version 1.5, 2000/04/28 23:17:43 |
version 1.6, 2000/06/05 14:01:15 |
|
|
static void add_env __P((int)); |
static void add_env __P((int)); |
static void clean_env __P((char **, struct env_table *)); |
static void clean_env __P((char **, struct env_table *)); |
static void initial_setup __P((void)); |
static void initial_setup __P((void)); |
static void update_epasswd __P((void)); |
static struct passwd *get_authpw __P((void)); |
extern struct passwd *sudo_getpwuid __P((uid_t)); |
extern struct passwd *sudo_getpwuid __P((uid_t)); |
|
extern struct passwd *sudo_getpwnam __P((const char *)); |
extern void list_matches __P((void)); |
extern void list_matches __P((void)); |
|
|
/* |
/* |
|
|
int NewArgc = 0; |
int NewArgc = 0; |
char **NewArgv = NULL; |
char **NewArgv = NULL; |
struct sudo_user sudo_user; |
struct sudo_user sudo_user; |
|
struct passwd *auth_pw; |
FILE *sudoers_fp = NULL; |
FILE *sudoers_fp = NULL; |
struct interface *interfaces; |
struct interface *interfaces; |
int num_interfaces; |
int num_interfaces; |
|
|
(void) close(fd); |
(void) close(fd); |
} |
} |
|
|
/* Update encrypted password in user_password if sudoers said to. */ |
/* Fill in passwd struct based on user we are authenticating as. */ |
update_epasswd(); |
auth_pw = get_authpw(); |
|
|
/* Require a password unless the NOPASS tag was set. */ |
/* Require a password unless the NOPASS tag was set. */ |
if (!(validated & FLAG_NOPASS)) |
if (!(validated & FLAG_NOPASS)) |
|
|
/* This *must* have been set if we got a match but... */ |
/* This *must* have been set if we got a match but... */ |
if (safe_cmnd == NULL) { |
if (safe_cmnd == NULL) { |
log_error(MSG_ONLY, |
log_error(MSG_ONLY, |
"internal error, safe_cmnd never got set for %s; %s", |
"internal error, cmnd_safe never got set for %s; %s", |
user_cmnd, |
user_cmnd, |
"please report this error at http://courtesan.com/sudo/bugs/"); |
"please report this error at http://courtesan.com/sudo/bugs/"); |
} |
} |
|
|
} |
} |
|
|
/* |
/* |
* If the sudoers file says to prompt for a different user's password, |
* Get passwd entry for the user we are going to authenticate as. |
* update the encrypted password in user_passwd accordingly. |
* By default, this is the user invoking sudo... |
*/ |
*/ |
static void |
static struct passwd * |
update_epasswd() |
get_authpw() |
{ |
{ |
struct passwd *pw; |
struct passwd *pw; |
|
|
/* We may be configured to prompt for a password other than the user's */ |
|
if (def_ival(I_ROOTPW)) { |
if (def_ival(I_ROOTPW)) { |
if ((pw = getpwuid(0)) == NULL) |
if ((pw = sudo_getpwuid(0)) == NULL) |
log_error(0, "uid 0 does not exist in the passwd file!"); |
log_error(0, "uid 0 does not exist in the passwd file!"); |
free(user_passwd); |
|
user_passwd = estrdup(sudo_getepw(pw)); |
|
} else if (def_ival(I_RUNASPW)) { |
} else if (def_ival(I_RUNASPW)) { |
if ((pw = getpwnam(def_str(I_RUNAS_DEF))) == NULL) |
if ((pw = sudo_getpwnam(def_str(I_RUNAS_DEF))) == NULL) |
log_error(0, "user %s does not exist in the passwd file!", |
log_error(0, "user %s does not exist in the passwd file!", |
def_str(I_RUNAS_DEF)); |
def_str(I_RUNAS_DEF)); |
free(user_passwd); |
|
user_passwd = estrdup(sudo_getepw(pw)); |
|
} else if (def_ival(I_TARGETPW)) { |
} else if (def_ival(I_TARGETPW)) { |
if (**user_runas == '#') { |
if (**user_runas == '#') { |
if ((pw = getpwuid(atoi(*user_runas + 1))) == NULL) |
if ((pw = sudo_getpwuid(atoi(*user_runas + 1))) == NULL) |
log_error(0, "uid %s does not exist in the passwd file!", |
log_error(0, "uid %s does not exist in the passwd file!", |
user_runas); |
user_runas); |
} else { |
} else { |
if ((pw = getpwnam(*user_runas)) == NULL) |
if ((pw = sudo_getpwnam(*user_runas)) == NULL) |
log_error(0, "user %s does not exist in the passwd file!", |
log_error(0, "user %s does not exist in the passwd file!", |
user_runas); |
user_runas); |
} |
} |
free(user_passwd); |
} else |
user_passwd = estrdup(sudo_getepw(pw)); |
pw = sudo_user.pw; |
} |
|
|
return(pw); |
} |
} |
|
|
/* |
/* |