![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.bin / doas
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.99 / (download) - annotate - [select for diffs], Thu Feb 15 18:57:58 2024 UTC (3 months ago) by tedu
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
HEAD
Changes since 1.98: +11 -7 lines
Diff to previous 1.98 (colored)
change permit to be more bits away from deny, because rowhammer. not really sure why this is our problem, but the diff is small. ok deraadt millert miod
Revision 1.98 / (download) - annotate - [select for diffs], Thu Dec 22 19:53:22 2022 UTC (16 months, 3 weeks ago) by kn
Branch: MAIN
CVS Tags: OPENBSD_7_4_BASE,
OPENBSD_7_4,
OPENBSD_7_3_BASE,
OPENBSD_7_3
Changes since 1.97: +2 -2 lines
Diff to previous 1.97 (colored)
Denote multiple arguments with 'arg ...' not 'args' A few programs used the plural in their synopsis which doesn't read as clear as the obvious triple-dot notation. mdoc(7) .Ar defaults to "file ..." if no arguments are given and consistent use of 'arg ...' matches that behaviour. Cleanup a few markups of the same argument so the text keeps reading naturally; omit unhelpful parts like 'if optional arguments are given, they are passed along' for tools like time(1) and timeout(1) that obviously execute commands with whatever arguments where given -- just like doas(1) which doesn't mention arguments in its DESCRIPTION in the first place. For expr(1) the difference between 'expressions' and 'expression ...' is crucial, as arguments must be passed as individual words. Feedback millert jmc schwarze deraadt OK jmc
Revision 1.97 / (download) - annotate - [select for diffs], Tue Mar 22 20:36:49 2022 UTC (2 years, 1 month ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_7_2_BASE,
OPENBSD_7_2,
OPENBSD_7_1_BASE,
OPENBSD_7_1
Changes since 1.96: +2 -1 lines
Diff to previous 1.96 (colored)
minor KNF cleanups during a re-read
Revision 1.96 / (download) - annotate - [select for diffs], Fri Mar 4 05:37:21 2022 UTC (2 years, 2 months ago) by tb
Branch: MAIN
Changes since 1.95: +4 -1 lines
Diff to previous 1.95 (colored)
Revert previous and add LOGIN_SETENV and LOGIN_SETRTABLE Instead of only adding LOGIN_SETENV and LOGIN_SETRTABLE, LOGIN_SETALL also includes LOGIN_SETLOGIN, which had the unintended side effect of breaking logname(1). ok deraadt tedu
Revision 1.95 / (download) - annotate - [select for diffs], Fri Feb 25 18:29:32 2022 UTC (2 years, 2 months ago) by tedu
Branch: MAIN
Changes since 1.94: +2 -5 lines
Diff to previous 1.94 (colored)
use setall for setusercontext, to make it simpler to inherit new changes. note that the addition of setenv doesn't do much, since doas will rewrite the environment anyway (but added variables are accessible in keepenv, should anybody be using that feature).
Revision 1.94 / (download) - annotate - [select for diffs], Thu Feb 10 13:06:46 2022 UTC (2 years, 3 months ago) by robert
Branch: MAIN
Changes since 1.93: +3 -1 lines
Diff to previous 1.93 (colored)
unveil _PATH_LOGIN_CONF_D
Revision 1.93 / (download) - annotate - [select for diffs], Tue Nov 30 20:08:15 2021 UTC (2 years, 5 months ago) by tobias
Branch: MAIN
Changes since 1.92: +2 -2 lines
Diff to previous 1.92 (colored)
Improved error handling in config parser. - Escaped newlines confused column counter - An unclosed quote could have been logged multiple times - Signed data types could overflow, which is undefined behavior ok tedu
Revision 1.92 / (download) - annotate - [select for diffs], Wed Oct 13 17:41:14 2021 UTC (2 years, 7 months ago) by millert
Branch: MAIN
Changes since 1.91: +22 -22 lines
Diff to previous 1.91 (colored)
Fix fd leak of /dev/tty on auth failure, introduced in revision 1.91. Move the auth retry loop into authuser() and only open /dev/tty once. Also refactor the password reading into authuser_checkpass(). Bug reported by multi AT in-addr DOT xyz. OK kn@
Revision 1.91 / (download) - annotate - [select for diffs], Tue Sep 7 13:46:07 2021 UTC (2 years, 8 months ago) by jcs
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_7_0
Changes since 1.90: +20 -6 lines
Diff to previous 1.90 (colored)
Retry up to 3 times on password authentication failure ok martijn support from various
Revision 1.90 / (download) - annotate - [select for diffs], Mon Jul 12 15:09:19 2021 UTC (2 years, 10 months ago) by beck
Branch: MAIN
Changes since 1.89: +5 -4 lines
Diff to previous 1.89 (colored)
Change the error reporting pattern throughout the tree when unveil fails to report the path that the failure occured on. Suggested by deraadt@ after some tech discussion. Work done and verified by Ashton Fagg <ashton@fagg.id.au> ok deraadt@ semarie@ claudio@
Revision 1.89 / (download) - annotate - [select for diffs], Wed Jan 27 17:02:50 2021 UTC (3 years, 3 months ago) by millert
Branch: MAIN
CVS Tags: OPENBSD_6_9_BASE,
OPENBSD_6_9
Changes since 1.88: +2 -2 lines
Diff to previous 1.88 (colored)
Promote nrules/maxrules to size_t and make sure they can't overflow. reallocarray(3) will fail if nmemb * size would overflow. OK tb@ martijn@
Revision 1.88 / (download) - annotate - [select for diffs], Thu Jan 21 08:13:59 2021 UTC (3 years, 3 months ago) by kn
Branch: MAIN
Changes since 1.87: +4 -8 lines
Diff to previous 1.87 (colored)
Revert r1.87 "Pledge before authentication when possible" Someone reported to me that ''This breaks ansible managed machines where "persist" isn't used. There i get /bsd: doas[49341]: pledge "proc", syscall 2 Using "persist", everything is fine.''
Revision 1.87 / (download) - annotate - [select for diffs], Wed Jan 20 07:30:51 2021 UTC (3 years, 3 months ago) by kn
Branch: MAIN
Changes since 1.86: +9 -5 lines
Diff to previous 1.86 (colored)
Pledge before authentication when possible
Generally, pleding before parsing the file seems hardly possible due to
unveil() being involved.
Pledging in case of the winning rule being a "persist" one is not possible
either due to TIOC{SET,CHK}VERAUTH not being allowed in the "tty" pledge.
But if "persist" is not used, we can pledge before authentication
without having to hoist or chang anything.
Feedback deraadt tedu
OK tdeu
Revision 1.86 / (download) - annotate - [select for diffs], Sat Jan 16 09:18:41 2021 UTC (3 years, 4 months ago) by martijn
Branch: MAIN
Changes since 1.85: +4 -4 lines
Diff to previous 1.85 (colored)
s/authorization/authentication/g OK kn@ tedu@
Revision 1.85 / (download) - annotate - [select for diffs], Wed Jan 13 13:49:34 2021 UTC (3 years, 4 months ago) by kn
Branch: MAIN
Changes since 1.84: +5 -1 lines
Diff to previous 1.84 (colored)
Pledge the "-C" code path In "Parse and check config" mode nothing is executed so pledge without "exec" while still setuid and before reading/parsing the config file. OK millert
Revision 1.84 / (download) - annotate - [select for diffs], Fri Oct 9 07:43:38 2020 UTC (3 years, 7 months ago) by kn
Branch: MAIN
Changes since 1.83: +6 -3 lines
Diff to previous 1.83 (colored)
Add nolog option to avoid syslog(3) doas(1) unconditionally logs all executions but syslog.conf(5) provides no means to filter messages by user, target or command. Add the "nolog" option to doas.conf(5) such that syslog becomes an opt-out feature; this keeps configuration simple enough yet powerful since rule definition is the best place to decide whether to log commands or not on a per rule basis - this also aoids duplicating information or logic in any other log processing tool. OK tedu martijn
Revision 1.83 / (download) - annotate - [select for diffs], Fri Oct 9 00:04:05 2020 UTC (3 years, 7 months ago) by kn
Branch: MAIN
Changes since 1.82: +2 -2 lines
Diff to previous 1.82 (colored)
Improve error message on missing permission In case "cmd" (and "args") in doas.conf(5) mismatch, the log syslog(3) message might be read as if the command was executed but failed, i.e. returned non-zero. Be unambiguous and help admins spot execution *attempts* as such: -Oct 9 01:05:20 eru doas: failed command for kn: echo bar +Oct 9 01:05:20 eru doas: command not permitted for kn: echo bar OK tedu deraadt
Revision 1.82 / (download) - annotate - [select for diffs], Fri Oct 18 17:15:45 2019 UTC (4 years, 7 months ago) by tedu
Branch: MAIN
CVS Tags: OPENBSD_6_8_BASE,
OPENBSD_6_8,
OPENBSD_6_7_BASE,
OPENBSD_6_7
Changes since 1.81: +7 -3 lines
Diff to previous 1.81 (colored)
add some checks to avoid UID_MAX (-1) here. this is not problematic with the current code, but it's probably safer this way. ok deraadt
Revision 1.81 / (download) - annotate - [select for diffs], Sat Sep 14 17:47:00 2019 UTC (4 years, 8 months ago) by semarie
Branch: MAIN
CVS Tags: OPENBSD_6_6_BASE,
OPENBSD_6_6
Changes since 1.80: +3 -2 lines
Diff to previous 1.80 (colored)
correct some unveil(2) violations due to "login.conf.db" access (the .db version of "login.conf"), and stat(2) on _PATH_MASTERPASSWD_LOCK (via pw_mkdb(3)). problem initially noted by myself for passwd(1) millert@ reported similar problem on chpass(1), su(1), doas(1) and encrypt(1) mestre@ noted chpass(1) too ok mestre@ millert@
Revision 1.80 / (download) - annotate - [select for diffs], Wed Jul 3 03:24:02 2019 UTC (4 years, 10 months ago) by deraadt
Branch: MAIN
Changes since 1.79: +2 -2 lines
Diff to previous 1.79 (colored)
snprintf/vsnprintf return < 0 on error, rather than -1.
Revision 1.79 / (download) - annotate - [select for diffs], Sat Jun 29 22:35:37 2019 UTC (4 years, 10 months ago) by tedu
Branch: MAIN
Changes since 1.78: +5 -2 lines
Diff to previous 1.78 (colored)
fix some more fallout from setting path in setusercontext. restore previous behavior of using user PATH if no cmd restriction in the rule. run into by espie
Revision 1.78 / (download) - annotate - [select for diffs], Mon Jun 17 19:51:23 2019 UTC (4 years, 11 months ago) by tedu
Branch: MAIN
Changes since 1.77: +7 -1 lines
Diff to previous 1.77 (colored)
setusercontext resets PATH (which we want). but then it becomes impossible to access the old PATH. save a copy in case we need it later. bug report from espie.
Revision 1.77 / (download) - annotate - [select for diffs], Sun Jun 16 18:16:34 2019 UTC (4 years, 11 months ago) by tedu
Branch: MAIN
Changes since 1.76: +8 -2 lines
Diff to previous 1.76 (colored)
redo the environment inheritance to not inherit. it was intended to make life easier, but it can be surprising or even unsafe. instead, reset just about everything to the target user's values. ok deraadt martijn Thanks to Sander Bos in particular for pointing out some nasty edge cases.
Revision 1.76 / (download) - annotate - [select for diffs], Wed Jun 12 02:50:29 2019 UTC (4 years, 11 months ago) by tedu
Branch: MAIN
Changes since 1.75: +11 -12 lines
Diff to previous 1.75 (colored)
a few cleanups and simplifications possible now that static pw is gone. noted by martijn. ok martijn.
Revision 1.75 / (download) - annotate - [select for diffs], Mon Jun 10 18:11:27 2019 UTC (4 years, 11 months ago) by tedu
Branch: MAIN
Changes since 1.74: +14 -12 lines
Diff to previous 1.74 (colored)
use getpwuid_r to avoid problems with hidden static storage. ok deraadt lteo martijn
Revision 1.74 / (download) - annotate - [select for diffs], Thu Jan 17 05:35:35 2019 UTC (5 years, 4 months ago) by tedu
Branch: MAIN
CVS Tags: OPENBSD_6_5_BASE,
OPENBSD_6_5
Changes since 1.73: +2 -1 lines
Diff to previous 1.73 (colored)
clear the password even after a mismatch
Revision 1.73 / (download) - annotate - [select for diffs], Wed Aug 8 18:32:51 2018 UTC (5 years, 9 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_6_4_BASE,
OPENBSD_6_4
Changes since 1.72: +49 -5 lines
Diff to previous 1.72 (colored)
After authentication is complete, unveil login.conf "r" (to discover login tweaks), and walk the path (would could be $PATH, or not) adding an unveil "x" to each possible executable which execvpe() could later be tried by execvpe. It would be great if we could do some unveil before authentication, but I failed to determine all the possibilities. Some problem reports by bluhm, tb, florian, and others during development In snaps for about 3 weeks. ok florian
Revision 1.72 / (download) - annotate - [select for diffs], Sat May 27 09:51:07 2017 UTC (6 years, 11 months ago) by tedu
Branch: MAIN
CVS Tags: OPENBSD_6_3_BASE,
OPENBSD_6_3,
OPENBSD_6_2_BASE,
OPENBSD_6_2
Changes since 1.71: +2 -2 lines
Diff to previous 1.71 (colored)
for password failure, print Authorization failed instead of EPERM. will make things less confusing with commands rejected by config file.
Revision 1.71 / (download) - annotate - [select for diffs], Thu Apr 6 21:14:12 2017 UTC (7 years, 1 month ago) by tedu
Branch: MAIN
Changes since 1.70: +4 -4 lines
Diff to previous 1.70 (colored)
a little const here and there to prevent rules from changing
Revision 1.70 / (download) - annotate - [select for diffs], Thu Mar 9 21:25:01 2017 UTC (7 years, 2 months ago) by tedu
Branch: MAIN
CVS Tags: OPENBSD_6_1_BASE,
OPENBSD_6_1
Changes since 1.69: +2 -2 lines
Diff to previous 1.69 (colored)
exit test for -L was reversed. spotted by Michael Forney
Revision 1.69 / (download) - annotate - [select for diffs], Sat Jan 14 18:51:24 2017 UTC (7 years, 4 months ago) by tedu
Branch: MAIN
Changes since 1.68: +4 -1 lines
Diff to previous 1.68 (colored)
add a geteuid check to make sure we're root before plowing into setauth. spare some debugging effort in case doas is not installed setuid.
Revision 1.68 / (download) - annotate - [select for diffs], Wed Oct 5 23:28:28 2016 UTC (7 years, 7 months ago) by tb
Branch: MAIN
Changes since 1.67: +2 -1 lines
Diff to previous 1.67 (colored)
Add back the call to yyparse() that was accidentally dropped in the previous commit. Fortunately, doas fails closed... ok tedu
Revision 1.67 / (download) - annotate - [select for diffs], Wed Oct 5 17:40:25 2016 UTC (7 years, 7 months ago) by tedu
Branch: MAIN
Changes since 1.66: +2 -2 lines
Diff to previous 1.66 (colored)
move yyparse decl next to yyfp
Revision 1.66 / (download) - annotate - [select for diffs], Wed Oct 5 17:36:53 2016 UTC (7 years, 7 months ago) by tedu
Branch: MAIN
Changes since 1.65: +1 -13 lines
Diff to previous 1.65 (colored)
as a result of the env rework, arraylen() is only used in parse.y. move it there and make it static.
Revision 1.65 / (download) - annotate - [select for diffs], Thu Sep 15 00:58:23 2016 UTC (7 years, 8 months ago) by deraadt
Branch: MAIN
Changes since 1.64: +1 -2 lines
Diff to previous 1.64 (colored)
use static in the right places to seperate modules better ok tedu
Revision 1.64 / (download) - annotate - [select for diffs], Sat Sep 3 11:03:18 2016 UTC (7 years, 8 months ago) by tedu
Branch: MAIN
Changes since 1.63: +2 -2 lines
Diff to previous 1.63 (colored)
the sudo timeout was 5 minutes i believe, so we'll match that.
Revision 1.63 / (download) - annotate - [select for diffs], Fri Sep 2 18:12:30 2016 UTC (7 years, 8 months ago) by tedu
Branch: MAIN
Changes since 1.62: +26 -8 lines
Diff to previous 1.62 (colored)
add support for the verified auth ioctls using 'persist' rules. ok deraadt henning
Revision 1.62 / (download) - annotate - [select for diffs], Thu Sep 1 17:30:52 2016 UTC (7 years, 8 months ago) by tedu
Branch: MAIN
Changes since 1.61: +2 -2 lines
Diff to previous 1.61 (colored)
unconst these parameters; i won't be changing bsd auth today.
Revision 1.61 / (download) - annotate - [select for diffs], Thu Sep 1 13:16:38 2016 UTC (7 years, 8 months ago) by tedu
Branch: MAIN
Changes since 1.60: +34 -28 lines
Diff to previous 1.60 (colored)
move the authentication code to a function
Revision 1.60 / (download) - annotate - [select for diffs], Mon Jul 18 16:46:30 2016 UTC (7 years, 10 months ago) by zhuk
Branch: MAIN
CVS Tags: OPENBSD_6_0_BASE,
OPENBSD_6_0
Changes since 1.59: +6 -4 lines
Diff to previous 1.59 (colored)
The string with path to shell could be taken directly from struct passwd. At some point later the data it points to is overridden by getpwuid() call, resulting in garbage. The problem could be easily demonstreated by double doas call: $ doas doas -su _sndio doas: mpty: command not found The fix is easy: just strdup() the pw_shell field value. okay tedu@, tweaks from & okay natano@
Revision 1.59 / (download) - annotate - [select for diffs], Tue Jul 12 12:10:42 2016 UTC (7 years, 10 months ago) by semarie
Branch: MAIN
Changes since 1.58: +2 -2 lines
Diff to previous 1.58 (colored)
add "recvfd" to doas(1) for use with skey. ok tb@ deraadt@
Revision 1.58 / (download) - annotate - [select for diffs], Fri Jun 24 20:49:56 2016 UTC (7 years, 10 months ago) by tedu
Branch: MAIN
Changes since 1.57: +3 -3 lines
Diff to previous 1.57 (colored)
move a space to the correct spot
Revision 1.57 / (download) - annotate - [select for diffs], Sun Jun 19 19:29:43 2016 UTC (7 years, 11 months ago) by martijn
Branch: MAIN
Changes since 1.56: +4 -6 lines
Diff to previous 1.56 (colored)
Move the RB_ code from doas.h to env.c, and limit the environment interface to a simple prepenv function. OK tedu@
Revision 1.56 / (download) - annotate - [select for diffs], Thu Jun 16 17:40:30 2016 UTC (7 years, 11 months ago) by tedu
Branch: MAIN
Changes since 1.55: +5 -101 lines
Diff to previous 1.55 (colored)
the environment handling code was showing its age. just because environ is a char** array doesn't mean we must exclusively operate on such. convert to a red-black tree, manipulate as desired, then flatten to array. potentially overkill for the current operations, but reading the tea leaves i see that more manipulations are desired. ok tb (and some thought provoking disagreement from martijn)
Revision 1.55 / (download) - annotate - [select for diffs], Tue Jun 7 16:49:23 2016 UTC (7 years, 11 months ago) by tedu
Branch: MAIN
Changes since 1.54: +1 -80 lines
Diff to previous 1.54 (colored)
revert recent changes to allow setenv. everybody now has an idea about how to do things better, so let's take a step back and reconsider.
Revision 1.54 / (download) - annotate - [select for diffs], Tue Jun 7 14:11:16 2016 UTC (7 years, 11 months ago) by tedu
Branch: MAIN
Changes since 1.53: +12 -10 lines
Diff to previous 1.53 (colored)
merge setenv feature into keepenv. less grammar, more better. minimal changes to implementation for now, but some refinement to the way in which the new environment is constructed would be nice. ok djm
Revision 1.53 / (download) - annotate - [select for diffs], Sun Jun 5 00:46:34 2016 UTC (7 years, 11 months ago) by djm
Branch: MAIN
Changes since 1.52: +78 -1 lines
Diff to previous 1.52 (colored)
add a doas.conf setenv directive that allows setting environment
variables explicitly and by copying existing environment variables
of a different name. E.g.
permit nopass setenv { PS1=$SUDO_PS1 FOO=bar } keepenv :wheel
ok tedu@ benno@
Revision 1.52 / (download) - annotate - [select for diffs], Thu Apr 28 04:48:56 2016 UTC (8 years ago) by tedu
Branch: MAIN
Changes since 1.51: +3 -1 lines
Diff to previous 1.51 (colored)
set progname to doas so users can't create bizarro fake logs
Revision 1.51 / (download) - annotate - [select for diffs], Mon Feb 15 19:56:11 2016 UTC (8 years, 3 months ago) by martijn
Branch: MAIN
CVS Tags: OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.50: +2 -2 lines
Diff to previous 1.50 (colored)
Do a carriage return before password prompt. OK tedu@
Revision 1.50 / (download) - annotate - [select for diffs], Sun Feb 7 20:01:58 2016 UTC (8 years, 3 months ago) by tedu
Branch: MAIN
Changes since 1.49: +8 -2 lines
Diff to previous 1.49 (colored)
require a tty for the password. sudo regression noted by miod, fix by millert
Revision 1.49 / (download) - annotate - [select for diffs], Sun Jan 24 13:19:21 2016 UTC (8 years, 3 months ago) by gsoares
Branch: MAIN
Changes since 1.48: +2 -1 lines
Diff to previous 1.48 (colored)
make sure of cleaning rbuf with explicit_bzero(3) OK tedu@
Revision 1.48 / (download) - annotate - [select for diffs], Tue Dec 8 14:45:36 2015 UTC (8 years, 5 months ago) by tedu
Branch: MAIN
Changes since 1.47: +2 -2 lines
Diff to previous 1.47 (colored)
semarie noticed that auth failures don't set errno. just print a generic message and leave it to the user to find the tea leaves.
Revision 1.47 / (download) - annotate - [select for diffs], Tue Dec 8 13:39:40 2015 UTC (8 years, 5 months ago) by sthen
Branch: MAIN
Changes since 1.46: +9 -4 lines
Diff to previous 1.46 (colored)
Support -a <auth_style> in doas(1). Allows specifying a non-default auth style, for example if you have "auth-doas=yubikey,passwd" in login.conf, doas will usually want yubikey authentication, but will allow a fallback of "doas -a passwd". Avoids the need for sudo in a number of cases, at the expense of 5 added lines of code (and one of those is only to avoid >80 columns). Adapted from a diff by Renaud Allard, ok dlg@ tedu@
Revision 1.46 / (download) - annotate - [select for diffs], Thu Dec 3 08:12:15 2015 UTC (8 years, 5 months ago) by tedu
Branch: MAIN
Changes since 1.45: +21 -4 lines
Diff to previous 1.45 (colored)
use the more direct auth interfaces so we can provide a custom password prompt to the user (including username and host) so it's always clear what program is asking. request from henning with a hint from millert. ok deraadt jung zhuk
Revision 1.45 / (download) - annotate - [select for diffs], Sat Oct 24 19:23:48 2015 UTC (8 years, 6 months ago) by miod
Branch: MAIN
Changes since 1.44: +1 -4 lines
Diff to previous 1.44 (colored)
setusercontext() may still need "getpw" pledge rights; unbreaks doas on yp accounts after 1.43; found the hard way by matthieu@
Revision 1.44 / (download) - annotate - [select for diffs], Thu Oct 22 12:43:26 2015 UTC (8 years, 6 months ago) by tedu
Branch: MAIN
Changes since 1.43: +3 -3 lines
Diff to previous 1.43 (colored)
copying of the environment can be done later, as the user running
Revision 1.43 / (download) - annotate - [select for diffs], Thu Oct 22 04:57:20 2015 UTC (8 years, 6 months ago) by deraadt
Branch: MAIN
Changes since 1.42: +18 -1 lines
Diff to previous 1.42 (colored)
pledge in doas. startup pledge "stdio rpath getpw proc exec id". 4 more times after that more attributes are dropped: "proc" after bsd auth has spawned/received result from the login_* program; "getpw" after the final getpwent lookup, "id" after the final uid changing, and "rpath" after constructing getcwd. leaving only "exec", for the ride into execve().
Revision 1.42 / (download) - annotate - [select for diffs], Sat Sep 19 02:47:46 2015 UTC (8 years, 8 months ago) by tedu
Branch: MAIN
Changes since 1.41: +3 -1 lines
Diff to previous 1.41 (colored)
doas doesn't need any files to be passed in. closefrom STDERR+1. ok benno
Revision 1.41 / (download) - annotate - [select for diffs], Thu Sep 3 20:05:58 2015 UTC (8 years, 8 months ago) by tedu
Branch: MAIN
Changes since 1.40: +3 -10 lines
Diff to previous 1.40 (colored)
replace permfail calls with errc. the permfail calls had been retained for clarity and/or future use, but if people send me diffs fixing it, it's not worth fighting for. from Martin Natano
Revision 1.40 / (download) - annotate - [select for diffs], Tue Sep 1 13:20:53 2015 UTC (8 years, 8 months ago) by tedu
Branch: MAIN
Changes since 1.39: +5 -3 lines
Diff to previous 1.39 (colored)
only need to restrict exec path if the rule specifies a command. add a hint about path restrictions to man page. ok deraadt espie
Revision 1.39 / (download) - annotate - [select for diffs], Thu Aug 27 16:31:02 2015 UTC (8 years, 8 months ago) by tedu
Branch: MAIN
Changes since 1.38: +2 -2 lines
Diff to previous 1.38 (colored)
add a type of "auth-doas" to the perm check to allow login.conf fiddling originally proposed by halex
Revision 1.38 / (download) - annotate - [select for diffs], Sat Aug 22 16:01:05 2015 UTC (8 years, 8 months ago) by doug
Branch: MAIN
Changes since 1.37: +11 -3 lines
Diff to previous 1.37 (colored)
Add cwd context to syslog entry. input + ok tedu@, ok benno@
Revision 1.37 / (download) - annotate - [select for diffs], Thu Aug 20 18:42:11 2015 UTC (8 years, 9 months ago) by rzalamena
Branch: MAIN
Changes since 1.36: +6 -6 lines
Diff to previous 1.36 (colored)
Show program name for permission failure messages. ok espie@, tedu@.
Revision 1.36 / (download) - annotate - [select for diffs], Thu Aug 13 16:27:22 2015 UTC (8 years, 9 months ago) by espie
Branch: MAIN
Changes since 1.35: +4 -8 lines
Diff to previous 1.35 (colored)
and now we can unify the code. okay tedu@ err() suggestion by Martijn van Duren
Revision 1.35 / (download) - annotate - [select for diffs], Wed Aug 12 15:59:53 2015 UTC (8 years, 9 months ago) by espie
Branch: MAIN
Changes since 1.34: +3 -3 lines
Diff to previous 1.34 (colored)
more explicit warnings. Okay tedu@
Revision 1.34 / (download) - annotate - [select for diffs], Mon Aug 3 15:31:05 2015 UTC (8 years, 9 months ago) by tedu
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8
Changes since 1.33: +2 -2 lines
Diff to previous 1.33 (colored)
remove an extra getuid call, reported by Martijn van Duren
Revision 1.33 / (download) - annotate - [select for diffs], Thu Jul 30 17:04:33 2015 UTC (8 years, 9 months ago) by tedu
Branch: MAIN
Changes since 1.32: +11 -10 lines
Diff to previous 1.32 (colored)
make gid parsing look like uid parsing. from Martijn van Duren ack deraadt
Revision 1.32 / (download) - annotate - [select for diffs], Wed Jul 29 00:00:31 2015 UTC (8 years, 9 months ago) by tedu
Branch: MAIN
Changes since 1.31: +2 -3 lines
Diff to previous 1.31 (colored)
refine a comment
Revision 1.31 / (download) - annotate - [select for diffs], Tue Jul 28 21:36:03 2015 UTC (8 years, 9 months ago) by deraadt
Branch: MAIN
Changes since 1.30: +3 -2 lines
Diff to previous 1.30 (colored)
wrap some exceedingly long lines
Revision 1.30 / (download) - annotate - [select for diffs], Tue Jul 28 19:49:04 2015 UTC (8 years, 9 months ago) by zhuk
Branch: MAIN
Changes since 1.29: +24 -19 lines
Diff to previous 1.29 (colored)
Rename some variables and add few comments in keepenv handling code. Makes the code more readable. okay tedu@
Revision 1.29 / (download) - annotate - [select for diffs], Tue Jul 28 14:08:52 2015 UTC (8 years, 9 months ago) by zhuk
Branch: MAIN
Changes since 1.28: +4 -2 lines
Diff to previous 1.28 (colored)
Fix keepenv handling. Initially reported by Ze Loff on misc@. tedu@ agrees.
Revision 1.28 / (download) - annotate - [select for diffs], Mon Jul 27 15:38:11 2015 UTC (8 years, 9 months ago) by espie
Branch: MAIN
Changes since 1.27: +2 -2 lines
Diff to previous 1.27 (colored)
Add -n to usage. As noticed by Theo Buehler.
Revision 1.27 / (download) - annotate - [select for diffs], Sun Jul 26 22:44:33 2015 UTC (8 years, 9 months ago) by tedu
Branch: MAIN
Changes since 1.26: +2 -2 lines
Diff to previous 1.26 (colored)
checkconfig doesn't return anymore, noted by zhuk
Revision 1.26 / (download) - annotate - [select for diffs], Sun Jul 26 20:47:01 2015 UTC (8 years, 9 months ago) by espie
Branch: MAIN
Changes since 1.25: +9 -2 lines
Diff to previous 1.25 (colored)
nflag (as in sudo, force non-interactive mode) as discussed with ted@
Revision 1.25 / (download) - annotate - [select for diffs], Sun Jul 26 19:49:11 2015 UTC (8 years, 9 months ago) by zhuk
Branch: MAIN
Changes since 1.24: +2 -4 lines
Diff to previous 1.24 (colored)
Oops, CVS mismerged changes, resulting in compilable and mostly working, but somewhat wrong code. Well, the CVS mismerged but I just missed.
Revision 1.24 / (download) - annotate - [select for diffs], Sun Jul 26 19:14:46 2015 UTC (8 years, 9 months ago) by tedu
Branch: MAIN
Changes since 1.23: +11 -7 lines
Diff to previous 1.23 (colored)
tweak config checking slightly
Revision 1.23 / (download) - annotate - [select for diffs], Sun Jul 26 19:08:17 2015 UTC (8 years, 9 months ago) by zhuk
Branch: MAIN
Changes since 1.22: +6 -4 lines
Diff to previous 1.22 (colored)
Stop exiting on cmdline overflow: it's used only for logging, so aborting the whole process is stupid, and actually breaks things. Noticed and analyzed by as well as input from nigel@. Okay tedu@, espie@ and (if I understood correctly) hall@
Revision 1.22 / (download) - annotate - [select for diffs], Sun Jul 26 17:24:02 2015 UTC (8 years, 9 months ago) by zhuk
Branch: MAIN
Changes since 1.21: +47 -16 lines
Diff to previous 1.21 (colored)
Implement command matching without execution. This just extends functionality of the -C flag, so we are not introducing more garbage. Input and okay from jmc@ (documentation) and tedu@ (everything).
Revision 1.21 / (download) - annotate - [select for diffs], Fri Jul 24 06:36:42 2015 UTC (8 years, 9 months ago) by zhuk
Branch: MAIN
Changes since 1.20: +3 -1 lines
Diff to previous 1.20 (colored)
Further improve syntax error reporting in doas:
- teach parser to recover after error, allowing to report many errors
instead of the first one only;
- fix remaining error printouts without exact position.
Some ideas were taken from diff sent by dlg@ earlier, thanks!
okay tedu@, dlg@
Revision 1.20 / (download) - annotate - [select for diffs], Wed Jul 22 16:35:03 2015 UTC (8 years, 9 months ago) by zhuk
Branch: MAIN
Changes since 1.19: +4 -5 lines
Diff to previous 1.19 (colored)
Small tweaks: - whitespace on empty line; - use getuid() consistently. okay tedu@
Revision 1.19 / (download) - annotate - [select for diffs], Wed Jul 22 05:37:23 2015 UTC (8 years, 10 months ago) by deraadt
Branch: MAIN
Changes since 1.18: +2 -2 lines
Diff to previous 1.18 (colored)
one whitespace out of place
Revision 1.18 / (download) - annotate - [select for diffs], Tue Jul 21 17:49:33 2015 UTC (8 years, 10 months ago) by jmc
Branch: MAIN
Changes since 1.17: +2 -2 lines
Diff to previous 1.17 (colored)
options w/o args go first in SYNOPSIS, and add -C to usage();
Revision 1.17 / (download) - annotate - [select for diffs], Tue Jul 21 16:15:20 2015 UTC (8 years, 10 months ago) by tedu
Branch: MAIN
Changes since 1.16: +3 -2 lines
Diff to previous 1.16 (colored)
oops, previous commit regarding cases should have just been for parse.y. then a commit that says: add a -C option to check config files without running. ok halex then *this* commit: use setresuid to be explicit. suggested by deraadt
Revision 1.16 / (download) - annotate - [select for diffs], Tue Jul 21 16:12:04 2015 UTC (8 years, 10 months ago) by tedu
Branch: MAIN
Changes since 1.15: +8 -4 lines
Diff to previous 1.15 (colored)
cases should line up with switch, from Dimitris Papastamos
Revision 1.15 / (download) - annotate - [select for diffs], Tue Jul 21 11:04:06 2015 UTC (8 years, 10 months ago) by zhuk
Branch: MAIN
Changes since 1.14: +21 -7 lines
Diff to previous 1.14 (colored)
Add argument matching support to doas. Input and generic support from many. Final okay from tedu@.
Revision 1.14 / (download) - annotate - [select for diffs], Mon Jul 20 01:04:37 2015 UTC (8 years, 10 months ago) by tedu
Branch: MAIN
Changes since 1.13: +2 -2 lines
Diff to previous 1.13 (colored)
sf points out sudo doesn't allow SHELL in children
Revision 1.13 / (download) - annotate - [select for diffs], Mon Jul 20 01:00:48 2015 UTC (8 years, 10 months ago) by tedu
Branch: MAIN
Changes since 1.12: +3 -2 lines
Diff to previous 1.12 (colored)
check that badlisted env has = after the name
Revision 1.12 / (download) - annotate - [select for diffs], Mon Jul 20 00:57:53 2015 UTC (8 years, 10 months ago) by tedu
Branch: MAIN
Changes since 1.11: +12 -9 lines
Diff to previous 1.11 (colored)
rescope and rename some variables to reduce pressure on the alphabet
Revision 1.11 / (download) - annotate - [select for diffs], Mon Jul 20 00:54:01 2015 UTC (8 years, 10 months ago) by tedu
Branch: MAIN
Changes since 1.10: +22 -8 lines
Diff to previous 1.10 (colored)
introduce a minimal badset ($ENV) for environment stripping so that root shells read the right .kshrc
Revision 1.10 / (download) - annotate - [select for diffs], Sun Jul 19 01:19:22 2015 UTC (8 years, 10 months ago) by tedu
Branch: MAIN
Changes since 1.9: +4 -1 lines
Diff to previous 1.9 (colored)
sudo emulation: if execvpe fails with ENOENT, print "command not found" requested by krw
Revision 1.9 / (download) - annotate - [select for diffs], Sat Jul 18 18:44:26 2015 UTC (8 years, 10 months ago) by tedu
Branch: MAIN
Changes since 1.8: +14 -11 lines
Diff to previous 1.8 (colored)
rearrange variable decls a little
Revision 1.8 / (download) - annotate - [select for diffs], Sat Jul 18 06:33:23 2015 UTC (8 years, 10 months ago) by nicm
Branch: MAIN
Changes since 1.7: +30 -14 lines
Diff to previous 1.7 (colored)
Add doas -s as a shorthand for doas $SHELL. ok tedu
Revision 1.7 / (download) - annotate - [select for diffs], Sat Jul 18 00:19:38 2015 UTC (8 years, 10 months ago) by doug
Branch: MAIN
Changes since 1.6: +13 -8 lines
Diff to previous 1.6 (colored)
Add more error checking and use named constants when useful. ok sthen@ tedu@
Revision 1.6 / (download) - annotate - [select for diffs], Thu Jul 16 23:22:08 2015 UTC (8 years, 10 months ago) by nicm
Branch: MAIN
Changes since 1.5: +12 -1 lines
Diff to previous 1.5 (colored)
Fail if /etc/doas.conf is g+w or o+w or is not owned by root. ok tedu
Revision 1.5 / (download) - annotate - [select for diffs], Thu Jul 16 22:11:01 2015 UTC (8 years, 10 months ago) by nicm
Branch: MAIN
Changes since 1.4: +3 -1 lines
Diff to previous 1.4 (colored)
Missing reallocarray check in doas.c (ok tedu) and a calloc in parse.y as well.
Revision 1.4 / (download) - annotate - [select for diffs], Thu Jul 16 21:57:54 2015 UTC (8 years, 10 months ago) by deraadt
Branch: MAIN
Changes since 1.3: +11 -6 lines
Diff to previous 1.3 (colored)
wrap long lines
Revision 1.3 / (download) - annotate - [select for diffs], Thu Jul 16 21:55:03 2015 UTC (8 years, 10 months ago) by tedu
Branch: MAIN
Changes since 1.2: +2 -17 lines
Diff to previous 1.2 (colored)
doas grows up. no insults.
Revision 1.2 / (download) - annotate - [select for diffs], Thu Jul 16 21:00:59 2015 UTC (8 years, 10 months ago) by tedu
Branch: MAIN
Changes since 1.1: +2 -3 lines
Diff to previous 1.1 (colored)
combine fprintfs and use a constant format string. hint from reyk
Revision 1.1 / (download) - annotate - [select for diffs], Thu Jul 16 20:44:21 2015 UTC (8 years, 10 months ago) by tedu
Branch: MAIN
import doas. still subject to changes, large and small.