![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.bin / doas
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.20 / (download) - annotate - [select for diffs], Thu Feb 15 18:57:58 2024 UTC (3 months ago) by tedu
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
HEAD
Changes since 1.19: +2 -2 lines
Diff to previous 1.19 (colored)
change permit to be more bits away from deny, because rowhammer. not really sure why this is our problem, but the diff is small. ok deraadt millert miod
Revision 1.19 / (download) - annotate - [select for diffs], Tue Nov 30 20:08:15 2021 UTC (2 years, 5 months ago) by tobias
Branch: MAIN
CVS Tags: OPENBSD_7_4_BASE,
OPENBSD_7_4,
OPENBSD_7_3_BASE,
OPENBSD_7_3,
OPENBSD_7_2_BASE,
OPENBSD_7_2,
OPENBSD_7_1_BASE,
OPENBSD_7_1
Changes since 1.18: +2 -2 lines
Diff to previous 1.18 (colored)
Improved error handling in config parser. - Escaped newlines confused column counter - An unclosed quote could have been logged multiple times - Signed data types could overflow, which is undefined behavior ok tedu
Revision 1.18 / (download) - annotate - [select for diffs], Tue Sep 7 13:46:07 2021 UTC (2 years, 8 months ago) by jcs
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_7_0
Changes since 1.17: +5 -1 lines
Diff to previous 1.17 (colored)
Retry up to 3 times on password authentication failure ok martijn support from various
Revision 1.17 / (download) - annotate - [select for diffs], Wed Jan 27 17:02:50 2021 UTC (3 years, 3 months ago) by millert
Branch: MAIN
CVS Tags: OPENBSD_6_9_BASE,
OPENBSD_6_9
Changes since 1.16: +2 -2 lines
Diff to previous 1.16 (colored)
Promote nrules/maxrules to size_t and make sure they can't overflow. reallocarray(3) will fail if nmemb * size would overflow. OK tb@ martijn@
Revision 1.16 / (download) - annotate - [select for diffs], Fri Oct 9 07:43:38 2020 UTC (3 years, 7 months ago) by kn
Branch: MAIN
Changes since 1.15: +2 -1 lines
Diff to previous 1.15 (colored)
Add nolog option to avoid syslog(3) doas(1) unconditionally logs all executions but syslog.conf(5) provides no means to filter messages by user, target or command. Add the "nolog" option to doas.conf(5) such that syslog becomes an opt-out feature; this keeps configuration simple enough yet powerful since rule definition is the best place to decide whether to log commands or not on a per rule basis - this also aoids duplicating information or logic in any other log processing tool. OK tedu martijn
Revision 1.15 / (download) - annotate - [select for diffs], Mon Jun 17 19:51:23 2019 UTC (4 years, 11 months ago) by tedu
Branch: MAIN
CVS Tags: OPENBSD_6_8_BASE,
OPENBSD_6_8,
OPENBSD_6_7_BASE,
OPENBSD_6_7,
OPENBSD_6_6_BASE,
OPENBSD_6_6
Changes since 1.14: +3 -1 lines
Diff to previous 1.14 (colored)
setusercontext resets PATH (which we want). but then it becomes impossible to access the old PATH. save a copy in case we need it later. bug report from espie.
Revision 1.14 / (download) - annotate - [select for diffs], Sun Jun 16 18:16:34 2019 UTC (4 years, 11 months ago) by tedu
Branch: MAIN
Changes since 1.13: +5 -2 lines
Diff to previous 1.13 (colored)
redo the environment inheritance to not inherit. it was intended to make life easier, but it can be surprising or even unsafe. instead, reset just about everything to the target user's values. ok deraadt martijn Thanks to Sander Bos in particular for pointing out some nasty edge cases.
Revision 1.13 / (download) - annotate - [select for diffs], Thu Apr 6 21:12:06 2017 UTC (7 years, 1 month ago) by tedu
Branch: MAIN
CVS Tags: OPENBSD_6_5_BASE,
OPENBSD_6_5,
OPENBSD_6_4_BASE,
OPENBSD_6_4,
OPENBSD_6_3_BASE,
OPENBSD_6_3,
OPENBSD_6_2_BASE,
OPENBSD_6_2
Changes since 1.12: +2 -2 lines
Diff to previous 1.12 (colored)
prepenv can take a const rule
Revision 1.12 / (download) - annotate - [select for diffs], Wed Oct 5 17:40:25 2016 UTC (7 years, 7 months ago) by tedu
Branch: MAIN
CVS Tags: OPENBSD_6_1_BASE,
OPENBSD_6_1
Changes since 1.11: +1 -3 lines
Diff to previous 1.11 (colored)
move yyparse decl next to yyfp
Revision 1.11 / (download) - annotate - [select for diffs], Wed Oct 5 17:36:53 2016 UTC (7 years, 7 months ago) by tedu
Branch: MAIN
Changes since 1.10: +1 -3 lines
Diff to previous 1.10 (colored)
as a result of the env rework, arraylen() is only used in parse.y. move it there and make it static.
Revision 1.10 / (download) - annotate - [select for diffs], Thu Sep 15 00:58:23 2016 UTC (7 years, 8 months ago) by deraadt
Branch: MAIN
Changes since 1.9: +20 -2 lines
Diff to previous 1.9 (colored)
use static in the right places to seperate modules better ok tedu
Revision 1.9 / (download) - annotate - [select for diffs], Fri Sep 2 18:12:30 2016 UTC (7 years, 8 months ago) by tedu
Branch: MAIN
Changes since 1.8: +2 -1 lines
Diff to previous 1.8 (colored)
add support for the verified auth ioctls using 'persist' rules. ok deraadt henning
Revision 1.8 / (download) - annotate - [select for diffs], Sun Jun 19 19:29:43 2016 UTC (7 years, 11 months ago) by martijn
Branch: MAIN
CVS Tags: OPENBSD_6_0_BASE,
OPENBSD_6_0
Changes since 1.7: +2 -20 lines
Diff to previous 1.7 (colored)
Move the RB_ code from doas.h to env.c, and limit the environment interface to a simple prepenv function. OK tedu@
Revision 1.7 / (download) - annotate - [select for diffs], Thu Jun 16 17:40:30 2016 UTC (7 years, 11 months ago) by tedu
Branch: MAIN
Changes since 1.6: +20 -1 lines
Diff to previous 1.6 (colored)
the environment handling code was showing its age. just because environ is a char** array doesn't mean we must exclusively operate on such. convert to a red-black tree, manipulate as desired, then flatten to array. potentially overkill for the current operations, but reading the tea leaves i see that more manipulations are desired. ok tb (and some thought provoking disagreement from martijn)
Revision 1.6 / (download) - annotate - [select for diffs], Tue Jun 7 16:49:23 2016 UTC (7 years, 11 months ago) by tedu
Branch: MAIN
Changes since 1.5: +0 -2 lines
Diff to previous 1.5 (colored)
revert recent changes to allow setenv. everybody now has an idea about how to do things better, so let's take a step back and reconsider.
Revision 1.5 / (download) - annotate - [select for diffs], Sun Jun 5 00:46:34 2016 UTC (7 years, 11 months ago) by djm
Branch: MAIN
Changes since 1.4: +3 -1 lines
Diff to previous 1.4 (colored)
add a doas.conf setenv directive that allows setting environment
variables explicitly and by copying existing environment variables
of a different name. E.g.
permit nopass setenv { PS1=$SUDO_PS1 FOO=bar } keepenv :wheel
ok tedu@ benno@
Revision 1.4 / (download) - annotate - [select for diffs], Fri Jul 24 06:36:42 2015 UTC (8 years, 9 months ago) by zhuk
Branch: MAIN
CVS Tags: OPENBSD_5_9_BASE,
OPENBSD_5_9,
OPENBSD_5_8_BASE,
OPENBSD_5_8
Changes since 1.3: +2 -1 lines
Diff to previous 1.3 (colored)
Further improve syntax error reporting in doas:
- teach parser to recover after error, allowing to report many errors
instead of the first one only;
- fix remaining error printouts without exact position.
Some ideas were taken from diff sent by dlg@ earlier, thanks!
okay tedu@, dlg@
Revision 1.3 / (download) - annotate - [select for diffs], Tue Jul 21 11:04:06 2015 UTC (8 years, 10 months ago) by zhuk
Branch: MAIN
Changes since 1.2: +2 -1 lines
Diff to previous 1.2 (colored)
Add argument matching support to doas. Input and generic support from many. Final okay from tedu@.
Revision 1.2 / (download) - annotate - [select for diffs], Sat Jul 18 07:49:16 2015 UTC (8 years, 10 months ago) by bcallah
Branch: MAIN
Changes since 1.1: +1 -0 lines
Diff to previous 1.1 (colored)
Add RCS ID. ok deraadt@
Revision 1.1 / (download) - annotate - [select for diffs], Thu Jul 16 20:44:21 2015 UTC (8 years, 10 months ago) by tedu
Branch: MAIN
import doas. still subject to changes, large and small.