├── docs ├── CODEOWNERS ├── fixmdoc.sed └── sudo.conf.man.in.sed ├── lib ├── util │ └── regress │ │ ├── sudo_conf │ │ ├── test2.in │ │ ├── test5.in │ │ ├── test6.in │ │ ├── test4.in │ │ ├── test5.err.ok │ │ ├── test4.err.ok │ │ ├── test2.out.ok │ │ ├── test4.out.ok │ │ ├── test5.out.ok │ │ ├── test6.out.ok │ │ ├── test3.in │ │ ├── test7.in │ │ ├── test3.out.ok │ │ ├── test1.out.ok │ │ └── test7.out.ok │ │ ├── sudo_parseln │ │ ├── test5.out.ok │ │ ├── test5.in │ │ ├── test3.in │ │ ├── test3.out.ok │ │ ├── test6.out.ok │ │ ├── test6.in │ │ ├── test4.in │ │ ├── test4.out.ok │ │ ├── test2.out.ok │ │ └── test2.in │ │ ├── fnmatch │ │ └── fnm_test.in │ │ ├── fuzz │ │ └── fuzz_sudo_conf.dict │ │ └── glob │ │ └── files ├── iolog │ └── regress │ │ ├── iolog_filter │ │ ├── test1 │ │ │ ├── ttyin │ │ │ ├── ttyin.filtered │ │ │ ├── log │ │ │ └── ttyout │ │ ├── test2 │ │ │ ├── ttyin │ │ │ ├── ttyin.filtered │ │ │ ├── log │ │ │ └── ttyout │ │ └── test3 │ │ │ ├── ttyin │ │ │ ├── ttyin.filtered │ │ │ ├── log │ │ │ └── ttyout │ │ ├── corpus │ │ └── seed │ │ │ ├── log_legacy │ │ │ ├── mailq.log │ │ │ ├── less.log │ │ │ ├── ls.log │ │ │ ├── vi.log │ │ │ ├── smtpctl.log │ │ │ ├── id.log │ │ │ ├── pkg_add.log │ │ │ ├── pkg_delete.log │ │ │ ├── printenv.log │ │ │ └── make.log │ │ │ └── timing │ │ │ ├── timing.4 │ │ │ └── timing.7 │ │ └── fuzz │ │ ├── fuzz_iolog_json.dict │ │ └── fuzz_iolog_legacy.dict ├── eventlog │ └── regress │ │ ├── eventlog_store │ │ ├── test4.sudo.out.ok │ │ ├── test3.sudo.out.ok │ │ ├── test2.sudo.out.ok │ │ ├── test1.sudo.out.ok │ │ ├── test2.json.out.ok │ │ ├── test1.json.out.ok │ │ └── test4.json.out.ok │ │ ├── logwrap │ │ └── check_wrap.in │ │ └── parse_json │ │ ├── test3.in │ │ ├── test3.out.ok │ │ └── test2.in └── zlib │ ├── inffast.h │ └── gzclose.c ├── plugins ├── sudoers │ ├── regress │ │ ├── sudoers │ │ │ ├── test9.in │ │ │ ├── test10.in │ │ │ ├── test10.json.ok │ │ │ ├── test10.ldif.ok │ │ │ ├── test11.json.ok │ │ │ ├── test11.ldif.ok │ │ │ ├── test12.json.ok │ │ │ ├── test12.ldif.ok │ │ │ ├── test13.json.ok │ │ │ ├── test13.ldif.ok │ │ │ ├── test18.json.ok │ │ │ ├── test18.ldif.ok │ │ │ ├── test25.json.ok │ │ │ ├── test25.ldif.ok │ │ │ ├── test29.json.ok │ │ │ ├── test29.ldif.ok │ │ │ ├── test4.json.ok │ │ │ ├── test4.ldif.ok │ │ │ ├── test5.json.ok │ │ │ ├── test5.ldif.ok │ │ │ ├── test7.json.ok │ │ │ ├── test7.ldif.ok │ │ │ ├── test8.json.ok │ │ │ ├── test8.ldif.ok │ │ │ ├── test9.json.ok │ │ │ ├── test9.ldif.ok │ │ │ ├── test9.toke.ok │ │ │ ├── test10.toke.ok │ │ │ ├── test11.in │ │ │ ├── test11.out.ok │ │ │ ├── test12.out.ok │ │ │ ├── test13.out.ok │ │ │ ├── test25.out.ok │ │ │ ├── test29.out.ok │ │ │ ├── test3.ldif2sudo.ok │ │ │ ├── test5.out.ok │ │ │ ├── test7.out.ok │ │ │ ├── test13.in │ │ │ ├── test11.toke.ok │ │ │ ├── test12.in │ │ │ ├── test9.out.ok │ │ │ ├── test10.out.ok │ │ │ ├── test12.toke.ok │ │ │ ├── test13.toke.ok │ │ │ ├── test15.toke.ok │ │ │ ├── test15.out.ok │ │ │ ├── test25.toke.ok │ │ │ ├── test4.out.ok │ │ │ ├── test15.ldif2sudo.ok │ │ │ ├── test16.ldif2sudo.ok │ │ │ ├── test16.toke.ok │ │ │ ├── test15.in │ │ │ ├── test8.out.ok │ │ │ ├── test16.out.ok │ │ │ ├── test18.out.ok │ │ │ ├── test5.in │ │ │ ├── test5.toke.ok │ │ │ ├── test16.in │ │ │ ├── test30.sudo.ok │ │ │ ├── test30.out.ok │ │ │ ├── test4.toke.ok │ │ │ ├── test22.out.ok │ │ │ ├── test22.toke.ok │ │ │ ├── test22.in │ │ │ ├── test6.ldif2sudo.ok │ │ │ ├── test25.in │ │ │ ├── test30.toke.ok │ │ │ ├── test3.out.ok │ │ │ ├── test7.in │ │ │ ├── test8.in │ │ │ ├── test15.ldif.ok │ │ │ ├── test16.ldif.ok │ │ │ ├── test22.ldif2sudo.ok │ │ │ ├── test3.toke.ok │ │ │ ├── test30.ldif2sudo.ok │ │ │ ├── test31.toke.ok │ │ │ ├── test4.in │ │ │ ├── test8.toke.ok │ │ │ ├── test3.in │ │ │ ├── test29.toke.ok │ │ │ ├── test30.in │ │ │ ├── test31.out.ok │ │ │ ├── test27.out.ok │ │ │ ├── test27.toke.ok │ │ │ ├── test6.out.ok │ │ │ ├── test7.toke.ok │ │ │ ├── test14.toke.ok │ │ │ ├── test29.in │ │ │ ├── test31.in │ │ │ ├── test1.toke.ok │ │ │ ├── test3.ldif.ok │ │ │ ├── test31.ldif2sudo.ok │ │ │ ├── test24.out.ok │ │ │ ├── test1.out.ok │ │ │ ├── test27.ldif2sudo.ok │ │ │ ├── test18.in │ │ │ ├── test24.in │ │ │ ├── test27.in │ │ │ ├── test6.in │ │ │ ├── test23.toke.ok │ │ │ ├── test23.ldif2sudo.ok │ │ │ ├── test24.ldif2sudo.ok │ │ │ ├── test23.out.ok │ │ │ ├── test1.ldif2sudo.ok │ │ │ ├── test1.in │ │ │ ├── test15.json.ok │ │ │ ├── test23.in │ │ │ ├── test6.toke.ok │ │ │ ├── test18.toke.ok │ │ │ ├── test19.toke.ok │ │ │ ├── test14.in │ │ │ ├── test20.ldif2sudo.ok │ │ │ ├── test14.out.ok │ │ │ ├── test20.out.ok │ │ │ ├── test17.out.ok │ │ │ ├── test20.in │ │ │ ├── test16.json.ok │ │ │ ├── test24.toke.ok │ │ │ ├── test23.ldif.ok │ │ │ ├── test19.out.ok │ │ │ ├── test28.toke.ok │ │ │ ├── test14.ldif2sudo.ok │ │ │ ├── test20.toke.ok │ │ │ ├── test17.in │ │ │ ├── test17.toke.ok │ │ │ ├── test28.out.ok │ │ │ ├── test19.in │ │ │ ├── test28.ldif2sudo.ok │ │ │ ├── test17.ldif2sudo.ok │ │ │ ├── test20.ldif.ok │ │ │ ├── test30.ldif.ok │ │ │ ├── test31.ldif.ok │ │ │ ├── test22.ldif.ok │ │ │ ├── test19.ldif2sudo.ok │ │ │ └── test14.ldif.ok │ │ ├── visudo │ │ │ ├── test2.out.ok │ │ │ ├── test1.out.ok │ │ │ ├── test10.out.ok │ │ │ ├── test3.out.ok │ │ │ ├── test4.out.ok │ │ │ ├── test5.out.ok │ │ │ ├── test6.out.ok │ │ │ ├── test7.out.ok │ │ │ ├── test9.out.ok │ │ │ ├── test8.out.ok │ │ │ ├── test2.err.ok │ │ │ ├── test8.err.ok │ │ │ ├── test3.err.ok │ │ │ ├── test5.sh │ │ │ ├── test1.sh │ │ │ ├── test9.sh │ │ │ ├── test4.sh │ │ │ ├── test10.sh │ │ │ ├── test2.sh │ │ │ ├── test3.sh │ │ │ ├── test6.sh │ │ │ └── test7.sh │ │ ├── cvtsudoers │ │ │ ├── test26.out.ok │ │ │ ├── test39.out.ok │ │ │ ├── test16.out.ok │ │ │ ├── test17.out.ok │ │ │ ├── test18.out.ok │ │ │ ├── test6.out.ok │ │ │ ├── test10.out.ok │ │ │ ├── test20.out.ok │ │ │ ├── test8.out.ok │ │ │ ├── test15.out.ok │ │ │ ├── test32.err.ok │ │ │ ├── test9.out.ok │ │ │ ├── test7.out.ok │ │ │ ├── test29.out.ok │ │ │ ├── test4.out.ok │ │ │ ├── test33.out.ok │ │ │ ├── test20.conf │ │ │ ├── test3.out.ok │ │ │ ├── test12.sh │ │ │ ├── test13.sh │ │ │ ├── test14.sh │ │ │ ├── test11.sh │ │ │ ├── test1.sh │ │ │ ├── test3.sh │ │ │ ├── test5.sh │ │ │ ├── test7.sh │ │ │ ├── test9.sh │ │ │ ├── test5.out.ok │ │ │ ├── test6.sh │ │ │ ├── test8.sh │ │ │ ├── test10.sh │ │ │ ├── test19.sh │ │ │ ├── test40.out.ok │ │ │ ├── test2.sh │ │ │ ├── test4.sh │ │ │ ├── test15.sh │ │ │ ├── test18.sh │ │ │ ├── test16.sh │ │ │ ├── test17.sh │ │ │ ├── test28.out.ok │ │ │ ├── test24.sh │ │ │ ├── test21.conf │ │ │ ├── test26.err.ok │ │ │ ├── test27.sh │ │ │ ├── test36.sh │ │ │ ├── test23.sh │ │ │ ├── test34.sh │ │ │ ├── test35.sh │ │ │ ├── test31.conf │ │ │ ├── test14.out.ok │ │ │ ├── test20.sh │ │ │ ├── test37.sh │ │ │ ├── test38.sh │ │ │ ├── test11.out.ok │ │ │ ├── test21.sh │ │ │ ├── test13.out.ok │ │ │ ├── test12.out.ok │ │ │ ├── test31.sh │ │ │ ├── test2.out.ok │ │ │ ├── test19.out.ok │ │ │ ├── test30.sh │ │ │ ├── test39.sh │ │ │ ├── test27.out.ok │ │ │ ├── test1.out.ok │ │ │ ├── test41.sh │ │ │ ├── test21.out.ok │ │ │ ├── test31.out.ok │ │ │ ├── test32.sh │ │ │ ├── test38.out.ok │ │ │ ├── test36.out.ok │ │ │ ├── test37.out.ok │ │ │ ├── test41.out.ok │ │ │ ├── test40.sh │ │ │ ├── sudoers.defs │ │ │ ├── test23.out.ok │ │ │ ├── test34.out.ok │ │ │ ├── test35.out.ok │ │ │ ├── test22.out.ok │ │ │ ├── test25.out.ok │ │ │ └── test30.out.ok │ │ ├── corpus │ │ │ └── seed │ │ │ │ ├── policy │ │ │ │ ├── policy.1 │ │ │ │ ├── policy.2 │ │ │ │ ├── policy.5 │ │ │ │ └── policy.4 │ │ │ │ └── ldif │ │ │ │ ├── pr196.ldif │ │ │ │ └── invalid_b64.ldif │ │ ├── testsudoers │ │ │ ├── test2.inc │ │ │ ├── test4.out.ok │ │ │ ├── test1.out.ok │ │ │ ├── test22.out.ok │ │ │ ├── test6.out.ok │ │ │ ├── test7.out.ok │ │ │ ├── test9.out.ok │ │ │ ├── test16.out.ok │ │ │ ├── test6.sh │ │ │ ├── test7.sh │ │ │ ├── test21.out.ok │ │ │ ├── test4.sh │ │ │ ├── test17.out.ok │ │ │ ├── test20.out.ok │ │ │ ├── test27.out.ok │ │ │ ├── test5.out.ok │ │ │ ├── test14.out.ok │ │ │ ├── group │ │ │ ├── test15.out.ok │ │ │ ├── test1.sh │ │ │ ├── test9.sh │ │ │ ├── test19.out.ok │ │ │ ├── passwd │ │ │ ├── test19.sh │ │ │ ├── test2.out.ok │ │ │ ├── test12.sh │ │ │ ├── test8.out.ok │ │ │ ├── test27.sh │ │ │ ├── test12.out.ok │ │ │ ├── test20.sh │ │ │ ├── test23.out.ok │ │ │ ├── test22.sh │ │ │ ├── test13.sh │ │ │ ├── test14.sh │ │ │ ├── test2.sh │ │ │ ├── test21.sh │ │ │ ├── test15.sh │ │ │ ├── test11.out.ok │ │ │ ├── test8.sh │ │ │ ├── test5.sh │ │ │ ├── test23.sh │ │ │ ├── test11.sh │ │ │ ├── test13.out.ok │ │ │ └── test24.out.ok │ │ ├── fuzz │ │ │ └── fuzz_sudoers_ldif.dict │ │ └── parser │ │ │ └── check_addr.in │ ├── po │ │ ├── ast.mo │ │ ├── ca.mo │ │ ├── cs.mo │ │ ├── da.mo │ │ ├── de.mo │ │ ├── el.mo │ │ ├── eo.mo │ │ ├── es.mo │ │ ├── eu.mo │ │ ├── fa.mo │ │ ├── fi.mo │ │ ├── fr.mo │ │ ├── fur.mo │ │ ├── hr.mo │ │ ├── hu.mo │ │ ├── id.mo │ │ ├── it.mo │ │ ├── ja.mo │ │ ├── ka.mo │ │ ├── ko.mo │ │ ├── lt.mo │ │ ├── nb.mo │ │ ├── nl.mo │ │ ├── pl.mo │ │ ├── pt.mo │ │ ├── ro.mo │ │ ├── ru.mo │ │ ├── sk.mo │ │ ├── sl.mo │ │ ├── sr.mo │ │ ├── sv.mo │ │ ├── tr.mo │ │ ├── uk.mo │ │ ├── vi.mo │ │ ├── pt_BR.mo │ │ ├── zh_CN.mo │ │ ├── zh_TW.mo │ │ └── README │ ├── sudoers.exp │ └── testsudoers_pwutil.c ├── audit_json │ └── audit_json.exp ├── python │ ├── lsan_suppr.txt │ ├── regress │ │ ├── testdata │ │ │ ├── check_example_policy_plugin_list.stderr │ │ │ ├── check_loading_fails_missing_path.stdout │ │ │ ├── check_loading_fails_wrong_path.stdout │ │ │ ├── check_example_io_plugin_command_log.stderr │ │ │ ├── check_example_io_plugin_version_display.stderr │ │ │ ├── check_loading_fails_missing_classname.stdout │ │ │ ├── check_loading_fails_not_owned_by_root.stdout │ │ │ ├── check_loading_fails_wrong_classname.stdout │ │ │ ├── check_example_policy_plugin_denied_execution.stdout │ │ │ ├── check_example_policy_plugin_failed_execution.stdout │ │ │ ├── check_example_policy_plugin_version_display.stderr │ │ │ ├── check_example_io_plugin_failed_to_start_command.stderr │ │ │ ├── check_example_policy_plugin_accepted_execution.stderr │ │ │ ├── check_example_conversation_plugin_reason_log_with_suspend.stderr │ │ │ ├── check_example_conversation_plugin_reason_log_without_suspend.stderr │ │ │ ├── check_example_conversation_plugin_user_interrupts.stderr │ │ │ ├── check_example_policy_plugin_denied_execution.stderr │ │ │ ├── check_example_policy_plugin_version_display.stdout │ │ │ ├── check_example_debugging_sudo_cb@info.log │ │ │ ├── check_example_io_plugin_version_display.stored │ │ │ ├── check_example_policy_plugin_accepted_execution.stdout │ │ │ ├── check_loading_fails_wrong_path.stderr │ │ │ ├── check_example_conversation_plugin_user_interrupts.stdout │ │ │ ├── check_example_io_plugin_command_log_multiple.stderr │ │ │ ├── check_example_policy_plugin_failed_execution.stderr │ │ │ ├── check_example_audit_plugin_workflow_multiple.stderr │ │ │ ├── check_example_conversation_plugin_reason_log_without_suspend.stdout │ │ │ ├── check_example_io_plugin_command_log.stdout │ │ │ ├── check_multiple_approval_plugin_and_arguments.stderr │ │ │ ├── check_example_conversation_plugin_user_interrupts.conv │ │ │ ├── check_loading_fails_wrong_classname.stderr │ │ │ ├── check_example_conversation_plugin_user_interrupts.conversation │ │ │ ├── check_example_io_plugin_failed_to_start_command.stdout │ │ │ ├── check_loading_fails_not_owned_by_root.stderr │ │ │ ├── check_loading_succeeds_with_missing_classname.stdout │ │ │ ├── check_example_conversation_plugin_reason_log_with_suspend.stored │ │ │ ├── check_example_conversation_plugin_reason_log_without_suspend.stored │ │ │ ├── check_example_debugging_plugin@err.log │ │ │ ├── check_loading_fails_missing_path.stderr │ │ │ ├── check_example_debugging_load@diag.log │ │ │ ├── check_example_io_plugin_fails_with_python_backtrace.stderr │ │ │ ├── check_example_io_plugin_version_display.stdout │ │ │ ├── check_example_policy_plugin_version_display_full.stdout │ │ │ ├── check_example_conversation_plugin_reason_log_with_suspend.conversation │ │ │ ├── check_example_conversation_plugin_reason_log_with_suspend.stdout │ │ │ ├── check_python_plugins_do_not_affect_each_other.stdout │ │ │ ├── check_example_conversation_plugin_reason_log_without_suspend.conversation │ │ │ ├── check_example_io_plugin_command_log_multiple.stdout │ │ │ ├── check_example_io_plugin_failed_to_start_command.stored │ │ │ ├── check_example_io_plugin_version_display_full.stdout │ │ │ ├── check_loading_fails_missing_classname.stderr │ │ │ ├── check_example_audit_plugin_receives_reject.stdout │ │ │ ├── check_example_audit_plugin_receives_error.stdout │ │ │ ├── check_example_audit_plugin_version_display.stdout │ │ │ ├── check_example_audit_plugin_receives_accept.stdout │ │ │ ├── check_example_io_plugin_fails_with_python_backtrace.stdout │ │ │ ├── check_example_io_plugin_command_log.stored │ │ │ ├── check_example_debugging_py_calls@diag.log │ │ │ ├── check_example_io_plugin_command_log_multiple1.stored │ │ │ ├── check_example_io_plugin_command_log_multiple2.stored │ │ │ ├── check_example_debugging_plugin@info.log │ │ │ ├── check_example_group_plugin_is_able_to_debug.log │ │ │ ├── check_example_debugging_c_calls@diag.log │ │ │ ├── check_example_policy_plugin_validate_invalidate.log │ │ │ ├── check_example_audit_plugin_workflow_multiple.stdout │ │ │ ├── check_example_debugging_c_calls@info.log │ │ │ ├── check_example_debugging_py_calls@info.log │ │ │ └── check_example_policy_plugin_list.stdout │ │ ├── plugin_conflict.py │ │ └── plugin_errorstr.py │ ├── python_plugin.exp │ └── example_approval_plugin.py ├── group_file │ └── group_file.exp ├── system_group │ └── system_group.exp ├── sample_approval │ └── sample_approval.exp └── sample │ ├── sample_plugin.exp │ └── README ├── po ├── ast.mo ├── ca.mo ├── cs.mo ├── da.mo ├── de.mo ├── eo.mo ├── es.mo ├── eu.mo ├── fa.mo ├── fi.mo ├── fr.mo ├── fur.mo ├── gl.mo ├── hr.mo ├── hu.mo ├── id.mo ├── it.mo ├── ja.mo ├── ka.mo ├── ko.mo ├── nb.mo ├── nl.mo ├── nn.mo ├── pl.mo ├── pt.mo ├── ro.mo ├── ru.mo ├── sk.mo ├── sl.mo ├── sq.mo ├── sr.mo ├── sv.mo ├── tr.mo ├── uk.mo ├── vi.mo ├── yue.mo ├── pt_BR.mo ├── zh_CN.mo ├── zh_TW.mo └── README ├── .github └── FUNDING.yml ├── etc ├── macos-background.png ├── codespell.ignore ├── init.d │ ├── sudo.conf.in │ ├── aix.sh.in │ └── hpux.sh.in └── codespell.skip ├── src └── intercept.exp.in ├── docker ├── fedora │ ├── latest │ │ └── Dockerfile │ └── rawhide │ │ └── Dockerfile ├── debian │ ├── latest │ │ └── Dockerfile │ └── testing │ │ └── Dockerfile └── ubuntu │ ├── devel │ └── Dockerfile │ ├── latest │ └── Dockerfile │ └── rolling │ └── Dockerfile ├── logsrvd └── regress │ ├── logsrvd_conf │ └── logsrvd_dhparams.pem │ └── fuzz │ └── fuzz_logsrvd_conf.dict ├── autogen.sh └── m4 ├── runlog.m4 └── ltversion.m4 /docs/CODEOWNERS: -------------------------------------------------------------------------------- 1 | @millert 2 | -------------------------------------------------------------------------------- /lib/util/regress/sudo_conf/test2.in: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /lib/util/regress/sudo_parseln/test5.out.ok: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test9.in: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/visudo/test2.out.ok: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /lib/util/regress/sudo_parseln/test5.in: -------------------------------------------------------------------------------- 1 | \ 2 | -------------------------------------------------------------------------------- /plugins/audit_json/audit_json.exp: -------------------------------------------------------------------------------- 1 | audit_json 2 | -------------------------------------------------------------------------------- /plugins/python/lsan_suppr.txt: -------------------------------------------------------------------------------- 1 | leak:libpython 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test26.out.ok: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test39.out.ok: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test10.in: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test10.json.ok: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test10.ldif.ok: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test11.json.ok: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test11.ldif.ok: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test12.json.ok: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test12.ldif.ok: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test13.json.ok: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test13.ldif.ok: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test18.json.ok: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test18.ldif.ok: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test25.json.ok: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test25.ldif.ok: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test29.json.ok: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test29.ldif.ok: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test4.json.ok: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test4.ldif.ok: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test5.json.ok: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test5.ldif.ok: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test7.json.ok: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test7.ldif.ok: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test8.json.ok: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test8.ldif.ok: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test9.json.ok: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test9.ldif.ok: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test9.toke.ok: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/group_file/group_file.exp: -------------------------------------------------------------------------------- 1 | group_plugin 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test10.toke.ok: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test11.in: -------------------------------------------------------------------------------- 1 | bogus 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test11.out.ok: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test12.out.ok: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test13.out.ok: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test25.out.ok: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test29.out.ok: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test3.ldif2sudo.ok: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test5.out.ok: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test7.out.ok: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /lib/util/regress/sudo_conf/test5.in: -------------------------------------------------------------------------------- 1 | Set max_groups 0 2 | -------------------------------------------------------------------------------- /lib/util/regress/sudo_conf/test6.in: -------------------------------------------------------------------------------- 1 | Set max_groups 16 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/corpus/seed/policy/policy.1: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test13.in: -------------------------------------------------------------------------------- 1 | user ALL = (ALL) -------------------------------------------------------------------------------- /plugins/system_group/system_group.exp: -------------------------------------------------------------------------------- 1 | group_plugin 2 | -------------------------------------------------------------------------------- /plugins/sample_approval/sample_approval.exp: -------------------------------------------------------------------------------- 1 | sample_approval 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test11.toke.ok: -------------------------------------------------------------------------------- 1 | WORD(6) 2 | <*> -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test12.in: -------------------------------------------------------------------------------- 1 | user ALL = (ALL) 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test9.out.ok: -------------------------------------------------------------------------------- 1 | Parses OK 2 | 3 | -------------------------------------------------------------------------------- /lib/util/regress/sudo_conf/test4.in: -------------------------------------------------------------------------------- 1 | Set disable_coredump foo 2 | -------------------------------------------------------------------------------- /plugins/sample/sample_plugin.exp: -------------------------------------------------------------------------------- 1 | sample_policy 2 | sample_io 3 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test10.out.ok: -------------------------------------------------------------------------------- 1 | Parses OK 2 | 3 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/testsudoers/test2.inc: -------------------------------------------------------------------------------- 1 | root ALL = ALL 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/visudo/test1.out.ok: -------------------------------------------------------------------------------- 1 | stdin: parsed OK 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/visudo/test10.out.ok: -------------------------------------------------------------------------------- 1 | stdin: parsed OK 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/visudo/test3.out.ok: -------------------------------------------------------------------------------- 1 | stdin: parsed OK 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/visudo/test4.out.ok: -------------------------------------------------------------------------------- 1 | stdin: parsed OK 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/visudo/test5.out.ok: -------------------------------------------------------------------------------- 1 | stdin: parsed OK 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/visudo/test6.out.ok: -------------------------------------------------------------------------------- 1 | stdin: parsed OK 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/visudo/test7.out.ok: -------------------------------------------------------------------------------- 1 | stdin: parsed OK 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/visudo/test9.out.ok: -------------------------------------------------------------------------------- 1 | stdin: parsed OK 2 | -------------------------------------------------------------------------------- /lib/util/regress/sudo_parseln/test3.in: -------------------------------------------------------------------------------- 1 | line continuation at EOF \ 2 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_policy_plugin_list.stderr: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_loading_fails_missing_path.stdout: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_loading_fails_wrong_path.stdout: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test16.out.ok: -------------------------------------------------------------------------------- 1 | user2 host2 = ALL 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test17.out.ok: -------------------------------------------------------------------------------- 1 | %group1 host1 = ALL 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test18.out.ok: -------------------------------------------------------------------------------- 1 | %group1 ALL = ALL 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test6.out.ok: -------------------------------------------------------------------------------- 1 | Defaults syslog=auth 2 | -------------------------------------------------------------------------------- /po/ast.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/po/ast.mo -------------------------------------------------------------------------------- /po/ca.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/po/ca.mo -------------------------------------------------------------------------------- /po/cs.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/po/cs.mo -------------------------------------------------------------------------------- /po/da.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/po/da.mo -------------------------------------------------------------------------------- /po/de.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/po/de.mo -------------------------------------------------------------------------------- /po/eo.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/po/eo.mo -------------------------------------------------------------------------------- /po/es.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/po/es.mo -------------------------------------------------------------------------------- /po/eu.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/po/eu.mo -------------------------------------------------------------------------------- /po/fa.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/po/fa.mo -------------------------------------------------------------------------------- /po/fi.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/po/fi.mo -------------------------------------------------------------------------------- /po/fr.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/po/fr.mo -------------------------------------------------------------------------------- /po/fur.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/po/fur.mo -------------------------------------------------------------------------------- /po/gl.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/po/gl.mo -------------------------------------------------------------------------------- /po/hr.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/po/hr.mo -------------------------------------------------------------------------------- /po/hu.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/po/hu.mo -------------------------------------------------------------------------------- /po/id.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/po/id.mo -------------------------------------------------------------------------------- /po/it.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/po/it.mo -------------------------------------------------------------------------------- /po/ja.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/po/ja.mo -------------------------------------------------------------------------------- /po/ka.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/po/ka.mo -------------------------------------------------------------------------------- /po/ko.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/po/ko.mo -------------------------------------------------------------------------------- /po/nb.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/po/nb.mo -------------------------------------------------------------------------------- /po/nl.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/po/nl.mo -------------------------------------------------------------------------------- /po/nn.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/po/nn.mo -------------------------------------------------------------------------------- /po/pl.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/po/pl.mo -------------------------------------------------------------------------------- /po/pt.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/po/pt.mo -------------------------------------------------------------------------------- /po/ro.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/po/ro.mo -------------------------------------------------------------------------------- /po/ru.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/po/ru.mo -------------------------------------------------------------------------------- /po/sk.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/po/sk.mo -------------------------------------------------------------------------------- /po/sl.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/po/sl.mo -------------------------------------------------------------------------------- /po/sq.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/po/sq.mo -------------------------------------------------------------------------------- /po/sr.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/po/sr.mo -------------------------------------------------------------------------------- /po/sv.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/po/sv.mo -------------------------------------------------------------------------------- /po/tr.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/po/tr.mo -------------------------------------------------------------------------------- /po/uk.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/po/uk.mo -------------------------------------------------------------------------------- /po/vi.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/po/vi.mo -------------------------------------------------------------------------------- /po/yue.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/po/yue.mo -------------------------------------------------------------------------------- /.github/FUNDING.yml: -------------------------------------------------------------------------------- 1 | github: sudo-project 2 | open_collective: sudo-project 3 | -------------------------------------------------------------------------------- /lib/iolog/regress/iolog_filter/test1/ttyin: -------------------------------------------------------------------------------- 1 | A new password? A bad password...  -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_io_plugin_command_log.stderr: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_io_plugin_version_display.stderr: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_loading_fails_missing_classname.stdout: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_loading_fails_not_owned_by_root.stdout: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_loading_fails_wrong_classname.stdout: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test10.out.ok: -------------------------------------------------------------------------------- 1 | Defaults!PAGERS noexec 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test20.out.ok: -------------------------------------------------------------------------------- 1 | user2 ALL = /usr/bin/id 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test8.out.ok: -------------------------------------------------------------------------------- 1 | Defaults>root !set_logname 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test12.toke.ok: -------------------------------------------------------------------------------- 1 | WORD(6) ALL = ( ALL ) 2 | <*> -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test13.toke.ok: -------------------------------------------------------------------------------- 1 | WORD(6) ALL = ( ALL ) 2 | <*> -------------------------------------------------------------------------------- /po/pt_BR.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/po/pt_BR.mo -------------------------------------------------------------------------------- /po/zh_CN.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/po/zh_CN.mo -------------------------------------------------------------------------------- /po/zh_TW.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/po/zh_TW.mo -------------------------------------------------------------------------------- /lib/iolog/regress/iolog_filter/test2/ttyin: -------------------------------------------------------------------------------- 1 | test123 echo hi ereherethere!  -------------------------------------------------------------------------------- /lib/util/regress/sudo_parseln/test3.out.ok: -------------------------------------------------------------------------------- 1 | 1 line continuation at EOF 2 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_policy_plugin_denied_execution.stdout: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_policy_plugin_failed_execution.stdout: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_policy_plugin_version_display.stderr: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test15.toke.ok: -------------------------------------------------------------------------------- 1 | # 2 | WORD(6) ALL = COMMAND ARG 3 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/visudo/test8.out.ok: -------------------------------------------------------------------------------- 1 | parse error in stdin near line 1 2 | -------------------------------------------------------------------------------- /lib/iolog/regress/iolog_filter/test1/ttyin.filtered: -------------------------------------------------------------------------------- 1 | *************** ***************** * -------------------------------------------------------------------------------- /lib/iolog/regress/iolog_filter/test3/ttyin: -------------------------------------------------------------------------------- 1 | not a password nope, sorry try again please -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_io_plugin_failed_to_start_command.stderr: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_policy_plugin_accepted_execution.stderr: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test15.out.ok: -------------------------------------------------------------------------------- 1 | user1 host1, host2, host3 = ALL 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/visudo/test2.err.ok: -------------------------------------------------------------------------------- 1 | stdin:1:12: cycle in User_Alias "FOO" 2 | -------------------------------------------------------------------------------- /lib/iolog/regress/iolog_filter/test2/ttyin.filtered: -------------------------------------------------------------------------------- 1 | ******* echo hi ereherethere!  -------------------------------------------------------------------------------- /lib/iolog/regress/iolog_filter/test3/ttyin.filtered: -------------------------------------------------------------------------------- 1 | ************** *********** **************** -------------------------------------------------------------------------------- /lib/util/regress/sudo_parseln/test6.out.ok: -------------------------------------------------------------------------------- 1 | 1 leading and trailing white space 2 | 2 3 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_conversation_plugin_reason_log_with_suspend.stderr: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test15.out.ok: -------------------------------------------------------------------------------- 1 | Parses OK 2 | 3 | user ALL = sudoedit /etc/motd 4 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test25.toke.ok: -------------------------------------------------------------------------------- 1 | # 2 | # 3 | WORD(6) ALL = CWD = WORD(5) COMMAND <*> -------------------------------------------------------------------------------- /etc/macos-background.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/etc/macos-background.png -------------------------------------------------------------------------------- /lib/util/regress/sudo_parseln/test6.in: -------------------------------------------------------------------------------- 1 | leading and trailing white space 2 | # a comment 3 | \ 4 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_conversation_plugin_reason_log_without_suspend.stderr: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /plugins/sudoers/po/ast.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/plugins/sudoers/po/ast.mo -------------------------------------------------------------------------------- /plugins/sudoers/po/ca.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/plugins/sudoers/po/ca.mo -------------------------------------------------------------------------------- /plugins/sudoers/po/cs.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/plugins/sudoers/po/cs.mo -------------------------------------------------------------------------------- /plugins/sudoers/po/da.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/plugins/sudoers/po/da.mo -------------------------------------------------------------------------------- /plugins/sudoers/po/de.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/plugins/sudoers/po/de.mo -------------------------------------------------------------------------------- /plugins/sudoers/po/el.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/plugins/sudoers/po/el.mo -------------------------------------------------------------------------------- /plugins/sudoers/po/eo.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/plugins/sudoers/po/eo.mo -------------------------------------------------------------------------------- /plugins/sudoers/po/es.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/plugins/sudoers/po/es.mo -------------------------------------------------------------------------------- /plugins/sudoers/po/eu.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/plugins/sudoers/po/eu.mo -------------------------------------------------------------------------------- /plugins/sudoers/po/fa.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/plugins/sudoers/po/fa.mo -------------------------------------------------------------------------------- /plugins/sudoers/po/fi.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/plugins/sudoers/po/fi.mo -------------------------------------------------------------------------------- /plugins/sudoers/po/fr.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/plugins/sudoers/po/fr.mo -------------------------------------------------------------------------------- /plugins/sudoers/po/fur.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/plugins/sudoers/po/fur.mo -------------------------------------------------------------------------------- /plugins/sudoers/po/hr.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/plugins/sudoers/po/hr.mo -------------------------------------------------------------------------------- /plugins/sudoers/po/hu.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/plugins/sudoers/po/hu.mo -------------------------------------------------------------------------------- /plugins/sudoers/po/id.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/plugins/sudoers/po/id.mo -------------------------------------------------------------------------------- /plugins/sudoers/po/it.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/plugins/sudoers/po/it.mo -------------------------------------------------------------------------------- /plugins/sudoers/po/ja.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/plugins/sudoers/po/ja.mo -------------------------------------------------------------------------------- /plugins/sudoers/po/ka.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/plugins/sudoers/po/ka.mo -------------------------------------------------------------------------------- /plugins/sudoers/po/ko.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/plugins/sudoers/po/ko.mo -------------------------------------------------------------------------------- /plugins/sudoers/po/lt.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/plugins/sudoers/po/lt.mo -------------------------------------------------------------------------------- /plugins/sudoers/po/nb.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/plugins/sudoers/po/nb.mo -------------------------------------------------------------------------------- /plugins/sudoers/po/nl.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/plugins/sudoers/po/nl.mo -------------------------------------------------------------------------------- /plugins/sudoers/po/pl.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/plugins/sudoers/po/pl.mo -------------------------------------------------------------------------------- /plugins/sudoers/po/pt.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/plugins/sudoers/po/pt.mo -------------------------------------------------------------------------------- /plugins/sudoers/po/ro.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/plugins/sudoers/po/ro.mo -------------------------------------------------------------------------------- /plugins/sudoers/po/ru.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/plugins/sudoers/po/ru.mo -------------------------------------------------------------------------------- /plugins/sudoers/po/sk.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/plugins/sudoers/po/sk.mo -------------------------------------------------------------------------------- /plugins/sudoers/po/sl.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/plugins/sudoers/po/sl.mo -------------------------------------------------------------------------------- /plugins/sudoers/po/sr.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/plugins/sudoers/po/sr.mo -------------------------------------------------------------------------------- /plugins/sudoers/po/sv.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/plugins/sudoers/po/sv.mo -------------------------------------------------------------------------------- /plugins/sudoers/po/tr.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/plugins/sudoers/po/tr.mo -------------------------------------------------------------------------------- /plugins/sudoers/po/uk.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/plugins/sudoers/po/uk.mo -------------------------------------------------------------------------------- /plugins/sudoers/po/vi.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/plugins/sudoers/po/vi.mo -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test32.err.ok: -------------------------------------------------------------------------------- 1 | cvtsudoers: too many sudoers entries, maximum 10 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test4.out.ok: -------------------------------------------------------------------------------- 1 | 2 | User_Alias BAR = bar 3 | User_Alias FOO = foo 4 | -------------------------------------------------------------------------------- /lib/util/regress/sudo_parseln/test4.in: -------------------------------------------------------------------------------- 1 | line contin\ 2 | uation raw 3 | line contin\ 4 | uation indented 5 | -------------------------------------------------------------------------------- /plugins/sudoers/po/pt_BR.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/plugins/sudoers/po/pt_BR.mo -------------------------------------------------------------------------------- /plugins/sudoers/po/zh_CN.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/plugins/sudoers/po/zh_CN.mo -------------------------------------------------------------------------------- /plugins/sudoers/po/zh_TW.mo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sudo-project/sudo/HEAD/plugins/sudoers/po/zh_TW.mo -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test9.out.ok: -------------------------------------------------------------------------------- 1 | Defaults@SERVERS log_year, logfile=/var/log/sudo.log 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test15.ldif2sudo.ok: -------------------------------------------------------------------------------- 1 | # sudoRole user 2 | user ALL = sudoedit /etc/motd 3 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test16.ldif2sudo.ok: -------------------------------------------------------------------------------- 1 | # sudoRole user 2 | user ALL = sudoedit /etc/motd 3 | -------------------------------------------------------------------------------- /lib/util/regress/sudo_parseln/test4.out.ok: -------------------------------------------------------------------------------- 1 | 2 line continuation raw 2 | 4 line continuation indented 3 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test16.toke.ok: -------------------------------------------------------------------------------- 1 | # 2 | CMNDALIAS ALIAS = COMMAND ARG 3 | WORD(6) ALL = ALIAS 4 | -------------------------------------------------------------------------------- /src/intercept.exp.in: -------------------------------------------------------------------------------- 1 | @INTERCEPT_EXP@execl 2 | execle 3 | execlp 4 | execv 5 | execve 6 | execvp 7 | system 8 | -------------------------------------------------------------------------------- /lib/util/regress/sudo_conf/test5.err.ok: -------------------------------------------------------------------------------- 1 | conf_test: invalid max groups "0" in regress/sudo_conf/test5.in, line 1 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test7.out.ok: -------------------------------------------------------------------------------- 1 | Defaults:FULLTIMERS !lecture 2 | Defaults:millert !authenticate 3 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test15.in: -------------------------------------------------------------------------------- 1 | # Test parsing of sudoedit rule 2 | user ALL = sudoedit /etc/motd 3 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/visudo/test8.err.ok: -------------------------------------------------------------------------------- 1 | visudo: stdin:1: value "2.5" is invalid for option "passwd_timeout" 2 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_conversation_plugin_user_interrupts.stderr: -------------------------------------------------------------------------------- 1 | You did not answer in time 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test8.out.ok: -------------------------------------------------------------------------------- 1 | 2 | User_Alias UA1 = xy 3 | User_Alias UA2 = xy 4 | User_Alias UA3 = x\"y 5 | -------------------------------------------------------------------------------- /docs/fixmdoc.sed: -------------------------------------------------------------------------------- 1 | # Replace "0 minutes" with "unlimited" 2 | /^\.Li 0$/ { 3 | N 4 | s/^\.Li 0\nminutes\.$/unlimited./ 5 | } 6 | -------------------------------------------------------------------------------- /lib/iolog/regress/iolog_filter/test1/log: -------------------------------------------------------------------------------- 1 | 1645151020:millert:root::/dev/ttypb:24:80 2 | /home/millert 3 | /usr/bin/passwd 4 | -------------------------------------------------------------------------------- /lib/util/regress/sudo_parseln/test2.out.ok: -------------------------------------------------------------------------------- 1 | 3 this is all one line 2 | 4 3 | 8 trim the leading white space 4 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_policy_plugin_denied_execution.stderr: -------------------------------------------------------------------------------- 1 | You are not allowed to run this command! 2 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_policy_plugin_version_display.stdout: -------------------------------------------------------------------------------- 1 | Python Example Policy Plugin version: 1.0 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/corpus/seed/policy/policy.2: -------------------------------------------------------------------------------- 1 | # Minimal test case 2 | user=root 3 | uid=0 4 | gid=0 5 | host=localhost 6 | -------------------------------------------------------------------------------- /lib/iolog/regress/corpus/seed/log_legacy/mailq.log: -------------------------------------------------------------------------------- 1 | 1584884264:millert:root::/dev/ttyp3:24:80 2 | /home/millert 3 | /usr/bin/mailq 4 | -------------------------------------------------------------------------------- /lib/iolog/regress/iolog_filter/test2/log: -------------------------------------------------------------------------------- 1 | 1645153850:millert:millert::/dev/ttypb:24:80 2 | /home/millert 3 | /usr/bin/su testdude 4 | -------------------------------------------------------------------------------- /lib/util/regress/sudo_conf/test4.err.ok: -------------------------------------------------------------------------------- 1 | conf_test: invalid value for disable_coredump "foo" in regress/sudo_conf/test4.in, line 1 2 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_debugging_sudo_cb@info.log: -------------------------------------------------------------------------------- 1 | Skipping close call, because there was no command run 2 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_io_plugin_version_display.stored: -------------------------------------------------------------------------------- 1 | -- Plugin STARTED -- 2 | -- Plugin DESTROYED -- 3 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_policy_plugin_accepted_execution.stdout: -------------------------------------------------------------------------------- 1 | The command returned with exit_status 3 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test16.out.ok: -------------------------------------------------------------------------------- 1 | Parses OK 2 | 3 | Cmnd_Alias EDIT = sudoedit /etc/motd 4 | 5 | user ALL = EDIT 6 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test18.out.ok: -------------------------------------------------------------------------------- 1 | 2 | Defaults command_timeout=2d8h10m59ss 3 | Defaults:root command_timeout=15f 4 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_loading_fails_wrong_path.stderr: -------------------------------------------------------------------------------- 1 | Failed during loading plugin class: No module named 'wrong_path' 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test5.in: -------------------------------------------------------------------------------- 1 | # Test empty string in User_Alias and Command_Spec 2 | User_Alias FOO = "" 3 | "" ALL = ALL 4 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/visudo/test3.err.ok: -------------------------------------------------------------------------------- 1 | Warning: stdin:1:12: unused User_Alias "A" 2 | Warning: stdin:2:12: unused User_Alias "B" 3 | -------------------------------------------------------------------------------- /lib/iolog/regress/corpus/seed/log_legacy/less.log: -------------------------------------------------------------------------------- 1 | 1611859113:bob:bob:ldap:/dev/console:24:80 2 | /var/tmp 3 | /usr/bin/less /etc/ldapd.conf 4 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test5.toke.ok: -------------------------------------------------------------------------------- 1 | # 2 | USERALIAS ALIAS = BEGINSTR ENDSTR ERROR <*> 3 | BEGINSTR ENDSTR ERROR <*> ALL = ALL 4 | -------------------------------------------------------------------------------- /lib/iolog/regress/corpus/seed/log_legacy/ls.log: -------------------------------------------------------------------------------- 1 | 1584790549:millert:root::/dev/ttyp3:24:80 2 | /usr/src/local/millert/hg/sudo/1.7 3 | /bin/ls 4 | -------------------------------------------------------------------------------- /lib/iolog/regress/iolog_filter/test2/ttyout: -------------------------------------------------------------------------------- 1 | Password: 2 | xerxes$ echo hi ere   here    there! 3 | hi there! 4 | xerxes$ ^D 5 | -------------------------------------------------------------------------------- /lib/iolog/regress/corpus/seed/log_legacy/vi.log: -------------------------------------------------------------------------------- 1 | 1611849879:alice:root::/dev/pts/0:24:80 2 | /export/home/alice 3 | /usr/bin/vi /etc/nsswitch.conf 4 | -------------------------------------------------------------------------------- /lib/util/regress/sudo_conf/test2.out.ok: -------------------------------------------------------------------------------- 1 | Set disable_coredump true 2 | Set group_source adaptive 3 | Set max_groups -1 4 | Set probe_interfaces true 5 | -------------------------------------------------------------------------------- /lib/util/regress/sudo_conf/test4.out.ok: -------------------------------------------------------------------------------- 1 | Set disable_coredump true 2 | Set group_source adaptive 3 | Set max_groups -1 4 | Set probe_interfaces true 5 | -------------------------------------------------------------------------------- /lib/util/regress/sudo_conf/test5.out.ok: -------------------------------------------------------------------------------- 1 | Set disable_coredump true 2 | Set group_source adaptive 3 | Set max_groups -1 4 | Set probe_interfaces true 5 | -------------------------------------------------------------------------------- /lib/util/regress/sudo_conf/test6.out.ok: -------------------------------------------------------------------------------- 1 | Set disable_coredump true 2 | Set group_source adaptive 3 | Set max_groups 16 4 | Set probe_interfaces true 5 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_conversation_plugin_user_interrupts.stdout: -------------------------------------------------------------------------------- 1 | Please provide your reason for executing ('/bin/whoami',) 2 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_io_plugin_command_log_multiple.stderr: -------------------------------------------------------------------------------- 1 | sudo: loading more than 8 sudo python IO plugins is not supported 2 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_policy_plugin_failed_execution.stderr: -------------------------------------------------------------------------------- 1 | Failed to execute command, execve syscall returned 2 (ENOENT) 2 | -------------------------------------------------------------------------------- /plugins/sudoers/sudoers.exp: -------------------------------------------------------------------------------- 1 | sudoers_policy 2 | sudoers_io 3 | sudoers_audit 4 | sudo_getgrgid 5 | sudo_getgrnam 6 | sudo_gr_addref 7 | sudo_gr_delref 8 | -------------------------------------------------------------------------------- /lib/iolog/regress/iolog_filter/test3/log: -------------------------------------------------------------------------------- 1 | 1645201461:millert:root::/dev/ttyp0:24:80 2 | /home/millert 3 | /usr/bin/ssh -oPubkeyAuthentication=no localhost 4 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_audit_plugin_workflow_multiple.stderr: -------------------------------------------------------------------------------- 1 | sudo: loading more than 8 sudo python audit plugins is not supported 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test16.in: -------------------------------------------------------------------------------- 1 | # Test parsing of sudoedit rule in a Cmnd_Alias 2 | Cmnd_Alias EDIT = sudoedit /etc/motd 3 | user ALL = EDIT 4 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test30.sudo.ok: -------------------------------------------------------------------------------- 1 | user1 ALL = list 2 | 3 | list ALL = ALL 4 | 5 | user2 ALL = (list : list) ALL 6 | 7 | user3 list = ALL 8 | -------------------------------------------------------------------------------- /lib/iolog/regress/corpus/seed/log_legacy/smtpctl.log: -------------------------------------------------------------------------------- 1 | 1666108884:aemon:root::/dev/pts/4:64:128 2 | /home/aemon 3 | /usr/sbin/smtpctl remove 272a4d27e1fd732e 4 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_conversation_plugin_reason_log_without_suspend.stdout: -------------------------------------------------------------------------------- 1 | Please provide your reason for executing ('/bin/whoami',) 2 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_io_plugin_command_log.stdout: -------------------------------------------------------------------------------- 1 | Example sudo python plugin will log to /tmp/sudo_check_python_exampleXXXXXX/sudo.log 2 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_multiple_approval_plugin_and_arguments.stderr: -------------------------------------------------------------------------------- 1 | sudo: loading more than 8 sudo python approval plugins is not supported 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test29.out.ok: -------------------------------------------------------------------------------- 1 | Defaults log_output 2 | 3 | # sudoRole millert, millert2 4 | millert ALL = (ALL : ALL) ALL, NOPASSWD: ALL 5 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test30.out.ok: -------------------------------------------------------------------------------- 1 | Parses OK 2 | 3 | user1 ALL = list 4 | list ALL = ALL 5 | user2 ALL = (list : list) ALL 6 | user3 list = ALL 7 | -------------------------------------------------------------------------------- /lib/iolog/regress/corpus/seed/log_legacy/id.log: -------------------------------------------------------------------------------- 1 | 1603746837:millert:root::/dev/ttypb:24:80 2 | /usr/src/local/millert/sudo/trunk/lib/eventlog/regress 3 | /usr/bin/id 4 | -------------------------------------------------------------------------------- /lib/iolog/regress/corpus/seed/log_legacy/pkg_add.log: -------------------------------------------------------------------------------- 1 | 1595281300:millert:root::/dev/ttypd:24:80 2 | /usr/src/local/Music/chordpro 3 | /usr/sbin/pkg_add p5-PDF-API2 4 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_conversation_plugin_user_interrupts.conv: -------------------------------------------------------------------------------- 1 | Question count: 2 2 | Question 0: <> (timeout: 120, msg_type=2) 3 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_loading_fails_wrong_classname.stderr: -------------------------------------------------------------------------------- 1 | Failed to find plugin class 'MispelledPluginName' 2 | Failed during loading plugin class 3 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test4.toke.ok: -------------------------------------------------------------------------------- 1 | # 2 | USERALIAS ALIAS = WORD(6) : ALIAS = WORD(6) 3 | 4 | # 5 | USERALIAS ALIAS = WORD(6) ERROR <*> ALIAS = WORD(6) 6 | -------------------------------------------------------------------------------- /lib/iolog/regress/corpus/seed/log_legacy/pkg_delete.log: -------------------------------------------------------------------------------- 1 | 1595620314:millert:root::/dev/ttypd:24:80 2 | /usr/ports/textproc/chordpro/pkg 3 | /usr/sbin/pkg_delete chordpro 4 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_conversation_plugin_user_interrupts.conversation: -------------------------------------------------------------------------------- 1 | Question count: 2 2 | Question 0: <> (timeout: 120, msg_type=2) 3 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test22.out.ok: -------------------------------------------------------------------------------- 1 | Parses OK 2 | 3 | user1 ALL = (root) ALL 4 | user2 ALL = (root) ALL 5 | user3 ALL = (root) ALL 6 | user4 ALL = (root) ALL 7 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test22.toke.ok: -------------------------------------------------------------------------------- 1 | # 2 | 3 | WORD(6) ALL = ( : ) ALL 4 | WORD(6) ALL = ( : ) ALL 5 | WORD(6) ALL = ( ) ALL 6 | WORD(6) ALL = ( ) ALL 7 | -------------------------------------------------------------------------------- /lib/iolog/regress/corpus/seed/log_legacy/printenv.log: -------------------------------------------------------------------------------- 1 | 1601411718:testdude:root::/dev/ttypb:24:80 2 | /usr/src/local/millert/sudo/trunk/plugins/sudoers 3 | /usr/bin/printenv 4 | -------------------------------------------------------------------------------- /lib/util/regress/sudo_conf/test3.in: -------------------------------------------------------------------------------- 1 | Plugin sudoers_policy sudoers.so sudoers_file=/etc/sudoers sudoers_mode=0400 sudoers_gid=0 sudoers_uid=0 2 | Plugin sudoers_io sudoers.so 3 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_io_plugin_failed_to_start_command.stdout: -------------------------------------------------------------------------------- 1 | Example sudo python plugin will log to /tmp/sudo_check_python_exampleXXXXXX/sudo.log 2 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_loading_fails_not_owned_by_root.stderr: -------------------------------------------------------------------------------- 1 | Failed during loading plugin class: File 'SRC_DIR/example_debugging.py' must be owned by uid 0 2 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_loading_succeeds_with_missing_classname.stdout: -------------------------------------------------------------------------------- 1 | Python io plugin (API 1.0): DebugDemoPlugin (loaded from 'SRC_DIR/example_debugging.py') 2 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test22.in: -------------------------------------------------------------------------------- 1 | # Test parsing of empty Runas_List 2 | 3 | user1 ALL = ( : ) ALL 4 | user2 ALL = (:) ALL 5 | user3 ALL = ( ) ALL 6 | user4 ALL = () ALL 7 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/testsudoers/test4.out.ok: -------------------------------------------------------------------------------- 1 | testsudoers: test2.inc should be owned by uid 1 2 | 3 | Entries for user root: 4 | 5 | Password required 6 | 7 | Parse error 8 | -------------------------------------------------------------------------------- /lib/iolog/regress/corpus/seed/log_legacy/make.log: -------------------------------------------------------------------------------- 1 | 1584977889:millert:root::/dev/ttypi:24:80 2 | /home/millert/tmp/src/usr.bin/sort 3 | /usr/bin/make -C /usr/src/usr.bin/sort install 4 | -------------------------------------------------------------------------------- /lib/util/regress/sudo_parseln/test2.in: -------------------------------------------------------------------------------- 1 | this \ 2 | is all \ 3 | one line 4 | # this is a comment, and does not get continued\ 5 | trim the \ 6 | leading \ 7 | white \ 8 | space 9 | -------------------------------------------------------------------------------- /plugins/python/python_plugin.exp: -------------------------------------------------------------------------------- 1 | group_plugin 2 | python_approval 3 | python_approval_clone 4 | python_audit 5 | python_audit_clone 6 | python_io 7 | python_io_clone 8 | python_policy 9 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_conversation_plugin_reason_log_with_suspend.stored: -------------------------------------------------------------------------------- 1 | Executed /bin/whoami 2 | Reason: my fake reason 3 | Hidden reason: my real secret reason 4 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_conversation_plugin_reason_log_without_suspend.stored: -------------------------------------------------------------------------------- 1 | Executed /bin/whoami 2 | Reason: my fake reason 3 | Hidden reason: my real secret reason 4 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_debugging_plugin@err.log: -------------------------------------------------------------------------------- 1 | My demo purpose plugin shows this ERROR level debug message 2 | Python log system shows this ERROR level debug message 3 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test6.ldif2sudo.ok: -------------------------------------------------------------------------------- 1 | # sudoRole #0, #0_1, #0_2, #0_3 2 | #0 ALL = ALL, (#0 : #0) ALL, ALL, (#0 : #0) ALL 3 | 4 | # sudoRole %#0, %#0_1 5 | %#0 ALL = ALL, ALL 6 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test4.out.ok: -------------------------------------------------------------------------------- 1 | Defaults syslog=auth 2 | Defaults>root !set_logname 3 | Defaults!/usr/bin/more, /usr/bin/pg, /usr/bin/less noexec 4 | 5 | %wheel ALL = (ALL) ALL 6 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_loading_fails_missing_path.stderr: -------------------------------------------------------------------------------- 1 | No python module path is specified. Use 'ModulePath' plugin config option in 'sudo.conf' 2 | Failed during loading plugin class 3 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test25.in: -------------------------------------------------------------------------------- 1 | # Test continuation character when there is nothing to continue 2 | # Used to leak "~ron" when run under address sanitizer 3 | foo ALL = CWD=~ron /bin/ls \ 4 | -------------------------------------------------------------------------------- /lib/iolog/regress/corpus/seed/timing/timing.4: -------------------------------------------------------------------------------- 1 | 2 0.025750192 5 2 | 0 0.670737828 2 3 | 0 2.832110312 2 4 | 0 0.903947334 2 5 | 0 1.727798521 3 6 | 0 2.040329883 2 7 | 2 0.001192523 2 8 | 1 0.001253839 77 9 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_debugging_load@diag.log: -------------------------------------------------------------------------------- 1 | importing module: SRC_DIR/example_debugging.py 2 | Extending python 'path' with 'SRC_DIR' 3 | Deinit was called for a python plugin 4 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_io_plugin_fails_with_python_backtrace.stderr: -------------------------------------------------------------------------------- 1 | Failed to construct plugin instance: [Errno 2] No such file or directory: '/some/not/writable/directory/sudo.log' 2 | -------------------------------------------------------------------------------- /lib/iolog/regress/iolog_filter/test1/ttyout: -------------------------------------------------------------------------------- 1 | Changing password for millert. 2 | New password: 3 | Retype new password: 4 | Mismatch; try again, EOF to quit. 5 | New password: 6 | 7 | Password unchanged. 8 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_io_plugin_version_display.stdout: -------------------------------------------------------------------------------- 1 | Example sudo python plugin will log to /tmp/sudo_check_python_exampleXXXXXX/sudo.log 2 | Python Example IO Plugin version: 1.0 3 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test30.toke.ok: -------------------------------------------------------------------------------- 1 | # 2 | # 3 | 4 | WORD(6) ALL = WORD(6) 5 | 6 | WORD(6) ALL = ALL 7 | 8 | WORD(6) ALL = ( WORD(6) : WORD(6) ) ALL 9 | 10 | WORD(6) WORD(6) = ALL 11 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test33.out.ok: -------------------------------------------------------------------------------- 1 | Defaults log_output 2 | 3 | # sudoRole root 4 | root ALL = (ALL : ALL) NOPASSWD: ALL 5 | 6 | # sudoRole millert 7 | millert ALL = (ALL, !bin, !root : ALL, !wheel) ALL 8 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/testsudoers/test1.out.ok: -------------------------------------------------------------------------------- 1 | Parses OK 2 | 3 | Entries for user root: 4 | 5 | ALL = ALL 6 | host allowed 7 | runas unmatched 8 | 9 | Password required 10 | 11 | Command unmatched 12 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test3.out.ok: -------------------------------------------------------------------------------- 1 | Parses OK 2 | 3 | Defaults:FOO env_reset 4 | Defaults:foo, bar env_reset 5 | Defaults:foo, " bar" env_reset 6 | Defaults:foo, bar env_reset 7 | 8 | User_Alias FOO = foo, bar 9 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/testsudoers/test22.out.ok: -------------------------------------------------------------------------------- 1 | Parses OK 2 | 3 | Entries for user admin: 4 | 5 | ALL = /bin/ls 6 | host allowed 7 | runas unmatched 8 | 9 | Password required 10 | 11 | Command unmatched 12 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test20.conf: -------------------------------------------------------------------------------- 1 | defaults = global 2 | expand_aliases = yes 3 | input_format = sudoers 4 | match = user=user2 5 | output_format = sudoers 6 | prune_matches = yes 7 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test3.out.ok: -------------------------------------------------------------------------------- 1 | Defaults syslog=auth 2 | Defaults>root !set_logname 3 | Defaults!PAGERS noexec 4 | 5 | Cmnd_Alias PAGERS = /usr/bin/more, /usr/bin/pg, /usr/bin/less 6 | 7 | %wheel ALL = (ALL) ALL 8 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test7.in: -------------------------------------------------------------------------------- 1 | # These should all be syntax errors 2 | User_Alias FOO1 = "%" 3 | User_Alias FOO2 = "%:" 4 | User_Alias FOO3 = "+" 5 | User_Alias FOO4 = % 6 | User_Alias FOO5 = %: 7 | User_Alias FOO6 = + 8 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test8.in: -------------------------------------------------------------------------------- 1 | # Test quoted strings 2 | User_Alias UA1 = "xy" 3 | User_Alias UA2 = "x\ 4 | y" 5 | User_Alias UA3 = x\"y 6 | 7 | # A newline in the middle of a string is an error 8 | User_Alias UA4 = "x 9 | -------------------------------------------------------------------------------- /etc/codespell.ignore: -------------------------------------------------------------------------------- 1 | SOM 2 | VAS 3 | alloced 4 | anull 5 | clen 6 | edn 7 | exect 8 | fIDN 9 | fpt 10 | ist 11 | nome 12 | numer 13 | pleas 14 | sav 15 | servent 16 | siz 17 | statics 18 | thur 19 | toke 20 | vas 21 | wit 22 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_policy_plugin_version_display_full.stdout: -------------------------------------------------------------------------------- 1 | Python policy plugin (API 1.0): SudoPolicyPlugin (loaded from 'SRC_DIR/example_policy_plugin.py') 2 | Python Example Policy Plugin version: 1.0 3 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/testsudoers/test6.out.ok: -------------------------------------------------------------------------------- 1 | Parses OK 2 | 3 | Entries for user root: 4 | 5 | ALL = ALL 6 | host allowed 7 | runas allowed 8 | cmnd allowed 9 | 10 | Password required 11 | 12 | Command allowed 13 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/testsudoers/test7.out.ok: -------------------------------------------------------------------------------- 1 | Parses OK 2 | 3 | Entries for user root: 4 | 5 | ALL = ALL 6 | host allowed 7 | runas allowed 8 | cmnd allowed 9 | 10 | Password required 11 | 12 | Command allowed 13 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/testsudoers/test9.out.ok: -------------------------------------------------------------------------------- 1 | Parses OK 2 | 3 | Entries for user root: 4 | 5 | ALL = ALL 6 | host allowed 7 | runas allowed 8 | cmnd allowed 9 | 10 | Password required 11 | 12 | Command allowed 13 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/visudo/test5.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Test comment on the last line with no newline 4 | # 5 | 6 | : ${VISUDO=visudo} 7 | 8 | printf "# one comment\n#two comments" | $VISUDO -csf - 9 | 10 | exit 0 11 | -------------------------------------------------------------------------------- /docs/sudo.conf.man.in.sed: -------------------------------------------------------------------------------- 1 | s/^\(.TH .*\)/.nr SL @SEMAN@\ 2 | \1/ 3 | 4 | /^\.TP 6n$/ { 5 | N 6 | /^.TP 6n\nsesh$/ { 7 | i\ 8 | .if \\n(SL \\{\\ 9 | } 10 | } 11 | 12 | /^\\fI@sesh_file@\\fR\.$/ { 13 | a\ 14 | .\\} 15 | } 16 | -------------------------------------------------------------------------------- /lib/util/regress/sudo_conf/test7.in: -------------------------------------------------------------------------------- 1 | Debug sudo /var/log/sudo_debug all@info 2 | Debug sudo /var/log/sudo_debug util@debug 3 | Debug visudo /var/log/sudo_debug match@debug 4 | Debug sudoers.so /var/log/sudoers_debug match@debug,nss@info 5 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_conversation_plugin_reason_log_with_suspend.conversation: -------------------------------------------------------------------------------- 1 | Question count: 2 2 | Question 0: <> (timeout: 120, msg_type=2) 3 | Question 1: <> (timeout: 120, msg_type=5) 4 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_conversation_plugin_reason_log_with_suspend.stdout: -------------------------------------------------------------------------------- 1 | Please provide your reason for executing ('/bin/whoami',) 2 | conversation suspend: signal SIGTSTP 3 | conversation resume: signal was SIGCONT 4 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_python_plugins_do_not_affect_each_other.stdout: -------------------------------------------------------------------------------- 1 | PATH before: [] (should be empty) 2 | PATH set: ['path_for_first_plugin'] 3 | PATH before: [] (should be empty) 4 | PATH set: ['path_for_second_plugin'] 5 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test12.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Test that Aliases are removed when filtering by defaults type 4 | # 5 | 6 | : ${CVTSUDOERS=cvtsudoers} 7 | 8 | $CVTSUDOERS -c "" -f sudoers -d user $TESTDIR/sudoers.defs 9 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test13.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Test that Aliases are removed when filtering by defaults type 4 | # 5 | 6 | : ${CVTSUDOERS=cvtsudoers} 7 | 8 | $CVTSUDOERS -c "" -f sudoers -d host $TESTDIR/sudoers.defs 9 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test14.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Test that Aliases are removed when filtering by defaults type 4 | # 5 | 6 | : ${CVTSUDOERS=cvtsudoers} 7 | 8 | $CVTSUDOERS -c "" -f sudoers -d runas $TESTDIR/sudoers.defs 9 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/testsudoers/test16.out.ok: -------------------------------------------------------------------------------- 1 | Parses OK 2 | 3 | Entries for user root: 4 | 5 | ALL = (ALL) ALL 6 | host allowed 7 | runas allowed 8 | cmnd allowed 9 | 10 | Password required 11 | 12 | Command allowed 13 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_conversation_plugin_reason_log_without_suspend.conversation: -------------------------------------------------------------------------------- 1 | Question count: 2 2 | Question 0: <> (timeout: 120, msg_type=2) 3 | Question 1: <> (timeout: 120, msg_type=5) 4 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test11.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Test that Aliases are removed when filtering by defaults type 4 | # 5 | 6 | : ${CVTSUDOERS=cvtsudoers} 7 | 8 | $CVTSUDOERS -c "" -f sudoers -d command $TESTDIR/sudoers.defs 9 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test1.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Test user and host filters 4 | # 5 | 6 | : ${CVTSUDOERS=cvtsudoers} 7 | 8 | $CVTSUDOERS -c "" -f sudoers -m user=millert,host=hercules $TESTDIR/sudoers 9 | 10 | exit 0 11 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test3.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Test group and host filters 4 | # 5 | 6 | : ${CVTSUDOERS=cvtsudoers} 7 | 8 | $CVTSUDOERS -c "" -f sudoers -m group=wheel,host=blackhole $TESTDIR/sudoers 9 | 10 | exit 0 11 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test5.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Test defaults type filtering 4 | # 5 | 6 | : ${CVTSUDOERS=cvtsudoers} 7 | 8 | $CVTSUDOERS -c "" -f sudoers -s aliases,privileges -d all $TESTDIR/sudoers 9 | 10 | exit 0 11 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test7.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Test user defaults filtering 4 | # 5 | 6 | : ${CVTSUDOERS=cvtsudoers} 7 | 8 | $CVTSUDOERS -c "" -f sudoers -s aliases,privileges -d user $TESTDIR/sudoers 9 | 10 | exit 0 11 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test9.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Test host defaults filtering 4 | # 5 | 6 | : ${CVTSUDOERS=cvtsudoers} 7 | 8 | $CVTSUDOERS -c "" -f sudoers -s aliases,privileges -d host $TESTDIR/sudoers 9 | 10 | exit 0 11 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test15.ldif.ok: -------------------------------------------------------------------------------- 1 | dn: cn=user,ou=SUDOers,dc=sudo,dc=ws 2 | objectClass: top 3 | objectClass: sudoRole 4 | cn: user 5 | sudoUser: user 6 | sudoHost: ALL 7 | sudoCommand: sudoedit /etc/motd 8 | sudoOrder: 1 9 | 10 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test16.ldif.ok: -------------------------------------------------------------------------------- 1 | dn: cn=user,ou=SUDOers,dc=sudo,dc=ws 2 | objectClass: top 3 | objectClass: sudoRole 4 | cn: user 5 | sudoUser: user 6 | sudoHost: ALL 7 | sudoCommand: sudoedit /etc/motd 8 | sudoOrder: 1 9 | 10 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/testsudoers/test6.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Verify sudoers matching by uid. 4 | # 5 | 6 | : ${TESTSUDOERS=testsudoers} 7 | 8 | exec 2>&1 9 | $TESTSUDOERS root id <&1 9 | $TESTSUDOERS root id <root !set_logname 3 | Defaults:FULLTIMERS !lecture 4 | Defaults:millert !authenticate 5 | Defaults@SERVERS log_year, logfile=/var/log/sudo.log 6 | Defaults!PAGERS noexec 7 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test6.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Test global defaults filtering 4 | # 5 | 6 | : ${CVTSUDOERS=cvtsudoers} 7 | 8 | $CVTSUDOERS -c "" -f sudoers -s aliases,privileges -d global $TESTDIR/sudoers 9 | 10 | exit 0 11 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test8.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Test runas defaults filtering 4 | # 5 | 6 | : ${CVTSUDOERS=cvtsudoers} 7 | 8 | $CVTSUDOERS -c "" -f sudoers -s aliases,privileges -d runas $TESTDIR/sudoers 9 | 10 | exit 0 11 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test22.ldif2sudo.ok: -------------------------------------------------------------------------------- 1 | # sudoRole user1 2 | user1 ALL = () ALL 3 | 4 | # sudoRole user2 5 | user2 ALL = () ALL 6 | 7 | # sudoRole user3 8 | user3 ALL = () ALL 9 | 10 | # sudoRole user4 11 | user4 ALL = () ALL 12 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test3.toke.ok: -------------------------------------------------------------------------------- 1 | # 2 | USERALIAS ALIAS = WORD(6) , WORD(6) 3 | DEFAULTS_USER ALIAS DEFVAR 4 | DEFAULTS_USER WORD(6) , WORD(6) DEFVAR 5 | DEFAULTS_USER WORD(6) , WORD(6) DEFVAR 6 | DEFAULTS_USER WORD(6) , WORD(6) DEFVAR 7 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test30.ldif2sudo.ok: -------------------------------------------------------------------------------- 1 | # sudoRole user1 2 | user1 ALL = list 3 | 4 | # sudoRole list 5 | list ALL = ALL 6 | 7 | # sudoRole user2 8 | user2 ALL = (list : list) ALL 9 | 10 | # sudoRole user3 11 | user3 list = ALL 12 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test31.toke.ok: -------------------------------------------------------------------------------- 1 | # 2 | 3 | WORD(6) ALL = ROLE = WORD(6) TYPE = WORD(6) ALL 4 | 5 | WORD(6) ALL = APPARMOR_PROFILE = WORD(6) COMMAND 6 | 7 | WORD(6) ALL = PRIVS = BEGINSTR STRBODY ENDSTR WORD(4) LIMITPRIVS = WORD(6) ALL 8 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_io_plugin_command_log_multiple.stdout: -------------------------------------------------------------------------------- 1 | Example sudo python plugin will log to /tmp/sudo_check_python_exampleXXXXXX/sudo.log 2 | Example sudo python plugin will log to /tmp/sudo_check_python_exampleXXXXXX2/sudo.log 3 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test10.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Test command defaults filtering 4 | # 5 | 6 | : ${CVTSUDOERS=cvtsudoers} 7 | 8 | $CVTSUDOERS -c "" -f sudoers -s aliases,privileges -d command $TESTDIR/sudoers 9 | 10 | exit 0 11 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test19.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Test filters and pruning; alias contents don't get pruned 4 | # 5 | 6 | : ${CVTSUDOERS=cvtsudoers} 7 | 8 | $CVTSUDOERS -c "" -f sudoers -p -m user=FULLTIMERS,host=SERVERS $TESTDIR/sudoers 9 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test4.in: -------------------------------------------------------------------------------- 1 | # Test line continuation with anchored matches 2 | User_Alias FOO = foo \ 3 | : BAR = bar 4 | 5 | # This used to pass for sudo < 1.8.1 (though it should not have) 6 | User_Alias FOO = foo \ 7 | User_Alias BAR = bar 8 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test8.toke.ok: -------------------------------------------------------------------------------- 1 | # 2 | USERALIAS ALIAS = BEGINSTR STRBODY ENDSTR WORD(4) 3 | USERALIAS ALIAS = BEGINSTR STRBODY STRBODY ENDSTR WORD(4) 4 | USERALIAS ALIAS = WORD(6) 5 | 6 | # 7 | USERALIAS ALIAS = BEGINSTR STRBODY ERROR <*> 8 | -------------------------------------------------------------------------------- /lib/iolog/regress/corpus/seed/timing/timing.7: -------------------------------------------------------------------------------- 1 | 3 0.731998581 1 2 | 4 0.001916416 2 3 | 7 0.002850082 TSTP 4 | 7 0.683456735 CONT 5 | 3 0.688967687 1 6 | 4 0.001667674 2 7 | 7 0.002277631 TSTP 8 | 7 0.515107145 CONT 9 | 3 0.343713993 1 10 | 4 0.002050968 2 11 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/corpus/seed/ldif/pr196.ldif: -------------------------------------------------------------------------------- 1 | # Exercise the fix for https://github.com/sudo-project/sudo/pull/169 2 | # 3 | # If the last byte of the input file was a backslash, the parser would 4 | # read past the end of the buffer. 5 | # 6 | dn: cn= Manager\ -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test40.out.ok: -------------------------------------------------------------------------------- 1 | dn: cn=user0,ou=SUDOers,dc=sudo,dc=ws 2 | objectClass: top 3 | objectClass: sudoRole 4 | cn: user0 5 | sudoUser: user0 6 | sudoHost: A00 7 | sudoRunAsUser: 0 8 | sudoCommand: /bin/ls 9 | sudoOrder: 1 10 | 11 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test3.in: -------------------------------------------------------------------------------- 1 | # Test whitespace in User_List as part of a per-user Defaults entry 2 | User_Alias FOO = foo, bar 3 | Defaults:FOO env_reset 4 | Defaults:foo,bar env_reset 5 | Defaults:foo,\ bar env_reset 6 | Defaults:foo, bar env_reset 7 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/testsudoers/test21.out.ok: -------------------------------------------------------------------------------- 1 | Parses OK 2 | 3 | Entries for user admin: 4 | 5 | ALL = (USERALIAS : GROUPALIAS) /bin/ls 6 | host allowed 7 | runas allowed 8 | cmnd allowed 9 | 10 | Password required 11 | 12 | Command allowed 13 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/testsudoers/test4.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Test sudoers owner check 4 | # 5 | 6 | : ${TESTSUDOERS=testsudoers} 7 | 8 | exec 2>&1 9 | $TESTSUDOERS -U 1 root id < 6 | 7 | WORD(6) ALL = WORD(6) <*> 8 | 9 | WORD(6) ALL = COMMAND ARG REGEX ERROR <*> 10 | 11 | WORD(6) ALL = COMMAND ARG REGEX ERROR <*> # 12 | -------------------------------------------------------------------------------- /lib/eventlog/regress/eventlog_store/test4.sudo.out.ok: -------------------------------------------------------------------------------- 1 | HOST=xerxes.sudo.ws ; TTY=ttypb ; CWD=/etc/mail ; USER=root ; TSID=0003FG ; COMMAND=/usr/bin/vi aliases 2 | HOST=xerxes.sudo.ws ; TTY=ttypb ; CWD=/etc/mail ; USER=root ; TSID=0003FG ; COMMAND=/usr/bin/vi aliases ; EXIT=0 3 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test15.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Test filters and pruning 4 | # 5 | 6 | : ${CVTSUDOERS=cvtsudoers} 7 | 8 | $CVTSUDOERS -c "" -f sudoers -p -m user=user1 < sudoers -> LDIF 4 | # 5 | 6 | : ${CVTSUDOERS=cvtsudoers} 7 | 8 | $CVTSUDOERS -c "" -i LDIF -f sudoers $TESTDIR/test24.out.ok | \ 9 | $CVTSUDOERS -c "" -b "ou=SUDOers,dc=sudo,dc=ws" 10 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test27.out.ok: -------------------------------------------------------------------------------- 1 | Parses OK 2 | 3 | Defaults always_query_group_plugin 4 | 5 | root ALL = (root : wheel) ALL 6 | millert ALL = (root : wheel) ALL 7 | %sudo ALL = (root : ALL) ALL 8 | operator ALL = (%wheel) ALL 9 | +netusers +nethosts = (+netrunas) ALL 10 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test21.conf: -------------------------------------------------------------------------------- 1 | defaults = all 2 | expand_aliases = no 3 | input_format = sudoers 4 | order_increment = 10 5 | order_start = 1000 6 | output_format = ldif 7 | sudoers_base = ou=SUDOers,dc=my-domain,dc=com 8 | suppress = defaults 9 | -------------------------------------------------------------------------------- /lib/util/regress/sudo_conf/test1.out.ok: -------------------------------------------------------------------------------- 1 | Set disable_coredump false 2 | Set group_source static 3 | Set max_groups -1 4 | Set probe_interfaces true 5 | Path askpass /usr/X11R6/bin/ssh-askpass 6 | Path noexec /usr/libexec/sudo_noexec.so 7 | Plugin sudoers_policy sudoers.so 8 | Plugin sudoers_io sudoers.so 9 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_io_plugin_version_display_full.stdout: -------------------------------------------------------------------------------- 1 | Example sudo python plugin will log to /tmp/sudo_check_python_exampleXXXXXX/sudo.log 2 | Python io plugin (API 1.0): SudoIOPlugin (loaded from 'SRC_DIR/example_io_plugin.py') 3 | Python Example IO Plugin version: 1.0 4 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test26.err.ok: -------------------------------------------------------------------------------- 1 | cvtsudoers: invalid LDIF attribute: sudoOption:: bG9nX29@1dHB1dA== 2 | cvtsudoers: invalid LDIF attribute: dn:: Y249cm9vdCxvdT1TVURPZXJzLGRjPXN1ZG8sZGM9_d3M= 3 | cvtsudoers: invalid LDIF attribute: dn:: Y249JXdoZWVsLG91PVNVRE9lcnMsZGM9c3VkbyxkYz13cw!== 4 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test27.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Test base64 encoding of non-safe strings 4 | # 5 | 6 | : ${CVTSUDOERS=cvtsudoers} 7 | 8 | $CVTSUDOERS -c "" -b "ou=SUDOers©,dc=sudo,dc=ws" < LDIF -> sudoers 4 | # 5 | 6 | : ${CVTSUDOERS=cvtsudoers} 7 | 8 | $CVTSUDOERS -c "" -b "ou=SUDOers,dc=sudo,dc=ws" $TESTDIR/test23.out.ok | \ 9 | $CVTSUDOERS -c "" -i LDIF -f sudoers | grep -v '^#' 10 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test34.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Test cvtsudoers merge 4 | # * three files, two bound to a host, one global 5 | # 6 | 7 | : ${CVTSUDOERS=cvtsudoers} 8 | 9 | $CVTSUDOERS -f sudoers -l /dev/null xerxes:${TESTDIR}/sudoers1 ${TESTDIR}/sudoers2 xyzzy:${TESTDIR}/sudoers3 10 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test35.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Test cvtsudoers merge 4 | # * three files, two bound to a host, one global 5 | # 6 | 7 | : ${CVTSUDOERS=cvtsudoers} 8 | 9 | $CVTSUDOERS -f sudoers -l /dev/null xerxes:${TESTDIR}/sudoers1 xyzzy:${TESTDIR}/sudoers2 ${TESTDIR}/sudoers3 10 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/fuzz/fuzz_sudoers_ldif.dict: -------------------------------------------------------------------------------- 1 | # Sudoers LDIF attributes 2 | 3 | "description" 4 | "objectClass" 5 | "organizationalRole" 6 | "sudoCommand" 7 | "sudoHost" 8 | "sudoOption" 9 | "sudoOption" 10 | "sudoOrder" 11 | "sudoRunAs" 12 | "sudoRunAsGroup" 13 | "sudoRunAsUser" 14 | "sudoUser" 15 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test27.toke.ok: -------------------------------------------------------------------------------- 1 | # 2 | DEFAULTS DEFVAR 3 | 4 | # 5 | WORD(6) ALL = ( WORD(6) : WORD(6) ) ALL 6 | WORD(6) ALL = ( : WORD(6) ) ALL 7 | USERGROUP ALL = ( : ALL ) ALL 8 | 9 | # 10 | WORD(6) ALL = ( USERGROUP ) ALL 11 | 12 | # 13 | NETGROUP NETGROUP = ( NETGROUP ) ALL 14 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test6.out.ok: -------------------------------------------------------------------------------- 1 | Parses OK 2 | 3 | Defaults:#123 set_home 4 | Defaults>#123 set_home 5 | Defaults:#123 set_home 6 | Defaults>#123 set_home 7 | 8 | #0 ALL = ALL 9 | #0 ALL = (#0 : #0) ALL 10 | #0 ALL = ALL 11 | #0 ALL = (#0 : #0) ALL 12 | %#0 ALL = ALL 13 | %#0 ALL = ALL 14 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/visudo/test1.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Sudo Bug 519: 4 | # Visudo in strict mode reports "parse error" even if there is no error 5 | # 6 | 7 | : ${VISUDO=visudo} 8 | 9 | $VISUDO -csf - < 3 | USERALIAS ALIAS = BEGINSTR STRBODY ENDSTR ERROR <*> 4 | USERALIAS ALIAS = BEGINSTR STRBODY ENDSTR ERROR <*> 5 | USERALIAS ALIAS = ERROR <*> 6 | USERALIAS ALIAS = ERROR <*> 7 | USERALIAS ALIAS = ERROR <*> 8 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_audit_plugin_receives_error.stdout: -------------------------------------------------------------------------------- 1 | (AUDIT) -- Started by user ??? (???) -- 2 | (AUDIT) Requested command: id 3 | (AUDIT) Plugin errorer plugin name (type=AUDIT) got an error: Some error has happened 4 | (AUDIT) Sudo has run into an error: 222 5 | (AUDIT) -- Finished -- 6 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test31.conf: -------------------------------------------------------------------------------- 1 | defaults = all 2 | expand_aliases = no 3 | input_format = sudoers 4 | order_increment = 5 5 | order_padding = 2 6 | order_start = 1000 7 | output_format = ldif 8 | sudoers_base = ou=SUDOers,dc=my-domain,dc=com 9 | suppress = defaults 10 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test14.toke.ok: -------------------------------------------------------------------------------- 1 | CMNDALIAS ALIAS = SHA224_TOK : DIGEST , SHA224_TOK : DIGEST COMMAND 2 | CMNDALIAS ALIAS = SHA256_TOK : DIGEST , SHA256_TOK : DIGEST COMMAND 3 | 4 | WORD(6) ALL = ALIAS , ALIAS , SHA512_TOK : DIGEST COMMAND 5 | 6 | WORD(6) ALL = SHA384_TOK : DIGEST , SHA256_TOK : DIGEST ALL 7 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/testsudoers/test5.out.ok: -------------------------------------------------------------------------------- 1 | testsudoers: test5.inc is world writable 2 | 3 | Entries for user root: 4 | 5 | Password required 6 | 7 | Parse error 8 | testsudoers: test5.inc should be owned by gid 4294967294 9 | 10 | Entries for user root: 11 | 12 | Password required 13 | 14 | Parse error 15 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/visudo/test9.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Test IP and network address in host-based Defaults statements 4 | # Bugzilla #766 5 | # 6 | 7 | : ${VISUDO=visudo} 8 | 9 | $VISUDO -cf - <<-EOF 10 | Defaults@127.0.0.1 !authenticate 11 | Defaults@10.0.0.0/8 !always_set_home 12 | EOF 13 | 14 | exit 0 15 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test14.out.ok: -------------------------------------------------------------------------------- 1 | Defaults>ROOT !set_logname 2 | 3 | Host_Alias CDROM = orion, perseus, hercules 4 | Runas_Alias OPERATOR = operator, backup 5 | User_Alias PARTTIMERS = bostley, jwfox, crawl 6 | Runas_Alias ROOT = root, toor 7 | Cmnd_Alias VIPW = /usr/sbin/vipw, /usr/bin/passwd, /usr/bin/chsh, /usr/bin/chfn 8 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test20.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Test cvtsudoers.conf 4 | # 5 | 6 | : ${CVTSUDOERS=cvtsudoers} 7 | 8 | $CVTSUDOERS -c $TESTDIR/test20.conf < 9 | #include 10 | #include "pwutil_impl.c" 11 | -------------------------------------------------------------------------------- /lib/eventlog/regress/logwrap/check_wrap.in: -------------------------------------------------------------------------------- 1 | Jul 11 11:30:17 : tu2sp3-a : command not allowed ; TTY=pts/1 ; PWD=/home/tu2sp3-a ; USER=root ; COMMAND=/opt/quest/bin/vastool list users 2 | 0,60-80,120,140 3 | Jun 26 18:00:06 : millert : TTY=ttypm ; PWD=/usr/src/local/millert/hg/sudo/build ; USER=root ; TSID=0004KT ; COMMAND=/bin/rm /root/.bash_profile 4 | 0,60-80,120,140 5 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test11.out.ok: -------------------------------------------------------------------------------- 1 | Defaults!PAGERS noexec 2 | 3 | Host_Alias CDROM = orion, perseus, hercules 4 | Runas_Alias OPERATOR = operator, backup 5 | Cmnd_Alias PAGERS = /usr/bin/more, /usr/bin/pg, /usr/bin/less 6 | User_Alias PARTTIMERS = bostley, jwfox, crawl 7 | Cmnd_Alias VIPW = /usr/sbin/vipw, /usr/bin/passwd, /usr/bin/chsh, /usr/bin/chfn 8 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test1.toke.ok: -------------------------------------------------------------------------------- 1 | # 2 | # 3 | # 4 | # 5 | WORD(6) ALL = LOG_INPUT LOG_OUTPUT COMMAND ARG : ALL = NOLOG_INPUT NOLOG_OUTPUT COMMAND 6 | WORD(6) ALL = NOPASSWD NOEXEC SETENV COMMAND : ALL = PASSWD EXEC NOSETENV COMMAND 7 | WORD(6) ALL = MAIL COMMAND : ALL = NOMAIL COMMAND 8 | WORD(6) ALL = FOLLOW COMMAND ARG : ALL = NOFOLLOW COMMAND ARG 9 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test3.ldif.ok: -------------------------------------------------------------------------------- 1 | # Unable to translate stdin:3:23: 2 | # Defaults:foo, bar env_reset 3 | 4 | # Unable to translate stdin:4:27: 5 | # Defaults:foo, bar env_reset 6 | 7 | # Unable to translate stdin:5:29: 8 | # Defaults:foo, " bar" env_reset 9 | 10 | # Unable to translate stdin:6:28: 11 | # Defaults:foo, bar env_reset 12 | 13 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/testsudoers/group: -------------------------------------------------------------------------------- 1 | wheel:*:0:root 2 | daemon:*:1:daemon 3 | kmem:*:2:root 4 | sys:*:3:root 5 | tty:*:4:root 6 | operator:*:5:root 7 | bin:*:7: 8 | wsrc:*:9: 9 | users:*:10: 10 | auth:*:11: 11 | games:*:13: 12 | staff:*:20:root 13 | guest:*:31:root 14 | admin:*:1000: 15 | fakeshell:*:1001: 16 | nogroup:*:32766: 17 | nobody:*:32767: 18 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_audit_plugin_version_display.stdout: -------------------------------------------------------------------------------- 1 | (AUDIT) -- Started by user root (0) -- 2 | Python Example Audit Plugin 3 | Python audit plugin (API 1.0): SudoAuditPlugin (loaded from 'SRC_DIR/example_audit_plugin.py') 4 | Python Example Audit Plugin (version=1.0) 5 | (AUDIT) Sudo has run into an error: 222 6 | (AUDIT) -- Finished -- 7 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test31.ldif2sudo.ok: -------------------------------------------------------------------------------- 1 | # sudoRole user1 2 | user1 ALL = ROLE=foo_r TYPE=bar_t ALL 3 | 4 | # sudoRole user2 5 | user2 ALL = APPARMOR_PROFILE=usr.bin.tcpdump /usr/bin/tcpdump 6 | 7 | # sudoRole user3 8 | user3 ALL =\ 9 | PRIVS="file_link_any,net_access,proc_exec,proc_fork,proc_info,proc_session"\ 10 | LIMITPRIVS="default" ALL 11 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/visudo/test4.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Test cycle detection and duplicate entries. 4 | # Prior to sudo 1.8.7 this resulted in a false positive. 5 | # 6 | 7 | : ${VISUDO=visudo} 8 | 9 | $VISUDO -csf - <&1 11 | $TESTSUDOERS -g bin -P ${TESTDIR}/group root id <&1 11 | $TESTSUDOERS -U $MYUID -G $MYGID root id <root !set_logname 3 | Defaults:millert, mikef, dowdy !lecture 4 | Defaults:millert !authenticate 5 | Defaults!/usr/bin/more, /usr/bin/pg, /usr/bin/less noexec 6 | 7 | millert, mikef, dowdy ALL = NOPASSWD: ALL 8 | 9 | ALL orion, perseus, hercules = NOPASSWD: /sbin/umount /CDROM, /sbin/mount -o\ 10 | nosuid\,nodev /dev/cd0a /CDROM 11 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test18.in: -------------------------------------------------------------------------------- 1 | # Test command_timeout and TIMEOUT syntax errors 2 | Defaults command_timeout=2d8h10m59ss 3 | Defaults:root command_timeout=15f 4 | user0 ALL = TIMEOUT=7dd4h10m30s /usr/bin/id, /usr/bin/who, TIMEOUT=0 /bin/ls 5 | user1 ALL = TIMEOUT=7d4h10mm30s /usr/bin/id 6 | user2 ALL = TIMEOUT=4hg10m30s /usr/bin/id 7 | user3 ALL = TIMEOUT=10m30ss /usr/bin/id 8 | user4 ALL = TIMEOUT=14g /usr/bin/id 9 | -------------------------------------------------------------------------------- /docker/fedora/rawhide/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM docker.io/library/fedora:rawhide 2 | ENV TZ=America/Denver 3 | 4 | RUN dnf -y install audit-libs-devel cyrus-sasl-devel glibc-devel krb5-devel \ 5 | libasan libubsan libselinux-devel libsepol-devel make openldap-devel \ 6 | openssl-devel pam-devel python3-devel rpm-build zlib-devel binutils \ 7 | ed gcc gdb git openssh pkg-config procps which 8 | RUN useradd -ms /bin/bash build 9 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test19.out.ok: -------------------------------------------------------------------------------- 1 | Defaults syslog=auth 2 | Defaults>root !set_logname 3 | Defaults:FULLTIMERS !lecture 4 | Defaults@SERVERS log_year, logfile=/var/log/sudo.log 5 | Defaults!PAGERS noexec 6 | 7 | User_Alias FULLTIMERS = millert, mikef, dowdy 8 | Cmnd_Alias PAGERS = /usr/bin/more, /usr/bin/pg, /usr/bin/less 9 | Host_Alias SERVERS = primary, mail, www, ns 10 | 11 | FULLTIMERS ALL = NOPASSWD: ALL 12 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/testsudoers/test19.out.ok: -------------------------------------------------------------------------------- 1 | Parses OK 2 | 3 | Entries for user root: 4 | 5 | ALL = /bin/ls "" 6 | host allowed 7 | runas allowed 8 | cmnd allowed 9 | 10 | Password required 11 | 12 | Command allowed 13 | Parses OK 14 | 15 | Entries for user root: 16 | 17 | ALL = /bin/ls "" 18 | host allowed 19 | runas allowed 20 | cmnd unmatched 21 | 22 | Password required 23 | 24 | Command unmatched 25 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/visudo/test2.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Test cycle detection 4 | # Prior to sudo 1.8.6p5 this resulted in a core dump (stack smash) 5 | # The names of the aliases (or rather their lexical order) is important. 6 | # 7 | 8 | : ${VISUDO=visudo} 9 | 10 | $VISUDO -csf - <&1 9 | 10 | # This should succeed 11 | $TESTSUDOERS root /bin/ls <<'EOF' 12 | root ALL = /bin/ls "" 13 | EOF 14 | 15 | # This should fail 16 | $TESTSUDOERS root /bin/ls '""' <<'EOF' 17 | root ALL = /bin/ls "" 18 | EOF 19 | 20 | exit 0 21 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test39.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Test handling of a backslash at EOF with no trailing newline. 4 | # 5 | # If compiled with address sanitizer, cvtsudoers will crash without the 6 | # fix in ceaf706ab74b from https://github.com/sudo-project/sudo/pull/196. 7 | # 8 | 9 | : ${CVTSUDOERS=cvtsudoers} 10 | 11 | printf 'dn: cn= Manager\\' | \ 12 | $CVTSUDOERS -c "" -b "ou=SUDOers,dc=sudo,dc=ws" -i ldif -f sudoers 13 | -------------------------------------------------------------------------------- /lib/iolog/regress/fuzz/fuzz_iolog_json.dict: -------------------------------------------------------------------------------- 1 | # I/O log JSON keywords 2 | "\"columns\"" 3 | "\"command\"" 4 | "\"dumped_core\"" 5 | "\"exit_value\"" 6 | "\"lines\"" 7 | "\"run_time\"" 8 | "\"runargv\"" 9 | "\"runenv\"" 10 | "\"rungid\"" 11 | "\"rungroup\"" 12 | "\"runuid\"" 13 | "\"runuser\"" 14 | "\"runchroot\"" 15 | "\"runcwd\"" 16 | "\"signal\"" 17 | "\"submitcwd\"" 18 | "\"submithost\"" 19 | "\"submituser\"" 20 | "\"timestamp\"" 21 | "\"ttyname\""" 22 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test27.in: -------------------------------------------------------------------------------- 1 | # Query the group plugin too (if there is one) 2 | Defaults always_query_group_plugin 3 | 4 | # Test RunasGroup with and without RunasUser 5 | root ALL = ( root : wheel ) ALL 6 | millert ALL = ( : wheel ) ALL 7 | %sudo ALL = ( : ALL ) ALL 8 | 9 | # Test RunasUser with %group syntax 10 | operator ALL = ( %wheel ) ALL 11 | 12 | # Test netgroup for user and host 13 | +netusers +nethosts = ( +netrunas ) ALL 14 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test6.in: -------------------------------------------------------------------------------- 1 | # Check that uids work in per-user and per-runas Defaults 2 | Defaults:#123 set_home 3 | Defaults>#123 set_home 4 | Defaults:"#123" set_home 5 | Defaults>"#123" set_home 6 | 7 | # Check that uids work in a Command_Spec 8 | #0 ALL = ALL 9 | #0 ALL = (#0 : #0) ALL 10 | "#0" ALL = ALL 11 | "#0" ALL = ("#0" : "#0") ALL 12 | 13 | # Check that gids work in a Command_Spec 14 | %#0 ALL = ALL 15 | "%#0" ALL = ALL 16 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test23.toke.ok: -------------------------------------------------------------------------------- 1 | # 2 | DEFAULTS DEFVAR = BEGINSTR STRBODY ENDSTR WORD(4) 3 | DEFAULTS DEFVAR += BEGINSTR STRBODY ENDSTR WORD(4) 4 | 5 | DEFAULTS DEFVAR = BEGINSTR STRBODY ENDSTR WORD(4) 6 | DEFAULTS DEFVAR += BEGINSTR STRBODY ENDSTR WORD(4) 7 | 8 | DEFAULTS DEFVAR += BEGINSTR STRBODY ENDSTR WORD(4) 9 | DEFAULTS DEFVAR -= WORD(2) 10 | DEFAULTS DEFVAR += BEGINSTR STRBODY ENDSTR WORD(4) 11 | DEFAULTS DEFVAR += WORD(2) 12 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_io_plugin_command_log.stored: -------------------------------------------------------------------------------- 1 | -- Plugin STARTED -- 2 | EXEC id --help 3 | EXEC info [ 4 | "command=/bin/id", 5 | "runas_uid=0" 6 | ] 7 | STD IN some standard input 8 | STD OUT some standard output 9 | STD ERR some standard error 10 | SUSPEND SIGTSTP 11 | SUSPEND SIGCONT 12 | WINSIZE 200x100 13 | TTY IN some tty input 14 | TTY OUT some tty output 15 | CLOSE Command returned 1 16 | -- Plugin DESTROYED -- 17 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/testsudoers/test2.out.ok: -------------------------------------------------------------------------------- 1 | Testing @include 2 | 3 | Parses OK 4 | 5 | Entries for user root: 6 | 7 | ALL = ALL 8 | host allowed 9 | runas allowed 10 | cmnd allowed 11 | 12 | Password required 13 | 14 | Command allowed 15 | 16 | Testing #include 17 | 18 | Parses OK 19 | 20 | Entries for user root: 21 | 22 | ALL = ALL 23 | host allowed 24 | runas allowed 25 | cmnd allowed 26 | 27 | Password required 28 | 29 | Command allowed 30 | -------------------------------------------------------------------------------- /lib/eventlog/regress/parse_json/test3.in: -------------------------------------------------------------------------------- 1 | { 2 | "true": false, 3 | "false": true, 4 | "number": 1234567890, 5 | "null": null, 6 | "string": "non\u0073ense", 7 | "scope": { 8 | "a": "b", 9 | "bah": null 10 | }, 11 | "array1": [ 12 | "foo", 13 | "bar", 14 | [ 15 | 123, 16 | null, 17 | false, 18 | "fizz", 19 | "buzz" 20 | ] 21 | ] 22 | } 23 | -------------------------------------------------------------------------------- /lib/eventlog/regress/parse_json/test3.out.ok: -------------------------------------------------------------------------------- 1 | { 2 | "true": false, 3 | "false": true, 4 | "number": 1234567890, 5 | "null": null, 6 | "string": "nonsense", 7 | "scope": { 8 | "a": "b", 9 | "bah": null 10 | }, 11 | "array1": [ 12 | "foo", 13 | "bar", 14 | [ 15 | 123, 16 | null, 17 | false, 18 | "fizz", 19 | "buzz" 20 | ] 21 | ] 22 | } 23 | -------------------------------------------------------------------------------- /lib/zlib/inffast.h: -------------------------------------------------------------------------------- 1 | /* inffast.h -- header to use inffast.c 2 | * Copyright (C) 1995-2003, 2010 Mark Adler 3 | * For conditions of distribution and use, see copyright notice in zlib.h 4 | */ 5 | 6 | /* WARNING: this file should *not* be used by applications. It is 7 | part of the implementation of the compression library and is 8 | subject to change. Applications should only use zlib.h. 9 | */ 10 | 11 | void ZLIB_INTERNAL inflate_fast(z_streamp strm, unsigned start); 12 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_debugging_py_calls@diag.log: -------------------------------------------------------------------------------- 1 | DebugDemoPlugin.__init__ was called with arguments: () [('plugin_options', ('ModulePath=SRC_DIR/example_debugging.py', 'ClassName=DebugDemoPlugin')), ('settings', ('debug_flags=/tmp/sudo_check_python_exampleXXXXXX/debug.log py_calls@diag', 'plugin_path=python_plugin.so')), ('user_env', ()), ('user_info', ()), ('version', '1.0')] 2 | DebugDemoPlugin.__init__ returned result: 3 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_io_plugin_command_log_multiple1.stored: -------------------------------------------------------------------------------- 1 | -- Plugin STARTED -- 2 | EXEC id --help 3 | EXEC info [ 4 | "command=/bin/id", 5 | "runas_uid=0" 6 | ] 7 | STD IN stdin for plugin 1 8 | STD OUT stdout for plugin 1 9 | STD ERR stderr for plugin 1 10 | SUSPEND SIGTSTP 11 | SUSPEND SIGCONT 12 | WINSIZE 20x10 13 | TTY IN tty input for plugin 1 14 | TTY OUT tty output for plugin 1 15 | CLOSE Command returned 1 16 | -- Plugin DESTROYED -- 17 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_io_plugin_command_log_multiple2.stored: -------------------------------------------------------------------------------- 1 | -- Plugin STARTED -- 2 | EXEC whoami 3 | EXEC info [ 4 | "command=/bin/whoami", 5 | "runas_uid=1" 6 | ] 7 | STD IN stdin for plugin 2 8 | STD OUT stdout for plugin 2 9 | STD ERR stderr for plugin 2 10 | SUSPEND SIGSTOP 11 | SUSPEND SIGCONT 12 | WINSIZE 30x40 13 | TTY IN tty input for plugin 2 14 | TTY OUT tty output for plugin 2 15 | CLOSE Command returned 2 16 | -- Plugin DESTROYED -- 17 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test27.out.ok: -------------------------------------------------------------------------------- 1 | dn:: Y249ZGVmYXVsdHMsb3U9U1VET2Vyc8KpLGRjPXN1ZG8sZGM9d3M= 2 | objectClass: top 3 | objectClass: sudoRole 4 | cn: defaults 5 | description: Default sudoOption's go here 6 | sudoOption:: YmFkcGFzc19tZXNzYWdlPUJhZCBwYXNzd29yZMKh 7 | 8 | dn:: Y249cm9vdCxvdT1TVURPZXJzwqksZGM9c3VkbyxkYz13cw== 9 | objectClass: top 10 | objectClass: sudoRole 11 | cn: root 12 | sudoUser: root 13 | sudoHost: ALL 14 | sudoCommand: ALL 15 | sudoOrder: 1 16 | 17 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test23.ldif2sudo.ok: -------------------------------------------------------------------------------- 1 | Defaults env_check="COLORTERM LANG LANGUAGE LC_* LINGUAS" 2 | Defaults env_check+="TERM TZ" 3 | Defaults env_delete="IFS CDPATH LOCALDOMAIN RES_OPTIONS HOSTALIASES" 4 | Defaults env_delete+="NLSPATH PATH_LOCALE LD_* _RLD*" 5 | Defaults env_keep+="LANG LANGUAGE LINGUAS LC_* _XKB_CHARSET" 6 | Defaults env_keep-=_XKB_CHARSET 7 | Defaults env_keep+="XAPPLRESDIR XFILESEARCHPATH XUSERFILESEARCHPATH" 8 | Defaults env_keep+=XDG_SESSION_COOKIE 9 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test24.ldif2sudo.ok: -------------------------------------------------------------------------------- 1 | Defaults runcwd=~ 2 | Defaults runcwd=~ 3 | Defaults runchroot=/ 4 | Defaults runchroot=/ 5 | 6 | # sudoRole user0 7 | user0 ALL = CHROOT=/var/www CWD=/htdocs /bin/ksh 8 | 9 | # sudoRole user1 10 | user1 ALL = CHROOT=/var/www CWD=/htdocs /bin/ksh 11 | 12 | # sudoRole user2, user2_1 13 | user2 ALL = CWD=~root /usr/bin/id, CWD=/tmp /bin/ls 14 | 15 | # sudoRole user3, user3_1 16 | user3 ALL = CWD=~root /usr/bin/id, CWD=/tmp /bin/ls 17 | -------------------------------------------------------------------------------- /logsrvd/regress/logsrvd_conf/logsrvd_dhparams.pem: -------------------------------------------------------------------------------- 1 | -----BEGIN DH PARAMETERS----- 2 | MIIBCAKCAQEA/QJRAmmGCZw79LyKinHUA0fEEzDiUkhuILieN0LLruznj4RBebQi 3 | 0sEa7YrFPG7z/eLU/aoBaJmWiX3ZOGReM1NoMJgZJezkY3HBiHombb9lBJHOSaHK 4 | rT6viG3tBiu3DiByC+hdcp9xWfXkxgC944tIiTdFJtgYWw1KUBRHnSMob+ulZ2VE 5 | COZE8HX7Nbp26fsfOKgcb/AX0fMLOetG0aaSgYAtyOGx1toRAFhEcdq/lusdkbzy 6 | SUWwXfMXZorZoPudn31w7IN2wvDtP7v5fGqx6e9c91Orhy96sC7jmwedK/BGnkRi 7 | XwnI6LNXwg30g4vLuinegqcNzmqcFY0wIwIBAg== 8 | -----END DH PARAMETERS----- 9 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_debugging_plugin@info.log: -------------------------------------------------------------------------------- 1 | __init__ @ SRC_DIR/example_debugging.py:58 debugs: 2 | My demo purpose plugin shows this ERROR level debug message 3 | __init__ @ SRC_DIR/example_debugging.py:63 debugs: 4 | My demo purpose plugin shows this INFO level debug message 5 | handle @ logging/__init__.py debugs: 6 | Python log system shows this ERROR level debug message 7 | handle @ logging/__init__.py debugs: 8 | Python log system shows this INFO level debug message 9 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test23.out.ok: -------------------------------------------------------------------------------- 1 | Parses OK 2 | 3 | Defaults env_check="COLORTERM LANG LANGUAGE LC_* LINGUAS" 4 | Defaults env_check+="TERM TZ" 5 | Defaults env_delete="IFS CDPATH LOCALDOMAIN RES_OPTIONS HOSTALIASES" 6 | Defaults env_delete+="NLSPATH PATH_LOCALE LD_* _RLD*" 7 | Defaults env_keep+="LANG LANGUAGE LINGUAS LC_* _XKB_CHARSET" 8 | Defaults env_keep-=_XKB_CHARSET 9 | Defaults env_keep+="XAPPLRESDIR XFILESEARCHPATH XUSERFILESEARCHPATH" 10 | Defaults env_keep+=XDG_SESSION_COOKIE 11 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/testsudoers/test12.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Test sudoers file with multiple syntax errors 4 | # The standard error output is dup'd to the standard output. 5 | # 6 | 7 | : ${TESTSUDOERS=testsudoers} 8 | 9 | echo "Testing sudoers with multiple syntax errors" 10 | echo "" 11 | $TESTSUDOERS -d <&1 | sed 's/\(syntax error\), .*/\1/' 12 | User_Alias A1 = u1 u2 : A2 = u3, u4 13 | 14 | millert ALL = /fail : foo 15 | 16 | root ALL = ALL bar 17 | 18 | root ALL = baz 19 | EOF 20 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/testsudoers/test8.out.ok: -------------------------------------------------------------------------------- 1 | Testing @include without a newline 2 | 3 | Parses OK 4 | 5 | Entries for user root: 6 | 7 | ALL = ALL 8 | host allowed 9 | runas allowed 10 | cmnd allowed 11 | 12 | Password required 13 | 14 | Command allowed 15 | 16 | Testing #include without a newline 17 | 18 | Parses OK 19 | 20 | Entries for user root: 21 | 22 | ALL = ALL 23 | host allowed 24 | runas allowed 25 | cmnd allowed 26 | 27 | Password required 28 | 29 | Command allowed 30 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_group_plugin_is_able_to_debug.log: -------------------------------------------------------------------------------- 1 | SudoGroupPlugin.__init__ was called with arguments: () [('args', ('ModulePath=SRC_DIR/example_group_plugin.py', 'ClassName=SudoGroupPlugin')), ('version', '1.0')] 2 | SudoGroupPlugin.__init__ returned result: 3 | SudoGroupPlugin.query was called with arguments: ('user', 'group', ('pw_name', 'pw_passwd', 1001, 101, 'pw_gecos', 'pw_dir', 'pw_shell')) 4 | SudoGroupPlugin.query returned result: 0 5 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test1.ldif2sudo.ok: -------------------------------------------------------------------------------- 1 | # sudoRole user1, user1_1 2 | user1 ALL = LOG_INPUT: LOG_OUTPUT: /usr/bin/su -, NOLOG_INPUT: NOLOG_OUTPUT:\ 3 | /usr/bin/id 4 | 5 | # sudoRole user2, user2_1 6 | user2 ALL = SETENV: NOEXEC: NOPASSWD: /usr/bin/vi, NOSETENV: EXEC: PASSWD:\ 7 | /usr/bin/echo 8 | 9 | # sudoRole user3, user3_1 10 | user3 ALL = MAIL: /bin/sh, NOMAIL: /usr/bin/id 11 | 12 | # sudoRole user4, user4_1 13 | user4 ALL = FOLLOW: sudoedit /etc/motd, NOFOLLOW: sudoedit /home/*/* 14 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test1.out.ok: -------------------------------------------------------------------------------- 1 | Defaults syslog=auth 2 | Defaults>root !set_logname 3 | Defaults:FULLTIMERS !lecture 4 | Defaults:millert !authenticate 5 | Defaults!PAGERS noexec 6 | 7 | Host_Alias CDROM = orion, perseus, hercules 8 | User_Alias FULLTIMERS = millert, mikef, dowdy 9 | Cmnd_Alias PAGERS = /usr/bin/more, /usr/bin/pg, /usr/bin/less 10 | 11 | FULLTIMERS ALL = NOPASSWD: ALL 12 | 13 | ALL CDROM = NOPASSWD: /sbin/umount /CDROM, /sbin/mount -o nosuid\,nodev\ 14 | /dev/cd0a /CDROM 15 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/testsudoers/test27.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Verify that runas_check_shell works as expected. 4 | # 5 | 6 | : ${TESTSUDOERS=testsudoers} 7 | 8 | exec 2>&1 9 | 10 | # This should fail due to fakeshell's shell 11 | $TESTSUDOERS -u fakeshell -p ${TESTDIR}/passwd -P ${TESTDIR}/group \ 12 | admin /bin/ls <<'EOF' 13 | Defaults runas_check_shell 14 | admin ALL = (ALL) /bin/ls 15 | EOF 16 | 17 | # Expected failure 18 | if [ $? -eq 0 ]; then 19 | exit 1 20 | else 21 | exit 0 22 | fi 23 | -------------------------------------------------------------------------------- /etc/codespell.skip: -------------------------------------------------------------------------------- 1 | \.in\.sed$ 2 | /data 3 | Makefile\.in 4 | ^ChangeLog$ 5 | ^MANIFEST$ 6 | ^aclocal\.m4$ 7 | ^autogen\.sh$ 8 | ^config\.h\.in$ 9 | ^configure$ 10 | ^docs/.*\.man\.in$ 11 | ^docs/CONTRIBUTORS$ 12 | ^etc/codespell 13 | ^lib/util/fnmatch\.c$ 14 | ^lib/util/getaddrinfo\.c$ 15 | ^lib/zlib/ 16 | ^libtool$ 17 | ^m4/libtool\.m4$ 18 | ^m4/lt.*\.m4$ 19 | ^plugins/sudoers/po/ 20 | ^po/ 21 | ^scripts/config\.guess$ 22 | ^scripts/config\.sub$ 23 | ^scripts/ltmain\.sh$ 24 | ^scripts/mkinstalldirs$ 25 | ^scripts/pp$ 26 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/testsudoers/test12.out.ok: -------------------------------------------------------------------------------- 1 | Testing sudoers with multiple syntax errors 2 | 3 | sudoers:1:20: syntax error 4 | User_Alias A1 = u1 u2 : A2 = u3, u4 5 | ^~ 6 | sudoers:3:26: syntax error 7 | millert ALL = /fail : foo 8 | ^ 9 | sudoers:5:16: syntax error 10 | root ALL = ALL bar 11 | ^~~ 12 | sudoers:7:12: expected a fully-qualified path name 13 | root ALL = baz 14 | ^~~ 15 | 16 | User_Alias A1 = u1 17 | 18 | millert ALL = /fail 19 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/testsudoers/test20.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Verify CHROOT and CWD support 4 | # This will catch an unpatched double-free in set_cmnd_path() under ASAN. 5 | # 6 | 7 | : ${TESTSUDOERS=testsudoers} 8 | 9 | exec 2>&1 10 | 11 | # Exercise double free of user_cmnd in set_cmnd_path() under ASAN. 12 | # We need more than one rule where the last rule matches and has CHROOT. 13 | $TESTSUDOERS root /bin/ls <<'EOF' 14 | root ALL = CWD=/ /bin/pwd 15 | root ALL = CHROOT=/ /bin/ls 16 | EOF 17 | 18 | exit 0 19 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test41.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Test behavior of undefined aliases using --expand-aliases in JSON output. 4 | # https://github.com/sudo-project/sudo/issues/381 5 | # 6 | 7 | : ${CVTSUDOERS=cvtsudoers} 8 | 9 | $CVTSUDOERS -c "" -f json -e <&1 11 | 12 | # The root user must *not* belong to the group specified below. 13 | $TESTSUDOERS -u root -g bin -p ${TESTDIR}/passwd -P ${TESTDIR}/group \ 14 | admin /bin/ls <<'EOF' 15 | admin ALL = /bin/ls 16 | EOF 17 | 18 | exit 0 19 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/testsudoers/test13.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Test sudoers file with reserved words as alias names. 4 | # The standard error output is dup'd to the standard output. 5 | # 6 | 7 | : ${TESTSUDOERS=testsudoers} 8 | 9 | echo "Testing alias definitions using reserved words" 10 | echo "" 11 | $TESTSUDOERS -d <&1 12 | Cmnd_Alias ALL=ALL 13 | Cmnd_Alias CHROOT=foo 14 | User_Alias TIMEOUT=foo 15 | Runas_Alias CWD=bar 16 | Host_Alias NOTBEFORE=baz 17 | Host_Alias NOTAFTER=biff 18 | 19 | root ALL = ALL 20 | EOF 21 | 22 | exit 0 23 | -------------------------------------------------------------------------------- /etc/init.d/aix.sh.in: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Simple AIX rc.d script to remove the sudo timestamp directory on boot. 4 | # This is needed because AIX does not have /var/run. 5 | # Install as /etc/rc.d/init.d/sudo with a link /etc/rc.d/rc2.d/S90sudo 6 | # 7 | 8 | PATH=/usr/sbin:/usr/bin:/sbin 9 | export PATH 10 | 11 | TSDIR="@rundir@/ts" 12 | rval=0 13 | 14 | case "$1" in 15 | start) 16 | echo "Removing the $TSDIR directory" 17 | rm -rf "$TSDIR" 18 | ;; 19 | *) 20 | echo "usage: $0 start" 21 | rval=1 22 | ;; 23 | esac 24 | 25 | exit $rval 26 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test23.in: -------------------------------------------------------------------------------- 1 | # Test parsing of env_check, env_delete and env_keep 2 | Defaults env_check = "COLORTERM LANG LANGUAGE LC_* LINGUAS" 3 | Defaults env_check += "TERM TZ" 4 | 5 | Defaults env_delete = "IFS CDPATH LOCALDOMAIN RES_OPTIONS HOSTALIASES" 6 | Defaults env_delete += "NLSPATH PATH_LOCALE LD_* _RLD*" 7 | 8 | Defaults env_keep += "LANG LANGUAGE LINGUAS LC_* _XKB_CHARSET" 9 | Defaults env_keep -= _XKB_CHARSET 10 | Defaults env_keep += "XAPPLRESDIR XFILESEARCHPATH XUSERFILESEARCHPATH" 11 | Defaults env_keep += XDG_SESSION_COOKIE 12 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test6.toke.ok: -------------------------------------------------------------------------------- 1 | # 2 | DEFAULTS_USER WORD(6) DEFVAR 3 | DEFAULTS_RUNAS WORD(6) DEFVAR 4 | DEFAULTS_USER BEGINSTR STRBODY ENDSTR WORD(4) DEFVAR 5 | DEFAULTS_RUNAS BEGINSTR STRBODY ENDSTR WORD(4) DEFVAR 6 | 7 | # 8 | WORD(6) ALL = ALL 9 | WORD(6) ALL = ( WORD(6) : WORD(6) ) ALL 10 | BEGINSTR STRBODY ENDSTR WORD(4) ALL = ALL 11 | BEGINSTR STRBODY ENDSTR WORD(4) ALL = ( BEGINSTR STRBODY ENDSTR WORD(4) : BEGINSTR STRBODY ENDSTR WORD(4) ) ALL 12 | 13 | # 14 | USERGROUP ALL = ALL 15 | BEGINSTR STRBODY ENDSTR USERGROUP ALL = ALL 16 | -------------------------------------------------------------------------------- /autogen.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # OpenBSD may have multiple versions of autoconf and automake installed 4 | # If the user hasn't chosen one themselves, we do here. 5 | if [ "`/usr/bin/uname 2>&1`" = "OpenBSD" ]; then 6 | if [ X"$AUTOMAKE_VERSION" = X"" ]; then 7 | AUTOMAKE_VERSION=1.16; export AUTOMAKE_VERSION 8 | fi 9 | if [ X"$AUTOCONF_VERSION" = X"" ]; then 10 | AUTOCONF_VERSION=2.71; export AUTOCONF_VERSION 11 | fi 12 | fi 13 | 14 | set -ex 15 | 16 | autoreconf -f -i -v -Wall -I m4 17 | 18 | rm -rf autom4te.cache 19 | 20 | exit 0 21 | -------------------------------------------------------------------------------- /docker/debian/latest/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM docker.io/library/debian:latest 2 | 3 | RUN DEBIAN_FRONTEND=noninteractive TZ=America/Denver apt-get update && \ 4 | DEBIAN_FRONTEND=noninteractive TZ=America/Denver apt-get install -y \ 5 | build-essential curl dpkg-dev ed fakeroot file git libapparmor-dev \ 6 | libaudit-dev libkrb5-dev libldap2-dev libpam0g-dev libpython3-dev \ 7 | libsasl2-dev libselinux1-dev libsepol-dev libssl-dev libwolfssl-dev \ 8 | lsb-release ncurses-term openssh-client pkg-config procps python3-dev \ 9 | ssh zlib1g-dev 10 | RUN useradd -ms /bin/bash build 11 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/testsudoers/test14.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Test entries with no trailing newline. 4 | # 5 | 6 | : ${TESTSUDOERS=testsudoers} 7 | 8 | exec 2>&1 9 | 10 | echo "" 11 | echo "Testing user privilege without a newline" 12 | echo "" 13 | printf "millert ALL = ALL" | $TESTSUDOERS -d 14 | 15 | echo "" 16 | echo "Testing alias without a newline" 17 | echo "" 18 | printf "Cmnd_Alias FOO=/bin/bar" | $TESTSUDOERS -d 19 | 20 | echo "" 21 | echo "Testing Defaults without a newline" 22 | echo "" 23 | printf "Defaults log_output" | $TESTSUDOERS -d 24 | 25 | exit 0 26 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/testsudoers/test2.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Test @include facility 4 | # 5 | 6 | : ${TESTSUDOERS=testsudoers} 7 | 8 | MYUID=`\ls -ln $TESTDIR/test2.inc | awk '{print $3}'` 9 | MYGID=`\ls -ln $TESTDIR/test2.inc | awk '{print $4}'` 10 | exec 2>&1 11 | 12 | echo "Testing @include" 13 | echo "" 14 | $TESTSUDOERS -U $MYUID -G $MYGID root id < COMMAND , COMMAND , CMND_TIMEOUT = WORD(6) COMMAND 5 | WORD(6) ALL = CMND_TIMEOUT = WORD(6) <*> COMMAND 6 | WORD(6) ALL = CMND_TIMEOUT = WORD(6) <*> COMMAND 7 | WORD(6) ALL = CMND_TIMEOUT = WORD(6) <*> COMMAND 8 | WORD(6) ALL = CMND_TIMEOUT = WORD(6) <*> COMMAND 9 | sudoers:2:26: value "2d8h10m59ss" is invalid for option "command_timeout" 10 | sudoers:3:31: value "15f" is invalid for option "command_timeout" 11 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test19.toke.ok: -------------------------------------------------------------------------------- 1 | # 2 | # 3 | WORD(6) ALL = NOTBEFORE = WORD(6) NOTAFTER = WORD(6) COMMAND , COMMAND 4 | WORD(6) ALL = NOTBEFORE = WORD(6) COMMAND , NOTAFTER = WORD(6) COMMAND 5 | WORD(6) ALL = NOTBEFORE = WORD(6) COMMAND 6 | WORD(6) ALL = NOTBEFORE = WORD(6) COMMAND 7 | WORD(6) ALL = NOTBEFORE = WORD(6) COMMAND 8 | WORD(6) ALL = NOTBEFORE = WORD(6) COMMAND 9 | WORD(6) ALL = NOTBEFORE = WORD(6) COMMAND 10 | WORD(6) ALL = NOTBEFORE = WORD(6) COMMAND 11 | WORD(6) ALL = NOTBEFORE = WORD(6) COMMAND 12 | WORD(6) ALL = NOTBEFORE = WORD(6) COMMAND 13 | -------------------------------------------------------------------------------- /docker/ubuntu/latest/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM docker.io/library/ubuntu:latest 2 | 3 | RUN DEBIAN_FRONTEND=noninteractive TZ=America/Denver apt-get update && \ 4 | DEBIAN_FRONTEND=noninteractive TZ=America/Denver apt-get install -y \ 5 | build-essential curl dpkg-dev ed fakeroot file git libapparmor-dev \ 6 | libaudit-dev libkrb5-dev libldap2-dev libpam0g-dev libpython3-dev \ 7 | libsasl2-dev libselinux1-dev libsepol-dev libssl-dev libwolfssl-dev \ 8 | lsb-release ncurses-term openssh-client pkg-config procps python3-dev \ 9 | ssh zlib1g-dev 10 | RUN useradd -ms /bin/bash build 11 | -------------------------------------------------------------------------------- /docker/ubuntu/rolling/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM docker.io/library/ubuntu:rolling 2 | 3 | RUN DEBIAN_FRONTEND=noninteractive TZ=America/Denver apt-get update && \ 4 | DEBIAN_FRONTEND=noninteractive TZ=America/Denver apt-get install -y \ 5 | build-essential curl dpkg-dev ed fakeroot file git libapparmor-dev \ 6 | libaudit-dev libkrb5-dev libldap2-dev libpam0g-dev libpython3-dev \ 7 | libsasl2-dev libselinux1-dev libsepol-dev libssl-dev libwolfssl-dev \ 8 | lsb-release ncurses-term openssh-client pkg-config procps python3-dev \ 9 | ssh zlib1g-dev 10 | RUN useradd -ms /bin/bash build 11 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test21.out.ok: -------------------------------------------------------------------------------- 1 | dn: cn=ALL,ou=SUDOers,dc=my-domain,dc=com 2 | objectClass: top 3 | objectClass: sudoRole 4 | cn: ALL 5 | sudoUser: ALL 6 | sudoHost: ALL 7 | sudoRunAsUser: 8 | sudoOption: !authenticate 9 | sudoCommand: /usr/bin/id 10 | sudoOrder: 1000 11 | 12 | dn: cn=FULLTIMERS,ou=SUDOers,dc=my-domain,dc=com 13 | objectClass: top 14 | objectClass: sudoRole 15 | cn: FULLTIMERS 16 | sudoUser: user1 17 | sudoUser: user2 18 | sudoUser: user3 19 | sudoHost: ALL 20 | sudoRunAsUser: ALL 21 | sudoRunAsGroup: ALL 22 | sudoCommand: ALL 23 | sudoOrder: 1010 24 | 25 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test31.out.ok: -------------------------------------------------------------------------------- 1 | dn: cn=ALL,ou=SUDOers,dc=my-domain,dc=com 2 | objectClass: top 3 | objectClass: sudoRole 4 | cn: ALL 5 | sudoUser: ALL 6 | sudoHost: ALL 7 | sudoRunAsUser: 8 | sudoOption: !authenticate 9 | sudoCommand: /usr/bin/id 10 | sudoOrder: 100000 11 | 12 | dn: cn=FULLTIMERS,ou=SUDOers,dc=my-domain,dc=com 13 | objectClass: top 14 | objectClass: sudoRole 15 | cn: FULLTIMERS 16 | sudoUser: user1 17 | sudoUser: user2 18 | sudoUser: user3 19 | sudoHost: ALL 20 | sudoRunAsUser: ALL 21 | sudoRunAsGroup: ALL 22 | sudoCommand: ALL 23 | sudoOrder: 100005 24 | 25 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_debugging_c_calls@diag.log: -------------------------------------------------------------------------------- 1 | sudo.debug was called with arguments: (DEBUG.ERROR, 'My demo purpose plugin shows this ERROR level debug message') 2 | sudo.debug was called with arguments: (DEBUG.INFO, 'My demo purpose plugin shows this INFO level debug message') 3 | LogHandler.emit was called 4 | LogHandler.emit was called 5 | sudo.options_as_dict was called with arguments: (('ModulePath=SRC_DIR/example_debugging.py', 'ClassName=DebugDemoPlugin'),) 6 | sudo.options_as_dict returned result: [('ClassName', 'DebugDemoPlugin'), ('ModulePath', 'SRC_DIR/example_debugging.py')] 7 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test14.in: -------------------------------------------------------------------------------- 1 | Cmnd_Alias LS = sha224:d06a2617c98d377c250edd470fd5e576327748d82915d6e33b5f8db1, sha224:d7910e1967342b4605cb73a550944044c631cd3514001900966962ac /bin/ls 2 | Cmnd_Alias SH = sha256:hOtoe/iK6SlGg7w4BfZBBdSsXjUmTJ5+ts51yjh7vkM=, sha256:1IXHRCxXgSnIEnb+xBz4PAfWaPdXIBWKFF0QCwxJ5G4= /bin/sh 3 | 4 | millert ALL = LS, SH, sha512:srzYEQ2aqzm+it3f74opTMkIImZRLxBARVpb0g9RSouJYdLt7DTRMEY4Ry9NyaOiDoUIplpNjqYH0JMYPVdFnw /bin/kill 5 | 6 | operator ALL = sha384:knMlCLkJ71K6uRrKo5C1CAvZ5kq+mRpjKDD/RofGosFjiGcYhiYYZORVyiRHgBnu, sha256:1IXHRCxXgSnIEnb+xBz4PAfWaPdXIBWKFF0QCwxJ5G4= ALL 7 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test20.ldif2sudo.ok: -------------------------------------------------------------------------------- 1 | Defaults lecture 2 | Defaults !lecture 3 | Defaults lecture=never 4 | Defaults lecture=once 5 | Defaults lecture=always 6 | Defaults listpw 7 | Defaults !listpw 8 | Defaults listpw=never 9 | Defaults listpw=any 10 | Defaults listpw=all 11 | Defaults listpw=always 12 | Defaults verifypw 13 | Defaults !verifypw 14 | Defaults verifypw=never 15 | Defaults verifypw=any 16 | Defaults verifypw=all 17 | Defaults verifypw=always 18 | Defaults fdexec 19 | Defaults !fdexec 20 | Defaults fdexec=never 21 | Defaults fdexec=digest_only 22 | Defaults fdexec=always 23 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test32.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Test cvtsudoers.conf with invalid padding 4 | # 5 | 6 | : ${CVTSUDOERS=cvtsudoers} 7 | 8 | $CVTSUDOERS -c "" -b "ou=SUDOers,dc=my-domain,dc=com" -O 1000 -P 1 <&1 10 | 11 | # The user in USERALIAS must *not* belong to the group in GROUPALIAS 12 | # in the group or passwd file in order to reproduce the bug. 13 | $TESTSUDOERS -u root -g bin -p ${TESTDIR}/passwd -P ${TESTDIR}/group \ 14 | admin /bin/ls <<'EOF' 15 | Runas_Alias USERALIAS = root 16 | Runas_Alias GROUPALIAS = bin 17 | admin ALL = (USERALIAS : GROUPALIAS) /bin/ls 18 | EOF 19 | 20 | exit 0 21 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test20.in: -------------------------------------------------------------------------------- 1 | # Test parsing of tuples 2 | Defaults lecture 3 | Defaults !lecture 4 | Defaults lecture=never 5 | Defaults lecture=once 6 | Defaults lecture=always 7 | 8 | Defaults listpw 9 | Defaults !listpw 10 | Defaults listpw=never 11 | Defaults listpw=any 12 | Defaults listpw=all 13 | Defaults listpw=always 14 | 15 | Defaults verifypw 16 | Defaults !verifypw 17 | Defaults verifypw=never 18 | Defaults verifypw=any 19 | Defaults verifypw=all 20 | Defaults verifypw=always 21 | 22 | Defaults fdexec 23 | Defaults !fdexec 24 | Defaults fdexec=never 25 | Defaults fdexec=digest_only 26 | Defaults fdexec=always 27 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test16.json.ok: -------------------------------------------------------------------------------- 1 | { 2 | "Command_Aliases": { 3 | "EDIT": [ 4 | { "command": "sudoedit /etc/motd" } 5 | ] 6 | }, 7 | "User_Specs": [ 8 | { 9 | "User_List": [ 10 | { "username": "user" } 11 | ], 12 | "Host_List": [ 13 | { "hostname": "ALL" } 14 | ], 15 | "Cmnd_Specs": [ 16 | { 17 | "Commands": [ 18 | { "cmndalias": "EDIT" } 19 | ] 20 | } 21 | ] 22 | } 23 | ] 24 | } 25 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test24.toke.ok: -------------------------------------------------------------------------------- 1 | # 2 | DEFAULTS DEFVAR = WORD(2) 3 | DEFAULTS DEFVAR = BEGINSTR STRBODY ENDSTR WORD(4) 4 | DEFAULTS DEFVAR = WORD(2) 5 | DEFAULTS DEFVAR = BEGINSTR STRBODY ENDSTR WORD(4) 6 | # 7 | WORD(6) ALL = CHROOT = WORD(5) sudoers:7:20: "CHROOT" is deprecated 8 | CWD = WORD(5) COMMAND 9 | WORD(6) ALL = CHROOT = BEGINSTR STRBODY ENDSTR WORD(4) sudoers:8:29: "CHROOT" is deprecated 10 | CWD = BEGINSTR STRBODY ENDSTR WORD(4) COMMAND 11 | WORD(6) ALL = CWD = WORD(5) COMMAND , CWD = WORD(5) COMMAND 12 | WORD(6) ALL = CWD = BEGINSTR STRBODY ENDSTR WORD(4) COMMAND , CWD = BEGINSTR STRBODY ENDSTR WORD(4) COMMAND 13 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test23.ldif.ok: -------------------------------------------------------------------------------- 1 | dn: cn=defaults,ou=SUDOers,dc=sudo,dc=ws 2 | objectClass: top 3 | objectClass: sudoRole 4 | cn: defaults 5 | description: Default sudoOption's go here 6 | sudoOption: env_check=COLORTERM LANG LANGUAGE LC_* LINGUAS 7 | sudoOption: env_check+=TERM TZ 8 | sudoOption: env_delete=IFS CDPATH LOCALDOMAIN RES_OPTIONS HOSTALIASES 9 | sudoOption: env_delete+=NLSPATH PATH_LOCALE LD_* _RLD* 10 | sudoOption: env_keep+=LANG LANGUAGE LINGUAS LC_* _XKB_CHARSET 11 | sudoOption: env_keep-=_XKB_CHARSET 12 | sudoOption: env_keep+=XAPPLRESDIR XFILESEARCHPATH XUSERFILESEARCHPATH 13 | sudoOption: env_keep+=XDG_SESSION_COOKIE 14 | 15 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test19.out.ok: -------------------------------------------------------------------------------- 1 | Parses OK 2 | 3 | user0 ALL = NOTBEFORE=20170214083000Z NOTAFTER=20170301083000Z /usr/bin/id, /bin/ls 4 | user1 ALL = NOTBEFORE=20170214083000Z /usr/bin/id, NOTAFTER=20170301083000Z /bin/ls 5 | user2 ALL = NOTBEFORE=20170214083018Z /usr/bin/id 6 | user3 ALL = NOTBEFORE=20170214080000Z /usr/bin/id 7 | user4 ALL = NOTBEFORE=20170214082400Z /usr/bin/id 8 | user5 ALL = NOTBEFORE=20170214083000Z /usr/bin/id 9 | user6 ALL = NOTBEFORE=20170214083000Z /usr/bin/id 10 | user7 ALL = NOTBEFORE=20170214083000Z /usr/bin/id 11 | user8 ALL = NOTBEFORE=20170214083000Z /usr/bin/id 12 | user9 ALL = NOTBEFORE=20170214083000Z /usr/bin/id 13 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test28.toke.ok: -------------------------------------------------------------------------------- 1 | # 2 | DEFAULTS DEFVAR = BEGINSTR STRBODY ENDSTR WORD(4) 3 | 4 | # 5 | WORD(6) ALL = COMMAND ARG REGEX 6 | 7 | # 8 | WORD(6) ALL = COMMAND ARG REGEX 9 | 10 | # 11 | WORD(6) ALL = COMMAND 12 | 13 | # 14 | WORD(6) ALL = COMMAND ARG 15 | 16 | # 17 | WORD(6) ALL = COMMAND ARG 18 | 19 | # 20 | WORD(6) ALL = COMMAND ARG 21 | 22 | # 23 | WORD(6) ALL = COMMAND ARG REGEX 24 | 25 | # 26 | WORD(6) ALL = COMMAND ARG REGEX 27 | 28 | # 29 | WORD(6) ALL = COMMAND 30 | 31 | # 32 | WORD(6) WORD(6) = COMMAND ARG REGEX , COMMAND ARG REGEX : WORD(6) = COMMAND ARG , COMMAND ARG : WORD(6) = COMMAND ARG REGEX QUOTEDCHAR 33 | -------------------------------------------------------------------------------- /plugins/python/example_approval_plugin.py: -------------------------------------------------------------------------------- 1 | import sudo 2 | 3 | from datetime import datetime 4 | 5 | 6 | class BusinessHoursApprovalPlugin(sudo.Plugin): 7 | def check(self, command_info: tuple, run_argv: tuple, 8 | run_env: tuple) -> int: 9 | error_msg = "" 10 | now = datetime.now() 11 | if now.weekday() >= 5: 12 | error_msg = "That is not allowed on the weekend!" 13 | if now.hour < 8 or now.hour > 17: 14 | error_msg = "That is not allowed outside the business hours!" 15 | 16 | if error_msg: 17 | sudo.log_info(error_msg) 18 | raise sudo.PluginReject(error_msg) 19 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/testsudoers/test15.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Test @include of a file with a missing newline 4 | # 5 | 6 | : ${TESTSUDOERS=testsudoers} 7 | 8 | # Create test file 9 | TESTDIR="`pwd`/regress/testsudoers" 10 | printf "root ALL = ALL" >"$TESTDIR/test15.inc" 11 | 12 | MYUID=`\ls -lnd "$TESTDIR/test15.inc" | awk '{print $3}'` 13 | MYGID=`\ls -lnd "$TESTDIR/test15.inc" | awk '{print $4}'` 14 | exec 2>&1 15 | 16 | echo "Testing @include of a file with a missing newline" 17 | echo "" 18 | $TESTSUDOERS -U $MYUID -G $MYGID root id <<-EOF 19 | @include $TESTDIR/test15.inc 20 | ALL ALL = /usr/bin/id 21 | EOF 22 | 23 | rm -f "$TESTDIR/test15.inc" 24 | exit 0 25 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test14.ldif2sudo.ok: -------------------------------------------------------------------------------- 1 | # sudoRole millert 2 | millert ALL = sha224:d06a2617c98d377c250edd470fd5e576327748d82915d6e33b5f8db1,\ 3 | sha224:d7910e1967342b4605cb73a550944044c631cd3514001900966962ac /bin/ls,\ 4 | sha256:hOtoe/iK6SlGg7w4BfZBBdSsXjUmTJ5+ts51yjh7vkM=,\ 5 | sha256:1IXHRCxXgSnIEnb+xBz4PAfWaPdXIBWKFF0QCwxJ5G4= /bin/sh,\ 6 | sha512:srzYEQ2aqzm+it3f74opTMkIImZRLxBARVpb0g9RSouJYdLt7DTRMEY4Ry9NyaOiDoUIplpNjqYH0JMYPVdFnw\ 7 | /bin/kill 8 | 9 | # sudoRole operator 10 | operator ALL =\ 11 | sha384:knMlCLkJ71K6uRrKo5C1CAvZ5kq+mRpjKDD/RofGosFjiGcYhiYYZORVyiRHgBnu,\ 12 | sha256:1IXHRCxXgSnIEnb+xBz4PAfWaPdXIBWKFF0QCwxJ5G4= ALL 13 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test20.toke.ok: -------------------------------------------------------------------------------- 1 | # 2 | DEFAULTS DEFVAR 3 | DEFAULTS !DEFVAR 4 | DEFAULTS DEFVAR = WORD(2) 5 | DEFAULTS DEFVAR = WORD(2) 6 | DEFAULTS DEFVAR = WORD(2) 7 | 8 | DEFAULTS DEFVAR 9 | DEFAULTS !DEFVAR 10 | DEFAULTS DEFVAR = WORD(2) 11 | DEFAULTS DEFVAR = WORD(2) 12 | DEFAULTS DEFVAR = WORD(2) 13 | DEFAULTS DEFVAR = WORD(2) 14 | 15 | DEFAULTS DEFVAR 16 | DEFAULTS !DEFVAR 17 | DEFAULTS DEFVAR = WORD(2) 18 | DEFAULTS DEFVAR = WORD(2) 19 | DEFAULTS DEFVAR = WORD(2) 20 | DEFAULTS DEFVAR = WORD(2) 21 | 22 | DEFAULTS DEFVAR 23 | DEFAULTS !DEFVAR 24 | DEFAULTS DEFVAR = WORD(2) 25 | DEFAULTS DEFVAR = WORD(2) 26 | DEFAULTS DEFVAR = WORD(2) 27 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test36.out.ok: -------------------------------------------------------------------------------- 1 | Defaults\ 2 | secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin 3 | Defaults log_output 4 | Defaults!/usr/bin/sudoreplay !log_output 5 | Defaults!/usr/local/bin/sudoreplay !log_output 6 | Defaults!REBOOT !log_output 7 | 8 | User_Alias ADMINS = millert, dowdy, mikef 9 | Cmnd_Alias PROCESSES = /usr/bin/nice, /bin/kill, /usr/bin/renice,\ 10 | /usr/bin/pkill, /usr/bin/top 11 | Cmnd_Alias REBOOT = /sbin/halt, /sbin/reboot, /sbin/poweroff 12 | Host_Alias WEBSERVERS = www1, www2, www3 13 | Host_Alias WEBSERVERS_1 = www1, www2, www3, www4 14 | 15 | root ALL = (ALL) ALL 16 | 17 | ALL ALL = (ALL) /usr/bin/id 18 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test37.out.ok: -------------------------------------------------------------------------------- 1 | Defaults\ 2 | secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin 3 | Defaults log_output 4 | Defaults!/usr/bin/sudoreplay !log_output 5 | Defaults!/usr/local/bin/sudoreplay !log_output 6 | Defaults!REBOOT !log_output 7 | 8 | User_Alias ADMINS = millert, dowdy, mikef 9 | Cmnd_Alias PROCESSES = /usr/bin/nice, /bin/kill, /usr/bin/renice,\ 10 | /usr/bin/pkill, /usr/bin/top 11 | Cmnd_Alias REBOOT = /sbin/halt, /sbin/reboot, /sbin/poweroff 12 | Host_Alias WEBSERVERS = www1, www2, www3 13 | Host_Alias WEBSERVERS_1 = www1, www2, www3, www4 14 | 15 | root ALL = (ALL) ALL 16 | 17 | ALL ALL = (ALL) /usr/bin/id 18 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test41.out.ok: -------------------------------------------------------------------------------- 1 | { 2 | "Defaults": [ 3 | { 4 | "Binding": [ 5 | { "username": "CLI_USR" } 6 | ], 7 | "Options": [ 8 | { "lecture": false } 9 | ] 10 | }, 11 | { 12 | "Binding": [ 13 | { "hostname": "SUN_HST" } 14 | ], 15 | "Options": [ 16 | { "log_year": true } 17 | ] 18 | }, 19 | { 20 | "Binding": [ 21 | ], 22 | "Options": [ 23 | { "use_pty": false } 24 | ] 25 | } 26 | ] 27 | } 28 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/testsudoers/test11.out.ok: -------------------------------------------------------------------------------- 1 | Testing @include with garbage after the path name 2 | 3 | sudoers:1:24: syntax error 4 | @include sudoers.local womp womp 5 | ^~~~ 6 | testsudoers: unable to open sudoers.local: No such file or directory 7 | 8 | Entries for user root: 9 | 10 | Password required 11 | 12 | Parse error 13 | 14 | Testing #include with garbage after the path name 15 | 16 | sudoers:1:24: syntax error 17 | #include sudoers.local womp womp 18 | ^~~~ 19 | testsudoers: unable to open sudoers.local: No such file or directory 20 | 21 | Entries for user root: 22 | 23 | Password required 24 | 25 | Parse error 26 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test40.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Test use-after-free in cvtsudoers when filtering by command. 4 | # 5 | # If compiled with address sanitizer, cvtsudoers will crash without the 6 | # fix in 9da99e0e671e. 7 | # 8 | 9 | : ${CVTSUDOERS=cvtsudoers} 10 | 11 | $CVTSUDOERS -c "" -i ldif -b "ou=SUDOers,dc=sudo,dc=ws" -m cmd='/bin/ls' -p <&1 12 | 13 | echo "Testing @include without a newline" 14 | echo "" 15 | printf "@include $TESTDIR/test2.inc" | \ 16 | $TESTSUDOERS -U $MYUID -G $MYGID root id 17 | 18 | echo "" 19 | echo "Testing #include without a newline" 20 | echo "" 21 | printf "#include $TESTDIR/test2.inc" | \ 22 | $TESTSUDOERS -U $MYUID -G $MYGID root id 23 | 24 | exit 0 25 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/visudo/test3.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Sudo Bug 361: 4 | # Exercises a bug in the redblack tree code. 5 | # 6 | 7 | : ${VISUDO=visudo} 8 | 9 | $VISUDO -cf - <"$TESTFILE" <&1 17 | 18 | # Test world writable 19 | chmod 666 $TESTFILE 20 | $TESTSUDOERS -U $MYUID -G $MYGID root id <ROOT !set_logname 3 | Defaults:FULLTIMERS !lecture 4 | Defaults:millert !authenticate 5 | Defaults@SERVERS log_year, logfile=/var/log/sudo.log 6 | Defaults!PAGERS noexec 7 | 8 | User_Alias FULLTIMERS = millert, mikef, dowdy 9 | User_Alias PARTTIMERS = bostley, jwfox, crawl 10 | 11 | Host_Alias SERVERS = primary, mail, www, ns 12 | Host_Alias CDROM = orion, perseus, hercules 13 | 14 | Cmnd_Alias VIPW = /usr/sbin/vipw, /usr/bin/passwd, /usr/bin/chsh, \ 15 | /usr/bin/chfn 16 | Cmnd_Alias PAGERS = /usr/bin/more, /usr/bin/pg, /usr/bin/less 17 | 18 | Runas_Alias ROOT = root, toor 19 | Runas_Alias OPERATOR = operator, backup 20 | -------------------------------------------------------------------------------- /plugins/python/regress/plugin_errorstr.py: -------------------------------------------------------------------------------- 1 | import sudo 2 | 3 | 4 | # The purpose of this class is that all methods you call on its object 5 | # raises a PluginError with a message containing the name of the called method. 6 | # Eg. if you call "ErrorMsgPlugin().some_method()" it will raise 7 | # "Something wrong in some_method" 8 | class ErrorMsgPlugin(sudo.Plugin): 9 | def __getattr__(self, name): 10 | def raiser_func(*args): 11 | raise sudo.PluginError("Something wrong in " + name) 12 | 13 | return raiser_func 14 | 15 | 16 | class ConstructErrorPlugin(sudo.Plugin): 17 | def __init__(self, **kwargs): 18 | raise sudo.PluginError("Something wrong in plugin constructor") 19 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test23.out.ok: -------------------------------------------------------------------------------- 1 | Defaults logfile=/var/log/sudo 2 | 3 | root ALL = (ALL) ALL 4 | 5 | %wheel ALL = (ALL) ALL 6 | 7 | +admins ALL = NOPASSWD: ALL 8 | 9 | jack 128.138.204.0/24, 128.138.242.0, 128.138.243.0 = ALL 10 | 11 | lisa 128.138.0.0/255.255.0.0 = ALL 12 | 13 | operator ALL = /usr/sbin/dump, /usr/sbin/rdump, /usr/sbin/restore,\ 14 | /usr/sbin/rrestore, /usr/bin/mt,\ 15 | sha224:0GomF8mNN3wlDt1HD9XldjJ3SNgpFdbjO1+NsQ==\ 16 | /home/operator/bin/start_backups, /usr/bin/kill, /usr/bin/top,\ 17 | /usr/sbin/shutdown, /usr/sbin/halt, /usr/sbin/reboot, /usr/sbin/lpc,\ 18 | /usr/bin/lprm, sudoedit /etc/printcap, /usr/oper/bin/ 19 | 20 | joe ALL = /usr/bin/su operator 21 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test17.toke.ok: -------------------------------------------------------------------------------- 1 | # 2 | DEFAULTS DEFVAR = WORD(2) 3 | WORD(6) ALL = CMND_TIMEOUT = WORD(6) COMMAND , COMMAND , CMND_TIMEOUT = WORD(6) COMMAND 4 | WORD(6) ALL = CMND_TIMEOUT = WORD(6) COMMAND 5 | WORD(6) ALL = CMND_TIMEOUT = WORD(6) COMMAND 6 | WORD(6) ALL = CMND_TIMEOUT = WORD(6) COMMAND 7 | WORD(6) ALL = CMND_TIMEOUT = WORD(6) COMMAND 8 | WORD(6) ALL = CMND_TIMEOUT = WORD(6) COMMAND 9 | WORD(6) ALL = CMND_TIMEOUT = WORD(6) COMMAND 10 | WORD(6) ALL = CMND_TIMEOUT = WORD(6) COMMAND 11 | WORD(6) ALL = CMND_TIMEOUT = WORD(6) COMMAND , CMND_TIMEOUT = WORD(6) COMMAND , CMND_TIMEOUT = WORD(6) COMMAND , CMND_TIMEOUT = WORD(6) COMMAND , CMND_TIMEOUT = WORD(6) COMMAND , CMND_TIMEOUT = WORD(6) COMMAND 12 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test28.out.ok: -------------------------------------------------------------------------------- 1 | Parses OK 2 | 3 | Defaults passprompt_regex="(?i)password: *" 4 | 5 | user ALL = /bin/ls ^/etc/(hosts|motd|issue)$ 6 | user ALL = /usr/bin/c* ^/etc/(hosts|motd|issue)$ 7 | user ALL = ^/usr/bin/(who|w|id|whoami)$ 8 | user ALL = ^/usr/bin/(who|w|id|whoami)$ "" 9 | user ALL = ^/usr/bin/(who|w|id|whoami)$ root 10 | user ALL = ^/usr/bin/(who|w|id|whoami)$ -* 11 | user ALL = ^/usr/bin/(who|w|id|whoami)$ ^(-[ahi] ?)+$ 12 | user ALL = sudoedit ^/etc/(hosts|motd|issue)$ 13 | user ALL = ^/usr/bin/\$tree$ 14 | user host1 = /bin/ls ^/etc/(hosts|motd|issue)$, /usr/bin/c* ^/etc/(hosts|motd|issue)$ : host2 = ^/usr/bin/(who|w|id|whoami)$ "", ^/usr/bin/(who|w|id|whoami)$ root : host3 = /bin/echo ^\$foo$ 15 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_policy_plugin_validate_invalidate.log: -------------------------------------------------------------------------------- 1 | SudoPolicyPlugin.__init__ was called with arguments: () [('plugin_options', ('ModulePath=SRC_DIR/example_policy_plugin.py', 'ClassName=SudoPolicyPlugin')), ('settings', ()), ('user_env', ()), ('user_info', ()), ('version', '1.0')] 2 | SudoPolicyPlugin.__init__ returned result: 3 | SudoPolicyPlugin.validate was called with arguments: () 4 | SudoPolicyPlugin.validate returned result: None 5 | SudoPolicyPlugin.invalidate was called with arguments: (1,) 6 | SudoPolicyPlugin.invalidate returned result: None 7 | SudoPolicyPlugin.invalidate was called with arguments: (0,) 8 | SudoPolicyPlugin.invalidate returned result: None 9 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test34.out.ok: -------------------------------------------------------------------------------- 1 | Defaults log_output 2 | Defaults!/usr/bin/sudoreplay !log_output 3 | Defaults!/usr/local/bin/sudoreplay !log_output 4 | Defaults!REBOOT !log_output 5 | Defaults\ 6 | secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin 7 | 8 | User_Alias ADMINS = millert, dowdy, mikef 9 | Cmnd_Alias PROCESSES = /usr/bin/nice, /bin/kill, /usr/bin/renice,\ 10 | /usr/bin/pkill, /usr/bin/top 11 | Cmnd_Alias REBOOT = /sbin/halt, /sbin/reboot, /sbin/poweroff 12 | Host_Alias WEBSERVERS = www1, www2, www3 13 | Host_Alias WEBSERVERS_1 = www1, www2, www3, www5 14 | Host_Alias WEBSERVERS_2 = www1, www2, www3, www4 15 | 16 | root ALL = (ALL) ALL 17 | 18 | ALL ALL = (ALL) /usr/bin/id 19 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_audit_plugin_workflow_multiple.stdout: -------------------------------------------------------------------------------- 1 | (AUDIT1) -- Started by user default (1000) -- 2 | (AUDIT1) Requested command: id --help 3 | (AUDIT2) -- Started by user default (1000) -- 4 | (AUDIT2) Requested command: id --help 5 | (AUDIT1) Accepted command: /sbin/id --help 6 | (AUDIT1) By the plugin: accepter plugin name (type=POLICY) 7 | (AUDIT1) Environment: KEY1=VALUE1 KEY2=VALUE2 8 | (AUDIT2) Accepted command: /sbin/id --help 9 | (AUDIT2) By the plugin: accepter plugin name (type=POLICY) 10 | (AUDIT2) Environment: KEY1=VALUE1 KEY2=VALUE2 11 | (AUDIT1) Command exited due to signal 11 12 | (AUDIT1) -- Finished -- 13 | (AUDIT2) Command exited due to signal 11 14 | (AUDIT2) -- Finished -- 15 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test35.out.ok: -------------------------------------------------------------------------------- 1 | Defaults@xerxes, xyzzy log_output 2 | Defaults!/usr/bin/sudoreplay !log_output 3 | Defaults!/usr/local/bin/sudoreplay !log_output 4 | Defaults!REBOOT !log_output 5 | Defaults\ 6 | secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin 7 | 8 | User_Alias ADMINS = millert, dowdy, mikef 9 | Cmnd_Alias PROCESSES = /usr/bin/nice, /bin/kill, /usr/bin/renice,\ 10 | /usr/bin/pkill, /usr/bin/top 11 | Cmnd_Alias REBOOT = /sbin/halt, /sbin/reboot, /sbin/poweroff 12 | Host_Alias WEBSERVERS = www1, www2, www3 13 | Host_Alias WEBSERVERS_1 = www1, www2, www3, www5 14 | Host_Alias WEBSERVERS_2 = www1, www2, www3, www4 15 | 16 | root ALL = (ALL) ALL 17 | 18 | ALL ALL = (ALL) /usr/bin/id 19 | -------------------------------------------------------------------------------- /logsrvd/regress/fuzz/fuzz_logsrvd_conf.dict: -------------------------------------------------------------------------------- 1 | "[server]" 2 | "listen_address" 3 | "pid_file" 4 | "tcp_keepalive" 5 | "timeout" 6 | "tls_verify" 7 | "tls_checkpeer" 8 | "tls_cacert" 9 | "tls_cert" 10 | "tls_key" 11 | "tls_ciphers_v12" 12 | "tls_ciphers_v13" 13 | "tls_dhparams" 14 | 15 | "[relay]" 16 | "relay_host" 17 | "connect_timeout" 18 | 19 | "[iolog]" 20 | "iolog_dir" 21 | "iolog_file" 22 | "iolog_compress" 23 | "iolog_flush" 24 | "iolog_group" 25 | "iolog_user" 26 | "iolog_mode" 27 | "log_passwords" 28 | "maxseq" 29 | "passprompt_regex" 30 | 31 | "[eventlog]" 32 | "log_type" 33 | "log_format" 34 | 35 | "[syslog]" 36 | "maxlen" 37 | "facility" 38 | "accept_priority" 39 | "reject_priority" 40 | "alert_priority" 41 | 42 | "[logfile]" 43 | "path" 44 | "time_format" 45 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test19.in: -------------------------------------------------------------------------------- 1 | # Test parsing of NOTBEFORE and NOTAFTER syntax 2 | # Local time zone parsing is checked in visudo/test10.sh 3 | user0 ALL = NOTBEFORE=20170214083000Z NOTAFTER=20170301083000Z /usr/bin/id, /bin/ls 4 | user1 ALL = NOTBEFORE=201702140830Z /usr/bin/id, NOTAFTER=20170301083000Z /bin/ls 5 | user2 ALL = NOTBEFORE=201702140830.3Z /usr/bin/id 6 | user3 ALL = NOTBEFORE=2017021408Z /usr/bin/id 7 | user4 ALL = NOTBEFORE=2017021408.4Z /usr/bin/id 8 | user5 ALL = NOTBEFORE=20170214083000.5Z /usr/bin/id 9 | user6 ALL = NOTBEFORE=20170214083000\,5Z /usr/bin/id 10 | user7 ALL = NOTBEFORE=20170214033000-0500 /usr/bin/id 11 | user8 ALL = NOTBEFORE=20170214033000.0-0500 /usr/bin/id 12 | user9 ALL = NOTBEFORE=20170214033000\,0-0500 /usr/bin/id 13 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/testsudoers/test23.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Verify that a user is not allowed to run commands with their own 4 | # user and group if sudoers doesn't explicitly permit it. 5 | # This tests a bug fixed in sudo 1.9.14. 6 | # 7 | 8 | : ${TESTSUDOERS=testsudoers} 9 | 10 | exec 2>&1 11 | 12 | echo "Testing with user and group set to invoking user:" 13 | echo "" 14 | $TESTSUDOERS -u admin -g admin -p ${TESTDIR}/passwd -P ${TESTDIR}/group \ 15 | admin /bin/ls <<'EOF' 16 | admin ALL = (root) /bin/ls 17 | EOF 18 | 19 | echo "Testing with no user and group set to invoking user:" 20 | echo "" 21 | $TESTSUDOERS -g admin -p ${TESTDIR}/passwd -P ${TESTDIR}/group \ 22 | admin /bin/ls <<'EOF' 23 | admin ALL = (root) /bin/ls 24 | EOF 25 | 26 | exit 0 27 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/visudo/test6.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Verify parsing of Defaults syntax 4 | # 5 | 6 | : ${VISUDO=visudo} 7 | 8 | $VISUDO -csf - <root !set_logname 11 | Defaults:FULLTIMERS !lecture 12 | Defaults:millert !authenticate 13 | Defaults@SERVERS log_year, logfile=/var/log/sudo.log 14 | Defaults!PAGERS noexec 15 | 16 | Defaults env_keep -= "HOME" 17 | Defaults env_keep = "COLORS DISPLAY HOSTNAME HISTSIZE KDEDIR LS_COLORS" 18 | Defaults env_keep += "MAIL PS1 PS2 QTDIR LANG LC_ADDRESS LC_CTYPE" 19 | 20 | User_Alias FULLTIMERS = millert, mikef, dowdy 21 | 22 | Cmnd_Alias PAGERS = /usr/bin/more, /usr/bin/pg, /usr/bin/less 23 | 24 | Host_Alias SERVERS = primary, mail, www, ns 25 | EOF 26 | 27 | exit 0 28 | -------------------------------------------------------------------------------- /lib/zlib/gzclose.c: -------------------------------------------------------------------------------- 1 | /* gzclose.c -- zlib gzclose() function 2 | * Copyright (C) 2004, 2010 Mark Adler 3 | * For conditions of distribution and use, see copyright notice in zlib.h 4 | */ 5 | 6 | #include "gzguts.h" 7 | 8 | /* gzclose() is in a separate file so that it is linked in only if it is used. 9 | That way the other gzclose functions can be used instead to avoid linking in 10 | unneeded compression or decompression routines. */ 11 | int ZEXPORT gzclose(gzFile file) { 12 | #ifndef NO_GZCOMPRESS 13 | gz_statep state; 14 | 15 | if (file == NULL) 16 | return Z_STREAM_ERROR; 17 | state = (gz_statep)file; 18 | 19 | return state->mode == GZ_READ ? gzclose_r(file) : gzclose_w(file); 20 | #else 21 | return gzclose_r(file); 22 | #endif 23 | } 24 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test22.out.ok: -------------------------------------------------------------------------------- 1 | dn: cn=defaults,ou=SUDOers,dc=sudo,dc=ws 2 | objectClass: top 3 | objectClass: sudoRole 4 | cn: defaults 5 | description: Default sudoOption's go here 6 | sudoOption: log_output 7 | 8 | dn: cn=root,ou=SUDOers,dc=sudo,dc=ws 9 | objectClass: top 10 | objectClass: sudoRole 11 | cn: root 12 | sudoUser: root 13 | sudoHost: ALL 14 | sudoRunAsUser: ALL 15 | sudoRunAsGroup: ALL 16 | sudoOption: !authenticate 17 | sudoCommand: ALL 18 | sudoOrder: 10 19 | 20 | dn: cn=%wheel,ou=SUDOers,dc=sudo,dc=ws 21 | objectClass: top 22 | objectClass: sudoRole 23 | cn: %wheel 24 | sudoUser: %wheel 25 | sudoHost: +sudo-hosts 26 | sudoRunAsUser: ALL 27 | sudoRunAsGroup: ALL 28 | sudoOption: !authenticate 29 | sudoCommand: ALL 30 | sudoOrder: 20 31 | 32 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test25.out.ok: -------------------------------------------------------------------------------- 1 | dn: cn=defaults,ou=SUDOers,dc=sudo,dc=ws 2 | objectClass: top 3 | objectClass: sudoRole 4 | cn: defaults 5 | description: Default sudoOption's go here 6 | sudoOption: log_output 7 | 8 | dn: cn=root,ou=SUDOers,dc=sudo,dc=ws 9 | objectClass: top 10 | objectClass: sudoRole 11 | cn: root 12 | sudoUser: root 13 | sudoHost: ALL 14 | sudoRunAsUser: ALL 15 | sudoRunAsGroup: ALL 16 | sudoOption: !authenticate 17 | sudoCommand: ALL 18 | sudoOrder: 10 19 | 20 | dn: cn=%wheel,ou=SUDOers,dc=sudo,dc=ws 21 | objectClass: top 22 | objectClass: sudoRole 23 | cn: %wheel 24 | sudoUser: %wheel 25 | sudoHost: +sudo-hosts 26 | sudoRunAsUser: ALL 27 | sudoRunAsGroup: ALL 28 | sudoOption: !authenticate 29 | sudoCommand: ALL 30 | sudoOrder: 20 31 | 32 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test28.ldif2sudo.ok: -------------------------------------------------------------------------------- 1 | Defaults passprompt_regex="(?i)password: *" 2 | 3 | # sudoRole user, user_1, user_2, user_3, user_4, user_5, user_6, user_7, 4 | # user_8, user_9, user_10, user_11 5 | user ALL = /bin/ls ^/etc/(hosts|motd|issue)$, /usr/bin/c*\ 6 | ^/etc/(hosts|motd|issue)$, ^/usr/bin/(who|w|id|whoami)$,\ 7 | ^/usr/bin/(who|w|id|whoami)$ "", ^/usr/bin/(who|w|id|whoami)$ root,\ 8 | ^/usr/bin/(who|w|id|whoami)$ -*, ^/usr/bin/(who|w|id|whoami)$ ^(-[ahi]\ 9 | ?)+$, sudoedit ^/etc/(hosts|motd|issue)$, ^/usr/bin/\$tree$ : host1 =\ 10 | /bin/ls ^/etc/(hosts|motd|issue)$, /usr/bin/c* ^/etc/(hosts|motd|issue)$ :\ 11 | host2 = ^/usr/bin/(who|w|id|whoami)$ "", ^/usr/bin/(who|w|id|whoami)$ root\ 12 | : host3 = /bin/echo ^\$foo$ 13 | -------------------------------------------------------------------------------- /m4/runlog.m4: -------------------------------------------------------------------------------- 1 | ## -*- Autoconf -*- 2 | # Copyright (C) 2001-2020 Free Software Foundation, Inc. 3 | # 4 | # This file is free software; the Free Software Foundation 5 | # gives unlimited permission to copy and/or distribute it, 6 | # with or without modifications, as long as this notice is preserved. 7 | 8 | # AM_RUN_LOG(COMMAND) 9 | # ------------------- 10 | # Run COMMAND, save the exit status in ac_status, and log it. 11 | # (This has been adapted from Autoconf's _AC_RUN_LOG macro.) 12 | AC_DEFUN([AM_RUN_LOG], 13 | [{ echo "$as_me:$LINENO: $1" >&AS_MESSAGE_LOG_FD 14 | ($1) >&AS_MESSAGE_LOG_FD 2>&AS_MESSAGE_LOG_FD 15 | ac_status=$? 16 | echo "$as_me:$LINENO: \$? = $ac_status" >&AS_MESSAGE_LOG_FD 17 | (exit $ac_status); }]) 18 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test17.ldif2sudo.ok: -------------------------------------------------------------------------------- 1 | Defaults command_timeout=2d8h10m59s 2 | 3 | # sudoRole user0 4 | user0 ALL = TIMEOUT=619830 /usr/bin/id, /usr/bin/who, /bin/ls 5 | 6 | # sudoRole user1 7 | user1 ALL = TIMEOUT=619830 /usr/bin/id 8 | 9 | # sudoRole user2 10 | user2 ALL = TIMEOUT=15030 /usr/bin/id 11 | 12 | # sudoRole user3 13 | user3 ALL = TIMEOUT=630 /usr/bin/id 14 | 15 | # sudoRole user4 16 | user4 ALL = TIMEOUT=1209600 /usr/bin/id 17 | 18 | # sudoRole user5 19 | user5 ALL = TIMEOUT=300 /usr/bin/id 20 | 21 | # sudoRole user6 22 | user6 ALL = TIMEOUT=30 /usr/bin/id 23 | 24 | # sudoRole user7 25 | user7 ALL = TIMEOUT=45 /usr/bin/id 26 | 27 | # sudoRole user8 28 | user8 ALL = TIMEOUT=619830 /usr/bin/id, /usr/bin/id, /usr/bin/id, /usr/bin/id,\ 29 | /usr/bin/id, /usr/bin/id 30 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/testsudoers/test11.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Test @include with garbage after the path name 4 | # The standard error output is dup'd to the standard output. 5 | # 6 | 7 | : ${TESTSUDOERS=testsudoers} 8 | 9 | MYUID=`\ls -ln $TESTDIR/test2.inc | awk '{print $3}'` 10 | MYGID=`\ls -ln $TESTDIR/test2.inc | awk '{print $4}'` 11 | 12 | echo "Testing @include with garbage after the path name" 13 | echo "" 14 | $TESTSUDOERS -U $MYUID -G $MYGID root id <&1 | sed 's/\(syntax error\), .*/\1/' 15 | @include sudoers.local womp womp 16 | EOF 17 | 18 | echo "" 19 | echo "Testing #include with garbage after the path name" 20 | echo "" 21 | $TESTSUDOERS -U $MYUID -G $MYGID root id <&1 | sed 's/\(syntax error\), .*/\1/' 22 | #include sudoers.local womp womp 23 | EOF 24 | 25 | exit 0 26 | -------------------------------------------------------------------------------- /po/README: -------------------------------------------------------------------------------- 1 | NLS Translations for sudo are coordinated through the Translation 2 | Project, at https://translationproject.org/ 3 | 4 | If you would like to contribute a translation for sudo, please join 5 | a translation team at the Translation Project instead of contributing 6 | a po file directly. This will avoid duplicated work if there is 7 | already a translation in progress. If you would like to become a 8 | member of a translation team, please follow the instructions at 9 | https://translationproject.org/html/translators.html 10 | 11 | The messages in sudo are split into two domains: sudo and sudoers. 12 | The former is used by the sudo front-end and utility functions. 13 | The latter is used by the sudoers policy and I/O logging plug-ins 14 | as well as the sudoers-specific commands visudo and sudoreplay. 15 | -------------------------------------------------------------------------------- /lib/iolog/regress/fuzz/fuzz_iolog_legacy.dict: -------------------------------------------------------------------------------- 1 | # Legacy I/O log info file: 2 | # timestamp:submit_user:run_user:run_group:tty:lines:columns 3 | # working directory 4 | # command [args] 5 | 6 | # users and groups 7 | "millert" 8 | "root" 9 | "bin" 10 | "wheel" 11 | "operator" 12 | "testuser" 13 | "alice" 14 | "bob" 15 | "users" 16 | 17 | # terminals 18 | "/dev/console" 19 | "/dev/tty00" 20 | "/dev/tty01" 21 | "/dev/pts/0" 22 | "/dev/pts/1" 23 | "/dev/ttyp2" 24 | "/dev/ttyp3" 25 | 26 | # directories 27 | "/root" 28 | "/home/millert" 29 | "/home/alice" 30 | "/home/bob" 31 | "/tmp" 32 | "/usr/local" 33 | "/usr/src" 34 | 35 | # commands 36 | "/bin/ls" 37 | "/usr/bin/id -u" 38 | "/usr/bin/su -" 39 | "/usr/bin/mailq" 40 | "/usr/bin/make -C /usr/src/usr.bin/sort install" 41 | "/usr/bin/apt update" 42 | "/usr/bin/rpm -e sudo" 43 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test20.ldif.ok: -------------------------------------------------------------------------------- 1 | dn: cn=defaults,ou=SUDOers,dc=sudo,dc=ws 2 | objectClass: top 3 | objectClass: sudoRole 4 | cn: defaults 5 | description: Default sudoOption's go here 6 | sudoOption: lecture 7 | sudoOption: !lecture 8 | sudoOption: lecture=never 9 | sudoOption: lecture=once 10 | sudoOption: lecture=always 11 | sudoOption: listpw 12 | sudoOption: !listpw 13 | sudoOption: listpw=never 14 | sudoOption: listpw=any 15 | sudoOption: listpw=all 16 | sudoOption: listpw=always 17 | sudoOption: verifypw 18 | sudoOption: !verifypw 19 | sudoOption: verifypw=never 20 | sudoOption: verifypw=any 21 | sudoOption: verifypw=all 22 | sudoOption: verifypw=always 23 | sudoOption: fdexec 24 | sudoOption: !fdexec 25 | sudoOption: fdexec=never 26 | sudoOption: fdexec=digest_only 27 | sudoOption: fdexec=always 28 | 29 | -------------------------------------------------------------------------------- /m4/ltversion.m4: -------------------------------------------------------------------------------- 1 | # ltversion.m4 -- version numbers -*- Autoconf -*- 2 | # 3 | # Copyright (C) 2004, 2011-2019, 2021-2024 Free Software Foundation, 4 | # Inc. 5 | # Written by Scott James Remnant, 2004 6 | # 7 | # This file is free software; the Free Software Foundation gives 8 | # unlimited permission to copy and/or distribute it, with or without 9 | # modifications, as long as this notice is preserved. 10 | 11 | # @configure_input@ 12 | 13 | # serial 4441 ltversion.m4 14 | # This file is part of GNU Libtool 15 | 16 | m4_define([LT_PACKAGE_VERSION], [2.5.4]) 17 | m4_define([LT_PACKAGE_REVISION], [2.5.4]) 18 | 19 | AC_DEFUN([LTVERSION_VERSION], 20 | [macro_version='2.5.4' 21 | macro_revision='2.5.4' 22 | _LT_DECL(, macro_version, 0, [Which release of libtool.m4 was used?]) 23 | _LT_DECL(, macro_revision, 0) 24 | ]) 25 | -------------------------------------------------------------------------------- /plugins/sudoers/po/README: -------------------------------------------------------------------------------- 1 | NLS Translations for sudo are coordinated through the Translation 2 | Project, at https://translationproject.org/ 3 | 4 | If you would like to contribute a translation for sudo, please join 5 | a translation team at the Translation Project instead of contributing 6 | a po file directly. This will avoid duplicated work if there is 7 | already a translation in progress. If you would like to become a 8 | member of a translation team, please follow the instructions at 9 | https://translationproject.org/html/translators.html 10 | 11 | The messages in sudo are split into two domains: sudo and sudoers. 12 | The former is used by the sudo front-end and utility functions. 13 | The latter is used by the sudoers policy and I/O logging plug-ins 14 | as well as the sudoers-specific commands visudo and sudoreplay. 15 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/corpus/seed/policy/policy.5: -------------------------------------------------------------------------------- 1 | # sudoedit /etc/hosts 2 | 3 | plugin_path=/usr/libexec/sudo/sudoers.so 4 | progname=sudoedit 5 | network_addrs=127.0.0.1/255.255.255.0 6 | plugin_dir=/usr/libexec/sudo/ 7 | 8 | user=millert 9 | pid=1234 10 | ppid=1230 11 | pgid=1234 12 | tcpgid=1234 13 | sid=1230 14 | uid=1000 15 | euid=0 16 | gid=1000 17 | egid=1000 18 | groups=20,0,1000 19 | umask=022 20 | cwd=/home/millert 21 | tty=/dev/pts/1 22 | host=sudo.ws 23 | lines=24 24 | cols=80 25 | rlimit_core=infinity,infinity 26 | rlimit_cpu=infinity,infinity 27 | rlimit_data=1610612736,34359738368 28 | rlimit_fsize=infinity,infinity 29 | rlimit_memlock=2727370752,8182112256 30 | rlimit_nofile=256,1024 31 | rlimit_nproc=256,512 32 | rlimit_rss=8175603712,8182112256 33 | rlimit_stack=4194304,33554432 34 | 35 | argv=sudoedit 36 | argv=/etc/hosts 37 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/cvtsudoers/test30.out.ok: -------------------------------------------------------------------------------- 1 | { 2 | "User_Specs": [ 3 | { 4 | "User_List": [ 5 | { "username": "user1" }, 6 | { "username": "user2" }, 7 | { "username": "user3" } 8 | ], 9 | "Host_List": [ 10 | { "hostname": "ALL" } 11 | ], 12 | "Cmnd_Specs": [ 13 | { 14 | "Commands": [ 15 | { "command": "/path/to/cmda" }, 16 | { 17 | "command": "/path/to/cmdb", 18 | "negated": true 19 | }, 20 | { "command": "/path/to/cmdc" } 21 | ] 22 | } 23 | ] 24 | } 25 | ] 26 | } 27 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test30.ldif.ok: -------------------------------------------------------------------------------- 1 | dn: cn=user1,ou=SUDOers,dc=sudo,dc=ws 2 | objectClass: top 3 | objectClass: sudoRole 4 | cn: user1 5 | sudoUser: user1 6 | sudoHost: ALL 7 | sudoCommand: list 8 | sudoOrder: 1 9 | 10 | dn: cn=list,ou=SUDOers,dc=sudo,dc=ws 11 | objectClass: top 12 | objectClass: sudoRole 13 | cn: list 14 | sudoUser: list 15 | sudoHost: ALL 16 | sudoCommand: ALL 17 | sudoOrder: 2 18 | 19 | dn: cn=user2,ou=SUDOers,dc=sudo,dc=ws 20 | objectClass: top 21 | objectClass: sudoRole 22 | cn: user2 23 | sudoUser: user2 24 | sudoHost: ALL 25 | sudoRunAsUser: list 26 | sudoRunAsGroup: list 27 | sudoCommand: ALL 28 | sudoOrder: 3 29 | 30 | dn: cn=user3,ou=SUDOers,dc=sudo,dc=ws 31 | objectClass: top 32 | objectClass: sudoRole 33 | cn: user3 34 | sudoUser: user3 35 | sudoHost: list 36 | sudoCommand: ALL 37 | sudoOrder: 4 38 | 39 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test31.ldif.ok: -------------------------------------------------------------------------------- 1 | dn: cn=user1,ou=SUDOers,dc=sudo,dc=ws 2 | objectClass: top 3 | objectClass: sudoRole 4 | cn: user1 5 | sudoUser: user1 6 | sudoHost: ALL 7 | sudoOption: role=foo_r 8 | sudoOption: type=bar_t 9 | sudoCommand: ALL 10 | sudoOrder: 1 11 | 12 | dn: cn=user2,ou=SUDOers,dc=sudo,dc=ws 13 | objectClass: top 14 | objectClass: sudoRole 15 | cn: user2 16 | sudoUser: user2 17 | sudoHost: ALL 18 | sudoOption: apparmor_profile=usr.bin.tcpdump 19 | sudoCommand: /usr/bin/tcpdump 20 | sudoOrder: 2 21 | 22 | dn: cn=user3,ou=SUDOers,dc=sudo,dc=ws 23 | objectClass: top 24 | objectClass: sudoRole 25 | cn: user3 26 | sudoUser: user3 27 | sudoHost: ALL 28 | sudoOption: privs=file_link_any,net_access,proc_exec,proc_fork,proc_info,proc_session 29 | sudoOption: limitprivs=default 30 | sudoCommand: ALL 31 | sudoOrder: 3 32 | 33 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/corpus/seed/policy/policy.4: -------------------------------------------------------------------------------- 1 | # sudo -u nobody /usr/bin/id 2 | 3 | plugin_path=/usr/libexec/sudo/sudoers.so 4 | runas_user=nobody 5 | progname=sudo 6 | network_addrs=127.0.0.1/255.255.255.0 7 | plugin_dir=/usr/libexec/sudo/ 8 | 9 | user=millert 10 | pid=1234 11 | ppid=1230 12 | pgid=1234 13 | tcpgid=1234 14 | sid=1230 15 | uid=1000 16 | euid=0 17 | gid=1000 18 | egid=1000 19 | groups=20,0,1000 20 | umask=022 21 | cwd=/home/millert 22 | tty=/dev/pts/1 23 | host=sudo.ws 24 | lines=24 25 | cols=80 26 | rlimit_core=infinity,infinity 27 | rlimit_cpu=infinity,infinity 28 | rlimit_data=1610612736,34359738368 29 | rlimit_fsize=infinity,infinity 30 | rlimit_memlock=2727370752,8182112256 31 | rlimit_nofile=256,1024 32 | rlimit_nproc=256,512 33 | rlimit_rss=8175603712,8182112256 34 | rlimit_stack=4194304,33554432 35 | 36 | argv=/usr/bin/id 37 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/testsudoers/test13.out.ok: -------------------------------------------------------------------------------- 1 | Testing alias definitions using reserved words 2 | 3 | sudoers:1:12: syntax error, reserved word ALL used as an alias name 4 | Cmnd_Alias ALL=ALL 5 | ^~~ 6 | sudoers:2:12: syntax error, reserved word CHROOT used as an alias name 7 | Cmnd_Alias CHROOT=foo 8 | ^~~~~~ 9 | sudoers:3:12: syntax error, reserved word CMND_TIMEOUT used as an alias name 10 | User_Alias TIMEOUT=foo 11 | ^~~~~~~ 12 | sudoers:4:13: syntax error, reserved word CWD used as an alias name 13 | Runas_Alias CWD=bar 14 | ^~~ 15 | sudoers:5:12: syntax error, reserved word NOTBEFORE used as an alias name 16 | Host_Alias NOTBEFORE=baz 17 | ^~~~~~~~~ 18 | sudoers:6:12: syntax error, reserved word NOTAFTER used as an alias name 19 | Host_Alias NOTAFTER=biff 20 | ^~~~~~~~ 21 | 22 | root ALL = ALL 23 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test22.ldif.ok: -------------------------------------------------------------------------------- 1 | dn: cn=user1,ou=SUDOers,dc=sudo,dc=ws 2 | objectClass: top 3 | objectClass: sudoRole 4 | cn: user1 5 | sudoUser: user1 6 | sudoHost: ALL 7 | sudoRunAsUser: 8 | sudoCommand: ALL 9 | sudoOrder: 1 10 | 11 | dn: cn=user2,ou=SUDOers,dc=sudo,dc=ws 12 | objectClass: top 13 | objectClass: sudoRole 14 | cn: user2 15 | sudoUser: user2 16 | sudoHost: ALL 17 | sudoRunAsUser: 18 | sudoCommand: ALL 19 | sudoOrder: 2 20 | 21 | dn: cn=user3,ou=SUDOers,dc=sudo,dc=ws 22 | objectClass: top 23 | objectClass: sudoRole 24 | cn: user3 25 | sudoUser: user3 26 | sudoHost: ALL 27 | sudoRunAsUser: 28 | sudoCommand: ALL 29 | sudoOrder: 3 30 | 31 | dn: cn=user4,ou=SUDOers,dc=sudo,dc=ws 32 | objectClass: top 33 | objectClass: sudoRole 34 | cn: user4 35 | sudoUser: user4 36 | sudoHost: ALL 37 | sudoRunAsUser: 38 | sudoCommand: ALL 39 | sudoOrder: 4 40 | 41 | -------------------------------------------------------------------------------- /lib/eventlog/regress/eventlog_store/test2.json.out.ok: -------------------------------------------------------------------------------- 1 | { 2 | "submituser": "millert", 3 | "command": "/usr/bin/id", 4 | "runuser": "root", 5 | "source": "sudoRole %wheel", 6 | "ttyname": "/dev/ttyp0", 7 | "submithost": "xerxes.sudo.ws", 8 | "submitcwd": "/usr/src/local/millert/sudo/trunk", 9 | "runuid": 0, 10 | "columns": 80, 11 | "lines": 24, 12 | "runargv": [ 13 | "id" 14 | ], 15 | "runenv": [ 16 | "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", 17 | "TERM=tmux", 18 | "LANG=en_US.UTF-8", 19 | "MAIL=/var/mail/root", 20 | "LOGNAME=root", 21 | "USER=root", 22 | "HOME=/root", 23 | "SHELL=/bin/bash", 24 | "SUDO_COMMAND=/usr/bin/id", 25 | "SUDO_USER=millert", 26 | "SUDO_UID=8036", 27 | "SUDO_GID=20" 28 | ] 29 | } 30 | -------------------------------------------------------------------------------- /lib/util/regress/glob/files: -------------------------------------------------------------------------------- 1 | fake/bin/[ 2 | fake/bin/cat 3 | fake/bin/chgrp 4 | fake/bin/chio 5 | fake/bin/chmod 6 | fake/bin/cksum 7 | fake/bin/cp 8 | fake/bin/cpio 9 | fake/bin/csh 10 | fake/bin/date 11 | fake/bin/dd 12 | fake/bin/df 13 | fake/bin/domainname 14 | fake/bin/echo 15 | fake/bin/ed 16 | fake/bin/eject 17 | fake/bin/expr 18 | fake/bin/hostname 19 | fake/bin/kill 20 | fake/bin/ksh 21 | fake/bin/ln 22 | fake/bin/ls 23 | fake/bin/md5 24 | fake/bin/mkdir 25 | fake/bin/mt 26 | fake/bin/mv 27 | fake/bin/pax 28 | fake/bin/ps 29 | fake/bin/pwd 30 | fake/bin/rcp 31 | fake/bin/rksh 32 | fake/bin/rm 33 | fake/bin/rmail 34 | fake/bin/rmd160 35 | fake/bin/rmdir 36 | fake/bin/sh 37 | fake/bin/sha1 38 | fake/bin/sha256 39 | fake/bin/sha384 40 | fake/bin/sha512 41 | fake/bin/sleep 42 | fake/bin/stty 43 | fake/bin/sum 44 | fake/bin/sync 45 | fake/bin/systrace 46 | fake/bin/tar 47 | fake/bin/test 48 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/testsudoers/test24.out.ok: -------------------------------------------------------------------------------- 1 | Parses OK 2 | 3 | Entries for user root: 4 | 5 | ALL = NOTBEFORE=20170214083000Z /bin/ls 6 | host allowed 7 | date allowed 8 | runas allowed 9 | cmnd allowed 10 | 11 | Password required 12 | 13 | Command allowed 14 | Parses OK 15 | 16 | Entries for user root: 17 | 18 | ALL = NOTBEFORE=20170214083001Z /bin/ls 19 | host allowed 20 | date denied 21 | 22 | Password required 23 | 24 | Command unmatched 25 | Parses OK 26 | 27 | Entries for user root: 28 | 29 | ALL = NOTAFTER=20170214083000Z /bin/ls 30 | host allowed 31 | date allowed 32 | runas allowed 33 | cmnd allowed 34 | 35 | Password required 36 | 37 | Command allowed 38 | Parses OK 39 | 40 | Entries for user root: 41 | 42 | ALL = NOTAFTER=20170214083000Z /bin/ls 43 | host allowed 44 | date denied 45 | 46 | Password required 47 | 48 | Command unmatched 49 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/visudo/test7.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Test sudoers_locale early Defaults 4 | # 5 | 6 | : ${VISUDO=visudo} 7 | 8 | LANG=C; export LANG 9 | LC_NUMERIC=fr_FR.UTF-8; export LC_NUMERIC 10 | 11 | # First check that visudo supports non-C locales 12 | # Note that older versions of sudo did not set the locale 13 | # until sudoers was read so this check will fail on them. 14 | $VISUDO -csf - >/dev/null 2>&1 <<-EOF 15 | Defaults sudoers_locale = fr_FR.UTF-8 16 | Defaults passwd_timeout = "2,5" 17 | EOF 18 | 19 | # Now make sure we can set passwd_timeout to a floating point value 20 | # using a non-C locale. 21 | if [ $? -eq 0 ]; then 22 | $VISUDO -csf - <<-EOF 23 | Defaults passwd_timeout = "2,5" 24 | Defaults sudoers_locale = fr_FR.UTF-8 25 | EOF 26 | else 27 | # No support for LC_NUMERIC? 28 | echo "stdin: parsed OK" 29 | fi 30 | 31 | exit 0 32 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_debugging_c_calls@info.log: -------------------------------------------------------------------------------- 1 | __init__ @ SRC_DIR/example_debugging.py:58 calls C function: 2 | sudo.debug was called with arguments: (DEBUG.ERROR, 'My demo purpose plugin shows this ERROR level debug message') 3 | __init__ @ SRC_DIR/example_debugging.py:63 calls C function: 4 | sudo.debug was called with arguments: (DEBUG.INFO, 'My demo purpose plugin shows this INFO level debug message') 5 | handle @ logging/__init__.py calls C function: 6 | LogHandler.emit was called 7 | handle @ logging/__init__.py calls C function: 8 | LogHandler.emit was called 9 | __init__ @ SRC_DIR/example_debugging.py:85 calls C function: 10 | sudo.options_as_dict was called with arguments: (('ModulePath=SRC_DIR/example_debugging.py', 'ClassName=DebugDemoPlugin'),) 11 | sudo.options_as_dict returned result: [('ClassName', 'DebugDemoPlugin'), ('ModulePath', 'SRC_DIR/example_debugging.py')] 12 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test19.ldif2sudo.ok: -------------------------------------------------------------------------------- 1 | # sudoRole user0 2 | user0 ALL = NOTBEFORE=20170214083000Z NOTAFTER=20170301083000Z /usr/bin/id,\ 3 | /bin/ls 4 | 5 | # sudoRole user1 6 | user1 ALL = NOTBEFORE=20170214083000Z /usr/bin/id, /bin/ls 7 | 8 | # sudoRole user2 9 | user2 ALL = NOTBEFORE=20170214083018Z /usr/bin/id 10 | 11 | # sudoRole user3 12 | user3 ALL = NOTBEFORE=20170214080000Z /usr/bin/id 13 | 14 | # sudoRole user4 15 | user4 ALL = NOTBEFORE=20170214082400Z /usr/bin/id 16 | 17 | # sudoRole user5 18 | user5 ALL = NOTBEFORE=20170214083000Z /usr/bin/id 19 | 20 | # sudoRole user6 21 | user6 ALL = NOTBEFORE=20170214083000Z /usr/bin/id 22 | 23 | # sudoRole user7 24 | user7 ALL = NOTBEFORE=20170214083000Z /usr/bin/id 25 | 26 | # sudoRole user8 27 | user8 ALL = NOTBEFORE=20170214083000Z /usr/bin/id 28 | 29 | # sudoRole user9 30 | user9 ALL = NOTBEFORE=20170214083000Z /usr/bin/id 31 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_debugging_py_calls@info.log: -------------------------------------------------------------------------------- 1 | DebugDemoPlugin.__init__ was called with arguments: () [('plugin_options', ('ModulePath=SRC_DIR/example_debugging.py', 'ClassName=DebugDemoPlugin')), ('settings', ('debug_flags=/tmp/sudo_check_python_exampleXXXXXX/debug.log py_calls@info', 'plugin_path=python_plugin.so')), ('user_env', ()), ('user_info', ()), ('version', '1.0')] 2 | DebugDemoPlugin.__init__ returned result: 3 | DebugDemoPlugin function 'log_ttyin' is not implemented 4 | DebugDemoPlugin function 'log_ttyout' is not implemented 5 | DebugDemoPlugin function 'log_stdin' is not implemented 6 | DebugDemoPlugin function 'log_stdout' is not implemented 7 | DebugDemoPlugin function 'log_stderr' is not implemented 8 | DebugDemoPlugin function 'change_winsize' is not implemented 9 | DebugDemoPlugin function 'log_suspend' is not implemented 10 | -------------------------------------------------------------------------------- /lib/eventlog/regress/eventlog_store/test1.json.out.ok: -------------------------------------------------------------------------------- 1 | { 2 | "submituser": "millert", 3 | "command": "/usr/bin/ci", 4 | "runuser": "root", 5 | "source": "/etc/sudoers:89:24", 6 | "ttyname": "/dev/ttypb", 7 | "submithost": "xerxes.sudo.ws", 8 | "submitcwd": "/etc/mail", 9 | "runuid": 0, 10 | "columns": 80, 11 | "lines": 24, 12 | "runargv": [ 13 | "ci", 14 | "-u", 15 | "aliases\n" 16 | ], 17 | "runenv": [ 18 | "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", 19 | "TERM=tmux", 20 | "LANG=en_US.UTF-8", 21 | "MAIL=/var/mail/root", 22 | "LOGNAME=root", 23 | "USER=root", 24 | "HOME=/root", 25 | "SHELL=/bin/bash", 26 | "SUDO_COMMAND=/usr/bin/ci -u aliases", 27 | "SUDO_USER=millert", 28 | "SUDO_UID=8036", 29 | "SUDO_GID=20" 30 | ] 31 | } 32 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/corpus/seed/ldif/invalid_b64.ldif: -------------------------------------------------------------------------------- 1 | # defaults, SUDOers, sudo.ws 2 | dn:: Y249ZGVmYXVsdHMsb3U9U1VET2VycyxkYz1zdWRvLGRjPXdz 3 | objectClass: top 4 | objectClass: sudoRole 5 | cn: defaults 6 | description: Default sudoOption's go here 7 | sudoOption:: bG9nX29@1dHB1dA== 8 | 9 | # root, SUDOers, sudo.ws 10 | dn:: Y249cm9vdCxvdT1TVURPZXJzLGRjPXN1ZG8sZGM9_d3M= 11 | objectClass: top 12 | objectClass: sudoRole 13 | cn: root 14 | sudoUser: root 15 | sudoRunAsUser: ALL 16 | sudoRunAsGroup: ALL 17 | sudoHost: ALL 18 | sudoCommand: ALL 19 | sudoOption: !authenticate 20 | sudoOrder: 10 21 | 22 | # %wheel, SUDOers, sudo.ws 23 | dn:: Y249JXdoZWVsLG91PVNVRE9lcnMsZGM9c3VkbyxkYz13cw!== 24 | objectClass: top 25 | objectClass: sudoRole 26 | cn: %wheel 27 | sudoUser: %wheel 28 | sudoRunAsUser: ALL 29 | sudoRunAsGroup: ALL 30 | sudoHost: +sudo-hosts 31 | sudoCommand: ALL 32 | sudoOption: !authenticate 33 | sudoOrder: 10 34 | -------------------------------------------------------------------------------- /lib/eventlog/regress/eventlog_store/test4.json.out.ok: -------------------------------------------------------------------------------- 1 | { 2 | "submituser": "millert", 3 | "command": "/usr/bin/vi", 4 | "runuser": "root", 5 | "source": "/etc/sudoers:89:24", 6 | "ttyname": "/dev/ttypb", 7 | "submithost": "xerxes.sudo.ws", 8 | "submitcwd": "/etc/mail", 9 | "runuid": 0, 10 | "columns": 80, 11 | "lines": 24, 12 | "runargv": [ 13 | "vi", 14 | "aliases" 15 | ], 16 | "runenv": [ 17 | "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", 18 | "TERM=tmux", 19 | "LANG=en_US.UTF-8", 20 | "MAIL=/var/mail/root", 21 | "LOGNAME=root", 22 | "USER=root", 23 | "HOME=/root", 24 | "SHELL=/bin/bash", 25 | "SUDO_COMMAND=/usr/bin/vi aliases", 26 | "SUDO_USER=millert", 27 | "SUDO_UID=8036", 28 | "SUDO_GID=20", 29 | "KRB5CCNAME=bogus" 30 | ] 31 | } 32 | -------------------------------------------------------------------------------- /lib/eventlog/regress/parse_json/test2.in: -------------------------------------------------------------------------------- 1 | { 2 | "timestamp": { "seconds": 1584993067, "nanoseconds": 880288287 }, 3 | "columns": 80, 4 | "command": "/usr/bin/make", 5 | "lines": 24, 6 | "runargv": [ "make", "test" ], 7 | "runenv": [ 8 | "LANG=en_US.UTF-8", 9 | "PATH=/bin:/sbin:/usr/games:/usr/bin:/usr/sbin:/usr/X11R6/bin:/usr/local/bin:/usr/local/sbin", 10 | "TERM=vt100", 11 | "MAIL=/var/mail/root", 12 | "LOGNAME=root", 13 | "USER=root", 14 | "HOME=/root", 15 | "SHELL=/bin/ksh", 16 | "SUDO_COMMAND=/usr/bin/make test", 17 | "SUDO_USER=millert", 18 | "SUDO_UID=8036", 19 | "SUDO_GID=20", 20 | "A__z=\"*SHLVL" 21 | ], 22 | "runuid": 0, 23 | "runuser": "root", 24 | "submitcwd": "/home/test", 25 | "submithost": "sudo.ws", 26 | "submituser": "millert", 27 | "ttyname": "/dev/console" 28 | } 29 | -------------------------------------------------------------------------------- /plugins/python/regress/testdata/check_example_policy_plugin_list.stdout: -------------------------------------------------------------------------------- 1 | -- minimal -- 2 | Only the following commands are allowed: id, whoami 3 | 4 | -- minimal (verbose) -- 5 | Only the following commands are allowed: id, whoami 6 | 7 | -- with user -- 8 | Only the following commands are allowed: id, whoami as user 'testuser' 9 | 10 | -- with user (verbose) -- 11 | Only the following commands are allowed: id, whoami as user 'testuser' 12 | 13 | -- with allowed program -- 14 | You are allowed to execute command '/bin/id' 15 | 16 | -- with allowed program (verbose) -- 17 | You are allowed to execute command '/bin/id' 18 | Only the following commands are allowed: id, whoami 19 | 20 | -- with denied program -- 21 | You are NOT allowed to execute command '/bin/passwd' 22 | 23 | -- with denied program (verbose) -- 24 | You are NOT allowed to execute command '/bin/passwd' 25 | Only the following commands are allowed: id, whoami 26 | -------------------------------------------------------------------------------- /plugins/sample/README: -------------------------------------------------------------------------------- 1 | This is a sample sudo policy plugin. See the sudo_plugin manual for 2 | information on writing your own plugin. 3 | 4 | The sample policy plugin is not installed by default. It can be installed 5 | by running "make install" as the superuser from the plugins/sample 6 | directory. 7 | 8 | To actually use the sample plugin, you'll need to modify the 9 | /etc/sudo.conf file. Caution: you should not make changes to 10 | /etc/sudo.conf without also having a root shell open repair things 11 | in case of an error. To enable the plugin, first comment out any 12 | existing policy Plugin line in /etc/sudo.conf, for example: 13 | 14 | Plugin sudoers_policy sudoers.so 15 | 16 | Then add a line for the sample plugin: 17 | 18 | Plugin sample_policy sample_plugin.so 19 | 20 | You may need to create /etc/sudo.conf if it does not already exist. 21 | 22 | Note that you may only have a single policy plugin defined. 23 | -------------------------------------------------------------------------------- /plugins/sudoers/regress/sudoers/test14.ldif.ok: -------------------------------------------------------------------------------- 1 | dn: cn=millert,ou=SUDOers,dc=sudo,dc=ws 2 | objectClass: top 3 | objectClass: sudoRole 4 | cn: millert 5 | sudoUser: millert 6 | sudoHost: ALL 7 | sudoCommand: sha224:d06a2617c98d377c250edd470fd5e576327748d82915d6e33b5f8db1, sha224:d7910e1967342b4605cb73a550944044c631cd3514001900966962ac /bin/ls 8 | sudoCommand: sha256:hOtoe/iK6SlGg7w4BfZBBdSsXjUmTJ5+ts51yjh7vkM=, sha256:1IXHRCxXgSnIEnb+xBz4PAfWaPdXIBWKFF0QCwxJ5G4= /bin/sh 9 | sudoCommand: sha512:srzYEQ2aqzm+it3f74opTMkIImZRLxBARVpb0g9RSouJYdLt7DTRMEY4Ry9NyaOiDoUIplpNjqYH0JMYPVdFnw /bin/kill 10 | sudoOrder: 1 11 | 12 | dn: cn=operator,ou=SUDOers,dc=sudo,dc=ws 13 | objectClass: top 14 | objectClass: sudoRole 15 | cn: operator 16 | sudoUser: operator 17 | sudoHost: ALL 18 | sudoCommand: sha384:knMlCLkJ71K6uRrKo5C1CAvZ5kq+mRpjKDD/RofGosFjiGcYhiYYZORVyiRHgBnu, sha256:1IXHRCxXgSnIEnb+xBz4PAfWaPdXIBWKFF0QCwxJ5G4= ALL 19 | sudoOrder: 2 20 | 21 | --------------------------------------------------------------------------------