|
|
1b092f |
diff -up sudo-1.8.6p3/plugins/sudoers/match.c.netgrmatchtrace sudo-1.8.6p3/plugins/sudoers/match.c
|
|
|
1b092f |
--- sudo-1.8.6p3/plugins/sudoers/match.c.netgrmatchtrace 2013-08-12 14:42:56.498247674 +0200
|
|
|
1b092f |
+++ sudo-1.8.6p3/plugins/sudoers/match.c 2013-08-12 14:43:01.009264127 +0200
|
|
|
1b092f |
@@ -713,6 +713,10 @@ netgr_matches(char *netgr, char *lhost,
|
|
|
1b092f |
#ifdef HAVE_GETDOMAINNAME
|
|
|
1b092f |
static int initialized;
|
|
|
1b092f |
#endif
|
|
|
1b092f |
+#ifdef HAVE_INNETGR
|
|
|
1b092f |
+ bool innetgr_lhost = false;
|
|
|
1b092f |
+ bool innetgr_shost = false;
|
|
|
1b092f |
+#endif
|
|
|
1b092f |
debug_decl(netgr_matches, SUDO_DEBUG_MATCH)
|
|
|
1b092f |
|
|
|
1b092f |
/* make sure we have a valid netgroup, sudo style */
|
|
|
1b092f |
@@ -733,9 +737,39 @@ netgr_matches(char *netgr, char *lhost,
|
|
|
1b092f |
|
|
|
1b092f |
#ifdef HAVE_INNETGR
|
|
|
1b092f |
if (innetgr(netgr, lhost, user, domain))
|
|
|
1b092f |
- debug_return_bool(true);
|
|
|
1b092f |
+ innetgr_lhost = true;
|
|
|
1b092f |
else if (lhost != shost && innetgr(netgr, shost, user, domain))
|
|
|
1b092f |
- debug_return_bool(true);
|
|
|
1b092f |
+ innetgr_shost = true;
|
|
|
1b092f |
+
|
|
|
1b092f |
+ if (innetgr_lhost) {
|
|
|
1b092f |
+ sudo_debug_printf(SUDO_DEBUG_TRACE,
|
|
|
1b092f |
+ "(%s, %s, %s) found in netgroup %s\n",
|
|
|
1b092f |
+ shost ? shost : "*",
|
|
|
1b092f |
+ user ? user : "*",
|
|
|
1b092f |
+ domain ? domain : "*",
|
|
|
1b092f |
+ netgr);
|
|
|
1b092f |
+ } else if (innetgr_shost) {
|
|
|
1b092f |
+ sudo_debug_printf(SUDO_DEBUG_TRACE,
|
|
|
1b092f |
+ "(%s, %s, %s) found in netgroup %s\n",
|
|
|
1b092f |
+ lhost ? lhost : "*",
|
|
|
1b092f |
+ user ? user : "*",
|
|
|
1b092f |
+ domain ? domain : "*",
|
|
|
1b092f |
+ netgr);
|
|
|
1b092f |
+ } else {
|
|
|
1b092f |
+ sudo_debug_printf(SUDO_DEBUG_TRACE,
|
|
|
1b092f |
+ "(%s, %s, %s) NOT found in netgroup %s\n",
|
|
|
1b092f |
+ shost ? shost : "*",
|
|
|
1b092f |
+ user ? user : "*",
|
|
|
1b092f |
+ domain ? domain : "*",
|
|
|
1b092f |
+ netgr);
|
|
|
1b092f |
+ sudo_debug_printf(SUDO_DEBUG_TRACE,
|
|
|
1b092f |
+ "(%s, %s, %s) NOT found in netgroup %s\n",
|
|
|
1b092f |
+ lhost ? lhost : "*",
|
|
|
1b092f |
+ user ? user : "*",
|
|
|
1b092f |
+ domain ? domain : "*",
|
|
|
1b092f |
+ netgr);
|
|
|
1b092f |
+ }
|
|
|
1b092f |
+ debug_return_bool(innetgr_lhost || innetgr_shost);
|
|
|
1b092f |
#endif /* HAVE_INNETGR */
|
|
|
1b092f |
|
|
|
1b092f |
debug_return_bool(false);
|