=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/sudo/Attic/sudo.c,v retrieving revision 1.18 retrieving revision 1.19 diff -c -r1.18 -r1.19 *** src/usr.bin/sudo/Attic/sudo.c 2003/04/01 15:47:51 1.18 --- src/usr.bin/sudo/Attic/sudo.c 2003/04/03 19:15:34 1.19 *************** *** 35,41 **** * with this distribution. */ ! #define _SUDO_SUDO_C #include "config.h" --- 35,41 ---- * with this distribution. */ ! #define _SUDO_MAIN #include "config.h" *************** *** 69,74 **** --- 69,79 ---- #ifdef HAVE_UNISTD_H # include #endif /* HAVE_UNISTD_H */ + #ifdef HAVE_ERR_H + # include + #else + # include "emul/err.h" + #endif /* HAVE_ERR_H */ #include #include #include *************** *** 98,111 **** #include "version.h" #ifndef lint ! static const char rcsid[] = "$Sudo: sudo.c,v 1.334 2003/04/01 15:02:49 millert Exp $"; #endif /* lint */ /* * Prototypes */ static int init_vars __P((int)); ! static int parse_args __P((void)); static void check_sudoers __P((void)); static void initial_setup __P((void)); static void set_loginclass __P((struct passwd *)); --- 103,116 ---- #include "version.h" #ifndef lint ! static const char rcsid[] = "$Sudo: sudo.c,v 1.335 2003/04/02 18:25:19 millert Exp $"; #endif /* lint */ /* * Prototypes */ static int init_vars __P((int)); ! static int parse_args __P((int, char **)); static void check_sudoers __P((void)); static void initial_setup __P((void)); static void set_loginclass __P((struct passwd *)); *************** *** 121,133 **** /* * Globals */ ! int Argc; ! char **Argv; ! int NewArgc = 0; ! char **NewArgv = NULL; struct sudo_user sudo_user; struct passwd *auth_pw; ! FILE *sudoers_fp = NULL; struct interface *interfaces; int num_interfaces; int tgetpass_flags; --- 126,136 ---- /* * Globals */ ! int Argc, NewArgc; ! char **Argv, **NewArgv; struct sudo_user sudo_user; struct passwd *auth_pw; ! FILE *sudoers_fp; struct interface *interfaces; int num_interfaces; int tgetpass_flags; *************** *** 161,169 **** extern int printmatches; extern char **environ; /* Must be done as the first thing... */ #if defined(HAVE_GETPRPWNAM) && defined(HAVE_SET_AUTH_PARAMETERS) ! (void) set_auth_parameters(argc, argv); # ifdef HAVE_INITPRIVS initprivs(); # endif --- 164,175 ---- extern int printmatches; extern char **environ; + Argc = argc; + Argv = argv; + /* Must be done as the first thing... */ #if defined(HAVE_GETPRPWNAM) && defined(HAVE_SET_AUTH_PARAMETERS) ! (void) set_auth_parameters(Argc, Argv); # ifdef HAVE_INITPRIVS initprivs(); # endif *************** *** 172,185 **** /* Zero out the environment. */ environ = zero_env(envp); ! Argv = argv; ! Argc = argc; - if (geteuid() != 0) { - (void) fprintf(stderr, "Sorry, %s must be setuid root.\n", Argv[0]); - exit(1); - } - /* * Signal setup: * Ignore keyboard-generated signals so the user cannot interrupt --- 178,186 ---- /* Zero out the environment. */ environ = zero_env(envp); ! if (geteuid() != 0) ! errx(1, "must be setuid root"); /* * Signal setup: * Ignore keyboard-generated signals so the user cannot interrupt *************** *** 202,208 **** setpwent(); /* Parse our arguments. */ ! sudo_mode = parse_args(); /* Setup defaults data structures. */ init_defaults(); --- 203,209 ---- setpwent(); /* Parse our arguments. */ ! sudo_mode = parse_args(Argc, Argv); /* Setup defaults data structures. */ init_defaults(); *************** *** 322,328 **** if (user_uid == 0 && !def_flag(I_ROOT_SUDO)) { (void) fprintf(stderr, "Sorry, %s has been configured to not allow root to run it.\n", ! Argv[0]); exit(1); } --- 323,329 ---- if (user_uid == 0 && !def_flag(I_ROOT_SUDO)) { (void) fprintf(stderr, "Sorry, %s has been configured to not allow root to run it.\n", ! getprogname()); exit(1); } *************** *** 360,370 **** if (validated & VALIDATE_OK) { /* Finally tell the user if the command did not exist. */ if (cmnd_status == NOT_FOUND_DOT) { ! (void) fprintf(stderr, "%s: ignoring `%s' found in '.'\nUse `sudo ./%s' if this is the `%s' you wish to run.\n", Argv[0], user_cmnd, user_cmnd, user_cmnd); exit(1); } else if (cmnd_status == NOT_FOUND) { ! (void) fprintf(stderr, "%s: %s: command not found\n", Argv[0], ! user_cmnd); exit(1); } --- 361,370 ---- if (validated & VALIDATE_OK) { /* Finally tell the user if the command did not exist. */ if (cmnd_status == NOT_FOUND_DOT) { ! warnx("ignoring `%s' found in '.'\nUse `sudo ./%s' if this is the `%s' you wish to run.", user_cmnd, user_cmnd, user_cmnd); exit(1); } else if (cmnd_status == NOT_FOUND) { ! warnx("%s: command not found", user_cmnd); exit(1); } *************** *** 420,427 **** /* * If we got here then the exec() failed... */ ! (void) fprintf(stderr, "%s: unable to exec %s: %s\n", ! Argv[0], safe_cmnd, strerror(errno)); exit(127); } else if ((validated & FLAG_NO_USER) || (validated & FLAG_NO_HOST)) { log_auth(validated, 1); --- 420,426 ---- /* * If we got here then the exec() failed... */ ! warn("unable to execute %s", safe_cmnd); exit(127); } else if ((validated & FLAG_NO_USER) || (validated & FLAG_NO_HOST)) { log_auth(validated, 1); *************** *** 438,447 **** log_auth(validated, !(cmnd_status == NOT_FOUND_DOT || cmnd_status == NOT_FOUND)); if (cmnd_status == NOT_FOUND) ! (void) fprintf(stderr, "%s: %s: command not found\n", Argv[0], ! user_cmnd); else if (cmnd_status == NOT_FOUND_DOT) ! (void) fprintf(stderr, "%s: ignoring `%s' found in '.'\nUse `sudo ./%s' if this is the `%s' you wish to run.\n", Argv[0], user_cmnd, user_cmnd, user_cmnd); } else { /* Just tell the user they are not allowed to run foo. */ log_auth(validated, 1); --- 437,445 ---- log_auth(validated, !(cmnd_status == NOT_FOUND_DOT || cmnd_status == NOT_FOUND)); if (cmnd_status == NOT_FOUND) ! warnx("%s: command not found", user_cmnd); else if (cmnd_status == NOT_FOUND_DOT) ! warnx("ignoring `%s' found in '.'\nUse `sudo ./%s' if this is the `%s' you wish to run.", user_cmnd, user_cmnd, user_cmnd); } else { /* Just tell the user they are not allowed to run foo. */ log_auth(validated, 1); *************** *** 467,477 **** int nohostname, rval; /* Sanity check command from user. */ ! if (user_cmnd == NULL && strlen(NewArgv[0]) >= MAXPATHLEN) { ! (void) fprintf(stderr, "%s: %s: Pathname too long\n", Argv[0], ! NewArgv[0]); ! exit(1); ! } #ifdef HAVE_TZSET (void) tzset(); /* set the timezone if applicable */ --- 465,472 ---- int nohostname, rval; /* Sanity check command from user. */ ! if (user_cmnd == NULL && strlen(NewArgv[0]) >= MAXPATHLEN) ! errx(1, "%s: File name too long", NewArgv[0]); #ifdef HAVE_TZSET (void) tzset(); /* set the timezone if applicable */ *************** *** 554,561 **** if (!getcwd(user_cwd, sizeof(user_cwd))) { set_perms(PERM_ROOT); if (!getcwd(user_cwd, sizeof(user_cwd))) { ! (void) fprintf(stderr, "%s: Can't get working directory!\n", ! Argv[0]); (void) strlcpy(user_cwd, "unknown", sizeof(user_cwd)); } } else --- 549,555 ---- if (!getcwd(user_cwd, sizeof(user_cwd))) { set_perms(PERM_ROOT); if (!getcwd(user_cwd, sizeof(user_cwd))) { ! warnx("cannot get working directory"); (void) strlcpy(user_cwd, "unknown", sizeof(user_cwd)); } } else *************** *** 571,582 **** NewArgv = (char **) emalloc2((++NewArgc + 1), sizeof(char *)); if (user_shell && *user_shell) { NewArgv[0] = user_shell; ! } else { ! (void) fprintf(stderr, "%s: Unable to determine shell.", Argv[0]); ! exit(1); ! } ! /* copy the args from Argv */ for (dst = NewArgv + 1; (*dst = *src) != NULL; ++src, ++dst) ; } --- 565,574 ---- NewArgv = (char **) emalloc2((++NewArgc + 1), sizeof(char *)); if (user_shell && *user_shell) { NewArgv[0] = user_shell; ! } else ! errx(1, "unable to determine shell"); ! /* copy the args from NewArgv */ for (dst = NewArgv + 1; (*dst = *src) != NULL; ++src, ++dst) ; } *************** *** 613,623 **** user_args = (char *) emalloc(size); for (to = user_args, from = NewArgv + 1; *from; from++) { n = strlcpy(to, *from, size - (to - user_args)); ! if (n >= size - (to - user_args)) { ! (void) fprintf(stderr, ! "%s: internal error, init_vars() overflow\n", Argv[0]); ! exit(1); ! } to += n; *to++ = ' '; } --- 605,612 ---- user_args = (char *) emalloc(size); for (to = user_args, from = NewArgv + 1; *from; from++) { n = strlcpy(to, *from, size - (to - user_args)); ! if (n >= size - (to - user_args)) ! errx(1, "internal error, init_vars() overflow"); to += n; *to++ = ' '; } *************** *** 633,645 **** * Command line argument parsing, can't use getopt(3). */ static int ! parse_args() { int rval = MODE_RUN; /* what mode is sudo to be run in? */ int excl = 0; /* exclusive arg, no others allowed */ ! NewArgv = Argv + 1; ! NewArgc = Argc - 1; if (NewArgc == 0) { /* no options and no command */ rval |= (MODE_IMPLIED_SHELL | MODE_SHELL); --- 622,636 ---- * Command line argument parsing, can't use getopt(3). */ static int ! parse_args(argc, argv) ! int argc; ! char **argv; { int rval = MODE_RUN; /* what mode is sudo to be run in? */ int excl = 0; /* exclusive arg, no others allowed */ ! NewArgv = argv + 1; ! NewArgc = argc - 1; if (NewArgc == 0) { /* no options and no command */ rval |= (MODE_IMPLIED_SHELL | MODE_SHELL); *************** *** 647,657 **** } while (NewArgc > 0 && NewArgv[0][0] == '-') { ! if (NewArgv[0][1] != '\0' && NewArgv[0][2] != '\0') { ! (void) fprintf(stderr, "%s: Please use single character options\n", ! Argv[0]); ! usage(1); ! } switch (NewArgv[0][1]) { case 'p': --- 638,645 ---- } while (NewArgc > 0 && NewArgv[0][0] == '-') { ! if (NewArgv[0][1] != '\0' && NewArgv[0][2] != '\0') ! warnx("please use single character options"); switch (NewArgv[0][1]) { case 'p': *************** *** 661,667 **** user_prompt = NewArgv[1]; - /* Shift Argv over and adjust Argc. */ NewArgc--; NewArgv++; break; --- 649,654 ---- *************** *** 672,678 **** user_runas = &NewArgv[1]; - /* Shift Argv over and adjust Argc. */ NewArgc--; NewArgv++; break; --- 659,664 ---- *************** *** 684,690 **** login_style = NewArgv[1]; - /* Shift Argv over and adjust Argc. */ NewArgc--; NewArgv++; break; --- 670,675 ---- *************** *** 698,704 **** login_class = NewArgv[1]; def_flag(I_USE_LOGINCLASS) = TRUE; - /* Shift Argv over and adjust Argc. */ NewArgc--; NewArgv++; break; --- 683,688 ---- *************** *** 770,781 **** rval |= (MODE_IMPLIED_SHELL | MODE_SHELL); return(rval); case '\0': ! (void) fprintf(stderr, "%s: '-' requires an argument\n", ! Argv[0]); usage(1); default: ! (void) fprintf(stderr, "%s: Illegal option %s\n", Argv[0], ! NewArgv[0]); usage(1); } NewArgc--; --- 754,763 ---- rval |= (MODE_IMPLIED_SHELL | MODE_SHELL); return(rval); case '\0': ! warnx("'-' requires an argument"); usage(1); default: ! warnx("illegal option `%s'", NewArgv[0]); usage(1); } NewArgc--; *************** *** 808,830 **** (statbuf.st_mode & 0007777) == 0400) { if (chmod(_PATH_SUDOERS, SUDOERS_MODE) == 0) { ! (void) fprintf(stderr, "%s: fixed mode on %s\n", ! Argv[0], _PATH_SUDOERS); statbuf.st_mode |= SUDOERS_MODE; if (statbuf.st_gid != SUDOERS_GID) { if (!chown(_PATH_SUDOERS,(uid_t) -1,SUDOERS_GID)) { ! (void) fprintf(stderr, "%s: set group on %s\n", ! Argv[0], _PATH_SUDOERS); statbuf.st_gid = SUDOERS_GID; ! } else { ! (void) fprintf(stderr,"%s: Unable to set group on %s: %s\n", ! Argv[0], _PATH_SUDOERS, strerror(errno)); ! } } ! } else { ! (void) fprintf(stderr, "%s: Unable to fix mode on %s: %s\n", ! Argv[0], _PATH_SUDOERS, strerror(errno)); ! } } /* --- 790,806 ---- (statbuf.st_mode & 0007777) == 0400) { if (chmod(_PATH_SUDOERS, SUDOERS_MODE) == 0) { ! warnx("fixed mode on %s", _PATH_SUDOERS); statbuf.st_mode |= SUDOERS_MODE; if (statbuf.st_gid != SUDOERS_GID) { if (!chown(_PATH_SUDOERS,(uid_t) -1,SUDOERS_GID)) { ! warnx("set group on %s", _PATH_SUDOERS); statbuf.st_gid = SUDOERS_GID; ! } else ! warn("unable to set group on %s", _PATH_SUDOERS); } ! } else ! warn("unable to fix mode on %s", _PATH_SUDOERS); } /* *************** *** 945,955 **** errflags = NO_MAIL|MSG_ONLY|NO_EXIT; if (login_class && strcmp(login_class, "-") != 0) { ! if (strcmp(*user_runas, "root") != 0 && user_uid != 0) { ! (void) fprintf(stderr, "%s: only root can use -c %s\n", ! Argv[0], login_class); ! exit(1); ! } } else { login_class = pw->pw_class; if (!login_class || !*login_class) --- 921,928 ---- errflags = NO_MAIL|MSG_ONLY|NO_EXIT; if (login_class && strcmp(login_class, "-") != 0) { ! if (strcmp(*user_runas, "root") != 0 && user_uid != 0) ! errx(1, "only root can use -c %s", login_class); } else { login_class = pw->pw_class; if (!login_class || !*login_class)