#include "config.h"
#include <stdio.h>
#ifdef STDC_HEADERS
#include <stdlib.h>
#endif
#ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif
#ifdef HAVE_STRING_H
#include <string.h>
#endif
#ifdef HAVE_STRINGS_H
#include <strings.h>
#endif
#if defined(HAVE_MALLOC_H) && !defined(STDC_HEADERS)
#include <malloc.h>
#endif
#include <ctype.h>
#include <pwd.h>
#include <time.h>
#include <signal.h>
#include <errno.h>
#include <fcntl.h>
#include <sys/types.h>
#include <sys/param.h>
#include <sys/stat.h>
#include <sys/file.h>
#include "sudo.h"
#include "version.h"
#ifndef STDC_HEADERS
#ifndef __GNUC__
extern char *malloc __P((size_t));
#endif
extern char *getenv __P((const char *));
extern int stat __P((const char *, struct stat *));
#endif
#if defined(POSIX_SIGNALS) && !defined(SA_RESETHAND)
#define SA_RESETHAND 0
#endif
#ifndef lint
static const char rcsid[] = "$Sudo: visudo.c,v 1.126 2000/03/23 04:38:22 millert Exp $";
#endif
static void usage __P((void));
static char whatnow __P((void));
static RETSIGTYPE Exit __P((int));
static void setup_signals __P((void));
int command_matches __P((char *, char *, char *, char *));
int addr_matches __P((char *));
int hostname_matches __P((char *, char *, char *));
int netgr_matches __P((char *, char *, char *, char *));
int usergr_matches __P((char *, char *));
void init_parser __P((void));
void yyrestart __P((FILE *));
extern FILE *yyin, *yyout;
extern int errorlineno;
extern int pedantic;
char **Argv;
char *sudoers = _PATH_SUDOERS;
char *stmp = _PATH_SUDOERS_TMP;
struct sudo_user sudo_user;
int parse_error = FALSE;
int
main(argc, argv)
int argc;
char **argv;
{
char buf[MAXPATHLEN*2];
char *Editor;
int sudoers_fd;
int stmp_fd;
int n;
time_t now;
struct stat stmp_sb, sudoers_sb;
pedantic = 1;
Argv = argv;
while (--argc) {
if (!strcmp(argv[argc], "-V")) {
(void) printf("visudo version %s\n", version);
exit(0);
} else if (!strcmp(argv[argc], "-s")) {
pedantic++;
} else {
usage();
}
}
user_host = user_shost = user_cmnd = "";
if ((sudo_user.pw = getpwuid(getuid())) == NULL) {
(void) fprintf(stderr, "%s: Can't find you in the passwd database.\n",
Argv[0]);
exit(1);
}
init_defaults();
sudoers_fd = open(sudoers, O_RDWR | O_CREAT);
if (sudoers_fd == -1) {
(void) fprintf(stderr, "%s: %s: %s\n", Argv[0], sudoers,
strerror(errno));
Exit(-1);
}
if (!lock_file(sudoers_fd, SUDO_TLOCK)) {
(void) fprintf(stderr, "%s: sudoers file busy, try again later.\n",
Argv[0]);
exit(1);
}
#ifdef HAVE_FSTAT
if (fstat(sudoers_fd, &sudoers_sb) == -1) {
#else
if (stat(sudoers, &sudoers_sb) == -1) {
#endif
(void) fprintf(stderr, "%s: can't stat %s: %s\n",
Argv[0], sudoers, strerror(errno));
Exit(-1);
}
stmp_fd = open(stmp, O_WRONLY | O_CREAT | O_TRUNC, 0600);
if (stmp_fd < 0) {
(void) fprintf(stderr, "%s: %s: %s\n", Argv[0], stmp, strerror(errno));
exit(1);
}
setup_signals();
if (sudoers_sb.st_size) {
while ((n = read(sudoers_fd, buf, sizeof(buf))) > 0)
if (write(stmp_fd, buf, n) != n) {
(void) fprintf(stderr, "%s: Write failed: %s\n", Argv[0],
strerror(errno));
Exit(-1);
}
(void) close(stmp_fd);
(void) touch(stmp, sudoers_sb.st_mtime);
if ((yyin = fopen(stmp, "r"))) {
yyout = stdout;
init_parser();
yyparse();
parse_error = FALSE;
yyrestart(yyin);
fclose(yyin);
}
} else
(void) close(stmp_fd);
if (!def_flag(I_ENV_EDITOR) ||
(!(Editor = getenv("EDITOR")) && !(Editor = getenv("VISUAL"))))
Editor = estrdup(def_str(I_EDITOR));
do {
if (strlen(Editor) + strlen(stmp) + 30 > sizeof(buf)) {
(void) fprintf(stderr, "%s: Buffer too short (line %d).\n",
Argv[0], __LINE__);
Exit(-1);
}
if (parse_error == TRUE)
(void) sprintf(buf, "%s +%d %s", Editor, errorlineno, stmp);
else
(void) sprintf(buf, "%s %s", Editor, stmp);
now = time(NULL);
n = system(buf);
if (n != -1 && ((n >> 8) == 0 || (n >> 8) == 1)) {
if (stat(stmp, &stmp_sb) < 0) {
(void) fprintf(stderr,
"%s: Can't stat temporary file (%s), %s unchanged.\n",
Argv[0], stmp, sudoers);
Exit(-1);
}
if (stmp_sb.st_size == 0) {
(void) fprintf(stderr,
"%s: Zero length temporary file (%s), %s unchanged.\n",
Argv[0], stmp, sudoers);
Exit(-1);
}
yyout = stdout;
if (parse_error)
yyin = freopen(stmp, "r", yyin);
else
yyin = fopen(stmp, "r");
if (yyin == NULL) {
(void) fprintf(stderr,
"%s: Can't re-open temporary file (%s), %s unchanged.\n",
Argv[0], stmp, sudoers);
Exit(-1);
}
user_runas = NULL;
init_defaults();
init_parser();
if (yyparse() && parse_error != TRUE) {
(void) fprintf(stderr,
"%s: Failed to parse temporary file (%s), unknown error.\n",
Argv[0], stmp);
parse_error = TRUE;
}
} else {
(void) fprintf(stderr,
"%s: Editor (%s) failed with exit status %d, %s unchanged.\n",
Argv[0], Editor, n, sudoers);
Exit(-1);
}
if (parse_error == TRUE) {
switch (whatnow()) {
case 'q' : parse_error = FALSE;
break;
case 'x' : Exit(0);
break;
}
yyrestart(yyin);
}
} while (parse_error == TRUE);
if (sudoers_sb.st_mtime != now && sudoers_sb.st_mtime == stmp_sb.st_mtime &&
sudoers_sb.st_size == stmp_sb.st_size) {
(void) fprintf(stderr, "%s: sudoers file unchanged.\n", Argv[0]);
Exit(0);
}
if (chown(stmp, SUDOERS_UID, SUDOERS_GID)) {
(void) fprintf(stderr,
"%s: Unable to set (uid, gid) of %s to (%d, %d): %s\n",
Argv[0], stmp, SUDOERS_UID, SUDOERS_GID, strerror(errno));
Exit(-1);
}
if (chmod(stmp, SUDOERS_MODE)) {
(void) fprintf(stderr,
"%s: Unable to change mode of %s to %o: %s\n",
Argv[0], stmp, SUDOERS_MODE, strerror(errno));
Exit(-1);
}
if (rename(stmp, sudoers)) {
if (errno == EXDEV) {
char *tmpbuf;
(void) fprintf(stderr,
"%s: %s and %s not on the same filesystem, using mv to rename.\n",
Argv[0], stmp, sudoers);
n = sizeof(char) * (strlen(_PATH_MV) + strlen(stmp) +
strlen(sudoers) + 4);
if ((tmpbuf = (char *) malloc(n)) == NULL) {
(void) fprintf(stderr,
"%s: Cannot alocate memory, %s unchanged: %s\n",
Argv[0], sudoers, strerror(errno));
Exit(-1);
}
(void) sprintf(tmpbuf, "%s %s %s", _PATH_MV, stmp, sudoers);
if (system(tmpbuf)) {
(void) fprintf(stderr,
"%s: Command failed: '%s', %s unchanged.\n",
Argv[0], tmpbuf, sudoers);
Exit(-1);
}
free(tmpbuf);
} else {
(void) fprintf(stderr, "%s: Error renaming %s, %s unchanged: %s\n",
Argv[0], stmp, sudoers, strerror(errno));
Exit(-1);
}
}
exit(0);
}
int
command_matches(cmnd, cmnd_args, path, sudoers_args)
char *cmnd;
char *cmnd_args;
char *path;
char *sudoers_args;
{
return(TRUE);
}
int
addr_matches(n)
char *n;
{
return(TRUE);
}
int
hostname_matches(s, l, p)
char *s, *l, *p;
{
return(TRUE);
}
int
usergr_matches(g, u)
char *g, *u;
{
return(TRUE);
}
int
netgr_matches(n, h, sh, u)
char *n, *h, *sh, *u;
{
return(TRUE);
}
void
set_fqdn()
{
return;
}
static char
whatnow()
{
int choice, c;
for (;;) {
(void) fputs("What now? ", stdout);
choice = getchar();
for (c = choice; c != '\n' && c != EOF;)
c = getchar();
switch (choice) {
case EOF:
choice = 'x';
case 'e':
case 'x':
case 'Q':
return(choice);
default:
(void) puts("Options are:");
(void) puts(" (e)dit sudoers file again");
(void) puts(" e(x)it without saving changes to sudoers file");
(void) puts(" (Q)uit and save changes to sudoers file (DANGER!)\n");
}
}
}
static void
setup_signals()
{
#ifdef POSIX_SIGNALS
struct sigaction action;
#endif
#ifdef POSIX_SIGNALS
(void) memset((VOID *)&action, 0, sizeof(action));
action.sa_handler = Exit;
action.sa_flags = SA_RESETHAND;
(void) sigaction(SIGTERM, &action, NULL);
(void) sigaction(SIGHUP, &action, NULL);
(void) sigaction(SIGINT, &action, NULL);
(void) sigaction(SIGQUIT, &action, NULL);
#else
(void) signal(SIGTERM, Exit);
(void) signal(SIGHUP, Exit);
(void) signal(SIGINT, Exit);
(void) signal(SIGQUIT, Exit);
#endif
}
static RETSIGTYPE
Exit(sig)
int sig;
{
(void) unlink(stmp);
if (sig > 0)
(void) fprintf(stderr, "%s exiting, caught signal %d.\n", Argv[0], sig);
exit(-sig);
}
static void
usage()
{
(void) fprintf(stderr, "usage: %s [-s] [-V]\n", Argv[0]);
exit(1);
}