rpms
/
sudo
20
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

import sudo-1.9.5p2-7.el9

Browse Source
c9 imports/c9/sudo-1.9.5p2-7.el9
CentOS Sources 3 years ago committed by MSVSphere Packaging Team
commit 83bc403f8e
11 changed files with 1537 additions and 0 deletions
Show Stats Download Patch File Download Diff File

1
.gitignore vendored
Unescape View File

@ -0,0 +1 @@
SOURCES/sudo-1.9.5p2.tar.gz

1
.sudo.metadata
Unescape View File

@ -0,0 +1 @@
08bde247a1e08bc881eec43e09733f7ca06408f5 SOURCES/sudo-1.9.5p2.tar.gz

35
SOURCES/covscan.patch
Unescape View File

@ -0,0 +1,35 @@
diff -up ./lib/eventlog/eventlog.c.covscan ./lib/eventlog/eventlog.c
--- ./lib/eventlog/eventlog.c.covscan 2021-08-26 11:06:35.068915415 +0200
+++ ./lib/eventlog/eventlog.c 2021-08-26 11:13:32.432472325 +0200
@@ -1075,10 +1075,13 @@ do_logfile_sudo(const char *logline, con
if (ferror(fp)) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
"unable to write log file %s", logfile);
- goto done;
+ goto ddone;
}
ret = true;
+ddone:
+ (void)free(full_line);
+
done:
(void)sudo_lock_file(fileno(fp), SUDO_UNLOCK);
evl_conf.close_log(EVLOG_FILE, fp);
diff -up ./logsrvd/logsrvd.c.covscan ./logsrvd/logsrvd.c
diff -up ./plugins/audit_json/audit_json.c.covscan ./plugins/audit_json/audit_json.c
diff -up ./plugins/sudoers/ldap.c.covscan ./plugins/sudoers/ldap.c
--- ./plugins/sudoers/ldap.c.covscan 2021-08-26 15:46:11.614179451 +0200
+++ ./plugins/sudoers/ldap.c 2021-08-26 15:51:40.871812534 +0200
@@ -443,6 +443,8 @@ sudo_ldap_parse_options(LDAP *ld, LDAPMe
goto done;
}
+ free(cp);
+
/* Walk through options, appending to defs. */
for (p = bv; *p != NULL; p++) {
char *var, *val;
diff -up ./plugins/sudoers/logging.c.covscan ./plugins/sudoers/logging.c
diff -up ./plugins/sudoers/rcstr.c.covscan ./plugins/sudoers/rcstr.c
diff -up ./src/utmp.c.covscan ./src/utmp.c

74
SOURCES/sudo-1.9.5-selinux-t.patch
Unescape View File

@ -0,0 +1,74 @@
From 73006fb25f0ebc35bc46b8f20036d40fcbb6de53 Mon Sep 17 00:00:00 2001
From: Radovan Sroka <rsroka@redhat.com>
Date: Thu, 1 Apr 2021 21:42:03 +0200
Subject: [PATCH] Removed depricated security_context_t
Signed-off-by: Radovan Sroka <rsroka@redhat.com>
---
src/selinux.c | 24 ++++++++++++------------
1 file changed, 12 insertions(+), 12 deletions(-)
diff --git a/src/selinux.c b/src/selinux.c
index a2f73f8d0..c2f50aafb 100644
--- a/src/selinux.c
+++ b/src/selinux.c
@@ -58,10 +58,10 @@
#include "sudo_exec.h"
static struct selinux_state {
- security_context_t old_context;
- security_context_t new_context;
- security_context_t tty_con_raw;
- security_context_t new_tty_con_raw;
+ char * old_context;
+ char * new_context;
+ char * tty_con_raw;
+ char * new_tty_con_raw;
const char *ttyn;
int ttyfd;
int enforcing;
@@ -69,8 +69,8 @@ static struct selinux_state {
#ifdef HAVE_LINUX_AUDIT
static int
-audit_role_change(const security_context_t old_context,
- const security_context_t new_context, const char *ttyn, int result)
+audit_role_change(const char * old_context,
+ const char * new_context, const char *ttyn, int result)
{
int au_fd, rc = -1;
char *message;
@@ -111,7 +111,7 @@ int
selinux_restore_tty(void)
{
int ret = -1;
- security_context_t chk_tty_con_raw = NULL;
+ char * chk_tty_con_raw = NULL;
debug_decl(selinux_restore_tty, SUDO_DEBUG_SELINUX);
if (se_state.ttyfd == -1 || se_state.new_tty_con_raw == NULL) {
@@ -166,8 +166,8 @@ selinux_restore_tty(void)
static int
relabel_tty(const char *ttyn, int ptyfd)
{
- security_context_t tty_con = NULL;
- security_context_t new_tty_con = NULL;
+ char * tty_con = NULL;
+ char * new_tty_con = NULL;
struct stat sb;
int fd;
debug_decl(relabel_tty, SUDO_DEBUG_SELINUX);
@@ -308,10 +308,10 @@ relabel_tty(const char *ttyn, int ptyfd)
* Returns a new security context based on the old context and the
* specified role and type.
*/
-security_context_t
-get_exec_context(security_context_t old_context, const char *role, const char *type)
+char *
+get_exec_context(char * old_context, const char *role, const char *type)
{
- security_context_t new_context = NULL;
+ char * new_context = NULL;
context_t context = NULL;
char *typebuf = NULL;
debug_decl(get_exec_context, SUDO_DEBUG_SELINUX);

51
SOURCES/sudo-1.9.5-sesh-bad-condition.patch
Unescape View File

@ -0,0 +1,51 @@
From 613a8053dbc3ab43cf0cdaf09f207ffdb0b40e08 Mon Sep 17 00:00:00 2001
From: Radovan Sroka <rsroka@redhat.com>
Date: Wed, 7 Apr 2021 14:43:40 +0200
Subject: [PATCH] Fixed bad condition for sesh args
In selinux_edit_copy_tfiles() when there is only one file and the open()
fails then number of arguments is lower than expected.
Sudo should return error with or without "Defaults !sudoedit_checkdir" set.
This was found with regression testing of CVE-2021-23240.
Signed-off-by: Radovan Sroka <rsroka@redhat.com>
---
src/sudo_edit.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/src/sudo_edit.c b/src/sudo_edit.c
index 41fc61c3a..15c75d8c4 100644
--- a/src/sudo_edit.c
+++ b/src/sudo_edit.c
@@ -529,6 +529,8 @@ selinux_edit_copy_tfiles(struct command_details *command_details,
if (nfiles < 1)
debug_return_int(0);
+ const int check_dir = ISSET(command_details->flags, CD_SUDOEDIT_CHECKDIR);
+
/* Construct common args for sesh */
sesh_nargs = 5 + (nfiles * 2) + 1;
sesh_args = sesh_ap = reallocarray(NULL, sesh_nargs, sizeof(char *));
@@ -538,7 +540,7 @@ selinux_edit_copy_tfiles(struct command_details *command_details,
}
*sesh_ap++ = "sesh";
*sesh_ap++ = "-e";
- if (ISSET(command_details->flags, CD_SUDOEDIT_CHECKDIR)) {
+ if (check_dir) {
if ((user_str = selinux_fmt_sudo_user()) == NULL) {
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
goto done;
@@ -581,7 +583,11 @@ selinux_edit_copy_tfiles(struct command_details *command_details,
if (tfd != -1)
close(tfd);
- if (sesh_ap - sesh_args > 3) {
+ /*
+ * check dir adds two more args to the array
+ */
+ if ((!check_dir && sesh_ap - sesh_args > 3)
+ || (check_dir && sesh_ap - sesh_args > 5)) {
/* Run sesh -e 1 <t1> <o1> ... <tn> <on> */
error = selinux_run_helper(command_details->cred.uid, command_details->cred.gid,
command_details->cred.ngroups, command_details->cred.groups, sesh_args,

19
SOURCES/sudo-1.9.5-undefined-symbol.patch
Unescape View File

@ -0,0 +1,19 @@
diff -up ./plugins/sudoers/audit.c.undefined ./plugins/sudoers/audit.c
--- ./plugins/sudoers/audit.c.undefined 2021-07-12 14:59:53.472306208 +0200
+++ ./plugins/sudoers/audit.c 2021-07-12 15:00:45.620620369 +0200
@@ -197,7 +197,6 @@ sudoers_audit_open(unsigned int version,
debug_return_int(ret);
}
-#ifdef SUDOERS_LOG_CLIENT
static void
audit_to_eventlog(struct eventlog *evlog, char * const command_info[],
char * const run_argv[], char * const run_envp[])
@@ -244,6 +243,7 @@ audit_to_eventlog(struct eventlog *evlog
debug_return;
}
+#ifdef SUDOERS_LOG_CLIENT
static bool
log_server_accept(char * const command_info[], char * const run_argv[],
char * const run_envp[])

22
SOURCES/sudo-1.9.5-utmp-leak.patch
Unescape View File

@ -0,0 +1,22 @@
From 3fc3a07a03ef74fde99db40ce9ef43ccab336205 Mon Sep 17 00:00:00 2001
From: MertsA <andrewmerts@gmail.com>
Date: Fri, 23 Jul 2021 03:36:05 -0700
Subject: [PATCH] Rewind utmp file pointer after searching for entry
getutline() advances the file pointer until it matches or reaches EOF. pututline() starts from the current position in utmp. This rewinds the file pointer to the beginning to avoid allocating additional spurious utmp entries.
---
src/utmp.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/utmp.c b/src/utmp.c
index 544a37519..952bf3043 100644
--- a/src/utmp.c
+++ b/src/utmp.c
@@ -210,6 +210,7 @@ utmp_login(const char *from_line, const char *to_line, int ttyfd,
memset(&utbuf, 0, sizeof(utbuf));
strncpy(utbuf.ut_line, from_line, sizeof(utbuf.ut_line));
ut_old = sudo_getutline(&utbuf);
+ sudo_setutent();
}
utmp_fill(to_line, user, ut_old, &utbuf);
if (sudo_pututline(&utbuf) != NULL)

25
SOURCES/sudo-conf.patch
Unescape View File

@ -0,0 +1,25 @@
diff -up ./examples/sudo.conf.in.fix ./examples/sudo.conf.in
--- ./examples/sudo.conf.in.fix 2021-07-09 16:29:45.854347994 +0200
+++ ./examples/sudo.conf.in 2021-07-09 16:31:01.144410540 +0200
@@ -11,9 +11,9 @@
# The plugin_options are optional.
#
# The sudoers plugin is used by default if no Plugin lines are present.
-#Plugin sudoers_policy sudoers.so
-#Plugin sudoers_io sudoers.so
-#Plugin sudoers_audit sudoers.so
+Plugin sudoers_policy sudoers.so
+Plugin sudoers_io sudoers.so
+Plugin sudoers_audit sudoers.so
#
# Sudo askpass:
@@ -78,7 +78,7 @@
# To aid in debugging sudo problems, you may wish to enable core
# dumps by setting "disable_coredump" to false.
#
-#Set disable_coredump false
+Set disable_coredump false
#
# User groups:

86
SOURCES/sudo-ldap.conf
Unescape View File

@ -0,0 +1,86 @@
## BINDDN DN
## The BINDDN parameter specifies the identity, in the form of a Dis
## tinguished Name (DN), to use when performing LDAP operations. If
## not specified, LDAP operations are performed with an anonymous
## identity. By default, most LDAP servers will allow anonymous
## access.
##
#binddn uid=sudo,cn=sysaccounts,cn=etc,dc=example,dc=com
## BINDPW secret
## The BINDPW parameter specifies the password to use when performing
## LDAP operations. This is typically used in conjunction with the
## BINDDN parameter.
##
#bindpw secret
## SSL start_tls
## If the SSL parameter is set to start_tls, the LDAP server connec
## tion is initiated normally and TLS encryption is begun before the
## bind credentials are sent. This has the advantage of not requiring
## a dedicated port for encrypted communications. This parameter is
## only supported by LDAP servers that honor the start_tls extension,
## such as the OpenLDAP and Tivoli Directory servers.
##
#ssl start_tls
## TLS_CACERTFILE file name
## The path to a certificate authority bundle which contains the cer
## tificates for all the Certificate Authorities the client knows to
## be valid, e.g. /etc/ssl/ca-bundle.pem. This option is only sup
## ported by the OpenLDAP libraries. Netscape-derived LDAP libraries
## use the same certificate database for CA and client certificates
## (see TLS_CERT).
##
#tls_cacertfile /path/to/CA.crt
## TLS_CHECKPEER on/true/yes/off/false/no
## If enabled, TLS_CHECKPEER will cause the LDAP server's TLS certifi
## cated to be verified. If the server's TLS certificate cannot be
## verified (usually because it is signed by an unknown certificate
## authority), sudo will be unable to connect to it. If TLS_CHECKPEER
## is disabled, no check is made. Note that disabling the check cre
## ates an opportunity for man-in-the-middle attacks since the
## server's identity will not be authenticated. If possible, the CA's
## certificate should be installed locally so it can be verified.
## This option is not supported by the Tivoli Directory Server LDAP
## libraries.
#tls_checkpeer yes
##
## URI ldap[s]://[hostname[:port]] ...
## Specifies a whitespace-delimited list of one or more
## URIs describing the LDAP server(s) to connect to.
##
#uri ldap://ldapserver
##
## SUDOERS_BASE base
## The base DN to use when performing sudo LDAP queries.
## Multiple SUDOERS_BASE lines may be specified, in which
## case they are queried in the order specified.
##
#sudoers_base ou=SUDOers,dc=example,dc=com
##
## BIND_TIMELIMIT seconds
## The BIND_TIMELIMIT parameter specifies the amount of
## time to wait while trying to connect to an LDAP server.
##
#bind_timelimit 30
##
## TIMELIMIT seconds
## The TIMELIMIT parameter specifies the amount of time
## to wait for a response to an LDAP query.
##
#timelimit 30
##
## SUDOERS_DEBUG debug_level
## This sets the debug level for sudo LDAP queries. Debugging
## information is printed to the standard error. A value of 1
## results in a moderate amount of debugging information.
## A value of 2 shows the results of the matches themselves.
##
#sudoers_debug 1

120
SOURCES/sudoers
Unescape View File

@ -0,0 +1,120 @@
## Sudoers allows particular users to run various commands as
## the root user, without needing the root password.
##
## Examples are provided at the bottom of the file for collections
## of related commands, which can then be delegated out to particular
## users or groups.
##
## This file must be edited with the 'visudo' command.
## Host Aliases
## Groups of machines. You may prefer to use hostnames (perhaps using
## wildcards for entire domains) or IP addresses instead.
# Host_Alias FILESERVERS = fs1, fs2
# Host_Alias MAILSERVERS = smtp, smtp2
## User Aliases
## These aren't often necessary, as you can use regular groups
## (ie, from files, LDAP, NIS, etc) in this file - just use %groupname
## rather than USERALIAS
# User_Alias ADMINS = jsmith, mikem
## Command Aliases
## These are groups of related commands...
## Networking
# Cmnd_Alias NETWORKING = /sbin/route, /sbin/ifconfig, /bin/ping, /sbin/dhclient, /usr/bin/net, /sbin/iptables, /usr/bin/rfcomm, /usr/bin/wvdial, /sbin/iwconfig, /sbin/mii-tool
## Installation and management of software
# Cmnd_Alias SOFTWARE = /bin/rpm, /usr/bin/up2date, /usr/bin/yum
## Services
# Cmnd_Alias SERVICES = /sbin/service, /sbin/chkconfig, /usr/bin/systemctl start, /usr/bin/systemctl stop, /usr/bin/systemctl reload, /usr/bin/systemctl restart, /usr/bin/systemctl status, /usr/bin/systemctl enable, /usr/bin/systemctl disable
## Updating the locate database
# Cmnd_Alias LOCATE = /usr/bin/updatedb
## Storage
# Cmnd_Alias STORAGE = /sbin/fdisk, /sbin/sfdisk, /sbin/parted, /sbin/partprobe, /bin/mount, /bin/umount
## Delegating permissions
# Cmnd_Alias DELEGATING = /usr/sbin/visudo, /bin/chown, /bin/chmod, /bin/chgrp
## Processes
# Cmnd_Alias PROCESSES = /bin/nice, /bin/kill, /usr/bin/kill, /usr/bin/killall
## Drivers
# Cmnd_Alias DRIVERS = /sbin/modprobe
# Defaults specification
#
# Refuse to run if unable to disable echo on the tty.
#
Defaults !visiblepw
#
# Preserving HOME has security implications since many programs
# use it when searching for configuration files. Note that HOME
# is already set when the the env_reset option is enabled, so
# this option is only effective for configurations where either
# env_reset is disabled or HOME is present in the env_keep list.
#
Defaults always_set_home
Defaults match_group_by_gid
# Prior to version 1.8.15, groups listed in sudoers that were not
# found in the system group database were passed to the group
# plugin, if any. Starting with 1.8.15, only groups of the form
# %:group are resolved via the group plugin by default.
# We enable always_query_group_plugin to restore old behavior.
# Disable this option for new behavior.
Defaults always_query_group_plugin
Defaults env_reset
Defaults env_keep = "COLORS DISPLAY HOSTNAME HISTSIZE KDEDIR LS_COLORS"
Defaults env_keep += "MAIL PS1 PS2 QTDIR USERNAME LANG LC_ADDRESS LC_CTYPE"
Defaults env_keep += "LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES"
Defaults env_keep += "LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE"
Defaults env_keep += "LC_TIME LC_ALL LANGUAGE LINGUAS _XKB_CHARSET XAUTHORITY"
#
# Adding HOME to env_keep may enable a user to run unrestricted
# commands via sudo.
#
# Defaults env_keep += "HOME"
Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin
## Next comes the main part: which users can run what software on
## which machines (the sudoers file can be shared between multiple
## systems).
## Syntax:
##
## user MACHINE=COMMANDS
##
## The COMMANDS section may have other options added to it.
##
## Allow root to run any commands anywhere
root ALL=(ALL) ALL
## Allows members of the 'sys' group to run networking, software,
## service management apps and more.
# %sys ALL = NETWORKING, SOFTWARE, SERVICES, STORAGE, DELEGATING, PROCESSES, LOCATE, DRIVERS
## Allows people in group wheel to run all commands
%wheel ALL=(ALL) ALL
## Same thing without a password
# %wheel ALL=(ALL) NOPASSWD: ALL
## Allows members of the users group to mount and unmount the
## cdrom as root
# %users ALL=/sbin/mount /mnt/cdrom, /sbin/umount /mnt/cdrom
## Allows members of the users group to shutdown this system
# %users localhost=/sbin/shutdown -h now
## Read drop-in files from /etc/sudoers.d (the # here does not mean a comment)
#includedir /etc/sudoers.d

1103
SPECS/sudo.spec
View File

File diff suppressed because it is too large Load Diff
Write Preview
Loading…
Cancel
Save