DVG-4130827_memberd_group_resolution.patch [plain text]
diff -uNr ../sudo-1.6.8p12.orig/check.c ./check.c
--- ../sudo-1.6.8p12.orig/check.c 2005-03-24 17:55:31.000000000 -0800
+++ ./check.c 2006-12-05 16:41:54.000000000 -0800
@@ -63,6 +63,10 @@
static const char rcsid[] = "$Sudo: check.c,v 1.226 2004/09/08 15:48:23 millert Exp $";
#endif /* lint */
+#ifdef __APPLE_MEMBERD__
+#include <membership.h>
+#endif
+
/* Status codes for timestamp_status() */
#define TS_CURRENT 0
#define TS_OLD 1
@@ -284,6 +288,11 @@
{
struct group *grp;
char **gr_mem;
+ #ifdef __APPLE_MEMBERD__
+ struct passwd *pw = getpwuid(getuid());
+ uuid_t uu, gu;
+ int ismember = 0;
+ #endif
if (!def_exempt_group)
return(FALSE);
@@ -294,10 +303,16 @@
if (user_gid == grp->gr_gid)
return(TRUE);
+ #ifdef __APPLE_MEMBERD__
+ if ( 0 == mbr_uid_to_uuid(pw->pw_uid,uu) && 0 == mbr_gid_to_uuid(grp->gr_gid,gu) && 0 == mbr_check_membership(uu,gu,&ismember) ) {
+ if (1 == ismember) return(TRUE);
+ }
+ #else
for (gr_mem = grp->gr_mem; *gr_mem; gr_mem++) {
if (strcmp(user_name, *gr_mem) == 0)
return(TRUE);
}
+ #endif
return(FALSE);
}
diff -uNr ../sudo-1.6.8p12.orig/parse.c ./parse.c
--- ../sudo-1.6.8p12.orig/parse.c 2005-06-19 13:03:24.000000000 -0700
+++ ./parse.c 2006-12-04 20:52:46.000000000 -0800
@@ -85,6 +85,10 @@
static const char rcsid[] = "$Sudo: parse.c,v 1.161 2004/08/24 18:01:13 millert Exp $";
#endif /* lint */
+#ifdef __APPLE_MEMBERD__
+#include <membership.h>
+#endif
+
/*
* Globals
*/
@@ -456,6 +460,10 @@
struct group *grp;
gid_t pw_gid;
char **cur;
+ #ifdef __APPLE_MEMBERD__
+ uuid_t uu, gu;
+ int ismember = 0;
+ #endif
/* make sure we have a valid usergroup, sudo style */
if (*group++ != '%')
@@ -473,11 +481,17 @@
if (grp->gr_gid == pw_gid)
return(TRUE);
+ #ifdef __APPLE_MEMBERD__
+ if ( 0 == mbr_uid_to_uuid(pw->pw_uid,uu) && 0 == mbr_gid_to_uuid(grp->gr_gid,gu) && 0 == mbr_check_membership(uu,gu,&ismember) ) {
+ if (1 == ismember) return(TRUE);
+ }
+ #else
/* check to see if user is explicitly listed in the group */
for (cur = grp->gr_mem; *cur; cur++) {
if (strcmp(*cur, user) == 0)
return(TRUE);
}
+ #endif
return(FALSE);
}
diff -uNr ../sudo-1.6.8p12.orig/testsudoers.c ./testsudoers.c
--- ../sudo-1.6.8p12.orig/testsudoers.c 2004-08-02 11:44:58.000000000 -0700
+++ ./testsudoers.c 2006-12-04 20:56:17.000000000 -0800
@@ -78,6 +78,9 @@
static const char rcsid[] = "$Sudo: testsudoers.c,v 1.88 2004/08/02 18:44:58 millert Exp $";
#endif /* lint */
+#ifdef __APPLE_MEMBERD__
+#include <membership.h>
+#endif
/*
* Prototypes
@@ -255,6 +258,10 @@
{
struct group *grp;
char **cur;
+ #ifdef __APPLE_MEMBERD__
+ uuid_t uu, gu;
+ int ismember = 0;
+ #endif
/* Make sure we have a valid usergroup, sudo style. */
if (*group++ != '%')
@@ -269,10 +276,16 @@
if (getgid() == grp->gr_gid)
return(TRUE);
+ #ifdef __APPLE_MEMBERD__
+ if ( 0 == mbr_uid_to_uuid(pw->pw_uid,uu) && 0 == mbr_gid_to_uuid(grp->gr_gid,gu) && 0 == mbr_check_membership(uu,gu,&ismember) ) {
+ if (1 == ismember) return(TRUE);
+ }
+ #else
for (cur=grp->gr_mem; *cur; cur++) {
if (strcmp(*cur, user) == 0)
return(TRUE);
}
+ #endif
return(FALSE);
}