Summary: Allows restricted root access for specified users Name: sudo Version: 1.8.3p1 -Release: 4%{?dist} +Release: 5%{?dist} License: ISC Group: Applications/System URL: http://www.courtesan.com/sudo/ @@ -175,6 +175,9 @@ rm -rf $RPM_BUILD_ROOT %{_mandir}/man8/sudo_plugin.8* %changelog +* Wed Feb 22 2012 Daniel Kopecek - 1.8.3p1-5 +- SSSD patch update + * Tue Feb 7 2012 Daniel Kopecek - 1.8.3p1-4 - added SSSD support